#ubuntu-server 2006-02-06
<Unfun> Hello all
<Unfun> Anyone know if it's possible to get ServerWorks HT1000 SATA controller working on ubuntu-server 5.1
<Unfun> ?
* irvin is away: I'm busy
<pabs_> can anyone assist me with " 500 OOPS: could not bind listening IPv4 socket" error with vsftpd?
<maswan> pabs_: probably, the local ftp port that vsftpd wants to listen on is already busy
<maswan> perhaps an old ftpd process?
<pabs_> ya your right
<pabs_> I killed all vsftpd processes
<pabs_> and i think im running@
<pabs_> :-D !!!
<pabs_> i was actually trying to connect locally
<pabs_> and got that error
<pabs_> man o man that was chore getting that up and running tonite
<pabs_> im new to linux :)
<pabs_> maswan thanks for your help man
<pabs_> appreciate it
<maswan> enjoy!
<spike> I'm running out of ideas and resources..., so, anybody with cisco experience?
<maswan> Well, some of ther smaller switches are just overpriced, I avoid the rest?
<spike> I'm having an hard time setting up a vpn between a pix 501 and a cisco vpn client
<maswan> never touched vpns
<fabbione> spike: good luck!
<fabbione> pix 501 sucks
<fabbione> and it also depends what cisco vpn client you are using
<fabbione> because they have 2/3 different ones according to the vpn concentrator
<spike> fabbione: cisco vpn client 4.8.0
<fabbione> spike: i lost my CCO account when cisco has been hacked
<fabbione> didn't even bother to reenable it
<spike> the thing is, it's a weird test bed, I get the vpn, but then cant ping/access what's on the other side
<spike> but the more I check ACLs and stuff, the more it looks fine
<fabbione> did you check that the client is setting default gw over the vpn?
<fabbione> iirc there is a setting on server side to force such a thing
<fabbione> or a client option
<fabbione> that you don't want the users to be able to override
<fabbione> hence you set it on the server
<fabbione> anyway cisco vpn are extremely easy to hack :)
<spike> fabbione: yes, gw is over vpn. the option should be split-tunnel
<spike> but yes, the packets get to the pix, so that's not the prob
<spike> I can see them all with show capture
<spike> the problem is accessing boxes on over the vpn, packets stop at incoming interface and never reach the other one
<spike> fabbione: so it must be something ACL related, that would sound obvious, but I've just got one (test bed for a specific scenario), so, mh, I'm kinda sure I got it right
<ealden> MarioMeyer: ping
<MarioMeyer> ealden, pong
<Unfun> Hello
<Unfun> Anyone in here?
<spike> yeah, but all dead
<fabbione> yup
<Unfun> I just bought a brand new dual core amd 1U server and i can't get ubuntu-server to recognize the HT1000 ServerWorks SATA controller
<Unfun> Is there a driver in the works or no?
<spike> fabbione: so far nobody flamed me for the apache post, but I havent got a reply either :)
<fabbione> Unfun: you will need to try dapper CD's
<Unfun> http://www.siliconmechanics.com/i4442/opteron-server.php
<fabbione> i don't think .12 does support it
<Unfun> How unstable is dapper?
<fabbione> spike: i have been feeling really bad today
<fabbione> Unfun: quite unstable
<Unfun> I may just install on a usb drive
<Unfun> compile a kernel
<fabbione> spike: so were the other 2 apache maintainers...
<spike> fabbione: oh, doh, sorry to hear about that
<Unfun> Then copy it over
<fabbione> spike: we got some kind of food poisoning or something..
<spike> eeewww, that sux
<fabbione> yes
<fabbione> we are not going too well these days
<fabbione> doing even
<spike> fabbione: then it must be that that made you you define hw "desperate" instead of "disparate" ;)
<fabbione> possibly
<spike> and it must be my lack of sleep that makes me double words...
<spike> anyway
<spike> fabbione: btw, I solved that vpn issue :)
<fabbione> ah nice
<spike> as of 2 days playing with cisco stuff, I dont definitely like it...
<fabbione> i don't like their firewalls/vpn solutions
<fabbione> i don't mind switches and midrange routers
<spike> expecially traffic analysis, not really comparable with iptables logging / tcpdump
<spike> both debug and capture miss useful features
<spike> I'm running IOS 6.3, tho, something better might be available in 7.0
<fabbione> yeah probably more bugs
<spike> eheheh
<spike> what it is really scaring is default licences wont support aes, so u're stuck to DES
<fabbione> useless
<fabbione> is it at least 3DES?
<fabbione> perhaps one day i will show you how to hack the vpn client :)
<spike> fabbione: ehehe, I'll keep waiting for that day :)
<fabbione> spike: eheh
<fabbione> i am off now
<fabbione> cya tomorrowq
<jbwiv> hey guys, what is the status of ubuntu-server? Is it ready for use, or should I stand by? I've got a Suse server that just got hacked, and thinking about either Debian or Ubuntu...
<lionelp> hey jbwiv
<lionelp> you can start using Ubuntu as a server
<lionelp> some improvement will occur on the next release, but there is since the breezy release (5.10) a server release
<jbwiv> lionelp: will I need to wipe and reinstall in the next release
<Unfun> No
<jbwiv> or can I apt-get dist-upgrade?
<lionelp> absolutely no !
<lionelp> yeah, just dist-upgrade
<jbwiv> good, good
<jbwiv> does apache by default run chrooted?
<jbwiv> in the server version?
<lionelp> no
<lionelp> it is the classical install, like the Debian one
<jbwiv> lionelp: is there a package that will do this easily? Ah...ok. Is harden and bastille available via apt?
<lionelp> jbwiv: a package to easily do that is planed but not yet available
<lionelp> yes, harden and bastille are available via apt
<jbwiv> lionelp: ok, is harden and bastille available, as it  is in debian?
<jbwiv> ok, thanks ;)
<lionelp> you can check it on http://packages.ubuntu.com
<jbwiv> lionelp: one last question...
<lionelp> no pb :)
<spike> jbwiv: just in case: it's technically a *very* poor countermeasure, but mounting /tmp noexec stops 99% of the attacks, since they're as poor as the countermeasure itself
<jbwiv> what would you argue is the reason to go with ubuntu server in it's current state, as opposed to debian?
<spike> hey ubijtsa
<lionelp> jbwiv: not to be obliged to wait three years for a new release :)
<jbwiv> spike: heh...here's what I faced this morning: wwrun   20533     1  0 Feb16 ?        00:00:00 /tmp/.tmp/public_html/s
<jbwiv> > 67.15.63.112 53
<lionelp> on the next release (Dapper, that will be available in april), some meta packages and a support for 5 years will be available
<spike> jbwiv: that in a few months u'll have chances to seamlessly get lots of server related improvements
<ubijtsa> lo spike
<jbwiv> woops...well, you get the picture.
<jbwiv> exploit running out of tmp on the suse box ;)
<spike> out ot /tmp ?
<jbwiv> spike: yep
<jbwiv> so, you're advice is wise ;)
<spike> that doesnt look out of /tmp to me..
<jbwiv> mounting noexec
<spike> aaah, ok
<jbwiv> /tmp/.tmp/public_html/s
<spike> out of tmp, I read it as , not in /tmp
<ubijtsa> hmm.. /tmp should probably be mounted nodev, noexec
<spike> yep
<jbwiv> the command was /tmp/.tmp/public_html/s > 67.15.63.112 53
<spike> yes yes, sorry, just misunderstood ur comment "out of tmp"
<jbwiv> only way I caught it is the damned thing was DOS'ing my firewall
<jbwiv> ah, ok
<jbwiv> so, guys, what you're telling me is that ubuntu-server is ready for use, regardless, right? It doesn't seem to be very buzzy in terms of community and portal, but I may be not looking in the right place. That was my only concern. I use it on the desktop ;)
<spike> indeed, I brought up to attention that more than once, but they said "it's ok to run it within the ubuntu framework"
<spike> jbwiv: it's ready, just not super-accessoried 'till april
<spike> jbwiv: but you wont lose anything compared to debian, and have a huge gain in a few months without reinstalling
<jbwiv> spike: done deal then...thanks!
<jbwiv> by the way...very glad to see this project in existance!
<spike> I'm off, c u guys
<ubijtsa> I am seeing some _really_ bizarre things in kde 3.5.1
<ubijtsa> xkb is b0rked to the point I have had to disable it.. no keymaps available etc..
<jbwiv> quit
#ubuntu-server 2006-02-07
<Xoritor> has anyone setup fastcgi on ubuntu?
<Xoritor> anyone setup fastcgi?
* netjoined: irc.freenode.net -> brown.freenode.net
<spike> do you guys know packet generators like scapy?
<spike> packet generator libs/framework to be precise
<spike> not stuff like hping
<spike> uhm, what's up with mod_alias?
<spike> there's no mod_alias in /etc/apache2/mods-available/
<spike> fabbione: how u doing? feeling better?
<fabbione> hey spike
<fabbione> yeah thansk
<spike> the asking ans apache question werent related :)
* spike shrugs
<spike> sometime my english totally goes nuts
<spike> anyway
<spike> I was gonna use RedirectMath and found out there's no mod_alias available in mods-available
<spike> but uhm, Alias works and it requires mod_alias, is that module compiled in?
<fabbione> man apache2ctl ?
<fabbione> there is a ctl option to see loaded modules
<fabbione> or even compiled in
<spike> oh, -l
<spike> yes, it's compiled in
<spike> fabbione: tnx
#ubuntu-server 2006-02-08
<pabs_> ok whos ready for an easy noob question :/
<pabs_> how do i start blackbox from the command prompt?
<pabs_> ok i figured it out lol....
<pabs_> now i just need to get a terminal in blackbox
<pabs_> :|
<ealden> MarioMeyer: ping
* netjoined: irc.freenode.net -> brown.freenode.net
<visik7> why evms are started at boot ?
<fabbione> because if you use evms you need it
<fabbione> and the script doesn't really do much itseld
<fabbione> itself
<visik7> but there is no evms install options
<fabbione> so? you can install use it later on. evms can take over lvm2 disks for example
<visik7> ah
<visik7> is there some guide about lvm/evms
<fabbione> and you don't need to worry about installing the package if you start using it
<fabbione> not that i know of
<visik7> do u use lvm ?
<fabbione> i am not familiar with evms myself
<spike> eheeh, seems I'm not the only one complaining about it being there :P
<visik7> and lvm ?
<fabbione> i prefer lvm2 but that's a personal choise
<visik7> I can't get the differences between lvm and evms
<fabbione> they both do similar things
<spike> visik7: userland tools
<fabbione> they just get to it in different ways
<spike> that's the only diff
<fabbione> spike: not only
<spike> not even that different afaik
<fabbione> they configure the device-mapper in differnt ways
<fabbione> evms has also the concept of raid iirc
<spike> brb
<visik7> fabbione: I have an external disk how can I snapshot the current system that is an ubuntu installed with lvm ?
<fabbione> visik7: snapshot as in an lvm snapshot or a backup?
<fabbione> because the 2 are completely different things
<visik7> ah
<visik7> maybe I misunderstood something
<visik7> a copy of therunning system to restore in case of emergence
<visik7> so yes probably a backup
<fabbione> it's a backup
<fabbione> but
<fabbione> you can achieve backup via lvm snapshot
<fabbione> the question is that with an external drive i assume you want a normal backup
<fabbione> because playing with lvm snapshot can be tricky if you don't understand lvm
<visik7> so if a lvm snapshot isn't a backup what is it ?
<fabbione> visik7: it can be used as backup, but not on an external disk that you plug/unplug
<visik7> it must be connected from the boot ?
<fabbione> yes
<fabbione> and you can't unplug it
<fabbione> lvm snapshots record deltas of metadata
<fabbione> not the entire thingy
<fabbione> metadata and data sorry
<visik7> yes I understand the problem
<visik7> so
<fabbione> example:
<visik7> to backup using lvm the way is ?...
<fabbione> you have your /foo on lvm
<fabbione> and there is a file called bar
<visik7> a kind of cow
<fabbione> i make a snapshot of that
<fabbione> mount the snapshot somewhere
<fabbione> and create a file called bar
<fabbione> baz sorry
<fabbione> baz will appear only on the snapshot
<fabbione> file bar is in both
<visik7> mmm
<fabbione> but it stored on the real system only once
<visik7> so is not what I need
<fabbione> you want a normal backup
<fabbione> specially if you don't know lvm concept of snapshot
<fabbione> that again.. can be used as backup if you know what you are doing
<visik7> it's the root partition so it's complicate to snapshot as backup
<visik7> I've to reboot
<fabbione> iirc snapshot can be done live
<fabbione> check the man page
<fabbione> it's explained
<visik7> which of 40 commands related to lvm ?
<fabbione> man lvm
<visik7> yes there's a short explaination and then a SEE ALSO section of 40 commands
<fabbione> the 40 commands are all symlinks to lvm binaries just to help users understsand what they are doing
<visik7> ah
<visik7> :)
<visik7> I think it's more complicated than a single blinary
<visik7> is there some references on ubuntu wiki ?
<fabbione> visik7: check lvm documentation in /usr/share/doc/lvm2
<fabbione> visik7: these anyway are really basic questions you can ask in #ubuntu
<visik7> ok
<MarioMeyer> ealden_, ping
<ubijtsa> hohum...
#ubuntu-server 2006-02-09
<MarioMeyer_> ealden, ping
<ealden> MarioMeyer_: ping
<tschwall> Hi, is http://www.openqrm.org a topic for ubuntu-server? Seems to have a lot of potential.
<fabbione> possibly
<fabbione> did anybody packaged/tested it?
<tschwall> http://www.linuxworld.com.au/index.php/id;1950523229
<tschwall> > OpenQRM supports the two leading distributions of Linux from Red Hat and Novell. The company is seriously looking at also supporting the Debian and Gentoo Linux distributions
<tschwall> Maybe one should do some proactive stuff here..
<fabbione> mail mdy@canonical.com
<fabbione> and explain to him about it
<tschwall> ok, perfect.
#ubuntu-server 2006-02-10
<[g2] > where would be a good place to start for building a customized server ?
<tarvid> installed webmin-slbackup and it does not appear in the webmin menus
<tarvid> the module appears to have been installed /usr/share/webmin/slbackup/WebminSLBackup.pm
<tarvid> it is in webmin.acl
<tarvid> it is not in module.infos.cache
<tarvid> it is in module.info in the source
<tarvid> i have both /usr/share/webmin-1.250 and /usr/share/webmin
<tarvid> slbackup is in /usr/share/webmin but not in /usr/share/webmin-1.250
<tarvid> could that be the problem?
<tarvid> After much stumbling about, I found the problem. webmin updates via different directories in /usr/share
<tarvid> ubuntu installs to a directory without the version suffix
<Mercury> I'm trying to move my server over from the user land NFS server with ugidd (which more or less works, but which has some Issues), to NFSv4 with the kernel land NFS server.
<Mercury> At the moment I have some progress, it gets mounted fine, ls -l on stuff shows the proper usernames, with the ones that only exist on the server shown as nobody.
<Mercury> However as best I can tell, for actually _accessing_ files the raw UID is used, and I can't for the life of me figure out _why_.
<Mercury> Any suggestions?
<Mercury> Yep, it is most definitely doing the proper translation when going from the server to the client, but it doesn't seem to be for going from the client to the server.
<Mercury> And..  I don't know enough about the workings of nfsv4 to debug this properly, hrm.
<lionelp> NFSv4 is not currently considered as stable
<lionelp> it is still exeperimenting stuff
<Mercury> Understood, but I'd still like to track down this problem.
<lionelp> I search the web few weeks ago, and i do not found viable informations :-(
<lionelp> yes, no pb
<Mercury> Did you have the same problem?
<lionelp> non, i did not try yet to migrate NFSv4
* Mercury nods.
<Mercury> Alright, this has one, simple, itty bitty question..  Why the hell is the client sending back UIDs instead of names?
<spike> Mercury: what's the subject? LDAP?
<Mercury> spike: NFSv4.
<Mercury> spike: I have a problem, after poking at things a bit I've come to the conclusion that the clients are not sending user names back, they are sending UIDs back, which makes no sense at all.
<spike> Mercury: uh, sending back user names? what are you doing and what's not working?
<spike> Mercury: have you run tcpdump and sniffed the traffic? that would clear out any doubt on what clients are sending back
<Mercury> spike: I have.
<Mercury> spike: The server is sending <user>@<domain>, nice and dandy.
<Mercury> spike: The client is sending the UIDs, not even in ASCII.
<Mercury> spike: This, of course, completely breaks the ID mapping.
<Mercury> spike: And I can't figure out _WHY_.
<Mercury> spike: Any ideas?  Any at all?
<Mercury> spike: A known working configuration?  Anything that might help?
<spike> Mercury: nope, sorry, I thought it was some ldap related prob
<Mercury> spike: Alright.
#ubuntu-server 2006-02-11
<tarvid> I have 7 breezy servers and 5 mandrake
<tarvid> rdiff-backup version is different on the two sets
<tarvid> i used alien to build rpms of the debs
<tarvid> but when i try to install them on mandrake, rpm complains of a missing linux-gate.so.1
<tarvid> any suggestions?
<fabbione> meh?
<fabbione> what are you trying to do exactly???
<tarvid> run rdiff-backup on an Ubuntu machine to backup files on a mandrake machine
<fabbione> ok and what is the problem?
<tarvid> rdiff-backup fails when the versions are different
<tarvid> rdiff-backup 0.13.4
<tarvid>  on Ubuntu
<tarvid> 0.13.3 on a Mandrake 10.x machine
<fabbione> alien won't help
<fabbione> find 0.13.4 for mandrake
<fabbione> already in rpm format
<tarvid> 0.13.4 is getting moldy and I haven't found one yet
<tarvid> this is going to be an issue in breezy to dapper updates
<tarvid> what would be the best way to suggest the upstream maintainers address the version issues?
<fabbione> tarvid: mail them?
<spike> fabbione: I'm running out of ideas, so I'm asking you as well: does it happen you know of any policy priority issues with cisco appliances?
<spike> at isakmp stage, this pix doesnt go through the available policy but stops after trying number 1
<fabbione> spike: no idea.. too long that i don't play with cisco
<spike> ok, np, tnx
<fabbione> sorry..
<spike> unfortunatly the trend it's constant... the more I workon on 'em, the more I hate 'em
<fabbione> that's why i gave up on networking :)
<spike> and the cisco website is awfully organized... I couldnt find changelog for the pix version I have in hours...
<fabbione> i know
<fabbione> have been there
<spike> fabbione: so what do you deal with now?
<fabbione> ubuntu?
<spike> if you gave up on networking I mean
<spike> yeah, but not doing sysadmining at all?
<spike> working as coordinator, devel?
<fabbione> i do the bare minimum for my home network
<fabbione> spike: i have been working for Canonical for the last 2 years (almost)
<spike> I see
<fabbione> and i do only devel
<fabbione> the net/sysadm stuff i do is only for myself
<fabbione> that's really reduced to the bare minimum
<fabbione> but i did work as net/sysadm for a bunch of years
<fabbione> time to stop for now
<fabbione> later
<spike> later
<nictuku> hi
<nictuku> after a long period, I've finally found time to work on the network wide updates prototype
#ubuntu-server 2006-02-12
<ubijtsa2> *grumble*
<spike> hey ubijtsa2
<ubijtsa2> lo spike
* spike tries to not scream and swear
<ubijtsa2> spike: you too?
<ajmitch_> sounds like you're having fun
<spike> nobody should start cs with linux
* ubijtsa2 is trying to netinstall ubuntu-server from a kubuntu ISO
<spike> u should go through windoze, then appliances, and at last nix systems
<spike> the other way around it's pain... I cant stand this crap
<spike> it's just astonishing how dumb this cisco stuff can be...
<spike> and for ho much they payed... /me shrugs
<ubijtsa2> the netinstall hangs when loading isofs kernel module
<ubijtsa2> *bugger*
<spike> how can you design a fw appliance and not plan traffic dump filters!?!?
<spike> it's just bloody stupid
<spike> how hard it was to implement somethinglike tcpdump?
<spike> bah
<maswan> spike: firewalls are bad, mmkay?
<spike> maswan: eh? mmkay?
<ubijtsa2> fabbione: quick (or maybe not so) question. when netbooting from an ISO, should it hang on loading the isofs kernelmodule ?
<fabbione> you need another initrd for netboot
<fabbione> you can't use the one from the CD
<ubijtsa2> there is one in the netboot directory
<ubijtsa2> install/netboot/ubuntu-installer/i386/ somewhere on the CD
<fabbione> it shouldn't hang
<fabbione> at least it doesn't here
<ubijtsa2> that is what I thought
<ubijtsa2> this is on an older box tho..
<ubijtsa2> i'll give it a shot with noapic/noioapic/noacpi later.. first I want it not to ask any questions until preseed has been loaded
<ubijtsa2> right. fixed the questions, so now I have left is to bypass the isofs module...
* ubijtsa2 wonders if alright to disable the ide i/f
<ubijtsa2> the box is otherwise scsi, so no problems there
<fabbione> are you sure is not just a bad cd burn?
<ubijtsa2> the ISO is fine, we have installed half a dozen boxes from it
<ubijtsa2> setting ide0=noprobe didn't work either, so that's a no-go
<ubijtsa2> what I have done is to loopmount the ISO, and I am running PXE boot from it
<ubijtsa2> bah, all I want is for it _not_ to try the CD (as it isn't there)
<ubijtsa2> hmmmmm.. bin/hw-detect in the initrd seems to have an answer...
* spike adds to the chorus of pissed-off ones
<spike> :)
<ubijtsa2> would appear I need to comment out some more stuff
<hunger_> allee: I agree with you that all ubuntus should use the same setting for X.
<hunger> Sorry, wrong channel again.
<ubijtsa2> fabbione: located the problem in the end...
<ubijtsa2> dunna what to do about it, but it wasn't isofs module that was the issue
<ubijtsa2> there is a grep running in /proc/scsi/scsi that has hung, and my attempt at cat'ing /proc/scsi/scsi hung as well
<ubijtsa2> the raid-controller in question that ought to be in /proc/scsi/scsi is a "0000:06:01.0 RAID bus controller: Adaptec (formerly DPT) SmartRAID V Controller (rev 01)"
<ubijtsa2> that would suggest the dpt_i2o module is b0rked
<ubijtsa2> http://bugzilla.ubuntu.com/show_bug.cgi?id=17897 describes the problem
* ubijtsa2 will try with the Dapper Flight3 ISO
<spike> *SOLVED*
<spike> I'm goin on vacation after this :)
<desti> hi, is it possible to install ubuntu server with only remote access?
<maswan> desti: do you have remote console?
<maswan> if so, just boot it and do the install via serial console/management processor console.
<desti> i have a running suse 10 64bit system, but only 1gb free diskspace, because i cant resize the large suse partition
<ubijtsa> fabbione: dapper flight3 solved the hang problems I was seeing
<Drac[Server] > How do I configure Apache?
<Pygi> for what exactly? :)
<Pygi> with what modules, support for what, etc
<Drac[Server] > I just want to know where the config file is...
<Drac[Server] > I've never played with Apache before. This is my first server, and I'm learning from experience, etc.
<Drac[Server] > Pygi: *poke*
<Drac[Server] > Oh.
<Drac[Server] > So.. um.. Apache config file... Where is it?
<Pygi> /etc/apache2/
#ubuntu-server 2007-02-05
<Atnan> Hi folks...I know general support is supposed to be done on #ubuntu, but my question was just lost in the sea of discussions.
<Atnan> I'm trying to install ubuntu-server via the alternate CD...but I can only do 'install' and 'expert' from the boot prompt...it says the 'server' image does not exist. Is that the correct behavior, considering it explicitly states that the 'server' option is available?
#ubuntu-server 2007-02-06
<[miles] > guys, anyone awake?
<[miles] > I've got a problem with my home box... Kubuntu 6.10
<[miles] > I installed Bind9, to run my own DNS server...
<[miles] > it works fine, however the Bind9 does not start on boot
<[miles] > yet it's in the /etc/rc.... correctly
<[miles] > and I have to start it by hand..
<[miles] > which is no problem to me, but my girlfriend gets pissed off to hell :D
<[miles] > guys, anyone here?
<mralphabet> .
<[miles] > yo
<[miles] > do you know in 6.10 how the hell to get Bind9 to start on boot please?
<coNP> hey [miles]  
<[miles] > hi coNP 
<[miles] > I "aquire" my wifi connection at home, and I've found it's nicer to run my own DNS...
<coNP> do you have sysv-rc-conf installed? 
<[miles] > however, Bind9 needs always to be manually started
<[miles] > coNP, mmm yeah now I have yeah
<mralphabet> always? how often do you reboot?
<[miles] > coNP, I had a problem with VMware server
<[miles] > I reboot once or twice a day
<coNP> okay, then set bind9 to start for runlevel 2
<[miles] > they've got a new method for runlevels in 6.10 yeah
<[miles] > ?
<coNP> maybe
<coNP> there is
<[miles] > yeah
<[miles] > pretty sure
<[miles] > ah well, when I get home later, I'll look into it
<nihilocrat> does anyone know what an equivalent command for 'chkconfig' for ubuntu would be?
<coNP> what does chkconfig do?
<nihilocrat> it takes a startup script in /etc/init.d and puts appropriate symlinks in /etc/rcX.d directories
<nihilocrat> I remember doing this before on an ubuntu server but I forgot what I did
<nihilocrat> perhaps I set up the symlinks myself, but I doubt it / hope I wasn't sloppy like that
<nihilocrat> :/
<coNP> nihilocrat: noone knows? I might help if you can tell me what chkconfig does... :)
<nihilocrat> I did
<stelis> update-rc.d
<nihilocrat> oh, maybe you got disconnected or whatever
<coNP> yep
<nihilocrat> ok
<nihilocrat> thanks
<coNP> sysv-rc-conf is a nice editor for runlevels
<nihilocrat> neato
<nihilocrat> thanks
<[miles] > guys, anyone know htf to use upstart?
<[miles] > I need Bind9 to start on boot
<[miles] > on 6.10
<coNP> hey [miles] , so update-rc.d does not work?
<[miles] > well, would appear not
<stelis> It should just add symlinks into the rc directories
<[miles] > they are there
<stelis> Hmm
<[miles] > it's this damn upstart crap
<coNP> have you upstart-sysv-compat installed?
<coNP> ehh, it is called upstart-compat-sysv
<[miles] > yeah
<coNP> any error messages?
<coNP> why it would not start
<[miles] > nope
<stelis> What happens if you run "sudo /etc/init.d/bind start"?
<[miles] > it runs
<[miles] > :D
<[miles] > just gonna reboot
<[miles] > brb
#ubuntu-server 2007-02-07
<pfein> any recommended reading for how to maintain (identical) Ubuntu installs across a cluster?
* pfein is fed up with his st00p1d homebrew gentoo solution
<maswan> we use FAI
<pfein> maswan: ?
<maswan> pfein: fully automated installer, any major changes? just reinstall the cluster nodes and they'll be sure to be in pristine proper condition
<pfein> hmm, it'd be nice to do upgrades w/o wiping the disk...
<maswan> sure, there is also fai-softupdate that does that, but it requires you to make your customisation scripts to not fail horribly if they get called twice etc
<maswan> so we don't use that (yet)
<pfein> We deploy our in-house code as an SVN checkout (it's all python), which makes updating trivial.
<maswan> the advantage of having a fai setup is that if a disk fails, you can just reinstall into a new disk and get up and running very quickly
<maswan> anyway, there is probably other stuff around too, that's just what we happen to use
<maswan> and now it is time for me to sleep, 'night
<pfein> that's the sort of setup I'm after... also makes bringing new boxes online ez
<pfein> thanks
<sts> hello folks!
<sts> I just wanted to point out that bug #45694 is still preventing the installation of mysql-server on ubuntu server 6.10. maybe someone could have a look? there hasn't been any comments since 2006-11-23 and since this is one of the main features of ubuntu server that ubuntu's marketing guys are selling, it's pretty awful to see a bug like this open and not beeing worked on.
<infinity> sts: I assume you're using an Intel amd64 machine (Xeon, or such)?
<sts> infinity: yes.
<infinity> sts: Looking into it.
<sts> infinity: it works if you remove the files /var/lib/mysql/ib* before you fire the mysql server up.
<infinity> sts: Yeah, but that's a red herring.
<sts> infinity: but everytime you restart, it's going to fail again, as long as you don't remove these files.
<infinity> sts: It's just a straight up illegal instruction due to a toolchain that was building with optimisation for Opterons.
<infinity> We'll need to rebuild MySQL, and all should be well.
<infinity> Just tackling our toolchain maintainer to make sure the problem's solved in the toolchain before I rebuild MySQL in edgy.
<sts> infinity: ok. when do you think you are you going release the fixed package?
* sts should read what he types
<sts> ;-)
<infinity> sts: Assuming the problem is what I think it is, should be under a week before it trickles from -proposed to -updates.
<sts> aight! great, thank you infinity.
<infinity> If it slips off my radar again, please feel free to bug me.
<infinity> This week's feisty's feature freeze, so there's much headless-chicken action going on with the devel team.
<sts> hehe
<[miles] > guys, anyone awake? I'm still having a headache at home with getting bind9 to start on boot, I think, cos of upstart
<lionel> hi [miles] 
<[miles] > lionel, hello!
<[miles] > lionel, busy?
<lionel> it works well here bind9 on edgy :)
<[miles] > lionel, I don't get it..
<lionel> less than yesterday :)
<[miles] > lionel, I've got Kubuntu 6.10 running at home yeah
<[miles] > and basically, cos I rob my wireless off various neighbours...
<[miles] > I don't want to use DHCP off their routers, or use their providers lame and slow dns
<[miles] > so I installed Bind9
<[miles] > it's set in for 235 to start 
<[miles] > yet it does not
<[miles] > nothing in the logs
<[miles] > nothing showing on boot
<[miles] > screen
<[miles] > ...
<[miles] > nada
<[miles] > has to be manually started every time
<[miles] > now, its pissing me off
<lionel> hehe
<lionel> you have simlink in /etc/rc2.d ?
<[miles] > yep
<[miles] > to the /etc/init.d/bind9 script
<[miles] > believe me, thats all set correctly.
<[miles] > the S and K
<[miles] > bbiam, just gotta speak with someone
<[miles] > back now
<[miles] > lionel, any ideas please as to what I could / should check for?
<lionel> not realy
<lionel> did you check malone ?
<[miles] > wots that?
<lionel> bug tracker on launchpad
<[miles] > ah ok
<\sh> fabbione: any clue on HP P800 SAS/SATA controller and 64bit lba support in our linux kernel? ;)
<fabbione> \sh: what about asking our kernel team? :)
<\sh> fabbione: I thought you have some experience with those hardware stuff ;)
<fabbione> \sh: yes but i am extremely busy and there are 4 kernel team guys that can answer your questions quicker than i can
<\sh> fabbione: kk...I just need some guys with practical experience ;)
<sts> infinity: how is it going with mysql-server?
#ubuntu-server 2007-02-08
<LiENUS> is there an easy to use firewall app for ubuntu-server?
<LiENUS> something that will let me close all ports by default and let me choose which are open, and maybe offer traffic shaping
<lionel> LiENUS: shorewall
<LiENUS> apt-get shorewall?
<LiENUS> whens the next LTS due out?
<LiENUS> and will i be able to go straight to that one from 6.06?
<LiENUS> or will i need to do every step inbetween?
<LiENUS> every version that is...
<Burgwork> LiENUS: I would expect that Feisty+1 might be teh next LTS
<Burgwork> it is not entirely clear whether LTS --> LTS will be supported, although I imagine it will
<LiENUS> cos im installing a LAMP server now...
<LiENUS> oi update time :/
<LiENUS> wee 
<LiENUS> ssh installed
<LiENUS> is there an easy to use apache manager for ubuntu-server?
<LiENUS> ugh i've forgotten how to configure apache
<LiENUS> moving server time :/
#ubuntu-server 2007-02-09
<LiENUS> is there a tspc package for ubuntu im missing?
<LiENUS> how do i add another ip to an interface?
<redham> i have an ubuntu apache2 server, whenever my router is reset, the server does not automatically connect back to the network, is there a way i can get it to automatically connect?
<nich> good evening
<nich> (or whatever might be the appropriate for your local timezone)
<nich> anyone here has any idea of how much memory and disk space would a ubuntu server with LAMP use in a user mode linux install?
<coNP> about 128M, I guess
<coNP> memory, of course
<nich> hum... I'm thinking about running one of those here
<nich> but the bridging configuration makes me feel like configuring an extra machine might be easier :P
<coNP> what about using vmware?
<coNP> it is propriatery (and hence evil) but very useful :)
<nich> thought about it, but it makes me kinda unconfortable (and wouldn't that be even heavier?)
<nich> heavier as in 'resource hungry'
<coNP> maybe
<nich> I'll take a look at shorewall's rules... if it so happens to be easy to move to and back a bridge like configuration, I'll try it
#ubuntu-server 2007-02-10
<coNP> hi jenda 
<jenda> hey :)
#ubuntu-server 2007-02-11
<shafire> hi
<shafire> can it be that ubuntu-server feisty installation is that slow without internet connection? :(
#ubuntu-server 2008-02-04
<osmosis> how can I get LWP::UserAgent  in dapper?
<nealmcb> soren, sommer: some questions are http://www.linux-mag.com/id/4829#comments - is anyone monitoring that?
<nealmcb> s/are/are cropping up at the jeos article - /
<faulkes->            ~.
 * kraut gives faulkes- a terminal
<faulkes-> yes, luckily however I keep this screened ;)
<XiXaQ> does anyone know if I'll be able to test out hardys KVM-stuff in a VMWare guest?
<avatar_> jdstrand: i installed ufw, enabled and all my ssh sessions died
<avatar_> jdstrand: default ipv6 policy seems to be BLOCK
<jdstrand> avatar_: it will flush the policy
<jdstrand> avatar_: flush the rules
<jdstrand> avatar_: only on startup vi initscript or 'enable'
<jdstrand> avatar_: once enabled, it will insert the rules (eg shen using allow|deny)
<jdstrand> avatar_: wrt ipv6, you are correct
<jdstrand> avatar_: next version will have ipv6 support
<jdstrand> (started it today)
<avatar_> at work where are using ipv6 for al of our services :)
<jdstrand> avatar_: ipv6 will be on par with ipv4 when I am done
<jdstrand> avatar_: I will also add a note about ssh to the wiki
<jdstrand> (and README)
<jdstrand> avatar_: I have to flush the rules on enable and startup to make sure the tables are in a consistent state
<avatar_> okay, i already filed an bug (188934) before looking around on irc
<jdstrand> avatar_: ok cool.  thanks for testing it out! :)
<avatar_> i really like the simple pf style syntax
<jdstrand> avatar_: fyi-- you can add rules to ufw before running enable, so this can help in the future
<jdstrand> avatar_: eg 'ufw allow 22 && ufw enable'
<avatar_> i found the before.rules and after.rules
<jdstrand> avatar_: the chains are still flushed, but the port ends up being open
<soren> XiXaQ: What do you mean?
<soren> ivoks: I've got a plan.
<XiXaQ> soren, I'd like to see how hardys new virtualization stuff works in practice, but I don't want to replace gutsy as my os yet.
<soren> XiXaQ: So you want to run kvm inside of vmware?
<ivoks> soren: yes?
<soren> ivoks: It's a plan for how to do things like dovecot+postfix integration in hardy+1.
<XiXaQ> soren, right.
<soren> XiXaQ: I doubt that'll work.
<XiXaQ> me too.. It's worth a shot though. :)
<lamont> soren: if it's a plan that calls for init.d scripts to modify config files, it's not the best of plans...
<soren> XiXaQ: You're welcome to try, but don't expect much :)
<zul> XiXaQ: it probably wont work
<soren> lamont: It's not :)
<soren> XiXaQ: Actually, I wouldnt' even bother trying :)
<ivoks> soren: atm i'm kind of blocked and can't access launchpad :)
<lamont> soren: good
<soren> ivoks: No worries. I havent' written the spec yet or filed a blueprint.
<XiXaQ> didn't work.. :>
<soren> XiXaQ: I'm guessing the vm presented by vmware doesn't expose svm or vmx?
<XiXaQ> right.
<soren> lamont, ivoks: It's something that'll get triggered after dpkg has installed a stack of new packages. You can add rules to it and tell it what to do.. E.g. if a condition like (postfix is installed && dovecot-common is installed) is true and it wasn't the last time we ran, it'll ask you if you'd like to set up the SASL stuff.
<lamont> cool.  that has good potential
<soren> Yeah, that's what I thought. There are a stack of details I need to think through, but that's the gist of it.
<ochoo> hello all, I'm having problem installing pure-ftpd on gutsy
<ochoo> pure-ftpd exiting with error code 252
<lamont> soren: any chance you'll accept that -backport of postfix 2.4.7-1?
<lamont> (and will launchpad even let you?)
<soren> bug #?
<lamont> (gutsy-backports)
<lamont> ah, yes.
<lamont> ScottK: bug number?
<soren> (and why don't you do it yourself?)
<lamont> soren: I prefer to avoid abusing the duck
<soren> meh
<lamont> mostly so that you remind me about bug reports and such... :-)
<lamont> soren: I'm not even sure that LP will accept it, since it's newer-than-hardy
<soren> I didn't know Launchpad even had special logic for backports.
<lamont> it may or may not...
<soren> Is it a gutsy backport?
<soren> I can't seem to find it..
<lamont> yeah
<lamont> 2.4.7-1~gutsy1
<lamont> in theory
<lamont> it might have gotten tossed.
<mathiaz> soren: did you package cobbler for hardy ?
<soren> mathiaz: Not entirely, no.
<mathiaz> soren: do you think you'll make it before FF ?
<soren> No... Should I?
<lamont> soren: no worries - I'll upload 2.5.1 this week (I hope...  iz RC1 now) and then do the spate of backports
<soren> I believe the conclusion at the sprint was that I wasn't going to need it anyway, so if you and Marc needed it for se, I could send the current stuff to you.
<mathiaz> soren: about bug 32067
<ubotu> Launchpad bug 32067 in samba "the security parameter must be set to share, not user, in smb.conf - Smb/Gnome sharing broken" [High,In progress] https://launchpad.net/bugs/32067
<mathiaz> soren: what do you think about setting the status to Won't Fix with a comment like: this issue should be fixed in nautilus-share rather than samba itself
<mathiaz> soren: as samba has a more general audience than the desktop use case referred to this bug.
<mathiaz> soren: this is the approach taken by the EasyFileSharing Spec.
<mathiaz> soren: WDYT ?
<soren> mathiaz: I think that's the sane solution. However, that bug has way too much of an angry mob written all over it.. Just marking it as won't fix will tick them off big time, and it has got my name on it, so I'll be on the receiving end of the hate mails.
<zul> soren: just take one for the team ;)
<soren> Is anyone by any chance have Microsoft Virtual PC running somewhere?
<mathiaz> zul: about bug 185139
<ubotu> Launchpad bug 185139 in mysql-dfsg-5.0 "Default installation does not log to /var/log/mysql.err or mysql.log" [Undecided,Incomplete] https://launchpad.net/bugs/185139
<soren> </longshot>
<zul> mathiaz: yep
<soren> s/Is/Does/
<mathiaz> zul: I'd mark it as Won't Fix
<zul> ok will do
<mathiaz> zul: I think the current situation is ok. The message should be found in /var/log/daemon.log. WDYT ?
<zul> i think 5.1 is doing that now as well, im a bit more of a traditionalist when i like to look for things in /var/log/mysql.* but i dont mind it
<ochoo> about bug 185139
<ubotu> Launchpad bug 185139 in mysql-dfsg-5.0 "Default installation does not log to /var/log/mysql.err or mysql.log" [Undecided,Incomplete] https://launchpad.net/bugs/185139
<zul> mathiaz: its my mysql bug day :)
<mathiaz> zul: are you working on packaging the fixes or just bug triagging ?
<zul> both
<mathiaz> zul: I've uploaded a merge of mysql 5.0.51 and soren should have reviewed it.
<zul> oh?
<mathiaz> zul: may be you can base your work on my merge and upload it once it's all good
<zul> sure...where is it?
<mathiaz> zul: http://people.ubuntu.com/~mathiaz/packages/
<zul> will do
<zul> mathiaz: what about the mysql-doc thats there?
<mathiaz> zul: it needs to be uploaded at the same time as mysql-dfsg.
<zul> mathiaz: ok
<zul> Im just adding my stuff and ill do a test build as well
<zul> and test run, etc
<mathiaz> zul: the current version in restricted has the manual and the man pages, because the man page were not GPL'ed until August.
<zul> oh I see
<mathiaz> zul: the new version of mysql-dfsg has the man page included (they were GPL'ed in August)
<mathiaz> zul: so mysql-doc had to be updated to ship only the manual (which we're allowed to do in the restricted repository)
<mathiaz> zul: I've clarified the issue with MySQL Documentation team
<zul> good thank you :)
<mathiaz> zul: the build takes time now, as it will run all the tests.
<zul> no problem Ill do other things while im waiting
<mathiaz> zul: I've added support for nockech option to skipp the tests at build time.
<sommer> mathiaz: hello, can you give me an example of why do-release-upgrade is best?
<sommer> mathiaz: I seem to remember you mentioning the sysvinit to upstart, but can't seem to find the details
<mathiaz> sommer: do-release-upgrade does more things than dist-upgrade
<mathiaz> sommer: for example, it will take care of removing evms when you upgrade to gutsy
<mathiaz> sommer: that cannot be done using apt-get dist-upgrade
<sommer> mathiaz: ahhh... that's the one I was thinking of evms
<sommer> wasn't evms replaced with something else?
<mathiaz> sommer: yep - I think that's the main issue you have when upgrading a server.
<mathiaz> sommer: I don't think it was replaced. lvm can do pretty much everything evms ca do.
<sommer> gotcha, but there was a boot issue if emvs wasn't removed?
<mathiaz> sommer: correct.
<mathiaz> sommer: I think that's the problem the sender had.
<sommer> cool, I'm working on a upgrade section for the guide, and needed an example of why do-release-upgrade is preferred
<mathiaz> zul: can you make sure that bug 33940 is fixed ?
<ubotu> Launchpad bug 33940 in mysql-dfsg-5.0 "mysql_setpermission broken" [Low,In progress] https://launchpad.net/bugs/33940
<tjaalton> any comments on the libpam-ldap patch?
<zul> mathiaz: it has
<zul> i dropped it for 5.0.51
<mathiaz> zul: could you also take care of bug 153868 ?
<ubotu> Launchpad bug 153868 in mysql-dfsg-5.0 "package mysql-server-5.0 5.0.45-1ubuntu2 failed to install/upgrade -  Access denied for user 'debian-sys-maint'@'localhost'" [Medium,Triaged] https://launchpad.net/bugs/153868
<mathiaz> zul: cool - could you add a comment in the changelog then ?
<mathiaz> zul: I've forgot to mark it as fixed in the merge entry.
<zul> done
<zul> mathiaz: ok doing a test build now
<mathiaz> zul: great - should be ready in an hour (depending on how powerfull your computer is :) )
<ScottK> lamont: I'm here now.  It's pretty much a rule it has to be in a developmental release before we can backport it.
<lamont> ScottK: piffle
<lamont> :-)
<lamont> so I need to upload 2.4.7-1 to hardy, do the backports (you wanna file the bugs for me??) and then I can upload 2.5.1?
<ScottK> Yeah
<ScottK> I'll take care of filing the backport bugs.
<ScottK> For the source backports (which we'll need for dapper - feisty) it doesn't actually have to still be there.  Gutsy is the only one that needs to get executed before you upload 2.5
<mathiaz> zul: for bug 185139, I usually add a comment about the reason why I mark the bug as Won't Fix.
<ubotu> Launchpad bug 185139 in mysql-dfsg-5.0 "Default installation does not log to /var/log/mysql.err or mysql.log" [Undecided,Won't fix] https://launchpad.net/bugs/185139
<mathiaz> zul: It'd help me if I need to revisit the state of the bug.
<zul> sorry about that
<ivoks> lamont: ping
<lamont> ivoks: ack
<ivoks> ivoks: any comments on bug #164837?
<ubotu> Launchpad bug 164837 in dovecot "Dovecot SASL for postfix" [Low,In progress] https://launchpad.net/bugs/164837
<ivoks> er... lamont :)
<zul> mathiaz: it built
 * lamont stabs at his laggy internet connection this morning
<mathiaz> zul: great :)
<lamont> ivoks: the final debdiff doesn't look tragically wrong, assuming it works.  modifying config files in init.d would be a far more ugly and objectionable approach.
<lamont> tasksel may make the most sense for hardyt
<lamont> and see also the ucf comments
<ivoks> i'm also against modifying init script
<lamont> yeah!!!
<ivoks> lamont: so, green light from you for tasksel diff? :)
<lamont> and I do need to run for a few hours - able to actually look at this in more depth in about 5 hours or so.
<ivoks> ok, could you add comment there?
<lamont> if it works.  and make sure that ucf/dovecot gets tested, too.
<lamont> I suppose
<ivoks> so we could finish this; it's about time.. :)
<lamont> heh
<lamont> opk
<ivoks> thanks
<ivoks> see you later
<soren> mathiaz: Oh.. I created a branch of my review queue on my laptop when we were at the sprint. I forgot to merge them when I got home, so I haven't done the mysql merge review. Crap.
<mathiaz> soren: np. zul is doing it.
<mathiaz> soren: but your comments are welcomed of course
<zul> lamont: ping
<lamont> zul: sorta here
<zul> lamont: damn it I forgot the question now
<lamont> that's why we just ask....
<zul> oh yeah for hppa do you actually care if mysql builds on it?
<lamont> sometimes
<zul> ok Ill leave it alone then
<lamont> I'd have to put on my hppa-porter-team-lead for that, and that's not for another 2-3 hours yet.
<zul> heh..
<lamont> hrm... 'hat' goes in there somewhere
<zul> mathiaz: ping
<mathiaz> zul: doiiinggg
<zul> What do you think of this? Server version: 5.0.51-3ubuntu1 (Ubuntu)
<zul> Should it Ubuntu/Hardy or just leave it as it is
<mathiaz> zul: I think Ubuntu is enough
<zul> good for me
<mathiaz> zul: it's Debian in debian ?
<zul> correct
<mathiaz> zul: there is the version number in the message also
<zul> correct..its generated when ./configure is run
<zul> mathiaz: its looks ok to me
<ivoks> lamont: here? :)
<ScottK> leonel: If you're up for doing some research, it would be very useful for me to have a list of all the CVEs open against the released (not backports) version of clamav in Dapper.
<ivoks> anyone has an idea how to setup postfix to verify recipient address on another smtp server (that part i know) and if the recipient doesn't exist, relay that mail to another smtp server (this is a problem)?
<ScottK> ivoks: I suspect you'd need a policy server for that, but I'm not certain.
<ScottK> I think vrfy will just reject it if it doesn't exist.
<leonel> ScottK:   queued ..
<lamont> ivoks: you might have to resort to using the big hammer for that one
<lamont> (aka pipe mailer)
<ScottK> I think it's doable with restriction classes and a policy server.
<ScottK> leonel: Thanks.
<ivoks> hm... any documenation on that?
<ivoks> ah, never mind, i'll look for it
<ScottK> ivoks: http://www.postfix.org/SMTPD_POLICY_README.html for policy servers and if you look in the docs for pypolicyd-spf (source package name) there's a readme on using restriction classes to process mail differently with different policy server results.
<ScottK> Between those two, I think you'll be able so sort it.
<ivoks> i'm looking at that one right now, thanks
<ivoks> thanks for help
<ivoks> see you tomorrow
<mathiaz> zul: isn't bug 186978 fixed in the mysql-dfsg package you've just uploaded ?
<ubotu> Launchpad bug 186978 in mysql-dfsg-5.0 "[mysql] [CVE-2008-0226] [CVE-2008-0227] buffer overflows in YaSSL" [Undecided,Confirmed] https://launchpad.net/bugs/186978
<CarlFK> what is the name of the  kernel package that u-server uses?
#ubuntu-server 2008-02-05
<zul> mathiaz: dang, i must have forgot about it
<Kalamansi> !server configuration
<Kalamansi> !server
<ubotu> Ubuntu Server Edition is a release of Ubuntu designed especially for server environments, including a server-specific !kernel and no !GUI. The install CD contains many server applications. Current !LTS version is 6.06. For more info see https://help.ubuntu.com/community/ServerFaq/ - The #ubuntu-server channel provides specific support
<Kalamansi> hello
<Kalamansi> how to setup file server? so that workstations pc2 xp and pc3 win98 can save and download their files to the pc1 server ubuntu.. thanks
<CarlFK> Kalamansi: ask in #ubuntu - that's a fairly common thing
<CarlFK> Kalamansi: install sama will be step 1
<Kalamansi> CarlFK : sama?
<CarlFK> sorry samba
<Kalamansi> CarlFK : thanks.
<Kalamansi> CarlFK : which server? with GUI or CLI?
<CarlFK> step 2: configure samba to do what you want :)
<CarlFK> um, there is only one server
<Kalamansi> i mean in console without x right?
<CarlFK> for home use, doesn't really matter
<Kalamansi> which you prefer anyway? like more secured
<CarlFK> the less you install on a box the more secure it is
<CarlFK> so install u-server, install samba.
<Kalamansi> u-server?
<Kalamansi> ubuntu CLI?
<CarlFK>  Ubuntu Server
<Kalamansi> which server? 7.10 CLI?
<CarlFK> what ever is current stable
<CarlFK> 710 sounds like it
<Kalamansi> okay ill do 7.10
<Kalamansi> without x window CarlFK?
<CarlFK> right
<CarlFK> no X, no games, no bit torrent, no email, no wine, no browser, no k-recipes, no music palyer, no tv recorder...
<CarlFK> :)
<CarlFK> listing all the things you should not install is going to take much longer than listing the things to install
<Kalamansi> CarlFK : thanks ill install 7.10 without x now
<Kalamansi> CarlFK : server for internet sharing must have no x window too?
<Kalamansi> CarlFK and internet sharing server ubuntu must be separate from file server ubuntu too?
<CarlFK> must? no.   but that is the most likely box to be hacked, so best to have as little on it as posible
<Kalamansi> CarlFK : what i mean is, i have to use two box. one for internet sharing (without x window?) and two for fileserver.
<CarlFK> you don't have to
<Kalamansi> why CarlFK?
<CarlFK> because you can put everything on one box
<Kalamansi> CarlFK : is that okay? what if workstations will upload files?my internet will slow for that?
<CarlFK> it will be fine
<Kalamansi> with 4 nics?
<Kalamansi> CarlFK with 4 nics?
<CarlFK> yup
<Kalamansi> okay thanks CarlFK
<CarlFK> again:  that is the most likely box to be hacked, so best to have as little on it as posible
<Kalamansi> meaning no updates to be downloaded right?
<CarlFK> you should worry abut that more than speed
<CarlFK> no
<Kalamansi> once you installed ubuntu no updates to download
<CarlFK> no
<Kalamansi> ok i got you
<CarlFK> updates come out now and then.  apply them
<Kalamansi> so no updates and upgrades
<CarlFK> no no...'
