#ubuntu-server 2006-08-23
<tkup> any tips on a good NIDS/firewall setup?
<tkup> oh my bad, didn't fully read the topic
<mooseman447> hey
<KenSentMe> hi
* Starting logfile irclogs/ubuntu-server.log
#ubuntu-server 2006-08-24
<milkyway> hello
<milkyway> anyone familiar with apache2 2.0.55-4ubuntu2.1 segmentation faults ?
<infinity> Not familiar enough to answer in the two minutes before you leave.
#ubuntu-server 2006-08-25
<J_P> hi all
<J_P> good morning!
<stian> Bonjour
<reddux01> Hi guys..
#ubuntu-server 2006-08-26
<nerophibia> hey all
<nerophibia> a question about FAI
<nerophibia> Is there any plan to develop a kind of trusted master server for Ubuntu-Server version
<nerophibia> that could be very interesting for people who have to deploy a huge range of server
<maswan> trusted master server?
<nerophibia> I also quite interested about that and very interested in participation
<nerophibia> maswan: sorry for my english... want to say something like the lamp functionnality... that permit to deploy from scratch a master server
<nerophibia> with trusted FAI template... or something like that
<maswan> nerophibia: ah, ok. don't know about any such projects as such, but in general the fai package should be the place for such development
<nerophibia> maswan: what do you mean by 'should be the place'
<maswan> nerophibia: that installing the fai package should be enough to get a good master server etc
<nerophibia> Yeah it should but from my personal use, the package comes with 'too much' generic template, only focused on bewolf deployement... without out-of-the-box functionnality for datacenter deployment (LAMP,etc)
<nerophibia> maswan: another question if you permit, what are the current project of the server team (perhaps only a link :$)? 
<maswan> nerophibia: well, that's the tricky part, I'd expect pretty much all fai users to be different, that's why flexibility in class definitions are so important
<maswan> and no clue, I'm not in it
<nerophibia> maswan: maybe increase the number of default classes ;) thanks for all... gonna sleep now
<maswan> nerophibia: I'm sure they'll be happy to get a patch for a lamp class or so
#ubuntu-server 2007-08-20
* Starting logfile irclogs/ubuntu-server.log
<dho_ragus> anybody in here ever set up lithium-core in ubuntu?
<dho_ragus> i tried it once and it b0rked, so i'm trying from scratch in a vm... just want reassurance that there's hope of getting this to work.
<kraut> moin
<AnRkey> How can I completely remove apache2 and php with all config files and reinstall from scratch with fresh configs?
<AnRkey> I have tried deleting my /etc/apache2
<AnRkey> and I have also tried dpkg -P apache2
<kraut> AnRkey: apt-get remove --purge $packagename
<juliux> morning
<AnRkey> kraut will that remove everything?
<AnRkey> damn i just realised that I can't get into the box from work
<AnRkey> will have to try later today
<kraut> AnRkey: man apt-get
<AnRkey> kraut, thats not funny mate, would not be here if i had not tried that
<kraut> AnRkey: you can't open the man-page and search the section, where --purge is described?!
<AnRkey> i have purged using dpkg already
<AnRkey> i think it's a package problem
<kraut> anyone has got a good sudo+ldap howto?
<rbrunhuber> can anybody help me with a locale problem on ubuntu-server?
<rbrunhuber> There are no LC and LANG related variables and update complained about this. So how can I configure them correctly?
<ScottK> rbrunhuber: You have to set the locale.  I don't recall the exact command (it's not hard, but I'm on my first cup of coffee still).  I expect it you Google locale LC LANG set you'll get it.
<sommer> morning all
<mathiaz> hi sommer 
<infinity> ScottK: What was he asking how to do?  It's long since left my scrollback.
<ScottK> Yes.
<ScottK> [07:49]  <rbrunhuber> can anybody help me with a locale problem on ubuntu-server?
<ScottK> [07:50]  <rbrunhuber> There are no LC and LANG related variables and update complained about this. So how can I configure them correctly?
<infinity> Err.
<infinity> A fresh install should reall have some reasonably happy locales going on already.
<infinity> really*
<ScottK> It should, I agree.  IIRC there's a bug about that somewhere.
<infinity> I meant "should" as in "it does".
<infinity> Unless the problem here is, as I suspect, that it doesn't have HIS locale configured out of the box.  When you ssh from A to B, ssh takes the locale with it.
<ScottK> Right.  That would do it too.
<infinity> adconrad@cthulhu:~$ LANG=jp_JP ssh lucifer
<infinity> Linux lucifer 2.6.15.4 #1 Fri Feb 10 23:07:22 EST 2006 ppc
<infinity> Last login: Mon Aug 20 22:42:47 2007 from cthulhu.0c3.net
<infinity> (base)adconrad@lucifer:~$ locale 2>/dev/null
<infinity> LANG=jp_JP
<infinity> LC_CTYPE="jp_JP"
<infinity> ...
<infinity> We can't "fix" that, that's not a bug.
<infinity> And installing all locales by default on a fresh install ain't gonna happen. :)
<ScottK> Agreed.
<ScottK> BTW, have you gotten to the "Failed to upload" e-mail I sent you last week yet?
<infinity> ...
<infinity> When last week?
<ScottK> Yes.
<infinity> I haven't checked my mail yet today (or all weekend), and I was sick on Friday.
<ScottK> Sent on Friday.
<ScottK> OK.
<infinity> That was "when last week", not "when, last week?" :)
<ScottK> Right.
<ScottK> Fri, 17 Aug 2007 09:19:52 -0400 to be specific.
<infinity> Let me go argue with mutt right now about how 3 days away from email really shouldn't mean 1300 new messages, so it's clearly mistaken.
<ScottK> OK.  It's not any kind of a crisis, so whenever you can get to it.  
<infinity> The argument needed to happen anyway.
<infinity> We have it every morning, really.
<ScottK> The package has a pending revision, so if something needs to be done in the package, it'd be good to get it into it rather than have another problem.
<ScottK> Who usually wins?
<infinity> It always wins, by pointing out that I have a highly-publicised email address and, hey, procmail already filtered several thousand more to other folders, and spamassassin deleted a few million, so what am I complaining about really?
<ScottK> Ah, that kind of argument.  I understand.
<ScottK> I'm coming up on 10 years with the same e-mail address, so stuff does pile up.
<infinity> I've had this domain since 1995 or something, but the real killer is the publicity of Debian/Apache/Freedesktop/Ubuntu/ARGH.
<infinity> My email address just exists in too many very well-indexed places.
<infinity> Well, and the secondary problem where, once I run my visual spam filter over the day's mail, I still realise that I have several hundred real messages that weren't easily procmailable (ie: not lists, bugs, etc, but real, honest-to-god, personal communication)
<infinity> Coworkers, community, Debian developers, blah blah blah.
<infinity> Not enough hours in the day anymore.
<clovisw> hi, i installed the Ubuntu Server 7.04 for AMD64 on a IBM System x3105, and on boot get the message "ck804xrom_init_one(): Unable to register resource 0x00000000ffb00000-0x00000000ffffffff - kernel bug?" how to find the reason or solution for this message?
<infinity> ScottK2: Okay, I was expecting that to be a binary reject due to something you broke in the package.. But it looks like you've tickled a soyuz bug.  Lucky you.
<ScottK2> Yeah.
<infinity> clovisw: Does it affect the system at all, or does the message just scare you
<infinity> ?
<ScottK2> infinity: So what to do?  Upload the revision and hope?
<infinity> ScottK2: A new source upload should be fine.  I still want to figure this out.
<ScottK2> OK.  We still have a few questions for the packager (who isn't a MOTU) so it'll be a bit.  Good luck.
<sommer> anyone work for a College?  If so I'm wondering if you let retired professors keep their email accounts?
<clovisw> infinity: its my first install of Ubuntu to test, and i dont like to see this message on boot, i'm installing the server to run as a MaxDB server for developement
<clovisw> infinity: install of MaxDB are ok
<clovisw> infinity: but that message let me think if the installation are ok, or not, then i'm scare about that
<nealmcb> clovisw: is this relevant?  http://ubuntuforums.org/showthread.php?t=404751
<infinity> >ck804xrom ck804xrom_init_one(): Unable to register resource 0x00000000ffc00000-0x00000000ffffffff - kernel bug?
<infinity> This doesn't break anything. It's just a warning, we could remove it
<infinity> completely. Did you see real breakage?
<infinity> ^-- from the upstream maintainer of that bit of code.
<infinity> nealmcb: That forum post isn't helpful at all. :)
<nealmcb> i.e. are you seeing any networking speed issues?
<infinity> clovisw: The maintainer of that driver at Intel claims that the above isn't a bug at all, and it would be changed to a warning.
<infinity> clovisw: In other words -- Just ignore it.
<clovisw> infinity: intel? but that machine have an AMD processor, what intel have with that?
<infinity> clovisw: One of the driver developers is at Intel.
<infinity> clovisw: We don't have much in the way of loyalties about this sort of thing.
<infinity> (Oddly enough, a lot of my software ships with RedHat!)
<clovisw> infinity: you know what is the resource that the ck804xrom want to init?
<infinity> Nope, not my driver.  If I had to guess, though, I'd say it wants some extra PCI-E address space, and it's not getting any.
<infinity> Which is hardly the end of the world.
<clovisw> infinity: doing a lspci shows that nVidia Corporation CK804 in many devices, but its a IBM System, that dont have ny nVidea component, maybe the ubuntu get the wrong drivers?
<infinity> clovisw: No, it uses an nvidia motherboard chipset.
<nealmcb> if apache2ctl causes problems like this https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/131632  should we disable it or add warnings?  Or change it so it calls the init scripts so things are configured properly?
<ubotu> Launchpad bug 131632 in apache2 "apache2.2-common: mod_cgid fills error.log with [error]  lines" [Undecided,Invalid]  
<mathiaz> nealmcb: apache2ctl is a script from upstream.
<mathiaz> nealmcb: IIRC.
<mathiaz> nealmcb: so I wouldn't change its default behavior.
<clovisw> hi, anyone have the start script for maxdb on ubuntu?
<infinity> We've changed apache2ctl in Debian unstable to create the /var/run stuff itself, and moved the logic out of the init script.
<infinity> Still, a user calling apache2ctl themselves is asking for whatever pain they get.
<infinity> We don't get bug reports about people trying to call mysqld_safe by themselves.
<infinity> (We would if anyone tried, there's no way it would work)
<nealmcb> mathiaz: I know it is a tricky issue, but I'm concerned that we would ship a command in /usr/sbin that fills up the logs with error messages when used as people are used to using it.  
<infinity> nealmcb: Yes, we should ship it there, that's where it belongs.
<nealmcb> infinity: cool - sounds like a good fix
<mathiaz> then it's in ubuntu too.
<infinity> nealmcb: /usr/sbin/apache2 exists too, do people call that directly? :)
<infinity> (Well, I do, all the time, as "apache2 -X" for debugging, but most people really shouldn't)
<nealmcb> infinity: I haven't studied this one in depth, but the person reporting this used a method in upstream that is supported by them, so I'm glad it will be supported in ubuntu also - "principle of least surprise"
<infinity> The upstream docs also refer to compiling from source...
* nealmcb nods
<infinity> I'm not entirely sure that means "you should ignore your distro's init scripts, if you didn't install from source".
<nealmcb> infinity: I'm not suggesting that they should....
<infinity> Still, I'm a heavy apachectl user too, hence why it's been fixed.
<nealmcb> :-)
<nealmcb> Should I dig out the debian bug # and update the ubuntu bug?  Or has someone already started doing that?
<infinity> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=418499
<ubotu> Debian bug 418499 in apache2.2-common "apache2ctl does not work if NO_START=1 is set" [Important,Fixed]  
<infinity> Err, not really the right bug report, but that's the one we closed! ;)
<infinity>   * Create run and lock directores in apache2ctl to make it work on fresh
<infinity>     installations before the first call of the init script. Together with
<infinity>     the previous item, this closes: #418499
<nealmcb> infinity:  Thanks.  I attached the bug.  So looks like it is in gutsy already.
<nealmcb> Before I say something like "fix released" (which I already did...) in a case like this, should I do my own testing rather than relying on hearsay?  I should have asked the bug reporter to test it also....
<mathiaz> nealmcb: Are you talking about bug 131632 ?
<ubotu> Launchpad bug 131632 in apache2 "apache2.2-common: mod_cgid fills error.log with [error]  lines" [Undecided,Fix released]  https://launchpad.net/bugs/131632
<nealmcb> yup
<nealmcb> I should have agreed with you in my comment also....
<mathiaz> hum... I marked it as Invalid this morning I think
<nealmcb> right - but it has been fixed, according to infinity
<mathiaz> yeah... I see your point.
<nealmcb> I just don't have time to test on gutsy
<mathiaz> usually I rely on the changelogs...
<nealmcb> good
<mathiaz> but if you have time to do test you can..
<mathiaz> but this seems like an obvious case
<nealmcb> hopefully the reporter will test it
<infinity> I'm inclined to agree that it's both "invalid" and "fix released", shame you can't do that in launchpad. :)
<nealmcb> and as you've pointed out, it isn't the biggest priority out there :-)
<infinity> In other words, it wasn't a bug, it was user error, but we fixed it anyway.
<nealmcb> I think it is a valid bug though - it isn't nice to take working upstream use cases and make them quietly eat up disk space
<nealmcb> but we do want to get people using proper init procedures, since other "bugs" will crop up, so I see your point
<infinity> To be honest, I'm not even sure how one manages to trigger this.
<infinity> You'd have to KNOW that the init script exists, so you blatantly disable it, and then use apache2ctl.
<infinity> Which is, very much, user error.
<nealmcb> like that person yesterday who complained that ubuntu wasn't starting up apache at all, because he wasn't even using our packages....
<infinity> This isn't about "following upstream docs, and having them screw up"
<infinity> Because the init script runs on postinst, and it runs on boot, so apache2ctl would work fine for a user who didn't disable the init script.
<infinity> At the point where you intentionally circumvent a working package, I refuse to call it a bug.
<nealmcb> good point - wonder what the original reported did...
<nealmcb> s/reported/reporter
<ScottK> infinity: I don't know if it's relevant to the Soyuz upload problem or not, but FYI, the subsequent upload of zekr was uploaded to the archive (NEW specifically) with no problem.
<bdmurray> mathiaz: do you remember that installer bug I mentioned last week?
<bdmurray> re lamp, lvm and var?
<bdmurray> eh, I found it
<ConfidentiaL> I wanna set up server for downloading, and I figured I would write a simple web interface in php for adding torrents and checking their status. Is this hard to set up, and which torrent client would you recommend?
<nealmcb> ConfidentiaL: you might want to ask on a torrent channel
<mralphabet> ConfidentiaL: you could use torrentflux, it's even in the repos I believe
<mralphabet> ConfidentiaL: apt-cache search torrent
<ConfidentiaL> ok thanks. But, the web interface part? I haven't really programmed php to control a program before. Do you have any links to guides or something?
<ConfidentiaL> oh, I see now when I search on torrentflux:P
<nealmcb> ConfidentiaL: yeah - you can read the source and see how hard it is :P
<mralphabet> ConfidentiaL: keep in mind this has nothing to do with ubuntu server ;)
<tck> anyone know how to save a function to memory for next bootup ?
<rbrunhuber> After updating today my cronjobs start complaining about misconfigured locales.
<rbrunhuber> The detailled error can be found here: http://pastebin.com/m62082763
<noah> Is cryptsetup available in gutsy -current server CD?
<noah> ..during the install i mean. I downloaded alternate-amd64.iso but it wasn't available there, and neither were the required crypto modules (aes, sha256)
<mralphabet> rbrunhuber: dpkg-reconfigure locales
<mralphabet> rbrunhuber: ^^ use sudo
<rbrunhuber> mralphabet, that does not work.
<rbrunhuber> mralphabet: output: http://pastebin.com/m68d376b1
<mralphabet> rbrunhuber: sudo apt-install locales
<rbrunhuber> mralphabet: it is already installed. I'm wondering why there is no /var/lib/locales/supported.d/en file
<mralphabet> rbrunhuber: odd
<rbrunhuber> mralphabet: one thing is why is perl complaining about this? my scripts are purely bash
<rbrunhuber> this is a server so i don't want to install language-pack-en. 
<rbrunhuber> mralphabet: still there?
<mralphabet> rbrunhuber: yes, but I don't have any other suggestions, I was looking in launchpad but didn't fid anything
<rbrunhuber> mralphabet: i just copied the content of /var/lib/locales/supported.d/en from another machine. it now works.
<rbrunhuber> mralphabet: but i do not know if i have to worry about other things. because my auth.log is truncated and everything feels a bit strange. i hope i have not been hacked.
<mralphabet> rbrunhuber: are you sure it was installed?
<rbrunhuber> mralphabet: what was installed?
<mralphabet> 13:41 < mralphabet> rbrunhuber: sudo apt-install locales
<mralphabet> 13:43 < rbrunhuber> mralphabet: it is already installed.
<rbrunhuber> mralphabet: yes i'm sure it was installed
<mralphabet> rbrunhuber: very odd, anyway, glad you got it working.
<rbrunhuber> mralphabet: auth.log is ok too it got rotated, phew...
<sommer> mathiaz: question about the Ubuntu wikis.  Is wiki.ubuntu.com a different wiki than help.ubuntu.com/community?
<sommer> just wondering because the DovecotLDAP wiki link I tried adding to the ServerRoadmap page wouldn't work.
<sommer> as an internal link anyway.
<mathiaz> sommer: they're different
<sommer> mathiaz: gotcha
<mathiaz> sommer: in the case of the Dovecot wiki, it used to be a page on wiki.ubuntu.com that has been migrated to help.ubuntu.com
<mathiaz> sommer: and there's a refresh setup in the page on wiki.ubuntu.com.
<sommer> okay...so is it okay to post external links in the ServerRoadmap Page?
<mathiaz> sommer: once in a while the doc team goes through wiki.ubuntu.com and migrate some pages to help.ubuntu.com/community/.
<mathiaz> sommer: definetly.
<sommer> mathiaz: thanks just wanted to make sure I'm not making a mess of things.
<mathiaz> sommer: don't worry about messing things up... It's all wiki pages, so there's always the history.
<sommer> cool, I'll start looking for another server doc page to update.
<sommer> have any suggestions?
<mathiaz> I think there is a category on help.ubuntu.com
<mathiaz> sommer: CategoryCleanup
<sommer> ah...I've seen it.  I'll start there
<mathiaz> sommer: you may wanna have a look at https://help.ubuntu.com/community/CategoryCleanup
<mathiaz> sommer: and see if there are any server related pages.
<sommer> all over it.
<mathiaz> sommer: you've asked for some feedback on your updated pages.
<mathiaz> sommer: may it's an item that could be added to the documentor section.
<mathiaz> sommer: review wiki pages.
<sommer> mathiaz: so do you think the links I added should be moved into another section called Review?
<mathiaz> sommer: well - it could be seen as another simple task.
<mathiaz> sommer: but it may clutter the wiki page
<sommer> Is there a formal place to ask for review?  for wiki pages?
<mathiaz> sommer: I don't think so.
<mathiaz> sommer: the doc team is too small to have a review process...
<sommer> gotcha
<mathiaz> sommer: the RoadMap is there so that people that wanna get involved in the ServerTeam can have concrete task they can choose...
<sommer> ah...so is there really a need to list the pages that need updating?
<sommer> or should we just link to the CategoryCleanup page?
<sommer> is there a CategoryServer type page?
<sommer> if there was it'd be pretty simple to create a task to review those docs for each release.
<mathiaz> sommer: I don't think so.
<mathiaz> sommer: well the original idea was to track which wiki pages need some love.
<mathiaz> sommer: and list them somewhere so that other people can work on them
<mathiaz> sommer: it seems that another task would be to review them.
<sommer> ya, but I'm thinking that the list may be quite large.
<sommer> but then it may not either.
<mathiaz> sommer: for now, you've just asked for review...
<sommer> I updated the Dovecot page and wrote up the DovecotLDAP page.
<sommer> the DovecotLDAP page is new so I thought it may be a good idea for some one to double check me.
<mathiaz> sommer: yop. Thanks for that.
<mathiaz> sommer: yes. It would actually be part of an ongoing effort to update the documentation.
<mathiaz> May be a new task could be added - review community documentation
<mathiaz> with a link to the CategoryCleanup page
<mathiaz> and a list of specific pages for which feedback has been asked (like you DovecotLDAP page)
<sommer> sounds good.  I'll list what pages I'm working on in the ServerRoadmap page.
<mathiaz> sommer: excellent. Thanks for your help.
<sommer> np
<mathiaz> sommer: may be you could also update the KnowledgeBase with some basic facts about the wikis.
<mathiaz> sommer: like, there a two wikis, etc...
<sommer> ah...sure I can do that.
<sommer> mathiaz: when you say KnowledgeBase which one do you mean?
<mathiaz> sommer: wiki.ubuntu.com/ServerTeam/KnowledgeBase
<sommer> mathiaz: thanks
<mathiaz> sommer: this is the place where we store content that explains how to get involved in the team.
<mathiaz> sommer: which processes we follow, etc...
<sommer> heh...I was looking right at the link, but didn't see it.
<stiv2k> hi
<stiv2k> i am having some extremely annoying issues with CUPS
<stiv2k> for some reason
<stiv2k> my printer is disappearing by itself
<stiv2k> every few hours
<stiv2k> and i have to constantly re-add it
<stiv2k> and i can't even seem to find any log info explaining it
<stiv2k> I really need to get it working properly
<sommer> stiv2k: are you running feisty?
<stiv2k> sommer: yes
<sommer> I had a similar issue (I forget the bug number), but there was an update to libdus that solved it.
<stiv2k> libdus?
<sommer> stiv2k: have you tried updating?
<stiv2k> sommer: yes my system is up to date
<stiv2k> its still doing it though
<sommer> what version of dbus do you have?
<stiv2k> sommer: how can i check?
<sommer> dpkg -l libdubs
<sommer> sorry try: dpkg -l libdbus-1-3
<stiv2k> ii  libdbus-1-3    1.0.2-1ubuntu4 simple interprocess messaging system
<sommer> must be a different issue than what I had.
<stiv2k> eh
<sommer> stiv2k: there's nothing in the log file if you set cups to debug?
<stiv2k> sommer: well i'm not sure
<stiv2k> i tried looking but theres so much stuff in there i'm not sure what i'm looking for
<sommer> you might start lookging at about the time the printer disapeared.
<stiv2k> well i dont know when it disappeared
<stiv2k> i added it last night
<stiv2k> and it was tehre for a few hours
<stiv2k> i came back from school today
<stiv2k> and its goen
<sommer> have you readded it yet?
<stiv2k> sommer: not yet
<stiv2k> hey
<stiv2k> could this be it?
<stiv2k> D [20/Aug/2007:06:30:36 -0400]  Discarding unused printer-deleted event...
<stiv2k> D [20/Aug/2007:06:30:36 -0400]  Remote destination "Lexmark_Printer" has timed out; deleting it...
<sommer> possible
<razer-server2> ok... i nead som help to config my smtp server... im using postfix. cane somone help me?
<stiv2k> why would it be doing that
<sommer> stiv2k: the printer is probably going to a "sleep" mode.
<stiv2k> interesting
<stiv2k> it NEVER used to do that to me before
<stiv2k> just recently when i reformatted the server's hard drive
<mathiaz> razer-server2: https://help.ubuntu.com/community/Postfix
<stiv2k> sommer: perhaps a setting to make it not do that?
<razer-server2> tx
<mathiaz> razer-server2: https://help.ubuntu.com/7.04/server/C/postfix.html
<mathiaz> !postfix
<ubotu> postfix is the default Mail Transfer Agent (MTA) for Ubuntu. Read more about setting it up here: https://help.ubuntu.com/community/Postfix or here: https://help.ubuntu.com/community/PostfixBasicSetupHowto
<sommer> stiv2k: Probably...I'm not sure what'd be though.  You might try google.  Also the printers manual may tell you if there's anything hardware wise you can do.
<stiv2k> right
<stiv2k> dammit
<stiv2k> i was hoping it was a known issue or sometihng
<stiv2k> i kinda need this working... and fast.
<stiv2k> i keep hitting dead ends
<sommer> stiv2k: can you try a different printer?
<stiv2k> this is a different printer
<sommer> ah
<stiv2k> it was doing teh same exact thing with my HP psc 1310
<stiv2k> ;)
<stiv2k> so im pretty sure its a server-side thing
<sommer> how is it connected?
<stiv2k> not printer-side
<stiv2k> USB
<sommer> can you connect it any other way?
<stiv2k> nope
<sommer> stiv2k: I've pretty much exhausted my ideas then.  Unless someone knows if there's some kind of power setting that's affecting the USB ports?
<stiv2k> i dont know....
<stiv2k> it all happened as soon as i reformatted the drive
<stiv2k> and reinstalled ubuntu
<stiv2k> so, im pretty sure it HAS to be some software setting
<stiv2k> perhaps HAL
<stiv2k> or udev or some crap
<stiv2k> or even some arbitrary CUPS setting
<razer-server2> i dont get it... why dosent the email send... this is in my mail.log
<razer-server2> Aug 20 21:54:55 razer-web postfix/smtp[6972] : F3480BC58A: to=<aslund_@hotmail.com>, relay=mx2.hotmail.com[65.54.245.40] :25, delay=1.2, delays=0.06/0/0.55/0.57, dsn=2.0.0, status=sent (250 mail from IP 89.253.84.59 soft failed sender ID check Please ensure this IP is authorized to send mail on behalf of [hotmail.com] )
<Nicke> razer-server2: From what address are you sending? (the From: field)
<stiv2k> one more thing
<stiv2k> how can i make cups advertise its printers using its LAN ip
<stiv2k> rather than the external hostname (which isnt reachable on port 631 from the outside anyway)
<stiv2k> ............?
#ubuntu-server 2007-08-21
<stiv2k> hello
* Starting logfile irclogs/ubuntu-server.log
<kraut> moin
<AnRkey> How can I completely remove apache with all configs so that I can reinstall? I have tried dpkg -P and apt-get remove --purge
<AnRkey> when i reinstall apache still is not installed properly
<infinity> Which package are you purging?
<infinity> The conffiles belong to apache2.2-commong (apache2-common in dapper)
<infinity> s/commong/common/
<AnRkey> infinity, thanks
<AnRkey> i have not purged common yet
<AnRkey> i can't remove apache2.2-common as it is needed by apache2-mpm-prefork and when i try purge apache2-mpm-prefork it gives me this invoke-rc.d: unknown initscript, /etc/init.d/apache2 not found.
<AnRkey> dpkg: error processing apache2-mpm-prefork (--purge):
<AnRkey>  subprocess pre-removal script returned error exit status 100
<AnRkey> Errors were encountered while processing:
<infinity> And that's why you should use apt-get, not dpkg. :/
<AnRkey> hmm ok
<infinity> Because dpkg happily removed them our of dependency order.
<AnRkey> well i deleted them thinking that a reinstall would replace them
<AnRkey> been at this now for three days
<infinity> You can edit /var/lib/dpkg/info/apache2-mpm-prefork.prerm and comment out the call to invoke-rcd.
<infinity> And then try harder to purge. :)
<AnRkey> ok
<infinity> (Or just make the shell script not be "set -e")
<AnRkey> tashell script?
<infinity>  /var/lib/dpkg/info/apache2-mpm-prefork.prerm is a shell script.
<AnRkey> ok that worked perfectly
<AnRkey> some small probs though
* infinity bows.
<AnRkey> sudo apache2ctl start
<AnRkey> apache2: Syntax error on line 189 of /etc/apache2/apache2.conf: Could not open configuration file /etc/apache2/httpd.conf: No such file or directory
<AnRkey> :D
<infinity> Err, that didn't reinstall cleanly, then.
<infinity> The postinst script is meant to create an empty httpd.conf
<infinity> Really, it is.
<AnRkey> :D
<AnRkey> any suggestions
<AnRkey> create one :D
<AnRkey> brb
<infinity> apt-get --purge remove apache2-common && rm -rf /etc/apache2 && apt-get install apache2
<infinity> (or 2.2-common, whatever version you're on..)
<infinity> I suspect some "I think I'm upgrading!" trickery may have triggered if there was an unclean purge. :/
<AnRkey> hmm
<infinity> Of course, just touching an empty httpd.conf would fix the above, but I'm concerned other things might have broken for you too in all your mangling. :)
<AnRkey> sudo apache2ctl start
<AnRkey> (98)Address already in use: make_sock: could not bind to address 0.0.0.0:80
<AnRkey> no listening sockets available, shutting down
<AnRkey> Unable to open logs
<AnRkey> i created an empty httpd.conf
<AnRkey> owned by root.root
<infinity> Also, why are you using apache2ctl directly?
<AnRkey> cause i get no info from /etc/init.d/apache2
<infinity> sudo /etc/init.d/apache2 start
<infinity> Address already in use means you already have an apache (or something) running.
<AnRkey> it just does nothing
<infinity> And bound to port 80.
<infinity> sudo lsof -i TCP:80
<AnRkey> http://paste.ubuntu-nl.org/34517/
<AnRkey> something is running
<AnRkey> odd
<AnRkey> it looks like apache2
<AnRkey> but when i /etc/init.d/apache2 stop i get this  * Stopping web server (apache2)...  httpd (no pid file) not running
<AnRkey> just killed all those process'
<AnRkey> infinity, it's working, removed everything apache2 related with --purge and then reinstalled. Thanks so very much!
<AnRkey> i reinstalled php5 but it's not processing .php files in apache
<AnRkey> how do i enable php once it's installed?
<infinity> Did you install libapache2-mod-php5?
<infinity> Note that if you did the "rm -rf /etc/apache2" thing, you'd need to purge libapache2-mod-php5 and reinstall it as well (since it has conffiles there...)
<AnRkey> infinity, thanks, trying that now
<AnRkey> thanks infinity that did the trick for php too. I had to install php5-mysql for torrentflux to work but it's cruising along quite nicely now.
<AnRkey> infinity, my wife says thanks, now she can download torrents again while at work
<infinity> Heh.
<AnRkey> you have a website?
<AnRkey> or blog?
<infinity> I suspect I might have both.
<AnRkey> posting the solution for this to a thread i had going
<AnRkey> wanted to give u the cred
<infinity> Oh, you don't have to credit me, I'm a Canonical employee, this is my job.
<AnRkey> So u in london?
<infinity> I maintained apache and php for years, I should hope I know how they work. :/
<infinity> No, I live in Melbourne.
<AnRkey> i c
<AnRkey> so you met mark yet?
<infinity> AnRkey: Err, yes, countless times.  I've been working for Canonical for years.
<AnRkey> what he like to work for?
* infinity shrugs.
<infinity> Like anyone, I suppose.
<lousygarua> how do i check which scripts were recently run by cron-daemon?
<infinity> lousygarua: grep CRON /var/log/syslog
<sommer> lousygarua: you can try this: grep cron /var/log/syslog
<infinity> lousygarua: (and syslog.0, etc)
<sommer> heh
<lousygarua> ok thanks
<infinity> Note that it really is CRON, in upper case.
<sommer> I concur
<sommer> forgot the -i
<Gat0rvean>  I'm trying to boot my Ubuntu Server 7.04 without a keyboard, I've configured the bios, but when It loads the modules, it stops at /etc/scripts and I have to press enter to get to the login prompt, how can I disable that?
<infinity> "stops at /etc/scripts"?
<infinity> (There is no /etc/scripts, so what do you really mean?)
<Gat0rvean> something like that, I'd have to reboot it again to see what it really says, but it's /etc/something/something
<infinity> And why would you care if you have a loging prompt if you have no keyboard? :)
<Gat0rvean> well I can't even login remotely if it's not at the prompt
<infinity> Okay, so something is prompting early in the boot sequence?
<infinity> Find out what it is.
<infinity> Because nothing's meant to.
<Gat0rvean> ok, sec
<Gat0rvean> "Running local boot scripts /etc/rc.local" [OK]  and stays there, hit enter and the prompt comes up
<infinity> Okay, so did you edit rc.local?
<infinity> Because it does nothing (exit 0) by default.
<Gat0rvean> so change it to "exit 1"?
<Gat0rvean> or just "#exit 0"
<infinity> Uhm, no...
<infinity> "exit 0" is correct.
<infinity> That's all rc.local is doing?
<Gat0rvean> yes
<infinity> Then it's not rc.local that's the problem.
<infinity> On the other hand, rc.local is the very last thing to run, so SSH should be up.
<infinity> Which means, I'm not really sure what the problem is that you're trying to solve...
<infinity> The login prompt not displaying is cosmetic, not sometihng that would prevent you from logging in remotely.
<infinity> Oh, no rmnologin runs after rc.local.
<Gat0rvean> gotcha, so being the noob I am, I probably have something weird with SSH going on
<infinity> Can you paste "ls -l /etc/rc2.d" to me in a private message?
<mathiaz> Gat0rvean: did you install the openssh-server package ?
<mathiaz> Gat0rvean: it's not installed by default.
<Gat0rvean> mathiaz, I did, I can login after I press enter and get the prompt
<infinity> Hence the paste I asked for...
<infinity> I suspect something's happening between rc.local and rmnologin.
<infinity> (rmnologin is what allows you to login, locally and remotely)
<infinity> Equally possible is that you've done something very terrible to your environment that's causing rmnologin to prompt, but that seems unlikely.  And a bit weird.
<mathiaz> infinity: is the samba package shipped on the livecd ?
<infinity> root@cthulhu:~# apt-cache show samba | grep ^Task
<infinity> Task: edubuntu-server
<infinity> (no)
<mathiaz> infinity: ok. Thanks.
<Gat0rvean> nevermind guys, I figured it out, I did not install it on the actual server, I installed it on the VMware I had setup before the install = / sorry for the stupidity
<Gat0rvean> SSH that is
<bulio|> is Ubuntu a good server distro?
<infinity> You might get a biased opinion in this channel.
<infinity> (ie: We're all likely to say "yes")
<bulio|> heh
<mathiaz> infinity: we should add a factoid about this question.
<tck> or outline main diff between ubuntu server and debian server
<infinity> Release schedule, LTS releases, commercial support from Canonical, and a different logo.
<infinity> Did I miss anything?
<infinity> Do I get a gold star?
<ivoks> :)
<arthur_kalm> Hi everyone, I'm trying to add an entry to my resolv.conf file but for some reason the entry keeps disappearing. I googled around and I can't seem to find the "proper" way of adding entries to resolv.conf. I don't have resolvconf installed...
<arthur_kalm> Thanks in advance.
<ivoks> maybe you have network manager?
<ivoks> it's default in desktop instalations
<arthur_kalm> ivoks: I forgot to mention, X is not installed on the server
<ivoks> is there anything in resolv.conf?
<mathiaz> arthur_kalm: are you using dhcp ?
<arthur_kalm> mathiaz: yes
<infinity> apt-get --purge remove resolvconf
<infinity> With great prejudive.
<infinity> Oh, if you're using dhcp, then nevermind. :P
<arthur_kalm> infinity: hehe, and I don't have it installed
<infinity> You need to edit /etc/dhcp3/dhclient.conf to append extra resolver entries.
<mathiaz> arthur_kalm: you're resolv.conf is probably rewritten by you dhcp client
<arthur_kalm> ivoks: yes, I'm trying to add something to the search
<infinity> s/probably/definitely/
<arthur_kalm> infinity: great thanks
<infinity> man 5 dhcp-options for the full list of crap you can tweak in there.
<arthur_kalm> infinity: hehe OK
<arthur_kalm> I was just about to ask ;)
<arthur_kalm> infinity: o_O. I just want to add another search, i.e. search <company dns>
<infinity> I'd say "don't use DHCP on servers", but I'd be a hypocrite, I've had entire datacenters running with DHCP in the past.
<arthur_kalm> infinity: hehe, OK so don't say it ;)
<infinity> prepend domain-name "company.com ";
<infinity> Try that, and then "ifdown eth0 && ifup eth0" and see what resolv.conf looks like.
<infinity> (Yes, you can drop the interface remotely, if you bring it up on the same shell line... And if you have reasonably large testicles)
<arthur_kalm> infinity: oh they're huge!
<arthur_kalm> and that's really cool that u can bring down the interface remotely and not get disconnected :D
<arthur_kalm> hmm I get a temporary name server failure
<arthur_kalm> infinity: but I can ping it
<lamont> ScottK: do you admin ubuntu-server mailing list?
<ScottK> lamont: No.  Sorry.
<lamont> oh well.
<mathiaz> lamont: I do.
<arthur_kalm> infinity: actually nvm, it works
<lamont> mathiaz: lamont@mmjgroup.com == lamont@u.c
<lamont> if you would be so kind as to approve me.
<mathiaz> lamont: done.
<lamont> danke
* lamont wanders for a while
<kylem> mathiaz, working on getting you new AA now.
<mathiaz> kylem: excellent. Thanks.
<kylem> np.
#ubuntu-server 2007-08-22
<tarvid> using a terminal window, ssh to a feisty server, run vi and the arrow keys look like ANSI
<tarvid> anyone know where the correct terminal is set?
<N6REJ> Can anyone give me some pointers on how to install Microsofts MDSE on Ubuntu-server?
<infinity> Uhm.  You can't.
<infinity> MDSE is Win32 software.
<infinity> You could run it in WINE if you were a masochist, perhaps.
<dantalizing> N6REJ: sudo aptitude install mysql-server
<N6REJ> infinity: I realize its a win32 program.  Thats why I'm asking.  Unfortunately its the only DB my accounting software supports.
<N6REJ> I've been looking forever for a good linux accounting program and haven't found one yet.
<infinity> And you're running this accounting software with WINE, or you're running it in Windows?
<N6REJ> under windows.
<infinity> Then I suppose I'm failing to see the issue, since you can install MDSE on the same box... No?
<N6REJ> I'd like to put the database server on my server so that I can free up my desktop and make it available to the network.
<infinity> MDSE is the desktop edition of SQL server, it's not really meant to be on a central server anyway.
<N6REJ> infinity: right, the issue is if I can prevent it I don't want to tie up my desktop
<N6REJ> infinity: oic
<N6REJ> hmmmmmmm.....
<N6REJ> infinity: is there a place better then freshmeat to look for linux software?
<infinity> apt-cache search?
<N6REJ> maybe.
<ScottK> Wow.  I don't feel bad at all that I missed that guy.
<ajmitch> heh
<dthacker> Hi, I'm answering a question on launchpad from a user that wants to install a GUI on top of server and is running into all kinds of trouble.  I'm going to recommend they install straight Fiesty and pull in the server packages they want.  Is there any major kernel/driver differences between server and desktop?
<ScottK> What gui do they want to install?
<ScottK> dthacker: ^^^
<dthacker> They're trying to install a package called "ubuntu-desktop" which may be a meta package for gnome. (not sure)
<ScottK> Yes, it is.
<ScottK> It should install just fine.
<dthacker> ok, I'll work on finding the problem they are having with the install, then.  tnx ScottK
<ScottK> I've done that with kubuntu-desktop, not ubuntu-desktop, but it should work.
<nandemonai> Hiya guys, can anyone suggest a good quality sound card that Feisty likes? Internal sound is crummy.
<nandemonai> Gah wrong chan sorry.
<stiv2k> whats a good command line partition manager???
<stiv2k> whats a good curses-type partition manager i can use
<stiv2k> whoa
<stiv2k> oops
<demrit> stiv2k, you can use GNU parted (parted command)
<stiv2k> demrit: it keeps reading my damn floppy drive
<stiv2k> 2nd, i dont know the cylinder start/end numbers to resize
<demrit> stiv2k, cfdisk is a good alternative choice
<stiv2k> demrit: cfdisk didnt seem to allow me to resize...
<stiv2k> its OK, since i have to unmount it anyway
<stiv2k> i'll just reboot with a liveCD of some kind
<stiv2k> and use gparted
<stiv2k> ;)
<demrit> then you aren't looking for a command line partition manager :P
<stiv2k> yeah i know
<stiv2k> i /was/ till i realized it didnt matter since i ned to reboot the system anyway (so / isn't mounted)
<stiv2k> but thanks anyway
<kraut> moin
<spike> hi, is anybody running xen on ubuntu feisty amd64?
<spike> 2.6.19-4-generic-amd64 kernel
<spike> I've got it installed, rebooted, and since then the box will completely disappear from the network, no errors in dmesg,logs or whatnot
<spike> loging locally and trying to ping stuff will *sporadically* work
<sommer> anyone know if there is a way using Samba to limit a user to one login per computer?
<sommer> or one domain login if that makes more sense?
<dantalizing> sommer: look at the bottom of this page.. http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/AdvancedNetworkManagement.html
<sommer> dantalizing: I saw that, but from the example it looks like that's a per share thing.  Do you know if it would work for actual logins?
<sommer> I guess I can always test and find out...heh
<dantalizing> oh you only want them to log on to one computer in the domain at a time
<dantalizing> ?
<sommer> dantalizing: yep that's the goal
<sommer> anyway
<sommer> maybe if I apply that to the netlogon share?
<mathiaz> sommer: I'm not sure it would work in your case.
<mathiaz> sommer: the authentification phase is done before the connection to the netlogon share.
<infinity> Domain authentication isn't a persistent thing, I'm not entirely sure you can enforce what you want here...
<sommer> is there a way to do that even with AD?
<infinity> I suspect not.
<dantalizing> i would think you'd have to log the logins and check that log
<infinity> Erm, but you're still in trouble.
<sommer> dantalizing: that's an idea.  The machines I'm actually worried about are in Labs so it's a limited number.
<infinity> You have no way of knowing if the previous login is still active.
<infinity> And you can't remotely force the previous session to log out.
<dantalizing> true
<sommer> couldn't you log log ins and log outs?
<infinity> Nor can you lock someone out of the new session based on thinking that, maybe, they might still be using the old one (because it's not persistent)
<dantalizing> isnt there a user policy or somthing?
<infinity> There's no such thing as a domain "log out".
<infinity> You log in.  You use it.  You stop using resources.  There's no log out.
<sommer> hehe...gotcha, what if you log from the workstation to some network log
<infinity> That could be doable, but ugly.
<infinity> And to do it properly, we're talking GINA plugins.
<infinity> (Assuming these are NT workstations?)
<mathiaz> sommer: It may possible to implement that within AD
<sommer> I definitely agree, but I'm not sure this is a "pretty" sort of situation.
<mathiaz> sommer: probably with a policy.
<mathiaz> sommer: but I'm not knowledgable in that area
<infinity> Oh, true, you can have policies that run locally on workstation logout.
<sommer> ya I was thinking something like that.  Isn't there some way for Samba to use Group Policy?
<sommer> It may be pretty hackish, but I thought I came accross something once.
<dantalizing> hmm... this is old...but even the microsoft way of doing it appears to be hackish
<dantalizing> http://www.microsoft.com/technet/technetmag/issues/2005/05/UtilitySpotlight/
<sommer> dantalizing: I think I'll hack up something similar to that.  thanks for the link.
<jdstrand> keescook: hi!
<keescook> jdstrand: hiya
<jdstrand> I was talking with dendrobates earlier today, and he suggested I talk to you about it, since you are a core-dev
<keescook> jdstrand: okay, sure, what can I help with?
<jdstrand> I started looking at tasksel for adding an openssh-server task, and talked with cjwatson about this on devel
<jdstrand> He suggested that we "should just get a core-dev to create an openssh-server seed"
<jdstrand> He also said if we wanted to do it we would "add a seed for it to bzr+ssh://bazaar.launchpad.net/~ubuntu-core-dev/ubuntu-seeds/ubuntu.gutsy/ with the right Task-* headers, and after that just run the thing in tasksel which automatically regenerates ubuntu-tasks"
<jdstrand> I am new to tasksel, and he said there is some magic there which creates the task.  Are you familiar with it?
<keescook> hm, it's voodoo to me, but I guess I should learn it!
<infinity> Err, I think you misunderstood.
<infinity> If it's in the seeds, it ends up getting a Task: header in the archive.
<infinity> And then it Just Works, with tasksel, aptitude, and apt-get.
<keescook> infinity: so what're the right steps for this?
<jdstrand> that is what I thought I understood.  I guess I didn't explain it too well...
<infinity> keescook: The only step required is editing the seeds.  Everything else is automated.
<infinity> After the seeds are mangles, the next publisher run will give you Packages files with openssh-server having a Task: header (see "apt-cache show yelp | grep ^Task" as an example), and all the tools DTRT with that.
<infinity> s/mangles/mangled/
* keescook is grabbing a branch now
<infinity> I still agree with Colin that a Task for a single package is somewhat insane, but I imagine I'm at a loss for a better solution here.
<keescook> what is "Task-Key:" used for?
<jdstrand> I am inclined to agree on a technical level.  However, I think the idea is to make it very clear/easy to add openssh on installation, esp for LAMP
<infinity> A note at the end of the install saying "If this computer is connected to a network, you might want to consider managing it remotely, rather than from the local console, use "apt-get install openssh-server" to install an ssh daemon for that purpose" might be a bit chatty.
<mathiaz> infinity: I agree with you also. But most of the users install a ssh server.
<mathiaz> infinity: So it's usefull in that case to have the choice to install a ssh server during install.
<infinity> Oh, and I do too, obviously, but I don't find it onerous to do so.
<mathiaz> infinity: is there another way to install a package during install time ?
<infinity> Or, to put my "elitist" hat on for a moment, if a new admin can't figure out how to install SSH, they're in for a world of hurt 5 minutes later when they try to figure out how to do anything else.
<infinity> There are countless ways.
<keescook> infinity: so if I add "openssh-server" file (with contents http://paste.ubuntu-nl.org/34693/) that's it?
<infinity> Preseeding d-i with an aptitude package pattern is the easiest way (that's how we used to do LAMP, before we turned it into a task)
<infinity> keescook: It needs to be represented in STRUCTURE as well.
<mathiaz> infinity: ok. Let me an example.
<mathiaz> infinity: I'd like to boot an ubuntu-server cd install, go through the install and on reboot I can login via ssh directly.
<mathiaz> infinity: with a openssh task, I can do that with a standard cd.
<mathiaz> infinity: is it possible to do that with the standard cd now ?
<infinity> mathiaz: Sure, but it's less intuitive than just installing it with apt-get after the fact. :)
<lamont`> mathiaz: there's a magic incantation to d-i that will do that (include arbitrary packages)
<infinity> (ie: by invoking the boot with a d-i preseed)
<keescook> infinity: http://paste.ubuntu-nl.org/34694/ ?
<infinity> keescook: Althought it's redundant, it should be listed in "supported" too.
<keescook> infinity: what's the reasoning for that?  (I saw it was redundant and intentionally left it out)
* mathiaz needs to look into d-i and how pre-seeding works...
<keescook> infinity: http://paste.ubuntu-nl.org/34695/
<infinity> keescook: Well, one could drop openssh-server from one of the other seeds (okay, we're not going to, but we could), and then it would fall out of the supported set if the hierarchy isn't in STRUCTURE.
<keescook> ah, okay, makes sense
<infinity> keescook: Diff looks good.
<keescook> infinity, jdstrand: okay, pushed.
<jdstrand> keescook: thanks!
<keescook> jdstrand: you're welcome!  now I know about seeds.  :)
<jdstrand> keescook: me too-- I peeked at bazaar and learned something myself
<jdstrand> keescook: that's actually pretty slick...
<Nafallo> yay!
* Nafallo just got the bzr commit notification :-)
<ErikTheREd> Hey, I've got a [probably stupid]  question.. I'm trying to run a 32-bit binary application on 7.04/AMD64, and it's griping about not being able to find a library called libstdc++-libc6.1-1.so.2. I've seen suggestions for other versions of Ubuntu / Debian that call for symlinking a similar version of the same file to that name, but I don't see any similar versions under 7.04/AMD64. Any suggestions?
<leonel> install : libstdc++6
<ErikTheREd> Yeah, that's installed...
<mralphabet> ErikTheREd: wow, that is mildly painful
<leonel> oo glibc ..
<mralphabet> blinking, white background, blue text
<ErikTheREd> Sorry...wasn't intending to be blinking... is this better?
<mralphabet> blinking, white background, black text
<Nafallo> ErikTheREd: we've already got prof people couldn't read that text I think :-)
<ErikTheREd> Sorry... messing with my client... I don't use IRC much... any improvement?
<Nafallo> leonel: he's running x86_64 and trying to run x86 on it. and no, not glibc :-).
<kylem> someone with ops want to add +c to the channel modes?
<kylem> (to strip colour)
<Nafallo> hi Kyle :-)
<leonel> Nafallo: I see and  didn't found any package with that file in packages.ubuntu.com
<kylem> herro.
<kylem> ErikTheREd, you'll need to set up a 32-bit chroot
<ErikTheREd> Hmm... that sounds a bit extreme :-)
<kylem> it's quite easy, i'm trying to find a link for you.
<ErikTheREd> Found http://ubuntuforums.org/showthread.php?t=24575
<kylem> that's a little out of date, which application are you looking for?
<ErikTheREd> *choke* Lotus Domino *choke* 
<kylem> ah. hmm.
<kylem> actually, you might get it if you just install ia32-libs, i'm not really sure... do they ship support for 32-bit Ubuntu, or is this coming from an rpm?
<ErikTheREd> I saw some notes elsewhere suggesting the ia32-libs-dev package, but that doesn't seem to be around anymore in 7.04
<ErikTheREd> No, they don't officially support anything other than RHEL and SLES, although people have gotten it to run under Debian and Ubuntu.
<ErikTheREd> Or actually, the older versions now that I look.
<kylem> hrm.
<ErikTheREd> If I download the source to ia32-libs from Debian and compile it, do you think it would make my system explode?
<kylem> ah
<kylem> ia32-libs includes ia32-libs-dev
<ErikTheREd> Yes, but apparently not the libstdc++-libc6 file :-)
<kylem> it will just be called libstdc++
<ErikTheREd> Yeah, but symlinking the libstdc++ libraries to that name hasn't done much.
<kylem> other than that, i'm not sure.
<ErikTheREd> Well, I copied the file from a Fedora 7 install, and it seems to be running ... sort of.
<ErikTheREd> Oh yeah, had to copy to /usr/lib32 and not /usr/lib if anybody cares.
<kshah> does anyone here use any desktop sharing, video conferencing software that they are happy with, open source and runs on ubuntu?
<kshah> anyone using dimdim?
* mode/#ubuntu-server [+o infinity]  by ChanServ
* mode/#ubuntu-server [+c]  by infinity
* mode/#ubuntu-server [-o infinity]  by infinity
<ErikTheREd> Thanks for the help everyone... looks like I'm more or less running.
* mralphabet cheers infinity 
<Nafallo> how can I tell postfix which way outbound should go if I want to deliver everything from one domain to a proxy but let the other from domains go right back out on the Internet?
<ScottK> Nafallo: Postfix doesn't have a concept of outbound and inbound being different things.
<lamont`> Nafallo: it can be done, but it'll be sick
<Nafallo> lamont`: sick is okayish :-)
<lamont`> worst case, you just deliver everything to a pipe mailer that reinjects things according to your design.
<lamont`> I'm sure there's a cleaner way
<Nafallo> someone should have done something similiar before I hope, and then google might have it :-)
<ScottK> Nafallo: I did something like that with transport maps
<Nafallo> it's basically to do outgoing mailscanning
<lamont`> probably the easiest way would be to DNAT anything arriving from the "special" domain, and have that arrive on a different port (with different rules) than port 25 has.
<Nafallo> but we only have a license on that software for one domain :-)
<Nafallo> hm... like this (more or less)
<lamont`> or have different options on smtpd on the two interfaces (inside, outside)
<Nafallo> internet -> mxscan0 -> mail
<Nafallo> and the clients use mail -> mxscan0 -> internet
<Nafallo> but if the client uses his/her smtp-auth for another domain it will get dropped at mxscan0 :-P
<Nafallo> so in that case it should be mail -> internet
<ScottK> Nafallo: I feel obligated to point out that there are almost certianly FOSS scanning solutions that would not require this kind of convoluted architecture.
<Nafallo> ScottK: sure, the thing are heavily based on postfix :-)
<lamont`> ScottK: picky, picky
<ScottK> I do, however, do something similar for Hotmail becaue their "wonderful" reputation system doesn't play well with low volume senders, I use transport maps to relay all mail to Hotmail through a single MTA.
<lamont`> Nafallo: the answer to any "can I do this with postfix" question is: "Of course.  OTOH, you may not want to hurt your brain that much."
<Nafallo> lamont`: yea, I know :-)
<Nafallo> lamont`: I thought I would just put in a transport_map, but that should make it confused with delivering, right? ;-)
<ScottK> Nafallo: The only deliveries are local.  everything else is a relay of some kind.  Shouldn't be a problem.
<lamont`> Nafallo: the issue is that postfix doesn't really distinguish based on sender in the routing decision (it's like IP routing in that regard), so you have to smack it around a bit to have it understand that you're really stupid enough to want to do what you're trying to tell it to do...
<lamont`> er, for some value of "stupid"
<Nafallo> :-)
<Nafallo> I might just want to use mxproxy0 for outbound for everything else then domain.tld then ;-)
<lamont`> ScottK: deliveries aren't local either... they're tossed through the "local" service instead of the "smtp" service or whatever other transport you want to route things out...
<Nafallo> I don't have local deliveries btw :-)
<Nafallo> virtual
<Nafallo> or rather... dovecot LDA :-)
<ScottK> Right.
* Nafallo actually tried to follow KISS, but my boss had more demands.
#ubuntu-server 2007-08-23
<kwizard> hey guys can anyone remember the command to install an IP address like to eth0:4 for example
<lamont`> kwizard: ip addr add 1.2.3.4/24 dev eth0 label eth0:4
<lamont`> Nafallo: damn bosses, anyway
<dho_ragus> kwizard: `ifconfig eth0:1 10.2.3.4 netmask 255.255.255.0` works for me.  the man page doesn't say anything about "dev" or "label" switches.
<dho_ragus> kwizard: that might be solaris
<dho_ragus> kwizard: or bsd...
<mathiaz> lamont` gave the configuration line for /etc/network/interfaces
<mathiaz> dho_ragus mentionned the command to setup the interface manually.
<dho_ragus> man, i gotta fix my colors.  i keep misreading convos.
<mathiaz> kwizard: so if you want to keep the configuration, you should add the line to /etc/network/interfaces
<mathiaz> kwizard: and then use the ifdown/ifup commands to bring down/up your network interfaces.
<dho_ragus> is there no openldap room?
<dho_ragus> i'm trying to hook up some services in linux with an AD via LDAP and can't find a room relating to ldap...
<lamont`> ifconfig is old-skool.
<lamont`> iproute (/sbin/ip) is part of ubuntu-minimal for a reason
<lamont`> ifconfig syntax makes my brain hurt
<lamont`> dho_ragus: (and ifconfig != ip)
<lamont`> mathiaz: and that's not what you want in interfaces, unless you want to stick an 'up' in front of it and put it on the eth0 stanza
<lamont`> for that matter, you don't even need the label unless you have some app that needs it...
<mathiaz> lamont`: yeah.. I just realized what I wrote...
<lamont`> np
<dho_ragus> geez, i need a nap or something...
<dho_ragus> totally missed the mark on that ip question
* dho_ragus crawls into a dark corner
<CodemasterMM> hey guys, i have a few broken packages, is there any way i can fix them (obviously, without using synaptic)
<lamont`> define "broken"
* lamont` suspects the answer lies somewhere between apt-get and dpkg-buildpackage
<CodemasterMM> well, purge removed samba and i went to reinstall it
<CodemasterMM> and basically, this is what i get - http://pastebin.com/d6f1855e3
<lamont`> hrm... does dpkg --reinstall /var/cache/apt/archives/samba_3.0.24-2ubuntu1.2_i386.deb do any better?
<lamont`> (assuming i386)
<CodemasterMM> yup, it's i386
<CodemasterMM> let me try
<lamont`> assuming it doesn't, (as root) sh -x /etc/init.d/samba start
<lamont`> and see what that shows being the reason for the failure
<lamont`> could just be that samba needs to be properly configured
<CodemasterMM> lamont`: yeah, i purge/removed the darn thing though
<lamont`> purge? or just remove?
<CodemasterMM> purged, then removed
<lamont`> uh... purge removes, so remove should have complained that it wasn't installed.
<CodemasterMM> yeah it did
<CodemasterMM> i just did remove to humor myself and double-check
<lamont`> then do it without the 'reinstall'?
<CodemasterMM> ok
<lamont`> in any case, must run before my family kills me, or eats dinner without me.
<CodemasterMM> :)
<ryanakca> Hmm. Can someone running a courier-imap server check for the existence of /etc/courier/share/index ?
<dthacker> ryanakca: don't have it.
<ryanakca> dthacker: hmm. nevermind, I thought it was 'required' but 'missing in the packages' due to Aug 22 20:49:05 groupware imapd: /etc/courier/shared/index: No such file or directory
<ryanakca> but the user creates it only if they want shared mailboxes
<dthacker> ryanakca: what's your definition of a shared mailbox?
<ryanakca> dthacker: at least that's what I gleamed from the article, many users access one mail box, so I guess many users could have their personal inboxes, but also have access to a 'group' inbox.
<dthacker> ah, ok.  I don't have any set up like that.
* ryanakca nods, same
<kshah> anyone here using DimDim?
<pschulz01> kshah: No
<kshah> webconferencing is lame
<kraut> moin
<dballester> hi to all
<dballester> do you have inputs from other users about problems with scsi tape drivers?
<dballester> with feisty?
<dballester> here is relevant info http://paste.ubuntu-nl.org/34772/
<andy_sk> anybody here?
<ScottK> Yes
<andy_sk> :-)
<andy_sk> sorry, i cannot obligate users to use squid...
<andy_sk> squid works but you can non use it? may you help me?
<andy_sk> what shall i google...?
<Kamping_Kaiser> andy_sk, whats up?
<Kamping_Kaiser> or specifically, whats not working?
<andy_sk> if you do not set proxz in ie or firefox, it works as well... :-(
* ScottK doesn't do squid.
<andy_sk> but?
<Kamping_Kaiser> andy_sk, flip port 80 into squid on your gateway with iptables
<Kamping_Kaiser> its what i do anyway :)
<andy_sk> hmhmh... could you give me exactly the command with iptables??? pls
<Kamping_Kaiser> # Lifted directly from squid-cache link above
<Kamping_Kaiser> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
<Kamping_Kaiser> # Copied from both (independantly):                                            #
<Kamping_Kaiser> # http://www.squid-cache.org/mail-archive/squid-users/200504/0575.html and     #
<Kamping_Kaiser> # From debian-administraton.org - somewhere                                    #
<Kamping_Kaiser> eth0=your in device, --to-port=your proxy port - squid is 8123 by default iirc (8080 is dansguardian)
<andy_sk> this onlz line will solve???
<andy_sk> thanks, i will try...
* Kamping_Kaiser sences impending issues
<andy_sk> :-)
<Kamping_Kaiser> andy_sk, pm me your email address, i'll send you something to look at
<Kamping_Kaiser> andy_sk, specifically, a fairly basic script i use for firewalling. i'd give you the full version, but i dont have it handy atm :|
<andy_sk> ok: andycom@szm.sk
<andy_sk> thansk!
<Kamping_Kaiser> hm... i think i'll attach the file, its getting nasty line wrapping
<andy_sk> to make it work forever i should insert it into /etc/iptables.up.rules??? ..i think
<Kamping_Kaiser> sent off.
<Kamping_Kaiser> look in my email.
<andy_sk> waiting to receive...
<andy_sk> sorry but i have not received nothing
<Kamping_Kaiser> hm.
<Kamping_Kaiser> do you have a spamfilter or something? its sent. . unless thats not your email...?
<andy_sk> no, it is... :-( pls try forward to vranic@orangemail.sk...
<Kamping_Kaiser> resent. give it a bit then check
<andy_sk> I am afraid there is something wrong our mail... :-( impossible that two of my accounts are wrong...
<andy_sk> sorry, now receive on the first mail...
<andy_sk> inet is not too fast now :-(
<lousygarua> PHP reports weird timezones on apache. I created a symlink /etc/timezone to the right timezone needed. restarted apache, still wrong. I checked `date` but it gave the old timezone. am i doing something stupid?
<soren> lousygarua: You're likely to get a better response on #php or something like that.
<lousygarua> soren: regarding changing the timezone - what i did is correct?
<soren> lousygarua: I don't think so. I also don't quite remember how php goes about determining timezone stuff.
<gamble6x> lousygarua: is the timezone correct on the system itself?
<lousygarua> gamble6x: no, that's where my prob is. it IS /etc/timezone, right?
<gamble6x> should be.  I bet there's a dpkg-reconfigure command to take care of your problem.
<gamble6x> but I don't have it off the top of my head.  1 sec.
<lousygarua> it's "localtime"
<lousygarua> not "timezone"
<lousygarua> or whatever i invented
<lousygarua> /etc/localtime - thanks anyway :)
<gamble6x> cool.
<leonel> would be great  if   http://gnu.wildebeest.org/diary-man-di/?p=37   gets  in  main
<mralphabet> leonel: what is icedtea?
<leonel> mralphabet: http://icedtea.classpath.org/wiki/Main_Page
<mralphabet> leonel: interesting, thanks
<ryanakca> lamont`: Hi, I'm currently setting up an eGroupWare server for Kubuntu Devel, and since you're the local postfix guru, I've been forwarded to you. Umm, Whenever you have a chance, could you please take a look at https://groupware.kubuntu.co.uk/~ryan/plan.html and give me a few pointers as to what I would need?
* ScottK was out of brain cells for the day and thought of lamont`.
<lamont> [ ] 	 Don't bounce mail when the user reaches his quota limit
<lamont> ryanakca: then what are you going to do with it?
<lamont> mailbox_size_limit=512M (I think), or 512000000 failing that, or make it really 2^29
* lamont is out of brain cells for a bit too.
<lamont> much manual labor for the last 90 minutes
<ScottK> lamont: I had counseled him on not being a backscatter source.  I may have gone to far.
<lamont> heh
<ScottK> That and the usual VDA patch doesn't meet the Postfix quality standards lecture.
<lamont> VDA?
<lamont> that's the "unnecessary" quota-hack?
<ScottK> That's the one.
<lamont> mailbox_size_limit does such a nice job, though...
<ScottK> ryanakca: ^^^
<ryanakca> ah, thanks :D
<ryanakca> lamont: and as for the email/password authentication?
<ryanakca> (for all hosts other than localhost?)
<lamont> figuring that out is on my todo list... :-)
<lamont> mind you, not for this week or next... :(
<ryanakca> :(
<ryanakca> Hmm. So, untill then, I guess I should just make it accept all email from foo@groupware.k.c.u ?
<ryanakca> (even though someone could forge an address?)
<ScottK> ryanakca: If the senders are authenticating with sasl, then you can use reject_authenticated_sender_login_mismatch
* ryanakca nods, ok, thanks
<gaten> I'm having trouble with the mysql-server package. It doesn't install a /etc/init.d/mysql file. i've tried to remove and purge it, then reinstall it but no go. any help?
<mathiaz> gaten: which package are you trying install ? mysql-server or mysql-server-5.0
<gaten> mysql-server
<mathiaz> gaten: the init script comes with mysql-server-5.0
<mathiaz> gaten: mysql-server is just a meta-package depending on mysql-server-5.0
<mathiaz> gaten: try to (re)install mysql-server-5.0.
<gaten> mathiaz: yeah im trying that, thanks. are all meta packages like that? just core binaries and such?
<gaten> mathiaz: invoke-rc.d: unknown initscript, /etc/init.d/mysql not found.
<mathiaz> gaten: mysql-server doesn't have any files.
<mathiaz> gaten: it's just a package that depends on mysql-server-5.0.
<gaten> mathiaz: ok. well that didn't work anyway, thats the error above apt-get throws at me. ive seen this error on the forums, no solution has been posted
<mathiaz> gaten: did you remove the init script ?
<gaten> mathiaz: yeah, a long time ago when i set up the first chroot. now im trying to set up another chroot, but i want the install all fat and happy before i move forward
#ubuntu-server 2007-08-24
<the_hatter> Hey, I'm trying to use Capistrano to deploy a RoR application to an Ubuntu6.06 server, and I get the following error message >> LoadError: no such file to load -- openssl >> I have openssl installed on my machine, but it continues to fail.
* ajmitch would assume that it's the ruby bindings for openssl that it's missing
<ajmitch> namely the libopenssl-ruby package, or libopenssl-ruby1.9
<the_hatter> sweet, thanks. I tried apt-get with openssl-devel and openssl-ruby, but not with lib
<ajmitch> 'apt-cache search' is your friend
<the_hatter> Indeed, I forgot that command. I used to have Mandriva, but have since seen the light.
<kraut> moin
<binary_blob> hi all.  i have a feisty server at home, and there was a recent update to rsync that caused a problem.  would someone mind taking a look at my pastebin to help me out?
<binary_blob> http://pastebin.ca/669191
<CrummyGummy> I have a blue screen of death on a feisty setup. :( hehe
<CrummyGummy> Anyone here installed it on HP cc3310
<binary_blob> CrummyGummy: sorry, not me.
<pmjdebruijn> binary_blob: weird, have you tried apt-get install -f
<CrummyGummy> Any ideas why it would hang?
<binary_blob> pmjdebruijn: no, do you think there's a chance that the package was corrupted during download?
<binary_blob> is there  a way to clear my dpkg cache and redownload the package?
<pmjdebruijn> it's possible, though not liekly
<pmjdebruijn> likely
<binary_blob> ok... i forgot to run irssi over 'screen' so i'll have to exit from here, give the "-f" a try, and come back.
<binary_blob> brb
<CrummyGummy> or the tigpr2u. Pretty much the same thing...
<CrummyGummy> It crashes round about the detect network devices part, whats next?
<CrummyGummy> hmmm, it was a network card it didn't like,...
<lousygarua> what do you use for incremental backups? if rdiff-backup any good?
<j1mc> hi all, earlier i had posted this pastebin ( http://pastebin.ca/669191 ).
<j1mc> the problem was that i had set 'noexec' as an option on the /var partition in my fstab file
<j1mc> removing that option fixed the problem
<j1mc> just thought i'd mention it.  :)
<Shane-S> can I reset the default users password if I have access to the server? I am trying SSH and none of the users/passwords are working that I thought would
<Shane-S> I know root is disabled and I have to use sudo, so will that cause an issue?
<Shane-S> never mind remembered it
<mralphabet> sudo password someuser
<mralphabet> or self
<mralphabet> sudo password
<coNP> passwd
<mralphabet> ^^ true
<coNP> instead of password, I guess
<mralphabet> my bad
<Shane-S> well I am good now, I remembered it, I forgot I used a different username then normal :P
<Shane-S> how do I keep all the packages and such updated, my google, is returning updating 6.06 to feisty, I just want to make sure it is up to date security wise
<Shane-S> just apt-get update?
<sommer> Shane-S: apt-get update then apt-get upgrade
<Shane-S> ahh ok, I will wait till the evening encase it breaks :P
<Shane-S> then I will be like...who me...I didn't do anything ;) (surry to fix what broke) then be like but I fixed it for ya :D
<Shane-S> should be fine though, had no issues with the gui desktops that I made into lamp's
<sommer> you can also to apt-get upgrade -s to see which packages will be installed.
<Shane-S> ohh neat thanks, I am slow to understand the man page
<Shane-S> reading it...but always scared I will break something
<mralphabet> apt-get update gets the new file listings from the apt servers
<mralphabet> so you have to do that before you run upgrades
<mralphabet> or . . . should at least
<Shane-S> I did that already
<Shane-S> gosh quite a few need upgrades
<Shane-S> thanks
<Shane-S> I will be sure to run that tonight
<Shane-S> will the upgrade reset anything I had to alter, like IPv6 being enabled?
<mralphabet> nope
<Shane-S> its on a network that doesn't support IPv6 yet
<Shane-S> ahh alright thanks
<stiv2k> hi
<stiv2k> for some reason, in samba, every user i add gets assigned the same (incorrect) gid
<stiv2k> instead of the gid that matches with their username
<stiv2k> and its sorta messing up my filesystem organization
<mathiaz> stiv2k: how do you create your users ?
<stiv2k> mathiaz: smbadduser
<stiv2k> wait are you talking about system users
<stiv2k> or samba users
<stiv2k> i use useradd for system users
<mathiaz> stiv2k: are you using the smbadduser from the samba-doc package ?
<mathiaz> stiv2k: which version of samba are you running ?
<stiv2k> umm
<stiv2k> one sec
<stiv2k> Version 3.0.24
<stiv2k> wait
<stiv2k> not smbadduser
<stiv2k> that command doesnt exist :P
<stiv2k> i use smbpasswd
<stiv2k> perhaps that my problem?
<mathiaz> well - smbpasswd will add entry to your smbpassword file
<mathiaz> stiv2k: it won't touch the system accounts.
<stiv2k> mathiaz: so am i using the right command?
<mathiaz> stiv2k: when you say it that every user gets the same gid, you mean on the files created ?
<stiv2k> well
<stiv2k> pbedit shows this for all the samba users:
<stiv2k> Primary Group SID:    S-1-5-21-4271386153-3904370233-1644803865-513
<stiv2k> and when i transfer files over samba, the ownership shows up as
<mathiaz> stiv2k: that's normal
<stiv2k> steve:ridethelightning
<stiv2k> instead of steve:steve
<stiv2k> or paul:paul
<stiv2k> its paul:ridethelightning
<stiv2k> etc
<mathiaz> stiv2k: what'S the gid of ridethelightning ?
<stiv2k> mathiaz: how do i look it up
<mathiaz> grep ridethelightning /etc/group
<stiv2k> ridethelightning:x:1001:
<mathiaz> stiv2k: do you use the group / force group option in smb.conf ?
<stiv2k> mathiaz: im not sure
<stiv2k> mathiaz: would you like to see my smb.conf?
<mathiaz> stiv2k: could you pastbin somewhere ?
<mathiaz> stiv2k: make sure it doesn'T have any confidential information
<stiv2k> mathiaz: i dont think it does
<stiv2k> one sec
<stiv2k> http://pastebin.com/d569db73
<stiv2k> mathiaz: i followed a howto when i got samba running
<stiv2k> i dont really know what half of the paramaters do... :/
<mathiaz> stiv2k: I don't see anything obviously broken.
<stiv2k> mathiaz: yeah i know :/
<stiv2k> maybe its not a samba thign?
<stiv2k> maybe somethigns messed up in my system?
<mathiaz> stiv2k: do the users have their primary group set correctly ?
<stiv2k> mathiaz: how do i check that?
<stiv2k> sorry i went out for an extended stoge session
<stiv2k> that might be the problem
<stiv2k> i dont know how to check that
<mathiaz> stiv2k: groups username
<stiv2k> that shows the current group
<stiv2k> right
<mathiaz> stiv2k: that shows the list of group a user is in
<stiv2k> mathiaz: it appears to be OK
<mathiaz> stiv2k: you can also use the id command
<mathiaz> stiv2k: it'll give the actual gid
<stiv2k> ok
<stiv2k> yeah i dont see anything out of the ordinary
<stiv2k> but if i transfer a file over thru samba
<stiv2k> the ownsership always shows up with the wrong group
<stiv2k> im gonna go try to reproduce it right now
<stiv2k> how do i retrieve a password for someones account
<mathiaz> stiv2k: well - you can't. That's why it's called a password.
<stiv2k> but im a sysadmin
<stiv2k> well how do i retrieve their smbpasswd
<mathiaz> stiv2k: same thing.
<stiv2k> ok
<stiv2k> well its not letting my log in as myself
<stiv2k> from my friends laptop
<stiv2k> oh snapo
<stiv2k> mathiaz: i think i found something
<stiv2k> mathiaz: i've figured out the problem
<stiv2k> its not samba related at all
<stiv2k> but i dont know of a solution
<stiv2k> yu gotta help me
#ubuntu-server 2007-08-25
<nealmcb> stiv2k: so what's the problem?
<ph1zzle> hey guys
<ph1zzle> I basically volunteered for something at work, and I am pretty damn sure I can manage it, but I thought I would come in here for some tips before I got started...
<ph1zzle> my boss has a shit ADSL connection for the office and got a pay per bandwidth WiMAX account as a secondary account, I basically volunteered to create a router that will automatically detect when the primary account has gone down and switch to the secondary and I was wondering...
<ph1zzle> well any tips on how to manage this
<ph1zzle> ?
<ph1zzle> I am assuming I will need something in the load balancer devision
<stiv2k> nealmcb: got it fixed
<CodemasterMM> this might be a bit more suited for this channel
<CodemasterMM> i need a bit of NFS help - i have a directory mounted from one machine (machine 'A') across to another machine (machine 'B') as /home/, but it seems that whenever i ssh into machine 'B' as a new user, it fails to create the user's home directory - this might be due to the fact that the home folder (on machine 'A') is owned by root and is chmod'd to 755... anyone have any idea how i can solve this?
<mariachi> hi everyone! I installed ubuntu-server and I need to install a package from a cd, but can't get to it, how do I do that? isn't cd /media/cdrom enough?
<JanetFLorida> can anyone tell me why my firefox global extensions aren't being applied to all users?  http://pastebin.ca/670136
<ScottK> That's really more of an #ubuntu question I would think.
<nealmcb> JanetFLorida: or perhaps a question for a mozilla channel?  But I'm curious to know what you're tried, and what you learn.  Thanks.
<cy_> hello
<cy_> any of you work at an ISP? offering a web based control panel for the Customers and Resellers to use? Like cPanel, ISPconfig and DTC ? ... i'm looking for one that is easy expendeable (more than 1 server) to split up services on other hosts.. and which is the best for the users.. and ubuntu/debian servers .. anyone could share any thoughts/experiences?
<dthacker-lt> Hi, I'm doing a manual partition.  I want to set up lvm with two VG's then various LV's for filesystems underneath.  I can't seem to find the options to create Volume Groups in the partioner.  Can someone help?
<ScottK> Which CD are you using?
<dthacker-lt> feisty server
<ScottK> dthacker-lt: I don't recall for sure which installer the server CD uses.  If it uses Ubiquity, then you'll need to use the alternate CD to do that.
<dthacker-lt> how can I tell if it's ubiquity?
<ScottK> One sure way to do it would be do download the alternate CD and start an install.  If the U/I looks different, then the server CD uses Ubiquity and you need to use the alternate.
<dthacker-lt> ok
<ScottK> Sorry I don't have a clearer answer for you.
<ph1zzle> hmmm, it's shame I wasn't around when CodeMasterMM was, no one told him that /home is supposed to be owned by root/755
<ph1zzle> dthacker-lt: I don't know about doing it on the server CD but I know I have often set them up manually on the Desktop CD, I did think there was an option though on the server CD
<ph1zzle> dthacker-lt: what all are you installing in the lvm? if it's not / then it's typically pretty easy to do after the setup has completed manually. Even if it is root thats not usually too much harder
<ph1zzle> if you want /home or /var or something like that in lvm, do a minimal install to whatever sized / you would use before and let it create /home or /var or w/e and then leave the rest of the disk un initialized and create the lvm's afterwards, copying whatever you need and then tell fstab to mount it over /home or /var or w/e
<ph1zzle> now I have been afk drinking with friends since I asked last night so I am gonna try again
<ph1zzle> I basically need to create a router/gateway, which is typically easy enough, but I have to do it where the computer will be connected to two seperate WAN's and when WAN 1 fails it will automatically switch routing to WAN 2 and when WAN 1 becomes available again it will detect it and switch routing back to WAN 1, I can do most or all of this manually but I was wondering if there was software out there that is designed to manage thi
<DustWolf> hello I have a problem
<DustWolf> entries keep automatically appearing in my
<DustWolf> hosts.deny
<DustWolf> they lock out certain users from my sshd service
<DustWolf> how do I prevent this behaviour?
<cy_> O_O
<cy_> never seen that before
<cy_> would be interesting to know thou
<DustWolf> adds
<DustWolf> sshd: 82.149.18.13
<DustWolf> sshd: 212.235.152.216
<DustWolf> automatically
<DustWolf> apparently every 10 minutes
<DustWolf> those are two users one of which also uses root
<DustWolf> indirectly
* DustWolf waits for the problem to reocur
<Calin_> anyone have an idea why my server can't resolve full hosts (on local bind9) it can resolve www, or ftp (which shows as cname of bowser.provident.local) .. but not www.provident.local or ftp.provident.local
<DustWolf> there it goes again, added 3 hosts to my hosts.deny
<DustWolf> namely the ones I just deleted from there
<ScottK> DustWolf: Do you have fail2ban installed?
<DustWolf> hm
<DustWolf> is it installed on an ubuntu server by default?
<ScottK> No, but neither is SSH.
<DustWolf> aptitude does not report fail2ban to be installed
<DustWolf> and if it were installed
<DustWolf> by which method would it run?
<DustWolf> I mean.. how do I find out what is altering my file?
<DustWolf> wait
<DustWolf> found it
<DustWolf> sorry to bother
<DustWolf> it was "denyhosts"
<DustWolf> ps aux |grep root is useful
<DustWolf> ---------------------
<DustWolf> how does one clear the route cache?
#ubuntu-server 2007-08-26
<AnRkey> hi
<AnRkey> i am working on a vmware machine that i want to hand out
<AnRkey> i need to run some kind of app for the client to choose repositories like during the server setup
<AnRkey> can i do anything with dpkg and reconfigure?
<Pyretic> hi, is "trying to overwrite `/usr/sbin/xentrace_setmask', which is also in package xen-utils-common"
<Pyretic> something i should file a bug on ?
<Pyretic> feisty tribe5
<ph1zzle> hey guys, you know how I can setup a machine connected to two networks on two nics, both of which are wan, and tell the machine when one is not working, use the other?
<AnRkey> ph1zzle, what is the machine going to do?
<mvip> anyone has experience with LTSP5 deployments?
<mvip> I'm confused over LTSPs behavior...
<mvip> should I get logged into the chrooted environment when using the GDMish login?
<mvip> because I only get logged into the chrooted env. when logging in using the console login
#ubuntu-server 2008-08-18
<tacone> hello, where and with which permissions shuold an ssl certificate .key file be stored to be usable with apache ?
<tacone> is there a standard practice ?
<emgent> zul: around ?
<zul> emgent: not really
<emgent> ok, if you like we can mail you about this.
<zul> emgent: yes
<emgent> ok thanks :)
<kriel> So, in the past, I've had apt have a problem and lock up if it only half-downloads a package. So, I removed the entire /var/cache/apt directory to try and clear out apt's cache, hoping it would rebuild. ... it apparently didn't. Any ideas on fixing my blunder? I'd rather not wipe and reload..
<wantok> kriel: you havent told us the error
<wantok> kriel: and /var/cache/apt/partial is what your looking for
<kriel> ... I nuked all of /var/cache/apt, that's the problem.
<captbaritone> Can anyone tell me why if I zip the same file two different time, the resulting zip files have a different md5 hash?
<kriel> here, have a pastebin. http://pastebin.com/d451157f0
<tacone> kriel: I'd  try a dpkg-reconfigure apt . but I really have no idea if it may harm your system further or not, so try at your own risk.
<kriel> It's not a production server, we're just trying to avoid a wipe and reload.
<wantok> kriel: does /var/cache/apt/archives exit?
<tacone> wantok: he wiped everything.
<wantok> tacone: then he should probalby re-create everything ;)
<tacone> lol, trying to reproduce on my intrepid chroot
<wantok> captbaritone: files contents changed?
<tacone> that's what the chroot is all about: have fun ! :-D
<captbaritone> no
<captbaritone> give it a try on your machine
<tacone> ok I get the same error of him
<tacone> uhm, no, seems not to work
<kriel> byeh, got it. >> I'm not sure what the other guy did, because he dosen't know what dpkg-reconfig is, but whatever he did, apt's working again.
<tacone> lol
<tacone> not for me :D
 * wantok bbs
<Kamping_Kaiser> anyone tried ebox (from thier ppa, or the 8.04 repo) for adminging samba/nfs/squid with authentication (basically, a school proxy/server).
<Kamping_Kaiser> well, anything similar :)
<Kamping_Kaiser> i'm wondering if loosing the ability to admin by ssh+not being able to directly edit files is worth the "easy gui" for users
<\sh> Kamping_Kaiser: my opinion, "don't use this software if you know how to edit config files manually" at least, I had my share of bad "webmin" experience in the past (means in the 90ties)
<FuRom> Is there a linux alternative to using IECapt.exe (http://iecapt.sourceforge.net/) for generating website screenshots automatically?
<kraut> moin
<uvirtbot`> New bug: #259006 in php5 (main) "php5 and libtool 2.2 cause some PHP related packages to FTBFS" [High,Confirmed] https://launchpad.net/bugs/259006
<kirkland> jdstrand: are you familiar with the "service" command on RH systems?
<thefish> kirkland: thinking of adding that to ubuntu-server?
<kirkland> at the very least....
<kirkland> #!/bin/sh
<kirkland> SCRIPT="$1"
<kirkland> shift
<kirkland> /etc/init.d/"$SCRIPT" $@
<kirkland> thefish: but, yes
<kirkland> trying to decide where's the best place to put it, thinking of sysvinit
<thefish> couldnt say, but i like the idea
<thefish> it helps a lot with windows server converts
<thefish> they seem to be able to get their head around that a lot easier than /etc/init.d/xyz start
<kirkland> thefish: true
<kirkland> thefish: i've been using Ubuntu exclusively for years now, and i still accidentally type "service apache2 restart"
<thefish> :)
<vincentvdk> hello
<thefish> kirkland: it would be nice to have as a kind of standard
<thefish> we have mostly an ubu server shop, but there are some rhel boxen as well, so a similar set of service stuff would be useful
<thefish> im sure there are quite a few places with mixed distros
<kirkland> thefish: i don't have a RH box on hand...  does the "service" script do more than just put /etc/init.d in front of whatever you call?
<thefish> kirkland: moment, ill see if i can ssh in (HQ firewall is being a bit iffy...)
<maswan> kirkland: not according to a "man service" on centos5
<kirkland> maswan: thx
<jetole> is there an single sign on application out there that is portable? I mean I can't seam to replicate the AD LDAP to openLDAP and vice versa and I don't want the SSO to _HAVE_ to rely on either Linux or Windows
<jdstrand> kirkland: not hugwly familiar with it-- I;ve used it a couple of times
<jdstrand> hugely even...
<maswan> well, it does a few other things, like a --full-restart which is a stop; start and a --status-all which is a for a in /etc/init.d/*; $a status
<jetole> some way I can keep all login credentials on a linux and windows server and have them update each other?
<maswan> but not anything significant
<kirkland> jdstrand: okay, no worries...  i think i'm dropping it in sysvinit...  does that sound about the right place for it?
<jdstrand> kirkland: I don't remember the nuances of the 'service' command. does it actually change symlinks, etc?
<kirkland> jdstrand: not as far as I know
<jdstrand> kirkland: or is it just a shorthand of doing /etc/init.d/<service> ...
<kirkland> jdstrand: yes
<maswan> jdstrand: no, it just runs them.
<kirkland> jdstrand: very, very simple
<maswan> jdstrand: chkconfig on the other hand...
<maswan> or whatever tha'ts called
<kirkland> jdstrand: trivial "enhancement" to an Ubuntu server, would make many a former RH admins less frustrated with Ubuntu
<kirkland> chkconfig is more complex
<kirkland> i'm not tackling that
<maswan> I've spent all of a couple of hours trying to admin a rhel derivative, so I'm not exactly and expert. I know much more about AIX than RH.
<jdstrand> kirkland: I think that would be the place, yes. however, if you consider future upstart scripts, then perhaps not
<jdstrand> kirkland: I'd ping Keybuk
<kirkland> jdstrand: hmm, good point.
<kirkland> jdstrand: i'll talk to him
<kirkland> jdstrand: dendrobates- was very supportive of this little patch
<kirkland> jdstrand: maybe i'll get him to talk with Keybuk, since they're in a conference room together all week :-)
<jdstrand> kirkland: sounds entriely reasonable :)
<dendrobates-> kirkland: we need chkconfig too.
<kirkland> dendrobates-: i agree... but that's highly none trivial, and potentially against debian policy
<kirkland> non-trivial
<dendrobates-> kirkland: colin thinks that some of the work has already been done.
<kirkland> dendrobates-: for chkconfig?
<kirkland> dendrobates-: that functionality is sort of handled on a per-package basis, with their /etc/default/* files, and debconf questions
<kirkland> dendrobates-: tested/working patch attached to https://bugs.launchpad.net/ubuntu/+source/sysvinit/+bug/259043
<uvirtbot`> Launchpad bug 259043 in sysvinit "Ubuntu Server would benefit from a "service" wrapper script" [Undecided,New]
<Kamping_Kaiser> \sh, thanks for the comment. the root of the dilemma is that i know how to do the config, but i dont expect the recipents to (but i will be the ongoing support. grr)
<dendrobates-> sommer:  can you still make updates to the server guide?
<sommer> dendrobates-: yeppers
<dendrobates-> sommer: what do you think about adding a blub at the end that tells people that support is available?
<dendrobates-> sommer: we keep having people tell us that they didn't know support was available for ubuntu.
<sommer> dendrobates-: seems like a good idea to me
<sommer> dendrobates-: is the end the best place for that?
<sommer> dendrobates-: seems like it may fit as a subsection to the introduction section
<dendrobates-> sommer: seems like it.
<sommer> dendrobates-: is canonical the only place to get support?  just thinking that if other companies have offerings it may be good to list them
<dendrobates-> sommer: just this url:  http://www.canonical.com/services/support
<sommer> dendrobates-: okay, I'll add something... isn't there some type of partner program?  or does that not make sense in the "support" context?
<ScottK> sommer and dendrobates-: What about http://www.ubuntu.com/support it seems a bit more inclusive.
<sommer> both seem okay to me
<w8tah> on a default setup of ubuntu heron server -- is there any kind of firewall running?  particularly one that might be interfearing with connections to a mysql server?
<_ruben> installed: yes, running: no
<w8tah> ok -- cuz i cant talk to my mysql server no matter what
<w8tah> and i need to
<w8tah> is it iptables or what?
<ScottK-laptop> It's called ufw and it's essentially a simple iptables front end.
<w8tah> ok
<ScottK-laptop> By default it's disabled.
<sommer> w8tah: you should double check /etc/mysql/my.cnf and make sure it's listening on more than the loopback address
<w8tah> OOHHHH
<w8tah> ok
<w8tah> been too long since i set up a mysql server
<w8tah> i need to bind the ip of the machine, right?
 * w8tah blames getting old
<sommer> w8tah: yeppers
<w8tah> thanks
<sommer> np
<w8tah> that was it -- thanks a ton
<sommer> heh, you're welcome
<w8tah> soon as you said that i rememberd having to do something similar when i was running mysql under gentoo but its been over a year since i configured a Mysql server
<kirkland> soren: I'm getting an ubuntu-vm-builder failure: Error: Error opening /dev/shm/vm-builder-kivOw18719/root.raw: Invalid argument
<soren> kirkland: That's because parted hates you.
<soren> And me.
<kirkland> soren: bummer, no workaround?
<soren> kirkland: I have a patch that fixes it.
<soren> kirkland: Until then... Er...
 * soren thinks
<kirkland> soren: will you be rolling out that patch in the next day or so?
<soren> Yes. Until then, you should be able to get a bit further if you point your tmpdir at a non-tmpfs.
<arakthor> is there a way to build a custom install cd (say I want to edit the packages installed by default etc. ) to basically streamline the installs where I work?
<jmedina> arakthor: I have used Ubuntu Customization Kit (UCK)
<jmedina> http://uck.sourceforge.net/
<uvirtbot`> New bug: #259110 in samba (main) "Samba NT_STATUS_PASSWORD_MUST_CHANGE bug" [Undecided,New] https://launchpad.net/bugs/259110
<arakthor> jmedina, does it do more than the language?
<jmedina> arakthor: you can pre-install packages and configs
<arakthor> awesome, I will have a look at it. thanks :)
<arakthor> bleh, doesn't work with server cds
<arakthor> thanks anyway
<arakthor> found the wiki entry on customizing cds so I should be oK
<zul> infinity: ping
<ghetek> just making sure you guys can see this...
<ghetek> anyone?
<ScottK-laptop> Depends on what this is.
<ghetek> this was just text, and thanks!
<ghetek> hey guys, so i installed mdadm and i was working on creating a raid and somewhere in all of this i mistakenly created md0p1 md0p2 md0p3 and md0p4 how do i just remove these, kill my current array and start over in creating a software raid?
<ghetek> hey guys i need to share out /dev/md0 to 2 different users on the system so that both users can mount this as a share in windows. can i get some help please? this si all in console
<ghetek> guys ok so here is my issue i type in  sudo fdisk -l | grep NTFS | awk '{print $1}' and i get back "Disk /dev/sdc doesn't contain a valid partition table."
<ScottK> lamont: So the udns maintainer's response on cache poisoning is there's no point in source port TID randomization because DNSSEC is the only one true answer.  See Debian Bug #493599 for laughs.
<uvirtbot`> Debian bug 493599 in udns "Transaction ID and Source Port not random enough" [Grave,Open] http://bugs.debian.org/493599
<lamont> ScottK: he's right, btw.  Now get real. kthx
<ScottK> He's right, of course, but it's rather beside the point.
<lamont> until we have signed root and TLD zones, it doesn't matter
<ScottK> Yep.
<ScottK> So I don't think that in the meantime declining to change from trivially spoofable to spoofable with enough bandwidth and other conditions are right is a good approach.
<lamont> of course, I expect that Kaminsky is just finding these bugs to help push global acceptance of DNSSEC :-p
<lamont> it's acceptable only if you're not doing recursion. :-)
<lamont> which has the advantage of meaning that you don't have a cache to poison....
<ScottK> Yes.
<ScottK> I'm still in favor of doing what one can.
<maswan> lamont: well, some TLDs are signed. you just have to make sure those are in your resolvers trust path and you only care about domains under those TLDs...
<ScottK> Would those be any TLDs I might care about?
<maswan> I only know of .se, but there should be a handful of others too.
<maswan> Of course, I don't know of anything _under_ .se that's signed, but I'm sure there might be something of value. :)
 * ScottK ponders applying to ICANN for .signed as a TLD.
<AtomicSpark> beyond https://help.ubuntu.com/8.04/serverguide/C/openldap-server.html , what do I need to do to setup a Linux "active directory"? I'm not even sure how to configure the clients to pull the users from the server.
<lamont> ScottK: no hardy-backports love for postfix 2.5.4-1???
<ScottK-laptop> lamont: There was no previous backport to update.
<lamont> ah, ok
<ScottK-laptop> It seems like ~2.5.2 to 2.5.4 is not so much of a change.
<lamont> just the two CVEs :)
<ScottK-laptop> Right, but you're going to deal with the only one a sane person has to worry about in a -security upload, so no worries.
<lamont> right
<lamont> and actually, that's done, just hasn't published. :-(
<ScottK-laptop> Yes.  That gave me a chance to comment on Friday about how the security support is faster (sometimes) in backports than in -security.
<tacone> zul: around ?
<Fenix|work> Greetings
<Fenix|work> I need some help with ubuntu-server and pure-ftpd
<Fenix|work> I had it all working, now anonymous users don't work any longer
<Fenix|work> I recently went from gutsy to hardy
<Fenix|work> so I'm a bit perplexed as to what stopped
<Fenix|work> anyone have any suggestions?
<Fenix|work> ok, fixed my problem... apears my upgrade deleted the ftp user
<Fenix|work> re-creating it and it works.
<cxo_> When i do an apt-get upgrade linux-server, why does it say it's being "kept back"?
<arakthor> you need to run apt-get dist-upgrade or use aptitude with U
<erichammond> cxo_: I'll try to help out here.  If you want to upgrade your kernel, try "apt-get dist-upgrade" and you'll need to reboot afterward.
#ubuntu-server 2008-08-19
<zul> tacone: yep
<tacone> nothing, I wrote to you on the ml, about the apache thingie.
<tacone> I am not anymore sure it wasn't our fault though.
<vladdY> can someone help to install ubuntu server with software raid1 please
<vladdY> i still couldnt do it, after 6+ hours
<wantok> took me a while to figure out too.
<vladdY> is there any tutorial/guide, im kinda linux noob too "/
<wantok> on help.ubuntu.com is the server guide
<vladdY> i looked but there's nothing on Raid1
<wantok> different raids use all the same steps
<wantok> just you need to seelct raid1 not raid[other] at the right moment
<sommer> vladdY: you can try the instructions in the develpment version of the serverguide: http://doc.ubuntu.com/~mdke/test/serverguide/C/advanced-installation.html
<vladdY> sommer: this is very useful link, thanks
<sommer> vladdY: cool, if you have any feedback concerning the guide please let me know
<jmedina> sommer: did you write the kerberos section?
<sommer> jmedina: yeppers
<sommer> it's new for intrepid as well
<jmedina> sommer: you know how easy is use openldap as a database backend for MIT?
<jmedina> I've been working with heimdall and I think it is best documented, and afaik, samba4 works with heimdall
<sommer> jmedina: I haven't actually done that yet, but it's on my todo list if there's time
<sommer> jmedina: from the quick look I took at it a while back, it doesn't seem too complicated
 * jmedina hates time
<sommer> jmedina: add the schema file, add the kerberos attributes to the users, configure the kdc to use ldap... boom :)
<jmedina> sommer: pretty easy....
<jmedina> :P
<sommer> well in theory, heh
<jmedina> the instructions for heimdal http://www.h5l.org/manual/heimdal-1-2-branch/info/heimdal.html#Using-LDAP-to-store-the-database
<jmedina> sommer: any reason to choose mit?
<sommer> jmedina: mit is in main... so for the "official" docs we try to stick to packages in main, where possible anyway
<sommer> jmedina: I did some testing with heimdal, it is slightly simpler to setup and configure
<jmedina> ok
<vladdY> sommer: thanks again for that link, it helped a  lot, i think i got it running
<vladdY> is there any easier way to test to make sure it works other than unplugging hd from motherboard :)
<vladdY> hm, raid1 ubuntu server won't start if i unplug one of the hard drives, computer is stuck in "verifying DMI pool data"
<vladdY> hm, i know im probably boring but have to ask
<vladdY> how can i Setup so that the other partition(disk) is bootable too using ubuntu server on raid1
<sommer> vladdY: are you running hardy?
<vladdY> 8.04
<vladdY> i honestly dont know which version is that
<sommer> vladdY: 8.04 is the latest... this howto may help: https://help.ubuntu.com/community/Installation/SoftwareRAID
<sommer> vladdY: you can probably start at the "Adding GRUB to 2nd drive" section
<sommer> the issue is being worked on for Intrepid, so in the future you won't have to go through the extra steps
<vladdY> sommer: thanks again :)
<vladdY> so, if I disconnect one hd, it should run from another one, correct or is there something I have to do (restore mbr or....)
<sommer> vladdY: I guess, once you've installed grub on the second hard drive and added the script to the initramfs, it should work fine
<sommer> vladdY: I've never actually used those instructions, so it's probably a good idea to test things before putting the machine into production
<vladdY> sommer: ok, thank you very much for all your help
<sommer> vladdY: np
<nodoubt> why would ports.conf in etc/apache2 be empty in pico/vi but have data/characters in the file when opened in desktop environment gedit??
<michalski> does anyone know where i can find iptables config?
<maswan> Do I win a prize for storing ~56k copies of ubuntu-8.04.1-server-amd64.iso in a tape library? :)
<maswan> just in case it gets lost, I mean
<kraut> moin
<uvirtbot`> New bug: #259363 in apache2 (main) "Need to source envvars before being able to use 'apache2' binary." [Undecided,New] https://launchpad.net/bugs/259363
<trentster> hey all, I have the strangest problem, having extremely poor network performance slowdown when copying to an NFS NAS volume, will get a peak of 20-30MBps then almost no activity for about 40 seconds then another little peak. I have tried putting in an intel pro1000 network card, cable change etc, still same problem. However if I boot off the live cd and try the same thing I get a sustained 55MBps working perfectly....any i
<trentster> deas?
<thefish> trentster: you boot the client that is copying the data with livecd, or the server? maybe compare nfs client versions and options?
<trentster> thefish, the client I booted the livecd on.
<trentster> the server is actually a dedicated NAS appliance server
<thefish> i guess you mount the nfs dir and then copy? maybe the mount options are a bit different? or the client version?
<trentster> naah the mount options are identical
<trentster> I think the versions of nfs are the same as well, I will double check..
<trentster> I think something else on the machine is interfering with it.
<thefish> trentster: what are you using for the copy? just cp?
<trentster> thefish, yes
<trentster> just cp
<thefish> trentster: sorry, not sure - i have seen it where a gui file manager eg nautilus will be really slow, and cp will be fast
<thefish> no iptables or anything like that?
<trentster> thefish, no iptables
<trentster> its a very strange one
<thefish> have you seen http://www.unix.com.ua/orelly/networking_2ndEd/nfs/ch18_01.htm
<thefish> maybe some bits in there that could help
<thefish> please say what fixes it ;)
<trentster> thefish, thanks I will let you know......I am busy getting ready to test via FTP to see if its def NFS related only or a general problem.
<thefish> fair enough
<trentster> wow, its slow on ftp as well getting 6MBps
<trentster> it starts off super fast 50MBPS for 3-4 secs.....then slow....allmost like a buffering problem or something.
<ogra> did you check your NIC with mii-diag ? on both setups you test ?
<ogra> migh be that one runs in full and the other in half duplex
<trentster> thanks for the help guys, gonna reboot and try continue troubleshooting
<cxo_> erichammond1, so dist-upgrade = kernel upgrade?
<kirkland> zul: do you have time today to sponsor some init script changes?
<kirkland> zul: the status action stuff
<zul> kirkland: sure
<zul> kirkland: just send me the list and I will get to them today sometime
<kirkland> zul: okay, will do
<thefish> !seen [diablo]
<ubottu> I have no seen command
<thefish> bugger
<nealmcb> Server team meeting in #ubuntu-meeting in 30 minutes: https://wiki.ubuntu.com/ServerTeam/Meeting
<nealmcb> There is still time to propose another item for discussion....
<Oliber> will there be tea and coffee?
 * Oliber runs away ;)
<nealmcb> Oliber: Yes - but it will be distributed tea and coffee - just like our source control :)
<ScottK-laptop> The good news is the Ubuntu wiki is so slow if makes bzr feel fast in comparison.
<nealmcb> with pockets of milk, cookies, water and other beverages that fit the local culture and timezone
<soren> ScottK-laptop: You think? Hm... It feels pretty snappy to me.
<ScottK-laptop> Which the wiki or bzr?
<soren> I mean the wiki.
<ScottK-laptop> I'm editing.
<soren> editmoin or web?
<ScottK-laptop> Web.
<soren> Ah. Wouldn't know about that.
 * soren <3 editmoin
<ScottK-laptop> Well right now every time I go to the meeting page it wants me to login.
<ScottK-laptop> I login and it takes me to the main page.
<ScottK-laptop> I go to the meeting page it wants me to login.
<ScottK-laptop> Rinse repeat.
<soren> Which browser?
<ScottK-laptop> So it's faster now.
<ScottK-laptop> Konqueror.
 * ScottK-laptop tries another one.
<ScottK-laptop> Works in Firefox.
<zul> nijaba: mirror?
<kirkland> nijaba: i added the debconf entry to mdadm, at "medium" priority.  this will not popup during the installer, and will set the default to "no"
<kirkland> nijaba: it would be trivial to raise the priority to make it popup the question, however, that might need more of a consensus
<kirkland> nijaba: i would be very much in favor of that
<kirkland> nijaba: but i left that part of the patch for later, so as not to embargo the rest of the functionality
<nijaba> kirkland: my question was more whether the default Raid1 install would duplicate /boot on both disk now
<kirkland> nijaba: oh, the MBR ... yes, it should
<nijaba> kirkland: great
<kirkland> nijaba: the code is there, but it hasn't made it into an ISO yet, so I haven't tested it
<kirkland> nijaba: I tested it "by hand", but not "by ISO"  :-)
<nijaba> kirkland: let me know when it is there, I'll give it a go as well
<ScottK-laptop> arakthor: Let me get you some links.
<arakthor> ScottK-laptop, ok
<ScottK-laptop> arakthor: https://wiki.ubuntu.com/ClamavSpamassassinInMain is the basic spec that lists the MIR that need to be done.
<arakthor> what is a MIR?
<soren> MainInclusionReport
<ScottK-laptop> Main Inclusion Report.
<ScottK-laptop> https://wiki.ubuntu.com/MainInclusionProcess describes the process.
<leonel> ScottK-laptop: as I've told you some time ago I'd like to  do the  clamav MIR   is there a deadline time  to do so ??
<ScottK-laptop> This is how we get stuff 'promoted' to be supported.
<ScottK-laptop> leonel: We need it approved prior to Aug 29.
<ScottK-laptop> This would be a good time to work on them.
<ScottK-laptop> arakthor: Were you interested in Spamassassin too or just Clamav?
<leonel> wow 10 days
<ScottK-laptop> Yes.
 * ScottK-laptop notes he's been asking for help for weeks.
<arakthor> ehm, either or. I'm more interested in lending a hand and seeing how it goes
<ScottK-laptop> arakthor: OK.  The Spamassassin ones are almost all Perl modules.  They tend to be relatively easy.
<ScottK-laptop> And leonel is going to work on clamav anyway.
<arakthor> alright
<ScottK-laptop> arakthor and leonel: Please mark in the wiki what you are working on so there is no duplication of effort.
<arakthor> ScottK, alright. I will probably use another handle, kstewart, because I have it registered on launchpad ettc.
<ScottK-laptop> OK.
<leonel> ScottK-laptop: ok
<ScottK-laptop> I need to leave in about 5 minutes, so if you have questions, please ask them now.  I'll be back in a few hours.
<ScottK-laptop> I'm glad to review work in progress or answer questions.
<leonel> ScottK-laptop: will you be online tomorrow ?
<ScottK-laptop> Yes.  Most of the day.
<leonel> ScottK-laptop: ok I'll contact you
<arakthor> no questions atm, thanks.
<ScottK-laptop> Great.
<byte_slave> hi everyone!
<byte_slave> anyone here using heirloom.mailx the new "nail" to send emails from command line / cron?
<byte_slave> i've a script that executes "nail command" with no problem via commandline but via cron the email just doesn't go to the destiny recipients, and it produces the dead.letter
<byte_slave> anyone experienced this before?
<jmedina> byte_slave: any cron log?
<byte_slave> cron log just says "Aug 19 16:55:01 elsa /USR/SBIN/CRON[4588]: (root) CMD (/root/scripts/est_disk_space_monitor.pl)"
<byte_slave> no reference about any error or access denied or whatelse
<Fenix|work> Greetings!
<byte_slave> hi!
<Fenix|work> I have a question I'd like to prose.  I've recently upgraded from Gutsy to Hardy, and my ftp user disappeared from /etc/passwd.  Why would that happen?
<Fenix|work> byte_slave, how's it going?
<byte_slave> Fenix|work, not that good actually, nail just doesn't work sending email via cron....
<Fenix|work> nail? or mail?
<Fenix|work> I guess they're both the same thing :)
<Fenix|work> google tells me nail is a replacement for mailx
<jmedina> byte_slave: and why nail instead clasic mailx?
<byte_slave> i heard nice things about nail, and its simple to setup and supports smtp
<byte_slave> mail doesn't as far as i know
<Fenix|work> byte_slave, what are you trying to accomplish?
<byte_slave> well, simple... a perl script goes check disk space and if space lower than x% i receive an email
<byte_slave> manually script runs perfectly
<byte_slave> via cron not working
<byte_slave> cron is running the script as root
<byte_slave> should work i guess
<Fenix|work> are you using mail in your script?
<byte_slave> im using NAIL
<jmedina> byte_slave: mail doesnt what?
<jmedina> support smtp?
<Fenix|work> byte_slave, I understand NAIL will alias mail and mailx when you install for backwards compatability
<Fenix|work> compatibility
<byte_slave> no alias, NAIL is a very cool comamndline tool
<byte_slave> jmedina, i guess not, but anyway i guess to have mail working i should have a "full MTA" working and with "NAIL solution" i found i just use NAIL + msmtp
<jmedina> byte_slave: that is not true
<jmedina> you can use mailx +ssmtp
<jmedina> ssmtp it has support for SMTP AUTH, so you can send mail trough a mail relay host (smarthost)
<gsalah> hello all, i have installed pptp vpn server, but vpn-clients use my DNS server to resolve anything instead of their server
<byte_slave> maybe i was making confusion about "SMTP AUTH" which is actually what i need
<Fenix|work> jmedina, nail is heirloom-mailx in the package tree no?
 * Abron_Gru is back (gone 18:01:01)
<jmedina> Fenix|work: dont know, last time I used nail was in slackware about 3 years ago
<byte_slave> nail is now known as heirloom-mailx, thats true
<Fenix|work> used nail with gentoo, but I don't have a preference... I just install mailutils and everything works
<Fenix|work> or mail-utils, can't remember which connotation
<byte_slave> but mailutils installs exim right?=
<Fenix|work> byte_slave, just portions of it... not the full blown exim
<byte_slave> i'll try use mailx..... i'll remove nail and see what happens
<vladdY> i still cant get Raid1 to run properly, after I unplug one disk I'm unable to boot into ubuntu server
<vladdY> i have followed everything from https://help.ubuntu.com/community/Installation/SoftwareRAID#Troubleshooting
<vladdY> any clue
<Brazen> vladdY: this has been discussed lately on the mailing list.  Apparently, linux will not boot to a degraded RAID array.
<Brazen> your information is safe, but you will have to boot to a live CD and rebuild the array before you can boot back into it.
<Brazen> I haven't followed it too close though, as I've only used software raid to protect data drives, and never tried it for the /boot or root partitions.
<Brazen> I believe they are trying to get this patched in the kernel before the next Ubuntu release
<jmedina> Brazen: he doesnt need to rebuild the raid, only install grub in the mirror disk
<jmedina> well and rebuild initramfs
<ScottK-laptop> arakthor: I'm here briefly if you've come up with any questions.
<Brazen> Wouldn't grub already be installed in the mirrored partition?  Like I said, I didn't follow the issue too closely.
<ScottK-laptop> Brazen: You only boot from one, so no.
<arakthor> ScottK-laptop, what6's involved in the source code review?
<arakthor> ScottK-laptop, also, should I start with a dependency of SA or just the SA package?
<ScottK-laptop> arakthor: Review it for sound security practices.  If you aren't up for that, just say no.  It's not a hard requirement.
<ScottK-laptop> Do the dependencies first.
<arakthor> ok, thanks.
<ScottK-laptop> That way when SA gets done the answer to are all the depends in Main will be yes.
<uvirtbot`> New bug: #259477 in mysql-dfsg-5.0 (main) "mailx should not be Recommends" [Undecided,New] https://launchpad.net/bugs/259477
 * ScottK-laptop runs to mark that confirmed.
<vladdY> do you guys have any reference to that mailing list thread on booting from degraded raid1
<vladdY> also, forgot to mention, this is software raid too, running on 2 disks
<jmedina> Brazen: did you try those instructions?
<jmedina> from https://help.ubuntu.com/community/Installation/SoftwareRAID
<ivoks> hi all
<ivoks> zul: ping? :)
<sommer> ivoks: yo
<ivoks> wazup? :)
<sommer> same old, same old... good times, heh
<zul> ivoks: yo
<ivoks> nice
<ivoks> zul: yeah... um... those bacula bugs
<ivoks> zul: http://launchpadlibrarian.net/16211559/bacula-2.debdiff
<zul> ivoks: uploaded that this morning
<ivoks> zul: that's a patch for bacula in -proposed
<ivoks> in intrepid, right
<ivoks> but how about hardy?
<zul> and in hardy-proposed
<ivoks> that patch solves SRU problems
<ivoks> ok
<zul> its sitting there waiting to be accepted
<uvirtbot`> New bug: #259479 in php5 (main) "php5 crashed with SIGSEGV in _Unwind_ForcedUnwind()" [Undecided,New] https://launchpad.net/bugs/259479
<vladdY> can someone please confirm that solution from https://help.ubuntu.com/community/Installation/SoftwareRAID works
<ivoks> let' see
<ivoks> vladdY: yes
<_jmedina> vladdY: why dont you ask kirkland, I think he wrote the doc and he is working on that theme for intrepid inclusion
<vikram> Is there a static version of bash and friends i can use on ubuntu server?
<vikram> or at least anything not linked against libselinux
<vikram> trying to apt-get remove libselinux looks really scary since it tries to pull everything out
<ivoks> why would you remove it?
<ivoks> selinux isn't enabled on ubuntu, by default
<ivoks> applications are compiled with support for it, if someone decides to enable it
<vikram> i know, i just dont want a userspace with libselinux support for it
<vikram> is there a version of ubuntu with a clean userspace?
<ivoks> then you'll need to recompile... everything :)
<ivoks> clean userspace?
<ivoks> what's clean?
<vikram> just libc and libssl/tls, the basics
<ivoks> bash is clean :)
<ivoks> you know libc can be compiled with support for lots of things, so having only libc isn't a guaranatee that something is clean, whatever that means
<zul> or your could use gentoo ;)
<zul> whois vikram
<zul> doh..
<ivoks> :)
<ivoks> i don't think gentoo is clean
<ivoks> anyway... take care...
<vikram> zul, i is who i is
<uvirtbot`> New bug: #259538 in samba (main) "computer reboots during winbind configuration" [Undecided,New] https://launchpad.net/bugs/259538
<AlexC_> hey,
<AlexC_> I have my main domain that I use for the server, eg: example.com and with that I have mail.example.com that is used for all email. Other domains, say 'domain.com' are hosted there and all email is sent and received via 'mail.example.com' - though the email addresses are still 'foo@domain.com'.   I'm wondering if I have to set an MX record for the 'domain.com' zone that points to 'mail.example.com'
<ScottK> Yes.
<AlexC_> I currently don't set this, and it works fine. The reason I use mail.example.com instead of mail.domain.com for all other domains is that I use SSL/TSL for it, and so the certificate only covers mail.example.com
<ScottK> In the absence of an MX record, one is supposed to try and deliver to the A.
<ScottK> If it's all on the same box it'll work.
<AlexC_> ScottK, ok, so before I was basically relying on an undocumented feature/correction thingy, and I should really set the MX record for it?
<ScottK> I do not, however, recommend relying on the implicit MX rule.
<AlexC_> ok, that's what I thought - I'll make sure I set it now
<ScottK> It's documented in RFC 821 and 2821, it's just not something I'd be so certain people get right that I rely on it.
<AlexC_> true
<_jmedina> AlexC_ it is a good practice to use MX record for every domain, not all the MTA out there know how to act when they can't find a MX record
<AlexC_> thanks very much ScottK _jmedina
<_jmedina> Alexc_ and your config is ok for SSL/TLS and single IP with multi domains
<_jmedina> the same when you use SPF
<AlexC_> wont it complain that the cert is for a different domain?
<_jmedina> when?
<vladdY> just wanted to say that
<AlexC_> if I used mail.domain.com instead of mail.example.com
<vladdY> oops
<AlexC_> since the SSL cert is for mail.example.com
<vladdY> https://help.ubuntu.com/community/Installation/SoftwareRAID does work, thank you very much for great work on ubuntu server
<vladdY> and for support :)
<_jmedina> vladdY: so what was the problem?
<vladdY> i dont know, i think i didn't wait 180 seconds :)
<vladdY> just did clean reinstall, switched it few times back and forth disconnecting each hd and worked everytime
<ScottK> _jmedina: He's right.  Most MUAs will warn for that.
<vladdY> i was able to rebuild array and everything worked without any problems, including postgresql
<_jmedina> ScottK_ the he needs to setup MUAs with mail.example.com or whatever the cert's CN says
<ScottK> Right, so it's less complex if he just uses that for everything.
<kirkland> sommer: _jmedina and vladdyy are asking about a RAID document above
<kirkland> sommer: it's incorrectly attributed to me...  I didn't write it :-)
<kirkland> sommer: though I've written a lot of patches on the matter lately
<pschulz01> What is the difference between mailx and mailutils?
<pschulz01> (In terms of functionality)
<pschulz01> wantok: Morning
#ubuntu-server 2008-08-20
<uvirtbot`> New bug: #259595 in samba (main) "synaptic unable to install - broken dependency samba-common" [Undecided,New] https://launchpad.net/bugs/259595
<pschulz01> What is the best way to get a package listing with versions?
<sommer> kirkland: ya, I posted a couple of links concerning RAID, and since you're the raid master now, the props go to you :-)
<sommer> pschulz01: dpkg -l > yay_packages.txt
<pschulz01> sommer: Ta :-0
<pschulz01> sommer: Thanks.. together with a git controlled /etc this gives what I want.
<sommer> np
<pschulz01> sommer: What is the state of the current 'ubuntu-server' documentation?
<sommer> pschulz01: here's a link to the most updated content on the web: http://doc.ubuntu.com/~mdke/test/serverguide/C/
<sommer> pschulz01: there's newer content in the bzr branch: bzr branch lp:ubuntu-doc
<pschulz01> sommer: I am in the position where I can offer some paid work to some local 'interns'..  and updaing the serverguide would be good use of this resource.
<sommer> pschulz01: sweet, the apache section needs some love... I was thinking of adding instructions for a2enmod, a2ensite, etc
<sommer> pschulz01: also a big help is to just work through the current sections and make sure things like package names, path names, etc are still valid
<pschulz01> sommer: That could e a good introductory excersise.
<sommer> pschulz01: also a good learning experience :)
<pschulz01> sommer: These guys a keen, but complete newbies.
<sommer> heh, I remember those days... ah youth
<Sylphid> could someone point me to a guide to set up raid1 post install without loosing data? ... i tried this one > http://gentoo-wiki.com/HOWTO_Migrate_To_RAID < but im having problems booting to the new raid partition
<uvirtbot`> New bug: #259609 in samba (main) "package samba 2:3.2.1-1ubuntu1 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/259609
<ari_stress> good morning guys :)
<unewbi1> morning
<ari_stress> what's the topic?
<unewbi1> how to install mysql connector for java?
<ari_stress> ugh, that's hard
<ari_stress> i dont know
<unewbi1> anyone?
<michalski> does anyone know how to change the default runlevel in ubuntu?
<ScottK> michalski: What problem are you trying to solve?
<michalski> ScottK: when my computer boots it goes into runlevel 3, I need it to go into 5
<michalski> *want it
<ScottK> Why?
<ScottK> I'm not sure what you think this will accomplish?
<michalski> I jst recently customized the runlevels using sysv-rc-conf and now it send it off to 3
<michalski> (it will send me into a graphical session?)
<ScottK> Right because in Ubuntu 2 - 5 all do the same thing.
<michalski> unless customized...
<ScottK> Yes.
<ScottK> I guess I still don't understand why.
<michalski> I would want to do this?
<ScottK> Yes.
<ScottK> Note that unless you're on Dapper you're using Upstart with sysv emulation and not a try sysv init system.
<michalski> different environmental conditions change around my server causing me to want to change runlevels at moments notice, eg: powergoes out; server going down for maintenence; unauthed user detected, ect...
<michalski> pardon?
<ScottK> Ubuntu doesn't use the traditional sysv inits.  It has Upstart instead.  Upstart emulates sysv very nicely, but it is a different system.
<michalski> (what is upstart.....)
 * ScottK hands michalski http://en.wikipedia.org/wiki/Upstart
<michalski> ah
<michalski> so why would this be a problem...we can still change the booted runlevel right?
<ScottK> My recommendation is that althought the sysv init emulation in Upstart has been very well tested for normal use, you might be making different assumptions about normal use than the Upstart author did.
<ScottK> I would assume, but I've never needed to do it.
<michalski> hmm
<ScottK> BTW, I didn't know until I read it there that Fedora had started using it.
<michalski> hey I found it! /etc/inittab
<michalski> theres a section in there for default runlevel
<michalski> ...if the file existed :s
<ScottK> I think that only even exists if you upgraded the system from Dapper.  Dunno if it still does anything or not.
<michalski> i've only been using ubuntu since 7.04
<michalski> i was just thinking....if you can specify the runlevel at boot (via manual input to grub), can't I just modify /boot/grub/menu.lst?
<michalski> ok back in 10 gonna try it
<nodoubt> rndc: error on bind restart??
<clusty> hey
<clusty> some distro's force users to have strong passowords
<clusty> is it possible to automatically enfore a few rules in all users passwords?
<clusty> i mean that will change then from now on
<`6og> yes it is.
<`6og> pam-cracklib would be a place to start
<sven-tek> Hi there! I have gone through the testing steps at https://wiki.ubuntu.com/EncryptedPrivateDirectory#Testing . I have got this: http://nopaste.biz/49942 "not such device"
<kirkland> sven-tek: okay, does /home/shaggy/Private and /home/shaggy/.Private exist?
<sven-tek> yes, they are directories
<kirkland> sven-tek: ls -alF ~/.ecryptfs
<sven-tek> http://nopaste.biz/49943
<kirkland> sven-tek: which mount.ecryptfs_private
<kirkland> sven-tek: ls -alF `which mount.ecryptfs_private`
<kirkland> sven-tek: mount.ecryptfs_private
<sven-tek> here it is: sven-tek@bluebox:~$ which mount.ecryptfs_private
<sven-tek> /sbin/mount.ecryptfs_private
<sven-tek> sven-tek@bluebox:~$ ls -alF `which mount.ecryptfs_private`
<sven-tek> -rwsr-xr-x 1 root root 9632 2008-08-15 21:12 /sbin/mount.ecryptfs_private*
<sven-tek> the .last filenameit is backgrounded red
<sven-tek> But file seems to be okay: file /sbin/mount.ecryptfs_private
<sven-tek> /sbin/mount.ecryptfs_private: setuid ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), for GNU/Linux 2.6.8, dynamically linked (uses shared libs), stripped
<sven-tek> oh moment, iam running a custom bulid kernel. Are there any modules involved?
<sven-tek> kirkland, sorry its my fault!
<clusty> `6og, thanks. have some example for ubuntu? I found just some redhat stuff that claims to have been patched in some specific way
<ghaleb> hello, I have installed pptp vpn server,  but my clients suffer from very low service, what u think the reason could be
<hubuntu> This may be a dumb question, but I just have to ask: After installing drupal in Hardy, how can I mount a site with it? I have no idea on how to set up a site with it. Is there a sh script or something to run in a desired directory?
<hubuntu> I'm clueless, really...
<hubuntu> normally I just untar the file from drupal.org in a directory and there I install it, but since I'm using Ubuntu server I wanted to figure out how that works
<hubuntu> thx in advance
<jpds> hubuntu: Look at where it installs it: dpkg -L drupal
<Kamping_Kaiser> clusty, no i dont, sorry
<pschulz01> Kamping_Kaiser: !!!
<Kamping_Kaiser> :O
<hubuntu> found it. Thanks jpds! Now I just have to figure out how to make another drupal site on, say, a user home... anyone?
<Kamping_Kaiser> hubuntu, that sounds like the sort of stuff which would be covered in the docs ... (/usr/share/doc/$packagename/)
<hubuntu> yes Kamping_Kaiser, I found out. Thx
<didrocks> hi everyone
<hubuntu> hi didrocks
<didrocks> I am interested in working on ufw integration (now that removing multiuser tag is done :))
<didrocks> I saw this page, can I directly edit it to assign, let's say apache2 and openssh for a begining ? https://wiki.ubuntu.com/ServerTeam/Roadmap#UFW%20Package%20Integration
<hubuntu> didrocks, probably it's ok, but it would be better to coordinate your effort with Jamie: https://wiki.ubuntu.com/JamieStrandboge
<hubuntu> in that way he will know, and if there's work done into that, he will surely know where to point you at
<didrocks> yes, he seems to not be there at this time. I will send him an email, thx :)
<byte_slave> hi everyone, good afternoon!
<hubuntu> hi byte_slave
<didrocks> hi byte_slave
<byte_slave> how can i completly uninstall a package even the /etc config files
<byte_slave> i used apt-get remove --purge packagename but /etc files remain
<hubuntu> erase those
<byte_slave> no prob to do that manually?
<hubuntu> not really, but you mjst be sure nothing else is using those files
<hubuntu> what program is it you want to uinstall?
<byte_slave> i installed mailx and sendmail
<byte_slave> but i want completly uninstall all this and start from zero
<byte_slave> so i have yet files in /etc/mail and /etc/mailrc
<hubuntu> you should be careful there... anyone has some advice to share?
<Kamping_Kaiser> byte_slave, you can either reinstall it, or `dpkg -l $package` and remove the files listed by hand
<byte_slave> great, i ran that seems cleaned :)
<hubuntu> dpkg -l is really useful, I can't believe I had forgotten such a feautre existed. Can it be used to find a certain library as well?
<hubuntu> like libjpeg or something?
<hubuntu> libjpeg.so or what the name was (needed for livecam.sourceforge.net)
<sommer> morning
 * delcoyote hi
<byte_slave> question: i removed mailx and sendmail but sendmail command and mail command still in /usr/bin is that supposed?
<uvirtbot`> New bug: #259740 in bind9 (main) "DNS: not able to use IPv6 Resolvers" [Undecided,New] https://launchpad.net/bugs/259740
<xiaopi> Did somebody manage to boot from an iso with last ubuntu-xen-server with an HVM kernel VM ?
<xiaopi> Tryed all the tap:aio: / mount / losetup to loop methods
<xiaopi> none made the trick, stuck at bios after : Booting from CD-ROM ...
<byte_slave> i forgot the apt-get autoremove i guess :) now my question above is answered
<vikram> How do you boot into single user mode?
<vikram> a la init 1 ?
<verwilst> hellow
<verwilst> you guys know a solid SATA RAID card that works perfectly with hardy server?
<verwilst> i know about areca, but that's 400 EUR :) something a bit cheaper but still reliable out there?
<fromport> a secondhand areca/3ware ? ;-)
<\sh> don't compare 3ware and areca...*grmpf* slow but stable vs. fast but unstable, at least our arecas here :(
<vikram> init-top in the initrd, is that called before init is executed or just after?
<maswan> We have a couple of new arecas here that seems to work fine. The previous test a couple of years ago made us not want them at all though. So things might have improved.
<maswan> But out of choice I'd go for a 3ware card
<axisys> after updating the update-initramfs do I need to reboot.. unfortunately on server udont get the reboot request like in client :-(
<verwilst> hm
<verwilst> and what about lsi megaraid?
<verwilst> that's a lot cheaper :)
<verwilst> areca = 490EUR, 3ware +- 270, lsi 170
<verwilst> ive seen megaraid modules a lot, i think dell uses those, right?
<maswan> well, if you want to go the software raid path, you can get by with a resonably cheap plain sas/sata card
<verwilst> nah no software raid
<verwilst> i have software raid now
<maswan> megaraid in general is horrible, but there might be a decent one or two under that name too
<verwilst> maswan: define horrible?
<maswan> verwilst: weird crappy management, strange performance issues, not very reliable
<verwilst> hm
<verwilst> maswan: dell uses those too eh?
<maswan> verwilst: yes, but with a different firmware
<verwilst> oh
<verwilst> so a second-hand 3ware would be my best bet?
<maswan> So it'd depend on how old a dell raid it is, etc. Some of the older ones were really bad.
<maswan> I don't keep up much with recent dells, we don't buy them anymore
<verwilst> well my server is fully intel
<verwilst> but i want to get rid of my software raid
<verwilst> i have 1 raid 5 now with 3 disks
<verwilst> and /boot on software raid = troubles i heard
<maswan> ah, well, software raid1 is fine, but other raid levels might be troubles.
<maswan> but if you want reliable, I'd recommend 3ware
<verwilst> maswan: http://www.descom.be/shop.php?cPath=87 < but which one :P
<verwilst> so many to choose from
<verwilst> 4ports , that's for sure
<\sh> smartarray ;) but this means switching to hp
<verwilst> i guess all of them are supported?
<\sh> but imho they are using lsi nowadays too
<maswan> verwilst: sure. the higher numbers are usually faster.
<maswan> \sh: since quite some time, IIRC. but totally different firmware.
<\sh> maswan: yes...I'll wait for my new dl365 + p800i
<\sh> it will replace these areca storage machines
<maswan> \sh: our latest storage adventure is a dl185 running opensolaris and zfs. there the p800i had crap performance, so we replaced it with a plain sas card and suddenly it was very speedy.
<\sh> attached to it a msa60 + 12x 750GB sata drives...
<\sh> maswan: I just need the p800i because of the external storage...
<vikram> Is there a way of removing apparmor?
<elventear> Anybody using Xen on ubuntu-server?
<nodoubt> MUST a bind authoritative dns server be a dns caching server inorder for local network computers to be succesfully served a webpage hosted within local network ?
<nodoubt> or can a dns server NOT B a caching server?
<Sp0tter> So i locked myself out of root form my server (located far away) by overwriting my group permision when I moved myself to the ftp group i created, and this was before i knew the install didn't set the root pw.  anyways is there a way to run apache web server from within my home directory without installing it ?
<Sp0tter> I can't access the config files for it where the are from my account
<AlexC_> g'morning
<AlexC_> should I ideally set the delay_warning_time of Postfix to something other than 0h?
<ScottK-laptop> AlexC_: Why do you want to change it?
<ScottK-laptop> 4 hours is sort of normal, if you need it at all.
<AlexC_> I'm just wondering if I should actually need it, ideally
<lamont> nodoubt: all BIND instances have a cache.. :)  If the machine is authoritative for everything it serves, there is no need for it to allow recursion for anyone (which would mean it never got non-authoritative data into the cache)
<AlexC_> default is 0h, which is off basically
<lamont> AlexC_: it's zero by default because many people don't want the spamage from the mail server telling them that 4 hours has gone by
<ScottK-laptop> User can't do anything except complain to an admin.  Decide if that's a bug or a feature.
<AlexC_> =) I'll keep it off then
<frith> what is the difference between using the basic server install cd and jeos?
<zul> jeos is optimized for vms
<frith> if i created a lvm from two drives and the second fails, what will happen?
<jmedina> frith: you mean al Volume Group made of 2 PV?
<frith> yes
<frith> i haven't really used lvm
<jmedina> frith: the use it and trye that
<jmedina> you can try it with filebased volumes
<frith> saying that i don't know what is the best configuration to go with for my server
<jmedina> lvm is only volume manager, if you want protection you need to setupo lvm over RAID
<frith> i have one raid5 volume ~400gb and one mirrored pair 300gb
<jmedina> frith: well, we dont know the purpose of your server
<frith> me either :)
<frith> i think i want to use kvm
<jmedina> never used kvm only xen
<frith> kvm seems to be the way to go
<frith> i want to test out different stuff
<frith> i guess i will forget about the 300gb for now
<frith> i am not sure about its reliability
<jmedina> frith: why?
<jmedina> it is raid1, isnt it?
<jmedina> we use sofware raid1 in most of my and customers servers
<frith> jmedina, i rescued both disks from a blown disk array
<frith> the 300gb drives that is
<frith> i figured it out
<frith> raid pair for home and the raid 4 volume for vm's
<frith> now i need to think of a good domain name
<uvirtbot> New bug: #259827 in apache2 (main) "Please sync apache2 2.2.9-7 (main) from Debian unstable (main)." [Wishlist,Confirmed] https://launchpad.net/bugs/259827
<gsalah_> hello, is the pptp vpn server should be the gateway for others servers ?
<frith> hmm i thought opterons supported hardware virtualisation
<jmedina> not all
<frith> sigh
<frith> i guess its not big deal
<jmedina> only if you want to install windows
<jmedina> with paravirt works well with opterons at least with xen
<jmedina> we have about 30 vms running with paravirtualization in one server
<frith> wow
<frith> how many cores?
<jmedina> 2 dobule xeon
<frith> its funny, i can buy a 32gb server with 8 cores with 4tb for 2.5k
<frith> are they all pretty much idle?
<jmedina> 2.5K?
<frith> Â£2500
<lukehasnoname> oh haha
<jmedina> pretty cheap, I remember 2 years I spent 5k for 8 cores, 4GB and 1TB
<lukehasnoname> frith, I thought you meant $2500
<frith> i don't know how much systems are in the states
<Brucevdk> SSH question, is it possible to define either the use of public keys or passwords on a per account/user basis? E.g. a user designated "has key" should not be able to login with a passwords, temporary low-level accounts are allowed to login with a password. Non-designated accounts should not be able to connect over SSH.
<frith> i should ebay my current servers and replace them with one machine
<jmedina> Brucevdk: I think in the newests releases of openssh you can manage groups
<frith> ssh has been able to do groups for ages
<frith> allowgroups iirc
<frith> or group allow
<Brucevdk> That still wouldn't allow the finely grained permissions I was talking about though, would it?
<jmedina> http://www.openssh.com/txt/release-5.1 I think it is match groups and match addresses
<jmedina> frith: yeap they only use global configs, not per user
<Brucevdk> Think I'll just drop this idea for now then, when I use `AllowGroups ssh` does Deny all other groups?
<michalski> not nessecarily, you would just need to be part of the ssh group to be able to login
<michalski> ,via ssh
<AdrianN> hello can any1 help me if possible pls?
<AdrianN> i have a server with the internet working on it... eth0 with a static ip adress, i have there 4 more networks cards each one with another ip adress all up working, eth0 has: 191.191.2.1,eth2:192.168.0.2,eth3:192.168.0.3,eth4:192.168.0.4.
<AdrianN> all are static ip's
<AdrianN> after those 4 cards will be clients, how can i make the routes so i can give to the clients another class of IP's, like: 192.193.2.*
<uvirtbot> New bug: #259844 in samba (main) "Samba share permissions not migrated to Intrepid, not working?" [Undecided,New] https://launchpad.net/bugs/259844
<frith> how can i get the current speed of my cpu's ?
<jmedina> cat /proc/cpuinfo
<frith> but does that give the speed if they have throttled down?
<frith> oh yes it does
<frith> right time to get power management working
<frith> powersaved ? is that the best thing to use?
<frith> ah there we go :)
<ScottK> leonel: Are you around.
<Brucevdk> jmedina, and others: thanks for the help, I've decided to go with AllowGroups + PasswordAuthentication for now. If needed I'll try and see if more finely grained permissions are possible. Thanks again
<jmedina> Brucevdk: you are welcome
<nxvl> kirkland: just commented un update-motd
<nxvl> kirkland: it has a minor issue i posted there everything you need
<nxvl> brb
<frith> is it wrong of me to arrange the disks in my rack so i can write words?
<uvirtbot> New bug: #256563 in openvpn (universe) "Arbitrary code execution in 2.1 prior to 2.1-rc9 (dup-of: 256621)" [Undecided,New] https://launchpad.net/bugs/256563
<frith> ooo compiling a kernel is like watching pain dry
<frith> hmmm, not very impressive, only slowed down my server from 2.2ghz to 1.8
<frith> surely it can go down to 1ghz or something
<slavik> any idea why the cups web interface would freeze when selecting make/model of the printer?
<jmedina> slavik: have you check the logs?
<slavik> Aug 20 17:37:55 upserv kernel: [11226.466619] audit(1219268273.160:13): type=1503 operation="inode_permission" requested_mask="a::" denied_mask="a::" name="/dev/tty" pid=8392 profile="/usr/sbin/cupsd" namespace="default"
<jmedina> I mean cups logs
<slavik> E [20/Aug/2008:16:31:54 -0400] CUPS-Add-Modify-Printer: Unauthorized
<slavik> no idea why
<slavik> when I select 'HP' in the make list, the web interfaces takes a while to respond (it just comes up with a blank page after that)
<slavik> E [20/Aug/2008:16:31:16 -0400] PID 6902 (/usr/lib/cups/cgi-bin/admin.cgi) crashed on signal 9!
<slavik> that also seems relavant
 * jmedina loves kde printer interface
 * slavik loves gnome printer interface
<slavik> but this is a server install (no X)
<jmedina> slavik: have you tried lpadmin?
<slavik> hmm
<slavik> I used it to add printers, but what I tell it the make is so that it uses the proper driver?
<slavik> then again, the first time I tried to add a printer, it worked ...
<slavik> should I try purging cups and reinstalling it?
<slavik> it stops working when I click 'Continue' on the page to select the manufacturer (or upload the ppd file)
#ubuntu-server 2008-08-21
<Jay2> once when I get my apache server up and running for windows xp I well be also putting in a server for all futuer software for ubuntu-server for all people to download
<juannicolas> Hi, I have been searching in the net how to do a fail over with 2 differents ISP and how to make the machine to switch each time one of the ISP stop respoding ping and also to forward internet.
<JoshPritchard> hello
<JoshPritchard> I'm trying to setup my ubuntu server
<JoshPritchard> Is anyone here?
<kgoetz> no. everyones dead
<RoAkSoAx> !ask
<ubottu> Please don't ask to ask a question, ask the question (all on ONE line, so others can read and follow it easily). If anyone knows the answer they will most likely answer. :-)
<JoshPritchard> is there anyone here that is knowledgable on how to setup a DNS, web and e-mail server w/Ubuntu?
<RoAkSoAx> JoshPritchard, web server is easy
<RoAkSoAx> DNS too
<JoshPritchard> RoAkSoAx: would you be willing to help me figure it out
<JoshPritchard> the IP is 99.170.178.126
<JoshPritchard> I have LAMP setup on it, but am having trouble with the DNS part, I think
<RoAkSoAx> JoshPritchard, It works!
<RoAkSoAx> that's what it shows
<JoshPritchard> right
<JoshPritchard> I also installed Bind9
<JoshPritchard> and I thought I got all the DNS settings correct
<JoshPritchard> but when I dig
<JoshPritchard> it doesn't work
<JoshPritchard> and I'm brand new at linux, and so I don't really even know where to begin to troubleshoot
<RoAkSoAx> ;; ANSWER SECTION:
<RoAkSoAx> 99.170.178.126.		0	IN	A	208.69.32.132
<JoshPritchard> what does that mean?
<RoAkSoAx> JoshPritchard, for DNS server first try this: http://doc.ubuntu.com/ubuntu/serverguide/C/dns.html
<RoAkSoAx> you can also find webserver config there
<RoAkSoAx> JoshPritchard, good tutorial for a complete server is: http://www.howtoforge.com/perfect-server-ubuntu8.04-lts
<JoshPritchard> RoAkSoAx...I did that perfect server setup
<RoAkSoAx> JoshPritchard, you trying yo create a hosting web server or something?
<JoshPritchard> yes
<JoshPritchard> I want to host 3 websites
<JoshPritchard> I have them on a shared server now
<JoshPritchard> http://99.170.178.126/jkp0007
<JoshPritchard> its not showing properly
<RoAkSoAx> JoshPritchard, so webserver is working,
<RoAkSoAx> you need to get DNS server working?
<JoshPritchard> yeah
<RoAkSoAx> JoshPritchard, follow http://doc.ubuntu.com/ubuntu/serverguide/C/dns.html to get the domains of the ones who you gonna host
<JoshPritchard> do you think I should remove bind9
<JoshPritchard> and then reinstall it
<JoshPritchard> to clear all of what i've already setup?
<RoAkSoAx> JoshPritchard, not necessary... just create new config files and follow the serverguide so you can do it the right way
<RoAkSoAx> i'm not experienced in setting up hosting servers
<JoshPritchard> do you know how to look at an error log?
<RoAkSoAx> JoshPritchard, error logs are usually located in /var/log
<RoAkSoAx> JoshPritchard, i always use: tail -f /var/log/syslog (for example)
<JoshPritchard> yes, that's it!
<JoshPritchard> I don't know how to do anything in Linux..its been slow going, all of this
<RoAkSoAx> JoshPritchard, just practice a lot and i'll be easy :)
<JoshPritchard> do you know of a place that I could get someone to ssh in and help me setit up?
<RoAkSoAx> JoshPritchard, i don't think someone's gonna recommend you to do that...
<JoshPritchard> why's that?
<RoAkSoAx> JoshPritchard, security issuis.. i wouldn't trust a server to someone i don't know :P
<JoshPritchard> hmm
<JoshPritchard> ok
<ScottK> There are probably several people idling on the channel who do this sort of thing, but it really is better you do it yourself.
<JoshPritchard> I've been trying for 3 days now...I definitely want to learn it
<JoshPritchard> I just looked at the error log
<JoshPritchard> how do I get out of it?
<JoshPritchard> back to the # prompt
<ScottK> How did you get to it?
<JoshPritchard> tail -f /var/log/syslog
<RoAkSoAx> JoshPritchard, ctrl + c
<JoshPritchard> thanks!
<JoshPritchard> do you know how to test if postfix is setup properly?
<pschulz01> Greetings...
<pschulz01> It has been pointed out to me that the ubuntu-server default installation has a world readable /root directory. Is this necessary? Should it be considered a problem?
<J-_> Should I use dar to backup my /var/www directory?
<lolight> can i make my 7.10 server using desktop envi? and will it affect the security and performance of the server?
<juannicolas> !faikover
<ubottu> Sorry, I don't know anything about faikover
<juannicolas> !failover
<ubottu> Sorry, I don't know anything about failover
<juannicolas> !bond
<ubottu> Sorry, I don't know anything about bond
<fungo> there's a way to remove everything i installed but what the installer did or packages that forms the "base" of the system
<fungo> ?
<kraut> moin
<Ontolog> I am trying to install the tarball distro of 5.1 64-bit on 64-bit Ubuntu Server. When I run the scripts/mysql_db_install command I get this error: ./bin/mysqld: error while loading shared libraries: libstdc++.so.5
<Ontolog> while libstdc++.so.5 is not under /usr/lib, libstdc++.so.6 is
<Ontolog> anyone have an idea what is going on and how to solve it?
<\sh> Ontolog: what's a "tarball distro" ? I think you are trying to install mysql 5.1 pre-compiled? looks like they don't use the latest libs for their builds...
<Ontolog> yes the tarball distribution of mysql
<Ontolog> so just installing libstdc++5 should be ok?
<Ontolog> won't duck up other things?
<\sh> dunno...I'm using only the ubuntu releases of mysql...
<\sh> at least...no ubuntu problem...but mysql...
<Ontolog> haha the mysql people said not mysql problem ubuntu
<Ontolog> so funny
<youngmusic> could anyone tell me what the difference is between mysql and mysql-ndb in the init scripts? And do I have to run them both?
<youngmusic> oh, there is even a mysql-ndb-mgm one... The reason i ask is because i'm setting up a heartbeat server. And i don't know if i can just run the mysql service or that i would have to do these first.
<youngmusic> can someone tell me how to change my domainname? "hostname -fqdn" gives me only my hostname on one server. On the others it gives the hostname as well as the domain name, as it should be. I do not have a dns server setup, so this must be in some file. Only i do not know which one. It's not /etc/hostname, that is certain.
<Abracadabra> hi
<Abracadabra> can someone remind me the command to clone a user ?
<Abracadabra> actually, not remind me, just to tell me :)
<soren> youngmusic: /etc/hosts
<soren> Abracadabra: I'm not familiar with any such command.
<Abracadabra> oh ok
<Abracadabra> so I have to adduser and manually add everything ?
<thefish> Abracadabra: you want to completely copy ever aspect of the user?
<thefish> even the uid?
<Abracadabra> thefish, I am a windows admin. I am now being thrown in the deep end to be a Linux admin....I was wondering how to create an account with the same group and accesses as myself
<soren> Abracadabra: Define this "everything"
<soren> Abracadabra: Ah, ok.
<soren> Abracadabra: Er.. Well, it's rather straightforward, really. You create the user, and use something like "id" to see which groups you're a member of and add him to them. You can create a small script to do it, if it's something you think you'll need often.
<thefish> Abracadabra: ok fair enough - not 100% sure about groups, but check out /etc/skel for files - this will be copied to the users new ~ when you create them
<thefish> Abracadabra: you want another admin? (another user who can use sudo)
<thefish> Abracadabra: but to have the exact same groups as you, something like sudo adduser --ingroup `groups` (ive not tested that!)
<thefish> Abracadabra: actually check out the adduser man page, theres some quite interesting stuff you can do
<thefish> actually Abracadabra you probably want the add_extra_groups option ;)
<AlexC_> hey
<AlexC_> I can't tell from the Postfix docs, however will an entry in the file for 'virtual_alias_maps' such as: @example.com @example.org   rewrite all mail for anything@example.com to anything@example.org ?
<ozus> anyone here with amd64 and xen 3.2.1-rc1-pre.
<chmac> When I run screen on my server, I can't see what window I'm currently in
<chmac> On redhat machines the default is to show that as the "title" of my terminal
<chmac> Anyone know how I can set that up in Ubuntu?
<cynicismic> man screen
<chmac> cynicismic: :)
<chmac> cynicismic: I copied /etc/screenrc from fedora to ~/.screenrc - seems to have done the trick
<_ruben> bugger .. my /dev/random is 'empty' ...
<cynicismic> that'd do it :)
<cynicismic> the default gentoo .screenrc is quite nice as well
<uvirtbot> New bug: #260060 in dhcp3 (main) "prepend domain-name-servers ignored for ppp0" [Undecided,New] https://launchpad.net/bugs/260060
<soren> cynicismic: Please file a bug if you think the defaults should be different. There's no point in us providing lousy configs by default.
<chmac> If I want to only send mail on a server, do I need to install postfix, or is there something lighter / simpler?
<chmac> I won't accept connections on port 25, except from localhost
<chmac> My mail all comes into a separate box, but some web apps will want to send mail
<ikonia> chmac: postfix is pretty much one of the most simple SMTP services
<ikonia> chmac: things like sendmail are much more complex
<chmac> ikonia: Ok
<chmac> ikonia: I was surprised by the list of dependencies, openssl-blacklist and ssl-cert
<ikonia> chmac: well, thats for if you want to use things like TLS
<ikonia> chmac: it will work without them but balancing basic functionality against peoples needs is a tough line to walk
<chmac> ikonia: Is TLS used from one server to another, or only from mail client to mail client?
<chmac> Sorry, mail client to server
<ikonia> chmac: can be either
<ikonia> or both
<chmac> ikonia: Ok, cool
<chmac> Two dependencies is not a big deal, I just wondered if there was an alternative, thanks for clarifying
<ikonia> chmac: there are alternatives, sendmail, qmail, exim, etc etc
<ikonia> chmac: but postfix or exim are probably the most straight forward
<chmac> ikonia: Ok, I'll go with postfix as it's the ubuntu default I believe
<ikonia> sendmail is a smaller program though, but when you consider how much any of them take up, is it really worth it
<ScottK> Postfix is the standard MTA for Ubuntu.
<chmac> ikonia: Thanks again
<\sh> damn.he's gone..if he just wants to get mail from a machine to a relay or hub, he could use ssmtp
<AlexC_> I've a weird problem with Postfix/Dovecot, it all works perfectly when sending emails between accounts hosted on my server, I can also send to accounts outside of it (such as my Google Mail account). However, I am unable to send email from my Google Mail to an account that is hosted on my server, there is nothing in the logs to help me out, I'm wondering if anyone has an idea as to where to start debugging?
<ikonia> AlexC_: does your server show it hitting your box at all
<ikonia> AlexC_: is your isp blocking port 25 incoming ?
<ikonia> AlexC_: are you blocking port 25 incoming
<AlexC_> ikonia, no to all 3. However, I'm thinking this may be a DNS issue. See, I'm moving servers over slowly, currently moving my 'main.example.com' over. I thought I had it all working so I updated the DNS zone to point that subdomain to the new server IP, However, I've just moved it back to the original server IP and it looks like the mail has ended up there (since I just got the email)
<ikonia> yup, always leave 24/48 hours for dns changes to effect the outside world
<ikonia> if you can see mail appearing on the old server, your fine
<AlexC_> ikonia, ok, thanks =)
<lamont> ikonia: that's a wonderful oversimplification of dns change propagation :-)
<ikonia> lamont: glad it got it across ;)
<lamont> you notice I'm not jumping in to correct it with unnecessary accuracy
<ikonia> lamont: bottom line is - mail is going to the old server, dns is pointing there
<lamont> right
<lamont> there was the fun day that I discovered I'd started with the wrong zone file, and therefore had a 1 week TTL on the A RR for a web site... and it moved with about 24 hours notice.
<fbond> Hi, does Server Edition use the -server kernel by default?
<lamont> explaining that to a bunch of very non-technical people (the site will move to the new one over the course of the week, with most people seeing it immediately, just not you guys and people at your ISPs, thanks)
<lamont> that was very,uh, fun.
<fbond> I'm trying to figure out the inconsistent reports I've seen regarding Server Edition on VIA CPUs.
<fbond> See https://bugs.launchpad.net/bugs/254453
<uvirtbot> Launchpad bug 254453 in linux "Ubuntu 8.10 Alpha-3 Intrepid Ibex - Via C3 CPU not Supported" [High,Confirmed]
<fbond> That bug is regarding Intrepid in general, but I'm simultaneously fielding questions from a user having issues with 8.04 Server Edition.
<ikonia> lamont: I appriciate there are loads of options such as TTL, cache, expire sizes etc etc, but if he's repointed the record twice and it's worked  Ithink he should hopefully have a reasonable understand of how long his setup will take
<ikonia> fbond: intrepid is not stable
<ikonia> fbond: and can be discussed in #ubuntu+1
<fbond> ikonia: Okay, thanks, but my question is very much not specific to Intrepid.
<ikonia> fbond: is there bug logged for 8.04 ? or is it referenced in the interpid bug report ?
<fbond> In fact, my question is really about 8.04 Server Edition.
<fbond> The bug is about Intrepid, but there is discussion there regarding current SE.
<sommer> fbond: since your question is mostly kernel related you may get a faster response asking in #ubuntu-kernel
<fbond> sommer: Okay, I'll check there.
<sommer> but someone here may know as well
<mathiaz> !gui
<ubottu> The graphical user interface (GUI) in Ubuntu is composed of many elements, including the !X server, a window manager, and a desktop environment such as !GNOME or !KDE (which themselves use the !GTK and !Qt toolkits respectively)
<mathiaz> !servergui
<ubottu> Ubuntu server does not install a desktop environment or X11 by default in order to enhance security, efficiency and performance.  !eBox provides a GUI system management option via a web interface.  See https://help.ubuntu.com/community/ServerGUI for more background and options.
<telephono> hi all! is there a way to do a 8.04 headless install (serial console)? google has no clue
<mathiaz> zul: re bug 253855 - could you try to grab samba4 from experimental and try to build it ?
<uvirtbot> Launchpad bug 253855 in ubuntu "please sync samba4 from debian experimental" [Undecided,Confirmed] https://launchpad.net/bugs/253855
<mathiaz> zul: I've tried to build it in my chroots but failed
<zul> mathiaz: np
<zul> mathiaz: i havent updated my schroots today but its building fine for me
<mathiaz> zul: hm - which build system are you using ?
<zul> sbuild
<mathiaz> zul: I'm using sbuild+lvm and building samba4 triggers an oops
<mathiaz> zul: related to ext3 and/or lvm snapshot
<zul> mathiaz: im not using lvm though
<zul> mathiaz: built fine
<mathiaz> zul: could you ACK the sync request then once you've checked that the packages look good ?
<mathiaz> zul: or could you put the built package somewhere ?
<zul> ok np
<zul> mathiaz: http://people.ubuntu.com/~chucks/samba/
<zul> its for amd64
<mathiaz> zul: great - thanks
<uvirtbot> New bug: #259488 in samba (main) "libwclient fails to install on dist-upgrade" [Undecided,New] https://launchpad.net/bugs/259488
<uvirtbot> New bug: #260156 in samba (main) "package libwbclient0 None [modified: /var/lib/dpkg/info/libwbclient0.list] failed to install/upgrade: trying to overwrite `/usr/lib/libwbclient.so.0', which is also in package likewise-open" [Undecided,New] https://launchpad.net/bugs/260156
<Absorto> hello! I've installed ubuntu-server 8.04 amd64 on a machine with 32 Gb RAM. However I can only see 4 gb. Help!
<infinity> Absorto: I'd hate to question such a thing, but are you sure you didn't install i686 by accident?
<Absorto> infinity: I'm pretty sure. I triple checked. uname -a says: x86_64
<infinity> Kay.
<infinity> Then I'd go hunting around in BIOSes and such.
<infinity> Cause the x86_64 -server kernels should certainly be able to handle more than 4GB of RAM.
<Absorto> I'm getting suspicious, tho. I booted a pair of livecds from other distros (not that I'm considering switching ;) ) and couldn't see the entire RAM either.
<Absorto> BIOSes, eh? Humm...
 * Absorto reboots
<Absorto> :S turns out I have 8 512MB DIMMs
<infinity> Fun.
<Goosemoose> anyone have ubuntu server running on hyper-v?
<Goosemoose> i cant get the network card to work, even though i installed a legacy network adapter
<seeker71> i'm looking for some sftp help, having a strange issue
<seeker71> i'm using winscp to connect to my ubuntu server running openssh.  everything works except I cannot get it to overwrite files.
<seeker71> I can delete and create new, but now overwrite.
<seeker71> *not
<seeker71> anybody here?
<LMJ> i'm here seeker71 ;)
<LMJ> log into your ubuntu server with the same user, and try to overwrite a file via a "cp"
<seeker71> yes, that works.
<okaratas> hello
<ScottK> seeker71: I've had the before and IIRC it was a permissions issue of some kind.
<ScottK> But it's been a while.
<seeker71> yeah, i've got all the files at 777 while trying to figure this out.  are there attributes that need to be changed maybe?
<dusty_> Hey guys, how can you send a file from the command line via email (like echo/mail/sendmail) anyone know ?
<ScottK> dusty_: Install an MTA with an appropriate interface (I recommend Postfix) and then start with man sendmail.
<Weasel[DK]> Hardy's (server) kernel does not support my EPIA-ITX board (CPU), what can be done... some boot options ?
<fbond> Hi.  I have one user reporting that he installed Ubuntu 8.04 Server Edition and ended up with a -generic kernel, and one reporting that he did the same and ended up with a -server kernel.  How can I explain this?
<fbond> Weasel[DK]: Use the -generic kernel.
<fbond> Weasel[DK]: The -server kernel is not compatible with your CPU, and no boot options will fix it.
<Weasel[DK]> fbond, ok, is the generic kernel included in the server dist ?
<fbond> Weasel[DK]: Well, that's part of what I'm trying to figure out. :)
<fbond> Weasel[DK]: You installed 8.04 Server Edition and ended up with a -server kernel?
<Weasel[DK]> fbond, seems so yes
<Weasel[DK]> fbond, complatins about some unsupported features.. and the stops
<fbond> Weasel[DK]: Okay.  I'm downloading the Server Edition CD to check it out.
<Weasel[DK]> fbond, really... don't you have any thing else to do.. ;)
<fbond> Weasel[DK]: Actually, I was tracking the same issue you are having.
<fbond> I've gotten some conflicting reports about Server Edition compatibility with C3 CPUs.
<Weasel[DK]> fbond, ahhh
<fbond> I'm trying to figure out who's right (or wrong), and why.
<fbond> There is a user reporting at https://bugs.launchpad.net/bugs/254453 that he installed Server Edition and ended up with a -generic kernel that works fine on his C3.
<uvirtbot> Launchpad bug 254453 in linux "Ubuntu 8.10 Alpha-3 Intrepid Ibex - Via C3 CPU not Supported" [High,Confirmed]
<Weasel[DK]> ok, i can assist as test-dummy....
<Weasel[DK]> he he
<fbond> Weasel[DK]: Sure thing.
 * Weasel[DK] is reading...
<Weasel[DK]> fbond, there is a generic kernel in the ISO.. ill try to start rescue mode and install it...
<Weasel[DK]> fbond, Success :)
<fbond> Weasel[DK]: good, glad to hear it.
<fbond> Weasel[DK]: What mainboard do you have?
<Weasel[DK]> fbond, EPIA-SP8000EG
<fbond> Weasel[DK]: Thanks.
<soren> Weasel[DK]: Yeah, we currently don't detect lack of PAE support in the CPU. :(
<soren> I hope to fix that for Intrepid.
<Weasel[DK]> sounds great... :)
<soren> (PAE is what is missing from the VIA CPU's which makes the server kernel unable to boot)
<fbond> soren: There is also CMOV.  gcc uses CMOV when compiling for 686.
<nxvl> soren: isn't it like really late on your TZ?
<soren> They don't have cmov either? Oh, Jebus..
<soren> nxvl: Nah, this is not too bad. It's just before midnight.
<fbond> soren: Will the detection make the kernel compatible with the C3, or make the installer use the -generic kernel?
<fbond> soren: Most VIA CPUs actually *do* have CMOV.
<nxvl> soren: the funniest time for hacking :D
<soren> The day before yesterday was pretty bad. I didn't get to bed until 3 AM or thereabouts.
<fbond> soren: But nothing before the Nehemiah core.
<soren> fbond: It'll make the installer use the generic kernel.
<fbond> soren: Cool.
<soren> Yeah, we're not going to disable PAE in the server kernels :)
<fbond> soren: So ... there is a user at https://bugs.launchpad.net/bugs/254453 claiming that the Server Edition CD installed fine for him and he ended up with a -generic kernel.  Possible?
<uvirtbot> Launchpad bug 254453 in linux "Ubuntu 8.10 Alpha-3 Intrepid Ibex - Via C3 CPU not Supported" [High,Confirmed]
<fbond> (The bug is for 8.10, but his CD was 8.04)
<soren> fbond: Yes.
<fbond> soren: Okay!  How does it happen?
<Weasel[DK]> i get 0:6 and 0:8 as not pressent in CPU
<soren> fbond: We detect some cases in the installer.
<soren> fbond: ...just not PAE (currently).
<fbond> soren: What package can I examine to determine what is detected?
<soren> fbond: base-installer, IIRC.
<soren> I really need to head to bed now..
<fbond> soren: Thanks!
<soren> G'night, everyone!
<Weasel[DK]> g'nite
<fbond> soren: Good night.
<Absorto> hello! I'm trying to install ubuntu-server on a dell r905. Well, the install CD cannot find the DVD-ROM, I guess because it is SATA. So: I installed ubuntu on a similar machine that doesn't have that problem, then I made a tar of the whole root filesystem. Then I booted an install cd of slackware 12.1 which has the appropiate module for the DVD-ROM and, using the root shell, I created the partitions and untared my tar. Phew. Then I
<Absorto> chrooted to the appropiate mount point and ran grub-install. I rebooted and got the grub, but the kernel doesn't boot.
<nxvl> soren: sleep tight!
<Absorto> I went into grub's console and specified root and kernel. So the kernel boots, but ends up in a kernel panic! it says my root= parameter is wrong.
<Weasel[DK]> Absorto, you have to set the root right then ;)
<Weasel[DK]> what is it linke now ?
<Absorto> Weasel[DK]: I guess so.
<Weasel[DK]> like
<Absorto> Well, the one in menu.lst is a very weird UUIDblahblahblah that I have never understood.
<Absorto> My root fs should be /dev/sda2, but that didn't work.
<Absorto> I think the UUID is the one of the first machine tho...
<Weasel[DK]> ther kernel line also contains a root=
<Weasel[DK]> have you edited that one too
<Absorto> yes, I specified a root= on grub's command line
<Absorto> I tried /dev/sda2 and I copied the UUID on menu.lst
<Weasel[DK]> root= in the menu.lst could be like (hd0,0) or (hd0,1) ?
<Absorto> no, i mean, i specified kernel (hd0,1)/boot/vmlinuz-blah root=/dev/sda2
<Weasel[DK]> and /dev/hdxxx as kernel option
<Absorto> I also specified root (hd0,1)
<Weasel[DK]> i think yuo shuold remove (hd0,0) from the kernel line
<Weasel[DK]> just         /boot/vmlinuz-blah root=/dev/sda2
<Absorto> hmm...
<Absorto> okay. I think I might try that. That and learning the propper UUID with the blkid command. BRB
<Weasel[DK]> note to chek that you harddrive is primary master
 * Absorto goes into the cold, cold site.
<ScottK> Absorto: When I've had problems like that, I just installed on one machine and then physically moved the hard drive to the box I wanted the install on.
<Absorto> ScottK: I might try that. Although I'm trying to install ubuntu on a dell r905 that has weird drives on the front, I'm not sure I'm gonna be able to install them on the other much simpler host.
<Weasel[DK]_> weird drives ?
<Absorto> Yeah, they are like mounted racklike, I'm not sure they are sata or what sort of interface they use.
<Absorto> Is there a way I could run the installation script of grub from within a chroot?
<Weasel[DK]_> should not be neserry
<Absorto> But it is. You see: the installer configures grub. But since I installed in another machine, all references to drives are wrong.
<Weasel[DK]_> go into grub... type ----- root (hd0,1)
<Absorto> Oh, and: ScottK: I can't take the drive from the huge server and install ubuntu on it on another host because I'm installing into a RAID-5 array.
<Absorto> I did. root (hd0,1)
<Absorto> then kernel /boot/vmlinuz-blah root=/dev/sda2
<Weasel[DK]_> and then setup (hd0)
<Absorto> I also tried kernel /boot/vmlinuz-blah root=UUID-blahblahblah
<Absorto> Weasel[DK]_: id did that. The grub is propperly setup. That is: it is copied onto the master boot record of the disk. When I reboot, grub comes up.
<Absorto> But when I select the first option in the menu, it says the drive is wrong.
<Absorto> when i try it on grub's cli the kernel boots but then goes into panic because the root= parameter is wrong.
<Weasel[DK]_> ahh oh yes i forgot sorry ;)
<Absorto> Is there a way of starting the install script from the command line interface?
<Absorto> I mean...
<Weasel[DK]_> ahh oh yes i forgot sorry ;) ?
<Weasel[DK]_> what do you have on (hd0,0) part. boot ?
<Absorto> I have setup ubuntu and made a tar of the root fs. I am able to boot and get a root shell thru the livecd of another distro. Then i can chroot into my ubuntu partition. Could I then run the install script?
<Absorto> Weasel[DK]_: (hd0,0) is swap
<Weasel[DK]_> could you publish you menu.lst at paste.bin or a like
<Absorto> I could, but with much effort. The livecd through which I can get a shell doesn't have the propper kernel modules for the NIC :(
<Absorto> But I can describe it accurately.
<Weasel[DK]_> ahh sad
<Absorto> It is exactly the menu.lst you get in a fresh install, I've only changed the UUID=blah part.
<Weasel[DK]_> does fdisk /dev/sda look as expected ?
<Absorto> hey! I forgot all about that! let me see.
<Absorto> but... would a wrong entry on /etc/fdisk cause a kernel panic?
<Absorto> I guess it would!
<Absorto> brb
<Weasel[DK]_> you mean /etc/fstab i guess
#ubuntu-server 2008-08-22
<Absorto> yeah, that I meant. But nope, that wasn't it. :(
<Weasel[DK]_> hmm normaly the root is an UUID as well
<Absorto> It is. It had the UUID of the other host. I put the right one. But the kernel panic comes before that.
<Weasel[DK]_> in the fstab file
<Weasel[DK]_> in the fstab file /dev/sda2 like in menu.lst
<Weasel[DK]_> argghhhh damn keyboard
<Absorto> yep, the UUID is the same on both
<Weasel[DK]_> i dont think the UUIDs are valid anymore
<Absorto> update-grub!!!
<Absorto> maybe that's the one!
<Weasel[DK]_> it has to be -id
<Weasel[DK]_> arrrrrrgh that keyboard again
 * Weasel[DK]_ urgently needs sleep...
<Absorto> sleep? caffeine!
 * Absorto hands Weasel[DK]_ a cup of ubuntu. There!
 * Weasel[DK]_ urgently needs sleep...,)
<Weasel[DK]_> arghhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhh
<Weasel[DK]_> im siting on an eee pc
<Absorto> Traitor!
<Absorto> just kidding.
<nxvl> lamont: around?
<nxvl> lamont: i'm having a problem with palmer
<nxvl> lamont: lmms is FTBFS since an issue with the buildd trying to install wine -> http://launchpadlibrarian.net/16865545/buildlog_ubuntu-intrepid-i386.lmms_0.3.2-1ubuntu2_FAILEDTOBUILD.txt.gz
<lukehasnoname> Is there any program or script that more intelligently bridges networks, or is manually editing /etc/network/interfaces the only way?
<lukehasnoname> when using KVM
<nxvl> kirkland: around?
<kirkland> nxvl: barely
<nxvl> kirkland: i commented yesterday on update-motd
<kirkland> nxvl: i just uploaded a new version
<nxvl> kirkland: i even include something like a patch
<nxvl> ok
<nxvl> i will check
<kirkland> nxvl: i copied and pasted 2345 from you :-)
<nxvl> yep, but for some reason it didn't took the spaces
<kirkland> nxvl: thanks for the continued review
<kirkland> nxvl: i hate that revu doesn't send email
<mathiaz> kirkland: should there a locking mechanism to make sure that update-motd doesn't run more than once ?
<nxvl> yep
<nxvl> me too
<nxvl> BUT it now has a feed system
<nxvl> you can suscribe yourself to the feed of your user/package/general
<kirkland> mathiaz: i thought about that, definitely seems like a nice thing to have
<mathiaz> kirkland: I could imagine that one of the scripts in /etc/update-motd.d/ takes longer than the cron frequency
<kirkland> mathiaz: that would be ill-advised, but yeah, it could happen
<kirkland> mathiaz: i can put a lock in /var/run, sure
<kirkland> mathiaz: it won't happen tonight, though, as it's 2:15am :-)
<mathiaz> kirkland: sure - I'll post my comments to revu
<kirkland> mathiaz: thx
<nxvl> kirkland: were are you?
<kirkland> nxvl: London
<nxvl> oh
<nxvl> :D
<nxvl> at canonical offices or at some familiar?
<kirkland> one eye open
<kirkland> hotel
<nxvl> yeah, but i mean, did you go there for work reasons?
<nxvl> or some other
<kirkland> work
<nxvl> is sprint now?
<wo0f> hi, whats the best way to run a vnc server
<wo0f> i want to invoke a x server every time i log in
<wo0f> ?
<nxvl> and why would you like to do that?
<wo0f> i only use ubuntu as webserver
<nxvl> kirkland: i found the reason of the warnings, preparing patch
<wo0f> but i want to now be able to log into a remote ubuntu desktop from windows
<kirkland> nxvl: k
<nxvl> wo0f: putty
<lukehasnoname> When I try to start a VM in KVM, I get an error "qemu: could not open disk image jeos2.img"
<wo0f> nxvl: i'm using putty as we speak
<wo0f> putty isnt graphical tho
<lukehasnoname> I've googled, searched, ubuntuforumed, and couldn't get an answer
<nxvl> wo0f: yep, that's the idea
<wo0f> ...
<wo0f> whats the idea?
<nxvl> i still don't understand why would you want to use a graphical environment in your server
<wo0f> lol
<wo0f> this is not somthing you need to understand
<wo0f> its namesake is a terminal server
<nxvl> then that's something i don't need to answer :D
<wo0f> lol
<wo0f> noob
<wo0f> if you dont know
<wo0f> dont waist my time
<wo0f> our time*#
<nxvl> heh
<nxvl> ok
<wo0f> nxvl: http://en.wikipedia.org/wiki/Terminal_server
<nxvl> wo0f: i know what's a terminal server
<nxvl> but you said your server is a web server
<wo0f> so you know it has nothing to do with putty then?
<nxvl> wo0f: dood, if you will come and insult people don't expect help
<nxvl> wo0f: i'm a noob, don't waste your time
<nxvl> kirkland: i don't understand what you tried to do at line 9 in the man page
<nxvl> kirkland: the Vb tag is raising a lintian warning
<wo0f> .
<lukehasnoname> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<lukehasnoname> read that wo0f
<lukehasnoname> When I try to start a VM in KVM, I get an error "qemu: could not open disk image jeos2.img"
<twb> Argh!  Why are there two ldap.conf files, /etc/ldap.conf and /etc/ldap/ldap.conf ?
<twb> And is there any reason I shouldn't replace the latter with a symlink to the former?
<mathiaz> twb: /etc/ldap.conf is used by the nss_ldap library, while the later is used by the openldap client library
<To1> ï»¿hi guys - iptables what does the -j PAROLE option mean compared to ACCEPT ?
<uvirtbot> New bug: #260264 in mysql-dfsg-5.0 (main) "install of mysql-server and mysql-server-5.0 did not complete properly" [Undecided,New] https://launchpad.net/bugs/260264
<twb> mathiaz: is there any reason I shouldn't replace the latter with a symlink to the former?
<twb> ...since only /etc/ldap.conf is managed by ldap-auth-client (i.e. debconf)
<wantok> i think it wil break stuff
<wantok> and if you have a server you have a 3rdd one :
<wantok> :p
<twb> wantok: slapd.conf has different stuff
<twb> I've been making the symlink on my clients for ages, without apparent problems.
<twb> I'm inclined to do the same on the server.
<To1> anyone familiar with iptables here ? :)
<twb> To1: yes, but not PAROLE.
<To1> ok
<Ken> Hey everyone
<Derander> I am trying to set up postfix/dovecot.  They are functioning, but when I upgraded thunderbird 2 to thunderbird 3, thunderbird refuses to download messages, and gives this error: http://pastie.org/ 257801 .  I'm using IMAPS.
<Derander> (A very similar error occurs when I attempt to send mail.)
<wantok> so fix thunderbird :)
<wantok> (btw, not breaking the link makes life easier on helpers)
<Derander> bah, I was having troubles with my client breaking the message onto two lines.  sorry about that.
<Ken> I have a dumb question... I installed ubuntu server with php, mysql, and apache2 on an old box I had laying around. I would like to be able to setup a domain now using it, can this be done easily?
<wantok> Ken: 'set up a domain' meaning?
<Ken> Yeah
<Derander> wantok: when I was using thunderbird before, it would give me a message about the certificate being 'wrong', but it would still download mail.  I suspect I have a problem with my certificate, but now thunderbird is stricter.
<Derander> ken: do you have more than one domain?
<wantok> Derander: the message tells you what the "problem" is. the fix is to make thunderbird less strict
<wantok> Derander: or buy a cert signed by someone ...
<Ken> I have many that I can use, but I would like to use one for now just for testing purposes
<Derander> wantok: alright, I'll downgrade thunderbird - there is no option in 3.
<wantok> Ken: so what do you want to do ... setup a website?
<Ken> indeed
<Derander> Ken: if you want to use more than one, you'll need vhosts, but for just one, it should work out of the box.
<Derander> Ken: oohh.. dns *palmface*
<Ken> vhost, is this something I can setup using apt-get?
<Derander> ken: it's built in.
<wantok> Ken: i still dont know what you mean by domain
<Derander> wantok: he wants to point a domain to his box
<Ken> exactly
<Ken> Thanks derander
<wantok> Derander: ah.
<Ken> test.com should point to my ubuntu box
 * lamont has always read "set up a domain" as "point an A RR in DNS at _that_ IP", which is trivial
<Ken> ah, sorry
<wantok> Ken: i'd suggest goign with vhosts from the start.
<Ken> (:
<lamont> having done that, the next question is, so what services does said machine want to provide?
<wantok> lamont: i have a similra though :)
<wantok> *ar
<Ken> Im mainly going to use it for development and having a few team members accessing it.
<Ken> might host a wiki
<wantok> Ken: you'll need a static IP to start with, btw
<Derander> ken: example of virtual hosts http://pastie.org/257804 .- if you're using ubuntu you can shove them in /etc/apache2/sites-available/default
<wantok> Derander: or in a new file in sites-available - thats sort of the point :)
<lamont> Ken: so what you're saying is you want to set up a web server on the host.  Installing apache got you at least the start of one
<Derander> wantok: yeah, but I'm lazy.
<wantok> Derander: it'll bite you on the arse on day then :)
<lamont> Derander: more files _IS_ the lazy way
<Ken> Yeah, I installed apache, php and mysql just a moment ago using apt-get
<Derander> wantok, lamont: I disagree, but I'll agree to disagree
<lamont> Derander: remind me to never manage a machine you've configured. :-p
<wantok> Derander: you'll be wrong :P (</bill hicks quote>)
<Derander> I know I'm wrong, but more files = more effort FOR ME.
<wantok> until you need to disable one vhost for testing
<wantok> or move it to a new server (which i spent this am doing here)
 * Derander continues muddling around with his cert
<Derander> Hmm
<Derander> Now the server just doesn't respond.. that is not an improvement
<Derander> yeah, this thunderbird alpha client is not bug free! how dare it!
 * lamont remains happy that he doesn't use the production version either
<Derander> what do you use?
<lamont> mostly mutt
<Derander> ah
 * Derander needs to add some sort of filter that drops emails with attachments > 2 mbs, this is absurd.
<Derander> Anywho, thanks for clearing that up for me.  Goodnight
<lukehasnoname> kirkland: props on the vm-builder script
<arakthor> ScottK, you there?
<mib_p9zuqssu> hey all
<mib_p9zuqssu> can any one help with setting a maxpermsize with java - im just lost on how to even get started
<mib_p9zuqssu> any111
<kraut> moin
<_ruben> hmm .. it seems possible to rename vlan interfaces using 'ip set link vlan0009 name wan0' for example .. to bad that totally confused ifup/ifdown :p
<soren> _ruben: How so?
<_ruben> soren: the old name (known in the interfaces file) doesnt really exist any more .. and the new name (which does exist), isnt known in interfaces file
<soren> _ruben: That hardly counts as ifupdown being confused :)
<_ruben> matter of semantics :)
<soren> matter you being mean to it :)
<_ruben> soren: it just be big boy and handle the asaults :p
<_ruben> guess i'll just stick with vlanXXXX interface names for now
<_ruben> the renaming is rather hackish anyways
<_ruben> #       up /sbin/ip link set vlan0008 down
<_ruben> #       up /sbin/ip link set vlan0008 name wan0
<_ruben> #       up /sbin/ip link set wan0 up
<_ruben> kills the routing table entries as well ;)
<soren> Sure, you should change it when you create them.
<_ruben> i wonder if adding to sections to interfaces file might do the trick .. one with the vlanX name, which just gets renamed .. and one with the new name which actually configures it
<_ruben> s/to/two
<_ruben> soren: do you know what's the proper way of setting up a bond0 without an ip address? its only got tagged vlans on it .. so i just add 0.0.0.1/32 to it
<soren> _ruben: You can't just "ifconfig bond0 up"?
<_ruben> hmm .. wonder if that'd work from within a pre-up for the vlan interface
<soren> I think that's a logical place to put it.
<_ruben> lets give it a try
<_ruben> hmm .. i'd have to create the bond as well in the pre-up
<soren> Yes.
<uvirtbot> New bug: #260298 in mysql-dfsg-5.0 (main) "mysql-dfsg-5.0 fail to install" [Undecided,New] https://launchpad.net/bugs/260298
<RockHound> hi everyone ... I am really frustrated with cups atm ... I can not add a printer via the webinterface (have not tried another way). Once I select the ppd it just hangs once I click add. This is on 8.04.1 ... any suggestions ... log level debug does not produce any error once it hangs ...
<RockHound> that happens even with raw printers
<RockHound> any hint on where I could look furhter?
<RockHound> argh ... should have googled before brain farting
<RockHound> works flawlessly with konquorer ... firefox3 just hangs ...
<Bryan_Sierra> I keep seeing what Google results tell me is a disk about to fail. However, when I take it of this computer and stick it in another, it runs fine.
<Bryan_Sierra> Is there any other reason for this? (The error is ata2.01: status: { DRDY }
<Bryan_Sierra> Drives on the same IDE channel work fine btw. And I've even put other drives in on the same cable, and it works just fine. (Only thing I haven't tried hardware wise was to move it onto another channel. But that would require massive headaches, so I would like to keep that as a last resort.)
<RockHound> Bryan_Sierra: any smart results that look way out of bounds?
<Bryan_Sierra> No smart results no. I had a partion out of the header range (I believe it was the header range at any rate.) but once I reformated it went away.
<Bryan_Sierra> maybe it was cylindars. At any rate no smart results issue. I even ran the seagate diagnostics on it. Reported back as "Fine"
<Bryan_Sierra> I assume it's a driver issue
<Bryan_Sierra> because this was on a server, I used one of the channels for the CD, then added a HD once the install was done.
<Bryan_Sierra> Okay, now for something that might help a lot more:The drive is a slave drive, but in fdisk; both of them are gone.
<Bryan_Sierra> Should I go to ubuntu for this or :O?
<RockHound> what kernel?
<Bryan_Sierra> 2.6.24-19
<Bryan_Sierra> so, anything I can do, other than just not use the drive :P
<RockHound> it also sounds to me like an ata driver issue ..
<RockHound> see if the kernel in Proposed repository helps
<Bryan_Sierra> Well I was just thinking that since I added this drive after I installed, that maybe it just wasn't recognising it and that I could just...I dunno...re install the driver or something :z
<Bryan_Sierra> Don't even know if that was possible. Never realy ran into this before, so yeah.
<lee_> when i restart bind9 it gives me an error "/etc/host.conf: line 1: bad command `192.168.0.13 radius localhost"
<lee_> need help
<thefish> lee_: looks like you put stuff that was meant to be in /etc/hosts into host.conf
<lee_> a okay will change it and try again
<thefish> lee_: that 192.168.... line should go in your /etc/hosts file instead i would guess
<thefish> your hostname is radius and ip is 192.168.0.13? if so, that line is for /etc/hosts (i would remove the localhost bit, as that should already be on the line starting 127.0.0.1)
<lee_> i have changed it but still cant get apache 2 to work like i want it
<thefish> lee_: your hosts.conf has very little to do with apache
<thefish> you want to be able to go to http://hostname/ instead of http://ip.add.res.ss ?
<lee_> no want to be able to tipe in www.zarshare.co.za on lan and not 192.168.0.13/www.zarshare.co.za
<thefish> lee_: you want to do this from just your local lan i assume
<thefish> ?
<lee_> yes want 4 web pages on lan
<thefish> ok, do you have a dns server on the lan at the moment?
<lee_> yes but it is a pice of windows &^$%#
<thefish> no problem, it will still work
<thefish> you have 2 options:
<lee_> ok
<thefish> 1: use the windows dns server
<lee_> 2?
<thefish> 2: install and configure a new dns server (maybe bind) somewhere, then reconfigure all the clients to use this new dns server. Then make sure it replicates all the dns stuff needed for AD
<thefish> i guess you use ad as well
<thefish> if not its slightly easier
<lee_> i am new at ubuntu would like to get server up and running as i have to install 4 servers at clients running lan webpages
<thefish> bind > +-5 can be a part of AD dns afaik, but ive never tried it
<thefish> ok and the clients also have windows dns servers?
<lee_> no clients dont have server
<thefish> i would recommend a very simple solution: add the zarshare.co.za zone to your windows dns server, then add a new host (A) record pointing www at 192.168.0.13
<lee_> want to put down a linux server
<thefish> ok thats fair enough, then at the clients you may want to install bind
<thefish> remeber that they need dns for internet access as well, so your installation at their side will have to be authorative for the zone you want, as well as doing caching/forwarding for internet hosts
<thefish> if the sites will never be accessable over the internet, then its easier again, if they will, you need to work on a dns topology
<thefish> ie 192.168.0.16 is not an internet ip, so you may want a "split brain" dns structure: internal dns authorative server points to 192.168..., external authorative server points to 66.249.93.99 for example
<thefish> you will need to change the client pc dns configuration as well to use your new dns server
<lee_> will explain what we want
<lee_> want to start a local web server on a pc accessable over the internet to host and share files for clients
<thefish> ok
<thefish> are you ok with how dns works?
<lee_> am new with linux
<thefish> ok
<lee_> i got apache 2 working after 4 days of reading
<thefish> :)
<thefish> well done
<lee_> :)
<thefish> ok, this is a very doable project, but i think you may want to read up on a few things first
<lee_> please give list
<thefish> dns
<thefish> public and private ip addresses
<thefish> the basics:
<thefish> you will need to provide dns services to both internal and external clients
<lee_> ok
<thefish> one set will access the server with a private ip address, one set with a public
<thefish> there are a few ways around this
<thefish> one is "split brain" dns
<thefish> you could also set up a dmz, and have the web server in that with the same ip for public and private (needs a bit of routing setup)
<thefish> you havent considered hosting the stuff externally?
<lee_> not in South Africa
<thefish> :D
<thefish> i hear ya
<lee_> u in sa
<thefish> used to be ;)
<thefish> still deal with one or two servers there though
<lee_> were u now
<thefish> uk, with all the other saffers :D
<lee_> u mean furs and lids
<thefish> ?
<lee_> saffers soulerds
<lee_> flat noses and blue gums
<thefish> still dont get it :/
<thefish> remeber with your setup that you also have the unbelievable reliability of telkom if you host on the back on a local office connection
<lee_> rolf
<thefish> thats not to mention the daily power cuts
<lee_> no power cuts here the head of eskom lives two houses away
<lee_> flat noses = saffers
<lee_> blue gums = the ligher dark half of the population
<thefish> ah
<thefish> useful to have the eskom matey close by
<lee_> ye
<lee_> got one power cut for round about 15 min
<thefish> fair enough
<thefish> if i was there id open a UPS and generator shop
<lee_> to late like all cape town business men u can buy a ups or generator at any cafe
<thefish> hahaha
<lee_> so how is work that side
<thefish> not bad
<lee_> cool
<lee_> and the weather
<thefish> dont ask
<nxvl> good morning
<thefish> hi nxvl
<zul> morning
<nxvl> zul: morning
<nxvl> kirkland: commented @ update-motd
<nxvl> kirkland: i still can't try the debconf thing, i think it may be for some component missing
<nxvl> but anyway i'm not a debconf expert
<kirkland> nxvl: hmm
<kirkland> nxvl: perhaps it's that the translations haven't been performed yet?
<nxvl> nop, english system
<nxvl> try it using a chrrot
<nxvl> chroot*
<nxvl> i'm trying it from a pbuilder one
<nxvl> kirkland: it should me something missing, like ncurses, or something
<nxvl> what it's odd is that it doesn't show me any warning or error message
<serwou> hi
<serwou> Anyone got a problem, got 2 hours to waste at work ;)
<_ruben> serwou: yeah .. not enough money in my bank account, can you fix that for me?
<serwou> aptitude install money ? ;)
<serwou> you should open a new bug
<serwou> I can confirm it also _ruben ;)
<bogey-> serwou: its "sudo apt-get install money $$ echo "teh lulz""
<bogey-> $$ = &&
<serwou> ;)
<pschulz01> Evening all.
<pschulz01> apt-cache search money..
 * delcoyote hi
<nxvl> hi
<serwou> hello
<zul> are we doing any for ubuntu dev week thingy?
<nxvl> zul: as in?
<zul> like a session
<nxvl> zul: i think mathiaz is the right person to ask
<nxvl> zul: he always run the server sessions
<nxvl> i will run a session if get the answer i'm waiting for and start in my new job that week
<nxvl> in my current job i can't
<nxvl> :(
<nxvl> :(
<mathiaz> zul: are you working on mysql FTBS ?
<mathiaz> Koon: do you have your tomcat6 source package somewhere ?
<uvirtbot> New bug: #260396 in samba (main) "cifs.mount: mapchars + utf8 = loop" [Undecided,New] https://launchpad.net/bugs/260396
<mathiaz> Koon: your .diff.gz ?
<mathiaz> Koon: applying your interdiff makes my head hurt
<zul> mathiaz: yep the libtool mess?
<serwou> well, gtg, CU
<serwou> exit
<serwou> damned
<Koon> mathiaz: I will post it on the bug, only 14k
<mathiaz> zul: yeah - I uploaded kirkland patch for mailx suggest yesterday and it FTBS
<zul> mathiaz: lemme guess its complaining about tags and CXX right?
<kirkland> mathiaz: i saw that...  i don't see how that patch would have broke the build
<zul> kirkland: its because of libtool
<mathiaz> zul: yop
<mathiaz> kirkland: right - it's not your patch - it's the new libtool
<kirkland> mathiaz: gotcha, i figured it had to be a problem with the build system
<mathiaz> We'll be flooded with FTBS once infinity will do a complete archive rebuild
<zul> hence why I said libtool die eariler ;)
<mathiaz> Koon: great - that will be very helpful
<soren> if anyone wants a moment of fame (and a big hug), a patch for https://bugs.edge.launchpad.net/ubuntu/+source/lilo/+bug/260059 would be a good way.. *nudge* *nudge*
<uvirtbot> Launchpad bug 260059 in lilo "lilo needs to warn if initrd is too large" [Critical,New]
<Koon> mathiaz: done. Anything wrong with my full interdiff, or they just suck in general ?
<zul> mathiaz: there is an updated mysql in debian that has a couple of security fixes that I think we should have as well
<mathiaz> Koon: they just suck in general
<mathiaz> zul: well - I saw a post from the debian maintainer that he package the latest version from Mysql 5.0.67 IIRC
<zul> oh really?
<mathiaz> zul: but it won't be uploaded to debian since the archive is frozen
<zul> mathiaz: yeap
<mathiaz> zul: so I was wondering if we should take his package instead
<zul> mathiaz: does it build?
<mathiaz> zul: I don't know - I've just seen norbert's blog post about it
<zul> mathiaz: ok
<mathiaz> zul: http://tretkowski.de/blog/archives/418-MySQL-5.0.67-not-uploaded-to-Debian.html
<zul> soren: if you get me patch today and upload for inrepid and do an SRU today (when I get a breather) ;)
<zul> mathiaz: lemme see about that one
<soren> zul: Er... What? -ENOTENOUGHPUNCTUATIONANDPRONOUNS
<zul> soren: sorry lilo
<soren> zul: Yes, I understood that much :)
<zul> soren: if you get me a patch I can do it then
<soren> zul: Heh :) What I want is for someone to write the patch :)
<zul> soren: meh...
<zul> use grub ;)
 * soren kicks zul
<zul> teehee
<zul> mathiaz: 5.0.67 builds fine
<mathiaz> zul: Ok go !
<zul> kirkland: update-motd?
<kirkland> zul: yeah, please
<zul> kirkland: had a look at my notes?
 * kirkland grumbles about revu not sending email....
<kirkland> zul: lemme do that
<ScottK> kirkland: There's a mailing list that sends all the comments.
<kirkland> ScottK: interesting....
<kirkland> zul: okay, copyright fixed
<zul> kirkland: cool...i wasnt sure about that though
<kirkland> zul: added changelog to docs, but didn't think it was necessary, because my rules does         dh_installchangelogs ChangeLog
<zul> ok
<kirkland> zul: actually, i don't think it should be in both places
<kirkland> zul: also, i think we should keep the init script; it makes turning this on/off and getting status easier
<zul> its kind of overkill dont you think?
<kirkland> zul: no
<zul> ok
<kirkland> zul: how would a user temporarily disable update-motd?
<mathiaz> Koon: tomcat6 uploaded
<Koon> yoohoo
<zul> kirkland: run dpkg-reconfigure maybe?
<kirkland> zul: and you think that would be better than "service update-motd stop" ?
<zul> kirkland: yeah you are installing one less file and the init script seems a little odd for me for a cron job basically
<kirkland> zul: the other thing is that the init script makes it possible to turn on/off non-interactively
<kirkland> zul: in case you had a script where you wanted to disable/enable it
<kirkland> zul: dpkg-reconfigure would have to ask you interactive questions
<zul> kirkland: gotcha I trust your judgement though, call me old school I guess ;)
<kirkland> zul: i suppose i could remove it, if it really really really grossly offends you.... but i think it's nice to have
<zul> kirkland: it doesnt offend me at all it just seems odd to me but if you think users would want it then that would be fine with me
<kirkland> zul: i do.
<zul> kirkland: cool beans then
<kirkland> zul: what do I need to do next?
<zul> kirkland: I believe you get two acks by MOTUs and then get it uploaded to universe
<zul> ill ack right now
<kirkland> zul: cool.
<kirkland> mathiaz: kees: soren: could one of you do the other ack for update-motd, if I've sufficiently addressed your concerns?
<zul> Koon: tomcat6 MIR stuff is next on my list after I get mysql done
<Koon> zul: i'll subscribe ubuntu-mir before I go for the weekend... just unsubscribe them if there is an obvious showstopper
<zul> Koon: ok
<uvirtbot> New bug: #260424 in samba (main) "Incorrect hyperlink in samba-docs" [Undecided,New] https://launchpad.net/bugs/260424
<bogey-> When using apt-get remove squid squid-common I am having a problem of squid NOT install the files I manually deleted. How do I force this?
<jmedina> bogey-: remove removes files donesnt nstalls them
<jmedina> or you mean: after removing config files manally, removing packages with apt-get remove and reinstalling, config files are not installed?
<bogey-> jmedina: I meant that i removed them and deleted some files, then I tried to apt-get install squid and they dont replace the files
<jmedina> bogey-: I already got in to those problems, never knew how to solve it
<jmedina> what I did is copy squid and squid-common from /var/cache/apt/archives
<jmedina> extrac the .deb with ar and then copy the files to /etc/squid/
<arakthor> does using apt-get --purge remove pkgx pkgy     followed by apt-get install pkgx pkgy   work?
<jmedina> arakthor: not afaik, because there is nothing to purge, they were alredy manually deleted
<arakthor> man the ubuntu is pretty slow
<arakthor> or is it just me?
<jmedina> "the ubuntu" ?
<arakthor> packages.ubuntu
<jmedina> same here
<jmedina> slooooowwwwww.....
<arakthor> heh, just timed out for me now
<kraut> hi
<kraut> how do i get access with knoppix to a softraid?
<kraut> is mdadm --assemble /dev/md2 /dev/sda3 /dev/sdb3 incorrect?
<ju_> hi
<ju_> I'm nearly killing me fixing some postfix problem here
<ju_> is here some postfix geek?
<ju__> hi
<dts> does anyone know when tomcat6 will come out?
<dts> * will become part of main
<zul> dts: soon
<leonel> ScottK: Working now  on clamav-daemon  MIR
<kees> are fresh hardy installs missing /etc/inittab?
<zul> kees: uuuuuuuuuuuh.....they shouldnt
<dts> what's the best way to install tomcat6 now?
<kees> zul: no package seems to provide it...
<zul> nm I dont have it in my chroot either
<zul> dts: from the archive its still in universe
<kees> anyway, lack of inittab surprised some random script of mine while it was looking for the default runlevel.  :P
 * kees worked around it
<dts> zul what do you mean?
<zul> dts: apt-get install tomcat6
<dts> zul: could not find package
<zul> dts: enable universe in your /etc/apt/sources.lists apt-get update and apt-get install tomcat6
<dts> http://pastebin.ca/1181818
<dts> (sorry this is my first time doing it on the -server eddition with commandline)
<docta_v> any syslog-ng guys in here?
<docta_v> i want to suppress a particular message from snmpd
<docta_v> getting all these "truncated 32 bit integer" crap
<docta_v> which supposedly is getting fixed in a newer package... but i backported the 8.04 snmpd to 7.04 and still getting the error so i just want to filter it out
<dts> zul the pastebin shows that my universe is enabled, correct? how come i can't find the tomcat6 package?
<zul> apt-cache search tomcat
<zul> it should be there check the forums
<dts> i only see tomcat5.5
<zul> should be there check wiki.ubuntu.com
<ScottK> leonel: MIR are by source package, so clamav is what we need done.
<leonel> ScottK: ok and that must be done working in intrepid  right ?
<ScottK> It should be based on the Intrepid packaging.
<ScottK> You don't need to be running Intrepid to write the MIR.
<nxvl> kirkland: uploading update-motd
#ubuntu-server 2008-08-23
<mrpoundsign> hello! :) I am trying to set up a network router, masquerading one interface, another one is internally routed, and the third is the external interface. Seems that I can't get the 2 internal interfaces to talk to eachother, though the server can ping both. Any hints?
<mrpoundsign> internel networks are 192.168.24.0/24 and 192.168.64.0/24. (eth1 and eth2 respectivly) -- I want 192.168.24.0 to be natted, but not 192.168.64.0, however, I need .24 and .64 to be able to talk to each other.
<LMJ> hello
<Kamping_Kaiser> Note that it is a given that the Samba-Team will continue to track
<Kamping_Kaiser> Windows (NT/200x) update releases, ensuring that Samba will work
<Kamping_Kaiser> well with whatever "Beta" releases Redmond throws our way :-).
<Kamping_Kaiser> i like samba :)
<Kamping_Kaiser> well, i dont, but i like the hackers ;)
<jmazaredo> if i put 192.168.1.11 mail.domain.com in host file and it cannot find it in the network will it query dns servers?
<Kamping_Kaiser> depnds what 'it' is
<jmazaredo> 192.168.1.11 mail.domain.com 192.168.1.12 mail.domain.com the first ip fails will it go to the next?
<Kamping_Kaiser> if your using MX records, not in a hosts file. afik
<HellMind> I'm having a problem with postfix, I got the www-data file, with emails and postfix don't send them, why?, mail.log mail.err mail.info doesn't say anything :(
<AlexC_> hey,
<AlexC_> I'm migrating over to a new VPS host (linode) and I am now using their DNS servers instead of my own. I've also setup Postfix/Dovecot on the server and edited the DNS so that 'mail.example.com' points to the new server. This is well over 24 hours ago now, yet places like Google and eBay and still sending email to my old server IP - I have done something very wrong?
<Weasel[DK]> AlexC_, what's is your domain name ?
<AlexC_> Weasel[DK], openzula.org mail.openzula.org tangocms.org  should be relevant
<AlexC_> Weasel[DK], mx record for tangocms.org should be pointing to mail.openzula.org
 * Weasel[DK] looking into it
<AlexC_> thanks =)
<Weasel[DK]> AlexC_, there are no MX records on thoses domains (openzula.org +  tangocms.org)
<Weasel[DK]> Your local DNS my be cheating oyu
<AlexC_> O_o
<Weasel[DK]> If i cant see the records, goggle and such can't either
<AlexC_> Weasel[DK], that is confusing, I'll pastebin the zone file
<Weasel[DK]> AlexC_, well im  not DNS guru.. but ill hav a look at it ;)
<AlexC_> Weasel[DK], http://paste2.org/p/64532
<AlexC_> (that is for openzula.org)
<soren> AlexC_: That specifies an mx record for mail.openzula.org
<soren> Replace:
<soren> #
<soren> mail                    MX      10      openzula.org.
<soren> with
<soren> @                    MX      10      openzula.org.
<soren> and you're good.
<soren> Er..
<soren> No.
<soren> hehh..
<soren> @                    MX      10      mail.openzula.org.
<soren> Like so.
<soren> (Don't forget to increase the serial number when you change it)
<AlexC_> soren, I'll try, though I'm unable to edit the zone file manually. Have to go through Linodes DNS manager. I'll try and (somehow) get it like that :P
<soren> What fields do you have to fill in when adding an MX record?
<AlexC_> soren, I assume I have to do that for my other domains, to? This is the MX I have for tangocms.org:   mail			MX	10	openzula.org.
<AlexC_> soren, hostname, priority, subdomain, TTL
<AlexC_> so I assume, hostname = nothing, subdomain = mail.openzula.org
<AlexC_> ahh, other way around. Ok, got that
<AlexC_> I've gotta shoot off now, hopefully that has done it. I'll come in later to check about the other domains (if they need any tweaking)
<AlexC_> g'bye
 * delcoyote hi
<AlexC_> morning all,
<AlexC_> finally got my DNS issue working out, however - for some reason trying to send an email from my Google account to an account of my server, results in the following entry in my /var/log/mail.log: NOQUEUE: reject: RCPT from ey-out-2122.google.com[74.125.78.24]: 554 5.7.1 <alex@example.com>: Relay access denied; from=<example@googlemail.com> to=<alex@example.com> proto=ESMTP helo=<ey-out-2122.google.com>
<AlexC_> I have it setup so that 'mail.main_domain.com' is my MX records, and 'example.com' is a domain that my server will provide for, if that makes any sense :P
<AlexC_> a ha ... I have to set mydestinations for every domain I have hosted,
<uvirtbot> New bug: #260703 in mysql-dfsg-5.0 (main) "* Stopping MySQL database server mysqld                                 [fail]  invoke-rc.d: initscript mysql, action "stop" failed. invoke-rc.d returned 1 There is a MySQL server running, but we failed in our attempts to stop it. Stop it yourself and try again! dpkg: bÅÄd przetwarzania /var/cache/apt/archives/mysql-server_5.0.51a-3ubuntu5.1_all.deb (--unpack):  podproces pre-installation script zwrÃ³
<nxvl> kirkland: contratulations
<gnuvince_> I'm trying to install Hardy Heron 8.04.1 i386 Server on my PC, the md5sum of my iso file matches the one in the MD5SUMS file on the server, yet when the installer tries to mount the CD-ROM, I get a red screen and a message reading "The CD-ROM does not seem to contain a valid 'Release' file, or that file could not be read properly."  Is this a known issue?  What can be done to fix it?
<uvirtbot> New bug: #257453 in php5 (main) "php5 crashed with SIGSEGV" [Undecided,New] https://launchpad.net/bugs/257453
<fromport> gnuvince: could be read/write error on a specific cd/dvd drive. You could try another cd/dvd(-RW)
<gnuvince_> fromport: I tried two from two different brands
<nealmcb> kirkland: good job on motu!  and good stamina :/
<fromport> gnuvince: can you physically swap/exchange the drive ? i've experienced it before. was a bad drive in my case
<sommer> kirkland: yay for motu... \o/  congrats
<AtomicSpark> anyone famiular with openLDAP server (or anything that resembles it)?
<foolano> AtomicSpark:  ask and we'll see :)
<jetole> hey guys. I know this isn't related to my ubuntu but I have just been tasked with finding a web based management tool for the company that allowa everyone to log in. manage their tasks, admins to be able to review everyones tasks, etc etc and was wondering what anyone might be able to recommend
<jetole> basically an employee task management application
<AtomicSpark> Well I have lots of questions lol. But I'm curious what happens to local users when the client is changed to use ldap. Do they show up on the list too or are they just for fallback incase you cannot connect to the LDAP server?
<jetole> AtomicSpark: local users do not get added to LDAP by default
<jetole> on a similar subject, does anyone know how to make AD verify against LDAP SSO?
<AtomicSpark> well i'm just worried about username conflicts. i made all the "admin users" my name on all the clients when installing ubuntu. :P
<AtomicSpark> right now i need to find the "required" values in ldif. I don't need half the items the examples use.
<AtomicSpark> i'm sure it's on the website.
<nxvl> jetole: trac
<jetole> I don't know about trac, this applies to hr, marketing, partnership management etc
<nxvl> oh
<nxvl> mm
<nxvl> opencms
<nxvl> or something like that
<nxvl> trac is more like proyect managment
<nxvl> opencms is more what you are looking for
<nxvl> i think
<nxvl> there is also tinyerp and such things
<jetole> I will look into opencms
<jetole> I am already planning to implement trac for the programmers since we already use SVN
<jetole> um
<jetole> this isn't for content management
<jetole> let me clearify
<jetole> our ceo wants to log on and see what projects all employees are working on
<jetole> or our marketing department wants to assign a project to a group within marketing
<jetole> or I want to prioritize what I am working on etc
#ubuntu-server 2008-08-24
<emgent> kirkland: congrats! :)
<PumpkinPie> hello :)
<PumpkinPie> whats up bill
<Bill_MI> Hi PumpkinPie.  Playing with a new install on an old K6 system.
<PumpkinPie> ubuntu server?
<Bill_MI> Yeppers
<PumpkinPie> why server ?
<Bill_MI> I'm fighting a vacuum of knowl;edge.  Everything's a project.
<Bill_MI> Just wanted to replace an aging NT5 utility box that does DNS, mail, ftp, web, etc
<Bill_MI> Been looking at Webmin but it looks like it conflicts with other setups.
<PumpkinPie> the box is at a data center or office?
<Bill_MI> Nope, home use only.
<Bill_MI> It looked like it would run well... except encryption (SSL, HTTPS) bogs it right down.
<Bill_MI> BIND9 with the latest patches runs great!
<Bill_MI> Any suggestions on setting up Postfix?
<Bill_MI> A good walkthru Howto?
<Bill_MI> After being used to Synaptic I'm slowly getting up on Aptitude.
<benlake> man, hardy is being a real pain with installation on software raid, I didn't have near this much trouble in 7.10.
<benlake> 2 disks, cleared partition tables with livecd/fdisk, zeroed md superblocks, reboot, recreate md raid1 device, attempt to auto partition the md device and it errors out with "too many primary partitions"
<benlake> I can't seem to manually create any more than 1 partition either
<benlake> bbiab
<Drezard> hellol?
<Drezard> need some help please ?
 * antdedyet performs a little late hour server setup for a client that has enjoyed the switch over to Ubuntu
<ghaleb> hello, I made a mess in my ubuntu server making samba to use my ldap, how can I return everything to defaults, I mean configurations and so on
<zhaozhou> Anyone running pure-ftpd around here?
<Gilnim> hi! Does somebody know how to access the html config file of MediaTomb without a graphical interface?
<Gilnim> figured it out. thank you anyway
<exalt_> hello, is it necessary to the VPN server to be installed on the gateway ?
<ghaleb> exalt_,  I have the same question, my vpn clients suffer from very slow service
<exalt_> ghaleb, what vpn server do u use ?
<ghaleb> pptp
<exalt_> I see
<exalt_> I don't know .. what do u see guys ?
<KyleNeedsHelp> i know this is maybe not the right channel but noone was able or interested in helping me on the other (k)ubuntu channels
<KyleNeedsHelp> is it possible to install ubuntu on faikraid ?
 * delcoyote hi
<WaFFeN> hi i find a 5.0.4 server edition
<Nicke> WaFFeN: Why do you want the 5.04 edition? It's over 3 years old by now.
<mok0> What does "All rights reserved" mean? Is it part of the copyright, or of the license?
<mok0> Sorry wrong channel, please ignore
<Koryo_Sanders> Hiya all, anyone up for saving me? i can't seem to get my interfaces file back :(
 * Nafallo doesn't have your interfaces file
 * _ruben neither
<Koryo> erm.... well i re-wrote it, and in the same directory, but every time i restart /etc/init.d/networking, i get "/etc/network/interfaces:5: duplicate interface" and under that "ifdown: couldn't read interfaces file "/etc/network/interfaces" then another 2 lines exactly the same exept ifdown is iifup.
<Koryo> (all done with sudo, after i originally changed the file without sudo, screwing it up...)
<_ruben> pastebin the contents of ur interfaces file .. like it says, it most likely contains duplicates
<Koryo> _ruben, it really doesn't lol, and i can't pastebin it because its not connected to the net xD
<Koryo> line 1) auto lo   line 2) iface lo inet loopback   line 4) auto eth0    line 5) iface lo inet dhcp
<_ruben> line 5 is wrong
<_ruben> it says
<_ruben> it says lo instead of eth0
<_ruben> like it said .. duplicate :)
<_ruben> duplicate of line 2 that is
<Koryo> 0_0 blimey.... xD Thank you ^_^
<Koryo> YAY! it works! thank you very much _ruben!
<_ruben> nice :)
<Koryo> btw - do i have to put my wireless card in the interfaces file as well?
<_ruben> never worked with wireless on ubuntu (server, nor desktop), wouldnt know
<Koryo> k cheers for the help with the file tho ^^ took ages lol
<foolano> ping nxvl
<nxvl> pong
<sysadmin> hello
<sysadmin> has anyone here setup n-way ldap replication?
<foolano> nxvl: hey i was testing the latest courier package in intrepid and i think i'm having problems with it
<foolano> nxvl: related to the removal of the rpath info
<nxvl> how is that?
<foolano> i was about to open a bug, but i wanted to ask you first
<nxvl> just open it, so we can discuss it there and keep track of it
<nxvl> :D
<nxvl> foolano: once you open it please send me the bug number
<foolano> nxvl: cool :)
<foolano> nxvl: maybe it's just my installation, i'm gonna open it anyway :).
<nxvl> yep
<nxvl> :
<nxvl> better to open it
<sysadmin> does anyone know of a packaged fedora directory server?
<zul> there isnt one
<sysadmin> don't supposed anyone has the n-way replication working?
<foolano> nxvl: can you please take a look at #260899 ?
<sysadmin> in openldap
<sommer> sysadmin: yep, I've set one up
<sysadmin> sommer: what version did you use ?
<sommer> sysadmin: the version in intrepid... 2.4.11
<sysadmin> did you do that recently?  i tried with a backport i made, but it was .10 then
<sysadmin> ok time for me to go backport .11
<sommer> sysadmin: yep, last week
<sysadmin> sommer: cool i tried a month ago
<sysadmin> time for me to get going then :)
<sommer> sysadmin: the steps I used are documented in the development version of the ubuntu server guide
<sysadmin> thanks for your help!
<sommer> np
<sysadmin> sommer: awesome
<sysadmin> back in a sec, i just repaired my laptop
<foolano> nxvl: i gotta go now. talk to you later :)
<Koryo> hey _ruben. got it to work as well ^^
<frith> i was debating about setting up a repo of standard version of apps for all supported versions,  for example ldap and bacula
<Koryo> Just curious - Whats a resume image? i keep seeing it at  boot...
<guntbert> imho its for 'suspend to disk'
<frith> Koryo, well my laptop just suspended, however i had an encrypted partition and things went a little wrong,
<Koryo> er.... sounds tricky :s
<frith> well solution was to format the swap
<frith> however i think i will just keep it unecrypted
<Koryo> how does an encrypted swap benafit you?
<frith> Koryo, well if private data gets swaped to disk, any security i once had from the encrypted data partition has gone
<Koryo> doesn't swap get erased on reboot? i thought swap was used like RAM?
<frith> nope
<frith> you would have to wipe everything which would slow your boot time to ...
<Koryo> hmm... *googles swap partition*
<frith> if i hack to debian/control i can change the depends?
<frith> ah and the .dsc file
<Koryo_Sanders> can anyone tell me what SIOCADDRT means please?
<mok0> Koryo_Sanders: In what context?
<Koryo_Sanders> mok0, in that every time i try "ifup eht0" i get that and "no such process", then the "failed to bring up eht0." message.
<Nafallo> Koryo_Sanders: try eth0? :-)
<Koryo_Sanders> lol misstyped on here, it is eth0 xD
<mok0> hehe
<Koryo_Sanders> this time i have an internet connection on my desktop. i have attempted to modify my interfaces file in /etc/network again. would anyone mind taking a look for me?
<mok0> pastebin it
<Koryo_Sanders> http://pastebin.ubuntu.com/40228/
<mok0> Koryo_Sanders: the gateway needs to be on the same network
<Koryo_Sanders> as?
<Koryo_Sanders> because im trying to route information from that ethernet card, throught the wireless card to my router
<mok0> Koryo_Sanders: eth0
<mok0> Koryo_Sanders: 200.0.0.1
<mok0> Koryo_Sanders: normally, that would be the gateway
<mok0> Koryo_Sanders: but that depends on how your network is set up
<Koryo_Sanders> basically - router 192.168.1.1, this desktop on DHCP (the pastebin file is on this desktop), and another desktop connected to the eth0 port.
<mok0> Koryo_Sanders: so you want desktop#1 to function as a router?
<Koryo_Sanders> preferably yep
<mok0> Koryo_Sanders: you should look up the linux router howto
<mok0> Koryo_Sanders: you need 2 cards
<Koryo_Sanders> i have 3
<mok0> Koryo_Sanders: network cards
<mok0> :-)
<Koryo_Sanders> 2 eth (once the others installed) and 1 wireless
<mok0> Koryo_Sanders: then you need to set your desktop up so it will route traffic from one card to the other
<Koryo_Sanders> routing tables?
<mok0> Koryo_Sanders: to tell you the truth, I've never done it. I think there are a couple of different ways to do it. One way is to use iptables
<Koryo_Sanders> would you know of any limitations to that?
<mok0> But you also need to configure the cards
<mok0> Koryo_Sanders: iptables, you mean?
<Koryo_Sanders> configure the cards? how so? im using crossover cables. yep thats what i mean
<mok0> configure the cards with IP numbers, etc
<mok0> iptables is very efficient. It works on kernel level
<Koryo_Sanders> wouldn't MAC address be better?
<Koryo_Sanders> as some of my IP's are DHCP driven
<mok0> You need to configure the router so it routes one network to the other. DHCP will always give you the same network and use the same gateway
<mok0> Koryo_Sanders: there is some nice gentoo docs here: http://www.gentoo.org/doc/en/home-router-howto.xml
<Koryo_Sanders> thanks ^^
<ScottK> mok0: Is this something we want sommer to add to the Ubuntu Server guide do you think?
<mok0> ScottK: you mean the router docs?
<ScottK> Yes.
<ScottK> Anytime I see someone here pointing at Gentoo docs, I'm wondering if we need to add to ours.
<mok0> ScottK: well, it would be useful, but I think it needs a good rework
<ScottK> mok0: Any chance you'd be willing to help sommer out with that?
<mok0> ScottK: sure... but I don't that much about routing
<ScottK> OK.  Well hopefully sommer reads the scrollback and takes it up.
<Koryo_Sanders> !whereis apples
<ubottu> Sorry, I don't know anything about whereis apples
<SjG_TedsHouse__> question about setting up a virtual appliance using JeOS: do I want to set up the VM as NAT or Bridged networking?
<SjG_TedsHouse__> o, going with Bridged so outsiders can connect... hope they have DHCP available :)
#ubuntu-server 2009-08-17
<tsrk_> how can I allow root login via SSH keys but not SSH password?
<jmarsden> tsrk_: Since root has no password in Ubuntu, just set up the keys and you are all set :)
<tsrk_> jmarsden, lets say (completely hypothetically of course) i had a root password. then, how would i do it? :)
<jmarsden> First you get rid of the root pw and then proceed as above.  Failing that, you set PasswordAuthentication no in sshd_config, but that would apply to all users, not just to root.
<tsrk_> hmm, could do that, although there's some times i really want to use pws for other users
<jmarsden> There is no good reason for a root pw on a Ubuntu machine that I know of, BTW.  So... get rid of it :)
<jmarsden> sudo usermod -p '!' root
<tsrk_> i'd much rather type "su" than remember some random options for sudo?
<jmarsden> And that is higher priority that a sane ssh config to do what you need... well, it is your choice.  sudo su works fine if you really can't remember sudo -s
<tsrk_> what's the difference between sudo -s and -i?
<jmarsden> -i simulates initial login, -s uses the $SHELL and does not simulate initial login.  man sudo
<tsrk_> alright
<tsrk_> and what about being secure at the startup console?
<tsrk_> i guess i can block that option... but did they fix that?
<jmarsden> Please explain how the default is insecure?
<tsrk_> i think it used to be that with no root password, when the system was booting you could go into recovery mode and select root shell
<jmarsden> I'll try it in a virtual machine... but if you give someone physical access to the server, security is pretty much nonexistent anyway... they can steal the machine, remove a hard drive, boot from a CDROM, etc etc...
<tsrk_> there can be a difference between hardware security and software security
<tsrk_> first of all they might have console access without being physically in the same location as the machine
<tsrk_> (the case 99% of the time where i work)
<tsrk_> also, i'll know if someone tampers with hardware, but not necessarily software
<giovani> tsrk_: with serial console access, and a grub/lilo password, they shouldn't be able to boot single user
<giovani> there should also be a bios password, etc
<tsrk_> giovani, that's a good point
<tsrk_> giovani, well, some of my machines need to be able to boot w/o a password
<giovani> boot?
<tsrk_> (there's a bios password for setup, but not boot)
<giovani> you don't need a password to boot
<giovani> I'm talking about modifying the bios, and modifying startup flags
<giovani> this is standard stuff at every company I've ever worked at
<giovani> bios and lilo/grub password for modification
<tsrk_> will that cover everything?
<giovani> clearly physical access to the box means you can pop the jumper and reset the bios
<tsrk_> yeah
<giovani> that will cover everything remote unless you have an out-of-band management system like IPMI/DRAC/iLO/etc
<tsrk_> alright
<giovani> so if all you have remote-access wise is serial console
<tsrk_> i gotta reboot to check something, but i'll probably be back in  here in a few minutes
<giovani> then a boot manager and bios password are all you need
<tsrk_> ok
<tsrk_> thanks for the help
<giovani> np
<giovani> so, I haven't installed a new 9.04 server install until today
<giovani> when did lilo become the default boot manager?
<pmatulis> lilo?
<giovani> or did that only happen because I put /boot on LVM and grub is presumed to be less happy with that?
<giovani> pmatulis: yep
<pmatulis> will need to try that
<nick125> I thought grub supported /boot on LVM....
<giovani> nick125: it does, afaik
<giovani> but not incredibly well
<giovani> as in, as of the latest stable, it only supports a single vg
<nick125> Ah. Well, there's a reason not to put /boot on LVM :)
<giovani> not if lilo supports it perfectly
<giovani> or if you use something newer than grub stable
<giovani> there's nothing that should prevent a boot manager from using LVM
<giovani> anyway, yeah, with some googling it appears ubuntu doesn't believe grub is capable of nicely handling LVM /boot :)
<giovani> so it forces you to use lilo
<giovani> good to know
<pmatulis> tsrk_: did you figure out your no-password-for-root question?
<tsrk_> pmatulis, yeah, thanks
<pmatulis> tsrk_: what did you do?
<tsrk_> just disabled root pw and set up some other security stuff instead
<tsrk_> at the bootloader
<giovani> disabled root pw?
<tsrk_> yeah
<jmarsden> sudo usermod -p '!' root
<giovani> what do you mean?
<tsrk_> set the encrypted pw to !
<tsrk_> yeah
<tsrk_> what jmarsden said
<pmatulis> tsrk_: ah ok, thought you said hypothetically if root had a p/w
<giovani> nothing should've been there to begin with
<tsrk_> pmatulis, yeah, i hypothetically set the root pw to !
<tsrk_> all of this is hypothetical
<pmatulis> tsrk_: k, b/c i thought i had an answer for you
<giovani> heh, now I'm confused
<tsrk_> pmatulis, well lets say hypothetically that it wasn't all hypothetical, what was your answer going to be?
<tsrk_> giovani, DW about it :P
<jmarsden> giovani: trsk_'s 'hypothetical' server used to have a root pw, because he created one... but now he has removed it :)
<pmatulis> tsrk_: adding these 2 lines at the end of /etc/ssh/sshd_config:
<pmatulis> Match User root
<pmatulis>    PasswordAuthentication no
<giovani> jmarsden: is it hypothetical in the sense that his imaginary friend has a problem he can't talk about?
<tonyyarusso> Hi, I need to consolidate my contacts information into a central location, so I was thinking of making an address book in an ldap server since most e-mail clients can load that.  Could someone teach me how to do that?
<tsrk_> pmatulis, ah, that looks perfect! i might hypothetically have to use that :)
<giovani> tonyyarusso: LDAP isn't really appropriate for a single person's contact storage
<tonyyarusso> giovani: I'm open to other ideas if you have them.
<tonyyarusso> Basically I want something I can load on my Linode and access from all of my computers.
<tonyyarusso> Although somewhere down the line I know I'll end up using LDAP (I'm planning to do sysadmin stuff as a career), so it seemed like a reasonable idea to start learning about it now if it would work.
<giovani> tonyyarusso: well, #ubuntu-server isn't really the place to learn how to share contacts
<giovani> nor is it the place to design an LDAP schema
<tonyyarusso> giovani: Well, they would be stored on a server running Ubuntu, so I'm not sure why not.
<jmarsden> tonyyarusso: At the low end of the complexity scale, a simple static web page (password protected so only you can see it) could work.
<tonyyarusso> jmarsden: I want something that can actually load in the address book features of for example Evolution, so it works in my e-mail client, not something I'd have to go copy and paste from.
<giovani> tonyyarusso: because this is about ubuntu-specific issues ... sharing contacts isn't an issue with ubuntu
<tonyyarusso> giovani: Again, if you have a better suggestion please let me know what it is.
<giovani> there are dozens of contact-sharing solutions
<giovani> use google
<giovani> I have, and found tons
<tonyyarusso> I haven't found any that suited the above description yet - they're all either manual syncing stuff or client-specific (ie Thunderbird extensions, etc.)
<giovani> tonyyarusso: then you haven't googled enough
<giovani> syncml, groupdav, imap extensions
<tonyyarusso> syncml is a manual syncing, not a central repository.
<tonyyarusso> Looking at groupdav now.
<giovani> there's absolutely nothing about syncml that makes it "manual"
<giovani> it's a markup standard
<tonyyarusso> "Currently not. The current draft requires that the client keeps an offline cache of the server data. Indeed GroupDAV basically specifies how such a cache is to be kept in sync with a server.
<MenZa> !jfgi | giovani
<ubottu> giovani: Acronyms or statements like noob, jfgi, stfu, or rtfm are not welcome in this channel. Period.
<tonyyarusso> Online access is something which should be well covered by the CalDAV protocol and is currently considered out of scope for GroupDAV.
<giovani> MenZa: I don't see how that's relevant
<giovani> tonyyarusso: this is seriously out-of-scope for #ubuntu-server
<MenZa> Generally, saying people "Haven't Googled enough" isn't exactly helpful. Remember the !CoC :)
<MenZa> Let's all be nice and happy and help each other.
<giovani> MenZa: it's an out-of-scope question, I've made numerous efforts to point him in the direction he should be going for help -- I think it's a perfectly valid response given the situation
<tonyyarusso> giovani: Then show me a better channel...  Last I checked LDAP runs on Ubuntu, and you haven't come up with a better way than that, so I'm still hoping somewhere here can teach me some of the basics of ldap on Ubuntu.
<tonyyarusso> You pointed me to Google.  That's not help.
<giovani> it helped me find the answer to your question
<giovani> just because data is stored on an ubuntu server doesn't make it related to ubuntu
<MenZa> giovani: If you found the answer, post that instead. :)
<giovani> MenZa: I have
<tonyyarusso> If you found a real answer, then link it please.  Your other suggestions don't match my criteria, and I stated why.
<giovani> MenZa: feel free to read the conversation you're critiqing
<MenZa> giovani: All I'm saying is that asking people to Google is borderline to being 'nice'
<giovani> tonyyarusso: they have, you've misunderstood their function
<MenZa> And by that, I end the discussion.
 * MenZa huggles giovani and runs away.
<giovani> MenZa: I disagree, particularly when it's an off-topic question
<tonyyarusso> I'll re-state the desired behavior:
<tonyyarusso> I open Evolution on my laptop.  I go to compose a message, start typing in a contact name, and it auto-completes.
<tonyyarusso> Later, I edit another contact, close that machine, and walk away.
<giovani> it's out of scope for this channel, have fun
 * giovani &
<tonyyarusso> I get on my desktop, pull up Thunderbird, type in the second contact's name, and there it is, with the changes made earlier.
<matt_keys> I'm running virt-manager locally to connect to kvm host remotely via ssh. When I point it to the iso, either locally or remotely, it has a problem finding it. Does anybody know what I'm doing wrong or a way around this?
<jmarsden> tonyyarusso: Have you rejected existing tools such as conduit?  Conduit is GNOME-specific, so not at all relevant in this channel...
<jmarsden> matt_keys: You might find better help in #ubuntu-virt for virtualization-specific questions.
<tonyyarusso> jmarsden: Yes.  Conduit again is just a syncing tool that has to be run separately - I want to be directly modifying a central record so I don't have to deal with unnecessary middleman steps.
<tonyyarusso> In short, Conduit would be functional, but inefficient and awkward.
<jmarsden> OK.  It seems to be the direction Ubuntu is moving in for exactly this kind of functionality. However... you are free to build your own tool if you insist... but #ubuntu-server is probably not a good place to expect a lesson on how to do that.  You can see the Server Guide at https://help.ubuntu.com/9.04/serverguide/C/openldap-server.html for the basics of setting up OpenLDAP on Ubuntu.
<matt_keys> jmarsden: Thanks I'll give it a shot.
<baffle> tonyyarusso: I think your questions is (somewhat) on topic to be honest; Especially considering the new blueprints for centralized AA in Ubuntu (OpenLDAP/Kerberos).
<tonyyarusso> baffle: Thanks.  Any chance you know more about the answer?  ;)
<baffle> tonyyarusso: Well, a standard OpenLDAP installation will give you this.
<tonyyarusso> There is some really promising talk towards centralization, but of course talk is hard to use.
<baffle> tonyyarusso: Yes, I haven't really noticed much work happening to that blueprint; It seems to be targeted for Karmic, but at the way things are moving it seems to be Karmic+1 or +2..
<tonyyarusso> baffle: I've been attempting to learn about that, but finding that lots of LDAP guides are rather overwhelming, and was hoping there might be a shortcut of sorts since I have a small, specific goal.
<baffle> tonyyarusso: Ofcourse, the *infrastructure* is all there right now.
<baffle> tonyyarusso: I've run OpenLDAP/Kerberos auth for many years now.
 * tonyyarusso bought a 4-inch think book on the subject - 'tis a slow read
<baffle> tonyyarusso: Yes, I've bought the O'Reilly OpenLDAP and a few others as well. To be honest, I learned much more from just looking at the software, reading up on ASN.1 etc.
<tonyyarusso> I would hope those sorts of blueprints are in place for the next LTS, which seems to be shaping up to be Karmic+1 based on Debian's move, so here's hoping.
<tonyyarusso> ASN.1?
<tonyyarusso> baffle: One thing that seems odd is that lots of things talk a lot about designing schemas.  Aren't there some standard ones that most applications use?
<baffle> tonyyarusso: Well, yes and no.
<baffle> tonyyarusso: There are just guidelines.
<baffle> tonyyarusso: You really have to design your own tree.
<tonyyarusso> yikes
<baffle> tonyyarusso: Everyone seems to do things differently. :)
<baffle> tonyyarusso: Sorry, have to be away, in the middle of an incident.
 * tonyyarusso goes to read more then
<giovani> this is what I said about an hour ago
<giovani> designing an ldap schema is all on you
<giovani> this is why it's not used as a personal contact store -- and is used for reasonably sized companies that will gain immensely from the effort
<baffle> giovani: Well, it works perfectly as a personal contact store.
<baffle> giovani: And, to be honest, I think it is a good idea to tackle such an easy project before implementing a huge company wide directory.
<giovani> baffle: it's serious overkill, so, "works perfectly" is relative -- and no question you should understand LDAP before rolling it out company wide
<twb> I don't think there are too many people who truly understand LDAP :-)
<Vigh> I'm running a webserver on jaunty, and whenever Apache is running (~20% CPU load, not using full bandwidth), SSH performs very slowly (i.e. I am SSHing in and commands take a relatively long time to respond) -- any suggestions?
<twb> Vigh: set up QoS on your routers.
<twb> Vigh: the large http packets are "muscling out" your low-latency ssh packets.
<Vigh> twb: not an option, it's running on Amazon's cloud
<twb> ask amazon or google about qos on that platform, then
<twb> I'm sure it's a widespread issue that someone else has already solved
<Vigh> twb: ok, will do -- thanks!
<tsrk_> twb, how is amazon's cloud? how's pricing?
<twb> tsrk_: I've no idea.
<tsrk_> oh :(
<tsrk_> what do I need to do to change my server's hostname? I know I should edit /etc/hostname and /etc/hosts, anything else?
<twb> tsrk_: edit /etc/hostname and run hostname.
<tsrk_> will hostname set /etc/hostname?
<twb> No, hostname sets the run-time value.  hostname(8) is called with /etc/hostname's contents at boot.
<tsrk_> oh, i see
<twb> tsrk_: note that some apps will be completely and utterly fucked by changing the hostname, e.g. an LDAP server
<tsrk_> will that update /etc/hosts for me automatically?
<tsrk_> oh really?
<twb> No, you'll need to change /etc/hosts as well, if you include a hostname in there.
<tsrk_> the main things i'm running are openssh, proftpd, and samba
<tsrk_> just the default ubuntu thing
<twb> OpenSSH is unlikely to care.  I can't speak for ProFTPd or Samba.
<tsrk_> ok
<twb> Incidentally, I strongly encourage you to replace proftpd with sftp (for write access) and vsftpd (for anonymous read access).
<tsrk_> is main.tsrk.us or main a better hostname?
<tsrk_> i use openssh's sftp, but proftpd for backup
<twb> tsrk_: /etc/hostname contains only the host name, not the FQDN
<tsrk_> ok
<tsrk_> so a hostname should just be "main'?
<twb> That depends on the context.
<twb> In the context of /etc/hostname, a hostname is just the name, not the FQDN.
<tsrk_> this isn't my FQDN anyway
<twb> I would, incidentally, use a more meaningful name than "main".
<tsrk_> it doesn't actually have an FQDN
<tsrk_> this is just a home server
<tsrk_> i have main and test and out
<twb> Typically I assign personal names to servers, then use DNS CNAME aliases to provide role names.
<tsrk_> those are meaningful to me
<tsrk_> hmm
<tsrk_> i used to do tsrk1 tsrk2 tsrk3
<twb> So e.g. www.lan CNAME ymir.lan
<tsrk_> but that just got annoying
<jmarsden> See http://www.faqs.org/rfcs/rfc1178.html -- Choosing a host name for your computer
<tsrk_> jmarsden, thanks for the link, i read through it and it seemed interesting but i'm not sure i want to name my machines after colors :P
<jmarsden> tsrk_: So pick some other scheme... that's just an example :)
<tsrk_> i like to name them by what they do
<tsrk_> because i'll be reinstalling if they ever do anything else
<jmarsden> tsrk_: But then when you consolidate functions life is wierd, or when you have a mail/web/jabber server do you name it mailwebjabber.example.com .. and then you add mysql to it... now what?
<jmarsden> Next week someone wants an SNPP server... do you rename mailwebjabber to mailwebjabbersnpp now? :)
<tsrk_> on this network i only really have the capacity for one internet-facing server, so i'm calling it out. my main internal server is never above 0.05 load afaik so i feel safe calling it main
<tsrk_> this isn't likely to get any of those servers (i don't even know what they are)
<tsrk_> but i could safely add jabber to my "out" server
<tsrk_> anyway, if i were to run all those services, wouldn't vms be safer?
<jmarsden> If you have the RAM, it might be.  But chroots for security-interesting services is usually safe enough.
<tsrk_> lol @ "security-interesting"
<tsrk_> and ram is getting pretty damn cheap these days
<twb> jmarsden: thanks for the RFC
<jmarsden> tsrk_: Yes; I have 8GB on my home desktop here, precisely so I can play with VMs :)
<jmarsden> twb: No problem.
<tsrk_> i think processing power is becoming more the problem
<tsrk_> 8gb ram is like $100 now... but processors to saturate that ram aren't cheap
<tsrk_> although i heard there's amazing discounts if you work for intel or know someone that does
<tsrk_> a guy i work with managed to get two 8-core nehalems for free through intel
<jmarsden> Well, I picked up a Q9550 last week for US$169 from Microcenter :)  2.83GHz quad core with 12MB L3... that's a fair bit of CPU power for not much $$
<tsrk_> yeah that's pretty good
<tsrk_> can run 3 light vms + host OS pretty well?
<jmarsden> Yes.
<tsrk_> i'm gonna need to switch to a laptop soon though
<tsrk_> i'm really trying to wait till they get quad core
<jmarsden> Maybe better to get a cheap netbook and ssh into your desktop or server(s) ... also avoids the "oops, I droped it and just blew X thousand dollars" syndrome :)
<tsrk_> i have a lenovo s10 for now
<tsrk_> it's decent
<tsrk_> but i think i'll need more for college
<tsrk_> cause i really don't want to bring a desktkop
<twb> It really irks me when a single-user laptop has enough CPU and memory to run all of .gov
<jmarsden> tsrk_: It all depends what you'll be doing with it.  Maybe leave a desktop at home on a fast Internet connection, or rent a VPS somewhere for your computationally intensive tasks?
<twb> "I upgraded my lappy from 4GiB to 8GiB so I can run two eclipse instances at once and still browse in 100 tabs in iceweasel."
<jmarsden> Well, some people have money to spend on fancy laptops for those kinds of reasons, I suppose :)
<tsrk_> twb, i'm just saying i need more than my s10 with 1gb of ram and 1.6ghz single-core
<tsrk_> jmarsden, i think i'll need more local power and especially screen space
<tsrk_> i've been looking at the lenovo T-series and they look nice
<twb> jmarsden: it just seems retarded when you could put all that power in a colo rack and just run ssh on the laptop-cum-xterm
<jmarsden> tsrk_: Understood.  Although a $200 screen for your dorm room would handle the screen space.
<jmarsden> twb: Yes, that's definitely more the way I tend to do things.
<twb> If I could find a cellphone with HDMI that could run Debian, I'd replace my EeePC with it.
<tsrk_> jmarsden, i really don't want to be working on stuff in my dorm room. a laptop gives me nice portability
<twb> (Apparently HDMI uptake is low due to royalty fees, and DVI-D isn't used because the connector is relatively huge.)
<twb> jmarsden: it's also a pain in the arse to lug a 3kg A4 laptop when a 500g A5 one would suffice.
<jmarsden> twb: I think Apple has some weird mini-DVI connector to try and work around that connector issue, maybe it will eventually become a "standard"?
<twb> jmarsden: well, HDMI is backward-compatible with DVI-D
<jmarsden> tsrk_: When I went to college (1980 to 1983), noone had computers useful for real work at all, we all used the campus mainframes :)
<tsrk_> jmarsden, well, now they even expect me to buy maple for a basic calculus class
<tsrk_> btw, will a netbook run that?
<jmarsden> I think there's a few free alternatives, if you want to cause a few raised eyebrows :)
<twb> tsrk_: apps run in the server room, not on your netbook.  That's the whole point.
<tsrk_> twb, graphical ones?
<twb> jmarsden: IME it's easier to just change uni when they start demanding you learn with proprietary tools that have mature FOSS alternatives.
<twb> tsrk_: sure.
<tsrk_> twb, i don't have that kinda bandwidth here :(
<twb> tsrk_: you don't have ISDN or ADSL1 at home?
<jmarsden> tsrk_: Have you played with mathomatic or maxima for example?
<tsrk_> jmarsden, i've used maxima some
<tsrk_> it seemed somewhat useful, but a lot of the stuff i think is maple specific
<tsrk_> i might be able to do it in maxima but it'd take extra effort
<tsrk_> and if i'm using maple on tests etc... i should really use it all the time
<jmarsden> That should be fine, and should run on a 1.6GHz netbook... you'd have to translate from maple, and the exta effort woudl make surfe you actually learned the underlying principles, I'd think?
<twb> jmarsden: unfortunately unis no longer test understanding
<tsrk_> twb, yeah, i'm starting to think that this is more of a class on how to use maple than math
<tsrk_> but i guess i'll see
<tsrk_> this isn't for uni though
<twb> polytechnic, whatever
<tsrk_> it's a community college (replacement for high-school class)
<jmarsden> twb: Agreed, but that doesn't mean you should avoid understanding ... you just ahve to reconvert the courses to ensure they teach you want you really wanted to learn.
<twb> jmarsden: that being the case, there's no point going to school at all.
<jmarsden> I can't see the value of teaching someone basic calculus with a program at that level.
<jmarsden> twb: well, only that others recognize the degree you get at the end, basically.
<twb> jmarsden: the whole point of school is to provide regular, objective assessment, so you know what to revise
<twb> jmarsden: eh, you can just forge those
<tsrk_> thanks for the ideas :)
<jmarsden> I wouldn't know about that :)
<twb> Consider: do you really want to work for an employer who cares more about accreditation (in maple, not math) than about your actual competence?
<twb> I got my last job management going "hey, I think I've seen you at the local LUG.  You were pretty helpful."
<twb> s/job/job by/
<jmarsden> twb: That's slightly unusual.  More common is that you need to get past the keyword screening secretarial staff to even get your resume (never mind yourself) in front of someone capable of evaluating your actual competence.
<twb> Bleh.  Such places probably have a dress code and evil shit like that
<tsrk_> twb, those places also give you more monies
<twb> Meh.  They'd have to pay a lot more for the privilege of making me dress up funny and turn up at 9AM every day
<jmarsden> Not always... Hewlett Packard (for whom I once worked) had no timeclocks and no dress code for us techies... but the recruitment process to get in the door of their R&D dept. was... somewhat bureaucratic.
<tsrk_> well, i'll do what it takes
<awlt> I want to expedite running vmbuilder within a corp network, so it makes sense to have a local apt-mirror to avoid being reliant on the internet.  So apt-mirror provides the standard stuff, but what about my own corporate artifacts that won't reside on the internet? Can they be added to an apt-mirror, or do I need something else? (Do I need to run my own corporate PPA? Is that the right strategy?)
<twb> awlt: you mean "how can I make a private apt repo"?
<awlt> I think so, yes.
<tsrk_> i am i still connected?
<twb> awlt: it's dead easy, I just forget the command
<twb> thingy-scanpackages
<awlt> dpkg-scanpackages?
<twb> ya
<awlt> I still need the apt-mirror, right?  There isn't a solution that is both a private apt repo and proxy?
<jmarsden> Right, just use both together.
<twb> In theory you can make a debmirror, then copy your own debs into it and generate new a Packages file.  But that's super sucky, so don't do it
<awlt> I want to avoid the super sucky strategy, that is why I am asking.  ;-)
<jeeves_Moss> is there an easy way to send e-mail form the CLI (using mailx) through a gmail account?
<twb> msmtp-mta can use gmail as its smarthost
<twb> mailx then just sees the /usr/sbin/sendmail symlink
<jeeves_Moss> twb, ?  can you give me a link for a "howto"?
<twb> You WILL need to store the gmail password in cleartext in /etc/msmtp or ~/.netrc, or be prompted for it each time.
<twb> http://twb.ath.cx/Preferences/.msmtprc
<jeeves_Moss> twb, that's fine.  I'm looking to test it on a local system before I deploy it.  I'm concered about the cert from gmail (since they use TSL I think), and I need to be able to e-mail a list of people (the systems admin group)
<twb> aptitude install ca-certificates
<jeeves_Moss> twb, I don't mean to be rude/dumb, but could you give me a hand to set this up so I can write it down and get past the "pit falls"?
<twb> jeeves_Moss: start by "aptitude install msmtp-mta ca-certificates"
<jeeves_Moss> twb, ok, one sec.  (thanks again BTW)
<jeeves_Moss> twb, ok, we're good.  next?
<twb> Now try /usr/sbin/sendmail -oi -t -d -v <test.msg
<twb> Expect it to complain in some fashion; pastebin the output
<jeeves_Moss> it's giving me that test.msg "no such file or directory"
<twb> You need to write a file test.msg
<twb> It will contain the headers (e.g. "To: fred@example.net"), a blank line, then the message body.
<jeeves_Moss> ohhhh, sorry.  one sec
<jeeves_Moss> ok, so how should the file be constructed?
<twb> 15:54 <twb> It will contain the headers (e.g. "To: fred@example.net"), a blank line, then the message body.
<jeeves_Moss> http://pastebin.ca/1532185
<jeeves_Moss> twb, will this let me write an e-mail to a group of people from one file?
<twb> jeeves_Moss: what we are setting up is the ability for you to send arbitrary emails through your existing gmail account.
<jeeves_Moss> twb, I need to be able to send e-mails locally (say if a service goes down or when I cron job finished) through my gmail account
<twb> If an email is only delivered locally, then by definition it doesn't pass through gmail
<twb> If you need local delivery, msmtp will not suffice; you'll need something larger, like postfix.
<twb> For example if you want to be able to email other users on the local host, while the local host isn't connected to Internet.
<jeeves_Moss> twb, ok, well, I need to be able to send it through the gmail account.  it's because the e-mails are actully sending a txt to a cell phone (unless there is an easier way to send a txt msg from the CLI)
<gnuyoga> jeeves_Moss: if u r looking at local email delivery system, then u need local email server. else if u just want to send an email out using existing gmail account u need to follow  twd
<twb> I'm not familiar with email to SMS bridges.
<twb> !u
<ubottu> U is the 21st letter of the modern latin alphabet. Neither 'U' or 'Ur' are words in the English language. Nor are 'R', 'Y', 'l8', 'Ne1' or 'Bcuz'. Mangled English is hard for non-native English speakers. Please see http://geekosophical.net/random/abbreviations/ for more information.
<jeeves_Moss> twb, if you send an e-mail to <phonenumber>@fido.ca then it will send the contents of the email as a text to the cell
<twb> By "a text" I presume you mean SMS?
<jeeves_Moss> twb, yes, sorry
<jeeves_Moss> twb, basically, I need to be able to send SMS messages from the CLI
<twb> Do you own or pay for service on fido.ca?
<twb> I thought gratis mail->sms bridges were extinct.
<jeeves_Moss> no, that's why I went the gmail is a free way of doing it
<twb> But gmail isn't fido.ca
<jeeves_Moss> (since all you do is send an e-mail to <phone_number>@fido.ca
<jeeves_Moss> and if it's bell, then it's <phone_number>@txt.bell.ca
<jeeves_Moss> twb, that's why I wondered how to send an e-mail through gmail from the CLI
<twb> jeeves_Moss: surely what you really mean, then, is "I need to be able to send email to N@fido.ca from the CLI."
<jeeves_Moss> twb, yes.
<twb> I would normally use the ISP's smarthost rather than gmail's, if only because it'll be faster.
<jeeves_Moss> twb, but when I tried it from my main domain, I was unable to receive it, but when I sent it from the gmail account, it worked
<twb> jeeves_Moss: that's probably because your own domain isn't set up properly to send mail
<jeeves_Moss> twb, this is why I thought that gmail would be the better option (or currently from testing, the only option)
<jeeves_Moss> twb, my mail domain works fine for regular send/receive
<twb> I doubt that.
<twb> Probably you are receiving with IMAP or POP3, and sending all mail to a smarthost relay
<jeeves_Moss> ok, one sec, I'll test it
<twb> i.e. you are not participating in mail directly.
<twb> So what I'm saying is, just send CLI mail using that smarthost as well.  It doesn't have to be the gmail smarthost.
<jeeves_Moss> the mail e-mail server on our main domain is not local to this box I'm testing on.  it's in Michigan, and i'm on Vancouver island
<twb> Well, anyway, it doesn't really matter what smarthost you use, the procedure is still the same.
<jeeves_Moss> hummm, one sec
<twb> You need to tell /etc/msmtprc or ~/.msmtprc to use the smarthost.
<jeeves_Moss> one sec.  testing something
<jeeves_Moss> ok, my domain won't send to the phone, and hotmail won't send to the phone
<jeeves_Moss> ok, I stand corrected.  I CAN send to my phone from hotmail (there's just a HUGE delay)
<jeeves_Moss> can anyone point me in a good direction to send e-mail through gmail from the CLI?
<pwnguin> anyone know what happens if you boot Ubuntu with two identical, non-raided disks?
<pwnguin> ie imaged data
<jeeves_Moss> pwnguin, it depends on what the first disk on the chain is, and where the boot loader is
<psteyn> Hi. when I run php -v it says 'with Suhosin-Patch'
<psteyn> but when I try and do apt-get install php5-suhosin it shows as a new install
<psteyn> what gives?
<pwnguin> jeeves_Moss: lets say one's sata and the other's sata in a usb enclosure
<soren> pwnguin: I'm not sure what kind of answer you're looking for. It'll boot up and run.
<jeeves_Moss> pwnguin, well, once again, it depends on how you have the boot device selection
<pwnguin> hmm
<pwnguin> soren: if the UUID's are identical...
<jeeves_Moss> my netbook defaults to booting from USB, but I can choose where it boots
<pwnguin> basically, im looking at the pitfalls of applying jwz's backup trick to Ubuntu
<soren> pwnguin: It's not going to magically pretend like they're RAID1'ed, if that's what you're asking.
<pwnguin> soren: no, but im wondering if it will just give up or decide randomly
<soren> Decide randomly.
<soren> ..but work.
<pwnguin> "work"
<soren> Work.
<pwnguin> in the case of a cron rsync
<pwnguin> it'll work, but you could randomly land on the nightly backup and miss whatever since last run
<soren> Yes, if you reboot it migt use the other disk and work with that.
<pwnguin> thats kinda what i thought i'd do
<pwnguin> for reference, here's the general plan, applied to OSX
<pwnguin> http://jwz.livejournal.com/801607.html
<pwnguin> but i think it's a non-started and I'll look at other stuff
<pwnguin> non-starter even
<baffle> jmarsden: Apple uses Displayport and mini-displayport. My Lenovo W500 also has Displayport. I've noticed that displays are starting to come with that connector now as well.
<soren> pwnguin: I actually used to do something just like that.
<soren> pwnguin: The disks just didn't share their UUID.
<soren> pwnguin: This was long before UUID booting came around, so the boot loaders on each drive just pointed at /dev/hda. In case of failure, I'd swap the disks and it'd boot from the new /dev/hda.
<pwnguin> soren: honestly, i put it on hold after i realized i'd need to sync the MBR
<pwnguin> the UUID thing i thing is also going to put a stake through it
<soren> pwnguin: With grub, that's easy. Just install it once, and you're done. menu.lst will be kept in sync by the rsync thing.
<twb> soren: apparently this is coming for extlinux, too
<pwnguin> it was more i didn't want to look up the command to install grub to a specific disk, but yea
<soren> twb: "this"?
<twb> an auto-updated menu.lst
<twb> http://bugs.debian.org/541293
<pwnguin> technically, you could just do a find and replace on the menu.list and fstab
<twb> Or rather extlinux.conf.
<soren> extlinux?
<pwnguin> looks like an alternative bootloader
<pwnguin> ?
<twb> extlinux is a bootloader that isn't shit
<twb> Never mind.
<twb> As to backing up the OS from one machine to another, you can use tune2fs to make the UUIDs match, and similar techniques for swap, LVM and mdadm UUIDs.  You need to edit the MACs in /etc/udev/rules/*persistent-net*, though.
<pwnguin> i have to admit, the main use case for this is having a live, connected backup disk on the same machine
<soren> I really wouldn't recommend making the UUID's match.
<twb> I've also had... exciting times with whitebox cases where the primary SATA disk in a RAID1 dies, and the bootloader on the second disk doesn't work because it's trying to talk to (hd0) instead of (hd1) -- or vice-versa, because some BIOSes will automatically present sdb as sda to the OS :-/
<twb> soren: sorry, I do this when the disks are in separate machines, not in the same box
<soren> twb: Even then.
<soren> twb: What's the point?
<pwnguin> taking something that has "universally unique" in the name and making it locally not unique sounds like a bad idea
<twb> soren: the point is not having to edit fstab and every other damn reference to the UUIDs after every sync
<twb> soren: in particular, if your latest sync dies halfway, you KNOW that fstab will refer to the correct UUIDs.
<soren> twb: Why would you sync fstab between two different systems?
<twb> soren: because your second system is a BCP failover for the first one
<soren> Who cares if the fstab matches if all the data does?
<twb> soren: because you want it to boot up without having to talk some fuckwit in Africa through manually fixing fstab from a livecd
<soren> That's the entire point. Just leave the fstab be and you're don't have to.
<twb> Erm, but the root filesystem during backup isn't the root filesystem you're backing up.
<twb> It's not a load balancing system, it's a BCP system
<pwnguin> the problem is menu.lst
<pwnguin> you can't exclude it, because it points to the kernel
<pwnguin> but you can't leave it alone, because it includes a UUID
<twb> pwnguin: here, IIRC it points to an LVM volume
<twb> Yeah, it does.
<soren> twb: I'm not what you mean by BCP system?
<twb> soren: BCP is business continuity planning
<pwnguin> this is a technology?
<soren> twb: Ok... I'm still not getting it, I must admin.
<soren> admit.
<twb> Only in the way that, say, Human Resources is a technology
<pwnguin> it's a failover cluster, i think is the term of art
<LiraNuna> what does 'passwd: Authentication token manipulation error' means?
<twb> business continuity is about "oh fuck, a mission-critical service is down.  If it's not back up in four hours, we will be bankrupt."
<soren> twb: The fact that it's meant to be used as a drop-in replacement doesn't mean that you can't be clever with fstab.
<LiraNuna> auto.log says 'pam_mysql - only super user is allowed to change authentication token.'
<LiraNuna> any idea why?
<soren> twb: Besides, if you're using lvm, you don't need UUID's anyway.
<twb> soren: /boot, at least, isn't on LVM.
<soren> twb: Point.
<twb> The main reason I use UUIDs in fstab is because that's what the target Ubuntu server uses by default.
<twb> AFAICT you're right, that using LVM LV names would also work fine
<soren> twb: True. It does so, because it's the safe choice.
<pwnguin> LVM isn't safe?
<soren> Well...
<soren> It's the safe choice until someone *on purpose* duplicates their universally unique ID's.
<soren> pwnguin: Someone might plug in a hard drive with a lvm vg on it with the same name.
<pwnguin> heh
<soren> pwnguin: lvm names aren't unique, but they are consistent, which is /usually/ the problem UUID's are meant to solve.
<pwnguin> LiraNuna: i would guess pam_mysql is trying to change the password and PAM is not having any of it
 * soren runs to get his laptop power supply.
<twb> soren: duplicating UUIDs is only a problem if you ever put both duplicates into the same system
<pwnguin> which is kinda my goal
<LiraNuna> pwnguin, sys users can change their password without being root
<twb> pwnguin: yeah, sorry, I ran off on a tangent.  My implementation uses two complete systems, rather than just having a failover HDD
<pwnguin> LiraNuna: not on the pam stack
<pwnguin> its' about the provided password, not the hash stored in shadow
<LiraNuna> pwnguin, no password is being provided
<twb> Is LiraNuna's problem that pam_mysql only supports the auth part, and not the session/account/thingy parts?
<LiraNuna> pwnguin, http://pastie.org/585636
<pwnguin> twb: im just making sure i can nail this trivial rsync thing down, cuz i really like the idea of having a hot spare
 * soren mumbles something about raid.
 * pwnguin mumbles something about historic value
<pwnguin> raid will dutifully delete both copies of a file when asked to do so
<LiraNuna> rdiff-backup
<pwnguin> LiraNuna: that's on my list
<pwnguin> personally, i'm backing up to a NAS with mirror raid
<pwnguin> i'll probably end up with something like deja dup
<soren> pwnguin: I've seen people use RAID1 with an external drive that they plug in once a day, sync up, and unplug again.
<pwnguin> heh
<twb> pwnguin: there is a difference between a backup (RAID) and an archive.
<pwnguin> twb: i know this.
<soren> You don't have physically unplug the disk, you can just to the mdadm magic to pretend like you did... and that's scriptable.
<pwnguin> for example: i have a desktop. it backs up to a NAS. the NAS has two drives in mirror
<twb> Personally for in-system disks, I would have a RAID1 or RAID5, and then ON TOP of that utilize hard-linking to make incremental archives.
 * soren is a RAID1+Bacula sort of person
<pwnguin> there's about a billion backup packages in Ubuntu
<pwnguin> i checked and graphed some inheritance
<twb> Where basically the archive just does a glorified cp -al current $today
<twb> as a cron job
<soren> Bacula backs up to a local file based archive which is synced to Amazon S3 and removed locally.
<pwnguin> bacula seems a bit enterprisey
<soren> pwnguin: 'tis.
<pwnguin> sbackup looked interesting
<pwnguin> but is hellaciously buggy
<LiraNuna> in http://pam-mysql.sourcearchive.com/documentation/0.6.2-1/pam__mysql_8c-source.html line 02236, it checks if user is root
<pwnguin> LiraNuna: do you know how your PAM stack is currently configured?
<pwnguin> (ie do you really want users in mysql?)
<LiraNuna> yes
<twb> I have always been too lucid to learn bacula or amanda.
<LiraNuna> it first checks if sys user exists, then resorts to mysql
<twb> mysql is a bloody toy database
<twb> Might as well use sqlite
<LiraNuna> I'll need to manage thousand of users on one machine
<twb> LiraNuna: even flat files can manage a mere thousand users
<pwnguin> generally ldap is optimized for that
<twb> For unix auth, LDAP and kerberos is the future
<pwnguin> but probably, mysql is handy for network auth
<pwnguin> anyways
<LiraNuna> twb, yes, but I also need other processes logging in using same credentials
<twb> pwnguin: if you want handy and don't care about robustness or security, I would say NIS over mysql ;-)
<pwnguin> my impression is that the error you are recieving is that the mysql module is attempting to modify the password token
<LiraNuna> FTP, mail etc
<twb> LiraNuna: all of which should be using pam, and so can use pam_krb or pam_ldap
<LiraNuna> pwnguin, look at the source at http://pam-mysql.sourcearchive.com/documentation/0.6.2-1/pam__mysql_8c-source.html line 02236
<pwnguin> you type in a password, pam converts it to a token
<twb> I'm not saying that kerberos and ldap are *easy*, but they are robust, secure and scalable.
<LiraNuna> twb, buzzword buzzword buzzword :)
<LiraNuna> j/just kidding
<pwnguin> anyways, some crazy pam stacks might fiddle with the password between modules
<LiraNuna> pwnguin, this behavior is built into the source so users can't their own password
<pwnguin> can't what their own password?
<LiraNuna> +set
<LiraNuna> my bad, it's getting late
<LiraNuna> pwnguin, all I have is pam_unix, pam_mysql and pam_deny
<pwnguin> well, pam source code is out of my expertise
<pwnguin> and it's 3am
<LiraNuna> it's quite readable
<pwnguin> except i dont know the call patterns
<LiraNuna> if(guid() != 0 /* NOT ROOT */ ) error("only root ...);
<LiraNuna> line 2236
<LiraNuna> I'm just wondering if it's a desired behavior
<twb> LiraNuna: if you have pam_unix before pam_mysql, that is the problem
<twb> LiraNuna: pastebin the non-comment, non-blank lines from /etc/pam.d/common-*
<LiraNuna> twb, was about to do that
<pwnguin> hmm. my laptop's downstairs
<pwnguin> but i recall needing to do something to pass the password
<twb> pwnguin: pam is extremely not fun if you don't grok it deeply
<twb> pwnguin: I guess you're thinking of use_first_pass
<pwnguin> yea
<LiraNuna> twb, http://pastie.org/585646
<pwnguin> twb: i had a coworker totally nuke a VMware esx server
<pwnguin> apparently he tried copying over pam lib files
<pwnguin> to "fix" a problem
<LiraNuna> were they different arch? :D
<pwnguin> afaik, vmware doesn't do multiarch
<pwnguin> but the disk was full
<pwnguin> leading to very empty pam_unix
<LiraNuna> ouch
<pwnguin> oh i think i know what happened
<pwnguin> the disk was full
<pwnguin> the new vsphere stuff has a new user
<pwnguin> for VM migration
<pwnguin> because the disk was full it was failing to log in
<pwnguin> and apparently his first idea to fix broken login was copy the library packages from a known good server
<LiraNuna> twb, any idea of the correct order?
<pwnguin> see, this is why pam code is unreadable
<pwnguin> pam_sm_chauthtok - service provider implementation for pam_chauthtok
<pwnguin> chauthtok stands for CHANGE auth tok, not check
<LiraNuna> chmod = CHANGE modes
<LiraNuna> chown = CHANGE owner
<LiraNuna> chgrp = CHANGE owner
<LiraNuna> I see a pattern here
<pwnguin> probably not a good idea to guess
<LiraNuna> makes sense to me
<LiraNuna> ck would be check
<pwnguin> chk is a frequent mneumonic
<LiraNuna> fsck
<twb> Sorry, I was elsewhere
<twb> LiraNuna: you realize you just handed us a copy of your mysql root password
<LiraNuna> twb, haha it's in a VM
<LiraNuna> twb, I don't care, since it's in a toy VM :)
<LiraNuna> else I'd mask them
<twb> LiraNuna: my unerstanding is that pam_mysql doesn't have account/auth/session support, only password.
<twb> This is based on the apt package description
<LiraNuna> I was following this - http://www.spencerstirling.com/computergeek/mysqluser.html
<LiraNuna> twb, libnss-mysql handles the rest
<twb> LiraNuna: er, no it doesn't.
<twb> LiraNuna: libnss provides name resolution, not session stuff
<LiraNuna> oh?
<twb> libnss basically just means getent(1) works
<LiraNuna> my bad
<LiraNuna> ah, right, id -> name
<twb> I'm actually surprised that ANYONE can reset their mysql password via passwd(1)
<LiraNuna> mysql password?
<LiraNuna> you mean a password that is stored in the database?
<twb> LiraNuna: I mean the password that's in the mysql relation
<LiraNuna> root can do that, if I do sudo passwd username it will UPDATE the field
<LiraNuna> using md5crypt
<twb> Anyways, your pam.d common entries look OK to me
<LiraNuna> will also update the lastchange field to current unix time
<twb> (Assuming pam_mysql is a well-behaved and complete implementation, which I'm not convinced it is.)
<LiraNuna> twb,  look at the source at http://pam-mysql.sourcearchive.com/documentation/0.6.2-1/pam__mysql_8c-source.html line 2236
<pwnguin> its pretty clear
<pwnguin> on that part
<twb> LiraNuna: ah, heh
<LiraNuna> should I patch it?
<LiraNuna> I don't think it's correct behavior
<twb> Not without understanding the implications
<twb> Remember when someone tried to fix up entropy in ssl/ssh?
<LiraNuna> haha
<pwnguin> getuid != 0? DENIED
<twb> Bootstrapping and security are things you Should Not Fuck With.
<LiraNuna> pwnguin, question is why
<twb> LiraNuna: ask the devs
<pwnguin> LiraNuna: no, the question is why sudo works
<LiraNuna> sudo executes with root
<LiraNuna> privs
<pwnguin> sudo executes with effective root privs, no?
<pwnguin> geteuid() vs getuid()
<LiraNuna> yes, sudo id
<LiraNuna> $ sudo id
<LiraNuna> uid=0(root) gid=0(root) groups=0(root)
<pwnguin> passwd is probably a setuid program
<LiraNuna> euid will be the used invoking that
<LiraNuna> user*
 * LiraNuna emails the developer
<twb> pwnguin: sudo is setuid, then it relinquishes privileges later.
<twb> passwd is also setuid
<LiraNuna> thing is sudo passwd does store the password in the db
<LiraNuna> so I really question that check
<twb> LiraNuna: because passwd sees euid=0
<twb> Or rather pam_mysql, via passwd, does
<pwnguin> twb: pam_mysql does getuid()
<LiraNuna> ^
<twb> Huh.
<twb> Oh well, again I would go pester the pam_mysql devs
<LiraNuna> on it
<pwnguin> http://pam-mysql.sourcearchive.com/documentation/0.6.2-1/pam__mysql_8c-source.html
<pwnguin> 02235       if (getuid() != 0) {
<jeeves_Moss> I'm getting "TLS certificate verification failed: the certificate hasn't got a known issuer" from mailx when I try to send through gmail.  what am I doing wrong?
<LiraNuna> 'Use geteuid() instead of getuid() to check if the current user is uthorized to change the password (PR #1338667). '
<LiraNuna> http://pam-mysql.sourceforge.net/
<LiraNuna> apparently that release isn't in debian/ubuntu
<pwnguin> damn im good
<LiraNuna> hehe
<pwnguin> probably, you want to look at the source to what you are using
<pwnguin> apt-get source
<LiraNuna> it's the old version
<pwnguin> maybe even apply the patches
<LiraNuna> as per apt-cache policy
<pwnguin> dont trust version numbers
<LiraNuna> pwnguin, he removed the check for guid() on that version
<LiraNuna> the source is way different
<pwnguin> its entirely possible that the debian package is patching the tarball
<pwnguin> well, its late
<pwnguin> gnite
<LiraNuna> the source night
<LiraNuna> thanks for the help
<jeeves_Moss> LiraNuna, still in here?
<LiraNuna> yes
<jeeves_Moss> are you any good with certs?
<jeeves_Moss> I'm having issues with the "howto" @ http://www.ericstockwell.com/
<LiraNuna> sorry, I don't know much about smtp auth
<LiraNuna> I failed setting it up myself :/
<jeeves_Moss> I get that it can't find the file (and I can't "locate" it either)
<LiraNuna> sudo updatedb
<LiraNuna> then locate again
<jeeves_Moss> tried that
<jeeves_Moss> the file phsyically isn't in the ZIP
<LiraNuna> sorry, it's too late and I lack the knowledge to help
<jeeves_Moss> then I get send-mail: TLS certificate verification failed: the certificate hasn't got a known issuer
<LiraNuna> oh
<LiraNuna> did you self sign it?
<jeeves_Moss> no, I followed the instructions in the howto.  I don't want to receive, I just want to use the SMTP server
<LiraNuna> "Scriptable sendmail via Gmail in Ubuntu 8.04*" ?
<jeeves_Moss> yep
<LiraNuna> you're probably looking for http://www.marksanborn.net/linux/send-mail-postfix-through-gmails-smtp-on-a-ubuntu-lts-server/
<jeeves_Moss> http://www.ericstockwell.com/
<jeeves_Moss> not using postfix though
<LiraNuna> oh
<LiraNuna> I don't know how to configure/use any other mail server
<jeeves_Moss> it's not using a local server, it's just connecting to gmail's SMTP
<Jeeves_> Does gmail's SMTP include ads in your sent messages yet?
<jeeves_Moss> Jeeves_, no.
<Jeeves_> Hmm
<henkjan> google smtp servers annoy your mxservers first with 20 seconds ads before delivering mail? :)
<Jeeves_> :)
<Jeeves_> Ads in you logs :)
 * jpds hugs lamont.
<lamont> jpds: what did I do?
<jpds> lamont: new nmap :)
<jpds> Thanks for that.
<lamont> ah, yeah... finally got my head above water long enough to upload that last night
<acalvo> hi
<acalvo> what could it mean if running a ping based on the hostname or a route command takes so long to show results?
<alexm> acalvo: dns problems?
<acalvo> yes, could it be, because a ping based on the ip works without problems
<acalvo> but I cannot access my external lan
<acalvo> so I've thought that maybe there was some other error
<alexm> the dns query going to root servers currently unavailable for you could explain that delay i guess
<acalvo> makes sense
<acalvo> but I don't understand why it's giving this errors
<acalvo> since I'm cloning a current network, with new servers
<acalvo> the only thing I've change is the ip range
<acalvo> and static ips
<acalvo> and it won't allow me access the external lan
<acalvo> sounds like a firewall problem
<acalvo> but I've rechecked it more than 20 times
<acalvo> and seems fine
<Faust-C> acalvo, in situations like that i would really look at firewall logs again
<Faust-C> acalvo, for instance im in a similar situation youre in
<Faust-C> my firewall rules allow VLAN to VLAN, any protocol, however you must explicitly allow certain services (ports), at least w/ pfsense anyways
<Faust-C> brb
<acalvo> I know
<acalvo> and I've already checked them
<acalvo> and firewall logs doesn't even show any package coming form this lan
<acalvo> I'm starting to wonder if could be something related to VMWares ESXi
<embix> hi there
<embix> is it possible to use the "old-fashioned" slapd.conf instead cn=config with ubuntu server 9.04?
<roxy> Hi there...somebody know how i can backup my ldap data?
<embix> ldif dump?
<alexm> acalvo: sorry, i have no experience with vmware esxi
<acalvo> aleks: don't worry, thank you!!!Ã§
<alexm> try tracerouting or ping -R to see where the packets disappear
<alexm> and maybe etherape or any other graphical network monitor will help too, just in case you forgot something
<acalvo> alexm: the bad thing is that now I cannot install anything, since I don't have internet
<Jeeves_> kees: You awake?
<clusty> hey
<clusty> I would like to be able to address all PC's from the local network by hostname rather then IP
<clusty> i managed to do this ages ago: for each PC to advertise his hostname when asking for a dhcp address
<clusty> any clues how to go about it?
<Guest11311> Good day, is this the right place to inquire about troubleshooting mailman configuration on Ubuntu?
<pmatulis> clusty: investigate dnsmasq
<clusty> pmatulis, so the solution is on the server side or client side?
<pmatulis> clusty: server
<clusty> pmatulis, i remember having modified just the dhcp client conf before
<soren> clusty: Just because the dhcp client tells the dhcp server its hostname doesn't mean that the dhcp server will pass it on to the DNS server.
<soren> clusty: It just so happens that dnsmasq is a combined dhcp and dns server.
<soren> clusty: Your other option is avahi.
<clusty> thanks
<clusty> i am trying to figure out how did i set up the dns thing now
<Guest11311> Would anyone be willing to help me resolving mailman configuration issues?
<Steve[mbp]> morning everyone
<clusty> Guest11311, that is unproductive
<clusty> Guest11311, say what's hurting
<clusty> Guest11311, to quote the guidelines: "don't ask if you can ask. just ask"
<clusty> or similar :D
<clusty> soren, could you give me a hand on how to set up the whole thing with bind and dnsd ?
<clusty> soren, there will be a lot of unhappy people if i screw this one up
<Guest11311> I've finished installing and configuring mailman as per https://help.ubuntu.com/community/Mailman, however the web interface reports no mailing lists running and says "Error:  you are not authorized to create new mailing lists" whenever I try to create one through the web interface instead of the command line.
<Jeeves_> soren: Do you know why Ubuntu hasn't built a new kernel yet after the null-pointer bug?
<mathiaz> zul: hey - could you write up a MIR for squid-langpack?
<mathiaz> zul: https://bugs.launchpad.net/bugs/396472
<uvirtbot`> Launchpad bug 396472 in squid "Please merge squid (2.7.STABLE6-2)(main) from debian unstable(main)" [Undecided,Fix released]
<zul> mathiaz, sure
<soren> clusty: I could, but I'm confident teh intarwebz is a better ressource for this than I am. I've not done anything like that in almost 10 years.
<clusty> soren, ok. will dig in. the whole DNS thing is still a bit scary. I guess i might as well read about it now :D
<soren> clusty: Back then it was a bit of a hack. IIRC, I periodically went through the leases file and turned it into bind db entries. I'm sure there's better ways of doing it now.
<uvirtbot`> New bug: #414865 in samba (main) "mount.cifs does not handle umlauts in usernames correctly" [Undecided,New] https://launchpad.net/bugs/414865
<soren> umlauts in usernames? *sigh* Who would do that anyway?
<clusty> ze germanz
<clusty> :D
<soren> Probably :)
<Jeeves_> 16:29 < Jeeves_> soren: Do you know why Ubuntu hasn't built a new kernel yet after the null-pointer bug?
<soren> Jeeves_: No clue.
<Jeeves_> hmm
<mathiaz> ttx: did you advocate http://revu.ubuntuwire.com/p/libopendrim?
<mathiaz> ttx: it seems so
<ttx> mathiaz: looking
<ttx> yes
<mathiaz> ttx: ok - I'll upload the package then
<embix1> trouble with open ldap: "ldap_add: Server is unwilling to perform, additional info: no global superior knowledge" I have a fresh ldap, he doesnt like me to extend the tree
<jmedina> embix: how are you adding the data?
<jmedina> ldif?
<zul> mathiaz:can you update the seeds for mysql 5.1
<embix> jup
<embix> the main problem is to setup the database in the cn=config way
<embix> the slapd is not yet responsible for the suffix given in the .ldif
<kees> Jeeves_: am now
<Jeeves_> kees: Hi
<Jeeves_> You're security-guru, right? :)
<embix> problem solved, the dn was wrong...
<mathiaz> zul: no need. mysql-server is already seeded in server-ship
<zul> cool
<kees> Jeeves_: I do security work, yeah.
<jdstrand> kees is being modest :)
 * kees worries if he thinks he's a guru, he'll have to sit on a mountain-top and meditate.  :)
<Jeeves_> kees: Any clue on a new kernel for ubuntu due to the null-pointer bug published last week?
<jdstrand> it is probably good if one doesn't think of oneself as a guru... but that won't stop us from thinking so ;)
<kees> Jeeves_: yeah, it's building now, should publish later today.
<Jeeves_> Coolio
<kees> Jeeves_: most ubuntu installs will be safe, though, due to /proc/sys/vm/mmap_min_addr being above 0
<Jeeves_> I'm mostly interested in the server-stuff
<kees> Jeeves_: just check your /proc/sys/vm/mmap_min_addr value.  Dapper doesn't have it, which makes it vulnerable, which is why we're trying to get the kernels out asap
<Jeeves_> ah ok
<albatross> Anyone who can spare a moment? I', having trouble with chmod...
<embix> what is the problem?
<albatross> When i upload files via ftp they automaticly get chmod 600
<KillMeNow> chmod is pretty simple
<albatross> i want then to be 755
<KillMeNow> vsftpd?
<albatross> yes
<KillMeNow> it's in the vsftpd config
<embix> usually it depends on the ftp config
<albatross> ok? Hav'nt found any info in the config-file.
<albatross> Know what corrections have to be done?
<KillMeNow> http://vsftpd.beasts.org/vsftpd_conf.html
<embix> what ftp server do you use
<embix> ?
<pmatulis> albatross: yes, search for chown_upload_mode
<pmatulis> that seems to be for anonymous uploads however
<albatross> hmm.. have disabled anon
<KillMeNow> chmod_enable     When enabled, allows use of the SITE CHMOD command. NOTE! This only applies to local users. Anonymous users never get to use SITE CHMOD
<albatross> ok
<albatross> good.
<albatross> found it
<albatross> tnx
<Kamilion> Where does debian-installer load storage controller modules from when Detect Disks asks for modules and 'none of the above' is selected?
<pmatulis> Kamilion: try #ubuntu-installer
<Kamilion> Thanks.
<HellMind> chroot can be used as a virtualization method?
<dorvan83> hi to all!
<dorvan83> one question... in a default kernel of ubuntu server for an amd64 arch what is the default dimension of entropy pool? is possibible increase it?
<dorvan83> possible*
<dorvan83> also, anyone here is the maintainer of high-availability for ubuntu-server?
<giovani> dorvan83: if you want higher entropy, you probably just want to use a TRNG
<dorvan83> giovani: i had problem with a software, corrected by developers adding a input from keyboard to incrase the entropy because on ubuntu-server seems to have a little entropy (PRNG) than other distros (redhat and novell for example)
<giovani> dorvan83: I highly doubt that the RNG code is different between Ubuntu and RedHat)
<dorvan83> yes, me also.
<giovani> you can provide more entropy to the linux kernel prng by typing and accessing things on disk
<giovani> disk i/o, and keyboard/mouse input are the three main sources of random data for the /dev/random device
<dorvan83> but seems the pool can be set lower?
<giovani> what do you mean "set lower"?
<dorvan83> 512-4096
<HellMind> guys Is there a way chrrot with the minimal necesary files?
<HellMind> I mean with the minimun environmental files
<giovani> dorvan83: what does that number represent?
<giovani> HellMind: yes, you copy them
<giovani> what's "necessary" depends on your individual needs
<HellMind> but how do I know which files ar needed?
<HellMind> I want to run a quake3 server
<giovani> that depends on your needs
<giovani> I have no idea what quake3 needs
<giovani> I told you the other day to use ldd to find out what libraries the binary might be calling
<giovani> other than that ... it's not easy
<dorvan83> giovani: the entropy pool size
<HellMind> but its only a gameserver
<HellMind> ahhhhhhhhhhhhhhhh
<HellMind> giovani now I understand :D
<giovani> HellMind: what does that have to do with this?
<HellMind> sorry man
<giovani> dorvan83: dorvan83 that's set in the same place in every distro
<giovani> /proc/sys/kernel/random/poolsize
<giovani> it's set to 4096 by default in Ubuntu Server 9.04
<giovani> but you can't modify it without recompiling iirc
<HellMind> giovani ldd q3ded ->   not a dynamic executable
<giovani> HellMind: then it
<giovani> it's self-contained
<HellMind> then what I need :S?
<giovani> I don't know -- I've told you that
<giovani> there's no way for us to know what you'll need
<dorvan83> giovani: ah great. i don't know the kernel parameter name. thanks
<giovani> there are tons of factors
<dorvan83> solved
<HellMind> giovani but how can I know
<giovani> dorvan83: it's not editable -- this is compiled into the kernel, and not Ubuntu-specific
<giovani> HellMind: I don't know -- I have no clue what you need
<HellMind> -_-
<HellMind> giovani how can I run the q3ded chrooted to see some error or check if itsworks?
<giovani> HellMind: we've already explained how to use chroot
<HellMind> I know but I want a way to debug it
<giovani> debug what?
<giovani> I don't know how to debug quake3 ... that's specific to quake3
<HellMind> I wanto to start quake3 chrooted without a bash
<giovani> HellMind: we've been over how to do that
<HellMind> I found start-stop-daemon can chroot
<HellMind> chroot $CHROOT /start $1 ?
<Psi-Jack_> Ubuntu-9.04-server still comes with syslog standard, eh? Not syslog-ng or another alternative?
<pmatulis> Psi-Jack_: that's right
<Psi-Jack_> What's a good logger that supports sending to a remote server?
<Psi-Jack_> syslog-ng is one I know, but anyone have any other recs?
<pmatulis> Psi-Jack_: sysklog, the normal one
<Psi-Jack_> I want filtering abilities like syslog-ng has, sysklogd only filters strictly by the very basic log event types.
<giovani> so use syslog-ng :)
<Psi-Jack_> Hmmm.. What about rsyslog? That's one I've not heard of before, but has a lot on it's plate up front.
<pmatulis> Psi-Jack_: go for rsyslog then
<giovani> I've only used rsyslog for ssl stuff
<pmatulis> Psi-Jack_: it's the default in ubuntu starting next october
<giovani> since it does it out of the box
<Psi-Jack_> rsyslog is?
<pmatulis> Psi-Jack_: yes
<Psi-Jack_> Cool beans. That tells me right away, it's good. ;)
<pmatulis> Psi-Jack_: yes, lots of filtering capabilities
<pmatulis> Psi-Jack_: it also doesn't have the dual-license stuff like syslog-ng
<Psi-Jack_> Heck, more than that, filtering, logging to sql, tcp, ssl, etc, and even a php log event viewer.
<HellMind> giovani let say I want to run pwd in a chrooted environment using the less libs files as possible
<pmatulis> Psi-Jack_: yes
<giovani> yeah, uh, a php anything isn't a plus
<Psi-Jack_> Heh
<nick125> Hahah
<Psi-Jack_> I was soo dreading the idea of using splunk.
<Psi-Jack_> This may be the better alternative. ;)
<giovani> why?
<giovani> splunk is an awesome tool
<giovani> I'm just about to roll it out at work
<Psi-Jack_> EEh.. It's... Alright. but, for what I want, all I /need/ is a log viewer. Not a burden of excessiveness.
<giovani> oh ... well splunk isn't a "log viewer"
<giovani> so don't discredit it
<Psi-Jack_> yeah.
<giovani> it's just not appropriate for the job you need
<Psi-Jack_> Well, they also lied while calling it marketting, too. So
<giovani> ?
<Psi-Jack_> It's Free! .... but has a 500mb/day limit.
 * nick125 has come to the conclusion that there isn't such a thing as a simple open source CRM..
<giovani> nick125: nope, they all suck
<nick125> I mean, all I want to do is have a client database and a way to put "notes" on the account for appointments. THATS IT.
<giovani> then pay someone to write something that simple
<giovani> the problem with CRMs is ... no business is the same
<giovani> and trying to create a universal client-management tool is impossible
<nick125> Yeah, that's what I've found out.
<Psi-Jack_> Whoah, rsyslog even support snmp?
<nick125> If I wasn't so lazy^Wbusy, I'd write something in Django....
<psteyn> Hi guys.  I get this error in a command line php script: Fatal error: Allowed memory size of 67108864 bytes exhausted.  So, I then changed the memory_limit to 128M in all the php.ini files I found in /etc/php5/*
<psteyn> But it STILL gives me that same error as if the memory limit wasn't changed.  I then ran php -i | grep memory and it reported 128M, then I tried again and still got the same error
<psteyn> I have no idea what to do now, please help
<giovani> psteyn: when you got the error after making the change, did it still report 67108864 bytes? or a new, higher number?
<psteyn> giovani: still the same number
<giovani> psteyn: you sure the same php process isn't still running?
<psteyn> which is what makes it so weird
<giovani> ps aux | grep php
<psteyn> I've restarted apache anyway, but as I said it's a command line php script, so once it's done it's done
<giovani> run ps aux | grep php anyway, please
<psteyn> sure, sec
<psteyn> # ps -aef | grep php
<psteyn> root     22761 22750  0 22:28 pts/2    00:00:00 grep php
<giovani> are you absolutely positive that you only have one php installation?
<giovani> or that you editing the *right* php.ini
<giovani> sudo updatedb && locate php.ini
<psteyn> giovani: dead sure
<giovani> so run the command above
<giovani> and pastebin the output
<giovani> to make sure you don't have multiple php.inis
<psteyn> even used php -c to the patch of the config, and did a  var_dump(ini_get('memory_limit')); in the same shell and it confirmed 128M
<psteyn> giovani: I have multiple ones, one for cli one for apache, etc.  but I've increased all of them
<psteyn> lemme run that command anyway
<giovani> this sounds like a #php issue if you've really exhausted all normal troubleshooting
<giovani> either it's a per-process limit or something
<giovani> or you've made an error
<psteyn> where can I see the per process limit
<psteyn> nah, I'm migrating this script from centos to ubuntu-server using default and up to date php from ubuntu server
<psteyn> no error with script
<giovani> I didn't mean an error with the script
<giovani> anyway, hit up #php
<psteyn> giovani: already there...they are also stumpped so far
<psteyn> rofl, one if its include files have: ./update_cache.php:ini_set('memory_limit','64M');
<psteyn> :)
<psteyn> thanks anyway dude
<psteyn> cheers
<clusty> hey
<clusty> i am trying to get DNS resolved forthe local network also
<clusty> my problem is that the DNS request gets forwarded to my ISP, which responds with the standard domain not found page (ip address of the place where the page is stored)
<clusty> can some1 help me fix this? I could post my bind and dhcp config files
<giovani> clusty: I'm unclear on what your problem is -- try restating it
<clusty> giovani, so. i say for example: ping 192.168.0.128
<sgsax> clusty: your ISP has no idea what 192.168.x.x is, that's a private subnet
<clusty> http://pastebin.com/m39317b15
<clusty> sorry my bad
<clusty> ping algo01
<clusty> should reply: 192.168.0.128
<sgsax> if you want to resolve IPs on your private subnet, you need to have your own internal DNS solution
<clusty> sgsax, doing that
<clusty> sgsax, have my own bind and dhcpd
<giovani> clusty: cat /etc/resolv.conf
<clusty> sgsax, the machine is acting as a router and DNS
<Bilge> derp
<jmedina> hwat about search in resolv.conf?
<sgsax> clusty: the output in your pastebin looks correct to me
<clusty> nameserver 192.168.178.1
<clusty> ooops
<clusty> i should put resolve 192.168.0.1 first probably
<HellMind> guys
<HellMind> help on chrooting
<sgsax> yeah, because othwersie it will only get a request if the earlier ones timeout or error out
<giovani> heh
<HellMind> giovani I want to run ls in an tiny-as environment
<HellMind> I tried to copy some libs
<clusty> giovani, nameserver 192.168.0.1
<clusty> nameserver 192.168.178.1
<clusty> ny current resolv.conf
<HellMind> but its say bash not found, I copied bash libs too
<clusty> now I am getting redirected to openDNS
<HellMind> but the same error
<HellMind> I cant find this lib linux-vdso.so.1
<sgsax> clusty: if you are running nscd, you'll need to restart it to flush the cache
<HellMind> Do I need it?
<clusty> sgsax, i am running bind and dhcpd
<clusty> sgsax, i restart both?
<clusty> sgsax, do i also refresh algo01 ?
<sgsax> clusty: you shouldn't have to restart either
<jmedina> clusty: can you resolve your domain and hosts in dns server?
<clusty> jmedina, did not understand the question
<sgsax> clusty: try "dig @192.168.0.1 algo01"
<sgsax> that will force a query against your dns
<jmedina> you need the DNS prefix in your resolv.conf in order to resolve hosts using the short name
<clusty> sgsax, http://pastebin.com/m663cfb6f
<HellMind> giovani!
<jmedina> something like "search mydomain.tld"
<clusty> jmedina, i am a total noob when it comes to DNS. i copied from all the nets untill i got DNS working
<clusty> jmedina, that was the disclaimer :D
<jmedina> clusty: try: "rndc querylog" on your dns server so you can debug client queryes
<clusty> jmedina, does nothing
<jmedina> clusty: again, can you resolve algo01 hostname from your dns server?
<clusty> jmedina, i am trying now from that mchine
<sgsax> clusty: if you don't add the line jmedina suggested, you'll need to include the fqdn of your host in your dig query
<jmedina> something like "dig  @localhost algo01"
<clusty> jmedina, there are just 2 linux machines: DNS box and algo01
<giovani> sgsax: he'll need it either way
<jmedina> if not, try "dig  @localhost algo01.yourdomain.tld"
<giovani> dig doesn't respect /etc/resolv.conf
<giovani> it issues a plain ol query as you write it
<sgsax> giovani: ah, didn't realize that
<giovani> nslookup will, however, respect the search line in /etc/resolv.conf
<clusty> should i post my DNS and bind configs?
<jmedina> clusty: you better post dig output
<clusty> jmarsden, http://pastebin.com/m70f2c099
<clusty> your dig
<jmedina> algorithmica <--- is that the server machine or client=
<jmedina> ?
<HellMind> I need a chrooting guide of ubuntu-server without debootstrap
<sgsax> clusty: ok, so that says the server at 192.168.0.1 thinks the IP for algo01 is 67.215.65.132
<sgsax> you are expecting the 192.168.x.x address instead?
<clusty> sgsax, that is openDNS
<clusty> i think
<clusty> yes
<clusty> 192.168.0.128 should be the answer
<sgsax> ok, is your bind set up to be authoritative for that subnet?