<Kalamansi> okay all no
<Kalamansi> noted
<CarlFK> I wouldn't put files on it
<CarlFK> well
<Kalamansi> okay all "no" . noted
<CarlFK> everything is a fiel...
<Kalamansi> fiel?
<CarlFK> I wouldn't put personal files on it
<Kalamansi> ok
<CarlFK> assume it is going to be hacked, and everything copied and deleted
<CarlFK> so the firewall / routing config should be the only thing you care about
<CarlFK> get it working, make a copy of the configs, apply updates
<Kalamansi> CarlFK : "firewall" im not good in CLI. but in GUI i use firestarter...what else? what firewall apps to install in CLI?
<CarlFK> but assume that some day the box will be hacked, and you should just wipe the drives and start over
<Kalamansi> CarlFK : what is the example apps of "firewall" and "routing" ?
<CarlFK> well, that gets sticky.  if you are good with something, that is better than making a mistake trying to be better
<Kalamansi> my understand about firewall is - firestarter
<Kalamansi> for routing - its like installing dhcp internet sharing
<CarlFK>  "firewall" and "routing"  are both just iptables settings
<Kalamansi> i see. thats my weakness..i am not good in typos script
<CarlFK> i think firestarter just helps you configure rules for iptables
<Kalamansi> CarlFK : in GUI, yes.
<CarlFK> install u-desktop, install firestarter, and whatever else you need
<CarlFK> set it up, get it working
<Kalamansi> CarlFK : do you have samples of "firewall" and "routing" script?
<CarlFK> make a copy of whatever you would need to save time setting it up again
<Kalamansi> CarlFK but you said before dont install x window?
<CarlFK> http://dpaste.com/33825/
<Kalamansi> im done installing and running firestarter before.. internet is very slow to pc2 and pc3. so i tried installing ubuntu without X, internet seems fast in pc2 win98 and pc3 winxp wotkstation
<CarlFK> it is a trade off between "best" and "done"
<CarlFK> best will be to spend 6 years in college becoming an expert at OS and networking. but you probably don't need to put that much effort into it. :)
<Kalamansi> CarlFK : hehe yeah. i hate school. i learn noob tutorials in my bestfriend's ebook. setting up windows then setting up linux
<Kalamansi> CarlFK but demonoin is down..my only source of tutorials...
<Kalamansi> CarlFK its like 24 hours tutorials setting something
<CarlFK> set up whatever is easiest.  just assume it will be hacked, so make sure you have backups, or just figure it out again if you have to
<sigma> has anyone here used kolab on a ubuntu server?
<Kalamansi> CarlFK hehe reinstall 7.10 again. something wrong.hang up dvd hehehe
<alternate_nick> what is "news" for in /var/log/?
<alternate_nick> exit
<kraut> moin
<kh> aloha.
<hsn_> can someone give me comparsion of ubuntu vs sles? Which is easier to update and maintain? We plan to run ibm db2 server on it
<ScottK> hsn_: You're pretty unlikely to get an opinion here that ubuntu-server isn't wonderful.  Canoncial does provide db2 packages in their 'partner' repository, so there are db2 packages for the distro.
<hsn_> ubuntu server is maintained 18months and new version is every 6 months. Can i skip versions during updates?
<_ruben> no .. only exception is lts -> lts
<_ruben> im currently in the progress of migrating from sles9 to ubuntu actually
<_ruben> sles sure has some nice features, like yast and stuff like that .. but the fixed release schedule for one is a big plus for ubuntu
<_ruben> one thing i hate about suse is that install and update sources are seperate
<ScottK> hsn_: The next release (sched for April) will be LTS, so you'll be able to upgrade directly from that to the next LTS release in ~2 years.
<hsn_> LTS is normal version or some versions comes with 2 flavours (normal / lts)?
<_ruben> ScottK: what determines if a certain release will be LTS? just the ~2 years ?
<ScottK> It's the normal release.  It's called LTS when Canoncial decides they'll give it extra support.
<_ruben> hsn_: its identical to any other release, just with longer support
<ScottK> Upgrades tend to be easier on Debian derived systems.  I upgraded a laptop Dapper -> Edgy -> Feisty -> Gutsy over the weekend and while it took a while (mostly due to slow ancient hardware) there were no technical issues with the upgrades.
<_ruben> and with debian based systems the upgrade can be done 'online' .. with suse/sles it requires booting from the new version's installation media
<avatar_> updating is so easy with apt
<_ruben> sudo do-release-upgrade is all there is to it ;)
<hsn_> i am using kubuntu on desktop with adept package manager, server version comes just with aptitude?
<_ruben> aptitude / apt-get and co / and possibly more tools ..
<kraut> http://www.osnews.com/images/comics/wtfm.jpg
<hsn_> server and destkop version share same .deb repo?
<avatar_> hsn_: yes
<avatar_> hsn_: server install is just a plain ubuntu install without the ubuntu-desktop metapackage
<ScottK> It's also got a kernel better tuned for server work.
<ScottK> Although I've yet to notice a significant difference.
<ScottK> Adept is a gui front end for apt-get, so it's the same under the GUI.
<_ruben> kraut: hehehe
<hsn_> can i browse/search via web available packages?
<_ruben> http://packages.ubuntu.com ;)
<kaii> roxx ..
<kaii> i use this when i miss specific files
<ScottK> mathiaz: I'm pretty sure they turned the auto expire thing back on (bugs at least have a countdown displayed).  In any case it could come back at any time so I think bugs we don't want expired shouldn't get marked incomplete.
<mathiaz> ScottK: It's just a message.
<mathiaz> ScottK: I don't the janitor actually runs. I've come accross bugs that were marked expired for more than 60 days and hadn't been touched by LP.
<ScottK> mathiaz: OK.  But we've no idea when it'll come back on, so we shouldn't assume it wont
<mathiaz> ScottK: right.
<Schiz0> Hey. I'm running a MySQL and apache server. The load is always around 1-1.5, which is fine. But every so often the load shoots up to like 15, and I'm wondering what's causing that. When it's high, I run "top" to try and see what's going on, but all it has is a MySQL process at the top of the list.
<mathiaz> Schiz0: It may be related an sql query run by the server. Does it happen at regular times ?
<mathiaz> Schiz0: you may wanna check the slowquery log also
<Schiz0> It doesn't seem to happen regularly. But it is in fact a MySQL query (or series of them) doing that?
<Schiz0> The code we run isn't too optimized, so I guess that would cause the problem. I'll check the slowquery log, thanks
<zul> mathiaz: grrr....freaking mysql man pages
<mathiaz> zul: I think it's temporary.
<mathiaz> zul: may be mysql-doc hasn't been published yet.
<zul> im pretty sure..
<zul> it has
<zul> mathiaz: should mysql-docs be built for amd64 as well?
<mathiaz> zul: it's architecture indenpendant IIRC
<mathiaz> zul: ok - I've seen another bug for mysqld.8 man page
<ScottK> leonel: Is the clamav CVE list for Dapper something you'll have time for soon?
<zul> mysql-client looks like its not getting removed
<soren> mathiaz, zul: What's the problem with the mysql-docs?
<mathiaz> soren: the old version of mysql-doc ships mysqld.8, which is now provided in mysql-server-5.0
<mathiaz> soren: a new mysql-doc package has been uploaded that doesn't ship mysqld.8
<soren> mathiaz: You know what to do then?
<leonel> ScottK:  Yes I'll start  past  noon   MST
<leonel> ScottK:  do you need it  sooner ?
<ScottK> leonel: No.  When you can get to it is fine.
<luckyone> how do you set the reply to address in ~/.muttrc?
<luckyone> soren: did you study in Prague during the Fall of 2002?
<soren> luckyone: I've never even been to Prague :)
<luckyone> soren: cool - one of my friends from prague uses a similar alias
 * luckyone uses *friends* liberally
<soren> my_hdr is probably what you're looking for (in muttrc)
<luckyone> I did my_hdr Reply-to: a@b.c with no luck
<soren> luckyone: my_hdr "Reply-to: foo@bar.baz" ?
<luckyone> soren: I think I found it on the wiki
<soren> OK.
<luckyone> set realname="First Last"
<luckyone> set from="a@b.c"
<luckyone> set use_from=yes
<soren> Eh?
<soren> luckyone: That doesn't set a reply-to header.
<faulkes-> looks like a mutt config
<soren> Yes?
<leonel> ScottK: looking at  dapper's changelog  IIRC  we put some patches in may 2007 or Jun and there's nothing patched since  Jan 6 2007  or  there was no patches  to dapper ??
<ScottK> leonel: That's correct
<ScottK> leonel: clamav 0.8x is basically unsupportable.  I'm trying to make a case to copy our backport into updates so everyone gets it.
<ScottK> leonel: You're CVE list is the key point I think to getting it accepted.  There's no other way.
<leonel> I've already got the CVE list   that affects  clamav  since 88.2  but I need to check one by one  which  are  only for  0.91 or 92 for the code change
<ScottK> K.  I appreciate the effort.
<leonel> there are 22 cve's  but I think most of them  are for  newer versions  I'll let you know latter   Got to go to the doctor ( eyes exam )  in 30 minutes
<ScottK> Thanks and no rush.
<luckyone> soren: really?
<luckyone> it populates it on my client
<zul> mathiaz: i was able to reproduce it :)
<CygnusX1> Hello.  Would anyone happen to have working snort with inline startup scripts for Ubuntu Server 7.10?
<faulkes-> not me and I don't recall seeing anything being done with it
<faulkes-> but then again, I'm new here so
<Schiz0> http://imgs.xkcd.com/comics/real_programmers.png
<soren> luckyone: It just sets the "From: " header. If you don't set use_from, it'll leave it to the MTA to set one for you. Reply-to is an entirely different header.
<pteague> has the upgrade issue with raid devices been fixed?
<soren> Which one is that?
<pteague> when upgrading between 1 version & the next the drives in the raid array end up with different UUID numbers (or was it their /dev/sd[a-z] ?) causing all sorts of problems with the raid array...  i finally got mine set up again, but it had to completely rebuild 1 of the drives (apparently because it was in a different position than it had been before)
<Schiz0> I'm using Ubuntu server 7.10, and I'm trying to optimize apache22. The apache performance Tuning manual says this: "On some operating systems, mmap does not scale as well as read(2) when the number of CPUs increases."  Is this true for Ubuntu 7.10?
<soren> pteague: UUID's should never, ever change.
<soren> pteague: Device nodes are free to do so, however.
<zul> mathiaz: just using replaces doesnt work
<mathiaz> zul: what's the error ?
<pteague> ok, then that must have been it... because simply scanning /proc/partitions for MD superblocks must have put them in the wrong order or something because it wouldn't auto build the md0 device after the upgrade from feisty to gutsy... i had to re-add them which sort of worked, but 1 drive was 'missing'... from what i can tell 1 of the drives that used to be at the beginning was now at the end & i had to have it re-add that disk & a
<pteague> t that point it had to rebuild it... not a nice easy upgrade
<mok0> sorenn, the mac_addr trick solved my kvm problems completely! We have now deployed a couple of virtual servers in testing for production!
<zul> mathiaz: whoops i think i might have made a mistake ill get back to you
<soren> mok0: I'm *very* happy to hear that.
<soren> mok0: Awesome!
<mok0> soren: definetly cool!
<mok0> soren: we have a jabber server on one of them; it works like a charm
<zul> mathiaz: trying to overwrite manpages again
<soren> zul: Error message?
<zul>  trying to overwrite `/usr/share/man/man1/mysql_config.1.gz', which is also in package mysql-doc-5.0
<soren> And it has "Replaces: mysql-doc-5.0"?
<soren> That doesn't add up.
<zul> Replaces: mysql-doc-5.0 (<< 5.0.56-0ubuntu1)
<zul> thats with straight dpkg -i
<soren> zul: -> #ubuntu-devel
<akincer> Ok, so what are the odds of me getting folks to discuss the (ill-informed) rejection of Bacula?
<mathiaz> akincer: Did you reply to the thread on the ubuntu-server mailing list ?
<akincer> Yep. So far, no one has addressed my question. That was at 9:16AM EST
<akincer> There seems to be quite a bit of lack of understanding of the security issue? Mainly, a lack that it really isn't an issue at all with the latest packages and some thought
<mathiaz> akincer: you may wanna ask zul about this
<akincer> Will zul be in the meeting tomorrow?
<mathiaz> akincer: you could also look at the MainInclusionRequirement document (https://wiki.ubuntu.com/UbuntuMainInclusionRequirements)
<mathiaz> akincer: this is the criteria that are used to evaluate a MainInclusionReport.
<mathiaz> akincer: zul should be in the meeting tomorrow.
<ScottK> akincer: If you want to get listend to, I'd suggest toning it down a bit.
<akincer> Well it was rejected on a security issue that isn't.
<ScottK> In your opinion.
<mathiaz> akincer: it's worth noting that the rejection is not on the MIR itself, rather on whether it was worth spending time to write a MIR.
<ScottK> You aren't responsible for Ubuntu security, so you may have a different set of requirements.
<mathiaz> akincer: if a MIR is written, it still has to be accepted by the MIR reviewer - and that's not the server team.
<ScottK> Showing up and calling people idiots isn't likely to get you reasoned dialogue.
<akincer> I'm pretty sure I didn't call anyone an idiot
<akincer> If challenging the veracity of a conclusion WRT package decisions in Ubuntu is some taboo, then I'd be pretty disappointed
<mathiaz> akincer: If you're available tomorrow for the meeting and able to attend, it's worth discussing this item.
<mathiaz> akincer: Could you add an item to the Meeting agenda ?
<akincer> Unless there is a fire I have to put out, I'll be there
<mathiaz> akincer: great ! Your views are welcomed.
<akincer> I've never added an item before. Where does one do that?
<mathiaz> akincer: on the wiki page: https://wiki.ubuntu.com/ServerTeam/Meeting
<akincer> Ahh, I gotcha. I'll add it now
<mathiaz> akincer: I'd also suggest to have a quick look at https://wiki.ubuntu.com/UbuntuMainInclusionRequirements to remember what are the critiria used for inclusion into main.
<akincer> I will before I put it on the agenda
<akincer> mathiaz: I'm going to read up and try my best to understand the decision, but I really think this is going to be a case of splitting hairs. Similar to how Mysql was (for a time) packaged to install with no password set. The solution there was to require a password to be set on installation. Makes sense. A similar approach could, I believe, be taken to remove the security "issue" with Bacula
<mathiaz> akincer: FYI, the decision is not final. It's perfectly ok to discuss it during the meeting and change our mind on it.
<freakyy> hi all. what is a good groupware server?
<akincer> I added the item. I'll make sure to be as well prepared as possible to give my point of view on the matter.
<luckyone> freakyy: opencrx
<mathiaz> akincer: excellent - I think zul should be around als.
<freakyy> thx ill have a look at it
<luckyone> freakyy: version 2.0 will have everything imaginable
<akincer> Is that 6PM EST for the meeting?
<akincer> my UTC converson sucks
<freakyy> ok thank you
<freakyy> :))
<mathiaz> akincer: EST == UTC - 5 these days
<akincer> 3PM it is
<akincer> I need sleep
<mathiaz> akincer: it's 4PM EST
<akincer> It's the simple math that will get ya
<akincer> see what I mean
<akincer> Somehow in my head 21 - 5 = 15
<akincer> See ya then, gotta go
<mathiaz> see you tommorow akincer
<freakyy> luckyone: why is it better than eGroupware?
#ubuntu-server 2008-02-06
<telexicon> I'm trying to setup a caching proxy with squid and I'm having issues where when accessing some web pages there is a 2 to 10 second delay, its intermittent, ive checked dns, gone through the logs, any ideas?
<bmac2> I am having problems getting ubuntu to install on a dell poweredge 2450
<bmac2> even if I diable the raid portion of the controller and tell it to be ONLY scsi
<bmac2> it starts the install and then errors out
<bmac2> I can't find any documentation with google or around
<bmac2> anyone know how to install on the dell with the PERC controller built into the system?
<ScottK> I know it's possible, but I haven't done it.
<bmac2> or any links?
<bmac2> it starts to install/boot
<bmac2> then gets an error
<bmac2> and just hangs forever with error after error
<bmac2> drivnig me nuts
<bmac2> cause freebsd runs fine
<ScottK> This is a quiet time of day on this channel so I'd have some patience and hang out for a while.
<bmac2> on the same machine
<bmac2> k
<ScottK> Are you using the regular install CD or the alternate?
<bmac2> tried both
<bmac2> tried kubuntu
<bmac2> tried ubuntu
<bmac2> tried standing on my head
<bmac2> tried different versions
<ScottK> Installer is the same for Kubuntu and Ubuntu.  The alternate has a different installer.
<bmac2> did everything except throw the machine out
<bmac2> lol
<bmac2> the alternate started stuff then bombed just like the other
<faulkes-> might be a bit more helpful if there were particular errors you tell us about
<faulkes-> s/you/you could
<bmac2> ok let me start the install again and tell you exactly what error it gives
<bmac2> it is the same error, so hold on, takes like 4 minutes to get it booted and to the error
<faulkes-> that's fine, I should be here for a bit
<faulkes-> although if I don't answer immediately it's probably because I'm in another window working, I will check back
<bmac2> k
<bmac2> I am running the install right now
<bmac2> from teh alternate cd
<bmac2> to tell you what the error is on that
<bmac2> that was the first disk I found in the stack
<bmac2> ok burning me a new copy of the ubuntu server 7.10
<bmac2> the last copy was NOT granddaughter proof
<bmac2> she kinda scratched it up a little
<kgoetz> hehe
<bmac2> what do you expect for someone who turns 1 year old in a copule of days
<bmac2> everything to her is a chew toy
<bmac2> and goes straight to the mouth, then thrown across the house
<bmac2> ok got the error now
<bmac2> ata:  abnormal status
<bmac2> ata1: 00  configured for UDMA/25
<bmac2> kernel:  ATA   HE complete
<bmac2> those three lines repeating
<bmac2> buffer i/o error  sr0
<bmac2> that a bunch of times
<bmac2> ATA1:  port is slow to respond, please be patient
<bmac2> and the isntall hangs at 21% when it is loading lib6c-udeb
<bmac2> freebsd installs fine
<bmac2> ?
<bmac2> I am going to put a different cdrom drive in that server
<bmac2> and see if it is the cd drive hosing the installs
<bmac2> son of a
<bmac2> B****
<bmac2> it was a bad cdrom drive
<bmac2> it is one of those little thin ones like a laptop has
<bmac2> I had a dvd drive one and put it in
<bmac2> and it blasted past where the error was before
<bmac2> so thanks anyway!!!  if nothing else for listening to me
<tijn> hey ppl
<tijn> is it possible to really force delete a broken file? (15 Exabyte) it has the wierdest file attributes :S
<soren> rm filename?
<tijn> nope, doesnt work
<soren> Or what do you mean "really force"?
<soren> Does'nt work how?
<tijn> well, obviously the file is broken (15 exabyte is a lot ;)
<soren> That's fine.
<tijn> not work like: cannot remove file: operation not permitted
<_ruben> sudo rm filename ?
<soren> $ ls -l foobar.img
<soren> -rw-r--r-- 1 soren soren 1413189101040959488 2008-02-06 09:16 foobar.img
<tijn> i am root
<soren> It's no problem.
<soren> Ok, check the mount options of the file system it's on.
<tijn> those are ok, only with 4 files, the rest is fine
<tijn> -rwsrw---T 55339 505502668 2665305837 15E 1916-10-28 20:07 7  <-- this is the file
<tijn> result of ls -lah
<soren> "those are ok"? Which ones? The mount options?
<tijn> yes
<soren> Er.. If you're root, and you can't delete a file, it's the filesystem driver, that's telling you to sod off.
<soren> Either it's buggy, or it mounted read-only or something.
<soren> Check /proc/mounts rather than the output of mounts.
<soren> Which filesystem is it on?
<tijn> ext3
<tijn> the "broken" files a the result of a canceled backup
<tijn> are*
<soren> What sort of backup?
<tijn> automated process of scp and cp
<tijn> it was in the middle of an scp transfer and i canceled it
<soren> Explain how you come to the conclusion that cancelling a read operation can cause filesystem corruption.
<tijn> no no, the file is the backup
<tijn> it's the backup server
<kraut> moin
<tijn> (sorry for my bad English explanation)
<soren> tijn: ...
<soren> If you have all this information you could have said so to begin with.
<tijn> yes sorry
<soren> Is the filesystem full, by any chance?
<tijn> nope, freshly installed
<tijn> /var has 3 TB free space left
<soren> Well, it's hardly freshly installed if you've already shoved backups onto it?
<tijn> the backups are beeing made in /var/backup/data
<tijn> well it was a test run
<tijn> fresh like in new and clean
<soren> Does dmesg say anything interesting?
<tijn> hey, yes it does: [325895.828879] EXT3-fs error (device dm-8): ext3_new_block: Allocating block in system zone - blocks from 813957851, length 1
<soren> tijn: Is that the last line?
<tijn> yes
<tijn> but repeats alot with increasing numbers
<soren> "dmesg | grep read-only" please
<tijn> nothing
<soren> I don't know, really. I'd probably to an fsck and see if it fixes it and proceed with thorough testing to make sure it doesn't happen again. I've no clue what could have caused this (apart from hardware issues).
<avatar_> tijn: which kernel version do you run?
<avatar_> tijn: check al your disks in your raidarray for badblocks
<tijn> kernel 2.6.22
<tijn> avatar_, soren, ok i will fsck everything and if the problem wont go away i'll format everything and do a reinstall
<tijn> thnx for the help !
<soren> Ah, right. I get so caught up in hardy stuff, I automatically assume everyone else is running hardy, too :)
<soren> I didn't even think to ask the kernel version..
<_ruben> hehe
<tijn> soren, it works after a reinstall
<avatar_> nice
<avatar_> after all a weird issue
<tijn> indeed
<tijn> lucky it was not in production yet :)
<avatar_> hmm, are you working for virtu?
<tijn> nope
<tijn> hehe why?
<tijn> we are hosting @ virtu
<tijn> why?
<tijn> afk
<tijn> brb
<Gargoyle> if apt-get upgrade is going to update linux-image-2.6.22-14-server, dies that mean my kernel is going to be updated?
<zul> morning
<Gargoyle> afternoon
<soren> Gargoyle: What's the point of confusion?
<Gargoyle> I already have that version as the running kernel. Just wondered if I need to recompile any modules I have added?
<soren> No.
<Gargoyle> cool
<soren> It's a new version, but it doesn't update the ABI, so any modules you have installed will still work.
<Gargoyle> ahh
<Gargoyle> How do you find out which groups manage particular packages for ubuntu?
<Gargoyle> are they all in launchpad?
<soren> Depends.
<Gargoyle> Well, specifically DRBD and heartbeat
<soren> There are two major groups: Core developers and MOTU's. MOTU's manage univers and multiverse, core-dev's everything else.
<Gargoyle> or does ubuntu have a different direction for HA?
<soren> We also have various teams, that generally tend to certain packages, but that's more of a convention than a hard rule.
<soren> Any core-dev can touch any package in main.
<soren> drbd and heartbeat is the server team's domain, usually.
<soren> So this is the right place to discuss it.
<Gargoyle> :)
<Gargoyle> if I am using dpkg --install some.deb file and it says there are missing dependencies, is there a switch I can add to make it go off and install those?
<sommer> soren: I'm getting a libvirt3.1 conflict with libvirt3.2 when trying to upgrade virt-viewer... just fyi
<sommer> soren: I mean libxen3.1 conflict with libxen3.2 :)
<sommer> soren: nm, found you conversation with zul on devel
<zul> sommer: yep we are working on it
<sommer> party!, xen works with virt-manager correct?
<sommer> or will work
<zul> it should but I dont think it is tested
<zul> not by me anyways
<sommer> cool, I'd be glad to help test that, but noticed issues trying to install xen... so far anyway
<faulkes-> quick question about testing actually, are you guys playing with real hardware or setting up your own virtuals (case depending obviously)
<faulkes-> just looking how best to contribute, I just don't have much hardware kicking around to throw up the server version on
<zul> faulkes-: your right it is depending on the case but helping out can range from testing to bug fixing, to packaging
<faulkes-> yes, true, I'm not discounting the other options, testing, bugs, docs, even in channel support
<faulkes-> again, I'm still trying to find a place, I tend to move a bit slower and try to understand as much as possible before I start
<faulkes-> so, right now, mostly I'm reading and attending the irc meetings
<zul> cool...welcome
<faulkes-> and of course, idling away in the channel ;)
<mathiaz> faulkes-: one area we'd need some testing is KVM in hardy
<mathiaz> faulkes-: so if you have some spare hardware that supports virtualization, you could install hardy on it and use KVM to setup guests for the other versions of ubuntu
<mathiaz> faulkes-: that's how do most of my developement work when fixing bugs for example.
 * faulkes- nods
<faulkes-> at the current time, my only real spare hardware is an old g3 I'm using as a fileserver, which isn't exactly mainstream for what is being done (imo)
<mathiaz> faulkes-: correct. You need to have recent cpus that support hardware virtualization.
<soren> sommer: :)
<faulkes-> I do have experience with Xen, at least from an operational perspective, I just don't my work would appreciate me adding another virt ;)
<faulkes-> I'm thinking the best way would be to have some spare hardware of relatively recent and decent configuration
 * faulkes- should go to ebay
<mathiaz> faulkes-: right. I've just ordered some new hardware, opteron 1212 + 4 Gb of RAM
<soren> mathiaz: Shiny!
<mathiaz> soren: yop - should get it by the end of this week.
<faulkes-> just have to balance the budget though as I want to pickup a dell 1730 laptop fully specced out
<mathiaz> soren: I'll install hardy on it and migrate all my developement work to KVM guest in there
<soren> mathiaz: I just got me one of these babies: AMD Athlon(tm) 64 X2 Dual Core Processor 5600+
<faulkes-> my old laptp is creaking along slowly to it's eventual death
<mathiaz> faulkes-: well I got it for 650 $
<soren> mathiaz: 2.8GHz, 4 GB RAM, and on a 100 Mbps pipe. Booyah!
<faulkes-> yeah, I've ebay'd for equipment before
<mathiaz> soren: right. That's in a data center.
<soren> mathiaz: Yeah. No noise.
<soren> mathiaz: \o/
<faulkes-> err, mathiaz even
<mathiaz> soren: my new hardware will be sitting next to me... hopefully it won't be to noisy :/
<faulkes-> damnation, I can't read this morning
<mathiaz> faulkes-: I think I could have got something for less than 500$
<faulkes-> most definitely you can
<mathiaz> faulkes-: I added another hd
<soren> mathiaz: I've got a cunning plan for kvm  in hardy+1 that will make having the machine in the data centre even less significant than it is now.
<faulkes-> heck, even the 1900 series dell 1u's are pretty cheap
<mathiaz> faulkes-: well - my spec included 4 Gb of RAM so that raises the price
 * faulkes- nods
<mathiaz> soren: how come ?
<faulkes-> I'm not really concerned about $650 or so
<faulkes-> just need to budget it out
<mathiaz> faulkes-: I'd rather not have 1U server in my flat - I don't want to live in a data center.
<faulkes-> because the laptop I want is like $3600
<faulkes-> I'd ship the 1u off to the colo
<soren> mathiaz: Well, now, it's a bit inconvenient that I have to move ISO's around and such to do certain things. I hope to eliminate that, so that the client you use to connect to kvm will make it appear as though you're at the machine.
<mathiaz> soren: once I start using KVM, I'll probably fully grasp what your plan is for hardy+1
<Iulian> Hi
<faulkes-> hello
<ivoks> meeting in 15 minutes?
<mathiaz> ivoks: yes - in #ubuntu-meeting
<ivoks> nice
<zul> crap its nearly 16:00 already
<faulkes-> hmm, I should get a coffee before the meeting kicks off
<faulkes-> I didn't get much sleep last night
<zul> hah...neither did i
<faulkes-> mathiaz: you got the /msg with my email?
<mathiaz> faulkes-: yes.
<mathiaz> faulkes-: are you subscribed to ubuntu-server ?
<faulkes-> kk, anything you want reviewed and comments on just send it over
<faulkes-> yes, I am
<faulkes-> or send it to ubuntu-server
<mathiaz> faulkes-: ok. I'll send an email to u-server with my proposal for a mentoring program
<mathiaz> faulkes-: I'll ask for feedback in there.
<faulkes-> ah, I was talking about presentation for Dev. Week
<ivoks> bbl
<faulkes-> to get more publicity / involvement of new people in -server
<mathiaz> faulkes-: ah ok.
<faulkes-> in either case, I am happy to contribute
<mathiaz> faulkes-: I think it falls under the are.
<mathiaz> area
<mathiaz> faulkes-: I'm still thinking about how-to have more people contributing to the server team.
<mathiaz> faulkes-: I wonder if the wiki page are overwhelming in information
<faulkes-> well, I guess from my perspective it involves to key areas, one is ubuntu specific/general and one is server specific/general, and the need to not duplicate stuff
<ScottK> One suggestion I have is to have it documented (on the wiki I guess) who to talk to about stuff.
<mathiaz> faulkes-: my idea with the mentoring program bein that having one single point of contact would help people navigating in the ubuntu world.
<faulkes-> yes, I would agree, it can be quite overwhelming
 * faulkes- is patient though
<mathiaz> faulkes-: have you read the GettingInvolved page on the Server Team wiki page ?
<faulkes-> yes
<faulkes-> It was how I started and subbed to u-s and joined here
<mathiaz> faulkes-: how did you get to this page ?
<faulkes-> but the wider ubuntu world, which new people still have to work with, regardless of team, is overwhelming
<faulkes-> iirc, I was going through a link of the forums page to getting involved
<faulkes-> I was looking for a Loco near me as well
<mathiaz> faulkes-: ok. So you came from the forums ?
<faulkes-> yes, i have been active over there helping with issues when I find them, that I can help with
<faulkes-> but specifically for the server team and involvement, it is because I work with linux based servers professionally and use ubuntu on my laptop personally
<faulkes-> and I liked what I saw with the desktop side of things
<faulkes-> figured I had alot of actual working experience that would best suit working with the server team
<mathiaz> faulkes-: ok. That another point we're trying to address - how to get professional involved in the Server Team.
<faulkes-> well, one key point I would make, is that the forums treat the server / security side as third party
<mathiaz> faulkes-: In my view, contributors to the desktop team are a different crowd that the one in the server team.
<mathiaz> faulkes-: probably. I think it's because ubuntu is well known for its desktop offering.
<faulkes-> so what ends up happy is that most of the server stuff gets pushed into the other forums
<mathiaz> faulkes-: which forums are refering to ?
<faulkes-> http://ubuntuforums.org/
<mathiaz> faulkes-: hum - I meant "other forums" ?
<faulkes-> ah, I see
<faulkes-> dell ubuntu support
<faulkes-> hardware & laptops
<faulkes-> and in some cases general
<mathiaz> faulkes-: right. I must admit I don't spend a lot of time in the forums.
 * faulkes- nods
<mathiaz> faulkes-: But it's definetly a ressource we'd like to leverage more
<faulkes-> just, I think in order to bring in more professionals, the forums offer a good lead in
<mathiaz> faulkes-: in general too.
<mathiaz> faulkes-: but a lot of professional don't/can't contribute directly to ubuntu
<mathiaz> faulkes-: at least in an open process.
<faulkes-> and if there was a specific server forum, that appeared to be in that first list of primary forums, we'd get alot more traction
<mathiaz> faulkes-: I guess there is some education to be done in that area.
<faulkes-> alot of the issues range mainly around general stuff, like hardware from specific vendors and such
<faulkes-> but also server software configuration and such
<faulkes-> and I agree, that alot of professionals can't directly contribute
<faulkes-> I think it would help though if the server side was given equal opportunity
<mathiaz> faulkes-: you may wanna talk to the ubuntu forum team about this.
<faulkes-> I could do that, certainly
<mathiaz> faulkes-: that would be a great to get started in the Server Team.
<faulkes-> ok
<mathiaz> faulkes-: since you have experience with the forums, you could try to increase the importance of the Server are on the forums.
<faulkes-> I will have a chat with them and add an item to the agenda for the next meeting to report on
<mathiaz> faulkes-: I tought about adding a permanent link to the top of the server forums link to the ServerTeam page.
<mathiaz> faulkes-: there is also the developer forum that is used by developers for testing.
<mathiaz> faulkes-: I know that asac from the mozilla team uses it to ask for firefox/thunderbird testing.
 * faulkes- nods
<mathiaz> faulkes-: we could use that channel to advertise for our virtualization testing.
<mathiaz> faulkes-: I think that the forums could be a great ressource for the Server Team - we just need ways to leverage it.
<faulkes-> agreed
<mathiaz> faulkes-: seems like you could bring your experience in that area :)
<faulkes-> I think if it's presented in the right way, it will help not only build a larger team base but also drive adoption of -server in the wider world
 * mathiaz nods
<faulkes-> I will have a word with the ubuntu forum team and be ready to report back for the next meeting
<faulkes-> as a group, we can decide how we'd like to move forward, generate some ideas and interaction
<mathiaz> faulkes-: that seems like a good idea
<ScottK> In my experience, the experience level you see in ubuntuforums isn't the kind of people who professionally run servers.
<faulkes-> from what i've seen, there is quite a range
<mathiaz> ScottK: are you refering to the forums in general or to the servers target categories ?
<ScottK> Forums in general and the few times I've gone into the server area it seemed similar but not to active.
<ScottK> I don't think ubuntuforums attracts the kind of people we're looking for as a rule.
<faulkes-> well, I don't think the server side has been pushed as hard for community involvement
<mathiaz> ScottK: well. I can't speak of the desktop side.
<faulkes-> alot of that energy is still directed towards the desktop
<mathiaz> ScottK: If there isn't a lot of activity in the server side, we can't really judge on the quality there.
<ScottK> IME server oriented people tend to be older and more experienced and would tend to us ML more and shy away from forums, but that may just be me.
<mathiaz> ScottK: yes. I'd agree.
<mathiaz> ScottK: But I don't think we should put the forums aside.
<ScottK> I particularly think the culture of ubuntuforums would be unlikely to be appealing.
<faulkes-> I think what we want is to help publicize the team and generate involvement
<faulkes-> so that those who are interested come to us
<ScottK> My experience on the desktop side is it's a poor place to recruite.
<ScottK> I've made efforts in that direction for MOTU and gotten nothing.
<faulkes-> and I would agree, but the desktop side is filled with a large base of inexperienced users
<mathiaz> ScottK: right. But I think that the server crowd is different from the desktop crowd.
<faulkes-> we are putting in place drivers to bring the interested to us and make us more open/transparent to the community
<mathiaz> ScottK: this is probably why we need to find different ways to attract new contributors to the server team.
<ScottK> Agreed.
<faulkes-> and to be honest, sometimes even getting a new jr. admin in on something makes experienced folks look at it and say "you know, I never tried that, let me see"
<faulkes-> but overall, I think our direction in terms attracting new contributors needs the involvement of the team as a whole
<faulkes-> so we present a consistent message and framework
<ScottK> I do think that the team is large enough that we need some specialization.
<ScottK> Myself, I really only do mail servers consistently and so that's what I tend to look after.
<mathiaz> ScottK: right. That's what we're envolving to naturally I think.
<ScottK> If we had identified people in different focus areas, I think it'd make it easier for people to connect and get involved.
<mathiaz> ScottK: sommer seems to be looking after documentation
<faulkes-> I have a range and right now, all those servers are sitting with centos installed on them
<ScottK> Yes
<ScottK> I've got no idea how that happened
<faulkes-> mysql cluster, apache, amanda, xen vm's, etc..
<mathiaz> ScottK: I'm thinking about adding names to each section on the GettingInvolved page
<mathiaz> or may be list people part of the server team with their interest
<mathiaz> that could be a form of the mentoring program
<ScottK> One key issue from a team policy perspective is bugmail.
<ScottK> Yes
<ScottK> I find it extremely troublesome to be required to suck up all the samba bugmail that I don't and won't care about.
<ScottK> As an example.
<ScottK> Sending all bugmail to all team members just doesn't scale.
<mathiaz> ScottK: hum.. You briefly mentionned it at UDS but I hadn't had time to respond to it.
<mathiaz> ScottK: I think that's what the ubuntu-server team in LP is made for.
<mathiaz> ScottK: we only use the ubuntu-server as way to deal with bugs.
<mathiaz> ScottK: Now what this means that the Ubuntu Server Team doesn't equal ubuntu-server in LP.
<ScottK> That's a bit obtuse.  It's not a clean API.
<mathiaz> ScottK: We could also argue wether the ubuntu-server ml is actually the list of the Ubuntu Server Team.
<ScottK> Could we?
<ScottK> I'm aware there's actually a Canonical Server Team (with ML) too.
<ScottK> But that is and needs to be different.
<mathiaz> ScottK: correct - that's for canonical employees and is used for specific reasons.
<faulkes-> wheras we represent the community aspect
<ScottK> Exactly
<ScottK> So what is the ML of the Ubuntu Server Team?
<mathiaz> ScottK: what I've noticed with ubuntu-server LP team is that altough we have more people signing up, bugs don't get triagged.
<ScottK> Right.  Lots of people sign up for teams because they think it's cool.
<mathiaz> It seems that there is a misconception in the role of the ubuntu-server LP team (at least in my view)
<mathiaz> ScottK: yes. And they want to be part of the Server Team.
<ScottK> You'll also notice that Postfix bugs have always been triaged.
<ScottK> That's because I did those even before there was a server team.
<ScottK> So it works both ways.
<mathiaz> ScottK: For me, the ubuntu-server LP team is a way to track the bugs related to the server area.
<ScottK> OK.
<mathiaz> ScottK: I know of you great work on postfix and I'm thankfull for that.
<ScottK> For other areas (e.g. MOTU, Kubuntu, etc, it means a lot more than that).
<mathiaz> ScottK: in your case, I'd risk to suggest you to leave the ubuntu-server team and set yourself as a bug contact for postfix
<mathiaz> ScottK: but again it doesn't mean you're not a member of the Ubuntu Server Team
<ScottK> I am and have been a bug contact for a long time.
<ScottK> Maybe we could have ubuntu-server Team and ubuntu-server-bugs.
<mathiaz> ScottK: so if you don't want to receive the bugs for samba, you could just leave the team.
<ScottK> That's how Ubuntu does it.
<ScottK> Agreed, but it feels like leaving the "Team" then.
<mathiaz> ScottK: but that doesn't solve the problem of being a member of the team.
<mathiaz> ScottK: agreed.
<mathiaz> ScottK: May be two teams would be a proper solution to this then.
<ScottK> So I'm suggesting we make a team called ubuntu-server-bugs.  People join that to get all the bugmail.
<mathiaz> And we'd keep ubuntu-server to keep track of people that are member of the Ubuntu Server Team.
<ScottK> Yes
<mathiaz> ScottK: another option is to create an ubuntu-server-bugs ml and use it as the bugmail address for ubuntu-server
<ScottK> That'd be fine too.
<mathiaz> ScottK: people interested in receiving bugs for ubuntu-server should subscribed to it.
<ScottK> Yes
<ScottK> People interested only in certain packages subscribe for bugs to those.
<mathiaz> ScottK: so I wonder if we should change the criteria to be part of ubuntu-server then
<mathiaz> ScottK: one of the reason for having such a low barries for approval is to get more people to receive bug mails.
<mathiaz> ScottK: and hopefully get them triagged.
<ScottK> I think you're better off to get people who are interested in triaging.
<mathiaz> ScottK: obviously that target failed.
<ScottK> I think if you want to encourage that, add a section to the meeting to commend community triagers who've done something of note.
<mathiaz> ScottK: good point.
<mathiaz> ScottK: but then should we change the critirea to be approved in ubuntu-server ?
<mathiaz> ScottK: right now you just have to sign up on a mailing list and that's that's all
<ScottK> I think that's enough.
<ScottK> People will read about meetings and activities and gravitate to where their interests and capabilities lay.
<mathiaz> ScottK: right.
<mathiaz> ScottK: that seems like good ideas. I'll write an email to ubuntu-server with a proposal for these changes.
<ScottK> Great.
<ScottK> mathiaz: I've got a bit of an off topic question for you.
<ScottK> mathiaz: I saw your core-dev interview with the tech board got scheduled today (1 day after the MC approved you).
<ScottK> mathiaz: Was there a rush on your application for some reason?
<ScottK> mathiaz: I'm trying to understand why you got jumped ahead of a number of community members (including me) who've been waiting up to 3 weeks without getting scheduled.
<mathiaz> ScottK: no
<ScottK> OK.  Thanks.
#ubuntu-server 2008-02-07
<^Elfboy> hi
<^Elfboy> would some one know how o can set ftp so i can load thing and stuff to server
<^Elfboy> or point me to something to read
<ScottK2> Don't use ftp.  It's insecure.
<^Elfboy> ok
<^Elfboy> what shojuld i use
<ScottK2> You can use sftp.  On ubuntu-server you just have to install the openssh-server
<^Elfboy> openssh-server is install
<^Elfboy> i can ssh in to server from laptoop
<^Elfboy> useing locAL host
<susscorfa> hi does anyone know a good way of backuping to a server without rsync on the destination
<ScottK> ^Elfboy: Then if you have an sftp client on the laptop, you'll be able to use sftp.
<^Elfboy> sftp in term
<^Elfboy> is there a ugi
<ScottK> That'll work or there are gui clients
<^Elfboy> :)
<ScottK> What is the laptop
<^Elfboy> gentoo
<ScottK> Gnome or KDE
<^Elfboy> kde
<ScottK> Konqueror will do it.
<^Elfboy> ok
<ScottK> sftp://url.of.server/
<^Elfboy> ok
<^Elfboy> let me try
<ScottK> susscorfa: My first thought is install rsync.
<susscorfa> i dont have admin rights otherwise i would have done that
<susscorfa> scp ing a few gigs every time is not realy a option
<^Elfboy> sweeeeeeeeeeeeeet
<^Elfboy> ScottK:  thanks man
<ScottK> ^Elfboy: You're welcome.  That'll work if you want to switch to Kubuntu too...
<^Elfboy> cool
<^Elfboy> :)
<ScottK> susscorfa: I don't have a suggestion that doesn't involve having rights to install stuff on one end.
<susscorfa> hmm ok ill look on
<^Elfboy> ok back
<^Elfboy> i have the sftp set up in server
<^Elfboy> when i tryed to move fil i get access denied
<^Elfboy> in server was there some thing i need to change ?
<^Elfboy> ?????????????
<^Elfboy> Sc
<^Elfboy> ScottK: u around
<ScottK> Yeah
<^Elfboy> cool
<^Elfboy> i got in the server  but cant remove or add anything
<ScottK> Generally you access sftp as a normal user and copy onto the server in your home directory.  From there you can use sudo cp or sudo mv to put the files where you want them.
<^Elfboy>  i get access denied
<ScottK> You need to move stuff to where you have full rights.
<^Elfboy> on gentoo i have rights to all
<ScottK> That doesn't sound very secure.
<^Elfboy> i change permasion in /home/user
<^Elfboy> shold work
<ScottK> And make sure you login in with the same user via sftp
<^Elfboy> ?
<^Elfboy> ohhh
<^Elfboy> nm
<^Elfboy> ok i give up
<antdedyet> Evening.
<^Elfboy> hi hi
<^Elfboy> is there a better sftp then konr
<^Elfboy> ose thats one is not working for mr to good
 * antdedyet gets ready to find server release notes for ubuntu hardy alpha 4 
<^Elfboy> lol
<^Elfboy> im runing gentoo-kde
<ScottK> ^Elfboy: It works great on Kubuntu, so I don't know what to tell you.
<^Elfboy> beats me
<^Elfboy> im o gentoo
<^Elfboy> can some tell me where i can read on how to use term as sftp
<antdedyet> ScottK: you are up for MOTU soon. Cool!
<CrummyGummy> Hi all, I'm trying to upgrade my Feisty box to Gutsy. It keeps aborting with no error. Any ideas where to look?
<nealmcb> wow - long server team meeting today - lots of good work - kudos to the team!
<CrummyGummy> Maybe its got something to do with this. ->  sshd[27882]: fatal: Cannot bind any address.
<faulkes-> thats interesting
<faulkes-> what does ifconfig say about your network interfaces
<faulkes-> unless you've told sshd to bind only to certain addresses, it should bind to loopback/localhost as well
<CrummyGummy> I havn't restricted the binding to sshd. I'll put my ifconfig on pastebin. I don't think this is my real problem but I noticed that the advertised sshd on 9004 didn't work on my other box during upgrade.
<CrummyGummy> I think that the problem is that nfs-common is being kept back. I'm not sure how to upgrade this.
<CrummyGummy> I can't remove it because /var/cache/apt/archives is mounted on nfs.
<CrummyGummy> http://pastebin.com/m61cf1d8e
<faulkes-> well, yes, I think you can discount the sshd message, the network stack seems to be up
<faulkes-> I take it nfs is on the 10 network
<faulkes-> and /var/cache/apt/archives is mounted RO?
<CrummyGummy> Yes its on the 10 network, no its rw,
<faulkes-> ok, I'm new, so forgive me this question, is there a particular reason you can't remove it because it's mounted via nfs?
<CrummyGummy> apt uses /var/cache/apt/archives which is mounted via nfs so I can't remove nfs-common. Or is that dumb?
<faulkes-> I'm not an apt expert so I couldn't say
<faulkes-> is there a reason you need /var/cache/apt/archives mounted via nfs or a particular reason for that setup?
<CrummyGummy> Saves on bw costs. Its not a huge issue but its a saving non the less.
<faulkes-> and you are doing what for the upgrade, "sudo apt dist-upgrade" or some such?
<faulkes-> all these scientists really need to find better ways to make us healthy
<faulkes-> because while I appreciate research showing that drinking 500ml of beet juice / day reduces blood pressure
<faulkes-> ITS BEET JUICE
<CrummyGummy> K, I've unmounted it so nothing is using it. nfs-common is still being kept back on dist-upgrade and upgrade.
 * CrummyGummy shivers.
<CrummyGummy> That sounds aweful.
<faulkes-> is there a message associated with it being kept back?
<CrummyGummy> DEBUG demoted: 'binfmt-support gcj-4.1-base gij-4.1 libgcj7-jar libglib1.2 liblzo1 libttf-dev libttf2'
<CrummyGummy> ERROR Dist-upgrade failed: 'E:Error, pkgProblemResolver::Resolve generated breaks, this may be caused by held packages.'
<CrummyGummy> hmmm, that was an hour ago.
<CrummyGummy> lemme look further.
<faulkes-> no offense to the scientists but if they want to be taken seriously, they should be studying what health benefits a 3 martini lunch provides you
<faulkes-> alot more people would buy into that kind of health diet
<CrummyGummy> hehe, that sounds much better.
<CrummyGummy> faulkes-: I removed it reinstalled it and the upgrades working now. Thanks.
<CrummyGummy> it was a wierd dependancy problem...
<faulkes-> not sure I really did anything but glad to help
<CrummyGummy> lol, its way better than talking to a void...
<avatar_> % sudo ufw status
<avatar_> ERROR: problem running ip6tables
<faulkes-> you're just lucky I can't sleep ;)
<CrummyGummy> hehe
<faulkes-> avatar: do you have ipv6 disabled?
<avatar_> no
<faulkes-> hrrmm
<faulkes-> I havent really looked at ufw yet so
<avatar_> faulkes-: ipv6 support was just committed tonight :)
<faulkes-> iirc from the meeting today it is supposed to be functional with ipv6
<avatar_> appearently with some bugs
<faulkes-> apparently
<avatar_> hmm, server meeting was yesterday right?
<faulkes-> yes
<faulkes-> what does  /sbin/ip6tables -L -n report
<avatar_> http://paste.ubuntu.com/4281/
<faulkes-> hrmm, so everything appears to be ok there
<faulkes-> have you looked to see what the status argument is calling in ufw?
<avatar_> no, i just updated en tried after reading my mail wich about https://bugs.launchpad.net/ubuntu/+source/ufw/+bug/188934
<ubotu> Launchpad bug 188934 in ufw "default ipv6 policy is block " [Medium,Fix released]
<faulkes-> ah
<faulkes-> not sure I can really help with it more than that
<faulkes-> and I should crawl into bed so I at least get a couple hours of sleep
<avatar_> goodnite :)
<avatar_> i've just started my workig day :)
<faulkes-> nite
<kraut> moin
<antdedyet> morning ...
<kraut> where do i change the language, which dpkg uses for example for dpkg -l?
<avatar_> with setting your 'locale' ?
<kraut> avatar_: how with daper?
<kraut> dpkg-reconfigure locale doesn't work
<avatar_> set LANG=en_US.UTF-8
<kraut> where do i configure that permanent?
<kraut> locale shows me allways "LANG=de_DE.UTF-8"
<avatar_> sudo dpkg-reconfigure locales
<avatar_> with default locales configured in /etc/environment
<kraut> ah, i found the error in /etc/environment
<kraut> thanks
<clusty> hey
<clusty> having issues getting X running for the server
<clusty> i am getting "no valid fontpath" fatal X erroe
<clusty> is it misconfigured or missing packages
<tjaalton> hardy install on an ESX-server guest went fine, using our server installation package set (646 packages)
<soren> tjaalton: Awesome news!
<soren> tjaalton: I don't see why it wouldn't work, but it's still nice to know :)
<tjaalton> yeah, it's pretty straightforward
<tjaalton> only thing that I'm normally nervous about is that if the package set installs, since one single package failing to install halts the whole thing :)
<tjaalton> but it's mostly a desktop install issue anyway
<tjaalton> (conflicts, migrations etc)
<tjaalton> and when the next d-i image is built, we'll be able to use ssh-key based remote access to the machine, and monitor the installation logs remotely from a log server (thank you Google :)
<nijaba> tjaalton: any tries with JeOS?
<tjaalton> nijaba: no, it would need a special setup. What's special about it? Isn't it just a task which installs a minimal set of packages?
<nijaba> tjaalton: the kernel also has a lot less drivers
<tjaalton> ah
<nijaba> and it seems we were missing some for proper ESX install on 7.10
<nijaba> could not verify it though
<nijaba> tjaalton: hence my request....
<avatar_> tjaalton: you tried ons esx 3.5?
<tjaalton> the problem is that the ESX frontend server isn't on public network, so I'm not sure how I'll be able to push the image there :)
<avatar_> right now i'm installing a few ESX hosts for a customer
<avatar_> i can spend a few minutes installing JeOS
<nijaba> avatar_: that would be awsome !
<tjaalton> nijaba: seems to be 3.0.2
<avatar_> tjaalton: okay, i'll give it a try on esx 3.5
<nijaba> \o/
<zul> morning
<ScottK> antdedyet: I am already a MOTU.  I'm up for core-dev (from the scrollback about 7 hours ago).
<sommer> hey all
<nijaba> hello sommer
<ScottK> Hello sommer
<ivoks> hi
<ScottK> Hello ivoks
<ScottK> ivoks: pitti gave me some hope I may have an answer on the amavisd-new MIR today.