<sgsax> or zone
<clusty> http://pastebin.com/m446da65d
<clusty> dhcpd.conf
<sgsax> this is not a dhcp issue
<sgsax> unless you are pushing out the wrong resolver info
 * giovani smacks head against wall very hard
<clusty> sgsax, sec lemme give you bind.conf
<clusty> named.conf
 * sgsax offers giovani ice and whiskey
<clusty> as of
<jmedina> clusty: have fun, I have to go out and rescue a customer's server :S
<clusty> jmarsden, :D
<clusty> sgsax, http://pastebin.com/m217a7097
<clusty> named.conf
 * jmedina hopes jmarsden donest have IRC notifications enabled :)
<sgsax> clusty: I do see in your dhcpd.conf that you are handing out addresses from a general pool
<sgsax> this means you also need proper dynamic dns setup locally
<clusty> http://pastebin.com/m7e8542b
<sgsax> either that or you have to issue specific IPs to known MACs
<clusty> named.conf.local
<clusty> sgsax, that is exactly what i do not want to do
<clusty> sgsax, i want dynamic ip's
<sgsax> that's fine, but you need dynamic dns running internally
<clusty> sgsax, and still be able to address them by name. so far we have 3 machines and it bearable.
<clusty> sgsax, we just got 10 servers which makes it imposibble to track it properly unless DNS works on local net
<sgsax> your external dynamic dns will always point your router
<KillMeNow> clusty, it sounds like you want to dynamically update your local DNS resolver with new DHCP hostnames and such?
<clusty> sgsax, yes
<clusty> KillMeNow, yes
<sgsax> so it will never be able to resolve your internal private subnet IPs
<clusty> KillMeNow, i told dhcpd to dynamically ipdate local thing
<clusty> sgsax, ok. so forwarding dns requests does not work with dynamically updating local ones?
<clusty> sgsax, mutually exclusive?
<sgsax> correct
<clusty> sgsax, what do you suggest i do?
<sgsax> all the external dynamic dns server will do for you is get the new IP for your router when it changes
<clusty> sgsax, i think there is a small misudnerstanding
<clusty> sgsax, they are not accesible from outside
<KillMeNow> http://www.cahilig.org/debian-and-ubuntu-ddns-bind9-and-dhcp
<sgsax> clusty: no I understand that
<clusty> sgsax, so there is nothing of sorts: whenever there is no "." in the request assume local net
<clusty> else forward to the ISP ?
<sgsax> clusty: not as far as the external dns is concerned, no
<sgsax> external dns knows nothing about any hosts behind your router
<sgsax> it see everything as coming from your router
<sgsax> that's how NAT works
<sgsax> so you need ddns behind your router to take care of resolving all hosts behind the router
<giovani> clusty: no, you don't do it that way
<giovani> you use a search domain in /etc/resolv.conf
<giovani> and then put the FQDNs in your local DNS
<sgsax> the link from KillMeNow looks very thorough
<clusty> it is
<clusty> feels nice and thorough
<sgsax> have a go at that, see what it gets you
<LiraNuna> " A. You can use "passwd" program for that purpose. Note that pam-mysql doesn't permit password change without the root privilege (pid=0). "
<LiraNuna> pwnguin ^
<clusty> sgsax, thanks a bunch. i might cleanup all the junk with that one
<uvirtbot`> New bug: #415053 in bacula (universe) "install bacula" [Undecided,New] https://launchpad.net/bugs/415053
<pwnguin> LiraNuna: well yea, that confirms your theory, but doesn't say much about why
<LiraNuna> yeah
<LiraNuna> normal users /should/ be able to change their password, right?
<pwnguin> usually, yes
<pwnguin> just another sign that this pam-mysql idea is not sane
<HellMind> #debian guys are punks
<andol> HellMind: Don't visit that channel then? :)
<howie>  what do i have to do to virtual host a second website on my server?
<HellMind> I got ubuntu and debian
<HellMind> it seems if you use debian you cant use any os -_-
<KillMeNow> http://ubuntu-tutorials.com/2008/01/09/setting-up-name-based-virtual-hosting/
<KillMeNow> it's for a bit older version, but still holds fairly true
<howie> KillMeNow: ty ill take a look
<mathiaz> bdmurray: hey - I've tried to modify the multi-package-bug-fixed-released script you gave me to get a list of bugs nominated
<mathiaz> bdmurray: I'm using the following query:
<mathiaz> bdmurray: for task in target_package.searchTasks(order_by='-date_last_updated',status=['Fix Released'], omit_targeted=False):
<mathiaz> bdmurray: how can I check if a bug is nominated for a release?
<bdmurray> mathiaz: nominated, not targetted correct?
<mathiaz> bdmurray: correct
<mathiaz> bdmurray: I'd like to a list of bug that have been nominated so that we can go through it and accept/decline them
<mathiaz> bdmurray: the advanced search page doesn't give all of them unfortunately
<mathiaz> bdmurray: next step is to use a script to gather such data
<quizme> hi, how can i restart a process after reboot?
<KillMeNow> like this:  /etc/init.d/servicename restart
<KillMeNow> so like:  /etc/init.d/apache2 restart
<KillMeNow> what are you wanting to restart?
<bdmurray> mathiaz: something like jaunty = ubuntu.getSeries(name_or_version='jaunty') and package.searchTasks(nominated_for=jaunty,status=['Fix Released'])
<quizme> killmenow: glassfish
<quizme> killmenow: it's a java app server to run my website
<bdmurray> mathiaz: I'm pretty sure that will work
<KillMeNow> ahhh
<mathiaz> bdmurray: great thanks
<KillMeNow> so you glassfish runs on tomcat?
<quizme> killmenow: i'm using apache
<quizme> killmenow: and doing a mod_proxy thing
<quizme> killmenow: not sure about tomcat
<KillMeNow> ok
<KillMeNow> well i've never used glassfish
<quizme> i just want restart glass fish after the machine reboots
<quizme> so that my site doesn't go down
<bdmurray> mathiaz: I'm more sure now that it'll work ;-)
<quizme> if u make an init.d script will it auto restart after reboot ?
<KillMeNow> yea
<KillMeNow> if there isn't one already
<KillMeNow> then you can either link it to the appropriate rc.d level or if you have chkconfig installed
<KillMeNow> you can do a chkconfig --list <servicename>
<KillMeNow> and set the boot time start level
<mathiaz> bdmurray: is there a query to get the list of all supported distros?
<KillMeNow> http://docs.sun.com/app/docs/doc/820-4341/abdeb?a=view
<KillMeNow> take a look at that, looks like Sun has a doc on automatic restart
<quizme> killmenow is there a simpler way besides init.d cuz i think i did it the simpler way last time
<quizme> killmenow: i now it's working on my old server i just don't know whwere i put that script.
<KillMeNow> sorry, again i never used Glassfish
<KillMeNow> but if it is working on your old server, you can always try to do a locate
<bdmurray> mathiaz: do you supported series?
<chris___> hi - has anyone upgraded Hardy to apache 2.2.13?
<mathiaz> bdmurray: hm - right now I need to hardcode the list of supported series (dapper, hardy, intrepid, jaunty)
<mathiaz> bdmurray: I'd like to dynamically get that list from LP
<bdmurray> mathiaz:
<bdmurray> for s in ubuntu.series:    print s,s.active
<bdmurray> mathiaz: I'm mostly just reading https://edge.launchpad.net/+apidoc/#distribution
<mathiaz> bdmurray: ok - thanks
<bdmurray> no problem
<quizme> how do i run a command after reboot ?
#ubuntu-server 2009-08-18
<psi-jack> Is there an equivalent to linux-igd for ubuntu 9.04?
<clusty> <HellMind> #debian guys are punks
<clusty> well they are more knowledgeable than ubuntu ppl
<clusty> probalem is that they think debian>> ubuntu and look down at us
<KillMeNow> keep up the flattery, i'm sure it'll help
<psi-jack> clusty: Sometimes.
<clusty> i know that ass kissing works awesome
<clusty> and i do it as much as my lungs can handle :D
<clusty> KillMeNow, btw, still no luck with DNS-ing
<clusty> KillMeNow, part 1 of the guide you gave me: http://www.cahilig.org/how-setup-lan-dns-server-using-bind9-under-debian-and-ubuntu-linux
<clusty> KillMeNow, thing is I want my main machine to be called "algorithmica" so I substitued all over the zone files
<clusty> and it still cannot find my domain called debian.lan
<clusty> pfff need to fight another day with this issue
<psi-jack> Okay..
<psi-jack> Odd..
<clusty> thing is it seems all jibberish to me (the zone files)
<clusty> they do not make a whole lotta sense
<clusty> ohh also my net is : 192.168.0.xxx so i changed it accordingly
<psi-jack> So, packages.ubuntu.com says 9.04 (Jaunty) has linux-igd in universe, I checked my apt.sources, and universe was enabled by default, but it's not there.
 * psi-jack snaps his fingers..
<psi-jack> ahhh, I forgot, it's eBox 1.2, from 8.04.2
<KillMeNow> http://www.cahilig.org/debian-and-ubuntu-ddns-bind9-and-dhcp
<KillMeNow> that is the one i sent i do believe
<KillMeNow> you wanted to hvae a local DHCP server push updates to DNS
<KillMeNow> just like Microsoft does with their DHCP to DNS
<clusty> KillMeNow, well they said in first sentence that this is building on the link i sent you
<psi-jack> Crap!
<KillMeNow> gotcha
<clusty> KillMeNow, that is a minimal check that the system works
<psi-jack> linux-igd isn't even available for 8.04-hardy
<KillMeNow> yea, so you set up your DNS server and it's not working?
<clusty> KillMeNow, correct :(
<uvirtbot`> New bug: #414986 in open-iscsi (main) "open-iscsi causes FTBFS for anything that Build-Depends on it" [High,Triaged] https://launchpad.net/bugs/414986
<clusty> KillMeNow, i must be doing somethign seriously wrong
<clusty> KillMeNow, any difference since i am running 8.04?
<KillMeNow> not particularly
<clusty> KillMeNow, thanks for help. will try tomorrow with a fresh head
<clusty> will screw up the whole office network so ppl will hate me :D
<KillMeNow> rightous
<KillMeNow> hate is gud
<KillMeNow> biggest thing is, debian.lan is the domain name they are using
<clusty> tomorrow is hate thy sys admin day :D
<KillMeNow> if you have a internal domain name, and other machines are using this box to resolve, then you need to put that domain name in to the zone
<clusty> KillMeNow, there is no domain really
<clusty> KillMeNow, another example suggested dyn.example.com
<clusty> which was used till now
<KillMeNow> it sets up the reverse zone as well as the main zone
<KillMeNow> yea, but is that the name of the internal domain you're using?
<clusty> probably i screwed up the zone file
<clusty> well you swamped me :D
<clusty> i did not spcify any domain before
<KillMeNow> well that is why they are using debian.lan
<KillMeNow> it can be any name
<KillMeNow> it could be anything.local
<KillMeNow> as long as you specify that is the zone it is authoriative for
<clusty> i figured as much
<clusty> another thing: i could not check the validity of zone files i created
<KillMeNow> so if your work domain is say:  prince.corp
<KillMeNow> your DNS server had better have a prince.corp zone file
<clusty> they gave some tool, which is missing some files
<KillMeNow> validity?
<KillMeNow> you mean that the configuration is correct?
<clusty> they say to do a : named-checkzone convergence.lan /etc/bind/zones/db.convergence.lan
<clusty> but i am missing those files
<KillMeNow> then you named it in your named.conf.local
<KillMeNow> did you copy / paste from the website?
<clusty> yeap :D
<clusty> apart from zone files
<clusty> which i doctored
<clusty> to fit my main machine name and ip class
<KillMeNow> http://tldp.org/HOWTO/DNS-HOWTO-5.html
<KillMeNow> brush up on how DNS works
<KillMeNow> http://www.google.com/cse?cx=017644269519104757279%3Agm62gtzaoky&q=Bind9&sa=go
<KillMeNow> if you want a bunch of stuff on DNS and Bind9
<clusty> KillMeNow, thnaks. you're the man
<clusty> ...or woman :d
<KillMeNow> man
<clusty> thoguht so
<clusty> linux gals are a rare and precious comodity
<clusty> :D
<KillMeNow> fraid so
<Kamilion> but gaining.
<KillMeNow> yes, now if i could only meet one IRL
<Kamilion> unfortunately, most of them are in the older-than-young-adult category.
<Kamilion> Technically, my grandmother's a linux gal, as her desktop email-station runs 8.10 ;)
<clusty> actually one GF was a linuxoid
<clusty> not even fat and zitty :D
<clusty> and not even computer science, but bio
<clusty> :d
<clusty> miracle really
<HellMind> where should I store a pid file?
<clusty> ...and then she left to save the rain forest
 * clusty sighs
<clusty> HellMind, /var/run ?
<clusty> is that not the standard spot?
<HellMind> yep :D
<HellMind> ty
<HellMind> who want to see my init script ?
<HellMind> just see it http://pastebin.com/m13bab642
<KillMeNow> very nice
<HellMind> I know, why ppl dont do thing like that :(
<Q-FUNK> Howdy!  Would anyone be available to comment on bug #194140 ?
<uvirtbot`> Launchpad bug 194140 in cyrus-sasl2 "Dependency cycle prevents upgrade of libsasl2-2" [Low,Incomplete] https://launchpad.net/bugs/194140
<psi-jack> Alrighty then.
<psi-jack> Time to setup the ldap client. ;)
<psi-jack> !find ldapsearch
<ubottu> File ldapsearch found in caudium, kdepimlibs5-dev, ldap-utils, libnet-ldap-perl, nessus-plugins (and 2 others)
<psi-jack> !find psql
<ubottu> Found: libqt3-mt-psql, libqt4-sql-psql
<psi-jack> Ugh
<jmarsden> psi-jack: You'd probably get more useful results using   apt-cache search psql
<chrisellis> Hey guys... I've tried several times to make a sub domain and i can't get it to work
<firecrotch> chrisellis: I can help!
<chrisellis> firecrotch: awesome
<chrisellis> what i did was create an A record and pointing to my IP address and then created a virtual server with that name
<chrisellis> firecrotch: is that how you do i t?
<firecrotch> chrisellis: you're on the right track
<chrisellis> what am i doing wrong ?
<firecrotch> chrisellis: you created the new virtual server in /etc/apache2/sites-available?
<chrisellis> yes
<firecrotch> chrisellis: Did you then run sudo a2ensite thenameofthefile ?
<chrisellis> wait no i created the .conf file in sites-enabled
<firecrotch> Ok, can you pastebin that file and your 000-default file?
<chrisellis> i have a default-ssl file and my primary longhornpcrepair.com.cof
<chrisellis> conf
<firecrotch> chrisellis: do you get an error when you restart apache?
<chrisellis> oh wait
<chrisellis> i never restarted it
<chrisellis> woops
<firecrotch> chrisellis: that *might* help ;)
<chrisellis> k let me restart it
<chrisellis> k restarted it
<firecrotch> chrisellis: does your subdomain work now?
<chrisellis> im not sure i can't check it
<chrisellis> http://swot.wwmcd.org
<firecrotch> cannot find server
<chrisellis> hmm
<firecrotch> chrisellis: I did  dig swot.wwmcd.org  and got no answer
<chrisellis> mmk
<chrisellis> is wwmcd.org still working
<chrisellis> firecrotch: here is my .conf file - http://pastebin.com/m31386711
<firecrotch> chrisellis: the main domain does work, albeit slowly
<chrisellis> thats not good
<firecrotch> Seems to me that your DNS isn't updated
<chrisellis> do i need to restart bind?
<firecrotch> Yup
<chrisellis> k
<chrisellis> restarted it
<jmarsden> It works now, although only one "Singing Woman" is listed and the site name is plural "women" :)
<chrisellis> haha yeah
<chrisellis> I am just starting on the site
<chrisellis> fake content
<chrisellis> and let me just make sure that wwmcd.org is still working
<firecrotch> wwmcd.org is still working, and much faster now
<chrisellis> great
<chrisellis> so it was just a restart issue
<chrisellis> i keep forgetting to restart my servers when i add stuff i will have to make a mental note
<chrisellis> thank you much
<jmarsden> You usually don't need to restart bind,   sudo rndc reload wwwmcd.org    would probably have been enough in this case.
<chrisellis> what does that do?
<jmarsden> man rndc.  rnddc is a tool for sending commands to named
<jmarsden> actually it lets you do all sorts of things to your DNS server except restart it :)
<chrisellis> ahh
<chrisellis> alright
<chrisellis> I'm still learning how this all works
<chrisellis> is there a script out there where i could just say the name of the domain and the directory and it creates all the files for me
<firecrotch> chrisellis: I used to have one that I wrote, let me see if I have a copy somewhere
<chrisellis> awesome
<jmarsden> Well, I have some of those that do that for me and my needs... there can't really be a generic one because what you need for each new zone is up to you and ho wyou set up security for each zone, who can query it, etc etc.
<chrisellis> I just set up all my domains pretty standard
<firecrotch> chrisellis: Unfortunately, I don't see the script on my server anywhere, and my backup drive is at work
<chrisellis> oh alright
<firecrotch> chrisellis: You could write your own :)
<chrisellis> firecrotch: true.. I would have to figure out how
<chrisellis> i would love to create a php file that has a gui to it
<chrisellis> or i mean that can give it a gui
<firecrotch> chrisellis: I don't think that will be possible, since you have to use sudo for a lot of the stuff
<firecrotch> chrisellis: nor would it be a good idea
<chrisellis> yeah
<chrisellis> well make it https and only on local network
<firecrotch> chrisellis: I remember my script prompting me for the domain name and the directory to use
<chrisellis> oh thats cool
<firecrotch> chrisellis: I've always found this guide useful for bash scripting: http://www.freeos.com/guides/lsst/
<chrisellis> awesome i will look into it
<firecrotch> basically, I created a template for my apache configs, and used sed to put the domain name and directory into the file
<jmarsden> I did the same for DNS...  See http://pastebin.com/f9acf6b0 and http://pastebin.com/f6446090a for a script and template for DNS setup for new zones... just DNS, not web server setup, because DNS and web servers are separate machines in my case at work :)
<chrisellis> pretty fancy
<jmarsden> Not compared to some of the larger scripts I use :)
<chrisellis> I'm just getting into this linux is very fun
<chrisellis> let me use some punctuation... I'm just getting into linux, It is very fun
<ball> chrisellis: Linux is useful, but the people are fun ;-)
<chrisellis> yes
<chrisellis> finally set up my own server and its been a challenge and very fun
<chrisellis> i can't wait to buy another and set it up
<ball> I'll be right back
<chrisellis> is there an advantage to getting one of those servers at a server farm ?
<jmarsden> Reliability, and less noise from server fans in your bedroom or living room or office :)
<jmarsden> BTw the script for DNS is at http://pastebin.com/f6f861a36
<jmarsden> Apparently I posted the template file twice earlier :)
<ball> chrisellis: what will you use your Ubuntu server for?
<chrisellis> ball: the one i have now is for my websites and my clients websites
<chrisellis> mostly all my sites a php and mysql
<ball> Are you using virtualisation?
<ball> ...or do they all live within one OS instance?
<chrisellis> I'm using virtual servers
<ball> What are you using as a hypervisor?  KVM?
<chrisellis> apache2
<ball> apache2 is not a hypervisor
<jmarsden> I think chrisellis is confusing cirtual hosts and virtualization :)
<ball> Ah, okay.
<chrisellis> haha yeah
<chrisellis> im a noob
<jmarsden> chrisellis: Virtualization is running multiple OSes "inside" another one.  With tools like KVM or virtualbox or vmware server
<chrisellis> oo
<chrisellis> no i just have ubuntu running on a dell poweredge 1750
<chrisellis> and just ssh into it ?
<ball> It's a while since I looked at Dell Servers... is that a tower or rack mount?
<qman__> you're running a single OS, using apache virtualhosts
<chrisellis> its a rack
<chrisellis> k i am running one OS
<ball> I used to work with a 1U PowerEdge and that thing was *loud*
<chrisellis> haha yeah
<ball> ...it was adequate though.
<chrisellis> its a 1u
<chrisellis> and its in the closet cause its sooo loud
<chrisellis> don't worry there is an air condition vent in there
<chrisellis> i want to get a poweredge 6650
<qman__> those cooling systems are designed to deal with much worse than just a closet :)
<qman__> I've got two servers in my closet, though they're towers, not rackmounts
<ball> I would like a server with a matched pair of Shanghai chips in it, but short of winning the lottery, that's unlikely to happen.
<chrisellis> who makes the best servers?
<qman__> one's an athlon 64 3500+, the other's a sempron 64
<chrisellis> I've just been looking at dells cause i live in austin and they are easy to find
<jmarsden> chrisellis: "Best" at any price?  And you have the space and power and cooling?  IBM zSeries mainframes, probably :) But "best" is very subjective.
<chrisellis> or round rock i mean
<ball> chrisellis: IBM and HP seem to make some credible gear.  Sun make some that's probably good for certain applications.
<ball> ...I wouldn't mind trying a Lenovo server.
<ball> jmarsden: pSeries ftw ;-)
<chrisellis> isn't lenovo basically IBM
<ball> chrisellis: sort of.
<qman__> dpm
<qman__> don't know about their servers
<qman__> lenovo bought IBM's division for laptops and such though
<chrisellis> yeah
<qman__> but IBM still makes servers, so not sure about them
<jmarsden> No, Lenovo bought IBM PC designs... the IBM zSeries and pSeries stuff are much bigger machines using non-Intel noj-AMD CPUs and are very much *not* PC's at all...
<ball> HP probably sell Itanium boxen... does anyone else?
<chrisellis> all the servers i'm looking at are quad Xeon processors
<ball> chrisellis: Nehalem?
<chrisellis> ball: Is that a brand?
<qman__> nehalem is also known as i7
<twb> chrisellis: nehalem is an Intel product name
<ball> chrisellis: *some* quad core Xeons are Nehalem chips
<chrisellis> let me check
<qman__> it's intel's latest and greatest processors
<ball> it's a development codename.
<jmarsden> Nehalem is the "code name" for a recent series of Intel CPUs.
<qman__> they're fast, and they're expensive
<twb> FSVO greatest ;-)
<ball> Supposedly they have some nice power management features.
<twb> It's not like Intel make particularly great chips to begin with, I guess
<chrisellis> I'm not sure ... its a dell poweredge 6650
<ball> twb: any thoughts on Shanghai?
<chrisellis> it doesn't say in the manual
<twb> ball: I don't track that shit closely
<ball> chrisellis: don't buy it if you can't find out.
<ball> twb: any thoughts on Istambul? ;-)
<twb> ball: I don't track that shit closely
<qman__> I can't afford any of that stuff, all my servers are desktop hardware
<twb> qman__: my gear is fucking Pentium IIIs in compaq cases
<ball> chrisellis: If you know you'll be scaling up, consider a blade chassis
<qman__> my shell server is a 200MHz K6
<jetsaredim> is there a guide for setting up raid under ubuntu?
<ball> ...perhaps once you get past three x86 boxen
<twb> That's the work machines, of course.
<chrisellis> ball: well this server is only $150
<ball> qman__: I have a 450 MHz K6-2+ box here.
<chrisellis> and for my uses i think it would be perfect
<twb> At home I run everything off an Asus 500gP
<ball> chrisellis: ah well, then you're not going to be all that fussy
<ball> brb
<qman__> you get four or five SSH sessions going, and it starts to lag
<chrisellis> yeah
<twb> Not because I'm poor, but for the challenge
<qman__> perfect for personal use, not useful for much else
<jmarsden> jetsaredim: See https://help.ubuntu.com/9.04/serverguide/C/advanced-installation.html for software RAID
<chrisellis> I know that the 6650 chips have hyper-threading
<qman__> HT means they're either pretty old, or the new nehalems
<chrisellis> i dont think the 6650's are new
<chrisellis> maybe 2006-2007
<chrisellis> but again its only $150.00
<qman__> that's not bad
<chrisellis> yeah quad 2.2GHZ 3x73GB 10K
<twb> I wasn't impressed by HT in the P4s
<qman__> that's a nice machine for so little
<qman__> probably eats up a lot of power though
<chrisellis> its got 2x900 Watt Power supplies
<twb> Gimme SATA's larger capacities for most shit, though
<firecrotch> P4 HT was crap
<twb> firecrotch: is nehalem's any better?
<chrisellis> so hearing that they are 2 900watt power supplies i bet that things loud as crap
<qman__> HT isn't useful on one core
<qman__> but when you throw in 4+, it begins to show worth
<firecrotch> twb: it's lightyears beyond P4's
<qman__> but only in certain applications
<twb> qman__: why?
<twb> qman__: my understanding of HT was that the number of cores wasn't relevant
<qman__> HT doubles your cores effectively
<twb> qman__: bullshit
<soren> qman__: Err.. It really, really doesn't.
<qman__> but on the original P4 implementation, the way it worked, a runaway process would still hang your box
<twb> http://en.wikipedia.org/wiki/Simultaneous_multithreading
<chrisellis> so in theory 1 HT processor is 2 ?
<qman__> well, it doesn't double them without consequence
<twb> chrisellis: FSVO theory = marketing
<qman__> it provides more cores at reduced performance per core
<qman__> to the software
<qman__> so it really depends on what software you run
<qman__> but the new HT is far more useful than the original
<jetsaredim> in what package would i be able to find mkraid?
 * ball nods
<ball> Hyperthreading is snake oil, at least on x86]
<twb> "RMI, a Cupertino-based startup, is the first MIPS vendor to provide a processor SOC based on 8 cores, each of which runs 4 threads."
<twb> 32 threads on a soc?  I'd like to see Intel do that
<soren> jetsaredim: mkraid?
<ball> soren!
<qman__> jetsaredim, you probably shouldn't be using mkraid, you should use mdadm instead
<chrisellis> If i already have a server thats a dual 2.8 would there be a point in running another server or just replacing that one
<jetsaredim> qman__: ok
<chrisellis> i mean for my needs at least
<ball> chrisellis: look at your utilisation
<qman__> that depends on your needs
<qman__> if what you have is doing the job with a little performance to spare, I wouldn't bother upgrading it
<ball> Look at your upgrade path *before* the load becomes very high and the users start to suffer.
<twb> ball: if ANYTHING works, leave that thing the fuck alone :-)
<qman__> web servers are an interesting thing
<chrisellis> i just don't want to pass up a great deal like this
<qman__> because it depends entirely on the nature of your sites
<qman__> if you're using complex scripts and SSL, you need a lot of CPU power
<ball> twb: Right, but if it's a production server you'll want another machine anyway.
<qman__> if you're just serving static pages, not so much
<chrisellis> right now i am using 0.00, 0.00, 0.00 cpu load average and 1.97GB Real memory
<jmarsden> chrisellis: There will almost always be a better deal in a few months.... available general purpose computers get better, faster and cheaper over time.
<qman__> it is a great deal, but if you don't need it, you'll just be increasing your electric bill for no good reason
<jetsaredim> qman__: will mdadm automatically save the setup for next boot?
<ball> chrisellis: do you have another machine synced with that, to take over when that one fails?
<jmarsden> If you have 0 load avg you do not need more cores :)
<chrisellis> no thats why i kinda want to get another one
<qman__> jetsaredim, you have to save the mdadm.conf and set up your fstab
<qman__> the howto should go through that, if it's the one I think it is
<qman__> you can always manually reassemble an array
<jetsaredim> not sure which howto you might be talking about?
<qman__> http://tldp.org/HOWTO/Software-RAID-HOWTO.html
<jetsaredim> yea
<chrisellis> But what you said about the power bill ... 2x900watt power supplies plus whatever that 1750 is doing ... might kill me
<qman__> yeah, it's a good deal if you need the CPU power, but it's going to be pretty costly to run
<qman__> AMD's biggest marketing ploy is that opterons are more power efficient than xeons
<ball> chrisellis: just because you have 900W PSUs, doesn't mean your server is going to be burning 900 Watts.
<chrisellis> ball: oh well thats good to know
<qman__> yeah
<qman__> that's just the max capacity
<qman__> and also, it's likely that they're redundant
<ball> chrisellis: but choose your CPU and disk drives with care.
<qman__> meaning that the machine is not designed to use more than 900 watts
<qman__> however, it could still be pretty expensive to run
<qman__> look into the TDP of the processors
<jetsaredim> qman__: trying to figure out how to specify that a given drive is a spare in a raid 5 setup
<ball> ...and make sure they can do Cool-n-Quiet (AMD) or SpeedStep (Intel)
<ball> ...that those things are enabled too.
<ball> ...and 15k drives may be fast, but they also run hot.
<ball> Alright, I really am going to bed now.
<ball> Goodnight everyone.
<ball> I shall dream of a new server, with 2.5" disk drives and stone cold microprocessors.
<twb> 2.5 so they fail faster?
<qman__> jetsaredim, http://prefetch.net/blog/index.php/2007/03/11/adding-a-hot-spare-to-an-md-device/
<qman__> yeah, I am not a fan of 2.5" hard drives
<chrisellis> alright talk to you later
<qman__> too slow and too fragile
<soren> qman__: You know that many SAS drives are 2.5", right?
<qman__> nope, though fast and fragile isn't much better
<qman__> I like my nice, cool 3.5" SATA drives
<twb> I think what I like most about my 3.5" SATA drives is their commoditory nature (i.e. cost per byte).
<qman__> yeah
<qman__> RAID a bunch of them together, and you have a reasonably fast filesystem
<firecrotch> I'll stick with my 5.25" drives, tyvm
<jetsaredim> just got 5x wd black 750G for 65 per
<twb> AUD 0.11 / megabyte for 1.5TB seagate sata 3.5
<jetsaredim> $0.0866 for the wd drives - they were the deal of the day last week one day
<twb> Nothing that good on msy.com.au, as at 2009-07-23
<twb> Probably I should take a new snapshot
<jetsaredim> yea - it was a daily deal last week on newegg
<jetsaredim> how does one re-activate a "stopped" md device?
<qman__> probably mdadm --assemble
<jetsaredim> not identified in config file
<qman__> without a config set up you'd have to specify the devices to use
<qman__> syntax would be
<qman__> mdadm --assemble /dev/md? /dev/sd? /dev/sd? /dev/sd?
<qman__> replacing ? with the appropriate devices, of course
<jetsaredim> hrm
<jetsaredim> device or resource busy
<jetsaredim> i'll just reinstall again
<jetsaredim> just setting it up again
<jetsaredim> so when saving the config
<jetsaredim> would be something like mdadm --detail --scan --verbose > /etc/mdadm.conf
<qman__> yes
<jetsaredim> but maybe /etc/mdadm/mdadm.conf
<qman__> I can't remember exactly but that's the idea
<qman__> yes, the second is the correct file
<jetsaredim> should it be appended or overwritten?
<qman__> appended
<jetsaredim> ok cool
<jetsaredim> thanks for the assistance
<qman__> no problem, sorry you have to start over
<jetsaredim> i'm just starting out with it
<jetsaredim> have an existing file server running on a hodgepodge of ide disks
<jetsaredim> and upgrading to a new system i just built using the 5x 750 wd black drives
<jetsaredim> trying to setup raid 5
<jetsaredim> for media/backups/fault tolerance/etc
<qman__> yeah
<jetsaredim> lots of mp3s, tv shows, my kids dvds
<jetsaredim> digital pics etc
<qman__> I did pretty much the same thing with mine, took a few days to get it set up the way I wanted
<jetsaredim> yea
<jetsaredim> took me about a month to find the right parts i wanted
<qman__> but it's worth the effort
<jetsaredim> so it's not like i'm in any huge rush
<qman__> and in the event of a system crash, you can still reassemble the array from a live CD
<jetsaredim> yea
<jetsaredim> well
<jetsaredim> i was going to use 4 active drives and have the 5th for spare
<jetsaredim> since i got them so relatively cheap
<qman__> I started mine with 6 disks, and added 2 later
<jetsaredim> ah
<qman__> it's almost full again though, I'm going to have to get bigger disks and make a new array
<jetsaredim> only 6 sata connectors at the moment on the mobo
<jetsaredim> my case has enough bays for 11 drives
<jetsaredim> so i'm set for expansion
<jetsaredim> oddly enough the case was the one thing i had when i started the project
<jetsaredim> heh
<qman__> I've got room for 4 more, so I figure once 2TB drives get reliable and down in price, I'll create a new array with four of those, move the data, then add more 2TB disks
<jetsaredim> yea
<jetsaredim> though
<jetsaredim> with the higher capacity disks there is greater likelihood of fault
<qman__> yeah, I'd do raid 6 with them
<jetsaredim> ah
<qman__> right now I have raid 5, using 500GB disks
<jetsaredim> sounds like fun
<qman__> so I've got about 3.3TB of space
<jetsaredim> that would be enough to tide me over for a while
<qman__> one thing I didn't realize when I started
<qman__> is that I already had enough data to fill more than half of it
<jetsaredim> heh
<qman__> once I got all my stuff off the various desktops around
<jetsaredim> I'm getting there
<jetsaredim> i have a 500G drive that's completely full
<jetsaredim> plus a bunch of stuff on other random places
<jetsaredim> i'd say i have about 100 movies
<jetsaredim> plus about 400G of tv shows
<jetsaredim> i need to go through them and get rid of some
<qman__> I have about 300GB left
<qman__> I can probably clean up about 150GB of unnecessary stuff
<qman__> but at the rate things are going I'll be full by next year
<jetsaredim> yea
<jetsaredim> it goes fast
<jetsaredim> especially if you use it
<jetsaredim> anyway well - thanks again
<qman__> yeah, no problem
<jetsaredim> i may come back with more questions at some point tomorrow when i try again
<qman__> that linux raid howto is the best resource for it
<qman__> despite how old it is
<jetsaredim> maybe i'll give karmic a go
<jetsaredim> actually - i found something from the forums that's decent
<qman__> cool
<jetsaredim> ok later
<uvirtbot`> New bug: #415224 in samba (main) "package samba 2:3.3.2-1ubuntu3.1 failed to install/upgrade: subprocess post-installation script returned error exit status 139" [Undecided,New] https://launchpad.net/bugs/415224
<acalvo> anyone here using postfix+dovecot (and LDAP as backend)?
<stochastic> can anyone tell me how to prevent my external USB drive from Auto-mounting when I plug it in?
<negge> my /var/mail/<user> has stopped growing since about 6 months back. Has there been an update to the system that changes the location of the mail file or what is going on? I doubt cron haven't had anything to say for that long.
<CopyWriter> hello all
<CopyWriter> today's question :) - i installed 2 network cards into a ubuntu server lts 8:04, configured the eth0 with dhcp and connected it to my adsl modem (can ping google, did updates etc) configured eth1 with static 192.168.1.1 that plugs into a wireless router, other clients will connect to the wireless network fine, but get no internet
<CopyWriter> oh and eth1 also has a dhcp server configured on it also
<CopyWriter> so it handles assigning addresses
<CopyWriter> disabled dhcp on the wireless router, but then the clients couldn't connect to it
<CopyWriter> when i open a browser it just stays at connecting and then nada
<CopyWriter> i'm thinking to just plug the router into a lan port on the wireless router, but then that would entirely defeat the purpose of having the server act as a firewall
<CopyWriter> !dhcp
<ubottu> dhcp is Dynamic Host Configuration Protocol, a protocol for automatic IP assignment from a router. Ubuntu uses dhclient as a DHCP client but other ones (and DHCP servers too) can be obtained from the !repos. More info at http://en.wikipedia.org/wiki/DHCP
<stefan____> what is the gateway for the wireless router
<stefan____> ?
<stefan____> must be eth1s  ip address
<CopyWriter> 192.168.1.1
<stefan____> and that is the ip of the eth1 nic card ?
<CopyWriter> yep
<stefan____> do you have your 804 server configured as a router ?
<CopyWriter> i'm not sure
<CopyWriter> i don't think so
<stefan____> that is way it is not working
<CopyWriter> how do i do that
<stefan____> http://unixfoo.blogspot.com/2008/02/how-to-configure-linux-machine-as.html
<CopyWriter> i knew it was something i was missing
<stefan____> enable ip_forward
<CopyWriter> thanks stefan
<stefan____> no probs CopyWriter
<CopyWriter> i'll try that at the office, i woke up early to research the problem it's 4:22 now, will most likely still have time to get some shut eye before work
<stefan____> it is good you woke up early then :)
<acalvo> is it possible that the openssh server has some kind of timeout session?
<acalvo> I'm finding that if I ssh one server and do not run any command for a large period (say 15min) it gets blocked
<acalvo> maybe the connection was killed?
<_ruben> most likely a connection tracking issue of one routers/firewalls in between
<acalvo> _ruben: but it does not makes sense
<_ruben> why not?
<acalvo> since if I log in thru ssh and starting working, it does not get killed the connection
<acalvo> only after a period
<_ruben> so you're experiencing a timeout somewhere, a fairly common one is a busted connection tracking along the way
<acalvo> oh, I see
<acalvo> maybe you're right
<andol> ttx: Regarding bug #334374, aside from having ldap-auth-config as an explicit Recommend, do you agree with the change otherwise?
<uvirtbot> Launchpad bug 334374 in libnss-ldap "libnss-ldap should not depend on libpam-ldap" [Medium,Confirmed] https://launchpad.net/bugs/334374
<ttx> andol: I was wondering what was the best way to fix it, given that other related bug. Wanted to ping mathiaz/dendrobates about it since they authored the original design
<andol> ttx: Thinking of bug #11:36 < acalvo> _ruben: but it does not makes sense
<uvirtbot> Launchpad bug 11 in rosetta "Rosetta says there are untranslated strings, but it isn't" [Medium,Fix released] https://launchpad.net/bugs/11
<andol> ohh, bad paste there, sorry
<andol> ttx: Thinking of bug #306054 I assume?
<uvirtbot> Launchpad bug 306054 in ldap-auth-client "Not using LDAP for auth, please downgrade libpam-ldap to Recommends:" [Wishlist,Confirmed] https://launchpad.net/bugs/306054
<ttx> yes
<ttx> both are about the current design not allowing some specific setups
<ttx> Downgrading a depends to a recommends would fix it, I'm just unsure which depend should be converted :)
<ttx> Your solution would not fix 306054.
<andol> ttx: Yeah, been thinking about that one too, but haven't really used ldap-auth{config,client} enough to have an an actual opinon on those.
<andol> ttx: No, it wouldn't. Nevertheless I don't think ldap-auth-config should be a hard dependency to libnss-ldap. You can very well use that lib without any extra configuration utility.
<ttx> true, the design was done at a time where recommends would not get installed, so it needs to be salted with some recommends to allow better flexibility.
<andol> ttx: Which is basically the solution I suggest, especially if we add -auth-config as an explicit recommend. I belive that's a good change, no matter what.
<andol> ttx: Still, I guess there is no hurry, if we anyway should solve the whole situation.
<ttx> andol: ok
<andol> ttx: So, what's the plan now? Try getting some input from matiaz and/or dendrobates?
<ttx> andol: yes, I'll ask them to have a look and comment, then if they are ok with your debdiff, I'll uplaod it
<ttx> upload it, even
<andol> ttx: Does that mean I should add a new debdiff, with auth-recommends listed under Recommends as well?
<ttx> andol: doesn't hurt to prepare it, yes :)
<andol> ttx: Being a rather easy change I'll create a new one when I get off from work.
<andol> Work is by the way something I probably should return to now.
<ttx> andol: makes sense :)
<sebrock> I just installed a vncserver on a headless ubuntu 9.04 server
<sebrock> When I connect to it all I see is the X11 desktop, I cannot start a terminal or anything... how do I do that?
<_ruben> install the desktop edition instead? :)
<sebrock> uh nope no good
<sebrock> I want to keep the installs at a minimum
<sebrock> got the mouse ans everything, just no terminal
<sebrock> so I can't start anything really
<_ruben> perhaps you have no terminal program installed
<ogra> install a minimal window manager
<sebrock> Should it really be necessary to install a window manager?
<ogra> openbox or fluxbox
<sebrock> vncserver acts as a window manager
<ogra> huh ?
<_ruben> vncserver a wm??
<sebrock> it installs X11 libs
<ogra> vnc server acts as an X server
<_ruben> its an X server, not a wm
<sebrock> I heard a wm should not be needed
<ogra> why do you use vnc at all ? as i understand you you just want to be able to run a terminal, using ssh should provide you with that
<ogra> you just add useless overhead
<dorvan83> hi to all
<sebrock> ogra, it's for a mytht-backend
<dorvan83> i have a problem with /dev/random.... seems doesn't work...
<sebrock> Last time X-forward did not work very well with the initil setup
<_ruben> dorvan83: you probably lack entropy .. which is a nasty problem .. i run into it every now and then on mostly idle systems
<dorvan83> _ruben: yes i this this too, but entropy pool in kernel is 4096 and i'm trying different keygen executebles, have problem to generate a 1024 key from /dev/random
<_ruben> dorvan83: its total size is probably 4096, yet empty (so 4096 of nothingness)
<dorvan83> _ruben: but if i launch a dd if=/dev/random of=/root/text.txt and after some time i stop it..
<dorvan83> _ruben:  the results from dd statistics is zero
<_ruben> which indicates lack of entropy
<_ruben> there are some tricks to increase entropy to be found on the 'net, but i never found one that actualy worked well
<dorvan83> _ruben:  but if i make the same with "urandom" dd print something
<_ruben> because urandom is less "secure" than random
<dorvan83> _ruben: i'm using ubuntu server 9.04 in which way i can solve this, to try?
<dorvan83> _ruben: some doc on the net suggest to remove rando and make an alis to urandom named random
<_ruben> http://stupefydeveloper.blogspot.com/2007/12/random-vs-urandom.html .. little post on the differences between random and urandom .. as for increasing entropy itself, google, tho like i said, i dont recall ever being able to increase the entropy on a "problematic" box
<dorvan83> _ruben: but sound stupid...
<_ruben> that'd work as a temp work around
<_ruben> and it depends on how much you care about "real" randomness
<_ruben> if a certain box lacks enough entropy for a given task, i run the task on another box which does have enough entropy .. when possible that is
<MatBoy> _ruben: do you still live ?
<sebrock> yup, vncserver should start twm, so it includes a wm
<sebrock> I see it should also start a terminal by default
<sebrock> FYI all I had to do was to add the full path to xterm in the xstartup file
<sebrock> works now
<garymc> Hi people, do i need an antivirus software on my ubuntu server? if so which one and does it cost anything?
<pmatulis> garymc: no a/v s/w necessary
<garymc> s/w?
<pmatulis> software
<garymc> ahh :S
<pmatulis> garymc: what kind of server are you talking about anyway?
<ivoks> ttx: here?
<ttx> ivoks: yes
<garymc> im using an LTSP setup
<pmatulis> ok, an LTSP server
<ivoks> ttx: regarding the corosync sync
<garymc> ive got 3 servers, trying to use two of them right now
<garymc> Im gonna put Astlinux on one of them
<ttx> ivoks: yes
<ivoks> ttx: my laptop died couple of days ago, so it's kind of pain to do anythnig now using my phone
<garymc> and try to link it through so each ltsp user has a phone too
<ttx> hehe
<ivoks> ttx: so, i'll be finishing my vacation tomorrow and should be able to fix those things  day after tomottow
<ivoks> tomorrow
<ttx> ivoks: works for me, I'm mostly concerned by the NBS
<ivoks> nbs?
<ttx> the library transition
<ivoks> ah.
<ivoks> rhcs will need rebuild
<ivoks> acctualy, new version
<ivoks> and
<ivoks> but we need to sync corosync first
<ivoks> then we will sync openais
<ivoks> and new pacemaker and new rhcs
<ivoks> corosync is first step
<ivoks> openais second
<ivoks> everything except rhcs is in the ppa i mentioned in the bug
<ivoks> i couldn't finish rhcs cause my thinpad died... Â£%$&*Â£"!
<ivoks> ... and i won't be at the meeting today for the same reason...
<ttx> ivoks: There is no laptop reparirman on your beach ?
<ivoks> no :/
<garymc> pmatulis: do you know if i can do this?
<garymc> pmatulis: setup a separate server with astlinux on ubuntu then link it to my ltsp clients and giv them a phone each?
<pmatulis> garymc: best ask on #ltsp
<ivoks> ttx: oh, and we can't sync from experimental since that version isn't there yet
<ttx> it is now
<ttx> ivoks: since Aug 15
<ivoks> eh... i couldn't know that :/
<ivoks> does it has all my changes?
<ivoks> have
<ivoks> i hate lenovo :/
<_ruben> MatBoy: nah :)
<ivoks> anyway, i'll be back in 48 hours... take care
<dorvan83> ivoks: i'm using your last released packages on launchpad for ubuntu for corosync and pacemaker. Yesterday night sdake of #linux-cluster have bypassed an issue with corosync-keygen binary, but there are other problems with system entropy.
<ttx> dorvan83: he is no longer in-channel. You should send an email to him.
<dorvan83> ah, ok
<dorvan83> where i can get it?
<dorvan83> from whois command?
<dorvan83> i can't see
<dorvan83> ttx: have you suggestion for increase system entropy?
<dorvan83> i found this:http://ubuntumagnet.com/2007/11/creating-more-entropy-linux-kernel-virtualized-environment
<ttx> dorvan83: see pm
<dorvan83> ttx: pm?
<ttx> dorvan83: I just sent you the email address by Private Message (pm)
<dorvan83> ooppss sorry... that pm aaaaaaaaaaaaahhhhh
<dorvan83> ttx: thanks, sorry but i'm in remote console on irssi.
<smoser> soren, would it make sense to allow the user to provide the ssh host keys for a new instance (in user-data or something).. they could run ssh-keygen the system that started the instance and send them over to the new instance, rather than trying to verify by scraping console output (which sometimes doesn't work)
<soren> smoser: i thought about it, but I think it's a bad idea. The user-data is not protected, so if someone finds a way to query your meta-data, they get your ssh host private key, and that would be bad news.
<smoser> this is true
<smoser> obviously, that info (the private key) is also in /etc/ssh
<smoser> but there it is file system permissions protected
<smoser> i think you might have mentioned before the possibility of locking up (via iptables) the user data
<smoser> after it is used.  perhaps crawl it, store it in /var/run/ec2-user data with secure filesystem permissions and then deny access to 169.254.169.254:80
<smoser> soren, ^ (no hurry, just so you see it)
<soren> smoser: Hm. Interesting idea. That could work, I guess.
<rayno_b> Hi there, I need to forward port 3840 to a specific IP address on the network (this should happen from internal).  Can someone here please assist me to get that to work?
<PhotoJim_> there are lots of ways of doing that.
<PhotoJim_> I use shorewall.  /etc/shorewall/rules has the configuration.
<rayno_b> If I use webmin could I do this with ip tables?
<PhotoJim_> DNAT   net loc:192.168.222.13 tcp 5050
<PhotoJim_> DNAT   net loc:192.168.222.13 udp 5050
<PhotoJim_> that forwards port 5050 from my router's external IP (my router is an Ubuntu box) to that private IP on my LAN (my Slingbox in this case).
<giovani> rayno_b: your ubuntu box is the firewall/router?
<rayno_b> no
<PhotoJim_> iptables can do it, but I'm not experienced in doing that.  and I don't use webmin . my router has no GUI.  better performance that way.
<PhotoJim_> ahh.  you have to do this on your router.
<giovani> rayno_b: then this isn't an ubuntu question -- this is a question for your router/firewall company
<rayno_b> but is there any way to do this on this ubuntu machine that is currently getting the request?
<giovani> rayno_b: no ...
<giovani> you need to open the port at the router/firewall
<rayno_b> look, the port is open.
<giovani> the entire function of that device is to stop random traffic from entering your network -- so that's where the exception has to be made
<giovani> rayno_b: on the router/firewall? or on the server? there's a big difference
<rayno_b> Giovani - I know.  The port is only going to be used in the local lan, not from external to internal.
<PhotoJim_> why do you want to do local port forwarding?
<giovani> rayno_b: then there's nothing you need to do -- the port is open
<rayno_b> but
<PhotoJim_> port forwarding is usually done as a kludge to get around NAT.  local IPs don't need to work around it.
<rayno_b> If the request comes to the ubuntu box on port 3840, I want that request to be processed by another machine on the network.
<PhotoJim_> can you not direct the request to the proper machine?
<rayno_b> You would think - That's what I would have done, but I'm not the admin of this network.  The network admin insists that I do it this way.
<giovani> rayno_b: there's no good solution to this
<PhotoJim_> this is a really dumb way to do it.  no offense. :)
<giovani> you need to do it the right way
<uvirtbot> New bug: #387257 in bacula (universe) "Bacula crashed on installation" [Medium,Invalid] https://launchpad.net/bugs/387257
<giovani> which is to send the client to the correct server
<giovani> also, what protocol are you using on this port?
<rayno_b> I'm using tcp
<giovani> no
<giovani> I meant application protocol
<rayno_b> It's an http address
<giovani> well, you can issue an http redirect
<giovani> it's far cleaner than any kind of weird port-tunneling you want to do
<rayno_b> okay...  but say I insist on doing this weird tunneling thing.  can you just help me to get it working please?  I understand it's not the right thing to do.
<giovani> an HTTP 301 reply will ensure the client sends their traffic (for the entire session) to that new server
<giovani> rayno_b: nope, sorry, I can't help do something so silly
<giovani> maybe someone else will
<rayno_b> can I explain the network admin's point of view.
<giovani> well you've also decided not to use my perfectly valid solution
<giovani> for some unknown reason
<rayno_b> giovani - ok, can you help me with the HTTP 301 reply?
<giovani> sure, set up a webserver, and configure it that way
<giovani> lighttpd will do
<giovani> it's still serious overkill
<giovani> but at least it'll make sure you're not duplicating tons of traffic for no good reason
<rayno_b> okay, i'll try that.  thank you.
<PhotoJim_> that seems the most elegant solution.
<giovani> PhotoJim: it still makes me cringe :)
<rayno_b> you wouldn't do it?
<giovani> rayno_b: I'd talk to the network admin
<giovani> I don't know why this is the network admin's decision anyway
<rayno_b> okay
<giovani> you don't need his permission to tell clients to access the server directly
<giovani> http://redmine.lighttpd.net/projects/1/wiki/Docs:ModRedirect
<pmatulis> rayno_b: give giovani the admin's telephone number
<giovani> there's the (pretty good) documentation on mod_redirect (which you'd need to use lighttpd here)
<giovani> just make sure to set the url.redirect-code to 301
<rayno_b> the thing is, the server sends 'n url link to the clients in their mailboxes and this contains the wrong address at the moment.
<giovani> so fix it?
<rayno_b> the dns name on other ports should point to the ubuntu server.  it's just this one single port that's the problem.
<PhotoJim> yeah, that's a good point.  can you change it to give the correct address?
<giovani> rayno_b: I don't follow you -- ports aren't related to domain names
<giovani> domain names map to ip addresses -- you can't specify which ports are accessible when using a given name to resolve the ip
<rayno_b> I know I know.
<rayno_b> This is a special case.
<rayno_b> From outside, the address somename.dyndns.org maps to the router that comes into the client's network.
<rayno_b> From inside, the network administrator has mapped that name (somename.dyndns.org) to the ubuntu server that I'm administrating.
<rayno_b> Because all ports on that name should go to the ubuntu server, except for this one port 3840 which should go back to another address.
<giovani> so use a different name ...
<giovani> for the right server
<giovani> and send that one out in the emails
<PhotoJim> sounds to me like the optimal solution is to just give the Ubuntu server the public IP, and have it port forward that one port.
<PhotoJim> using a router to forward all ports to a single machine means the router isn't really routing.
<PhotoJim> it's superfluous.
<rayno_b> Okay, will talk to the network admin.
<rayno_b> I have another question which is not related to my current topic...  Do you mind?
<giovani> rayno_b: as long as it's an ubuntu question, sure
<rayno_b> I've been trying to understand traffic shaping, but I have no clue how to get this right.  At the moment, I use an ubuntu server as gateway to the internet.  How can I control that one user cannot simply use all available bandwidth to the internet?  And maybe always allow mail traffic to be able to flow through, etc.?
<rayno_b> I'll be right back
<rayno_b> Right, I'm back.
<rayno_b> Giovani - Can you or PhotoJim help with this?
<giovani> rayno_b: honestly, it's a reasonably complex topic
<giovani> there are a number of howtos on traffic queueing in linux -- but I wouldn't advise taking it on
<rayno_b> I must say, I've been very much unsuccessfull so far in what I've been trying.
<rayno_b> But everytime someone on the network now downloads something, the internet is unusable to anyone else.
<giovani> downloads something over http? or with something abusive like bittorrent?
<rayno_b> just straight forward download
<giovani> so over http then
<giovani> that shouldn't be happening
<rayno_b> remember, we're in africa.  download speeds are really slow.
<giovani> alright, well then it sounds like you may need traffic shaping
<giovani> but it's not a simple task
<giovani> so I'm not sure what to offer you
<rayno_b> Are you prepared to help me set it up?
<Sam-I-Am> mathiaz: yo
<mathiaz> Sam-I-Am: hi
<mathiaz> Sam-I-Am: what is the subject of your email?
<Sam-I-Am> looking...
<Daviey> nijaba & kirkland: Let me know when you have 5 mins to chat about ubuntu-server-tips
<kirkland> Daviey: i'm working a hard math problem at the moment
<nijaba> Daviey: I'm free now (well, let me grab a coffee first)
<nijaba> kirkland: well, since I know you do not have kids, I  guess it is not a school relted pb ;)
<Sam-I-Am> its on pkg-openldap-devel, cc'd you... 'enable nss-slapd to be built'
<Sam-I-Am> and steve...
<Sam-I-Am> since i'm kinda new to this i wasnt sure where i should run it by you guys, submit a bug/patch, or whatever...
<Sam-I-Am> s/where/whether
<mathiaz> Sam-I-Am: submitting a patch is always a good idea
<Sam-I-Am> also added a patch to fix test058's failing issue
<Sam-I-Am> sure, so just submit a bug and attach the udiff?
<Daviey> kirkland: heh, ok.. ping me and nijaba when you are free :)
<Sam-I-Am> and patches which patch the build mechanism are ok too?
<mathiaz> Sam-I-Am: sure
<mathiaz> Sam-I-Am: what's your patch about test58?
<mathiaz> Sam-I-Am: I'd also suggest to file the patches in the upstream bug tracker
<nijaba> Daviey: from what I have gathered so far, you should just add a file starting with a number inside /etc/update-motd.d/ which contains the command to be executed to display tips.  Once there the command will be executed at login to display the tip.  kirkland will confirm, but I am quite sure that's all there is to it
<kirkland> nijaba: Daviey: right...  or a symlink to a file
<mathiaz> Sam-I-Am: test58 randomly fails - try to rebuild the package and the build may succeed
<kirkland> Daviey: do you have a binary that just plucks and prints one random tip?
<Sam-I-Am> mathiaz: the patch for test058 was from hyc... it got committed to openldap CVS
<mathiaz> Sam-I-Am: part of 2.4.18 then?
<Sam-I-Am> mathiaz: so i added it to the build for 2.4.17 ... and it seems to reduce or eliminate the random failures that arent already caught
<Sam-I-Am> it will be
<Sam-I-Am> which means it becomes moot if 2.4.18 makes it into karmic
<nijaba> kirkland: /usr/bin/ubuntu-server-tip
<mathiaz> Sam-I-Am: that's ok - we backport patches from upstream if they're relevant
<Sam-I-Am> yeah, this was a minor one that just cleaned up builds... along with my nssov patch which clear out the temporary build files leftover in the nssov tree
<mathiaz> Sam-I-Am: this seems like a good candidate to send to upstream
<nijaba> kirkland: so I guess a ln -s /usr/bin/ubuntu-server-tip /etc/update-motd.d/60_ubuntu-server-tip should be it?
<mathiaz> Sam-I-Am: so I'd file a bug in ITS too
<Sam-I-Am> mathiaz: the nssov patch?
<mathiaz> Sam-I-Am: yes - if you modify the Makefile to add a clean target it would be beneficial to upstream too
<kirkland> nijaba: Daviey: yeah, that should do it ;-)
<Sam-I-Am> that was the question i had in my email... whether i should patch debian/rules to manually purge the files... or patch the nssov makefile to include a 'clean' rule and then debian/rules to call it
<mathiaz> Sam-I-Am: I didn't pay too much attention to your patch as I don't build package more than once in the same tree
<mathiaz> Sam-I-Am: patch the nssov Makefile
<mathiaz> Sam-I-Am: and submit the patch to upstream
<Sam-I-Am> ok... and what about calling it during build cleanup?
<Sam-I-Am> i originally just added the clean target to 'all' which solved it, but felt a bit clunky
<mathiaz> Sam-I-Am: the clean target in the rules doesn't clean up the build
<mathiaz> Sam-I-Am: the clean target in the rules doesn't clean up the build tree
<Sam-I-Am> what does then?
<mathiaz> Sam-I-Am: hm - well it does: rm -rf $(builddir) $(builddir_notls) $(installdir)
<mathiaz> Sam-I-Am: however it's not done from a Makefile target
<Sam-I-Am> ah, right
<mathiaz> Sam-I-Am: It doesn't use make clean
<Sam-I-Am> nssov gets built in the regular source tree, not build iirc
<Sam-I-Am> which explains where the leftovers come from
<mathiaz> Sam-I-Am: right - so may be modifying the nssov to be build in the build tree?
<Sam-I-Am> sounds like a better plan
<Sam-I-Am> now that i see how its working :)
<mathiaz> Sam-I-Am: and while you're working on this, the latest version of slapd in ubuntu doesn't load the nssov
<Sam-I-Am> figure its also pertinent for building things like smbk5pwd
<Daviey> kirkland: sorry, went AFK.. Something nijaba mentioned about it being 160 chars or less.. I was thinking of adding a "-s" switch to /usr/bin/ubuntu-server-tip that returns a tip less than 160 chars, as this might be more suitable for MOTD?  What do you think?
<Sam-I-Am> which would also be a nice thing to integrate...
<mathiaz> Sam-I-Am: I haven't tracked down the reason why the nssov shared library is not loaded correctly
<Daviey> kirkland: That obv breaks your symlink, unless -s is default behaviour
<Sam-I-Am> mathiaz: hmm... i'll look into it
<mathiaz> Sam-I-Am: that would be very helpful
<mathiaz> Sam-I-Am: take the latest version of slapd in karmic and try to load the slapd overlay
<Daviey> kirkland: i guess if user = root, it could default to -s ?
<mathiaz> Sam-I-Am: take the latest version of slapd in karmic and try to load the nssov overlay
<Sam-I-Am> k... looking at that now...
<mathiaz> Sam-I-Am: smbk5pwd is also interesting however it's build for heimdal
<Sam-I-Am> yeah, that was another question
<mathiaz> Sam-I-Am: so the overlay needs to be ported to support MIT kerberos
<Sam-I-Am> with samba4 integrating heimdal, whats the plans with MIT?
<Sam-I-Am> or are they orthogonal
<mathiaz> Sam-I-Am: MIT is the supported version of kerberso in ubuntu
<Sam-I-Am> yeah...
<mathiaz> Sam-I-Am: ie MIT kerberos is in main while heimdal is in universe
<mathiaz> Sam-I-Am: so the smbkrb5pwd needs to be ported to MIT
<Sam-I-Am> i saw something on the server pages about getting heimdal into main (which i think it was a long time ago)
<mathiaz> Sam-I-Am: there is someone from redhat working on adding support for MIT kerberos to samba4
<nijaba> Daviey: ln -s is what you would do from the command line to add the symlink.  The script ubuntu-server-tip can have whatever you want in it
<Sam-I-Am> mathiaz: ah, cool
<mathiaz> Sam-I-Am: that must have been a long time ago
<mathiaz> Sam-I-Am: the current plan is to stick with MIT kerberos in main and have heimdal in universe
<Daviey> nijaba: sure, but just wanted to clarify that the MOTD should be <160 chars.. and if so, should i make this the default behaviour if ran as root?  As update-motd no doubt runs as root.
<Daviey> Can't think of a cleaner way, i'm sure update-motd doesn't introduce any enviroment variables?
<nijaba> Daviey: ah, ok... in that case add a real file 60_ubuntu-server-tip in update-motd.d that contains a call to /usr/bin/ubuntu-server-tip and all the options you want
<Daviey> The reason i'm suggesting this, as i think the user should be able to run further ubuntu-server-tip on demand
<Sam-I-Am> the thing about heimdal is it'll set your smb password automatically when you change your kerberos password... so patching smbk5pwd might take a bit more work
<Sam-I-Am> since i think it lets heimdal handle some of the footwork automagically
<Daviey> nijaba: I was pondering the idea of a --submit option, so people could easily send a tip via the command line :)
<mathiaz> Sam-I-Am: does heimdal use the EXT OP to change the ldap password?
<Sam-I-Am> mathiaz: not for samba.. it just writes the NT hash
<nijaba> Daviey: that would be cool!  I guess it could just use the standard bug reporting interface...
<Sam-I-Am> i dont think theres an exop for md4
<Sam-I-Am> it would be nice if it was all exop...
<nijaba> Daviey: ie: ubuntu-bug command
<nijaba> Daviey: err.... no
<Daviey> nijaba: well i was thinking this.. using ubuntu-bug, but it is my understanding that; only works for ubuntu packages, not projects (not a long term issue once it is included), they also *require* a LP account.. and i don't know if this is a good or bad thing for making suggestions
<nijaba> Daviey: yes, that's what I was just looking at.  Might be simpler to have an email sent to some generic address
<Daviey> nijaba: but we don't install a smtp server on base :/
<nijaba> Daviey: for example the ubuntu-server-tip team ml
<Daviey> nijaba: that is a good idea, then there can be discussion per thread on the validity of the command.
<psi-jack> Hmm interesting.
<nijaba> Daviey: well...  if smtp is not configured (ie no smtp-mta available) maybe we could just tell the person to send an email to the list?
<nijaba> Daviey: we need something simple..
<psi-jack> I have ldaps:/// in my etc/default/slapd, and it's listening to 636, but tls is failing.
<nijaba> Daviey: btw, there is a tip about iotop and another about iftop, but none are in main, which, in the principle, breaks rule #3 on https://wiki.ubuntu.com/server-tips
<nijaba> Daviey: I do however find the tip useful, so I am wondering if we should request an exception
<Sam-I-Am> psi-jack: 636 is not tls, its ssl
<Sam-I-Am> tls uses 389
<Clusty> hey
<Daviey> nijaba: hmm.. do you think we should generally review rule #3 ?
<Sam-I-Am> in fact, you should probably not be using ssl unless one of your clients doesnt speak tls
<Clusty> i wanted to give out static IP addresses to certain MACs and dynamic tot he rest
<Daviey> nijaba: I mean, if the server admin is happy to use universe stuff - then it's enabled in sources.list.. and if they try and run the command, they'll get command-not-found telling them how to install it?
<VSpike> If I'm connected with ssh to my server and am partway through a long backup script, and if I now discover I have to leave and shutdown my client machine....
<Clusty> unfortunately google gives me just how to configure static addresses from the client side
<nijaba> Daviey: yep, I think it is quite important that we do not advise people to use stuff not in main.  but that can be discussed for utilities
<VSpike> Is there anyway, given that I didn't use nohup or screen, to prevent the backup from stopping?
<nijaba> Daviey: I would be much more concern for long standing deamons to tell you the truth
<Sam-I-Am> VSpike: use nohup? :)
<Clusty> VSpike, if i am not mistaking you can do some magic, to give a process a new parent
<VSpike> I do not like that Sam-I-Am ;)
<Daviey> nijaba: yeah, i can see that point..
<Clusty> VSpike, not sure thoiugh
<Clusty> VSpike, consider running all in a VNC ?
<Daviey> nijaba: TBH, i actually forgot about the rules on the wiki page.. not purposely disobeyed them :(
<VSpike> Clusty: I have heard of such things, I agree
<nijaba> Daviey: hey, no prob, we are still in early stages here
<VSpike> Clusty: it sounds quite voodoo
<Clusty> VSpike, i know it's possible. but i would not know where to start
<VSpike> I guess I'll just kill the backup, start screen, restart the process and check it later
<Daviey> nijaba: "Ubuntu Enterprise Cloud" tip does sail close to the wind.. :/
<VSpike> I would rather not, but if there is no other way then c'est la vie
<nijaba> Daviey: why is that?  will be in main in karmic
<Daviey> "Tips are not advertisement, but information. No paid services or product can be referred to here, except if an exception is granted during a server community meeting."
<Clusty> VSpike, so you are running backups from a ssh?
<Clusty> and want to be protected against net stops?
<VSpike> Clusty: yes, running a script on the server to backup to NAS using tar/ssh/dd
<Daviey> nijaba: Links to a page that is largely advertisment for Canonical
<VSpike> Clusty: It's a one-off hack at the moment, just to get one backup
<Clusty> VSpike, the right thing to do is to cron the task
<VSpike> Agreed
<Clusty> since anyways you prolly want to do it weekly....
<VSpike> I need to put some logging and error handling in the script and so on
<VSpike> Clusty: quite
<nijaba> Daviey: Well, agreed, the cloud pages are pushing our services around it
<VSpike> this is just a first cut "get a backup" script
<Clusty> VSpike, till then screen is a quick hack
<VSpike> Yep :)
<Clusty> VSpike, there is backup-manager
<VSpike> oh? don't know it
<Clusty> it';s a decent proggie
<Clusty> it supports incremental tars
<Clusty> so i do daily incremental
<Clusty> and weekly full backups
<VSpike> I need that elsewhere
<Clusty> and it autodeletes olb backups
<Clusty> old*
<nijaba> Daviey: http://www.ubuntu.com/products/whatisubuntu/serveredition/cloud/uec would be better, I think.  I just need to setup a short url for it :P
<VSpike> Clusty: http://pastebin.com/f6f8f0061
<VSpike> Clusty: ^ current script :)
<Clusty> you're the man :D
<VSpike> The destination is a WD Mybook World Edition with hacks applied to enable ssh access etc
<Clusty> sed-master
<Clusty> :D
<VSpike> heh
<Daviey> nijaba: I'm not happy with using tinyurl.com etc either.. one of the tips has that short url
<Clusty> so any1 can help me with my DHCP issue?
<Clusty> is it even possible?
<nijaba> Daviey: yep, that's not great.
<Daviey> (especially as i heard tinyurl are in difficulty atm)
<nijaba> Daviey: tell me which url and I'll find a way to get a short url on ubuntu.com for it
<Daviey> but it's also a third party that could potentially redirect that url to anywhere.. perhaps RHEL website :)
<VSpike> Clusty / Sam-I-Am : thanks for the help - backup running anew in screen.  Gotta dash!
<VSpike> Clusty: will check out backup-manager
<Sam-I-Am> Clusty: as long as the mac addresses are different, dhcp should hand out whatever IPs are configured
<nijaba> Daviey: https://help.ubuntu.com/9.04/serverguide/C/etckeeper.html, I guess
<Clusty> Sam-I-Am, i want to give a certain mac a certain address
<Sam-I-Am> sure
<Sam-I-Am> thats handled on the dhcp server
<Daviey> nijaba: http://tinyurl.com/etckeeper
<Daviey> yeah
<Clusty> Sam-I-Am, any place i can start reading?
<Clusty> Sam-I-Am, the server gives now dynamic to all
<Sam-I-Am> the default dhcpd.conf file includes examples of how to configure a static IP for a MAC
<Daviey> nijaba: Is a redirect from ubuntu.com/$NAME a good long term solution.. i imagine that many more tips will have urls..
<Daviey> struggling to think of something better tbh..
<nijaba> Daviey: I am writing a proposal to our webmaster as we speak.  Something like ubuntu.com/go/$name
<Daviey> nijaba: that would make sense, especially if they can create/update urls regulary on demand.
<nijaba> yep
<Daviey> nijaba: It also has the added benefit that a url that is on someones installation can be quickly resolved, if the real link turns bad..
<Clusty> Sam-I-Am, http://pastebin.com/m8bd587f
<Sam-I-Am> thats the example
<Clusty> this is the closest thing
<psi-jack> Okay. So ldapsearch -x -Z works for me, presently, but ldapsearch -x -ZZ fails with just this error: ldap_start_tls: Connect error (-11)
<Sam-I-Am> if you're using dns, you can use the hostname... otherwise, put the IP in there
<Clusty> but how do i tell it i want to give 192.168.0.201 ?
<Sam-I-Am> after fixed-address
<Sam-I-Am> fixed-address <ip>
<Sam-I-Am> psi-jack: does the cert hostname match how you're connecting?
<psi-jack> Hmm. Well I'd thought. but apparently not. I added -h ldap.mydomain.tld and ZZ worked.
<Sam-I-Am> yeah, so you can set that in ldap.conf
<Sam-I-Am> under URI
 * psi-jack nods.
<psi-jack> Got it. Finally working.
<Sam-I-Am> yay
<psi-jack> But, okay, so I wanted to create an SSL cert that was *.mydomain.tld
<psi-jack> And that one, failed, because the cn didn't match.
<Sam-I-Am> that should work fine
<Clusty> Sam-I-Am, thanks. worked
<Sam-I-Am> hmm @ installing slapd on karmic and it not asking me for a default admin password
<psi-jack> Okay, NOW * worked.
<psi-jack> Poifect.
<clusty> hey
<clusty> i am trying to get NIS running
<clusty> unfortunately this nis thing does not start
<clusty> it tries to bind to the yp server
<clusty> and it chokes (after a few attempts)
<clusty> https://help.ubuntu.com/community/SettingUpNISHowTo
<clusty> served as how-to guide
<Sam-I-Am> mathiaz: think i figured out the nssov problem... its compiled with the wrong libdir
<clusty> there seems to be some problem with this:  if [ "`ypwhich 2>/dev/null`" != "" ]
<clusty> i cannot do ypwhich
<Sam-I-Am> yp?
<clusty> NIS
<clusty> i am trying to get nis running
<clusty> Sam-I-Am, ypwhich is supposed to tell me the domain name of the NIS
<Sam-I-Am> what uses yp/nis anymore?
<clusty> Sam-I-Am, that would be me :D
<clusty> you know a better way to have centralized user management?
<Sam-I-Am> any uh.. reason?
<Sam-I-Am> try ldap
<clusty> besides ldap
<Sam-I-Am> nis is a dinosaur
<clusty> that feels overkill
<clusty> really?
<Sam-I-Am> its insecure and broken
<clusty> ldap felt complicated
<Sam-I-Am> your other choice is AD heh
<clusty> AD?
<Sam-I-Am> ldap is not bad
<Sam-I-Am> active directory :)
<clusty> is that not some windoze thing?
<Sam-I-Am> it is
<Sam-I-Am> so theres your choices...
<clusty> then billy can go suck a lemon
<clusty> won't promote M$ junk
<Sam-I-Am> ldap or... AD... which is basically microsoftified ldap
<clusty> debian fellas were not very outraged by the idea of having NIS
<clusty> and NIS+ipsec seemed a decently securized variant
<Sam-I-Am> i guess, but openldap is really the way to go
<Sam-I-Am> if nis worked, we'd have documentation for configuring it in ubuntu heh
<clusty> https://help.ubuntu.com/community/SettingUpNISHowTo
<clusty> seems very straight forward
<clusty> if it only did not choke
<Sam-I-Am> https://help.ubuntu.com/9.04/serverguide/C/network-authentication.html
<Sam-I-Am> pretty straightforward
<clusty> Sam-I-Am, yaiks. this is serious work :D
<clusty> compared with nis
<psi-jack> !find pam_ldap.conf
<ubottu> Package/file pam_ldap.conf does not exist in jaunty
<jtimberman> ldap is the way to go for single sign on, as it will work with a lot of other places you might also need authn. I would not bother with NIS.
<nick125> I thought pam_ldap.conf was just a symlink to another file in Debian/Ubuntu...
<psi-jack> Well, if it is, it's not been set properly.
<Sam-I-Am> psi-jack: its just /etc/ldap.conf
<psi-jack> My problem is ldapscripts aren't working.
<psi-jack> ldappasswd, fails, cause it tries to use SASL for some aweful reason, no matter what.
<psi-jack> Even though the ubuntu setup uses -x everywhere I can see.
<psi-jack> Otherwise, authentication is fully functional so far that I can tell.
<dmclain> Anyone here familiar with /etc/sysctl.conf?
<dmclain> Im wondering : Whats the equivalent of kern.maxproc for Ubuntu in /etc/sysctl.conf?  I didn't see a default in there for it, but I think I need to set it higher than the default for the box.
<psi-jack> dmclain: sysctl.conf is not different per distributions.
<psi-jack> It's a standard thing.
<dmclain> ah, excellent.  Thanks for taking the time :-)
<sbeattie> dmclain: that said, 'sysctl -a | grep maxproc' doesn't find anything on karmic, so I'm not sure what you're trying to set.
<psi-jack> True that.
<psi-jack> Nothing in /proc for maxproc, either.
<clusty> pffff
<clusty> i love it when the debian guys jump at your juggular
<clusty> i love it when the debian guys jump at your juggular
<clusty> when you mention ubuntu
<clusty> i feel like lining them all and bitchslapping them silly
<psi-jack> clusty: I love it when people complain about debian.. NOT
<clusty> psi-jack, even though my question is more linux rather then distro specific
<psi-jack> clusty: Point?
<clusty> psi-jack, debian ppl are knowledgeable, but damn snobs
<psi-jack> General linux, ##linux
<clusty> most of them
<psi-jack> clusty: Funny. Most Debian people I meet, don't know jack crap.
<clusty> psi-jack, i mean irc ppl
<psi-jack> Most of the time, in fact, they hide behind their ego.
<psi-jack> clusty: So do I.
<clusty> #ubuntu is not very usefull
<clusty> most questions are quite basic
<psi-jack> This is why ##linux exists.
<clusty> and is also insanely large traffic
<clusty> this is best really. cause it'sa bit more customized
<clusty> best of both worlds. ppl know their shitr generally
<clusty> and replies are ubuntu specific
<clusty> such as conf file location ...
<psi-jack> How many questions do you have that are ubuntu-specific that cannot be resolved without being distribution-specific?
<psi-jack> Conf file location /etc
<psi-jack> Simple
<clusty> anyways back to debian, i would rather them be a bit more understanding
<psi-jack> Why do you think Ian Murdock isn't with them anymore?
<psi-jack> Or even supporting them?
<clusty> who is he?
<clusty> sorry for asking :D
<psi-jack> The founder of Debian.
<clusty> i know stallman, which i don't particularilyl like
<clusty> but respect still
<psi-jack> Heh
<psi-jack> I wish there was a TurnKey for just making an authentication box and/or a router box.
<clusty> most starters of trends end up dissociating themselves from their creations
<clusty> psi-jack, there is
<psi-jack> clusty: Erm?
<clusty> there are routing distros
<clusty> like entangle
<psi-jack> Like?
<clusty> or something like that
<psi-jack> Untangle?
<clusty> that one :D
<clusty> might have to cough up some cash if you want really fancy stuff
<clusty> like balancing and smart filters
<clusty> spam
<psi-jack> Bleh
 * psi-jack turns back on Untangle right away.
<psi-jack> Next!
<clusty> :D
<psi-jack> Hell, eBox is better
<clusty> it's fine
<clusty> only antivir/load balance are paid
<psi-jack> Yeah, which are standard Linux features.
<clusty> load balanciong is hard
<clusty> you cna always implement it yourself
<clusty> but you loose the fancy GUI thing
<clusty> or whatever
<psi-jack> Hmm. Dunno.. So far it looks okay.. Without the load balancing part, it has QoS
<psi-jack> And tailored QoS at that, not just basics like wondershaper gives
<psi-jack> It's Debian-based I see?
<psi-jack> Might toss this on my spare server to test it out, so I have a backup router just in case.
<psi-jack> Still wondering how in the frack they do it under Windows.
<clusty> psi-jack, it's debian i guess
<clusty> psi-jack, you could actually install a package at some point
<clusty> on top of an ubuntu
<psi-jack> Using apt?
<clusty> yes
<clusty> but when i tried it failed
<clusty> actually i never got the thing running
<psi-jack> Oh nice!
<clusty> cause i did nto want to dedicate a box for just routing
<psi-jack> I already do.
<psi-jack> routing, mail, and dns cachine.,
<clusty> i will suggest the big chief buys a new box
<psi-jack> caching
<clusty> i did not do cahceing just yet
<clusty> i am fighting with getting dns working for local pc-s
<psi-jack> dns caching, not web caching.
<clusty> i know
<clusty> dnsmasq
<clusty> or how is it called
<psi-jack> No, bind.
<giovani> bind is incredible bloat for a dns cache
<clusty> i failed yesterday getting bind to like my local pc-s
<clusty> i postponed the task for now
<clusty> and wanna get central user management
<clusty> guess there is not way around it
<clusty> but using ldap
<psi-jack> What I reaaaaly want, though, is a turnkey like this, for just authentication.
<psi-jack> Like you just said, central user management.
<clusty> i never set up such a thing, so it's a learnign 3experience
<KillMeNow> i reaaaaally want Telekinesis and Omnipotence but that's not gonna happen anytime soon
<clusty> i am a self taught sys admin
<clusty> :D
<psi-jack> It's a pain in the arse.
<clusty> wonder are there ppl actually learning linux in school?
<psi-jack> clusty: So am I, since before Linux 1.0.0 was released, I've been using Linux.
<clusty> besides taking certifications
<psi-jack> I've 0 certifications.
<psi-jack> Just a lot of hands-on experience and know-how.
<clusty> i sinstalled linux in 5th grade first D:
<clusty> that was like 15 years ago
<clusty> was damn strange toy, i did not know what it was good for
<giovani> 15 years ago, linux 1.0 hadn't been released
<clusty> think it was first slackware
<clusty> 10 years
<clusty> not 15
<clusty> what is linux 1.0?
<clusty> some homebew thing before distro concept?
<clusty> :D
<giovani> ...
<giovani> the kernel version
<clusty> ohh
<clusty> holly molly
<clusty> what about first slackware?
<clusty> what kernel did that have?
<clusty> lemme look
<giovani> probably slightly before that
<clusty> had the most god awful WM :D
<clusty> anyways i started using linux full time in university
<clusty> and that was debian
<giovani> slackware 1?
<giovani> highly doubt there was a window manager :)
<clusty> there was a horrid TWM-like thing
<clusty> can hardly call it WM :D
<clusty> slackware 1 came in 1992
<clusty> twm came in 1987
<clusty> or so wiki says
<psi-jack> Hmmm. I might look into zeroshell.
<clusty> psi-jack, that is cool i hear
<clusty> psi-jack, a lot of people are doing mlppp with it
<psi-jack> mlppp?
<clusty> psi-jack, multi link ppp
<psi-jack> Ewww
<clusty> psi-jack, you basically bind multiple DSL lines
<clusty> awesome
<clusty> :D
<clusty> for a multitude of reasons:
<psi-jack> sadism?
<psi-jack> :p
<clusty> 1 you get all the transfer rate in 1 conection
<clusty> 2 you bypass DPI
<clusty> in canada all DSL is screwed
<clusty> all DSL traffic is throtelled
<clusty> no torrents, no encrypted stuff
<clusty> psi-jack, i am having ldap trouble
<clusty> following this guide: https://help.ubuntu.com/9.04/serverguide/C/openldap-server.html
<giovani> in canada, dsl owns you!
<clusty> giovani, yeap.the EWUL bell is choking the life of the net
<giovani> clusty: I don't know what "no encrypted stuff" means -- I assure you the major candian isps don't block ssl
<clusty> they dont block
<clusty> here is deal:
<clusty> 80% of dsl goes through bell infrastructure
<clusty> bell is slowing down every1 cause they claim their netowrk cant do full speed
<clusty> so whatever DPI can't figure out it assumes it's not legitimate traffic
<clusty> all SSL=torrents
<clusty> in their mind
<giovani> I don't believe that
<giovani> it's easy enough to test
<giovani> find an ssl webserver and do a speed test on it
<clusty> i did test
<clusty> there is a big fuss now about it
<clusty> i mean ppl going to ottawa and screaming BELL GO HOME :D
<clusty> anyways, i installed ldap set the admin password, but when i do a ldapsearch the thing rejects credentials
<KillMeNow> which is why i'm praying that Net Neutrality laws come to life here in the US
<giovani> clusty: probably doing the wrong auth, etc
<clusty> giovani, me, the good little tool is doing copy paste from site
<giovani> clusty: sasl or simple?
<clusty> giovani, not clue what that is :D
<clusty> ldapsearch -xLLL -b cn=config -D cn=admin,cn=config -W olcDatabase={1}hdb
<giovani> time to read more about ldap then
<clusty> is what i am doing
<clusty> giovani, so yes, that is sassl :D
<mookatt> hi everyone, looking for advice --- i'm very much in need of generating pdf's of internal webpages on my dapper server and I can do this with firefox+commandline print extension.  I need gtk+ toolkit however.  How big of an issue is it to have gtk+ on my server?  Obviously it's overhead not needed and may present security issues, but I'm not seasoned enough to know exactly what caveats will creep up
<Claw6> anybody may can help me with mysqldump ?
<Claw6> i run it but nothing seems to happen
<mookatt> what do you need to know?
<Claw6> may im doing something wrong
<mookatt> what command did you run?
<Claw6> mysql -u root -p -h localhost db260642497  < dumpDB_.sql
<Claw6> where will it be saved to ?
<mookatt> try mysql -u root -p -h localhost db > dump.sql
<mookatt> > instead of <
<Claw6> mh... seems processing
<Claw6> well i just copied that commandline from a website
<Claw6> did not recognized that < was the wrong way
<mookatt> the < typically means to read that file as input and the > means to put the result of the command to a file
<mookatt> man mysqldump
<KillMeNow> you can also "stream" in a sql dump file from within the mysql command line, just FYI
<Claw6> where will the dumpDB_.sql will be stored to ?
<Claw6> im realy new to unix
<KillMeNow> in the directory you ran the mysqldump command
<KillMeNow> if you don't explicitly state the path
<KillMeNow> so if you're in /tmp
<KillMeNow> and run mysqldump -u root -p --database > DBsql.sql
<KillMeNow> you should find a DBsql.sql file in the /tmp dir
<mookatt> anybody have any opinions on installing gtk+ toolkit on a dapper server?
<clusty> well gonna run home. hopefully electricity is back up
<Claw6> KillMeNow nope it does not appear there
<Claw6> or its not even created
<Claw6> should i get a echo out when its done?
<KillMeNow> don't think so, don't remember getting one in the past
<KillMeNow> ls -la
<KillMeNow> mysqldump -u[user] -p[password] [databasename] > dumpfile.sql
<KillMeNow> that is the command you should run
<KillMeNow> you can do it like this:  mysqldump -u[user] -p[password] [databasename] > /path/to/dumpfile.sql
<KillMeNow> if you want to explicitly state the path the archive should be dumped to
<KillMeNow> if you leave the -p blank, it should prompt you for a password
<uvirtbot> New bug: #415559 in freeradius (universe) "Unable to open file "/etc/freeradius/sql/mysql/dialup.conf": No such file or directory" [Undecided,New] https://launchpad.net/bugs/415559
<Claw6> well after importing the db (it should overwrite an existing one) do i have to restart mysql or anything like that ?
<KillMeNow> nope...  shouldn't need to
<KillMeNow> however, if you accidentally imported a blank file, i think that *may* bork your old database
<KillMeNow> I know I've accidentally taken a empty .sql DB backup before and over wrote the DB i was trying to backup
<KillMeNow> thankfully i did have good backups stored elsewhere
<uvirtbot> New bug: #412059 in vtun (universe) "MIR for vtun" [Undecided,New] https://launchpad.net/bugs/412059
<psi-jack> Hmmm
<psi-jack> Well, I'd tried zeroshell, and was not impressed.. At all.
<psi-jack> Now, what I seriously would like, is like a distribution or "appliance" that uses gosa.
<psi-jack> That... Would be utterly sweet.
<Djannakhan> Hi,
<Djannakhan> I've a issue with locale on a fresh new ubuntu server 9.04 install
<Djannakhan> http://pastebin.ca/1534376
<Djannakhan>  dpkg-reconfigure locales won't solve the issue
<Djannakhan> (it gave the same issue)
<sub> Djannakhan: Try installing the language pack - sudo apt-get install language-pack-en
<Djannakhan> sub: it's allready installed (i've just run the command)
<Djannakhan> http://pastebin.ca/1534383
<Djannakhan> I still got the warning
<Djannakhan> strange this file :  /var/lib/locales/supported.d/local does not exists on this server, while on other servers, it exists
<sub> Ah hmm, have you tried manually running locale-gen ?
<sub> I believe it's what's actually responsible for populating that directory/file
<Djannakhan> sub: yes I did and it didn't change anything
<Djannakhan> sub: I'll retry just now, as i've reinstalled the system this afternoon
<Djannakhan> sub: still no change
<Djannakhan> same warning on 'locale' command
<sub> I don't know, I'd say you could try local-gen --purge but I'm not sure if that will really fix anything or somehow make it worse. You lost me =)
<Djannakhan> ;)
<Djannakhan> don't solve the problem either
<Djannakhan> but what's strange is that en_US.ISO-8859-15  is not regenerated
<Djannakhan> could this be the problem ? if I change the system local to en_US.ISO-8859-1, which is generated?
<Djannakhan> Yes !
<Djannakhan> I've changed to en_US.ISO-8859-1, then sudo  dpkg-reconfigure locales, 'locales' command still show the issue, but after a reboot it's gone !
<uvirtbot> New bug: #415627 in mysql-dfsg-5.1 (main) "mysql-server + akonadi-server = conflict" [Undecided,New] https://launchpad.net/bugs/415627
<sub> excellent
#ubuntu-server 2009-08-19
<Djannakhan> sub: blogged : http://blog.mansonthomas.com/2009/08/locale-configuration-issue-on-ubuntu.html ;)
<Djannakhan> sub: thanks for the help ;)
<Ng> are the official ec2 8.04 images available for download somewhere?
<psi-jack_> Sooo, anyone know of a Ubuntu-based distribution that is configured to be a Central User Management system?
<psi-jack_> eBox is working on it, but is not quiiite there yet.
<qman__> I actually downloaded ebox to try that
<qman__> haven't gotten into it yet, but even just looking at the site, it doesn't look good enough yet
<psi-jack_> They say it'll be a few weeks before they gear it up for that.
<qman__> quite frankly, that's one of the few things microsoft is still holding over the linux community--an easy, all-in-one directory service
<psi-jack_> I know, I was very specifically opening that can of worms.
<psi-jack_> pah! Easy?
<psi-jack_> Active Directory, EASY? Are you nuts? :)
<qman__> I guess that's an exaggeration, but it's arguably easier than setting it up the manual linux way
<qman__> but if something like ebox does come together
<qman__> that'll be a huge advantage
<psi-jack_> Eh.. yeah, you plop in the Windows 2008 R2 disc, and install
<psi-jack_> True.
<psi-jack_> So,
<psi-jack_> I think for now..
<psi-jack_> i'm just going to use eBox and NIS+ for now.
<qman__> I've tried several times to get an openldap based setup working, but it's just such a big task
<qman__> automating the process would help a lot of people
<clusty> psi-jack, nis+ ?
<clusty> psi-jack, what package provides that?
<clusty> psi-jack, still having trouble starting the damn nis server :(
<twb> AFAIK NIS+ doesn't exist on GNU/Linux
<twb> Also note that NIS+ is deprecated or obsolete even on Sun gear
<twb> qman__: getting pam_ldap working on the client side is dead easy.  It's the server side that badly needs turn-key level automation.
<psi-jack> qman__: Yeah, it's sad too, cause, I used to know openldap like the back of my hand.
<psi-jack> qman__: But that was back in 2.0 days. 2.4's a whooooole new ballgame.
<qman__> yeah
<SJr> I have been looking for a guide for installing Ubuntu Server via USB, a guide I found is here: https://help.ubuntu.com/community/UbuntuServerFlashDriveInstaller, but I was wondering if there was actually a utility, I thought there was
<qman__> not to mention if you need an extra secure deployment, fully encrypted
<qman__> there's so many options, you have to first decide what to use
<qman__> kerberos, ssl
<qman__> and if you need to integrate with windows, you're really in trouble
<twb> qman__: windows OR samba
<SJr> How long should it take to create a LVM partition on a 1 TB drive?
<qman__> quite a while
<qman__> I can't say exactly, but that's a lot of space, should take anywhere from 20 minutes to an hour
<qman__> maybe longer
<SJr> Why should I use LVM?
<qman__> LVM allows for greater flexibility in your partitioning scheme
<qman__> lets you treat multiple physical spaces as one unit, and create any number of partitions in it
<SJr> Hmmmmmm
<SJr> Encrypted home directories...
<qman__> for the sake of simplicity, I generally don't use LVM unless I need the features it enables
<qman__> but to each his own
<qman__> keep in mind formatting 1TB of space will take quite a while as well
<SJr> hmmmm it seemed to have finished
<SJr> which is excellent
<SJr> because as god as my witness, judgement shall come to pass
<twb> Only for sucky filesystems like ext3
<ball> twb: is ext4 equally sucky?
<twb> In this capacity, yes, because it's backward-compatible with ext2
<qman__> I use ext3 simply because it's never given me any trouble
<qman__> where XFS and reiser have
<twb> qman__: I'm talking strictly about time to create the filesystem being O(n) not O(1)
<qman__> that's pretty subjective and they're certainly good filesystems, just my experience
<twb> An operation being O(n) is not subjective!
<qman__> no, that's not what I was referring to
<qman__> I'm in an awkward position so my typing is slow
<twb> OK, carry on then
<qman__> from the instances I've encountered, ext3 is incredibly good at handling corruption, reiser is ok but takes a lot more work, and XFS is a disaster
<qman__> I've lost entire XFS filesystems due to system crashes
<oh_noes1> Is there a package I can install to update Ubuntu Server 8.04 with validated Public Certificate authorities?
<oh_noes1> Im trying to "curl https://www.verisign.com" and it's not working
<oh_noes1> I assume because it doesnt ship with Verisign's (or any others) public CA
<qman__> yeah, I'm pretty sure there's a package with those in it
<twb> XFS assumes you do not have crashes
<oh_noes1> pzl help me find it :s
<twb> XFS is Wrong to use unless you have a UPS and write-thingies, which IIRC LVM doesn't support.
<qman__> I'm trying to find out what package it is
<twb> Also XFS needs you to be running the latest upstream kernel version because otherwise your whole system will explode with bugs
<qman__> I have them installed on a machine
<twb> But APART FROM THOSE MINOR THINGS, XFS is fantastic.  So the XFS weenies tell me
<qman__> heh
<twb> write barriers.  Those are the things
<qman__> incidentally, I was running with a UPS
<qman__> but the system hard locked for some reason or another
<twb> md RAID and/or LVM don't support write barriers.
<qman__> and poof, there goes my filesystem
<twb> qman__: yup, btdt
<qman__> I simply cannot figure out which package this is
<oh_noes1> qman__:  found it ...  "ca-certificates" lol
<oh_noes1> so obivous
<qman__> I have a bunch of verisign and such certs in /etc/ssl/certs
<qman__> ah
<qman__> of course
<twb> qman__: apt-file search .crt
<twb> Or if it's already installed, dpkg -S or dlocate
<qman__> nice
<qman__> it's interesting you should mention that bit about LVM
<qman__> the tutorial on the ebox website instructs you to create an LVM and XFS filesystems
<aubre> anyone have any luck running tsm on ubuntu server jaunty 64-bit?
<uvirtbot> New bug: #415732 in bind9 (main) "Please sync bind9 1:9.6.1.dfsg.P1-3 (main) from Debian unstable (main)." [Wishlist,Confirmed] https://launchpad.net/bugs/415732
<cef> is it just me, or is security.ubuntu.com rather slow?? damn these kernel bugs.
<twb> When oh when will we get our ubuntu/kSolaris ?
<twb> >duck<
<henkjan> cef: you can try to change security.ubuntu.com in /etc/apt/sources.list in yourcountrycode.ubuntu.com
<cef> henkjan: yeah I could, and trust that the local mirror is either up to date (it lags), and that they have correct (valid, untampered) updates
<henkjan> cef: ah. I did change sources.list to use the country mirror
<henkjan> and I trust the country mirror, because we run it ourselfs :)
<cef> hrm, 5% of the kernel before the connection to security.ubuntu terminates.. 3 times so far so 15% total.. guess we'll see
<cef> henkjan: yeah I use the local mirror, but it has not 100% up to date for security
<cef> amazing, this attempt, I'm almost getting 20KB/sec!
<cef> spoke too soon.. down to 9k
<cef> would be interesting to see how high the load figures are on security.ubuntu ;)
<LiraNuna> what's up with http://security.ubuntu.com ?
<LiraNuna> heh
<twb> henkjan: I think that should be NN.archive.ubuntu.com
<twb> Where NN is an ISO country code.
<LiraNuna> those with 8.04 and non-zero can 'skip' the update?
<LiraNuna> mmap > 0
<LiraNuna> I can't seem to find the linux-image-2.6.24-24-virtual package,
<LiraNuna> ah, it's 32bit only
<LiraNuna> figures...
<uvirtbot> New bug: #254687 in vsftpd (main) "userlist options doesn't work in vsftpd" [Low,Confirmed] https://launchpad.net/bugs/254687
<artillerytx> Hey guys
<artillerytx> Why is it i have to keep restarting apache2 to get my sub-domain to work ?
<jtimberman> artillerytx: when you make changes to apache configuration, even for virtualhosts, you need to restart/reload apache.
<artillerytx> jtimberman: i haven't made any changes since i last restarted it
<jtimberman> artillerytx: i don't know what you mean then.
<artillerytx> Okay it seems like my subdomain will work for a while then maybe a few hours later it stops working and the only way to get it working again is to restart apache2
<jtimberman> artillerytx: as in it becomes nonresponsive? Perhaps a traffic or performance issue?
<artillerytx> it says server not found
<_ruben> checking the logs would be a start
<artillerytx> i don't see any errors in there
<artillerytx> what am i looking for
<\sh> moins
<atomic__> yeah, security.ubuntu.com seems hosed from here too
<artillerytx> okay cool i tried to run apt-get update and it said couldn't connect to that domain
<maswan> atomic__: yeah, we've been discussing it over in -mirrors too
<atomic__> btw, is it possible that local archives are not updated at the same time? im trying to update a server in a different country and apt-get ugprade seems to get the lists from the squid cache
<atomic__> thnx maswan
<atomic__> i mean apt-get update
<maswan> but it requires the appropriate person at canonical to take actionn
<atomic__> its fairly early in the morning for the europe staff, they'll get to it :)
<artillerytx> jtimberman: does http://swot.wwmcd.org work for you ?
<jtimberman> not found by my DNS server.
<artillerytx> so its a dns issue
<artillerytx> so should i check my bind logs ?
<cef> fwiw, I get like 5% of a file and then the connection to security dies. restart the download (using -d to apt-get) and it resumes for another 5%
<atomic__> things seem to have started moving
<_ruben> stupid makefile variable expansion shit
<_ruben> bah .. might have to have my makefile create a modified makefile and then call that one .. if only i could have immediate expansion of variables
<acalvo> Hi
<acalvo> I'm quite confused
<acalvo> I have a server that acts as a PDC
<acalvo> and it has a LDAP tree
<acalvo> on the other side, I'm setting up a mail server
<acalvo> I want to store mails in the mail server, under a fixed path
<acalvo> I'm using dovecot and postfix
<acalvo> but it seems that I'm misunderstanding several things
<acalvo> I do not want to have virtual users
<acalvo> but I don't know if the term "virtual users" applies to having the users in another server
<acalvo> while the mail server is configured to lookup thru LDAP (to log in to the server using SSH, for instance)
<Boohbah> yes that sounds very confusing
<_ruben> yup .. confusing.. :)
<_ruben> and virtual users is nearly always what you want .. unless all email accounts are local users, and all domains are to be treated identically
<acalvo> well
<acalvo> uf
<acalvo> so confusing
<_ruben> and well .. if you dont use dovecot's deliver lda but postfix' builtin local lda, mail by default ends up in /var/mail/<user> .. then again, that assumes you want all domains treated equally (if there'd be more than one)
<_ruben> (<user> doesnt contain the domain, so user@domaina.com is the same as user@domainb.com
<_ruben> )
<acalvo> well
<acalvo> I do have more than one domain (domain1.maindomain.com, domain2.maindomain.com)
<acalvo> but it does not matter
<acalvo> the thing is that I'm not able to deliver mail
<_ruben> show proof of that :)
<_ruben> !doesnt work
<ubottu> Doesn't work is a strong statement. Does it sit on the couch all day? Does it want more money? Is it on IRC all the time? Please be specific! Examples of what doesn't work tend to help too.
<acalvo> Aug 19 11:10:40 jupiter postfix/smtpd[3222]: NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 550 5.1.1 <andreas.calvo@admi.esci.es>: Recipient address rejected: User unknown in local recipient table; from=<andreas.calvo@admi.esci.es> to=<andreas.calvo@admi.esci.es> proto=SMTP helo=<andreas.calvo?admi.esci.es>
<_ruben> so your recipient table isnt setup properly .. i have no experience with postfix talking to ldap though .. could you pastebin the output of postconf -n ?
<acalvo> _ruben: http://pastebin.com/d782d9f02
<acalvo> but I'm using a documented guide in the ubuntu's community site
<_ruben> (another hint is to start the setup using hash files instead of ldap, when that works, migrate those hash files to ldap one by one)
<_ruben> i only see lists of aliases defined, no lists of valid mailboxes
<acalvo> mmm let me see
<acalvo> _ruben: well, it seems that I'm doing some progress
<acalvo> now I see I'm login to the LDAP tree
<acalvo> and it delivers to dovecot
<acalvo> but it does not get the mail yet
<_ruben> "does not get the mail yet" .. what does that mean?
<acalvo> postfix can find the user
<acalvo> and it relays to dovecot
<acalvo> but still generates the non-delivery message
<_ruben> pastebin the log lines that say so
<acalvo> http://pastebin.com/pastebin.php
<acalvo> sorry
<acalvo> http://pastebin.com/d76682ac2
<_ruben> dovecot isnt accepting your email .. probably lacks a valid userlist as well
<acalvo> mmm
<acalvo> I can log in thru imap
<acalvo> so it should be working
<acalvo> what I don't understand is why is generating the non-delivery mail to acalvo@esci.es, which is uid@domain
<_ruben> that's odd then .. dovecot isnt logging anything when postfix is trying to deliver mail to it ?
<acalvo> _ruben: in a separate file, yes
<acalvo> but it does not show anything relevant
<acalvo> just says it's loading some plugins
<_ruben> acalvo@esci.es is probably the return-path: used in the mail .. you didnt paste that part of the log ;)
<_ruben> s/return-path/envelope sender/
<acalvo> one question: what does postfix needs to know when looking up the users?
<acalvo> their mailbox directory?
<acalvo> or what?
<_ruben> nothing, just whether or not its valid
<acalvo> mmm ok
<_ruben> dovecot needs to know the details
<_ruben> oh .. i see the problem now
<_ruben> you have the domains listed in mydestination -> no virtual users
<_ruben> nevermind
<_ruben> local users are delivered via dovecot too
<acalvo> aham
<acalvo> so it should look them using dovecot?
<acalvo> the thing is that I want to believe that postfix in this scenario is a dumb MTA, it just relays on dovecot
<acalvo> so dovecot should do all the job
<acalvo> but I think it's not
<acalvo> postfix needs to know that the user is valid and then pass the mail to the relay agent
<_ruben> relay=dovecot .. that looks odd to me .. it isnt treating it as local afterall
<_ruben> i'd go for virtual domains instead personally .. using locals this way looks kinda nasty to me
<_ruben> and you'll get some additional freedoms as well for "free" .. like being able to handle (certain) domains differently (might want/need it in the future :))
<acalvo> ok, seems fine
<acalvo> since I do have some different domains
<acalvo> any good howto to do that using LDAP?
<_ruben> mailbox_command and mailbox_transport .. seems the latter overrides the first .. i assume you have a dovecot entry in your /etc/postfix/master.cf ?
<acalvo> currently I was looking at https://help.ubuntu.com/community/Postfix/DovecotLDAP
<acalvo> _ruben: yes
<_ruben> the ldap part doesnt really matter .. any howto on it using mysql would be fine .. you'll just have to modify the lookup files to talk to ldap instead of mysql for instance
<_ruben> but afaik, the problem is with dovecot, as postfix tries to hand it off to dovecot, but dovecot isnt accepting it
<acalvo> at least now I'm seeing errors in dovecot's log file
<_ruben> that's "good" :)
<acalvo> now it's funny
<acalvo> if I send a mail it is stored in mail_base/user (as in user@domain)
<acalvo> but if I log in thru imap it looks in mail_base/uid
<acalvo> so... it is saving mail but I've to tell dovecot to use the same pattern to look for mail
<acalvo> look and save
<\sh> guys, what is the best way to teach initramfs to deal with vlans?
<soren> \sh: Why would the initramfs have to do that?
<\sh> soren: it drops to a shell because it can't find an iscsi device, which is only reachable using my vlan network setup...I can see all interfaces != vlan interfaces in this shell
<\sh> the real network setup is done after initramfs drops to the real root
<\sh> which is wrong
<\sh> in this case
<soren> You've got root on iscsi?
<\sh> soren: nope
<soren> Why does this need to be in the initramfs then?
<\sh> soren: no root...additional device somewhere mounted on /opt and it's written in /etc/fstab
<soren> initramfs only mounts /.
<\sh> soren: which is strange...it breaks before / and after fsck
<soren> fsck? initramfs doesn't run fsck.
<\sh> soren: so what breaks it then?
<soren> It's hard to tell from here.
<stefan___> hello
<soren> There is no fsck in initramfs, so if it's after an fsck, it's not initramfs. You're barking up the wrong tree.
<soren> \sh: Your problem probably is that the network interface isn't being brought up early enough.
<\sh> soren: ok then it's not initramfs but something doesn't like to bring up all network interfaces  and that breaks iscsi to not find the devices, and the fsck.xfs wants to do its work, but fails and drops me into a root shell with only / mounted
<soren> Ok.
<soren> S40networking runs after iscsi. If your network does not get set up by udev, networking will not be available when iscsi starts.
<soren> You can apply a hack to fix it, but the proper fix is quite difficult to get right..
<\sh> soren: so changing the bootorder of iscsi to start after networking should fix that
<soren> You can start open-iscsi from an "up" clause in etc/network/interfaces of the interface in question, and then make sure the iscsi block device gets mounted at that point.
<\sh> soren: that's the simple way...but looks like we should re-think the way of starting services which could need a full network config
<soren> \sh: What we realy should do is fix the networking setup to be configured when udev discovers the physical devices in question.
<\sh> soren: btw...is it possible to tell udev to setup bonds and vlan network interfaces somehow?
<soren> \sh: Not exactly.
<soren> udev triggers on availability of physical devices.
<soren> vlan and bonding configuration needs to turned upside down, so to speak.
<\sh> soren: ok...looks like that the problem lies somewhere else anyways../etc/init.d/open-iscsi is symlinked in /etc/network/if-up.d/ and afaik this will be called for all interfaces which will come up, right?
<soren> Right now, it looks for "auto" clauses and finds e.g. "auto bond0", which referes to an bonded interface made up of two physical interfaces..
<soren> What we should do instead (or in addition) is to have the "iface eth0" stanza say that it's part of a bonded interface called "bond0".
<soren> That way, bond0 would be configured as the relevant physical interfaces come up.
<soren> \sh: Yes, that's correct.
<\sh> soren: ok...that's the bugger...open-iscsi is not started during bootup, but will be executed for any network device which comes up
<\sh> and it looks like that it breaks network setup when it tries to find the iscsi device on the if-uped interface, when open-iscsi can't reach the device
<\sh> s/device/isci-device/
<soren> It shouldn't.
<soren> It's meant to try to connect when each interface comes up and handle it all gracefully.
<soren> Anyhow, I need lunch.
<\sh> oh my...now it's getting really hard...rcS.d/S25open-iscsi
<_ruben> acalvo: was out for lunch .. are you using prefetching in dovecot (one query for both user and passwd data)? if so, you're passwd query might give back the wrong locating, whereas the user query does not
<acalvo> _ruben: well, I've enabled it a while back
<acalvo> well, I've find a workaround
<acalvo> using the %n variable didn't work
<acalvo> because in one scenario it referred to the user part in user@domain
<acalvo> and in the other referred to the uid of the user
<_ruben> nice
<acalvo> now I've try to use %i, which is the id of the user under unix
<acalvo> is really nasty
<acalvo> but it's working
<maswan> \sh: oh btw, do you have p410i controllers in your blades?
<\sh> maswan: nope e200i
<\sh> maswan: we don't need much io performance on the blades itself :)
<\sh> drive io performance ;)
<maswan> \sh: Ok, I guess I'm the only one with those then too. :)
<maswan> \sh: That's what's onboard, just like the 10GE nics.
<\sh> maswan: in our dl365er we are using p400i dunno what's the difference between p400i and p410i
<maswan> \sh: yeah, we have some of those. these are the first one with these, and I was just wondering if you could reproduce a cciss issue for me. :)
<\sh> maswan: sorry..I would like to..but can't...anyways what's happening?
<maswan> \sh: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/413070
<uvirtbot> Launchpad bug 413070 in linux "karmic cciss: error messages on working device" [Undecided,New]
<\sh> maswan: ok...what I can tell you, on the e200i it doesn't log any messages like that
<\sh> maswan: and on my dl365 with a p400i also no sign of those
<maswan> \sh: I have p400is too, noproblem there
 * \sh needs to find a good fix for this open-iscsi problem
<acalvo> _ruben: noew everything works
<acalvo> just one question
<acalvo> I need to have several subdomains
<acalvo> but I only can log in using the main address
<acalvo> one user can have more than one mail address
<acalvo> so user@domain.com works
<acalvo> but user@sub.domain.com doesn't
<acalvo> althought it should look it up in the ldap tree
<_ruben> acalvo: are those aliases, seperate mailboxes, something else?
<acalvo> no
<acalvo> I want to use the same mailbox for the every user
<acalvo> althought a user could have more than one mail address
<acalvo> it's like an alias
<acalvo> but it's stored under the mail attribute of the ldap tree
<_ruben> a mailbox is associated to a username, and can have multiple email addresses bound to it .. to login to the mailbox, you use the username, not email address(es)
<_ruben> then again, it all depends on how you have stuff configured :)
<acalvo> that last sentence didn't sound so good :/
<_ruben> well .. in my case, usernames are (primary) email adresses .. ppl would login using their primary email address, yet receive mail for any aliases as well (in that same mailbox)
<acalvo> that's what I want
<_ruben> how are your mailboxes "defined" ? based on username or username@domain?
<RoyK> acalvo: what mail system_
<RoyK> ?
<acalvo> _ruben: username@domain
<acalvo> RoyK: dovecot+postfix with ldap backend
<_ruben> acalvo: im guessing that in your current setup, you dont really have "aliases", but each "alias" has become its own mailbox
<RoyK> acalvo: there is a #dovecot channel if you have problems with that
<acalvo> RoyK: I know, and I've been there
<_ruben> you'll need a way to differentiate between an alias and a mailbox
<_ruben> which depends on your ldap schema
<acalvo> _ruben: the thing is, the system is set up to deliver the mail not based on the address of the user, but the unix id
<acalvo> so if a user has more than one address
<_ruben> you can then have postfix send mail for any aliases to the apropriate mailbox
<acalvo> it will be redirected to the user id
<_ruben> acalvo: why would you want users to be able to login using an alias?
<acalvo> well
<acalvo> I'm working for a university
<acalvo> and some people need to have more than one addres
<acalvo> because they're in more than one department
<acalvo> for example
<_ruben> one mailbox ... multiple aliases ... only one login required
<_ruben> thats the whole idea of aliases
<acalvo> yes, I know
<acalvo> and, in the old server (which I configured like 3 years ago), it worked
<acalvo> not nice
<acalvo> but it worked
<acalvo> looking up every mail attribute for a user in ldap
<acalvo> now, trying to use new ways to do that better
<acalvo> it only works with the main domain address
<acalvo> while the user has more than one address
<acalvo> so user@domain.com works
<acalvo> but the same user, which has user@sub.domain.com, does not work
<acalvo> and it's quite annoying
<_ruben> wait .. define "works" .. are we talking sending mail (smtp/postfix), or receiving mail (pop3|imap/dovecot)?
<acalvo> sending mail
<_ruben> ahh
<acalvo> I can see how postfix tries to find the user
<acalvo> but it always fails
<_ruben> show logs? :)
<acalvo> pastebin thinks I'm posting spam
<_ruben> try http://pastebin.ubuntu.com or so :)
<acalvo> http://pastebin.com/d303e802d
<acalvo> replaced the @ with -AT-
<_ruben> my guess would be flawed ldap lookup queries or something similar .. i find postfix' debug logs rather unreadable .. in my case (mysql based backend) i'd either sniff the mysql traffic or enable query logging for mysql .. not sure if ldap provides similar mechanisms
<_ruben> bbiab
<acalvo> I know
<acalvo> funny thing is that I'm receiving twice the mails
<acalvo> if I send them to the internal mailboxs
<acalvo> any good webmail?
<acalvo> Now we're using horde, but we must upgrade
<acalvo> so we can change it for something newer
<_ruben> im still "shopping" for a decent webmail interface .. roundcube looks nice, squirrelmail is the classic ofcourse, there's atmail too
<sgsax> acalvo: "good" is very subjective
<sgsax> I'd say most webmail apps are "good enough"
<sgsax> they all kinda suck in one way or another, including gmail
<_ruben> nobody's perfect ;)
<sgsax> gmail fanbois would disagree with you :)
<_ruben> hehe
<sgsax> the uni I work at used a modified horde for a long time, had some serious scaling problems
<sgsax> now we use hosted zimbra, which is interesting, to say the least
<_ruben> horde didnt appeal much to me last i checked
<sgsax> like I said, it's about as good as any of the rest of them
<sgsax> my hosting provider lets me choose between horde, roundcube, and squirrelmail
<_ruben> lets just use OWA ;)
<sgsax> there's good and bad about each of them
<_ruben> i'll probably offer something similar (the choice of a few)
<sgsax> if you want simple, squirrelmail is the way to go
<sgsax> it's about as basic as you can get
<_ruben> fuck .. got a 1G / (on a 2G flash disk) .. cant do-release-upgrade from intrepid to jaunty
<pmatulis> language please
 * Boohbah gives pmatulis language
<sgsax> para espanol, pulse 1
<sgsax> pour le franncais, appuyez sur 2
<sgsax> voor Nederlands, druk op 3
<_ruben> hrm .. /boot refuses to get mounted during boot .. both when using uuid and label in fstab
<sub> pmatulis: apt-get install language-pack-en? :P
<sub> _ruben: What does mount say when you try to mount it?
<_ruben> mount: special device /dev/disk/by-label/sys-boot does not exist
<_ruben> its uuid isnt present under by-uuid either
<sub> have you checked dmesg for any pertinent information?
<_ruben> hmm .. blkid shows a different uuid than vol_id
<_ruben> dmesg doesnt show anything obvious
<sub> have you tried mounting it using the partition's device?
<smoser> _ruben, so you see that disk/partition somewhere ?
<smoser> ie, is it in /proc/partitions ?
<Boohbah> sgsax: i've seen roundcube exploited in the wild quite a bit recently
<slestak> SEENNICK cjwatson
<_ruben> smoser: yes, it lists sda1 which is /boot .. its not under /dev/disk/by-{label,uuid} , but it is under /dev/disk/by-id and by-path
<jetsaredim> is there a package for temperature/sensor monitoring for cli?
<smoser> jetsaredim, lm-sensors ?
<sgsax> Boohbah: I don't manage it, my hosting provider provides it
<sgsax> and I rarely use it
<smoser> _ruben, can you mount it  by device ? (not as a permenant solution, just wondering)
<_ruben> yup .. using /dev/sda1 i can mount it just fine
<sgsax> _ruben: bah, then who needs HAL anyway?
<_ruben> pata flashdrive .. onboard sata controllers .. addon raidcard .. dont trust sdXY for my partitions in such cases :)
<RoyK> jetsaredim: type 'sensors'
<RoyK> jetsaredim: you need to setup lmsensors first, though
<jetsaredim> it seems right
<jetsaredim> temperature sensor reporting 30 deg
<RoyK> some of those sensor drivers aren't very good, so try to find the right one for your hardware
<RoyK> but if it works, don't fix it
<jetsaredim> yea
<smoser> _ruben, is it ext[23] filesystem ? does e2label /dev/sda1 report a label?
<Sam-I-Am> anyone here good with building packages?
<Sam-I-Am> trying to figure something out...
<maxb> #ubuntu-motu is packaging help central
<Sam-I-Am> mkay thx
<_ruben> smoser: ext2, and yes it does report a label
<smoser> hm... then i'm of no more help i think.  i just verified that setting a label and then removing it populates /dev/disk/by-label and then removes the entry
<smoser> ie, here that "just works".
<smoser> any messages in dmesg about sda ?
<_ruben> nothing spectacular: http://pastebin.ubuntu.com/255754/
<smoser> maybe udev is hosed...
<smoser> sudo udevadm trigger --verbose --dry-run --subsystem-match=block
<smoser> does that show sda1 ? and maybe try without 'dry-run' to see if that does anything for you
<_ruben> /sys/devices/pci0000:00/0000:00:07.1/host4/target4:0:0/4:0:0:0/block/sda/sda1
<_ruben> no change under /dev/disk/
<smoser> outside of that, i think i'm out of ideas... if udev is up, it "should" be populating that stuff for you.
<smoser> you ran without '--dry-run' ?
<_ruben> yes
<smoser> hm...
<smoser> yeah, i'm out of ideas. sorry
<_ruben> thanks for trying anyway :)
<smoser> one more thing i guess... now i'm just confused
<smoser> sudo blkid
<_ruben> it lists it by uuid and label
<_ruben> yet vol_id lists another uuid
<_ruben> hmm .. vol_id isnt working now
<smoser> what release?
<smoser> it kind of smells like vol_id is borked, which udev would rely on (i think).
<smoser> https://bugs.launchpad.net/ubuntu/+source/udev/+bug/337015
<uvirtbot> Launchpad bug 337015 in udev "vol_id uuid detection regression" [Low,Fix released]
<Psi-Jack> This is odd..
<Psi-Jack> I created my ssh keys from my desktop computer, which is kubuntu-9.04, transferred the keys to my router, added a password there, and then transferred that copy over to the rest of my servers.
<Psi-Jack> When I ssh from my router to my desktop, it asks for the password for the private key, which is expected. When I ssh from desktop to router, it's passwordless, also expected. But when I ssh to any other system in my network, it goes keyboard interactive, not even using the keys.
<sgsax> Psi-Jack: check value of PubkeyAuthentication in /etc/ssh/sshd_config
<Psi-Jack> It's yes
<sgsax> also, different versions of sshd will have a different value for AuthorizedKeysFile
<sgsax> so if there's any question, uncomment that line in the same file and specify the path
<Psi-Jack> Hmm
<Psi-Jack> That's not even in there.
<_ruben> smoser: its a intrepid upgraded to jaunty (pxe env doesnt do jaunty yet) .. prob existed in intrepid as well i think (hoped the uprade to jaunty would fix it as a "bonus")
<Psi-Jack> This is from 8.04->9.04, and 9.04->9.04 it's not working for.
<sgsax> Psi-Jack: see man sshd_config to find the default
<Psi-Jack> Yeah, still no fixing it, so far.
<sgsax> default path should be the same on both releases
<Psi-Jack> Yep.
<sgsax> check in /var/log/auth, see if anything shows up there
<sgsax> or wherever your auth logs show up
<Psi-Jack> Oh. Suddenly NOW it starts working.
<sgsax> heh
<Psi-Jack> Oh one system anyway.
<Psi-Jack> Two systems stil not working with. heh, which is stupidly odd.
<sgsax> I suppose this goes without saying, but if you modified sshd_config on any host, then you need to restart the sshd service
<Psi-Jack> Well, yes, of course.
<sgsax> look in their logs, see if anything helpful turns up
<sgsax> just trying to cover all bases
<Steve[mbp]> Morning everyon!
<Psi-Jack> Oh..
<Psi-Jack> I wonder..
<Psi-Jack> it's the eCryptFS!
<sgsax> hiya Steve[mbp], you must get your coffee early, either that or just naturally cheerful in the morning :)
<Psi-Jack> Heh
<Psi-Jack> Yeah, eCryptFS on the home directory.
<Psi-Jack> Now, the question is, How the frack do I get just the authorized_keys into it non-encrypted?
<sgsax> so the hosts that aren't doing key auth don't have cryptfs loaded?
<Psi-Jack> yes
<Psi-Jack> The reason one started working suddenly, is because I was ssh'ing in a second time.
<Psi-Jack> So the cryptfs home was mounted.
<sgsax> ah
<Psi-Jack> Heh
<Psi-Jack> So, I found one bug in the cryptfs home method!
<sgsax> well done!
<ball> What's a Nagios?
<Psi-Jack> google it.
<Psi-Jack> You'll learn more.
<sgsax> ball: centralized host monitoring system
<ball> Ah okay.
<sgsax> http://nagios.org/
<sgsax> very flexible, very stable
<sgsax> it's what most shops use
<acalvo> sgsax: we've been using horde in my university for a long time
<acalvo> _ruben: I really like roundcube
<acalvo> but I don't think there's a package for ubuntu
<acalvo> (at least not the last time I've searched for it)
<acalvo> and sgsax, Zimbra is a collaborative suite, right?
<sgsax> yep
<sgsax> currently owned by yahoo
<Psi-Jack> Ugh.
<sgsax> new IT management wanted something Exchangey but without Exchange
<acalvo> does horde offers the same?
<sgsax> don't think so, but roundcube does, to some extent
<acalvo> mmm nice then
<sgsax> horde is just webmail frontend to imap
<jmedina> how roundcube compare to exchange?
<acalvo> isn't roundcube the same?
<jmedina> there is horde groupware with more collaboration tools
<sgsax> hrm, guess I haven't looked at roundcube in a while, I thought it also had collab tools
<jmedina> and horde webmail..
<Psi-Jack> OpenExchange is pretty much one of the best.
<acalvo> in the open-source world, I realized everyone thinks X is the best
<Psi-Jack> I said, one of!
<Psi-Jack> Not THE
<acalvo> well, it was an opinion
<jmedina> you really need to try at least 3 solutions and prepare a demo with real mail users....
<Psi-Jack> Precisely.
<sgsax> yeah, that happened by committee here
<Psi-Jack> Bang for buck, More of my clients had been happier with OpenExchange, and were more than willing to pay for it once they saw it in action.
<jmedina> normal users use mail systems different than admins and they also have different requirements
<acalvo> I'm trying to configure a MTA with IMAP and a webclient, and I'm really confused with such a bunch of options there are out there
<sgsax> the rest of us just got stuck with whatever the committee decided on
<sgsax> my big problem is that was aren't even hosting it on campus
<sgsax> we're paying yahoo to host it for us
<acalvo> (I've just found Citadel, which should cover all my expectations...)
<Psi-Jack> Citadel is ... Okay... Not great but okay..
<jmedina> yea...
<acalvo> I'll keep with postfix+dovecot
<acalvo> and all the headaches I'm having
<jmedina> :)
<sgsax> the biggest problem here was that most users were using horde for their primary email client
<sgsax> and it just couldn't keep up with the load, got bogged down real bad
<sgsax> try throwing 20K users at horde for 12 hrs a day on a single server
<sgsax> people were always complaining about lag and downtime, when it was just horde buckling under the weight
<acalvo> well, for 1,5k users on my old server, it work quite well
<sgsax> I'm sure it does
<sgsax> those of us who use a desktop mail client rarely had problems
<sgsax> personally, I only use a webmail client if I have to
<sgsax> because I think they all kinda suck
<acalvo> well, I don't grant my users to have access to the mail thru IMAP/POP3 outside the lan
<acalvo> so, they're stuck with a webmail
<sgsax> ah, that would be a problem
<acalvo> oh, and they complain
<acalvo> but they also complain when the printer does not print, and they do it before checking it it's switched on...
<acalvo> s/it/if
<Psi-Jack> Hmmm.
<Psi-Jack> Are ubuntu's pre-packaged nagios extensions extensive or minimal?
<jmedina> Psi-Jack: you mean nagios plugins?
<Psi-Jack> plugins, yes.
<jmedina> in main there is nagios-plugins-base with base plugins
<jmedina> check the file list http://packages.ubuntu.com/jaunty/amd64/nagios-plugins-basic/filelist
<Psi-Jack> Hmm, basic, yeah..
<Psi-Jack> Most of the very basics. Nothing for postgresql or mysql checks though.
<jmedina> :)
<jmedina> you can help packaging those plugins
<Psi-Jack> Aight, guess I'll add those manually then.
<Psi-Jack> Heh yea.. When I re-learn dpkg all over again.
<jmedina> and help other future users
<Psi-Jack> I haven't used deb/ubunutu in years..
<jtimberman> mathiaz: updated packages yesterday/last night with some more goods.
<jmedina> there is nagios-plugins-extra which only has check_fping and check_game...
<Psi-Jack> Heh yeah.
<Psi-Jack> WTF is check_game? LOL
<Psi-Jack> This plugin tests game server connections with the specified host.
<Psi-Jack> Oh.. My... I suddenly feel stupider by looking into that.
<mathiaz> jtimberman: yop - reviewing them now
<jtimberman> thanks!
<Psi-Jack> Well, hmm, it has check_pgsql, but it's very basic looking so far.
<Sam-I-Am> mathiaz: you around?
<mathiaz> Sam-I-Am: yop
<Sam-I-Am> mathiaz: can you tell me what inside the openldap deb src package... or any package for that matter... determines which files from the original source tree get dumped into debian/build ?
<Sam-I-Am> i'm trying to get nssov moved under debian/build... but can't seem to figure out whats handling that
<Sam-I-Am> i'm also troubleshooting that nssov load failure... dynamic lib loader claims file not found, but its there... thinking the lib is borked.
<Sam-I-Am> i noticed in nssov.la that the libpath points to /usr/local/libexec/openldap instead of /usr/lib/ldap ... not sure how much it matters, but its something i'm going to change before rebuilding
<mathiaz> Sam-I-Am: the builddir is set in debian/rules
<mathiaz> Sam-I-Am: right - I'd first focus on getting the nssov building fixed
<Sam-I-Am> yeah, which is debian/build for openldap... but how does it know which files from the source tree to move in there?  in other words, i see it copying server, client, doc, etc... but not contrib... which probably explains why nssov is getting built outside of the tree
<mathiaz> Sam-I-Am: moving the nssov build to debian/builddir can be looked at the following step
<Sam-I-Am> sure
<Sam-I-Am> i'm just curious how stuff gets in there...
<Sam-I-Am> i'm planning to fix the loading issue first
<mathiaz> Sam-I-Am: right - contrib are not integrated in the main build process
<Sam-I-Am> i dont see a bug for it btw... wondernig if i should create one and assign myself to it
<mathiaz> Sam-I-Am: sure
<mathiaz> Sam-I-Am: look a the configure-stamp target in debian/rules
<Sam-I-Am> mmkay
<mathiaz> Sam-I-Am: It seems that the upstream build scripts/infrastructure already supports building out-of-the tree
<Sam-I-Am> ok, then we'd have to manually clean the temp build files because dh_clean won't hit it, right?
<mathiaz> Sam-I-Am: yes
<mathiaz> Sam-I-Am: that seems the best option for now
<Sam-I-Am> ok, i wrote a patch for that already
<Sam-I-Am> for debian/rules
<mathiaz> Sam-I-Am: and the build infrastructure from openldap doesn't support the contrib/
<Sam-I-Am> k
<mathiaz> Sam-I-Am: this is probably an Ubuntu specific patch
<Sam-I-Am> yes, since deb doesnt do nssov
<mathiaz> Sam-I-Am: as Debian doesn't build the nssoverlay
<mathiaz> Sam-I-Am: to submit it to Ubuntu I'd suggest to use the bzr package branch
<Sam-I-Am> ok, i havent done that before
<mathiaz> Sam-I-Am: https://wiki.ubuntu.com/DistributedDevelopment/Documentation/
<mathiaz> Sam-I-Am: ^^ this is the documentation
<mathiaz> Sam-I-Am: it's still a work in progress but should cover the whole workflow
<mathiaz> Sam-I-Am: if you run into problems, ask me or james_w (in #ubuntu-devel)
<Sam-I-Am> sure, no prob
<mathiaz> Sam-I-Am: that will help us flesh the documentation
<mathiaz> Sam-I-Am: that will help us flesh out the documentation
<Sam-I-Am> i've been troubleshooting a prod issue all day so it'll be a bit before i can get back to the nssov thing
<Sam-I-Am> kinda sucks when your VMs are getting maybe 6 mbit/s disk io
<luckyone> hello all - can anyone help me figure out why I have a really high io wait (wa%) listed in top?
<luckyone> I want to find the offending process, if possible
<giovani> luckyone: sure, I can help with that
<luckyone> giovani: thanks! is there a way to sort top by wa%?
<giovani> wait time isn't measured per-process
<giovani> only total
<luckyone> some of the threads I have read point to incorrect RAID setup, but none were specific on what needs to be set
<giovani> can you run a "ps aux" and pastebin the output?
<luckyone> sure
<giovani> sudo ps aux that is
<giovani> (or run in a root shell, either way)
<luckyone> sure thing
<luckyone> opening a new, non-screen ssh connection...
<luckyone> (this takes forever now...)
<luckyone> so long in fact, ssh times out
<giovani> yeah, to be expected
<giovani> do you have an existing session?
<luckyone> I do, I can't virtually scroll up in my screen session
<luckyone> command is running
<giovani> you can
<luckyone> will pastebin in just a minute
<giovani> ctrl-a [
<giovani> will enter scrollback mode
<luckyone> right, you can - I can't (forgot how)
<giovani> ^^
<uvirtbot> giovani: Error: "^" is not a valid command.
<giovani> why not just redirect the output to a file, and then less, or pipe directly to less
<giovani> either way will work
<luckyone> yeah, totally
<giovani> the bottom line with really high io wait time
<giovani> is that either the disk is nearly dead
<giovani> or HEAVILY fragmented
<luckyone> http://pastie.org/588833
<giovani> or, you're simply doing really heavy i/o operations, and very low cpu operations -- so the ratio gets out of balance, and the cpu ends up waiting for the io operations
<giovani> (or you have some fringe case where it's a bad driver, etc)
<luckyone> well, the disk the OS is using is a CF drive running an ext2 filesystem
<giovani> heh
<luckyone> but, this is a recent problem - post upgrade to jaunty
<giovani> sounds like a failing cf
<luckyone> crap, I hope not
<giovani> cfs have really short wite lifespans
<luckyone> like how short?
<giovani> like, each sector can be written max a few thousand times
<giovani> which is why you generally don't put actively changing filesystems on them
<giovani> i.e. filesystems where logs are written
<luckyone> right - that was why I put ext2 on it
<giovani> right ... but if you're writing a log file once per second ...
<giovani> you'll quickly burn up those sectors
<luckyone> yeah...
<luckyone> damn..
<giovani> I can't be sure that it's the cause
<giovani> but it's the most likely
<luckyone> ok
<giovani> I can run some tests with you
<luckyone> sure thing
<giovani> first run "vmstat 5 5"
<luckyone> do they make SSD drives that are compact flash form factor?
<giovani> then run "iostat"
<Vog> Yep that happened to me when I used a cf to store logs on a firewall box...
<giovani> luckyone: no ... that's too tiny
<luckyone> dang it
<giovani> luckyone: they do have microdrives
<giovani> which are super-tiny hard drives in the CF formfactor
<luckyone> low power too?
<giovani> relatively, yes
<giovani> what is the box, if you don't mind me asking
<luckyone> MSI Wind
<giovani> I mean, what's its function?
<luckyone> it is a 1 TB RAID 1 nas
<giovani> and why are you using a CF?
<luckyone> so the drives can completely spin down when not active
<giovani> why is the CF formfactor so important?
<giovani> what would be bad about using some tiny, cheap IDE/SATA drive for the OS?
<luckyone> I am out of room for regular drives
<luckyone> I have a CF slot on mobo
<giovani> ohh, wait
<giovani> the wind
<giovani> this is a netbook
<luckyone> nettop
<giovani> que?
<luckyone> giovani: http://www.newegg.com/Product/Product.aspx?Item=N82E16856167037
<giovani> ah ok
<luckyone> the older version... I have the N270 atom chipset
<luckyone> not the 330
<giovani> ok
<giovani> did you run the commands I asked?
<luckyone> http://pastie.org/588863
<Clas> Trying to install Ubuntu 9.04 server 64bit version but installer stops and unable to install grub to hd0, centos installed grub ok but i dont like centos, anyone with some hints?
<Clas> if i in the installer change to lilo, lilo installs ok
<cemc> hi. is it possible to boot from an ubuntu cd but to do a netinstall? I mean to get the packages from the network instead of the cd ?
<Clas> Its a clean install with default partitions
<luckyone> giovani: http://pastie.org/588863
<giovani> luckyone: yeah ... your iowait isn't incredibly high, honestly
<giovani> I mean ... 10-20% shouldn't make the box unusable
<giovani> unless the disk is dying
<giovani> which it probably is
<luckyone> son of a
<luckyone> the cf drive is only like .75 years old
<giovani> cemc: cemc yep -- http://archive.ubuntu.com/ubuntu/dists/jaunty/main/installer-i386/current/images/netboot/mini.iso
<giovani> luckyone: if you have system logs writing to it ... that's not old
<giovani> CF drives are very very cheap
<giovani> they're designed for write-once read-many storage
<giovani> Clas: this is a grub error, unfortunately -- it's sometimes caused by a misunderstanding of which drive hd0 is
<giovani> Clas: which install cd did you use?
<Clas> giovani ubuntu-9.04-server-amd64.iso
<Clas> in patitioning the drive i just chose guded with lvm
<Clas> and accepted the default
<giovani> Clas: do you have multiple hard drives in the machine you're installing on?
<Clas> giovani its a promise sata raid with one 1.5 tb raid5 array made from 4 500gb disks
<luckyone> giovani: if you had a cf port available, what would you put in it as your disk for /
<RoyK> some 8GB CF card would do well
<giovani> RoyK: nope ... we've already discussed this
<RoyK> depending on how much stuff you need installed, obviously, and how much swap
<RoyK> ah
<giovani> luckyone: I'd use a microdrive if the CF slot was my only option
<RoyK> giovani: sorry :)
<giovani> RoyK: you clearly haven't worked with CFs much -- they're not useful for constantly written filesystems
<giovani> like a typical *nix /
<RoyK> giovani: microdrives aren't in production anymore
<Clas> as it works with lilo is it ok to use it instead of grub or will i have troubble later on?
<RoyK> also, CFs are quite usable for a rootfs
<RoyK> there is built-in wear-leveling on all the recent (3+ years old) ones
<RoyK> also, if in panic, mirror two
<giovani> RoyK: he has one slot, period
<giovani> no other disk options
<RoyK> then use one - the chance for an error in other stuff than logs is minimal
<RoyK> only the logs and perhaps tmp are written to
<giovani> and I'm not aware of any decent wear-leveling in use on standard consumer CF cards
<RoyK> what is this? a file server?
<giovani> RoyK: he has what I assess to be a failing CF disk right now
<giovani> this is a file server, with the root partition stored on the CF
<cemc> giovani: thanks
<RoyK> with heavy logging, and with the logs on the root, lots of stuff will be written
<RoyK> I'd do network syslog and no local for such a task
<giovani> exactly
<RoyK> or at least nothing like debug/info/notice
<giovani> or use ramdisk for it
<RoyK> yeah
<RoyK> erm
<luckyone> ramdisk - link plz
<RoyK> that is - ramdisk + udp
<RoyK> ramdisk alone seems a little waste
<RoyK> luckyone: mke2fs /dev/ram0 && mount /dev/ram0 /var/log
<RoyK> for instance
<giovani> might want to look at tiny core linux
<RoyK> you can set the max size, normally 64 megs, as a kernel option or an option upon loading the kernel module
<RoyK> although ramdisk is hardlinked in ubuntu, so you need a boot option
<RoyK> see ramdisk= in man bootparam
<AdamDV> Hello, anyone active?
<AdamDV> I am wondering how to backup user mail using maildirs with postfix and dovecot?
<luckyone> the machine has tons of ram for what it is being used for
<luckyone> this is not recommended - http://www.memorysuppliers.com/hi4gbmi4cofl.html
<henkjan>     
<AdamDV>  
<luckyone>  
<RoyK>  
<AdamDV>  
<RoyK> nice price - $45 for 4GB
<luckyone> better option?
<RoyK> a good sandisk card
<RoyK> and reduced amount of writes to the root
<RoyK> put /tmp and /var/log on ramfs
<RoyK> for a fileserver, those two are the only ones written to
<RoyK> except /home and /root when someone logs in
<RoyK> and they can be other places
<RoyK> put /home on something large, keep /root as it is, on the root, but don't use it
<RoyK> if found of putting source code under /usr/src, put that on spinning drives
<RoyK> setup network syslog (*.* @somehost in /etc/syslogd.conf) and allow just critical stuff to be written locally, perhaps also warnings, but then to a ram drive
<giovani> AdamDV: it's no different than backing up other files
<giovani> maildir uses directories and files ... back them up however you'd like
<RoyK> luckyone: wouldn't this be quite sufficient?
<AdamDV> giovani: So, I can just copy off the releavant /home/user/mail folders
<AdamDV> and then copy them back?
<luckyone> ok, so - I should buy a new flash drive, then move my partitions so that only extremely static things are on /
<giovani> AdamDV: you mean in the event of an outage?
<giovani> why would you copy files back unless the originals were gone?
<AdamDV> I'm re-installing, and need to backup mail.
<giovani> oh, yes
<RoyK> luckyone: that's my choice - get something from sandisk - that's good stuff
<giovani> just copy them
<AdamDV> That would work then?
<RoyK> a little more expensive, but good, and fast
<giovani> AdamDV: as long as you copy everything, yes
<luckyone> RoyK: will you shoot me a link or an email of what /etc/fstab should look like?
<AdamDV> I see.
<AdamDV> Okay, thanks.
<RoyK> luckyone: make sure to mkfs those ram drives you need at boot time (/etc/init.d/something). after that, just mount /dev/ram0 /some/place (or ram1 or ram2....)
<RoyK> set ramdisk size to the size you want (man bootparam)
<RoyK> the ramdisk size isn't allocated statically like it was in the old days, it's just copy-on-write as always
<luckyone> I may just by another box to be my NAS....
<RoyK> luckyone: try opensolaris :)
<RoyK> that stuff rocks
<giovani> uh
<RoyK> at least for storage
<giovani> please don't use zfs
<giovani> it's not stable
<RoyK> it's rock fucking stable
<giovani> it's absolutely not
<RoyK> I have a dozen servers running 24x7 on ZFS
<giovani> I have a friend running a 100TB+ farm
<RoyK> it's _really_ stable
<RoyK> well, we only have some 70TB or so
<RoyK> not a hitch
<RoyK> giovani: what happened to him?
<RoyK> were using RAIDZ and one drive failed and then checksum on another while rebuilding? :)
<giovani> he used raidz as well
<RoyK> /that's/ quite common, but not really ZFSs fault
<giovani> he had some corruption issues
<giovani> he runs a backup company
<giovani> that wasn't acceptable
<giovani> he moved back to Areca RAID cards
<giovani> which are rock-solid
<RoyK> usually that's what happens - one drive goes down, replace the drive, rebuild, there's an error
<giovani> yep, and that might be fine for generated data
<RoyK> Areca doesn't tell you about data loss with those sort of failures
<giovani> but not for critical backup data
<RoyK> normal RAID systems just corrupt the file
<giovani> RoyK: if you're checksuming your files you know
<RoyK> raidz/zfs tells you
<giovani> he's found them to be rock-solid
<giovani> I trust his opinion -- since he has a very large setup
<RoyK> that's why you should use raidz2
<giovani> 2 racks full
<RoyK> similar to raid6 with checksums
<RoyK> two racks for 100TB?
<RoyK> I get 20TB into 4U with RAIDZ2
<giovani> I said 100+
<RoyK> including a root and some SSDs for caching
<luckyone> do you guys recommend a cheap NAS
<giovani> I'm not sure of his total size right now
<luckyone> standalone device?
<giovani> it's probably nearing 200TB
<RoyK> luckyone: I recommend lots of drives, a fast SSD or two and opensolaris
<giovani> luckyone: what do you mean? a commercial product? or a platform for you to put linux on or what?
<RoyK> giovani: in my setup, 200TB fits into 40U, one rack :)
<RoyK> erm
<RoyK> yes
<giovani> RoyK: using what size drives? this wasn't built yesterday, it's grown over 5 years
<luckyone> commercial product, doesn't need to run linux
<giovani> luckyone: depends on your budget
<luckyone> < $200
<luckyone> RAID 1
<luckyone> I have the drives
<giovani> no idea
<RoyK> giovani: opensolaris with raidz2 on supermicro boxes, 20TB in 4U, usable size
<giovani> RoyK: I asked what size disks ...
<RoyK> 1,5TB
<giovani> ok, so there you go
<giovani> that's a MODERN drive
<giovani> his business has grown over 5 years
<giovani> he doesn't just drop all old storage
<giovani> so the older stuff is less dense, obviously
<RoyK> since there are 15 _data_ drives in a RAID set, this thing will be FAST even if the drives are just 7200rpm
<RoyK> also the SSD caching in ZFS is quite fancy
<giovani> RoyK: who's arguing speed? of course it's fast
<giovani> you're arguing about what fits in a rack
<giovani> which is a product of the size of the drives more than anything else
<giovani> which has changed drastically over the years
<RoyK> I just dismissed an old NetApp at work
<RoyK> 4+3+3+3U with a total of 2TB usable space
<giovani> good for you? heh
<RoyK> :)
<giovani> NetApps are overpriced, but rock-solid
<error404notfound> when i upgrade a server, how do i know it needs a reboot?
<giovani> and if storage isn't your core-competency ...
<RoyK> giovani: ZFS is rock solid as well
<giovani> error404notfound: if you installed a new kernel
<RoyK> it really is
<giovani> RoyK: that's not everyone's experience
<RoyK> but using raidz is not good
<giovani> anyway, if storage isn't your core competency
<RoyK> raidz2 can take a two-drive-failure
<giovani> it's best to outsource to a company that does it for a living
<error404notfound> giovani, hmmm, and what if i dont reboot?
<RoyK> using raidz is NOT good
<giovani> error404notfound: then you don't run the new kernel you installed
<giovani> for example, my company
<error404notfound> giovani, thats not a problem, uptime is what i need :P
<giovani> is not full of storage experts
<error404notfound> to brag :D
<RoyK> giovani: I bet you what happened was your friend used raidz (single parity), one drive failed, and during rebuild, things fucked up
<giovani> error404notfound: that's a shame -- you're probably missing out on security fixes
<error404notfound> giovani, :D
<error404notfound> kidding
<giovani> RoyK: I don't know the details, I'm betting not, but there's no point in betting
<RoyK> giovani: no single-parity-solution can do that
<giovani> of course not
<giovani> let's stop -- you're trying to guess
<RoyK> well, Sun is using raidz in their NetApp-priced solutions
<RoyK> Sun is using opensolaris in that
<giovani> good for them, they're not NetApp
<RoyK> or something similar
<RoyK> giovani: give me the details of how things broke and why it is Sun's fault and I might beleive you - just saying "it's not stable, but I don't know the details" is outright stupid
<giovani> it's not stupid -- it's offering the fact that alternate experiences exist, without having the details
<giovani> if you don't want to listen, by all means ... don't
<RoyK> please
<RoyK> if I tell you ubuntu is worthless because a friend of mine had a server crash and I can't come up with any details, wouldn't that be a rather stupid thing for me to say?
<Faust-C> i wonder why no one can learn to accept others differences w/o resorting to name calling etc
<Faust-C> RoyK, actually everyone is quite aware of opensolaris' instability, even Sun themselves
<RoyK> Faust-C: strange thing they use it for their storage solutions, then
<Faust-C> their not banking on stability as much as they are banking on just trying to get people to switch because its new and innovative and does have some benefits compared to other solutions
<Faust-C> RoyK, show me any solution that is fail proof
<Faust-C> there is none
<RoyK> Faust-C: can you document opensolaris' instability?
<Faust-C> windows is highly unstable yet ppl use it everyday
<Faust-C> RoyK, no but i can provide you with resources in regards to that
<Faust-C> their wiki, forum and irc room all are based around ISSUES
<RoyK> Faust-C: for instance, Solaris 10 has nothing like dedup and in-kernel cifs. in-kernel cifs is in opensolaris, and dedup comes in february
<RoyK> Faust-C: and ubuntu and ext-fucking-3 is so much better than zfs? gimmi a break
<RoyK> I know linux pretty good, having worked with it daily for 10 years
<Faust-C> does it really matter which is better or matter what means more to you
<Faust-C> if it meets your needs then ok, if not oh well
<RoyK> don't misunderstand - we have more linux servers than solaris servers
<luckyone> I can get a microdrive for 20.00
<RoyK> I'm just saying that for storage, opensolaris is way ahead of linux
<Faust-C> RoyK, i have found areas that linux servers havent been able to fill
<Faust-C> RoyK, and i agree tbh
<luckyone> would putting / on that be a simple and effective solution?
<Faust-C> zfs is a amazing technology
<Faust-C> and thanksfully Sun made it opensource
<Faust-C> luckyone, yeah
<Faust-C> luckyone, can i suggest a alternative
<RoyK> luckyone: erm, I'd use an SD drive and move the writing to something like a ram drive or the data drives
<Faust-C> luckyone, http://www.transcendusa.com/Products/CatList.asp?Func1No=1&FldNo=18
<RoyK> luckyone: you can use the data drive set for /var and /tmp and stuff if you don't want ram drives
<Faust-C> luckyone, i used the ide flash module and i love it
<Faust-C> makes OS faster while data is safe on a raid setup
<RoyK> luckyone: the microdrive will also die, but when it does, it'll most likely DIE,
<luckyone> gotcha
<RoyK> Faust-C: he only has a CF slot available
<luckyone> microdrive is not perm
<Psi-Jack> Hmmm.
<Faust-C> oh well they have CF cards as well
<luckyone> I need to look into ramdisk
<RoyK> CF cards work well
<Faust-C> luckyone, keep it simple
<RoyK> luckyone: and you have data drives - use them for /var and /tmp and so on
<Faust-C> dont go off on a tangent, keep it simple period
<giovani> luckyone: no drives are forever
<Psi-Jack> I've always wondered about this, but in some many cases, lm-sensors stuff, reports that.. For example, the min fan1 speed should be -1 RPM, div = 8.. Why the heck is it -1 and what's div for?
<giovani> luckyone: microdrives will fail before most normal hard drives
<RoyK> or if you don't want to repartition, dd if=/dev/zero of=/storage/var bs=1M count=10k
<giovani> but long after a CF if you're writing to it
<RoyK> and mkfs on that one
<RoyK> mont it on /var
<RoyK> done
<RoyK> giovani: most CFs today can take 100k write ops
<RoyK> _per_sector_
<RoyK> with wear leveling, that means _for_years_
<RoyK> unless you use it for something doing very heavy logging
<Faust-C> wow
<RoyK> but don't use heavy logging
<Faust-C> i didnt know that, thanks for the info RoyK
<Faust-C> use network logging server
<RoyK> yeah, and perhaps log WARN and CRIT and so on to a file
<Psi-Jack> rsyslog FTW!
<RoyK> *.* @logserver in syslog.conf
<RoyK> syslogd -r
<Psi-Jack> @@ would be better.
<RoyK> :Ã¾
<Psi-Jack> UDP is so unreliable. :p
<RoyK> why?
<RoyK> not really on LANs
<RoyK> is @@ over tcp?
<Psi-Jack> Yes, really, even on LANs.
<Psi-Jack> Yep
<RoyK> not all syslogd versions support tcp, though
<luckyone> gentlemen, thanks for the info - I have to go hop on a demo
<Psi-Jack> RoyK, So, use only those that do. D'uh. Or even better use RELP.
<luckyone> I will be back later to figure out how to not be so stupid
<luckyone> ramdisk for logging/etc definitely makes sense
<RoyK> Psi-Jack: udp works well on LANs
<luckyone> because I have tons of ram
<RoyK> Psi-Jack: and I don't syslog over the internet
<Psi-Jack> RoyK, Well, but not perfect, and without any type of guarantee.
<Psi-Jack> Yes, I have seen, even over UDP over a LAN, messages being lost.
<RoyK> Psi-Jack: how much data loss would you get over a full-duplex switched network?
<giovani> depends on the network obviously
<giovani> and the quality of the network gear
<Psi-Jack> RoyK, How heavilly loaded are the servers? How much logging occurs?
<Psi-Jack> Yes, and what is the quality of the network gear, and recieving server?
<RoyK> data loss on ethernet is in 99,99999999999% a full/half duplex problem or bandwidth problem, and with most networks at gigabit speed today...
<RoyK> duplex problems suck
<RoyK> and have always done
<Psi-Jack> I even have a Gigabit network at home, but it's still possible to have issues. ;)
<maswan> RoyK: go to 10GE, no half duplex there. :)
<RoyK> maswan: not on 1GE either
<RoyK> only 10 and 100 supports that stuff
<Psi-Jack> Heh
<RoyK> it came from 10 with coax, and was obsoleted with TP on 100Mbps, but kept for compatibility (for what reason???)
<RoyK> I've spent some hours debugging duplex problems with 100Mbps
<RoyK> it sucks rather hard
<Psi-Jack> Anyway, Different topic
<Psi-Jack> lm-sensors!
<Psi-Jack> What's up with weirdness in some computers' sensors?!
<sgsax> lack of standards and low-quality sensor chips
<Psi-Jack> I've always wondered about this, but in some many cases, lm-sensors stuff, reports that.. For example, the min fan1 speed should be -1 RPM, div = 8.. Why the heck is it -1 and what's div for?
<Psi-Jack> That's from an HP desktop mini-tower.
<Psi-Jack> Hehe, wierdness.
<Psi-Jack> Apparently this same system, people had problems using the two SATA connectors on it, because BIOS itself didn't even support SATA at all.
<sgsax> nice
<sgsax> I've always had a dislike for HP desktops & laptops
<sgsax> compaq too, for that matter
<Psi-Jack> Heh, Yeah.
<Psi-Jack> I have a P3 730Mhz Compaq desktop model, I can't boot without having some kind of keyboard attached. No way to stop the error about lacking keyboard!
<Psi-Jack> Tis okay though. It's just my authentication server. ;)
<RoyK> Psi-Jack: usually lm-detect or whatever it's called finds several drivers that "match" and only (if lucky) one of them really work
<RoyK> s/$/s/
<Psi-Jack> Heh
<Psi-Jack> Great!
<RoyK> sensors-detect
<Psi-Jack> So sensors is about pretty welll useless in some cases, or are just plain unreliable in almost every case.
<RoyK> try different versions of those that look somehow the same
<RoyK> Psi-Jack: just spend some minutes to see if you can get good results from a driver. Usually you can
<RoyK> but not always
<Psi-Jack> Heh
<Psi-Jack> I usually just ran sensors-detect, made it go through everything, hit enter, to accept, blindly, and when it's done, I run it and see what the results are.
<maswan> RoyK: No, there is half duplex in GE
<maswan> RoyK: but autoneg is mandatory
<maswan> RoyK: very early there was actually gige hubs
<RoyK> Psi-Jack: as far as I have seen, the output, including errors, has been reproducable, so you can probably trust something that works now
<RoyK> wtf!
<RoyK> gigabit HUBS?
<Psi-Jack> Heh
<RoyK> you have to be quite drunk _and_ stoned to make something like that
<RoyK> from http://en.wikipedia.org/wiki/Gigabit_ethernet "Half-duplex gigabit links connected through hubs are allowed by the specification but in the marketplace full-duplex with switches are normal."
<maswan> RoyK: well, gige as a standard is actually quite old, and this was from the time where a 100Mbit switch was significantly more expensive than a 100Mbit hub
<RoyK> anyway - I've never seen half duplex in gigE
<RoyK> I've hardly seen 100Mbps hubs as well
<maswan> no, me neither, I just know that the hubs existed briefly, and it is yet another case of a thing that should have gone away
<RoyK> they were quite early
<RoyK> around the 100Mbps days, switches became quite normal
<RoyK> last time I was using hubs in production, was back in 1996 or so while replacing a thin coax ethernet setup with a 3com-crap-hubs-but-although-twisted-pair-setup
<maswan> yeah, I'm not sad to see them gone
<sgsax> all lm-sensors can get of my desktop mobo is CPU core temp
<Faust-C> hmm lm-senses
<Faust-C> sgsax, depends on the mobo as well and if the fans support controlling etc
<sgsax> personally, I'm more interested in temps than controlling fans
<Psi-Jack> Yeah, fan speeds, and temps
<cemc> I have a qlogic adapter on an ibm blade center, and ubuntu won't boot, it just drops me initramfs shell. any ideas?
<cemc> I've downloaded the firmware, copied it in /lib/firmware and did a rmmod/modprobe qla2xxx, but it still can't find it
 * jmedina needs to try ubuntu on ibm bladecenter :S
<artillerytx> Hey guys i can't figure out how to get a subdomain to work
<artillerytx> sometimes it works sometimes it doesn't... any ideas?
<KillMeNow> for DNS?
<artillerytx> bind
<KillMeNow> yea, it's easy
<KillMeNow> if you are SOA for a main domain, it's just a IN A record addition
<KillMeNow> so it would look like this as part of your zone record
<artillerytx> well i created an A name record and then created a virtual server with that domain name
<KillMeNow> subdomain    IN    A       <IP ADDRESS>
<KillMeNow> did you do a rndc reload?
<KillMeNow> or /etc/init.d/bind restart ?
<artillerytx> yeah in my wwmcd.org .hosts file i added swot.wwmcd.org IN A <IP ADDRESS>
<artillerytx> yeah i thought i did
<artillerytx> i can try the rndc reload
<KillMeNow> don't need the wwmdd.org as part of your IN A record
<KillMeNow> just the swot
<KillMeNow> you will need to reload the bind server to populate the subdomain
<artillerytx> whats the command to do that
<KillMeNow> rndc reload
<KillMeNow> or /etc/init.d/bind9 reload
<artillerytx> it tells me rndc: connect failed 127.0.0.1#953: connection refused
<artillerytx> killmenow the only place i have 127.0.0.1 in my ifconfig is for the lo
<uvirtbot> New bug: #413211 in lsb (main) "lsb_release crashed with ImportError in <module>() (dup-of: 383697)" [Undecided,New] https://launchpad.net/bugs/413211
<uvirtbot> New bug: #413077 in ubuntu "lsb_release crashed with ImportError in <module>() (dup-of: 383697)" [Undecided,New] https://launchpad.net/bugs/413077
<uvirtbot> New bug: #415352 in lsb (main) "lsb_release crashed with ImportError in <module>() (dup-of: 383697)" [Undecided,New] https://launchpad.net/bugs/415352
<artillerytx> how do you see the owner of a file
<artillerytx> ls -l
<uvirtbot> New bug: #415515 in lsb (main) "apÃ³s update do 9.04 para o 9.10, no boot apareceu "!" (dup-of: 383697)" [Undecided,New] https://launchpad.net/bugs/415515
<uvirtbot> New bug: #413855 in lsb (main) "lsb_release crashed with ImportError in <module>() (dup-of: 383697)" [Undecided,New] https://launchpad.net/bugs/413855
<artillerytx> So anyone know how i can fix this
<KillMeNow> sorry, work called
<artillerytx> Its coo
<KillMeNow> ls -la will do it too Art
<KillMeNow> i aliased ll to ls -la
<KillMeNow> in .bashrc
<artillerytx> Did you see what i said about when i run rndc
<artillerytx> - rndc: connect failed: 127.0.0.1#953: connection refused
<KillMeNow> so you can edit your .bashrc and add alias ll='ls -la'
<KillMeNow> yea, you need to set up your config for rndc key
<KillMeNow> just do the /etc/init.d/bind9 restart
<artillerytx> k that worked
<KillMeNow> if you google that specific error you will find TONs of how to fix that error articles
<artillerytx> yeah i see a ton but im not too sure what im supposed to do i can't find that conf. file
<choppy> Hello all, could use some help with a raid issue
<KillMeNow> updatedb
<KillMeNow> then do a locate
<KillMeNow> locate <filename>
<choppy> Everything with my raid works, except I don't have links in /dev/disk/by-uuid for my /dev/md0 and /dev/md0p1 devices.
<KillMeNow> if it's a hardware raid I may help, don't dink much with software raids
<choppy> I'm using 9.04
<choppy> any ideas?
<artillerytx> i can run rndc-confgen to generate rndc.conf and copy that to named.com?
<KillMeNow> i did mine by hand
<KillMeNow> so ummm, yea...  don't know if doing the rndc-confgen will do that
<KillMeNow> sounds right tho
<KillMeNow> did you google and find a walk through?
<artillerytx> http://ubuntuforums.org/showthread.php?t=281393
<artillerytx> i ran rndc-confgen and its just sitting there
<giovani> choppy: you don't need UUIDs for md devices
<giovani> choppy: you won't be able to mount them via UUID anyhow
<mathiaz> kirkland: hey - what do you think about the dh-make init script template?
<mathiaz> kirkland: /usr/share/debhelper/dh_make/debian/init.d.lsb.ex
<choppy> I use to mount them that way in 6.06
<mathiaz> kirkland: does it use the status code you've added to the lsb package?
<giovani> choppy: there's no reason to
<giovani> choppy: md devices don't work the way regular drives do where they can come up in different orders
<giovani> md0 will be md0
<giovani> it's why they're being mounted that way
<choppy>  I was wanting to avoid a posible name overlap if a brought in another md0 from another system.
<choppy> or that was my thinking, might be flawed.
<choppy> I guess the kernel won't try to assemble it if it's not listed in /etc/mdadm/mdadm.conf though
<choppy> Thanks for the respone giovani
<Psi-Jack_> Okay. So, if I took the deb-src packages of linux-igd from 9.04, how would I compile that into a deb for 8.04 since linux-igd was completely skipped in hardy.
<Psi-Jack_> ?
<KillMeNow> ART:  http://www.linuxforums.org/forum/servers/6406-rndc-connect-failed-connection-refused.html
<artillerytx> I added whatever rndc-confgen gave me to /etc/bind/named.conf
<KillMeNow> check that link out for the rndc connect failed
<artillerytx> and rndc reload still doesn't work
<Psi-Jack_> Anyone able to help me with that?
<kirkland> mathiaz: i saw it for the first time today, actually, reviewing condor
<mathiaz> kirkland: and what's your opinion on it?
<mathiaz> kirkland: IIUC it doesn't include your code for checking the status of a process?
<kirkland> mathiaz: yeah, it crossed my mind to suggest to the maintainers to add that
<uvirtbot> New bug: #416155 in bacula (universe) "package bacula-director-mysql 2.4.4-1ubuntu5 failed to install/upgrade: el subproceso post-installation script return output code  error 1" [Undecided,New] https://launchpad.net/bugs/416155
#ubuntu-server 2009-08-20
<uvirtbot> New bug: #416182 in nut (universe) "nut init script reports incorrect status" [Undecided,New] https://launchpad.net/bugs/416182
<oh_noes1> Does mkpasswd exist in Jaunty?
<oh_noes1> Im trying to set a bunch of users password automatically in a script
<KillMeNow> yes it does
<KillMeNow> it's in /usr/bin
<oh_noes1> I installed minimal OS .. it's not in there
<oh_noes1> what Package do i need?
<pmatulis> oh_noes1: whois
<oh_noes1> thanks
<giovani> we need a bot that uses packages.ubuntu.com
<giovani> to provide such answers
 * ball does battle with 20 Gbytes of files where people have polluted the filenames with + & and ' etc.  I thought whitespace in filenames was bad enough!
<PhotoJim> ... \ is your friend :)
<twb> Or emacs, or find -exec
<ball> PhotoJim: someone just mentioned that to me as being related to tab completion, which I'm not used to
<ball> ...not even sure I have it in my shell.
<twb> ball: which shell?
<ball> twb: Bourne afaik.  Let me check.
<twb> You mean ksh?
<giovani> a shell without tab completion is ... a worthless shell
<twb> giovani: posh has value!
<PhotoJim> ball: tab completion is a godsend.  bash supports it.
<giovani> of course, bourne != bash
<giovani> and bourne didn't have tab completion
<giovani> twb: I had to google posh
<giovani> twb: I've never heard it abbreviated that way
<ball> I'm not keen on bash.  This /could/ conceivably be ksh, but the manpage doesn't say.  I've always assumed it was Bourne.  It's /bin/sh on a NetBSD host (that I'd like to get Ubuntu Server on)
<twb> giovani: er, apt-get install posh
<giovani> twb: oh ... a different posh
<giovani> thank god
<giovani> I thought you meant Microsoft Power Shell -- which is what google resulted
<twb> ball: oh, I assumed you meant an Ubuntu box, where bourne isn't available
<ball> I would like to get Ubuntu Server on there, but it's a production server so I have to be careful about the transition
<PhotoJim> ball: this might be something to increase your keenness for bash, then.
<twb> ball: it wouldn't surprise me at all if /bin/sh had no completion -- it's not really intended for interactive use, after all
<ball> twb: I've used it for ten years easilly
<ball> ...and that's assuming I didn't use it on unix prior to NetBSD
<giovani> netbsd (now, at least) uses csh as its default shell iirc
<ball> NetBSD doesn't have a default shell
<ball> (even for root)
<ball> brb
<giovani> it doesn't?
<twb> That doesn't make sense
<giovani> http://mail-index.netbsd.org/tech-userlevel/2006/09/18/0008.html
<giovani> this claims that csh is indeed the default shell on netbsd (for non-root users)
<ball> giovani: that's probably very out of date.  I know that the installer asks you which shell to use for root and I always specify a shell for individual users as I create them.
<ball> Not sure I ever tried creating a user without specifying a shell
<ball> Perhaps I'll try that.
<giovani> ball: very out of date? I really don't think so
 * ball shrugs
<ball> Like I said, the installer asks.
<twb> Eh, who cares?
<ball> What does Ubuntu Server use as its default shell?
<giovani> ball: bash
<ball> giovani: Hmm... okay.
<PhotoJim> as far as I know, all Linuxes use bash as default.
<PhotoJim> all the ones I've been exposed to, at least.
<ball> I'm on a Xubuntu box today and that seems to be using bash
<giovani> ball: well being that xubuntu is ubuntu + xfce ... I'd imagine so :)
 * ball shrugs
<giovani> heh
<ball> It would be really helpful if I had a spare server to try Ubuntu Server on before making the move
<Faust-C> ball, virtualization
<giovani> that's what virtualization is handy for
<ball> (something comparable to the ML110)
<Faust-C> its this new technology
<Faust-C> that allows you to run multiple machines like as if they were real
<ball> Faust-C: I don't think I can run anything on NetBSD that Linux will want to live inside.
 * Faust-C ok ok im done
<ball> ...I'm told Ubuntu doesn't like Xen very much
<Faust-C> ball, friend of mine says he has virtualbox running on fbsd and i think there is a nbsd port eh
<Faust-C> ball, well theres kvm and items like convirt to manage it
<giovani> ball: you don't have any other machines than those running netbsd?
<Faust-C> ball, i suggest you learn more about emerging technologies from all aspects not just a BSD or Linux based view :P
<giovani> qemu sems to maybe-kinda-sorta run on netbsd
<ball> Faust-C: I'm familiar with the concept of virtualisation
<giovani> s/sems/seems/
<Faust-C> ball i know, i was being semi-snarky
<ball> giovani: Not really.  My primary desktop machine crapped out last month.
<giovani> ball: I can't really imagine only running one OS
<Faust-C> giovani, me either
<ball> giovani: I've certainly enjoyed my experimentation with Ubuntu, Xubuntu and Ubuntu Server thus far.
<Faust-C> i would feel out of touch
<giovani> I mean, I definitely have my primary/favorite
<ball> Faust-C: I was out of touch.
<ball> ...and a bit "blinkered"
<Faust-C> lol
<Faust-C> yeah im trying to do my business but i havent really messed w/ vista at all
<Faust-C> im like wtf do i do now... man this is new
<giovani> I aim to be a generalist specialist
<Faust-C> giovani, ah i like that
<giovani> i.e. I know a little about a lot of things -- and a lot about a specific area
<ball> Oh, I suppose I briefly ran MacOS X on an iBook, but once I had X up and running on it that was as much as I needed to know.
<ball> ...because I could connect to NetBSD or Linux boxen and run X clients there.
<giovani> Faust-C: Win7 is a massive improvement
<ball> Then there was the i5/OS project.
<giovani> Faust-C: I'm running it on a few mobile devices that my usage patterns on aren't well suited for *nix
 * ball shudders
<giovani> plan9 ftw!!!
<ball> I doubt anyone's going to pay me to run Plan9
<Faust-C> giovani, nice ive heard 7 has greatly improved and im actually excited because it will spark innovation to a new leveel
<giovani> universities will
<Faust-C> err level rather
<ball> ...though icbw
<giovani> I might pay you to run plan9
<Faust-C> heh
<ball> that'll be 50p please ;-)
<giovani> heh
<giovani> install it first
<giovani> then we can talk
<ball> Damn, that means I have to nuke my Oberon partition ;-)
<giovani> we have a guy at work who used to be employed by bell labs
<giovani> awesome dude
<Faust-C> giovani, ah its you i want to speak to !! lol
<giovani> Faust-C: que?
<Faust-C> heh ill ttyt about it lol
<giovani> heh, okay ... now I'm curious
<ball> Hmm...
<uvirtbot> New bug: #416264 in openssh (main) "ssh -v reports "debug1 - unspecified gss failure. minor code may provide more information"" [Undecided,New] https://launchpad.net/bugs/416264
<uvirtbot> New bug: #416265 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.31-1ubuntu2 failed to install/upgrade: el subproceso post-installation script devolvi? el c?digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/416265
<hisham> Hello Everyone
<hisham> I am a newbie to Servers and need to configure my bind
<hisham> please provide me a link to learn it from A to Z
<jtimberman> I personally use djbdns, instead of bind.
<jtimberman> Documentation: http://cr.yp.to/djbdns.html
<jtimberman> Ubuntu package: http://packages.ubuntu.com/jaunty/djbdns
<jtimberman> I find djbdns to be easier to configure, plus it is historically more secure.
<hisham> jtimberman: hmm but ubuntu server is packaged with BIND? isnt it?
<error404notfound> personally, i use bind for couple of years in corporate environments and never found any issues, though djb is easier..
<jtimberman> i've used bind and djbdns in a variety of environments over the last 12 years. given the choice i'll take djbdns every time.
<error404notfound> hmmm, okay, according to your experience, it might be better...
<jtimberman> better is subjective. bind certainly has a wider knowledge base of experienced users/admins.
<jtimberman> so it is "better" in that regard.
<jtimberman> but for security, simplicity and stability, my preference is to djbdns :D
<ewook> jtimberman: simplicity? stability?
<ewook> jtimberman: you must be misstaken :P
<ewook> sure, bind isn't great.
<jtimberman> like i said, i'll go on my 12 years experience between the two.
<jtimberman> so i can't in good conscience recommend bind :)
<twb> Seems to me that djbdns loses because of djb
<jtimberman> twb: i find that to be irrelevant when a package is available to install the software :)
<twb> jtimberman: it's not configured by the presence/absence of empty files? ;-)
<twb> I confess I have a penchant for dnsmasq.
<jtimberman> twb: eh, i configure djbdns with chef these days anyway.
<twb> !ubuntu admin guide
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<twb> !guide
<ubottu> Sorry, I don't know anything about guide
<twb> Goddammit
<jtimberman> lol
<twb> And google is being unhelpful
<jtimberman> Our channel bot said "beer is good" earlier. markov random chat ftw.
<jtimberman> Looking for: https://help.ubuntu.com/8.04/serverguide/C/index.html
<twb> Thanks
<twb> I wish that was in /topic
<jtimberman> "Ubuntu ships with BIND (Berkley Internet Naming Daemon), the most common program used for maintaining a name server on Linux."
<johe|work> good morning
<\sh> does anyone know a howto to setup gfs/gfs2 on ubuntu?
<soren> ISTR it's rather straightforward.
<soren> \sh: Have you tried?
<\sh> soren: nope...I'm just reading the RH docs how it works in general
<soren> \sh: IIRC, the modules are in the kernel, so you just need gfs2-tools.
<\sh> soren: and apt-cache search gfs brings up a gfs2-utils package which is experimental, but there is no gfs.ko module only gfs2.ko
<\sh> right gfs2-tools was marked as experimental
<\sh> but let's see what I will break on those servers ;()
<soren> $ grep GFS2_FS_LOCKING_DLM /boot/config-2.6.31-6-generic
<soren> # CONFIG_GFS2_FS_LOCKING_DLM is not set
<soren> :(
<\sh> root@tile01:/boot# grep "GFS2" /boot/config-2.6.28-11-server
<\sh> CONFIG_GFS2_FS=m
<\sh> CONFIG_GFS2_FS_LOCKING_DLM=m
<\sh> jaunty here
<soren> Yeah, I know it used to be enabled. I wonder why they disabled it.
<\sh> soren: so i can just follow /usr/share/docs/gfs2-tolls/usage.txt.gz to try to get gfs2 running
<soren> Presumably.
<\sh> ok...let's see
<twb> WTF does this mean?
<twb> Aug 20 18:44:04 trimserver kernel: [760383.682911] audit(1250757844.844:4): type=1503 operation="inode_permission" requested_mask="r::" denied_mask="r::" name="/tmp/server.key" pid=28077 profile="/usr/sbin/slapd" namespace="default"
<twb> Apparently that is apparmor.
<twb> Er, yay?
<\sh> soren: did you ever set gfs2 up? regarding the usage.txt I should do some "mount -t configfs none /sys/kernel/config" which fails for obvious reasons
<rags> i've installed  apache2 mysql-server php5 php5-mysql through aptitude but php files are still not being parsed...
<acalvo> the main place to put webpages is /usr/share/apache2?
<rags> not /var/www ?
<acalvo> mmm
<soren> \sh: What are te obvious reasons?
<soren> rags: You need libapache2-mod-php5
<rags> soren: it's installed....
<soren> Sure? You didn't mention it.
<rags> my guess is apache is not cofigured with php..but itsn't aptitude to take care of tht...
<rags> soren: yeah...I checkd with aptitude...
<soren> Upon installation, libapache2-mod-php5 should set that up.
<soren> What are you using to test it?
<soren> Firefox? wget?
<rags> firefox....ther is file with phpinfo()...
<rags> it just gives me the file as a download
<_ruben> sudo a2enmod php5
<soren> Try with wget.
<rags> _ruben: ok...I'll try tht..but wht does tht do?
<_ruben> enable php5 in apache
<rags> soren: wget?...I dint' understand..how.
<_ruben> a2 = apache2 .. en = enable .. mod = module
<soren> rags: Instead of using firefox to access the url, use wget.
<soren> ...and look at the file you get.
<soren> See if it just says "phpinfo()" or if it was actually parsed.
<soren> Firefox tends to cache a bit eagerly sometimes.
<rags> _ruben: ok..it told me to run apache2 force-reload to enable...
<rags> soren: I'll try tht
<\sh> soren: /sys/kernel/config doesn't exist
<soren> \sh: That's why you mount it...
<rags> nope..same problem with firefox...
<soren> rags: What do you mean?
<\sh> soren: root@tile01:~# mount -t configfs none /sys/kernel/config
<\sh> mount: mount point /sys/kernel/config does not exist
<rags> it just gives the file as a download..
<soren> rags: You just said you'd try with wget.
<soren> rags: I'm telling you: Firefox is not the right tool for testing this.
<rags> soren: i'll try it now...:)
<rags> soren: wget downloads the whole index.php file...
<soren> meaning?
<soren> What's in it?
<uvirtbot> New bug: #416313 in samba (main) "On samba of ubuntu-arm, large file copy fails " [Undecided,New] https://launchpad.net/bugs/416313
<rags> the content tht i've put "<?php echo "it's php";> "
<rags> so, php5 is enabled...and it's still giving probs...can it be tht aptitude didn't enable the moduls or something...?
<uvirtbot> New bug: #416318 in apache2 (main) "Apache doesn't honor existing bootscripts" [Undecided,New] https://launchpad.net/bugs/416318
<hisham> Hello Everyone! I am unable to restart bind
<hisham> when i type $ sudo /etc/init.d/bind9 restart
<hisham> ITs says Stopping
<johe|work> could someone point ma an manual to make ldap the backend for user auth?
<acalvo> hito_jp: killall named
<acalvo> johe|work: https://help.ubuntu.com/9.04/serverguide/C/openldap-server.html check LDAP authentification
<johe|work> thx acalvo
<acalvo> np
<acalvo> in order to be able to access a defined site in apache, I've to set up the dns name in bind and any other place?
<acalvo> if I access thru the IP it works
<acalvo> but thru the dns name it does not work
<acalvo> I've seen some bind configuration that map directly www to an ip, rather than to another IN statement
<eolo999> hi, my logs are "really" too full of "unexpected RCODE (SERVFAIL) resolving". I see this issue is very common but googling and surfing I couldn't get a clear answer on how to solve the issue. I get thousands of this errors a day and I'm worried I misconfigured bind9 itself? Please i urge a solution!
<eolo999> sorry, I'm talking about bind9 ;)
<Boohbah> eolo999: please pastebin your named.conf
 * eolo999 is doing it
<eolo999> !pastebin
<ubottu> pastebin is a service to post multiple-lined texts so you don't flood the channel. Ubuntu pastebin is at  http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from  command line | Make sure you give us the URL for your paste - see also the channel topic
<Boohbah> acalvo: what's the domain name?
<acalvo> Boohbah: esci.es
<Boohbah> acalvo: i got an A record pointing to 213.96.29.134 is that right?
<acalvo> yes
<acalvo> but, wait
<acalvo> this is the production enviornment
<acalvo> and I'm migrating to a new one
<acalvo> so I've set up a testing lan
<acalvo> which can't access the outside world
<Boohbah> what does 'dig esci.es' show from the testing server?
<eolo999> named.conf => http://paste.ubuntu.com/256257/ named.conf.options => http://paste.ubuntu.com/256261/
<acalvo> it points to my dns server
<acalvo> and show the entries for esci.es
<acalvo> esci.es.		604800	IN	A	10.0.0.4
<Boohbah> and you have a 10.0.0.4 vhost defined in apache configs?
<acalvo> yes
<acalvo> http://pastebin.com/d4b95103c
<eolo999> Boohbah: i just added the logging line but it doesn't solve the problem just remove the log entries!
<Boohbah> eolo999: how bout named.conf.local?
<eolo999> Boohbah: arriving
<eolo999> ...
<eolo999> Boohbah: http://paste.ubuntu.com/256267/
<Boohbah> acalvo: i notice ServerName is www.esci.es. can you access it via http://www.esci.es/  ?
<acalvo> no
<acalvo> that's my main problem
<acalvo> it works thru the IP
<acalvo> but not with the dns name (or servername)
<Boohbah> Try  <VirtualHost *:80>
<acalvo> ok
<acalvo> Boohbah: it worked
<acalvo> thank you
<Boohbah> excellent
<Boohbah> i like these tutorials for ubuntu apache config:
<Boohbah> http://articles.slicehost.com/2008/4/29/ubuntu-hardy-apache-virtual-hosts-1
<Boohbah> eolo999: http://www.kholix.com/wiki/index.php/Unexpected_rcode_(SERVFAIL)
<Boohbah> eolo999: you are probably receiving erroneous queries for your slave zones, check the allow-query option
<eolo999> Boohbah: thx. But the server must answer globally for many zones. I just disabled recursion from outside my network and don't know what to do more.
<acalvo> Boohbah: I'll take a good look at them
<Darcsabre_> I'm trying to install a MUCK server on my Ubuntu Server box, and it's telling me it can't find libpcre.  It's also giving me the option of specifying --with-libpcre="".  I'm using the most recent Ubuntu Server Edition version.  Do I need to apt-get something or is it already there?  If the former, what should I get?  If the latter, where is it?
<_ruben> Darcsabre_: most likely you need to install libpcre3-dev
<Darcsabre_> Thank you.
<Darcsabre_> Privately, I'm still waiting for someone to ask if I got Ubuntu Server Edition just to run a MUCK.  Just because it sounds funny. xD
<pmatulis> Darcsabre_: ok, i'll bite.  what is a MUCK server?
<rosa_> hi there..somebody know any graphic tool to do backups into hard drives, tape, dvd, remotelly, etc?
<\sh> Darcsabre_: are you tryinto install protoMUCK?
<\sh> pmatulis: multi user created kingdom
<\sh> pmatulis: simialar to MUD ;)
<rosa_> hi, somebody know any backup tool?
<pmatulis> rosa_: investigate backuppc
<pmatulis> rosa_: not sure about tape and dvd however
<pmatulis> rosa_: bacula as well
<rosa_> i was reading about bacula but look very hard to install...complicate
<Darcsabre_> \sh: No, I'm installing TinyMUCK FB6.  It seems to have worked, though.
<Darcsabre_> And, after a few hitches not related to compile, it's also running.
<acalvo> funny thing
<acalvo> I'm trying to run a program
<acalvo> that works on another server
<acalvo> but it gives me: the file or directory does not exists
<ball> acalvo: what program?
<acalvo> it's the daemon of the Advatange Database Server
<acalvo> s/Advatage/Advantage
<ball> Do you know the name of the executable?
<acalvo> yes
<acalvo> -r-x------ 1 root root 4,1K 2008-03-17 15:10 adsd
<acalvo> I'm logged in as root
<ball> try "which adsd"
<acalvo> uo, does not give any result!
<acalvo> why?
<ball> Is this something that you would like to start manually, or automatically?
<acalvo> but, if I can "see" the file
<acalvo> manually
<ball> try ./adsd
<acalvo> with some command line switches
<acalvo> I've tried it
<ball>  ./adsd {switches}
<acalvo> indeed, I've tried it
<acalvo> complains about not finding the file or directory
<acalvo> locate does not find the file neither
<ball> That's strange.
<sub> acalvo: Is it a binary or a script of some sort?
<_ruben> it probably cant find a library .. try strace ./adsd
<acalvo> should be a binary
<sub> (What I'm really asking is if it has a shebang line that needs to be updated)
<sub> If it's a binary then try what _ruben suggested =)
<acalvo> does not makes sense
<acalvo> strace says the same
<acalvo> execve("./adsd", ["./adsd"], [/* 19 vars */]) = -1 ENOENT (No such file or directory)
<acalvo> write(3, "strace: exec: No such file or dir"..., 40strace: exec: No such file or directory
<ball> try "file adsd" (in the appropriate directory)
<acalvo> adsd: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.0.0, stripped
<acalvo> DAMEN
<acalvo> DAMN
<acalvo> it's x32
<acalvo> under a x32_64 env
<acalvo> Linux earth 2.6.28-15-server #49-Ubuntu SMP Tue Aug 18 20:09:37 UTC 2009 x86_64 GNU/Linux
<ball> What is x32_64?
<acalvo> sorry
<acalvo> x86_64
<ball> Ah, okay.
<acalvo> what do I need to run it?
<acalvo> some sort of 32 bit libraries, right?
<ball> Can't you recompile it, or download a 64-bit binary?
<acalvo> apt-get install linux32 ia32*
<acalvo> no... I can't
<acalvo> they don't have it
<ball> acalvo: that's sad.
<acalvo> It's old
<acalvo> and they went mostly for win enviorenments
<ball> What does it do?
<acalvo> it's a database server
<acalvo> ADS
<acalvo> it was quite famous long time ago
<ball> Oh yes, you did mention that.
<acalvo> sad part is we still use it...
<ball> Perhaps you could set up a 32-bit machine (or VM) on which to run it.
<acalvo> that was what I was thinking...
<acalvo> yes, I'll go for that
<acalvo> seems fine
<acalvo> thank you!
<ball> hello mathiaz
<G__81> i need to enable Perl-CGI support in apache. I am using Ubuntu 9.04 can someone help me out here ?
<jerrcs> Anyone know why I'd be getting these errors when trying to mount/fdisk/anything a particular drive: http://pastebin.com/m43ba526e ?
<sgsax> G__81: a2enmod perl
<G__81> where should i give that
<sgsax> and possibly also a2enmod cgi
<G__81> i followed this
<G__81> http://www.ubuntugeek.com/how-to-install-apache2-webserver-with-phpcgi-and-perl-support-in-ubuntu-server.html
<G__81> but now what i get this
<G__81> error
<G__81> You don't have permission to access /transfer/ on this server.
<G__81> Apache/2.2.11 (Ubuntu) PHP/5.2.6-3ubuntu4.1 with Suhosin-Patch mod_perl/2.0.4 Perl/v5.10.0 Server at 127.0.0.1 Port 80
<G__81> this is the error i get
<G__81> i have added ScriptAlias in apache2.conf
<G__81> and i get the above error
<sgsax> once you've done "sudo aptitude install libapache2-mod-perl2"
<sgsax> then you need to do "sudo a2enmod perl" in a command line
<sgsax> then you also need to edit /etc/apache2/sites-enabled/000-default
<jerrcs> No.. he has perl modules enabled on Apache... what he needs to do is check his error.log file like a smart debugger would do and see why the webserver is denying his request.
<sgsax> G__81: so if perl is setup right, check permissions on that dir (possibly /var/www/transfer ?) and any files in it
<sgsax> dirs need to be chmod 755, cgi files are executable scripts, so they also need to to be 755, any other files need to be 644
<G__81> one sec
<G__81> let me check
<G__81> all files have -rwxrwxrwx
<jerrcs> Have you checked your error.log like I have suggested?
<ball> sgsax: will 711 work for CGI scripts?
<G__81> jerrcs, let me check the error.log
<jerrcs> Good idea.
<G__81> http://pastebin.com/m65c40407
<G__81> this is what i have got
<jerrcs> If you type /var/www/transfer/book2.cgi in your terminal, does it execute?
<G__81> /var/www/transfer/book2.cgi
<G__81> bash: /var/www/transfer/book2.cgi: /usr/local/bin/perl: bad interpreter: No such file or directory
<jerrcs> Type whereis perl and find the correct perl binary, then open up /var/www/transfer/book2.cgi (in nano or something) and change the line at the top of the line to reflect the correct perl path.
<G__81> whereis perl
<G__81> perl: /usr/bin/perl /etc/perl /usr/lib/perl /usr/share/perl /usr/share/man/man1/perl.1.gz
<sgsax> default path for perl on ubuntu is /usr/bin/perl
<jerrcs> ok, so put #!/usr/bin/perl at the top of your book2.cgi file.
<jerrcs> instead of /usr/local/bin/perl
<sgsax> ball: could be, as long as the apache user can execute it
 * ball nods
<G__81> it does not work still
<sgsax> try running it in a console again, see if you get any other useful errors
<G__81> http://pastebin.com/m5304fac5
<G__81> those are the initial lines in the script
<G__81> the script tries to access perl4
<sgsax> you need #!/usr/bin/perl
<sgsax> you're missing the #
<G__81> i think i have not copied it properly
<sgsax> and make sure that is the correct path to cgi-lib.pl
<G__81> its got the #
<G__81> #!/usr/bin/perl
<G__81> # This script creates a HTML document used for booking a system
<G__81> $| = 1;
<G__81> require "/usr/local/lib/perl4/cgi-lib.pl";
<jerrcs> Run the script again in the console.
<G__81> #!/usr/bin/perl
<G__81> # This script creates a HTML document used for booking a system
<G__81> $| = 1;
<G__81> require "/usr/local/lib/perl4/cgi-lib.pl";
<G__81> oh sorry
<G__81> one sec
<jerrcs> no.
<G__81> /var/www/transfer/book2.cgi
<G__81> Can't locate /usr/local/lib/perl4/cgi-lib.pl in @INC (@INC contains: /etc/perl /usr/local/lib/perl/5.10.0 /usr/local/share/perl/5.10.0 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.10 /usr/share/perl/5.10 /usr/local/lib/site_perl .) at /var/www/transfer/book2.cgi line 7.
<G__81> its not able to locate cgi-lib i believe
<sgsax> right, so you need to find the correct path for that file
<clusty> gosh, i can't figure out this godamn ldap
<clusty> grr
<jerrcs> Yep.. you probably have to go through the script install again, or install/locate teh correct modules.
<G__81> sgsax, i dont think i have it i dont have any clue on what that library does
<G__81> is it a standard library ?
<jerrcs> It actually looks a bit out of date.
<jerrcs> Considering most people use perl5 now? Why is it trying to load a perl4 lib?
<G__81> its an old script which i should make it run :(
<jerrcs> regardless, something along the lines of find / | grep cgi-lib.pl might work
<jerrcs> (might take a couple of minutes to run)
<G__81> locate cgi-lib.pl
<G__81> /usr/share/doc/cscope/contrib/webcscope/cgi-lib.pl.gz
<G__81> this is what i get :)
<jerrcs> that's probably not going to work.
<G__81> yes
<jerrcs> Well.. regardless. You're now dealing with old code which probably requires some sort of perl knowledge.. It's out of my league. My apologies.
<G__81> hmmm.
<jerrcs> We did help you debug CGI errors so if you have any you know where to go now.
<jerrcs> laters, going out for a bit. sorry I couldn't help more.
<G__81> thanks a lot
<G__81> thanks jerrcs
<sgsax> G__81: yep, you'll need to go through the perl code and see what that lib is used for
<sgsax> then you'll have to figure out which lib you need to install to make it work
<Psi-Jack_> Hmm, there's no deb for eAccelerator?
<Psi-Jack_> Curiousity. We've tried a few things, so far, mostly with re-nicing processes and such.
<Psi-Jack_> but, we have a server, all it does is run a daemon that runs php and perl scripts all day long, which are communication scripts. Sometimes these scripts start chewing up CPU resources like crazy, but with no control over how much they use up.
<Psi-Jack_> What would you guys do in a situation where you wanted per-application cpu limits?
<Psi-Jack_> per pid cpu limits, that is.
<giovani> that's what nice is for
<Psi-Jack_> Well, nice isn't cutting it.
<giovani> what nice value are you using for the offending process?
<Psi-Jack_> 15
<giovani> and what kind of resources is this process consuming?
<giovani> do you have a vmstat output from when the process has taken over the box?
<Psi-Jack_> Hmm, no, but sec, I might be able to now.
<Psi-Jack_> Yes, what output do you need specifically?
<giovani> running "vmstat 5 5" during the process would be good
<Psi-Jack_> The server's currently under loads of 10 11 9
<giovani> based on the output of that, we can troubleshoot further
<Psi-Jack_> Okay, I'm making 2 of those. load jumped up to 20
<Psi-Jack_> http://pastebin.com/m3ec5263b
<giovani> please paste the output of "ps aux"
<giovani> your idle time is plenty -- load can be very deceiving
<giovani> load average* that is
<Psi-Jack_> Okay
<Psi-Jack_> Alright, got it.
<Psi-Jack_> Didn't want the potential world with that one, so I IM'd it.
<giovani> well you could've pastebined it
<Psi-Jack_> I did.
<giovani> oh, you did
<Psi-Jack_> Because pastebin allows me to delete the data, I can do it. :)
<Psi-Jack_> So, as you see.. A lot of procs. ;)
<sub> PecisDarbs: Does not support keep-alive according to this mailing list thread: http://groups.google.com/group/twitter-development-talk/browse_thread/thread/5057b084a888e676
<sub> err
<sub> wrong channel and nick, sorry
<giovani> Psi-Jack_: how many cores/cpus does this machine have?
<Psi-Jack_> Dual CPU, Quad Core each, so 8 cores.
<giovani> ok, so that load is NOT a high load
<giovani> and here's why
<giovani> load average is calculated with a rough estimate of 1 = one cpu worth of scheduling
<giovani> so, with an 8 core server, optimal load is 8.0
 * Psi-Jack_ ndos.
<giovani> so a load of 9 or 10 on a busy box
<giovani> is not bad
<giovani> especially once you see the actual cpu usage
 * Psi-Jack_ nods.
<giovani> as load average takes into account the number of processes queued up and stuff
<giovani> and you have a TON of processes
<giovani> unless the box is sluggish, this is not an indication of anything wrong
<Psi-Jack_> Okay.
<Psi-Jack_> So, what would be considered, a high load?
<Psi-Jack_> In this case scernario?
<giovani> 16+ maybe
<giovani> would be moderately high
<Psi-Jack_> Okay.
<giovani> not an emergency
<giovani> it's an equivalent of a 1 core box having a load of 2
<Psi-Jack_> Then, in Nagios.. It has warnings for the three load states, what would you consider high for the Cur, 1m, 5m?
<giovani> if it's always like that -- then you'd need to take a look at where the bottleneck might be -- but load average doesn't really tell you how taxed your cpu is
<giovani> I figure 16 should be a warning, yeah
<giovani> if it hits 16 regularly -- you'll want to look into the cause
<Psi-Jack_> 16 in the 5m?
<giovani> Psi-Jack_: sure, 1m or 5m?
<Psi-Jack_> Gotcha. ;)
<Psi-Jack_> The 0m can easily be bumped up to ... 8*4
<Psi-Jack_> That would be a high load of 32
<giovani> 1m you mean?
<Psi-Jack_> Actually.
<Psi-Jack_> Just spoke to a coworker of mine.
<Psi-Jack_> In our case, high load is 8, because if it reaches up to 12, and stays there for any period of time, we start having problems.
<Psi-Jack_> If it ever reaches 20, kiss that server good bye.
<Psi-Jack_> heh
<Psi-Jack_> So, with that knowledge, what's your take?
<giovani> load is not a good indication of that
<giovani> I'd need to see the server when it's sluggish
<giovani> I don't see any high iowait
<giovani> memory speed, etc could be an issue
<giovani> brb
<Psi-Jack_> it's got 8gb
<Psi-Jack_> Dell Poweredge 2950, Dual CPU, Quad Core Xeon E5335 (2.00GHz)
<Psi-Jack_> 64bit of course.
<Psi-Jack_> Memory-specs, are 8x1GB DDR2 667MHz
<Psi-Jack_> Non-ECC
<giovani> 8GB of RAM for an 8-core server?
<giovani> kinda skimpy, no?
<Psi-Jack_> Heh, not really.
<giovani> yeah ... really
<giovani> I don't know why you'd need so much cpu and so little ram
<giovani> I have two-core machines with twice as much ram as you do
<Psi-Jack_> We never use up all the ram as-is now.
<Psi-Jack_> There's 2.3GB just sitting there doing nothing.
<Psi-Jack_> 5.7GN used, 4.6GB of that just buffers & cache.
<giovani> your vmstat says otherwise
<giovani> I'm seeing free ram numbers in the 500MB range
<giovani> which would imply that 7.5GB are used/cached/buffered
<giovani> anyway
<giovani> ram speed can be an issue
<giovani> depending on your needs here
<giovani> you can end up taxing the memory speed, and not the cpu (because 8 cores is a lot)
<giovani> I'd need to see the box when it's fully sressed
<giovani> stressed*
<Psi-Jack_> Eh? 500mb?
<Psi-Jack_> Where'd you see that?
<Psi-Jack_> Oh, yeah. I see now.
<Psi-Jack> Heh, aight, I'm home for lunch now. Heh
<sub> I just love how quickly Ubuntu Server and JeOS boot
<Psi-Jack> Heh yeah
<Psi-Jack> Stack on eBox, and it's so much slower. ;)
<sub> I still have yet to use eBox, I just started hearing of it recently :)
<Faust-C> ebox is too much
<Faust-C> its a great concept but the execution needs to be redone
<Faust-C> like have modules be installed only when you need them, not ahead of time waiting to be configured
<sub> What's the difference between eBox and something like Landscape?
<Faust-C> that adds extra "weight" on the OS and unnecessary updates
<sub> (I don't use either atm)
<Psi-Jack> Umm, They do install when you need them. You tell it when you need them.
<Faust-C> sub, idk never used landscape
<Psi-Jack> landscape, is. Bleh.
<foolano> Faust-C: that's really easy to do
<Faust-C> Psi-Jack, before it had everything installed and then you configured it when you needed it
<Faust-C> foolano, i imagine it is, i now have the time to maybe help
<Psi-Jack> Faust-C: 1.2, you installed what you wanted, during installation. If you did it by their install CD
<Faust-C> i was thinking about adding a php module for citadel to shutdown, restart and update the base OS
<Faust-C> Psi-Jack, oic
<foolano> Faust-C: we changed that in 1.2 cuz there were too many modules
<Faust-C> yeah
<Faust-C> foolano, hell now that i have plenty of time on my hand i look forward to being able to help more in some way
<foolano> Faust-C: help is always very welcome :)
<Faust-C> sometimes its more valuable than $$$
<andol> mathiaz: Regarding bug #394036, I figured I start testing on edgy,feisty and gutsy. Or are you doing the same? Figured I'd try to avoid dubble work :)
<uvirtbot> Launchpad bug 394036 in mysql-dfsg-5.0 "MySQL 5.0.22 Crash on Ubuntu 6.06.2 LTS (SELECT 0+0+0...)" [Undecided,Fix released] https://launchpad.net/bugs/394036
<mathiaz> bdmurray: hey - could smoser be made part of the ubuntu-bugcontrol team?
<mathiaz> bdmurray: it seems he cannot set the importance on bugs
<smoser> there ya go.
<mathiaz> andol: I'd start to test on feisty
<mathiaz> andol: I'm not working on this right now
<Psi-Jack> ACPI: Unable to turn cooling device [f7076f18] 'on'
<mathiaz> andol: so you won't do double work
<Psi-Jack> I keep getting that constantly on one of my servers.
<mathiaz> andol: feisty is 5.0.35 IIRC which is in between dapper (5.0.22) and hardy (5.0.51a)
<Psi-Jack> I just want it to stop trying, cause it obviously can't. ;)
<andol> mathiaz: thanks, will do.
<mathiaz> andol: if feisty doesn't crash, than trying edgy (5.0.24) and hope that edgy doesn't crash either
<mad> Hi, I am trying to install ubuntu server on a computer with 4 partitions and two disks RAID 0/1 it seems to be hanging on "Configuring makedev" the HDD makes a little noise ever 10 seconds or so but it has been stuck here for at least 10 minutes should i keep waiting or is something wrond?
<mad> wrong*
<mathiaz> andol: if so we've already narrowed down the potential revisin
<mad> I'm using the latest unbuntu server edition btw
<bdmurray> mathiaz: is smoser familiar with the requirements for being a member? and do you vouch for them?
<mathiaz> bdmurray: what's the wiki page where the requirements are outlined?
<bdmurray> mathiaz: https://wiki.ubuntu.com/UbuntuBugControl ;-)
 * smoser is reading now
<artillerytx> can someone help me figure out why my subdomain isn't working
<_jmedina> artillerytx: what kind of subdomain?
<giovani> artillerytx: by "my subdomain isn't working" do you mean that it's not resolving to an IP address via DNS, or that you're hosting a webserver with a vhost, and it's not working as you expect?
<_jmedina> plase give more details so we can help..
<artillerytx> i am running bind and apache i have 3 domains hosted 1 of which i am trying to set up a sub domain for ... i have created an A record on wwmcd.org for swot.wwmcd.org and also created a VHOST for swot.wwmcd.org restarted bind and apache and still nothing
<giovani> well did you test that DNS is resolving properly first?
<artillerytx> with dig?
<giovani> because if  swot.wwmcd.org is your domain -- it's not resolving for me
<giovani> sure, or any other utility
<artillerytx> i can't do it from inside the network
<giovani> why not?
<artillerytx> the server is on the same network as me
<_jmedina> swot.wwmcd.org is not resolving here...
<artillerytx> but wwmcd.org is working for you correct?
<giovani> artillerytx: why would that prevent you from sending a DNS query? this isn't making sense
<giovani> yes, wwmcd.org has an A record
<_jmedina> giovani: probably he is nating...
<artillerytx> okay when i do dig swot.wwmcd.org i get http://paste.ubuntu.com/256464/
<giovani> _jmedina: why would that prevent him from sending a DNS query?
<giovani> artillerytx: because, as it's shwoing you ... there's no response
<giovani> it's blank
<giovani> there's no "ANSWER SECTION"
<_jmedina> :) that is not a problem to me, it depends what dns query tool he is using
<giovani> _jmedina: what?
<giovani> artillerytx: also, you are not the only authoritative DNS server for your domain
<giovani> ns{1,2}.everydns.net.wwmcd.org are as well
<artillerytx> yeah i set those up as slaves
<giovani> ok
<_jmedina> giovani: forget it, I didnt see he was using dig..
<giovani> artillerytx: well they're not propagating
<giovani> oh
<giovani> well your TTL is set very high as well
<giovani> it'll take time for the DNS record to trickle out
<artillerytx> can i change that ?
<artillerytx> thats time to live right?
<giovani> sure, but it won't take effect until the next TTL cycle
<giovani> it's set in your bind config
<_jmedina>  you can use rndc notify from master
<giovani> _jmedina: they still need to trickle down to internet relays
<artillerytx> So.. what should i do
<giovani> artillerytx: you should wait
<lwizardl> hi
<artillerytx> well i've had it set up for like 4 days it worked for one day and then stopped working
<lwizardl> anyone here using ispconfig 3?
<giovani> artillerytx: well that sounds like a different problem
<giovani> lwizardl: that control panel isn't supported here
<lwizardl> giovani, ok do they have a channel?
<lwizardl> giovani, what panel is?
<artillerytx> google.com
<giovani> lwizardl: ebox
<giovani> and barely at that
<giovani> most people here don't encourage using "web panels"
<giovani> lwizardl: I'd consult their official website to see if they have an irc channel
<lwizardl> giovani, I have used cpanel and hated that one so i'm testing out others
<giovani> and indeed they do -- shockingly, #ispconfig on freenode
<giovani> lwizardl: yeah, those are all hosting-industry specific, and aren't supplied with ubuntu
<lwizardl> giovani, that channel is invite only i just got booted from there
<lwizardl> * You have been kicked from #ispconfig by ChanServ (Invite only channel)
<henkjan> lwizardl: for a decent panel try openpanel
<giovani> lwizardl: sounds like an awful project then -- don't use it
<artillerytx> giovani: what kind of problem do you think it is?
<giovani> artillerytx: no clue -- you should probably understand how DNS works before running a DNS server though
<giovani> it's possible that it's not propagating properly to your slaves, etc
<artillerytx> alright
<artillerytx> thanks
<artillerytx> there really isn't that much to dns servers you add a record and say hey this domain is going to look at this ip address now
<giovani> uh
<giovani> DNS isn't incredibly simple
<giovani> it's got a lot of things going on
<KillMeNow> not even close to being simple
<artillerytx> maybe thats why its not working i think its too simple
<KillMeNow> did you read all those links i sent you the other day?
<artillerytx> about rndc
<KillMeNow> i seem to remember sending you a bunch of links on how DNS works as well
<artillerytx> i know how dns works
<KillMeNow> ok
<artillerytx> but there is one little thing im missing apparently
<artillerytx> or else my sub domain would work
<giovani> artillerytx: I don't think that you're familiar with how it works
<giovani> I've walked you through this process before
<giovani> I think others have as well
<giovani> this is not something you grasp fully in an hour
<artillerytx> i have everything set up correctly
<artillerytx> go into the domains hosts file add an a record pointing at the ip address
<artillerytx> set up a virtual host for that domain
<artillerytx> assuming i have bind set up correctly thats all i have to do
<giovani> assuming ALL of the servers involved in the domain are set up correctly
<artillerytx> i have 3 domains set up all running fine...
<artillerytx> which includes wwmcd.org
<giovani> then clearly it's working fine
<sub> umm
<artillerytx> woah no need for sarcasm
<sub> artillerytx: http://pastebin.com/f63c5bb8b
<sub> take a look at your NS records
<artillerytx> oops
<artillerytx> now they are good
<sub> is dns1.longhornpcrepair.com a master or slave? and if it's a slave, what is it a slave to?
<artillerytx> dns1 should be the master
<sub> have you been updating the serials in your zone?
<sub> serial*
<artillerytx> alright never heard of that before, What is that?
<giovani> oh boy
<sub> problem solved...
<_jmedina> :)
<sub> haha
<sub> ok
<sub> you should read up on DNS more
<giovani> artillerytx: this is why, when you come in here and claim that you've got DNS figured out and  that you don't need to learn any more about it
<giovani> we don't believe you
<artillerytx> No i do need to learn more about it
<sub> and at least at this point, you know that you need to read about some sort of serial
<artillerytx> but i need to understand in what situation it applies
<_jmedina> artillerytx: read about dns fundamentas and you will figure it out
<sub> so I suggest that you learn more about DNS. but at the very least google "dns serial zone file" or something to that effect and blunder your way through it
<_jmedina> probably readin BIND ARM
<sub> any introduction to DNS should cover the serial, I'm sure even howstuffworks.com has an article about it
<sub> i take it back, the howstuffworks.com article doesn't mention the serial :P
<_jmedina> :), there is the legendary DNS HOWTO
<_jmedina> http://tldp.org/HOWTO/DNS-HOWTO-5.html
<sub> oh yes
<_jmedina> read 5.6 section Slave servers...
<_jmedina> artillerytx: well, start reading from the first page
<ycy> hi there
<ruben23> hi trying to ssh on a remote server -->i can login and during the browsing of files ans setting i get hangup..already restarted the server and my network..same thing happens..
<garymc> Hi does anyone know how I would cluster 3 rack servers together with ubuntu?
<garymc> Im currently using Ubuntu 9.04 LTSP
<_jmedina> 3 rack servers?
<garymc> yep
<garymc> Hp Proliants
<sub> garymc: There are many different types of clustering. How do you mean it?
<_jmedina> what wind of cluster?
<garymc> I want to utelise the Hard drives and CPU's
<garymc> as if they where one server?
<ycy> i remember that ubuntu-server asks for automatic updates during the installation
<pmatulis> ruben23: i would check your logs.  you can also start the sshd in the foreground
<garymc> how would i do this??
<garymc> and is it a momoth task?
<garymc> *mamoth
<ruben23> pmatulis: what you mean foreground..?
<ruben23> ill be checking the remote server logs...?
<sgsax> garymc: sounds like you're talking about a beowulf cluster
<ycy> however how can I set it up?
<sgsax> which is doable, but not for the newbie
<pmatulis> ruben23: man sshd and check the '-d' (-dd, -ddd) switch
<sgsax> ycy: two ways, either use unattended-upgrades, or script and cron your updates
<garymc> i dont think beowolf is supported in linux
<garymc> so i heard
<PhotoJim> there's a Debian-based Beowulf installation
<sub> http://en.wikipedia.org/wiki/Beowulf_(computing)#Operating_systems
<sub> Also Knoppix
<sub> That's kind of neat
<sgsax> garymc: beowulf is entirely based on linux systems
<sgsax> if somebody told you otherwise, they didn't know what they were talking about
<garymc> ok, ive just been told thats too deep for my knowledge
<sgsax> I'd recommend against it, if you're just wanting to leverage your computing power
<artillerytx> alright i read about the serials but im gonna keep reading about it some more before i ask again about dns... i swear !
<artillerytx> but i ran this named -g -p 53 to check for errors and i get http://paste.ubuntu.com/256481/
<artillerytx> that can't be good
<giovani> clearly you have a syntax error
<giovani> seems self-explanatory
<sgsax> artillerytx: and in your named.conf, not your zone file
<qman__> most specifically, you have two separate options blocks, which is not allowed
<artillerytx> alright so if i get open: /etc/bind/rndc.key: permission denied i need to change the permissions of that file
<cemc> if I have 4GB ram, can I use i386 ubuntu? will it see the whole 4GB ?
<cemc> or do i have install 64bit ?
<PhotoJim> there is a way around the problem, but 64-bit works best with 4 GB or more of RAM.
<giovani> 3GB or more*
<giovani> presuming you have a standard video card, and a standard motherboard
<svschwartz> hi  all! I guess you are all sysadmins here, right? and you do sometimes need to backup operating system or disk drive, so my question is what is the best linux tool to do this job (ala acronis true image) ?
<KillMeNow> i don't know if Ubuntu has a PAE switch like windows does
<PhotoJim> right, thanks.
<giovani> KillMeNow: in the -server kernel, it does
<giovani> svschwartz: different tools are used depending on preference mostly
<sgsax> if you enable CONFIG_HIGHMEM=y in your kernel config, you can access 4GB+ RAM with a 32-bit kernel
<svschwartz> giovani: personaly I know dd and partimage, later one is crap and dd is not smart you know
<sgsax> partimage isn't exactly "crap", just out of development and has a few quirks
<svschwartz> cemc: forget it, use x64
<giovani> sgsax: which, as I said, is default with the -server kernel
<svschwartz> sgsax: that's exactly what meant :)
<sgsax> fsarchiver is the new kid on the block, we've had mixed success with it
<cemc> I have a 32bit ubuntu installed on a system, and I want to move it to another system which has 4gb ram
<giovani> svschwartz: dd is for taking bit-for-bit copies -- this is not usually what people want for a "backup" system
<cemc> can I "upgrade" to 64bit then? :)
<svschwartz> giovani: yep :)
<giovani> svschwartz: rsync is pretty good at keeping two directories in sync, it's very smart
<sgsax> cemc: nope, you'll need to reinstall, because none of the binaries will be compatible
<svschwartz> cemc: reinstall the os
<giovani> do this over a network -- and you have a backup system
<giovani> cemc: as long as it's a current release of ubuntu, you don't need to reinstall, or move to 64-bit
<giovani> however, you can if you want to
<cemc> giovani: it's hardy
<svschwartz> ok, I see
<sgsax> for backups, we use rdiff-backup
<cemc> giovani: with 2.6.24-24-server
<sgsax> which I don't exactly recommend, but it works well enough
<svschwartz> please tell me if anyone is interested in smart OS/drive/partition backup
<giovani> svschwartz: what do you mean?
<giovani> we already have that ...
<KillMeNow> bacula
<KillMeNow> web based backup utility
<svschwartz> can it restore MBR ?
<svschwartz> partition table ?
<sgsax> you want disk imaging, not backups
<giovani> svschwartz: if you want it too ... that's what dd is for
<svschwartz> sgsax: yes, sorry
<giovani> use dd to copy the first 512Bytes of the drive
<sgsax> use partimage to get an image of the partitions
<giovani> you can use dd for that as well
<giovani> pipe it through gzip to eliminate the zeros space
<sgsax> boot to a livecd, partition the new disk, pull your image(s) down, and install grub
<svschwartz> I want to share my expirience with disk imaging tool called... partimage-ng :)
<PhotoJim> I'm boring.  my disk image tool is dd :)
<svschwartz> partimage-ng is really smart
<svschwartz> it does save MBR, partition table and blocks that are used, works with ext2/3, ntfs, vfat
<svschwartz> I wonder why it is not in main? it whould be great to have it out of the box with live cd to backup or restore drives
 * _jmedina uses clonezilla livecd which uses partimage and other tools
<giovani> svschwartz: the ubuntu livecd is a desktop livecd -- it's not built for recovery
<giovani> use a dedicated recovery livecd for that -- plenty exist
<_jmedina> there is a clonezilla livecd based on ubuntu :)
<_jmedina> the alternate livecd
<giovani> dedicated recovery cds have more tools for more tasks though
<svschwartz> no way, I whould love to have "Ubuntu Rescure" with me everywere :)
<giovani> since they're focused on that niche
<svschwartz> you see I don't need or want to have a dedicated live cd just for one small tool
<giovani> svschwartz: I'm not suggesting anything of the sort
<svschwartz> and one more thing, ubuntu does ship parted and gparted, which is really handy
<giovani> recovery livecds may have hundreds of tools
<svschwartz> like dd :)
<giovani> like hundreds of tools
<svschwartz> ok, I see, no interest
<svschwartz> thanks anyway
<artillerytx> I've tried a couple of different ways to get my rndc to work...i kept getting errors but now when i restart bind i get rndc: get: not found
<sgsax> svschwartz: so are you working on partimage-ng, or just like it?
<Faust-C> recommendations for remote desktop, (no VNC its too laggy)
<sgsax> Faust-C: xdmcp
<Faust-C> sgsax, oh yeah lol
<sgsax> :)
<Faust-C> hmm i might intergrate that into my services
<Faust-C> cause i want to migrate clients to linux and provide remote support
<Faust-C> koo
<henkjan> Faust-C: http://code.google.com/p/neatx/
<Psi-Jack_> Is there a heartbeat guide for Ubuntu?
<Psi-Jack_> 8.04 and/or 9.04?
<svschwartz> sgsax: I don't right code for it, but I do use it and used to talk to original developer at early stage of project
<Faust-C> henkjan, oh nice
<sgsax> artillerytx: you don't really need to use rndc manually
<svschwartz> sgsax: write :)
<svschwartz> sorry
<sgsax> edit your config and zone files properly and just /etc/init.d/bind9 restart
<artillerytx> sgsax: well everytime i do rndc-confgen -> rndc.conf and then restart bind it just hangs
<sgsax> but it sounds like you still don't grok the fundamentals of how bind works
<artillerytx> I'm just trying to fix one thing at a time
<artillerytx> thats how i learn
<Albatross> Hi. I'm using vsftpd. Does anyone know why I can
<Albatross> not deleate folders wile logging on as loval user.
<Albatross> local*
<sgsax> svschwartz: it looks promising, but their sf page is a bit bare, and their new wiki is empty, so it doesn't really instill a lot of confidence
<sgsax> rndc is a tool that is supposed to make maintining your named.conf and zone files easier
<svschwartz> sgsax: it is much closer :) https://launchpad.net/partimage-ng
<sgsax> but it won't help if you don't know what to do with them
<sgsax> svschwartz: I did see that
<svschwartz> sgsax: and code on lp too
<svschwartz> sgsa: sf page is too old, forget it
<Albatross> Anyone?
<sgsax> artillerytx: seriously, do yourself a favor and get the O'Reilly "DNS & Bind" book
<qman__> svschwartz, I make backups with tar
<qman__> if I need something more complicated I usually create a bash script for it
<sgsax> Albatross: I don't understand your question
<svschwartz> qman__ : well I do actually use tar, gzip, bzip2, rsync, but non of them can really make drive image
<svschwartz> no way
<sgsax> svschwartz: no "stable" release yet?
<svschwartz> sgsax: I guess the author just does not know when to call it "stable" and make a release :)
<svschwartz> or maybe he just didn't need it, because nobody actually asked for that
<svschwartz> it works for me, so I guess it is stable enough
<sgsax> they don't have .deb packages?
<svschwartz> there used to be a ppa, but looks outdated now
<mathiaz> kirkland: do you plan to provide a hardy backport of your new kvm-qemu package?
<qman__> svschwartz, I use dd for disk images, usually piped to gzip or bzip2
<qman__> it's not the fastest method but it works
<qman__> Albatross, it's probably a permissions problem
<qman__> if the user doesn't own the folder, that's probably it
<qman__> if the sticky bit is set, a user can't delete anything he doesn't own
<svschwartz> qman__ : yes, it does, surely, but that is not the of samurai ;)
<qman__> if not, you still need write access
<sgsax> svschwartz: I'm intrigued, as I've been using partimage for a long time, warts and all
<qman__> I've used partimage plenty of times
<qman__> the interface is just too clunky for me
<svschwartz> sgsax: on jaunty or lenny please build from this branch https://code.launchpad.net/~gene-czarc/partimage-ng/devel-gc1
<svschwartz> sgsax: partimage-ng has only one word to share with partimage  :) the code is written from scratch
<qman__> the last time I needed to clone some disks, I piped dd to gzip to netcat
<qman__> and then did the reverse on a number of clients
<svschwartz> qman__ : remember that every I/O call makes your drive closer to crash/bad blocks etc :)
<svschwartz> thanks for your time guys, bye
<Albatross> sgsax: While connecting via ftp i can only remove files. The folders remain.
<sgsax> so you need to know how to remove directories?
<sgsax> it's been a while since I've used ftp, but shouldn't "rmdir" work?
<Albatross> sgsax: It shoud, but it doesnt..
<Albatross> sgsax: What do you use, then? Something better than ftp? I'm kinda newbie..
<sgsax> scp
<sgsax> no interactive shell like ftp, but is secure (runs over ssl)
<Psi-Jack_> SSL? Are you mad?
<Albatross> aah. Well, as newbie i need the interface.. ^^
<Psi-Jack_> Albatross, No you don't.
<sgsax> Psi-Jack_: I know, it's crazy :)
<Psi-Jack_> bash is a perfectly good interface.
<sgsax> Albatross: do you have shell access on the remote server?
<Albatross> yes.
<Albatross> My own server..
<sgsax> so use scp to upload files, and ssh in to server to remove files/dirs
<Psi-Jack_> Or just run ssh servername commands
<sgsax> scp /my/local/file user@remote.host.org:/remote/path/to/file
<Albatross> srverame commands?
<sgsax>  ^^ that's your masic syntax
<Psi-Jack_> ssh myusername@myserver.com rm /some/file
<Albatross> oh. hold your horses. Mu server is ubuntu, but my client is windows..
<sgsax> Albatross: in that case, get WinSCP
<Psi-Jack_> Then yeah, you'd have to ssh in using putty.
<sgsax> nice UI and everything :)
<Psi-Jack_> Or get winxmp.
<Psi-Jack_> winscp even
 * Psi-Jack_ shrugs.
<Psi-Jack_> I don't even use Windows, so I don't care to support it.
<qman__> or just use sftp
<qman__> which is exactly like ftp, only it uses openssh to connect
<Albatross> ok. will look into them. thanks for the tip.
<Albatross> Psi-Jack: Well, in sweden you have no choice really.. Everything os so microsoftified tou have to use the crap.
<qman__> everything?
<qman__> as in what?
<Psi-Jack_> Albatross, You ALWAYS have a choice.
<qman__> there's very little that won't work on linux
<qman__> poorly written sites for IE6 fall under that category
<Albatross> Correct. I have a coice, but i'm lazy. I'm satisfied to know wich is best.. ^^
<Psi-Jack_> qman__, Not entirely true, Now you can even view those using wine installed IE6
<qman__> I'll have to try that
<Psi-Jack_> heh
<qman__> I have to support some DVR software that only works with IE6
<qman__> and some ATM software too
<Psi-Jack_> wine-doors, or playonlinux, installs it perfectly.
<qman__> uses activex heavily
<qman__> for anyone in the market, don't buy a GeoVision system
<qman__> it's completely locked to windows
<Psi-Jack_> Heh
<Psi-Jack_> GeoVision, eh?
<qman__> yeah, I wasn't the one who shopped around for it
<Psi-Jack_> I did a google search for Geovision, and the first thing I saw was "Don't Buy a Geovision DVR"
<qman__> it works okay, but the software is just...awful
<Psi-Jack_> Digital Video Surveilance stuff?
<qman__> and the documentation is worse
<qman__> yeah, security cameras
<qman__> I found out later I could have gotten linux friendly cards with better framerates for less
<qman__> bluecherry I think it is?
<Psi-Jack_> Yep
<qman__> being stuck on windows wouldn't be so bad if their software was any good, but it just isn't
<qman__> there's about 15 different programs and the documentation doesn
<sgsax> any lvm experts in here?
<qman__> doesn't tell you which one you need
<Psi-Jack_> what about lvm?
<qman__> I know a little about lvm, but I wouldn't say I'm an expert
<sgsax> subordinate accidentally reinstalled a machine and didn't realize the data partition was lvm
<Psi-Jack_> Shoot him in the foot.
<sgsax> so he left the partition intact, but we're unable to recover access to the partition
<sgsax> was hoping somebody might know some tricks
<qman__> there was a thing on the ubuntu RSS that taught about having a mobile LVM
<qman__> might be of some help, let me find the link
<Psi-Jack_> Okay, well, left the partition in-tact, but what about the data on it?
<sgsax> that's the thing, we can't mount it to see
<qman__> http://feedproxy.google.com/~r/pthree/~3/QVdy_bclMuE/
<sgsax> pvscan, vgscan, lvscan all come up empty
<qman__> hmm
<Psi-Jack_> sgsax, Then obviously, it's destroyed.
<qman__> link doesn't seem to be working for me
<qman__> yeah
<qman__> if those don't come up with anything it's gone
<Psi-Jack_> Yep
<sgsax> even tried vgchange -ay, still no luck
<sgsax> damn
<Psi-Jack_> Well, if none of the scans worked, it's gone.
<Psi-Jack> [ 115.340885] ACPI: Unable to turn cooling device [f7076f18] 'on'
<Psi-Jack> I keep getting that, even though I put blacklist fan in my modprobe.d/blacklist.conf
<clusty> Psi-Jack, wooohoooo
<clusty> got finally DNS up and running
<clusty> weeeee
<jpds> Psi-Jack: Why have you blacklisted fan?
<Psi-Jack> jpds: That's one of the "fixes" the forums suggested.
<Psi-Jack> I'm trying the /etc/defaults/acpid idea now, and omitting fan from the modules.
<Psi-Jack> Nope.
<Psi-Jack> Still occuring. :/
<Psi-Jack> [ 49.340936] ACPI: Unable to turn cooling device [f7076f18] 'on'
<Psi-Jack> So, any ideas?
<zagabar1> Hi. I am trying to set up a ircd-hybrid server on my ubuntu server.
<zagabar1> But I have some problems.
<zagabar1> When I typed sudo apt-get install ircd-hybrid to get it, I got this error when it tried to start it after installing: http://pastebin.com/m492725b5
<zagabar1> Also, I have no ircd.conf anywhere
<clusty> can some1 please help me out with LDAP authentification
<sgsax> zagabar1: did you try "dpkg-reconfigure ircd-hybrid"
<clusty> I am still unable to reach my server
<zagabar1> sgsax: /usr/sbin/dpkg-reconfigure: ircd-hybrid is broken or not fully installed
<clusty> i am constantly asked for a password, and the one i supplied during installation does not work
<Psi-Jack> active[0]:               -266 C: devices= FAN
<Psi-Jack> passive:                 -248 C: tc1=4 tc2=3 tsp=60 devices=CPU0
<sgsax> try removing it and then reinstalling it, sounds like the install failed partway through
<Psi-Jack> Goodie.. -266 C!
<sgsax> Psi-Jack_: that's one cold machine
<Psi-Jack> Heh
<Psi-Jack> I wish!
<Psi-Jack> It's actually at 39 C currently.
<zagabar1> sgsax: I already tried that twice. Maybe it doesn't remove everything when I type apt-get remove?
<sgsax> possibly not
<Psi-Jack> That's just the trips, to make the fan come on tillit REACHES -266
<sgsax> try apt-get purge
<sgsax> tha should wipe any remnants away
<sgsax> Psi-Jack_: perhaps your sensors just have lousy drivers
<Psi-Jack> Well, that's a given.
<zagabar1> sgsax:  http://pastebin.com/m140c1c70
<Psi-Jack> But it's annoying as heck, because every 6 seconds, I see it trying to turn on the fan, but can't.
<Psi-Jack> Filling my logfiles (and consequently, database where syslog also logs to)
<sgsax> zagabar1: you need to include the package name "apt-get purge ircd-hybrid"
<giovani> unfortunately
<giovani> CPU Temp         | 32.000     | degrees C  | ok    | na        | na        | na        | 76.000    | 78.000    | 80.000
<giovani> Sys Temp         | 43.000     | degrees C  | ok    | na        | na        | na        | 76.000    | 78.000    | 80.000
<zagabar1> sgsax: http://pastebin.com/m2e9b741a
<zagabar1> It still troubles when it is installed.
<sgsax> looks like the package may be broken, did you check in launchpad if this is a known bug?
<zagabar1> Nope. I don't even know what launchpad is. xP
<sgsax> https://bugs.launchpad.net/ubuntu/+source/ircd-hybrid/+bug/230168
<uvirtbot> Launchpad bug 230168 in ircd-hybrid "package ircd-hybrid 1:7.2.2.dfsg.2-3 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,Confirmed]
<sgsax> reported in May, 2008
<sgsax> I'd suggest trying a different ircd
<zagabar1> I see. Do you know of a good one?
<ycy> how can I set ubuntu-server to automatically install software updates?
<sgsax> ycy: you see my earlier response?
<guntbert> sgsax: have you got a minute to tell me *how* you found that bug so fast - I'm a bit clumsy around launchpad?
<sgsax> guntbert: I just searched for the package name
<sgsax> that bug was the first hit
<sgsax> just got lucky :)
<guntbert> sgsax: I see, thx :-)
<KillMeNow> ycy:  http://ubuntuforums.org/showthread.php?t=855299
<sgsax> ycy: this also works
<sgsax> DEBIAN_FRONTEND='noninteractive' /usr/bin/apt-get -y --force-yes dist-upgrade
<sgsax> think it does basically what the unattended-upgrades does
<sgsax> but on a per-instance basis and not a permanent system-wide basis
<ycy> sgsax: i don't, sorry
<ycy> sgsax: i have to use unattended-upgrades ?
<sgsax> that's one option
<sgsax> the other is the command I listed above
<ycy> is that installed by default on ubuntu ?
<sgsax> nope
<ycy> all right
<ycy> thank you
<ycy> does unattend-upgrades also upgrade kernel or only upgrades that don't require a reboot?
<sgsax> it's a metapackage that modifies configs in /etc/apt/conf.d
<sgsax> not sure what else it does to actually run the updates
<sgsax> I guess /etc/cron.daily/apt runs and when unattended-upgrades is set, it does the work
<sgsax> I run the command I pasted from cfengine so I get a report emailed to me when it's done
<sgsax> note I only do this on desktops, not servers
<clusty> help any1 :D?
<clusty> totally lost here with the damn LDAP
<clusty> cannot get in, not even from the machine itself
<_jmedina> clusty: what is the problem?
<clusty> _jmedina, well installed slapd
<_jmedina> what distro, what slapd version?
<_jmedina> details please
<clusty> and whenever i try to query for anything i am asked for passoword
<clusty> and i get denied
<clusty> second
<_jmedina> show command output
<clusty> vlazar@algorithmica:~/ldap$ ldapadd -x -W -D "cn=admin,dc=debuntu,dc=local" -f people_group.ldif
<clusty> Enter LDAP Password:
<clusty> ldap_bind: Invalid credentials (49)
<jerrcs> http://pastebin.com/m312f8f71 < getting some errors when I try to mount a drive.. can anyone help?
<_jmedina> clusty: so, what version?
<clusty> _jmedina, sec lemme find out the command for package version :D
<_jmedina> dpkg -l slapd
<clusty>  2.4.9-0ubuntu0.8.04.3
<clusty> apt-cache policy slapd
<clusty> is what i did
<_jmedina> what ubuntu vesion?
<clusty> hardy
<clusty> 8.04
<_jmedina> usb disks sucks
<clusty> jerrcs, your disk in good shape?
<clusty> jerrcs, or got ran over by an elephant ? :D
<_jmedina> bad cable....
<jerrcs> nah.. should be good.. I just had this server set up a month ago.
<jerrcs> the drive has been working fine during the time.. after I rebooted it's been odd
#ubuntu-server 2009-08-21
<clusty> i would say it's some hardware issue more like
<jerrcs> ugh
<clusty> _jmedina, i've been trying all sorts of howto's
<clusty> _jmedina, one query that does work:  ldapsearch -xLLL -b "dc=debian,dc=lan" uid=john sn givenName cn
<_jmedina> clusty: do you already have data on your directory?
<_jmedina> :)
<_jmedina> dc=debian=dc=lan?
<_jmedina> which one is your search base?
<_jmedina> vlazar@algorithmica:~/ldap$ ldapadd -x -W -D "cn=admin,dc=debuntu,dc=local" -f people_group.ldif
<clusty> _jmedina, that is what i want now
<clusty> the ldif's have all the data there
<_jmedina> :)
<clusty> _jmedina, the one i showed you now worked
<_jmedina> you cannot do that
<_jmedina> Configurar un servidor Controlador de Dominio con Samba y OpenLDAP en Ubuntu Server Hardy 8.04
<clusty> _jmedina, well followign this howto :D http://www.debuntu.org/ldap-server-and-linux-ldap-clients
<_jmedina> that is the topic for my howto
<_jmedina> in spanish
<_jmedina> http://tuxjm.net/docs/cursos/Samba+OpenLDAP+PAM+NSS-4Ubuntu/html/
<clusty> _jmedina, that will give me mala de teta, but i will figure it out :D
<_jmedina> clusty: if you defined dc=debian,dc=lan at configure time you cannot add entries with another search base
<_jmedina> clusty: could you paste your people.ldif file?
<clusty> _jmedina, at install i defined the domain: debian.lan
<clusty> _jmedina, and org: algorithmica
<clusty> _jmedina, from what i read that will create dc=debian,dc=lan
<clusty> ?
<_jmedina> yeap
<clusty> so what is cn ?
<clusty> stands for common nanme
<clusty> but what is IT :D
<_jmedina> culd you paste your ldfi file?
<clusty> http://pastebin.com/m3e125484
<clusty> looks fishy
<clusty> :(
<_jmedina> again
<_jmedina> dn: ou=Group, dc=debuntu, dc=local
<_jmedina> you need to change that to dc=debian,dc=lan"
<clusty> did that
<clusty> no effect
<_jmedina> and the same for the ldapadd command
<_jmedina> ldapadd -x -W -D "cn=admin,dc=debian,dc=lan" -f people_group.ldif
<clusty> vlazar@algorithmica:~/ldap$  ldapadd -x -W -D "cn=admin,dc=debuntu,dc=lan" -f people_group.ldif
<clusty> Enter LDAP Password:
<clusty> ldap_bind: Invalid credentials (49)
<_jmedina> of you can reconfigure slapd and define another search base
<_jmedina> :)
<_jmedina> please read my comments
<_jmedina> I told you to change the base search for cn=admin...
<clusty> i am very sorry, i understand if you get mad
<_jmedina> you dont have a cn=admin,dc=debuntu,dc=lan in your directory
<clusty> i am lost badly :D
<_jmedina> invalid credentials in your case means unknown user :)
<clusty>  ldapadd -x -W -D "cn=admin,dc=debuntu,dc=lan" -f people_group.ldif
<clusty> samed as yours
<clusty> also changed the file
<clusty> dn: ou=People, dc=debuntu, dc=lan
<clusty> what am i missing?
<_jmedina> I dont know
<_jmedina> I would start over...
<_jmedina> dpkg-reconfigure -plow slapd
<clusty> _jmedina, ok doing now
<_jmedina> and read my document
<_jmedina> I added so post instalations checklists...
<LiraNuna> when I auth against my mail server with anything but LOGIN and PLAIN, it fails even though postfix shows it supported them
<clusty> _jmedina, will do
<LiraNuna> I'm using saslauthd and pam.d/smtp to perform the auth
<_jmedina> LiraNuna: what about logs?
<LiraNuna> _jmedina, "authentication failure"
<_jmedina> thats all?
<LiraNuna> yep
<LiraNuna> it works great when I use PLAIN or LOGIN
<LiraNuna> _jmedina, Aug 20 16:06:54 train postfix/smtpd[13284]: warning: localhost[127.0.0.1]: SASL DIGEST-MD5 authentication failed: authentication failure
<LiraNuna> that's about it
<Psi-Jack> Alright. dhcpd3-server, is it capable of running a primary and secondary server?
<_jmedina> Psi-Jack yeap
<Psi-Jack> Sweet.. How? LOL
<_jmedina> is not that hard
<_jmedina> man dhcpd.conf
<_jmedina> that is the first place to ask...
<_jmedina> check the DHCP FAILOVER section
<Psi-Jack> Gotcha.
 * _jmedina looks at his TODOcument list and see dhcp slave at 50 %...
<Psi-Jack> Cool. now I just need to figure out how to use eBox's hooks to tie that in. ;)
<clusty> _jmedina, worked. i am blind had a typo
<_jmedina> :)
<clusty> _jmedina, new problem: http://pastebin.com/m5e6a5e91
<_jmedina> hard to catch typos at this hours
<clusty> can you tell what is wrong with the second part of the ldif?
<_jmedina> probably you have spaces at the end of your ldif file
<_jmedina> or a hidden character
<clusty> _jmedina, you're the man :D
<clusty> _jmedina, imported all the damn data
<_jmedina> clusty: ?
<_jmedina> how?
<clusty> _jmedina, tweaking the ldifs to match my conf
<_jmedina> :)
<clusty> and compu pasted around to fix the file issue
<clusty> start getting the hang of this slowly
<clusty> _jmedina, reading your guide about the client side of ldap
<clusty> _jmedina, the server address you set to 127.0.0.1, but this is localhost. don't i need to specify the IP of the server?
<giovani> heh
<LiraNuna> how can I provide smtp auth using mysql database without storing them in CLEAR TEXT?
<troytroy> hi folks
<LiraNuna> I tried using saslauthd but it only supports AUTH PLAIN and AUTH LOGIN
<LiraNuna> I tried auxprop sql and it requires clear password in the database
<KillMeNow> you can encrypt them in the mysql database
<LiraNuna> KillMeNow, they are already encrypted
<KillMeNow> then the initial transmission can be doing over TLS or SSL
<LiraNuna> using PLAIN and LOGIN ?
<troytroy> pls how do i configure bind9 to respond to queries from intranet clients
<KillMeNow> they are encrypted in my database
<LiraNuna> KillMeNow, same here - I got AUTH LOGIN and AUTH PLAIN working, but AUTH MD5-* doesn't work
<KillMeNow> you will need to create different "views" for your Bind9 install Troy
<troytroy> queries from the server to outsider using server works but clients on the intranet seem not to be able to query with the server
<KillMeNow> let me finish typing out this email and I'll check my setup again
<LiraNuna> troytroy, sounds like network configuration problem, do you set the bind9 server as a DNS server in your intranet router?
<troytroy> LiraNuna yes pls
<KillMeNow> forwarders Troy
<troytroy> actually yes
<KillMeNow> if you're using your Bind server as the resolver, if the bind server doesn't have the zone file, it will need to forward the query to an upstream dns resolver
<troytroy> yes i have opendns servers configured as the forwarders
<troytroy> actually queries from intranet client for other intranets clients dont return
<troytroy> but if i do the queries in the server everything seems fine
<_jmedina> clusty I mean openldap client utilities, not a linux client
<troytroy> so any clues what could be going wrong
<troytroy> http://ubuntu.pastebin.com/m22cbd670
<KillMeNow> so you're doing a query for other intranet clients ?
<troytroy> thats a firewall script kindly check if that is the course for block dns queries
<troytroy> KillMeNow yes pls
<KillMeNow> LiraNuna...  i'm running saslauthd and courier
<KillMeNow> are those other intranet clients in the zone file for your domain?
<LiraNuna> KillMeNow, I took your solution, I made TLS mandatory for login, and only supported logins are PLAIN and LOGIN
<_jmedina> KillMeNow: you can configure postfix sasl client wth courier authdaemon, bypassing cyrus sasl saslauthd
<LiraNuna> that way I'm forcing encryption and everyone's happy
<KillMeNow> i think i found the same issue you did, and finally just require TLS to secure the password transmission
<LiraNuna> KillMeNow, smtp auth is such a mess
<KillMeNow> i just looked at my configs and it's same as you...  PLAIN and LOGIN
<LiraNuna> yeah, I guess it's best of both worlds :/
<_jmedina> # cat /etc/postfix/sasl/smtpd.conf
<_jmedina> pwcheck_method: authdaemond
<_jmedina> log_level: 3
<_jmedina> mech_list: plain login
<_jmedina> authdaemond_path:/var/run/courier/authdaemon/socket
<_jmedina> that is from jaunty server
<LiraNuna> thanks for the clarification, KillMeNow
<LiraNuna> _jmedina, yeah, plain and login
<LiraNuna> over TLS
<_jmedina> this way postfix comunicates directly to authdaemon..
<_jmedina> yes
<_jmedina> what is wrong with that?
<LiraNuna> nothing
<_jmedina> if you need strong auth and encryption use kerberos
<LiraNuna> before that I didn't have TLS
<KillMeNow> there is supposed to be a MD5 crypt that *should* work but doesn't
<LiraNuna> so I couldn't use cram-md5 or crypt-md5
<troytroy> KillMeNow http://ubuntu.pastebin.com/m153b7093
<troytroy> that is my named.local.options file
<LiraNuna> thank you both, KillMeNow and _jmedina, finally got that thing sorted out :/
<LiraNuna> hehe, even google has that
<LiraNuna> AUTH LOGIN
<LiraNuna> 530 5.7.0 Must issue a STARTTLS command first. m6sm194510wag.21
<LiraNuna> ^ google
<uvirtbot> LiraNuna: Error: "google" is not a valid command.
<KillMeNow> i'm trying to remember my bind here...  0.0.0.0/0 gives recursion to anyone?
<_jmedina> XD
<troytroy> yep
<_jmedina> KillMeNow: yeap, openrelay
<_jmedina> I never use recursion, everything is controlled by allow query
<KillMeNow> yea, that's not necessarilly a good thing if it's public facing at all
<_jmedina> I use allow query globally, allowing only localhost and trusted subnets
<_jmedina> and then I allow-query any for each external zone
<KillMeNow> but anyways, Troy...  if your internal clients hit the dns server, and it doesn't have any of your intranet clients in the domain zone file, it will try to forward the query to opendns
<KillMeNow> so do you have either your intranet zone file clients appending dynamically or statically?
<troytroy> KillMeNow there is a domain zone file
<troytroy> KillMeNow the problem is queries on the server work perfectly
<KillMeNow> ok so follow my logic here...  lets say your domain is xyz.com
<KillMeNow> and it's internal
<KillMeNow> forget outside
<troytroy> but it seems not to work from outside the server
<KillMeNow> if you have client A, that tries to resolve client B, but client B doesn't have a host record in teh zone file that the bind server is authoritative for it's going to bomb
<troytroy> KillMeNow hmm there are zone files and reverse zone files
<troytroy> all working perfectly when queried in the server
<KillMeNow> ok, so which is it? you said "<troytroy> actually queries from intranet client for other intranets clients dont return"
<troytroy> e.g host clientA server  get a hit when run from the server
<KillMeNow> ok, so when you try to resolve from the bind server it resolves?
<troytroy> but lets say nslookup clientA server return unknown
<troytroy> its like the server is rejecting queries from the intranet clients
<troytroy> yes
<KillMeNow> and client A has the bind server as it's resolver?  /etc/resolv.conf
<troytroy> yes
<KillMeNow> have you checked using netstat -nap | grep 53 to verify that the service is up?
<KillMeNow> otherwise, do a iptables --flush
<KillMeNow> take IPtables out of the equation and see if it then resolves from client A
<KillMeNow> if it does after you flushed your iptables, then the problem is your iptables rules
<troytroy> its up and running
<KillMeNow> UDP or TCP or both?
<troytroy> http://ubuntu.pastebin.com/d36aedd3b
<troytroy> bot
<troytroy> both
<KillMeNow> ok
<KillMeNow> so dump your iptables and try from client A again
<troytroy> ok
<troytroy> same error bro
<KillMeNow> check your /var/log/messages
<troytroy> ok
<troytroy> nothn pertaing to the nameserver ther
<troytroy> kindly check my "iptables -S" for me
<KillMeNow> hold on, did you flush your iptables?
<troytroy> KillMeNow http://ubuntu.pastebin.com/d14541343
<KillMeNow> prior to running the query from client A?
<troytroy> yes
<troytroy> yes
<KillMeNow> then we can deduce that it's not your iptables yet
<KillMeNow> if you do a iptables -L
<KillMeNow> you should see nothing
<troytroy> yep
<troytroy> just run the script again to enable remote ssh logon
<KillMeNow> well, i'm not seeing a UDP port for 53
<KillMeNow> only tcp
<troytroy> ok let me add that
<KillMeNow> also i'm seeing anything coming in to eth1 to be sent to the DROP bucket
<KillMeNow> you know, i use IPKungfu for doing all my firewall scripts
<KillMeNow> makes life MUCH easier
<troytroy> ok i am trying to setup a wireless hotspot box
<KillMeNow> www.linuxkungfu.org
<KillMeNow> ok, then why not use DD-WRT?
<KillMeNow> or something similar?
<troytroy> so eth1 is hooked to switch with access points attached
<KillMeNow> ahh
<KillMeNow> ok
<troytroy> everything is setup fine just this nameresolution error
<KillMeNow> anyways, point is...  if you flushed your iptables and ran the query from client A, then you can deduce there is something borked in your config
<troytroy> ok
<KillMeNow> i'm off work now, so i'm gonna go home
<troytroy> checked /var/log/syslog no errors with respect to nameserver config
<troytroy> thanks very much
<troytroy> ur assistance is very much appreciated
<KillMeNow> well, it's working from local
<KillMeNow> so if you run a dig @localhost hostname
<KillMeNow> you should get some type of return
<KillMeNow> bind can be really tricky
<KillMeNow> have fun
<PhotoJim> any reason why update-grub wouldn't put new kernels in the list?
<PhotoJim> mine has the latest as 2.6.28-11 in /boot/grub/menu.lst but there are about 3 updated kernels since then.  manually running update-grub doesn't create the entries either.
<giovani> I still will neve3r get why people quit a few seconds/minutes after asking a question during off-hours
<clusty_> giovani, who quit?
<giovani> oh, that's my error -- I mistook Psi-Jack_ for PhotoJim
<giovani> my comment stilly applies in the general sense though :)
<giovani> PhotoJim: can you ls -lah /boot for us?
<troytroy> hi giovani
<PhotoJim> giovani: I actually figured it out.  I had to edit the # kopt=blahblah line to include my rootdelay=70 line (needs a delay due to RAID issues) and then re-invoke update-grub.  once I did that, the problem disappeared.
<PhotoJim> giovani: thanks for offering though :)
<troytroy> been battling with bind9 configuration for 12 hours now
<troytroy> it just refuses to respond to queries from clients in the intranet
<giovani> PhotoJim: how does that relate to update-grub not detecting your newer kernels?
<PhotoJim> giovani: good question.  I'm not entirely sure.  I think the first update-grub just updated the menu.lst configuration options but didn't include the new kernels.  the second invokation added the new kernels.
<giovani> hmm, that seems unlikely
<giovani> but alright
<PhotoJim> giovani: my first attempt had me have a kopt line without the preceding # (I thought it needed to be uncommented).
<PhotoJim> giovani: I don't really know for certain.  I just know that it worked this past time.
<qman__> the first try probably failed because it was completely uncommented
<qman__> update-grub takes one-#-in lines
<PhotoJim> that sounds right
<PhotoJim> and when I corrected it, that let it work properly
<uvirtbot> New bug: #416750 in samba (main) "package samba-common 2:3.2.3-1ubuntu3.5 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/416750
<faileas> odd question, but has anyone here set up pygopherd? i'm trying to get it to use a hostname i specify instead of the hostname of the system, and i can't seem to get it to.
<twb> You're running a GOPHER server?
<faileas> well, in theory. in practice, its not quite working ;p
<twb> Cool.
<faileas> i DID say it was an odd question didn't i? ;p
<ball> YAY FOR GOPHER!
 * faileas is running IRC (with qwebirc) and web right now. gopher looks like fun, but its rather hard to get help with it ;p
<faileas> gopher://lupinenet.co.cc
<faileas> the issue is i set the hostname to be lupinenet.co.cc in the config file. it seems to be picking up the computer's hostname instead
<faileas> hmm
<faileas> never mind. looks like my ISP blocked port 70 too
<faileas> so linking is of little use ;p
<twb> curl: (1) Protocol gopher not supported or disabled in libcurl
<twb> Sadness
<ball> hello mathiaz
<psi-jack> Okay. So, if you're primary focus on making an ubuntu 9.04 server was to make it a router, would you use ufw, firestarter, or something else?
<psi-jack> What I'm looking for, is preferably easy maintenance, possibly web interface for it, and presently, not eBox.
<faileas> psi-jack: take a look at untangle
<psi-jack> I just did.
<psi-jack> Fracking thing just crashed the system.
<faileas> hmm
<psi-jack> Uses Java crap, too.
<psi-jack> DNS was minimal. IPs to Names, that's it. That's not DNS, that's only 1 100th of DNS.
<faileas> thats cause routers don't handle dns, you need a DNS server seperate from the router
<faileas> (softwarewise, stuff like BIND or unbound)
<psi-jack> Well, if the router is handling everything, why /not/ have it also handle DNS? I mean, really.
<faileas> no no
<faileas> you use the same hardware, and add a DNS server
<psi-jack> Right.
<psi-jack> Untangle, didn't really offer such a capability.,
<psi-jack> They locked it down far too much.
<faileas> untangle is ubuntu with their own custom stuff ;p
<faileas> hmm
<psi-jack> No, actually, it's Debian.
<psi-jack> But, still.
<psi-jack> They locked it down so you couldn't really manage it, except through their own interfaces.
<psi-jack> SO anyway.
<psi-jack> I may just write my own interfaces.
<faileas> and if its any good share em ;p. its something potentially useful
<psi-jack> but, I want to know, for now, what would be the better option for firewall stuff to handle NAT and port forwarding.
<psi-jack> ufw, to me, seemed very.... Desktop-based, not really server-based at all..
<ycy> for your safety, please remain seated or firmly grip the handrail at all times
<faileas> ya
<faileas> i think most hardcore server uses would prolly use iptables straight up, and not worry about the front end
<twb> ufw is handy for setting up iptables-restore rules while still providing a stupid thing (ufw(8)) that you can hand to ill-educated customers who want to shoot themselves in the foot.
<twb> As opposed to a straightforward #!/usr/sbin/iptables-restore script in /etc/network/if-pre-up.d/
<psi-jack> Heh
<psi-jack> True that.
<psi-jack> I mean, yeah, it provides a means to use iptables restore stuff in segments.
<twb> iptables-persistent entered sid recently, which is just an init script that runs iptables-restore on /etc/iptables/foo
<twb> psi-jack: well, I HOPE it essentially cats them -- you can't meaningfully cat iptables-restore scripts.  And I *really*, *REALLY* hope ufw doesn't turn into like 1000 individual iptables -A rules
<roxy__> hi somebody know how i can recover the information when the superblock is broken?
<twb> roxy__: carefully?
<twb> roxy__: which filesystem?
<roxy__> xfs
<twb> Ahaha
<twb> I believe the recovery process for XFS is "bend over"
<psi-jack> Not exactly.
<psi-jack> XFS is a fine filesystem.
<roxy__> so, how i can recover?
<psi-jack> Lemme read back
<psi-jack> okay. superblock is broken? What told you that?
<roxy__> when i try to mount
<twb> XFS is fine up unless you have no write barrier support, or run an old (read: tested) kernel, or happen to lose power unexpectedly.
<roxy__> i try to use xfs_repair but can't find the superblock
<psi-jack> I see.. Are you sure it's XFS?
<psi-jack> twb: I've had no problems for years.
<twb> psi-jack: how fortunate for you
<twb> # file -sL /dev/puck/root --> Linux rev 1.0 ext3 filesystem data (needs journal recovery) (large files)
<roxy__> yes
<twb> roxy__: file -sL on the device should confirm that it's XFS
<roxy__> yes, i got /dev/internal/homes: SGI XFS filesystem data (blksz 4096, inosz 256, v2 dirs)
<psi-jack> roxy__: Okay, cool, run xfs_check on /dev/internal/homes
<roxy__> i did and i got can't seek in filesystem at bb 181578224
<roxy__> can't read block 0 for directory inode 119914522
<roxy__> no . entry for directory 119914522
<psi-jack> Okay. xfs_repair then
<roxy__> i did, but said can't not find superblock
<psi-jack> Okay, xfs_repair -d
<psi-jack> if that works, immediately reboot after it's done.
<roxy__> couldn't verify primary superblock - bad magic number !!!
<roxy__> attempting to find secondary superblock.
<psi-jack> Okay. Is it still goinf?
<roxy__> yes
<chrislabeard> If my server when i ssh into says there are 16 updates don't i just do apt-get update
<psi-jack> Okay, good start then.
<psi-jack> roxy__: Just remember, when it finishes, you'll /need/ to reboot immediately, else you will cause further damage.
<psi-jack> roxy__: Was this your / filesystem that got damaged?
<twb> chrislabeard: it only lists 16 updates because it has done an "apt-get update" itself
<roxy__> but still doesn find
<roxy__> no
<roxy__> the info, data
<chrislabeard> twb: ahhh
<chrislabeard> okay
<psi-jack> roxy__: Eh?
<twb> chrislabeard: see /etc/cron.daily/apt
<chrislabeard> twb: yeah well it says 19 packages can be updated
<chrislabeard> 38 updates are security updates
<roxy__> sorry i missunderstand your question...yes, i am checking the damage partition
<Psi-Jack__> Okay, is it still running the repair on it and not just dying immediately?
<jmarsden> chrislabeard: If you want to actually upgrade your machine to include those updated packages, do sudo apt-get upgrade
<chrislabeard> jmarsden: is it bad to upgrade all those packages
<roxy__> yes still is lookinf for the superblock but doesn't find
<roxy__> unable to verify superblock, continuing...
<jmarsden> chrislabeard: Define bad :)  Usually it is 100% fine to upgrade them, unless you set your machine to look in strange nonstandard places for updates.
<chrislabeard> k cool
 * ball worries about updates too
<Psi-Jack__> roxy__: Okay, tell me about how this came to be, and how you created this xfs drive.
<jmarsden> ball: In the last year, have you had an update from an official Ubuntu repository break anything important?  Or is your worry mostly unfounded?
<roxy__> i didn was ceated time ago for somebody else...one of the disk was corrupt and i take off but no was in raid with this one
<ball> jmarsden: I've had so many things break it's difficult to know what causes what.  If I had more experience with Ubuntu I'd be in a better position to judge.
<Psi-Jack__> roxy__: Lets try this again, in English please.
<Psi-Jack__> So, It /was/ in a raid, and now is not, and it was corrupted?
<ball> istr an update to Jaunty that went badly, but it worked better when I installed from a CD
<jmarsden> ball: Hmm, OK.  I only worry about updates from strange sources like PPAs or unofficial other repos... can't think of anything I have broken with a 'normal' update...
 * ball nods
<ball> I've found a few Ubuntu bugs, but I don't think any of them were in the Server variant
<jmarsden> I've probably *created* a one or two Ubuntu bugs (minor packaging bugs) and then fixed them :)
<Psi-Jack__> roxy__: I don't want to wait 5+ minutes for each answer to each of my questions I ask you, if that's how it's going to be, I'll be bored and non-responsive.
<roxy__> im so sorry ..
<roxy__> i just some user come here for a problem
<roxy__> still dont get superblock
<roxy__> i have a LVM with 3 disk on raid and 1 more individual,  the disk alone was corrupted
<Psi-Jack__> roxy__: Okay. So, what drive is this XFS filesystem on?
<ball> roxy__: that's what they call "Sod's Law"
<roxy__> all of them
<Psi-Jack__> roxy__: So, it's part of a raid array?
<roxy__> yes
 * ball is confused
<Psi-Jack__> What type?
<ball> "1 more individual" != RAID, surely?
<roxy__> raid 1
<ball> roxy__: you had a three disk RAID-1 array?
<roxy__> 2 disk in raid 1
<roxy__> sorry 3 disk
<Psi-Jack__> So a mirror raid? I see. And you mentioned LVM as well?
<roxy__> yes
<ball> Ah, two mirrored disks and a third on its own (as a standby?)
<roxy__> and one lv is corrupt
<roxy__> thhe format xfs was done for each lv
<Psi-Jack__> WHat type of LVM is on the partition?
<roxy__> lvm2
<Psi-Jack__> Linear or Striped?
<roxy__> i am not sure, how  can know that?
<Psi-Jack__> Well, First of all.
<Psi-Jack__> vgdisplay -v shows your volumes, correct?
<roxy__> that show me the VG and the LVs, but I just have one LV with problem and the rest are ok
<Psi-Jack__> Okay. Fine, but does it show the volume that's not okay?
<roxy__> everything is in the array od disk with raid 1
<roxy__> no
<Psi-Jack__> Okay then, there's your problem!
<roxy__> show me is ok
<Psi-Jack__> The LVM for it isn't okay, hence why the XFS has no superblock, cause lvm hasn't activated it.
<rags> I installed mediawiki on ubuntu using aptitude, but when I open http:/localhost/mediawiki I get a download...intially I thught php was't parsing, but I just tested with phpinfo()  and it worked
<rags> I've also added the alias mediawiki in /etc/mediawiki1.10/apache.conf
<roxy__> so? what i can do?
<rags> Wht can be the problem? wht are the possible problems?
<Psi-Jack__> roxy__: First of all, vgchange -a y  to activate the volumes, all of them.
<roxy__> i did
<Psi-Jack__> Now, does lvdisplay -v show your faulty volume?
<roxy__> still the problem
<Psi-Jack__> Not showing up?
<roxy__> no
<Psi-Jack__> Okay. What's the /dev/* for the drive with issues?
<roxy__> all are active but i can read one of the lv
<roxy__> dev/internat/homes where internal is the VG and homes the LV
<Psi-Jack__> No
<Psi-Jack__> The ACTUAL device for the hard disk itself, not the mapped name from LVM.
<Psi-Jack__> Like /dev/sda
<chrisLAbeard> This is probly a really stupid question ... if i am using everydns name servers as slaves do i need to add a slave record to bind
<Psi-Jack__> chrisLAbeard: No, That's for actual slave dns servers.
<chrisLAbeard> Psi-Jack__: alright ... in my masterzone longhornpc.com i have them listed there as NS
<chrisLAbeard> and told that record to allow transfers to the name servers Ip address
<Psi-Jack__> roxy__: Here.. Use this website. I apologize, but your responses are just too slow for me to not be falling asleep for. http://www.linuxjournal.com/article/8874
<Psi-Jack__> You need to recover the raid, then lvm, THEN you can get to the XFS properly.
<roxy__> that is teh lv
<roxy__> is /dev/md1
<roxy__> the raid is working is just this lv that have the problem
<Psi-Jack__> Yeah, and yet, I ASKED for the actual device node, not the md#, not the lv name, the DEVICE node.
<Psi-Jack__> So, next time you ask for help, and are asked specific questions, answer them. I'm done for now.
<Psi-Jack__> I need sleep.
<Psi-Jack__> Use the website I referred you to.
<roxy__> Yes i can see that...thanks
<twb> 8.04 appears to have apparmour turned on and in "enforce" mode by default.  Is that still the case in current releases?
<quizme> hi, i'm trying to set up mod_proxy for a web site.
<quizme> http://cardinaleducation.thirdreplicator.com/
<quizme> on port 11000
<quizme> http://pastie.org/590782
<quizme> that's my apache conf file
<cef> twb: think so.. it only enforces for apps that have profiles afaik
<twb> #Apparmor on OFTC is helping me
<twb> see https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/AppArmorProfiles
<LiraNuna> where does postfix run chrooted?
<LiraNuna> /var/run/postfix doesn't seem to be it
<jmarsden> LiraNuna: /var/spool/postfix I think... but it doesn't chroot by default, at least as far as I can tell.  Read the /etc/init.d/postfix init script for the details.
<LiraNuna> jmarsden, thanks that's exactly it
<LiraNuna> and it does chroot for me ...
<LiraNuna> and I don't remember configuring it not to
<jmarsden> OK.  i read the sxcript and it seems to check for the chroot field in /etc/postfix/master.cf, and that is not set to y in my (very default) config here.
<LiraNuna> thanks for the path, that's exactly it
<jmarsden> OK... and I misread the script, - means yes in that colum of the config file, so it does chroot by default :)
<LiraNuna> yeah, I had a few annoyances to understand it does chroot by default
<LiraNuna> like can't use mysql socket, must use tcp
<jmarsden> OK... well, you could probably put a socket under /var/spool/postfix somewhere and make it work if you really need to :)
<jmarsden> I think mysql can listen on multiple sockets at the same time... not sure though.
<sbeattie> twb: you're welcome, glad I could help (over in #apparmor)
<twb> sbeattie: heh
<ivoks> ttx: i've uploaded corosync with requested changes and explained why we can't just sync from debian :)
<ttx> ivoks: will have a look... but not before Monday. Ping mathiaz or zul about it if you need it faster.
<ivoks> ok
<ivoks> will do, since we need it asap
<ivoks> we need to build other tools on top of corosync
<ttx> yes, that's why I warned you :)
<johe|work> good morning
<acalvo> once CSR is only valid for the computer that generates it? or it is valid for more than one computer?
<eolo999> hi, i'm trying to setup unattended dist-upgrades with cron-apt. I'm only worried about what happens to packages configuration files. Example: i have my personal configuration of postfix and don't want an update modify it. I can be sure configuration files are not touched?
<_ruben> well .. dont do unattended upgrades then
<imchrislabeard> what are the advantages of having a mail server?
<_ruben> being able to send and receive mail perhaps?
<eolo999> _ruben: just looking for an apt-get option which by default leaves configuration files untouched without prompting
<imchrislabeard> as opposed to like using gmail apps
<_ruben> imchrislabeard: having full control over it
<imchrislabeard> i can set up email for a subdomain can't i
<_ruben> imchrislabeard: i can, not sure if you can ;)
<imchrislabeard> haha
<imchrislabeard> _ruben: i would have to create a mail.sub.example.com
<imchrislabeard> mx record
<imchrislabeard> in my example.com hosts file
<eolo999> more precisely i would like to hav apt-get "hold" configurations...
<eolo999> *have
<_ruben> imchrislabeard: you'd create a mx record for sub.example.com pointing to whatever mailserver you want to use for it, eg: mail.sub.example.com
<_ruben> and configure said mailserver to accept mail for sub.example.com
<imchrislabeard> what is the best mailserver
<imchrislabeard> in your opinion
<Boohbah> postfix
<Boohbah> + courier-imap
<_ruben> postfix (+ dovecot for pop3/imap/sasl)
<ivoks> dovecot-postfix :)
<eolo999> i found a 'dpkg' option which is called 'confold'. so is there a way to pass arguments to dpkg itself?
<johe|work> so good morning,
<\sh> maswan: moins...do you have btw iscsi storage running unter ubuntu/debian somehow?
<maswan> \sh: nope, no iscsi
<maswan> \sh: we prefer internal storage to external. :)
<Jeeves_> \sh: We have
<\sh> Jeeves_: cool...how do you mount your iscsi devices automatically, I hope you have bond and vlan setups which comes up very late during boot up sequence
<Jeeves_> \sh: We don't
<Jeeves_> that doesn't work too well
<\sh> Jeeves_: well..that's one of my problems...somehow /etc/init.d/open-iscsi is called for every ifup but it doesn't work...I have to setup the iscsi device as _netdev in fstab with 0 0 , and then call mount -a -O _netdev in /etc/rc.local that's the only way I got that setup running
<_ruben> wonder why hooking into ifup wouldnt work
<\sh> _ruben: I need to investigate, but looks like that open-isci starttargets should be called, I wonder why it doesn't work
<\sh> in /etc/rc.S/S25open-iscsi that's where the open-iscsi stuff is started and tries for the first time to login into the iscsi portal (in my case a msa2012i)
<imchrislabeard> what is a zombie process ?
<qman__> one with an affinity for brains ;)
<qman__> http://en.wikipedia.org/wiki/Zombie_process
<cemc> is there a way to monitor hardware of an ibm eserver from linux? like temperature, fan speed ?
<cemc> from ubuntu*
<ewook> smnp?
<maswan> ipmi?
<giovani> cemc: sure ... if the sensors are available locally on the machine -- you can do anything you want with them
<jdstrand> Psi-Jack__: the ufw cli command is focused on host-based firewalls. it will work fine on a server. the ufw framework supports anything iptables can
<jdstrand> Psi-Jack__: and it works just fine on servers
<Psi-Jack__> Yeah..
<jdstrand> oh, I said that :)
<Psi-Jack__> but still, it's not as convenient as straight up iptables commands, iptable-save, iptables-restore.
<jdstrand> Psi-Jack__: I would have to completly disagree
<jdstrand> Psi-Jack__: ufw allow OpenSSH ; ufw enable
<jdstrand> Psi-Jack__: with two commands you have a completely configured firewall
<Psi-Jack__> Okay, show me a ufw command to port forward.
<Psi-Jack__> Show me a ufw command to trigger a block if too many connections come into a single port a second.
<jdstrand> Psi-Jack__: ah, but that is not what you said! 'host-based' implicitly means 'non-routing'
<Psi-Jack__> Show me a ufw command to enable NAT. :)
<Psi-Jack__> Precisely!
<jdstrand> Psi-Jack__: ufw does have a limit command
<jdstrand> but the timeout is currently not configurable
<Psi-Jack__> So, you see..
<Psi-Jack__> For over simplicity for HOST-based, it's less useful than simply defining your rules in iptables directly and saving and restoring, like Gentoo, for example, uses.
<jdstrand> Psi-Jack__: I said that initially. your statement was a blanket statement, mine was a precise statement
<_ruben> the use of ufw doesnt require knowledge of iptables
<jdstrand> Psi-Jack__: if you are comfortable setting up your own iptables firewall, ufw won't get in your way and you can write your script
<jdstrand> Psi-Jack__: if you want to quickly setup a host-based firewall, ufw is hard to beat
<jdstrand> Psi-Jack__: if you want to combine host-based rules and NAT, forwarding, etc-- ufw can help
<ivoks> first my laptop died, and now there's no electricity in my area... i just can't work anymore :/
<Psi-Jack__> I dunno.. I'm thinking about ripping gentoo's iptables script and modifying it to work with ubuntu personally. heh
<ivoks> zul: are you here?
<zul> ivoks: yeap
<ivoks> zul: could you plese look at the only open bug for corosync
<ivoks> ?
<zul> bug numbe?
<ivoks> my cell phone battery is low...
<jdstrand> Psi-Jack__: not everyone knows iptables like the back of their hand. not to mention a complicated iptables script is hard to audit. ufw helps make sure you get things right, is easy to read and allows you to do all the complicated stuff. I'm in no way telling you what to use, of course.
<ivoks> don't know (i'm ircing over nokia)
<ivoks> it's the only one
<jdstrand> there was a time when iptables had an restore init script, but it was ripped out cause it caused too many problems. maybe gentoo's is better (I don't know)
<ivoks> sync request from ppa
<jdstrand> s/an/a/
<zul> ivoks: k just need to up load it right?
<ivoks> rightt, from ubuntu-ha-maintainers ppa
<zul> gotcha
<ivoks> ok, will be back as soon as possible
<zul> ivoks: corosync (1.0.0-4ubuntu2) karmic; urgency=low
<zul>  <-- this one right?
<ivoks> yes
<zul> k
<zul> gimme a sec and ill do it
<ivoks> i don't have it; battery very low
<ivoks> :)
<zul> sheesh doing it now :)
<ivoks> there's no bug report, but we'll need openais sync too
<ivoks> zul: thank you!
<zul> ivoks: its...um...
<Psi-Jack_> jdstrand, It is. It actually works.
<Psi-Jack_> jdstrand, See, all it really does, is use the standard iptables commands to save and restore. Done right, it's really simple.
<Psi-Jack_> Done wrong, obviously, will result in bad anomolies.
<kpettit> Good morning.  Can anybody recommend a good script/app for doing some basic QOS?  Basically  I'm trying to make SIP traffic a priority
<giovani> kpettit: yeah, QoS in linux isn't a simple "script"/"app"
<kpettit> I understand, I've done it before.  But it's been a few years so I'm trying to see what's out there.
<uvirtbot> New bug: #416958 in openssh (main) "GSSAPI Cascading Credentials support" [Undecided,New] https://launchpad.net/bugs/416958
<ivoks> RoAkSoAx: you were saying?
<RoAkSoAx> ivoks, could you please endorse my MOTU Application: http://wiki.ubuntu.com/4nDr3s/MOTUApplication ?Thanks :)
<ivoks> sure
<RoAkSoAx> ivoks, thanks :)
<ivoks> nice...
<ivoks> nokia is diching s90
<ivoks> s60, lol
<jmedina> hi ivoks
<ivoks> hi
<ivoks> zul: it's me again :)
<zul> ivoks: with more battery power?
<ivoks> whole power plant :)
<ivoks> zul: bug 416970
<uvirtbot> Launchpad bug 416970 in openais "Please sync openais 1.0.0-3 (main) from Debian experimental" [Undecided,New] https://launchpad.net/bugs/416970
<ivoks> if it's not so hard...
<ivoks> :)
<zul> ivoks: if the ubuntu changes can be dropped just subscribe ubuntu-archive and they can sync it from debian
<ivoks> ok
<zul> next? :)
<ivoks> that's all :)
<ivoks> next time - beers on me :)
<ball> bears on me... GET THEM OFF!
<ball> :-o
<johe_> :-)
<Psi-Jack_> Curious. Anyone here use firestarter?
<jmedina> firestarter requieres a GUI, ubuntu doesnt support GUIs
<jmedina> I consider firestarter a personal desktop firewall
<Psi-Jack_> Heh
<Psi-Jack_> They consider it useful for desktops and servers.
<Psi-Jack_> And it doesn't /require/ a GUI, it just has one, if I see this right.
 * jmedina used firestarter 6 years ago, then used my own script, and now shorewall installed on about 30 servers
<Psi-Jack_> They have a client/server interface for it, which would make anything able to work with it/
<jmedina> well firestarter wont fit my requierements
<pmatulis> "ubuntu doesn't support GUIs" -- huh?
<jmedina> ubuntu server
<Psi-Jack_> So you use shorewall, eh?
<jmedina> yeap
<jmedina> been working with shorewall team for a few years
<Psi-Jack_> Ahhh
<Psi-Jack_> Cool. So, is there's a quickstart guide to shorewall?
<Psi-Jack_> Everytime I look into it, it looks even more painful to use than just straight iptables.
<jmedina> psi sure
<jmedina> there are quickstart guides for single interface, two interfaces, three interfaces, multiisp
<Psi-Jack_> And this is usually on my router, where if it's not routing, I'm using links for browsing which makes it worse
<Psi-Jack_> I need multi-interface with ip-masquerading, at theminimum.
<jmedina> I dont know any other firewall configuration with that extensive documentation
<abta> perhaps you also could take a look on "firehol"
<abta> but shorewall is also very good ;)
<jmedina> Psi-Jack just take a look at shorewall.net and the documentation section
<Psi-Jack_> Will so.
<Psi-Jack_> do
<jmedina> they document almost everything, with a active developent, I think last year shorewall was promoted to the best supported open source proyecto or something
<Psi-Jack_> Just trying to figure out whichversion comes with ubuntu 9.04 package repos
<jmedina> it is easy to install by hand
<jmedina> or you can use shorewall packages, shorewall debian maintainer is part of the shorewall core team
<Psi-Jack_> heh
<Psi-Jack_> I'm not seeing a simple quickstart guide.
<Psi-Jack_> Well okaaay now, Ubuntu only comes with shorewall 4.0
<jmedina> Psi-Jack in the front page "Getting started with shorewall" then New to Shorewall? Download the current Stable version (see above) then select the QuickStart Guide that most closely matches your environment and follow the step by step instructions.
<jmedina> :)
<jmedina> you need to read quickstart guides
<Psi-Jack_> Ahh there is it
<Psi-Jack_> it is
<jmedina> I have my own quickstart guide in spanish, which I use for every firewall implementation
<Psi-Jack_> hehe
<jmedina> Psi-Jack, read the quickstart guides
<jmedina> if you have problems please read the shorewall support guide
<jmedina> http://shorewall.net/support.htm
<Psi-Jack_> Well, that's cool. I could easily do the 3-NIC method, except that I only have 3 gigabit switch. ;)
<Psi-Jack_> err, a , not 3
<jmedina> I have a firewall with 6 interfaces
<jmedina> 3 WAN links, a DMZ and two separate lans
<jmedina> it is really flexible
<Psi-Jack_> heh
<jmedina> and for more help you can search mail archives or contact shoewall developers and volunteers at #shorewall
<Psi-Jack_> Yeah, I'm a hands on kinda man myself.
<Psi-Jack_> I can't stand mailing lists.
 * jmedina loves lurkin  on lmailin lists..
<jmedina> I learn more from mailing lists than other sources..
<jmedina> reall problems
<Psi-Jack_> GUess I'll just have to get me another gigabit switch. ;)
<Psi-Jack_> So I can properly DMZ off my servers from my workstations, media stations, and house control servers.
<giovani> Psi-Jack_: or just one with vlans ...
<Psi-Jack_> Hmmm
<Psi-Jack_> I suppose I could, but I prefer a physical DMZ zone, and have the router hand out the proper routing methods internally as well as externally.
<Psi-Jack_> much more secure that way.
<jmedina> and more physical space, more cables, more energy waste, more adminstration...
<Psi-Jack_> heh
<giovani> I don't know why VLANs changes routing ... but ok
 * ball wonder if Psi-Jack_ is using DMZ to mean what it usually means.
<giovani> granted, virtual security shouldn't be used in areas where security is a big concern -- it's unlikely your home DMZ is one of those
 * ball doesn't use a DMZ
<ball> ...not entirely sure I believe in them.
<giovani> I'm not entirely sure what "believing" in them entails
<giovani> I'm not sure how separation of duties would ever be a bad thing security-wise
<giovani> internet-facing systems shouldn't have the same trust level as non-internet facing systems
<Psi-Jack__> ball: Yes, a seperated physical network for servers away from the personal workstations.
<giovani> there's nothing "physical" about a DMZ
<ball> Psi-Jack__: that's not a DMZ
<ball> At least, not a definition of a DMZ that I've ever seen
<giovani> ball: it's his real-world application of a DMZ
<giovani> his servers will sit in a separate, firewalled/routed network
<giovani> that's precisely what a DMZ amounts to
<ball> That makes sense, but I've not seen "DMZ" used in that context.  Fair enough though.
<giovani> you haven't?
<giovani> what context have you heard of DMZs in then?
<Psi-Jack__> Yep.
<ball> Servers that sit basically outside the Firewall, or at least behind just the first firewall with ports forwarded to them.
<giovani> ball: that's precisely the same concept
<Psi-Jack__> Seperate route, seperate physical hardware between them, a switch for the DMZ area, a switch for the rest of the network, both connected to one firewall (or more)
<giovani> with more details provided
<giovani> Psi-Jack_: no, there's nothing inherently physical about a DMZ
<ball> Hmm... okay.
<Psi-Jack__> giovani: Is a switch seperately connecting the DMZ server network not physical? :p
<giovani> Psi-Jack__: that's not related to the definition of a DMZ
<giovani> if you'd like to make it physical ... go ahead
<giovani> but that's not required to achieve the concept of a DMZ
<ball> Psi-Jack__: depends on the switch, presumably.
<giovani> I've said this multiple times now
<Psi-Jack__> ball: Okay, I'd like to see a switch made out of thin air. ;)
<Psi-Jack__> Zero mass. ;)
<giovani> ...
<Psi-Jack__> heh
<ball> Psi-Jack__: I was thinking more in terms of virtualisation, but a managed switch might be divisable into separate ethernets.
 * Psi-Jack__ nods.
<giovani> might be?
<giovani> that's what vlans are
<giovani> any modern, non-dumb switch does vlans
<giovani> and yes, virtualized switches clearly accomplish this as well
 * ball is tempted to buy a modern dumb switch
<giovani> why?
<ball> To replace a non-modern 100baseT hub.
<ball> It has worked well for us, but we've run out of ports on it.
<giovani> haha, hubs
<ball> I suppose I could get one of these newfangled managed switches
<ball> ...but I'm wary of complexity
<ball> Trying to keep things simple there.
<giovani> it's only as complex as you make it
<giovani> I've never seen a managed switch not work out of the box as a simple switch
 * ball nods
<ball> I suppose VLANs might be handy for things like VoIP, which I'd like to roll out eventually
<ball> I'll need a PoE switch for that anyway
<Psi-Jack__> Oh that reminds me!
<ball> ...so it may as well be physical
<Psi-Jack__> I was going to look into that Zoom Skype device, to see if it was Linux capable. ;)
<ball> Psi-Jack__: I don't know what that is.  I was thinking more of Asterisk or FreeSwitch
<ball> ...and SIP phones on people's desks
<Psi-Jack__> Heh. I have no need for that at home. ;)
<giovani> ball: uh, VLANs are essential for any large office that wants to separate networks ... you're just not going to be able to use separate physical switches without a ton of waste, and not very much flexibility
<giovani> you should be vlaning all different types of machines
<giovani> printers, desktops, servers, phones, etc
<ball> giovani: It's a small LAN.
<jmedina> and games.
<jmedina> :)
<giovani> ball: even in a small office -- it'd be the right thing to do, although not nearly as necessary
 * ball nods
<jmedina> and porn servers
<ball> Perhaps I'll find a switch that offers a few PoE ports
<ball> ...and a few that aren't.
<giovani> yep, plenty of those exist
<ball> I have a hell of a job finding a switch with the features I want anyway.
<giovani> what features are those?
 * ball thinks for a moment
<ball> 24 (or perhaps 32) port 100baseTX with at least one 1000baseT port.
<giovani> uh
<ball> Preferably two
<giovani> I can name like 10 switches that meet that requirement
<giovani> that's ... very common
<ball> giovani: Ah good.  Do any of them have 8 PoE ports?
<jmedina> just ask your hardware store...
<giovani> yep
<giovani> ball: what's your budget?
<jmedina> I use linkyss for PoE, they are afforable
<ball> giovani: I'm not sure.
<ball> jmedina: Our other network gear is Linksys, so that might work for us.
<giovani> linksys makes crap switches
<giovani> but, they are indeed cheap
<giovani> I have one
<ball> giovani: do HP make non-crap ones?
<jmedina> giovani: yeap
 * jmedina is fighting with a linksys print server right now :S
<giovani> http://www.netgear.com/Products/Switches/SmartSwitches/FS726TP.aspx
<giovani> so there's a 24 port 10/100 switch with 2 gigabit, and 12 of the 24 are PoE
<ball> I don't think I can buy a managed switch from Netgear.  I had some bad experiences with their routers.
<ball> *bad* experiences.
<giovani> well unless your budget is $1000+
<giovani> you only have a few companies to choose from
<giovani> netgear being the best of the bunch
<ball> giovani: if $1,000 is what it costs for what we need, that's fair enough.
<giovani> awesome
<giovani> go cisco then
<giovani> clearly netgear's switch at $250 street price is not going to compete with a $1500 cisco switch
<ball> Only reason I mentioned HP was that we seem to be coalescing around HP gear, especially since we bought the HP server.
<giovani> yeah, procurve switches are another option
<giovani> they're a bit less than cisco
<giovani> but not significantly so
<ball> ...and if I can give them one company to contract support from when I leave, that's a good thing
<giovani> and you'll find far more people ready to work on, with experience on cisco
<giovani> yeah, I'd not get focused on finding a single company to buy everything from
<giovani> that usually leads to buying the wrong products
<imchrislabeard> is there a security hole in php5 ?
<giovani> one?
<giovani> thousands
<jmedina> :)
<ball> Now I have to consider L2 managed Vs. unmanaged.
<genii> I can't find any good info on some linux-friendly wifi card based on ExpressCard 54mm type slot. Any suggestions?
<jmedina> genii: if you fine one plase tell me
<giovani> genii: I'd just google
<jmedina> In fact I have never seen a express card here in mexico
<jmedina> I just bought a new laptop and still includes pcmcia
<genii> jmedina: My new laptop came with expresscard only :( . There seems so little info available on them as well (linux based)
<giovani> there are very few expresscards on the market anyhow
<giovani> so this isn't really a linux thing
<jmedina> genii: we sell hardware and none supliers know about expresscard :)
<giovani> given the lack of a real market
<giovani> I'd choose USB over ExpressCard
<uvirtbot> New bug: #417030 in samba (main) "instalacion interrumpida" [Undecided,New] https://launchpad.net/bugs/417030
<Psi-Jack_> Okay, so there's a deb package for shorewall 4.4 available for Ubuntu, yes?
<Psi-Jack_> Ah yes, cool I see it.
<uvirtbot> New bug: #417045 in lsb (main) "lsb_release crashed with ImportError in <module>() (dup-of: 383697)" [Undecided,New] https://launchpad.net/bugs/417045
<Psi-Jack_> jmedina, The ubuntu package, shorewall, won't automatically try starting it upon install, will it?
<Psi-Jack_> The ones from the shorewall repository managed by Benjamin?
<giovani> Psi-Jack_: probably, why?
<Psi-Jack_> Cause I wouldn't want it to right off the bat. I'm installing this remotely.
<giovani> why would it installing be a problem?
<giovani> does it have default rules? that would be stupid
<Psi-Jack_> I dunno. Good questions. ;)
<Psi-Jack_> Better safe than sorry though, right?
<giovani> don't use a crappy "firewall manager" then
 * Psi-Jack_ grumbles.
<giovani> well you should always have an out-of-band management system
<Psi-Jack_> One thing I hate most, is people telling you what and what not to use when it's nothing to do with them. :p
<Psi-Jack_> Not to mention, rude as heck.
<giovani> hate it all you want
<Psi-Jack_> Was about as bad as telling someone to throw their "junk" away, because it's totally unrealated to the question asked.
<giovani> except that this is volunteer help
<giovani> so it doesn't come with a shut-your-mouth the-customer-is-always-right attitude
<Psi-Jack_> So fracking what? Common decency, common curtesy, common fracking sense.
<giovani> if you want that, I'm sure canonical is willing to provide it
<Psi-Jack_> I can help someone fix something, or help decide on something, and give all points of views rleated to it, without barking down them and saying do it this way only.
<giovani> all I said was that if you're concerned about this problem, you shouldn't use it
<giovani> I didn't say you can "only do it this way"
<Psi-Jack_> No, you said, don't use a crappy firewall manager then. I asked one simple question. Does it start at install, cause a lot of packages for servers do try initially to startup right during installation of it.
<Psi-Jack_> For firewalls, that's a very bad idea, but better safe, than sorry.
<giovani> safe would be not using it, is what I'm saying
<giovani> or safe would be having an out-of-band management tool
<Psi-Jack_> Safe, would be knowingwhere you leap from and where you'll land.
<Psi-Jack_> Not not doing it in the first place.
<giovani> 'knowing' with certainty isn't always possible
<Psi-Jack_> Sure it is.
<Psi-Jack_> It's /always/ possible.
<luckyone> giovani: I ordered this, http://is.gd/2sada
<PhotoJim> shorewall doesn't start automatically.  you have to configure it first.
<jmedina> Psi-Jack, no it is on the howto
<luckyone> giovani: will be replacing my Atom based NAS box
<Psi-Jack_> jmedina, Cool. So it just installs, but doesn't enable itself out of the install? Good.
<PhotoJim> so make sure port 22 is open, so you can ssh in, before you enable it.  and when you enable it, test it by starting a new ssh connection first.
<giovani> luckyone: with?
<luckyone> the link
<giovani> ah, didn't see link
<luckyone> ;)
<jmedina> Psi-Jack in the quickstart guide there is a WARNING: Note to Debian and Ubuntu Users
<giovani> luckyone: definitely not $200
<luckyone> yeah, 2x that much
<Psi-Jack_> jmedina, Oh! Yep. Sure is!
<luckyone> giovani: pretty sweet device though
<luckyone> giovani: has access to ipkg repos
<luckyone> giovani: very low power arch
<luckyone> giovani: and I will repurpose my Atom box for a bedroom media center
<jmedina> if you want to secure your system when shorewall is stopped and you still want to allow remote access check routestopped file
<Psi-Jack_> Heh. Well, that's just great. Cause I'm looking into shorewall for setting up a routing and load balancing server for work as well, but all our servers are housed accross the country.
<jmedina> Psi-Jack, when you are doing remote changes and if you are not sure about new rules (probably they can reject remote access) always use
<Psi-Jack_> But, likely, those servers will be gentoo, and nothing starts default on gentoo.
<jmedina> shorwall safe-restart
<Psi-Jack_> Right.
<jmedina> if you dont accept new changes, shorewall will go back to the previos configuration after 60 seconds
<jmedina> just likce cisco
<Psi-Jack_> jmedina, It's the initial install that bothers me, that tells me that it installs, runs and locks down the system right away.
<jmedina> Psi-Jack o_O
<jmedina> shorewall is not configured by default
<jmedina> you need to creat your ruleset from scratch
<Psi-Jack_> jmedina, Heh.
<PhotoJim> Psi-Jack_: if you have console access, that's a backup too, in case you muck stuff up.
<jmedina> you need to edit, zones, interfaces, policy, rules and probably shorewall.conf
<Psi-Jack_> PhotoJim, We haven't got a KVM-IP switch yet. ;)
<jmedina> you cant start shorewall without those files
<PhotoJim> Psi-Jack_: get one. :) but it's not hard to get a basic shorewall configuration set up.
<Psi-Jack_> jmarsden, Okay, So JUST installation with apt-get, won't initiate anything or try torun it? Thats all I was asking.
<PhotoJim> Psi-Jack_: you have to specifically enable it.  there is no harm to installing it.
<PhotoJim> Psi-Jack_: there's a specific config setting that needs changing to permit to actually start.
<Psi-Jack_> PhotoJim, That's.. Unfortunately.. Not up to me, but I'm sure I can convince mybosses we need it.
<Psi-Jack_> PhotoJim, Perfect. That's what I wanted to make sure of. ;)
<PhotoJim> Psi-Jack_: tell them it's really useful in case of failure.  really quite essential unless you have techs with physical access.
<PhotoJim> Psi-Jack_: NP.
<Psi-Jack_> As is, I'm just using a very very basic ufw ruleset to enable NAT and ssh ports.
<PhotoJim> gotta run an errand, bbl. feel free to PM if you have Qs.