<ScottK> So maybe there's a chance to integrate it into the tasksel.
<ivoks> great
<ivoks> we can always add diff once it's accepted
<ivoks> i would go with very basic setup with amavis
<zul> hey ivoks
<ivoks> zul: hi
<ivoks> zul: umm... could you just brief me on drbd status in kernel?
<zul> ivoks: its in the archive now
<zul> as of 2.6.24-6 I believe
<ivoks> it's just in -server kenel?
<zul> generic as well I believe
<ivoks> hm...
<ivoks> oh, i'm on -5
<zul> that could be your problem :)
<ivoks> yeah...
<zul> /lib/modules/2.6.24-6-generic/ubuntu/block/drbd
<ivoks> interesting... i don't have -6, but i do have -5 in archive
<ivoks> er... -7
<ivoks> ok, first i'll deal with bacula :D
<zul> 2.2.8 is sitting in merges.ubuntu.com so you might want to merge it first
<soren> -6 failed to build.
<soren> zul: Someone did that earlier today.
<soren> norsetto, I belive.
<soren> believe, even.
<soren> MoM just hasn't run since then.
<ivoks> zul: i already have merged them localy...
<zul> nifty..
<ivoks> i'm working on a diff that would sort some things out..
<ivoks> i've talked with upstream about changes i'm planing to do, and they are ok with it
<ivoks> we don't want -sqlite version in main, right?
<ivoks> just -mysql and -postgresql?
<soren> Why not -sqlite?
<soren> I prefer that one. By far!
<ivoks> so, we do want it?
<ivoks> ok :)
<soren> Why wouldn't we?
<zul> we dont support sqllite dont we?
<ivoks> cause for free you get whole sql :)
<soren> Sure we do.
<soren> It's just the command line interface for it, that's in universe (which is rather silly, if you ask me).
<soren> libsqlite3-{0,dev,doc} are all in main.
<soren> Er... sqlite3-doc. Not libsqlite3-doc.
<avatar_> pff, vmware--
<soren> I think sqlite is sexy.
<avatar_> indeed, sqlite is nice.
<ivoks> right, 2.2.8 is merged
<ivoks> good to know that most of the ubuntu changes in bacula were accepted in upstream or debian
<ScottK> lamont: I'm running your postfix 2.4.7 backport to Gutsy on my test server right now.  Upgraded and works without issue.  Thanks.
<lamont> rock.  I'll push it back to the others then
<lamont> ScottK: and then I just need to know what we're doing for 2.5.1... I figured I'd let Wietse move that past -rc1 before I upload it...
<ScottK> Ah.  Right.
<avatar_> fresh install of vmware esx. Create new guest, configure it to boot from hardy iso. Power on. Poof, crash :(
<ScottK> lamont: I'd suggest pushing 2.5.0-1 to Sid/Hardy now and then updating to 2.5.1 when he releases it.  That way you'll get more 'feedback' if there are packaging issues to deal with at the same time.
<lamont> good point
<mathiaz> soren: any tought on the ubuntu-server-bugs mailing list used as a contact email for ubuntu-server LP team ?
<mathiaz> soren: see my email on ubuntu-server from yesterday
<lamont> which still gets back to "what did ScottK want me to do to postfix, again?" so I can put that into 2.5.0-1
<ScottK> Right.
<mathiaz> zul: ^^
<lamont> I'll upload postfix this afternoon
<soren> mathiaz: I've seen it and it looks reasonable.
<lamont> evening
<soren> mathiaz: In fact, it looks quite good.
<ScottK> lamont: I'll ping you with some bug numbers in a few minutes.
<lamont> ob nit.  how about if you ping me and then give me bug numbers. :)
 * lamont ducks
<zul> mathiaz: Ive looked and sounds good to me
<lamont> bug numbers hurtseses when they bounce off my hull.
 * ScottK regrets the lack of ordnance he used to have available when he was in the Navy ...
 * faulkes- loves him some good ordnance
<ScottK> Being Gunnery Officer on a 10,000 ton Cruiser was fun.
<zul> its not size of the gun that counts its how you use it
<zul> :)
<faulkes-> hrm, some good ufw feedback on planet
<faulkes-> or rather, positive feedback in it being liked and being human
<ScottK> From a very prominent Ubuntu blogger too.
<hsn_> how to resize ntfs partition?
<hsn_> qtparted
<ScottK> lamont: I sent you mail on postfix updates to your debian.org address.  Thanks to greylisting you don't have it yet, but it's in the air.
<lamont> heh.  ok
<lamont> d.o, u.c, c.c all come the same place in the end
<ScottK> Right, just figured that was the most reasonable one to send it to since we're discussing Postfix 2.5 in Debian.
<lamont> heh
<lamont> ok
<lamont> they're all just .forwards or aliases to lamont@m.c
<ScottK> Well debian.org took the mail, so you should have it now.
<^Elfboy> hi all
<^Elfboy> im trying to install a psybnc on my server but i got this http://www.pastebin.ca/895189
<^Elfboy> some take a look for me please
<ikonia> q
<ikonia> oops
<zul> ScottK: ping
<ScottK> Pong
<zul> how well do you know the clamav maintainer in debian?
<ScottK> We've had a not insignificant, but not steady dialogue.
<ScottK> He takes some of my Ubuntu changes and tells me to get stuffed when I mess up.
<zul> If I ask him about updating freeradius debian nicely how would he take it?
<ScottK> I think he's not hostile to Ubuntu, but not extremely interested in it.  If you offered help/patches/etc, I think he'd take it well.
<zul> is he on irc?
<ScottK> sgran has been idle for 2 hours, 27 minutes, and 38 seconds.
<ScottK> Sort of.
<ScottK> (on OFTC).
<zul> ok thanks
<^Elfboy> is there a ftp serveer that will run so i can load  and get stuf odd the server
<faulkes-> mathiaz: got a good response from forum council on the email, I believe you were cc'd
 * ScottK waits for mathiaz to get it done so the bugmail stops.
<ScottK> ... unwanted bugmail ...
<^Elfboy> lol
<mathiaz> faulkes-: yes - saw that. Look good ! Thanks for taking this task :)
<mathiaz> ScottK: I've asked the creation of ubuntu-server-bugs mailing list.
<ScottK> mathiaz: Glad to hear it.
<mathiaz> ScottK: Once it's created, I'll update the LP configuration.
 * ScottK nods
<faulkes-> mathiaz: I'll work on the first part of what was discussed tonight so it can be reviewed and the forum council can act on it
<faulkes-> I should have something fleshed out for tomorrow
<mathiaz> faulkes-: excellent !
<jcastro> Hi guys, is the likewise-open in dendrobates' PPA supposed to work?
<jcastro> I just tried joining to a domain today and it gave me an error 0004 and was wondering if the package was ready for general consumption
<faulkes-> I'm not sure on it's readyness (that doesn't it isn't, just that I don't know)
<seany> has anyone had any luck getting LDAP authentication working in 7.10? i'm having a hell of a time getting local logins to work
<seany> i want to say i'm hitting a issue with libnss-ldap, but i'm not really sure
<faulkes-> jcastro, seany, I probably can't help directly but maybe if you put some more details about the issues you're encountering into the channel, one of the fine u-s members can pick it up
<seany> i've set it up and it doesn't work :-p
<seany> hold on let me type it up
<seany> i'm fairly sure i've getting caught on this bug https://bugs.launchpad.net/ubuntu/+source/libnss-ldap/+bug/155947
<ubotu> Launchpad bug 155947 in libnss-ldap "ldap config  causes Ubuntu to hang at a reboot" [Undecided,Confirmed]
<seany> i setup openldap +samba like i normally would have, and when i get to changing the pam stuff, when ever i reboot the machine it hangs after trying to login
<seany> some times it will let me enter a user and pw, other times just a user
<jcastro> faulkes-: well, I can't even find a log for the likewise thing, so I guess I'll just wait until it hits universe and give it a shot
<seany> when it's in this state all of the external services are down, can't ping it, no ssh etc
<mathiaz> jcastro: a new version of likewise has been uploaded to dendrobates' ppa
<mathiaz> jcastro: and published about an hour ago
<jcastro> ah
<seany> booting into single user mode and starting things manually gets me to a place where things are usable, and i can fire off services one at a time to get things working, but that's not a solution
<jcastro> mathiaz: I don't have an AD environment at home but I can get to one during lunch, I'll give it a shot tomorrow
<mathiaz> jcastro: looking into the source code, your error code seems to be CENTERROR_DOMAINJOIN_NO_ETH_ITF_CFG_FILE
<jcastro> mathiaz: I just installed the package and tried to join via the cli command, I must have missed a configuration step someplace
 * jcastro failed to read documentation
#ubuntu-server 2008-02-08
<mathiaz> jdstrand: well... there isn't so much documentation. It should just work
<mathiaz> jcastro: ^^
<mathiaz> jcastro: obviously it doesn't...
<jcastro> mathiaz: I will confirm with the new ppa version tomorrow and get back to you
<jcastro> I have a few friends with AD/Linux setups and I just sent them a mail to get a hardy vm ready to test likewise.
<mathiaz> jcastro: awesome. That is going to be of great help.
<jcastro> mathiaz: I did AD integration in the past at my last job, and that was so painful I am taking an interest in getting feedback for this feature.
<antdedyet> any known new efforts going into the recent openness of the M$ Exchange protocol?
<antdedyet> Also, while I'm fishing for info ... Has there been sign of new efforts on the public domain release of DJB software?
<antdedyet> on the latter question, I've have not seen new events as of earlier today on a few of the qmail community pages.
<kgoetz> which protocol?
<antdedyet> kgoetz: looks like the licensing agreement was for Samba related communications only, not Exchange.
<kgoetz> antdedyet: as i understand it yeah :/
<antdedyet> The mental note on Exchange being opened was a wishlist during a conversation I had with a sysadmin buddy about the file and printer sharing protocols.
<antdedyet> We both hate Exchange, except he gave in so he could use the mobile PDA stuff.
 * antdedyet just uses an old brick for a phone
<^Elfboy> how do u kill a program when kill #### dont work
<antdedyet> ^Elfboy: "kill -9 $pid" doesn't work?
<^Elfboy> mark@thesource:~$ ps x
<^Elfboy>   PID TTY      STAT   TIME COMMAND
<^Elfboy>  3943 ?        S      0:00 ./psybnc
<^Elfboy> no
<^Elfboy> need the -9 ?
<kgoetz> in what way does it 'not work'?
<^Elfboy> ok
<^Elfboy> well i added it with the -9 and it work
<lando> anyone here know how to get an ubuntu server working with godaddy
<lando> im not sure if i need to install dns software
<^Elfboy> ok  how do i move 1 folder too another folder
<^Elfboy> in tem
<kgoetz> mv
<kgoetz> lando: 'working with'?
<^Elfboy> mv wiith foldername to other foldername
<lando> well.. i just bought a domain from godaddy... and im wondering if it is as simple as adding my ip to the godaddy domain management
<^Elfboy> like mv x to a
<seanh_> lando: what do you mean?
<seanh_> you want to use your box as a dns server?
<lando> no
<lando> i want to host my site from my box but have a godaddy domain name
<seanh_> if you're using godaddys dns servers then all you need on your server is apache
<seanh_> and probably a firewall
<faulkes-> lando: yes and no
<faulkes-> the A record will work
<faulkes-> the PTR record likely won't as that is assigned to provider specific DNS
<faulkes-> well, actually, the A record may create problems with lame delegations, I can't remember if bind only does that for PTR's though
<lando> mgm
<lando> i mean mhm
<faulkes-> so, for instance, if you try to send mail out via your domain, the reverse (ptr) won't resolve and many sites will reject the mail (although that is dependent on a number of factors)
<faulkes-> lame delegations though are generally more bothersome messages than drop dead non functioning issues
<lando> ah... u make no sense to me faulkes- ...
<lando> i have added my ip to the a record.
<kgoetz> lando: short answer is yes, but may not work as you expect
<faulkes-> correct
 * faulkes- is so glad he has access to a portable /23
<faulkes-> solves so many issues when you have your own ip space
<kgoetz> nice
<faulkes-> anyways, it's late here, so off to bed I go, night people
<kgoetz> later mate
<^Elfboy> man u guys are going to get sick of me
<^Elfboy> what would i need to get to show server info like hd ram and all that stuff
<kgoetz> theres a few tools.
<kgoetz> df -h/ free -m for example
<Iulian> It's more better to read the manula.
<Iulian> s/manula/manual
<^Elfboy> :)
<Iulian> Also I bet you didn't read the topic.
<^Elfboy> yes i did
<Iulian> Aww, by the way, good morning all.
<^Elfboy> lol
<Iulian> ^Elfboy: Then you should be fine :)
<Iulian> Yea, I just woke up.
<^Elfboy> and if ubuntu server use gentoo portage this wold be ezer:)
<Iulian> Ubuntu is ubuntu and gentoo is gentoo.
<^Elfboy> :)
 * Iulian *yawns*
<kgoetz> checking your ram is easier with portage?
<^Elfboy> i wnet with ubuntu server cose i did not fell like taking the time to set up netwoing and all that
<^Elfboy> everthing is ez
<^Elfboy> emerge is better the apt-get
<^Elfboy> :)
<kgoetz> *cough* troll
<^Elfboy> lol
<^Elfboy> i was just statin my point
<^Elfboy> :)
<^Elfboy> not "troll"
<^Elfboy> my server is ubuntu
<^Elfboy> for a reason
<pschulz01> Question about /etc/network/if-ip.d
<pschulz01> Do all of the scripts get called everytime an interface is brought up?
<Gargoyle> mormin all
<_ruben> g'day
<kraut> moin
<nijaba> hello
<Iulian> Hey
<ivoks> how about moving some parts of bacula to main, and leave some in universe?
<ivoks> like GUI console; we could leave that in universe
<spiekey> hello!
<spiekey> any comments how i best upgrade libnss_ldap on dapper to a higher version?
<spiekey> i need to get libnss_ldap version 245 on my box
<Kamping_Kaiser> you can try backporting, but it may be a bit core to backport safely
<spiekey> that sounds liek a real manual task?! :)
<Kamping_Kaiser> i expect it will be. (being part of libnss)
<spiekey> damn
<Kamping_Kaiser> spiekey, do you need 245 specifically?
<spiekey> anythign above would be fine
<Kamping_Kaiser> whats special about it?
<spiekey> i have this problem: http://osdir.com/ml/ldap.padl.nss/2006-09/msg00014.html
<Kamping_Kaiser> i suspect you'll have to go with option 1.
<Kamping_Kaiser> but hang around, someone else might know otherwise :)
<Kamping_Kaiser> night mate :)
<Kanashimi> Hey there. Trying to install bw_mod by compiling it with apxs2, I have apache2-prefork installed on the system as well as installed the apache2-prefork-dev package. When I try to load the module though I get the error: /usr/lib/apache2/modules/mod_bw.so: undefined symbol: apr_atomic_cas      Is there some additional dev package I need to still install?
<Kamping_Kaiser> Kanashimi, you have to install hte module against the source of the apache version you have installed
<Kamping_Kaiser> but really gnight ;)
<spiekey> Kamping_Kaiser: removing groups from nsswitch is not possible, whats the point in my ldap auth system then? ;)
<Kanashimi> Hmm, I'm using the normal apache2 package and the normal dev package.
<Kamping_Kaiser> spiekey, to auth users :)
<spiekey> only the bloody vmware seems to have problems with it
<Kamping_Kaiser> but i do understand what your saying
<Kanashimi> Good night though if you're on your way out.
<Kanashimi> Shouldn't the apache2 package and the dev package be the same given that both are of the most up to date version?
<soren> spiekey: Backporting the package is not that hard.
<soren> spiekey: I'm off to lunch now, I can help you afterwards.
<spiekey> thanks! That would be great!
<sigma_1234> where can i get the pdf version of the ubuntu server handbook?
<spiekey> http://www.google.de/search?hl=de&q=where+can+i+get+the+pdf+version+of+the+ubuntu+server+handbook%3F&btnG=Google-Suche&meta=
<sigma_1234> which link do you recommend from there?
<spiekey> i dunno :)
<sigma_1234> i found one for 6.10 . how different is the latest version?
<jjesse> i hate that i always miss these mtgs
<mathiaz> hi jjesse
<ScottK> jjesse: re your mail...  Yes.  We've defined some roles. We need to do more of it.
<jjesse> hello mathiaz and ScottK
<jjesse> yes i agree we ned to do more of it, wish i had more time to help and learn
 * faulkes- yawns
<faulkes-> time to grab a coffee
<ScottK> Hello jjesse
<dendrobates> jcastro: are you around?
<faulkes-> ScottK: the roles that have been defined, is this in a doc somewhere?
<mathiaz> faulkes-: on the GettingInvolved page
<ScottK> faulkes-: I have no idea.  I pay as little attention to documented process and procedure stuff as I can get away with.  mathiaz would be a better person to ask.
<faulkes-> ok, so just there
* ScottK changed the topic of #ubuntu-server to: Ubuntu Server discussion and support || For general (not server specific) support visit #ubuntu || Get involved: https://wiki.ubuntu.com/ServerTeam/GettingInvolved || Guide to asking questions on IRC: http://www.sabi.co.uk/Notes/linuxHelpAsk.html || Ask questions that get answered: http://www.catb.org/~esr/faqs/smart-questions.html ||  Be patient.  Don't ask to ask, just ask.  || server guide: https://help.ubuntu.com/7.10/server/C/ || https://wik
<ScottK> Urgh. Need to shorten it.
<mathiaz> ScottK: yeah... that'd be a good idea ;)
* ScottK changed the topic of #ubuntu-server to: Ubuntu Server discussion and support || For general (not server specific) support visit #ubuntu || Get involved: https://wiki.ubuntu.com/ServerTeam/GettingInvolved || Guide to asking questions on IRC: http://www.sabi.co.uk/Notes/linuxHelpAsk.html || http://www.catb.org/~esr/faqs/smart-questions.html ||  Be patient.  Don't ask to ask, just ask.  || server guide: https://help.ubuntu.com/7.10/server/C/ || https://wiki.ubuntu.com/ServerTeam
<ScottK> That fits.
<faulkes-> mathiaz: will do re: second draft to list and w/ your comments
<jcastro> dendrobates: yep
<sommer> jdstrand: around?
<jdstrand> yep
<sommer> I whipped up a short ufw section, and was wondering if you'd be willing to take a look at it?
<jdstrand> sure!
<jdstrand> wehere?
<sommer> it's pretty short, covers some examples from the man page
<sommer> cool, I can email it to you since I haven't committed it yet
<sommer> is it cool to send it to your address in lp?
<jdstrand> yep
<sommer> cool, thanks
<ScottK> jdstrand: Did you see what we did for the security status of clamav in Dapper today?
<jdstrand> ScottK: no
<ScottK> jdstrand: Look at the top line https://launchpad.net/ubuntu/+source/clamav/+publishinghistory
<ScottK> That wiped out at least a dozen CVEs.
<jdstrand> \o/
<jdstrand> that's fantastic
<ScottK> That was a multi-month project to get all the rdepends updated and testing.
<ScottK> testing/ed
<jdstrand> great! :)
<ScottK> If you want to show up and cheer for my core-dev application at the Tuesday tech board meeting ...
<jdstrand> I can cheer-- but you should know I'm not core-dev yet ;)
<jdstrand> keescook: is though
<jdstrand> s/://
<zul> ill bring my pom poms
<ScottK> Heh.
<jdstrand> ScottK: did you document all that went into that?  I'd be happy to look at it and comment (somewhat) intelligenty on it for core-dev
<ScottK> Yes I did
<ScottK> Just a sec for links
<ScottK> https://wiki.ubuntu.com/MOTU/Clamav?action=show https://launchpad.net/~ubuntu-clamav/+archive https://bugs.launchpad.net/ubuntu/dapper/+source/clamav/+bug/190187
<ubotu> Launchpad bug 190187 in clamav "Dapper clamav has multiple security issues that require upgrade to new version to fix" [High,Fix released]
<ScottK> That didn't work out very well
<ScottK> https://wiki.ubuntu.com/MOTU/Clamav?action=show - https://launchpad.net/~ubuntu-clamav/+archive - https://bugs.launchpad.net/ubuntu/dapper/+source/clamav/+bug/190187
<ScottK> I've removed the Dapper packages from the PPA because they are in the archive now, but they're listed in the bug.
<dendrobates> jcastro: when you tried likewise yesterday, was in on ubuntu-desktop or ubuntu server?
<jdstrand> ScottK: cool, I made a note of it and will read through it
<ScottK> jdstrand: Thanks.
<jdstrand> I may need reminding on Tuesday ;)
<ScottK> Got it.
<jcastro> dendrobates: desktop
<dendrobates> jcastro: there is a known bug when using network-manager.  Jerry is working on a fix.
<jcastro> dendrobates: ah ok, thanks.
<mathiaz> jdstrand: you can also stop by to support my core-dev application
<jdstrand> mathiaz: sure :)
<jdstrand> sommer: just read through your ufw section
<jdstrand> shall I respond here or in email?
<jdstrand> or diff?
<sommer> jdstrand: either works for me
<jdstrand> ok, how about here :)
<jdstrand> first-- thanks!
<sommer> np
<sommer> thank you
<jdstrand> your quote in the manpage doesn't format properly in yelp (on gutsy)
<jdstrand> that wasn't right
<jdstrand> your manpage quote isn't formatted properly in yelp
<jdstrand> (that's better)
<sommer> ya, I played with it a little to fit in the grey box
<sommer> there may be a better way to represent that... I didn't do too much digging
<jdstrand> this should be changed 'replace _port 22_ with _ssh_'
<jdstrand> to 'replace _22_ with _ssh_'
<jdstrand> ie 'port' is required in either case
<sommer> ah, I'll change that
<jdstrand> (it's only not required when using the simple syntax)
<jdstrand> two other ideas:
<sommer> sure
<jdstrand> 1. ufw will support custom rules in its /etc/ufw/*.rules files, so it is not mutually exclusive to iptables
<jdstrand> (ie you can add a NAT rule in there, but still use ufw for everything else if desired)
<jdstrand> 2. you might mention the 'ufw logging on' and 'ufw logging off' in the Logging section
<jdstrand> "If using, ufw..." or some such thing
<sommer> ya, I was thinking about that too :)
<jdstrand> I don't know if you want to use '1' or not, but the whole point of ufw is to make things easier, but without getting in the way of the admin
<sommer> I think it could be mentioned, maybe in context with the section on masquerading
<jdstrand> it has a robust way of dealing with chains and startup, so using just the files that are there without the cli would likely be quite useful for people
<sommer> gotcha, I'll make those adjustments
<sommer> thanks for the feedback, great stuff
<jdstrand> you are really good at docs, so keep up the good work.  another idea might be, since ufw is now installed by default, is to reorganize a bit
<jdstrand> that is up to you of course
<sommer> reorganize?  the firewall section?
<jdstrand> ie, if ufw were higher up, it would be easier to talk about the iptables rules on their own, or in the context of ufw
<jdstrand> Tools would like become 'Other Tools
<jdstrand> but then, maybe I am biased-- it's just an idea
 * jdstrand knows he is biased :)
<ScottK> jdstrand: We ought to think about backporting ufw when you think it's ready.
<sommer> sure, I'll take a look at it, I don't think the firewall section has really had any attention since it was first written
<jdstrand> ScottK: it works fine on gutsy
<jdstrand> it does need python 2.5 though
<ScottK> jdstrand: So feisty and edgy should worl
<ScottK> work
<jdstrand> there are just a couple of python 2.5 things, so going to dapper wouldn't be horrific...
<jdstrand> I'd have to think about that
<jdstrand> ScottK: I imagine once we get closer to hardy release, we can revisit backporting
<ScottK> sommer and jdstrand: One question I'm having right now is "I've got my iptables rules already, is UFW better or can I just ignore it"
<mathiaz> I agree with jdstrand idea to put ufw first in the documentation
<ScottK> jdstrand: Yes.  When you're ready.  Although backporting to Gutsy sooner is one way to get more testing.
<mathiaz> it's the default and preferred way to handle firewalling.
<jdstrand> ScottK: simple answer is if your firewall configuration is already working for you, don't change it
<mathiaz> presenting iptables later on for customization makes sense.
<jdstrand> (that is the sysadmin in me)
<sommer> mathiaz: agreed, I'll give it some lovin this weekend
<jdstrand> sommer: you may want to check out the /etc/ufw/*rules files to see how they work with custom rules
<sommer> jdstrand: sure
<jdstrand> sommer: the manpage only casually references it
<jdstrand> I can change that if needed
<sommer> jdstrand: I'll dig into them, but I think for now the man page covers them enough
<jdstrand> sommer: also, especially if talking about FORWARDing stuff, look in /etc/default/ufw
<sommer> roger that
<faulkes-> question: are there likely to be any interactions between ufw and virt support
<faulkes-> I know that at least in some cases, rules get added, such as with dnsmask and what not
<jdstrand> sommer: NAT and segmented network firewalling are not supported in the cli, but everything is in place to allow an admin to do this with the ufw chains
<faulkes-> so that virt networking (dhcp, other stuff) works
<jdstrand> faulkes-: how is it added?
<faulkes-> as I havent seen the virt stuff on gutsy yet, I know that at least on centos, when I boot up xen, rules get added to iptables to allow networking to the virtuals
<jdstrand> faulkes-: if just added to the INPUT chain, shouldn't be a problem
<jdstrand> the current chain setup is:
<faulkes-> iirc, no, it's not added to the input chain
<jdstrand> INPUT -> ufw-before-input -> ufw-user-input -> ufw-after-input -> policy of INPUT
<mathiaz> faulkes-: you may wanna check kvm in hardy to figure out how things are done
<jdstrand> faulkes-: testing in this regard would be great
<mathiaz> faulkes-: the state of virtualization in gutsy isn't going to change.
<mathiaz> faulkes-: it's on hardy that things can get fixed.
<jdstrand> but if you simply do -A INPUT, it traverse all those chains and if no match, then hits this rule
<faulkes-> http://paste.ubuntu.com/4356/
<faulkes-> that's from one of my centos boxen running xen's
<jdstrand> faulkes-: ufw currently doesn't do anything with FORWARD
<jdstrand> except set the policy in /etc/default/ufw
<faulkes-> granted, I should be comparing apples to apples
 * faulkes- nods
<jdstrand> faulkes-: flip that from 'DROP' to 'ACCEPT' and no worries
<jdstrand> but testing is great!
<faulkes-> was just a question because I know last meeting someone mentioned they needed to get dnsmasq working
<faulkes-> and other stuff, related to virt/kvm stuff
<faulkes-> and yes, testing would be great
<faulkes-> I'm working to try and get soe suitable hardware available on which I can do that
<faulkes-> s/soe/some
<jdstrand> faulkes-: ufw doesn't help, but it also doesn't hinder in this regard
 * faulkes- nods
<jdstrand> (I forgot to mention, you'd need to flip ip_forward in the normal way)
 * faulkes- nods
<jdstrand> sommer: oh, not sure if it's worth mentioning in the docs, but ufw also supports ipv6
<sommer> jdstrand: ya, I thought about that, but personally I have 0 experience with it... been meaning to setup up an ipv6 network :-)
<sommer> I'll add something about it
<jdstrand> I have 1 experience
<jdstrand> heh
<sommer> personally I think it's just a myth... ;-)
<jdstrand> I got a bug report on it
<jdstrand> there is at least 1 user
<sommer> heh, but it didn't work for him?
<faulkes-> yes, I was here when he was encountering the issue iirc
<jdstrand> no-- but I didn't expect it to when he filed
<ScottK> I know at least one person running a Debian Lenny server on IPv6 without issue.
<ScottK> All the stuff I'm upstream for I wrote to work equally well with IPv6 (although I've no proof it does).
<ScottK> For Hardy, but LTS, we really do need to be thinking IPv6.
 * faulkes- would concur
<sommer> it always seems like one of those things that people mean to do, but until they are forced to it's just put off
<sommer> or maybe it's just me...
<faulkes-> sommer: no, it's not just you
<ScottK> Well the forced to part is likely to come up during Hardy's lifetime.
<faulkes-> although the root servers recently started ipv6 support
<ScottK> Some, not all.
 * jdstrand was truly planning to implement it, and had various hooks to do it, but the report came in too soon ;)
<faulkes-> yes, some not all of the root servers
<faulkes-> I think what we're saying is that we want to be forward looking on the ipv6 issue, rather than reacting to it
<faulkes-> just my opinion though
 * jdstrand nods
<faulkes-> iirc isn't there a mandated switch-over to ipv6 for the u.s. gov?
<ScottK> "You don't need to become an expert in IPv6 stuff to be safe if you use UFW." would be a killer angle for uptake.
<jdstrand> heheh
<jdstrand> easy there-- it only handles firewalling
<faulkes-> ease of use tends to trump most cards
<ScottK> Right.
<faulkes-> jdstrand: just you wait, we'll have it replacing init and xinetd as well
<ScottK> But from an IPv4/6 security perspective I'd think firewall is the key thing I have to figure out.
<faulkes-> but I agree with ScottK, it is a killer angle which would help adoption
<ScottK> jdstrand: Do you support rate limiting?
<jdstrand> ScottK: no qos type stuff yet
<jdstrand> hardy+1
<jdstrand> (or more)
<jdstrand> the backend is not much more than iptables-retore stype stuff
<ScottK> I was thinking iptables type stuff.
<jdstrand> there is software that already does a lot of this other stuff
<jdstrand> (eg shorewall)
<jdstrand> but that software is itself not super easy to get going
<jdstrand> so I wrote ufw in such a way that switching out the backend would not be too difficult, if a more fully featured backend that existed could be used
<ScottK> http://paste.ubuntu-nl.org/55267/ is what I use to keep ssh dictionary attackers from knocking on my door for to long
<ScottK> I think that's sensible without the rest of the script.
<jdstrand> sure
<jdstrand> drop that into /etc/ufw/before.rules (adjust the -A INPUT) and voila
<incorrect> i am debating if i should build myself a custom kernel for my game server using pre-emptive and high res timer
<ScottK> Obviously that doesn't scale for boxes that lots of people have shell access to, but for the case where it's a small number of admins, it's an easy win.
<incorrect> i am also debating about using the 2.6.24 kernel
<faulkes-> ScottK: have you considered denyhosts?
<faulkes-> although it's more general purpose in nature, it's what I use for dictionary based stuff
<ScottK> faulkes-: I did.  For my purposes 4 lines in iptables did what I needed, so no need to actually install an entire package and add low level complexit.
 * faulkes- nods
<leonel> ScottK: I have that too  but I've added  fail2ban  to block the  smtp auth  attempts
<ScottK> I rate limit smtp auth attempts in postfix.
<ScottK> heya leonel.  Thanks again for all your help on clamav.  We'd not have Dapper up to date now without your help.
<incorrect> anyone know where i can get the server config from without having to install?
<leonel> ScottK:  no, thank you !
<mathiaz> incorrect: it should be in the git tree on kernel.ubuntu.com
<mathiaz> incorrect: you can also install the binary package and the config will be under /boot
<incorrect> without having to install :)
<mathiaz> incorrect: there isn't any need to download the source deb.
<mathiaz> incorrect: well - you can get the deb and extract the config file from it
<incorrect> i am looking at building a 2.6.24 kernel
<incorrect> seems to have some good features
<incorrect> just wanted to make sure i don't spend hours tweaking
<leonel> ScottK: was a great job with clamav  thank you
<ScottK> leonel: You're welcome.
<incorrect> linux-image-server_2.6.22.14.21_amd64.deb doesn't contain a kernel
<danp> is it possible to cross-compile packages for amd64 on an i386 xen guest?
<ivoks> zul: here?
<ivoks> zul: i'm already rewriting bacula's make_catalog_backup
<ScottK> ivoks: Did you see my mail to the server ML about amavisd-new?
 * antdedyet wonders if he will ever find reason to use anything other then backuppc for backups
<danp> hmm, i guess not
<danp> my test didn't go so well
<ivoks> ScottK: yes
<ScottK> ivoks: OK.  Over to you now then for tasksel update.
<danp> it seems i would need to be able to run x86_64-linux-gnu-gcc
<ivoks> antdedyet: backup of 15TB of data
<ivoks> backuppc is just a fancy name for rsync script every unix admin already has :D
<ivoks> ScottK: i'll update it during this week
<danp> i tried "RESTORE" the other day. it took 30 minutes to copy 400M
<ScottK> ivoks: Great.
<antdedyet> ivoks: what about bacula allows you to do 15TB where backuppc would not?
<ivoks> antdedyet: it stores on tapes
<faulkes-> and tapes can be taken off-site, stored in a safe place in case of emergency
<ScottK> antdedyet: ivoks has 6 days until feature freeze.  Please distract him after that. ;-)
<antdedyet> ivoks: oh, yuck. :( I had enough of tape storage with StorageTEK PowderHorns :(
<antdedyet> ScottK: ah, ok :)
<faulkes-> or, if you are the goverment, lost with all your information on them
<antdedyet> faulkes-: nothing wrong with storing an on-disk backup server off-site.
<faulkes-> if you have the bandwidth to regularly backup 15TB, go for it
<antdedyet> faulkes-: incremental backups!
<antdedyet> Anyway. :)
<antdedyet> I will try out bacula when someone forks over tape drive.
<antdedyet> I am interested in the mentoring program when you guys get something set in stone, btw
<ScottK> faulkes-: Did you mean for your reply to my forums message to go to me or the ML?
<faulkes-> hmmm, I may have just hit reply, i did mean for it to go to the ML
<ScottK> It didn't go there.
 * faulkes- nods
 * faulkes- will fix
<mathiaz> antdedyet: I'd love to here what you'd expect from such a program (if you reply to my email that would be great as I'm heading soon)
<faulkes-> thanks for the headsup
<antdedyet> mathiaz: sure thing; I will convert from lurker into activist. :)
 * ScottK is a huge fan of mail clients with "Reply to List".
<faulkes-> well, I keep mail seperated for a number of things
<faulkes-> normally I just use mutt
<ScottK> Right, I keep mine separate too.  If I'm in the ML folders, I always hit reply to list (except of course when I don't).
<ivoks> man... i love python
<ivoks> best thing since wheel
<nxvl_work> ScottK: which mail client did you use?
<ScottK> Kmail
<nxvl_work> mm
<nxvl_work> not a big fan of qt
<nxvl_work> :P
 * ScottK is not a fan at all of Gnome. So there you are.
<ivoks> mathiaz: i'll rewrite make_catalog_backup, new script will read bacula's config and wound't need to get username and password as arguments
<ivoks> only name of catalog
<mathiaz> ivoks: seems like a good option to me.
<ivoks> it kind of pita to setup cause bacula's config can have multiple catalogs and spaces make no differens (nor do lower/uper casse latters), but it should be done in couple of hours
<zul> ivoks: sweet
<ivoks> i got it! :)
#ubuntu-server 2008-02-09
<c1|freaky> does anyone know of a real good groupware? (just not eGroupware?)
<soulc> ummmm yeah just dumped fc7 for ubuntu server
<soulc> proper install for web server/ mysql php etc is LAMP?  and will I still have the mail options?
<faulkes-> soulc: you can choose a lamp install that will include mail
<faulkes-> typically that being postfix
<soulc> good I am tired of sendmail
<faulkes-> awww, come on now, whats not to love about m4 and mc files ;)
<soulc> ha ha ha
<soulc> tired of the spoofed spam just so I can have email
<soulc> so I am reinstalling
<soulc> how do I tell the installer that I don't want dhcp
<ScottK> IIRC have dhcp not be available.  It's easy enough to reconfigure later, I wouldn't sweat it.
<soulc> so how do I configure network settings then I got it up and runnering
<ScottK> By editing /etc/network/interfaces
<soulc> and where is the cgi-bin dir?
<soulc> ok
<soulc> thanks I am used to fc
<ScottK> No problem.
<ScottK> I think /var/www somewhere, but I'm a mail server guy.
<soulc> auto eth0 is running dhcp right
<ScottK> As far as mail servers go, Postfix is what is primarily supported, but packages for all the popular open source MTAs are in the repositories.
<ScottK> Yes
<soulc> so if I set it as inet
<ScottK> Here's a working static config http://paste.ubuntu-nl.org/55309/
<soulc> thanks
<lamont> ScottK: still awake?
<ScottK> Yeah
<lamont> 345047 == please discover ipv6 configured networks
<lamont> sigh
 * ScottK looks
<ScottK> lamont: I thougth we tested this one and it was fine.
<lamont> ah, /me looks at the debdiff
<ScottK> That's the one that you coached me through removing IPv6 support from my kernel to make sure it was still harmless.
<lamont> ah, right
<lamont> so specifying ::1 when the system had no ipv6 just meant that it ignored it, yes?
<ScottK> Yes
<ScottK> It just never matches anything
<lamont> sadly, that breaks all the po-files.   Time to find all the other templates changes so we  can have a more complete time.
<ScottK> Ahhhh .... how does that happen?
<ScottK> lamont: That sounds painful then.  I'd guess we want to do that one a little later then.
<soulc> :wq
<soulc> er
<soulc> ha ha ha
<lamont> ScottK: 433660 is more one of me just not wanting to deal with complicating things...
<lamont> how common is multiple instances, I wonder?
<ScottK> It's extremely useful for complex setups.
<ScottK> I don't think there's much you can do with it that you can't do with shoving stuff around in main.cf and master,cf, but eventually complexit there will get you.
<ScottK> Multiple instances is, I think, something you want to wait for Weitse to be happy with.
<ScottK> Victor Duchovni has had a multiple instance patch that he was working to get into 2.4 and 2.5.  It didn't get in.  I have to assume there's a reason.
<ScottK> lamont: ^^^
<lamont> oh, most certainly
<lamont> ScottK: 153706... I'm wondering if maybe the right answer there is to add to the manpage that queue ids are case sensitive...  mebbe I'll just ask upstream about that...
<ScottK> lamont: I think logging failure to find anything is a reasonable request.
<lamont> yeah.  likewise, knowing that queueids could be case-insensitive would allow us to DTRT
<ScottK> lamont: True, it wouldn't hurt to add it to the man page, but I think logging the failure to find the specified queue id is more important.
<ScottK> I'd go for both.
<ScottK> lamont: I need to get to bed.  Please shoot me /msg or email if you want me to take action on my bug triaging suggestions.
<ScottK> lamont: Good night and good luck.
<lamont> ok
<lamont> thanks, btw
<ScottK> You're welcome.
<Iulian> G'morning
<soulc> so does cgi-bin install with the apache server?
<kraut> moin
<sweeties> Hello
<sweeties> I am trying to upgrade from 6.10 to 7.04 but the docs say to install update-manager-core, but I can't find that package
<sweeties> ?
<sweeties> I've checked my repositories
<sweeties> and aside from the fact that they are pointing to canadian mirrors, I don't see anything bad
<Iulian> Blah
<CaptObvious> any ideas how I'd get vesafb-tng going?  is it a module that's included in the server distro by default?
<soso__fat> è¯·æï¼U7.1æå¡å¨ ï¼å¦ä½å®è£raid5ä¸äº
<soso__fat> HP350
<soso__fat> éåå¡ï¼æ¯HP5XXç
<soso__fat> 04å¹´çå¡
<CaptObvious> soso__fat: you're unlikely to get chinese speakers in here
<soso__fat> my englishi ,is very very poor
<Iulian> soso__fat: You should try.
<Iulian> translate.google.com is awesome, afaik
<CaptObvious> not sure it does chinese
<Iulian> CaptObvious: There are a lot of languages, including Chinese
<CaptObvious> cool, didn't know that
<CaptObvious> Iulian: any ideas how I'd get vesafb-tng working in the server distro?
<soso__fat> how install ubuntu-server7 on raid 5?
<soso__fat> I search google,but .......
<soulc> yo all
<soulc> I have a 22" wide screen monitor and would like to set my terminal to a higher res I think that the default vid driver is limited I have tried editing the grub menu to add vga=792 or 791 but no dice
<mok0> soso__fat: I am not sure that the installer supports raid
<mok0> soso__fat: but you can try the alternate CD
<soulc> how do I install a better vid driver don't really want all of the xwindows running so I am limited to the command line
<soulc> which is fine I just don't know how to do these things in ubuntu as I used to run fc7
<mok0> soulc: you might try dpkg --configure xorg
<soulc> which of course installed and ran EVERTHING
<soulc> er
<soso__fat> thanks
<mok0> soso__fat: come back and ask again if it doesn't work
<soulc> if that installs xwindows I really don't want it
<mok0> soulc: You don't want x-windows?
<soulc> nope
<soulc> I would prefer not to have all that running
<mok0> soulc: you just want a higher resolution on the console?
<soulc> yes
<mok0> Hm
<soulc> and for some reason vga=792 doesn't work
<mok0> soulc: it can be done, I don't know how
<soso__fat> ok
<soulc> thanks
<mok0> soulc: Did any of the other resolutions work?
<soulc> well I can change that later as I am ssh'd from my desktop
<soulc> how about the cgi-bin dir
<soulc> know where or if it was installed?
<mok0> soulc: perhaps your monitor doesn't want to switch to that resolution
<soulc> did it before in fc*
<soulc> I think it is the driver
<mok0> soulc: cgi-bin is in /usr/lib
<soulc> ah
<soulc> thanks
<mok0> dpkg -S cgi-bin
<soulc> and what does that do?
<mok0> soulc: it lists all packages that contain something with cgi-bin
<soulc> ah
<mok0> soulc: somewhat like rpm -qf :-)
<soulc> ah
<soulc> ok
<soulc> damn I have a lot to learn
<mok0> soulc: except it is a pattern search
<mok0> soulc: not really
<mok0> I switched from centos w/o problems
<soulc> well I need to learn how to configure postfix, and where config files are
<mok0>  /etc/mail
<soulc> like httpd
<mok0> yep
<mok0>  /etc/apache2
<soulc> thanks
<mok0> np
<faulkes-> soulc: there are several good guides on help.ubuntu.com for setting up postfix that will help yo familiarize yourself with it
<soulc> ok good deal
<soulc> so is the web server set up as a virtualhost?
<soulc> is that site help.ubuntu.com have server specific documentation?
<soulc> I wish there was a standard naming convention for apache etc
<faulkes-> yes, there is server specific documentation there
<faulkes-> iirc, help.ubuntu.com/community/Servers
<faulkes-> is community howoto information
<faulkes-> you can also find the official server guide there as well
<soulc> thanks
<ScottK> mok0 and soulc: In Debian/Ubuntu postfix config files are in /etc/postfix.
<mok0> ScottK: You're right, sorry soulc
<mok0> Just goes to show the deterioration of my memory span. I was fooling around with postfix configuration a week ago
<ScottK> mok0: Do you have updated torque packages yet?
<ScottK> (from my last round of comments)
<mok0> ScottK: no, not yet
<mok0> ScottK: there's an awful lot of linitan warnings all of a sudden
<ScottK> Are we going to?  Not much time left.
<ScottK> mok0: Newer lintian is more pedantic probably.
<mok0> ScottK: I'd like that
<ScottK> If you want to pastebin me the list of ones you're still sorting out, I'd let you know which ones I think we can live with for now.
<mok0> ScottK: There were some warnings about conffiles that I need to work out
<mok0> ScottK: ... and I have to implement a chrpath cleaning of the binaries
<mok0> http://pastebin.ubuntu.com/4378/
 * ScottK looks
<ScottK> debian-changelog-file-is-a-symlink can be ignored.  That's due to Ubuntu specific changes to CDBS to save space on the CD.
<mok0> ScottK: ok
<mok0> ScottK: I hope we can skip the manpage warnings
<mok0> ScottK: the ones that are missing a manpage are not really used, perhaps for testing and stuff
<ScottK> You should fix the formatting errors.
<zobbo> if there a mailing list or rss feed where I can easily see updates that I'll get when I'm doing an upgrade for 7.10 Server ?
<ScottK> The conffile ones must be fixed before the first upload
<ScottK> zobbo: http://media.ubuntu-nl.org/rss/hardy.xml
<mok0> ScottK: yes, they are actual errors
<mok0> s/hardy/gutsy
<zobbo> ScottK: many thanks
<ScottK> mok0: setuid-binary is on purpose I assume?  If so, add an over-ride for it.
<zobbo> mok0: I guessed ;) - but ta
<mok0> ScottK: I have done that, but not tested yet
<ScottK> OK
<mok0> ScottK: (it needs to be suid)
<ScottK> OK.  Then add an over-ride
<ScottK> rpath I'm really not sure about.
<ScottK> If you can add the over-ride, fix the conffile stuff, and the man page typos, I think it's worth looking at uploading.
<mok0> ScottK: well, they're all pointing to /usr/lib, so it shouldn't matter. But they are not allowed cf. policy, afaics
<ScottK> So I don't know that it blocks an initial upload, but could be bug fixed after.
<mok0> ScottK: Great, I will see if I can get it done after dinner
<mok0> ScottK: I'm glad the courier merge went well
<ScottK> It was much better when I applied the patch to the right version ...
<mok0> ScottK: Fortunately (for me) I checked that it worked before uploading. But suddenly I feared I made the patch against the wrong sources
<ScottK> Which is always a good practice.
<mok0> ScottK: I could not use debdiff, because dpkg-buildpackage does strange things to the *.po files (?)
<ScottK> I've been doing more Main work recently and I've had to start making debdiffs again as a result.
<ScottK> mok0: Yes.  It's an issue that really deserves investigation, but I've never have time.
<mok0> ScottK: Just as long as the LoCo teams submit their updates to Debian it will be ok to ignore them :-)
<ScottK> Unfortunately Debian and Ubuntu have very different translation workflows and it's very hard to give updated translations back.
<mok0> ScottK: Oh, I see...
<ScottK> We don't use the Debian tools at all.  It's all magic in Rosetta here.
<mok0> ScottK: I tried to copy the po files from debian to the ubuntu tree, build packages from both trees and suddenly there were diffs in the po files
<ScottK> Which does point at dpkg-buildpackage.
<mok0> ScottK: Indeed
<lamont> the lintian bitching about libraries is unsurprising... personally, I'm waiting for the lintian-library police to tell me how to fix my package.
<lamont> since it's not immediately obvious
<ScottK> ;-)
<mok0> lamont: what's the bitching about?
<lamont> somethign of the form "links with library that it doesn't use"
<ScottK> Yeah.  I've been ignoring those too.
<mok0> lamont: I've seen that.
<ScottK> Though to be a bit pedantic the blame there lies with dpkg-shlibdeps and not lintian.
<mok0> lamont: It's probably because the shared library is linked to libm, say. That you can do as a convinience so people don't need to know all the dependencies of the library
<ScottK> If we're gonna bitch, we ought to have the right targe.
<lamont> ScottK: it's not lintian.  it's generally that you link with a library that links with some other library
<ScottK> Ah.
<lamont> which was the result of the _previous_ round of library bitching (not linking with libs that you use)
<mok0> lamont: perhaps you should try updating your version of libtool
<ScottK> lamont: Are you going to upload 2.5.1~rc1 to Ubuntu?
<lamont> mok0: you're presupposing that my package uses libtool
<mok0> lamont: yes, isn't it?
<lamont> ScottK: yeah - I plan to sync it after today's dinstall
<ScottK> Great.
<lamont> mok0: no
<mok0> lamont: ugh
<lamont> if upstream uses libtool, I don't revert it.  if upstream doesn't, I stay as far from that festering pile of garbage as I can
<lamont> which is pretty much the same way I deal with auto-crap
<mok0> lamont: harsh words on a saturday...
<lamont> mok0: well, maybe I'm just old and crufty and not fully awake yet...
<lamont> afterall, it's not even 10AM here.
<mok0> lamont: :-)
<mok0> lamont: 18:00 here...
<lamont> ScottK: btw, logcheck winds up way out-of-date with 2.5.
<lamont> hrm.. come to think of it, most of my packages are old and crufty too.
<faulkes-> don't be hating on us old people
<faulkes-> we'll make you get off our lawns.
<lamont> LOPL
<lamont> LOL, too
 * faulkes- wanders off muttering about "damn punk kids" and "newfangled internets"
<ScottK> lamont: Well since it's a native Debian thing, they getter get moving then.
<lamont> ScottK: well, there's also this longstanding agreement with the logcheck guys that some day postfix will start delivering those files... maybe this is a good point to start that
<faulkes-> quick question
<faulkes-> n/m, answered it myself
<ScottK> That was quick.
<zobbo> it is possible to easily determine (or even not easily I guess, but must be scriptable) the last date an update and upgrade was successfully completed ?
<zobbo> ignore that
<zobbo> let me google for a bit
<ScottK> The answer to your question is yes btw.
<zobbo> :)
<zobbo> hmmm
<faulkes-> ScottK: occassionally my brain works in fast mode, not often mind you
<ScottK> ;-)
<faulkes-> guess the gerbil drank his caffeine this morning
<zobbo> hmmm ... well - the best I've found so far is /var/log/apt/term.log ... but that's basically a full text log and I'd have to search through it to see if an upgrade occurred
<faulkes-> zobbo: if the file is only written too when an update occurs, then you only need to look at the time the file was modified
<faulkes->  /var/log/dpkg.log might be a better option
<zobbo> faulkes-: thanks for the help. Problem I can see is that if I install an app as a one off (e.g. i just installed vim), that log file is updated then as well, but obviously the system is not upgraded
<zobbo> I could just run a cron script every hour to grep through that and set a time somewhere, if it sees an upgrade happening
<zobbo> or I could have a beer I guess
<faulkes-> true, and my many years of experience would suggest, the appropriate course of action, would be to start drinking
<ScottK> zobbo: What problem are you trying to solve?
<faulkes-> <zobbo> it is possible to easily determine (or even not easily I guess, but must be scriptable) the last date an
<faulkes-> update and upgrade was successfully completed ?
<zobbo> I've got 170 boxes and I want to be able to see from a central server the last time an "apt-get upgrade" was performed on them
<zobbo> I can handle the central server bit if I can find out how to get the info from each box
<ScottK> zobbo: /var/log/auth* files ought to have that because you need elevated permissions to execute the command.
<zobbo> so grep through that (or dpkg) and look for upgrades and write that info elsewhere ?
<zobbo> I guess I could tie that in with zabbix
<ScottK> That or have the script mail the results to the central server and parse the message there.
<zobbo> ScottK/faulkes thanks for the thoughts and help
<zobbo> I'll let you know how I get on (in about 3 months time at this rate ;) )
<ScottK> zobbo: You're welcome.
<faulkes-> hmm, coffee sounds good about now
<jondowd> hello. after installing 6.06 lts, what is the terminal or cli command to perform security updates? thanks.
<ScottK> jondowd: sudo apt-get update
<ScottK> jondowd: sudo apt-get upgrade
<jondowd> thanks ScottK - will those commands bring more packages than are needed for security reasons? is there a way to get just the 'security' updates (if there is such a distinction)?
<ScottK> That will bring both security updates and stable release bugfixes.  It will not bring general package upates
<ScottK> There is a distinction and you can edit /etc/apt/sources.list to not have the updates repository enabled, but I strongly suggest you don't do that.
<ScottK> stable updates are tested carefully before upload.
<ScottK> Additionally, it does happen that security issues get swept into update packages.
<jondowd> ok. I'll do what you recommend - thanks for your help
<jondowd> one problem i want to avoid is that in 2.6.22-14-server i get occaisional network failure, so I'm down-grading to 6.06
<jondowd> as in "Bug description [edit]
<jondowd> Binary package hint: linux-source-2.6.20
<jondowd> With linux 2.6.19 and 2.6.20 the network breaks every now and then (might be after some minutes or hours) and the /var/log/messages log mentions "NETDEV WATCHDOG: eth1: transmit timed out".
<jondowd> From /var/log/syslog:
<jondowd> "...
<jondowd> NETDEV WATCHDOG: eth1: transmit timed out
<jondowd> eth1: Tx timed out, lost interrupt? TSR=0x3, ISR=0x3, t=356."
<faulkes-> the issue could very much depend on the card driver
<faulkes-> do you know what card is in eth1?
<ScottK> jondowd: You have to do a lot more than apt-get upgrade to get to a new release.  Don't worry about that.
<jondowd> per-fect ! (my download of ubuntu-6.06.2-server-amd64.iso is at about 94%) thanks again!
<[diablo]> evening guys
<[diablo]> does anyone know if the 6.06.2 release fixes the gfxboot issue for KVM guests please?
<[diablo]> found that soooo frustrating
<ivoks> no
<ivoks> but that's easily avoidable
<[diablo]> hi ivoks
<[diablo]> ivoks, yeah I know... just remaster the cd
<ivoks> or use qemu
<[diablo]> pfff
<[diablo]> blow that
<[diablo]> the installation takes for ever
<[diablo]> remastering is quicker
<ivoks> well, with kqemu, should be enough for install
<[diablo]> nod
<[diablo]> that's true, but I don't run kqemu
<[diablo]> just kvm
<[diablo]> actually I personally feel that this gfxboot issue should have been fixed for 6.06.2
<[diablo]> would have been so simple
<ivoks> it's not gfxboot issue
<ivoks> but a kvm issue
<[diablo]> no
<[diablo]> well
<[diablo]> erm
<[diablo]> a bit of both
<[diablo]> I know it's been fixed in 8.04 alpha's
<[diablo]> actually it works great in a kvm-60 guest
<hsn_> !db2
<ubotu> Sorry, I don't know anything about db2 - try searching on http://ubotu.ubuntu-nl.org/factoids.cgi
<hsn_> !package db2exc
<ubotu> Sorry, I don't know anything about package db2exc - try searching on http://ubotu.ubuntu-nl.org/factoids.cgi
<ScottK> hsn_: It's in the partner repository
<hsn_> how to add it?
<ScottK> edit /etc/apt/sources.list  It'll be called commercial or partner depending on which release you are on.
<hsn_> ah found it
<[diablo]> btw, 6.06.2 DOES fix the kvm gfxboot issue
<[diablo]> !
#ubuntu-server 2008-02-10
<[diablo]> ok GOOD
<[diablo]> perfect
<[diablo]> guest installed and all working
<mok0> [diablo]: congrats
<[diablo]> cheers
<[diablo]> I was pushing and pushing about getting the kvm issue sorted
<mok0> [diablo]: the main thing is getting the newest version
<[diablo]> nod
<[diablo]> I wish Zimbra would bang out a x64 release
<mok0> [diablo]: i've pledged with soren to get it backported
<mok0> [diablo]: it works on amd64
<[diablo]> mok0, Zimbra?
<mok0> [diablo]: No, kvm ,sorry
<[diablo]> ah
<[diablo]> jeje
 * mok0 doesn't know what Zimbra is
<[diablo]> http://www.zimbra.com/
<[diablo]> damn good it is too
 * mok0 looks
<mok0> Ah, cool
<mok0> why do you need 64 bits to run a calender service?
<[diablo]> their packages are only 32bit
<mok0> [diablo]: you're not gonna live that long :-)
 * [diablo] is eternal
<mok0> hehe
<[diablo]> damn, this new 6.06 release really is preforming well as a guest wow
<mok0> is zimbra packaged+
<[diablo]> yep
<[diablo]> on their site
<[diablo]> real easy install too
<[diablo]> minutes
<[diablo]> like 5-10 minute setup
<mok0> [diablo]: don't forget to set the mac_addr if you are going to run more than 1 guest with network access
<[diablo]> mok0, I've been using kvm for many months now
<mok0> [diablo]: Are you using Ubuntu JeOS?
<[diablo]> JeOS?
<mok0> Yeah, special version for virtualized machines
<[diablo]> nope
<mok0> Try it
<[diablo]> why would I need it tho? KVM supports unmodified guests
<mok0> [diablo]: but you can only run gutsy or higher
<[diablo]> no
<[diablo]> I'm running 6.06
<mok0> Because the kernel is optimized for virtualization
<mok0> It runs notick mode
<mok0> and throttling
<[diablo]> I have a quadcore with 7.10 running a vanilla 2.6.24.1 kernel, with KVM-60 and any guests ranging from XP, vista and everything else
<mok0> and without a whole bunch of modules you don't need.
<mok0> Wow
<mok0> You're not supposed to run Vista in a virtual machine unless you havet he PRO license.
<mok0> ;-)
<[diablo]> mok0, pfff :P
<dantalizing> correction... you're not supposed to run Vist
<[diablo]> jajaaa
<dantalizing> a
<mok0> hehe
<[diablo]> also your not supposed to download Vista with SP1 intergrated off tpb :)
<mok0> So, how does it run?
<[diablo]> like lightning
<[diablo]> but I have a dedicated 500GB for guests
<mok0> Power of Linux
<[diablo]> also it's partitioned, not images
<mok0> I'd like to see you run Mac OS X
<[diablo]> I do
<[diablo]> on my laptop
<[diablo]> uphuck
<[diablo]> http://tinyurl.com/32gfgn
<[diablo]> check that
 * mok0 looks
<[diablo]> mok0, nice eh ;-)
<mok0> I see vista, but not mac os X?
<[diablo]> thats cos this is my desktop
<[diablo]> not my laptop
<mok0> Yeah, it is nice
<mok0> Ah
<mok0> Very, very nice
<[diablo]> I said, my laptop has OSX on it...
<[diablo]> brb, sm0k3
<[diablo]> -rw-r--r-- 1 jagger jagger 2621407232 2008-01-25 22:35 iATKOS_v1.0ir2.iso
<[diablo]> you want that mok0 ;-)
<mok0> [diablo]: Thx, but I have no need
<mok0> [diablo]: check out: http://www.ubuntu.com/products/whatisubuntu/serveredition/jeos
<[diablo]> mok0, iATKOS is uphucks release of OSX
<mok0> I thought it was vista :-)
<mok0> [diablo]: so, you run this on your linux box in kvm?
<mok0> laptop
<[diablo]> no
<[diablo]> I have the lappy dual booting
<[diablo]> OSX and Ubuntu
<mok0> cool
<[diablo]> not really
<mok0> Why is that?
<[diablo]> well, nothing special
<[diablo]> I use Ubuntu more
<[diablo]> was done more of because it could be
<quitte> hi. i just read the servercandy wiki page and wanted to ask about the status of te ssl certificates. does ubuntu have some tool for  central certificate management?
<antdedyet> ~[6~[6~[6~/win /win 1
 * antdedyet waves from his laggy evdo connection
<soren> antdedyet: "evdo"
<antdedyet> soren: "Evolution-Data Optimized"
<antdedyet> There isn't any high-speed wired internet where I live now. Gonna have to start bringing technology companies here so there will be.
<soren> Never heard of it.. Oh, well :)
<antdedyet> I'm off to bed... the wife has been trying to get me to sleep for hours.
<soren> Alright. Good night :)
 * Kamping_Kaiser wonders where 'here' is
<soren> It's right over there..
 * soren points
<soren> See?
<Kamping_Kaiser> ah whoops!. i was looking over here *gestures*
<rebugger> hi, ive got a 6.06.2 server in my vm and i want to upgrade it to gutsy - do i have to run dapper=>edgy=>feisty=>gutsy or is there a short "dapper=>gutsy"-way?
<rebugger> btw: i changed the sources.list (dapper=>gutsy), but on "dist-upgrade" he es unsolved problems with mdadm, startup-tasks, ...,upstart
<lionel> rebugger: officially, you have to go through dapper=>edgy=>feisty=>gutsy
<lionel> with some hand work, you can probabily jum some steps
<lionel> I never tried myself
<rebugger> mh, allright - ill give the dapper=>gutsy-way a try (its just a vm ^^)
<lionel> yeah, maybe you should dapper=>edgy=>gutsy at least (to get upstart in a good state with edgy upgrade)
<rebugger> mh
<rebugger> im thinking of getting a vserver... the support ubuntu (6.06) and debian (4) - im with ubuntu, but would like to upgrade to gutsy for newer packages... so i really hope, it will work in the vm so i can try it later on the vserver
<theunixgeek> would anyone care to click a link to help me check if my server works? :)
<rebugger> theunixgeek: give it
<theunixgeek> rebugger: http://192.168.1.101/
<rebugger> thats a local ip
<rebugger> you have to give me the public ip
<theunixgeek> rebugger: How do I get a global IP then?
<rebugger> first: you have to port-forward the port 80 from your router to your pc
<rebugger> second: http://www.whatsmyip.org/
<rebugger> there you can read your public ip
<theunixgeek> rebugger: 71.203.10.251
<theunixgeek> http://71.203.10.251/
<rebugger> istn responding - have you forwarded port 80 to your pc?
<theunixgeek> How do I do that?
<theunixgeek> google :)
<rebugger> in your router-configmenu
<theunixgeek> rebugger: should I install router-configmenu?
<rebugger> no
<rebugger> you are sitting on your pc
<rebugger> (i guess)
<rebugger> and your pc is connected to your router (that little box, which gives you internet-access)
<theunixgeek> yes
<theunixgeek> I know what a router is :P
<rebugger> ;) then go to the configmenu of your router (maybe: http://192.168.1.1 ? )
<rebugger> and look for "NAT" or "portforwarding" (maybe a submenu of "internet" or somethink like that)
<theunixgeek> I don't know my username and password :S is that the wireless network (username) and its password?
<rebugger> no it isnt - if you dont know username and password then you are "fucked" ^^ ask mom and dad ^^ anyone who set that router up
<theunixgeek> rebugger: what if the people who set it up don't know the username/password either?
<theunixgeek> rebugger: is there any other way to forward port 80 to my computer?
<rebugger> then you have to find a way to reset the router, configure it again (internet details, etc)
<rebugger> no
<rebugger> there isnt
<theunixgeek> what about iptables?
<rebugger> [17:32:12] <rebugger> there isnt
<rebugger> if the router blocks incoming traffic on port 80 - there is no way to get to your pc
<theunixgeek> :(
<rebugger> yes ;)
<theunixgeek> rebugger: i remember the password! :D
<rebugger> thats the way it should be
<theunixgeek_> rebugger: how do I open port 80?
<rebugger> like i said before: look for "NAT" or "portforwarding"
<theunixgeek_> ok
<theunixgeek__> rebugger: I forwarded the port, but it still doesn't work
<rebugger> did you set the right ip (the one of your computer)
<theunixgeek__> hold on let me check
<theunixgeek___> rebugger: it still doesn't work :(
<rebugger> so, what did you set?
<rebugger> so, what did you set?
<theunixgeek> start: 80 end :80 protocol:both 192.168.1.101 enabled
<rebugger> k
<rebugger> check on your pc whether your ip is really that: sudo ifconfig eth0
<rebugger> and then check, whether your webserver is running (apache?): sudo /etc/init.d/apache2 restart
<theunixgeek> it says that's my inet addr.
<theunixgeek> I also have an inet6 addr and a bcast thing
<rebugger> yeah, doesnt matter
<rebugger> check if your webserver is running
<theunixgeek> apache says "httpd pid 8695 already running"
<rebugger> did you set another port than 80 in your apache-config?
<rebugger> check it yourself: try http://localhost/
<rebugger> is it working?
<theunixgeek> yes
<rebugger> then give me your ip
<rebugger> your public ip
<theunixgeek> 71.203.10.251
<rebugger> well doesnt work
<Clinteger> hello
<Clinteger> does ubuntu server 7.10 allow read/write access to ntfs partitions?
<Clinteger> nevermind I found out it does
<kraut> moin
<faulkes-> !bug #190587
<ubotu> Launchpad bug 190587 in linux-source-2.6.22 "Local root exploit in kernel 2.6.17 - 2.6.24" [Critical,Confirmed] https://launchpad.net/bugs/190587
<faulkes-> doh
<kraut> http://it.slashdot.org/it/08/02/10/2011257.shtml
<Clinteger> hey
<Clinteger> how large is a normal server installation?
<soren> This big: |<------->|
<soren> (not to scale)
<faulkes-> soren: trying to break into comedy now that you're a celebrity?
<scratchme> Does anyone have any suggestions on free web control panels for virtual hosting?  This is low volume, and will not be the basis for a shared hosting empire.  Just something to save me time.
<scratchme> If I have to provide config files for users, I might as well do it myself (incase you were going to suggest that).  My point is to reduce support, not train everyone how to use the config files everytime they want to make a change.
<scratchme> This will mostly be for friends/family.
<scratchme> I realize I could buy hosting, and accomplish this, but I have spare server resources, and am looking to consolidate a bit.
<ivoks> ispconfig
#ubuntu-server 2009-02-02
<shally87> hi
<shally87> if i already installed LAMP server and PHPMyAdmin
<shally87> do i need to install DNS and samba?
<Deeps> only if you want to run a dns server and samba server
<shally87> owh
<shally87> then can i run LAMP + DNS + Samba  together?
<Deeps> sure
<shally87> About the DNS server how do i point the server to my domain name?
<shally87> My ISP give me a dynamic ip address..
<shally87> and i afraid i dont have any static Ip address
<techsupport> can someone tell me what lenny is ?
<genii> techsupport: It's an older version of Debian
<techsupport> genii, can you help me out please, i posted something on a forum and i dont know what this guy means he replied to me
<genii> techsupport: Apologies, Lenny is the forthcoming Debian version. Current is Etch
<genii> (Was thinking of Sid, a former version)
<techsupport> genii, i'm gonna change my nick now ok ?
<orudie> sorry for the nick change
<genii> np
<orudie> genii,  look please , i started this forum http://forums.steampowered.com/forums/showthread.php?t=794455
<orudie> genii, he says the game server doesnt start because of some lib6
<orudie> genii, anything ?
<genii> orudie: Yes, I read it. No immediate ideas, except perhaps specify libc version to install.
<orudie> genii, is there a way to update libc to the latest version ?
<orudie> genii, without specifying the version number
<genii> orudie: What ubuntu are you currently running?
<orudie> server 8.10
<genii> !info libc6 jaunty
<ubottu> libc6 (source: glibc): GNU C Library: Shared libraries. In component main, is required. Version 2.9-0ubuntu9 (jaunty), package size 4216 kB, installed size 10520 kB
<genii> !info libc6 intrepid
<ubottu> libc6 (source: glibc): GNU C Library: Shared libraries. In component main, is required. Version 2.8~20080505-0ubuntu8 (intrepid), package size 4262 kB, installed size 10552 kB
<orudie> yes i have libc6          2.8~20080505-0 GNU C Library: Shared libraries
<orudie> can i update it ?
<orudie> to v 2.9 ?
<genii> orudie: They are saying you need 2.7.18 ... 8.10 has 2.8 and 9.04 has 2.9   ... These are LATER versions than 2.7.18
<genii> orudie: If you add the src repos only of jaunty, you can apt-get source <package> and build. I'm not sure if libc however can be "built" as such
<KterinK> how can i see if i have dhcp server installed?
<KterinK> figured it out, 'sudo /etc/init.d/dhcp3-server status'
<jmarsden> That tells you if it is running.... to check it is installed at all, something like   dpkg -l dhcp3-server   should work.
<orudie> which command do i use in server's console to stop the server
<green7> halt or shutdown?
<orudie> i noticed i can only start tf2 server only after i reboot linux
<orudie> this is messed up
<green7> Tha's weird. no error messages?
<orudie> green7, i am having seriouse problems man
<orudie> green7, http://forums.steampowered.com/forums/showthread.php?t=794455
<green7> Gimme a sec - reading it...
<orudie> green7, also thanx, also Could not establish connection to Steam servers.
<green7> hmmm, no idea. did you report it to steam tech support?
<orudie> no, how can i do that ?
<orudie> green7, ok lets say i get the server started, but why do i keep getting could not establish connection to steam servers ?
<green7> support.steampowered.com, I guess.
<green7> Do you have firewall turned on? Can you ping or traceroute to their servers? (you can run tcpdump to check where it's trying to get to)
<orudie> green7, which command should i run ?
<orudie> like sometimes it establishes connection and sometimes it doesnt
<orudie> like i have to try 5 times, and from the 5th time it would establish connection
<orudie> but now i can only start the server after i rebooth the computer
<green7> chkconfig --list | grep firewall , I think
<orudie> so i cant get it to establish connection
<green7> maybe it's cycling through a list of servers, and only some of the servers are up.
<green7> you can check that with tcpdump & see if it's trying to get to a different ip/hostname when it works and when it fails
<green7> and if that's the problem you can put some bogus entries in /etc/hosts to point the non-working hostnames to working ones.
<green7> I've gotta get out of here - good luck!
<orudie> green7, thanx i think i got this
<Ultraputz> how do you turn on zeroconf advertising for ssh on a fresh install of u server?
<Ultraputz> installing firefly seemed to switch it on. thanks anyway !
<iverson0881> is ufw suitable to be used in a production server environment?
<ScottK> iverson0881: If its feature set is sufficient for what you need, certainly.
<iverson0881> ScottK: but it's nothing as full blown as maybe using just straight iptables or bastille is that correct?
<ScottK> It's a front end for iptables.
<ScottK> So if you can do what you need with it, then fine.
<ScottK> If you need stuff it can't help you with, then not.  It's really just a question of your requirements versus its capabilities.
<iverson0881> oh okay, i see. what would you recommend?
<ScottK> If ufw does what you need, use it.
<ScottK> I use my own iptables scripts, so I'm probably not the best source of a recommendation for someting easier.
<rdw200169> are there any applications on the terminal that run as daemons and can run a set of commands when network connectivity goes down?
<hads> Something like monit may do what you want.
<rdw200169> ah, thanks, forgot about monit.
<iverson0881> there's also god
<iverson0881> which is based on ruby
<iverson0881> http://god.rubyforge.org/
<suigeneris> hello
<suigeneris> ScottK, are you there?
<ScottK> I am, but I'm just about to go to sleep.
<ScottK> suigeneris: ^^
<suigeneris> when will you come back?
<suigeneris> in 8 hrs?
<ScottK> Unfortunately less.
<ScottK> Is there a quick question
<ScottK> Probably ~7 or so.
<suigeneris> you said you'd help me with my smtpd.key problem
<ScottK> Ah.
<ScottK> I remember you.
<suigeneris> thanks :)
<ScottK> Yes, after I sleep, I need to be at my desktop, not my laptop.
<suigeneris> i'll wait
<mathiaz> kees: https://bugs.launchpad.net/ubuntu/+source/mysql-dfsg-5.0/+bug/323755
<uvirtbot`> Launchpad bug 323755 in mysql-dfsg-5.0 "non-trivial building mysql source package, build test keeps failing, (open)ssl related" [Undecided,Confirmed]
<mathiaz> kees: ^^ this is the mysql failure
<frippz> I've got a bridge set up for KVM that is using one of three NICs. is it possible to add the other two by specifying them with bridge_ports? if so, how would that work?
<simplexio> frippz: dont know about KVM, but make a bridge from all NICs is easy
<simplexio> frippz: bridge addbr br0 && bridge addif br0 eth0 etc.. then tell kvm use br0, or if kvm uses some virtual interface you probably can add it too to bridge
<simplexio> if i install bind9 for my self, can i use any domain name on it? like example.com or myhome.poop .. i just want to get "own" dns server for home lan, so that i can use kerberos, ldpa etc.. for filesharing on lan
<simplexio> and i dont want that my bind9 server causes some dns names to point wrong place
<hads> Yes
<hads> Might want to look at dnsmasq also
<frippz> simplexio: yeah, KVM is using br0 I think. what I'm wondering now is how the bridge will be working. will it be utilizing 3 NICs and effectively offer 3 Gbit/s speed?
<frippz> since each NIC is a 1Gbit
<simplexio> frippz: hmm.. im not sure (i use 100Mb + 1Gb bridge) where this 100Mb is on "internet" side and 1G is on my home lan
<soren> frippz: No, it won't.
<simplexio> but i get 1Gb speed to server from home desktop and 100Mbit from that
<frippz> soren: I figured... seems to easy and too good to be true :)
<simplexio> frippz: i think you need first make bond all those NIC to one virtual nic and then bridge it to KVM side
<soren> frippz: If you want to to dhat, you need to set up bonding and add your bonded interface to the bridge instead of your hysical nic's.
<soren> It's totally doable, just not how you explained it.
<frippz> yeah, I'll have to look up bonding again. haven't played with that in ages :)
<soren> Well, if you want to bond interfaces, which is clearly what you want... you kinda need to use bonding :)
 * soren is about to lose nework access for a little bit
<Gargoyle> Any mod_rewrite gurus online? I want to make a rule that redirects to my blog, but does not append to the query string.
<soren> "Does not append to the query string"?Why would it do that?
<Gargoyle> So far I have this... http://pastebin.com/d78ecbd05
<Gargoyle> If you goto http://ga.rgoyle.com/an/ I want it to be as if you have gone to /blog, but it must be passing something extra through to wordpress cos I get page not found :(
<soren> Gargoyle: Look in your logs?
<Gargoyle> soren: Not much about rewrite rules seems to get logged.
<hads> There's an option to log it
<soren> Gargoyle: No, but you can see where it's redirecting to.
<Gargoyle> Uh oh... I might be reading these docs for a while.... `Despite the tons of examples and docs, mod_rewrite is voodoo. Damned cool voodoo, but still voodoo.''
<hads> Nah
<Gargoyle> Cool! Redirect loop!
<Gargoyle> :D
<frippz> soren: what about distributing the load manually over several NICs? I'm thinking that about setting up several br-interfaces and letting some VMs use br0 and some other user br1 and br2. would that work?
<soren> Manually?
<frippz> soren: yeah, well. by manually I mean that I choose wich VM uses wich bridge
<frippz> maybe I'm just making this more difficult for myself than it should be :D
<fw1> I am setting up ldap replication following the  8.10 instructions,  the problem is that once i get to the end and the two servers are in sync the, i restart, create an object on the primary server,  the second server then blasts its db away
<uvirtbot`> New bug: #324249 in bind9 (main) "[CVE-2009-0265] BIND 9 not properly checking the return value from OpenSSL EVP_VerifyFinal()" [Undecided,New] https://launchpad.net/bugs/324249
<shally87> hi..
<shally87> what is the command to install mail server using sudo apt-get
<shally87> anyone
<pmatulis> shally87: just use the 'tasksel' command to get the menu
<andol> mathiaz: Thanks for pointing out the expired ssl-cert in the mysql testing suite. You just saved me from doing a hole bunch of completely unrelated tests :-)
<mathiaz> andol: :)
<mathiaz> andol: upstream has commited patches to their 5.1 and 6.0 trees.
<shally87> ok
<shally87> thanks pmatulis
<mathiaz> andol: but the Debian maintainer reported that the patch would not apply on the 5.0 tree
<andol> mathiaz: Should I look into building our own patch, using the new cert in the 5.1+ patch? Or do you have another solution in mind?
<shally87> i want to esit my dns using this
<shally87> sudo vi /etc/bind/named.conf.local
<andol> mathiaz: Alternatevly is it just best to wait and see what Debian does?
<mathiaz> andol: that's what I would do - take the new certs from 5.1+ and put them in 5.0
<shally87> but i having problem on writing the code..
<shally87> anyone experience to use it?
<shally87> hope someone could help..i brb a while
<shally87> thanks..
<shally87> hi..back..
<shally87> i got this function sudo vi /etc/bind/named.conf.local
<shally87> from http://ubuntuforums.org/showthread.php?t=236093
<shally87> and i need to add few more function below it.
<shally87> but as i write the command sudo vi /etc/bind/named.conf.local and i entered a space to write something,
<shally87> i having difficulties to write the command needed.
<shally87> anyone know how can i write something over there?
<shally87> if i press arrow, it came like "B"
<shally87> and i dont know how to save it
<suigeneris> press Ins
<shally87> owh
<shally87> then how to save it?
<suigeneris> to save, presss Esc and then w
<shally87> ok..thanks..
<suigeneris> np
<shally87> i got this problem again
<shally87> # This is the zone definition for reverse DNS. replace 0.168.192 with your network address in reverse notation - e.g my network address is 192.168.0 zone "0.168.192.in-addr.arpa" {      type master;      file "/etc/bind/zones/rev.0.168.192.in-addr.arpa"; };
<shally87> how to get the network address?
<shally87> is it the dynamic address?
<shally87> given by isp or the address of the router
<dnperfors> shally87: it would be easier for you to use nano instead of vi it will behave like you would expect it to :)
<shally87> nano?
<shally87> how to use it?
<shally87> i'm really new in command
<dnperfors> Shally87: I guess that that address is for your internal network
<dnperfors> nano is a text editor
<shally87> owh...my bad of not knowing it
<dnperfors> type sudo nano /etc/bind/named.conf.local instead of the one with vi ;)
<shally87> internal..then as i'm using switch then the ip should be 192.1681.2
<shally87> ok
<shally87> thanks
<shally87> the ip should be 192.168.1.2 is it?
<dnperfors> when your ip is 192.168.1.2, than the network address is 192.168.1
<shally87> owh..that is the ip for switch..then i guess i just make a trial and error..
<shally87> owh..one thing..as i'm comfortable with windows.. how to get the ip or network address of my pc?
<shally87>  linux quite new to me
 * [gnubie] waves
<dnperfors> in Linux? type ifconfig :)
<shally87> ok
<shally87> thanks
<[gnubie]> pardon me, i will be asking for an OT.. i just need your advice..
<[gnubie]> if you are going to choose between PaaS/cloud hosting, VPS or Managed Server, which one will you choose? which is more cheaper?
<[gnubie]> this is to host your website and you want full control on your web app with more features but pay less..
<shally87> vps
<shally87> there is this another one thing..
<shally87> forwarders {       # Replace the address below with the address of your provider's DNS server       123.123.123.123; };
<shally87> does it means the ISP address?
<Deeps> [gnubie]: depends on how much traffic you intend to use
<dnperfors> shally87: that means the dns you get from your ISP or any other DNS server address you want to use
<Deeps> [gnubie]: you need to work out how much disk space you need, how much traffic you intend to push, and then do your own costing analysis based on your own expected usage patterns
<shally87> hmm
<shally87> if i dont have one?
<Deeps> [gnubie]: and thus, you can compare services like amazon's s3 with vps, managed + dedicated server providers
<shally87> is it possible just point it to my pc?
<[gnubie]> Deeps: honestly, i don't know what to expect for the traffic.. for the disk space, i don't think it is an issue because let's assume that the web app is like a blog
<Deeps> [gnubie]: if you dont know how much traffic you're gonna get, how is anyone else going to know? lol
<shally87> [gnubie]: do you just started a blog? or your blog had been known well?
<shally87> [gnubie]: when i use blog i just go for shared hosting with cpanel
<dnperfors> shally87: you can also leave that one out... basicly it is just saying: forward the request to these servers when I don't know the answer
<shally87> you gotta search hosting company
<shally87> dnperfors: thanks..i think i gonna use openDNS..does it ok?
<[gnubie]> Deeps: i really don't know how to compute the traffic.. what i have here at home and even in the office are unlimited but with a maximum bandwidth for upload/download
<[gnubie]> shally87: the blog is an example but yes, about to start
<shally87> [gnubie]:  i use lunarpages hosting for around 6 website..and it does well, no bandwith and storage limit.. anyway hostgator is the best if you want to get a cheap hosting just for your site..then you no need to sweat handle the server..for long term if your website gotta do very well, then go for vps or dedicated server..
<dnperfors> shally87: yes that will work, I do the same, I use my own server as a cache and to register local addresses and use OpenDNS as backup
<shally87> ok
<shally87> thanks dnperfors..i going to ask a lot..:-D
<[gnubie]> shally87: i just checked serverbeach's basic offer at https://shop.serverbeach.com/product_details.php?id=2551 and it looks cheap.. what do you think?
<shally87> wait a sec
<[gnubie]> ok
<shally87> you going for a dedicated server?
<Deeps> [gnubie]: webstats
<Deeps> [gnubie]: your webserver should be logging, use something like webalizer, will let you know how much traffic your site's using
<shally87> this could be ok for me..but i don't know what pro will say..
<shally87> if you were going to have a traffic like johnchow.com or download.com, it is best to get a dedicated server
<shally87> that price is reasonable if the site is going to be very popular soon..
<shally87> if just for a start go for shared or vps..
<shally87> with the price i saw, it could be a dedicated server..
<shally87> Student like me wont go for that..just setting up my own small server at home :sweat
<shally87> dnperfors: can i put 3 backup ip? 1 to my isp then 2 to open dns
<shally87> brb
<dnperfors> shally87: I am looking in my configs, and I see that I am not using the forwarder at all :)
<[gnubie]> Deeps: yes, using webalizer.. the problem is, i still don't have a website to do a webstats..
<shally87> ok thanks dnperfors
<dnperfors> shally87: yes that is possible
<shally87> i think i just use the one from my isp..just to give a try..
<[gnubie]> shally87: so you're saying that the link that i gave you, it was already expensive?
<[gnubie]> i checked AWS and i honestly don't understand its computation
<Deeps> $99 a month for a dedicated server like that isn't bad, but it's overkill for what you need
<Deeps> by the sounds of things, you're starting a new site, it wont have much traffic, something like S3 may be what you need
<shally87> [gnubie]: if you just started to host a site, it is better to go for a shared then upgrade to vps then upgrade to dedicated..this will save you a lot of money which you can use for advertising
<mathiaz> andol: FYI this is the upstream commit that updates the certificates for the 5.0 branch: http://lists.mysql.com/commits/64296
<shally87> [gnubie]:  if you go for vps it could at least support you with more than 1000users daily...and you only pay around usd24 to 40 monthly...
<shally87> [gnubie]: making a site so popular takes time..unless your web app is something so unique that you could get it popular in short time..
<suigeneris> ScottK, are you up yet?
<heath|work> anyone know of a mod_xsendfile package for apache2 ?
<shally87> then when you paying a server you gonna thing how long until your site get big and how much storage you could use one time..
<shally87> that could be essential thing that you need to save money..
<shally87> brb
<andol> mathiaz: Nice. I'll take a closer look at it when I get home from work tonight.
<shally87> i afraid the one 99 is 99 monthly..
<suigeneris> anyone watching postfix users mailing list?
<heath|work> When I am reading the apache docs, it is asking me to type httpd -l , but httpd does not exist...
<lamont> suigeneris: any particular message, or just generally?
<suigeneris> lamont, I have a problem with smtpd.key, I asked about it on postfix users
<heath|work> nevermind
<suigeneris> heath|work, could be apache2ctl
<suigeneris> instead of httpd
<heath|work> suigeneris, it is thanks... do you know how I am supposed to install apxs for apache?
<suigeneris> http://www.linuxforums.org/forum/servers/61842-how-install-apxs-apache.html
<shally87> there is another this thing
<shally87> // Replace the following line as necessary: // ns1 = DNS Server name // mta = mail server name // example.com = domain name example.com.      IN      NS              ns1.example.com. example.com.      IN      MX     10       mta.example.com.
<suigeneris> heath|work, what distro?
<shally87> is it the DNS server name is anything i like?
<suigeneris> lamont, can you help me with that?
<heath|work> suigeneris, 8.04
<suigeneris> ubuntu, right
<shally87> owh..stop with that
<heath|work> yes, ubuntu 8.04,
<heath|work> with what?
<shally87> mm, could i use the domain if i set it as a dns server domain?
<dnperfors> shally87: sort of, yes...
<shally87> with what i ask earlier
<shally87> ok..
<shally87> thanks again
<heath|work> suigeneris, I just read that the tool is included in apache2-threaded-dev
<heath|work> I guess I will give that a whirl
<shally87> i got this problem..how do i know this?
<shally87> Replace the IP address with the right IP addresses. www              IN      A       192.168.0.2 mta              IN      A       192.168.0.3 ns1              IN      A       192.168.0.1
<shally87> www              IN      A       192.168.0.2
<shally87> mta              IN      A       192.168.0.3
<shally87> ns1              IN      A       192.168.0.1
<shally87> how do i get this in my pc/
<dnperfors> shally87: you need to specify all the hosts you want to specify, for example: router IN A 192.168.1.1
<dnperfors> basicly you should know the ip address and assign a host name to it...
<dnperfors> this only works when those machines have a static ip
<shally87> ok..tq
<shally87> does anyone got the original file for /etc/bind/named.conf .. could you copy and paste in the pastebin?
<shally87> i got this porblem
<shally87> do my dns server need to be different than my LAMP server?
<[gnubie]> shally87: thanks.. sorry for my late reply..
 * [gnubie] waves.. gtg now.. thanks..
<shally87> ok//bye
<BBHoss> does anyone know if iptables will forward out on the same interface that it recieved a packet?
<soren> BBHoss: Iptables doesn't do routing.
<BBHoss> i know
<BBHoss> but will it forward it out
<soren> You are asking a question about routing.
<BBHoss> if i have the router on 192.168.0.1 and i have a forward rule to go to 192.168.0.169, and both are on eth0, will it send the packet to 192.168.0.169, assuming the routes are setup correctly
<soren> iptables doesn't decide on the interface through which a package gets routed.
<soren> Your eth0 has both addresses?
<BBHoss> what i'm trying to do is test my rules to make sure it forwards it to the right place
<BBHoss> .1 and .169 are on the same network
<BBHoss> but eventually they won't be
<soren> You will have to elaborate on that. :)
<soren> How are you doing your subnetting?
<BBHoss> \/24
<soren> Then they are going to be on the same network.
<BBHoss> right, i know that
<BBHoss> eventually packets will come in on a separate interface
<BBHoss> which is not on the same network (physically) or subnet-wise
<BBHoss> i have -A PREROUTING -i eth0 -p tcp -m tcp --dport 9090 -j DNAT --to-destination 192.168.0.169:9090 inside the nat, and -A ufw-before-forward -p tcp --dport 9090 -j ACCEPT  in the before-filter chain
<BBHoss> however if i run an nc listener on .169:9090, and then try to nc 192.168.0.1:9090, it won't connect
<BBHoss> but its not blocking it, the logs would show it, because it was before i added a rule to the before-forward chain
<soren> Which machine has the rules?
<BBHoss> .1
<BBHoss> thats the router/nat device
<BBHoss> i have forwarding enabled in sysctl as well
<soren> And from whence are you conducting your tests?
<BBHoss> .169
<soren> Yeah, that's not going to work.
<BBHoss> ok would it work from another ip?
<BBHoss> on the same network?
<soren> Your problem is this:
<soren> .169 is accessing .1, but the responses are coming from .169..
<BBHoss> ahh i see
<soren> ...so it doesn't know that it's related to the same connection.
<soren> If you were outside the NAT, and you had a different rule that did the translation, that would be fine.
<soren> "the translation" == the NATing.
<BBHoss> ok so i have to be outside the nat to test it
<soren> Assuming your NATing is set up correctly, yes.
<BBHoss> http://pasternak.superalloy.nl/pastes/1357 is how i am doing NAT
<soren> BBHoss: Does that work?
<soren> "-o eth1" looks odd (from the very little I know about your network setup)
<BBHoss> don't know, haven't tried it yet with eth1
<BBHoss> eth1 will be the wan interface though
<soren> Oh, blah, you're right.
<soren> My bad.
<BBHoss> see i was trying to prevent me being required to setup a full-fledged test lab, but i guess i have to :)
<BBHoss> well thanks for your help, bbl
<soren> BBHoss: Cheers.
<quizme_> hello, my mysql didn't start
<quizme_> where are the logs for mysql ?
<quizme_> they are empty in /var/log/mysql.*
<zoopster> quizme_: /var/log/mysql - however you may want to look at /var/log/messages or /var/log/syslog for more details...
<quizme_> zoopster: i didn't find anything revealing there.  What's the command to start up mysql?
<quizme_> zoopster: i did /etc/init.d/mysql start
<quizme_> but that didn't seem to work
<zoopster> quizme_: that is the correct one...grep the syslog for mysql messages..if it doesn't start there will be a message in there
<quizme_> zoopster: okay i'll look again at the syslogs
<quizme_> zoopster: found some!  Feb  2 18:32:11 domU-12-31-39-00-52-27 postfix/trivial-rewrite[25587]: fatal: mysql:/etc/postfix/mysql_domains.cf(0,lock|fold_fix): table lookup problem
<redLAW> hello to all
<zoopster> quizme_: but that is a postfix issue...seems it cannot find the table it needs
<redLAW> I'm doing 8.04 LTS setup and i wanted to ask is there any good howto for making gateway with 2 nic
<quizme_> zoopster: hmm.... weird
<quizme_> zoopster: so how can i create the table, if i can't start mysql ?
<quizme_> zoopster: maybe i should stop the postfix service?
<zoopster> quizme_: first things first...try to start mysql again and either have another window watching syslog (tailf /var/log/syslog) or tail it after you have attempted a start
<zoopster> it logs starts and stops
<quizme_> zoopster: i know what you mean
<quizme_> zoopster: i'll try that
<quizme_> zoopster: http://pastie.org/377533
<quizme_> how do i make a socket exist? /var/run/mysqld/mysqld.sock
<zoopster> quizme_: look above that line... it doesn't like skip-federated
<quizme_> zoopster: why is it doing that ?
<zoopster> not sure...I am using 8.10 with 5.0.67-0ubuntu6 and that line is in my "my.cnf"
<zoopster> but I don't see that problem
<quizme_> zoopster: btw, i'm not sure if i did this right:  apt-get install libmysqlclient15-dev  ?
<quizme_> i was messing with that
<quizme_> then i did a  "gem install mysql"
<quizme_> does that have anything to do with it ?
<zoopster> quizme_: possibly, but that client lib *SHOULD* work...
<zoopster> do a dpkg -l |grep myql and see what is installed
<zoopster> is this 8.10 or 8.04?
<jrwren> quizme_: /var/run/mysqld/mysqld.sock is created by the mysql server when you start it.
<quizme_> 8.04
<jrwren> quizme_: does your /etc/mysql/my.cnf have socket          = /var/run/mysqld/mysqld.sock in the [mysqld_safe] section?
<quizme_> zoopster:  dpkg -l |grep myql   comes up empty handed
<zoopster> quizme_: as in NOTHING?...you have to have something in there
<zoopster> jrwren: the problem is that mysql_safe is choking on --skip-federated
<quizme_> zoopster: oh i mispelled it
<maxb> Perhaps "mysql" not "myql" ?
<quizme_> jrwren: not sure hold on plz
<zoopster> yea...I mispelled it...sorry
<quizme_> making pastie
<quizme_> i love pasties
<quizme_> http://pastie.org/377551
<quizme_> zoopster: http://pastie.org/377551
<jrwren> quizme_: can you pastebin your /etc/mysql/my.cnf ?
<quizme_> jrwren: yes it does.  i just check it.  i'll paste it
<zoopster> jrwren: here is his pastebin from start up http://pastie.org/377533
<quizme_> jrwren: http://pastie.org/377555
<jrwren> yeah, its almost like the /etc/mysql/my.cnf has --skip-federated instead of just skip-federated in it.
<jrwren> but it doesn't.
<quizme_> is it serious ?
<quizme_> i feel like you guys are doctors trying to diagnose me with some fatal disease.
<jrwren> zoopster might know a lot more than me.
<jrwren> quizme_: its very strange.
<zoopster> heh
<jrwren> i have the same package versions installed.
<zoopster> quizme_: verify you are starting mysql with /etc/init.d/mysql start
<jrwren> quizme_: what is the results of an md5sum on /usr/sbin/mysqld ?  does it look like this? http://pastie.org/377557
<quizme_> oh crap
<quizme_> i think i may have mixed up computers
<quizme_> local vs remote
<quizme_> .....
<quizme_> lets' start with dpkg
<jrwren> rofl
<quizme_> http://pastie.org/377561  #  dpkg
<zoopster> ok...so that tells us something
<zoopster> and your my.cnf for that box?
<quizme_> i'm back
<quizme_> let me get that
<zoopster> quizme_: skip-federated was added in .67
<quizme_> http://pastie.org/377564  # my.cnf
<jrwren> it looks like you are in the middle of upgrading that thing.
<quizme_> btw
<quizme_> oh
<jrwren> mysql-server pkg is 5.0.67, but mysql-server-5.0 is version 5.0.51a
<quizme_> so
<quizme_> what should i do ?
<jrwren> I'd run apt-get update && apt-get upgrade
<quizme_> sometimes i type in random apt-get commands
<quizme_> from the internet
<quizme_> lol
<quizme_> ok, i just did that apt-get update && apt-get upgrade
<quizme_> but it's hanging here: 99% [Connecting to us.archive.ubuntu.com (91.189.88.31)]
<quizme_> are u guys there ?
<jrwren> ready and waiting to try to help.
<quizme_> it's upgrading still
<quizme_> lots of stuff is going on
<quizme_> am i upgrading to 8.10 now ?
<jrwren> no
<jrwren> unless you previously told it to do so.
<quizme_> i don't think i did
<quizme_> it's updating massive stuff
<quizme_> i thought myssytem was uptodate already
<quizme_> i'm starting to like vi
<quizme_> why do u guys sit here an help people?
<jrwren> quizme_: because we love linux and ubuntu.
<zoopster> it's a great reason to procrastinate real work
<zoopster> :-D
<quizme_> i see
<quizme_> are u guys sysadmins?
<quizme_> or programmers?
<quizme_> or both?
<quizme_> i love watching linux update itself
<quizme_> it's like watching ocean waves
<quizme_> u know humans are becoming part of an organism
<zoopster> I pretend to administer systems in my spare time
<zoopster> I manage a bunch of software vendors
<quizme_> ok it's done updating finaally
<quizme_> shoudl i do mysqld start?
<quizme_> or /etc/init.d/mysql start
<quizme_> or ps -a | grep mysqld ?
<quizme_> hey it worked!
<quizme_> thanks!
<quizme_> oh man i'm happy
<quizme_> thanks
<quizme_> now i can go to sleep
<quizme_> zoopster: i owe you a beer
<quizme_> jrwren: i owe you a beer too
<quizme_> have a good night!
<jrwren> i'll take you up on that.
<quizme_> i'm in Manila
<quizme_> philippines
<quizme_> swing by :)
<jrwren> when i visit there.
<quizme_> dbitsolutions@gmail.com
<quizme_> see ya
<quizme_> good night
<zoopster> quizme_: cool...will do that some time..glad that work
<zoopster> see ya
<redLAW> I watched your work here... it is fantastic!
<zoopster> redLAW: saw your q - did you search your favorite search engine - there are many how-tos on that subject
<redLAW> i found sth
<redLAW> basicaly
<redLAW> i want to host
<redLAW> my website at home and yet have gateway for home
<redLAW> is it possbile with custom dns at dyndns service
<zoopster> redLAW: I do that with ubuntu server myself
<zoopster> redLAW: yes it is...I happen to have a static ip that I use
<redLAW> i have dynamnic IP only
<redLAW> avalible
<zoopster> redLAW: you may violate your TOS, but it can and is being done regularly
<redLAW> how do u mean TOS
<jrwren> redLAW: many US isps once prohibited inet sharing like that, but most allow it now.
<redLAW> I;m in Europe
<jrwren> redLAW: you say "gateway", but what you really want is internet connection sharing, like NAT?
<redLAW> yes
<jrwren> the iptables oneliner will work.
<jrwren> redLAW: I don't know the "ubuntu-way" for that.
<redLAW> can you recommend me something
<redLAW> to start
<jrwren> modprobe iptable_nat ; iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE ;echo 1 > /proc/sys/net/ipv4/ip_forward
<jrwren> change ppp0 to the network interface that is your outside (internet?) interface.
<redLAW> ok
<redLAW> ok
<jrwren> you will need to do that every time you reboot, so maybe place it all in /etc/rc.local.
<zoopster> https://help.ubuntu.com/community/DynamicDNS has some info...
<jrwren> see also : https://help.ubuntu.com/community/IptablesHowTo
<redLAW> ok
<redLAW> i will do best
<redLAW> i found
<redLAW> clarkconnect
<redLAW> but somehow
<redLAW> that project is closed
<redLAW> i want freedom
<zoopster> redLAW: you can do it all yourself if you have the patience and time...it's fun to learn
<redLAW> yes i have patience
<zoopster> projects like clarkconnect and amahi just package it up for you
<redLAW> yes
<redLAW> i want to learn
<zoopster> all of the basic parts are there in ubuntu
<redLAW> how that parts work
<redLAW> together
<zoopster> help.ubuntu.com is a great place to start
<redLAW> ok
<zoopster> there are many books on the matter...but plenty of howto's...do some searching and you'll find lots of info
<zoopster> if you get stumped...ask here...there is always someone around that can help
<redLAW> :)
<ScottK> suigeneris: I am around now (day went differently than I thought).
<Kartagis> ScottK, I am home now and I am Kartagis
<Kartagis> so, shall we start? first off, what kind of information do you want from me?
<Kartagis> your day wasn't bad I hope
<ScottK> Kartagis: Not bad, just different.
<ScottK> Paste me the command you were using to make your certs.
<piquadrat> Hi! I put this command in root's crontab: "47 2 * * * /usr/sbin/ftplicity backup". But ftplicity is never invoked. When I start ftplicity manually, everything works. What am I doing wrong?
<Kartagis> just a sec, trying to find that page
<Kartagis> https://help.ubuntu.com/8.04/serverguide/C/postfix.html
<Kartagis> this was the page ScottK
<ScottK> Kartagis: That's way different than I do it.  Let me try and write something up tonight.
<ScottK> sommer: Did you validiate the TLS key creation in ^^^
<Kartagis> thank you ScottK
<sommer> ScottK: It's always worked for me in the past
<sommer> ScottK: thanks for the ping the other day, unfortunetly I haven't had time to work on that yet
<sommer> should have time this week though
<axisys> anyone here successfully installed ubuntu on t1000?
<Jeeves_> Yes
<axisys> i tried hardy sparc64 and intrepid sparc boot image .. both failed at disk detection
<Jeeves_> axisys: It's easy
<Jeeves_> It was with hardy, though
<axisys> Jeeves_: let me share my issue ..
<axisys> i just posted it on mailing list with subject 'ubuntu install failed to install on t1000'
<axisys> Jeeves_: mine is failing like this http://pastebin.com/d6c31c0bd
<axisys> Jeeves_: i am using this https://help.ubuntu.com/community/Installation/Sparc
<Kartagis> t1000, is that a more evil model than t888?
<axisys> basically network-boot-arguments is where I am declaring the image path and all and then just boot net...
<Jeeves_> axisys: Maybe intrepid is broken on sparc?
<axisys> Jeeves_: i tried with hardy sparc64 too
<ivoks> axisys: i did on TI UltraSparc IIIi
<axisys> ivoks: t1000 is of that category ?
<ivoks> axisys: i don't know :/
<axisys> ivoks: i can check real quick
<ivoks> this was sun fire v240
<ivoks> i think this was an old machine
<ivoks> it surely doesn't have 8 cores :D
<ivoks> it's from pre-core era :D
<ivoks> maybe 2 :)
<axisys> Jeeves_: it is failing like this http://pastebin.com/d6692949a for hardy sparc64 boot img here http://ports.ubuntu.com/dists/hardy-updates/main/installer-sparc/current/images/sparc64/netboot/2.6/
<Jeeves_> axisys: i've got no clue than
<Jeeves_> hardy worked fine for me'
<axisys> ivoks: UltraSPARC-T1 is t1000
<ivoks> axisys: i used http://cdimages.ubuntu.com/ports/releases/8.04.1/release/ubuntu-8.04.1-server-sparc.iso
<axisys> ivoks: t1000 does not have a cdrom
<ivoks> oh
<ivoks> stupid manufacturers :)
<ivoks> ok, let's see what can we do
<axisys> would be nice if i could point to the iso contents like solaris
<axisys> ivoks: :-)
<axisys> in solaris i mount the iso and run setup_install_server followed by add_install_client and then on the client boot net - install.. and thats it
<axisys> that is how i installed solaris on this t1000
<ivoks> on linux you have dhcp and tcpd
<axisys> ivoks: u mean tftp ? so setup a dhcp and then point to iso ?
<ivoks> ok
<ivoks> i found an old conversation
<axisys> ivoks: i think u sent a link to me before..
<ivoks> did you power down your machine after running solaris?
<axisys> ivoks: yeah ..heh
<axisys> ivoks: yes.
<ivoks> let's do that again :)
<axisys> ivoks: i can't find the conversation :-(
<axisys> ivoks: i just remember u were trying to help
<ivoks> power of t1000
<ivoks> power it on
<axisys> ivoks: ok
<ivoks> enter open firmware and run check boot?
<axisys> poweroff
<axisys> Are you sure you want to power off the system [y/n]?  y
<axisys> from SC>
<ivoks> setenv auto-boot false
<axisys> SC Alert: SC Request to Power Off Host
<axisys> ivoks: ok.. as soon as I bring it back on
<Kartagis> ScottK, I am here
<ivoks> axisys: http://irclogs.ubuntu.com/2006/05/27/%23ubuntu-ports.txt look for TPC and follow the conversation
<ivoks> axisys: you might ask this on #ubuntu-ports too
<axisys> ivoks: this converstaion seems like how to build an image
<ivoks> axisys: but it starts with your problem
<Kartagis> ScottK, are you there?
<axisys> ivoks: yes..
<ivoks> axisys: have you tried with 6.06?
<axisys> ivoks: not yet..
<ivoks> i have 8.04 on TI UltraSparc II and TI UltraSparc IIIi
<ivoks> yes, the first one is almost a decade old :)
<ivoks> still, great as slave DNS :)
<ScottK> Kartagis: I'm here now.
<ivoks> half an hour later 'Kartagis: ScottK where are you?'
<ScottK> I guess he went to bed.
<Bangers1> I'm doing "sar -A 3 3 | tr -s ' ' ',' > /tmp/tmp.csv" -- BUT it's NOT putting it all on one line.  How can I do that?
<Bangers1> A multi generic line CSV isnt very helpful :)
#ubuntu-server 2009-02-03
<bdubnc> HeyI am wanting to move my CentOS lamp installation to Ubuntu 8.04.  The issue is with php.  I need a way to turn off the default soap settings that are configured by default from the apt repo.  CentOS 5.2 using php 5.1.6 and does not turn soap on by default.  They utilize nusoap which runs great on 5.1.6, but 5.2.4 seems to not run it at all. I need to back 5.2.4 down to 5.1.
<nosferatu> whats the difference between ubutu server and desktop?