<Psi-Jack_> PhotoJim, That's it. We don't have physical access at all. It's housed in a tier-4 shop
<Psi-Jack_> jmedina, Curious on another point for shorewall..
<jmedina> Psi-Jack, if you want ask in #shorewall
<Psi-Jack_> Good idea..
<jmedina> I cant help, but this is not shorewalls channel
 * Psi-Jack_ nods.
<jdstrand> Psi-Jack_: I'll advise you to do 'ufw disable' before enabling shorewall (but I'm sure you know that, since you already enabled it :)
<Psi-Jack_> Right. ;)
<Psi-Jack_> jmedina, Okay, one thing you can help me with, I checked out the apt-sources deb lines,, but it still seems to only have 4.0, I'd have figured they'd be 4.4 at least, no?
<jmedina> Psi-Jack, sorry I always use tar files
<jmedina> I dont use debs
<jmedina> you can use elcubano repos
<Psi-Jack_> elcubano? heh
<jmedina> he is the shorewall maintainer, a little busy these days
<jmedina> jo jojo, wrong channel
<jmedina> :)
<jmedina> Psi-Jack, omache is shorewall developer
<jmedina> he works as software architech  at hp
<jmedina> if you have more questions, use mailing lists, so he can help offline...
<fly9> anyone hosting guests in ubuntu server with virtualbox?
<fly9> i need help with bridged networking
<fly9> and vbox 3.04
<PhotoJim> Psi-Jack_: yes, definitely arrange to get console access.  in your situation it's really quite crucial.
<loa> Yo! Have my ubuntu-server 8.4 that I upgraded to 8.10 and then to 9.04 yesterday. After the upgrades I can't get my virt systems to run again.
<loa> Virsh complains that "error: failed to connect to the hypervisor"
<loa> I have no idea what it can be, do anyone happen to perhaps know what might be wrong?
<Psi-Jack_> PhotoJim, Heh yeah.. I also need to get MegaCLI working, cause we haven't had anything at all to watch over the fricken RAID stuff, all this time.
<jmedina> loa: there is not xen support for jaunty
<jmedina> you are on your own
<loa> Im using kvm
<jmedina> ohh
<jmedina> then I dont know....
<loa> it's wierd.. yes...
<loa> I don't really know how this stuff works..
<giovani> major version upgrades are rarely a good idea :)
<loa> but what I understand is that libvirt is using qemu to sort out kvm machines right?
<loa> anyhow the virt-machines that are set to auto-boot is on and working..
<loa> but I can't manage it with either virsh or virt-manager
<loa> giovani: well didn't really feel for reinstalling it either
<loa> giovani: but I agree
<giovani> loa: yep, but, this kind of breakage is pretty typical
<loa> best solution would be to reinstall it aye?
<loa> I'm using software raids.. I figure the installer don't find them automagically?
<jmedina> backup, use test machine, test and prey
<loa> jmedina: to late now isnt it :P
<giovani> loa: you don't have backups?
<loa> not on the system itself no
<giovani> you just don't migrate production systems without extensive testing where I'm from
<giovani> loa: what do you mean "on the system"?
<loa> who said I'm working on Microsoft?
<giovani> Microsoft? what?
<giovani> you're not being clear
<loa> it's not like its dangerous that my system is down
<loa> just a hassel
<loa> and no I don't have backups on the system as Im only using it as a kvm host
<loa> so reinstalling just takes time..
<loa> I just thought someone here might been into the same problem as I have and might have suggestions on stuff to check up
<loa> when I start virsh it sais "Connecting to uri: qemu:///session
<loa> halDeviceMonitorStartup: dbus_bus_get failed org.freedesktop.DBus.Error.FileNotFound: Failed to connect to socket /var/run/dbus/system_bus_socket: No such file or directory"
<ehird_> I have an Ubuntu 6.06 installation - don't ask; no, I can't upgrade :-) - and there is no "twm", "icewm" or "squeak-vm" packages. It seems the repositories have been massively stripped down. Is there an archive of the full repositories?
<_ruben> you're in luck .. ubuntu server doesnt have any window managers due to lack of X ;)
<_ruben> and only 'main' is LTS, perhaps universe and multiverse get stripped, though doubt that
<ehird_> _ruben: umm, ...,
<ehird_> there is the x server
<ehird_> i know this because i installed i
<ehird_> t
<_ruben> yeah .. but its not really supported (by the server team) .. as it pretty much turns your server into a desktop
<ehird_> well, I installed Ubuntu Server because I didn't want the default environment
<Psi-Jack_> Hmm, here's an issue I am having.
<giovani> ehird_: you're mistaken -- the repositories are identical between server and desktop versions -- they're the exact same location
<ehird_> i don't think i disputed that, i think _ruben did though saying it didn't have x
<Psi-Jack_> I have an external USB 2.0 Seagate 500GB SSD drive, and it's got XFS on it, but often times, when I try to access it, it's inaccessable. This is after having not used it in a while, I ls /mnt where I have fstab keeping it mounted at boot time, and it shows up in red. Fixing it, I have to umount it then mount it again and it's fine, and the directory for it in /mnt is blue like a directory again.
<giovani> ehird_: you said it seems the repositories have been stripped down -- this isn't the case
<ehird_> giovani: I find it odd then that numerous packages are missing
<giovani> ehird_: they're not missing
<ehird_> or were twm, icewm and squeak really not in 6.06?
<ehird_> hmm, oh
<ehird_> universe is commented out by default
<ehird_> how embarrassing :) sorry
<giovani> it always has been
<ehird_> thanks
<giovani> twm has always been in universe
<giovani> you'll probably want to switch to the non -server kernel
<ehird_> hmm, why?
<giovani> and then you won't be getting support from here (as you'll be running a desktop)
<giovani> because you probably don't want any of the compiled options the server kernel has
<ehird_> i don't need any more support :)
<ehird_> I think I'll just reinstall from the alternate CD
<ehird_> thanks
<_ruben> and yes, by "does not have", i actually meant "does not support" :)
<ehird_> ok, thanks :)
<loa> oh well, going to sleep. Reinstalling the box tomorrow. Thanks for the help anyway giovani
<pmatulis> _ruben: did you discover why your ssh connections were dropping?
<_ruben> pmatulis: i dont recall any of my ssh conns to drop .. perhaps mixing me up with someone else? :)
<pmatulis> _ruben: yeah, it was "ruben23", sorry
<_ruben> no problem :)
<_ruben> its what one gets for using firstname as nick ;)
<ruben23> hi how do i change my date form IST to EDT...?
<sgsax> ruben23: you just want to change the timezone?
<guntbert> ruben23: https://help.ubuntu.com/community/UbuntuTime should help :-)
<sgsax> ruben23: http://www.linuxsa.org.au/tips/time.html for the non-gui solution
<guntbert> sgsax: ^^^ has the CLI instructions too :-)
<sgsax> guntbert: heh, that's even easier :)
<guntbert> sgsax: ;-)
<Sam-I-Am> mathiaz: you around?
<mathiaz> Sam-I-Am: yes
<Sam-I-Am> been messing with ld_debug... missing symbol in nssov.so... which somehow becomes 'file not found' in openldap
<mathiaz> Sam-I-Am: oh cool. I've looked at this but didn't go anywhere
<Sam-I-Am> gonna see if hyc might know whats causing that... hopefully its not any of the ubuntu patches
<Sam-I-Am> how long has it been fried?
<mathiaz> Sam-I-Am: which symbol?
<Sam-I-Am> ber_bvmatch
<mathiaz> Sam-I-Am: I've seen similar error when libtld had been updated
<mathiaz> Sam-I-Am: 2.4.15 was working correclty
<Sam-I-Am> i know ltdl changed names in karmic
<Sam-I-Am> kinda simplified versioning i think
<mathiaz> Sam-I-Am: right
<mathiaz> Sam-I-Am: there may be a new version too
<Sam-I-Am> hyc claims nssov works in 17... might try compiling upstream in karmic and see if it still breaks
<mathiaz> Sam-I-Am: what is strange though is that all other shared libraries load correctly
<Sam-I-Am> yeah
<mathiaz> Sam-I-Am: 17 saw the addition of pam. I though may be something is missing there.
<Sam-I-Am> hmm...
<mathiaz> Sam-I-Am: it may also be related the toolchain in Ubuntu
<Sam-I-Am> true
<mathiaz> Sam-I-Am: and the way the nssov is built
<mathiaz> Sam-I-Am: I'd run the nssov-build patch by hyc
<Sam-I-Am> well, compiling upstream might answer some of those questions
<Sam-I-Am> yeah, will do
<Sam-I-Am> just waiting for him to return
<Sam-I-Am> meanwhie, i think i should finally file this as a bug
<mathiaz> Sam-I-Am: I would definetly show the nssov-build patch to hyc - it may be an issue there
<Sam-I-Am> yeah i was looking at that
<Sam-I-Am> doesnt seem too intrusive though
<Sam-I-Am> you know, looking at ld_debug, theres quite a few undefined symbols... not just in nssov
<unixbocx> hello
<Sam-I-Am> mathiaz: filed bug 417163
<uvirtbot> Launchpad bug 417163 in openldap "NSS overlay (nssov) fails to load" [Undecided,New] https://launchpad.net/bugs/417163
<LiraNuna> I love pam.d
<KillMeNow> why do you love pam.d?
 * jmedina doesnt feel love for a directory
<LiraNuna> KillMeNow, it's so easy to set up stuff
<LiraNuna> and anything plugs into it
<Psi-Jack__> Heh. bleh.
<KillMeNow> gah! everyday around this time I'm ready for a nap
<Psi-Jack__> Heh
#ubuntu-server 2009-08-22
<qman__> yes, pam is a wonderful thing
<qman__> I wish samba used pam instead of just adapting to it
<Psi-Jack__> Okay.. So my router, presently, has only a small annoyance.
<Psi-Jack__> When eth1, my net interface, comes up, it replaces /etc/resolv.conf with that retrieved via the DHCP.
<Psi-Jack__> I don't want that, I want it to stay as I put it, or to adjust it with resolvconf to settings specifically supplied by wherever it gets that.
<Psi-Jack__> Cause, I have my own domains. I have my own DNS, I don't want my router out of sync with that.
<KillMeNow> Not sure if you can change that for a single host
<KillMeNow> i think there are DHCP options you can disable globally to not push DNS resolvers
<KillMeNow> but not sure about a single host...
<KillMeNow> why are you having it grab an IP via DHCP?  why not do it statically?
<uvirtbot> New bug: #417211 in tomcat6 (main) "package tomcat6 6.0.18-0ubuntu6.1 failed to install/upgrade: subprocess post-installation script returned error exit status 1 (dup-of: 417212)" [Undecided,New] https://launchpad.net/bugs/417211
<mushroomblue> holy crap the OpenLDAP instructions are completely useless
<mushroomblue> from what I'm reading, slapd in 9.04 isn't built against openssl
<mushroomblue> is this correct?
<mushroomblue> cos it sounds really really stupid.
<mushroomblue> though it explains why the SSL/TLS section of the OpenLDAP instructions don't work.
<jerrcs> if you want to see stupid
<jerrcs> https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/335933
<uvirtbot> Launchpad bug 335933 in proftpd-dfsg "proftpd: Several SQL injection vulnerabilities" [Undecided,Confirmed]
<jmarsden> mushroomblue: You might want to read /usr/share/doc/slapd/README.Debian.gz
<jerrcs> why isn't that fixed yet? on ubuntu server edition.. your proftpd server is vulnerable...
<jmarsden> jerrcs: Go ahead and post the debdiff needed to fix it, if you want it fixed fast.
<Sam-I-Am> mushroomblue: openldap is built against gnutls
<jerrcs> jmarsden: I'm no good with that.. I'm just an ubuntu-server who is very pissed off that it's been half a year and a major ftp server package hasn't been fixed.. a security issue like this.. my home directory has been open to anyone who has used this.. luckily there's nothing too much on there, and i've only been running it for about a month.
<jerrcs> an ubuntu-server user.
<sub> http://packages.ubuntu.com/search?keywords=proftpd&searchon=names&suite=jaunty&section=all
<sub> that vulnerability is fixed in that version, 1.3.1-17ubuntu1
<sub> as it states here: https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/329167
<uvirtbot> Launchpad bug 329167 in proftpd-dfsg "Please merge proftpd-dfsg 1.3.1-17 (universe) from Debian unstable (main)" [Wishlist,Fix released]
<jerrcs> "The ProFTPD Project team is happy to release 1.3.2 to the community. This is a bugfix release, including a SQL injection vulnerability fix. The RELEASE_NOTES and NEWS files contain the full details."
<jerrcs> no it isn't
<sub> #7   	 Launchpad Janitor  wrote on 2009-02-13:
<sub> This bug was fixed in the package proftpd-dfsg - 1.3.1-17ubuntu1
<jerrcs> There was another one then.
<jerrcs> sub: I just exploited my own server. I have all my packages up to date. How can you tell me it's fixed? Not to mention I did a clean install of ubuntu-9.04 just about a month ago
<sub> then post the debdiff. its community-maintained software which means it doesn't get fixed until someone who uses the software (like you) fixes it
<jerrcs> http://pastebin.com/m1c726b6f
<jerrcs> sub: how can ubuntu penetrate the server market if they can't keep this up to date? I mean.. I understand. It's in a different repository.. but still.
<jerrcs> Just bringing up a discussion.
<ScottK> Because much of Ubuntu's success has been not trying to do everything, but being the best at what they focus on.
<jerrcs> I suppose.
<giovani> ScottK: really? what does ubuntu focus on?
<ScottK> Generally we try to pick one package to support for each function.
<jerrcs> an idiot-proof OS
<ScottK> For example we generally focus on Postfix as a mail server even though there are lots of others.
<ScottK> jerrcs: Not possible.
<giovani> well sure ... other distros tend to do that too
<ScottK> Just more so here.
<ScottK> So if you're using packages that aren't supported (in Universe), don't expect them to be supported.
<ScottK> Some of them are well supported by the community, but it's uneven.
<giovani> ScottK: what's the main, supported-by-ubuntu ftp server?
<quizme> http://cardinaleducation.thirdreplicator.com/  <--- trying to get mod_proxy to work.  Can somebody help?
<ScottK> I don't actually know.
<jerrcs> proftpd is pretty popular.
<ScottK> I find I can use sftp for all my needs so it's been years since I worried about it.
<jerrcs> yet there's a huge vuln in it.
<giovani> I can't seem to find a major ftpd that isn't in universe
<jerrcs> Yes.. I prefer sftp.. but I have clients which use regular ftp.
<giovani> ScottK: but surely FTP is acknowledged as a major protocol still in use, for various reasons
<ScottK> giovani: Certainly, just saying I don't know.
<giovani> ok
<giovani> vsftpd
<giovani> is in the main repo
<giovani> so I guess that's the one ubuntu has chosen to support primarily
<ScottK> Odds of it having issues left long unfixed are relativley low then.
<ScottK> You could also look in the Ubuntu server guide and see what it suggests.
<quizme> if i log into the server, and run "curl http://127.0.0.1:11000" it works, but when i access it via the URL. I get "Not found /"
<jerrcs> I'll poke around with vsftp.
<jerrcs> vsftpd*
<giovani> vsftpd is security-focused anyhow
<giovani> implied by the name ...
<quizme> anybody know how to mod_proxy here ?
<mushroomblue> so wait. it's built against GnuTLS for a while now, but the documentation doesn't reflect this?
<mushroomblue> 8.10 and 9.04 server guide both give incorrect configuration steps for openldap, then.
<mushroomblue> you'd think someone would notice, and update the docs
<Sam-I-Am> what its built against doesnt really matter for the config iirc
<Sam-I-Am> certs are certs
<mushroomblue> steps to get a working system are different.
<mushroomblue> and if you're planning on following the server guide to configure your system, you're sorta out of luck.
<mushroomblue> that's poor documentation.
<Sam-I-Am> well, one of the fun parts of open source... you can volunteer to make it right :)
<jmarsden> mushroomblue: Thanks for volunteering to update the docs ... where can we see your proposed changes?
<Sam-I-Am> talk with sommer ... he's the docs guy
<mushroomblue> oh, I'll be happy to submit changes
<mushroomblue> when I'm not drunk. :)
<mushroomblue> s/changes/docs/
<Sam-I-Am> i've been planning to submit updates to it
<Sam-I-Am> todays fun was patching openldap though
<mushroomblue> jmarsden: you'll have to crack my skull open and take a peek.
<mushroomblue> sicko.
<jmarsden> mushroomblue: My machine seems to lack the skullcrack-and-peek package, and it;s not in the repositories.
<mushroomblue> jmarsden: thanks for the readme, tho. :)
<Sam-I-Am> i think that package is called 'sendmail'
<mushroomblue> I'd like to think my brain is a lot more like git
<RudyValencia> hi
<RudyValencia> How much space do I need to allocate to an Ubuntu Server running in a VM?
<RudyValencia> (hard disk)
<RudyValencia> would 10GB be enough?
<jmarsden> RudyValencia: It depends what you want to do with it, but for testing and experimenting, yes, probably.
<RudyValencia> jmarsden: Web serving.
<jmarsden> Well, if you want to serve 100GB of videos, then 10GB won't be enough... :)
<RudyValencia> I can't get Apache to work right on the Windows host so I set the VM up to run a LAMP stack
<RudyValencia> As for storage, I use SMBFS shares
<jmarsden> Then you should be fine with 10GB for the server itself.
<RudyValencia> I notice no appreciable difference between storing the data in the VM and storing the data on SMBFS shares
<jmarsden> I have Ubuntu VMs with as little as 4GB for testing sometimes.
<RudyValencia> (because my server is a low-volume server.)
<RudyValencia> Is it better to 'pre-allocate' the disk file?
<RudyValencia> that is, have it make one 10GB file vs. a file that grows with the contents of the VM
<jmarsden> Not usually; there is a slight disk performance gain by preallocating it.
<RudyValencia> Ah
<RudyValencia> I set it up with 512MB of RAM allocated to it
<RudyValencia> and bridged networking
<RudyValencia> No sound or other peripherals, except CD image access
<mattt> RudyValencia: you using xen?
<RudyValencia> mattt: I don't have a computer capable of hardware virtualisation
<mattt> RudyValencia: same, i'm old school like that also :)
<RudyValencia> My server is a repurposed 2.2GHz P4
<RudyValencia> w/ 1GB RAM, 200GB and 250GB hard disks, DVD(+/-)RW drive, a cheap NIC, and a LaserJet 5L
<mattt> i wish the newer versions of ubuntu still supported exn
<mattt> *xen
<jmarsden> mattt: I think newer versions of KVM can run on systems without hardware virtualization.  I know virtualbox-ose can.
<RudyValencia> I tried to setup VMware Tools on my Ubuntu Server 8.04 install that had been untouched for a while
<RudyValencia> and it failed :(
<mattt> jmarsden: oh, nice!
<jmarsden> mattt: I was running multiple virtualbox-ose VMs here on an Intel E5200 (no hardware virt) until a few weeks ago (upgraded to a Q9550 as a birthday present to myself!)
<RudyValencia> I'm getting some pretty good life out of this old Pentium 4
<RudyValencia> (I have a 2.8GHz as my main desktop)
<jmarsden> RudyValencia: Yes, I do that too... but I've not tried VM stuff on older machines, at home or at work.
<RudyValencia> ah
<RudyValencia> I wish I could upgrade either of my systems
<RudyValencia> (or both)
<mattt> jmarsden: so virtualbox-ose uses KVM?  i didn't know that.
<jmarsden> No, they are independent.
<RudyValencia> This 2.8GHz desktop is nice but doesn't run WinXP well
<RudyValencia> oops
<RudyValencia> I meant, Win7
<RudyValencia> It runs WinXP now
<RudyValencia> (I still have to use Windows, for Creative Suite 3 does not run well on Linux w/ Wine)
<RudyValencia> I would've switched to Linux completely already if it were capable
<jmarsden> RudyValencia: Run Ubuntu on the hardware, and Windows in a VM for the occasions when you need it :)
<RudyValencia> I need Windows to do development for IE
<RudyValencia> (I no longer support IE6, only 7+)
<RudyValencia> The Web browser has become an application platform with the advent of AJAX and other new technologies
<jmarsden> Sure, but you can do that (run IE and whatever) in a Windows VM.  You don't need to run it on the physical hardware.
<RudyValencia> I also do 3D with SketchUp
<RudyValencia> (which a VM can't handle)
<RudyValencia> and play the occasional 3D game
<jmarsden> VirtualBox is supposedly able to do 3D in the VM for Windows guests now, although I have never tried it.
<spowers> is it possible to run top on the console of a server with upstart or getty or something?
<jmarsden> spowers: Sure.  I think that is part of what the top "secure mode" stuff is all about... ensuring you can leave it running in a way that random passers-by can't abuse your server
<spowers> the problems i'm having are more to do with terminal control
<spowers> and how to run it at boot
<spowers> on a real server, i'd stick it on tty12 and chvt to it in rc.local, but i'm running in xen so there's only one tty
<spowers> what would be really awesome is to make a screen profile for boot time that had a secure top and could only spawn /bin/login instead of bash directly
<spowers> screen itself would have to be more secure probably, so that might not be the right approach
<spowers> and it's not like this is a real PROBLEM
<spowers> per se
<jmarsden> spowers: aybe set up a user called top whose shell is top ... and log in on the console as top ?
<spowers> i'll give that a shot, it works well enough for an x server on my mythtv box, i'd forgotten about that
<mattt> spowers: what are you trying to accomplish with this anyway (not fully understanding here)
<spowers> boy, if i had a nickel for every time someone asked me that...
<mattt> :)
<spowers> i'm just hacking around
<mattt> tho it is an interesting idea, i used to work at a hosting company and if that info was visible (even if hte machine was hung and the info stale) it'd be really helpful to support
<spowers> i've got this mental image of a console that cycles through top/iptraf/some other monitor on the console
<mattt> (and by visible i mean visible on the console)
<spowers> like arcade games cycle through demos and logo screens
<RudyValencia> Sorry, network cable broke
<jmarsden> mattt: leaving top running on a spare terminal was an oldtimers trick a decade or two ago, so when things went bad on your server you could see why... even when it was so bad you couldn't log in and run top because the server was so bogegd down...
<spowers> top has existed for a decade or two? wow
<spowers> i'm always in awe of unix tradition
<jmarsden> Sure.  I'm pretty sure I was using it in 1994 or so...
<mattt> jmarsden: yeah, that's exactly what i'm thinking ... dunno why we never thought to do that :/
<Boohbah> even better, top in a screen session so you can disconnect
<mattt> Boohbah: yeah, but if the system is unresponsive so is screen :)
<mattt> (or the load's too high or whatever the case)
<spowers> main thing would be to have something on the main console more useful than the last handful of boot messages and a login prompt
<Boohbah> well then, remote serial console
<spowers> even old netware had that silly snake that represented the load average
<mattt> spowers: good idea, i like your thinking
<spowers> when i boot up our linux vms, the console is always a mess
<spowers> top looks nice and tiday
<spowers> tidy
<spowers> jmarsden: the 'top' user thing works a charm
<jmarsden> Good :)
<spowers> i remember hacking around with getty several years ago trying to start dosemu to run a WWIV bbs system
<spowers> that did not work so well
<RudyValencia> I put the wrong hostname for my server in when I reinstalled
<RudyValencia> How do I change the hostname?
<_ruben> doing a find/replace in /etc with the old -> new name should cover most stuff .. depends on how much stuff is already installed as well though
<RudyValencia> probably easier to reinstall at this early stage
<_ruben> depends .. if its a clean install with not much extra tasks installed .. covering /etc/ would do just fine .. a simple sed/perl oneliner .. then again, reinstalls can be fairly quick as well depending on the method used
<sub> nah
<RudyValencia> Nothing installed yet
<sub> just /etc/hosts and /etc/hostname should cover it
<RudyValencia> ah
<_ruben> sub: unless for example postfix is installed as well as a task
<jmarsden> sub: Maybe /etc/mailname if an MTA is installed
<_ruben> there's quite a few packages that use the hostname in postinstall scripts
<sub> then you can either reboot or use the "hostname" command to set the new hostname
<RudyValencia> I'll redo it
<sub> Perhaps
<sub> I have a new system running as well and I just did grep -Hr `hostname` /etc
<RudyValencia> very very easy
<_ruben> redoing install surely is the cleanest way .. but also a tad overkill ;)
<RudyValencia> time is unimportant here
<sub> i've changed hostnames more often than i'd like to admit ;p
<_ruben> i only looked into it once when looking into the options for 'templating' my virtual machines .. in the end i just setup a pxe environment with preseeded installs :p
<RudyValencia> hm, I have Remote Installation Services on the Windows side of my server
<RudyValencia> I wonder if it can install other OSes than Windows
<RudyValencia> like Ubuntu or whatever
<RudyValencia> Wow
<RudyValencia> I entered the static IP address in the installer and my network information and it picked up the hostname
<RudyValencia> (from my DNS)
<quizme> http://cardinaleducation.thirdreplicator.com/  <--- I'm doing a proxy pass thing with webrick but i'm getting this....
<quizme> anybody know why ?
<quizme> my mod_proxy is set up correctly cuz i'm using the same configuration on another site.
<RudyValencia> which is the best setting: relatime, noatime, or no option for such?
<_ruben> i use noatime for dedicated /var/log/ partitions on busy servers
<RudyValencia> ah
<RudyValencia> What exactly is a "Label"
<RudyValencia> ?
<_ruben> just that .. a label :)
<RudyValencia> Is that like the "volume label" on a FAT or NTFS volume?
<_ruben> kinda, yeah
<RudyValencia> ah
<RudyValencia> Hm, do you change /etc/issue or /etc/motd on your server(s)?
<RudyValencia> I like to change /etc/issue to display a warning
<RudyValencia> "WARNING: THIS SYSTEM IS RESTRICTED TO (COMPANY NAME) AUTHORIZED USERS, FOR LEGITIMATE BUSINESS PURPOSES ONLY..."
<jmarsden> RudyValencia: If the logins are from the network, edit /etc/issue.net  .  For a standard warning text, see http://pastebin.com/f7098d623
<RudyValencia> jmarsden: I already have one of my own
 * RudyValencia pastebins it
 * jmarsden hopes you are a good lawyer, if you write it yourself  and want it to be legally correct :)
<_ruben> i never bother to edit those .. or read them if i'd log into a remote system (usualy, unless it does a good job on drawing attention)
<sub> cowsay tends to catch my attention
<RudyValencia> jmarsden: I borrowed it from another computer at a place I used to work at
<RudyValencia> http://pastebin.com/m2d02cbe7
<RudyValencia> I substituted [COMPANY] where my business' name goes
<jmarsden> OK.  Your notice gives away info to the (hypothetical) hacker... you tell him who owns the system.  Why give away that info?
<RudyValencia> I should remove the company name and reflow it to make sense
<sub> is that not already given away by ARIN registrations and reverse DNS?
<jmarsden> sub: is it?  Try it sometime?  Usually you get the ISP, not the company or end user.
<RudyValencia> jmarsden: http://pastebin.com/m16f51a1d (amended)
<sub> depends, some ISPs update the registration for their netblocks
<sub> I work for an ISP, so I guess that's a moot point in my situation :)
<jmarsden> :)
<_ruben> highly depends on the customer base too .. i doubt much isp would swip their adsl blocks :p
<sub> of course not, but most ISPs swip the blocks they give with leased/dedicated circuits
<jmarsden> RudyValencia: Looks OK to me, but I am not a lawyer.
<_ruben> exactly
<RudyValencia> I forwarded my SSH port to a different number than 22
<RudyValencia> (I hate getting SSH scans
<RudyValencia> also, my VM seems to be stuck at 'Validating libklibc'
<RudyValencia> Hm, I wonder what Linux does for consoles on computers that don't support text-only modes
<RudyValencia> (e.g. 68k/PPC Macs, etc.)
<RudyValencia> my VM has stalled :/
<RudyValencia> I'm trying to get Ubuntu to install and the VM keeps stalling
<RudyValencia> nevermind
<RudyValencia> it returned
<Psi-Jack__> Okay.. So my router, presently, has only a small annoyance.
<Psi-Jack__> When eth1, my net interface, comes up, it replaces /etc/resolv.conf with that retrieved via the DHCP.
<Psi-Jack__> I don't want that, I want it to stay as I put it, or to adjust it with resolvconf to settings specifically supplied by wherever it gets that.
<Psi-Jack__> Cause, I have my own domains. I have my own DNS, I don't want my router out of sync with that.
<sub> one sec, I do the same thing here at home
<sub> You're going to want to edit /etc/dhcp3/dhclient.conf
<sub> And you can either add a prepend line to add your static servers before the ones given by dhcp, or you can just not request the DNS info
<Psi-Jack__> Hmm
<Psi-Jack__> I'd tried taking out requesting it, and it still overwrote my resolv.conf file.
<Psi-Jack__> But, so far, supersede domain-name-servers fixed my nameserver entries, but now I Just need to fix domain and search.
<RudyValencia> hm, I think there's a problem
<RudyValencia> W: Failed to fetch http://mirrors.kernel.org/ubuntu/dists/hardy/Release  Unable to find expected entry  main-updates/source/Sources in Meta-index file (malformed Release file?)
<RudyValencia> E: Some index files failed to download, they have been ignored, or old ones used instead.
<jmarsden> Run sudo apt-get update again, or pick a different mirror and then try again.
<RudyValencia> It happens with several mirrors.
<RudyValencia> Tried Easynews, kernel.org, and OSUOSL
<jmarsden> Odd.  I should be asleep (almost 2am here), but I'll check it on an old Hardy VM I have... booting now...
<RudyValencia> Almost 3 here.
<jmarsden> Seems to work fine from here (using us.archive.ubuntu.com as the mirror).
<RudyValencia> Maybe the mirrors are broken
<RudyValencia> Not working here
<jmarsden> I just tried with mirrors.kernel.org and that worked for me too.
<jmarsden> Are you out of disk space somehow on /var ?  Not really sure what else to check...
<RudyValencia> df says only 8% of the disk is used
<jmarsden> And you just created a single partition, not a separate /var ?  Then that's not it...
<jmarsden> That's not an absolutely show-stopping warning, it just means you may not be getting the very latest updates...
<jmarsden> But it shouldn't be happening, at least not reliably and on multiple mirrors.
 * RudyValencia reboots the VM
 * jmarsden goes to bed :)  Goodnight all.
<_ruben> could be a flakey (transparent) proxy interfering
<RudyValencia> No proxies here
<RudyValencia> _ruben: I made a typo.
<RudyValencia> That was why it failed
<RudyValencia> I shouldn't be writing a configuration file at 3AM
<LiraNuna> "passwd: Authentication token lock busy" any idea what that means?
<LiraNuna> I upgraded libpam-mysql from a working config, now I get this
<LiraNuna> I'm sure common-password is configured right as with old pam-mysql I could change the password (only as root, though)
<Boohbah> hi RudyValencia
<Boohbah> did you find a job yet?
<RudyValencia> Still at Walgreens
<Boohbah> what location?
<RudyValencia> same as before
<Boohbah> i forgot where that was
<RudyValencia> Greeley
<RudyValencia> 23rd Avenue and 16th St.
<Boohbah> Nebraska?
<RudyValencia> CO
<RudyValencia> (Colorado)
<RudyValencia> also, how do I prepend the output of uname -a to a text file?
<Boohbah> i don't know about prepend with bash
<Boohbah> i can append
<foolano> RudyValencia: using sed?
<RudyValencia> any method
<_ruben> nasty way: file=/some/file ; uname -a > $file.tmp ; cat $file >> $file.tmp ; mv $file.tmp $file
<foolano> i prefer: sed 1ifoo file.txt
<Boohbah> that's a really nasty way
<RudyValencia> I got it
<_ruben> "any" also covers "really nasty" in my book ;)
<RudyValencia> echo `uname -a` > newfile; cat originalfile >> newfile
<foolano> sed 1i"$(uname -a)" file.txt
<Boohbah> foolano: nice!
<foolano> sudo dumpe2fs -b /dev/sda3 | wc -l
<foolano> 65
<foolano> arhhh, it aint looking good
<RudyValencia> Anyone here having difficulty building VMware Tools or open-vm-tools on Ubuntu Server 8.04?
<RudyValencia> I can't get them to build
<RudyValencia> :(
<RudyValencia> Why won't VMware Tools build on Ubuntu 8.04.2 Server?
<LMJ> I've create a lvm volume a couple of months ago and store datas on it. I rebooted today after an simple upgrade, no more LVM ! pvdisplay, vgdisplay & lvdisplay are empty, What could I do to get back my files ?
<AlexC_> morning
<AlexC_> I've recently stopped using SpamAssasin, and instead just using Postfix restrictions (which is working very well), however I just saw in my logs this: postfix/smtpd[14337]: NOQUEUE: reject: RCPT from openzula.org[72.14.177.55]: 504 5.5.2 <localhost>: Helo command rejected: need fully-qualified hostname; from=<noreply@tangocms.org> to=<users-email@example.com> proto=ESMTP helo=<localhost>
<AlexC_> how come it is blocking openzula.org (which is a domain I own, and is 'on' this server), for not being a FQDN? How is that not a FQDN?
<AlexC_> this email would have been a forum notification email to a user, from the board its self
<giovani> AlexC_: because it's not identifying itself as openzula.org, it's identifying itself as "localhost" as far as I can tell
<pmatulis> AlexC_: perhaps pastebin the output of 'postconf -n'
<AlexC_> pmatulis: sorry, was away: http://paste2.org/p/395497
<giovani> AlexC_: output of 'hostname -f'?
<AlexC_> 'localhost' .... that'll be why then, giovani =)
<AlexC_> editing /etc/hosts to have the one I want first, made 'hostname -f' return what I wanted. I assume that would have fixed it now
<giovani> what?
<giovani> don't edit /etc/hosts
<giovani> that's not where the hostname belongs
<giovani> you want to edit /etc/hostname
<AlexC_> I know, however that is not where hostname -f and where it looks up is from
<giovani> huh?
<AlexC_> as stated in 'hostname --help': "Unless you are using bind or NIS for host lookups you can change the FQDN (Fully Qualified Domain Name) and the DNS domain name (which is part of the FQDN) in the /etc/hosts file."
<giovani> you don't need to that, but ok
<AlexC_> well, /etc/hostname is already set to 'cypher.openzula.org', so it wasn't getting it from there
<giovani> had you rebooted since that had been set?
<giovani> it absolutely gets it from there
<giovani>        The host name is usually set once at system startup in /etc/rc.d/rc.inet1 or /etc/init.d/boot (normally by  reading  the  conÃ¢
<giovani>        tents of a file which contains the host name, e.g.  /etc/hostname).
<AlexC_> giovani: yes, server was rebooted yesterday in fact. However, the output of 'hostname' did give cypher.openzula.org - it was only when doing 'hostname -f' it gave 'localhost'
<giovani> ok, 'hostname' shouldn't be providing the FQDN
<giovani> /etc/hostname should contain just the first section of the hostname (the machine-specific part)
<giovani> then you can add an entry in /etc/hosts with both the FQDN, and the hostname
<AlexC_> giovani: so /etc/hostname to be just 'cypher'?
<tdn> How do I run a script everytime I boot the machine, after the network has been brought up. I have tried putting the script in /etc/network/if-up.d/, but appearently, this does not work. How do I solve this?
<AlexC_> tdn: there is the special cron '@reboot' value, though I am not sure if that is genearlly considered bad practice to do so
<tdn> AlexC_, how do I find out?
<tdn> AlexC_, is reboot not on shutdown? I need to run it on start up.
<AlexC_> tdn: man 5 crontab, scroll down "@reboot        Run once, at startup."
<tdn> AlexC_, ok. How do I find out if it is bad practice?
<AlexC_> ask people ;)
<tdn> Ok :)
<tdn> Here?
<AlexC_> this is an asky place, so yeah I guess so
<Boohbah> tdn: i would append it to /etc/rc.local
<tdn> Boohbah, how? Just symlink the script in there? Do I need to do something else? _How do I make sure that it is run after network is up?
<Boohbah> iirc /etc/rc.local runs last
<Boohbah> tdn: not symlink, just call the script from there
<tdn> Boohbah, /etc/rc.local is empty, so I just put it in there?
<Boohbah> yup
<tdn> Boohbah, ok. Thanks.
<XiXaQ> several times now, when setting up a system with raid or lvm, the installation stops, complaining it can't find any cd-rom and that no repository has been configured. I'm using 9.04 i386. Does anyone know why? The cd-rom has been tested ok.
<Boohbah> XiXaQ: probably the raid controller driver. what model is it?
<XiXaQ> I'm using software raid.
<Boohbah> oh
<XiXaQ> however, when the partitions are setup and I reboot, the install finishes properly.
<XiXaQ> oh, I think maybe my cd-rom drive is trying to tell me something.
<madalin> hello. I really need help setting up a dhcp server and make my fresh installed ubuntu, a gateway..
<Meiki> Hi - could someone help me with an IP address issue that I'm having. Please look at http://pastebin.com/m575e62fd, I can bind public services to the first IP, but not to the others (*.87- onwards).
<RoyK> heh - Meiki waited for three minutes before he left :)
<Meiki> RoyK: huh
<RoyK> [19:11]  <Meiki> Hi - could someone help me with an IP address issue that I'm having. Please look at http://pastebin.com/m575e62fd, I can bind public services to the first IP, but not to the others (*.87- onwards).
<RoyK> [19:14]  * Meiki (i=568092bf@gateway/web/freenode/x-nylzhfnikmfuvzyp) has left #ubuntu-server
<RoyK> how do you try to bind to those IPs?
<RoyK> btw, the old eth0:x is not recommended anymore
<sub> says who?
<RoyK> rather use ip addr add 10.0.1.12/24 dev eth1
<RoyK> or so
<RoyK> sub: the new method has been around for a while
<RoyK> well, it works, but I guess it'll be removed some day, since ip "aliasing" is something that were phased out close to 10 years ago
<RoyK> Meiki: anyway - how do you try to bind to those IPs?
<RoyK> it should work
<sub> The application should have a bind address of 0.0.0.0 to bind on all interfaces and you should doublecheck to ensure that you don't have any firewall rules that could block traffic to those other IPs
<RoyK> sub: possibly an application should bind to a specific ip
<RoyK> if using apache, bind to all, and add the respective address in the virtualhost
<RoyK> but if Meiki doesn't want to specify any details, he can't really get most help
<sub> RoyK: Right about binding to a specific IP, depends on what the requirements are =) and I agree
<ipauldev> I run Ubuntu 8.04 LTS Server. apt-get is painfully slow when downloading large files. It starts out fast and goes down to under 25B/sec. I've tried using apt-mirror to make my own local repo, it starts out downloading fast, but that too, starts to be Bytes/second if I "du" the directory and watch the size. I've used multiple mirrors with the same issue. I can start again fast, and it slows down. Connected via a DS-3
<ipauldev> Also is happening with multiple installs of it... they
<ipauldev> they're all running on the same box, vmware.. 64MB ram, 30 some GHz available
<ipauldev> Any ideas?
<PhotoJim> ipauldev: sounds like network issues.  just keep trying different mirrors.  or do a speed test to some other site that should be fast and see what performance you get.
<ipauldev> yeah it doesn't happen anywhere else on the network with other instances, so I wonder if it's a vmware issue or the networking on the vmware cluster
<ipauldev> thanks
<PhotoJim> it could be, but that doesn't seem likely.
<user1_>  have kubuntu 6.10 dgy. how can i upgrade it to the latest.(the option of uqgrade doesnot appear when i fetch updates in adept package manager)>
<ipauldev> Yeah, it does it with a wget too, of a large iso. If it re-establishes the connection, The router shows throughput on the interface of 10,000 Mbps, the limit setup.. then after a 30 or 60 seconds it drops off into nothingness... Foobar! lol
<ipauldev> user1_ I think an apt-get dist-upgrade might get you there.
<user1_> ok
<user1_> not working
<user1_>  where are the files that contain the server address to download programs and updates by package manager or apt?
<ipauldev> /etc/apt/sources.list
<RoyK> user1_: do-release-upgrade
<RoyK> user1_: you also may need to change /etc/update-manager/release-upgrades
<RoyK> there you can set the upgrade policy
<user1_>  what is the name of the lates kubuntu distro? may be i can toogle the name in sources.list with it at 'egdy'?
<giovani> user1_: this is #ubuntu-server not #kubuntu
<RoyK> user1_: read what I wrote above
<RoyK> user1_: also, like giovani said, this channel is for server-specific questions, not general ubuntu stuff
<ipauldev> FUI, I've got that local mirror running and things work fine using that, so my guess is that it's the router or the intrusion protection system blocking/slowing down the requests. I'll be looking at that with our netowrking/IPS team Monday. Thanks for the help.
<ipauldev> YUI=FYI
<DelphiWorld> hi
<Tsapoc^> hello there ! Why does all the other computers on network have internet but my server doesn't? I can ssh to it (ip:192.168.2.3) but when i try to tell him to ping www.google.com it doesn't respond... Anyone have any ideas ?
<giovani> Tsapoc^: likely to be misconfigured/non-configured DNS
<Tsapoc^> yeap i figured that out just fixed it :)
<Tsapoc^> but thanks m8 :)
<Acs> hello
<Acs> I just logged in to my ubuntu-server machine and got this
<Acs> 3 packages can be updated.
<Acs> 6 updates are security updates.
<Acs> little strange
<Acs> but how can I see wich packages can be updated?
<jmarsden> sudo apt-get -s upgrade       will do a simulated upgrade
<Acs> thanks
<jmarsden> No problem.
<Acs> but can you tell me why it says 3 packages can be updated and then tells me 6 are security updated
<jmarsden> Not really... that text is from the landscape-sysinfo client, right?  If you run it directly     landscape-sysinfo     what does it say then?
<Acs> just this
<Acs> System load: 0.0 Swap usage: 0% Users logged in: 1
<Acs> Usage of /: 0.7% of 226.26GB Temperature: 28 C
<Acs> Memory usage: 11% Processes: 114
<Acs> Graph this data and manage this system at https://landscape.canonical.com/
<Acs> nothing related to the updates
<jmarsden> so... where did the text about updates come from that you quoted earlier?
<Acs> below the info of the landscape-sysinfo
<Acs> but it only appeared when I logged in
<Acs> not now when I ran the command
<Acs> hhumm I ran the apt-get command
<jmarsden> Then either something changed, or there is some other piece of software running at login displaying that information for you
<Acs> the updates are for apache2 apache2-mpm-prefork apache2.2-common
<Psi-Jack__> Hmm
<jmarsden> Well, if appropriate you can do    sudo apt-get upgrade    to install those, and then see what happens when you log out and in again?
<Psi-Jack__> ubuntu 9.04 Server doesn't have IPP2P MATCH support?
<Psi-Jack__> The kernel that is.
<Acs> jmarsden ok
<Acs> I upgraded
<Acs> but if I loggin again
<Acs> nothing will be shown
<jmarsden> Psi-Jack__: That might be in a module you need to load?
<jmarsden> Acs: Then I'd say you are now up to date :)
<Acs> jmarsden indeed :D
<Psi-Jack__> jmarsden: Hmm, what would the module be named to load, then?
<jmarsden> That's not something I have used, but there are a bucnh of modules related to IP and netfilter that start with ip or nf respectively...
<Acs> jmarsden thanks again for the help
<jmarsden> Acs: No problem.
<jmarsden> Psi-Jack__: Look under /lib/modules/2.6.28-15-generic/kernel/net/ipv4/netfilter/ and see if anything likely is there?
<Psi-Jack__> Well, according to a wordpress site, I'm seeing for Hardy at least, ipp2p match support has to be patched in, but I'm using 9.04
<Psi-Jack__> But the wordpess articles' not in English, so hard to truely grasp what it's talking about. ;)
<jmarsden> It may be the same for 9.04... you can always just apt-get install linux-source and see how it is configured.
 * Psi-Jack__ nods.
<Psi-Jack__> Heh, basically trying to figure out how to get shorewall to tc torrent traffic. ;)
<Psi-Jack__> and ipp2p, is the suggested method.
<Psi-Jack__> Otherwise, I won't know how I'd set the port stuff appropriately.
<Psi-Jack__> don't*
<jmarsden> Hmm, there is an xtables-addons source package that might be relevant, in Jaunty and Karmic.  But its only there as a source package, not binary package.
<Psi-Jack__> Hmm, apt-cache search doesn't find that for me.
<Psi-Jack__> !find xtables-addons
<ubottu> Package/file xtables-addons does not exist in jaunty
<jmarsden> Try   rmadison xtables-addons
<Psi-Jack__> I don't have rmadison? heh
<jmarsden> sudo apt-get install devscripts    will fix that.
<Psi-Jack__> Gotcha. I'm seeing in in jaunty/universe as you said, as source only.
<jmarsden> It has project pages on LP, too, at https://launchpad.net/ubuntu/+source/xtables-addons ... but I've not found online docs saying exactly what is in it...
<Psi-Jack__> http://ubuntuforums.org/showthread.php?t=1221877
<Psi-Jack__> This is one thing I found about ipp2p for jaunty.
<Psi-Jack__> So far, everything''s leading to rolling a custom kernel.
<jmarsden> That post grabs sources from all over the place... be *careful* if you follow that!
<Psi-Jack__> Yeah, exactly my thoughts
<Psi-Jack__> Does it look to appear to make a .deb package out of it all, to you, in the end?
<jmarsden> I'd say either a custom kernel or at least a custom compiled kernel module, yes.  I wonder if that xtables-addons package will let you build this capability as a module?
<jmarsden> No, it looks like the post builds a kernel module and loads it.  no package in sight.
<jmarsden> Very 1990s :)
<Psi-Jack__> Wait..
<Psi-Jack__> But it uses make-kpgk
<Psi-Jack__> Isn't that the ubuntu way to roll your own into .deb files?
<ycy> is there a way to see very change in /var/log files? a sort of multi-tail of every file?
<ycy> a sort of... cruise?
<Psi-Jack__> ycy: Hmmm., sounds to me like you would benefit with rsyslog.
<Psi-Jack__> ycy: With rsyslog, you could log into pgsql or mysql, and use phplogcon to view it.
<Psi-Jack__> jmarsden: YIKES! This posting, links /usr/src/linux to /usr/src/linux-2.8.26
<Psi-Jack__> Heh
 * Psi-Jack__ scratches this off the list, quickly!
<jmarsden> Psi-Jack__: Ah, yes, so he does make a custom kernel package... but then after that he removes iptables and copies a kernel module directly into the filesystem and loads it... it looks... "interesting"
<Psi-Jack__> Hmmm
<Psi-Jack__> I don't like that either, then. LOl
<Psi-Jack__> So basically, for sure, getting ipp2p support is a chore.
<Psi-Jack__> Prolly worth it if ya need it, but a chore, regardless.
<jmarsden> ycy: sudo apt-get install multitail
<jmarsden> Psi-Jack__: Looks that way.
<Psi-Jack__> multitail? interesting.
<jmarsden> http://www.vanheusden.com/multitail/
<Psi-Jack__> Impressive. ;)
<Psi-Jack__> I still like my phplogcon method though.
<jmarsden> Yes... look at the example: http://www.vanheusden.com/multitail/images/sd/lotsofwindows.png
<Psi-Jack__> That helped me determine my pgsql server box was having issues with acpi and the cooling fans.
<Psi-Jack__> End result, I had to pretty much annoyingly disable acpi altogether, which is sad.
<jmarsden> I had an HP server tell me "fan 4" was dead and rebooting... trouble was, there were only 3 fans in the thing... I think we just replaced the chassis :)
<Psi-Jack__> Yep.
<Psi-Jack__> Mine only had FAN, 1 fan, and it couldn't turn it on. Every 6 seconds.
<Psi-Jack__> It thought the CPU needed to be -266 C
<Psi-Jack__> And it was hellfire bent on making it happen. ;}
<jmarsden> All that server hardware smarts is great when it works... but sometimes it just doesn't
<Psi-Jack__> Yeah.
<Psi-Jack__> I just can't see -266 C being a good thing for a CPU. ;}
<jmarsden> Well, that's a few degrees above absolute zero... might be able to overclock it quite a bit :) :)
<Psi-Jack__> I think it was the common problem that it used the 5-byte ACPI message codes, instead of the standardized 6-byte.
<Psi-Jack__> And Linux to current date, I don't think has workaround stuff for that, where-as FreeBSD does.
<Psi-Jack__> Anyway, I guess I'll try to tc torrent another way for now.
<Psi-Jack__> Without ipp2p, just to see if it'll work.
<Psi-Jack__> ERROR: SOURCE/DEST PORT(S) not allowed with PROTO all : /etc/shorewall/tcrules (line 15)
<Psi-Jack__> Bleh
<xenoterracide> I've got a command set to run in cron at  45 *  *   *   *
<xenoterracide> when I run the command by hand it works
<xenoterracide> however it doesn't seem to be running by cront
<xenoterracide> cron*
<xenoterracide> any idea's why?
<Psi-Jack__> Blah! Even more blah!
<jmarsden> PATH or environment variable differences, most likely.
<xenoterracide> I used the full path to the command
<Psi-Jack__> At least ubuntu, has shorewall 4.2.x, but gentoo, looking at my work servers, only has ebuilds up to 4.0, unmasked, 4.2 masked.
<jmarsden> xenoterracide: what is the command in question?
<xenoterracide> it's a custom backup script I wrote
<xenoterracide>  /var/www/oblivionet.com/scripts/backup.sh < that's the path
<jmarsden> Then check the #! line at the top, and that all paths within the script are full paths or in a PATH you set at the beginning of the script.
<xenoterracide> #!/bin/bash
<jmarsden> xenoterracide: You can also to  MAILTO=me@mydomain.com   in the crontab file before the line concerned and see if it sends you email about any errors...
<xenoterracide> that cron is right to run every hour at the 45 minute mark right?
<jmarsden> Looks right to me.
<jmarsden> Test with   40 * * * * /bin/date
<Psi-Jack__> Ayup. It's right.
<jmarsden> and see if MAILTO=me@excample.com  mails you the date and time, so you know cron itself is working.
<xenoterracide> ok I changed that to 0 and put the MAILTO at the top of the crontab for my user
#ubuntu-server 2009-08-23
<Psi-Jack__> Mmmmm, I LOVE XFS filesystem.
<jmarsden> xenoterracide: OK... and... did it work? :)
<Psi-Jack__> Hehe.. ktorrent can reserve the exact right amount of disk space needed for each file in a torrent, in a mere second, where-as ext3 took several minutes, dragging ktorrent down to almost nothing while it did it.
<xenoterracide> yeah it worked
<jmarsden> xenoterracide: OK, now create a script that just has #!/bin/bash and then /bin/date in it, and put it in the same dir as your backup script, and put   5 * * * * /var/www/oblivionet/com/scripts/testscript.sh
<jmarsden> and see what happens in a few minutes :)
<xenoterracide> if I leave the MAILTO in there will it mail me all output that should go to stdout? (never messed with cron's mail before)
<jmarsden> Yes.
<jmarsden> man 5 crontab for the details
<Psi-Jack__> Sweet!
<Psi-Jack__> My tcrules it at least so far, working. ;)
<Psi-Jack__> jmarsden: You know shorewall traffic-shaping stuff any?
<jmarsden> No, I've not used shorewall, I'm afraid.
<Psi-Jack__> Oh, it wasn't you that was the shorewall guy here? okay. Drats. ;)
<xenoterracide> yeah that script works too
<xenoterracide> I wonder what it's doing or not doing right
<jmarsden> xenoterracide: OK, so now put /bin/date at the top of your backup script and see if that shows up...
<jmarsden> and check file perms on the two scripts are the same
<xenoterracide> they are
<jmarsden> Then I'm guessing the script (commands within it) depend on something about the environment that cron does not set up for you...
<xenoterracide> could be
<xenoterracide> maybe postgres or git needs some info..
<Psi-Jack__> What are you trying to do, xenoterracide?
<xenoterracide> ... well of course that time it would work... wtf
<jmarsden> xenoterracide: Pastebin the script, if you want?  Ah... :)
<xenoterracide> other than adding /bin/date to the script I would change it
<xenoterracide> I didn't*
<Psi-Jack__> xenoterracide: Okay. I can't help you if you don't give details as to what you're trying to accomplish.
<Psi-Jack__> Overall, what are you trying to do?
<xenoterracide> Psi-Jack__: basically I'm dumping the db commit-ing the dump to git and pushing the git repo to origin
<Psi-Jack__> Okay. What part seems to be failing?
<Psi-Jack__> I'm assuming just now, you've tested cron, and it is running, so the next step would be to see if it's connecting to postgres, yes?
<xenoterracide> actually it seemed to just work now. the last 3 times I did it it failed
<xenoterracide> this time it worked
<Psi-Jack__> Okay, just out of curiosity, what are you using to do the dump?
<xenoterracide> pg_dump
<Psi-Jack__> Okay, and you're using environment variabled, like PGUSER, PGPASSWORD?
<Psi-Jack__> In your script?
<xenoterracide> yeah
<nippz> @ cluster heads: here's a question for ya; from the perspective of a load balancer: if one wanted to just notice and log a connection from a list of ip's or where it was routed to; [just off the top of the head] would this add a lot more load on the lb since it has a match list? call it 200 or so ip blocks/single ips
<xenoterracide> well actually I made my own variables and passed them to the command
<xenoterracide> but yeah
<Psi-Jack__> Well, pg_dump and psql both use PGUSER and PGPASSWORD, so you can do it more securely.
<xenoterracide> I didn't set up a password. mostly because the only user that can connect on a socket is this one. and connections aren't allowed from remote
<Psi-Jack__> Sounds to me,, though, like it might've, for the times it failed, had troubles connecting to the database, perhaps the connection limit was maxed?
<xenoterracide> I doubt it. very lowtraffic site...
<xenoterracide> I can't rule it out though
<Psi-Jack__> Not setting a password is VERY VERY BAD!
<xenoterracide> well a password is set
<xenoterracide> for the site to connect. I just use ident to verify for socket connections
<Psi-Jack__> Again, NOT USING a password is VERY VERY BAD. ;)
<Psi-Jack__> ident is the most insecure method of all.
<xenoterracide> actually trust would be ;)
<jmarsden> xenoterracide: You beat me to that one :)
<xenoterracide> and since I'm the only one with cli access to the box. and ssh is on a weird port with key auth only... if you'd like to explain how they'd get in...
<Psi-Jack__> Heh, yeah, true, but ident is the second most insecure methods. ;)
<Psi-Jack__> At work I'm in the process now of getting them to use SSL as well. Originally they'd used ident, too. ;)
<jmarsden> xenoterracide: Defence in depth is always wise.  This is the Internet, and there are bad people on the Internet :)
<xenoterracide> true
<xenoterracide> but if they have access to my user account they could just delete the whole site
<Psi-Jack__> Not necessarily always. ;)
<xenoterracide> if they can find it's directory and they know how to run rm -r
<xenoterracide> its*
<Psi-Jack__> Not if you use extra security methods to prevent it. ;)
<Psi-Jack__> One good thing about Linux is, it's a preemptive multi-tasking enviroment, so, some ways to prevent mass deletion is with kernel-level security enhancements. ;)
<xenoterracide> heh
<xenoterracide> remember never implement a security system that costs more than the value of the things it's securing
<nick125> You know...that's a good concept.
<jmarsden> chattr +i is fairly inexpensive :)
 * Psi-Jack__ nods and grins.
<xenoterracide> and it's pretty easy to revert.
<xenoterracide> I'm familliar with it
<xenoterracide> there are all sorts of things I can do
<jmarsden> Yes.  Including using passwords.
<xenoterracide> has it occured ot you on the topic of database that the php cms stores the db password in a plain txt file readable by the same user that I've given no passwd access to?
<xenoterracide> and that variables and files would also be readable by this user?
<jmarsden> It's your server.  If you like it the way it is, fine.
<xenoterracide> and that the only way to login to this db without the password is by logging in as this usr
<mushroomblue> is there any decent documentation on GnuTLS?
<mushroomblue> I'm not finding any good docs on how to set up a certificate authority.
<xenoterracide> all I'm saying is that if someone gets access to this user account, no matter what security measure I implemented they could get in. now I can spend a day or 2 making that impossible. but is it worth the time
<jmarsden> mushroomblue: The gnutls-doc package is not sufficient?
<Psi-Jack__> Heh.
<Psi-Jack__> TinyCA is a useful tool.
<nippz> anyone???
<weeb_> am trying to mirror ubuntu repo with debmirror --method=http --host=ie.archive.ubuntu.com --arch=i386 --source --dist=hardy,hardy-security,hardy-updates,hardy-backports --section=main,main/debian-installer,universe --ignore-release-gpg --root=ubuntu  --allow-dist-rename /srv/ubuntu but it dies out soon with the warning : releasing 1 pending lock.. what can be the problem?
<mushroomblue> shame TinyCA doesn't work with GnuTLS
<mushroomblue> that looks handy.
<mushroomblue> nippz: dunno. good question, tho.
<Psi-Jack__> It doesn't?
<weeb_> no it says Duplicate Codename hardy.
<weeb_> s/no/now/
<mushroomblue> Psi-Jack__: I could be wrong, but the homepage isn't mentioning it.
<jmarsden> weeb_: Did you create a dir /srv/ubuntu/ubuntu before running that command?
<weeb_> nope just that command only:)
<weeb_> s/command/directory/
<jmarsden> I'm running Ubuntu 9.04 Jaunty here and tried it but used /tmp/srv/ubuntu instead of /srv/ubuntu and it worked as long as I first did    mkdir -p /tmp/srv/ubuntu/ubuntu
<jmarsden> I also got rid of the --allow-dist-rename since my debmirror says it doesn't know about that option.
<jmarsden> It has mirrored 149MB while I have typed that :)
<weeb_> what should be the file path at the last of all the debmirror options? /srv/ubuntu/ or /srv/ubuntu/ubuntu/
<weeb_> while /srv/ubuntu/ is a symlink to my external harddisk
<jmarsden> Just /src/ubuntu.  The root=ubuntu is what is adding the second ubuntu, i think.
<weeb_> btw creating that directory doesn't sole the problem :(
<jmarsden> OK, I'll try again actually using /srv/ubuntu and recheck...
<jmarsden> Hmmm.  You are correct.  But running the command again then works fine, for me.  My command line is      sudo mkdir -p /srv/ubuntu/ubuntu ; sudo debmirror --method=http --host=ie.archive.ubuntu.com --arch=i386 --source --dist=hardy,hardy-security,hardy-updates,hardy-backports --section=main,main/debian-installer,universe --ignore-release-gpg --root=ubuntu  /srv/ubuntu
<weeb_> well well /srv/ubuntu was linking to /media/disk/mirror here.. and i just rm -rf /media/disk/mirror and rerun debmirror with target directory at /media/disk/mirror its working:)
<weeb_> that is without having the directory created..
<jmarsden> Well, as long as it works, cool :)
<weeb_> now i may go timed out.. it will pull all my bandwidth:)
<jmarsden> For quite a while... probably 30+ GB or so download there.
<weeb_> i only have a 2mbps connection it will take a month or so to complete!:)
<jmarsden> Then that's not a sane thing to do, is it?
<weeb_> no other go:)
<jmarsden> And your ISP may kick you off if you use 100% of bandwidth for that long.
<jmarsden> Get someone to make you a pile of DVS and mail them to you, or something...
<jmarsden> s/DVS/DVDs/
<weeb_> well not like that.. i have free net time for 2-8am every day and for other time i have a 2.5gb/month limit so can't run debmirror on those time
<jmarsden> Do you absolutely need a full Hardy mirror?  What will you do with it, and how many Hardy servers will use that mirror?
<weeb_> its for me to play with the repo... actually to play with the builder script for a custom distro..
<jmarsden> You don't need every package in universe for that?!!!
<weeb_> ehmm.. err..hmmm this is what i am following http://www.gnewsense.org/Builder/HowToCreateYourOwnGNULinuxDistribution ;-)
<jmarsden> And why start with Hardy rather than with, say, Karmic?
<jmarsden> Or, if this is a learning exercise, see http://www.linuxfromscratch.org/
<weeb_> hmm.. yeah they are following LTS thats why still on hardy
<weeb_> just to play with the builder scripts of gnewsense.org may be i should just read the scripts.. but thought a real run would make it easier.
 * weeb_ wish ubuntu to be fsf free
<jmarsden> Well, sure, but a 40GB download is pretty significant for most home users...
<weeb_> yeah.. i am also trying to get a shell account to some other who is having the repo
 * weeb_ may not make sense as its early morning here and he is yet to go to bed;-)
<jmarsden> :) and they know you will be compiling the entire repo and will need several tens of GB of disk space?  If you can get a shell acct like that for free, that's quite a deal :)
<jmarsden> OK, go to bed and see how much of the mirror you have collected when you wake up :)
<weeb_> compile entire repo? its just a play with binary debs:)
<weeb_> afaik
<jmarsden> Hmm, so what is --source doing in your debmirror command ?
<jmarsden> If you don't need the source packages, don't mirror them.
 * jmarsden thinks that perhaps you need to understand the commands you run a bit better, before running them?
<weeb_> yeah actually all these to understand the builder scripts.. so i thought i would just the downloading thing now so that later i can start learning on stuff..
<weeb_> currently am learning more of c.. yet to enter shell stuff;-)
<weeb_> well well what made it work is that --dist=hardy,hardy-security,hardy-updates thing.. only --dist=hardy works!
<weeb_> even --dist=hardy,hardy-security   gives me "Duplicate Codename hardy."
<jmarsden> I'd suggest you drop universe and start with just main and the debian-installer -- you'll avoid mirroring all the optional stuff you don't actually *need* to create a distro :)
<jmarsden> But even that is a large download.
<faileas> i'm trying to start a python script at startup on a headless box using crontab. Do i need to do anything special to get it to start (since it won't on adding a crontab line with the path/to/run.py ) and where do i check to see what went wrong? it dosen't seem to be in syslog
<jmarsden> faileas: Add MAILTO=you@example.com  at the top of the crontab file so it emails you any ouytput from the script.
<faileas> jmarsden: i can't mail out of that box for some reason
<faileas> (thats the next thing i need to fix ;p)
<jmarsden> Then (a) fix that! and (b) set MAILTO=yourlocaluser
<faileas> no way to get it to log to a text file?
<jmarsden> Not that I know of.  man 5 crontab for all the details of what you can do in there...
<jmarsden> of course you can wrap your python in a bash script that does  logger -p daemin.debug "it is running now..."
<jmarsden> kinds of things and then runs the pythin program, if you want to debug it that way.
<jmarsden> But I'd fix mail first, if I were you, mail is pretty vital for managing a server... logwatch will mail you  stuff to take care of, etc etc.
<faileas> *chuckles* I just want it to work ;p
<jmarsden> Then do the work to make it work :)
<faileas> well chances are since its based off a minimal install, i may not have a mail server installed...
<faileas> which would explain some other problems i had. postfix isn't it?
<jmarsden> Could be.  Postfix is a reasonable choice of MTA, yes.
<faileas> i think i worked out the original issue ;p
<faileas> it shoulda been python 'path/to/run.py
<jmarsden> Well, sure, unless your run.py has a #!/usr/bin/env python  or similar header in it so the shell knows what to do.
<faileas> hmm, that didn't seem to work either
<nippz> mushroomblue i assume you saw my long arsed question then :P
<jmarsden> faileas: Did you add MAILTO=yourlocalusername  at the top of the crontab as I suggested earlier?
<xenoterracide> anyone remember the command to reload a users group in an open shell?
<xenoterracide> without logging in and out
<jmarsden> xenoterracide: I'm not sure there is one?  You could try exec $SHELL
<xenoterracide> jmarsden: I know there is
<xenoterracide> I just can't recall the command
<xenoterracide> I've used it
<jmarsden> Other than starting a new shell (with exec $SHELL) I can't see how you would tell a running process to go re-read all its group info...
<xenoterracide> newgrp and sg do it
<jmarsden> newgrp just switches the current primary group, it won't add a newly created group to an existing process
<xenoterracide> well it's now in my list of groups for my open shell
<jmarsden> Per http://www.cyberciti.biz/faq/howto-linux-add-user-to-group/  you can try    su âpreserve-environment âcommand â$(which $SHELL) âlogin -iâ $(whoami)
<xenoterracide> and I couldn't write to this directory if I wasn't in the http group
<jmarsden> OK... something has changed from when I first learned that stuff then.
<xenoterracide> maybe
<xenoterracide> and it probably does change the active primary group
<xenoterracide> but it still works
<jmarsden> xenoterracide: Yes, sounds like it has a side effect of adding the group if it didn't already exist, or something like that.
<Psi-Jack__> !find brctl
<ubottu> File brctl found in bridge-utils, selinux-policy-dev, selinux-policy-doc, selinux-policy-ubuntu, selinux-policy-ubuntu-dev (and 3 others)
<Psi-Jack__> Interesting.
<Psi-Jack__> gadmin-openvpn-server needs bridge-utils, but doesn't depend on it.
<jmarsden> If it really *needs* it, file a packaging bug against gadmin-openvpn-server, I suppose.
<Psi-Jack__> Yeah, it doesn't even run unless it's there, so. Yeah, ;)
<Psi-Jack__> And why the heck does rsyslog-pgsql DEPEND on the server?
<maek> what is the ubuntu equivalent to redhat kickstart please?
<giovani> Psi-Jack__: huh? which server? -- I don't see any odd dependencies there
<Psi-Jack__> rsyslog-pgsql, when I try to apt-get install rsyslog-pgsql I see it including postgresql-8.3 which is the server.
<giovani> Psi-Jack__: ... how do you expect to log to a pgsql server without the server?
<jmarsden> giovani: Over the network to a database on a different physical machine?
<giovani> jmarsden: that sounds silly to separate the syslog from the database it's logging to -- a huge waste of bandwidth for no gain
<Psi-Jack__> giovani: It's called, CLIENT.
<Psi-Jack__> giovani: It doesn't need the server if you have that on a seperate machine.
<giovani> so install rsyslog on the server with the database? why generate twice the network traffic?
<giovani> anyway, it's a universe package, it's not well supported
<jmarsden> giovani: If you have set up a corporate database server and want to log to it, but are not the admon of it... I can see why it might be useful in some settings.
<Psi-Jack__> giovani: It's not. It's on a gigabit network straight to the database server.
<Psi-Jack__> jmarsden: rsyslog is becoming the new default syslog for ubuntu in karmic.
<giovani> but not rsyslog-pgsql
<jmarsden> Psi-Jack__: rsyslog, but not the pgsql part... right :)
<Psi-Jack__> Yeah.
<giovani> anyway
<Psi-Jack__> Which is natively part of rsyslog itself, just libraries.
<giovani> oh
<giovani> btw
<giovani> you're wrong
<giovani> it's not a dependency
<giovani> it's a recommend
<giovani> you didn't turn off auto-install recommends
<giovani> so there's absolutely nothing wrong with the package
<Psi-Jack__> Oh? Hmmm..
<Psi-Jack__> How do Iturn off that then?
<jmarsden> sudo apt-get install WHATEVER --no-install-recommends
<Psi-Jack__> I've seen things recommended, but never had to forcefully tell it NOT to install them.
<jmarsden> Or you can configure it somewhere under /etc/apt
<giovani> Psi-Jack__: for a number of versions of ubuntu you have
<jmarsden> Default is to install recommends now, it has been the default since... Hardy I think.
<Psi-Jack__> Hmmm
<giovani> APT::Install-Recommends "0";
<giovani> APT::Install-Suggests "0";
<giovani> in apt.conf
<Psi-Jack__> Heh, guess I gotta create that, eh?
<giovani> or conf.d
<giovani> no
<jmarsden> /etc/apt/apt.conf I think it is?  Seems to be a zero length file here, by default.
<Psi-Jack__> Mine's non-existant.
<giovani> jmarsden: or /etc/apt/apt.conf.d/
<Psi-Jack__> All I have is the apt.conf.d
<giovani> right ... use that
<giovani> same thing
<Psi-Jack__> That's better.
<Psi-Jack__> And to note, Hardy did show the list of Recommended, and didn't install them by default. At least Hardy-server
<giovani> it's existed for at least a few versions
<Psi-Jack__> Yeah... Definately not in hardy-server. I remember seeing Recommended packages almost always.
<giovani> http://www.ubuntu.com/getubuntu/releasenotes/810#Recommended%20packages%20installed%20by%20default
<jmarsden> maek: It may be out of date, but see https://help.ubuntu.com/community/KickstartCompatibility
<Psi-Jack__> Interesting though.. Why it doesn't depend on the postgresql-client-8.3, but /recommends/ postgresql, a virtual package for all of postgresql.
<giovani> Psi-Jack__: what use is recommending/depending on the pgsql client?
<jmarsden> Psi-Jack__: Because the expected common use case is not to move the syslog data over the network twice.
<maek> jmarsden: thanks. but preseed is the "ubuntu" way?
<giovani> maek: look at http://www.ubuntu.com/products/whatisubuntu/serveredition/features/autodeploy
<jmarsden> maek: Yes, I think so.  I've not used it; years ago I used Kickstart on RedHat 5.x and 6.x :)
<Psi-Jack__> Still, though, it should depend specifically on the postgresql client libraries, and not just rely only on the recommends.
<Psi-Jack__> That is a bug.
<maek> jmarsden: I use kickstart now for rhel5, but I got a new job and its a 100% ubuntu shop :)
<maek> giovani: thanks
<giovani> if you don't want to register for the pdf -- http://www.ubuntu.com/system/files/u1/AutomatedDeploymentsWP-20090126.pdf
<giovani> Psi-Jack__: I'm not sure that it is a bug ...
<giovani> there's no way to make a single depends/recommends setup work for every situation
<Psi-Jack__> How would it not be a bug? Recommends are optional recommendations, not absolutely required to run it.
<giovani> they've found a middle ground by making the server/client a recommend
<giovani> Psi-Jack__: not according to the debian manual
<giovani> which is what the recommends being automatically installed thing is all about
<Psi-Jack__> No, no, that definately sounds incorrect.
<Psi-Jack__> That's not even the meaning of recommendations.
<giovani> the english meaning of recommendation isn't relevant to what the debian manual describes them as
<giovani> it's pretty common for technical terms based on english words to deviate from the definition
<giovani> submit the bug report if you wqnt to ...
<Psi-Jack__> It is a bug, truely.
<Psi-Jack__> I wouldn't want to run postgreql on EVERY system I put rsyslog-pgsql on, thats just hideous.
<Psi-Jack__> And I'm speaking with the debian people now, about it. I am right.,
<Psi-Jack__> Recommends are /optional/ and Not even Debian installs them by default, it just offers them.
<poi77> Hi! I just set up a gui in Ubuntu server. But the /etc/X11/xorg.conf file is empty! Also, my Xorg process is taking up 100% of a cpu core. Can I resolve this?
<poi77> I have the following card:
<poi77> http://ati.amd.com/products/server/es1000/index.html
<jmarsden> If rsyslog-pgsql absolutely cannot under any circumstances run without postgresql-client, then there should be a Depends: for it.
<Psi-Jack__> Correct.
<giovani> Psi-Jack__: you should not be using multiple rsyslog-pgsql instances on different servers
<jmarsden> poi77: Ubuntu server has no GUI.  If you add one you are creating a non-standard installation.  Maybe ask in #ubuntu ?
<giovani> there should be one central syslog server responsible for writing to the db
<Psi-Jack__> postgresql-client is what it should minimally depend on, because it needs those libraries to work, period and simple, but it doesn't need the full blown server to work, as-is by itself.
<poi77> jmarsden: My distributer set it up; but got the xorg.conf wrong
<Psi-Jack__> giovani: Wow.. Oh hell no, That'd be a HELL of a SPF!
<Psi-Jack__> giovani: Single Point of Failure.
<Psi-Jack__> giovani: rsyslog keeps track of what it cannot send to the pgsql server, and will re-spool them once it can connect.
<Psi-Jack__> giovani: Where-as if you used udp or tcp methods, you could loose some messages.
<poi77> Any ideas? This is really important. If not, can I get paid support for ubuntu server
<giovani> poi77: you're welcome to contact canonical -- but they'll likely tell you to run regular ubuntu desktop
<poi77> What is canonical and I need to run server (my company specifies that)
<Psi-Jack__> Why would you run X on a server
<Psi-Jack__> That's the first question.
<jmarsden> Canonical is the commercial company that does Ubuntu support etc if you pay them for it... the big organization behind Ubuntu, if you like.  And ... the right way to run a server is to run it without a GUI.  It is more secure, and leaves more resources available for doing real work, the thing the server is for...
<Psi-Jack__> poi77: Seriously.. Answer the question. Why would you ever run X on a server?
<macrocosm> Ubuntu server is trying to remove everything... when runing any apt-get command it comes up with a shit ton of "no longer required:" programs to auto-remove .. only if I do autoremove them .. I wont have a working system. ..  WTF!  anyone else had this issue b4?
<poi77> I am just configuring a machine for a customer
<giovani> macrocosm: you probably removed the metapackage
<giovani> poi77: you need to talk to your customer about their "need" for a gui then
<Psi-Jack__> Indeed.
<macrocosm> which meta?  I dont remember removing anything recently but small apps
<poi77> Can you run ssh -X without a gui?
<Psi-Jack__> You should NEVER run X on a server.
<Psi-Jack__> poi77: Yes, you can.
<poi77> How
<Psi-Jack__> ssh -X forwards X to the origin.
<jmarsden> The GUI will be on your workstation, not on the server :)
<poi77> Oh :-) they wanted a gui
<poi77> I will tell them
<giovani> why do they want a gui? we've asked this dozens of times
<Psi-Jack__> poi77: They can get it without installing Xorg on the server. They just need an X server on their workstations.
<poi77> Sorry I don't know why
<poi77> I think they want to attach a monitor for debugging and their tech guys need it
<macrocosm> giovani: is there a way to convince ubuntu not to jump ... what should i google?
<giovani> poi77: well like I said, you need to talk to them about this -- and learn yourself, then explain to them why it's a bad idea
<giovani> poi77: plugging in a monitor is not a reason to need a gui
<poi77> Why is it a bad idea?
<poi77> If the GUI is used only intermittently
<poi77> and not running in other cases
<giovani> it's buggy, bloated code that offers no advantages whatsoever
<Psi-Jack__> poi77: Memory consumption, stability, the list is huge.
<poi77> But of course it will only be started when needed...
<giovani> so?
<Psi-Jack__> It should never be started, period.
<giovani> that doesn't make it less buggy
<giovani> there's NO reason to use it
<giovani> you haven't offered one
<giovani> you just keep saying it's needed
<macrocosm> use webmin for a gui instead
<giovani> no
<giovani> do not use webmin, it breaks the debian way of doing things
<giovani> ebox is the only supported web gui
<macrocosm> well it works
<giovani> no, it doesn't work
<giovani> it's specifically not supported
<Psi-Jack__> Eh?
<jmarsden> webmin is not a supported solution... use ebox, if you need a web UI.
<giovani> ubuntu is clear on this
<macrocosm> wtf is ebox
<giovani> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<macrocosm> ive never had a single problem with webmin
<giovani> macrocosm: you have a problem right now you're tryign to get us to help with
<macrocosm> and thats using it for years
<giovani> wonderful
<giovani> anyawy
<giovani> webmin isn't supported
<poi77> Thanks for the suggestions
<giovani> don't recommend it here
<jmarsden> macrocosm: https://help.ubuntu.com/community/WebMin
<macrocosm> on a test dev virtualized server that does not have webmin
<Psi-Jack__> Heh. ebox is nice, though.
<Psi-Jack__> I'm waiting for them to fix a few things before I truely can use it properly. ;)
<jmarsden> Psi-Jack__: Why wait... fix them yourself and submit patches :)
<macrocosm> I only use it for simple stuff .. so thats prolly why ive never had trouble with it
<macrocosm> I will check out ebox tho .. sounds cool
<Psi-Jack__> jmarsden: It's been a loooong time since I messed with perl, let alone Mason.
<giovani> macrocosm: webmin will totally ruin your clean configs
<jmarsden> https://answers.edge.launchpad.net/ubuntu/+question/2873 has more pointers to why webmin was dropped...
<SJr> My console seems to have fallen asleep
<SJr> how can I wake it up
<giovani> SJr: press some keys
<SJr> nope
<SJr> the screen isn't coming on
<jmarsden> Turn it on?
<macrocosm> hasnt yet ... check out . turnkey linux .. all their servers are ubuntu with webmin .. no issues
<giovani> then it's probably an issue with your monitor
<giovani> or your video card
<giovani> or the server is not "asleep
<giovani> "
<SJr> well no the apm kicked in would be my guess.
<giovani> uh
<giovani> that's not related to the console
<SJr> like to turn the monitor off
<giovani> that would be a hardware-level issue
<macrocosm> http://www.turnkeylinux.org/  how can they use it so successfully .. if you say its an ubuntu killer
<giovani> macrocosm: nobody said "killer"
<macrocosm> well .. an irritant .. perhaps lol
<jmarsden> macrocosm: Itr isn;t us saying it, it is the Debian and Ubuntu communities, and we have provided pointers to official docs... read them :)
<giovani> maybe they modify it
<giovani> maybe they don't use webmin -- it's not mentioned on that page
<giovani> the bottom line is
<macrocosm> they all have webmin
<giovani> it's not supported -- and hasn't been for a long time
<macrocosm> or at least the ones ive used
<giovani> if you're not willing to configure a server by hand -- you probably don't belong on linux anyhow
<macrocosm> been using it for years ... and sometimes you start from scratch .. like my production server .. and other times a virtual quickstart is handly for testing
<giovani> I couldn't agree less -- but it's a free world, and a free os
<macrocosm> certainly .. time is money
<giovani> proper, non-graphical configuration can be done 10s to 100s of times faster by someone competent
<macrocosm> absolutly
<jmarsden> macrocosm: BTW, does your server still have the ubuntu-minimal and ubuntu-standard metapackages installed?
<giovani> this is proven by looking at all major, professional linux installations and seeing how they do things
<macrocosm> I never use webmin for any of that .. but I like the file browser and the mysql admin pages
<poi77> I asked the customer; he did killall Xorg and then ran Matlab bench. Performance is terrible
<giovani> oh yes, open your files to a web interface -- that sounds safe
<poi77> From the workstation I mean
<jmarsden> poi77: So this machine is a graphical mathematics workstation?  If so, install Ubuntu desktop on it.
<poi77> Yes basically
<poi77> Why the desktop
<poi77> Does the desktop support raid
<jmarsden> Because you seem to want local graphics.  And yes.
<giovani> absolutely
<poi77> Is it configured automatically
<jmarsden> Did you really do your research before offering this client Ubuntu server as a graphical math workstation??
<Psi-Jack__> Heh
<poi77> He asked for it; he needs virtualization
<giovani> poi77: the same way it is on the server
<jmarsden> I am running about 4 VMs on a Ubuntu desktop right here... what does virtualization have to do with server vs desktop?
<poi77> Isn't server optimized for virtualization? We're talking hundreds, not 4
<jmarsden> Is it?  In what way?  How did you determine whether it it or is not optimized for your clients massively virtual workload?
<Psi-Jack__> Hundreds of virtual servers? on a single box?
<Psi-Jack__> Must be a supercomputer.
<poi77> I didn't make the decision
<poi77> But see http://www.bmighty.com/blog/main/archives/2008/10/ubuntu_server_o.html
<poi77> Yes it's pretty powerful
<Psi-Jack__> With at least 100 CPUs, and petabytes of RAM.
<jmarsden> I didn't know Ubuntu scaled to 100 cores...
<jmarsden> poi77: All the features that blog lists as new for 8.10 server were and are also in the Desktop edition.  Use more informed sources :)
<jmarsden> poi77: https://help.ubuntu.com/community/ServerFaq#What%27s%20the%20difference%20between%20desktop%20and%20server?
<Psi-Jack__> Well, currently, AFAIK, Linux supports up to 32 x86 CPUs, or 64 64-bit CPUs.
<Psi-Jack__> And only 64GB of memory on 32bit, 128GB on 64-bit
<jmarsden> Yes.  So for hundreds of VMs doing complex math calculations, life will get slow in a hurry, I suspect.
<Psi-Jack__> Ayup
<Psi-Jack__> Though.
<Psi-Jack__> Linux cluster systems can scale up to 1,024 CPUs.
<jmarsden> Unless it is one VM per end user and end users won;t all happen to do computation at once...
<jmarsden> Most clusters I know of use customized cluster-oriented distributions of Linux, though.
<poi77> The maxed specs for ubuntu are plenty for this applications. VM's will not all be doing math; in fact none will be. Same system, different users :-)
<poi77> As a result of budget cuts, I guess
<poi77> VM's each need 256 mb mem
<poi77> But I am wondering if the desktop installer will automatically set up software raid
<nick125> That's still 25-50GB of RAM
<poi77> Ubuntu supports that :-)
<jmarsden> poi77: It will do it just as automatically as the server installer will.
<poi77> jmarsden:  I did not install server; what  do you mean
<jmarsden> The automation in the one is as good as in the other.  So this has no bearing on your choice of desktop vs Server edition of Ubuntu.
<jmarsden> It doesn't decide all by itself "oh, I think I'll set up RAID for this guy, he seems to have more than one drive"... it does let you specify RAID partitions and various RAID levels etc at install time.  On either edition.
<macrocosm> thankx for the ebox heads up ... looks pretty cool in spite of its missing features ... not really comprable to webmin but still useful none the less
<Psi-Jack__> macrocosm: What kind of missing features?
<macrocosm> filebrowser ... I really like having it
<macrocosm> silly I know but I like it
<Psi-Jack__> You mean like using nautilus or dolphin directly over a secure protocol like ssh?
<macrocosm> never used those
<Psi-Jack__> Well, start.
<macrocosm> lol .. thanx .. ill deffinately check them out
<macrocosm> definitely*
<poi77> Thanks for the help
<Psi-Jack__> nautilus == gnome, dolphin == KDE
<macrocosm> will those work on vista?
<Psi-Jack__> Not really.
<jmarsden> macrocosm: Only over a Windows-based X server like Xming
<macrocosm> well .. that sux
<Psi-Jack__> macrocosm: WinSCP will though.
<macrocosm> is that similar to filezilla? or someas much
<Psi-Jack__> Heh, one of these days I gotta find me a better file manager than Finder, for OSX
<Psi-Jack__> macrocosm: FileZilla will work too.
<jmarsden> macrocosm: Yes, FileZilla and WinSCP are pretty similar.
<Psi-Jack__> Both have SFTP support
<macrocosm> yeah ... but the webmin filebrowser will decompress tars and edit files in place
<macrocosm> filezilla cant go that far
<Psi-Jack__> That's because the webmin runs ON the server, where-as sftp is a protocol from client->server.
<macrocosm> im sure there is something out there ... just need to dig .. I wasnt aware of webmin conflicts .. maybe cause ive never used it to manage system stuff
<jmarsden> Emacs does that kind of thing for you, why use a separate file browsing tool if you want an all-in-one do-everything swiss-army-knife app :)
<poi77> I am talking to client ... can you confirm there are no differences (other than lack of gui) between server and desktop
<Psi-Jack__> There's also simply just mounting sftp resources directly to your own machine as if it were local.
<jmarsden> poi77: https://help.ubuntu.com/community/ServerFaq#What%27s%20the%20difference%20between%20desktop%20and%20server?   As I already said... did you read this?
<poi77> I read that
<Psi-Jack__> Read it again.
<jmarsden> Those are the only differences.
<poi77> Okay thanks; so all the blogs are wrong?
<Psi-Jack__> blogs are blogs.
<macrocosm> emacs looks cool .. thanks for the tip
<jmarsden> If they say there are other differences and provide no evidence to support their claims, yes.
<jmarsden> macrocosm: Emacs and TRAMP mode lets you do inplace file editing over SSH (and other transports)... worth learning.
<macrocosm> yeah .. looks very cool indeed.
<poi77> What does "Ubuntu server install by default a server optimized kernel. "
<poi77> mean?
<jmarsden> poi77: Different scheduler configuration by default, and I don't remember exactly what else.  Tuned for sever workloads, basically.
<poi77> are these differences documented anywhere?
<jmarsden> Probably... :)  I'll google for you... but really, next time do your own research ahead of time!
<jmarsden> poi77: http://www.ubuntu.com/products/whatisubuntu/serveredition/features/kernel
<jmarsden> If you really need that kernel, there's nothing to stop you installing it on a desktop install, I suppose... I've not tried it but it should work fine.
<poi77> Here is what the client was referring to, from the above page "  	Virtualization is better supported in the Server Edition through the enabling of IPC namespaces. 	 "
<jmarsden> And the client really needs those IPC namespaces for what they are doing?  You know this?
<Psi-Jack__> Wait, what?Pre-emption is turned off in the Server Edition. ?
<jmarsden> Psi-Jack__: The real time stuff that helps sound and video editing go smoothly at the expense of total throughput, yes, I think so.
<jmarsden> OSes are (should be) tubed for their expected workload, if you really need every alst drop of performance out of them.
<jmarsden> s/tubed/tuned/
<poi77> I showed the client that page; he does not understand the tech details. Is there a layman's explaination
<Psi-Jack__> Okay.. That's better. You can't turn off something that's native to how the kernel runs. It's a pre-emptive multi-tasking environment totally.
<jmarsden> That *is* the laymans explanation.  The details for techies are in the source code and kernel configuration :)
<jmarsden> poi77: If you are consulting for the client, he needs to trust you to know your stuff and make a solid recommendation based on the research you did ahead of time...
<poi77> I am not in a consulting position
<poi77> I just install what he asks for
<jmarsden> Then why are you showing him web pages and why is he asking you questions about what they mean?
<Psi-Jack__> Heh
<poi77> I am trying to relate the information you are giving
<jmarsden> So now I'm doing free consulting for your client?  perhaps he can call my company on Monday and we can work something out with him? :)
 * Psi-Jack__ grins.
<Psi-Jack__> Or mine!
<poi77> He might be interested if you provide a web page
<macrocosm> jmarsden: ahh my ubuntu-standard metapackage was gone .. thanks for that tip
<Psi-Jack__> So, Ubuntu now also auto-removes stuff that's no longer "needed" anymore?
<jmarsden> Psi-Jack__: Only when you run apt-get autoremove
<Psi-Jack__> Instead of just telling you they're not needed anymore?
<Psi-Jack__> Ahh
<Psi-Jack__> Okay. That makes me feel better. ;)
<jmarsden> It just complains a lot...
<Psi-Jack__> Auto-installing recommendations was bad enough. heh
<macrocosm> lol ... was just reading that I may have removed something with a dependency and in return it chewed my system a bit
<macrocosm> well at least its just a vertual test server .. no sweat there
<jmarsden> macrocosm: Once you have ubuntu-standard back you can do apt-get -s check   to see if all is well
<jmarsden> Ah, make that apt-get check
 * jmarsden wonders what a simulated check would do? :)
<macrocosm> cool thanks man.... could always try and see
<jmarsden> Looks like it ignores the -s and does the check as usual.  Seems reasonable under the circumstances.
<macrocosm> yeppers
<macrocosm> everything checked out fine .. thanks a mill ... wasnt looking forward to reverting to an old snapshot .. thats so windows
<jmarsden> Good, you're all set.
<macrocosm> time to dive into emacs... thanks everyone!
<jmarsden> No problem, and have fun with emacs :)
<macrocosm> cheers!  I will!
<jmarsden> Psi-Jack__: Looks like the default for auto-installing recommendations changed in Intrepid, not Hardy, BTW.
<Psi-Jack__> Yes, I know. ;)
<Psi-Jack__> Noticed, anyway.
<Psi-Jack__> I've turned it off on one system so far, plan to do it on all of them.
<Psi-Jack__> Not even Debian devs recommend it.
<Psi-Jack__> Ubuntu devs must've misinterpretted something somewhere.
<jmarsden> It's more a convenience feature for desktop newcomers than something useful for server admins, I think.
<Psi-Jack__> Bleh, not.. Really.
<Psi-Jack__> I find it mostly annoying, and again, Debian doesn't even recommend it.
<jmarsden> You are not the target audience for that feature :)
<Psi-Jack__> Seeings' I use Ubuntu Server more than I do Desktop.
<jmarsden> Exactly.
<Psi-Jack__> I believe I'd constitute myself part of the audience.
<Psi-Jack__> It's Server edition that's screwing it up. ;)
<Psi-Jack__> Not making that alteration between server, and desktop for apt.
<Psi-Jack__> 1 file is all it would take to make that change. ;)
<jmarsden> well... I meant, turning that on was intended to help newcomers -- they know one package name and install it, and get everything "most" people who use that package will need.  Oh... well, I see what you mean on that, but minimizinb the differnces between the two editions is also good.
<Psi-Jack__> Or even just an altered 01ubuntu in apt.conf.d
<Psi-Jack__> 1 file.
<Psi-Jack__> Is not that big a change.
<Psi-Jack__> Since there's no GUI for server edition, apt CLI tools would be used, they would see recommendations when installing before answering do they want to continue.
<jmarsden> But different behaviour for a commonly used command (apt-get)... IRC tech support would be harder if you had to remember to say --no-install-recommends on one edition but not the other.
<Psi-Jack__> it would change nothing, except making it less a security hazard for server admins.
<Psi-Jack__> Not even OpenSUSE is that assinine to make recommendations mandatory installations.
<jmarsden> File a but report, if you can really see a clear security risk there.
<jmarsden> s/but/bug/
<Psi-Jack__> I feel it is a serious security risk, actually because it installs servers, such as postgresql, when it's not needed. ;)
<jmarsden> They still are not mandatory.  You can still remove them if you want later... they are not Depends: .
<jmarsden> Then file a bug.
<Psi-Jack__> jmarsden: Would the general audience know that though?
<Psi-Jack__> See the difference? ;)
<Psi-Jack__> At work, we have a whole shop of techs, totalling like only 6 actual techs.
<Psi-Jack__> Well, 7 including me. :)
<jmarsden> Yes, I see what you mean.  I'm not exactly the general audience... I just noticed the change somewhere during Intrepid alphas (I think it must have been) and got used to it :)
<Psi-Jack__> They're all PHP developers, some with knowledge of minimal administration skills, some with other language skills.
<Psi-Jack__> But, EVERYONE, still has to ask me, how to use the adduser command.
<jmarsden> Then why do they have root (or sudo) powers?  And if they don't, they can't run apt-get anyway :)
<Psi-Jack__> course, everytime, I answer back, it's still useradd -m usernae
<Psi-Jack__> jmarsden: Heh, We use Gentoo at work.
<Psi-Jack__> Yeah, even more a headache, because they don't know how to truely manage it.
<qman__> gentoo can be a real disaster if you don't know exactly what you're doing from the get go
<Psi-Jack__> I know, exactly.
<jmarsden> That does seem a strange choice of distribution for a work environment...
<Psi-Jack__> I had to upgrade them from a 2007.0 profile to 2008.0, the hard way, on 6 servers.
<Psi-Jack__> A friend of the department head, also his roomate, suggested Gentoo to him. And he liked it a lot over RHEL.
<Psi-Jack__> The guy is a serious OSX user, too. ;)
<qman__> I've never been a fan of redhat
<Psi-Jack__> When it comes to OSX, he knows it fairly well. But Linux.. Not so much.
<Psi-Jack__> Nor I.
<Psi-Jack__> Personally, for a server environment, I'd have recommended 1 of two options: opensuse, or ubuntu-server
<Psi-Jack__> Never gentoo.
<qman__> ubuntu makes everything so easy, there's little reason to use anything else
<qman__> some specific applications might be more difficult on ubuntu, but in general, that's my main choice
<Psi-Jack__> yeah.
<Psi-Jack__> That's why I setup my home server farm with ubuntu-server, I am trying it out, testing it, making sure it's what I want.
<Psi-Jack__> Cause opensuse, it's nice, ... VERY nice in fact, but desktop-wise, 11.1 still has some major issues.
<Psi-Jack__> KDE system tray icons, for example, they gitter, quite a lot.
<Psi-Jack__> SaX, is horrible, horrrrrrible.
<qman__> heh
<qman__> I don't have any experience with suse
<Psi-Jack__> SaX and ATI, don't mix.
<Psi-Jack__> YaST on the other hand.......
<Psi-Jack__> That's some sweet stuff there! You can setup a full-scale LDAP+KerberosV+SAMBA-LDAP server in minutes.
<qman__> nice
<qman__> that's one thing that's seriously lacking in ubuntu and pretty much all other distros
<Psi-Jack__> And manage it, in X GUI, or TUI
<Psi-Jack__> Same program.
<Psi-Jack__> yast detects wether it's running under Qt, GTK+, or console.
<Psi-Jack__> Yeah.. The only thing I'm not too fond of so far, is YaST-Firewall, which is why I'm looking at shorewall.
<Psi-Jack__> shorewall mimics a lot of ideas from Cisco, including the safe-restart method.
<Psi-Jack__> It'll restart with the new firewall rules, and wait for confirmation to keep it, if you don't respond, it'll revert it back in 60 seconds.
<Psi-Jack__> Perfect for remote management.
<qman__> nice
<macrocosm> pardon the probably dumb question ... but do I install emacs on my server and access it from my vista box . or do i install in windows?  The instructions dont really differentiate... cause its looking like the win version tis a port to work on win file sys, havnt found anything to connect to external server.
<Psi-Jack__> Even I, Linux user, Unix/Linux admin for 10+ years, have made firewall rules that blocked me out of the entire system before.
<qman__> macrocosm, you install it where you want to edit text files
<Psi-Jack__> heh
<Psi-Jack__> I cannot stand emacs. :)
<macrocosm> ahh .. lok that makes sense
<qman__> I'm a vim guy
<Psi-Jack__> Another thing I truely liked about opensuse.. :)
<macrocosm> looks a bit peckish but there seems to be a lot of features ... ugh .. I have to search for a standalone replica of the webmin file manager chingus
<Psi-Jack__> The ABILITY to lock specific packages from ever being removed, changed, or installed.
<Psi-Jack__> I don't think apt can yet still do that.
<qman__> yeah, you can hold packages but that's about it
<Psi-Jack__> If it can, I'd like to know!
<qman__> and if you do hold packages, it cmoplains endlessly
<qman__> complains*
<Psi-Jack__> I'd put postgresql-8.3 on the do-not-install list in a heartbeat, on ALL but my actual DEDICATED PostgreSQL server.
<qman__> I've had to deal with that on my laptop, thanks to networkmanager
<Psi-Jack__> Heh
<macrocosm> I like nano but sometimes a file browser/editor that feels native is nice to have.
<qman__> needed the intrepid kernel to connect to college wireless, but they removed the proper options in networkmanager 0.8
<qman__> and no other managers supported them
<Psi-Jack__> Yeah, Network Manager is still beta too, so.
<qman__> apparently it finally got fixed for karmic
<qman__> of course, ideally
<Psi-Jack__> That does remind me though, I need to find my opensuse cd, and toss it on my box I intended to use ldap for. Simplest way to make my auth box work 100%. ;)
<qman__> my college wouldn't have a retarded wireless setup
<qman__> that doesn't work on anything right
<qman__> they use PEAP-GTC + dynamic WEP, with no certificates
<qman__> it doesn't even work right on windows without installing special software
<Psi-Jack__> Heh wow.
<Psi-Jack__> OpenSUSE 11.1 actually was able to start the full GUI installer for this old Compaq P3-730 with not quite 512mb RAM.
<kappaluppa> hi... i need some help setting up a nameserver
<kappaluppa> i registered a nameserver for a domain, but its not resolving when i ping it. i need to know where on the server i need to make the change so that it recognizes ns1.domain.ws
<kblin> hi folks
<kblin> how do I turn off the mechanism that tries to make sure network devices have constant names?
<kblin> ah, right :) IRC is working again. I found it, right after asking the question, as always
<kblin> /etc/udev/rules.d/75-persistent-net-generator.rules
<uvirtbot> New bug: #417660 in samba (main) "package samba-common 2:3.3.2-1ubuntu3.1 failed to install/upgrade: defektes Tar-Dateisystem - Paketarchiv ist defekt" [Undecided,New] https://launchpad.net/bugs/417660
<leaf-sheep> Please make my day.  How can I run "Select Best Ubuntu Server" in terminal? No GUI.
<twb> leaf-sheep: I don't understand the question.
<twb> leaf-sheep: are you trying to configure a local apt mirror?
<leaf-sheep> twb: There are Ubuntu archive mirrors all over the world. Often, in Software Source / Synpathetic, there will be a setting where you can test/ping for fastest mirror closed to your area.
<twb> Usually I know in advance what mirror to use.  Then, I edit /etc/apt/sources.list or sources.list.d/
<twb> On Debian, there is apt-spy, but IIRC it's not in Ubuntu.
<leaf-sheep> twb: Something like http://linuxhelp.blogspot.com/2007/05/using-netselect-apt-tip-to-select.html but that's outdated.
<twb> Sure, netselect is like apt-spy
<kinnaz> we need something like gentoos mirror-select
<leaf-sheep> !info apt-spy jaunty
<ubottu> Package apt-spy does not exist in jaunty
<leaf-sheep> I'm surprised that there are one for GUI -- but no terminal command. Heh.
<kinnaz> thats what you get from gui orianted thing
<kinnaz> oriented
<twb> leaf-sheep: there are such tools, but they can't be trivially pinched from Debian, because Ubuntu's mirror list file (if it exists) has a different format.
<leaf-sheep> Now we know what feature Ubuntu is lacking.
<leaf-sheep> Hmm.
<leaf-sheep> Thanks. Even my Google Fu is failing me too, :<
<twb> leaf-sheep: do you want to work this out for a specific host, or do you want to automate it?
<twb> The former, we can probably hold your hand for.
<leaf-sheep> twb: Just as long as it's in my country.  But I decided to give this part up and ask the author about that.
<leaf-sheep> twb: Also, komp-something in #ubuntu extraced the code --> http://pastebin.ubuntu.com/258021/
<twb> leaf-sheep: which country are you in?
<twb> You IP is masked so I can't easily tell
<twb> Primary mirrors have the form XX.archive.ubuntu.com, where XX is a two-letter country code.
<leaf-sheep> twb: United States.  You probably should include all Ubuntu official mirrors and publish.
<twb> I don't work for Ubuntu
<twb> official = primary
<twb> But obviously secondary and tertiary mirrors (such as your ISP or university provide) are faster and cheaper
<twb> Searching for "ubuntu archive mirrors" turns up stuff like http://www.ubuntu.com/getubuntu/mirror
<leaf-sheep> And easier on loads. I believe my best mirror is the university -- but yeah, that's nice.
<twb> Also https://wiki.ubuntu.com/Mirrors
<leaf-sheep> twb: Did you made a localhost mirror for yourself?  Is it *really* fast?  I have been thinking about doing that for both benefits and experiments.
<twb> leaf-sheep: I maintain on-disk mirrors because I regularly build chroots
<twb> It is still I/O bound by the disk speed, or the speed of NFS over 100baseT.
<twb> TBH it is not noticably faster than my ISP's mirror, except for large (>50MB) runs
<leaf-sheep> I see. I don't work with servers myself but I came in to find answers.  I recently bought computer parts for XBMC.  Still waiting on the case.
<maswan> My mirror is faster than local disk, usually. ;)
<leaf-sheep> Oh I finally got my network bridge to work. It nearly killed my laptop wifi. :<
<leaf-sheep> And that was few hours ago.
<leaf-sheep> Now I'm liking it.  There are something nifty about playing Halo3 off your laptop's wifi. :)
<twb> Ubuntu servers support Halo3?
<leaf-sheep> Nay.
<leaf-sheep> Bungie may be secretly running Ubuntu servers. ;)
<uvirtbot> New bug: #417635 in nagios3 (main) "package nagios3-common 3.0.6-2ubuntu1.1 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,Invalid] https://launchpad.net/bugs/417635
<FoolsRun> hey, is there some kind of Ubuntu alternative to the host side of Remote Web Workplace? Basically something running on an Ubuntu server that I could have users log into and then RDP to their (Windows) workstations from?
<FoolsRun> I guess I could just hand-maintain a web page with rdp:// links on it and password protect the page...
<leaf-sheep> Is it possible to apt-mirror few packages (eg, ubuntu-minimal, ubuntu-desktop)?
<obst> leaf-sheep, if you want to mirror only a few packages, apt-proxy may be for you
<leaf-sheep> obst: Ahh. I'm uninstalling apt-mirror then.
<leaf-sheep> obst: I'm using Ubuntu 64bit and I'd like to create apt-proxy for Ubuntu 32bit.  Is that possible? I know this is the case for apt-mirror
<obst> Yes this is possible, you can configure to use any repo that you want or let the proxy simply learn your repos
<obst> I use this at home to make downloading the same packages on multiple machines faster.
<leaf-sheep> obst: https://help.ubuntu.com/community/AptProxy --> It does not say anything about packages for 32, 64, etc.
<obst> You want to install it on a 64 bit system and let a 32 bit system retrieve packages from it, that is possible I think
<obst> I have it installed on a 32 bit machine and my 64 bit desktop can use it
<leaf-sheep> obst: I wanted to download all 32-bit pacakges for ubuntu-minimal on my laptop then let my mini-itx machine with minimal usb installation getting all packages from my laptop (bridged).
<leaf-sheep> obst: For some reason, it's getting packages really slow... sometimes failing/frozen.
<obst> hmm, apt-proxy loads the packages when they are requested for the first time and stores them in a cache so the next request is fast
<leaf-sheep> But the binaries for amd64 and i386 is not same. I think I could do this with apt-mirror but I don't want to download entire main/restricted -- Only ubuntu-minimal and its dependencies.
<leaf-sheep> obst: Have a good day.  Thanks for helping.  I need to look more into this apt-proxy thing.
<leaf-sheep> It sounds very useful.
<obst> Okay but maybe you also lookup APTonCD
<leaf-sheep> obst: I knew about that one.  It's in M350 case -- Pretty small -- No CD/DVD reader.
<leaf-sheep> obst: I'm going to run apt-mirror for a minute and see if I can "throw"  all the needed packages in the same folder it's mirroring to.
<obst> you could also for your use-case simply download all packages of ubuntu-minimal, transfer them to the target machine and execute "sudo dpkg -i *.deb"
<metalfan_> hi
<metalfan_> im trying to rebuild a ubuntu kernel (reason: need a modified version to support the fitpc2), ive changed the default .config and copied it to linux-version/.config. after running:   fakeroot make-kpkg --append-to-version=.030320 kernel_image    the resulting .deb file did not contain the expected results, my changes were also reverted in the .config file...why?
<johe> good evening all
<shally87> hi
<shally87> I want to ask if anyone know a better interface for server other than webmin
<shally87> I have my lamp server
<Nafallo> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<Nafallo> ^-- shally87
<uvirtbot> Nafallo: Error: "--" is not a valid command.
<Nafallo> o_O
<Claw6_> can i import a phpmyadmin sqldump with mysqldump ?
<mattt> Claw6_: i would hope so!  :)
<mattt> Claw6_: well, you'd use the 'mysql' command, not mysqldump -- mysqldump is to get data OUT
<Claw6_> aaaaaaaaah
<Claw6_> lets see
<Claw6_> mattt : ERROR 1007 (HY000) at line 12: Can't create database 'db260642497'; database exists
<Claw6_> well i know that is already exists but i want to update it
<_ruben> there's an option in phpmyadmin to add "IF NOT EXISTS"
<Claw6_> im using mysqldump _ruben
<Claw6_> not phpmyadmin
<mattt> Claw6_: didn't you say you dumped w/ phpmyadmin tho?
<_ruben> oh .. and also an option similar to 'overwrite' iirc
<_ruben> huh?
<Claw6_> i just exportet the dump with myadmin
<_ruben> *confused*
<Claw6_> but want to import it with the terminal
<mattt> Claw6_: can you re-dump w/ the option ruben recommended?
<Claw6_> mh...
<Claw6_> i will try something different
<mattt> otherwise, drop the datbase :P
<mattt> (and then import)
<StrangeCharm> what's a good way of doing a connection speed test from a terminal?
<uvirtbot> New bug: #417889 in openvpn (universe) "redirect-gateway not working for openvpn 2.1_rc11" [Undecided,New] https://launchpad.net/bugs/417889
#ubuntu-server 2010-08-23
<anthony__> hey all looking for a little ubuntu installation help
<zxcvas> im trying to set up phpmyadmin on my ubuntu server that im connected to through ssh. the documentation keeps referring to my www fodler but i cant seem to find it.. should i put the phpmyadmin folder in /srv/ ? do i do the same for webpages?
<uvirtbot> New bug: #622490 in vm-builder (universe) "VMBuilder.exception.VMBuilderUserError: Must run as root" [Undecided,New] https://launchpad.net/bugs/622490
<samoangunner> Hi
<samoangunner> I was hoping someone could help me.
<samoangunner> I just installed ubuntu server and installed samba and swat
<samoangunner> how do I launch swat?
<jmarsden> samoangunner: Use a web browser to access it.  See https://help.ubuntu.com/community/Swat
<samoangunner> thanx
<samoangunner> do I run swat on the server or on a laptop
<MTecknology> How can I figure out what OS I'm on?
<samoangunner> in terminal type in uname -a
<samoangunner> it will tell what your OS is
<benedikt> would you say that it is normal for a vm guest (and host) to see relatively high load (and guest acting slow) under ~10-20 mbit datatransfer over ssh?
<benedikt> Italian_Plumber: mario?
<Italian_Plumber> speaking. :)
<benedikt> just checking.
<Italian_Plumber> actually, not-really-intending-to-login. :)
<talcite> hey guys. I have something that's preventing my server from restarting. Can someone help me pin point it?
<talcite> I issue the reboot command as root, and all the normal shutdown messages happen, but the machine itself never restarts
<benedikt> how far does it go in the reboot process?
<talcite> benedikt: sorry. multiple windows on a low res monitor. Please ping me next time. It goes as far as to say *Will now restart
<talcite> except it never does
<talcite> hmm a bit more info came to light. This problem is on all my servers that have an iscsi initiator. When I shut it down manually before issuing reboot, it can successfully reboot.
<pnunn> Hi guys, can anyone give me an idea what the deal is with uploading an 8.04 image to an uec clound?  I've downloaded th uec image from uec-images.ubuntu.com but it doesn't have a kernel or rambisk image in the package, so when I try and use uec-publish-tarball it fails.  Where should I get the ramdisk and kernel images from? Ta Peter.
<talcite> argh. I know what happened. The open-iscsi package is in rc6.d is S41, while networking is S35. What the heck guys =/
<talcite> It'll never restart, ever
<talcite> I moved networking to S50 and it works fine now
<uvirtbot> New bug: #622529 in ipsec-tools (main) "package racoon (not installed) failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/622529
<fluvvell> can anyone tell me the difference between inetd and xinetd?  And why can't I restart inetd when there is a service listed that isn't going?
<joschi> fluvvell: xinetd is an advanced alternative to the old bsd inetd. it has more features
<joschi> fluvvell: inetd and xinetd only start when the service definitions are ok
<joschi> fluvvell: they can't know if it actually starts until someone opens a connection to the respective port
<fluvvell> joschi, yeah well the ports aren't open and they're not accepting connections. The service is listed but unavailable
<joschi> fluvvell: post your inetd.conf and relevant log entries
<fluvvell> which log entries do you want ? its "        2000    stream  tcp    nowait  nobody /usr/sbin/tcpd /usr/sbin/nbdrootd /opt/ltsp/images/i386.img    " for the relevant line
<twb> Anything running on top of inetd these days is probably wrong.
<fluvvell> twb, why?
<twb> Mainly because it's historical
<joschi> fluvvell: 2000 should be a service name from /etc/services IMHO. when in doubt, add one yourself and use that name
<twb> I mean, I suppose it'll still WORK
<fluvvell> joschi, its the port I believe.
<twb> inetd lost popularity because it creates a new process on every connection -- similar to traditional CGI.
<joschi> fluvvell: yes. but inetd wants to have a textual description from /etc/services
<joschi> fluvvell: you also need to correct your command line
<joschi> fluvvell:  name-from-etc/services    stream    tcp    nowait  nobody /usr/sbin/tcpd tcpd /usr/sbin/nbdrootd /opt/ltsp/images/i386.img
<fluvvell> so after editing, how does one restart inetd ?
<joschi> twb: it's not wrong using inetd or xinetd for certain services. not every daemon needs to be high performance, connection and process pooling etc.
<joschi> fluvvell: yes
<joschi> fluvvell: argh, sorry. sudo /etc/init.d/openbsd-inetd restart
<twb> joschi: I suppose so.  It's my knee-jerk reaction, though.
<twb> I imagine it sucks when you get twenty classrooms with thirty hosts each all booting up at 9AM
<fluvvell> That would be nice if I had /etc/init.d/openbsd-inetd   - Im running ubuntu 10.04
<twb> fluvvell: it's probably /etc/init/inetd or so.
<twb> (Note: no .d)
<fluvvell> Ah, no thats exactly whats missing and why my system has stopped working!@
<incidence> Hi, can I some how move postfix smtp tmp directory?
<joschi> fluvvell: check which inetd implementation you have installed. there's more than one
<joschi> incidence: sure. see options ending with "_directory" in postconf(5) (-> http://www.postfix.org/postconf.5.html)
<fluvvell> joschi, yes I'm pretty sure its the openbsd one, I have another server online (not far) that *is* working , and that package is installed
<fluvvell> finally, the port is open!
<incidence> joschi: Thanks
<quizme_> i have access to another computer on my LAN at 192.168.0.99 via SSH.  how can i mount it as "/vol" on my local (laptop's) filesystem
<quizme_> basically i want to work on my desktop with my laptop
<fluvvell> joschi, Thanks from me also - I find that being able to discuss a problem with other people at "server - level"  highly invaluable
<joschi> quizme_: try sshfs
<fluvvell> The answer was /etc/init.d/openbsd-inetd restart
<MTecknology> Any of you happen to know how I coudl convert DATE_FORMAT(CURDATE(), '%Y%m%d070000') to pgsql?
<quizme_> joschi thanks i will
<joschi> MTecknology: `SELECT CURRENT_DATE + interval '7 hours';`
<MTecknology> joschi: THANKS!
<fross> as far as moving into the networking career field, what is the best distro to work with and get to know?
<fross> I have become decent with ubuntu, but would I be at a loss if a company put me infront of a red hat or centOS?
<joschi> fross: well, then install centOS inside a VM and play with it. but if you're into networking, you should make yourself comfortable with IOS, catalyst, JunOS and alike.
<joschi> fross: also playing around with different networking daemons like quagga should be on your list.
<glick> hey im trying to connect to a smtp server with my mail client and i get the error STARTTTLS command failed due to local problem
<glick> anyone have any idea what that means?
<glick> am i missing a program?
<thesyko> hi there guys
<twb> glick: STARTTLS is the signal to enable SSL.
<twb> Check your SSL config
<glick> twb, which ssl config?
<glick> at the server or client?
<thesyko> i would like to ask, why is example configuration file for ubuntu that is in /usr/share/doc/mysql-server-5.1/example cannot be used ?
<thesyko> i tried the configuration file my-small.cnf and it is not working
<Jeeves_> thesyko: Read the errors in /var/log/daemon.log.2.gz
<thesyko> btw, i'm using ubuntu 10.04 desktop with mysql 5.1 server
<Jeeves_> thesyko: Read the errors in /var/log/daemon.log
<thesyko> ok
<twb> I don't know.
<twb> If you were using msmtp(1) you could run it with -d to test
<twb> glick: msmtp is an smtp client
<Jeeves_> There is no client configuration for starttls, afaik
<Jeeves_> so it would be the server configuration
<thesyko> now i'm using back the default configuration file that comes with mysql 5.1
<thesyko> and it works
<twb> Jeeves_: I was thinking something along the lines of the server using a self-signed cert
<fross> joschi: Hey, thanks for the advice. Much appreciated
<glick> http://dpaste.com/232699/
<glick> thats my main.cf file
<glick> i think ssl is set up correctly
<twb> glick: you're using sendmail?
<glick> no postfix
<twb> Oops, nm
<Jeeves_> glick: /var/log/mail.err would probably be able to tell you more
<glick> Jeeves_, there are no error messages
<glick> mail.log isnt much more helpful either
<twb> Try #postfix
<glick> i followed the ubuntu server guide to installing and configuring postfix
<glick> i got certs from go daddy
<glick> yet when when i try to connect to the smtp server using ssl or tls it wont connect
<glick> yet if i connect without ssl it works
<glick> i definately need to use ssl
<joschi> glick: there definately should be some log entries about the issue. you can try to increase postfix's verbosity by adding "-v" to the processes in your master.cf (see master(5), http://www.postfix.org/master.5.html)
<joschi> glick: also make sure that postfix can read the SSL certificate and the private key files and that these files are correct (e. g. don't use the CSR...)
<glick> joschi, what do you mean dont use the csr?
<joschi> glick: you've created a certificate request and sent it to go daddy to get your certificate.
<glick> oh yeah
<joschi> glick: don't accidentally use the CSR in your postfix configuration
<glick> no im not using the csr
<glick> i musing the crt and key files
<glick> yayayyyy i finally got it working!
<glick> i am the greatest!
<xampart> how can i find out my machines power supply information?
<twb> xampart: /sys/devices/class/BAT0 or so?
<twb> xampart: or lshw
<glick> in postfix sending an email to one of my email addresses gets rejected, i dont understand why
<glick> in my main.cf i have this line which i suspect is to blame
<glick> smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/recipient_access,reject_unauth_destination
<xampart> twb: is there a way to confirm that hdd's get enough power?
<twb> I don't know
<xampart> is it usual lshw gets stuck
<uvirtbot> New bug: #622642 in mailman (main) "package mailman 1:2.1.13-1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/622642
<lili> join/ #ubuntu-server
<lili> . plz help me to config my apache2 for perl on ubuntu 10.4.!!!!!!!!!1
<lili> hi
<lili> plz help me
<yaboo> just upgraded ubuntu server to 10.4 and seems my mac cannot see any of my samba shares now
<yaboo> same for windows 7 machines also
<yaboo> has samba changed again
<lili>  plz help me to config my apache2 for perl on ubuntu 10.4.!!!!!!!!! i'm waiting for answering of frineds.
<glick> anyone know why given this config file i cant send an email to customer_support@mydomain
<glick> http://dpaste.com/232768/
<glick> it comes back as rejected
<glick> code 550
<soren> glick: Where are you sending from? Where are you sending to? What's the exact error message? Does the user exist? Does DNS work? etc. etc.
<glick> the user exists, dns works, im sending from myaddress@google.com to customer_support@mydomain.com
<soren> You're running http://www.mydomain.com, but you haven't got a working MX?
<soren> That seems hard to believe.
<soren> Somehow.
<glick> no im not running that domain
<glick> lol
<glick> that was a variable
<glick> for my actual domain
<soren> Then stop halfway anonymising your infor.
<soren> Well, so you say.
<soren> My current guess is: You're not using the right domain.
<sanderj> Anyone knows about Ubuntu elastic cloud?
<yaboo> also how do I setup ubuntu server to work with my monitor, the default does not work
<sanderj> I'm wondring how can I install it into one huge machine.. instead of two ones.
<soren> glick: It's simple, really. Your config file saysmyhostname = mail.boss.com
<soren> whoops
<soren> glick: It's simple, really. Your config file says myhostname = mail.boss.com, but you say you're sending to customer_support@mydomain.com. They don't match. You lose.
<yaboo> cannot even get console on my server via keyboard, HOW DO I CHANGE THE VIDEO DISPLAY
<zul> morning
<hggdh> morning zul
<zul> hey hggdh
<hallyn> $(*&%$&*%)$&
<hallyn> saturday i made backups to dmcrypt'ed usb disk.  sunday, repartitioned and installed maverick.  today, figured i'd recover some config files.  of COURSE, maverick wno't mount the backups.
<hallyn> just as it did when i went from karmic to lucid
<hallyn> maybe a lucid kvm partition will read them
<Daviey> ;S
<hallyn> Daviey: welcome back!
<Daviey> thanks hallyn o/
<hallyn> recon' this means i should find my mumble config info somewhere else so we can scrum in a bit :)
<Omahn> Why oh why does the landscape client take up 937 megs of virtual memory......
<Omahn> (as one example)
<hggdh> Omahn: resident memory?
<Omahn> hggdh: About 54.
<Omahn> hggdh: But it does mean the swap file is pretty much full, just with landscape.
<hggdh> Omahn: not necessarily. WHat does 'vmstat'show (this will be one single line now)?
<Daviey> smoser, Are you online yet?
<Omahn> hggdh: This is a different box, I've turned it off on the other box:
<Omahn> procs -----------memory---------- ---swap-- -----io---- -system-- ----cpu---- r  b   swpd   free   buff  cache   si   so    bi    bo   in   cs us sy id wa 2  0    104 170824  85436 357428    0    0     1     8    2    3  4  4 92  0
<smoser> Daviey, here. whats up ?
<smoser> and welcome back
<Daviey> smoser, ta.  Wanted to ctach up with you, about the kernel upgrade in euca issue?
<Omahn> hggdh: That vmstat is from a box only up for 97 days, the other was up nearly 250.
<uvirtbot> New bug: #622694 in munin (main) "PC freezes because of munin" [Low,Incomplete] https://launchpad.net/bugs/622694
<smoser> hm..i think that its fine now. you're talking about https://bugs.launchpad.net/ubuntu/+source/qemu-kvm/+bug/615529 ?
<uvirtbot> Launchpad bug 615529 in eucalyptus "eucalyptus instance reboot fails: Guest moved used index from 0 to 2639" [Medium,Fix released]
<smoser> Daviey, ^
<Daviey> smoser, Oui
<Omahn> hggdh: Fresh startup on one of my boxes consumes over 350 megs of virtual memory. Just seems a tad excessive.
<smoser> Daviey, i think that realistically, the solutoin i put in place is the right one.
<Daviey> smoser, Ok.. so you have no concerns at the moment?
<smoser> no, not really.
<Daviey> smoser, Just want to understand if i can remove it from my list of things to watch :)
<Daviey> awesome, top stuff smoser
<smoser> basically i had forgotton that 'boot=on' was important
<Daviey> ahh
<Daviey> boot=on is now added somewhere?
<Daviey> hallyn, Have you spotted bug 622588?
<uvirtbot> Launchpad bug 622588 in qemu-kvm "[kvm] pci_add_option_rom: failed to find romfile "pxe-virtio.bin"" [Undecided,New] https://launchpad.net/bugs/622588
<hggdh> Omahn: and you can tag this VM to landscape?
<Omahn> hggdh: By 'tag' do you mean register?
<zul> hallyn: ping....er...nevermind
<Omahn> hggdh: If so, yes, it's registered.
<hggdh> Omahn: I mean you are sure this VM usage is from landscape
<Omahn> hggdh: Absolutely.
<Omahn> hggdh: Top shows VIRT/SWAP usage for each of the landscape processes. It's also the same across all our servers.
<hallyn> Daviey: i hadn't yet, no
<Daviey> hallyn, That could have potential to be a humdinger.
<hallyn> Daviey: isn't that the error it has always given, as long as i've used kvm in ubuntu?
<hallyn> it proceeds to work no?
<Daviey> hallyn, agreed, i've seen that warning lots... but he bug reporter suggests total malfunction. I suspect the error he stated is a red herring.
<hggdh> Omahn: good enough for a bug, I guess. Could you open one please?
<Daviey> hallyn, apport being less than helpful :/
<hallyn> asking for clarification...
<Daviey> hallyn, It was actually zul that spotted that bug
<Omahn> hggdh: Will do.
<kim0> hey folks .. we now have a "cloud" forum, and a first question :) http://ubuntuforums.org/showthread.php?t=1558900
<Daviey> kim0, oh nioes
<kim0> :)
<kim0> Who wants the owner of answering the very first question hehe
<Omahn> hggdh: Looks like a bug already exists.
<Omahn> https://bugs.launchpad.net/landscape-client/+bug/459243
<uvirtbot> Launchpad bug 459243 in landscape-client "landscape-client consumes too much memory and CPU time" [Low,New]
<Daviey> kim0, Well volunteered :)
<kim0> Yaay
<kim0> Daviey: hey there .. shouldn't you be in #ubuntu-cloud as well :)
<Daviey> kim0, indeed
<kim0> jump in
<hggdh> Omahn: yes indeed, describes your issue. Can you please add data there?
<hggdh> Omahn: how long the client has been running, mem allocation, etc.
<Omahn> hggdh: Done.
<Omahn> hggdh: Ah, it doesn't show startup date. I'll add that.
<a_ok> I do iscsi-boot. this works fine but the system never does a clean shutdown. It stops open-iscsi to early resulting in ext4 errors (quite logically since the root parition is gone)
<a_ok> how do I fix this?
<yaboo> is there a fix for getting a blank screen during boot up of server in 10.4?
<twb> Yeah, roll back to 8.04
<a_ok> ...
<twb> If you've managed to install before that happened, you could try blacklisting the fucking KMS drivers
<sherr> No need for swearing ...
<a_ok> Is there anyone who had the same problem as I have?
<sherr> Is iscsi-boot an upstart job or traditional init?
<a_ok> upstart most likely
<a_ok> rebooting
<a_ok> eg turned power off and on as it hangs
<sherr> Just wondering whether the order or startup/teardown can be modified, so the filesystems are unmounted before iscsi is shutdown/unloaded
<a_ok> Yeah that would be helpfull
<a_ok> I don't know if it needs write access to shutdown open-iscsi by the way
<a_ok> perhaps I'm better off letting it die with the system
<a_ok> what was the offical way of adding and removing services from runlevels agian?
<sherr> update-rc.d
<a_ok> thanks
<a_ok> I always confuse it with the gentoo one. rc-update
<twb> update-rc.d doesn't apply to upstart-based jobs, though (AFAIK)
<a_ok> really I thought it used init's stucture to handle boot order etc
<a_ok> and what to boot and what not
<twb> Well, guess what, Ubuntu decided they didn't like things working
<stittel> Hi! Is there a way to check on the web which packages of 10.04 LTS are considered as "server packages" and hence receive 5 years of support? The "supported software" link on http://www.ubuntu.com/server doesn't work.
<twb> stittel: aptitude tells you nowadays
<twb> I suspect that means it's in the Packages database and you can just use grep-dctrl
<stittel> twb: I would like to check before installing Ubuntu, i.e. I am not running Ubuntu yet, so I can't check it with these command.
<twb> Hmm, that's odd, now I can't see it
<twb> stittel: there's also a Python script I was using before.
<twb> ...re grep-dctrl, I guess it's in a secondary database that's only installed on desktops by default.
<twb> stittel: bzr clone http://bazaar.launchpad.net/%7Enijaba/ubuntu-maintenance-check/trunk/
<stittel> twb: As I said, I am not running Ubuntu yet and would like a way to check the packages supported as "server packages" on the web. http://packages.ubuntu.com doesn't seem to provide that information and on http://www.ubuntu.com/server the "supported software" link is dead.
<stittel> twb: Isn't there another place to check it? Even a text file containing all "server" packages would make me happy. :)
<jpds> stittel: Any server package that's in main.
<uvirtbot> New bug: #622742 in bacula (main) "Bacula Storage-daemon dies with segfault if a File-daemon canât be contacted" [Undecided,New] https://launchpad.net/bugs/622742
<smoser> kim0, what do i win for giving the first answer on forums ?
<sherr> stittel: https://help.ubuntu.com/community/ServerFaq#What%20%28packages/repositories%29%20are%20maintained%20%28supported%29?
<kim0> smoser: Yaaaay :)
<sherr> Ugh - maybe just check here : https://help.ubuntu.com/community/ServerFaq
<zul> smoser: a hug!
<kim0> everyone .. please give smoser a hug
 * kim0 hugs smoser
<stittel> jpds: It's not always clear to me what is considered a server package or not. For instance, "SpamAssassin" can be run as a daemon or just as client as well es on a desktop for local or on a server for server-based spam filtering.
<a_ok> I have said it once and I will say it again, apt should not mess with runlevels or start/restart services on its own
<stittel> sherr: Well, OK, so it's just these packages http://people.canonical.com/~ubuntu-archive/germinate-output/ubuntu.lucid/server-ship because http://people.canonical.com/~ubuntu-archive/germinate-output/ubuntu.lucid/supported-common is empty.
<stittel> And that also would mean that exim4 is not supported for 5 years, even though it is a server package from main. :-/
<twb> stittel: yes
<twb> The "five year support" thing is a crock
<Omahn> twb: Hmm, I think our legal department would dispute that.
<smoser> what is the hug : beer conversion rate ?
<kklimonda> stittel: the list you have given looks short
<Pici> exim4's 'supported' field claims '5y'
<kklimonda> stittel: it contains less than 440 packages and dapper has support for over 780 - exim4 is one of them
<stittel> kklimonda: Then something is wrong, because https://help.ubuntu.com/community/ServerFaq#What%20%28packages/repositories%29%20are%20maintained%20%28supported%29 states "Server packages are maintained for 5 years, and defined as all packages that are part of the the seeds "server-ship" or "supported-common" are supported for five years."
<kklimonda> stittel: http://people.canonical.com/~ubuntu-security/dapper/supported.txt this list may give you an idea of sort what is supported.
<kklimonda> stittel: but I think the only good way of checking support status at this time is to install Ubuntu yourself and run ubuntu-support-status..
<kklimonda> but then I just got an exception trying to run it on my server :D
<twb> kklimonda: last time I looked that python script I linked to worked
<stittel> kklimonda: I could try it on my Ubuntu netbook if "ubuntu-support-status" works without installing the package.
<stittel> kklimonda: According to your list some stuff I run like SquirrelMail or SpamAssassin are not supported.
<stittel> Uh, actually SquirrelMail is just "universe".
<kklimonda> stittel: that's the problem with this list - it's for dapper and spamassassin was still in universe in dapper
<kklimonda> stittel: got moved to main in jaunty so it's supported for 5 years on lucid
<sherr> The "ubuntu-support-status" program just aborts on Lucid for me - "Exception: No date tag found"
<twb> Maybe that script isn't supported
<kklimonda> sherr: yeah, it's reported already
<stittel> Thank you everybody! Since a lot of packages (SquirrelMail, SpamAssassin, jabberd, openntpd) don't seem to be supported, I guess I will stick to Debian for the moment, even though I don't like their unpredictable release and support policy.
<kklimonda> stittel: spamassassin is supported (other are not though)
<hallyn> GAH!   a lucid kvm vm can mount the cryptsetup partition on external usb, the maverick host can't
<twb> stittel: you mean "release when it's ready" as opposed to "release when it's not ready" ? ;-)
 * twb glares upstart jobs for NFS
<stittel> twb: Well, to know the release date of the next Debian release some time in advance, you need a crystal ball. And security support for the old release is "release date of the new release + 1". That makes the entire thing a bit unpredictable. :)
<twb> stittel: I realize it's a problem
<stittel> twb: And if you should choose to install Debian now, you can expect less than 2 or even 1 1/2 years of security support, because the next release can be expected to come out within the next 6 to 12 months.
<twb> stittel: I just have't been particularly impressed since we switched to Ubuntu 8.04 back in late `07
<Omahn> IMHO A lot of the problems with 10.04 is down to upstart and the lack of a complete migration to upstart. The current half attempt causes us many issues.
<joschi> twb: I doubt that you switched to ubuntu 8.04 in '07 - unless you like using bleeding edge alpha/beta distributions ;)
<twb> We don't start deploying a twelve-month project on a release that's going to be twelve months old
<twb> The prisoners didn't actually get to use the system until well after April, but that doesn't mean we weren't targeting it and developing and testing on it.
<sherr> Upstart seems to be the main cause of trouble for me in 10.04 i.e. LP bug 350936
<uvirtbot> Launchpad bug 350936 in libvirt "Should shut down domains on system shutdown" [Low,Triaged] https://launchpad.net/bugs/350936
<twb> sherr: it and plymouth, perhaps
<sherr> I got round that happily now using "molly-guard"
<twb> molly-guard is a good Best Practice
<sherr> Yes. I'm sticking it on everything now.
<twb> I dunno about it fixing bugs, but I use it to avoid fat-fingering the wrong machine into oblivion
<jdstrand> sherr: that shouldn't have anything to do with upstart. I don't think libvirt ever did that on shutdown, though I could be wrong
<jdstrand> that bug is not easy to fix cause you can send an acpi shutdown event, but that doesn't mean the guest did shut down in a timely fashion, or even responds to acpi events
<jdstrand> I'm not the one looking at that bug, but afaics, it isn't particularly an upstart issue
<sherr> If you read through the bug report, it appeared very hard to use "virsh" bfore a shutdown, to even attempt a clean shutdown of guests. Stuff seems to be killed too quickly (/etc/init.d/sendsigs).
<sherr> A lot of people, including me, wasted hours trying to sort it out. Many reboots ...
<sherr> I learned quite a bit in the process though (including a bit about upstart) :-)
<jdstrand> soren: hey. so I've noticed your uml work with libvirt, which is cool. however, will openstack by using uml primarily? will it still support kvm?
<a_ok> sherr: for your information, upstart looks at the rd.* dirs to decicde what to start and probably also uses it to determen boot order. althought it might calculate it trough the dependencies (stated in the initscript)
<sherr> a_ok: thanks. It's a pain trying to get a working "virsh list" during machine reboot or shutdown though. That's without modifying both libvirt-bin.conf and sendsigs (as per comment #8 in bug).
<sherr> How do people shutdown guests on host shutdown or reboot with KVM/qemu? Is this stuff run in the "enterprise"? e.g. ubuntu-cloud? Or is the power just pulled from the guests? Seems wrong.
<SpamapS> ttx: wb btw
<ttx> SpamapS:  o/
<webpragmatist> hey guys with ufw is it possible to allow a app rule through only an interface?
<kpettit> I need to start looking at building out and managing a bunch of ubuntu servers. They will all have alot of the same code, but some different stuff as well.  Any suggestions for managing config's, deploying updates, etc?
<webpragmatist> what i am trying to do is allow OpenSSH only through eth0
<kpettit> webpragmatist: I haven't tried ufw, if it doesn't there are a ton that will.  That's a pretty common feature
<webpragmatist> kpettit: well the question is specific to ufw
<webpragmatist> ufw has profiles for apps
<the_archit3ct> webpragmatist: just don't open net port 22 :P
<webpragmatist> the_archit3ct: I understand the idea... i'm just trying to use ufw with the apps
<the_archit3ct> <webpragmatist> what i am trying to do is allow OpenSSH only through eth0
<the_archit3ct> answering that
<jdstrand> webpragmatist: yes
<ssureshot> is there a prebuilt package for 389 directory server for lucid yet?
<webpragmatist> jdstrand: can your provide the syntax for using allow on interface for app?
<MTecknology> !search maria
<ubottu> Found:
<MTecknology> !search mariadb maverick
<webpragmatist> ufw allow OpenSSH on eth0 ?
<kklimonda> ssureshot: I don't think so
<jdstrand> webpragmatist: sudo ufw allow in on eth0 to any app OpenSSH
<MTecknology> Is mariadb going to be available in Ubuntu 10.10?
<jdstrand> webpragmatist: it requires the extended syntax when specifying an interface. see man ufw for details
<ssureshot> kklimonda: bummer guess I need to downgrade my test box
<webpragmatist> jdstrand: ya i was trying to piece it together from man wasn't working thanks
<jdstrand> sure
<webpragmatist> jdstrand: i kinda think that the app rules are annoying
<webpragmatist> jdstrand: is there an extended status?
<jdstrand> webpragmatist: they are totally optional
<jdstrand> webpragmatist: yes. ufw status verbose
<jdstrand> webpragmatist: also ufw status numbered
<kpettit> is svn or similar good at keep config file histories?  Was thinking of using some sort of source code repository to manage config files on multiple linux machines.  Mainly for backup, cloning, testing, etc
<webpragmatist> ah okay now it's no longer annoyying :)
<jdstrand> kpettit: take a look at etckeeper
<webpragmatist> jdstrand: I assume a limit is the same as an allow... so you wouldn't need both
<kpettit> jdstrand: checking...
<jdstrand> kpettit: oh, actually, that is for the local machine. scratch that
<jdstrand> webpragmatist: you can't have both. you choose one of allow, deny, reject or limit
<kpettit> yeah I have 6 or so servers now.  ANd could possible scale up to a hundred or so.  SO I need to setup a system to help me put out default configs and keep history or changes and such.
<sherr> kpettit: does something like cfengine or puppet support that?
<sherr> I'm thinking about that as well.
<kpettit> cfengine scares me.  I haven't tried puppet
<kpettit> Last place I worked at did cfengine and they all hated it with a passion.  I'll check on puppet
<webpragmatist> kpettit: i use csync2
<webpragmatist> but i only run two servers
<webpragmatist> and it's hardly as powerful as puppet afaik
<kpettit> All of my servers are on cloud.  Rackspace and GoGrid.  So I'll probally use there api's to manage cloning and backup's.  But I wanted to have something seperate to do config stuff
<kpettit> webpragmatist: I'll check it out, thanks
<kpettit> ah, puppet won't do the trick.  IT keeps things in sync and I need the ability to have things different.
<sherr> http://www.google.com/url?sa=t&source=web&cd=13&ved=0CCEQFjACOAo&url=http%3A%2F%2Fen.wikipedia.org%2Fwiki%2FComparison_of_open_source_configuration_management_software&ei=0ZRyTMbWHNGk4QaviZTeCA&usg=AFQjCNFfJc8CNQCE8Io_6JPzvpf9pUtSfA
<kpettit> sherr: Sweet, thanks
<uvirtbot> New bug: #622810 in vsftpd (main) "after logging into ftp (vsftpd) ubuntu crashes" [Undecided,New] https://launchpad.net/bugs/622810
<hggdh> Daviey: welcome back, and please have a look at bug 622818 ;-)
<uvirtbot> Launchpad bug 622818 in eucalyptus "unexpected errors after a sequence of tests" [Undecided,New] https://launchpad.net/bugs/622818
<Daviey> hey hggdh !  Top work last week :)
<Daviey> hggdh, Interesting!
<mathiaz> Daviey: heya! welcome back!
<Daviey> yo mathiaz o/
<mathiaz> ttx: back welcome well as! heya!
<hggdh> Daviey: I thought that you might need some incentive after a rather good time last week :-)
<hggdh> Daviey: any news from your RT request for euca access?
<Daviey> hggdh, no - none.. i think they are probably ignoring my RT tickets now :)
<hggdh> heh
<kpettit> have any of you guys tried amqp?  Was thinking of using that for admin type tasks to get tasks out to multiple servers
<RoAkSoAx> smoser: ping?
<smoser> RoAkSoAx, here
<RoAkSoAx> smoser: are desktop images also to be testdrived?
<smoser> they can be
<smoser> i care less about that
<smoser> and, they're not official releases (we only do dailies of them)
<RoAkSoAx> smoser: ok then. I won't put them for now then. Now, I saw your comment on the bug report. So the only thing we need is the .img and nothing else from the tarball right?
<smoser> -floppy
<smoser> RoAkSoAx, you need the -floppy also: kvm -boot a -fda ${name}-floppy -drive file=disk.img,if=virtio
<soren> jdstrand: oh, the uml stuff is just so that I can test stuff in the cloud, not for production use.
<RoAkSoAx> smoser: ok so image and floppy. So, would it be possible to use http://uec-images.ubuntu.com/maverick/current/unpacked/ to download only the image and -floppy instead of the whole tarball or is that just a temporary folder?
<smoser> the tarball that you want is as reported by http://uec-images.ubuntu.com/.manifest-daily
<jdstrand> soren: cool. I was kinda concerned since you don't get MAC protections (ie, apparmor and selinux) when not using qemu
<RoAkSoAx> smoser: yeah but wanted to save steps but only downloading the neccesary files. Anyways, I'm waiting for the tarballs to sync to work on the preparing process. SO should be matter of hours till I have it working
<smoser> RoAkSoAx, well, that actually wouldn't save you a step
<smoser> you still have to extract a tar file
<smoser> i'd suggest using the .tar.gz . the unpacked will be there (ie, its not temporary).
<smoser> but your saving of a step is at expense of a second download.
<smoser> i dont have any strong feelings, but the .tar.gz is generally a more useful thing to download
<RoAkSoAx> smoser: yeah well I guess I'd end up untarring .img and -floppy only instead of the whole tarball
<c0dem4gnetic> how do i set up wireless networking during the install of ubuntu server? can i?
<RoAkSoAx> smoser: btw, http://uec-images.ubuntu.com/.manifest-daily is not showing maverick tarballs anymore
<smoser> hmm..
<smoser> interesting
<jono> hey all, just an FYI, UDS is now announced: http://uds.ubuntu.com/ - do go and apply for sponsorship
<bogey> I have 1.8tb raid volume mounted at /var/iscsi and I want to make an iscsi target. What command could I use for this?
<bogey> 600gb iscsi target with a u/p
<sherr> bogey: probably similar to the way Falko describes on howtoforge
<bogey> sherr, they are suggesting to use img files
<sherr> similar convept though I would have thought?
<bogey> well i dont know how to use /dev/sda but restrict it to 600gb
<soren> jdstrand: Yet. :)
<slug> hi guys, i'm looking for a tutorial to setup ldap on ubuntu 10.04 that actually works, any idea?
<slug> ldap server i mean.
<sherr> slug: there's an Ubuntu server guide - did you check that?
<slug> sherr: yes, it doesn't work. if i follow it
<slug> sherr: get strange invalid credentials issues
<slug> my problem is that ubuntu puts the default configuration into a very strange point. i managed to configure for other distributions
<sherr> slug: Ubuntu will follow Debian. Have a look on howtoforge (search) because there's often decent LDAP tutorials there.
<slug> sherr: ok, i started there, but then i decided to take a look at what the server docs had to say and ran into problems. i'm trying that again, let's see how it goes. thanks :)
<sherr> Good luck.
<wastl> hi
<slug> sherr: unfortunately ubuntu ldap/ldapd is fairly different from debian :(
<wastl> indeed
<wastl> ldap is a pain in the ass to setup anyways *g*
<slug> wastl: did you manage to make it work with 10.04 ?
<bogey> I have 1.8tb raid volume mounted at /var/iscsi and I want to make an iscsi target but only use 600gb. What command could I use for this?
<wastl> slug,: no but i managed to make it work with debian lenny :)
<wastl> slug: gave up on ubuntu
<slug> wastl: great ;)
<RoAkSoAx> smoser: it's almost ready, I just need the maverick images available in .manifest-daily to be able to test
<wastl> slug: as far as ldap is concerned
<smoser> yeah, i'll fix that really quick her.e
<slug> wastl: i had debian before on that machine, but moved to ubuntu since i needed more recent software
<raubvogel>  slug: ldap server or client?
<slug> raubvogel: server
<slug> raubvogel: client doesn't need much more than setting up ldap.conf and other basic stuff
<smoser> RoAkSoAx, it shoudl bie fixed now.
<smoser> unfortunately, i really dont know why it had gotten borked
<RoAkSoAx> smoser: thank you :)
<raubvogel> slug: I setup a ldap replication server (master is a gentoo box which will be replaced with an ubuntu one as soon as I have time to)
<slug> raubvogel: hehe, that's funny. i have a gentoo server running ldap just fine. but we got a new machine and I installed ubuntu instead. but having trouble with ldap
<raubvogel> Only thing *special* I did was to use the old style (slapd.conf) instead of ldif
<slug> funny=coincidence
<raubvogel> I thought so ;)
<raubvogel> So, are you replacing the gentoo box compeltely or using the ubuntu one as slave server?
<wastl> I thought that the latest versions of ldapd don't use slapd.conf the way it was used in earlier ones anymore
<wastl> so due to this you _must_ use ldif instead
<raubvogel> If you read the /etc/default/slapd file it says you can still specify the slapd.conf. They frown upon it but it can get you going :)
<raubvogel> I need to do some errands and will be back. Need also to get my laptop charger and it is pouring rain
<slug> raubvogel: replacing, hopefully
<slug> raubvogel: if i can make it work
<JamesHarrison> If I've got an ubuntu server that just kernel panic'd (Remote, so no idea what the panic was or what caused it), are core dumps written anywhere?
<webpragmatist> if i am syncing two servers... with ufw can i just copy /etc/ufw between the two and restart ufw?
<webpragmatist> i'm using csync2 to do this
<jdstrand> webpragmatist: almost. you also need /lib/ufw/*rules
<webpragmatist> those are the current enabled rules?
<jdstrand> webpragmatist: oh, and /etc/default/ufw
<jdstrand> webpragmatist: (the one in /etc/default/ufw only if you manually updated it)
<jdstrand> webpragmatist: the ones in /lib/ufw/ are the ones you added with the cli command. eg 'sudo ufw allow OpenSSH' <-- that rule goes in /lib/ufw
<webpragmatist> okay and the ones in /etc are?
<jdstrand> webpragmatist: but you can also fine-tune things in /etc/ufw/*rules that aren't supported by the ufw cli command. see 'man ufw-framework' for details
<webpragmatist> oh i see
<webpragmatist> jdstrand: ufw status is not necessarily the inacted firewall? guess the only way is to sift through iptables -L?
<webpragmatist> meaning if it hasn't been reloaded it wouldn't show you
<Wintemute_> Hi all :)
<Wintemute_> Any one knows where I can set the mount opitions of the system mounts?
<Wintemute_> Options*
<Wintemute_> Or I should write a script to change they?
<uvirtbot> New bug: #622938 in postfix (main) "package postfix (not installed) failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/622938
<jdstrand> webpragmatist: it should show you the running firewall, but it only shows you the rules you added via the cli command. you can use 'ufw show raw' for a complete iptables dump of all tables
<guntbert> Wintemute_: /etc/fstab
<Wintemute_> Not this
<Wintemute_> none on /lib/init/rw type tmpfs (rw,nosuid,mode=0755)
<Wintemute_> ;)
<lamont> sigh... I hate that check almost as much as I hate that I didn't put it in in the first place.
<smoser> SpamapS, just an fyi, http://www.mail-archive.com/grub-devel@gnu.org/msg16187.html was what i'm trying to mimick
<Wintemute_> nor that proc on /proc type proc (rw,noexec,nosuid,nodev)
<guntbert> Wintemute_: I have no idea about what you are talking :-(
<Wintemute_> <guntbert> Are you on a ubuntu?
<guntbert> Wintemute_: yes
<Wintemute_> type mount on the term
<Wintemute_> you will see your mountpoints
<Wintemute_> plus the system ones
<Wintemute_> (Like /dev)
<Wintemute_> I want to change the mount options of the system ones
<Wintemute_> mainly to ro or noexec
<glen1> hey
<guntbert> Wintemute_: I never heard of  "system" mount points, and no I don't know how to change them. Why do you want to do that?
<Wintemute_> Security
<glen1> if I have a webserver, how do I stop users from putting up a website on through their ftp accounts
<Wintemute_> avoid file injection and execution
<Wintemute_> <glen1> disable ftp
<Wintemute_> or remove the apache module
<guntbert> Wintemute_: you don't change the options for the mount points but for the filesystems
<smoser> Wintemute_, well, /etc/fstab or for mount points that don't appear there, /lib/init/fstab is where they come from (on recent ubuntu)
<glen1> I have a server and serveral ftp accounts on it, im not sure how to stop them from creating a website on it
<glen1> currently only used for css maps
<Wintemute_> <smoser> Thanks!!! :)
<smoser> but guntbert is probably more being your friend, telling you the right way to do things.
<webpragmatist> jdstrand: that's interesting because i never did ufw reload and a simple sync of thes conf files it showed the correct firewall
<smoser> you probably dont' want to mess with /lib/init/fstab
<webpragmatist> jdstrand: is it not necesssary to ufw reload ?
<kim0> hi folks .. when /sys/kernel/mm/ksm/run == 1 .. that means ksm is active ?
<Wintemute_> I want to see if is possible actually
<jdstrand> webpragmatist: check with 'ufw show raw'. I did say 'should show' cause if you change stuff outside of the cli command out from under it, 'status' won't be accurate
<Wintemute_> put a ro/noexec server to run
<guntbert> Wintemute_: in /dev there are the devices, you mount them somewhere else, I don't know of any way to change options for the devices themselves
<webpragmatist> jdstrand: i see okay... thanks
<Wintemute_> they are not too much problem...
<Wintemute_> owner root perms 755
<smoser> kim0, it would appear that it means the kernel should be running ksm. not that it is being run "RIGHT NOW"
<Wintemute_> But I don't like this: /lib/init/rw
<nuno_> glen1: you can disable public_html
<glen1> ahh, ill have a go :D
<kim0> smoser: the thing is .. I have it "1" for a day now .. and pages_shared = 0
<Wintemute_> or /var ones...
<kim0> smoser: I'm not running VMs .. rather running 2 JVMs on a low ram instance
<Wintemute_> no sense to have exec on then (in a hardened server)
<smoser> kim0, hm..
<kim0> smoser: I was kinda hoping to get some memory savings .. shared pages = 0 looks suspicious
<smoser> yeah
<smoser> and /sys/kernel/mm/ksm/sleep_millisecs has non-zero ?
<kim0> smoser: 20
<nuno_> glen1: /etc/apache2/mods-available/userdir.conf
<smoser> kim0, sorry... i'd be stumped as you are.
<kim0> smoser: ok no problem .. at least that doesn't make me feel too stupid :)
<smoser> kim0, wait. what data did you think would be shared for your jvms ?
<kim0> smoser: I kinda have no idea .. but I expected some core libs maybe to be shared .. just anything .. not zero
<glen1> slug, cool
<glen1> so they can only access the files, but not host a website?
<kim0> smoser: the JVM executable itself maybe at least ?
<kim0> smoser: I just echo 1 > run on my laptop .. and it's zero as well
<smoser> yeah. i'd have thought something.  i dont know that the jvm executable itself would show up there.
<smoser> it seems like i need to readm more about that
<slug> glen1: i don't know, it depends what setup you have. you can disable directories to be served by apache
<RoAkSoAx> smoser: http://imgur.com/st1Br.png
<RoAkSoAx> smoser: is that expected?
<smoser> eys
<smoser> yes
<glen1> thanks
<smoser> RoAkSoAx, you should get a login prompt though
<smoser> hit enter
<RoAkSoAx> smoser: doing that but nothing
<ideaman> i have a bug i cant't figure out. would appreciate anyone's help. After a flawless install of 10.04 or even trying 9, about 5/6 times on boot, it hangs at this message
<ideaman> init: ureadahead-other main process(721) terminated with status 4
<smoser> RoAkSoAx, how about in serial console (click i the window, then ctrl-alt-3)
<smoser> RoAkSoAx, if youw ant to share a branch i'll take a quick look
<RoAkSoAx> smoser: i get login prompt in serial console
<RoAkSoAx> smoser: I'll share it in a bti
<ideaman> i dont see you saying anything
<ideaman>  i have a bug i cant't figure out. would appreciate anyone's help. After a flawless install of 10.04 or even trying 9, about 5/6 times on boot, it hangs at this message
<sherr> ideaman: I see that occasionally/regularly but don't think it causes hangs/problems. Something else maybe? Last time someone asked about this "error" was because a network mount point (samba in /etcfstab) timed-out on boot. Causing a long wait.
<ideaman> the only app i installed with the original install was ssh
<hallyn> ideaman: googling, i see several bugs about it.  Most of the people who say they've fixed it for themselves seem to have cleared out extraneous entries from /etc/fstab
<hallyn> ideaman: are you using lvm?
<ideaman> yes
<ideaman> been doing the same install on the last 10 boxes cookie cutter to this one
<ideaman> this box is just a slightly new server
<ideaman> same exact motherboard as the last servers though
<ideaman> ill check fstab on it though
<ideaman> perhaps a dban and try a clean install??
<webpragmatist> jdstrand: this is weird.... the files are always dirty
<webpragmatist> for /lib/ufw/*.rules and ufw.conf
<RoAkSoAx> smoser: btw.. everytime you wan't to TestDrive that image, do you need it to untar every time so that it is a clean image, or would you like to run the image directly?
<webpragmatist> anyone have any ideas?
<RoAkSoAx> (which will already contain the assigned keys)
<smoser> well, if you modify, you modify the file.
<smoser> but i think testdrive's view of the world is throw away
<jdstrand> webpragmatist: if you add rules or enable/disable the firewall, the files will change
<smoser> but, as i suggested in the bug, you should create the backing store qcow file
<smoser> then, you dont ever modify the original
<webpragmatist> jdstrand: or reload?
<webpragmatist> maybe that is it hrm
<jdstrand> webpragmatist: I just tried with reload, it it does update the timestamp
<webpragmatist> jdstrand: ya
<webpragmatist> that was it thanks
<webpragmatist> i have csync2 do-local which is not really necessary
<RoAkSoAx> smoser: yes that's what I'm gonna do next. Right now I just wanted to have this working first, since creating a qcow2 is not a big deal to add
<smoser> RoAkSoAx, what is the behavior of testdrive in other circumstances ?
<smoser> if i run a live cd image, and then run it again, have my changes stuck ?
<smoser> i'd just stay consistent with that behvior
<RoAkSoAx> smoser: nop, changes won't stuck. But this case is different given that we using a disk image instead of an ISO. But, yes, I'll make it that way
<smoser> oh, yeah.
<smoser> that was a dumb question
<smoser> i have not used a CD in so long
<smoser> i was thinking of usb-creator-gtk made USB keys, which store data
<RoAkSoAx> smoser: TestDrive creates a temporary disk image to run the ISO, if users installs, the image is kept, if no installation is being done, the images gets deleted
<smoser> right. and how do you know if user installed ?
<smoser> just curious
<RoAkSoAx> smoser: well the image is kept because is not empty, so if users wants to run that image, he would just do "tesdrive -u file://name.img". However, everytime you run an ISO a disk image is create regardless there might have been a previous installation using the same ISO
<smoser> how do you know if its empty ?
<RoAkSoAx> smoser: http://pastebin.ubuntu.com/482583/
<webpragmatist> any lsyncd users/
<raubvogel> Back
<smoser> fair enough
<webpragmatist> I'm just wondering if on connection fail if it keeps the inotify actions on delay
<raubvogel> smoser:  did you get your ldap thingie working?
<webpragmatist> its hard to tell with the logs
<smoser> raubvogel, i dont recal an ldap thingy
<smoser> that doesn't mean i didn't ask about something like that.
<raubvogel> smoser: sorry, it was slug
<raubvogel> My cut-n-paste skills are weak this rainy day
<slug> raubvogel: getting there :)
<raubvogel> We should not start talking about my typing skills though...
<slug> raubvogel: now i have phpldapadmin talking to it and able to create/edit accounts/groups. trying to setup dns now
<slug> raubvogel: followed this: http://tuxnetworks.blogspot.com/2010/06/howto-ldap-server-on-1004-lucid-lynx.html
<slug> raubvogel: created a small .sh to do it for me
<slug> i'll put it online or as a comment on that page.
<raubvogel> I will do it ldif style maybe by the end of the week
<raubvogel> slug: so you used ldif?
<slug> raubvogel: yeah
<raubvogel> It does not seem to be bad but, as you said, it makes much more sense doing all that mucking around through a .sh script
<slug> raubvogel: yeah, i just didn't want to type everything again if something didn't work
<kim0> smoser: The KSM doesn't really work, because it's not magical. The user space app needs to register a memory range with the kernel using the madvise syscall to hint the region being "mergeable" .. qemu-kvm probably does this, but without it nothing is gonna happen
<smoser> kim0, that makes sense.
<kim0> I wonder if one can write a c-app to mark all private pages of a process as mergeable
<kim0> memmerge -p 1234 -p 2345
<kim0> something to think about :)
<RoAkSoAx> smoser: I'll finish this later since I gotta run. It will be ready by tomorrow
<RoAkSoAx> for testdrive-cli only. Next week I'll work on the -gtk
<smoser> k
<uvirtbot> New bug: #623007 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/623007
<slug> raubvogel: any luck setting up dns+ldap?
<Poizon> hey everyone, im having problems winth euc
<Poizon> someone could give me a hand ?
<Poizon> with'
<nealmcb> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<binBASH> uec you mean
<binBASH> not euc
<Poizon> yes binBASH, sorry
<Poizon> i've been trying to put a ubuntu image for lucid, but it fails with "socket.error: [Errno 113] No route to host
<nealmcb> Poizon: what command did you run to get that error?
<Poizon> nealmcb: uec-publish-tarball ubuntu-10.04-server-uec-i386.tar.gz lucid-$(date +%Y%m%d%H%M%S)
<Poizon> oh i got what i was...
<Poizon> zomg
<Poizon> the dns configuration on uec
<nealmcb> Poizon: Good job!  Isn't it cool how formulating a good question often leads to the answer without outside help?
<Poizon> yeah well, i thought i had named running
<Poizon> so i didnt expect it to dns problems
<Poizon> thanks anyway =)
<nealmcb> :)
<hallyn> all right - does anyone here have experience with multipath?  I'm seeing what *appears* to be a race condition between the initrd's attempt to mount root, and udev having updated the /dev/disk/by-uuid/ links to point to /dev/mapper/*
<hallyn> Just wondering whether I'm on crack before I start trying to "fix" it
<Poizon> the new udev is a headache
<hallyn> how has it changed?
<hallyn> (this is in lucid server 10.04.1)
<hallyn> (so maverick-only changes would not be my problem, at least not yet :)
<Poizon> i got problems in a gentoo server, i had to just dont upgrade udev
<hallyn> hm, i'll go look at the package source then, thanksf or the tip
<Poizon> look at udev "rules", udev does recoignize your disks but it makes different path
<Poizon> in a ubuntu server i just had to boot it under a live cd, look the udev rules, and change the fstab
<hallyn> Poizon: problem here is that multipath locks /dev/sda1 and offers it as /dev/mapper/something, then udev updates /dev/disk/by-uuid/ to point into /dev/mapper (iiuc), but init is trying to mount /dev/disk/by-uuid before udev updates the links
<hallyn> (on some systems, not all)
<Takyoji> So I have an old desktop motherboard that's certainly functional; and has a "network boot" option (not sure which type of network boot however. Is it possible to have an installation on a desktop stored on another system (a system that would act like a PXE server)?
<Poizon> yah thats what i tell you, when udev makes the recoignition it writes udev rules somewhere in /etc/
<Poizon> you can look there, read them and update your fstab in order to get your system ounted
<hallyn> Poizon: but i'm sayin gthe rules are right, they are just being acted on a split-second too late
<Poizon> mounted'
<Poizon> oh
<Poizon> i see
<hggdh> hallyn: you do virt, do you not?
<hallyn> Takyoji: not sure where the simplest howto is (and i don't do it), but it certainly is possible
<hallyn> hggdh: what do you mean?
<hggdh> hallyn: I got bug 619843 where we found a problem on Maverick
<uvirtbot> Launchpad bug 619843 in eucalyptus "euca-get-console-output returns one single line" [High,Confirmed] https://launchpad.net/bugs/619843
<hggdh> hallyn: it deals with console.log being owned by root:, 660
<hallyn> hggdh: i'll go look at that if you promise to read up and tellme if you have any hints on udev.vs.initrd.vs.multipath races  :)
 * hallyn goes to look
<hggdh> hallyn: heh. I am trying to find one myself... on mounted-tmp
<hggdh> hallyn: and it *is* a race, since rbooting with init=/sbin/init --debug causes the bug to vanish
<hallyn> hggdh: and, since the link which it is trying to mount is correct by the time you get the busybox shell
<hallyn> hggdh: well i don't think bug 619843 would be apparmor, as that is concerned with MAC...
<uvirtbot> Launchpad bug 619843 in eucalyptus "euca-get-console-output returns one single line" [High,Confirmed] https://launchpad.net/bugs/619843
<hallyn> hggdh: libvirt update maybe...
<hggdh> hallyn: I am suspecting so also... I will try to hunt it down, thanks
<hggdh> hallyn: BTW -- IS told me the CanonicalCloud is closed to the external world
<hallyn> hggdh: very inconvenient :(
<hallyn> hggdh: where is that console located by default?
<hallyn> oh, it's just the logfile at least?
<Takyoji> So is PXE de facto as of network boot and pretty much supported by systems made at least after 1998 or so?
<hallyn> Takyoji: that's my understanding
<hallyn> hggdh: standard virt-viewer+libvirt+kvm on my brand-spanking-new maverick laptop makes it:
<hallyn> '-rw------- 1 root root 9733 2010-08-23 17:26 lucid1.log
<Takyoji> I suppose this is the suitable wiki page I'm looking for: https://help.ubuntu.com/community/DisklessUbuntuHowto
<hallyn> Takyoji: looks nice
<SpamapS> smoser: you could totally use a regex for that btw
#ubuntu-server 2010-08-24
<bit-flipper> running ubuntu server 10.04 on a couple of web production machines and decided to build a home media server
<bit-flipper> Having trouble seeting up a sound driver is there an easy way?
<bit-flipper> or should I simply install the ubuntu base distribution?
<bit-flipper> which I think will set up the sound correctly to start with
<gcleric> bit-flipper, have you found - https://wiki.ubuntu.com/PulseAudio
<ryan_> Hello all. Is there any way to check that I actually installed 'minimal' like intended? I have a sneaky suspicion I didn't.
<bit-flipper> ryan: df will show you waht sapce you've used
<ryan_> Thanks bit-flipper! does this look like a minimal? Used: 1984812
<CppIsWeird> is there a quick way to install php for apache2?
<ryan_> lampp?
<CppIsWeird> no packages come up with that
<jpds> CppIsWeird: Install the php5 package?
<SpamapS> CppIsWeird: apt-get install libapache2-mod-php5
<SpamapS> CppIsWeird: or run 'tasksel' and choose LAMP, but that will also give you MySQL.
<SpamapS> CppIsWeird: note that you will need to stop/start apache after that package installs.
 * SpamapS realizes he is late, and disappears
<CppIsWeird> lol, that would have been useful. but i've already got apache2 and php installed, so im gonna continue. :P
<CppIsWeird> but thanks for trying! :-)
<hggdh> jdstrand: there?
<bit-flipper> Ryan: that seems smaller than a standard ubuntu dist...
<hggdh> hallyn: it is actually under /var/lib/eucalyptus/instances/<user>
<batok> has anybody used esxi to virtualize an ubuntu server?
<ryan_> bit-flipper: thanks again :)
<the_archit3ct> encore besoin d'aide avec apache2
<the_archit3ct> j'ai installÃ© les paquets php5, et maintenant apache2 ne veut plus se lancer
<the_archit3ct> j'arrive pas Ã  comprendre ...
<the_archit3ct> sudo service apache2 start
<the_archit3ct>  * Starting web server apache2                                                                                                            [ OK ]
<the_archit3ct> sudo service apache2 status
<the_archit3ct> Apache is NOT running.
<the_archit3ct> so ... wtf ?
<thesheff17> has anyone used a EMC AX150 SAN with Ubuntu server?
<thesheff17> Has anyone tried this? http://www.howtoforge.com/using-iscsi-on-ubuntu-9.04-initiator-and-target
<hallyn> hggdh: right, my point was that libvirt seems to be doin the right thing and i think eucalyptus is mucking with it
<ball> I'm tinkering with software RAID on Ubuntu Server.  I made a raid partition on each disk and the installer let me make a RAID 1 array from them, but only seems to want a single ext4 partition (I was thinking of putting swap on there too)
<ball> Should I keep swap outside the raid partitions?
<amstan> ball: having swap inside the raid will actually make your system not crash if a harddrive crashes
<ball> amstan: That was what I was hoping for.
<amstan> well.. that's the theory anyway..
<amstan> i can think of other reasons too though, it will make reads faster for the swap, if you need that sort of thing
<amstan> and it'll keep the drivers more symmetric looking
<amstan> i have my swap the same as my other partitions on raid 1
<ball> For some reason I can't seem to find the option that will let me partition the array.
<ball> Do I need to configure two separate arrays, one for the ext4 and one for the swap?
<ball> That seems a bit odd.
<wippler> how to configure software on ubuntu
<wippler> software raid on ubuntu
<ball> wippler didn't stick around long enough for anyone to answer.
 * ball gives up and makes a separate array for swap
<chrislabeard> Is there no way to turn off journaling in ubuntu ?
<chrislabeard> I see the only way I think its to boot off os x install disk and turn off journaling
<smw> chrislabeard, don't use ext3
<smw> chrislabeard, use ext2 for the root partition
<chrislabeard> This is my secondary HDD that I used when I had os x running on this machine
<smw> chrislabeard, of course, I would probably like to know WHY you want to do that
<ball> I would think the way to turn off journalling would be to use a non-journalling filesystem
<ball> (for that part of your data)
<ball> (the part that you want to break ;-)
<smw> ball, I always answer questions, then I look back and say "why would anyone do that"
<chrislabeard> I told you dood
<ball> chrislabeard: I must have missed that.
<smw> ball, so did I
<chrislabeard> Secondary HDD for my mac I have recently installed ubuntu on the primary drive.
<chrislabeard> Aka it is still MAC OS Extended
<ball> MacOS doesn't use Linux filesystems afaik, so I'm not sure how that helps.
<chrislabeard> what ?
<ball> I wasn't even aware the Mac could run Ubuntu.
<chrislabeard> yes it can
 * ball shudders at the thought of Apple firmware.
<chrislabeard> it runs great btw
<chrislabeard> thanks for asking
<ball> chrislabeard: xServe?
<chrislabeard> its powermac G5
<chrislabeard> a(
<chrislabeard> Still a great machine
<ball> I've thought in the past about buying one of those, but it wouldn't make sense for me today.
<chrislabeard> I use it as a server and a piece of furniture just cause its so good looking
<chrislabeard> Don't lie you know its sexy
<afeijo> hi guys, how can I configure 2 identical ubuntu server as a cluster?
<ball> chrislabeard: "sexy" is subjective, thankfully.
<ball> hello afeijo
<chrislabeard> lol
<afeijo> hi ball :) you nick remind me Baal from Stargate SG1 scifi tv show :D
<ball> afeijo: I've not seen that.
<afeijo> I love scifi, SG1 is my favourite
<afeijo> aside with startrek
<ball> More of a Who man myself.
 * ball waits patiently for Ubuntu to install again.
<afeijo> dont know that one
<ball> afeijo: Doctor Who ?
<afeijo> I heard but never watched
<afeijo> british humor is weird :)
<talcite> hey guys. I'm getting reports that the tomcat 6 in the repos doesn't work properly and that I should be installing the one from the apache project site. They never go into detail about what doesn't work though. Does someone know what I'm talking about?
<afeijo> no one uses cluster in the channel?
<ball> afeijo: define "cluster"
<afeijo> ball, 2 ubuntu working as 1
<afeijo> I installed 2 VM to try it, to learn
<afeijo> a LAMP server
<ball> afeijo: Okay.  Be aware that is just /one/ interpretation of the word though.
<ball> ("Cluster" is ambiguous)
<afeijo> I see
<ball> Sounds as though you want to strap two Ubuntu Server boxes together in hope of achieving "high availability"
<ball> I recently had an application that needed that, but I wasn't able to find a solution.
<afeijo> yes!
<afeijo> faster and failsafe
<ball> ...but I didn't hit the vm vendors hard.
<afeijo> oh :)
<ball> (and our budget was limited)
<afeijo> I don't think it is related to the VM, I installed heartbeat, but now I need to figure out how to configure it
<ball> afeijo: There are a couple of different approaches.
<ball> If it's for something important enough to warrant H.A, I suggest you consult an expert.
<ball> We couldn't afford to, so I scratched the project.
<ball> (also, we couldn't print).
<afeijo> thats bad
<afeijo> I know a few good linux guys, I will email them :) Thanks
 * ball shrugs
<afeijo> 1 a.m., sleep time ... good night
<ball> I'll be really lucky if I get to bed by 01:00
 * ball pokes his Ubuntu Server testbed with a sharpened stick
<talcite> Is dapper server still being supported?
<talcite> This site says it's EOL, but the email it links to says otherwise. https://wiki.ubuntu.com/Releases
<talcite> The second paragraph says the server edition goes till 2011 june. https://lists.ubuntu.com/archives/ubuntu-announce/2009-July/000123.html
<twb> !EOL
<ubottu> End-Of-Life is the time when security updates for an Ubuntu release stop, see https://wiki.ubuntu.com/Releases for more information. Looking to upgrade from an EOL release? See https://help.ubuntu.com/community/EOLUpgrades
<Runeg> I was scanning a job application, and I came across "Layer 2, 3, and 7 security required". Wouldn't that mean you're programming the application too?
<twb> That page does seem strange; maybe when Dapper was released, Canonical had not yet committed to five years of support for LTS Server packages?
<twb> Runeg: depends which model they're using; but I would guess so.
<qman__> I'm pretty sure dapper server had 5 years
<qman__> of course that would put us in the final year right now, so you should think about upgrading anyway
<twb> qman__: that wiki page indicated it wasn't
<alex88> mornig..what's the right way to jail users? i mean creating a chroot environment
<alex88> because i'm thinking of create a /jail dir where i put customers, and use the chroot option of apache and set to /jail then use fcgid and suexec to run php inside the jail..
<joschi> alex88: there's no "right" way, there are several ways to put your (web server) users into a chroot environment
<joschi> alex88: you could run one httpd per user or you could just chroot the script processes for example
<alex88> joschi: well, apache has the chroot option, and i can use it.. but what about php, supposed it will be runned by the user
<joschi> alex88: you mean mod_chroot?
<joschi> alex88: or do you mean ChrootDir of the stock apache?
<alex88> ChrootDir...
<alex88> or, is mod_chroot better? cause it's older that the time that option is implemented in stock apache
<joschi> ah ok. so then your complete apache is running in that chroot environment and the scripting processes will inherit that environment
<alex88> really? will fcgid runned inside and also the php scripts cannot access outside that also with system() function?
<twb> chroot isn't the same as a jail.
<twb> If you want a proper jail, consider LXC or OpenVZ or vserver
<alex88> they're for running vps right?
<twb> They're for running jails.
<alex88> so jail is a complete indipendent system?
<twb> The distinction between a heavyweight jail and a lightweight VPS is blurry
<twb> It's not independent in the sense that it has its own boot sequence and kernel.
<alex88> well, right..so i want a chroot?
<twb> I don't know what you want.
<twb> http://en.wikipedia.org/wiki/Operating_system-level_virtualization discusses jails.
<alex88> well, i want that users (hosted sites etc), don't exit /jail/ dir
<twb> OK, put it this way:
<alex88> i mean with php scripts..they won't have shell
<twb> A VM provides virtual hardware.  A jail provides virtual parts of the kernel, such as the network stack and the VFS (directory tree).
<twb> A chroot is a jail that can *only* virtualize the VFS and nothing else.
<alex88> ok..so a chroot will be enough..cause the apps etc are all linked to the main apps of the system.. but they won't get out the VFS
<twb> That really depends.
<twb> Certainly it is easier to break out of a chroot than a jail.
<alex88> i've tried http://olivier.sessink.nl/jailkit/ some time ago, and it chroots fine the ssh session..but i don't know about php scripts..because it changes the shell in /etc/passwd so i think it doesn't matter with php scripts..
<alex88> right..but i don't know how to build a jail without using virtualization apps..
<alex88> on the net they all talk about chroot with ssh..so it doesn't affect php scripts i think
<alex88> btw, i'll try with apache chroot (that's not so much documented...) and the fcgid
<alex88> this seems to be fine http://www.seaoffire.net/fcgi-faq.html but i have to check more
<intrepid-ab> hey all
<alex88> !hi
<ubottu> Hi! Welcome to #ubuntu-server! Feel free to ask questions and help people out. The channel guidelines are at https://wiki.ubuntu.com/IRC/Guidelines . Enjoy your stay!
<intrepid-ab> this is nice - havent been to this room.
<intrepid-ab> i have one question - has anyone here tried to install ubuntu on a dell optiplex 320? there seems to some issue with the bios, you cant install linux on that machine. I have googled the information and i couldnt really find an easy way around it
<alex88> never..what's that?
<intrepid-ab> is my question not clear?
<alex88> what's that? a server?
<alex88> that's a wiki page for that https://wiki.ubuntu.com/DellOptiplex320
<intrepid-ab> yeah, they seem to define steps on how to get past the issue, but not explain why this is happening or why we are running those commands
<intrepid-ab> it is assumed that you have excellent experiance with the commands
<alex88> right..and there are no info about lucid
<alex88> yout've tried that?
<qman__> intrepid-ab, that page says karmic works out of the box
<qman__> I'd have to guess lucid would too, they share a lot in common
<qman__> it also looks like the problem is grub1, which lucid does not use on new installs
<intrepid-ab1> i have tried it with grub2 - the issue is not resolved
<intrepid-ab1> i really dont understand how the bios doesnt support any linux distro
<alex88> intrepid-ab1: checked for bios updates? what's wrong with grub?
<Daviey> Good Morning Campers!
<alex88> campers? :)
<intrepid-ab1> i have upgraded the bios
<intrepid-ab1> but it still will not boot the installed system
<alex88> to 1.1.12?
<intrepid-ab1> yep
<alex88> dunno...so what's the problem with grub?
<intrepid-ab1> no clue - tried a lot of things - i guess the kernel fix is what is left
<alex88> ok
<intrepid-ab1> thanks for the help
<intrepid-ab1> great channel - will drop by again - thank you again alex88
<alex88> i'm afraid that's nothing to do... :(
<alex88> np..
<huats> morning
<alex88> morning..
<alex88> has anyone tried to setup virtualbox on ubuntu server?
<YankDownUnder> alex88, I might give this a go tonight...cuz I was asked by a client to test it...
<binBASH> alex88: Only on ubuntu desktop ;)
<binBASH> for server I'm using kvm virtualization
<alex88> binBASH: easy to install?
<alex88> YankDownUnder: oh..nice.. :) i'll try later
<binBASH> alex88: the virtualbox or the kvm?
<alex88> the kvm
<binBASH> it's quite easy
<YankDownUnder> I want to "serve" the VM's...not run a server in a VM...
<alex88> binBASH: oh..there's a wiki for that..nice
<binBASH> sure ;)
<starslights> hello to everyone, i have a few problem and need help for ubuntu server 10.04.1 LTS if possible
<Jordan_U> !ask | starslights
<ubottu> starslights: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<starslights> i have get a installed version with only "root" for user name and it seem that's make me some problem installing desktop and nx
<starslights> in fact i think that i mostly need to use a non-root user to do that thing , it is right ?
<starslights> i already installed my own in my life and don't has problem but now i don't know what i must do. i.e if i need create another simple user or not, sorry for my englisg between
<starslights> actually i have installed ubuntu-desktop via root  and NX but still say that i can't access as user root with NX
<starslights> hi Jordan_U, yep, i know, thanks, just not easy to know how explain :D
<Jordan_U> starslights: What is your first language?
<twb> starslights: best practice is to minimize the amount of things you run as root.
<starslights> French
<Jordan_U> !fr | starslights
<ubottu> starslights: Ce canal est en anglais uniquement. Si vous avez besoin d'aide ou voulez discuter en francais, merci de rejoindre #ubuntu-fr, ou #ubuntu-qc. Merci.
<starslights> oh,i will try in the FR if one existe for ubuntu, Thanks anyway for your answer, nice from you
<Jordan_U> starslights: You're welcome.
<starslights> having a great day guys :)
<xampart> =)
<shelter> hi
<shelter> i'm having some trouble with apache2 on ubuntu server
<shelter> anybody alive in here ?
<RoyK>  
<RoyK> shelter: just ask your questions, with details
<shelter> k cool i have an apache installation with the default config
<shelter> running on ubuntu server 9.10
<shelter> i have a folder named 'cshelter' that contains some php files that i have written and i cannot access it, i get an internal seerver error (500)
<shelter> but there is nothing about it in the apache error log file
<RoyK> can you test php with a file containing a simple script, like <?php phpinfo(); ?> ?
<shelter> that works
<RoyK> I don't think I have seen Apache return 500 without logging the event
<shelter> i have also installed phpmyadmin and that works
<shelter> i know it's really weird
<twb> RoyK: fill /var/log to 100%, and try again
<RoyK> twb: hehe
<uvirtbot> New bug: #623269 in php5 (main) "package libapache2-mod-php5 5.3.2-1ubuntu4.2 failed to install/upgrade: le sous-processus script post-installation installÃ© a retournÃ© une erreur de sortie d'Ã©tat 128" [Undecided,New] https://launchpad.net/bugs/623269
<shelter> k apache is not logging anything but i still cannot access it
<shelter> i get a 'cannot find server' error in internet explorer
<shelter> and a 'busy server' error on firefox
<shelter> the thing is that i can access simple text files in the directory
<shelter> and the files all have the same permissions
<shelter> also if i use lynx on the server machine it works flawlessly
<shelter> could it be some kind of network error
<shelter> ?
<RoyK> shelter: perhaps a firewall?
<RoyK> ufw status
<RoyK> telnet servername 80 - see if you can reach it
<sherr> Maybe apache isn't running? Stop it, start it and look in the logs.
<krainboltgreene> Ahem, anyone know any ways to slim down Ubuntu server?
<jpds> krainboltgreene: Use Ubuntu JeOS?
<krainboltgreene> Without installing a different version of Ubuntu ;)
<alex88> twb?
<shelter> ufw is disabled
<shelter> anyway, i think im gonna switch to lighttpd,
<shelter> it seems to work pretty nicely
<shelter> cheers!
<RoyK> krainboltgreene: dpkg -l and sort out the ones you don't need
<RoyK> then just apt-get remove --purge them
<nhck> Hi, how do I turn by ubuntu-box into a device that allows upnp-rendering? Using the local soundcard as an output.
<alex88> i've these errors http://pastebin.com/212FZxq0 running with fcgid+chrooted apache..
<Cuddle-Ing> hello i've got a small issue i hope, i've just compiled the xen-4.0.1-rc6-pre.gz and vmlinuz-2.6.31.14 ob ubuntu 10.04.1, It looks like that XEN will be loaded, but after that i get the following error message "mount: mounting none on /dev failed: No such device".I've got no idea where the problem is.
<Cuddle-Ing> i did that menuentry "Ubuntu, Xen ext2c" { insmod ext2 set root=(hd0,1)     multiboot /xen-4.0.1-rc6-pre.gz
<Cuddle-Ing>    module /vmlinuz-2.6.31.14 dummy=dummy root=/dev/sda1  ro quiet splash console=tty0    module /initrd.img-2.6.31.14  }
<Cuddle-Ing> i've tried as well to use UUID of root and as well without splash console quiet or with single each time the same error and as well without dummy
<Cuddle-Ing> anyone there who could help ?
<alex88> never used that...i'm soory
<alex88> *sorry
<Cuddle-Ing> but there must be someone who has used ot ;)
<uvirtbot> New bug: #623342 in samba (main) "ntlm_auth returns invalid NT_KEY" [Undecided,New] https://launchpad.net/bugs/623342
<wastl> hi
<Cuddle-Ing> need help xen 4.x and ubuntu 10.04
<kokozedman> hey guys
<kokozedman> this rule fails: iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -j MASQUERADE
<kokozedman> it says: iptables: No chain/target/match by that name.
<xampart> kokozedman: /j #Netfilter
<kokozedman> jumping all around
<kokozedman> thanks
<Cuddle-Ing> xampart do you know xen 4.x on ubuntu ?
<xampart> Cuddle-Ing: nope
<Cuddle-Ing> anyone else ?
<xampart> would recommend #xen
<xampart> =)
<Cuddle-Ing> i 'm in there as well, but they directed me to ubuntu server ;)
<Cuddle-Ing> hmm maybe it is only a grub2 problem and not a xen issue
<Cuddle-Ing> hello i've got a small issue i hope, i've just compiled the xen-4.0.1-rc6-pre.gz and vmlinuz-2.6.31.14 ob ubuntu 10.04.1, It looks like that XEN will be loaded, but after that i get the following error message "mount: mounting none on /dev failed: No such device".I've got no idea where the problem is.
<Italian_Plumber> I've found information about slocate here: https://help.ubuntu.com/community/FindingFiles#locate and installed the slocate package. I've manually run its daily cron job: http://pastebin.com/fGzF6S9g ... and it does not seem to be indexing all of my filesystems:  http://pastebin.com/9i8Gxmie  (I have many files in my /media directory and subdirectories with "address" in them)
<uvirtbot> New bug: #623021 in qemu-kvm (main) "ubiquity-dm crashed with OSError in _execute_child()" [Undecided,New] https://launchpad.net/bugs/623021
<sherr> Cuddle-Ing: Try #xen. Very helpful often.
<kpettit> any suggestions for software to manage large number of ubuntu servers?  These are rackspace cloud servers.  I need to have them install default packages and do configs.  They will not all be cookie cutter though.
<kpettit> I've been looking at cfengine type systems but was hoping for something less painful
<xampart> any ideas why raid1 recovery speed is only ca. 40000K/sec?
<smoser> jdstrand, ping
<jdstrand> smoser: yes?
<smoser> group eucalyptus is member of libvirtd, and runs a kvm via libvirt on qemu:///system
<smoser> is that process supposed to be running as root ? or eucalyptus
<smoser> (i think root, but just want to check)
<jdstrand> smoser: which process, kvm?
<smoser> yes
<jdstrand> smoser: yes it is
<smoser> k
<jdstrand> smoser: but it is confined by apparmor
<smoser> right
<smoser> i'm looking at https://bugs.launchpad.net/ubuntu/+source/eucalyptus/+bug/619843
<uvirtbot> Launchpad bug 619843 in eucalyptus "euca-get-console-output returns one single line" [High,Confirmed]
<smoser> which seems like we've got some messed up permissions somewhere. i don't know how the console.log ever worked (unless eucalyptus first creates that file with its perms and kvm just appends)
 * hggdh starts paying attention
<smoser> but for the others, it seems like we're euca_root_wraping too many things
<smoser> to me
<jdstrand> smoser: well, libvirt uses a stacked security driver mechanism
<jdstrand> the one that is at the bottom and on all the time is the DAC one
<jdstrand> on top of that is a MAC one that is set via the security_driver in /etc/libvirt/qemu.conf, and defaults to AppArmor on Ubuntu
<jdstrand> upstream has been doing a lot with the DAC part, to make it so that systems that don't have a MAC system (eg, Debian) have some sort of protection
<jdstrand> it isn't nearly as comprehensive as MAC, but better than nothing
<jdstrand> anyhoo, the DAC security driver fiddles with permissions of files, and I noticed with the 0.8.3 upload that it changed the owner of the disk
<jdstrand> (this actually was part of a CVE fix too)
<jdstrand> (from upstream)
<smoser> well, this is interesting
<smoser> i bet it changed console.log also
<jdstrand> so, it is most certainly libvirt changing the permissions on you
<jdstrand> (for disks)
<jdstrand> and yeah, possibly the console log
<hggdh> the critical seems to be the console log, since we see no problems on the other files
<jdstrand> it might be interesting to have libvirt start kvm instances as non-root (by adjusting /etc/libvirt/qemu.conf), and seeing what happens. this is untested, but should work fine (conceptually) with the MAC driver
<jdstrand> as such, you could put the eucalyptus user in the group of the user that libvirt starts machines as, and voila
<jdstrand> the support is already in Debian, and has been since before Lucid released, but that change didn't happen until too soon before lucid released and was deemed too risky
<hggdh> do we have time to do it?
<jdstrand> sure
<jdstrand> it isn't a feature per se
<jdstrand> 9008-run-as-root-by-default.patch
<jdstrand> compile it without ^
<jdstrand> then test the $@&% out of it
<hggdh> heh. This is something I have been doing a lot ;-)
<RoAkSoAx> smoser: well the image is kept because is not empty, so if users wants to run that image, he would just do "tesdrive -u file://name.img". However, everytime you run an ISO a disk image is create regardless there might have been a previous installation using the same ISO/win 17
<hggdh> smoser: willing to try?
<smoser> personally, no. :)
<smoser> but that would be much more davieys' call than me.
<smoser> i think its a nother moving part that i wouldn't want to add
<hggdh> I will try (famous last words)
<RoAkSoAx> u smoser dont mind me error
<smoser> :)
 * Daviey reads scrollback
<hggdh> brb
<RoAkSoAx> this always happens when i connect throuth my phone lol
<smoser> jdstrand, so what permissions did disk have before ?
<jdstrand> smoser: they were unchanged. so if a regular user created the disk, then they were owned by that user. I don't know about console.log
<smoser> ah. ok. so that is probably what was happening.
<smoser> so, jdstrand what would our options be then ?
<smoser> we can a.) try running as non root
<Daviey> jdstrand, From a security aspect - do you care which user it runs as?
<smoser> b.) something, i hopw
<smoser> hope even
<jdstrand> smoser: right. the idea is that libvirt chowns the files to be owned by the process that kvm is running as
<jdstrand> smoser: so if it is a non-root user, then kvm only has access to those files
<jdstrand> Daviey: well, read the top of 9008-run-as-root-by-default.patch
<jdstrand> Daviey: it would be nice to run as non-root, but with AppArmor on by default, the security benefit is marginal
<jdstrand> Daviey: that said, there is a real benefit if someone turns off apparmor
<smoser> http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/maverick/libvirt/maverick/annotate/head%3A/debian/patches/9008-run-as-root-by-default.patch for those without a libvirt checkout
<Daviey> hmm.. I'm really reluctant to change more than we need to at this stage
<Daviey> .. but it's still common for people to disable apparmor :(
<jdstrand> Daviey: common? do you have statistics?
<jdstrand> Daviey: there should be no reason to turn it off. if there are problems, people need to report the bugs
<Daviey> jdstrand, No, the only basis i have is the amount of legacy how-to's where it was the common first step.
<jdstrand> Daviey: yes on howtoforge
<Daviey> which i think is much less common now
<Daviey> jdstrand, sadly, yes
<smoser> Daviey, people dont' disable app armour on their eucalyptus-nc systems (i hope)
<jdstrand> Daviey: that is a kneejerk reaction from some dolt used to selinux who didn't think at all about security or the system
<smoser> in all howto's i write, i start off with "disable all security features as they just get in the way, then, 'sudo su -'"
<Daviey> smoser, agreed - but this is a generic libvirt thing - not limited to euca
<jdstrand> Daviey: I went through a bunch of those howtos saying it is not required to turn off. I encourage you to do the same when you come across them
<jdstrand> smoser: hehe
<Daviey> jdstrand, wilco
<smoser> ok. so what are our options here ? realistically
<smoser> we're going to end up fighting libvirt
<smoser> but, for the record, it does appear to me that we are root-wrapping too much at the moment.
<smoser> specifically, partition2disk and gen_kvm_libvirt_xml
<jdstrand> I talked to upstream euca about all this too, and made sure that they knew that if there was a situation where they felt they needed to turn off apparmor, to talk to me personally first, and gave my email and irc
<jdstrand> they never contacted me and assured me it worked well
<jdstrand> that sounded weird
<jdstrand> they assured me if worked well and didn't contact me later
<jdstrand> s/if/it/
<Daviey> smoser, chmod'ing the logs should close the console bug?
<Daviey> hmm
<jdstrand> if you are root wrapping because libvirt is chowning to root because of the current default, change the default
<jdstrand> us running as a root is a delta from Debian anyway
<Daviey> OK.. the logs shouldn't be world readable
<smoser> they wouldn't be wordl readable
<smoser> just group readable
<smoser> and eucalyptus in the proper group
<Daviey> hmm
<smoser> that is what jdstrands is suggesting
<Daviey> put euca' into libvirt-qemu?
<jdstrand> I think that the devel cycle is a great time to try this out. granted it is latish for maverick, but I'll let you guys decide
<jdstrand> smoser: yes
<smoser> for this in particular, we could just change the group
<smoser> to kvm
<smoser> or, change group to libvirtd
<smoser> as eucalyptus is a member
<jdstrand> right, drop 9008, put euca in that group, see what happens
<Daviey> hggdh, did you say you wanted to test this?
<smoser> uh-oh.
<hggdh> Daviey: yes. We need this resolved
<Daviey> hggdh, Agreed - What do you want to do?
<jdstrand> smoser: do not put in the libvirtd group
<jdstrand> the libvirtd user should be considered privileged
<smoser> i dont know what changed this, but : http://pastebin.com/1E0Dkm8y
<smoser> on my node controller
<Daviey> i thought they were eucalyptus:eucalyptus !
<jdstrand> use the Debian group of 'kvm', and put euca in that group. based on the bug, the console.log is 660, so that should be fine
<smoser> jdstrand, eucalyptus user is in libvirtd
<hggdh> ??? and you are running 2.0~r1233?
<smoser> but i dont think you're saying they shouldn't be
<smoser> $ dpkg-query --show eucalyptus-nc
<smoser> eucalyptus-nc   2.0~bzr1233-0ubuntu1
<jdstrand> smoser: right, but if you look at 9008, libvirtd is not in qemu.conf
<smoser> this system had been installed via some of dustin's debs
<jdstrand> smoser: and it shouldn't be
<smoser> then i apt-get dist-upgraded just now
<jdstrand> smoser: I suggest using the Debian defaults:
<jdstrand> user = libvirt-qemu
<smoser> jdstrand, ok.
<jdstrand> group = kvm
<jdstrand> put euca also in 'kvm'
<jdstrand> (possibly 'libvirt-qemu' if needed)
<smoser> i think the install scripts must have chmodded those dirs for me
<Daviey> Okay.. there is lots of ideas bouncing around here..
<smoser> s/chmod/chown/
<jdstrand> just do *not* adjust qemu.conf to have libvirtd as the user or group
<jdstrand> Daviey: yes, but only one true idea ;P
<Daviey> jdstrand, hah
<jdstrand> (drop 9008 in libvirt, put euca in the 'kvm' group)
<Daviey> ok
<smoser> jdstrand, you're seriously suggesting this ?
<jdstrand> I am. why not?
<jdstrand> I'm not suggesting tossing it into maverick without testing
<Daviey> smoser, your last pastebin indicated the logs were owned by euca already?
<jdstrand> but if euca testing shows it to work, then sure
<smoser> Daviey, which i think was a result of dpkg fixing them
<hggdh> jdstrand: tossing it into Maverick means *I* am going to test them ;-)
<smoser> i bet if i start a new instance they'll be busted on that instance.
<jdstrand> hggdh: well, you could also point your sources.list to a ppa ;)
<Daviey> smoser, please do try.. i'm rolling a new cloud at the moment
<hggdh> jdstrand: of course
<jdstrand> hggdh: I was just teasing
<jdstrand> :)
<smoser> http://pastebin.com/5X9fP79c
<smoser> the top i-XXX is the new one
<smoser> we must fix perms in a post install or something
<hggdh> yes, now it looks like the real McCoy
<jdstrand> smoser: to be clear and all kidding aside, I am suggesting the 9008/kvm group as a possible fix, and probably the right one. this might be natty material, that is for you decide. we didn't put it into lucid cause we thought it was risky, but part of the idea behind maverick is to try new things out and shake things out for the next LTS
<jdstrand> I might also point out that libvirt will change permissions on disks on each start
<smoser> jdstrand, right. it just seems a week before beta might be past shaking out time. but it is worth a test.
<smoser> jdstrand, there is only 1 start
<smoser> unless it does so on restart also (ie, reboot)
<jdstrand> eg, they are root. so I chown them to something else. the next start libvirt chowns them back to root
<smoser> right
<smoser> thats what i would have figured.
<Daviey> jdstrand, Yeah... Many of us wanted to try new things for Maverick.. but it's not really been the case so far :(
 * Daviey looks for the car dealership.
<jdstrand> smoser: it shouldn't on restart if it is a guest initiated restart. if the euca restart involves the equivalent of a virsh destroy/virsh start, then yes
<jdstrand> well, if nothing else, put this at the top of your list for natty :)
<Daviey> Yeah.. i can imagine seeing this issue in the natty release notes.. :)
<Daviey> .. and people say server aint sexy :)
<jdstrand> well, I'm not on the server team-- I could be extremely cavalier and opinionated and just do it :P
 * jdstrand would not do that :)
<smoser> well, we're looking at 1 of 2 things
<smoser> a.) hack in some silly chown/chmod
<smoser> b.) do it "right"
<smoser> i think that both ways are going to cause fallout
<Daviey> c) don't bother changing anything :)
<Daviey> d) go to the movies instead.
<smoser> but given those, b is nicer.
 * jdstrand likes movies
<smoser> c results in broken euca-get-console-output
<smoser> so lets avoid that one.
<Daviey> good thinking
<smoser> but zul has a movie he's excited about. some high-brow humor film in 3d
<smoser> ok. so /me tries swapping euca.conf
<smoser> err... libvirt.conf
<zul> smoser: where did that come from?
<smoser> we talked about movies
<smoser> and i know you're giddy about one
<jdstrand> smoser: I think you mean /etc/libvirt/qemu.conf, but yes :)
<zul> smoser: oh...then yes im excited :)
<jdstrand> for people who want to test it, you don't need a new libvirt package. that 9008 patch simply adjust /etc/libvirt/qemu.conf
<hggdh> yes, I noticecd it. I am going to hand-adjust them, and restart a test
<jdstrand> you can do that on your own, do a full 'stop libvirt-bin && start libvirt-bin' and test
<jdstrand> smoser, Daviey, hggdh: also the 'This new default in Debian is not as well-tested' is not really accurate anymore
<jdstrand> (that patch came from lucid as part of the merge)
<jdstrand> it has been in Debian for roughly 6 months (though not a release version of Debian)
<smoser> jdstrand, i'm guessing i also have to stop eucalyptus-nc
<smoser> to get it into the kvm group
<hggdh> ack
<jdstrand> smoser: oh yes
<hggdh> changes made: (1) edit /etc/libvirt/qemu.conf, revert 9008; edit /etc/group, add eucalyptus to the kvm group
<smoser> well, that immediately fixes the problem
<hggdh> now to have a few hundreds of instances run...
<smoser> so, its "fixed", but we still get a hodge-podge of permissions:
<smoser> http://pastebin.com/vdCVLkYL
<smoser> most interesting to me is that console.log and disk have different group read/write
<smoser> and loader, even different!
<smoser> (loader is written by a rootwrap'd program, and not known by eucalyptus, so its differences are not so surprising)
<Daviey> oh
<smoser> jdstrand, i personally would really appreciate a comment by you in bug 619843 explaining/pointing at the libvirt change that we're seeing the result of
<uvirtbot> Launchpad bug 619843 in eucalyptus "euca-get-console-output returns one single line" [High,Confirmed] https://launchpad.net/bugs/619843
<smoser> or, if you dont want to, i can do it, its just going to be less correct :)
<Daviey> jdstrand, That would be grand :)
<jdstrand> k
<jdstrand> let me kick of a qrt run with 9008 reverted first
<jdstrand> s/of/off/
<smoser> so, i'm convinced at the moment of "quickly flip this and see if anything falls out in the next 2 days"
<jdstrand> it is certainly easy to revert...
<hggdh> well, yes, we are changing the system default, and it will affect all other users of libvirt/qemu
<smoser> i dont care about anyone other than myself
<smoser> :)
<jdstrand> hggdh: I am going to change that part. but again, people expect things to change. if they change enough, we release note it
<jdstrand> err
<jdstrand> I am going to *test* that part :)
<hggdh> :-)
<hallyn> jdstrand: well that makes me feel like a heel - I didn't think it was libvirt
<smoser> jdstrand, well, this particular change for eucalyptus is at least a 2 package change (we have to add eucalyptus to the kvm group). so its not absolutely trivial
<jdstrand> smoser: ack
<smoser> i suppose that, given that we're thinking about one package, and it required a change to adjust, its reasonable to expect that other packages would need to adjust
<smoser> even that it would be surprising if this did not break something else.
<jdstrand> hallyn: well, I am still not totally sure about the console.log part. I just know what happened with disks, but it all fits
<bogeyd6> if I move an lvm to another machine, how would i go about using this lvm intact? and if not intact, then how would i create a new one onit
<zul> jdstrand: did that patch make it in?
<bogeyd6> heh nevermind, the new system auto-picked it up
<jdstrand> zul: I think I missed something. what patch?
<zul> jdstrand: the libvirt patch you guys are talking about
<jdstrand> zul: we are all just testing locally
<zul> jdstrand: ah ok...carry on :)
<hallyn> jdstrand: oh i hadn't heard/noticed anything about the disks.  was only looking at console part
<smoser> jdstrand, it fits, and the change affects console.log
<jdstrand> zul: also, this is almost certainly not SRU material :)
<zul> jdstrand: no worries
<smoser> (as in i tested, and console.log's ownership changed, so i think it is definitely it)
<jdstrand> smoser: makes sense, cause iirc it is qemu/kvm needs to be able to write to that
<smoser> yes
<smoser> yeah, it does write it
<jdstrand> so yeah, neat
<smoser> hggdh, Daviey is this new ?
<smoser> http://pastebin.com/TVe5BRsA
<smoser> the first instance there has no public ip address
<smoser> i just launche dit with euca-run-instances right before the other one
<hggdh> smoser: seems like a regression
<Daviey> hmm
<Daviey> smoser, can you reliably reproduce it?
<smoser> um.. this is the first i've seen it
<jdstrand> smoser, hggdh, Daviey: the qrt run was successful with the exception of 'save' and 'restore'. I am looking at that-- it is likely a problem with the test suite not accounting for directory perms
<smoser> jdstrand, yeah, which is fallout i somewhat expect from other things
<hggdh> jdstrand: this is good
<jdstrand> smoser: I also commented in the bug
<Daviey> awesome jdstrand
<Daviey> appreciate your time on this!
<jdstrand> sure
<jdstrand> smoser: regarding save/restore: oh yes, it is definitely the test script.
<jdstrand> "tmpdir=`mktemp -d`      # Needs to be in a root owned directory"
<jdstrand> smoser: I added that ^ because of libvirt's ever changing behavior
<smoser> right. i'm just saying that other things are somewhat likely to have done this also
<jdstrand> we can't expect a non-root user to be able to write to a root owned directory now can we?
<smoser> eucalytpus is an example.
<jdstrand> oh yes. please test test test :)
<smoser> so we now have 2 things that interface with libvirt (euca and your script)
<hallyn> @complexity--
<smoser> and 2 things have had fallout
<smoser> :)
<hggdh> oooohhhh we got back the console printout....
<hggdh> on the other hand, about half of the instance starts are failing...
<Pigimon> hey they told me to come here if i wanted some help
<Pigimon> is that true ?: P
<smoser> hggdh, Daviey bug 623426
<uvirtbot> Launchpad bug 623426 in eucalyptus "instance does not get public ip address" [Undecided,New] https://launchpad.net/bugs/623426
<Daviey> smoser, you are only seeing that in third party images?
<smoser> third party
<smoser> pfft
<smoser> i saw it on those images. the image should have *nothing* to do with this.
<smoser> the loader path, i only broght up, because there coudl be a race in eucalyptus that is more exposed with my loader path taken.
<smoser> as the gen_libvirt_kvm_xml is much slower when it creates a loader floppy
<smoser> so if there was a race condition in eucalyptus there, it would be more open with a slower running exec
<smoser> and 'third' party above is this guy that goes by 'smoser'
<smoser> Daviey, ^
<smoser> the other thing to note is that those images are 20M, and will as a result generally deploy faster than our 1.4G images.
<Daviey> smoser, OK.. if the issue is related to small images - euca upstream test against ttylinux AIUI.. So i would have expected them to see it
<alex88> what means packages like *-dgb? what are degub symbols for?
<Daviey> (i don't generally test against ttylinux, and i don't think hggdh does)
<Daviey> smoser, If it's a race that has been uncovered by the load path changes, i'm not sure we can expect upstream assistance
<smoser> alex88, they're for the corresonding package.
<smoser> then, you can use gdb and debug and get source listings
<smoser> and also good back traces
<alex88> ok, thank you :)
<smoser> i realistically can't believe that there woudl be such a race
<smoser> but i just wanted to be up front
<smoser> i'm somewhat concerned that you, Daviey, would bring up the "not my problem" argument first, though.  I was afraid of bringing up an easy red-herring, but wanted to be fair.
<smoser> hggdh, at some point (probably sooner than later) we will want/need to modify the tests to run through the loader code
<smoser> its really as simple as passing '--use-loader' to uec-publish-tarball when you register the image.
<Daviey> smoser, Erm.. i didn't do that.
<SpamapS> smoser: did you see my suggestion to try a regex?
<smoser> SpamapS, yes. but i dont think it would have worked.
<smoser> or, nat leat, not easily.
<smoser> i need 3 4 byte tokens in a row.
<Daviey> smoser, I was pointing out that IF it is a race condition uncovered by that, then i'm not sure we can expect upstream support.
<SpamapS> smoser: /\x01\x02\x03/ no?
<smoser> where a + b + c = 0 in unsigned int.
<Daviey> smoser, I wasn't saying that it's "not my problem"
<smoser> or, without unsigned int math, a + b + c = 2^32
<SpamapS> smoser: as long as you can break them into 1 byte chunks, \x00 works
<smoser> SpamapS, right, so, yeah, i guess i could find the first occurance, and the second occurance, and then search back through for  the 3rd. but, i somewhat think you're making a "its perl, use regex!" arguement :)
<smoser> the solution was fairly easy once i figured out how to use unpack.
<SpamapS> smoser: I'm more thinking its the fastest way to search a string.
<SpamapS> smoser: I suppose int compares in a perl foreach are probably just as fast.
<smoser> yeah, i cna't really imagine its much faster. the regex woudl have to do evrything that the unpack would have to do.
<SpamapS> smoser: why would you have to go back? if they're 3 4 byte tokens in a row, wouldn't you just do  $token1$token2$token3 ?
<SpamapS> smoser: plus we're talking about 8192 bytes.. so.. totally moot point. :)
<smoser> http://bazaar.launchpad.net/~ubuntu-virt/ubuntu/maverick/eucalyptus/2.0/annotate/head%3A/tools/gen_kvm_libvirt_xml is what were talking about, by the way
<smoser> boy, that is some seriously ugly choice of color for perl
<smoser> 'is_multiboot_img' is the new code that i wrote.
<SpamapS> I think its that color because its in diff format?
<smoser> thats not diff
<smoser> i think its that color to convince people not to write perl
<SpamapS> smoser: antiperlred .. can I buy that at Home Depot ?
<alex88> how can i permit all users to use chroot?
<alex88> also non sudo
<Daviey> smoser: Do you have any thoughts on bug 457281
<uvirtbot> Launchpad bug 457281 in eucalyptus "Partitions presented to instance should be ext3, not ext2" [Medium,Won't fix] https://launchpad.net/bugs/457281
<Daviey> ?
<smoser> Daviey, i believe that daniel's comment in comment 6 is still valid.
<smoser> without using loop back or kpartx or something, you can't get a ext3 filesystem on a partition in a disk image.
<Daviey> smoser: Yeah.. i do wonder if anyone is actively looking into it. :)
<smoser> no.
<smoser> i looked once
<smoser> seriously, its hard to believe, but this is non-trivial
<Daviey> oh no.. i don't doubt it
<smoser> losetup, from nurmi's experience is not really multi-process safe.
<smoser> so, then you're into modifying parted, which is also surprisingly less than trivial
<smoser> i opened up ext2 tools once, hoping to just jack in an offset parameter so it could open up a file and seek (basically doing what losetup --offset would do) but that was not terribly trivial.
<Daviey> :(
<smoser> we should probably figure out exactly what is wrong with losetup and fix that.  even then, though, that would mean that partition2disk would have to be run as root.
<smoser> right now it doesn't have to be (but is)
<smoser> Daviey, is it ok if i push a change to virt-2.0 branch righ tnow ?
<webpragmatist> any mod_proxy_balancer users around?
<smoser> Daviey, well, i did it.
<tacomaster> i have some server just collecting dust that had windows server on them before and i want to switch them to ubuntu but wanted to see if they could do what i needed before i put them back to use
<Daviey> smoser: oh ok :)
<tacomaster> i was wondering if you could make ubuntu server have like an update server for all the computers in the network and second question is if you can have more than one role on the server with only one network card and no virtualization
<thesheff17> tacomaster: yes apt-mirror will do that and then you have to point ubuntu servers to that IP/DNS.  Yes you can jam as much as you can on a linux machine addressing RAM/CPU/hard drive space.
<tacomaster> thesheff17: so i just need to run sudo apt-mirror?
<thesheff17> tacomaster: http://www.howtoforge.com/local_debian_ubuntu_mirror
<thesheff17> tacomaster: you use apache server the files and create a good /etc/apt/mirror.list file
<kim0> Daviey: hi there man .. I won't be able to attend today's meeting and the next 2 times (I have an appointement I can't delay)
<kim0> Daviey: if you don't mind .. I've emailed you my updates to mention them for me
<Daviey> kim0: Sorry to hear that.. feel free to add your apologies to the agenda.. makes it easier to track :)
<kim0> Is that ok
<Daviey> Daviey: i don't mind at all :)
<Daviey> thanks.
<kim0> great thanks
<Daviey> err kim0
<thesheff17> tacomaster: http://ubuntu.pastebin.com/fWrXNsUM here is my /etc/apt/mirror.list
<jdstrand> smoser, hggdh, Daviey, hallyn: ok, I did a bunch of tests with various combinations of non-root, root, apparmor on and apparmor off and am comfortable with dropping 9008 for maverick libvirt. I'll leave the decision up to you guys on whether or not to actually do it
<jdstrand> smoser, hggdh, Daviey, hallyn: oh, and I updated the bug with that info
<smoser> thanks jdstrand
<Daviey> jdstrand: Awesome!  I'm happy to try it.. we can alwaus reintroduce it :)
 * Daviey prepares an upload
<jdstrand> smoser, Daviey: please bear in mind I did no euca testing. this is pure libvirt stuff (and quick test with virt-manager)
<Daviey> jdstrand: noted, thanks
<smoser> jdstrand, did you add eucalyptus to kvm group ?
<smoser> in your pending upload ?
<smoser> i think we should try this
<jdstrand> smoser: no-- I did nothing with euca
<smoser> oops
<smoser> i meant that at Daviey
<jdstrand> ok
<jdstrand> I was just covering all the libvirt bases
<smoser> jdstrand, you are pending an upload for libvirt with the group modified ?
<jdstrand> not any euca
<Daviey> smoser: I think my upload for euca is gonna be tommorrow now :(
<Daviey> but yes, will be
<jdstrand> smoser: no I am not. I can if you want
<smoser> Daviey, you think we should give it a try ?
<smoser> it passed immediate smoke test
<Daviey> smoser: i can't see the harm
<jdstrand> smoser: but simply commenting 9008 out of debian/series should be all you need to do
<smoser> right. jdstrand so i think from Daviey and my perspective we say "lets do that".
<Daviey> jdstrand: do you want to upload that change, or should it?
<jdstrand> smoser: so you are ready for me to do this "right this second"?
<smoser> we can certainly use the bug we have open for the justification. i can open a task against libvirt if you want.
<Flam`> I setup a postfix/dovecot mailserver on my ubuntu 8.04 system.  Looking at the logs, there are countless spam attempts from all sorts of IPs.  Luckily, they get rejected with messages like " NOQUEUE: reject: RCPT from 114-36-168-1.dynamic.hinet.net[114.36.168.1]: 554 5.7.1 <superedm001@yahoo.com.tw>: Relay access denied;"  But I feel like it's not really secure.  Is there anything I can
<Flam`> do?
<jdstrand> Daviey: I'm here and ready to do it if yu guys tell me to
<smoser> well, i personally would like to see it happen by end of tomorrow at latest, so we can maybe sniff it some on thursday and friday and maybe back out
<smoser> before beta
<Jeeves_> Flam`: Is the machine supposed to accept email from all over the world?
<Flam`> yes
<jdstrand> smoser: any one can do it, I don't care. I have my hands on it now. if you want me to pull the trigger now, I will, otherwise someone else can do it
<smoser> well, my vote is yes, do it.
<jdstrand> mine is yes too (for the non-euca stuff)
<Daviey> jdstrand: DO IT :)
<jdstrand> k
<Daviey> jdstrand: use the bug # in changelog please :)
<jdstrand> Daviey: yes, and adding a libvirt task
<Daviey> rockin'
<Jeeves_> Flam`: Than there's not much you can do. Except using RBL's and/or fail2ban
<Daviey> i think jdstrand has earned a beer :)
<Jeeves_> Hilight!
<Flam`> alright thanks Jeeves
<Jeeves_> Flam`: cbl.abuseat.org is quite good
<Flam`> What does this mean in the logs: 3565DDDC12E: uid=0 from=<root>
<Flam`> will check it out
<jdstrand> hehe
<uvirtbot> New bug: #623525 in samba (main) "Panic or segfault in Samba when a windows client tries to access a share" [Undecided,New] https://launchpad.net/bugs/623525
<Cuddle-Ing> hello i've got a small issue i hope, i've just compiled the xen-4.0.1-rc6-pre.gz and vmlinuz-2.6.31.14 ob ubuntu 10.04.1, It looks like that XEN will be loaded, but after that i get the following error message "mount: mounting none on /dev failed: No such device".I've got no idea where the problem is.
<uvirtbot> New bug: #623520 in dovecot (main) "dovecot reports Invalid configuration in /etc/dovecot/dovecot.conf in all cases" [Undecided,New] https://launchpad.net/bugs/623520
<Cuddle-Ing> anyone there who could help
<dom96> does anyone know how 'Error initializing core [fail]' can be solved? i get that message when trying to start oidentd.
<SpamapS> sbeattie: on maverick, I don't know if I ran it with the right options
<SpamapS> sbeattie: its not clear from the docs how to actually run it safely
<sbeattie> SpamapS: the ServerMYSQLTestsuite class in http://bazaar.launchpad.net/~ubuntu-bugcontrol/qa-regression-testing/master/annotate/head%3A/scripts/test-mysql.py (starting at line 411) is how I got the testsuite to run on maverick.
<sbeattie> SpamapS: I *believe* it adds its own tables, etc. but I ran it in a throwaway VM to be safe anyway.
<SpamapS> sbeattie: mysql-test-run.pl starts its own mysqld ..
<sbeattie> SpamapS: ah, right.
<sbeattie> (it's been a couple of weeks since I looked)
<SpamapS> sbeattie: that code will need to be updated, bug #375371 will add apparmor restrictions that only allow mysqld to run as mysql and write to /var/tmp/mysql ...
<uvirtbot> Launchpad bug 375371 in mysql-dfsg-5.1 "MySQL must not use /tmp" [Medium,Confirmed] https://launchpad.net/bugs/375371
<sbeattie> SpamapS: okay, actually, switching to use the mysql user simplifies things mildly, and the vardir thing can easily be adjusted.
<SpamapS> sbeattie: right, that should eliminate the need for --force
<RoAkSoAx> smoser: http://bazaar.launchpad.net/~testdrive/testdrive/trunk/revision/295
<sbeattie> well, the --force is there to report all failures, not just the first, I thought.
<jaminc> anyone here notice that the server and desktop installs generate different group IDs for the same groups and a conflicting user ID?
 * sbeattie actually fires up  ./mysql-test-run.pl --help to verify.
<jaminc> which package should a bug like this be filed against?
<smoser> RoAkSoAx, can you paste me a command line to run  to test ?
<sbeattie> SpamapS: the test-bt: target mysql's built tree Makefile{,.in} is the best source of documentation (such as it is) on how to actually drive the testsuite.
<sbeattie> s/target/target in/
<smoser> other comments i have , are that you should make the kvm command line closer to the "other"
<smoser> cmd = "kvm -boot a -fda %s -drive file=%s,if=virtio" % (self.FLOPPY_FILE, self.td.DISK_FILE)
<smoser> shoudl be more like
<RoAkSoAx> smoser: testdrive -p uec-daily --flavor uec-server should do the ttrick
<smoser> should be more like:
<smoser> cmd = "kvm -m %s -smp %s -boot a -drive file=%s,if=virtio,cache=writeback,index=0,boot=on %s" % (self.td.MEM, self.td.SMP, self.FLOPPY_FILE, self.td.DISK_FILE, self.td.KVM_ARGS)
<smoser> RoAkSoAx, is there a way that i can tell it "do that, but use a mirror from X"
<smoser> (rather than uec-images)
<RoAkSoAx> smoser: not really. What other mirror would you like to use?
<smoser> my local
<RoAkSoAx> smoser: uhmmm we currently no longer provide an option to specify a mirror given that everything now work sthanks to the manifest
<RoAkSoAx> smoser: however, what we could do is add support to 'testdrive -u' to handle .tar.gz from otherrepos. Since currently we can actually use other repos but for single .iso or .img
<smoser> i think thats what kirkland was originally expecting
<webpragmatist> which linux ftp do you guys use
<webpragmatist> server*
<smoser> personally, lftp rocks.
<smoser> RoAkSoAx, one thing i notice, you seem to be extracting explicit names from the tarball
<smoser> if you're basing that on the name of the tarball, it wont work for released versions
<webpragmatist> smoser: not client?
<webpragmatist> server
<smoser> oh. never mind hten. :)
<smoser> the name in the tarball for a released version != the name of the tarball
<webpragmatist> vsftp or proftp?
<SpamapS> I'm a proftpd man myself. :)
<SpamapS> its the apache of ftpd's .. meaning its slow but it does *everything*
<RoAkSoAx> smoser: ok. I'll work with thant once a release with kvm support is out
<smoser> the solution i gave in the bug is the right way to do it. there isn't a data file or anything explicitly telling youthe contents. you just need to extract it all and then look for -floppy and .img
<smoser> i test here, i get: ERROR: Unable to launch Virtual Machine
<smoser> from current tip of that branch, using: PYTHONPATH=$PWD ./bin/testdrive -p uec-daily --flavor uec-server
<smoser> am i doing something wrong ?
<webpragmatist> SpamapS: probably the most used?
<SpamapS> webpragmatist: vsftpd is pretty popular too
<RoAkSoAx> smoser: try replacing testdrive/testdrive.py and testdrive/virt/kvm.py with the ones in /usr/lib/python2.6/dist-packages/testdrive
<hggdh> why would  iscsi-udeb be kicked in by partman on an install?
<SpamapS> webpragmatist: vsftpd has the added benefit of being audited for security holes
<webpragmatist> SpamapS: do they both use PAM?
<smoser> RoAkSoAx, now i dont get a prompt for uec-daily . it just gives me a prompt for iso
<SpamapS> webpragmatist: that is a monumentally bad idea IMO. ;)
<webpragmatist> SpamapS: currently i am just using sftp
<SpamapS> webpragmatist: ftp as a non anonymous service is really just a big bucket of fail. :)
<RoAkSoAx> smoser: coudl you copy/paste whole output please?
<webpragmatist> SpamapS: i'd like to continue using sshd but what happened is that I now have to connect to a vpn to access ssh.....
<webpragmatist> so i need still a simple method for uploads for people who don't have that vpn access
<smoser> RoAkSoAx, http://paste.ubuntu.com/483045/ and http://paste.ubuntu.com/483044/ from bzr and modified bzr respecitevely
<smoser> modified bzr is tip but cp /usr/lib/python2.6/dist-packages/testdrive/testdrive.py testdrive/testdrive.py && cp /usr/lib/python2.6/dist-packages/testdrive/virt/kvm.py testdrive/virt/kvm.py
<jdstrand> hallyn: http://launchpadlibrarian.net/54313707/buildlog_ubuntu-maverick-amd64.libvirt_0.8.3-1ubuntu7_FAILEDTOBUILD.txt.gz
<RoAkSoAx> smoser: was the other way around :):/
<jdstrand> hallyn: the problem seems to be:
<jdstrand> The following packages have unmet dependencies: qemu-kvm : Depends: qemu-common (>= 0.12.5+noroms-0ubuntu3) but it is not going to be installed
<jdstrand> actually I'll pull in kirkland too ^
<jaminc> which (meta-)package should I file a bug report against for differing/conflicting user/group accounts between default server and desktop installs?
<smoser> RoAkSoAx, why would I do that ?
<smoser> i set pythonpath
<smoser> it is reading from ./testdrive
<RoAkSoAx> smoser: i mean: cp testdrive/testdrive.py /usr/lib/python2.6/dist-packages/testdrive and cp testdrive/virt/kvm.py /usr/lib/python2.6/dist-packages/testdrive/virt
<kirkland> jdstrand: howdy
<kirkland> jdstrand: sup?
<smoser> RoAkSoAx, right, but i set PYTHONPATH so i should not have to do that.
<RoAkSoAx> smoser: let me try
<jdstrand> kirkland: hey. see backscroll from a minute ago. I was wondering if you knew what was going on there
<jdstrand> kirkland: libvirt wouldn't build cause qemu-common wouldn't be installed
<Cuddle-Ing> hello i've got a small issue i hope, i've just compiled the xen-4.0.1-rc6-pre.gz and vmlinuz-2.6.31.14 ob ubuntu 10.04.1, It looks like that XEN will be loaded, but after that i get the following error message "mount: mounting none on /dev failed: No such device" and "mount: mounting /dev/mapper/ubuntu--xen-root on /root failed: no such device" and some more message like them. I've got no idea where the problem is.  I c
<kirkland> jdstrand: hmm
<kirkland> jdstrand: https://edge.launchpad.net/ubuntu/+source/qemu-kvm/0.12.5+noroms-0ubuntu3/+build/1932531
<kirkland> jdstrand: buildd's appear to be behind
<kirkland> jdstrand: qemu-kvm i386 hasn't built yet
<jdstrand> kirkland: oh, qemu-common is arch all, right?
<smoser> well thats wierd. it worked this time
<jdstrand> kirkland: yes, that's it. sorry for the interruption
 * jdstrand tries to be patient
<kirkland> jdstrand: :-)  np
<hallyn> so where does the 'is not goin to be installed' come from - does it really mean "I can't", or does it really mean "pshaw, i don't feel like it"?
<kirkland> jdstrand: i had a small heartattack there, wondering if i effed something up :-)
<jdstrand> kirkland: sorry. mdeslaur gave me the same heartattack with libvirt :)
<kirkland> jdstrand: hehe
<Cuddle-Ing> anyone there who has some experiences with Xen 4.0 and ubuntu 10.04
<RoAkSoAx> smoser: it works for me
<smoser> yeah, and worked this time here. dont know what went wrong.
<hggdh> are there any known issues with the server daily image? On install no disks are recognised here
<RoAkSoAx> smoser: ok cool then. I'll add the support for 'testdrive -u <proto>://path/img.tar.gz' then, so you can test agains other mirrors
<smoser> yeah.
<Cuddle-Ing> looks like there is no one there who has tried xen 4.0 with the ubuntu server release
<smoser> and fix that kvm command line up like i suggested up above
<hallyn> Cuddle-Ing: jjohansen might have
<hallyn> i've certainly not
<jjohansen> Cuddle-Ing: I haven't gotten to that either yet
<lhavelund> jono: I disagree with your blog post. :[
<Cuddle-Ing> damned
<lhavelund> jono: ping
<webpragmatist> SpamapS: well that was pretty much dead easy... installed proftp, removed the comment for root the dudes
<jono> lhavelund, hey
<jono> sorry was afk
<lhavelund> jono: perhaps we should... find a better forum for it, though.
<lhavelund> :p
<lhavelund> (Sorry for interrupting the flow here guys :))
<lhavelund> jono: -offtopic?
<lhavelund> jono: That is, if you have time :)
<jono> lhavelund, why don't you leave a comment on my blog
<lhavelund> jono: Sure; I'm not much of a bloggieman. I'm old school ;)
<jono> :)
<SpamapS> sbeattie: running with 5.1.49-1ubuntu7 I get a failure with this command line:
<SpamapS> sudo -u mysql mkdir -p /tmp/test && sudo -u mysql /usr/lib/mysql-testsuite/mysql-test-run.pl --vardir=/tmp/test
<SpamapS> sbeattie: http://paste.ubuntu.com/483054/
<lhavelund> jono: But I'll write something anyway. :)
<resno> im trying to setup postfix for my office to send emails. ive changed the mx to my ip address, but the message isnt being sent.
<resno> im getting connection time out errors
<resno> hey lhavelund
<lhavelund> \o.
<lhavelund> jono: done.
<jono> thanks lhavelund!
<lhavelund> jono: welcome :)
<lhavelund> jono: a discussion is always welcome. :)
<webpragmatist> SpamapS: can you use a ssl cert in combination with a bundle with proftpd
<SpamapS> webpragmatist: I've used SSL+proftpd before, but I don't recall the details, and I don't understand what you mean by a "bundle" in that context.
<webpragmatist> well if it's not self signed you have an intermediary bundle certificate or something
<webpragmatist> like a root cert
<webpragmatist> i guess it what it's called
<webpragmatist> i think you can just put them in the same key though
<Cuddle-Ing> i could nt believe that there is no one who tried xen 4.x with ubuntu 10.04
<SpamapS> Cuddle-Ing: I think ubuntu-ites tend to prefer kvm. ;)
<Cuddle-Ing> then i need to change the dist :(
<sbeattie> SpamapS: I *think* what's happening is that there may be a prostprocessing regex that's converting the vardir you passed into MYSQLTEST_VARDIR so as to shield the testsuite from detecting differences based on different passed vardirs.
<sbeattie> SpamapS: in your case, I *think* the vardir you passed is matching a path used in one of the tests.
<sbeattie> SpamapS: a better way to invoke the testsuite is probably something like: sudo -u mysql sh -c '/usr/lib/mysql-testsuite/mysql-test-run.pl --vardir=$(mktemp -d /tmp/mysql-XXXXXXXXXX)'
 * sbeattie is testing now, but that's akin to what I was doing before when the testsuite would work for me.
 * sbeattie steps away for a few minutes.
<SpamapS> sbeattie: except you can't use /tmp ;)
<SpamapS> sbeattie: but ok, I'll go with a random vardir and try that
<jono> nealmcb, ping?
<MTecknology> thesheff17: So.. The only thing I use jailkit for now is to actually jail the users
<sbeattie> SpamapS: I'm fully confident in your ability to get mktemp to create a directory in /var/tmp/mysql. :-)
<sbeattie> (basically, what you really want is to not match the pattern \/tmp\/test
<thesheff17> MTecknology: yea I have done a ton with chroot before and that made it very easy.
<MTecknology> thesheff17: debootstrap + chroot + jk_jailuser - about all I use to make it work :)
<MTecknology> I'm moving my bot into a jail
<thesheff17> MTecknology: nice...I just got back my SAN but the software is only rpm based that runs powerpath :-/
<thesheff17> *back
<MTecknology> ouchy
<uvirtbot> New bug: #623608 in tftp-hpa (main) "Syslog time it's wrong" [Undecided,New] https://launchpad.net/bugs/623608
<thesheff17> does virt-manager doesn't support binding to br0?
<thesheff17> I forwarded virt-manager through X and it lets me connect to br0 through localhost...what gives?.
<SpamapS> sbeattie: actually, using /var/tmp/mysql instead of /tmp/test fixed it. :)
<SpamapS> /usr/lib/mysql-testsuite/mysql-test-run.pl  --vardir=/var/tmp/mysql/test --tmpdir=/var/tmp/mysql/test/tmp2
<SpamapS> seemed to do it (had to create a separate tmpdir because the test suite still wants to use /tmp by default)
<SpamapS> zul: looks good, posted test results to bug #375371
<uvirtbot> Launchpad bug 375371 in mysql-dfsg-5.1 "MySQL must not use /tmp" [Medium,Confirmed] https://launchpad.net/bugs/375371
<sbeattie> SpamapS: will the mysql-server package create /var/tmp/mysql or does the test scripts need to create it?
<sbeattie> s/(package)/\1 or initscript/
 * sbeattie is fixing up the script in qa-r-t to match.
<SpamapS> sbeattie: the upstart job has to create it
<SpamapS> sbeattie: because /var/tmp's contents can never really be assumed
<SpamapS> sbeattie: I'd say to be safe, you need to test for its existence too.. in case for some reason the machine running the tests has mysql disabled in /etc/init/mysql.conf
<MTecknology> where are user crons held?
<SpamapS> MTecknology: /var/spool/cron
<MTecknology> SpamapS: thanks :)
<hallyn> odd, ubuntu kernel gitweb seems to be hanging for me
<RoAkSoAx> smoser: do you want  'testdrive -u ' work agains a local uec .img or .tar.gz or both?
<hallyn> kirkland: wow, i've never before noticed that 'byobu' automatically re-attaches :)  I was always doing 'screen -r' after detaching
#ubuntu-server 2010-08-25
<ryan_> fajita: wtf
<ryan_> wrong room
<uvirtbot> New bug: #623688 in bacula (main) "package bacula-director-mysql (not installed) failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/623688
<zul> hallyn: slacker ;)
<droogie> i've created a kvm image using vmbuilder. After the image got created I added a new lvm volume for it. Now I'm trying to convert the .qcow2 image to that blockdevice using 'qemu-img convert -O raw input.cqow2 /dev/vg/lv' and qemu throws an error: qemu-img: Error while formatting '/dev/vg/lv', anybody got any suggestion?
<ball> Is /dev/random faster on platforms with hardware RNGs that the kernel understands?
<ball> 23158 bytes (23 kB) copied, 43186.7 s, 0.0 kB/s
<smoser> RoAkSoAx, well, i suppose ideally both.
<smoser> if you have some "profile" or some way that I indicate "this is a uec image", then you can easily do both. i don't mind if i have to say "--uec" or the equivalent.
<RoAkSoAx> smoser: I was thinking exaclty on the same thing. THe other way is to do a 'file uec.img' and determine if it is a UEC image, if all offcourse have the same output
<smoser> i dont really care about auto determining.
<smoser> i dont mind passing an arg that indicates what it is.
<smoser> later you can get smarter
<RoAkSoAx> smoser: yeah at the end it is just tweaking. Either way, it will work.
<smoser> RoAkSoAx, i'm going to be out tomorrow. send email to me if you need anything.
<smoser> thanks for your work, and great job.
<smoser> if i can nit-pick, then one thing i would really like to see is to do time stamp detection on the .img and -floppy files being newer than the tarfile
<smoser> since you're using qemu-img backing store, you could then avoid the 'tar -Sxvzf' again, which is time consuming.
<smoser> but... anyway. thanks.
 * ball unplugs a hard disk, just to see what happens.
<hallyn> zul: huh?
<itsux2bu> when i installed 32-bit Ubuntu Server 10.04  it gave me the option to install LAMP, OpenSSH, and Samba.. but i didn't install them at the time.. i want to install them now.. whats the apt-get install ???
<itsux2bu> for those 3 programs
<ball> Very sensibly the software RAID warned me about the failure and offered to run in degraded mode.
<YankDownUnder> Anyone familiar with Dynamic DNS...?
<uvirtbot> New bug: #622815 in samba (main) "impossible to open network resources with nautilus" [Undecided,Incomplete] https://launchpad.net/bugs/622815
<vibedigital> hi
<vibedigital> i want install truecrypt in ubuntu-server 10.04 how the right way ?
<slestak> hey guys.  got a racing /sbin/getty i cannot explain.  killed it and another pid spun up using same cpu
<slestak> lucid server 10.4.1 on intel (older hp server)
<slestak> id rahter troubleshoot this and learn sth.  dont want to reboot
<itsux2bu> anybody know where phpmyadmin puts its files after an install?
<funkyHat> itsux2bu: dpkg -L phpmyadmin probably knows
<RoAkSoAx> smoser: that's what I was trying to do too actually, however IDK why, the tarball keeps newer timestamp. I'll just figure it out overtime anyways
<itsux2bu> i find them..
<itsux2bu> https://help.ubuntu.com/community/phpMyAdmin  <<-- this actually had useful info for a change
<itsux2bu> made 1 file edit and now i see my phpmyadmin in my browser
<itsux2bu> nice when something doesn't take hours and hours to get working
<sailerboy> what's a good web server for ubuntu on a vps?
<lifeless> 10.04
<collabra> I've a question.... does the 9.04 ubuntu-server include all the packages the desktop version does?
<sailerboy> no
<collabra> thank you,... i thought not
<sailerboy> it doesnt include a desktop enviroment
<sailerboy> afaik
<lifeless> sailerboy: collabra: server *CD* does not include desktop packages.
<lifeless> you can however install them with apt-get
<lifeless> at which point it becomes the same thing
<collabra> thanks,.. i just got banned from #ubuntu because i said the same thing.
<sailerboy> really?
<collabra> yeah
<lifeless> that seems like an overreaction
<collabra> extreme overreaction,... i was firm and blunt ,... no language or anything,...
<collabra> but he kept instisting and i kept firm,.. and "boot",.. anyways ,... thanks for the affirm
<JasonMSP> Anyone have a best solution for providing FTP access for my clients?  I want to lock them into their var/www/theirwebsite folder with no possible access anywhere else on the system.  Preferbally secure connection if possible.
<uvirtbot> New bug: #623780 in openssh (main) "package ssh (not installed) failed to install/upgrade: ÏÏÎ¿Î²Î»Î®Î¼Î±ÏÎ± ÎµÎ¾Î¬ÏÏÎ·ÏÎ·Ï - Î±ÏÎ®Î½ÎµÏÎ±Î¹ Î¼Î· ÏÏÎ¸Î¼Î¹ÏÎ¼Î­Î½Î¿" [Undecided,New] https://launchpad.net/bugs/623780
<ball> hello chilicuil
<zenmower> make a symlink in their home directory
<uvirtbot> New bug: #623790 in samba (main) "Windows Vista fails to connect to visible share with 0x80070043 error" [Undecided,New] https://launchpad.net/bugs/623790
<ball> Well, that's my latest batch of tests done.
<alex88> twb: hi man..
<alex88> i've got fine to run apache in chroot..but not the php script
<twb> I don't really care.
<alex88> k
<alex88> it was a way to ask for help :)
<intelliant> [12:03] <intelliant> Hello! [12:03] <intelliant> Is this a good place to discuss ldap client auth issues/ [12:03] <intelliant> ? [12:04] <intelliant> I am authenticating an ubuntu LTS 10.04 desktop client against a centos based openLDAP server following this guide - https://help.ubuntu.com/community/LDAPClientAuthentication#Notes%20for%207.10%20and%20later
<intelliant> hey! sorry for the copy/paste ^^ ? but i hope the request is understood ?
<twb> intelliant: and what isn't working?
<intelliant> twb: the client authentication throws me out randomly
<intelliant> I was doing this for an ltsp-cluster setup on 10.04
<twb> "randomly" as in it works sometime?
<intelliant> yes it did work once 4 days ago and yesterday again it kept on dying on me
<intelliant> i did nt change a thing
<intelliant> even the package db seemed to be broken for some reason so I have actually trashed the entire setup and am starting anew
<intelliant> wanted to know if the link above was the correct method to do client auth
<intelliant> or is there a better and proven way
<intelliant> ?
<twb> client auth should simply be "sudo aptitude install ldap-auth-client"
<intelliant> okay will try this as well this time and keep you posted
<twb> The pam part is automatic as of 10.04
<intelliant> twb: what's your timezone ?
<twb> The nss part would still need to be done by auth-client-config(8), so I guess you'd also need to call it.
<twb> intelliant: Australia/Melbourne.
<intelliant> phew so only a few more hrs
<intelliant> twb: i am a complete novice at ubuntu but may call myself a medium hand at linux and opensuse
<intelliant> twb: so should i make the changes to  /etc/auth-client-config/profile.d/open_ldap  and then execute  auth-client-config -a -p open_ldap
<intelliant> or do something differently?
<twb> intelliant: you're using 10.04?
<intelliant> yes
<twb> OK, what I do is:
<twb> 1) Install ldap-auth-config and ldap-utils; 2) run "auth-client-config -plac_ldap -tnss"; 3) add "bind_policy soft" and "pam_lookup_policy yes" to /etc/ldap.conf
<intelliant> and using server edition for installing ltsp-root server and alternate for appserver as per https://help.ubuntu.com/community/UbuntuLTSP/LTSP-Cluster
<twb> You only need (3) if you're using slapo-ppolicy(5) on the LDAP server.
<intelliant> any changes in /etc/ldap/ldap.conf ?
<intelliant> I am not using SSL, TLS etc as of now
<twb> intelliant: those are the only changes I make to the client
<twb> Installing ldap-auth-config should automatically configure ldap.conf and .secret
<intelliant> twb: thanks for sharing your notes and guidance
<intelliant> I shall revert with my results
<twb> If you can, you should also update that documentation page you were reading
<intelliant> yes, once i achieve success, will do so, till now I am only confused by all the random results
<cemc> hey guys. I have problems installing a 10.04.1 amd64 server on a HP ProLiant DL385 G6
<cemc> I'm using an usb stick which I created with the Startup Disk creator from another 10.04 desktop install
<cemc> the server has 3xHDDs in RAID5, so ubuntu sees one sda. I boot from the usb stick, install ubuntu, everything seems fine
<cemc> (nothing fancy, / partition, some swap and /opt). then I reboot, remove the usb, but the server won't boot, it's just "Attempting Boot from Harddisk", that's it
<twb> shred -v is pretty cool
<twb> Pity it's totally useless with a modern filesystem
<cemc> then I go erase and recreate the raid5 from the controller menu. If I reboot, it goes on trying to boot from hdd, floppy, network, then reboots and tries again. that's all fine. but then, I try to boot from the stick again and it gives me error: no such dev: (UUID),
<cemc> and I get a grub rescue> prompt
<twb> cemc: I bet you've managed to install grub onto the USB key
<twb> cemc: this is basically caused by grub2 being utterly evil and broken and retarded and I hate it
<raywang> hello all, how to install posfix without further postinst? e.g. ignore the configuration stage when installing it
<twb> What I do now, is load the installer into memory, then physically remove the USB key before partman starts, so that grub *can't* see the USB key and confuse it with the hard disk
<cemc> twb: and how do you do that? the machine has 16gb ram, so that would be ok I guess
<twb> Of course, this is only possible if you're using the netboot installer; the hd installers that want an .iso won't work because they need the .iso to stay visible
<twb> cemc: loading the neboot media into memory only needs 16MB
<cemc> twb: I see, but how exactly? what do I put on the usb? never did this before, only with normal iso on the usb stick
<twb> You put these on: http://archive.ubuntu.com/ubuntu/dists/lucid/main/installer-amd64/current/images/netboot/ubuntu-installer/amd64/{linux,initrd.gz}
<twb> Then you point whatever bootloader you have on your USB key at them
<raywang> hi, all I was trying to install posfix without further postinst , so i append --pending, like dpkg -i --pending postfix.deb  but with no luck
<cemc> twb: I don't need anything else on the stick, just these two files and syslinux.cfg ?
<twb> cemc: well, and sylinux' ld.linux
<cemc> sure, that too
<twb> But yeah, that's all
<twb> That basically contains enough to get the network working, and then everything else comes down from the networ
<cemc> twb: and when do I pull out the usb stick?
<twb> As soon as the kernel and ramdisk finish loading, you can pull it out
<Jordan_U> twb: This bug has nothing to do with grub2, it's a bug in debian-installer which existed with grub legacy as well (which has finally been fixed in debian testing/unstable and Ubuntu Maverick).
<Jordan_U> twb: When you get to the last screen of the installer there is a button labeled "advanced". Click that button and select the proper device for grub to be installed to.
<Jordan_U> cemc: ^^
<cemc> Jordan_U: yeah, I could've think of that myself... but I didn't think it's a grub thing. now I installed with twb's method, and it seems to work just fine. but just for the fun of it, I'll try that advanced thing
<cemc> I guess it prefers sda over /dev/cciss/c0d0 ;)
<twb> Jordan_U: I see no tab in d-i, booting with priority=low.
<twb> Jordan_U: are you confusing d-i with ubiquity?
<twb> (Indeed, IIRC without priority=low, it doesn't even prompt to install grub, it just does it.)
<Jordan_U> twb: Yes and no. The bug is in debian-installer code which is shared in ubiquity but the "advanced" button is only in ubiquity :)
<cemc> twb: it did ask me, I didn't use priority=low (whatever that is)
<twb> Well, this is -server, so we don't have access to ubiquity.
<Jordan_U> twb: Trying to figure out how to do the same from d-i right now.
<twb> The real problem is that device.map changes after you remove the USB key.
<twb> Because the BIOS temporarily places the USB key at (hd0) to boot the installer
<Jordan_U> twb: No, that's not the real problem.
<twb> If you say so
<cemc> but _something_ gets installed on the hdd too
<twb> cemc: I assume the stage2 does
<cemc> could be
<cemc> twb: but your way worked too, with the netboot thing. thanks!
<intelliant> twb: ssh server does not get installed by default while installing the server
<intelliant> choosing expert mode may allow me to choose but is there any other way after installaiton
<Jordan_U> cemc: I can't find a way to change what device grub is installed to from the server installer, which is unfortunate even without this bug. twb's method might be the only way to work around this bug currently with a server install.
<cemc> Jordan_U: I see, not really a problem here. Besides, this netboot install is kinda faster for me, I think
<cemc> intelliant: apt-get install openssh-server ?
<RudyValencia> How do I setup an identd for IRC?
<RudyValencia> !identd
<pnunn> Hi guys, got a bit of an issue with virtual ip's on an interface.  My interfaces file looks like this
<pnunn> # The primary network interface
<pnunn> auto eth0
<pnunn> iface eth0 inet dhcp
<pnunn> auto eth0:1
<pnunn> iface eth0:1 inet static
<pnunn> address 111.125.169.117
<pnunn> netmask 255.255.255.240
<pnunn> gateway 111.125.168.113
<pnunn> but when I do an ifup I get
<pnunn> Listening on LPF/eth0/d0:0d:42:20:07:96
<pnunn> Sending on   LPF/eth0/d0:0d:42:20:07:96
<pnunn> Sending on   Socket/fallback
<pnunn> DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 4
<pnunn> DHCPOFFER of 172.19.1.6 from 169.254.169.254
<pnunn> DHCPREQUEST of 172.19.1.6 on eth0 to 255.255.255.255 port 67
<pnunn> DHCPACK of 172.19.1.6 from 169.254.169.254
<pnunn> bound to 172.19.1.6 -- renewal in 539 seconds.
<pnunn> stop: Unknown instance:
<pnunn> ssh start/running, process 2386
<pnunn> SIOCSIFFLAGS: Cannot assign requested address
<pnunn> Failed to bring up eth0:1.
<pnunn> However, ifconfig shows the interface existing and I can ping it.
<pnunn> However, I can't ssh into it for some reason.. from the logs it seems I'm not even hitting it.
<pnunn> Any ideas?
<cemc> pnunn: first idea: use pastebin ;)
<_ruben> joy .. my ubuntu vm (running in vmplayer) has decided to kernel oops on boot with some ext4 error
<pnunn> oh.. sorry.. don't know what that is even.. lol.
<cemc> pnunn: if you have something to show that's more than 1-2 lines long, use this http://pastebin.ubuntu.com/, then paste only the link here
<pnunn> cemc: OK, I'll keep that in mind... ta.
<cemc> np
<intelliant> cemc: remeber having tried that earlier
<intelliant> will try that again and revert
<intelliant> also installing ubuntu-server 64-bit as a kvm vm on opensuse host, any special cosiderations?
<RudyValencia> How do I setup an identd for IRC on my Ubuntu server?
<joschi> RudyValencia: install oidentd and configure it
<joschi> RudyValencia: alternatives: http://packages.ubuntu.com/lucid/ident-server
<RudyValencia> I have oidentd set up but I'm not sure how to configure it to respond to IRC servers' ident queries
<RudyValencia> I can't figure out which settings to apply to it
<cemc> if I don't have internet connection, squid fails to start with some DNS test failing. how could I disable that test so squid starts no matter what? I understand there's a -D option, but where should I set that?
<soren> Man, debugging capabilities stuff /sucks/.
<soren> I must have spent 4 hours wondering why the heck uml would open a file read-write just fine if run from the command line, but only read-write from libvirt.
<soren> Turns out libvirt sheds all CAPs and file was owned by someuser:nogroup with mode 640, so root could only open it for reading.
<soren> Er... someuser:root, I mean.
<garymc> Hi im trying to tell my PoE switch to check my NTP server for time settings. How do I know what my NTP server settings are. I know the IP address but I dont know if its DNS or IPv4 etc
<garymc> and what port it uses
<soren> If you know the ip, you also know whether it's ipv4 or ipv6.
<soren> "Whether it's DNS" makes no sense.
<soren> As for the port, it seems unlikely that you changed the default, so that'd be 123.
<a_ok> where can I find documentation for all things allowed in the upstart configuration?
<joschi> a_ok: `man 5 init`
<a_ok> joschi: thanks. i'm writing an upstart conf for iptables. the task stranza seems what I need but than I can not define a stop command
<twb> a_ok: just install iptables-persistent
<a_ok> twb: won't do in my case need custom stuff
<twb> if you say so
<a_ok> persistent cant load from a config file at a user defined location
<ewook> anyone tried out Zimbra ?
<twb> a_ok: just symlink it
<twb> Or edit the init.d/iptables-persistent script; it's a conffile, so that's allowed
<a_ok> twb: I already made an normal init.d script just wanted to see if I could do it the ubuntu way and make an upstart job out of it
<twb> a_ok: what you'd do would be to write two upstart "task" jobs, one for up and one for down
<twb> And trigger the latter "start on shutdown" or something
<a_ok> twb: the think i wanted to do was "service iptables start" to load the rules and "service iptables stop" to flush the rules. I can make one or the other work but not both :(
<twb> I'm amazingly unenthusiastic about upstart
<xampart> i have /export as nfs-share. i did "mount --bind /some/other /export/dir", but it doesn't show at remote host
<twb> xampart: unfortunately the NFS server is implemented in the kernel, and thus doesn't understand most other filesystem things
<twb> xampart: you can either give up on that, or switch to the (slow, sucky) userspace NFS server.
<garymc> soren ok, im just going off what my netgear switch options gives me.
<xampart> so ext4 is the problem? cause my other (mount --rbind /home/%u/Maildir /export/mail/%u/Maildir) mount works
<garymc> is there a way of checking the port is 123 as thats what I set in my PoE switch but it isnt registering a time stamp
<twb> No, the problem is the NFS kernel server
<xampart> why does my other mount work though?
<twb> Because it's not a bind mount?
<xampart> yes it is
<twb> Hum, maybe you only need to rerun "exportfs", then
<twb> I can't remember which specific bits NFS doesn't grok
<xampart> i think it gets run every time nfs-kernel-server gets started
<twb> Well, it gets magicked at boot
<twb> But if you just now ran "mount -obind", you should rerun it
<twb> Historically NFS exports only filesystems, not arbitrary directory trees, so you probably want an -r in there, too.
<xampart> didn't do the trick
<garymc> ok whats the differnce between NTP and SNTP?
<xampart> it's simple?
<uvirtbot> New bug: #623904 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade: il sottoprocesso vecchio script di post-installation ha restituito lo stato di errore 1" [Undecided,New] https://launchpad.net/bugs/623904
<a_ok> how do I list all services that are started for a sertain runlevel?
<xampart> ls /etc/rc?.d/ | grep ^S
<xampart> ? = leveel
<a_ok> xampart: does this include upstart?
<xampart> dunno
<intelliant> is it advisable to have vm guests sync time using an ntp-server
<intelliant> ?
<joschi> intelliant: yes
<a_ok> xampart: no it does not... so it is no help :(
<a_ok> there seems to be no way to find out what will be started with a sertain runlevel
<joschi> a_ok: `man initctl`
<intelliant> joschi: came across this - https://help.ubuntu.com/community/KVM/FAQ#Should%20ntp%20be%20used%20for%20time%20synchronisation?
<intelliant> isn't it confusing?
<intelliant> or have i misunderstood it?
<joschi> intelliant: I thought you were talking about vmware VMs. for them see http://kb.vmware.com/kb/1006427
<intelliant> sorry i was talking about VMs in general, but it seems there is a difference
<joschi> intelliant: it basically depends on the virtualization technology you are using
<a_ok> joschi: is mountall run at boot or not?
<a_ok> I don't seem to get an answer to that question...
<a_ok> not even with initctl
<uvirtbot> New bug: #229487 in mailman (main) "list_lists in mailman crashed with AttributeError" [Medium,Invalid] https://launchpad.net/bugs/229487
<joschi> a_ok: `$ grep start\ on /etc/init/mountall.conf` -> "start on startup" -> see init(5)
<kimda> Does Ubuntu 10.04 LTS with a HP Proliant DL160 G6 with P410 raid controller? Because I 've tried installing Debian Lenny amd64 on it but after installing I get a blinking cursor and no grub boot screen.
<alex88> kimda: http://www.ubuntu.com/partners/hp seems ok to 9.04 so i think also with 10.04
<smoser> RoAkSoAx, well a couple of things might cause the tarball (.tar.gz) or the contents (.img, -floppy) to timestamps other than current.  the downloadinging software you're using might respect/keep the timestamp sent in the http header (generally a god thing).  And then, when you extract, tar will also keep the modification dates that are in the tarball.
<smoser> both of those could be "fixed", by just setting the timestamp at the end, but would probably be better to store somewhere what those were, and compare versus them.  if they're not the same as your record says, then assume modified and re-extract.
<kimda> alex88: thanks I will try it out
<a_ok> joschi: with all the dependencies and emits its kinda hard to find out what is starting at your runlevel. thanks for the help though
 * a_ok thinks upstart is a realy bad idea (to complex, very anoying for the admin. should be like gentoo's init)
<alex88> kimda: np
<soren> jdstrand: Dude.
<alvin> Isn't Gentoo moving away from init? (I liked gentoo's system too.) I forgot the name, but it's not moving to upstart.
<joschi> alvin: no
<alvin> I might be mistaken. It's probably funtoo that uses another init system.
<a_ok> yeah it uses another init system
<a_ok> archlinux is even cruder. I must say that upstart is really advanced and probably the greatest for desktop. but I like gentoo's init best on servers
<joschi> a_ok: well, arch linux uses a bsd style init. and that's fine for it's purpose ;)
<uvirtbot> New bug: #623940 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.6 failed to install/upgrade: subprocess installed post-installation script returned error exit status 128" [Undecided,New] https://launchpad.net/bugs/623940
<alvin> I have mixed feelings about upstart. You need to do some things after booting that really should happen automatically. Like restarting libvirt-bin or quasselore ir you run those.
<a_ok> joschi: ow didn't even know that it was bsd style. I use arch on my laptop and is the easist to configure. but you can easily screw up dependencies. and don't think it has runlevel seperation
<a_ok> alvin: my problem is that I have to many services installed that I most of the time do not need running perminently or might even cause serious problems when they start on auto
<a_ok> try forinstance updating open-iscsi when your server does an iscsi boot.... It will hang on shutdown
<alvin> Ugly
<a_ok> yep
<a_ok> the problem in this case was more that ubuntu packages try to start services when installing and add them to be booted (what means that why will also be brought down on shutdown what was the problem in my case)
<a_ok> s/why/they/
<a_ok> I once took out the out the entire webserver because I was installing a package that included a website and thought it would be fun to restart apache after injecting its config file (what conflicted with our setup)
<a_ok> nice thing to have on a production server...
<Daviey> hallyn, Are you around?
<lhavelund> a_ok: heh; I installed ebox at one point. when I decided I didn't want it, it nuked my server, removing openssh-server, apache and a bunch more packages.
<ttx> hggdh: ping me when you're around
<hggdh> ttx: I am here for the next few minutes
<hggdh> (then on a Dr appointment for one hour)
<ttx> Daviey: around ?
<ttx> hggdh: wanted to look at https://bugs.launchpad.net/ubuntu/maverick/+source/eucalyptus to ensure it reflects current must-fix euca2 issues in Maverick
<hggdh> ttx: will do, as soon as I return
<ttx> hggdh: ping us when you're back.
<ttx> (us=Daviey and me)
<hggdh> ttx, Daviey: ack
<Daviey> hggdh, o/
<raubvogel> When you do add-apt-repository in 10.04, where are the repositories added to? I am not seeing any changes to /etc/apt/sources.list
<_ruben> probably /etc/apt/sources.list.d/ then
<mathiaz> zul: hi!
<mathiaz> zul: what's the state of https://code.launchpad.net/~mathiaz/server-sru-tracker/visual-improvements/+merge/29329?
<zul> mathiaz: i havent had a chance to work on it...perhaps today i can review it
<mathiaz> zul: great - thnaks
<Omahn> Has anyone successfully managed to deploy ganeti on Ubuntu 10.04 with the shipped packages?
<rasengan> When an employee connects to the VPN, the server assigns itself an IP in the same subnet as the VPN.  However, if no employees are connected, the server no longer keeps the IP.  This, of course, causes daemons not to start because of failure to bind to the "non-existant" IP.  Anyone have any solutions?
<zash> rasengan: bind to any ip, filter trafic not from tun*/vpn subnet
<rasengan> zash: Ah, thank you.  Yes, I am an idiot. :D
 * patdk-wk notes 127.* won't work :)
<zash> 127.* is loopback
<rasengan> I have another, more difficult question that I have actually made several attempts to fix.
<rasengan> *               hard    memlock         16384
<rasengan> I have added that line in /etc/security/limits.conf
<rasengan> However, at boot when I chec the ulimit, the memlock limits is like 64 still T_T
<rasengan> In another attempt, I added ulimit -l 16384 to /etc/rc.local and /etc/init.d/local (local sys startup script created as per instructions on ubuntu wiki)
<rasengan> but still, when i connect and list the ulimits, the memlock is set to 64
<rasengan> it is only set to 16384 when i manually login (as root0 and type ulimit -l 16384
<rasengan> How can I set the memlock uliit to 16384 at boot? o_O
<hallyn> Daviey: sorry, had so much actionable email i stayed of irc as long as possible :)
<hallyn> Daviey: what's up?
<patdk-wk> rasengan, works great for me! :)
<patdk-wk> replace hard with -
<rasengan> patdk-wk: ahh ok
<rasengan> so *   - memlock 16384
<rasengan> :D
<Daviey> hallyn, Good Morning! :)
<Daviey> hallyn, Do you have a qemu-kvm uploading waiting?
<hallyn> heh we need mumble to do that justice
<hallyn> hm, not that i know of
<hallyn> i think it's all merged
<hallyn> the latest one, for scsi-writeback in lucid, should be in -proposed now
<Daviey> hallyn, for maverick?
<hallyn> nope, 0.12.5 is the latest i uploaded.  why?
<Daviey> So uploading https://code.edge.launchpad.net/~davewalker/ubuntu/maverick/qemu-kvm/623830 wouldn't get in your way?
<uvirtbot> New bug: #624037 in backuppc (main) "intern error after installation finished" [Undecided,New] https://launchpad.net/bugs/624037
<hallyn> Daviey: nope, looks good :)
<hallyn> thanks
<hallyn> for asking
<hallyn> Daviey: ^
<Daviey> hallyn, awesome
<zul> SpamapS: when you are around can you gimme a list of things you need sponsored/merged and within reason ill do it ;)
<therobot> When installing glusterfs on ubuntu10.04, it seems that fuse module it's not added to /etc/modules so after a reboot glusterfs miserably fails to mount, is that an expected behavior?
<patdk-wk> hmm, I would think it would, autofind the module
<patdk-wk> putting it in etc/modules just force loads it
<hggdh> ttx, Daviey: I am back
<ttx> Daviey: ?
<Daviey> ttx, o/
<ttx> hggdh, Daviey: ok, let's do it !
<therobot> patdk-wk: where I can check that fuse is mounted by autofind?
<ttx> Daviey, hggdh, looking at https://bugs.launchpad.net/ubuntu/maverick/+source/eucalyptus
<Daviey> ttx, Lets get it started in here!
<ttx> bug 619843
<uvirtbot> Launchpad bug 619843 in eucalyptus "euca-get-console-output returns one single line" [High,Confirmed] https://launchpad.net/bugs/619843
<patdk-wk> mounted by autofind?
<ttx> hggdh: that's a 2.0 regression, right ?
<patdk-wk> therobot, you mean, depmod
<Daviey> erm
<SpamapS> zul: cool, I'll whip up a list. :)
<hggdh> correct; culprit is apparmour ;-) ;needs a change in eucalyptus
<Daviey> it's a libvirt induced regression ttx
<ttx> Daviey: so you already know how to fix it ?
<hggdh> change in libvirt was to remove the 9008 patch; we need two changes in Euca
<jdstrand> uhh
<Daviey> ttx, yes, euca' needs to be added to a group.  That should land today
<hggdh> jdstrand: just joking ;-)
<jdstrand> 619843 is not an apparmor problem
<jdstrand> ok
<jdstrand> :)
<hggdh> (sorry)
<jdstrand> ttx: it is actually related to what we talked about earlier today
<ttx> ok, setting to triaged, targeting to beta
<jdstrand> ttx: the chowning stuff
<therobot> patdk-wk: I mean: probably I am not checking in the right place, when rebooting a machine fuse module its not loaded, so I am looking to solve it, I was thinking on adding the module to /etc/modules, but probably there's a more modern approach to solve this
<ttx> ack
<Daviey> hggdh, two changes in euca?
<hggdh> Daviey: we also need to change the depends on libvirt to >=
<ttx> bug 622698
<uvirtbot> Launchpad bug 622698 in eucalyptus "[maverick] Autoregistration of components fails at boot time (euca_conf returns 1)" [High,New] https://launchpad.net/bugs/622698
<Daviey> hggdh, ah, that is the two?
<hggdh> Daviey: yes ;-)
<Daviey> ttx, Working on a local package at the moment, that should fix it.
<ttx> Daviey: fix 622698 ?
<Daviey> Having trouble getting euca from local repo to work at install time :/
<Daviey> so kinda hard for me to confirm, but i believe so
<ttx> ok, marking inprogress then
<Daviey> I think it is that timing issue we outlined.. but the verbose logging is done
<ttx> bug 610987
<uvirtbot> Launchpad bug 610987 in eucalyptus "euca-describe-availability-zones output is a hint, not totally accurate - and should be documented" [Low,In progress] https://launchpad.net/bugs/610987
<Daviey> ttx, it is makred in progress :)
<Daviey> not in progress
<ttx> Daviey: right, by me, 43 seconds ago :)
<Daviey> just need to find somewhere suitable to put a comment in a man page to fix that, really
<hggdh> Daviey: yes, that's it
<ttx> ok, that one is not RC, so I'll unmilestone it. Nice to have in maverick though, so keeping targeted to Maverick
<Daviey> +1
<hggdh> er
<ttx> bug 556763
<uvirtbot> Launchpad bug 556763 in eucalyptus "Debconf eucalyptus/authorized-keys/* preseeds are not supported by eucalyptus-common" [Wishlist,Confirmed] https://launchpad.net/bugs/556763
<ttx> Daviey: am I right in assuming this is *not* a regression, but present in 1.6.2 ?
<Daviey> +1
<hggdh> correct
<ttx> ok, so it's nice to fix, but not RC for beta
<Daviey> yeah..
<hggdh> there is one more thing
<hggdh> I opened a bug on start/stop eucalyptus does not start/stop all
<Daviey> erm
<Daviey> eucalyptus or uec-compon'?
<hggdh> eucalyptus
<hggdh> right now, when I stop I have to 'initctl list | grep euca
<hggdh> to find what really stopped
<hggdh> and amanually stop the rest
<hggdh> samewise for start
<hggdh> this is not really helpful on production deployments
 * Daviey reproduces
<ttx> Daviey, hggdh: ideally that list should have all regressions as maverick/milestoned... and all "should fix" bugs that are not regressions as maverick/not-milestoned
<ttx> Daviey, hggdh: does the current list contents reflect that ?
<hggdh> ttx: I understand. I proposing this one to be milestoned
<ttx> or should we pick more bugs from https://bugs.launchpad.net/ubuntu/+source/eucalyptus
<ttx> hggdh: sure, bug number ?
<hggdh> bug 617496
<uvirtbot> Launchpad bug 617496 in eucalyptus "'stop eucalyptus' should also stop all -publication services" [Low,New] https://launchpad.net/bugs/617496
<Daviey> hggdh,  http://pb.daviey.com/wtZo/
<ttx> hggdh: I suspect this is not a regression ?
<hggdh> I do not *think* it is a regression
<Daviey> ttx, I believe the list is current
<ttx> I don't think we changed anything in that area, so must also be in 1.6.2
<hggdh> Daviey: go figure :-( I think this is Yet Another Race
<ttx> targeting to Maverick, not milestoned
<Daviey> hmmmm
<hggdh> ttx: I do not remember it then
<ttx> if we establish it's a regression we can bump it by milestoning it.
<hggdh> ttx: ack
<hggdh> Daviey: it is very easy for me to reproduce...
<ttx> Daviey: you'd keep that one off the hitlist ?
<Daviey> hggdh, Hmm.. actually... i need to investigate that further
<uvirtbot> New bug: #624061 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/624061
<ttx> Daviey, hggdh: ideally the list at https://bugs.launchpad.net/ubuntu/+source/eucalyptus would be triaged and current, but our worktime is limited... could we have alook at the High bugs there ?
<hggdh> Daviey: OK. Since I can reproduce it easily, we can check on it later
<ttx> bug 564355
<uvirtbot> Launchpad bug 564355 in eucalyptus "Second euca-run-instance request in same security group causes eucalyptus to remove network assoicated with security group" [High,New] https://launchpad.net/bugs/564355
<hggdh> yes, and Euca has just assigned someone to it
<Daviey> ttx, I did spend a little time yesterday looking at the catch all
<ttx> I think we could spend a few cycles trying to verify this one... and potentially make the UEC in Maverick ebtter than the one in Lucid :)
<ttx> should probably have an upstream task open
<ttx> ok that I target it as a 'good-to-have' for Maverick ?
<ttx> (and open euca upstream task) ?
<hggdh> ttx: OK for me
<ttx> Daviey: ?
<hggdh> I should be able to reproduce it easily
<Daviey> sounds good!
<hggdh> no, not as easy
<Daviey> hggdh, they commented on three bugs last night i believe, following a request for update
<hggdh> Daviey: they did, assigning some to them
<ttx> ok, done
<ttx> bug 585108
<uvirtbot> Launchpad bug 585108 in eucalyptus "Problems with node registration" [Undecided,New] https://launchpad.net/bugs/585108
<ttx> I don't think the status for this one is right
<ttx> since we have no clue what the problem is, I suspect
<Daviey> yeah
<ttx> I'll push it to New / Medium
<ttx> it neeeds some reproduction
<ttx> and definitely doesn't affect everyone
<ttx> hggdh, Daviey: ack ?
<Daviey> ttx, Agreed - we are lacking love on the SRU lookout tbh
<hggdh> ttx: ack. I still do not like the 'not finding nodes' issue, though
<Daviey> it's been a little while since i ran lucid uec
<hggdh> same here, cannot have both on the rig
<hggdh> (except for the 10.04.1 tests)
<ttx> ok, done
<ttx> anything else in https://bugs.launchpad.net/ubuntu/+source/eucalyptus that would stand out ? like, as a critical issue or a regression ?
<hggdh> ttx: looking at them
<ttx> maybe bug 617053
<uvirtbot> Launchpad bug 617053 in eucalyptus "on upgrade from 1.6.2, euca_upgrade should preserve DISABLE_ISCSI="Y"" [Medium,Fix released] https://launchpad.net/bugs/617053
<ttx> Daviey: bug 613535 is, I think, fixed now ?
<uvirtbot> Launchpad bug 613535 in eucalyptus/eucalyptus-devel "cloud-debug.log reports errno=2 trying to execute 'bttrack'" [Undecided,Fix released] https://launchpad.net/bugs/613535
<JasonMSP> Can anyone suggest a good FTP solution for me?  I need to provide FTP access for some of my clients but I want to constrain them to their /srv/www/theirwebsite folder.  I also don't want to have to adduser to create an account for every one needing access (im ok if this is completely out of the realm of possibility)???
<Daviey> ttx, no.. need to add torrent client as a Depends
<hggdh> ttx: not fixed by us, as far as I know. We need to add a depends (bit-torrent|bit-tornado)
<Daviey> will fix in bzr shortly
<Daviey> possibly Recommends actually.
<ttx> ok, that one would be for Maverick too... maybe even milestoned to beta ?
<hggdh> and I am not sure how bug 617053 has been fixed by us
<uvirtbot> Launchpad bug 617053 in eucalyptus "on upgrade from 1.6.2, euca_upgrade should preserve DISABLE_ISCSI="Y"" [Medium,Fix released] https://launchpad.net/bugs/617053
<Daviey> +1
<hggdh> +1
<ttx> ok, done
 * hggdh would also really like to know *what* uses torrent
<Daviey> hggdh, Hm.. we should have that fix
<Daviey> hggdh, They did explain in the bug
<Daviey> didn't they?
<hggdh> Daviey: well, yes. perhaps I am dense, though
<ttx> marked fixrreleased without comment 15 hours ago
<zul> JasonMSP: vsftpd
<ttx> i'll add it to the hitlist, targeted to -beta, so that we doublecheck it
<hggdh> +1
<Daviey> ttx, Ack
<ttx> done
<hggdh> ttx, Daviey: one interesting is bug 613216
<uvirtbot> Launchpad bug 613216 in eucalyptus "Cloud -- permission denied writing to /etc/eucalyptus/cloud.d/conf" [Medium,Confirmed] https://launchpad.net/bugs/613216
<hggdh> ttx, Daviey: my reasoning is either we do not need these values, or we are missing important stuff
<hggdh> but this should be cleared
<hggdh> (probably by moving the file structure to /var/lib/eucalyptus?)
<ttx> hggdh: I won't push it to the hitlist since it's far from being the only obscure warning in the logs
<JasonMSP> zul:  i've got VSFTPD installed.  Am I correct that I need to use adduser everytime I want to give someone access and then set their homefolder to /srv/www/theirwebsite?  Doing this and then ftp:theirwebsite on firefox allows you to click .. to go up and they can see all the way up to /
<ttx> feel free to bump its importance if you can link it to something that breaks
<hggdh> ttx: ack, and agreed
<ttx> euca is looking at it, from &5hours ago
<ttx> 15hours
<zul> JasonMSP: not sure check vsftpd's website and documentation
<Daviey> \o/
<hggdh> ttx, Daviey: OK. One more: bug 622818
<uvirtbot> Launchpad bug 622818 in eucalyptus "unexpected errors after a sequence of tests" [Medium,New] https://launchpad.net/bugs/622818
<JasonMSP> zul:  been looking.  Haven't had much success.
<hggdh> I *really* do not know WTF happened, and I *really* do not like it
<hggdh> ttx, Daviey: and this is not the first time something like that happens
<ttx> hggdh: difficult to push it to the hitlist as it stands
<ttx> hggdh: maybe mention it in the call tomorrow ?
<hggdh> ttx: ack, good idea
<Daviey> hggdh, Whilst that is a concerning situation... i'm going to need to both push that upstream and try and reproduce it
<ttx> ok. I think we are good
 * Daviey is very good :)
<hggdh> good boy, good boy!
<ttx> all in all we are in good shape, if that buglist corresponds to the reality of the existing bugs
<hggdh> we certainly are much better now
<zul> Daviey: have a cookie
<Daviey> zul, awesome.
<ttx> try to keep https://bugs.launchpad.net/ubuntu/maverick/+source/eucalyptus very up to date
<ttx> as this is our common communication ground with eucalyptus
<hggdh> ack
<Daviey> ttx, I see it as my job to keep that list empty, and hggdh's job to fill it up..  Who will win?
<hggdh> Daviey: wanna bet? :-)
<Daviey> no :)
<hggdh> :-)
<ttx> DavidLevin: you will win, as long as he needs me to nominate them :P
<ttx> Daviey: ^
<Daviey> heh
<hggdh> ttx: well, actually I do not *need* you, I can nominate them myself...
<hggdh> I just do not like to do that without feedback
<ttx> hggdh: rightn let's say, "need to go by me"
<hggdh> ttx: oh. Now *that* is unfair ;-)
<ttx> hggdh, Daviey: thanks guys, keep up the good work
<Daviey> rockin'
<Daviey> ttx, moment to mumble?
<ttx> sure
<SpamapS> jjohansen: I'm trying to figure out why ceph is missing from the -virtual kernels .. bug 622953 .. any thoughts?
<uvirtbot> Launchpad bug 622953 in linux "ceph module missing from virtual kernel" [Undecided,New] https://launchpad.net/bugs/622953
<jjohansen> SpamapS: hrmm, it shouldn't be I am guessing the config got accidentally dropped when -virtual got split into its own flavor.
<jjohansen> SpamapS: I'll get a config pull request together today
<JasonMSP> Anyone else have thoughts on FTP access?  Im looking for a solution to provide FTP access for my clients to their /srv/www/folder but I don't want them anywhere else on the system.  VSFTP has been recommended which I've installed but not coming up with a suitable working solution. I don't want to adduser everytime I want to give a new user access to the clients ftp folder.
<pmatulis> JasonMSP: so allow them to connect with a common user
<pmatulis> JasonMSP: i think i may have misunderstood you.  each client has their own area?
<pmatulis> JasonMSP: in that case i don't see why you resist creating a user for each client
<JasonMSP> pmatulis: each client has their own website I am hosting for them.  Your suggestion may be suitable if the clients are ok with one login, but that may not be the case.
<JasonMSP> pmatulis:  probably because Im obsessive about organization and giving as little access as possible to any part of the server.  I also have not been able to successfully root them to their folder.  They arrive at their folder but then can cd .. up
<pmatulis> JasonMSP: well you just need to grok chrooting in vsftpd then
<pmatulis> JasonMSP: if your clients are savvy-enough an alternative is sftp
<JasonMSP> pmatulis: SFTP was suggested the other day but from what I have read on the manpages this is even further over my head.
<pmatulis> JasonMSP: are your clients Windows people?
<JasonMSP> pmatulis:  i think they will need a gui so if I understand SFTP correctly it is just like sshing into the system?
<JasonMSP> pmatulis: Mostly apple at the moment, but some windows.
<JasonMSP> pmatulis:  I can recommend suitable FTP clinents for them.  Thats not a problem.
<pmatulis> JasonMSP: well setting up chrooted sftp is not hard
<SpamapS> jjohansen: ty! :)
<JasonMSP> pmatulis:  so your saying SFTP is a better solution then VSFTP for what Im looking to do?  How about setting up users?  Is it the same adduser...?
<pmatulis> JasonMSP: they are pretty much the same in terms of what you're intending to do
<Daviey> ttx, Sed'ing the Packages list was all i had to do :)
<Daviey> ttx, you rock.
<JasonMSP> pmatulis: found this which seems pretty straightforward http://shapeshed.com/journal/chroot_sftp_users_on_ubuntu_intrepid/
<pmatulis> JasonMSP: there you go
<JasonMSP> pmatulis:  big thanks.
<zul> ivoks: ping
<ivoks> zul: pong
<zul> ivoks: is #524341 redy to go?
<ivoks> bug #524341
<uvirtbot> Launchpad bug 524341 in amavisd-new "Add amavisd-new-postfix package" [Wishlist,Incomplete] https://launchpad.net/bugs/524341
<ivoks> yes
<ivoks> :)
<JasonMSP> pmatulis:  is this necessary??  http://www.cyberciti.biz/tips/rhel-centos-linux-install-configure-rssh-shell.html
<uvirtbot> New bug: #624118 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.41-3ubuntu12.3 failed to install/upgrade: ErrorMessage: subprocess new pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/624118
<zul> ivoks: done
<ivoks> zul: thank you
<zul> ivoks: no problem
<pmatulis> JasonMSP: i've never used that but it looks good
<pmatulis> JasonMSP: i'm actually going to try this out when i get a chance
<ajaya> hello folks. I have been the Karmic 32 bit image on EC2.
<ajaya> been getting swapper: page
<ajaya> allocation failure. order:5, mode:0x20  errors. 
<ajaya> shall I be worried/
<zul> spam spam spam
<JasonMSP> pmatulis: Thanks.  Just gave you my IM if im not up on IRC
<Xpistos> Can someone direct me to get help for landscape?
<pmatulis> Xpistos: what is the problem?
<Xpistos> I want to write a script that will open "screen -S irssi" and then start irssi on my server. I tried but it wouldn't run the screen command and said it needs a terminal
<shauno> Xpistos: try with -m as well?
<todd> @reboot screen -d -m -S irssi irssi
<Xpistos> shauno: what does the -d and -m tags do?
 * SpamapS has hiccups
<uvirtbot> New bug: #624147 in postfix (main) "package postfix 2.7.0-1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/624147
<Xpistos> shauno: trying it out now
<Daviey> mathiaz, bug #537451
<uvirtbot> Launchpad bug 537451 in server-papercuts "Confusing comments in /etc/default/ntpdate" [Low,Triaged] https://launchpad.net/bugs/537451
<ball> Daviey!
<hggdh> smoser: I will add testing of the loader, thanks for the heads up
<smoser> thanks man
<Daviey> hey ball
<hggdh> you are very welcome
<Xpistos> shauno: and it sure did work. thanks!
<Italian_Plumber> If ubuntu server is based on debian linux, why does the installation for ubuntu fit on a CD, but you need five DVDs for debian?
<bventura> good morning!  hey is there a way to use the command line to tell if you need to reboot after applying updates with "aptitude safe-upgrade" ?  the only way I see that now is if I log out and then log back in, its on the MOTD......
<Italian_Plumber> http://cdimage.debian.org/debian-cd/5.0.5/i386/bt-dvd/
<patdk-wk> Italian_Plumber, I don't see how they have anything to do with each other, as far as that goes
<patdk-wk> and actually, I normally burn ubuntu to a dvd, not a cd
<Italian_Plumber> well who buys blank CDs anymore.  :)
<patdk-wk> I do
<patdk-wk> why would I waste a dvd for 100megs, when a cd works, and is 3-4x less expensive
<ball> ...and arguably more reliable.
 * patdk-wk default install method is pxe though
<ball> s/reliable/robust/
<dominicdinada> how to remove gnome and xorg from a server without disturbing anything else ?
<patdk-wk> remove ubuntu-desktop?
<dominicdinada> yes
<patdk-wk> then do it :)
<dominicdinada> Well how do you go about doing it without breaking the server install. IE settings for network, shares etc
 * patdk-wk wonders what one has to do with the other
<patdk-wk> if you using gnome things to manage the server, then yes, it will break
<patdk-wk> that is your fault for not moving that stuff out first though
<dominicdinada> ummm wouldnt the auto up interfaces ? not work anymore ?
<dominicdinada> patdk-wk: 4tb is way to much to back up
<patdk-wk> it would, but if your using network-manager
<patdk-wk> who said anything about backup?
 * patdk-wk runs
<dominicdinada> oh just the network files ?
<dominicdinada> and samba shares  ?
<dominicdinada> ok i guess i should ask it like this.
<dominicdinada> when REmoving the gnome desktop. Will it have ANY effect at all on the samba shares. network, hosts, user, etc files ?
<patdk-wk> maybe
<patdk-wk> did you use network/interfaces for network/hosts/..., or network-manager :)
<bventura> dominic: just back up your /etc/networking/interfaces file and /etc/samba/smb.comf and everything should be OK
 * dominicdinada hands patdk-wk a six shot revolver with one bullet... maybe
<dominicdinada> bventura:  ok :P
<patdk-wk> well, I dunno what you did, or how you configured the server :)
<patdk-wk> you won't loose anything by uninstalling
<bventura> and if you do those two files I mention should be all you need to get it back
<patdk-wk> but if you used it like a desktop, and setup samba shares like a desktop, I wouldn't know
<fx> hi guys, i wonder if youd be able to give me a quick hand, people at #vsftpd are unresponsive, I need to chroot all users to one directory
<dominicdinada> it is not a wireless interface but i seem to remember by default prior to the gnome desktop install that the network never auto connected. even though i set it to do so
<Italian_Plumber> http://www.linux-gnu.com/buydistro.html <--- designed on a very wide monitor. :)
<patdk-wk> wide?
<patdk-wk> that doesn't even fill up half my width :) but it's long and large as hell :)
<dominicdinada> oh and i got like 5 other questions also
<dominicdinada> When you remove the desktop, will it effect the samba server, apache, mysql, php daemons from starting with the machine that was another concern
<uvirtbot> New bug: #591562 in nis (universe) "nis pkg does not configure the client" [Undecided,Incomplete] https://launchpad.net/bugs/591562
<patdk-wk> dominicdinada, only if you really screwed up your machine
<dominicdinada> ok
<dominicdinada> so to remove desktop i just remove the gnome-desktop package and it should pull all the crapware off also
<patdk-wk> unless you manually installed something that uses X/gnome/..., yes
<dominicdinada> could an update have caused the server to set a default bandwidth, I have noticed over the last month that the bandwidth to the server never exceeds 400kbs when before I was reaching 1.5mbps since it is only a local server there is no increased traffic
<patdk-wk> the simple answer, yes
<patdk-wk> an update *could* of done anything :)
<patdk-wk> is that your issue, 99.999% sure an update didn't cause your problem
<dominicdinada> i check the logs and nothing to suspect anything otherwise, as it is set to drop almost all external packets not local to the network
<patdk-wk> first, what is the problem?
<patdk-wk> you said local server
<dominicdinada> yes
<patdk-wk> so I dunno how local server has external packets
<dominicdinada> i dont trust someone getting past crappy routers
<dominicdinada> in my router logs there is alot of activity with people attempting to gain access, but it is stopped at the router level. anyhow going from a 1.5mbps connection to maxing at 350kbs makes streaming anything impossible. The cap on file transfers was set to none but 65kbps is unacceptable
<uvirtbot> New bug: #624187 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.41-3ubuntu12.3 failed to install/upgrade: Package is in a very bad inconsistent state - you should  reinstall it before attempting a removal." [Undecided,New] https://launchpad.net/bugs/624187
<kandjar> hi there,
<kandjar> How to setup the directory right so that the group and permission gets propagated to newly created sub-directory properly?
<kandjar> if I set the initial folder to: "chmod g+s" it only propagate the group name
<kandjar> but the permission aren't setup properly...
<sjm> dominicdinada, patdk-wk, isn't the "gnome-desktop" a virtual package and would removing it remove only it?
<sjm> dominicdinada, patdk-wk wouldn't you want, instead to remove something like the base xserver-xorg package?
<dominicdinada> should i remove that as well
<dominicdinada> although it crashed my grub and has 4 kernels listed everything else went fine
<dominicdinada> ok not everything went fine it is now refusing my ssh connections :(
<dominicdinada> ugh it is denying everything besides my http requests
<dominicdinada> !ssh
<ubottu> SSH is the Secure SHell protocol, see: https://help.ubuntu.com/community/SSH for client usage. PuTTY is an SSH client for Windows; see: http://www.chiark.greenend.org.uk/~sgtatham/putty/ for it's homepage. See also !scp (Secure CoPy) and !sshd (Secure SHell Daemon)
<dominicdinada> sjm: why would it kill my ssh server?
<dominicdinada> !runlevel
<ubottu> In Ubuntu all runlevels except 0,1 and 6 are by default equal. Also keep in mind that Ubuntu now uses !Upstart instead of System V init so there is normally no /etc/inittab.
<sjm> try dpkg -l | grep ssh to see if it uninstalled openssh.
<dominicdinada> ok
<thesheff17> Any reason an IBM x336 server wouldn't boot with ubuntu 10.04 amd?
 * SpamapS enters hour #2 w/ hiccups
<dominicdinada> says its there ii
<dominicdinada> sjm:  host  key error o restart
<dominicdinada> listem addy is #
<dominicdinada> sjm: ok reinstalling the ssh server i get these errors. ufw triggers failed. ERROR problem running
<jdstrand> that is non-fatal
<dominicdinada> ok
<dominicdinada> now what to do about the grub fail :( wont have access physically every reboot etc...
<dominicdinada> 4 kernels listed
<dominicdinada> .24 .23 .22 .21 :/
<thesheff17> any reason ubuntu 10.04 32 bit would boot fine but a 64 bit doesn't...though the machine is 64 bit.
<dominicdinada> thesheff17: drivers?
<dominicdinada> thesheff17: 32bit and 64bit OS as different as a VW BEETLE and a Ferrari
<thesheff17> dominicdinada: weird since I'm just using the install cd :-/
<thesheff17> dominicdinada: yea I want to use 64 bit and don't know why it won't boot
<dominicdinada> Ubuntu may not have say 64bit video drivers for your video card. and then it errors
<sjm> dominicdinada, what do you mean grub fails.  It runs and lists the kernels, no?  The timeout doesn't boot the default kernel?
<sjm> dominicdinada, you can uninstall the old kernels through apt.
<sjm> dominicdinada, sorry, can't do much more now, have to get back to a couple of other things.
<thesheff17> dominicdinada: actually I know that I have put Ubuntu 8.04 AMD on one of these boxes before...weird it doesn't work with Ubuntu 10.04 AMD
<dominicdinada> !hostname
<ubottu> Use hostname <somehostname> to set the hostname, or to do it permanently: edit /etc/hostname and /etc/hosts . WARNING! Make sure that your current hostname and /etc/hosts match, otherwise sudo may not work properly.
<dominicdinada> !upstart
<ubottu> Upstart is meant to replace the old Sys V Init system with an event-driven init model.  For more information please see: http://upstart.ubuntu.com/
<schelcj> can ubuntu-server be installed with an lvm root partion?
<mdeslaur> Daviey: I just uploaded libvirt and virt-manager to maverick to fix the tcsh shell issue. They tested fine for me, but please let me know if they don't solve it for you.
<dominicdinada> holy crap this thing is running 5x slower now that gnome desktop is gone
<sherr> schelcj: yes
<dominicdinada> SSH is ungodly slow worse than a 486, queries to mysql DB take alot longer. Ya.... trade security for speed....
<schelcj> sherr: i just did an install that failed to find my root lv because the vg didn't exist
<sherr> schelcj: Oh well. Try again. I do it all the time.