<kansan> i added a printer to my ubuntu hardy desktop.... its a samsung ml-2510... problem is after awhile the printer seems to be disconnected... i.e i send it printer jobs and it doesnt do anything.  restarting my computer works, but only for a little bit... and then again i cant send it print jobs anymore.  i tried a different printer driver from linux printing database too ideas?how do i list all groups on a given machien?
<kansan> oops
<kansan> how do i list all groups on a given machien?
<Deeps> bdubnc: i'm not sure, i guess in your position i'd make my own 5.1 package and pin that so that it doesn't get upgraded
<Deeps> nosferatu: ubuntu server installs a different kernel config (-server) and a set of packages that would generally be considerred useful on a server, ubuntu desktop installs a different kernel config and a set of packages that are more useful to desktops, like gnome, firefox, openoffice, pidgin, and so on
<Deeps> kansan: cat /etc/group
<kansan> mk
<bdubnc> Ah, that works.  My only other option would be to use an earlier LTS version
<Deeps> bdubnc: you could try using the package from an earlier version on your current machine, but that may result in some... odd behaviour
<nosferatu> <Deeps>: are those packages the LAME, DNS, etc. that you get asked during the installation?
<Deeps> nosferatu: no, those are additional options
<Deeps> nosferatu: all that is all available on both server and desktop, the only difference is the packages that are installed by default
<bdubnc> yeah, I don't really want todo that.  Also, I am running Virtualmin which only runs on LTS builds so I would have to go back to 6.06 in order to order to work
<nosferatu> oh, I wanted a cleanest linux install so that I can add stuff i use myselft. I thought server version would do :(
<Deeps> nosferatu: i think there's a mini.iso that may be of interest to you, otherwise the alternate cd may be what you want, one of them lets you do a more minimal install
<nosferatu> oh. ok, iÂ´ll take a look at those. thanks.
<nosferatu> i liked the old personalized installation disties came with a while ago...
<bdubnc> Anyone know which version of php comes with 6.06, or where I can find out?
<jtaji> bdubnc: http://packages.ubuntu.com
<Deeps> !info php dapper
<ubottu> Package php does not exist in dapper
<Deeps> !info php5 dapper
<ubottu> php5 (source: php5): server-side, HTML-embedded scripting language (meta-package). In component main, is optional. Version 5.1.2-1ubuntu3.12 (dapper), package size 1 kB, installed size 20 kB
<bdubnc> Thanks guys, I think I might just go with 6.06.  I really want to go to Ubuntu for speed.
<kansan> how do i get the current time zone my ubuntu machine is set up on?
<dinsdale07> kansan date
<uvirtbot`> New bug: #324683 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.0.67-0ubuntu6 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/324683
<lukehasnoname> ping soren
<lukehasnoname> do you have a list of things you're working on?
<lukehasnoname> I read something about OpenVZ integration in jaunty, but I only saw it in the weekly newsletter
<deadbattery> hi anyone here? i got a question
<ScottK> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line, so others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<deadbattery> well, anyone here has ever used plesk?
<ScottK> I have, but not on Ubuntu
<deadbattery> ya well its being a pain the ass ..
<deadbattery> if anyone can help me here, i did extremely appreciate
<ScottK> Which Ubuntu release are you  using?
<deadbattery> 8.04
<ScottK> You might consider just using ebox.
<ScottK> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<deadbattery> i know but i prefer plesk, its much better for client management
<ScottK> OK.  I can't help you, but I'd suggest asking a specific question.
<deadbattery> well first i would need some one that has experience with plesk =p
<deadbattery> but i use apache2 as of now, do u knopw where the error log is saved?
<ScottK> Generally in /var/log
<deadbattery> well i see apache2 afterwards
<jmarsden> deadbattery: Look in /etc/apache2/apache2.conf for the ErrorLog directive, it says where the error log will go.  The default in Ubuntu 8.10 is   ErrorLog /var/log/apache2/error.log
<jmarsden> Note that this is not at all specific to Plesk :)
<deadbattery> i am still getting ] child pid 17202 exit signal Segmentation fault
<deadbattery> which basically hangs the entire server
<deadbattery> any idea?
<jmarsden> Did you build apache2 from source, or is this error coming from the official Ubuntu-packaged version of apache2?
<deadbattery> umm
<deadbattery> i just did sudo apt-get apache
<deadbattery> i did sudo apt-get install apache
<jmarsden> OK, so it is the packaged one.  It shouldn't be segfaulting... is that 17202 process an httpd, or some other process spawned by apache?
<deadbattery> i really dont know
<deadbattery> i am in apache2/error.log
<deadbattery> and theres like a gizzlion of these
<deadbattery> [Tue Feb 03 06:51:16 2009] [notice] child pid 21918 exit signal Segmentation fault (11)
<deadbattery> one after anpother
<deadbattery> its only apache2 running, no mysql
<jmarsden> That almost starts to sound like hardware... flaky RAM, or something??
<deadbattery> umm quad core xeon, 4gb ram
<deadbattery> i doubt it
<deadbattery> cud an index.html be an issue?
<deadbattery> a broken one?
<jmarsden> I don't know how it could cause a segfault!  But put back a really simple one and see if the problem goes away.
<deadbattery> put back what?
<jmarsden> A nice clean safe index.html :)
<deadbattery> in the folder
<deadbattery> wher he files are hosted
<deadbattery> all there are .avi files
<deadbattery> nothing else
<deadbattery> just .avi files
<jmarsden> Then why did you think it could be index.html?
<jmarsden> If there is no index.html, it can't be causing a problem, by definition.
<deadbattery> i did have an index.html
<deadbattery> just one
<deadbattery> all the apache server does is host avi files
<deadbattery> now the servre instantly crashes..
<deadbattery> i started it
<deadbattery> and it just keeps saying waiting....
<deadbattery> does http://91.121.4.48 work for u guys
<jmarsden> So you just set up a LAMP server and threw a bunch of .avi files under /var/www and it crashes?  No other config changes?  Where does Plesk come into the picture then?
<deadbattery> i was thinking of moving into plesk
<deadbattery> i no longer use lamp
<deadbattery> i got apache2
<jmarsden> The A in LAMP starts for Apache :)
<deadbattery> yeah i dont use lamp
<deadbattery> i did sudo apt-get install apache
<jmarsden> You use the L and the A parts, at least :)
<jmarsden> OK.
<deadbattery> hm weird
<jmarsden> If you have a boring standard Ubuntu server and you sudo apt-get install apache and throw a pile of files under /var/www/ it does not segfault... not on good hardware.  That much is for sure.
<deadbattery> no i thru the files in
<jmarsden> So either some config got changed or else the hardware is the cause of the segfaults
<deadbattery> i changed the root to /home/admin
<deadbattery> wud that casue an issue?
<jmarsden> OK... how did you do that?  Which config file did you edit?
<deadbattery> httpd.conf
<deadbattery> i just remote rebooted the server
<jmarsden> I think you edited the wrong thing, can you undo that change... (after the reboot!) ?
<deadbattery> well how did i do it wrong, if it changed the root of wher ethe files are hosted to /home/admin?
<deadbattery> err i am going to do a fresh install of apache
<deadbattery> how can u remove it?
<deadbattery> first shud i get apache2 or apache?
<deadbattery> seci am removing it
<deadbattery> then i amd o fresh install
<deadbattery> which shud i isntall? apache or apache2?
<jmarsden> You should probably use apache2, it is the current stable version of Apache.  BTW your web server now apepars to be working...?
<jmarsden> I see a bunch of .avi files...
<deadbattery> this is lampp
<deadbattery> how the hell do i remove it
<jmarsden> How did you install it?
<deadbattery> a frend did
<jmarsden> LAMPP with two P's?
<deadbattery> how do u uninstall apache2?
<deadbattery> ya
<jmarsden> If if was installed as a package you can do   sudo apt-get remove apache2
<jmarsden> But who knows what your friend did...!?
<deadbattery> 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.3
<deadbattery> god damn
<jmarsden> So it installed some other copy of Apache its own way...
<deadbattery> lol
<jmarsden> If your friend manually compiled and installed stuff, you need to get him to undo that.  Or just reinstall the server; figuring out what he did would take too long, I suspect.
<deadbattery> how do u re install?
<jmarsden> Did he follow a tutorial or something to install LAMPP ?
<deadbattery> no and lampp is shitty, all i need is apache
<jmarsden> Is this a server you have physical access to, or is it at an ISP or colo place somewhere?
<deadbattery> servers in france.. i am in usa
<jmarsden> Then you need to do whatever your ISP in France says you have to do to get it reinstalled... how to remote reinstall depends completely on their setup.
<jmarsden> They may have a web based server control panel where you can request a reinstall??
<deadbattery> wait wwat?
<deadbattery> nah yo, i have remote desktop to the ubuntu
<deadbattery> i can do everything
<jmarsden> Well, you can't put a CD in the CDROM drive :)
<deadbattery> why wud i need to put a CD in the drive..
<deadbattery> i just need to remove apache2
<jmarsden> OK, you can find out where and how your friend installed it, and then undo what he did.
<jmarsden> You could pay someone to ssh into your server and do it, I suppose... but again, a server reinstall would be faster and so cheaper than doing that, I suspect.
<deadbattery> why
<deadbattery> wud i re install
<deadbattery> i wud lose ervything..
<jmarsden> This is a production server?  And you have no diae how your friend installed LAMPP?  Wow.  Then you need to talk to your friend...
<jmarsden> s/diae/idea/
<deadbattery> sec he just removed it
<jmarsden> OK, then now you can do   sudo apt-get install apache2
<deadbattery> sec
<deadbattery> k done
<deadbattery> now how do i change the root folder to /home/admin
<jmarsden> Not so fast... can you browse to the server and see anything??
<deadbattery> well lets turn it on
<jmarsden> Sure.    sudo service apache2 start
<deadbattery> admin@ns37294:~$ sudo service apache2 start
<deadbattery> sudo: service: command not found
<jmarsden> OK, try     sudo /etc/init.d/apache2 start
<deadbattery> admin@ns37294:~$ sudo /etc/init.d/apache2 start
<deadbattery> sudo: /etc/init.d/apache2: command not foun
<deadbattery> and the apache2 is isntalled
<deadbattery> Reading state information... Done
<deadbattery> apache2 is already the newest version.
<deadbattery> inside etc/init.d/ i see not apache2
<jmarsden> Strange indeed.  Can you uninstall it    sudo apt-get remove apache2
<deadbattery> done
<deadbattery> now =o
<deadbattery> now i guess sudo apt-get apache2?
<jmarsden> OK, so now install again and then you really really should have a file /etc/init.d/apache2
<jmarsden> With the install in there, yes.
<deadbattery> nope
<deadbattery> weird, huh?
<jmarsden> OK, something is broken here... maybe try   sudo apt-get install apache2.2-common
<deadbattery> dione
<jmarsden> You have a Ubuntu 8.10 server installation, right?  OK, now check for /etc/init.d/apache2 again.
<deadbattery> still no apache
<deadbattery> no i got 8.04
<deadbattery> admin@ns37294:~$ sudo /etc/init.d/apache2 start
<deadbattery> sudo: /etc/init.d/apache2: command not found
<jmarsden> Ah... Should work the same way... did the sudo apt-get install apache2.2-common   say it was going to install it, and actually do anything?
<deadbattery> no 0 for all ofem
<deadbattery> sec
<deadbattery> i just installed it
<deadbattery> and it says
<deadbattery> Do you want to continue [Y/n]? y
<deadbattery> (Reading database ... 126473 files and directories currently installed.)
<deadbattery> Removing apache2 ...
<deadbattery> so there had to be a apache2..
<deadbattery> wtf?
<deadbattery> i can give u SSH if u want
<jmarsden> MIght be faster...  Not in the channel though!
<suigeneris> ScottK, are you there?
<ScottK> I am.
<ScottK> Let me get something ...
<suigeneris> can you help me now?
<ScottK> Yes
<suigeneris> so, where do you want to begin? do you want any information from me?
<ScottK> I tried openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024 as is in the docs and had the same problem as you.
<ScottK> What I've done that works for me is:
<suigeneris> wietse said in the mailing list that key values mismatch. is it still password problem?
<ScottK> Yes
<ScottK> openssl req -new -nodes -keyout smtpd_private.pem -out smtpd_private.pem -days 365
<ScottK> Answer the questions that go with that and leave the password blank.
<ScottK> That'll be your private key.
<ScottK> Then you'll want to self sign them.
<ScottK> openssl ca -policy policy_anything -out smtpd_public.pem -infiles smtpd_private.pem
<ScottK> Then you'll want to put them and your cacert.pem in /etc/postfix/certs and make sure to chmod the private key to 600
<suigeneris> policy_anything <---- do i write this as is?
<ScottK> yes
<ScottK> If you have trouble with the cacert signing bit, look into CA.pl
<ScottK> It's shipped with openssl
<suigeneris> unable to load CA private key
<ScottK> Use CA.pl to make one.
<ScottK> /usr/lib/ssl/misc/CA.pl and man CA.pl for details.
<ScottK> suigeneris: I highly recommend "The Book of Postfix" for learning more about doing stuff with Postfix.
<ScottK> You won't be suprised where I got that from ....
<ScottK> suigeneris: I'm off to bed.  If you have more problems after trying to work through it, leave me a note and I'll get the scrollback.
<ScottK> sommer: ^^^
<suigeneris> thank you ScottK
<deadbattery> jmarsden, is da beast
<deadbattery> gnite all!!
<deadbattery> i have began my journy to learning ubuntu
<deadbattery> o.o
<gtdaqua> does anybody know the blueprints of server spec/features of jaunty?
<gtdaqua> am i the only one here?
<uvirtbot`> New bug: #228229 in openssh (main) "sshd profile does not work out-of-the-box" [Undecided,New] https://launchpad.net/bugs/228229
<gtdaqua> ??
<gtdaqua> are there any current blueprint of jaunty server?
<gtdaqua> can anybody read my posts?
<mathiaz> kees: jdstrand: bug 228229
<uvirtbot`> Launchpad bug 228229 in openssh "sshd profile does not work out-of-the-box" [Undecided,New] https://launchpad.net/bugs/228229
<mathiaz> kees: jdstrand: is this related to the openssh package?
<SmokeyD> ï»¿hey people. I am running snort on my ubuntu hardy machine, and have configured multiple ip addresses using aliases
<SmokeyD> ï»¿hould I now also modify /etc/snort/snort.debian.conf to include both eth0 and eth0:1 in DEBIAN_SNORT_INTERFACE="eth0"?
<SmokeyD> *should
<soren> lukehasnoname: What's up?
<soren> uvirtbot`: nick uvirtbot
<kraut> moin
<lukehasnoname> soren: I was wondering if there was a place where the things being worked on for Jaunty are documented. I checked the roadmap, but I don't see anything new. For example, I saw that OpenVZ is being integrated into Jaunty in the weekly newsletter, but I couldn't find info anywhere else
<soren> lukehasnoname: It's supposed to be on Launchpad, and it actually should be by the end of today. We're updating it today.
<soren> lukehasnoname: About OpenVZ... I haven't heard anything about that. At all.
<lukehasnoname> "Soren Hansen has uploaded a new version of the libvirt package. Amongst bug fixes the version available in Jaunty brings support for openvz..." Perhaps I misunderstood that sentence.
<lukehasnoname> it has to do with libvirt controlling openvz, not jaunty having a predefined openvz config
<soren> Oh. Well, the openvz stuff we got for free. It wasn't the reason for updating libvirt.
<andol> mathiaz: Seems like the mysql ssl-test-cert patch did the trick regarding bug #323755.
<uvirtbot> Launchpad bug 323755 in mysql-dfsg-5.0 "non-trivial building mysql source package, build test keeps failing, (open)ssl related" [High,Confirmed] https://launchpad.net/bugs/323755
<andol> mathiaz: Will you take a look at the debdiff I've provided, and upload it if it seems ok?
<mathiaz> andol: yes - I'm looking at it right now
<uvirtbot> New bug: #323755 in mysql-dfsg-5.0 (main) "non-trivial building mysql source package, build test keeps failing, (open)ssl related" [High,Confirmed] https://launchpad.net/bugs/323755
<mathiaz> andol: where did you take the patch from?
<andol> mathiaz: https://code.launchpad.net/~mysql/mysql-server/mysql-5.0-bugteam
<andol> mathiaz: Really wasn't sure about the best way to extract to patch, so I ended up taking a diff from when it was checked in.
<mathiaz> andol: http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0-bugteam/revision/2730?
<mathiaz> andol: yeah - ^^ seems that's the patch you took
<simplexio> does anyone know does ubuntu 8.10 suuport nfs4 acl ?
<andol> mathiaz: yes, that's the one.
<mathiaz> andol: ok. It's annoying that they generated a new certificate that will expire in one year :/
<andol> mathiaz: Yes, was kind of wondering about that. Do you really have to worry that much about a cert which only will be connect to from localhost? :)
<mathiaz> andol: oh no - it's for the test suite
<mathiaz> andol: the pkg will fail to build in one year
<mathiaz> andol: and we'll still be supporting it
<andol> mathiaz: That was what I was refering to. Isn't t he test suite only working locally?
<mathiaz> andol: it's very annoying when packages stop to build once we've released
<mathiaz> andol: yes. it's not a security issue. it's just that the package will fail to build next year while we're still supporting it.
<andol> mathiaz: Hey, but now I see kind of phrased my question wrong :) I was wondering if _they_ really have to worry about...
<mathiaz> andol: oh sorry. about that.
<mathiaz> andol: I guess they don't plan to support 5.0 by then.
<mathiaz> andol: let me check what they did in 5.1
<andol> mathiaz: not your fault that I phrased my question wrong :)
<andol> Ohh well, at least we will hopefully remember this ticket next year.
<mathiaz> andol: also when preparing a patch I usually use the DP: field at the top of the patch to document what the patch does and where it came from.
<mathiaz> andol: it helps a lot when you review patches in the futur
<andol> mathiaz: Will do that.
<mathiaz> andol: I'll update the dpatch
<mathiaz> andol: and upload the package.
<andol> thanks
<andol> mathiaz: Since we talking about mysql. You don't also feel like taking a look at my solutions to bug #296952 and bug #310211?
<uvirtbot> Launchpad bug 296952 in mysql-dfsg-5.0 "mysqlhotcopy failed on table with hyphen in name" [Undecided,Confirmed] https://launchpad.net/bugs/296952
<uvirtbot> Launchpad bug 310211 in mysql-dfsg-5.0 "MySQL table check fails in ANSI mode" [Undecided,Confirmed] https://launchpad.net/bugs/310211
<mathiaz> andol: it should be on my list - did you subscribe ubuntu-main-sponsors to ask for sponsorship?
<piquadrat> Hi! Any nginx-experts around? I can't get it to gzip any content, altough I have "gzip on;" in nginx.conf
<andol> mathiaz: Yes, ubuntu-main-sponsors are subscribed to both of those tickets.
<shally87> hi deeps
<shally87> i wanna ask if i should get a virtual machine for each of the server installed on my pc.
<shally871> hi
<shally871> what type of virtual machine i need to install for 4 server in a pc? The server are mail server, lamp, dns and samba
<incorrect> i have approximately 200 servers,  right now they are stand alone units,  however I want to create a central management system,  I am looking at ldap, however openldap seems to be somewhat buggy right now for n-way replication
<incorrect> what other alternatives are there?
<domas> NIS
<domas> or, more radical, Puppet
<incorrect> i didn't think many people used NIS anymore
<hads> Puppet is cool
<domas> we do!
<incorrect> can nis replicate information between servers?
<domas> why do you need nway replication for 200 servers? :)
<incorrect> i have multiple sites
<incorrect> don't want a vpn link to go down and everything to collapse
<mathiaz> incorrect: are you sure you need multi-master replication?
<mathiaz> incorrect: openldap support replication
<incorrect> yes there is a passwd db in there, I ideally I would like this to be current as possible over all sites
<mathiaz> incorrect: so openldap replication would work
<incorrect> if openldap n-way replication would work
<mathiaz> incorrect: what do you refer to by n-way replication?
<incorrect> http://www.openldap.org/doc/admin24/replication.html#N-Way Multi-Master
<incorrect> seems to be what https://help.ubuntu.com/8.10/serverguide/C/openldap-server.html
<incorrect> is based on
<mathiaz> incorrect: do you need to support a multi-master architecture?
<incorrect> well each site needs to sync and each site will take updates
<mathiaz> incorrect: well - the first part is easily support with the replication module in openldap
<mathiaz> incorrect: the second part is much more complicated
<incorrect> mathiaz, where is the complication?
<mathiaz> incorrect: I'd think about whether you *really* need to support every sites to take updates
<mathiaz> incorrect: in the first part you replicate for a read-only environment
<mathiaz> incorrect: in the second use case you want to support write in multiple places and sync between them
<mathiaz> incorrect: this is much harder to do
<mathiaz> incorrect: and be consistent
<incorrect> i don't mind if there are problems that an object gets updated in two locations and one update gets trampled
<incorrect> this is highly unlikely to happen
<incorrect> and i don't care if it does
<incorrect> so what you are telling me is, a company couldn't use openldap if it had two sites, and someone at the second site wanted to update their password
<incorrect> that says master->slave to me
<mathiaz> incorrect: it's possible. You'd just have to setup your environment so that the password update is always directed to the master
<incorrect> what is the point of multimaster replication?
<mathiaz> incorrect: section 17.2.2 of the openldap admin guide lists the advantages
<incorrect> If any provider fails, other providers will continue to accept updates
<incorrect> sound great to me
<mathiaz> incorrect: right - that's to eliminate the SPOF for the writes
<mathiaz> incorrect: the question is whether you can live with your master down and how long it takes to recover the master
<incorrect> hang on then it is not multi-master if one machine is the master
<mathiaz> incorrect: yes. I'm talking about using the normal replication system.
<incorrect> oh that works, i am not interested getting that working
<incorrect> i am just trying to figure out why openldap blasts is db's away when replicating
<incorrect> there must be something missing from that guide
<mathiaz> incorrect: oh ok. I thought you were looking into whether multi-master would be usedfull for your environment.
<incorrect> it clearly i the right choice if i can get it working
<incorrect> is there anyway i can check out the https://help.ubuntu.com/8.10/serverguide/C/openldap-server.html and make updates to it,  i found a number of errors
<mathiaz> incorrect: look at https://wiki.ubuntu.com/ServerTeam/KnowledgeBase - there is a documentor section that outlines how to check out the server guide
<incorrect> thanks
<mathiaz> incorrect: once you've made your updates you can push your own bzr branch to LP and ping sommer to review it
<incorrect> cool
<mathiaz> andol: mysql 5.0 uploaded.
<andol> nice
<SmokeyD> hey anybody know if Ubuntu Hardy server already contains snort compiled --enable-inline?
<_ruben> SmokeyD: its rather easy to check ... apt-get source snort and take a look at the debian/rules file
<SmokeyD> _ruben: good idea :)
<SmokeyD> _ruben: and the answer is no, well, I think it is compiled with the switch, but the binary is not installed..
<_ruben> that'd be rather odd i'd say
<SmokeyD> is there a reason ubuntu doesn't include libapache2-mod-security in the repos?
<SmokeyD> of course there is, but what is it :)
<p_quarles> SmokeyD: I forget the precise reason, but it was an upstream (i.e., Debian) decision, and that's where you would find the explanation
<p_quarles> I *think* there was some question about it meeting DFSG, but I could be wrong
<ScottK> Sounds likely
<SmokeyD> what is DFSG?
<SmokeyD> licencing stuff?
<ScottK> libapache-mod-security got removed.
<ScottK> https://launchpad.net/ubuntu/+source/libapache-mod-security
<ScottK> Debian Free Software Guidelines, which Ubuntu follows
<Deeps> heh, searching for libapache2-mod-security in google gives a plethora of hits that explain what happened
<Deeps> http://ubuntuforums.org/showpost.php?p=4227541&postcount=7 may be of interest
<SmokeyD> Deeps: I was doing that but I can only find howto's which all say apt-get install libapache2-mod-security
<SmokeyD> but ScottK's link explained it
<SmokeyD> licensing trouble
<Deeps> infact, it's back in sid now
<Deeps> bug 27
<uvirtbot> Launchpad bug 27 in baz "temporary test" [Medium,Invalid] https://launchpad.net/bugs/27
<Deeps> bug 247268
<uvirtbot> Launchpad bug 247268 in libapache-mod-security "libapache2-mod-security not found in 8.04 repositories" [Undecided,Won't fix] https://launchpad.net/bugs/247268
<Deeps> even
<ScottK> Actually it looks like exception solves the problem.
<ScottK> SmokeyD, p_quarles, Deeps: It does look to me like the licensing change solves the problem, so I'll look into getting it back in for Jaunty.
<SmokeyD> ScottK would be great, I not installed it using a community contributed debian package on the mod_security site
<SmokeyD> ScottK, could it also be backported to hardy?
<ScottK> Possibly.
<SmokeyD> s/not/now/
<ScottK> !backports
<ubottu> If new updated Ubuntu packages are built for an application, then they may go into Ubuntu Backports. See https://help.ubuntu.com/community/UbuntuBackports - See also !packaging
<ScottK> ^^^ Gives the process for requesting it (after it's back in).
<uvirtbot> ScottK: Error: "^^" is not a valid command.
<tjaalton> is likewise-open going to be updated to 5.x for jaunty?
<CrummyGummy> Hi, where do I find the stdout from a service running in inet.d?
<ScottK> SmokeyD, p_quarles, Deeps: I've asked for it to be sync'ed so it should get in for Jaunty.
<SmokeyD> ScottK: cool man
<SmokeyD> that is really nice
<SmokeyD> ScottK: I hope I'll remember to put in a request for a backport once jaunty has been released
<simplexio> grrr.. my kryptd, dmraid and swapper keep failing on page alloc
<axisys> still looking for some help on this
<axisys> http://ubuntuforums.org/showthread.php?p=6668647
<CrummyGummy> any ideas what the difference is between running a service (csync2) in inetd and running it manually? csync2 runs fine when I run it but I get an identification failed error when runnign it through inet.d
<axisys> it bombs out during disk detection
<axisys> CrummyGummy: may be the shell environment?
<quizme> apache runs as www-data right?
<SmokeyD> quizme yes
<axisys> quizme: ps -ef | grep apache or ps -ef | grep http or grep User from http.conf or apache.conf will help
<CrummyGummy> axisys: Any ideas how I can trouble shoot that? It runs ininet.d as root. and I can run it fine manually as root.
<axisys> CrummyGummy: you could have a script that spits out the env to a file and run it
<axisys> compare the output from manually run and inetd way run
<quizme> thanks
<CrummyGummy> hmmm, lemme try that.
<SmokeyD> CrummyGummy: afaik, running it through inetd enables the use of tcp-wrappers (hosts.deny and hosts.allow), which are not run when running standalone
<SmokeyD> correct me if I'm wrong please :) I like to learn
<CrummyGummy> ALL:    10.1.0.0/16 is in hosts.deny unless I need to specify the hostname.
<CrummyGummy> No, i see its just ip addresses.
<Davedan> I'm looking for a mail server that works on ubuntu. can anyone please recommend something?
<SmokeyD> CrummyGummy: yeah indeed. But shouldn't ï»¿ALL:    10.1.0.0/16  be in hosts.allow (assuming it is the subnet you are in)
<ivoks> Davedan: postfix+dovecot
<SmokeyD> Davedan: mailserver to sent mail (SMTP) or receive (POP3/Imap)
<CrummyGummy> yes, typo :(\
<SmokeyD> smtp: postfix
<SmokeyD> pop3/imap: dovecot
<ivoks> + mysql + postfixadmin
<SmokeyD> ivoks: indeed
<SmokeyD> Davedan: see http://workaround.org/articles/ispmail-etch/
<SmokeyD> that is a very nice howto
<Davedan> to receive emails, analize them and store in a db or file system
<ivoks> store them on FS
<ivoks> but put users in DB
<ivoks> amavis+spamassassin+clamav is good filtering system
<ivoks> anyway, everything you need (except postfixadmin web application) is in Ubuntu
<SmokeyD> the how-to on workaround.org is really nice
<Davedan> what can I use to run some logic and 'read' the mails?
<ivoks> and you can set up a really good mail server on ubuntu
<ivoks> roundcube
<ivoks> roundcube as webmail
<Davedan>  ivoks: roundcube is a mail server?
<ivoks> no, only a webmail
<SmokeyD> Davedan: http://roundcube.net/
<ivoks> you should also consider hiring a professional, if you aren't familiar with mail servers
<Davedan> I don't need a webmail only automatic mail server that receive mails, a script that do something with the mail and a place to store them
<SmokeyD> Davedan: if you want to use postfixadmin (I do), combine the postfixadmin parts of http://wiki.dovecot.org/HowTo/DovecotLDAPostfixAdminMySQL with the previous link
<ivoks> SmokeyD: don't push him into LDAP yet :D
<SmokeyD> ivoks: no I wouldn't
<Davedan> maybe I didn't explain myself
<Davedan> I don't need a normal mail application
<SmokeyD> ok
<SmokeyD> you want to retrieve email from another email server and read it using a script?
<Davedan> what I want is a server that receive emails from automated scripts on multiple computers, analize them and store some data in a db
<Davedan> so I guess I don't need roundcube
<SmokeyD> Davedan: do you really NEED to receive those emails on that server, or would it suffice to have a gmail account receive those emails, and let your machine fetch the emails through pop3 and run a script on it?
<Davedan> SmokeyD: I guess having a gmail account is fine but I'm not sure about the limits of the account
<Davedan> it will be sufficent for test though
<SmokeyD> Davedan:  what limits are you thinging about?
<Davedan> not sure
<SmokeyD> When you fetch your emails through pop3 from, the gmail server, they are gone from the server so little diskspace is used with gmail
<SmokeyD> which is hard to fill anyway
<Davedan> the size of the mails will be very small (10kb) but the number of mails can be high
<Davedan> will I be able to do it with a python script for example?
<SmokeyD> Davedan: if you use a remote mail server like with gmail: yes
<SmokeyD> Davedan: just write a python script that fetches mails through pop3 and analyse them any way you want
<SmokeyD> Davedan: and either run that script through cron if fetching one per hour or something is fine
<SmokeyD> if you want to read the emails more often, make the python script run continuously as a daemon and make it fetch your emails once per second if necessary (although I don't know if gmail likes that)
<Davedan> SmokeyD: the python script will be the only thing my server does so I'll do it more often.
<Davedan> k
<Davedan> thanks
<SmokeyD> Davedan: no problem
<SmokeyD> Davedan: just look into gmail's policy's regarding the frequency of your python script connecting to the gmail pop3 server
<SmokeyD> maybe gmail get's annoyed if you connect every second to their pop3 server
<SmokeyD> Davedan: http://www.python.org/doc/2.5.2/lib/module-poplib.html
<Davedan> as a proof of conecpt gmail is a great idea. If everything will work I will be able to hire someone to help me :)
<ivoks> forward all mails to one server
<ivoks> analayze your mail there (posftix + procmail + whatever you want to analayze with)
<ivoks> we can't tell you how to analyze, since that's what you have to figure out
<ivoks> i can tell you that you can forward all you mail to account account@domain
<ivoks> and set up .forward for that account with "|/your/custom/script"
<Davedan> why is it better to forward the mails and not receive them on account@domain on the first place?
<ivoks> all mail for account@domain will be forwarded to /your/custom/script program which will do whatever you want
<ivoks> you said you have multiple computers
<ivoks> then i guess you want to analyze your data on one place
<Davedan> let's say I have 100 computers all sending mails with some data to a single mail address
<Davedan> is it better to use webservices instead of a mail server to send data from multiple clients to a single server?
<ivoks> that depends only on you
<ivoks> i would set up my own server
<ivoks> and push my private data over SMTPS
<ivoks> and i wouldn't feel good having my sensibile data on some-other's servers
<Davedan> when you say server are you talking about a mail server or an http server?
<ivoks> that's how i would do it, but i'm not you, and you have to decide on your own
<ivoks> for last 10 minutes we are talking only about mail servers, right?
<ivoks> if not 20 minutes
<Davedan> I currently have a script on the clients that send data to an email address.
<Davedan> I'm asking if it might be easier to use http-server instead
<ivoks> how would you send data to http server? http is very bad for posting data
<ivoks> sh... i didn't set up acl web page
<Davedan> I'll send data to an http-server using a python script for example
<Davedan> thank you for your kind help. bye
<ivoks> unfortunatly, he doesn't understand basics, so it's hard to help him
<imaginativeone> can I get LAMP help here?
<genii> Occasionally :) Best to juust state the prob/question
<imaginativeone> I installed LAMP via: https://help.ubuntu.com/community/ApacheMySQLPHP
<imaginativeone> however, I messed it up
<imaginativeone> I wish to start over
<imaginativeone> but the advice on that page seems to be missing a step
<Jeeves_> imaginativeone: reboot and reinstall?
<imaginativeone> reboot my server?
<imaginativeone> won't the services just restart?
<genii> imaginativeone: You used tasksel method?
<imaginativeone> yes
<imaginativeone> my browser keeps trying to open a PHTML file
<imaginativeone> can I reverse the tasksel method?
<genii> imaginativeone: You can use remove with it: eg:  sudo tasksel remove lamp-server            and then retry install. Not sure if the dpkg can be passed some option like --purge in that process however
<deadbattery> anyone knows how to migrate from ubuntu desktop to ubuntu server?
<domas> rpm -e ;-)
<domas> ergh
<domas> apt-get remove
<yann2> changing the kernel I'd say? :)
<domas> and yes, changing the kernel
<deadbattery> yeah but
<deadbattery> the thing is
<deadbattery> i am in USA
<deadbattery> server is in France
<deadbattery> all i have is SSH
<domas> install new kernel, reboot
<deadbattery> wud i be able to do that with out losing any of my files?
<domas> if doesn't come up, call datacenter monkeys and ask to bring up old kernel
<deadbattery> too much hassle xD
<deadbattery> so wud i do that thru SSH?
<imaginativeone> genii: thanks a bunch
<genii> imaginativeone: It can be that your apache does not have a handler for phtml in it's config
<imaginativeone> deadbattery: over my head
<imaginativeone> what is phtml?
<ivoks> your browser thinks it can download php file
<ivoks> you should install libapache2-mod-php5, if you haven't already
<ivoks> or clear your browsers cache
<genii> imaginativeone: phtml is compiled php code
<genii> deadbattery: If you feel brave you could use kexec to load new kernel without reboot.
<tuan123> hello everbody
<tuan123> has someone successfully installed ubuntuserver+kvm+jeos on a hetzner server?
<soren> tuan123: Yes.
<tuan123> cool
<tuan123> could you tell how to config the network correctly?
<tuan123> i have successfuly run the vmbuilder script and my vm1 is running
<tuan123> but i cannot connect to it per ssh
<imaginativeone> genii: do I have to do anything special to reinstall?
<soren> tuan123: Depends.. I've set up an elaborate NATing scheme.
<genii> imaginativeone: Just usually tasksel again.eg:  sudo tasksel install lamp-server
<soren> tuan123: ...but you can ask hetzner for an 8 IP subnet that you can route to, and configure a libvirt network for that.
<imaginativeone> genii: thanks very much
<genii> imaginativeone: You're welcome
<tuan123> soren: oh, that sounds difficult. are there tutorials to do that?
<tuan123> soren: you mean i should ask for another subnet?
<soren> tuan123: Depends on what you want to do with your vms.
<soren> If you only need outbound access, you don't need to do anything.
<Fenix|work> Greetings!
<tuan123> soren: i just want to have 1 host fÃ¼r vms and many vms as webservers
<genii> imaginativeone: You should also look at ivoks' statement about libapache2-mod-php5 , this may be the actual underlying issue.
<soren> tuan123: It really depends on what you're trying to achieve, really.
<Fenix|work> any way to automate firewall drop configs on a temporary basis for people trying to bruteforce my FTP service?
<ivoks> yes
<soren> Fenix|work: fail2ban
<ivoks> denyhosts also
<ivoks> but that one is for ssh
 * ivoks should take a look at fail2ban :D
<tuan123> soren: i just want the simplest scenario: 1host and 5 "vserver" as webserver
<soren> tuan123: Well, the usual way to do that is to just configure apache to have several virtualhosts.
<soren> ...but if you want to use vm's, you need to either get some more ip addresses or set up a frontend apache server that relays requests to backend vm webservers.
<Fenix|work> soren, is it customizable for other logs?  For instance pureftpd places these errors in /var/log/messages
<tuan123> soren: yeah, i know. but i want 5 separate vms fÃ¼r each customer
<soren> Fenix|work: It's highly customisable, yes.
<soren> tuan123: Ok..
<tuan123> soren: thx soren. i really need help, because i have finally build an vm, but i can not connect to it.
<soren> tuan123: Well, of course.
<soren> 16:42:01 < soren> ...but if you want to use vm's, you need to either get some more ip addresses or set up a frontend apache server that relays requests to backend  vm webservers.
<tuan123> soren: i have 7 ips available
<soren> tuan123: Oh, so you already got the subnet?
<soren> Good, good.
<tuan123> soren: yes
<soren> Which version of Ubuntu are you running?
<tuan123> i have this one: http://www.hetzner.de/hosting/produkte_rootserver/ds8000/
<tuan123> ubuntu 8.10 min
<tuan123> do you speak german?
<soren> Somewhat.
<tuan123> ok
<tuan123> soren: i have set up a bridge br0 with the config of eth0. and it set eth0 to iface eth0 inet manual
<soren> The easiest way to do it would be to change   <forward mode='route'/>
<soren> Whoops
<soren> The easiest way to do it would be to change   <forward mode='nat'/> to <forward mode='route'/>  in "virsh edit-net default"
<soren> And change the IP's in there to match your setup.
<tuan123> soren: thx. ok i try it now
<Fenix|work> anyone know how to change the log file location for pure-ftpd with pure-ftpd-wrappers?
<nomego> hey guys, trying to upgrade a feisty server, but some files doesn't seem to exist in the archives..
<tuan123> soren: edit-net doesnt exists. where can i find the file?
<soren> tuan123: Sorry, it's net-edit. My fault.
<nomego> how should I go about upgrading?
<tuan123> soren: net-edit doesnt either
<soren> tuan123: In Intrepid?
<tuan123> soren: yes
<soren> tuan123: Tell me... How are you running your virtual machine?
<tuan123> soren: per virsh start vm1
<tuan123> soren: should i show you my config files?
<soren> tuan123: What's the exact error message you get when you do "virsh net-edit default"?
<tuan123> error: unknown command: 'net-edit'
 * soren could have sworn that was available in intrepid.
<soren> Oh, well. Do this instead:
<soren> virsh net-dumpxml default > netdefault.xml
<soren> edit netdefault.xml
<soren> virsh net-define netdefault.xml
<zoopster> soren: it's not in any path on my server
<soren> zoopster: Who are you?
<soren> zoopster: And what are we talking about?
<tuan123> soren: <forward/>?
<zoopster> soren: lurking on your dialog with tuan123
<soren> Change it to <forward  mode='route'/>
<soren> zoopster: And what is not in the path on your server?
<zoopster> soren: the virsh net-edit..that command isn't available for me either...is it in a newer version?
<soren> zoopster: What do you mean it's not in the path? You don't even have virsh?
<tuan123> soren: but as i know i do not use this virtual adapter, instead i use br0 like in this tutorial: https://help.ubuntu.com/community/JeOSVMBuilder
<soren> You could have mentioned that...
<soren> Then you have to do it completely differently.
<zoopster> soren: mistake on my terminology...virsh net-edit is not a valid command on my intrepid server...I was trying to follow along
<tuan123> soren: sorry
<soren> Hm, okay. Must have been a 0.5.0 thing then.
<tuan123> soren: now i got my vm1 up running and i can connect per ssh woohhoo, BUT...
<zoopster> soren: yea...my virsh --version is 0.4.4
<soren> Always running the development version makes these sorts of things hard to remember :)
<soren> zoopster: Yeah, we didn't go 0.5.0 until Jaunty.
<soren> WEll, we skipped 0.5.0, actually and went straight to 0.5.1, but still.
<tuan123> soren: the vm1 can only communicate with the host, but not with the internet
<tuan123> soren: so how do config the br0 and vm1 correctly?
<soren> I'm going to guess you've put it on qemu:///session rather than qemu:///system
<soren> ..and with that, I'll have to bid you goodbye. I need to go get some dinner.
<tuan123> soren: no its on qemu:///system
<soren> Ok.
<tuan123> soren: thank you, bye
<soren> What you need to do is to make sure your stuff is routed properly. In both directions. This is not completely trivial.
<tuan123> soren: do you have a good tutorial about that?
<soren> Nope.
<soren> I wing it :)
<SmokeyD> hey people. DOes anybody now if there are problems running apparmor on an ubuntu hardy system in as a xen guest?
<SmokeyD> and also, how hard is it to make apache2 be controlled by apparmor (as compared to creating a chroot jail manually)
<MiladKhajavi> I want to go back to one of my 'screen', how can I get them back?
<dnperfors> with CTRL-A N you go to the next screen, with CTRL-A P you go to the previous one...
<MiladKhajavi> dnperfors: I inserted CTR-A D and know I'm in actual terminal, I want to back to my screen
<plun> Hi all
<plun> Anyone with knowledge about Ubuntus server guide ?
<plun> http://doc.ubuntu.com/ubuntu/serverguide/C/
<yann2> ?
<MiladKhajavi> any one could help me?
<dnperfors> MiladKhajavi: you detached your screen, type screen -r
<ScottK> plun: Ask a specific question.
<MiladKhajavi> dnperfors: thanks a lot
<dnperfors> MiladKhajavi: your welcome :)
<plun> ScottK: OK.... I gave a technical journalist a tip about this guide and how long will it be  "draft"   ?
<ScottK> sommer is the one that does most of the work on it.
<ScottK> It will be in draft until Jaunty is released.  We do a new revision for each release.
<plun> ScottK: he was badly informed and compared a Ubuntu server with a Windows server, the local community also gave him some strange thoughts... so this one is important..  IMHO  ;)
<zoopster> doc.ubuntu.com is the wiki for the Documentation Team - the official guides are at help.ubuntu.com
<simplexio> anyone experienced with nfs? i have problems with stability
<plun> ScottK :  OK !   Thanks !
<simplexio> http://paste-bin.com/view/5dcf9274 , is that "normal" that nfs soft locks
<ScottK> plun: There is also #ubuntu-marketing where (I think) they are prepared do deal with such questions.  This is more of a developer/user channel.
<simplexio> or do i use some exotic argument on server wich is know to cause some problems
 * ScottK points nijaba at the above discussion about the server guide to see if he has any better ideas.
<plun> ScottK...well  I rather be "down"  where users knows about software....  not marketing  ;)
<plun> And I dont like amateurs and badly written articles and bad comments from a "mob".....
<plun> I also gave this journalist a URL to DXter which is a server member...
<ScottK> OK, I'm just not that experienced in dealing with Journalists, that's all.
<plun> ScottK: This one was also a software tester for a magazine so a guide is perfect for such a person  ;)
<plun> I can also give him URLs to Howtoforge...
<plun> Not a big deal and now he can use the Draft  ;)
<ScottK> plun: I'd also encourage people who find problems with the guide to file bugs against ubuntu-doc so it can be improved.
<plun> ScottK:  yup a guide must be used and kept alive....
<plun> There are also so much old stuff floating around so this one is important for server operation, The Ubuntu way.
<ITSBTH> Is there anyway to configure ethernet (via DHCP) using only a keyboard?
<ITSBTH> i.e. no screen
<simplexio> has anyone idea what network file system i could use, nfs works, but keeps failing
<dnperfors> you could try samba or sshfs (which is not a real network-fs, but it could be usefull sometimes)
<zoopster> ITSBTH: not sure what you mean - you can access it via ssh and want to edit the config to change it to a static from dhcp?
<ITSBTH> No, it does not connect to the network at the moment
<deadbattery> this is weired
<deadbattery> i start apache2 up
<deadbattery> and then
<deadbattery> it starts to decrease in performance
<deadbattery> anyone know why
<deadbattery> ?
<middreks> hello, what would be the best solution for a rather small network (onyl 12 clients; vista and xp mixed) to manage the users time they have been logged in so far? i tried chillispot yesterday, because most of them use the pcs for hanging on the web, but i failed installing it.
<crazygir> how do you rest ethX mapping for nics in udev?
<maxb> s/rest/reset/?
<crazygir> yes :P
<maxb>  /etc/udev/rules.d/70-persistent-net.rules
 * crazygir looks
<crazygir> thanks :)
<tonyyarusso> OOOO, that is good to know.  My laptop seems to swap them randomly every time I reinstall.
<pmatulis> anyone know of any ubuntu-friendly virtual domain mail hosting software (a la cpanel)?
<crazygir> given that ubuntu is based on debian, are most debian resources/information applicable?
<pmatulis> sure
<crazygir> cool :)
<crazygir> apologies for the noob questions, but I'm from the BSD world, and had really only used gentoo in my linux days
<SmokeyD> ï»¿hey people. I remember reading somewhere there is a problem running apparmor in hardy server running as a ï»¿xen guest system
<SmokeyD> ï»¿do I remember correctly?
<danopia> hi!
<danopia> my server's apt uses hardy, shold i try "upgrading" to intrepid?
<crazygir> is setting up vmware in ubuntu-server any different from other linux distros?
<uvirtbot> New bug: #315241 in libnss-ldap (universe) "Mangles MAC in ethers lookup" [Undecided,New] https://launchpad.net/bugs/315241
<andol> danopia: Are there any feautures in intrepid which you are missing in hardy?
<danopia> andol, well, apt is failing :P
<danopia> and i was told that intrepid might help
<danopia> not sure though
<andol> danopia: I think it ough to be possible to have a working apt in Hardy as well :)
<andol> danopia: What is wrong with your apt?
<danopia> andol,
<danopia> http://danopia.pastebin.com/mc0df40e
<danopia> yay clipboard lag
<andol> crazygir: It should basically be the same, but some details might difer.
<andol> crazygir: This page might help https://help.ubuntu.com/community/VMware/Server
 * crazygir nods
<andol> danopia: Had this trouble myself a few time. It usualy help by trying to manually install the complaing package. That one might inturn complain on another package, etc. If you follow that chain to its end it will usually work then.
<andol> danopia: an extra apt-get update might not hurt :)
<danopia> andol, i've updated like 4 times so far though :P
<andol> danopia: Ok, then you'r probably set on that part :)
<kansan> anyone here use runit?
<kansan> i'm having trouble figuring out http://smarden.org/runit/useinit.html ...
<kansan> i want to edit the crontab file for the root user..... is there a way i can just place/replace a file on the system that cron uses?  (im scripting stuff and would prefer not to have to do: crontab -e)
<rdw200169> kansan, well, there are the cron.* directories
<rdw200169> kansan, for example, if you put a file in /etc/cron.d/ that conforms to the crontab type entry, cron will track it
<rdw200169> kansan, various packages do this, like anacron, john, php5, and postgresql-common on my system
<rdw200169> kansan, you've probably got anacron, so you should check the format of their file, and adjust accordingly, i.e. /etc/cron.d/anacron
<kansan> i wad thinking of clobbering /etc/crontab
<kansan> was thinking of
<kansan> to add new commands
<rdw200169> kansan, personally, would consider it easier to just chmod files in /etc/cron.d/, but that's just me ;)
<kansan> how do i make vim the default editor for cron
<hads> export VISUAL=vim
<rdw200169> kansan, chances are you should be able to change that in /etc/alternatives also
<rdw200169> kansan, the /usr/bin/editor is a symlinked to the editor of choice
<axisys> where can I find the dapper for sparc64?
<axisys> dont see it in ports.ubuntu.com
<axisys> http://ports.ubuntu.com/dists/dapper/main/ not here
<axisys> http://ports.ubuntu.com/dists/dapper-updates/main/ not here either
<axisys> or sparc even..
<axisys> found one for hardy
<axisys> http://ports.ubuntu.com/dists/hardy-updates/main/installer-sparc/current/images/sparc64/netboot/2.6/
<axisys> i am going to try that again.. i think it was failing to find a archive during install
<rdw200169> kansan, for example, when i run 'update-alternatives --config editor'
<kansan> ah ha
<rdw200169> kansan, and switch it to /bin/nano, crontab -e opens in nano instead of vim
<kansan> switch it to VIM ! ;p
<rdw200169> kansan, and likewise for /usr/bin/vim etc...
<rdw200169> kansan, i tested it, and it works for me, so it should work for you too.  it's the easiest way to swap editors
<kansan> E: Unable to lock the administration directory (/var/lib/dpkg/), is another process using it?
<MianoSM> if you want to change the default editor add this to your .bashrc:
<kansan> how do ir ecover?
<MianoSM> export EDITOR=vim
<kansan> ah good
<MianoSM> Now your crontab -e will be defaulted to vim, you may have to logout/log back in, but that will work for you kansan
<kansan> yes i already have a .bashrc
<kansan> 'so i'll it there
<MianoSM> well the export most likely won't be there, but you can add it to the ~/.bashrc
<rdw200169> why do an export, when the whole purpose of /etc/alternatives is to alleviate that problem?
<kansan> is there a way i can configure mysql server from the command line?  i am scripting its installation so i cant be there to use dpkg ui
<MianoSM> rdw200169: /etc/alternatives is distribution specific.
<MianoSM> I am showing a way to do it in more distributions, just in case.
<rdw200169> MianoSM, and this is a distribution specific channel ;)
<MianoSM> rdw200169: It is for sure, but I always try to have an open mind. That is what led most of us here in the first place. ;)
<MianoSM> I'm not a fan of going to open source conventions and hearing people bash off the shelf products or M$ either though, I am of the paradigm that there is a correct tool for every and any situation(s). :)
<Davedan> can I run a script whenever the package manager (apt-get install) installes or update a package?
<gorkof44> is anyonE HERE?
<erichammond> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line, so others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<Davedan> what is the root mail and how do I get the messages sent to it?
<axisys> looks like gutsy gibbon (7.10) detects the disks on t1000 and any ubuntu version above that fails
<axisys> i picked LVM
<axisys> now  LV tmp as ext3 is recommended .. can I choose that as swap instead
<axisys> ?
<axisys> or leave it as it is?
<axisys> will ubuntu can take advantage of 8 core t1000 ?
<axisys> i know solaris folks would say no
<domas> axisys: how do you define "take advantage"
<domas> axisys: it is just plenty of threads
<domas> you need application level parallelism
<domas> etc
<gouki> Hi everyone. I'm hosting a website that requires me to generate several locales for Apache to properly display the .mo files. Instead of generating all of them manually (locale-gen X) is there something I can do to generate all?
<domas> for i in *; do locale-gen $i; done
<domas> :)
<gouki> domas, well, that's good :)
<hads> EDITOR or VISUAL will work
<andol> gouki: /var/lib/locales/supported.d/
<gouki> andol, how can that prevent me from generating them manually? Sorry, I don't follow.
<hads> rdw200169: One reason to use the VISUAL variable over /etc/alternatives (or vice versa) is if it's wanted on a user by user basis.
<Gorlist> just reimaged my server to 8.04 LTS, (and installed Plesk) but just noticed my partion size for the var directory is too small. only 4.3 gig...   I need to resize it (take some away from home), how would you recommend doing this - gparted??
<Gorlist> and its got to be done via ssh
<rdw200169> hads, fine.  you win.  i was thinking of that.
<rdw200169> Gorlist, are you collocated w/the server?  i.e., are you running headless?
<hads> rdw200169: I don't want to win :) There's valid reasons for using both
<Gorlist> rdw200169, how do you mean? (headless?)
<Gorlist> oh no
<rdw200169> Gorlist, headless means no monitor/keyboard
<Gorlist> sorry
<Gorlist> its sitting 1000 mile saway
<Gorlist> away
<rdw200169> Gorlist, oh!  well, i'm not sure how your system is set up... but in order to change the partition sizes you must unmount them first... thereby killing the server...
<Gorlist> oh.
<Gorlist> erm
<rdw200169> Gorlist, now, you could do some roundabout crazy stuff, like create a /var partition on a separate drive, switch it over in /etc/fstab, and so on...
<andol> gouki: only partly I guess :) By listing your locales in files inside that folder they will all be generaed wih the command "locale-gen", without any paramaters. A benifit of having them in that folder is whenever an upgrades feels the need to regenerate your locales, all those in that folder will autmaticly be generated.
<Gorlist> thats not terribly good as I have no access, and the image is predefined. Home directory ive got 64 gigs worth which I certainly don't need
<rdw200169> Gorlist, well, you do have another option.
<hads> bind mounts or symlinks or some other ugly solution
<rdw200169> Gorlist, you *could* perform a symlink of /var to a directory inside of /home
<rdw200169> hads, Gorlist yes, a very dirty solution
<rdw200169> hads, but it *would* get you a lot more room to work with
<hads> Yah
<rdw200169> hads, the best way to do this would be to use something other than /var, like /opt or /home for /var/www for example
<Gorlist> rdw200169, hmm,
<gouki> andol, got it! That is indeed a good policy. Generating them all, as domas said, will also get them listed there. Correct?
<hads> You can probably move it around enough to reboot without /var mounted and then resize.
<rdw200169> Gorlist, sorry, the message i gave hads i meant for you
<Gorlist> rdw200169, problem with plesk is it it stores all of the domains, and what not in var
<rdw200169> Gorlist, well, you *can* trick plesk
<rdw200169> Gorlist, using symlinks, etc...
<Gorlist> rdw200169, what about security?
<rdw200169> Gorlist, that doesn't matter.  just make sure your links have the correct permissions
<Gorlist> rdw200169, I will have to readup on it, ive never done it before - thanks for the suggestion
<rdw200169> Gorlist, the bigger problem is with filling up the disk(s).  /var/ is generally meant for directories/files that tend to fill up
<rdw200169> Gorlist, but you can make that much more manageable by using something like monit to alert you when the disk, partition, whatever starts to fill up
<Gorlist> http://pastebin.com/m6a80439c
<Gorlist> thats the partion layout
<Gorlist> unless ive missed something
<gouki> And domas, BTW, locale-gen with a wildcard doesn't work.
<rdw200169> Gorlist, hmm.. interesting that you're stuck with so much in /home!
<Gorlist> yes considering the image is supplied by a webhosting firm.. crazy
<rdw200169> Gorlist, your situation is why they have LVM: http://en.wikipedia.org/wiki/Logical_Volume_Manager_(Linux)
<rdw200169> Gorlist, but it's a little late to change now, i think ;)
<Gorlist>  :) well im going to have todo something soon as its a fairly large community site
<Gorlist> ive got Raid 1
<rdw200169> Gorlist, well, there's this:
<rdw200169> Gorlist, https://help.ubuntu.com/community/Installation/RAID1%2BLVM
<Gorlist> rdw200169, will have to read through, I might first see if I can restore the data with the space I have to give some breathing
<rdw200169> Gorlist, you could, also, set up plesk such that it has it's own home folder for all its /var/ stuff
<rdw200169> Gorlist, then symlink, for example, /home/plesk to /var/plesk
<Gorlist> again I wouldn't know where to begin im afraid - I could only pre-read so much
<rdw200169> Gorlist, well, do you know what directory plesk keeps all its stuff in?
<Gorlist> this is their article: http://kb.parallels.com/article_17_819_en.html
<Gorlist> but a small section is plesk itself is installed to /opt/psa
<rdw200169> Gorlist, ah, this thing does it all i see
<Gorlist> yes,
<Gorlist> at the moment its really easy to do a fresh install
<Gorlist> as the data is backed up on a secured ftp
<gouki> BTW, found a list on /usr/share/i18n/SUPPORTED. I'll just cat that into supported.d/local and dpkg-reconfigure locales.
#ubuntu-server 2009-02-04
<luckyone> hello all
<luckyone> so, I am installing 8.10 server on my new MSI Wind that I want to use as a NAS with RAID 1
<luckyone> does anyone have any ideas of packages or web based admin tools I could install on top of the base server so I can easily administer my new machine?
<hads> Not familiar myself but I believe ebox is the supported one.
<Laney> Hi. Is /var/run/reboot-required created on servers too, or is this just a desktop thing?
<Laney> (you may have seen this discussion on identi.ca)
<luckyone> also, is there any documentation on creating a software RAID 1 array?
<luckyone> I am installing ubuntu on /dev/sdc3, I want to RAID 1 /dev/sdc5 and /dev/sdc6
<uvirtbot> New bug: #325109 in bacula (universe) "package bacula-director-pgsql 2.4.2-1ubuntu6 failed to install/upgrade" [Undecided,New] https://launchpad.net/bugs/325109
<genii> Probably some postinst script issue
<Laney> doesn't check if postgres is running
<brianwillis1984> hey everyone i could use some help
<brianwillis1984> im installing the server edition in my server and when i do autoconfig on the network it cant pick it up
<genii> brianwillis1984: Usually: doesn't know what eth driver or: network not connected
<brianwillis1984> ook how do i fix this
<brianwillis1984> this is my first server so im new to all of this
<brianwillis1984> how do i use a dchp protcol?
<brianwillis1984> dhcp~
<genii> brianwillis1984: man interfaces     can be interesting reading ;)
<ziggles> hi guys, does anyone know what KVM does to VMs running if i shutdown the KVM machine?
<ziggles> ie are the VMs gracefully shutdown as if i had executed the showdown command, or is it just like pulling the plug?
<vbabiy> Hey is a any else have some issues with vms on Virtual Box using Ubuntu 8.10 server, I network is all messed up
<vbabiy> if I do ifconfig it displays nothing, if I do dhclient it finds a ip but doesn't on boot
<Gorlist> just got off the phone, they will not do any adjustments to the image, or run a partition adjustment tool their end... Would serial console help at all?
<vbabiy> on ubuntu server whats says eth0 is this nic
<uvirtbot> New bug: #323603 in openldap (main) "package libldap-2.4-2 2.4.11-0ubuntu6.1 failed to install/upgrade: package libldap-2.4-2 is not ready for configuration" [Undecided,New] https://launchpad.net/bugs/323603
<matt123> is there a gui for mdadm?
<twb> I moved my disks into a new server, and now I have eth6 through eth11 instead of eth0 through eth5.
<twb> I assume this is because the MACs changed, but I can't see macs defined in /etc/network/interfaces.
<twb> OK, the problem is in /etc/udev/rules.d/70-persistent-net.rules
<squidly> twb: yea it's defined there
<squidly> I acutally use that to remap nic's on my ids sensors to have a standard setup
<twb> I understand the need for the file, I just couldn't find it at first.
<squidly> ahh
<squidly> twb: sorry if I was paying attention I would have said that before
<twb> np
<twb> In RHEL it's in an even stupider place
<squidly> twb: that is why I stay away from RH
<squidly> though udev/rules.d is a pretty standard place
<twb> squidly: /etc/sysconfig/networking/ifcfg-ethN
<twb> or some such
<squidly> twb: wtf.. you serious?
<squidly> wow
<squidly> that makes me so glad that I dont ever use RHEL
<squidly> I use ubuntu and debian for my servers
<alienseer23> I cannot receive mail. getting the error "poststfix/pipe[8484]: fatal: get_service_attr: unknown username: vmail" where vmail is a val;id user and group, the pipe service is not duplicated or chrooted, and postfix check gives me nothing. What in the world could this be?
<larswey> Hi, I managed to delete a user still running irssi in screen, the user has been deleted but screen is still running. How can i stop it?
<_ruben> lookup the process id using ps or top, sudo kill <pid>
<larswey> When I do ps -U username it says that user doesnt exist :p
<_ruben> then look for a numeric username in the complete ps output
<larswey> ok, so whats the command for that?
<_ruben> ps ax for example
<_ruben> ps aux i mean
<_ruben> ps uxa | egrep '^[0-9]'
<larswey> thanks :)
<larswey> It worked.
<kraut> moin
<SmokeyD> hey, anyone know if there are issues with running apparmor in ubuntu hardy server in a xen guest virtual machine? I seem to remember something like that.
<UndertakerX2> Hello, I cant seem to get fluxbox to launch from my ubuntu server command line
<UndertakerX2> how can i fix this?
<p_quarles> UndertakerX2: what's in your ~/.xinitrc ?
<UndertakerX2> quick question before that, is there a copy and paste function in server?
<UndertakerX2> and it denies me permsiion to that folder
<p_quarles> UndertakerX2: if you're are using ssh + a terminal emulator to access the server, then yes, you can copy and paste
<p_quarles> UndertakerX2: if you're using a straight console, then you can install and use pastebinit
<UndertakerX2> im just running the terminal from vmware
<p_quarles> "the terminal from vmware" most likely counts as a terminal emulator, but I'm sure you can also connect via ssh
<p_quarles> more importantly: no, you were not denied permission to that folder
<UndertakerX2> :s thats what it said
<p_quarles> exactly what did it say?
<UndertakerX2> err sorry missed part of the line, getting tired :p it gave me -bash: /home/xplorer4x4/.xinitrc: permision denied
<p_quarles> UndertakerX2: can you pastebin the output of the following commands?
<p_quarles> 1) whoami
<p_quarles> 2) ls -lh ~
<UndertakerX2> not much to paste bitn, 1: xplorer4x4 2:total o
<p_quarles> UndertakerX2: that is most certainly not the output of either of those commands
<UndertakerX2> no i just made it up
<UndertakerX2> be happy to provide a screen to proove it
<p_quarles> UndertakerX2: you did indeed
<p_quarles> UndertakerX2: I don't see how two commands could result in one line of output that doesn't match the data type for either
<p_quarles> UndertakerX2: but, please, give me that screenshot :)
<UndertakerX2> http://img243.imageshack.us/img243/7738/89862382dk0.jpg
<UndertakerX2> see?
<UndertakerX2> i wouldnt waste my time or yours to come in here to make stuff up
<p_quarles> UndertakerX2: numbering the lines instead of pastebinning was confusing, as it made it look like the output was messed up
<UndertakerX2> sorry i just saw you say that
<UndertakerX2> my apoligies
<p_quarles> UndertakerX2: in any case, what is the output of: touch ~/.xinitrc
<UndertakerX2> it did nothing, just took me back to the same comand prompt as before
<p_quarles> good, now what is the output of: ls -lh ~
<UndertakerX2> total 0
<p_quarles> sorry, no, try this: ls -lha ~
<UndertakerX2> http://img5.imageshack.us/my.php?image=50772871bt8.jpg
<p_quarles> UndertakerX2: okay, looks good, now run: nano .xinitrc
<p_quarles> and feel free to pastebin it rather than provide a screenshot
<UndertakerX2> sorry, i would but im in vmware player and it wont allow me to copy and paste
<UndertakerX2> if you like to help me get set up with shh after this ill be more then happy to pastebin for ya in the future :p
<UndertakerX2> http://img11.imageshack.us/my.php?image=27851322od0.jpg
<p_quarles> UndertakerX2: most terminal emulators allow you to copy by highlighting, and paste by middle-clicking
<p_quarles> okay, put a new line before the current one
<p_quarles> it should read: !#/bin/sh
<UndertakerX2> middle click doesnt work :(
<UndertakerX2> ok got that line in there
<p_quarles> save it, exit, and then type at the command line: startx
<p_quarles> oops
<p_quarles> that should be #!/bin/sh
<UndertakerX2> ok corrected, now how do i save? :$
<p_quarles> the ^ means "ctrl" -- hit it in combination with the keys indicated in the menu
<UndertakerX2> so F2?
<larswey> are you going to save nano file?
<larswey> then ctrl+x
<larswey> y for yes
<UndertakerX2> yeah it says F2 or ctrl+x
<larswey> then you chose :)
<UndertakerX2> ok hold on i got an error on startx
<UndertakerX2> http://img502.imageshack.us/my.php?image=60441645fv1.jpg
<UndertakerX2> thanks to both of you so helping so far :)
<p_quarles> UndertakerX2: looks like X isn't actually fully installed
<p_quarles> UndertakerX2: sudo apt-get install xserver-xorg
<UndertakerX2> ok installing now, then startx?
<p_quarles> yep
<UndertakerX2> startx
<larswey> wrong window
<UndertakerX2> lol yep :p
<larswey> :p
<p_quarles> happens to everyone eventually :)
<larswey> yup
<UndertakerX2> hmm doesnt seem to want to fully load, i have a blue background, with a dark blue bar at bottom with a clock on it
<p_quarles> that's fluxbox
<p_quarles> right-click your mouse/touchpad for the menu
<UndertakerX2> oh i thought there was more to it, but new problem, my mouse wont work
<UndertakerX2> cant move or click
<larswey> probably something to do with vmware
<UndertakerX2> i had a feeling youd say that
<larswey> try restarting the virtual machine
<p_quarles> well, if your mouse is working fine except for inside vmware...
<p_quarles> anyway, I have to go to sleep; I will do my best to answer questions that highlight my nick
<UndertakerX2> vmwares being very problematic as i have to use vmware player to acutally load ubuntu rather then vmware workstation
<p_quarles> good night :)
<UndertakerX2> thanks
<UndertakerX2> mouse still doesnt work
<UndertakerX2> but yeah its 4 am so i suppose i will deal with that tommorow
<UndertakerX2> larswey, thanks again
<larswey> you have the new version of vmware?
<larswey> with that stupid webui?
<UndertakerX2> p_quarles: thanks
<UndertakerX2> webui?
<larswey> no problem :)
<larswey> the new version runs a webserver, everything is done with a browser
<UndertakerX2> no I have workstation 6.5.1
<larswey> ahh, ok
<UndertakerX2> is that a better version to run?
<larswey> i was thinking of vmware server
<larswey> no, its horrid :)
<larswey> doesnt support Opera..
<UndertakerX2> guess thats why its free eh? :p
<larswey> hehe, yeah
<UndertakerX2> was amde free*
<larswey> but the old version was better
<larswey> also free
<UndertakerX2> oh i thought they used to charge for server?
<larswey> no, that has always been free
<UndertakerX2> hmm i swore they used to charge but oh well
<larswey> hehe, good night :)
<UndertakerX2> but yeah its 4 am gotta sleep sooner or later, thanks again, night
<Davedan> I want to backup the installed packages list and all the configuration and customization of my server.
<Davedan> I've read that I need to backup /etc /root /var/cache/bind /var/lib/dpkg /var/backups /var/www /usr/local
<larswey> Yes?
<Davedan> will there be sensitive data in thouse files?
<Davedan> like passwords and stuff
<larswey> doubt it
<larswey> unless you put it there yourself
<Davedan> do you an example where passwords are stored
<larswey> nano the files and see for yourself
<Davedan> because I want to share my server configuration with someone without exposing it to a security risk
<larswey> ls and see if theres anything suspicious
<Davedan> sound unsecure to me...
<Davedan> thanks
<simplexio>  /etc/shadow has all system passwords.. someone can attleast run dictionary attacks on them
<Davedan> simplexio: is there a safe way I can exclude sensitive data and save only config data?
<simplexio> Davedan: just remove /etc/passwd shadown , groups, shadow- from backups if you dont have anyother programs that save passwords
<simplexio> Davedan: example i think hat  samba saves attleast users somewhere
<Davedan> simplexio: it has to be 100% safe. If ubuntu has a standard place to save sensitive data it is excellent. If usernames, passwords, IP... are spreaded all over the file system I can't take that risk
<hads> Then use an opt in method rather than opt out.
<simplexio> Davedan: all unix logins are in those shadown and passwd and groups files, i dont know what programs you have installed
<soren> Koon: Do you have an example of a source package that uses ant to build? tomcat?
<Koon> tomcat6 uses ant... also most of the libcommons-*-java stuff does (through CDBS)
<Koon> couldn't use the cdbs helpers for tomcat6 though
<soren> Koon: Cool, thanks.
<Mohammad[B]> how to i can config squid 2.7 for a proxy server in a web server ? please help me :-s
<soren> Koon: Ok, that didn't help, apparantly. I have a package here that doesn't obey $DESTDIR and was hoping I could work that out from another package, but I can't seem to spot how it's implemented when using ant?
<soren> Koon: I chose libcommons-net-java (at random), but it seems to not use ant to do the install bit.
<soren> That explains.
<yann2> soren > ever tried solaris on kvm?
<Koon> soren: in most cases I would say you won't find "ant install" run
<Koon> more an "ant package" thing that will produce a built/foo.jar file that you would list in your install.THING file
<Koon> not sure what your problem is... let me come and see you
<piquadrat> Hi! Any nginx-experts around? I can't get it to gzip any content, altough I have "gzip on;" in nginx.conf
<soren> piquadrat: I doubt you'll find much help here. AFAIK, we don't even ship nginx, so I think you'd be better helped in another channel. Probably an nginx specific one.
<piquadrat> soren: Ubuntu has nginx in its repositories (0.5.33 in hardy, 0.6.32 in intrepid). I already asked on #nginx, and the one person that was there confirmed that my configuration should be OK. That's why I suspect that there could be a problem with Ubuntu's nginx package
<maxb> piquadrat: Compiling nginx yourself would be a straightforward way to clarify this
<piquadrat> maxb: I'm already on it :)
<soren> piquadrat: Oh, you're right. I can't spell, apparantly.
<frippz> I have vague memories of a way to find out which process that is using a specific file (or in this case a mounted file system). anyone who knows what I'm referring to?
<frippz> ah, now I remember! lsof :D
<alex_joni> hello, short issue installing ubuntu 8.04.2 server on an Fujitsu Siemens Primergy server..
<alex_joni> there is a RAID card in there, which is recognized, partitioning works ok, but grub doesn't want to install the boot loader
<dtcrshr> hi folks, i need a server that can capture 2 adsl connections, on two eth different eth cards, and share the connection with load ballance trough a third one. The main issue is that i need to set a vpn tunnel to a pptp vpn micro$oft server, and allow all the netowork to use this tunnel. Is there a case study for this kind of use of ubuntu server as a router/firewall?
<ivoks> hm...
<ivoks> alex_joni: what raid card is that?
<alex_joni> http://eneas.juve.ro/~juve/primergy/
<alex_joni> Mylex Corporation AcceleRAID 352/170/160 support Device [1069:0050]
<ivoks> how many disks do you have?
<ivoks> a lot, right?
<alex_joni> 10 x 32G
<domas> mylex! smells like history!
<ivoks> is that a hardware raid?
<alex_joni> ivoks: one thing I thought about doing is getting a small IDE drive, and use that as boot.. but it would be nice if I could make it work
<domas> wooo, 32G drives too
<alex_joni> ivoks: yup.. big PCI 64bit card
<alex_joni> domas: U320 SCSI though, not _that_ old
<alex_joni> I guess it's 36G not 32..
<ivoks> so, you created two partitions?
<ivoks> swap and /?
<alex_joni> 3.. /boot / and swap
<alex_joni> I tried initially to let it use the auto partitioner
<alex_joni> (that did a similar thing, but grub failed to install)
<ivoks> hm... very odd:
<alex_joni> then I booted the server disk in rescue mode, and tried to install grub
<ivoks> Error running 'tune2fs -l /dev/rd/c0d0'
<alex_joni> then run various incantations of grub-install
<ivoks> why would it run tune2fs on disk anyway?
<alex_joni> c0d0 is the RAID volume
<ivoks> but, that's a disk
<ivoks> tune2fs is for partitions
<alex_joni> I think.. (didn't use funny letters before ;)
<alex_joni> only software raid so far on regular i386 hardware
<ivoks> cannot open /dev/rd/c0d0p3: No such file or directory
<ivoks> 10 disks in raid0?
<ivoks> you just want to loose your data, right?
<ivoks> lose
<ivoks> or whatever
<ivoks> lose
<ivoks> :)
<ivoks> i can't figure out why grub failed
<soren> ivoks: I only just joined the conversation, but stuff might call "tune2fs -l" on a disk to make sure there's not already a filesystem on it before it starts to partition it..
<soren> Could that explain it in this context?
 * soren is too bored to read all of the scrollback :)
<ivoks> soren: that could be it
<soren> Is this in the installer, perhaps?
<ivoks> since this happend 2 seconds after 'Reading all physical volumes.  This may take a while...
<ivoks> '
<ivoks> EXT3 FS on rd/c0d0p3, internal journal
<ivoks> EXT3 FS on rd/c0d0p1, internal journal
<soren> Ok. I don't know if that's the reason (I would actually expect it to use udev for that), but it's a possible explanation.
<ivoks> and p2 is swap
<frippz> is it possible to mount an NFS share as any other than root in 8.10?
<soren> frippz: No.
<ivoks> alex_joni: have you tried with lilo?
<luckyone> does anyone know of a good tutorial to make a bootable USB drive from an iso image? I need to install ubuntu-server, I have tried UNetbootin, but it isn't working (my machine isn't booting from it...)
<frippz> great... Linksys NSS4000 uses root_squash so I can't mount anything on that brick now
<ivoks> dtcrshr: i don't see how you load balance two adsl connections
<ivoks> dtcrshr: you get an IP for each connection, you don't decide which IP on which interface, your ISP does that
<ivoks> so, you can't bond them
<alex_joni> ivoks: lilo does the same thing
<soren> ivoks: You can do load balancing without bonding, though.
<alex_joni> ivoks: with lilo I can specify the installation target
<ivoks> soren: qos, yes, but i think that dtcrshr wants to load balance VPN tunnel
<alex_joni> but neither /dev/rd nor /dev/rd/c0d0 nor /dev/rd/c0d0p1 work
<ivoks> alex_joni: and what c0d0 should work, hm...
<ivoks> lol
<ivoks> alex_joni: make that 'c0d0 should work'
<ivoks> alex_joni: did you create empty partition table on disks?
<alex_joni> ivoks: The path /dev/rd/c0d0 does not represent a partition or hard disk device. Please try again.
<alex_joni> ivoks: empty partition table? not that I know..
<ivoks> alex_joni: hm...
<soren> ivoks: Well, in that case you can get two vpn connections to the vpn server and bond those on both client and server.
<soren> ivoks: I would  /never/ do anything like that, but it's certainly possible :)
<ivoks>  /dev/rd...
<ivoks> alex_joni: i'm clueless
<alex_joni> ivoks: I selected continue without a bootloader
<alex_joni> and it tells me "to boot manually with the /vmlinuz kernel on partition /dev/rd/c0d0p3 and root=/dev/rd/c0d0p3 passed as a kernel argument."
<alex_joni> does /vmlinuz on /dev/rd/c0d0p3 look ok? shouldn't it come from /boot (c0d0p1) ?
<ivoks> it should, yes
<alex_joni> maybe it tries the same thing with lilo/grub and that fails
<alex_joni> (I don't see an actual error from grub)
<ivoks> try with just / and swap
<ivoks> wihtout /boot
<ivoks> create swap as p1 and / as p2
<alex_joni> trying now
<alex_joni> will take a while.. a fresh boot takes about 2 minutes :D
<ivoks> heh
<alex_joni> i386 only detects 4G of ram, should I try x86_64 maybe?
<alex_joni> a hard boot takes way longer
<alex_joni> do you know what the syntax is to boot from HDD via the install cd
<alex_joni> ?
<dtcrshr> [ivoks]: actually, im doing that with a linux router box, and the load balance works just fine
<dtcrshr> the issue is that i need a pptpclient on the box, to fetch a tunnel on our vpn
<dtcrshr> and the box isnt too friendly to new addons
<dtcrshr> i just wondered if i started a ubuntu server configuration, ill be able to do what i want. My biggest problem its time
<luckyone> hello all, I have used the create a USB Startup disk to hopefully boot from a USB drive
<alex_joni> ivoks: no luck with swap and / either
<ivoks> :/
<alex_joni> any idea how to boot from the install cd?
<alex_joni> I mean what boot params to pass to it..
<ivoks> i386 linux detect 16GB or RAM
<ivoks> but you should use 64bit OS on 64bit CPU
<alex_joni> ivoks: should.. I have 8G in this box, but I saw only 4G in the logs
<ivoks> that's installer kernel
<ivoks> once you boot it, you should see all 64
<ivoks> er... 8
<ivoks> :)
<Mark______> Is there anything special that needs to be done for Vista clients to work with dhcpd in intrepid?
<ivoks> nope
<Mark______> I'm having trouble with the clients getting leases.  I can see in syslog it tries to send out the dhcpdiscover packet to the clients, but it doesn't show up on the vista machines.
<Mark______> I have the broadcast address specified, and the always-broadcast flag on.  I'm just not sure what else to do
<Mark______> I have linux thin clients that work fine, as well as XP machines.
<fw1> when using apt-mirror, i only get the hardware arch of my current platform,  I would like to get both 32bit and 64bit arch's
<luckyone> anyone have any idea why my system won't boot from the usb drive?
<uvirtbot> New bug: #325193 in mysql-dfsg-5.1 (universe) "can not upgrade mysqld (jaunty)" [Undecided,New] https://launchpad.net/bugs/325193
<crazygir> why is installing vmware server so difficult
 * crazygir wonders if he should be doing something differently
<soren> luckyone: Some systems just on't boot from USB.
<soren> luckyone: Some USB devices just don't let you boot from them.
<soren> luckyone: And some combinations of systems and USB devices just don't boot.
<ircleuser> hey everybody
<ircleuser> have anybody skills at Freeradius configure ?
<ircleuser> I have a question
<ircleuser> I setup it and always get in log Auth: Login incorrect:
<ircleuser> I check freeradius server as: radtest user1 password1 localhost 1812 test
<luckyone> soren: I have booted from it twice last night
<luckyone> soren: it just isnt letting me anymore
<ircleuser> please somebody explain me where I must search answer ?
<ircleuser> I configure server reading this - http://www.debian-administration.org/articles/245
<ircleuser> and it's not working for me
<frippz> I'm trying to mount an SMB-share but I keep getting "wrong fs type". I thought that the package samba-client would provide all necessary stuff to mount SMB/CIFS
<soren> luckyone: You didn't think that was relevant information?
<luckyone> totally relevant
<luckyone> I just was able to boot it and do an install from it last night (but I am stupid and don't know how to setup partitions very well)
<luckyone> but now I don't know what is going on... why it can't boot from the USB drive...
<nomego> hey guys, how can I check what packages depend on a certain installed package?
<Koon> nomego: apt-cache rdepends <package> ?
<nomego> thank you
<nomego> apparently some packages want to install mysql-server even though it's not needed (since we have a dedicated mysql server)
<nomego> is there any proper way to resolve this without having to install mysql-server?
<nomego> none of the packages I've seen require the actual libs that come with the server packages
<nomego> also, are there commands to manage the .dpkg-new files ?
<nomego> or rather .dpkg-dist and .ucf-dist
<deadbattery> anyone here?
<deadbattery> i need quick help please =D
<deadbattery> anyone here?
<ScottK> !ask > deadbattery
<ubottu> deadbattery, please see my private message
<deadbattery> i did, sry xD
<ScottK> Then the answer to your question is 'yes'.
<Mohammad[B]> How to i can setting up squid for a proxy server and tunneling ?
<nomego> have anyone upgraded vmware server 1 to 2 on ubuntu server?
<luckyone> hello all, when I do sudo lshw | less, it shows eth0 as disabled, does anyone know how I can enable it so I can access my server?
<p_quarles> luckyone: can you pastebin the line for the eth0 device?
<luckyone> sure, from ls hw?
<luckyone> ello?
<luckyone> sudo ifconfig eth0 up enabled it
<luckyone> but it isn't getting an ipaddress
<nnn> Hi everybody. Anybody can help me with freeradius configure at Ubuntu server ?
<nnn> I making like this http://www.debian-administration.org/articles/245
<nnn> But when I make radtest user1 password1 localhost 1812 test
<p_quarles> luckyone: sudo dhclient
<nnn> in log Auth: Login incorrect:
<luckyone> p_quarles: why no love from my dhcp server???
<p_quarles> luckyone: I don't know what that means
<luckyone> p_quarles: I am not getting any DHCPOFFERS
<p_quarles> luckyone: pastebin the output from the dialogue
<luckyone> hard to do - I am terminal only on the machine with no eth0
<luckyone> rebooting now, going to see if that fixes it
<p_quarles> !info pastebinit | luckyone
<ubottu> pastebinit (source: pastebinit): command-line pastebin client. In component universe, is optional. Version 0.10-1 (intrepid), package size 9 kB, installed size 88 kB
<kansan>  i'm having trouble installing on ubuntu server  http://pastie.org/379766
<kansan> is there a way i can configure mysql server from the command line?  i am scripting its installation so i cant be there to use the ui?  (specifically the set a root password screen)?
<sommer> kansan: sudo dpkg-reconfigure mysql-server may be what you're looking for
<sommer> err sudo dpkg-reconfigure mysql-server-5.0
<kansan> what about the latter question?
<sommer> you can script sql statements with mysql -u user -ppassword database -e "sql_statements"
<sommer> not sure if that's exactly what you want though
<kansan> i want to to script installation of mysql-server as i cant be there to type in a root password
<sommer> kansan: you might be able to use kickstart or preseed for that
<kansan> hats that
<kansan> /usr/sbin/dpkg-reconfigure: mysql-server-5.0 is broken or not fully installed
<kansan> why is it so hard to get mysql-server installed ;p?
<sommer> how did you install it?  sudo apt-get install mysql-server ?  was there any error messages?
<erichammond1> kansan: This installs mysql-server without a prompt and without a root password:
<erichammond1> export DEBIAN_FRONTEND=noninteractive
<erichammond1> sudo apt-get install -y mysql-server
<erichammond1> kansan: You can then script setting the root password.
<erichammond1> Or as one line: sudo DEBIAN_FRONTEND=noninteractive apt-get install -y mysql-server
<Davedan> I'm installing a package with apt-get install. If this package has config files, can I find out where these files are using a script?
<erichammond1> Davedan: You might check out the "apt-file" package and command.
<maxb> Hmm, isn't apt-file for finding out about packages you *don't* have installed?
<erichammond1> or perhaps "dpkg -L"
<maxb> Davedan: dpkg -L packagename will list all files (config and not) contained in the package
<Davedan>  maxb: how can I filter out only the config files?
<erichammond1> Davedan: Who's to say what files can be labeled "config" and which are "data" or "programs" or "other" :)
<maxb> Well, "those that are in /etc/" is a good start
<Davedan> I'll explain what I'm trying to do
<Davedan> I'm following a post on lifehacker that explain how to save the list of installed packages on ubuntu
<Davedan> I want to save the config files as well so I can reinstall my ubuntu server
<Davedan> http://lifehacker.com/5146028/save-synaptic-markings-to-speed-up-ubuntu-reinstallatoin
<Davedan> this is for the desktop but it can be done on the server too
<erichammond1> Every time I make a change to a config file I either automate it or document the steps for future installs.
<maxb> Saving complete configuration is challenging indeed. Especially if you may not be reinstalling the exact same package versions. Also, some config files are not necessarily registered with dpkg. Really the best you can do is tarball /etc/. But even then I'd not blindly overwrite a new installation's /etc with my backup
<ScottK> Davedan: You might look into the etckeeper package.
<Davedan> wow. I couldn't imagine it is that complicated :)
<Davedan> are there any more folders other then /etc ?
<Spear> well
<Spear> you're best bet is to pick the services that you need config files for
<Spear> and then find out where they store config files
<ScottK> Preferences for indivdual users are kept in $HOME/.various places.
<Spear> ^^
<uvirtbot> Spear: Error: "^" is not a valid command.
<ScottK> Some packages put stuff in /var too.
<Spear> if you backup /etc/ and /home/ you're pretty safe
<Spear> :P
<Spear> But, it if the config files are critical, I would go through each critical service, work out where config files are stored and back them up individually
<Davedan> thank you. I will
<Davedan> I hoped the default pagackage config place is documented somewhere but I guess I'll have to hunt it down
<maxb> Davedan: The default place is /etc
<kansan> um i cant even install mysql-server interactively!
<kansan> dpkg: dependency problems prevent configuration of mysql-server: mysql-server depends on mysql-server-5.0; however:  Package mysql-server-5.0 is not configured yet.
<kansan> dpkg: error processing mysql-server (--configure):
<ScottK> sudo apt-get -f install
 * ScottK 's fingers do that one almost automatically.
<kansan> force install?
<maxb> It's more like "fix install"
<kansan> http://pastie.org/379827
<kansan> didnt work :(
<maxb> No, "apt-get -f install" and no packagenames after
<ScottK> look in /etc/init.d for the mysql init script.  Edit it to add exit 0 just after the shebang and then try again.
<ScottK> That should let it configure.  Then go back and take that out.
<ScottK> Then do a sudo apt-get dist-upgrade to get whatever packages are being held back.
<kansan> ScottK, but that cant be a long term solution
<kansan> ScottK, each time i install mysql-server (on my ec2 instance) i get the same error
<ScottK> Agreed.  Just suggesting how to dig you out of the immediate hole and then it'll be easier to troubleshoot
<kansan> ok;  so it installs
<kansan> but if i try to start up mysql-server
<ScottK> Once the package is configured you can manually try to start mysql and explore why it won't start.
<kansan> it wont start ;p
 * ScottK knows zip about mysql, so can't help with that part, but at least dpkg isn't stuck now.
<kansan> i am not sure why dpkg is failing hard installing mysql
<kansan> its a blank image
<crazygir> are gcc and the kernel sources not available in a default install of ubuntu-server?
<ScottK> The dkpg failure was it couldn't start mysql.
<ScottK> crazygir: You want to install build-essential.
<crazygir> ScottK: should take care of building vmware modules?
<maxb> kansan: Run "mysqld_safe" manually as root, and see what it complains about
 * ScottK doesn't build vmware modules, so can't say for sure.  Linux headers are, IIRC, in the linux-source package.
<ScottK> So with those two you should have compiler and headers.
<crazygir> awesome
<kansan>  ec2-67-202-1-110 ~:  mysqld_safe
<kansan> nohup: ignoring input and redirecting stderr to stdout Starting mysqld daemon with databases from /mnt/mysql_data mysqld_safe[4104]: started STOPPING server from pid file /var/run/mysqld/mysqld.pid mysqld_safe[4110]: ended
<maxb> linux-headers rather than linux-source, no?
<ScottK> Could be.
 * ScottK didn't actually look it up.
<maxb> Specifically, linux-headers-$(uname -r) I think
<maxb> kansan: messages in /var/log/mysql.err ?
<kansan> ok let me check it
<kansan> maxb, no output there
<maxb> /var/log/daemon.log ?
<kansan> maxb, no output either
<kansan> it looksl ike its starting/stopping immediately
<erichammond1> kansan: If you were trying to automate the installation of mysql-server and it got hung on the interactive step, it's possible it didn't finish installing.
<erichammond1> kansan: Since you're using EC2, why not start a new instance and do the noninteractive install steps I described and see if this fixes the problem?
<maxb> kansan: What about if you just run 'mysqld' as root
<kansan> erichammond, before i try to script i want to make sure i can install it when i'm there to push buttons
<kansan> erichammond, in the ami i customzied i can't install via apt-get update && apt-get install mysql-server
<kansan> even when its fresh
<kansan> mysqld: File '/mnt/log/mysql/mysql-slow.log' not found (Errcode: 2)
<kansan> 090204 21:17:22 [ERROR] Could not use /mnt/log/mysql/mysql-slow.log for logging (error 2). Turning logging off for the whole duration of the MySQL server process. To turn it on again: fix the cause, shutdown the MySQL server and restart it. mysqld: File '/mnt/log/mysql/mysql-bin.index' not found (Errcode: 2) 090204 21:17:22 [ERROR] Aborting 090204 21:17:22 [Note] mysqld: Shutdown complete root@ec2-174-129-172-86:~#
<maxb> Ah, now you have something to fix
<erichammond1> kansan: Looks like you've changed where the logdir (and datadir?) goes.  Do those directories exist and have the right permissions?
<kansan> yeah i can give it logging
<kansan> ah ha
<crazygir> thanks ScottK / maxb
<kansan> does my.cnf get overwritten upon installation?
<BBHoss> i seem to have discovered someone trying to break into my server
<BBHoss> somehow they uploaded a file to a lists/admin/index.php directory
<BBHoss> but i cant find where it is
<BBHoss> any tips?
<BBHoss> "/lists/admin/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../etc/passwd" is the path
<BBHoss> ls
<maxb> What makes you think it was an upload?
<BBHoss> i didnt put it there
<maxb> Where did you get that pathname?
<BBHoss> the server logs
<maxb> which logs
<BBHoss> i pasted it in the browser and it gave me my passwd file
<BBHoss> nginx
<maxb> Well that sounds like a download not an upload
<BBHoss> right
<BBHoss> but how did it get there
<BBHoss> and where is lists?
<maxb> Erm.
<BBHoss> its not in that directory
<maxb> You probably shouldn't be running a public http server if you don't understand what it's serving :-/
<BBHoss> wtf?
<BBHoss> i do understand what its serving
<BBHoss> i DID NOT PUT IT THERE
<BBHoss> that means SOMEONE UPLOADED IT!
<BBHoss> right now i'm trying to figure out where the lists directory is
<maxb> Whereever your webserver is configured to map the URL to
<BBHoss> well its not in that directory
<BBHoss> if i can access the php file through the browser, how can i find where the file is?
<BBHoss> are there any logs that php has?
<kansan> is it bad if i try to create the mysql user / group mysefl???  (prior to installing mysql)?  it would make things much easier! :P
<maxb> kansan: hmm, why? the package should do it for you
<kansan> maxb, cuz it appears as though the default directory that mysql is looking for logs/files etc.... doesnt exist
<kansan> on an installation on ubuntu
<maxb> The default is /var/log though, I don't know where your /mnt/log paths came from - that's a customization of some sort
<kansan> right
<kansan> i'm guesing my.cnf is already on my machine
<kansan> i'm not sure why default confit would get the wrong path
<kansan> a ha!
<kansan> there IS a my.cnf there
<erichammond1> maxb: One reason you might want to create the mysql user yourself is to assign it a fixed uid.  This is helpful when copying database files (EBS snapshots) across different instances.
<kansan> problem solved!
<kansan> so i can create the mysql user prior to installing mysql-server?
<kansan> and mysql-server install will check to make sure that there's no group/user called mysql first?
<erichammond1> kansan: It's easy to try :)
<kansan> erichammond, sho is;  just wanted to make sure its achieveable
<kansan> before i script it
<erichammond1> kansan: Fire up an instance, type in 2 commands, and you'll have your answer for $0.10 :)
<kansan> heh
<erichammond1> gotta love EC2
<agentk> I am trying to run an unpriviliged service on a high port and forward a low port to it with iptables
<agentk> sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 8081
<kansan> should i set a password for mysql user?
<agentk> I always get connection refused when connecting to port 80 though. Flush all tables first set default policy to ACCEPT, enabled forwarding in /proc/sys/net/ipv4/ip_forward
<dazman> agentk, it should be --to-port 8081
<agentk> dazman: HA! Perfect!
<dazman> agentk, :)
<agentk> dazman: I knew I should not have given up caffine.
<dazman> agentk, Haha.
<BBHoss> it seems someone has installed PHPlist on my server, any idea how i can find it?
<Spear> search for its files on the server :p
 * Spear will now be quiet
<dazman> Well, I don't think that's such a bad idea?  Heh.  (If you just want to find where it's installed).  As the logs saying /lists/, if you have no virtual hosts and using a default install, it's probably /var/www/lists?
<kansan> how come my /etc/passwd looks different from installing mysql via command line versus doing adduser?  (mine via adduser) mysql:x:1000:1000:,,,:/home/mysql:/bin/bash ;; mysql:x:105:111:MySQL Server,,,:/var/lib/mysql:/bin/false  (via installing mysql)
<BBHoss> dazman: i can't seem to find it anywhere
<BBHoss> if i remove the directory that the vhost addresses, it still finds the file
<dazman> kansan, it's the same pretty much isn't it apart from the mysql package has given it a full name?
<dazman> BBHoss, updatedb && locate lists
<BBHoss> nothing
<kansan> dazman, ok didnt know if that mattered (the rest of it)
<dazman> BBHoss, If that doesn't work, have a look at the .htaccess at the root of the default vhost, to see if it's a redirect to some random path?
<dazman> kansan, also, the mysql way is better, as it assigns the correct home directory and also /bin/false, which is what it should be.
<BBHoss> dazman: see this is nginx, and i'm forwarding all of my *.php connections to fastcgi
<dazman> kansan, you don't want it to have a shell really.. as it's not used that way.
<kansan> dazman, so how can i set that with adduser
<dazman> kansan, erm, without man adduser, I can't remember off the top of my head.
<dazman> kansan, have a look at the man page, there will be options to change the shell and home dir from the command line.
<BBHoss> ok, it does it for ANY php, not just that single vhost
<BBHoss> is there any unix command that can tell me the files an application is using, kind of like reverse fuser?
<Spear> BBHoss: http://stackoverflow.com/questions/301247/files-being-used-by-a-unix-process
<Spear> read the comments
<Spear> it offers some solutions to your question
<Spear> lsof -p <pid> should do the trick ;-)
<BBHoss> Spear: thanks
<Spear> Thats ok, all I did was use google :-)
<misieq> could somebody post dependencies for installing ubuntu-desktop?
<ScottK> Just try to install it, but cancel the install and you'll have a list.
<dazman> misieq, apt-cache show ubuntu-desktop
<misieq> the problem is that i currently don't have ubuntu-server installed, but the desktop version and wish to run it headless so i want to get rid of all the useless stuff
<dazman> misieq, http://packages.ubuntu.com/intrepid/ubuntu-desktop
<misieq> dazman, yes i know that i can check it this way but i want a *differential* check so i don't remove something important
<ScottK> sudo apt-get remove ubuntu-desktop then sudo apt-get autoremove should do it.
<misieq> ScottK, oh, didn't know that one, thanks a lot
<misieq> nope, it doesn't work that way
<ScottK> What happened?
<misieq> nothing apart from removing ubuntu-desktop package
<BBHoss> how can i control what ip address/interface Postfix sends mail from?
<Spear> Hi, does anyone know if virtual machines created in Vmware 2.0 can be moved to to a Vmware host running the 1.0 server software
<Spear> are they backwards compatible?
<ScottK> BBHoss: If you have multiple IP addresses configured on the box, you really can't at the application level.  The kernel will decide what the best route is.
<BBHoss> ScottK: ok fun
<Spear> I have some ubuntu vms that need to be temporarily relocated!
<kansan> is there an automated way to install sun-java-5?  without requiring me to say YES?  or is there any alternative that i can install in a scriptable way (without having to provide confirmation that i agree to their legal baloney_?
<erichammond1> kansan: Yes, there is.  It has to do with dumping the conf settings after you have accepted the license and feeding that back in when you are installing it automatically.  Trying to find it...
<kansan> ah hhh sweet
<erichammond1> kansan: Background info: http://blog.hjksolutions.com/articles/2007/07/27/unattended-package-installation-with-debian-and-ubuntu
<erichammond1> Install script for sun-java6-jdk from Matthew Wilson: http://groups.google.com/group/ec2ubuntu/browse_thread/thread/fbcec97ca6f161e1/10222f0ce00b602d#9ec4c5af21fe78da
<kansan> erichammond, wow handy@!
<erichammond1> kansan: Also: http://www.davidpashley.com/blog/debian/java-license
<erichammond1> But using that first link and identifying the current settings for your package is probably the best approach.
<kansan> yes thats cool
<kansan> only problem is;  when i install sun-java5-jre ;; and then run java -v:  Could not create the Java virtual machine.
<kansan> probably a bad java alternatives thingy
<kansan> nope still doesnt work after setting java-alternatives correctly
#ubuntu-server 2009-02-05
<deadbattery> anyone has used mod_bw? before
<lamont> ScottK: uh...  smtp_bind_address
<ScottK> lamont: That can influence it, but not guarantee a result.
<lamont> you can bind to any local IP, and the routing table will decide which interface the traffic goes out
<lamont> whether or not the traffic will make it back in becomes a question of rp_filter et al, and routablility of the source IP
<lamont> if you bind to a particular IP, that _WILL_ be the source IP, modulo NAT or some such changing it later
<ScottK> OK, maybe I'm having a brain fried day.
 * ScottK is currently parked in Starbucks while $ELDESTDAUGHTER shops.
<ScottK> BBHoss: ^^^ Looks like I was wrong.
<lamont> ScottK: one of my favorite hacks for added non-hackiness is to use allow $IP1 to ssh to a box, when $IP2 (same box) would be the normal source IP
<lamont> and then use ssh -b :-)(
<lamont> ScottK: also, unless you have advanced routing tables turned on (and in use - see ip rule), source IP is not an input to the routing equation
<ScottK> Right.
<lamont> and there are some things that, while doable, should never be done.  they make me feel dirty.l
<ScottK> You say that like it's a bad thing.
<lamont> remind me to show you what the network topology at PrairieNOC looks like, sometime
<ScottK> OK.
<ScottK> I'm fairly certain my brain will hurt after.
<lamont> it's one of those "here are the things I was solving.  here's how I did it." which has, from network experts, received a universal "that's completely sick" response.
<lamont> that none of them have ever come up with another solution doesn't make it hurt less
<ScottK> No doubt.
<lamont> (client inside the network chooses which interface to route out by choosing which of two subnets (same layer 2) to use for a source subnet
<lamont> and then the router DNATs if it goes out the non-advertised route
<lamont> and yes, it's TOTALLY WRONG
<lamont> and a fair part of why it's called PrairieNOC
 * ScottK has just been informed that the SHOPPING is finished.
<lamont> though to be fair, the "Prairie" part is just because network bandwidth TOTALLY SUCKS here
 * ScottK will be departing momentarily.
<lamont> end-of-shopping!! yay
<lamont> hrm... speaking of which, I'm supposed to be $THERE, not $HERE
<deadbattery> can some one help me with installing mod_bw?
<deadbattery> for apache
<twb> I want my servers to initiate a clean shutdown when I push their power button.
<twb> Is the "acpid" package sufficient, or do I need the (bloated) "acpi-support" package?
<twb> acpid is sufficient.
<hads> Yup
<xjjk> hello, how I disable the auto screen-session creation in jaunty?
<twb> xjjk: screen as in GNU screen?
<ScottK> Yep
<xjjk> yes
<twb> First I've heard about it; what's the symptoms?
<xjjk> when I login via SSH it automatically creates a screen session
<twb> Ugh.
<xjjk> great for newbies
<xjjk> not... good.. for people who use screen already and have their own setups
<twb> xjjk: no, great for me -- but I have that in my .profile.  I don't think it should be the default for people who don't even know what screen is.
<kgoetz> is your default shell screen?
<twb> kgoetz: nope, that breaks scp.
<twb> kgoetz: oh, were you talking to xjjk?
<kgoetz> twb, yeah.
<xjjk> not sure, checking
 * kgoetz discovered about it breaking scp, and isnt entirely happy about it :\
<twb> xjjk: try "getent passwd $USER" and see if it mentions screen there
<xjjk> kgoetz, twb: no
<twb> xjjk: OK, grep -r for screen references in /etc/profile*
 * twb looks for a jaunty VM
<kgoetz> or 'chsh' and see if it says screen as your login shell ;)
<twb> kgoetz: heh
<xjjk> twb: don't see anything there either
<xjjk> I'd like this enabled for other people's accounts
<xjjk> ...just not mine
<kgoetz> haha
<twb> xjjk: was your account the one created during the install?
<xjjk> twb: yes
<twb> xjjk: ok, grep -r again but in /etc/skel and ~/.??*
<twb> Unfortunately my copy of jaunty isn't booting, but in any case I disabled the creation of an initial user...
<xjjk> hrm... I did something, and it's not doing it anymore...
<xjjk> I don't know what
<xjjk> hrm... something still up
<xjjk> I run screen, and it seems to ignore my .screenrc
<hads> There's a screen-config tool or something
<xjjk> hrm.. problem is the screen-profiles package
<xjjk> it replaces screen with a wrapper script that calls a screen.real
<xjjk> wrapper script does a lot of config mangling stuff...
<stiv2k> hello, the init  script that comes with a certain package does not work.  what should i do?
<stiv2k> the package is bopm
<kansan> what is the package manager called?
<kansan> dpkg
<kansan> ?
<kansan> i mean the apt-get
<stiv2k> uh what
<hads> It's in universe so I'd guess post to the mailing list or open a bug.
<stiv2k> hm
<deadbattery> is there a command that shows u in ubuntu for ur server what ips are connected to u ?
<kc8pxy> i need some help. i'm trying to compile approx, for use in caching ubuntu packages. my insanity shows when i say I'm compiling it on a non-debian-based distro. but I've ironed out all but the final few bugs in compiling it.
<jmarsden> deadbattery: netstat -ntu
<kc8pxy> i still need a .cmxa file for ocaml-sha and syslog-ocaml.   neither source tarball has that file, nore creates it, upon make. why not?
<deadbattery> Thanks jmarsden
<deadbattery> jmarsden, is there a way to know how much each IP is specificaly using bandwidth?
<deadbattery> can some one help me x.x?
<kgoetz> start with iftop and iptraf
<kgoetz> then do some research :|
<deadbattery> i tried..
<deadbattery> in apache2 the server breaks and i get this in error.log apache2 child pid exit signal segmentation fault
<deadbattery> i cannot fiogure what the issue is
<kgoetz> increase your logging
<deadbattery> what do u mean
<kgoetz> what part dont you understand? increase apache 2 logging level
<deadbattery> i am a noob,
<deadbattery> i dun get it
<deadbattery> all the log shows is child pid errors
<deadbattery> kgoetz what do u mean
<kgoetz> which log file shows the errors?
<deadbattery> error.log
<kgoetz> does access.log give any clues?
<deadbattery> sec
<deadbattery> seems fine
<deadbattery> any ideas
<kgoetz> yes. increase the loglevel from whatever its on to something more verbose
<kgoetz> http://letmegooglethatforyou.com/?q=change+loglevel+apach2 try the first hit
 * kgoetz -> lunch. bbl
<deadbattery> how wud changing log level fix anything?
<deadbattery> it alrdy shows a lot
<roy_hobbs> quick newbie question.  if i want to install ubuntu server to host virtual machines - the general procedure is to install ubuntu server, install the ubuntu-virt-server package, and then set up virtual machines running ubuntu jeos?