<schelcj> sherr: i have reinstalled many times each with new errors
<schelcj> sherr: here is the error i get at boot http://ressik.dyndns.org/~schelcj/vulcan001.jpg
<alvin> sherr: bug 360378
<uvirtbot> Launchpad bug 360378 in linux "Gave up waiting for root device after upgrade then busybox console" [High,Confirmed] https://launchpad.net/bugs/360378
<alvin> Oops, I meant schelcj
<BrixSat> hello
<BrixSat> i have setted up a vpn server and it working ok, the problem is i dont have internet when connected to it
<BrixSat> any help?
<thesheff17> dominicdinada: downloaded the latest 10.04.1 amd and it worked fine
<schelcj> alvin: so this is a known bug, what is the fix? i see mention of editing the grub conf, but i can't do that without mounting root
<alvin> schelcj: There is no fix. For me upgrading to lucid helps on most servers.
<schelcj> alvin: this is lucid
<alvin> schelcj: Mark the bug as affecting you
<schelcj> looks like i am also hitting up against bug 452350
<uvirtbot> Launchpad bug 452350 in grub2 "Unknown LVM metadata header" [Undecided,New] https://launchpad.net/bugs/452350
<kirkland> hallyn: around?
<hallyn> kirkland: .
<kirkland> hallyn: okay, i'm struggling trying to get a running uec-live desktop iso created
<kirkland> hallyn: i had to make a few changes to your bzr branch just to get it building
<kirkland> hallyn: when i boot what i build, though, it eventually drops me to a busybox initramfs
<kirkland> hallyn: saying it can't find a live fs
<hallyn> you're building on a maverick host now, i assume?
<kirkland> hallyn: yes
<kirkland> hallyn: i think most of my changes had to do with that
<hallyn> were they anything scary?
<hallyn> (btw - linux magazine's article for the day was about 'cloud in your pocket' - but not yours :( )
<kirkland> hallyn: nothing too bad
<hallyn> so what sort of error msg before initramfs prompt?
<hallyn> failure to mount /root?
<kirkland> hallyn: hmm, well, the final error looks like:
<kirkland> (initramfs) Unable to find a medium containing a live file system
<kirkland> hallyn: i figured you might have seen this
<hallyn> well, in other places we had to specify the LIVEMEDIA= option but i don't think we should have to here
<hallyn> I'm trying to remember where I built that
<kirkland> hallyn: yeah, there's no need for persistence here
<kirkland> hallyn: just iso only
<kirkland> hallyn: i dropped toram and persistent
<kirkland> hallyn: mounting root file system looks okay
<kirkland> hallyn: hangs for a long while at Running /scripts/casper-premount ... done.  done.
<hallyn> yeah iyeah sounds familiar
<hallyn> man i keep hitting the moronic wireless-off physical switch
<kirkland> hallyn: yeah, i wish my x200 didn't even have one of those
<hallyn> kirkland: looking nthrough my uec cloud bzr branch nothing rings a bell.  i can give it a shot if you like, but have no off-the-cuff insights
<kirkland> hallyn: okay, i'll fight with it
<hallyn> (well, i've never looked at how 'toram' is exactly implemented in live-helper, taking a quick look)
<hallyn> i see it's casper
<hallyn> kirkland: why did you remove toram exactly?
<hallyn> kirkland: a hunch tells me that keeping toram may make it work.  that otherwise the root disk may be deemed busy when trying to mount it
<hallyn> (prolly wrong, but...)
<dominicdinada> WTF
<dominicdinada> stupid server
<hallyn> dominicdinada: kick it
<dominicdinada> hallyn: not far from it
<dominicdinada> hallyn: I got it somewhat working but the darn thing is hanging on the boot screen. I can ssh into it,. webmin into it. Mount files systems into it. But the box is stuck at finding a fqdn for mysql WTF
<dominicdinada> frqwhgqewhgforqgioirgrogivilgs;vs;qeep wiqpeiwg
<Daviey> mdeslaur, awesome! :)
<Daviey> mdeslaur, Thanks for that
<mdeslaur> np!
<hggdh> smoser: --use-loader seems to be working fine
<Daviey> SpamapS, When working on the development release of euca', any chance you could base your branch on  lp:~ubuntu-virt/ubuntu/maverick/eucalyptus/2.0 rather than lp:ubuntu/eucalyptus ?
<Daviey> SpamapS, The last change i manually merged your changes into that branch, but it makes life much easier if it's based on that to start with :)
<Daviey> SpamapS, (thanks for working on it btw) :)
<Daviey> SpamapS, Don't worry about adjusting this one.. i'll manually do it
<JasonMSP> whats the option on the cp command that will create the directories if they don't exist.  I thought it was -r but Im not being able to copy this file and Im not understanding the manpages
<YankDownUnder> JasonMSP, Um...thought it was just "cp -rf"
<JasonMSP> might be the f i am leaving out
<YankDownUnder> Yeppers mate - just "cp -rf" => that'll do it...
<zash> -f is just force/owerwrite afai
<YankDownUnder> Ah well, works either which way...
<JasonMSP> stilll not working.  the directory doesn't already exist in the copy to location.  am i missing something?   cp -rf filea /etc/filea
<YankDownUnder> jasonb_, Hang on...lemme try something on my server...
<JasonMSP> sudo is being used of cours
<YankDownUnder> Well, seems to work for me here...copied the contents of one dir such as: cp -Rf /home/user/Applications/CurseTheWeather /home/user/temp => copied fine and dandy
<JasonMSP> does it matter that it is a file and then im copying into a new directory that doesn't exist?
<YankDownUnder> JasonMSP, Um...reckon ya lost me on that one...
<dominicdinada> !dansguardian
<JasonMSP> got it working but I did it the long way.  mkdir... cp...
<JasonMSP> anyone have vsftpd with ssl working on their system?
<Daviey> mathiaz, Thanks for the upload!
#ubuntu-server 2010-08-26
<FalsAlarm> what is the default package manager for ubuntu when using the CLI?
<ChmEarl> FalsAlarm,  dpkg|apt-get|aptitude
<FalsAlarm> ok, i use that apt-get since I know it
<FalsAlarm> if I want to install jre on a production server, is that apt-get openjdk-6-dbg
<FalsAlarm> or is it, openjdk-6-jre
<ChmEarl> FalsAlarm, apt-cache search openjdk
<FalsAlarm> found this one, default-jre - Standard Java or Java compatible Runtime
<FalsAlarm> i dont want no debugging version of jre
<jsolera> hi, i just installed 10.04 and i would like install asterisk on it
<jsolera> is better install it from ubuntu repository or from sources with maka
<jsolera> some one here ?
<uvirtbot> New bug: #624361 in openssh (main) "service ssh restart does not test the configuration file" [Undecided,New] https://launchpad.net/bugs/624361
<bcomp> for some reason I can't access my website, which is on an apache2 ubuntu server i run
<bcomp> i can ssh into the server and it's clear the site is there, but I can't access it from a browser
<bcomp> ...
<ChmEarl> bcomp,  /var/www ?
<bcomp> yes
<ChmEarl> bcomp, and what is the extension? non-standard?
<bcomp> ChmEarl, yes
<bcomp> extension?
<ChmEarl> html php shtml
<bcomp> html
<ChmEarl> bcomp, telnet www.xxx.yyy.zzz 80
<ChmEarl> bcomp, if that is blocked then its FW
<bcomp> oh i just realized what the problem is
<bcomp> the router the server's hooked to
<bcomp> thanks for the help
<hallyn> zul: when i saw bug 624061 the _Description being bogus seemed plausible, but now i see the lucid package has that too
<uvirtbot> Launchpad bug 624061 in bacula "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [High,Confirmed] https://launchpad.net/bugs/624061
<zul> hallyn: yeah its probably a bug with the "_Description" but I would have to check more
<zul> hallyn: or you could be on crack :)
<hallyn> zul: ok, on the one hand it seems nonurgent, but otoh if it's so trivial as to be s/_Description/Description/, then i wouldn't want to miss maverick freeze with that
<zul> hallyn: Ill do it first thing tomorrow
<hallyn> zul: thanks so much
<hallyn> will buy you a red bull in orlando :)
<zul> meh...
<sirsa> hi all..
<sirsa> Could anybody help me regarding how to set up a private cloud?
<akio> scar: So you are saying that virt stuff belongs in here>
<scar> yep that's what jussi said
<akio> So I was wondering about the --location option with virt-install
<intelliant> twb: hi!
<intelliant> the problem has re-surfaced
<akio> Can we use that for a deb repo?
<akio> I would assume rpm people stick to their rpmness.
<intelliant> http://pastebin.com/Tib7A4nc
<intelliant> auth-client-config -a -plac_ldap is what i had executed
<intelliant> client auth was working fine
<intelliant> now after a few reboots it has again stopped working
<intelliant> rather it does auth but logs me out
<intelliant> http://pastebin.com/kFJYrwFU - now again the login is stable and the user is not thrown out but i fail to understand the first and last line in this post
<intelliant> can anyone please help me diagnose the strange ldap client auth behaviour
<intelliant> this is pure ssh login
<intelliant> no X
<intelliant> [09:05] <intelliant> http://pastebin.com/Tib7A4nc  [09:06] <intelliant> auth-client-config -a -plac_ldap is what i had executed  [09:06] <intelliant> client auth was working fine  [09:06] <intelliant> now after a few reboots it has again stopped working  [09:07] <intelliant> rather it does auth but logs me out  [09:12] <intelliant> http://pastebin.com/kFJYrwFU - now again the login is stable and the user is not thrown out bu
<twb> 13:36 <intelliant> auth-client-config -a -plac_ldap is what i had executed
<twb> intelliant: that is NOT what I told you to run
<intelliant> i did try with what you told me to do
<twb> intelliant: you've borked your pam settings by running -a instead of -tnss
<intelliant> it worked with that but was not creating the home directories
<intelliant> and it was working yesterday absolutely fine
<intelliant> even now it is working
<twb> Well, I suppose it will work for most things
<intelliant> 10 mins back it was throwing me out
<twb> It'll bitch when you next update something that has pam integration, though.
<intelliant> okay for that I can create a separate profile, right
<intelliant> ?
<intelliant> the only thing i have done in between is installed a lot of applications
<twb> intelliant: re. creating home directories, you will need to enable pam_mkhomedir.so in the appropriate /etc/pam.d/common-* files, which I recommend doing indirectly via /usr/share/pam-auth and running pam-auth-update.
<intelliant> k
<twb> The manpages for same should be pretty clear about it
<intelliant> i confess i have not yet read the man pages
<intelliant> i will do that today
<twb> Note that if you have a client/server network, pam_mkhomedir will populate home based on /etc/skel of the host you log in on, NOT the server.
<twb> So if you're playing games with /etc/skel on the fileserver, that'll trip you up
<intelliant> will take care of keeping the /etc/skel on the hosts consistent
<intelliant> but is there anything to explain the random behaviour
<intelliant> within last 15 mins nothing has changed
<twb> Are you using plain ldap, or ldap/krb?
<intelliant> plain ldap
<intelliant> off centos
<twb> krb and nfs4 are very antsy when clocks get out of sync
<intelliant> okay
<twb> I can't think of anything else offhand
<intelliant> one thing i changed in the last 15 mins
<intelliant> i had /home nfs mounted
<twb> I'd probably be using ldap-tools and/or packet sniffing to attempt to diagnose it, in discussion with #openldap
<intelliant> i removed it
<intelliant> but even after that it threw me out once
<twb> Also, obviously, looking at log files.
<intelliant> i will remount /home and try
<intelliant> nothing in auth.log or messages
<twb> Oh, and if you're logging into a GUI, that will often hide important messages from pam -- try logging in on tty1
<intelliant> no gui as of now
<twb> The logs to read will mainly be the server's
<intelliant> this is all sssh
<intelliant> gui demon is waiting to be tamed :)
<twb> Uh, so you're using LDAP for authentication of *sshd*?
<intelliant> openldap server, you mean?
<intelliant> no i am using it for ltsp-clients
<twb> Yeah, slapd.
<intelliant> ltsp clients auth using ssh
<twb> This is an LTSP network?  You should've mentioned that up-front.
<intelliant> i think i mentioned it yesterday
<intelliant> first post
<twb> OK, I must have missed that.
<intelliant> or may be not
<twb> So you have a CentOS server running slapd and sshd, and thinclients that netboot an Ubuntu-based LTSP image?
<intelliant> https://help.ubuntu.com/community/UbuntuLTSP/LTSP-Cluster
<intelliant> ^^ is my setup
<uvirtbot> intelliant: Error: "^" is not a valid command.
<intelliant> ^ is my setup
<uvirtbot> intelliant: Error: "is" is not a valid command.
<twb> Just ignore him
<intelliant> add to it ldap auth and nfs mounted home
<intelliant> ldap auth as per https://help.ubuntu.com/community/LDAPClientAuthentication#Notes%20for%207.10%20and%20later
<intelliant> sshd is being used from the ltsp-appservers
<intelliant> and not from the centos server
<intelliant> ?
<intelliant> but would ltsp make any difference in this case
<twb> Your LTSP clients are operating in the default mode, where they use ssh -X (not XDMCP)?
<intelliant> hmm...i am lost
<intelliant> should i check lts.conf?
<twb> OK, I have to do some work-work.  Try talking to #ltsp
<twb> In short, I suspect you need to fix *sshd* (the sshd LTSP is pointing at, probably the appserver) to auth against slapd.
<intelliant> i came here from #ltsp
<intelliant> oh without ldap auth it was working fine
<intelliant> each appserver's sshd is individually authenticating against the central slapd
<twb> That's all you should need
<intelliant> it seems to be working for now
<intelliant> also one last thing
<intelliant> let me see when the problem resurfaces
<intelliant> how to persist the changes in /etc/security/groups.conf
<intelliant> should i chattr +i it or there is another way?
<twb> it's a conffile, so changes should be persistent automatically
<akio> If I was to set up several kvm virtual machines for testing, what arch would be the lowest impact you think?
<akio> I was thinking there might be some advantages to using something like armel...
<intelliant> the changes are lost :(
<intelliant> I am doing them again
<twb> akio: kvm can't use hardware virtualization for armel, I think
<twb> And then: Ubuntu only supports x86 and x86-64
<intelliant> twb: thanks for your help
<intelliant> twb: FYI, did a reboot of the appserver and the problem resurfaced
<twb> Is the appserver running lucid?
<twb> Pastebin the output of "auth-client-config --show-system" on the appserver.
<intelliant> yes it is running lucid
<intelliant> http://pastebin.com/XjhE3jdb
<intelliant> [10:06] <intelliant> Aug 26 10:06:43 ltsp-appserve01 ltsp-cluster-accountmanager: Killing user "shrenik.bhura" [10:06] <intelliant> ^ can anyone please explain this ? [10:07] <intelliant> found this in syslog of the appserver in an ltsp-cluster setup
<intelliant> found this in syslog
<intelliant> it could be the ltsp-cluster components
<intelliant> have been asking on the ltsp forums as well
<twb> I can't explain that; ask ltsp-cluster-accountmanager people
<intelliant> just FYI, want to be sure that there is nothing wrong with ldap-auth
<intelliant> now again the user is properly logged in
<intelliant> so almost after 10-15 mins of a reboot
<intelliant> twb: so i think you find nothing wrong with the current setup except the care i need to take for /etc/skel ? I also feel that it has something to do with the ltsp-cluster-accountmanager.
<twb> It looks like a conventional lac-style pam setup.
<twb> For lucid I'd be relying on the pam-auth-update style, but either should work.
<twb> Having said that, it's often VERY hard to see when pam.d is slightly misconfigured.
<intelliant> what are the man pages i should be reading to understand this topic better?
<twb> I'd be zeroing in on ltsp-cluster-accountmanager
<twb> Curiously, that package is in Ubuntu, but not Debian.  That makes me even more suspicious of it.
<twb> It also hasn't been updated since it first arrived, in Karmic.
<intelliant> may be stgraber will help
<intelliant> http://pastebin.com/HQ0bXdbW
<intelliant> anything to explain the first line
<intelliant> google throws up many things
<intelliant> twb: man page suggestions please
<twb> Sorry, I think I've spent enough time on you.
<intelliant> twb: okay, thanks. sorry to bother you again.
<twb> No problem.
<intelliant> twb: found the cause and the solution here - https://answers.launchpad.net/ltsp-cluster/+question/101648 , running pam-auth-update auto-fixed it. That is th eonly piece you forgot to tell me yesterday. :) Will be testing with the real thin-clients in about an hour now that ssh login is persistent. Thanks again.
<twb> intelliant: if you hadn't fucked up and ran -a instead of -tnss, you wouldn't hae HAD to run pam-auth-update manually
<ttx> Daviey: that's great !
<uvirtbot> New bug: #624461 in tomcat6 (main) "package tomcat6 6.0.24-2ubuntu1.3 failed to install/upgrade: podproces zainstalowany skrypt post-installation zwrÃ³ciÅ kod bÅÄdu 1" [Undecided,New] https://launchpad.net/bugs/624461
<cemc> is there a way to display the boot messages on 10.04 server, like in good old times? :) with quiet kernel option but the rest to show up, and no ubuntu logo etc?
<uvirtbot> New bug: #624522 in postfix (main) "Postfix init.d script and populate chroot in multi-instance environment [debian bug #560682]" [Undecided,New] https://launchpad.net/bugs/624522
<cemc> I have an LTSP setup with 10.04. the clients are turned off a lot, without shutdown and I have a bunch of nbd-servers lying around
<cemc> is there a timeout or something I can do to kill those?
<SpamapS> cemc: nbd ?
<cemc> SpamapS: yeah, nbd-server (network block device) exports the image file for clients (instead of NFS)
<SpamapS> Oh I didn't know LTSP worked that way. Interesting.
<SpamapS> cemc: according to 'man nbd-server' the '-a' parameter sets a timeout
<cemc> SpamapS: hm, I don't see any mention of -a in this man page...
<SpamapS> cemc: heh, I was looking at an nbd-server man page from some other OS I guess..
<SpamapS> http://manpages.ubuntu.com/manpages/lucid/man5/nbd-server.5.html
<SpamapS> lookup "timeout" ..  "Corresponds to the -a option on the command line"
<SpamapS> weird, but this one doesn't mention it
<SpamapS> http://manpages.ubuntu.com/manpages/lucid/man1/nbd-server.1.html
<cemc> yeah, it doesn't know about it. # nbd-server -a
<cemc> nbd-server: invalid option -- 'a'
<BrixSat> hello
<BrixSat> i have installed freeradius and messed all the config, how can i remove and then install and have the default config again?
<sherr> Maybe "purge" it? aptitude purge <package>. Then reinstall.
<BrixSat> yes :D
<BrixSat> thanks
<sherr> Yesterday, I installed 10.04 on a system with 2x disks (sda,sdb) and wanted RAID. I made 3 MD RAID-1 devices md0 (/boot), md1 (/) and md2 (for a PV). On reboot, the system has come up degraded and seems to have created partitionable MD devices i.e.
<sherr> md0 has 1x md2p1, md1 has 1x md2p5. Both md0,md1 degraded.
<sherr> md2 has sdb[1] sda[0] and is OK.
<sherr> I might have messed something up, but am generally used to doing this sort of thing (usually Debian). There seem to be others reporting oddities installing 10.04 on RAID as well.
<sherr> I think I'll have to try a reinstall tonight. Maybe I pressed the wrong button ...
<LHC> hey
<LHC> is it possible to limit bandwidth on a dedicated server?
<patdk-wk> sure
<patdk-wk> use tc
<thesheff17> Can someone link me to how to setup Ubuntu 10.04 that have qlogic HBA attached to a SAN.  Has anyone done this before?
<alvin> sherr: Some of these might have more information. bug 27037, bug 599135, bug 469574  or bug 532960 auto-assemble doesn't always work on Lucid, although I have not seen these problems on md devices that contain root
<uvirtbot> Launchpad bug 27037 in linux "mdadm cannot assemble array as cannot open drive with O_EXCL" [Medium,Fix released] https://launchpad.net/bugs/27037
<uvirtbot> Launchpad bug 599135 in mdadm "mdadm cannot assemble array" [Undecided,New] https://launchpad.net/bugs/599135
<uvirtbot> Launchpad bug 469574 in mdadm "[->UUIDudev] new array not assembled correctly after reboot" [Undecided,Confirmed] https://launchpad.net/bugs/469574
<uvirtbot> Launchpad bug 532960 in mdadm "[->UUIDudev] mdadm.conf without ARRAY definition breaks reboot of new arrays" [Undecided,New] https://launchpad.net/bugs/532960
<sherr> alvin: Thanks. Yes, I saw some of that, but have not read through all of it. This is all via the installer (server). No manual creation at all, so a bit surprising.
<alvin> I also used the installer to create an array that always breaks at reboot
<sherr> Great :-(
<sherr> I have a server at work running 10.04 but using h/w RAID (Dell R410). So I didn't see this problem. If I had, I would hav freaked out :-O
<alvin> It's possible to reassemble the array (even RAID 0) without data loss, but yes, it's a bit scary.
<LHC> patdk-wk, whats tc?
<sherr> I might just make a normal install (1 disk) and convert to RAID-1 after.
<LHC> found it http://manpages.ubuntu.com/manpages/jaunty/man8/tc.8.html
<LHC> patdk-wk, what happens when they extend the set limit?
<blucreator> hello everybody
<blucreator> someone could help me with my lan?:D
<thesheff17> blucreator: ask away
<twb> "ask", not "go"
<_ruben> i guess he only read the "away" part...
<kuttan_> Any good command line tools to find duplicate files , by comparing there md5 sums ..
<alvin> kuttan_: fdupes
<zoopster> thesheff17: you asked about ubuntu server and san...there's really not much to it, it just works like any other disk AFAIK
<uvirtbot> New bug: #374067 in clamav (main) "9.04 boot process hangs when using clamav-freshclam with pam_mount" [High,Incomplete] https://launchpad.net/bugs/374067
<disposable> what's the best way to keep certain config files synchronised across multiple machines? e.g. hosts.deny and firehol.conf
<hallyn> kirkland: heh, all well and good to file a bug against casper, but has 70, count 'em, 70, new bugs  :)  that poor bugger needs a maintainer :)
<kirkland> hallyn: :-(
<kirkland> hallyn: well, make sure it's triaged, importance set, and give 'er an owner
<hallyn> cjwatson you think?
<hallyn> maybe i'll make it myself
<zoopster> disposable: have you looked at etckeeper?
<SpamapS> hallyn: ouch! casper definitely needs some triage love. :-P
<smoser> hggdh, woohoo (regarding --use-loader)
<mkortela> I'm doing a migration from VMware Server to KVM and have a problem with one virtual machine. Starting up there's only a process '/usr/lib/libvirt/virt-aa-helper -c -u libvirt-xxxx-xxxx-xxxx-xxxx' hanging, no kvm process started. Virsh commands jam, also virt-manager. Any suggestions?
<mkortela> virt-aa-helper takes 100% cpu constantly
<sherr> mkortela: How did you create the problem VM?
<mkortela> it is an old VMware .vmdk file - I have started up several of those successfully, but this one fails
<mkortela> hmmm... qemu-img convert gives a segfault when converting the image to raw format
<hallyn> SpamapS: yeah.  i'm getting to know the code a bit so i may take it upon myself, once some other stuff clears off my plate
<hallyn> but right now, every time i think i'll get some time to work on what i NEED to be working on, kirkland and ttx assign new bugs to me :)
<hallyn> <smooch>
<pmatulis> !info vim maverick
<ubottu> vim (source: vim): Vi IMproved - enhanced vi editor. In component main, is optional. Version 2:7.2.330-1ubuntu3 (maverick), package size 844 kB, installed size 1672 kB
<kirkland> hallyn: sorry about that :-/
<SpamapS> hallyn: I just triaged 6 of the 70 .. ;)
<SpamapS> hallyn: a few intrepid bugs.. vague reports..
<hallyn> SpamapS: you rock
<ttx> hallyn: yep, today is my big HIGH/MED release management bug review !
<ttx> hallyn: for the record, if the bug is not targeted to a specific milestone, it's a "good to have" that doesn't take precedence on spec work.
<Kaffien> is there a util in ubuntu that can chkdsk a fat32 / ntfs drive?
<Kaffien> or do a sector by sector analysis?
<mathiaz> ttx: o/
<mathiaz> ttx: reviewing my WIs for different blueprint
<mathiaz> ttx: what's the next milestone if I wanna postpone some WI?
<ttx> mathiaz: o/
<mathiaz> ttx: ubuntu-10.10/
<mathiaz> ttx: ?
<ttx> yep
<mathiaz> ttx: is there a milestone for rc/
<mathiaz> ttx: ?
<ttx> no there isn't
<ttx> as rc is supposed to be ~final.
<mathiaz> ttx: ok
<mathiaz> ttx: for server-maverick-uds-seed-review
<mathiaz> ttx: Investigate printer drivers usage of desktop and update corresponding packages on the -server iso
<mathiaz> ttx: what does that mean?
<ttx> mathiaz: on a call, brb
<mathiaz> ttx: ok
<hallyn> ttx: ok, thx.  yeah i've been trying to get things out the door before today
<hggdh> smoser: hy-ho
<smoser> hey
<hggdh> what can I do for you?
<ttx> hallyn: in fact having bugs nominated to Maverick actually allows you to submit fixes post betafreeze, so you're doing it right :)
<ttx> mathiaz: back for 2 min
<mathiaz> ttx: for server-maverick-uds-seed-review
<mathiaz> ttx: Investigate printer drivers usage of desktop and update corresponding packages on the -server iso
<mathiaz> ttx: what does this actually mean^^?
<ttx> mathiaz: I think this can be considered done with the unseeding of hplip
<mathiaz> ttx: ok
<ttx> Did I write that ?
<mathiaz> ttx: that = ?
<ttx> Investigate printer drivers usage...
<mathiaz> ttx: I don't know - it came out of the UDS session...
<mathiaz> ttx: I've marked the WI as done and assigned it to you
<ttx> mathiaz: cool, thx
<mathiaz> ttx: and "Review ubiquity-frontend-debconf" ?
<mathiaz> ttx: what's that about?
<ttx> o0
<ttx> mathiaz: no clue.
<mathiaz> ttx: ok thanks
<ttx> is that in the server seed ?
<mathiaz> ttx: it's on the iso: /pool/main/u/ubiquity/ubiquity-frontend-debconf_2.3.7_all.deb
<ttx> mathiaz: I think that's what it is about then. Answer the why
<mathiaz> ttx: probably because of oem-config-debconf
<SpamapS> hmm.. its fairly difficult to see a list of things I have waiting on sponsorship...
<SpamapS> hallyn: down to 60!
<SpamapS> hallyn: I feel a bit silly commenting on / triaging 2+ year old bug reports. ;)
<raubvogel> What is the default syslog in ubuntu server 10.04 LTS?
<hallyn> SpamapS: sigh - might be worth adopting that package.  at the very least i'll subscribe to all bugs for it
<hallyn> raubvogel: looks like it's rsyslogd
<SpamapS> hallyn: seems like a cool package. I'm surprised at how many bug reports have been allowed to just sit and rot :-P
<guntbert> !info rsyslog
<ubottu> rsyslog (source: rsyslog): enhanced multi-threaded syslogd. In component main, is important. Version 4.2.0-2ubuntu8 (lucid), package size 271 kB, installed size 712 kB
<SpamapS> hallyn: well, about 60 minutes of triaging got it down to 58. Throw an hour at it every week and it'll be triaged completely by UDS-N
<hallyn> SpamapS: the problem is, that's only one package :)  I'm wondering how many more there are like that
<uvirtbot> New bug: #624739 in tomcat6 (main) "/etc/tomcat6 is created with the wrong permissions" [Undecided,New] https://launchpad.net/bugs/624739
<savid> Is there a way to have a directory where any file that's created in that directory assumes the group of that directory?    For example, if I have a dir with a group of "users",  and someone creates a file in that group, there file is owned and grouped by that user, so other users cannot overwrite that file.
<JasonMSP> Im running VSFTPD and when you FTP in by typing the ftp address in firefox rather than keeping the user jailed, they can .. all the way up to the root.  How do I prevent this?
<sherr> savid: g+s (see : man chmod)
<constantin_mike> hello, with the ubuntu server 10.04.1, if i ping www.google.com, it says ping: unknown host www.google.com, but if i ping an ip, it works. i need to make it ping names, since apt-get won't work this way. can anyone help?
<constantin_mike> another thing is that i cannot start bind9 server, it says failed. could it be a connection between the 2 problems?
<SpamapS> constantin_mike: what does /etc/resolve.conf look like? (maybe put it in paste.ubuntu.com)
<thesheff17> constantin_mike: set your dns /etc/resolve.conf
<constantin_mike> SpamapS: search gazduire4you.ro
<SpamapS> constantin_mike: if resolve.conf is pointed at the local server, then the ping problem is caused by bind9 not starting, most likely
<SpamapS> constantin_mike: thats it?
<constantin_mike> SpamapS, i guessed that, but what can i do? it is not my server ... i am helping out someone else
<SpamapS> constantin_mike: is the server using DHCP?
<constantin_mike> i followed a guide for installing/reconfiguring bind9 (http://www.howtoforge.com/perfect-server-ubuntu-9.10-karmic-koala-ispconfig-2-p4) but it did not work
<constantin_mike> i don't think so ... how could i check it?
<constantin_mike> almost surely it isn't dhcp, but still, how do i check?
<SpamapS> constantin_mike: cat /etc/network/interfaces
<thesheff17> constantin_mike: /etc/resolv.conf should contain the DNS servers you get from your ISP.
<SpamapS> constantin_mike: if it says 'iface eth0 inet dhcp' .. then the DNS server is set by the DHCP server. Otherwise, you can edit /etc/resolve.conf directly...
<constantin_mike> nope, it isn't dhcp (iface eth0 inet static)
<SpamapS> constantin_mike: ok, then try adding 'nameserver 8.8.8.8' to /etc/resolve.conf (warning: that is google's nameserver, they may track you ;)
<constantin_mike> lol
<constantin_mike> i know ... but i don't care about that right now
<SpamapS> constantin_mike: why do you want bind9 ?
<constantin_mike> i edited it, now do i have to restart a service or it will simply work?
<constantin_mike> SpamapS ... it was installed already, i don't want it right now. i would be happy to simply have apache2 and mysql, and apt-get
<constantin_mike> but apt-get won't work since ... it only works with ips
<constantin_mike> yeeeey it just worked
<constantin_mike> silly me
<constantin_mike> thanks. the ping problem was not from bind9 but from resolv.conf
<constantin_mike> now, how could i fix bind9? i couldn't find the log files in /var/log
<constantin_mike> SpamapS, could you tell me where they are?
<constantin_mike> mc
<SpamapS> constantin_mike: you may want to ask your ISP what their DNS servers are, as google's may not be fast in your area (though in my experience, they're faster than most ISPs'). As far as BIND9, well, you need to have a *reason* to run a DNS server. ;)
<constantin_mike> well, the reason is that the owner of the server wants to host some websites under a domain name
<constantin_mike> i may not understand what bind9 does exactly ;))
<patdk-wk> that isn't much of a reason
<thesheff17> constantin_mike: I just let godaddy take care of DNS and just do hostname -> IP...an then you don't need local bind.
<patdk-wk> using local bind to serve dns info isn't a good idea
<patdk-wk> if the webserver goes down, website is down
<constantin_mike> okay, i understand that. but what does bind9 do exactly?
<patdk-wk> but if you do dns on it to, and only on it, then it will be down much much longer, even when it comes back up
<patdk-wk> converts names to numbers :)
<constantin_mike> okay, so bind9 is a nameserver?
<patdk-wk> yep
<constantin_mike> oookay, he probably does not need it right now
<constantin_mike> i'll stop it
<patdk-wk> now, you might want to install it anyways, depending on what the server does
<patdk-wk> like if it does lots of dns lookups, converting ip's to names, or checking rbl's
<constantin_mike> thanks for all the help. it was really useful.
<SpamapS> constantin_mike: bind9 is a DNS server. You'll need *at least* 2 to have any kind of sanity. You're much better off just using DNS from a free/cheap provider (most of the time your registrar will do DNS for you for free)
<patdk-wk> just to cache the results, but not really serve requests
<SpamapS> dnsmasq or dnscache are better for pure caching though
<constantin_mike> okay guys, i understand. if i'll really need it, i will come back :))
<SpamapS> using bind9 as a purely caching nameserver is like getting groceries in your M1A1 Abrahms tank.
<patdk-wk> I ran my normal load through pdns-recursor, and it works great for me
 * ScottK likes unbound.
<SpamapS> Been a while since I cared. Will have to check out unbound
<yann2> mrf.
 * yann2 lights a candle in memories to #ubuntu-virt
<constantin_mike> hello. i came back with another problem ...
<constantin_mike> if i do sudo /etc/init.d/apache2 start
<constantin_mike> (this is on my local computer), it says /etc/default/rcS: 1: [Desktop: not found
<constantin_mike> i have never seen anything like this ...
<constantin_mike> the thing is that i cannot do anything with apache2 right now. start/stop/status wont work, will result in the same error, that i cannot understand where it comes from. Just a few hours ago, it worked perfectly
<smoser> constantin_mike, what release is this ?
<constantin_mike> it's not ubuntu, but it's sidux (still debian)
<constantin_mike> i thought that maybe it's not something ubuntu-specific, but debian-specific
<smoser> constantin_mike, you might benefit from 'sudo sh -x /etc/init.d/apache2 start'
<smoser> and debugging from there.
<constantin_mike> it ends up here: + [Desktop Entry]
<constantin_mike> and then it says : /etc/default/rcS: 1: [Desktop: not found
<smoser> well, wht is going on before that ?
<constantin_mike> smoser: http://pastebin.com/sf9XxNx6
<constantin_mike> this is all the output
<smoser> constantin_mike, it would appear to me that your /etc/default/rcS is hosed
<constantin_mike> aaah ... i have no idea about it. how can i fix it? i have never met this problem before
<smoser> well, what is in that file ?
<smoser> http://paste.ubuntu.com/484069/ is what mine looks like
<smoser> i might try: apt-get install --reinstall --purge initscripts --dry-run
<smoser> (and then remove the dry-run)
<constantin_mike> ahh ...
<constantin_mike> it says i should do apt-get -f install
<constantin_mike> but when i do that, it gives me an error for the libmysqlclient15off package, which is a dependency for mysql-workbench-oss (which gave me headaches to install on sidux )
<constantin_mike> yes ... it says the same
<constantin_mike> then, when apt-get -f install ... it wants to remove mysql-workbech-oss, but i need it ...
<hallyn> man, virt-viewer is horribly unstable under maverick atm
<hallyn> time to gather some strace output
<constantin_mike> sorry ... my ayttm crashed
<constantin_mike> can you give me that pastebin.com address, where you posted your file?
<nxvl> zul: btw, new augeas just came out, i'm uploading to debian in a bit
<zul> nxvl: cool...lemme know so I can ask for a FFE after beta
<nxvl> k
<Danawar1> (18:54:22) smoser: http://paste.ubuntu.com/484069/ is what mine looks like
<constantin_mike> okay, thanks
<constantin_mike> i'm still trying to figure out what is happening, because it is really weird
<constantin_mike> crashed again
<uvirtbot> New bug: #624820 in postfix (main) "package postfix 2.7.0-1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/624820
<uvirtbot> New bug: #624823 in mysql-dfsg-5.1 (main) "package libmysqlclient16 (not installed) failed to install/upgrade: s'estÃ  intentant sobreescriure Â«/usr/lib/libmysqlclient.so.16.0.0Â», que tambÃ© estÃ  en el paquet mysql-cluster-client-5.1 0:7.0.9-1ubuntu7" [Undecided,New] https://launchpad.net/bugs/624823
<mamac> hi there, is the official ubuntu server book a good documentation ?
<mamac> or do you have any other documentation to recommend like the one above ?
<SpamapS> mamac: please, tell me you googled for "Official Ubuntu Server Book" ;)
<SpamapS> mamac: also the Ubuntu Server Guide is pretty good. :)
<mamac> or just tell me if it's not the right chan here, I googled this but would like to have experts opinion
<SpamapS> mamac: on Amazon.com, that book has 4 "5 star" ratings, and 4 "4 star" ratings. Seems to be popular. :)
<SpamapS> mamac: not having read it, I don't know. The server guide, however, I have read some of, and its excellent.
<mamac> SpamapS, thanks, I'll give The server guide a try
<mamac> cheers
<alex88> hi, si've unistalled kvm and now my user is still in the groups and on login i get "groups: cannot find name for group ID 117"...but i've deleted it..some other places to check?
<RyanP> I have an LDAP database on a Ubuntu 8.04 server. I'd like to move that data to a 10.04 server, but I'm not sure how, with the differences in slapd. How can I do this?
<kirkland> smoser: hey
<kirkland> smoser: i was just talking with zul
<kirkland> smoser: i'd like to rename https://wiki.ubuntu.com/Boto19TestCoverage
<smoser> don't believe anything he says
<kirkland> smoser: to https://wiki.ubuntu.com/Euca2oolsTestCoverage
<smoser> thats fine
<kirkland> smoser: at the time, it was about verifying boto1.9
<zul> smoser: i get that alot for some reason
<kirkland> smoser: i'd like to do the same now, against Maverick UEC in general
<smoser> we need a euca2ools test suite basically.
<kirkland> smoser: ack
<Psi-Jack> Heh, I'm guessing pacemaker-mgmt got left out of 10.04 eh?
<RyanP> How can I move an LDAP database from one server to another?
<uvirtbot> New bug: #458707 in samba (main) "question #86419 /  bug #456213 / can not see network of shared computers" [Undecided,Incomplete] https://launchpad.net/bugs/458707
<uvirtbot> New bug: #624898 in openssh (main) "ssh client hang for prolonged connections" [Undecided,New] https://launchpad.net/bugs/624898
<uvirtbot> New bug: #624900 in authbind (main) "Authbind not binding WINE to 127.0.0.1:895" [Undecided,New] https://launchpad.net/bugs/624900
<uvirtbot> New bug: #618880 in samba (main) "Update manager stalls at samba post install screen with no way to continue or exit" [Undecided,Incomplete] https://launchpad.net/bugs/618880
<BrixSat> anyone with pptpd server? i cant connect to mine http://pastebin.com/zfV0fZSx
<BrixSat> anyone with pptpd server? i cant connect to mine http://pastebin.com/zfV0fZSx
<kees> say, can someone confirm for me if this affects anything in the Ubuntu archive? It's not clear to me:
<kees> http://svn.apache.org/repos/asf/cxf/trunk/security/CVE-2010-2076.pdf
<uvirtbot> kees: Apache CXF 2.0.x before 2.0.13, 2.1.x before 2.1.10, and 2.2.x before 2.2.9, as used in Apache ServiceMix, Apache Camel, Apache Chemistry, Apache jUDDI, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity decla
<qman__> kees, my guess would be no, since a quick check says I'm running apache 2.2.14
<qman__> though I'm not sure what version hardy is on
<kees> qman__: it's not apache httpd, but rather the CXF element in geronimo. I think this is java goo
<qman__> ah
<gholms|work> smoser: ping
<lamont> is there an undo function for dpkg --set-selections?
<hope> can i get some help with installing a ubuntu cloud
<glickster> hey is there anyway i can get a deb of the latest mod_wsgi?
<glickster> lucid comes with 2.8
<glickster> but 3.3 is available
<glickster> how would install that?
<qman__> glickster, you could check if maverick has it, search for a PPA, or compile it yourself
<qman__> none of which I would recommend running production
<glickster> qman__, i installed it, but it didnt seem to replace the existant one, just installed it side by side...i think
<hope> can i get some help with installing a ubuntu cloud
<glickster> whats the difference between libapache2-mod-wsgi and libapache2-mod-python?
<SpamapS> glickster: AFAIK, mod_wsgi has some performance advantages.
<glickster> SpamapS, im trying to get 3.3 for lucid but it doesnt exit,
<SpamapS> glickster: even maverick only has 3.2
<SpamapS> glickster: you can try and build the one just uploaded to Debian unstable...
<hope_> i keep getting a interface called virbr0 and it has the ip address of my routers gateway how do i disable that permintally
<hope_> i keep getting a interface called virbr0 and it has the ip address of my routers gateway how do i disable that permintally, i have 2 identical servers and this is only running on one of them fresh install ddint solve it
<CppIsWeird> i made a syntax error in /etc/network/interfaces and now when my server starts up it says init: eth0 pre-start terminated with 1, init: eth0 post-stop terminated with 1, and it just stops there forever.
<CppIsWeird> any way to fix this without livebooting? even safe mode kernel doesnt seem to get me anywhere.
<MatBoy> I wonder if I can get the gitolite package from debian sid to install it
<SpamapS> CppIsWeird: what version of Ubuntu? You should get a login screen on the console almost immediately on 10.04 and later
<SpamapS> Maybe Karmic too, not sure when it started the tty's
<CppIsWeird> yeah, thats what i expected but no. using 10.04
<CppIsWeird> it just stops right after those messages and stays there forever (or at the very least 15+ minutes)
<SpamapS> CppIsWeird: very odd, because thats part of networking, which is started as soon as udev and local filesystems are up.
<Psi-Jack> Anyone happen to know if there's a pacemaker-mgmt deb package for 10.04
<SpamapS> CppIsWeird: if you can get into the grub menu, you can boot in single user mode.
<CppIsWeird> ok, i'll give that a shot, whats the hotkey for that again?
<SpamapS> Psi-Jack: looks like it was just recently added to Debian ... not likely to be in 10.04
<Psi-Jack> Blah. That bites.
<SpamapS> Psi-Jack: you can always request a backport https://help.ubuntu.com/community/UbuntuBackports
<SpamapS> Psi-Jack: and you can certainly try building it on Lucid
<Psi-Jack> Yeah, I tried building it, from straight source but it fails with stuff from glib
<Psi-Jack> Maybe I could try the deb-src from debian. heh
<SpamapS> http://ftp.de.debian.org/debian/pool/main/p/pacemaker-mgmt/pacemaker-mgmt_2.0.0+hg1141-2.dsc
<SpamapS> just use 'dget' to download that and the orig+diff
<SpamapS> dpkg-source -x file.dsc
<SpamapS> cd into the dir, and look at debian/control to see what build dependencies you need
<Psi-Jack> dget?
<SpamapS> Actually I'll try uploading it to a PPA and see if it builds
<SpamapS> Psi-Jack: dget just grabs the files so you don't have to fetcht hem individually
<Psi-Jack> Hmmm, what's dget? heh
<Psi-Jack> Ahh, found it, in devscripts.
<CppIsWeird> Spamaps, how is the single user mode going to help me if i need to modify a file on a hard drive? i dont see mount as a command
<RoyK> CppIsWeird: using uml?
<hope_> can anyone here help me get my could setup, i am new to this i think i have my Controler setup correctly and my node setup correctly
<Psi-Jack> SpamapS: Okay. All dependancies for build are met.
<CppIsWeird> uml?
<SpamapS> CppIsWeird: mountall
<RoyK> CppIsWeird: just saw something earlier about usermode linux
#ubuntu-server 2010-08-27
<Psi-Jack> SpamapS: heh, so far, so good. There was a depenancy conflict because it was looking for a slightly newer version of pacemaker-dev, but I think it built the debs. :d
<SpamapS> Psi-Jack: if it all works out, you should submit it as a backport.
<Psi-Jack> Heh yeah, prolly. :)
<Psi-Jack> First now I gotta finish setting up pacemaker enough to allow me to use it. ;)
<uvirtbot> New bug: #625008 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 10" [Undecided,New] https://launchpad.net/bugs/625008
<CppIsWeird> how do you control which user a service starts up using?
<constantin_mike> hello. i'm back with the "/etc/init.d/apache2 start" problem. when i do that, i get this "/etc/default/rcS: 1: [Desktop: not found". can anyone help me?
<uvirtbot> New bug: #625023 in postfix (main) "package postfix 2.7.0-1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/625023
<JuJuBee> Can someone help me get nfs-kernel-server started ?  It currently takes about 5 minutes or so and fails.  I purged it and re-installed it 2x already
<uvirtbot> New bug: #625044 in bind9 (main) "package bind9 1:9.7.0.dfsg.P1-1 failed to install/upgrade:" [Undecided,New] https://launchpad.net/bugs/625044
<faileas> I'm attempting to set up openvpn on ubuntu server using this guide - https://help.ubuntu.com/community/OpenVPN - i am quite sure i have the port open (but i need to drop by to that location to check) but can't seem to connect from my client. I'm wondering if there's any way that i can check if the server's listening/connectable before i start tearing apart my client side setup
<faileas> client side logs - http://pastebin.ca/1926431 server side logs - http://pastebin.ca/1926432
 * ball is confused
<faileas> by me or something else?
<ball> faileas: Life generally.
<ball> brb
<ball> Is it possible to partition an "md" software RAID array?
<qiyong> what's the standard tool to configure rc.d ? rcconf isn't shipped. so what tools else?
<itsux2bu> so when i installed ubuntu-server i was presented with a list of server related apps to install..  like lamp/openssh/samba etc.. i just ran something called Taslsel.. it looks just like the list shown at install time..  its cool..
<itsux2bu> *tasksel
<itsux2bu> is there anything in 32-bit ubuntu server that captures screen output during boot up?  i see a red dot but screen clears too quickly to see text next to it..  or does ubuntu keep any boot logs?
<MatBoy> what is the way to upgrade my testserver to the testing branche ?
<UnGoWyzre> Olla brodderz
<UnGoWyzre> ikonia brotha hola
<UnGoWyzre> bazhang brotha hello
<droogie> I've just installed iRedmail following their instructions and I encountered a problem. I know this is perhaps not the correct channel to ask the question, but I'll try anyway. Everything except phpldapadmin works fine. The problem with phpldapadmin is that it is unable to base dn and thus object navigation is broken. I've verified the dn I use to login with in slapd.conf and it is correct. I can search the ldapdatabase using phpldapa
<ikonia> off to the gym please keep an eye out for ranjan ban dodging and goat-re was kicked as chipped_cpu earlier
<ikonia> oops
<Psi-Jack> Wow, pacemaker is effing awesome when you understand it. :D
<Psi-Jack> What do I need to have installed for pacemaker to use ocf:pacemaker:controld?
<Psi-Jack> For the dlm system to work.
<wastl> hi
<Guest56018> hello
<Guest56018> can i make a question about my ubuntu server, which is running on amazon ec2?
<Psi-Jack> You just did.
<wastl> lol
<wastl> indeed
<wastl> *g*
<Psi-Jack> Hmmm
<Psi-Jack> Trying to figure out what I need to install to get dlm working with ocf:pacemaker:controld.
<Psi-Jack> I installed cman even though I'm using pacemaker, but it still gives a dlm: not installed rc status.
<Guest56018> I have found an AMI with Ubuntu 10.04 installed, it is EBS and i configured everything. The performance is on c1.small
<Guest56018> What can i do to increase the performance to e.g. c1.xlarge
<Daviey> "performance"?
<Guest56018> http://aws.amazon.com/de/ec2/instance-types/
<Daviey> Guest56018: You essentially want to upgrade your instance to a higher spec?
<Guest56018> Amazon is offering different performance types for their virtual machines.
<Guest56018> Thats right, but with the current data on my volume
<Daviey> Guest56018:  smoser might be able to help.  It's not really a Ubuntu specific issue :(
<RoyK> apt-get install \*
<RoyK> :D
<RoyK> hi all. I have this machine used as a number cruncher - it seems the kernel is leaking memory somehow. See http://pastebin.com/ZFbxG3Ni for free/slabinfo/ps. any idea what may cause this?
<Psi-Jack> Hmm interesting.
<Psi-Jack> I upgraded to the PPA for lucid-cluster for pacemaker stuff, which got me dlm controld for it all, but the ocf:pacemaker:controld does not have the parameter for "daemon".
<pmatulis> RoyK: why do you say there is a leak?
<Psi-Jack> Heh, interesting. Though the ocf:pacemaker:countrold doesn't have the "daemon" paremeter, it checks the resource-name instance for if it has [gG][fF][sS] or [dD][lL][mM] in it to determine if it's a gfs or dlm instance. ;)
<smoser> Guest56018, your big issue is with architecture. the largest you can go in i386 is c1.medium.
<smoser> If you want to move to c1.medium, its easy.
<Guest56018> wow, nice! OK; i have to make a whole new AMI (like ubuntu 64bit), and do everything again
<smoser> you stop the instance (ec2-stop-instances), and then start the instance with a new --instance-type (ec2-modify-instance-attribute --instance-type c1.medium <iid>) , ec2-start-instances
<ttx> hggdh, kirkland: ping me when around. need status on server-maverick-uec-testing and server-maverick-uec-liveusb
<Guest56018> Thank you, very helpful! Do there exist different package versions of 32 and 64 bit? I use apache, php, exim4 and so on
<smoser> i have never tried it, but it may be possible for you to boot an i386 root filesystem on an x86_64 arch, you'd have to get the x86_64 modules installed in the root filesytem though.  (you probably dont want to do this)
<Guest56018> I cannot migrate my 32 bit EBS to a 64 bit AMI
<smoser> well, maybe you coudl. its just not goig nto be easy or ideal.
<smoser> http://uec-images.ubuntu.com/server/releases/10.04/
<smoser> those are our released AMI ids.  we should have refreshed ones later today.
<smoser> just pick a x86_64 instance, basically everything will be the same unless you have some arch specific code.
<Guest56018> OK understood everything! Thank you!! I do it from scratch again with your AMIs and hope that everything that worked in the 32 bit now works again
<smoser> there really is very little "works on i386 doesn't on x86_64"
<Guest56018> Final question: This is one possibility to "scale up". Another possibility is to scale up with multiple instances and a load balancer. i have now 5 instances running of one AMI. but where do i have to attach my EBS volume to?
<Guest56018> i don't have RDS nor S3, only an apache website with CPU-needing programs on it.
<mamac> sisi
<mamac> partyboy77, hello
<partyboy77_> Mamac are you here ??
<RoyK> pmatulis: because I'm blind :Ã¾
<mamac> partyboy77, yes I am
<partyboy77_> Hello, someone knows the book "The Official Ubuntu Server Book" ??
<ewook> I belive that might not be updated to the latest, if it resides within the community.
<ewook> more then that, I do not know.
<RoyK> partyboy77_: never heard of it :)
<RoyK> partyboy77_: the review here was quite positive http://millionchimpanzees.blogspot.com/2009/08/official-ubuntu-server-book.html
<RoyK> hm
<RoyK> ven going through just this chapter, I got the impression that the book is geared for the newbie (or wannabe) Linux server administrator. If you have some experience in the Linux server (or just the server) admin arena, the challenge for you might only be getting up to speed with Ubuntu's tips and tricks
<RoyK> s/ven/even/
<partyboy77> I would know which is the best site to begin with Ubuntu Server ??
<Pici> !serverguide
<ubottu> The Ubuntu server guide may be found at http://help.ubuntu.com/10.04/serverguide/C/
 * wastl redirects partyboy77 to #ubuntu-server
<wastl> *g*
<Pici> wastl: thats here
<wastl> oops
<wastl> :m
<partyboy77> :)
<mamac> wastl, :-)
<partyboy77> alcool is so sad.....
<wastl> am on too many chans and am too busy here...
 * wastl is still at work...
 * wastl gives himself a double m) for this
<partyboy77> Ok for Server Guide but is it possible to find it in pdf format ??
<mamac> http://www.google.se/url?sa=t&source=web&cd=1&ved=0CBgQFjAA&url=https%3A%2F%2Fhelp.ubuntu.com%2F9.04%2Fserverguide%2FC%2Fserverguide.pdf&rct=j&q=ubuntu%20server%20guide%20pdf&ei=ob13TOnkLs-gOK3FkbsG&usg=AFQjCNHHiygn5_2a3DJ7OhOmUfMC7f_lkw&cad=rja
<pmatulis> partyboy77: asking for the best starting point for learning about a CLI environment and then wanting it in PDF format is a bad start
<partyboy77> okok
<partyboy77> .....
<MTecknology> what's the cheapest possible vps?
<ewook> your own?
 * Psi-Jack sighs.
<Psi-Jack> Still on that eh, MTecknology?
<MTecknology> Psi-Jack: I just +b -> ##fix_your_connection
<Psi-Jack> Okay, and?
<mamac> what does vps stand for?
<MTecknology> If they come back I want to direct them to using a vps if they can't keep a reliable connection
<Psi-Jack> mamac: Virtual Private Server
<MTecknology> virtual private server
<Psi-Jack> MTecknology: Heh. That's a bit overkill isn't it? :p
<Psi-Jack> Some people's internet connections become temporarily unstable while, for example, their ISP is doing maintenance, or thunderstorms causing interuptions in service, or ... Well, various levels of possabilities.
<MTecknology> Psi-Jack: it's the last thing I'll suggest to them - but I'd like to know in advance
<MTecknology> It's been consistent for a few months
<MTecknology> 200 joins/parts this month
<MTecknology> sometimes 3 or more nicks in the channel
<Psi-Jack> Sometimes, that's even freenode's IRC servers being unstable.
<MTecknology> this is their own connection though
<MTecknology> $6.95/mo for a VPS and then you'd also get to host a website
<MTecknology> probably a php-free website
<patdk-wk> MTecknology, you banning me? :)
<MTecknology> patdk-wk: yes, you! get out!
<MTecknology> patdk-wk: in lastlog I don't even see a join/part from you
<patdk-wk> hmm, only two of me in here right now
<Psi-Jack> heh, patdk-wk.
<patdk-wk> heh, short lastlog list :)
<patdk-wk> look for patrickdk :)
<patdk-wk> isp died for just over an hour yesterday
<MTecknology> patdk-wk: oh, that's still nothing
<MTecknology> patdk-wk: http://dpaste.com/234841/]
<MTecknology> I ran /names 3x
<patdk-wk> those are fun
<Psi-Jack> Heh, well, so far I got my pacemaker running drbd with gfs2 successfully. :)
<Psi-Jack> Now all I gotta do is figure out how the frack to get clvm working with it. heh
<patdk-wk> hmm doesn't know if it's wise to hack you pacemaker
<patdk-wk> are you scared of killing you heart?
<Psi-Jack> heh
<iceflatline> hi all, I'm installing ubuntu server on vmware; any recommendations for minimum mem allocation and hard disk space?
<thesheff17_> I did aptitude install multipath-tools and it didn't create an /etc/multipath.conf file.  Where can I find this conf file?
<thesheff17_> iceflatline: runs fine w/ 512 megs of ram.  Just scale up what you are running on the server from there.
<iceflatline> thesheff17, gotcha, thanks much.
<hggdh> iceflatline: depends on what you want to do; for simple tests, I usually boot a 256M instance; for heavier tests, usually a 512
<iceflatline> hggdh: small home svn and web server - nothing too killer.  First time with VMware though...
<patdk-wk> iceflatline,  what are you going use it for?
<patdk-wk> hmm, web could use some mem, all depends
<patdk-wk> vmware is good at swapping mem though
<MTecknology> iceflatline: I had my first web server on about 16MB RAM - It didn't go fast.. but it worked - now I'd suggested a minimum of ~64MB for Ubuntu server + Nginx
<MTecknology> no.. it was 8MB..
<MTecknology> I think, I know I decked it out
<patdk-wk> smallest I could get ubuntu server to use was 24megs ram :)
<iceflatline> patdk-wk: thanks. I've got plenty of sys mem, so would prefer to avoid swapping if I can. I was considering bumping virtual mem to 1024
<patdk-wk> iceflatline, is this vmware workstation? or esxi?
<iceflatline> patdk-wk: server
<patdk-wk> esxi, just overallocate like nuts
<iceflatline> :)
<patdk-wk> hmm, dunno about server, thought it was dead :)
<iceflatline> k, I'll start with the (vmware) recommended 512 and see how it feels. Thanks for the help guys.
<ttx> hggdh: around ?
<hggdh> ttx: here
<ttx> hggdh: about the uec-testing spec. The items on your shoulders are still up for completion by next week ?
 * hggdh goes to look at the spec
<newz2000> help, I have a job that won't finish unless I give it more ram, can I take a running kvm and add more ram to it w/out restarting the jobs?
<uvirtbot> New bug: #625349 in dhcp3 (main) "DHCPOFFER assigne une ip dÃ©jÃ  attribuÃ© " [Undecided,New] https://launchpad.net/bugs/625349
<hggdh> ttx: of the 3 I have: TAP -- I will mark done; elastic IP -- will do it this week; 2.0 code drops -- I think we can mark this as done?
<ttx> hggdh: yes, please do now
<hggdh> ttx: also, I noticed kirkland has the basic EBS testing -- Sylvain's script does it, so maybe we can mark it done?
<ttx> I need updated status for the release meeting starting in ... 4 min
<ttx> hggdh: sync that with kirkland, but i'd say yes, do it
<hggdh> ttx: updated, including kirkland's task. I will sync with him later on
<ttx> hggdh: ack, thanks
<Psi-Jack> Hmm blast-it all to heck.
<Psi-Jack> Seems like I'm going to have to use both cman and pacemaker just to get clvm working. :/
<Psi-Jack> At least I don't have to use rgmanager though. :0
<smoser> ttx, with no ebs root support in eucalyptus, i dont see any huge value in euca2ools 1.3
<smoser> so i would say stick with 1.2
<hggdh> smoser: I agree, but I would still like to run (for a test) 1.3
<ttx> smoser: that is quickly becoming our common position
<Psi-Jack> Is it even possible to run clvm without cman?
<smoser> Hey. i'm looking for suggestions...
<Psi-Jack> Suggestion: Ask your question.
<smoser> I have been running, for quite a while, tests from lp:~smoser/+junk/ec2-test
<smoser> that really needs to move to the ubuntu-on-ec2 project or somewhere, but ignore that for the moment.
<smoser> what i'm looking for suggestions on is that it creates logs of the test results.
<smoser> I'd like to store those logs somewher other than my laptop :)
<smoser> a bzr branch along side of the test suite, seems to be a reasonable place, but the logs are somewhat large (I currenlty have 86M of logs)
<G> Psi-Jack: I'm pretty sure no
<smoser> they're text, so they compress well, but compressing them before checking them in means that a.) they're less useful and b.) they're binary blobs in a revision control system.
<G> Psi-Jack: I worked w/ cman a lot w/ my old job, and I'm pretty sure clvmd has to use cman for locking
<smoser> hggdh, i think that you are checking in logs larger than that, though, is that right ?
<G> Psi-Jack: I'll just have a quick look
<Psi-Jack> G: Actually, I just did. Just that the ubuntu clvmd init script checks for /etc/cluster/cluster.conf and cman_tool status, but cman communicates through openais and dlm_controld for /everything/, which I already have pacemaker bringing up dlm_controld and it's of course using openais.
<Psi-Jack> Err... clvmd communicates through...
<Psi-Jack> So far though, now that I took out those initial checks in clvmd, it's running and appearing to function without cman at all.
<Psi-Jack> It's just like people think gfs2 requires cman to work, because of gfs_controld, but it's not required, as I'm initiating gfs_controld from pacemaker. ;)
<G> Psi-Jack: well the reason for that is because it's the only solution that Red Hat officially supports (why people think it's the only way)
<Psi-Jack> Yep. :)
<Psi-Jack> Pacemaker's definitely come a looooooong way.
<Psi-Jack> As has it's documentation, for once I finally understand it!
<Psi-Jack> And there's even an ocf provider lvm2 which has clvmd. ;)
<uvirtbot> New bug: #625394 in puppet (main) "Should puppet-master require, suggest or recommend activerecord?" [Undecided,New] https://launchpad.net/bugs/625394
<SpamapS> Psi-Jack: how did your tests go with the pacemaker client?
<Psi-Jack> SpamapS: It works great!
<Psi-Jack> I didn't know pacemaker-mgmt was so nice, but it's pretty decent. Much better than pacemaker-pygui used to be.
<SpamapS> Psi-Jack: Do you know how to upload to a PPA? Would be awesome to have one available since we probably won't be syncing it into Maverick.
<Psi-Jack> SpamapS: I don't know how to, presently, no.
<hggdh> smoser: oh yes. Even compressed, I checked in logs adding up to ~80M
<SpamapS> Psi-Jack: https://help.launchpad.net/Packaging/PPA
<smoser> and this is what you ended up settling on, eh?
<Psi-Jack> SpamapS: Alrighty. I'll look into that in a bit. ;)
<hggdh> smoser: yes, but much against my will. I found nothing else...
<smoser> yeah. and you check in binaries, right ?
<smoser> the .tar.gz rather than the source
<hggdh> I check in tar.gz
<smoser> yeah
<hggdh> of course, every new checkin is a brand new checkin...
<smoser> why did you choose to do that ?
<smoser> versus checking in the tar
<smoser> err.
<smoser> not the tar, but the text output
<hggdh> because of the time it would take to upload them all
<hggdh> each long-running test adds up to 300M of logs
<smoser> hm..
<smoser> is that true ?
<hggdh> well, I am playing it safe, so I save *all* logs
<smoser> a bzr push should send the repo, not the checked out files, and the repo may be compressed for you
<smoser> git can do wonderful things in that regard.
<smoser> lifeless, ?
<hggdh> oh
<hggdh> bloody hell, I forgot that bzr does a good part of it
<hggdh> :-(
<smoser> is there reason for me to compress (ie, create a .tar.gz) before checking something in ? will that gain me anything ? versus checking in a large bunch of text files
<smoser> git does a fantastic job. i really dont have any experience with bzr in this regard.
<RoyK> smoser: it'll break svn diff
<smoser> well, i dont think svn diff would work anyway :) (its bzr)
<smoser> :)
<RoyK> k
<smoser> but yeah, i am just wondering if there is *any* benefit to doing it.
<hggdh> and, in my case, every new log upload is a Brand New Directory, so no diffs
<smoser> at first blush, it seems like you're compressing something, so that will smaller.
<hggdh> smoser: I can try
<smoser> hggdh, but even the new directory may be compressed.
<smoser> ie, you could store *everything* in .bzr in a packed/compressed format
<hggdh> right now I tar -cz every thing I upload
<smoser> that is what git does.
<smoser> right.
<smoser> i'm just saying, that may buy you nothing savings in local storage.
 * RoyK sniggers http://karlsbakk.net/top-24.png
<hggdh> yeah. I have to test it
<smoser> above that should have said "nothing but savings in local storage of the checked out branch"
<hggdh> which might be enough for me, with each test run adding in a few hundreds M
<hggdh> still, I will check it
<smoser> hggdh, my queries in bzr indicate that you should check in the full log files
<zul> smoser: couldnt you store the diff?
<smoser> well, in this case (hggdh's and mine) there is no diff, really.
<smoser> and in both cases, even if there were, thats basically what bzr is trying to generically do
<hggdh> smoser: I will try it on next save
<squidly> anyone hwere use libvirtd? I'm tying to do a couple of tests mostly moving servers between kvm hosts.. but I keep getting an error about the monitor not shoing up
<squidly> this happens if I do it with a win VP or an ubuntu VM
<n0a1ias> hey, I want a server, and i want it to run ubuntu, but i dont know what i want to do with it
<n0a1ias> what are some of the things i could do with ubuntu server
<mickster04> n0a1ias: lol, what a question
<squidly> n0a1ias: what ever you want
<n0a1ias> mickster04, yea i know, sorry ha
<mickster04> n0a1ias: web server ssh server, samba, lamp, the list is endless
<n0a1ias> shh? lamp? sambaa?
<mickster04> n0a1ias: you could install a steam dedicated sever for many of its games, infact any online game will prolly have a server program that you can install]
<mickster04> n0a1ias: woah...ok you need to go to the ubunt server site and do some reading...
<n0a1ias> yea im on it now as well as here
<mickster04> if you don't know what it can do or what you wanna use it for why have it, you can do most things with ubuntu anyway
<squidly> why not start out with something basic.. like a webserver
<n0a1ias> because i have an old computer and dont know what to do with it
<n0a1ias> ok i dont have a website, i guess i better make one
<n0a1ias> once i have a website how would i put it on the server?
<n0a1ias> like im using webs.com
<smoser> n0a1ias, or maybe you want to learn assembly programming, or write documentation, or learn python/C/perl/. web hosting is not the only thing you can do.
<mickster04> n0a1ias: with all due respect this is a help channel not a hold your hand channel. there are plenty of good guides out there...
<smoser> figuring out what you *want* to do is probably a good place to start :)
<n0a1ias> haha, im not into programing, in taking cico classes and im gonna be a computer engineer, so is there anything i would need for that?
<squidly> smoser: that only place to start really.. unless you want a server there doing nothing except warming your house and using more power
<smoser> cico == cisco ?
<n0a1ias> wel im am cold....
<webwurst> n0a1ias: and here is the link regarding ubuntu-server http://doc.ubuntu.com/ubuntu/serverguide/C/ :)
<n0a1ias> yes, im on a netbook with a small keyboard, sorry
<mickster04> n0a1ias: yeah, when my room gets cold I play some games to make it warm me upD
<n0a1ias> ha
<smoser> if you're interested in networking, there are loads of things you can do. you could run an VPN on it, play with routing, learn ipv6.
<webwurst> n0a1ias: you could setup a webserver yourself as a start http://doc.ubuntu.com/ubuntu/serverguide/C/httpd.html
<n0a1ias> i like the idea of vpn, but i use my home network for experimentation.
<squidly> and that is just for starters
<n0a1ias> well here, lets start at the begining
<n0a1ias> what is a server?
<webwurst> n0a1ias: pls read the server-guide and ask what you dont' understand ;)
<n0a1ias> ok.
<mickster04>  n0a1ias again this isn't a kindergarten of servers....
<webwurst> n0a1ias: you know wikipedia?
<n0a1ias> i know
<n0a1ias> yea, i know what a server is, im just putting the deffinition out there so i can find out what i what it to do
<shauno> n0a1ias, wrong way around imho.  if you decide it's a hammer now, you're just going to bend a lot of nails
<shauno> figure out what you want to do, and then worry about getting the tools to play along
<n0a1ias> isnt that what im doing? i think i might go for a shh but im not shure btw
<mickster04> n0a1ias: you really don't have any need of a server therefore it is a waste of electricity
<webwurst> n0a1ias: yeah, just do it http://doc.ubuntu.com/ubuntu/serverguide/C/openssh-server.html
<mickster04> n0a1ias: you can install normal ubuntu on older hardware too, or look at things like puppy linux
<squidly> pick something to learn and learn it
<n0a1ias> i know but i want a server, if for no other reason than that im still doing it
<n0a1ias> could i have it do multiple things?
<mickster04> n0a1ias: if you want to install a frontend onto the server (a gui) you may aswell install ubuntu and install the server type packages oontop of that#
<webwurst> n0a1ias: do it! and then ask if it does not work
<mickster04> n0a1ias: of course
<n0a1ias> ok thanks, im going with shh, and a proxy server
<mickster04> n0a1ias: have fun
<smoser> hggdh, so, a little test and results here:
<smoser> $ du -hs .bzr
<smoser> 4.1M    .bzr
<smoser> $ ls -lh *.tar.gz
<smoser> -rw-r--r-- 1 smoser smoser 420K 2010-08-27 13:12 hardy-server-daily-20100827.tar.gz
<smoser> -rw-r--r-- 1 smoser smoser 433K 2010-08-27 13:12 karmic-server-daily-20100826.tar.gz
<smoser> -rw-r--r-- 1 smoser smoser 975K 2010-08-27 13:12 lucid-server-daily-20100827.tar.gz
<smoser> $ du -hs *2[0-9]
<smoser> 3.2M    hardy-server-daily-20100827
<smoser> 3.2M    karmic-server-daily-20100826
<smoser> 7.4M    lucid-server-daily-20100827
<smoser> hte bzr repo is tracking the directories. i just created the tarballs to see what size they would be themselves.
<smoser> (ie, if i checked them in).
<smoser> so, the checkout is 7.4 + 3.2*2 = 13.8 M.
<smoser> the tarballs would be 1.8M
<smoser> and the .bzr dir is 4.1M
<mickster04> is there a non-caching proxy for ubuntu?
<smoser> mickster04, i would guess that you could turn caching off on squid or robably any other proxy.
<smoser> hggdh, when i checked those tarballs into a new repo, the .bzr dir was 1.9M.
<smoser> so, this is just "initial state", but the .tar.gz checkins do benefit you at least there. maybe later in repo life you'd get better delta storage.
<mickster04> smoser: well lasst tim i tried when a user was denied access it still mention cache rather than proxy
<smoser> i really odnt have any experience with it, sorry. it just would seem like you could set the cache size to 0 or very low and essentially kill it
<mickster04> smoser: yeah thats what i thought. i wonder if theres a way of testing it
<tynot> por favor, fresh 10.04.1 server install. setup local ip, sn & dns (off-site). can ping everywhere, but dns not working. couldn't download any packages. help?
<smoser> tynot, your /etc/resolv.conf has a dns ?
<tynot> on a macbook pro in the same local network. best way to term into it to check?
<tynot> smoser, i thought i entered it.
<smoser> 'term into it' ? ssh ip.address
<mickster04> smoser: does mac have an ssh server?
<smoser> my guess is that you put in a bad dns server, or cannot reach the dns server.
<smoser> i have no idea. but my guess is yes.
<squidly> yes it does
<mickster04> squidly: what does?
<zul> smoser: there isnt a <name>-initrd-virtual anymore in maverick?
<smoser> silly you
<smoser> that was gone in lucid
<smoser> uec-publish-tarball is what you want to use.
<zul> smoser: its in the readme though
<smoser> what README ?
<smoser> does it not say optional ?
<smoser> http://bazaar.launchpad.net/~ubuntu-on-ec2/vmbuilder/automated-ec2-builds/annotate/head%3A/README.files ?
<zul> ah yes...i didnt read that part
<smoser> :)
<lifeless> smoser: not sure what you're asking
<smoser> well, basically, hggdh is checking into a bzr repo a bunch of .tar.gz files that contain a directory full of logs (text)
<smoser> he's doing that in an effort to save disk and bandwidth
<smoser> i had hoped/thought that it not actually save .bzr/ space or bandwidth, and thus he could simply check in uncompressed text logs.
<smoser> my test shows that bzr does an OK job (gets some compression) but not a great job.  in the initial commit the .bzr directory is smaller by checking in .tar.gz files than by checking in dir/*.txt files.
<smoser> before testing it, i was asking you if checking in .tar.gz files was pointless.
<smoser> my test did only initial check in, i'm not sure if future commits would see better deltas with text than with tar
<smoser> that all make sense ?
<lifeless> checking in .tar.gz is pointless
<lifeless> it is in fact counterproductive because zlib fucks with the data so that its extremely hard to compress it further
<lifeless> bzr and git use the same underlying compressor; we do different things on top, but I'd expect pretty similar results
<smoser> bzr did better out of the gate than .git did.
<smoser> but git repack came away ahead
<smoser> again, this is only after the initial commit.
<lifeless> sure
<smoser> its not completely counterproductive, as my numbers show above
<lifeless> smoser: du -sh .bzr is often an inaccurate count
<lifeless> particularly if you're trying to assess bandwidth and space over time
<axisys> anyone know the ubuntu channle name for ubuntu virtualization talk ?
<smoser> axisys, either here or ubuntu-cloud
<lifeless> if you want to measure active storage you need to exclude .bzr/repository/{obsolete-packs,upload}
<axisys> smoser: i think it something like #ubuntu-virt.. or something.. i forgot
<smoser> axisys, http://www.mail-archive.com/ubuntu-server@lists.ubuntu.com/msg04352.html
<axisys> smoser: no wonder :-)
<axisys> smoser: thanks
<axisys> smoser: i was trying to go to #ubuntu-virt.. should have redirected me to #ubuntu-server .. may be it did and I did not pay attention
<smoser> axisys, it did
<smoser> you're here :)
<axisys> smoser: i usually login to #ubuntu-server by default.. may be that is why i did not notice.. thanks
<axisys> i have a laptop with intel core 2 duo 2.4ghz, 8gb ram and 750gb hard drive.. i want to setup my private cloud in here while still have gnome (after all this is my laptop) .. what path is recommended for that ?
<axisys> should i install desktop and then use vbox to install ubuntu cloud ?
<axisys> or should i do desktop + kvm and do the cloud using kvm ?
<axisys> too many choices.. :-)
<SpamapS> can we teach uvirtbot things?
<SpamapS> !uvirtbot
<SpamapS> uvirtbot: can you learn?
<uvirtbot> SpamapS: Error: "can" is not a valid command.
<SpamapS> uvirtbot: launchpad
<uvirtbot> SpamapS: Error: "launchpad" is not a valid command.
<Pici> Why? ubottu is here.
<SpamapS> Oh I meant ubottu
<SpamapS> uvirtbot: sorry
<uvirtbot> SpamapS: Error: "sorry" is not a valid command.
<Pici> !usage
<ubottu> Hi! I'm #ubuntu-server's favorite infobot, you can search my brain yourself at http://ubottu.com/factoids.cgi - Usage info: http://ubottu.com/devel/wiki/Plugins#Using
<SpamapS> should really teach ubottu what happend to ubuntu-virt ;)
<axisys> SpamapS: probably a good idea or smoser have to keep posting that mail for all newbies like me :-)
<axisys> s/have to/has to/
<SpamapS> smoser: ^^
<smoser> ?
<smoser> i have no idea how to teach that finicky old ubuttu
<smoser> ubuttu, read the above and teach yourself.
 * SpamapS admits his puny attempt at delegation failed
<squidly> what happened to ubuntu-virt?
<soren> squidly: The IRC channel?
<soren> squidly: It was folded into this one.
<squidly> ahh okies
<n0a1ias_> so would a samba server be a secure print server?
<mdeslaur> http://www.serverwatch.com/trends/article.php/3900711/The-Top-10-Linux-Server-Distributions.htm
<ivoks> mdeslaur: yay!!!
<n0a1ias_> so would a samba server be a secure print server?
<ivoks> no
<ivoks> cups is a secure print server
<ivoks> even windows can print on cups shard printers
<n0a1ias_> oh, then whats samba?
<ivoks> samba is file sharing
<ivoks> it can do printer sharing too
<n0a1ias_> oh.. thanks
<n0a1ias_> whats a good vpn server that i can install on ubuntu normal?
<zash> n0a1ias_: openvpn
<n0a1ias_> thanks
<Fredrick> hey, my other nick is n0a1ias, i had to move to the computer im installing openvpn on
<Fredrick> who was the one who suggested that to me?
<RoyK> freeflying: zash
<RoyK> freeflying: ops - wrong
<zash> whowhatnow?!
 * zash said "openvpn"
<SpamapS> phew.. 12 bugs triaged.. i think thats a new single day record for me
<zash> SpamapS: yay, gratz! \o/
<n0a1ias> is there an open vnc room?
<n0a1ias> cuz im lost?
<patdk-wk> yay, loading launchpad, googlemaps rejected me :)
<patdk-wk> "The Google Maps API server rejected your request. The "client" parameter specified in the request is invalid."
<ScottK> You can turn the map off.
<patdk-wk> http://gawker.com/5537406/how-to-sneak-a-dirty-joke-into-the-new-york-times
<patdk-wk> scottk, I know
<n0a1ias> how do i get my ubuntu to be an anonymous proxy server like freeproxyserver.com?
<mickster04> apt-get dist-upgrade will update to a newer version of ubuntu right (think 9.10 to 10.04)
<panfist> i was in here asking about umasks for nfs shares, and i guess the general answer is that the system umask applies to local and nfs file systems
<panfist> in general, i want an nfs share where all users on my network can collaborate, regardless of group membership
<panfist> but, i don't want to change the umask of each system that will compromise a user's own files
<panfist> so what's the correct (or a good) practice in ubuntu for creating a shared network space where any users are free to read/write each other's files, just in that one space and not in general?
<Nafallo> ivoks_away: happy birthday! :-)
<patdk-wk> mickster04, nope, not at all
<mickster04> patdk-wk: oh what is then
<patdk-wk> do-release-upgrade
<binBASH> hi patdk-wk
<patdk-wk> hey
<n0a1ias> anybody ever use squid-cache?
<patdk-wk> sure
<n0a1ias> great!
<n0a1ias> you cool with pm?
<patdk-wk> now that you used your 1 question allocation, move along :)
<n0a1ias> that way all the info is in the same place
<n0a1ias> hah
<n0a1ias> wait really?
<n0a1ias> hello?
 * patdk-wk doesn't know pm
<patdk-wk> power management?
<n0a1ias> no, privet message
<patdk-wk> those are evil
<n0a1ias> oh, ok
<n0a1ias> so no.
<n0a1ias> anyway
<n0a1ias> i just installed squid
<n0a1ias> how do i control it?
<patdk-wk> depends on your definition of control
<patdk-wk> /etc/squid/squid.conf
<patdk-wk> the squid cgi?
<n0a1ias> yea the cgi
<patdk-wk> dunno, I don't use the cgi
<n0a1ias> what do you use? cli?
<patdk-wk> the config file :)
<n0a1ias> it says command not found
<n0a1ias> what is squid used for?
<n0a1ias> like i know its for taking pages and saveing them to make internet faster, but how does it make you more secure?
<patdk-wk> I dunno how it makes you more secure
<n0a1ias> oh
<patdk-wk> unless you tell it, never to allow anyone to download exe files
<patdk-wk> but that isn't much security
<n0a1ias> why do you use it?
<n0a1ias> why do you use squib?
<n0a1ias> and if i download it, then dont configure it, will it do anything at all?
<patdk-wk> it will do some, but not much
<n0a1ias> hmm
<patdk-wk> I use it to cache the crap out of .deb, .iso, all images, and stuff
<patdk-wk> gives the work here about a 15% speed boost
<n0a1ias> i dont understand
<patdk-wk> I don't know why you are bothering with squid
<n0a1ias> me either but now i want to know
<patdk-wk> cause you can totally screw your internet up with it (atleast websites)
<n0a1ias> so when you need a .iso, you use the cached one and its faster then downloading and saving one?
<patdk-wk> only if you already downloaded it before
<n0a1ias> hmm
<n0a1ias> ok well i save all my disks so i guess i wouldnt really use it
<n0a1ias> thanks for the help
<patdk-wk> now, caching image files helps everyone though
<n0a1ias> ??
<patdk-wk> all the pictures on websites people browse
<patdk-wk> those are reused a crapload
<n0a1ias> o those
<patdk-wk> but you get into issues there
<patdk-wk> can your harddrive seek and load them, faster than you can download them :)
<n0a1ias> and does it do that with out being configured?
<patdk-wk> it will, but I forget the default times it uses for them
<patdk-wk> I have mine set to pretty long
<patdk-wk> if I download a picture, it goes int othe cache, and it wont bother to ask if it has changed even, for 12hours
<patdk-wk> by default, I think it's 30min or something
<patdk-wk> but it still asks if it changed
<n0a1ias> oh, ok so i should change that
<n0a1ias> but id set it to 6 hours
<n0a1ias> so to do that i cd into the config folder?
<patdk-wk> na, you edit the config, and restart squid
<n0a1ias> wheres the config?
<n0a1ias> wheres the config
<n0a1ias> this is ubuntu-server?
<Hopsa> Hi people! My Ubuntu Lucid is fully updated and dhcpd segfaults. Valgrind sais its due to an "Invalid read of size 4". Is this a known issue or ?
<n0a1ias> this is ubuntu-server, you want ubuntu
<n0a1ias> try /join #ubuntu
<Hopsa> ?
<n0a1ias> type this
<n0a1ias>  /join #ubuntu
<Hopsa> go away please
<n0a1ias> only without the space infrint
<Hopsa> Have you a fritz :)
<ScottK> n0a1ias: Please don't assume people aren't running servers.
<ScottK> Hopsa: "Go away please" isn't very nice either.
<ScottK> Come on.
<Hopsa> See it from my side of the planet ;)
<n0a1ias> oh, sorry
<n0a1ias> are you?
<n0a1ias> didnt mean to sound mean
<ScottK> According to previous discussion on #ubuntu-devel, yes.
<n0a1ias> once again, sorry
<Hopsa> ScottK. Any chance that dhcpd will be updated so it has a chance to function properly on Lucid ?
<ScottK> Hopsa: I don't know.  It's not a package I personally pay a lot of attention to.  The advice you've already gotten to file a bug is good advice.
<Hopsa> Hmm, id pay attention to any critical package if i where you.
<ScottK> Why should I?  It's not critical for me.
<Hopsa> Inhabitateem est
<Hopsa> Corriculaare
<Hopsa> ScottK: Do you know youre in #ubuntu-server and doesnt feel a server segfaulting is bad ?
#ubuntu-server 2010-08-28
<ScottK> Hopsa: Why do you think all of Ubuntu server is my personal problem?
<ScottK> I agree it's bad, just not that I'm required to be the one that fixes it.
<Hopsa> You tried to defend "n0a1ias" and then you started talking to me.
<Hopsa> n0a1ias is at best a bot at worst a failed experiment to code a bot.
<n0a1ias> what?
<n0a1ias> no
<n0a1ias> im not a bot
<Hopsa> 1/3 = ?
<n0a1ias> 1 sec
<Hopsa> ok
<n0a1ias> 0.3333333333
<n0a1ias> repeating
<n0a1ias> im sorry i was mean, but wow.
<n0a1ias> jear
<n0a1ias> jerk**
<Hopsa> 3,1592 ... is ?
<n0a1ias> pie
<n0a1ias> waitno
<n0a1ias> a number?
<n0a1ias> idk the question
<Hopsa> 3.141592653589793... ?
<Hopsa> Its PI
<n0a1ias> oh, the missing 4 threw me off
<Hopsa> lol
<n0a1ias> so yea
<n0a1ias> not a bot
<Hopsa> If you scroll up and explain why i could have thought you're then i can accept any outcome of this discussion :)
<n0a1ias> yea i just did
<n0a1ias> hah
<Hopsa> Accepted
<Hopsa> Where in europe do you live, what country ?
<n0a1ias> USA....
<Hopsa> North or south ?
<Hopsa> So what ive learned about #ubuntu-server so far is this: ScottK thinks dhcpd is: "It's not a package I personally pay a lot of attention to". n0alias likes the shiny shiny colors (joking) and the rest of the channel is out partying ?
<n0a1ias> south
<Hopsa> Thanks!
<n0a1ias> yep
<n0a1ias> haha
<Hopsa> n0a1ias: Is it always this quiet here ?
<n0a1ias> yea
<n0a1ias> unfortunitly
<Hopsa> I feel that some shouldnt be here at all given that regard and respect it deserves. Do you require new staff ?
<Hopsa> Its very important to care. Am i right ?
<Hopsa> ScottK: Correct me if im wrong, but arent you a member of ubuntu and you just said that you dont give a shit about servers in ubuntu but are located in #ubuntu-server ? /What kind of "member are you" ?
<Psi-Jack> Ahhh.. Hopsa. A known troll.
<Hopsa> Really ? Please provide intel on this ?
<Psi-Jack> Lets see.. moatbuilder, Dionysos, Manjula, Ballefjon, Jusfication, Melkerscrollan, even GayAnankePsi.
<Hopsa> What ?
<Psi-Jack> Always coming from that VERY specific IP you're on now, plus ip-*-*-179-93.dialup.ice.net
<IdleOne> Psi-Jack: you forgot bermanrules
<Hopsa> [Hopsa] anthony.freenode.net :Irvine, CA, USA
<Hopsa> * [Hopsa] is connecting from *@h156n2fls32o256.telia.com 81.231.133.156
<Psi-Jack> IdleOne: I haven't logged that one yet apparently.
<Hopsa> ???
<Hopsa> psi-jack: ?
<Psi-Jack> Cut the crap, troll.
<Hopsa> Thanks then i guess. How rude.
<Psi-Jack> Anyway.
<Psi-Jack> I found an issue with Ubuntu 10.04's lsb/init-functions that might should be looked into. Basically when using status_of_proc -p PIDFILE DAEMON, it passes it to pidofproc which cares nothing for DAEMON if -p PIDFILE is given so if the PIDFILE doesn't exist it returns rc=4 instead of checking the pidof DAEMON and determining if it's actually running regardless of the pidfile.
<Psi-Jack> Kinda breaks LSB a bit by returning rc=4 when it could in fact return 0 or 3 as expected.
<Hopsa> PIDFILE=`cat Location_Of_Pidfile` has worked the best and is the recommended aquireing of PIDS for programs
<Psi-Jack> Hopsa: Shut it already.
<Psi-Jack> My fix for it was to alter line 94 of lsb/init-functions to: if [ -x /bin/pidof -a -n "$1" ]; then  -- So if DAEMON is passed to it, it assumes since it's already shifted $OPTIN, that it at least has a daemon name.
<Psi-Jack> That whole check for $specified is really kinda lame. ;)
 * Hopsa Has nothing to say and i bet your question will go unanswered.
<kuttan_> Have a bad package entry in my systems apt database, and the name persists despite the removal  of the package . How can I get rid of this entry
<kuttan_> synaptic show post_install script failure ..
<kuttan_> Have a bad package entry in my systems apt database, and the name persists despite the removal  of the package . How can I get rid of this entry
<kuttan_> synaptic show post_install script failure ..
<Psi-Jack> And.. Why... prey tell... Are you running synaptic on a server?
<kuttan_> okay that was not required , but yet ..
<Psi-Jack> synaptic means you're running X, which means you're not running a server.
<Psi-Jack> Or, if you are, you're stupid crazy for running X on a server.
<kuttan_> ?
<Hopsa> psi is trolling
<Psi-Jack> No, Hopsa, you still are.
<kuttan_> k thanks for you kind contribution
<Psi-Jack> kuttan_: You need #ubuntu
<WitBier> Smoked too much again Psi-Jack ?
<Psi-Jack> Told ya.
<WitBier> Idiot
 * Psi-Jack gets freenode staff.
<WitBier> Please try to behave sir
<Psi-Jack> !ops WitBier and Hopsa == Known troll.
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<kuttan_> k some other time , thanks all
<Psi-Jack> heh, so anyway. I only have a couple issues left to resolve with my pacemaker + drbd + dlm + clvmd + IPaddr2 + iSCSI stuff.
<biodegabriel> Heyall, Does anybody know of a good tutorial on setting Postfix with Ubuntu 10.04? The ones at help.ubuntu.com are way way too wordy and complicated.
<Psi-Jack> and, what exactly are you trying to do with postfix?
<Hopsa> http://www.postfix.org/BASIC_CONFIGURATION_README.html
<Psi-Jack> biodegabriel: And https://help.ubuntu.com/community/Postfix is too wordy and complicated?
<biodegabriel> thx Hopsa!
<Hopsa> biodegabriel: Np!
<biodegabriel> Psi-Jack: I was using this one "https://help.ubuntu.com/10.04/serverguide/C/postfix.html" and it started explaining stuff about paying Certificate Authorities to certify you... I was like... WTF?!
<Psi-Jack> That looks about the same thing.
<Psi-Jack> Still.. Not very complicated, compared to past documentation basic guides. :p
<biodegabriel> Psi-Jack: Step 2 sends you to another page where they lecture you on certiifcates.
<Psi-Jack> Which you don't have to follow that part. :p
<biodegabriel> Psi-Jack: Yeah, but the "note"s come after the instructions. It's totally a-linear. Not what I need in instructions/tutorials.
<Psi-Jack> Instead, the alternative, creating a self-signed certficiate, or flat-out skipping the sections 2-4
<biodegabriel> Psi-Jack: Want to setup my Postfix install for me?
<Psi-Jack> Nope
<Psi-Jack> I want you to RTFM and follow it as it's written because that guide is actually really fricken nice. :)
<biodegabriel> Psi-Jack: Nice for people who've installed Postfix 12 times before. Not for n00bs like me.
<Psi-Jack> Actually, it's exactly for "n00bs" like you.
<biodegabriel> Psi-Jack: How many users pay for certified certificates?
<Psi-Jack> biodegabriel: Millions. However you don't need to get a certified certificate, or even follow the steps 2-4, as I've said already.
<biodegabriel> Psi-Jack: If only you were sitting beside me ten minutes ago...
<Psi-Jack> You wouldn't want that. ;)
<Psi-Jack> I uses a sheleighly on my students. ;)
<Hopsa> Shenanigan ?
<uvirtbot> New bug: #623144 in chkrootkit (main) "chkutmp assert failure: *** stack smashing detected ***: ./chkutmp terminated" [Undecided,New] https://launchpad.net/bugs/623144
<Hopsa> A very funny game i played --- Monkey Bubble --- Absolutely love it, check it out!
<Hopsa> uvirtbot: *__GI_abort () at abort.c:92 is not aborted properly you say ? ;)
<uvirtbot> Hopsa: Error: "*__GI_abort" is not a valid command.
<Hopsa> Interresting /yawn
<Hopsa> Now thats interresting, Married with children is on! :)
<biodegabriel> Hey all, How do i find out if I have have sendmail installed? (I'm not joking, i really don't know).
<gtpeacock> I just installed 10.04 server.  One partition is mounted on installation as type ntfs in fstab.  Is there any reason not to use ntfs-3g?
<pmatulis> biodegabriel: use dpkg to query what's installed or just look for the sendmail binary
<biodegabriel> pmatulis: thx
<pmatulis> biodegabriel: 'dpkg -l *sendmail*' or 'which sendmail'
<pmatulis> respectively
<biodegabriel> pmatulis: i was typing 'sendmail which'. LOL
<pmatulis> hmmm, a sendmail witch, nasty thing
<Hopsa> biodegabriel: ls /usr/sbin/sendmail
<Hopsa> Install sendmail-cf if you intend to use it.
<biodegabriel> Hopsa: cool
<Hopsa> :)
<WinstonSmith> hi everybody. my server 8.04 wont reboot anymore. i give it a reboot or shutdown -r now and just nothing happens... i get the message that it will reboot but nothing
<dschuett> anyone running squid on 10.04?
<WinstonSmith> which log should i look at?
<progre55> hi guys! anyone knows if "setfacl" works on ubuntu?
<Hopsa> WinstonSmith: I would urge you to upgrade because ive seen indications on that 8.04 isnt prioritized anymore. An odd decition, but nevertheless perhaps a fact.
<Hopsa> WinstonSmith: If you run servers and they work ok, then upgrading atm isnt a good option if you rely on a dhcp server as the one in Ubuntu Lucid isnt working as far as i can tell.
<WinstonSmith> Hopsa, thx for responding. the server belongs to a friend of mine and runs a website blog etc and he does not want to upgrade without me being there and thats 3000 km away :(
<Hopsa> httpd is ok
<Hopsa> in Lucid
<WinstonSmith> yes but can you tell me anything about my question plz?
<pmatulis> 8.04 server will receive security fixes and critical fixes until April 2013
<WinstonSmith> cause i just upgraded the kernel and then tried a "reboot" (uptime was 100 days) and it just doesnt reboot
<WinstonSmith> which log this kind of command would be logged to?
<WinstonSmith> yes 8.04 is LTS thats why we chose it
<Hopsa> WinstonSmith: I do know that one of my friends Ubuntu-8.04 Firefox stopped working. Perhaps due to an upgrade he did, but the result was he had no browser anymore. "ns_loginit()" problem, possibly due to different versions of xulrunnel.
<Hopsa> "shutdown -h now" ?
<WinstonSmith> Hopsa, yes but im talking about a headless server no GUI or FF
<Hopsa> "shutdown -r now" ?
<Hopsa> -r     Requests  that  the system be rebooted after it has been brought
<Hopsa>               down.
<WinstonSmith> Hopsa,  as i said above "shutdown -h now" or reboot produce the message that system is going down for reboot and then nothing happens
<WinstonSmith> reboot just being an alias to  "shutdown -h now"
<Hopsa> Yep
<Hopsa> or ... -r now
<WinstonSmith>  i have no entry in dmesg or /var/log/messages related to my reboot try
<Hopsa> -h means shut down or (halt)
<WinstonSmith> oh yeah typo sry
<Hopsa> np
<Hopsa> So, nothing happens ?
<WinstonSmith> is there any other log that i could look at ... this behavior is really strange
<Hopsa> also check /var/log/secure
<WinstonSmith> the machine had a load of 3x for weeks cause we had a runaway msql and a gameserver who ate all resources ... maybe related to that?
<EvilPhoenix> lol
<WinstonSmith> i have no /var/log/secure
<EvilPhoenix> is there a way to see how you're doing on disc space on VPS systems in openvz?
<Hopsa> ls /var/log
<WinstonSmith> yes i just moved from portugal to germany so i wasnt really on top of things ... no internet
<Hopsa> some dists call it "security" etc
<WinstonSmith> yes i know
<Hopsa> reboot it and see if setjmp will work correctly then.
<WinstonSmith> nothing with that name around
<dschuett> does anyone run squid on ubuntu 10.04
<Hopsa> Yep
<biodegabriel> Hey all, What do I do when a package I'm trying to install can't be found? Do I try another source? http://pastie.org/1121778
<Hopsa> dschuett: squid-2.7STABLE7
<dschuett> Hopsa: does it run ok?
<dschuett> i can't stop start or reload, i get this: reload: Unknown instance:
<Hopsa> Yes, but watch out for the switch to Squid 3. Then you must remove acl "all" because its been built in.
<Hopsa> For some unknown reason.
<dschuett> ah, ok thanks for the heads up
<Hopsa> Np. Stop it then start it... ?
<dschuett> Hopsa: when i do a squid stop...i get: squid is already running!
<dschuett> same with start and reload
<Hopsa> Hmm, hmm...
<Hopsa> killall -9 squid
<dschuett> if i do this: /etc/init.d/squid reload stop or start i get unknown instance
<Hopsa> it could have a lingering .lock file in /var/lock/squid.lock or so
<Hopsa> Perhaps due to a powerfailure or so
<dschuett> Hopsa: that killed it...i was able to start it, but on squid stop or reload it says "squid is already running!"
<dschuett> are you on ubuntu 10.04?
<Hopsa> Yes, i have one of those running beside me
<WinstonSmith> anyone else an idea why shutdown -r now does not work anymore?
<dschuett> damn, i googled the error, and a lot of people are having this issue...but no solutions
<EvilPhoenix> you tried shutdown -h?
<EvilPhoenix> er
<EvilPhoenix> nevermind
<EvilPhoenix> ah to restart
<EvilPhoenix> one sec
<Hopsa> dschuett: Try to start and stop squid manually and see if its the scripts that call squid the wrong way.
<Hopsa> call = try to start
<WinstonSmith> EvilPhoenix, i have to reboot the server is offsite ~3000km away :|
<Hopsa> I wonder if winston could signal the init process to make a reboot somehow...
<EvilPhoenix> shutdown -r worked for me on both my servers
<dschuett> Hopsa: not sure how to do what you are asking
<EvilPhoenix> not sure if its just your system
<EvilPhoenix> WinstonSmith:  ^
<Hopsa> Init should have a process id of "1". Does it have that winston ?
<WinstonSmith> EvilPhoenix, the server is running fine for 2.5 years. every 2 month or so i make all the updates and reboot. never had a single problem wiith it rocksolid :)
<WinstonSmith> hopsa 1 sec
<WinstonSmith> yes it does
<Hopsa> dschuett: Your scripts try to start and stop servers one way, perhaps they are not doing it correctly. Try stopping squid and then starting it manually. "squid -k start" maybe (cant remeber atm)
<Hopsa> squid -k reconfigure | rotate | shutdown | interrupt | kill | debug | check |
<Hopsa>        parse
<Hopsa> squid -k shutdown && squid
<dschuett> k, did that
<Hopsa> squid -k shutdown && squid || echo "I have failed to stop and start squid"
<Hopsa> Worked ok ?
<Hopsa> then id suspect the sysinit script
<dschuett> yeah, it killed it
<Hopsa> and started ok ?
<dschuett> just try squid start?
<Hopsa> k
<dschuett> says squid is already running
<dschuett> any easy way to upgrade to 3.0?
<biodegabriel> Hopsa: Do you know what I'm doing wrong here? http://pastie.org/1121802
<Hopsa> dschuett: use the debian versions
<Hopsa> checking
<Hopsa> isnt itr libsasl ? ... use a "*" if unsure
<WinstonSmith> biodegabriel, do you have all the repos enabled?
<Hopsa> itr/it
<Hopsa> bbiaw
<WinstonSmith> cause my apt-cache gives me libgsasl7 - GNU SASL library
<biodegabriel> WinstonSmith: here are my repos: http://pastie.org/1121808
<pmatulis> biodegabriel: just what are you trying to do?
<WinstonSmith> biodegabriel, hmmm thats really strange because the package is in the universe repos which you have enabled
<biodegabriel> pmatulis: install mailutils. i'm following this tutorial: https://help.ubuntu.com/community/PostfixBasicSetupHowto
<pmatulis> biodegabriel: your answer doesn't correspond to what you just pastebin'd
<pmatulis> (libgsasl)
<biodegabriel> pmatulis: i know, but when i try and install mailutils, it installs some other packages, one of which is libgsasl, and that's the one that fails.
<pmatulis> biodegabriel: did you provide that error output?
<biodegabriel> pmatulis: yup http://pastie.org/1121778
<pmatulis> biodegabriel: error shows astromirror.uchicago.edu but your system shows mirror.ne.gov
<Hopsa> INSTALL this first: http://altruistic.lbl.gov/mirrors/ubuntu/pool/universe/g/gsasl/libgsasl7_1.4.4-1ubuntu1_amd64.deb
<WinstonSmith> so does anybody else an idea on how to reboot a machine if reboot, shutdown -r and init 6 dont work?
<pmatulis> WinstonSmith: try 'reboot'
<WinstonSmith> pmatulis, please read my msg
<pmatulis> WinstonSmith: oh
<WinstonSmith> ;)
<pmatulis> 'shutdown -r now' ?
<pmatulis> biodegabriel: well?
<WinstonSmith> pmatulis, in my msg i said : reboot, shutdown -r and init 6 dont work
<biodegabriel> pmatulis: just a sec.
<pmatulis> WinstonSmith: but not 'shutdown -r now'
<WinstonSmith> yes but thats just the timer
<pmatulis> WinstonSmith: try it then
<WinstonSmith> i tried all that for quite some time now.... thats wjy im asking
<WinstonSmith> why*
<WinstonSmith> if theres any other way to reboot
<pmatulis> WinstonSmith: any output from these commands?
<WinstonSmith> i give it a reboot or shutdown -r now and just nothing happens... i get the message that it will reboot but nothing
<WinstonSmith> no entry in dmesg or /var/log/messages
<biodegabriel> sorry pmatulis, i'm doing something wrong. is this the right command? http://pastie.org/1121824
<pmatulis> WinstonSmith: anything in the logs?
<WinstonSmith> no entry in dmesg or /var/log/messages
<WinstonSmith> is there any other log you could point me to?
<pmatulis> biodegabriel: your're thrashing, please stop
<pmatulis> WinstonSmith: type 'dmesg'
<biodegabriel> thrashing?
<Hopsa> WinstonSmith: "reboot -f" ?
<Hopsa> force
<WinstonSmith> Hopsa, ok will try that
<pmatulis> biodegabriel: answer my question re discrepency between your sources.list file and the error output
<biodegabriel> pmatulis: i was using another source cause i tried 4 other ones and they all said that the package couldn't be found. should i edit my sources list everytime i want to try a different source?
<pmatulis> biodegabriel: just stop thrashing like that.  use the official mirrors
<WinstonSmith> Hopsa, thats seems to have helped :D. i have to wait a bit now to see because it will fsck at boot and has over 2 TB so takes some time
<biodegabriel> pmatulis: what are the official mirrors? i got my mirrors from this list https://launchpad.net/ubuntu/+archivemirrors
<WinstonSmith> Hopsa, pmatulis thank you for your time & have a nice day (or night whereever you are)
<Hopsa> WinstonSmith: May the force be with you, always! ... Ill wait until it comes up, gotta go catch some shut eye myself :)
<Hopsa> Np!
<WinstonSmith> i am your father luke!!!
<Hopsa> Haha! :)
<WinstonSmith> Hopsa, since you ate still here... ;) do you have a clue what caused this kind of behavior?
<WinstonSmith> are*
<Hopsa> Maybe /dev/initctl was hosed by something. Its what i can come up with atm.
<pmatulis> biodegabriel: use archive.ubuntu.com for now
<uvirtbot> New bug: #625651 in krb5 (main) "package libkadm5clnt6 1.7dfsg~beta3-1ubuntu0.6 failed to install/upgrade: " [Undecided,New] https://launchpad.net/bugs/625651
<pmatulis> WinstonSmith: did dmesg command show anything?
<biodegabriel> pmatulis: OK
<Hopsa> You can test that later by removing it and trying to reboot. Perhaps some other device file could also do it.
<biodegabriel> pmatulis: i had stopped using it cause it was taking hours to download packages....
<WinstonSmith> pmatulis, no thats what i found really odd. it gave the : the system will reboot now! msg and then nothing... fell into the black hole
<pmatulis> biodegabriel: pastebin your edited file
<pmatulis> WinstonSmith: odd, never seen that
<WinstonSmith> pmatulis, me nether in all my linux life
<biodegabriel> pmatulis: http://pastie.org/1121839
<WinstonSmith> pmatulis, i thought that it was related to the heavy load the machine had in the last weeks?
<pmatulis> biodegabriel: anything under /etc/apt/sources.list.d ?  if so, pastebin it's contents
<biodegabriel> pmatulis: http://pastie.org/1121843
<WinstonSmith> success : 04:45:36 up 9 min,  1 user,  load average: 0.00, 0.21, 0.19
<Hopsa> mknod -m 622 /var/new-dist/dev/console c 5 1
<Hopsa> mknod -m 666 /var/new-dist/dev/ptmx c 5 2
<Hopsa> chown root:tty /var/new-dist/dev/{console,ptmx,tty}
<WinstonSmith> thank you all for your time !
<pmatulis> biodegabriel: ok, now 'sudo apt-get clean'
<Hopsa> switch /var/new-dist for /dev/*
<biodegabriel> pmatulis: done
<pmatulis> now 'sudo apt-get update'
<Hopsa> Laters!
<biodegabriel> pmatulis: it fetched 24 packages
<WinstonSmith> Hopsa, wish u a good shut-eye & cya :D
<pmatulis> now 'sudo apt-get -f install'
<pmatulis> biodegabriel: ^^
<biodegabriel> pmatulis: "0 upgraded, 0 newly installed, 0 to remove and 37 not upgraded."
<pmatulis> biodegabriel: now 'sudo apt-get dist-upgrade'
<biodegabriel> pmatulis: working......
<biodegabriel> pmatulis: 37 upgraded
<pmatulis> biodegabriel: now 'sudo apt-get --reinstall install mailutils'
<biodegabriel> pmatulis: perfect! so changing my sources was messing everything up? is that what's called "thrashing"?
<pmatulis> biodegabriel: thrashing refers to trying anything in the hopes that it will work, going berzerk really
<biodegabriel> pmatulis: you haven't seen me thrash then... :D
<pmatulis> biodegabriel: so you're all set?
<biodegabriel> pmatulis: thanks for your help. i can keep on with my postfix setup now. what was i doing wrong, though, specifically?
<biodegabriel> wrong source?
<pmatulis> biodegabriel: i don't know  :)  maybe didn't update your package index?
<biodegabriel> pmatulis: you mean i needed to do "apt-get update"?
<pmatulis> biodegabriel: yes
<pmatulis> biodegabriel: but the other commands could have played a role too
<pmatulis> biodegabriel: (cleaning out your cache)
<pmatulis> biodegabriel: the general package upgrade
<pmatulis> biodegabriel: i don't see anything  :)
<biodegabriel> pmatulis: cool, thanks again. i nearly drowned there.
<pmatulis> biodegabriel: nice. keep on truckin' - and good night
<biodegabriel> pmatulis: night
<uvirtbot> New bug: #625656 in mysql-dfsg-5.1 (main) "package libmysqlclient16 (not installed) failed to install/upgrade: trying to overwrite '/usr/lib/libmysqlclient.so.16.0.0', which is also in package mysql-cluster-client-5.1 0:7.0.9-1ubuntu7" [Undecided,New] https://launchpad.net/bugs/625656
<Andre_Gondim> how may I change the hostname of my server?
<Andre_Gondim> hmm I used hostname command
<WinstonSmith> any experiences with upgrading 8.04 to 10.04 while SSH'ing into the box?
<WinstonSmith> because do-release-upgrade throws a big fat warning that it shouldnt be done over SSH but how do you do it if the box is offsite?
<strax> I got that warning, did it anyway
<strax> 9.10 to 10.04
<strax> worked fine
<WinstonSmith> strax, no problems at all? did you had to edit /boot/grub/menu.lst ?
<strax> No, but again I was just doing one release to the next, not lts to lts
<WinstonSmith> because the box is ~3000 km away a bit far to plug in a monitor and KB ;)
<strax> heh
<WinstonSmith> strax, ok thank you . i think i will ponder that for some more time
<WinstonSmith> you know never change a running system etc  heheh
<strax> Apparently a second ssh connection is opened up on another port, just in case
<strax> Although I don't see how that helps things
<WinstonSmith> yes it said so but still ... at https://help.ubuntu.com/community/LucidUpgrades it says that you may have to edit the menu.lst etc. that would not be a problem but still if it MAY not run smoothly im done for it
<strax> Is there a pressing reason to upgrade?
<WinstonSmith> sry was afk. more ore less ... just to have a homogeneous environment
<Jordan_U> WinstonSmith: Make sure you run it in screen, and be prepared to completely lose remote access to it if something goes wrong.
<WinstonSmith> and since the new LTS is out...
<WinstonSmith> Jordan_U, thanks for the tip will do !
<Jordan_U> WinstonSmith: You're welcome.
<WinstonSmith> Jordan_U, if i lose remote then does it reboot automatically at the end or do i gain remote again and reconnect to screen?
<Jordan_U> WinstonSmith: I don't think it will reboot automatically.
<arvind_khadri> Hi, I am unable to see the statistics of a windows client. I get a message telling that -l parameters are missing and also Socket connection is being timed out.
<dulmandakh> hello, I need help on virtualization+bridge
<dulmandakh> seems bridge setup working fine, because I can ping to the IP
<dulmandakh> it's static
<dulmandakh> libvirt bridge config is same as on official ubuntu documentation
<dulmandakh> seems working, thanks
<qiyong> how to upgrade from 10.04 to 10.04.1 ?
<alex88> morning..i've a updated ubuntu install, i have to let my friend download the updates from my pc instead of archived..cause we have atm slow internet.. apt-mirror when installed downloads the full repositories right?
<joschi> alex88: you're probably looking for something like apt-cacher or approx
<alex88> joschi: what about just copy /var/cache/apt/archived?
<alex88> *archives
<joschi> alex88: you could do that
<alex88> nice..i think is the faster way..then when synaptic tryies to update find there the packages..or i have to do some cache refresh or something similar to make it find those?
<uvirtbot> New bug: #625740 in quagga (main) "Sync quagga 0.99.17-1 (main) from Debian unstable (main)" [Wishlist,New] https://launchpad.net/bugs/625740
<Nafallo> mmmm quagga
<uvirtbot> New bug: #625798 in tickcount "Don't use int constants with a long data type." [Medium,Triaged] https://launchpad.net/bugs/625798
<uvirtbot> New bug: #624802 in authbind (main) "authbind port usage incorrect" [Undecided,New] https://launchpad.net/bugs/624802
<xmaxmex> fala marciopanto ;)
<uvirtbot> New bug: #625812 in quagga (main) "Install needs to turn off Reverse Path Filtering" [Undecided,New] https://launchpad.net/bugs/625812
<marciopanto> Hi Claudemir
<Fabricio-Magalha> hello word !!!
<RoyK> hi all. if I install a VM using virt-manager, the host is running Lucid and so is the guest - will this be setup using paravirt or hwvirt?
<Patrickdk> you can do either
<RoyK> Patrickdk: from virt-manager, how do I check if a VM is PV or not?
<Patrickdk> dunno, I never use virt-manager
<RoyK> ok, from the command line, then?
<Patrickdk> dunno I never use the command line
<Patrickdk> I only do xen and esx vm's
<Patrickdk> I assume your doing kvm based
<RoyK> it is
<RoyK> I gave up paravirtualizing ubuntu with xen
<Patrickdk> all of my linux xen's are paravirtual
<RoyK> Patrickdk: xen told me the .iso file didn't contain a known linux install - I asked around and couldn't find how to do things properly....
<Patrickdk> xen? iso files?
<Patrickdk> not sure how you did it
<RoyK> ubuntu-10.04 iso
<Patrickdk> but then again, I never installed a xen guest from an iso
<RoyK> never mind - kvm works well
<Patrickdk> just used deb builder
<RoyK> it's somehow quite understandable that ubuntu has and now redhat will move to kvm
<SpamapS> RoyK: I believe maverick will be much more friendly to xen btw.
<RoyK> SpamapS: doesn't really matter so long as kvm works well :)
<SpamapS> RoyK: right, I agree. I think though, there is some desire to make it work better w/ xen because of some EC2 stuff.
 * SpamapS realizes he has wandered into completely unfamiliar territory at this point.
<Patrickdk> yep
<RoyK> operating ubuntu is quite boring, really
<RoyK> there's lots of more action with certain other platforms
<JamesHarrison> Here's an interesting one: How the heck do I get the scst module into the kernel, preferably without doing the compile-from-source dance?
<RoyK> JamesHarrison: a kernel module must be compiled for a compatible kernel - if you, say, download a redhat kernel module, it will probably use symbols not in the ubuntu kernel
<JamesHarrison> RoyK: I found https://launchpad.net/~ast/+archive/scst which is a precompiled pae kernel with the scst module, which has worked a treat now I've actually booted into it. :)
<RoyK> https://wiki.ubuntu.com/scst
<RoyK> I guess you've been there already, though :)
<JamesHarrison> yeah, that too- the fact that you reboot and ofc it doesn't boot into the new kernel confused me :)
<JamesHarrison> Too used to gentoo, heh :)
<RoyK> running Lucid?
<RoyK> with grub2?
<JamesHarrison> Updated /etc/defaults/grub.conf to have the correct default, now works fine
<RoyK> grub2 is a PITA imho
<RoyK> k
<JamesHarrison> Beats grub1/lilo :D
<RoyK> grub1 works well
 * Patrickdk hasn't had any issues with grub2, on >20 systems
<RoyK> lilo is something that belongs in the ninetees
<RoyK> Patrickdk: well, it works, but I find the configuration easier in old grub1
<Patrickdk> ya, cause the old grub didn't do much, well actually didn't do anything :)
<Patrickdk> grub2 is a mini-os
<RoyK> perhaps I'm just being overly conservative here :)
 * RoyK wants to bomb Oracle
<RoyK> closing down opensolaris was evil
<bobnn> Hello.  I have a routing issue on server 8.04 - is this the right place?
<bobnn> The LARTC list seems to be gone :(
<arrrghhh> hey all.  not really an ubuntu question, more of  a networking question... netmasks confuse me, if i just want the netmask to include one ip, do i set the mask to 0?
<arrrghhh> so 192.168.0.5/0 would just include that one IP?
<shauno> I think /32 would
<arrrghhh> because that's how many bits are borrowed...?
<arrrghhh> netmasks confuse the hell out of me.
<shauno> I'm not sure /0 is a legal operand.  if you look at an IP as binary rather than decimal, you get something like 11111111.11111111.11111111.11111111   .. the /n tells you how many bits of that aren't allowed to change
<arrrghhh> oh i see
<arrrghhh> so /32 would say no bits can change basically.
<shauno> so /8 covers every IP under the first quad, /16 everything under the first and second, etc
<shauno> yeah.  /32 would allow no bits to vary from what you gave
<arrrghhh> i had that backwards then.
<arrrghhh> ok
<shauno> in theory; never tried it because that's a very odd use for netmasks :)
<arrrghhh> so 192.168.0.100-255... would /24 work for that...?
<arrrghhh> lol
<arrrghhh> i'm trying to do QoS on my dd-wrt router.
<shauno> /24 would give you 192.168.0.*
<arrrghhh> even if i specify the mask starting at 192.168.0.100?
<shauno> I believe so, because 24 (3*8) is the first three quads
<arrrghhh> hrm
<arrrghhh> i took a class that was supposed to teach me this stuff.  blargh.
<arrrghhh> it helped me with understanding how it pieces together at a high level, but building netmasks still confuses me.
<shauno> after that, every 1 you add halves the space, so /25 would give you xxx.xxx.xxx.0-127 and xxx.xxx.xxx.128-255
<arrrghhh> i see.
<shauno> /26 would be 0-65, 64-127, 128-19... something.  191?
<arrrghhh> perhaps i should change my dhcp range to match the netmask.
<shauno> netmasks make complete sense when you look at it as being 4 8bit binary numbers, rather than just 4 decimal numbers.  it's going between the two that confuses everyone :)
<arrrghhh> yes!
<arrrghhh> that's exactly the problem.  the conversion in my head gets lost somewhere.
<shauno> I dunno if it's just me, but taking the first 4 bits off 11111111 is much easier to picture, than taking the first 4 bits off 255
<shauno> but just halving the available addresses every time /n increments seems a pretty usable shortcut
<arrrghhh_> well hopefully my QoS works right now.
<arrrghhh> that's better.
<arrrghhh> sweet!  QoS appears to be working.  hopefully the router doesn't freak out again.
<arrrghhh> last time i set this up based on port numbers, and the router couldn't handle it.  kept resetting and freakin out, had to turn it off entirely.
<uvirtbot> New bug: #623798 in samba (main) "hook /usr/share/apport/package-hooks//source_samba.py crashed" [Undecided,New] https://launchpad.net/bugs/623798
<uvirtbot> New bug: #625214 in drbd8 (main) "package drbd8-source 2:8.3.7-1ubuntu2.1 failed to install/upgrade: drbd8 kernel module failed to build" [Undecided,New] https://launchpad.net/bugs/625214
<Psi-Jack> Hmmm. By chance there any pacemaker people here that might could help me?
<ruben23> hi guys are there programs can recover deletd files on ubuntu-server .?
<uvirtbot> New bug: #625953 in autofs5 (main) "autofs5 configuration files in wrong location" [Undecided,New] https://launchpad.net/bugs/625953
<IdleOne> !recover | ruben23
<ubottu> ruben23: Some tools to recover lost data are listed and explained at https://help.ubuntu.com/community/DataRecovery - Recovering deleted files on !ext3 filesystems can be virtually impossible, although methods that might work is some cases are described at at http://www.xs4all.nl/~carlo17/howto/undelete_ext3.html and http://projects.izzysoft.de/trac/ext3undel
<uvirtbot> New bug: #625955 in vsftpd (main) "vsftpd installation fails if there's a user name starting with "ftp"" [Undecided,New] https://launchpad.net/bugs/625955
<crunchbang> lkjkk
<dominicdinada> keep getting problems with apache2 and fqdn and i followed this https://help.ubuntu.com/community/ApacheMySQLPHP
<dominicdinada> Invalid command 'diab', perhaps misspelled or defined by a module not included in the server configuration                                                                         [fail]
<shauno> where does 'diab' appear in your config?  the term doesn't appear on that page
<shauno> ah, he's already left, nm
<jca1981> Please help me with system recovery, tried to upgrade to lucid via ssh and my connection died, now it wont boot. i can get in via install cd and run dpkg --configure -a but if fails with "could not find image (/boot/vmlinuz-2.6.32-24-server"
<cloakable> jca1981: apt-get -f install
<John> hello there.  I am looking for someone who can help me with mounting windows vista shares with cifs  (they are very slow for some reason)  I'm using jaunty server
#ubuntu-server 2010-08-29
<WinstonSmith> john have a look here : http://linux.byexamples.com/archives/101/mount-a-samba-point/
<John> WinstonSmith: well I should be more specific.  I have some experience with this.  I've been using this mount for a while now and it suddenly became ver very slow about 2 weeks ago
<John> this is the line in /etc/fstab for instance //192.168.1.107/demigod /mnt/demigod cifs auto,file_perm=0666,dir_perm=0777,uid=1000,gid=1000,username=John,password=********,iocharset=utf8 0 0
<John> woked fine for months
<WinstonSmith> john if you mount it via CLI for testing do you have the same behavior?
<WinstonSmith> or if you access the share with a windows client... just to see where the problem lies....
<John> hrmmm yes i think so.  let me double check.  I did try it with smbclient cli and had the saem speed problems.  let me mount it using those instructions and see what happens
<John> ok will try with a windows client as well.
<WinstonSmith> kk
<fundacion> hi
<fundacion> do sombody know a program to work php visual?
<John> WinstonSmith: still with me?
<WinstonSmith> john yep
<John> WinstonSmith: on a windows client through explorer, copy ran at 4+ MB/s (wireless)
<John> WinstonSmith: mounting with mout -t cifs, it runs at about 30 KB/s
<WinstonSmith> john ouch
<John> WinstonSmith: with cp from the ubuntu server box
<John> and like i sadi, everything worked fin until about 2-3 weeks ago
<WinstonSmith> john if you write on the share is it also slow?
<John> WinstonSmith: heh... i dont think I have any large files on the ubuntu box... let me hunt around
<WinstonSmith> kk
<John> WinstonSmith: um wow... no it was hella fast in fact
<John> WinstonSmith: i copied a 1.5 MB file in a blink
<John> WinstonSmith: will look for something bigger
<WinstonSmith> john after doing some google-fu i found a lot of people with this error - reading is slow but writing ok ill look further
<John> WinstonSmith: i've run into this before with OSX on one of my other machines, but I fixed that with... hrrrm I think I fixed it by changing some TCP wetting on the mac box
<John> WinstonSmith: setting*
<John> WinstonSmith: it was "sudo sysctl -w net.inet.tcp.delayed_ack=0"  had to do with some disagreement between windows and macs about how to do tcp
<WinstonSmith> john do you have the socket options  =  TCP_NODELAY  SO_RCVBUF=8192 SO_SNDBUF=8192 in your smb.conf?
<John> WinstonSmith: hah! that must be the linux way of doing that mac osx command. :-)  I will check
<WinstonSmith> john im not sure
<WinstonSmith> john just do a testparm and you will see right away
<John> ugh test parm is letting me know that it does not recognize a bunch of options.
<John> WinstonSmith: one more moment please
<John> WinstonSmith: it is there, but commented out
<WinstonSmith> john well you could give it a try
<John> WinstonSmith: will do.  right now in fact
<WinstonSmith> john do you have a GUI on your linux box?
<John> nope
<WinstonSmith> john you could also try to add rsize=4k to your mount options
<WinstonSmith> as suggested here : http://ubuntuforums.org/showthread.php?t=1213688
<WinstonSmith> look at post #5
<John> WinstonSmith: i will try that first... looks less intrusive :-)0
<WinstonSmith> john yes :P
<dominicdinada> ugh need help finding a host by name ?
<John> WinstonSmith: that made it slower by half :-(  now getting 15 KB/s
<WinstonSmith> john did you use rsize=4096,wsize=4096?
<John> WinstonSmith: yes
<WinstonSmith> john eg you could try 16384 to see what happens
<John> WinstonSmith: i was just thinking of doing that
<WinstonSmith> 16384 FTW !!!
<John> WinstonSmith: lol
<John> WinstonSmith: meh... 40ish KB/s  ima try editing smb.conf
<dominicdinada> WinstonSmith: hmmm still cant block 75.29.24.192 :O the eff is up with that
<WinstonSmith> dominicdinada, i think you got something wrong there ;)
<WinstonSmith> john, did you ask your question in #samba?
<dominicdinada> WinstonSmith: yeah but i am trying to figure out who it is.... I tracked it etc. but still no aval... i wondered if it is to the ubuntu servers ? or something
<John> WinstonSmith: thanks for all your help... i will try there next
<WinstonSmith> John you are welcome :)
<dominicdinada> WinstonSmith: maybe i need to rebuild my entire firewall blocking every single packet and connection then opening 1 by 1 because allows take presidance ? :/
<WinstonSmith> dominicdinada, your were not discussing your problem with me :O
<dominicdinada> that no matter what i block i am getting suspicious connections even when i set iptables to drop packets from specified ports
<dominicdinada> you know i thought it might be the core os communicating but googling the IP results almost no results.... so there is a flag. then when i whois the addy i get a hit for the provider but scanning and pinging the host fails
<dominicdinada> WinstonSmith: ^^
<EvilPhoenix> dominicdinada:  what ports are you getting these suspicious hits on?
<EvilPhoenix> and in or outbound
<dominicdinada> udp 1249
<dominicdinada> outbound
<dominicdinada> reguardless something should not be going external like that behind 2 firewalls and a router. maybe ISPs changed there policies that they are breaking into computers to check what is there lol
<EvilPhoenix> dominicdinada:  you could filter out all outbound traffic...
<EvilPhoenix> but i dont recommend it...
<EvilPhoenix> or
<EvilPhoenix> you could do...
<WinstonSmith> dominicdinada,  netstat -vaup | grep 1249 gives you what?
<EvilPhoenix> ehh let WinstonSmith help you
 * EvilPhoenix checks on that port number
<dominicdinada> WinstonSmith: since the machine in question was taking so many hits i shut it down. well not shut it down but pulled the hardline....
<WinstonSmith> dominicdinada, im a bit confused here... i mean outbound means you are sending those packets ... explain plz
<dominicdinada> WinstonSmith: The machine should not have any external connections let lone 10000 packets sending data outbound. Then I set the ruleset to block the IP via -j DROP I set it to Drop outbound udp and tcp and the connections still persist
<WinstonSmith> dominicdinada, yes but did you find out which process was actually sending those packets?
<dominicdinada> noticed total network performance drop recently and checked and that is an active connection sending outbound
<dominicdinada> WinstonSmith: ugh no i didnt maybe i will try once again
<WinstonSmith> dominicdinada,  netstat -vaup | grep 1249 gives you what?
<EvilPhoenix> i wonder what exactly you do on your server...
<EvilPhoenix> because if its shells or something... it might be a rouge user
<dominicdinada> EvilPhoenix: just a local development server i never have fileshared or anything alike. I really would like to block every single external connection except updates
<EvilPhoenix> heh
<dominicdinada> EvilPhoenix: i didnt see anything in the logs suggesting such let me go over to the machine and check brb
<EvilPhoenix> ehh
<WinstonSmith> dominicdinada, well then dont give it a gateway & dns and there you are
<EvilPhoenix> where'd i put my iptables manpages...
<EvilPhoenix> hmm
<EvilPhoenix> dominicdinada:  you could always block the port itself on outbound...
<dominicdinada> netstat -vaup | grep 1249 returned nothing
<EvilPhoenix> dominicdinada:  you could try adding two rules into OUTPUT...
<EvilPhoenix> like...
<dominicdinada> literally nothing just passed the command and returned to prompt no error
<WinstonSmith> dominicdinada, that is strange ... is it sending right now?
<EvilPhoenix> dominicdinada:  you could add these: iptables -A OUTPUT -p udp --dport 1249 -j DROP  and  iptables -A OUTPUT -p udp --dport 1249 -j DROP
<WinstonSmith> dominicdinada, you could do just the netstat -vaup and look by hand
<dominicdinada> as soon as i plugged it in the links went haywire
<EvilPhoenix> should drop any traffic on that port
<EvilPhoenix> er
<EvilPhoenix> not 2 dports
<EvilPhoenix> one of those should be sport
<WinstonSmith> dominicdinada, because if its a legitimate process sending on port 1249 udp it should show up. or you may have something really fishy going on there
<EvilPhoenix> mmm sounds fishy
<WinstonSmith> yes it does... not showing on netstat .....
 * WinstonSmith hears it hacking somewhere
<EvilPhoenix> could always just add port blocking rules
<dominicdinada> of course it is WinstonSmith
<EvilPhoenix> you could*
<dominicdinada> Netstat vaup only returned 3 entries... one of being 192.168.122.1 which is a bridge. also after blocking those ports now instead of 1249 the same ip is using 1279 and 1125
<EvilPhoenix> o.o
<EvilPhoenix> sounds like you have bad things
<WinstonSmith> dominicdinada, did u try something like this : sudo apt-get -y install chkrootkit
<dominicdinada> funny how iptables doesnt drop all packets
<dominicdinada> no i didnt lol why would i install a root kit
<EvilPhoenix> dominicdinada:  you'd need to do iptables -P OUTPUT DROP or whatever it is
<EvilPhoenix> dominicdinada:  someone could have hacked you and put it on there
<EvilPhoenix> s/it/one
<dominicdinada> since i specified to block everything from the dam IP
<WinstonSmith> dominicdinada, check for rootkits
<dominicdinada> search chroot ?
<dominicdinada> chrootkit ?
<EvilPhoenix> chkrootkit
<WinstonSmith> dominicdinada, its a script that checks for rootkits
<dominicdinada> ok
<dominicdinada> make sure i dont have it ?
<WinstonSmith> dominicdinada, yes
<WinstonSmith> dominicdinada, cause you seem to have a hidden process around there ergo rootkit
<dominicdinada> ok and to EvilPhoenix idea about removing the gateway ? hmmm that is an idea but i would rather block all packets except from local ips, etc
<EvilPhoenix> you mean outbound>
<EvilPhoenix> or inbound
<EvilPhoenix> because...
<EvilPhoenix> if you want outbound traffic to local net ips
<dominicdinada> Ugh brb phone i will check and report back
<EvilPhoenix> you can allow it to those destination local net ips
<EvilPhoenix> speaking of which
<EvilPhoenix> WinstonSmith:  you did me a favor and reminded me to run a routine check on my servers for rootkits x]
<WinstonSmith> dominicdinada, blocking traffic doesnt help if the box is still infected no? so you have to clean or reinstall it
<WinstonSmith> EvilPhoenix, hehehe
<EvilPhoenix> yay i'm clean!
 * EvilPhoenix kicks his ssh for failing though
<EvilPhoenix> bah
 * EvilPhoenix will return
<EvilPhoenix> okay restarting my internet helped x]
<WinstonSmith> dominicdinada, so will you try the sudo apt-get -y install chkrootkit ?
<dominicdinada> ok chkroot is not installed
<dominicdinada> now that ip is using another network addy instead of .192 it is trying to connect via port 4314 from .196
<dominicdinada> netstat -vaup | grep 4314 returns nothing and i pulled the plug
<dominicdinada> WinstonSmith:
<WinstonSmith> dominicdinada, obviously you have to install  chkrootkit and then run it
<dominicdinada> i asked if i should or should not have it you said not. I guess communication error about how i asked  and you answered
<WinstonSmith> dominicdinada, well sry i thought that was obvious since i gave you a apt-get install line
<dominicdinada> it scrolls to fast but it is picking up an xrl autoreg something or other and thats it :O
<dominicdinada> WinstonSmith: /usr/lib/pymodules/python2.6/.path /usr/lib/xulrunner-1.9.2.8/.autoreg
<dominicdinada> WinstonSmith: /usr/lib/pymodules/python2.6/.path /usr/lib/xulrunner-1.9.2.8/.autoreg
<WinstonSmith> dominicdinada, but did you get any positives?
<dominicdinada> WinstonSmith: yes what i posted showed positive as suspicious so i removed the package. now it is showing pymodules/.path as positive
<dominicdinada> so i nano'd all the contents out
<WinstonSmith> well sledgehammer
<dominicdinada> sledgehammer ?
<WinstonSmith> zeroing out i mean
<WinstonSmith> maybe its a false positive
<dominicdinada> WinstonSmith: true.
<RoyK^> does fsck check the contents of the filesystem  or just its metadata?
<WinstonSmith> RoyK, explain plz
<Hopsa> RoyK: Filesystem checks does as many checks as they possibly can unless the user wants it to go --faster or so and then it skips some tests.
<Hopsa> Most do header or db checks againt the files present on the media.
<Jordan_U> RoyK: Just the metadata, most filesystems don't store checksums of the data and without those you can't confirm the integrity of the data.
<Dusty> Hey all! Quick question!
<Dusty> If.. Anyone has a moment?
<Dusty> Hmm ,well simply.. If your hardware does not support hardware virtualization.. Does that mean you can't use virtual machines? That might sound like a dumb question but none of the guides clarify yes or no really..
<Dusty> "kvm-ok" A message will be printed informing you if your CPU does or does not support hardware virtualization. - On most computer whose processor supports virtualization, it is necessary to activate an option in the BIOS to enable it.  - ...
<pwnguin> # set PATH so it includes user's private bin if it exists
<pwnguin> if [ -d ~/bin ] ; then
<pwnguin>     PATH=~/bin:"${PATH}"
<pwnguin> fi
<lifeless> Dusty: qemu can run non hardware virtualised vms
<lifeless> but its a lot slower
<pwnguin> i have a ~/bin, and yet PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games
<pwnguin> hmm
<pwnguin> i guess gnome / X fixes PATH for me helpfully
<lifeless> no
<lifeless> it will be rc vs profile, I suspectr
<pwnguin> it is
<pwnguin> but im wondering
<Dusty> That's cool. Thanks lifeless.
<Dusty> >.< Not seeing many guides for 10.09 server however. most are for 9.10
<pwnguin> 10.09?
<pwnguin> why is there supposed to be a 10.09?
<Dusty> Sorry, 10.04
<Dusty> Been a long day.
<pwnguin> lifeless: i'm trying to figure out the difference between a login shell and every other one, and my best guess right now is that login(1) has to call bash, and that gdm/X doesn't do that
<pwnguin> which raises a small annoyance
<pwnguin> the above excerpt comes from .bash_profile
<pwnguin> so that it only runs and tacks onto PATH once
<pwnguin> anyways, this is server unrelated now, since it involves desktops
<gasbakid> what is the entry password for the root
<gasbakid> ???
<Patrickdk> none :)
<Patrickdk> unless you set one
<Patrickdk> you can't login as root, ever
<gasbakid> so how could i do for accessing
<gasbakid> ???
<Patrickdk> sudo
<gasbakid> nn the first time
<uvirtbot> New bug: #626317 in mysql-dfsg-5.1 (main) "package libmysqlclient16 (not installed) failed to install/upgrade: trying to overwrite '/usr/lib/libmysqlclient.so.16.0.0', which is also in package mysql-cluster-client-5.1 0:7.0.9-1ubuntu7" [Undecided,New] https://launchpad.net/bugs/626317
<uvirtbot> New bug: #626334 in php5 (main) "package php5-cli 5.3.2-1ubuntu4.2 failed to install/upgrade: beroendeproblem - lÃ¤mnar okonfigurerad" [Undecided,New] https://launchpad.net/bugs/626334
<Thorn> hello
<reisi> is there a common way to use a "normal" smtp account for all administration (mdadm, cron, smartd, etc.) mails generated by a server installation?
<reisi> normal as in username/login and single From: address
<Thorn> any guides/tips on installing ubuntu server as a kvm host? I'd like as minimal install as possible
<Patrickdk> thorn, I like to do pxe/net installs, they are pretty basic
<Thorn> well I did manage to find a 7 year old blank cd and burn the iso to it :)
<Thorn> do I need X in the host for example?
<pmatulis> Thorn: no
<dev001> I'm migrating a bunch of Xen DomUs to 10.04.1 LTS Server.  I've easily found & DL'd the .iso.  Where online can I find downloadable vmlinuz/initrd for DomU booting?  Iiuc, Ubuntu has pvops-enabled kernels, so I don't need xen-specific imgs -- just the 'normal' kernel/initrd will do.
<WinstonSmith> hi all :) what command do i use to tell a certain service to start at boot ? thx
<RoyK> if the service is using upstart, "start service" wiill do
<WinstonSmith> RoyK, i know but at boot?
<RoyK> if not,  use the script in /etc/init.d
<RoyK> make a symlink in /etc/rc2.d to the script
<RoyK> cd /etc/rc2.d; ln -s ../init.d/somescript S99somescript
<WinstonSmith> RoyK, cause i just upgraded from 8.04 to 10.04 and now a lot of servies just wont start at boot anymore eg apache & webmin
<WinstonSmith> RoyK, but  i have the S99apache2 in rc.2 :(
<RoyK> WinstonSmith: do you have their init scripts woring?
<WinstonSmith> ?
<WinstonSmith> RoyK, plz explain?
<RoyK> does it work to start them with their init scripts?
<RoyK> /etc/init.d/apache2 start
<WinstonSmith> RoyK, yes sure .... the services are ok eg if i service start webmin it comes up but not at boot anymore
<guntbert> WinstonSmith: you do know that webmin is not supported on ubuntu?
<RoyK> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<WinstonSmith> RoyK, its really weird ... the link in rc.2 points to the right file too
<guntbert> although ebox is in no way a replacement ....
<WinstonSmith> royk thx for the info but thats another issue... what about all the other services i have not booting?
<WinstonSmith> guntbert, and i have a vbox control made in webmin which i would be missing VERY much :(
<guntbert> WinstonSmith: I know those feelings - just a word of warning - webmin *can* break your system
<WinstonSmith> guntbert, i will disable it sniff ... but any idea why the apache for example doesnt start if i ls the link in rc2.d it gives S99apache2 -> /etc/init.d/apache2 which is right no?
<george_> I need to somehow connect users form google apps standard edition to the unix users system ? any ideas ?
<guntbert> WinstonSmith: sorry, I sort of lost track of the numerous ways how to start different services (upstart vs runlevels vs ??)
<WinstonSmith> guntbert, saved myself ==> update-rc.d -f apache2 remove && update-rc.d apache2 defaults did the trick
<WinstonSmith> guntbert, ths for your help anyway have a nice day :D
<WinstonSmith> RoyK, thx too :)
<guntbert> WinstonSmith: I didn't really give any help, but thx for reporting back  - I'll try to remember  :-)
<uvirtbot> New bug: #626416 in openbsd-inetd (main) "package openbsd-inetd 0.20080125-4ubuntu2 failed to install/upgrade: sub-processo novo script pre-installation retornou estado de saÃ­da de erro 2" [Undecided,New] https://launchpad.net/bugs/626416
<Mp3> hi guys and gals
<Mp3> im having some issues with a new server install and i cant find any helpful things on the forums... so i figured i might be able to ask here
<Mp3> for some reason, i can access my server over the LAN just fine, and DNS works great.. but it apparently cant connect to anything outside of the lan.
<Mp3> it was working fine just after install, and after i setup my wireless card with ndiswrapper, i get to it this morning and nothing as far as internet works.
<Mp3> any ideas?
<Thorn> Mp3: ping, tcpdump, tracepath, dmesg, ip route. find where the packets die and why
<Mp3> ping gets no replies back, (resolves the host just fine as stated) just tried tracepath (was trying to install traceroute heh) and it gets to my router, twice... and then no reply
<Mp3> everything looks fine in ip route
<Crankygeek> I have just done a fresh install of egroupware 1.6. I have Apache2 installed, and I am using Postgresql for my database. I have completed all the configurations and built the database. All checks are passing....But I am getting an error when I try and load the site..."Fatal Error: It appears that you have not created the database tables for eGroupWare.  Click here to run setup." I have searched high and low for a resolution w
<Crankygeek> ith no luck.....I am hoping someone here can help.
<Crankygeek> I have just done a fresh install of egroupware 1.6. I have Apache2 installed, and I am using Postgresql for my database. I have completed all the configurations and built the database. All checks are passing....But I am getting an error when I try and load the site..."Fatal Error: It appears that you have not created the database tables for eGroupWare.  Click here to run setup." I have searched high and low for a resolution,
<Crankygeek> I am hoping someone here can help?
<Crankygeek> I have just done a fresh install of egroupware 1.6. I have Apache2 installed, and I am using Postgresql for my database. I have completed all the configurations and built the database. All checks are passing....But I am getting an error when I try and load the site..."Fatal Error: It appears that you have not created the database tables for eGroupWare.  Click here to run setup." I have searched high and low for a resolution,
<Crankygeek> I am hoping someone can help
<kklimonda> !weekend | Crankygeek
<ubottu> Crankygeek: It's a weekend. Often on weekends the paid developers and a lot of the community may not be around to answer your question. Please be patient, wait longer than you normally would or try again during the working week.
<stlsaint> kklimonda: that doesnt make sense really when there are 268 nicks in the room...
<kklimonda> stlsaint: why? most people just never turn off their irc client
<stlsaint> kklimonda: meh, idling doesnt make sense to me regardless
<stlsaint> if your not at your system why just waste resources?
<kklimonda> stlsaint: to make it possible for others to ping you and keep a scrollback of all channels you are on.
<kklimonda> it
<kklimonda> it's usefel to be able to take a look back at what the discussion is about before you join it ;)
<stlsaint> kklimonda: but if you are not at your machine how is it possible for someone to ping you and get a response?
<kklimonda> stlsaint: you'll be able to get back to him once you read it
<stlsaint> kklimonda: yea that makes sense, but then again thats where there is the /memo function
<kklimonda> stlsaint: no one uses it
<stlsaint> kklimonda: haha, well thats a whole different issue
<stlsaint> kklimonda: im also wondering about the ubuntu-server wiki not being touched since last year
<stlsaint> kklimonda: and how the mentoring process doesnt actually work (or it seems it doesnt)
<kklimonda> mentoring process?
<stlsaint> kklimonda: https://wiki.ubuntu.com/ServerTeam/Mentoring
<stlsaint> kklimonda: ^^ untouched since 2008
<kklimonda> well, we obviously could use a spare hand to update it ;)
<stlsaint> kklimonda: undertandable but its not seeming like a updated process to get involved with the team...
<stlsaint> kklimonda: this is my third go-round at joining the team...i finally just went ahead and tried joining lp team
<Crankygeek> I have just done a fresh install of egroupware 1.6. I have Apache2 installed, and I am using Postgresql for my database. I have completed all the configurations and built the database. All checks are passing....But I am getting an error when I try and load the site..."Fatal Error: It appears that you have not created the database tables for eGroupWare.  Click here to run setup." I have searched high and low for a resolution w
<Crankygeek> ith no luck.....I am hoping someone here can help.
#ubuntu-server 2011-08-22
<hatch> Hey I just installed 10.04 and lamp-server and I can't seam to get apache2 to read htaccess files
<hatch> are there any tricks to it with ubuntu?
<hatch> https://gist.github.com/8137c4e180a9a78fc201  here is my httpd.conf I had to load the mod_rewrite module but it said it was already loaded
<lenios> hatch, can you paste your /etc/apache2/sites-available/default ?
<hatch> lenios: actually in the time since my last post I came across a blog comment which mentioned that file and found that it was setting AllowOverwrite to None :)
<hatch> thanks for getting back to me though
<eross> i installed ubuntu server 64 bit on virtual box, the dhcp works but when I set up as static, I can't ping my router or the internet in /etc/network/interfaces
<lenios> eross, paste your interfaces file and result of ifconfig -a
<eross> ok
<eross> lenios - http://pastebin.mozilla.org/1307719
<eross> my router shows a Primary and Secondary DNS: but don't know if I need those, also shows internet WAN ip's and subnet masks as well as the gateway IP and subnet mask.. plus a dnx proxy ip address
<lenios> paste the result of netstat -nr, and if possible, result of ifconfig -a when dhcp is set
<lenios> you don't need dns servers or wan ip to ping your router
<eross> lenios - http://pastebin.mozilla.org/1307742
<lenios> that's a 10.0.2.x network, why did you have 192.168.x.x the last time?
<eross> err gateway is 192.168.1.1
<jmarsden> eross: Is the networking for the VirtualBox VM set to Bridged -- if so all should uyse same IP subnet as your real physical machine...
<jmarsden> If it is set to NAT, it will use a separate "virtual network"...
<jmarsden> I think the 10.0.2.x stuff is the "virtual network" approach.
<jmarsden> Either way can be made to work, but mixing the two up will fail.
<eross> address should be 10.0.2.x but gw should be 192.168.. ?
<jmarsden> Negative
<jmarsden> Gateway must always be on the local subnet, by definition of how IPv4 works
<jmarsden> Answer the question: did you set the networking for the VM to Bridged, NAT, or something else?
<eross> didnt set networking for vm as anything, is default setting.. will see if i can find it
<lenios> default is nat
<jmarsden> If you are running a server and want access to it from other machines, setting to bridged makes a lot more sense, IMO.
<eross> correct, nat
<jmarsden> eross: OK, and is NAT what you want for this VM?
<eross> eh just want a place i can upload pics if i'm away, maybe remote login, serve music or do some coding..
<jmarsden> (1) learn virtualbox before using it.  (2) If you need remote access to a VM, set it to bridged.
<eross> then what's my router gateway if i'm 10.0.. ? i can ping to 192.168
<eross> or you saying bridged will solve that
<jmarsden> If you set it to bridged to eth0 (assuming the real network is on eth0 of the physical host), your Vm will be in the same subnet as the real LAN.
<eross> ok
<jmarsden> Bridged makes ONE subnet that both real and virtual machines are on.
<eross> does that defeat a security feature of the vm
<jmarsden> If you "secure" that VM that way, you will not be able to remote login into it, which is one of your stated goals... you decide :)
<jmarsden> Configured your network for what you want it to do.
<eross> is a subnet is an intranet IP?
<jmarsden> No.  sounds like you need to spend a little time learning networking terms and what they mean?
<eross> true
<jmarsden> Did you set the VM to bridged and restart the VM ?
<eross> no but i'll try that now
<jmarsden> It's ten years old, but you might want to read http://www.netfilter.org/documentation/HOWTO/networking-concepts-HOWTO.html for some basics on networking.
<jmarsden> Chapter 12 of http://en.tldp.org/HOWTO/Unix-and-Internet-Fundamentals-HOWTO/ might also help.
<eross> it's working jmarsden, thank you
<jmarsden> You're welcome.
<eross> bookmarking both sites
<twb> Yay for sudo's insults mode
<ubunteo> http://pastebin.ubuntu.com/672101/
<qman__> ls /dev/disk/by-id
<qman__> or ls /dev/disk/by-path
<qman__> or dmesg shortly after inserting
<ubunteo> qman__: how by id?
<qman__> it shows all present disks with meaningful names
<qman__> sorry, ls -l
<qman__> that will show where each file points
<ubunteo> qman__: ls -l shows long output . not shown what I want
<qman__> yes, it does
<qman__> ls -l /dev/disk/by-id
<qman__> shows results like:
<qman__> lrwxrwxrwx 1 root root  9 2011-07-25 18:39 scsi-SATA_ST3250823AS_5ND0FZ5D -> ../../sdb
<qman__> in my case, the drive with that name and serial number is sdb
<qman__> this should give meaningful output about your drive
<ubunteo> thanks
<ubunteo> I got http://pastebin.ubuntu.com/672112/
<ubunteo> why two ? what is the difference ?
<qman__> the first, sdb, is the block device for the whole drive
<qman__> the second, sdb1, is the only partition on it
<ubunteo> qman__: thanks alot man, I owe you dinner or lunch or breakfast . That is what I am long waiting to know.
<ubunteo> which command sets do we use to unzip or extract folder.zip file ?
<qman__> unzip
<qman__> not included by default, must be installed
<ubunteo> how to delete all lines in nano?
<twb> Hold down ^K
<twb> Or quit it and do sed -i 1,\$d foo.txt
<twb> Or since you're deleting ALL lines, just :> foo.txt
<twb> Or install vi or Emacs
<ubunteo> hi all , I am trying to run http://www.phpwares.com/content/php-inventory on ubuntu LAMP server. I still can't get log in page
<ubunteo> I am trying to run PHP Inventory application on my ubuntu LAMP server. but still fail
<ubunteo> I am trying to run PHP Inventory application on my ubuntu LAMP server. but still fail
<KM0201> or... save the file as another name(sudo mv /etc/samba/smb.conf /etc/samba/smb.conf.template
<KM0201> then sudo touch smb.conf
<KM0201> (this is of course, assuming we're talking about smb.conf)
<KM0201> that way, you have a copy of the original, if you really brick something
<twb> KM0201: if you want to get fancy re backup, I recommend VERSION_CONTROL=t cp -bf foo foo
<KM0201> twb: lol, i wasn't trying to be that fancy... :)
<twb> For that matter, export VERSION_CONTROL=t in your login script is a good thing
<twb> It means that every GNU coreutils command like mv and cp will create numbered backups instead of a single backup
<KM0201> just stating (however you do it).. saving the original is a good idea.
<twb> KM0201: also etckeeper ftw
<KM0201> never heard of etckeeper
<qman__> I haven't had to restore with it yet
<qman__> but I used it to save configuration on a couple systems I set up for a guy who likes to break things
<twb> KM0201: now you know
<KM0201> twb: yeah, was just looking at it
<KM0201> interesting tool
<twb> qman__: it's there for "git blame" more than disaster recovery
<twb> qman__: like, after something breaks, it makes it much easier to ask "what changed"
<qman__> yeah
<qman__> I used it because I figured he isn't smart enough to know of its existence, much less break it
<qman__> one of those people that got their position because they know someone, completely incompetent
<kirkland> RoAkSoAx: ping, re: powernap ppa builds
<kirkland> RoAkSoAx: looks like all of the builds older than natty have been failing for a bit: https://launchpad.net/~powernap/+archive/ppa/+packages
<kirkland> RoAkSoAx: looks like the problem is Build-Depends: debhelper (>= 7.0.50~), gettext-base, python (>= 2.6.6-3~)
<kirkland> RoAkSoAx: i see you made that commit
<kirkland> RoAkSoAx: could you have a look at it?
<Daviey> How is everyone this glourious day?
<twb> Daviey: go to hell
<Daviey> twb: Happy Monday?
<twb> Your mom is a monday
 * Myrtti takes away twb's grumblecookies
<Myrtti> no more cookies for you!
<Daviey> twb: heh, i imagine the weekend had some outage, meaning your Monday has been firefighting?
<Myrtti> you can have cake instead
<Myrtti> :->
<twb> Oh, sorry, I thought this was #emacs, where I'm allowed to be a bastard
<twb> (Because I'm tenured)
<Daviey> Is it wrong of me to think differently of people based on their text editor choices?
<Myrtti> yes
<twb> Nah, vi users are always bigots ;P
<Myrtti> Daviey: because you know you love me, and I use pink_bliss.el :->
<Daviey> I actually get confused when i'm using real vi.
<Daviey> twb: Long Live Nano!
<twb> I have lots of users whine at me because I give them vim-tiny only
<twb> One actually whinged because he had to type "vi" instead of "vim"
<Myrtti> jed â¥
<Daviey> Myrtti: I just had to look up pink_bliss.. MY EYES
<nigelb> Daviey: Good Morning!
<Myrtti> Daviey: it fits me :->
<twb> Incidentally, http://darcs.debian.org/collab-maint/mg <-- mine
<Daviey> twb: So you are a BOFH?
<twb> Myrtti: is every single object in your bedroom frilled or laced?
<twb> Daviey: damn skippy
<nigelb> Myrtti: Dear god. Is that LISP?
<twb> nigelb: Emacs is no longer written in TECO
<Daviey> hola nigelb
<twb> And if you think perl is line noise, you haven't seen teco programs
<Myrtti> twb: no... I hate lace and frills
<nigelb> oh, lol. pink bliss uses django pony!?!?! <3
<Myrtti> twb: I go overboard with two things, my DE and shoes
<Myrtti> nigelb: found my screenshots?
<nigelb> Daviey: How's your Monday? :)
<Myrtti> :-D
<nigelb> Myrtti: Yeah. Also E_TOO_MUCH_PINK
 * twb eyes Myrtti suspiciously
<twb> You sound like one of those mythical wo-mans
<Myrtti> IPU
<Myrtti> Invisible Pink Unicorn
<twb> Ha
<nigelb> hehe
<someuser> anyone familiar with DNS interrested to help me to setup my first DNS? already installed with defaults and all I want to do is create an allias named "ntinstall"
<someuser> ubuntu server 11.04
<twb> someuser: caching recursive resolver, or serving your own zonefile?
<someuser> don't know that much. this is server used in local network, nothing fancy. how can I determine this?
<someuser> is it possible to add an entry into db.local for this? all I want is that particular software finds this server under name "ntinstall", and it says i should accomplish this by extending my DNS setup with an alias
<someuser> i can pastebin content of particular files, like named.conf.local or something
<twb> someuser: OK, do you own a domain name?
<someuser> no, but school does (this is server located in school). its "os-kastanjer-pu.skole.hr/"
<twb> It sounds like you want a recursive resolver.
<twb> Unless you own a domain and want to tell the world about it, you don't need a zone server.
<twb> Ubuntu documentation explains how to use named, which is a stupid old tool that mixes up both jobs into one daemon.
<_ruben> a software looking for a (non-configurable?) single-label dns name seems kinda broken to me
<twb> Personally I prefer dnsmasq for the former, and nsd3 for the latter.
<twb> Ah, I missed "all I want"
<twb> Do you need ntinstall to resolve on lots of hosts, or just one or two?
<Daviey> ScottK: Would you be able to give the clamav incoming bugs a sniff please?
<someuser> one server, 30+ winxp clients
<twb> Ah.
<twb> In that case I would recommend dnsmasq
<someuser> i want to automate client installation with unattended, but it requires DNS name "ntinstall"
<twb> It also provides DHCP (and TFTP), so you don't need to set them up separately.
<Daviey> ScottK: bug 829945 & bug 829944 give a vibe of concern.
<uvirtbot`> Launchpad bug 829945 in clamav "purging all clamav packages doesn't remove /var/run/clamav directory" [Undecided,New] https://launchpad.net/bugs/829945
<uvirtbot`> Launchpad bug 829944 in clamav "stopping freshclam doesn't remove pidfile" [Undecided,New] https://launchpad.net/bugs/829944
<twb> And indeed, it is ideal for netinstalls and netboots.
<Daviey> twb: dnsmasq tries to do toooo much IMO.
<twb> Daviey: in that case, unbound
<_ruben> someuser: tho first step would be to find out how your current dns is being handled
<Daviey> twb: Although hpa-tftpd has never really been my best friend.
<twb> dnsmasq's TFTP is well-suited to just serving pxelinux.0 and friends, IMO.
<someuser> _ruben: i don't think it does anything now, just a default installation
<twb> I remember discovering one of our sites running hpa tftp (or possibly the other one), and allowing write access from *
<Daviey> twb: Although, the fact there isn't a well supported dynamic (cgi style) tftpd kinda sucks.
<twb> dynamic can blow me
<twb> I'm not happy about it in HTTP either
<Daviey> I was quite blown away aswell, when i discovered cobbler has one.
<_ruben> someuser: i meant in your network, which server/device/appliance/whatever is currently used as dns server?
<twb> I'll stick to simple, intelligble, static systems, kthx
<someuser> this is school network which is part of national school network, but it is isolated (we have our own IP range). recently, we got one server machine so we can automate lots of stuff
<someuser> i installed ubuntu server 11.04 on this machine, everything installed by default, incl. DNS. i only made some modifications on SAMBA until now, since all our clients are still on windows xp
<SysTom> anyone recommend a syslog server for ubuntu-server, pref with a web gui?
<someuser> installing all these clients manually is a nightmare, so i want to automate this step using "unattended", but it requires modifications on DNS while the machine must be recognized as "ntinstall" and the manual says i can accomplish this by creating alias.
<uvirtbot`> New bug: #634980 in cloud-init (main) "openjdk install problem on Lucid t1.micro instance (dup-of: 634487)" [Undecided,Confirmed] https://launchpad.net/bugs/634980
<someuser> _ruben: as I understood, all I need is an alias on localhost? i want to reach this machine from home, but at some point later, not important ATM
<someuser> now I need that one software can recognize server under name "ntinstall" using DNS
<someuser> twb: should i uninstall dns bind9 before using dnsmasq? reading about dnsmasq looks like this is what i'm looking for
<_ruben> someuser: is this a new network or existing ?
<someuser> existing
<Daviey> someuser: yes
<_ruben> then something is quite likely already providing dns in your network
<Daviey> zul: Are you seeing, Bus 'pci.0' not found with the pandaboard?
<someuser> _ruben: i think dnsmasq is what I need. what I want is local DNS, at some point later reachable from outside world
<zul> Daviey: yeah under libvirt
<Daviey> zul: Yeah, so i think it's just a non-standard namespace thing.
<Daviey> zul: https://bugzilla.redhat.com/show_bug.cgi?id=667345
<uvirtbot`> bugzilla.redhat.com bug 667345 in libvirt "Cannot add/start a PPC virtual machine (Bus 'pci.0' not found)" [High,New]
<Daviey> zul: pci.0 vs pci
<someuser> _ruben: it should just serve machine names inside local network
<zul> i just disablled pciaccesss for libvirt when starting it on an pandaboard
<Daviey> zul: We might want to investigate that bug, if we can 'fix' it, we are GOLD.
<zul> Daviey: agreed...i guess that would be a job for robbie jr
<lynxman> Daviey: howdy o/ hope you had a good weekend
<lynxman> zul: robbie jr?
<zul> lynxman: new guy we hired also called robbie
<lynxman> zul: aah, cool
<lynxman> zul: if he's half as tall as robbiew he'll be tall :)
<zul> lynxman: heh
<lynxman> utlemming: ping
<Daviey> zul: junior! :)
<Daviey> lynxman: pretty dandy!
<lynxman> Daviey: good to hear! :)
<ScottK> Daviey: Those bugs are things we need to fix, but they aren't new problems, so it's good they were identified.
<ScottK> I wouldn't get too excited though.
<Daviey> ScottK: Ah, ok - i was sorta worried they were new issues.  mention of /var/run made me wonder if it was fallout of the /run transition.
<ScottK> Nope.  Should be fine.
<Daviey> groovy.
<_ruben> hrm, wonder which versions of heartbeat still support the v1 config style .. guess that'd be heartbeat 2.x.y and thus hardy would be the choice of ubuntu version
<uvirtbot`> New bug: #829221 in samba (main) "lightdm crashed with SIGSEGV in initialize_password_db()" [Undecided,Confirmed] https://launchpad.net/bugs/829221
<soren> _ruben: The style of a configuration file dictates your choice Ubuntu version? Really?
<_ruben> soren: it's a temporary drop-in replacement i'm looking for ;)
<soren> _ruben: mkay :)
<hallyn> (someone here pinged me last night, but i can't seem to find the ping in my scrollback;  pls yell again if you pinged me)
<_ruben> probably: 00:37 < Daviey> hallyn: around?
<_ruben> ~15 hrs ago
<hallyn> _ruben: thanks :)
<hallyn> Daviey: I was internet-free.  internet-liberated.
<lynxman> hallyn: did it feel good?
<hallyn> lynxman: terrific
<hallyn> it gave me time to reflect on the mid-90s internet :)
<_ruben> heh
<lynxman> hallyn: living dangerously... at 300bps
<hallyn> yup, acoustically coupled, on my vt101.
<hallyn> stop it, i'm getting ferklempt
<Daviey> hallyn: Was it me?
<_ruben> oh nice, /lastlog -clear .. for when you forget to use -count <somenumber> ;)
<hallyn> Daviey: yup
<hallyn> Daviey: what's up?
<Daviey> aww, crap - i have NFI what it was.
<_ruben> hah
<Daviey> hallyn: I think there was an issue with one of the qemu packages that doesn't work anymore as it's missing the firmware.
<hallyn> Daviey: phew, that gives me time to keep looking at smoser's lxc problem
<hallyn> hm, in 0.15.0?
<hallyn> i'm using it (and the new libvirt) on my laptop, ahven't run into that
<smoser> hallyn, i have to patch-pilot today, would it work better for you to look at my lxc issue now or in 4 hours?
<hallyn> smoser: today is my only day in this week, and i'm not feeling optimistic about it,
<hallyn> so i'm just following your recipe trying to reproduce.  may as well do that while you're piloting
<hallyn> (i did it friday too, but then the stack instance just stopped responding.  poc)
<smoser> stack instance?
<hallyn> that i was using as host
<hallyn> as in openstack
<Andy80> hi :)
<Daviey> hallyn: Hmm.. I installed a fresh oneiric machine.. installed one of the qemu packages.. i think qemu-system, and it turns out it needs to depend on ipxe for the firmware
<Daviey> I think i need to reproduce it.
<smoser> hallyn, ok. i'll let you look at it.
<smoser> please ping me if you have any questions
<hallyn> smoser: will do, thx
<smoser> i can set up an instenace for you if you'd like
<smoser> s/instance/host+instance/
<hallyn> Daviey: ?  seabios should work if yo'ure not doing pxe
<hallyn> Daviey: oh, if you were doing pxe, then remember you need my updated ipxe to rename the roms :)
<hallyn> Daviey: should be in ppa:serge-hallyn/virt
<Daviey> hallyn: I think it might have been missing nic firmware.  I really need to reproduce to be more accurate.
<Daviey> hallyn: Isn't your updated ipxe in the archive?
<Daviey> utlemming: Can you give me a shout when you are alive, please?
<hallyn> Daviey: oh, you were using qemu 0.14.1 from the archive, not the 0.15.0 candidate?
<Daviey> hallyn: I was using archive only contents.
<Daviey> I need to smoke the 0.15 magic.
<hallyn> Daviey: drat
<hallyn> smoser: (reproduced, but i'll refrain from bugging you until you're done piloting)
<smoser> hallyn, and you also reproduce that rsync -axHAS /orig/path /new/path results in a working lxc root at /new/path ?
<smoser> because that is what made me think i was insane
<utlemming> daviey: alive
<Daviey> hallyn: you might notice that i did sponsor your ipxe change, but i folded ubuntu1+ubuntu2 into just ubuntu1, hope that was ok?
<hallyn> smoser: the problem I see stems from 'bad' xml
<Daviey> utlemming: Good morning sir!
<hallyn> smoser: libvirt on mine is complaining about
<Daviey> utlemming: Are you able to look at the armel cloud image build failure?
<hallyn>     <type arch='x86_64'>exe</type>
<Daviey> utlemming: Also, whilst poking the code, can you make the fs of type ext3?
<hallyn> the arch definition in there.
<hallyn> Daviey: wait, that migiht be your problem then
<hallyn> Daviey: ubuntu2 was for 0.15.0
<hallyn> i think
 * hallyn check
<utlemming> hallyn: I'll look at the x86_64 bit there
<Daviey> hallyn: Hmm, after installing ipxe life was good.
<utlemming> Daviey: EXT3, no problem
<utlemming> Daviey: did you see the grub-ipxe patch yet?
<hallyn> Daviey: ok, then i'll be quiet
<soren> Daviey: The kvm package hasn't included PXE firmware for years.
<soren> Daviey: You've needed to install an extra package to get those. It used to be etherboot-kvm, I think.
<Daviey> hallyn: It complained about missing pxe-rtl8139.rom, which isn't etirely unknown to users.
<Daviey> ie, http://www.moe.co.uk/2011/01/07/pci_add_option_rom-failed-to-find-romfile-pxe-rtl8139-bin/
<Daviey> (installing ipxe resolved it)
<soren> Ah, right "kvm-pxe" was it.
<Daviey> utlemming: I did see it, and it looked nice and clean.. I need to try it, and wanted Colin's second opinion tbh.
<hallyn> Daviey: ok, yes we definately want kvm to depend on ipxe.
<soren> erm.
<Daviey> soren: Yeah!  But it needs to be a depends if it's failing to work :)
<hallyn> (and there's an open bug for it)
<Daviey> FWIW, it wasn't kvm, i'm certain of.
<soren> Daviey: Not really.
<soren> Daviey: PXE booting fails, yes.
<utlemming> Daviey: I need to beat up the arm guys about a sane naming convention for the arm kernels
<soren> This was entirely intentional.
<utlemming> that's whats killing the build
<soren> etherboot (and I presume ipxe is the same) contains a bunch of drivers for a bunch of network cards. Drivers that are different from what's in the kernel. That's a support nightmare, so we didn't want to drag that stuff into main.
<soren> Hence, the kvm-pxe package.
<soren> ...which is in universe.
<Daviey> soren: ipxe is now in main
<soren> Oh.
<soren> Shite.
<soren> Pardon my French.
<soren> Have fun with that :)
<Daviey> soren: I have more confidence in ipxe than i did with etherboot.
<soren> ABsolutely.
<soren> That's not saying a lot, though.
<soren> meh
<soren> Daviey: "Maintenance: Simple package that the Ubuntu Server Team will take care of." <- *chuckle* (from ipxe MIR)
<Daviey> soren: :D
<hallyn> maybe we should've created a mini-sub-package that only ships the virtio one
<Daviey> soren: the package IS simple... the contents are not :)
<soren> Why is PXE booting kvm's suddenly so critical, by the way?
<baffle> To be honest, I kindof prefer that to installing from ISO. Integrated with all my other systems. The alternative is ofcourse to make magick images in a cloud setup, but PXE booting works for both physical and virtual machines.
<Daviey> soren: it's not.
<soren> baffle: Sure. I just can't remember the last time I used the installer (preseeded or not) to install a virtual machine.
<soren> Daviey: So ipxe is in main because...
<Daviey> it's a build dep of xen for 1.
<Daviey> that could probably have been patched out TBH.
<soren> I'll bet all it does is exactly what my kvm-pxe package did.
<Daviey> soren: Supporting PXE on hardware which doesn't support it in the bios is nice to have.
<soren> ...which is take a ROM from ipxe (or etherboot in kvm-pxe's case) and reformat it for kvm.
<Daviey> but TBH, not really server grade kit if that is the case.
<soren> I dunno. It just didn't feel like taking on the support burden back in the day.
<Daviey> When i were a lad.. these 'ere were all fields ya know.
<baffle> soren: You're so old and wise.
<baffle> :-)
<Daviey> soren: We can always review it next cycle, but i don't expect ipxe is going to hurt that much.
<soren> Famous last words. :)
<Daviey> soren: Thankfully it's not an LTS :)
<hallyn> soren: Daviey: i didn't realize tha'ts where kvm-pxe came from.  For next cycle, instead of dropping kvm-pxe, pulling just a few roms from ipxe (and leaving ipxe untouched from debian) soudns good
<rcaskey> howdy all. How does grub decide what disk to boot? I'm having an issue where it will occasionally decide to boot off a lvm image...
<andygraybeal> i'm trying to use virt-install to make a new virtual machine in ubuntu 11.04 desktop.. the problem i'm having is it keeps changing the ownership of the .iso i'm using and then it says 'permission denied'  ... i did a search in google and nothing really came up, i wonder if anyone has had similiar experience and what should i do?
<pmatulis> andygraybeal: iso resides where?
<andygraybeal> this is all on my local machine; the iso lives there also
<pmatulis> andygraybeal: on your local filesystem?  not an external disk or somesuch?
<andygraybeal> it changes the ownership to libvirt-qemu and group to kvm
<andygraybeal> yes, local filesystem it's actually in my home folder
<andygraybeal> should i just put myself into the kvm group? or something.. i'm already in the libvirt group
<andygraybeal> libvirtd group
<pmatulis> andygraybeal: check ownership/mode of the parent directories of your home directory i guess
<andygraybeal> eveyrhting is andy:andy
<andygraybeal> mode is regular drwxr-xr-xr on the home folder 'andy'
<andygraybeal> errrr
<andygraybeal> drwxr-xr-x
<andygraybeal> got a little carreid away there
<pmatulis> andygraybeal: there is a bug on this when iso resides on external media.  i feel your problem is related
<andygraybeal> i saw something on google where people were trying to do stuff on an nfs file
<andygraybeal> nfs file system
<andygraybeal> yea
<andygraybeal> i think the same thing
<andygraybeal> and it's 11.04 .. so i figure the bugs are figured out yet
<andygraybeal> thank yuo for going over it with me :)
<andygraybeal> okay, i give up.  i'm gonna work on something else now
<andygraybeal> thanks again
<hallyn> utlemming: not sure i was clear enough before - i hope you're not spending time pursuing what i said aobut the arch= flag in the type part of the lxc container definition - it's no longer complaining about htat for me (no idea what changed, but th eflag is back in there)
<utlemming> hallyn: nope...I'm not. :)
<smoser> Daviey, can you quickly accept nomination at https://bugs.launchpad.net/ubuntu/+source/php5/+bug/651049
<uvirtbot`> Launchpad bug 651049 in php5 "php5: FILTER_VALIDATE_URL will invalidate a hostname that includes '-'" [Medium,Fix released]
<Daviey> smoser: Done.. you should be able to do this yourself. :)
 * Daviey wonders who has a free cycle at the moment.
<Daviey> hggdh: How high is your confidence in qemu 0.15?
<lynxman> smoser: didn't know you were good in PHP ;)
<hggdh> Daviey: have not used it, had to go back to Natty (Oneiric was so broken as to be impossible to keep on)
<hggdh> Daviey: but it is time for me to take the plunge again...
<hallyn> hggdh: you can grab it from ppa:serge-hallyn/virt
<hggdh> hallyn: will install and run, then. Does it work on Natty, or should I upgrade?
<smoser> Daviey, i'm 1 ACK away from being able to do so
<hallyn> hggdh: not sure, i haven't tried on natty.  i woudl expect it to...
<hallyn> smoser: all right i don't yet know why what's happening is happending, but i know the end result and haave a patch workign aroudn.  would prefer to find the original cause though
<hggdh> hallyn: hum. Perhaps it is better to go Oneiric, and then try. This will take about 4 hours (upgrade, and then play, and then report)
<hallyn> (/.oldroot/<container>/dev/pts is being funky)
<Daviey> smoser: i saw :/
<Andy80> kim0: hi :) I was reading your email and I wanted to start reviewing the serverdocs, but I don't understand if it's still needed ot not... I mean... in one email someone says that now only help.ubuntu.com is used... am I missing something?
<kim0> Andy80: yes it's still needed
<kim0> Andy80: it's just that the 2 weeks deadline is not that hard anymore :) we can have more time
<kim0> Andy80: but there's tons of stuff to be done .. so please go ahead :)
<Daviey> hggdh: Ah sorry, that question was for hallyn.. tab fail.. but I'd certainly appreciate you sniffing qemu 0.15 to spot regressions.
<Daviey> It's quite late in the cycle for a new upstream version.. but if confidence is high, we can still consider it.
<hggdh> Daviey: heh. I will try, no matter what. You can get a FFE for it, I guess ;-)
<Andy80> kim0: ok... another question, when I review the docs, do I have to review the text only or do I have to try all commands/configurations ecc... on oneiric server?
<Daviey> hggdh: Yeah, but FFe is based on confidence.. currently, i don't have enough as there are too many unknowns.
<kim0> Andy80: well .. I would say use your best judgement .. if a command is too trivial .. no need to try that. I try to make sure the package names and command names are the same, and if it's fun, I try the actual commands too :)
<Andy80> kim0: ok... I'll install a oneiric server on a VM in the mean time
<kim0> Andy80: Awesome! Thanks a lot :)
<Daviey> RoAkSoAx: around?
<RoAkSoAx> Daviey: nope :) this is an automated response
<RoAkSoAx> hehe
<Daviey> dammit.
<RoAkSoAx> Daviey: what's up man? :)
<Daviey> I was really hoping to talk to RoAkSoAx, oh well.
<lynxman> Daviey: talking to RoAkSoAx's toaster is a good second option :)
 * smoser is jealous that RoAkSoAx got one of those new ToasterMatic 2011 models with irc bot built in
<craigbass1976> Do I need to be in postfix to ask a postfix question, or will running it on an ubuntu server allow me to ask something in here?  I'm trying to forward mail from blahblah@domain.com to several people at the same domain.  I don't remember how I set up the server last year, but there's no /etc/postfix/virtual, which is how I'm reading that it's supposed to be done.
<Daviey> RoAkSoAx: [andreserl] Validate desktop deployment through cobbler: TODO <-- that is done, isn't it?
<uvirtbot`> New bug: #831493 in postfix (main) "package postfix 2.8.2-1ubuntu2.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/831493
<RoAkSoAx> Daviey: afaik we cannot import a Desktop ISO and deploy, but rather, we need to add ubuntu-desktop as a package to install from a netboot image
<RoAkSoAx> and yes in that case is verified
<Daviey> RoAkSoAx: I assumed that meant validating the desktop alternatve image?
<Daviey> ie, DI
<Daviey> although, ubuntu-desktop is probably enough TBH
<RoAkSoAx> Daviey: oh plop :) no haven't yet tried the alternate, will add it to my todo though
<kirkland> jcastro: built that zotac box this weekend -- it's pretty sweet :-)
<smoser> lynxman, pretty sure you requested merge at https://code.launchpad.net/~lynxman/ubuntu/oneiric/swift/swift-upstart/+merge/72032 to the wrong branch
<smoser> i think you wanted merge into lp:~openstack-ubuntu-packagers/ubuntu/oneiric/swift/ubuntu
<NCommander> Daviey: you about?
<lynxman> smoser: hm I did two and the second got accepted :) you're right, as always
<smoser> lynxman, so you will either move the branch target or mark that thing invalid ?
<smoser> just trying to get it off of http://reports.qa.ubuntu.com/reports/sponsoring/
<lynxman> smoser: I'll mark it as invalid
<lynxman> smoser: was actually waiting for you to point it out, just to see if you paid attention ;)
<smoser> lynxman, no way would i miss anything that important!
<lynxman> smoser: :D
<Daviey> Is everyone HAPPY?
<Daviey> NCommander: o/
<Daviey> RoAkSoAx: alt' is LOW priority. :)
<RoAkSoAx> Daviey: hehe ok ;)
<lynxman> Daviey: yeah!
<RoAkSoAx> Daviey: if there's stuff you want me to take care of just send it over
<Daviey> RoAkSoAx: Get the lab working :)
<Daviey> RoAkSoAx: Feel free to add db_get support to the cobbler-enroll package? :)
<lynxman> Daviey: still have two bugs on my table, mind if I bash them later today or tomorrow?
<RoAkSoAx> Daviey: hehe ok, will get the lab first
<chuck_> Daviey: no
<Daviey> lynxman: I want them done YESTERDAY, dammit.
<Daviey> zul: wassup?
<lynxman> Daviey: I'll get my Tardis later then :D
<Daviey> groovy
<Daviey> Anyone looking for stuff to do?
<uvirtbot`> New bug: #831505 in cloud-init (main) "add-apt-repository blocks cloud-init on oneiric" [Undecided,New] https://launchpad.net/bugs/831505
<ersi> Daviey: Yeah, I am!
<ersi> Was thinking of triaging a bug or two, but I've seen that the -server team doesn't have many untriaged right now ;p
<Daviey> ersi: Well we do :)
<Daviey> ersi: Our triage process works a little different
<ersi> Oh? Fill me in or link me up! :)
<Daviey> https://wiki.ubuntu.com/ServerTeam/KnowledgeBase#Bug_Triager
<ersi> ah, think I got that open in a tab. Will read/re-read it
<Daviey> http://status.qa.ubuntu.com/reports/ubuntu-server/triage-report.html <-- helpful resource.
<Daviey> ersi: so stage one, is just setting importance (if you have foo to be able to do that)
<bkerensa> hi all
<ersi> I work as a 'Test Engineer', so hopefully this is a win-win situation :)
<Daviey> ersi: Although - if you do not, commenting that you think it should be a 'Medium' bug, for example - certainly adds credit to be able to join the rank of the few.
<Daviey> ersi: I'm going afk now, but please do ask others if you get stuck.
<Daviey> ersi: We really appreciate your hlep :)
<ersi> Sure thing
<Daviey> help
<ersi> See ya :-)
<Daviey> ersi: See you later or tomorrow
<ersi> Hm. How does one get 'foo' to be able to set importance on a bug? Do I have to be a member of the ubuntu-server team, or a bug squad or something like that?
<Daviey> ersi: https://wiki.ubuntu.com/UbuntuBugControl
<RoAkSoAx> smoser: howdy!! any ideas? http://pastebin.ubuntu.com/672616/
<Daviey> ersi: feel free to move onto the other tasks.. you need to prove a bit of experience before being allowed to join bugcontrol
<RoAkSoAx> smoser: late command: http://pastebin.ubuntu.com/672617
<ersi> Daviey: Yeah, I assumed so. It's no problem, I was just curious.
<smoser> is there really no sshd_config ?
<RoAkSoAx> smoser: it exists
<smoser> it cant possibly
<smoser> or at least i can't imagine how it could throw that error if it did
<RoAkSoAx> smoser: how can I make it rerun?
<smoser> sudo cloud-init-cfg ssh always
<smoser> try that.
<RoAkSoAx> smoser: will do after reinstall ;)
<RoAkSoAx> smoser:
<RoAkSoAx> smoser: ping
<RoAkSoAx> smoser: so add-apt-repository now asks to confirm whether to add or not a PPA and I think cloud init is getting stuck there (i already figured out what was the the issue with the file stuff, need openssh-server installed)
<smoser> RoAkSoAx, adam_g has a fix.
<RoAkSoAx> adam_g: ping
<smoser> discussing now in ubuntu-cloud
<adam_g> RoAkSoAx: here
<adam_g> (and there:)
<ersi> Any triagers around? I'm currently looking at #829625, but I'm unable to reproduce it in a VM - any tips on how to proceed?
<josePhoenix> Hello all.. what can I use for log rotation? Logrotate seems like it expects to be run as root
<josePhoenix> In my case, the logs are owned by an unprivileged user, and I'd like to put the rotation stuff in said user's crontab
<Pici> josePhoenix: logrotate seems to allow you to specify the config file as an argument.
<josePhoenix> Pici: yes, but I was reading through the directives and, for example, create lets you specify mode, owner, and group
<josePhoenix> wouldn't that cause problems if it tries to chmod? or does it only care if owner != current uid
<zul> muahahhaha....http://pastebin.ubuntu.com/672668/
<ersi> josePhoenix: You can indeed use logrotate as an unpriviliged user
<josePhoenix> thanks ersi and Pici :]
<Daviey> How are things looking? Everyone good?
<ersi> Yeah, I guess :)
<ersi> I'm was looking at #829625, but I'm unable to reproduce it in a VM - any tips on how to proceed?
<guntbert> Daviey: uhh ... are you looking for chatting partners? they may be found in #ubuntu-offtopic
<Pici> guntbert: Daivey is working with his server team comrades :)
 * guntbert blushes, sorry Daviey ...
<Daviey> bug #829625
<uvirtbot`> Launchpad bug 829625 in ntp "package ntpdate 1:4.2.6.p2 dfsg-1ubuntu5.1 failed to install/upgrade: error writing to '<standard output>': No such file or directory" [Undecided,New] https://launchpad.net/bugs/829625
<Daviey> guntbert: I'm *always* looking for chatting partners, who are looking to contribute to ubuntu-server :)
<Daviey> ersi: So, looking at that bug.. the first thing i would do is look at the DpkgTerminalLog and jump to the bottom - it normally gives an indication of the issue
<Daviey> Often, it's a local issue (malformed config files on upgrade or a strange enviroment that we haven't tested)
<ersi> Daviey: Yeah, but it is completely empty on anything else than unpacking and installing packages
<ersi> ah, hm.
<ersi> I was doing a fresh install, so no wonder then
<Daviey> ersi: You are quite correct, that log is useless
<Daviey> ersi: Looking at the description "error writing to '<standard output>': No such file or directory"
<ersi> Yeah, it's an odd one - Just took one at random ;)
<Daviey> I suspect there is a config file involved, where <standard input> is entered rather than a log locaton
<ersi> Only thing I've managed to conclude is that there's pretty much no technical information included from apport
<ersi> so was thinking about things to ask (nicely) in a comment
<Daviey> ersi: I would suggest the bug reporter greps /etc/ for "standard input" and returns the output
<Daviey> to the bug report, throw the bug into incomplete and await a response.
<ersi> Well, I can't change the status/importance ;p But I'll add a comment
<Daviey> ersi: Comment on the bug report of your suggestion for what state / importance it should be... it can be something you can reference back to when you want to apply for bugcontrol.
<ersi> Great idea
<Daviey> ersi: give me a ping when you have done that, i set the status.
<Daviey> i'll*
<ersi> Daviey: Sure thing
<neuronotic> hi. I've setup postfix/dovecot on natty - seems ok to send mail out, but when doing a telnet localhost 25 check to send a mail locally, i'm getting this error msg: "Fatal: open(/etc/dovecot/conf.d/01-mail-stack-delivery.conf) failed: No such file or directory )" .  My dovecot.conf has !include_try /etc/dovecot/conf.d/*.conf in it so I'm a bit confused as to how to diagnose.
<guntbert> neuronotic: without any idea I'd start by looking into the server logs, does that 01-mail-.... file exist? is it readable by postfix?
<ersi> Daviey: Oh, I was able to set the Status. :-)
<neuronotic> @guntbert: doesn't exist. the folder does, but file doesn't. I tried installing dovecot-common on a different machine to double check i hadn't done something awry on that count, and the folders are empty too (using aptitude to install). this is about the closest i've come to finding something related https://bugs.launchpad.net/ubuntu/+source/dovecot/+bug/671065   but don't really see how it fits with me.
<uvirtbot`> Launchpad bug 671065 in dovecot "deliver broken because dovecot.conf uses !include_try" [Medium,Incomplete]
<neuronotic> * by 'see' i mean understand
<Daviey> ersi: What importance should it be set to?
<neuronotic> (sorry i'm fairly fresh ...was trying to setup a mailman server :))
<ersi> Daviey: Hm, I'm unsure if it's of Low or Medium importance
<ersi> Daviey: But since it's kind of a 'special case', I'm betting Low
<Daviey> ersi: exactly!
<Daviey> If it turns out that the user hasn't done anything odd, then it could probably be a Medium
<Daviey> (i'm fairly certain it's a local issue, meaning it's pretty LOW)
<guntbert> neuronotic: I haven't worked with postfix for some time now - hey you are talking about dovecot now?? right you said it before too. guess I am confused....
<Daviey> If our guess is correct, then the issue is really invalid.
<neuronotic> er ok, on 2nd reading of that launchpad link, i checked my postfix main.comf  and i have this line "mailbox_command = /usr/lib/dovecot/deliver -c /etc/dovecot/conf.d/01-mail-stack-delivery.conf -n -m "${EXTENSION}"" which i assume is related?
<Daviey> ersi: (although some should argue that we should handle the error better)
<ersi> Daviey: In apt?
<Daviey> ersi: It's a distro wide issue, so possibly in apt and the packages.. but not something we can address in short term.
<ersi> Ah, of course
<Daviey> ersi: Try not to spend too much time on triaging a bug, we want to try and progress as many as possible in limited time.
<ersi> Daviey: I added an "Importance recommendation" to the bug
<ersi> yeah, of course
<ersi> I'm just taking my sweet time, so that I learn and handle commenting well :)
<Daviey> ersi: hah, 30 seconds before you i set the importance with a comment ;)
<ersi> Daviey: Haha :)
<Daviey> ersi: One of the reasons we split the process into different stages is try and help get the major issues resolved faster.
<Daviey> Ie, just learn enough about the bug to set the importance, and move on.
<Daviey> Then, later revist based on the importiant ones first.
<ersi> Yeah, that's wise :)
<ersi> It's quite interesting, since it's so different in my work environment
<ersi> A lot smaller eco system, and I can prod all of the developers which have poked and constructed each software
<neuronotic> guntbert: postfix & dovecot. any recommendations?
<Daviey> ersi: hah
<ersi> Daviey: Dreamy, eh? ;)
<ersi> Also, I don't need to set/focus on Importance. The PM's come and make that clear :D
<Psi-Jack> Curious, anyone here have any experience with EMC SAN over FC, and PowerVault's? I'm trying to do research into performance differences between the the options for a 3-server database cluster, which will be running Ubuntu 10.04 LTS server.
<guntbert> neuronotic: try to find out where that line comes from (I have no such system at my hands...)
<neuronotic> guntbert: comes from as in how it got there? I installed (via apt) dovecot-postfix
<Daviey> ersi: Being one of Ubuntu-Server is the biggest dream anyone could ever hope for.
<Daviey> (note, it's an open team.)
<soren> Daviey: Is it?
<soren> Daviey: There are still 65 "proposed members" :)
<guntbert> neuronotic: that surprises me, I just checked (I have both installed but nut conffigured/running), there is no such line in main.cf here
<Daviey> soren: it flipped back to open, and those are members from when the team was restricted
<Daviey> or rather, wedged in the proposed state
<neuronotic> guntbert: hrmm just commented it out and restarted, might work now...doh.
<neuronotic> *does work now...
<Daviey> soren: I'm not sure open team is the correct approach TBH, i think too many people joined to get a badge.
<neuronotic> guntbert: *thanks* for the handholding ;)
<Daviey> soren: Rather than following, https://wiki.ubuntu.com/ServerTeam/Membership :)
<guntbert> neuronotic: glad it worked :), but still something seems weird with that line
<josePhoenix> Hmmm... now why doesn't my logrotate script work
<soren> Daviey: what the... I'm not a member anymore.
<soren> Daviey: I must have expired.
<josePhoenix> I'm trying with logrotate -df to force it to run, and it says it's moving the files.. but it doesn't
<soren> Either that or I'm too cool to be in ~ubuntu-server.
<josePhoenix> Ah whoops xD
<neuronotic> guntbert: how so?
<josePhoenix> -d is pretend...
<Daviey> soren: Yeah, i thought you hated us or something :)
<guntbert> neuronotic: because the software management system is supposed to prevent such errors....
<Daviey> soren: You should consider joining ~ubuntu-server-dev :) .. you'll get upload access for the ubuntu-server seed :)
<Daviey> or packageset,rather
<RoAkSoAx> Daviey: this reminds me, Have you taken care of not removing powernap from main?
<Daviey> RoAkSoAx: i have not.
<soren> RoAkSoAx: Why does it need to be in main?
<RoAkSoAx> Daviey: isw that something you'll take care of (by making sure it stays in the cd?)
<Daviey> stand clear, jhunt is here.
<Daviey> RoAkSoAx: Can it be a depends of something?
<soren> Daviey: Shiny!
<RoAkSoAx> soren: i don't see the point of demoting powernap when it might as well get promoted next cycle for orchestra
<RoAkSoAx> kirkland: ^^
<Daviey> soren: It's something that has been gaining popularity, and i suspect will be wanted in openstack next cycle.
<soren> RoAkSoAx: I'm not saying it should be demoted.
<Daviey> Seems pointless to demote it for one cycle.
<neuronotic> guntbert: just tried intsalling the package on another machine, during install has this line "Configuring postfix for mail-stack-delivery integration: ........."  and the main.cf has that line (the one i removed)
<RoAkSoAx> soren: I understand I'm just pointing out what Daviey just said :)
<soren> RoAkSoAx: I'm just trying to uncover whether it really ought to be a dependency of something.
<RoAkSoAx> soren: yes for next cycle should be a dependency for orchestra
<Daviey> RoAkSoAx / soren:I suspect it'll be a depends of nova-compute aswell?
<RoAkSoAx> Daviey: if the messaging parts gets implemented using rabbitmq I guess
<guntbert> neuronotic: strange, but as I said I haven't worked with it for some time now and things may have changed
<RoAkSoAx> I don't know what's the side from openstack yet
<soren> Yay! Launchpad kept my original "member since" date for ~ubuntu-server.
<ersi> Daviey: Would you set bug #829944 to Importance: Low? It does have an easy work around (either removing the pidfile yourself, or stopping it in another way)
<uvirtbot`> Launchpad bug 829944 in clamav "stopping freshclam doesn't remove pidfile" [Undecided,Confirmed] https://launchpad.net/bugs/829944
<Daviey> soren: would you be upset if i ejected you? :)
<soren> Hardly. :)
<neuronotic> now I can send emails out and locally, but cannot send emails from external -> locally.   This is in the log: NOQUEUE: reject: RCPT from mail-gw0-f42.google.com[74.125.83.42]: 554 5.7.1 <fmaster@MYDOMAIN>: Relay access denied; from=<an_address@gmail.com>
<soren> Does that spoil the fun?
<Daviey> ersi: done, you might want to add a quick comment with suggested next step
 * RoAkSoAx goes get lunch
<Daviey> ersi: Often, it's good to add a rational why the importance / status.
<ersi> Daviey: Oh, I meant more "Do you agree?" - but I guess you do :)
<Daviey> ersi: O, sorry - i jumped the gun - yes, i agree.
<ersi> Daviey: "Suggested next step"? As in from the reporters side?
<Daviey> ersi: On the lifecycle of the bug / or the reporter.
<Daviey> ersi: I agree about confirming it, as i have good confidence that the bug report is of a suitable quality that it is correct.
<Daviey> Ideally, we'd reproduce everything before confirming.. but it doesn't always make sense to do so.
<ersi> Daviey: I was able to reproduce this perticular one :-)
<Daviey> ersi: Ah, nice one :)
<ersi> Daviey: Is there anything else I should do with this one? (Beside post my comment which I'm almost done with?)
<ersi> comment = was able to reproduce, recommending Low
<Daviey> ersi: It's probable that this bug is also in Debian, so you could forward the bug there aswell.. But i wouldn't at this stage.
<ersi> Daviey: So besides commenting, no further actions?
<Daviey> ersi: For simple bugs like this, i don't tend to forward the bug to Debian unless i am including a patch
<ersi> I guess it is kind of a straight forward bug :)
<Daviey> ersi: Yup!
<ersi> Neat-o.
<Daviey> ersi: Ofc' if you want to dig deeper, like find where the issue is and propose a patch.. then that would be the next step.
<ersi> Daviey: Ah, yes. Of course :)
<Daviey> ersi: But if you are comfortable doing triage, that is greatly wanted!
<ersi> Daviey: And if I'd start digging, would I assign it to myself? Even though I'm maybe not confident in solving the issue?
<Daviey> ersi: I think you'd be able to solve this :)
<ersi> Oh, I mean just generally - if I'd start prodding solutions to a bug
<Daviey> ersi: Yeah, that is the normal workflow.. if you are not comfortable you will be able to work on it, you can always start prodding without assigning yourself.
<Daviey> (note, that this issue - i'd tend to suggest the patch is pushed back to Debian first and then sync'd back down)
<Daviey> ScottK tends to merge that package, and i'm sure he doesn't want to increase the delta with Debian :)
 * ScottK looks up.
<ScottK> ersi: If you've got a proposed patch I'd like to get it reviewed by Debian.  Even if we apply it first, I want to make sure it's acceptable there so we aren't increasing the diff we maintain in the long run (also if they won't accept it, it's probably for a good reason).
<ScottK> Let me know if you come up with something.
<ersi> ScottK: Sounds very sane! Sure thing :-)
<ScottK> Daviey: Thanks for the heads up.
<ersi> So, if I'm able to make a patch (in this case) - I'd rather find the bug/issue in Debians Bugzilla (Or file one) - and suggest a patch there first
<ersi> and link the issues together
<Daviey> ersi: Yup!  Infact, submittodebian makes this quite easy if you prepare a ubuntu package first.. even if not actually uploading it
<Daviey> (you'll need to fix the text content to remove "this has been applied in Ubuntu")
<ersi> Daviey: If I have a patch? Or in any way, to submit to Deb Bugzilla?
<ersi> Hm, I bet this is related to the initscripts
<ScottK> I'm sure it is.
<Daviey> ersi: Yeah, if you patch the ubuntu package as if you were going to ask for it to be uploaded, submittodebian well help you forward the patch.
<ersi> Hm, I know 'killproc' is from some 'common shellscript file' in /etc.. wonder where
<RoyK> - Well, boys, I reckon this is it - nuclear combat toe to toe with the Roosskies.
<lenios_> ersi, locate killproc
<RoyK> ersi: iirc killproc is a solaris thing, try killall
<ersi> RoyK: Mmh, this is in a initscript. I'm sure it's an "internal"/"local" bash script function included from somewhere
<lenios_> there is a /etc/init.d/killprocs
<RoyK> ersi: oh ic
<ersi> Yeah, but it doesn't seem like The One :o
<ersi> afaik there should be some 'common init.d-functions' somewhere :)
<ersi> I'm digging ;)
 * RoyK once did a kill <somepid> -1 on a SysV box and can't recommend it
<ersi> /etc/init.d/rc :)
<RoyK> AFAIK GNU kill will treat that as kill -1 <somepid>, SysV kill didn't - it took -1 as a new argument for "all processes"
<ersi> Hehe, I've ran 'killall' on a Solaris box once
<RoyK> hehe
<RoyK> same thing :)
<lenios_> since i'm here, i've packaged v2.0 of an ubuntu package available only as 1.1 in all ubuntu distributions, i've found out debian has it packaged 2.0 on wheezy. Any idea how to get the v2 in official repositories?
<ersi> Hehe, if I'm not mistaken.. freeze was recently :o
<RoyK> lenios_: post a patch and wait for the next major release
<RoyK> perhaps they'll add it, possibly not
<uvirtbot`> New bug: #831628 in squid (main) "squid upstart script doesn't check for filesystems" [Undecided,New] https://launchpad.net/bugs/831628
<RoyK> lenios_: you should read up about creating a private repository - new stuff like that won't get into the official repos in a flash
<lenios_> i've added it to my ppa
<lenios_> you can't find my package when searching in ppas though, no idea why
<Sebo> Hi, Could you tell me how can I set up Ubuntu to serv the shell through /dev/ttyS1
<soren> Sebo: https://help.ubuntu.com/community/SerialConsoleHowto
<ersi> Currently checking out bug #831493. It seems that the configuration triggers can't parse the current users configuration file. Would anyone else like to set this to "Importance: Low"?
<uvirtbot`> Launchpad bug 831493 in postfix "package postfix 2.8.2-1ubuntu2.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/831493
<Daviey> utlemming / smoser: not urgent right now, but can you two work out how to get the arm images into the main page on cloud-images.ubuntu.com... and look at rebasing the theme, taken from cdimage.ubuntu.com?
<Daviey> Don't burn time on it this week, tho.
<ersi> I left a comment at above bug by the way.
<utlemming> Daviey: I have an idea of how to get that fixed, I just need to hash it out with Scott first
<Daviey> ersi: top stuff!
<Daviey> utlemming: cool :)
<ersi> Well, I guess that's three triaged bugs on my first day. I'll think I'll call it a day :-)
<Daviey> ersi: most appreciated :)
<ersi> No sweat :)
<ersi> Nighty, and see ya later for more \o
<Daviey> ersi: You know you are a pro, when you can do 20 in an hour :)
<Daviey> ersi: See you soon, o/
<RoyK> in solaris, there's a /etc/drivers_aliases that holds pci card,vendor addresses - is such a thing possible in linux?
<Sebo> soren: thx, I had some wrong noumber after getty :P now it works :)
<RoyK> s/drivers_/driver_/
<Daviey> ersi: If you want to continue doing triage, i would speak to hggdh_ about gaining more experience and getting into bugcontrol.
<RoAkSoAx> kirkland: powernap PPA for lucid and maverick are the only affected ones right?
<hggdh_> and I will answer ;-)
<kirkland> RoAkSoAx: https://launchpad.net/~powernap/+archive/ppa/+packages
<kirkland> RoAkSoAx: hard also broken too, but I don't care too much about Hardy
<RoAkSoAx> kirkland: ok it's just control and rules that have changed, will upload in a bit
<kirkland> RoAkSoAx: whoop
<zul> wheee libvirt works on pandaboard...nova on arm here i come
<Sebo> How can I set up ubuntu to run some other program at tty4. For instance I'd like to run 'ssh somehost' there insted the default login?
<Sebo> anyone here?
<Psi-Jack> Sebo: Erm..
<Psi-Jack> Why would you want to run ssh in a dedicated tty console?
<RoAkSoAx> kirkland: fixes uploaded to PPA should build in a couple hours
#ubuntu-server 2011-08-23
<kirkland> RoAkSoAx: you da man!
<macros> I'm having trouble getting console input/ouptut for an exec in a pre-start stanza in upstart when using console owner
<josePhoenix> Hello all
<josePhoenix> I'm trying to find a secure way to set a password non-interactively
<patdk-lap> edit the shadow file
<josePhoenix> That seems a bit.. dangerous, no?
<patdk-lap> use usermod -p
<josePhoenix> But that shows the password in the process list (at least for a second or so)
<patdk-lap> use ldap or sql pam backend and just update ldap/sql
<josePhoenix> eh perhaps
<josePhoenix> Seems like there should be a way to read a password from a file, or non-interactively from stdin
<josePhoenix> I guess I can just put it in a file twice and use the < operator
<Ganymede> On an Ubuntu VPS, mysql never restarts when the server is rebooted but lighttpd, postfix, openssh server, and denyhosts start up fine as do cron and syslog. As far as I can tell with sysv-rc-conf and chkconfig, MySQL should be starting on runlevels 2345...but it just doesn't. I have to go in and type sudo service mysql restart manually after each reboot and it works then.
<stgraber> Ganymede: do you know what technology is used by your vps provider?
<stgraber> Ganymede: does /proc/vz exist in your vps?
<Ganymede> Yes, it's OpenVZ and the directory /proc/vz exists.
<Ganymede> stgraber, ^
<stgraber> ok, so it's normal. I had similar issues with openvz and upstart
<Ganymede> Okay...good to know it's not me being stupid.
<Ganymede> I guess I'll just add it into rc.local.
<stgraber> http://paste.ubuntu.com/672849/
<stgraber> put that in /etc/init/openvz.conf
<stgraber> that should simulate a standard boot (well, kind of)
<Ganymede> VPS is rebooting ATM...
<Ganymede> Surprised that a CONTAINER takes so long to reboot.
<stgraber> depends how old their openvz server is
<stgraber> newer openvz has a service that handles the restarts, old one does it with a cronjob
<stgraber> so it can take up to 5 minutes
<Ganymede> I currently have something very similar in my /etc/init/openvz.conf: http://paste.ubuntu.com/672852/
<Ganymede> It only doesn't have the emit net-device-up lines.
<Ganymede> At the moment, sticking in "start mysql" in /etc/rc.local appears to have done the trick although it's a sloppy hack.
<Ganymede> Okay, whatever, I guess I'll just leave it at that. K, thx, bye.
<ujid> NEW WINDOW
<mark33> hiya
<mark33> I'm trying to not use a clear text password in my svn command that is run via php command line - otherwise it ends up as clear text in the sudolog
<mark33> sudo -u ABC /usr/bin/svn --password 'PASS123' update /www/website/ 2>&1
<mark33> is there a way to not use "PASS123" and use a folder etc instead? (kinda new to this stuff)
<jmarsden> mark33: --password "$(cat /path/to/file-with-pw-in-it)"
<mark33> I'll try that, thanks
<jmarsden> You're welcome.  No guarantees exactly what will be put in the log, but it will get the pw from the file :)
<philipballew> I need help setting up noip2 on my server and getting it to run on start up
<ersi> Daviey: Sounds like a good idea. :-)
<ersi> hggdh: Ping! I'm a newcomer who'd like to get on track with some bugcontrol, and possibly some packaging
<Daviey> ersi: good day sir!
<ersi> Daviey: Heya :)
<ersi> Grabbed another New bug by the way
<Daviey> ersi: top banana!]
<lynxman> Daviey: good day top honcho :)
<uvirtbot> New bug: #831886 in dovecot (main) "Dovecot regression: Evolution quick sync (QRESYNC) not working anymore" [Undecided,New] https://launchpad.net/bugs/831886
<Daviey> lynxman: hiya
<beric> hi there. I'm having hard time with adding my debs to the installCD. The installer stops and in the logs I see a message saying my package was not found. when I look in /cdrom/dists/extra it is there. and I also have a proper Packages.gz file.
<zyga> hi
<zyga> who should I talk to with regards to server QA?
<soren> Daviey: That'd still be hggdh, right? ^
<Daviey> soren / zyga: Depends on the nature of the question TBH :)
 * soren -> lunch
<Daviey> hggdh is still favourable to us, but is not tasked specifically with server qa work AIUI.
<zyga> Daviey: I'm interested in deploying a small ubuntu server image (automatically) to run tests (LAVA)
<Daviey> soren: have fun munches.
<Daviey> zyga: sounds good.
<zyga> in general stuff related to automating the installation enough
<Daviey> zyga: https://launchpad.net/lava-test ?
<zyga> Daviey: lava-* (dispatcher most likely)
<zyga> Daviey: lava-test works very well on an existing installation
<zyga> Daviey: I just want to deploy it automatically in a VM (initally) and on some hardware (eventually)
<Daviey> zyga: I have no personal experience with lava, sadly.
<zyga> Daviey: that's okay, I'm working on lava :0
<Daviey> zyga: For the issue you are describing, we use jenkins
<Daviey> I suspect you want to re-use the code that handles that.
<zyga> Daviey: I'm interested in deploying ubuntu-server/minumal somehow
<zyga> Daviey: any links that I could use?
<Daviey> zyga: hold fire
<Daviey> zyga: You probably want to fork https://code.launchpad.net/~ubuntu-server-iso-testing-dev/ubuntu-server-iso-testing/trunk , and add a lava-test case.
<Daviey> essentially, preseeding ubuntu-server and running code as defined.
<zyga> Daviey: excellent, that's what I was looking for
<zyga> Daviey: thanks!
<Daviey> zyga: Handles libvirt + generating preseeds + spawning libvirt + running code.
<Daviey> zyga: I would be interesting in seeing your changes and the end result :)
<Daviey> zyga: That branch is largely based around recieve instructions from jenkins to fire a test.
<zyga> Daviey: I'll stay in touch, it could be easier than I though
<Daviey> zyga: super
<zyga> Daviey: most likely we'll migrate to lava-dispatcher for invoking the actual tests, not jenkins
<zyga> Daviey: as that fits closer to the rest of lava
<Daviey> zyga: oh, totally understand.. I'm hoping to see if i can steal your fork for another project. :)
<uvirtbot> New bug: #831907 in vsftpd (main) "Default configuration file refers to nonexistent certificate" [Undecided,New] https://launchpad.net/bugs/831907
<lynxman> any libvirt experts awake? :)
<soren> lynxman: Wazzup?
<Daviey> lynxman: You will usually get a better result if you just ask a question... or were you just doing a poll? :)
<zul> morning
<Daviey> zul: hey zul
<Daviey> zul: Have you sniffed the libvirt in experimental?
<zul> so libvirt 0.9.4 is in experimental it looks like it has better support for non-intel arches and better lxc support although its missing two features that is in the git tree
<Daviey> zul: I think it needs to be sniffed to work with openstack, if it looks good - raise a FFe.
<Daviey> I am concerned about the fact that we are considering a new upstream version of libvirt and qemu this late in the cycle.
<Daviey> zul: Probably a good idea to test it against hallyn's qemu 0.15 build.. that would help add confidence to that aswell.
<zul> okies i can do it this afternoon
<zul> besides no one uses libvirt/qemu ;)
<Daviey> zul: hah
<Daviey> zul: https://launchpad.net/~serge-hallyn/+archive/virt/+sourcepub/1883706/+listing-archive-extra
<ersi> FFe = Feature Freeze exception?
<mdeslaur> ersi: yes
<Daviey> ersi: Although, to help with confusion it also stands for Final Freeze Exception. So you have to work out what it likely means based on where we are in the cycle.
<Daviey> *awesome*
<ersi> Ah!
<Daviey> zul: What are the non-intel arch enrichments btw?
<zul> disabling dmidecode basically
<Daviey> ah!
<Daviey> zul: I'd love for the need for a damn wrapper to go away.. stripping things which don't work from the command line
<Daviey> (such as isa-serial)
<zul> libvirt is one big wrapper so you are never going to get rid of the wrapper :)
<ogra_> Daviey, poke
<ogra_> I#m just fiddling with preinstalled rootfs tarballs and see that our image publishing code always names files with .tar.gz suffix as "UEC/EC2 tarball", would the server team massively object if i renamed that a bit more generically to i.e. "root filesystem archive" or some such ?
<Daviey> ogra_: o/
<Daviey> ogra_: Sounds reasonable to me... this is for where?
<ogra_> cdimage , the script generating the html pages for the images
<Daviey> ogra_: Ie, for cloud-images.ubuntu.com it makes sense for that string to maintain.
<Daviey> ogra_: cloud-images (UEC/EC2 tarbals are never on cdimage unless i am mistaken)
<ogra_> well, but i guess the publishing code is the same
<Daviey> ogra_: in any case, the UEC string needs to go away
<Daviey> ogra_: Yeah, i think cloud-image is an old snapshot (hence using the old theme)
<ogra_> let me see if i can make it conditional
<Daviey> ogra_: rocking!  If you are poking that part of code, and making it conditional, changing "UEC/EC2 tarball" -> Cloud Images tarball would be most apreciated.
<ogra_> i'll ping you about it again, i have to find out how/if the code is shared first
<Daviey> ogra_: I think the code we are using is forked, but it's silly if that is the case.. we should fold back :)
<ogra_> well, it might be forked but it could as well be a shared codebase, do you have any idea who set all this up ?
<ogra_> aha, slangasek ...
<lynxman> soren: hey, jmp was having some problems with libvirt, if you fancy having a look at it
<lynxman> or you zul :)
<Daviey> ogra_: our fork was smoser i believe.
<zul> lynxman: im swamped right now
<lynxman> zul: aren't you always :P
<zul> lynxman: its a given
<lynxman> zul: indeed :)
<smoser> i can blame slangasek
<lynxman> smoser: hey o/
<soren> lynxman: "jmp"?
<smoser> we have a version of the cdimages repo on nectarine, which was originally set up by slangasek.
<Daviey> smoser: We should look at folding back, getting the updated theme for free makes sense :)
<smoser> i've made necessary changes.
<smoser> free != free
<Daviey> smoser: No such thing as a free free?
<lynxman> soren: Jose Plans, a kernel guy
<smoser> merging a fork isn't "free"
<smoser> lynxman, hey. whats up?
<Daviey> smoser: looks to me like a good lesson on why not to fork, but push back upstream? :P
<lynxman> smoser: not much, squashing bugs :) you?
<ogra_> smoser, well, currently i'm only intrested in knowing how my change on cdimage would affect nectarine
<smoser> ogra_, it would not.
<ogra_> in our tree there desnt seem to be any other cloud related code
<smoser> at the moment, there is a bzr repo there that a 'bzr pull' doens't pull.
<ogra_> and i wonder why the bit thats there is there :)
<smoser> its basically stand alone.
<ogra_> right, i dont want to break mergeability though
<ogra_> in case we want to fold them back into one tree at some case
<smoser> slangasek originally got that code. at the beginning, i wasn't even knowledgable enough to know where it had come from or that I should be maintaining it upstream.
<Daviey> ogra_: Oh, smoser doesn't care about rebasing.. forks rock.
<smoser> this is ~ 2 years now.
<smoser> we do want to fold them back, yes.
<smoser> what is upstream for cdimages ?
<ogra_> antimony
<smoser> i can look to do that merge if necessary. but really, Daviey, on your list of high priority things is a theme of a download website ?
<ogra_> they are mirrored to launchpad somewhere too
<smoser> ogra_, well, if you would please find that I'll see what I can do
<Daviey> smoser: Nah, it's not worth wasting time at the moment.. i'm pulling your chain, but the update theme should happen before release.
<smoser> so to get this fully functional, utlemming or I will need the ability to push to the real upstream and/or request merges and/or break things :)
<Daviey> hah
<ogra_> smoser, https://code.launchpad.net/~cjwatson/ubuntu-cdimage/mainline and https://code.launchpad.net/~ubuntu-cdimage/debian-cd/ubuntu should be the public trees i think (i never use them from LP, so i dont really know)
<Daviey> ogra_ / smoser: Looks like just a mirror
<ogra_> merge request should go to the ubuntu-cdimage team
<hallyn> apologies everyone for the late meeting notes.  Should be hitting your inboxes right now.  Too late to be useful, but early by government standards.
 * hallyn not actually in today, goes back to hiding out
<Daviey> hallyn: Thanks for doing that!
<Daviey> zul: That means you are chairing today, right?
<zul> am i? I did it a while ago didnt i?
<Daviey> zul: looks like you are next in the pop queue.
<zul> son of a bitch
<ersi> Daviey: Looking at bug #831907, would it sound reasonable that it is a bug of Low importance? It only affects users that would turn a specific option (ssl_enable=YES) on, which is off by default if it is not in the configuration file.
<uvirtbot> Launchpad bug 831907 in vsftpd "Default configuration file refers to nonexistent certificate" [Undecided,New] https://launchpad.net/bugs/831907
<Daviey> ersi: I would agree that is Low.
<ersi> Daviey: Ok! I'll add an recommendation :)
<hallyn> zul: yeah, i don't know what happened this last month, i did it just in july (and presumably you next)
<hallyn> i think someone pulled a fast one with the meeting page header
<zul> i blame moop
 * hallyn looks suspiciously over toward daviey
<ersi> Daviey: If ya' still got it open, feel free to change it's importance :)
<hallyn> zul: if you want to try the debian experimental libvirt i think that should be fine, *except* when i did a 2-minute experiment using yesterday's git HEAD on an already weird VM, it failed configure due to some libxml2 weirdness
<Daviey> ersi: done.
<zul> cool beans ill try it this afternoon, im still in the process of merging it
<hallyn> zul: i hope you're starting based on my 0.9.3-5 version!  the patch wrangling there was a bear and shouldn't be duplicated :)
<zul> hallyn: yeppers :)
<Daviey> hallyn: we enjoy duplicating effort! :)
<zul> ttx: ping
<ttx> just a sec
<javatexan> morning all
<javatexan> I have server with (wan) nic and (internal) nic.  I installed ubuntu server 11.04 with kvm.  I have a VM which will act as my firewall, router, etc.  I have VM bridged with wan and internal nic respectively.  Problem is, I only have one dhcp address available from above and with bridging seems to get two, is there a way to setup the wan nic on the host to not grab the dhcp, but still let bridge work?  I tried making fake int
<uvirtbot> New bug: #831999 in nova (universe) "Instance not found message poorly formatted" [Undecided,New] https://launchpad.net/bugs/831999
<ttx> zul: yes?
<zul> ttx: for jamespage swift change you should have merged it in lp:~openstack-ubuntu-packagers/swift/ubuntu and notlp:~openstack-ubuntu-packagers/ubuntu/oneiric/swift/ubuntu
<ttx> rha, sigh
<ttx> what do we keep the other one around ?
<ttx> why*
<ttx> zul: can you fix it ?
<zul> yep
<ttx> kewl
<zul> just wanted to let you know
<ttx> zul: thx!
<lynxman> zul: the merging of stuff for swift is at best confusing, did the same mistake myself :/
<zul> lynxman: yeah you need a phd for it
<RoAkSoAx> lol
<lynxman> RoAkSoAx: when you want to do your presentation btw? I'm ready for you
<RoAkSoAx> lynxman: well.... was unable to actually setup the environment yesterday as I ende dup testing ensemble more time than expected due to couple new bugs found
<lynxman> RoAkSoAx: lol, alright then, tomorrow?
<RoAkSoAx> lynxman: yes ;)
<lynxman> RoAkSoAx: okay!
<RoAkSoAx> thanks
<RoAkSoAx> alright then, I'm gonna finish changes in orchestra today to setup the environment this afternoon
<lynxman> RoAkSoAx: godspeed
<zul> Daviey: whats the bug number for the keystone ffe?
<Daviey> zul: bug 828689
<uvirtbot> Launchpad bug 828689 in ubuntu "[FFe] Please package keystone for oneiric." [Undecided,Confirmed] https://launchpad.net/bugs/828689
<zul> Daviey: thanks..
<FlashDeluxe> hi! does anybody know a good tool for administrating clients in a network (e.g. installing programs, upgrading etc)?
<smoser> https://bugs.launchpad.net/nova/+bug/828357/comments/8
<uvirtbot> Launchpad bug 828357 in nova "ephemeral device filesystems should be labeled with 'ephemeralX'" [Wishlist,In progress]
<Daviey> zul: throw that bad boy in the queue!
<zul> just finishing it up
<Daviey> super!
<Daviey> zul: Next week, we probably need to smoke the dashboard love.
<smoser> that bit of information cost me $2.26
<zul> Daviey: its already on my todo list
<Daviey> smoser: Oh, you'll pay that yourself - or is work paying?
<smoser> well i used an old credit card that i found that said 'dave walker' on it.
<smoser> but *someone* is going to pay
<zul> lol
<lynxman> smoser: eventually
<Daviey> smoser: super!
<uvirtbot> New bug: #832030 in exim4 (main) "Cron error from exim4-base: "run-parts: /etc/cron.daily/exim4-base exited with return code 123"" [Undecided,New] https://launchpad.net/bugs/832030
<zul> Daviey: keystone and dtest uploaded
<Daviey> zul: dtest?
<zul> Daviey: yet another python testing framework
<Daviey> zul: oh goody!
<zul> whee
<lynxman> zul: another one? *sigh*
<zul> lynxman: yeah they should standardize
<lynxman> zul: for real
<zul> ttx: fixed
<SmokeyD> hey everyone. I have a server already running with ubuntu server edition. I want to migrate that existing install to a new disk, and in the process, also make that full disk encrypted.
<SmokeyD> I know how to setup encrypted partitions using luks, but I am not sure about the grub2 part of this. I want to create the new disk with an unencrypted /boot partition
<SmokeyD> but all other partitions should be encrypted, so I guess I need to change something in the grub config of the old disk, so it knows that the partition is an encrypted partition, and it should ask for a passphrase during startup
<SmokeyD> but I can't find proper docs on what I should do in grub to enable this
<SmokeyD> I don't want to do a full clean install on the new harddisk, but just want to rsync over the data from the old harddisk, and reinstall grub in the mbr
<queso> How do I setup an apt source to be trusted?
<SmokeyD> queso, is it a repository from ppa.launchpad.net?
<SmokeyD> queso, you can lookup add-apt-repository for adding repository's from ppa.launchpad.net, which automatically imports the key for that reporistory, making it trusted
<queso> SmokeyD: okay, thanks
<lynxman> Daviey: ping
<Daviey> lynxman:
<lynxman> Daviey: Working on #822142, proposed a merge for Oneiric but how should I proceed to fix it in Natty?
<Daviey> bug 822142
<uvirtbot> Launchpad bug 822142 in openvswitch "package openvswitch-controller 1.1.0~pre2.g2.ea763e0e-1ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Medium,Fix committed] https://launchpad.net/bugs/822142
<Daviey> lynxman: is it an issue in natty?!
<lynxman> Daviey: it's marked as such by you ;) thought you checked, I can double check
<lynxman> actually the bug initial description comes from natty
<Daviey> lynxman: ah, for some reason off the top of my head i thought it was oneiric only
<Daviey> lynxman: SRU sounds suitable if you can reproduce it.  You know the SRU procedure?
<lynxman> Daviey: you have way too many ducks in your head :)
<lynxman> Daviey: nope, never did it yet
<lynxman> Daviey: If you hold my hand I promise I'll do it nicely :)
<Daviey> lynxman: rocking.
<Daviey> lynxman: You could probably reproduce this in the cloud or vm to confirm you can hit the issue.
<Daviey> lynxman: useful read https://wiki.ubuntu.com/StableReleaseUpdates
<lynxman> Daviey: cool, will read this right away
<lynxman> Daviey: meanwhile the oneiric fix is there for your merging pleasure
<Daviey> lynxman: the most minimal SRU justification should be something like bug 578536 (see the description)
<uvirtbot> Launchpad bug 578536 in autofs5 "when stopped, automount orphans some mounts" [Medium,In progress] https://launchpad.net/bugs/578536
<lynxman> Daviey: brilliant, thanks
<Daviey> lynxman: remember, that if you don't use debcommit, use bzr commit --fixes lp:bugnum
<lynxman> Daviey: I'll eventually remember that sometime :/
<lynxman> Daviey: thanks!
<Daviey> lynxman: is writtable someone you can issue a writt against?
<Daviey> err Weit*
<Daviey> ahh, Writ*
<lynxman> Daviey: you => funny
<lynxman> Daviey: English is my third language dammit :)
<orudie> NGEN
<lynxman> Daviey: I'll fix that commit message then and do it the proper way
<Daviey> lynxman: hold fire.
<lynxman> Daviey: *holding fire*
<Daviey> lynxman: It would make our merge delta smaller with Debian if you directly grab the patch from upstream
<Daviey> lynxman: rather than the extra  comment.
<lynxman> Daviey: k :)
<orudie> NGEN
<Daviey> lynxman: For the changelog, i tend to state what it does, not what the issue was.  Ie, Resolve issue of not being able to FOO, by doing BAR.  Patch courtesy of (Baz | Upstream). (LP: #98797897)
<Daviey> but that is what i do..
<lynxman> Daviey: I want to learn from your best practices so... :)
<Daviey> lynxman: heh
<GrueMaster> I have some questions for server testing.  Namely iSCSI and (separately) ensemble.
<GrueMaster> What tests do we have that I can try on my own hw?
<baggar11> GrueMaster: iozone3 package?
<GrueMaster> iozone for testing which?  iSCSI?
<GrueMaster> Do we have some documentation on setting up iSCSI host & client?
<Daviey> GrueMaster: depends 'what' you want to test? throughput?
<Daviey> !iscsi
<GrueMaster> I'm testing arm server.
<orudie> NGEN
<lynxman> orudie: NGEN?
<Daviey> GrueMaster: http://testcases.qa.ubuntu.com/Install/ServeriSCSIRoot/KVMExample http://testcases.qa.ubuntu.com/Install/ServeriSCSIRoot are probably good references.
<Daviey> there may be others.
<GrueMaster> kvm...sigh.  I'll see if I can work around that.
<Daviey> GrueMaster: well yeah.. it's not the kvm stuff i am pointing it you to.. it's the ietd stuff.
<uvirtbot> New bug: #832111 in nova (universe) "lxc instances never leave 'terminating' after terminate-instances" [Undecided,New] https://launchpad.net/bugs/832111
<Daviey> meeting starting in 2 mins in #ubuntu-meeting, all welcome to attend :)e
<bkerensa> Daviey: What meeting is it?
<uvirtbot> New bug: #832123 in lxc (main) "when booting oneiric cloud-images under libvirt, no pty is available" [Undecided,New] https://launchpad.net/bugs/832123
<baggar11> GrueMaster: pretty vague on what you want to test. iscsi target or initiator, throughput or cpu utilization, or...
<GrueMaster> I just need to setup iSCSI on arm.  I would assume both sides of the equation need to be tested.
<Daviey> utlemming: -> #ubuntu-meetng ?
<Daviey> bkerensa: Ubuntu-server meeting
<bkerensa> Daviey: Oh ok so not Ubuntu-server-ops meeting :P
<Daviey> bkerensa: There is no such thing. :/
<zul> smoser: a newer version of libvirt will make life easier for lxc
<smoser> zul, oh?
<smoser> i suspect by that you mean different things will break
<Daviey> chaps this could be in the meeting ;)
<uvirtbot> New bug: #832159 in nova (universe) "lxc: get-console-output does not work" [Undecided,New] https://launchpad.net/bugs/832159
<baggar11> GrueMaster: iscsi setup should be mostly the same as on x86 hardware
<baggar11> GrueMaster: althoug I have no experience with arm
<GrueMaster> Yea, looking through the info now.
<hggdh_> Daviey: ready when you are
<GrueMaster> Need to adjust the testcase info for non-kvm install.  Also, why are we changing the terminology from other server/client nomenclature?  On most everything else, it is host/client or host/target.  On iSCSI, it is target/initiator.
<GrueMaster> Makes it a bit confusing.
<Daviey> hggdh_: can we do it on thurs?
<hggdh_> Daviey: certainly
<SmokeyD> hey everyone. If I am running a 32bit ubuntu version, is it possible to change that to a 64bit version without doing a complete fresh install?
<ersi> GrueMaster: Isn't that "iSCSI-speak"?
<GrueMaster> ersi: I guess.  Seems to be a bit confusing when they refer to the same thing as host/client or host/target.
<genii-around> SmokeyD: possible but not practical. Reinstall is actually easier.
<baggar11> GrueMaster: as far as I know ubuntu comes packaged with either iscsitarget or tgt for targets and open-iscsi for initiators
<GrueMaster> With the world screaming for standards, you'd think we could start with nominclature.
<SmokeyD> genii-around, well, my machine has quite a lot of config, so I would then have to copy configuration stuff, remember which packages I had installed, etc
<ersi> GrueMaster: Heh, sure. Where are you referring to that "we" use iSCSI-speak by the way?
<GrueMaster> baggar11: Good to know, but the definition of an iSCSI target is different than say an openssh target.
<GrueMaster> ersi: http://testcases.qa.ubuntu.com/Install/ServeriSCSIRoot/KVMExample
<SmokeyD> genii-around, what would it involve to switch the installation from i386 to amd64? Are there docs on it somewhere?
<ersi> GrueMaster: Ah.
<GrueMaster> Do we call an NFS or Samba server a host or a target?
<baggar11> GrueMaster: I would think that has to do with iscsi dealing with block devices and openssh not
<GrueMaster> See the confusion?
<baggar11> GrueMaster: I didn't create the terminology :)
<genii-around> SmokeyD: I have not found any docs on it. But i did this myself as an experiment once. You change the arch in your apt.conf, dump a list of installed packages then use that to reinstall them all in the new arch
<GrueMaster> I'm just saying that I am having to work around the different naming conventions.  I am doing multiple arm server tests, and in this instance (especially on a lower caffeine level) it can get confusing when doing iSCSI on one side, and NFS Root on another.
<uvirtbot> New bug: #832175 in cloud-init "Doesn't report an error when hostname fails" [Low,Confirmed] https://launchpad.net/bugs/832175
<GrueMaster> The target should be the target fs on the iSCSI Host.  the initiator is also the Client (diskless) system in my thinking.
<GrueMaster> At any rate, I am getting around it.
<zyga> de	ded
<genii-around> SmokeyD: You can also just call apt-get with -o APT::Architecture=amd64 as well
<SmokeyD> genii-around, ok cool.
<SmokeyD> I am still considering. maybe I will actualy reinstall the machine from a fresh install
<SmokeyD> is it easy to restore the installed packages from a previously made dump?
<genii-around> SmokeyD: usually something like dpkg --get-selections  >> filename     and then dpkg --set-selections < filename
<SmokeyD> genii-around, cool. Thanks a lot for all the help
<genii-around> SmokeyD: I would still recommend to install fresh however.
<SmokeyD> ge
<SmokeyD> genii-around, that is what I am thinking
<SmokeyD> do a fresh install and then restore the previously installed packages from a list of packages
<genii-around> SmokeyD: Yes
<SmokeyD> after that it would just involve copying the relevant stuff from /etc and data directories from the old installation
<SmokeyD> genii-around, thanks for helping
<genii-around> SmokeyD: You're welcome
<smb> Daviey, zul, FYI just opened bug 832207
<uvirtbot> Launchpad bug 832207 in xen "HVM guest hangs on block io" [Undecided,New] https://launchpad.net/bugs/832207
<zul> smb:  cool!
<RoAkSoAx> smoser:
<smb> zul, Seems I at least got a usable combination of dump and vmlinux for it. Though evaluating that one takes a bit. And its not really usable as an attachment either... :-P
<RoAkSoAx> smoser: ping
<utlemming> qemu: hardware error: no boot device found
<utlemming> CPU #0:
<utlemming> R00=00000000 R01=00000000 R02=00000000 R03=00000000
<utlemming> R04=00000000 R05=00000000 R06=00000000 R07=00000000
<utlemming> R08=00000000 R09=00000000 R10=00000000 R11=00000000
<utlemming> R12=00000000 R13=00000000 R14=00000000 R15=400140a4
<utlemming> PSR=400001d3 -Z-- A svc32
<smoser> RoAkSoAx, here
<utlemming> qemu: hardware error: no boot device found
<utlemming> CPU #0:
<utlemming> R00=00000000 R01=00000000 R02=00000000 R03=00000000
<utlemming> R04=00000000 R05=00000000 R06=00000000 R07=00000000
<utlemming> R08=00000000 R09=00000000 R10=00000000 R11=00000000
<utlemming> R12=00000000 R13=00000000 R14=00000000 R15=400140a4
<utlemming> PSR=400001d3 -Z-- A svc32
<Daviey> smb: probability of this getting fixed in oneiric?
<RoAkSoAx> smoser: so I was looking into running python code on the cobbler snippets and I came to find out that cheetah can import modules and then stuff can be imported in the snippet. So I ended up using re-using your code for orchestra stuff
<RoAkSoAx> smoser: by providing a module that can be imported by the snippet and return a late_command
<Daviey> utlemming: hello!
<Daviey> !ping
<ubottu> another contentless ping... sigh...
<smoser> RoAkSoAx, oh, interesting.
<smoser> what all are you doing in the snippet now?
<utlemming> smoser: we've been advised to use the OMAP kernel for ARM images and use "beagle" as the machine type. The snippet is what you see when you attempt to invoke qemu.
<smoser> did you attempt to provide it with a boot device ?
<smoser> ie, what did you run
<utlemming> qemu-system-arm -M beagle -m 512 -append 'root=/dev/mmcblk0 rw mem=512M console=ttyAMA0,115200 rootwait root=/dev/mmcblk0' -drive file=oneiric-server-cloudimg-armel.img,if=sd,cache=writeback --nographic -kernel oneiric-server-cloudimg-armel-vmlinuz-omap
<RoAkSoAx> smoser: well I needed to pass keys to the orchestra-clients from the server for rsyslog as we are now using TLS
<RoAkSoAx> smoser:  so I had to figure out a way to provide that keys so I though of doing something similar to what was done with ensemble
<RoAkSoAx> smoser: but that required to mess up with cobbler, so I while researching found out about the cheetah importing modules on snippets
<RoAkSoAx> so that's what I'm finishing right now
<smoser> utlemming, you may need to say "boot=on" and/or -boot c
<smoser> oh. wait, not -boot c
<smoser> but probably boot=on
<smoser> but that wont matter. your kernel is not even loading if thats all you're getting
<utlemming> yup
<RoAkSoAx> Daviey: ping
<RoAkSoAx> Daviey: sorry had to go open the door
<utlemming> I've found a whole bunch of stuff that says its looking for some sort of firmware loader
<utlemming> http://balau82.wordpress.com/2010/03/10/u-boot-for-arm-on-qemu/
<Daviey> RoAkSoAx: o/
<RoAkSoAx> Daviey: what were you saying ? :)
<Daviey> RoAkSoAx: my head is melting?
<RoAkSoAx> Daviey: lol
<ersi> Yippie, my first "Bug management" launchpad karma. :P
<Daviey> RoAkSoAx: Ah, there are cobbler Fix Committed bugs.. i thought they were wedged on binary NEW queue, is this not the case?
<RoAkSoAx> Daviey: which ones?
<Daviey> bug #789266
<uvirtbot> Launchpad bug 789266 in cobbler "Cobbler: Missing yum-utils & other cobbler related utils" [Wishlist,Fix committed] https://launchpad.net/bugs/789266
<Daviey> bug #705691 was wishlist, was that achieved?
<uvirtbot> Launchpad bug 705691 in cobbler "cobbler-web should include a working configuration and a README file detailing the steps necessary" [Wishlist,Confirmed] https://launchpad.net/bugs/705691
<RoAkSoAx> Daviey: cobbler-web already includes a working configuration
<RoAkSoAx> it has had it for quite a long time
<Daviey> RoAkSoAx: that is what i thought, the bug is assigned to you - can you update the status as appropriate please?
<RoAkSoAx> sure
<Daviey> rocking
<RoAkSoAx> ;)
<Daviey> If someone wants to hijack bug 810051 from zul, i don't think he'll mind!
<uvirtbot> Launchpad bug 810051 in nova "Copyright/legal issues in Nova (from Debian upstream)" [High,In progress] https://launchpad.net/bugs/810051
<Daviey> ersi: that is GREAT :)
<ersi> Ooh, neat. A bug reporter replied to my comment
<Daviey> \o/
<Daviey> HOT bug of the day that someone might want to address: bug #776945
<uvirtbot> Launchpad bug 776945 in isc-dhcp "Apparmor results in denying operation mknod for isc-dhcp-server " [Medium,Confirmed] https://launchpad.net/bugs/776945
<Daviey> smoser: bug #832123, did you see that as part of openstack - or standalone libvirt?
<uvirtbot> Launchpad bug 832123 in lxc "when booting oneiric cloud-images under libvirt, no pty is available" [Undecided,New] https://launchpad.net/bugs/832123
<smoser> both
<Daviey> smoser: awesome, utlemming ^^ did you see that?
<Daviey> smoser: So that is a regression from last week?
<utlemming> hummm...looking
<smoser> Daviey, no.
<smoser> just the first that i am able to actually get that far reproducibly
<Daviey> smoser: ah, ok - stand down utlemming
<zul> smoser: can you check to see if /dev/pts gets mounted?
<smoser> zul, of course it did not
<smoser> well, actually it does
<smoser> twice
<smoser> and  underneith /dev
<zul> twice?
<smoser> twice
<zul> wha?
<smoser> http://paste.ubuntu.com/673293/
<zul> weird
<smoser> yes, wierd.
<smoser> this reproduces with ttylinux image. very basic busybox /sbin/init at this point.
<smoser> its being done by libvirt
<smoser> http://www.redhat.com/archives/libvir-list/2011-August/msg00213.html
<smoser> "           * mount point in the main OS becomes readonly too which si not what"
<smoser> i'm seeing that too
<Daviey> smoser: so that would be resolved by using the new libvirt release?
<smoser> shut up
<smoser> s/would be resolved/could possibly be resolved/
<smoser> s/could possibly be resolved/would likely be regressed to the point of not reaching this code/
<smoser> :)
<Daviey> smoser: heh
 * zul feels vindicated
<smoser> but yes, there are 2 cherry picks that by changelogs would seem to apply here.
<zul> the mounting of lxc libvirt has been refactored btw
<zul> er...the mounting of fileystems done by libvirt for lxc has been refactored
<hallyn> smoser: (/me sneaks in for one quick comment) danpb did say in email last night that he would look into the libvirt symlink problem we uncovered yesterday
 * hallyn disappears back into the shadows
<smoser> hallyn, :) thanks. i consider that lower priority than the pts issue
<hallyn> naturally
<zul> bbl
<philipballew> i cant seem to connect to my server from ssh after i attempted to set up a ddyddns cliant on it.
<ersi> philipballew: Do you have any access to it what so ever?
<philipballew> i have physical accsess for the next few days ersi
<ersi> Were you able to SSH into it prior to setting up the dyndns client on it?
<philipballew> ersi, i can type ssh philip@philip3
<philipballew>  and log in.
<philipballew> but not with my ddyns server name
<ersi> Ah. Well, were you able to SSH to the external IP previously? Are you on the same LAN?
<philipballew> i have never ssh'd from outside my networl
<philipballew> i am on the same lan now
<ersi> Chanses are that your firewall thinks you're being quite funny, if you're connecting on the LAN - but with the dyndns hostname which is your external IP
<genii-around> Probably thinks you're spoofing
<ersi> Do you have a machine on the outside, that you can SSH into, and SSH into your dyndns hostname?
<ersi> yeh
<philipballew> no i dont. i can always run to starbucks. heres a image bin of my router pf i did
<philipballew> http://imagebin.org/169358
<ersi> If you don't, you could give me (in a pm) (or here) the hostname and I could tell you if you're connectable from the outside
<ersi> philipballew: It works :)
<ersi> philipballew: If you check your logs, you have an login try for user 'ersi'
<philipballew> what did you type that i didnt. send that in a pm
<ersi> so if you'd run to starbucks, work, a friends house - you will be able to ssh into your machine as long as you have user/pass
<ersi> philipballew: you can't connect while on the same LAN, then you'd have to use the internal "LAN IP"
<philipballew> what do i type when i connect then?
<ersi> your dyndns hostname, or the IP (69..)
<ersi> both will work :) But when you're on the LAN, you need to use the 192.. one
<ersi> or "philip3"
<RoyK> http://jmckinley.posterous.com/dc-earthquake-devastation
<philipballew> so ssh philip@philipserver1.no-ip.org  ersi ?
<ersi> philipballew: Yeah, that will work when you're not at home :)
<philipballew> alright. ill go to somewhere and see what i can do!
<ersi> philipballew: Enjoy! :)
<genii-around> As a side note, you may want to use a different port than 22, it is well known
<ersi> And on another side note, make sure you got root logins disabled, and use a ssh-key instead of a password :)
<adam_g> /win/win 15
<adam_g> jeez
<RoAkSoAx> adam_g: i have the same issue every single day :P
<adam_g> RoAkSoAx: suppose its better than /lose/lose
<RoAkSoAx> adam_g: heh
<RoAkSoAx> adam_g: alright orchestra fixes finally uploaded
<RoAkSoAx> adam_g: will let it build for a bit and i'll hit the lab
<kirkland> RoAkSoAx: awesome \o/
<RoAkSoAx> kirkland: ;)
<adam_g> RoAkSoAx: cool.
<adam_g> RoAkSoAx: do you know if orchestra is making use of cobbler-enroll, or is that for the ISO?
<kirkland> adam_g: is cobbler-enroll Daviey's thing?
<RoAkSoAx> kirkland: it is
<RoAkSoAx> adam_g: haven't test cobbler-enroll though I think he was working on getting it working on the installer
<kirkland> yeah, i haven't seen it land in oneiric yet
<kirkland> we *need* something like that for sure
<kirkland> but i doubt it's making 11.10
<adam_g> yah, i knew it was going there but didn't know if orchestra was going to preseed it or what
<kirkland> adam_g: check with daviey, but I'm betting that gets deferred for 12.04
<kirkland> adam_g: and if so we should have a uds session around it
<RoAkSoAx> indeed
<kirkland> adam_g: as I have a few ideas how it could work, and I'm sure others do too
<RoAkSoAx> ahhh crap
 * RoAkSoAx forgot to re-enable the import of ISO's
<adam_g> its pretty straight forward, but (AFAIK), its required to be coded in C (or shell?) if its to e included on the CD
<RoAkSoAx> adam_g: C
<hggdh_> kirkland, adam_g: if I undertood correctly, Daviey still hopes to get it in 11.10. See bug 831496
<uvirtbot> Launchpad bug 831496 in ubuntu "[FFe] Add cobbler enrollment support to server cd image" [High,New] https://launchpad.net/bugs/831496
<kirkland> hggdh_: ah, cool, that's great
<kirkland> adam_g: ^ I'm outta the loop :-)
<hggdh_> the only part I could not get done was the postinst integration with d-i... docs sucks there :-(
<soren> adam_g: Is this something for the installer? If so, shell should be fine.
<hggdh_> soren: it is both for the d-i and for normal usage, both packages get built
<soren> smoser: Glancing at bug 828211, I'm kind of surprised. In my reading of the code, these calls happen before the clone() call.
<uvirtbot> Launchpad bug 828211 in libvirt "libvirt lxc should not rely on 'ip' and 'ifconfig' inside container" [Medium,Triaged] https://launchpad.net/bugs/828211
<soren> smoser: Do you have a specific example of where it happens inside the guest?
<soren> smoser: Oh, I see it now. NEver mind.
<soren> smoser: Did you consider using ifaceCtrl in src/util/interface.c?
<soren> smoser: ...and also sticking the interface-renaming stuff in there and calling it from src/lxc/veth.c?
<soren> Anyways, bedtime.
<kirkland> RoAkSoAx: man, you went on an orchestra bug squashing safari :-)
<SpamapS> man, I really like that oneiric has quiet turned off.. and plymouth tells you what upstart is up to.
<RoAkSoAx> kirkland heheh i juet filed the bugs i fixed that i could remember to keep.track of them
<Daviey> SpamapS: Are you able to look at the SRU's attached to bug 578536 please?
<uvirtbot> Launchpad bug 578536 in autofs5 "when stopped, automount orphans some mounts" [Medium,In progress] https://launchpad.net/bugs/578536
<SpamapS> Daviey: looking
<Daviey> Note that there are two Maverick's in unapproved.. the former really wants nacking as it reverts a patch, rather than carries the cherry picked patch from usptream to resolve it
<SpamapS> Agreed and its been there for > 3 months .. oi
<Daviey> SpamapS: Hey! we can't rush these things.
<SpamapS> is it not present in natty, or are we just ignoring it for natty?
<Daviey> SpamapS: unknown status regarding natty.
<SpamapS> That introduces a regression when upgrading from maverick -> natty
<Daviey> SpamapS: That isn't declared in SRU policy, is it?
<SpamapS> No, its just something to consider.
<Daviey> SpamapS: ack
<Daviey> patches welcome.
<Daviey> :)
<SpamapS> Daviey: if nothing else, it needs to be documented in the bug that it most likely does affect natty, at least a New task. I'll add that.
<Daviey> SpamapS: So, i did just add a task.
<SpamapS> ahh well then. :)
<Daviey> There is some debate going on at the moment if raising a task if it's unlikely to be addressed should be done or not
<Daviey> Personally, i think it should
<SpamapS> unlikely to be addressed should be Won't Fix then.
<RoAkSoAx> lifeless: ping
<SpamapS> Daviey: whats the point of a bug tracking system if we can't use it to keep users quiet^H^H^H^H^Hinformed? ;)
<Daviey> hah
<lifeless> RoAkSoAx: hi
<Daviey> We don't do a very good job at exposing tasks that are really easy for people to fix, based on stealing patches from other uploads.
<RoAkSoAx> lifeless: howdy!
<RoAkSoAx> lifeless: kirkland referred to me as I believe you provided the squid config for orchestra
<kirkland> RoAkSoAx: sorry, no
<kirkland> RoAkSoAx: he just provided squid :-)
<RoAkSoAx> lol/win 24
<lifeless> RoAkSoAx: I'm a squid upstream :)
<RoAkSoAx> oh lol
<RoAkSoAx> lifeless: cool!
<lifeless> RoAkSoAx: amongst other things. A bit emeritus these days, but still tracking progress.
<lifeless> how can I help ?
<kirkland> lifeless: sorry, RoAkSoAx has a syntax problem, maybe in a squid.conf;  i figured you'd be online this time a day, so I pointed him your way
<lifeless> kirkland: sure
<lifeless> cache_dir ufs
<lifeless> bad idea :)
<lifeless> cache_dir aufs
<lifeless>          ^
<lifeless> the a is important
<deltree_> hi everyone, I'm new here
<Daviey> lifeless: Can i take this moment to moan again about squid + ssl support? :)
<lifeless> Daviey: blame the GPL
<lifeless> Daviey: or get us a patch for TLS
<RoAkSoAx> lifeless: this might be just trivial
<Daviey> lifeless: We had this discussion some time ago.. I just wanted to moan again.
<lifeless> RoAkSoAx: so http_access allow <things>
<RoAkSoAx> lifeless: but the line "http_access allow lan"
<lifeless> the <things> have to be defined above it
<lifeless> its a 1-pass parser
<lifeless> you have no acl line defining the land
<lifeless> e.g.
<RoAkSoAx> lifeless: right, so there's no "default" acl called lan
<lifeless> localnet on lines 5 through 7
<lifeless> RoAkSoAx: there are no default acls at all
<lifeless> well, I lie slightly, but you *really* don't want to know the truth here ;)
<RoAkSoAx> lifeless: right so yeah, I should just change from "lan" to "localnet"
<lifeless> yes
<lifeless> also change the ufs to aufs
<RoAkSoAx> lifeless: awesome!thanks for the help!
<lifeless> why do you have the memory set to 512MB ?
<RoAkSoAx> lifeless: idk :) kirkland was the one who did the config
<lifeless> kirkland: ^
<RoAkSoAx> lifeless: but we were experiencing issues with not being able to cache stuff like the kernel
#ubuntu-server 2011-08-24
<kirkland> lifeless: actually, I got that from Spads, when I asked for the squid config Canonical IS uses at UDS
<lifeless> oh man
<lifeless> chinese whispers.
<kirkland> lifeless: we'd love your input/review on this
<kirkland> lifeless: this is the squid.conf we're using in the Orchestra server
<lifeless> kirkland: if you need 1/2 GB of hot objects, you should be doing, I dunno, 100MB sustained traffic ?
<lifeless> maybe more
<lifeless> thats per-sec of course
<kirkland> lifeless: this is the ubuntu network installation server
<kirkland> lifeless: i'd expect we'd be installing maybe 100+ ubuntu servers simultaneously
<lifeless> that is unrelated :)
<deltree_> is ubuntu server slower if I run it with the desktop gui?
<lifeless> ok
<lifeless> let me break out the aspects for you
<kirkland> lifeless: so i figured there'd be a good 500MB of packages required to install each
<lifeless> on a miss squid:
<lifeless>  - writes the response to disk (without blocking)
<lifeless>  - forwards it to the client
<lifeless>  - if its small enough keeps a copy in memory (it has to do a little, but it can choose to keep a window in memory, or the whole thing)
<lifeless> the knob to control window-or-whole thing is
<lifeless> maximum_object_size_in_memory
<lifeless> with (last I checked) this default:
<lifeless> # maximum_object_size_in_memory 512 KB
<lifeless> (because something like 90% of objects on the net are < 512KB)
<lifeless> on a hit squid:
<kirkland> lifeless: ah
<lifeless>  - either reads from memory (if it can ,possibly joining onto an existing download that is happening)
<kirkland> lifeless: okay, that part makes sense
<lifeless>  - or reads from disk *and does NOT* copy it into the in memory buffer
<lifeless> the second part is considering a minor bug: you cannot seed a hot object by getting cache hits.
<lifeless> it plays merry hell with really high volume reverse proxies
<lifeless> ones up in the many-thousand-hits-per-second category.
<lifeless> so, that 512MB seting you have, by default, will only cache the smallest of debs
<kirkland> lifeless: heh, okay, thanks for that
<kirkland> RoAkSoAx: wanna commit that fix too?
<SpamapS> deltree_: it will use up some RAM that could better be used caching data.
<RoAkSoAx> kirkland: yup
<kirkland> RoAkSoAx: change that back to 512KB?
<lifeless> and, given we basically depend on the OS cache for most hits anyway, is unlikely to have a significant impact for you.
<lifeless> kirkland: whoa
<lifeless> kirkland: you're confused - two related settings
<deltree_> SpamapS: ok, just making sure
<lifeless> the cache_mem setting defaults to 256MB.
<lifeless> kirkland: RoAkSoAx: just delete the setting.
<kirkland> lifeless: okay, thanks
<lifeless> kirkland: the *policy* knob for what things can go into that memory cache defaults to 512KB
<kirkland> lifeless: as for a disk cache, what's  your recommendation?
<lifeless> kirkland: aufs.
<kirkland> lifeless: size wize
<lifeless> kirkland: if you want this thing to be snappy, make it 2/3rds your physical RAM
<RoAkSoAx> lifeless: so I remove the cache_mem line and s/ufs/aufs
<lifeless> kirkland: that will allow space for metadata lots etc and guarantee nothing needs disk UI
<lifeless> *IO*
<lifeless> RoAkSoAx: yes please
<SpamapS> kirkland: wouldn't you want the cache size to be "big enough to keep all desired releases on disk" ?
<lifeless> kirkland: if you want to optimise to avoid network downloads, set it to big enough to ..
<kirkland> SpamapS: that's what I was thinking
<lifeless> what SpamapS just said.
<kirkland> okay, good
<lifeless> note that you need 14 MB of memory per 1 GB on disk for 64-bit Squid
<lifeless> http://wiki.squid-cache.org/SquidFaq/SquidMemory
<kirkland> yeah the goal here is to minimize impact on the wan
<lifeless> that comes from the OS
<RoAkSoAx> kirkland: i guess we will need to do some debconf stuff to set add the "lan" we will be using automatically as well
<SpamapS> kirkland: the goal would also be to be able to handle 1000 servers installing at one time.. :)
<lifeless> so, you have what 40GB at the moment? that should be fine.
<lifeless> SpamapS: thats primarily achieve by a) using aufs and b) having a tonne of memory on the machine.
<lifeless> SpamapS: enough for socket buffers + os page cache for all the debs being downloaded.
<kirkland> lifeless: right, we'll recommend that the orchestra server be a fairly beefy machine, and note that the lack thereof will impact provisioning results
<kirkland> okay, i gotta take a break;  been a 12+ hour day
<kirkland> i'm off for a bit to hang out with the wife
<SpamapS> lifeless: indeed, there's an affect that happens also where they all tend to get to the same spot in the install/download process if you can't fit the whole cache in memory..
<kirkland> lifeless: you're awesome, man, thanks so much!!!!!
<SpamapS> lifeless: I had this w/ system imager.. they'd all start a few minutes apart, but end at the same point, because only one window of data would fit in the OS cache.
<lifeless> kirkland: anytime
<lifeless> RoAkSoAx: yes, or edit the local_network acl
<lifeless> SpamapS: yah, memory memory memory :)
<SpamapS> If some got behind, they'd slow the others down.. and eventually they'd all be downloading the same data.
<lifeless> SpamapS: Back in the bad old days I was workin (shudder) yum
<RoAkSoAx> lifeless: cool! thanks for taking the time to take a look at it ! really appreciate it
<lifeless> and it was crystal clear whenever something was missing from the cache, all the machines would grind to a goslo
<lifeless> RoAkSoAx: no worries; feel free to ask anytime
<RoAkSoAx> lifeless: will do, thanks
<uvirtbot> New bug: #832447 in amavisd-new (main) "package amavisd-new-postfix 1:2.6.5-0ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1  happens on every update" [Undecided,New] https://launchpad.net/bugs/832447
<uvirtbot> New bug: #362579 in open-vm-tools (multiverse) "Compilation of vmhgfs module fails on amd64" [Undecided,Won't fix] https://launchpad.net/bugs/362579
<deltree_> so with a LAMP server, I'm thrilled how it basically works right out of the box.
<deltree_> I'm confused though, is there a way to allow Ruby Apps to be run, but not the whole server in Ruby (my PHP is not MVC, but my Ruby is)
<smoser> soren, i did not really look much, so just didn't see it. that probably is "the right way" to do that.
<smoser> i sent it upstream, we'll see what they say there.
<deltree_> in an attempt to set up rails as an app environment, rather than the whole server, I've been following the instructions here: http://russbrooks.com/2009/5/25/install-ubuntu-9-04-server-edition-rails-php-passenger-postgresql-and-mysql  It explains to setup a passenger.load file for apache and aparently I did that wrong based on the errors I'm getting anyone know about this?  I tried following...
<deltree_> ...the instructions on passenger to try to use it as a standalone, but I get the error that the passenger command doesn't exist
<deltree_> trying to set up rails to run on my ubuntu LAMP server as an app environment, leaving php in tact etc.  So far my research has told me to use passenger as a standalone with virtual hosts, but when I install the passenger gem, and try to do as instructed: http://www.modrails.com/documentation/Users%20guide%20Standalone.html I get an error that the passenger command doesn't exist.  When I try...
<deltree_> ...to follow the instructions of someone who's managed to do this before: http://russbrooks.com/2009/5/25/install-ubuntu-9-04-server-edition-rails-php-passenger-postgresql-and-mysql I get other oddities, including the lack of a mod_passenger.so file
<SpamapS> deltree_: did you try asking in a rails channel? They might have better info for you.
<deltree_> I have
<deltree_> only one person I've seen so far claims to have set it up, and in their words i had to do major surgery on my gems
<deltree_> then they left
<SpamapS> ew
<SpamapS> When you wrote your code, what did you use to develop it?
<deltree_> I haven't built a rails app yet
<SpamapS> Oh, just playing?
<deltree_> I write mostly in php & asp.net mvc (yes)
<SpamapS> what version of Ubuntu ?
<deltree_> 10.04
<deltree_> I'm doing it all on virtual machines, so when I mess something up, I just start over
<deltree_> so don't get scared if I do something stupid, I can back it up and try again
<SpamapS> thats a great way to learn
<deltree_> but please, a little guidance would go a long way
<deltree_> I'm pretty new to linux too
<deltree_> I figured out how to give my server a gui
<deltree_> and that has made things easier for figuring out what I'm doing
<SpamapS> a gui?
<deltree_> ubuntu desktop
<deltree_> gnome
<SpamapS> Thats ultimately going to hinder your learning more than you might think.
<SpamapS> Learn to use SSH, learn to *love* SSH
<SpamapS> You can even setup an SSH filesystem between your host OS and your VM so you don't have to log directly into the VM to edit files
<deltree_> I plan to, but my VM has been awkward with ssh, so I've been using the network and sharing to drop files onto the box
<deltree_> just while I figure out setup
<SpamapS> Ok. Just a suggestion.. ditch the GUI
<deltree_> will do
<deltree_> it wasn't helping anyway
<deltree_> I spent most of my time in the terminal
<SpamapS> So if you're doing ASP and PHP.. why ruby?
<deltree_> the reason I liked the gui was 'cause I could just run firefox to see if localhost was working
<SpamapS> like, you're taking on a whole new OS, and a new language, at one time?
<SpamapS> just set the IP of your VM to the same thing all the time.. you don't have to make it dynamic. ;)
<deltree_> SpamapS: it's a language I don't know, and I really like the language, the "truly OOP" is beautiful in my eyes.  It's language #17 for me, so it's really not hard to learn, I just need a place to learn it, and windows doesn't like that idea much
<deltree_> in addition, I came across an app in Perl, which meant more IIS troubles
<SpamapS> hah
<SpamapS> Ok well Ruby is kind of borked in 10.04
<SpamapS> 11.10 will have a MUCH better Ruby
<deltree_> so I decided to take a look at Ubuntu again, after all, I've got 3 linux rigs in the house, but linux is more of a "set it and forget it" os in my eyes
<SpamapS> with a non broken rubygems
<deltree_> 10.04 is LTS, and since I'm considering moving my server to it, I need the LTS version
<SpamapS> Are you sure?
<deltree_> no
<deltree_> actually
<SpamapS> 18 months is a long time for an experimental box
<qman__> I have to agree, this is one of the few cases where non-LTS makes more sense
<SpamapS> Which is how long after this coming October 11.10 will receive updates.
<qman__> if you were running it in production at a company I'd say yes, but just to develop on, go with the newer one
<SpamapS> plus you'll be one upgrade away from the next LTS, 12.04 (unless we lose our minds and decide not to make it an LTS.. which is about a 1 in 1000000 shot)
<deltree_> come to think of it, LTS isn't exactly my style anyway
<deltree_> always new
<SpamapS> anyway, wife is waiting for me.. time to head out
<deltree_> I'm more likely to automate os upgrades than to use old software
<SpamapS> deltree_: If you're brave.. try out 11.10 beta1, which should arrive next week.
<deltree_> (I'm not)in any case, is 11.04 going to mean a heck of a lot of difference in Ruby
<SpamapS> deltree_: we will be *forever* indebted to you for any bug reports you might have. :)
<SpamapS> 11.04 is a *little* better
<deltree_> I would, but I'm clueless with linux anyway
<SpamapS> And you can always update to 11.10 after October and once you feel comfortable.
<deltree_> I can open up a web browser and gksudo nautilus, that's my latest "whoohooo"
<SpamapS> lol.. scary
<SpamapS> well glad to see you're on the right path. :)
<deltree_> lol
<SpamapS> good luck w/ rails and ruby.. gone...
 * SpamapS disappears
<deltree_> so no one has gotten passenger to work in standalone on 10.04?
<deltree_> if someone can say they have in 11.04 then I have a reason to jump forward now, otherwise, I'll continue experimenting on this one until 11.10
<DanaG> weird... one of my users has /usr/sbin not in path.  Is that normal for members not in sudo or wheel group?
<DanaG> /usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
<Daviey> Beta freeze is tomorrow... oh joy.
<twb> DanaG: that happens to me all the goddamn time (lucid)
<twb> DanaG: I assume PATH setting was moved from /etc/profile into PAM, and PAM doesn't trigger when I log in via SSH or something.
<twb> I haven't been annoyed enough to actually track it down.  It's probably when you ssh root@foo -t sh or something
<lynxman> Daviey: the beta freeze will only block new packages from landing the archive right?
<Daviey> lynxman: No, the beta freeze means the archive is on manual approve.
<Daviey> so all uploads get wedged
<Daviey> https://wiki.ubuntu.com/BetaFreeze
<ersi> So Now would not be the greatest time to get into packaging? :-P
<lynxman> Daviey: heh, better get those bugs smashed then
<beric> Hi, I followed the instructions in the InstallCDCustomization wiki page and I got a working installation but I can't log in if I add my custom packages. I know there are issues with casper autologin but this time it's not a livecd.
<Daviey> ersi: packaging NEW stuff.. no, bad time :)... although NEW packages for Debian still makes sense, that we'll sync in next cycle :)
<Daviey> ersi: fixing packaging issues, yes still a good time :)
<ersi> ;)
<koolhead11> #ubuntu-cloud
 * RoyK hands koolhead11 a /j
<koolhead11> RoyK, :)
<ubunteo> how to install packages from CDrom after installation ?
<ubunteo> some said https://help.ubuntu.com/8.04/add-applications/C/offline.html but how about on the server ??
<ubunteo> in etc/apt/sources.list , I edited with # on deb http://........ and left only two cdrom lines on top.  but still not ok yet
<_ruben> that oughta work i'd say
<_ruben> did you run sudo apt-get update after editing sources.list?
<_ruben> and you did uncomment (iirc it's commented by default) the cdrom lines i guess :)
<trapmax> http://www.grimrock.net/
<trapmax> sry. wrong window
<ubunteo> _ruben: no. I just left only cdrom lines. and rebooted
<soren> ubunteo: Look at apt-cdrom.
<soren> ubunteo: It does what you need.
<ubunteo> soren: do I have to install aptoncd package?
<_ruben> ubunteo: a reboot wouldn't change a thing ;)
<ubunteo> soren: As I have no internet with my server, how can I do ?
<_ruben> ubunteo: what happens when you run sudo apt-get update ?
<ubunteo> _ruben: so running sudo apt-get update could help ?
<Daviey> If you are relying on a CD, you are probably doing it wrong.
<_ruben> yes, tho it been ages since i used offline media :)
<ubunteo> _ruben: to tell you the truth, I have not run that command as I thought it would only work with internet
<_ruben> ubunteo: it uses the contents of the sources.list ;)
<ubunteo> Daviey: I don't wish to rely on CDs only but having internet at home is really damn expensive here in my country
<_ruben> not everything is available on the standard -server install cd tho...
<ubunteo> _ruben: yes. I see. I know I can install mail server and Postgre sql server role from installer CD
<Daviey> _ruben: we are actively trying to remove stuff from the iso :)
<ubunteo> _ruben: because I left those things during initial installation. but I dont know how to install them after installation . even though I tried tasksel, it didn't read from CD
<_ruben> ubunteo: after editing the sources.list and running apt-get update, it shoudl
<_ruben> Daviey: i dont care about that, personally ;)
<ubunteo> _ruben: I want to install mail server using installer server CD. how can I ? that should be done using CD alone without internet
<_ruben> Daviey: i netinstall my box anyways :)
<soren> ubunteo: No, you use apt-cdrom.
<soren> In a terminal, type: apt-cdrom
<ubunteo> soren: do you mean, apt-get update won't fix ?
<soren> No.
<ubunteo> soren: apt-cdrom is default package like nano installed by default during installation ?
<soren> Just try it.
<soren> It's free.
<ubunteo> soren: I see. but my server is without internet
<soren> Yes?
<soren> Look, it's not that hard.
<soren> Type "apt-cdrom" and hit return.
<soren> It'll take only a fraction of the time we've wasted on this discussion.
<Daviey> _ruben: good stuff.
<ubunteo> soren: How can I accomplish ?
<soren> First, you open a terminal.
<ubunteo> soren: what do I do next without internet on myserver to install apt-cdrom ?
<soren> Then you hit the key on your keyboard marked with an "A".
<soren> Then you hit the key on your keyboard marked with an "P".
<soren> Need I really go on?=
<soren> It's already installed.
<soren> You would have known this if you'd just bothered to try. It's not that hard. Just type on the keyboard.
<ubunteo> soren: I am on server. no need to open terminal bro.
<ubunteo> soren:  I am just confused. one said apt-get update will fix. you said to use apt-cdrom . what do I do ?
<soren> ubunteo: You stop asking questions and try both and see which one works.
<ubunteo> soren: I wish I could but my server is at home. and I am now at work with windows XP. easier said than done
<soren> See, you could have mentioned that.
<ubunteo> soren: according to office policy, only windows XP is allowed at work
<soren> Then you take a piece of paper and write "'apt-get update' or 'apt-cdrom'". Take it home with you. Give them a go and see what happens.
<soren> ubunteo: What are you trying to install anyway?
<soren> _ruben is probably just sensible enough to have evicted the usually completely useless knowledge about how to add a cdrom source after the fact. I, sadly, have not. I'm stuck with this in my brain, taking up valuable space.
<soren> "apt-get update" deals with dynamic sources. cdrom's are not in that category. apt-cdrom fills the gap.
<ubunteo> soren: dear bro, is there any official documenation for apt-doc ?
<soren> apt-doc?
<ubunteo> soren: sorry. apt-cdrom
<soren> There's a man page.
<soren> It's also online. http://manpages.ubuntu.com/manpages/oneiric/man8/apt-cdrom.8.html
<soren> Searching for "apt-cdrom" on your favourite search engine would probably also be helpful.
<soren> If office policy permits.
<ubunteo> soren:  thanks. I found. http://manpages.ubuntu.com/manpages.gz/oneiric/man8/apt-cdrom.8.gz  file. I think I can download and take it home and install manually with tar  - ??? option
<soren> I think my quota for how much time I want to spend on this is up now.
<soren> Read the last 4-5 things I said.
<soren> If that doesn't answer all your questions, there's nothing else I can do.
<ubunteo> soren:  I don't bother you , bro. you can ignore my post. there are so many who wants to volunteer in the world.
<soren> I'd tell you to read the lst 8 things I said, but I'm afraid of the goto-loops involved. So I won't. But you should anyway.
<ubunteo> soren:  I wish we all wish part of the solution. not part of the arguments or problem that will insult others. so thanks anyway. The reason why newbies come here to seek for help is IRC is quicker than launchpad to get interactive answer.
<ubunteo> soren:The reason why newbies come here to seek for help on IRC is that is quicker than launchpad to get interactive answer.
<ubunteo> soren: have a nice day ! thanks anyway.
<soren> I've told you exactly what to do. Numerous times. I'd count them, but I really can't be bothered. If you won't listen, that's beyond me.
<ubunteo> soren: it is good for you to take it easy to ignore my newbie questions.
<Daviey> lynxman: What is the status of bug #822142 , the merge proposal you quoted seems dead?
<uvirtbot> Launchpad bug 822142 in openvswitch "package openvswitch-controller 1.1.0~pre2.g2.ea763e0e-1ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Medium,In progress] https://launchpad.net/bugs/822142
<soren> ubunteo: Let me part this conversion with a single word: apt-cdrom
<soren> Have a magnificent day.
<ubunteo> soren: If I were now infront of my ubuntu server, I would just type in quickly rather than asking to make sure not to wait for one more day.
<lynxman> Daviey: yeah I removed the merge, you told me to integrate from upstream, I'll do that as soon as I'm finished with some Ensemble + Openstack tests I'm doing :)
<lynxman> Daviey: will be dealt with today
<Daviey> ubunteo: The real issues was that you asked a question, but didn't make it clear that you were not able to run commands right now.  soren was really rather helpful, but frustrated that it seemed you were not /trying/ his suggestions.
<Daviey> lynxman: rocking!
<lynxman> ubunteo: You keep doing the same, ignoring people answers and asking new questions, the same happened to me when I tried to help you :)
<soren> Aw.
<lynxman> ubunteo: even if you think (you're of course entitled to) that our answers might be not useful it's common courtesy to try it anyway, it's better to try and be wrong than just be right on a hunch ;)
<ersi> I think something was "lost in translation" in that session unfortunally.
<soren> ersi: Oh, wow. I think he's been here before under a different name.
 * soren tries to remember
<lynxman> soren: He has been as ubunteo before as well
<soren> lynxman: This was like 4 years ago.
<soren> https://lists.ubuntu.com/archives/ubuntu-server/2007-October/000881.html
<soren> From Myanmar as well.
<soren> rimriaz, I think was his irc nick.
 * soren searches for that.
<lynxman> soren: wow, classy email :D
<patdk-wk> heh, some people we are better without
<_ruben> wow, nice!
<lynxman> patdk-wk: I would like everyone to use Ubuntu of course, constructive criticism is always welcome (and I'm the first one to give it), but cursing on a public mailing list is not smooth :)
<patdk-wk> I would disagree with that to a point
<patdk-wk> everyone has their own tastes, there is no way everyone would be happy using ubuntu
<lynxman> patdk-wk: yeah it's a wishful thinking isn't it :)
<zul> morning
<nigelb> Daviey: Thanks for the preseeing tip a while back.
<nigelb> I just rolled that into production :)
<patdk-wk> I went with slackware for a long time, cause I didn't care about security patchs, at home
<patdk-wk> but in the workplace, used rhel, and hated everytime I updated it, it wiped my configs, or configs came back I had removed
<patdk-wk> haven't had any issues with ubuntu's updates, so I'm happy :)
<lynxman> patdk-wk: I've used a bit of everything, Slackware back in the time, RHEL, Debian, Ubuntu
<lynxman> patdk-wk: I'd just like people to find Ubuntu useful of course, and consider it a choice :)
<dschuett> i have set a static ip in /etc/network/interfaces (i have double checked the file to make sure everything is typed correctly) When i restart networking ifconfig shows that i have the correct static ip that i just set, but after a couple minutes it gives me an ip address from dhcp. any ideas?
<soren> dschuett: Yes.
<zul> die gtk-window-list die!
<soren> dschuett: You've not rebooted.
<koolhead11> hi soren
<soren> dschuett: "ifdown eth0" doesn't remember anything. It looks in /e/n/interfaces to find out how eth0 was configured.
<soren> dschuett: ...so you had it configured via dhcp, changed the config, ifdown'ed and ifup'ed. The ifdown didn't know that it had been configured by dhcp, so it didn't kill the dhcp client.
<dschuett> soren: I have rebooted twice
<soren> dschuett: ifup just set the ip, and once your dhcp lease expired, the dhcp client (which hasn't been killed yet) clobbered the config.
<soren> dschuett: WEll, the dhcp client didn't start itself, that's for sure.
<soren> dschuett: Pastebin your /etc/network/interfaces.
<Daviey> nigelb: ahh, yes.. was wondering what you were talking about :)
<nigelb> Daviey: hehe :)
<nigelb> I have to bite the bullent and learn puppet for the long run though.
<_ruben> aww .. collectd's cpu plugin only does jiffies and doesn't attempt to turn it into percentages or anything :/
<openeye> Hello people
<TheEvilPhoenix> !hi | openeye
<TheEvilPhoenix> ehh ubottu fail
<TheEvilPhoenix> anyways, greetings
<openeye> Hallo Theevilone! Can someone help me out for a second, i need to find smtpd_recipient_restrictions in the postfix master.cf?
<openeye> it is not there
<lynxman> openeye: it should be in main.cf not master.cf as far as I can recall
<openeye> indeed
<openeye> indeed
<openeye> that is the place where i am now
<openeye> if it is not there, i can just add it?
<uvirtbot> New bug: #828424 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/828424
<lynxman> openeye: hm, unless you know why and what you're doing I wouldn't, master.cf is normally just reserved for defining new subprocesses from the postfix parent process
<openeye> i need to add spf
<openeye> check_policy_service unix:private/policy-spf
<lynxman> openeye: that should go in main.cf I reckon
<openeye> that is where i am
<lynxman> openeye: then add it there :o)
<patdk-wk> well depends
<patdk-wk> you add it to master.cf if your doing something like, overriding the defaults for the submission service
<patdk-wk> but spf would be on the main port, not an override, so main.cf
<openeye> ok perfect thank you!
<lynxman> patdk-wk: that's why I was suggesting main.cf as well
<patdk-wk> but why, is also important, or they will just ask again :)
<openeye> Thank you all
<lynxman> patdk-wk: indeed
<smoser> zul, could you take a quick look at https://code.launchpad.net/~ephess/ubuntu/lucid/php5/fix-for-651049/+merge/71112
<zul> php whats that? ;)
<ersi> It's those funny guys who likes to get the same salt for every hash
<zul> smoser: commented as well
<b0gatyr> morning guys, trying to set up daemontools but somehow I do not see an  init script for svscan and when I do ps -aux | grep supervise I see the  following error: http://pastebin.com/Tc5Ns4GY
<smoser> could / would you consider sponsering that ?
<b0gatyr> if I do svstat /etc/service/dstpd I see it up and running
<b0gatyr> can anyone shed some light?
<zul> smoser: yeah once the changelog is fixed
<ubunteo> hi
<ersi> Hi again
<ubunteo> hi all , we have ISP that offer us to use proxy address to use web
<ubunteo> how can we configure that ISP connection on squid to share this connection to all clients ?
<ubunteo> how to install deb file package on server ?
<ubunteo> hi
<moonpup> anyone know how to drop all outgoing ssh traffic regardless of port using iptables? meaning the default 22 or some other random high port?
<lynxman> moonpup: that would require deep packet inspection
<moonpup> lynxman: that's what i thought...
<lynxman> moonpup: Don't think iptables can do it unless you can specify using the type module
<lynxman> moonpup: but that just cover some pretty basic scenarios
<moonpup> lynxman: what about tcpwrappers?
 * lynxman has a look..
<lynxman> moonpup: tcp wrappers will just affect how your sshd daemon accepts connections
<lynxman> moonpup: was having a look to see if there's some magical iptables modules :)
<moonpup> lynxman: hmmm... thanks for checking. I'll keep digging
<lynxman> ooh look at his
<lynxman> moonpup: http://l7-filter.sourceforge.net/
<lynxman> there was a magical module :D
<TheEvilPhoenix> well can't you use a combination of conntrack and OUTPUT filters?
<lynxman> TheEvilPhoenix: if it uses non standard ports nope
<lynxman> TheEvilPhoenix: that'd solve it for port 22
<moonpup> lynxman: i've heard of that before... need to read up on it again... thanks
<TheEvilPhoenix> -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
<lynxman> TheEvilPhoenix: but if they use port 10022 that's another issue
<TheEvilPhoenix> -p tcp --dport <nonstandardport> -j DROP
<TheEvilPhoenix> lynxman:  two rules
<TheEvilPhoenix> oine to allow established and its related in any port, the other to block all other traffic on said port
<TheEvilPhoenix> or in this case it might be --sport
<lynxman> TheEvilPhoenix: that's way too broad
<TheEvilPhoenix> or w/e it is
<TheEvilPhoenix> havent dug into iptables output yet :P
<TheEvilPhoenix> s/yet/much/
<lynxman> TheEvilPhoenix: I wouldn't feel comfortable using such a rule myself, you'd block a hell of peripheral traffic :)
<lynxman> TheEvilPhoenix: iptables is fun :)
<moonpup> lynxman: yes, true
<TheEvilPhoenix> heh
<TheEvilPhoenix> iptables is fun, but sometimes its a PITA
<TheEvilPhoenix> like one time i fubar'd the INPUT filters on a VPS
<TheEvilPhoenix> ended up blocking all external traffic
<lynxman> TheEvilPhoenix: that too, but not more than ipf, although sometimes I miss rule numbering which is not quite implicit in iptables
<TheEvilPhoenix> before i had put in a -m state rule to allow my traffic :P
<TheEvilPhoenix> heh
<lynxman> TheEvilPhoenix: tehee :)
<moonpup> lynxman: l7 may be the ticket, thanks
<lynxman> moonpup: perfect :)
<lynxman> adam_g: ping
<moonpup> lynxman: not sure the l7 project is currently active, info is years old.. :(
<lynxman> moonpup: eek
 * moonpup still reading website
<TheEvilPhoenix> oop time to get ready for class *disappears*
<patdk-wk> I think ipp2p is uptodate
<lynxman> moonpup: looks like people are still using it, found an article in linux.com explaining how to do it in CentOS 5
<lynxman> patdk-wk: ooh cool
<patdk-wk> or well, has been renamed, to opendpi now
<moonpup> what's opendpi?
<lynxman> http://www.opendpi.org
<patdk-wk> open-deep-packet-inspection, new version of ipp2p
<patdk-wk> it was meant as a l7 replacement
<moonpup> thanks guys... great find
<patdk-wk> be very careful will that though
<patdk-wk> cause all packets hitting that rule, will be very cpu heavy
<Daviey> RoAkSoAx: I'm getting quite confused what needs to be seeded for powernap
<newbie|2> Howdy.  I was having some weird trouble with my Jaunty 2.6.28-11-server kernel where it would misbehave a few times a day when sleep()ing.  The details of this are sort of a different story.  So I compiled a new kernel as per the Ubuntu community wiki article.  Now I have a kernel that seems to have solved the sleep issue but has other problems.
<Daviey> RoAkSoAx: powernap-server seemed to include the whole shebang, but added a new Dep.
<newbie|2> Ack. What is the command to change my name?
<moonpup> patdk-wk: will do, thanks
<Daviey> RoAkSoAx: python-scapy, via powerwake-common
<RoAkSoAx> Daviey: yes
<RoAkSoAx> bahh it is in universe :S
<newbie|2> Anyhow.  The first problem with the new kernel was that building it gave me a headers and image .deb which I installed.  But the headers .deb failed since it depends on "linux-headers-2.6.32-34".  Which is weird because it's name is "linux-headers-2.6.32-34-server_2.6.32-34.74_amd64.deb".  It seems like I probably missed a step in the install wherein it realized they are the same package?
<Daviey> RoAkSoAx: but it's NEVER been in main afaiks.. so how has this happend?
<newbie|2> Or maybe they actually are different packages and I don't have the base one because I'm using Jaunty which uses 2.6.28?  But if I were on Lucid, I'd already have the appropriate base headers?
<b0gatyr> hi guys, does ubuntu use init or upstart
<RoAkSoAx> Daviey: I added it as the
<Daviey> RoAkSoAx: ah, recently?
<RoAkSoAx> Daviey: I added it as the "PowerNap" server uses a ARP monitoring system that access the network through python-scapy
<uvirtbot> New bug: #829909 in mysql-5.1 (main) "package mysql-server-5.1 5.1.54-1ubuntu4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/829909
<RoAkSoAx> Daviey: the thing that it wasn't release until recently due to that those changes are just a "preview"
<Pici> newbie|2: Jaunty hasn't been supported snce October of 2010....
<RoAkSoAx> kirkland: ^^
<RoAkSoAx> .wub 19
<Daviey> RoAkSoAx: ah, did that dep land before or after FF?
 * Combatjuan was formerly known as 'newbie|2'
<RoAkSoAx> Daviey: can't remember, I didn't do the upload as things were in trunk without being released
<Pici> Combatjuan:  Jaunty hasn't been supported snce October of 2010....
<RoAkSoAx> Daviey: let me think about it and I might disable that feature and just keep it in PPA for this release
<RoAkSoAx> so that we dont have to demote powernap
<Combatjuan> Pici: I'm woefully aware of this.  And while I'm working on moving to an LTS, reality constrains me.
<Daviey> RoAkSoAx: can you make the dep optionl and add it to suggests for this release?
<Pici> Combatjuan: ah :(
<RoAkSoAx> Daviey: yes, better yet ;)
<Daviey> super!
<Combatjuan> Pici: I'd beat the man who chose to deploy non-LTS servers all around the country, but, well, he's my boss.
 * Daviey does have some production dapper servers :(
<Daviey> 2006!
<Combatjuan> Daviey: You win the legacy wars.
<Daviey> Combatjuan: Well in reality it only wentEoL in April this year.
<openeye> can someone tell me how i can add adsp on postfix? Because google gives me nothing :|
<Daviey> or was it jJune?
<Daviey> meh
<lynxman> openeye: adsp?
<patdk-wk> good question, never heard of adsp
<lynxman> patdk-wk: me neither
<patdk-wk> according to *wikipedia* if you can ever trust them, it's a new name for dkim
<zul> Daviey: how retro
<patdk-wk> or an extention
<patdk-wk> ya, new addon to dkim
<lynxman> patdk-wk: fancy stuff
<patdk-wk> that didn't explain crap for me, off the the rfc :)
 * lynxman has always been a bit wary of the effectivity of both SPF and DKIM
<patdk-wk> spf is only effective if you can use -all :)
<lynxman> patdk-wk: I use ~all to do a soft fail, helps spamassassin
<patdk-wk> dkim would be great, if people like gmail and yahoo, didn't sign all the spam they send
<allegrem> hi !
<allegrem> I've got a little problem with Apache
<lynxman> patdk-wk: that's why I'm wary of it :)
<allegrem> is there anybody ready to help me right now ?
<patdk-wk> lynxman, soft fail only helps if not all your servers are listed in the spf record
<lynxman> patdk-wk: I'm not worried about mine, I'm worried about others
<lynxman> patdk-wk: specially sites that insist in sending you confirmation emails using your email address as from (been there, suffered that)
<openeye> i am sorry
<openeye> was smoking
<openeye> yes adsp is that addon for mailservers
<openeye> http://en.wikipedia.org/wiki/Author_Domain_Signing_Practices
<allegrem> allo ??
<openeye> oeps, i whois'ed you zyga
<openeye> allo!
<allegrem> Could you please help me
<allegrem> I've got a problem with apache
<allegrem> and ecryptfs certainly
<openeye> i am sorry man, i would love to, but i am under pressure myself
<openeye> i have to install this crap for a new job
<Pici> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<patdk-wk> lynxman, heh, haven't had that issue, I reject all that have my address in from
<lynxman> patdk-wk: I maintain SPF for a fairly big platform (10k+ individual mailboxes) and SPF has been hurting me on that, that's why I switched to ~all
<allegrem> ubottu: that was for me ?
<ubottu> allegrem: I am only a bot, please don't think I'm intelligent :)
<allegrem> ubottu: thanks bot ;)
<ubottu> allegrem: I am only a bot, please don't think I'm intelligent :)
<openeye> lynxman, can you provide me with a good tut or source to install it?
<lynxman> patdk-wk: it makes SPF slightly less effective but it hands it over to spamassassin who notices the soft fail
<lynxman> openeye: I wish, never installed it, you're too advanced to my time ;)
<openeye> whut? I am just a junior :|
<patdk-wk> I don't think anything even supports adsp yet
<patdk-wk> it looks like senderid come to dkim to me
<openeye> hmm
<lynxman> openeye: try with DKIM, that's more documented, as patdk-wk says it's way too new
<openeye> yes, i am trying to get that installed also
<patdk-wk> looks like opendkim supports it, but no instructions on how to use it
<openeye> indeed
<patdk-wk> I wouldn't bother too much about it
<openeye> I have searched the nets the last 20 minutes for it, nowhere to be find
<patdk-wk> as it's unlikely anyone else is even checking adsp
<openeye> found
<allegrem> (I'm French, don't care about my English please !!) I've configured Apache with Passenger to deploy a Rails Application. All that was installed on Ubuntu Server 11.04. During installation I chose to encrypt all my hard drive. Problem : I've set up cryptsetup to get password from an usb key, it works, but Apache respond a 403 forbidden error when I try to access my Rails app unless I've logged in. I'd like to get all that working without
<allegrem> logging in (it's a server ...). I think there is a problem with ecryptfs which mount my /home/myuser directory just on login (because the Rails app is located into my /home/myuser directory). So I'd like to mount the /home/myuser directory automatically on boot. Any idea ?
<kirkland> allegrem: there's no way to do this securely
<allegrem> really ??
<kirkland> allegrem: encrypted home requires a human to enter a "secret" of some kind to decrypt home
<kirkland> allegrem: typically you do that when you login, and enter your passphrase
<allegrem> isn't there any way to load the password from my usb key ?
<allegrem> crypsetup can do that
<kirkland> allegrem: the closest you could do would be to rm ~/.ecryptfs/auto-umount
<kirkland> allegrem: and login manually once per boot, which would get the filesystem mounted
<patdk-wk> why not just put the rails app outside of your homedir?
<kirkland> allegrem: and removing that flag would prevent it from being unmounted at reboot
<allegrem> I can't login manually
<allegrem> wait
<kirkland> allegrem: then you can't use ecryptfs-encrypted-home
<kirkland> allegrem: sorry
<allegrem> you mean that if I rm this file
<allegrem> I juste have to log in once
<allegrem> and then if I reboot the server
<allegrem> ecryptfs will never ask my password again ?
<patdk-wk> things that should not be used with encryptfs, servers (apache, samba, ..., mail), cron
<kirkland> allegrem: no, you have to login once-per-boot
<kirkland> allegrem: keys are stored in memory, and forgotten at reboot
<allegrem> so it's not good ...
<allegrem> but patdk-wk had a great idea
<allegrem> if I put it in /var/www it would work ?
<kirkland> allegrem: right -- move it outside of your $HOME and you're all good
<allegrem> (and what about /root dir ?)
<kirkland> allegrem: you could even symlink it into your home, for convenience
<allegrem> is it a good idea or not ?
<patdk-wk> hmm, apache shouldn't be able to read from /root at all
<allegrem> ok
<allegrem> let's take /var/www
<allegrem> and if I just link my current location in home dir to /var/www, I won't have to re setup everything, will I ?
<allegrem> I mean : ln -s /home/myuser/path-to-my-app/myapp /var/www/myapp
<patdk-wk> that is backwards
<allegrem> and capistrano still works ?
<allegrem> I'm sorry I'm French : does backwards means drawbacks ?
<allegrem> never mind
<allegrem> you mean the command is ln -s /var/www/myapp /home/myuser/path-to-my-app/myapp ?
<patdk-wk> yep
<allegrem> ok
<allegrem> and what about capistrano ?
<lynxman> allegrem: backwards == pas droit mais le contraire
<allegrem> does he like links ?
<patdk-wk> no idea what capistrano is
<lynxman> allegrem: you should have no issue defining a new APPHOME variable or such in Capistrano and deploying to a new place
<lynxman> allegrem: my recommendation is not to deploy to your home dir and create a /var/wwwapps or such with proper permissions, deploy there, it's more clean
<allegrem> lynxman: the perfect translation is "Ã  l'envers" ;)
<lynxman> allegrem: oui mais mon Francais ecrit est minable :)
<allegrem> capistrano is a tool to deploy Rails app remotely
<allegrem> lynxman: I'm doing that right now
<lynxman> allegrem: superb
<RoAkSoAx> Daviey: done
<Daviey> RoAkSoAx: powerwake Dep issue?
<RoAkSoAx> Daviey: yes sir
<Daviey> RoAkSoAx: okay, will hold out until it's accepted.
<RoAkSoAx> Daviey: ;)
<Daviey> RoAkSoAx: Just Suggesting it?  No patch?  Doesn't that cause some pain?
<Daviey> as in, a conditional import?
<robbiew> Daviey: based on the number of steps and sacrifices to the gods it apparently takes to update the theme on help.ubuntu.com...I wonder if forking the server docs would be easier. <sigh>
<robbiew> https://bugs.launchpad.net/ubuntu/+source/ubuntu-docs/+bug/589057/
<uvirtbot> Launchpad bug 589057 in ubuntu-docs "help.ubuntu.com still uses old logo/branding" [Medium,Confirmed]
<allegrem> okay it works ;)
<allegrem> thanks a lot guys !!
<RoAkSoAx> Daviey: yes, I'll do that in trunk
<RoAkSoAx> and cut another release
<RoAkSoAx> Daviey: this is just a quick fix ;)
<openeye> ow man, this spf is not working @ all. DKIM works fine, but this spf and adsp doesn't run
<Daviey> RoAkSoAx: ah cool
<openeye> not cool
<SmokeyD> hey everyone. I am trying to move my exisiting ubuntu server installation from one harddrive to another. The first harddrive was just a plain harddrive running LVM on top of it, in the new harddrive I want to skip LVM, but create luks/dm_crypt partitions. So one separate unencrypted /boot partition, and a dm_encrypted / partition
<SmokeyD> I got the partitions setup and the data migrated, booted the machine from a livecd, mounted the new encrypted drive / partition and unencrypted /boot partition in /mnt, also added /mnt/dev and /mnt/proc from the live cd there, and chrooted into that drive
<SmokeyD> I successfully updated the ramdisk with initramfs-tools, to include the dm_crypt and sha256_generic modules and stuff
<SmokeyD> but now I want to install grub again, and I get an error "grub-probe: error: cannot find a device for /."
<SmokeyD> when I run update-grub
<SmokeyD> any ideas?
<openeye> is it mounted?
<SmokeyD> openeye, the root partition? Yeah, it is mounted in the livecd under /mnt. afrter that I added /mnt/proc /mnt/dev and /mnt/boot into it and chrooted into /mnt
<SmokeyD> so it is indeed mounted
<openeye> i was just asking buddy, no offense intended
<SmokeyD> openeye, ok :) None taken of course
<lynxman> allegrem: wohooo
<openeye> good evening everybody
<oakbox> Hi all, I have been trying to set up eBox on my 10.04 server (followed ubuntu server guide).  I already run a site on port 443, in the setup I changed the port to 10000 but looking at the logs it is still trying to run apache on port 443.  I did a dpkg-reconfigure ebox and tried resetting the port to 10000 (and other ports) but each time i look at the logs after restarting the ebox service it is trying to use port 443.  Can anyone help?
<davros> should my network go in this order? modem-wireless router-server-switch? or modem-server-wirelessrouter if setting up dhcp ?
<RoyK> davros: which box is running the dhcp server?
<davros> well right now its the wireless router
<RoyK> then that should be started early
<davros> i'm guessing tho the server could do dhcp
<RoyK> since some dhcp clients won't retry after the initial timeout (iirc linux dhcp client might not retry after a timeout)
<RoyK> it really doesn't matter - since the wireless router is important for everything else to work, it might as well run dhcp
<davros> modem-router server-everything else
<davros> this really should be this hard to set up lol
<RoyK> http://i.imgur.com/HdGSa.png
<oakbox> anyone with any info about changing ports when using ebox?
 * RoyK has no idea
<RoyK> I use the commandline for administrating servers :P
<oakbox> :) well I do too, but was interested to see what this was like.  Looks like im not going to find out :D
<adam_g> koolhead17: ping
<BrixSat> hello i have a big problem
<BrixSat> i have remover apache "apt-get remove apache2" and he still runs on the system after several reboots
<BrixSat> :S  how come?
<Pici> BrixSat: apache2 is a metapackage, you'd need to remove one of the packages it depends onm
<BrixSat> how can i know that?
<Pici> BrixSat: Its apache2.2-common
<BrixSat> nop i had that removed also
<BrixSat> apache utils :/
<BrixSat> thanks
<uvirtbot> New bug: #570950 in cloud-init "[ec2-test] ud-multipart-01 test failed on included files" [Low,Triaged] https://launchpad.net/bugs/570950
<zul> jdstrand: hey i uploaded a new openstack-dashbaord can you review it please?
<davros-> headache
<cjs226> I'm using rsyslog's imfile to watch logs that are then forwarded to a central rsyslog system. Â is it possible to have rsyslog/imfile not put a date/time stamp on each line (as the logs already have it)?
<RoAkSoAx> adam_g: o/
<RoAkSoAx> adam_g: any luck yesterda
<adam_g> RoAkSoAx: the packages in the archive seemed to be in good shape after you had left
<RoAkSoAx> adam_g: ok cool then
<RoAkSoAx> adam_g: just uploaded one new update with improvements to the squid config
<jdstrand> zul: looking
<adam_g> RoAkSoAx: neat. have you gotten it going in the lab yet?
<RoAkSoAx> adam_g: still no access
<RoAkSoAx> adam_g: Daviey already took care of it though
<RoAkSoAx> so it should just be matter of tie
<adam_g> RoAkSoAx: took care of what? access or having orchestra there?
<RoAkSoAx> adam_g: he filed a rt
<adam_g> RoAkSoAx: oh. ive got access. i might see how far i get in the meantime
<RoAkSoAx> adam_g: I'll walk yo through it if you need any help
<RoAkSoAx> that's no prob at all
<davros-> dhcp3 server? y?
<RoyK> RoAkSoAx: what changes did you make?
<RoAkSoAx> RoyK: to what?
<RoyK> 20:24 < RoAkSoAx> adam_g: just uploaded one new update with improvements to the squid config
<RoAkSoAx> RoyK: one was use aufs instead of ufs and the other one was related to the cache size i believe
<RoyK> RoAkSoAx: sounds good, but I hope aufs is built in the ubuntu release? squid docs says only ufs is built by default
<RoAkSoAx> RoyK: squid's upstream recommended the change ;)
<_ruben> wondering how bug #135037 will progress, as collectl appeared to have landed in debian unstable
<uvirtbot> Launchpad bug 135037 in ubuntu "[needs-packaging] collectl" [Wishlist,In progress] https://launchpad.net/bugs/135037
<josePhoenix> Hello all
<josePhoenix> Is it possible to install ubuntu server from an ubuntu desktop disk?
<josePhoenix> Our data center manager keeps using the wrong ISO and I'd rather not bother him again
<alamar> josePhoenix: you should try to fight the cause not the symptoms ;)
<josePhoenix> Well I'm a student employee so I can't really affect that ;]
<josePhoenix> My street cred over there is pretty low at the moment, anyway >.>
<genii-around> josePhoenix: If you have the desktop disk booted up, you can go to terminal, prep and mount wherever the install is going, then use debootstrap
<genii-around> Then you have a base cli box, can use tasksel to install the server components
<tarvid> I would like to mount a USB drive which I think is CIFS
<tarvid> dmesg shows no new output when I plug it in
<giovani> tarvid: CIFS is a network protocol, your USB stick isn't CIFS
<giovani> if dmesg shows no output after plugging it in, either your usb host adapter isn't working (or you don't have drivers loaded for it) or the usb stick is broken
 * RoAkSoAx brb
<tarvid> It works on a Buffalo router
<tarvid> II told the router to format the drive CIFS
<giovani> tarvid: CIFS is how the router/NAS is sharing the filesystem, but the filesystem itself is not CIFS
<giovani> as I said, CIFS is a network protocol
<tarvid> how do I detect the file system?
<giovani> if there's no output on dmesg, then the usb bus hasn't even detected the usb stick, so you can't even begin to detect the filesystem
<giovani> paste the full output of dmesg to http://pastebin.ubuntu.com
<tarvid> I can  mount it on the router and access it from the Ubuntu box
<giovani> tarvid: that's not what you're asking about though
<tarvid> I'd like to mount it on the Ubuntu box which is my gateway
<tarvid> the router is just for my wireless netwpork
<giovani> you said you were trying to plug in the usb stick
<giovani> not mount it remotely over CIFS
<giovani> you're being very unclear at this point
<tarvid> that is correct
<tarvid> the Ubuntu box is on the public Internet, the router is behind it
<giovani> unless you clear up the expalnation, I can't help you
<tarvid> I'd like to be able to access the drive from the Internet side
<tarvid> that is on the Ubuntu box
<tarvid> I'll try again
<tarvid> I have a 250GB drive on a Buffalo router
<tarvid> I can access it over the network
<tarvid> I'd like to plug that drive into an Ubuntu box and mount it
<giovani> tarvid: ok, so plug in the usb drive to your ubuntu machine, and paste the dmesg output (after plugging in the usb drive) to http://pastebin.ubuntu.com
<tarvid> http://pastebin.ubuntu.com/674120/
<tarvid> there was no output
<tarvid> giovani, plugged it back into the router and it says FAT
<tarvid> so the problem is that Ubuntu doesn't recognize the USB to SATA bridge?
<giovani> tarvid: that's not the full dmesg output
<tarvid> no it is the last two lines
<tarvid> there was no change after plugging in the drive
<giovani> tarvid: what if the important output was before those two lines? ;)
<giovani> tarvid: FAT is indeed a filesystem -- so that's the filesystem of the usb device
<giovani> it's not about "detection" of the usb-sata bridge
<giovani> either the usb port you're plugging it into is broken
<giovani> or you don't have any drivers loaded for the usb host adapter
<giovani> any other condition would result in dmesg output
<tarvid> tried two ports but will pull the scanner which works and try that one
<davros-> sometimes even "easy setups" make me feel like an idiot, who knows of an easy to understand guide on server set up? i tryed dhcp3-server today only ending in no connect to the server. dunno why i cant get this right lol
<tarvid> giovani, may have been the unpowered usb hub
<tarvid> http://pastebin.ubuntu.com/674145/
<_ruben> unpowered usb hub + 2.5" "adapter-less" usb hdds tend to be a no go indeed
<bluekelp1> why in 11.04 does "cat file.iso > /dev/cdrom" not work?  i have correct perms, nor does it work as root
<bluekelp1> complains about read-only file system.  same if i use /dev/cdrw, /dev/sr0 or anything else.
<tarvid> do I need another package to mount VFAT drives?
<giovani> tarvid: that's quite possible -- usb hard drives tend to suck down a lot of juice
<giovani> tarvid: nope, fat support should be there automatically -- just "mount /dev/blah /media/blah"
<tarvid> mount: /dev/sdb1: can't read superblock
<tarvid> could be Buffalo doesn't do it in  Ubuntu compatible way
<patdk-lap> bluekelp, cause cdrom is a read only device
<patdk-lap> you need to talk scsi to it, and need a program to convert that iso into a string of scsi commands
<tarvid> /dev/sdb1   *           1       30401   244196000+   c  W95 FAT32 (LBA)
<patdk-lap> mount -t vfat /dev/sdb1 /mnt
<patdk-lap> are you sure your giving that usb drive a full 1amp of power?
<tarvid> mount: wrong fs type, bad option, bad superblock on /dev/sdb1,
<patdk-lap> maybe it was never formatted?
<tarvid> now plugged into the usb port on the motherboard of an old dell
<patdk-lap> what does blkid give you?
<tarvid> /dev/sdb1: UUID="27aab788-3715-4969-8280-033c0cb73363" TYPE="xfs"
<patdk-lap> normally the usb ports on the motherbord (back) are the only ones that will give a full amp
<patdk-lap> well, it's xfs, not windows :)
<patdk-lap> install xfs drivers
<tarvid> /dev/sdb1   *           1       30401   244196000+   c  W95 FAT32 (LBA)
<patdk-lap> the partition table means nothing
<patdk-lap> that is just a guess
<patdk-lap> apt-get install xfsprogs should probably do it
<tarvid> apt-get install xfsprogs
<tarvid> mount: /dev/sdb1: can't read superblock
<patdk-lap> not sure if you need -t xfs
<patdk-lap> or anything else on there, never used xfs
<tarvid> root@ubuntu:/media# mount -t xfs /dev/sdb1 /media/usb - same thing
<bluekelp1> patdk-lap: older ubuntu versions did this just fine. the OS takes care of that. that's the power of unix.
<bluekelp1> patdk-lap: i am confused if something changed in the OS (only minor kernel rev diff) or what
<patdk-lap> never heard of that
<patdk-lap> dunno, google seems to say it's not possible
<patdk-lap> I wouldn't even believe cat could keep up wit hthe burn speed, printing char be char to a block device is slow
<tarvid> thanks for the help, I am going to back u7p that drive before I attempt xfs_repair
<RoyK> RoAkSoAx: I can see that :)
<FreezingDroid> apt-get install linux-source-3.0.3
<FreezingDroid> Oops, wrong window
<FreezingDroid> When I run "apt-get install linux-source-3.0.3" it says it can't find the package
<lenios_> FreezingDroid, not surprising, try apt-cache search linux-source
<uvirtbot> New bug: #833404 in samba (main) "cifs automount crash (guess, its the same from commandline)" [Undecided,New] https://launchpad.net/bugs/833404
<kirkland> RoAkSoAx: hmm, is the LoadMonitor in PowerNap working correctly for you?
<kirkland> RoAkSoAx: can you give it a try?
<DanaG> Any of you guys know HP internal people?  I've found some firmware bugs in my Microserver that I'd like to tell somebody useful about.
<FreezingDroid> How can I disable networking at boot?
<Robinux> FreezingDroid, i think that is very basic and you might find tutorials in google, sorry i'm a *nix noob got no idea how
<maccam94> aieeeeee, my raid appears to be broken >_< anyone here good at debugging raid, or can you point me to a channel for mdadm?
<RoAkSoAx> kirkland: sure, what seems to be going wrong?
<RoAkSoAx> kirkland: i think it is the "n" as number of CPU's
<RoAkSoAx> kirkland: i think now powenap-now is broken :S
#ubuntu-server 2011-08-25
<RoAkSoAx> kirkland: nevermind it is working
<RoAkSoAx> kirkland: the load monitor seems to be working just fine though
<RoAkSoAx> ok so yeah powernap-now is broken when action is powersave as it should have entered into poweresave mode. It has executed pm-powersave but it is not runing in powersave mode
<RoAkSoAx> kirkland: but the LoadMonitor seems to be working correctly
<RoAkSoAx> kirkland: I'll track then issue later since I'm on my way out
<kernelpanicker> I just installed Mailman, only to read in separate documentation I should have set it up under a specially created mailman user and group... what should I do?
<kalkin-> hi guys
<kalkin-> please fix this http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=553173
<uvirtbot> Debian bug 553173 in javascript-common "javascript-common overrides /javascript globally in apache2" [Important,Open]
<uvirtbot> New bug: #833499 in nova (universe) "virt/disk.py unconditionally inserts  public_keys into /root/.ssh/authorized_keys" [Undecided,New] https://launchpad.net/bugs/833499
<spacin> if my server is the dhcp server can i add a wireless router?  how would that be handled?
<CluelessPerson> hi
<CluelessPerson> How do I enable internet storage space, such as SAMBA, over the internet?
<CluelessPerson> but secured, of course.
<CluelessPerson> My little brother has entered college with a laptop, and I'd like to enable him to connect to a secure storage location on my server so he can  securely put files there for acess wherever he wants.
<jmarsden> CluelessPerson: sshfs is one way to get there.
<SpamapS> 18889 clint     20   0 1744m 514m  10m S    6 13.1   0:32.37 java
<SpamapS> Oh java
<SpamapS> you're such a pig
<SpamapS> :-P
<CluelessPerson> jmarsden I prefer something simpler to an average computer user.
<jmarsden> CluelessPerson: Then have him use an existing service such as dropbox or box.net or whatever... :)
<SpamapS> CluelessPerson: sshfs is really simple
<SpamapS> CluelessPerson: give it a try before you write it off
<SpamapS> CluelessPerson: you can also just setup winscp for him
<CluelessPerson> SpamapS jmarsden  I just googled it, at first glance it looked like it required command line connection or setup for him, which I want to avoid.
<CluelessPerson> SpamapS jmarsden  Initial command line setup is okay, but after that it needs to be incredibly simple,  and it looks like SSHFS might actually do that.
<SpamapS> :)
 * SpamapS goes to join the real world for a bit
<CluelessPerson> god
<CluelessPerson> I forget the command to delete files.
<CluelessPerson> remove?
<CluelessPerson> sudo remove -R stuff
<CluelessPerson> ?
<jmarsden> CluelessPerson: http://crosswire.org/~jmarsden/talks/intro-to-the-linux-command-line/intro-to-the-linux-command-line.html
<CluelessPerson> rm, that's right.
<CluelessPerson> how do you keep an ssh user or sftp user in their home directories?  and not allow them to explore the rest of the system?
<twb> CluelessPerson: do you have lucid?
<twb> http://paste.debian.net/127314/
<twb> (Obviously you need to uncomment it)
<twb> jmarsden: have you seen s5?  It turns a page like that into a slideshow doodad
<twb> 13:39 <CluelessPerson> How do I enable internet storage space, such as SAMBA, over the internet?13:39 <CluelessPerson> but secured, of course.
<twb> Your only real alternative to SSHFS/SFTP is AFS, which is orders of magnitude more complicated for end users
<uvirtbot> New bug: #833519 in nova "lxc in nova will happily attempt to run x86_64 container on i686 arch" [Undecided,New] https://launchpad.net/bugs/833519
<uvirtbot> New bug: #833530 in nova (universe) "nova-compute-lxc is missing dependency on qemu-kvm" [Undecided,New] https://launchpad.net/bugs/833530
<uvirtbot> New bug: #833542 in samba (main) "samba 2:3.5.8~dfsg-1ubuntu2.3 failed to upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/833542
<RoyK> morning
<CluelessPerson> hey guys
<CluelessPerson> what is your favorite torrent server with a webui to use on your servers?
<twb>  torrents blow and web UIs blow, but ISTR one that had a kinda OS X-style purple squid thing as its icon
<twb> "muppet" or something
<ersi> CluelessPerson: Well, I like 'rtorrent'. AFAIK there's a few webguis for it as well. Never used one of those myself though.
<trapmax> torrentflux?
<CluelessPerson> any other ideas?
<ersi> I dunno.. maybe transmission has a web gui as well..
<RyanP> Transmission has a web interface.
<CluelessPerson> awesome
<CluelessPerson> I see other people suggesting that as well
<CluelessPerson> I've used deluge in the past, but it's a pain to set up
<twb> What's the point, anyway?
<twb> apt doesn't work properly over bt yet
<RyanP> Downloading stuff?
<ersi> I usually get my discs (like ubuntu-server-amd64.iso) via bittorrent
<ersi> got a machine pretty much always up.. so, free seedin'
<twb> ersi: install ISOs are pretty useless
<twb> Just use a mini.iso
<twb> Unless your building an airgapped machine, which most people aren't
<CluelessPerson> hrm
<CluelessPerson> I can't find the tranmission settings/config files
<CluelessPerson> do you guys know where they are?
<CluelessPerson> supposed to be in $home/.config/
<CluelessPerson> but that doesn't exist.
<CluelessPerson> cd ..
<CluelessPerson> clear
<CluelessPerson> dir
<CluelessPerson> lol, woops
<ersi> CluelessPerson: It's in .config/transmission/ for me
<RoyK> bug 833562
<uvirtbot> Launchpad bug 833562 in grub2 "grub-update doesn't check for removal kernels" [Undecided,New] https://launchpad.net/bugs/833562
<RoyK> bug 833562
<uvirtbot> Launchpad bug 833562 in grub2 "grub-update doesn't check for removal kernels" [Undecided,New] https://launchpad.net/bugs/833562
<RoyK> stupidobot
<koolhead11> RoyK, howdy
<twb> GRRR.
<twb> parted /dev/sdc mkpart primary 0% 1GiB # does completely the wrong thing
<twb> parted /dev/sdc mkpart primary 0% 1024MiB # works perfectly
<_ruben> twb: "lovely"
<twb> And I don't trust "set 1 raid on" to DTRT WRT setting the partition type to what mdadm --scan requires
<incorrect> can ubuntu one be used with a server? i guess what i mean is there a cli to it?
<_ruben> incorrect: try restating your question in such a way that it makes sense :)
<incorrect> is there a cli to ubuntu one?
<_ruben> oh wait, i missed the 'one' part :)
<_ruben> wouldn't know a thing about that :)
<incorrect> i do have a bad habit of talking rubbish
<ersi> incorrect: http://joysofprogramming.com/u1sdtool-ubuntu-one-command-line-tutorial/
<incorrect> oh great!, thanks i was struggling to find any other than gui stuff
<incorrect> lets see if i can get it working on lucid now
<incorrect> oh right you still need a fully working desktop for the cli to work
<ersi> aw, that's not nice
<ogra_> utlemming, did you do any furter work on bug 803547 ? (read: is ther ext4 support upstream now) ?
<uvirtbot> Launchpad bug 803547 in live-build "live-build lacks EXT4 support for binary image types" [Undecided,Invalid] https://launchpad.net/bugs/803547
<ogra_> *further
<uvirtbot> New bug: #833684 in postgresql-9.1 (main) "[FFE] Update PostgreSQL to 9.1, drop 9.0" [Medium,Fix committed] https://launchpad.net/bugs/833684
<zul> morning
<Ursinha> Daviey: hola
<Daviey> Ursinha: hey!
<Daviey> Is it that time already?
<Ursinha> yes sir
<lynxman> zul: morning
<smoser> hallyn, are you around these days ?
<uvirtbot> New bug: #825598 in libcgroup (universe) "cgred init script references wrong default file and uses bad options" [Undecided,Fix committed] https://launchpad.net/bugs/825598
<hallyn> smoser: sorry, not really
<smoser> hallyn, no problem.
<zul> hey lynxman
<zul> arrrrrrgh.....0.9.4 ftbfs
<pmatulis> the slapd install now sets up a default DIT, is there an elegant way to prevent that (go back to barebones)?
<zul> pmatulis: no
<SpamapS> wha?
<pmatulis> it would have been logical to prompt the user for what suffix to use, basing it off the local domain by default is... argh!
<SpamapS> zul: why can't we have a debconf low priority question that can be pre-seeded?
<zul> SpamapS: uh....context?
<zul> SpamapS: oh the openlap stuff? i wasnt the one who wrote it
<pmatulis> i opened a bug on it
<spacin> what the heck? dhcp3-server is giving out ip's that are not connected to the internet?
<cloakable> Have you set the default gateway in it?
<spacin> ya I thought I did
<cloakable> check :P
<spacin> lol
<cloakable> Also, dns
<cloakable> Also, you may find dnsmasq to be simpler
<uvirtbot> New bug: #833818 in openldap (main) "default DIT suffix should be definable by user (debconf/preseed)" [Undecided,New] https://launchpad.net/bugs/833818
<spacin> dnsmasq is like dhcp3?
<hggdh> Daviey: just for the record, we will need to *sync*, not merge, ajaxterm later on. The Debian maintainer explained the need for the dh_python2 actions, and kees accepts it
<lynxman> SpamapS: ping, can I bother you for 5 mins? Have a question about ssh id chaining in Ensemble
<Daviey> hggdh: can you link me to where the DM explained?
<hggdh> Daviey: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=638332#10
<uvirtbot> Debian bug 638332 in ajaxterm "ajaxterm: updates required for Main inclusion on Ubuntu" [Normal,Fixed]
<spacin> hmmm somehow my gateway is 0.0.0.0
<SpamapS> lynxman: sup
<RoyK> lynxman: Ensemble?
<lynxman> RoyK: yeah
<jpds> RoyK: https://ensemble.ubuntu.com/
<RoyK> sorry, don't know that one...
<SpamapS> RoyK: it has only really existed since this past spring. :)
<zul> jdstrand: for openstack-dashboard providing a get-orig-source should be ok shouldnt it?
<jdstrand> zul: that is fine, but it is nice to mention it in README.source or a commented watch file so it is easy to find
<RoyK> SpamapS: IC - guess I need to look into that when^Wif I find time some day
<Daviey> RoAkSoAx: Yes, looking at the cobbler system add script.. I really need to know why it needs to do more
<Daviey> It probably has wider concerns, regarding the new cobbler-enrol magic.
<adam_g> Daviey: that script is uing mac address as the name, cobbler-enroll uses a custom name (presumably hostname), so it should be okay there
<Daviey> adam_g: ah, ok - rocking
<Daviey> adam_g: i liked your changes btw.
<adam_g> Daviey: oh, cool! i wanted to look at adding SSL but figured it should be rearranged a bit to make it more easily extended
<Daviey> adam_g: Do you fancing making a start at the state machine for handling input? :)
<adam_g> kinda went nuts. not done yet
<adam_g> Daviey: not sure what you mean
<Daviey> ^^ the udeb magic is actually a priority.
<uvirtbot> Daviey: Error: "^" is not a valid command.
<Daviey> adam_g: So, currently it doesn't take input at d-i, right?
<adam_g> Daviey: oh, dont know about any of that
<adam_g> Daviey: where would it get its input from d-i?
<Daviey> adam_g: It's simply bash really..
<Daviey> adam_g: http://www.fifi.org/doc/debconf-doc/tutorial.html
<adam_g> Daviey: oh, thats what i thought. well then it should work, no?
<Daviey> adam_g: so the postinstall for the udeb needs to contain snippets like this - http://pb.daviey.com/hGoj/
<Daviey> db_get foo/like_debian
<Daviey> if [ "$RET" = "false" ]; then
<Daviey> ^^ handles state
<uvirtbot> Daviey: Error: "^" is not a valid command.
<Daviey> So if it's not preseeded OR answered, then it asks for user input
<adam_g> gotcha
<adam_g> brb coffee
<Daviey> adam_g: "Letting the User Back Up" is probably a better reference TBH
<RoAkSoAx> Daviey: the reason behing why I'm chaging adam_g script is because for ensemble to work, the system names need specific parameters, i.e. the systema name should be DNS addressable, the MAC should be defined, power management should be defined, management class should be defined,
<Daviey> RoAkSoAx: ok, i am concerned that that with the new tool, it's not addressesing power or management class.
<RoAkSoAx> Daviey: creating the management classes is done by orchestra itself when it is installed, otherwsie it is not needed
<RoAkSoAx> Daviey: your cobbler enroll should not take care of assigning management classes for ensemble I believe
<Daviey> RoAkSoAx: yes, but cobbler-enrol doesn't pass management class - does it?
<Daviey> RoAkSoAx: ah ok
<RoAkSoAx> Daviey: you might install just cobbler and then use cobbler-enroll and you won't need to pass management classes because you might not even have them
<Daviey> RoAkSoAx: Yes, but i imagined that it should be optional
<Daviey> I think that is something we can be concerned with after it's reached the archive
<RoAkSoAx> Daviey: we could have a ensemble-setup command on orchestra side to set the default values to systems created by cobbler-enroll
<Daviey> adam_g: Sorry to throw this onto you, it was something i was looking forward to doing.
<RoAkSoAx> Daviey: orchestra-ensemble-setup
<Daviey> adam_g: I'd really like to upload it before beta freeze.. is that viable?
<Daviey> RoAkSoAx: hmm, ok - that sounds ok.
<Daviey> RoAkSoAx: TBH, there needs to be a default incoming queue IMO.
<RoAkSoAx> Daviey: right, but you cannot tell cobbler-enroll to assign orchestra-ensemble-available management class to a systme, when the class might not exists, and this class is setup by orchestra
<RoAkSoAx> not by cobbler
<RoAkSoAx> Daviey: now, is cobbler-enroll gonna be shipped with orchestra or with cobbler?
<Daviey> RoAkSoAx: no, but the udeb can suggest a default to try.. Anyway, this is polish we can brush on later.
<Daviey> RoAkSoAx: standalone
<RoAkSoAx> Daviey: ok, so in that case we are not gonna be certain about thje environment unless we query it
<RoAkSoAx> Daviey: I believe that querying and giving the option would be the way to go
<Daviey> RoAkSoAx: totally agree.. not sure we can manage that at this stage TBH.
<Daviey> I hoped we could query for profiles aswell.
<RoAkSoAx> Daviey: yes, orchestra after import will create a profile for -ensemble
<koolhead17> hi all
<zul> jdstrand: cool i just uploaed a newer one
<Daviey> RoAkSoAx: Yes, but just a "to-be-sorted" profile, perhaps
<adam_g> Daviey: sorry, just got back.
<Daviey> adam_g: np
<adam_g> Daviey: still not sure exactly what needs to be done or where. is it essnetially work that needs to be done to integrate the tool into the installer?
<Daviey> adam_g: yes, exactly!
<Daviey> adam_g: I just managed to drop something that was tieing me up.. So i can be more involved.
<zul> utlemming: ping
 * hggdh is interested in this integration with d-i
<RoyK> d-i?
<Daviey> hggdh: \o/
<Daviey> RoyK: Debian-installer.
<hggdh> yes
<hggdh> Daviey: this is fantastic, it is getting to be a real group work :-)
<Daviey> hggdh: Shame we didn't try it earlier eh? :)
<ersi> oh god, why did the debian page choose Swedish for me
<ersi> automagic language detection makes me cringe :(
<ersi> oh, looks neat
<Daviey> ersi: Learn a new language whilst you hack!
<ersi> I'm a Swede :)
<Daviey> oh!
<ersi> but all my language strings in the browser are set to en_US
<SpamapS> utlemming: ping
<utlemming> SpamapS: pong
<SpamapS> utlemming: I'm trying to figure out why your branch and ubuntu:glance don't seem to have common ancestors
<SpamapS> utlemming: what did you branch?
<SpamapS> DarkwingDuck: hey, I still have your t-shirt here... ;)
<utlemming> SpamapS: the merge request is for lp:~openstack-ubuntu-packagers/glance/ubuntu not lp:ubuntu/glance
<SpamapS> utlemming: oh fun
<DarkwingDuck> SpamapS, Sweet :)
<DarkwingDuck> SpamapS, We're going to have to figure something out LOL
<zul> utlemming: ping where is the arm image again?
<utlemming> zul: http://uec-images.ubuntu.com/oneiric/current
<zul> utlemming: oh they are "official"?
<SpamapS> DarkwingDuck: they have this thing called the mail.. its amazing.. trucks going back and forth every day!
<utlemming> zul: as long as official has " " around it
<SpamapS> DarkwingDuck: super boring.. I know
<DarkwingDuck> SpamapS, Wait, they still do that?!
<utlemming> zul: the images are not qemu-runnable with the installed OMAP kernel though
<zul> utlemming: ok i should try them on "real" hardware then :)
<utlemming> zul: yup. Alternatively you can download and use the Linario vexpress kernel. The only problem is that networking in qemu is flaky, but at least it'll start
<zul> utlemming: ah i was thinking of trying to run them on openstack now
<utlemming> zul: oh, they should be fine for that
<utlemming> zul: raw disk images of around 800MB I believe
<zul> ouch
<utlemming> (uncompressed)
<SpamapS> so.. this new upstream version of glance has features in it
<utlemming> zul: http://www.amazon.com/AmazonBasics-Class-SDHC-Flash-Memory/dp/B004Q3R9BA/ref=sr_1_1?s=pc&ie=UTF8&qid=1314297536&sr=1-1
<SpamapS> --use-syslog jumps right out at me
<zul> SpamapS: yes amazing isnt it? :)
<zul> utlemming: heh
<SpamapS> Since I'm really unfamiliar w/ glance and openstack, somebody else needs to file that feature freeze exception
<utlemming> SpamapS: is a FFe needed since this isn't going into the ubuntu/glance source tree? yet
<SpamapS> utlemming: its definitely needed before upload
<SpamapS> Its a tiny feature, no sweat
<SpamapS> just need to dot the i's and such
<spacin> gateway 0.0.0.0 ga that's gonna work
<zul> SpamapS:  are you talking about the kombu/amqplib stuff?
<SpamapS> zul: the diff between 980 and 981 adds a --use-syslog flag to glance.
<zul> ok
<SpamapS> I'd suggest filing and trying to get it shoved through fast.
<SpamapS> Otherwise the glance bugs fixed in the 981 branch aren't going to get fixed for beta1
<SpamapS> might already be too late actually
<zul> well its still in universe
<GrueMaster> Has anyone tested iscsi recently on x86/amd64?  I am seeing a kernel null pointer oops on armel and was wondering if it was reproducible on x86 hw..
<RoyK> GrueMaster: out of curiosity, what sort of armel machine are you using?
<zul> GrueMaster: no
<GrueMaster> omap4.
<GrueMaster> Panda
 * RoyK is still waiting for his panda :P
<GrueMaster> Not seeing any issues with my panda target.  Only the initiator.
<RoyK> GrueMaster: can you pastebin the OOPS?
<GrueMaster> I already filed a bug.  Bug 833977 has the oops output.
<uvirtbot> Launchpad bug 833977 in linux-meta-ti-omap4 "kernel oops when using iscsi on arm" [Undecided,New] https://launchpad.net/bugs/833977
<RoyK> so OOPS -> Panic?
 * RoyK has no idea - sorry
<GrueMaster> Looks like it hits a null pointer oops, then spirals into an interrrupt panic.  System is completely frozen at that point, and since it is during a netinstall, no syslogs are recoverable with a reboot.
<uvirtbot> New bug: #828721 in glance (universe) "When purged, the glance user is not removed" [Medium,Fix committed] https://launchpad.net/bugs/828721
<Daviey> adam_g: so adding ssl support to cobbler-enrol serves no purpose for oneiric.  The creds are passed via preseed using http anyway
<adam_g> Daviey: oh , cool
<adam_g> Daviey: you may want to do that udeb stuff now that im not blocked anymore on the test rig :\
<adam_g> you can probably knock it out a lot quicker than me,a t this point
<Daviey> adam_g: It's not going to land before beta freeze now.. so it's less of a rush, but i'll get cracking
<adam_g> ok. is 'enrol' an english thing? :)
<Daviey> adam_g: best i can come up with is :) http://www.thefreedictionary.com/enrol
<Daviey> http://en.wikipedia.org/wiki/Enrollment
<adam_g> Daviey: oh i meant enroll vs enrol.
 * Daviey runs away from this debate. :)
<CluelessPerson> Hey
<CluelessPerson> I can't find the configuaration files to something I just installed
<CluelessPerson> the FAQ says that they are in ~/.config/deluge/
<CluelessPerson> but there's nothing there.
<CluelessPerson> so..
<_ruben> so... you'll need to creat it yourself
<_ruben> packages tend to not create files in users' homdirs
<_ruben> homedirs too
<CluelessPerson> and I don't want it running as root anyway
<CluelessPerson> I'd want it running as it's own user deluge
<CluelessPerson> ahahahah
<CluelessPerson> got it. :D
<CluelessPerson> installed correctly
<kernelpanicker> We're moving out mail from our site 'example.com' to a dedicated mail server projects.example.com.  I set up Mailman for our lists on the new server to test them, but now I need to make the lists list@example.com as opposed to list@projects.example.com... not sure where to do this, any ideas?
<guntbert> kernelpanicker: I cannot help you but in any case it would probably make it easier to help you if you did not obfuscate domain/server names :)
<uvirtbot> New bug: #834070 in xserver-xorg-video-intel (main) "Daily builds oneiric-desktop-amd64.iso since 08/17/11 are useless" [Undecided,New] https://launchpad.net/bugs/834070
<dv310p3r> On my desktop when I use terminal, I can scroll around in terminal just fine. When I ssh into a box though I can't scroll up or down, yet others on a mac sshing into the same box can. What am I missing?
<guntbert> dv310p3r: is screen running in that box?
<dv310p3r> guntbert, I do use it yes.
<guntbert> dv310p3r: if so then you need to press ctrl+a, then <esc> to get into "copy mode" there you can scroll
<dv310p3r> guntbert, got it, Thanks!
<guntbert> dv310p3r: you're welcome :-)
<utlemming> zul: you still around?
<zul> utlemming: barely...whats up?
<CrazyGir> hello!
<CrazyGir> I am helping a client with some admin work and am a bit tripped up with a serial console setup
<CrazyGir> they have a rack full of systems, with a mac mini setup with a usb serial console to each of the 8 or 10 systems
<CrazyGir> I used the serial console last week, and aside from it being a little cumbersome, I was able to get into the 8 that i needed to
<CrazyGir> trying this again this week, I'm only able to get into two of the systems
<CrazyGir> all others just show the serial terminal as "connected" but I get no login prompt
<CrazyGir> I have network access to the systems in quest, so I can fiddle as needed
<CrazyGir> could there be something (on the servers) that would need to be reset/verified in such a way to bring the consoles back up?
<soren> CrazyGir: What happens if you hit return a couple of times?
<CrazyGir> nothin
<CrazyGir> *nothing
<CrazyGir> soren: I'm guessing serial stuff in ubuntu is all configuration and no services/etc
<soren> I'm not sure what you mean by that.
<soren> When you say "nothing", does that also exclude the cursor moving at all?
<CrazyGir> Connected.
<CrazyGir> that's it :)
<soren> So the cursor doesn't move when you press return?
<CrazyGir> nope
<CrazyGir> and I'm unable to close the connection with ~. (cu)
<soren> Ok. How did you set it up to begin with? Can you pastebin the upstart job that runs getty for you?
<CrazyGir> oh werid..
<CrazyGir> ctrl-c
<CrazyGir> something must have been running on the server
<soren> Not anymore :)
<CrazyGir> yea
<CrazyGir> but that's odd because all but 2 did this
<CrazyGir> interesting.. let's see if this continues to work :P
<CrazyGir> soren: in cu, ~. is the way to close the connection, right?
<soren> Haven't used cu in a decade and a half.
<CrazyGir> hah
<CrazyGir> if I new how to install software on this macmini, I would do it
<soren> Running OSX?
<soren> Yes, ~. means "Terminate the conversation" according to cu's man page.
<soren> Hahhahahah:
<soren> BUGS
<soren>        This program does not work very well.
<soren> Set expectations low. I love it.
<CrazyGir> hah
<CrazyGir> that's hilarious
<CrazyGir> bah, so far the same isn't applying to the next system :(
<soren> That would be too easy.
<CrazyGir> yea
<soren> You could log in over the network and see what (if anything) has /dev/ttyS0 open.
<CrazyGir> serial consoles can be such a pain
<CrazyGir> not a bad idea
<CrazyGir> the only issue is that I don't know which console on the mac goes to which server :P
<CrazyGir> that was my first task..  map it out
<soren> Log into all of them "echo $HOSTNAME > /dev/ttyS0"
<openeye> good evening
<openeye> everyone
<openeye> i would like to get some of your experience and knowledge.
<openeye> do you guys know an easy way if a mail has been delivered, but then automaticly every 5 min
<kirkland> Daviey: RoAkSoAx: does cobbler-enroll give a machine a "class" label?
<Daviey> kirkland: a management class?
<CrazyGir> I have a raw kvm disk image which I have setup on a loop back via losetup (per these notes: http://blog.piotrj.org/2009/03/mounting-raw-kvmqemu-image.html), and while the partitions show up in cfdisk /dev/loop0, I am unable to mount any specific partition
<kirkland> Daviey: cobbler can classify machines, give them a "class"
<kirkland> Daviey: i have some logic in byobu's ec2_cost that maps a given system to the closest aws instance type equivalent
<kirkland> Daviey: i was thinking about pulling that out to a standalone utility
<kirkland> Daviey: that cobbler-enroll could use, and give a machine a "class" of m1.large, or t1.micro, or cc1.xlarge, etc.
<kirkland> Daviey: so that ensemble (or an admin) could query cobbler for an "m1.large" type machine
<kirkland> Daviey: make sense?
<CrazyGir> ah, well I see how kpartx is supposed to be used to add the partition mappings.. but they don't seem to exist in dev to then be mounted..
<Daviey> kirkland: sure does... So the requirement for a management class was only identified today.  That can be added, but not currently part of the code (patches welcome! :)
<kirkland> Daviey: related to https://bugs.launchpad.net/ensemble/+bug/829397
<uvirtbot> Launchpad bug 829397 in ensemble "Link a service to a type of hardware" [Undecided,Confirmed]
<kirkland> Daviey: niemeyer's recommendation is to "use Cobbler's machine classes to hand-tweak the placement"
<CrazyGir> ah, they're under /dev/mapper
<CrazyGir> got it. wow, that was painful
<kirkland> Daviey: i was just thinking that we'd need to basically tag or label machines in cobbler with their closest AWS parlance
<Daviey> kirkland: Yeah.. RoAkSoAx is closer to that issue than myself.
<kirkland> Daviey: cool, thanks
<Daviey> kirkland: But if you want to get your hands dirty, you are more than welcome :)
<kirkland> Daviey: perhaps, let me see what we need to tackle next week
<kirkland> Daviey: did cobber-enroll land in oneiric?
<kirkland> RoAkSoAx: could you add your thoughts on https://bugs.launchpad.net/ensemble/+bug/829412 ?
<uvirtbot> Launchpad bug 829412 in ensemble "Integrated DRBD support in Ensemble" [Wishlist,Confirmed]
<Daviey> kirkland: not as yet.
<Daviey> The udeb work isn't complete, seemed silly to rush it for the freeze.
<Daviey> I'm still in hope it'll be on b1.
#ubuntu-server 2011-08-26
<philipballew> !vpn
<ubottu> For more information on vpn please refer to https://wiki.ubuntu.com/VPN
<philipballew> !vpnserver
<philipballew> ...
<gua> any ideas on a good way to quickly set up method of file transfer for a single client? i'm thinking of stunnel+nfs or maybe rsync+rssh
<pmatulis> gua: scp?  maybe provide some context
<gua> rather than relying on usb sticks, i'm hoping to figure out a good way to temporarily share files on a public network/wifi that's encrypted somehow
<pmatulis> gua: investigate the fuse-based sshfs filesystem
<Adam__> hi all, I'm having issues with my server, I just ubuntu 11.04 server edition with lamp, open ssh, etc. I cped the default sites-available file and made my own for my fqdn, and to point to my site's directory, and I have DNS setup to point to my IP, forwarded port 22 - 80 to my server computer, but when I try to go to my site ( www.adamgleason.com) it won't connect, but I can ssh into it remotley, so it has to be something wrong w
<Adam__> ith apache, any ideas would be greatly appreciated.
<twb> Fun tip: next time lucid's mdadm gets completely confused on --assemble --scan, try using --metadata=1.2 instead of the default 0.9
<twb> See, what happens with 0.9 is, it puts the metadata at the end of the partition.  If the partition happens to end at the same place as the disk ends, mdadm --assemble --scan will try to assemble the *disk* instead of the partition.
<twb> This is usually not noticed because (I guess) partman/sfdisk align at the last CHS boundary or something, rather than running the partition to the very end of the disk
<twb> Also newer non-LTS releases don't default to 0.9 format
<mauricio> I'm having some trouble with work and I'd love to get some help.  I'll be happy to paypal a few bucks if anyone can help me out. I'm trying to run firefox/konqeuror from shell_exec in php
<mauricio> im using suexec and i have no issues normally doing it from the terminal
<mauricio> ran whoami on both ends, same user
<mauricio> http://cl.ly/1O201A1W450M3d3O1M2w is a screenshot of what keeps happening
<mauricio> Keeps saying ~/.kde can't be written to
<mauricio> and i think with firefox it can't write to ~/.mozilla
<mauricio> I'm not sure if its a permissions error or how to fix it or what
<twb> Isn't suexec an apache thing?
<twb> Why would apache be trying to write to .kde
<mauricio> no thats when im running shell_exec
<mauricio> and konqueror is just loading/writing settings
<twb> I don't know what shell_exec is, either.
<mauricio> similar to system()
<twb> But probably what's happened is that root has overwritten dotfiles in your home directory, and now you can't overwrit them again.
<twb> To get around this, you should use "sudo -i" or "sudo -H -s" or "su -" instead of just "sudo" or "su"
<mauricio> well
<twb> Doing so will cause HOME to be set to /root
<mauricio> ill put it this way
<mauricio> im not using a root account at all for this
<mauricio> if i ssh and run DISPLAY=:1 konqueror &
<mauricio> it works
<mauricio> if i use php and use shell_exec or system(), and do the same command, it does not
<twb> If you're doing systems programming in PHP: don't.
<mauricio> lol
<mauricio> im trying to get a simple screenshot server to work
<mauricio> heck id settle for any lightweight way to generate multiple screenshots at once
<qman__> yeah, PHP is just not up to a task like that
<qman__> its system call methods are just plain awkward, even for simple tasks
<twb> Also PHP is just plain wrong
<mauricio> lol
<mauricio> i tried python as well
<mauricio> same behavior
<mauricio> should i be thinking of running a simple http server, and starting that up from the terminal? im not sure
<qman__> I wrote a user time management system for an all0windows Active Directory environment in PHP
<qman__> boy was that ever a nightmare
<mauricio> lol
<qman__> unfortunately I don't know any other languages well enough to actually do it
<mauricio> im talking start browser -> DISPLAY=:1 import
<mauricio> :(
<mauricio> its 2 commands which is a really pity
<mauricio> *real
<mauricio> i tried moz-repl but that was too slow :(
<qman__> <- not a programmer
<mauricio> yeah thats alright
<qman__> I know how to program, I'm just not any good at it
<qman__> said system I made does actually work though
<qman__> took several weeks to work out the bugs
<gua> mauricio: might be the lack of env vars from the thing you're launching konqueror from
<mauricio> how would i go along with fixing that
<mauricio> i did try something along those lines but maybe i did something different
<mauricio> thats what the issue sounded like to me at first
<gua> do a thing like "bash -c "DISPLAY=:1; konqueror"
<mauricio> sec
<gua> with your script
<gua> so it'll load up .bashrc and .bash_profile and all that goodness
<mauricio> not working at all on first try, give me just a minute
<mauricio> bash -c DISPLAY=:1 konqueror & isn't working from the terminal either
<gua> mauricio: gotta quote the stuff after bash -c
<gua> bash -c "echo foo; echo bar"
<mauricio> whoops
<mauricio> sorry
<mauricio> that was exactly what i was looking for!
<mauricio> thanks
<mauricio> you have no idea how much time i wasted
<mauricio> lol
<gua> aha
<gua> gl then
<gua> btw srsly, switch to python
<mauricio> well to be honest for this it wouldnt matter
<gua> bash+python will do 99% of stuff
<mauricio> it makes no difference to me i guess
<mauricio> in the end its just a tool
<mauricio> i did code the same thing with python but this has more to do with suexec i think
<van7hu> howdy
<van7hu> I've installed snort-mysql successfully, where could my alert go in?
<mauricio> ouch
<mauricio> i got mixed up, bash -c did not work from php :(
<mauricio> ill try to figure out but it didnt work
<mauricio> ill setup python with the correct configuration first
<mauricio> and try from there
<gua> mauricio: same issue?
<mauricio> actually i solved it just now
<mauricio> not pretty but i got it
<mauricio> lol
<mauricio> took a python webserver script and using os.popen
<mauricio> and from the terminal im starting it using python server.py
<mauricio> and since i already have enough php code im calling that using php curl
<mauricio> it works
<mauricio> i tried it a while back but i got lucky this time
<mauricio> ha
<mauricio> but yeah not pretty but this is work and i gotta find a way
<mauricio> now i just gotta see what i can come up with to scale this a bit more (want to generate multiple screenshots at once) but i can take it from here
<mauricio> thanks
<twb> mauricio: you might want to ask #python or ##php instead of here
<mauricio> well sure but yeah i came on here because normally i have the same issue with both
<mauricio> and it has to do more with suexec
<mauricio> either way i got it now
<kirkland> Daviey: RoAkSoAx: I'm thinking cobbler-enroll or orchestra could use something like this: http://paste.ubuntu.com/675028/
<kirkland> Daviey: RoAkSoAx: to take the target baremetal system and give it tags or classes for the instance types that this baremetal machine could host
<kirkland> Daviey: RoAkSoAx I'm thinking this would make the ensemble bits be able to deploy to the "right" or "best" physical machine more easily
<shang> kirkland: ping, after I install Orchestra on Oneiric, I tried running cobbler check, but nothing shows up. any ideas?
<MACscr> so i have a working ubuntu guest that I am going to create an image of so I can use it to create other guests. I currently dont use ipv6, but would still like the image to be ipv6 friendly. For some odd reason the ubuntu system is showing ipv6 addresses in ifconfig. I dont have ipv6 setup for the guest in the guest xen cfg, so where is it adding these addresses? they arent in network/interfaces
<twb> MACscr: ipv6 is on by default
<twb> MACscr: the design of ipv6 is that you get an address automatically, even without DHCP or similar
<CluelessPerson> hey guys.
<CluelessPerson> I have a question about ddclient
<CluelessPerson> it's giving me an error, cannot get ip address or something ismilar to that.
<twb> MACscr: for more about this, read up on ICMPv6
<MACscr> rwb: how can get addreses by default if nothing is serving them? thats stupid
<twb> MACscr: your machine *will* respond to requests on those addresses
<twb> If it's (say) physically unplugged, that just means it'll still respond, but nothing can actually talk to it.
<MACscr> why the hell did they design things that way? whats the point in a system mysteriously creating its own addresses?
<twb> MACscr: for the same reason DHCP exists -- networks that require less babysitting are easier for non-technical people to maintain, and cheaper for technical people to maintain.
<twb> MACscr: and it's only "mysterious" to you because you don't understand how IPv6 works.
<MACscr> but the point of dhcp is to have a central place to control things imho
<MACscr> which this obviously defeats
<twb> MACscr: I suggest you either study IPv6, turn it off on your machines, or just live with the way it is.
<trapmax> how can i get rid of "File descriptor 15 (socket:[6111]) leaked on lvremove invocation. Parent PID /bin/bash" when running a cron job?
<twb> MACscr: I am not interested in discussing whether it's a good or a bad thing.
<MACscr> rwb	you obviously dont have to reply here if you dont want to
<twb> MACscr: you've had over a decade to discuss it with IETF if you cared.
<MACscr> not thanks for the info
<MACscr> er, but thanks
<twb> No worries
<twb> FWIW because I am not an IPv6 expert and because I am not actually using it yet, *I* explicitly disable the IPv6 stack on most of my systems
<MACscr> twb: so is there not a way just disable the automatic part and still allow it to be assigned a static ipv6 if needed?
<twb> MACscr: I'm not 100% sure, I think it picks an address only if you don't assign one, but it might keep that address *in addition* to any you assign.
<twb> Incidentally, I highly recommend O'Reilly's IPv6 book
<CluelessPerson> I'm getting an error from ddclient "unable to detect ip address"  why would it do that?
<twb> MACscr: got a turtle on the cover
<twb> CluelessPerson: are you running it on the host that does PPPoE?
<MACscr> twb: thanks anyway. I have enough info to absorb in my work, let alone techs that techs that i dont use
<twb> CluelessPerson: that is, did you type your adsl username and password into the modem, or into the ubuntu box?
<CluelessPerson> twb  I don't think so, I'm not very knowlegable about that though
<CluelessPerson> twb didn't at all
<twb> CluelessPerson: ok, are you using adsl at all?  This is a home network, yeah?
<CluelessPerson> twb  Verizon Fios.
<CluelessPerson> so no.
<twb> OK, so what gets the dynamic IP address, the cable modem or the ubuntu box?
<twb> CluelessPerson: how about: pastebin the output of "ip a" on the ubuntu box
<CluelessPerson> the verizon fios modem/router.
<twb> CluelessPerson: you need to run ddclient on the host that has the public IP
<CluelessPerson> twb  I set it up the same way on my previous server and it worked.
<CluelessPerson> This server is just an upgrade, so I have to assume this is the host?
<twb> CluelessPerson: in that case I dunno
<MACscr> twb: i added the following to my sysctl.conf 'net.ipv6.conf.all.accept_raÂ =Â 0' and i rebooted. When i run: lsmod | grep ipv6, it doesnt show any info. Which is good. But the ip's are still showing in ifconfig
<twb> MACscr: ipv6 is compiled in
<twb> MACscr: i.e. it's =y not =m
<twb> MACscr: 15:59 <dpkg> To disable use of <IPv6> on Lenny: echo install ipv6 /bin/true >> /etc/modprobe.d/local.conf (and reboot for this change to take effect).  From Squeeze onwards, IPv6 is built into the kernel (excluding loongson-2f flavour), add the kernel command line option ipv6.disable=1 to your bootloader.
<MACscr> ah, looks like 'net.ipv6.conf.all.disable_ipv6 = 1' was the updated setting
<twb> accept_ra will be Router Advertisements, which is how IPv6 automatically acquires rules for "ip r".
<philipballew> whats a good guide to setting up a vpn server?
<CluelessPerson> hi
<CluelessPerson> I have deluge installed on my server
<CluelessPerson> and it looks like the webui isn't running for some reason.
<CluelessPerson> I can't access the webui of deluge, can someone help me figure this out?
<linocisco> hi all, I would like to ask generic questions on DHCP
<CluelessPerson> most are asleep and I barely know anything
<CluelessPerson> and my effing deluge webui won't f****** start and gives no errors or log
<CluelessPerson> so fu**
<twb> CluelessPerson: did you read README.Debian and /etc/default/deluge-web ?
<twb> CluelessPerson: is deluged installed and running?
<CluelessPerson> I have before but that was a long time ago
<CluelessPerson> twb  The deluge daemon is running, but I don't think the webui is.
<twb> !ask > linocisco
<ubottu> linocisco, please see my private message
<CluelessPerson> twb  and deluge is set to start at startup
<CluelessPerson> but I don't see a web ui.
<CluelessPerson> twb  It worked earlier, then I restarted the server, I think that's what happened.
<CluelessPerson> twb  and now I have no idea of what to do.
<linocisco> http://pastebin.ubuntu.com/675101/
<CluelessPerson> restarting the server, see if something stupid might make the deluge webui work again
 * CluelessPerson is annoyed that people don't make their applications simply autoinstall similar to basically all windows applications
<CluelessPerson> "Would you like this to run automatically at startup?"
<CluelessPerson> bam, autoinstall, take care of it's own crap instead of having me manually configure every detail, frustrating
 * CluelessPerson sighs, because he bitched like a little child and it works after simply restarting his server.
<linocisco> http://pastebin.ubuntu.com/675101/
<linocisco> http://pastebin.ubuntu.com/675101/
<linocisco> http://pastebin.ubuntu.com/675101/
<Zimsky> back
<CluelessPerson> hey
<CluelessPerson> I just installed Samba, and for some reason my netbook isn't seeing my server on the network, anyone know why this might happen?
<linocisco> http://pastebin.ubuntu.com/675101/
<linocisco> http://pastebin.ubuntu.com/675101/
<linocisco> http://pastebin.ubuntu.com/675101/
<linocisco> http://pastebin.ubuntu.com/675101/
<linocisco> http://pastebin.ubuntu.com/675101/
<linocisco> http://pastebin.ubuntu.com/675101/
<linocisco> http://pastebin.ubuntu.com/675101/
<linocisco> http://pastebin.ubuntu.com/675101/
<_ruben> linocisco: i assume you're not looking for help but are here to spam?
<linocisco> _ruben: no spam
<linocisco> _ruben: as I got no reply so far, and according to forum rule, I am reposting it
<CluelessPerson> I've been watching.
<CluelessPerson> and I'm a linux newb so I can't help you. ;_;
<_ruben> first 3 times within a minute, then 8 times within a minute .. that's not conforming any forum rules i'm aware of, nor is this a forum
<CluelessPerson> he's certainly not harming anything though.
<linocisco> _ruben: as the screen is scrolling down, I am afraid others won't be aware. that is why I am reposting. It is just gentle reminder not to bother you with full paragraph like essay
<CluelessPerson> linocisco  Also, the english of your pastebin is a little bit hard to undestand
<CluelessPerson> Can you explain again what's happening
<CluelessPerson> ?
<CluelessPerson> You only want to use one server, the ubuntu server for dhcp service to the child machines?
<linocisco> CluelessPerson: sure. I am afraid it is diffcult for you to understand.
<CluelessPerson> turn off the dhcp service on the other new server.
<linocisco> CluelessPerson: that is the point. you got. it.
<CluelessPerson> ?
<linocisco> CluelessPerson: I did
<ersi> linocisco: I'd take a look at the DHCP config on that new box and set up some restrictions. Or setup a firewall.
<CluelessPerson> so what's happening?
<linocisco> CluelessPerson: but my some clients are still searching old DHCP server and as they could not find. they got no IP.
<CluelessPerson> all on the same lan?
<linocisco> CluelessPerson: I turned off the other DHCP source. I left only one. but some clients are still seeking that stopped DHCP source
<linocisco> CluelessPerson: sure. in the same lan with same subnet
<CluelessPerson> hrm.
<CluelessPerson> I assume everything has been rebooted
<ersi> There's no need to restart anything :P
<CluelessPerson> that's just what I'd do.
<CluelessPerson> restart the clients still seeking the new server having been removed
<_ruben> only broken clients wouldn't pick up a new dhcp server automagically
<_ruben> unless the network's broken too
<linocisco> CluelessPerson: I have rebooted /shutdown every clients. that does not solve. all clients are windows XP
<linocisco> _ruben: network or cable or clients are not broken.
<CluelessPerson> like I said, I know very little about this
<CluelessPerson> but I'd check the DNS/similar settings of one of the clients and see if yhou can force it to get the ip from the ubuntu server's lan ip address
<CluelessPerson> and by very little I mean nothing.
<CluelessPerson> ;)
<trapmax> linocisco: maybe try flushing xp client's dnscache and release/renew dhcp conf
<linocisco> CluelessPerson: unless we can give static IP on each clients. getting DHCP IP , will have the same problem unless we can change mac
<RudyValencia> It's kinda weird, I'm sitting here listening to the "Cisco default hold music" on loop - it feels like really being on hold
<CluelessPerson> RudyValencia  I can tell you that Toshiba's hold music hasn't changed in 5 years.
<RudyValencia> Do they use the "Cisco default hold music"?
<CluelessPerson> Please don't ask how I know that, needless to say, I'm never buying a toshiba product again.
<RudyValencia> I see - too much time on hold with them eh?
<CluelessPerson> lol, I'm sure it's just their brand of your song. ;p
<RudyValencia> like, whatever hold music their default is?
<RudyValencia> Ever been on hold at a place that uses a Cisco VoIP system?
<RudyValencia> http://www.youtube.com/watch?v=K5ZvUYhIeoQ <- this is what I've got on loop
<RudyValencia> (not the YouTube video, but the actual WAV file
<trapmax> better with ytrepeater: http://www.youtuberepeater.com/watch?v=K5ZvUYhIeoQ
<RudyValencia> I prefer the original file
<trapmax> with repeater one can simulate proper waiting times
<RudyValencia> It seems about right with the WAV
<linocisco> how to install openERP offline on ubuntu server?
<linocisco> how to install openERP offline on ubuntu server?
<linocisco> how to install openERP offline on ubuntu server?
<ersi> I'd assume you'd fetch the packages (.deb's) and then do some command line parameter to apt-get or so
<ersi> linocisco: ^
<ersi> or put the debs in the 'package cache' that apt maintains.. If you hold your horses, I'll check what dir it is
<linocisco> where is package cache ?
<linocisco> ersi: where is package cache that apt maintains ?
<ersi> Seems like it's in /var/cache/apt/archives/ from reading 'man apt-get'
<ersi> Dude, I'm not all knowing.. I need to look stuff up, even if I know where to look. Please be patient when asking others to help :(
<linocisco> ersi: so I should copy or move installer .deb file into that path and run from that location ?
<ersi> if you'd grab the .debs needed for all the packages that you need, I think you should just put the .debs in /var/cache/apt/archives/ and run "apt-get install packages-wanted"
<ersi> I'm not 100% sure, but pretty sure it'll work
<linocisco> ersi: i see. If someone is taking into action on my questions , I wont buzz others.
<ersi> remember dependencies (which you can look up on packages.ubuntu.com) if you don't know which they are :)
<linocisco> ersi: I know where package.ubuntu.com. there are nested dependencies. DO i need to download all down the path ?
<ersi> yes, you need the dependencies as well, to install the package you want
<linocisco> ersi: apt-get install or dpkg -i  filename.deb ?
<ersi> I was talking about apt-get install
<linocisco> ersi:  ok thanks TGIF. I will try in the weekends see you
<linocisco> ersi: because I have no ubuntu around
<ersi> ah
<ersi> Good luck mate
<kim0> Howdy everyone .. Some chapters in the serverguide need reviewing (Email, File-servers, LAMP...etc). If you can spare some time to do it, please add your name to http://pad.ubuntu.com/serverguide .. Thanks!
<hggdh> Daviey: good afternoon, you wanted to talk with me about beta testing
<soren> smoser: Can you boot the image in https://bugs.launchpad.net/nova/+bug/826798 using kvm directly?
<uvirtbot> Launchpad bug 826798 in nova "ubuntu vmdk uploaded does not boot" [High,Confirmed]
<Daviey> hggdh: hola.. just grabbing some food.. then i'll shoot you back?
<hggdh> Daviey: certainly
<uvirtbot> New bug: #834672 in nagios3 (main) "Apache2: overlapping scriptalias" [Undecided,New] https://launchpad.net/bugs/834672
<EriksLV> hi
<EriksLV> stupid question: I have a box with Intel i3 CPU. Can I install amd64 version of server?
<EriksLV> this "Choose this to take full advantage of computers based on the AMD64 or EM64T architecture (e.g., Athlon64, Opteron, EM64T Xeon, Core 2). If you have a non-64-bit processor made by AMD, or if you need full support for 32-bit code, use the Intel x86 images instead." makes me ask
<EriksLV> ah, nevermind
<EriksLV> core 2, so it will work
<uvirtbot> New bug: #795087 in netifaces (universe) "[MIR] python-netifaces" [Undecided,Fix released] https://launchpad.net/bugs/795087
<ersi> EriksLV: Indeed, correct conclusion mate :)
<EriksLV> any major differences between 32bit and 64bit versions?
<EriksLV> I'm not asking about memory support
<_ruben> support for 64bits apps :)
<ersi> EriksLV: Yeah, what _ruben wrote. You can't run 64-bit compiled applications in a 32-bit environment. But wise versa works just fine
<EriksLV> :)
<_ruben> unless the 32bit app requires some exotic 32bit libs
<ersi> but you could have that exotic 32bit lib in a 64-bit env ;o
<smoser> soren, yes.
<smoser> wait.
<smoser> no.  you cannot.
<soren> smoser: Then how would it be an..
<soren> ok.
<soren> Good :)
<smoser> (I thought you were referring to a different bug)
<soren> I never do.
<soren> I always refer to the bug I mean.
<soren> Except when I don't, but that never happens.
<smoser> i've updated the bug a bit. with hopefully some more info.
<Ursinha> helloooo server team
<koolhead17> hi all
<Daviey> lynxman: https://bugs.launchpad.net/ubuntu/+source/openvswitch/+bug/829250 :)
<Daviey> have fun.
<uvirtbot`> Launchpad bug 829250 in openvswitch "datapath dkms module does't built automaticly" [Medium,Confirmed]
<lynxman> Daviey: thanks!
<Daviey> lynxman: heh
<Daviey> How are things looking?
<Daviey> Everyone working on something fun?
<EriksLV> anyone knows how to get 82579LM to work with 10.04.3
<EriksLV> ?
<TheEvilPhoenix> EriksLV:  wth is 82579LM?
<EriksLV> network interface
<lynxman> Daviey: yeah :)
<TheEvilPhoenix> Daviey:  does sitting in class being bored beyond reason count?
<TheEvilPhoenix> >.>
<ersi_> I'm working on holding my horses before I check out of work
<ersi_> Do I have to say; Friiiiiidaaaaay?
<ersi_> :D
<Daviey> TheEvilPhoenix: You could be doing ubuntu development concurrently :)
<TheEvilPhoenix> Daviey:  could, but cant.  its chem, so i have to take notes >.>
<TheEvilPhoenix> s/chem/chem 101/
<Daviey> ah
<TheEvilPhoenix> but yeah, i'd rather be developing stuff for ubuntu :P
<koolhead17> RoAkSoAx: hey
<RoAkSoAx> koolhead17: howdy
<Daviey> smoser: Do you think there is still merit in the qemu-* still being so different from Debian?
<koolhead17> RoAkSoAx: am great. tried cobbler to provision  Oneiric today, working to make sure cobbler makes some love with my preseed file. i might come with one bug soon, i need to test it few times before asking you :)
<RoAkSoAx> koolhead17: hehe alrighty! I'll be here
<koolhead17> RoAkSoAx: yay!! Something to do with hostname. am testing preseed few more times before troubling you :D
<koolhead17> hey kim0
<kim0> koolhead17: hey htere
<RoAkSoAx> koolhead17: alrighty
<koolhead17> kim0 few more days left :D
<kim0> heh yeah
 * koolhead17 bows to robbiew Daviey zul :D
<EriksLV> does even "Intel Rapid Storage Technology" RAID5 work in Ubuntu?
<pmatulis> EriksLV: dunno, provide some specs for the card maybe
<EriksLV> nevermind, 11.04 can use it
<EriksLV> any recommendations on partition setup? I have 2.7TB RAID
<EriksLV>  / /home
<EriksLV> any other?
<cloakable> What're you using it for?
<EriksLV> maybe /var/log on a seperate partition?
<genii-around> Might want some separate non-raid5 for mbr
<EriksLV> server
<EriksLV> genii-around - separate hdd for booting?
<genii-around> EriksLV: Possibly, yes
<genii-around> grub and raid5 don't usually get along well
<EriksLV> hmm
<EriksLV> ok, I'll think about that
<EriksLV> but how about partitions?
<EriksLV> any recommendations about them?
<ScottK> kim0: Did you see my mail on ubuntu-server about getting a serverguide update merged?
<kim0> ScottK: hey .. I can't really merge things myself either
<kim0> I didn't check the bug .. but I dont have merge access
<ScottK> kim0: Could you ask around then.  Someone is going to have to merge this stuff from the docs team.
<kim0> ScottK: yeah they do .. I proposed a merge earlier, and a few days later they merged it
<ScottK> Who did the merge?  I'll ping them.
<kim0> ScottK: #ubuntu-doc people .. they said the mailing list is best to contact them though
<kim0> ScottK: btw you mention bug 83473 (installer bug?!)
<uvirtbot`> Launchpad bug 83473 in ubiquity "Installer crashed (dup-of: 76976)" [Undecided,New] https://launchpad.net/bugs/83473
<uvirtbot`> Launchpad bug 76976 in ubiquity "[feisty] no autopartitioning options presented?" [Medium,Fix released] https://launchpad.net/bugs/76976
<ScottK> It was supposed to be an LP bug.  I'll check the number.
<kim0> ScottK: I am surprised your branch is named you/+junk/serverguide .. I thought it must be you/serverguide/branchname ?
<kim0> otherwise stacking breaks ? but I'm no bzr expert :)
<ScottK> That's what I picked.  Maybe that's why I couldn't merge it.
<kim0> ScottK: yeah probably ..
<ScottK> I'll push it again with a different name.
<kim0> cool
<ScottK> I usually can just push :parent since I rarely touch branches I can't push to directly.
<kim0> ScottK: thanks for the reviews :)
<Daviey> GrueMaster: Have you documented the results of server related testing on arm?
<jdstrand> hallyn: I have a sneaking suspicion bug #694029 may be fixed now
<uvirtbot`> Launchpad bug 694029 in linux "kvm guests become unstable after a while" [Undecided,Confirmed] https://launchpad.net/bugs/694029
<jdstrand> hallyn: not ready to call it, but I ran my test script for 24+ hours with now guest corruption. This was after recent kernel and linux-firmware updates
<jdstrand> s/now/no/
<KM0201> is there a way to stream mediatomb files, from the server to other machines on the network?
<KM0201> i've read the documentation, and it always refers to streams from other sources (like youtube, etc.)
<cloakable> Streaming local content is the main purpose of mediatomb o.o
<KM0201> cloakable: thats my point, i just can't figure out..
<KM0201> i can download files just fine via the mediatomb "web page"
<cloakable> KM0201: Been a while since I use MT
<KM0201> but i can't stream them.
<cloakable> Can your media renderers see the server?
<KM0201> i dunno lemme try again
<KM0201> i was trying to play it through a web browser, but now that i think about it, that doesn't make sense
<cloakable> Not really
<KM0201> what do i put for URL?.. the path to the file i want to stream?
<cloakable> It should show up automatically via UPnP
<cloakable> That's the point of mediatomb
<KM0201> whats a UPnP client i can use on Ubuntu?
<KM0201> i dont think i really understood what mediatomb was supposed to do...
<cloakable> try the rhythmbox upnp plugin
<cloakable> what did you think it was for?
<KM0201> you can't watch movies w/ rhythmbox
<cloakable> No music in it?
<KM0201> no, not right now, just videos
<cloakable> try djmount, it's a fuse filesystem to mount all detected upnp mediaservers into the filesystem
<cloakable> useful for testing
<KM0201> hmm
<uvirtbot`> New bug: #834837 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/834837
<genii-around> Another install script not converted yet to upstart
<Daviey> RoAkSoAx: You might be hitting bug #834868.
<uvirtbot`> Launchpad bug 834868 in cobbler "Cobbler Ubuntu theme relies on external web resources" [Medium,New] https://launchpad.net/bugs/834868
<matti> Daviey: ;]
<Daviey> hey matti
<RoAkSoAx> Daviey: i haven't experienced that
<uvirtbot`> New bug: #834868 in cobbler (universe) "Cobbler Ubuntu theme relies on external web resources" [Medium,New] https://launchpad.net/bugs/834868
<Daviey> RoAkSoAx: via ssh socks?
<marshall> hey ubuntu server, I'm having some issues with some NFS home directories mounted with autofs. It seems that applications and scripts aren't allowed to write into my home folder, even though I'm able to write into it just fine.
<pmatulis> marshall: why do you assume a script can write somewhere just because you can?
<pmatulis> marshall: i.e. what user is the script running as?
<RoAkSoAx> Daviey in any situation
<marshall> I'm running the script. Also, vim seems unable to write to ~/.viminfo
<pmatulis> marshall: nfsv4 prolly right?
<marshall> another case is where I'm trying to install packages through npm (node package manager), and it reports that it doesn't have permission to add the packages to a cache inside ~/.npm
<marshall> yeah I believe I'm using v4
<pmatulis> marshall: well, v4 can have some acl stuff going on
<marshall> acl?
<marshall> what does that stand for?
<pmatulis> marshall: http://www.google.com/search?client=ubuntu&channel=fs&q=nfsv4+acl&ie=utf-8&oe=utf-8
<marshall> pmatulis: ok. So v4 uses a different ACL from standard posix?
<pmatulis> marshall: it can, yes
<marshall> pmatulis: so I guess I want to force it to use posix acl?
<pmatulis> marshall: first determine what's running on the server, is it really v4
<marshall> ok
<marshall> pmatulis: when I do nfsstat, the only category with values is v4
<pmatulis> marshall: and the mount command should show some stuff
<marshall> pmatulis: ok
<Daviey> RoAkSoAx: So what is the pain point you are getting with ssh socks?
<marshall> /home/jeff on /home/jeff type nfs4 (rw,soft,port=2049,proto=tcp,sloppy,addr=50.19.239.158,clientaddr=10.210.139.126)
<marshall> pmatulis: ^
<pmatulis> marshall: yup, v4
<pmatulis> marshall: do you have access to the server?
<marshall> pmatulis: yessir
<marshall> pmatulis: You can just call me... The Administrator
<pmatulis> marshall: i'm not familiar with nfsv4 acl.  so you'll need to do some research
 * marshall backflips onto a motorcycle and speeds off
<pmatulis> wow
<marshall> maybe I should have taken the IPs out of there...
 * pmatulis hears goblins
<ersi_> Yay, closed my first bug.
<Daviey> ersi: \o/
<GrueMaster> Daviey: Sorry for the late response, I was called out of bed and been away until now.  What kind of documentation are you looking for?  We have a wiki at https://wiki.ubuntu.com/ARM/QA/Server.
<zul> SpamapS: what do you think of getting a FFE for php-5.3.8?
<SpamapS> uh
<SpamapS> no?
<zul> thats what i thought
<zul> jdstrand: asked me
<SpamapS> ah
<SpamapS> zul: 5.3.8 has some regression in it they have to revert
<SpamapS> something borken in is_a()
<adam_g> kirkland: ping
 * zul goes back to swap day
<RoAkSoAx> zul: lol
<uvirtbot`> New bug: #834901 in bind9 (main) "Apparmor profile blocks geoip db access" [Undecided,New] https://launchpad.net/bugs/834901
<kirkland> adam_g: yo
<Daviey> GrueMaster: just wanted to sniff the results of the testing..
<adam_g> kirkland: does bug #834874 look like a reasonable request of orchestra at some point? if so, the issue of storage devices for swift would be solved
<uvirtbot`> Launchpad bug 834874 in orchestra "Orchestra should make storage as generic as possible" [Wishlist,New] https://launchpad.net/bugs/834874
<GrueMaster> Daviey: I need to update it with the iSCSI info and a few others.  As soon as the citiy finishes making a mess in front of my shop, I'll add that info.
<jdstrand> SpamapS, zul: 5.3.7 had a regression I thought, and 5.3.8 was ok. I haven't looked a ton at it, but 5.3.8 has a bunch of security fixes
<zul> php is one big regression ;)
<SpamapS> jdstrand: they're talking about it on php-internals right now
<SpamapS> If anything we'd want to do 5.3.9
<jdstrand> SpamapS: I see. ok. we need to get oneiric updated and a merge seems the path of least resistance there. sounds like you are on top of it though
<SpamapS> Maybe we can look through the changelog, but we all know what massive balls of change php patch releases are.
<SpamapS> jdstrand: well I'd resolved to shipping w/ 5.3.6 ...
<SpamapS> jdstrand: but if thats going to make security's life difficult..
<SpamapS> I really do wish they'd split the security fixes into like, 5.3.6.1
<mdeslaur> SpamapS: +1!
<SpamapS> I wonder if anybody has ever asked them to do that tho
<mdeslaur> SpamapS: would be nice to have the regression-causing security fixes split out from the regression-causing improvements
<jdstrand> php5 is always a pain. natty has 5.3.5, so it is at least conceivable that that it won't be hugely more difficult. but a merge would be easier. we'll defer to the server team
<SpamapS> jdstrand: let me take a peek at the changes list in 5.3.7 and 5.3.8 .. they *have* been deferring a lot to 5.4 lately
<jdstrand> SpamapS: thanks
<Daviey> zul: Is there anything left to do for bug 810051?
<uvirtbot`> Launchpad bug 810051 in nova "Copyright/legal issues in Nova (from Debian upstream)" [High,In progress] https://launchpad.net/bugs/810051
<zul> dont think so..
<Daviey> zul: contrib/boto_v6 is under a MIT like license that is not mentioned in
<Daviey> debian/copyright, nor are its copyright holders
<Daviey> bin/nova-manage carries a BSD license which is not mentioned in
<Daviey> debian/copyright, nor are its copyright holders
<Daviey> Is that resolved now?
<zul> Daviey: not yet...ill do another pass of it next week
<SpamapS> jdstrand: so, the changes look like 99% fixes, just a few small things thrown in to the FPM and Curl extensions.
<jdstrand> SpamapS: ah, good news :)
<JRWR> in natty, php5-mysqli doesnt seem to exist, is this a issue on my end, or has ubuntu forgotten about it
<patdk-wk> nope
<patdk-wk> it's still there
<JRWR> where? http://security.ubuntu.com/ubuntu/pool/main/p/php5/ shows it nowhere, and apt-get cant find it
<patdk-wk> php5-mysql
<JRWR> thats not mysqli (doesnt show in phpinfo();)
<JRWR> or have they been combined
<patdk-wk> apt-cache show php5-mysql
<SpamapS> jdstrand: http://news.php.net/php.internals/54961 .. THIS is the regression that blocks 5.3.8 for me.
<patdk-wk> It includes the generic "mysql" module which can be used to connect to all versions of MySQL, an improved "mysqli" module
<patdk-wk> been that way for a long time now
<adam_g> Daviey: cool if i grab Bug #834868 ?
<uvirtbot`> Launchpad bug 834868 in cobbler "Cobbler Ubuntu theme relies on external web resources" [Medium,New] https://launchpad.net/bugs/834868
<Daviey> adam_g: I think that is a great idea :)
<Daviey> adam_g: Before release, i wanted to seperate upstream theme and ubuntu theme and make it an option.
<Daviey> It shouldn't be too much work.. I really don't like forcing a theme :)
<adam_g> Daviey: agree
<jeeves_moss> I'm running into "/etc/freeradius/sites-enabled/default[159]: Failed to load module "sql".",  what should I be changing?
<adam_g>  is installing a symlink from one package to a file that is installed as a dependency acceptable?
<adam_g> Daviey: ^
<jeeves_moss> adam_g, what files are you messing with and why does the package not see the repo installed version?
<adam_g> jeeves_moss: installing a font via a font package (dependency) and referecing the font from a web root via symlink to /usr/share/fonts
<Daviey> adam_g: that is the correct approach
<Daviey> adam_g: if it was a Recommends then you'd get bad karma
<marshall> I'm having some problems with my home directories exported with nfsv4. I'm able to read and write everything in my home folder, but it doesn't seem like applications are able to write to it. For example, vim isn't able to write to ~/.viminfo. What could be causing this problem?
<jeeves_moss> adam_g, if it's just something dumb for web, then yes, a syslink for the foler, or just a link for the file would work.
<uvirtbot`> New bug: #835009 in open-vm-tools (multiverse) "package open-vm-dkms 2011.03.28-387002-0ubuntu1.1 failed to install/upgrade: open-vm-tools kernel module failed to build" [Undecided,New] https://launchpad.net/bugs/835009
<uvirtbot`> New bug: #835012 in samba (main) "package samba-common (not installed) failed to install/upgrade: subproces installed post-installation script gaf een foutwaarde 10 terug" [Undecided,New] https://launchpad.net/bugs/835012
<genii-around> 835012 looks like 834837
<RoAkSoAx> kirkland: you might wanna take a look at bug #834868
<uvirtbot`> Launchpad bug 834868 in cobbler "Cobbler Ubuntu theme relies on external web resources" [Medium,New] https://launchpad.net/bugs/834868
<uvirtbot`> New bug: #834967 in mysql-5.1 (main) "package mysql-server-5.1 5.1.54-1ubuntu4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/834967
<kirkland> RoAkSoAx: thanks, commented
<RoAkSoAx> kirkland: cool thanks
<adam_g> i think the issue is that requests to grab font from google will hang/timeout instead of falling back to local
<uvirtbot`> New bug: #834985 in samba (main) "package samba-common-bin 2:3.5.8~dfsg-1ubuntu2 failed to install/upgrade: beschadigd bestandssysteem tarbestand - beschadigd pakketarchief" [Undecided,New] https://launchpad.net/bugs/834985
<Daviey> SpamapS: Do you want to push for collectd MIR, or should we defer it?
<Daviey> kirkland: Ah, responded to your comment regarding cobbler font issue
<jeeves_moss> how can I track down the source of a segmentation fault?
<TheEvilPhoenix> jeeves_moss:  debug the code?
<TheEvilPhoenix> unless its in a precompiled binary
<TheEvilPhoenix> in which case you should report a bug...
<TheEvilPhoenix> jeeves_moss:  what segv'd?
<TheEvilPhoenix> (btw: segv is the small part of the signal SIGSEGV which a seg fault sends to the system.  can be used with `kill -SEGV` if you want to annoy someone :P)
<jeeves_moss> it's third party software that's a mess. the dev wants EVERYTHING installed from custom compiled packages, and not from the repos
<TheEvilPhoenix> ha
<TheEvilPhoenix> well, not sure how to help then, except maybe recompile with `make` and keep a copy of the logs to find whether there was any error in the build
<TheEvilPhoenix> sometimes missing stuff causes segvs
<marshall> I've setup an ldap client and for some reason, when I create a file, the file's group shows as 0. When I do `id` it shows my correct user and group stuff. What could be causing this?
<smoser> utlemming, just fyi, http://www.minimalinux.org/ttylinux/downloadARM.html has an arm kernel/ramdisk that "just works" on qemu-system-arm
<smoser> get ttylinux-armv5tej-9.10.iso.gz
<utlemming> smoser: I'll take a look at that
<smoser> for testing we might be able to use that kernel/ramdisk as a stop gap measure
<utlemming> or crib off it
<Daviey> utlemming / SpamapS: Have you been able to do triage today?
<SpamapS> Daviey: I was just sitting down to it. :)
<Daviey> rocking! :)
<nick__________> Hi all, I have ubuntu 9.10 server installed on a headless machine in my basement.  I received a thin client from a friend, and installed ltsp on the server.  Upon realizing that ltsp needs a desktop environment to run, I installed ubuntu-desktop on my server.  After restart, my server boots, but my samba shares aren't found, ssh is broken, however I can still ping by host name and ip address.
<nick__________> i'm assuming that it is all broken, because the server downstairs is hung on the login page?
<nick__________> is there a way around this? or will I have to go down to the basement and login to a user everytime I restart the server?
<qman__> nick__________, whether or not X is working correctly would not affect sshd
<qman__> the default login manager is gdm, and is controlled as a normal service, i.e. sudo service gdm start|stop|restart
<qman__> what likely happened is NetworkManager got installed and broke your networking
<qman__> just uninstall that from the system locally, check your network settings, and you should be good
<nick__________> of course, that makes much sense
<nick__________> before I go down and hook everything up to the server, if the hostname and ip address didn't change, what in network manager would break sshd and samaba shares?
<JRWR> im running php-fpm in a chroot (using dchroot) and I wanted to make a app armor profile for it using aa-autodep if my path to my chroot is /var/chroot, how would i tell aa-autodep what path to use
<nick__________> so I got a monitor hooked up to the server, and the reason my ssh and samba are broken, is because it's only booting to initramfs
<TheEvilPhoenix> nick__________:  there's usually an error accompanying the initramfs boot
<TheEvilPhoenix> whats the error?
<nick__________> lemme get the exact, gotta run downstairs, but basically, mounting /sdc1 fails
<nick__________> ok, well i just restarted from liveCD and it found errors on sda1 and want's to fix them, it also mentioned that it's trying to boot from sda1, when sdc1 is my boot drive
<nick__________> before all this, it was booting to initramfs, if that is relevent
<p3rsist> Anyone has found a deb package for DRBD 3.8.11 for Lucid?
<TheEvilPhoenix> p3rsist:  "DRBD"?
<adam_g> p3rsist: 8.3.11, https://launchpad.net/ubuntu/+source/drbd8
<p3rsist> adam_g, Yes. But Im on lucid. How can I install a package from Oneiric Ocelot ?
<adam_g> p3rsist: the drbd package from oneiric wont do you much good on lucid
<TheEvilPhoenix> wth is drbd?
<p3rsist> adam_g,  I will compile from source.
<adam_g> TheEvilPhoenix: www.drbd.org
<adam_g> w/whois p3rsist
<adam_g> p3rsist: you can just apt-get install the pkgs in lucid and you'll have 8.3.11
<adam_g> p3rsist: sorry, 8.3.7 is in lucid.
<adam_g> p3rsist: the drbd packages for oneiric require a matching kernel, as the kernel modules for drbd now exist within the mainline kernel (as of the kernel after lucid's)
<uvirtbot`> New bug: #481776 in socat (universe) "Segmentation fault of socat on 9.10 i386, installed from ubuntu repository" [Medium,Confirmed] https://launchpad.net/bugs/481776
<uvirtbot`> New bug: #745603 in socat "Please add socat-opensslcompress patch" [Wishlist,New] https://launchpad.net/bugs/745603
#ubuntu-server 2011-08-27
<ubuntnoob> having a problem loading a thin client network boot with ltsp on ubuntu server, client sees pxe, and loads vmlinuz and initrm.img but hangs with flashing cursor after 'ready'
<ubuntnoob> yesterday, i thought it was because I didn't have a desktop environment for it to boot into, but I installed one, and I still have the same issue
<sw0rdfish> hey
<sw0rdfish> how do I install the "suggested" packages of something?
<TheEvilPhoenix> sw0rdfish:  apt-get install <space-delimited list of packages>
<TheEvilPhoenix> i.e. if something suggested to install packagea and packageb...
<TheEvilPhoenix> apt-get install packagea packageb
<sw0rdfish> i see
<sw0rdfish> thanks...thing is when I was installing irssi it gave me suggested packages for some reason I thought it would install them or ask me to install them later so I continued
<TheEvilPhoenix> nah it doesnt install suggested packages
<sw0rdfish> and it didn't so just wanted to see the list again somehow and type them in ....etc
<TheEvilPhoenix> unless you tell it to, by defining those package name
<TheEvilPhoenix> yep
<sw0rdfish> :)
<sw0rdfish> well i installed the one i could remember irssi-scripts
<sw0rdfish> the others were stuff like libterm-perl-WHATEVER
<sw0rdfish> lol
<TheEvilPhoenix> heh
<qman__> you can look up what the suggested packages are on packages.ubuntu.com
<jmarsden> Um... wouldn't    apt-cache show irssi | grep Suggests:     display what packages irssi suggests?  Or am I not understanding the question?
<qman__> probably, I wasn't aware of that option
<Superdave321> Just installed Ubuntu server, and the default resolution is out of range for my moniter. any suggestions?
<alduhoo> hello
<alduhoo> can anyone help me, im tryinf to make my wireless card auto-join my network whenever i boot the server
<alduhoo> im using a script i made but i want it to do it on boot so i can ssh immeadiatly without having to run the script myself
<jmarsden> alduhoo: /etc/rc.local would be one way to run those scripted commands at boot time...
<alduhoo> ok, ill check that out
<alduhoo> jmarsden: so rc.local executes itself at boot time?
<jmarsden> alduhoo: If you make it executable, yes.  read what is already in it.
<alduhoo> and if i need sudo access for my commands, should i put sudo before each omd?
<alduhoo> jmarsden: ok, im gonna rebooot me server to see if it works
<alduhoo> be right back
<alduhoo> it worked!!! thank you so much, it'll be a lot easier now thanks :D
<jmarsden> alduhoo: You're welcome.
<alduhoo> i created a home server out of an old laptop, ive installed CUPS and FTP/SSH apache, what else do you recommend me installing?
<jmarsden> It depends what else you need it to do :)  samba so you can share files with windows PCs at home?  rsync  or other automated backup solution so you can backup all your PCs onto it while you sleep?
<alduhoo> well i want to share files, but using FTP seems slow, so i was looking into NFS or samba
<p3rsist> Hi guys. What server monitoring software do you use?
<alduhoo> i dont use any :(
<qman__> only thing I use is smartd
<qman__> because data loss isn't cool
<CluelessPerson> nyan nyan nyan :D
<CluelessPerson> Hey guys
<CluelessPerson> anyone there?
<uvirtbot`> New bug: #835278 in nagios3 (main) "Nagios 3.3.1 is available, but not in ubuntu repositories" [Undecided,New] https://launchpad.net/bugs/835278
<linocisco> wget http://www.openerp.com/download/stable/source/openerp-server-6.0.3.tar.gz  IS NOT OK
<linocisco> what would be the most likely problem, all my friends ???
<linocisco> any clues on my questions ??
<SpamapS> linocisco: what do you mean its not ok ?
<linocisco> SpamapS: errror downloading
<SpamapS> well maybe you should show the error
<SpamapS> pastebin maybe?
<Daviey> SpamapS: Just opened a bug and saw, Clint Byrum (clint-fewbar) wrote 8 seconds ago:
<Daviey> That freaked me out :)
<SpamapS> lol
<SpamapS> can't sleep
<Daviey> sleep is for the week.
<SpamapS> and the week is for the weak
<SpamapS> Daviey: http://ec2-107-20-64-136.compute-1.amazonaws.com:8080/ .. Can you see the test running there?
<Daviey> SpamapS: i can indeed!
<SpamapS> Daviey: tests ensemble from the ensemble PPA on lucid,maverick,natty, and oneiric chroots...
<Daviey> SpamapS: neat!  Is it testing against all the formulas?
<SpamapS> Its testing the mediawiki deploy.. but only that it deploys.. haven't actually added bits to wait for it to come up and check that it actually serves stuff.
<zicada> since yesterday i can no longer connect to highports or get pingreplies from ubuntuserver
<SpamapS> it does do that for the example formulas
<SpamapS> zicada: did you install ufw maybe?
<zicada> cant connect to irc for example, but works to http with links
<zicada> SpamapS: nope, and i did ufw disable too
<Daviey> SpamapS: How hard would it be to extend it to use ec2?
<Daviey> rather than chroots
<SpamapS> Daviey: rather simple actually. I'm just mindful of the "Oh no" effect.. also known as a "lemming fail" .. ;)
<Daviey> SpamapS: Ah.. but,we do have another ec2 resource, which isn't aws :)
<SpamapS> Daviey: the script is a bit clunky at the moment, I do intend to break it up a bit.
<SpamapS> Daviey: right, those might work.. I couldn't run jenkins on those because they don't have enough RAM or disk space.
<Daviey> SpamapS: erk.. What min do you need?
<SpamapS> Daviey: installing jenkins w/ all its deps adds about 200MB to the already 800MB install.. and those only have 1.5GB
<SpamapS> Daviey: for RAM.. jenkins is well behaved as java goes, bu I still need a few hundred MB
<SpamapS> ok time to give sleep another shot
<Daviey> SpamapS: nn.. have a good weekend
<ruben23> hi guys i have this storage on my server in ubuntuserver-----> tmpfs                 2.0G  426M  1.6G  22% /var/spool/asterisk/monitor   ---> and this  storgae get to 100 percent how to maintain that it wont get full, any idea..?
<BrixSat> hey :)
<BrixSat> im trying to upload a file using ftp on shell
<BrixSat> i do the login part  and i recive 200 ok
<BrixSat> the problem is using put blog.tar blog.tar
<BrixSat> "200 PORT command successful " and nothing more the file apears blank on other side
<BrixSat> and after a minute or 2 "425 Could not open data connection to port 43364: Connection timed out
<BrixSat> "
<qman__> you more than likely need to be using passive mode
<qman__> FTP was badly designed 25 years ago, and is not compatible with firewalls
<BrixSat> but if i can transfer to that machine using filezilla why not using ssh?
<qman__> huh?
<qman__> if you're trying to upload a file to an SSH server, you need to use SFTP on your client
<qman__> not FTP from within the shell
<qman__> FTP has nothing to do with SSH or SFTP
<BrixSat> =)
<BrixSat> got it
<BrixSat> passive
<SJr> Every 20 minutes I get this e-mail: /usr/share/sendmail/sendmail: 1177: /usr/sbin/sendmail-msp: not found
<jon_high9000> does anyone know where i can find info on procmail filters such as, adding mboxes etc.?
<crass_> hallyn: can you get the ubuntu-virt build for libvirt going again? it failed 4 weeks ago and the fix looks easy enough
<uvirtbot`> New bug: #835596 in python-stompy (universe) "[MIR] python-stompy" [Undecided,Incomplete] https://launchpad.net/bugs/835596
<Daviey> crass_: Can you provide more detail?
<crass_> Daviey: It shows the buld having failed here: https://launchpad.net/~ubuntu-virt/+archive/ppa
<crass_> and I had it reversed: libvirt build for ubuntu-virt ppa
<crass_> hallyn: Also I'd also like to request some natty builds for libvirt (0.9.3) and qemu-kvm (0.15.0) from your personal ppa. Unless you think the Oneiric builds will work on Natty?
<crass_> Daviey: it looks like all that needs to be done is installing libxen-dev package (at least to get it to a new error)
<tech1> Hi channel, I need to load ubuntu on a poweredge 800 and having issues getting to the controller
<tech1> the sata
<uvirtbot`> New bug: #835621 in cyrus-sasl2 (main) "package libsasl2-2 2.1.24~rc1.dfsg1 cvs2011-05-23-4ubuntu2 failed to install/upgrade: libsasl2-2:i386 2.1.24~rc1.dfsg1 cvs2011-05-23-4ubuntu2 (Multi-Arch" [Undecided,New] https://launchpad.net/bugs/835621
<uvirtbot`> New bug: #835624 in cyrus-sasl2 (main) "package libsasl2-modules 2.1.24~rc1.dfsg1+cvs2011-05-23-4ubuntu2 failed to install/upgrade: ErrorMessage: libsasl2-modules:i386 2.1.24~rc1.dfsg1+cvs2011-05-23-4ubuntu2 (Multi-Arch" [Undecided,New] https://launchpad.net/bugs/835624
<uvirtbot`> New bug: #835625 in cyrus-sasl2 (main) "package libsasl2-2 2.1.24~rc1.dfsg1+cvs2011-05-23-4ubuntu2 failed to install/upgrade: libsasl2-2:i386 2.1.24~rc1.dfsg1+cvs2011-05-23-4ubuntu2 (Multi-Arch" [Undecided,New] https://launchpad.net/bugs/835625
<Kingsy> can someone tell me how to restart syslog?
<Talant> "/etc/init.d/syslog restart" doesn't work?
<guntbert> Kingsy:  sudo restart rsyslog
<Kingsy> oh
<Kingsy> ok
<Kingsy> thanks
<jforman> hi all, i just upgraded my 10.10 server to 11.04, and now when i try to fire up any of my VM's in my libvirt setup, i'm met with the error: "error: operation failed: failed to retrieve chardev info in qemu with 'info chardev'". googling around and doing various apparmor related things didnt resolve the issue. am i missing something?
<crass_> jforman: are you getting that with virsh or virt-manager?
<jforman> crass_: both
<jforman> running libvirtd in verbose mode on the command line,  this is the output upon attempting to start it via virsh, http://pastebin.com/3e66D8YW
<crass_> jforman: I get this occasionally with a remote virt-manager, and I have to disconnect and reconnect to libvirt for it to go away
<crass_> I've never gotten this fir virsh, but I've not tried to connect to the guest via virsh
<jforman> crass_: i understand. thanks. sounds like not many else on the internet have had success with this error. makes the half dozen VM's i have currently DOA :(
<jforman> crass_: i cant explain it, but changing a couple of the x509 parameters (turning them off) and turning off the tls_vnc options, suddenly is booting my VM's...
<Kingsy> is roundcube in the ubuntu reops?
<uvirtbot`> New bug: #835715 in mysql-5.1 (main) "package mysql-server-5.1 5.1.54-1ubuntu4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 100" [Undecided,New] https://launchpad.net/bugs/835715
#ubuntu-server 2011-08-28
<uvirtbot`> New bug: #835766 in dhcp3 (main) "package dhcp3-client 3.1.3-2ubuntu3.3 failed to install/upgrade: subprocess installed post-installation script killed by signal (Segmentation fault)" [Undecided,New] https://launchpad.net/bugs/835766
<JoeGazz84> Hey, is there a good Web panel to use for ubuntu server 10.04? That doesn't interfere with nginx and that's not webmin?
<pmatulis> JoeGazz84: try https://help.ubuntu.com/community/Zentyal
<JoeGazz84> pmatulis: Thanks, I'll look into that one :)
<JoeGazz84> pmatulis: Any other ones? We're looking to test like 2
<pmatulis> JoeGazz84: not really
<JoeGazz84> pmatulis: Ok, thanks :)
<JoeGazz84> Really appreciate it.
<pmatulis> JoeGazz84: good call to stay away from webmin, it's a hazard
<JoeGazz84> ya
<JoeGazz84> I know :)
<Doonz> Hey does ubuntu support infiniband adpapters?
<jmarsden> Doonz: It would appear to.  Googling for   ubuntu infiniband   might be a good start.  See https://wiki.ubuntu.com/scst for instance.
<jmarsden> Doonz: apt-cache search infiniband     may also provide you with some packages of interest :)
<Doonz> yeah it was just on the last few vendors sites debian wasnt mentioned as supported
<jonf> hi - has anyone had a problem getting login running on a text console on 11.04? (/dev/console /dev/tty0)
<jonf> hmm, s'ok - I think I have got it - needed to change some settings in /etc/default/grub. Question is why does this not work by default?
<pmatulis> jonf: why should it?
<jonf> pmatulis: I just did a text console installation of ubuntu 11.04, and at the end of the install, I have no way to log into the system. That seems wrong to me.
<jonf> pmatulis: I rebooted into rescue mode, installed ssh (which I probably should have done anyway.. )
<jonf> pmatulis: no virtual consoles working seems new and odd to me, I guess thats all.
<uvirtbot`> New bug: #835818 in libvirt (main) "Can't boot qemu w/o kvm (no boot=on param, upstream patch)" [Undecided,New] https://launchpad.net/bugs/835818
<uvirtbot`> New bug: #835825 in bind9 (main) "package bind9 1:9.7.3.dfsg-1ubuntu2.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/835825
<uvirtbot`> New bug: #835829 in bind9 (main) "package bind9 1:9.7.3.dfsg-1ubuntu2.2 failed to install/upgrade: Unterprozess installiertes post-installation-Skript gab den Fehlerwert 1 zurÃ¼ck" [Undecided,New] https://launchpad.net/bugs/835829
<CluelessPerson> Hey, I have a question
<CluelessPerson> if I wanted to make it so someone go to a certain website on my server and remotely restart the server, how would I do that?
<AlecTaylor> hi
<AlecTaylor> I'm looking for a FOSS Flash or Java project featuring "Click to call" functionality from the browser. Do you know of such a project?
<uvirtbot`> New bug: #835901 in openssh (main) "ssh-copy-id: fails to sanitize arguments" [Undecided,New] https://launchpad.net/bugs/835901
<CluelessPerson> hi
<CluelessPerson> for some reason I can't place blocks on my server
<CluelessPerson> I just switched to world multiverse
<CluelessPerson> not sure why it would do that.
<CluelessPerson> hello?
<CluelessPerson> there are seriously 250 people in this room and there's no answer?
<CluelessPerson> weird
<alamar> CluelessPerson: you seriously don't have more patience than to wait for 5 minutes?
<alamar> not even 5 but start complaining after 2 minutes
<alamar> and I for one do not even understand what your question is
<CluelessPerson> I got multiverse working
<CluelessPerson> alamar  and suddenly I can't place any blocks in any world.
<CluelessPerson> worldedit works
<CluelessPerson> but I can't place blocks directly in world
<alamar> wtf?!
<CluelessPerson> pretty much
<alamar> CluelessPerson: I still do not know what you are speaking of
<MatBoy> this is weird... my ubuntu install does not see any disks on a DL160 G5
<MatBoy> this is really new
<StevenR> MatBoy: can you be a little more specific?
<MatBoy> StevenR: I think the BIOS is dead
<MatBoy> StevenR: BIOS sees disks... OS doesn't ... with ahci and compatible
<MatBoy> StevenR: also new to me
<StevenR> MatBoy: does a live-usb or live-cd see the disks?
<StevenR> does one of those see the controller?
<MatBoy> StevenR: server CD
<StevenR> MatBoy: please be more verbose.
<AlecTaylor> I'm looking for a FOSS Flash or Java project featuring "Click to call" functionality from the browser. Do you know of such a project?
<cemc> hi. I suspended my desktop and after resume, /dev/sdb wouldn't start, so I 'scsiadd -r 1 0 0 0' and the 'scsiadd -a 1 0 0 0'. now the drive shows up as sdc. can I rename it back to sdb, and how?
<cemc> nvr mind
<kaushal> Hi
<kaushal> http://pastebin.ubuntu.com/676648/
<kaushal> its on 10.04.1
<kaushal> Can someone please help me understand the figure 71.4g
<kaushal> how is it possible ?
<maxagaz> hi
<maxagaz> I would like to monitor all the traffic on my server, at least all the SSH traffic (who and where do people conenct from, the amount of data they've downloaded or uploaded, and from where), what tool should I use ?
<maxagaz> (especially ssh tunnelling traffic)
<kaushal> Any clue please ?
<hggdh> kaushal: this is virtual memory you are looking at
<hggdh> the whole address space for this process
<kaushal> yes
<kaushal> hggdh: but the physical memory space is 48 GB
<kaushal> oh ok
<kaushal> so means hardisk space ?
<hggdh> no
<hggdh> directly from the man entry for 'top': The total amount of virtual memory used by the task.  It includes all code, data and shared libraries plus pages that have been swapped out and pages that have been mapped but not used.
<kaushal> ok
<hggdh> this is just memory space
<kaushal> got it
<kaushal> also if i need someone to refer to VIRT under man top
<kaushal> is there a shortcut key or something ?
<jfb_h20> lost my webcam /dev/video0 , but can't determine the cause...
<kaushal> like href in case of html page
<kaushal> i know just do man top and then /VIRT
<jfb_h20> dmesg shows it registered a new interface driver uvcvideo...
<jfb_h20> any ideas on what else to check?
<kaushal> simpler way to do it ?
<hggdh> kaushal: no, not really. But. while in 'man' you can search for 'VIRT', or 'o:', and this will put you straight to the explanation
<hggdh> heh
<jfb_h20> can I delete /dev/video0 and see reboot? maybe it was corrupted?
<kaushal> you can search for 'VIRT', or 'o:' ?
<kaushal> not sure how do i use o: ?
<kaushal> hggdh: please help me understand
<hggdh> kaushal: /o:
<kaushal> ok
<hggdh> kaushal: the fields shown on 'top' are associated with letters. 'o' is the letter for the VIRT field
<kaushal> ok
<kaushal> i did top -d 1
<kaushal> and then letters ?
<hggdh> no, you would need to start top, then enter 'o' and the fields you want
<hggdh> (the fields will be shown)
<hggdh> I mean, just hit 'o', then select the fields you want
<kaushal> hggdh: Thanks
<kaushal> also what does [flush-8:16]
<kaushal> mean
<kaushal> how do i get rid of it
<kaushal> when i do top this process shows up
<kaushal> http://askubuntu.com/questions/30191/how-can-i-prevent-flush-816-and-jbd2-sdb2-8-from-causing-gui-unresponsivenes
<kaushal> hdparm -C /dev/sda
<kaushal> /dev/sda: drive state is:  unknown
<kaushal> Please help me understand
<kaushal> hggdh: also SWAP is just 4GB
<kaushal> How come VIRT is 74 GB
<hggdh> virt shows all memory referenced, even these not allocated
<kaushal> not sure i understand that
<kaushal> hggdh: please help me understand
<hggdh> ok, kaushal has left
 * hggdh again goes elsewhere as well
<Guybrush_T> dont know if this is the right place to ask but i have some problems with bind9: i just configured dhcpd and bind to use dyndns and it seems to work up to one point - named wants to creat journal files corresponding to the zone files but apparmor interferes
<Guybrush_T>  apparmor="DENIED" operation="mknod" parent=1 profile="/usr/sbin/named" name="/etc/bind/db.intranet.local.jnl" pid=19257 comm="named" requested_mask="c" denied_mask="c" fsuid=105 ouid=105
<Guybrush_T> any ideas?
<hggdh> Guybrush_T: run 'sudo aa-status' to find the name of the bind9 profile; then run 'aa-complain <the profile name you found>
<hggdh> this will put the bind9 profile in complain mode
<hggdh> then find out what it is complaining about (all of the complains) and adjust the apparmor bind9 profile as needed; then put it back in enforce mode
<hggdh> I do not use bind9, so I do not know if this is an expected action from you, or a bug
<Guybrush_T> ill give that a try
<Guybrush_T> its probably named
<hggdh> then the profile is probably /usr/sbin/named, and will be called usr.sbin.named in the /etc/apparmor.d directory
<Guybrush_T> thanks - ill have a look there - hope its not too complicated to change that stuff
<Guybrush_T> btw - even though its in complain mode the error msg didnt really change
<Guybrush_T> just tried to open /usr/sbin/named .... doesnt look right ^^
<Guybrush_T> ah sorry got that mixed up
<hggdh> heh
<hggdh> and I should have told you from the beginning the profile name... it is shown in the messages
<Guybrush_T> ah ^^
<Guybrush_T> ok i opened it
<Guybrush_T> ok i notice one thing - theres a comment that says /etc/bind should be read only
<Guybrush_T> for bind
<hggdh> this is not an error if you put the profile in complain mode
<hggdh> yes. this is why apparmour complained on a create operation
<hggdh> apparmor
<Guybrush_T> yes
<Guybrush_T> but it seems to be ok that it complains
<hggdh> also, if you 'grep audit /var/log/syslog' you will see all apparmour messages, then it is just adjusting the profile
<Guybrush_T> cant be a  bug if theres even a comment to explain it
<hggdh> if it is in complain mode, then named is running, and you should be able to check NS resolution
<hggdh> Guybrush_T: I did not *think* it was a real error, since it seems you created some zones; but I am not sure (again, I do not use bind9)
<Guybrush_T> oh - its not that named is not starting
<Guybrush_T> its running fine
<Guybrush_T> but WHEN a client requests dhcp dhcp contacts named to write a new dns entry
<Guybrush_T> thats when named/bin tries to creates / append to a jnl file in /etc/bind
<hggdh> and you might get another audit message stating what operation would be blocked -- and you again adjust the profile, and reload it
<Guybrush_T> so i should comment the following line? /etc/bind/** r,
<hggdh> no
<hggdh> of course, you _can_, but you are weakening the protection
<Guybrush_T> right - thought so too ^^ - then i didnt understand what you wanted me to do
<Guybrush_T> "adjust the profile"
<hggdh> named is trying to work on your zone files, but the default profile inhibits it. So you adjust the profile in order to be able to go back to enforce mode
<hggdh> keeping with your error line, db.intranet.local.jnl is being created, but the usr.sbin.named profile does not authorise it. So you can add a line saying this file can be created (and written to, also)
<Guybrush_T> i just found an interesting conversation about using symlinks
<Guybrush_T> there seems to be a directory wher bind can/ should write those jnl files to
<Guybrush_T> /var/cache/bind
<Guybrush_T> ok, i just founda  forum post that explains how its supposed to be done: bind shouldnt be allowed to write anything to /etc/bind - thats why the zone files should be linked to from /var/cache/bind/
<Guybrush_T> when named finds them there it will create the jnl files there and not try to create them in /etc/bind/
<Guybrush_T> so ill try that
<Guybrush_T> i can tell you how it went if you are still interested
<log69> hi all! anybody interested in testing my security related software? to harden servers too? this is a 1-click auto MAC configuration solution. every suggestion or opinion is welcome! my site: http://log69.com/tomld_en.html
<hggdh> Guybrush_T: sounds plausible, and yes, I would be interested (since one day I am going back to bind9 ;-))
<Guybrush_T> what are you using now anyway?
<hggdh> an external NS (google)
<Guybrush_T> ah k
 * alamar favors powerdns
<Guybrush_T> man id like to try them all but im so nooby i have to go slow about it
<Guybrush_T> i want so muchb and can do so little ^^
<Guybrush_T> also im SO CLOSE to getting it to work (i think)
<hggdh> heh
<Guybrush_T> the link i probably need is  simply ln -s right?
<Guybrush_T> coz it still wants to write in /etc/bind...
<Guybrush_T> *sigh*
<hggdh> Guybrush_T: IDK now, sorry
<Guybrush_T> hggdh: its ok - thanks for helping
<Guybrush_T> hah! it works
<Guybrush_T> problem was that the zone descripton in named.conf.local was still pointing to the /etc/bind/ files and not the symlinks ^^
<Guybrush_T> hggdh: bump
<rickjaruiz> how do i force close a screen? i used screen ./start.sh
<guntbert> rickjaruiz: screen as in screen (the program)?
<rickjaruiz> yes
<rickjaruiz> its stuck
<rickjaruiz> trying to start
<rickjaruiz> i need to force close
<TheEvilPhoenix> um...
<TheEvilPhoenix> why did you do screen ./start.sh?
<TheEvilPhoenix> curious :P
<rickjaruiz> it starts a server
<guntbert> rickjaruiz: try ctrl+c, ctrl+d
<rickjaruiz> nvm, i did ctrl+a then +d, then screen -X quit
<rickjaruiz> is there a "free -m" that auto refreshes?
<guntbert> rickjaruiz: watch free -m
<rickjaruiz> nice thanks
<guntbert> you're welcome :-)
<hggdh> Guybrush_T: ack, thank you
<Guybrush_T> is there a way to make bind flush all dyndns entries?
<photon> Guybrush_T: #bind
<StevenR> Guybrush_T: restart it
<Guybrush_T> nah doesnt work
<StevenR> how do you know it doesn't work? What tests are you doing to verify this?
<Guybrush_T> i restarted it
<Guybrush_T> and when i do nslookup its still there
<Guybrush_T> or what did you mean
<StevenR> I meant that, but much more precise. Could you pastebin the terminal output for your testing?
<Guybrush_T> do you want me restart dhcpd too?
<StevenR> I'm not sure that would help. Could you expand on your problem and setup. It might help to explain what you expect/want to occur
<Guybrush_T> ok 1 sec ill post to pastebin first
<StevenR> sure
<Guybrush_T> http://pastebin.com/6z2qA0H3
<Guybrush_T> so my setup is: dhcpd-server with 1 subnet and ddns - and 1 bind/named-server with 1 forward and 1 reverse zone
<Guybrush_T> they share a key for allow-update
<Guybrush_T> my forward zone works perfectly well
<Guybrush_T> but the reverse zone doesn't
<Guybrush_T> at one point i had the following error msg: adding an RR at '118.0.168.192.0.168.192.in-addr.arpa' PTR
<StevenR> be more precise (I also recommend learning how to use the "dig" command, because it's much clearer to see what's happening I find)
<Guybrush_T> well no error
<Guybrush_T> but it ads some bugus stuff
<Guybrush_T> the ip is far too long
<StevenR> can you be more precises about "doesn't work"
<Guybrush_T> yes dig is supposed to be good
<Guybrush_T> well in the syslog it prints lines like the one above where the ip adress is fucked up and when i do nslookup IPADR it says: server can't find 118.0.168.192.in-addr.arpa.: NXDOMAIN
<StevenR> looking at that message, either the DHCP server isn't right, or the zone definition or zone file isn't right
<Guybrush_T> i think so too
<StevenR> try dig @dnsserverIP 118.0.168.192.in-addr.arpa. PTR
<Guybrush_T> problem is i cant test my changes to the files because they "ignore" me because im already in the tables
<Guybrush_T> pastebin or private msg
<Guybrush_T> ?
<StevenR> pastebin please, then anyone playing along can see it
<Guybrush_T> http://pastebin.com/m3FWxgFD
<Guybrush_T> kk
<StevenR> get rid of the text "IP" from the command and try again
<Guybrush_T> ah ok
<StevenR> dig @192.168.0.1 118.0.168.192.in-addr.arpa. PTR
<Guybrush_T> http://pastebin.com/eqSe7P98
<Guybrush_T> ah i just noticed i can edit pastes
<Guybrush_T> i can paste my dhcpd and named files as well if you want
<StevenR> yes, do that.
<Guybrush_T> http://pastebin.com/iu7mMKXm
<Guybrush_T> thats cat named.conf named.cong.options named.cong.locals
<Guybrush_T> http://pastebin.com/VLhJSebJ
<Guybrush_T> dhcpd.conf
<StevenR> ok. can you paste the zone file for the reverse zone too please
<Guybrush_T> the forward one works fine - so ill post the reverse
<StevenR> sure
<StevenR> both the named and dhcpd confs look fine
<Guybrush_T> http://pastebin.com/bXVZZCrz
<Guybrush_T> if you look into the dhcpd.conf - there's ddns-rev-domainname : im not sure with that one
<Guybrush_T> also im not sure if to add a dot
<StevenR> the internet suggests ddns-rev-domainname "in-addr.arpa";
<TheEvilPhoenix> ^
<Guybrush_T> i tried that one too
<StevenR> and you want   ddns-domainname "intranet.local.";
<Guybrush_T> ah
<Guybrush_T> but it works
<StevenR> hmm.. or maybe not
<Guybrush_T> u sure?
<StevenR> hang on
<Guybrush_T> also then it would be in-addr.arpa. right?
<StevenR> hmmm.... no
<Guybrush_T> adding an RR at '118.0.168.192.0.168.192.in-addr.arpa' PTR --> from this message i take that i have something wrong with the zones
<Guybrush_T> it took the zone name and used it as "last ip number"
<StevenR> the zone file is missing something
<StevenR> everything else looks fine
<Guybrush_T> so i think dhcpd posts over 118.0.168.192 as the last number - and bind puts it in front of its own X.0.168.192
<Guybrush_T> how do you know its missing something? also the zone file is not really involved in the dyndns part i thought
<StevenR> put this below the $TTL line in the reverse zone file
<StevenR> $ORIGIN 0.168.192.IN-ADDR.ARPA.
<StevenR> then, stop bind, remove the journal files, start bind again, and see
<StevenR> Guybrush_T: the zone file is where those PTR records are written (well, actually to the journal, and periodically committed to the zone file)
<Guybrush_T> uhu
<Guybrush_T> ok i removed the jnl
<Guybrush_T> just another short question: i stopped bind - removed the jnl and started bind again: why can i still nslookup my client? shouldnt this information begone?
<StevenR> can you be more specific?
<StevenR> pastebin the command and output
<TheEvilPhoenix> your system may be caching the lookups.  or nslookup is using other servers
<Guybrush_T> ok - so now: i had another dhcp request etc but since he already knew my laptop he didnt map anything - there are no jnl fils created
<Guybrush_T> http://pastebin.com/j9jDCF5q
<StevenR> Guybrush_T: it already had a lease for you
<TheEvilPhoenix> ^
<StevenR> so dhcpd didn't need to do anything
<Guybrush_T> then i need to flush the leases
<StevenR> it'll be somewhere like /var/lib/dhcpd/dhcpd.leases .... you need to stop dhcpd, remove the file, start dhcpd. It's a BAD PLAN to do it if you have multiple dhcp clients active, as you *might* get IP conflicts
<Guybrush_T> StevenR: !!!! it works
<Guybrush_T> =D
<StevenR> *jazz hands*
<Guybrush_T> i think the ddns-rev thing did the trick
<Guybrush_T> thanks man!
<StevenR> did you add both the ddns-rev thing and the origin thing?
<Guybrush_T> im working on this for 8 hours
<Guybrush_T> ah yes
<Guybrush_T> that too
<Guybrush_T> maybe thats it too
<Guybrush_T> i dont know
<StevenR> it was the origin thing then
<Guybrush_T> can you explain the problem?
<StevenR> the zone file lacked a reference point
<StevenR> so dhcpd expected to be doing one thing, but because of the lack of reference point, ended up doing something else
<Guybrush_T> ok - well i cant thank you enough for your time
<Guybrush_T> i would've never found that
<StevenR> no problem :)
<Guybrush_T> should there be this origin in the forward zone field too?
<Guybrush_T> i mean it works but i want it to be proper
<StevenR> can you pastebin the forward zone file ?
<Guybrush_T> http://pastebin.com/kwjZQWHF
<Guybrush_T> i just read that usually the origin is by default the same as the zone name defined in the named.conf
<Guybrush_T> and it worked for the forward zone probably
<StevenR> http://www.zytrax.com/books/dns/ch8/#zone
<Guybrush_T> maybe i should've put just in-addr.arpa instead of 0.168.192.in-addr.arpa in the named.cong
<Guybrush_T> *conf
<StevenR> yes, that's probably true. Doesn't hurt to be specific
<Guybrush_T> 118.0.168.192.0.168.192.in-addr.arpa
<StevenR> I'd just be specific in the zone file. Then the filename doesn't actually matter
<Guybrush_T> yeah
<Guybrush_T> well im dead beat
<Guybrush_T> gotta go to bed now
<StevenR> see that zytrax link for an example forward zone
<StevenR> $ORIGIN example.com.
<StevenR> (note the trailing .)
<Guybrush_T> yeah i have the trailing dot for my forward zone anyway
<Guybrush_T> in named.cong
<Guybrush_T> NONF
<Guybrush_T> CONF
<Guybrush_T> gee
<Guybrush_T> also - is it possible to use a subdomain of my real domain for my home network? like home.mydomain.com
<Guybrush_T> and then server.home.mydomain.com
<TheEvilPhoenix> a subdomain of a subdomain?
<TheEvilPhoenix> :P
<StevenR> Guybrush_T: yes, technically it is.... you'll need to do a little thinking up front as to how you expect it to work
<Guybrush_T> TheEvilPhoenix: sounds cool right ^^
<TheEvilPhoenix> not really
<Guybrush_T> thinking is for the morrow
<TheEvilPhoenix> StevenR is right, you need to decide how you want it structured ahead of time
<TheEvilPhoenix> for example, my home net has a domain, homenet162.domain.us
<TheEvilPhoenix> no that's not the real domain
<TheEvilPhoenix> each system inside that has its own hostname: machinename.homenet162.domain.us
<TheEvilPhoenix> routing to that is processed through a system i own
<TheEvilPhoenix> crazy difficult to keep running
<TheEvilPhoenix> since i now have 15 systems on said network
<TheEvilPhoenix> (granted i'm not going to explain my configuration, as i havent had to modify it in EVER)
<TheEvilPhoenix> but he's right, in order to define that subdomainofasubdomain
<TheEvilPhoenix> you really need to consider the structuring of everything ahead of time
<TheEvilPhoenix> before setting it all up
<Guybrush_T> i thought so
<Guybrush_T> but it sounds nice anyway
<Guybrush_T> thanks again - and ill be going now
<Guybrush_T> tomorrow will be iptables turn
<Guybrush_T> yay
<Guybrush_T> ILL BE BACK
<Guybrush_T> StevenR: btw - i just commented out the origin thing with ;
<Guybrush_T> and still worked
<StevenR> in which file?
<Guybrush_T> i think it was the ddns-rev-domainname
<Guybrush_T> the reverse zone
<StevenR> so what does the ddns-rev-domainname say now? And what does the conf say for the zone name?
<Guybrush_T> named.cong zone name: "0.168.192.in-addr.arpa"
<Guybrush_T> dhcpd.cong ddns-rev-domainname "in-addr.arpa";
<StevenR> well, I suppose that's technically correct
<Guybrush_T> i suppose
<StevenR> it'd be better to specify the origin tbh
<Guybrush_T> yeah thats why i just commented it out - i plan to put it back in - just wanted to try it
<Guybrush_T> well - good night
<StevenR> night
#ubuntu-server 2012-08-20
<seijirou> bigjools: can you help with https://bugs.launchpad.net/maas/+bug/1038295
<uvirtbot> Launchpad bug 1038295 in maas "juju bootstrap fails, apt-get update fails, zookeeper doesn't install" [Undecided,Invalid]
<bigjools> yes
<seijirou> Outstanding, what do you suggest?
<bigjools> what is "ubuntu-mirror"?
<seijirou> I have no idea
<seijirou> I was hoping you could help me with that.
<bigjools> 403 is permission denied, so it's trying to connect to something
<bigjools> I suspect it's a default config in the preseed
<bigjools> can you grep the preseeds
<seijirou> Sure I'm bringing up the initial box now.
<bigjools> preseeds are on the maas box
<seijirou> Yes, the maas box is what I mean.
<bigjools> ok
<bigjools> sorry I'm not helpful enough at the moment, I'm trying to re-sync my head with the old package since we've been concentrating on a new architecture without cobbler
<seijirou> Understandable.
<seijirou> Box is up, i'm trying to remember where that preseed is.
<bigjools> /etc/cobbler/snippets and /etc/cobbler/kickstarts
<bigjools> iirc
<seijirou> I do have /etc/cobbler/ubuntu-server.preseed
<bigjools> just starting up my box too, I'll hacve a look
<seijirou_> I might need to get a real client, freenode webchat is acting up..
<seijirou_> I found /var/lib/cobbler/snippets and /var/lib/cobbler/kickstarts
<bigjools> ah that's it
<bigjools> seijirou_: I think it's set here /var/lib/cobbler/snippets/maas_proxy
<bigjools> http/proxy
<bigjools> is your server called ubuntu-server? :)
<seijirou_> http://tny.cz/1f664b2b
<seijirou_> The hostname?   It's "Galaxy1"
<bigjools> I genuinely can't fathom how ubuntu-server  gets in there then
<bigjools> let me look at your cloud-init log again
<seijirou_> Alright, thank you.
<bigjools>  Aug 17 17:40:16 Galaxy2 [CLOUDINIT] cc_apt_update_upgrade.py[DEBUG]: selected mirror at: http://ubuntu-mirror/ubuntu
<bigjools> but why ...
<bigjools> something has gone wrong in the preseeds somewhere
<bigjools> did you customise anything?
<seijirou_> Not a thing, I followed that guide directly
<seijirou_> HAha and at this point I've started from the beginning several times.
 * bigjools scratches head
<bigjools> nobody else had this problem afaik
<bigjools> can you try commenting out that http/proxy line in the preseed and try again (or set it to a fixed value if you have a local mirror that works)
<seijirou> I'll comment it out.
<bigjools> can you connect to port 8000 on Galaxy2?
<bigjools> squid-deb-proxy might be on there
<bigjools> sorry not galaxy2
<bigjools> your maas box
<seijirou> Sure
<seijirou> Looks like yes
<seijirou> Would you prefer I change @@server@@ to the maas' IP ?
<bigjools> worth a shot
<bigjools> just to eliminate this if nothing else
<seijirou> Done and bringing up 2nd box on PXE now.
<bigjools> if you kept that snippet I suggested last week you should have a password set on the ubuntu user
<bigjools> (you did customise something :) )
<seijirou> That and the NTP thing, you caught me
<bigjools> heh
<seijirou> But, I wasn't trying to inject any of my own good ideas :)
<seijirou> Same rogue "ubuntu-mirror" domain.
<seijirou> W: Failed to fetch http://ubuntu-mirror/ubuntu/dists/precise-updates/main/binary-amd64/Packages  403  Forbidden
<seijirou> Reading suggestion "c" in /etc/apt/sources.list in the remote node, it suggests changing /etc/cloud/templates/sources.list.tmpl
<seijirou> I tried that in both the i386 and amd64 images but it didn't have an effect.
<bigjools> :/
<bigjools> this is bizarre
<bigjools> grep -r ubuntu-mirror /var/lib/cobbler
<seijirou> No return
<bigjools> I am out of ideas.
<bigjools> we need roaksoax or smoser, they are more familiar with cloud-init than I
<UndiFineD> seijirou, is "ubuntu-mirror" a local lan host or an alias for an online mirror
<seijirou> UndiFineD:  I don't know where "ubuntu-mirror" came from.  I have no boxes with that name.
<bigjools> it gets a 403, so it must be connecting to something
<UndiFineD> well, it certainly is nof fqdn
<UndiFineD> bigjools, no it is a false name
<UndiFineD> check /etc/apt/sources.list
<seijirou> In the maas box or the remote node?
<seijirou> well i can tell you the maas box has us.archive.ubuntu.com
<seijirou> the remote node has ubuntu-mirror
<bigjools> yeah, cloud-init sets that up
<UndiFineD> then the remote should be corrected
<bigjools> no
<UndiFineD> hmm
<seijirou> I could manually correct the remote, but i don't know what other things teh script does after that.
<seijirou> It's a pre-requisite to a lot of other stuff I expect.
<bigjools> cloud-init writes that file based on preseed data
<bigjools> and other things, I expecty
<bigjools> something is weird in its mirror selection
<UndiFineD> well, you could work around it
<UndiFineD> by setting a name in /etc/hosts
<bigjools> won't work
<UndiFineD> it should
<bigjools> the machine is getting installed at this stage
<bigjools> seijirou: http://askubuntu.com/questions/144393/how-to-let-maas-cloud-init-client-select-internal-mirror
<bigjools> try that
 * bigjools afk for food
<seijirou> strange, mine does that archive.ubuntu.com as the mirror/http/hostname
<seijirou> I'll try it
<UndiFineD> michael's answer is funny, i was right on /etc/hosts
<seijirou> I added the line, resetting.
<seijirou> If this doesn't work I'll try /etc/hosts.  It won't hurt anything.  However, i'm unsure how i'll get /etc/hosts set.
<seijirou> That worked.... everything was archive.ubuntu.com
<seijirou> Sort of. I anticipated it would use the proxy IP I set
<seijirou> Well that's progress.  http://tny.cz/e433b33a
<bigjools> seijirou: so it will take a while to install the node
<seijirou> bigjools:  I think that install went well.  I'm attempting 'juju deploy mysql' now to a new box.
<bigjools> excellent
<bigjools> this will fail if your host lookups are not working :)
<seijirou> oy vey
<seijirou> So far so good, no new surprises
<bigjools> excellent
<_val_> Hi there. Can someone tell me what svn version is availiable on Ubuntu 12.04LTS ? I mean the latest version on the debian/ubuntu repo's?
<maxb> !info subversion precise
<ubottu> subversion (source: subversion): Advanced version control system. In component main, is optional. Version 1.6.17dfsg-3ubuntu3 (precise), package size 286 kB, installed size 1172 kB
<_val_> maxb: thanks.
<_val_> THe github version of svn is 1.7.6. When do you think this will be released?
<_val_> s/released/availiable on ubuntu repo's/
<xnox> !info subversion quantal
<ubottu> subversion (source: subversion): Advanced version control system. In component main, is optional. Version 1.6.17dfsg-3ubuntu3 (quantal), package size 286 kB, installed size 1172 kB
<xnox> _val_: above is a lie, since  1.7.5-1ubuntu1 is in Quantal.
<_val_> xnox: so ubottu needs an ubbdatu? :>
<Jake232> I',m having trouble connecting to memcached from outsie localhost, but I think the issue is probably my usage of ufw to lock down the server
<Jake232> This should allow me to connect to port 12111, right? https://gist.github.com/8aa3c0c6f5e0e16cf741
<henkjan> Jake232: you can't connect from outside to localhost
<Jake232> henkjan: I thought the rules I set should allow that?
<henkjan> Jake232: you have to edit your memcached configuration to listen on a public ip to be able to connect
<Jake232> henkjan: I got rid of the "-l 127.0.0.1"
<Jake232> so it should listen from everywhere now, right?
<henkjan> i don't know if memcached can listen on all availabe ips
<henkjan> man memcached would give you more info about that
<Pici> -l 0.0.0.0 might let you get around that if it doesn't seem to do it by default.
<zul> good morning
<phillw> Hi folks, is this edit okay to do? http://pastebin.com/SkkC1HkH
<xranby> phillw: the ubuntu documentatin is correct check your /etc/sudoers file
<xranby> # Members of the admin group may gain root privileges
<xranby> %admin ALL=(ALL) ALL
<xranby> this means that if your user is part of the admin group then sudo allows your user to execute all commands using sudo
<phillw> xranby: thanks, I'll reply to the email.
<phillw> But, possibly it could be better explained? If someone takes the time to report an issue it should be 'taken on board'.
<rbasak> xranby: the sudo group is the correct and more consistent method in 12.04: https://wiki.ubuntu.com/PrecisePangolin/ReleaseNotes/UbuntuDesktop#PrecisePangolin.2BAC8-ReleaseNotes.2BAC8-CommonInfrastructure.Common_Infrastructure
<rbasak> xranby: for consistency I think it would make sense for documentation intended for 12.04 users to refer to the sudo group instead of the admin group. Just my humble opinion though.
<phillw> rbasak: xranby the e-mail I received simply pointed out that the instructions as given, do not work.
<rbasak> phillw: that's odd. Both the admin and sudo groups should work.
<phillw> does -server have an email address? I can forward the email to you so you can better liase with the OP?
<phillw> It came to me via the -docs email address.
<rbasak> There is ubuntu-server@lists.ubuntu.com. Or the full explanation of community support channels is at http://www.ubuntu.com/support/community
<phillw> rbasak: thanks, I'll forward the original email to you with a link back for the OP
<rbasak> phillw: I can't investigate personally, sorry. I've got tons to do before the 12.10 release.
<phillw> rbasak: I meant to the mailing list - not you in person!
<rbasak> Oh OK. Sure, go ahead :)
<uvirtbot> New bug: #1039009 in bind9 (main) "package bind9 1:9.8.1.dfsg.P1-4ubuntu0.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1039009
<rbasak> If this does turn out to be reproducible it does sound like something that should really be fixed
<roaksoax> morning
<smoser> seijirou, your problem with cloud-init is bug 974509
<uvirtbot> Launchpad bug 974509 in cloud-init "cloud-init selects wrong mirror with dns server redirection" [Medium,Fix committed] https://launchpad.net/bugs/974509
<smoser> you have broken dns.
<seijirou> smoser:  Ahh that explains why I always get IP addresses for bogus domains.
<smoser> yes.
<smoser> use opendns or google dns.
<seijirou> smoser:  But how then does "ubuntu-mirror" become the domain in source.list ?
<smoser> this was a feature added to cloud-init so clouds could easily "advertise" a local ubuntu mirror, and cloud-init would pick it up.
<seijirou> Oh I didn't read far enough
<seijirou> Sorry I just woke up
<smoser> if cloud-init got a response for "ubuntu-mirror", it assumed that there was a mirror there.
<smoser> no worries.
<smoser> but your ISP says "sure, we have 'ubuntu-mirror', and 'ubuntu-asdfjkl' also!"
<seijirou> Yes exactly
<smoser> (note if you choose to use opendns, you have to actually get an account and configure it to turn that behavior off.  by default they do the same garbage)
<seijirou> I think I'll point my router to google and level3 dns
<xnox> maybe it should check for /Release file for example, before trusting it....
<xnox> and or do network check against start page thing
<zul> Daviey/adam_g: have you guys figured out what you are going to do with lessc?
<mala> hello
<Daviey> zul: i think adam_g is driving that.. but i think it can be done sanely at source package build time.
<zul> Daviey: ok because i rather not have the MIR team cringe
<mala> i'm using ubuntu server at Amazon Web Services, but i can't understand why a regular ubuntu server use use 200mb of memory ram and the AWS instance use 380mb of memory
<mala> can someone help me?
<xnox> mala: use top, sort by memory usage, figure out.
<mala> xnonx, i did it
<xnox> mala: please note on Amazon it is using Ubuntu Server Cloud Image, which is different from a "normal" server image
<xnox> (not much, but different)
<RoyK> mala: also, see the 'RES' column in top, not 'VIRT'
<RoyK> type M to sort by memory usage
<stgraber> hallyn: hmm, just noticed that your lxc-wait changes actually never made it to Ubuntu as debian/local/lxc-wait overwrites the C one
<mala> RoyK, inside top type shift M yes?
<Daviey> zul: There seems to be no need for it to happen at package build or run time.
<RoyK> yes
<zul> Daviey: cool...or we can just download all the of js and package it that way ;)
<Daviey> zul: we'll call that plan b
<zul> Daviey: can we call it plan z?
<Daviey> zul: having a "debian/rules prepare-media" would be awesome :)
<Daviey> although that could be upstreamed
<mala> Royk, always i change the ssh config file, when i restart the server, the ssh file come back to normal. Why?
<uvirtbot> New bug: #1039043 in exim4 (main) "exim tls fails: Diffie-Hellman prime too short" [Undecided,New] https://launchpad.net/bugs/1039043
<CharlieSu> Hi all.  I have a SFTP server that constantly gets locked up because the 'console-kit-daemon' process is taking a lot of CPU usage..  Any ideas why?
<Daviey> adam_g: hey, can you triage - bug 1038146 ?
<uvirtbot> Launchpad bug 1038146 in juju "Juju use keystone auth for Swift with openstack which fails to bootstrap if i am not running a swift service." [Undecided,New] https://launchpad.net/bugs/1038146
<Daviey> I am pretty sure you need it :)
<SpamapS> Daviey: mind if I take that one?
<Daviey> SpamapS: Oh, no.. that would be perfect
<Daviey> koolhead17: also looks like you are using the PPA... which will need net access.
<koolhead17> Daviey, ya i been told to use that :(
<koolhead17> SpamapS, sir. so whats the final verdict i should or should not use the PPA
<SpamapS> koolhead17: see response
<koolhead17> SpamapS, in my case i have option 1. swift using another auth
<koolhead17> SpamapS, i would not like to have my juju dependant of swift at all
<koolhead17> i can use some other object storage someday
<koolhead17> juju should be independent of all that. better there should be a provider charm and it can be of swift/ceph or something else
<koolhead17> and if particular charm in my openstack environment needs object storage it should/could use it
<koolhead17> SpamapS, https://bugs.launchpad.net/juju/+bug/1030897 also this hack
<uvirtbot> Launchpad bug 1030897 in juju "Openstack provider do not support UTF-8 token" [Undecided,New]
<CharlieSu> Hi all.  I have a SFTP server that constantly gets locked up because the 'console-kit-daemon' process is taking a lot of CPU usage..  Any ideas why?
<koolhead17> SpamapS, also what configuration in which file i need to make so it runs without stopping at failed swift creds?
<njin> Hallo there's someont able to run maas on virtualbox ?
<njin> someont/someone
<koolhead17> njin, do a google i guess i saw some one writing blog on it
<njin> I've tried google suggestion, but nothing
<SpamapS> koolhead17: there's only one config file (~/.juju/environments.yaml)
<koolhead17> SpamapS, and what configuration i have to pass so it does not ask for swift sir
<SpamapS> koolhead17: for the "cloud without object storage" ... I see the use case, but juju needs a way to distribute files to new instances, so its a chicken-and-egg problem.. how do you deploy a charm whose purpose is distributing charms ;)
<SpamapS> koolhead17: Not entirely sure what you're asking. I'm in a bit of a rush, so please forgive me
<koolhead17> SpamapS, i dont want swift or object storage in my openstack infra
<koolhead17> does that mean i cannot use Juju
<koolhead17> ?
<koolhead17> SpamapS, ok. later
<koolhead17> just ping me once u have time i will test it for you sir
<SpamapS> koolhead17: no, it means you will have to use some other S3 service tho
<SpamapS> koolhead17: plain and simple, juju cannot operate without an object store.
<koolhead17> SpamapS, but nowhere it says that OS cannot run without Object storage
<koolhead17> :)
<koolhead17> its a component if one wants uses it :D
<koolhead17> seems like only solution would be to create some fake S3 env <-- which is not there :)
<SpamapS> koolhead17: its fundamental to the design of juju. This has nothing to do with openstack reqs.
<SpamapS> koolhead17: we need a place where we can push bundles to and have new instances find them.
<koolhead17> SpamapS, either am confused or am not able to clarify my condition
<SpamapS> koolhead17: yes we could run that on the machine 0.. no that is not on the priority list.
<koolhead17> SpamapS, then i need a way out for this
<koolhead17> i can load images kept inside glance
<koolhead17> authenticated via
<koolhead17> keystone
<koolhead17> :)
<smoser> utlemming, your review at https://code.launchpad.net/~smoser/vmbuilder/automated-ec2-builds.lp1035279/+merge/120410 would be appreciated.
<SpamapS> koolhead17: yeah, thats great. Not at all related to juju, but thats great. :)
<SpamapS> koolhead17: you need a globally accessible object store. Swift and "something that talks S3" are supported for openstack...
<utlemming> smoser: looking
<koolhead17> SpamapS, in my current enviornment i just dont use swift at all cos my images are taken care by glance
<koolhead17> and i dont see its need in future
<koolhead17> so cant we come with some fake auth for S3
<koolhead17> to get out/away with this issue
 * koolhead17 is out. ttl
<smoser> utlemming, i can do the merge. i just wanted your eyeballs on it.
<smoser> as a double check of the logic.
<utlemming> smoser: yup, it looks fine
<smoser> go ahad and comment there, and then i'll merge
<utlemming> smoser: I kicked off a build against it to smoke check, just in case
<utlemming> but it looks fine for merging
<smoser> utlemming, well, i'll wait on the result then. thats great. thank you.
<utlemming> smoser: one of the "features" of our new builder is the ability to test branches with out containating the main builds
<Daviey> smoser: did you work out how to fix that damn python-keyring issue? it hit me ages ago, and i got around it.. but can't remember how.. i DON'T want to use a creds file.
<smoser> Daviey, http://paste.ubuntu.com/1086257/
<smoser> put that in ~/keyringrc.cfg
<smoser> better link: http://bit.ly/nova-no-keyring
<Daviey> smoser: that second link is MUCH better, thanks
<smoser> :)
<smoser> well, it means i can find it in my irc logs better.
<Daviey> heh
<Daviey> smoser: and great.. doesn't seem to work with w3m anymore?
<Daviey> Grr
<Daviey> ah no, does work
<cyphermox> adam_g: ping
<cyphermox> adam_g: I'd like to test one new release of dnsmasq that got released last week; I asked Daviey and he suggested I ask you about adding it (https://launchpad.net/~mathieu-tl/+archive/nm/+sourcepub/2613904/+listing-archive-extra) to the openstack CI to smoke test before uploading, just to make sure it doesn't break openstack
<cyphermox> or you could just take the package from Debian unstable, since it's there now.
<Daviey> cyphermox: hey, i'm sure we can do that.. adam_g Should be around shortly to confirm
<Daviey> zul: http://people.ubuntu.com/~davewalker/cloud-archive-status.txt
<Daviey> zul: that is updated hourly
<zul> what am i looking at?
<Daviey> zul: that is the list of things on the queue to migrate.. staging -> proposed.. proposed -> updates
<zul> Daviey: gotcha
<RoyK> how can I have ubuntu keep back certain packages? I've built my own ffmpeg package, and I don't want it to be upgraded automatically
<xnox> RoyK: google for apt-pinning
<ogra_> or just use synaptic it has an UI element that allows you to lock packages
<Daviey> !pinning | RoyK
<ubottu> RoyK: pinning is an advanced feature that APT can use to prefer particular packages over others. See https://help.ubuntu.com/community/PinningHowto
<RoyK> thanks
<xnox> Daviey: and his fancy ! commands
<xnox> =)
<RoyK> hrmf
<RoyK> seems linux is unable to kick out a hanging drive from a raid
<Daviey> well that isn't normally true
<RoyK> http://paste.ubuntu.com/1157472/ got this almost half an hour ago
<RoyK> started smartctl -t short /dev/sdd, and even that seems to be hanging
<RoyK> trying to do something on /raid (where the filesystem is mounted) just blocks
<RoyK> root@smilla:~# touch /raid/tmp/wtf
<RoyK> ^C
<uvirtbot> RoyK: Error: "C" is not a valid command.
<Daviey> RoyK: what raid type?
<RoyK> md raid-6
<RoyK> http://paste.ubuntu.com/1157475/
<Daviey> RoyK: well, something does indeed seem wookey
<Daviey> can't really help atm
<RoyK> the drive hung the other day as well
<RoyK> and a reboot 'fixed' it, but I want to try to see if linux can sort this out without using debugging methods normally reserved for windows machines
<xnox> RoyK: do you know which drive is failed?
<RoyK> xnox: see the pastebin above - ata4 times out, the raid is hanging
<RoyK> and even the smart test seems to be hanging
<xnox> $ mdadm --fail /dev/sdX
<xnox> then you can remove it.
<xnox> for example.
<RoyK> hm... raid stil hanging. trying to touch a file in there blocks the process
<RoyK>  /proc/mdstat tells me recovery is in progress, though
 * RoyK has seen drives 'die' like that earlier, and has found that a quick yank to the side while the disk is spinning, guaratees trouble-free replacement under warranty, while just returning the disk, often gives problems like 'hey, the disk works'
<adam_g> cyphermox: i can test that dnsmasq, but im currently also trying to resolve 1035172
<adam_g> cyphermox: so in the meantime, i can at least install an older precise kernel to avoid that bug, and confirm that the dnsmasq bits are working there. ...if that helps
<cyphermox> Ah, yes, it would. Mostly as long as we can make sure the small changes in dnsmasq don't break openstack use cases
<hallyn> stgraber: bleh
<RoyK> hrmf! just ran smartctl -t short /dev/sdd and smartctl -a, which tells me
<RoyK> Num  Test_Description    Status                  Remaining  LifeTime(hours)  LBA_of_first_error
<RoyK> # 1  Extended offline    Completed: read failure       90%      6897         1514732911
<RoyK> still, smartctl -H tells me the drive is healthy
<adam_g> cyphermox: those dnsmasq packages seem to work fine, at least using FlatDHCPManager, which launches dnsmasq with http://paste.ubuntu.com/1157571
<cyphermox> great. is there a different launch command you know of?
<cyphermox> what I'm curious about is mostly whether there is anything that uses dhcp-range="interface:blah" or something like that
<adam_g> cyphermox: i can check the source to see what the other managers use
<cyphermox> adam_g: I guess I can do that
<cyphermox> adam_g: is it all together in a source or are there multiple sources?
<adam_g> cyphermox: i believe its all in nova/network/linux_net.py
<cyphermox> adam_g: looks fine
<cyphermox> adam_g: Daviey: mind if I go ahead and sync dnsmasq to 2.63-1?
<adam_g> cyphermox: looks okay to me, have you checked with people working on MAAS? i dont know what their current use of dnsmasq is in the work thats being done to supercede cobbler
<cyphermox> I had no clue it was used there too
<adam_g> Daviey or roaksoax would know
<cyphermox> fwiw, lxc and libvirt look okay already too
<Daviey> cyphermox: sounds good
<Daviey> cyphermox / adam_g: MAAS is dropping dnsmasq
<Daviey> adam_g: did you look at compressing horizon's media at source package creation time?
<adam_g> Daviey: not any more than we discussed last time
<adam_g> Daviey: FYI 'add-apt-repository "http://ubuntu-cloud.archive.canonical.com/ubuntu precise-proposed/folsom"' results in an invalid entry to sources.list (two releases) 'deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise precise-proposed/folsom'
<Daviey> adam_g: ok
<peeps[work]> i'm trying to set up a couple samba shares on my server and having some difficulty.  when I try to add a samba user with smbpasswd or pdbedit it says "Failed to add entry for user blah."   but gives not other information about why it failed.  does each samba user have to be an existing linux userr also?
<uvirtbot> New bug: #1039196 in lxc (universe) ""unregister_netdevice: waiting for lo to become free." message after shutting down an lxc container" [Undecided,New] https://launchpad.net/bugs/1039196
<sveinse> How do I configure kernel commandline to print *everything* during boot, rather than having this plymouth theme which hides it all?
<sveinse> I have plymouth-theme-ubuntu-text installed, and I get text dots as progress. But that is not what I want
<chilicuil> sveinse: press <Esc> while booting to change to the text mode (where all msgs are shown) or modify the grub entry for the kernel to remove 'splash': https://wiki.ubuntu.com/Plymouth#Debugging
<chilicuil> you can also see the boot logs, if you run dmesg & check /var/log/boot.log out
<sveinse> chilicuil: Well. I have no "splash" in the kernel command line at all. The only install theme is plymouth-theme-ubuntu-text, and it seems to hide everything between grub and getty.
<iToast> apache2: bad user name ${APACHE_RUN_USER}
<iToast> WHat do I do to fix that
<xr1rr> I want to download some biggish files from a third party websites and store them on amazon s3. Is there anyway to do that without directly downloading them first to my local computer and then upload them back to amazon s3
<ikonia> download them directly from your amazon machine /
<xr1rr> but I am only using amazon s3
<xr1rr> can it be done using amazon s3
<ikonia> so you are just using amazon storage, not running a machine on amazon
<xr1rr> yes
<ikonia> then no, it has to go through your machine
<xr1rr> but i need to upload files around 800mb/1gb in size and there is going to create alot of wasted bandwidth?
<xr1rr> my ISP will hate me lol
<ikonia> well, it has to hit your machine
<Troy^> lol
<Troy^> it is only 1gb
<jernst> Needing a postfix guru â¦ attempting to do smtp_sender_dependent_authentication and Amazon/SES and having no luck.
<xr1rr> Troy^: i have about 30/40 different files tho
<ikonia> jernst: just explain the issue
<Troy^> xr1rr: i transfer about 1tb a month isp never says anything
<jernst> I just wrote it up on ServerFault: http://serverfault.com/questions/419440/whats-wrong-with-my-postfix-setup-routing-through-amazon-ses-smtp-sender-depe
<ikonia> sorry, I'm not reading through that
<smw_> what is wrong with the following sudoers line? myuser ALL = (root) NOPASSWD: god terminate, /etc/init.d/god start
<smw_> I would like myuser to have the power to run those two commands with a password as root
<ikonia> smw_: root ?
<jernst> ikonia: just trying to be specific.
<smw_> ikonia, what?
<ikonia> smw_: sorry, miss-read
<ikonia> smw_: why have you got "god terminate"
<jernst> ikonia: more specifically: what is the correct content of a smtp_sasl_password_map file when smtp_sender_dependent_authentication = yes? keys are sender email addresses? sender domains? relay hosts?
<smw_> ikonia, I want someone to be able to run god terminate
<smw_> ikonia, although, I should probably give the path to god...
<ikonia> jernst: so you want postfix speciality in #postfix really, I thought it pulled that info from the DV rather than plain in the map file in your situation
<smw_> ah!
<smw_> ikonia, giving the complete path to god fixed it
<ikonia> should do
<ikonia> complete paths only
<jernst> ikonia: "DV" = ?
<smw_> ikonia, yeah, thanks for pointing out that "god" was wrong :-)
<ikonia> ?
<ikonia> smw_: I'd not idea what "god" was
<smw_> ikonia, a command :-)
<ikonia> I assumed you where doing some sort of comment or alias
<smw_> ikonia, apparently, sudo did not know what god was either ;-)
<ikonia> smw_: I hate to point out the obvious, but the default ubuntu sudo rule allows you to run all commands, was that not enough ?
<smw_> ikonia, this is a separate user who I want to be able to run those two automated commands
<smw_> ikonia, this allows my deploy user to restart a service
<ikonia> smw_: fair enough, just checking
<arrrghhh> hey all, i have a case of the dumb.  i'm trying to get a bash script to zip all files with a particular name... is this possible?
<arrrghhh> like "zip -m ConnectionManager*.log ConnectionManager$(date +%Y%m%d_%H%M%S).zip"
<arrrghhh> hrm.  seems i figured it out.  derp.
#ubuntu-server 2012-08-21
<uvirtbot> New bug: #1039295 in openvswitch (universe) "Please investigate the feasibility of apparmor for openvswitch" [Wishlist,Confirmed] https://launchpad.net/bugs/1039295
<adam_g> smoser: fyi Bug #1024326
<uvirtbot> Launchpad bug 1024326 in horizon "django_compressor is required for access to the dashboard" [High,In progress] https://launchpad.net/bugs/1024326
<TheLordOfTime> yo SpamapS, alive/around?
<trimeta> My server can send mail to itself (tested using the mail command, which comes from heirloom-mailx in order to gain Maildir support, and with mutt), but cannot send messages to addresses off the server. What additional configuration do I need? Could my router be blocking the packets?
<Psi-Jack> Okay. On Ubuntu Server 12.04, what could /possibly/ be appending nameserver 127.0.0.1 to the top of my resolv.conf file for whatever reason? It's a server, statically assigned IP.
<trimeta> I used tasksel to install the "Mail server" packages, but I suppose they're probably not all configured correctly...
<Psi-Jack> trimeta: Heck, your ISP itself could be directly blocking outbound SMTP
<trimeta> Psi-Jack: Hmm, true. Is there a way to test if the messages are leaving the server correctly?
<qman__> trimeta, the 'internet site' mail configuration is ready to go out of the box
<qman__> but your ISP and everything else must be set up to actually get mail to other people
<trimeta> So if I can send mail @localhost, but not @gmail.com, it's probably a problem with my ISP?
<Psi-Jack> trimeta: telnet mailin-02.mx.aol.com 25
<trimeta> Looks like it's timing out.
<Psi-Jack> trimeta: Does that work, even if it may immediately disconnect you with a message: 421 mtain-ma03.r1000.mx.aol.com Service unavailable - try again later
<qman__> gmail (and most mail hosts) will not accept mail unless you have a static IP that is not blacklisted and have proper PTR DNS set up
<trimeta> E.g., I see "Trying 64.12.90.65..." followed by nothing.
<Psi-Jack> trimeta: And you're on sbcglobal?
<Psi-Jack> trimeta: In Florida?
<trimeta> The server is in the same place I'm IRCing from, yes.
<Psi-Jack> Okay, telnet mx2.sbcglobal.am0.yahoodns.net 25
<trimeta> Same effect, Trying 98.138.206.39... followed by nothing.
<Psi-Jack> or telnet smtp.sbcglobal.yahoo.com 25
<trimeta> OK, that one works.
<Psi-Jack> Yep
<Psi-Jack> ISP is blocking you outright.
<qman__> yeah
<Psi-Jack> Call, complain, refuse to pay, fire them if need-be.
<qman__> that's a typical configuration
<Psi-Jack> It's an unacceptable "configuration"
<qman__> you need a static IP and typically a business account
<Psi-Jack> heh, very few people these days even use their ISP's own mail services.
<trimeta> It's all webmail or work-provided, right.
<Psi-Jack> Or, google mail, which provides full SMTP+IMAP+POP3
<Psi-Jack> Something that's universally usable, and not tied strictly to your ISP.
<Psi-Jack> Anyway, anyone see my question earlier? ;)
<trimeta> Well, I only really wanted this to have it report to me if anything bad happened to the system...hopefully it'll survive long enough for me to log in and get the "You have one new message" notification.
<Psi-Jack> trimeta: Well, what you could do is setup ssmtp, or setup your MTA to use the previous SMTp host that worked as a "smarthost" relay.
<Psi-Jack> SSMTP if you don't need local mail delivery, an actual MTA if you want both local and relayed.
<qman__> trimeta, what I did before I got a static IP was set up a gmail account for it
<qman__> and configured postfix to use that to email me
<Psi-Jack> Eh... The smarthost route usually works.
<qman__> but yeah
<Psi-Jack> Configuring an MTA to specifically use google's authentication is excessively borderline insanity.
<qman__> odds are that mail relay will accept your mail
<trimeta> I'll try dpkg-reconfigure with smtp.sbcglobal.yahoo.com, I guess.
<qman__> other than having the password in a config file, I didn't really have a problem with it
<qman__> it took about 20 minutes reading a guide on the net
<Psi-Jack> Anyways, /something/ keeps adding "nameserver 127.0.0.1" to my Ubuntu 12.04 server for no obvious reason, and it's breaking my dns lookup for the servers.
<qman__> probably resolvconf
 * patdk-lap wonders what is so hard about configuring an mta to use googles authenication
<patdk-lap> google uses normal standard smtp tls + auth
<patdk-lap> like any mailserver should
<qman__> on port 587
<qman__> it's not very complicated
<patdk-lap> well, port 587 is the correct port too
<Psi-Jack> Yeah, but I don't see why resolvconf would be adding it in, specifically
<Psi-Jack> I see no rule for it to.
<patdk-lap> psijack did you *completely* miss reading the 12.04 release notes?
<patdk-lap> due to changes in dns, we now run a *local* dns server
<patdk-lap> this local dns server does dnssec
<Psi-Jack> patdk-lap: Not on SERVER, no.
<Psi-Jack> Desktop using DHCP, yes.
<patdk-lap> there is likely a local copy of dnsmasq running :)
<Psi-Jack> There is no.
<Psi-Jack> +t
<patdk-lap> hmm, I haven't had it do that on server
<patdk-lap> maybe a package you installed brought it along for the ride? :)
<Psi-Jack> Yeah, mine's doing it on a /SERVER/ install. Which I installed bind on because it's my external facing DNS resolver+zones
<Psi-Jack> Ugh...
<Psi-Jack> F'scking bind9's init script is doing it!
<Psi-Jack> In the lo.named rule.
<patdk-lap> I haven't used bind since bind 4
<Psi-Jack> heh, i have 4 primary bind9 servers. 2 internal which use the 2 external facing ones for a resolver.
<Psi-Jack> And there we go! DNS is no longer adding 127.0.0.1
<Psi-Jack> Frickin PITA.
<Psi-Jack> patdk-lap: What do you use for DNS these days?
<patdk-lap> pdns
<patdk-lap> bind just doesn't support doing anything efficent
<Psi-Jack> heh
<patdk-lap> I seriously cant be managing domains in text files
<Psi-Jack> Hmm
<Psi-Jack> Heck, I just manage mine through webmin, personally, internally secured.
 * patdk-lap wouldn't use webmin
<Psi-Jack> So you use PowerDNS with an SQL backend, I presume?
<patdk-lap> and isn't sure if webmin would even scale up to supporting 100's of k domains
<patdk-lap> I have used just about every backend pdns supports, ldap, sql, geo, pipe
<patdk-lap> plus, for recursive usage, I found it to be 3x faster than bind8, when generating webstats
<uvirtbot> New bug: #999685 in mysql-5.5 (main) "package mysql-server-5.5 5.5.22-0ubuntu1 failed to install/upgrade: underprosessen installerte post-installation-skript returnerte feilstatus 1" [Undecided,Expired] https://launchpad.net/bugs/999685
<uvirtbot> New bug: #1004331 in mysql-5.5 (main) "package mysql-server-5.5 5.5.22-0ubuntu1 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 1" [Undecided,Expired] https://launchpad.net/bugs/1004331
<uvirtbot> New bug: #1010536 in mysql-5.5 (main) "package mysql-server-5.5 5.5.22-0ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Expired] https://launchpad.net/bugs/1010536
<uvirtbot> New bug: #1011113 in mysql-5.5 (main) "package mysql-server-5.5 5.5.22-0ubuntu1 failed to install/upgrade: le sous-processus script post-installation installÃ© a retournÃ© une erreur de sortie d'Ã©tat 1" [Undecided,Expired] https://launchpad.net/bugs/1011113
<uvirtbot> New bug: #1011974 in mysql-5.5 (main) "package mysql-server-5.5 5.5.24-0ubuntu0.12.04.1 failed to install/upgrade: il sottoprocesso vecchio script di post-installation ha restituito lo stato di errore 1" [Undecided,Expired] https://launchpad.net/bugs/1011974
<uvirtbot> New bug: #1013430 in mysql-5.5 (main) "package mysql-server-5.5 5.5.24-0ubuntu0.12.04.1 failed to install/upgrade: el subproceso instalado el script post-installation devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,Expired] https://launchpad.net/bugs/1013430
<uvirtbot> New bug: #1013507 in mysql-5.5 (main) "package mysql-server-5.5 5.5.24-0ubuntu0.12.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Expired] https://launchpad.net/bugs/1013507
<uvirtbot> New bug: #1015406 in mysql-5.5 (main) "package mysql-server-5.5 5.5.24-0ubuntu0.12.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Expired] https://launchpad.net/bugs/1015406
<uvirtbot> New bug: #987509 in mysql-5.5 (main) "package mysql-server-5.5 5.5.22-0ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Expired] https://launchpad.net/bugs/987509
<uvirtbot> New bug: #989772 in mysql-5.5 (main) "package mysql-server-5.5 5.5.22-0ubuntu1 failed to install/upgrade: il sottoprocesso vecchio script di post-installation ha restituito lo stato di errore 1" [Undecided,Expired] https://launchpad.net/bugs/989772
<uvirtbot> New bug: #990500 in mysql-5.5 (main) "package mysql-server-5.5 5.5.22-0ubuntu1 failed to install/upgrade: el subproceso instalado el script post-installation devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,Expired] https://launchpad.net/bugs/990500
<uvirtbot> New bug: #990554 in mysql-5.5 (main) "package mysql-server-5.5 5.5.22-0ubuntu1 failed to install/upgrade: Ð¿Ð¾Ð´Ð¿ÑÐ¾ÑÐµÑÑ ÑÑÑÐ°Ð½Ð¾Ð²Ð»ÐµÐ½ ÑÑÐµÐ½Ð°ÑÐ¸Ð¹ post-installation Ð²Ð¾Ð·Ð²ÑÐ°ÑÐ¸Ð» ÐºÐ¾Ð´ Ð¾ÑÐ¸Ð±ÐºÐ¸ 1" [Undecided,Expired] https://launchpad.net/bugs/990554
<uvirtbot> New bug: #990937 in mysql-5.5 (main) "package mysql-server-5.5 (not installed) failed to install/upgrade: Ð¿Ð¾Ð´Ð¿ÑÐ¾ÑÐµÑÑ ÑÑÑÐ°Ð½Ð¾Ð²Ð»ÐµÐ½ ÑÑÐµÐ½Ð°ÑÐ¸Ð¹ post-installation Ð²Ð¾Ð·Ð²ÑÐ°ÑÐ¸Ð» ÐºÐ¾Ð´ Ð¾ÑÐ¸Ð±ÐºÐ¸ 1" [Undecided,Expired] https://launchpad.net/bugs/990937
<uvirtbot> New bug: #994859 in mysql-5.5 (main) "package mysql-server-5.5 5.5.22-0ubuntu1 failed to install/upgrade: Ð¿Ð¾Ð´Ð¿ÑÐ¾ÑÐµÑÑ ÑÑÑÐ°Ð½Ð¾Ð²Ð»ÐµÐ½ ÑÑÐµÐ½Ð°ÑÐ¸Ð¹ post-installation Ð²Ð¾Ð·Ð²ÑÐ°ÑÐ¸Ð» ÐºÐ¾Ð´ Ð¾ÑÐ¸Ð±ÐºÐ¸ 1" [Undecided,Expired] https://launchpad.net/bugs/994859
<uvirtbot> New bug: #999156 in mysql-5.5 (main) "package mysql-server-5.5 5.5.22-0ubuntu1 failed to install/upgrade: Ð¿Ð¾Ð´Ð¿ÑÐ¾ÑÐµÑÑ ÑÑÑÐ°Ð½Ð¾Ð²Ð»ÐµÐ½ ÑÑÐµÐ½Ð°ÑÐ¸Ð¹ post-installation Ð²Ð¾Ð·Ð²ÑÐ°ÑÐ¸Ð» ÐºÐ¾Ð´ Ð¾ÑÐ¸Ð±ÐºÐ¸ 1" [Undecided,Expired] https://launchpad.net/bugs/999156
<uvirtbot> New bug: #978282 in mysql-5.5 (main) "package mysql-server-5.5 5.5.22-0ubuntu1 failed to install/upgrade: el subproceso instalado el script post-installation devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,Expired] https://launchpad.net/bugs/978282
<koolhead17> lol
<blendedbychris> anyone here familiar with packaging â¦ specifically the --add-module ./configure command?
<blendedbychris> I'm trying to repackage the stable version of https://launchpad.net/~nginx/+archive/stableÂ and add http://arut.github.com/nginx-rtmp-module/Â and then submit to launchpad
<blendedbychris> i put the rtmp module in debian/modules but I am curious how i tell it to add-module on its own i suppose
<Psi-Jack> patdk-lap: Hmmmm.. I may have to look into PowerDNS again, especially since I have a pretty good infrastructure together again, and I have a solid LDAP going.
<Psi-Jack> However... Looks like their LDAP backend is unmaintained... Odd.
<aarcane> so my do-release-upgrade from 11.10 to 12.04 crashed during the dpkg --configure -a stage, and I had to forcibly reboot the system (the error was something about a read-only filesystem).  I finished dpkg --configure -a as instructed..  but what else do I need to do ?
<sanderj> Hi. How do I upgrade from 10.04 to 12.04?
<henkjan> sanderj: do-release-upgrade
<sanderj> I read somewhere I have to do an upgrade first also.
<sanderj> henkjan, Think I got it. Thanks :-)
<sanderj> henkjan, should I choose to upgrade the bootloader or not?
<Viliny^> Hello everyone, i've been reading about making linux clusters and so far all i've found is mpi utilizing scientific clusters. They seem to require software specifically built for parallel running, but im interested in a cluster that shares ALL cpu load across machines regardless. Is this even possible?
<Viliny^> I'm mostly interested in running video encoding on the cluster
<Gallomimia> if i have a server with no printers connected, what do i need cups updates for? can i uninstall cups stuff somehow? how is this done with all the dependancies going bye bye with it?
<jgcampbell300> hey hey
<jgcampbell300> I am in need of advice. I want to setup ubuntu server, I need a web server but there are so many options to look at and need advice in witch way to go. I would like to be able to move my server to a cloud eventualy and would also like to be able to host many sites and sub sites .... any thoughts
<Pici> jgcampbell300: You usually can't go wrong with apache.
<jgcampbell300> ya i usualy run apache ... so what do you think about being able to move my server to new hardware easily... some kina vbox or cloud image ?
<jgcampbell300> im gona build everything on a 8100 dell at my house but need to move it to a power edge when its done ... dont want any hardware conflicts
<Pici> jgcampbell300: depends what other third party stuff you need. Its rather easy and trivial to move a website thats built on php, mysql, and apache to a new server without issues, but once you start pulling in other things it gets more complicated.
<jgcampbell300> Pici, well im gona be working with oscommerce and well alot of stuff ... witch is what is stumping me
<jgcampbell300> as far as managing multi hosts can anyone recommend anything
<fixxxermet> Hey guys.  I have a local mirror via apt-mirror, mirroring lucid and precise 64-bit main, restricted, universe and multiverse.  My 64-bit precise client is pointing to my local mirror, and is trying to download a 'binary-i386' file.  Why would it be looking for i386 when it is a 64-bit server?  http://pastie.org/4561891 are my errors.
<fixxxermet> Hmm, looks like I need to specify deb [arch=amd64] ... in my sources.list.  Why wouldn't a 64bit host assume arch=amd64?
<zul> Daviey: im going to add some fixes for f3 for these sru updates
<rbasak> fixxxermet: by default amd64 will fetch i386 package indexes too, since there are various things in i386 that are useful to amd64 too. See https://wiki.ubuntu.com/MultiarchSpec for details
<fixxxermet> rbasak: Was just reading that page :)  I'll try arch=amd64 and see if I miss anything
<RoyK> https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Performance_Tuning_Guide/s-storage-fs.html <-- this is outright stupid! redhat claims ext4 "supports up to 16TiB"...
<patdk-wk> royk, heh?
<patdk-wk> ext4 has only supported upto 16tb, till this year
<patdk-wk> plus, that is a redhat doc, I'm willing to bet, ext4 in rhel6 doesn't have tools that support ext4 > 16tb
<RoyK> patdk-wk: iirc ext4 has supported > 16TiB for some time, but e2fsprogs hasn't supported creating it
<RoyK> e2fstools in rhel6 has a 16TiB limit, yes, just tested
<RoyK> ubuntu doesn't have such a limit
<xnox> patdk-wk: RoyK: in ubuntu quantal that is supported.
<xnox> patdk-wk: the version of e2fsprogs in ubuntu precise can cause datalos with > 16 TiB
<RoyK> and XFS isn't very good for storage for adaptive streaming, meaning lots if smallish files - xfs sucks rather badly on metadata operations
<RoyK> xnox: it works in precise too
<RoyK> oh, data loss??
<RoyK> I guess a fix should be released, then?
<xnox> RoyK: Read the release notes for e2fsprogs.
<RoyK> where?
<xnox> RoyK: if I find more time yes... currently we need to bisect the git log & come up with a test plan.
<patdk-wk> it's really pointless for a filesystem to support more, if nothing supports using it :) so yes, it HAD a practical limit of 16tb :)
<xnox> RoyK: it's hosted on sourceforge I believe. google for it, should be top result.
<RoyK> any particular version?
<xnox> RoyK: last three point releases.
<xnox> 1.42.2
<xnox> and later
<RoyK> seems 1.42 is in precise, meaning the one from november?
<RoyK> could this be upgraded to 1.42.5, or will the fixes need to be backported?
<xnox> RoyK: bug 978012
<uvirtbot> Launchpad bug 978012 in e2fsprogs "Please SRU micro bug fix release of e2fsprogs 1.42.4-3ubuntu1 (main) from Quantal (main)" [High,Confirmed] https://launchpad.net/bugs/978012
<RoyK> xnox: thanks
<RoyK> xnox: that bug is rather serious..
<Chipaca> hi guys
<RoyK> xnox: could it be this one? http://paste.ubuntu.com/1159004/
<Chipaca> trying to run solr (from solr-jetty), am getting issues on ARM
<ahasenack> hi, is there a ppa to get updated an updated ec2-api-tools package?
<ahasenack> https://launchpad.net/~ubuntu-on-ec2/+archive/ec2-tools ?
<ahasenack> last upload to that one was in 2010
<RoyK> Chipaca: try #ubuntu-arm
<Chipaca> RoyK: yah
<i7c> any reason my ubuntu server is the only machine in my local network whose host name is not resolved by the router?
<dadolino> i need help
<Chipaca> can anybody here confirm that the solr version in ubuntu is as ancient as its version seems to indicate?
<xnox> Chipaca: the package name was renamed in Quantal so in quantal it is 3.6.1+dfsg-0ubuntu1 and called lucene-solr
<Chipaca> xnox: so 1.4 in P is 3.6ish?
<xnox> Chipaca: yeah
<xnox> !package solr
<dadolino> hi
 * xnox never knows the magic ! commands
<Chipaca> crumbs
<xnox> Chipaca: no, wait a moment.
<Chipaca> i was hoping my startup script not working was simply a versioning problem
 * Chipaca waits
<dadolino> did anyone know some nice firewall router that I can install on my old pc
<xnox> Chipaca: P has old package, Q has new package.
<Chipaca> xnox: how old?
<Chipaca> really, painfully, terribly old?
<dadolino> pentium 4  1.4Ghz
<dadolino> I want to make firewall pc   like firewall and router for home
<dadolino> like mikrotik
<dadolino> but something bether
<xnox> Chipaca: precise has 1.4.1+dfsg1-2ubuntu2 and quantal has 3.6.1+dfsg-0ubuntu1
<Chipaca> xnox: and the 1.4.1 package version is actually a 1.4 solr? precambric solr?
 * Chipaca nukes that and downloads the blob from lucene.apache.org
<Chipaca> I just hope this run-anywhere thing is true :)
<xnox> no idea =)
 * xnox giggles
<xnox> Chipaca: I use $ backportpackage
<Chipaca> yeah
<xnox> quick & easy, plus it can upload to a ppa....
<Chipaca> building this on my puny arm notebook isn't going to fly
<Chipaca> and no arm ppas
<Chipaca> grmbl
<LabThug> So, https://wiki.ubuntu.com/ServerTeam/MAAS  what are you supposed to do if you do NOT own the network?   that document does NOT "look at both of these ways to run MAAS."
 * patdk-wk doesn't think that document describes the network very accurately
<patdk-wk> it should be, MASS ownes (controls) the network
<patdk-wk> MAAS :)
<LabThug> so, there's NO way to do this on a network you don't own?
<patdk-wk> sure, but the question is
<patdk-wk> are you doing it on a network you don't TRUST?
<LabThug> patdk-wk: I'm in a student for a university.  I don't have access to DHCP/DNS/etc.  How can I make this work in my environment?
<patdk-wk> like anyone else? setup a router to bridge your private MAAS network, to the university network
<patdk-wk> if you require the usage of their network for some reason, I dunno, haven't used MAAS myself, so
<LabThug> patdk-wk: you're assuming I have funds and power to add a router to this network
<patdk-wk> heh? you have funds and power to run the MAAS servers
<patdk-wk> I'm pretty sure you can get a single router for $10 or so, probably free from many people
<LabThug> I have leftover surplus machines with a patch cord straight into a switch
<LabThug> even if I get a router, everything here is setup to not allow "rogue devices"
<LabThug> which is exactly what they would consider a $10 router
<patdk-wk> well somehow they *allowed* your rogue computer
<LabThug> please re-read.  leftover surplus should suggest it was approved previously.
<patdk-wk> no it wouldn't
<LabThug> well, in this case, it is
<LabThug> can someone tell me where the best place to take MAAS questions such as this would be?
<Guest92063> I'm trying to configure Dovecot using the information at https://help.ubuntu.com/community/Dovecot
<Guest92063> I have gotten as far as the "Test" section and have determined that Dovecot is running
<Guest92063> but when I try to telnet localhost pop3, I get "Unable to connect to remote host: Connection refused:
<Guest92063> "
<Guest92063> What should I do to troubleshoot this?
<genii-around> Guest92063: Have you tried 127.0.0.1 instead of localhost ?
<Guest92063> Yes, same result
<genii-around> Guest92063: Have you tried with the actual IP of the box?
<Guest92063> Yes, I can telnet to localhost using other ports, but not using the pop3 or imap2 protocols
<genii-around> Guest92063: Any result for: lsof -i:110    ?
<Guest92063> COMMAND   PID        USER   FD   TYPE   DEVICE   SIZE/OFF NODE NAME
<Guest92063> dovecot          21495   root   17u  IPv4     116420                0t0  TCP *:pop3 (LISTEN)
<genii-around> Hm, odd
<genii-around> Work requires me, back at my computer in 5-10 minutes
<Guest92063> genii-around: I have resolved my issue by restarting telnet
<Guest92063> Why that would fix it I don't know, but it is working now.
<Guest92063> Thanks for your help.
<genii-around> Guest92063: Yes, strange that. Glad to see it is resolved now however.
<DeDennis> Evening all :-)
<DeDennis> Can someone help out with configure raid5, i`ve been trying all day and looked up different guide on the internet, and i can`t seem to get it working
<xnox> DeDennis: existing system or new install?
<DeDennis> New install, i have 4 250GB S-ata harddisks
<DeDennis> Currently i`m on the "partition disks" screen
<DeDennis> xnox, Do you have a link/guide which can help me setup?
<xnox> DeDennis: don't have a link google for "Ubuntu Server Guide 12.04"
<xnox> under installation there is "advanced" and "software raid"
<xnox> DeDennis: in short, enter each drive and mark it "physical volume for software raid"
<xnox> DeDennis: after all of them done. Enter configure RAID and configure RAID5
<xnox> After you have your raid device you can automatically  partition it, or setup partitions/lvm as you wish.
<DeDennis> Thanks xnox
<DeDennis> One more question, i have 4 harddisks, 3 active and 1 spare, shouldnt my netto storage be 750GB? (3x 250GB) ?with 1x 250GB spare?
<DeDennis> reason for asking is, partition disks screen is telling me i have 500GB in raid5 device
<xnox> DeDennis: sounds correct. Let me calculate.
<DeDennis> Steps i`ve done in the "Multiple device" configuration menu:
<DeDennis> 1. create MD device
<DeDennis> 2. Software raid device type: RAID5
<xnox> DeDennis: space efficiency of RAID5 is 1 â 1/n
<xnox> DeDennis: with 3 drives (spares don't count) you have 2/3 of your max capasity.
<xnox> DeDennis: hence 500GB
<DeDennis> ah isee
<xnox> DeDennis: spare is exactly that, a spare, such that one drive can fail-over.
<DeDennis> then the 500GB was right ye :-) mis calculation from my side
<xnox> DeDennis: and then you can have one more to fail (due to RAID5) only after that you will be running degraded.
<xnox> DeDennis: I use the table at http://en.wikipedia.org/wiki/RAID for this things.
<DeDennis> Thanks a lot xnox, he is installing right now :-)
<adam_g> roaksoax: ping
<roaksoax> adam_g: pong
 * roaksoax lunch
<adam_g> roaksoax: cobbler sync re-writes all kernels and initrd's out again, right?
<rsalveti> Daviey: waiting on your review: https://code.launchpad.net/~fboudra/qemu-linaro/new-upstream-release-1.1.50-2012.08-0ubuntu1/+merge/120592 :-)
<rsalveti> if it's also critical for your own testing, we could try pushing to propose first
<rsalveti> and hopefully land before ff
<roaksoax> adam_g: it recreates the hard links yes
<smoser> jdstrand, ping, or mdeslaur
<smoser> i'm looking at bug 1006963
<uvirtbot> Launchpad bug 1006963 in cloud-init "sources.list configuration does not cover security" [Medium,Triaged] https://launchpad.net/bugs/1006963
<jdstrand> what is the question?
<smoser> basically, right now the user can specify an apt mirror, but that does not affect 'security.ubuntu.com'
<smoser> err.. those entries in sources.list
<smoser> would it be better to allow them to specify "security_mirror", or just "disable_security_mirrors"
<jdstrand> smoser: from my own experience, being able to specify security_mirror is very handy
<mdeslaur> smoser: you shouldn't disable the security mirrors
<mdeslaur> smoser: we install them by default so an outdated mirror doesn't prevent security updates from being installed
<jdstrand> mdeslaur: "b.) arm. For arm, there is no security.ubuntu.com"
<jdstrand> I guess that is happening in ports...
<smoser> i'm also interested in fully offline
<smoser> and if i write those entries (security.ubuntu.com) then apt-get update is busted for someone's internal only cloud.
<jdstrand> yeah, arm* is all in ports
<smoser> and solving that problem by saying "set apt_security_mirror to the same value as apt_mirror" doesn't really accomplish anything.
<smoser> ie, doing apt_security_mirror == apt_mirror is the same as disabling the entries.
<smoser> (except for potentially makign apt work harder, i'm not sure)
<jdstrand> smoser: so, for arm, you should point at ports.ubuntu.com
<jdstrand> (as the default)
<jdstrand> then you have security_mirror available for pople to override
<jdstrand> maybe security_mirror='' means 'omit'
<jdstrand> smoser: see http://ports.ubuntu.com/ubuntu-ports/dists/
<jdstrand> notice 'quantal-security'
<jdstrand> you'll want that be default to address mdeslaur's comment
<jdstrand> but an organization should be able to override that if they want. we do it other places, we should do it here to imo
<smoser> i dont see how that addresses that comment.
<jdstrand> smoser: so, part of the problem is that on arm there is no security.ubuntu.com
<smoser> if ports.ubuntu.com is outdated and ports.ubuntu.com/quantal-security is being used for security updates, nothing is better off.
<jdstrand> smoser: security.ubuntu.com is clearly the default. it should be special-cased
<jdstrand> smoser: rather than just disabled
<jdstrand> smoser: you misunderstand
<jdstrand> smoser: the security mirror should point to ports.ubuntu.com... -security
<jdstrand> not security.ubuntu.com... -security
<smoser> right.
<jdstrand> (but only for those architectures that aren't on security.ubuntu.com)
<smoser> but there is no difference.
<jdstrand> smoser: sure there is
<smoser> mdstrands' statement was not to disable, so if the -updates mirror was out of date, then the -security mirror might not be.
<jdstrand> smoser: 'quantal' != 'quantal-security'
<jdstrand> smoser: ports is not a mirror
<smoser> but if those 2 things are the same host (ports.ubuntu.com) then the likelyhood of one being up and the other not is low.
<jdstrand> smoser: ports gets updated at the same time as security.ubuntu.com
<jdstrand> smoser: I believe mdeslaur's point was that if you choose some.random.mirror/... -security|-updates then it is out of date
<jdstrand> potentially out of date
<jdstrand> and that isn't a good *default*
<jdstrand> people should be able to adjust that for their requirements imo
<smoser> ok. i'll run my solution by you. thanks, jdstrand
<jdstrand> np
<cudgel> hello.  i've got 12.04 running as a VBoxHeadless VM on my laptop here.  since it's headless,  want to have it always boot the default kernel, no questions asked.  if there's some sort of issue, ok, I'll deal with it through the GUI.  Essentially I want to never display the grub menu.  So, I've configured /etc/grub.d/00_header, run update-grub, that all works fine.  however, when I recently upgraded all my packages,
<cudgel> this change seems to have been lost.  how can I make this persist through package upgrades?  what's the right "ubuntu" way?  (sorry for wall-of-text)
<hallyn> zul: do you mind sponsoring http://people.canonical.com/~serge/ipxe-floppy.debdiff for me?  I dont' have rights...
<hallyn> stgraber: ok i'll push the attach patchset this afternoon (assuming nothing goes wrong with it)
<zul> hallyn: sure
<hallyn> zul: thanks
<stgraber> hallyn: cool, thanks
<hallyn> hm, mutt keeps segfaulting on my =read imap mbox.  ~6k messages.  disappointing
<rbasak> there's a known bug
<rbasak> hallyn: bug 861056 perhaps?
<uvirtbot> Launchpad bug 861056 in mutt "mutt-org crashed with SIGSEGV" [Medium,Confirmed] https://launchpad.net/bugs/861056
<zul> hallyn: done
<hallyn> rbasak: could be.  i haven't seen it before, but today it's been happening a lot
<rbasak> hallyn: I think wiping your mutt cache might clear it. Annoying to have to do that though
<hallyn> rbasak: well every time it segfaults, it works th enext time, so not sure i can test that :)  but i wiped the cache, let's see if it stops happening altogether
<rbasak> hallyn: that sounds very much like the behaviour I get. I think we have the same bug. I also recall thinking that it's a ubuntu delta problem (debian not affected). Not sure why I thinhk that though
<koolhead17> zul, ping
<hallyn> stgraber: not yet certain this is the correct, final and complete patchset that he wanted, but http://people.canonical.com/~serge/lxc-perns-attach.debdiff is making 'lxc-attach -s NETWORK -n q1' work for me.
<hallyn> (the online mail archive seems really messed up)
<hallyn> (but these are coming from my imap)
<zul> koolhead17: yes?
<koolhead17> when is it coming? The Folsom pkg
<stgraber> hallyn: is that the v3 patch?
<stgraber> hallyn: according to my mail client v3 is the last one he pushed and the one you acked
<hallyn> stgraber: no it's v2.  i don't have v3
<hallyn> can you bounce it to me?
<stgraber> sure
<hallyn> v2 passed all tests and worked for me, so i assume v3 will be good :)
<stgraber> hallyn: there you go, forwarded the whole thread including your replies
<hallyn> stgraber: thx
<arrrghhh> anyone somewhat savvy with rsyslog?  i'm trying to log stuff from remote hosts, and would like each host to go to its own file... or at least keep the syslog file only for the localmachine.
<adam_g> SpamapS: is there anything that can be done to move bug #1021530 along?
<uvirtbot> Launchpad bug 1021530 in openvswitch "[SRU] update to include stable fixes for OVS 1.4" [Medium,Fix committed] https://launchpad.net/bugs/1021530
<arrrghhh> adam_g, it says a fix is committed for precise and released for quantal
<arrrghhh> looks like you are probably aware of that tho lol
<adam_g> arrrghhh: yes, by move it along i mean get it 'fixed released' for precise as well
<arrrghhh> adam_g, odd.  it appears like it should already be thar.
<arrrghhh> adam_g, my best guess is 12.04.1 needs to drop....
<adam_g> arrrghhh: ahh! well spotted
<SpamapS> I think we can accept it to -updates before 12.04.1 drops
<Horst> Hi, I tried to install 12.4 Server on a Via C3 eden via a modified Stick because of the non-PAE issue. I think I did it right, but I get a 2nd Grub Menu which only offers "test Memory" and not installing the Server. Anybody any idea what might be the problem?
<SpamapS> Horst: precise should still have support for non-PAE IIRC.. it was only dropped for quantal
<Horst> SpamapS: I downloaded the 12.4 yesterday and it didn't work. I don't know about the naming - I check it out now
<arrrghhh> Horst, for which architecture?
<arrrghhh> x86?
<Horst> jepp - via eden c3
<Horst> it's old; 1GHz, but it's a fanless machine
<ubuntu_> I am wondering is rdesktop only command line . And only meant for remote desktop into a microsoft server from a linux box. Or does it support VNC sessions as well and that protocal
<arrrghhh> ubuntu_, rdesktop assumes you have X installed
<arrrghhh> also, i believe rdesktop is RDP only.
<arrrghhh> (no vnc)
<ubuntu_> yes , true but it seems like initially to connect it is all console based (unless of course you uses a GUI program on top of it which they have) . Is my understanding correct
<rbasak> connection setup is command line.
<arrrghhh> ubuntu_, i guess... you can run rdesktop from a link like anything else.
<rbasak> Try vinagre for a GUI front-end
<arrrghhh> but this is ubuntu-server.  what do you need rdesktop for on the server platform?
<ubuntu_> so then really the only difference between rdesktop on linux and microsofts mstsc.exe is that one is on linux and one is for windows for the most part
<rbasak> But yeah, offtopic. Try #ubuntu for desktop help
<arrrghhh> ubuntu_, there's a LOT of other differences under the hood.
<arrrghhh> but if you want to just look at it on the surface, then yes...
<ubuntu_> Ok , just need to know if that is correct. And is VNC the linux remote desktop protocal
<arrrghhh> sorta
<arrrghhh> i wouldn't say the de-facto protocol
<arrrghhh> there's also freenx
<arrrghhh> probably others.
<ubuntu_> well you would have to uses VNC session for a anything OS to linux correct or can you run a remote desktop services on linux that is exactly like microsofts protocal or is VNC it
<arrrghhh> ubuntu_, i don't see what this has to do with #ubuntu-server.
<ubuntu_> Basically it does since I am wondering if from a microsoft box I can remote desktop into a linux box using mstsc.exe or must you download and uses VNC based software. That seems relevent to me
<arrrghhh> ubuntu_, but ubuntu-server has no X windows
<rbasak> You can't remote desktop into an Ubuntu server.
<arrrghhh> so RDP/VNC/etc has no business being discussed.
<rbasak> Since Ubuntu server does not have a desktop.
<arrrghhh> SSH, that is what would pertain to ubuntu-server for remote access.
<ubuntu_> sure ubuntu has x11 installed / xwindows since if it didn't you wouldn't have a graphical user interfaces
<arrrghhh> ubuntu_, that's ubuntu-desktop.  please /join #ubuntu if you are using it.
<arrrghhh> we are using ubuntu-server, which has no x11/xwindows installed.
<arrrghhh> so yes, we have no graphical user interface on our servers.
<ubuntu_> ok, fine assume it is one the machine then for the shake of this question
<ubuntu_> one = on
<arrrghhh> ubuntu_, but this is #ubuntu-server.  the assumption here is there is no x11/xwindows.
<rbasak> If your question involves having the X Window System installed, then you'll find more people to help you in #ubuntu rather than here
<arrrghhh> if you want help with that, go to #ubuntu.
<arrrghhh> ^^
<uvirtbot> arrrghhh: Error: "^" is not a valid command.
<arrrghhh> lol
<arrrghhh> aw.
<zul> koolhead17: what are you talking about?
<koolhead17> zul, i need folsom pkgs to play with
<zul> koolhead17: upgrade to quantal then
<koolhead17> zul, ooh. i though there might be some way to test it on 12.04
<zul> koolhead17:  not yet the only way to test quantal is on folsom right now
<koolhead17> zul, how stable is quantal now in order to test folsom on it :P
<zul> koolhead17: its not ready yet maybe after this week
<koolhead17> ok
<casey> hello
<casey> apparently ubuntu server sets up a an encryptfs /home by default or I chose an option during install without thinking.
<casey> anyways now it's broken and I'm wondering how to fix.
<casey> if I try to touch a file, I get a disk is full error, and this artifact remains:
<casey> ?????????? ? ?     ?              ?            ? test1
<casey> when I ls -l
<casey> but if I ls -l test1, it tells me the file does not exist
<casey> I rm'd some things and disk space still shows 100%
<casey> but only on /home.
<casey> in reality it's never been near 100%
<arrrghhh> casey, the installer does ask if you want an encrypted /home
<arrrghhh> i can't remember if it's the default, it might be.
<arrrghhh> however, you should be able to access it as your user.
<casey> in any case it's what I've apparently got.
<casey> yes I can access it, but it's useless as I described.
<arrrghhh> i wouldn't say you're "accessing" it...
<casey> I'm copying stuff out of it onto / just-in-case right now.
<arrrghhh> are you trying to do that as your user?
<casey> yep.
<arrrghhh> is this a new install?
<casey> nope.
<casey> about two months old.
<arrrghhh> so it's not a new install, but you're just now discovering this...?
<casey> I've been setting up email and webserver and such on it.
<arrrghhh> hrm.
<casey> it worked fine before.
<arrrghhh> what changed?
<casey> you tell me.
<arrrghhh> because it's my system and i've been making changes to it...?
<casey> no, because I haven't changed anything knowingly
<casey> since install, I installed nginx, exim, spamassassin, and git.
<casey> that's about it.
<arrrghhh> so when did you last access /home
<arrrghhh> successfully
<casey> who knows.
<casey> when I put the files that are there, there.
<casey> which is apparently june 27th.
<casey> arrrghhh: http://pastebin.com/HyW51wEN
<arrrghhh> perhaps try this article
<arrrghhh> http://askubuntu.com/questions/107410/can-you-unencrypt-remove-encryption-from-a-user-home-folder
<arrrghhh> backup your /home
<arrrghhh> i've never wanted/used an encrypted /home.
<casey> I don't want it either particularly
<arrrghhh> i can't see what user you're su'd as
<casey> I'm not su'd as anything
<arrrghhh> if you can, backup custom configs from /etc and blow it all away.
#ubuntu-server 2012-08-22
<casey> I'm logged in as 'casey'
<arrrghhh> you have to be su'd as some user...
<casey> hence why ls ~ resolves to /home/casey
<arrrghhh> regardless, i am not an expert here.
<arrrghhh> i would suggest you either remove it
<arrrghhh> or blow it all away and start over.
<arrrghhh> good luck.
<casey> no, you don't have to be su'd to any user - su == Switch User.
<casey> I'm just /logged in/ as casey, not su'd to anything else.
<arrrghhh> my point is you have to be running the commands as SOME user.
<arrrghhh> yeesh.
<casey> yes.
<arrrghhh> so i'd say those are your options
<arrrghhh> remove the encryption
<arrrghhh> start over, don't encrypt.
<arrrghhh> good luck
<casey> lol, ok.
<casey> wonder what other features are going to bite me like this.
<arrrghhh> i wonder what else you glazed over during the install?
<casey> don't blame me because something deemed stable enough to be an installer choice is unstable.
<arrrghhh> casey, you seem to be blaming everyone but yourself.
<arrrghhh> the truth is, the installer gave you the choice
<arrrghhh> you made the choice to encrypt your /home.
<arrrghhh> nothing is broken with it, encryption works great.
<casey> clearly it is broken.
<casey> I can't rm anything nor copy anything new in.
<arrrghhh> i don't know, i've never encrypted my /home.
<arrrghhh> all i know is a LOT of other people use it, without issue
<arrrghhh> you seem to be using it without your own knowledge of using it, which is odd.
<casey> and I'm not the one claiming it to be worthy of an installer choice in a distribution deemed suitable for server deployment.
<casey> yep, I'm pretty sure it was the default.
<arrrghhh> and i'm pretty sure you didn't read any of the questions it asked
<arrrghhh> surprised you got it partitioned correctly.
<casey> in any case it doesn't matter, if it's a selectable option, it should WORK.
<arrrghhh> it does work, for a lot of people as i stated.  not sure what your issue is, sorry.
<arrrghhh> i'm out.
<casey> you're making a lot of fucking negative assumptions and accusations about me
<casey> grow the fuck up
<casey> perhaps the encrypted idea seemed good at the time, and it worked up until now, I really don't remember.  That's not the point.
<casey> the point is the server is broken now, for no apparent reason.
<casey> do you remember every detail without question about how you set up some random server in the past?
<casey> if not, is it fair for me to blame the distributions problems on you?
<three18ti> casey, I totally had a smartass comment for you, but you quit. :(
<ubuntu_> does anybody know or have worked with the dns software ldapdns is that equivalent to dns with dnssec or was there some other objective to uses ldap with dns ?
<CanAnon__> hey guyss...... Anyone have a sec to help me out
<CanAnon__> aaaaaaaaaaaaaaaaanyone at all?
<CanAnon__> herrowww?
<phillw> hi, any admins about for the mailing list?
<CanAnon__> i donno
<CanAnon__> i need samba help :\ no one answered :\
<phillw> CanAnon__: i'm not the best on samba, but I do know where to find the pages on it; if that would help?
<CanAnon__> well basically I cannot figure out why my samba share only works when an SSH connection is open
<CanAnon__> I just want it to work without that :\
<CanAnon__> if that makes any sense
<phillw> CanAnon__: have you had a good read of https://help.ubuntu.com/11.04/serverguide/samba-fileserver.html ?
<CanAnon__> yessir
<phillw> samba is not my favourite subject, sadly I do not have my notes with me (I'm on holiday).
<CanAnon__> ah thanks anyways
<CanAnon__> i appreciate the effort
<phillw> CanAnon__: then go raise a question at http://ubuntuforums.org/forumdisplay.php?f=339
<phillw> I'd have helped if I had my books with me, the people there do not bite.
<CanAnon__> haha thanks
<phillw> they're real nice people, you are in safe hands.
<r0llz>  When I connect via wireless and use dhcp automatic I cannot connect to my smb network shares, if I choose dhcp address only I can connect to the shares, but no longer have internet access
<r0llz> When I connect via wireless and use dhcp automatic I cannot connect to my smb network shares, if I choose dhcp address only I can connect to the shares, but no longer have internet access
<r0llz> oops
<r0llz> im totally stumped
<CanAnon__> hmm
<r0llz> what other information other than IP comes from dhcp?
<CanAnon__> DNS
<CanAnon__> what is your resolv.conf look like?
<CanAnon__> does*
<r0llz> any help with the dir structure for that file?
<CanAnon__> well is the resolv.conf blank?
<r0llz> you are dealing with a linux noob and I apoligize in advance, what directory would I find that file in
<r0llz> I have a search going now
<r0llz> the contents of my resolv.conf are
<r0llz> # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
<r0llz> #     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
<r0llz> nameserver 127.0.0.1
<SpamapS> ugh
<SpamapS> I hate that new scheme
<SpamapS> r0llz: it gets put into /var/run/nm-dnsmasq.conf
<SpamapS> r0llz: also why are you using network manager on a "server" ?
<r0llz> I was directed here when I brought up smb from #ubuntu, this is a laptop and I am trying to get stronger with my linux skills.  However connecting to my windows network shares is important
<r0llz> the contents of that file are
<r0llz> server=192.168.0.2
<r0llz> that is the address of my router
<r0llz> i would be happy to raise my query in a diff chan if it's more appropriate
<SpamapS> r0llz: no this makes sense
<r0llz> SpamapS, cool
<SpamapS> r0llz: have you tried connecting to your windows shares with the .LOCAL domain?
<SpamapS> r0llz: as in,  //servername.local/sharename ?
<r0llz> so for me //solfs.local/e: would be the syntax, where would I use that, from a term
<SpamapS> hrm n/m actually
<SpamapS> if you can't browse to those in your file manager then .local isn't going to make a difference
<SpamapS> r0llz: I"m not sure why people referred you here.. we're server wonks.. we don't use these "GUI" things ;)
<r0llz> SpamapS, ok...back to google?
<SpamapS> r0llz: well I'm not saying that. Its just that this is really a problem with NetworkManager
<SpamapS> r0llz: if you type 'ping servername' does it return an IP and ping it?
<three18ti> where do I find that groovy login screen that ubuntu installs when you install it by cd?
<r0llz> aosmooth@ubuntu:~$ ping solfs
<r0llz> PING solfs (69.16.143.24) 56(84) bytes of data.
<r0llz> ^C
<r0llz> --- solfs ping statistics ---
<r0llz> 23 packets transmitted, 0 received, 100% packet loss, time 22176ms
<r0llz> aosmooth@ubuntu:~$ ping //solfs
<r0llz> ping: unknown host //solfs
<uvirtbot> r0llz: Error: "C" is not a valid command.
<r0llz> the ip it returns doesn't make sense to me
<three18ti> http://paste.scsys.co.uk/206135
<three18ti> like ^ that
<r0llz> when I tried the connection with addresses only again the ping command doesn't resolve an ip address
<r0llz> but the browser works to connect to the shares
<BuenGenio> please HELP!
<BuenGenio> our Dovecot randomly, about once a week, stops being able to authenticate
<BuenGenio> I've tracked the problems down to saslauthd
<BuenGenio> but I can't figure out why it's doing it
<BuenGenio> auth.log is full of PAM auth error
<maxagaz> hi
<maxagaz> I would like to encrypt a text file and be able to decrypt it on another OS, only with a passphrase
<maxagaz> what would you suggest me to use ?
<mafiya> hey, i just started setting up MAAS, i have 7 VirtualBox VMs provisioned (6 clients, 1 server) The server seems to be setup I added all of them to MAAS via the web console, they state "Commissioning" but are still unable to connect properly, and VBOX states fatal: no bootable media found. Does anyone know a fix for this?
<bigjools> can the VMs see the DHCP server?
<mafiya> yes they were able to see the DHCP server during setup of MAAS (when i added them to the controller)
<bigjools> so they auto-enlisted ok?
<mafiya> yes
<bigjools> cool -ok  so you rebooted them to commission and now they can't get a boot image
<bigjools> sounds like they are not pxe booting now
<bigjools> I am not familiar with virtualbox unfortunately
<m4fiya> well it doesn't seem like there should be a problem, i have them setup to boot from network as default
<m4fiya> does anyone know if this is a current problem, or one that can be fixed easily?
<SpamapS> mafiya: I believe there is an ephemeral image that has to finish downloading before anything works..
<SpamapS> mafiya: note that there is a #maas channel as well :)
<m4fiya> I have one client that isn't saying FATAL: No bootable media found, but its been like that for the past 10-15min
<m4fiya> SpamapS, there doesn't seem to be anyone there to help at the moment
<bigjools> I am there
<soren> Daviey: Where is the infamous cloud archive located? The CloudArchive wiki page doesn't say, and all I can find is a staging PPA under ~ubuntu-cloud-archive.
<soren> Daviey: iz sekret?
<Daviey> soren: no, not secret.. I'm publishing a blog post today.. there was an enforced hiccup due to a datacentre relocation
<soren> Daviey: Any chance you could reveal the not secret URL now? :)
<Daviey> soren: you are an eager beaver :)
<Daviey> one moment
<soren> ta very much
<koolhead17> hi all
<jstephan> hey, i have a little problem and maybe someone can help solving it... i use multiple loadbalanced apache servers, now i would like to store the logs on an central statistic host, my idea was to use logrotate to copy the current file to the nfs share adding some tags like the host, any idea on how to do that?
<mld> jstephan: read man logrotate? the postrotate directive might just be what you are looking for.
<RoyK> Hi. A week or so back, someone here - _ruben? xnox? - posted a link to a new, fixed mdadm package for bug 942106 - anyone here that has the link to that package?
<uvirtbot> Launchpad bug 942106 in mdadm "software raid doesn't assemble before mount on boot" [High,Fix released] https://launchpad.net/bugs/942106
<xnox> RoyK: it's been promoted to precise-updates
<xnox> RoyK: it's also in quantal.
<xnox> RoyK: simply update. The top most changelog entry will stay as 'precise-proposed' since we copy from proposed to updates without rebuilding.
<RoyK> xnox: thanks
<jstephan> mld, okay, thx, i will have a look
<zul> good morning
<zul> jdstrand: hey can you check cinder please?
<zul> Daviey: can you do me a favor can you seed openvswitch please/
<jdstrand> zul: yes, it is at the top of my list for this morning
<Daviey> zul: ok
<Daviey> zul: which package?
<zul> Daviey: openvswitch
<alex88> hi guys, adding an init script to /etc/init/ and setting start on startup is enough?
<zul> Daviey: http://paste.ubuntu.com/1160879/
<stgraber> hallyn: hmm, looks like lxc-start-ephemeral regressed recently... I used to be able to run it fine as non-root, now it's printing a lot of error messages...
<jdstrand> hallyn: hi! would you mind taking a look at bug #1040033?
<uvirtbot> Launchpad bug 1040033 in qemu-kvm "Fresh VM installs via preseeded oneiric isos fail with filesystem issues" [Undecided,New] https://launchpad.net/bugs/1040033
<jdstrand> hallyn: the title is somewhat misleading. it seems there are problems when using qcow2s on quantal. it is readily seen when installing oneiric VMs.
<jdstrand> (for me)
<otkrick> Hello, world !!!
<stgraber> hallyn: pushed the lxc-start-ephemeral fixes to the packaging branch
<BlackPanx> is debian's squeeze kernel compatible with ubuntu lucid ?
<BlackPanx> i'm trying to update my ubuntu's repository with debian's squeeze
<BlackPanx> that has latest kernels for vserver
<BlackPanx> ubuntu lucid has squeeze/sid in cat /etc/*version
<xnox> BlackPanx: no, it isn't.
<xnox> BlackPanx: you are better off using one of the kernel-ppa's or backporting a kernel yourself the one you need/want from a next ubuntu release.
<xnox> BlackPanx: join #ubuntu-kernel, there were some plans to make newer kernels available on LTS/previous releases.
<BlackPanx> xnox okay i'll go with compiling latest kernel myself probably
<BlackPanx> since we need kernel with vserver patch
<xnox> BlackPanx: there is a special package which makes it easier on debian -> as in it generates nice debs compatible with the rest of the stack
<BlackPanx> and latest kernel for that is 2.6.38 which is pretty old.
<xnox> BlackPanx: then just do that.
<BlackPanx> probably best idea from all the information i got on the other channels also.
<xnox> BlackPanx: http://kernel.ubuntu.com/~kernel-ppa/mainline/
<xnox> BlackPanx: pick any you like install and off you go =)
<BlackPanx> well
<BlackPanx> i have lucid
<BlackPanx> on all servers mainly
<BlackPanx> and there's 2.6 kernel
<BlackPanx> only
<xnox> BlackPanx: there is 2.6.38 compiled for natty.
<xnox> BlackPanx: which should be easy to upgrade to.
<BlackPanx> i'll try downloading the oneiric one, copy specs file, apply patch for vserver on that 3.2 one, and compile
<xnox> ok.
<BlackPanx> 2.6.38 is the kernel i use now and it's totally unstable
<BlackPanx> we are getting regular kernel crashes
<xnox> oh, ok. I thought you *wanted* 2.6.38 sorry =)
<BlackPanx> no no
<BlackPanx> i need latest or at least as late as it can be :)
<BlackPanx> it shouldn't be a problem if i compile kernel 3.2 and put it on lucid right ? even though it's not rly in repository
<BlackPanx> i'd use oneiric's specs since that version has 3.2 kernel
<xnox> BlackPanx: don't remove the other kernels, just in case.
<xnox> BlackPanx: use precise kernel, it will get 5 years of security updates.
<BlackPanx> i compiled 3.0 kernel myself before and it seems pretty stable...
<BlackPanx> Linux vs102 3.0.24-vs2.3.2.3-black #3 SMP Tue Mar 20 14:39:47 CET 2012 x86_64 GNU/Linux vs102 ~ $ uptime  18:18:49 up 153 days,  3:42,  1 user,  load average: 1.33, 1.40, 1.14
<xnox> BlackPanx: which you'll need to copy/recompile or even not, if it has the patches you want.
<BlackPanx_> sorry webchat crashed
<BlackPanx_> you suggest precise's kernel for my lucid ?
<BlackPanx_> to compile that one
<SJr> Hmmmm opening a file over an sshfs mount seems to cause weird reading issues.
<xnox> BlackPanx_: yes, because it will receive security updates for the next 5 years and is newer than oneiric.
<SJr> It's a CSV file and in hex I expect to see 31, 65, 2b, 31. But what I get in Java and seemingly open office is 31 65 3f
<SJr> I don't know what the next character is in java
<SJr> Java also for some reason thinks it's some weird unicode character
<SJr> I'm wondering if anyone has any thoughts. IF I open the file on another machine it reads correctly.
<adam_g> jamespage: ping?
<Daviey> adam_g: hey's on hols
<Daviey> he's*
<Daviey> adam_g: If i wanted to do some changes to deployer.py, how do you do it without running it against bare metal?
<nome> hi... how can i turn off computer with ubuntu server like power off by terminal??? I used: halt, poweroff, shutdown -P, shutdown -h ... and os is turn off but fan on cpu is still working... so howto turn off computer by terminal?? in debian halt is working
<adam_g> Daviey: bootstrap somewhere
<adam_g> Daviey: like ec2
<adam_g> Daviey: it only requires a running juju environment
<Daviey> adam_g: yeah, thanks
<adam_g> Daviey: it could definitely use some fixes to better handle those failures. i added a retry mechanism in there somewhere, i think only to calls to 'juju status', but i think it needs to be applied to all calls to juju
<adam_g> (in case thats what you are thinking of fixing:)
<nome> ??
<nome> no idea on my questions?
<TheLordOfTime> nome:  we might not have seen your questions
<TheLordOfTime> i know i dont see your questions on my scrollbacks...
<RoyK> !ask | nome
<ubottu> nome: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<hallyn_> jdstrand: I'm out today, but will take a look (at bug 1040033) tomorrow.
<uvirtbot> Launchpad bug 1040033 in qemu-kvm "Fresh VM installs via preseeded oneiric isos sometimes fail with filesystem issues" [Undecided,New] https://launchpad.net/bugs/1040033
 * hallyn_ out
<jdstrand> hallyn_: thanks, have a nice day :)
<hallyn_> jdstrand: thanks :)  you too
<nome> ok
<nome> Royk: hi... how can i turn off computer with ubuntu server like power off by terminal??? I used: halt, poweroff, shutdown -P, shutdown -h ... and os is turn off but fan on cpu is still working... so howto turn off computer by terminal?? in debian halt is working
<nome> Royk: it was my question
<RoyK> poweroff should work
<RoyK> if it doesn't, probably some ACPI things are broken
<nome> RoyK: maybe ... so how can repair it?
<RoyK> file a bug
<metap0d> Hi everyone, I just setup an Ubuntu Server 12.04.1 (64bit) and set a static IP on my network of 192.168.5.8, when I try to ping the server by the IP address I always get a reply, however when I try to ping it by its hostname there is like a 10% chance I get a reply.
<arrrghhh> metap0d, what are you using for DNS?
<metap0d> arrrghhh: I have two entires in my /etc/networking/interfaces for nameservers, they are both virtualised DNS servers on this subnet
<arrrghhh> metap0d, and all your clients use the same DNS servers?
<arrrghhh> and the 192.168.5.8 server is in that DNS?
<jdstrand> zul: commented in 1031359
<zul> jdstrand: k thanks
<arrrghhh> i guess nickserv is back
<Daviey> roaksoax: hey, can i have a merge proposal against lp:~ubuntu-archive/+junk/sync-blacklist for bug 1033660 please?
<uvirtbot> Launchpad bug 1033660 in redhat-cluster "Please remove redhat-cluster (main) from the blacklist and sync from Debian" [High,Confirmed] https://launchpad.net/bugs/1033660
<roaksoax> Daviey: sure, hold on
<Daviey> roaksoax: i don't think i need to remove the package, doing a straight sync should be fine.
<roaksoax> Daviey: i think we do, i tried to sync it unsuccessfully
<Daviey> roaksoax: redhat-cluster-suite should be removed?
<roaksoax> Daviey: it is just a meta-package
<Daviey> roaksoax: what issue did you get syncing?
<roaksoax> let me try again
<roaksoax> Daviey: syncpackage: Error: Source package redhat-cluster is blacklisted.
<roaksoax> Daviey: i cannot propose it for merging given that it is in +junk
<roaksoax> Daviey: but i have linked it to the bug report
<Daviey> ah, ffs.  damn +junk... ok, i'll sort it, thanks
<roaksoax> Daviey: thank you
<Daviey> roaksoax: merged
<roaksoax> Daviey: thanks
<Daviey> roaksoax: I just did a sync, now the blacklist is cleared
<roaksoax> Daviey: cool thanks
<roaksoax> i also did syuncpackage :)
<Daviey> roaksoax: damn it, you beat me... https://lists.ubuntu.com/archives/quantal-changes/2012-August/007512.html
<Daviey> :)
<roaksoax> hehe :)
#ubuntu-server 2012-08-23
<darthanubis> would ltsp questions be considered server related?
<RoyK> most certainly
<RoyK> there's an #ltsp channel dedicated for it, though
<darthanubis> RoyK, I'm in that channel as well, but it's kinda dead.
<RoyK> some people in here might be able to help
<RoyK> !ask | darthanubis
<ubottu> darthanubis: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
 * RoyK has been trying to fix his bicycle for some hours and needs sleep
<RoyK> nite
<darthanubis> failed to load session "ubuntu" is what I get from my thin client
<darthanubis> Google has not been much help as of yet
<RoyK> probably not the best time to ask in here - people will wake up in Europe in 4-5 hours
 * RoyK should have been sleeping some time ago
 * patdk-lap wonders if royk dreams of digital sheep
<ae0000> i just logged into one of my servers and entered "sudo su" and it logged me in as root straight away... is that suspect? i had not performed any other sudo operations before that, it was literally just after sshing in
<ae0000> another server running similar setup asked me for passowrd in the same situation
<Psi-Jack> ae0000: Yeah, that's highly suspect, if you are not logging in to root.
<Psi-Jack> If you ARE logging in to root, and sudo su, (which you should stop that immediately! sudo -i!)  then it's obviously going to work. you already are root.
<ae0000> its ok - i'm just deranged... i was logged in from another terminal :)
<Psi-Jack> Different sessions are still different sessions.
<Psi-Jack> Each session is cached individually.
<ae0000> hmmm
<ae0000> then thats still suspect
<ae0000> scan for rootkits?
<Psi-Jack> I definitely would be wary.
<Psi-Jack> I just double verified it, logged in as a user from two completely different ssh sessions, and confirmed, sudo is cached per-session on Ubuntu 12.04
<Psi-Jack> And 10.04
<ae0000> ok .. thanks for the heads up... this is 10.10....
<ae0000> ok i have tested this... and it remembers sudo access from the same terminal even after logging out and logging in again
<ae0000> so.. fresh ssh login, sudo su [asks for password], exit, ssh login, sudo su [DOES NOT ask for password]
<ae0000> panic averted :)
<ae0000> rkhunter is happy as well
<aarcane> I'm running iscsi target (targetcli) on my ubuntu server (12.04).  I'm trying to figure out how to enable trim support.  my underlying device supports trim, and my OS atop the iSCSI volume.  I'm not certain about the initiator or the target though.  I want to ensure it's active or enabled in lio.
<RoyK> patdk-wk: Now the world has gone to bed, Darkness won't engulf my head, I can see by infra-red, How I hate the night
<RoyK> Now I lay me down to sleep, Try to count electric sheep, Sweet dream wishes you can keep, How I hate the night ,
<Daviey> roaksoax: still around?
<maxagaz> I did everyting to have mod_rewrite, but it seems not to be working
<maxagaz> how can I check it ?
<qman__> maxagaz, sudo a2enmod rewrite; sudo service apache2 restart
<maxagaz> qman__: I did  that already
<qman__> that's all there is to it
<qman__> you can verify by checking to make sure the files are there
<qman__> you should have two files, /etc/apache2/modules.enabled/rewrite.load and /usr/lib/apache2/modules/mod_rewrite.so
<qman__> /etc/apache2/modules.enabled/rewrite.load loads the module, and /etc/apache2/apache2.conf loads the .load file
<blackshirt> helllo
<blackshirt> I have try to login from squirrelmail using virtual user created with ldaputils scripts
<blackshirt> but the mail.err log says : dovecot: imap(hayate): Error: user hayate: Initialization failed: Namespace '': mkdir(/home/hayate/Maildir) failed: Permission denied (euid=8(mail) egid=8(mail) missing +w perm: /home, dir owned by 0:0 mode=0755)
<blackshirt> anyone here can help me ?
<freakynl> hi, anyone know how to get kernels from the list (dpkg -l linux*)? They're already removed but remain in the list (seemingly for ever)
<rbasak> freakynl: use dpkg -P (for purge). But make sure you don't purge any kernels that you might want to use, such as the one in use!
<freakynl> rbasak: thx but doesn't work says it's not installed
<freakynl> rbasak: http://pastebin.ca/2197530
<progre55> hi guys. I have a remote server with nfs installed on it. it has been running for only 15 days now, but leaking memory. Total server memory is 590Mb, and top/htop show 546Mb used memory. However, there are no processes in the process list that are using any considerable amount. How can I track what process could be leaking?
<freakynl> progre55: what does free say
<progre55> used: 581920   free: 22460    buffers: 4712    cached: 18164
<progre55> -/+ buffers/cache:     559044      45336
<freakynl> hmm not much in cache/buffers, if you sort by memory (M) in top you don't see anything consuming memory (many processes can add up)?
<progre55> not really.. the highest process using up memory is bash with 1.2%
<melmoth> slabs ?
<progre55> there are a total of 50 processes, and they each use from 0.7 to 0.1 (0.0)
<melmoth> hmm, however, i would expect slab usage to be included in the cache metric.
<progre55> sec, let me post it
<progre55> here is the slabtop output http://pastie.org/4573288
<progre55> what is "idr_layer_cache"?
<progre55> let me google :)
<progre55> well at least I'm not the only one having this problem with a fileserver http://lkml.org/lkml/2012/7/25/495
<henkjan> we had this problem also on 12.04 / nfs server
<henkjan> migrated to netapp :)
<progre55> so does that mean we also have to migrate? any bugs open at least?
<henkjan> in our case the slabcache eat al memory in 1,5 day and let the server OOM
<henkjan> bad four our customers, we had no time to investigate
<henkjan> i guess its a kernel issue
<henkjan> you could try to upgrade to a quantal backported kernel
<henkjan> progre55: you can add a bug in launcpad
<henkjan> i'll click the 'affects me to' button :)
<progre55> henkjan: I've never opened a bug report :) but let me see what I can do
<brendand> does anyone know the meaning of 'ethtool-lite: ethtool ioctl on eth0 failed'?
<brendand> is it significant
<progre55> can anyone tell me what idr_layer_cache is and what can cause too many idr_layer_cache objects in the slab?
<progre55> I'm suspecting frequent I/O might be the reason, but how come the slab is unreclaimable? /proc/meminfo shows "SUnreclaim:   494112 kB"
<ttilley> where might one find the scripts/software used to build the ubuntu EC2 AMI images?
<progre55> ttilley: you can use ec2-bundle-vol from the ec2-ami-tools package, but not sure if you could bundle an AMI from a non-EC2 machine
<ttilley> progre55: i'm just curious what i can learn from the build system itself
<ttilley> the goal being to read the code more than to build an AMI :)
<progre55> oh I see :)
<progre55> well try reading the ec2-bundle-vol code then :)
<ttilley> heh
<progre55> ttilley: there is also an ubuntu cloud service called eucalyptus, and I remember bundling images there, too. I think the package was called euca2ools and you'd run euca-bundle-vol
<ttilley> isn't eucalyptus effectively deprecated in ubuntu? with the semi-recent switch to and focus on openstack?
<koolhead11> ttilley: i think if you want Euca you have to use there PPA for recent pkgs
<ttilley> koolhead11: i don't want euca, but i do want to read the code for the scripts/software that's used to build the ubuntu EC2 AMI images if you know where I can find that. :)
<Blazemore|Work> Anyone know why nslcd can't connect to my OpenDP LDAP server, whereas other tools like lat can?
<Blazemore|Work> The syntax I'm using in /etc/nslcd.conf is "uri ldaps://127.0.0.1:1636" - is that correct? it has SSL and is running on that port
<Psi-Jack> Blazemore|Work: About that ldapsearch, is that working as expected?
<anotheruser> Hello. I'm running ubuntu 10.04 LTS on my server. I see in my access.log traces of an attack on phpmyadmin using http://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-2506.html
<uvirtbot> anotheruser: setup/lib/ConfigGenerator.class.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not properly restrict the presence of comment closing delimiters, which allows remote attackers to conduct static code injection attacks by leveraging the ability to modify the SESSION superglobal array. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2506)
<Blazemore|Work> Psi-Jack: Well I can connect to it with lat
<Blazemore|Work> What would ldapsearch do?
<anotheruser> My question is this : why is a year old critical vulnerability still as "needed" for the LTS version ?
<anotheruser> does that mean my server is vulnerable?
<Psi-Jack> ldapsearch is the standard openldap client tools.
<Psi-Jack> anotheruser: File a bug report. It's off topic.
<anotheruser> It's not off topic
<anotheruser> i need to determine if my server was compromised or not
<anotheruser> and it's definitely about ubuntu
<Psi-Jack> This channel is for people needing help, not griping like a little baby.
<anotheruser> I need help.
<Psi-Jack> No, you just want to whine.
<anotheruser> -_-
<anotheruser> I want to know if my server is compromised or not
<anotheruser> which, strangely, is quite important to me
<anotheruser> can't you understand that?
<patdk-lap> anotheruser, that isn't even part of ubuntu, that is in universe
<Psi-Jack> heh
<Blazemore|Work> Psi-Jack: I just tried using getent passwd again, and analysed using Wireshark
<anotheruser> universe isn't part of ubuntu?
<Blazemore|Work> I can see the cert details being exchanged, so something is happening
<patdk-lap> it's optional
<anotheruser> it's still in ubuntu
<rbasak> Universe is community maintained. In this case, it looks like nobody in the community has provided a suitable patch.
<patdk-lap> Universe - Community maintained software, i.e. not officially supported software.
<Psi-Jack> Blazemore|Work: Sounds like nslcd is failing to actually authenticate.
<anotheruser> i see
<rbasak> I started from launchpad.net, searched for the CVE and got https://launchpad.net/bugs/cve/CVE-2011-2506 which took me to bug 806788.
<Psi-Jack> Blazemore|Work: Are you using simple auth, anonymous auth, or kerberos?
<uvirtbot> Launchpad bug 806788 in phpmyadmin "phpMyAdmin Security fixes in versions 3.3.10.2 and 3.4.3.1" [Undecided,Invalid] https://launchpad.net/bugs/806788
<uvirtbot> rbasak: setup/lib/ConfigGenerator.class.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not properly restrict the presence of comment closing delimiters, which allows remote attackers to conduct static code injection attacks by leveraging the ability to modify the SESSION superglobal array. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2506)
<Blazemore|Work> Psi-Jack: Do you know anything about nslcd? lat connects fine with the same server details
<anotheruser> so basically, If i want to be safe, I shouldn't use any package from universe?
<patdk-lap> anotheruser, or track security issues yourself
<Psi-Jack> Blazemore|Work: Yes, my entire home infrastructure, comprised of 7 physical machines and 16 virtualized servers.
<Psi-Jack> All KerberosV5+OpenLDAP managed for authentication shared credentials.
<Blazemore|Work> Why would syslog be saying http://pastebin.com/VVkHx6AG
<Psi-Jack> Because it can't connect to the LDAP server.
<Psi-Jack> Now, are you going to run around in circles aimless, or you going to actually answer the asked question leading towards actually helping you?
<Blazemore|Work> Sorry, I missed that. I am using anonymous auth because we just need to test our password policy config
<Psi-Jack> Worst idea ever. :)
<Blazemore|Work> We're going to need to test other things on it too
<Psi-Jack> To expose full passwords, anonymously, is the worst policy you can ever do. :)
<Blazemore|Work> They're not real passwords
<Blazemore|Work> Like I said, it's a test environment running on a single machine
<Psi-Jack> Well, please pastebin the relevant lines in your nslcd.conf: egrep -v '^[#|\w].*' /etc/nslcd.conf
<Psi-Jack> Err,  egrep -v '^.*'
<Psi-Jack> Bah..
<Psi-Jack> Err,  egrep -v '^#.*'
<Psi-Jack> Skipping commented lines. :)
<anotheruser> pffffff... how to know if my server is compromised or not...
<greppy> anotheruser: what makes you think it is?
<anotheruser> "POST /phpmyadmin/index.php?session_to_unset=123&token=bc45df26a9d74ac15a05241fbc88473c&_SESSION[!bla]=%7Cxxx%7
<anotheruser> Ca%3A1%3A%7Bi%3A0%3BO%3A10%3A%22PMA%5FConfig%22%3A1%3A%7Bs%3A6%3A%22source%22%3Bs%3A42%3A%22%2Ftmp%2Fsess%5Fqpeaqpscd4pl0in2ifq43duskcr47hmv%22%3B%7D%7D&_SES
<anotheruser> SION[payload]=%3C%3Fphp%20eval%28base64%5Fdecode%28%22ZWNobyAic3Q0cjciLnBocF91bmFtZSgpLiI3aDMzbmQiOw%3D%3D%22%29%29%3B%20%3F%3E HTTP/1.1"
<anotheruser> any idea what that would do, by chance? '^^
<standoo> is it worth it to set a dns server on ubuntu or use a 3rd party dns?
<Blazemore|Work> Psi-Jack: http://pastebin.com/XFPJhpBT
<Blazemore|Work> standoo: Depends what you need to do
<Psi-Jack> standoo: Depends. Is it worth it to YOU?
<Psi-Jack> Blazemore|Work: So your base DN is dc=example,dc=net?
<greppy> anotheruser: interesting... not sure :)
<standoo> Blazemore|Work: what do i need to consider?
<anotheruser> the base 64 decode doesn't make sense to me...
<Blazemore|Work> Hmm Psi-Jack I'm not sure. Could I find out with lat?
<Psi-Jack> Blazemore|Work: Dude. I don't even know what the heck "lat" is.
<Psi-Jack> LOL
<Blazemore|Work> OhhhhH! One second!
<Psi-Jack> I use openLDAP, and openLDAP tools.
<Blazemore|Work> Psi-Jack: it's a graphical tool for managing LDAP
<Blazemore|Work> We're on Oracle OpenDS
<Psi-Jack> Ahhhh..
<Psi-Jack> So, not actually OpenLDAP.
<Psi-Jack> I use Apache Directory Studio for my LDAP GUI interface. Eclipse-based. Very sexy. :)
<Blazemore|Work> Psi-Jack: It was actually com, not net, but the error is the same after changing it and doing service nslcd restart
<Blazemore|Work> Makes me thing "Server is unavailable" is a generic sort of error message
<Psi-Jack> OKay, So, now that you've corrected the issue of OpenLDAP vs OpenDS.. Are you running OpenDS using OpenJDK, or Oracle JDK?
<Blazemore|Work> Oracle JDK
<Psi-Jack> Good. Won't work at all (with SSL) with openjdk.
<Blazemore|Work> java version "1.6.0_33"
<Psi-Jack> tls_cacertfile /path/to/ca/cert
<Psi-Jack> Add that to your nslcd.conf
<Blazemore|Work> sp?
<Blazemore|Work> cacertfile correct?
<Psi-Jack> Use the full path to your CAcert
<Blazemore|Work> OK
<anotheruser> "POST /phpmyadmin/index.php?session_to_unset=123&token=bc45df26a9d74ac15a05241fbc88473c&_SESSION[!bla]=|xxx%7
<anotheruser> Ca:1:{i:0;O:10:"PMA_Config":1:{s:6:"source";s:42:"/tmp/sess_qpeaqpscd4pl0in2ifq43duskcr47hmv";}}&_SES
<anotheruser> SION[payload]=<?php eval(base64_decode("ZWNobyAic3Q0cjciLnBocF91bmFtZSgpLiI3aDMzbmQiOw==")); ?> HTTP/1.1"
<anotheruser> it's scary.
<Psi-Jack> anotheruser: STOP.
<anotheruser> ...
<Blazemore|Work> /ignore anotheruser
<Blazemore|Work> Psi-Jack: I've done that, same error. var/syslog is mentioning <group/member="root"> do you know how I can check that's correct?
<anotheruser> I thought the ubuntu community was supposed to be helpful
<Psi-Jack> Blazemore|Work: Eh?
<Blazemore|Work> The error message from syslog (follows)
<Blazemore|Work> nslcd[10917]: [8b4567] <group/member="root"> failed to bind to LDAP server ldaps://127.0.0.1:1636: Can't contact LDAP server: No such file or directory
<Blazemore|Work> "No such file or directory" is new
<Psi-Jack> Blazemore|Work: Do you have TLS enabled on the DS?
<Blazemore|Work> No
<anotheruser> So from what i gather, the payload in this attack was just to display the version of PHP. What would you do if you were in my situation? upgrade phpmyadmin, and hope that nothing else is compromised? Are there standard ways to check the security of the server?
<Blazemore|Work> Just... idk "normal" SSL?
<Psi-Jack> anotheruser: I would stop exposing phpmyadmin to the world.
<Psi-Jack> Period.
<Psi-Jack> That's just common sense.
<Psi-Jack> Blazemore|Work: Does nslcd work without the tls_reqcert and ldap:// uri?
<Blazemore|Work> I had to do some funky hoop-jumping to turn our .crt and .key files into a .jks that DS can understand
<anotheruser> well, i upgraded, and changed the alias, that should be enough for that. What i worry more about is how to know if the hacker did something to take control of the server already or not... and how to know it...
<Blazemore|Work> Let me try
<Psi-Jack> anotheruser: Did you have aide installed and keeping track? Have you been keeping consistent backups?
<anotheruser> I have backups of databases websites etc., but not of the whole hard drive...
<Psi-Jack> Then you'll never know.
<anotheruser> i didn't know about aide
<anotheruser> you recommend to use it?
<Blazemore|Work> The config file can only be read by root, is that relevant?
<rbasak> There is debsums, but that's not really for security verification, and running it offline might be a bit tricky
<Blazemore|Work> nslcd: no URIs defined in config ...fail!
<rbasak> (and for checking a system after a compromise you *must* run any checks offline)
<Blazemore|Work> That's what happens Psi-Jack if I comment out the url and tls_reqcert
<Psi-Jack> anotheruser: It's like tripwire, intended to watch over important stuff, and keep track of them, so if they change, you can see it.
<anotheruser> I see
<Psi-Jack> Blazemore|Work: Yeah, no shit. Don't comment out the uri, change it to ldap:// non ldaps://
<Blazemore|Work> OK
<Psi-Jack> LOL
<Blazemore|Work> I'll have to comment out ssl enable as well
<Blazemore|Work> No still hangs on getent passwd without SSL
<Psi-Jack> anotheruser: As-is, phpmyadmin isn't running as root, or at least it better not be. So whatever exploit they did to phpmyadmin was isolated to just anything owned by www-data user/group.
<Psi-Jack> Welp, dunno then, Blazemore|Work.
<anotheruser> hmm, i might be able to check all of that against backups
<Psi-Jack> The little time I dealt with OracleDS, it was okay, but java-based pissed me off to no end, so I went back to my trusty OpenLDAP.
<Blazemore|Work> OK well thanks anyway Psi-Jack
<Blazemore|Work> Appreciated
<Psi-Jack> And like I said, I do OpenLDAP with KerberosV5 auth-bind. So I use it rather extensively. :)
<Psi-Jack> PITA to setup all that, but once it's in place, it's very sexy. :)
<anotheruser> ok, i think i understand better the attack now... It seems it used the phpmyadmin attack to search for another vulnerability, but thankfully my server was resistant to that, so I should be ok.
<anotheruser> I will install aide as you suggested
<anotheruser> but now i wonder, is it reasonable to just remove universe from my apt settings? so that i at least know when i want something that isn't officially supported...
<anotheruser> yeah it tried to read in /var/lib/php5, which was not readable by www-data
<Psi-Jack> Like I said.
<Psi-Jack> Don't expose phpMyAdmin to the world.
<Psi-Jack> That's just ignorant and stupid.
<anotheruser> i naively (ignorantly, if you want) thought that ubuntu kept it up to date
<anotheruser> now i realize my mistake
<Psi-Jack> That doesn't even matter!
<Psi-Jack> You should NEVER expose things like that to the public!
<anotheruser> ok ok, i agree with you on the principle
<anotheruser> but the truth is that it's just the same to expose phpmyadmin as exposing say a well known CMS
<anotheruser> a vulnerability will allow to run php on your server just the same
<anotheruser> ok, it's a bit worse for phpmyadmin if he can then access the databases
<Psi-Jack> Ya think?
<anotheruser> but it would probably be possible anyway, from when you can run php
<patdk-wk> Psi-Jack, well, if you have that option :)
<anotheruser> and yes, there is the problem that if your customer want a phpmyadmin, you can't always forbid it
<anotheruser> I thought it would be better to use the ubuntu included one, rather than have people install it manually and not keep it up to date
<anotheruser> but that was my mistake...
<anotheruser> so... -installing aide - hiding phpmyadmin - other suggestions to improve security?
<patdk-wk> mod_security?
<patdk-wk> some good extra rewrite rules to restrict bad things
<anotheruser> i'm afraid to use too restrictive filter that would prevent legitimate php apps to work normally
<patdk-wk> heh?
<anotheruser> well
<anotheruser> maybe i'm not up-to-date on what this mod_security is exactly
<anotheruser> in my mind it was something that checked url, and if detecting attacks, blocked it
<patdk-wk> yep
<anotheruser> like if there is "<script>" it won't be happy etc.
<patdk-wk> maybe you should learn how your php apps actually work then
<patdk-wk> normally when something says, filename=<script> that is bad
<anotheruser> but i don't control all the php applications on my server
<anotheruser> so i'm a bit afraid to use that
<patdk-wk> don't control?
<patdk-wk> is it your server?
<anotheruser> it is my server, and other people host applications on it
<patdk-wk> then you are liable for ANYTHING that server does, whoever it attacks, ...
<patdk-wk> doesn't matter who hosts stuff on it
<patdk-wk> yes, someone rooting your server is annoying
<patdk-wk> but then your server attacking the goverment, well, that gets you in trouble
<anotheruser> that's not entirely true, legally
<anotheruser> well, maybe it depends on the country law, but in my country i'm pretty sure it's not
<anotheruser> a hosting company isn't responsible legally for the content its user upload
<anotheruser> (though it can be asked to block/remove it)
<Psi-Jack> anotheruser: Actually it is entirely true.
<Psi-Jack> I mean, just look at what happened to that torrent site, demonoid. It wasn't illegal, technically, to do what they were doing, however, the Ukraine Ambassador went to the US Ambassador, and were convinced to do a full all-out assault on the site and then take down everyone running it.
<jdstrand> anotheruser: apparmor would be another way to help: http://wiki.apparmor.net/index.php/Mod_apparmor_example
<anotheruser> ok, thanks, i'll look into it
<anotheruser> and thanks for the other suggestions and all the help
<zul> smb: ping
<anotheruser> Psi-Jack, do you know if apt-get install aide is enough to have a working installation of aide? I mean, is the default configuration by ubuntu enough for basic use? or do I need to manually configure it...
<Psi-Jack> Of course now, you actually have to configure it, d'uh./
<Psi-Jack> not*
<Psi-Jack> NEVER just default use anything, especially on a server. Don't be ignorant, use common sense.
<Guest81255> anotheruser: It has no default configuration.
<anotheruser> ok, thanks
<Pici> never is pretty strong.  Just be smart about what defaults you choose.
<floogy> Hi I got an issue to upgrade from oneiric to precise with zentyal installed. slab returns an error and leaves zentyal-core unconfigured. Therefore 20 packages are leaving in an inconsistent state. Ooops now slabd returned only error code 1 and some packages could be configured, but 6 packages are left unconfigured due to that error.
<floogy> dpkg --configure slapd Loading the LDIF dump failed, slapadd: line 1: database #1 (dc=mydom,dc=local) not configured to hold "dc=nodomain"; did you mean to use database #2 (dc=nodomain)?
<floogy> *slabadd
<floogy> The first error was related to this https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1003854
<uvirtbot> Launchpad bug 1003854 in openldap "Database upgrade/migration fails with nested db directories (lucid to precise)" [Medium,Confirmed]
<floogy> Now it seems to be something like this: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/979833
<uvirtbot> Launchpad bug 979833 in openldap "package slapd 2.4.28-1.1ubuntu4 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 1" [Low,Expired]
<floogy> But I don't know how, and where to remove that dc=nodomain example
<metap0d> Hi everyone, I installed Ubuntu Server 12.04.1 (64bit) on a spare machine yesterday. I have given it a static IP but can't reference it by the hostname. On Windows when I ping by the hostname there is something like a 10% chance it actually works ... most of the time resulting in a failure. We have a DNS server which I added the IP/Hostname combo of the server to. (I reference the DNS Server in /etc/networking/interfaces). Do
<rbasak> metap0d: sounds like your problem is on your DNS server rather than the server you've just installed. You can check with nslookup on windows
<metap0d> rbasak: I got DNS request timed out.     timeout was 2 seconds. Default Server:  UnKnown Address:  192.168.5.26
<metap0d> rbasak: 192.168.5.26 is the DNS server
<Daviey> roaksoax: hey, was http://iso.qa.ubuntu.com/qatracker/milestones/230/builds/21387/testcases/1288/results done?
<Daviey> i thought you were doing that last night?
<roaksoax> Daviey: that test does not apply to precise
<roaksoax> Daviey: it only applies to quantal maas
<Daviey> roaksoax: ahh, yes
<hallyn> zul: i'm leaving 967435 to you until you say otherwise?
<zul> hallyn: thanks :)
<zul> hallyn: do we want 0.10.0 in quantal? it will make things easier in the long run
<Daviey> roaksoax: hey.. the test case it links to was last edited Install/ServerMAAServer (last edited 2012-03-28 20:59:15 by matsubara)
<Daviey> roaksoax: so why is this not Precise suitable ?
<roaksoax> Daviey: that tests covers " This will test that the MAAS server offers an option to periodically update cloud images."
<roaksoax> and "This will test that the MAAS server offers an option to cache archives locally."
<roaksoax> which are not under Settings
<roaksoax> in precise
<Daviey> roaksoax: i don't follow.
<Daviey> roaksoax: should it not update to the 12.04.1 images?
<arm4ndina> Hi, I have an Apache server for which I have set up HTTPS (GnuTLS). When I load a page, sometimes the browser some css/js files or only load some of them... any idea how to solve/diagnose this ?
<roaksoax> Daviey: those are cronjobs
<roaksoax> Daviey: look at the STEPS:
<roaksoax> Daviey: http://testcases.qa.ubuntu.com/Install/ServerMAAServer
<Daviey> roaksoax: So.. this test should be valid for post 12.04.1 images, when the peer images are released, right?
<hallyn> zul: I'm fine with it, but is it too late?  (FF)
<Daviey> As in, cannot be tested until after release?
<hallyn> zul: it has the reboot support?
<roaksoax> Daviey: those tests are valid for post-precise MAAS releases
<zul> hallyn: supposedly im looking at the commit right now...it will easier to backport fixes if we need to as well
<hallyn> zul: sounds good
<zul> smoser:  what do you think?
<Daviey> roaksoax: post 12.04 or post 12.04.1?
<roaksoax> Daviey: both
<roaksoax> Daviey: there are no MAAS releases backported/SRU'd to precise
<Daviey> roaksoax: hmm, ok.  I don't quite follow, but you seem quite sure :)
<roaksoax> Daviey: basically, there's MAAS serttins not released in precise, and that test is asking to test those settings
<roaksoax> Daviey: and futhermore, I', not even sure oif they work
<roaksoax> s/if/that
<Daviey> heh
<smoser> whats the question?
<capitaninsaneoh> I'm trying to host a webserver that requires SSL on a firewall I have and I've got a few questions about IP's.  Do I have to give my server 2 IP's?  My firewall uses SAT so I would have to have one address that is internal and one that is publicly available right?  Do I just create a sub interface or should I use another nic?
<metap0d> Hi everyone, I installed Ubuntu Server 12.04.1 (64bit) on a spare machine yesterday. I have given it a static IP but can't reference it by the hostname. On Windows when I ping by the hostname there is something like a 10% chance it actually works ... most of the time resulting in a failure. We have a DNS se
<capitaninsaneoh> metap0d, did you put an A record in your DNS server?
<rbasak> metap0d: it still sounds like a problem on your DNS server. Is your DNS server running Ubuntu? That's what you need to focus on.
<metap0d> capitaninsaneoh: I won't lie in saying I don't know much about this, the DNS server is a Microsoft Server 2008 machine. I added a DNS entry of type Host (A) with the name of the Ubuntu Server and Data as the IP Address
<metap0d> rbasak: It's running Microsoft Server 2008
<capitaninsaneoh> metap0d, make sure you (your client) is pointed at that DNS server.  Run nslookup and dig for that record
<rbasak> metap0d: ok, so if the problem is that your windows machine can't look up the IP address of your ubuntu server using your windows DNS server, then Ubuntu has nothing to do with your problem.
<rbasak> metap0d: you can isolate this with nslookup on your windows machine
<metap0d> What would I be looking for with nslookup? ;o
<rbasak> metap0d: a common misconfiguration I've seen in the field in the windows world is that multiple DNS servers are configured on client machines, some pointing to active directory, and some pointing to an ISP directly.
<rbasak> metap0d: sorry, I can't remember how to operate windows nslookup. You're in the wrong place for this kind of question!
<capitaninsaneoh> Anyone good with NAT/SAT on Apache
<metap0d> rbasak: I'll ask just one more since I'm off topic, what did you want me to run the nslookup on, the DNS server?
<capitaninsaneoh> I'm not sure if I need two nics or just one
<rbasak> No, on your windows machine where your ping doesn't work from
<capitaninsaneoh> metap0d, on the client (your desktop)
<metap0d> no i mean i know to run nslookup on my machine ... but to what IP?
<capitaninsaneoh> metap0d,  do ipconfig /flushdns
<capitaninsaneoh> Then test for that machine
<metap0d> capitaninsaneoh: Sorry to test your patience, but I flushed the DNS and am ready to run the nslookup ... but it asks for an IP/Hostname. I ran nslookup SK-Server on my client but it finds Server:  UnKnown Address:  192.168.5.26  *** UnKnown can't find SK-SERVER: Non-existent domain
<arosales> utlemming: looks like cloud images test ok for 12.04.1
<utlemming> arosales: yes, other than some invalid test cases in the tracker things look good
<arosales> utlemming: thanks for testing that.
<arosales> utlemming: to confirm I have your ack on signing off on the cloud images for https://wiki.ubuntu.com/PrecisePangolin/ReleaseManifest/12.04.1
<capitaninsaneoh> Anyone good with NAT/SAT wirewalling and multiple IPs on Apache
<ikonia> what ?
<capitaninsaneoh> Anyone good with NAT/SAT firewalling issues and multiple IPs on Apache
<capitaninsaneoh> firewalling... sorry
<ikonia> why don't you just state the problem.......
<capitaninsaneoh> I'm trying to host a webserver that requires SSL on a firewall I have and I've got a few questions about IP's.  Do I have to give my server 2 IP's?  My firewall uses SAT so I would have to have one address that is internal and one that is publicly available right?  Do I just create a sub interface or should I use another nic?
<capitaninsaneoh> There it is =)
<ikonia> you are doing the address translation on the firewall /
<ikonia> ?
 * patdk-wk is more confused
<patdk-wk> are the webserver and firwall the *same* computer?
<ikonia> yeah the "on a firewall" wording isn't helpful
<capitaninsaneoh> patdk-wk, , no i have a sep hardware firewall
<ikonia> capitaninsaneoh: are you installing this on ubuntu yes/no
<capitaninsaneoh> ikonia, Yes my server is on Ubuntu server
<ikonia> capitaninsaneoh: right, so you are not installing "on a firewall"
<ikonia> you are installing on a server that sits behind a firewall, yes/no ?
<capitaninsaneoh> ikonia, YEs behind a hardware firewall
<ikonia> capitaninsaneoh: the firewall is doing the IP address translation yes/no
<capitaninsaneoh> that is what NAT/SAT means
<ikonia> no it doesn't
<capitaninsaneoh> In this case it does
<capitaninsaneoh> I have a hardware firewll
<ikonia> tell you what, sort it yourself
<capitaninsaneoh> not using Iptables
<ikonia> if you can't be bothered to answer questions I'm going out of my way to be clear on, sort it yourself
<capitaninsaneoh> I'm answering them
<ikonia> argue your poor wording with someone else.
<capitaninsaneoh> I'm just trying to be clear
<capitaninsaneoh> ikonia, go not help someone else
<ikonia> understood,
<capitaninsaneoh> =)
<jdstrand> zul: one last question on the cinder mir
<jdstrand> zul: hi btw :)
<josePhoenix> I think automatic upgrades got me in a pickle
<josePhoenix> It started installing a new kernel version but couldn't because /boot was full
<josePhoenix> Now I can't remove old kernel packages because it says there are uninstalled dependencies
<anotheruser> josePhoenix, when apt is broken you can try to remove manually things with dpkg... but caution with that, or you'll have a totally unusable system :)
<josePhoenix> if I'm running a 3.0 series kernel... I can safely remove the 2.6 packages, right?
<anotheruser> removing with apt is safe yeah (if it works)
<josePhoenix> Well, apt won't work.. it hits me with the "the following packages have unmet dependencies" when I try to do apt-get remove linux-image-2.6.38-11-server
<anotheruser> what package, if i may ask?
<anotheruser> or several?
<anotheruser> there is also the apt-get with the -f option to try to fix broken installations
<anotheruser> sometimes that work
<genii-around> josePhoenix: If you have another partition/disk with more room, you can make a boot directory there, copy the current contents over to it, then bind-mount it long enough to uninstall stuff. Then you can un-mount it, mv the dir back to original spot overwriting whats there.
<anotheruser> and only if nothing else work, you can try with dpkg directly, as i said (dpkg --remove or something), which always work, but can break things further if you're not careful
<josePhoenix> anotheruser, genii-around: here's what I have tried (apt-get -f install and apt-get remove) http://dpaste.org/U1vk9/
<zul> jdstrand: ping for the /usr/share/cinder/rootwrap it looks like an optional directory for other distros its empty for us
<anotheruser> josePhoenix, I would start by removing the newly installed packages that weren't fully installed
<anotheruser> then remove older kernels with apt
<anotheruser> then install again the new one
<anotheruser> all of this should normally be possible with apt
<genii-around> josePhoenix: I'm not suggesting any arcane apt or dpkg commands. Merely to fix: "<josePhoenix> It started installing a new kernel version but couldn't because /boot was full" by temporarily giving the /boot directory more room on another drive or partition
<anotheruser> josePhoenix, hmm actually the package that has problem is linux-image-server which you need obviously, so my solution isn't exactly correct i guess
<anotheruser> or is it possible to remove it without removing anything else? i'm not sure in truth, i don't use the server packages '^^
<josePhoenix> genii-around: that sounds like the easiest solution actually, I just don't remember how to bind mount stuff (haven't done it since I did a Gentoo install about five years ago xD)
<anotheruser> if you can, just apt-get remove linux-image-server, then removing old kernels, then installing linux-image-server would fix it... .but that only works if removing linux-image-server breaks nothing :-)
<anotheruser> i have no idea if other packages depend on linux-image-server
<josePhoenix> Okay, well I must go for now.. but back to this shortly
<genii-around> eg: If you have room on sdb1 which is mounted say at /mnt   .. sudo mkdir /mnt/boot && sudo cp -arv  /boot/*  /mnt/boot && sudo mount --bind /mnt/boot /boot  ... then in here you do the apt-get stuff that was previously failing due to no space on /boot  ... then sudo sync && sudo umount /boot && sudo mv /mnt/boot /boot
<anotheruser> it seems nothing depends on linux-image-server, so my solution probably works
<ubuntu_12> hello, i have a question about a black screen issue on an 12.04 64 bit install
<ubuntu_12> i have tried the nomodeset fix but it does not seem to help
<poningru> hey guys how long is the lts releases supported for the server os?
<andol> poningru: Five years, and as of 12.04 that goes for the Desktop too.
<andol> ...and that last part is good news even server side, sparing you from having to concern yourself with whatever a package is a server package or not.
<poningru> indeed
<poningru> we are just now switching to 12.04
<poningru> thanks andol
<andol> np
<arrrghhh> hey all.  anyone know how logrotate works?  i don't see a cron job for my user or root, but i assume logrotate runs on a regular basis?
<andol> arrrghhh: No /etc/cron.daily/logrotate file?
<geekbri> That is indeed where it lives.
<arrrghhh> ah i didn't think about looking there.
<arrrghhh> i was always looking at crontab, thanks.
<arrrghhh> so i'd guess that means it runs daily?  :P   at midnight?
<geekbri> Mine runs at 0625
<geekbri> if you look in /etc/crontab you can verify when your cron.daily runs
<arrrghhh> 0625
<arrrghhh> thx :)
<josePhoenix> Hello all
<josePhoenix> I'm trying to work around a full /boot and borked apt-get install
<anotheruser> josePhoenix, have you tried my solution
<josePhoenix> anotheruser: I actually did get the bind mount thing to work
<anotheruser> ok, good then
<josePhoenix> Can't reboot the server though :|
<anotheruser> (though i think it was a lot of work for something much easier to solve :p)
<anotheruser> hem
<anotheruser> so you mounted to another boot, which was a copy of your old boot, installed the kernel, removed old kernels, copied the new boot to the old boot, and tried to reboot
<anotheruser> correct?
<josePhoenix> well, I know how mount, cp -a, and rm work... and I can't claim the same familiarity with dpkg and apt
<josePhoenix> I mean, it might be fine. I just can't reboot it until I have access to a windows machine, because my IT department is stupid
<anotheruser> oh, ok
<anotheruser> misunderstood :)
<josePhoenix> The VMWare console program only works on windows.. remarkable shortsightedness, don't you think?
<josePhoenix> Well, we won't know if anything works until tomorrow evening at the earliest :D Gotta move across the country
<dan64> I have a user on my system name "nobody" created by a server I am using to serve cgi scripts. I would like to be able to use nice in the cgi scripts, so I added the following to /etc/security/limits.conf: "nobody - nice -20". It works when I also add the same line for another user (myself), but it doesn't work in isolation. Any ideas?
<SpamapS> dan64: those limits are not applied to services
<SpamapS> dan64: thats a pam-session thing
<dan64> I am launching the cgi-server manually. It's not starting as a service. Something I just noticed is that I can nice a process as nobody with just my username in limits.conf, and not nobody.
#ubuntu-server 2012-08-24
<paradizelost> hey all, i'm trying to get x11vnc running on :0 through xinetd, any recommendations?
<paradizelost> everything i'm finding wants me to install lightdm or gdm
<paradizelost> !x11vnc
<lickalott> Gents, trying to mount an NFS share from my ubuntu server to a windows 7 laptop.  Installed the M$ NFS client add-on but can't seem to get it to mount. Anyone have any experience with this?  google is failing me.
<lickalott> btw: i get "Error connecting to NFS WMI provider" when trying to use the NFS interface that comes with MS
<brianp1992> how do i use swat to config samba so i can share my /media/share as a windows share i can acess anywhere on my network
<Portaljacker> hi, i need some help with apache and ftp
<Portaljacker> i installed lamp using task-sel when root was my only user, now i have a user in the admin group and when i use ftp and navigate to /var/www i can't add files or change the permissions
<ffunenga> root was your only user? are you using ubuntu server 12.04?
<Portaljacker> yes
<Portaljacker> i have a vps
<Portaljacker> not only user
<Portaljacker> it had the other default ones
<Portaljacker> i made the user portaljacker and put it in the admin group pretty quickly
<Portaljacker> had to create the admin group then enable sudo priviledges
<Portaljacker> but i did it
<ffunenga> have you tried adding portaljacker to the sudo group?
<Portaljacker> it is
<Portaljacker> i sudo often :P
<Portaljacker> root seems to be the owner of www
<KM0201> well, sudo'ing when not necessary is just as bad as running everything as root
<Portaljacker> i know
<Portaljacker> but when i go in on ftp i can't upload to the www folder
<Portaljacker> which i sort of need to do to edit a website
<Portaljacker> or even put one up
<Portaljacker> i was told in #ubuntu that www-data becomes the owner when it runs and accesses www?
<Portaljacker> does that mean i need to add the user i log in to ftp with into the www-data group?
<ffunenga> I dont think thats the right way... how are the permissions in the "ls -l /var/www"
<Portaljacker> -rw-r--r-- 1 root root 237 Aug 24 02:40 index.html
<Portaljacker> but i had to create that file with sudo
<Portaljacker> no other way
<ffunenga> actualy, I think I would try something like "chown -R portaljacker:portaljacker /var/www" and then from there give permissions to the group
<Portaljacker> portaljacker@yuki:~$ ls -l /var | grep www drwxr-xr-x  2 root root  4096 Aug 24 03:24 www
<Portaljacker> portaljacker@yuki:~$ ls -l /var | grep wwwdrwxr-xr-x  2 root root  4096 Aug 24 03:24 www
<Portaljacker> portaljacker@yuki:~$ ls -l /var | grep wwwdrwxr-xr-x2 root root  4096 Aug 24 03:24 www
<Portaljacker> derp
<Portaljacker> portaljacker@yuki:~$ ls -l /var | grep www drwxr-xr-x
<Portaljacker> 2 root root  4096 Aug 24 03:24 www
<Portaljacker> whoops
<Portaljacker> the line split is after grep www
<ffunenga> maybe something like: "chown -R portaljacker:admin /var/www ; chmod g+rxw /var/www"
<Portaljacker> what does the first part do exactly? i know the second part sets the permissions of the group to rxw
<ffunenga> the first part changes the owner and group of the directory . maybe you should try the second command, then try the ftp upload, then the first command
<Portaljacker> the group in the second command is the group of the current user? or the owner of the directory?
<Portaljacker> did the second command then logged in on ftp and could not create a directory
<ffunenga> ok wait
<ffunenga> now you have "ls -l /var/www" ->  drwxrwxr-x
<Portaljacker> yes, shows that in the ftp client
<Portaljacker> that command doesn't give that output
<Portaljacker> it shows the permissions of the files in www
<Portaljacker> but not of www
<ffunenga> I'm not sure about this but, try "sudo useradd -G www-data portaljacker"
<Portaljacker> that adds portaljacker to www-data?
<ffunenga> yes, that adds your user to that group
<ffunenga> wich is the group any webserver uses to access /var/www
<Portaljacker> useradd: user 'portaljacker' already exists
<Portaljacker> i think i'll just use webmin to add portaljacker to the group
<Portaljacker> nope
<Portaljacker> couldn't create the directory with ftp
<Portaljacker> so now what?
<ffunenga> maybe you should create a folder in your home folder
<ffunenga> and tell apache to publish from folder
<ffunenga> (that apache's config  is made at /etc/apache2/...)
<ffunenga> btw, do not forget to reverse the permissions "chmod g-w /var/www"
<Portaljacker> i guess i could just do that first part
<Portaljacker> making my user the owner of the folder?
<Portaljacker> or i could log into ftp as root, what's the worst that could...i can't finish that sentence without imagining my server as a pile of ashes
<anotheruser> +1 for ffunenga solution
<Portaljacker> ya but there should be a way for it to work from www
<Portaljacker> that's how it's made to work in the first place
<Portaljacker> i'm not the first to ever do this
<Portaljacker> it's not exactly extraordinary to put your website in /var/www
<anotheruser> i missed the beginning of the question, but as soon as you want to host several websites, for several users, better to put them in the home folder of said users
<Portaljacker> which is why i'm wondering why it's so damned hard to upload a file into that folder via ftp
<ffunenga> have you thought about using ssh?
<Portaljacker> i do
<anotheruser> sftp?
<Portaljacker> this doesn't eliminate the root issue
<Portaljacker> root owns that folder
<Portaljacker> which is apparently good
<anotheruser> if you just give the whole var/www folder to www-data, and log in as www-data, should work probably
<Portaljacker> but that means i can't edit files without root access
<Portaljacker> it should
<Portaljacker> but i've heard that it's bad :P
<Portaljacker> one sec
<Portaljacker> http://serverfault.com/questions/69685/what-user-should-own-var-www-on-ubuntu-9-04-server
<anotheruser> well
<anotheruser> that's true
<anotheruser> but then , you can just give the folder to *any* user you create
<anotheruser> as long as it's not root, it won't be a security issue
<Portaljacker> that answer says to make the owner root:newgroup
<Portaljacker> and add the users that need access to that group
<anotheruser> i still prefer ffunenga solution, anyway :p
<Portaljacker> of making a whole different folder?
<anotheruser> Portaljacker, if you make root::newgroup
<anotheruser> you have to change permissions too
<anotheruser> (what are the current permissions on your /var/www ?)
<Portaljacker> 755
<anotheruser> so of course you can't create anything as the group
<anotheruser> (5 is rx, you need the write too)
<Portaljacker> so only the direct owner can write unless it's 775
<anotheruser> yes
<Portaljacker> so i guess i should make portaljacker:admin the owner and get it over with :P
<ffunenga> yes. "chmod 775 /var/www ; chown -R root:newgroup /var/www"
<Portaljacker> though i guess there's no downside to 775 over 755?
<anotheruser> it just means that the group can write
<anotheruser> if you trust all the users in the group, no problem
<Portaljacker> and if i limit the group to one user (+root of course) it's not much of an issue?
<anotheruser> yes, no problem at all then
<Portaljacker> ok
<Portaljacker> well, now i can finally set up wordpress XD
<Portaljacker> root is always in every group right?
<ffunenga> no
<Portaljacker> woot, blog subfolder successfully created!
<Portaljacker> ?
<ffunenga> check "id root"
<ffunenga> nice ! :) lol
<Portaljacker> so root is part of only root
<Portaljacker> ?
<Portaljacker> but then why can i say root:newgroup without adding root to the group?
<anotheruser> btw, since you weretalking about the effects of potential security flaws
<anotheruser> one additional advantage of using custom folders for your website is that an attacker can't predict the path of your files on the server
<ffunenga> Good question... I guess the owner and the group of the files are independent. I'm checking that hypothesis now
<anotheruser> i mean, if for some reason the attacker gets the possibility to read a file (as it happened to my server yesterday thanks to phpmyadmin)
<anotheruser> then he just has to open /var/www/config.php or some other sensible file and it's over
<Portaljacker> how did he get to the point of being able to see the file?
<anotheruser> if the file is in /home/myuser132424/my_strange_var_www_folder/config.php, it's harder to get
<anotheruser> well, 4 security flaws in phpmyadmin that aren't fixed in ubuntu 10.04 LTS package...
<Portaljacker> lovely
<Portaljacker> so he could see your filesystem?
<Portaljacker> couldn't he just search your file tree at that point for config.php?
<anotheruser> just search
<anotheruser> he couldn't see the filesystem
<anotheruser> it's actually funny to see in the logs all the files that he tried to read at random
<Portaljacker> so he basically had to guess your filesystem
<Portaljacker> lol
<Portaljacker> i get the point
<Portaljacker> i could always be crazy and make my www folder a git repo
<Portaljacker> then i could just blow away the whole thing with a reclone
<anotheruser> i'm not sure what exactly a git repo involves
<Portaljacker> it saves all the changes you've made since the last commit
<anotheruser> but don't do anything that leaves files such as CVS folder or .svn files in your website folder
<Portaljacker> oh ya
<Portaljacker> ....
<Portaljacker> same idea
<anotheruser> that would be a huge security issue :p
<Portaljacker> it would
<Portaljacker> but then again
<Portaljacker> they need my rsa password to affect the remote repo
<anotheruser> i don't know how it works for git, but for cvs i think, i once saw a website that could be hacked in a few seconds because of that....
<Portaljacker> well apparently the .cvs and .svn folders hold passwords
<Portaljacker> but in git i always set it to use an rsa key to authenticate
<anotheruser> still i don't think it's a good idea
<Portaljacker> probably not
<anotheruser> use a git repo for your website, and then do a checkout or whatever to get the working copy of the website
<Portaljacker> ya
<Portaljacker> like have the reop elsewhere
<Portaljacker> and copy it into www
<Portaljacker> repo
<Portaljacker> and just copy everything but the .git folder
<Portaljacker> heck i could do it over ftp
<Portaljacker> though it would be slower
<anotheruser> yeah something like that
<Portaljacker> anyway, it's a bit late and i'm getting tired
<Portaljacker> i guess i'll be installing wordpress later :P
<anotheruser> careful with wordpress too
<anotheruser> especially custom themes etc.
<anotheruser> keep it well up to date and only use trusted sources
<Portaljacker> i intend to do so
<Portaljacker> thanks
<Stapper> Hi I have some Questions regarding NFS... I now use samba to share, but i only have *nix machines is it better to switch to NFS?
<dax_roc> Morning all
<dax_roc> What would cause an upgrade from 11.10 to 12.04 to become unresponsive, it continues to run just all tasks seem to freeze for about 30 - 40 seconds at times ?
<dax_roc> It's not a hardware issue as it's the same symptoms on 3 different servers.
<progre55> hi guys. I was doing and apt-get update on one of my servers, and getting "invoke-rc.d: initscript resolvconf, action "start" failed. dpkg: error processing resolvconf (--configure): subprocess installed post-installation script returned error exit status 1"
<progre55> doing a google search shows some bugs with the same errors, but a bit unrelated
<uvirtbot> New bug: #973243 in keystone "deleting tenants or users does not clean up metadata" [Undecided,Confirmed] https://launchpad.net/bugs/973243
<uvirtbot> New bug: #974199 in keystone "deleting a tenant does not cleanup its user associations" [Undecided,Confirmed] https://launchpad.net/bugs/974199
<uvirtbot> New bug: #978130 in glance "multiprocess glance-api failed to exit when stopped by ctrl+c" [Undecided,Confirmed] https://launchpad.net/bugs/978130
<uvirtbot> New bug: #978610 in glance "/usr/bin/glance's built-in pager breaks redirection" [Undecided,Confirmed] https://launchpad.net/bugs/978610
<uvirtbot> New bug: #983800 in keystone "TokenNotFound not raised in testsuite because of timezone issues" [Undecided,Confirmed] https://launchpad.net/bugs/983800
<uvirtbot> New bug: #988920 in keystone "Token authentication for a user in a disabled tenant does not raise Unauthorized error" [Undecided,Confirmed] https://launchpad.net/bugs/988920
<uvirtbot> New bug: #994936 in keystone "export_legacy_catalog doesn't convert url names correctly" [Undecided,Confirmed] https://launchpad.net/bugs/994936
<uvirtbot> New bug: #996595 in keystone "Following a password compromise and subsequent password change, tokens remain valid." [Undecided,Confirmed] https://launchpad.net/bugs/996595
<uvirtbot> New bug: #997194 in keystone "Tokens remain valid after a user account is disabled" [Undecided,Confirmed] https://launchpad.net/bugs/997194
<uvirtbot> New bug: #997565 in glance "glance add command - incorrect help text" [Undecided,Confirmed] https://launchpad.net/bugs/997565
<uvirtbot> New bug: #997669 in horizon "When adding ICMP rule, the type/code is being validated as from/to ports" [Undecided,Confirmed] https://launchpad.net/bugs/997669
<uvirtbot> New bug: #1007093 in glance "glance add uploads a double image if using ssl and images is smaller the 4k" [Undecided,Confirmed] https://launchpad.net/bugs/1007093
<uvirtbot> New bug: #1010560 in glance "response.environ is None; instance fails to spawn" [Undecided,Confirmed] https://launchpad.net/bugs/1010560
<uvirtbot> New bug: #1012268 in glance "exception.BadStoreUri exposes sensitive information to end users" [Undecided,Confirmed] https://launchpad.net/bugs/1012268
<uvirtbot> New bug: #1012381 in keystone "Memcache token backend eventually stops working" [Undecided,Confirmed] https://launchpad.net/bugs/1012381
<uvirtbot> New bug: #1012752 in glance "glance-cache.conf needs metadata encryption key" [Undecided,Confirmed] https://launchpad.net/bugs/1012752
<uvirtbot> New bug: #1016056 in keystone "EC2 credentials not migrated from legacy (diablo) database" [Undecided,Confirmed] https://launchpad.net/bugs/1016056
<uvirtbot> New bug: #1022369 in glance "Glance scrubber date formatting fails w/ Postgres" [Undecided,Confirmed] https://launchpad.net/bugs/1022369
<uvirtbot> New bug: #1041070 in bridge-utils (main) "802.3ad bond interface have show high RX dropped packets" [Undecided,New] https://launchpad.net/bugs/1041070
<uvirtbot> New bug: #992447 in juju "Communication with store.juju.ubuntu.com is not authenticated" [Critical,In progress] https://launchpad.net/bugs/992447
<uvirtbot> New bug: #1018246 in glance "image.upload notification doesn't report size" [Undecided,Confirmed] https://launchpad.net/bugs/1018246
<uvirtbot> New bug: #1021054 in glance "Admins should be able to share image regardless of ownership" [Undecided,Confirmed] https://launchpad.net/bugs/1021054
<uvirtbot> New bug: #1025353 in glance "Support zero-size image creation" [Undecided,Confirmed] https://launchpad.net/bugs/1025353
<uvirtbot> New bug: #1028433 in glance "Image id not contained in swift chunk debug message" [Undecided,Confirmed] https://launchpad.net/bugs/1028433
<uvirtbot> New bug: #1032314 in glance "qpid_heartbeat setting in ineffective" [Undecided,Confirmed] https://launchpad.net/bugs/1032314
<uvirtbot> New bug: #1040800 in asterisk (universe) "res_config_sqlite should be ported to sqlite3" [Wishlist,Confirmed] https://launchpad.net/bugs/1040800
<uvirtbot> New bug: #1040846 in autofs5 (main) "Missing content in /etc/nsswitch.conf causes failure" [Undecided,New] https://launchpad.net/bugs/1040846
<uvirtbot> New bug: #995079 in nova (main) "Internal server error when accessing nova/instances_and_volumes/ via horizon" [Undecided,Confirmed] https://launchpad.net/bugs/995079
<uvirtbot> New bug: #1040586 in whois (main) "Cyrillic characters shown with wrong encoding" [Undecided,New] https://launchpad.net/bugs/1040586
<uvirtbot> New bug: #1040682 in ipmitool (universe) "[MIR] ipmitool" [Undecided,New] https://launchpad.net/bugs/1040682
<uvirtbot> New bug: #1006815 in keystone/essex "Admin API /v2.0/tenants/{tenant_id}/users/{user_id}/roles doesn't validate token" [Critical,Fix released] https://launchpad.net/bugs/1006815
<uvirtbot> New bug: #1040212 in php5 "PHP CGI configuration fundamentally changed" [Undecided,Fix released] https://launchpad.net/bugs/1040212
<uvirtbot> New bug: #1040475 in maas (main) "maas depends on a broken version of python-tx-tftp" [Undecided,New] https://launchpad.net/bugs/1040475
<uvirtbot> New bug: #1040588 in squid3 (main) "squid3.HEAD (20120823-r12295) "WARNING: ICAP Max-Connections limit exceeded" bug" [Undecided,New] https://launchpad.net/bugs/1040588
<uvirtbot> New bug: #1039456 in quota (main) "Can't turn quotas on" [Undecided,Invalid] https://launchpad.net/bugs/1039456
<uvirtbot> New bug: #1039871 in Ubuntu Quantal "[needs-packaging] oprofile 0.9.7" [High,Confirmed] https://launchpad.net/bugs/1039871
<uvirtbot> New bug: #1040274 in spamassassin (main) "Merge spamassassin 3.3.2-4 (main) from Debian unstable (main)" [Undecided,New] https://launchpad.net/bugs/1040274
<uvirtbot> New bug: #1023412 in python3-chardet (main) "[MIR] python3-chardet" [Undecided,Fix released] https://launchpad.net/bugs/1023412
<uvirtbot> New bug: #1040177 in openldap (main) "slapd install fails when requesting to 'Omit OpenLDAP server configuration"" [Undecided,New] https://launchpad.net/bugs/1040177
<uvirtbot> New bug: #1014235 in mysql-5.5 (main) "package mysql-server-5.5 5.5.24-0ubuntu0.12.04.1 failed to install/upgrade: Ð¿Ð¾Ð´Ð¿ÑÐ¾ÑÐµÑÑ ÑÑÑÐ°Ð½Ð¾Ð²Ð»ÐµÐ½ ÑÑÐµÐ½Ð°ÑÐ¸Ð¹ post-installation Ð²Ð¾Ð·Ð²ÑÐ°ÑÐ¸Ð» ÐºÐ¾Ð´ Ð¾ÑÐ¸Ð±ÐºÐ¸ 1" [Undecided,Expired] https://launchpad.net/bugs/1014235
<uvirtbot> New bug: #1031747 in python-django-openstack-auth (main) "[MIR] python-django-openstack-auth" [Undecided,Fix released] https://launchpad.net/bugs/1031747
<uvirtbot> New bug: #1039554 in cyrus-sasl2 (main) "Please re-enable PIE" [High,Fix released] https://launchpad.net/bugs/1039554
<uvirtbot> New bug: #1039597 in openbsd-inetd (main) "Please re-enable PIE and BIND_NOW" [High,Fix released] https://launchpad.net/bugs/1039597
<uvirtbot> New bug: #1040139 in keystone (main) "keystone upgrade fails due to mysql not being available" [Undecided,New] https://launchpad.net/bugs/1040139
<eutheria> i think i need a quick and dirty imap server to send test emails to, which would you guys recommend to use?
<uvirtbot> New bug: #1028453 in ubuntu-meta (main) "Quantal Ubuntu Server minimal install oversized" [High,Confirmed] https://launchpad.net/bugs/1028453
<uvirtbot> New bug: #1039542 in asterisk (universe) "Please re-enable PIE and BIND_NOW" [High,Triaged] https://launchpad.net/bugs/1039542
<uvirtbot> New bug: #1039593 in squid3 (main) "squid3 lost compiler hardening options in last update, but shouldn't have" [Undecided,Invalid] https://launchpad.net/bugs/1039593
<uvirtbot> New bug: #1039627 in etckeeper (main) "etckeeper init with git gives error" [Undecided,New] https://launchpad.net/bugs/1039627
<uvirtbot> New bug: #1039470 in openssh (main) "'man sftp' shows a wrong creation date" [Undecided,New] https://launchpad.net/bugs/1039470
<uvirtbot> New bug: #977007 in nova/essex "instance live migration should create virtual_size disk image" [Low,Fix released] https://launchpad.net/bugs/977007
<uvirtbot> New bug: #1017418 in nova "NoMoreFloatingIps: Zero floating ips available after repeatedly creating and destroying instances over time" [Undecided,Confirmed] https://launchpad.net/bugs/1017418
<uvirtbot> New bug: #1018586 in nova "cleanup_file_locks does not remove stale sentinel files" [Undecided,Confirmed] https://launchpad.net/bugs/1018586
<uvirtbot> New bug: #1018721 in nova "Launching with source groups under load produces lazy load error" [Undecided,Confirmed] https://launchpad.net/bugs/1018721
<uvirtbot> New bug: #1021340 in nova "Race condition in network/deallocate_for_instance() leads to security issue" [Undecided,Confirmed] https://launchpad.net/bugs/1021340
<uvirtbot> New bug: #1021352 in nova "Deallocation of fixed IP occurs before security group refresh â leading to potential security issue in error / race conditions" [Undecided,Confirmed] https://launchpad.net/bugs/1021352
<uvirtbot> New bug: #1021373 in nova "[nova][volumes] Exceeding volumes, gigabytes and floating_ips  quotas returns general uninformative HTTP 500 error" [Undecided,Confirmed] https://launchpad.net/bugs/1021373
<uvirtbot> New bug: #1027105 in nova "Restarting nova-compute removes ip packet filters" [Undecided,Confirmed] https://launchpad.net/bugs/1027105
<uvirtbot> New bug: #1027984 in nova "nova testsuite errors on newer versions of python-boto (e.g. 2.5.2)" [Undecided,Confirmed] https://launchpad.net/bugs/1027984
<uvirtbot> New bug: #1029463 in nova "Libvirt driver reports incorrect error when volume-detach fails" [Undecided,Confirmed] https://launchpad.net/bugs/1029463
<uvirtbot> New bug: #1030430 in nova "qpid_heartbeat setting in ineffective" [Undecided,Confirmed] https://launchpad.net/bugs/1030430
<uvirtbot> New bug: #1031311 in nova "CVE-2012-3361 not fully addressed" [Undecided,Confirmed] https://launchpad.net/bugs/1031311
<uvirtbot> New bug: #1033178 in nova "pycrypto is unused and the existing code is potentially insecure to use" [Undecided,Confirmed] https://launchpad.net/bugs/1033178
<uvirtbot> New bug: #1036902 in nova "Block storage connections are NOT restored on system reboot" [Undecided,Confirmed] https://launchpad.net/bugs/1036902
<uvirtbot> New bug: #1039420 in ntp (main) "NTP security vulnerability because not using authentication by default" [Undecided,New] https://launchpad.net/bugs/1039420
<uvirtbot> New bug: #956096 in nova "Listing flavors with marker set returns 400" [Undecided,Confirmed] https://launchpad.net/bugs/956096
<uvirtbot> New bug: #971621 in nova "nova delete lxc-instance umounts the wrong rootfs" [Undecided,Confirmed] https://launchpad.net/bugs/971621
<uvirtbot> New bug: #994935 in nova "Deleting Flavor currently in use by instance creates error" [Undecided,Confirmed] https://launchpad.net/bugs/994935
<uvirtbot> New bug: #1013689 in nova "cannot umount guestfs " [Undecided,Confirmed] https://launchpad.net/bugs/1013689
<uvirtbot> New bug: #1016273 in nova "ram_allocation_ratio does not work" [Undecided,Confirmed] https://launchpad.net/bugs/1016273
<uvirtbot> New bug: #1017795 in nova "scheduler hang (DOS) possible with DifferentHostFilter/SameHostFilter " [Undecided,Confirmed] https://launchpad.net/bugs/1017795
<uvirtbot> New bug: #1020634 in nova "[nova][volumes] Exceeding volumes quotas logs "VolumeSizeTooLarge" instead of "VolumeLimitExceeded" " [Undecided,Confirmed] https://launchpad.net/bugs/1020634
<uvirtbot> New bug: #1022036 in nova "metadata injection is broken in xen" [Undecided,Confirmed] https://launchpad.net/bugs/1022036
<uvirtbot> New bug: #1006664 in nova "euca-describe-keypair NonExistent returns 200" [Undecided,Confirmed] https://launchpad.net/bugs/1006664
<uvirtbot> New bug: #1007573 in nova "affinity filters don't work if scheduler_hints is None" [Undecided,Confirmed] https://launchpad.net/bugs/1007573
<uvirtbot> New bug: #1012374 in nova "impl_qpid doesn't ACK messages" [Undecided,Confirmed] https://launchpad.net/bugs/1012374
<uvirtbot> New bug: #1013147 in nova "nova-rootwrap hardcodes paths instead of using /sbin:/usr/sbin:/usr/bin:/bin" [Wishlist,Confirmed] https://launchpad.net/bugs/1013147
<uvirtbot> New bug: #1014769 in nova "NoMoreFixedIps: Zero fixed ips available. Nova seems leaking them." [Undecided,Confirmed] https://launchpad.net/bugs/1014769
<uvirtbot> New bug: #1015531 in nova "Remote arbitrary file corruption / creation flaw via injected files" [Undecided,Confirmed] https://launchpad.net/bugs/1015531
<uvirtbot> New bug: #986922 in nova "Call to network_get_all_by_uuids missing 'db'" [Undecided,Confirmed] https://launchpad.net/bugs/986922
<uvirtbot> New bug: #992805 in nova "test_get_console_output_file requires sudo NOPASSWD" [Undecided,Confirmed] https://launchpad.net/bugs/992805
<uvirtbot> New bug: #997763 in nova "floating ips are not disassociated from instances on deletion" [Undecided,Confirmed] https://launchpad.net/bugs/997763
<uvirtbot> New bug: #999698 in nova "qpid timeout causing compute service to crash" [Undecided,Confirmed] https://launchpad.net/bugs/999698
<uvirtbot> New bug: #1000853 in nova "Restarting nova-network removes ip packet filters " [Undecided,Confirmed] https://launchpad.net/bugs/1000853
<uvirtbot> New bug: #1004298 in nova "not able to get host total memory in xen with libvirt" [Undecided,Confirmed] https://launchpad.net/bugs/1004298
<uvirtbot> New bug: #985162 in nova "Firewall rules from nova-compute are not refreshed after host reboot" [Undecided,Confirmed] https://launchpad.net/bugs/985162
<uvirtbot> New bug: #985184 in nova "Security groups fail to be set correctly if incorrect case is used for protocol specification" [Undecided,Confirmed] https://launchpad.net/bugs/985184
 * _ruben slaps uvirtbot 
<soren> Yikes!
<soren> That's a lot of new bugs :)
<_ruben> I propose we just ditch nova, it's bug-ridden apparently! :)
 * soren admits the mail host backing uvirtbot may have had a couple of rough days and is catching up.
<progre55> so guys, any advice with resolvconf, please? I'm getting getting "invoke-rc.d: initscript resolvconf, action "start" failed. dpkg: error processing resolvconf (--configure): subprocess installed post-installation script returned error exit status 1" while doing an apt-get update
<_ruben> i'm guessing apt-get upgrade instead of apt-get update?
<progre55> oh yeah, upgrade
<progre55> and now the packages resolvconf is marked as crashed, and doing "apt-get -f install" throws the same error
<progre55> here http://pastie.org/4579589
<uvirtbot> New bug: #1041120 in nova (main) "Meta bug for tracking Openstack Stable Updates" [Undecided,New] https://launchpad.net/bugs/1041120
<uvirtbot> New bug: #997700 in keystone "LDAP should not check username on "sn" field" [Undecided,Confirmed] https://launchpad.net/bugs/997700
<uvirtbot> New bug: #1035428 in keystone "authenticate in ldap backend doesn't return a list of roles" [Medium,In progress] https://launchpad.net/bugs/1035428
<woozly> guys, how to change language for console info and other?
<woozly> Error messages, Info messages..
<reisi> woozly: see LANG, LC_ALL etc variables, locale (1)
<woozly> reisi: thank you!
<reisi> woozly: also there are language-pack-* packages
<woozly> reisi: great! Thank you man!
<patdk-lap> I can't believe how many people install stuff from my ppa, then email complaints
<xnox> patdk-lap: i named my ppa "Danger do not use" and the email spam dropped off
<greppy> xnox: did usage drop off as well?
<xnox> greppy: that is irrelevant, I'm not paying the bandwidth =)
<woozly> guys, where iptables config? I need to add rule to it
<woozly> :/
<woozly> or it disabled by default?
<patdk-lap> it doesn't exist by default
<patdk-lap> ufw exists, but disabled
<woozly> oh... okay thanks!
<KrizTmarK> hello any1 familiar to vpn
<rbasak> !anyone | KrizTmarK
<ubottu> KrizTmarK: A high percentage of the first questions asked in this channel start with "Does anyone/anybody..." Why not ask your next question (the real one) and find out? See also !details, !gq, and !poll.
<KrizTmarK> does any1 know the folder which the kernel on ubuntu is stored
<genii-around> KrizTmarK: Usually in /boot
<uvirtbot> New bug: #1006822 in keystone "APIï¼v2.0/OS-KSADM/servicesï¼v2.0/OS-KSADM/services/{service_id}ï¼doesn't validate token" [Undecided,Confirmed] https://launchpad.net/bugs/1006822
<banyantree> Hey Guys =)
<banyantree> i want to set up an email server. i need to set the ptr entry
<banyantree> mx entry is already set
<banyantree> does anybody know how to do this?
<aheu> I maybe totally wrong but banyantree is this what you need -https://help.ubuntu.com/community/BIND9ServerHowto#Reverse_Zone_File
<banyantree> thx i will read it now
<banyantree> hope its the right thing =)
<Daviey> zul: Hey, nova, keystone, horizon and glance are all in the -proposed queue.
<Daviey> zul: All bugs have a Precise task against them
<zul> okies cool
<njin> Hallo, I've got a machine running maas, then i create another one, run the cd, select install maas, setting everythings till it present the window where specify manually the name or the address, and another entry with maas (ip ddress) , but whatever i choose it request the name for this server (if blank maas assign it) and when hit enter it send sigkill or sigter and system poweroff. is this a bug ??(quantal) or I get wrong ?
<tinyhippo> I've configured and tested ActiveDirectory authentication for my Ubuntu server, however, when I attempt to use sudo -i for an account which only exists on the server, and not in activedirectory - I get a message warning me that my password was incorrect (presumably, it tried to Auth against AD first) and then I become root (presumably when it auths against /etc/passwd /etc/shadow - any idea how to avoid getting thie Wrong Password ...
<tinyhippo> ... message?
<ninjai> how can I disable syslog?
<Daviey> SpamapS: Hey, are you alive for the day?
<SpamapS> Daviey: I am , whats up?
<Daviey> SpamapS: hey, would you be able to sru review a few packages? :)
<Daviey> SpamapS: One gotcha.. please can you not post the spammy comment from sru-accept into each bug please?
<SpamapS> Daviey: Sure. I think slangasek is on shift today, but I can look too. :)
<SpamapS> Daviey: spammy? Its informative, and, luscious.
<Daviey> SpamapS: and mostly offtopic :)
<Daviey> Dear Reporter who reported an upstream bug, please test our ubuntu packages kkthnx
<Daviey> Precise, nova - keystone - horizon - glance. :)
<Daviey> SpamapS: bug 1041120 is the meta-bug
<uvirtbot> Launchpad bug 1041120 in nova "Meta bug for tracking Openstack Stable Updates" [Undecided,Confirmed] https://launchpad.net/bugs/1041120
<SpamapS> Daviey: the reference to the reporter is just because we aren't sure who else to ask :) The rest is fairly important as it identifies the way we expect the packages to be tested. And the script that does that also maeks sure bug tasks are set right and such.. dunno if I feel like seaparating those two
<Daviey> SpamapS: i can happily set the bug taks if you prefer?
<Daviey> SpamapS: I just don't want to hijack bug reports TOO much
<hallyn> stgraber: for lxc-start -d, i'm trying to decide how far to go.  i'ts trivial to just wait for 'running' state or 5 second timeout
<hallyn> but if it immediately fails, we could catch that with a starting->aborting->stopping->stopped transtion,
<hallyn> except that it's possible that the daemonized task starts after the container has already done all of those
<hallyn> unlikely, but possible
<hallyn> but i don't want to introduce a new api to have the container task wait to start starting until the daemonized task is ready for it.
<hallyn> i suppose i can just declare it nigh-upon-impossible to have the container hit all those states before the daemonized task checks, and only handle the other cases
<SpamapS> Daviey: how is that hijacking?
<SpamapS> Daviey: also our report specifically looks for the comment to know when responses have come in.
<Daviey> SpamapS: ok, do as you need.  It was just a request.
<SpamapS> Daviey: noted that the comments are considered "spammy hijacking". You are the first to bring that to my attention. :p
<Daviey> SpamapS: well, i could see why an upstream project might be sensitive to lotta downstream comments.