<Bangers> When I do "sar -d 3 3" I get "dev8-0 " for "DEV" -- what device is this??
<Bangers> Im looking for disk IO usage stats for /
<twb> Remind me, how do I tell which drives smartd has found?
<twb> I tried "smartctl -i /dev/sda" and it gave an error, which doesn't really surprise me (shitty IBM hardware), but I want to know if smartd agrees with smartctl.
<agentk> dazman: Hey that tcp redirect with iptables has stopped working again. --to-port and --to-ports aint making any difference :-(
<quizme> hello
<quizme> how do you set the $PATH for all users to be bash?
<_ruben> erm .. $PATH is a list of directories to be searched for executables .. bash is a shell .. you dont set $PATH to bash
<quizme> i mean $SHELL
<quizme> i want it so that when i create a new account, they get the bash shell
<quizme> i don't want to set it manually for each one
<_ruben> quizme: see $DSHELL in /etc/adduser.conf
<quizme> _ruben: thank you
<twb> $SHELL is set *by* bash *iff* you're running bash.
<twb> It would not be appropriate to set $SHELL to bash and then run, say, zsh or csh.
<quizme> _ruben: it's already set to bash but it doesn't seem to help the situation of adding users.  it still goes to /bin/sh
<twb> As _ruben says, to ensure that new users get /bin/bash as their default shell, check adduser.conf.  For existing users, you can use vipw or possible chsh/usermod.
<twb> quizme: are you adding users in LDAP?
<twb> quizme: or with useradd(8) instead of adduser(8)?
<quizme> i adding users using the adduser command
<quizme> i don't know what ldap is
<quizme> when i login as the user
<quizme> it starts up /bin/sh
<quizme> um
<quizme> not sure
<twb> quizme: what is the user's name?
<quizme> oh it should be adduser?
<quizme> lemon
<twb> quizme: useradd is a low-level utility which ignores adduser.conf.  adduser is what you, the admin, should run.
<quizme> oh...
<quizme> adduser
<quizme> ok
<twb> quizme: if you run "getent passwd lemon", it will either have /bin/sh or /bin/bash.  That will tell you accurately what their default shell is.
<quizme> how do i change it to bash?
<quizme> can i edit /etc/passwd?
<quizme> oh yeah that worked
<twb> quizme: as I said, 19:47 <twb> As _ruben says, to ensure that new users get /bin/bash as their default shell, check adduser.conf.  For existing users, you can use vipw or possible chsh/usermod.
<quizme> i edited /etc/passwd
<quizme> is there a shared .bashrc on the system?
<jtaji> /etc/bash.bashrc
<quizme> ah ha
<quizme> nice
<twb> IMO you should avoid putting your personal preferences in there.
<twb> The /etc/bash.bashrc file is really for things like adding /opt/crap-app/bin into the default $PATH -- and actually in that case you would use /etc/profile
<quizme> /etc/profile
<quizme> ok
<maxb> quizme_: chsh or usermod are preferable to editing /etc/passwd directly - less opportunity for mistakes
<Jeeves_> vipw
<PecisDarbs> hi people, I am writing maitanance script, is there any easy way to detect what kind of fs block device containts?
<PecisDarbs> containts/contains/s
<incorrect> i've just installed a number of machines,  and for some reason their uuid for admin is 112 not 119 as it is for all my other servers
<incorrect> i thought this was supposed to be static
<PecisDarbs> hi people, what for snappshoting LVM volumes "Allocated to snapshot " means? It is how much of original volume is copied to snapshot or how much it changes?
<PecisDarbs> incorrect: the same CD?
<incorrect> PecisDarbs, yep
<PecisDarbs> configuration differs? (for example, some box has different set services)
<PecisDarbs> incorrect: if I am correct, admin is user with sudo rights, right?
<incorrect> well the three machines that have different uuid's for admin are vmware hosts
<PecisDarbs> then it is easy
<incorrect> no the group
<incorrect> uid
<PecisDarbs> for each service there is additional user
<incorrect> guid
<incorrect> d'oh
<incorrect> i can't type
<PecisDarbs> that's not a problem :)
<incorrect> i mean the gid for admin has changed
<PecisDarbs> incorrect: it still can be the same
<PecisDarbs> count of users and groups on default install differs according to how much services you have enabled at install time
<PecisDarbs> as far as I think it goes
<incorrect> gid for admin on all machines i've installed has been 119, but these three vm's it got set to 112
<incorrect> its easy enough to fix, just weird
<incorrect> oh wait, i spotted something
<incorrect> i think the gid for 8.04.2 for admin has changed
<soren> incorrect: uid's over 100 are not static.
<incorrect> that is a real pain in the butt
<soren> Why?
<incorrect> that is a real pig, that makes having ldap fairly useless
<soren> How so?
<incorrect> i wanted to add users to admin so they could sudo, have access to hardware etc
<soren> Yes?
<incorrect> well if the gid changes, it won't work
<soren> sudoers says that %admin can sudo, right?
<incorrect> yes
<incorrect> or access hardware
<incorrect> i don't want to go to every desktop and add them into all the groups
<soren> And what happens if you "getent group admin"?
<soren> I don't see how th GID factors into it.
<incorrect> ok my mistake, its just admin
<dazman> ah
 * dazman wrong window
<incorrect> ok the only issue is admin,
<soren> We've never guaranteed that the gid for admin would be static.
<incorrect> that is either 119 or 112
<incorrect> i could deploy a new sudoers config to all boxes
<soren> ...and why does that matter?
<soren> You refer to them by name, not gid.
<incorrect> on my ldap server i have an object cn=admin,ou=group, etc  that has a gid,   then the memberUid's are done by name
<incorrect> what would be good is the find a list of all the groups and their use
<soren> incorrect: I still don't see how the gid is relevant. What does "getent group admin" return?
<incorrect> soren, it depends on the system,
<incorrect> either 112 or 119
<incorrect> newer installs are returning 112 and older ones are returning 119
<incorrect> all have been 8.04
<incorrect> i guess i could change the ldap admin entry to a 1-100 entry
<soren> incorrect: I don't care about the gid it returns.
<soren> I care about the members it lists.
<incorrect> the depends on the system and if the users gid matches the system
<soren> It only collates them if the gid matches? That's interesting.
<incorrect> machines that have 112 gid don't get the users from the ldap server
<soren> Rename the LDAP group or remove the local one?
<incorrect> that would be fatal
<incorrect> you see if i machine had to be taken off the network i couldn't sudo
<soren> Relying on the staticness of something that is specifically documented to be dynamic seems like a bad plan.
<achilles> hello, I have a problem in my bind service, it sunddenly stops responding for name resolution and then suddenly it returns back .. nothing appears on the log, the other services like ssh is normal .. any help ?
<incorrect> i can move my ldap admin group to sub 100
<incorrect> that might work
<soren> Why would you do that?
<incorrect> well if that means systems pick up that group first,
<soren> Moving it below 100 doesn't magically make it static or synchronised across your systems.
<soren> incorrect: No.
<incorrect> soren, sure it does
<incorrect> my systems get the info from my ldap server
<soren> "getent group" doesn't iterate through the gid's from 0 and upwards until it finds one with a name that matches.
<incorrect> i change it there, it gets deployed instantly , assuming i am not running nscd
<soren> It goes in the order defined in nsswitch.conf and looks up the name and then maps it to a gid.
<yann2> soren > a mail for you on the kvm mailing list, from this morning
<incorrect> ah in that case i will swap files ldap to ldap file
<soren> yann2: Thanks for the hint.
<soren> incorrect: Why don't you just rename the ldap group?
<soren> ...and add it as an extra group in sudoers?
<yann2> soren > you'll be less happy when you see it :)
<soren> Again:
<soren> 11:25:20 < soren> Relying on the staticness of something that is specifically documented to be dynamic seems like a bad plan.
<incorrect> soren, i don't really want to do that on 200+ systems
<incorrect> ldap files will do nicely
<soren> incorrect: You'd rather change the nssiwtch.conf on 200 servers?
<incorrect> that is less of a big deal if it gives me the desired result
<soren> Well, it's very likely that it doesn't.
<soren> You really usually do want files to take precedence.
<soren> You're somehow acting as though changing the name of the ldap group and adding it to sudoers on every system wouldn't give the desired result which is not the case.
<incorrect> that is not a nice solution to my mind
<incorrect> yes i can create another group, add it to every machine
<soren> No, you don't add the group locally.
<soren> Just the line in sudoes.
<soren> sudoers, I mean.
<incorrect> i think its much better to use the global config from the ldap then degrade to the local files
<soren> Well, just be careful.
<soren> Do you for instance have a root user defined in ldap?
<incorrect> no
<incorrect> root is disabled
<incorrect> super, so setting ldap files works great
<soren> For now..
<soren> If the network is acting up, you'll be less excited.
<incorrect> so i pull it off the network, i get the local config
<soren> Yes, when the network times out.
<soren> for *every* getent call.
<soren> But whatever.
<incorrect> nscd
 * soren -> lunch
<incorrect> you set a low time out, and you will get that issue if the network acts up no matter what way round they are
<incorrect> and set the ldap bind policy to soft
<orudie> is it hard to set up mail server ?
<orudie> which mail server can you recommend ?
<incorrect> orudie, how much functionality do you want?
<Deeps> use tasksel, select 'mailserver' from the list, it'll setup and configure the ubuntu recommended setup for you
<orudie> incorrect, i'm not sure lol
<incorrect> orudie, personally i use zimbra at work
<incorrect> but that takes over your entire system pretty much
<orudie> i want to be able to check mail with web mail client
<orudie> i need it to work with this http://drupal.org/project/webmail_plus
<incorrect> if you do it yourself i can be a lot of work, setting up imap, webmail clients etc
<incorrect> do what Deeps suggested
<orudie> the problem is that i dont have a domain yet
<incorrect> make one up,
<incorrect> mynet.local
<hads> It's not that much work
<Deeps> or get a free domain from dyndns, afraid.org or eu.org
<hads> I use postfix and dovecot myself.
<incorrect> me too
<incorrect> i am probably going to set up a vm and run zimbra as its seems pretty slick these days
<hads> I don't like their licensing
<incorrect> i didn't think the free one was bad
<hads> Just never been much of a fan of the "open source but you should upgrade" crowd. That's a personal thing though.
<incorrect> people need to earn a living, for me its more about who i trust the most
<hads> I agree, I'm not going to get into a licensing discussion though as it's a personal thing.
<yann2> zimbra is amazing :)
<yann2> <- very happy customer
<incorrect> i wouldn't go that far
<incorrect> but it does the job
<yann2> I would
<incorrect> then again i am using 4
<yann2> best web app I've seen so far
<Deeps> it's a bit heavy for a small personal use mailserver
<incorrect> i installed 5 the other day and it seemed much better
<yann2> good QA, very good features, etc.
<yann2> Deeps > agreed ;)
<yann2> I'll blog about it one of these days
<incorrect> the only problem i found with it was firefox 3 stopped working with the admin tool
<incorrect> but that was version 4
<incorrect> could well be fixed now
<yann2> this is fixed in 5
<yann2> it has features like shared mail folder, shared calendar, tags, good anti spam etc
<yann2> would be a pain to implement alone
<incorrect> cool
<incorrect> sure would
<yann2> zimbra 5 even has a jabber server
<incorrect> is saw that
<incorrect> that is beta
<yann2> well it works well :D
<yann2> oh and the search really rocks ;)
<incorrect> ok i am convinced
<yann2> just try it http://www.zimbra.com/products/hosted_demo.php
<incorrect> i am already running 4
<incorrect> i will build a new server
<yann2> yeah the demo is zimbra 5
<incorrect> do you work for yahoo?
<yann2> the only thing that really badly badly sucks is yahoo branding and project management
<yann2> ahm
<yann2> no? :D
<incorrect> couldn't resist
<yann2> I am very happy with zimbra
<yann2> I could say the exact opposite about alfresco though
<incorrect> i am thinking about using it at home
<frippz> wow, yann2 _really_ likes zimbra :D
<yann2> so many people talking about alfresco, gee, they m ust have never tried it
<dazman> I'm really hoping the Bongo Project takes off...
<yann2> there are other zimbra competitor fully opensource, but quite behind
<yann2> I need the best Q&A and commercial support for that too
<incorrect> i just like things that work and don't take the next year to install,
<incorrect> zimbra was packaged nicely
<incorrect> lunch
<licantrup> hello
<dazman> Hmm, I just bailed and installed Exchange... Heh.
<licantrup> I want to share a windows partition from ubuntu to another ubuntu machine
<licantrup> but nfs complain it is not compatible
<licantrup> is there any workaround?
<yann2> incorrect > zimbra is packaged but is supposed to be alone on the server. If you have anything else, it will break
<yann2> it uses its own versions of mysql/postfix/blah - it's all bundled
<dazman> yep.
<dazman> Although, even Bongo is better if you install * from Bongo Project stuff.
<yann2> so it's very easy to deploy - but you have to allocate a machine for it
<lamont> yann2: and you're totally unsupportable by anything other than zimbra
<dazman> It's *much* easier having it all packaged.. no messing around with different MTAs etc.. and it's all manageable centrally.
<dazman> lamont, true.. but it has other benefits which outweight that IMO.
<yann2> lamont > you have other companies supporting zimbra
<lamont> a fair chunk of why they did what they did was because it was hard to work within the existing packaging to do what they wanted...
<lamont> yann2: I meant the package, not the company
<yann2> lamont > I think they patched some stuff too
<yann2> lamont > so do I.. you can buy support from other companies if that's what you meant :)
<yann2> anyway
<yann2> *back coding*
<lamont> yann2: and when they file bugs against the postfix package because it doesn't do what they want, then as the postfix maintainer, there is pretty much nothing I can do to even reproduce their issue, let alone help the user..  but yeah, that helps the revenue model of zimbra and the other companies, so they're not exactly motivated to make it work correctly
<licantrup> guys I have this message trying to mount through nfs "mount.nfs: access denied by server while mounting 192.168.1.100:/media/sda7/Videos"
<licantrup> I have the /etx/exports file correct I think
<downhill_> so is anyone familiar with a mechanism or perhaps bug with Ubuntu Server that would add reject routes (as in like, `route add 123.123.123.123 reject`) to the route table as well as entries to /etc/hosts.deny? My server keeps doing it for some reason and I can't figure out why.
<yann2> lamont > you shouldn't feel concerned ;) but there are quite larges customers, and if there is a serious bug, believe me, they do care, and so does zimbra :D
<dazman> So I presume Zimbra use their own postfix packages, and maintain their own config/bug fixes?
<yann2> I Guess they must sync at every release and backport patches yes
<lamont> dazman: if you have a postfix instance on the machine, and it's not the version of postfix from the archive, I really don't care what your issue is quite so much - so I hope someone does.....
<downhill_> anybodah? :)
<dazman> lamont, well, of course.. not much you can do either, as you're not likely to be applying their patches.. heh.
<yann2> if you cound 20M paid-for mailboxes, and an average of 20-30$ per mailbox - I guess they have someone :P
<yann2> but really, their quality assurance is very good - very few bugs, and properly supported - if we had the same with ubuntu (server) I'd be happy
<yann2> :o)
<hads> Oh dear
<dazman> I've never really deployed a zimbra box properly.. but in terms of deploying Ubuntu Server, I've done a fair few.. and all have been faultless (with postfix packages, dovecot etc etc).. so in terms of bugs, I've yet to see any which have really affected me in a final release.
<yann2> dazman > I am managing quite  a few hardy (50-100) and I stopped counting :)
<yann2> but it's improving, so let's keep pushing and hope for the best
<dazman> yann2, sure, I'm not at the 50-100 scale.. and of course more volume, more issues.  I manage 100 Exchange servers..... so I do get my pain. :p
<yann2> ;)
<downhill_> awww maan >.< I wanna get this fixed
<suigeneris> hello
<dazman> Hi.
<downhill_> yeah...
<dazman> Heh
<downhill_> still wondering what's going on with the route reject rules^
<suigeneris> i've generated and signed a certificate, but my mail client keeps giving me the warning at http://people.sabanciuniv.edu/mtozses/cert.png. why?
<suigeneris> what field do I need to fill in like mail. ?
<dazman> It's because you're accessing the server as mail.domain.com  but the certificate CN is for domain.com
<dazman> To get around that, you need to access the server as the CN.. so if that cert is just for the mail.domain.com, then change it to that.
<PecisDarbs> suigeneris: create cert for mail.domain.com not domain.com
<dazman> suigeneris, it'll be the (CN)
<suigeneris> CN, okay
<suigeneris> thanks
<suigeneris> do i need to re-generate both private and public?
<dazman> there's no real concept of private/public is there?  It's just a certificate generated by the root authority.
<dazman> Hmm, I'm sure someone suggested it, but LAMP for Ruby on Rails..... would be pretty cool.. Heh.  LAMR... ;)
<dazman> Wouldn't be too difficult either.. as all the packages are there already.. just needs a metapackage with some post install tasks
<downhill_> I'd like to see a VPN Server option
 * dazman considers looking into it... 
<dazman> downhill_, PPTP?  IPSEC?  OpenVPN?
<downhill_> ovpn
<dazman> downhill_, all?  Heh
<downhill_> laff, all
<[diablo]> afternoon all
<downhill_> no, just ovpn
<dazman> hmm
<[diablo]> guys, anyone using a realtime kernel in ubuntu-server and / or know the status and stability please?
<dazman> not too difficult.
<downhill_> sets it up, makes you the beginning keys. not hard, very helpful
<dazman> downhill_, it's just ovpn packages, generate a basic config, generate the ssl certs
<dazman> downhill_, yea
<downhill_> s/keys/certs/
<dazman> I am seriously considering looking at LAMRoR though... Heh.
<downhill_> you should
<dazman> Not only cus' it could have a good name... but.. it's also useful.
<downhill_> I wish there was a, like, "[X] Basic Home Server"
<dazman> I'm sure there was a post to -server *checks*
<downhill_> but oh well, I don't think that falls in their uh... you know
<downhill_> vision or whatever
<dazman> downhill_, depends what you want the home server to do - generally, everyone wants things very different..
<dazman> downhill_, although saying that, replicating say, Windows Home Server would be pretty straight forward.
<downhill_> the latter, and yeah, the way it's setup now is fine.
<downhill_> just those little thoughts we all have ;)
<dazman> of course.. always thinking :p
<downhill_> anyway, a ovpn option would be nice :p
<downhill_> or, FFS, a mysql option
<Deeps> 'option' in what way for mysql?
<downhill_> we're talking about the options it shows during install for which package sets to install. ssh server, samba file sharing, etc.
<dazman> Oh
<downhill_> unless I missed something :p
<dazman> Well... kind of :P
<dazman> I'm talking about that, but also a meta package for RoR if possible, heh.
<downhill_> yes
<downhill_> we're on the same page then ;)
<dazman> Yea.
<dazman> mysql is easy enough to install post install tho
<downhill_> yeah but I'd like to do it during the install :p
<dazman> All I'm thinking, is people are deploying more and more rails apps... so it'd be good to accomodate those easier, in one nice package
<downhill_> mhmm
<downhill_> is there a LAMPython package? :O
<suigeneris> dazman, would CN be Organization Name or Organizational Unit
<suigeneris> ?
<suigeneris> Organizational Unit Name*
<dazman> Neither.
<dazman> It's Common Name
<Deeps> common name should match the hostmask you use to connect to the server with
<vertx> Hi, has anyone ever used Mikrotik (http://www.mikrotik.com)? It is based on Linux. I'm just wondering how could I reproduce its upload/download bandwidth limiting capabilities through Ubuntu server.
<dazman> vertx, http://ubuntuforums.org/showthread.php?t=7990 may be a good start.. although an old thread now, should give you a good starting point.
<PecisDarbs> vertx: afaik it is based on FreeBSD now
<PecisDarbs> anyway, it should be reproducable on Linux
<dazman> It's RouterOS isn't it?
<PecisDarbs> ahh
<PecisDarbs> yes
<dazman> Ah, it's RouterOS with a Linux kernel.
<suigeneris> how do i view my private ket?
<suigeneris> key*
<downhill_> ls ./blah.key :p
<suigeneris> cute
<downhill_> what are you really trying to ask?
<suigeneris> downhill_, see the values of the certificate
<downhill_> you could simply use cat then
<downhill_> but you want to do that with your .crt, not your .key
<suigeneris> it was openssl something
<downhill_> it's human-readable if you cat your .crt, but whatever...
<suigeneris> hmm
<suigeneris> I am reading the book of postfix, i applied the steps CA.pl -newca, openssl req -new -nodes -keyout privatekey.pem -out privatekey.pem -days 1825 and openssl ca -policy policy_anything -out publiccert.pem -infiles privatekey.pem , copied the key and cert under /etc/ssl/private and /etc/ssl/certs and restarted postfix, but I am missing something and I can't use the new cert
<suigeneris> can someone help me?
<beniwtv> Hi all... I'm using Hardy LTS server, and I wanted to use asterisk-app-fax. However, when calling RxFax, Asterisk just crashes (Segmentation fault). Has anyone seen that problem?
<downhill_> strace might be able to give you more information as to what's going on
<beniwtv> downhill_: strace is here: http://pastebin.com/m5d473871
<beniwtv> Also, I found this bug in Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=479612. Might be the same?
<uvirtbot> Debian bug 479612 in spandsp "spandsp 0.0.4pre18-1 broke ABI" [Grave,Fixed]
<DogWater> Anyone have any tips on increasing speed of small file transfers with samba? perhaps filesystem?
<Faust-C> DogWater: do nic teaming, maybe use xfs (i think its good)
<DogWater> okay, so perhaps RAID-5 /w XFS?
<Faust-C> DogWater: sounds good, my setup is:
<Faust-C> 4 disks, mdraid raid1 (cause i need space), lvm using xfs, 6-8 smb shares, cheap nic cards
<Faust-C> and works great
<Faust-C> but i wish it was better
<DogWater> Oh, I have a perc6i (dell 2950-iii) in the particular server i'm referring to atm, and i'm currently just using raid-1 but i'm considering moving the fs that i need to be faster to xfs/raid-5
<Faust-C> remember to look into fs optimizations, best practices, etc
<DogWater> cripes at importing gpgkeys
<eolo999> hi, someone knows something about which services are generally on port 4734? We are receiving a flood attack to that port...
<uvirtbot> New bug: #323362 in tomcat6 (main) "While updating system, it reported an error." [Undecided,Incomplete] https://launchpad.net/bugs/323362
<dazman> eolo999, according to /etc/services, nothing.. so it's none standard probably.
<eolo999> dazman: i know, that's why i asked here
<eolo999> ...
<dazman> seems random to flood one port... heh.
<dazman> And, if google doesn't know, it doesn't exist (Tm)
<dazman> And Google doesn't seem to know... nearest I got was line 4734 in tcp.c on OpenSolaris... :)
<frippz> I'm trying to mount an SMB-share but I keep getting "wrong fs type". I thought that the package samba-client would provide all necessary stuff to mount SMB/CIFS
<genii> frippz: You may need smbfs package installed
<frippz> genii: there we go! now I got a permission denied instead. it's going in the right direction! :D thanks for you help
<genii> frippz: np
<frippz> prolly forgot to activate an account on the NAS or something...
<simplexio> has anyone idea why make-kpkg dosent work with 2.6.28-3 kernel.org source ?
<ivoks> why do you use make-kpkg?
<ivoks> you are compiling ubuntu kernel source or non-ubuntu kernel source?
<simplexio> kernel.org
<ivoks> oh... ok
<simplexio> i have allways thoght that its "easiest" way to do it
<ivoks> i haven't compiled kernel.org's kernel for years...
<simplexio> offcourse make bzImage && make modules_install should work too but. then i need to modity menu.lst etc.. by hand
<ivoks> er... you don't need to edit it manually
<ivoks> update-grub will pick it up
<ivoks> just name it vmlinuz-version
<simplexio> nice
<ivoks> update-initramfs will also create initrd
<ivoks> if you need it
<simplexio> i had some strange problems with 2.6.27-server version.
<simplexio> currently it seems that software raid1 on swap isnt that good idea
<ivoks> i managed to issue a command in vim after which it's runnin 100% cpu for 15 minutes :)
<ivoks> why not?
<simplexio> swapper could alloc memory, same happened to nfsd under heavy load
<simplexio> could not ..
<dazman> ivoks, I presume it's not :w :p
<ivoks> dazman:
<ivoks> :'<,'>s/),(/);\rINSERT INTO `mdl_backup_log` VALUES (/g
<ivoks> i should write a howto make your mysql dump 5 times bigger
<cellofellow> mysql isn't listening for tcp connections. why?
<cellofellow> ie port 3306 is closed. I don't have ufw blocking it
<ivoks> that's how it is configured by default
<ivoks> you can change that
<cellofellow> how?
<ivoks> create /etc/mysql/conf/custom.cnf
<ivoks> and put in it:
<ivoks> [mysqld]
<ivoks> bind-address = 0.0.0.0
<cellofellow> ok
<ivoks> and restart mysql
<cellofellow> still closed :(
<cellofellow> at least when nmap
<ivoks> it should work, iirc
<cellofellow> oh, it's /etc/mysql/conf.d, not .../conf
<ivoks> ah, sorry
<cellofellow> ok, working now. thanks
<dazman> :)
<dazman> In terms of keeping thing sensible... how realistic is creating a metapackage to install apache, mysql, ruby, gem etc. (anything for RubyOnRails) with all the post install stuff which is required?
<alex_joni> ivoks: around?
<ivoks> yes
<alex_joni> tried an 8.10 server install on that hardware, same issues with grub
<alex_joni> rebooted in recovery mode, and installed grub2 which did the job beautifully
<alex_joni> (after hacking about 2h at grub-install to convince it to recognize /dev/rd/c0d0 as the install device)
<alex_joni> (that grub-install was part of the standard grub, not grub2)
<ivoks> grub2 works for you?
<alex_joni> yes, in this case it worked GREAT
<ivoks> it's good to know *another* case where grub2 works, while grub and lilo don't
<alex_joni> this isn't one of the most common pieces of hardware, but it's good to have an alternative that just works
<ivoks> linux needs new boot loader anyway
<alex_joni> 2.6.27-7-server worked ok too.. detecting everything needed on that machine
<ivoks> i'm afraid grub2 isn't ready yet
<alex_joni> well, I'm not saying it should be made a default or anything
<alex_joni> but if it's not too hard maybe having it on the install CD as a failsafe could be beneficial
<alex_joni> if it's far from beeing ready, then it probably can wait
<ivoks> it's good to know that last grub2 patch was sent 10 minutes ago :)
<alex_joni> heh.. anyways, thanks
<ivoks> np
<alex_joni> PCI stuff seems to take really long .. something seems borken
<alex_joni> http://eneas.juve.ro/~juve/primergy/syslog
<alex_joni> 140s to 252s it just hangs
<ivoks> ?
<orudie> hi, i would like to set up mail server but dont know how to
<orudie> should i use task sel ?
<alex_joni> ivoks: it doesn't seem to do anything for about 2 minutes
<alex_joni> same in the beginning
<orudie> anyone ?
<alex_joni> orudie: no harm in trying..
<orudie> ok
<ivoks> orudie: there are docs
<orudie> ivoks, i just installed postfix, but how do i configure it
<ivoks> https://help.ubuntu.com/community/MailServer
<alex_joni> depends on the level of config you need
<alex_joni> if it's a simple setup, dpkg-reconfigure used to do the trick
<orudie> ok i think i configured it, but what are the pop and smtp servers ?
<ivoks> https://help.ubuntu.com/community/MailServer
<ivoks> :)
<ivoks> https://help.ubuntu.com/community/MailServer#Mail%20Delivery%20Agent
<simplexio> i complained whiel ago that 2.6.28.3 dosent like make-kpkg.. it works just fine on my 8.10 desktop. so does someonr know list of all packages needed to use it somewhere
<orudie> can someone help me configure postfix ?
<orudie> i followed this tutorial https://help.ubuntu.com/community/Postfix
<orudie> now i'm actually trying to put info into thunderbird
<orudie> dont know what to put imap or pop
<orudie> sending of username did not succeed. Mail pop.selsovet.com responded: Plaintext authentication disallowed on non-secure connections.
<orudie> can someone help me set up mail server please ?
<dazman> hmm.
<dazman> orudie, if you've only install postfix, then you have no imap/pop3 server yet.. postfix is just an MTA
<dazman> orudie, you need something such as courier or dovecot for IMAP/POP3
<orudie> ohhh
<orudie> i see
<dazman> https://help.ubuntu.com/community/Dovecot for example
<dazman> or, https://help.ubuntu.com/community/Courier for Courier.
<dou213> what is the maximum number of history-entries possible?
<jmarsden|work> dou213: 500 by default, but you can set to any natural number... probably a 32bit value, so I'd guess somewhere over 2 billion... do you really have that much disk space for history files?
<dou213> jmarsden|work, i just want it to keep something like 2000 last commands so that i can search for them easier... but when i set it to 2000 (or 5000) it does nothing
<dou213> it remains on 500 as before
<jmarsden|work> You logged out and back in, right?
<orudie> ok i set up courier , tested without errors
<Deeps> orudie: or use tasksel and install the mail-server task if you want it all setup for you in one go
<jmarsden|work> dou213: I have mine set to 1000 with no issues...
<Deeps> orudie: oh, too late, heh. nm then
<orudie> Deeps, i did tasksel mail-server
<orudie> it didnt , it only set up postfix
<orudie> thats it
<dou213> jmarsden|work, yes i set it to 5000 e.g. and then when i log out and back in, i see he only kept the last  500
<orudie> Deeps, now the question is how do i check mail ?
<orudie> i want to test with thunderbird
<jmarsden|work> you are setting both HISTFILESIZE and HISTSIZE, right?
<dou213> jmarsden|work, ups, no only HISTSIZE... should both be set?
<jmarsden|work> dou213: Yes.  man bash!  Setting both HISTSIZE and HISTFILE works for me, has worked for me for years... :)
<orudie> Deeps, hi , can you help please ?
<jmarsden|work> dou213: My typo... set both HISTSIZE and HISTFILESIZE
<dou213> how do i set the HISTFILESIZE? 'export HISTFILESIZE="nr" '?
<jmarsden|work> dou213: Yes.
<dou213> jmarsden|work, ok thx, damn then it is written wrong in the book
<simplexio> ou jee.. : [38670.820007] Pid: 10432, comm: linuxdcpp Not tainted 2.6.27-7-server #1
<simplexio> has anyone else had these ?
<orudie> can anyone help me with mail server please ?
<orudie> is there a way to configure it with a web interface ?
<simplexio> calltrace says something about xfs, and memory allocations
<Deeps> orudie: oh, are you sure? it's supposed to install dovecot imap + pop3 as well as a few other things too
<dou213> jmarsden|work, and how can i see what the actual value of the HISTSIZE is?
<jmarsden|work> dou213: echo $HISTSIZE  -- like any other shell variable :)
<Deeps> orudie: and to check mail, you connect to your server's hostmask/ip address with your mail client, either with pop3 or imap, and use the username + password you ssh into the server with
<dou213> thx
<orudie> Deeps, yes thats what i'm trying  to do get wrong password error
<Deeps> orudie: look in the logs for the imap/pop3 server to see what appears there?
<simplexio> anyidea howto use top to suspend process?, its only working prog now. loads are ~50
<orudie> Deeps, sending of password did not succeed. Mail server pop.selsovet.com responded: Login failed
<orudie> Deeps, this is the thunderbird's error
<nschembr_> I checked with #ubuntu first but no luck. I'm running ubuntu  server. I want to install xterm without installing X11. Is  there a way to use dpkg to install the base package and the  dependances one at a time.
<orudie> i love love to be able to configure this with a web interface
<jmarsden|work> nschembr_: dpkg --force-depends -i packagename.deb   # But if you break stuff, you own all the pieces!
<Deeps> orudie: and what does the mailserver log say?
<orudie> Deeps, anything ?
<orudie> i dont know where its located
<Deeps> orudie: somewhere in /var/log/
<jmarsden|work> orudie: /var/log/maillog by default
<Deeps> isn't that the MTA rather than the imapd/pop3d?
<tuan123> hi everyone
<nschembr_> jmarsden|work: thank you. Do you know if I can build a meta pkg that will automate my steps when I done. Is there a How to?
<tuan123> has anyone use libvirt+kvm+jeos in a productive environment?
<orudie> this is the few last lines of the log
<orudie> http://pastebin.com/m26d2d801
<tuan123> because i have now configured everything up, but it is a bit unstable
<jmarsden|work> nschembr_: Well, there's the Packaging Guide at https://wiki.ubuntu.com/PackagingGuide/Complete
<jmarsden|work> simplexio: You can kill or renice processes in top using k and r respectively.  I don't think you can suspend processes using top.
<orudie> anything?
<simplexio> hihii.. whats is fuuny loads in fileserver are now 80+, but samba share still works. so i can play video from there
<simplexio> and top on fileserver says that i core is in use on stuck program and another one is waiting
<nschembr_> jmarsden|work: thank you
<jmarsden|work> nschembr_: No problem
<orudie> jmarsden|work, can you help me please bro ?
<Deeps> orudie: try using username 'paul' instead of 'paul@...'
<orudie> Deeps, blah, it worked
<jmarsden|work> orudie: I'm at work... working... can't really spend a lot of time helping out right now...
<Deeps> orudie: "use the username + password you ssh into the server with"
<Deeps> orudie: would be what i suggested a while ago ;)
<orudie> Deeps, so far i'm logged in
<orudie> Deeps, hold on let me try sending
<Deeps> orudie: same user/pass should apply for sending mail
<orudie> Deeps, ok, what should i put for outgoing server?
<Deeps> orudie: same as you've put for incoming server, it's the same machine, same ip
<orudie> Deeps, or , so for outgoing its also pop.domain.com ?
<Deeps> orudie: your dns labels are your business, the host is still the same, you can address it by ip or by whatever hostmask you choose to make
<orudie> Deeps, i just sent an email to this new mail server, so far nothing
<Deeps> orudie: do you have MX records defined for your domain to point to the server?
<orudie> MX records ?
<Deeps> i'm gonna have to pass you onto someone else for your 'how mailserver son the internet work' / dns primer i'm afraid, google while you wait i guess!
<orudie> Deeps, what should i read up ?
<orudie> so i should set up SMTP on my ubuntu ?
<orudie> i guess i need to set up smtp server ?
<ScottK> If you know nothing about administering a mail server, I recommend that you run, do not walk, to a good book store and buy "The Book of Postfix".
<hads> There's some responsibility required running a public mail server, you should do some reading.
<Deeps> ScottK: can i file that recommendation as a bug against ubuntu-docs? :D
<ScottK> Deeps: Not really.  Ubuntu docs can tell you about how to use Ubuntu packages.  Teaching you about mail server administration is really too much.
<Deeps> "mailservers for human beings"
<Deeps> ?
<ScottK> Maybe, but administering a public facing mail server requires a certain amount of knowing stuff there's no way a distro can hide.
<Deeps> i feel that way about computing generally, heh.
<ivoks> spend 95% of time thinking about the problem, and only 5% solving it
<ivoks> you can apply that to mail servers
<ivoks> you should read and learn most of the times
<ivoks> implementation is easy, once you understand the problem
<ivoks> most people do it other way arround - that's why we have spam :)
<orudie> problem?
<ivoks> yes, problem 'i need mail server, and don't know anything about it'
<dazman> "I need to relay though it.. allow *"
<dazman> eh
<dazman> s/though/through/
<ivoks> most of the MTAs come with relay disabled
<ivoks> yet, people still manage to create open relays :)
<ScottK> The trouble with idiot proofing is they are so darn clever.
<dazman> Ha.
<hads> So true
<nschembr_> I'm remastering the livecd and I need to setup  /etc/network/interfaces with a static file. It's over writen  a boot.
<deadbattery>  is there anything specific and special i would do for streaming .avi files through a web dibvx player, to perhaps tweak anything?
<roy_hobbs> Newbie question about virtualization:  Is the general procedure to install ubuntu server edition, install the ubuntu-virt-server package, and then setup as many ubuntu jeos (for example) virtual machines as necessary?   Also, has anyone seen any benchmarks on the free VMWare server vs KVM (which ubuntu seems to prefer)
<ivoks> ubuntu-virt-server is just part of ubuntu-server
<ivoks> it's bundle of services for setting up host for virtual guests
<roy_hobbs> Yeah, but it's not installed by default correct?
<ivoks> correct
<roy_hobbs> If I have a cpu without virtualization instruction sets, would I be better off with xen or virtualbox?  Or is this a question that's difficult to answer?
<ivoks> i really don't know
<ivoks> i use kvm
<ivoks> i dumped vmware cause of it
<roy_hobbs> The free version you mean?
<ivoks> yes
<hads> KVM rocks
<ivoks> i agree
<roy_hobbs> Yeah I kinda figured KVM was somewhere in between the free and pay versions of vmware
<ivoks> it's just beautifull
<hads> It's also free rather than "free".
<ivoks> i've worked with ESX, if that's what you are refering to
<roy_hobbs> yes esx
<ivoks> and i still like kvm more
<roy_hobbs> hads: yeah i understand the difference between $$$ and FOSS
<hads> It's fantasticly non-invasive too.
<ivoks> and it doesn't create problems on kernel upgrade :)
<ivoks> and it just works
<roy_hobbs> is there and precedent that you know of for migrating a virtual box to a physical machine?
<roy_hobbs> ivoks: You mean since that DKMS or whatever it is?
<hads> KVM is in the standard kernel
<ivoks> kvm is designed for linux
<ivoks> not for all OS
<ivoks> so, it should provide better results
<ivoks> it doesn't have pretty and powerfull GUI, but i don't care for that
<gcleric> kvm is also designed for cpu that support virtualiztion.
<ivoks> correct
<ivoks> that's also a +
<ivoks> it's not ad hoc added support
<roy_hobbs> gcleric: yeah but will it work reasonably well without a cpu with virt. support?
<ivoks> it won't work at all
<gcleric> roy_hobbs: noope...you will get a warning if you try.
<orudie> ivoks, can you help me with mail server please ?
<gcleric> Intel VT and AMD-V cpu only,
<ivoks> orudie: maybe (it's 00AM here :)
<ivoks> so, be fast
<ivoks> :)
<roy_hobbs> So would the difference between a solution that's a hypervisor vs one that does virtualization be running it on cpu with or without virtualiztion support?  (I keep seeing the terms hypervisor, virtualization, and paravirtualization and am having trouble sorting them out.
<roy_hobbs> )
<orudie> ivoks, ok so far i have postfix installed and courier
<orudie> trying to get it working though
<ivoks> orudie: now, remove courier
<ivoks> and install dovecot
<ivoks> :)
<orudie> i think i have both installed lol
<ivoks> it much nicer and easier to set up
<ivoks> hypervisor = kvm, qemu, vmware, virtual box, etc...
<ivoks> !virtualization
<ubottu> There are several solutions for running other operating systems (or their programs) inside Ubuntu, while using the native CPU as much as possible: !kvm is the preferred approach in Ubuntu.  See also !QEmu (with !KQemu), !VirtualBox, !VMWare, as well as !WINE and !Cedega for Windows applications
<ivoks> !paravirtualization
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<ivoks> http://en.wikipedia.org/wiki/Paravirtualization
<orudie> so what do i do ivoks ?
<ivoks> orudie: remove courier and install dovecot
<ivoks> dovecot-imapd and dovecot-pop3d
<orudie> i think i  have that installed already
<orudie> i think i installed both
<orudie> how can i remove courier ?
<ivoks> apt-get purge courier.*
<Bangers> When I do "sar -d 3 3" I get "dev8-0 " for "DEV" -- what device is this??
<Bangers> Im looking for disk IO usage stats for /
<ivoks> if you don't know how to deinstall packages
<ivoks> you should really learn how to use your operating system, before you do something st...d
<orudie> hold on
<roy_hobbs> Thanks to those of you who have helped me get started.  Now the fun begins
<orudie> ivoks, ok courier removed
<ivoks> orudie: now, ask your self and let us know; what kind of mail server do you want
<orudie> pop3
<ivoks> will public access, only local delivery, etc...
<ivoks> orudie: we all know pop3/imap/smtp
<orudie> i am trying to set it up for a small company with about 10 people
<ivoks> orudie: but you should know what kind of mail server - who will use it
<ivoks> ok
<ivoks> only for internal mail, or you want to send mail outside?
<orudie> outside
<ivoks> does your server has a static IP
<orudie> yes
<ivoks> or is it on ADSL or some sort of dynamic IP
<orudie> its static
<ivoks> is your domain registred to that server?
<orudie> i have ubuntu 8.10 server installed on a vps
<ivoks> does MX record of your domain points to that IP
<orudie> well i registered a domain and used zoneedit to point the domain to my ip
<ivoks> does 'dig -t mx you_domain' returns IP of your server?
<ivoks> your_domain
<ivoks> doh... hate english
<owh> ivoks: Esperanto instead?
<owh> ivoks: Or Dutch?
<ivoks> nope, croatian?
<orudie> ivoks, http://pastebin.com/m6568bc2e
<owh> ivoks: Nah, no-one speaks croatian :)
<ivoks> owh: :p
<orudie> ivoks, the ip of my server is 207.192.72.15
<ivoks> you should be very carefull with disclosing so much info to a unknown people
<ivoks> now i could help you set your server as open rely, send spam over it and you'll end up in jail
<ivoks> :)
<ivoks> ....do you feel lucky? :)
<ivoks> anyway...
<ivoks> i see you have smtp running
<ivoks> and you haven't installed dovecot-imapd and dovecot-pop3d
<orudie> ok sorry
<orudie> so are we ready to proceed ?
<ivoks> sudo apt-get install dovecot-imapd dovecot-pop3d
<orudie> okd one
<orudie> done
<Victor_Petrescu> hi
<Victor_Petrescu> I have an apache2 problem
<ivoks> hm... i don't see open ports on that ip
<Victor_Petrescu> (98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
<Victor_Petrescu> no listening sockets available, shutting down
<ivoks> orudie: sudo /etc/init.d/dovecot restart
<ivoks> Victor_Petrescu: sudo /etc/init.d/apache stop
<ivoks> Victor_Petrescu: sudo killall -9 apache2
<ivoks> Victor_Petrescu: sudo /etc/init.d/apache start
<orudie> ivoks, ok restarted
<Victor_Petrescu> apache2: no process killed
<orudie> * Restarting IMAP/POP3 mail server dovecot                              [ OK ]
<ivoks> orudie: still noething
<Victor_Petrescu> (98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
<Victor_Petrescu> no listening sockets available, shutting down
<Victor_Petrescu> Unable to open logs
<Victor_Petrescu>                                                                          [fail]
<orudie> hmmm, what cna i try ?
<ivoks> Victor_Petrescu: then you have something else running on that port
<Victor_Petrescu> on 443?
<ivoks> Victor_Petrescu: sudo netstat -natp | grep 443
<ivoks> orudie: telnet localhost 110
<Victor_Petrescu> tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      23134/webcit
<Victor_Petrescu> cmon ..
<Victor_Petrescu> Citadel
<ivoks> Victor_Petrescu: there, you see
<Victor_Petrescu> just installed it
<Victor_Petrescu> can't they both work?
<ivoks> Victor_Petrescu: not on 443
<Victor_Petrescu> I don't need SSL for apache
<Victor_Petrescu> where can I delete that?
<orudie> Trying 127.0.0.1...
<orudie> telnet: Unable to connect to remote host: Connection refused
<luckyone> hello all... I have a server that has just recently started going non-responsive every couple of days - requiring a reboot...
<luckyone> any idea where I could start looking for that?
<ivoks> luckyone: memoy?
<ivoks> memory
<ivoks> orudie: ok
<luckyone> maybe...
<luckyone> if it was running out of memory, would it log that somewhere?
<ivoks> orudie: egrep ^protocols /etc/dovecot/dovecot.conf
<orudie> protocols = none
<ivoks> luckyone: yes, but it would kill a process then
<ivoks> luckyone: i'm guessing it's hardware problem
<luckyone> like apache and the ssh server?
<ivoks> orudie: change that none to 'imap imaps pop3 pop3s'
<luckyone> hmm, it is on a virtual server - hosted by serveraxis.com
<orudie> ivoks, nano /etc/dovecot/dovecot.conf ?
<ivoks> orudie: well, whatever you like
<ivoks> nano, vim, emacs, ed
<luckyone> ivoks: I have a binary file /var/log/faillog, would that mean anything?
<Victor_Petrescu> ivoks, can't really get it to work
<luckyone> orudie: vim ftw!!!
<ivoks> luckyone: everybody has that one
<ivoks> Victor_Petrescu: what could be a problem? stop citadel, start apache
<luckyone> ivoks: any recs on where to start?
<ivoks> Victor_Petrescu: setup citadel on localhost:12345 and then set up apache to proxy to citadel
<ivoks> luckyone: kern.log syslog
<luckyone> ivoks: also how do I get this server on landscape? what sort of reporting does that provide
<ivoks> luckyone: buy a support from canonical :)
<luckyone> you have to buy support from canonical to use  landscape?
<ivoks> yes
<Victor_Petrescu> so that means I would have to reinstall i?
<ivoks> Victor_Petrescu: i never installed citadel, so i don't know
<Victor_Petrescu> ok
<Victor_Petrescu> ok .. so apache running..
<ivoks> Victor_Petrescu: configure citadel on some other port
<Victor_Petrescu> citadel running :D
<ivoks> Victor_Petrescu: and on localhost
<Victor_Petrescu> did
<luckyone> ivoks: so lots fo these, Feb  5 17:10:46 VO12106 kernel: apache2 invoked oom-killer: gfp_mask=0x200d2, order=0, oomkilladj=0
<Victor_Petrescu> now I wonder if the mail() function still works under PHP
<ivoks> and then proxy domain:443/citadel to that localhost:port
<ivoks> luckyone: oom-killer is in-kernel function
<ivoks> luckyone: it kills processes when there's no more memory
<luckyone> is it normal?
<ivoks> well, it's normal
<ivoks> if you like having your processes killed
<ivoks> it means your ram gets filled
<ivoks> oom-killer doesn't know which process to kill
<ivoks> so you might say it kills randomly
<ivoks> it might kill sshd too
<luckyone> can I tell it to never kill sshd?
<ivoks> i'm not sure, i think not
<luckyone> I would like that to be among the last to die
<luckyone> kill lots of apache, mysqld, etc - not my sshd ;)
<ivoks> or, add RAM :)
<luckyone> looking at how expensive that is from my VPS provider
 * luckyone sets memory_limit to < 48M in the mean time....
#ubuntu-server 2009-02-06
<owh> luckyone: You could of course install lighttpd instead of apache to save some serious RAM :)
<ivoks> that's a myth
<twb> owh: or thttpd
<ivoks> and a flase one
<ivoks> false
<owh> ivoks: Can you elaborate on that please?
<twb> Or use inetd to avoid consuming any RAM at all, except when you get a request
<ivoks> apache worker uses less ram than lighttpd
<owh> twb: At the expense of speed, but yes.
<ivoks> and still is much powerfull
<ivoks> or more :D
<owh> I figured :)
<kgoetz> i find that suprising. it also doesnt match my experiance :/
<kgoetz> *sp
<owh> ivoks: Well, that's really interesting. On a low memory VPS I have been advised to install lighttpd rather than apache.
<owh> kgoetz: Hiya - melting in SA yet?
<ivoks> owh: there is apache and there is apache
<kgoetz> owh, 'yet'? with luck we'll stop melting in 2 days
<ivoks> apache has different MPMs
<owh> ivoks: for me it's *always* apt-get install apache :)
<ivoks> worker is fast, but PHP doesn't work on it
<kgoetz> owh, feel free to come and mop us up after
<owh> kgoetz: s/melting/melted/
<kgoetz> owh, s/big rants/yes
<kgoetz> :p
<twb> PHP doesn't ever *work*, but it might *run* on some MPMs
<owh> kgoetz: ROTFL
<twb> If you are trying to run PHP code you have bigger problems than apache's memory consumption
<owh> twb: Heh
<ivoks> :)
<twb>   PID  Uid     VmSize Stat Command
<twb>   617 root        428 S   httpd -p 80 -h /srv/www -r OpenWrt
<ivoks> owh: by default, ubuntu installs worker
<twb> ...that's busybox's http.  And since you are using initramfs-tools, you already have busybox installed.
<owh> When I have a spare life I'll do some tests with lighttpd/php and apache/php
<ivoks> owh: unless you ask for php, stupid non-threed safe language
<owh> ivoks: Hey, I just write 'm.
<owh> One day I'll have a whole spare hour to learn python :)
<twb> Python's not exactly a huge step
<kgoetz> owh, i hope that too. want to write my website in it ;/
<ivoks> i wrote couple of them in python
<ivoks> mod-python acctually
 * twb is not a fan of dynamic websites.
<owh> twb: I'm sure it's not, however, my existing PHP library won't "just work".
 * kgoetz was a bit put off by the lack of a cpan for python
<twb> kgoetz: that's called cheeseshop
<twb> It's not as "one click" as cpan(1), but it has the same general role.
<nschembr_> is there a group handling the livecd?
 * kgoetz goes to look
<twb> nschembr_: #ubuntu-installer
<luckyone> I am trying to install ebox on my new NAS, but I am getting a no pubkey error from http://ppa.launchpad.net intrepid main
<luckyone> any idea how I can get around that?
<nschembr_> kgoetz: twb: thank you
<kgoetz> luckyone, find the pubkey and import it
<twb> luckyone: yep, you want to /msg dpkg !apt-key XXXXXX, where XXXXX is the key's hash.  But you'll need to /join #debian-bots first.
<twb> 11:27 <dpkg> gpg --keyserver subkeys.pgp.net --recv-keys x ; gpg --export x | sudo apt-key add -
<luckyone> is the hash of the key listed after the NO_PUBKEY error?
<luckyone> GPG error: http://ppa.launchpad.net intrepid Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 30B02BFA99E5A6E7
<ScottK> Look at the LP page for that team's PPA and it'll have instructions.
<nschembr_> twb: I've never submitted a bug report before. I'm looking to talk it over before I do.
<ScottK> nschembr_: What's up?
<nschembr_> I'm remastering the livecd.
<nschembr_> I needed to include a static ip address
<nschembr_> I used a working /etc/network/interface file
<nschembr_> the disk continued to boot dhcp
<nschembr_> I found the option ip=frommedia
<nschembr_> the text file for isolinux for this option is blank
<nschembr_> that is not the bug
<ScottK> I think you want #ubuntu-installer to discuss that.
<nschembr_> ScottK: twb: thank you for your time
<ScottK> You're welcome.
<twb> nschembr_: many of the options for the live CD's boot: prompt are not properly documented, due to the rate at which which the live-initramfs/casper teams add them.
<nschembr_> twb that is not the bug
<nschembr_> twb: The bug, if I've included a /etc/network/interface file
<nschembr_> /usr/share/initramfs-tools/scripts/casper-bottom/23networking should use it without the option ip=frommedia
<nschembr_> twb:  It's a small issue. I just spent 4 hours correcting it for myself
<nschembr_> twb: I just can't tell if anyone else thinks this is a bug.