<Daviey> and the downstream having the audacity to ask the reporter to test it, even if tey don't give two hoots about Ubuntu
<hallyn> stgraber: well, the simple 'wait for running or timeout' is in lp:~serge-hallyn/ubuntu/quantal/lxc/lxc-start-d-wait
<SpamapS> Daviey: thats a fair concern. Perhaps we can just leave off the "Dear reporter" one
<Daviey> SpamapS: ok, thanks
<hallyn> stgraber: hm, looks like my subsequent pushes went to ubuntu:lxc
<SpamapS> Daviey: also it just ocurred to me that we're not doing full verification on at least nova. Right? We're just doing regression tests and the CI lab?
<Daviey> SpamapS: a little more than that, but yes.. not complete coverage.  For example, in the last one.. we included fixes for SUSE that doesn't impact us.
<Daviey> There was scope for regression, but this is exactly why we are so involved with the upstream stable tree, to avoid these issues.
<Daviey> As a testament, the last time we did this.. It was regression free.
<stgraber> hallyn: change looks reasonable (looked at ubuntu:lxc)
<SpamapS> Daviey: I'm just thinking its not so important to set all the bug statuses and tags if we're really just going to track the one master bug's status
<Daviey> SpamapS: Note, the whole idea of doing this at upstream, rather than at pure distro level.. is something we conceived for upstream.
<SpamapS> Daviey: you're preaching to the choir you don't have to convince me. :) I'm just thinking about the logistics
<Daviey> SpamapS: right.. I'd be much happier to just set it Fix Committed.
<Daviey> (which i have tooling to do already, if that is easier for you)
<SpamapS> Daviey: it also needs verification-needed to help us know when its ok to send to -updates
<Daviey> SpamapS: right, i can do that aswell if you prefer
<LoT> what's the latest kernel for Precise servers?
<Psi-Jack> LoT: 3.2.0 as it will be for the next 6 years
<LoT> Psi-Jack:  do patches for bugs get applied to the kernel over time?
<Psi-Jack> Security fixes and bugs, yes, there are patchlevels to the kernel Ubuntu provides.
<LoT> also, would the Quantal kernel (after its released "stable") work on Precise (if I were to backport it)
<Psi-Jack> i don't use backported kernels, ever.
<Daviey> SpamapS: any traction on those SRU's?
<SpamapS> Daviey: I just now cleared my table to look at them :-/
<SpamapS> Daviey: I assume that this is high enough priority that its worthy of jumping in front of all the other SRU's waiting?
<SpamapS> Daviey: so how about I jus spam bug 1041120 for all of them?
<uvirtbot> Launchpad bug 1041120 in nova "Meta bug for tracking Openstack Stable Updates" [Undecided,Confirmed] https://launchpad.net/bugs/1041120
<Daviey> SpamapS: Well, there is a significant calling for this SRU.
<Daviey> SpamapS: spamming that one meta bug would be better IMO :)
<SpamapS> Thats the only one that really will control the packages' progression into -updates
<Daviey> SpamapS: i will keep close eye on that, and the others.. just incase.
<SpamapS> Daviey: where is the testing plan for these bugs?
<g0bl1n> hi, I installed nginx-full then removed it and deleted the /etc/nginx directory. Now doing an apt-get install nginx-full won't put the default configuration files there. Any hint ?
<SpamapS> Daviey: err, s/bugs/updates/ ?
<SpamapS> g0bl1n: thats intentional
<SpamapS> g0bl1n: dpkg consideres a removed config file as something the administrator likely wanted
<SpamapS> g0bl1n: apt-get purge nginx-full
<g0bl1n> SpamapS: ahh, let me try ;-)
<SpamapS> g0bl1n: that will reset dpkg's tracking of the config files (and remove ALL data and configs)
<g0bl1n> SpamapS: I was doing a remove and autoremove. Not enough, ok
<Daviey> SpamapS: So.. We will be doing a full burn in a lab.  I will put out a call for testing on upstream mailing list, and we've also had at least one partner offer to help test aswell
<Daviey> So.. more coverage than the previous SRU had.
<SpamapS> Daviey: isn't that written down somewhere?
<SpamapS> somewhere I can link to.. :P
<Daviey> SpamapS: yes
<Daviey> hmm
<Daviey> that might an isue for this moment
<SpamapS> poor users will just have to trust good ol' Daviey's word ;)
<SpamapS> Well as long as the results are documented I don't mind.
<Daviey> fools!
<Daviey> adam_g: do you know where that doc is?
<SpamapS> ugh
<SpamapS> the SRU queuediff script nearly crashed my browser opening all the nova bugs
<SpamapS> Daviey: accepted all. UNLEASHE THE HOUNDS
<g0bl1n> SpamapS:
<g0bl1n> SpamapS:  still getting errors after the purge
<SpamapS> g0bl1n: you may need to purge *all* of the packages that own files in /etc/nginx .. 'dpkg -S /etc/nginx'
<LoT> SpamapS:  was 12.04.1 released?
 * LoT seems to have missed 3 days fo announce emails, so....
<dormito> I have a question about configure ssl certs for  a samba/ldap setup on an ubuntu server, is this the correct channel to ask it?
<g0bl1n> SpamapS:  ah, nginx-common appeared. Purged. Now retrying
<g0bl1n> SpamapS: well done thankyou. Worked
<Daviey> SpamapS: thanks!
 * SpamapS sometimes wonders if dpkg's conffile handling is really worth it
<SpamapS> TheLordOfTime: yes, 12.04.1 was released yesterday
<SpamapS> TheLordOfTime: and your PHP SRU is awaiting approval
<TheLordOfTime> SpamapS:  ah, wonderful.  Thanks.
<Daviey> SpamapS: Houston, we have a problem
<Daviey> SpamapS: nova FTBFS, due to a debuild problem.
<adam_g> Daviey: i think i know what it is
<adam_g> did the others build okay?
<Daviey> adam_g: yes
<Daviey> adam_g: missing HCnageLog.. I am assuming you did a sdist from a tar checkout, rather than git tree?
<adam_g> Daviey: no, in fact i didn't use sdist
<adam_g> Daviey: but yea, that would have been autogen'd
<Daviey> adam_g: Oh, then that is the error
<Daviey> How come you didn't sdist?
<adam_g> Daviey: wasn't sure how zul was cutting the previous tarballs, and whether upstream has merged any of the newer magic into sdist that makes the endproduct something much different than what we were shipping at 12.04
<Daviey> adam_g: Ah, ok
<adam_g> Daviey: but actually, sdist'ing it doesn't produce a ChangeLog either it seems
<Daviey> adam_g: from tar or git co?
<adam_g> Daviey: git
<Daviey> oo-er
<adam_g> Daviey: oh jeez, nvm. it does have it. my bad
<adam_g> Daviey: whats best? adjust packaging on the current upload to exlude it, or upload a new tarball for proposed
<Daviey> I'd think uploading a new orig.  SpamapS, what do you think?
<Daviey> adam_g: I'd like to squeeze one more commit in aswell.. if you don't mind :)
<adam_g> Daviey: what commit?
<adam_g> Daviey: that'd make it easier, current versioning scheme makes it hard to bump the version
<Portaljacker> do i need to install phpmyadmin for my website? or is it enough to have webmin for my server?
<Portaljacker> lamp stack and going to install wordpress
<Portaljacker> i'm stuck at the part to make the mysql database for wordpress
<Portaljacker> and the interface of webmin is not making it obvious how to set it up correctly
<Daviey> adam_g: I just landed two upstream
<Daviey> https://review.openstack.org/#/c/11813/
<Daviey> https://review.openstack.org/#/c/11597/ <-- needed
<adam_g> k
<anotheruser> Portaljacker, don't install the 10.04 phpmyadmin anyway, it's full of holes
<Portaljacker> ok then
<Portaljacker> well i assumed i could set up the mysql database in the webmin mysql module
<anotheruser> i don't know webmin... i've used phpmyadmin, and the mysql command line
<anotheruser> if you really want phpmyadmin, at least install the last version, and change its default path (then you should be ok)
<Portaljacker> command line can work
<Portaljacker> is the comand line tool easy enough to setup a new database?
<anotheruser> it's reasonable
<anotheruser> basically, you just run a CREATE DATABASE command
<anotheruser> if you want user rights management, it's a bit more tricky
<anotheruser> (then you need to read about the "grant" commands
<Portaljacker> apparently this is sufficient :P
<Portaljacker> http://www.debuntu.org/how-to-create-a-mysql-database-and-set-privileges-to-a-user
<anotheruser> yeah that's good enough
<Portaljacker> this line seems odd to me
<Portaljacker> grant usage on *.* to amarokuser@localhost identified by 'amarokpasswd';
<anotheruser> it means amazokuser can connect, from localhost, with that password
<Portaljacker> oh, and he can only connect to a db he's assigned to
<anotheruser> usage is the most basic privilege
<anotheruser> so yeah he can do nothing with it
<anotheruser> The USAGE privilege specifier stands for âno privileges.â
<anotheruser> here :p
<Portaljacker> thanks
#ubuntu-server 2012-08-25
<edgy> hi, what's the meta package to install ubuntu-server?
<BentFranklin> Setting up postfix.  Confused about the FQDN.  I don't have a domain.  Just use hostname?
<SpamapS> BentFranklin: yeah that should be fine
<BentFranklin> Thansk
<SpamapS> BentFranklin: tho thats no good for real usage.. you will want a static hostname at some point otherwise your headers will raise flags on spam filters among other problems.
<Hoyt> hi, what's the right way to change keyboard layout in console ?
<Hoyt> I mean, configure it, not by loadkeys
<uvirtbot> New bug: #1041464 in squid (main) "dpkg: error processing squid (--configure)" [Undecided,New] https://launchpad.net/bugs/1041464
<JadedFunk> If I'm wanting to access my shared folder (vmware workstation) using apache, should I be using a hard symlink to achieve this?
<jgcampbell300> hello, is there software out there that would allow me to install a server say in my living room that is hooked to a sound system and then play music from any computer on my network using the servers sound system
<jgcampbell300> can anyone tell me what it means when i run lshw -class network and it tells me network:0 unclaimed
<jgcampbell300> anyone here ?
<jgcampbell300> anyone here ?
<jgcampbell300> http://paste.kde.org/539360/ haveing some trouble with a driver ... can anyone assist
<TheLordOfTime> is there documentation on how to set up a local archive mirror?
<TheLordOfTime> not a public one, just a private one for a company i'm consulting with
<xnox> TheLordOfTime: $ sudo apt-get install apt-cacher-ng
#ubuntu-server 2012-08-26
<darthanubis> Is there a way I can install ltsp WITHOUT Unity as the default kit? Can I choose which desktop enviroment?
<jeffrubic> If I've originally installed a package via a ppa, then it's later added to the official ubuntu distro, is there anything I need to do to avoid conflicts between the two?
<hotswaphdd> hi
<hotswaphdd> anyone around?
<tgm4883> hotswaphdd, it's better to just ask your question and wait
<sliddjur> Hello I am completely new to ubuntu server. what text editors are there? i saw the command vi and nano?
<sliddjur> ":q!CR	quit, discarding changes" how do i type :q!CR??
<sliddjur> in vi
<seekwill> sliddjur: Press ESC first, then :q!
<seekwill> CR means "enter"
<uvirtbot> New bug: #1010485 in tomcat7 (main) "tomcat7 is not owner of the directory /usr/share/tomcat7" [Undecided,Expired] https://launchpad.net/bugs/1010485
<uvirtbot> New bug: #1017292 in mysql-5.5 (main) "package mysql-server-5.5 5.5.24-0ubuntu0.12.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Expired] https://launchpad.net/bugs/1017292
<uvirtbot> New bug: #1017200 in mysql-5.5 (main) "package mysql-server-5.5 5.5.24-0ubuntu0.12.04.1 failed to install/upgrade: el subproceso instalado el script post-installation devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,Expired] https://launchpad.net/bugs/1017200
<uvirtbot> New bug: #1041829 in bacula (main) "package bacula-director-mysql 5.2.5-0ubuntu6.1 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1041829
<koopa58> Somewhere on my vps something keeps on sending e-mails to postmaster@vps1.domain.com. How can I find out what script is doing this? I'm using sSMTP with Sendgrid.com.
<koopa58> I've set MAILTO="" inside crontab, but this was of no help.
<koopa58> And sSMTP does not use /etc/aliases or /root/.forward
<koopa58> Any suggestions very welcome, as my reputation on Sendgrid is dropping and the e-mails send to that address keep on bouncing.. :(
<koolhead17> hello all
<koopa58> Hello koolhead17
<koolhead17> hi koolhead17
<koolhead17> hi koopa58 :P
<koopa58> :)
<maxb> koopa58: pastebin an example message with full headers?
<koopa58> maxb: I'm not sure what message is being sent.. I only see in sendgrid that it is sent to an address that does not work and thus bounces..
<qman__> this is why it's better to use a real MTA
<qman__> proper logging and diagnostics, ability to filter things out
<koopa58> I do know this: http://serverfault.com/questions/421336/prevent-postmasterdomain-com-bounces-with-ssmtp-and-sendgrid
<koopa58> Hope it is of any help, or anyone that might know where I can find more information..
<qman__> you'll probably have better luck elsewhere, as postfix and exim are the ubuntu-supported MTAs
<koopa58> qman__: Ah, but I need courier or dovecot with those as well or not?
<qman__> no
<qman__> courier and dovecot provide pop and imap
<qman__> if you don't need those, don't install them
<koopa58> Hmm.. can I use postfix like sSMTP so that all mail is handled via Sendgrid, and does Postfix then log more information?
<qman__> I don't know anything about sendgrid, but postfix can be configured to use a smarthost if that's how you're doing it
<qman__> and it can be configured with any number of additional filters, like anti-spam and antivirus
<qman__> it's also one of the most widely used MTAs, so online documentation is very good
<koopa58> I need something that is easy to setup :) and I only need to send e-mails. Also I've learned that I need to be able to retrieve local mails the system might send..
<koopa58> Disabling courier would be dangerous?
<qman__> it doesn't get much easier than postfix
<qman__> apt-get install postfix, answer a few questions in debconf
<qman__> courier is not needed at all
<qman__> system mail is delivered locally, and can be retrieved using local mail clients
<koopa58> Hmm.. someone said to me: "You need local mail delivery - just disabling Courier compromises the functionality / security your system - you need to replace it with a local MDA such as deliver / procmail"
<koopa58> Do you know what they mean?
<qman__> partly correct in that you still need local mail delivery
<qman__> but removing software doesn't compromise security
<koopa58> Aha okay, I also found out about the `mail` program, I could use that to retrieve local mail am I right? I have never seen anything come up in there so :)
<qman__> yes
<qman__> ssmtp probably doesn't do local mail delivery, so if you continued to do that you'd need procmail or similar
<koopa58> Ah thanks for clearing that up :) so `mail` could handle the local mail
<qman__> but postfix can do it all
<koopa58> Oh okay
<qman__> you can optionally use procmail with postfix, too
<koopa58> And procmail is like `mail` a client to retrieve mail?
<qman__> no
<qman__> it's a delivery agent, for local mail
<qman__> you still need a mail client like 'mail' to read it
<koopa58> Okay, would I need procmail or is it only for filtering and such?
<koopa58> Considering what I have setup in /etc/aliases and ~/.forward
<qman__> not strictly necessary, just optional
<koopa58> Okay, thanks :) I'll try out postfix.. hope I can catch the program that is sending to that address.. I assume postfix also would log in /var/log/mail.* ?
<qman__> yes
<qman__> it doesn't log the full content of the messages by default but you can turn it on
<qman__> but it does log when and where it's sending them out of the box
<koopa58> Ah okay, great! Thanks, I'll try it out
<koopa58> Getting some more info with Postfix now.. but it still seems to use the address root@vps that does not exist.. http://pastebin.com/xiN1rX43 any ideas?
<koopa58> It seems like there are 2 emails being sent
<mwcampbell> Why are there two LXC templates for Ubuntu, "ubuntu" and "ubuntu-cloud"? What distinguishes them?
<stgraber> ubuntu builds the template from scratch using debootstrap, ubuntu-cloud downloads a pre-built cloud image from the internet
<mwcampbell> When should I prefer one LXC template over the other? For example, is ubuntu-cloud primarily intended for use with OpenStack?
<stgraber> ubuntu-cloud is going to offer you a behaviour identical to the ubuntu cloud AMI that you'd run in EC2 or other cloud providers
<stgraber> however it requires downloading the pre-built image, so if you already have a local mirror, it won't be able to use it
<stgraber> also, the image might not be fully up to date, so you may need to apply updates afterwards
<stgraber> the lxc-ubuntu template instead builds it locally for you, so if you have a mirror, it'll use it as the package source and it'll be perfectly up to date as it'll be building the template the first time you want to use it
<mwcampbell> stgraber: Thanks for the explanation.
<mwcampbell> I also see that lxc-ubuntu lets me share my user account and home directory between the host and container(s). That looks quite handy.
<stgraber> yeah, lxc-ubuntu has a few more options than the lxc-ubuntu-cloud template
<mwcampbell> So I'll use lxc-ubuntu-cloud if I want to test something that I intend to deploy to EC2 using the Ubuntu AMI
<stgraber> yep, that'd be the best template to use for that case indeed
<uvirtbot> New bug: #1041950 in samba (main) "package smbclient 2:3.5.8~dfsg-1ubuntu2 failed to install/upgrade: short read on buffer copy for backend dpkg-deb during `./usr/bin/smbcacls'" [Undecided,New] https://launchpad.net/bugs/1041950
<uvirtbot> New bug: #1041966 in lm-sensors (main) "package libsensors4 1:3.3.1-2ubuntu1 failed to install/upgrade: conffile './etc/sensors.d/.placeholder' is not in sync with other instances of the same package" [Undecided,New] https://launchpad.net/bugs/1041966
<uvirtbot> New bug: #1041980 in exim4 (main) "package exim4-config 4.76-3ubuntu3 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1041980
#ubuntu-server 2013-08-19
<tarvid> looking for the sanest route to hosting shell accounts for a modest number of users
<tarvid> LXC?
<JasonO> Hi
<tarvid> Hi JasonO
<JasonO> Hi tarvid
<tarvid> Looking for wisdom from folks with LXC experience
<JasonO> I am having problems enabling SSL on  my virtual host. Can someone please help me?
<JasonO> When i reload apache2 I get:  [warn] _default_ VirtualHost overlap on port 443, the first has precedence
<JasonO> Is there a way to allow both on 443 without conflict?
<tarvid> NameVirtualHost?
<JasonO> tarvid: amjjawad
<kimsia> hi there
<kimsia> i typed `apt-get update`
<kimsia> now i see a long list of
<kimsia> EDAC i7core: Lost 127 memory errors
<kimsia> the list has not stopped running for the past 5 mins. What is happening?
<kimsia> i am using 12.04 LTS server edition
<tarvid> Error detection and correction
<tarvid> No point is waiting
<tarvid> in
<tarvid> Run the memory test on bootup
<kimsia> tarvid: how do I run the memory test on bootup?
<tarvid> I think it is a grub option but you can use any install disk a d run memtest
<kimsia> tarvid: I am sorry I am quite new at this
<kimsia> I don't have any ubuntu installtion disks with me now
<kimsia> i am on site at another place
<kimsia> how do I try this grub option?
<tarvid> borrow another machine and make one
<tarvid> But it sounds like hardware issues
<kimsia> oh shucks
<tarvid> How many sticks in the machine
<tarvid> yes shucks
<kimsia> sticks?
<tarvid> ram?
<tarvid> they could be loose
<tarvid> or dirty
<tarvid> You may be able to run on part of them
<tarvid> like 2 out of 4 or one out of 2
<tarvid> fancy board? I7?
<kimsia> @tarvid I just restarted the server
<kimsia> the errors are no more
<kimsia> do i just assume that everything is okay?
<tarvid> errors that go away gratuitously often come back
<kimsia> i also just ran `apt-get update`. It finished without seeing the errors
<kimsia> i see.
<tarvid> may have been the oded cosmic ray that zapped a bit
<kimsia> so what should I do now?
<tarvid> several choices
<tarvid> ignore it as just a fluke in the universe\
<tarvid> install memtest86+ and let it run when you go home for the night
<kimsia> tarvid: someone suggested the following to me
<kimsia> http://askubuntu.com/a/334332/10591
<tarvid> a bit paranoid
<tarvid> most people don't have EDAC and live
<shauno> doesn't read too paranoid to me.  it sounds like a decent crash-course on ECC.  if you have lots of correctable errors, good news, you got ECC.  if you start seeing uncorrectable errors, pull the ram
<tarvid> an object lesson yes, a crash course??? We don't know how much ram is in the machine
<kimsia> what is ECC?
<kimsia> I am trying to find out sorry hang on
<kimsia> these are the specs:
<kimsia> 1 x IntelÂ® XeonÂ® L5630 12M Cache, 2.13 GHz Processor, 2GB x 4 RAM 2 x 146GB SAS 15K HDD
<shauno> ECC is error-correctionin ram.  very common in server-class systems, reasonably common in workstation-class systems, rare in desktops and near unheard of in laptops
<kimsia> I am running `apt-get dist-upgrade -y` now will take a while to stop
<kimsia> so if I have ECC, that is a good news right?
<tarvid> Good news is zero errors
<tarvid> memtest86+
<kimsia> tarvid: understood. now rebooting after finish `apt-get dist-upgrade -y`
<kimsia> over here, it is 955am
<kimsia> there are people who need to use the server. SO I will run the memtest at end of biz day
<kimsia> Oh look slike i need to run memtest from a CD or usb flash drive
<tarvid> Good plan. Memory is pretty cheap these days
<kimsia> http://en.wikipedia.org/wiki/Memtest86
<kimsia> is this correct?
<patdk-lap> you don't need to
<patdk-lap> you can run it from anywhere
<patdk-lap> just those are normally common
<kimsia> erm is it simply something i can apt-get install?
<patdk-lap> I run it all the time via pxe
<patdk-lap> apt-get I dunno
<patdk-lap> but you can add it as a grub option
<patdk-lap> no one should run a computer without ecc ram these days
<tarvid> ooooooooooooooooooooooo, the vast majority of people run fine without ecc
<patdk-lap> tarvid, the vast majority reboot their computer daily, cause of random issues :)
<kimsia> erm sorry guys
<kimsia> i have an immediate problem
<kimsia> i tried to open my kern.log
<tarvid> and ...............?
<patdk-lap> suspense
<kimsia> tarvid: sorry co-worker interrupted me
<kimsia> the kern.log was huge so i couldn't leave
<tarvid> could be panic time
<kimsia> i mean ctrl X when i attempted to exit from nano
<patdk-lap> forget kern.log, and use dmesg instead
<kimsia> now i can
<kimsia> they are asking me to turn the webapp back on for them
<kimsia> because it's urgent for them.
<kimsia> i am caught between debugging the issue further and restoring the webapp for thme
<kimsia> patdk-lap: what is dmesg?
<patdk-lap> where the stuff comes from, that goes into kern.log
<kimsia> i see
<patdk-lap> but it only has the last 1000 or so messages
<kimsia> i just typed
<kimsia> its long
<kimsia> i dunno what i am looking for in dmesg
<patdk-lap> ideally, on a normal system, there would be nothing
<shauno> if you're able, I'd err towards swapping the ram out and testing it in a machine that isn't so urgent.  spraying memory errors isn't healthy
<patdk-lap> unless you have firewall logging
<patdk-lap> but you should only have events, for large stuff, like, insert new disk, remove disk
<kimsia> i am unable to swap out the ram and test on another machine unfortunately
<tarvid> My guess you are headed for a full crash. If you have spare RAM do
<tarvid> You could try half the ram and hope the half left in the machine is good
<shauno> memory pretty much has three conditions.  green light is no errors.  this is what you want.  amber light is ECC catching errors.  this is a huge warning, especially if they're numerous/frequent.  red light is uncorrectable errors.  which usually manifests itself as "random" corruption & crashes.
<shauno> ECC buys you that amber light.  it's up to you to take the warning
<kimsia_> sorry guys
<kimsia_> somehow i got disconnected
<kimsia_> how can i retrieve the conversation of the last few minutes?
<kimsia_> i am on webchat.freenode.net
<kimsia_> hence i have no logs
<bradm> kimsia_: http://irclogs.ubuntu.com/2013/08/19/%23ubuntu-server.txt, its a few minutes behind
<kimsia_> thanks bradm
<nilli> I'm trying to "become" the user www-data, but "sudo -u www-data" doesn't do anything and "su -u www-data" requires that I know the password for the user. I have root access to the server, and I know I've managed this once before, but I can't remember how I did it...
<nilli> oops, I mean "su - www-data" requires password
<rbasak> nilli: it could be because www-data doesn't have a shell (or it is set to /bin/false or something). Try sudo -u www-data but specifically with the command you want to run as www-data.
<nilli> unfortunately I'm trying to run a command for a huge directory and sudo can't handle the amount of files in it.. I figured I would change to the right user so that I won't be limited by sudo.
<rbasak> In what way can sudo not handle the amount of files in it?
<nilli> sudo: unable to execute /usr/bin/find: Argument list too long
<sgran> that's find, not sudo
<nilli> no, the error is for sudo
<sgran> I assume you're doing something like find * ?
<sgran> sudo is reporting the error that find returns
<nilli> sudo find /my/path/* -mtime +30 -exec rm {} \;
<rbasak> Drop the *
<sgran> yes.  Remove the *.  Marvel as it works
<nilli> I found another way to solve my problem so I know that's not the issue :)
<rbasak> sudo find /my/path/ -mtime +30 -exec rm {} \;
<nilli> I logged in as root instead of my normal user and did chmod so I got permission to write to the files in that directory
<nilli> then I went back to my own user and simply dropped "sudo" from the command
<nilli> voila. no problems.
<nilli> thanks for your suggestions anyway
<smb> hallyn_, zul, I saw in the scrollback that you had a few issues. Ping me when you are there and I try to help.
<arti> What to do when tcp port is in use(aka i can't bind to it) but nothing is using that port (atleas netstat doesn't show anything)?
<jamespage> smb, hey - fyi I'm seeing problems with openvswitch on the 3.11 kernel in saucy
<jamespage> smb, I'm backporting the upstream fixes for 3.10 - which work find on 3.10
<jamespage> smb, the problem I'm seeing exists for the current version in archive as well
<jamespage> smb, bug 1213879
<uvirtbot> Launchpad bug 1213879 in openvswitch "kernel fault ovs 1.10.1 + linux 3.11" [Undecided,New] https://launchpad.net/bugs/1213879
<jamespage> smb, autopkgtest would concur with this perspective - https://jenkins.qa.ubuntu.com/view/Saucy/view/AutoPkgTest/job/saucy-adt-openvswitch/35/
<jamespage> smb, looks like the last good run was actually against 3.10
<jamespage> smb, I'll keep digging
<jamespage> ...
<smb> jamespage, I  had been building and manually loading the module which was the only action the dkms testing does. So there sure could be issues left that will not get caught by this.
<jamespage> smb, I see an extra error message 'openvswitch: cannot register gre protocol handler'
<jamespage> and when I try to run the openflow test from debian/tests my machine die's horribly...
<smb> Hm... was that not something the in-kernel one would show?
<jamespage> smb, no - the in-kernel one appears to be OK - I just tested that
<smb> Just the thing about gre protocol
<jamespage> smb, I'm looking at the delta in datapath.c between the 3.11 kernel and the datapath.c that we have in the dkms module
<smb> The stacktrace at least points into the dkms module
<smb> That might be quite large if the statement of upstream about not pushing for all features is true
<jamespage> smb, just noticed this - http://kernel.ubuntu.com/git?p=ubuntu/ubuntu-saucy.git;a=history;f=net/openvswitch/vport-gre.c;h=493e9775dcdadb90ea383a26403d8bd11fc6face;hb=HEAD
<jamespage> which might indicate that upstream have been pushing to get GRE tunnelling into the native kernel module
<jamespage> which is good
<smb> Yes, might make the dkms module unneeded
<jamespage> smb, well it might
<jamespage> smb, indeed
<jamespage> this is hard - between 1.10 and 1.12 the tunnelling code got completely restructured
<rbasak> Daviey: http://reqorts.qa.ubuntu.com/reports/ubuntu-server/merges.html was generated on 9 August. Could you see if something's failing, please, or am I hitting the wrong URL?
<jamespage> smb, lemme email upstream and see what the best way forwards is....
<smb> jamespage, Ok, as it looks the call to get_ifindex in get_dpifindex has been replaced by just a lookup instead of a call. We would have to look at the disassembly to be sure it was that that crashed. And then it still would not help that much as you noted the whole code got changed a lot
<jamespage> smb, are you smb@ubuntu.com?
<smb> I should be, too. Or the one at canonical.com
<jamespage> smb, \o/ even with trunk of openvswitch my kernel modules explode!
<jamespage> biab
<smb> smb, At least consistent in that... :-P
<smb> jamespage, ^ I am talking to myself again
<jamespage> smb, lol
<Daviey> rbasak: ok
<Daviey> rbasak: updating by hand, will let you know what happens
<rbasak> Thanks
<zul> yay keystone needs python-oauth2
<jamespage> zul, woot
<zul> hallyn_: ping
<zul> jamespage:  https://code.launchpad.net/~zulcss/keystone/oauth2/+merge/180878
<hallyn_> zul: yeah
<zul> hallyn_:  i think this might be the cause of your issues that you were having https://www.redhat.com/archives/libvir-list/2013-August/msg00344.html
<hallyn_> zul: ok, i'll try - i'm not working on that right now
<zul> hallyn_:  ill take the patch and upload a new version, apparently its affecting nova-compute
<hallyn_> oh, ok
<hallyn_> (suppose i shoulda tried 1.0.6 on friday0
<zul> jamespage/roaksoax: https://bugzilla.redhat.com/show_bug.cgi?id=994855
<uvirtbot> zul: Error: Could not parse XML returned by bugzilla.redhat.com: HTTP Error 404: Not Found
<zul> jamespage: shoot
<zul> jamespage/roaksoax: https://bugzilla.redhat.com/show_bug.cgi?id=994855
<uvirtbot> zul: Error: Could not parse XML returned by bugzilla.redhat.com: HTTP Error 404: Not Found
<zul> jamespage/roaksoax: https://code.launchpad.net/~zulcss/keystone/oauth2/+merge/180878
<jamespage> zul, +1
<jamespage> did you get anywhere with the httpretty dep upstream?
<zul> jamespage:  no
<zul> jamespage:  its on todo list for today
<zul> jamespage:  just fixing a libvirt regression
<smb> zul, will that include the fixes I mailed you or will that wait till the merge? :)
<zul> smb:  it should already have the fixes there
<smb> zul, sounds good. I am not sure but you and hallyn_ seemed to have struggled with libvirt and Xen from my ppa. Did that succeed at some point? I don't remember the outcome
<zul> smb:  im not sure check with hallyn ;)
<smb> zul, Guess that means you either had no issues or did not try :-P
<zul> smb:  i dont have the hardware until the end of the month :(
<smb> zul, Ah there was that.
<hallyn_> smb: it did not
<hallyn_> smb: but i' not working on it this morning
<hallyn_> smb: zul thought https://www.redhat.com/archives/libvir-list/2013-August/msg00344.html might actualy be my problem
<hallyn_> i haven't tested it.
<zul> hallyn_:  ok i included it in ubuntu2 anyways
<smb> hallyn_, In general you should forget about PV and libvirt. IMO that has never worked
<hallyn_> zul: ok.  now that was to hopefully fix my inability to connect with virt-manager, right?
<hallyn_> smb: huh?  wht about nova?
<smb> hallyn_, Is that only doing PV ? Not HVM?
<zul> hallyn_:  apparently it was causing nova-compute to crash if you were using libvirt
<hallyn_> smb: mind you i also wasn't able to start domains my hand.  but then if that's working for you then it's probably user error
<smb> hallyn_, Might be. Though a bit od and I would be interested in seeing more details on the failure. Whenever you work on it again
<hallyn_> ok
<smb> hallyn_, At least on my machines libvirt and Xen HVM was working, but there also was an odd sudden fail on creating new guests that was related to virtinst. One of those which make you wonder how this ever worked. The Saucy version should be ok but depending on what the machine runs on which you run virt-manager this might still trigger. But the symptom is it trying to use hvmloader with an invalid path.
<hallyn_> smb: perhaps you should put up a quick wiki page with precise instructions for how you create a guest
<smb> hallyn_, From virt-manager that should not be so different from KVM, supply a virt cdrom/iso and install from there. This also automatically makes your guest HVM.
<hallyn_> smb: right i meant without libvirt.  (virt-amanger - well that'll be fine when virt-manager manages to connect;  but doesn't help me right now :)
<smb> hallyn_, Probably the not connect is because the unix socket is not on by default. You probably want https://wiki.ubuntu.com/Kernel/Reference/Xen then. :)
<hallyn_> smb: ?  hm, no, i don't see anything there that's new to me.  but np, i'll get back to it at some point.  having cgroup troubles.
<smb> hallyn_, Hm, ok. But yeah, lets wait until you got sorted the other issues
<zul> jamespage:  i think im joing to bite the bullet and package httpretty i can see stuff like keystone using it
<hallyn_> stgraber: oh fud.  i pushed the right commit to git...  but with the wrong description.
<stgraber> hallyn_: --amend + push --force
<hallyn_> so if you're wondering "what is that"...  i goofed.  i think it's too late to git push --force it now.
<hallyn_> well
<stgraber> hallyn_: I haven't updated my branch in a few hours, so it should be fine
<hallyn_> you haven't pulled yet?
<hallyn_> ok
<hallyn_> mind you i was most of hte way through building new ppa packages, but that should be ok
<hallyn_> all right, updated.  back in awhile
<hallyn_> stgraber: I intend to think about and solve the lxc.snapshots problem now.  if you can think of a more urgent bug in lxc that i should be addressing right now, shout
<hallyn_> heh, tonight/tmoorrow i should focus on coverity :)
<stgraber> hallyn_: making sure we're pretty low latency for patches getting to lxc-devel in the next few days would be great, but you do a very good job at that usually already. I'll need to take a look once I'm back home to see if manpages/doc/... need some updating and if there's any regression in the bindings that we should address prior to release.
<stgraber> it's just the first alpha, so it doesn't need to be perfect, but that's what people are likely to be using when coming to Plumbers, so better try to solve as many issues as possible
<hallyn_> speaking of that,
<hallyn_> smoser: your patch is in git, but i'm afraid i didn't get it into the newest ppa build.  let me know if it's urgen (i assume it's not as the previous workaround was nonideal but functional)
<sidnei> hallyn_: around?
<sidnei> hallyn_: fun one: if i run mir, when i do lxc-start it kills my x session and im dropped to console. :)
<smoser> hallyn_, yes. non-ideal but funciontal. thanks.
<hallyn_> sidnei: is that in a stock saucy desktop install?
<sidnei> hallyn_: it's been upgraded from raring
<smoser> hallyn_, why do you hate MIR so much ?
<hallyn_> smoser: i love mir
<smoser> :)
<hallyn_> sidnei: your container does have its own networking right?
<hallyn_> sidnei: oh wait.
<hallyn_> sidnei: ar eyou running from ubuntu-lxc daily ppa?
<sidnei> hallyn_: yup
<hallyn_> yeah...
<hallyn_> i've got a little snafu there... you're not running with proper apparmor profile
<sidnei> i see. i've reverted to nvidia from nouveau and that works around it for now.
<hallyn_> sidnei: do you know how to build from git?
<hallyn_> oh well, says it's already built
<hallyn_> sidnei: try upgrading lxc, and see if it fixes it
<hallyn_> sidnei: if it doesn't, it's possible that access to 5:0 or 5:1 is doing it
<sidnei> hallyn_: in other news, lxc-clone -s -L4G should create a 4G lv? seems like it creates an lv with the same size as the original, but with a 4G COW-table, whatever that means.
<hallyn_> sidnei: yeah lxc passes the size along, but it's possible that lvm can't actually do what we're asking
 * hallyn_ checks the manpage
<hallyn_> yeah, from the lvcreate manpage:
<hallyn_>        "lvcreate --virtualsize 1T --size 100M --snapshot --name sparse vg1"
<hallyn_>        creates a sparse device named /dev/vg1/sparse of size 1TB with space for just under 100MB of actual data on it.
<hallyn_> that's what we're doing.  might be worth a warnin gto the user at lxc-clone.
<hallyn_> but that would be wishlist prio :)
<hallyn_> no i'm misreading
<hallyn_> i'll just test it (later)
<styol> ello. I've got several servers running Ubuntu 12.04 and am performing some benchmarking. I seem to be experiencing connection resets and am trying to troubleshoot it. If one server running a load balancer (HAProxy) is showing literally the exact same connection reset output from tcpdump as is shown on one of the servers being load balanced, that does indeed suggest that the load balanced server was the source of the connection reset, correct?
<smoser> hallyn_, thoughts really quick...
<smoser> would you consider an 'alias' in lxc ?
<smoser> so i could 'lxc-clone -o precise-amd64 -n test1'
<smoser> as an interface / alias for "clone the latest" precise-amd64
<smoser> where something else would manage 'precise-amd64 -> precise-amd64-20130824'
<smoser> or something.
<smoser> to that effect
<hallyn_> smoser: hm
<smoser> hallyn_, basically i'd like to have something pulling in simplestreams data and keeping 'precise-amd64' as a "symlink" or alias of sorts to the latest thing pulled in
<hallyn_> right,
<hallyn_> i dno't really want to add a new list of those.  but,
<hallyn_> i'd be ok with allowing a container config which just says 'lxc.alias = xxx'
<smoser> but then i'd have to teach the user to read that config
<smoser> right ?
<smoser> ie: lxc-clone -o $(find-lxc-with alias=precise-amd64) -n test1
<smoser> i was just hoping to avoid the 'find-lxc-with'
<hallyn_> no, i was thinking lxc would do it for you
<smoser> ah.
<smoser> i then misunderstood "dont really want ot add a new list of those."
<smoser> ah.
<hallyn_> i just meant i don't want an external list
<smoser> right. ok.
<hallyn_> really, i suspect
<hallyn_> if you just do echo "lxc.include = /var/lib/lxc/precise-whatever/config" > /var/lib/lxc/precise/config,
<hallyn_> that might just work
<hallyn_> well, lxc-clone might make too many assumptions for that to work
<hallyn_> smoser: but weren't we thinking of having a separate small package keep track of the containers anyway?
<hallyn_> seems like a '$(find-latest precise)' would be trivial to use
<hallyn_> lxc-clone -s -o $(find-latest precise) -n precise-test
<smoser> yes, we'd have the small program. that was the idea. and i'd have it maintain the alias.
<smoser> but i didn't want to teach the user about 'find-latest'
<smoser> i wanted lxc to do that for me.
<smoser> if you're against it, we can just plan on making the user (in this case juju)
<hallyn_> smoser: lxc-start is happy with my suggestion above
<hallyn_> lemme try clone
<hallyn_> no lxc-clone doesn't detect the fstype right (this is with lvm).  but that may be fixable
<smoser> ewll, hallyn, i'm fine with letting you decide wether or not its fixable / desireable.
<smoser> i'd 'clone' not understanding lxc.include to be bug, but that is neither here nor there.
<hallyn_> smoser: well it understands include, i think.  it might understand it too well
<hallyn_> smoser: right, the problem is that lxc-clone wants to udpate the old container name to the new
<hallyn_> so it wants the disk name to match container name (or at least contain it)
<hallyn_> i'll come up with something
<smoser> above that was bad syntax.
<smoser> i'm good with you deciding if aliases of that sort are desirable or not.
<smoser> but i would consider  'clone' not understanding lxc.include to be bug, but that is neither here nor there.
<hallyn_> smoser: actually, just a symlink works
<hallyn_> sudo ln -s /var/lib/lxc/{c-saucy,c}; sudo lxc-clone -s -o c -n c2
<hallyn_> works - other than at least one little corruption in print output
<smoser> i figured you were going ot suggest that. do you think that is maintainable?
<hallyn_> in what sense?
<hallyn_> that we wouldn't get rid of that unintended feature?
<smoser> well, its kind of har dto decide when its right to reoslve that link and when it is not.
<smoser> and yes, the unexpected feature
<hallyn_> that's the nice thing about that,
<hallyn_> i'm not resolving that link, i just open $lxcpath/$lxcname/config, and takea ll values from the configfile
<smoser> ie, does clone resolve that its cloned 'c-saucy' or 'c'
<smoser> because its mounts need to have the full path resolved
<hallyn_> it's erronously using c
<hallyn_> yes, i'll need to update that.
<hallyn_> so, which do you prefer?  symlink, or lxc.alias?
<hallyn_> from end user pov
<smoser> it seems that with lxc.alias we can explicitly define the behavior without legacy concern.
<smoser> where symlinks have some expected legacy behavior.
<hallyn_> ok, will try lxc.alias and float a patch tonight
<hallyn_> or tomorrow
<adam_g> roaksoax, does maas setup some apt proxy by default for nodes to use?
<roaksoax> adam_g: only on raring+
<roaksoax> adam_g: by default on all maas versions we use maas' squid-deb-proxy, but only for deployment (not for commissioning/enlistment). Raring+ allows you to modify what apt_proxy to use on the MAAS WebUI
<roaksoax> adam_g: and from raring+, it is also used for enlistment/commissioning
<adam_g> roaksoax, ok, so by default provisioned nodes come up behind an apt proxy?
<roaksoax> adam_g: yes. MAAS has squid-deb-proxy which is used by default
<sidnei> hallyn_: ok, i understand the confusion now. the size specified in lxc-clone -L is the size allocated for the snapshot but the snapshot cannot ever be bigger than the original volume
<hallyn_> right
<sidnei> hallyn_: it could be interesting to use thinpools so that the snapshots are not pre-allocated
<sidnei> if im understanding correctly what it does
<hallyn_> that would be on the original?
<hallyn_> patches or descriptive bugs welcome :)  i've not heard of them but sounds likea  good idea
<sidnei> if the original is on a thinpool the snapshot is automatically allocated on a thinpool it seems
<hallyn_> is there any downside?
<sidnei> if you overallocate and run out of disk space you get processes stuck into D state it seems
<w00ter> Anyone have experience with the chipset used on the ASRock B75 Pro3-M motherboard (known compatability issues?)
<wedgwood> Is there a way to create a bind mount in an LXC container such it will always be owned by "ubuntu" (or some specific user)
<sidnei> wedgwood: there's a shortcut to bind-mount ~user, not sure if that's what you want
<wedgwood> sidnei: I'm hoping to mount a directory from the host to the same place in the container.
<sidnei> wedgwood: juju-core does it so it's certainly doable. you have to create a custom config. let me look it up for you.
<sidnei> wedgwood: looks like the syntax is lxc.mount.entry=/path/to/host/dir path/to/container/dir, where path/to/container/dir needs to exist and is relative to the 'rootfs' dir
<sidnei> wedgwood: juju-core uses 'lxc.mount.entry=/var/log/juju var/log/juju' iiuc
<wedgwood> sidnei: yep, I've got that part, but If the host directory is owned by uid=1000, it will also be owned by uid=1000 in the container
<sidnei> i see what you mean
<sidnei> http://s3hh.wordpress.com/2011/09/22/sharing-mounts-with-a-container/ maybe?
<wedgwood> I *think* that the ubuntu template makes an initial ubuntu user with UID=1000 so if the, jenkins, for instance and has UID=1001, ubuntu won't have access to it.
<wedgwood> I had a look at that post... lemme look again
<sidnei> you might be able to specify the uid in the fstab entry
<wedgwood> maybe so. I didn't see a parameter like that in the mount manual
<adam_g> roaksoax, where does maas end up setting proxy settings on a provisioned node?
<sidnei> ah, not all fs types support uid/gid
<wedgwood> I was thinking there might be a UID namespace map in LXC
<sidnei> possibly yeah
<wedgwood> that's more what I was expecting, actually
<sidnei> wedgwood: you could also make it group-writable and add ubuntu to the 1001 group, or whatever is the jenkins user's group?
<wedgwood> yeah, that's a possiblity
<koolhead1> Daviey: ping
<wedgwood> I still thin that could be trouble. if the guest user created files with go-rwx, then the host wouldn't have access
<roaksoax> adam_g: where as in the code?
<roaksoax> adam_g: in the preseed we tell to set up the mproxy
<roaksoax> adam_g: for apt
<roaksoax> and apt configures it automatically
<roaksoax> in /etc/apt/conf....
<roaksoax> something
<adam_g> roaksoax, no, after the node is up and commissioned
<roaksoax> adam_g: during commissioning/enlistment it does not set the mproxy. (for precise/quantal), for raring+ it does
<adam_g> roaksoax, i thought it was using squid-deb-proxy prior to raring?
<wedgwood> hallyn_: still around? do you know whether it's possible to map a UID inside a container to one outside so that it can work with files in a bind mount?
<roaksoax> adam_g: it will always use squid-deb-proxy by default
<roaksoax> adam_g: however in precise, quantal, it does not use it for enlistment/commissioning, only for deployment
<roaksoax> adam_g: in raring+ it uses it for enlistment/commissioning/deployment + it is easily customizable on the WebUI!
<hallyn_> wedgwood: just dictate the uid in /etc/passwd in the container
<hallyn_> wedgwood: (I assume you're not using a user namespace)
<roaksoax> adam_g: if you want to use it for enlistment/commissioning in precise, then you'd need to hack /etc/maas/commissioning-user-data and /usr/share/maas/preseeds/enlist_userdata
<roaksoax> adam_g: if you want to use a different in raring/saucy, you can do so on the WebUI
<hallyn_> wedgwood: you'll probably want to doublecheck the primary group for the user too
<roaksoax> (and probably via cli too)
<wedgwood> hallyn_: OK, yeah. That's a simple solution. Thanks.
<adam_g> roaksoax, what file in /etc/apt/ gets updated to actually use the proxy.
<roaksoax> adam_g: can't remember it is done automatically by preseeding
<roaksoax> i'll deploy a node and let you know
<Daviey> koolhead17: hey
<sidnei> hallyn_: if i compile from git, what's the easiest way to test my changes short of doing 'make install'? i guess i have to play with LD_LIBRARY_PATH and such?
 * sidnei < C-newbie
<hallyn_> sidnei: actually the easiest way is to get the package source from the ppa (using dget on the url for the .dsc) and apply the missing patches from git,
<hallyn_> then debian/rules build && fakeroot debian/rules binary
<sidnei> too late!
<hallyn_> sidnei: but the ppa should have just about everything in git
<hallyn_> ok
<hallyn_> my wireless repeater was playing games with me
<sidnei> hallyn_: https://github.com/lxc/lxc/pull/33 (still wip)
<jose> hey guys, is the keyboard not working a common bug on the install cd?
<zerick> Has anybody here uses or knows about OCFS2 ?
<xkernel> how to add Apache virtualhosts for the same domain but for sub dirs?
<xkernel> like domain.com should open /var/www/domain
<xkernel> and domain.com/subdir should open /var/www/subdir
<sarnold> xkernel: the <directory> directive works within a virtualhost directive: http://httpd.apache.org/docs/2.2/mod/core.html#directory
<sarnold> xkernel: ah, hrm, maybe <directory> isn't what you'd want. I'm nearly certain this page describes how to get where you want, but nothing you can just copy-and-paste: http://httpd.apache.org/docs/2.2/sections.html
<jose> prob solved over here. thanks!
#ubuntu-server 2013-08-20
<smoser> hallyn_, stgraber what happened with this
<smoser> http://sourceforge.net/mailarchive/message.php?msg_id=29829732
<smoser> did that get in in some form ?
<sarnold> smoser: I saw some keen monitor mechanism when I did the lxc MIR audit; check out src/lxc/monitor.c and see if it looks like what you need or want
<sarnold> (normally I'm against anything that deviates too far from APUE's daemonize() or daemon() function, but this was surprising in a nice way. :)
<smoser> hm.. i didn't even bother looking at code.
<smoser> reading that thread, i kind of wished they'd gone a similar route to qemu guest agent
<roasted> hello friends
<ScottK> Looks like nodejs can be synced.  That would fix installability of node-resolve.
<Pupeno> Is there a way to see the stdout of a process that cron is running right now?
<cefk> hi allesamt. wenns um routing geht - ohne nat - gibts da nen trick oder ist in sysctl mit ip_forward = 1 alles getan? ich kriegs nÃ¤mlich nicht hin - hab mittlerweile auch routing-regeln editiert etc .. weiss nicht mehr weiter. - hat jemand kurz zeit und nerv fÃ¼r sowas?
<cefk> wrong language, sorry. I have an 8-NIC ubuntu server, that should route between 8 different networks. I do not want it to do NAT, so as I understand the Routing-Wiki, I need to set ip_foward to 1 via sysctl and be done. Is that true, or do I have to use the nat-rule (postrouting/masquerading)?
<ivoks> zul: pingy pongy
<zul> ivoks:  just waking up
<ivoks> zul: here's something to make it quicker ;) https://bugs.launchpad.net/cloud-archive/+bug/1214275
<uvirtbot> Launchpad bug 1214275 in cloud-archive "libjs-swfobject missing in Havana staging" [Undecided,New]
<zul> ivoks:  cool ill have a look
<ivoks> or jamespage ^
<jamespage> ivoks, thanks....
<jamespage> I'll let zul backport that  :-)
<ivoks> it's not easy
<ivoks> we also have this one: https://bugs.launchpad.net/horizon/+bug/1210253
<uvirtbot> Launchpad bug 1210253 in horizon "With Havana 2 installed, Launching horizon UI results in the error " NameError: name 'Dashboard' is not defined"" [Undecided,Incomplete]
<jamespage> Daviey, if you have time python-websocket-client, python-jujuclient and juju-deployer are all in the NEW queue for saucy now
<ivoks> zul: i believe this is specific to django 5.1
<zul> greeeeat...
<Daviey> jamespage: Yes, i'm sure i can do them today
<jamespage> Daviey, thanks!
<Daviey> jamespage: I am wondering if UCA needs some better tooling to check deps are satisfied
<Daviey> There has been a few whoopees
<jamespage> Daviey, probably - do you know how the installability checker works in -proposed? that would be useful
<Daviey> jamespage: it's plain Britney ?
<Daviey> jamespage: Hmm, do you know why the Havana uploads for UCA 'b3' rather than 'h3' ?
<Daviey> For Grizzly we did G3.
<jamespage> Daviey, just lining up behind how upstream named things for havana
<Daviey> jamespage: Oh, you are quite right
<zul> jamespage:  im going to be synching up the cloud-archive today
<jamespage> zul, +1 please do
<jamespage> we are a few weeks off h3 but good to get it done in advance
<jamespage> zul, pls can you remember to backport the packages in the lab as well so we stay in sync
<zul> jamespage:  ack
<zul> jamespage:  the new openvswitch is ok for the CA i know that we had problems with libvirt so im delaying libvirt for now at least
<jamespage> zul, openvswitch -> CA - OK
<jamespage> zul, ack on libvirt
<hallyn_> smoser: we've never agreed on a sufficiently distro-generic solution.  In the end (in another thread iirc) people agreed they should do it manually for now.  For example have lxc.mount.entry bind-mount a file or dir into the container which userspace in the container updates when it is read
<hallyn_> smoser: i can mail you an mbox with most of that thread for easier perusal than the web interface
<hallyn_> (i hate the sf mail archive interface)
<smoser> hallyn_, nah. no worries.
<smoser> one comment i have i sthat it seems *very* simlar to the qemu-agent
<smoser> in overall goal / function / usefulness
<smoser> it'd be very good if a solution could be made that utilized that
<hallyn_> do you use qemu-ga?
<hallyn_> it's not too far from what i'm suggesting.  we bind-mount a file or a socket into the container so that the container can update it.
<zul> jamespage:  looking at the qa report greenlet is at ubuntu2 in the ppa but ubuntu1 is in the ca
<jamespage> zul, is ok in the staging PPA
<zul> jamespage:  i think so
<jamespage> its*
<jamespage> zul, yeah - I did the update in ubuntu so I pushed to the staging ppa as well
<zul> jamespage:  ack
<hallyn_> smoser: http://www.securityfocus.com/bid/61388  QEMU Guest Agent CVE-2013-2231 Local Privilege Escalation Vulnerability
<uvirtbot> hallyn_: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2231)
 * hallyn_ dives deeper to make sure i'ts not a fundamental design issue
<smoser> hallyn_, nice. :)
<hallyn_> yeah no so qemu-ga wants to provide full QMP access.  i really don't think we want anything like that.  just a 'done booted' status update, maybe a few more like that (maybe a free-form text field)
<hallyn_> that's all you want right?
<smoser> hallyn_, i really dont care about a silly 'booted'
<hallyn_> then what do you care about?
<hallyn_> i'm sure it's not "silly"
<smoser> if you're going to create a communication pipe, then you should create a communication pipe.
<hallyn_> to what end
<hallyn_> hm, http://www.securiteam.com/securitynews/5DP2Y2KAWA.html seems to be a different one
<smoser> people want such things. i'm not sure why.
<smoser> but generally, it seems like a useful thing
<smoser> but doing a one way pipe seems not that useful to me.
<hallyn_> to what end, when you can just lxc-attach into the container
<hallyn_> well, two-way pipe, maybe.  having guest send requests for action to host, i dno't think so
<smoser> those actions can be ignored.
<smoser> the pipe is the big thing really.
<hallyn_> yeah sure if the host is functioning perfectly
<hallyn_> or, "always ignored"?  ok :)
<smoser> and qemu-ga is trying to have some communication protocol over a generic pipe
<smoser> thats what i think is sane.
<hallyn_> i'm not opposed, once we have specific examples of needs.  so far,
<smoser> i dont have strong feelings here. but i dont think that doing a little one way status pipe is particularly useful.
<hallyn_> we've had several requests for 'done booting' message - from different ppl at different times.
<hallyn_> and that's all we've ever gotten that i can recall
<smoser> yeah.
<smoser> i just saw the discussion and thought it was interesting.
<smoser> openstack basically has this same desire
<smoser> in the end its very guest dependent.
<smoser> thus my desire for some standard communication protocol
<smoser> over a hypervisor specific bi-directional socket
<hallyn_> right, so you want lxc to provide what qemu provides so guests can be hypervisor independent
<hallyn_> i'm not opposed to that, i just need more specific examples :)  nova uses something like that?
<hallyn_> could cloud-init use it by chance?
<smoser> nova does not use anything like this yet.
<smoser> the only usecase that i can ever actually come up with where the guest would need such a thing is "snapshot"
<smoser> ie, where guest would freeze its filesystem, and then ask the host to snapshot it, and then unfreeze.
<smoser> to ensure consistent.
<smoser> i figure at some point nova will end up with something like this.
<smoser> and at that point i would like a generic guest agent (or at least generic communication protoco)
<smoser> and at that point i'd like our images to have a agent, and i'd like for them to "just work" to do the same generic stuff on lxc as on openstack
<smoser> :)
<jamespage> zul, I ready backported ceph - http://people.canonical.com/~jamespage/ca/
<jamespage> but I've not uploaded yet
<zul> jamespage:  +1, im just doing build testing here
<Hakameda> Aynone that could help me with a script for running a minecraft server. Specfically it will load from a hardrive to a ramdisk, Run, The when its done save to a hardrive before exiting. I'm making some sort of silly mistake no doubt in the script
<RoyK> Hakameda: you shouldn't need a ramdisk - linux does good caching as it is, and with a ramdisk, you'll lose it all if the system goes down
<Hakameda> It's just an old server, Trying to run a 121 Mods on it. Figured may get some extra out of it with a ram disk. The script does a save and a backup on intervals as well
<RoyK> Hakameda: linux should do this caching for you automatically
<Hakameda> So if we did set it up, It most likely wouldn't help? Still new to using it. Lots to learn
<RoyK> well, it would help, but if you just use a normal disk, linux will cache whatever most used and keep that in RAM
<Hakameda> We had it set up and running without the ram disk, It was getting massive lag spikes when it came to world generation
<RoyK> oh, ic
<RoyK> perhaps an SSD would do better?  ;)
<Hakameda> I guess worst case remove some mods but that does take away the fun haha. Upgrading hardware just wasn't an option atm
<RoyK> it's true that linux' caching won't help much for writes
<RoyK> ext4 supports delayed writes, and that would help a bit, but not a whole lot
<RoyK> which filesystem are you using?
<mardraum> how much ram are you giving to minecraft
<Hakameda> I used just the default install, The server just runs TS3 and now this MC Server
<Hakameda> It's getting 2GB
<mardraum> 2GB is fine for a lightly loaded minecraft server, try it without your mods and it shoudl run ok
<Hakameda> I can run it with 2GB on Windows and it does fine, But it just stutters when trying to do it on the ubuntu server. The mods is the whole reason for the server =)
<mardraum> so you try it on windows with identical mods and no other services on the same hardware and internet connection and it works fine?
<Hakameda> Yes, I first ran it from Windows. Thought i could get more preformance by using an Ubuntu Server
<mardraum> looks like you can't hey
<mardraum> if, as you say, all is equal on each side, then perhaps your mods are better optimised to run under the windows java implementation
<RoyK> Hakameda: is this with oracle java or openjdk?
 * LargePrime runs a Tekkit Classic server with 100 people that never uses over 1GB
<Hakameda> Royk: openjdk
<mardraum> LargePrime: 100 simultaneous on 1GB?
<LargePrime> are the mods using mysql?
<LargePrime> ya
<LargePrime> mardraum: ya
<LargePrime> mcpc+ for the win
<mardraum> is it public?
<LargePrime> well an old spigot build
<LargePrime> ya, and cracked
<Hakameda> The one im doing is 120 Mods, Specfically Its FTB Unleashed + Gregtech and some other smaller mods
<LargePrime> FTB and greg is very heavy and laggy
<mardraum> you run a cracked minecraft server for 100 people on 1GB of ram
<LargePrime> i dont know why
<LargePrime> mardraum:  no, it has 3GB, but never uses over 1GB
<Hakameda> Its only the world generation thats causing grief, I tried to grab Nallar's Tickthreading but the jenkins for it was down when i last checked
<LargePrime> mardraum:  so sorts?
<mardraum> is it because you all stand around the same area be dickheads?
<mardraum> being*
<LargePrime> mardraum: I object!  we dont have to stand around together to be dickheads
<LargePrime> we can be dickheads apart
<Hakameda> Only trying to run a 4 person server too
<LargePrime> I got a World border at 3000 blocks
<LargePrime> Hakameda:  I also have a FTB server, ultimate and 1.4.7.  it has 8 people and no server lag, and get tonns of client lag
<LargePrime> and it makes no sence to me
<Hakameda> I don't get client lag, Its Worldgen Lag. Block Lag.
<zul> jamespage:  looks like flask needs python-itsdangerous
<LargePrime> hak, does it cause ticl lag?  like does /lag show a drop?
<LargePrime> ticl=tick
<Hakameda> When new chunks are generated, It does cause Tick lag
<LargePrime> you can pregen all the chunks
<LargePrime> with worldguard?
<Hakameda> So says cofh tps, As i can't download tickthreading atm
<Hakameda> The jenkins is down
<LargePrime> you run MCPC+
<LargePrime> ?
<Hakameda> Nope, No need its a private. I thought the plugins would be extra strain that i didn't need
<jamespage> zul, hrm - yes
<jamespage> zul, I thought I uploaded to saucy already?
<jamespage> nope
<jamespage> zul, in which case yes we do need to include python-itsdangerous
<LargePrime> MCPC+ is also lighter and faster
<jamespage> sorry - I must have missed that
<LargePrime> i recommend
<LargePrime> you dont HAVE to run the plugins
<Hakameda> MCPC+ itself would be another larger mod to add
<zul> jamespage:  for the CA
<jamespage> zul, yep
<jamespage> ceilometer uses entry points so everything #explodes unless deps line up!
<LargePrime> CAn I ask a mysql silly noob question?  I want to move all my mysql stuff to /home cause need room.  can i just move it all and symlink /var/lib/mysql to the dir?
<LargePrime> and restart?
<LargePrime> or is that stupid
<LargePrime> was it something i said?
<zul> jamespage:  also python-pbr will be need to built before the clients and swift as well
<jamespage> zul, why?
<jamespage> if so please version the build dependency
<jamespage> otherwise things get complicated...
<zul> jamespage:  otherwise ftbfs because a newer pbr is required
<jamespage> zul, OK _ so version the BD
<zul> jamespage:  ack
<jamespage> that way it gets a dep-wait rather than fud
<jamespage> and things just sort themselves out
<zul> http://people.canonical.com/~chucks/ca
<Siebjee> Does some one know the new IRC channel of Canonical, or has a phone numer of the sales department ?
<arosales> smoser, fyi you are on the hook for todays ubuntu server meeting
<arosales> https://wiki.ubuntu.com/ServerTeam/Meeting
<smoser> oh joy.
<smoser> Siebjee, what are you looking for help with ?
<Siebjee> Support Sales
<smoser> there isn't a cnaonical support irc channel
<Siebjee> #canonical has been moved, and the link they have in the irc channel no one has permissions to view it :)
<smoser> Siebjee, http://www.ubuntu.com/about/contact-us/form
<smoser> i think the reason for the move was that '#canonical' was an internal canonical channel, which is now moved to an internal server.
<zul> jamespage:  https://code.launchpad.net/~zulcss/python-ceilometerclient/pbr/+merge/181079
<smoser> but you should be able to use that web form. above.
<Siebjee> smoser, already filled it in 2 days ago. However, i need to have a chat with them like yesterday. Was hoping to speak to them sooner before they contact me
<zul> jamespage/roaksoax: https://code.launchpad.net/~zulcss/python-novaclient/pbr/+merge/181080
<Pici> Siebjee: The "Our Address" section of this page has phone numbers: http://www.canonical.com/about-canonical/contact
<Siebjee> Pici, already tried. They aint redirecting my call correctly.. All of them seem to be out of the office :x
<zul> jamespage/roaksoax: https://code.launchpad.net/~zulcss/python-cinderclient/pbr/+merge/181082
<jamespage> zul, +1 +1
<jamespage> cinderclient - not sure - do you still need to drop all the patches?
<jamespage> zul, for reference - https://code.launchpad.net/~james-page/python-cinderclient/drop-patches/+merge/180230
<jamespage> that was a trunk fix
<jamespage> zul, oh - a btw flash looks like its creating issues in ceilometer
<zul> flask you mean?
<smoser> for anyone reading backscroll, i got Siebjee hooked up.  Sorry that was difficult.
<jamespage> zul: https://bugs.launchpad.net/ceilometer/+bug/1212851
<uvirtbot> Launchpad bug 1212851 in ceilometer "iso8601 date parsing test failures (maybe with flask 0.10.1 )" [Undecided,New]
<jamespage> zul; yeah- I do mean that
<zul> iso8601 im gonig to get rid of iso8601 last update according to pypi was 2007
<rbasak> zul: what do you mean by get rid of it?
<zul> rbasak:  replace it with dateutil
<rbasak>  ValueError: Unable to parse date string u'Mon, 27 Aug 2012 07:00:00 GMT'
<rbasak> That's not an iso8601 formatted date anyway
<rbasak> Anyway my concern was just that I use python-iso8601 in other stuff. No comment on the ceilometer bug.
<Patrickdk> people use iso dates? other than mysql?
<ogra_> Patrickdk, yes, 99% of the world use iso dates
<arosales> smoser, thanks for following up with Siebjee
<Arrick> hey all, I am trying to get cron jobs to run on ubuntu 12.04 LTS... every time I try to run it, it tells me cron is not running.... how do I get it to run?
<rbasak> !details | Arrick
<ubottu> Arrick: Please give us full details. For example: "I have a problem with ..., I'm running Ubuntu version .... When I try to do ..., I get the following output: ..., but I expected it to do ..."
<rbasak> Please define "every time I try to run it", paste the actual output, not your interpretation of what it says, etc.
<Arrick> I am trying to get a cron.php script to run every 5 minutes, and I have used crontab -e to put in this minus quotes "*/5 * * * * /usr/bin/php /path/to/cron.php" .... If I try to run the cron.php file using "php /path/to/cron.php" it runs fine... I also have a cron_watcher.php in the same directory that */15 * * * * /usr/bin/php /path/to/cron.php" is supposed to run every 15 minutes.... when I run it manually, it reports "Cron is not running".
<Arrick> I am using ubuntu server 12.04 LTS, which is running "Totara LMS"... I need to setup the cron job for the updates, etc.
<Arrick> so... my question is "how do I get Cron running?"
<Pici> Arrick: What do you mean by "when I run it manually, it reports "Cron is not running""? What exactly are you typing in?
<Arrick> I am typing in php  /path/to/cron_watcher.php
<Arrick> which reports if cron is running or not.
<Arrick> totara lms is basicaly a customized moodle install.
<ogra_> did you check your logs ?
<Arrick> I havent got a clue where to look.
<Pici> Does  service cron status   actually tell you that cron is running?
<ogra_> /var/log/syslog for a start
<Arrick> cron start/running, process 1152
<ogra_> so cron runs fine
<rbasak> Sounds like a problem or incompatibility with your cron_watcher.php. It might be better to try their community channel for help.
<Arrick> thats what i am starting to think now that I see what that said.
<rbasak> For cron.php itself, are you sure you're running the cron job as the correct user?
<rbasak> Also note that PATH may not match, since cron's default PATH is rather insane. It's documented in the manpage.
<Arrick> running it as root presently for testing, should be running properly.
<Arrick> im looking at the logs now
<Arrick> it looks like the cron.php is running now.
<hallyn_> smoser: good news is i've got snapshot dependency tracking working..
<smoser> nice.
<hallyn_> right now though i'm out for a walk and lunch - will post the patch later today
<arges> whats the difference between updated and outstanding merges?
<arges> oops, this was meant for -devel
<roasted_> hello friends
<roasted_> have any of you had success with having a server running root on an SSD
<roasted_> cause so far I've burnt out two SSDs running /
 * RoyK has
<roasted_> in a matter of 5 months
<roasted_> RoyK: do you have swap on your server
<roasted_> with the SSD on
<roasted_>  /
<RoyK> yes
<roasted_> why the snot did I have two fry
<roasted_> this is enraging me
<RoyK> but not much memory pressure - 8 gigs of ram
<roasted_> yeah - I have 4gb
<roasted_> I rarely hit half that
<roasted_> I don't think I'm going to bother putting an SSD back in this
<roasted_> I'm sick of this :/
<roasted_> plus I have no other SSDs to spare
<LargePrime> 2 ssd in 5 months, means all under warranty?
<LargePrime> ssd had a bad batch some while ago
<LargePrime> could be pure luck
<genii> Those Vertex 2 had issues
<genii> eg: They would hibernate and never wake up
<roasted_> these are Corsairs
<roasted_> V4 and M4
<roasted_> bought about 4 months apart
<LargePrime> you play with swappyness?
<genii> Hm. Looks like some of the Corsair same type of issue, according to http://forum.corsair.com/v3/showthread.php?t=96663   ( in this case they do a Windows regedit to disable powersave )
<roasted_> genii: I wonder if that's kind of a different issue, though...
<roasted_> genii: it'll run great for months, then the issue comes up again. Some people are saying, yeah been 24h running great...
<roasted_> on a brand new SSD, it was perfect from the get go for a long time, then out of no where, RO
 * genii sips and ponders.
<roasted_> I have some spare hdds. I just might throw one in and be done with it.
<roasted_> the main advantage with a server/ssd combo was less moving parts, so I figured it would last longer. But at this rate, screw that.
<roasted_> I didn't even have this many failures with seagate HDDs. :P
<roasted_> fortunately I tar /var and /etc nightly and rsync it to a 2nd server on my LAN, so I have backups of my configs. I can install ubuntu server, install some services, copy/paste, done in no time.
<roasted_> plus I have 5 160GB HDDs on the shelf... I might use one of them, pull a full disk image, and that way I have a full image + spare drives on the ready.
<LargePrime> while ssd's have less moving parts, they still are a newer tech.  so failures are bond to happen?  Are lower MTBFs expected with SSds?
<LargePrime> bound*
<roasted_> LargePrime: what gave me confidence about these SSDs is we have the same model SSDs running Linux on desktops at work...
<roasted_> there's been 1 or 2 failures, but there's like... 200? 300 systems?
<roasted_> been running all day every day (during school anyway, not on during summers or at night) for a year.
<LargePrime> so you are saying this was just luck
<roasted_> I swear by SSDs on my end user systems 10000X
<roasted_> what I'm wondering is if an SSD in a *server* plays a different role that is working against me.
<LargePrime> cant see it
<LargePrime> smart have any help for you?
<roasted_> I ran smart against the last drive - it was definitely toast. I'll run it against this one quick...
<roasted_> if I can remember the command...
<roasted_> I didn't instal smartmontools, and it's refusing to let me install right now due to the fact it's hosed.
<LargePrime> lol
<roasted_> I'll pull the drive and USB bridge it into my laptop and scan it. That's waht I did last time.
<roasted_> this SSD has only been 'live' for... 3 weeks? a month?
<roasted_> long enough for me to fine tune it, at the very least.
<roasted_> ironically I was going to take it down this weekend and pull an image of it since it's *finally* where I want it. derp.
<LargePrime> that seems right.  if they fail, typically, they fail fast
<roasted_> at any rate, it's not the image that matters most to me. Waht matters most to me are the configs.
<roasted_> and I have a nettop running ubuntu server on my LAN too... I rsync configs to it nightly.
<roasted_> so I can have all of my services running as quickly as I can nano into each config and paste the contents in
<roasted_> can you run / on a pair of mdadm RAID'd drives?
<roasted_> I run mdadm on my data drives in a mirror, but I never tried to run mdadm on a software RAID'd drive.
<roasted_> bad idea, perhaps? good idea? eh...
<Patrickdk> it's ok, but you must configure it correctly
<Patrickdk> or it won't boot
<roasted_> maybe I'll just stick to a single drive for /
<roasted_> and rely on image backups and my nightly config backups
<roasted_> the data is what maters most, and that's backed up and on a mirrored array anyway, so... I just want to avoid having to redo the OS drive as much as possible as its a real pain
<sidnei> genii: i had issues with Vertex too, had to RMA it, when i got a replacement I sold it and got an intel one instead *wink*.
<roasted_> vertex is.... corsair?
<genii> roasted_: OCZ
<roasted_> ah
<roasted_> yeah I read about OCZ issues
<roasted_> hese are crucial
<roasted_> I think I said corsair earlier on accident.
<genii> I think there are more generalized problems with the Sandforce controller though, which is in models by many different manufacturers
<sarnold> (including new intel)
<Patrickdk> heh? pretty sure the sandforce issues where solved
<Patrickdk> many ssd's using them don't have issues
<Patrickdk> lots of them using it, doesh ave issues
#ubuntu-server 2013-08-21
<adam_g> jamespage, http://people.canonical.com/~agandelman/ca/grizzly/python-eventlet-0.12.1-0ubuntu1.1~cloud0/
<adam_g> zul, ^
<zul> adam_g: +1
<adam_g> jamespage, also, i guess i broke the script last time i fixed it :) https://code.launchpad.net/~gandelman-a/cloud-archive-utils/better_version_query/+merge/181184
<adam_g> zul, thanks
<xibalba> ah very nice to find this
<xibalba> trying my hand w/LVM for the first time, gernerally have avoided it
<xibalba> i hot-added a 2nd disk to my system, but i'm not seeing /dev/sdb
<sarnold> xibalba: check dmesg | tail, the kernel might pick a different name..
<xibalba> ah i grepped for sdb
<xibalba> checking
<xibalba> doesnt appear to have shown up yet
<xibalba> virtual machine btw, not that it makes much difference
<xibalba> it should show up as a /dev/sd* though
<xibalba> right?
<sarnold> xibalba: maybe /dev/virtio*? I'm not positive there..
<xibalba> hmm i think that'd be for KVM, though I will check. This is a vmware guest
<xibalba> rebooting to see if it pulls it in, though it shouldn't require a reboot
<xibalba> yeah now it shows, drats
<xibalba> so i want to expand my / volume onto /dev/sdb
<xibalba> k i need to part it first
<josePhoenix> PostgreSQL 9.1 on 12.04 insists on installing with default encoding LATIN1. What magic locale incantation do I need?
<josePhoenix> I've done update-locale en_US.UTF-8
<josePhoenix> or LANG=en_US.UTF-8 rather
<xibalba> so when adding a 2nd disk to my LVM
<xibalba> do i need to make another logical volume for it?
<xibalba> how do i instruct lvcreate to use the whole disk
<sarnold> josePhoenix: this thread may be helpful: https://lists.ubuntu.com/archives/ubuntu-devel/2013-June/037216.html
<josePhoenix> thanks
<josePhoenix> sarnold: the thing is, I'm not seeing template1 with SQL_ASCII... or UTF-8
<josePhoenix> I'm not sure where it's picking up LATIN1
<josePhoenix> /etc/default/locale and /var/lib/locales/supported.d/local both reflect my choice of en_US.UTF-8 so I'm flummoxed :\
<sarnold> josePhoenix: if you can apt-get purge postgresql and then re-install, that _might_ be a help. At least, that's how I'm reading this...
<sarnold> josePhoenix: it looks like it uses whatever locale was in place for the process that starts the install
<sarnold> josePhoenix: or, apparently, set the locale per-database in postgres once it's running?
<josePhoenix> I have done the purge and reinstall thing a couple of times after trying different ways to set the locale for dpkg
<josePhoenix> or apt-get rather
<josePhoenix> looks like I can create a UTF-8 db off template0?
<sarnold> josePhoenix: ooh, how about /etc/postgresql/version/cluster/environment  ?
<josePhoenix> doesn't exist on here
<xibalba> any LVM experts here?
<josePhoenix> ah, sorry
<josePhoenix> no, I think template0/template1 are created at the same time that file is written :\
<sarnold> josePhoenix: hey! comment #12: https://bugs.launchpad.net/ubuntu/+source/postgresql-common/+bug/969462
<uvirtbot> Launchpad bug 969462 in postgresql-common "fails to start after install if invalid locale is set" [Low,Fix released]
<sarnold> josePhoenix: turns out nearly everything pitti said in that mail thread is incorrect now. sorry.
<josePhoenix> haha
<josePhoenix> no worrie
<josePhoenix> s
<sarnold> josePhoenix: so, I guess check /etc/environment and make sure that doesn't override /etc/default/locale, or the other way around..
<xibalba> how do i grow the LVM after doing a lvextend ubuntu /dev/ubuntu/root
<josePhoenix> oy vey
<sarnold> josePhoenix: oh. that's unstable. debian unstable. wonder if that's made it to ubuntu yet? sheesh, maybe it's time for me to be done for the night. :)
<josePhoenix> well thanks for helping me look into this
<josePhoenix> it looks like some kind of voodoo no matter how you slice it :\
<xibalba> i used resize2fs /dev/ubuntu/root 8G
<xibalba> but its telling me on-line resizing required
<josePhoenix> Maybe I need to actually reboot for locale changes to take effect?
<josePhoenix> That would not work if I'm trying to do this in a vagrant provisioning script :\
<sarnold> josePhoenix: that'd be unfortunate but possible :(
<josePhoenix> well, worth checking at least
<sarnold> josePhoenix: you could probably set the locale in a preseed file
<sarnold> xibalba: did you resizefs before or after growing the physical space available?
<xibalba> i extended it to a 2nd disk
<josePhoenix> I'm not even sure how I'd do that :)
<xibalba> i just figured out one piece
<xibalba> did a lvresize -L +8GB /dev/ubuntu/root
<xibalba> was resized successfully, now need to grow the FS
<josePhoenix> If it'd require making a new box, I might as well override the locale on this db and call it a day
<sarnold> xibalba: aha; you can't resize filesystems that are mounted read-write, only read-only, and .. I'm not even sure which ones you can re-size online while mounted read-only...
<xibalba> so it said "extending logical volume root to 23.24GB"
<xibalba> oh damn i thought LVM can resize online
<xibalba> well i guess it can but not the filesystem
<sarnold> josePhoenix: sounds fair to me..
<sarnold> xibalba: that's my understanding
<xibalba> fuckin a, windows can do it! =P
<sarnold>        assuming the kernel supports on-line resizing.  (As of this
<sarnold>        writing, the Linux 2.6 kernel supports on-line resize for
<sarnold>        filesystems mounted using ext3 and ext4.).
<sarnold> xibalba: looks like i was wrong. :D
<xibalba> hmm, but how is the grand question
<xibalba> resize2fs -p /dev/ubuntu/root 8G isn't working for me
<xibalba> just says on-line resizing required, can't find that mentnioned in the man page
<xibalba> mentioned*
<xibalba> running 3.2.0-29
 * xibalba hmmms loudly
<sarnold> xibalba: how about just "resize2fs /dev/ubuntu/root" ?
<xibalba> oh
<xibalba> well how aobut that
<xibalba> thanks buddy
 * xibalba sends sarnold a virtual high five
<sarnold> woo!
<sarnold> xibalba: darn. now I wish I'd suggested trying without the 8G and then again without the -p.
<sarnold> which one was it? now we'll never know..
<xibalba> without the -p for whatever reason
<xibalba> this is going to be sweet, not i can through this into a bash script w/vmware customization
<xibalba> and call the PREINIT portion of the customization, and resize the disks for my dingleberry devs on the fly
<xibalba> w/out their bitching and moaning about having to do anything sysadmin related
<xibalba> time for food, bbl
<josePhoenix> sarnold: well, it wasn't pretty, but I just overrode every locale setting I could when creating the db and that seems fine
<josePhoenix> thanks for your help :)
<xibalba> any gotchas or issues to be aware of when using LVM?
<xibalba> !lvm
<ubottu> Tips and tricks for RAID and LVM can be found on https://help.ubuntu.com/community/Installation/SoftwareRAID and http://www.tldp.org/HOWTO/LVM-HOWTO - For software RAID, see https://help.ubuntu.com/community/FakeRaidHowto
<Muny> Does anyone here know how I could proxy connections from a server with no firewall to a server with a firewall (unable to portforward)?
<jamespage> smb, hey - I have an openvswitch module built from upstream trunk with some fixes for 3.11 broadley working
<jamespage> but I'm getting a kernel oops when de-registering devices....
<smb> Would it be worth opening a bug for it. Usually its simpler to have all output and info together
<jamespage> smb, I'll append to the existing bug report
<jamespage> smb, my plan is to fix this in upstream trunk then backport the required commits for our package
<smb> jamespage, Ok, and remind me of its number. Right, Oh and maybe a place to have your copy of upstream trunk to look at.
<jamespage> smb, sure
<jamespage> smb, https://bugs.launchpad.net/ubuntu/+source/openvswitch/+bug/1213879
<uvirtbot> Launchpad bug 1213879 in openvswitch "kernel fault ovs 1.10.1 + linux 3.11" [Critical,New]
<jamespage> smb, I have an inkling as to where the problem is
<smb> jamespage, Well crashing on removal usually is some structures or resources used after free
<jamespage> smb, yeah
<jamespage> smb, its a WARN_ON
<jamespage> rather than BUG_ON
<smb> Oh, ok not as drastic as I thought then
<jamespage> smb, ovs uses its own workqueue implementation
<jamespage> smb, I'm wondering whether is something racey going on between the ovs workqueue and the main system_wq
<smb> jamespage, hm, i'd need to look closer at the code and the error/warning
<smb> Of course I find that any level of my machinery may get updated before proceeding
<webwurst> hi! i have an ubuntu-cloud-image configured and running fine with qemu via cloud-localds. but booting lasts quite long when i don't provide the second disk with the cloud-init data. do i have to provide this disk all the time?
<ivoks> webwurst: cloud images usually look for cloud-init (userdata) data
<ivoks> webwurst: if they can't find it, they keep trying really hard for 2 minutes
<ivoks> then they give up
<webwurst> ivoks: is it possible to change this behavior after i have configured my image?
<ivoks> well, you can edit the image and remove cloud-init upstart jobs
<ivoks> but, what's the point of using cloud image then?
<ivoks> how would you loing into that machine then?
<ivoks> log in
 * ivoks needs coffee
<webwurst> ivoks: it seems i can log in via ssh without cloud-init-userdata. after i started once with the data provided..
<xkernel> whats the most secure IRC application server?
<ivoks> webwurst: oh, so you initially start with cloud-init, and then want to disable it?
<webwurst> ivoks: i just want to have stand-alone virtual ubuntu image with easy and fast setup. cloud-init seemed to be fine for that. will try to disable cloud-init upstart and see if it works for me
<webwurst> ivoks: yes :)
<ivoks> webwurst: in that case, after first boot, just disable cloud-init upstart jobs
<jamespage> smb, OK - so I tried my patch against the 1.12 branch and I don't see that kernel warning when running the test with 3.11
<jamespage> smb, hmm- might consider a version jump to support 3.11 - its late but 1.12 is much closer to supporting this that 1.10
<smb> jamespage, *sigh* and I still wait on the update of my VM... But agreed if 1.12 is actually already released upstream, it might be worthwhile to jump there
<jamespage> smb, yeah - gonna ask about status of 1.12
<jamespage> it might just be a dev branch
<smb> jamespage, Yes as there seems not to be a tag of same name, but neither there would be for a 1.11
<jamespage> smb, no tags - branch-1.12
<jamespage> smb, I queired upstream anyway
<smb> jamespage, Yes, that was what I tried to say. :) Sounds good
<jamespage> smb, I'll prepare a package update to 1.12 on the assumption that even if we go with a snapshot, its a better place than we are right now with 1.10 on 3.11 kernel
<jamespage> thats OK
<smb> Yeah, at least this does not seem to cause warning/issues in your testing.
<jamespage> smb, lp:~james-page/ubuntu/saucy/openvswitch/1.12-snapshot if you want to try it
<smb> jamespage, I can look at compile and load/unload. Not making much use of it normally for what I do
<jamespage> smb, the package contains dep-8 tests that exercise the module - see debian/test/openflow
<zul> jamespage:  erm adt failures?
<smb> jamespage, Ah ok, will do
<jamespage> zul, I just saw a heat one - importing yaml? wtf
<zul> *boggle*
<jamespage> zul,
<jamespage>     import simplejson as json
<jamespage> ValueError: bad marshal data (unknown type code)
<jamespage> that sounds like a fundamental problem with simplejson to me
<jamespage> all on amd64
<zul> ummmm..
<jamespage> ivoks - whats up with the horizon packaging?
<jamespage> context - bug 1210253
<uvirtbot> Launchpad bug 1210253 in cloud-archive "With Havana 2 installed, Launching horizon UI results in the error " NameError: name 'Dashboard' is not defined"" [Undecided,Confirmed] https://launchpad.net/bugs/1210253
<jamespage> rbasak, hallyn_, zul, roaksoax, adam_g: if any of you have time I'd appreciate it if you could test bug 1213021
<uvirtbot> Launchpad bug 1213021 in openvswitch-lts-raring "[SRU] openvswitch 1.4.0 not compatible with lts-raring HWE kernel" [High,Fix committed] https://launchpad.net/bugs/1213021
<jamespage> its in precise-proposed awaiting verification
<jamespage> I'm using it on one of my machines OK
<zul> uvirtbot: i would if i had the hardware :(
<uvirtbot> zul: Error: "i" is not a valid command.
<zul> jamespage:  i would if i had the hardware :(
<jamespage> zul, cloud instance?
<zul> jamespage:  good point
<smb> jamespage, Ok, so fwiw the 1.12 snapshot compiles, succeeds in compiling the dkms package, and runs those tests with the 1.12 userspace installed
<jamespage> smb, w00t!
<jamespage> smb, OK _ I'm just waiting from a statement back from upstream on 1.12 status and I'll upload...
<smb> ack
<jamespage> smb, the package still has two patches cherry picked from trunk
<jamespage> well one from trunk and the other is my 3.11 support patch  (not yet accepted!)
<smb> jamespage, I see. Ah yeah that one has the weird move of a hunk of code removed. The rest kinda looked like expected on a glance
<smb> jamespage, Hm, that comment about dom0 networking... Wonder whether that is always or only if allowing the xen scripts to configure bridges (which is one of those things deprecated but probably still possible)
<ivoks> jamespage: some files missing; zul is already on top of it
<disposable> i've been compiling my kernels for 12.04 since the original 3.2.0 one. However, as soon as I go above 3.8, i.e. 3.9 in this case, I only get black screen after grub (unless i manually specify vgamode). what changed after 3.8 kernel that i have to do this?
<disposable> same story for 3.10
<zul> jamespage/roaksoax: https://code.launchpad.net/~zulcss/horizon/1210253/+merge/181311
<jamespage> zul, +1'ed but still " 163. By zulcss@ubutu.com 7 minutes ago "
<jamespage> disposable, you know that Ubuntu supports the 3.5 and 3.8 kernels from quantal and raring on 12.04 as well right?
<zul> jamespage:  crappers ill fix that after
<jamespage> zul, fix that before you merge it
<jamespage> otherwise the commit will have wonky info
<zul> jamespage: k
<disposable> jamespage: yes, but the patches i need are only for 3.7 and 3.9.
<jamespage> disposable, are they bugs or features?
<jamespage> adam_g, hey - the ncc redux is installing the -agent packages for quantum plugin
<jamespage> it just need to install the -plugin package like it does for NVP
<jamespage> adam_g, also fwiw I think we should deprecate and ignore the quantum network configuration stuff
<jamespage> its awkward
<jamespage> maybe that should be policy
<disposable> jamespage: it doesn't matter (it's linux-vserver), i just need to understand why booting up 3.9 kernel with 'gfxmode $linux_gfx_mode' gives me black screen and works without it
<jamespage> disposable, try in #ubuntu-kernel
<disposable> jamespage: thanks, i didn't know such channel existed
<brendan-> anyone know the differences between libreadline6-dev & libreadline-gplv2-dev?
<brendan-> where did the gplv2 package come from?
<roaksoax> rbasak: howdy!
<roaksoax> rbasak: could you please verify this sru bug #1172966
<uvirtbot> Launchpad bug 1172966 in maas "SAY command in config.local.template breaks local boot on highbank" [High,Fix committed] https://launchpad.net/bugs/1172966
<rbasak> roaksoax: I don't have access to a highbank maas installation any more
<jamespage> zul, bah - samba snuck in a new bd from universe on the last merge I did
<roaksoax> rbasak: ack! thanks
<zul> jamespage:  oh?
<jamespage> libtevent-dev
<rbasak> roaksoax: I was going to ask matsubara but I can't find him. He used to manage the MAAS QA lab - not sure if he still does.
<roaksoax> rbasak: he does, but I think he is on vacation or something
<rbasak> Ah OK
<zul> jamespage:  gah..
<zul> jamespage:  want me to do a MIR
<jamespage> zul, samba includes an embedded version
<jamespage> just looking at why that is no longer enough
<zul> jamespage:  cool ok
<Daviey> jcastro: "Ubuntu Server Guide - LTS only ( Community )" might struggle for attendance with the clashes?
<jamespage> zul, yeah - might want to mir that
<Daviey> jcastro: If you could swap it with, say - Flavors Quality Assurance ( Community ).. I imagine you'll get better coverage
<zul> jamespage:  cool ill do it this afternoon
<jcastro> Daviey: sure, what day is it?
<jamespage> zul, thanks v much
<jamespage> zul, should be trivial as its a breakout of embedded code to a sep library
<jcastro> Daviey: ok I see it
<jcastro> I'll ask to swap it
<jamespage> so its technically already in main
<jcastro> Daviey: Done!
<Daviey> zul, jamespage, adam_g, We have a "Openstack steps for saucy" and a "openstack charm for saucy".. I think it made sense to have both for the last vUDS, but do you think there is enough content for both at this one?
<zul> Daviey:  im sure there is
<Daviey> Well, currently we are oversubscribed by one session.. If there is one session that can be cropped, that would be helpful.. Not not necessary if we use the 3rd room.
<jamespage> Daviey, I think we could squash into a single session
<Daviey> Yeah, that is what i was thinking..
<zul> i though vuds was wed thur friday
<zul> hallyn_:  ping
 * hallyn_ lays low
<hallyn_> zul: .
<zul> hallyn_:  can you run lxc-create with the template?
<hallyn_> what do you mean?
<zul> well say i have a config already and a fstab in my /var/lib/lxc/<container> and if i run lxc-create -n <container>  will it work?
<hallyn_> zul: you're wanting to run *just* the template then?
<zul> hallyn_:  right since i already have an image
<zul> mounted via loopback
<hallyn_> zul: the template is the thing that creates the rootfs (and fills in some config details like devices.allow).  If you alredy have both a config and a rootfs...  why do you need to lxc-create at all?
<zul> thats what i was thinking
<hallyn_> zul: is your config a full config?
<zul> hallyn_:  yeah its going to be
<hallyn_> then i guess just use what you've got :)
<zul> i intend to :)
<hallyn_> then what was your question?
<hallyn_> fg
<zul> hallyn_:  you already answered it
<hallyn_> zul: ok :)
<tgunr> I'm trying to install ubunto server 12.10 onto a VM, got it up and running but having network issues, can only ping from vm->host and host->vm and am forced to use the vmware workstation console. My thought is if I can see the VM I could login to it via ssh, alas sshd is not installed on the server. I now have the iso mounted at /mnt/cdrom but how does one install a package like sshd from the iso image?
<smoser> hallyn_, "I'm not sure.  It might be worth it for users.  But it's starting to sound like enough code that it might not be justified"
<smoser> i'm willing to accept that.
<smoser> rbasak's plan is to wrap lxc invocation, so we can put alias like things there.
<smoser> tgunr, sshd is not on the server cdrom
<smoser> 'apt-get install sshd'
<tgunr> can't do that, no network connection , see above
<tgunr> only from vm->host, host->vm
<smoser> get the sshd package to the host
<smoser> and scp it from the guest
<smoser> or fix your networking :)
<tgunr> I'm trying to, but working thru this workstation console is painful
<tgunr> can;t scp if no network
<tgunr> rather, can;t scp if no sshd on VM
<smoser> you said you can get to host
<tgunr> yes
<smoser> log into vm via console
<smoser> scp user@host:/tmp/*.deb .
<smoser> sudo dpkg -i *.deb
 * tgunr DOH!
 * tgunr is an idiot, thinking inside the box
<smoser> fwiw, your network is probably broken at the host level
<smoser> you've problably configured host only networking or something.
<tgunr> yeah, but where, ip forwarding on, but i see no new config on interfaces like i supposed would be there
<smoser> its a vmware config option
<smoser> i haven't touched that in years
<smoser> but there is a config.
<tgunr> hmm, ok, will look, thanks for tip
<tgunr> one would think that would kind of be up front as everything needs a network these days
<smoser> http://www.vmware.com/support/ws55/doc/ws_net_configurations_hostonly.html
<smoser> thats what i think you have ienabled.
<hallyn_> smoser: the longer answer is, i'm going to work on converting all commands to api right now and then re-vsiit
<plars> jamespage: around?
<plars> jamespage: I'm seeing what looks like https://bugs.launchpad.net/ubuntu/+source/ubuntu-meta/+bug/1125408 still on 12.04.3
<uvirtbot> Launchpad bug 1125408 in ubuntu-meta "12.04.2 minimal virtual install is oversized" [Undecided,New]
<plars> jamespage: except now the size is not fine, it's 741M after install, and the modules are eating 158M
<plars> jamespage: ah, wait, I'm remembering now... because there's no -virtual, that's why the module install footprint was still so large
<plars> jamespage: it does kind of raise the question of whether or not it makes sense to even have a minimal virtual install now though...
<TJ-> dnssec-tools for 13.10 seems to be broken when signing with NSEC3; donuts reports bad NSEC data
<TJ-> Any DNSSEC experts around to help point me in the direction to debug/fix it?
<tgunr> finally got network up on 12.10 server, now trying to install sshd so i can get out of console on workstation but alas, http://polymicro.clarify-it.com/d/q29maj  how do you install sshd?e
<sarnold> tgunr: does apt-get update run without error?
<tgunr> trying
<tgunr> YES! Thanks!
<sarnold> woo :)
<tgunr> i really need a nap
<TJ-> 13.10 server is looking quite stable for me so far; aside from this glitch with the DNSSEC tools
 * Patrickdk never cared for dnssec tools
<sidnei> smoser, hallyn_: seems there is a bug in daily lxc (maybe the ubuntu-cloud template?) that causes the container to end up with hostname 'ubuntu' when using with juju local provider?
<koolhead17> hello all
<hallyn_> sidnei: meaning 'lxc.utsname' in the container config says 'ubuntu' ?
<sidnei> hallyn_: nope, that's correct: lxc.utsname = sidnei-local-machine-8, but /etc/hostname ended up as ubuntu inside the container
<hallyn_> sidnei: can you put up a pastebin showing the basic commands juju does that i could use to reproduce?
<hallyn_> (setting up a saucy container with the ppa in which to test)
<sidnei> hallyn_: i suspect it is not doing anything to set up the hostname, let me see if i find the cloud-init config
<hallyn_> dinner, bbl
<sidnei> hallyn_: it's doing lxc-create -n ... -t ubuntu-cloud -f config-file -- --hostid -r precise --userdata (with https://pastebin.canonical.com/96192/)
<xibalba> i have a virtual machine, started with 8GB disk (testing, so dont ask me why so small)
<xibalba> i expanded it to 16GB, trying resize2fs now. doesn't seem to be expanding
<xibalba> did resize2fs /dev/sda1 8G
<sarnold> xibalba: hey, I thought you got that working last night?
<xibalba> i did with LVM
<xibalba> trying it w/out LVM now
<xibalba> =D
<sarnold> ah! :D
<sarnold> try again without the 8G? or try with 16G?
<xibalba> trying both, uno momento
<sarnold> or try spelling out $((16 * 1024))
<xibalba> you can login to my box if you want and screen w/me
<xibalba> oh nm i nated it
<sarnold> oh, $((16 * 1024 * 1024)) -- sigh I'm confusing my megabytes and gigabytes these days. just this morning I confused gigabytes and terabytes. sheeeesh.
<xibalba> HW or SW megabyte?!
<xibalba> =P
<xibalba> or a network megabyte
<sarnold> "network megabyte"? :)
<xibalba> how many bytes till your bit in the ass
<xibalba> yeah in networking we use 1,000 like hardware/HDD guys
<xibalba> hang on ill move thit o my EXT network
<xibalba> sarnold, hop in
<xibalba> k i see you
<xibalba> sarnold, fdisk shows 17.2
<xibalba> size shows that its option
<xibalba> oh f me
<xibalba> i didn't fdisk that shit
<xibalba> i dont think this is the route i want to go sarnold as it appears i can't do this while the system is live
<xibalba> Resizing single physical partition to occupy entire drive space is done using fdisk by first deleting your existing patition and then recreating it with EXACTLY SAME STARTING SECTOR NUMBER.
<xibalba> not gonna work for me
<xibalba> alrighty
<xibalba> throwing that idea out
<xibalba> thanks sarnold
<sarnold> xibalba: aww. is using lvm a suitable answer?
<xibalba> yea it is fine, just wanted to try the way i'm more use to which is non-LVM
<xibalba> lvm is fine though
#ubuntu-server 2013-08-22
<hallyn_> smoser: your patch intorducing the ubuntu-cloud-prep hook removed code doing rm $rootfs/etc/hostname in the ubuntu-cloudtemplate, and didn't replace that anywhere
<hallyn_> smoser: when I re-add that, ubuntu-cloud containers get their correct hostname.  Otherwise, they are always called ubuntu, as sidnei found
<kantlivelong> ive got an interesting question maybe someone can help with.. i have an img of a single partition on a disk. is there a way i can make a partition table in a file and move the contents of the file into it? i basically wanna rebuild the disk as a file
<SpinningWheels> recent development. my ubuntu servers don't use the configuration in /etc/network/interfaces on bootup. i have to ifdown ifup the interface or restart networking service for the configuration to be used.
<sarnold> kantlivelong: why do you need the partition table?
<kantlivelong> sarnold: i wanna make it bootable in vmware/virtualbox
<kantlivelong> sarnold: so basically take a single partition dump made using dd
<kantlivelong> sarnold: then recreate the partition table and put it in
<kantlivelong> oh and i have a dump of the mbr too
<kantlivelong> my only idea is to make a blank file using dd and treat it as a block device, partition it w/ parted then copy it over.. i just dont know how to have it handled as a block dev
<sarnold> kantlivelong: if cfdisk or fdisk won't just work on a file, you can use a loop device to get there (man losetup)
<sarnold> kantlivelong: but before putting too much effort into this yourself, look at the qemu-img --help and manpage and see if it can get you there without having to do the dd dirty work yourself
<kantlivelong> sarnold: thanks :D didnt know of losetup
<sarnold> (or, if you can just re-dd the disk, dd the whole thing rather than just the one partition.. :)
<kantlivelong> sarnold: yeah theres alot of other partitions though :P its a multi boot system
<smoser> hallyn_, that was by design. that should'nt really be necessary.
<hallyn_> smoser: but it seems to be.  if i leave $rootfs/etc/hostname in place, it always is 'ubuntu' after starting the container
<hallyn_> if i remove it, it has the correct hostname after lxc-start
<MACscr> ok, i cant for the life of me get LXC to work with a normal bridge so that it gets an ip address from my routers dhcp server. Nat works great out of the box, but its not what i want =(
<MACscr> seems all the intructions i have tried not only work, but are somehow different than each other.  Shouldnt something like this be pretty basic and not require a bunch of workarounds?
<MACscr> also, should i use 12.04 or should i maybe use a newer version that might have better LXC support?
<kami> Good morning.
<kami> I have problems with NFS on a fresh install of 12.04.02.
<kami> In /etc/exports, I have '/export *(rw,async,no_root_squash,no_subtree_check)'
<kami> hosts.allow and hosts.deny are both empty
<kami> When I try to mount the share, I get http://paste.ubuntu.com/6013157/
<kami> or better: http://paste.lisp.org/display/138579
<kami> I wonder why it says "qword_eol: fflush failed: errno 2 (No such file or directory)"
<kami> There IS such a directory as ls shows.
<josephtacos> is the a new way to enable mod_rewrite in apache2.4.6? on ubuntu 13.10
<josephtacos> is the a new way to enable mod_rewrite in apache2.4.6? on ubuntu 13.10
<Quest> what choices do I have for type 1 virtualization and which one is better for installing  solaris and windows 2008 server r2 with multiple user access by remote computers (for both OS simultaneously)?
<jamespage> smb, OK - I now have a functional dkms module based on the 1.11 branch of openvswitch
<jamespage> only 12 patches to get to 3.11 support
<smb> so simple? :-P
<smb> jamespage, Do you want me to cross-check or are you just uploading it?
<jamespage> smb, review would be nice
<smb> jamespage, sure, just point me at the bzr branch
<jamespage> smb, lp:~james-page/ubuntu/saucy/openvswitch/snapshot-1.11
<smb> jamespage, k, looking
<smb> jamespage, Only patch 1 sounds a bit like it might rely on some kernel implementation without adding compat elements but maybe that is not true. The rest is a lot of churn to look at. So I just try how the dkms module compiles and works on S and P.
<jamespage> smb, I think thats a good idea!
<jamespage> smb, my cherry picking was based on having to pick the GRE restructuring patch to support 3.11 usage
<jamespage> otherwise I'd end up implementing a hacked compat patch for the piece
<smb> jamespage, Oh yes, that sounds plausible. From 0012 it looks like even more moved into upstream headers. And in theory the openvswitch source tries to have the compat layer. So it is quite possible that some of the later patches actually does that. Looked like gre files might have been pulled in. Just hard to decide on a patch by patch base
<jamespage> smb, it has - infact the upstream kernel module for openvswitch in 3.11 supports GRE
<jamespage> oh - I cc'ed you didn't I
<jamespage> doh!
<smb> jamespage, You may or may not. Have not looked into my inbox for a while
<jamespage> smb, yeah - upstream confirmed that was the case
<jamespage> support for VXLAN tunnelling should come in 3.12
<jamespage> smb, so hopefully we can ditch DKMS for 14.04 for openvswitch
<jamespage> that would be nice!
<smb> Heh, yep
<jamespage> smb, bah - I have a system I've been testing with used ovs on the primary nic
<jamespage> rmmod openvswitch was not a great idea over the network was it....
 * jamespage faceplants
<smb> Thats many systems to you. I also have often to be very careful about what I do where
<jamespage> smb, OK _ I'm testing with the 3.2 kernel in precise as well
<smb> jamespage, seems to have at least built in 3.2
<jamespage> smb, thats good
<jamespage> smb, just installing a 3.2 kernel on my precise system - normally run the hwe kernel
<smb> jamespage, Oh, hm, need to make sure this is the right kernel...
<jamespage> smb, well it built for 3.2
<jamespage> thats good
<smb> jamespage, Ok, yeah mine was a 3.2, too but one never can be sure
<smb> The openflow test ran successful too
<smb> jamespage, only the common part of loading unloading looks like it might suffer from upstart script problems
<jamespage> smb, oh yes
<jamespage> service openvswitch-switch force-reload-kmod
<jamespage> that don't work with my latest updates
<jamespage> smb, I'll update the tests
<jamespage> smb, OK - updated tests pushed
<smb> jamespage, Ok, that works on P
<jamespage> smb, I've submitted the patch for 3.11 upstream and asked whether the patchset for 1.11 branch might be accepted - I don't think its technically released as yet!
<smb> jamespage, Yeah I think we at least would have to wait for comments about the patchset from upstream. At least practical testing seemed good so far if that does not miss something
<jamespage> smb, I'm going todo a quick gre tunnel test
<smb> jamespage, Ok, I would try to go back finding any sanity in nested kvm
<jamespage> smb, thanks for your help
<jamespage> smb, GRE seems OK on 3.11 kernel but busted on 3.2
<jamespage> which is a bit of a problem as I want to backport this for the cloud archive
<smb> jamespage, Was that with only new dkms or userspace replaced too?
<jamespage> smb, just dkms
<smb> Hm, yeah that may get into trouble when the interfaces are different. :/
<jamespage> smb, oh - hold on
<jamespage> this might be something else interring with it on my precise machine
<jamespage> I'm using vlan package as well
 * jamespage tried on a different machine
<jamespage> smb, nope - its bust
 * jamespage debugs some more
<jamespage> probably something in the gre compat layer I suspect
<smb> jamespage, In some sense good that its not "just" some other dependency. I would suspect that some user-space facing part changed from their old implementation to those picked from the kernel.
<jamespage> smb, I'll see
<smb> Those are the cases where one wonders whether not the whole source should be pushed into older releases... Of course that will make any AA beat the foo out of me
<jamespage> smb, well for the cloud archive you will get the userspace tools as well
<jamespage> smb, rebuilding for precise now to see if that makes a difference
<jamespage> smb, I doubled checked the lts-raring dkms backport we are providing for 12.04.3 - that works OK with gre
<jamespage> and the 12.04 userspace tools
<smb> I would think that the raring version still had their old gre code
<jamespage> smb, hmm - interesting
<jamespage> needs new userspace tools
 * jamespage stops flapping
<jamespage> smb, hmm - bug in there somewhere - as soon as I do stateful TCP connections over GRE I pretty quickly kill the machine
<smb> jamespage, You mean even with Saucy and new tools? ... that would be bad
<jamespage> smb, yes
<jamespage> and I do mean that!
<smb> darn
<jamespage> smb, nothing in the kern.log
<smb> jamespage, If a VM reacts the same way and does not take down the host, maybe a dump can be taken
<smb> Though it seems 3.11 may have changed the dmesg format and crash has to play catch up
<jamespage> smb, VM do  the same thing
<jamespage> smb, OK - master of upstream with my 3.11 support enabled does not crash
<jamespage> so I'm either missing a fix or I broke the backport
<smb> Hm, neither particularly pleasant to find
<jamespage> smb, also native kernel module is OK
<jamespage> smb, so probably my backport - suspect I'm missing something
<jamespage> I think I see
<smb> Wished I could be a bit more helpful but I am not very good at multitasking :/
<Jeeves_Moss> I'm trying to recover e-mails that were orignally in a Dovecot server.  I was able to recover all but one's e-mails from .PST files on the local system.  I currently have the directory where the e-mail files were orignally, but I'm lost hot to make a simple install so I can install JUST those e-mails, so I can connect with outlook and pull them into Exchange.
<greppy> Jeeves_Moss: it may be simpler ( or harder ) than you think, if it was an IMAP server, you may be able to just convert from Maildir to Exchange, a google search may help you there.
<Jeeves_Moss> greppy, I think (if memory serves), I've tried that.  I'm going to try spinning up the VM, and uncompressing the 6Gb file to the drive
<Jeeves_Moss> greppy, if you're going to be around for a bit, I'd apericate any help you can offer
<plars> jamespage: I'm having trouble getting my maas to get as far as a juju deploy for the 12.04.3 testing. If you have a simple way to do it in your environment again, it would be nice to have that result filled in on the iso tracker
<jamespage> plars, sorry - I dont
<plars> jamespage: I'm getting further than before, but it's one of the last remaining things we need before release
<jamespage> plars, have you pinged matsubara?
<plars> jamespage: no, not yet
<plars> jamespage: doesn't seem to be on
<zetheroo> just was looking at this (http://www.serenux.com/2009/11/howto-fix-a-missing-eth0-adapter-after-moving-ubuntu-server-from-one-box-to-another/) since I am experiencing the same issue .... but I am wondering if there was any way to make it so that the disks can be removed from one host and placed into a backup host and not have to manually fix the MAC address issue .... !?
<TJ-> zetheroo: If you make /etc/udev/rules.d/70-persistent-net.rules "chmod o-w" (read-only) then "/lib/udev/write_net_rules" will not change it, instead writing the updated rules to /dev/null
<zetheroo> TJ-: would that allow a disk from host1 to be placed into host2, booted up and have network up and running?
<TJ-> zetheroo: If you prevent *any* rules ever being written to "/etc/udev/rules.d/70-persistent-net.rules"
<zetheroo> ok, and I can leave /etc/network/interfaces alone?
<TJ-> You could just make /lib/udev/write_net_rules non-executable, too
<TJ-> You could even add a custom rule that fires on the same triggers and blanks 70-persistent-net.rules if it detects that all the MACs are now different to those recorded
<TJ-> I have something similiar in an emergency USB flash drive so I can use it in multiple-interface servers (some have 10 i/fs) and it won't change assignments
<zetheroo> what would be the safest and simplest method in your opinion?
<TJ-> Well, if you know the HDD is going to move then prevent write_net_rules ever running from day 0. If not, and it has already written to 70-persistent-net.rules you've got to edit that file. So then you need to decide whether to do it manually, or have a udev script that will do it for you when/if ever needed
<zetheroo> we have 3 running servers and one redundant server - all 4 are identical hardware and software wise ...
<zetheroo> the idea is that in case a server dies we can simply remove the disks and place them into the redundant server and power it up without a hitch ...
<TJ-> Well it doesn't take much to manually edit the files, but if you want it automatic, you'll need to add a script to do it
<zetheroo> oh ok ... so just changing that files permissions to read-only would not do the trick ...
<TJ-> As I said, once it has been written to once you'll have to edit anyhow, so either you never let it be written to, or you must edit one way or another
<zetheroo> ok, so I removed the disk from a server and placed it into the redundant server ... booted up ... no eth0 interface is there ... if I comment out the SUBSYSTEM line in /etc/udev/rules.d/70-persistent-net.rules and then change it to read-only, then reboot the system, will that then work?
<Linuxx> @zetheroo: Do you see the interface with dmesg | grep eth?
<zul> jamespage/roaksoax: https://code.launchpad.net/~zulcss/neutron/usage-audit/+merge/181592
<jamespage> smb, \o/ I'm not exploding my test servers any more
<jamespage> needed one extra commit
<smb> Yay!
<TJ-> If a process being 'controlled' by system dbus-daemon fails, will that process restart with the same ownership as the dbus-daemon?
<zetheroo> ok, I tested the above and it worked great :)
<tgm4883> Does ubumirror actually work? I'm using almost a stock configuration and all I get is "Unexpected remote arg: archive.ubuntu.com::ubuntu/". This is on 12.04
<hallyn_> zul: saucy connecting to saucy using xen+ssh://serge@ip/ works with virsh, hangs with virt-manager  <shrug>  giving up on virt-manager for now
<zul> weird
<hallyn_> yeah
<smb> hallyn_, Does virsh connection hang with dumpxml 0
<hallyn_> smb: yeah, even locally
<hallyn_> virsh -c xen:/// empxml 0 or virsh -c xen:/// edit ubuntu both hang
<smb> hallyn_, then you must have a non-fixed version of libvirt
<hallyn_> presumably that's the cause of the virt-manager hang, makes sense
<hallyn_> smb: non-fixed?
<hallyn_> i've got 1.1.1-0ubuntu3
<smb> hallyn_, This should have been fixed in previous
<smb> versions
<zul> jamespage:  http://people.canonical.com/~chucks/ca/ (that should get us up to date with whats in the cloud archvie)
<smb> Hrm... And I thought the patch went into upstream at some point
<smb> zul, did the pull of 1.1.1 contain d7a45bf22368161869963b92a0a1d5599590fdf5 from upstream?
<smb> xen: Use internal interfaces in xenDomainUsedCpus
<zul> smb:  which one is that?
<zul> smb:  gitweb link?
<smb> zul, That would be the sha1 in upstream... :-P
<zul> smb:  lemme check
 * hallyn_ is d/ling the pkg source to check
<hallyn_> smb: no it's not in the pkg
<smb> hallyn_, Yes, seems this did come too late into upstream...
<hallyn_> smb: are there other patches I"ll need to push?
<smb> hallyn_, It is in upstream master, so just needs picking
<hallyn_> smb: yes, doing that.  but are there any ohters i'll need
<hallyn_> ok, building and testing :)
<hallyn_> thx smb
<smb> hallyn_, no, just had to drop ubuntu-xen-fix-api-deadlocks.patch in favour of the other but I suppose dropping happened
<smb> There are two patches I did not push upstream as they seemed rather depending on the way we have modified some things
<hallyn_> i don't see anything like 'fix api deadlocks' in git history
<smb> hallyn_, That was only the version we had in the package
<hallyn_> oh - in our package, gotcha
<smb> Right, and it had been evolving for the better anyway, so its kind of good it is gone but kinda bad the replacement did not make it into 1.1.1 upstream
<hallyn_> patch is still in the directory, but not listed in series
<hallyn_> ok, build is proceeding.  lessee
<smb> hallyn_, Oh, so you can remove it while you are at it
<hallyn_> yeah
<hallyn_> i can also look at the -maint tree which i think has a patch for us to push
<smb> hallyn_, feel free. I am outta here :)
<hallyn_> smb: \o
<hallyn_> smb: that fixed it, thanks!
<hallyn_> BUT!  I now want to test with all the v1.1.1-maint patches pushed.
<hallyn_> waiting for zul to get back so i can ask him to doublecheck :)
<FunnyLookinHat> Anyone here know why SSH claims it can't resolve a domain but host -a returns the correct A record for it?  I just created it on my DNS host a minute ago, but I'd assume that seeing it with host -a would mean it's queryable
<sgran> does it have an underscore in the name?
<sgran> host -a queries for an A record
<sgran> ping/ssh etc use a libc function that checks for validity of a hostname
<sgran> these often overlap, but don't need to
<hallyn_> smb: ppa:smb/xen seems to be working fine with libvirt
<explodes> When I log in, it shows the temperature in Celsius, how do I show it in Fahrenheit?
<sarnold> explodes: grep for 'sensors' in your /etc/update-motd.d/ -- if you find it, replace it with sensors -f
<explodes> sarnold: Nice, thanks.
<hallyn_> FunnyLookinHat: unlikely, but also conceivable that you have a .ssh/config entry for the domain which sets up a proxy, and the proxy doesn't actually know the host...
<FunnyLookinHat> hallyn_, got it figured out - thx :D
<hallyn_> ok
<K4k> Hi, perhaps this is a better place to ask my question since it's more server specific. I'm trying to configure postfix smtp/sasl with dovecot and I keep getting the following error: "warning: SASL authentication failure: unable to canonify user and get auxprops" but I'm unsure why. All documentation I've found seems to indicate I've got it all configured properly.
<sarnold> K4k: do you get better error messages if you look through log files?
<K4k> mail.log is telling me what I posted, nothing more useful unfortunately
<sarnold> oh, drat, I hoped that was a user-facing error message that glossed over details. :(
<K4k> my client connects and presents my server certificate, then prompts for my password
<K4k> Then tells me "SASL authentication failed"
<K4k> on the server side, the chain of events looks like this: http://pastebin.com/9nPUfTFK
<sarnold> K4k: your client presents the server cert? o_O
<K4k> my server is using a mismatched hostname self signed cert at the moment so the client says "Hey, this looks funny, do you want to proceed anyway"
<K4k> nothing weird
<sarnold> oh, it presents the cert to the user :) I thoght it was trying to handshake iwth the server's certificate..
<K4k> oh, haha, no
<K4k> Looks like Ubuntu runs postfix in a chroot which might be an issue...
<K4k> WOO! I think I fixed it
<K4k> it was a client side configuration issue
<K4k> I'm glad I'm not crazy
<sarnold> K4k: woo, what was it?
<K4k> my smtp_url line in my muttrc originally was user@example.com:587 and I saw in an example document that they didn't have the user@ portion so I took that out and it started working
<K4k> it's a little unsettling though because it now doesn't ask for my password to send email...
<K4k> so something is still not quite right
<adam_g> Daviey, jamespage http://people.canonical.com/~agandelman/ca/grizzly/2013.1.3/
<adam_g> ready for grizzly-proposed
<Daviey> adam_g: visibly, they look good.  Are you also uploading to raring?
<adam_g> Daviey, they're already in queue
<adam_g> Daviey, gonna push to grizzly-proposed unless you have any objections
#ubuntu-server 2013-08-23
<styol> Who loves connection resets? I know I do. I was curious if anyone might have any ideas on what this sort of connection reset pattern might suggest: http://pastie.org/private/ikgecg5y7yjg7zvfxg8uww
<styol> I don't particularly get the back and forth nature of it, but I make have lots learn to. Yes, intentionally poor english.
<styol> perhaps a simple question: when [source] > [destination]: Flags [R] does that mean that the [source] caused the reset, or is it just acknowledging that [destination] attempted to write to a socket that was already closed?
<sarnold> styol: another option -- source might not have sent the reset at all, it could be sent by a router or firewall somewhere in the middle
<sarnold> styol: (it -could- also be sent by any other system, but they'd have to guess the sequence numbers; not that TCP is cryptographically strong, but it shouldn't be trivially bad either.)
<styol> sarnold: mmm I see. Packet loss couldn't related, could it? Basically the host is doing their best to refute that it might have anything to do with them
<styol> they were like, oh, seems the client is sending the RST. I monitored eth1 with the public network and was like, oh, yeah about 5% of the time
<sarnold> styol: it shouldn't be packetloss, TCP tries harder than that to keep connections alive :)
<styol> I realize it is apples and oranges, but the most common thing we've seen with abnormal amounts of resets is packet loss
<styol> the problem is this is beyond my expertise, though I am learning which is great and I love it, but still don't have a solid 'Aha! there is the issue` yet
<styol> at this point i would probably trade allowing someone watch me eat a bag of rocks if they were willing to check it out haha
<sarnold> styol: hrm. you know, it -might- be packet loss -- if the FIN packets aren't acknowledged quickly enough, the TCP timers on the host that sent the FIN will send another .. and another .. and if two FIN packets are delivered, the second one ought to generate an RST.
<sarnold> styol: note that the connections with [R.] all have window sizes of 115, the ones with just [R] have window sizes of 0. which strikes me as strange.
<styol> sarnold: good point regarding FIN, from what I've read regarding the what can cause a RST, that could indeed make sense
<styol> sarnold: that is a little odd. I hadn't noticed that. What is the significance of the period again?
<sarnold> styol: . means 'ACK'
<styol> sarnold: but.. wait huh. isn't this an RST? Or does R. means the RST was in response to an ACK?
<sarnold> styol: yes, it is an RST; the only real way to know what it is in response to would require widening the tcpdump to capture more data
<sarnold> styol: (don't forget, TCP packets can have multiple flags set at once)
<styol> sarnold: gotcha gotcha
<jamespage> smb, decided on a slight different course of action
<jamespage> smb, without the major GRE restructure the GRE feature in the dkms module is not going to be enabled on a 3.11 kernel
<jamespage> as the kernel has already registered a handler for the GRE protocol.
<jamespage> so
<jamespage> I'm going to say - if you want GRE - use the kernel openvswitch module
<jamespage> anything else - use the DKMS module
<jamespage> (NEWS added).
<Daviey> jamespage: What does this mean for HWE next cycle?  Doing the same as raring hwe?
<jamespage> Daviey, yeah
<smb> jamespage, I saw the mails. I am not sure how much openvswitch is used in openstack (and what features that requires), the other user would be LXC.
<Daviey> Standalone kvm is also a consumer
<smb> ok
<Daviey> Oh, and xen i suppose.
<Daviey> But i don't know if anyone has tried this with our xen
<smb> Daviey, Not that I would have knowingly used it
<jamespage> smb, Daviey: you still get all the options but
<jamespage> GRE -> native kernel module
<jamespage> VXLAN -> dkms module
<jamespage> its a little confusing and worthy of a release note
 * jamespage aims to kill the dkms module for 14.04
<jamespage> apparently vxlan will go native in kernel as well
<smb> jamespage, Just sounds like you cannot get both at the same time. Unfortunately upstream is so unsure about the new code.
<jamespage> smb, yeah
<jamespage> smb, I hacked on it again this morning and I can't get the GRE feature to register on 3.11
<jamespage> whichever way I try
<jamespage> I don't really understand why that is - it appears that even in 3.10 the gre demux'er registered the GRE protocol hander
<jamespage> and inet_add_protocol won't add a handler unless the existing entry is NULL
<smb> Hm, weird. Ok, the build of dkms may have succeeded by things not being exported. But as you say at least registering would have failed. Except maybe if back then they have added it without registering a protocol handler. But that also sounds unlikely
 * smb -> lunch+errands
<caribou> people, would it be considered insanity to introduce new kdump functionalities in the 14.04 (i.e. LTS) cycle ?
<caribou> I'm thinking of enabling networked kernel dump functionalities (i.e. sending the vmcore file to NFS or SSH)
<caribou> for instance, RHEL6 can send a kernel core dump to NFS or SSH remote host
<ikonia> caribou: netdump is available already
<caribou> ikonia: I don't know about ubuntu but it used to be notoriously broken
<ikonia> do you feel more is needed ?
<ikonia> it's always worked like a charm for me, I'm surprised to hear that
<caribou> ikonia: I must admit I never used it on Ubuntu/Debian
<ikonia> caribou: apologies for my lack of awareness of you as a person, do you work within the development team ?
<caribou> ikonia: the idea was to add this to the default kdump-tools functionality. But maybe netdump is sufficient
<ikonia> kdump-tools is a much more modern and "accepted" way, I'd much rather see kdump grow, however it depends on your desire for change
<caribou> ikonia: not in the development team, I'm part of Canonical's sustaining engineering team
<ikonia> caribou: that's why I was wondering if you "wanted" to look at change, or you where considering actually doing it
<Daviey> jamespage: RE: killing the module for 14.04.. I think that would be ideal.. we'd need to monitor advancements in upstream development, and balance that.. It might be that for the latest crack, people will want to use dkms.
<ikonia> caribou: I'd certainly like to see the kdump functionality grow, but I wouldn't be upset without as tools like netdump have served me well
<Daviey> I have NFI what latest advancements will come out in ovs in the next year.
<caribou> ikonia: I was more worried about introducing such a change in an LTS release
<Daviey> caribou: I think what yu are suggesting isn't full of crazy at all... but It would need discussion with the kernel team, smb ?
<ikonia> caribou: do you see it as a risk ? surly it's mininal
<caribou> ikonia: my idea would have been to work at the enhancement myself
<ikonia> caribou: I'd certainly welcome it and offer any support I can
<caribou> Daviey: kernel team has little to do with it; the dump happens in userspace
<caribou> ikonia: the major concern is network availability and apparently the network is already up when kdump-tools kicks in
<Daviey> caribou: Right, but they are much closer to this than us.. :)
<ikonia> caribou: that should be managable though with depends
<caribou> Daviey: well, my previous kdump-tool blueprint got more attention from the server team than anybody else
<ikonia> caribou: with good reason, the server team users are the ones who will benefit/be interested
<caribou> I also thought that it might be a "nice to have" in a cloud context where kernel dump could be sent to a single dedicated instance
<zetheroo> from one of our Ubuntu servers all hosts and gateway are pingable except for one 192.168.1.205 ... other hosts have no issue pinging that same IP or it's hostname ...
<Daviey> caribou: I noticed that makedumpfile, the source package for kdump-tools has been touched more by infinity than us.  Maybe worth discussing with him.. We'll be supportive where we can :)
<caribou> Daviey: just so you know, I co-maintain the makedumpfile package on Debian ;-)
<Daviey> caribou: Also, introducing a network service.. you may want the security team to have a brief look at your plan aswell.  That wasn't a consideration for when it was first MIR'd
<Daviey> caribou: Ah!  I didn't know that :)
<caribou> Daviey: this is why I asked about the LTS specifics; modifications would be introduced in Debian as well, but if it means waiting a full cycle to get it on a non-lts release, then it changes the timing
<Daviey> caribou: We aren't as polished as we should be for centralised logging :(
<caribou> Daviey: indeed, the network side will need some specific attention; I'll make a note of that
<Daviey> caribou: Hmm, I don't think what you are suggesting is inappropriate, personally
<caribou> Daviey: ok, I'll do some preliminary hacking to see what is involved and will comeback maybe for a 14.04 blueprint
<jamespage> smb, Daviey: uploaded ovs for saucy
 * jamespage puts virtual networking down for the rest of the day
<caribou> Daviey: ikonia: thanks for the comments
<ikonia> caribou: if I can offer some help, please let me know, as this would be a useful function for me.
<zetheroo> I have exported an nfs share with the options (rw,sync,no_subtree_check) and I can mount it on the host it's exported to, but when I try to do ls in the mount path I get "Permission Denied"
<ikonia> zetheroo: what's the permissions on the file system ?
<zetheroo> cd ..
<zetheroo> drwx--x--x  3 root root
<zetheroo> thats the permissions of the directory I am trying to share
<ikonia> zetheroo: so only root can see that
<ikonia> are you root on the server where it's mounted ?
<zetheroo> yes
<ikonia> really ?
<zetheroo> yep
<ikonia> can you do ls -la against it
<ikonia> (not in it, against it)
<zetheroo> on the host that is exporting?
<ikonia> no, where it's mounted
<zetheroo> drwx--x--x  3 root root
<ikonia> that's odd
<ikonia> does id confirm uid 0
<zetheroo> uid=0(root) gid=0(root) groups=0(root)
<ikonia> zetheroo: out of interest, on the host, change it to 775 say, can you then see it on the client ?
<zetheroo> yes
<zetheroo> change caries over
<ikonia> ok, so it is a legitimate permissions problem
<ikonia> seems odd though as you are the owner and the owner has full control,
<zetheroo> am I using the wrong options?
<zetheroo> this is my exports line: /mnt/neptune	mars(rw,sync,no_subtree_check)
<ikonia> I don't see why that would impact the user permissions
<zetheroo> fstab entry on the client: neptune:/mnt/neptune	/mnt/neptune	nfs	defaults	0 0
<ikonia> don't see why that would impact the permissions like that
<ikonia> seems a genuine problem
<zetheroo> ah ... I changed defaults to rw and now I can ls inside ...
<ikonia> why would that impact the file system permissions ?
<zetheroo> so now the line in fstab is: neptune:/mnt/neptune	/mnt/neptune	nfs	   rw	0 0
<zetheroo> I guess it was mounting it with option "defaults" ... which perhaps does not any perms ... !?
<ikonia> I don't see why that would matter though,
<ikonia> I'll have to do a little digging, this is curious
<zetheroo> ok, it;s not working on another system with just changing the fstab mount option ... so it seems that the chmod to 775 also needs to be done :P
<zetheroo> really odd ...
<jamespage> smb, w00t dep-8 tests passing again
<TJ-> zetheroo: Have you set an fsid on the root NFS share on the server? e.g.  "/srv         			10.254.0.0/16(rw,async,no_subtree_check,crossmnt,fsid=0)"
<TJ-> zetheroo: also, is NFSv3 or NFSv4?
<zetheroo> TJ-: I don't know what that even is so I guess not ...
<zetheroo> these are all identical systems which I just setup yesterday and today with identical Ubuntu Server 12.04.3
<TJ-> zetheroo: For that /etc/exports line I just posted, the clients have "10.254.251.1:/Library /home/all/Library nfs4 _netdev,auto,exec 0 0"
<zetheroo> usually nfs share work without a hitch and without any crazy configs etc ...
<zetheroo> so I could try adding the fsid=0 option?
<TJ-> zetheroo: Check what it does. It's if the F.S. doesn't have a UUID
<zetheroo> thanks!! fsid=0 seems to have done the trick :)
<caleress> hello guys, i have an upstart script that works on 12.04 and fails on 10.04, any ideas ?
<caleress> exec start-stop-daemon --start -c dev --exec /opt/dev/test.sh
<caleress> this is the script
<smoser> jamespage, Daviey would you find it appropriate / inappropriate for me to add a ubuntu-cloudimg-keyring to ubuntu-cloud-keyring source package ?
<smoser> i think as a separate binary package
<Daviey> smoser: ubuntu-cloud-keyring is such a trivial package, that i'd probably say make it a separate source
<Daviey> i don't think it makes it any easier to combine them
<smoser> fair.
<Daviey> smoser: If this is blocking, please let me know when it's in the queue and i'll review it as a priority
<jamespage> smoser, sounds OK to me
<smoser> jamespage, so this will end up in cloud archive
<jamespage> smoser, why? would it not be better in the main archive?
<smoser> it will be in the main archive of course.
<smoser> but not in 12.04
<smoser> sans flux capacitor
<zul> jamespage:  based on the MIR for oauth2 im going to see what it takes oauth2 with oauthlib
<Daviey> smoser: erm
<Daviey> smoser: It /should/ be in primary archive of 12.04
<Daviey> Oh, i suppose there is the trust path - as being in the Cloud Archive means it was signed by ubuntu-cloud-keyring.. but anyway, that is convoluted :)
<smoser> Daviey, the new package you're telling me to create is not in 12.04
<smoser> and sru policy would block said package from being in 12.04
<Daviey> smoser: Nah, we went through this for ubuntu-cloud-keyring.  It is okay to introduce something like this to -updates.
<Daviey> ubuntu-cloud-keyring wasn't part of 12.04, it was introduced via SRU
<smoser> k
<rtg> what source package contains the ubuntu server guide ? I'd like to assign bug #1215665 to the right package
<uvirtbot> Launchpad bug 1215665 in linux "With Kernel 3.11RC6 Ubuntu servguide PDF compile crashes" [Undecided,Invalid] https://launchpad.net/bugs/1215665
<rtg> Daviey, ^^
<Daviey> rtg: assign it to the 'serverguide' project..  https://bugs.launchpad.net/serverguide
<rtg> Daviey, done. thanks.
<Daviey> rtg: thanks
<caribou> Daviey: ikonia: remember the networked kdump discussion of earlier today
<ikonia> yes
<caribou> Daviey: ikonia: I think that there should be some provision there to also send it to some cloudy storage, like ceph or swift
<caribou> not sure how easy it would be though
<Daviey> caribou: I remember it fondly :)
<caribou> Daviey: I just think that in a cloud context, that might be nice to be able to send the vmcore to some kind of 'shared storage'
<Daviey> caribou: Be careful not to overscope, and deliver nothing :)
<caribou> Daviey: true, the basic options would be sufficient but could be a nice evolution
<caribou> just food for thoughts
<Daviey> yeah
<caribou> Daviey: the existing options would allow for one cloud instance to handle receiving dumps through SSH and store them
<Daviey> caribou: smoser might have some guidance on storing in swift, and jamespage for ceph.  Maybe they have some pointers
<caribou> Daviey: well, let's get the basic bits in first then I can go crazy
<Daviey> caribou: This sounds like it could be well handled as a subordinate charm :)
<caribou> indeed
<linuxtech> I emailed LaMont 2 days ago about doing a sync request for his new bind 9.9.3 package and if I don't hear from him tomorrow, I am going to request it.  Any comments on using the newer Extended Support Release bind 9.9.3-P2 for saucy?
<linuxtech> I have been running it a couple days on multiple machines, bot authoritative and recursive servers.
<lamont> linuxtech: I'll be uploading -3 to debian and syncing today
<lamont> though it'll be late tonight
<linuxtech> Cool, Thank you!
<lamont> the only issue I ran into was that there were ubuntu changes to merge, and that led me to actually looking at some other bugs to go with the new debian upload.
<lamont> amusingly, the merge consists only of changes to debian/changelog, since I NAKed one piece of one upload
<linuxtech> I was looking at some  of the Debian bugs and was wondering about commenting on some, it looks like a lot of the old ones are fixed or not relevant anymore.
<lamont> and one of those things (doko wants make -j for parallel=), has it ftbfs atm
<lamont> linuxtech: relevant and useful comments on any of my debian bugs are always welcome
<lamont> gah
<__mp> hello
<zul> jamespage:  tevent approved
<jamespage> zul, good-oh - thanks for doing that
<zul> jamespage:  np
<jamespage> zul, openvswitch is now sorted out as well btw
<zul> jamespage:  sweeeet!
<__mp> I have an upstart script https://dpaste.de/kGOBZ/ and I want to add respawn functionality. Any idea on how to solve this? I want to monitor the pid.
<jamespage> __mp, you need to let upstart monitor the process directly - right now its not actually doing that
<__mp> jamespage: Yes, that's what I figured. I find this suggestion but I find this quite problematic: http://tad-do.net/2013/07/24/writing-upstart-script-for-forky-java-application/
<jamespage> __mp, can you run your application inthe foreground?
<__mp> jamespage: I can't (well I could but I don't want to since I don't want to handle rake stuff by hand).
<qman__work_> I have some questions about trying to backport packages
<qman__work_> I used the backportpackage tool to try and backport shibboleth 2.5.2 from saucy to precise
<qman__work_> my build failed and says it's waiting on a dependency
<ivoks> jamespage: ping
<qman__work_> I assume this means the system just needs more time to compile my package, but I need this faster; I don't mind running the compile on my own hardware but I don't know what I need to do to
<qman__work_> This is the package page on launchpad: https://launchpad.net/ubuntu/+source/shibboleth-sp2  This is my build: https://launchpad.net/~cs-cracker/+archive/shibboleth-ppa/+build/4895264
<zul> adam_g/jamespage: http://people.canonical.com/~chucks/ca
<dumb_questions> don't worry, I'm planning to change the backup strategy. Right now I have a Tar backup of an Ubuntu Server. If this machine dies can I restore that backup to any other hardware assuming 64-bit? Anything special I need to know if it's intel vs. AMD?
<resno> dumb_questions: for the most part my experince has been you can easily swap install between multiple phyiscal machines with realtive ease
<qman__work_> dumb_questions: as long as your replacement hardware is supported by the version of ubuntu you're running, it will just work
<qman__work_> if it's too new you might have to upgrade your kernel or backport drivers, etc
<dumb_questions> thank you both of you
<dumb_questions> it's a sticky backup situation, but I ant to be sure to plan for the future and do it right
<dumb_questions> another question, what's the best way to test a large backup? This one is 100GB and I want to be sure the backups work.
<dumb_questions> right now I'm creating a VM and untarring to a VM. But, 100GB takes some time....
<patdk-wk> hmm? that is the only way?
<dumb_questions> ideally the client would be able to test their own backup.
<dumb_questions> I was afraid of that. in the future I hope to have incrementals set up both on rotated ext. HDDs and at a remote location (s3?). But I'll still have to test them regularly.
<dumb_questions> ok, now for a dumb question: I restored the thing in Virtualbox. Now when I reboot the VM it keeps rebooting to the live disc instead of the the VDI I restored. I removed the CD drive from STorage, but can't figure out how to tell it to boot from the HDD. Anyone know?
<qman__work_> dumb_questions: you need to boot a live CD and install grub to the master boot record
<qman__work_> while you restored your files, you didn't restore the bootloader
<smoser> jamespage, ping
<smoser> so with virtual-maas... trying to use that with juju on precise.
<smoser> 2 things.
<zul> adam_g: mind +1ing http://people.canonical.com/~chucks/ca
<ivoks> ah, is that novnc fix? :)
<ivoks> nope :(
<smoser> http://paste.ubuntu.com/6018470/
<dumb_questions> qman__work_: I'lll look up a tutorial. Thanks.
<dumb_questions> found one. The same I used for restoring, just had to keep reading: rtfm, right?
<adam_g> zul, lgtm
<zul> adam_g:  cool thanks
<smoser> jamespage, do you know why we use bind9 in virutal-maas ?
<jamespage> smoser, thats what maas uses
<smoser> oh. trhats right.
<smoser> adn we just add the forewarders to it.
<jamespage> yep
<jamespage> dnsmasq is alot simpler of course
<smoser> so i think it would be trivial to just install dnsmasq
<smoser> it will get updated with resolvconf
<smoser> and we can point maas's forwarder at *that* ?
<smoser> maybe
<smoser> hm.. no. that seems to conflict with maas (package level conflict, joy)
<adam_g> smoser, any options for getting nested kvm  on a cloud image other than installing the generic kernel and rebooting?
<smoser> you shoudlnt 'hav to reboot
<smoser> is that enough?
<adam_g> smoser, doh, nevermind. just needed the linux-extras-`uname -r`
<kurt_> Is there a good post-deployment guide for configuring/setting up openstack via openstack-dashboard (horizon)?
<smoser> oh. adam_g simpler, linux-image-extra-virtual,
<RoyK> hm... I'm helping a friend to manage his home server, and lately, errors have shown up on the root fs, which resides on an md-raid mirror. one of the drives in the mirror has a single pending sector, as reported from smartctl
<RoyK> could this be a memory issue? I see nothing in the logs from the drives, and the single pending error has been stable for months
<RoyK> s/pending error/pending sector/
<ikonia> RoyK: why do you feel it's possibly memory ?
<RoyK> ikonia: I don't really understand what else it can be. if it were the drives, I should have seen I/O errors in the logs, which I don't
<ikonia> RoyK: what sort of errors is he getting ?
<RoyK> ikonia: if it were a single incident, no problem, but I saw filesystem errors and the root remounted r/o a couple of days after he rebooted and fsck stepped in
<ikonia> RoyK: so, i've seen issues on md (i'm assuming software raid too) with disk controllers
<RoyK> http://paste.ubuntu.com/6018739/
<RoyK> ikonia: sure, but that also will produce i/o errors in the logs
<ikonia> RoyK: depends, I've seen it switch straight to a ro file system
<ikonia> RoyK: I admit it's normally on cheap/poor controllers
<RoyK> ikonia: disk 0-1 are for the root, and disk 2-5 are for the local raid-6. disks 1-4 are on the controller on the mobo. no issues with the raid
<RoyK> and btw samba segfaulting every now and then, sometimes daily
<RoyK> another factor
<ikonia> RoyK: I'd guess because the file system under it has problems
<RoyK> ikonia: the filesystem under ext4?
<ikonia> RoyK: under samba
<RoyK> samba doesn't share out anything from the root
<ikonia> maybe not then
<RoyK> and the raid hasn't shown any problems
<ikonia> RoyK: i wonder if it's worth running iostat, and just seeing if there is any load/high scan rate or writes before it has a problem
<RoyK> ikonia: last time this happened (remount-ro), was while I was cleaning up, removing an old backup, so yes, it happens during load
<RoyK> ikonia: samba doesn't seem to follow this pattern, it seems to die randomly
<RoyK> even at times I know the server is idle
<ikonia> RoyK: something seems pretty messed up
<RoyK> I know :P
<ikonia> RoyK: is there anything in the syslog when it swaps to r/o mode
<ikonia> RoyK: it has to log something ?
<RoyK> what I pasted was from dmesg output. it hasn't been setup with a remote log server (yet), although I'll do that when the system gets rebooted. no reason to reboot it now - fsck will probably just stop the bootup by asking silly questions
<ikonia> RoyK: that maybe worth while see if it gets something extra sent out before it goes read onl
<ikonia> only
<RoyK> ikonia: sure, but all that is kernel stuff, so it should be in dmesg
<ikonia> RoyK: you'd hope/expect, but there is nothing obvious jumping out
<RoyK> well, all kernel messages go into the circular kernel log (as read by dmesg), and then to syslog
<ikonia> but there is nothing obvious there
<RoyK> I'll try whenever I get write access to the box, but I'm willing to be some money it won't help much. the cleanup I did was with rm, locally, no samba involved
<ikonia> from what you're saying, I agree
<RoyK> looks like someone suggested removing the journal, fsck and then re-add it http://www.linuxquestions.org/questions/linux-newbie-8/aborted-journal-and-volume-remounted-read-only-812216/
<ikonia> that doesn't seem logical to me
<RoyK> ok - why not?
<RoyK> should fsck fix it?
<ikonia> RoyK: I'd hope fsck would be enough
<RoyK> we'll see
<ikonia> RoyK: it's an easy get out of jail, but that hardware doesn't seem happy
<RoyK> then why no I/O errors? they should have appeared *before* the actual fs error
<ikonia> RoyK: I agree, but disk problems, samba problems....
<RoyK> yes, that's why I think a good, long memory check would be relevant
<RoyK> since bad memory can cause all sorts of errors
<RoyK> hm... I know I should never run fsck on a mounted filesystem, but should it be safe to fsck a filesystem remounted RO by the system after errors? I've fscked filesystems remounted RO earlier without issues
<ikonia> RoyK: touch autofsck and bounce the box
<RoyK> no chance to touch anything on a RO FS
<ikonia> of cours.e...
<ikonia> idiot, didn't think
<StereoChild> anyone got an opinion on the best torrenting software i.e for a seedbox
<StereoChild> when I say best I mean your preferred
<koolhead17> Daviey:
#ubuntu-server 2013-08-24
<chrisguk> Im kinda wondering what this channel is for lol.  No one has said a word -:)
<TJ-> Most server admins are only here during the day
<chrisguk> Im here, but thats probably because im on bacula config duty
<TJ-> Yurk :)
<bcessa> hi there, can somebody recommend a good cli tool for yaml syntax validation, thanx
<subman> I'm having a terrible time of trying to get my server online over the internet.  I don't seem to be able to connect to it.  I can within my local network, but not over the internet.  I have port forwarded over both my modem and my router but no luck at all.
<subman> Any help would be appreciated
<bekks> From within your local LAN, you cant test that.
<Patrickdk> well, we can give it a shot, highly outside the scope of this channel
<Patrickdk> how did you test it?
<subman> I've tried to ssh into it with no luck.
<Patrickdk> from?
<subman> remote and local
<Patrickdk> and your isp doesn't block incoming low ports?
<subman> ping works
<bekks> ping works, because ping does not use portforwardings for ssh.
<subman> no, hi port.
<subman> I've changed 22 to 2222
<bekks> ping your IP from remote just tells you wether your router responds to ping requests.
<subman> ok, I changed the port in the router back to 22 and now I get connection refused.  When on 2222 it just timed out
<Patrickdk> something is wrong with you testing 2222, or your portforwarding
<subman> I know
<Patrickdk> maybe
<Patrickdk> but refused is still wrong
<subman> Yup
<subman> I can connect locally no problem
<subman> Weird
<subman> But I can connect to another machine via ssh.  Just not this new one
<subman> remotely
<subman> Must be server issue?
<subman> hmm, now no local access.  Very, very strange.  I've never had this before
<subman> Yes, not even local connection now
<subman> Maybe 13.04 is broken?
<subman> This all worked about an hour ago
<subman> Ok, thanks folks.  I'll try another server
<subman> Hello?
<codepython777> whats the smallest ubuntu server i can get ?
<Patrickdk> 500mb?
<Patrickdk> or you mean something else?
<subman> how would I change a static ip address to a dynamic address?
<TJ-> subman: insufficient information
<subman> what would you like to know?
#ubuntu-server 2013-08-25
<RoyK> heh
<Lord255> hi all. i have checked the serverguide in the topic for 12.04, but is there a step-by-step guide for a mailserver (pf,pfadmin,mysql,virus+spam filter..etc.)? i know that there are some on the net but i'm curious which one you say "the best".
<Calrik> hi all I just after some advice Im not sure if I should run vmware-esx and run my ubuntu server in that with other vm's such as a windows xp client or run ubuntu server natively then use virtual box or something like that for the windows guest?
<Kihokki> Hi there! It seems that I made a mistake when I created a user in my server and now I'm unable to use sudo on created user
<Kihokki> When I type sudo, it gives me this "sudo: must be setuid root
<Kihokki> "
<ikonia> Kihokki: that's nothing to do with creating a user
<ikonia> Kihokki: that's you changing the permissions on the sudo binary
<Kihokki> ikonia, So, what should I do?
<ikonia> put setuid on the sudo binary
<Kihokki> ikonia, Well, how to do that?
<ikonia> Kihokki: how did you remove it ?
<ikonia> Kihokki: what happened to your machine
<Kihokki> ikonia, I only created a user with adduser
<ikonia> that can't be the case.
<ikonia> Kihokki: can you do "ls -la /usr/bin/sudo" please
<ikonia> (and show me the output)
<Kihokki> root@southpole:~# ls -la /usr/bin/sudo
<Kihokki> -rwxr-xr-x 1 root root 69708 Jun  1  2012 /usr/bin/sudo
<ikonia> Kihokki: that's really wrong, someone has changed permissions on it
<ikonia> Kihokki: adduser would not do that
<Kihokki> ikonia, should I do it on the created user?
<ikonia> Kihokki: do what ?
<Kihokki> Nothing, I just checked if it gives same output on the created user
<Kihokki> and it does
<RoyK> Kihokki: reboot into single user mode
<ikonia> it will do, the binary has teh wrong permissions
<ikonia> RoyK: 1 moment please
<ikonia> Kihokki: can you show me the ouptut of "uname -a" please
<ikonia> lets find out if this is a standard ubuntu build, or one of these modified vps provider ones
<RoyK> Kihokki: and lsb_release -a
<ikonia> see if something has gone wrong, or if it's designed like that
<Kihokki> root@southpole:~# uname -a
<Kihokki> Linux southpole 2.6.32-042stab068.8 #1 SMP Fri Dec 7 17:06:14 MSK 2012 i686 i686 i386 GNU/Linux
<ikonia> RoyK: sadly that doesn't always show it
<ikonia> yes
<ikonia> vps
<ikonia> Kihokki: ok - I don't think we should change anything on this, I think you should talk to your vps provider
<ikonia> Kihokki: explain the problem and that sudo is missing setuid
<Kihokki> ikonia, I'll try that, thanks!
<ikonia> no problem
<tgm4883> Is there someplace to grab older kernels. I'm looking for linux-image-server_3.2.0.48.58_amd64.deb (along with the headers), but it doesn't seem to be available via apt anymore
<TheLordOfTime> tgm4883, what version of Ubuntu are you looking for the kernel for if I may ask?  (I'm curious)
<Patrickdk_> that would be 12.04
#ubuntu-server 2014-08-18
<dorimon5> "perf samples too long (2519 > 2500), lowering kernel.perf_event_max_sample_rate to 50000". this error turns my ubuntu server hang, i will happpen every 3-4 hours. need some help.
<boratynskikamil> Hello, dear all. I got such an error while installing LXC on Ubuntu 14.04 Server:
<boratynskikamil> lxc_container: Executing '/sbin/init' with no configuration file may crash the host
<boratynskikamil> Suggestions?
<gdi2k> hi all - this is not ubuntu specific, but I have a hardware question and I am sure there are plenty with the experience. I've bought a low-end Lenovo Thinkserver TS140 plus a used Intel PRO/1000 PT Dual Port adapter to go with it. However, with the adapter installed, it takes forever to POST - like up to 5 minutes. Once it boots things are fine and the adapter works like it should. Any ideas?
<gdi2k> I've read it may have to do with PCIe initialization (old adapter on very new / fast hardware) ?
<cfhowlett> gdi2k, lenovo has a English language channel or forum somewhere
<Lunario> is there an alternative to dynamic dns if I want to access my local ubuntu server  from the internet?
<cfhowlett> !dns
<ubottu> To set up a Domain Name Service see the !serverguide - https://help.ubuntu.com/12.04/serverguide/C/dns.html
<RoyK> Lunario: static IP from your ISP?
<frag_work> Hi
<frag_work> i am interest to deploy a ubuntu server on my kvm. but what are the default way to automated install an ubuntu server?
<frag_work> can any give me a tip?
<ikonia> frag_work: preeseed ?
<ikonia> fai ?
<kully> Hey all! I have a server I just imaged VIA clonezilla, moved to virtualbox, and the server keeps screaming about detected tx unit hang when I put it with no network, anyway I can just disable this? I can't put it on the network as the other server is still live and I need to test and I can't while it's screaming
<vahid> Hey. I am installing Ubunto 14.04.1 Lts Server 64-Bit. I have installed software step by step. But now when I am open the URL, it shows an error that "Not Found, The requested URL /magento/ was not found on this server."Hey. I am installing Ubunto 14.04.1 Lts Server 64-Bit. I have installed software step by step. But now when I am open the URL, it shows an error that "Not Found, The requested URL /magento/ was not found on this server."
<vahid> Have you Idea?
<itadder> how do I run security update patches with ubuntu server
<dasjoe> itadder: https://help.ubuntu.com/14.04/serverguide/package-management.html
<vmdsch1> What is the best alternative to vmbuilder?
<streulma> hello is it needed to upgrade to 14.04 for server? I have now 12.04
<Pici> streulma: 12.04 will be supported until 2017.  You only need to upgrade if you want to.
<patdk-wk> or if you think you will still be managing that machine in 2017 :)
<RoyK> patdk-wk: then the machine can be updated when it gets closer to 2017 ;)
<patdk-wk> why put off work for later when you won't have time :)
<RoyK> patdk-wk: well, if it works, don't fix it ;)
<dasjoe> That is only valid if your HWE is based on trusty or you're not using it at all
<patdk-wk> if you break it now, you have 3 years to fix it :)
<RoyK> patdk-wk: :D
<patdk-wk> what is only valid?
<patdk-wk> oh as far as support?
<patdk-wk> I was pretty sure hwe would autoupgrade, and everyone, assuming they install updates at all, would have trusty hwe now, or no hwe
<patdk-wk> either way, supported
<streulma> do you know what I did? I maked virtualbox vm of Server 12.04 and copied the whole disk tar to hosting provider :)
<streulma> it works !
<RoyK> streulma: it usually does, although you may have to remove things like /etc/udev/rules.d/70-persistent-net.rules
<streulma> RoyK yes indeed :) and copied fstab back and mtab and /boot/grub/menu.lst
<RoyK> streulma: it's not windows, you know ;)
<streulma> they use Bochs
 * RoyK hadn't even heard of Bochs
<sarnold> RoyK: you probably have, just try to remember a decade ago..
<dasjoe> patdk-wk: it doesn't autoupdate unless you chose the -eol versions
<patdk-wk> yes, so if you HAVE hwe, it should be trusty, and nothing else :)
<RoyK> sarnold: no, that one must have slipped
<sarnold> RoyK: hehe :)
<RoyK> sarnold: I have a fairly good memory, but didn'd to much virtualisation back in 2004 :P
<sarnold> RoyK: well, to be fair, bochs was too slow for actual use then
<sarnold> RoyK: it was like the linux-in-javascript thing, "ooh, neat"
<sarnold> RoyK: or of actual use to kernel people because the ycould single-step their cpu :) but not much actual utility
<RoyK> afaics from wikipedia, it still doesn't have any cpu virtualisation features, which sounds to me like a Very Bad Idea Indeed for production
<jdstrand> hallyn (fyi mdeslaur): fyi bug #1358405
<uvirtbot> Launchpad bug 1358405 in libvirt "cannot execute binary /usr/bin/kvm-img: No such file or directory" [Undecided,New] https://launchpad.net/bugs/1358405
<RobC207> Good day! /var/log/apt has history logs where installs and upgrades are recorded.  This is very useful information, but...is there a log created (and preserved?!) regarding the package selections made during the initial OS install process?
<RoyK> RobC207: don't think so - why?
<RobC207> RoyK: Auditing a server to prepare for replacing 10.04 with 14.
<RoyK> RobC207: you can only upgrade to 12.04 with do-release-upgrade, but then, just do it twice
<RoyK> RobC207: the upgrade process will install what's there, regardless of what was there in the first place
<RobC207> RoyK: Well I suppose I should at least try that route.  Maybe after a full backup.
<RoyK> RobC207: always do a full backup (or snapshot, if it's a VM and the hypervisor/filesystem supports that) before upgrading
<ldelarosa> Hey guys i just set up the access to my ubuntu server using key-based ssh logins and it works fine. And lock the password for the local user. Now I can't do anything as sudo, because it asking for the password for that user but i locked it.
<ldelarosa> What can I do?
<dasjoe> ldelarosa: boot into single-user mode and change the user's password. Then disable password auth in sshd.conf, instead of locking your account
<dasjoe> ldelarosa: if you set the root password you could also use "su" instead of "sudo", then "passwd username"
<ldelarosa> Ok dasjoe it makes sense. I will try it. Thanks.
<flounders> What kind of hardware should I get for a server that is doing DHCP, LDAP logins, NFS and DNS for approximately 300 users?
<webfox> Hello folks!
<webfox> I am facing this error message when I try to install mysql at ubuntu-server : https://gist.github.com/anonymous/5567d3437509981a018b
<webfox> Could someone help me figure out how to solve it please?
<webfox> I did already fix location issue and installed location.
<webfox> I mean installed logger.
<lutostag> webfox: how did you install logger? If you run $ logger 'uniq test message' # and check /var/log/syslog is it there?
<hallyn> jdstrand: that is surprising.  I'd expect libvirt to find qemu-img.  I wonder if you remove the symlink yo uadded and do 'stop libvirt-bin; start libvirt-bin' does that solve it?
<webfox> lutostag: I did install as apt-get isntall logger
<lutostag> webfox: hmm, thats not showing up as a package on my system; try sudo apt-get install bsdutils # which is where the logger program comes from (http://manpages.ubuntu.com/manpages/trusty/en/man1/logger.1.html)
<webfox> lutostag: ok, installed and now?
<lutostag> webfox: try a $ sudo apt-get install --fix-broken mysql-server
<webfox> lutostag: great, I thin it is already working.
<lutostag> webfox: good to hear, glad to help
<webfox> lutostag: thank you a lot mister!!!! :D
<jdstrand> hallyn: that seems to work
<hallyn> jdstrand: so is there a clean packaging way to have qemu say "restart libvirt if installed"?
<hallyn> jdstrand: I mean i can re-add the links, but we're aiming for being in sync with debian
<hallyn> (for qemu, not libvirt)
<jdstrand> hallyn: I was. I am trying it with ksm disabled
<hallyn> cool
<hallyn> i appreciate that
<jdstrand> so far, it has been working
<itadder_> for production server what version of ubuntu should we be running
<itadder_> 14.04
<itadder_> our developers who want ubuntu requsted 12.04
<itadder_> old old
<j0nr> hello?
<Pici> hello
<itadder_> hi
<j0nr> What should I be Googling for when I have a single mail server setup but I want to be able to receiev emails from multiple domains? I had this set up before but now I have to redo it and I cannot remember!
<kklimonda> itadder_: well, 12.04 is still perfectly valid, and is going to be supported for 3 more years
<j0nr> I had it set up so that multiple emails all got delivered into my one user's Maildir
<fridaynext> j0nr: after about a year of dealing with my postfix/dovecot/spamassassin setup for all my domains, I've finally given it all up for Google Apps.
<fridaynext> and I couldn't be happier. :D
<j0nr> fridaynext: funny you should mention that....I have been toying with the idea myself.
<fridaynext> j0nr: omg - don't even think about it any more - just do it!
<fridaynext> aliases, no smtp to deal with, folders/drafts/etc all just work.
<j0nr> Can I point multiple domains to a single google apps?
<j0nr> I currently (well before yesterday) had me@domain1.com maillist@domain1.com sales@domain1.com
<j0nr> basically, I could add any alias I want
<j0nr> also I could direct me@anotherdomain.com to the same inbox
<fridaynext> i know you can add any alias within the same domain, b/c the mx records only work for one domain
<j0nr> hmmmm....seems like admiting defeat!
<fridaynext> oh yeah, you can add a domain alias. nice.
<fridaynext> https://support.google.com/a/answer/53295?hl=en
<fridaynext> that saves me $5 a month!
<j0nr> anyway....I have my 'basic' mail server working....just need to get back to how I had it set up for the multiple domains.
<j0nr> virtual I think
<j0nr> hmm, that's REALLY tempting
<rostam> HI
<rostam> HI I am using ubuntu 14.04. My server has two network interfaces. eth0 and eth1. I am facing something very strange and I have narrow down it whenever update-initramfs is called, the order of network interfaces changes on the next reboot. By that I mean the eth0 bind to hardware interface eth1 used to bind and vise versa.
<sarnold> rostam: see /etc/udev/somethingorother/70-persistent-net-something
<rostam> sarnold,  yes that is another strange thing, It never gets created on my system ???
<rostam> sarnold, I have removed biosdevname package
<rostam> sarnold, and I have set if.devname=1 in /etc/default/grub
<rostam> sarnold,  I removed biosdevname because the network  interfaces used to come up as em1 and p6xx  and I did not need them that way.
<sarnold> rostam: yeah, I don't blame you for wanting eth0 and eth1, but the 70-persistent-net-whatever file can give them whateve rnames you want
<rostam> sarnold, but it down not gets created in my system should I create it manually ?? thx
<sarnold> rostam: yeah it should work fine if you create it manually
<sarnold> rostam: here's my eth0 line: SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="3c:97:0e:3d:78:55", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="eth*", NAME="eth0"
<TJ-> rostam: is there "net.ifnames=1" on the kernel command line ("cat /proc/cmdline") ?
<rostam> TJ- I put place that in my /etc/default/grub  kernel command line
<rostam> TJ- I will reboot see the cat /proc/cmdline in a sec
<rostam> TJ-, yes I see that: BOOT_IMAGE=/boot/vmlinuz-3.13.0-24-generic root=UUID=a8da1c5e-ea4c-4d24-ac3e-b08e99e2ab1f ro net.ifnames=1 biosdevname=0 nomodeset
<TJ-> rostam: That prevents the persistent-net-names generator from working
<TJ-> $ grep ifnames /lib/udev/rules.d/75-persistent-net-generator.rules
<TJ-> IMPORT{cmdline}="net.ifnames"
<TJ-> ENV{net.ifnames}=="1",                  GOTO="persistent_net_generator_end"
<rostam> TJ-  okay thank you I will remove it and reboot see what happens.
<rostam> TJ-, I remove that but still the persistent file is not created .
<TJ-> rostam: You mean there is no "/etc/udev/rules.d/70-persistent-net.rules ?
<rostam> TJ-, yes that file does not created after I removed the if.devname=1.
<TJ-> rostam: So something else in "/lib/udev/rules.d/75-persistent-net-generator.rules" causes the generator not to run. Read the rules, see if you can see what is doing it based on your knowledge of that system.
<TJ-> rostam: Is it a virtual machine? these rules generally only trigger on real physical interfaces
<rostam> TJ- no it is not virtual machine
<rostam> TJ-, I will read the file as you suggested. Thank you.
<TJ-> rostam: OK, well look at all the rules in that file that cause it to skip to the end; it sounds like one of those is triggering
<rostam> TJ- will do thanks again.
#ubuntu-server 2014-08-19
<source47> hi guys. anyone here good in NAT? I am trying to add a NAT rule on my AWS instance so it forwards its internal IP (+port) to the lxc container's IP + port. here is what I am trying: https://gist.github.com/developerinlondon/31b4244113373c22b056
<Patrickdk> source47, where is the ACCEPT rule? for that nat to work?
<source47> i didnt know i needed one. i can curl to the IP locally
<source47> but just added sudo iptables -I FORWARD 1 -p tcp -d 10.0.3.95 --dport 80 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
<source47> didnt seem to make any diff... do i have to restart?
<Patrickdk> no
<source47> added some more info - https://gist.github.com/developerinlondon/31b4244113373c22b056
<TJ-> source47: The host can otherwise access 10.0.3.95 - ping, etc., ?
<source47> yes i can run curl from the host
<Patrickdk> wrong dest
<source47> eg curl 10.0.3.95:80 works
<Patrickdk> your really didn't help it
<source47> ?
<Patrickdk> iptables -I FORWARD -p tcp -d 10.0.3.95 --dport 80 -j ....
<source47> oh yes... that seemed to have messed things up now
<source47> i cant curl anymore
<source47> from host
<Patrickdk> heh
<source47> how can i get rid of that rule?
<source47> Hmm i removed it
<source47> but still cant go there anymore..
<Patrickdk> well, your premise that rule was a problem, was wrong
<semiosis> source47: you say you're trying to NAT something?  none of your rules are NAT, they're all just ACCEPT/REJECT
<semiosis> source47: can you just tell me here, in plain language, what you want to translate from/to?
<source47> oh... i took it from here https://github.com/jtopjian/lxc-nat/blob/master/lxc-nat.rb
<source47> so basically 172.31.23.17:40000 -> 10.0.3.95:80
<TJ-> semiosis: You're missing "sudo iptables -t nat -A lxc-nat -d 172.31.23.17 -p tcp --dport 40000 -j DNAT --to 10.0.3.95:80"
<semiosis> TJ-: ah right, the list is only the filter table
<TJ-> semiosis: I asked for the iptables-save output; it's in a comment at the end of the gist
<semiosis> source47: can you add to that gist the output of 'iptables -nvL -t nat' please
<semiosis> ok
<semiosis> i see it
<source47> yea that line was added
<source47> now i have more copies of the same rule it seems
<source47> it doesnt dedupe
<source47> but the rule is the wrong way around it seems..
<TJ-> source47: I think you need to discriminate on the interface too:"sudo iptables -t nat -A lxc-nat -i <INTERFACE> -d 172.31.23.17 -p tcp --dport 40000 -j DNAT --to 10.0.3.95:80" otherwise packets returning from, I presume, the other end of lxcbr0, will loop back again ?
<source47> ok let me try that
<source47> so it would be eth0 i am guessing
<source47> since thats the external interface
<TJ-> source47: Yes, if that's the external I/F.
<semiosis> in ec2 all you have is eth0 & lo
<TJ-> source47: Also, if you've got multiple rules in there you can delete by using "iptables -t <TABLE> -D <rule-num>", which you can get from listing the table
<semiosis> oh right lxc, never mind my prev stmt
 * semiosis backs away slowly
<TJ-> source47: I sometimes 'cheat' by doing iptables-save >/tmp/rules; <edit /tmp/rules>; iptables-load </tmp/rules ;p
<source47> ah...
<source47> strange its not in --list-rules
<TJ-> source47: not always a good idea if you rely on the rules to keep up a remote connection though, so only use it locally for hacking about
<source47> https://gist.github.com/developerinlondon/9f5aedc140fc46937db8
<TJ-> source47: did you specify the nat table?
<source47> sudo iptables --list-rules
<source47> that didnt show it
<semiosis> -t nat
<TJ-> source47: without a table specifier you only see the filter table; that's why I like iptables-save since it shows all tables and the policies, clearly
<source47> ah
<source47> ok sudo iptables -D lxc-nat 1 iptables: No chain/target/match by that name.
<source47> but i have a line with that name
<source47> well i have 4
<source47> hmm... i guess i have to restart.. but strange i cant delete a rule with a name..
<source47> semiosis: yea its basically to expose a service from the lxc container to the outside world. in 2 steps, first to expose it to the AWS VPC network, then i can get a proxy to forward external requests to the AWS VPC
<TJ-> source47: "sudo iptables -t lxc-nat -D 1"
<source47> iptables v1.4.21: can't initialize iptables table `lxc-nat': Table does not exist (do you need to insmod?)
<TJ-> source47: sorry... tired typo! "sudo iptables -t nat -D lxc-nat 1"
<source47> ah that worked
<source47> thanks
<source47> ok we are down to 1 rule
<source47> TJ- so u think it might be working fine locally and could be an issue with AWS firewall?
<source47> i opened the port in AWS SG also
<TJ-> source47: is the LXC set to block anything not from the host?
<source47> not that i know of. its a standard ubuntu install
<TJ-> source47: does the LXC have a default route? is forwarding enabled on the LXC's default gateway?
<source47> how can i get into it using the private IP if it was an issue with the lxc?
<source47> https://gist.github.com/developerinlondon/a9d6aa72a7822caf1a62
<source47> this is the routes in the container
<source47> it doesnt even have iptables inside
<source47> i wonder if we can find a log somewhere where it fails
<TJ-> source47: Is the host's lxcbr0 allocated 10.0.3.1 ?
<source47> it seems iptables might not be the issue
<TJ-> source47: Have you enabled IPv4 forwarding on the host?
<source47> yep 10.0.3.1 is lxcbr0
<source47> i enabled ipv4 yes
<source47> net.ipv6.conf.all.forwarding=1
<TJ-> that's ipv6
<source47> net.ipv6.conf.all.forwarding=1
<source47> strange
<source47> i am sure i edited ipv4 also
<source47> net.ipv4.ip_forward=1
<TJ-> good
<source47> ah
<source47> DESTINATION ip-172-31-23-17.ec2.internal
<source47> that might be the issue TJ- ?
<source47> https://gist.github.com/developerinlondon/0946497f8729df17a8f5
<source47> it shouldnt go there..  i would rather it uses the ip or resolve internally.
<poobutt> hiya, i have a 14.04.01 that keeps crashing and then hang at boot randomly what log is best to track down the reason? thanks.
<poobutt> and weirdly to look at syslog i do not have to be root or use sudo is that normal?
<sarnold> poobutt: indeed, most logs don't require privileges to read
<poobutt> sarnold: ok thanks just on another 14.04.01 server it does so i wonder why one requires sudo and one does not as they have the same set up.
<TJ-> poobutt: if your user is privileged it is likely part of the 'adm' group
<poobutt> sarnold: do you know where i would find out if the reboot was down to a power cut?
<poobutt> TJ: thanks one is a digital ocean server so they may have different core rules compared to a stand alone install.
<sarnold> poobutt: could be if some files were deleted they may have been recreated with different permissions perhaps..
<sarnold> oh, I like TJ-'s explanation
<sarnold> poobutt: if the power is yanked, most systems won't survive long enough to write to the logs about it..
<poobutt> sarnold: we do have frequent power cuts here (Thailand) so that is most probably the main reason
<TJ-> Power cuts in a data-center?
<sarnold> poobutt: can you add a UPS to your system? if you get a smart enough model you could have it power down your system gracefully if the mains are cut for more than thirty seconds, for example..
<poobutt> no this is a 14.04.01 server at an office with no UPS that runs zoneminder cctv set up on it
<poobutt> yes UPS will be the answer but i work with NGO so always finance issues try to get best results with no budget ;)
<TJ-> poobutt: ahhh I misread; thought you meant the failing server was at DO
<TJ-> poobutt: Make sure to disable disk write caching and make sure the disk sync quickly
<poobutt> TJ: tahnks for the tip will implement that now
<Kalki-> how can i update my users files from /etc/skell so that they come with right ownerships ?
<Kalki-> like .bashrc and things like that
<sarnold> sed -i~kalki 's/foo/bar/g'/ /home/*/.bashrc
<sarnold> then re-chmod as needed
<sarnold> or chown rather
<sarnold> must be bedtime
<Abhijit>  i set root login to true and set password in preseed file. used cobbler to install ubuntu. still can not login with username root and the set password. help
<jpds> Abhijit: With SSH or?
<Abhijit> no ssh. directa access. kvm
<Abhijit> jpds, ^
<Abhijit> how can i make apache to server /var/www/html/server when user enters "ip"address/server?
<rostam> HI I would like to test udev creation of 70-persistent-net.rules. I know the file can be created during reboot, but I like to test it without reboot. Is this possible? I am using ubuntu 14.04. Thanks
<lordievader> Good afternoon.
<ikonia> rostam: udevadm
<rostam> ikonia: thanks
<zoidberg-> Hello all, I have setup a little ubuntu server as a deivce that sits in between my adsl modem and router.. so that anything that connnets to the router gets routed through the ubuntu box out throught he modem to the internet.  The reason being, i would like to setup an vpn (openvpn) server on the ubuntu box one for incomming vpn connections (so that i can connect to my home network when away) and one for outgoing vpn so that i can tunnel all my tr
<zoidberg-> The question i have is, i setup simple iptables for masquerading and forwarding, does however my router is the dns server.. for dns to go through the ubuntu server should i setup soemthing like dnsmasq or will iptables handle that and just forward it over to the router and back?
<zoidberg-> at the moment i have 3 iptables masquerading rules/forwarding rules, it all works but i wonder if dns is being routed directly to the router rather than the ubuntu box
<jpds> zoidberg-: DNS should work fine...
<zoidberg-> jpds: i'm not sure what you mean by that it does work fine if i simply setup forwarding and masquerading on my linux box - but dns does no go through it, dns requests go straight to the router.. which is giving out by dhcp.. i want, to give out the ip of my linux box and have that forward requests to and from the router
<zoidberg-> so _ALL_ traffic goes through this linux box
<zoidberg-> as i want to eventually tunnel all traffic out over a vpn
<zoidberg-> including dns
<rostam> hi how would I know the network interface eth0 is binded to which driver? thanks
<webfox> Could someone help me locate the httpd.conf file from Apache2 please?
<webfox> I think it should be positioned at /etc/apache2/ dir but it is not.
<ikonia> webfox: the config file is now modular
<ikonia> so there isn't much in the httpd.conf
<webfox> ikonia: I just need to activate php
<ikonia> then use the aenmod command
<ikonia> have you read the ubuntu docs on using apache ?
<webfox> not yet.
<webfox> Still reading https://help.ubuntu.com/14.04/serverguide/php5.html
<webfox> I think thats old now.
<webfox> Apache is working, just not php
<ikonia> webfox: why do you think it's old
<ikonia> it's listed as the current doc
<webfox> yes, exactly.
<webfox> Well, he files /etc/apache2/mods-enabled/php5.conf and /etc/apache2/mods-enabled/php5.load exists
<webfox> the*
<webfox> I already retarted Apache but still not executing the php inside the doc.
<ikonia> webfox: what is the name of the file
<ikonia> as in the php web page
<webfox> ikonia you are good! I was using an incorrect file extension!
<webfox> Thank you !
<ikonia> no problem
<webfox> Got it workiing now.
<webfox> o/
<henk> hi, Iâm trying to set up a webapp in tomcat6. This webapp needs the jdbc connector for mysql, so I installed libmysql-java. Now Iâm looking for a way to make this webapp find this lib without having to copy the jar files to its lib directory, to make sure the jars are updated by package updates. I tried symlinking but that does not seem to work. Does anyone know what the proper way is?Â I found
<henk> https://scottlinux.com/2014/02/20/tomcat-on-debian-and-ubuntu-linux-fix-broken-com-mysql-jdbc-driver-connection/ which suggests changing /etc/tomcat*/catalina.properties to search /usr/share/java/*.jar in addition to the default places. Can anyone comment whether this is a good idea?
<rtg> smoser, https://bugs.launchpad.net/ubuntu/+source/xserver-xorg-video-intel/+bug/1355196/comments/46
<uvirtbot> Launchpad bug 1355196 in linux "compiz fails with intel_do_flush_locked failed: Invalid argument" [High,Confirmed]
<smoser> rtg, i knew i should not have clicked "i'm willing to bisect" :)
<rtg> smwe'll build the bisects, but you have to do the testing
<rtg> smoser, ^^
<smoser> yeah. its just a matter of dedicating time to that. thanks for the poitner.
<rostam> Hi I have two network interface on my system eth0 & eth1. I need eth0 to bind to igb driver not e1000e. So I black list the igb and e1000 then I added those drivers in /etc/modules so the kernel tries to load igb first then e1000e. It does not work, any help greatlly appreciate. Thanks
<ikonia> youv'e blacklisted the igb driver when you want it to use the igb driver ?
<rostam> ikonia, I have placed it in /etc/modules so the auto loading (I think) is disabled but this way I control which driver gets loaded first (or I think it gets).
<ikonia> but you've already blacklisted it
<rostam> ikonia, okay I see your point... thx
<RobC207> Alright, having just completed two rounds of do-release-upgrade, I am having a mild reaction to cron.d/php5 emailing me twice an hour with a message concerning invalid argument. I determined the cause of this is a missing value in the response from /usr/lib/php5/maxlifetime. Changing the she-bang to -x instead of -e leads me to allow_call_time_pass_reference being no longer available.  How to fix it?
<rostam> HI please help I am stuck with this for last 2 days. I am using ubuntu 14.04 update 1. My system has two network interfaces , eth0 and eth1. I see sometimes eth0 bind to hardware interface where eth1 was previously bind to it.  The system generates /etc/udev/rules.d/70-persistent   file. I have modified the bus but it overright it, any idea why please? thx
<qman__> When running dpkg-reconfigure postfix and setting where root's mail goes, where is this setting stored? Its not in /etc/aliases and grepping around hasn't found it
<lamont> qman__: that _should_ update /etc/aliases
<lamont> if not, please file a bug with details
<plm> Hi all
<plm> Is possible to know if a connection are using ssl or not? netstat -an show me many and I would like to know what that connections are secure( using ssl).
<genii> plm: Maybe use -nt
<sarnold> I know of no such tool; you could probably write a pcap thing that recovers a few kilobytes of data from each active connection and runs some simple statistics on it to ensure the data looks 'random'..
<qman__> lamont: it didn't, will do
<qman__> On two 14.04 servers
<plm> genii: -nt show just tcp (with or not ssl)
<plm> genii: dont need to be netstat. Any other app/method to kwno if that connection are using ssl or not
<genii> To actually test the traffic you'd need to set something up on another machine like for instance mitmproxy
<genii> !info mitmproxy
<ubottu> mitmproxy (source: mitmproxy): SSL-capable man-in-the-middle HTTP proxy. In component universe, is optional. Version 0.9.2-2 (trusty), package size 150 kB, installed size 800 kB
<qman__> lamont: bug 1358925
<uvirtbot> Launchpad bug 1358925 in postfix "root alias does not get set" [Undecided,New] https://launchpad.net/bugs/1358925
<lamont> qman__: ta
<lamont> it may take me a day or 7 to look at it, feel free to pester me if I haven't done anything with it by next week.  Likewise, someone server-teamish is likely to beat me to it.
<qman__> No problem, I just thought I was crazy for not being able to find it, utrns out its broken
<plm> genii: I'm using tcpdump but I not see difference between a tcp connection with and without ssl
#ubuntu-server 2014-08-20
<plm> just a curious: is possible to have a static ip in a interface eth0 and add a alias eth0:0 where eth0:0 is DHCP?
<lordievader> Good morning.
<JernejL_Work> hi everyone
<JernejL_Work> what version of iptables is in latest distro?
<JernejL_Work> actually, in 12.04
<JernejL_Work> no matter how much i try, i can't get iprables wuth u32 to work to match packets.
<JernejL_Work> it is in cat /proc/net/ip_tables_matches
<JernejL_Work> but it fails to function
<JernejL_Work> it won't even log
<LeMike> hello. Apache tells me "client denied by server configuration" over and over again but I hardly don't know what is wrong. I checked if the folder is accessible. Apache runs as myuser:mygroup but still naggs me: https://gist.github.com/sourcerer-mike/35e5ed3e0b6eaec71b67
<tinoco> back
<jpds> LeMike: https://wiki.apache.org/httpd/ClientDeniedByServerConfiguration
<jpds> LeMike: https://stackoverflow.com/questions/10351167/apache-client-denied-by-server-configuration
<LeMike> The deny rule blocks everyone no matter in which order. What the heck? o,O Thanks jpds
<hxm> how to create a text file from clipboard?
<hxm> without pasting it to a text editor
<LeMike> Try `xsel --clipboard > foo.txt`
<phaidros> how does one restart networking via cli in ubuntu server 14.04?
<phaidros> init.d/script restart doesn't work, as well as service networking restart ..
<phaidros> :/
<ogra_> ifdown/ifup ...
<ogra_> (never ever use the init script ... thats wrong)
<pds|2> hi guys, i'm wondering if there is a way to power on lan devices when normal power is lost but the ups still has some juice left
<jpds> pds|2: sudo ifdown -a; sudo ifup -a
<ogra_> ++
<pds|2> that would bring don't the network and reup it again
<ogra_> right
<jpds> pds|2: Err, sorry that was for phaidros.
<ikonia> if the power has gone but you still have UPS the box will still be running as it was before
<ikonia> so why wouuld you need to do anything ? the box will not see the power drop
<pds|2> let me rething me question for a while :)
<pds|2> rethink *
<pds|2> if a certain device is hooked up with poe (power over ethernet) that comes through a switch, and i want to power on lan it when needed, i was wondering if i can pull the juice out of the ups
<phaidros> ogra_: why is the init script still there if it is for no use?
<phaidros> jpds: that works.
<ogra_> phaidros, it is of use ... it was never intended for enduser usage ...
<ogra_> other upstart jobs depends on the signales it sends etc ...
<ogra_> *depend
<phaidros> ogra_: I used it since ages in debian/ubuntu and it always worked brilliant :D
<ogra_> phaidros, calling that upstart job is like if you would remove and re-add the engine of your car every time you want to switch gears
<phaidros> as well as: "service networking restart" is not inteneded for direct use?
<ogra_> it tears down way more than you want ... on desktops it will kill the UI session because it kills dbus
<phaidros> ogra_: ic, so what is the correct short command to re-read network/interfaces? "sudo ifdown -a; sudo ifup -a" ?? nearly as intuitive as the initscript, or just "restart networking INTERFACE=eth0" ..
<ogra_> sudo ifdown -a; sudo ifup -a
<phaidros> ogra_: ok, thanks. but do you want to elaborate on the difference between ifdown/ifup and "service networking .." a bit more?
<phaidros> as well as: all the forums and everywhere in the web, the initscript or service command is recommended to do the job .. how can documentation fail that big time :D
<ogra_> phaidros, i did above ... killing the networking service will kill a lot more ... dbus, firewall setups etc
<ogra_> phaidros, nobody noticed it ...
<phaidros> hrhr
<phaidros> ogra_: just to clearify: initscript and service command trigger the same chain of killing? (dbus, firewall ..) or is there a difference between those as well?
<ogra_> there are no "initscripts" in ubuntu ... its an upstart job ... and yes, it is idnetical
<phaidros> ogra_: thanks
<phaidros> so, I learned something very basic after ~15yrs of debian and later ubuntu .. lol
<ogra_> heh :)
<phaidros> *shrug*
<ogra_> i think there are a few askubuntu entries where it was actually corrected ...
<ogra_> sadly nobody picked up correcting the wiki
<phaidros> after how many years?! :D
<ogra_> (which might be quite some effort given the many entries with the wrong info)
<ogra_> it was only noticeed bceaus people were wondering why their desktops crashed when following online instructions btw
<ogra_> *because
<phaidros> but then I have another basic one: how to deal with /etc/resolv.conf nowadays? it seems resolvconf is installed automatically, and it is not recommended to edit the /etc/resolv.conf file directly. two variants: remove resolvconf package, edit by hand. or, insert nameserver entry in /etc/network/interfaces? (I always did the first unti lnow :D
<ogra_> man resolvconf
<ogra_> ;)
<phaidros> grrr
<phaidros> :D
<ogra_> there are snippet files you can add bits to ... and resolvconf can also be managed via /etc/network/interfaces enatries ... (man interfaces ;) )
<phaidros> yaya, reading already :D
<phaidros> I've got to confess, there went alot of magic into the interfaces config file over the time :)
<phaidros> how much of that is debian/ubuntu specific versus lsb conform?
<ogra_> yup ... and the switch to systemd will make it all obsolete one day
<ogra_> /etc/network/interfaces is a debianism i think
<ogra_> (someone correct me though ... i'm not 100% sure )
<phaidros> ogra_: systemd it will be definitely?
<phaidros> .. why always Lennart's stuff .. :D
<ogra_> debian already switched ... and ubuntu doesnt have the resources to patch each and every init job in the archive ... so we have to follow suit and use debians default
<phaidros> ah, jessie has is default then. ooh, I expect upgrade hell :D
<ktosiek> ogra_: it is, RHEL has something in /etc/sysconf.d or whatever it's called
<ogra_> right
<ktosiek> phaidros: because Lennart is good at selling his stuff (and at least decent at designing it ;-))
<abhishek__> suggest me some good books on SAN
<sync0pate> Right.. I have a really weird SSL problem..
<sync0pate> I have purchased an SSL certificate for the www subdomain, and set it up in apache
<sync0pate> I can connect fine to the www subdomain without SSL
<sync0pate> and I can connect to other subdomains via SSL - but they give me a warning that the certificate is correct
<sync0pate> but when I try to connect to the www subdomain with ssl.. it just times out
<sync0pate> any idea?
<sync0pate> Oh.. never mind.. it's bizarrely started working.
<hallyn> jdstrand: what upgrades were your vm's doing when they got corrupted?  p->t, t->u, or just a dist-upgrade?
<jdstrand> hallyn: just -updates dist-upgrades. lucid-> lucid. precise->precise. trusty->trusty
<tinoco> back
<eagles0513875> hey guys i want to access a site on my server which at the moment doesnt have a domain name associated with it just yet to test out the functionality of the site as this came from another hosting provider im using one of my domains which points to the server and doing ~ to get a listing but it is not working any ideas what im doing wrong? she the domain not be associated with a vhost already?
<eagles0513875> anyone around?
<SCHAAP137> eagles0513875, use the IP-address
<eagles0513875> SCHAAP137: the problem is rdns is set and i get taken back to my website that i have for that domain
<SCHAAP137> domain should be irrelevant when u connect on the IP-address
<eagles0513875> ok
<eagles0513875> let me try in a private browser window
<eagles0513875> still end up at the website instead
<SCHAAP137> run the server on a different port?
<eagles0513875> cant as i have a bunch of other sites running on it as well
<SCHAAP137> ah ,ok, then it makes sense
<eagles0513875> meh i have another domain i can use for testing and i can quickly setup a vhost that isnt a problem
<vmdsch1> I made the mistake of upgrading to Ubuntu 14.04.01 LTS ... only to find Canonical's vmbuilder is dysfunctional ... and gone!  So, I've scrambled all over looking for a replacement.  I'm thinking the best of the bunch just now is libguestfs project's virt-builder/virt-syspre/virt-install.  I sort of wish HashiCorp's (of Vagrant fame) packer (see http://packer.io) was about a year further along.  Bummer.  Does anyone know of anything better?  It woul
<SCHAAP137> u upgraded to 14.04 from which version?
<SCHAAP137> vmdsch1, https://wiki.debian.org/VMBuilder
<SCHAAP137> there is mention of a version u can grab from git
<SCHAAP137> u could try building that one
<jeffreylevesque> when I open a basic python script in a browser (i have ubuntu-server with Gnome GUI) it doesn't serve the page, instead it pops up a dialog asking if i want to open the python script
<PryMar56> jeffreylevesque, does the script write CGI headers?
<jeffreylevesque> how do i check?
<jeffreylevesque> all i have is #!/usr/bin/python
<jeffreylevesque> then print ('hi')
<PryMar56> something like : print "Content-type:text/html\n\n";
<PryMar56> as seen in a perl CGI
<jeffreylevesque> should i have is #!/usr/bin/python?
<PryMar56> jeffreylevesque, yes - she-bang line is needed
<jeffreylevesque> if i goto the browser and try to visit the page, it doesn't render in the browser.  Instead, i get a popup "You have chosen to open: logic_loader.py'
<jeffreylevesque> then it prompts me to 'open with', or 'save file'
<PryMar56> jeffreylevesque, executing a *.py is one thing, you might want *.py to render as text if there are no headers printed
<PryMar56> jeffreylevesque, if you are in apache2? follow the pattern seen for *.php, *.cgi, *.pl in the /etc/apache2/sites-enabled/
<jeffreylevesque> how do i get it to render the text, rather than popup
<genii> Are you opening it with something like file:// url or http://localhost  url
<jeffreylevesque> yes sir
<jeffreylevesque> i have localhost
<jeffreylevesque> i am opening like '/machine-learning/python/logic_loader.py'
<jeffreylevesque> i am using LAMP in my ubuntu server 14.04
<jeffreylevesque> so apache2
<jeffreylevesque> initially i was trying <form action='/machine-learning/python/logic_loader.py' method='get'>
<zermanno> Hi, is it possible to install ubuntu server from the desktop version into a secondary hard drive? The idea is to then move the hd from the desktop to the server and boot it.
<arrrghhh> zermanno, why not just install the server edition in the server?
<arrrghhh> or install the server edition on the 2nd hdd and move the 2nd hdd to the server...  I'm not sure how or why the desktop version would be involved at all
<zermanno> arrrghhh, the server machine has not monitor nor keyboard, it is not in a place where it is easy to plug both or move the server. The only easy and simple thing that i can do is plugging hard drives
<zermanno> arrrghhh, if i can avoid moving all the stuff the better
<arrrghhh> zermanno, ya I would just install server edition fresh to the hdd going into the server, and before booting it move it to the server.  should be fine...
<arrrghhh> Although I've never attempted that, I think it should work.  May need to do some trickery with the networking, but hopefully not much...
<sarnold> zermanno: any ILO or other similar remote console tools available?
<zermanno> sarnold, no:(
<zermanno> arrrghhh, i thought about that but i am curious if i can install ubuntu on a hd without booting the install drive, i mean from the ubuntu dekstop, without rebooting
<arrrghhh> hmm uuid's may change as well so fstab will probably need tweaking
<arrrghhh> zermanno, sounds like you're trying to make it even more complicated than it already is lol
<zermanno> arrrghhh, yeah but ...why not?
<zermanno> arrrghhh, the uuid is machine dependent?
<arrrghhh> why make it more complicated than it needs to be?
<arrrghhh> is this the Italian way?  :P
<arrrghhh> no but the uuid may change... I'm just trying to think of what could blow up with your moving hdd idea
<zermanno> arrrghhh, ahaha no, but, given is not a priority work i was looking to learn something
<zermanno> spend some times now to easy some future similar stuff
<arrrghhh> zermanno, ah I see.  Well, I will bow out and see if someone else has any suggestions.  I've never tried to do such a thing tho.
<sarnold> zermanno: debootstrap may get you there
<zermanno> i read some old stuff about installing debian this way using debootstrap
<sarnold> zermanno: using kvm with a raw disk may get you there
<zermanno> sarnold, i didn't think about that, ill try thanks
<qman__> You can simply install to a drive, then install it in the server; to make the NIC be eth0 and work out of the box, rm /etc/udev/rules.d/70-persistent-net.rules before booting on new hardware
<qman__> The uuids that matter are those of the filesystems and won't change
<zermanno> qman, thanks
#ubuntu-server 2014-08-21
<z1haze> how can i add another ssh key to my authorized keys? how does that process work?
<z1haze> im basically trying to rsync between 2 servrs that boht use key authentication, im just thinking that if both servers accept the same key from me then ill be able to do that?
<tortib> Hello can someone help me with this issue with cacti I'm having?  I have outlined the details here: http://askubuntu.com/questions/514072/blank-cacti-graphs
<halvors> Hi! I'm trying to setup a tunnel to tunnelbroker.net form my Ubuntu box. The problem is that when i add a ipv6 address to my interface statically, it seems to ignore the route thru the tunnel. How can i fix that?
<ikonia> halvors: what does your routing table show
<halvors> ikonia: Here is my Ipv6 routing table. http://pastebin.com/byXJjmDP
<halvors> Where 2001:470:27:436::1 is the tunnelbroker endpoint and 2001:470:27:436::2 is my address.
<ikonia> halvors: so your default is the tunnel device
<halvors> Yes.
<ikonia> seems odd that it would ignore the default route
<halvors> http://pastebin.com/Fxhwaug1
<halvors> ikonia: That is my configuration.
<ikonia> halvors: sady I've not setup a tunnel like that before so I don't know if that's right or wrong
<Abhijit> how can i stop ubuntu to make me retpye the password second time at installation even if i mention it as plain text in preseed file?
<halvors> ikonia: Ok.
<Abhijit> it ask it by sayng it want me to be sure about spelling.
<ikonia> Abhijit: you have to confirm the password or have it configured in your auto deployment
<Abhijit> ikonia, i have configured it in my preseed file.
<halvors> ikonia: But let's say that i have a statically assigined ip address that is provided by he.net. Then it should default route thru the tunnel without a gateway set on the interface?
<ikonia> Abhijit: doesn't sound like it
<Abhijit> ikonia, what does these two lines sound like? d-i passwd/root-login boolean true
<Abhijit> d-i passwd/root-password password mypasshere
<ikonia> halvors: you have a static ip address, and you connect to something not on that network iti will use the default route
<ikonia> Abhijit: that doesn't look right, but I don't have an example heere to share with you
<halvors> Yes, that's what i thought, but my problem is that it doesn't _)
<halvors> :(
<ikonia> halvors: I'm wondering if the 6->4 translation is confusing the route
<halvors> possible...
<ikonia> but it should still use the 6 default, by default
<Abhijit> ikonia, I will be highly appricatie if you tell me whats wrong in those two lines.
<ikonia> Abhijit: I've not got anexample here to share, but that syntax doesn't look as I've remembered it
<Abhijit> ikonia, when you remeber those examples kindly edith this page here at https://help.ubuntu.com/12.04/installation-guide/example-preseed.txt
<ikonia> Abhijit: I could be wrong I don't have a reference here, but it doesn't look right
<Abhijit> ikonia, sure. np. i am just requesting you so that next time someone like me visits that page can use the right example not just me. if i got the correct syntax i will updathe the page.
<halvors> ikonia: Got it working now :) Had an ip6tables configuration file that was loaded and dropped traffic :(
<halvors> ikonia: Thank you very much for help, appirciate it ;)
<ikonia> hallyn: so it was going out of the default route, just getting dropped
<hxm> hi
<hxm> what is this? 014 Aug 21 12:49:49 datatec PAM service(sshd) ignoring max retries; 6 > 3
<hxm> is someone trying to bruteforce ssh?
<YamakasY> hxm: I think Putin tries too
<bitfury> Hey guys, so I have this server which was pegged at 93% memory use this morning.. stopped the responsible service but the box memory usage still high (3.1G/4G)
<bitfury> nothing else is using this much memory
<bitfury> ha, cleared cached/buffers and came back to normal
<RoyK> bitfury: how was the swap use? and how did you clear the cache/buffers?
<Free95> hey all, random question: how would I recover the options I used when running ./configure for a package?
<Free95> I tried using "history" but there are too many potentials
<RoyK> Free95: probably the last one in 'history' ;)
<RoyK> Free95: not sure if all packages store the configure string - I don't remember
<bitfury> RoyK: box wasn't swapping at all, cleared it with 'free && sync && echo 3 > /proc/sys/vm/drop_caches && free'
<RoyK> bitfury: wierd - that shouldn't affect system performance
<bitfury> what shouldn't?
<RoyK> memory used for buffers/cache
<bitfury> isn't buffers/cache how much space applications are currently using?
<bitfury> cached memory
<RoyK> no. buffers/cache is whatever applications aren't using. it's what's used for buffering/caching block devices/filesystems
<RoyK> linux can't tell an application to free memory
<bitfury> I've seen it happen a few times now
<bitfury> really weird
<bitfury> tomcat uses the most memory on this server, it starts low and builds up
<bitfury> maybe a memory leak
<bitfury> no idea why clearing the cache helps bring system memory down though
<RoyK> I've seen linux machines with lots of memory, but high memory load, start to swap early just to get room for more buffers/cache, even if it reduces performance. linux isn't always to smart on such systems. reducing vm.swappiness to 10 or so remedies this, but that looks to me more like a workaround than a fix
<bitfury> after stopping tomcat of course
<RoyK> I guess restarting tomcat was what made it better. java is a memory hog
<bitfury> I stopped tomcat but memory was still high
<RoyK> btw. testing with 14.10, I have some issues with systemd:
<RoyK> root@u-dev:~# systemctl -l
<RoyK> Failed to get D-Bus connection: No connection to service manager.
<RoyK> bitfury: do you have the output of "free" after stopping tomcat?
<bitfury> let me check if my terminal buffer still has it
<bitfury> RoyK: http://pastie.org/9491947
<RoyK> 4190044 free
<RoyK> after subtracting what's used for buffers/cache, which will be released anyway, if needed
<RoyK> what does "free" say at this point?
<RoyK> uh
<RoyK> sorry
<RoyK> that was top (and I pasted the swap)
<bitfury> right
<RoyK> did you have the output of the command "free"?
<bitfury> yep one sec
<RoyK> it gives more detail
<bitfury> RoyK: http://pastie.org/9491956
<RoyK> -/+ buffers/cache:     325400    3723020 <-- plenty of free memory, hardly any swap used - shouldn't be a problem
<RoyK> maybe sshd hadn't been used in a while and thus had swapped out pages?
<bitfury> that's buffers/cache though, Top reported 3.4G of memory used!
<RoyK> linux usually swaps out things not in use - it's no reason to keep everything in memory when memory can be better used for caching than holding processes not currently in use
<RoyK> so does free: Mem:       4048420    3105368     943052, but that's really irrelevant
<RoyK> you don't *want* free memory - you want it to be used for cache and buffers to avoid reading from a slow disk too much
<bitfury> im confused, so you're telling me not to trust Top "used" report
<bitfury> cause it's irrelevant
<RoyK> top shows what's used by both processes, cache and buffers
<RoyK> free also does that, but has this -/+ buffers/cache line that shows you how much free when not counting what's used by buffers and cache
<RoyK> that's far more relevant
<bitfury> brb - got called into a meeting
<RoyK> if you want your system not to use swap unless it's not strictly needed, set vm.swappiness = 1
<RoyK> but then - in *most* cases, it's better to let Linux do what it wants - it may take a second or two to ssh into the box if some of sshd's pages have been swapped out, but only the first time
<bitfury> RoyK: my confusion mostly comes from the system reporting ~3.4G in used and buffers/cache reporting 3.7 available for use
<RoyK> bitfury: that's normal - really - there's a lot of questions about this topic
<bitfury> you're saying the system had plenty of memory but top is reporting it didn't :(
<RoyK> bitfury: see 'free' output - that reports it correctly. "free" memory as reported by "top" is memory that's not in use by anything, but you *want* the memory to be used for caching if apps aren't using it.
<bitfury> RoyK: cool thank you, it's kind of confusing but I guess is just a misunderstanding of terms. This is a good page on the topic: http://www.linuxatemyram.com/
<RoyK> ubottu: linux ate my ram is http://www.linuxatemyram.com/
<bitfury> like you said earlier, clearing the cache shouldn't affect system performance or amount of RAM in use
<bitfury> so very weird memory dropped when I cleared it
<RoyK> bitfury: not wierd at all - you removed everything from the cache
<RoyK> bitfury: that system call is meant for developers wanting to benchmark things - not for users or admins
<Pici> RoyK: we actually already have !ram setup to include that site :)
<RoyK> Pici: ah
<RoyK> !ram
<ubottu> If you are wondering why some tools report your system has very little free memory, have a look at http://www.linuxatemyram.com/ | A short primer on Linux memory management can be found here: http://sourcefrog.net/weblog/software/linux-kernel/free-mem.html
<RoyK> Pici: thanks
<Pici> np :)
<RoyK> erm
<RoyK> The requested URL /weblog/software/linux-kernel/free-mem.html was not found on this server.
<bitfury> RoyK: got, thanks again :D
<bitfury> it
<RoyK> Pici: seems that page doesn't exist anymore :P
<Pici> o.  I'll update it.
<Pici> !memory =~ s/|.*$//
<ubottu> Nothing changed there
<RoyK> (perhaps !mem?)
 * Pici pesters ubottu in private
<RoyK> (or !ram)?
<RoyK> hehe
<bitfury> RoyK: in other words, it's good to see cached memory allocated from free memory apps are not using, top will report this as used memory but it really isn't.. as applications need more memory it will grab what it needs back from cache.
<RoyK> bitfury: bingo - it's used - but for caching/buffering - which is good. memory not used isn't good
<bitfury> im horrible at explaining it, but think I got it :P
<bitfury> got it
<RoyK> bitfury: linux will just free it whenever a malloc() is issued. what you saw, was probably sshd's pages swapped out, which isn't a big deal, it just takes a second or two to get them back when you login the first time
<bitfury> I see, learned something new today.. I can sleep happy tonight
<RoyK> :)
<RoyK> if you have a linux system with high memory load (lots of memory traffic), you *may* see it start to use large amount of swap for some (to me) unknown reason. If you do, change vm.swappiness (sysctl) to a lower level than the default value of 60
<bitfury> haven't seen this box do that even though it does use a lot of ram due to tomcat and the java app running but will keep that in mind, thx.
<RoyK> bitfury: haven't seen it with application servers either, but sometimes with file servers with heavy load
<bitfury> heh, file servers are evil
<RoyK> if you have 5k+ users on a file server, I/O patterns will be somewhat awkward
<bitfury> fun
<mip5> Hi - running ubuntu 14.04.1 server, 2@ 2.4 GHz qc cpus, 12 gbs ram, 6 @300 GB 15K drives (raid 6), LSI SAS 9260-8i raid controller. The server is a mysql slave, and also an nfs server for rsnapshot backups from ubuntu vms. nfs-kernel-server keeps stopping during the  rsnapshot jobs, and is causing the clients to get hung. Sudo service nfs-kernel-server start *appears* to work (doesn't throw...
<mip5> ...any errors on the cli), but service nfs-kernel-service reports nfsd not running. The only way to restart nfs-kernel-service is with a server reboot. /etc/exports options are: (rw,sync,no_root_squash,no_subtree_check). Any ideas why this would happen? How would I increase the logging to try to track this down? Thanks!
<sarnold> mip5: does this describe the situation? https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1356361
<uvirtbot> Launchpad bug 1356361 in nfs-utils "rpc.mountd crashed with SIGSEGV (dup-of: 1355829)" [High,Confirmed]
<uvirtbot> Launchpad bug 1355829 in nfs-utils "rpc.mountd segfaults after upgrading to 1:1.2.8-8ubuntu1" [Undecided,Confirmed]
<mip5> I'm running 1:1.2.8-6ubuntu1.1 -
<mip5> though the symptoms seem the same. I don't know *why* or *what* is causing the crash though, so I can't be sure the bug affects me. It did start happening after I got the latest package last friday, 8/15
<mip5> What repository would I need to add so that I could get the nfs-common_1.2.8-9, nfs-kernel-server_1.2.8-9?
<mip5> maybe I'm barking up the wrong tree. What would be the recommended fix for this issue?
<bananapie> If I use iproute2 to route packets, do they still go through netfilter ( iptables -t nat POSTROUTING ) ?
<bananapie> Here is my iptables firewall and my ip route show. Packets going out on eth1 are not being mangled and are keeping the IP 192.168.0.x. Ignore the 192.168.36.x network
<bananapie> http://pastebin.com/Fn6z84Gk
<bananapie> Why isn't iptables doing nat on my packets?
<SCHAAP137> âââ¸â»âââ»â»âââ¸â» â»âºâ³â¸
<SCHAAP137> ââºâ âââ«âââºââ£ââ« â
<SCHAAP137> âââ â¹ â¹â¹ââââ¹ â¹ â¹
<SCHAAP137> ah, wrong window lol
<SCHAAP137> :D
<bananapie> instead of eth0 why not localnet ?
<bananapie> Why don't we use arbitrary names for network adapters in linux, like windows does?
<bananapie> descriptive*
<keithzg> You can, if you want.
<keithzg> Although I wouldn't choose localnet, personally . . . sounds and looks too much like localhost!
<keithzg> But you can certainly just set up, for example, a udev rule that specifies an arbitrary name for an adapter.
<bananapie> ok, example name was perhaps bad.
<keithzg> Well, and the fundamental issue IMHO is that any automatic system isn't likely to know what connection the user would conceptualize it as, necessarily.
<keithzg> And the usage of "eth" for ethernet, "br" for bridge and "wlan" for wireless LAN, then enumerating the connections as eth0, eth1 etc if there are multiples, is probably the best that's reasonable from a fully automatic point of view.
<bekks> bridges and wlan are ethernet devices too. from that point of view, "eth" as naming scheme would be enough - unless you have devices which arent ethernet.
<bananapie> If I setup policy routes with ip ( iproute2), do my packets cross iptables -t nat POSTROUTING table?
<keithzg> bekks: welllll, technically true, but the system *does* tend to know if it's using wired versus wireless drivers, and if it's a bridge. Thus it can, and on most distros does, automatically name accordingly, which IMHO is a good thing.
<bananapie> So, is it a good idea for a sysadmin to rename his/her network cards to be more "user-friendly" ?
<keithzg> Personally I name any bridges I create, but leave any wired adapters as just ethX . . . in no small part because there don't tend to be more than two, and usually just one.
<bekks> bananapie: the best thing would be to work with data links, instead with physical interfaces (which are in fact irrelevant to know).
<bananapie> data link = IP right ?
<bananapie> so work with IPs instead of names like 'eth3' and 'bond0' ?
<bekks> Nope. Data link = "path" of data through you computer, from the physical interface, up to the application working with that data.
<bekks> It is not bound to have an IP.
<bananapie> ah ok
<bananapie> I'm learning iproute2, apparently I've been doing it wrong. I was using ifconfig and route.
<bananapie> iproute2 commands give output that looks very similar to bsd
<keithzg> I dunno, as a sysadmin I find the physical interfaces pretty damn important to know on a nearly daily basis, heh. Obviously scenarios may vary (company I work for is very small but tech-intensive, scraping by with cobbled together consumer hardware).
<bekks> keithzg: When working with data links, you define them once, and you never have to care about the physical interfaces again.
<keithzg> bekks: That's working under the assumption that the physical networking hardware isn't failing due to age and a scary, scary electrical system in the building :P
<bananapie> bekks, what do you use for a firewall? Do you not specify physical links in your iptables commands?
<bekks> keithzg: Well, you will know the hardware failed when your data link fails. And the data link will tell you which interface failed. So no need to know that before it gets important. :)
<bekks> bananapie: I am using iptables, but the concept of datalinks isnt implemented in linux at all ;)
<bananapie> ah'
<keithzg> bekks: Fair enough. Not really sure what help 'data links' would be in my scenario anyways, though. It's not like things don't Just Work as long as the interfaces are up!
<mip5> gotta cruise
<StolenToast> if I want two public keys on my server do I simply add each as one line in authorized_keys?
<StolenToast> wait it worked, my problem was I didn't specify the login name
#ubuntu-server 2014-08-22
<user123321> What do you call a collection of paraller load balancers?
<user123321> parallel*
<Ham62> hi
<Ham62> I need help setting up my server
<Ham62> I've been having problems with getting it to work and I don't know what I'm doing wrong
<Ham62> could any of you help me with this?
<Ham62> I have a screenshot to show you what I've had trouble with
<Ham62> http://i.imgur.com/qd57rSr.gif
<Ham62> sorry if I typed that wrong, had to switch too a new client after the channel crashed my old ole
<Ham62> to*
<Ham62> old one*
<Ham62> after I restarted my server I couldn't get nginx to launch again
<Ham62> anyone have a idea as to how I could fix this?
<Abhijit> Ham62, whats the actuall error you get? do you mean cron is failing to start nginx or you manually do servire nginx start and it fails?
<Ham62> it's not loading
<Ham62> after I type the loading command it doesn't do anything
<Ham62> it just sits there and when I check the status it says it hasn't started
<Ham62> It gives no actuall error itself
<Ham62> I have the server beside my now if you need me to check something
<Ham62> I've got a keyboard and LCD monitor plugged in because my Win98 system crashed trying to connect to the channel
<Ham62> so I moved to my Win2000 laptop beside the server
<apb1963>   i'm having problems connecting over wireless.  At the moment, I'm using wicd.  It seems to get stuck on "Verifying AP association...".   Without wicd I can get the connection up and ping the Net - but if I take eth0 down, my wireless goes away too.  wicd is the only way I can bring eth0 back (which is the main reason I'm using it).
<apb1963> I asked in #ubuntu and #networking, so far no response...  Been googling for 2 days straight.
<sarnold> apb1963: maybe askubuntu.com? be sure to include details like how you bring eth0 down and log entries..
<apb1963> hmm
<apb1963> sarnold: I broke askubuntu.com :/
<sarnold> apb1963: achievement unlocked!
<apb1963> lol
<sarnold> apb1963: which question is yours? I don't spot it on the list..
<apb1963> I can't enter one
<sarnold> oh?
<apb1963> It says "Welcome back .... You've been logged in.  You are being redirected"... and it keeps recycling that, over and over.
<sarnold> apb1963: wow :)
<apb1963> So I can't ever get to the asking questions part
<sarnold> apb1963: try visiting one of the other sites in the network, e.g. stackoverflow.com, maybe that'll poke it in the eye
<apb1963> yeah... I'm an over-achiever
<apb1963> sure, why not
<abhishek> hello I want do multipath partitioning . I have installed all packages but fdisk -l is displaying multiple disks what can I do now
<apb1963> sarnold: Yo're going to like this:  http://picpaste.com/askubuntu-53rhze6M.png
<sarnold> abhishek: seen this yet? https://help.ubuntu.com/14.04/serverguide/dm-multipath-chapter.html
<sarnold> apb1963: wow!
<abhishek> oh yes !! I have read and following this guide only
<sarnold> apb1963: hrm I can't get openssl s_client nor my firefox to break..
<apb1963> sarnold: i'm speshul
<sarnold> apb1963: yes :)
<sarnold> apb1963: ha, what are you doing to -my- computer? I started chrome to see if it could fail too, and I've got sixteen little thumbnails of the "New tab" and start of the titlebar...
<apb1963> sarnold: lol  I'm contagious
<apb1963> why do all the "forgot password" links always ask you for the email address?  It knows the email address I just tried to use, why can't it pre-fill it for me?
<sarnold> don't get me started on web login forms..
<cfhowlett> apb1963, autofill is a security leak
<apb1963> cfhowlett: feeding me back what I just typed in is a security leak?
<sarnold> apb1963: obviously you can't be trusted -- look what happens!
<apb1963> sarnold: no doubt
<apb1963> i hate stackexchange
<apb1963> passionately
<apb1963> may it die a horrible death
<Abhijit> oh. yay. me too. but why do you apb1963 ?
<apb1963> Abhijit: I could go on for... 10 minutes.
<Abhijit> use pastebin?
<apb1963> nah
<apb1963> what would be the point?
<apb1963> the guys that built it think it's wonderful
<apb1963> it won't change.
<Abhijit> then write a blog post?
<apb1963> so I'll get.. what... 3 hits?
<sarnold> if you could log in you could write little complaints on meta.stackexchange.com and get votes!
<Abhijit> you mean get down votes.
<apb1963> will I get to be president?
<Abhijit> of?
<apb1963> yeah, down votes is more like it.
<sarnold> -1 -1 -1 -1 -1 CLOSED! haha
<apb1963> My freakin' questions get down voted.  As if I'm wrong for asking for help!
<apb1963> The so called "moderators" arbitrarily close out questions that have over 50,000 hits because "it doesn't fit" or whatever.
<apb1963> People with wrong answers get more votes than people with right answers because the wrong answers came first.  It's sheer stupidity.
<Abhijit> what happend to #ubuntu-server ? today so much traffic here? else no one even to help ?
<apb1963> And so on.
<apb1963> all of irc has been fairly dead
<Abhijit> then where to go?
<sarnold> usenet in 1995! it had all the answers..
<apb1963> I miss usenet
<Abhijit> !
<apb1963> I miss public access sites and bbs'
<apb1963> I almost miss modems :)
<apb1963> I was going through (and shredding) some old  papers recently and I found some with uucp addresses
<sarnold> oh man
<apb1963> You know I met Jon Postel?  Shook his hand.
<sarnold> sweet :D
<apb1963> almost worked for his colleague
<apb1963> they weren't paying enough :)
<sarnold> I got some help from ian lance taylor when setting up a taylor uucp <-> honey dan ber uucp system..
<apb1963> cool
<apb1963> I remember setting that up
<sarnold> crazy to run into him in modern times still, hah
<Abhijit> .... and who are those ?
<apb1963> Neil Rickert held my MX record
<sarnold> Abhijit: ian lance taylor wrote one of the two major uucp packages, taylor uucp
<Abhijit> ok
<Abhijit> you two seems some old guys!
<sarnold> jon postel put together the half of the internet that vint cerf didn't put together :)
<apb1963> he was the father of TCP/IP
<Abhijit> ok
<apb1963> Neil Rickert wrote the book on sendmail (literally).  Along with Eric Allman (the developer).
<sarnold> apb1963: haha, nice :)
<apb1963> he's still a professor at NWU
<apb1963> nice guy
<apb1963> sadly, Jon Postel died quite a few years ago.
<apb1963> I got to name two of the the cities in the .us domain
<apb1963> they didn't yet exist, so they gave me the choice of what to name them.
<sarnold> :D
<apb1963> those were the days
<apb1963> so I can't even reset my password on stackexchange.
<apb1963> I think it's time to crumble some cookies.
<sarnold> things were easy there until they rolled out some oauth crazyness.
<apb1963> hey, that worked :)
<apb1963> now I have another account on a related stackexchange site
<apb1963> yay for zillions of accounts I didn't want in the first place.
<sarnold> "life is remembering 90 different log-in IDs and passwords then you die" https://twitter.com/ch000ch/status/501190628865482752
<apb1963> well, it's definitely stackauth that's going nuts....  I can't seem to make it stop. Clearing the cache didn't help
<apb1963> sarnold: I use keepass  works fine... just irritating to have to depend on something like that.
<apb1963> Finally
<apb1963> stomped on the stackexchange cookie
<apb1963> ground it into dust
<apb1963> now if i could only remember my question :/
<sarnold> apb1963: some kind of wifi problem with eth0. heh.
<apb1963> yeah, typing it up ow
<apb1963> now
<apb1963> thanks :)
<user123321> Could someone give me an idea to easilly measure the downtime of an Ubuntu server?
<user123321> I'd just like to measure the time taken for an HAProxy to switch the server in case of a failure.
<lordievader> Good morning.
<lordievader> user123321: Check the syslogs and subtract?
<sfix> anyone ran into this with a fresh MySQL install on 14.04: [ERROR] Function 'innodb' already exists ?
<MrPPS> not for me sfix
<MrPPS> though I've seen it working through inndob stuff when freshly installing it
<MrPPS> that's about it
<hey_joe_> question. I am using vhost_alias for home folder site by subdomain.  everything works fine.  however users can also view and list other users /home folders.  what is the best permission set to use on the /home/user/ and /home/user/html folders, so that each user cannot cd into another's home, list files, etc.  BUT, still allow apache2 to serve up the pages with out the "Forbidden" issue?
<bitfury> good morning all
<SCHAAP137> good afternoon
<linuxboobiz> hello.
<linuxboobiz> i have setup a new server and installed xrdp. however when i try to connect to it i get a grey screen as notmal users. xfce4 works when i am using root. but not for my normal user. i tried adding a new file called x.session to my home dir and put xfce4-session in it.. but it doesnt work.
<linuxboobiz> how do i fix this ??
<linuxboobiz> *.xsession
<linuxboobiz> im using ubuntu 14.04
<linuxboobiz> google dosent make me smarter either
<streulma> hello I just created a vps and my /var/cache and /tmp directory are missing
<streulma> can I rebuild it ?
<Blackthorn> Hi, i currently run citrix xen server 6.2.0 with server windows 2003 servers on each machine.  For finical reasons and to increase the speed of dns look up's and website delivery I'm wanting to replace them with ubuntu server edition.
<Blackthorn> do you know if the server edition will run on xen server 6.2.0 and how secure is it after a fresh install?
<jacobw> Blackthorn: You can run Ubuntu in any kind of OS virtualisation environment, you see the known vulnerabilities in 14.04 (LTS, 'trusty') here, http://www.ubuntu.com/usn/trusty/
<jacobw> !security
<ubottu> Security Updates are dealt with here:  https://help.ubuntu.com/community/Security - See also !root, !firewall and !server
<Blackthorn> thank you for the likns
<dav1dp0101> Does anyone have any experience setting up JACK audio connection kit on ubuntu-server? I'm not getting any sound through playback or capture at the moment. Any help is appreciated, thanks!
<Blackthorn> when i'm installing the server package it prompts me if i want to install packages. i selected dns, and openssh, one selection though is "basic ubuntu server" what is that?
<SCHAAP137> Blackthorn, i think that is just the install base that is needed by default
<SCHAAP137> would be surprised if u could unselect it
<SCHAAP137> maybe someone else can verify this?
<Blackthorn> it actually wasn't selected
<apb1963> sarnold: http://askubuntu.com/questions/514555/ubuntu-12-04-wifi-not-working  According to the respondant's profile, he's 15 and has been using Linux since 2001.  Is my math off, or was he 2 years old when he first started using Linux?
<sarnold> apb1963: you got the dougie houser of linux!
<apb1963> yeah, and one that  didn't even answer the question... just some general "clean this up" "advice".
<apb1963> Have I told you how much I hate stackexchange?
<sarnold> yeah, for about ten minutes :D
<apb1963> It forces you to do extra, unnecessary work.
<apb1963> Oh, so I gave you the abbreviated version then?
<apb1963> Oh well, I shouldn't complain about free & people that are just trying to make the world a better place.  I apologize to them for ranting.
<sarnold> apb1963: I think you're going to have trouble with both eth0 and wlan0 in the same network and up at the same time
<apb1963> so ubuntu can't handle two interfaces at once?
<apb1963> actually if you read it carefully, you'll see that it ONLY worked WITH two interfaces... removing the eth0 interface made it fall down.
<apb1963> ubuntu (linux?) networking is a mess.  I explored various incarnations of up, down, add, delete, etc. and the results were... unexpected to put it nicely.
<sarnold> apb1963: more that the routing tables don't take kindly to it. if you had two different networks on wired vs wireless, you'd put a gateway on one of them only, and be done with it. but you've got gateways on both..
<apb1963> I'm not sure I quite understand... but if in fact I had two different networks, it seems to me that I would HAVE to have a gateway for each - not a default gateway mind you... there can only be one default... perhaps that's what you're saying?
<sarnold> apb1963: with ethernet, you normally configure routing rules for your NIC that know how to reach the whole network; there's no need for a gateway unless you want to use that network to route your packets to the rest of the internet..
<apb1963> even so... if i take down the eth0 interface (and provided the routing table is cleaned up properly - which appears to be an area that needs work) then all packets should route through the wireless... yet NONE do so, which is the problem.  Remove eth0 and wlan0 falls down.
<apb1963> well, I would say there's a need for a gateway - if you have a need to route packets elsewhere for whatever reason.  Since I have just a miniscule network, I have no such reason.
<sarnold> apb1963: the tools probably assume that you've configured your networks differently
<apb1963> you're probably right.  So, with that said... how the heck do I get this working?
<apb1963> with both interfaces up, I can ping the Net through the wlan0 interface.  As soon as I remove eth0, wlan0 stops working.
<sarnold> you don't want both nics up at once
<apb1963> As soon as I remove eth0, wlan0 stops working.
<sarnold> I don't know wicd at all, but it sounds like it fights against the /etc/network/interfaces method, if our friend chili555 is right
<sarnold> oh yikes
<sarnold>  I shld have actually looked into what wicd does last night.
<sarnold> yeah, either stop using wicd or stop using /etc/network/interfaces :) your choice, hehe
<apb1963> Maybe, maybe not.  I watched it's log and it appears to simply use the various tools available... running scripts, using ifconfig and whatnot
<apb1963> I already stopped using wicd....
<sarnold> purged and all?
<apb1963> at the 15 year old's suggestion.
<apb1963> not purged... just, stopped.
<apb1963> it's not running
<sarnold> it might have left tendrils elsewhere, purging might make sense
<apb1963> you're right.  It's got tendrils running.
<apb1963> Package wicd is not installed, so not removed
<apb1963> it's hiding
<apb1963> apt-get purge wicd-daemon
<apb1963> you know wicd is pronounced wicked right?
<sarnold> oh man. says it all.
<apb1963> ok, it's purged
<apb1963> PING 8.8.8.8 (8.8.8.8) from 192.168.0.12 wlan0: 56(84) bytes of data.
<apb1963> From 192.168.0.12 icmp_seq=1 Destination Host Unreachable
<sarnold> does iwconfig show it associated with the AP and so forth?
<apb1963> yes
<apb1963> ifdown wlan0
<apb1963> ifdown: interface wlan0 not configured
<apb1963> ifup wlan0
<apb1963> RTNETLINK answers: File exists
<apb1963> Failed to bring up wlan0.
<apb1963> and now it's unassociated
<sarnold> ifup and ifdown are annoying creatures; if you change your /etc/network/interfaces file you can sometimes lodge them in unhappy. reboots are often the easiest way to bring things to normal with those goofy tools.
<apb1963> well, what I've been doing is clearing out all the tables
<apb1963> ifconfig down <each interface>
<apb1963> followed by deleting any leftover routes
<apb1963> when I get no response to ifconfig, I add back the devices starting with lo
<apb1963> for some reason, adding back lo also adds back eth0.... even though it's commented out of /etc/network/interfaces
<apb1963> that's ifconfig lo
<apb1963> up
<apb1963> but yeah, it's true I haven't tried rebooting with just wireless configured.  I suppose I should try that... I just don't like rebooting.
<sarnold> apb1963: ifconfig lo  adds in eth0? o_O
<apb1963> weird huh?
<apb1963> try it :)
<apb1963> I'll repeat... networking is a mess.
<apb1963> I forget what sequence of incantations make it fail to add a default gateway.. but it doesn't seem too hard to recreate.
<qman__> You probably have network-manager or some similar daemon screwing with your interfaces
<apb1963> nope
<apb1963> I purged network-manager awhile ago
<apb1963> although, I will happily attempt to purge it again and if you can think of other daemons that might be playing with me..... feel free to mention it.
<apb1963> Package network-manager is not installed, so not removed
<apb1963> oh I remember cursing at avahi awhile back... I think that's still here.
<apb1963> what tool and options will let me search for "*avahi*" and return those packages that match and are installed on my system?
<qman__> apb1963: dpkg -l | grep avahi
<apb1963> thank you
<apb1963> apparently I have lots of avahi tendrils
<qman__> apb1963: any that start with ii are installed, rc are removed but configuration remains (was not purged)
<apb1963> thanks for that.  I appear to have a mixture.  The daemons are rc, but the libs are ii.
<qman__> Libraries don't do anything on their own and are fine
<apb1963> trying to think of any other network daemons I might have either installed or that came in on the underground railroad
<ldelarosa> Hey guys I need a iptable rule to let all traffic jump from internal interface to external.
#ubuntu-server 2014-08-23
<fridaynext> i've installed lm-sensors, but when i execute "sensors", this is all I get - http://pastebin.com/raw.php?i=x3YJkKHd
<fridaynext> any idea how to get fan speeds as well?
<PryMar56> fridaynext, append kernel cmdline acpi_enforce_resources=lax
<fridaynext> PryMar56: do you mean to type all of that after "sensors" ?
<PryMar56> modify grub for vmlinuz
<PryMar56> there is usually a conflict between chip drivers like w83627hf and acpi
<fridaynext> PryMar56: ah - I didn't run sensors-detect first.
<fridaynext> just ran that, now rebooting to see if I get more data.
<user123321> HAProxy gives me a warning that FD limit is too low (1024), but I have already raised it in LUbuntu, any idea?
<lordievader> Good morning.
<Abhijit> i have set d-i netcfg/choose_interface select eth0 and using this preseed file for ubuntu installation on two nic system. at installation it still ask me to select nic manually.
<izarry> hello?
<Abhijit> hi
<izarry> can i ask a question here? cuz im new at ubuntu server, and im installing the squidguard , should i install gksudo on server too ? or on desktop?
<Abhijit> no
<Abhijit> you dont use gksudo on server. only sudo.
<Abhijit> izarry, ^
<izarry> i am following this instruction https://help.ubuntu.com/community/SquidGuard and im stuck at squid configuration :(
<Abhijit> so ask the actual squid question.
<lordievader> izarry: gksudo (or kdesudo for that matter) is used for applications with a gui, since a server rarely features a gui sudo suffices.
<izarry> lordievader, oh okay thanks for that good info
<Abhijit> okey ...
<Ronnie> I have a problem upgrading a 10.04 ubuntu server in a openvz container. do-release-upgrade failed and left me in a (for me) unsolvable state: http://paste.ubuntu.com/8120778/
<darksider> hi all
<darksider> I have an Ubuntu headless media server. I experience random system total freezes. Can someone advice me on how to investigate the issue?
<RoyK> darksider: first, pastebin output of dmesg
<RoyK> !pastebin | darksider
<ubottu> darksider: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<darksider> omw
<darksider> RoyK: I'm trying to get it to freeze again. Can seem to be able for now, will pastebin dmesg as soon as I succeed
<darksider> I'm posting the one I have right now anyway: http://paste.ubuntu.com/8121698/
<darksider> any suggestions, guys?
<RoyK> darksider:  The Paste you are looking for does not currently exist.
<RoyK> darksider: dmesg or /var/log/syslog should have some clues if it's detected by Linux
<darksider> I just clicked the link and it opened for me...
<RoyK> got it
<RoyK> nothing there after the bootup messages...
<RoyK> wierd
<darksider> just got it to freeze
<RoyK> total freeze?
<darksider> yes
<darksider> what shall I do after I reboot?
<RoyK> hm...
<RoyK> perhaps configure a network console
<darksider> I'm accessing it using SSH
<darksider> as it's headless. Should I pastebin the syslog?
<RoyK> network console isn't ssh - a network console will send you kernel messages that are meant to be output to the console
<RoyK> yeah, check /var/log/syslog
<RoyK> tail -100 /var/log/syslog | pastebinit
<darksider> http://paste.ubuntu.com/8121831/
<RoyK> nothing there either
<RoyK> try a memory test - attach a monitor and keyboard to the thing to see if there's any output when it hangs - or use a network console
<RoyK> https://wiki.ubuntu.com/Kernel/Netconsole
<darksider> does syslog reset after reboot? I just see entries after the reboot
<RoyK> no, it doesn't, or if it does, the old one is /var/log/syslog.1
<darksider> http://paste.ubuntu.com/8121860/ the entire content of syslog
<RoyK> CIFS VFS: bogus file nlink value 0
<RoyK> not sure what that means
<RoyK> darksider: how often does it freeze like this?
<darksider> I have deluge torrent installed on the server. Trying to download a 50Gb torrent, and it seems to freeze every time, at some point. The torrent is being saved on a NAS, which is mounted using CIFS
<RoyK> darksider: start with a memory test
<RoyK> darksider: attach keyboard+monitor and run the memory test from grub
<darksider> RoyK: done it some time ago with no errors, will try it again
<RoyK> also
<RoyK> what sort of NAS is this?
<RoyK> looks like something is messed up with CIFS
<RoyK> so if you can use NFS, it may work around the problem
<darksider> it is an Apple timecapsule
<darksider> is NFS more stable than CIFS?
<RoyK> not necessarily, but it looks like there are some CIFS issues according to your logs
<RoyK> which ubuntu version is this?
<darksider> 14.04
<darksider> tried to lookup the error, couldnt find anything of use
<RoyK> me neither
<darksider> do you think it can go so far as to create a kernel panic?
<RoyK> attach a keyboard+monitor
<RoyK> or use a netconsole
<RoyK> then you'll know
<RoyK> netconsole will be better for logging
<darksider> im doing a memtest right now, with keyboard and monitor attached
<RoyK> a panic isn't necessarily logged
<darksider> so once the memory test is done, I shall try to reproduce the freeze while looking and the error console
<darksider> right?
<RoyK> darksider: setup a netconsole first
<darksider> Ok
<RoyK> darksider: found anything_
<RoyK> ?
<darksider> RoyK: just finished memory test: no errors
<darksider> about to setup the netconsole
<darksider> RoyK: In the tutorial, it points to modifying menu.lst, which I dont have, instead I should probably edit /boot/default/grub.cfg
<darksider> right?
<cfhowlett> darksider, menu.lst is OLD grub.  grub2 uses grub.cfg.  Check your tutorial
<darksider> cfhowlett: just saw it, thanks :)
<RoyK> darksider: got the netconsole running?
<darksider> yes
<RoyK> nice
<RoyK> then try to reproduce
<darksider> done :)
<RoyK> any output on the netconsole?
<darksider> http://paste.ubuntu.com/8122486/
<RoyK> hm... so no panic?
<darksider> seems like it
<darksider> what now? :)
<RoyK> darksider: no idea, really, but guess the issue is related to cifs
<RoyK> darksider: which kernel?
<darksider> Linux mediaserver 3.13.0-34-generic #60-Ubuntu
<RoyK> darksider: sorry - no idea :(
<darksider> RoyK: thank you for your help. It was worth trying it
<RoyK> darksider: maybe there's a flag for debugging kernel...
<RoyK> http://www.debian-administration.org/article/492/Debugging_system_freezes
<RoyK> when the system freezes, can you use magic sysrq?
<RoyK> https://en.wikibooks.org/wiki/Linux_Guide/Freezes#Alt.2BSysRq
<RoyK> darksider: ?
<RoyK> darksider: also - does it freeze indefinetely, or just for a short time?
<darksider> sorry, was awk: trying to freeze it again. It freezes until reboot
<RoyK> darksider: back in 20min
<darksider> ok
<darksider> RoyK: dosnt respond to magic key commands
<RoyK> hm
<RoyK> does it respond to them while the server's running?
<RoyK> before freeze?
<darksider> havent tried, im gonna try installing a usb hdd and try to write the torrent there
<darksider> see if it still freezes. This way i'll know if its the CIFS
<RoyK> mhm
<darksider> btw, now that i inserted a new disk, the old usb one is sdc (instead of sdb), which spoils my mounts, is there any way to avoid this?
<RoyK> darksider: any luck?
<Farva> hello everyone
<Farva> so I am having a DNS issue
<Farva> we can connect to our server through the system IP and stay connected for days, but when we try to connect through the vIP's or by pointing a DNS at any of the IP's (virtual or system) we time out in a minute or two
<Farva> when I nslookup those DNS address' they are reporting a server I have not defined through cloudfare
<Patrickdk> well, don't use cloudfare then?
<Farva> I don't think cloudfare is the problem here, I have been using them for a year with no issues like this
<Farva> I think it is something on my server machine that I have configured incorrectly
<dasjoe> Farva: check your /etc/hosts, it could contain a stale reference to that hostname
<Farva> k
<Farva> its empty
<zetheroo1> I need to get rid of some erroneous entries in resolv.conf - how should I go about this?
#ubuntu-server 2014-08-24
<qman__> I'm getting 403 forbidden on us.archive.ubuntu.com, anyone else having trouble?
<qman__> seems to be just this one computer, must be something broken with my apt
<qman__> turned out to be a squid problem post-upgrade, had to adjust the config to make it work
<qman__> I have a new weird bug though
<foo> I have php5-fpm setup on ubuntu 14.04.1 LTS but for some reason I'm getting 500 error with this. Been on this for over 30 minutes and cannot figure it out. Getting this in error log: (111)Connection refused: FastCGI: failed to connect to server "/usr/lib/cgi-bin/php5-fcgi": connect() failed - that file doesn't exist. Should it? I followed several guides that all said the same thing. Hmm.
<qman__> when restarting bind, I get a strange error: http://paste.ubuntu.com/8126784/
<qman__> this only happens when restarting bind, nothing else
<Guest60343> foo: check this http://serverfault.com/questions/437514/unable-to-install-php-fpm-on-apache-failed-to-connect-to-fastcgi-server
<foo> Guest60343: thank you, actually, I did that - that's what it is right now, and it still doesn't work. Hmm, that makes sense as to why it doesn't exist then. I don't understand why I'm still getting an error. Thank you for your help!
<foo> Guest60343: I followed the same guide, for the record
<foo> Following access denied I get this:  FastCGI: incomplete headers (0 bytes) received from server "/usr/lib/cgi-bin/php5-fcgi"
<rizzy> hey guys, i would like to set up a wiki page on my ubuntu server. what would be the best wiki code to use
<cfhowlett> rizzy, "best"?  use the one the works for your.  mediawiki is used by wikipedia FWIW
<rizzy> I need a way to set up "articles" that can be searched by users of my web server. Basically storing how-to's on using Webmail, changing password, setting up Outlook, etc.
<rizzy> I don't know if a Wiki would be best, or what would be the best way to approach this.
<rizzy> For example, Article 10001 may be telling you how to change password, and accessing it would be through a link like http://support/ViewArticle?id=10001
<cfhowlett> rizzy, so essentially it's a blog?
<rizzy> Yes and no. The only people posting will be admin's. I would like for people to be able to go http://support and see a list of recent articles and view them.
<cfhowlett> rizzy, that's a wiki.
<cfhowlett> rizzy, see ubuntu's wikis for an example
<rizzy> At our organization we use a web page called Sales Force, and we have an Articles section that contains every possible issue that can arise along with any alerts and they are searchable and viewable. Howto's can be written that has pictures, and PDF/Word docs can be attached.
<rizzy> OK I see I found Ubuntu's MediaWiki install. The one I had found didn't work!
<rizzy> I will test it out and see if it works for me :)
<cfhowlett> rizzy, looks like an interesting project.  best of luck.
<apb_> sarnold: Fixed it :)
<lordievader> Good morning.
<trijntje> Hi all, I'm running rtorrent on a netbook under ubuntu server 14.04, and even under minimal load (upload of 100KB, no download) the netbook keeps dropping of the network
<trijntje> what can be the cause of this? The router remains reachable, and the netbook is connected via ethernet, not wifi
<trijntje> I've put a ping to the affected netbook on pastebin here, the weird thing is that when it comes online again the ping time is 300000 ms: http://pastebin.com/s3Ddat2B
<rizzy> ok so guys I've run into a problemw with this MediaWiki. WHen I download it, untar, put in a folder, upon the first run it has me set up. So I put in the info it asks for, then it generates a PHP. I place that file on the server. Now when I try to pull p wiki page, its blank.
<fridaynext> anyone know of a good hardware channel to discuss pc/server builds?
#ubuntu-server 2015-08-17
<lordievader> Good morning.
<adun153>  I have a server, started it up in single user mode, but it hangs at this part. http://imgur.com/0TbYmtC  Cursor is blinking, so it hasn't really "locked up". Any suggestions?
<lordievader> Seems like it is never leaving the initramfs.
<mahdi>  if it doesn't, you have likely a driver issue, or if you installed a new kernel recently. i have to add eth0=eth0 manually in /run/network/ifstate and then ifup to changes take effect. after restart, interfaces file is correct but system doesnt have new configuraion
<mahdi> hi,on ubuntu server 14.04, i changed /etc/network/interfaces to new configuration in order to have static ip.i have to add eth0=eth0 manually in /run/network/ifstate and then ifup to changes take effect. after restart, interfaces file is correct but system doesnt have new configuraion
<adun153> lordievader: AFAIK, I didn't upgrade it. Anyway, any suggestions on how to fix this? Or at least break out of this sequence?
<lordievader> adun153: Break init at the right moment and investigate to see if something obvious is wrong (no disk, etc).
<adun153> lordievader: How do I "break init at the right moment"?
<lordievader> mahdi: How does your /etc/network/interfaces look like and your /etc/udev/rules.d/70-persistent-net.rules?
<lordievader> adun153: Last paragraph of Initramfs: https://wiki.ubuntu.com/DebuggingKernelBoot
<mahdi> lordievader: no such file in rules.d
<lordievader> Hmm, okay.
<adun153> lordievader: According to my screenshot, it hangs after mount, right?
<mahdi> lordievader:  my interfaces http://pastebin.com/1VeTsRZn
<lordievader> adun153: Agreed.
<lordievader> mahdi: 'auto eth0' misses?
<mahdi> lordievader:  auto eth0 is commented.
<lordievader> Why
<lordievader> ?
<mahdi> lordievader: u r right, it seems my fault , let e check it
<MrButh> is there some sort of program or command where I can track my bandwidth per day/week/month on my Ubuntu server?
<mahdi> lordievader: thanks, done
<NegativeFlare> MrButh: vnstat
<NegativeFlare> MrButh: I was going to suggest it on #ubuntu, but you said you'd ask here :P
<MrButh> thanks man!
<NegativeFlare> np
<NegativeFlare> MrButh: http://lpaste.net/139002 <-- it'll look like this when it comes up
<MrButh> that's perfect, exactly what I wanted
<NegativeFlare> http://paste.ubuntu.com/12106505/
<NegativeFlare> or even that
<NegativeFlare> MrButh: Alright :)
<MrButh> dude it even has a vnstat --live!!
<NegativeFlare> MrButh: mhm
<NegativeFlare> MrButh: The best thing I like about it, is the fact that it can generate images. And you can show off how much bandwidth you've used XD
<MrButh> lol
<rbasak> hallyn: bug 1485456 was just reported. Is this the same issue you're hitting?
<ubottu> bug 1485456 in uvtool "uvt-simplestreams-libvirt sync fails with qemu-img convert error" [Undecided,New] https://launchpad.net/bugs/1485456
<adun153> I added a "break" option to the end of my initramfs call at the boot loader, and it gives me this stack trace soon afterwards: http://imgur.com/bBVaZzE    Is this expected behavior, and if not, what could be the problem?
<lordievader> adun153: What argument to break did you give?
<adun153> none
<adun153> that's supposed to be "premount" by default, right?
<adun153> if none is specified?
<lordievader> There ain't a default.
<adun153> This is from the link you gave me. "The parameter is break=[option] where option can be: top, modules, premount, mount, bottom, or init. The default is premount if no options are specified."
<lordievader> I think you want to break at bottom.
<rbasak> Odd_Bloke: around? https://bugs.launchpad.net/uvtool/+bug/1485456 - cloud image simplestreams metadata has regressed and seems completely broken for downloadable images.
<ubottu> Launchpad bug 1485456 in uvtool "uvt-simplestreams-libvirt sync fails with qemu-img convert error" [Critical,Triaged]
<lordievader> Ah, never mind then ;)
<adun153> yeah, I was trying to break at bottom first, but I was having errors, so I thought, "why not try without any options"
<lordievader> Do you have a busybox in your initramfs?
<adun153> I have no idea. This is Ubuntu 14.04 amd64,  if that helps.
<lordievader> Did you change anything about your initramfs config?
<adun153> AFAIK, no.
<adun153> I just took this over from someone else.
<lordievader> Hmm...
<adun153> okay, looks like I did it correctly this time with "break=bottom"
<adun153> I now have a busy box.
<adun153> What should I do next to help find out why it isn't booting properly?
<adun153> it now says (initramfs)
<lordievader> Check if everything is mounted properly and if init is available.
<lordievader> By the by, do older kernels boot properly?
<adun153> Haven't tried yet
<adun153> It only has the /root partition mounted.
<lordievader> Hmm, that should have been the first thing you've tried ;)
<adun153> Kind of a newbie with these things. :D
<lordievader> Is that everything it needs to have mounted?
<adun153> no. This is the output of df from a parallel node: http://imgur.com/HJbfAky
<adun153> The should be more or less identical.
<lordievader> Does it need /data to boot?
<adun153> No, it has the MySQL datadir and other stuff, but no.
<lordievader> So, it has everthing it need ;)
<lordievader> Hmm, I'd try an older kernel to be honest.
<adun153> ok, I'll try that. I'll come back here if I still see problems. ;p
<adun153> thanks!
<adun153> lordievader: The older kernel doesn't boot, either.
<lordievader> Hmpf
<lordievader> It too just hangs?
<adun153> Yes.
<adun153> Same place.
<lordievader> Pff, did it work before?
<adun153> yes.
<lordievader> What changed?
<adun153> Could it be the hard disks?
<adun153> Well, here's what happened:
<adun153> We suddenly noticed that the server couldn't be pinged or ssh'ed into anymore. Had one of the network guys look at it in the remote DC, and he tried logging in via the console, it would log him in, then immediately log him out again. We did a reboot, and that's where we are right now.
<lordievader> Jup, I guess it is time to check the disk/the filesystems.
<lordievader> Also these kind of things should be the first thing you mention when seeking support ;)
<adun153> Sorry :D
<adun153> Thanks!
<hallyn> rbasak: sounds like it
<rbasak> hallyn: thanks. It should be fixed temporarily now.
<hallyn> awesome, thanks
<jowi> Hello everyone. I'm having an issue with a bin9 server on 12.04. nslookup returns queries for lan machines but does not forward the requests to outside dns servers. The forwarders have been declared in named.conf.options. Would someone be so kind assisting me with the config?
<jowi> "nslookup google.com dns.server.of.isp" works fine
<sarnold> jowi: can your bind9 contact those forwarders via ping? via tcp? via udp? do you need to restart or reload the configuration?
<jowi> sarnold: thanks. actually i just realised that nslookup to the forwarders works via clients but not from the bind9 server. strange no?
<jowi> connection timed out from the bind9 server
<sarnold> jowi: interesting, seems like a good thread to start pulling on
<sarnold> jowi: why nslookup? I thought most dns folks preferrred dig for investigating?
<jowi> sarnold: nslookup is fast. i will verify my network/interfaces config.
<lordievader> Dig allways asks the configured dns server.
<jowi> sarnold: never mind. I replaced my router and the gateway settings of the fixed IP configuration was pointing to the old gateway. It's working now. what a noob mistake
<jowi> :)
<jowi> sarnold: thanks for questioning the basics first.
<sarnold> jowi: woohoo :)
#ubuntu-server 2015-08-18
<neonixcoder> Is ubuntu server upgrade from 10.04 to 12.04 require reboot with out conformation?
<patdk-lap> heh?
<patdk-lap> you need to reboot, yes
<patdk-lap> it will confirm if you want to now, or later
<patdk-lap> but things won't be very stable, if you wait
<neonixcoder> patdk-lap: That is fine.. but middle of some package installation it will reboot with out asking a single question..
<neonixcoder> that is the issue
<patdk-lap> then you have issues
<patdk-lap> that doesn't happen
<patdk-lap> unless your server has other problems
<patdk-lap> OOM, panic, ...
<neonixcoder> I tried numerous times 99% it will fail to upgrade..
<patdk-lap> I have done hundreds of upgrades, on all my servers, never had that happen
<patdk-lap> what does the logs, screen, ... show?
<neonixcoder> patdk-lap: It dont show anything reason why it is rebooting..
<neonixcoder> The logs in /var/log/dist-upgrade shows what package it is installing at the time of reboot
<neonixcoder> Bit strange..
<neonixcoder> on the same disk I tried to install fresh 10.04 and then upgraded which gave me 100% success result.
<neonixcoder> but already existing OS I am unable to upgrade :(
<neonixcoder> any suggestions?
<neonixcoder> with fresh install, I can upgrade but with already existing one I can not upgrade..
<neonixcoder> I am not sure how to check and where to check which is causing this issue?
<khaldrogox> I am seeing "Outage in X days" In cannonical's Openstack "Monitor your region" area, its counting down 2-3 days per each day.
<khaldrogox> I was under the impression that 10 node license is free
<khaldrogox> is that not the case?
<sarnold> neonixcoder: does it matter which debconf front end you're using?
<patdk-lap> you can use frontends?
<sarnold> patdk-lap: dunno, depends on the method used, I didn't see that, so I just asked blindly :)
<neonixcoder> sarnold: I tried your suggestion but did not work.
<neonixcoder> sarnold: I hear from my manager there is a watchdog script running in crontab which is doing this restart, I am going to check that cronjob and see if the upgrade went fine or not..
<sarnold> neonixcoder: ha! that'd definitely do it :)
<MrButh> I am trying to get lines from the apache access.log, but apache moves the file and creates a new one every now and then. So is there some sort of unique identifier that a file will have so I can check if the access.log is a new file?
<sarnold> MrButh: the combination of device id and inode number is unique; check the output of stat access.log
<sarnold> MrButh: granted, if you delete a file immediately before making a new file, you might get the old file's inode number back again
<sarnold> MrButh: but most programs will try to prevent that
<neonixcoder> sarnold: I am really puzzled as I manually removed watchdog script but it could have already loaded in to memory which is doing this.. So planing to disable it and remove it from cron file. Let me see
<MrButh> thanks sarnold
<sarnold> MrButh: hmm, I should have added that if you're just doing shell scripting things, tail -F might be easier than trying to roll your own solution
<sarnold> neonixcoder: any luck? :)
<neonixcoder> Not yet.. middle of it.. As of now all good
<SuperLag> Canonical Landscape seems $$$$$$$$$.
<SuperLag> if you guys have multiple Ubuntu machines to admin, and keep up to date... how do you do it efficiently?
<lordievader> Good morning.
<sysrex> good morning
<lordievader> o/
<halvors> Hi! I have some problems reading PHP5 session files created pÃ¥ Apache and mod_php5 with php runned from the CLI.
<halvors> The php.ini file for mod_php5 and the cli have exactly the same session path set.
<halvors> Could it be that apparmor is preventing the php cli to access those files?
<lordievader> Do the logs say that?
<Hans67521> hi
<lordievader> o/
<halvors> lordievader: The php logs says that it doesn't have permission.
<lordievader> So its a rights issue?
<halvors> lordievader: Haven't gotten to do mor debugging than that yet, but in theory it is fully legit to read apache2 mod_php sessions from cli?
<Hans67521> i'm trying to downgrade openjdk-7-jdk from u79-2.5.6-0ubuntu0.12.04.1 to u79-2.5.5-0ubuntu0.12.04.1
<Hans67521> but it looks like u79-2.5.5-0ubuntu0.12.04.1 is no longer available...
<lordievader> halvors: No idea, don't do much with php here ;)
<skylite> If I have 2 TB free space in a Volume Group, can I remove an hdd (1TB) from that group with vgreduce without data loss?
<lordievader> Depends, do all your lv's fit on 1 disk?
<zetheroo> I am having difficulty adding Ubuntu to a Windows domain. According to the docs (https://help.ubuntu.com/lts/serverguide/samba-ad-integration.html) the first step is to "join an AD domain" using "Likewise-open", but it seems PBIS is now the thing to use. I have installed and ran PBIS but it will not connect to the domain.
<lordievader> skylite: Probably you can btw, but first move everything off that disk.
<skylite> lordievader yes and the hdd I want to remove from the vg has  Allocated PE          0
<skylite> does this mean its not used?
<lordievader> skylite: Correct. Try to remove it first in test mode, might show possible problems.
<RoyK> skylite: yes, you can. pvmove
<skylite> lordievader thx
<skylite> RoyK isnt it vgreduce?
<lordievader> In this case yes, usually there is data on the disk ;)
<skylite> lordievader I see ok just checking
<skylite> dont want to ruin everything here:D
<skylite> but the -t is great
<lordievader> skylite: I know, I usually run "dangerous" stuff with -t and -v first to see what it would do.
<skylite> lordievader yea its great Idea
<skylite> lordievader could I use this pvmove with a disk thats already in use? (if it has enough free space of course)
<lordievader> skylite: What do you mean exactly?
<skylite> lordievader well I have 2x 2TB hdd's in one VG both has 500Gb used for example
<skylite> could I move everything from one hdd to the other and pull out the empty hdd from the vg
<skylite> so I have 1 HDD left in the vg with 1TB used space
<lordievader> Yes. LVM is dynamic. As long as there is storage space to move things to it can be done live.
<skylite> thats cool
<lordievader> I recently moved my root fs from my hdd to the ssd while it was running.
<skylite> nice
<skylite> so you experienced the speed up in one app while the other was still on the hdd? :)
<lordievader> No. That is not how pvmove works.
<lordievader> http://serverfault.com/questions/93218/linux-how-does-the-command-pvmove-work
<skylite> ah I see
<skylite> not THAT live
<skylite> but still awesome
<lordievader> There is no downtime? So live ;)
<rbasak> frediz: around? I'm looking at the kimchi ITP now.
<frediz> rbasak: Hi Robie, I'm in a meeting right now, I'll ping you when I'm done, ok ?
<rbasak> frediz: no problem!
<teward> rbasak: mind if i pick your brain?
<teward> for an opinion at least
<rbasak> teward: sure
<teward> rbasak: so, this isn't new: https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1194074
<ubottu> Launchpad bug 1194074 in nginx (Ubuntu) "Default index.html blindly overwritten" [Medium,Triaged]
<teward> rbasak: and there's already postinst controls to not overwrite
<teward> if only things were in /var/www/html/...
<teward> my thought is to have an Ubuntu-only delta (Debian won't, I've tried arguing it) that makes the default conf look there
<teward> that fixes the 'default overwritten' problem
<teward> but i want a second opinion before i make that delta
<teward> i need to tweak the postinst, a little, but it'd 'work'
<teward> (it takes a page from Apache)
<teward> (or rather, the general approach)
<teward> rbasak: thoughts on that?
<rbasak> teward: I'm not sure I understand exactly what you're proposing. Is there a description somewhere?
<teward> rbasak: the only thing i'm proposing is making a change in the default site config - i.e. apply what was done here: http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/wily/nginx/wily/view/head:/debian/conf/sites-available/default#L36   to older versions in the repositories
<teward> rbasak: currently in older versions, it looks like /usr/share/nginx/html/... is the current docroot, and things get overwritten there, hence bug 1194074
<ubottu> bug 1194074 in nginx (Ubuntu) "Default index.html blindly overwritten" [Medium,Triaged] https://launchpad.net/bugs/1194074
<teward> in later variants, logic exists that 'copies' the default index.html to /var/www/html/index.nginx-debian.html
<teward> which protects against index.html overwriting
<teward> I'd like to take that logic and apply it to the older pakages, such as trusty, etc.
<teward> and apply the default configuration docroot from Wily to the older nginx packages.
<teward> which makes the default document root a place where it won't be overwriting
<teward> (the problem of that bug exists solely because users are using the 'default' location and that older 'default' location isn't 'protected' from the index.html overwrites because of the pakage manager)
<teward> the big issue is that we can't prevent the overwriting in /usr/share/nginx/html/ without substantial scripting of the installation script to check... or we hange the default docroot
<teward> the alternative is E:NoSolution
<teward> rbasak: perhaps i should bring it up at the server team meeting next week, but it's a catch-22 situation
<rbasak> teward: looks like there's more that has been changed than I've been aware of (in a good way) but that means I'm going to need to spend some time looking at the packaging again before I can answer you, sorry.
<rbasak> I'm a bit tied up right now :-/
<teward> 'tis fine
<teward> rbasak: i'm fine leaving it as is, but people keep complaining to me about it :/
<mdeslaur> rbasak: FYI, for memcached, (bug 1462747), the only delta that is remaining is the ubuntu version string
<ubottu> bug 1462747 in memcached (Ubuntu) "Please merge with latest upstream from Debian" [Wishlist,Triaged] https://launchpad.net/bugs/1462747
<mdeslaur> rbasak: since nobody has stepped up to merge this, and the delta is a PITA with autotools, I am going to drop it
<mdeslaur> rbasak: unless you find someone to take care of it
<frediz> rbasak: ping
<rbasak> frediz: hi!
<frediz> :)
<rbasak> frediz: first, sorry for the very long delay. I've been swamped and this has only just made it to the top of my todo.
<rbasak> frediz: so I want to try and get it resolved asap so I don't need to get back to it.
<frediz> rbasak: I guessed so and didn't want to spam you
<rbasak> frediz: it's helpful that you're online, hopefully we can get it done now?
<frediz> rbasak: if possible :)
<frediz> rbasak: what would you need
<rbasak> frediz: I barely even remember the last review, so I'm looking at this "from scratch". It looks good quality on first look at least - thank you.
<rbasak> frediz: only one blocker so far, the other things are minor issues that I can point out but shouldn't block an upload
<frediz> rbasak: let me know
<rbasak> frediz: please tell me if I've already discussed these things with you and came to some kind of conclusion - I'm worried I've forgotten!
<frediz> rbasak: well, I've forgotten a bit, but the last point I tried to improve base on your last recommendation
<rbasak> frediz: we can't symlink from /etc to /usr/share/doc - for various technical reasons but it also turns out to violate Debian policy https://www.debian.org/doc/debian-policy/ch-docs.html#s12.3 "Packages must not require the existence of any files in /usr/share/doc/ in order to function"
<rbasak> frediz: I think we can just additionally install the file to /etc directly, so we get normal conffile handling.
<frediz> rbasak: oh
<frediz> rbasak: Ok, I'll change that
<rbasak> frediz: nothing else I've found so far is an issue for upload, though I haven't finished yet.
<rbasak> frediz: would you like me to relay my notes so far here on IRC? If you're interested. Or I can just email them later.
<frediz> rbasak: an email is ok. I'll look at it tomorrow morning and will act based on that and keep you updated
<rbasak> frediz: OK, thanks!
<frediz> rbasak: thanks a lot, that's nice. Are you at Debconf btw ?
<hR13> Hi all, I have some problems with samba after I accidentaly upgrade  my zentyal install from 3.4 to 3.5. the webserver and samba dont seemes to start, I have added the bug #1090 patch. any help will be much appreciated
<ubottu> bug 1090 in mplayer (Ubuntu) "mplayer depends on xmms" [Medium,Invalid] https://launchpad.net/bugs/1090
<rbasak> frediz: unfortunately not, sorry.
<rbasak> frediz: note that symlinking /etc/... to /usr/share/kimchi wouldn't violate policy but I'm still not keen on it since users normally expect to be able to edit files in /etc with no further effort, and conffile handling is a known thing. So I'd prefer to see it done that way - just by dh_install .install file to /etc for example. Then I know that all the standard expected stuff will work.
<frediz> rbasak: No problem :)
<rbasak> frediz: do you know why the binary is arch-specific? ISTR something about not being able to depend on arch-specific binaries in an arch: all package, but there don't seem to be any of those now.
<rbasak> I think we have talked about this before but could it be that the original reason no longer applies now?
<frediz> rbasak: I think that was because someone in the ITP didn't want to drag all the qemu packages for every arch
<frediz> rbasak: that's it : https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=772823#32
<ubottu> Debian bug 772823 in wnpp "ITP: kimchi -- HTML5 based management tool for KVM." [Wishlist,Open]
<rbasak> frediz: oh, my mistake, sorry. I was looking at the amd64 binary deb only. The binary depends in source control file is still arch-specific which is why the the binary itself has to be, and that's exactly how I remember it. Sorry for the noise.
<rbasak> (and I think we decided it wasn't worth splitting out an all package with the common bits at this stage)
<zetheroo> I successfully got Ubuntu to join the AD domain with PBIS - the solution was to remove avahi-daemon
<zetheroo> but now I am trying to get to the domain shares ... I guess it's using Samba ...
<rbasak> frediz: ping again. Sorry, I want to resolve anything quickly that I think may be blocking. Not sure whether this is an issue or not. src/Makefile.am generates dhparams.pem with a comment "Generate unique Diffie-Hellman group with 2048-bit". Except it won't be unique as it is done once at build time, not for each user (eg. if they were consuming from upstream). Is this a problem?
<rbasak> Whichever way it should go away as Debian has the reproducible build proposal, and this would break that. Either it should be fixed and committed upstream, or it should be done at install time, right?
<rbasak> I don't know how important this is right now though. Do you have any thoughts?
<arosales> any volunteers to chair th upcoming Ubuntu server meeting
<rbasak> http://security.stackexchange.com/questions/70831/does-dh-parameter-file-need-to-be-unique-per-private-key suggests this shouldn't be a problem to me.
<rbasak> Though now I understand why we might want to generate them at build time - then upstreams wouldn't be able to influence parameter choice, which makes the result auditable.
<rbasak> I wonder how that will fit with reproducible builds though.
<rbasak> mdeslaur: would you mind checking my logic above? I just want to make sure I'm not uploading something accidentally vulnerable.
<mdeslaur> rbasak: yeah, it would be better to generate it at install time
<mdeslaur> although at install time you then may hit an entropy issue
<mdeslaur> so perhaps shipping one of the well-known ones is better, and paranoid users can regenerate if they want
<rbasak> mdeslaur: OK, thanks. Is it acceptable to generate at build time for now, as that's what upstream do currently?
<rbasak> mdeslaur: or should this be a blocking issue to fix before upload?
<rbasak> (it's a new package)
<mdeslaur> rbasak: build time is ok for now, until someone fixes it for reproduceable builds
<rbasak> OK, thanks.
<mdeslaur> although
<mdeslaur> rbasak: is build-time what upstream does?
<mdeslaur> ah ok, that's what you said
<mdeslaur> so yeah, that's ok
<rbasak> OK. Thanks!
<ejat> hi .. anyone can help me with this error : http://paste.ubuntu.com/12119236/
<andol> ejat: "No such file or directory - bad template: ubuntu-cloud" appear to be the problem.
<andol> Aside from that, I have no idea what you have or haven't done.
<ejat> andol : thanks
<SuperLag> Canonical Landscape seems $$$$$$$$$.
<SuperLag> if you guys have multiple Ubuntu machines to admin, and keep up to date... how do you do it efficiently?
<quantic> SuperLag: I'd love an answer to that myself.
<qman__> unattended-upgrades
<qman__> I also use salt stack to some effect
<qman__> for example, you could create a salt state to install and configure unattended-upgrades on all ubuntu systems
<jpds> SuperLag: Well, those free updates don't come cheap to them
<jpds> SuperLag: Maybe you should consider deploying RHEL instead
<sarnold> jpds: *snort* :)
<dasjoe> Don't forget there's a way to run Landscape locally, for up to 10 real and 10 virtual machines, iirc
<SuperLag> Yes, but $700/server/year.... for 17 machines. That's just shy of $1K/mo.
<dasjoe> Nobody forces you to use Landscape, you're free to use whatever config management tool you prefer
<SuperLag> dasjoe: right. I'm just not familiar with the alternatives. That's what I'm trying to figure out.
<dasjoe> SuperLag: okay, there are a few things to look at: Puppet, Chef, Ansible, Foreman, Katello, Cockpit-Project to name a few
<SuperLag> dasjoe: I thought the automation stuff like Puppet/Chef was only for when you're initially deploying stuff, rather than for maintaining them after the fact?
<dasjoe> SuperLag: no, they're not just for deployments, see https://en.wikipedia.org/wiki/Comparison_of_open-source_configuration_management_software
<Treize> Awesome, Just what I was looking for! An Ubuntu Server Guide
<halvors> Hi.
<klagid> halvors: hello!
<halvors> Anyone know how to read a session created by apache2 mod_php from a php script running in cli?
<halvors> I have the session id.
<halvors> Is there some locking in the picture here?
<halvors> Will i be able to do this?
<klagid> I am not 100% sure but i believe that you can
<maccam94> i'm trying to remove some packages from my apt repository using reprepro, but i can't seem to get it to remove the files from the pool
<maccam94> i'm stuck in a weird place now where i can't re-import the packages because reprepro thinks the files are already in the pool, and when I remove the packages it won't remove the pool files either
<tarpman> maccam94: reprepro deleteunreferenced , perhaps
<tarpman> maccam94: are you certain they aren't still used somewhere?
<maccam94> that doesn't seem to do anything :(
<maccam94> i don't think so, how can I check?
<tarpman> hm. not sure
<tarpman> grep for them in Packages/Release files, at least
#ubuntu-server 2015-08-19
<coreycb> beisner, can you promote kilo-staging to kilo-proposed in the cloud archive when you get a chance please?  staging has tested successfully.
<neonixcoder> sarnold_: I am able to resolve my upgrade issue..
<neonixcoder> sarnold_: It is simple mistake which costed my 100s of hours
<llinguini> Hey guys
<llinguini> What are the advantages of ubuntu over just using debian
<llinguini> Hello?
<llinguini> Hello?
<bearface_> llinguini: is there a reason you are looking to switch? if you are using debian and happy with it, stick with it?
<lordievader> Good morning.
<skoude> Hi, is there a way in ubuntu autopilot (openstack) install to modify how the disks on cloud nodes are used?
<skoude> For example I have both SSD and Spinning disks on nodes, and the autopilot is just making a one big ceph storafge on it, so it is not dividing it to ceph_fast and ceph_slow.. Any idea how to modify the conf?
<skoude> Did not find anything about this when searching..
<rbasak> frediz: I don't see ginger on mentors. Could this have expired? Do you have the package available anywhere else please?
<rbasak> https://mentors.debian.net/package/ginger just redirects me to a package list
<frediz> rbasak: Hi, I guess it expired. I'm going to rebuild/reupload it
<rbasak> OK. Thanks! Apologies again for the review delay.
<frediz> rbasak: No worries!
<rbasak> apw: polite reminder for bug 1486233. Though I'm throwing no stones - we have a ton of merges that will probably slip this cycle.
<ubottu> bug 1486233 in iproute2 (Ubuntu) "iproute2 merge 4.1.1-1 from debian" [Medium,Triaged] https://launchpad.net/bugs/1486233
<rbasak> (though as this is a delta we introduced I feel we should do it)
<rbasak> (recently)
<apw> rbasak, yep, i filed that yesterday with the view to reminding me to do it before dif
<apw> or to try and do it, as the version number has jumped markedly
<zetheroo>  when I open something that needs administrative access to the machine (Ubuntu 14.04 Desktop) like the User accounts settings (unlock) or install/remove apps from USC I am asked for the password of the local user (temp) and not the AD user that I am logged in with. Is there any way to change this?
<rbasak> apw: yesterday? Ah, it's a dupe - I've been seeing the bug around for a while.
 * rbasak marks it
<rbasak> rharper: good job with bug 1481289, thanks.
<ubottu> bug 1481289 in php5 (Ubuntu) "PHP 5.5.9 Default socket timeout being not honoured by application" [Medium,Incomplete] https://launchpad.net/bugs/1481289
<rbasak> rharper: if appropraite, we should mark the bug Fix Released (since it is fixed in Wily) and open a task for Trusty (so we reflect that is not fixed in Trusty).
<rbasak> rharper: it's really useful to point out that the patch doesn't apply and can't be fixed in Trusty as-is. Otherwise it looks like we're just ignoring perfectly good patches. So thanks for that :)
<jak2000> sudo chown -R glassfish:glassfish /opt/glassfish4   get me a error: chown: invalid group: âglassfish:glassfishâ   previously i added the user: useradd glassfish   how to fix this error?
<shauno> jak2000: it's complaining invalid group; most likely glassfish is only a user, not a group.  you can confirm this with "groups glassfish", and note useradd has a counterpart groupadd
<rbasak> jak2000, shauno: on Debian and Ubuntu, the standard method is adduser and addgroup. useradd and groupadd are considered low level; you can call them directly but then you have to do more plumbing yourself.
<frediz> rbasak: ginger reuploaded
<rbasak> frediz: thanks! I spotted it appeared earlier and have already started.
<frediz> rbasak: nice :)
<rbasak> frediz: taking a break now but on first look ginger looks fine to me. Same question about API.json path, and I note that kimchid isn't being restarted after ginger is installed. Is that expected?
<rbasak> frediz: I spotted nothing else but I will look again in a bit.
<rbasak> (and no blockers for upload so far)
<frediz> rbasak: ok taking not of your points. Thank you. I'll check those
<rbasak> frediz: API.json may be perfectly acceptable where it is. I don' tknow.
<AEL-H> Could someone tell me why on some users when I SSH in I can type and press tab to autocomplete, however on other users I cannot? Ubuntu server 14.04
<lordievader> Different shells and different configs?
<Seveas> AEL-H: what lordievader said, and also root's autocomplete is much more restricted..
<AEL-H> Aplogies I am very inexperienced with linux, where might I find these configs?
<lordievader> AEL-H: /etc/passwd
<AEL-H> Somewhere I have found is telling me to copy over a .bashrc file into their home directory -- would copying over the root users .bashrc to a normal users home directory pose any kind of security problems?
<fcefan> AEL-H: No. Not sure if it even differs. But if yes, you might get some "permission denied" messages
<fcefan> Don't you have a .bashrc for non-root users ?
<lordievader> I'd say read it and base your conclusions on what you read.
<AEL-H> fcefan : Yes, the other users appear to have an identical .bashrc (or at least the autocomplete lines are the same). So then why can this user not autocomplete?
<lordievader> AEL-H: Are they using the same shells?
<AEL-H> lordievader : I am not sure what that means, how can I find out?
<lordievader> AEL-H: Check /etc/passwd
<AEL-H> according to what I read about that file, it doesn't have a 'Login shell'
<AEL-H> the user in question that is
<lordievader> Then it defaults to dash (sh).
<AEL-H> how can I tell which shell is opening?
<lordievader> AEL-H: ps
<AEL-H> lordievader : So what things should one keep in mind when changing a users login shell? Is there anything of note?
<lordievader> Err... Not really, a shell is a shell. People might have a preference for a particular shell though.
<AEL-H> lordievader : How can one change the shell they are using? So for example log in shell as dash but then switch to bash
<lordievader> AEL-H: man 5 passwd
<AEL-H> lordievader : Is this not just telling me how I can change the login shell?
<lordievader> AEL-H: Read the manpage, it explains it.
<rbasak> frediz: don't worry about API.json - it's fine where it is.
<rbasak> (I'm told)
<frediz> rbasak: ok, good; I'll try to move it and check if it still ok for kimchi server. That does hurt
<rbasak> frediz: I mean that there is no need to move it.
<frediz> rbasak: got it; just wanted to try if it's "aesthetically" better
<rbasak> frediz: OK. No worries if you manage to achieve it, but you might be interested in barry's response in http://irclogs.ubuntu.com/2015/08/19/%23ubuntu-devel.html (it hasn't appeared in the logs yet). He's involved upstream and they've looked at it from a more general viewpoint.
<rbasak> frediz: it might not be worth the packaging complication to achieve it now, especially given that it's acknowledged upstream.
<rbasak> (sorry you can't see the log yet; it'll appear soon I'm sure).
<frediz> rbasak: ok fine then
<rbasak> 14:27 <barry> rbasak: tl;dr: it's fine.  many python libraries do include data files in their directory structure, and that works well with pkg_resources.  they can use that api to find the data files easily.  it does seem odd that those data files don't go in /usr/share but it's normal.  moving them is more trouble than it's worth.  upstream we've talked about ways to put such data files elsewhere b
<rbasak> ut in a way that they're still easily found by the
<rbasak> 14:27 <barry> normal apis, but so far that hasn't gone anywhere.
<frediz> great, thanks for checking
<brane_>  anyone setup bonding to force10 switch as peer?
<patdk-wk> sure, just set it up how ever you wish
<brane_> I am getting different Aggregator ID on the nics
<brane_> in lacp setup
<patdk-wk> how did you configure it?
<brane_> following https://help.ubuntu.com/community/UbuntuBonding
<patdk-wk> that so does not describe your force10 config
<brane_> Dell support confirmed that the config is correct on both VLT peers
<patdk-wk> config is correct for what?
<brane_> for a lacp lag
<patdk-wk> yes, but WHAT KIND of lacp lag?
<patdk-wk> active, passive, static?
<brane_> active
<brane_> http://www.mpaste.com/p/6Y
<brane_> the config on the VLT peer is the same
<patdk-wk> I don't see the port being assigned to that port-channel
<patdk-wk> oh, it's in that portchannel thing
<brane_> yes
<patdk-wk> they must have changed the config syntax again
<brane_> probably
<brane_> tough finding good examples on the net
<brane_> here is the ubuntu config http://www.mpaste.com/p/YDxEfSz
<patdk-wk> ya, something is wrong on the switch
<patdk-wk> the vtl is not syncing
<patdk-wk> or the cables aren't plugged into the ports yo uthink they are
<brane_> thanks for the help, I'll keep pushing dell support
<brane_> if there are any other ideas, please pm me
<patdk-wk> ya, the port configs look ok, I would only blame those two things  Isaid
<WRStone3> Anyone ever work with Powerbroker Identity Services Open (PBIS Open)?  I'm having an odd problem where Ubuntu servers are not returning the correct AD groups of which a user is a member.
<SamYaple> Hey guys. I was directed here from #ubuntu Is there an IRC channel for the packagers for the Ubuntu Cloud-Archive Openstack stuff? Trying to include that in the Openstack project Kolla and need some contacts for questions
<catalase> hello
<catalase>  http://pastebin.com/BwdfJxFC
<catalase> i run /bin/sh ./update.sh
<catalase> and receive output that says: Update the packages list is not understoodtion --yes
<catalase> running ubuntu server 14.04.3 lts
<K4k> catalase: Re: your question in #ubuntu
<K4k> Try fully qualifying your executables
<catalase> K4k, what does that mean
<K4k> instead of using just apt-get, use the full path for apt-get, which should probably be /usr/bin/apt-get. You can find this out by running `which apt-get` on your system
<catalase> which apt-get returns /usr/bin/apt-get
<K4k> and actually... I think I see the real problem (though using /usr/bin/apt-get is still a good idea)
<catalase> this works on another one of my servers btw running the same version of ubuntu
<catalase> care to elaborate?
<K4k> Let me make sure I understand what you're doing
<catalase> basically i've set this as a cronjob to auto-update my device every 6 hours
<K4k> you're running `/bin/sh <script>.sh`
<catalase> yes
<K4k> ok, and what file is that in?
<catalase> in /etc/cron.d/update.sh
<K4k> put #!/bin/sh at the top of your script
<K4k> I've run in to this before
<K4k> wait... hang on, my attention is being pulled away I may not be making sense right now...
<catalase> K4k, tried that but did not work :(
<K4k> catalase: You're sure this script is in /etc/cron.d on the other server and not /etc/cron.daily?
<catalase> yes
<K4k> According to the documentation, /etc/cron.d is a directory where you can put additional crontab files which would not be scripts but files with standard crontab entries in them.
<catalase> nvm something weird happened with the file i think
<K4k> ok
<catalase> i pulled the update.sh file from the other server and it is working now
<K4k> I was going to suggest you just make an entry in /etc/crontab to run that script and call it a day
<K4k> Cool
<K4k> Sorry I wasn't more help
<catalase> thanks for your efforts
<oste> i am trying to connect to localhost but getting connection refused
<oste> when i run telnet localhost i get the following
<oste> Trying 127.0.0.1...
<oste> telnet: Unable to connect to remote host: Connection refused
<lordievader> oste: Why do you want to telnet to localhost?
<oste> i am just testing that i can't
<oste> i am running a java application that needs to listen on localhost
<oste> but those connections are being refused
<lordievader> Does netstat list it as listening to the telnet port?
<lordievader> Netcat is a better tool for those kind of things.
<JanC> or did you specify a port to connect to
<lordievader> Netcat, nmap and netstat will get you very far.
<oste> telnet localhost 8080 was the command
<oste> it needs to be available to http requests
<oste> this is what i see from netstat -l http://pastie.org/10361884
<RoyK> oste: telnet localhost 80
<RoyK> oste: telnet localhost without a port will try port 23, which is the telnet server, something that went out of style almost 20 years ago
<lordievader> oste: I'd use 'netstat -tulpn' ;)
<oste> ok seems i can connect to port 80 now :)
<oste> swear i tried to change my config to 80 rather than 8080 with no luck
<oste> seems to be working tho
<RoyK> oste: goodie
<WRStone3> Anyone ever work with Powerbroker Identity Services Open (PBIS Open)?  I'm having an odd problem where Ubuntu servers are not returning the correct AD groups of which a user is a member.
<unixninjax> I am running cannonical openstack and under 10 nodes, I am seeing an âOutage in X daysâ on my monitor your region area, I thought the 10 node license was free? thoughts?
<Dr_Apocalypse> Greetings Ubuntu server users
<lordievader> o/
<Dr_Apocalypse> I'm wondering if anyone knows much about apache reverse proxies
<TJ-> Yes, of course someone knows
<Dr_Apocalypse> Nice answer. Anyone online currently perhaps?
<TJ-> !ask | Dr_Apocalypse
<ubottu> Dr_Apocalypse: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<maxb> Unless you're question is inherently Ubuntu specific you might be better off in #httpd
<TJ-> http://paste.ubuntu.com/12130231/
<tonyyarusso> maxb: Except that #httpd is mean...
<beisner> coreycb, fyi, shifting gears to work on the kilo-staging => kilo-proposed uca promotion now.
<coreycb> beisner, yes please! thanks
<tonyyarusso> unixninjax: Maybe it's actually a maintenance outage notification?
<unixninjax> maintenance by who?
<tonyyarusso> I dunno
<unixninjax> and the days are counting down wrong as well
<unixninjax> 2-3 days for 24 hour timer.
<unixninjax> bizzare.
<tonyyarusso> I wasn't actually aware that this was a thing, so trying to read now :)
<unixninjax> same here, I am pleasantly surprised seeing that.
<tonyyarusso> So, is this just prebundled software stuff, but still all running on your own hardware?
<unixninjax> correct
<unixninjax> installed using cannonical auto pilot
<tonyyarusso> Can you click this notification and get any more detail?
<unixninjax> thereâs no clicable link
<unixninjax> hold let me get you a screen
<tonyyarusso> (No, of course not, notifications can't be clickable, that's crazy talk!  End rant about desktop changes like 4 years ago.)
<unixninjax> http://i.imgur.com/jIdOLB0.png
<tonyyarusso> imgur's blocked at work :(
<TJ-> tonyyarusso: try https://iam.tj/projects/misc/jIdOLB0.png
<unixninjax> lol where do you work? that sucks they would block something like that.
<unixninjax> do companies even block things these days?
<beisner> coreycb, does this line up with the expected packages to push from staging to proposed for kilo?  http://paste.ubuntu.com/12130398/
<tonyyarusso> unixninjax: government
<unixninjax> ahh makes sense
<tonyyarusso> TJ-: I can load that, but don't see anything interesting on it.
<coreycb> beisner, yes looks good
<unixninjax> tonyyarusso: look under ram utilization
<tonyyarusso> oh, dur
<unixninjax> thatâs the outage message i was talking about
<tonyyarusso> ohhhhhh
<tonyyarusso> unixninjax: I think that's a capacity planning message - saying you're on track to use up all of your RAM soon.
<tonyyarusso> Weird wording, but looks consistent with the graph.
<unixninjax> oh! interesting
<oste> what is the proper way to open a port for localhost to listen to?
<unixninjax> the wording is really intersting if it is just capacity planning
<unixninjax> because âoutage"
<tonyyarusso> Yeah.  I mean, you could have an outage from running out of memory, but still.
<tonyyarusso> Could be that component wasn't originally written in English.
<beisner> coreycb, ok pkgs pushed, i think there is ~1hr window for reports, etc., but the ppa is showing the new pkgs.
<coreycb> beisner, awesome, thanks
<beisner> coreycb, you're welcome!  thanks for knocking them around in staging!
<oste> how can i get my ubuntu machine to listen at localhost on port 8080?
<tonyyarusso> oste: You don't - a particular daemon/process will listen, not Ubuntu overall.
<tonyyarusso> Are you trying to make *Apache* (or some other httpd) listen on 8080 perhaps?
<oste> yeah, trying to get a java applicaiton to work on port 8080
<oste> Failed to connect to localhost port 8080: Connection refused
<oste> when i do nmap localhost i get this:
<oste> 22/tcp   open  ssh
<oste> 80/tcp   open  http
<oste> 3306/tcp open  mysql
<oste> i need 8080/tcp to show up there i think
<tonyyarusso> So, that can be done in the Apache vhost.
<oste> i am using nginx
<oste> i donât think this is related to that tho
<trippeh> java apps often listen on 8080 themselfes
<tonyyarusso> Is the Java application accessed through nginx, or is it supposed to be listening on its own?
<oste> just on its own
<oste> connecting via localhost on the same machine
<tonyyarusso> Ah.  Not much help I can give you there, but Google suggests maybe a "new Socket(IP, port)" line exists somewhere in your code, but if it's sane that probably references some kind of config file.
<tonyyarusso> or possibly "new ServerSocket(port)"
<tonyyarusso> Something like that anyway
<oste> i thought it could be iptables related
<tonyyarusso> Is this an application that you're writing from scratch, or just trying to get running?
<tonyyarusso> Could be, sure.
<TJ-> oste: what Java application? does it require Tomcat or embed it, or some other servlet container?
<oste> it is apache jackrabbit
<oste> https://jackrabbit.apache.org/jcr/index.html
<oste> no tomcat required
<tonyyarusso> Do you get the "now running at" output shown on https://jackrabbit.apache.org/jcr/standalone-server.html ?
<TJ-> oste: From the JR FAQ: "Get the WAR distribution from the Downloads page and deploy it into Tomcat. "
<tonyyarusso> TJ-: Seems that's one of multiple deployment options.
<oste> i am not using the standalone server
<TJ-> oste: so what are you using?
<oste> i have this damn thing working in my local VM
<oste> just the download
<TJ-> that says nothing
<tonyyarusso> You have to be using *something* for the server, so either the standalone, Tomcat, or something else.
<TJ-> oste: if you aren't using the standalone server, you must be using Tomcat or some other servlet container
<tonyyarusso> If you just have a .jar file sitting around on your disk that won't do anything.
<oste> right i have a startup script
<oste> nginx is my server
<oste> http://www.eu.apache.org/dist/jackrabbit/jackrabbit-standalone-2.10.1.jar
<oste> you can download that
<TJ-> and what happens when you follow the launch instructions?
<lickalott> hey guys,  Im having an issue with the system dumping to busybox(initramfs) on initial boot.  Can someone help with this?
<oste> you can run it with this https://raw.githubusercontent.com/sixty-nine/Jackrabbit-startup-script/master/jackrabbit.sh
<oste> it works great on my vm
<tonyyarusso> oste: Try just launching it like shown in my link first, so we can narrow things down a bit before launching into this other script.
<rbasak> apw: iproute2> thanks!
<BrianBlaze420> where do i put the warning message for ssh
<BrianBlaze420> oh im dumb!
<BrianBlaze420> :)
<BrianBlaze420> forgot to uncomment banner
<BrianBlaze420> lol
<apw> rbasak, np
#ubuntu-server 2015-08-20
<adun153> Hi, can any body help me? I have two nodes, both of them have the same hardware config, having SFP interfaces. Dmesg on both hardware shows that they both detect the hardware, but Node1 detects it properly as a network interface, Node2 does not. I took over administration of both these servers recently, and I just fresh installed Ubuntu 14.04.3 on Node2. Node 1 runs Ubuntu 14.04.3 as well, dist-upgraded from 12.04. Can any body point me in the r
<adun153> ight direction?
<mybalzitch> node 2 doesn't pick up the SFP at all?
<mybalzitch> or does it say no carrier
<adun153> It doesn't pick it up as a net interface
<adun153> it does list it out in dmesg, though
<mybalzitch> does it show up in lspci ?
<adun153> yes, it does
<mybalzitch> Hmm
<mybalzitch> does it show up in ifconfig -a
<adun153> /etc/udev/rules.d/70-persistent-net.rules only show the copper interfaces.
<adun153> is that p1p1?
<adun153> anyway, want me to do a paste of the output?
<mybalzitch> paste it to pastebin
<adun153> http://pastebin.com/Uix2zCvN
<mybalzitch> can you do ethtool eth0
<adun153> It's the other copper interface. http://pastebin.com/4aiFntJg
<mybalzitch> oh
<mybalzitch> I shoulda noticed that on the mac addy
<mybalzitch> do you know the mac address of this sfp?
<adun153> Doing "dmesg | grep -i sfp" on each  node gives me the following: http://pastebin.com/R5F4ZMYU
<adun153> I don't.
<adun153> ItBased on the output, I think Node2's kernel doesn't recognize the H/W as net interfaces.
<mybalzitch> yeah
<adun153> Is this a driver issue?
<mybalzitch> it might be
<mybalzitch> have you tried compiling an ixgbe driver from intel from source/
<adun153> If yes, how do I find out which friver to install?
<adun153> No, haven't.
<adun153> But I 've compiled Squid before, so if it is at all easier or just about the same level of difficulty, I'm up for it.
<adun153> Are there no packages in the main repos for it?
<mybalzitch> about the same level
<mybalzitch> not that I'm aware of
<mybalzitch> http://ask.xmodulo.com/download-install-ixgbe-driver-ubuntu-debian.html
<adun153> lspci shows this: Ethernet controller: Intel Corporation 82599ES 10-Gigabit SFI/SFP+ Network Connection
<adun153> Intel website for the H/W is this: http://ark.intel.com/products/41282/Intel-82599ES-10-Gigabit-Ethernet-Controller
<adun153> I click on "Software Downloads" on the right side
<adun153> On the new page, Linux drivers are on the 4th entry on the list
<adun153> It's apparently the ixgbe driver.
<mybalzitch> yeah
<mybalzitch> we're just tryiung a new ixgbe driver
<mybalzitch> (newer)
<adun153> lsmod shows the ixgbe driver as loaded
<adun153> oh, ok
<adun153> alight
<adun153> **alright
<adun153> I'll read the link.
<adun153> Thanks for the advice!
<mybalzitch> you could also
<mybalzitch> and it might be easier
<mybalzitch> just swap in a 4.1.4 kernel
<mybalzitch> and see if it gets detected then
<mybalzitch> http://www.yourownlinux.com/2015/08/how-to-install-linux-kernel-4-1-4-in-linux.html
<mybalzitch> except the url is different I think
<mybalzitch> nope
<mybalzitch> url works
<mybalzitch> it's just very odd, that they both seem to have the same part number but the other one isn't detected
<adun153> mybalzitch: How different would this be from stock Ubuntu kernels?
<mybalzitch> I've put that kernel in place of the stock ubuntu kernel with seemingly no ill effects
<mybalzitch> worst case scenario is it doesn't boot, and you revert to your stock kernel
<mybalzitch> have you tried swapping the HW to see if the nic is defective?
<adun153> Which do you think I should try first, new driver or new kernel?
<adun153> No, I haven't. It's a bit tricky to do that, since all other Nodes are now in prod, and co-located in a remote DC.
<mybalzitch> oh
<mybalzitch> I'd try kernel first
<mybalzitch> its the easiest
<mybalzitch> you do have IPMI right?
<adun153> I do
<mybalzitch> or iLOM2
<mybalzitch> okay good
<adun153> okay, trying the kernel route. :)
<adun153> GRUB should automatically boot the latest kernel, right?
<mybalzitch> yes
<adun153> (y)
<mybalzitch> call update-grub just to be sure
<mybalzitch> but I think it gets called during the install process
<adun153> Kernel packages intalled, grub updated manually, now rebooting, keeping fingers crossed.
<mybalzitch> :D
 * mybalzitch waits for smoke
<mybalzitch> FIRE!!!
<adun153> At least I'll have something to report to the  kernel team mailing list: Installed 4.14, server fried. FIX IT!
<mybalzitch> HA
<adun153> mybalzitch: Negative :(   http://pastebin.com/VzQHBgNc
<mybalzitch> can you dmesg|grep ixgbe
<adun153> http://pastebin.com/c0FHcbtH
<adun153> wait, so does that mean that the p1* and p3 interfaces are the SFPs?
<mybalzitch> looks like it
<mybalzitch> when I looked up those p2p interfaces it said they were supermicro, so I assumed they were onboard
<adun153> I see
<adun153> Check this out: http://pastebin.com/13tyL8LV
<mybalzitch> that looks like a 10g card
<adun153> Why does it not show up in 70-persistent-net.rules though? http://pastebin.com/i6zX5WDs
<mybalzitch> I'm not sure
<mybalzitch> wrong mac address maybe?
<adun153> Would it helped if I show mac addresses from Node 1's DFP?
<adun153> *SFP
<mybalzitch> no
<mybalzitch> well
<mybalzitch> see if its vastly different
<adun153> Similar: Node 1- 00:25:90:c3:da:d6  ---- Node 2- 00:25:90:c3:cc:3a
<adun153> http://pastebin.com/XASpPEZG
<adun153> mybalzitch: opinion/suggestions?
<mybalzitch> sorry afk
<mybalzitch> adun153: check all those p*p interfaces for one thats got a link
<adun153> That's all right. There are no SLA's for IRC. :)              all of them are "Link Detected: no"
<adun153> I think that I should try configuring one of them, just to see if the link will go up if I "ifup" it.
<mybalzitch> yeah
<adun153> mybalzitch: also, I'd like to removev the 4.14 kernel, is it alright to uninstall the 4.14 packages while the 4.14 kernel is running?
<mybalzitch> that would be my next suggestion
<mybalzitch> yes it is
<adun153> ok
<adun153> I'll remove the 4.14 kernel first, reboot, then try to get the p1* interfaces working
<adun153> ty
<mybalzitch> :D
<adun153> mybalzitch: Got this: http://pastebin.com/QG27w5pr should I be concerned?
<mybalzitch> you can just link /vmlinuz and /initrd.img back to the /boot/ equivilants
<adun153> mybalzitch: did I do the first two commands right? http://pastebin.com/D7NHvSza
<mybalzitch> looks good to me
<adun153> or should I have pointed the vmlinuz symlink to the "vmlinuz-3.19.0-25-generic.efi.signed" instead? Since this is an efi system
<mybalzitch> I'm not sure
<mybalzitch> grub shouldn't be using the / symlinks anyway
<mybalzitch> it should be using /boot/..
<adun153> anyway, it rebooted just fine, so no worries, hehe.
<mybalzitch> woo
<mybalzitch> adun153: any luck on bringing the interfaces up and having a link on them?
<adun153> working on that now; if I get them to work, I'm going to rename them back to eth* :p   ---> http://www.hellovinoth.com/ubuntu-14-04-renaming-ethernet-interfaces-from-p1p1%E2%80%B3-to-eth0%E2%80%B3/
<mybalzitch> :D
<adun153> mybalzitch: Alright!!!! http://pastebin.com/gxWVv9XM
<adun153> Thanks so much for helping me diagnose and troubleshoot, etc.
<adun153> I learned a lot.
<mybalzitch> np
<mybalzitch> glad we got it working
<mybalzitch> adun153: don't forget to make the changes to the network config files so it persists between reboots
<adun153> yes, I'll write it to 70-persistent-net.rules
<adun153> Thanks again! :)
<mybalzitch> np
<mybalzitch> I'm surprised your previous admin never fixed this, lol
<mybalzitch> if you ahve any other fun issues, let me know
<adun153> alright, I will
<adun153> "fun", heh
<mybalzitch> XD
<lordievader> Good morning.
<Adri2000> hello
<Adri2000> any plan to update python-openstackclient to 1.6.0 in wily?
<rbasak> frediz: any news on an update kimchi package please? It's feature freeze today, and I'm happy to upload with just the conffile /usr/share/doc symlink issue fixed. After today we'll need to get an exception which will be a pain.
<rbasak> (sorry again I know it's me being backlogged that has caused this urgency)
<frediz> rbasak: ok I was trying to sort out everything today, but that must be a bad plan :) . I've changed ln to cp , so I'm going to reupload kimchi so that you can upload and I'll deal with the rest and Gianfranco's comments after. Ok ?
<rbasak> frediz: sounds good. Thanks!
<frediz> rbasak: thanks again Robie; other changes will come next week probably as I won't be able to work on that till then.
<rbasak> frediz: OK. BTW, "or" in copyright file as commented in the bug is wrong AFAIK. In this case, the licences are combined and have an "and" relation and I think are compatible so that's fine.
<rbasak> It's effectively the same as LGPL but with mandatory copyright and license notices from the other licenses included. So I think what you did in debian/copyright for that is fine.
<rbasak> It might be worth getting an opinion from somewhere else though.
<rbasak> (before you change it)
<rbasak> I am still happy to upload as-is.
<frediz> rbasak: sure ; I'm no licensing expert *at all* and all of this as been done some time ago, so I need first to recheck files, copyright file to be able to understand :) . But I remember having got inspiration from another package already in Debian.
<roaksoax> /win/win 9
<bulldawgden> how do you make ubuntu server use IPv4 instead of IPv6?
<bulldawgden> I am running it in Virtualbox
<jrwren> bulldawgden: IETF says ipv6 should always be prefered in a dual stack configuration.
<jrwren> bulldawgden: you can turn off ipv6
<bulldawgden> is it easy to turn off?
<RoyK> bulldawgden: really, why?
<RoyK> bulldawgden: but still, if you want to do this, first hit on google http://www.binarytides.com/disable-ipv6-ubuntu/
<jrwren> bulldawgden: I'm curious too, why?
<TJ-> bulldawgden: see https://help.ubuntu.com/community/WebBrowsingSlowIPv6IPv4
<RoyK> imho if you've got bad hardware not doing IPv6 right, replace the hardware :P
<jrwren> RoyK: me too, I love my ipv6 delegated prefix :)
<RoyK> IPv4 isn't going anyware
<RoyK> https://xkcd.com/865/ :D
<tackyone> Hello, I have run into a bit of an issue. I was doing a upgrade-manager -d command, and midway through my network connection cut out. I logged into the machine physically, but didn't see any processes still running that would indicate that the server was still upgrading, so I rebooted the machine, as I couldn't do much with the machine. After restarting the machine, it now kernel panics on bootup, and I can not access the mach
<tackyone> Which I am currently in the process of making). Could someone help me get my server back on it's feet? I took a backup using fwbackups of /, so if I need to, I can restore as much as possible for the OS drive with that.
<linocisco> hi all
<linocisco> I am going to install ubuntu server 14.04-2 64bit on existing Elastix server which is CentOS based and take up the whole HDD when installed, How can I add ubuntu server installation along side of it and make dual boot.?
<bulldawgden> thanks
<linocisco> hi
<SCHAAP137> allright, that 13.10 to 14.04.3 server upgrade went exceptionally smooth
<RoyK> SCHAAP137: nice
<JanC> I still need to upgrade a 12.04 server to 14.04  :-/
<SCHAAP137> 12.04, oldschool
<JanC> SCHAAP137: it used to be 10.04 before 12.04.01 was around  :)
<lordievader> JanC: Is it still running on the original hardware?
<RoyK> JanC: I had an 8.04 server around until a few months ago :P
<lordievader> RoyK: We still do....
 * lordievader runs
<JanC> lordievader: it's a VM actually, and not on the same hardware after we moved everything to a different dedi server  :)
<RoyK> lordievader: ouch
<lordievader> We're working on a replacement, luckily.
<lordievader> JanC: Ah, I see.
<JanC> (and the reason I didn't migrate yet is that I didn't check all software on it for compatibility)
<RoyK> lordievader: this one 8.04 machine was badly messed up - stuck at 8.04.1 and unable to upgrade until it was finally killed
<JanC> mail server might need some configuration changes etc. (the usual stuff, I guess)
<lordievader> We run qmail on it. No one knows how it works and everyone is afraid to touch it.
<JanC> *ieuw*
<lordievader> Yes.
<lordievader> Like I said, we are working on a replacement.
<JanC> do you know what it does, at least?  :)
<lordievader> That we do, that is why no one wants to touch it ;)
<JanC> well, it's also a lot easier to replace when you do know exactly what it does
<arooni-mobile> hey folks.  is there a compelling reason to move from 12.04 to 14.04 LTS?
<RoyK> arooni-mobile: just if you need the new shit
<arooni-mobile> i think id prefer doing that... so that way if packages work on my dev box they can work on my production server
<arooni-mobile> will i have to reconfigure all kinds of packages, ruby, etc, on the server
<arooni-mobile> if moving to 14.04 lts from 12.04?
<teward> arooni-mobile: you *shouldn't* have to, however, take a backup of your system in its entirety on 12.04 so you can restore if it fails
<teward> (there's an upgrade path for packages, etc.)
<teward> (you may need to install one or two but...)
<arooni-mobile> good advice
<arooni-mobile> what method would you recommend for taking a backup
<teward> external USB drive, flash drive with clonezilla, clone/image the entire server if possible
<teward> if it's a VPS, contact the host to see if they can take a backup and keep it for a few days
<arooni-mobile> its a vps;  i'll ask them ; good thought
<teward> arooni-mobile: if they can't do the backup, or won't, then you may want to just not upgrade
<teward> or backup critical data
<teward> and get a list of installed packages
<teward> and then reinstall the VPS with 12.04 if necessary
<arooni-mobile> im checking what i already have backed up
<arooni-mobile> also is there a way to make running & installing security packages an automatic part
<arooni-mobile> automatic task, via the command line
<AEL-H> Is there a way I can prevent a user for snooping in other users files, even with ls -all?
<tonyyarusso> AEL-H: The "execute" (x) permission is used in the case of directories for listing rights.
<xedniv> is it possible to install/use parted in the ubuntu server cd installer shell?
<mybalzitch> parted doesn't ship with the cd?
<xedniv> nope it doesnt seem like it
<xedniv> i need to create an encrypted lvm and wish to do so manually, so i tried the shell and parted isnt there
<xedniv> the installer has never worked well for me to create an encrypted LVM system
<xedniv> ex. /boot not encrypted + LVM volume encrypted, with /, etc inside
<JanC> xedniv: I'm pretty sure parted is on the server CD, but in any case: parted is a partitioning tool, not a volume management tool...
<xedniv> JanC: not, it is not. im not making some wild claim, heh.
<xedniv> easy steps: grab server cd, enable expert mode, jump into shell after configuring keyboard layout, host and user.
<JanC> it certainly was on the server images in the past
<xedniv> classic response, no offense. well, pilgrim, im talking present time, not past tense.
<JanC> but like I said: it's not useful if you want to manage volumes...
<xedniv> ' i need to create an encrypted lvm and wish to do so manually, so i tried the shell and
<xedniv> etc
<xedniv> and then i explicitly mentioned the manual process.
<xedniv> so, what was the part you were helping with? sure, maybe lvm utilities are there
<xedniv> but i cant partition with those.
<JanC> if parted isn't there, then sure fdisk or such will be there
<xedniv> fdisk doesnt like gpt
<JanC> GNU fdisk uses libparted
<JanC> so GPT should be fine with it
<JanC> (and parted is a dependency of 'ubuntu-standard', so I'd be surprised if it's not on the Server image...)
<xedniv> i will check. and no man, stop insisting im pulling that claim out of my arse and go verify it already
<xedniv> im happy to tell people how to build a static parted actually
#ubuntu-server 2015-08-21
<JanC> and parted packages are on the Ubuntu 5.04 Server CD image (but not installed in the live session used by the installer)
<xedniv> JanC: so how do you get them on the live session? you keep trying to undo your claim that i was stating false information, whereas the issue is very simple: no, there are no usable parted binaries in the CD. i dont care if inside the dpkg seeds there is one package for it.
<xedniv> theres probably apache too somewhere in the seed repo for the initial install, so what?
<xedniv> the toolchain in 15.04 is broken to no avail for building fPIC libs, so cannot build a static parted here right now
<xedniv> may need to setup a gentoo vm for that
<JanC> well, there is partman on the live image, why doesn't that work?
<xedniv> ugh
<xedniv> partman is terrible. ill seeif i can get around its limitations before i have access to a host that can build proper static execs of parted
<xedniv> i also need to script this installation so it can be done remotely
<JanC> I'm sure you can install the parted udeb if you really want it
<xedniv> https://bugs.launchpad.net/ubuntu/+source/gcc-4.4/+bug/640734
<ubottu> Launchpad bug 640734 in gcc-4.4 (Ubuntu) "crtbeginT.o needs to be recompiled with -fPIC" [Undecided,Confirmed]
<xedniv> JanC: can you tell me how that works?
<xedniv> btw that is a blocking bug for anyone compiling static execs
<JanC> xedniv: udpkg -i /cdrom/pool/main/p/parted/parted-udeb<tab>
<JanC> I tried using partman to set up an encrypted volume on lvm and that seemed to work fine too BTW
<xedniv> JanC: describe encrypted volume
<xedniv> did it contain a single partition or multiple?
<xedniv> ex. /boot, LVM(/, /etc, /var, /home, ...)
<JanC> well, this was just a quick VM experiment, so I only tried unencrypted /boot + LVM+encrypted /
<JanC> but, as said, you can install udebs with udpkg  :)
<xedniv> yeah, LVM with SINGLE partition is easy with partman
<xedniv> otherwise it has never worked well for me
<catalase> is it recommended to use an encrypted file container such as LUKS to store ssh keys on an ubuntu server and have that container auto-mount on boot. or is there some other standard way of doing keeping ssh keys secure
<mgriffin> If I see somewhat old versions and no open bugs in https://launchpad.net/ubuntu/+source/percona-xtrabackup does this mean updates are not coming soon, or maybe i looked in the wrong place?
<mgriffin> i guess the upstream debian repo is not updating.
<lordievader> Good morning.
<Neo9> if UBUNTU server with working static network configuration is suddenly disconnected and not able to reach the Gateway. How can i debug? Can any one please help on this.
<lordievader> Let's continue here ;)
<Neo9> lordievader: sure
<Neo9> lordievader: i have posted in ubuntu-server and did not get any replay.  Routing table is fine in't not changed and compared with my backup configurations.
<Neo9> lodievader: any other idea?
<lordievader> Neo9: Could you pastebin the output of 'ip a' and 'ip r'?
<Neo9> lordievader: sure
<Neo9> lordievader: http://pastebin.com/s2aitiPS
<lordievader> Neo9: Would you mind giving the actual output?
<Neo9> lordievader: with actual ip?
<lordievader> Yes,
<Neo9> lordievader: okay.
<Neo9> lordievader: http://pastebin.com/24Z7erfu
<lordievader> Your routes are very much incorrect. (And that wasn't the output of 'ip a' and 'ip r', but never mind that)
<Neo9> lordievader: this is worked for earlier.
<lordievader> Oh wait, it is the retarted 'route' output that is throwing me off.
<lordievader> Can you pastebin the output of 'ip r'?
<Neo9> lordievader: ip r  ..?  would you reveal the command.
<_ruben> that is the command
<lordievader> Neo9: The full command would be 'ip route', 'ip r' is shorthand.
<Neo9> lordievader: okay.
<artisanIndia> I have a website hosted on a ubuntu server which does not have nameservers and mail server
<artisanIndia> so I want to use mx records of another host or another server
<Neo9> lordievader: http://pastebin.com/YMvQsiLp
<lordievader> Neo9: Can you ping 198.20.108.114?
<Neo9> lordievader: it is unreachable
<lordievader> Neo9: Could you give me the output of 'arp'?
<Neo9> lordievader: http://pastebin.com/44nXT2Eg
<lordievader> Neo9: Do you happen to have tcpdump installed?
<lordievader> On either 198.20.108.115 or 198.20.108.114
<Neo9> lordievader: let me check
<Neo9> lordievader: and  point1: i am able to ping the 198.20.90.115  from outside.   but from 115 to 114 or any other is not working.
<lordievader> Neo9: Uhuh, I get the feeling arp is broken.
<lordievader> Hence the tcpdump to verify.
<Neo9> lordievader: it is installed in 114
<lordievader> Neo9: Good, run 'sudo tcpdump -i any arp' then try to ping .114 from .115. Do you see any arp request incomming from the .115?
<Neo9> lordievader: http://pastebin.com/A7SYeXDa
<lordievader> No responses? There is your problem.
<lordievader> .114 cannot send a ping to .115 because it doesn't know it's mac address.
<lordievader> Now I am interested if .115 never receives the arp request or that .115 refuses to answer.
<Neo9> lordievader: understood, but how can i resolve it?
<lordievader> Neo9: First try and answer the question I just asked ;)
<Neo9> lordievader: not understood what exactly you asking? it saying that "destination is unreachable"
<lordievader> Neo9: Does .115 receive the arp request?
<Neo9> lordievader: how can i know that? i am able to ping .115 from .114 but not vice versa.
<Neo9> lordievader: can i know how to check that?
<lordievader> Neo9: Run 'sudo tcpdump -i any arp' on .115 then ping from .114.
<Neo9> lordievader: oops; tcpdump is not installed in the .115. And since even ping 8.8.8.8 not works, it is not possible to install it now.
<lordievader> Hmm, I am mixing things up. Anyways I get the idea that your broadcast channel is wrong.
<Neo9> lordievader: might be. then how it's worked for me earlier?
<lordievader> I have no idea, what has changed since then?
<Neo9> lordievader: is there any issue with mac address?  And how can i read MAC address of other machine with arp?
<lordievader> What arp does is shout in the broadcast channel who has ip X, if a machine holds ip X it responds through unicast that it has ip X. however that reply is never received by your problem machine.
<lordievader> So either the problem is, no other machines receive the arp requests, or they refuse to send the reply.
<Neo9> lordievader: okay. Thanks for your time. thanks alot. Bye.
<rbasak> frediz: any news on kimchi please?
<AEL-H> How can I assume a pty as though it were my terminal?
<AEL-H> So being able to read and write to it in realtime
<skittishtrigger> I am doing my first major server transfer(from one host to another)I would love to be able to do some type of image deal and transfer the whole thing at once so I can shut down one server and update the other and take off. Is this possible with Ubuntu and not having physical access?
<TJ-> skittishtrigger: depends on whether transferring bare-metal or VM, and if VM, what hypervisor source and destination use. Also, after transfer, things like network might need reconfiguring (different MAC address, different device naming, etc)
<skittishtrigger> It would be baremetal. I have not progressed to doing vm's yet
<skittishtrigger> Its a fairly simple server with a webserver and several game servers, quassel, etc.
<skittishtrigger> I was thinking with the custom config on a lot of things if it might be a better route to just make a list usable by ubuntu with everything that is installed on it and use that then re-set up everything?
<TJ-> skittishtrigger: so main difference will be hardware, and most drivers should auto-detect and load. Anything tied to NIC MACs will fail though... so think of /etc/udev/rules.d/70-persistent-net.rules
<TJ-> skittishtrigger: you could. debfoster is a useful too for creating the dependency list
<skittishtrigger> ok, I will google that and look into it. luckily the only think network wise that is coded in is just the ips for client connections
<skittishtrigger> Thank you so much for your help TJ- !
<Synopsis> I've installed 15.04 server on an old laptop...playing around with some stuff...Can someone tell me how to make it auto login a non-root account?  Everything I find on google seems to be outdated.  I honestly know extremely little about linux...I'm playing around with this to maybe turn into a digital picture frame
<caliculk> Hello, so I created a backup of /etc, /var, /usr, /tmp etc upon an upgrade and reinstall process. I was just wondering if there was any way to grab the postgresql database from one of those folder locations and insert it back into the newly installed OS
<caliculk> Or if there was a way to go about backing up the database from one of those folder locations and importing and upgrading it from 9.1 to 9.4 of postgresql
<Synopsis> I've installed 15.04 server on an old laptop...playing around with some stuff...Can someone tell me how to make it auto login a non-root account?  Everything I find on google seems to be outdated.  I honestly know extremely little about linux...I'm playing around with this to maybe turn into a digital picture frame
<TJ-> Synopsis: As I said earlier, edit the init system's ttyX configuration so it does "exec /sbin/getty -8 -a <$USER> 38400 tty6"
<TJ-> Synopsis: precise syntax depends on which init system it is
<TJ-> Synopsis: my example above is from a test I did on tty6 with upstart's /etc/init/tty6.conf
<Synopsis> and as I told you earlier, those files don't exist for me
<TJ-> Synopsis: So find out where systemd stores it's equivalent, which are called unit files
<TJ-> Synopsis: "man systemd-units" should give all the details required to find them
<Synopsis> ty, will look
<TJ-> Synopsis: "dpkg -L systemd" will list all the files the systemd package installs
<TJ-> Synopsis: "dpkg -L systemd | grep getty" should narrow down your search
<Synopsis> the grep line returned a few files
<Synopsis> http://pastebin.com/csM3rN4H
<Synopsis> and btw, when i try to man systemd-units, i get no man entry
<TJ-> Synopsis: ahhh, no S. "man systemd.unit"
<Synopsis> same thing, no man entry
<Synopsis> i get one for just systemd
<TJ-> Synopsis: I've not the systemd source-code here. It looks as if units/getty@service is what you want, it has a line "ExecStart=-/sbin/agetty --noclear %I 38400 linux" which is, I suspect, the one that needs editing to include "-a <username>"
<TJ-> Synopsis: that is 15.04, right?
<Synopsis> yes, 15.04
<TJ-> Synopsis: according to packages.ubuntu.com that file is installed (as /usr/share/man/man5/systemd.unit.5.gz)
<Synopsis> a zip file? i'll have to extract it, modify it, rezip it and replace?
<TJ-> Synopsis: No... all man-pages are compressed to save space. They are uncompressed on the fly by the 'man' tool
<TJ-> Synopsis: there's an ArchLinux guide on how to configure systemd for auto-login. https://wiki.archlinux.org/index.php/Automatic_login_to_virtual_console
<TJ-> Synopsis: that shows creating an over-ride to the package-installed unit file, which is the preferred way to do this kind of config change (we never want to change a package-installed file - that may prevent the package being upgraded later)
<Synopsis> k, knocking some stuff out @ work real quick and i'll give that a try
<TJ-> Synopsis: For the man-page you've been typing a hyphen, not a full-stop.
<Synopsis> i copied and pasted what you typed the first time, and then just backspaced the s off when you corrected yourself, didnt notice you also changed the - to a .
<TJ-> Synopsis: Sorry... that first command I took directly from a web-page of the man-page, and the distro there seems to replace the full-stop with a hyphen
<Synopsis> no need to apologize :)  you're still being very helpful
<TJ-> Synopsis: it's an intriguing option. Quite easy to implement once you find the correct file ;)
<Synopsis> easy if you know what you're doing maybe...i ran the "systemctl edit getty@tty1" like on that link and copied the text into the file, rebooted and the system is hung at a blank screen with a blinking cursor
<Synopsis> i can still ssh to it though
<TJ-> Synopsis: Best to test on something other than the primary tty, that is generally reserved for system
<Synopsis> ok, so how do i undo what I did and which tty should i use? any # but 1?
<TJ-> Move that file to be @tty2, reboot, you should have a login prompt on tty1, and pressing Alt+F2 should get you onto tty2
<TJ-> You'll probably need to edit its contents too, if they mention 'tty1' of course
<Synopsis> k, moved that file, rebooted, have my login prompt again, but it didn't auto login, and if i alt-f2, it's stuck at the blinking cursor...i've got to just be missing something stupid
<TJ-> Synopsis: I see a possible confusion in those ArchLinux notes. They specify the file to manually edit inside the coloured code block that also shows the contents to use. *don't* include that filename in the file
<TJ-> Synopsis: in other words, the content you add starts with the "[Service]" line
<TJ-> Synopsis: just to be sure that systemd is creating the expected ttys... does Alt+F3 get you to a login on tty3?
<Synopsis> yes, and i didnt copy the filename into the contents, just the [service] and below
<TJ-> Synopsis: I'm not sure than; the fact you don't get a login prompt on tty2 shows the unit file is being acted on... presumably something fails, so no process takes on tty2
<Synopsis> would it be logged somewhere so I could get an idea?
<TJ-> I think so, systemd is supposed to be quite verbose. I think "journalctl --unit=getty@tty2" *may* be what you need
<Synopsis> nah...didnt return anything
<TJ-> Synopsis: I may have the syntax wrong; I was trying to decipher the man-page
<Synopsis> i ran it without any parameters and found this
<Synopsis> at the very end
<TJ-> try it for --unit=getty@tty1  .... if that shows something, at least we know its the correct syntax
<Synopsis> nevermind, thats just the command i entered before that returned nothing
<TJ-> You know you can directly paste text from a console? if you use "pastebinit <( your-commands-nere )"  the output will be sent to a pastebin and you'll be given the URL to pass on
<Synopsis> didnt know that :)
<TJ-> or to send a plain file, "pastebinit /path/to/file"
<TJ-> We use that extensively for support, provided the PC has an internet connection
<Synopsis> @tty1 did return 2 lines
<TJ-> Synopsis: OK ... try it for --unit=getty@tty3 as well . If that also returns something we know what we should be expecting for tty2
<Synopsis> nothing for 3
<TJ-> Synopsis: And there's a login on tty3 (Alt+3) ?
<Synopsis> yes
<TJ-> Synopsis: OK, that tells us tty1 is 'special' :)
<TJ-> Synopsis: ok, "systemctl --failed"
<Synopsis> what am i doing wrong here?
<Synopsis> picturesadmin@localhost:~$ pastebinit <journalctl --unit=getty@tty1
<Synopsis> -bash: journalctl: No such file or directory
<Synopsis> unrecogonized option --failed
<Synopsis> oops
<Synopsis> sorry, wrong base command
<TJ-> Synopsis: "pastebinit <( command )" ... notice the parenthesis () immediately after the <
<Synopsis> ok, didnt realize those were literal
<TJ-> Synopsis: when I type commands inside double-quotes it shows exactly what is required, with the exception of the user-variable 'command'
<Synopsis> http://paste.ubuntu.com/12142767/
<TJ-> Synopsis: OK, that confirms the unit failed, so we know it tried. Now lets get detailed info on the failure: "systemctl status getty@tty2 | tee /dev/stdout | pastebinit"
<TJ-> Synopsis: that command lets you see the output as well as sending it to pastebin
<Synopsis> http://paste.ubuntu.com/12142782/
<Synopsis> all it did was give me the pastebin url, didnt see output on screen
<TJ-> Synopsis: oh... silly me, typos again ... should have had in there " | tee /dev/stderr | "
<Synopsis> k...that showed me the output :)
<TJ-> Synopsis: I think the cause is ArchLinux buts agetty in a different place to Ubuntu. I also notice that ExecStart= doesn't seem to be followed immediately by a hyphen as is shown in the ArchLinux guide - not sure if it is 100% vital but doubt it'd be there if it isn't needed. The correct path is ExecStart=-/sbin/agetty ...
<TJ-> s/buts/puts/
<Synopsis> so run systemctl edit getty@tty2 and fix that path?
<TJ-> Synopsis: Yes
<TJ-> Then you should be able to test it immediately with "systemctl start getty@tty2" - no reboot required
<Synopsis> ok, that worked, when i switched to tty2 it logged the user in, but i think i want it on tty1 since i want that to start my "slideshow"
<TJ-> Synopsis: I think it would be better to keep tty1 reserved for the system since it is 'special' and just have a script/command the makes tty2 the active VT
<Synopsis> i'm ok with that if you can point me in the direction to make it happen
 * TJ- groans :D
<TJ-> I really walked into that!
<Synopsis> hehe
<TJ-> The manual command is "chvt X" where X would be 2 (like pressing Alt+F2). I need to check if there's another/better way to set it from boot
<Synopsis> k
<Synopsis> according to http://unix.stackexchange.com/questions/115482/how-to-change-the-default-tty-after-boot, i can just add the command to /etc/rc.local
<TJ-> Synopsis: yes, that's the 'manual' way I was talking about, but I seem to recall there was a way to configure it on the kernel command line
<TJ-> Synopsis: but go with /etc/rc.local ... add "chvt 2" *before* the "exit 0" line. rc.local *must* return 0 (success) to its caller
<Synopsis> perfect, works like a charm...couple more questions and all that will be left is for me to disassemble this laptop and build a "frame" for it :)
<TJ-> Don't break it after all this!
<Synopsis> would i put my "slideshow" command in rc.local as well?
<Synopsis> http://paste.ubuntu.com/12143037/
<TJ-> If you're not worried about it failing and not being restarted. Otherwise, create a custom systemd unit that starts the application
<Synopsis> thats what i was getting at...and can i make it restart periodically even when no problems so it can look for new files?
<TJ-> Yes... you could even use a separate background process using 'inotifywait' that 'watches' the media directly and restarts fbi/a systemd service when it sees changes in the directory
<TJ-> s/directly/directory/
<Synopsis> ooooh...pretty! tell me how! :P
<TJ-> I'm leaving that as an exercise for you! I've got things of my own to do :D
<Synopsis> :)
<Synopsis> hey tj, still around?
<wedgwood> Who maintains https://cloud-images.ubuntu.com/locator/ec2/releasesTable? There's a trailing comma (invalid in JSON) at the end of the list of lists.
<wedgwood> Never mind, I found https://cloud-images.ubuntu.com/releases/streams/v1/com.ubuntu.cloud:released:aws.json
<OerHeks> good find, i was searching https://help.ubuntu.com/community/UEC/Images
<martins> smoser ping, you around
<dweller_> When I reboot from a session it loads to a blank screen. CTL+ALT+DEL works to reboot. Sometimes it boots back to the blank screen, sometimes to the GRUB menu, and even once it went straight to the login. What's going on??? I would love to have it just boot to login.
<dweller_> I'm setting up Ubuntu Server 14.04.3
<larsi> you can disable the gui and make it boot straight to terminal by editing grub_cmdline_linux_default to say "text" in /etc/default/grub
<larsi> if that's what you're attempting to do
<dweller_> @larsi, that is what I would like, there is no GUI installed yet. However, I think the problem is in the BIOS or GRUB. It the computer still reboots to a blank screen after changing the value to "text".
<TJ-> dweller_: 'text' tells the system not to auto-start the display manager. Has no effect on -server
<TJ-> dweller_: it sounds like a problem with the system... possibly hardware
<caliculk> Where are postgresql database files located? I just want to see if it is possible to restore adatabase (I didn't back it up to a file) that might have been backed up from one of the folders I archived before I installed ubuntu 15.04
<caliculk> Or am I SOL if I didn't back the databse up to a file before wiping and installing 15.04?
<maxb> Somewhere in /var/lib would be my guess
<caliculk>  maxb well, I do see several files there, but I assume that copying a 9.1 database over to a 9.4 postgresql would be a bad idea in general
<caliculk> Any way to install postgresql 9.1 on 14.04 now that the only one listed in te repos is 9.4?
<caliculk> I sorta need to grab it before I can do anything.
#ubuntu-server 2015-08-22
<JanC> caliculk: do you really need an old Postgres version?  if so, maybe use Ubuntu 12.04 for now?
<JanC> and find some way to upgrade in the next couple of years
<caliculk> JanC just to get the data, but I already did so for now. I don't need it anymore.
<JanC> okay  :)
<dsfsdgdsg> Hi there, How do I allow "user" who is apart of "snort" group access to /var/log/snort/, these are the permission I have so far. (http://paste.ubuntu.com/12147143/)
<dsfsdgdsg> in order for a user to have rw do you have set +x ? makes no sense
<TJ-> that directory doesn't give the user any permissions
<dsfsdgdsg> interesting what should I google to work this out?
<TJ-> dsfsdgdsg: look at the pastebin... in particular, look at the owning *user* and *group* - what is the *group* ?
<edtoast_46> please try joining #edtoast .I would greatly appreciate it
<dsfsdgdsg> the owning groups are *snort* and *adm* ?
<TJ-> dsfsdgdsg: no. The owning user is "snort". The owning *group* is "adm". Is your user a member of "adm"?
<dsfsdgdsg> no I'm not in group adm only snort, sudo and user
<TJ-> dsfsdgdsg: that is why the user doesn't get access to /var/log/snort/
<dsfsdgdsg> TJ-: excellent thanks so much I've added myself now have access, If I have 0660 set I cannot see the permissions on file only file names as *user*
<caliculk> Alright, a little frustrated, but after trying to modify samba config files, and restart the service, I can no longer properly start or access the samba server.
<caliculk> It doesn't show up if I ty to manually access it, if I rollback the config file either.
<caliculk> This is what syslog states: http://pastebin.com/C7adWBcd
<samthewildone> I recently did a "dpkg reconfigure console..." and my tty1 font is still very small
<samthewildone> is there a way I can take this from 7.5pt to like 12 ?!
<mybalzitch> https://askubuntu.com/questions/173220/how-do-i-change-the-font-or-the-font-size-in-the-tty-console
<mybalzitch> samthewildone: ^
<tiblock> Hi. I have binary file "myprogram" and i want to launch it just like "myprogram" what is correct way to do it? I know i can "ln -s" it to /usr/bin or add to PATH, but what is correct way?
<bekks> tiblock: Add it to your path.
<bekks> Or start it with "./myprogram" after changing to the directory where it is located.
<tiblock> bekks, isnt there tools in ubuntu for that? I saw programs do like "update-alternatives" or something and after that programs are working.
<bekks> tiblock: update-alternatives will not help you in this case.
<tiblock> bekks, okay, thank you
<bekks> tiblock: Whats the actual issue, behind your question?
<tiblock> bekks, just want to know maybe i doing something wrong
<tiblock> but looks like everything is fine
<jelly> tiblock: if it's not packaged, you should probably use /usr/local/bin PATH component instead of /usr/bin
<tiblock> jelly, thank you
<yoko> Hi, my simple question
<yoko> install lamp in root account, i have use normal account localhost, example adress localhost = /var/www I have localhost = /home/myaccount/www how added in apache2.conf ?
<yoko> ok
<teward> yoko: um...
<teward> yoko: edit the apache configurations with sudo?
<yoko> yes i used sudo
<teward> and you edited the apache configurations and pointed the docroot to /home/myaccount/www ?
<yoko> my apache2.conf file http://wklej.org/id/1781392/
<yoko> yes
<yoko> i have use localhost forum in normal account home
<teward> ...
<teward> you didn't edit this config
<teward> or rather
<teward> you provdied the WRONG configuration
<teward> yoko: the config for the sites is in sites-available.
<yoko> i know
<teward> first
<teward> `sudo a2dissite default`
<teward> then edit the default configuration file in the /etc/apache2/sites-available/ folder
<teward> then `sudo a2ensite default`
<teward> `sudo service apache2 restart`
<yoko> ERROR: Site default does not exist!
<teward> ...
<teward> i hate apache
<yoko> lighttp install ?
<yoko> It only local localhost on theme created
<teward> not what i meant
<yoko> http://www.lighttpd.net
<teward> yoko: include the /etc/apache2/sites-available/000-default.conf in a pastebin
<yoko> http://wklej.org/id/1781396/
<teward> yoko: edit line 12 to be the correct docroot.
<teward> ie. /home/myaccount/ww
<teward> restart the apache2 process - sudo service apache2 restart
<teward> see if that fixes it
<teward> (and read up on Apache configuration documentation because you should probably try and understand it a little if you're going to be running apache)
<yoko> i do
<yoko> loclhost in adress - Forbidden  You don't have permission to access / on this server. Apache/2.4.10 (Ubuntu) Server at localhost Port 80
<yoko> thank for help hello
<linocisco> hi all
<linocisco> I am now trying to install ubuntu server 14.04.2 and at the stage of preparing hdd. After ubuntu server and I will install CEntOS later. How should I prepare HDD partition and recommended partition size and type as minimum requirement
<linocisco> ?
<linocisco> I am now trying to install ubuntu server 14.04.2 and at the stage of preparing hdd. After ubuntu server and I will install CEntOS later. How should I prepare HDD partition and recommended partition size and type as minimum requirement. I am thinking for dualboot
<linocisco> I am now trying to install ubuntu server 14.04.2 and at the stage of preparing hdd. After ubuntu server and I will install CEntOS later. How should I prepare HDD partition and recommended partition size and type as minimum requirement. I am thinking for dualboot
<RoyK> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<RoyK> !patience
<ubottu> Don't feel ignored and repeat your question quickly; if nobody knows your answer, nobody will answer you. While you wait, try searching https://help.ubuntu.com or http://ubuntuforums.org or http://askubuntu.com/
<RoyK> linocisco: just split it in two if you want dual boot. I'd use a VM for one of them, though. Why are you testing both?
<RoyK> linocisco: Both should work well on their own - it's just linux - the choice between them mostly depends on what you're most used to or what you like
<linocisco> RoyK, thanks for reply. One OS should be ubuntu server with most common server roles, file/directory .etc and second will be Elastix with is natively bundled with CentOS
<RoyK> linocisco: I beleive you can run elastix on ubuntu too
<linocisco> RoyK, I dont want to mess up both
<RoyK> oh - you mean elastix as in a distro?
<RoyK> that one? http://www.elastix.com/en/downloads/
<RoyK> just run a VM with it
<RoyK> install kvm+libvirt and start virt-manager and install it
<linocisco> RoyK, sure. Elastix recommends upgrade only from its release. no modification. I am not happy with performance of VM of my hardware resource.
<RoyK> what sort of hardware?
<RoyK> a VM usually gets 10% lower CPU than native, so it shouldn't be too much of a problem
<linocisco> RoyK, HP Elite 8200 CMT and internet is very expensive here
<RoyK> we run 90% of our servers virtualised ;)
<linocisco> RoyK, it might be hardware virtualization like VMWare ESX-i. software virtualization is not so good in performance
<RoyK> kvm uses hardware virtualisation
<RoyK> just like ESXi
<RoyK> Amazon is mostly using KVM these days
<mybalzitch> I'm glad the most recent kvm update fixed virtualization on my server
<mybalzitch> it had been broken for more than a year
<RoyK> broken how?
<mybalzitch> libvirt would complain about an unknown error when you launched a VM
<linocisco> RoyK, Is KVM better than Oracle's Virtualbox?
<mybalzitch> linocisco: kvm is not an oracle product, so that's nice
<quantic> linocisco: Highly.
<linocisco> mybalzitch, i know. it is linux's one
<bekks> Virtualbox is an Oracle product, so its not that slow as KVM ;)
<RoyK> linocisco: probably about the same - VirtualBox may be better on graphics, though, but usually you won't need that on a server
<bekks> You can run VBox headlessly.
<RoyK> bekks: yes, you can, but I was thinking about desktop virtualisation - last I tried that with kvm, it wasn't very good, but again, this is about a server, right?
<RoyK> oh - seems KVM supports vGPU now too
<RoyK> neat
<RoyK> ESXi 6 supports that too - not 5.5, though
<RoyK> linocisco: how much memory do you have in this box?
<linocisco> hi all
<linocisco> with reference to http://ubuntuserverguide.com/2013/02/manual-disk-partition-guide-for-ubuntu-server-edition.html, i m not quite sure about partition
<RoyK> linocisco: just create a 1GB partition for /boot, with ext2, and then a partition with the rest of the disk for LVM, on LVM, create a LV for swap (same as memory size) and one for root (10GB should do for a start) on ext4. Add more later or increase sizes later if you need to
<RoyK> always use LVM - it's way more flexible than partitions
<linocisco> RoyK, I am thinking about dualboot as I said. so should I choose 50% first?
<RoyK> linocisco: why dualboot? have you even triede KVM?
<RoyK> tried, even
<RoyK> or tested
<RoyK> or whatever
<RoyK> try virtualisation first
<linocisco> RoyK, i should install KVM , right  ? that will need internet to download, here more dowloading more money here with mobile internet I have here
<linocisco> I have never successfully managed dualboot
<RoyK> linocisco: the packages aren't very big
<RoyK> the virtualisation level is in kernel - all you need are the support packages
<linocisco> RoyK, honestly, I have internet with 3G SIM card with Nokia E5 handset. I dont know how to provide internet from that dump nokia to cli only server. that is why I am stuck
<RoyK> linocisco: damn - where are you located?
<RoyK> I don't think kvm/libvirt/virt-manager is much, though, perhaps a few megs
<linocisco> RoyK, preferred not to say. but it is not expensive internet
<linocisco> RoyK, preferred not to say. but it is so expensive internet
<ren0v0> hi, when partitioning a disk, is it possible to control partition numbers? im trying to create a new partition and its calling it #5 ?
<quantic> ren0v0: You're creating a logical partition on an MBR formatted disk.
<quantic> ren0v0: That's normal. Primary partitions are 1-4. Extended/logical/whatever are 5+.
<ren0v0> ok thanks :D
<lordievader> You could choose to go with gpt instead.
<quantic> ^
<ren0v0> learn something everyday, always wondered why
<linocisco> how to edit grub file ? on boot, splash menu is so fast and I can't go into advanced options
<lordievader> linocisco: vim /etc/default/grub|/etc/grub.d/*?
<lordievader> Then run 'sudo update-grub2'.
<linocisco> hi
<linocisco> hi
<linocisco> hi
<lordievader> linocisco: Err, hello?
<linocisco> i have problem with grub
<linocisco> to change bigger fonts in CLI
<lordievader> Grub has little to do with how fonts are rendered in tty's.
<linocisco> lordievader, https://www.centos.org/forums/viewtopic.php?f=13&t=2932&sid=bc3bdda5c4cbb8bc4d4c7144e290f5dc
<linocisco> lordievader, that trick fixed my fonts on ubuntu server version before
<linocisco> lordievader, now I can't find that file. grub.cfg has no such line
<lordievader> You don't want to edit /boot/grub/grub.cfg directly.
<lordievader> What trick are you referring to?
<linocisco> lordievader, in the grub file, I need to find such line "kernel /vmlinuz-2.6-whatever ro root=/lots-of-numbers, KEYTABLE=us rhgb quet"
<linocisco> and add nomodeset at the end . that fixed my problem with smaller fonts on CLI
<lordievader> linocisco: That is /etc/default/grub.
<bekks> lordievader: Which he states does not exist for him.
<linocisco> bekks lordievader i swear I had used that trick
<linocisco> so what is your trick to make smaller fonts in CLI to make it biggger?
<lordievader> If that file ain't there grub is not installed.
<linocisco> not only in CLI, also should be bigger in grub boot loader menu lines and font at boot time
<lordievader> linocisco: What is the output of 'dpkg -l|grep grub'?
<bekks> linocisco: So that file existed. What did you do to it so it doesnt exist anymore?
<lordievader> Sounds like a driver not handeling modesetting properly.
<linocisco> grub-common, grub-gfxpayload-lists grub-pc grub-pc-bin grub2-common
<linocisco> mine is 64bit
<linocisco> i formatted HDD and reinstall with 14.04.2 x64
<linocisco> before was 32bit
<bekks> linocisco: Whats the output of "ls -lha /etc/default/grub"?
 * lordievader thought grub-pc or grub-common delivered /etc/default/grub
<linocisco> bekks, -rw-r--r-- 1 root root 1.2K Aug22 23:57 /etc/defult/grub
<lordievader> So it does exist...
<bekks> So that file exists - whats the problem now?
<linocisco> let say what I have done to fix small fonts problem is wrong. ok? how do you fix if I were you?
<bekks> Lets say you fix your first issue first.
<bekks> nomodeset.
<linocisco> bekks,  I am looking for the correct file and correct line and correct place to add that "nomodeset"
<bekks> !nomodeset | linocisco
<ubottu> linocisco: A common kernel (boot)parameter is nomodeset, which is needed for some graphic cards that otherwise boot into a black screen or show corrupted splash screen. See http://ubuntuforums.org/showthread.php?t=1613132 on how to use this parameter
<linocisco> bekks, thanks. finally Got it. that is what I am asking so long
<bekks> You have een clued multiple times on how to do it, bt you ignored all clues.
<linocisco> bekks, what I need is only that link "http://ubuntuforums.org/showthread.php?t=1613132"
<linocisco> correct ubuntu way
<bekks> You were told how to do it the ubuntu way multiple times.
<bekks> Whatever - did you fix it now?
<linocisco> bekks, done. I didn't understand before I got that link because I am looking for that desired file
<lordievader> Yes, and you were given that file several times.
<linocisco> lordievader, I didn't see. i m sorry
<bekks> And that link, too.
<bekks> linocisco: You must have been ignoring clues the whole day then...
<linocisco> bekks , I was being told /etc/default/grub. many times, but I dont know exactly where in which line to edit
<linocisco> sorry for your time and my time. have a nice day
<bekks> You have benn told multiple times.
<bekks> *been
<linocisco> thanks anyway . done
<linocisco> hi all, what is the recommended updated ubuntu server book?
<linocisco> with most common troubleshooting real world examples
<bekks> linocisco: The online documentation. Printed documentation is out of date before you read it.
<lordievader> The best way to learn is to use it.
<linocisco> lordievader, somewhat correct. but level of knowledge is not the same for everyone.
<bekks> linocisco: you dont need the same level for learning by doing :)
<lordievader> Hence the learning ;)
<samthewildone> I need help to make my fonts bigger, I tried the dpkg reconfigure console command but, the fonts are still pretty tiny.
<samthewildone> oh wait... nevermind I found it !
<caliculk> Is logrotate no longer enabled on Ubuntu 15.04 server edition?
<caliculk> I seem to be having an issue with logrotate not rotating logs, even when running logrotate -d /etc/logrotate.conf shows the appropriate values to rotate the logs
<diego12> hola
<samthewildone> currently did a shred from a remote to the server but, still logged in terminal
<samthewildone> is there a way I can break away from the terminal and have the shred still run in th background ?
<bekks> You would have needed to start it using tmux, screen or nohup
<dweller_> Trying to get swap partition to work on a fresh install of 14.04.3. I get this error at startup: "The disk drive for /dev/mapper/cryptswap1 is not ready yet or not present". I have tried following the steps outline here: http://punygeek.blogspot.ca/2012/10/ubuntu-1204-how-to-solve-disk-drive-for.html which does show the swap partition is present after "free -m" but upon reboot, the problem persists.
<oste> seeing a crazy situation - i have a deploy script that creates a symlink for nginx to read. It seems like this symlink is not updating - the site is served old symlinks
<samthewildone> bekks: yeah kinda figured that out at the last minutew
<samthewildone> bekks: thx
#ubuntu-server 2015-08-23
<stevenroose> is it possible that certain RAID controllers are not supported by Debian?
<TJ-> stevenroose: Yes, it is possible
<stevenroose> like an Intel RAID controller? They have drivers for RHeL and SUSE
<stevenroose> but with most hardware, the community often ports them
<stevenroose> TJ-: is there a way I can check?
<TJ-> stevenroose: look at the PCI ID of the device, and see which, if any, driver has that device ID listed
<stevenroose> I feel sorry to ask you, but how do I check pci ids and where do I find the driver listings for Debian?
<TJ-> stevenroose: "lspci -nn" and look at the [VVVV:PPPP] id (Vendor:Product), then do "grep -i 'VVVV.*PPPP' /lib/modules/$(uname -r)/*" ... any module that claims an alias for that ID will be reported
<stevenroose> 1000 for intel, could that be right?
<stevenroose> cendor id
<stevenroose> I think I got one
<stevenroose> megaraid_sas
<stevenroose> nice, thanks
<stevenroose> altough, that means the issue lies within the raid controller, a lot harder to fix :s
<stevenroose> TJ-: lsst question on RAID, do some raids provide a way to configure them from within linux and if so, how?
<stevenroose> currently, I should boot into the BIOS of the RAID controller, but it wont boot
<pmatulis> stevenroose: the "issue" *may be* that the controller is not supported by the Ubuntu kernel you're running
<TJ-> stevenroose: it depends on the RAID controller make/model. Some have F/OSS tools as well as the BIOS config, others have proprietary Linux tools
<TJ-> stevenroose: 'won't boot' doesn't tell us a lot. what do you see specifically? how is the disk partitioned (MBR or GPT)
<TJ-> stevenroose: I fixed an issue for a user earlier with hardware RAID with 4TB disk array, partitioned as GPT whic wouldn't boot. It needed a hybrid MBR with the boot partition in the MBR, so that the BOOT BIOS could find it
<stevenroose> TJ-: well, I had a software raid on the drives using mdadm, and I wanted to move them to the controller
<stevenroose> I did not repartition them or anything..
<stevenroose> (I'm fine with the data being lost though)
<stevenroose> prepared for that
<TJ-> stevenroose: that will rarely work, the mdadm metadata will not work with the metadata the RAID controller will use
<stevenroose> what the bios boot says is "there aren;t any devices:
<stevenroose> TJ-: yea I figured that, I just assumed the controller would be able to reformat everything according to how they needed it
<stevenroose> again, I prepared for losing the data
<TJ-> stevenroose: boot with a Live ISO image, then look at the raw data on the hardware RAID device, that will give you some idea of how the array is presented
<TJ-> stevenroose: have you already created the array in the controller's BIOS setup?
<stevenroose> TJ-: how does booting from a live image matter there?
<stevenroose> I can boot the computer
<stevenroose> no, the controllers bios won't start
<stevenroose> if I press the key to enter it, it prints "there aren't any devices" shortly and exits
<stevenroose> continuing the regular boot process
<TJ-> stevenroose: if the device won't boot put is present, you can look at the raw data and figure out if there's an offset required to get to the partitions inside the mdadm volumes
<TJ-> stevenroose: have you connected the drives to the correct ports on the controller?
<stevenroose> yes, it has one plug that fans out into 4 cables
<stevenroose> I connected 0-2 to my 3 drives
<stevenroose> the first thing you said I did not understand, though :p
<TJ-> stevenroose: what is the exact make/model of controller?
<stevenroose> Intel RAID controller SRCSASLS4I
<stevenroose> I bought it second hand though
<stevenroose> so at boottime it says that the drives [it used to work with] are not present, asks to press C to reconfigure, enters BIOS, prints "there arent't any devices" and exits
<stevenroose> (it does not load the graphical bios like on the manual, though; it just prints console"
<stevenroose> weird thing is, that it seems to recognize the disks in some way, before the message comes, it very briefly prints a table with SATA and other data in it (too short to give it a good look), with 3 rows, and when I booted  with the devices unplugged, the table was emty
<stevenroose> TJ-: so yes, the partitioning might be at fault. what should normally be done when preparing a hard disk for usage with a raid controller? I have no experience with them
<TJ-> stevenroose: at boot time you see "Press <CTRL><G> to run BIOS Console 2." ?
<stevenroose> yes
<stevenroose> I press it
<stevenroose> then the table comes up shortly
<TJ-> stevenroose: At that point you should have a Configure menu
<stevenroose> then there is something that I can pause or skip (with CTRL + somethign), but it is over so quickly that I cannot interact, and then the screen refreshed with some specs on top and then the "there aren't any devices" message
<stevenroose> would you be able to tell more if I filmed it? :D
<TJ-> stevenroose: I'm just reading the hardware guide
<stevenroose> any luck?
<TJ-> stevenroose: you need to read the Software User Guide, it has extensive info on configuration
<stevenroose> got a link perhaps?
<stevenroose> I have a disk here, but I dont have a drisk drive anymore on any of my current machines
<stevenroose> just to make sure: there are no common requirements regarding the partitioning of disks when connecting them for hardware raid?
<TJ-> Looks like Chapter 8 applies you your device.  http://download.intel.com/support/motherboards/server/sb/d29305023_raid_swug_r23_5.pdf
<stevenroose> TJ-: do you know the answer to my last question? it might save me a lot of time :)
<TJ-> stevenroose: the controller is responsible for writing metadata to the disks, it then presents a logical view to the BIOS and operating system, and they can do whatever they want on the logical disk
<stevenroose> TJ-: so whatever partitioning they have when connected, the controller will just ingore the partitioning and overwrite it when the setup is confirmed?
<TJ-> stevenroose: it'll look for its own existing metadata and if not found assume the disks are unallocated
<stevenroose> the problem is that the use guide assumes everything is working
<stevenroose> like here
<stevenroose> http://imgur.com/5eabysZ
<stevenroose> I don't get to the second part of the first step
<TJ-> stevenroose: maybe that's a sign the controller is faulty
<TJ-> stevenroose: if no controller selection appears, then its probably dead
<stevenroose> TJ-: I'm trying to film the boot process for you to judge what you think, but my phone doesnt seem to want to boot anymore, give me a minute
<samthewildone> can I use ubuntu server as a mining for bitcoin without actually installing a desktop environment ?
<pmatulis> stevenroose: skip to a terminal and use lspci to determine if the controller is recognized
<lordievader> Good morning.
<cluelessperson> hey guys, I'm trying to setup my swap partition.  I extened the drive space for my VM, and I created 2.25GB for swap, and I'm tryiong to setup fstab to load it, but it doesn't seem to work
<cluelessperson> swapon -s  shows nothing.
<lordievader> cluelessperson: Did you reboot after you added it to fstab (or did you run swapon -a)?
<cluelessperson> lordievader, rebooted, twice
<cluelessperson> swapon -s    http://paste.ubuntu.com/12170224/
<lordievader> Could you pastebin your fstab?
<cluelessperson> cat /etc/fstab        http://paste.ubuntu.com/12170232/
<lordievader> The uuid is correct?
<cluelessperson> lordievader, I copied it when I did the make swap command
<lordievader> cluelessperson: What is the output of 'sudo lsblk -o name,uuid'?
<cluelessperson> http://paste.ubuntu.com/12170242/
<lordievader> Is sda2 swap?
<cluelessperson> lordievader, It should be, yes
<lordievader> Then the uuid should be: 7d7df027-4b53-4744-9656-cca0d1739a4e
<lordievader> Then run swapon -a again.
<cluelessperson> lordievader, excellent! :D
<cluelessperson> lordievader, thanks, sorry for the annoyance.  I must have mis-copied or gotten mixed up
<lordievader> No problem ;)
<hackeron> hey, anyone has idea what is leaking memory on my ubuntu server and how to troubleshoot? < http://superuser.com/questions/793192/invisible-memory-leak-on-linux-ubuntu-server-not-disk-cache-buffers
<bekks> Nothing is leaking memory.
<bekks> As being told in the post, the memory management works different from how you think it does.
<bekks> hackeron: Please see http://www.linuxatemyram.com/ as well.
<hackeron> bekks: I did - read again
<hackeron> bekks: look at the -/+ buffers/cache line in that post
<bekks> I did - can you rephrase whats to be seen there?
<hackeron> bekks: no you didn't, -/+ buffers/cache:       1771        220 -- so after accounting for cache/buffers, there is only 220MB free, 1.7GB is missing/leaked
<bekks> So read and try to understand http://www.linuxatemyram.com/
<hackeron> bekks: I did
<hackeron> bekks: read and try to understand my question
<bekks> I did. Your question is explained on http://www.linuxatemyram.com/
<hackeron> bekks: no it is not - you are misunderstanding the question
<bekks> So rephrase it please.
<hackeron> bekks: memory is not used for disk caching
<hackeron> bekks: what that page says does not apply
<bekks> So you manually disabled disk caching in memory?
<dasjoe> That superuser.com question is a year old
<bekks> If you didnt, then the memory is caching.
<hackeron> dasjoe: it is still an issue in 15.04
<dasjoe> hackeron: I don't see an issue, sorry
<bekks> hackeron: It isnt, and it never was, after understanding http://www.linuxatemyram.com/
<hackeron> bekks: I did, read the question: sync; sync; sync; echo 3 > /proc/sys/vm/drop_caches
<hackeron> bekks: I did drop caches explicitly, it is not a disk caching issue
<dasjoe> "note cached and buffers are both low so this is not disk cache or buffers!", how is 1771 MB "low"?
<bekks> Droping cache does not mean disabling them.
<hackeron> dasjoe: you are misreading the output of free....
<hackeron> dasjoe: -/+ buffers/cache means without buffers or cache
<hackeron> bekks: dropping cache would clear that 1.7GB if it was a disk caching issue
<bekks> hackeron: It would write down the content but not remove the cache.
<hackeron> bekks: ok, how do you disable disk cache just to prove to you it is nothing to do with disk cache?
<bekks> There is no issue to be proven.
<hackeron> bekks: look at the meminfo output -- look at the cached line
<bekks> Your question clearly shows that you did not understand the output of free -m
<hackeron> bekks: no it does not - read the link you posted
<bekks> I know that link very well, and it perfectly explains the output of free -m
<hackeron> bekks: To see how much ram is free to use for your applications, run free -m and look at the row that says "-/+ buffers/cache" in the column that says "free". That is your answer in megabytes:
<hackeron> bekks: so the free memory is 220MB according to your link
<hackeron> bekks: you really really do not - I'm sorry to say
<hackeron> bekks: you are wrong, completely and you need to read your link before you say anything more because this is pretty embarassing for you
<bekks> hackeron: I'm not sorry to say that you dont understand what "free" and "unused" means.
<hackeron> bekks: ok, just read your link...
<hackeron> bekks: free is 153MB -- free when you subtract cache and buffers is 220MB -- there is 1.7GB unaccounted for
<bekks> hackeron: The only thing embarrassing here is your attitude getting angry with people who try to help you. You're just not worth to waste my time any further.
<bekks> *plonk*
<hackeron> bekks: you are not helping, you are wrong and refusing to accept it
<hackeron> Anyone has idea what is leaking memory on my ubuntu server and how to troubleshoot? (Note this is not a disk cache/buffers issue, free memory is 153MB, after subtracting cache and buffers, it is 220MB, there is 1.7GB missing and unaccounted for) < http://superuser.com/questions/793192/invisible-memory-leak-on-linux-ubuntu-server-not-disk-cache-buffers
<hackeron> updated the question to include this for people like bekks who really should know better: "Please note, I have read and understood http://www.linuxatemyram.com - this is not a disk cache/buffers that is using up the memory. Before subtracting cache/buffers, the free memory is 153MB, after subtracting it is 220MB, there is still 1.7GB missing and unaccounted for."
<dinet> good day
<dinet> I have a quite annoying problem. Have three vhosts in apache and after a while apache stops responding. I got the sites to work yesterday but now it broke again
<dinet> the sites is stored in ~/www/sitename with a link in /var/wwww
<stevenroose> pmatulis: if you have aminute to look into this, I made a question over at serverfault, https://serverfault.com/questions/716105/intel-raid-controller-cannot-open-bios-and-doesnt-recognize-hard-drives
<Sling> dinet: define 'after a while' and 'stops responding', does it happen frequenty, after a set time? after doing something specific
<Sling> also did you check the logs and if possible mod_status output?
<dinet> Sling: or more like the connection freezez. the browser can stay on loading for ~30 min. This stint it froze after less than 24 hours
<dinet> Sling: saw this in error.log: H00161: server reached MaxRequestWorkers setting, consider raising the MaxRequestWorkers setting
<Sling> dinet: what MPM are you using and what settings does it have? did you change any of them?
<dinet> mpm?
<Sling> you can see this in apache2ctl -V output
<dinet> Server MPM:     prefork
<Sling> http://httpd.apache.org/docs/2.4/mod/prefork.html#how-it-works
<Sling> that describes which settings control how many clients can be served simultaneously in prefork
<Sling> I would recommend using event or worker though, prefork is the least performing way of running apache httpd
<dinet> can I change in http.conf?
<dinet> and that is how long ago I did these things..
<Sling> depends on which version you are running, in 2.4 you can switch MPM my loading the relevant mpm module
<Sling> but in 2.2 its compiled in the server
<dinet> Sling: standard install in ubuntu
<Sling> its also in the -V output
<dinet> 2.4
<Sling> the default ubuntu package doesn't use prefork I think, unless you use mod_php, are you using that?
<dinet> yes I do
<Sling> hm thats also a quite oldfashioned way of running apache+php :)
<Sling> come to #httpd and I will trigger some links to read up
<dinet> Sling: or how it now i started. did the install early this summer and used apt-get install apache2 php5 mysql
<Sling> dinet: yeah because of some legacy non-threadsafe php things, it will default to the prefork mpm
<Sling> which spawns a process per request so it doesn't break non-threadsafe php features
<Sling> but spawning a process every time a request comes in is not very performance efficient :)
<RoyK> Sling: what would you recommend instead of mod_php? fastcgi?
<Tangurin> hi!
<patdk-lap> I would never recommend mod_php :)
<patdk-lap> fastcgi is the best option
<patdk-lap> going with either direct php, or php-fpm, I perfer fpm myself
<JanC> Sling: -prefork doesn't spawn a process on every request (that's why it's called PREfork)
<patdk-lap> and it still doesn't do it per request, but per connection
<JanC> and dinet: if you have enough RAM to do so, you can raise MaxRequestWorkers indeed
<patdk-lap> and php is built in trusty using threadsafe, so apache doesn't need prefork
<tompaw> Morning.
<Sling> JanC: well, once the serverstart-number of processes are started, thats essentially what happens on a busy server
<Sling> in any case, its not optimal when dealing with high traffic
<RoyK> patdk-lap: is php threadsafe now?
<patdk-lap> it has been for a long long time
<patdk-lap> the problem is, most modules aren't, so no one used the threadsafe version
<patdk-lap> but debian/ubuntu with apache 2.4, switched to threadsafe mod_php
<xedniv> what is the best way to clone a real/metal server to a vm under kvm? and if it is to be done manually, is thereanything ready-made that lets you configure which /etc directories and files should be carried over gracefully?
<xedniv> possibly with interdiffing/choosing which one gets applied
<catalase> sudo usermod -a -G catalase debian-transmission. usermod: user 'debian-transmission' does not exist
<catalase> how can a user own those files but not exist. i can't move them, i can't even view the directory.
<catalase> why can't i change the permissions
<catalase> sudo chmod 777 /var/lib/transmission-daemon. chmod: cannot access â/var/lib/transmission-daemonâ: No such file or directory
<maxb> catalase: Well, the obvious first question is 'Since the command says it doesn't exist, what's the evidence that it does?'
<catalase> because when i use filezilla to look at the filesystem i can see that it exists
<catalase> http://i.imgur.com/RPUl747.png
<catalase> sudo service transmission-daemon stop. transmission-daemon: unrecognized service
<catalase> i cant edit the settings.json to change the umask to 0
<maxb> I don't know filezilla. I suggest you use 'ls -l /var/lib', not least because you can paste that to IRC
<skittishtrigger> In terminal, do you use the same method as changing /home mount points for /var?
<samthewildone> is there a way I can run a gpu miner without the xserver on the server ?
<samthewildone> or I must install a desktop environment ?
<maxb> skittishtrigger: You probably need to explain in a little more detail what you're trying to do, I don't quite understand what you're asking from what you've said so far
<skittishtrigger> I want to change the mount point for /var. atm (transferring servers and the mountpoint for /var is too small in new one)
<skittishtrigger> or would symslinking be better in this scenario?
<maxb> It's a bit unusual to have /var be its own mount point at all, have you considered just not using so many separate partitions?
<maxb> Changing mount points is easy, you just edit /etc/fstab. However the hard part is preparing the replacement thing you're going to mount instead, and copying data
<skittishtrigger> symlinking the assets folders might be a better way to go them. changing that should not be such a big hassle I am thinking
<Demon_Jester> Hey guys, I ssh'd into my server, and noticed that htop, and screenfetch are only showing 4gb of ram, I ran "sudo lshw -short -C memory" and it showed 8gb, is there another way to detect all 8gb just to make sure?
<Demon_Jester> I mean to see why not all 8gb of ram is not being detected.
<Demon_Jester> wow I cannot type.. lol
<RoyK> Demon_Jester: pastebin output of "free"
<Demon_Jester> http://pastebin.com/ZxB05Bdr
<Demon_Jester> swap shows 8gb or atleast i think it does.
<RoyK> what about lshw?
<Demon_Jester> lshw also shows this.. hold on
<RoyK> linux only sees 4 gigs there
<Demon_Jester> http://pastebin.com/mJpVDegp
<RoyK> wierd
<RoyK> 32bit system?
<Demon_Jester> shouldn't be its x86_64
<Demon_Jester> OS I mean.
<RoyK> uname -a ?
<Demon_Jester> 3.16.0-43-generic #58~14.04.1-Ubuntu SMP Mon Jun 22 10:21:20 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
<Demon_Jester> i opened it to put a plastic hdd bracket back in there, i may have touched one of the ram sticks without knowing it?
<RoyK> Demon_Jester: does BIOS see the memory?
<Demon_Jester> hmm i dont have a monitor readily avail to hook up..
<Demon_Jester> give me a few minutes and see if i can hook this monitor up to it
<Demon_Jester> ok this may seem crazy but I think I know why it was only showing 4gb, I have two other desktops (just the towers no monitors or anything) on the same electrical plug, and I had them one, too, maybe the main seerver wasn't getting enough power and had to use only half of the ram? I turned the desktops off and now its using all 8gb
<RoyK> Demon_Jester: doesn't make sense
<RoyK> Demon_Jester: memory doesn't use a lot of power
<Demon_Jester> idk maybe just a glitch or something?
<RoyK> reseat memory modules
<RoyK> that's the first thing
<Demon_Jester> ok
<linocisco> hi
<linocisco> i have edited static interface in /etc/network/interfaces. but /etc/init.d/networking restart could not activate eth0 up
<RoyK> pastebin it
<linocisco> RoyK, http://pastebin.ubuntu.com/12175474/
<RoyK> linocisco: should work
<linocisco> RoyK, too simple to see that does not work. I have rebooted and still not working. only lo and virbr0 are working
<RoyK> linocisco: does ifconfig -a show eth0 ?
<linocisco> RoyK, nope. just em1, lo and virbr0
<RoyK> missing a driver, perhaps?
<linocisco> RoyK, i think we should rename eth0 to em1
<linocisco> RoyK, how do you think?
<RoyK> might be - try to configure em1
<linocisco> RoyK, doesn't work
<RoyK> linocisco: what does lshw has to say?
<linocisco> RoyK, i have rebooted again
<linocisco> RoyK, so many lines in lshw output
<RoyK> it's quite verbose, yes
<hackeron_> Anyone have any ideas how to troubleshoot this memory leak? < http://superuser.com/questions/793192/invisible-memory-leak-on-linux-ubuntu-server-not-disk-cache-buffers
<TJ-> hackeron_: have you tried replacing the applications with a placebo - if the same issue occurs you've at least proved its kernel not application related ?
<hackeron_> TJ-: if it's application related, it should show the memory growing in top or ps -- if the server is just idling and not doing anything, then the kernel does not leak memory. I am not sure what form this placebo can take?
<TJ-> hackeron_: Pull in the data over the network in the same way but dump it without any kind of processing or piping (so it doesn't get into the caches)
<TJ-> hackeron_: The other thing I'd do is ptrace kmalloc() and kfree() (and there relations) to track kernel module's use of memory
<hackeron_> TJ-: hmm, I will try this - good idea! -- is there a guide how to track kernel module's use of memory? - This is what I haven't been able to find. I think possibly a bug with the ethernet driver as I'm pulling terabytes of data.
<TJ-> hackeron_: I'm also wondering if memory fragmention could be an issue
<TJ-> hackeron_: maybe this will get you further  http://elinux.org/Kernel_dynamic_memory_analysis#Memory_accounting
<TJ-> hackeron_: Yes, that would be the easy culprit to blame :) Do the NICs have any kind of offload capability, and if so, have you tried changing that (if it is offloading, disable it, or if it is disabled, enable it) - anything to provoke a real change in the stats you're collecting to give you a clue
<TJ-> hackeron_: from that link I think this may be useful:
<TJ-> Internal fragmentation
<TJ-> For different reasons (alignment, overhead, etc) when we request 100 bytes with kmalloc(100) the slab allocator may really allocate 128 bytes (or 140 bytes, we can't really know). These extra 28 bytes can't be used, and therefore you are wasting them
<hackeron_> TJ-: not quite sure how to check/change - I will check the ethtool man page as I'm hoping that will do it?
<hackeron_> TJ-: interesting - how would I detect something like that?
<TJ-> hackeron_: offloading, if available, is usually kernel-module options so 'modinfo' will reveal
<TJ-> hackeron_: use the suggestions in that link to do memory accounting on kmem
<hackeron_> TJ-: ok, will read and try to make sense of it all :) - I'm new to this low level stuff
<hackeron_> TJ-: thank you!
<TJ-> hackeron_: Good luck with it, I know how infuriating and time consuming it can be
<hackeron_> TJ-: definitely :( - been trying to figure this out for over a year - but now on 1 server it is quicker to reproduce so goign to give it another crack!
<TJ-> hackeron_: have you tried rate-limiting the network input and seeing if that correlates to the growth in the missing mem?
<hackeron_> TJ-: so this kmalloc vs slab allocator is purely kernel side? - or can this "memory disappearing" issue happen transparently by something in the userspace?
<TJ-> hackeron_: E.g. force the link to run at 100Mbps instead of 1Gbps
<TJ-> hackeron_: it's all in-kernel, but obviously kernel allocates memory for processes too so you can monitor internal kernel use and per-process usage.
<hackeron_> TJ-: ok, but generally, no user space app should be able to trigger this memory disappearing? - just to rule out ffmpeg/python, etc
<TJ-> hackeron_: I'd also strongly advise you to talk to the kernel's memory management (mm) team. The web-site is at http://www.linux-mm.org   and they have a mailing list   linux-mm@kvack.org
<TJ-> hackeron_: userspace could trigger... requesting lots of blocks of memory could hit the fragmentation issue such that kernel is left with lots of small blocks that cannot satisfy requests
<hackeron_> TJ-: and even once all those processes are killed, the memory will remain unusable until reboot?
<hackeron_> TJ-: and thank you, will try all your suggestions and speaking to them
<hackeron_> TJ-: made a list of the 5 things to try and added to the question, heh, thank you again :) -- So once all the processes are killed - all the lots of small blocks remain in limbo and are never released by the kernel?
<TJ-> hackeron_: I would have thought that once memory is being freed wholesale the fragments should be coalesced back into larger chunks... but maybe you've found a subtle bug
<TJ-> hackeron_: the fact that swap starts to be used suggests fragmentation may be part of the issue, if not all of it
<hackeron_> TJ-: seems to be the case - I've let the server idle for a week, with essentially just sshd and syslog running and it was still missing 1.8GB of ram :/
<hackeron_> TJ-: I tried disabling swap and the memory still grows transparently and stays unusable even after I've killed just about every userspace process
<TJ-> that almost certainly rules out the applications, then.
<hackeron_> TJ-: I cannot see any memory use growing in top at all :/ - but I can in newrelic which just uses the -/+ buffers/cache line in free -m
<hackeron_> TJ-: hmm, ok, I will try ethernet stuff (offload capability, rate limiting), then try to replace app with placebo (just reading network traffic), then see if I can figure out the tracking of kernl module's use of memory and "Internal fragmentation" in that link, if that fails, will ask the linux mm team
<TJ-> I'm going to guess and say the issue is likely related to mlock ... allocations that aren't subsequently unlocked and returned to the pool
<TJ-> It's worth asking the mm team early; they may be able to give you specific instructions and tooling to test with, they may have ideas already on what to focus on
<TJ-> they are the experts, after all
<hackeron_> TJ-: hmm, ok, good idea - will ask them
<F1skr> Is it possible to get a ubuntu server root tar package somewhere? Similar to what is provided here: https://cloud-images.ubuntu.com/vivid/current/ but without the cloud-init stuff?
<ObrienDave> like a regular server ISO?
<F1skr> I just need a root filesystem which I can boot in a systemd-nspawn container
<F1skr> I can remove the cloud-init services from the cloud version but it's a bit annoying to remove stuff just to get it to boot
<eatingthenight> anyone have a good program they use for log aggregation from multiple servers
<pmatulis> eatingthenight: what features do you need that the default (rsyslog) does not provide?
<jelly> eatingthenight: both syslog-ng and rsyslog are nice enough
#ubuntu-server 2016-08-22
<jancoow> Hi there. When i want to install owncloud i get this error
<jancoow> https://jancokock.me/f/855cd
<ducasse> i've noticed a weird thing with an lxc container on 16.04. inside the container 'free -m' reports 350mb used, while lxc-info reports "memory use" as 25gb. for other containers the numbers match. what could cause this?
<Tahvok> Hello!
<Tahvok> I'm trying to understand the following list: https://people.canonical.com/~ubuntu-security/cve/pkg/linux-lts-trusty.html
<Tahvok> According to the list none of the cve are applicable if I use the lts-trusty kernel?
<Tahvok> Or am I misunderstanding something?
<mdeslaur> Tahvok: if you use linux-lts-trusty, the first column applies to you
<mdeslaur> so everything in orange, yellow, and red
<mdeslaur> (though it appears old stuff isn't triaged properly)
<Tahvok> So what are the other columns? There is even one that says 'trusty'?
<mdeslaur> that's for the trusty release
<mdeslaur> you're running precise
<Tahvok> Nope, I'm on trusty
<mdeslaur> if you're on trusty, then you're definitely not running the linux-lts-trusty kernel
<mdeslaur> you're running the "linux" kernel
<mdeslaur> which is here: https://people.canonical.com/~ubuntu-security/cve/pkg/linux.html
<Tahvok> Oh, so I was checking the wrong package..
<mdeslaur> the "linux-lts-trusty" package is the trusty kernel backported to precise
<Tahvok> Got it. Thank you!
<mdeslaur> yw
<admin0> hi .. can  anyone help me understand what caused this kernel bug ? http://pastebin.com/MPza7mbJ
<eatingthenight> hello, I am trying to figure out if this is possible at all. can i through the use of unionfs or something similar have a process that writes to a directory but then at some given time later set the directory back to it's original state?
<xnox> eatingthenight, you mean git?
<Ussat> REally ? installing into a VM, "can not install bootloader into /dev/sda5
<Ussat> sigh
<Ussat> its Monday
<soahccc> Hello everyone! What could cause two identical servers (same hardware, same configs, same settings overall) to behave different in regard to ipv4/ipv6? When I update packages or when I just curl google.com... One server uses ipv4 and one uses ipv6, times out and falls back to ipv4. Where do I have to look? I guess I should fix ipv6 but this is really annoying at the moment.
<Odd_Bloke> soahccc: If they're doing DHCP then they'll be getting (at least some) networking config from the DHCP server.
<soahccc> Odd_Bloke: there is no DHCP involved, I'm wondering though why ipv6 doesn't work. We have other working servers and the v6 setup is the same :/ I can't currently find it anymore but we don't have "proper" v6 addresses but use some mapping from v4 to v6.
<soahccc> I think it's called address embedding but I can't for the love of laziness find a converter anymore
<soahccc> Odd_Bloke: I'm just wondering where I have to look if not in /etc/network/interfaces why one prefers v6 while the other prefers v4 despite having the same config except the IP's of course
<Odd_Bloke> soahccc: I don't really know, I'm afraid
<soahccc> Thanks anyway :) I'll try to fix v6 if I can manage to find a converter again. I only find code or descriptions which I can't work with :/
<soahccc> Oh nevermind, we actually use the assigned block from our provider. weird, maybe it's a problem on their side as 5 out of 7 have working v6 with the exact same setup
<eatingthenight> xnox: yes essentially git for an entire directory such as /tmp
<xnox> eatingthenight, use ... git?
<xnox> that's what etckeeper is essentially.
<xnox> or any other backup/restore.
<xnox> why use directory? why not use e.g. a database with a transactions and a rollback.
<eatingthenight> i'll test it out, for some reason it seems like the wrong approach or that something else such as union fs should handle it better but we will see.
<tammy5> how often are releases done on ubuntu
<macskay> hi guys, got a question regarding vhosts. A mate got a domain running and I got a server running. At the moment I have multiple domains running on it, which are registered with the server. however I want to add the domain of my mate to my server as well. Can I do that, when his domain is from another provider and registered with my server?
<macskay> *not registered
<centaur5> tammy5, https://wiki.ubuntu.com/Releases
<dr4c4n> hi there, does anyone have a couple minutes? I'm having issues with openldap over ssl connecting to phpldapadmin. I get an error ldap_connect: cannot create session handle
<dasjoe> kirkland: nice seeing you doing the OpenZFS summit keynote :)
<tomreyn> dr4c4n_: your ldap connection uri is probably wrong
<tomreyn> or rather not in the format php expects
<tammy5> is it possible to add my name to the list of triaging daily? https://wiki.ubuntu.com/ServerTeam/KnowledgeBase#triager
<tammy5> I would like to have sunday
<nacc> tammy5: I don't believe that list is current
<DexDeadly> what is the easiest way to share a directory via samba so that I can write files to it
<supraleposeur> Hi - I just upgraded my server from 14.04.5 to 16.04.1 and my RAID1 array is now empty. I'm very new at using mdadm and I don't want to destroy my data inadvertently. Is anyone available to help?
#ubuntu-server 2016-08-23
<macskay> hey when trying to point a domain to a nameserver of my server. how can i find out what my nameserver is and where to point it to?
<tsimonq2>  /o
<tsimonq2> whoops
<patdk-lap> macskay, there is no way to do that
<patdk-lap> you have to know what it is to find it out
<macskay> patdk-lap: So I basically ask support.
<patdk-lap> of whoever is running your nameservers
<macskay> Yeah alright, I'll do that. Thanls
<sikun> what would be the proper way of syncing files between servers? I'm working on setting up a "HA" webserver
<sikun> the MySQL database is simple, I have two servers in a Master > Slave replication setup
<RoyK> sikun: try a mariadb galera cluster
<patdk-lap> heh, a mysql HA is NOT simple at all :)
<RoyK> patdk-lap: mariadb galera looks rather neat
<patdk-lap> yes, it has large drawbacks, but it does solve a lot of issues
<RoyK> patdk-lap: and with a couple of haproxy machines in front with pacemaker, it should do well
<sikun> RoyK, I was actually just reading on MariaDB
<sikun> wondering how many servers in total I'll need to have it fully HA
<RoyK> sikun: development of mysql has ceased a lot since Oracle took over
<RoyK> sikun: four
<RoyK> sikun: two mariadb servers, two haproxy servers
<patdk-lap> hmm? there have been lots of development on mysql 5.7
<sikun> I'll just need to get an additional server then
<RoyK> sikun: you may be able to just use two with some black magick
<RoyK> sikun: just use VMs
<sikun> I will once I get the virtualization environment running
<RoyK> sikun: we have around 300 servers at work - less than 10% of those are physical if you don't count the vm hosts
<sikun> same, at work our VMware cluster has 200 or so VMs
<sikun> but god it is so freaking slow
<sikun> such poor design when it was configured
<sikun> as a personal preference I use Hyper-V
 * RoyK slaps sikun with an old, Swedish herring
<sikun> lol
<sikun> I know, I'm an outcast at work for being a Hyper-V supporter, but I've had no issues with my prior setup, it performed fantastic.
<patdk-lap> I always had funky tcp connection issues with hyper-v
<patdk-lap> tcp session would establish, but data wouldn't flow
<sikun> which version though
<sikun> 2k12R2?
<patdk-lap> 2008
<sikun> yep
<patdk-lap> so hyper-v went out, and esxi came in
<sikun> EVERY single person that dislikes Hyper-V says they had issues on 2k8
<RoyK> I guess it's a wee difference between having a few VMs on hyper-v compared to 200 VMs on vmware
<sikun> so did I but it has become so much better
<patdk-lap> I have 7 esxi hosts, with 800+ vm's on them
<patdk-lap> they run great
<RoyK> sikun: storage and memory is usually the bottlenecks
<RoyK> s/\<is\>/are
<lamont> that part where virt-viewer keeps taking focus from everywhere when new output appears on the screen... how do I make it stop being so antisocial?
<sikun> I've been up to 40 VMs on a single Hyper-V host
<patdk-lap> lamont, what do you mean focus?
<sikun> and still every VM performed amazingly
<patdk-lap> last I knew, you couldn't change focus on terminal
<lamont> I mean that the window that I'm trying to type in keeps losing focus to the console window in virt-viewer
<RoyK> sikun: did they do anything useful? what sort of storage?
<patdk-lap> lamont, what are you talking about windows?
<patdk-lap> there are no windows
<lamont> patdk-lap: one terminal window, one virt-viewer window, all of them under unity
<patdk-lap> unity?
<sikun> RoyK, web servers, database servers, offsite backup VMs, a whole bunch of random crap
<patdk-lap> there is no unity in ubuntu-server
<sikun> RoyK, the storage was a mix of SSD/SAS
<lamont> patdk-lap: nm
<RoyK> sikun: we're getting a new SAN this year, budget ~$500k, perhaps a bit more - hope it has tiered storage - using equallogic now and it sucks rather badly
<sikun> ha, we're TRYING to get approval for a new SAN
<sikun> we're down to 1.8TB free space
<RoyK> ouch
<sikun> also equallogic and yes, they do suck
<RoyK> we'll probably need half a peta or thereabouts
<RoyK> perhaps a bit less
<sikun> and we only have a budget of $50k
<RoyK> you won't even get a 100TiB shelf from dell/supermicro for that price
<sikun> oh, i know
<RoyK> we have two 100TiB (net storage) shelves that are supposed to stripe data across
<RoyK> but then - when one of them shows 100% utilisation and the other 60% you know something is wrong somewhere
<RoyK> and of course there's no logs
<RoyK> except those encrypted ones you can mail to Dell
<sikun> I found three 36TB SANs for $2500
<sikun> well NAS storage not SAN
<RoyK> I went to Limerick on this how-to-understand-storage thing (about Compellent) with Dell and asked what it would take to get access to those logs and was told 'nay - won't happen'
<sikun> EMC Isilon IQ336000X
<RoyK> yeah, you said so
<RoyK> hopefully you can use 'standard' drives with that too
<RoyK> that is, those without the EMC firmware
<sikun> yeah, hopefully
<RoyK> last I checked, EMC didn't make drives
<sikun> lol.. gotta love equals with that pain in the ass bs firmware crap
<sikun> 1TB 7.2K 3.5" SATA Hard Drives
<sikun> looks like standard drives
<RoyK> we got a new EQL shelf in house - cost a small fortune - checked the drive type and it was the exact same as http://paste.debian.net/791038/
<RoyK> only diff between the EQL thing and the zfs-based thing I made was that it cost a lot more (that is, it's got double controllers, but then, failover on EQL rather sucks anyway)
<sikun> hmm.. these nodes have both infiniband and 10GBe
<sikun> er.. 10GbE
<RoyK> we don't use infiniband - yet - but we have 10Gbps all over
<sikun> that's something we're starting to implement
<RoyK> we have two separate connections to uninett.no (university network) both on 10G
<DexDeadly> whats the quickest way to share a directory on my 16.04 LTS server so that I can write to it from my windows 10 machine
<DexDeadly> ??
 * jmpp greets!
<jmpp> I'm getting the following for a mysql package afer running apt-show-version -u un Ubuntu 14
<jmpp> mysql-server:amd64/trusty *manually* upgradeable from 5.6.30-1ubuntu14.04 to 5.6.32-1ubuntu14.04
<jmpp> emphasis on manually from apt itself, not me
<jmpp> and no matter what I do, apt-get install with --upgrade-only, --reinstall, or even apt-mark auto on that package and all its dependencies (which are also marked the same)...
<jmpp> I just cannot remove that marker and upgrade the package
<jmpp> all my upgrade attempts pretend as if the installed version is the latest, which it clearly isn't
<jmpp> any tips on how I can knock some sense into apt-get? thanks in advance!
<spartan2276_> How can I get Apache2 SSL server to accept non ssl. As of now I'm getting a 400 Bad Request error. So all I want is for apache to let me use http and https at the same time.
<spartan2276_> Anyone?
<ducasse> i've noticed a weird thing with an lxc container on 16.04. inside the container 'free -m' reports 350mb used, while lxc-info reports "memory use" as 25gb. for other containers the numbers match, and the host is clearly not using >25gb. what could cause this?
<samba35> "A start job is running for raise network interfaces (2 minutes of 5 mins 1 sec)" i am getting this error on 16.04.1
<Danawar> Hi Ubuntu server i have a software raid is it possible to revert this so it is no longer in a raid?
<RoyK> Danawar: do you mean split it up into separate disks?
<Danawar> We want to move a server into virtual environment and i have been told P2V is not possible with the software raid so i was wondering if it would be possible to dump the raid onto one harddrive and then P2V it.
<RoyK> Danawar: the problem is more than that - the p2v shite from vmware doesn't support lvm either
<RoyK> Danawar: how many drives in what sort of raid?
<RoyK> Danawar: often I find it easier to just setup a new vm, configure it and rsync the data over
<Danawar> Is there a way i can find that out as i have not been told!
<RoyK> just try to p2v another machine with lvm on the root
<RoyK> Danawar: didn't work last I tried
<kpettit> Any of you guys do 2 factor authentication stuff for SSH and/or Apache?  Seems like tons of solutions out there so trying to see which one makes the most sense
<kpettit> I've got SSH Key + Local passwd auth going now.  But that's as far as I've got.
<ikonia> what sort of thing are you looking for
<ikonia> people don't seem to bother with 2fa/mfa on ssh as the hassle outweighs the usability
<kpettit> Basically trying to make PCI compliance happy.  Which means "something you have" and "something you know"
<ikonia> what PCI standard
<kpettit> ikonia: I totally agree.
<ikonia> I've always passed PCI without 2fa on ssh
<kpettit> But it's a required thing I have to do
<ikonia> kpettit: are you using LDAP ?
<kpettit> key with password doesn't count apparently with SSH.
<kpettit> no.  This is mainly for cloud web servers.
<ikonia> interesting, I've hit government secret PCI and government confidential PCI (in a public cloud) without 2fa on the SSH session
<ikonia> as long as you have audit points it's never been flagged
<kpettit> some of the PCI stuff is stupid.
<ikonia> it is - but most of it is negotiable if you can show a replacement control or process or an impact to functionality
<kpettit> I've got SSH locked hard.  Adding 2 factor on it increases complexity and really doesn't protect much.  Espically for only a few users.
<ikonia> eg: auditing and/or HBAC normally makes ssh access a breeze to comply
<kpettit> HBAC?
<kpettit> From what I understand on PCI, there is a ASV (Approved Scanning Vendor) and they basically go through the PCI stuff and say if your good or not.  And I keep being told what i have on ssh isn't good enough.  I think my ghetoo solution of using both Key and local passwd password works good though.  Complies with the sonmething you have and something you know thing
<kpettit> But not sure the way to go with Apache.
<ikonia> HBAC (host based accounting)
<kpettit> Ah.  I'm getting up to speed on all the terms and stuff with PCI.
<kpettit> Some of it is great I think, and some of it is pretty useless.  guess we take the good with the bad
<kpettit> Any ideas with apache?
<samba35> if i do not get linux drivers for wifi card and if i use ndiswrapper do i get same result of hardware or feature/performace is degraded ?
<xnox> samba35, your ISP connection is probably still slower than any wifi speed you get, so in practice it's irrelevant, as long as you are happy with it.
<xnox> also impossible to know =) you are using a foreign blob, thus there is no baseline.
<samba35> i am using kodi and want to use dlna server for hd movie or  even normal movie also stuck after some time
<coreycb> hello jamespage beisner, keystone 2:9.0.2-0ubuntu2~cloud0 is ready to promote to mitaka-updates
<jamespage> coreycb, looking now
<jamespage> coreycb, done
<coreycb> jamespage, thanks
<coreycb> jamespage, beisner, aodh 2.0.2-0ubuntu1~cloud0, ceilometer 1:6.1.3-0ubuntu1~cloud0, and openstack-trove 1:5.1.0-0ubuntu1~cloud0 are ready to promote to mitaka-updates
<jamespage> coreycb,  on it
<jamespage> coreycb, done
<jamespage> coreycb, am I ok to push out the qemu security regression as well?
<jamespage> coreycb, oh its not the regression
 * jamespage looks again
<lunaphyte> i have an nfs server, configured and in active use, yet i don't see port 2049 listed in lsof -nPi.  is that weird?  or is there just something i don
<lunaphyte> *i don't understand?
<coreycb> jamespage, looks like qemu needs to be promoted to mitaka-proposed and tested
<jamespage> coreycb, yeah just promoted the followup fix for the regression
<coreycb> jamespage, thanks
<jamespage> lets hold qemu from updates for now and do in one hiut
<lunaphyte> additionally, when writing a file via nfs, i can see the file actively growing in the filesystem, but don't see the file listed in the output of lsof either.
<lunaphyte> how can i learn why this is?
<penguiner> Hi, I have a question. I am running apache2 on ubuntu 16. If I do apt-get update && apt-get upgrade will it update apache2 to the latest version?
<Pici> penguiner: the latest version in the repos.  You can do apt-get update and then apt-cache policy apache2  to see the version you have and any candidate versions.
<penguiner> Thanks Pici.
<penguiner> I assume this means I have the latest installed?
<penguiner>   Installed: 2.4.18-2ubuntu3.1
<penguiner>   Candidate: 2.4.18-2ubuntu3.1
<nacc> penguiner: yes, that is the latest available (per your last apt update) -- rmadison indicates the same for 16.04
<penguiner> Thanks nacc!
<nacc> penguiner: np
<dr4c4n> hey, I'm running ubuntu 16.04 and just recently with LAMP package installed during original installation, if I try to apt-get upgrade, I get a dpkg error with mysql-server, is anyone else having this issue?
<dr4c4n> ubuntu server*
<RoyK> dr4c4n: please pastebin the output from that
<RoyK> !pastebin | dr4c4n
<ubottu> dr4c4n: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<dr4c4n> RoyK: the output from what?
<dr4c4n> RoyK: I didn't try to copy anything multiline, I just wrote that question above, and forgot to include ubuntu server so I put ubuntu server *
<RoyK> dr4c4n: - I get a dpkg error with mysql-server, is anyone else having this issue?
<RoyK> dr4c4n: for anyone to be able to help you, we or they need to see what sort of error message you got
<dr4c4n> RoyK: okay perfect. will do now.
<dr4c4n> RoyK: I will redo installation and same setup options: just so you know I've done the regular 16.04 ubuntu server installation with ssh and LAMP
<Ussat> I just finished 4 servers with LAMP stacks and ssh, no issues
<RoyK> just try to do an apt-get install -f
<RoyK> it should give you sufficient information
<dr4c4n> when I tried that on the old vm, it said dpkg lock (which means in use because I had to ctrl-z) to stop the installation as it was stuck
<RoyK> fg
<RoyK> then stop dpkg in a better way
<Ussat> ^^
<Ussat> or just let the lock finish
<dr4c4n> well this way I will reproduce the exact error message I was getting to start with, as I was trying several methods of uninstalling / reinstalling mysql, and they were all not working..
<RoyK> Ussat: it won't finish if he suspended the job with ctrl+z
<Ussat> ah yea, if he suspended it
<RoyK> dr4c4n: killall -9 dpkg apt-get # perhaps
<dr4c4n> RoyK: just finished installation, running from scratch, apt-get update, then apt-get upgrade <-- this is where it has failed once on me today, and will send pastebin in moment.
<dr4c4n_> RoyK:http://paste.ubuntu.com/23082612/
<RoyK> dr4c4n_: perhaps try mariadb instead - mysql is rather out in the cold now
<Ussat> is it ? I just instaled mysql on 4 servers....
<Ussat> maria is a drop in replacement isnt it ?
<dr4c4n_> Ussat: I had no problems installing it as of yesterday
<dr4c4n_> Ussat, RoyK: I have been putting mysql on multiple vms, then when I tried to create a new vm today with the LAMP on, this is the error I'm getting
<dr4c4n_> I can't really try a different database as my requirements include mysql
<dr4c4n_> I mean, this is right after a fresh installation on a new vm, and I've performed it twice
<dr4c4n_> same issue
<dr4c4n_> should I post something to ubuntu forums?
<dr4c4n_> Is there something wrong with my installation media?
<jge> dr4c4n_: all of the stuff I'm seeing by searching that error happens during an upgrade, not a fresh install.. have you tried doing this: https://askubuntu.com/questions/760724/16-04-upgrade-broke-mysql-server (first answer)
<dr4c4n_> jge: that's what I mean, I freshly install the server, and run apt-get update, then apt-get upgrade, and this is what happens.
<dr4c4n_> an apt-get upgrade shouldn't break the server
<dr4c4n_> and trying what they suggested on that link, just makes mysql hang during reinstall at a different point
<jge> dr4c4n_: what version of ubuntu server are you on? also, what's the full command you're using to install
<dr4c4n_> jge: I'm running 16.04, I'm installing the SSH and LAMP packages during the installation
<dr4c4n_> jge: all I'm trying to do is an apt-get update followed by apt-get upgrade
<dr4c4n_> jge: I'm running it in a vm if that makes a difference?
<Ussat> I literally just finished what yure doing on a new VM with no issues......what is the exact command youre useing
<jge> dr4c4n_: I would just remove mysql-server, perform the upgrade then install it again (sudo apt-get remove mysq-server&&sudo apt-get autoremove)
<Ussat> or just use mariadb it seems
<Ussat> which seems to be a drop in replacement
<dr4c4n_> so is mariadb going to be included in LAMP from now on?
<Ussat> I dont know what you mean, included, I installed apache, php, mariadb
<dr4c4n_> Ussat: well during the installation, there are default package suites that you can install during installation
<Ussat> sure, I never go that route, I always install minimum, then choose what I need
<dr4c4n_> Ussat: ah, ok
<Ussat> I have custom build scripts I use for different server purposes
<dr4c4n_> jge: another error
<jge> mind sharing the error..
<Ussat> aneother reason I dont use the "pre-packaged" defaults
<Ussat> I would remove everything the "LAMP" pakage installed and install them individual packages manually
<dr4c4n_> jge: sorry I have to type it all out
<dr4c4n_> http://paste.ubuntu.com/23082727/
<tomreyn> dr4c4n_: you should show the output of: apt-cache policy; apt-get -f install; apt-get update
<Ussat> mysql_upgrade: Got error: 1045: Access denied for user 'debian-sys-maint'@'localhost' (using password: YES) while connecting to the MySQL server
<Ussat> THAT is your issue
<jge> not pre-packaged, ubuntu allows you to select packages manually during install just saves you a few steps after install
<tomreyn> dr4c4n_: ignore what i asked for, the issue is clear.
<dr4c4n_> so what I'm learning from this is to install the packages individually instead of the prepackaged versions
<jge> dr4c4n_: why are you upgrading, I suggested to remove mysql then do a system upgrade and reinstalling after.
<Ussat> dr4c4n_, no, thats not the issue at all in this case
<Ussat> see what I pasted above
<dr4c4n_> Ussat: I realize that the mysql isn't allowing a connection which means the server probably isn't stopping which is why it's not uninstalling
<Ussat> or upgrading, which, is why its erroring out
<dr4c4n_> jge: I usually run apt-get update and then apt-get upgrade right after I finish installation
<Ussat> ...
<Ussat> if you stop the database, I bet the upgrade goes fine
<dr4c4n_> Ussat: trying that now
<Ussat> hmm...wonder how that went
<dr4c4n> Ussat:
<dr4c4n> still working on it
<dr4c4n> I can't purge mysql-server
<dr4c4n> because it still gives me the same error about access denied for user debian-sys-maint
<dr4c4n> fudge it
<dr4c4n> new install
<dr4c4n> Ussat: I'm also downloading the latest install media
<jge> join #hipchat
<rabbitdew> I have a remote server that was set up with the partitions mounted to the wrong  drive. I need to rsync the root directory with a different partition. The only ways I  know are in recovery mode or from livecd, but How can I do this on a remote server?
<FManTropyx> Postfix is running with backwards-compatible default settings, but my host is not processing incoming emails - I fixed the outbound problem, just set the hostname properly: seems it overrides mailname
#ubuntu-server 2016-08-24
<FManTropyx> hm, systemctl said "Unknown operation postfix.", so I just 'postfix reload'
<FManTropyx> is it normal that postfix is running as 'master'?
<sarnold> FManTropyx: different parts run as different users; I haven't investigated lately but that's probably correct
<lunaphyte> that's quite correct, yes
<lunaphyte> postfix's "root" executable is named master.  all other postfix processes are children of master
<antipsychiatry> Please help humanity to ABOLISH this fucking TOTAL FRAUD : psychiatry !!!!!!!!!!!!And put psychiatrists in jail. Please visit antipsychiatry.org
<Ussat> die
<Ussat> ban the spammer please
<Ussat> or subject him to shock therapy
<antipsychiatry> Hey mither Fuck???. Read the link.enter read
<Ussat> die spammer
<elky> antipsychiatry: please don't spam here
<antipsychiatry> Shut up. Clone bastard.
<Ussat> can we get a op to ban him/it/whatever
<dax> phunyguy: hi
<antipsychiatry> Hybrid man. Shut up.
<Ussat> Oh...subject it to electroshock......that should help it
<Ussat> maby a lobotomy
<antipsychiatry> Mother fuk u country
<antipsychiatry> Where u from ussa?
<Ussat> No actually
<Ussat> dude, take your meds and go to sleep
<Ussat> Thank you elky
<lillian> good job
<cpaelzer> good morning
<BadboyKAS>  check out my game changing idea http://pastebin.ca/3704261
<b-yeezi> hi all/
<b-yeezi> I'm having an issue with lxd and systemd. When I try to start the service it always fails with a dependency error.
<b-yeezi> running it from the terminal works
<b-yeezi> I have not made any changes to the service
<LostSoul> Hello
<LostSoul> I'm using libnss-ldap to authenticate to AD. Recently I've notice that there are some problems. First prompt for user password can take up to 30-60 sec, and second after proper login can take up to 30-60 sec
<LostSoul> Any idea how to debug this? I have other servers configured in similar way and AD login works like a charm (up to 3-5 sec to login)
<LostSoul> Ubuntu 14.04
<jamespage> ddellav, coreycb: I've done a little catchup in d-exp for oslo + other deps
<jamespage> I'll leave it up to you two to resync
<jamespage> hopefully will get python-os-vif in the queue today
<cpaelzer> jamespage: welcome back
<jamespage> cpaelzer, ditto :-)
<cpaelzer> jamespage: I've seen you updated the OVS to 2.6 on 22nd - and we have a real release if I read the ML right
<cpaelzer> yeah
 * jamespage looks
<cpaelzer> jamespage: do you think you could upload the DPDK ubuntu2 I prepared before vacation to unblock the OVS&DPDK mirgration through proposed?
<cpaelzer> or are there other blockers ahead I didn't spot yet
<jamespage> cpaelzer, apologies that got lost in holiday brain
<jamespage> cpaelzer, I'll deal with that now
<cpaelzer> jamespage: no need to excuse at all, that is what holidays are for
<jamespage> cpaelzer, remind me again where it it?
<jamespage> oh no worries I found it
<cpaelzer> jamespage: https://code.launchpad.net/~ubuntu-server/dpdk/+git/dpdk/+ref/ubuntu-yakkety-dpdk16.07
<jamespage> cpaelzer, ok uploading now
<cpaelzer> jamespage: thanks, I'll look at build and update excuses in a few hours then to make sure we catch it if something still breaks
<jamespage> great -ta
<ducasse> i've noticed a weird thing with an lxc container on 16.04. inside the container 'free -m' reports 350mb used, while lxc-info reports "memory use" as 25gb. for other containers the numbers match, and the host is clearly not using >25gb. should i try the lxc packages in proposed?
<DelphiWorld> Hi  UbuntuGeeks
<DelphiWorld> i have 2 ubuntu servers using a 100mb link, why upload is only 11mb bethwan them?
<rbasak> DelphiWorld: are you aware that link speeds are usually in megaBITS (per second), and transfer speeds are usually in megaBYTES (per second)? With overheads, there's usually a 10x difference between them, so that sounds about right.
<DelphiWorld> rbasak: no, you just informed me.
<DelphiWorld> rbasak: so my situation is normal
<dvig> Hi UbuntuLovers! i have a problem with mysql configuration on last linux mint x64. when i install a webapp a get the error - Error â MySQL thread stack should be 256kb.i make changes in /ect/mysql/my.cnf - [mysqld] thread_stack = 256k, save, restart mysql and apache and nothing changes( pls help
<ducasse> !mint | dvig
<ubottu> dvig: Linux Mint is not a supported derivative of Ubuntu. Please seek support in #linuxmint-help on irc.spotchat.org
<dvig> thanks!
<LostSoul> I'm using libnss-ldap to authenticate to AD. Recently I've notice that there are some problems. First prompt for user password can take up to 30-60 sec, and second after proper login can take up to 30-60 sec
<LostSoul> Any idea how to debug this? I have other servers configured in similar way and AD login works like a charm (up to 3-5 sec to login)
<lunaphyte> LostSoul: don't use that software.  it's old and abandoned
<LostSoul> What should I use instead?
<lunaphyte> nss-pam-ldapd
<coreycb> jamespage, thanks for the updates
<Ussat> I find it odd, that RHEL does not povide up to dat bioperl etc and other genetic manipulation libraries and ubuntu does.....every thing I needed for these specialised systems was avaliable from Ubunto, while almost none from RHEL
<Ussat> not a complaint or anything, just a observation
<Ussat> We have thus settled on Ubuntu for our researchers..
<rbasak> Ussat: for specialist packages it usually just comes down to the interest of somebody maintaining in Debian or Fedora AIUI.
<rbasak> Ussat: and with fewer users the maintainers often appreciate all the help they can get. If it matters to you, please consider finding out/offering help and volunteering, to make sure support doesn't go away.
<Ussat> rbasak, I am talking to the owners of a few of the genetic algo packages to help out
<Ussat> I was just suprised to find ALL of the libs I needed avaliable and up to date on Ubuntu when so few were avaliable in RHEL is all
<rbasak> Ussat: thanks! Perhaps it polarises because of previous availability.
<Ussat> My researchers work pretty close with these guys, http://useast.ensembl.org/index.html, and they also work on maintaining them. I am going through them because of already established relationship
<Ussat> One of the things we are doing here is building a "meta" package, that inclused all the genetic libs that are needed for them
<Ussat> I already have a prototype we are testing
<jonah> hi I seem to have lost the internet on one of my servers - it is set up with auto dhcp but when I ping anything i get "unknown host" - my router is working fine and providing internet for other computers/devices no problem... Any ideas or help would be appreciated
<lunaphyte> can you ping via ip address?
<jonah> lunaphyte: ah yes - so it's the dns nameservers that have been wiped out??
<lunaphyte> cat /etc/resolv.conf
<lunaphyte> you tell us
<jonah> lunaphyte: just has nameserver 127.0.0.1 in that file...
<lunaphyte> you're running nameserver software in that computer?
<lunaphyte> or is this yet another instance of this absurd dnsmasq garbage?
<Ussat> might be useing NM...
<jonah> lunaphyte: no it's just a backup server, but it does have apache for cups and a few things like that
<lunaphyte> do you have a nameserver running on your network?
<jonah> lunaphyte: it's always worked great, just logged in to do some apt updates and noticed it can no longer connect
<Ussat> my /etc/resolv.congf has http://useast.ensembl.org/index.html
<Ussat> bah
<Ussat> # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
<Ussat> #     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
<Ussat> nameserver 127.0.1.1
<Ussat> and my search domain
<lunaphyte> blech
<Ussat> sorry
<jonah> lunaphyte: it jus get's it's internet auto from router and dhcp, I've never set any nameservers or other settings, just plugged the cable in and it's always worked ok...
<Ussat> and I have static IP's
<jonah> so any ideas how I can get the internet working again?
<jamespage> ddellav, coreycb: updated os-win uploaded to exp and to yakkety
<xnox> smb, heya https://launchpad.net/ubuntu/+source/libvirt/2.1.0-1ubuntu4 is in =)
<smb> xnox, yeah... saw that you waited just long enough until I made a no change ppa upload with the previous version. :-P
<xnox> not intentionally.... =)
<smb> :)
<smb> xnox, I wait until its done publishing and then pull it in
<smb> xnox, oh btw, I got reminded yesterday that there is a libvirt-python which is usually in lockstep. But I think that is not part of what I can upload. Would you mind merging that from Debian?
<xnox> and it's behind libvirt in debian? 2.0.0 vs 2.1.0?
<xnox> unless libvirt-python will be backported to cloud archive without libvirt, it can be synced now i think.
<smb> xnox, hm yeah apparently. Not sure it needs to be in absolute lockstep. Thoug Ubuntu now would be rather behind in yakkety
<xnox> forcing a sync package.
<xnox> i bet that breaks the feature freeze... #YOLO
<smb> xnox, only a little bit... I should have thought about it when rushing with libvirt itself but then again I may have failed with the upload
<jamespage> coreycb, I might take a run through the updates to oslo package in exp so we can resync from their
<jamespage> all our orig tarballs will be mismatched atm
<jonah_> lunaphyte: ah the devices that can ping I've realised are using google dns already - so it seems nothing is getting dns from my router on the network?
<lunaphyte> do you have a nameserver running on your network?
<jonah_> lunaphyte: yeah, I have a server running but that's working ok externally and also internally has internet connection - but no other local lan devices have internet.
<lunaphyte> i'm confused
<jonah_> lunaphyte: what is weird though is I just upgraded the server from 14.04 to 16.04 and it is since then that things have stopped working right
<lunaphyte> what nameserver software are you running?
<jonah_> lunaphyte: well I'm running a LAMP server behind a nat router with bind... But I don't know if I have nameserver software running
<Ussat> you are running bind ?
<lunaphyte> bind is nameserver software
<jonah_> lunaphyte: but what is weird as I say is it did work ok before I upgraded from 14.04... So how do I set bind to still work so I can use my server from the outside but still enable my internal lan computers to have internet?
<jonah_> lunaphyte: the upgrade must have stripped out a few config settings or something?
<Ussat> Why are you running your own nameserver ?
<jonah_> Ussat: so I can point domains to my server
<lunaphyte> you don't need to run your own nameserver to do that
<Ussat> running your own nameserver is not trivial
<Ussat> I used to mange bind at last position.....not something I want to ever do again
<coreycb> jamespage, ok thanks
<jgrimm> smb, followup from irc meeting.. cpaelzer will take the python-libvirt merge
<smb> jgrimm, maybe xnox did now
<jgrimm> smb, oh cool even better!
<smb> jgrimm, I am not sure I just asked him as return for adding things to libvirt and me updating the git tree
<smb> so it may or may not have happened
<jgrimm> cpaelzer, ^^^
<xnox> jgrimm, i did a force sync, the delta we had is no longer needed, give that libvirt itself got merged.
<xnox> if things are backported, one would need to backport libvirt-python together with libvirt.
<jgrimm> xnox, ah.. good deal. thanks!
<xnox> cpaelzer, ^^^^
<xnox> cpaelzer, python-libvirt was forced synced =)
<xnox> cause the alt recommends no longer needed with new libvirt in yakkety (?!)
<blizzow> I have my xenial install on an mdadm software raid 1 disk made of two spinner disks.  They're not extra fast disks (1TB SATA seagate constellation 7200RPM), but every time I do a system update/upgrade,package installation, dpkg gets hung in a D state for long periods of time. Strangely enough, I have some VMs running on network storage and am seeing weirdness with dpkg hanging in D state too.
<blizzow> anyone here seeing strange disk behavior with dpkg/aptitude lately?
<xmj> moin
<xmj> what's a good repo to find a zabbix-server built with sqlite support, for ubuntu 16.04?
<nacc> xmj: i don't think there is such, maybe you could search ppas, but neither debian nor ubuntu builds such (afaict)
<blizzow> over in #lvm, they're saying there are some serious LVM/mdadm performance issues with the 4.1-4.4 kernel series. They're saying go with the 4.6 series.  Will these instructions work for 16.04.1 server as well:
<blizzow> https://raonyguimaraes.com/how-to-install-kernel-4-6-on-ubuntu-16-04-xenial/
<sarnold> blizzow: yes, but you'll step off the easy path of security and bug fixes that way
<sarnold> blizzow: so be sure to check back for new kernels in yakkety every three weeks
<sarnold> blizzow: and once yakkety is released as 16.10, install the linux-lts-yakkety based kernel packages. (they don't exist yet, but they probably will soon enough.)
<blizzow> sarnold: Can/should I use the lowlatency kernel for a server with spinners?
<patdk-wk> heh?
<patdk-wk> what does lowlatency kernel have to do with spinners?
<patdk-wk> and after yakkety has been around for awhile, you will need to update to the next one, all the way to the next lts kernel
<sarnold> blizzow: if you mean spinning metal drives, no, there's no need for the low-latency kernel for those. spinning metal drives are positively glacial in comparison to cpus these days..
<sarnold> standard linux kernel isn't too bad with latency anyway
<patdk-wk> isn't that what interrupt wires are for? :)
<patdk-wk> well, guess the dates of interrupt wires went away with pci slots
<sarnold> now there's complicated huge piles of programmable interrupts etc etc but when the drive takes 8ms to do anything, whether or not the kernel responds in 1000ns or 2000ns is hardly important :)
<blizzow> sarnold: any chance the 4.6 kernel will be backported into the standard updates with such a glaring performance problem?
<nacc> blizzow: they never (afaik) backport an entire kernel.
<nacc> blizzow: the kernel team would probably consider a bug and well-defined patches to backport
<sarnold> blizzow: it'll happen as the linux-lts-yakkety tree when they do; it might be 4.6, or 4.7, or 4.8. It's hard to tell from https://wiki.ubuntu.com/KernelTeam/Newsletter what exactly they'll use in two months..
<nacc> i think 16.10 will be 4.8 based (afair)
<nacc> i guess the "also" makes it unclear, though :)
<sarnold> yeah, I understand linus went on a week-long vacation with no regard for our kernel cadence scheduling!
<nacc> heh
<nacc> also, i think there is going to be 'rolling' hwe in 16.04?
<nacc> e.g., linux-image-generic-hwe-rolling; not sure if that actually is happening or not
<nacc> in which case you wouldn't need to keep installing specific release packages, it would just track (aiui)
<sarnold> oh? would that be in place of the four different hwe stacks? or just select the newest of the four when each is released in turn?
<nacc> http://osdir.com/ml/kernel-team/2016-08/msg00042.html e.g.
<nacc> i'm trying to see if they concluded anything
<sarnold> neat
<blizzow> I'm rating this server release "Star Trek 5 - The Voyage Home"
 * patdk-wk doesn't remember this movie
<nacc> sarnold: i think it will make the overall sense of which hwe stack is supported now a bit clearer (again, aiui)
<blizzow> It's better than "Indiana Jones 4 - The Crystal Skull." but not by much.
<sarnold> iv was voyage home; v was final frontier
<blizzow> shit, you're right.
 * patdk-wk hands sarnold a whale
<blizzow> I'm rating this as "Star Trek 5 - The Final Frontier"
<blizzow> So I went to install these updated yakkety kernel debs. It's puking on generating grub configuration file.  grub-probe: error: disk `lvmid/SlhbwL-8mlj-po1k-RSzz-LOSU-M44o-uFwyMP/JGf7wM-woXo-yqVw-u7hV-9pty-7goP-guhjg8' not found.
<xmj> nacc: gotcha
<nacc> blizzow: what updated yakkety kernel debs?
<TAFB> I'm trying to follow this guide (to install a windows vm on my linux vm): https://www.howtoforge.com/tutorial/running-virtual-machines-with-virtualbox-5.1-on-a-headless-ubuntu-16.04-lts-server/
<TAFB> but when I run the 5th step: sudo apt-get install linux-headers-$(uname -r) build-essential virtualbox-5.1 dkms
<TAFB> I get: Unable to locate package linux-headers-2.6.32-042stab116.2
<sarnold> 2.6.32
<sarnold> sounds like you don't have a real server but a VPS running openvz or something
<patdk-wk> heh?
<patdk-wk> why are you installing 2.6.32?
<TAFB> yep, monster vps :)
<TAFB> won't work?
<patdk-wk> the *guide* says ubuntu 16.04, and 2.6.32 doesn't exist
<patdk-wk> nope
<patdk-wk> you need a real vm, not a vps
<patdk-wk> and you cannot run a vm inside a vm
<patdk-wk> well, yo ucan, but not very good
<TAFB> ahhh, virtualbox won't run in a vps?
<patdk-wk> it will have to use software virtualization, so 32bit only
<patdk-wk> no 64bit support, and it will be EXTREEMLY slow
<TAFB> i'd like to give it a try, windows will only be doing a pretty basic task
<TAFB> software I use doesn't work well under wine :(
<patdk-wk> well, you need atleast a vm
<sarnold> I suspect it's not going to work well on a virtualbox running on an openvz vps either :)
<sarnold> here a pal showed me this a few minutes ago, looks cheap and easy https://www.scaleway.com/
<TAFB> I bought the 8gb one (one in dallas, one in montreal): https://www.ssdnodes.com/startup-specials/?s=wht
<TAFB> speed is freaking retarded nice
<TAFB> compiles ffmpeg in seconds :D
<rattking> Hello, I upgraded from 12.04 to 16.04 (not a distupgrade but a debootstrap rootfs switch) and now the post-up rules in my interfaces file are not running correctly.. but if I add a sleep 1; before the ip route add it does work correctly.. any ideas on how I can get that working without adding a sleep?. oh also without the sleep everything works if I restart networking after boot.. this feels like a
<rattking> race condition somewhere
<blizzow> nacc: The ones mentioned in this article.  https://raonyguimaraes.com/how-to-install-kernel-4-6-on-ubuntu-16-04-xenial/
<blizzow> The headers-all headers-amd64 and generic image.
<rattking> so after adding some logging I see the order the interfaces come up in changes when I add the sleep 1;
<nacc> blizzow: why would you choose 4.6.0 (vs. 4.6.7 (which is already EOL it seems) vs. 4.7.2 (which is current -stable upstream))?
<blizzow> nacc, I don't know.  Where would I get that or see that that is 4.7.2 the kernel I would want to install?
<eatingthenight> hello, i'm trying to create a bootstrap image that I can boot with KVM however I am having a hard time installing grub into the debootstrapped environment properly I keep getting a `grub-install: error: /tmp/filemVBblO doesn't look like an EFI partition` error
<eatingthenight> let me post my script one sec
<eatingthenight> http://paste.ubuntu.com/23086306/
<coreycb> beisner, hello, can you promote the following to mitaka-proposed?  aodh 2.0.4-0ubuntu1~cloud0, cinder 2:8.1.0-0ubuntu1~cloud0, keystone 2:9.1.0-0ubuntu1~cloud0, nova 2:13.1.1-0ubuntu1~cloud0
<beisner> hi coreycb - promoted aodh, cinder, keystone, nova to uca mitaka-proposed re: https://bugs.launchpad.net/bugs/1614131
<ubottu> Launchpad bug 1614131 in nova (Ubuntu Xenial) "[SRU] OpenStack Mitaka point releases" [Undecided,Fix committed]
<coreycb> beisner, awesome, thanks
<beisner> coreycb, you're welcome.  thanks for the point release work
<eatingthenight> think i figured it out... just me not knowning enough about uefi
<eatingthenight> looks like i needed to have a partion formated as vfat that it installed to
<nacc> blizzow: well, i mean what made you want to install 4.6? sorry, i'm lacking context. But even if you wanted 4.6, you rarely if ever want x.y.0, as it just a point in time (sort of). You want the latest stable release in that series (imo).
<sarnold> nacc: he's found some performance regressions in lvm or md or something that is causing him enough trouble that he wants the newer kernel
<nacc> sarnold: ah i see
<rostam> Hi using ubuntu 14.04, we got an issue with the server boot,I like to start the services one at time, is there an option with grub I can do that please?
<patdk-lap> no
<rostam> patdk: I see, the reason I said that is I can do that with Redhat.
<patdk-lap> hmm?
<rostam> Is there any suggestion to figure out what is failing during boot and why init script hangs ?? thank you
<RoyK> rostam: why would you want to do that?
<RoyK> rostam: with 16.04 and newer rhel/centos you have systemd which can fix this rather easily with dependencies
<sarnold> rostam: check logs? maybe sort /etc/init.d/ and /etc/init/ by most recently changed and start looking at whatever changed most recently?
<rostam> sarnold, thanks will do that, By the way we were planning to move to 16.04 today and this happended :)
#ubuntu-server 2016-08-25
<TAFB> can anyone help me install Windows XP on my Ubuntu VPS?
<sarnold> TAFB: heh are you still trying to use that openvz-ish system? if so, start with "bochs"
<TAFB> sarnold: Yes, I believe so :)
<TAFB> <- linux noob
<TAFB> bochs looks interesting, I'll read up on it, thanks!
<sarnold> TAFB: another thing to consider is just paying amazon to run windows for you -- https://aws.amazon.com/marketplace/pp/B00KQOWCAQ/ref=mkt_ste_windows_amis -- I haven't got a clue how you -use- the thing, but maybe there's a VNC interface or something?
<RoyK> TAFB: probably easier with a kvm vm thnan openvz
<TAFB> I'd really really like to run it on my current server as that's where all the media will be streamed from, but if it's not possible or has bad reliablility or performance then I'll consider other options.
<sarnold> a t2.medium has 2vcpu and 4gigs ram, and costs just under 8 cents an hour :) that buys a lot of not-caring-how-it-works :)
<TAFB> I have a Windows RDP server in Paris but the peering/speed to north america is horrible.
<RoyK> TAFB: just setup samba and share the media that way
<TAFB> it's for a live stream, so latency and jitter is an issue
<RoyK> then why windows?
<RoyK> or why mixed platforms?
<TAFB> the only software I've found to unencrypt the live stream and re-stream it is tubedigger, only runs on windows.
<sarnold> hah then forget you ever heard about bochs :)
<TAFB> bochs not good performance? lol
<TAFB> it's windows xp, how hard can it be to emulate?
<RoyK> TAFB: not very hard at least if you install the paravirt drivers
<RoyK> TAFB: if you don't paravirt it, it'll be very slow
<TAFB> "Paravirtualization requires the guest operating system to be explicitly ported for the para-API"
<TAFB> doesn't sound like I'll be able to use it on my current VPS :(
<sarnold> indeed no :)
<patdk-lap> I think everyone has discontinued paravirtualization
<patdk-lap> except if your running like lxc :)
<patdk-lap> I know vmware killed it off, and aws did, not sure if xen did or not
<sarnold> paravirtualization has moved into the drivers
<sarnold> virtio block, virtio nic, virtio rng, etc
<RoyK> patdk-lap: hwvirt is rather dead - as sarnold says, paravirt is in the drivers
<RoyK> patdk-lap: xen is rather dead, though, which is good
<sarnold> unless you're still running with an ne2k emulated nic :)
<RoyK> heh - I setup this vm a few days back to feed flightradar24 with an usb thing - turned out it was using a crappy usb2 virt driver with only polling
<RoyK> dma was envented - what - 30 years ago?
<patdk-lap> oh, not paravirtualization, paravirt drivers
<RoyK> same thing
<patdk-lap> vmware and aws killed paravirt vm's though
<patdk-lap> no it's not
<patdk-lap> you can run xen in paravirt or hvm mode
<patdk-lap> paravirt shares the host os kernel
<RoyK> yeah and the hvm mode sucks rather badly
<patdk-lap> why? hvm is just normal qemu
<patdk-lap> qemu-kvm
<RoyK> xen in hwvirt
<RoyK> sucks
<patdk-lap> if your on 32bit, and not using cpu vt, sure
<RoyK> performance of a 386 with old drives
<TAFB> how do I set the resolution of tightvnc? I tried xrandr --fb 1920x1080 but it says "can't open display"
<rostam> hi all using 14.04 server trying to resolve the boot issue, I found out the plymouth restart fails, I changed the grub to disable it still I see the issue, How can I disable the plymouth? Thank you.
<temhaa> Hello, I am newbie in virtualization. I am thinking to use ubuntu as host server. Which virtualization method is best. I will buy tower server for this. For example I need 8 GB RAM, 2 or 4 core CPU for each guest. I want to create least 3 or 4 guest for one host.
<hateball> !best
<hateball> ugh, spring cleaning
<temhaa> Actually I need to 4 machine. I am thinking to provide with virtualization. What are your advices. If you help me I would be glad
<hateball> temhaa: depends what you are comfortable with using
<hateball> !kvm
<ubottu> kvm is the preferred virtualization approach in Ubuntu. For more information see https://help.ubuntu.com/community/KVM
<temhaa> hateball: I have java application, ELK stack, some little applications in digitalocean. I am thinking to move my psysical server.
<temhaa> hateball: I tried kvm before. But it is best tool I am not sure. I cant use lxc because I have docker containers for these applications
<temhaa> hateball: I wonder, If I open 4 guest with kvm (each guest must have 8 gb ram 4 core cpu). what must be resources of host machine? How can I caclulate. I couldnt learn this
<temhaa> Is there anybody who experienced with kvm
<hateball> temhaa: overprovisioning isnt very easy to calculate
<cpaelzer> temhaa: https://www.stgraber.org/2016/04/13/lxd-2-0-docker-in-lxd-712/
<cpaelzer> temhaa: docker is no "you can't use containers for the first level"
<cpaelzer> temhaa: I really agree with hateball that the biggest factor is what you feel comfortable with
<cpaelzer> temhaa: that said - nobody else can decide lxd vs kvm for you :-/
<cpaelzer> temhaa: I've used kvm and lxd a lot, and they just have different specialties and use cases
<cpaelzer> temhaa: for lxd I recommend reading the full series about lxd that I linked one piece of
<cpaelzer> temhaa: after that you should have a feeling for that, for KVM there are a million docs out there - it depends on what you want to know
<cpaelzer> temhaa: and for your ressource question it depends - on how muhc of that size is active memory and how busy the cpus are
<cpaelzer> temhaa: in general the answer to any performance and/or sizing question is "it depends"
<temhaa> cpaelzer: non-shared resources are very importand me. as I know lxc is using shared resource, am I right?
<cpaelzer> temhaa: kvm shares it's cpus as well if you don't stop it from doing so
<cpaelzer> temhaa: so you want to hard-dedicate the ressources?
<cpaelzer> temhaa: more like partitioning than sharing ?
<cpaelzer> temhaa: that LXD can do as well in some way, see https://www.stgraber.org/2016/03/26/lxd-2-0-resource-control-412/
<temhaa> cpaelzer: There are a lot of things what I dont know. For example overcommiting. Just think. I have two application. Each application wants 8 gb ram and 4 core. I want to install each application to different guest.
<cpaelzer> temhaa: overcommiting just means for that case that if you have 4x8GB "guests" your Host doesn't have 32G
<cpaelzer> temhaa: usually lxd will be a bit better at that, as it doesn't have the issue that the guest page cache appears as non-volatile memory
<cpaelzer> temhaa: in KVM the host (in the worst case) will swap guest page cache (which the guest could just throw away)
<cpaelzer> temhaa: if anythin (IMHO) the decision between KVM and LXD is more-isolation (kvm) vs. more effeciency (LXD)
<temhaa> cpaelzer: Yes. I am learning what is mean.  I need 8X2 gb ram for two application, If I buy 16gb host machine then is it good practice I am not sure.
<temhaa> cpaelzer: Because I want to decrease cost.
<cpaelzer> temhaa: if you can size whatever you want, buy not only sum-of-guests, but sum-of-guests+safety (for the Host)
<cpaelzer> temhaa: if your target is to lower cost you have to reverse that and that implies you strive for more effeciencey which is usually where LXD wins
<cpaelzer> and when you say 8x2GB - is that 8x2GB fully used?
<cpaelzer> like 2GB JVM Heap?
<temhaa> cpaelzer: by the wy I have heard LXD for now. It is something like lxc?
<cpaelzer> because then your system needs at least a bit more around to breathe
<temhaa> cpaelzer: they can be use fully
<cpaelzer> temhaa: https://linuxcontainers.org/lxd/
<temhaa> cpaelzer: yeah I am reading at the same time
<cpaelzer> just take the hour or two and read  this and the artictle series I linked before
<temhaa> cpaelzer: You say, "you can install docker to LXD. You can open guest machines with low cost". Because LXD is more lightweight then KVM
<cpaelzer> temhaa: if you like more of a "show" http://www.grabber.xyz/2015/05/lxd-vs-kvm.r_7UbDgExdI.html
<temhaa> cpaelzer: Last link what you sent doesnt work, it is not opening
<cpaelzer> temhaa: that is true as long as your docker images are not breaking on the extra confinement that lxd adds
<cpaelzer> hmm, let me check that link
<cpaelzer> temhaa: https://www.youtube.com/watch?v=90oxad2r8_E better?
<cpaelzer> temhaa: I'd say check the vid, read the LXD article series by stgraber and then decide
<cpaelzer> temhaa: I'd even say give one of your application containers a test e.g. on your laptop inside lxd
<temhaa> cpaelzer: You can understand me, I am not professional. I dont have big server. actually I dont have server. I am thinking to buy to leave from digitalocean and amazon. So I am looking for virtuallization tool and I need to choice true resource of host machine. :)
<temhaa> cpaelzer: Yes I am listening that video
<cpaelzer> temhaa: I can understand you, but I can't (and I'm convinced nobody can) decide it "for you
<cpaelzer> temhaa: in fact I think sales people can decide for you (that is what they do) :-P
<temhaa> cpaelzer: I know, so I am asking what is your advice:)). If I have more money, It doesnt matter :P
<temhaa> cpaelzer: sorry my english is not very well
<cpaelzer> it is fine, never mind
<cpaelzer> temhaa: I (personal opinion) would experiment with LXD and if it is working go with that as it is more efficient and you listed price as a target. But then (usually) on the clouds where you already are you are usually cheaper, just not as consistent. I'd chose KVM if (even more) isolation is a must for you.
<cpaelzer> temhaa: and without any offense - but with "I am not a professional" you are likely better off sticking with the clouds - as they are professionals maintaining that stuff for you
<newcomer25> The whole Law is fulfilled in one statement: âYouâll love your neighbour as much as yourselfâ - Galatians 5:14
<newcomer25> God bless you all and have fun using chatting!
<cpaelzer> that was weird
<temhaa> cpaelzer: I dont need high avaliability.  I want to run application in true resource. I can do server management
<temhaa> cpaelzer: I need to decide LXD or KVM. Therefore I need to read more documentation. your explainations are very helpfull for me
<YamakasY> hi guys
<YamakasY> when I ssh to an ubuntu box, which always worked, and I get a connection refused now (several servers) should that be logged in syslog ?
<ogra> YamakasY, perhaps http://www.openssh.com/legacy.html ?
<xmj> moin
<xmj> where does 16.04'
<xmj> 's postgresql server store its data?
<maswan> same place as always, /var/lib/postgresql/ ... ?
<xmj> thx
<xmj> more on that note, which package contains that default data?
<Odd_Bloke> xmj: What do you mean by "default data"?  AIUI, Postgres will create the files on install/first start.
<xmj> all good
<xmj> Odd_Bloke: when you intentionally remove the data in /var/lib/postgresql, the question is which package makes it reappear on reinstall
<xmj> i eventually found that purging and fiddling around helps with ^
<jamespage> coreycb, niggle with your ubuntu-reports change is that reports.qa.ubuntu.com can't access github - its also running 12.04
<jamespage> urgh
<coreycb>  jamespage, that's too bad.  12.04 might be ok but yeah it needs access to github.
<GMAzrael> almight IRC, I have an issue. My 16.04.01 server is not reponsing to the local subnet, but is responding to NAT'd requests. UFW and iptables are off. The nic is bridged for containers. Any thoughts?
<GMAzrael> responding to ssh attempts*
<GMAzrael> tcpdumps say no packets are coming in, but the server is pinging fine
<coreycb> jamespage, qemu 1:2.2+dfsg-5expubuntu9.7~cloud6 is ready to promote to kilo-proposed
<jamespage> coreycb, looking now
<jamespage> ddellav, hey - I did the MIR for oslo.privsep - could you look at the two new deps for heat:
<jamespage> http://people.canonical.com/~ubuntu-archive/component-mismatches-proposed.svg
<jamespage> for reference
<coreycb> beisner, can you promote ceilometer 1:5.0.4-0ubuntu1~cloud0 ito liberty-proposed?
<beisner> hi coreycb, done re: https://bugs.launchpad.net/bugs/1614570
<ubottu> Launchpad bug 1614570 in Ubuntu Cloud Archive liberty "[SRU] OpenStack Liberty point releases" [Undecided,Fix committed]
<coreycb> beisner, thanks
<setuid> Something weird, if I install 10 kernels to do a regression, grub/update-grub shows those kernels, but only the most-recent one gets an entry in the visible config.
<setuid> How can I get grub to see (and list) ALL of the installed kernels?
<setuid> I'd rather not drop to the grub shell every time to find/choose/edit the kernel line to select the one I need to test
<setuid> I installed grub-customizer, and IT sees all of them and creates entries, but then when I save and exit, they're reverted, and only the last one is set up in the default entry
<xnox> setuid, all kernels should be listed under sub-menu.
<xnox> no idea what grub-customizer is
<beisner> yw coreycb
<setuid> xnox, Agreed, and I can see all the entries in grub.cfg, but the UI doesn't show them
<setuid> I'll cut down the number of kernels and see if maybe there's a limit here
<trippeh_> setuid: it should show up under the "Advanced options for Ubuntu" grub sub menu during boot.
<trippeh_> you have to select the menu for the list to show up.
<setuid> Right, and that menu only shows 2 kernels; the default and safe-mode
<trippeh_> ah ok, that is odd.
<setuid> I'm going to wipe out all the kernels one by one and start again
<setuid> trippeh_, confirmed, even with 5, 6, 10 kernels, it only ever shows the last one
<setuid> this is 16.04 server
<setuid> but grub.cfg is correct, and lists all entries
<setuid> The output from update-grub also shows the correct entries
<setuid> It's almost like it's just not getting written to the actual boot block
<setuid> Hrm, interesting... the kernels are all -lowlatency kernels, but the ONLY entry that shows up in grub's menus, is the 4.2.0-27 *NON* lowlatency kernel, all the ones that are newer/later, do not show,and they're all lowlatency
<setuid> parsing bug with the kernel filename? Or is there some host-based triggers that grub ignores?
<setuid> just installed a handful of 4.x.y-generic kernels, they're all ignored by grub
<setuid> it only shows 4.2.0-27
<setuid> http://paste.ubuntu.com/23089276/
<setuid> Just removed ALL the kernels, except 4.2.0-42-generic, and grub still shows 4.2.0-27 under Advanced, but the default entry boots 4.2.0-27 from -somewhere-, even though it's not in /boot/
<nacc> setuid: i assume you're just reading /boot/grub/grub.cfg, right?
<nacc> setuid: did this happen before you installed 'grub-customizer'?
<setuid> nacc, Checked all the grub files, as well as the ncurses boot menu that comes up from the boot block when the machine is booted
<setuid> nacc, This happened before I installed that, yes. The reason I installed it, was to see if grub-customizer correctly parsed the entries (it did)
<nacc> setuid: i meant that the /boot/grub/grub.cfg file is also in error, not just the menu, sounds like it?
<setuid> nacc, grub.cfg looks syntactically correct
<nacc> setuid: it seems odd that 4.2.0-27 exists in teh menu and successfully boots if you removed it
<nacc> setuid: i mean, does it contain menu entries for the other kernels?
<setuid> # uname -a && grep 27 /boot/grub/grub.cfg
<setuid> Linux ubuntu-14-04-4-vm 4.2.0-27-generic #32~14.04.1-Ubuntu SMP Fri Jan 22 15:32:26 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
<setuid>     insmod ieee1275_fb
<setuid> i
<setuid> I'm booted to a kernel that does not exist on the system
<setuid> unless they're no longer stored in /boot/
<nacc> setuid: are you on 14.04 or 16.04?
<setuid> 14.04, (I misspoke earlier)
<setuid> this is a clean, 14.04 image installed in vmware workstation
<nacc> setuid: can you pastebin /boot/grub/grub.cfg?
<setuid> Sure, one sec
<nacc> fwiw, i think you're on a no-longer-supported HWE stack (14.04.4 rather than 14.04.5)
<setuid> http://paste.ubuntu.com/23089322/
<setuid> nacc, I used the 14.04.4 ISO to install it
<setuid> but it shouldn't be anything magical, 14.04.4 works elsewhere
<setuid> where is 4.2.0-27 actually booting from? It's nowhere on disk, nor listed in the package listing
<setuid> ah-HA!
<nacc> setuid: you found it?
<setuid> So /boot/ was a 200MB partition, I moved that out of the way, created /boot/ off of the root, put my kernels in there, grub and all tools recognized it, so I just mounted /boot2/ (the original /boot/), and there were a number of kernels in there, including -27
<nacc> ah
<setuid> So I removed everything, and rebooted. Now it doesn't boot (as expected)
<setuid> so grub-install probably was pointed to that partition, while userspace tools pointed to /boot/
<setuid> hence, the schism
<nacc> yep, changing /boot makes sense
<setuid> I needed the space for testing dozens of kernels
<nacc> setuid: yep, understood
<setuid> nacc, chicken and egg... /boot/ now resides on / which is an LVM, so grub can't see/boot it
<rattking> Hi folks, I am having an issue where my post-up rules for adding a static routes in networking/interfaces are not taking on boot, if I restart networking service the routes do take, if I add a sleep 1; to the post-up it does take as well, this same config worked with 12.04. it has eth0,1 bonding and vlans so its a bit more then a usual interfaces config.. any ideas on how I can debug that further?
<rattking> thanks.
<setuid> I'll need to reinstall the whole box, choose non-LVM, or create a fatter /boot and do manual partitioning
<nacc> setuid: ah ... yeah it might be easier
<setuid> Can't easily expand /boot/, so I'll just create a second disk for /boot/ and if I need to increase it, add a third disk, rsync, and mount it back (it iS a vm after all, easy to do)
<nacc> setuid: yeah, undersizing boot has been, ime, the most commen reason t reinstall :)
<setuid> It's not common to need to add many kernels, but 200MB is pretty small, esp. given the size of most drives these days
<setuid> 20GB boot should give me enough breathing room
<nacc> setuid: yeah, 200M is very small
<setuid> 4 kernls and you're out of space
<setuid> That was a bit tricky to find, given that I no longer had the old /boot/, but grub still installed itself with the old data.
<setuid> Still though, update-grub had the right kernels, what was it doing, if not replacing grub on the boot record?
<setuid> was it writing to the boot record on the LVM partition, which grub (at boot time) ignores?
<setuid> because that would be a bug, update-grub should warn that it's doing that, and the system will not boot with the options used
<rattking> it seems like my post-up rules are running before the network interface is actually up
<setuid> rattking, how many cpus?
<setuid> I know it seems unrelated, but there's an issue we tripped on recently that sounds similar
<rattking> 4
<rattking> but some servers will have more
<setuid> humor me, boot one with 'maxcpus=4' and see what happens
<patdk-wk> physical or cores?
<rattking> those are cores.. no hyperthreading
<patdk-wk> more I was wondering if the issue is related per core, or socket count
<rattking> this motherboard is a dual socket, but only 1 is populated
<rattking> wow.. with maxcpus=4 the postup rules loaded on boot.. what the heck kind of bug is that?
<nacc> sounds like a race?
<rattking> yeah I was thinking its a race.. because adding 'post-up sleep 1' caused it all to work too
<nacc> rattking: is 4 < the number of cpus normally shown in /proc/cpuinfo ?
<rattking> on this system its processor: 0 - 3 .. so yeah 4
<nacc> setuid: hrm, do you know why specifying maxcpus= changed behavior in your system (why you suggested it)
<setuid> nacc, we're tracking it down, it's some very subtle race condition with interfaces and sub-interfaces
<setuid> "We" == (@Canonical)
<setuid> There appears to be a tipping point somewhere north of maxcpus=8
<rattking> setuid any ideas on other ways a can get around that? I have a bunch of systems with different numbers of cpus
<setuid> Did it work when you tested it with statically defining maxcpus?
<iliv> I have this odd problem with Xenial LTS running as guest vm in virtual box. It has two NIC's and one of them doesn't work after the system starts unless I restart networking or run ifdown enp0s8; ifup enp0s8 manually. ip a l command shows that link of enp0s8 is UP, it is assigned a static IP address but I can't ping other hosts on the same network unless I restart networking or toggle the enp0s8 interface manually with ifdown/ifup commands.
<iliv> this is my dmesg log https://dpaste.de/7r2D/raw
<setuid> iliv, Does /etc/network/interfaces have that interface set to start?
<iliv> yes
<setuid> auto enp0s8?
<setuid> and a block for that adapter to define it? (iface enp0s8 inet static... etc.?)
<setuid> or dhcp, as your needs require
<rattking> setuid: I am not sure what you mean by statically defining maxcpus
<setuid> rattking, boot your server, passing 'maxcpus=4' on the kernel args line ('e' at grub to edit it, F10 to boot with the modified line), and see if it happens
<iliv> setuid, it looks like so:
<iliv> auto enp0s8
<iliv> iface enp0s8 inet static
<iliv> 	address 10.0.3.4
<iliv> 	netmask 255.255.255.0
<setuid> iliv, no gateway, no dns-nameservers?
<iliv> no need for any
<rattking> oh yes it did work when I set maxcpus=4.. I am wondering how I can handle that on many systems with different numbers of cpus
<iliv> it's the secondary interface that is used in a very simplistic LAN
<setuid> when you say "one of them doesn't work", what do you mean? It's not assigned an IP?
<setuid> Or it's not bringing up the interface?
<iliv> IP address is assigned to enp0s8, link is reported as up by ip a l but I can't pint this IP address or any other IP on this lan from this system until I toggle enp0s8 or restart networking via systemctl
<setuid> You can't ping it from the same host? Or from another host?
<iliv> setuid, note in dmesg log how enp0s3 "becomes ready" and enp0s8 never does so
<setuid> You won't be able to ping it from another host, because you don't have the gateway set, therefore, no routes to that host, and no ARP table entries
<iliv> I can't ping enp0s8 from another host on the same network
<setuid> That's expected, no route, no ARP path to the host
<setuid> But if you can't ping it from itself, that's an issue
<setuid> back in a lunch...
<iliv> are those all set up when I do ifdown followed by ifup?
<iliv> in my experience it is all set up automatically as long as link is up and IP address, plus netmask, are assigned
<iliv> setuid|lunch, see for yourself http://i.imgur.com/RuTjEFx.png This is how it looks right after the system started. Everything is there but it just doesn't work unless I toggle the interface.
<setuid|lunch> iliv, Does it work if you run 'ifup enp0s8'?
<iliv> setuid|lunch, if I toggle it: ifdown followed by ifup
<iliv> setuid|lunch, if it is just ifup then no
<ddellav> jamespage just saw your message, i will take care of those ASAP
<iliv> setuid|lunch, here's an example http://i.imgur.com/dVC4ajl.png
<setuid> iliv, is this a physical adapter? or virtual?
<iliv> setuid, virtual. this system is xenial lts virtualbox guest vm. the adapter in question here is host-only type of adapter. the host is xenial lts too.
<setuid> If you set it to 'nat', does it work?
<iliv> I have two interfaces in this guest vm. One is enp0s3, which is the NAT interface you refer to and it always works. No problems whatsoever. The other one, which is enp0s8 we have been discussing so far, is the interface that is seemingly configured correctly but never works until it's toggled.
<iliv> and it is host-only as I said above
<setuid> Right, I understand that. If you change nothing at all in the guest, and just set the interface to NAT in vbox, does it work?
<setuid> I'm trying to separate the possible issues
<iliv> setuid, then I will end up with two NAT interfaces
<iliv> which wil most likely isn't going to work right
<iliv> setuid, I added this one-liner to /etc/rc.local: ifdown enp0s8 && ifup enp0s8 and it helps but it's an ugly hack obviously.
<setuid> You can have as many NAT interfaces as you want, up to the limits of your upstream switch/dhcp server's ability to hold them in the ARP table, but that's not the issue. I'm not saying this is the solution, I'm asking to test it to see if it's an issue in the host-only networking layer (vif) vs. NAT to a physical adapter.
<setuid> Right, that's a hack, not a solution
<iliv> sure, give me a couple minutes to test that..
<setuid> nacc, I'm wondering where this 'grub' issue really needs to be filed
<jhobbs> WG 2
<jhobbs> oops
<setuid> nacc, Is increasing /boot/ an SOP when you need more space? Or do most people just toss the build and reinstall? Or do they nuke /boot/ partition, add /boot to / and do what I did?
<iliv> setuid, alright so two NAT interfaces: http://i.imgur.com/LX5Q3sO.png It works.
<rattking> setuid: when I set maxcpus=8 on a system with 8 cores I find the post-up scripts do not work again.. any ideas on how to deal with that?
<nacc> setuid: yeah, not sure
<nacc> setuid: i mean, in theory, increasing the size of boot maybe is normal
<nacc> setuid: but i think most people start over when they hit it these days -- or know they don't really need a separate /boot, etc
<setuid> nacc, I generally set /boot/ to noexec, ro, sync and make it ext2, so having it separate from / makes sense, esp. if you corrupt your rootfs, you can still boot the machine and attempt some recovery
<nacc> setuid: sure, i can see reasons for doing it that way -- i think they are less relevant (ime) these days, but yeah, the bug might just be with usability when you try to switch /boot
<setuid> Part misinterpretation (/ being an LVM, and me adding /boot as a directory to that partition, which grub can't boot to), and the real bug that update-grub/grub.cfg and other tools implied they were doing the right thing, but grub itself was still booting to the old -partition-, even though it was not mounted to /boot/ any longer.
<setuid> update-grub should probably warn that it's going to create a non-bootable environment if it detects that /boot/ is on an LVM
<iliv> setuid, what do you know! a virtio-net host-only interface works. before that I used an Intel PRO/1000 MT Desktop variety virtual NIC.
<setuid> Sounds like a bug with the vif, file that with vbox
<setuid> Unless you can duplicate it on vmware workstation and isolate it as an OS bug
<JordanWP> I am using postfix on ubuntu server and my emails are relayed to MS Exchange.  Wondering how to change the From: address on the email.  Anyone?
<JordanWP> Its currently using wordpress@%hostname%
<bekks> Thats entirely not what a mail relay does.
<patdk-wk> JordanWP, fix your software that creates the email
<patdk-wk> sounds like it's wordpress
<sarnold> there's two From headers in email, the envelope-From and then the message body From:
<patdk-wk> no, there is only one from header
<patdk-wk> envelope-from is not a header
<sarnold> if your wordpress is sending with the /usr/bin/sendmail program then the -f command line option can change the envelope-from header: http://www.postfix.org/sendmail.1.html
<sarnold> if your wordpress is setting the From: header then you need to modify the wordpress config to set the correct thing
<patdk-wk> but it still comes down to, the software is creating the email incorrectly and needs to be fixed
<JordanWP> okay so i need to quit looking to change anything with postfix and dig through my wordpress files.
<sarnold> yeah, wordpress would be my starting point
<JordanWP> okay thank you.  I will start poking around.
<apb1963_> Aptitude is giving me an abortion when trying to install libsnmp-dev.  Details here: http://pastebin.com/AAaZgFid
<sarnold> apb1963_: normally that means that the i386 versions don't match exactly with the already-installed amd64 versions
<sarnold> apb1963_: try an apt-get update && apt-get -u dist-upgrade first to make sure that you've got the newest versions of everything.
<apb1963_> sarnold: I never do dist-upgrade ...it just makes me nervous.
<bekks> So do "apt update; apt full-upgrade" instead.
<sarnold> apb1963_: makes sense, just do a standard upgrade instead..
<apb1963_> well... what worries me is the fact that packages can get removed and I don't know enough to know when to be concerned. However... I'll give it a shot.
<apb1963_> I do upgrades on a regular basis
<sarnold> that does seem to happen a lot when people wind up installing the i386 binaries alongside the amd64 binaries
<sarnold> for some reason some idiot software suggests something that then winds up trying to uninstall sudo.
<apb1963_> well... that was the result of a script the asterisk related people wrote...  and yes... it's idiotic.
<apb1963_> It looks for purged packages and then trys to install them
<apb1963_> sacrificing the already installed version
<apb1963_> That's where the i386 packages come from
<apb1963_> Being the trusting sort without a good understanding of the packaging system... I ran the script.
<apb1963_> although I'm not quite sure why they turn up in an aptitude search
<apb1963_> oh... nvm... brain fart
<apb1963_> strike that last sentence
<apb1963_> how can I cat a file to pastebin directly?
<apb1963_> I used to be able to do it.. forgot how.
<nacc> apb1963_: pastebinit
<apb1963_> oh yeah
<apb1963_> :)
<apb1963_> thx :)
<bekks> By running: cat yourtextfile | nc termbin.com 9999
<nacc> or that
<apb1963_> nc... is that netcat?
<apb1963_> output from latest script run.  It's not pretty.  http://paste.ubuntu.com/23090907/
<sarnold> what a disaster
<apb1963_> pretty much
<apb1963_> afk... brb
<apb1963_> ok
<apb1963_> so...I guess I need to rewrite the script so that it doesn't try to install purged packages.
<apb1963_> Perhaps use apt-get instead of aptitude?
<apb1963_> Here's the script if yo're interested....  http://paste.ubuntu.com/23090933/
<bekks> If your script caused that mess, I'll not use it :P
<apb1963_> no... not for using... for fixing :)
<apb1963_> As in... helping me to determine the correct way to do it.
<sarnold> there's good news and bad news
<apb1963_> lol
<sarnold> the bad news is that script looks terrible and what it's done to your system may be insanely difficult to repair
<apb1963_> yeah
<sarnold> the good news is that you can very nearly do what you need form it with very little effort
<sarnold> "apt-get install <start copy-and-psating the pacakges from the PACKAGES_DEBIAN lines>"
<apb1963_> yeah... it's not a difficult script in general
<apb1963_> yeah.. pretty much... I was thinking to just eliminate the search for packages since it just does stupid with the results.
<apb1963_> And that would basically make it a plain aptitutude (or apt-get) install.
<sarnold> these sorts of "install scripts" are always miserable compared to just preparing a package with proper dependencies, like all the other packages in the archive have done..
<sarnold> apb1963_: here's a little script you can use to find i386 packages on your system: dpkg -l | awk '$1 ~ /ii/ && $4 ~ /i386/ {print}'   --- some may need to be there, so don't just go deleting things all over the place. but it may be helpful.
<apb1963_> nice
<apb1963_> thank you
<sarnold> apb1963_: here's the ones that are already installed on my laptop http://paste.ubuntu.com/23090948/
<sarnold> i'm surprised how many I have
<apb1963_> http://paste.ubuntu.com/23090951/
<sarnold> hah, that paste just has the url to your previous paste :)
<apb1963_> hmm
<apb1963_> o i c what happened
<apb1963_> http://paste.ubuntu.com/23090956/
<apb1963_> i'm running 14.04.5  you?
<sarnold> 16.04 here
<apb1963_> also for the record... I removed libsnmp-dev from the list because it kept aborting.
<sarnold> I've never used aptitude enough to know how it really works but I have a feeling that this would have worked way better if the script had just blindly used apt to install everything without trying to be clever
<sarnold> apb1963_: if you're willing to gamble a bit, try this: apt-get purge $(dpkg -l | awk '$1 ~ /ii/ && $2 ~ /:i386/ && $4 ~ /i386/ {print}')
<apb1963_> sarnold: owwie
<sarnold> apb1963_: that will try to delete all the i386 pacages that have :i386 in the name
<apb1963_> sarnold: wouldn't I be better off simply letting apt-get attempt to resolve?
<sarnold> apb1963_: maybe. your situation is .. certainly extreme.
<apb1963_> It sure would be nice if ubuntu was distributed with essential packages pre-pinned so you couldn't hose your system unless you really knew what you were doing.
<sarnold> yeah it'd be nice if there was some way to alllow upgrades but not uninstalls on some subset of packages..
<sarnold> sudo has a preuninstall script that protects it
<sarnold> but I can't imagine that anyone who has run into it also has the technical ability to make their package database happy again
<apb1963_> and of course the asterisk guys refuse to take responsibility since it's a contributed script.  I think I"ll contribute "rm -rf /" and see if they change their policy
<apb1963_> exactly.  The package management system is a basic nightmare.  I doubt anyone knows the proper way to use it.l
<apb1963_> sarnold: I think what I need to do is determine which packages have both amd64 and i386 available... and then purge just those.
<apb1963_> or at least start there.
<sarnold> apb1963_: I think that's what the :i386 in the package name indicates
<apb1963_> no I don't mean on my machine... I mean in the repos.
<apb1963_> I would assume that if there is an amd64 package, that I want it.
<apb1963_> rather than the i386 pkg
<sarnold> that's what I mean, the :i386 bit in the package name means that that package has both amd64 and i386 variants
<apb1963_> And if there is no amd64 available... then I get the i386
<sarnold> heh ,are there any packages that are only i386?
<apb1963_> huh?  so.. how does it indicate that only i386 is availalbe?
<sarnold> now I'm curious
<apb1963_> oh... that I don't know.  But it begs the question... why would any of my pkgs be i386 if there are amd64 versions for everything?
<sarnold> _normally_ it would be because e.g. a game vendor only makes i386 builds of their game because they are still stuck in 2006 or something
<sarnold> or WINE
<apb1963_> ok... so back to your comment:  "<sarnold> that's what I mean, the :i386 bit in the package name means that that package has both amd64 and i386 variants"  How can you tell that there is no amd64 package if i386 claims both are available?
<sarnold> apb1963_: I'm not sure, I'm trying to think of a way to figure out if there are any packages that exist for i386 but not amd64
<apb1963_> well... wouldn't it be reported by dpkg in that script you made?
<apb1963_> tweaked a bit of course
<DexDeadly> Hey all, quick question.  I just setup a lamp stack.  My question is this is just local, whats a good ftp setup to do and use or any other good apache web admin
<sarnold> that script only knows about packages that have been or are installed on the computer
<sarnold> DexDeadly: the best ftp setup is to forget about ftp and use sftp instead :)
<apb1963_> sarnold: yes... I'm seeing that now...  however I'm also seeing things like this:
<apb1963_> ii  linux-libc-dev:amd64    3.13.0-93.140    amd64            Linux Kernel Headers for development
<apb1963_> ii  linux-libc-dev:i386     3.13.0-93.140    i386             Linux Kernel Headers for development
<apb1963_> and I think that's a pretty good indication of a problem
<sarnold> apb1963_: there are legitimate reasons for that to happen but I don't think that script had your best interests at heart :)
<apb1963_> no.. it really didn't.  Some clown wrote it... perhaps it worked on an earlier version.
<sarnold> it may work fine on a system without the multiarch packages available...
<apb1963_> Yeah... yet more confusion as to what packages should be installed.
<apb1963_> sarnold: So I've decided to purge anomolies.  http://paste.ubuntu.com/23091091/
<apb1963_> I did that because I saw this:
<apb1963_> ii  gcc-4.8-base:i386                                           4.8.4-2ubuntu1~14.04.3                   i386         GCC, the GNU Compiler Collection (base package)
<apb1963_> ii  gcc-4.9-base:amd64                                          4.9.3-0ubuntu4                           amd64        GCC, the GNU Compiler Collection (base package)
<apb1963_> ii  gcc-4.9-base:i386                                           4.9.3-0ubuntu4                           i386         GCC, the GNU Compiler Collection (base package)
<apb1963_> How's that look to you in terms of letting in proceed?
<apb1963_> s/in/it
<sarnold> apb1963_: yay, looks good
<apb1963_> ty
<sarnold> apb1963_: thogh there's that 'skype'. If you want it you may want to reinstall skype again once you're done..
<apb1963_> Yeah... would be nice if I could say  yes to all except skype
<apb1963_> or  yes this no that.
<apb1963_> I was about to remove the i386 version but since it had so many pkgs unrelated to asterisk (like adobe reader) I decided to see what the amd64 version looked like. http://paste.ubuntu.com/23091113/
<apb1963_> sarnold: ^^
<sarnold> apb1963_: what does dpkg -l libc6 show?
<apb1963_> ii  libc6:amd64                         2.19-0ubuntu6.9        amd64                  Embedded GNU C Library: Shared libraries
<apb1963_> ii  libc6:i386                          2.19-0ubuntu6.9        i386                   Embedded GNU C Library: Shared libraries
#ubuntu-server 2016-08-26
<sarnold> that means this line is really baffling:
<sarnold> libbaloocore4 : Depends: libc6 (>= 2.14) but it is not going to be installed
<sarnold> try an apt-get install libc6 and make sure that your package database knows you want that :)
<apb1963_> well presumably it's not going to be installed because it's already installed
<apb1963_> sarnold: http://pastebin.com/T1QmKezr
<apb1963_> sarnold: trying to purge amd64 results in E: Error, pkgProblemResolver::Resolve generated breaks, this may be caused by held packages.  Attempting to purge i386 does not yield the same result (though I didn't follow through on the purge for either package).
<sarnold> apb1963_: you definitely want the libc6 package installed :) hehe
<apb1963_> yes... but the question is which version?
<sarnold> I've got both i386 and amd64 versions installed, no big deal there.. it's only a few megs
<apb1963_> it's not the space that's the issue.
<DexDeadly> and i was expecting the sftp lol
<DexDeadly> its a local non access to the internet page I want to manage on my 16.04LTS server
<DexDeadly> granted I guess easier way is just setup a samba share right
<sarnold> heh, I've never once found samba "easy" but if you're living in a windows world it might be
<apb1963_> sarnold: obviously the amd version has a problem...  but I can't remove it so... how does one fix a package that refuses to be purged?
<DexDeadly> I have a combo of linux and windows servers
<sarnold> apb1963_: at some point, ignore it.. hehe :)
<apb1963_> sarnold: it does give a clue...  held packages.
<DexDeadly> ad server windows server and another windows server with some other stuff.  2 linux servers, one for openhab home automation, this is the one I'm looking to just connect to as I'm designing a new front end ofr it and then an emby linux server both 16.04
<sarnold> apb1963_: try dpkg --get-selections | grep hold
<apb1963_> sarnold: on the other hand.. it's refering to aptik and phpadmin, I doubt either are required to fix the error....
<apb1963_> oh wow.  pastebin coming up
<apb1963_> sarnold: http://paste.ubuntu.com/23091145/
<sarnold> apb1963_: aha! it might be worth trying dpkg-unhold on those packages and then see if things start making sense
<sarnold> DexDeadly: heh, indeed, that's enough windows systems around that maybe it is worth setting up samba shares instead of dealing with ftp or sftp clients when moving files around
<apb1963_> ok
<apb1963_> sarnold: That made a definite difference.  http://pastebin.com/ryBbjh7y
<sarnold> yikes DO NOT DELETE libc6:amd64   :)
<apb1963_> lol
<apb1963_> I know
<apb1963_> I was just testing...
<apb1963_> now i386.. not as bad
<sarnold> brave :)
<apb1963_> well I knew it would pause and ask
<apb1963_> so not so brave
<DexDeadly> yea guess I'll just do that
<sarnold> that's like checking if rm -rf /   _really_ prompts you with a warning...
<apb1963_> lol
<sarnold> .. by bloodyt yping it
<apb1963_> I didn't know it did
<apb1963_> now I have to check
<apb1963_> j/k
<sarnold> that's the thing -- I've heard it does but I haven't been brave enough to find out :)
<apb1963_> lol  do it on a VM or something
<DexDeadly> I just dont want to go and chmod it just so I can create a quick smb.conf section for it but eh its just local no internet access
<apb1963_> me... I don't care if it does or not
<apb1963_> so anyway... back to forward motion
<apb1963_> sarnold: I have both versions of libasound2 http://pastebin.com/4K4J5U8c  Look safe to purge i386?
<sarnold> apb1963_: mostly; is the teamviewer thing there for something specific?
<apb1963_> nah not really.. can reinstall
<rabbitdew> After installation, I want to replace the var directory with a new logical volume. DO I have to do anything other than copy over everything in it, then add my new LV to fstab and remount it
<apb1963_> sarnold: ok to purge or still checking?
<sarnold> apb1963_: okay to purge libasound2:i386
<apb1963_> ty
<apb1963_> sarnold:  by the way... if I suddenly disappear and don't return... you'll know why :/
<sarnold> apb1963_: hehe, the thing is, most programs will continue executing just fine even if you get rid of something insanely important
<apb1963_> sarnold: sure...  until you reboot or the program otherwise stops and you have to restart it
<sarnold> rabbitdew: I think you mostly just need to be careful how you do the copy; cp -a or the tar cf - | (cd /dest && tar xf -) methods probably work for example but anything that would screw up symbolic links or sockets or not preserve owner / modes would be trouble
<sarnold> rabbitdew: maybe also kill all programs that have files in the old /var open, first, so that all the files are quiescant
<apb1963_> sarnold: like /var/log/
<apb1963_> sarnold: I'd suggest a reboot for him
<sarnold> apb1963_: definitley doing it from a rescue shell would be ideal, but that's not always easy :/
<apb1963_> sarnold: yes...that would be best... but I assume he's not.
<rabbitdew> sarnold: hmm., thanks. I'm trying to take a really vanilla ubuntu install, with one root partition, and one big lvm partition. Then use ansible to make new lvm's for swap, home, and var
<rabbitdew> ah, i really should probably also do it from single user mode
<rabbitdew> it would be easy way to kill all the programs using it
<apb1963_> sarnold: next up on the chopping block for review... libaudio2 http://pastebin.com/KpufTsUn
<apb1963_> rabbitdew: yes
<apb1963_> rabbitdew: relatively.  However... if you have a liveCD.. that would be the way to go
<apb1963_> rabbitdew: I don't know whether kern.log and similar get opened during single user mode.   Maybe someone else does.
<sarnold> apb1963_: feel free to stop inspecting the :amd64 versions :) you'll probably want to keep those...
<somethingdope> Dumb questions ahead:  I'm considering setting up an ubuntu server to act as a backup/storage/maybe media server and want to know if I'm missing something I plan to use rsnapshot and probably seafile
<apb1963_> sarnold: I'm only inspecting to verify that nothing is screwy... like earlier with the held packages.
<somethingdope> Should I just do everything through ssh?
<apb1963_> somethingdope: Assuming by "everything" you mean type commands on the command line, then yes.
<apb1963_> sarnold: so... i386 good to purge?
<sarnold> apb1963_: yeah
<apb1963_> sarnold: ty
<somethingdope> apb1963_, I more meant whether or not a particular visual interface was recommended over ssh
<rabbitdew> apb1963_: liveCD? nah dude, I'm trying to straight up do server configuration on a fresh install
<apb1963_> somethingdope: which is why I answered how I did... it depends what yo're trying to do... I don't know what seafile is and I've never used rsnapshot...
<rabbitdew> apb1963_: with ansible
<apb1963_> rabbitdew: The reason for a liveCD is so that you can run off of it, while you modify your hard drive.
<apb1963_> rabbitdew: I'm not familiar with ansible.
<rabbitdew> apb1963_: it's just a configuration management tool that uses ssh
<rabbitdew> apb1963_: so i want to take an ubuntu installation with a boot, root, and LVM partition. Then after installation, use ssh to cut up my logical volumes and mount them on home and var
<apb1963_> rabbitdew: ok... assuming it's on your liveCD I presume you can still use it.  The only point I'm trying to make is that by running off a different system (the liveCD) you won't have any files open on the disk you're trying to modify,
<somethingdope> apb1963_, From my understanding seafile is like dropbox but on your own network.  Actually is it possible to mount a partition on the servers harddrive to my main computer?
<sarnold> rabbitdew: is there some reason why they can't just be installed the way you want? I know the debian installer interface is baffling, but that'd feel easier in the long run
<somethingdope> apb1963_, That would be perfect because I have only 150 gigs on my main computer and my server will have 2tb
<rabbitdew> so I can automate the configuration of dozens of servers at once
<apb1963_> somethingdope: You can use NFS to mount from other computers.
<rabbitdew> without access to any kickstart
<rabbitdew> even if pxe is broken, I can get smoebody cheap to just make real generic installs for me
<somethingdope> apb1963_, Dope, that is way better than seafile for my purposes, What do you guys think about Amahi btw?
<rabbitdew> that are so simlpe there's very little chance they'll be different. THen automate the configuration of all of them for different purposes
<apb1963_> rabbitdew: Lots of ways to skin that cat.  tftp will let you boot from an image server if that helps.
<rabbitdew> apb1963_: actually an image server would be real appropriate for what I'm doing
<apb1963_> somethingdope: You can also use samba if you have windows in your setup
<rabbitdew> thank you
<apb1963_> rabbitdew: look up bootp and/or tftp
<rabbitdew> apb1963_: I'm real limited in what's available to me at the moment, but I'll look into it
<rabbitdew> archaic firewall rules i just kinda step into, and other people owning projects (like the boot server) i can't touch much. When I get this figured out a little better i'll make a proposal
<somethingdope> apb1963_, Luckily I'm just working off of linux for right now, I'll keep that in a pocket for when I need it though
<somethingdope> Is setting up a NAS hard?
<apb1963_> rabbitdew: I've made the assumption you're doing this on a LAN.  If not... a different solution might be better.
<sarnold> somethingdope: it's slightly tricky to keep userids synchronized among all machines
<sarnold> somethingdope: that either means fiddling with userid and group id numbers manually or setting up a centralized ldap or something to get the same job done..
<apb1963_> Hmmm.... I'm trying to remember if NIS+ handles  userids
<apb1963_> I didn't know ldap did it
<sarnold> nis+ should and it might even be easier to set up than ldap. dunno if it's still around though :)
<somethingdope> sarnold, Luckily I only have one computer that the server needs to sync with right now.  I'm mostly using it as an external hard drive
<apb1963_> The first time I looked at ldap I almost wet my pants.  Then I found a tutorial and I smiled again... it was easy.
<apb1963_> Or at least not as hard.
<somethingdope> Also as my main use for this server seems to be as NAS.  Is FreeNAS better than Ubuntu-server for this usecase?  The laptop is old
<apb1963_> and I promptly did nothing about setting it up :)
<apb1963_> somethingdope: no clue.  I'm still trying to figure out the difference between NAS and SAN
<apb1963_> not actively but ya know.
<apb1963_> Oh Amahi? Good band.  Quite danceable.  :)
<apb1963_> sarnold: This one wants to remove libpulse0 among other things.  http://pastebin.com/iKGa7HRQ
<apb1963_> sarnold: check it out.  apt-cache depends libpulse0:i386   http://paste.ubuntu.com/23091272/
<apb1963_> sarnold: And finally... this answers an earlier question:
<apb1963_>     To print detailed information of the versions available for a package and the packages that reverse-depends on it:
<apb1963_>          apt-cache showpkg package
<somethingdope> Has anyone here tried Open Media Vault?
<|\n> hello, does ubuntu support apt mirror method for fetching updates officially?
<sarnold> somethingdope: freenas is apprently pretty nice, but I think the zfsonlinux support is more mature than the freebsd zfs support.... just my gut feeling though
<sarnold> apb1963_: re   libasyncns0:i386* libpulse0:i386*  that's just deleting the i386 of libpulse0, you were probably going to delete that intentionally in a few minutes anyway :)
<sarnold> |\n: what's that?
<somethingdope> sarnold, Ok, my main concern with freenas is learning bsd, How hard will it be if I have to dive into the command line comming from ubuntu?
<|\n> sarnold, mirror:// lines in your sources.list
<sarnold> somethingdope: it'll be different but not too bad. i like the bsds, they have excellent documentation.
<apb1963_> sarnold: well... a buttload of things depend on it.  http://paste.ubuntu.com/23091297/
<sarnold> apb1963_: yes, all :i386 things. Maybe if you care about wine you'll care about it, otherwise, keep purging :)
<apb1963_> somethingdope: bsd has all the same basic commands... some of the options are different.  You might have to type something like ps ax instead of ps -ef
<apb1963_> as an example
<sarnold> funny, I learned ps aux first, ps -ef just feels funny
<apb1963_> yeah... for me it was the reverse
<apb1963_> then I got to play with AIX
<sarnold> sorry :)
<apb1963_> everything worked no matter what you typed.  lol
<sarnold> |\n: you know that the mirror: thing sounds familiar but I can't find any documentation on it ..
<apb1963_> It was actually a pretty decent system... just big really... but then... that''s IBM for ya.
<apb1963_> big system for big iron
<apb1963_> We ran AIX under VM370 running as a guest OS on a 3090 if memory serves... and I don't think it does.  lol
<sarnold> you can probably still run it all today if you want.. :)
<somethingdope> Ok so now I'm choosing between open media vault and freenas.  I like the idea of having a gui cause I am not proficient enough with the command line yet to entrust my data to it.
<apb1963_> no... please.
<apb1963_> lol
<|\n> sarnold, that is why i came up, i got a problem with it however http://mirrors.ubuntu.com/mirrors.txt shouldn't be that wrong (404 for current LTS on one of the mirrors) and at first place i don't understand how https://launchpad.net/ubuntu/+archivemirrors can contain "Last update unknown", why u no remove em?
<|\n> also there is an old bug report https://bugs.launchpad.net/ubuntu/+source/apt/+bug/601916 and i wonder on what reason it was closed like that hah
<ubottu> Launchpad bug 601916 in apt (Ubuntu) "mirror: method should try the next mirror on 404" [Undecided,Invalid]
<sarnold> |\n: dino99 just does that. Please change from Invalid to Confirmed and add a comment that this still happens -- and mention what version of ubuntu you're using and dpkg -l apt output
<|\n> thanks, sarnold i just never have enough courage to do so
<|\n> that boosted me up lol
<sarnold> :)
<somethingdope> decided OpenMediaVault
<apb1963_> sarnold: say goodbye libasyncns0:i386
<sarnold> apb1963_: \o.
<sarnold> \o/ rather
<sarnold> apb1963_: btw, nas vs san... a NAS is a network filesystem, often good for multiple people to access at once (thogh maybe not the same files at the same time)
<sarnold> apb1963_: a SAN is when the block-level interface to the drives are exposed over the network -- something like iscsi or nbd or fibrechannel's disk modes...
<sarnold> apb1963_: if multiple computers are going to work on a single specific export from a SAN system they need to use a clustered filesystem
<sarnold> apb1963_: if a single machine will  use it (more common) then it could just be ext4 or whatever, but the filesystem itself would managed by the mounting computer; the SAN server itself just sees a stream of block requests
<apb1963_> sarnold: all of those pkgs are marked "rc" ... implying they should be purged.  http://paste.ubuntu.com/23091318/
<|\n> i definitely admire such people and appreciate the fact that he found some time to mark as invalid an existing misbehavior bug with plain sentence in the comment: "Support for this version has ended"
<|\n> version of what?
<|\n> wtf
<apb1963_> the version with the bug of course.  lol
<|\n> year 2016, still exists
<|\n> since that 2010 report
<|\n> because "Support for this version has ended"
<apb1963_> sarnold: thanks for the explanation but...  I'm still at a loss to understand it.  One day I'll get around to reading a good tutorial on it should the day come that I think I might need it...  I'm just getting up the nerve to think about LVM.  lol
<sarnold> apb1963_: I think you can ignore all those 'rc' packages; maybe a grand pass of apt-get purge or something to clean up their configuration files might be nice but it's really not doing much harm
<apb1963_> ok
<sarnold> |\n: heh, don't be too harsh on dino99, he means well, and quite often the bugs -are- fixed by the time he closes them, via the natural order of things, bugs are often overlooked...
<sarnold> apb1963_: my personal advice is to skip lvm and move to zfs instead -- one single tool for managing pools of disks and the filesystems on them. it's not a perfect replacement for lvm but when zfs works for a problem, it's fantastic :)
<sarnold> apb1963_: here's a nice series of blogposts about zfs in case you're curious https://pthree.org/2012/12/04/zfs-administration-part-i-vdevs/
<apb1963_> sarnold: apt-get purge libatk-bridge2.0-0:i386  Done, no muss no fuss.
<|\n> sarnold, agreed, i got issues with my own behavior unfortunately
<apb1963_> sarnold: It'll be quite awhile before I get around to zfs... I expect I'll install 16.04 before then...
<apb1963_> and THAT is a long ways down the road.  lol
<apb1963_> sarnold: And libatk1.0-0:i386 gets the purge.  You may be wondering why I'm telling you.  I figure it's a way to document what's being removed... just in case the question comes up later it makes it easy to find.
<sarnold> :)
<apb1963_> sarnold: libatspi2.0-0:i386 gets the purge
<apb1963_> sarnold: OK this one is funky.  It wants to install packages on the purge.  http://pastebin.com/Rz3UCiF4
<sarnold> apb1963_: that's the amd64 variant :)
<sarnold> apb1963_: don't delete that
<apb1963_> yes, it's amd64... but... it's telling us something... like it's dependent on those packages.
<apb1963_> And they're missing.
<apb1963_> Which implies if I remove the 386 version, the remaining version wont' work.
<apb1963_> Not that I have any idea what they're used for or if they're important.
<apb1963_> sarnold: ^^^
<sarnold> you'd delete quite a few important packages if you delete the 64bit version of heimdal :)
<sarnold> you really don't want to do that
<apb1963_> That's not what I'm saying
<apb1963_> I realize that, and I agree.
<apb1963_> However...
<sarnold> I know.. I think it's probably best to focus on little things first..
<sarnold> I can't spot why any of those other packages would be installed, but none of them are particiular important to the functoining of the system -- specific programs perhaps, but not the system
<apb1963_> ok, that's what important
<sarnold> if you want to try "apt-get install bzr" to find out it's opinion of things, that might be instructive
<sarnold> but not important
<apb1963_> thank you
<apb1963_> sarnold: yeah it wants a bunch of stuff
<apb1963_> so...  apt-get purge libasn1-8-heimdal:i386 ?
<sarnold> yeah
<apb1963_> k
<apb1963_> sarnold: can we doublecheck the 386 version please?  I'm a little nervous.  http://pastebin.com/Kcp1Geau
<apb1963_> ok a lot nervous :)
<sarnold> apb1963_: looks good :)
<apb1963_> ty
<apb1963_> sarnold: purge purge libasn1-8-heimdal:i386 #note
<apb1963_> it sounds so nice  ya gotta say it twice
<sarnold> lol
<apb1963_> :)
<apb1963_> sarnold: purge libavahi-common3:i386 #note
<apb1963_> sarnold: purge libbluetooth3:i386 #note
<apb1963_> sarnold: purge  libbsd0:i386 #note
<apb1963_> sarnold: purge libcairo-gobject2:i386 #note
<apb1963_> sarnold: purge libcairo2:i386 #note
<apb1963_> sarnold: purge libcapi20-3:i386 #note
<apb1963_> sarnold: purge libcgmanager0:i386 #note
<apb1963_> sarnold: purge libcloog-isl4:i386 #note "The Chunky Loop Generator library" (I kid you not)
<sarnold> "CLooG is a software which generates loops for scanning Z-polyhedra." not much more helpful
<apb1963_> That's totally helpful if you have any Z-polyhedra :)
<apb1963_> sarnold: purge libcolord1:i386 #note
<apb1963_> Why it's on my system, I'll never know.
<sarnold> |\n: hey, did you notice which mirror didn't have the LTS you wanted?
<sarnold> lol
<TAFB> When I try and install php7.0 it wants to install apache2?!? wtf? :( http://pastebin.com/Dkxt8NPd
<sarnold> |\n: also what country are you in?
<apb1963_> TAFB: Apparently the pkg maintainer decided if you're going to install php7.0 you must want apache2 as well.  Who in the world would use php without apache?
<TAFB> lol :(
<sarnold> TAFB: please file a bug with 'ubuntu-bug php7.0' -- dunno if it can really be fixed but it's worth a bug report
<TAFB> sudo apt-get install php7.0-fpm seemed to work (for my nginx)
<apb1963_> TAFB: I meant it tongue and cheek but that's actually a true statement... php was designed for the web... it's not supposed to serve any other purpose afaik
<apb1963_> well there ya go
<apb1963_> I guess.
<|\n> sarnold, yeah noticed it was https://bugs.launchpad.net/ubuntu/+source/apt/+bug/601916 and russia
<ubottu> Launchpad bug 601916 in apt (Ubuntu) "mirror: method should try the next mirror on 404" [Undecided,Confirmed]
<sarnold> |\n: heh that's the bug url again :)
<|\n> my comment in there
<sarnold> ah!
<|\n> http://linux.psu.ru
<apb1963_> I have reached my limit of 10 pastes per day on pastebin.com ... what's another good paste site?
<sarnold> apb1963_: http://paste.ubuntu.com/
<apb1963_> ty
<cncr04s> stop pasting password dumps
<apb1963_> cncr04s: ok, thanks for the advise
<apb1963_> sarnold: Not sure about this one.  http://paste.ubuntu.com/23091440/
<sarnold> keep driving :)
<apb1963_> sarnold: purge libct4:i386 #note
<apb1963_> how this crud gets on my system... I"ll never know.  Must be the same pkg maintainer that handles php7.0
<sarnold> apb1963_: nahhhh the php7.0 transition was good work :) _this_ is the stupid asterix script..
<apb1963_> no... it has a well defined list of needed packages...  it just blew it by looking for purged packages to install.
<apb1963_> purged versions of the needed packages.
<apb1963_> Probably written at or prior to 12.04
<apb1963_> So maybe purged packages were always the same architecture.
<apb1963_> dunno their thinking.
<sarnold> broken from the start with "lets treat yum identical to apt"
<apb1963_> haha   well...  their comment for yum was something like "lets do it this way and hope for the best"
<apb1963_> Here it is:
<apb1963_> # parsing the output of yum is close to impossible.
<apb1963_> # We'll use rpm and hope for the best:
<apb1963_> lol
<apb1963_> sarnold: purge libcups2:i386  #note
<apb1963_> sarnold: purge libdatrie1:i386 #note
<apb1963_> sarnold: purge libdb5.3:i386 #note
<apb1963_> sarnold: I'm more than a bit nervous about purging this one...  libdbus-1-3:i386    it takes libnih-dbus1:i386 with it.
<sarnold> keep going :)
<apb1963_> sarnold: well... all the other related dbus packages are amd64 so.. it's probably safe but... ya know.
<apb1963_> sarnold: Not sure about this one either... libdrm-intel1:i386  I guess it's not system specific so...
<apb1963_> sarnold: ugh.  there's pages and pages to go... most, but not all of the one's marked rc have both sets of packages.
<apb1963_> sarnold: and you saw the rc list :/
<sarnold> apb1963_: feel free to ignore the rc lits
<sarnold> that
<sarnold> that's normal on debian and ubuntu systems for decades :)
<apb1963_> sarnold: I understand... I'm just saying... most of what's there seems to have both sets of packages... and that's a long, long list.
<apb1963_> Which means... most of what's on the rc list, I will come up with to purge.
<apb1963_> Based on the method I'm currently using, which is to eyeball packages that have both i386 and amd64
<apb1963_> there's gotta be a better way
<sarnold> < sarnold> apb1963_: if you're willing to gamble a bit, try this: apt-get purge $(dpkg -l | awk '$1 ~ /ii/ && $2 ~ /:i386/ && $4 ~ /i386/ {print}')
<apb1963_> sarnold: well.. that's just it.. I'm not.
<sarnold> hehe
<sarnold> what does dpkg -l | awk '$1 ~ /ii/ && $2 ~ /:i386/ && $4 ~ /i386/ {print}'    report now? you've removed so many already
<apb1963_> however... if that script also produced the amd64 version if there was a match, that would be helpful
<apb1963_> In other words... if it printed only those packages which had both versions.
<apb1963_> sarnold: http://paste.ubuntu.com/23091482/
<sarnold> well... it's shorter. :)
<apb1963_> sarnold: here's what would be helpful...  Using the above script as a starting point - for every item on the list, the script needs to check for a corresponding amd64 version.  If so print the package name.
<apb1963_> it could be done inside the awk script... if you match the first .. read the next line and check for amd64
<apb1963_> think I'll work on that for a bit
<sarnold> apb1963_: this is .. related, but different: http://paste.ubuntu.com/23091496/
<sarnold> apb1963_: you drove me to wondering what packages exist it only 386 but not amd64, so this is the list of 'main' packages that have i386 but not amd64 versions.
<apb1963_> ah
<apb1963_> hmm.  I forgot what we were going to do with that info.  lol
<sarnold> _maybe_ looking through your list of packages to see if there are matches ..
<apb1963_> ah, found the comment: [16:29] <apb1963_> sarnold: I think what I need to do is determine which packages have both amd64 and i386 available... and then purge just those.
<apb1963_> which is essentially a repeat of what I mentioned just above...
<apb1963_> [20:39] <apb1963_> sarnold: here's what would be helpful...  Using the above script as a starting point - for every item on the list, the script needs to check for a corresponding amd64 version.  If so print the package name.
<apb1963_> [20:41] <apb1963_> it could be done inside the awk script... if you match the first .. read the next line and check for amd64
<apb1963_> sarnold: tada....  http://paste.ubuntu.com/23091704/
<sarnold> apb1963_: woot
<apb1963_> now...  what needs to be done next is determine which packages cannot be purged.. delete those from the file... and then I have a file of packages I can feed to purge.
<apb1963_> Saving me another 6 hours of work  or something
<sarnold> apb1963_: I'd delete them all, unless you've got an i386 program that requires one or more of them
<sarnold> or rather, you've got an i386 program that you want to run again, and it requires one or more of them.. ;)
<apb1963_> umm... remember those you mentioned as "drive on" ?  They're in there too... as are others I presume you haven't looked at.
<apb1963_> you know... libc and whatnot
<apb1963_> sarnold: ^^
<sarnold> apb1963_: oh hell, I hadn't considered that might be ambiguous
<sarnold> apb1963_: delete them unless you've got an i386 program that you care about...
<apb1963_> even libc6 ?
<sarnold> yeah; you only need an i386 libc6 if you've got an i386 program that needs it
<apb1963_> I don't really know if I have any i386 programs
<apb1963_> Put it this way... I definitely don't remember if I do.
<apb1963_> well dpkg would turn up anything... so it would be in that list
<sarnold> aha, this found a few things on my computer: sudo find /usr -type f -executable -exec file {} \; | grep 'ELF 32'
<apb1963_> sarnold: nothing pops out at me... other than elf libs
<apb1963_> haha
<apb1963_> sarnold: oh man... I have tons of stuff...
<apb1963_> sarnold: mostly in /usr/local/
<sarnold> apb1963_: interesting, anything you care about?
<apb1963_> some of it yeah
<apb1963_> virtual box perhaps... definitely libpoppler
<apb1963_> ditto okular which uses libpoppler
<apb1963_> mpg123
<sarnold> hmm, okular is packaged for ubuntu, you could install the okular package directly
<sarnold> a 32bit virtualbox sounds .. unfun. heh.
<apb1963_> but I suppose it's all rebuildable
<sarnold> mpg123 is also packaged for ubuntu, you could install the mpg123 package directly too
<apb1963_> Some of it may be leftovers from 12.04 that I never recompiled
<apb1963_> yeah... I mean it's not like I can't reinstall packages
<apb1963_> as long as it doesn't take any required data with it... it shouldn't be an issue
<apb1963_> luckily I doubt anything really has any data to go with it
<apb1963_> I guess I'll be taking the plunge... libc6:i386 and all
<apb1963_> sarnold: now's the time to stop me...
<sarnold> apb1963_: hehe I think this is the last cleanup from that horrible script :)
<sarnold> maybe libc6:i386 itself wasn't installed by the script but it's extremely unlikely you need anything that currently uses it. You may need to rename the /usr/local/bin/okular away from that name to use the system okular, of course, but that's something else....
<apb1963_> At the very least they could have put what version it was appropriate for.  It probably wouldn't have stopped me but it would have given me pause to look a little closer.
<sarnold> heck even if you'd asked my opinion beforehand I wouldn't have spotted it.
<apb1963_> oh I don't think I need anything special for okular...  I might even already be using it... lemme check
<sarnold> I would have thought it looked a little silly but I sure wouldn't have thought that it would cause the trouble it did.
<apb1963_> yes... /usr/bin/okular
<apb1963_> so that's a leftover from 12.04 I guess... I remember I did have to compile it for 12.04... the whole thing was a mini-nightmare
<apb1963_> sarnold: ok... I'm plunging.
<apb1963_> sarnold: last chance to stop
<apb1963_> me
<sarnold> I'm 99% sure deleting it's going to be the right answer
<apb1963_> lol
<sarnold> and 99% sure that adding it back will be easy enough if it turns out to have been the wrong answer
<sarnold> feel free to skip if that gives you pause :) you cleaned up a huge amout of mess already
<apb1963_> well... what scares me is that to find out if it really worked, I'll need to reboot.  And if it doesn't work, I won't know what to fix... and if I can't connect here... I'm screwed.
<apb1963_> of course I could already be in that position
<apb1963_> Like I deleted some network lib or something essential
<apb1963_> What I always tell myself I need to do is keep a list of config (like /etc/) files I change so I can back those up... but I never make that list.
<sarnold> man i've wanted one of those /etc things forever
<sarnold> I've been meaning to look into etckeeper for .. well, many years
<apb1963_> there's actually something called...
<apb1963_> lol
<apb1963_> yep... I have it installed
<apb1963_> But... I don't recall how to use it.  lol  I messed with it for awhile and then just left it alone... so it works and all... but ... I'll have to go relearn  how to use it.
<apb1963_> I used to back up with backintime.... then I ran out of disk space and it started deleting older backups... no no no.  So I stopped it until I can afford to buy more space.
<apb1963_> sarnold: by the way... dbus is on the list too...
<sarnold> apb1963_: so long as the 64-bit dbus is there and alive and well..
<apb1963_> sarnold: it's there... whether it's alive and well I have no idea
<apb1963_> sarnold: someone taught me a few dbus commands a few years ago... as you can probably guess... yup... don't remember 'em.
<apb1963_> I doubt it would let me know which version it's using
<apb1963_> though I'm sure there's a way to find out
<sarnold> apb1963_: along the lines of for p in $(pidof dbus-daemon) ; do cat /proc/$p/maps ; done
<sarnold> that'll show you all the memory mappings for thse processes, including the libraries and executable that make up the process
<apb1963_> sarnold: I'll do that now.. however I was doing this in the meantime: qdbusviewer: could not exec '/usr/lib/x86_64-linux-gnu/qt4/bin/qdbusviewer': No such file or directory
<apb1963_> sarnold: ok, looks like I'm good to go... the two dbus-daemons I checked both had x64 so...
<sarnold> good good :) nothing surprising yet then
<apb1963_> sarnold: here goes nothing...
<apb1963_> yet?
<apb1963_> yet?
<sarnold> hehe
<sarnold> sorry
<apb1963_> lol  you really know how to make a guy paranoid don't  ya
<sarnold> that's the job title
<apb1963_> jeez
<sarnold> .. when a computer I ordered dissapeared from the freight company's tracking for four days, _this_ was my first thought: http://arstechnica.com/tech-policy/2014/05/photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/
<apb1963_> sarnold: Here's the final list with all the fluff stripped away: http://paste.ubuntu.com/23091794/
<apb1963_> sarnold: wow.
<sarnold> apb1963_: actually while we're looking at things, check /proc/*/exe for /usr/local/   links.
<apb1963_> sarnold: http://paste.ubuntu.com/23091803/
<sarnold> interesting, what are all these /usr/local/bin/kcmshell4 mentions?
<sarnold> what does file report on that file?
<apb1963_> sarnold: /usr/local/bin/kcmshell4: ERROR: cannot open `/usr/local/bin/kcmshell4' (No such file or directory)
<sarnold> apb1963_: hmm. odd. I wonder why it was mentioned so much in the /proc/ info..
<apb1963_> no clue
<apb1963_> other than.... we deleted it already
<apb1963_> and as you mentioned before.. no matter how insanely important a file is... etc.
<apb1963_> sarnold: *cough*  kde-runtime: /usr/bin/kcmshell4
<apb1963_> sarnold: I use KDE
<apb1963_> oh but.. that's usr local
<apb1963_> hmmmmmmmmmmmm
<apb1963_>  /usr/bin/kcmshell4: ELF 64
<apb1963_>  /usr/local/bin/gnome-control-center: ERROR: cannot open `/usr/local/bin/gnome-control-center' (No such file or directory)
<apb1963_> what an odd duck
<apb1963_> sarnold: Any final thoughts?
<sarnold> apb1963_: "I sure hope you haven't been running /usr/local/ tools for two years"
<apb1963_> lol
<apb1963_> ummm
<apb1963_> why not?
<apb1963_> it doesn't make sense... I reboot everytime I crash so... those tools would have had to have been there within just days of today
<sarnold> apb1963_: .. we've released ~1000 security updates in two years :)
<apb1963_> and I don't know what kde would be doing over in usr/local anyway
<apb1963_> if apt-get is working, then I should have them.
<apb1963_> I have a nightly cron job that runs apt-get update... and I apt-get upgrade whenever it nags me.
<apb1963_> the only thing I've let sit awhile is aptik and phpmyadmin because the first time I upgrade phpmyadmin it hosed my DB
<apb1963_> sarnold: anyway...  ready or not.. here comes the purge.... unless you have any final, final thoughts.  lol
<sarnold> final final tohughts... "I sure hope that phpmyadmin is firewalled heavily" http://people.canonical.com/~ubuntu-security/cve/pkg/phpmyadmin.html
<apb1963_> sarnold: here's one thing:  gnome-control-center: /usr/share/gnome-control-center
<apb1963_> sarnold: not sure where the binary is
<sarnold> $ dpkg -L gnome-control-center | grep bin/
<sarnold> /usr/bin/gnome-control-center
<apb1963_> sarnold: or if I should even have it considering I'm using KDE
<apb1963_> dpkg-query: package 'gnome-control-center' is not installed
<apb1963_> sarnold: ok.    The purge begins....
<apb1963_> sarnold: ok... the purge has ended
<sarnold> apb1963_: now your dpkg -l looks nice and shiny again? :)
<apb1963_> interesting... somehow I missed a few
<apb1963_> for some reason.. they don't show up in my script
<apb1963_> this for example: libxv1:i386
<apb1963_> weird..... I don't see any reason it shouldn't show up
<apb1963_> now I see why
<apb1963_> it's matching on ii ... it needs to also match on rc
<apb1963_> wait no that doesn't make sense
<apb1963_> I need a break :/
<apb1963_> sarnold: thanks for your help man, you've been a scholar and a gent!  I think I'll pick this up tomorrow... I'm yawning my head off here.
<sarnold> apb1963_: have a good night
<apb1963_> sarnold: thx.. g'night
<sarnold> apb1963_: oh yeah..
 * apb1963_ checks out
<sarnold> apb1963_: for tomorrow: "apt-get install build-essential libncurses-dev libz-dev libssl-dev libxml2-dev libsqlite3-dev uuid-dev uuid"
<sarnold> apb1963_: .. try that and _only_ that before fiddling with asterix :)
<sarnold> asterisk?dunno
<sikun> I hate this country more and more
<sikun> .... anyone read on the insane price hike on epi pens?
<sikun> looks like I'm not going to be able to get my epi pens anymore
<sikun> and that was all said in the wrong channel, but eh
<punkgeek> im going to install openstack on ubutnu 16.04 but i have this error
<punkgeek> $ conjure-up openstack
<punkgeek> [warning] Unable to get Juju Version
<stokachu> punkgeek_: what does juju version tell you
<punkgeek_> 2.0-beta15-xenial-amd64
<coreycb> beisner, hello, can you promote qemu 1:2.3+dfsg-5ubuntu9.4~cloud2 to liberty-proposed and qemu 1:2.2+dfsg-5expubuntu9.7~cloud7 to kilo-proposed?
<beisner> hi coreycb - ok, qemu promoted to proposed in uca for liberty and kilo
<coreycb> beisner, thx
<beisner> coreycb, yw
<coreycb> beisner, sorry one more, qemu 2.0.0+dfsg-2ubuntu1.27~cloud0 to trusty-proposed please
<coreycb> beisner, actually can you do a clean sweep of everything that's in trusty-staging to trusty-proposed?
<beisner> coreycb, icehouse?
<coreycb> beisner, sorry, yeah icehouse-*
<beisner> coreycb, ok these staging pkgs promoted to proposed in icehouse uca: http://pastebin.ubuntu.com/23093418/
<linuxperia> Hi All. I have this working and not working apache mod rewrite rule here => http://apaste.info/ULt What i am trying to do is redirect the test Browser always to test-index.html. If the User agent of the Browser is not "Test-Browser" then check if robots.txt was called if not redirect it to / otherwise pass it. For some strange reason the rules does not work as expected. can somebody tell me...
<linuxperia> ...what i am doing wrong and help me to fix it? Thanks a lot in advance for every helpful tip and solution!
<RoyK> linuxperia: no idea, really, but I guess it'd be easier to do such logic in varnish
<linuxperia> RoyK: hmm never heard about varnish. thanks still for the tip. in case nobody else can help me i will take a look at it.
<RoyK> linuxperia: varnish a proxy cache thing for reverse caching web servers - it's brilliant
<linuxperia> ahh interessting. yeah this could be a  possibility altough i would prefer the direct apache config approach.
<RoyK> sure - I just don't know how to do that ;)
<RoyK> looks doable, though
 * RoyK reads http://httpd.apache.org/docs/current/mod/mod_rewrite.html
<linuxperia> yeah this mod rewrite thing is not easy for a beginner. i am able to do single rewrites and redirects but not multiple cascading rewrites and checks till yet but will figure it out.
<apb1963_> sarnold: You awake?
<apb1963_> sarnold: OK, when you wake up... have a look see please.  http://paste.ubuntu.com/23094269/
<sarnold> hey apb1963_ :)
<sarnold> apb1963_: having the packages installed for a -good reason- is fine. :)
<sarnold> apb1963_: though it must be a bit deflating to have cleaned so much yesterday
<rabbitdew> if I run df -h on a bunch of identical servers, should I always get identical output. Or is it sometimes just...in  a different order?
<apb1963_> sarnold: yes... but what I wanted you to look at was not so much i386 files as much as what it ended up doing on the apt-get you mentioned I should do first.  Did you look at the link?
<sarnold> apb1963_: yes, that looked fine. You already had all those packages installed. No big deal. No gigantic disaster even though that's what their script did next.. :)
<apb1963_> you saw the notes?
<sarnold> apb1963_: so now try building the asterisk thing and when you have problems building the plugins, apt-get install only the -dev packages that were missing....
<apb1963_> ok
<sarnold> apb1963_: hmm. I don't recall "notes" -- it looked short, and mostly output from apt-get, no?
<apb1963_> yes
<apb1963_> but apt-get had notes in its output.  Possibly important.. possibly not.  That's the question.
<sarnold> apb1963_: ah, right
<sarnold> apb1963_: that was just a nice convenience :)
<apb1963_> Note, selecting 'libncurses5-dev' instead of 'libncurses-dev'
<apb1963_> Note, selecting 'zlib1g-dev' instead of 'libz-dev'
<apb1963_> those guys
<sarnold> I'm surprised about that, I didn't know apt had that kind of feature. Neat.
<apb1963_> I'm not really sure what that feature has done.
<apb1963_> Or rather.. why it's done it.
<sarnold> I'm stunned, how old is that script that those old package names were the right choices? the new names feel like they've been the names forver...
<sarnold> anyway, feel free to move on to the real task at hand :)
<apb1963_> no idea
<sarnold> lunch time for me!
<sarnold> :D
<apb1963_> ok, enjoy.  Thank you again!
<arooni>  is there a way i can set something up on my web server so i can have an email at myname@mydomain.com; i don't want a fully fledged email server; just something that gets forwarded to my gmail account.`
<arooni> running ubuntu 14.04 if that matters
<genii> sendmail with a dot-forward file
<arooni> is that difficult to set up
<arooni> or pretty easy
<arooni> and when i actually send mail
<arooni> can i send it through gmail but as username@mydomain.com ?
<patdk-lp> you cannot send through gmail using your own domain
<patdk-lp> unless you configure gmail to own your domain
<patdk-lp> you should NEVER forward emails
<genii> arooni: You can have incoming mail which arrives at your domain forwarded to gmail. But otherwise as patdk-lp says.
<patdk-lp> you will get spam, you will then forward that spam, and gmail will mark your server as the source of the spam, and none of your emails will be forwarded then
<arooni> ahhhh
<arooni> good call
<arooni> sounds like i should let zoho office suite handle my email; i think they're still free
<patdk-lp> you can have gmail configured to do email pickup from your server though
<patdk-lp> think they still support that atleast, using pop3
<arooni> so i can avoid the forwarding spam issue
<arooni> but with that approach could i still send/receive email from @domain.com in my gmial?
<patdk-lp> ising the pickup, yes
<patdk-lp> well, you cannot use your domain with gmail
<patdk-lp> unless you configure it with google apps
<patdk-lp> don't they charge for that?
<arooni> amazing; i can still get zoho email hosting for free ; https://www.zoho.com/mail/zohomail-pricing.html
<arooni> it used to be free; but i screwed up and lost my grandfathered' account for google apps for this particular domain
<genii> You can add email accounts to gmail which you own, and send from it as that email account. They verify with an email to that account
<somethingdope> Ok I'm dumb.  I'm trying to set up open media vault over wifi and failing
<somethingdope> fixed it cause I'm a genious
<Polarcraft> So I am looking to run a mail server that will allow me to put email accounts in with ease of use, even if it is a simple panel to do so. So the question is what type of email server should I run?
<lunaphyte> the words "easy" and "email" do not belong together in the same sentence
<sarnold> sad but true :(
<patdk-lap> if normally easy == low/no maintenance, that just won't happen
<patdk-lap> s/if/and/
<Polarcraft> Let me rephrase that statement, I want to run my own mail server that way I can get rid of an unused shared hosting. I don't mind having to do maintenance I just want a way to add emails easier than 10 commands.
<lunaphyte> what is "add emails"?
<patdk-lap> create new mail accounts
<sarnold> modern antispam is miserable; I'd suggest taking a good long look at letting google domain hosting things deal with it all for you.
<lunaphyte> i don't agree that modern antispam is miserable
<patdk-lap> hmm, I think icaan has slowed down with the new tld's finally
<lunaphyte> it is, however, far from trivial
<patdk-lap> well, it's miserable, to learn what is involved to set it up, when one hasn't been doing it :)
<lunaphyte> it takes a LOT of work, and requires experience.  particularly in this area, enthusiasm isn't an adequate substitute
<lunaphyte> heh.  yeah, that is true
<Polarcraft> sarnold, I don't want to use gmail, as I need the emails to work with other applications.
<lunaphyte> what does "work with other applications" actually mean?
<Polarcraft> Meaning that it works with Apple's Iphone email application, and works with android email applications.
<lunaphyte> gmail works with all of those programs
<nacc> gmail addresses don't work with iphone applications?
<nacc> that seems unlikely at best
<Polarcraft> gmail does not work with all of those programs, you can only use their official application on apple. I already tried gmail.
<lunaphyte> heh.  that's flase.
<lunaphyte> *false
<patdk-lap> what is *offical* application?
<patdk-lap> last I knew, gmail supports imap
<lunaphyte> gmail works perfectly fine with any traditional imap/submission mua.
<patdk-lap> atleast I use imap to access my gmail accounts
<Polarcraft> As I said I don't want to use gmail at all.
<nacc> Polarcraft: but your reason for doing that isn't a reason, afaict
<nacc> Polarcraft: i mean, just say "i don't want to use gmail"
<Polarcraft> Which is what I said. I don't want to use any mail service like gmail or such.
<lunaphyte> not wanting to use gmail is fine.   saying it's because it "doesn't work", when in fact it does indeed work just fine, just confuses the people form whom you seek advice/support... ;)
 * nacc returns to merging squid ...
<lunaphyte> in any case, if you want to run your own mail server, go for it.  all we're doing is offering insight as to what you should expect
<Polarcraft> Well for one gmail limits the outgoing emails, that I know of. I might have confused people yes, that I am not trying to. I do know that a self ran mail server will be a lot of work, but I want to see how it will go as far as adding new email addresses and such.
<sarnold> alright; here's a nice reading list then :) http://www.dkim.org/ https://en.wikipedia.org/wiki/Sender_Policy_Framework
<sarnold> http://www.postfix.org/OVERVIEW.html
<sarnold> http://www.dovecot.org/documentation.html
<sarnold> https://doc.powerdns.com/md/recursor/
<sarnold> https://www.clamav.net/documents/installing-clamav
<sarnold> http://spamassassin.apache.org/doc.html
<patdk-lap> spf, dkim, dmarc, dane, ...
<sarnold> I've also heard good things about http://www.zentyal.org/ and https://www.open-xchange.com/
<lunaphyte> step one would be to decide if you'd like to use some "magic box" software, or a modular arrangement where you decide what actual software you want to use, and manage it s you desire.
<lunaphyte> were your preference to be the former, the only project i'd even come close to consider being responsible would probably be iredmail
<lunaphyte> were it to be the latter, i would recommend postfix and dovecot as the central components.
<Polarcraft> Well I didn't see this article until now, but for the most part this should work correct? https://help.ubuntu.com/community/MailServer
<sarnold> it's hit or miss, some o that documentation is ten years old..
#ubuntu-server 2016-08-27
<patdk-lap> and most of it is, how to make a mailserver, not how to make it work well, keep out spam, and have all the goodness one normally wants
<patdk-lap> but then all that stuff is mostly subject to ones needs and desires, and time
<alnr> hi all. anyone on xenial have applied latest openssl version against oracle padding issue? I have applied latest and still get an F rating at ssllabs.com.
<sarnold> alnr: to be clear, did you just apt-get install the openssl package specifically? or an apt-get upgrade to get all the packages?
<sarnold> alnr: have you restarted the process in question to make sure it gets the new library?
<alnr> i did apt install openssl after doing apt update. and did restart nginx after that
<sarnold> did it include the libssl1.0.0 package in the process?
<alnr> i didnt notice. but i also did an --update-only for libssl1.0.0 as well
<alnr> test
<sarnold> alnr: what does this get you? dpkg -l '*ssl*' | awk '/ii/ {print $2 "\t" $3}'
<sarnold> alnr: what does this get you? dpkg -l '*ssl*' | awk '/ii/ {print $2 "\t" $3}'
<alnr> libssl1.0.0:amd64 1.0.2g-1ubuntu2 and openssl 1.0.2g-1ubuntu4.1
<alnr> i noticed that /usr/share/doc/libssl1.0.0/changelog.Debian.gz is not mentioning the patch at all
<sarnold> alnr: aha; apt-get install libssl1.0.0 and restart your webserver
<alnr> thanks sarnold . i am upgraded to a "B", much better
<sarnold> alnr: yay :)
<RoyK> !oracle
<alnr> i am checking but i think the ubuntu advisory only instructs to apt install openssl, as opposed to libssl1.0.0
<sarnold> alnr: the updates are tested with apt-get update && apt-get upgrade --- that's the recommended way to install updates
<woodrag> I have installed a 16.04.1 Ubuntu Server on an openstack platform with Apache2 and i am trying to run roundcube which is a PHP webapplication. When visiting the main page of roundcube on this new server, i see PHP code instead of the roundcube application. Somehow the PHP is not executed but printed. What am i doing wrong??
<explore> Hi, Iâd love to use Ubuntu Server for a WordPress + WooCommerce site. Should I stick with something like a droplet from Digital Ocean or perhaps I should try my luck with running my own server and following a decent hardening how-to guide?
<explore> What would you suggest? Thanks ahead of time for any advice.
<sarnold> woodrag: did you go for an fpm or a mod_php install?
<sarnold> explore: I suspect DO has far more bandwidth than you do, no?
<woodrag> fpm
<woodrag> ??
<sarnold> that runs php in a stand-alone daemon rather than in the web browser process
<woodrag> mod_php
<woodrag> apache2....
<explore> I guess what I am asking is that is a droplet from Digital Ocean a pre-hardened virtual host? Do they do all the kernel updates?
<explore> Or is it entirely my responsibility?
<sarnold> entirely your responsibility
<explore> sarnold: ah
<explore> hmmm
<sarnold> the unattended-upgrades package may help in that case
<sarnold> it won't restart services
<sarnold> or reboot with new kernels
<sarnold> but it may help
<explore> sarnold: thank you
<woodrag> sarnold: i am trying tu setuo mod_php 7 into apache2 on ubuntu server 16.04.1 but somehow i keep seeing code instead of he results of the executed code....;-(
<sarnold> woodrag: I think that usually means mime-types are incorrect or something -- justto be sure, are you perhaps following a guide for a 12.04 or 14.04 ubuntu instead of a 16.04?
<woodrag> sarnold: shouldn't php7 be running on this new distri out of the box???
<sarnold> woodrag: if it's installed, yes
<woodrag> i installed int using apitude
<woodrag> which i use for all installs....
<woodrag> but i never install php.... i use perl ;-)
<woodrag> i have installed php-7 on ubuntu 16.04.01 but i see the php-code instead of the results of the executeion of the code..... ;-(
<sarnold> woodrag: still? bummer. okay, check the apache logs?
<woodrag> sarnold: no special messages in the logs
<woodrag> sarnold: just a 200 ok in the acces.log and not errors in error.log
<woodrag> sarnold: any hints??
<woodrag> This shouldn't be hard right??
<sarnold> woodrag: indeed I'd expect it to be straightforward but I've never used php
<woodrag> me needer.... this is why ;-(
<FManTropyx> my /usr/games directory is empty
<bekks> So install games.
<FManTropyx> can I install backgammon?
<RoyK> on a server?
<FManTropyx> I loved playing backgammon on OpenBSD :)
<sarnold> FManTropyx: the bsdgames package claims to have backgammon
<explore>  FManTropyx thereâs a really good tank game
<explore> BZtank or something
<sarnold> bzflag?
<explore> something like that yes
<explore> can Ubuntu Server run X?
<sarnold> sure, apt-get install whatever you want
<explore> oh
<sarnold> the "server" systems just come pre-configured with package selections more aligned to the usual roles -- it's all the same sofware as the desktop, though, so you can still do whatever you want with the things
<sarnold> so e.g. networkmanager doesn't get in the way, or X chew up a few hundred megabytes of RAM you'd rather use for something else :)
<explore> very nice
<FManTropyx> sarnold: awesome, thank you! :D (Last updated on Friday, October 10, 1997.)
<FManTropyx> that's the good old backgammon game ;)
 * sarnold . . o o O O ("oh hey, 1997, it's even pretty new")
<sarnold> yes kids, 1997 feels like it's just three years ago...
<explore> wow 19 year old code
<explore> itâs like fermented tofu
<RoyK> explore: make that KÃ¦stur hÃ¡karl ;)
<sarnold> nope nope nope nope NOPENOPENOPENOPENOPENOPENOPENOPE
<explore> RoyK: fermented tofu is not that pungent
<explore> RoyK: you know what though, in my neck of the woods they managed to figure out how to eat shark meat in a pretty normal way
<explore> they render the shark meat to paste and make fish balls
<explore> taste okay
<explore> should be available from Hong Kong, China to Japan
<explore> most fisherpeople would throw shark back in the water
<RoyK> hÃ¡karl isn't so bad, really, if you just starve for a week or three first and have some good brennivÃ­n with it ;)
<explore> RoyK: i would be so happy if i have the good fortune to visit Northern Europe
<explore> and try all these delightful and crazy food
<RoyK> explore: you won't find hÃ¡karl outside of Iceland, beleive me :)
<explore> RoyK: so is it just tradition or do people get addicted to these food?
<RoyK> but you can find surstrÃ¶mming in Sweden, as a good alternative
<explore> like, really addicted, canât live without it sort
<RoyK> just tradition
<explore> ah
<explore> bbiab
<rangergord> Hi
<RoyK> ho
<rangergord> I don't know how on-topic this is, hope it's OK. I have a VM with Ubuntu Server 16.04.1, and a VM with Ubuntu MATE 16.04.1. I assumed they'd be identical except for default packages installed, but apparently not. On both machines, I apt installed postgresql, and I got a systemd service, which is currently running according to "systemctl list-units". However, on server, systemd-cgtop
<rangergord> shows resource usage for the postgres service/cgroup, but on desktop/mate, there's nothing. In fact, the desktop's systemd-cgtop only has init.scope, user.slice, and system.slice.
<rangergord> I guess I'm trying to understand why server has that additional info
<rangergord> if I want a setup identical to server, but with a GUI, should I just install server and apt-get a desktop environment?
<RoyK> probably
<RoyK> but then - why a gui?
<RoyK> apt-get install ubuntu-desktop should work (if you really need that)
<rangergord> RoyK: I'm writing a webapp that would run a server, and I figured it would be simpler if my dev machine was identical.
<rangergord> *run on server
<rangergord> I would've liked to know why that difference was there, though
<RoyK> ic
<RoyK> rangergord: I'd recommend a VM similar to the server and keep the desktop/X things on the desktop
<rangergord> so, what I have now? But there are annoying differences like missing info from systemd-cgtop
<RoyK> rangergord: is the production machine a physical one?
<GLaDER> I'm considering moving from FreeNAS to Ubuntu-Server. Anyone with a similar experienc?
<rangergord> RoyK: yeah, I'm just playing around with Virtualbox cause I'm on a laptop
<bekks> GLaDER: And whats your specific question?
<rangergord> GLaDER: not the same thing at all. If it's for a NAS, stay with FreeNAS
<RoyK> GLaDER: iirc freenas uses zfs, so you should be able to import the zpool with zfsonlinux
<RoyK> rangergord: depends what you want - freenas is rather hard to use to anything but NAS/SAN things - perhaps (s)he wants to put a web server or some VMs on the box...
<GLaDER> I do use it as a NAS, but I am having repetetive issues with FreeNAS' inability to handle its plugins well. Considering moving my pool (RoyK, doesn't Ubuntu-Server support ZFS out of the gate?) to get away from that.
<GLaDER> bekks: My specific question would be "Can I move my ZFS Pool to ubuntu-server from FreeNAS w/o issues?"
<RoyK> GLaDER: ah - I forgot which channel I was in - yes - ZFS is supported in 16.04
<bekks> GLaDER: I'd not bet on that, most important thing are the zpool versions supported.
<GLaDER> bekks: Okay, is there an easy way to check that?
<GLaDER> (If you only have a hard way, that's fine too.)
<bekks> GLaDER: which zpool version do you have on your freenas?
<bekks> And maybe you want to ask in #zfsonlinux, too
<RoyK> bekks: freenas is based on openzfs, so it should be the same thing
<bekks> RoyK: thats what could be confirmed by ryao in #zfsonlinux, e.g.
<RoyK> GLaDER: pastebin "zpool upgrade -v"
<GLaDER> Will look into it.
<GLaDER> http://pastebin.com/4kBMumMK
<GLaDER> RoyK: ^
<RoyK> GLaDER: seems my debian install with zfs 0.6.5.7-8-jessie supports more than that (with zfs from http://zfsonlinux.org/)
<GLaDER> RoyK: is that an issue?
<RoyK> not at all
<GLaDER> I.e. moving to something "better" shouldn't cause issues - aight?
<RoyK> the other way would be an issue
<GLaDER> (Y)
<GLaDER> Is it as simple as pulling out the drives and then import them in ubuntu?
<RoyK> so if you import the pool on something newer, you may choose to upgrade the pool and add feature flags, but then, you can't go back
<RoyK> preferably export the pool first - it's the preferred way
<explore> Roy you are in iceland?
<explore> I am asking because you said something about a shark dish.
<explore> You said itâs not available in Europe, but something similar is in Europe.
<explore> Nevermind I am not probing where you are from, donât worry.
<explore> We can talk shark in #cooking lol.
<explore> Or is that ##cooking?
<RoyK> explore: no, but I've studied the language a bit and I've been there four or five times
<RoyK> four
<explore> RoyK: oh wow, thatâs really fantastic :-)
<RoyK> explore: Icelanders have this other dish, KÃ¦st skata (lit. rotten stingray) which is about the same (in .is and .fo), but unlikehÃ¡karl, whiich is eaten cold, skata is cooked, usually outside at christmas time, with portable gas things, to avoid the stink sticking to the walls. I'm not kidding ;)
<RoyK> s/unlikehÃ¡karl/unlike hÃ¡karl/
<explore> Iceland must lack in things like sugar, salt, vinegar, everything.
<explore> Maybe thatâs why they treasure those naturally pungent dishes?
<RoyK> not in modern food
<RoyK> in 'traditional' food like Ã¾orramatur (as above) it's rather salty and dried or fermented fish and meat
<explore> Oh okay at least they have salty to go on.
<RoyK> explore: where're you from?
<explore> I am Taiwanese.
<explore> From the island.
<RoyK> explore: perhaps we could continue this in #ubuntu-offtopic - it's not really ubuntu talk ;)
<explore> The closest we have, in asia, to Iceland is probably Hokkaido.
<explore> RoyK: yeah this is logged and stuff.
<explore> And off topic.
<explore> If not Hokkaido then Sakhalin.
<Antipsychiatry> Hi
<somethingdope> How do I tell If I had an intruder in my server change something?
<somethingdope> should I just wipe everything to be safe?
<bekks> somethingdope: By commparing the compromised system with your last known not-compromised backup.
<bekks> *comparing even
<somethingdope> bekks, Yeah, I don't have any of those
<somethingdope> bekks, I set it up yesterday
<bekks> Then your data isnt valuable enough to be kept. Reinstall that server.
<somethingdope> bekks, k, Its an Open media vault server, I set the main box up and gave it access to wifi
<somethingdope> bekks, then I let it alone for a few hours and then tried to log in to the web gui and the default credentials that worked initially no longer worked
<somethingdope> bekks, I dunno if I'm dumb or paranoid
<bekks> How is openmediavault related to Ubuntu?
<somethingdope> bekks, Its built on debian and this is the most alive server related irc I know
<bekks> So it is totally unrelated to Ubuntu.
<bekks> Please proceed to the openmediavault community then. :)
<somethingdope> bekks, dead irc, plus 90% of the cli side of server admin should be the same I imagine
<bekks> Still doesnt make it ontopic in here.
<somethingdope> its not like I'm interrupting a bustling conversation
<lunaphyte> heh
<lunaphyte> that's not how irc works.  please be courteous.  anyone here who is interested in discussing open media vault will laos be in the open media vault channel, if there is one.
<bekks> And your issue was already answered: 0827 222133 < bekks> Then your data isnt valuable enough to be kept. Reinstall that server.
<lunaphyte> *also
<somethingdope> bekks, yeah I got the information I needed, which is that I need to make backups of my backup server somewhere and compare it intermitently,
<bekks> somethingdope: The basic information given was: "Reinstall that server."
<somethingdope> I was mostly looking for a command to check the last time a user accessed the system
<somethingdope> bekks, which I do plan to do, I'm concerned about the future of this system
<bekks> somethingdope: Ask the openmediavault community, we dont know anything about their systems and their commands.
<somethingdope> bekks, I will, but again, its just debian
<bekks> And again, no on in here supports something else rather than Ubuntu, in here.
<bekks> If you feel like you need support for another system, please proceed to the appropriate support community.
<bekks> *no one
<banditti> Hello all.  I did do-release-upgrade from 14 to 16.04 and now things don't work.  For example, I can't ssh to the box now.  Thoughts?
<bekks> Check wether the ssh server is running.
<banditti> i uninstalled and reinstalled openssh-server.  seemed to do the trick
<bekks> Starting it would have been sufficient.
<banditti> it said it was.  I restarted it too, no issues
<sikun> anyone utilizing an HP p410 RAID controller in anything?
<bekks> I bet people do.
<bekks> But whats your specific question?
<sikun> how well is it supported
<sikun> win 2k12 r2 performance is terrible
<sikun> ESXi 6.0 it is terrible
<bekks> Then you are doiung things wrong, the P410 works fine with Windows and ESX.
<sikun> so far... it's taken nearly 30 minutes to install ubuntu server on esxi
<sikun> not quite sure what I could be possibly doing wrong
<bekks> Too less resources for the Ubuntu VM.
<bekks> Wrong ESX configuration.
<sikun> 4GB RAM & 8 vCPUs
<sikun> configuration is fine
<bekks> And how many cores does the host have?
<sikun> 24 logical
<bekks> And how many are in use already by other vms?
<sikun> none
<sikun> first VM
<bekks> At least one is in use for the hypervisor.
<sikun> obviously
<sikun> you asked VMs not overall.
<bekks> I'd doublecheck the ESX config and the system config before assuming the raid controller isnt running fine.
<sikun> I had to replace the controller, it was a p410i before but I must not have noticed this was just a 410
<sikun> the previous one could easily write at speeds up to 900mb/s
<bekks> Depending on the raid setup.
<sikun> raid 5
<bekks> And the 410i is just the onboard variant of the 410.
<sikun> no, the onbard is the b210i
<sikun> at least on this server
<bekks> And how many disks of which type and speed do you have in your R5?
<bekks> So its a blade?
<sikun> 4x 2TB WD Blacks
<sikun> no it is a 1u
<tomreyn> which server model?
<bekks> four disks in a raid 5 arent suppossed to be very fast.
<tomreyn> + generation
<bekks> and the 2TB arent fast disks,
<sikun> much faster than what I'm seeing now
<sikun> than it used to be I mean
<bekks> Which server model and generation is that?
<sikun> 380 g6 I think, I can't recall of the top of my head
<bekks> Ouch. Horrible old crap.
<tomreyn> g6, wow
<sikun> old still works fine, well did.
<sikun> yeah, I'm only seeing 10mb/s write speeds
<sikun> ugh.. I'm gonna run back into the data center and see what the hell is going on. Maybe swap the controller back to the old one and put the new ram in it.
<bekks> Or maybe get a new server :)
<tomreyn> i never worked with g6, but doesn't the ilo hint at the raid's health? if so, check it first.
<sikun> we are now just phasing out the Pentium 4 servers
<sikun> just now...
<bekks> I bet support for that thing is more expensive than a new server.
<sikun> warranty is long over
<sikun> hasn't had any hardware problems
<sikun> until now2
<sikun> brb
<tarpman> sikun: check the battery on the raid controller, they do eventually die
<sikun> I did get a new one of those as well
<sikun> the old one was bulging
<tarpman> if you just put it in - the initial charge does take 24-48 hours IIRC, and then you may even need a cold boot to get it actually activated - memory is fuzzy on that part
<tomreyn> you could also just do software raid
<sikun> yeah
<sikun> I think I'm going to pull the controller out
<tomreyn> that would allow for raid6 without the need to buy a license
<sikun> and either use on board which is the b210i
<sikun> or disable the raid controller alltogether
<tomreyn> and no need to use crappy tools to manage and debug a proprietary raid.
<tomreyn> using the separate controller can make sense, though, since they often have better specs than the onboard ones, or can support sas while onboard just do sata. i haven't checked this specific models' specifications, though.
<sikun> onboard can do sas
<sikun> yeah, vmware doesn't have hardware acceleration support for the 410
<jbicha> coreycb: python-event 0.19.0-2 (from exp.) looks buildable on yakkety if you want to sync it
<geek22> $ conjure-up openstack      [warning] Unable to get Juju Version  what  should i do?
#ubuntu-server 2016-08-28
<jayjo> is there a way to read a specific line of a file? I want to only look at line 8526
<sikun> ugh.. all that much trouble over a very simple/stupid mistake
<antipsychiatry> Hi
<PCdude> I am having difficulty with installing openstack on ubuntu , when the installer uses JUJU to bootstrap a node it stops and crashes
<PCdude> anyone here to help?
<fklinguista> Hello everyone!
<fklinguista> I'm new to the Ubuntu server scene and I'm trying to make a personal file server in my apartment, here in Thailand.
<fklinguista> The server is up and running nicely with webmin and I'm able to ssh when connected directly through a LAN cable
<fklinguista> ... from my laptop to the server, that is
<fklinguista> But there's one issue.
<fklinguista> In most Thai apartments, there is no wired connection available, only wireless
<fklinguista> and while I fiddled for an hour with the cmd line, I got my server to recognize a wireless adapter and connect to the ESSID
<fklinguista> and then used curl to bypass the login screen
<fklinguista> however, when I tried to ping from the device to 8.8.8.8, for example, I still got "Host Unreachable"
<fklinguista> I'm also unable to connect to the device through the IP address assigned to it by the server.
<fklinguista> **by the apartment complex router
<ikonia> froike: sadly webmin is not something we suport
<ikonia> oops
<sikun> ugh.. webmin
<fklinguista> Hello, is anyone online now?
<PCdude> yes, I am here also waiting for help
<PCdude> what does ur /etc/network/interfaces file says?
<PCdude> u configured the gateway?
<fklinguista> I think the gateway configuration is the problem
<fklinguista> So, I did a little bit of troubleshooting
<fklinguista> I can ping my apartment's gateway from the server
<fklinguista> But I can't ping the IP assigned to the server from the apartment router
<fklinguista> Here's the output of /etc/network/interfaces
<fklinguista> # The loopback network interface
<fklinguista> auto lo
<fklinguista> iface lo inet loopback
<fklinguista> # The primary network interface
<fklinguista> auto enp2s0
<fklinguista> iface enp2s0 inet dhcp
<fklinguista> #Edit to see if wifi can connect
<fklinguista> auto wlxc412f52e9c14
<fklinguista> iface wlxc412f52e9c14 inet dhcp
<fklinguista> wireless-essid   SSK-FLoor5-1
<fklinguista> wireless-channel 1
<fklinguista> wireless-mode    managed
<fklinguista> I set up the last bit to allow my wireless device to connect to my apartment's network automatically
<PCdude> I think its a firewall problem
<PCdude> since the ping from the router to the server does not succeed
<PCdude> probably ur server is blocking these and will not respond to them
<PCdude> which can be a security measurement on servers sometimes
<PCdude> what u can try is disable ur firewall and see if things start to work again
<fklinguista> Hmm
<PCdude> if that is the case, then u can try to tweak ur firewall so it works like u need to
<fklinguista> Yeah, I just pinged the gateway from my router and it works
<PCdude> can u ping the server from a different device?
<fklinguista> Oh sorry, I meant pinged the gateway from my server
<fklinguista> I can ping the server's local IP (I'm connected via SSH through a LAN cable)
<fklinguista> But I can't ping the DHCP IP that my router assigned it
<fklinguista> from any device
<fklinguista> I also put up a test index.html file, which I cannot view by entering the IP assigned by the router
<PCdude> uhm, I am not following u there
<PCdude> the server has 2 IP addresses?
<fklinguista> Well, in order to manage my server, after I installed it (I borrowed a monitor to do it), I connected it to my laptop via SSH to configure it
<fklinguista> so, if I were to run ifconfig, it has 1 IP address under the ethernet connection (to my laptop)
<fklinguista> and another IP under the wireless connection (to the server)
<fklinguista> **router
<fklinguista> So, I can access the server from my laptop through the ethernet address assigned to it
<fklinguista> but I cannot access the server from any device connected to my apartment's router even though the device is also connected to the router
<fklinguista> Does that make sense?
<PCdude> ah ok, I get it
<PCdude> yes it does
<fklinguista> So, I guess the easier question is...
<fklinguista> Is it my apartment's router that's blocking me from connecting to my server through the IP assigned to it?
<fklinguista> Because if so, then all hope is lost.  Lol
<PCdude> no, definitely not
<PCdude> ur router can function as a DHCP server
<PCdude> and thats all he does
<PCdude> he gives ur server an IP and thats it
<PCdude> there is no control of who tries to access the servers IP directly
<PCdude> the router has no control over that
<fklinguista> hmm
<PCdude> if u go through the router to the internet then the router can have affect on it
<PCdude> but u are capable of pinging the routers IP with ur server from the wireless connection?
<fklinguista> Yes
<fklinguista> I ran ping -I wlxc412f52e9c14 192.168.2.254
<fklinguista> the wl... is the dev ID
<fklinguista> and the 192... is the gateway
<PCdude> can u ping outside of ur LAN, e.g. can u ping 8.8.8.8 or ping google.com
<PCdude> ?
<PCdude> with the server
<fklinguista> Host Unreachable
<PCdude> with both the 8.8.8.8 and google.com?
<fklinguista> Well, that's because Thailand has a stupid login system
<fklinguista> I could log in and it would work
<fklinguista> But it would knock me off of my internet here
<fklinguista> Kind of like how coffee shops only allow connection with a log in
<fklinguista> but trust me, it works if I log in
<PCdude> I am not from thailand, so I have no clue on helping u with that :)
<PCdude> but u have to log in with ur router?
<fklinguista> Yes
<fklinguista> I use curl for that purpose
<fklinguista> just curl and send the login information to the .php page
<PCdude> and why are u not logged in? maybe a stupid question
<fklinguista> If I log in on the server, I wouldn't be able to chat here
<fklinguista> haha
<fklinguista> I could do it quickly and then come back
<fklinguista> Let's see... brb
<fklinguista> Okay
<fklinguista> I just logged in and back out
<fklinguista> pinging google works
<fklinguista> I could ping google after I logged in
<PCdude> so ur router is normally logged in?
<fklinguista> I used ping -I wlxc412f52e9c14 8.8.8.8
<fklinguista> to make sure it was pinging from the wireless and not the shared ethernet
<fklinguista> Yes
<fklinguista> But, to clarify, it's not my router, so I can't control any of it
<PCdude> ah ok, but u have internet access on multiple devices?
<PCdude> its like u can only have internet on one device at a time?
<PCdude> *not
<fklinguista> Yes
<fklinguista> that's correct
<fklinguista> but I still thought I'd be able to connect to my server, even if I don't have www access
<fklinguista> because all of my devices are on the same router
<PCdude> that is correct
<fklinguista> Yeah, so let me clarify...  I can connect to the router with multiple devices
<fklinguista> but only 1 device can be on the www at a time
<PCdude> I dont want to be a purist here, but for future use I would suggest u refer to "www" as the WAN. I dont care how u call it but some people dont like it
<fklinguista> No problem.
<PCdude> is ur router also used as a switch?
<fklinguista> I'm actually not sure
<fklinguista> I'll try to describe the system as best as I know it
<PCdude> are all ur wired devices connected to the router itself?
<PCdude> and all ur wireless devices are directly connected to the router with a password?
<fklinguista> Well, this is the screwed-up part.
<fklinguista> The WLAN network here is not up to American standards, I'm afraid.
<fklinguista> It's an Open Network in that anyone can connect to it
<fklinguista> but one can only connect to WAN by entering the credentials at the login page
<PCdude> anyone, as in the whole country shares the same WLAN?
<fklinguista> and no, we do not have access to the router for wired devices
<fklinguista> Not the whole country, but the whole apartment complex
<fklinguista> It's like this...
<fklinguista> There is the modem from the ISP, which is connected to a firewall device, which serves as the login manager
<fklinguista> then that firewall is connected via LAN cable to many different Wireless routers
<fklinguista> each wireless router has a different ESSID
<fklinguista> and there are two wireless routers for every floor of each building
<fklinguista> 5 floors in this building, 5 in the other building, so 20 wireless routers in total
<fklinguista> all connected to 1 firewall, leading to 1 model
<fklinguista> **modem
<fklinguista> This is one reason why I want a server, because I do not trust the connection to be able to run Dropbox or another cloud
<fklinguista> and personally, I'm a bit afraid of someone being able to steal my data due to the nature of this
<fklinguista> I was able to very easily clone one of my MAC addresses to log in via a different device
<PCdude> uhm ok, well there are a lot of network devices in place there so I think those can block any signal u have.
<PCdude> That could be the reason those pings do not succeed
<PCdude> As I were u, I would install "pfsense" ,"ipcop" or "ipfire" as an extra firewall
<PCdude> those can protect u from alot of horrible things
<PCdude> I agree about the cloud part with u
<PCdude> I would suggest u make ur own firewall that functions as the login device
<PCdude> therefore u can have a bunch of other devices behind that all can have internet
<fklinguista> Well, if I had the money, I'd just get my own separate ISP
<PCdude> if u make ur own firewall/router u can setup a NAT system
<fklinguista> Well, actually, I bought a separate WLAN device and, using my Linux Mint laptop
<fklinguista> was able to bridge the connection to another WLAN coming from the laptop's primary WLAN card
<PCdude> ah ok ,good
<fklinguista> that's how I got multiple devices to log in
<fklinguista> but that requires my laptop to always be on and here
<PCdude> true, well I think u can solve some of ur problems with an home made router/firewall
<fklinguista> Yes, I agree
<PCdude> u can even disguish ur VPN network communication as another protocol
<fklinguista> I suppose I could use the Ubuntu Server as a half file server half router, couldn't I ?
<PCdude> yes, u can, but I would not suggest
<PCdude> it
<PCdude> if u were u I would install vmware vsphere
<PCdude> its free
<PCdude> u can install that on ur server
<PCdude> as a VM u can install ubuntu server and do what u want with it
<PCdude> and also make a seperate firewall VM
<PCdude> I would not use ubuntu as a firewall
<fklinguista> upon install, I selected to install a VM server
<fklinguista> but I don't know much about how to run virtual servers yet
<PCdude> first off its harder to do it all urself, if u are a linux and network guru I would say go for it
<fklinguista> I'm learning little-by-little
<PCdude> but else I would go for pfsense or something like that
<PCdude> yes u can run a VM in ubuntu
<PCdude> but that is not what u want
<PCdude> and well for a very simple reason
<PCdude> ubuntu is a good OS, but is leaves a big "footprint" on ur resources
<PCdude> instead u want a hypervisor type 1 that has a lot smaller footprint
<PCdude> something like vmware esxi, or xen server,
<PCdude> what I would suggest that u have enough RAM in ur server
<PCdude> as bare minimum 8 GB and 16 or more is desirable
<PCdude> is that making sense?
<fklinguista> Yes, it does
<fklinguista> Would you still know anyway, why I can't ping my server's WLAN IP from other devices connected to the router?
<PCdude> yes I think I know what the problem is
<fklinguista> for example, my server is 192.168.2.57 and it can't ping 192.168.2.44
<PCdude> there is a sub system that is called "device isolation" or something like that
<PCdude> what that does is seperate all devices on the network from eachother, this is only done on wireless networks
<PCdude> this is a security measurement
<PCdude> basically, so u or anyone else will not try to connect or even break in other devices
<fklinguista> Oh, well that's actually not a bad thing
<fklinguista> It sucks for my situation, but it's not bad
<PCdude> the only thing u can do is make ur own WLAN and bridge it to the buildings network
<PCdude> then make sure the device isolation is turned off and u can connect ur devices to eachother as much as u like
<PCdude> if u wanna learn more about networking I suggest u can take a study called "CCENT" or higher
<tomreyn> device isolation can also be an option onyour routers' web admin interface
<PCdude> that is indeed correct tomreyn
<tomreyn> i.e. you may be anle to switch it on / off there
<tomreyn> *aBle
<PCdude> tomreyn are u familiar with openstack?
<tomreyn> not really, no
<PCdude> I am banging my head over it , I just cannot get it to install
<tomreyn> i'd like to learn it sometime, but i never really had a need to. and it's still somewhat young. and complex.
<PCdude> complex for sure, thats why I decided to use ubuntu with landscape it should make things alot easier and a good opportunity to learn from it
<tomreyn> i know of multiple hosting providers which had examination projects running for a year just to see whether they could get it to work and make use of it.
<PCdude> I get everything installed until the last step and than it hangs and leaves me hanging
<PCdude> I hope someday all the projects are put together on one table and make one project out of it, all those separate projects is killing the robustness of openstack IMHO
<tomreyn> :-/ sorry i probably won't be able to help unless it's some commonly used stand-alone components which are not openstack specific.
<PCdude> well, the problem is with JUJU for sure, are u familiar with JUJU?
<tomreyn> nope ;/
<fklinguista> One last question for a temporary solution, PCdude
<PCdude> sure fklinguista
<fklinguista> Say if I were to use the wireless connection from my USB to connect to WAN on the server
<PCdude> to bad tomreyn , u know anyone who could help?
<PCdude> directly? fklinguista
<fklinguista> how would I manually create a bridge from eth0 so I can broadcast my own router, like you said
<tomreyn> PCdude: you could look for a juju channel, or try askubuntu.com.
<fklinguista> So Apartment router > Server WLAN > Server LAN > My Router > All of my devices
<fklinguista> to be able to connect to everyone and to circumvent the login for multiple devices
<PCdude> ah ok, I get it
<PCdude> so what u do is install vmware ESXI, then u install pfsense on it. In pfsense u connect it to ur aparment router, with login and everything (the WLAN connection). then u can use the wired connection on ur server as a LAN. that one u connect to a different switch
<PCdude> on that switch u connect all ur devices u want
<PCdude> u can also connect a Access point on there for ur wireless needs
<PCdude> just to clear some confusion if u start to look on the internet for a wireless router
<PCdude> a router is for many people a device that connects wireless devices, but its not
<PCdude> a router is a device that can separate or combine different networks or subnets
<PCdude> what u want to add to the switch is an AP or access point, that is the correct name for a device that connects wireless devices
<PCdude> I am trying to keep it brief here, but am I making sense?
<fklinguista> Yes, you are
<PCdude> tomreyn , yeah I am trying that, but since its so long there are not really people who have been in the business for 10 years or so. u know that real guru's. everyone is basically trying and see if it works, but thanks anyway
<PCdude> fklinguista , good :)
<fklinguista> But I was thinking, in the meantime, before I install pfsense
<fklinguista> what would be a good temporary solution
<fklinguista> Since I used Network Manager on Ubuntu, the config is not the same
<PCdude> I think u can make it work all in ubuntu or any linux distro, but that can be a pain in the butt. Honestly, I just succeeded the beginner level of a linux guru, so I cant help u do it in there.
<tomreyn> you can do routing and traffic filtering on linux, no need for a pfsense VM
<tomreyn> but some understanding of networking will be a very useful if not necessary ingredient to setting this up.
<fklinguista> I guess what I'm asking (because I've looked on Google and nothing good is coming up), is how would I configure it in /etc/network/interfaces
<PCdude> sure u can do it all in linux, but in a pfsense vm its alot easier for usage. plus u can make snapshots and things like that. personally, I would like my router/firewall be the same device as my file server, but yeah sure u can do it
<fklinguista> to have my eth0 as the bridge from my wlan0
<PCdude> what u want is routing and that will involve alot more than only /etc/network/interfaces
<tomreyn> you will need to have multiple interfaces and something like "up /sbin/ip route add ..." in /etc /network/interfaces.
<tomreyn> you'll also need to enable ip_forwarding on one of your interfaces.
<PCdude> plus u will need to look at iptables
<PCdude> tomreyn u were faster :)
<tomreyn> you could use shorewall to manage iptables, they also have some examples on how to do routing on their documentation. but the network configuration part is really outside of the firewalling domain
<fklinguista> I have webmin installed
<tomreyn> i.e. they kind of expect you to have a working network setup before you start adding traffic fitlering on top.
<PCdude> plus, u will need a good understanding about networking itself to get it work
<fklinguista> ah
<tomreyn> this webmin statement suggests to me that you need to read at leats one book on network designs
<tomreyn> please don't take it personal, i don't mean it this way.
<fklinguista> No problem.
<fklinguista> Thank you for all the help and advice!  I have to go eat now
<tomreyn> maybe this can be a good start: http://www.tecmint.com/setup-linux-as-router/
<fklinguista> Take care!
<fklinguista> thank you, tomreyn
<tomreyn> good luck
<PCdude> good luck
<fklinguista> To you as well
<PCdude> tomreyn , I tried the juju and openstack channel and have asked on stackexchange, but no luck so far
<tomreyn> well give it some more time
<tomreyn> where's your stackexchange post?
<PCdude> http://askubuntu.com/questions/817572/openstack-fails-to-install-caused-by-juju
<PCdude> Even the troubleshooting is pretty fucked up, since in the files that I looked in there are no clear error messages
<tomreyn> hehe, awesome error message there
<tomreyn> it might point to an incorrect password. or something else entirely.
<PCdude> yeah, I know , the kind that makes u pull out ur hair :)
<PCdude> yup, and how to find that out is up to god I guees
<PCdude> the problem is that JUJU is still in beta, so I know I cant ask to much yet
<PCdude> but the JUJU version for 14.04 (the stable one) is giving me errors too
<PCdude> thats what happens if openstack, MAAS and JUJU all live in an entirely building and do not communicate....
<tomreyn> PCdude: fd stands for floppy disk, so your VM has a virtual floppy disk connected and that causes i/o errors. you could probably just remove the fd
<tomreyn> or it could be file descriptor, but i don't think so based on the conext provided
<tomreyn> dev fd0, sector 0 sounds a lot like floppy disk
<PCdude> that is a good point! I was wondering where fd came from, but makes sense
<PCdude> *that
<PCdude> I am gonna try that out, its a small VM and VMware just automatically adds the floppy disks
<PCdude> that is gonna take some time, coz I have to build some things from the ground up again, how long will u be here tomreyn ?
<tomreyn> had you tried http://docs.openstack.org/liberty/install-guide-ubuntu/ or http://docs.openstack.org/liberty/install-guide-ubuntu/ ?
<tomreyn> this is poroibably what i would do rather than following some youtube tutorial
<tomreyn> i won't be at the keyboard all the time, but i use a bouncer so i remain connected to irc and can read up when i return. but, really, i don'T think i'm the right person to help you with there.
<PCdude> yeah true, the problem is that installs only openstack and ubuntu also offers landscape. I am gonna be honest here, but its a pain in the ass to keep all ur servers in sync with only openstack. that is taking me to much time. If it was only the initial setup that is fine, but its not, u will constantly need to go in the CLI and change stuff
<PCdude> ah ok, well, I think it constantly fails coz of my to little understanding of linux to fix basic problems here and there.
<PCdude> I am learning for my LPIC-1 so I am trying my best to become better
<Vacuum_> https://pastebin.mozilla.org/8905569
<PCdude> tomreyn , it turns out there is no floppy disk at all in the VM....
<tomreyn> strange, i could have sworn this message related to a floppy disk controller
<PCdude> I even looked in the VM files, if there was secretly hiding some floppy but no luck, I have to think really hard now what else it could be
<PCdude> http://askubuntu.com/questions/213512/buffer-i-o-error-on-device-fd0-logical-block-0-error
<PCdude> they also talk about a floppy disk
<tdelam> hey guys, I need a specific version of Apache to be installed (PCI compliance annoyances). I am using Ubuntu 14.04LTS. I need Apache version 2.4.23 or later. Is there a way I can target a version like this via apt?
<RoyK> tdelam: https://launchpad.net/~ondrej/+archive/ubuntu/apache2 perhaps
<tdelam> RoyK: yep, I found my solution. Worked like a charm.
<tdelam> sorry to bother :)
<RoyK> np
<tammy5> what was the solution tdelam
<tammy5> what was the solution tdelam
<YamakasY> how large are the default mirrors for packages atm ? I have ~425G for 12.04 and 14.04 ?
<apb1963_> sarnold: you around?
#ubuntu-server 2017-08-21
<jerichowasahoax> I can't start Dovecot because somehow it doesn't have permission to make /var/run/dovecot. Everything was fine before I restarted for a kernel update. What happened and how do I fix it?
<jerichowasahoax> Aug 20 19:52:31 andariel dovecot[12222]: Fatal: mkdir(/var/run/dovecot) failed: Permission denied  <-- this is the only thing in the log
<cpaelzer_> good morning
<lordievader> Good morning
<calcmandan> anyone know if citadel is still under development?
<calcmandan> anyone know if citadel is still under development?
<lordievader> !patience | calcmandan
<ubottu> calcmandan: Don't feel ignored and repeat your question quickly; if nobody knows your answer, nobody will answer you. While you wait, try searching https://help.ubuntu.com or http://ubuntuforums.org or http://askubuntu.com/
<hehehe> hi
<hehehe> who here runs own server?
<hehehe> I am thinking here hmm do I really need aws for my say windows server
<hehehe> no I dont
<hehehe> :)
<hehehe> the only reason I use hosting is anonimity :)
<hehehe> however for none anon stuff I could self host
<calcmandan> thanks lordievader, alot of people joined the channel in the 2 hours i waited for an answer.
<calcmandan> hehehe: i host my own servers to control/own my data as well as the privacy.
<calcmandan> going to bed. gonight
<lordievader> calcmandan: It is probably better to look at git commits or alike.
<lordievader> hehehe: raises hand
<hehehe>  kl
<hehehe> well likes of piratebay is pointless on home connection
<hehehe> however e commerce site if ping is good
<hehehe> maybe
<hehehe> as to privacy you could true crypt hd right?
<hehehe> :D
<hehehe> or  I am missing something
<hehehe> fuck off silent people
<hehehe> :D
<hehehe> for real
<ikonia> hehehe: please stop the language
<ikonia> there is no need for it, I've spoken to you about this before, please adjust your attitude if you wish to continue using the channel
<madLyfe> have 4 servers that i was able to ssh into last night, and this morning i cant but they are all running. not sure wtf happened.
<lordievader> madLyfe: Power outage?
<madLyfe> dont think so, and if so, i have it set to power back on as the default in bios. and they are in fact running
<madLyfe> i cant ping them
<madLyfe> host unreachable
<lordievader> Perhaps a router in the middle failed?
<madLyfe> they are behind a switch am able to ping a win machine that is behind that.
<madLyfe> they are showing up under my wired table in my router admin panel. well 3 are and 1 isnt.
<lordievader> I suppose a port scan reports all ports as closed?
<madLyfe> sorry im pretty green. not sure what you mean
<lordievader> madLyfe: Run nmap on your host to see if ports report to be open.
<madLyfe> it cant be pinged so scan will do nothing?
<madLyfe> hmm i can ping them now
<madLyfe> wait, nvm
<madLyfe> still getting Destination host unreachable.
<madLyfe> ok to just hard power them down?
<madLyfe> hmm wasnt able to get a connection to them unless i did a hard reboot.
<lordievader> madLyfe: About the no ping -> no ports, that is not necesarily true. A firewall could simply block icmp and allow all other traffic.
<madLyfe> i dunno what happened over night or why it didnt recover properly, it should be find after a power outage or loss of network but i rebooted all of them and they are good to go.
<Hexian> it's too early for me to know for sure, but changing vm.swappiness to 1 actually seems to have made a big difference to IO and overall system performance, it just wasn't noticeable for a while because the system is slowly swapping in all swapped out memory, over the last day it went from about 2.5% to 1% swap usage
<Hexian> what is interesting is that all processes which were doing infrequent reads are doing no reads at all now, only one of my read time processes does very infrequent reads of 8KB now, and the only other process that did a disk read very recently is SSH
<Hexian> so all the chunks that were being read from disk were not even the processes themselves but just the kernel swapping
<nacc> Hexian: if you know your working set size will fit into memory and you never overcommit, just turn off swap
<Hexian> IO wait times peak at 0.5% instead of like 20% now
<nacc> Hexian: that's almost what you're doing by setting it to a near-zero value -- only swap when the kernel absolutely must
<Hexian> if swapping really turns out to have been the cause of these major intermittent issues, the default swappiness is far too high for servers
<nacc> Hexian: how well do you know your workload?
<nacc> Hexian: as in, do you even need swap?
<Hexian> I don't need swap, but I'd rather not disable it completely just in case there is ever a memory leak on the box
<nacc> if there is a memory leak on the box, swap won't technically help you, it just delays the inevitable...
<nacc> but in any case
<nacc> Hexian: yes, it's assumed you'd tune the value based upon workload
<Hexian> yeah I guess I'd rather have processes crash if there is a leak, than have performance issues
<nacc> right, so you don't want swap :)
<Hexian> so maybe disabling swap is a good idea, though it's never been necessary in the past for any of my boxes
<Hexian> it may be necessary with the newer kernel
<nacc> Hexian: i'm not sure there is an distinction made between the default sysctl value on server and desktop, i think it's 60 everywhere?
<Hexian> it seems to assume all servers have SSDs
<nacc> Hexian: but it sounds like you do have some overcommit then, if you did hit swap at all?
<Hexian> reducing swappiness to 0 has increased memory usage a bit, but there is still plenty free ram on the box at all times
<Hexian> like 50%
<Hexian> the free 16+GB is being used for IO caching
<nacc> Hexian: i *believe* swappiness serves as a bit of toggle over the watermarks
<nacc> i'd need to go reread the code to be sure
<Hexian> my problem is that these major issues that I've had for months only happen severely at random times, the box can have no performance drops large enough to matter for a week or 2, and then 2 days of constant issues every few minutes or a few times an hour
<Hexian> so I will have to monitor the box for weeks to be sure that it's even the swapping
<nacc> sounds like unstable workloads and pretty typical for untuned systmes
<nacc> *systems
<nacc> Hexian: as in, nothing you say is inherently surprising to me :)
<Hexian> my processes don't write to disk, they write to a ram disk to avoid IO overhead
<Hexian> they do little reads (now that I've reduced swappiness it seems they do virtually no reads at all)
<Hexian> yet when the issue is severe, they can freeze for anywhere from 500ms to 20 seconds straight while waiting on IO
<nacc> writing to a ram disk puts *more* pressure on memory
<Hexian> sure, but the writes are small and infrequent, and more than 50% ram is free usually
<Hexian> writing to ram disk should be completely unnecessary, but it prevents ever blocking on the infrequent disk writes
<Hexian> I moved writes to a ram disk to try to solve the issue that I believe is swap related now
<Hexian> drab: netdata does support backends for historical stats these days - https://github.com/firehol/netdata/wiki/netdata-backends
<Epx998> zesty is out now?
<nacc> Epx998-: it has been for a while (since april)
<nacc> rbasak: i'm thinking we may want a wrapper around build's logic for just obtaining the orig tarballs (I might already ahve filed a bug for this), e.g. git ubuntu extract-orig. The reason being some commonly-used tools, e.g., dpkg-source, expect to find the orig tarball in the parent directory
<Epx998> nacc: i've been in channel since then ;P
<nacc> Epx998: :)
<nacc> cpaelzer: do you want me to sync the three packages from the pad? (irqbalance, mod-wsgi, pwgen)?
<nacc> ahasenack: do yhou have room for another merge? net-snmp should be relatively straightforward, as several bits of delta seem to be cherry-picks from debian in the first place?
<nacc> teward: are you planning on updating nginx in artful? sorry if you answered before, my brain has already context-switched
<nacc> lamont: do you know why src:python-formencode's orig tarball is different in Ubuntu from Debian's?
<nacc> (for 1.3.0)
#ubuntu-server 2017-08-22
<Epx998> nagios packages need an update, zesty still ships with nagios3
<drab> yeah, I keep compiling it from sources, altho I also keep trying to find an alternative, the web interface just drives me nuts
<drab> and the fact that after so long you still have to deal with a sucky json api isn't ideal (altho at least there's one finally)
<drab> but then it still seems to be the best of the pack... need to give icinga another shot
<BrazierCustoms> https://github.com/conjure-up/conjure-up/issues/11    what is the reason I run into this? ubuntu 16.04, conjure-up 2.3-alpha1
<cpaelzer> nacc: they are in the done lane I'd think
<cpaelzer> nacc: arr pad, I promise I moved them 2 done one with comment being a merge still
<cpaelzer> doing again
<cpaelzer> good mornign btw
<cpaelzer> nacc: I'm undecided and want some consensus on the question sync or merge
<cpaelzer> since the merge is trivial I'll provide one, open a bug for discussion and will pass it to you in a few minutes
<cpaelzer> lets discuss on that later today then with the Team
<cpaelzer> nacc: ok all sorted out - ready for review in https://trello.com/c/azsZdLmL
<cpaelzer> TL;DR: a merge this cycle a sync next cycle as the change is now upstream
<lordievader> Good morning
<Slashman> hello, changing the value "/sys/module/zfs/parameters/zfs_arc_max" doesn't change the arc_size anymore on ubuntu xenial with zfs 0.6.5.6-0ubuntu17, how can I change the max arc_size?
<smoser> rbasak, i'm sure you've thought of this..
<smoser> with the git-ubuntu stuff.
<smoser> when we have a delta, should we update the Vcs-Browser and Vcs-git fields in debian/control
<smoser> then 'debcheckout' will just work, which is quite nice.
<smoser> i guess we could also then either
<smoser> a.) modify debcheckout to use 'git ubuntu clone'
<smoser> b.) modify debcheckout to do a git ubuntu clone in the absense of a Vcs tag
<necrophcodr> Is it possible to have a unprivileged container system on Ubuntu?
<necrophcodr> Or rather just a chroot really
<necrophcodr> something like proot, but working
<necrophcodr> proot doesn't work very well for some situations, for some reason i haven't diagnosed yet
<teward> oops i broke my internet today xD
<dpb1> teward: still available to chair the meeting this week?
<teward> dpb1: yeah
<dpb1> teward: OK, I'll let you do it, and will move you to the front of the list
<dpb1> teward: thanks. :)
<teward> first time charing heh
<teward> chairing*
<teward> it's not hard though :p
<dpb1> teward: we'll be there to help
<teward> nacc: is there a new update I missed?
<teward> nacc: 1.12.1-0ubuntu2 is already in Artful, that's latest stable + merges from Debian
<teward> so that's 'done'
<necrophcodr> turns out that bubblewrap does what i want, i'll give it a few spins
<nacc> teward: debian has 1.13.3-1
<teward> nacc: they're tracking Mainline
<teward> we're tracking Stable
<nacc> teward: ok, i was going off rbasak's script
<teward> do we *want* to track Mainline which is under active development?
<nacc> teward: which is just looking at what's different between ubuntu & debian
<teward> nacc: when B-series opens I'll switch to Mainline.
<nacc> teward: sounds good
<teward> because then right after B-series or right before B-series release we'll get in the updated Stable
<teward> like we did for 16.04
<teward> (1.14.x releases at about the same time we release B series)
<teward> dpb1: got a handy link to the previous meeting notes?
<teward> or did we update this already on the main agenda page
<dpb1> teward: start here: https://wiki.ubuntu.com/ServerTeam/Meeting
<teward> got it, thanks
<dpb1> teward: basically, we converted it to cut-and-paste, so it should be easier
<teward> even better :D
<teward> thanks.
<teward> *yawns* I need coffee, back in a minute
<teward> 30minutes to go to the meeting right?
<nacc> teward: yep
<teward> cool
<dpb1> teward: the hardest part is the sending out of notes after, but it should all be in that page, and it's really just taking 5-10 minutes to follow it
<teward> nacc: FWIW and I should probably document this. I track NGINX Stable up until the opening of the next LTS for development.  Then I switch to Mainline, with the goal of a right-before-release or just-after-release update to the latest Stable which is pretty much a verion-string-only change update.
<teward> we have precedent for this in 16.04
<nacc> teward: yep, that's fine -- i just wanted to "be sure" so i can take it off our list
<teward> nacc: yep, no problem.  Still sticking to the 'old school' methods for nginx, but it works for now so :P
<teward> merges are hard when Debian tracks one version and we track another xD
<teward> (Mainline also introduces evils like new features under active development, I'm not a fan of that so...)
<nacc> teward: +1 thanks
<teward> (Mainline users can use the PPA if they want the latest stuff heh)
<teward> yep
<teward> well i didn't find coffee...
<teward> but I found mountain dew.
<teward> just as decent :P
<nacc> gross
<nacc> :)
<teward> lol
<teward> nacc: better than the sludge that campus sells...
<teward> it's literally undrinkable that stuff
<teward> i'd rather not die from sludge-coffee thanks.
<genii> mmm sludge-coffee
<nacc> teward: which school are you at again? and yeah, i'd be leave it, regardless of the school :)
<teward> nacc: Penn State Harrisburg, Harrisburg, PA.
<teward> but only for this one last semester
<teward> then I graduate and have a full-time job lined up.
<teward> yay for employment
<nacc> teward: nice!
<teward> 15 minutes to meeting
<dpb1> 5m " " "
<dpb1> :)
<teward> ^ that
<teward> thanks dpb1
<dpb1> hehe
<teward> 2 minutes.
<teward> though i might give an extra minute for people to show up :p
<dpb1> wise choice
<dpb1> teward: if you need any help on post-meeting tasks, just ask
<nacc> rbasak: i'm tasking you with following up on https://code.launchpad.net/~ahasenack/ubuntu/+source/samba/+git/samba/+merge/326073
<nacc> rbasak: specifically what to do with an indepenently sponsored change
<dpb1> nacc: what does "independently sponsored change" mean? (the term)
<nacc> dpb1: not using our git workflow
<dpb1> ah
<nacc> dpb1: it was sponsored by debdiff outside of git
<nacc> dpb1: so it's already been uploaded
<nacc> dpb1: it goes down to the semantics of the upload tags
<dpb1> so, the importer would just suck in a new one after it hits LP
<dpb1> ?
<nacc> do they represent the act of uploading/sponsoring? or do they represent any history any developer provides
<nacc> the latter is risky because it means no hash stability
<dpb1> hmm
<nacc> we're in an in-between state right now, though, where we haven't declared hash stability :)
<dpb1> right
<nacc> well not 'no'
<dpb1> til there is an mmm in channel
<nacc> just less easily assured
<nacc> and i'd like rbasak to help remind me what we decided to do, because i can't recall
 * dpb1 nods
<nacc> eventually, we won't tag things like this
<dpb1> ok
<nacc> but i don't want to lose this particular history, if we decided to keep it
<nacc> but i also don't want it in the active reviews, because .. it's not :)
<teward> dpb1: I think I'm good, just completed them while my computer finishes kernel updates :P
<teward> thanks though :)
<teward> and thank you guys for letting me chair :)
<dpb1> teward: thx for being willing.  see you there in.... 2 months maybe? :)
<teward> dpb1: heh sounds good :P
<Epx998> ps doesnt give a start in epoc for a proc does it
<ahasenack> nacc: question if you have a moment. libpam-ldap has been carrying a delta for about 10 years where it removed "etc/" from debian/libpam-ldap.dirs
<ahasenack> with no furhter explanation
<ahasenack> I presume it's because that directory is always present on a system why it was removed
<ahasenack> that file is for dh_installdirs, right?
<fginther> Hello, does anyone here know much about RDMA, specifically what one would look for on a system to know if it was available?
<sarnold> fginther: rdma over ethernet or infiniband?
<fginther> sarnold, let's say infiniband
<fginther> might need to know both, but I'll start with infiniband
<sarnold> fginther: I believe what you're looking for is svcrdma -- https://www.kernel.org/doc/Documentation/filesystems/nfs/nfs-rdma.txt has some pointers
<fginther> sarnold, thanks, I'll give that a read through
<sarnold> fginther: that may or may not be specific to rdma for nfs; I never found out if samba does the windows-compatible rdma with SMB or not..
<sarnold> there's a chance VERBS-native applications don't need to do anything special; I never made it very far down that path
<ahasenack> ah, that's build time (wrt my .dirs question)
<fginther> sarnold, I'll see where this gets me
<fginther> thanks
<hehehe> hi
<hehehe> for some weird reason I can connect to github via port 443
<hehehe> firewall does not block it
<hehehe> nothing in syslog
<hehehe> what can it be?
 * hehehe gets out a sleeping bag and a tent
<hehehe> :)))
<dpb1> hehehe: why is it weird to connect to github
 * dpb1 is afraid to ask
<hehehe> sorry * cant
<hehehe> lol
<hehehe> typo
<hehehe> for some reason it seems I cant connect to any sites on port 443 from the box
<hehehe> probabaly firewall
<hehehe> occam razor
<hehehe> yep
<hehehe> I am acting too fast
<hehehe> for my comprehension skills
<hehehe> what you been upto db1?
<hehehe> dpb1:
<hehehe> is there a channel where people talk about what kind of new open source projects could be done?
<dpb1> hm
<dpb1> interesting question, I'm not sure. :)
<dpb1> sounds like reddit futurology
<dpb1> I've been ok, how about you hehehe
<hehehe> had wild chat
<hehehe> :)
<hehehe> and eat pizza
<dpb1> sounds like a complete day
<hehehe> hehe
<hehehe> now I also plan to see what happen to my server
<hehehe> I think I better off loging my commands
<hehehe> sometimes when i am sleepy and in a rush
<hehehe> it can get messy
<hehehe> i set nginx to auto redirect all requests to http - however when installing new version of app - I get info will be sent over insecure connection and then I am stuck on step 1
<hehehe> maybe setup tries to reach http server and if there are none fails>
<hehehe> ?
<BrazierCustoms> https://github.com/conjure-up/conjure-up/issues/11    what is the reason I run into this? ubuntu 16.04, conjure-up 2.3-alpha1  I always feel like its my fault that I have missed something but I cant figure it out.
<stokachu> BrazierCustoms: usually indicates there are some issues with the networking setup in openstack
<BrazierCustoms> @stokachu I noticed the ntp service says waiting in juju status
<stokachu> behind a firewall?
<BrazierCustoms> on the physical machine?
<BrazierCustoms> no
<BrazierCustoms> all the virtual is conjure-up default. localhost install
<stokachu> BrazierCustoms: so you can `juju ssh nova-cloud-controller/0` and `source novarc` and start looking around the neutron items
<stokachu> BrazierCustoms: you can double check things like `neutron net-show ext-net`
<stokachu> or `neutron subnet-show ext-subnet` make sure all that lines up with your network setup
<stokachu> BrazierCustoms: there is a potential problem where the second network bridge doesn't line up with `neutron subnet-show ubuntu-subnet`
<BrazierCustoms> @stokachu ok, i'll look into it. I gotta run right now but I will leave this running. anything that helps, I so want to get this running but I keep hitting problems :(
<BrazierCustoms> ill be bACK in a few hours
<stokachu> BrazierCustoms: i should be online tonight, just ping me
<stokachu> 10-4
<ahasenack>   * Update Build-Depends to use libssl1.0-dev and
<ahasenack>     default-libmysqlclient-dev.  (Closes: #846569, #836312)
<ahasenack> do we have a default-libmysqlclient-dev package? I can't seem to find it
<hehehe> ahasenack: any idea about my issue .. lol
<hehehe> here is a relevant code https://github.com/opencart/opencart/blob/2.2.0.0/upload/install/index.php
<hehehe> seems like it should work over https
<ahasenack> hehehe: sorry, no php foo lives in me
<hehehe> :D
<hehehe> which language do you use?
<nacc> !info default-libmysqlclient-dev artful
<ubottu> default-libmysqlclient-dev (source: mysql-defaults): MySQL database development files (metapackage). In component main, is optional. Version 1.0.2ubuntu1 (artful), package size 3 kB, installed size 9 kB
<nacc> ahasenack: --^
<nacc> ahasenack: how did you search for it? i see it in apt (on artful) and rmadison
<ahasenack> nacc: apt-cache, but on xenial
<nacc> ahasenack: right, only exists in 17.04 and on
<ahasenack> nacc: I found this construct in another package that build-depends on mysql:
<ahasenack>                default-libmysqlclient-dev | libmysqlclient-dev,
<nacc> ahasenack: you have chdist set up?
<nacc> ahasenack: right, presumably for backwards-compatibility
<ahasenack> ok, we don't need a delta for this then
<ahasenack> I'll look chdist up
<ahasenack> rmadison would have been my follow-up attempt
<nacc> ahasenack: it's a way to have multiple apt repos setup by distro/pocket
<hehehe> ahasenack:  thing is it worked before lol
<hehehe> different version of an app
<rbasak> nacc: I think there's always going to be a race between upload tags and getting the importer to adopt them. Until we can supersede dput.
<rbasak> nacc: so I think it's an acceptable state of affairs for an upload tag to be present even if the importer missed it.
<rbasak> nacc: to get hash stability, we need the original publications, plus a yay/nay against every upload tag as to whether it was originally included. I think that's OK.
<nacc> rbasak: right, but i don't think we had decided how to implement that part
<nacc> the yay/nay per upload tag
<nacc> rbasak: so i still leave it up to you to deal with that MP :)
<rbasak> nacc: ack
<nacc> rbasak: presumably with a choice of tag it or not, and then a bug filed for how to deal with the yay/nay for 1.0 :)
<rbasak> Yep!
<BrazierCustoms> @stokachu are you're in NC? think I saw that somewhere..  I am. Winston-Salem..
<stokachu> BrazierCustoms: yea im in nc
<BrazierCustoms> what area?
<stokachu> im in rolesville
<BrazierCustoms> oh ok. near raliegh. bout 2.25 hours from me.
<stokachu> yea, not to far :)
<BrazierCustoms> @stokachu ubuntu@juju-80a452-12:~$ neutron net-show ext-net
<BrazierCustoms> An auth plugin is required to fetch a token
<stokachu> BrazierCustoms: did you `source novarc` first?
<BrazierCustoms> @stokachu sorry, missed that one
<nacc> rbasak: whew, i think i finally have the code in a place that is functionally equivalent to master :)
<BrazierCustoms> @stokachu sorry I'm also on vacation at myrtle beach and things are slow here
<BrazierCustoms> @stokachu neutron net-show ext-net | pastebinit
<BrazierCustoms> http://paste.ubuntu.com/25373185/
<BrazierCustoms> @stokachu  neutron subnet-show ubuntu-subnet | pastebinit
<BrazierCustoms> http://paste.ubuntu.com/25373199/
<stokachu> BrazierCustoms: whats lxc network list on the host show?
<stokachu> where you ran conjure-up
<BrazierCustoms> stokachu error: unknown command: network
<stokachu> ah right
<stokachu> conjure-up.lxc network list
<BrazierCustoms> i was about to ask lol
<stokachu> actually fixing that this week
<BrazierCustoms> good :)
<stokachu> it's caused more harm than good
<stokachu> brb about 10 minutes
<BrazierCustoms> well I understood that. I'm having probs with everything else :P
<BrazierCustoms> conjure-up.lxc network list | pastebinit
<BrazierCustoms> http://paste.ubuntu.com/25373232/
<BrazierCustoms> stokachu ^^
#ubuntu-server 2017-08-23
<stokachu> back
<stokachu> BrazierCustoms: ok whats output of `ip addr`
<BrazierCustoms> stokachu http://paste.ubuntu.com/25373307/
<stokachu> BrazierCustoms: ok, need to update the neutron ubuntu-subnet to use 10.169.101.1/24  instead of 10.101.0.1
<stokachu> BrazierCustoms: thats what im fixing this week
<stokachu> BrazierCustoms: https://github.com/conjure-up/spells/blob/dc937ff23a173f592681918903d02745413ed558/openstack-novalxd/steps/share/neutron.sh#L36-L38 thats what you need to do
<stokachu> replace 10.101.0.0/24 with 10.169.101.1/24
<BrazierCustoms> stokachu oh so its not me? lol
<stokachu> oh and ext-net too
<stokachu> BrazierCustoms: yea it's not you
<stokachu> i should have this fixed in the next day or so
<stokachu> you able to wait until then?
<BrazierCustoms> i guess, im on vacay anyway, why is it I have this prob? I dont see 100 other ppl posting about it..
<BrazierCustoms> ive been dealing with it since last time we spoke..
<stokachu> BrazierCustoms: yea not sure why more people dont post about it
<stokachu> BrazierCustoms: it's definitely broken though
<stokachu> BrazierCustoms: a lot of users use the openstack base with maas
<stokachu> so they have to configure it all themselves anyway
<BrazierCustoms> &also would this cause juju to freeze and "try was stopped" after trying to create an instance?
<stokachu> BrazierCustoms: yea there are various other issues with localhost that im fixing
<BrazierCustoms> ive had this happen a few times too.
<BrazierCustoms> oh ok
<stokachu> yea it is my focus this week to iron all that out
<BrazierCustoms> so you saying very few ppl using the conjure-up method?
<stokachu> BrazierCustoms: heh, no that's not what im saying
<stokachu> there are 2 different spells, one uses MAAS the other localhost
<BrazierCustoms> I dont have enogh experience to set up everything.
<stokachu> a lot of production users use maas
<stokachu> yea localhost is for you, i just need to fix it :)
<BrazierCustoms> well.. this isnt production until i can figure it out :P
<BrazierCustoms> lol so I'm a lone localhoster lol
<stokachu> BrazierCustoms: yep, hang out in this channel and ill ping you when i have something for you to test
<stokachu> BrazierCustoms: well also a lot of our focus has been on kubernetes recently
<BrazierCustoms> should I switch?
<BrazierCustoms> I dont know much about most of it. but I want to learn. but its hard to tell the difference between me goofing up and BROKEN when you arent 100% sure how alot of it is working..
<stokachu> yea understood, i guess the question is what are you trying to do?
<stokachu> is this just for learning?
<BrazierCustoms> stokachu, mostly. but I have some private network reasons to play :)
<BrazierCustoms> I really just want the controller and the instances to work..
<stokachu> BrazierCustoms: yea understood, ill fix that :)
<stokachu> just need a couple days
<BrazierCustoms> so the only reason this doesnt work is because its local host?
<stokachu> BrazierCustoms: no the network is misconfigured for neutron
<stokachu> thats the only piece that is broken
<BrazierCustoms> I guess what i am asking is what caused it to misconfigure?
<stokachu> BrazierCustoms: right now we use the auto option when creating lxc network bridges, and in our spell we made the assumption we always control the network bridge network and set it to a fixed value
<stokachu> BrazierCustoms: https://github.com/conjure-up/spells/issues/76 and https://github.com/conjure-up/spells/issues/66 need to be fixed
<stokachu> and https://github.com/conjure-up/spells/issues/50
<stokachu> subscribe to those issues, im going to go back to working on this lxd stuff
<BrazierCustoms> ah.ok. I will try to keep irc active on my mobile. thanks for your help, I been banging my head.
<stokachu> BrazierCustoms: np, you can also hop back on https://rocket.ubuntu.com/channel/conjure-up if that's easier from your phone
<BrazierCustoms> stocachu, it dont matter, I have android irc on the mobile :)
<braziercustoms-m> <<<<-Stokachu :D
<sarnold> braziercustoms-m: you missed nothing while you were away
<stokachu> lol
<braziercustoms-m> Sarnold I'm sure lol there is so much to talk about though..
<braziercustoms-m> Sarnold what do you do?
<sarnold> braziercustoms-m: I'm on the security team; I do the standard 'job rotation' duties and main include review audits (well, we call them audits, but they're way too quick to really be _audits_)
<braziercustoms-m> Sarnold security watch for contributions?
<sarnold> braziercustoms-m: we sponsor updates for universe packages that community members prepare and test https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures
<braziercustoms-m> Sarnold Wow. Love it. So many things to know. I get lost in what I want to learn :D
<sarnold> braziercustoms-m: likewise, I've been meaning to play with conjure-up for a few months now. hehe.
<braziercustoms-m> Sarnold I'm the kind of person who starts reading one thing and ends up with 5ptabs open.
<braziercustoms-m> 50 tabs open
<sarnold> braziercustoms-m: aye. I've got that too. 30+ tabs on my phone and 235 on my desktop.
<braziercustoms-m> Oh so I'm in the right asylum? Lol
<sarnold> lol
<braziercustoms-m> I need a bubble map for conjure-up. I think I'm confused about what's controlling what.. I've had a lot of issues some my mistake/ some I spent countless hours trying to figure out if it was my mistake.  Thank goodness for ppl like you and stokachu for clarifying...
<sarnold> mostly stokachu, hehe
<braziercustoms-m> Sarnold I feel like you have helped me in the past somewhere..
<braziercustoms-m> Lol there went my hotel connection lol
<sarnold> braziercustoms-m: heh your nick is certainly familiar but I can only recall conjure-up questions..
<braziercustoms-m> Sarnold have you ever done anything I debian channel?
<sarnold> braziercustoms-m: not #debian itself, that's way too chaotic for me
<sarnold> I like quiet irc clients :)
<braziercustoms-m> Lol
<braziercustoms-m> sarnold I come here sometimes just in hopes to catch someone talking about something I need to know :P I rarely catch much.
<sarnold> braziercustoms-m: yeah, #ubuntu might be better for that, except it's also drinking-from-a-firehose levels of traffic
<braziercustoms-m> Sarnold As far as virtual hosting I'm somewhat of a noob. Someone helped me with some vservers stuff and some other login security issues, but it was debian.
<BrazierCustoms> stokachu i may try your "you need to do this" link from earlier. I guess when its done I need to re- conjure-up a cloud? or can I just restart something?
<stokachu> yea you would re-run conjure-up
<BrazierCustoms> stokachu, ok thanks
<BrazierCustoms> stokachu in the process of conjure-up now
<BrazierCustoms> stokachu this put me back to "cannot retrieve charm blah blah" during conjure-up
<BrazierCustoms> this was the problem I was having last time we spoke.
<madLyfe> when installing server it detects drives to install to. i have two of the exact same usb keys, one empty and one with the ubuntu server iso on it to install from. will the installer ever ask me to install to the installer usb key?
<madLyfe> like if it cant detect another empty usb key, does it detect itself?
<cpaelzer> good morning
<madLyfe> trying to get this USB hub/ethernet adapter working on server
<madLyfe> have no idea
<lordievader> Good morning
<madLyfe> any of you guys know how to get a usb hub/ethernet adapter working?
<madLyfe> i dont even think its recognized. it works in windows so i know its not borked.
<cpaelzer> madLyfe: it depends a lot on the chipset used in it
<cpaelzer> madLyfe: you need to hangle through the stages it need to initialize correctly and see where it breaks
<cpaelzer> madLyfe: so lsusb if it shows up at all (and under which type)
<cpaelzer> madLyfe: then dmesg on plugging it if it recognized it as network, ...
<madLyfe> i dont think it shows up under lsusb
<cpaelzer> askubuntu is full of cases like this but it always depends on the exact device type
<cpaelzer> madLyfe: well even if not supported it should show up there
<cpaelzer> madLyfe: so unplug, sudo lsub > before; plug sudo lsub > after; diff -Naur before after = empty?
<cpaelzer> if not there it seems more like an electrical issue than anything else and since you say it works in windows ...
<cpaelzer> at least I never seen anything (but broken devices) to not show up
<cpaelzer> like a usb disk with a motor damage I once had
<madLyfe> lsub is correct?
<cpaelzer> lsusb
<cpaelzer> sorry, typing and talking here
<madLyfe> ya i get the same output as before i removed it
<cpaelzer> hmm, odd
<cpaelzer> and if you run sudo dmesg -w in another console
<cpaelzer> is ther eanything happening on plug/unplug/plug ?
<madLyfe> i dunno. im on server.
<cpaelzer> madLyfe: sorry - how is the sevrer preventing you from checking dmesg?
<madLyfe> its not. i just unplugged it and ran sudo dmesg -w
<madLyfe> it did a ton of scrolling and is now stopped with a blinking cursor
<cpaelzer> the -w is just meant to wait interactively so you can see exactly what is from the unplug/plug
<cpaelzer> if you only have one session you can run a normal dmesg and report the tail of it
<lordievader> Perhaps watching udev makes more sense at this point.
<madLyfe> i just plugged it back in, what should i do next?
<lordievader> `sudo udevadm monitor --environment --udev`
<cpaelzer> lordievader: would it show up in udev if it is not appearing in dmesg nor lsub ?
<cpaelzer> madLyfe: for lordievader and my sugegstion you'd better need more sessions
<lordievader> There are cases, yes.
<cpaelzer> can you ssh in with a second session
<cpaelzer> ?
<madLyfe> no ethernet lol
<madLyfe> need this dongle for that
<cpaelzer> so you are on what atm - the serial console?
<madLyfe> i think so?
<madLyfe> lol
<cpaelzer> you can still get further sessions with ctrl-alt-f1 - ctrl-alt-f5
<madLyfe> logged into it with my username and password
<cpaelzer> log on the f2 one and do the udev watch that lordievader recommended; log onto the f3 one and do the sudo dmesg -w
<cpaelzer> then unplug/plug
<cpaelzer> then report back what you got on these two
<madLyfe> not sure how to report it
<madLyfe> how do i scroll up again?
<madLyfe> GenesysLogic_USB.0_Hub looks like the ID-SERIAL
<lordievader> The exact content of the udev command does not matter.
<lordievader> As long as text flies by it means the kernel sees a device.
<madLyfe> ya it did
<lordievader> Okay, so it is detected. Anything from the dmesg command?
<madLyfe> ya
<madLyfe> https://usercontent.irccloud-cdn.com/file/8L8oafLX/irccloudcapture621505530.jpg
<madLyfe> not sure how to get you all the output
<lordievader> Those things in red are your problem.
<lordievader> Interestingly it does try to load a module (r8152).
<lordievader> I'd lookup what chip is in there and see if there is a linux driver available.
<madLyfe> well was it getting the realtek driver? because the hub has ethernet as well
<lordievader> r8152 sounds like realtek, yes. What do you mean with the hub?
<madLyfe> with the hub?
<lordievader> "because the hub has ethernet as well" what hub?
<madLyfe> this is a usb hub/ethernet adapter
<cpaelzer> in one device you mean?
<madLyfe> http://www.ebay.com/itm/3-Ports-USB-3-0-Hub-Gigabit-Ethernet-Lan-RJ45-Network-Adapter-to-1000Mbps-Mac-PC-/262668572762
<madLyfe> ya
<lordievader> Ah, right.
<lordievader> Try to find out what kind of chip is in there.
<madLyfe> thing didnt really come with any info. hmm
<cpaelzer> IIRC I had once something like that with a hub that was optionally powered and I got this when plugging without external power
<cpaelzer> but this doesn't seem to have external pwr
<cpaelzer> maybe this still is some over-current protection at work, .. hmm
<cpaelzer> There are plenty of issues like this in the web, but they mostly end at bad HW
<madLyfe> ya there is no external power
<cpaelzer> since you have no external power madLyfe, might your server have old/new usb ports with some having more power?
<madLyfe> this is actually a blade
<madLyfe> im running it off of the front SUV cable
<madLyfe> SUV I/O cable
<cpaelzer> that might even be USB 1.1 or so
<cpaelzer> depending on the age (or not) of the blade
<cpaelzer> center
<madLyfe> its a G7
<madLyfe> 2014 is the bios date if i remember correctly
<cpaelzer> but looking at your dmesg, it tries to initialize 2-3.4 even after the issue in red
<cpaelzer> and I found other posts stating the same
<cpaelzer> so maybe after all your actual issue is the "Unknown Device" in the realtek driver
<lordievader> madLyfe: Does it work on a recent linux laptop or something?
<cpaelzer> which gets you back to analyze what chip exactly is used and if there is something for it
<madLyfe> it works on windows is all i know. dont run nix other than ubuntu server for my miners.
<lordievader> Perhaps Windows can tell you what chip is in there.
<madLyfe> well here it is in windows: http://i.imgur.com/AWIueu5.png
<madLyfe> realtek USB GbE family Controller
<lordievader> Search through the driver info for a chipset model.
<madLyfe> http://i.imgur.com/6sBIZph.png
<lordievader> I was more refering to the details tab ;)
<madLyfe> ya im going through the whole list to see what would help out here
<madLyfe> http://i.imgur.com/K1IGARK.png
<madLyfe> might be this: http://www.realtek.com.tw/products/productsView.aspx?Langid=1&PFid=56&Level=5&Conn=4&ProdID=326
<madLyfe> actually it shows it 'registered new interface driver r8152' and not the 8153
<madLyfe> at least thats what windows uses
<madLyfe> http://www.realtek.com/downloads/downloadsView.aspx?Langid=1&PNid=56&PFid=56&Level=5&Conn=4&DownTypeID=3&GetDown=false#RTL8153
<lordievader> This might help: https://github.com/rickhofstede/linksys_usb3gigv1_linux
<lordievader> (Funny to see a repo from a supervisor of mine)
<lordievader> Although reading the readme, perhaps not.
<madLyfe> for a linksys adapter i think
<lordievader> But you might have the same problem, that the device annouces itself as something else.
<madLyfe> i had to pack this project up. i need to pass out. thank you guys for helping me this far!
<madLyfe> ill be back at it again tomorrow
<yeeve> Anyone know if this has changed in the last 2 years? https://mariadb.com/kb/en/the-mariadb-library/mysql_config_editor-compatibility/
<ahasenack> this bug: https://bugs.launchpad.net/ubuntu/+source/net-snmp/+bug/1403730
<ubottu> Launchpad bug 1403730 in net-snmp (Ubuntu) "Add support for OpenVZ simfs" [Low,Triaged]
<ahasenack> it's fixed in xenial and later
<ahasenack> just not in trusty
<ahasenack> to record that,
<ahasenack> should I nominate for trusty, and then close the ubuntu (artful) task?
<ahasenack> even though I'm not really going to prepare a trusty SRU at this time?
<nacc> cpaelzer: sigh, it looks like your nut sru in xenial ftbfs because the debian change to fix 52-nut-usbups.rules -> 62-nut-usbups.rules is also needed (from 2.7.4-1)
<sdeziel> nacc: cpaelzer: re the nut SRU for Xenial, I updated LP: #1099947 with some information. Essentially, I cannot repro on Xenial even before applying -proposed
<ubottu> Launchpad bug 1099947 in nut (Ubuntu Xenial) "driver unable to connect to CyberPower UPS using usbhid-ups driver" [Undecided,Fix committed] https://launchpad.net/bugs/1099947
<sdeziel> as if the problem was fixed some other way somewhere after Lucid. There is another LP addressed by that SRU though
<nacc> sdeziel: ok, good to know. cpaelzer, can you resolve?
<cpaelzer> nacc: I will resolve
<cpaelzer> but not today
<cpaelzer> it is on my list
<madLyfe> lordievader: you still around?
<nacc> cpaelzer: thanks
<lordievader> madLyfe: Yes.
<madLyfe> you think i can get this usb ethernet adapter working?
<lordievader> No idea, never had one of those devices.
<lordievader> What kernel version do you run?
<madLyfe> whatever is with the latest iso i thought it was 4.10 but that wasnt the case on the last install i did unless i forced it to update
<lordievader> You might want to try modprobing that module with the -v option.
<TafThorne> USB Ethernet adaptor?  I got a LTE USB adaptor to mount via the option module a few months ago.
<TafThorne> Had to echo some ids into a file or something.
<madLyfe> TafThorne: if you scroll up a bit it shows our convo a bit. im a nix newb, let along a nix server.
<TafThorne> madLyfe: Was some `lsusb` output in the scroll buffer?
<madLyfe> one sec, i need to get this machine booted lol was running fine last night.
<TafThorne> madLyfe: I found the convo.  I do not think I can add anything.  More critically it is almost time to go home!  gnight y'all.
<docmur> with iptables --string, is it possible to watch the requesting domain and then forward the port based off it, with both prerouting and postrouting rules?
<sdeziel> docmur: iptables seems to be the wrong level to do DNS resolution "routing"
<sdeziel> docmur: what is the problem you are trying to solve?
<docmur> I have one server 1.1.1.1 with a number of VM's on it.  Each VM has a number of ports that it communicates externally to.  Right now I use iptables to map the ports, for instnace 9300 -> 80 on VM 1, 9400 -> 80 on VM2 etc...,  I'm tyring to set up rules so when it sees name.domain.com it automatically fowards to VM1, other.domain.com to VM2
<docmur> I could buy external IP's it's cheap, but I'm trying to get away from doing that if I can
<sdeziel> and the domain name matching would be done in the HTTP 1.1 packet, is that right?
<docmur> I'm not entirely sure :S, that's a good question
<docmur> yes
<sdeziel> docmur: you seem to want to have multiple vhosts all sharing the same public IPv4
<docmur> under the host segment of the HTTP heder
<docmur> yes
<docmur> and doing the routing based on URL
<docmur> I can just buy external IP's, it would be great if I didn't have to
<sdeziel> docmur: in that case, I'd recommend having a reverse proxy (apt-get install nginx) and then use it to do the vhost routing
<docmur> That might be more difficult and complicated then buying the external IPs, so that might be a better option in the end
<sdeziel> docmur: with a reverse proxy in place, you could redirect 1.1.1.1:80 and 1.1.1.1:443 to the reverse proxy itself. It would then be able to route the request based on the requested vhost
<docmur> Ya, I know how the reverse proxy works, but when I think of it that way, I'm better off getting the external IP's
<sdeziel> that works too :)
<RoyK> Seems crashplan is pulling the plug on large volume backup users, with various excuses for moving away from home users and over to small business, but again, all existing backups > 5TB will be removed and a new one has to be completed (for "technical" reasons). Anyone that knows a good cloud backup provider that allows 10ish TB without it costing a fortune?
<ikonia> not really on topic for this channel RoyK maybe #ubuntu-offtopic ?
<RoyK> possibly
<gunix> ok so does pacemaker seem only to me like a big overkill?
<dpb1> RoyK: I'm moving my "home" servers to something.  still investigating what
<dpb1> for anything production, I wouldn't have been using crashplan home
<RoyK> well, I've had crashplan as a backup of backups, to put it that way
<dpb1> RoyK: same here
<dpb1> RoyK: what did you do to centralize your backups
<dpb1> ("stage 1" as it were)
<RoyK> nextcloud and bareos
<madLyfe> ok lordievader, what is mod probing?
<ahasenack> nacc: http://pastebin.ubuntu.com/25377810/ I'm doing deconstruct (first old/debian rebase), and did that changelog line about adding apparmor
<ahasenack> nacc: is it ok to decompose that into the second bit in that pastebin, where I detail all that is involved in adding the apparmor profile? And with individual commits?
<ahasenack> or should I do this only later, in another phase
<lordievader> madLyfe: the manual loading of a kernel module/driver.
<madLyfe> what is the key combo to scroll up an a terminal window that has a bunch of output but is waiting for action?
<madLyfe> i did the 'sudo udevadm monitor --environment --udev' and 'sudo dmesg -w' but i didnt get those red errors this time
<madLyfe> well as far as i can tell from what is printed on my viewable screen
<madLyfe> https://usercontent.irccloud-cdn.com/file/dxOQDvj8/irccloudcapture1666365767.jpg
<madLyfe> there is some of the output lordievader
<lordievader> madLyfe: I'm not seeing any mention of the r8153 (or however it was called) module in that output.
<madLyfe> how do you see the rest of the data?
<madLyfe> lsusb still doesnt show it either
<lordievader> Usually something like ctrl (or al) pg up
<lordievader> No without a driver lsusb wont show it.
<madLyfe> oh
<madLyfe> how do i probe it or whatever?
<lordievader> madLyfe: sudo modprobe <driver name>
<madLyfe> the one it had an error on or the one i think should be there?
<madLyfe> cuz it was  r8152
<madLyfe> windows says it was  r8153
<lordievader> Yes the one Linux mentioned.
<madLyfe> did 'sudo modprobe r8152' and it just went to new line
<lordievader> Anything in dmesg?
<madLyfe> https://usercontent.irccloud-cdn.com/file/MvWbMtlx/irccloudcapture1992406357.jpg
<madLyfe> lordievader ya there is something
<madLyfe> hard to get a pic of the output
<lordievader> Or is that old output? Of this morning?
<madLyfe> no i had to shut it off
<madLyfe> that was from just now
<madLyfe> it is plugged in btw
<lordievader> If you run 'sudo lsmod|grep r8152' do you get any output?
<madLyfe> https://usercontent.irccloud-cdn.com/file/juXsdUnf/irccloudcapture55180248.jpg
<madLyfe> ya
<sarnold> madLyfe: shift page-up / shift page-dn usually works
<madLyfe> that doesnt work for the ones that have watched commands on them
<sarnold> hit ^S, do the scrolling, and then when you want the output to resume hit ^Q
<madLyfe> no combo of shift/ctrl/alt with page-up/page-dn work
<madLyfe> what is ^S?
<sarnold> control+S is the XOFF terminal flow control command. Control+Q is the XON terminal flow command.
<madLyfe> that doesnt seem to do anything either
<madLyfe> https://usercontent.irccloud-cdn.com/file/ddx51HuD/irccloudcapture417442551.jpg
<madLyfe> also that, lordievader
<lordievader> madLyfe: This might interest you, you had a different id but it may still be relevant: https://www.spinics.net/lists/linux-usb/msg156635.html
<lordievader> Does `ip l` list any new interface?
<madLyfe> https://usercontent.irccloud-cdn.com/file/QmQRQvmt/irccloudcapture486192748.jpg
<madLyfe> lordievader:
<madLyfe> im not sure what that mailing wants me to do exactly
<lordievader> Wait, that server has no nic?
<lordievader> How?
<madLyfe> well its a blade
<sarnold> woah
<madLyfe> the mez cards removed and i disabled the nics in the bios because im running it out of chassis and open air.
<sarnold> how does it do anything useful without a nic? :)
<sarnold> ah
<nacc> sigh, i think there is an undocumented behavioral change in the new git in 17.10
<madLyfe> im trying to get it ethernet via usb
 * nacc goes and grabs some debdiffs
<lordievader> madLyfe: You have a nic on board and you want to use a usb one? why?
<madLyfe> there are no connections. the only way to get internet from that onboard nic is to have a chassis for the blade. which, i dont.
<madLyfe> but i have a usb port and a front I/O cable port and this usb hub/ethernet adapter.
<lordievader> Right.
<lordievader> I'd take a latop and try a bunch of kernels to see if it the module is updated or something.
<madLyfe> cant i just load onto usb?
<lordievader> If you want to try many kernels it is a better idea to make a dual boot or something.
<lordievader> You might try to do it in a vm, but that  may give its own problems.
<madLyfe> how come i need full kernels? cant i just give it a different driver or something?
<madLyfe> obv doesnt know how it works
<lordievader> Drivers usually ship along with the kernel.
<madLyfe> at that point id almost rather buy another adapter or something
<madLyfe> funny thing is ive been looking and havent really come across anyone saying that anything works out of the box with server.
<madLyfe> i mean, shouldnt i just try the official drivers on the realtek website?
<madLyfe> or am i missing something?
<lordievader> Sure you can try them, if they provide propper instructions
<coreycb> beisner: we're ready to promote pike-staging to pike-proposed
<beisner> ok coreycb on that
<coreycb> beisner: ty!
<madLyfe> lordievader: i dont see any instructions lol
<lordievader> Could you give me a link?
<madLyfe> http://www.realtek.com/downloads/downloadsView.aspx?Langid=1&PNid=56&PFid=56&Level=5&Conn=4&DownTypeID=3&GetDown=false#RTL8153
<lordievader> Oh, it has a makefile: make && sudo make install
<lordievader> Note the second command might overwrite an existing module.
<madLyfe> do i have to have the adapter connected for this to work, if it does work? i only have so many usb ports to work with here.
<hehehe> hi
<hehehe> I wonder what can cause this https://pastebin.com/3xgLxnhJ
<hehehe> https://github.com/opencart/opencart/blob/2.3.x/upload/admin/controller/extension/modification.php
<hehehe> why cant it unlink
<hehehe> and remove..
<sarnold> hehehe: compare namei -l /var/www/html/system/storage/modification/system/library/template/tiwg.php output against the uid / gid of the process that is trying to issue the unlink() syscalls
<hehehe> sarnold: both php and nginx are www-data
<hehehe> and files are root:www-data
<hehehe> and folders also
<hehehe> drwxr-x--- root www-data library
<hehehe> -rw-r----- root www-data tiwg.php
<hehehe> sarnold: why else permission would be denied?
<hehehe> common causes
<hehehe> maybe selinux issue?
<madLyfe> lordievader: so do i load the .bz2 file onto the usb or just the file inside?
<lordievader> madLyfe: You extract it, build it and install it ;)
<sarnold> hehehe: in order to delete those files the process would need to be running as root. is it?
<madLyfe> "To compile a driver from source code requires the packages linux-headers and build-essential and all their dependencies. They would be very difficult to download and install without an internet connection."
<sarnold> madLyfe: heh, very true :/
<hehehe> sarnold: all files are chown to root:www-data
<hehehe> since user www-data is in www-data group
<hehehe> he should be able to delete?
<sarnold> hehehe: drwxr-x--
<hehehe> whats that in numbers?
<hehehe> 750/
<hehehe> ?
<sarnold> interesting I wonder why double-click didn't select the whole thing :(
<hehehe> i use 640 on files
<hehehe> so group can only read...
<hehehe> 750 on dirs
<hehehe> read and write
<madLyfe> sarnold: so im SOL?
<sarnold> madLyfe: maybe; it certainly complicates testing a new module from realtek.
<sarnold> madLyfe: what release are you using? maybe a newer release or HWE kernel would have newer modules
<madLyfe> whatever the newest iso is.
<madLyfe> got it last week
<madLyfe> 4.4 is the kernel
<madLyfe> doesnt have the 4.10 kernel for some reason
<hehehe> sarnold: Warning: fclose() expects parameter 1 to be resource, boolean given in /var/www/html/system/library/log.php on line 14Warning: fclose() expects parameter 1 to be resource, boolean given in /var/www/html/system/library/log.php on line 14 new error
<hehehe> hehe
<hehehe> previous was fixed via -R 770 :)
<nacc> madLyfe: server or desktop image?
<madLyfe> server
<nacc> madLyfe: the 16.04.3 desktop image should have the 4.10 kernel on it, i believe
<nacc> madLyfe: ah, then it will have the 4.4 kernel, yes
<nacc> madLyfe: i would try the live usb of the desktop image
<madLyfe> not sure what that means
<nacc> madLyfe: what which means?
<madLyfe> try the live usb of the desktop image
<sarnold> I thought the server images had both to choose from?
<nacc> sarnold: i would need to double-check with a live install, but the way it seems to work is the newest server images use the base kernel
<nacc> sarnold: and the newest desktop images use the hwe kernel
<madLyfe> i upgraded my other server images to 4.10 but that needed internet.
<nacc> sarnold: it's yet-another-difference we've seen in #ubuntu
<nacc> madLyfe: boot the desktop installer (it's a live usb)
<gunix> can you use ubuntu MAAS to deploy ANY type of server? like create a custom ubuntu desktop setup, and deploy it to 10 physical servers?
<nacc> madLyfe: don't install it, just see if it works
<madLyfe> see if the adapter work on that you mean?
<nacc> madLyfe: yes
<nacc> madLyfe: and/or, get the appropriate kernel packages on a different machine and copy them via usb or something
<madLyfe> nacc: which is the live usb though?
<madLyfe> or is it just the normal download?
<hehehe> sarnold: lol you dislike php/
<hehehe> ?
<hehehe> i got an idea to clone open cart in bubbl
<hehehe> bubble :)
<hehehe> 0 php madness
<beisner> ok coreycb - pike --> proposed sync is complete
<coreycb> beisner: excellent
<madLyfe> nacc: waiting for it to boot now
<madLyfe> ok im in
<madLyfe> now to test. i dont have a mouse.
<madLyfe> lol
<madLyfe> it is not showing up under network connections
<madLyfe> https://usercontent.irccloud-cdn.com/file/DKn9SF5s/irccloudcapture1745731693.jpg
<madLyfe> nacc: not sure where else to check
<BrazierCustoms> stokachu it also breaks kubernets core with the cannot retrieve charm. (the you need to do this fix)
<nacc> madLyfe: i suppose that's what i'd have looked for. You can make sure it is the right kernel from a terminal (`uname -r`) and see if `dmesg` indicates anything is trying to use the wireless device
<madLyfe> screen went to sleep and now i cant bring it back up lol
<madLyfe> how do you get to a terminal?
<nacc> madLyfe: hrm, ctrl+alt+t ?
<nacc> madLyfe: or from the dash -> terminal
<madLyfe> you going to be around later? i need a break.
<madLyfe> if not, thanks for the help!
<nacc> madLyfe: yeah, i'm here normally
<nacc> rbasak: fyi, https://marc.info/?l=git&m=150351922132158&w=2 means that currently the importer can't be used on artful (well, it will fail when `gbp import-orig` is called)
<nacc> rbasak: i'm going to try and rebuild the snap under zesty so the import-cron continues
<madLyfe> nacc: not sure if it matters but it's not a wireless device. it's just a USB hub with Ethernet.
<rbasak> nacc: nice job tracking that down!
<madLyfe> if I use a laptop for live boot USB will Ubuntu recognize it's wireless/track pad?
<madLyfe> it's a pretty old Sony one. I guess a have a old Dell laptop as well.
<nacc> rbasak: yeah, it was almost immediate failure in the importer when git rolled out (and the snap was rebuilt) to artful. I think my reasoning is sane, but reading some of the git-ML discussions about branch renames is crazy :)
<nacc> madLyfe: oh sorry, i assumed wifi
<rbasak> nacc: btw, technically there's no such thing as Ubuntu 17.10. It has a codename only until it's named at release. If the release is delayed (eg. 6.06), then the presumed name would be wrong.
<nacc> rbasak: oh interesting, didn't realize that
<nacc> rbasak: will amend future e-mails :)
<stokachu> BrazierCustoms: sudo snap refresh conjure-up --edge
<stokachu> Just pushed some updates
<BrazierCustoms> ooooooooow
<stokachu> Still work to do but it now relies on lxd snap
<stokachu> Oh, and sudo snap refresh lxd --candidate
<stokachu> It needs 2.17
<BrazierCustoms> oh.. so will I still have host issue?
<BrazierCustoms> stokachu,  sudo snap refresh lxd --candidate
<BrazierCustoms> error: cannot refresh "lxd": cannot find snap "lxd"
<BrazierCustoms> install?
<hehehe> folks
<BrazierCustoms> stokachu do I need to install and possibly remove the apt default?
<hehehe> do you have some ideas for new cool foss software?
<hehehe> or even enthusiasm to do current job well :)
<hehehe> where is the vigor the drive of linux>
<hehehe> lol
<nacc> hehehe: seems like a topic for #linux or any number of other channels
<hehehe> including this  one :)
<hehehe> or this one dont suppose to have any vigor? :P
<hehehe> ubuntu is most popular distro
<BrazierCustoms> hehehe I like ubuntu because I started out with debian :P
<BrazierCustoms> I got stuck as admin to a vservers machine lol
<hehehe> i have used various distros and find Ubuntu top notch
<stokachu> BrazierCustoms: sudo snap install lxd --candidate
<stokachu> BrazierCustoms: if you aren't using the apt one remove those
<stokachu> sudo apt remove lxd lxd-client
<BrazierCustoms> hehehe while repairing automation, robotics, and CNC.  I also ended up writing tracking software to track repair jobs for the company i was working for.
<BrazierCustoms> stokachu, oh thank electrons, thats what I have already done :P
<BrazierCustoms> stokachu, however something is fishy.. if I do lxd --version I get -bash: /usr/bin/lxd: No such file or directory
<sarnold> hehehe: yeah, I can't stand php. it encourages unsafe programming practices. maybe php7 is less crazy than previous php releases but nearly everything that's written in php is crap.
<stokachu> BrazierCustoms: hash -r
<stokachu> If that fails make sure /snap/bin is in your path
<sarnold> BrazierCustoms: 'hash -r'
<sarnold> hah
<hehehe> sarnold: emotions imo should be put aside sometimes
<sarnold> thats what I get for having to check the manpage first..
<hehehe> php may encourage whatever - however many cool apps are in it
<hehehe> sarnold: plus I nearly made new programming language
<hehehe> compiler apart lol
<hehehe> in my view all 1.0 programming language are about same
<BrazierCustoms> stokachu, that fixed it :)
<BrazierCustoms> the lxd issue anyway
<hehehe> i just saw
<hehehe> You have no errors, how cool is that!
<hehehe> lol
<hehehe> sarnold: have you every wrote a compiler?
<hehehe> for any lanuage
<sarnold> hehehe: "sort of"; twenty years ago I wrote a toy compiler for a toy language that ran on a toy VM
<hehehe> nice
<hehehe> how to you translate AST into machine code?
<hehehe> so say parser - ast - machine code lol
<sarnold> for every node, issue commands to load or store arguments from registers or spill space; once the arguments are in place, issue the command opcode
<BrazierCustoms> stokachu, I get to "choose one or more additional items to add to your cloud and its blank. I continue and its "where would you like to deploy" but I have no highlighted item unless I hit tab then it highlights "quit" tab again and nothing is highlited..... :(
<BrazierCustoms> localhost is listed, but I cant highlight it
<hehehe> https://www.amazon.com/dp/0471976970/?tag=stackoverfl08-20
<hehehe> 2.69$$$
<hehehe> thats cheap
<sarnold> wow that's -really- cheap
<hehehe> hehe
<hehehe> sarnold: so maybe its wise to use LLVM?
<sarnold> hehehe: yes, llvm has a huge amount of infrastructure already existing
<BrazierCustoms> stokachu, HA aparently I can still select it with my mouse :D
<hehehe> sarnold: https://gnuu.org/2009/09/18/writing-your-own-toy-compiler/
<hehehe> :)))
<sarnold> hehehe: wow that looks like a fantastic introduction. llvm 2.6 is ancient by now :/ but hopefully a lot that's there is still good.
<hehehe> :)
<BrazierCustoms> if you have played with c, c++, and basic (on commodore64) and some machine code (on an old industrial processors) what would be best to dip in next? hehehe / sarnold?
<hehehe> BrazierCustoms: well you can help me to figure out which mistake of mine or a module developer botched 1 OC module implementation :P
<hehehe> or whatever you like to do
<sarnold> BrazierCustoms: I've really loved learning about rust; it's got an enormously powerful type system that prevents many classes of bugs entirely; it feels both like a very-high-level language and low-level language all at once. The learning curve is a bit steep but it's incredibly powerful once you're familiar with the borrow checker.
<hehehe> I simply feel driven to make simple programming language for myself :)
<BrazierCustoms> stokachu, I got same issue I got when I patched the neutron.sh file last night.. failed to get charm
<sarnold> hehehe: you may wish to consider writing a forth interpreter as a starting point; I've heard it is a pleasant enough language to write a little interpreter for
<BrazierCustoms> hehehe, I could try lol
<BrazierCustoms> sarnold, rust? never heard of it..  any think well known its used in?
<hehehe> when as teenaged I read Napoleon Hill accounts of a power of group mind I did believe it however now I also experience the effects of it more
<hehehe> group mind can be really powerful
<hehehe> or what people call brain storming
<BrazierCustoms> sarnold, I dont know why but I always avoided forth
<sarnold> BrazierCustoms: mozilla, dropbox, parity, red hat's stratis project..
<hehehe> sarnold: I sense the best learning experience for me would be write compiler for simple
<hehehe> the language I made making
<hehehe> and start using it :)
<hehehe> then i can see more
<sarnold> BrazierCustoms: forth's not -really- popular, I'm not surprised. I always heard the hp48 language was sort of like forth, so I've had a soft spot for forth as a result :) but never learned it enough to use it myself
<hehehe> sarnold: and that book we talked about -anatomy of programming languages
<hehehe> was also cool
<hehehe> explained stuff well
<sarnold> nice
<BrazierCustoms> sarnold, dropbox and mozilla wow..
<hehehe> and writer listed her work and personal emai
<hehehe> to contact her if wanted :)
<BrazierCustoms> i use dropbox
<hehehe> *email
<hehehe> westorefiles.com sounds nice
<hehehe> storify :)
<hehehe> struber
<hehehe> BrazierCustoms: yes as to open cart for some reason 1 module yet to work, I wrote develop to see if he can assist, and another module - I paid for it and go 0
<hehehe> may do paypal dispute lol
<hehehe> however apart of that all works
<hehehe> http://www.parrot.org/
<stokachu> BrazierCustoms: you got a screenshot of the view where you couldnt move forward with the keyboard?
<stokachu> BrazierCustoms: the failed to get charm is something else not related to neutron
<BrazierCustoms> stokachu, the failed to get charm did not start back until i did your "you need to do this git" link
<BrazierCustoms> stokachu, and continued though your "refresh --edge"
<stokachu> BrazierCustoms: thats after you get an openstack stood up
<BrazierCustoms> stokachu, I didnt understand that last sentence
<BrazierCustoms> stood up?
<stokachu> BrazierCustoms: you are running neutron commands but are talking about charms not being downloaded
<stokachu> so those are 2 different things
<BrazierCustoms> stokachu, I dont have screenshot..  also I am not running any commands, except conjure-up. it fails at failed to get charms
<BrazierCustoms> just like it did last night after your "do this" patch
<stokachu> BrazierCustoms: ok can you `pastebinit ~/.cache/conjure-up/conjure-up.log`
<stokachu> and `juju status --format yaml|pastebinit`
<BrazierCustoms> stokachu, sure
<BrazierCustoms> stokachu,  pastebinit ~/.cache/conjure-up/conjure-up.log
<BrazierCustoms> http://paste.ubuntu.com/25379453/
<BrazierCustoms> stokachu, on the secode one, I alredy destroyed the unusable controller.. shoud I do it again?
<BrazierCustoms> stokachu, second*, should*
<BrazierCustoms> stokachu our timings are terrible lol, I need to leave soon
<hehehe> :)
<hehehe> wtf
<BrazierCustoms> bu tI will answer what I can from mobile lol
<BrazierCustoms> hehehe stop watching me hehe :P
<hehehe> well I also wrote a new language sample syntax
<hehehe> :)
<BrazierCustoms> hehehe I am currently on vacation, not vacationing lol
<hehehe> then why do u use irc
<hehehe> it means u love it
<hehehe> so just stay here lol
<stokachu> yea im not sure why it's failing to download those charms
<stokachu> BrazierCustoms: can you `juju controllers|pastebinit`
<BrazierCustoms> i do love it, and i will stay here but.. i will be less availible.. androidirc lol
<stokachu> BrazierCustoms: ok ping me when you get back to a machine
<BrazierCustoms> stokachu, there are no controllers now
<BrazierCustoms> ERROR No controllers registered
<stokachu> BrazierCustoms: do `rm -rf ~/.local/share/juju`
<stokachu> and start again with conjure-up
<BrazierCustoms> otw :)
<BrazierCustoms> still had to use mouse (note I'm on remote ssh terminal) but deploy 14 instead of 15?
<BrazierCustoms> stokachu ^^ and bootstrapping juju now
<BrazierCustoms> (before I leave lol)
<Epx998> Whats the generic intel controller sas/scsi driver?
<BrazierCustoms> stokachu, if this fails, when I get back home (tomorrow afternoon) Would access to this machine be benificial to you?
<stokachu> BrazierCustoms: yea if you can get me that
<stokachu> i can look into it
<BrazierCustoms> stokachu, it failed @ get charm.  pastebinit ~/.cache/conjure-up/conjure-up.log
<BrazierCustoms> http://paste.ubuntu.com/25379540/
<stokachu> you're getting a bunch of timeouts to the charmstore
<BrazierCustoms> juju controllers | pastebinit
<BrazierCustoms> http://paste.ubuntu.com/25379544/
<stokachu> https://www.irccloud.com/pastebin/yRw8vSCQ/
<BrazierCustoms> stokachu, whats that?
<stokachu> BrazierCustoms: failure in networking
<BrazierCustoms> why?
<stokachu> BrazierCustoms: not sure
<stokachu> BrazierCustoms: try this `juju bootstrap localhost lxd-test`
<stokachu> then try `juju deploy ghost`
<stokachu> if that fails then it's not a conjure-up issue and probably not a juju problem since it is failing to query the charmstore
<stokachu> so if you are behind a firewall then you could see this issue
<stokachu> are you behind anything like that?
<BrazierCustoms> stokachu, ok but before. I can boootstrap a juju controller, but I couldnt destroy it I had to unregister.
<stokachu> BrazierCustoms: unregister?
<hehehe> Request timed out
<hehehe> hehe
<stokachu> BrazierCustoms: you usually only register to jaas controller
<BrazierCustoms> stokachu, controller failed at destroy
<BrazierCustoms> so to get off list unregister
<BrazierCustoms> ?
<hehehe> does it have privileges needed to destroy?
<BrazierCustoms> so when I conjure-up there wasnt a bunch of controllers listed
<stokachu> right they all got cleared out
<stokachu> are you behind a firewall?
<BrazierCustoms> firewall on machine is disabled, i am behind a reouter to the ouside web
<BrazierCustoms> 192.168.1.1 gateway
<stokachu> BrazierCustoms: ok can you try the juju commands i posted
<BrazierCustoms> ok
<stokachu> `juju bootstrap localhost lxd-test` and `juju deploy ghost`
<BrazierCustoms> stokachu, its in process, but last time I tried it all worked except when I tried to destroy, it would not communicate with the ip
<BrazierCustoms> currently "Attempting to connect to 10.159.211.91:22"
<BrazierCustoms> no, get error, 1 sec i will post
<BrazierCustoms> stokachu, ERROR storing charm for URL "cs:ghost-20": cannot retrieve charm "cs:ghost-20": cannot get archive
<BrazierCustoms> Get https://api.jujucharms.com/charmstore/v5/ghost-20/archive?channel=stable: dial tcp: lookup api
<BrazierCustoms> ujucharms.com on 10.159.211.1:53: read udp 10.159.211.91:46302->10.159.211.1:53: i/o timeout
<BrazierCustoms> sorry tried t pastebinit but got empty file error
<BrazierCustoms> stokachu, is it a typo what is ujujucharms.com
<BrazierCustoms> "ookup api ujucharms.com"
<BrazierCustoms> lol "lookup api ujucharms.com"
<stokachu> yea you got some network issues going on
<BrazierCustoms> mine or conjures
<BrazierCustoms> stokachu, ^^
<stokachu> yours, we're just trying to access that url
<stokachu> BrazierCustoms: what does lxc list show?
<BrazierCustoms> but i can juju ssh # and google.com
<BrazierCustoms> stokachu, Connection refused; is LXD running?
<stokachu> what does `which lxc` show
<BrazierCustoms> stokachu, /usr/bin/lxc
<stokachu> BrazierCustoms: ok did you `sudo apt remote lxd lxd-client` like before?
<BrazierCustoms> stokachu, yes
<stokachu> sudo apt remove lxd lxd-client
<stokachu> BrazierCustoms: what does `dpkg -l lxd` show
<BrazierCustoms> then i removed the snap version and reinstalled
<BrazierCustoms> stokachu, dpkg -l lxd | pastebinit
<BrazierCustoms> http://paste.ubuntu.com/25379651/
<stokachu> BrazierCustoms: what about `dpkg -l lxd-client`
<BrazierCustoms> stokachu, going mobile \may be way less avail
<stokachu> k we can talk tom
<BrazierCustoms> stokachu,  dpkg -l lxd-client | pastebinit
<BrazierCustoms> http://paste.ubuntu.com/25379654/
<stokachu> ok you didnt actually remove lxd-client it looks like
<BrazierCustoms> leaving this for log, stokachu I apt-get purgeed lxd
<stokachu> you need to do both lxd and lxd-client
<BrazierCustoms> shart
<BrazierCustoms> stokachu, purged client, and restarts
<BrazierCustoms> ant?
<BrazierCustoms> any?
<BrazierCustoms> tell braziercustoms-m
#ubuntu-server 2017-08-24
<hehehe> folks - I have poked more into open cart, there is a file and xml file in /system folded with changes required... usually oc backend would detect it and implement
<hehehe> but now for some reason its yet to happen
<nacc> rbasak: whew, rebased my branch now, and it's split, need to go back and clean it up quite a bit. Are you ok with me landing preparatory commits (such as new, as yet unused APIs) -- or at least maybe we can review all of those tomorrow?
<madLyfe> nacc: ok im back and it looks like my laptop sees the realtek usb ethernet device under live usb desktop
<madLyfe> and the usb ports work on it
<madLyfe> wow. thats crazy how everything just works on an old as shit laptop
<madLyfe> im impressed lol
<madLyfe> been a while since ive tried nix desktop
<sarnold> that's kidn of the way things go in linux land, after a machine is old enogh to think about retiring it, it mostly works okay. except that it's underpowered enough you're thinking about retiring it...
<madLyfe> so you couldnt get a 2017 laptop and everything just works?
<sarnold> hard to tell :( once upon a time intel was pretty good at video drivers and nic drivers and if you stuck to intel hardware for both you'd be alright. I'm not sure that's still true. :(
<madLyfe> so this usb adapter makes an attached usb in the hub heat up pretty good.
<madLyfe> doesnt seem to do the same when plugged into my pc
<hehehe> it should work
<hehehe> thats the idea of linux - ease of use
<madLyfe> lel, you serial?
<hehehe> y4es
<hehehe> it must be so
<hehehe> I agree with Linus
<hehehe> if disto does not work out of box tafa
<hehehe> tada
<madLyfe> nacc: so how should i pull the stuff needed from this live usb?
<braziercustoms-m> Stokachu anything? My signals been in And out.
<sarnold> braziercustoms-m: you missed nothing while you were gone
<madLyfe> except my moaning.
<sarnold> hehe
<braziercustoms-m> Sarnold of course lol
<braziercustoms-m> Madlyfe I been moaning a bit too lol
<madLyfe> i have a usb hub/ethernet adapter that doesnt work on server, but works fine on desktop live usb. need to make it work on server
<stokachu> braziercustoms-m: so you purged lxd and lxd-client, and have `snap install lxd --candidate`? so snap list shows lxd 2.17?
<braziercustoms-m> Yes
<stokachu> what does `lxc list` show
<madLyfe> nacc: you there?
<BrazierCustoms> stokachu, lxc list | pastebinit
<BrazierCustoms> http://paste.ubuntu.com/25380240/
<stokachu> BrazierCustoms: so did it work?
<BrazierCustoms> stokachu, no i got the juju get charm error during conjure-up
<BrazierCustoms> stokachu, I got running machines but thats all they are doing, no services
<stokachu> yea not really sure, juju by itself shows the same problem so it's not tied to just conjure-up
<BrazierCustoms> stokachu, juju status | pastebinit
<BrazierCustoms> http://paste.ubuntu.com/25380418/
<BrazierCustoms> nothing listed
<stokachu> right b/c juju can't resolve jujucharms.com to get the charms
<BrazierCustoms> stokachu, but why, if i ssh into machine zero I can resolve stuf like google
<BrazierCustoms> wait maybe not with this setup
<stokachu> i gotta go, if youre around during the day tomorrow ping me and see if i can get remote access to look at it
<BrazierCustoms> stokachu, ok. I will be on the road most of tomorrow, it will be later afternoon unless I can set you up on the way.
<BrazierCustoms> thanks
<BrazierCustoms> "<stokachu> yea not really sure, juju by itself shows the same problem so it's not tied to just conjure-up" it may be notable that though I had seen this problem before, it went away until I did the neutron.sh fix you told me to do.
<BrazierCustoms> then it persist through the --edge refresh we did today (which I assume inluded the neutron.sh change?)
<BrazierCustoms> also noteable when I realized to juju switch back to the conjure-up controller from the lxd-test we created, I can juju ssh 0 and dig google.com and get an answer, also can dig jujucharms.com and get answer.
<BrazierCustoms> stokachu, I can also 'juju ssh 12' and get the file on machine 12 (lxd-12) by downloading it via wget. I did notice that the IP address listed in the log file "read udp 10.159.211.197:53743->10.159.211.1:53: i/o timeout" 10.159.211.197 does not appear to exist.
<madLyfe> lordievader: you around?
<lordievader> Barely woken up....
<madLyfe> wakey wakey eggs n bakey!
<cpaelzer> good morning
<lordievader> Time for coffee
<cpaelzer> lordievader: the time for coffee is never
<cpaelzer> but I'll share a tee
<lordievader> cpaelzer: :)
<cpaelzer> rbasak: are you looking into squid for ahasenack already ?
<cpaelzer> rbasak: or the percona sponsoring request?
<cpaelzer> (want to avoid to do the same)
<rizonz> hi guys
<rizonz> is the distro time always UTC ?
<rizonz> without a timezone
<hehehe> hi
<hehehe> some weird stuff goes on
<hehehe> traceroute cnn.com dont show any ips apart local gateway yet I can connect to it
<hehehe> how come lol
<hehehe> seems router is a bit %%%
<hehehe> lol
<TafThorne> rizonz: Do you mean the default timezone at installation or something else?
<xnox> cpaelzer, any idea why openvswitch is failing on i386?
<xnox> http://autopkgtest.ubuntu.com/packages/o/openvswitch/artful/i386 ?
 * xnox cannot migrate kmod =(
 * xnox is sad
<xnox> or jamespage
<TafThorne> hehehe: traceroute is probably not showing what you think it will.  What it is telling you is the number of devices that will respond to ping along its route.  As a lot of gateways and routeers will not respond to ping, but edge devices like servers will, you often get lots of blanks in the middle.  That does not mean there is not at least one good route to your target, just that you cannot inspect the route.
<TafThorne> hehehe: The way traceroute works is to send a series of pings with increases Time To Live values.  Each time a packet passes through a certain set of devices (I think it is just IP routers, not switches, hubs, gateways or firewalls) they are meant to decriment the Time To Live field in the packet.  When the number reaches 0 they thrown it away.   The idea is that you can find out your nearest routers by pinging with a TTL of 1 or limit broadcast 
<hehehe> i see
<TafThorne> hehehe: At least is what I remember from lectures many moons ago.
<hehehe> TafThorne: however now that I switched to smartphone wifi hotspot I can reach paypal
<hehehe> so maybe router got powned?
<hehehe> i wonder
<hateball> hehehe: can you ping 8.8.8.8 from your usual gateway?
<hateball> maybe it is just DNS being wonky
<hehehe> hateball: could be
<hehehe> in fact yes could be that
<hehehe> since I can resolve all sites but paypal nope
<hehehe> lol
<xnox> also there is cacti failing http://people.canonical.com/~ubuntu-archive/proposed-migration/update_excuses.html#net-snmp
<xnox> oooh maybe it passed now \o/ http://autopkgtest.ubuntu.com/packages/c/cacti/artful/armhf
<cpaelzer> xnox: takein a look, but jamespage isn't here atm afaik
<cpaelzer> I can only say that I'm soon gonna be blocked by the same, as I have a dpdk fix waiting for just this test in the queue as the remaining dep8
<cpaelzer> xnox: no nothing in there rings a bell
<cpaelzer> there are plenty of erros, but not fails listed on autopkgtest
<cpaelzer> did you abort the tests or anything like it xnox?
<cpaelzer> otherwise I'd almost assume a broken instance - all the timeouts on different places after just a few minutes into the test
<cpaelzer> xnox: if you look at bug 1630940 and bug 1630578 it might be the test infra is crashing - that was the only mention of the same error I could find
<ubottu> bug 1630940 in linux (Ubuntu) "linux 4.4.0-41.61 ADT test failure with linux 4.4.0-41.61" [Undecided,Expired] https://launchpad.net/bugs/1630940
<ubottu> bug 1630578 in autopkgtest (Ubuntu) "broken kernel causes eternal test retry loop" [Undecided,Fix committed] https://launchpad.net/bugs/1630578
<cpaelzer> it seems to hang on the vanilla test at "*** Stopping 2 switches" just as it seems in the infra when I run it locally
<cpaelzer> need to attach a few extras to that qemu to see if I can get anything out xnox
<cpaelzer> xnox: yeah kernel panic
<cpaelzer> I'm connected to the monitor with a hanging VM, trying to save a valid dump from here
<cpaelzer> will ping you once I have a good bug report on it so you can subscribe
<cpaelzer> kmod sounds so related to kernel crashes :-)
<cpaelzer> what was the update xnox?
<xnox> cpaelzer, of kmod? just dropping upstart system djobs
<cpaelzer> hmm, tht shouldn#t be it - I agree
<cpaelzer> I'll still ping you once I have a bug with all data in one place
<pngl> Hello! The /boot partition on my server is full. I'm in rescue mode, trying to resize it to 310MB with parted, but I get: "The location 310 is outside of the device /dev/sda1"
<ogra_> just call "apt autoremove" that should remove old unused kernels
<ogra_> (and free up space in /boot)
<pngl> ogra_: this fails with "no space left on device"
<ogra_> autoremove fails ?
<pngl> ogra_: hang on I may have only tried purge. let me give it a shot.
<ogra_> (it doesnt write anything to /boot, only removes files there)
<pngl> During autoremove I get: "update-initramfs: Generating /boot/initrd.img-4.8.0-59-generic", then: "gzip: stdout: No space left on device". It tries to set up many kernel versions before eventually failing.
<pngl> ogra_: ^
<ogra_> you can also cheat and manually remove older intird's if you are sure you are not using them
<ogra_> (they will be rmoved anyway by autoremove)
<pngl> ogra_: I've done that, but still not enough space left :/
<ogra_> huh ?
<ogra_> are you sure it is referring to /boot at all ?
<ogra_> df -h /booot
<ogra_> err
<ogra_> df -h /boot
<pngl> ogra_: so boot has about 22MB left now.
<pngl> pngl: I have 3 kernel images left, but I don't know which I can safely remove (they all try to be "set up" during autoremove)
<pngl> ogra_: ^
<ogra_> well, technically you only need the kernel you are running
<ogra_> practically there might be another one you just upgraded to
<pngl> ogra_: ok i'll try remove the others
<cpaelzer> xnox: what I have so far is in bug 1712831
<ubottu> bug 1712831 in linux (Ubuntu) "4.12.0-11-generic - crashing in infrastructure on i386 openvswitch tests" [Undecided,New] https://launchpad.net/bugs/1712831
<cpaelzer> and as expected it now also blocks my migration
<cpaelzer> I wonder what is different to last time, comparing logs ...
<pngl> ogra_: ok, looks like it worked :)
<pngl> ogra_: thanks!
<ogra_> :)
<znf> Hello
<znf> I'm having a weird issue with dhcplient on ubuntu 16.04 - https://hastebin.com/umevakinak.nginx
<znf> it doesn't want to fix a lease, for some reasons, I've no idea why
<znf> other devices get their leases from the same router without issues
<znf> I figured
<znf> Nevermind
<yeeve> trying to install elasticsearch from https://www.elastic.co/guide/en/elasticsearch/reference/current/deb.html. Apt shows version 1.7.5-1 but I can't find what ElasticSearch version that is. (It's 5.5 currently on their website)
<yeeve> Hmm, tempted to just download the .deb file :)
<rizonz> TafThorne: yes
<TafThorne> rizonz: I  had forgotten my question.
<TafThorne> rizonz: Found it.  I had said "Do you mean the default timezone at installation or something else?"  Well I think it is +00:00 until you setup a local that is anything else.  I cannot say that with any emphatic knowledge though.  I just happen to live at +00:00 so it might be locating that for me every time.
<rizonz> TafThorne: damn you are lucky :)
<rizonz> TafThorne: it links the timezone so the system will run UTF I suppose
<TafThorne> You would think but sometimes we get very odd behaviours when we are in BST and the USA or elsewhere has yet to enter DST of some kind.
<TafThorne> rizonz: Being British Summer Time and Daylight Savings Time.
<rizonz> TafThorne: true because you are going into the past
<madLyfe> nacc: you about?
<nacc> madLyfe: yep
<madLyfe> so i was able to get the adapter working on the laptop
<madLyfe> when using it on the blade i was able to boot to the live usb via the SUV/IO cable and have internet via the usb adapter on the internal usb, but when i tried to boot the live usb on the adapter from the internal usb it wouldnt work.
<madLyfe> not sure if that makes sense
<nacc> madLyfe: trying to parse :)
<nacc> madLyfe: maybe describe your hw again, as i lack context
<madLyfe> i will send a picture here in a sec. makes it much clearer the level of ghetto im dealing with
<nacc> madLyfe: ok :)
<madLyfe> https://usercontent.irccloud-cdn.com/file/uvzdYXgZ/irccloudcapture1256683132.jpg
<madLyfe> blade server out of chassis
<nacc> lol
<nacc> ok, so what are the internet connections?
<nacc> internal USB  -> ethernet and a USB dongle -> ethernet?
<madLyfe> ya
<nacc> and basically the latter never works?
<madLyfe> so i have access to internal USB and the HP SUV/IO maintenance cable coming out the front that you can see.
<madLyfe> i want to get it all to run off the internal USB
<madLyfe> i talked to HPE support and he said you couldnt boot off the internal USB but thats not correct
<madLyfe> if i run just a USB key off it i can boot anything
<madLyfe> what is funny is that if i boot the live USB from the internal USB and have the HUB adapter run off the IO cable USB for internet then i couldnt get it to work. well i only tried once.
<madLyfe> but i dont want that config anyways
<nacc> madLyfe: so when you boot from the live usb on the internal, you don't have internet? but it does boot?
<madLyfe> so right now i have the live usb attached to the adapter and internet plugged into the internal usb. but i cant get it to boot, says 'non -system disk or disk error'
<nacc> madLyfe: sounds like an unsupported config :)
<madLyfe> if i take the live usb and put it on the front IO cables USB then i can boot to it and when it loads i will have internet from the adapter that is still plugged into the internal USB
<madLyfe> and i can also put another usb key on that hub and is recognized
<madLyfe> so that internal usb port does work for internet and usb storage but like not till its booted up(when using the adapter)
<madLyfe> so im not sure if its the adapters fault i cant boot from it?
<madLyfe> hmm that doesnt make any sense. how can i use the usb hub adapter from the internal USB port when i boot live USB from external port but not when i try to boot from the internal port w USB hub connected, exclusively?
<madLyfe> so the port works for those functions, just not from boot?
<nacc> madLyfe: certainly possible that's it's not a bootable port
<madLyfe> but if i plug the usb live key or server iso key into it exclusively and bypass the adapter it boots fine to those.
<madLyfe> thats why im confused
<madLyfe> it would make sense if it just didnt boot to anything at all
<madLyfe> nacc: found this in the manual: http://i.imgur.com/k7o8G4u.png wonder if it means anything? i know i switched it from legacy to standard usb 2.0 support. not sure if that matters
<BrazierCustoms1> stokachu, I thin I ive got it set up for your access. just to be sure I refreshed and tried again this morning. still failed
<stokachu> BrazierCustoms1: how do i get to it?
<BrazierCustoms1> i need to give you a key and the link
<stokachu> BrazierCustoms1: you can import my ssh key
<stokachu> BrazierCustoms1: ssh-import-id adam-stokes
<BrazierCustoms1> will you do me a favor and script your session so I can see commands you used for future reference?
<stokachu> sure
<BrazierCustoms1> ok, imported
<BrazierCustoms1> I had created one for you, didnt know I could just import :P
<nacc> madLyfe: in my experience, you usually want legacy
<nacc> madLyfe: but i really don't know
<madLyfe> actually in the bios it doesnt let me choose between the two. actually it allows be to turn off legacy and turn on/off standard 2.0.
<madLyfe> hmm now i cant get it to use the adapter in any way
<nacc> madLyfe: :/
<madLyfe> what can i get away with for SD card as the OS drive for server?
<nacc> rbasak: fyi, master in zesty does work again (the git regression) -- so the snap is good. Just an fyi if testing on artful until i'm able to land the fix for git
<rbasak> OK, thanks
<madLyfe> like how good of a microSD card do you need to run ubuntu server on it?
<madLyfe> also, does the live usb(desktop) reset itself every time? cuz i initially used it on my laptop with wireless internet and when i boot with it on another computer it still shows the wireless part up at the top though obv not connected
<madLyfe> not sure how to reset it
<ahasenack> I have this excerpt of a d/rules file: http://pastebin.ubuntu.com/25384178/
<sarnold> madLyfe: be sure to disable nearly everything that logs, syncs logs, etc. don't use it for write-heavy uses. I killed an SD card in a pandaboard; there were months of increasingly worse segfaults, sigbusses, etc.
<ahasenack> I'm trying to add -Wno-error=deprecated -Wno-error=format=truncation to the build flags
<ahasenack> but it just doesn't show up
<sarnold> madLyfe: the second SD cardhas lasted for years. I no longer torrent on that box :)
<ahasenack> I tried in DEB_CFLAGS_MAINT_APPEND before, but this is a g++ build
<ahasenack> any hints?
<madLyfe> thanks sarnold. its a box for mining crypto so it should be good. my other servers are using sandisk ultra flair USBs.
<BrazierCustoms2> sarnold, it depends on the quality of the sdcard. I got a raspi running motion for security cam and it fills with loggs all the time and its been running for 3 years now
<madLyfe> is the default network icon in ubuntu desktop the universal wireless icon?
<sarnold> BrazierCustoms2: .. and it's not toast yet??
<BrazierCustoms2> no, running smooth
<sarnold> BrazierCustoms2: I thoguht I had bought a nice card :)
<BrazierCustoms2> sarnold I actually have anotherone that grabs files thru vpn and places them on my samba server and its been around since the first pi.. matter fact it is still running on the pi1b and its still running. it does have a few bad spot though.
<sarnold> I can imagine that torrenting on one might include enough write amplification to be Bad News
<sarnold> but still full-time video recording.. that's nothing to sneeze at :)
<Epx998> I am install Xenial server and during the networking dhcp config, I get this malformed IP errors, I will get them 3-4 times when the network tries to configure, then they go away - dhcp address is successfully assigned.  Is this a known bug?
<ahasenack> man, typos
<nacc> ahasenack: ?
<ahasenack> my question from above
<BrazierCustoms2> sarnold, when i first started, I thought nothing of it, but after killing a few cheap ones i figured it out :P
<nacc> Epx998: sounds like a bug in your dhcp server
<Epx998> nacc: Just happening on these UB16 iso installs, this DHCP server hasn't had any problems for a few years now.
<nacc> Epx998: strange, I've not heard of it, but you could search launchpad to see
<Epx998> nacc: the debian-installer is not even requesting a dhcp lease
<Epx998> Wonder if there is something I can restart from the installer shell
<Epx998> sigh
<ahasenack> Epx998: can you check on the dhcp server (if you can't on the client) which IPs were offered that the client deemed malformed?
<ahasenack> and compare to the one that worked?
<Epx998> ahasenack: yeah I looked at the DHCP server, business as normal - it serves thousands of nodes.. only getting the error in this xenial server iso when it runs network autoconfig
<Epx998> ahasenack: i am kicking 6 of these, first 2 no issues, 2-3 had the issue but clearend after i clicked 'go back' a few times - 5-6 wont config dhcp at all, im tailing my dhcpd.log and not even seeing the requests, client isnt asking
<Epx998> and now #6 just went thru, took 10 minutes of trying
<ahasenack> Epx998: this is ubuntu core?
<madLyfe> https://youtu.be/J4u3ZN2g_MI
<Epx998> ahasenack: its the ub16.04.02 server iso
<madLyfe> is there a place to see which usb ethernet adapters work with ubuntu server out of the box?
<madLyfe> if i search that on google all i get is ppl with issues and no success stories lol
<Epx998> https://wiki.ubuntu.com/HardwareSupport
<Epx998> is my guess
<Epx998> if youre installing server, you can add drivers to the installer that normally are not present
<madLyfe> ya im trying to get the usb hub/ethernet adapter i have currently to work in desktop again(had it working last night) to see what its using for its driver because i couldnt get it working under server.
<madLyfe> but was looking at others incase this one is junk.
<madLyfe> works on windows though
<Epx998> Did it work in desktop?
<madLyfe> i got it working once last night in desktop but this morning doing more testing i cant get it to work for some reason
<madLyfe> still trying
<Epx998> I wonder if the switch these servers are on is not configured correctly
<braziercustoms-m> Stokachu, ok way to prove me wrong.. I was chat to g from there lol
<braziercustoms-m> Chatting
<Epx998> port fast not enabled or soemthing
<sarnold> Epx998: spanning tree nonsense?
<Epx998> sarnold: our neteng team slacked on these switches when we built the DC - another on my team identified it and got it fixed, months ago - these servers have been churning since, but needed to reimage to 16 these 6..  its acting like port fast isnt enabled or something else.  ill have to escalate, the last one finally worked
<madLyfe> Epx998: 'I wonder if the switch these servers are on is not configured correctly' that for me?
<Epx998> madLyfe: nah i was just saying, been having an issue with dhclient on the debian-installer, got it sorted now
<madLyfe> ah k
<jcastro> howdy folks! Is there a way to play with curtin in a non-maas environment?
<madLyfe> https://usercontent.irccloud-cdn.com/file/QakJoRAR/irccloudcapture683196535.jpg
<madLyfe> wtf does that mean? I installed desktop to the microSD card just fine then that on reboot
<R0cketM0nster> Hey we have an ubuntu server here at work and i am trying to monitor using traceroute whether our clients routers are on their main connection or their 3g backup. is anyone able to tell me why when i run a traceroute sometimes the first hop is our core switch and sometimes it skips that hop? its making it very difficult to monitor the number of hops as it keeps changing.
<Epx998> madLyfe: your usb image is corrupted?
<madLyfe> its not usb, its microSD. well installed from USB stick to microSD.
<Epx998> madLyfe: what did you use to make it?
<madLyfe> rufus, with the directions from the live usb wiki
<Epx998> rufus is straight forward
<Epx998> you deploying a server this way?
<madLyfe> ya, its a blade with internal microUSB
<Epx998> ah
<coreycb> cpaelzer: have you seen this for qemu in pike? http://paste.ubuntu.com/25384959/
<Epx998> Ever consider setting up network installs?
<coreycb> cpaelzer: we're tripping over that in the uca backport of 1:2.10~rc3+dfsg-0ubuntu1. looks like live-block-ops.txt was moved to a new file.
<madLyfe> Epx998: this doesnt have ethernet, yet.
<Epx998> madLyfe: so you have a blade server that you're trying to provision via an intenral microsd card, so you can use a usb ether?
<madLyfe> ya
<madLyfe> running out of chassis.
<Epx998> geebus
<Epx998> might be timm to virtualize
<Epx998> so this blade doesnt have onboard ethernet?
<madLyfe> well not when its out of chassis
<sarnold> R0cketM0nster: do you get to see the ICMP time exceeded in-transit messages from the switch when using tcpdump?
<Epx998> madLyfe: where is what i'd do, try with a desktop usb to see if the usb ether is dectected, if you dont want to do that - create an updated initrd.gz file with all that usb/network modules for whatever kernel the installer is using
<madLyfe> only ports it has are an internal USB and microSD with the fron HP SUV/IO cable(VGA, 2 USB, 1 serial)
<Epx998> whats the model of the blade chassis this blade is in?
<madLyfe> its not in a chassis
<madLyfe> picture: https://usercontent.irccloud-cdn.com/file/uvzdYXgZ/irccloudcapture1256683132.jpg
<Epx998> you just have it out
<Epx998> thats some stuff right there
<sarnold> heh, I guess that finally answers one of my long-standing question, if the chassis is necessary for blades. yeah, pretty much :) hehe
<Epx998> ha yeah
<R0cketM0nster> @sarnold, sorry but how would i do that?
<Epx998> madLyfe: are you able to boot into bios?
<madLyfe> its running can install server, but i cant get this noname usb/ethernet adapter to work.
<madLyfe> ya
<sarnold> R0cketM0nster: I did 'tcpdump -n -i eth0' in one window while running 'traceroute ....' in another window
<Epx998> are there any bios settings for the internal microsd ?
<Epx998> madLyfe: so you haver zero network
<Epx998> ok so try this
<madLyfe> ya one sec
<madLyfe> was looking at this: https://www.linuxquestions.org/questions/linux-newbie-8/error-attempt-to-read-or-write-outside-of-disk-%27hd0%27-ubutnu-14-04-a-4175502753/
<Epx998> note the kernel you are using on that blade, on another server with networking, download the kernel driver modules for usb and networking - install on this blade, modprobe a few drivers and see if you get it working?
<madLyfe> https://usercontent.irccloud-cdn.com/file/5u39xIpT/irccloudcapture1368982153.jpg
<madLyfe> well thats why i was using desktop. cuz i got the ethernet to work once
<madLyfe> havent been able to since.
<Epx998> then its most likely a driver issue
<Epx998> i think ubuntu ships desktop with a lot more drivers than server
<Epx998> but you can easily add them to server
<sarnold> Epx998: oh? the kernels are the same, I'm not sure where the extra drivers would go..
<madLyfe> Epx998: here is a breakdown of the convo between nacc and i about it. it provides some context: https://gist.github.com/eafaf4005d5035728211e74cdaeb6aee
<Epx998> server doesnt ship with the extra stuff right? like megaraid
<Epx998> mptsas
<madLyfe> desktop has 4.10 and most recent server only has 4.4 still
<Epx998> madLyfe: dunno, when a device is not detected, we add drivers into the kernel module
<Epx998> im just suggesting doing that
<Epx998> you running trusty or xenial?
<madLyfe> but in that text convo i note that i cant get the hub adapter to work before any OS anyways.
<madLyfe> what are those? doesnt help that im a newb at nix.
<madLyfe> ummm i think i just won the lottery
<Epx998> you running 14 or 16?
<sarnold> the 600 million dollar lotto? :)
<sarnold> you'll remember your pals on irc right? :)
<madLyfe> here is the other part of the usb convo: https://gist.github.com/9df3c2721eea4e7716b74178e7b54134 its all above, im just not sure if you were in the channel or not when the discussion was going on.
<madLyfe> lol
<madLyfe> so i turned off the usb 2.0 controller in that picture above and now im booting from the live desktop usb from a port on that hub. nothing else is plugged in.
<madLyfe> ejected the microSD as well
<Epx998> you dont know what release youre using?  o O
<madLyfe> most recent LTS for desktop and server
<madLyfe> 16
<Epx998> thats xenial
<madLyfe> Ubuntu Server 16.04.3 LTS
<madLyfe> but server doesnt have the newer kernel.
<Epx998> what does uname -r say?
<madLyfe> i know this because even installing 16.04.3 i had to manually upgrade it to 4.10
<madLyfe> sorry there is currently nothing installed
<Epx998> killing my smalls
<Epx998> me*
<madLyfe> lol
<madLyfe> sorry man
<madLyfe> i dont think the microSD grub issue is an issue anymore cuz i got the usb adapter to boot
<Epx998> get a dang usb cdrom, burn an iso on a cd.. install the os
<Epx998> lol
<Epx998> get an os on there
<madLyfe> did you read the convo i posted
<Epx998> no - im working too :D
<madLyfe> ty for your help btw
<Epx998> no worries - im on here a lot asking questions myself
<madLyfe> not sure why this live desktop is slow AF
<madLyfe> https://usercontent.irccloud-cdn.com/file/Z9smoQpc/irccloudcapture223774061.jpg
<Epx998> got it working?
<nacc> jcastro: in case no one replied, yes, it's possible -- there is a #curtin channel
<madLyfe> Epx998: says the internet connection is there but can't test. literally slow AF
<madLyfe> not sure why
<Epx998> yeah duno
<balderson> Hi, I'm using autofs to mount a NFS.  it's mounting fine, but when do an ls in the target directory noting displays until i touch one of the files in the NFS which i know exists, is that expected behavior?
<sarnold> balderson: guessing here, ls -l ? or ls ? I'm curious if the id lookups are slow ..
<balderson> both
<balderson> once i touch a file, everything shows up, and exists for all the users
<sarnold> crazy :/
<balderson> sarnold, the syslog shows that the automount connect once ive touched a file
<hehehe> hi
<hehehe> using auditd
<hehehe> and I got https://pastebin.com/9NzGLTT2
<hehehe> some errors
<RoyK> hehehe: IIRC those means that there's a nuclear war starting
<hehehe> lol
<hehehe> nah
<hehehe> it means trump could not connect to a command center
<hehehe> :P
<hehehe> https://pastebin.com/1Dgqi6cG
#ubuntu-server 2017-08-25
<hehehe> central box
<nacc> rbasak: enjoy the reviews, 4 MPs up, which should get our refactoring done. Will try and implement pristine-tar tmrw
<hehehe> nacc:  lol https://www.mylife.com/nishanth-aravamudan/nishanth-aravamudan
<madLyfe> nacc: so i got the usb adapter working, sort of.
<madLyfe> so is there a way to get the Ubuntu Server 16.04.3 LTS iso to use 4.10 over 4.4?
<madLyfe> and hwe
<sarnold> madLyfe: probably apt-get install linux-generic-hwe-16.04   should do it
<sarnold> madLyfe: I stole the package name from https://wiki.ubuntu.com/Kernel/RollingLTSEnablementStack
<madLyfe> how do you get that into the iso?
<sarnold> madLyfe: based on http://mirror.pnl.gov/releases/16.04.3/ubuntu-16.04.3-server-amd64.list it looks like it -is- in the iso
<madLyfe> is there a way to get it to use it over 4.4 as default?
<drab> pin the pkg
<drab> https://wiki.debian.org/AptPreferences
<drab> if I understood what you're asking
<sarnold> drab: I think madLyfe is looking for a way to get the server installer to install the hwe stack
<drab> or specify it in the install command if it's in a script, you can use =version
<drab> oh, uhm
<sarnold> I understand it's an option but I ran the 16.04 lts server installer back before hwe stack was added..
<drab> is preseed an option?
<drab> https://bugs.launchpad.net/ubuntu/+source/debian-installer/+bug/1663337/comments/2
<ubottu> Launchpad bug 1663337 in debian-installer (Ubuntu) "base-installer did not pick hwe kernel during automatic preseed" [Low,Opinion]
<drab> how about that?
<drab> seems like the option can be passed on boot cmdline too
<drab> madLyfe: ^^
<drab> but I may still missing the point
<drab> just passing through heh, don't mind me
 * drab goes back trying to migrate koha to a container
<madLyfe> not sure what all of that means. im just planning on not having ethernet so if i can get it on there during the install.
<calcmandan> hey folks. i've been researching different mail server suites out there. i've tested one which doesn't seem to match my personal requirements (citadel) and wondered if any other mail admins can recommend a good suite for me to test. i'm looking to replace gmail permanently and so. These are my requirement for a minimum: filtering, easy mail folder creation, good plugins for spam filtering.
<cpaelzer> coreycb: I haven't seen this particular doc move
<cpaelzer> coreycb: but others, yet since you are backporting from the package I have I wonder
<cpaelzer> coreycb: the related change mostly is https://git.launchpad.net/~paelzer/ubuntu/+source/qemu/commit/?id=8134d313ca114d9ad15a44174066d645bf5fe0aa
<cpaelzer> and the reason to change was https://git.launchpad.net/~paelzer/ubuntu/+source/qemu/commit/?id=ac06724a
<cpaelzer> but you are right
<cpaelzer> there is another one
<cpaelzer> https://git.launchpad.net/~paelzer/ubuntu/+source/qemu/commit/?id=8508eee740c78d1465e25dad7c3e06137485dfbc
<cpaelzer> I'll queue up a fix for this (and one more I found on that) for the upcoming -rc4/release upload
<cpaelzer> thanks for the ping coreycb
<cpaelzer> coreycb: there are other fixes around migration in that then that I was driving with upstream
<lordievader> Good morning
<lordievader> madLyfe: If the kernel is on the iso as a package why not simply install the package into your current install?
<Kartagis> ahoy
<Kartagis> how to allow a mail server behind barracuda to receive e-mails?
<coreycb> thanks cpaelzer
<coreycb> cpaelzer: pike releases next week btw :)
<madLyfe> lordievader: have a bigger issue right now. if I turn off USB 2.0 in the BIOS I get the adapter to fully recognize but it's so slow. like can't do anything slow. turn USB 2.0 back on and back to where I started.
<lordievader> Interesting that it works in USB legacy mode.
<lordievader> How does the dmesg output differ?
<madLyfe> not sure if it will treat every hub like that or if it's just this one because USB flashdrives directly in are nice and speedy.
<madLyfe> I only got to the lsusb command and it showed both the genesys hub and realtek network adapter
<madLyfe> but it took over an hour to install server.
<lordievader> Ofcourse, usb 1.1 is slow as heck.
<madLyfe> typing in text commands was even slow
<madLyfe> so I just figured it didn't really matter so I quit with it on USB 2.0 disabled.
<lordievader> Find out what it does differently, I suppose.
<madLyfe> tried a bunch of other little dip switches on the Mobo to see if I could get it to boot to the USB hub with 2.0 on and nothing.
<madLyfe> well I don't think the OS can tell me anything? this is all pre OS
<lordievader> Now I am confused.
<lordievader> Are you running a live-usb?
<madLyfe> I was running server and desktop live.
<lordievader> I have no idea what you are doing at this point.
<madLyfe> sorry if im being confusing
<lordievader> You are trying to get the ethernet adapter working on your server, right?
<madLyfe> if i turn usb 2.0 off n the bios, i can boot to usb keys(server or desktop live) and recognize the network port on it as well but its slow AF. if i leave it on, i cant boot anything from the usb hub and the network port doesnt work either.  https://usercontent.irccloud-cdn.com/file/f9fqHdCq/image.png
<madLyfe> i mean i need the usb hubs usb ports to work as well.
<madLyfe> if i just plug a usb key directly into the port(no hub), no matter what i have on it(server or desktop live) it works flawlessly.
<madLyfe> usb 2.0 hates the hub/ethernet adapter.
<lordievader> Didn't you have an install on the server (one on disk I mean)?
<madLyfe> not sure what that means
<madLyfe> there is only one USB port on the thing so it needs to be utilized for internet and OS.
<lordievader> madLyfe: On the server, you've had installed an os before, right?
<ahasenack> I have a question, probably more policy-wise
<ahasenack> this user installed freeradius, but disabled the service via "systemctl disable freeradius.service"
<ahasenack> now he gets an error during freeradius package upgrades
<ahasenack> freeradius itself has, in postinst, an invoke-rc.d call for start or restart but suffixed with "|| true", so it won't fail
<ahasenack> but a subpackage, freeradius-ldap in this case, has a force-reload, without a "|| true"
<ahasenack> that one fails
<ahasenack> should we add a "|| true" to force-reload as well? Or invalidate the bug saying "if you don't want it running, uninstall it"?
<coreycb> beisner: hi we're ready to promote the current batch in pike-staging -> pike-proposed.
<ahasenack> or handle the disabled case in some other way "if <disabled>; echo "service disabled, not reloading/restarting"
<madLyfe> lordievader: i have installed an os via usb stick yes.
<lordievader> madLyfe: Ok. Boot twice once with usb legacy and once with usb2.0 enabled. Compare the relevant dmesg output of both boots.
<lordievader> It might point you to something of why it does work in legacy mode but not in 2.0 mode.
<madLyfe> with just USB stick or the usb hub?
<lordievader> madLyfe: With only the ethernet adapter.
<madLyfe> what can the OS tell me if the bios(usb 2.0) doesnt like that adapter?
<lordievader> The adapter is simply not detected when in 2.0 mode?
<madLyfe> correct
<madLyfe> works fine, but is impossibly slow with 2.0 off.
<madLyfe> im talking pre OS.
<lordievader> Hmm, but is was detected, before right?
<beisner> coreycb - ack re: pike proposed, on it.
<madLyfe> detected before?
<lordievader> madLyfe: Yes, when you first came here with the issue. Udev detected it, as did the driver.
<madLyfe> ya, i cant remember the specific situation but i dont think i was booting from it. i think i had it on the front SUV/IO cable USB ports
<lordievader> I never said anything about booting from the hub. That is another issue.
<lordievader> Correct me if I'm wrong, but the way I see it is that you have a machine with an os installed on disk. In which if the usb mode is set to 1.1 has a working ethernet adapter, and if set to 2.0 a not working ethernet adapter.
<lordievader> In both cases the adapter is detected.
<madLyfe> i have to go back to the very beginning and test again as i dont remember how i had it setup.
<madLyfe> cuz i can either put the OS usb stick on the front I/O cables USB ports, and the adapter on the internal USB port or the other way around.
<madLyfe> those are my two options if im not trying to boot with the OS usb stick on the adapter on the internal USB port.
<madLyfe> lordievader: also trying something else
<madLyfe> installing OS to microSD card slot
<madLyfe> not really sure what im trying to gain by doing that but its there
<madLyfe> do you think upgrading the processor might help?
<lordievader> Does the server have no harddrive?
<madLyfe> no
<madLyfe> just a bare blade with 1 usb port and front access IO port
<lordievader> Wow, that is painful.
<madLyfe> https://usercontent.irccloud-cdn.com/file/GI9tAPCg/irccloudcapture1945755247.jpg
<madLyfe> and an microSD port
<lordievader> In all honesty, I'd start looking at a new server.
<madLyfe> nah. this is by design, actually.
<madLyfe> just need to get it ethernet somehow
<madLyfe> well, ethernet and an OS. at the same time.
<lordievader> I know, but it is clear you are not following this design.
<lordievader> You are trying to fit a square peg in a round hole, so to speak.
<madLyfe> getting a usb port to work?
<madLyfe> usb adapter*
<lordievader> In a way, yes. I don't really think it is worth the trouble when you can swap it out for something which has a harddrive and nic build in.
<lordievader> built*
<madLyfe> it has nics but you need the full chassis and nic managers to use them. there are no ethernet ports.
<madLyfe> installed to microSD card and on reboot after install i get this: https://usercontent.irccloud-cdn.com/file/QakJoRAR/irccloudcapture683196535.jpg
<madLyfe> its a 16gb microSD card
<hallyn> rharper: dude.  lvm2 not depending on thin-provisiong-tools seems like a bug.  If you go through the basic steps as in https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Logical_Volume_Manager_Administration/thinly_provisioned_volume_creation.html  you end up with a corrupted VG.
<hallyn> rharper: would you agree?
<hallyn> hm,
<hallyn> I guess it's not really 'corrupt', after you install thin-provisioning-tools it's happy.
<hallyn> But this feels very redhat-ish.
<hallyn> (having to infer from error messages what other packages i need to install)
<madLyfe> https://usercontent.irccloud-cdn.com/file/EUlEjkxt/irccloudcapture365147137.jpg
<hallyn> (actually I'm not following that url, not sure why I pasted that;  just following the lvmthin.7 manpage examples)
<ndboost> morning all, whats the recommended way to add an internal CA certificate to my server?
<sdeziel> ndboost: https://superuser.com/questions/437330/how-do-you-add-a-certificate-authority-ca-to-ubuntu explains how
<ndboost> thx sdeziel i'm using puppet/foreman for my lab so i'll figure out how to place the files in that location and run update-ca-certificates
<ndboost> looks like https://forge.puppet.com/pcfens/ca_cert is what i want.
<rharper> hallyn: is it not even a recommends?
<rharper> Suggests: thin-provisioning-tools
<sdeziel> ndboost: looks like a nice module, thanks for sharing :)
<ndboost> np
<ndboost> that solved my problem of deploying the internal ca, just need to figure out why puppet/foreman doesnt like it, still thinks its untrusteed.
<sdeziel> ndboost: are you trying to use a custom CA to secure your Puppet/Foreman traffic?
<ndboost> yeah
<hallyn> rharper: hm, right you are.  It did suggest it, I didn't notice.
<hallyn> Still seems worth a Depends: to me, but I guess I'll just accept my licks :)
<hallyn> thx
<rharper> hallyn: it's a reasonable query; maybe more folks expect thin-p to be around if they install lvm2; there are plenty of non-thinp lvm use-cases but maybe thinp isn't so heavy that we wouldn't always want it around ?
<ahasenack> I triaged a bug from IBM iirc once where this package was missing
<ahasenack> many hours were spent debugging that, both on our side and on the customer's
<ahasenack> hallyn: rharper https://bugs.launchpad.net/ubuntu/+source/lvm2/+bug/1657646
<ubottu> Launchpad bug 1657646 in lvm2 (Ubuntu) "Missing thin-provisioning-tools prevents VG with thin pool LV from being (de)activated, but not its creation" [High,New]
<ahasenack> I also filed a debian bug back then
<hallyn> Right, maybe if the creation was prevented (with a helpful message) that would make everyone happy
<hallyn> but that woudl require source changes...  so no
<devster31> is there a smart way to rename files that are currently in the form of 01a 01b 02a 02b 02c with incremental numbers?
<hallyn> sure, you can loop over `seq 1 3` etc,
<hallyn> and if the names get complicated enough use sed against basename/dirname etc.
<Solaris444> Hi, what user do cgi scripts run as?
<Solaris444> I'm trying to run backuppc and it runs fine except that two graphs that appear on the front page are not being generated.
<Solaris444> Apparently this is because the cgi user needs read access to a file called pool.rrd
<devster31> hallyn definitely complicated enough for sed, do you happen to have a oneliner available?
<j4g0> i want to change caps to esc inside vim. On both my ubuntu desktop and my mint box au vimenter * !xmodmap -e 'clear Lock' -e 'keycode 0x42 = Escape' with an according vimleave command does the trick. I installed xmodmap via x11-xserver-utils package but now I get xmodmap: unable to open display ''. where would i need to configure this?
<sdeziel> Solaris444: see https://bugs.launchpad.net/bugs/1612600
<ubottu> Launchpad bug 1612600 in backuppc (Ubuntu Xenial) "backuppc 3.3.1-2ubuntu3 breaks pool graphs on the Status page" [Medium,Fix committed]
<j4g0> i should mention that i am trying to get it to run on ubuntu server :)
<j4g0> 16.04
<Solaris444> Oh damn. Thanks sedziel.
<Solaris444> So in other words just be patient as a fix is coming?
<sdeziel> Solaris444: yes, should hit xenial-updates shortly :)
<Solaris444> You guys are awesome. :D
<sdeziel> thanks should go to those involved in fixing the bug but I'm glad I could help
<madLyfe> lordievader: you there?
<lordievader> Not really, that is afk.
<Solaris444> sdeziel: absolutely, you've saved me significant time. Now I know all I need to do is wait for the fix to come through.
<madLyfe> lol so i think i got it working
<Solaris444> but yes, thanks to those up the chain too.
<madLyfe> the usb hub/adapter is shown as not plugged in when plugged in fully. if i pull it halfway out of the usb port it makes connection.
<madLyfe> fml
<sarnold> o_O
<sarnold> no wonder nothing made sense
<madLyfe> and why it worked one time then couldnt get it working again.
<hallyn> devster31: not really...  not clear on what exactly you want to do.  you have 01a 01b 02a 02b 02c, what do you want to turn each into?
<hallyn> drop the leading 0?
<devster31> no, just incremental numbers 1,2,3,4,5
<hallyn> "jsut incremental numbers" describes the files.  IT doesn't tell me how you want to rename them.
<nacc> devster31: sort the current files, then enumerate the sorted list?
<nacc> devster31: it's not a sed case, because the output string is not int he input string
<nacc> devster31: i guess you could use a variable, but at that point, just do it in bash?
<hallyn> oh, so if you have amaratto bouncing charlie defcon as filenames, you want to rename those 01a 02b 03c 04d, or something like that?
<hallyn> in which case maybe something like count=0; /bin/ls | sort | while read line; do mv $line 0$counta; count=$((count+1)); done
<hallyn> I'm certain that's not exactly what you want, but mabye it gives you an idea
<madLyfe> sarnold: desktop was able to connect perfectly to ethernet and internet connection. server still doesnt detect it though.
<nacc> hallyn: my reading was they are current in 01a 01b 02a 02b ... and they want it end up as 1 2 3 4
<nacc> hallyn: which your method would also achive, afaict, presuming stable sorting of the input files
<devster31> I'll try with count, it seems to be what I want. I currently have files named cache01a cache01b cache02a cache02b cache02c and I'd like cache01 cache02 cache03 cache04 cache05, count seems sensible, maybe with a regex after that
<sarnold> probably for f in * ; do mv "$f" $count ; ... is better. parsing ls output is miserable :(
<nacc> sarnold: +1
<nacc> devster31: also why do you care about the file names? the sort result is the same and they lexically make sense still
<devster31> because they aren't really cache files, it's pieces of a document which got renamed by accident for some reason
<madLyfe> kind of thought server would just detect the ethernet adapter
<sarnold> madLyfe: did you add proper /etc/network/interfaces files? or hand-issuing ip commands?
<sarnold> devster31: wait if the goal is to remove the 'cache' bit of the names there's probably better tools. 'rename' or 'rename.pl' fo rexample would let you provide a perl expression to rename things, so something like rename 's/cache/document/' cache*  would do the trick
<madLyfe> nothing yet. just going by what the installer said it couldnt detect network adapter.
<nacc> devster31: but .. you're still prefixing them with cache
<nacc> devster31: so i have no idea what you're trying to do now :)
<devster31> sarnold thanks, I did try rename but the script installed by my OS doesn't seem to have a counter, so first I'd rename them with numbers then swap the name
<madLyfe> sarnold: its showing in the lsusb as well, both the hub and network chip
<madLyfe> https://usercontent.irccloud-cdn.com/file/C6UOHOiP/irccloudcapture2054839625.jpg
<madLyfe> hey nacc, if Ubuntu Server 16.04.3 LTS iso comes with 4.10 hwe, how does one make that the default or use that w/o ethernet?
<nacc> madLyfe: i thought we decided server *doesn't* come with 4.10 :)
<sdeziel> https://wiki.ubuntu.com/Kernel/LTSEnablementStack#Server says "Server installations will default to the GA kernel and provide the enablement kernel as optional."
<madLyfe> "Â <lordievader>Â madLyfe: If the kernel is on the iso as a package why not simply install the package into your current install?"
<madLyfe> i have no idea
<sdeziel> I don't know how to opt-in that HWE kernel though
<powersj> The HWE kernel install is an option on boot
<sarnold> nacc: drab found this https://bugs.launchpad.net/ubuntu/+source/debian-installer/+bug/1663337/comments/2
<ubottu> Launchpad bug 1663337 in debian-installer (Ubuntu) "base-installer did not pick hwe kernel during automatic preseed" [Low,Opinion]
<powersj> first menu will be "Install server" and then below that "HWE" something or another
<sdeziel> as in press F6?
<sarnold> nacc: the trouble is no one knows how to drive preseed
<powersj> ^ yeah
<lordievader> madLyfe (IRC): not sure if that is going to work. Random thought I had.
<madLyfe> ah ok
<hallyn> sarnold: yeah i started with 'for f in ???' actually...  just wasn't sure about the origin
<hallyn> looks like it's under control, \o :)
<sarnold> hallyn: woot
<madLyfe> lordievader: you see what i figured out? desktop detects it fine and has internet but server still doesnt during install. if i lsusb, it shows both the usb hub and net chip. not sure whats up with that.
<madLyfe> sarnold: so im SOL with the 4.10 kernel/hwe?
<sarnold> madLyfe: dunno, this f6 thing at boot sounds promising :)
<lordievader> madLyfe (IRC): it is not a usb 3 adapter by any chance?
<nacc> sarnold: heh
<madLyfe> i dont remember seeing a prompt for key entry at boot.
<nacc> madLyfe: well the problem you wil have is the server *installer* will still be on the old kerenl
<nacc> madLyfe: and if you presuambly need internet in the installer to install, then it won't matter
<madLyfe> ya
<nacc> powersj: --^ can you confirm? i understand hwe is installable in the server iso, but it isn't the kernel used by the server iso (this is different from desktop, afaict)
<powersj> nacc: if he chooses the HWE kernel on the boot screen the installer will choose 4.10
<powersj> as in the install kernel will be 4.10
<nacc> powersj: oh at boot time?
<powersj> yep
<nacc> powersj: sorry, i thought you meant a menu in the installer
<powersj> no worries I wasn't clear
<nacc> madLyfe: --^ so that's what you need to do, you need to boot to that version of the installer
<nacc> presumably a grub choice?
<powersj> https://imgur.com/a/cBmsc
<nacc> powersj: that menu must be grub? because if not, you're already in a kernel and i can't imagine we trust to kexec to a new kernel :)
<nacc> powersj: just a pretty grub overlay?
<powersj> nacc: right grub, then boots kernel
<nacc> powersj: ack, thanks
<nacc> madLyfe: so yeah --^ boot that usb, and pick that option
<madLyfe> sorry had a phone call
<nacc> madLyfe: unacceptable :)
<nacc> (j/k)
<madLyfe> so i need to reinstall the whole deal or will that just add to my current install?
<nacc> madLyfe: oh you want to just install the hwe kernel on your current system?
<nacc> madLyfe: i thought you didn't have internet? :)
<madLyfe> maybe i should just deal with the internet thing first
<nacc> madLyfe: i mean, they are one and the same, no?
<nacc> madLyfe: you need the hwe kernel to use the internet on this machine?
<nacc> madLyfe: so you can either use the desktop image and pare it down or reinstall using the server and pick the hwe option
<madLyfe> i wanted it in case it would give me the support for my usb network adapter
<nacc> madLyfe: what is "it"?
<madLyfe> you can see it here in the lsusb output: https://usercontent.irccloud-cdn.com/file/C6UOHOiP/irccloudcapture2054839625.jpg
<madLyfe> the usb hub, and then the realtek chip for ethernet
<nacc> madLyfe: yes, i just meant in your sentence
<madLyfe> but it wasnt detected during install
<nacc> madLyfe: i don't know if it is the server iso, your usb stick, etc.
<madLyfe> the newer kernel
<nacc> madLyfe: since you technically "want" all those things
<madLyfe> this is server iso on usb stick
<madLyfe> usb stick install to usb stick for OS life.
<nacc> madLyfe: and what does uname -r say?
<madLyfe> 4.4.0-87-generic
<nacc> madLyfe: then you didn't pick the hwe option?
<nacc> madLyfe: from the boot menu image that powersj showed a bit ago
<madLyfe> i know i havent tried to reinstall it yet
<madLyfe> i said maybe i should figure out the internet first
<madLyfe> i mean i only wanted the newer kernel to see if that would make my internet work
<sdeziel> madLyfe: you could try to boot with the HWE option and see if the installer finds your usb ethernet nic and then decide if you reinstall with that HWE kernel or not
<sdeziel> madLyfe: would tell you if the HWE kernel supports your NIC out of the box
<madLyfe> like a live boot of the server with HWE?
<sdeziel> madLyfe: yes, boot off of the usb key and see how far it goes with the HWE option
<nacc> yeah, boot the installer, drop to a shell immediately
<madLyfe> i didnt see the live boot or live boot with HWE as an option is what im getting at.
<sdeziel> madLyfe: is it the "live boot" thing that bugs you?
<nacc> madLyfe: well it won't be "live" there is no "live" on server
<nacc> madLyfe: we are saying 'fake live' by starting the install, but don't install it
<madLyfe> oh
<nacc> madLyfe: drop to a shell instead and see if your device works
<madLyfe> drop to a shell?
<sdeziel> madLyfe: start the install as normal but by making sure to pick the HWE option
<nacc> madLyfe: i believe that's an option in the server install if you cancel at hte first prompt and go back up to the top menu
<madLyfe> i pulled the OS usb key and put the installer usb key in to see
<madLyfe> https://usercontent.irccloud-cdn.com/file/TyWAMJKV/irccloudcapture1615859173.jpg
<nacc> madLyfe: i think powersj was saying there should be a menu before htat
<nacc> madLyfe: you're already in the installer at that pointn
<madLyfe> thats the first thing that comes up
<nacc> madLyfe: it might go by quickly
<powersj> click english then the next menu will have the HWE option
<powersj> or whatever your language of choice is...
<nacc> powersj: oh ok
<RoyK> export LC_ALL=C
<madLyfe> https://usercontent.irccloud-cdn.com/file/SOagkK05/irccloudcapture1250781339.jpg
<RoyK> then run hatever command
<nacc> RoyK: ?
<nacc> madLyfe: right, try the second option
<powersj> madLyfe: ok 2nd option to get the HWE kernel
<madLyfe> i knew that much but you want me to go to shell or something?
<nacc> madLyfe: yeah, you do that from in the installer
<madLyfe> now its failing to detect and mount cd-rom, never seen this before, even though i dont have a cd-rom
<madLyfe> hmm i must have wiggled the hub a bit too much
<madLyfe> nope https://usercontent.irccloud-cdn.com/file/xUiKG4pW/irccloudcapture113522201.jpg
<powersj> then hwe isn't going to help you get networking
<madLyfe> that is from the HWE install
<madLyfe> ya
<madLyfe> is there a way i can just dump all of the network drivers from desktop to the server iso and have it magically work? :P
<nacc> madLyfe: they are the same kernel(s)
<nacc> madLyfe: that's why it doesn't make sense
<nacc> madLyfe: you consistently get network in the desktop installer?
<madLyfe> ya
<nacc> powersj: i guess the installer initrds coudl be differnt?
<nacc> i mean, usb network device is relatively (I'd think) uncommon on server
<madLyfe> i thought someone said server iso has way less drivers for things or something? but in server i can still see the network chip and usb hub. im installing from the usb hub right now.
<sarnold> what kernel module does the NIC work for you in the desktop installer? could you hit that 'go back' button and load that specific module again in the server installer?
<nacc> madLyfe: reading the device is unrelated (generally) to being able to use the device
<powersj> I actually don't know re: initrds
<nacc> sarnold: good idea
<genii> nacc: We use some USB-USB adapters between two servers on the same rack sometimes, to ssh into one from outside then an isolated connection to the other to ssh into that one
<nacc> madLyfe: yeah, sorry, it's possible the installer envs differe -- the packages they install are the same, but if you need something present on the server iso that's not by default (let's say) or not laoded by default, then it might lead to different beahvior
<nacc> genii: interesting
<nacc> genii: i'd still say it's relatively uncommon :)
<sarnold> genii: oh neat :)
<madLyfe> sarnold: im not sure what that means.
<sdeziel> madLyfe: from yesterday, I seem to recall that you were using the r8152 driver, isn't it?
<madLyfe> ya
<sarnold> madLyfe: compare 'lsmod' output on the non-working instance with lsmod on the working instance; chances are good ther's going to be a kernel module loaded in the working instance that isn't loaded in the non-working instance
<madLyfe> i think thats what was working
<sarnold> madLyfe: so try to load whateer that module is at the "go back" screen
<sdeziel> this driver comes from the -extra package here on Xenial so maybe the HWE kernel doesn't have this package on the ISO?
<madLyfe> https://usercontent.irccloud-cdn.com/file/ncOnxuMw/irccloudcapture957248891.jpg
<madLyfe> this?
<nacc> madLyfe: drop to a shell (execute a shell)
<nacc> madLyfe: and run `modprobe r8152`
<nacc> see if it's even found
<madLyfe> so how do you drop to a shell from where i am at in the installer?
<nacc> madLyfe: what i just said
<nacc> madLyfe: hit down 15 times?
<nacc> madLyfe: and choose "execute a shell"
<madLyfe> i see it now
<madLyfe> https://usercontent.irccloud-cdn.com/file/JubPeWy2/irccloudcapture392914459.jpg
<nacc> madLyfe: yep
<madLyfe> https://usercontent.irccloud-cdn.com/file/TDBWKnlf/irccloudcapture900381294.jpg
<nacc> sad
<nacc> madLyfe: so ... it's not hwe that's the problem, it would appear to be the server image
<sarnold> you could use the desktop installer and then go nuts with apt-get purge ubuntu-desktop and so on
<nacc> yeah
<madLyfe> ummmm
<madLyfe> so run the desktop installer and do what?
<sdeziel> even on the HWE kernel, this comes from the -extra package (https://packages.ubuntu.com/xenial-updates/amd64/linux-image-extra-4.10.0-28-generic/filelist)
<nacc> sdeziel: yeah, i wonder how it worked on the desktop installer
<nacc> sdeziel: unless extra is available on desktop?
<nacc> madLyfe: can you do `apt policy linux-image-extra` ?
<sdeziel> nacc: looks like it but I'm just guessing
<nacc> sdeziel: yep, me too :)
<sdeziel> `dpkg -l| grep linux-image-extra` should work
<madLyfe> says 'bin/sh: apt: not found'
<nacc> sdeziel: err, yes, sorry, you're right :)
<nacc> madLyfe: what sdeziel said :)
<madLyfe> same https://usercontent.irccloud-cdn.com/file/HSKOFuXK/irccloudcapture756594906.jpg
<sdeziel> it's been days that madLyfe has been fighting with this ... I want to see this come to a (happy) conclusion
<madLyfe> has it really been days? fak
<sdeziel> well, didn't you start like 2 days ago?
<sarnold> yeah you shold clear the stuff off the bed and get some sleep eventually :D
<madLyfe> ya youre correct
<nacc> oh we're really early in the installer
<sdeziel> maybe it's simpler to let the installer do it's thing and eventually it may succeed in finding the NIC
<madLyfe> restart the pc?
<madLyfe> sorry, sever.
<sdeziel> madLyfe: type 'exit' to get back to the installer
<madLyfe> k
<sdeziel> http://releases.ubuntu.com/xenial/ubuntu-16.04.3-server-amd64.list includes the package linux-image-extra-4.10.0-28-generic so maybe this will just work
<madLyfe> fully install this then?
<sdeziel> I'd resume the installation and it should detect the NICs before trying to touch the storage/disk/microSD
<sdeziel> so you'll know if you are good with the HWE kernel before touching your storage
<madLyfe> when will i know?
<madLyfe> im at the partition disks
<sdeziel> and what happened in the Detect network hardware/Configure the network sections?
<madLyfe> same as before and just hit continue.
<sdeziel> I don't know what was "before"
<madLyfe> but it did 'detect network' thing popped up again and didnt give an error so i dunno if its working or not.
<madLyfe> before = https://usercontent.irccloud-cdn.com/file/xUiKG4pW/irccloudcapture113522201.jpg
<madLyfe> i pulled the OS usb key so i cant install to anything anyways. only running from the installer usb key.
<sdeziel> so you're install from USB to USB? No microSD?
<madLyfe> ya
<sdeziel> OK, then why did you pull the key you want to install to? If there is nothing valuable on it, I'd try to install again
<madLyfe> just because they have the same name and it can get confusing
<madLyfe> installing now
<madLyfe> copying data to disk
<madLyfe> installing the system..
<sdeziel> try to check if you see the linux-image-extra-* package name pass by
<madLyfe> i think it may have but not 100% sure
<madLyfe> there it is
<madLyfe> https://usercontent.irccloud-cdn.com/file/HC0591pP/IMG_20170825_150126.jpg
<sdeziel> good, maybe on reboot your NIC will be detected (or on modprobe away)
<madLyfe> so after it boots into server, restart it right away?
<madLyfe> oh, nvm, it reboots after install
<madLyfe> rebooting
<madLyfe> sdeziel: does modprobe need sudo?
<sdeziel> madLyfe: yes
<madLyfe> not output on sudo modprobe r8152
<madLyfe> no*
<sarnold> yay
<nacc> madLyfe: i beleive success is silent
<madLyfe> just returns new line
<sarnold> the unix way :)
<madLyfe> but ping google.com is 'unkown host google.com'
<nacc> madLyfe: maybe bad DNS?
<nacc> madLyfe: ping isn't a means for checking network connectivity :)
<nacc> madLyfe: see if the link is up, etc.
<sdeziel> madLyfe: ip link
<sdeziel> this should show you if your NIC was detected
<madLyfe> https://usercontent.irccloud-cdn.com/file/mRQaFwPe/irccloudcapture474510748.jpg
<nacc> looks like it see some device
<sarnold> yay :D congratulations
<sdeziel> looking at the horrible nic name it seems like a USB nic :)
<madLyfe> way to check?
<madLyfe> try to ssh in?
<sarnold> configure it first
<nacc> madLyfe: it's still 'down', meaning unconfigured
<sdeziel> like in /etc/network/interfaces
<madLyfe> using nano?
<sdeziel> yeah
<madLyfe> it doesnt give it a regular config like other nics?
<sdeziel> I think for a quick and dirty test, you could do "sudo dhclient enx..."
<sdeziel> I think that dhclient will take care of up'ing the device but I'm not 100% sure
<madLyfe> 'cannot find device"enx..."
<nacc> madLyfe: substitute enx... for your devices' name
<madLyfe> oh lel
<nacc> madLyfe: or other way around, you get what i mean :)
<madLyfe> still says cannot find device
<sdeziel> madLyfe: check for typos
<sdeziel> and yes, dhclient does up the link
<madLyfe> image was blurry
<madLyfe> return new line
<sdeziel> ip -4 a
<nacc> madLyfe: try `sudo ip link set enx00e04c6850d7 up; sudo dhclient enx00e04c6850d7` ?
<sdeziel> then: ip -4 ro
<sdeziel> then take a pic and share :)
<madLyfe> https://usercontent.irccloud-cdn.com/file/gnGUO2As/irccloudcapture203695705.jpg
<sdeziel> great!
<sdeziel> now would be a good time to put up a working /etc/network/interfaces file
<madLyfe> sorry, didnt get the ip -4 ro in there
<sdeziel> so that you get network connectivity on the next reboot
<sdeziel> madLyfe: nvm the ip -4 ro part
<madLyfe> ok, umm, is there a way to get this to work from the installer?
<madLyfe> because im going to have to do this again a few times.
<sdeziel> you could set /etc/network/interfaces then clone the USB key, one per blade
<sdeziel> but then the dynamic NIC name would get in the way
<sdeziel> (how I love those)
<madLyfe> https://usercontent.irccloud-cdn.com/file/WQBA1xsf/irccloudcapture762135147.jpg
<sdeziel> madLyfe: if you want to do the USB key clone, I guess you could tell the kernel to always name the NIC eth0 and be done with it
<madLyfe> that is all thats in my interfaces
<sdeziel> madLyfe: you OK or not with the USB cloning trick to avoid jumping through those hoops for each of your blades?
<madLyfe> well i just mean have the installer recognize the nic when it should so it properly sets up everything. i dont mind going into the interfaces file because i have to set them to a static ip anyways.
<madLyfe> im going to get a different hub and ethernet adapter anyways because this one i have to have setting just right for it to detect and thats no bueno.
<sdeziel> OK, then put that in your /etc/network/interfaces file: http://paste.ubuntu.com/25391633/
<madLyfe> after whats already in there?
<sdeziel> at the bottom, yes
<sdeziel> madLyfe: you may want to also add "  dns-nameserver 8.8.8.8" after the gateway line
<sdeziel> replace 8.8.8.8 by your local DNS resolver if any
<madLyfe> like so: https://paste.ubuntu.com/25391652/
<madLyfe> ya i replace it with my router so i only have to change one place
<sdeziel> yes, like that. I always indent the stuff after the iface line but I don't know if that's required
<madLyfe> so basically i just want to make the installer set shit up like normal. and maybe i just need to come back to this because i will be getting a different usb hub/ethernet adapter. not sure if that one will just work.
<madLyfe> i dont think it was on my other SM servers when i set static ip
<madLyfe> https://usercontent.irccloud-cdn.com/file/2yNFroTj/irccloudcapture120908335.jpg
<madLyfe> thanks for the help sdeziel, nacc, lordievader, sarnold, powersj!!!
<madLyfe> hopefully i didnt forget anyone lol
<nacc> madLyfe: yw
<sdeziel> np
<madLyfe> now i just need to find a usb hub and ethernet adapter thats not going to give me so much trouble
<sdeziel> happy mining
<sarnold> madLyfe: wooooot :D
<madLyfe> i still need to setup a better power system and transfer over different hardware before she is up and going.
<hehehe> sarnold: since when you started learning PHP? that article beauty of PHP by sarnold wtf :P
<sarnold> hehehe: this one? https://eev.ee/blog/2012/04/09/php-a-fractal-of-bad-design/
<hehehe> haha
<hehehe> sarnold: join #php and see what they say
<hehehe> :P
<hehehe> would be fun
<sarnold> no.
<sarnold> php 7 is finally getting around to fixing some of the mistakes of the language but app authors still target 5.3 or something stupid.
<hehehe> i use 7
<hehehe> :)
<hehehe> see
<hehehe> and I asked modules writes if they use defined statements which they said they do
<hehehe> and code is escaped well
<hehehe> so should work really
<madLyfe> hehehe: i think you were apart of the panacea. ty too
<hehehe> *writers
<madLyfe> so any usb hub should just work, correct? especially usb 2.0 hubs? on server.
<madLyfe> looking at this one: http://www.ebay.com/itm/301426463598?ssPageName=STRK:MESINDXX:IT&_trksid=p3984.m1436.l2649
<madLyfe> and this one: http://www.ebay.com/itm/122100079521?ssPageName=STRK:MESINDXX:IT&_trksid=p3984.m1436.l2649
<sarnold> madLyfe: in my experience with usb things it's almost always best to go with the cheapest more boring thing you can find
<sarnold> it'll usually work because they don't have the budget to make it not work
<sarnold> and if it doesn't work, well, what do you expect, you bought the cheapest one
<madLyfe> lol good points
<madLyfe> that's what I thought about this current one. little did I know it was the connector that's bad.
<hehehe> is systemd a gmo of linux?
<hehehe> :)
<madLyfe> odd that im now seeing an package updates when i log into this server install. you'd think there would be some since the iso doesnt have them all.
<madLyfe> now = not
<madLyfe> makes me wonder if its not functioning properly?
<madLyfe> https://usercontent.irccloud-cdn.com/file/lSFpUncD/image.png
<sarnold> "10 packages can be upgraded"
<sarnold> sudo apt-get -u dist-upgrade if you want to install the updates
<madLyfe> well i mean the fact that it said there were 0.
<madLyfe> i used sudo apt upgrade -y
<sarnold> that motd is updated something like twice a day, and maybe even less often than that
<sarnold> and since the unattended-updates package will install a bunch ofthings overnight anyway..
<madLyfe> i think i selected no auto updates on install
#ubuntu-server 2017-08-26
<lordievader> madLyfe: you managed to fix it? Was it really that half insert which did the trick?
<madLyfe> yep. server still didn't recognize the Ethernet adapter at install though
<braziercustoms-m> Stokachu how can I get the version you just updated onto my machine? Or would I have to patch it manually?
<stokachu> snap info conjure-up
<squashua> So I already have it by refreshing --edge?
<BrazierCustoms2> stokachu, squashua was me on the road. i lost service?
<BrazierCustoms2> I dont know why that was a question lol
<BrazierCustoms2> oh... wow I see what happened, it changed names on me lo
<BrazierCustoms2> stokachu http://paste.ubuntu.com/25401064/ Just in case it helps. feel free to check it out. its still open to you.
#ubuntu-server 2017-08-27
<Guest57435> hello
<calcmandan-mobil> running a fresh (2 weeks old) install of smoothwall with 4 interfaces. one zone is my personal with laptop. purple zone is where my servers are. this morning my mail box stopped connecting, then my cloud box stopped too. i left for a dinner party, and as i returned, even my laptop can't connect to the firewall. i'm able to login but i need assistance with the commands to be able to see logs or even restore connectivity from the f
<calcmandan-mobil> if i boot the firewall on a live disc, it connects to the internet fine, so i know the nic is working
<calcmandan-mobil> The command line is locked down and the admin guide dodsnt describe how to enable then
<calcmandan-mobil> Really stuck
<ikonia> how is this an ubuntu issue ?
<calcmandan-mobil> I know..
<ikonia> you know what ?
<calcmandan-mobil> I dont know where else to go.
<ikonia> not here
<ikonia> smoothwall support would be a logical step
<calcmandan-mobil> Ive had no luck with that. Yall have been so helpful in the past but ill leave.
<ikonia> thanks
<docmur> I bought a bunch of additional IP's for one of my servers, I added the IP's in the /etc/network/interface file and then checked the ip addr command https://pastebin.com/4nXyn3Nc, I can see the address on the interface eth0:1, after doing this, shouldn't I be able to use that IP to SSH back to the server?  The original ip is on eth0, with no :0 designation
<Gene_home> Green horn to servers, first chance to integrate a server at work, there is existing equipment and is believed to be server 2012 etc etc.  Can you recommend a "good" solution for  FTP server to support a small group, I have access to 1 PowerEdge 2850 currently with 1 cpu single core.... but can be easily expanded to 2 dual cores 16GB.  Business size is 10-50 people.  Also waiting on boss
<Gene_home> on expectatations implementing gitlab/github/git_x_enterprise.  Our office will have several hardware and firmware developers.  Many thanks!
<ikonia> what ?
<ikonia> are you asking "what ftp daemon should I run" ?
<Gene_home> I am asking for an ftp server solution that if audited by a tier one company etc will not laugh.  We are in our third year and are still struggling financially so I do not have a big budget for this solution.  thanks.
<ikonia> what sort of audit requirements ?
<Gene_home> please do not laugh, but is ubuntu server secure enough with an ftp daemon compaired to a windows server?
<ikonia> ftp is as secure or as insecure as you configure it
<ikonia> no-one is laughing
<Gene_home> what would you recommend for a small company?
<ikonia> not using FTP would be a good start
<ikonia> and it really depends on your requirements
<Gene_home> what is an alternative?
<dpb1> why are you thinking FTP is a good idea for you?
<Gene_home> im am use to ftp
<ikonia> what is the goal ?
<ikonia> what are the requirements
<dpb1> SFTP provides nearly all the familiarity, but uses SSH as the transport.
<Gene_home> some of the individuals will not have access to our network
<ikonia> what does that have to do with ftp ?
<dpb1> and there are a number of really nice clients for sftp, like winscp, etc.
<ikonia> Gene_home: what is the requirements ?
<Gene_home> we need an SFTP server, our tier one customers require us to use their infrastructure... but ask about our capability to essess how green we are.  Tier 2 customers just want to ensure their data (code we develope) is secure.  right now it is very difficult to share internally with the team.
<Gene_home> we have several remote users and contractors
<ikonia> if you are using their infrastruture - why are you setting something up ?
<ikonia> you need to have a clear set of requirements
<maxb> PowerEdge 2850 ... wow, that's some old kit to be deploying new stuff on
<Gene_home> we do not use tier 2 customer infrastructure and must use our own from time to time
<ikonia> 2008
<ikonia> Gene_home: ok - so get together a clear set of requirements
<Gene_home> can you outline some of the questions to the requirements?
<ikonia> no
<ikonia> they are your requirements
<Gene_home> thank you for the wisdom
<ikonia> welcome
<Gene_home> Can you provide an SFTP daemon solution that supports most of these requirements?  http://www.jscape.com/blog/bid/98893/10-Essential-Attributes-of-a-Secure-File-Transfer
<ikonia> are they really your requirements
<ikonia> or have you just googled for "common ftp requirements"
<Gene_home> I googled because that was more productive than asking for guidance here
<ikonia> no it wasn't
<ikonia> is this really for a business ?
<Gene_home> yes it is for a business, three year old business with limited funds.  Not all business have huge budges when they start
<ikonia> this is nothing to do with budget
<ikonia> this is to do with you messing around
<ikonia> if this is really for a business, then you should have a clear set of requirements that you have to meet and maybe some optional ones
<ikonia> not "I'll google for 90 seconds"
<Gene_home> big things have small beginnings
<ikonia> you're just saying random words now that have nothing to do with the disucssion
<ikonia> "kill two birds with one stone"
<ikonia> there you go, there is a response to your last statement
<Gene_home> and currently we are using email which is painful
<ikonia> again, this has nothing to do with it
<ikonia> stop being lazy, and actually engage with your users / partners and build requirements
<oerheks> drop ftp, owncloud *kuch*
<ikonia> there is a prime example of how no requirements will lead to a bad solution
<Gene_home> Maxb: can you recommend a newer server/brand for SFTP and/or Git lab?  Thanks!
<oerheks> easy to find, Gene_home, https://about.gitlab.com/installation/ and some tips https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-gitlab-on-ubuntu-16-04
<Gene_home> Nizumzen:  Thanks for the second link!
<Gene_home> any other good server refurb sites other than dell outlet and servermonekey?
#ubuntu-server 2018-08-20
<michael2> hi. does anyone know where the root cronjobs are stored?
<mason> michael2: man 1 crontab
<michael2> Ive got some apt updating process running as a crobjob - Im trying to find out where it is stored
<mason> The answer lies in the very first paragraph of the man page. :)
<mason> ...along with other good stuff.
<teward> I knew there was a reason I hated the Perl packages... it holds up a lot of stuff...
<xnox> teward, remove perl is my lifetime goal! imho, it is a good ecosystem/language, but in no way it should be this core / this system-low-lever.
<xnox> *level
<teward> xnox: heh.  (It's hanging up getting the latest NGINX upload into the release.  Again.)
<teward> at least this time I can't blame the searx package :P
<blackflow> michael2: it's handled by apt-daily.timer, not a cronjob, if you're talking about the default apt updating task
<blackflow> michael2: otherwise, packages drop cronjob scripts under /etc/cron.d/  or /cron.{daily,hourly,monthly,weekly}  depending on the task
<mason> xnox: It seems safer than Python for system stuff at present!
<mason> blackflow: But, I gave him the fishing manual!
<mason> Oh, he modified his question.
<mwhudson> teward: well there's only 1260 packages in proposed currently by my count...
<cpaelzer> thanks teward, sounds good
<cpaelzer> and yes the port 80 bug comes up on triage every now and then
<cpaelzer> I saw you and sdeziel discussing, it lGTM on first sight - lets hope it works well and causes less issues on its own than it prevents :-)
<cpaelzer> jamespage: FYI 1786157 is fixed as expected by the new package that got unblocked by the build dependency now being available
<cpaelzer> let me know if there is more to it
<jamespage> cpaelzer: ta - I'll work through our blocked packages now
<cpaelzer> jamespage: I've seen other people stumbling over qcow images not having set metadata correctly
<cpaelzer> jamespage: as FYI when you are taking a look
<cpaelzer> without virt-aa-helper can't follow the backing chain
<cpaelzer> AFAIK openstack and libvirt will set up correctly since years
<cpaelzer> just manually created qcow image files might be a problem
<cpaelzer> https://www.redhat.com/archives/libvir-list/2018-August/msg00971.html
<cpaelzer> jamespage: I doub't it will be an issue but wanted to know you informed :-)
<blackflow> mason: yeah, XY questions are common :)
<jamespage> cpaelzer: ta
<Tekneek> Is it possible to provide a custom port for dns in /etc/network/interfaces? I want the system to use a name server that is not running on port 53, but have not been unsuccessful. I have tried <IP address>:XXXX and <IP address>#XXXX and the system continues to only try port 53.
<tobias-urdin> coreycb: sorry for disturb, do you know anything about this?
<tobias-urdin> http://logs.openstack.org/30/593530/1/check/puppet-openstack-integration-5-scenario003-tempest-ubuntu-bionic/df227a5/logs/apache/horizon_ssl_error.txt.gz
<tobias-urdin> new openstack-dashboard package promoted just recently?
<ahasenack> good morning
<tobias-urdin> jamespage: do you know if coreycb is around?
<tobias-urdin> http://mirror.ca-ymq-1.vexxhost.openstack.org/ubuntu-cloud-archive bionic-updates/rocky/main
<tobias-urdin> as repo pulls in rc1 but according to this https://launchpad.net/ubuntu/+source/horizon rc1 should only be in proposed?
<tobias-urdin> broke some horizon stuff with the rc1 packages
<coreycb> tobias-urdin: I'll take a look and get back to you
<tobias-urdin> cool, thanks
<mason> blackflow: heh
<ahasenack> cpaelzer: when an upstream tarball installs a systemd service file in make install, how to we declare/include that in debian packages?
<ahasenack> cpaelzer: copy it do debian/ as foo.service and let dh_installsystemd handle it? but then there would be two copies of the service file
<ahasenack> on somewhere in the upstream checkout, and one in debian/
<rbasak> ahasenack: any chance your ndctl/pmdk work will need further updates to Bionic after this SRU?
<rbasak> Because we'll be more locked down after the first set goes in.
<ahasenack> rbasak: upstream just pinged me about an ndctl update
<ahasenack> rbasak: but for cosmic
<ahasenack> I think we should proceed, as I didn't get any specific request for this update for bionic, it was specific to cosmic
<cpaelzer> ahasenack: no need to copy it out to debian/*
<cpaelzer> dh_systemd tools will spot it
<cpaelzer> if you are new dh_systemdinstall I think
<ahasenack> and add the appropriate postinst bits?
<ahasenack> looks like it
<cpaelzer> old dh_systemd_start I think
<ahasenack> cpaelzer: this krb5 ticket: now that krb5 migrated should I select "finalize" or "abandon"?
<sarnold> blackflow: oh! thanks for the desktop netplan correction :) I'll have to look for it on my laptop ;)
<sarnold> teward: nice, I like the port80 fix too
<teward> sarnold: cpaelzer: indeed, I was trying to figure the best way to solve the issue, it just so happens that roaksoax's request for the separate daemon package made me go "FINE I'll Fix it..." and take a stab at it.
<teward> and thanks to several individuals who tested, that fix should be good to go (so long as nobody rips out iproute2 randomly, which would probably destroy their system anyways?)
<teward> mwhudson: heh, 1260 packages in proposed.  Of which how many are hung up with the Perl transition/proposed item I wonder :P
<teward> well, it's sitting in Proposed now, so I just have to let the queue process itself :)
<sarnold> teward: yeah if someone actually goes to the effort of removing iproute2 they're firmly in the "get to keep both pieces" category
<teward> sarnold: oh I have a security team question for you if you don't mind me bothering you briefly?
<sarnold> teward: sure :)
<teward> see PMs
<dpb1> oooh, new theme on cosmic, neat
<tafa2> can anyone recommend a cli based speedtest
<tafa2> that isn't speedtest-cli?
<ahasenack> for internet, or local networking?
<ahasenack> for an internet speed test, you could always download a large file and measure
<dpb1> I'd use this: https://github.com/gesquive/fast-cli
<dpb1> :)
<dpb1> having never tried it
<ahasenack> looks cool
<cpaelzer> ahasenack: you want to abandon
<ahasenack> cpaelzer: abandon it is, thanks
<cpaelzer> ahasenack: If you uploaded with exactly  the version that gets merged (unlikely since you want to spin on ~ppaX) it would auto-abandon I think
<tomreyn> tafa2: https://iperf.fr/iperf-servers.php
<tafa2> tomreyn amazing thanks!
<Epx998> The archive http://us.archive.ubuntu.com/ubuntu/dists/xenial/ will have 16.04.5 right?
<sarnold> Epx998: yes
<tomreyn> sarnold: these files look old to me, like 16.04.0
<sarnold> sigh. yes. thanks tomreyn.
<tomreyn> Epx998: what are you looking for exactly?
<tomreyn> Epx998: maybe you're looking for http://us.archive.ubuntu.com/ubuntu/dists/xenial-updates/
<nacc> Epx998: the url you provided is the release pocket, which basically doesn't change
<Epx998> tomreyn: Adding 16.04.5 to a cobbler instance, looking for the correct repo to sync locally from
<Epx998> i noticed the timestamps to
<Epx998> What URL can I sync locally that will have 16.04.5 ?
<Epx998> The xenial-updates?
<ahasenack> no, that doesn't contain debs
<ahasenack> the debs are always in a pool directory, but they are all bundled together
<ahasenack> updates, release, etc
<tomreyn> Epx998: cobbler, so you're looking for netboot images?
<ahasenack> if you really only want to mirror updates, you need a tool one level above a plain rsync, something like reprepro, or apt-mirror
<ahasenack> or mirror the iso directly
<sarnold> I strongly recommend the double-rsync approach instead.. I've found it more reliable than my friends have found reprepro or apt-mirror or deb-mirror or whatever
<ahasenack> that is a "snapshot" of a subset of 16.04.5
<nacc> Epx998-: to be clear, do you understand what 16.04.5 is? :) are you asking for the latest xenial packages? or the 16.04.5 hwe kernel and x stacks in an installer image?
<Epx998> nacc: I am working in a lab that uses cobbler, they needed help install ub 16.04.5 so I am looking for the correct url to point to to get .5
<Epx998> maybe i grabbed the wrong net boot images
<tomreyn> Epx998: refer to the architecture dependant 'installer'  directories at http://us.archive.ubuntu.com/ubuntu/dists/xenial-updates/main/ and their current/images/netboot/ subdirectories.
<Epx998> roger that
<nacc> Epx998: so they want specifically the 16.04.5 kernel and x?
<nacc> Epx998: 16.04.5 is just a point in time if you are not using hwe
<Epx998> yeah
<nacc> Epx998: right, then you want the correct netboot image as tomreyn mentioned
<Epx998> nacc: thats the net image i used, ill have to re visit and make sure
<X-Rob> tomreyn: been here for years 8)
<tomreyn> :) ok, feel free to ask support questions here, too.
<X-Rob> Well, I realised that I didn't take a snapshot of the VM before I started installing stuff on it
<X-Rob> so I'm reinstalling, but this time I'll reinstall WITHOUT adding keys
<X-Rob> see if that is actually the problem
<X-Rob> https://www.irccloud.com/pastebin/HsGAXfv1/shotgun.txt
<tomreyn> it's unrelated to installing ssh keys
<X-Rob> Ah poot.
<tomreyn> (but it may be related to cloud-init, not sure)
<X-Rob> Someone did say it was related to cloud-init, in the ticket.  The only other non-standard thing I do is change the mirror to australia
<X-Rob> https://usercontent.irccloud-cdn.com/file/Ht2wQsxV/mirrorchange.png
<tomreyn> my understanding is that it is generic, affects every installation, whether or not you use defaults.
<X-Rob> Oh, wow.
<X-Rob> So that EVERY 18.04.1 installation is broken right now?
<sarnold> ?
<X-Rob> Shouldn't that be like a 'pull the ISO this is really bad' situation?
<tomreyn> not broken, just not perfect ;)
<X-Rob> Technically correct, the best kind of correct, tomreyn
<X-Rob> sarnold: talking about this one: https://bugs.launchpad.net/subiquity/+bug/1783129?comments=all
<ubottu> Launchpad bug 1783129 in livecd-rootfs (Ubuntu) "Only "main" component enabled after install" [High,In progress]
<X-Rob> Broken before cloud-init runs. So nope, I was wrong. https://usercontent.irccloud-cdn.com/file/VaSohmRs/image.png
<sarnold> X-Rob: thans
<sarnold> thanks
<sarnold> I hadn't seent his one before
<tomreyn> sarnold: there are more subiquity bugs which are still 'new' some of which are about broken / non booting installations.
<tomreyn> (18.04.1)
<sarnold> huh, is it itentional for the *cd* image to be included in sources too? that seems really inconvenient for 99% of users..
<tomreyn> i mean they're filed against subiquity, i can't say whether those are bugs in subiquity
<sarnold> tomreyn: yeah, in the security team bug triage role, it's easy to spot something like a dozen bugs each week folks had with problems in the various installers.. :(
<X-Rob> I REALLY like the installer, btw. No idea when it was changed, but it's REALLY good, and I love the accessibility of it. Good colours, high contrast, and text so it can be screenread easily.
<tomreyn> sarnold: i think apt handles the missing cdrom gracefully if its not mounted, and IIRC d-i always did it this way
<sarnold> tomreyn: oh okay
<sarnold> it just gave me flashbacks to suse in 1997 or something where it wouldn't let you download the apache update until you'd installed apache off disc 3 or something like that..
<tomreyn> i think the cdrom apt source was disabled back then, though
<sarnold> I never used the debian cdrom: source..
<sarnold> "we'll use the slowest block device you've got! and the data is old!"
<X-Rob> Slowest?  1.44mb Floppy: Hold my beer..
<X-Rob> oh wait
<X-Rob> that WAS floppy
<tomreyn> the cdrom source is definitely handy in airg apped environments.
<X-Rob> OK, so curtin just ran
<X-Rob> https://usercontent.irccloud-cdn.com/file/H6a8Yf90/curtin.png
<X-Rob> Lets see if it's broken now
<tomreyn> ...or while the corporate firewall team is on holidays and didnt get around to handle your policy request, yet
<X-Rob> Yep, broken everywhere.
<sarnold> X-Rob: heh, yeah, I remember doing slackware on 53 floppies.. fun times :)
<tomreyn> does vmware also send the webconsole password on this HTTP(S) GET request? :)
<X-Rob> sarnold: I used to be a slackware mule, back in the day.  Uploading slackware floppies to BBS's all around Australia.
<X-Rob> tomreyn: ... whoops, I posed the uncropped snapshot. Ah well. Nothing secret there.
<tomreyn> well, i kow you have set a bookmark on "New Tab" now.
<sarnold> X-Rob: ah :D the hero for the other aussies :D
<X-Rob> sarnold: I got SO MANY BBS credits, I could download whatever I wanted.
<sarnold> hahahaha
<sarnold> that's awesome :D
<X-Rob> New Tab https://usercontent.irccloud-cdn.com/file/c4n2o6ii/newtab.png
<sarnold> hheh
<tomreyn> voip phone security is ~ on par with printers, if not even worse.
#ubuntu-server 2018-08-21
<X-Rob> tomreyn: They're not meant to be secure. They're also not meant to be exposed to the internet, either.
<Hackerpcs> I'm having an "issue" with an smb share. I record internet radio with vlc (cron, cvlc) and I play it with VLC over smb in Windows 7. The problem is the time doesn't refresh so when it reaches the end of the duration it read when it was opened, it stops. I found that if I try to copy the file in Windows, the duration gets updated. When I recorded it on Windows 7 and streamed to Windows 7, the
<Hackerpcs> duration was updated. Anyone know if there's something to make the duration get updated every second?
<cpaelzer> good morning
<jamespage> cpaelzer: morning
<jamespage> hurrah for endian-ness bugs! - https://launchpad.net/~james-page/+archive/ubuntu/rocky/+packages
<cpaelzer> hi jamespage
<cpaelzer> grml
<cpaelzer> jamespage: are you sure this is endieness
<cpaelzer> endian-ness
<cpaelzer> gcc: error: unrecognized command line option '-Wthread-safety'; did you mean '-fthread-jumps'
<cpaelzer> to me that appears different options on different platforms?
<cpaelzer> I have read the log for 3 seconds now, maybe I should spend more
<cpaelzer> that could as well be a normal config prompt
 * cpaelzer is reading
<cpaelzer> or is it tests 805/810/814?
<jamespage> its the test failures
<cpaelzer> didn't you in the past just mask them and report to upstream plus arch owner?
<jamespage> cpaelzer: I have yes and will probably do that - I've already mail dev upstream
<cpaelzer> rbasak: isn't bug 1787727 just a copy and paste of the message the maintainer scripts print?
<ubottu> bug 1787727 in mysql-5.7 (Ubuntu) "package mysql-server-5.7 5.7.23-0ubuntu0.18.04.1 failed to install/upgrade: nieuw mysql-server-5.7 pakket pre-installation script subproces meldde een fout afsluitstatus 128" [Undecided,New] https://launchpad.net/bugs/1787727
<cpaelzer> what else would you suggest than an too unfriendly "please read what is written"?
<cpaelzer> dpkg histroy suggests switches between myslq/maridb are the trigger
<cpaelzer> I tried to kindly explain, if your think there is more to be added let me knwo
<cpaelzer> rbasak: also FYI I was afraid to accidentially cancel the process of the importer so I detached from the screen and will only check the log if there is any reason to do so
<cpaelzer> rbasak: or did you check on a regular base without a ping to do so?
<jamespage> cpaelzer: now I just need to figure out why ${python3:Depends} ends up subbbed in python:any
 * jamespage scratches his head
<rbasak> cpaelzer: your bug response seems reasonble.
<rbasak> cpaelzer: I don't check the importer without a ping.
<cpaelzer> jamespage: the third b is the reason :-)
<jamespage> oh probably
<cpaelzer> 3 vs not 3
<cpaelzer> ?
<cpaelzer> jamespage: did you push to the pgk git already?
<jamespage> cpaelzer: not yet - I know that the py3 issue is tho
<jamespage> cpaelzer: I'm right with my we need rdma-core in UCA for the new dpdk mellanox support
<cpaelzer> jamespage: I think only if you want/need to go further than Bionic
<cpaelzer> Bionic had 17.1 I think
<cpaelzer> which could be recent enough
<cpaelzer> newer DPDK need newer rdma-core, but I thought 17.11.3 was not yet one of those
<cpaelzer> jamespage: lets disambiguise a bit here
<cpaelzer> the DPDK in Cosmic and Bionic atm (without UCA) are virtually identical
<cpaelzer> as since Bionic we have a MRE to drive back stable releases
<cpaelzer> and Cosmic not picking a newer one for openvswitch not being compatible
<cpaelzer> that said implies that the rdma-core in Bionic is fine for the 17.11.3
<jamespage> yeah this was for xenial
<cpaelzer> uh
<cpaelzer> ok so you are not thinking about the cosmic->bionic route
<cpaelzer> but bionic->xenial
<cpaelzer> yeah there you'll need it
<jamespage> cpaelzer: no - if the rdma-core in bionic is good enough, we'll skip it for the Rocky UCA
<cpaelzer> yep, as rocky is only for 18.04
<cpaelzer> down the road I assume in DD release we will pick up a newer DPDK, needing a newer RDMA code and then for UCA-S* you'll need it
<cpaelzer> but not atm
<jamespage> yeah we do things on an as-needed bases
<jamespage> is
<cpaelzer> all your base belong to us anyway
<jamespage> :)
<RoyK> cpaelzer: all your base *are* belong to us ;)
<RoyK> cpaelzer: https://www.youtube.com/watch?v=8fvTxv46ano
<cpaelzer> you are right RoyK
<cpaelzer> I'll use 2*are next time to be ok on average
<RoyK> lol
<boxrick> Within the pre-seed is it possible to output some form of debug mid run ? Either to a console or similar?
<boxrick> Alt + f4 scrolls back quite quickly
<RoyK> boxrick: guess netconsole might be an idea
<rbasak> ahasenack: pmdk/ndctl for Bionic uploaded. Now it's in NEW. I've also pushed upload tags.
<ahasenack> rbasak: thanks
<ahasenack> rbasak: can you check this commit? The multiple changes to d/changelog look odd: https://git.launchpad.net/ubuntu/+source/talloc/commit/?id=85882c4aa32823d0e3d2a1d4be27ab3991b5662a
<rbasak> I suspect a previous merge missed out the merged changelog
<rbasak> Oh
<rbasak> I see
<rbasak> It was previously in sync
<rbasak> Wait let me get my story straight
<rbasak> Nothing special happened here.
<rbasak> The importer parented against 2.1.11-2, which is the second changelog entry. So this upload is "derived" from that, which is why the importer used it, which is the intended current algorithm.
<rbasak> A consequence is that you see older Ubuntu changelog entries being added, because that's the diff to its "Debian" parent.
<rbasak> The "Ubuntu" parent isn't considered any more (if it ever was?) by the importer algorithm.
<rbasak> (I think it was, but we intentionally changed that around Nov last year)
<rbasak> nacc: ^ this is an interesting case to me. I don't know if it's obvious and we agreed it would happen. Do you think it's fine?
<rbasak> I suppose it's essentially equivalent to our regular package merge workflow, but with all commits squashed together because rich history wasn't supplied.
<ahasenack> rbasak: I saw it while preparing a new debian merge, and deconstructing the changelog bits
<ahasenack> (or reconstructing? I can never differentiate them. The first rebase)
<ahasenack> rbasak: interesting, d/control still had the debian maintainers
<ahasenack> probably just a mistake
<jottr> Hi all. How do I make sure, that any user (even ubuntu-user) are required to enter a password when running `sudo`.
<sdeziel> jottr: you'd need to audit your sudoers rules in /etc/sudoers and /etc/sudoers.d/*
<jottr> sdeziel: Ah /etc/sudoers.d/* I didn't check. Thanks for pointing that out.
<sdeziel> np
<ahasenack> rbasak: cpaelzer: quick review for a small delta? This will unblock ldb in cosmic-migration: https://code.launchpad.net/~ahasenack/ubuntu/+source/talloc/+git/talloc/+merge/353503
<rbasak> Looking
<ahasenack> cpaelzer: man, I keep forgetting to switch target series to cosmic in bileto :/
<rbasak> ahasenack: a package merge review is non-trivial for me because of the mechnical checks that we don't have full automation for yet :-/
<ahasenack> why is zesty and yakkety still in that list anyway? :)
<rbasak> But I'll look anyway
<ahasenack> the delta is one commit
<ahasenack> should help
<rbasak> ahasenack: +1. I think you want sponsorship?
<ahasenack> rbasak: yes please
<rbasak> Done
<ahasenack> \o/
<ahasenack> kstenerud_: so, what happens now with that postfix mp,
<ahasenack> kstenerud_: your changes are being sponsored by cpaelzer, meaning he will do the upload for you
<ahasenack> kstenerud_: it will go into an unapproved pocket, waiting for a member of the sru team to look at it
<ahasenack> this person will look at the changes, at the bug, see if the sru template is in good shape
<ahasenack> decide based on that if this is worth an update to the stable release or not
<ahasenack> kstenerud_: so now we wait for that one. Watch your inbox :)
<ahasenack> kstenerud: that ssh bug, check my comment #3
<ahasenack> kstenerud: and feel free to double check what I said, that it's fixed >= artful
<ahasenack> https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1771340 ftr
<ubottu> Launchpad bug 1771340 in openssh (Ubuntu) "sshd failed on config reload" [Low,Triaged]
<nacc> rbasak: will read it back in a bit, otp
<kstenerud> andreas: So for the openssh bug I've found the commit in artful that fixes the issue. It also has a bunch of other modifications. Do we want to just fix this one issue and make no other modifications? Or would a cherry-pick work here?
<nacc> rbasak: what's the exact question?
<nacc> rbasak: that commit looks completely correct to me? It was an Ubuntu merge done by doko without git-ubuntu
<nacc> ahasenack: --^ ?
<rbasak> nacc: it was a little surprising to me to see multiple changelog hunks in the "git log" for that commit.
<rbasak> nacc: however I acknowledge that it is currently by design.
<rbasak> nacc: so if you think it's fine, it's fine :)
<rbasak> I suppose it's because we pick the changelog parent now and it isn't a merge commit against the Ubuntu publication parent.
<rbasak> You'll probably tell me that that's what you expect because we deliberately made that change. If so, it's fine :)
<nacc> rbasak: right we eliminted the publishing parent. there is now only some subset of changelog or upload parent.
<nacc> rbasak: so it's no different than the merge-changelogs step being folded into the actual content
<nacc> afaict
<dpb1> rbasak: do you know the answer to kstenerud's question?
<dpb1> rbasak: btw, thought you were flying today!?
<nacc> dpb1: re: the openssh fix?
<dpb1> nacc: yes
<nacc> kstenerud: you should fix one issue with the one commit :)
<nacc> kstenerud: it's probably certain you wouldn't cherry-pick across the releases
<nacc> unless the thing you're cherry-picking is the bit you did in the other release yourself :)
<dpb1> thx
<kstenerud> nacc: OK, so I'd make my own patch to this version, right? Not grab a newer version from debian?
<nacc> kstenerud: this is fix for bionic?
<kstenerud> xenial
<nacc> kstenerud: yeah, in that case, you'd not be merging, you'd be taking an isolating fix and backporting
<dpb1> kstenerud: we don't tend to put back new versions to stable releases unless there is a very good reason.
<nacc> kstenerud: ah ok, xenial and bionic are effectively the same thing
<nacc> kstenerud: have you read the SRU page?
<nacc> basically, the SRU requirements are much higher than in the development release :)
<dpb1> kstenerud: there are some packages that are exceptions to that for various reasons, but the promise of ubuntu is that we keep things stable once released.
<kstenerud> OK. So in this case the bug is that breaking the config and then reloading the service doesn't spit out an error, which makes the server unrechable if you log out afterwards without checking dmesg. Is that considered high impact?
<dpb1> kstenerud: is it fixed in artful+?
<dpb1> (bionic really)
<kstenerud> dpb1: yes, it's fixed in artful onwards
<dpb1> kstenerud: if the description on the bug is acurate, I think doing a service reload and the service silently not running is pretty bad.
<rbasak> Was there still a question for me?
<dpb1> it takes action by the user, but it's not crazy
<dpb1> rbasak: no
<rbasak> OK :)
<dpb1> rbasak: well yes
<dpb1> 16:30:46         dpb1 | rbasak: btw, thought you were flying today!?
<rbasak> Oh
<dpb1> :)
<rbasak> Actually it was yesterday, but the weather was poor so we cancelled.
<dpb1> what about today?
<rbasak> Not enough aircraft availability :(
<dpb1> ahh
<rbasak> They're quite booked up usually and I need three consecutive slots, so it's awkward
<rbasak> I've rebooked for after Brussels.
<rbasak> Also one of their aircraft isn't suitable because it doesn't have an upgraded radio yet, so I can't talk to one particular air traffic service that I need to for my test (but otherwise it isn't strictly necessary, so they've put off an upgrade until the next major service)
<dpb1> kstenerud: first up, we should fix the bug up to be accurate then.
<rbasak> There's this big worldwide aviation radio upgrade thing going on - splitting every existing channel into three to create more space.
<dpb1> kstenerud: it's fix-released in artful+, and we want it back to at least xenial
<kstenerud> OK I'll get on it
<dpb1> ahasenack: is that what you would normally do? ^
<dpb1> add tasks, etc?
<ahasenack> I would first get a branch
<ahasenack> test it
<ahasenack> make sure I have the right fix
<ahasenack> then update the bug with the sru template
<ahasenack> then make the MP
<ahasenack> sometimes the MP first, bug template after, but close together
<dpb1> OK
<Ussat> any fix for thsi bug:  https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1504659
<ubottu> Launchpad bug 1504659 in systemd (Ubuntu) "Duplicate line for path "/var/log" warning is shown when rsyslog is installed" [Low,Opinion]
<ahasenack> trying: talloc
<ahasenack> accepted: talloc
<ahasenack> \o/
<ahasenack> rbasak: do you know if a dependency-wait error is retried automatically? https://launchpad.net/ubuntu/+source/ldb/2:1.4.0+really1.3.5-1/+build/15263978
<ahasenack> the required package is in cosmic-proposed already
<ahasenack> I don't see a "retry" button/link there
<nacc> ahasenack: it is not
<nacc> (iirc)
<nacc> i can see a retry
<ahasenack> nacc: can you click that for me for all arches in https://launchpad.net/ubuntu/+source/ldb/2:1.4.0+really1.3.5-1 please?
<nacc> ahasenack: ack
<ahasenack> nacc: thx!
<nacc> ahasenack: done, yw
 * ahasenack sees the spinning iso icon
<ahasenack> kstenerud: regarding debian patches, remember that changes to any file inside debian/ itself won't use a debian patch
<ahasenack> debian patches are only for changes done to the upstream source code
<ahasenack> build failure on the "funny" arches, :(
<ahasenack> (ldb)
<ahasenack> hah
<ahasenack> ldb (2:1.4.0+really1.3.5-2) unstable; urgency=high
<ahasenack>   * Add patch from upstream to fix FTBFS on some arches (arm64, armhf, mips,
<ahasenack>     mipsel, s390x, ...)
<kstenerud> ahasenack: so since this change modifies debian/systemd/ssh.service, I don't use a patch?
<kstenerud> Do I just modify the file directly in the commit?
<ahasenack> correct
<nacc> kstenerud: in case it helps, do you understand why that's the case? :)
<kstenerud> nacc: I'm guessing because anything inside the debian dir is exempt?
<nacc> kstenerud: specifically, the way the source package is distributed is two tarballs, one is the orig tarball of the upstream. This is effectively not modified (except in cases of dfsg - Debian Free Software Guidelines) from upstream. Then there is a tarball of the debian directory separately.
<nacc> (this is for 3.0 - quilt format, at least, which is quite common)
<nacc> so since the orig tarball is unmodified, changes to it are carried as quilt patchs in the debian tarball; while changes to the debian path itself can be stored in the debian tarball normally
<nacc> kstenerud: it's worth reading `man dpkg-source` a few times to catch up on terms there
<kstenerud> ah ok :)
<nacc> the debian manual also has some good guidance there
<nacc> kstenerud: hopefully it's clear, but i'm not trying to just point what you don't know; but i found it eventually much easier to know why things were being donne the way they were, even if it took me a year to understand it fully :)
<kstenerud> ahasenack: I hit a snag making the PPA for a fix. I used dput to upload the new openssh code, but now when I add the repo I get an error on apt update:
<kstenerud> E: The repository 'http://ppa.launchpad.net/kstenerud/sshd-reload-1771340/ubuntu xenial Release' does not have a Release file.
<ahasenack> kstenerud: a) check that the package built; b) check that you had "xenial" and not "cosmic" or something else in the d/changelog line with the version
<ahasenack> kstenerud: looking at https://launchpad.net/~kstenerud/+archive/ubuntu/sshd-reload-1771340/+packages, it's still building
<dpb1> ahhhh, ppa building / published
<dpb1> :)
 * dpb1 notes the current 'building' icon with 'published' status. :)
<madLyfe> anyone setup plex server on ubuntu server before?
<dpb1> y
<Ussat> Yes
<nacc> madLyfe: it's typically better in all ubuntu* support channels to not use polls :)
<nacc> madLyfe: someone has almost always done what you are about to ask if someone has done.
<nacc> madLyfe: instead, if you have a problem with it, ask your specific problem. If you are looking for a guide, ask for a guide.
<nacc> madLyfe: saves your time and ours as volunteers.
<madLyfe> I'm sorry about that nacc had is kind of spinning trying to decide what to use for my setup here
<madLyfe> and I'm on phone right now while setting up a new server box in the basement. where all servers belong! I'll be back to the chat in a few.
<nacc> madLyfe: understood -- just trying to help you ask better questions :)
<madLyfe> I need a nacc IRL..
<nacc> madLyfe: well i mean, i am real :)
<madLyfe> you know, to be a better overall human
<madLyfe> ð
<nacc> lol
<nacc> well, that's on you ;)
<madLyfe> so here is my situation and why it involves ubuntu:
<madLyfe> https://www.irccloud.com/pastebin/gdtxNXbs/
<madLyfe> thats kind of an explanation of the situation..
<madLyfe> so ive given in to using a nix software raid. i just wasnt sure what route to take. something like FreeNAS/OpenMediaVault or just use ubuntu.
<madLyfe> i am going to take the two 1tb drives and put them on an abandoned box utilizing a 16gb sandisk usb drive for the os and use ubuntu server. well thats as far as i am currently.
<madLyfe> im not sure if this is the route you guys would have taken for such a thing but there are so many options.
<coreycb> jamespage: tobias-urdin: i'm not sure what the problem is with openstack-dashboard. i think i'll have to bisect through the rocky updates to see when it worked last.
<sdeziel> sigh, pastebin service that require Javascript  are... annoying ;)
<sdeziel> madLyfe: if you go with Ubuntu, I'd suggest you give a try to zfs instead of mdadm
<coreycb> jamespage: tobias-urdin: i'm not getting a response from the server and debug's not helping. also installing heat-dashboard seems to mess up the /usr/share/openstack-dashboard/openstack_dashboard alternative but that's a separate issue.
<evit> I'm setting up automatic updates. If I don't specify Unattended-Upgrade::Automatic-Reboot-Time does it reboot immediately?
<ahasenack> evit: yes
<ahasenack> the comment above that setting in 50unattended-upgrades says so, at least
<evit> ahasenack, great thank you. I was unclear on it
<madLyfe> sdeziel: someone said nfs or something like that?
<madLyfe> i just tried 'sudo parted -ls | nc termbin.com 9999' and it tossed errors
<sdeziel> madLyfe: I'm suggesting to look at zfs to handle the FS as well as the RAID1 part which would remove the need from using mdadm raid
<madLyfe> https://paste.fedoraproject.org/paste/fCORU~TBtFWBGZ860hEnnw
<madLyfe> sorry, nfsd is what they said to use.
<sdeziel> madLyfe: nfs is meant to export a FS to remote machines, which is not what I'm talking about
<madLyfe> well i need to be able to access this via win 10
<ahasenack> kstenerud: now, on https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1771340
<ubottu> Launchpad bug 1771340 in openssh (Ubuntu) "sshd failed on config reload" [Low,Triaged]
<ahasenack> kstenerud: you will see a "xenial task"
<ahasenack> it's another line below the one with the package name
<ahasenack> kstenerud: since this is fixed >= artful, and more importantly, in the current development release,
<ahasenack> kstenerud: we will mark the "main" task, the one with no ubuntu release qualification, as fix released. That represents the development release
<sdeziel> madLyfe: sorry, I may be confusing you. What I meant was just to advise you to look into zfs for the local filesystem and RAID portion of this server if you were to chose Ubuntu as the base OS
<ahasenack> kstenerud: the xenial task, that's the one you are working on. You should mark that as in progress, and assign it to you
<sdeziel> madLyfe: I mentioned zfs because it is one of the key advantage offered by Ubuntu from the selection of OS you provided (FreeNAS has it too)
<madLyfe> sdeziel: i have already installed the OS on the thumb drive. not sure what it installs with by default.
<kstenerud> ahasenack: ok done
<sdeziel> madLyfe: the ZFS part would not be for the thumb drive but for the bulk data storage, the RAID1 array
<ahasenack> cool
<kstenerud> ahasenack: I don't see any inline comments
<ahasenack> kstenerud: scroll down to the diff
<dpb1> heh
<ahasenack> or, click on "show diff comments" in the box surrounding my comment
<ahasenack> on the far right
<kstenerud> ok
<ahasenack> (but that will just scroll down for you afaik)
<dpb1> that interface isn't great
<ahasenack> kstenerud: there is one comment I added after, it's the indentation of the changelog line
<kstenerud> ahasenack: ok, pushed with a new commit
<ahasenack> kstenerud: and I added one more comment :)
<kstenerud> ah right :)
<ahasenack> kstenerud: looks good, =1
<ahasenack> +1
<ahasenack> kstenerud: since it's a package that needs a core developer to sponsor, my +1 is not final, someone else will have to look at it tomorrow
<kstenerud> ok no problem
<ahasenack> kstenerud: I'd suggest to add to the description (or amend it) the link to the debian salsa commit with that change
<ahasenack> because it's very localized there, and clear
<ahasenack> kstenerud: which introduces you to salsa (the site)
<ahasenack> kstenerud: that's where debian moved all their packaging repositories, or well, most of them. Some packages are not there yet
<ahasenack> it's a gitlab site
<kstenerud> how do I get a salsa commit link?
<ahasenack> kstenerud: sometimes, as part of fixing something in ubuntu, we make a pull request (merge request in salsa lingo) there to fix it in debian too
<ahasenack> kstenerud: I just went to salsa.debian.org, searched for openssh, then cloned it, and used git log (locally) and searched for the bug
<ahasenack> that gave me the commit
<kstenerud> umm... which one? The debian ssh maintainers?
<ahasenack> yes
<ahasenack> the more "official looking" one :)
<ahasenack> I pasted the link in one of my review comments, but go ahead and try from scratch
<kstenerud> ok added
<madLyfe> sdeziel: i also just want to be sure that if i use zfs raid 1 that i would be able to take that raid array to a different system/hardware and have zfs pick it back up. like say if i moved to freenas zfs.
<ahasenack> kstenerud: excellent
<kstenerud> OK, gotta go pick up a canonical package in town
<ahasenack> cool
<sdeziel> madLyfe: yes, you can bring the array (or only one drive for that matter) to another machine. Plugging it to freenas should work as ZFS uses compatibility levels so presumably it would still work there
<ahasenack> and I'm eod
<ahasenack> kstenerud: see you tomorrow
<kstenerud> l8r!
<madLyfe> sdeziel: tyvm
<sdeziel> madLyfe: the "transplant to freenas" part would need a little research if it's really something you want to do. Otherwise you can zfs send | zfs receive between Ubuntu and FreeNAS
<madLyfe> im saying like, if my os drive was to go away, would the 2 disk raid array be just fine? can put it elsewhere?
<sarnold> you might be restricted in your choices of "elsewhere"
<sarnold> but between smartos / omnios / fbsd / proxmox / various linux distros / you'll probably be fine
<madLyfe> k
<mason> You'd need a subset of properties that work everywhere FWIW.
<madLyfe> what does that mean?
<mason> Features. https://bpaste.net/show/bb4bbdc9867e
<madLyfe> also, why would this happen? https://paste.fedoraproject.org/paste/sWmWASPo7whE64IVf6GiFQ
<mason> That was accurate as of Ubuntu Xenial and FreeBSD 10 or early 11.
<sarnold> madLyfe: http://open-zfs.org/wiki/Feature_Flags
<mason> Ugh, their paste requires JavaScript?!?
<sarnold> madLyfe: because you only directed stdout to nc --> http://termbin.com/t2j7
<madLyfe> mine or sarnolds?
<sarnold> madLyfe: stderr still went to the terminal
<madLyfe> what should it have been?
<sarnold> well that's fine ifyou know what that means :) heh
<madLyfe> sadly no. but the termbin is still correct? i mean it looks correct to me
<madLyfe> also its odd that it didnt work the first time. i also had it not work the first time from a live usb boot with kubuntu.
<mason> Hrm. I just told NetPlan to use NetworkManager as its global renderer and I said "netplan apply" but... nothing's changed.
<mason> Does "netplan apply" not handle a renderer change?
<mason> And why is there no netplan(8)?
<mason> Restarting did the trick, but I have to have missed something to get it to reconfigure without a reboot.
<nacc> mason: i think there's also a #netplan, but i might be wrong
<mason> nacc: That rings a bell. I'll explore later I guess.
<dpb1> huh... I guess it's in 5
<dpb1> filing a bug would be fine (netplan.io)
<mason> dpb1: For me? And we're running 4, and this exists in 5?
<mason> I see netplan 0.36.3
<mason> looking
<sarnold> mason: I think dpb1 meant netplan(5)
<mason> Ah.
<sarnold> as opposed to netplkan(7(
<sarnold> gah
<sarnold> I can haz nap?
<mason> dpb1: Yes, netplan(5) exists, but there's a netplan(8) command with no man page.
<mason> net-q'plah!
<sarnold> lol
<mason> dpb1: netplan(8) would document the binary, where 5 is for file formats.
#ubuntu-server 2018-08-22
<dpb1> right, I meant, file a bug that the manpage should be in 8
<dpb1> oddly, there is an entry here...
<dpb1> http://manpages.ubuntu.com/manpages/bionic/en/man8/netplan.8.html
<dpb1> heh
<dpb1> but, I don't see it in the deb
<mason> dpb1: Oh, interesting.
<mason> I'll open up a bug tomorrow.
<cpaelzer> good morning
<Unit193> Heya, cpaelzer.
<ahasenack> good morning
<kstenerud> morning!
<boxrick> I have the following pre-seed, and it works fine in most cases. But on some hosts when it comes to grub it asks where to put the bootloader, and defaults to /dev/mapper
<boxrick> https://gist.github.com/boxrick/3a4022d003daa63b7d27cca7f0f99894
<boxrick> But this is already set to /dev/sdb using the early command. So any ideas what is changing it ?
<ahasenack> kstenerud: morning! (!)
<ahasenack> kstenerud: is there light outside yet? :)
<kstenerud> Almost dawn :)
<boxrick> Seems I have identified a bug.... https://bugs.launchpad.net/ubuntu/+source/grub-installer/+bug/1012629
<ubottu> Launchpad bug 1012629 in grub-installer (Ubuntu Precise) "grub-installer ignores "bootdev" setting in preseed file" [Undecided,Confirmed]
<boxrick> Sad to see it still in bionic
<rbasak> kstenerud: nice job on the postfix SRU. I saw it in the queue :)
<boxrick> Can anyone tell me how grub-pc differs from grub grub2-common packages?
<rbasak> kstenerud: one point on regression potential - that section is also to inform testers, so it would be helpful to explain what testers might focus on to find a regression in case there is a mistake in the SRU.
<rbasak> So "normal and error paths around parsing includes", etc.
<rbasak> (and in particular ENOENT)
<rbasak> (or whatever it was; I'm sure I got the detail wrong)
<kstenerud> rbasak: I'm not sure I follow. Are you speaking in general terms, or specifically to the sshd issue?
<rbasak> In general terms the purpose of the regression potential section, and a specific example for the postfix SRU
<kstenerud> Umm.. So in this case it was hinging on the intersection of failed open and EACCESS, which we decoupled, which means that ENOENT would also trigger the correct path, right?
<kstenerud> Or do you mean check ENOENT as well as a tester just in case we messed up?
<rbasak> No that was my mistake, sorry.
<rbasak> I said ENOENT but I meant EACCESS
<rbasak> And it perhaps wasn't in includes?
<kstenerud> ok
<rbasak> So I did really badly at providing an example that was actually connected to this bug.
<rbasak> What I mean though is a general "these are the code paths that might be affected and this is how to exercise them"
<kstenerud> ah ok :)
<rbasak> Because then that can help drive how we test the SRU.
<ahasenack> kstenerud: did you see the bug notification about postfix being accepted?
<kstenerud> yup
<ahasenack> kstenerud: ok, so now another process started
<ahasenack> kstenerud: there are a few things to do now
<ahasenack> kstenerud: first check that it built. That's the first link in the acceptance email: https://launchpad.net/ubuntu/+source/postfix/3.3.0-1ubuntu0.1
<ahasenack> kstenerud: look at "builds" on the far right, and publishing
<ahasenack> kstenerud: you can also see in the Upload details section that you are considered the one who uploaded it, but you were sponsored by someone else, since you can't upload yet
<ahasenack> kstenerud: the next thing to keep an eye on is the so called "excuses" or "migration" page
<ahasenack> kstenerud: for bionic, that is http://people.canonical.com/~ubuntu-archive/proposed-migration/bionic/update_excuses.html
<ahasenack> replace "bionic" with the ubuntu release name for other SRUs
<ahasenack> kstenerud: look for "postfix" in there. It may take a while to appear (isn't there atm)
<ahasenack> kstenerud: that will show the dep8 tests of postfix, and of packages that depend on postfix
<ahasenack> kstenerud: if anything goes red, checkout why. If it comes to that, ping me and we can check together
<ahasenack> kstenerud: finally, as the bug notification said, ubuntu is now waiting for someone to confirm that the package in bionic-proposed fixes the problem that was reported
<ahasenack> kstenerud: usually we prefer if the person who reported the bug verifies it. But if that doesn't happen "soon" (1d? 2d? More?), then you can do the verification yourself
<ahasenack> kstenerud: the important thing is that the verification must use the package from bionic-proposed (confirmed via, for example, apt-cache policy <package>), and that the test described in the bug is performed. copy & paste is appropriate for showing test results
<ahasenack> kstenerud: so, summary, 3 things: a) check it built; b) check dep8 passed in the excuses page; c) sru verification in the bug
<kstenerud> ok, so there's a postfix entry in the excuses page talking about a missing build
<ahasenack> aha, it just appeared
<ahasenack> yeah
<ahasenack> the build is in lp, but when the script checked, it wasn't there yet
<ahasenack> just wait for the next page refresh
<kstenerud> ok
<ahasenack> it's not dynamic, it's cron generated, so don't hammer on the reload button :)
<ahasenack> I think it runs twice an hour, give or take
<ahasenack> but if you went to this page first, and saw missing build, then you should check launchpad to see if a build didn't fail
<ahasenack> if you scroll down on that page you can see examples of a lot of different possible scenarios
<ahasenack> failed runs, green runs, runs that are known to always fail, etc
<kstenerud> which page? I don't see anything colored on the excuses page or the package page
<ahasenack> kstenerud: the same page
<ahasenack> gdm3, for example, has a regression
<ahasenack> the excuses page
<ahasenack> how can you not see that bright red? :)
<kstenerud> oh ok I see it
<kstenerud> so this is just a ticker for everything being built?
<ahasenack> for that particular release
<ahasenack> it won't move automatically to the updates pocket, because this is a stable release
<ahasenack> but is one check the sru team will do before approving the update
<ahasenack> approving means moving it from the proposed pocket, to the updates pocket, so it becomes available to all users
<ahasenack> the proposed pocked is public, but opt-in
<ahasenack> the bug notification explains how to enable it for those who want to help testing
<sdeziel> kstenerud: I'll be glad to do the SRU verification for this postfix LP
<sdeziel> I've already setup a reproducer and I'm waiting for the update to land in -proposed
<kstenerud> cool thanks!
<sdeziel> kstenerud: verification done
<kstenerud> sdeziel: So when verification is done, is there a page that gets updated?
<ahasenack> kstenerud: actually, there is
<ahasenack> I forgot about that one
<dpb1> :)
<ahasenack> kstenerud: https://people.canonical.com/~ubuntu-archive/pending-sru.html
<ahasenack> yet another random page out there
<dpb1> people.c.c/~something/foo.html
<ahasenack> kstenerud: search for postfix
<ahasenack> kstenerud: this page is also cron generated, so it may take a while to update
<ahasenack> kstenerud: your bug is "blue", meaning it's waiting for verification
<ahasenack> kstenerud: once it detects the verification done by sdeziel, via bug tag changes, the bug number should turn to green, like others
<ahasenack> kstenerud: red means bad. The verification could have failed, for example
<sdeziel> it would be nice to have those links integrated to LP so that one can track the progress easily
<ahasenack> kstenerud: the excuses page updated, your tests have began
<ahasenack> kstenerud: see how it also runs dep8 tests of other packages
<ahasenack> these are other packages that use postfix
<ahasenack> this is to make sure they don't break because of a postfix update
<ahasenack> for some definition of "sure", of course :)
<ahasenack> way better than nothing
<ahasenack> kstenerud: sru verification can be another source of work for us. Go over that page, check bugs that have not been verified yet and are sitting there for a long while, and perform the verification. If you have a package/service you know well, it's a good helping hand to do it
<rbasak> I've had a plan for that for a while. But like everything no time to work on it.
<rbasak> A bot which picks up information from various places and maintains an area inside the bug description with status, expectations that contributors can understand, etc.
<ahasenack> rbasak: debian just pushed sssd 1.16.3, is there something you can kick to have g-u fetch that now? Or, when would it notice it?
<rbasak> "It's in the queue/it's awaiting verification etc"
<sdeziel> rbasak: it would help community member to push debdiffs and do SRU validation IMHO
<rbasak> Agreed
<sdeziel> I suspect the pending-sru and update_excuses pages are not widely known by the community members
<sdeziel> but I hear you, ENOTIME
<rbasak> git-ubuntu first I think
<rbasak> That'll help get stuff into the pipeline.
<rbasak> I want it to be possible for a contributor to clone one of our branches, git cherry-pick from upstream, and submit that.
<kstenerud> I'm putting all this in the document
<rbasak> We have code ("changelogify" and "quiltify") that automatically does the packaging work for simple cases.
<rbasak> Inside git ubuntu build.
<rbasak> It's just not quite ready for general use yet.
<Ussat> ...
<ahasenack> rbasak: did you see my ping?
<rbasak> Oh, sorry
<rbasak> It'll get noticed after Launchpad picks it up
<rbasak> It needs to appear in https://launchpad.net/debian/+source/sssd/+publishinghistory first
<ahasenack> thanks, good to know
<rbasak> After that the importer should pick it up within half an hour (IIRC) if it's not busy
<ahasenack> https://launchpad.net/debian/+source/sssd still has only 1.16.2 indeed
<ahasenack> do you know when lp does that?
<rbasak> I don't recall. Not quickly.
<ahasenack> ok
<rbasak> (on the order of a day IIRC)
<rbasak> Part of that is Debian's publication process I think
<dpb1> rbasak: not a bad idea (maintain status in the bug somehow), might work better with a service though
<rbasak> Their publication runs are very slow compared to Launchpad
<dpb1> web service that does that, then a link
<dpb1> link in the bug, I mean
<rbasak> dpb1: yeah rich HTML would be handy for links to everything
<rbasak> dpb1: but perhaps a plaintext summary in the bug?
<ahasenack> rbasak: it's showing up in rmadison already
<dpb1> rbasak: not a bad idea
<dpb1> rbasak: but ya, no time
<rbasak> ahasenack: is it available through apt though?
<rbasak> (in sid)
<ahasenack> haven't checked
<ahasenack> it's ok, "half an hour after lp has it" is the answer
<ahasenack> cpaelzer: if still here, shouldn't bileto use cosmic-proposed if the target is cosmic? Or it never uses proposed?
 * ahasenack checks the ppa deps
<ahasenack> the ppa is fine, it's using proposed
<ahasenack> but the dep8 tests did not
<dpb1> ahasenack: hi
<dpb1> are you back now?
<ahasenack> freenode ssl let me in this time, yes
<ahasenack> -emerson- :[Global Notice] Services are going to be rebooted for maintenance now, apologies for the inconvenience. <-- that kicked me out
<coreycb> jamespage: this is a little awkward, heat-dashboard has it's own xstatic dependencies that differ from horizon's. i think i'll just bundle them into horizon.
<jamespage> coreycb: oh right - yes - take a look at my most recent upload for heat-dashboard
<jamespage> I did a bundle like horizon's
<jamespage> but it needed some patching as well
<coreycb> jamespage: ah ok great, thanks for doing that. now i just need to figure out why i'm still hitting the angular_uuid error.
<jamespage> hmmm#
<madLyfe> this just means that i havent set the drives up yet, correct? https://paste.fedoraproject.org/paste/5i275KRyRvtXXxZrqGEdMg
<madLyfe> on /sda and /sdb
<sdeziel> madLyfe: what's your goal with /dev/sda and /dev/sdb?
<madLyfe> well im going to try and set them up in raid 1
<madLyfe> software raid 1
<madLyfe> i was just kind of taking inventory of the attached disks and was surprised by the errors
<sdeziel> madLyfe: mdadm RAID or zfs mirroring ?
<madLyfe> i think you kind of sold me on ZFS yesterday
<sdeziel> hehe
<sdeziel> then you don't need to do any partitioning of those 2 disks, zfs will take care of this
<sdeziel> madLyfe: install the package zfsutils-linux first
<madLyfe> i will be able to access this raid 1 array on the network and from win 10?
<madLyfe> 'sudo apt install zfsutils-linux' ?
<sdeziel> yup for apt install
<sdeziel> Windows won't be able to read the FS is you were to plug the physical disks to it. If you network export them there will be no problem though
<madLyfe> i dont really know the differences between the installers tbh
<madLyfe> ya these are on a networked PC
<sdeziel> madLyfe: then no worries, whatever you use as FS/RAID is irrelevant for nfs/cifs/smb export
<madLyfe> this was the first msg on running that command. https://www.irccloud.com/pastebin/dxbuN2SJ/
<madLyfe> i see
<madLyfe> ok looks like ive installed it
<sdeziel> good, now to create your mirror (~equiv of RAID1 from mdadm): sudo zpool create $POOL_NAME mirror sda sdb
<sdeziel> madLyfe: the if you pick "data" as POOL_NAME, you should see a directory created /data
<madLyfe> is that standard?
<madLyfe> is that what the network will see it as?
<sdeziel> madLyfe: there is no standard and no, it's not related to what network clients will see
<sdeziel> madLyfe: are you familiar with LVM?
<madLyfe> i know its logical volume management?
<madLyfe> not sure what it does though.
<sdeziel> yes, that what it expands to. OK
<sdeziel> I was going to say that zfs is an hybrid of mdadm and LVM ... kinda
<sdeziel> basically, from a zfs pool, you can create filesystems
<sdeziel> and you got one created by default when you created the pool
<sarnold> turn on compression before you go any further
<madLyfe> i havent done anything yet
<sarnold> I haven't kept up, maybe zstd is the best choice these days
<sdeziel> sarnold: isn't it done by default?
<sarnold> if zstd doesn't work lz4 is fine
<sarnold> sdeziel: I'm not sure
<sdeziel> I assumed that lx4 was default
<sdeziel> but yeah, compression is a must
<madLyfe> does it need to be /dev/sda and /dev/sdb or just sda sdb?
<sdeziel> madLyfe: zpool create has a search path that includes /dev
<sdeziel> so both are equivalent IIRC
<sdeziel> sudo zpool create -O compression=on $POOL_NAME mirror sda sdb
<madLyfe> so data is just what i want to name the pool/disk/mirror locally?
<sdeziel> madLyfe: nice documentation on zfs concepts: https://pthree.org/2012/12/04/zfs-administration-part-i-vdevs/
<sarnold> I love the pthree zfs intro
<madLyfe> im guessing that name can be changed later?
<sdeziel> madLyfe: yes but might be simpler to get it right the first time ;)
<dpb1> sage advice
<madLyfe> create -O is doing what?
<sdeziel> man zpool
<sdeziel> madLyfe: in short, it sets a property to apply to contained filesystems by default
<madLyfe> got this https://www.irccloud.com/pastebin/Sr2psGS8/
<sarnold> I didn't see an obvious way to permanently rename a pool. maybe it exists, maybe it doesn't.
<sdeziel> sarnold: export then import
<dpb1> export import, right?
<dpb1> heh
<sdeziel> madLyfe: add a "-f" there to force zpool to nuke the old raid signature on those drives that were apparently part of an old RAID array
<madLyfe> ok at the end of the previous command string?
<sdeziel> madLyfe: only use force if you need and want to :)
<sarnold> and that name will persist through another export / import cycle/
<sdeziel> sarnold: yes
<sarnold> aha ;)
<madLyfe> ya i want to remove all previous traces of raid on those disks
<madLyfe> ok line returned with no errors, i think it worked.
<madLyfe> from pthree.org page:
<madLyfe> 'UPDATE: Since the writing of this post, LZ4 has been introduced to ZFS on Linux, and is now the preferred way to do compression with ZFS. Not only is it fast, but it also offers tighter compression ratios than LZJB- on average about 0.23%'
<sarnold> yeah, but that's still a quite old update
<sdeziel> madLyfe: lz4 is the default on newly created pools
<madLyfe> sudo i see the data dir
<madLyfe> parted -ls https://www.irccloud.com/pastebin/T5suApxd/
<sdeziel> madLyfe: so you have one FS named like the pool (data). You can create other FSes to split out the pool's space. You can use quotas on those and a bunch of other settings
<sdeziel> madLyfe: yup, zpool created a GPT partition label on both disks and created 2 parts on it. That's technical details you can overlook for now
<madLyfe> so if i just want to leave it as is and start putting data on it it, im done?
<sdeziel> madLyfe: that's an option, yes
<sarnold> you might also want to set atime=off and perhaps change the hash to something stronger
<ahasenack> kstenerud: sorry I wasn't with you longer this afternoon, I'm finishing up some merges/uploads due to tomorrow's feature freeze
<sarnold> (those were the first few things I did on my pool)
<sdeziel> madLyfe: but you may want to slice up your pool into multiple FSes
<sdeziel> sarnold: you don't trust/like fletcher4 ?
<sarnold> sdeziel: yeah, fletcher4 is fast but that's about it :)
<sdeziel> sarnold: so you prefer sha256?
<sdeziel> madLyfe: if you want to see lz4 compression in action: https://paste.ubuntu.com/p/ZhvfWrP3vf/
<sarnold> sdeziel: yes, that's what I used; I've thought about swapping to skein but never looked into it beyond a "oh that'd be nice"
<sdeziel> sarnold: I've heard rumours that sha3 was slow
<sarnold> sdeziel: yeah, I think I'd expect it to be a touch slower than sha256
<sdeziel> sarnold: also, sha512 is 50% faster here (at least in non-scientific sha256sum/sha512sum benchmarks)
<sarnold> sdeziel: oho
<sarnold> that's cool
<sarnold> I've heard that the sha512 can be faster-enough than sha256 on 64 bit systems to justify using sha512/256 in place of sha256 if that's the security level you need..
<sdeziel> yeah but for the storage case I presume the CPU improvement is also a tradeoff in space
<sdeziel> agreed on the sha512/256 thing
<madLyfe> https://paste.ubuntu.com/p/KNNQ9K9sBC/
<sdeziel> madLyfe: do you have data on it?
<madLyfe> nah im not sure what you were talking about by slicing it up and also what sarnold was talking about with the other options.
<sdeziel> madLyfe: the atime things is for "access time" of each file
<sdeziel> madLyfe: it gets updated whenever you read a file. This means a read operation incurs a write operation to update the atime. Disabling atime (=off) saves you the write part so it's faster
<sdeziel> madLyfe: you can tune this now: sudo zfs set atime=off data
<sarnold> madLyfe: "slicing it up", I've split my pool into a bunch of filesystems: http://paste.ubuntu.com/p/BC2YTNSWBG/
<sarnold> I'm fascinated that the ubuntu main sources compress 2.03 times, but universe only 1.78 times, and restricted and multiverse even less
<ahasenack> I have two sets of vms, libvirt and uvt
<ahasenack> they compress differently
<sdeziel> madLyfe: the other thing that sarnold mentioned is the checksum algo used by zfs.
<mason> sarnold: No /home there?
<ahasenack> nsnx/libvirt-images  compressratio  1.62x  -
<ahasenack> nsnx/uvtool          compressratio  1.89x  -
<sarnold> mason: no, I kept those on the OS disks
<mason> sarnold: How did you get the compression stats?
<sarnold> ahasenack: ha :) I didn't expect that
<sarnold> mason: that was zfs list -o name,used,avail,compressratio,mountpoint
<madLyfe> so you are saying change it to sha512?
<mason> My libvirt-images is also my biggest compression.
<ahasenack> var/log is amazing, I get 4.59x
<mason> sarnold: Just saw the 6T. I'm envious now.
<sarnold> mason: hehe :)
<sdeziel> madLyfe: it's a personal choice but if you do not stick to the default, I'd recommend sha256
<RoyK> or sha512, which is faster than sha256 on 64bit machines
<sdeziel> those with libvirt-images probably don't hand zvols to VMs, right?
<mason> Yeah, logs compress well: https://bpaste.net/show/e3af0baef4d9
<sdeziel> RoyK: indeed but I'd be worried about the bigger storage overhead, no?
<sarnold> 12x
<sarnold> 10x
<sarnold> nice
<RoyK> sdeziel: oh - was this about zfs hecksums?
<sdeziel> RoyK: yes
<RoyK> IIRC zfs doesn't even support sha checksums for that
<madLyfe> the default checksum is?
<sdeziel> madLyfe: fletcher4
<RoyK> too slow and heavy and large and complex and â¦
<madLyfe> oh thats why you were talking about. gothca.
<RoyK> and for a maximum of 2MB or whatever the largest block size is these days, not necessary
<sarnold> hecksum :)
<ahasenack> sdeziel: I don't, I use plain qcow files, simpler to manage
<madLyfe> so i guess ill just use sha256
<sdeziel> ahasenack: I see. Personally I settled on a tiny qemu script to snapshot on boot and keep a set of 3 rotating snapshots. Pretty nice to revert :)
<madLyfe> hmm https://paste.ubuntu.com/p/DYFDj8sTkp/
<sdeziel> qcow snapshots are too complicated to my taste
<sdeziel> madLyfe: sudo zfs set checksum=sha256 data
<ahasenack> sdeziel: I use vms only for testing bugfixes and more complicated deployment scenarios (like sssd + krb + ldap and all on different vms)
<ahasenack> so they are short-lived, and are never running constantly
<ahasenack> sdeziel: virt-manager has a nice GUI for managing the qcow2 snapshots
<ahasenack> well, nice, I mean it has a gui :)
<mason> FWIW, I recently moved from zvols backing VMs to qcow2 sitting on ZFS datasets. Fairly arbitrary I guess, but live migration wasn't happy with zvols.
<sdeziel> hehe, right, I should revisit the GUI. It's been so long since I last used it
<mason> The virt-manager GUI is pleasant.
<madLyfe> is it possible to see what settings 'data' is using as a list?
<madLyfe> get all?
<ahasenack> you mean zfs get all data, where "data" is a zfs dataset?
<madLyfe> https://paste.ubuntu.com/p/RH39kbw4gH/
<madLyfe> ya ahasenack
<RoyK> zfs get all pool/dataset (or just pool)
<ahasenack> you want a different output format?
<madLyfe> me? nah just a list like that is fine. i didnt know for sure if it was get all
<ahasenack> ok
<madLyfe> sarnold: can it be sliced up later?
<RoyK> zpool get all <pool> and you get the zpool settins (zfs ... is for the dataset, not the pool)
<sdeziel> madLyfe: yes, you can slice it anytime you like
<madLyfe> like i know i was to setup a plex server on this box but im not sure if i want to put that on the OS thumb drive or the mirror.
<madLyfe> by slicing do you just mean adding dirs? or?
<sdeziel> madLyfe: I mean creating FSes under "data"
<sdeziel> those sub-FSes will appear as directories under /data (by default)
<madLyfe> i guess i dont know what i need right now or why they would need to be a different FS tbh.
<sdeziel> like for example: "sudo zfs create -o quota=30G data/foo" will create /data/foo and you'll only be able to write 30G in it
<sdeziel> madLyfe: for my samba server, I use a FS per export/share
<RoyK> madLyfe: just play around with it a bit - nothing to lose
<RoyK> and if you have many users, use a dataset per homedir, perhaps with a quota
<RoyK> then the users will be allowed to see their own snapshots if you use things like automatic snapshotting
<madLyfe> well there are no users. only zuul.
<RoyK> ok
<madLyfe> but seriously its just a backup spot and probably plex server for the data on this mirror
<madLyfe> but the plex server is a ways out
<madLyfe> now i just need to make this mirror avail on the network to my win 10 box
<madLyfe> with my win10/kubuntu dual boot box. this was the hole point of making a mirror array on a dedicated network box.
<madLyfe> would would be my best option for sharing it with win10 on the network?
<sdeziel> madLyfe: I guess it's time to setup samba and have it share /data (or any other sub-dirs/FSes)
<sarnold> madLyfe: yes, you can add new zfs datasets whenever :)
<madLyfe> ok let me set the ip of this server to static first. ill be back.
<madLyfe> shit. its a new method to change static ip in 18.04. researching.
<madLyfe> would this be correct procedure? https://www.techrepublic.com/article/how-to-configure-a-static-ip-address-in-ubuntu-server-18-04/
<ahasenack> madLyfe: you mean netplan?
<madLyfe> ya
<madLyfe> over interfaces
<ahasenack> for netplan, this is a good official resource: https://netplan.io/examples
<cyphermox> oi
<ahasenack> cyphermox: :)
<madLyfe> but that guide is having me make a new yaml config file and not use 50-cloud-init.yaml
<RoyK> ahasenack: didn't look very hard
<madLyfe> just wondering if thats correct
<ahasenack> you can use the existing one
<madLyfe> ok
<ahasenack> would be odd to have two config files setting different things on the same nic
<madLyfe> this is at the top of the file? https://paste.ubuntu.com/p/Rj8YFmStbV/
<madLyfe> does that mean i cant make changes to that file that will persist?
<ahasenack> is that ubuntu server installed with that new text based installer?
<madLyfe> ya
<madLyfe> fresh install with the freshest iso
<ahasenack> I think you could just remove cloud-init, I've done that in the past
<ahasenack> but I was prepared to handle any regressions
<ahasenack> or, just do what that config file says
<ahasenack> in the header
<mike802> hi all! so i'm going through the ubuntu server guide and i'm trying to get phpmyadmin up and running.  it says to edit /etc/phpmyadmin/config.inc.php with the db_server address.  then i need to be sure that phpMyAdmin host has permissions to access the remote database
<mike802> it seems like this is a step i should take (access permissions for phpMyAdmin to remote database), but i'm not sure what it would be
<nacc> mike802: ... you don't know your mysql admin credentials and you want to use a php interface to adminster said mysql instance?
<mike802> well, technically i'm still trying to do the bind-address in my.cnf, but even the wildcard 0.0.0.0 isn't allowing me to start mysql
<nacc> mike802: ok, so your question is unrelated to phpmyadmin? :)
<mike802> alright, i can just keep trying stuff
<mike802> i was hoping connectivity could have helped
<nacc> mike802: no, i mean, you want to know how to configure mysql right?
<nacc> mike802: what error do you get when you try to start it?
<mike802> Failed to start MySQL Community Server
<nacc> mike802: :) look in the logs
<mike802> ?
<nacc> mike802: look in the mysql logs, that message just says it failed, which we already knew. I'm asking *why* it failed.
<nacc> basic server debugging :)
<mike802> i checked systemctl status mysql.service and journalctl -xe
<mike802> they both just say failed to start
<nacc> mike802: both will almost certainly say *more* than just that
<nacc> but check the actual sql logs /var/log/mysql iirc
<mike802> there seems to be a warning about Gtid table is not ready to be used
<mike802> warning no UUID was found
<mike802> warning failed to set up SSL
<mike802> a few others then it shuts down
<madLyfe> sdeziel: do you happen to still be around?
<sdeziel> madLyfe: yes?
<madLyfe> ive got the serve set to static ip now. lel
<sdeziel> madLyfe: good
<madLyfe> i think i needed to do that for samba?
<sdeziel> madLyfe: that's usually better, yes
<nacc> mike802: can you use a pastebin and paste the log?
<madLyfe> sdeziel: where do you suggest i start?
<mike802> https://pastebin.com/cX6WB5XA
<sdeziel> madLyfe: for samba?
<madLyfe> ya
<sdeziel> madLyfe: I never looked at it but maybe you could glance at https://help.ubuntu.com/community/Samba ?
<sdeziel> madLyfe: of maybe the more succinct one here: https://help.ubuntu.com/lts/serverguide/samba-fileserver.html
<nacc> mike802: hrm, that log says on line 34 that it started
<nacc> but then immediately shut down
<mike802> yeah, i noticed
<mike802> weird
<nacc> mike802: none of the preceding lines indicate any errors afaict
<mike802> it starts fine without the bind-address line in my.cnf
<nacc> mike802: what address are you trying to use?
<nacc> mike802: did you try just commenting out the bind-address line?
<mike802> the address of my apache2 box with phpmyadmin
<mike802> yeah, that works
<nacc> wait
<nacc> mike802: are you doing mysql on the same system as the one using apache?
<mike802> no
<nacc> mike802: then that's totally wrong
<nacc> mike802: think about it
<nacc> mike802: bind-address is the address for your sql server to *listen* on
<nacc> mike802: it's the address of the machine the sql server is on, not the machine your apache server is on
<mike802> localhost?
<nacc> mike802: if you just specify no bind-address, it listens on all interfaces, iirc
<mike802> alright, i will try that
<nacc> mike802: ... no
<nacc> mike802: localhost would be ... for local connectivity to the machine
<mike802> ok, ty
#ubuntu-server 2018-08-23
<roasted> hi friends. I'm working on 18.04 and am seeing something weird. my local domain is "lan" but my server only responds if I ping hostname.local. The netplan config has lan appended in it though. Is there anywhere else to look in 18.04 to set the domain?
<whislock> roasted: Need some clarification. What are you pinging from?
<roasted> desktop and laptop on local network
<roasted> I use pihole for dhcp/dns, though my server is static IP
<roasted> everything else on network (dhcp admittedly) gets .lan appropriately
<whislock> So you're pinging 'hostname.local' from the desktop/laptop, and it's responding, and you want it to respond on '.lan'?
<roasted> exactly. or even just respond via "ping hostname" as my other servers do.
<whislock> So, .local is mDNS/Avahi crap.
<roasted> vault is my main server. vault hosts about 5 ubuntu server VMs on it. Those VMs all respond via "ping hostname" as well (though they are admittedly DHCP reservations and not static)
<roasted> i.e. I can run ping nameserver, ping irc, ping web, etc, all fine, but I cannot ping vault unless I run ping vault.local
<roasted> I feel like I'm missing something obvious (netplan is new to me) but according to the docs I feel I should have this right
<sarnold> does your dns server know that you're using .lan in this fashion?
<roasted> oh yes
<roasted> in fact pihole defaults to using .lan as the domain
<roasted> (pihole being dns + dhcp server)
<nacc> what's in your /etc/resolv.conf ?
<roasted> nameserver 127.0.0.53
<roasted> search lan
<nacc> does vault.lan resolve?
<roasted> no
<roasted> only vault.local
<nacc> that's systemd-resolve, iirc, you can ask it what nameservers it knows
<nacc> then you can query those nameservers for whether they can lookup vault.lan (which vault will be tried as if vault itself doens't lookup)
<whislock> systemd-resolve --status
<sarnold> you can also use systemd-resolve(1) to query the systemd thingy
<roasted> if I run status I see 10.13.0.2 for DNS server and lan for domain
<roasted> 10.13.0.2 = pihole IP
<roasted> I can pastebin the whole thing if need be. Quite long. But those 2 lines are at the very bottom.
<whislock> Gotta be honest, you REALLY shouldn't be using a TLD like this.
<whislock> Even 'something.lan' is better.
<roasted> not sure I understand. I'm just trying to resolve vault internally.
<whislock> All of your internal hosts are <hostname>.lan
<roasted> right
<whislock> Top-level domains are intended to be namespaces, not used as a domain themselves.
<whislock> You really should change that to <hostname>.<something>.lan
<roasted> are you suggesting lan is a bad choice?
<roasted> ah
<sarnold> a dns pal of mine says the only sane option for internal hostnames is to use a domain you control
<whislock> That IS the best answer, yes.
<whislock> Buy a domain, use it.
<whislock> But for many, that's not ideal, so I hedge with .lan. There's nothing stopping ICANN, etc. from making a .lan TLD publicly available, and screwing your world up.
<whislock> Same thing happened with .local years ago.
<roasted> I do have a domain... I didn't think that deep into it. I just wanted to be able to hit up smb://vault
<whislock> You'll find that DNS issues like this rapidly go away when you start doing things to standards.
<sarnold> whislock++
<roasted> hm
<roasted> I apologize if I'm not following, just trying to confirm: Am I correct in understanding that best case scenario is to use an actual domain I own, though a lesser (but better than I'm doing currently) option is just to forego the use of .lan and choose something a bit more... unique?
<whislock> The first, yes. The second, no.
<whislock> .lan is not a TLD that exists. Many modern DNS implementations do NOT reliably handle "single label domains" such as .lan.
<whislock> Hosts are expected to belong to a domain that exists within the namespace of a top-level domain.
<whislock> If using an actual domain is not an option, then use a domain in a fake TLD like .lan. Do not use .lan directly.
<whislock> <host>.home.lan is an example.
<roasted> I see
<roasted> well, wouldn't take me more than a minute or two to try it
<whislock> The huge caution on using fake domains is that nothing is preventing that fake TLD from becoming a REAL TLD at a later date, or being reserved by a future standard for some use.
<roasted> understood
<roasted> though I would assume I could somewhat help mitigate that by using something more unique at least (which is why I alluded to my earlier question)
<whislock> Potentially, yes, but you'd still definitely want to use domain.tld, rather than just .tld.
<roasted> such as, possibly, home.lan as a rough example?
<whislock> The exact example I gave you previously, yes.
<whislock> 21:22 <whislock> <host>.home.lan is an example.
<roasted> I'm trying that now
<roasted> systemd-resolve --status on vault and my local desktop both now say home.lan, but the same symptoms still exist. (cannot ping vault/vault.home.lan, but can ping vault.local)
<roasted> unless there's a service I need to redo besides bouncing the NICs and sudo netplan apply on server
<whislock> Your DNS server has to be aware of all of this.
<roasted> I did change my dns server to reflect home.lan
<whislock> Heh, I can't wait for the .dot TLD to go life.
<whislock> Live, rather.
<whislock> I'm going to try to buy dot.dot
<sarnold> ellipsis.dot.dot
<whislock> Watch people type it as .......
<roasted> heh, everything updated to home.lan and works, except pesky vault
<sarnold> you don't happen to have an /etc/hosts entry somewhere that's wrecking everything do you?
<roasted> I didn't manually edit any hosts file
<roasted> I can pastebin what I do have though
<roasted> https://paste.ubuntu.com/p/kKmFJ5tnmc/
<sarnold> 127.0.1.1vault
<sarnold> oh that's *on* vault
<roasted> yeah
<sarnold> check on the system that'd doing the pinging
<roasted> https://paste.ubuntu.com/p/DbrSCHCDrt/
<sarnold> nice and boring :)
<roasted> yep
<roasted> heh
<roasted> even setting everything to .local in an effort to appease the server fails
<roasted> that's the last time I dive in to a new server version
<roasted> acts the same whether I have my unifi USG running dns+dhcp or the pihole running dns+dhcp, so def seems related to ubuntu 18.04 itself.
<SlowJimmy> maybe I'm just paranoid, but every time i set up my ubuntu to be a working server with samba and owncloud and so forth, it works excellent but afte a couple of days the server always become comepletly irresponsive to openshh and owncloud and so forth, is it possible that either physicall or through the network somebody took control of my server? what ways do i have to check if that is
<SlowJimmy> the case?
<SlowJimmy> so irresponisive as to not even show up on the network anymore...
<whislock> SlowJimmy: The odds of that are incredibly slim.
<whislock> Sounds like resource exhaustion, to me.
<whislock> How much RAM is in the system?
<roasted> I run nextcloud in a VM and it tends to eat some RAM over time
<roasted> plus the DB will require something more than a wussy CPU
<roasted> I heard good things about seafile. Spun that up the other day but the client wouldn't see the server. Need to revisit that someday.
<SlowJimmy> whislock anywhere between 2 GB and 4 GB
<SlowJimmy> roasted I see
<whislock> SlowJimmy: And how much swap?
<SlowJimmy> 8GB
<sarnold> maybe you could throw performance copilot or sar or similar on it to gather up a bunch of stats
<whislock> I suspect, honestly, that you're hitting a low-memory state, and it starts thrashing swap.
<SlowJimmy> sarnold perform copilot, got it
<sarnold> what's si/so look like from vmstat 1 ?
<SlowJimmy> whislock so just need to get more ram?
<SlowJimmy> is there a quick way to check who is connecting to your system?
<SlowJimmy> how can i shut off the server to the internet aside from apt get update and upgrade and dist-upgrade?
<whislock> Do you have ports forwarded to it from the outside?
<SlowJimmy> no
<whislock> Then no one's connecting to the system from the outside.
<whislock> End of story.
<SlowJimmy> or at least i didnt forward them, i think it is possible somebody compromized the sysstem and then enabled all kinds of ish
<madLyfe> all of these samba articles/how-tos are different. i understand there are different use cases for them.
<SlowJimmy> whislock that is incredibly reassuring
<SlowJimmy> you have no idea i was being paranoid, this is very good to know
<whislock> SlowJimmy: Go look in whatever router provides internet access, see if ports have been forwarded.
<whislock> These sorts of concerns are what I deal with for a living.
<whislock> The odds of this being due to a compromise are within epsilon of zero.
<SlowJimmy> whislock i am worried about people having physical access, as i live in an area with a lot of how do i put this... questionable character, the type who hold no jobs but drive cars and are well dressed...
<sarnold> check ss output
<SlowJimmy> thank you whislock you really made me sleep better at night
<SlowJimmy> sarnold ty
<SlowJimmy> whislock i am reading two books on server basics in gnu/linux and networking, but do you know a book that can help me with understanding security?
<whislock> https://www.udacity.com/course/intro-to-information-security--ud459
<whislock> Free course on it from Georgia Tech.
<whislock> https://www.us-cert.gov/security-publications/introduction-information-security
<whislock> https://www.nist.gov/publications/introduction-information-security
<whislock> https://www.cybrary.it/course/intro-to-infosec/
<whislock> And that should get you started on basics.
<SlowJimmy> excellent thank you friend!
<SlowJimmy> i may be paranoid so it is really difficult to know when i am going overboard and worrying for no reason  or attribution bias or other cognitive biases
<SlowJimmy> it is really putting my mind at east to know that without portforwarding everything is ok
<whislock> Security is a function of risk. Risk is a function of threats, vulnerabilities, and assets.
<whislock> The short explanation is that in all likelihood, you are not worth the effort to any threat.
<SlowJimmy> so if you are unlucky it may mean there is no real feasable way to be secure...
<whislock> There's no such thing as complete or total security.
<sarnold> .. and yet, forgetting the basics make you a risk to every threat :)
<SlowJimmy> whislock that is assuming reasonable asesment form who every may or may not be on the other side
<whislock> There's only an appropriate level of security based on the assets you're trying to protect, and how much you're willing to expend in terms of time, money, etc., to protect those assets.
<SlowJimmy> ok i think with the basics you gave me i those links i will be able to sleep well at night
<whislock> My home network is not likely to be a target for anyone. I've employed a level of protection that means that someone has to work quite hard to get in, and without the assurance of a suitable return on that investment, I'm basically not worth it.
<whislock> My employer, of course, is a much more lucrative target, and so we spent a great deal more time and resources on protecting those assets.
<JanC> whislock: for some types of threats, such as extortion schemes where they encrypt your data, every target is big enough (actually, too big targets might be undesirable, as they will have backups & are more likely to go after the villains)
<whislock> JanC: Conversely, the countermeasures for those are simple. Don't run code from untrusted sources, have backups.
<JanC> the whole point of phishing is making the target think it's a trusted source...
<madLyfe> anyone bored and want to help me with samba?
<cpaelzer> good morning
<cpaelzer> madLyfe: I'm afraid your request sounds too much like "work you actually don't want" - why don't you ask right away?
<cpaelzer> you might get no answer either, but IMHO it increases the chance to get one
<madLyfe> just tired and head is kind of spinning
<cpaelzer> :-/
<madLyfe> so i set up a zfs mirror and im trying to share that mirror on the network with samba.
<cpaelzer> sounds normal so far
<madLyfe> at this point im just trying to get it to show up before i do any of the user stuffs
<madLyfe> but i cant figure out what im doing wrong
<cpaelzer> "show up" as in windows neighbor device discovery?
<madLyfe> ya like show my share under networks
<madLyfe> but im not even sure i have it setup correctly so i dont know if its windows or the config
<cpaelzer> on the server doing samba: does this show anything "smbclient -L localhost"
<cpaelzer> if you have set special user for samba use -U <username>
<cpaelzer> you can also list from remote, but lets start one by one
<madLyfe> Command 'smbclient' not found, but can be installed with:
<cpaelzer> if you don't mind install it
<madLyfe> https://paste.ubuntu.com/p/KVXKqXQfs2/
<cpaelzer> madLyfe: is "Share" the one you set up?
<madLyfe> ya
<cpaelzer> ok, so the server is serving something
<cpaelzer> if you have a remote Linux machine you can do the same with localhost replaced by the ip of the server
<madLyfe> im on windows right now and its a dual boot
<cpaelzer> ok
<cpaelzer> there my experience is not high after a decade without :-)
<cpaelzer> on a Linux system you'd check the shared (as above)
<cpaelzer> and then maybe mount with
<cpaelzer> mkdir -p /mnt/test; sudo mount.cifs '//127.0.0.1/Share' '/mnt/test' -o user=kinghat,vers=3.0
<cpaelzer> or similar depending on your needs
<cpaelzer> I wonder if maybe "just" the announcement isn't working
<cpaelzer> and the resource would be there
<cpaelzer> can you connect it from windows
<cpaelzer> with like explorer->connect network share
<cpaelzer> enter //IP/Share I think
<madLyfe> https://paste.ubuntu.com/p/3xqKzdX97R/
<cpaelzer> sorry - I'm not an expert in smb configs to find something obvious in there
<madLyfe> its no biggie
<cpaelzer> madLyfe: can you map the network drive from windows?
<cpaelzer> ignoring the auto device scan for now
<cpaelzer> umm
<cpaelzer> madLyfe: browseable = yes
<cpaelzer> well, default would be yes :-/
<cpaelzer> I thought that might be missing
<cpaelzer> there can be issues like this on very old Ubuntu vs very new Windows https://www.tenforums.com/network-sharing/31136-samba-shares-dont-show-up-windows-10-network.html
<madLyfe> i have that set under my share already it just didnt show up in that report for some reason. i had it spelled 'browsable = yes' and just tried 'browseable = yes' and get the same result.
<cpaelzer> madLyfe: it doesn't show up because it is the default
<madLyfe> odd https://usercontent.irccloud-cdn.com/file/9zcsbflk/image.png
<cpaelzer> madLyfe: the net surely has the experience you need on the windows side of this, but I'm out unfortunately
<madLyfe> have a good one
<spectre123123> Hi all,
<spectre123123> did someone set a raid 1 with just two disks ? One of the two disks has got the operating system
<spectre123123> Did anyone try the raid 1 on ubuntu server?
<paulbarker> I've copied a network bridge configuration from one server to another. It's working on the source server but isn't working on the new destination server. Both are running Ubuntu 18.04.
<paulbarker> The networkd config is here: https://pastebin.com/HwmXC1w9
<paulbarker> On the source server running `networkctl status -a` shows br0 as `State: routable (configured)`
<paulbarker> On the new server, same config, `networkctl status -a` shows br0 as `State: no-carrier (configuring)`
<paulbarker> This is preventing LXD from launching, last entry in syslog is `systemd[1]: Starting Wait for Network to be Configured...`
<paulbarker> stgraber: Is there any chance of getting https://github.com/lxc/lxd/pull/4741 backported to the LXD package in Ubuntu 18.04? I'm only trying to setup a bridge manually due to that issue
<kiokoman> paulbarker: what about /etc/systemd/network/uplink.network ? which interface belongs to br0 ? maybe they have different name from old server to new server
<paulbarker> No interface belongs to br0, it's for use with containers
<paulbarker> Also, cyphermox, could we get a new release of netplan.io for Ubuntu 18.04? Looking at https://github.com/CanonicalLtd/netplan/commits/bionic, the fix I need is the most recent commit but that's after the latest release of 0.36.3
<paulbarker> Ok, I have a workaround for now but for some reason it's different between the two servers
<paulbarker> Both machines have the same version of the systemd package installed, but on the new server I now need to add `LinkLocalAddressing=no` to br0.network in order for the bridge to come up
<kiokoman> check also -> ConfigureWithoutCarrier=true
<paulbarker> That's also there. I tried both `true` and `yes` as values
<kiokoman> anyway i have the same problem on my server 18.04 -> no-carrier (configuring)
<paulbarker> Have restarted systemd-netwokd a couple of times and confirmed it only works with `LinkLocalAddressing=no` in the network config
<kiokoman> same for me
<paulbarker> Though that could lead to issues later if anything I'm running in the containers tries to use link-local addressing for some reason
<paulbarker> What baffles me is that the same config on a server setup a couple of months ago works without disabling link-local addressing
<mwhudson> same systemd versions on both?
<kiokoman> LinkLocalAddressing=no -> turn off IPv6
<mwhudson> there was a bug in this area recently (but only in cosmic i think)
<paulbarker> systemd is version `237-3ubuntu10.3` on both
<paulbarker> The best solution for me would be to release a new lxd package for Ubuntu 18.04 with my original bug fixed so I don't have to try creating all this by hand
<paulbarker> Looks like the fix is in LXD 3.0.2 but Ubuntu 18.04 currently has version 3.0.1
<sdeziel> any idea as to why the real changelog is in linux-modules-$(uname -r) and not in linux-image-$(uname -r) ?
<sdeziel> $ ll /usr/share/doc/linux-{image,modules}-4.15.0-32-generic/changelog.Debian.gz
<sdeziel> -rw-r--r-- 1 root root   509 Aug 10 13:35 /usr/share/doc/linux-image-4.15.0-32-generic/changelog.Debian.gz
<sdeziel> -rw-r--r-- 1 root root 27851 Aug 10 13:22 /usr/share/doc/linux-modules-4.15.0-32-generic/changelog.Debian.gz
 * ahasenack doesn't know
<sdeziel> feel counter intuitive to me
<sdeziel> and it is not the case with Xenial
<cyphermox> sdeziel: careful, linux-image-*-generic is now built by linux-signed; so changelog would be smaller anyway
<sdeziel> cyphermox: hmm, not sure what that implies.
<sdeziel> $ ll /usr/share/doc/linux-*4.15.0-32*/changelog*
<sdeziel> -rw-r--r-- 1 root root   509 Aug 10 13:35 /usr/share/doc/linux-image-4.15.0-32-generic/changelog.Debian.gz
<sdeziel> -rw-r--r-- 1 root root 27851 Aug 10 13:22 /usr/share/doc/linux-modules-4.15.0-32-generic/changelog.Debian.gz
<sdeziel> -rw-r--r-- 1 root root 27855 Aug 10 13:22 /usr/share/doc/linux-modules-extra-4.15.0-32-generic/changelog.Debian.gz
<sdeziel> linux-image-unsigned-4.15.0-32-generic has no changelog which seems to be consistent with what you said
<sdeziel> but still, I'd expect the changelog for a given kernel to be shipped with the -image package, not the -modules
<cyphermox> like I said, linux-image-* is built by a different source pacakge than the others, that explains the small changelog -- the real changelog is available in linux-image-unsigned-* anyway
<cyphermox> "real"
<sdeziel> linux-image-unsigned-4.15.0-32-generic has no changelog
<sdeziel> or I'm looking at the wrong spot somehow
<cyphermox> certainly seems there for a different version:
<cyphermox> -rw-r--r-- root/root     40761 2018-08-15 12:50 ./usr/share/doc/linux-image-unsigned-4.15.0-33-generic/changelog.Debian.gz
<cyphermox> sdeziel: the shuffle of signed/unsigned is recent, best would be to ask for details in #ubuntu-kernel if there's anything
<sdeziel> that's from -proposed I guess. Maybe they fixed a packaging issue as I don't have anything in -30 either
<sdeziel> cyphermox: alright, thanks!
<cyphermox> in -updates as of 25 minutes ago ;)
<sdeziel> thanks for the info
<mason> Anyone seeing subtle disk corruption using live migration in virt-manager and non-shared-storage/qcow2? Because I sure am.
<madLyfe> sdeziel: do you samba share with windows at all?
<sdeziel> madLyfe: barely, I have only 1 Windows client left @home
<sdeziel> madLyfe: but I have another deployment with a mix of macOS and Windows clients
<sdeziel> madLyfe: why?
<madLyfe> so i think i got samba somewhat working last night but i cant see my samba share in win 10 'networking' but i can manually add the share by mapping network drive or adding network location. though even if i do that it still doesnt show up under the networking window.
<madLyfe> also i cant add it by name i have to add it by ip only. and in cmd if i type 'net view' i get a 'system error 53 has occurred.  the network path was not found.'
<madLyfe> i read probably the top 20 google articles on error 53 and it doesnt seem to be a consensus on the issue or how to fix it. none of the solutions i tried worked.
<madLyfe> article/support threads*
<sdeziel> madLyfe: for the name vs IP part, you can either setup DNS properly or add the host alias under %windir%/system32/etc/hosts (not sure about the path)
<madLyfe> setup dns properly?
<whislock> Is the Samba server in a different subnet than the client?
<sdeziel> madLyfe: to access the server using a name, you need to have the name in the DNS
<madLyfe> whislock: i dont think so?
<madLyfe> sdeziel: doesnt the router handle that?
<whislock> Depends on the router and how it's configured. That's almost never an automatic function.
<sdeziel> madLyfe: it depends ;) On basic home setup it does, usually
<sdeziel> madLyfe: you may want to test the simple way using the host alias as a first step
<whislock> Careful. DNS in this case is two things. One is a forwarding resolver, which all home routers handle. The second, and what we're talking about here, is actually being an authoritative nameserver for its own zone.
<whislock> Most home routers do not do this automatically, and some, not at all.
<madLyfe> well if i have to add stuffs to host just to see the hostname for lookup, rather than ip, i dont really care. i just wanted to make sure my system was functioning properly.
<whislock> Samba can be sensitive to HOW you request the system. The name vs. IP question can affect functionality.
<madLyfe> this is what the asuswrt firmware dev and another guy said about it: https://paste.ubuntu.com/p/R8VvT5KD5F/
<madLyfe> thought getting the name is better because IP can change(even though i have it set to static)
<madLyfe> here is 'net view \\hostip' results: https://paste.ubuntu.com/p/rmqTBcBKgc/
<whislock> I'm going to be incredibly blunt here, so fair warning: You should be using DNS for pretty much any service.
<whislock> It's a trivial thing to set up, as long as you're setting it up properly. Using IP addresses for services, even in a home scenario, is just bad planning.
<madLyfe> im all ears lel
<whislock> I was originally going to be much more harsh, but there it is.
<sdeziel> whislock: do you recommend home users to purchase an official domain name?
<whislock> Generally, yes. $10 a year isn't a big hurdle.
<sdeziel> true
<sdeziel> I can't quickly find the official alternative (like .homenet or something)
<whislock> There isn't one.
<whislock> For several reasons.
<whislock> The first being that using a TLD as a domain will cause problems with many implementations. Things don't handle 'single label domains' gracefully.
<whislock> If you're going to use a fake TLD, select a second-level domain to use with it. '.home.lan' instead of just '.lan', for example.
<whislock> Ideally, though, you'll purchase a domain name and use that both internally and externally.
<sdeziel> https://social.technet.microsoft.com/wiki/contents/articles/34981.active-directory-best-practices-for-internal-domain-and-network-names.aspx has good info
<blackflow> $10/yr my donkey. The domain cartel is running a racket
<blackflow> going cheapo-o are only tlds nobody really wants or are frequently blanket flagged for spam
<whislock> Like .com?
<whislock> $10.98/year?
<whislock> or .net? Same price?
<blackflow> + a few bucks for (a must have) whois privacy.
<blackflow> though, with GDPR at least here in EU we've gotten that for free now.
<whislock> It's +$0.00 for me.
<whislock> So, with ICANN fees, it might hit $12/year.
<whislock> $11.something.
<blackflow> .com is 16â¬ at gandi.net where I'm purchasing
<whislock> Gandi's one of the most expensive registrars on the internet.
<whislock> Generally around 50% more expensive than anyone else.
<blackflow> but that's the price I'm willing to pay for quality service, after changing seveal registrars for being criminally atrocious.
<whislock> That's your choice/opinion, but that doesn't affect the accuracy of my previous statement.
<blackflow> I was merely reflecting on the gTLD racket. meanwhile .xyz were really cheap-o, I got some for $.88 first year
<blackflow> but you don't want those for public sites, especially not mail. so I guess they're good for home networks.
<blackflow> (in that I generally agree purchasing a domain is better than "hijacking" a tld for local use)
<whislock> Spam filtering is starting to move to an IP reputation model rather than blacklisting TLDs.
<blackflow> it's both, there are various blacklists, IP based, domain based, URL based, ...
<blackflow> IP reputation in the age of floating IP cloud services is not good.
<whislock> URL based for spam filtering, where emails don't have URLs. Riiight.
<whislock> Again: Spam filtering is starting to move to an IP reputation model rather than blacklisting TLDs.
<whislock> Anyway, lunchtime.
<blackflow> I guess you never ran a spam filter.
<blackflow> URIBLs are for mail content obviously.
<whislock> Only for the US DOD. You know, small stuff.
<madLyfe> the router channel is saying that i should set the server up as DHCP with reservations.
<blackflow> I've been running commercial MTAs for 10 years now. we have large URIBLs that we build on our own with spamtraps. there's also Spamhaus if you're willing to trust their a bit... fanatical... commitment.
<whislock> The "small stuff" part was sarcastic as hell. My response was to highlight the folly of assuming people lack knowledge or experience simply because they disagree with you.
<sdeziel> madLyfe: that is unneeded if you already put a static IP on the server
<whislock> Basically, check your ego.
<blackflow> whislock: well you didn't know what URIBLs were, so I guessed you never ran one.
<blackflow> whislock: yeah, _I_ have to check _my_ ego.   "I was originally going to be much more harsh, but there it is."  -- told to someone who used IP instead of a domain... lol.
<madLyfe> sdeziel/whislock is this correct? https://paste.ubuntu.com/p/mz7qYsjF7H/
<sdeziel> madLyfe: they are probably right, I suspect the DHCP daemon is also the DNS resolver (dnsmasq probably)
<sdeziel> madLyfe: this means a client asking for an IP will also "register" it's hostname to the DNS portion of it. This should let you reach the host in question by referring to it as its shortname
<sdeziel> madLyfe: I'm not 100% sure on the above as it's been a while since I used such setup
<madLyfe> https://paste.ubuntu.com/p/K7ww9pswkn/
<sdeziel> madLyfe: OK, that seems to confirm what I said
<sdeziel> madLyfe: you should trust them more than me if they are in the channel of your router's manufacturer ;)
<madLyfe> well i was just hoping there was a standard best practice of going about it
<sdeziel> madLyfe: dnsmasq is pretty common on home/SOHO routers so what they said makes sense generally
<JanC> great article: http://danluu.com/anon-benchmark/
<madLyfe> is this the best way to change the hostname that persists? 'hostnamectl set-hostname'
<madLyfe> hostnamectl set-hostname 'new-hostname'
<madLyfe> hmm that didnt make it past a reboot
<madLyfe> so i renamed the hostname in hostname file, but the hosts file doesnt like the example given here: https://websiteforstudents.com/how-to-change-rename-ubuntu-16-04-lts-server-name/
<sarnold> what error message do you get, and from what tool?
<nacc> right, the 'hosts' file is just a file, it can't like or dislike anything.
<madLyfe> have to edit the cloud.cfg as well
<madLyfe> https://linuxconfig.org/how-to-change-hostname-on-ubuntu-18-04-bionic-beaver-linux
<madLyfe> it talks about the hosts file too at the end but my hosts file second line doesnt look like theirs. also, i did a reboot and my hostname change seems to have stuck.
<nacc> madLyfe: do you understand what the hosts file is for?
<nacc> madLyfe: it's not really directly related to your actual  hostname
<nacc> beyond convention, afaik
<nacc> madLyfe: what does your hosts file look like? it *always* is better to give actual contents, than to describe them (as you are describing them very vaguely)
<madLyfe> this is what the second line of mine looks like: https://usercontent.irccloud-cdn.com/file/92YDVYE8/image.png
<madLyfe> sorry i should have put that in a paste
<nacc> you are using ipv6?
<nacc> i don't think that's the default 18.04 contents, but i'm not sure
<madLyfe> not that i know of. i just used the defaults for everything.
<coreycb> tobias-urdin: jamespage: i uploaded a new heat-dashboard package (1.3.0-0ubuntu4) and a new horizon package (14.0.0~rc1-0ubuntu2) which mostly fix up horizon. I'm getting a "Error: Unable to retrieve limits information." message once logged in which i think is related to needing quota_details extension enabled.
<madLyfe> nacc: is this bad?
<tobias-urdin> coreycb: cool, i'll check tomorrow if the CI has improved
<ahasenack> kstenerud: did you see my ping in https://bugs.launchpad.net/ubuntu/+source/strongswan/+bug/1786250
<ubottu> Launchpad bug 1786250 in strongswan (Ubuntu) "strongswan (charon) is rejected by apparmor to read /proc/<PID>/fd" [Undecided,In progress]
<ahasenack> ?
<nacc> madLyfe: is which bad?
<madLyfe> the ipv6 stuffs? should it not be that way? I don't think I'm using ipv6
<nacc> madLyfe: it doesn't necessarily hurt
<kstenerud> ahasenack: is there a way to get alerts for these?
<ahasenack> kstenerud: yes, just subscribe to the bug, or to the package
<ahasenack> all done in that same view, look at the right hand side of the page
<nacc> kstenerud: you can also subscribe to entire srcpkgs, e.g. -- may become useful
<kstenerud> hmm
<kstenerud> ahasenack: I think the bind9 problem is a lot depeer than first thought. The fix didn't work (or at least not with the crash I'm seeing). I've tracked the issue down to pk11.c line 370.
<kstenerud> something's causing the init to fail, and so it aborts
<kstenerud> Oh, there's a bunch of failed config loads reported in syslog. OK so it's not configured properly?
<caliculk> Hey everyone, I was looking to see if anyone had any information on if zfsacl module is being withheld in the samba package, as according to the samba docs, it should be included in 4.7.6 but it doesn't appear to be the case when trying to use it as a vfs option.
<caliculk> For reference, I am referring to this: https://ubuntuforums.org/showthread.php?t=2399285
<Boyette> hi
<Boyette> im stupid
<Boyette> and have a problem with my vps
<Boyette> who can help me
<sarnold> if you were smart you'd tell the problem you've got, too :)
<Boyette> yes thats why im stupid
<Boyette> i try to configure a vpn on my vps
<Boyette> but it looks like there is no networkconfiguration at all to attach to however at the same time there is
#ubuntu-server 2018-08-24
<ahasenack> caliculk: hi, I don't remember it being excluded on purpose
<ahasenack>         --with-shared-modules=idmap_rid,idmap_ad,idmap_adex,idmap_hash,idmap_ldap,idmap_tdb2,vfs_dfs_samba4,auth_samba4 \
<ahasenack> kstenerud: have you tried the setup script with the packages from timo's ppa?
<ahasenack> kstenerud: I got that thing to crash in many different ways, this is just one that we are trying to fix :)
<caliculk> ahasenack, is there any way (besides building from source) to possibly add it back in?
<caliculk> otherwise, ill open up a bug ticket because something is off
<ahasenack> I think a bug is in order
<ahasenack> and probably a debian one as well
<ahasenack> as we take the samba package mostly from them, just adding some touches
<ahasenack> I did a quick search in their bug database, and found nothing about zfs in the samba package
<ahasenack> caliculk: can you elaborate on what starts working once this module is in place?
<ahasenack> it's best to elaborate in the bug, though
<sarnold> ahasenack: zfs doesn't use the posix-ish acls that most of linux uses, they use the nfsv4 acls instead
<sarnold> ahasenack: this module looks like it's a way for samba to use the nfsv4 acls on zfs backed storage rather than the posix acls that might have worked elsewhere
<caliculk> sure, but i dont think that is any reason to exclude the module. it should be up to the sysadmin to enable or disabke the module in daily use
<caliculk> ive spent three days trying to figure this out so i am glad im not insane when looking at this and it wasnt some simple fix lol
<caliculk> sorry about grammar, dont have autocorrecton this device
<caliculk> sarnold, and (i guess the other user netsplit) the zfsacl module is described here https://www.samba.org/samba/docs/current/man-html/vfs_zfsacl.8.html
<caliculk> but it is a eay to have acls properly implemented with zfs
<caliculk> Is this: https://bugs.launchpad.net/ubuntu/+filebug supposed to create a bug or link to a wiki, because the "Report a bug" text is really deceiving and not cool if it is supposed to link to a wiki.
<caliculk> I am trying to launch this from here fwiw: https://bugs.launchpad.net/ubuntu
<caliculk> I keep getting forwarded to this (https://help.ubuntu.com/community/ReportingBugs) page when I click that +filebug link
<sarnold> caliculk: ugh :/
<sarnold> I thought that thing had some intelligence to only redirect you once
<caliculk> Nope :/ just keeps doing it.
<sarnold> caliculk: how about this? https://bugs.launchpad.net/ubuntu/+source/samba/+filebug
<caliculk> Not sure if you are in #ubuntu but you can see my complaints there but... ultimately, it should be called "how to file a bug" not, "file a bug".
<caliculk> Yeah, I eventually found that... I filed the bug: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1788776
<ubottu> Launchpad bug 1788776 in samba (Ubuntu) "Ubuntu 18.04 samba/samb-vfs-module not compiled/built --with-acl-support or zfsacl vfs module" [Undecided,New]
<sarnold> oh good
<caliculk> But it took me more then ten minutes, which is unreasonable. :D
<caliculk> There should also be a section in the wiki on how to file a bug via the web interface properly, not via the CLI interface. :)
<sarnold> beautiful bug report though :)
<caliculk> Yeah except the formatting... is there a way to put that into code blocks or something so it isn't just plain text?
<sarnold> nope :(
<caliculk> Well... thats not helpful either haha
<sarnold> https://bugs.launchpad.net/ubuntu/+filebug?no-redirect
<sarnold> there we go
<sarnold> I finally found the thing
<caliculk> See that took too long haha :D
<sarnold> YES
<sarnold> yes it did :)
<caliculk> For what it is worth, I didn't mention the lack of --with-acl-support in smbd -b, but that is also an issue, and I am not sure if that is why the zfsacl is not being included, but if it is supposed to be enabled by default (according to samba dev/helper - someone that wiki edit rights - it is) then I don't see why it is also being turned off when building the package. That also seems like a bug.
<caliculk> But, I put them in the same bug report because it seems like they are linked.
<caliculk> Which apparently, breaks rule #8 :D
<sarnold> caliculk: nono, this is perfect
<sarnold> caliculk: it *might8 be related, you spotted it, and mention it as a possibility
<sarnold> maybe it is, maybe it isn't, but if it's related it might save someone else an afternoon
<caliculk> I also need to stop my run on sentences in here.
<sarnold> (hopefully half an hour, but you know how things go)
<caliculk> Considering it took me three freaking days to finally realize that ubuntu was the cause. I even tried upgradeing to a PPA with 4.8.4 but that completely broke samba. :/
<caliculk> Speaking of which, how can I close this? https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/1010625 Because... I don't think this is going to be worked on any longer. :D
<ubottu> Launchpad bug 1010625 in logwatch (Ubuntu) "named logs are not being reported in logwatch" [Medium,Confirmed]
<sarnold> caliculk: here we go, that #8 is supposed to stop bugs like this :) https://bugs.launchpad.net/bugs/1787564
<ubottu> Launchpad bug 1785380 in vlc (Ubuntu) "duplicate for #1787564 The whole system freezes when using VLC in fullscreen mode, on X11" [Undecided,Confirmed]
<caliculk> Yeah... :)
<caliculk> I am surprised it isn't just closed. :)
<Raybuntu> Hi, I'm looking for someone who can delete a wiki page on the ubuntu wiki. This is my personal page and there is some personal data like name, email. I no longer have access to edit any page. https://wiki.ubuntu.com/Raybuntu
<Raybuntu> Thank you
<dami0> hi, i've used this https://help.ubuntu.com/lts/serverguide/sssd-ad.html.en to get set up with active directory. samba and kerberos seem to be working fine but SSSD isn't updating /etc/passwd, can anyone help?
<dami0> hi, can someone help me with active directory integration?
<ahasenack> good morning
<ahasenack> another victim of https://bugs.launchpad.net/subiquity/+bug/1783129
<ubottu> Launchpad bug 1783129 in livecd-rootfs (Ubuntu) "Only "main" component enabled after install" [High,In progress]
<blackflow> sounds like feature, not a bug :)
<ahasenack> let's call it a regression then :)
<ahasenack> the other components are not even listed for you to uncomment
<blackflow> yeah I was just kidding a bit ;)
<l4m8d4> Hello there, I installed a basic bionic server with debootstrap for an nspawn container. Now I noticed that there are no manpages. Should I install the basic server task? Manpages seem a to be a basic thing, I thought even debootstrap would install that
<l4m8d4> Maybe most people would not use a container that way, but I was hoping to use the container pretty much as a normal system, for example with sshd, so for a normal working environment it would be nice to have the manpages
<zenirc369> I'm receiving the error " multipathd: uevent trigger error" in syslog
<zenirc369> any inputs on how to resolve it
 * ahasenack doesn't know
<blackflow> l4m8d4: it's pulled in by ubuntu-standard. I usually add ubuntu-minimal and ubuntu-standard for debootstrap'd installations
<blackflow> l4m8d4: question is, do you really need that in the nspawn'd container
<l4m8d4> blackflow: I'd like to have it since I am often ssh'd into it and then in need of manpages for a program that is maybe only installed there
<blackflow> l4m8d4: you can just install "manpages" package then. looking at my installation scripts now, I'm actually not pulling in ubuntu-standard, only -minimal. -standard has some overhead I don't need.
<ahasenack> cpaelzer: do you know if it's ok/common for a python package to depend on *both* python3.6 and python3.7?
<blackflow> ahasenack: doesn't sound right
<l4m8d4> blackflow: Okay, ubuntu-minimal was already installed by default, ubuntu-standard was not, it seems I will install ubuntu-standard, since it has the manpages, bash-completion, the relase upgrader and other things
<l4m8d4> Thanks for the usggestion
<l4m8d4> I see what you mean though, with things like telnet, rsync etc. that not everyone needs it has a fair amount of "bloat" in it
<blackflow> right.
<l4m8d4> Or stuff like ntfs-3g or hdparm, which im definitely not gonna use, but yeah, I guess 100mb more or less won't matter
<blackflow> those are recommended though, not hard deps
<l4m8d4> Right, I would install it that way, though, because I want some of the recommended ones^^
<blackflow> you can always pull in those directly. you don't have to install ubuntu-*  metapackages
<blackflow> Guys, question. with apt-daily.timer/service now being systemd timer/service, what's recommended for mailing lists of available upgrades, still apticron?
<kstenerud> ahasenack: The problem is that if any function returns a status other than OK, it calls abort(). In this case, if it can't find any one of the config files it looks for, it crashes. There might be other ways in which the init function returns a bad status as well :/
<kstenerud> So we can't be sure what is triggering for him specifically. I ca nask him what his syslog says, which could give a clue (it does spit out syslogs for configs it couldn't find)
<kstenerud> Also, calling named-pkcs11 without the -f -u bind gets "further" in that it seems to generate some configs that it wouldn't with those arguments present, such that it gets a little further if you call it alone first (get a crash) and then with the arguments (crash in a different place)
<ahasenack> sounds fragile :(
<kstenerud> Yeah :(
<kstenerud> Every RUNTIME_CHECK() and PK11_FATALCHECK() in the code is a return code test that calls abort() if it doesn't like it. And there are LOTS of those
<ahasenack> security by fear
<ahasenack> assert all the things
<kstenerud> grep -r RUNTIME_CHECK *|wc -l
<kstenerud> 733
<kstenerud> I'm surprised this thing runs at all
<ahasenack> so, you couldn't get it to finish setup with or without the patch, is that the tl;dr?
<kstenerud> yes
<ahasenack> ok, do you have a ppa of your own?
<kstenerud> because I think I'm triggering a different abort() than he was
<ahasenack> for this?
<kstenerud> yup
<kstenerud> https://launchpad.net/~kstenerud/+archive/ubuntu/bind9-rtld-deepbind-1769440
<ahasenack> I'd like to give it a try, since I (think) reproduced the bug a while ago
<ahasenack> but I also saw it crashing all over the place when things were a bit different
<ahasenack> kstenerud: would you like to chance pace to some C coding? It's a backport of a patch
<kstenerud> sure :)
<ahasenack> but it involves talloc()
<ahasenack> although the patch isn't about talloc()
<ahasenack> the bad news is that freeipa is involved again
<kstenerud> lol
<ahasenack> but I can set a server up where it works, I think I used centos
<ahasenack> it's the client that broke
<ahasenack> sssd in this case
<ahasenack> https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/1775636 see what you think
<ubottu> Launchpad bug 1775636 in sssd (Ubuntu) "sss_ssh_authorizedkeys fails with: Error looking up public keys when client cert present in IPA" [Undecided,Confirmed]
<ahasenack> the upstream issue is https://pagure.io/SSSD/sssd/issue/2977
<kstenerud> ahasenack: so basically this patch? https://pagure.io/SSSD/sssd/c/60787fb44924e84a0c7ddfe9d5e62e64ea1edcd1
<ahasenack> kstenerud: yes
<ahasenack> kstenerud: iirc parse_cert_verify_opts() changed
<kstenerud> Did you repro it as per https://bugzilla.redhat.com/show_bug.cgi?id=1372042
<ubottu> bugzilla.redhat.com bug 1372042 in sssd "ssh with Smartcards - skip invalid certificates" [Medium,Closed: currentrelease]
<ahasenack> yes
<kstenerud> ok
<ahasenack> but I used centos or fedora to install freeipa
<ahasenack> centos7, I think I still have the vm
<kstenerud> We should really start doing ansible scripts for repro cases :P
<ahasenack> comment #8 shows the results, not how I did the setup
<ahasenack> (in the lp bug, not the rh one)
<DammitJim> if I want to remove custom services on Ubuntu 14, what do you guys think I should do?
<DammitJim> I was looking at running:
<DammitJim> 1) sudo service <servicename> stop
<DammitJim> 2) sudo update-rc.d -f <servicename> remove
<DammitJim> 3) rm /etc/init.d/<servicename>
<DammitJim> 4) rm -R /var/lib/<servicename>
<DammitJim> am I missing something else?
<sdeziel> DammitJim: depends which service it is, but 1) followed by 2) would work for system V services
<sdeziel> DammitJim: for upstart managed services, this would be a little different
<DammitJim> yeah, this is not systemd
<DammitJim> Ubuntu 14.04 LTS
<sdeziel> DammitJim: correct, 14.04 used upstart
<sdeziel> s/used/uses/
<DammitJim> right... so, are you saying I need to do something different because it's upstart?
<RoyK> DammitJim: uninstalling those services with apt will probably do this easy for you
<RoyK> DammitJim: and keep in mind that 14.04 won't be supported much longer - it'd be a good idea to upgrade soon
<DammitJim> RoyK, they are custom
<DammitJim> like I created multiple instances of tomcat
<DammitJim> RoyK, yes, that's part of the upgrade... I don't want to have to worry about these services that have been phased out
<DammitJim> when I go to 18.04 LTS
<sdeziel> DammitJim: for upstart driven service, you'd do: sudo service $SVC stop; echo manual | sudo tee -a /etc/init/$SVC.override
<RoyK> also, keep in mind that it may be quicker to just install 18.04 on a new machine and then migrate the stuff fro the old one
<DammitJim> ah, interesting... what does the echo manual do?
<RoyK> quicker and indeed cleaner
<DammitJim> RoyK, yes!
<DammitJim> sdeziel, I was going to just delete that file in /etc/init.d
<DammitJim> wait, /etc/init ? let me look
<DammitJim> that service doesn't exist in /etc/init for some reason
<RoyK> DammitJim: with sysv scripts, /etc/init.d is just a place to put the scripts and then have the system symlink to them from /etc/rcX.d where X is the run level (normally 2 on 14.04 IIRC)
<DammitJim> oh ok, so I probably need to remove those symlinks
<RoyK> yes
<RoyK> update-rc.d does just that
<DammitJim> yeah, that's what I thought
<DammitJim> ok, thanks for your help guys
<DammitJim> I think I have a plan to execute
<RoyK> ap_if.ifconfig()
<RoyK> oops
<ahasenack> this is what I mean by ipa being nitpicky
<ahasenack> ipapython.admintool: ERROR    DNS zone example.com. already exists in DNS and is handled by server(s): a.iana-servers.net., b.iana-servers.net.
<ahasenack> what a pain
 * ahasenack uses --allow-zone-overlap
<ahasenack> kstenerud: ugh, I think the freeipa version changed too much in cosmic since that bug was opened
<ahasenack> the bind bug, I mean
<ahasenack> it just configured apache with an encrypted private key, so apache won't start because it doesn't know the passphpase, nor does it prompt for it
<dpb1> did something happen to feature freeze?
<teward> dpb1: probably a better question for #ubuntu-release
 * dpb1 nods
<l4m8d4> blackflow: Thanks for your suggestions, I installed ubuntu-standard, I think it's an OK compromise for me for now
<blackflow> l4m8d4: yw
<ahasenack> back
<ahasenack> kstenerud: heh, about the apache startup issue with freeipa: https://bugzilla.redhat.com/show_bug.cgi?id=1591703#c3
<ubottu> bugzilla.redhat.com bug 1591703 in freeipa "ipa-server-install fails to start the httpd server during installation and ends with error." [Unspecified,New]
 * ahasenack troubleshoots further
<kstenerud> lovely
<caliculk> ahasenack, you ended up disconnecting yesterday after the netsplit, to sum up what the zfsacl module does, it provides interoperability between acls on linux, zfs, and nsf. ZFS uses nsfv4 acls not posix type stuff. But I ultimately believe it to be a bug, so: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1788776
<ubottu> Launchpad bug 1788776 in samba (Ubuntu) "Ubuntu 18.04 samba/samb-vfs-module not compiled/built --with-acl-support or zfsacl vfs module" [Undecided,New]
<ahasenack> I saw it, thanks
<ahasenack> so even when you run zfs set acltype=posixacl you need that vfs module?
<caliculk> Thats what I had when running freenas, and the vfs module was enabled.
<caliculk> You can easily still access shares when not running the vfs module, but it isn't full compatibility.
<ahasenack> even with acltype=posixacl?
<caliculk> I believe so, because extended attributes would still apply: "To obtain the best performance when setting posixacl users are strongly encouraged to set the xattr=sa property"
<ahasenack> that's ok, it's a performance tip
<ahasenack> I'm trying to understand if a configuration change, like setting acltype=posixacl, isn't enough to fix the issue, or if a new module is really needed
<ahasenack> I also don't understand how nfsv4acls intersect with samba, but I can read about that
<ahasenack> kstenerud: ok, fixed. freeipa really wants $(hostname) (and not just $(hostname -f) to return the fqdn
<ahasenack> it used to check for that iirc, but anyway
<caliculk> That I can't answer completely, I am not knowledgeable enough to answer that. :/ I just know from the documentation I have been reading, it appears that the module is necessary/useful for ZFS, but, by default it is not available (afaict)
<ahasenack> so you haven't seen issues yet without it? I assume you have a samba deployment exporting a share that sits on zfs
<caliculk> Correct, it's just whether I enable or disable that module it becomes an issue. Granted, I haven't used the share that much since I don't want to write or do anything with it until I had gotten to the bottom of why the module was missing first.
<caliculk> I still have an entire backup to transfer back on the zfs filesystem that hasn't been completed yet either until I could confirm 100%
<ahasenack> ok, getting an actual scenario where the module fixes a problem will help to determine how useful it is
<ahasenack> oh, samba migrated
<ahasenack> happy dance
<ahasenack> This bug was fixed in the package samba - 2:4.8.4+dfsg-2ubuntu1
<kstenerud> nice!
<caliculk> Hm, I tried upgrading to 4.8.4 via a PPA (since 4.8.4 is not officially available on 18.04.1, and I don't feel comfortable installing samba from source), did not run into much luck getting it to start.
<caliculk> Unless I missed something, I couldn't find it in a specific distro list on any of the additional options "verses" available.
<ahasenack> it just landed in cosmic, not 18.04.x
<ahasenack> bionic won't get it, since it's a new major version
<caliculk> Yeah :/
<caliculk> I guess it could be available in backports eventually
<caliculk> But... backports
<caliculk> I guess, best thing to do would be to file an issue here then? https://launchpad.net/bionic-backports ?
<ahasenack> you can try, I don't know how responsive backports are
<ahasenack> I dealt with one last year, and had to convert it to an SRU instead, which was a lot of work, but was done at least
<ahasenack> for cosmic, there may still be time. We just entered feature freeze (a few hours ago), so a new module would be a new feature and would have to be explained carefully
<ahasenack> that's why I need that scenario of what this module is fixing
<ahasenack> to be able to get a "feature freeze exception", if it's worth it
<ahasenack> specially since it would add to our delta with debian, who is not shipping that module either as far as I can tell
<caliculk> Well, unfortunately, I can't get someone in #samba to explain to me in a more context aware scenario (posted the bug report there asking for guidance). I have reached out to some other people I know that are running ZFS on Ubuntu, to see if they could assist as well. But haven't heard back yet.
<ahasenack> ok
<ahasenack> yeah, samba in debian doesn't have a zfs module either, as expected
<ahasenack> jsut checked
<ahasenack> kstenerud: ok, hm, the freeipa installation finished out of the box now, using cosmic's bind9
<ahasenack> I'll comment in the bug
<ahasenack> bionic next
<ahasenack> but good that it looks fixed in cosmic
<ahasenack> ah,
<ahasenack> not for long
<ahasenack> Aug 24 17:31:41 cosmic-freeipa named-pkcs11[6550]: ../../../lib/dns-pkcs11/view.c:968: REQUIRE(view->zonetable != ((void *)0)) failed, back trace
<nacc> heh
<ahasenack> same cr*p
<ahasenack> oh well, can test the fix
<ahasenack> kstenerud: btw, you skipped a release number again in your versioning of your bind9 package in the ppa
<ahasenack> you have -3ubuntu3~ppa1 when the cosmic package is 3ubuntu1
<caliculk> I have to go for now, but I will update you on if I hear back from anyone about the module and it's specific benefits. My environment may just not be sufficient (use ubuntu-server in a one person apartment) to test whether the acl has a huge advantage with that enabled.
<ahasenack> ok, thanks for checking
<ahasenack> I'm a zfs user myself, and I also have a home-built NAS with samba on top of zfs
<ahasenack> but just one user
<ahasenack> that doesn't really exercise ACLs :)
<caliculk> The best I can tell it MAY help with Volume Shadow Service, but, yeah... sounds good.
<ahasenack> kstenerud: yeah, the patch worked
<ahasenack> no crash this time
<kstenerud> ahasenack: Can you tell me how you configured the vm running freeipa? I can't seem to get it onto any accessible network :/
<ahasenack> kstenerud: the vm itself is using the default libvirt network, 192.168.122.0/24
<ahasenack> it's on virbr0 iirc
<kstenerud> hmm yeah that's the same I'm running. Odd
<ahasenack> kstenerud: it's a nat'ed network, and it has dhcp
<ahasenack> ok
<ahasenack> then /etc/hostname has an fqdn, with 3 "pieces"
<ahasenack> I called it cosmic-freeipa.example.com
<ahasenack> I also added that name to /etc/hosts with the real ip the vm got, not 127.0.x.x
<ahasenack> then I called ipa-server-install with that dns option to allow zone overlap, you can find it with --help
<ahasenack> "hostname" has to return the fqdn (that's how freeipa likes it), as does "hostname -f"
<ahasenack> oh, and I rebooted after fixing the hostname like this
<kstenerud> My eth0 on the vm isn't getting an IP address
<ahasenack> that would be a problem :)
<ahasenack> check /etc/netplan/*
<ahasenack> ah, that's the other thing I did, I changed that to static, just to avoid surprises
<ahasenack> but I used the IP I got via dhcp the first time
<kstenerud> It's centos (for freeipa) so no netplan
<ahasenack> check if your libvirt network has dhcp enabled
<ahasenack> in virt-manager, go to edit -> connection details -> network
<kstenerud> It's a headless install
<ahasenack> but on your laptop/desktop?
<kstenerud> oh hang on
<ahasenack> where is the vm running?
<kstenerud> I have it under virt-manager. There's no edit menu
<ahasenack> it's in virt-manager's window, not the vm window
<kstenerud> ok so virtual network default has a dhcp range
<kstenerud> 192.168.122.x
<ahasenack> well, try just running dhclient as root in the vm, see if it grabs an ip
<ahasenack> if it does, then it's a centos configuration issue
<ahasenack> also, check the nic in the vm window
<ahasenack> kstenerud: do that first actually ^
<ahasenack> see if it's connected to the network you expect
<kstenerud> oh hah ok running dhclient manually works :P
<kstenerud> guess the minimal install is REALLY minimal
<ahasenack> surprising, but could be
<Jester316> Hello
<Jester316> I am (possibly) having some RAM difficulties
<Jester316> I am running a home server with a quad core 3rd gen intel cpu with 4gb of ram
<Jester316> My 'physical memory usage' is quite frequently very high and I feel like downloads and bash speed over ssh slows down
<Jester316> the thing is, my 'real memory' is under control', surprisingly under 1gb of use
<dpb1> what does free -m show
<dpb1> !pastebinit | Jester316
<ubottu> Jester316: pastebinit is the command-line equivalent of !pastebin - Command output, or other text can be redirected to pastebinit, which then reports an URL containing the output - To use pastebinit, install the Â« pastebinit Â» package from a package manager - Simple usage: command | pastebinit
<Jester316> dpb1, https://pastebin.com/WyxHPLuk
<Jester316> Right now it's alright
<Jester316> I'm not actually doing much, but yesterday when I was downloading and streaming a movie over local network, the stream would shut off, download speed was lower than usual and bash over ssh was sluggish
<Jester316> I did have a lot of cache at that point and clearing it improved everything, as well as rebooting, which I did the first time round
<Jester316> dpb1, https://i.imgur.com/QDqzk6W.png
<blackflow> that looks like a totally underutilized memory.
<Jester316> hmmm
<blackflow> physical mem will always be near fully used. unused physical memory is wasted memory.
<blackflow> see https://www.linuxatemyram.com/
<blackflow> the caches are volatile. if an app allocates memory for its used, the kernel will happily drop the caches and give that space to the app. also, streaming issues you mention, including laggy ssh, is not indicative of memory issues, but of network issues.
<Jester316> alright, thanks blackflow
<Jester316> that was a concise and informative link, good read
<Jester316> I'll come back when/if I experience sluggishness again without a reason
<Jester316> good day!
<blackflow> good luck
<caliculk> ahasenack, the person that I was talking to got back to me. As far as I can tell the biggest benefit is to emulate the Windows permission set properly with the vfs module and the  --with-acl-support options.
<caliculk> That seems to be the biggest downside (so for a person in a 100+ company, it might make more sense) but for a one person home use, obviously it would not. However, if I were to share this out with my roommates, then it would make sense to want to include the zfsacl permission set.
<caliculk> Basically, it just provides proper windows support with zfs.
<caliculk> I am not sure if that is reason enough to ask for a feature freeze exception though
<JanC> it's probably useful to know if including it can somehow break existing systems
<JanC> (that's usually an important factor for freeze exceptions)
<caliculk> I don't believe it would, but I am not sure in the slightest on where to begin on testing that to get this included,.
<caliculk> Though the --with-acl-support option on Samba is not specific to ZFS, it doesn't allow samba to play nicely with ext4 or other filesystems either.
<caliculk> Basiclly, if I use FreeNAS (where this module is working and existing), the biggest plus is that Samba can then expose those shares with ACLs that Windows understands without any additional work required.
#ubuntu-server 2018-08-25
<DrManhattan> Hello, I'm running 18.04 server on a laptop with no GUI and I'm hoping to poweroff the screen when there's no input. Google is not yielding me good results. The screen stays on. Can anyone here help?
<blackflow> DrManhattan: look up "consoleblank" parameter
<DrManhattan> I tried that, it didn't work
<blackflow> DrManhattan: how about "setterm"?
<DrManhattan> that has no effect either - "setterm --powerdown 1" did nothing, either locally or via ssh
<blackflow> so then what do you mean by "poweroff the screen"? you mean literally turn its power off?
<blackflow> oh wait, laptop.... nvm.
<DrManhattan> if I had a GUI installed it's a piece of cake :)
<blackflow> well, if consoleblank kernel parm, or setterm don't work, I don't know what else is there.
<DrManhattan> now I just get my feeling hurt
<DrManhattan> Ok, thank you. I'm just going to call this one a lost cause
<blackflow> DrManhattan: you could always run a dummy xorg if that really bothers you :)
<DrManhattan> :/
<blackflow> well I'm not really kidding. you could run just xorg, no DE or anything, to get the advantage of gpu modes and xset command.
<blackflow> ... _if_ that really bothers you. alternatively I'd look into your specific laptop model and if there's a way via acpi(d)
<DrManhattan> Yeah I know, but I'll just use the fn+f9 feature of the laptop and turn the monitor off manually
<DrManhattan> I appreciate your help
<blackflow> that actually ain't bad idea at all. minimize console time (admin it via ssh) and it'll probably stay off most if not all the time.
<blackflow> (as in you won't need to remember to turn it off when you walk away, often)
<blackflow> ansible-playbook -l dev -t zfs_part
<blackflow> oops, sorry, wrong window
<DrManhattan> I could remove the monitor entirely too, and just hook a VGA one to it if needed
<DrManhattan> it's nothing more than a plex transcoder anyhow
<petrhl> hi
<petrhl> I'm trying to set Hurrincane electric tunnel. It works on a server, clients get ipv6 address but pinn6 to google com doesn't work. I've been googling for over an hour but still don't know what I did wrong. Could you help me please? Here is list of radvd.conf, iptables etc. https://pastebin.com/bVyW15wS Thanks!
<RoyK> petrhl: pastebin output of 'ip -6 route'
<pragmaticenigma> I'm interested in finding a tutorial/instructions for setting up a machine that can auto-decrypt an encrypted drive on boot. The key or keyfile would live on a different machine that the encrypted machine would fetch from.
<pragmaticenigma> I've seen the dropbear method, but that appears to require user intervention. My hope is to have a keyfile served by a raspberry-pi or something similar on the local network
<caliculk> Hm, ran into another samba bug that tends to point out that it requires zfsacl: https://bugzilla.samba.org/show_bug.cgi?id=13242 ahasenack I am beginning to think that it would be a good idea to implement, but, still looking at it. :(
<ubottu> bugzilla.samba.org bug 13242 in File services "Time Machine (MacOS 10.13.3) reports "the selected network backup disk does not support the required capabilities"" [Normal,Resolved: fixed]
<Sven_vB> hi! according to htop, my VPS is mostly idle â almost no CPU or memory use, load average below 10%, "Tasks: 381, 27 thr; 1 running", but somehow it experiences lots of lots of "postfix/smtpd[21555]: fatal: socket: No buffer space available" and "bash: fork: Cannot allocate memory". how to debug?
<leftyfb> Sven_vB: Ubuntu version, hardware specs, configs and purpose of the server please
<Sven_vB> Ubuntu 14.04.5 LTS trusty, lowest tier HostEurope virtual server, which configs?, hosts my website and mail.
<teward> Sven_vB: 'lowest tier' means nothing, if you state us the specifics of that tier that might help
<teward> such as what specs you are actually assigned - RAM, number of CPUs, etc. - that'd be more helpful
<leftyfb> Sven_vB: being a virtual server, sounds like your host might be throttling your VPS when it tries to do too much. You REALLY should contact them when this happens to see if they can see anything on their end
<Sven_vB> oh ok. 1 vCPU (single) core, 4 GB RAM + 3 GB swap
<Sven_vB> I've contacted them the last few times it happened, but they couldn't see any anomalies from the outside.
<leftyfb> Sven_vB: maybe time to get bare metal or separate VPS's for each of your services. Or spend a ton of time optimizing the hell out of your services/code/OS
<Sven_vB> you mean it's actually overloaded even though htop shows it as almost idle?
<teward> it can be
<teward> Websites can take up a lot of resource
<teward> mail can too]
<teward> depending on what you're running, etc.
<teward> how are you determining CPU and memory use?
<Sven_vB> I'll shutdown apache and postfix and see if it gets better then
<Sven_vB> teward, the "uptime" command and the bars in "htop"
<teward> use `free -m` to check your memory usage
<teward> htop sometimes doesn't report data in a useful way
<Sven_vB> free -m: https://paste.ubuntu.com/p/Fptrkx433D/
<Sven_vB> teward, also I'm planning on monitoring some values from /proc/meminfo. which ones would be important? I guess Buffers Cached HighFree and LowFree?
#ubuntu-server 2018-08-26
<blackflow> Mmmmmh. iron-clad, locked down, systemd-cgroup-containerized, apparmored, unprivileged (no root master) nginx server running on Bionic.     Tastes like a million dollars. With a side dish of occasional CVE corrosion in that iron, but eh...
<blackflow> Ooh! Ooh! Running atop of LUKS encrypted ZFS root.
<taylan> can someone help me troubleshoot my mail server?  I tried to configure postfix and courier with ldap, but thunderbird can't connect to a user I defined in ldap...  no idea what debugging tools are available to pinpoint the problem.  they are listening on 465 and 993 on all interfaces and I can open a TCP connection to these ports from the computer with thunderbird on it.
<compdoc> thunderbird supports ldap? i had no idea
<taylan> compdoc: no, postfix and courier do
<taylan> my problem description was crap.  in thunderbird, I'm trying to add an ccount.  I entered the smtp and imap hostnames, selected ssl/tls for both, but when I click on "Re-test" it says "Thunderbird failed to find the settings for your mail account"
<compdoc> seems like an odd error. like its trying to autoconfigure instead of accepting your settings
<taylan> by the way, the reason I'm trying to set up courier is that "apt-get install dovecot" fails.  the install scripts seem not to add some users and groups they should be adding...  anyone know this problem?
<taylan> I'm on LTS
<compdoc> anyway, Im no expert on ldap, and its early yet. hang out and ask again. maybe someone will know. mught also ask in  ##networking
<taylan> oh, when I manually select some auth options in thunderbird, the error message becomes "username or password invalid".  I guess that's a step forward
<taylan> ok thanks :)
<blackflow> taylan: begin with postfix and dovecot errors, they must've logged what went wrong
<blackflow> ohwait... courier....
<taylan> blackflow: see above: I couldn't install dovecot :(
<blackflow> taylan: ok one problem at a time. dovecot installed just fine here on bionic. dovecot-imapd thatis
<taylan> it first erred out because the "dovecot" group didn't exist.  I added it manually.  then it said the user "dovenull" doesn't exist, and I didn't want to continue trying to fix things manually...
<blackflow> which package though? dovecot per se doesn't exist, you must be explicit about which compoentn you install
<taylan> I think it was the core package that caused the errors already.  let me retry.
<blackflow> bionic or xenial? because it just installed fine on bionic
<taylan> silly question but what's the quickest way to find out?  I think I'm on 16.04, whatever codename that has.
<jelly> lsb_release -sc
<taylan> thanks.  xenial it is.
<blackflow> doesn't seem like anything like this has been reported for dovecot as bug. I wonder if there's a permission problem preventing install scripts from creating the group and the user
<blackflow> at any rate, dovecot is strongly recommended for postfix, especially for sasl.
<taylan> I just found this: https://www.mail-archive.com/ubuntu-server-bugs@lists.ubuntu.com/msg147608.html
<taylan> sadly the mails by the original reporter don't seem to be in the archive.  the subsequent reply indicates that they were able to solve the problem somehow
<blackflow> status: Invalid, no wonder it didn't show for me in search
<blackflow> bug #1785584
<ubottu> bug 1785584 in dovecot (Ubuntu) "package dovecot-core 1:2.2.33.2-1ubuntu4.1 failed to install/upgrade: installed dovecot-core package post-installation script subprocess returned error exit status 1" [Undecided,Invalid] https://launchpad.net/bugs/1785584
<taylan> ah neat, that has the full contents
<taylan> hmm, it's not the same issue though.  my /etc/group and /etc/passwd are clean.
<taylan> oh damn, found the problem, and it's crazy
<blackflow> taylan: what is it?
<taylan> I have a ~/bin/adduser and ~/bin in my PATH.  it does something completely different than /usr/sbin/adduser
<taylan> hmm, one could say 'apt-get' shouldn't be affected by that...  anyway, I'll rename it.
<blackflow> taylan: it reminds me of the Dwarf Fortress game causing havoc in Debian, because its binary is `df` and was in PATH before /bin/df
<taylan> hahaha
<blackflow> so now that you got to the root of it, pun intended, install dovecot. dovecot > courier, especially for sasl. then check the logs, enable auth verbosity for dovecot.
<taylan> yeah, installed it already.  checking out how to configure it for ldap
#ubuntu-server 2019-08-19
<mmercer> hey guys, im working on repackaging python-pi, since the version in ubuntu16 has a few errors, i just want to patch that version and increment the minor string, but i cant find any documentation on how to do this
<mmercer> ive used apt-get source to get the source file, ive used dpkg-source but i cant figure out how to actually change the version number before recompiling
<mmercer> nvm, figured it out
<Triffid_Hunter> hi, how do I stop networkmanager changing the metric on my routes, or at least tell it what metric it should use?
<Triffid_Hunter> oh actually it seems to be systemd-networkd
<cpaelzer> ahasenack: why does libpmemobj-cpp need the  libpmemobj-dev dependency to be versioned?
<cpaelzer> I see that debian didn't take the change that you had, but took all others
<ahasenack> cpaelzer: readme says it should work with >= 1.4 or 1.5, iirc
<ahasenack> but then why is the build-depends on 1.6
<cpaelzer> and I wondered as I have seen other packages with versioned build-depends but non-versioned depends on the -dev package
<ahasenack> so I added that same depends
<ahasenack> this is existing delta, btw
<cpaelzer> I know
<cpaelzer> I jstu wondered this being the last that is elft if it could be a sync
<ahasenack> I think this stuff is still a bit experimental
<ahasenack> but I could drop it next time
<cpaelzer> oh yeah it seems that way
<cpaelzer> well, you could upgrade from Bionic and update one, but not the other without your change
<cpaelzer> so I see some (minor) reson to keep it
<cpaelzer> thanks for talking about it, I mostly wanted to know if there was more to it that I could learn and then fix in other packages
<ahasenack> and debian didn't have that package back then
<ahasenack> so they don't have this concern of upgrading from 1.4.1
<V7> Hey all
<V7> Could anyone suggest how to get rid of systemd-resolve's messages in syslog like: https://termbin.com/u2ym
<V7> Already relinked /etc/resolv.conf and reinstalled resolvconf
<lordcirth> V7, why are you trying to disable systemd-resolve?
<V7> I'm not trying to disable it
<V7> Why do you think like that?
<lordcirth> Well, doesn't resolvconf conflict with it?
<V7> I'm just trying to figure out why does it produce so much restarts
<V7> lordcirth: Don't know. Could it?
<nacc> V7: there is only one restart listed.
<V7> nacc: It's about each 3 minutes
<nacc> V7: ... how would we know that from the log you pasted?
<V7> ~ Same message
<V7> Sorry
<lordcirth> Both try to manage /etc/resolv.conf. IIRC systemd-resolve disables itself if resolvconf is installed? Not sure
<V7> /etc/resolv.conf is linek to /run/resolvconf/resolv.conf
<V7> linked*
<V7> Currently, it contains https://termbin.com/9ho6
<lordcirth> Ok, so resolvconf is directing DNS to systemd-resolve.
<V7> So any ideas :)?
<lordcirth> Personally I don't see why the log lines are an issue.
<nacc> V7: can you show us actual logging that indicates it is restarting repeatedly?
<V7> It's flooding it
<V7> Roger that
<V7> nacc: https://termbin.com/y8o2
<nacc> V7: your system is getting an IP every 3 minutes
<nacc> V7: so of course name resolution refreshs
<V7> How does it getit then?
<nacc> V7: sorry? how does what get what?
<V7> How does a server get an ip every 3 minutes
<nacc> V7: it's making a DHCP request (per your logs) to do so.
<V7> Every 3 minutes?
<nacc> V7: I don't know if your lease is expiring rapidly, if your client is misconfigured
<nacc> V7: yes, see the lines starting `dhclient: `
<V7> Of you mean a DHCP server's lease might be to short
<V7> I'll check that
<nacc> `dhclient[1309]: bound to 192.168.1.100 -- renewal in 226 seconds.`
<nacc> that's about 3.75 minutes
<nacc> which is absurdly short :)
<GivenToCode> xpost from ubuntu: anyone run ubuntu 18.04 via community AMIs on EC2? I am seeing shutdown (stop/terminate) hang for about 4 minutes without any shutdown hooks activating on the instance (ie systemd) and then ec2 forcing termination
<GivenToCode> i tried turning on systemd debugging but it appears whatever is hanging is hanging before all that
<GivenToCode> I can say change in behavior happened sometime between July 29th at 2:10pm ET and Aug 1st 3:40pm ET
<V7> So, took a lok into mikrotik's configs
<V7> lease time was set to 10 minuts
<V7> minutes*
<V7> https://wiki.mikrotik.com/wiki/Manual:IP/DHCP_Server#Lease_Store_Configuration
<V7> A page claims that after half of this time client might ask for renewal might this be a causer of log write?
<V7> renewal. Might*
<lordcirth> Yes, renew at 1/2 is standard. The question is, why is the DHCP server giving 6 minute leases?
<lordcirth> ~24 hours is more standard.
<V7> Already changed to normal
<V7> Thank you very much
<V7> Waiting for new entries in logs
<V7> Do these logs look normal?
<V7> Btw
<V7> Is it okay to add IPs to hosts.deny if it attacks SMTP server?
<tomreyn> sure, though firewalling may be a better approach.
<tomreyn> it may not be desirable if there's also legitimate (smtp or other) traffic coming from there, though.
<V7> Thank you very much
<tomreyn> e.g. you wouldn't want to firewall legitimate (ham) mail servers which also send spam, handle them via SMTP instead.
<tomreyn> if it's only smtp auth brute forcing, though... firewall it.
<tomreyn> keep in mind, though, that ip addressing keeps changing, so don't block ip addresses forever.
<V7> Roger that
<RoyK> V7: tcpwrapper as in hosts.{deny,allow} isn't used much these days
<V7> Roger that
<RoyK> fail2ban can be nice too if configured correctly
#ubuntu-server 2019-08-20
<lordievader> Good morning
<cpaelzer> good morning lordievader
<cpaelzer> rafaeldtinoco: FYI I started to prep https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1840745 for AMD as discussed
<ubottu> Launchpad bug 1840745 in qemu (Ubuntu Bionic) "backport extended amd spectre mitigations" [Medium,Triaged]
<cpaelzer> but before I'd want to complete https://bugs.launchpad.net/ubuntu/eoan/+source/libvirt/+bug/1828495 in eoan to then do the SRUs of bother together
<ubottu> Launchpad bug 1828495 in linux (Ubuntu Eoan) "[KVM][CLX] CPUID_7_0_EDX_ARCH_CAPABILITIES is not enabled in VM." [Wishlist,In progress]
<cpaelzer> due to that I started on the latter and you will see some requests to test and reivew later on
<rafaeldtinoco> cpaelzer: perfect!
<rafaeldtinoco> good morning o/
<cpaelzer> rafaeldtinoco: hi
<rafaeldtinoco> cpaelzer: o/
 * rafaeldtinoco found a gcc9 issue in Eoan compiling clickhouse #)
<ahasenack> I can't find python-httptools in eoan: https://launchpad.net/ubuntu/+source/python-httptools
<ahasenack> I even have eoan-proposed enabled, and for all pockets (main, restricted, universe, multiverse)
<ahasenack> but apt won't see it
<ahasenack> oh
<ahasenack> python3
<Odd_Bloke> rharper: https://code.launchpad.net/~daniel-thewatkins/simplestreams/+git/simplestreams/+merge/371523 <-- do you have upload rights for simplestreams?
<rharper> Odd_Bloke: I do not
<Odd_Bloke> Hmm, OK.
<Odd_Bloke> powersj: Could we find someone to sponsor me for ^^?
<Odd_Bloke> powersj: (We should probably also spend a bit of time properly dropping the Python 2 packages; I removed one which lintian reported as empty, but not the others.)
<lordcirth> Ubuntu 16.04, I have an interface ens2f0, ens2f0.248 vlan interface attached to it, and a br248 attached to that. The bridge has "post-up ip route add 192.168.248.0/22 via 192.168.248.1 dev br248". This command isn't getting run on boot anymore (it worked before?) and the logs say "RNETLINK: Invalid argument"
<lordcirth> Previously that error has occurred when I try to add a route whose 'via' isn't reachable. But I don't see how that can happen here, given that the br248 config has a static IP
<sdeziel> lordcirth: does it work if you run the command manually?
<lordcirth> sdeziel, yes, that's the weird part. It has to be some kind of race on boot
<lordcirth> How can a post-up be running before the rest of the interface gets configured/
<powersj> Odd_Bloke, rcj might be good to look at that once you fix ci
<Odd_Bloke> powersj: I don't _think_ we need CI passing on the packaging branches, because we push instead of autolanding.
<Odd_Bloke> rcj: Please to be looking. :)
<rcj> Odd_Bloke: Looking now
<Odd_Bloke> Thanks!
<Odd_Bloke> rcj: We don't normally use the autolander for packaging MPs (it's normally review and then push by the submitter).  Let's see what happens!
<rcj> Odd_Bloke: You can push, I've reviewed the MP.
<Odd_Bloke> powersj: rcj doesn't have upload rights either.
<powersj> Odd_Bloke, ok we can ask someone on the team
<powersj> ahasenack, rbasak could one of you look to sponsor an upload of simplestreams for Odd_Bloke
<rbasak> Odd_Bloke: I'm expecting to see commit ba75825b as an ancestor of ubuntu/devel, but it doesn't seem to be?
<rbasak> I think you're meant to have merged master in to ubuntu/devel and then updated debian/changelog and tagged it
<rbasak> I can still sponsor though
<rbasak> Doesn't look like the commit graph will make a difference to the tooling.
<rbasak> Odd_Bloke: tools/make-tarball works for me, or is there a different generated equivalent tarball you'd like me to use?
<ahasenack> kanashiro: hi, did you see the bug mail from your openldap sru?
<kanashiro> ahasenack, yes, should I do something regarding that?
<ahasenack> kanashiro: this is now the verification step, where ideally the person who reported the bug would follow the [test] instructions and confirm that the package in -proposed fixes the bug
<ahasenack> kanashiro: this not always happens, or takes too long
<ahasenack> kanashiro: so what I do generally is give it a day or two, and if no-one performs the verification steps, I do it myself
<kanashiro> ahasenack, ok, I'll keep an eye on the bug then, and if no one test it I will in a couple of days
<Odd_Bloke> rbasak: Ugh, the autolander squashes.
<Odd_Bloke> rcj: This is why we shouldn't use the autolander! :p
<Odd_Bloke> rbasak: I'll have to force-push up a fix.
<Odd_Bloke> rbasak: Done; good catch!  tools/make-tarball is what I would use (albeit indirectly via https://github.com/CanonicalLtd/uss-tableflip/blob/master/scripts/build-package).
<rbasak> Odd_Bloke: OK, so I'll upload an orig tarball I'll make myself?
<Odd_Bloke> rbasak: Yep, if that's OK?
<rbasak> Sure
<rbasak> Uploaded
<Odd_Bloke> Thanks!
<lopta> Is there a simple way to list the dependencies of a package?
<lopta> I'm standing up what might turn out to be my first production Ubuntu server.
<lopta> Well this installer looks pretty friendly.
<rbasak> A package that's installed? "dpkg -s package"
<rbasak> A package in apt that you haven't yet installed: "apt-cache show package"
<rbasak> And look for the Depends line
<lopta> Thanks
<lopta> Well, I went for it and installed Ubuntu Server and mono-complete.
<lopta> ...sadly the version of mono is too old for the application.
<lopta> I wonder whether a newer version of Ubuntu Server might open up a newer version of Mono
<Odd_Bloke> lopta: What version of Ubuntu did you install?
<lopta> 18.04, I think
<lopta> uname -a doesn't tell me but I can look up the name of the .iso
<lopta> 18.04.3
<Odd_Bloke> lopta: `lsb_release -a` would also do it.
<lopta> Thanks
<lopta> Well, I'll try again tomorrow.
<Odd_Bloke> lopta: So it looks like disco (19.04) has 5.18.0.240, but be aware that disco is only supported for 9 months from its release.
<Odd_Bloke> So you'd need to be prepared to upgrade in the near future, to continue being security supported.
 * lopta nods
<lopta> I imagine I'll be long-gone by that point but I'd love to deploy this with Ubuntu if possible.
<lopta> Oh weird, I get a 404
<lopta> Ah, second time's the charm.
 * lopta wipes the vm and starts from scratch
<lopta> Thanks for your help!
<teward> ... well i'm an idiot >.<  I have an LXD server running off an isc-dhcp-server that is in the same container subnet.  And it had the wrong gateway in the DHCP records and had an IP conflict so internet traffic was asploding to the Internet.
<teward> ... I feel stupid >.>
#ubuntu-server 2019-08-21
<lordievader> Good morning
<seven-eleven> why does the SSH host key change if I restart cloud init?
<lordievader> Probably to prevent many hosts from having the same host-key.
<seven-eleven> why not create a unique instance and have persistent host keys for the instance on reboot
<seven-eleven> if you create an instance you can give it persistent host keys until it is destroyed; is it not a security risk to have changed host keys all the time, now you can't know if it's a MITM or still the first host you connected to
<seven-eleven> cloud init should simply check if the host keys are present already and if the host keys are using the same encryption as specified in cloud init
<seven-eleven> i rechecked, on reboot the host keys are persistent, only if you delete the instance it's not
<seven-eleven> thats fine :)
<mwhudson> seven-eleven: cloud-init has a bunch of per-instance things and a bunch of per-boot things
<mwhudson> i'd assyme ssh host keys are per-instance but i haven't checked...
<seven-eleven> mhm
<seven-eleven> can I write a cloud init configuration like in example B or does only example A work? http://dpaste.com/32ZTZ1Q
<seven-eleven> I'm not sure if I can split up the dictionary in two parts
<seven-eleven> i created a sha-512 password with this command https://unix.stackexchange.com/a/260195 and added the hash to cloud init's user: passwd directive. when the instance is started the password is not accepted. http://dpaste.com/015W9V2
<seven-eleven> no matter what I the password is not picked up by cloud init, i did it the same way as in these examples https://cloudinit.readthedocs.io/en/latest/topics/examples.html
<seven-eleven> +try
<cpaelzer> rafaeldtinoco: rbasak: wooooot I think I cracked ufw/iptables for mysql8
<cpaelzer> the reason it only triggers from autopkgtest's build-needed is the way users are set up for the build
<cpaelzer> fix is available and currenlty running tests
<cpaelzer> and this was a real issue that would have got into eoan, so the UFW test did well
<cpaelzer> rbasak: if you maybe could take a look at https://code.launchpad.net/~paelzer/ubuntu/+source/iptables/+git/iptables/+merge/371575 ?
<lopta> When I try to install 19.04 in a VM that I made for it, I get "An error occurred during installation".  I'm going to see whether I find find out more in the full log...
<lopta> Looks as though "Some index files failed to download".
<cpaelzer> lopta: is the error reproducible?
<cpaelzer> or could it be a one off network issue that made e.g. apt fail?
<lopta> cpaelzer: For me, yes.  This is my second attempt.
<lopta> (in two days)
 * cpaelzer is installing from iso ...
 * lopta nods
<cpaelzer> lopta: which one do you use http://releases.ubuntu.com/19.04/ubuntu-19.04-live-server-amd64.iso ?
 * lopta nods
 * lopta has another go, this time opting not to update the installer.
<lopta> No. Same thing.  18.04.3 installed without errors but that doesn't have the version of mono-complete that my application software seems to need.
<lopta> I wonder whether I can install 18.04.3 and the somehow update to 19.04
<cpaelzer> lopta: anything special on install?
<cpaelzer> or jsut enter/enter/...
<lopta> Enter... Enter, mostly.  Is 32G enough disk space?
<cpaelzer> I have 5G
<cpaelzer> update of new installer worked ... going on
<lopta> I wonder whether our network is blocking something that 19.04 needs that 18.04 didn't.
<cpaelzer> install is running, I see various curin info steps
<cpaelzer> at which step did yours fail lopta ?
<cpaelzer> lopta: mine seems mostly complete already, it is at "downloading and installing security updates"
<cpaelzer> lopta: installed just fine for me
<lopta> cpaelzer: I wiped the VM.  Let me try it again...
<cpaelzer> ahasenack: rbasak: kanashiro: ahve you seen builds complete but not end recently?
<cpaelzer> I have a PPA which took linger tan expected and they seem complete but staying in building state
<cpaelzer> e.g. https://launchpad.net/~paelzer/+archive/ubuntu/bug-1840872-duplicatehotplug-1840745-amdssbd/+build/17449039
<ubottu> Error: launchpad bug 17449039 not found
<ahasenack> cpaelzer: I have not seen that
<cpaelzer> I'll give it another 15 minutes, but then cancel and restart them
 * cpaelzer doesn't want to waste resources
<cpaelzer> maybe asking the LP team if they know why the completion isn't picked up
<ahasenack> ufw failed to build, did you kill it?
<cpaelzer> in the bileto ticket?
<cpaelzer> no I just did a no change rebuild to enforce the tests agin
<cpaelzer> ahasenack: ^^
<ahasenack> bileto, yes
<cpaelzer> ah
<ahasenack> got an email
<cpaelzer> yeah I still have some dbeug on it which makes no sense
<ahasenack> like I do for every single bileto ticket
<cpaelzer> will resolve it
<cpaelzer> my inbox is useless until I get som eauto-sorting onto the "stuck in proposed mails"
<cpaelzer> truns out transitions are so noisy in your inbox you don't see anything else
<rbasak> I've been considering /dev/null'ing them
<rbasak> It's be nice to set an expiry on a procmail rule. I guess I can arrange that but I'm not sure of a recipe.
<rbasak> I'd have test it etc.
<teward> rbasak: i just shunt half the emails i receive for things that dont' concern me to a junk mailbox xD
<teward> rewrite:destination at my mail gateway, it goes to a different account :P
<rbasak> I have a mailbox called "notme" for that.
<teward> ... unlike tsimonq2 who lets all his messages through and doesn't delete/cleanup them and has an inbox the size of Texas right now
 * teward runs tsimonq2's email for them, hence how he knows this
<rbasak> =INBOX [Msgs:49434 Flag:1001 Post:6 804M] :-/
<teward> Simon's up to 1.1GB right now, at least when you factor in the indexes, etc.
<teward> and that's just their ubuntu-changes folder :P
<teward> but meh
 * teward goes to dig into why Xenial doesn't like latest NGINX builds for some reason
 * lopta wipes his virtual disk again
 * lopta has another go at installing Ubuntu Server 19.04
<lopta> Wish me luck!
<lopta> cpaelzer: The first package that failed to fetch was Commands-amd64
<lopta> "lzma_read: Read error (5)
<lopta> "
<lopta> Final line says "finish: cmd-install/stage-curthooks/001-configure-apt/cmd-in-target: FAIL: curtin command in-target
<lopta> Stderr: ''
<lopta> I was really hoping to use Ubuntu Server for this job.
<cpaelzer> lopta: atm I can only say that it worked for me and that I don't see an obvious item to attack with the error messages
<cpaelzer> Odd_Bloke: ^^ do these messages mean something to you from a curtin POV ?
<lopta> Is there a command to upgrade from 1804 to 1904?
<cpaelzer> yeah
<cpaelzer> let me fetch a good link
<cpaelzer> unfortunately askubuntu has maintenance atm :-)
<Odd_Bloke> That doesn't ring any bells, but I'm not hugely experienced with curtin yet.
<cpaelzer> lopta: https://help.ubuntu.com/lts/serverguide/installing-upgrading.html maybe as a start
<Odd_Bloke> mwhudson or rharper may be able to help more.
<cpaelzer> lopta: since 18.04 is a LTS it won't prompt you to upgrade until 20.04 is released
<cpaelzer> but you can change the config to do it
<cpaelzer> sudo do-release-upgrade -d
<cpaelzer> whic hwill tell you to edit /etc/update-manager/release-upgrades
<rharper> Odd_Bloke: lopta it looks to me like an apt update failed, network connection or sometimes the archive isnt available; we see transient failures during apt installs on our nightly testing some times;
<cpaelzer> -d is for devel relase, which in your case you done't need/want
<rharper> lopta: does it fail the same way each time ?
<lopta> rharper: Ye
<lopta> s
<lopta> "Upgrades to the development release are only available from the latests supported release"
<rharper> and you know networking on the device works ?
<lopta> Ah, thanks
<cpaelzer> lopta: you don't want/need -d
<lopta> rharper: yes
<lopta> Looks like it's getting Disco Dingo...
<cpaelzer> which is 19.04
<rharper> it sure looks like a networking issue;  you could try offline install, https://bugs.launchpad.net/subiquity/+bug/1750819 ; http://cdimage.ubuntu.com/ubuntu-server/bionic/daily-live/20190801/
 * lopta nods
<lopta> Well, let's see whether this upgrade process works.
<lopta> Nope.  Kernel panicced on reboot.
<lopta> "...not syncing: No working init found"...
 * lopta resorts to a desktop install...
<lopta> Well that's unfortunate.  My mouse isn't working.
<lopta> ...and I can't seem to tab around.
<lopta> Suppose that's an issue for another channel though.
<lopta> Let's try 1904 on bare metal.
<runelind_q> my landscape on-premise installation hasn't run update_security_db.sh in a week :(
<runelind_q> when I try to manually run the script, it just stops with exit 1
<runelind_q> hrm, it may be getting somewhere after the umpteenth restart ;p
<runelind_q> heh yep, it works now
<runelind_q> you may go about your business.  Move along, move along.
<lopta> Interestingly (to me) 1904 installed nicely onto bare metal.
<lopta> ...not sure what's up with my VM
<lopta> Alright. It's lunchtime.
<runelind_q> so I kinda screwed up when I installed this server, creating an mdadm mirror on a pair of 8GB sata DOMs for the OS install.  Predictably, space is getting pretty tight.  What's the best way to get bigger disks in there without reinstalling?  Clonezilla?
<ahasenack> add more disks, raid1 them too, and mount /usr on them?
<ahasenack> or whatever is your biggest space consumer
<ahasenack> is this a vm?
<runelind_q> no, physical server
<ahasenack> was just curious about the small disk
<runelind_q> I had some sata DOMs that I thought would be cool to use.
<runelind_q> but they're too small.
<lopta> \o/
<lordcirth> runelind_q, perhaps you could break the mirror, replace the other drive, rebuild, replace the first one, and expand?
<runelind_q> that is an option, yeah.
<leftyfb> I'm trying to pivot_root on ubuntu 16.04. I only have systemd and dbus-daemon left and can't seem to restart either of them to get them onto the new root. systemctl daemon-reexec doesn't seem to do anything for systemd. Any signals I give to the dbus PID seem to just kill the machine completely. Any ideas?
<leftyfb> actually, I was able to kill and restart the systemd service. So now it's only dbus I'm trying to get off of the /oldroot
<runelind_q> I don't believe the sata DOMs have serial numbers written on them, so I'll have a 50/50 chance of picking the right one when I fail/replace it.
<lopta> Apparently our application is up and running on Ubuntu Server 1904.  I'm impressed at how smoothly the installation goes on bare metal.
<lopta> brb, coffee++
<mwhudson> lopta: did you figure out what was going on in the vm?
<mwhudson> lopta: i'm glad it worked on bare metal :)
<lopta> mwhudson: I'm not sure exactly.  This'll do until I leave and someone accidentally switches it off. ;-)
<lopta> "Hey, why'd all our telemetry stop?!"
<mwhudson> haha
<mwhudson> "we've all ready the google sre manual, that's good enough right?"
<lopta> Well originally I asked for a VM on the ESXi cluster but the IT manager got very angry at the suggestion so I just told him "Don't worry about it. I'll take care of it myself".
<lopta> (and BCCd his temporary boss)
<lopta> Does (can) Ubuntu Server put the screen to sleep after a set period of no keyboard activity?
<compdoc> I think it does
<lopta> Thanks.
<lopta> We'll see what it does overnight.
<lopta> By!
<lopta> e*
<V7> Hey all
<V7> Postfix shows in syslog:  warning: connect to Milter service unix:/var/run/opendkim/opendkim.sock: No such file or directory
<V7> Already did https://unix.stackexchange.com/a/74491/133353
<V7> What could this be?
<V7> Figured out
<V7> In main.cf changed unix:/var/run/opendkim/opendkim.sock to unix:var/run/opendkim/opendkim.sock
#ubuntu-server 2020-08-17
<mathgrad> Hi How do I switch from the generic kernel to the virtual kernel for use of 20.04 in a VM
<RoyK> what's in the "virtual kernel"?
<mathgrad> figured it was a lightweight kernel
<mathgrad> for virtual machines
<rbasak> The virtual kernel doesn't exist any more. linux-image-virtual points to linux-image-...-generic
<rbasak> Kernels are modular though - you won't end up with a bunch of hardware-specific modules loaded that you don't need.
<RoyK> mathgrad: the generic one works well.
<RoyK> rbasak: that's configurable in initramfs if you really bother to trim the size of that down. otherwise, well, it's just a small lump eating some space on the root drive
<RoyK> linux only loads loadable drivers anyway, that is, to existing hardware
<technoob> Hey guys
<technoob> I have a question
<technoob> What are my option to connect to my home server a nuc running ubuntu server without lan cable and also i dont have a wifi router
<RoyK> nuc?
<technoob>  What are my option to connect to my home server a nuc running ubuntu server without lan cable and also i dont have a wifi router
<RoyK> what is nuc?
<technoob> Its just a fancy word for a headless pc
<RoyK> I just wonder how you're going to connect to that without a network connection
<technoob> Yep was just asking if it was at all possible
<technoob> Haha
<technoob> Maybe it isnt
<technoob> Would me buying a mini wifi usb solve this?
<RoyK> Sounds secure enough, though. I remember a teacher told me back in the ninetees that a server, without a network connection, shut off and sunk in the Mariana Trench in a few tons of concrete was perfectly safe
<technoob> Like it makes it a wifi server
<technoob> Lol im not talking about safe
<technoob> I just want ways to access it
<RoyK> then you need a network connection of sorts
<technoob> Because currently didnt bring my lan cable or my router
<RoyK> and you'll probably need console access to it to configure the network
<RoyK> wifi or ethernet doesn't matter
<RoyK> technoob: do you have a console (as in a monitor and keyboard) to that thing?
<smoser> could someone take a look at https://code.launchpad.net/~slingamn/ssh-import-id/+git/ssh-import-id/+merge/389139
<rbasak> smoser: sure I'll take a look tomorrow. Are you happy with it? Have you reviewed/tested/etc?
<smoser> i just think that at this point canonical-server is ultimately responsible, so.. that team should "own" it.
<angry_route> Hi! I have an old Debian distro running as my router, and IÂ´m thinking about switching to the newest Ubuntu LTS, afaik the only problem that IÂ´ll face is the pppoeconf part, probably because of the netplan implementation. Does anyone has any experience with it? Thanks!
<mason> angry_route: I briefly had 20.04 as my firewall in a pinch when my existing firewall toasted itself a while back. Worked fine with the same pppoe config I used with Raspbian previously.
<mason> It was before 20.04 was actually released, but I can't imagine pppoe destabilizing since then.
<angry_route> As long as I manually install the ppoeconf package after the server install right?
<mason> angry_route: I probably wasn't running netplan, but I don't remember for sure. Worst case, you can use all the options you have now.
<sarnold> angry_route: hmm, from the 18.04 timeframe https://askubuntu.com/questions/1164093  -- and from 17.10 timeframe, another thing with more details https://askubuntu.com/a/1053685/33812
<mason> Easier still. I'll pipe down now.
<angry_route> Thanks for all the help! I think I can give it a try now :)
<mason> angry_route: Have fun!
#ubuntu-server 2020-08-18
<Aison`> It looks like I have some kind of ddos attack to my DNS servers
<Aison`> both ubuntu bind9 servers keep segfaulting after many thousend of requests
<Aison`> see here: https://dpaste.org/SX29#L16
<Aison`> maybe I can block the IP with fail2ban somehow?
<Aison`> BIND 9.16.1-Ubuntu (Stable Release) <id:d497c32>
<sdeziel> Aison`: are you using the latest bind9 version: 1:9.16.1-0ubuntu2.2
<Aison`> yes
<sdeziel> Aison`: OK good. Could you run a tcpdump capture of the traffic leading to a crash? If you could attach it along with the crash dump to a LP bug, I'm sure it could help having the problem fixed
<Aison`> :( now it stopped crashing
<sdeziel> https://bind9.readthedocs.io/en/v9_16_5/notes.html#notes-for-bind-9-16-5 show a few assertion failures were fixed since the 9.16.1 release
<Aison`> I can not reproduce the sefault
<Aison`> it's just "luck" when it happens
<RoyK> Aison`: IIRC, installing the -dbg package will allow the crash to be dumped through gdb, but not sure if everyhing is automatic
<Aison`> RoyK, there is not dbg for bind
<Aison`> sdeziel, how can I tcpdump the whole udp53 traffic to a file? I can not google it right now ;)
<RoyK> tshark tshark -f "udp and port 53"
<RoyK> without the first tshark ;)
<RoyK> tshark is the new tcpdump
<sdeziel> Aison`: otherwise: tcpdump -w /tmp/dns.pcap -ni $iface port 53
<sdeziel> Aison`: DNS also happens on TCP/53 so I'd capture both
<Ussat> OK, so this is on Ubuntu 18.04, andone want to take a look and lend a hand with a syslog-ng issue ? https://pastebin.com/EV7km0QW\
<oerheks> Page not found.
<oerheks> use paste.ubuntu.com :-D
<sarnold> it's https://pastebin.com/EV7km0QW
<sarnold> and it requires rather more syslog knowledge than I've got
<oerheks> oh i see, hit the enter+\
<sarnold> hehe, yeah, I saw the contents just a few minutes earlier from another shared channel earlier and knew that it worked :) hehe
<oerheks> i'll remember that ..
<RoyK> just don't use pastebin dot com - it's a spmmer - there are several places that are better to use. I stick to paste.debian.net, but that's just me
<Ussat> ...fine whatever
<Ussat> I have never had an issue with pastebin
<RoyK> it's just that it sucks and it dumps ads on you if you mention it to a stranger
<Aison> hello i'm still fighting with my ISC DHCP Server who tries to access LDAP for name resolving
<Aison> sadly apparmor is blocking this call
<sarnold> Aison: pastebin your DENIED lines?
<Aison> this is dmesg: [2946488.790491] audit: type=1400 audit(1597781143.428:28280): apparmor="DENIED" operation="connect" info="Failed name lookup - disconnected path" error=-13 profile="/usr/sbin/dhcpd" name="run/slapd-inetserv.socket" pid=1121070 comm="isc-worker0000" requested_mask="wr" denied_mask="wr" fsuid=110 ouid=0
<sarnold> Aison: you'll need to add 'flags=(attach_disconnected)' to your profile, check /etc/apparmor.d/ for a few examples
<Aison> here the profile from apparmor dhcp: https://paste.ubuntu.com/p/Gkv4jsxcjx/
<Aison> I added lines beginning at 29
<Aison> sarnold, ok
<Aison> and dhcpd tries to access also /proc/sys/net/ipv4/ip_local_port_range?
<sdeziel> sounds reasonable to me
#ubuntu-server 2020-08-19
<teward> sarnold: yo be alive
<teward> i need to pick your brain
<sarnold> heya teward
<teward> incoming PM flood
<Aison0> ahhh :-( bind9 keeps segfaulting and segfaulting, no idea why
<Aison0> and it creates a very big "core" file
<Aison0> 800M
<Aison0> 800M on master
<Aison0> 3.6G on slave!
<rbasak> dmesg/kern.log will usually give you the immediate reason
<Aison0> how do I pip stderr to file?
<Aison0> pipe
<rbasak> your-command 2>filename
<RoyK> Aison0: pastebin output of dmesg -T, or at least the relevant lines
<Aison0> dmesg shows simply nothing
<Aison0> but this is the whole bind9 output from start until crash
<Aison0> https://paste.ubuntu.com/p/vQZqkMxZKN/
<RoyK> how long does it take?
<Aison0> 10-15 seconds?
<Aison0> but it depends
<Aison0> sometimes longer
<rbasak> I suspect you have filesystem corruption or a hardware fault there
<rbasak> Especially if dmesg output really is blank
<sdeziel> it's not segfaulting but tripping on an assert()
<RoyK> Aison0: I'd start out with monitoring the process with top or htop and look for memory usage. with the sizes of those dumps, it smells like a memory leak
<sdeziel> if those bind servers are caching resolvers, this could explain the size of the core dumps. The assertion is worrying though
<RoyK> still, if it takes so short a time for them to crash, it should be easy to just follow the mem usage for both process and system (and swap, of course)
<RoyK> but then, if that happened, there should be an OOM showing up in dmesg
<Aison0> RoyK, it really depends. Now it works for several minutes
<Aison0> it also worked over night
<RoyK> Aison0: how many clients do you have, using that server?
<Aison0> before my message, it started crashing every few seconds
<RoyK> or those
<Aison0> RoyK, around 200
<RoyK> not a lot, then
<Aison0> no
<Aison0> it also worked for a long time now
<Aison0> this setup is not new
<RoyK> has there been a bind update recently?
<Aison0> rbasak, I don't think it is a hardware problem. It happens on primary and secondary server, which are completely different
<RoyK> agreed - this does *not* smell hardware issues
<Aison0> for what is this "core" file good for?
<genii> understanding the state of the system at the time the problem occurred
<Darkhunter> Hello, is there a change to use LVM raid during installation?
<RoyK> Aison0: you can run 'gdb bind core.xxx' and then run a backtrace to check where it failed. it'll normally require symbols, though, which may not be there
<RoyK> Aison0: I guess that'll be gdb named core.xxx, though
<teward> *pokes rbasak* got a few minutes?
<Aison0> are there any ppa with newer versions of bind that I can try?
<lotuspsychje> Aison0: we usually advice to use packages from the repos on ubuntu, specific for your ubuntu version
<lotuspsychje> and/or snaps
<sdeziel> Aison0: https://launchpad.net/~isc/+archive/ubuntu/bind seems reputable enough
<sdeziel> lotuspsychje: I agree with you but in this case, bind9 (9.16.1) is tripping on assert() and ISC upstream fixed a bunch of assertion in later 9.16.X
<lotuspsychje> ah nice, yeah some cases might be useful
<lotuspsychje> nice find sdeziel
<Aison0> sudo add-apt-repository ppa:isc/bind
<Aison0> Cannot add PPA: 'ppa:~isc/ubuntu/bind'.
<Aison0> ERROR: '~isc' user or team does not exist.
<Aison0> :P
<Aison0> rofl, bind just crshed again
<Aison0> that's why it is not working ^'^'^
<oerheks> make sure you have software-properties-common installed, ppa:isc/bind is working here.
<rbasak> teward: o/
#ubuntu-server 2020-08-20
<Aison0> bind9 from bind repository seams to be stable so far
<Aison0> but maybe it is just luck
<Aison0> :D
<Aison0> how do I have to change the systemd bind9.service file, so that the server is directly restarted after exiting?
<rbasak> See Restart= in systemd.service(5)
<RoyK> Aison0: does it still die?
<sdeziel> Aison0: "sudo systemctl edit named" (the service was renamed to named with 20.04)
<Aison0> sdeziel, here it is bind9.service -> /lib/systemd/system/named.service
<Aison0> ok, maybe because of upgrade
<sdeziel> Aison0: oh, that's because the named.service provides an Alias=bind9.service
<sdeziel> I run mine with "Restart=on-failure"
<RoyK> sdeziel: that should be the default, but should fail after some attempts if the error repeats
<sdeziel> RoyK: oh, didn't know it was the default but yes, there is a limit to how fast restarts are done to avoid DoS'ing the machine
<sdeziel> RoyK: man systemd.service(5) says Restart=no is the default
<sdeziel> and then > on-failure is the recommended choice for long-running services
<Psi-Jack> This is a very strange new thing. I installed Ubuntu 20.04.1 onto a VM in Proxmox VE. Bare minimums only. Convered it to a template, cloned that into a new VM. cloud-init didn't generate a new host key, heck it even somehow had the same IP and I'm not sure how or why. It didn't act new and re-generate anything.
<rbasak> AIUI, cloud-init detects that it's on a different host by detecting that the instance-id has changed
<rbasak> The instance-id is provided by the VM environment - for example through the Amazon metadata service when on EC2.
<rbasak> So you might be able to reduce your problem to: what instance-id did cloud-init pick up from Proxmox, did it change, and if not, why not?
<Psi-Jack> Hmmm never had a problem before. Heck even Debian 10 works fine.
<rbasak> Oh, and also: I installed Ubuntu 20.04.1 onto a VM in Proxmox VE
<rbasak> Why didn't you use a cloud image?
<rbasak> If using the installer, I think *it* generates the instance id, and so cloud-init will use that and it will never change?
<Psi-Jack> Why would I?
<sdeziel> maybe you could "reset" cloud-init with https://cloudinit.readthedocs.io/en/latest/topics/cli.html#clean ?
<rbasak> The installer isn't intended for the cloud use case.
<rbasak> Our cloud images are intended for the cloud use case.
<rbasak> All the installer is doing is configuring a cloud image for non-cloud use anyway
<rbasak> If I'm right, the behaviour you're seeing is by design
<rbasak> And (again only if I'm right with my assumptions here) Debian works because you installed cloud-init manually there, and it wasn't configured by the installer for a non-cloud use case.
<Psi-Jack> Yeah well using a cloud image in this use case adds complications and doesnât allow for âGolden imagesâ
<rbasak> Why not?
<rbasak> Ubuntu cloud images _are_ "golden images" and they are customisable to produce your own custom "golden images".
<Psi-Jack> Hmmmm.. I suppose I can try. I found some documentation on how to use proxmox-ve CLI tools to use the ubuntu-cloud images, and thought it'd be more difficult.
<Psi-Jack> Well, after some work, it is indeed, working.
<Psi-Jack> Well, save for the display issue, which seems to work better with it associated to a serial socket.
#ubuntu-server 2020-08-21
<sdeziel> Aison0: I'd like to hear from you if the just released bind9 update ( 1:9.16.1-0ubuntu2.3) fixes your crashes/asserts?
<hpusysadmin> Hello!
<hpusysadmin> I am needing some help with a microsoft active directory authentication.
<hpusysadmin> It works and I am on the realm, I can authentication, it all works but one part: passwd/kpasswd
<hpusysadmin> When I use either I get an error regarding tokens or complexity, in the log it states '[sssd] [confdb_expand_app_domains] (0x0010): No domains configured, fatal error!'
<hpusysadmin> Although when I set the flag on the Microsoft AD to 'change password upon next logon' it successfully applies the password change to the account.
<hpusysadmin> Any ideas?
<z4kst4r> what is the difference between setting the timezone with `timedatectl set-timezone Asia/Tokyo` vs `dpkg-reconfigure tzdata`. Do both do the same thing as change the file /etc/timezone?
<Slashman> hello, I know that the ubuntu team did merge some upstream patches from openzfs into the 0.8.3 version for focal, does anyone knows if https://github.com/openzfs/zfs/pull/9749 was one of the patches?
<mason> Slashman: Is there a launchpad equivalent? If so, you might find it in "apt changelog zfsutils-linux"
<mason> Slashman: AH, yeah:   * Backport AES-GCM performance accelleration (LP: #1881107)
<ubottu> Launchpad bug 1881107 in zfs-linux (Ubuntu Groovy) "zfs: backport AES-GCM performance accelleration" [Medium,Fix released] https://launchpad.net/bugs/1881107
<Slashman> mason: thanks!
<mason> Slashman: happy to help
<Aison> nice, there is a new bind9 version, 9.16.6
<Aison> I hope my problems with a crashing bind9 are gone now
<RoyK> Aison: probably best to file a bug anyway
<RoyK> Aison: unless the new version is in ubuntu already, that is
<Aison> RoyK, i'm already in contact per email with the isc security officer
<Aison> they told me that they are aware of that problem
<Aison> and they hope it is fixed in 9.16.6
<Aison> if not, I have to send them directly the core dump files
<Aison> (per email)
<RoyK> ok
#ubuntu-server 2020-08-23
<runelind_q> I'm having issues with Ubuntu 20.04 on my rpi4.   linux-image-raspi is being held back because it depends on crda which is not installable
<Aison0> hello
<Aison0> I converted my root fs to btrfs
<Aison0> and then I added a 2nd drive and converted the btrfs to raid1
<Aison0> so far so good
<Aison0> Now I would like the possiblity to boot from both devices
<Aison0> update-grub creates the entries as expected
<Aison0> but booting from one disk fails, because initramfs claims that there is no /sbin/init
<Aison0> BTRFS info (device sdb2): balance: ended with status: -28
<RoyK> perhaps try #btrfs
<dragosiku> hi all
<dragosiku> who can hep me with a DNS setup from my provider for forward for email server with ubuntu vps ?
<Repox> Hello. I'm having some issues with the Nginx service stopping sometimes. Doing a nginx -t gives no errors or warnings. This is what is in the syslog: https://hastebin.com/pevosovumo.log (doing a cat syslog | grep nginx) . Might anyone know here to look?
<Repox> *where
<tds> RoyK: the timing there seems a bit suspicious; does that always happen at midnight?
<tds> ugh, repox
<tds> oh, they're gone :/
<lystra> Hi. We are upgrading a server from Ubuntu 16 to 20. On the 16 server, we are using getuid_callout in /etc/multipath.conf to fetch the WWID. This is deprecated in Ubuntu 20 so we are using "uid_attribute ID_SERIAL" instead. However, when I do this, multipath -v4 -ll shows entries like "sdc: serial =" (https://gist.github.com/twwlogin/77abf960c964f03e0ca746f7dbe1157f). So, whatever multipath is doing to detect the WWID isn't work.
<lystra> /lib/udev/scsi_id --whitelisted --device=/dev/sdx does work so how do we get multipath to use that?
<lystra> What's odd is that "udevadm info --query=all --path /sys/block/sdc | grep ID_SERIAL" returns a valid WWID.
<tomreyn> !yy.mm | lystra
<ubottu> lystra: Ubuntu version numbers are: YY.MM (YY=release year,MM=release month). Each year sees two releases, so just specifying YY is imprecise. See also https://www.ubuntu.com/about/release-cycle
<lystra> Yeah, just shortening 20.04.1 -> 20 and 16.04.6 -> 16.