<twb> OK, you want to report that either to the live-initramfs package (Debian) or casper package (Ubuntu).  The latter is a fork that periodically pulls in changes from the former.
<twb> You can find the live-initramfs team on #debian-live on irc.oftc.net.
<nschembr_> how do I find the casper pack
<twb> nschembr_: in launchpad?  I don't know.
<nschembr_> twb thank you
<twb> (Personally I boycott launchpad because I can't even "log in" to it using w3m.)
<twb> That guy needs to learn how to connect to two servers at once.
<Bangers> Anyone know an automated way to build ubuntu-server, so that it works in VMWare ESX?  vmbuilder doesnt seem to support ESX
<twb> Bangers: cdebootstrap?
<twb> Bangers: or better, just booting the alternate CD within the VM, and doing a normal install?
<Bangers> huh?
<Bangers> I want an automated way to spit out a VMWare ESX Image to be imported into ESX and started
<Bangers> For regression testing
<deadbattery> anyone uses litespeed web server?
<twb> Bangers: sorry; I'm assuming that ESX works in much the same way as kvm or vmware-server, in that you just give it some arbitrary boot media to boot from.
<orudie> can someone recommend a webmail  ?
<antdedyet> I hear squirrelmail can be useful
<twb> If you want "overkill", then zimbra's webmail bit tries to be like Outlook Web Access.
<deadbattery> has anyone used litespeed?
<twb> deadbattery: never heard of it.
<snuxoll> Would anyone happen to know how to setup php5 with mod_fastcgi?  I've been trying for the past hour to no avail
<kansan> once you pop a gnome-terminal out... how do you pop it back in?
<suigeneris> good morning
<suigeneris> ScottK, are you there?
<CrummyGummy> Hiya, I would like to control a service using upstart. It does however need an lsb compliant init script because of heartbeat. Any advice?
<kraut> moin
<twb> CrummyGummy: what is heartbeat?
<CrummyGummy> twb: high availability suite for linux.
<twb> And it needs it to be a sysvinit script in order to restart it?
<suigeneris> can "Reply to all" be disabled on the server-side?
<kansan> sudo: unable to resolve host ec2-67-202-1-110.compute-1.amazonaws.com  .... this looks very bad.... should i be concerned?
<suigeneris> kansan, could be your dns is not functioning properly
<Nafallo> ec2-67-202-1-110.compute-1.amazonaws.com has address 67.202.1.110
<snuxoll> how predictable
<snuxoll> got drupal working with lighttpd, now I just need to write a cronjob to start thin for my merb app
<Nafallo> kirkland: btw. unicode doesn't work in screenrc ;-). tried to change \o/ to \âº/ ;-)
<loofi> Hi everyone. Can someone give me some input on how to mount NTFS correctly in /etc/fstab on my server. I want to connect an USB-drive for backup. It is to be maounted in /media/storage and everyone can read/write.
<loofi> By the way I am running Hardy
<kirkland> Nafallo: LoL :-)
<Scix> Anyone who now why sh is wining about a unexpexted "(", expecting "fi" at line 27? http://paste.ubuntu.com/114554/
<Scix> its works when i run as bash, but its a script who is automaticaly called from /etc/profile.d/ at login, and then it doesn't help to set #! /bin/bash
<Deeps> at a guess, because the ( ) syntax as you're using there isn't in sh, but is a bash feature instead
<Scix> what should i use in sted?
<Deeps> umm, bash
<Scix> i've tried, but xsession is uses sh, and then the file is called, it's prosessed as sh, even when i set #! /bin/bash in the header. Sory bad english
<Deeps> i dont know enough as to whether that should be the case or not, sorry
<Deeps> it doesn't sound right to me though
<soren> Scix: Arrays are a bash thing; you can't use them in dash
<soren> Scix: However, it seems to be a rather pointlesss use of arrays.
<Scix> soren: Why is it pointles? How can I scan tro the users groups, and do something, whithout having them in a array?
<soren> What's wrong with this: http://paste.ubuntu.com/114571/ ?
<Scix> sorry, i've postet wrong pastebin:P http://paste.ubuntu.com/114554/
<soren> Well, you might need to put some extra quotation marks in there in case you've got something returning grouop names with spaces in them.
<soren> Scix: No, that's what you posted.
<Scix> :P
<Scix> so i dont need the array :)
<soren> Scix: What I just sent you was a patched version of your script.
<Scix> soren: yes, you removed line 27?
<Scix> and changed 29
<Scix> but now i'm getting bad substitution at line 39
<soren> I didn't test it.
<Scix> sry, pebcak
<soren> I don't have the environment that it's made for, you know :)
<Scix> tank you so much :)
<ScottK> suigeneris: I am now.
<suigeneris> ScottK, if you are following postfix-users, I am having problem with using the new TLS certificate I have generated
<ScottK> I hadn't (I tend to skim it).  What's the subject?
<suigeneris> TLS certificate
<ScottK> OK.  I'll look.
<undef> hello
<suigeneris> ScottK, I've to go have lunch, will you be here in 1hrs?
<ScottK> More likely in two.
<suigeneris> okay
<suigeneris> brb, lunch
<suigeneris> i am back
<ScottK> I am sort of here, but trying to get my youngest off to school.
<ScottK> I haven't had a chance to look at postfix-users yet.
<suigeneris> okay, chill
<suigeneris> i'll be lurking
<suigeneris> let me ask you something. is it possible to disable "reply to all" with postfix?
<ScottK> No.
<ScottK> Reply-to-all is a mail client function.
<ScottK> By the time it gets to Postfix, there's no way to know that's what happened.
<lamont> "reply to all" is in the client's user agent (evolution, etc), not in the MTA
<WoLf_Loonie> Hello, and sorry to disturb.. I'm having a couple issues with some web scanner that is clogging my apache2 logs.. I know how to avoid the logging itself, but I would like to completely block the requests containing this "Toata dragostea mea pentru diavola" header.. Anyone could point me to the correct resource or help me with that issue?
<ivoks> so, it's causing denial of service?
<WoLf_Loonie> more like, it's a major issue trying to check the logs, as I have thousands of those lines every day.
<alex_joni> WoLf_Loonie: "diavola" looks like a typo, wrong gender
<ivoks> well, start with blocking those request on iptables level
<ivoks> instal fail2ban and configure it
<WoLf_Loonie> 192.89.36.220 - - [05/Feb/2009:22:28:58 +0100] "GET /wikis/bin/configure?action=image HTTP/1.1" 403 192 "-" "Toata dragostea mea pentru diavola"
<WoLf_Loonie> one example
<alex_joni> WoLf_Loonie: ok..
<orudie> ivoks, hi my friend
<ivoks> hello
<orudie> email is working :)
<ivoks> zul: .de? :D
<ivoks> zul: you're in berlin! you dirty bas... :D
<ivoks> orudie: great
<zul> ivoks: da im in berlin like everyone else
<orudie> ivoks, do you think you can help me out with webmail ?
<suigeneris> zul, I'm not in Berlin
<orudie> ivoks, can you recommend a webmail client ?
<orudie> ivoks, what do you think about roundcube ?
<suigeneris> ScottK, are you free now?
<ScottK> Yes
<ScottK> I was just looking at my setup and it's a bit different.
<henkjan> orudie: roundcube is nice
<ScottK> suigeneris: For the cacert, I just smtpd_tls_CAfile=/etc/postfix/certs/cacert.pem
<ScottK> That seems to be sufficient for me.
<ivoks> orudie: roundcube is great
<orudie> can you guys help me to get that set up ?
<suigeneris> ScottK, I edited my main.cf to have that, and I still get the warning at http://people.sabanciuniv.edu/mtozses/cert.png
<ScottK> suigeneris: That's an error of your desktop not understanding the cert, not on the server.
<ScottK> You need to install the cacert.pem on your desktop where your mail client can find it.
<Faust-C> yeah
<suigeneris> how can I offer the new certificate?
<ScottK> I put the cacert on my web server and give clients the chance to download it.
<ScottK> That or you can pay a commercial CA to sign it for you.
 * soren likes roundcube as well
<soren> It's the only webmail client I can tolerate.
<MadChopr> you don't like squirrelmail?  if so, why?
<Faust-C> cause its fugly
<soren> That sums it up pretty well.
<MadChopr> :)
<MadChopr> agreed.
<soren> roundcube doesn't get in my way and it does the whole ajax thing.. It's just very convenient.
<Faust-C> but roundcube is featureless
<Faust-C> well for my company anyway
<MadChopr> what features does your company expect in a mail program, and what do you use for your company Faust-C ?
<Faust-C> MadChopr: i need a groupware suite, and atm i have nothing but shitty MDaemon pop3 and outlook
<ivoks> ugliest software on the planet
<ivoks> well
<MadChopr> what groupware software are you looking into?
<ivoks> squirrel also doesn't do groupware
<ivoks> but roundcube does have a support for common addressbook :)
<Faust-C> phpgroupware, egroupware
<MadChopr> Faust-C: you have a sway with which one to go with yet?
<Faust-C> not yet
<Faust-C> havent tested any out
<ivoks> umm...
<ivoks> unison?
<Faust-C> i was looking at horde but its too odd
<ivoks> it's desktop app
<ivoks> unison server + unison desktop
<ivoks> based on thunderbird
<ivoks> looks good
<Faust-C> doesnt it cost $
<ivoks> i've downloaded it
<Faust-C> ivoks: like it so far?
<ivoks> didn't use it yet :D
<ivoks> i which days have 48 hours
<ivoks> whish
<ivoks> All downloads above are of our sponsor-supported version. You may use it without charge. For our paid version, without ads, you can purchase Unison licenses here.
<Faust-C> heh
<ivoks> http://www.unison.com/what-is-unison/pricing.php
<orudie> ivoks, i'm currently looking at this http://trac.roundcube.net/wiki/Howto_Install
<ivoks> you can install roundcube with:
<ivoks> sudo apt-get install roundcube-mysql
<suigeneris> my roundcube has no installer dir in it. why?
<ivoks> you apt-get it?
<ivoks> Faust-C: fwiw, it start 20-30 seconds on my laptop
<suigeneris> yes
<ivoks> then it is installed
<suigeneris> tolga@ozses:/usr/share/roundcube$ ls
<suigeneris> bin  config  index.php  logs  main.inc.php.dist  program  skins  temp
<ivoks> suigeneris: it's installed
<suigeneris> oh
<ivoks> you installed it with apt-get
<ivoks> no need to do all that stuff
<suigeneris> I don't need installer/
<ivoks> just go to the web page
<ivoks> you should configure it, though
<orudie> ok i installed it
<ivoks> in /etc/roundcube/
<ivoks>  /m nickserv change-channel-name-to #not-roundcube-support
<ivoks> :)
<orudie> ivoks, i love you
<ivoks> lol nickserv
<ivoks> chanserv
<suigeneris> weeee
<orudie> hmmm
<orudie> i dont see roundcube in /etc/
<suigeneris> at last i have a webmail
<ivoks> orudie: you didn't install it; for the last time: sudo apt-get install roundcube-mysql
<suigeneris> ivoks, how do i set default mail server and remove the relevant field?
<orudie> ivoks, i did sudo apt-get install roundcube-mysql :)
<ivoks> suigeneris: /etc/roundcube
<orudie> right after you told me
<ivoks> main.inc.php
<orudie> ivoks.....
<MadChopr> where is the ubuntu pastie?
<orudie> ivoks, http://pastebin.com/m446f2f1b
<MadChopr> i don't see it in the topic
<orudie> MadChopr, http://ubuntu.pastebin.com/
<orudie> maybe this i'm not sure
<ivoks> orudie: you are a fast learner :)
<MadChopr> orudie: thank yuo
<ivoks> sudo apt-get install roundcube roundcube-mysql
<orudie> installing 18 mb
<orudie> Configuring roundcube-core
<orudie> ivoks, Configure database for roundcube with dbconfig-common?
<ivoks> yes
<orudie> ok done
<orudie> ivoks, now i'm in /etc/roundcube , open main.inc.php ?
<ivoks> configure it to your preferences
<orudie> ivoks, ok i'm in main.inc.php
<orudie> ivoks, i'm lost in this config :)
<Gargoyle> afternoon
<orudie> morning
<suigeneris> bye all
<orudie> ivoks, help please?
<orudie> henkjan, around ?
<z0det> hi when i try to sudo apt-get install irssi or any other progs, i only come to 0% [Connecting to se.archive.ubuntu.com (130.239.18.137)] [Connecting to security.ubuntu.com (91.189.88.37)] [Connecting to ppa.launchpad.net (91.189.90.217)]
<z0det> and it wont install any thing
<z0det> any tips?
<maxb> Verify that you can contact the servers in a browser
<maxb> Or some wget/curl
<z0det> i can
<z0det> root@dump:/home/dump# ping www.google.se
<z0det> PING www.l.google.com (74.125.43.147) 56(84) bytes of data.
<z0det> or i dont
<z0det> ehehe
<z0det> wtf :C
<z0det> but my friend kan ssh two it
<z0det> thats sick 8]
<orudie> ivoks, back ?
<ivoks> omg
<ivoks> orudie: stop following me around
<z0det> ;D
<ivoks> orudie: what's the problem?
<piquadrat> Hi! I want to set up fastcgi with suexec on apache. The docroots of the VirtualHosts are in /home/someuser/someproject/public_html. AFAIK, suexec doesn't allow wildcards in the path to the docroot, so I would have to compile suexec with docroot=/home. Would that be a security risk?
<orudie> ivoks, ummm, i'm not sure what to do after sudo apt-get install roundcube-mysql
<ivoks> use it?
<orudie> ummm whats the url though ?
<ivoks> http://your_server/roundcube
<orudie> ivoks, url not found
<orudie> ivoks, http://www.selsovet.com/roundcube
<ivoks> open /etc/roundcube/apache.con
<ivoks> conf
<ivoks> and uncomment Alias /webmail /var/lib/roundcube
<ivoks> reload apache 'sudo /etc/init.d/apache2 reload
<orudie> i dont see Alieas
<orudie> i see <Directory /var/lib/roundcube/>
<orudie> errr
<orudie> hold on
<orudie> sorry i see it now
<orudie> ivoks, only ucomment one line?
<ivoks> that's what i said
<orudie> hmmm
<orudie> ivoks, http://www.selsovet.com/roundcube/ really weired language :)
<ivoks> lol
<ivoks> it's your's system default
<ivoks> i guess you are in georgia, usa?
<orudie> what? lol
<orudie> no
<orudie> the server is in NJ
<orudie> i am in NY
<ivoks> well, you choosed georgia as server location
<ivoks> that's country on the east of europe
<ivoks> some would say even asia
<orudie> georgia, USA  is in the USA
<ivoks> ah... americans
<orudie> server was migrated from state of georgia to the state of new jersey, all within US
<ivoks> http://en.wikipedia.org/wiki/Georgia_(country)
<orudie> dude
<orudie> i know where Georgia is
<orudie> i'm Russian
<orudie> i know some georgian immagrants here in the US
<ivoks> well, whoever installed it, he set it up to be in georgia, Europe, not georgia USA
<orudie> so how can i change it, caus i changed the timezone recently to eastern u.s.
<ivoks> good question :)
<tewmten> change the /etc/timezone to point to the correct file
<orudie> maybe i can specify the language that used by roundcube ?
<ivoks> sudo /usr/share/locales/remove-language-pack gr?
<ivoks> without ?
<tewmten> have a look in /usr/share/zoneinfo/
<tewmten> where are the timezone files are
<ivoks> orudie: what's the output of 'cat /etc/timezone'?
<tewmten> find the one you need, symlink it to /etc/timezone
<ivoks> not symlink
<orudie> cat /etc/timezone
<orudie> America/New_York
<orudie> hmmmmm
<ivoks> export | grep LANG
<orudie> so should i sudo /usr/share/locales/remove-language-pack gr  ?
<orudie> export | grep LANG - no output
<ivoks> no output?
<orudie> nope
<orudie> silent
<ivoks> heh
<tewmten> locale -a
<tewmten> perhaps?
<ivoks> that's all supported locales
<orudie> hmmm... ?
<ivoks> how about 'locale'
<tewmten> yeah
<ivoks> hahaha probably his email server also responds with georgian translation :D
<tewmten> i dunno, when it comes to locales Im really clueless.. C or GTFO I say! :P
<ivoks> me too
<orudie> do you want to see the output of locale? http://pastebin.com/m3acc33f9
<ivoks> ok...
<ivoks> anyway
<orudie> ivoks, i tried sending emails back and forth after you helped me last night, it was fine
<ivoks> in /etc/roundcube/main.inc.php
<ivoks> there's a line
<ivoks> $rcmail_config['locale_string']
<ivoks> it should be set to en_US
<ivoks> that's line ~130
<ivoks> or ~120
<orudie> yup found $rcmail_config['locale_string']
<ivoks> if it is set to en_US, then you don't have en_US locale, and you can install them with:
<ivoks> sudo /usr/share/locales/install-language-pack en
<orudie> / the default locale setting
<orudie> $rcmail_config['locale_string'] = 'am';
<ivoks> am? :)
<orudie> yeah whats that lol ?
<ivoks> who set it to am?
<orudie> not me
<orudie> i didnt even know about it
<ivoks> it didn't by it self
<ivoks> ok... change am to en_US
<orudie> maybe its not secure ?
<ivoks> it probably read system default
<orudie> ok ok
<orudie> $rcmail_config['locale_string'] = 'en_US';
<orudie> like this ?
<ivoks> yes, save that
<orudie> ok done
<ivoks> now install locale
<ivoks> sudo /usr/share/locales/install-language-pack en
<orudie> complete
<ivoks> hm
<ivoks> restart apache :)
<ivoks>  /etc/init.d/apache2 restart
<ivoks> but, it should work by now :/
<ivoks> hm hm
<orudie> ok restarted
<ivoks> paste the output of locale -a on the pastebin
<orudie> http://pastebin.com/m1ff2dc1
<undef> hey
<undef> did anything changed on intrepid related to xen ?
<orudie> ivoks, i think its $rcmail_config['locale_string'] = 'en';  , not en_US
<orudie> i'm reading forums
<undef> aptitude install ubuntu-xen-server apparently doesn't install a *-xen kernel anymore
<ivoks> it's en_US
<ivoks> orudie: who installed that server?
<orudie> VPS company
<orudie> linode
<ivoks> call them and tell them that they are in USA, not Georgia
<ivoks> :D
<MadChopr> i'm thinking about reinstall ubuntu server from scratch cause i'm so ignorant with this stuff.
<orudie> i should
<ivoks> https://help.ubuntu.com/community/LocaleConf
<orudie> i just did tell them that
<ivoks> lol
<orudie> i'm in the irc channel with them :)
<orudie> i dont care those people are only nice to you before you sign up for their VPS, once you sign up they start acting like assholles
<orudie> ivoks,  should i sudo dpkg-reconfigure localeconf ?
<ivoks> this is an old article :/
<orudie> oooh :(
<ivoks> no
<ivoks> that doesn't exist
<orudie> hmmm
<ivoks> do this:
<ivoks> cat /var/lib/locales/supported.d/local
<ivoks> what's in it?
<orudie> the list of en
<orudie> en_SG.UTF-8 UTF-8
<orudie> en_US.UTF-8 UTF-8
<orudie> en_ZA.UTF-8 UTF-8
<orudie> en_ZW.UTF-8 UTF-8
<orudie> and others
<ivoks> soren: http://sparklingdev.artruist.net/?p=3 'Gosh! What a jerk created this bloody virtual machine image for Amazon EC2?' :)
<orudie> ivoks, out of ideas... ?
<ivoks> orudie: well, everything is as it should be
<ivoks> orudie: you've restarted apache?
<ivoks> /etc/init.d/apache2 restart
<orudie> sudo /etc/init.d/apache2 restart
<orudie>  * Restarting web server apache2                                                                      apache2: Could not reliably determine the server's fully qualified domain name, using 207.192.72.15 for ServerName
<orudie>  ... waiting apache2: Could not reliably determine the server's fully qualified domain name, using 207.192.72.15 for ServerName
<orudie>                                                                                                [ OK ]
<ivoks> odd
<orudie> yeah lol
<orudie> what the hell
<orudie> maybe reinstall roundcube ?
<ivoks> no
<orudie> and first make sure the default language is en_US of the system
<orudie> ok....
<ivoks> there must be a reason why it's like that
<jtaji> not sure what you guys are up to.. but the first thing I do on Ubuntu on Linode is: apt-get install language-pack-en && update-locale LANG=en_US.UTF-8
<ivoks> hm
<jtaji> never had issues after that
<ivoks> it tries to autodetect
<ivoks> right
<ivoks> orudie: purge roundcube
<ivoks> orudie: apt-get purge reoundcube.*
<ivoks> postinst:                 -e "s+^\(\$rcmail_config\['locale_string'\] = '\).*\(';\)\$+\1${language}\2+" >> $CONFFILE.ucftmp
<ivoks> orudie: during installation of roundcube, it asked about the language
<ivoks> and you hit ENTER
<ivoks> selecting the first one - am
<ivoks> armenian
<ivoks> or whatever
<ivoks> next time, select your language
<ivoks> :)
<orudie> i dont think it asked me about the language
<orudie> but i'll try again
<orudie> Deconfigure database for roundcube with dbconfig-common?  Yes No
<ivoks> yes
<orudie> OK done
<orudie> sudo apt-get install roundcube roundcube-mysql ?
<orudie> or restart apache first ?
<ivoks> just install
<orudie> ok done
<orudie> it didnt ask me for the language
<ivoks> ok
<ivoks> then just uncomment Alias line in /etc/roundcube/apache.conf
<orudie> ok did it
<orudie> same thing
<orudie> :(
<ivoks> hehe
<orudie> / the default locale setting
<orudie> $rcmail_config['locale_string'] = 'am';
<ivoks> sudo apt-get install language-pack-en && update-locale LANG=en_US.UTF-8
<orudie> done
<ivoks> dpkg-reconfigure roundcube-core
<orudie> IMAP server(s) used with RoundCube:
<ivoks> for the questions you don't know the answer, just accept default
<orudie> If this is left blank, a text box will be displayed at login.
<ivoks> put localhost
<orudie> ok dude
<orudie> now i have option to change language
<orudie> yay !!!
<orudie> ummm
<orudie> same thing :(
<orudie> maybe i should have reinstalled the database
<orudie> when it asked me to
<ivoks> no
<ivoks> it didn't change settings in main.inc.php
<ivoks> open /etc/roundcube/main.inc.php
<ivoks> look for am
<orudie> ummmm
<orudie> needed to clear cache and cookies in firefox
<orudie> now its english dude
<orudie> :)
<ivoks> right
<ivoks> so the problem is that guys in Linode don't setup locales
<orudie> yeah
<orudie> hang on
<orudie> ivoks, it works, but when sending message it says "error accured when SAVING"
<orudie> but the message is sent
<ivoks> orudie: you're on your own
<ivoks> i can't help you anymore
<ivoks> take care guys
<orudie> ivoks, thanx for your help bye
<Adri2000> is anyone here using samba as nt primary domain controller, with an interdomain trust relationship established with another nt domain?
<Adri2000> with such a configuration, there is a bug making winbind crash when trying to retrieve the list of groups (getent group)
<Adri2000> I found a patch fixing that, and am considering SRUing it. but I'm not sure if I'll find enough testers
<itsbth> I'm having some issues connecting my server to the LAN
<itsbth> It's connected to a wireless access point, which is also used for a other computer that does connect
<orudie> does anyone know how to change the logo in roudcube webmail ?
<guicho> i have a local domain in my network, thats call linux.local, and i activate a account
<guicho> whith DynDns,
<guicho> thats called ubuntulnx.homelinux.net
<guicho> my question is, i have to configure this name in my local domain or simple
<guicho> update the ip with DynDNS
<downhill_> ddclient?
<guicho> with inadyn
<downhill_> that wasn't really a question, you know...
<dazman> hmm
<dazman> Hah
<downhill_> heya dazman
<dazman> downhill_, hi. :)
<downhill_> what's crackin'?
<dazman> not much
<dazman> just sat staring at an IRC window it seems.
<dazman> I found someone had blueprinted my ruby idea already, which is good.
<downhill_> nice
<dazman> altho, nothing seems to be done
<jlc> anyone use schroot?
<maxb> schroot is wonderful!
<agentk> dazman: Turns out the problem with iptables you tried to help me with was that connections compleatly on localhost do not go through nat PREROUTING. Rules must be put in nat OUTPUT instead.
<dazman> I thought that afterwards.. but you said it worked, so I dunno.. Haha.
<maxb> http://www.dqd.com/~mayoff/notes/linux/iptables.png
<maxb> ^ Very useful diagram
<uvirtbot> maxb: Error: "Very" is not a valid command.
<maxb> meh
<hansin> Is eBox considered the best (or at last a good choice) for a web-based configuration option for Ubuntu Server?  I had trouble trying to install it on 8.10.
<ScottK> There are some known problems on 8.10 that we're trying to get fixed right now, but generally yes.
<ScottK> sommer: Did the ebox sru get uploaded yet?
<hansin> Okay, thanks.  So here is a question/input I have.  I may be off basis here (not fuller versed), but it appears eBox wants a full Apache install with FGI perl.  Wouldn't it be nice to have something similar but which had its own lightweight webserver built into core, and even set up to run via inetd like Samba's Swat so that it only was loaded when needed?  Also, I wonder about Perl as the core language since many seem to lean toward
 * ScottK just uses vim for his server gui.
<ScottK> If you want lightweight, do it by hand.
<ScottK> Not that the http gui couldn't be done in a lighter way ...
 * antdedyet hasn't yet tried ebox... how did that come along, wondering...
<hansin> ScottK: Good point, and these were just thoughts I had.  I don't have enough knowledge of eBox to make such judgements but I was doing some thinking after looking into it and these things came to mind (mostly build a webserver into core, but the language question was just an afterthought).
<dazman> I reckon theres a real opening, as discussed the other night in here, for a fully wizard driven(?), configuration interface for Ubuntu server.. much like Windows SBS "Server Management".. but thats no small task :)
<ivoks> you do realize that's impossible?
<ivoks> even newer windows don't have wizzards for services configuration
<ivoks> it's impossible to put all apache/postfix/sendmail configuration options into GUI wizzard
<dazman> not really impossible.. you just have to limit the functionality they enable.
<dazman> The Windows SBS wizards do just that.. they get common tasks working, based on a few configuration options given by the user.
<ivoks> you already have that with postfix, for example
<ivoks> if you install it, it will ask couple of questions and set everything up
<ivoks> i just moved to 9.04 and ext4
<dazman> true.. but thats postfix.  You still have users, samba/nfs, etc,etc.  The first thing you see on a Windows SBS box is the server management window and tools to set various stuff up..  I could give ubuntu server to most people, and they would't know how to create a windows share for example, to their network.
<dazman> I could give most people a SBS box, and they'd be able to create users and the share I would guess pretty quickly.
<dazman> but anyway... :)
<ivoks> we have ebox for that
<ivoks> it covers dhcp, mail, openvpn, smb...
<ivoks> firewalling
<ivoks> and it is very easy to use
#ubuntu-server 2009-02-07
<palt> Cool, I didn't know about ebox. Looked pretty handy for folks who don't like the config files :)
<erichammond> How do I find out the timer frequency in the current running kernel (e.g., 1000Hz)?
<ivoks> /boot/config-2.6.27-11-generic:CONFIG_HZ=250
<erichammond> ivoks: Thanks.
<erichammond> What if the system in question has a mostly empty /boot (EC2, xen)?
<ubuntuBG> Which is the best FTP server for Ubuntu?
<Deeps> https://help.ubuntu.com/8.04/serverguide/C/ftp-server.html
<Deeps> is what's recommended in the documentation
<ubuntuBG> Thanks
<jtaji> vsftpd is also the only ftp server in main
<jtaji> beyond that one, I think proftpd is popular
<Deeps> in main == officially supported
<ScottK> ubuntuBG: Also consider an alternative that doesn't send passwords in the clear.
 * jtaji nods
 * ScottK is a fan of sftp.
<ubuntuBG> yes
<Deeps> ScottK: vsftpd supports auth tls
<ScottK> Good.
<maw_> what do you guys use to track software/hardware inventory?
<ubuntuBG> is it work in Ubuntu 64
<maw_> just in general, production systems / office
<erichammond> maw_: Emacs
<erichammond> :)
<maw_> h4t3r
<maw_> :P
<jtaji> ubuntuBG: absolutely
<ubuntuBG> Thanks
<maw_> I am hoping there is some bling commerical software solution that makes it easy
<ubuntuBG> Is its configure easy?
<Kamping_Kaiser> maw_, i suspect having a search in the repos will turn something up
<maw_> it doesn't need to be ubuntu related, just in general
<ubuntuBG> is vsftpd included in Ubuntu 8.10?
<maw_> I thought that sysadmins live here as it is a "server" channel
<ubuntuBG> nobody is in server channel
<jtaji> !info vsftpd
<ScottK> People not answering your question is not the same as not here.
<ubottu> vsftpd (source: vsftpd): The Very Secure FTP Daemon. In component main, is extra. Version 2.0.7-0ubuntu1 (intrepid), package size 96 kB, installed size 400 kB
<ubuntuBG> Thanks
<jmarsden|work> maw_: Look at OCSng and maybe GLPI for the inventory tracking stuff -- open source, not closed... you can probably use the (commercial) service from Canonical called landscape; it depends exactly what you are looking for.
<maw_> something, probably DB driven to track hardware/software inventory for the enterprise
<maw_> excel is working... but that's getting old :\
<maw_> ill check those products out - thanks
<jmarsden|work> np.  They are more network-oriented than a spreadsheet or a database ... auto updates as machines boot, etc.
<maw_> do they use agents or snmp?
<jmarsden|work> Agents (run at boot or login, not necessarily continuously).
<jmarsden|work> You *can* use them by hand, at least OCSng you can, but it seems a bit pointless unless you are tracking non-networked machines.
<maw_> hm, boot would be good... OCS looks like it has a lot of functionality
 * ScottK suggests to consider that after transition to a FOSS software base software inventory is a pretty meaningless concern.
<Chipzz> ScottK: it may not be depending on your POV
<jmarsden|work> ScottK: Maybe not if you have to support everything your end users install??
<ScottK> True.
<maw_> luckily I don't
<ScottK> But that's a different set of requirements than "BSA will put me out of business if  I mess up".
<Chipzz> or if you lack manpower, and want to hire, but need to know what exactly you're running
<maw_> I think most private companies have an understaffed IT dept.
<maw_> so good sysadmins are always looking to centralize management and maintenance
<Kamping_Kaiser> i disagree with that assertion.
<maw_> even if you have 30 sysadmins and 30 servers... still smart to centralize >.<
<Kamping_Kaiser> centralising should be done out of necessity, not for its own sake. it makes life extremely hard for those whos services get removed, and reduces the number of people able to fix things (eg, local admin can no longer unbreak things effectively)
<maw_> if requirements are properly compiled, local requirements can remain intact through GPO
<maw_> and I am more talking about a one site setup
<maw_> office / datacenter and X admins to manage both
<Kamping_Kaiser> the concept of centralising when you only have one location seems somewhat bizzare to me if i'm honest
<maw_> so you would rather log into 20 windows server one at a time to patch them, or use WSUS to push patches to all of the boxes with one click?
<ScottK> In my experience working for a big company the less central IT had to do with what I was doing, the better off I was.
 * ScottK has been in more than one "How about I stop paying for your 'support' and you stop breaking my stuff" meeting.
<Kamping_Kaiser> I would rather not deal with windows servers. but it looks like we use 'centralise' in different ways
<Kamping_Kaiser> ScottK, agreed.
<KingOfDos> can someone say anything about the postfix/sasl configuration? i think that it's using another file for the mysql setup.
<KingOfDos> if i enable query logging on my database. after changing the sasl script in /etc/postfix/sasl/smtpd.conf so it wil use a query like "SELECT aaaapassword..." the query log stil gives me "SELECT password..."
<KingOfDos> i want to change the login check so it uses the "where email = '%u@%r'" instead of "where email = '%u'"
<ScottK> This is Cyrus SASL, right?
<KingOfDos> yes
<ScottK> You know you can only have one realm, right?
<KingOfDos> how do you mean?
<ScottK> I assume your 'r' is the SASL realm.  You can only have one.
<KingOfDos> i've got a virtual mail setup. a user in mysql is info@domain.com, sasl then denies the login because the user is 'info' and the realm is 'domain.com'. so i thinked that i just had to change the query
<KingOfDos> i'd added a clean user, with only the name 'info' and the same password as the 'info@domain.com' account. then it works
<KingOfDos> but indeed, i want a multi-domain env. so i guess that i've got to use another package then?
<Deeps> "$customer advises server is down. When he tries to login he sees a Colonel Panic"
<ScottK> I'd suggest looking into dovecot sasl.
<KingOfDos> do i need to setup an complete dovecot config, or can i only use the sasl methods with my postfix/courier setup?
<KingOfDos> oh, i'd read over a line at the wiki. now it's clear :)
<ScottK> If you look at the server guide, dovecot sasl is what's mostly in the docs.
<Shanix> hi all, How do I manage the SAN device from Ubuntu?
<Shanix> after running the scsiadd -p command, I get the following result:
<downhill_> "the SAN device"...
<Shanix> Host: scsi3 Channel: 00 Id: 00 Lun: 00
<Shanix> does this look right? or is there are any package that I should install??
<tethridge> I'm having a problem with my headless server
<Kamping_Kaiser> oh yes?
<tethridge> my logs keep filling up with "Feb  6 21:26:10 fs1 kernel: [80179.115092] printk: 1 messages suppressed."
<tethridge> I've unplugged all usb devices
<tethridge> any idea how to stop it?
<Shanix> downhill_, anything that I should know about related to the SAN management in Ubuntu? or suggestions?
<tethridge> if I do lsusb it locks my console
<downhill_> "the SAN" there are many types of SANs.
<Kamping_Kaiser> tethridge, can you give us some context for the printk?
<tethridge> Kamping_Kaiser, I'm not sure what you mean by context.
<Shanix> downhill_, it's the HP storagework connected with fibre channel
<Kamping_Kaiser> tethridge, i dont see an inherant problem with messages being suppressed. what about that line worries you?
<tethridge> well, I've had the box working as a cups server and it recently stopped
<tethridge> I had applied security updates
<downhill_> oh, I wouldn't know anything about that off the top of my head, Shanix.
<tethridge> I thought that maybe it was just a problem with the kernel, but I tried the previous one and it won't work either
<downhill_> I simply didn't understand the context of your question.
<tethridge> plus, lsusb is locking up.  That doesn't seem right.
<tethridge> I only use this box for samba, nfs, cups, and a headless virtualbox instance of windows xp so my wife can sync her ipod
<tethridge> I've shutdown everything and I still get the messages and lsusb still doesn't work.
<tethridge> Kamping_Kaiser, here is my post on the forums.  http://ubuntuforums.org/showthread.php?t=1061565
<Kamping_Kaiser> sounds like bad hardware, but the timing is strange. check dpkg's log and see what security updates you installed. perhaps it'll give you some clues
<tethridge> maybe that would supply some context.  I have the kernel, lspci and dmesg on there
<Shanix> downhill_, the first question would be, what is the command that I need to use to see how the storage device is being recognized in the system? I tried dmesg, didn't find anything
<KingOfDos> ScottK: all the howto's/other type of documents that give me information about dovecot sasl within postfix ar thinking that the user is using local mail. but im using a virtual mail setup
<ScottK> Hmmm.
<downhill_> Shanix: look in /var/log/dmesg then
<ScottK> I'm not sure what advice to give you.
<downhill_> the boot info from the command "dmesg" can easily run off the scrollback if your machine has been booted a while
<Shanix> downhill_, ok, done that, and grep the word scsi, it shows: http://pastebin.com/m15fc84b7
<KingOfDos> ScottK: i won't give up searching. i've got a few suggestions found on the internet, using dovecot in a simular env.
<downhill_> Shanix: you should read the context of those lines as well, not just grep it ;)
<ScottK> Great.
<KingOfDos> thanks anyhow :)
<downhill_> anyway, I'm still the wrong person to ask.
<KingOfDos> i'm going to sleep now (it's already 03:37)
<KingOfDos> ;)
<KingOfDos> nn
<ScottK> May I suggest filing bugs against ubuntu-doc or talking to sommer about what you learn so we can improve the experience of the next guy.
<ScottK> He does most of the work on the Server Guide.
<tethridge> Kamping_Kaiser, I'm not sure what I'm looking for in the dpkg log.  Any other suggestions?
<Kamping_Kaiser> tethridge, to check what packages you installed from security before your sysstem broke. it might give you some idea where to look
<Shanix> downhill_, thanks
<downhill_> sure :p good luck. hopefully someone knows
<ball> Urgh!
<ksoviero> i am having a problem with cups
<ksoviero> when ever i install it, on a server in kills that server... all processes, everything stopped when i install cups
<ksoviero> anyone?
<mib_6cdwrsb0> anyone available for help
<ScottK> Depends on what kind of help you need.
<ScottK> Best just to ask your question and see.
<mib_6cdwrsb0>  a question bout sqiud
<mib_6cdwrsb0> does it work
<mib_6cdwrsb0> without editing anything
<mib_6cdwrsb0> on ubuntu server
<mib_6cdwrsb0> Soz Squid*
<Nat_RH> Define 'work', depends what you want it to do
<mib_6cdwrsb0> work
<mib_6cdwrsb0> :D
<mib_6cdwrsb0> Just run as it should for my windows pcs
<ScottK> https://help.ubuntu.com/8.10/serverguide/C/squid.html
<mib_6cdwrsb0> thanks so much
<Nat_RH> Define the networks and you should be good...I'd spend a little time reading up on it however
<mib_6cdwrsb0> ok thankyou
<mib_6cdwrsb0> now, on to ndiswrapper ppl who don't talk to me :(
<Nat_RH> Was that a question?
<mib_6cdwrsb0> not really :D
<mib_6cdwrsb0> well depends, if anyone here can help, yes, if not, no
<mib_6cdwrsb0> arg! downloading ubuntu server is a trek @ 151 kb/s
<Nat_RH> Better than some others with 6 CD's
<mib_6cdwrsb0> true
<mib_6cdwrsb0> How come we're the only people talking
<mib_6cdwrsb0> you, scottk and me
<Nat_RH> Everybody else is sleeping...shhhh or you will disturb them
<mib_6cdwrsb0> Ah...
<mib_6cdwrsb0> :D
<mib_6cdwrsb0> so why are they still here?
<Nat_RH> Insomnia
<mib_6cdwrsb0> I see :D
<mib_6cdwrsb0> In that case, XKCD.com
<mib_6cdwrsb0> :D
<mib_6cdwrsb0> Now to give you blow by blow of my instalation of ubuntu server
<mib_6cdwrsb0> :D
<mib_6cdwrsb0> inserts dusty gparted cd
<Nat_RH> Fun stuff
<mib_6cdwrsb0> ya :D
<mib_6cdwrsb0> now to boot from disc...
<mib_6cdwrsb0> noo!
<mib_6cdwrsb0> my cpu...
<mib_6cdwrsb0> Ive been cheated out of about 170mhz....
<mib_6cdwrsb0> from 900 to733 :(
<mib_6cdwrsb0> I'm scaring you all away...
<p_quarles> mib_6cdwrsb0: this is a support channel; take your inane banter elsewhere pls?
<mib_6cdwrsb0> ok sorry
<Lord_Devi> I've recently suffered a terrible raid5 failure. Interested in improving the reliability of my fileserver when i rebuild it, I've been looking harder into raid10 and even zfs's raid-z. However I am still left wondering which solutions provide the best protection for me. (Yes.. backup.. I know) Anyone have any advice for me?
<tolga> hello
<tolga> i need help with roundcube. can someone help?
<agentk> tolga: Never heard of it but I do see it in the repos. How about you just throw your question into the fray here.
<ropetin> tolga: based on the recent spate of security issues with it, I'd avoid it :)  Although it is pretty cool.  What's your problem?
<UndertakerX2> How can i download files from a svn server to my ubuntu lamp server
<ropetin> UndertakerX2: svn checkout
<ropetin> Probably
<UndertakerX2> svn checkout url ?
<ropetin> svn checkout file:///repository_name/project/trunk project
<erichammond1> UndertakerX2: Or, if you just want a copy without all the .svn subdirectories (with no chance to commit changes): svn export ...
<UndertakerX2> sorry im trying to learn shell commands still. so i do i download an svn from http://svn.what.cd/repos/project_gazelle to my usr/www folder?
<UndertakerX2> so how do i*
<UndertakerX2> svn checkout file:///svn.what.cd/repos/project_gazelle
<UndertakerX2> is this right? svn checkout http://svn.what.cd/repos/project_gazelle usr/www
<UndertakerX2> how do i make my ubuntu lamp server avaliable to my LAN only?
<ropetin> UndertakerX2: don't give it a WAN IP and/or don't port forward to it?  What is handling your Internet connection?
<Talon^> does anyone know how to get apache2 to work as a common gateway interface with perl, without enabling mod_perl?
<Talon^> mod_perl has a problem, which doesnt allow perl buffering to be disabled, thus causing a blank screen on any browser for my streaming content
<d-b> hi there how do i disable the add for landscape in 8.10 ?
<UndertakerX2> how can i access my ubuntu server with in my network?
<d-b> UndertakerX2: ssh ?
<UndertakerX2> i want to actually access the content in usr/www like through a web browser on another pc
<d-b> /var/www ?
<d-b> well what is your other pc running there is winscp or you can use nautilus / other file browsers (which often have support for this).
<d-b> alternatively share it using samba or ftp....
<UndertakerX2> I dont want it browsed for files, i want it to look like a web site, i want to be bale to access from a win xp computer on the network as if it were a website
<UndertakerX2> er actually win 7 comp but you get the idea i suppose?
<ropetin> UndertakerX2: You mean what software do you need on the server, what software do you need on the client, or what do you have to type on the client to access it?
<UndertakerX2> I want to know what to type for other clients to access it, i have lamp and open ssh, would i really need samba?
<ropetin> No, they would use a web browser, like Firefox
<d-b> you want to export / via apache ?
<ropetin> If the IP of your server is 192.168.0.1, they would type http://192.168.0.1 into their browser
<UndertakerX2> how can i figure out mylocal ip rather then my isp ip?
<UndertakerX2> nevermind, i got it but i cant access it via 192.168.1.2
<ropetin> open a terminal and type, 'sudo ifconfig | more' and look for the one that starts 10,192,172
<ropetin> What do you get when  you type that?
<UndertakerX2> server not found, does it matter that ubunru is being run as a vm(guest)?
<UndertakerX2> sorry it says connection interupted
<ropetin> UndertakerX2: it shouldn't matter that it's in a VM, are they both on the same subnet?
<UndertakerX2> yep same pc for that matter, im trying to acces it on my xp machine which has ubuntu guest
<ropetin> Are you sharing an IP maybe?  How do you have the networking configured in the VM?  What about firewall maybe?
<UndertakerX2> let me check but it does seem to be sharing an ip
<ropetin> That would be a problem then
<UndertakerX2> well the router says im sharing an ip but ipconfig in win and ifconfig in ubuntu report diffrent ips
<ropetin> Thats better then
<ropetin> DO you have a firewall running on the server?
<UndertakerX2> i got it!
<UndertakerX2> thanks for all the help ropertin
<ropetin> NP!
<UndertakerX2> hmm i cant seem to access a sub dir in www? permision prob?
<UndertakerX2> dir reports the folder there but win wont access it
<UndertakerX2> dir in ubuntu*
<UndertakerX2> ubuntu shows me theres files in the the dir
<asteyn> Hi, I know it's not officially supported, but is it possible to upgrade ubuntu server lts dapper to the latest one?  Some rough guide somewhere?  I'm fairly skilled with linux so I'll be able to fix whats not supported, but would like to follow some official procedure as far as possible
<asteyn> Also, it's mostly running as a lamp type server, any estimates on how many things will break? :P
<ikonia> asteyn: just upgrade through the releases
<asteyn> ikonia: whats the proper way to do that?
<ikonia> !upgrade
<ubottu> For upgrading, see the instructions at https://help.ubuntu.com/community/UpgradeNotes
<asteyn> update-manager-core ?
<asteyn> *click*
<ikonia> well if your running a server with xwindows you can do that
<asteyn> nah, no x ..ok but that link seems to be what I'm looking for
<asteyn> thanks :)
<ikonia> no problem
<UndertakerX2> how do i move a set of files and folders from one folder to another
<ikonia> UndertakerX2: with the "mv" command
<ikonia> UndertakerX2: if your unsure of basic command line interaction, running the ubuntu desktop CD maybe a better learning experience as you can use a solid desktop environment while experimenting with the command line
<UndertakerX2> yes im aware but im not interested in a desktop.
<UndertakerX2> thanks for the tips though :)
<ikonia> the desktop may make your learning experience easier
<ikonia> eg: if there is a problem you can use some of the tools to fix the problem then go back and understand how that happened
<ikonia> if you're lacking basic command line awareness of commands like "mv" then it will not be possible for people to talk you through fixing all things with a command line as you'd be lacking the experience
<ikonia> where as using a desktop to fix a problem people can walk you through that, but then can also explain how that would be done through the command line, but in the mean time you'll have a working system
<UndertakerX2> im aware just forgetfull
<UndertakerX2> I already have a working system
<ikonia> as I said the desktop has an excellent command line interface through terminals, and for learining having  multiple terminals on screen is excellent
<ikonia> eg: two terminals open, one to "do" the commands and the other to say check a man page, or the "--help" option of the command etc etc
<ikonia> just food for thought
<UndertakerX2> ikonia, i apreciate the advice, and i dont want to sound rude, but can you accept that i want to run server edition?
<ikonia> I can totally accept that, I find it foolish to do unless you are running on enterprise class kit, as the "home user" kit is really better suited to the desktop vesion, but it's your call if you wish to not use the best tools for the job, and make things hard for yourself
<ikonia> and of course you can totally disable X server on the desktop version
<UndertakerX2> well lets see, server installs lamp and works out most of the major configuration for me as oposed to hours in desktop
<ikonia> UndertakerX2: it's one command in the desktop version "sudo apt-get install mysql-server apache2 php5"
<ikonia> UndertakerX2: not really hours of working out
<Deeps> actually, it's tasksel install lamp-server
<Deeps> or apt-get install lamp-server^
<UndertakerX2> well from the tuts i read it never mentioned that
<Deeps> to install the lamp-server task
<ikonia> Deeps: yes, you can use the meta package
<Deeps> which will also perform all post-installation configuration that the server install does too
<UndertakerX2> thats cool, and informative, but im quite happy with the server edition, slowly but surley getting the hang of things. how is it that the server is enterprise strength though when there esentially the same thing
<UndertakerX2> i am open to learn ;)
<Deeps> depends on your definition of enterprise strength
<UndertakerX2> well i didnt use the word so i dunno :p
<UndertakerX2> use it initally*
<Deeps> I believe ikonia meant that it wouldn't be advisable to run ubuntu-desktop on a machine that should be a server in an enterprise environment
<UndertakerX2> desktop or server? i understood it as server was enterprise strength?
<Deeps> I dont see anyone mentioning enterprise strength in here?
<Deeps> (other than you, that is)
<UndertakerX2> |04:58| Â»Â» [ikonia] I can totally accept that, I find it foolish to do unless you are running on enterprise class kit, as the "home user" kit is really better suited to the desktop vesion, but it's your call if you wish to not use the best tools for the job, and make things hard for yourself
<ikonia> sorry was away from the keyboard for a moment
<Deeps> indeed, read what I believe to be clarification of what he was saying
<UndertakerX2> thats ok just getting educated :)
<Deeps> ah the man himself is here now, he can clarify himself :)
<ikonia> I meant things like the kernel has been tweaked for things like large memory configuration ( I doubt your running 32GB of ram in your home desktop) home hardware modules such as nvidia chipsets (forcedeath I think - from memory ) are not present
<ikonia> (just as an easy example)
<UndertakerX2> i actually have 40 gb :p
<ikonia> UndertakerX2: you've got 40GB of ram
<Nafallo> nafallo@wizard:~$ grep FORCEDETH devel/kernels/ubuntu-hardy/debian/config/i386/config.server
<Nafallo> CONFIG_FORCEDETH=m
<UndertakerX2> and i dont care much for nvidia chipsets :p
<ikonia> Nafallo: oh, it is there - there are others removed
<UndertakerX2> but i understand what you mean
<UndertakerX2> one last question if ewither one of you kind souls will assits, when i use mv usr/www/trunk /usr/www it says there the same file
<ikonia> check if it's a symlink
<ikonia> I'm not away of /usr/www/trunk
<ikonia> aware
<UndertakerX2> it shouldnt be, i downloaded a svn repo and it downloaded trunk folder into www
<UndertakerX2> dir shows the folder is there and files inside
<ikonia> UndertakerX2: you've probably messed up the svn checkout
<Deeps> mv /usr/www/trunk/* /usr/www/
<Deeps> may be what you're looking for
<ikonia> ooh this is the move command you where looking for
<ikonia> I thought you said you wheer familier with it - just forgot ?
<UndertakerX2> deeps it says cant start, no such filer or dir
<Deeps> you cant move /usr/www/trunk /usr/www becuase it's attempting to move the dir 'trunk' from /usr/www to /usr/www, which isn't a move at all
<ikonia> then look at the path
<Deeps> UndertakerX2: are you sure your www dir is in /usr and not in /var?
<UndertakerX2> smacks myself in the head
<UndertakerX2> i think your right
<ikonia> come on
<ikonia> you said you knew how to do this
<ikonia> the error says "no such file"
<UndertakerX2> its only 5 am here
<ikonia> so ?
<UndertakerX2> know , yes , its called forgetting and lack of sleep :p
<Deeps> ikonia: easy now
<UndertakerX2> thanks deeps
<UndertakerX2> actually it is in usr, just checked
<ikonia> UndertakerX2 your svn checkout is probably in usr as that's what you told it to do
<ikonia> but the apache root should be /var/www
<UndertakerX2> hmm alright, usr is the only dir that shows up when i use dir from root
<ikonia> I suggest you go to sleep and look at this with fresh set of eyes
<UndertakerX2> well once this is done i just need to set up a db and then everything ready to go and ill be working with php which im more a custom to
<ikonia> well if your making mistakes due to being tired, go sleep and look at it in the morning with fresh eyes
<UndertakerX2> nah for some reason any time i had a major bug in a php script i always figuered it out when i was real tirerd
<ikonia> then do it
<ikonia> you seem to have conflicting information
<ikonia> you said you know what you do - but forget
<ikonia> then you know what to do but your making mistakes
<ikonia> now you always fix it ?
<UndertakerX2> but i have been working with php for years, linux months off and on
<UndertakerX2> no i said i fix php errors
<UndertakerX2> not linux probs
<ikonia> exaclty - so working on it while tired with little experience is not a good idea
<UndertakerX2> ok thats nice
<ikonia> if you sleep on it, and come back with fresh eyes you'll probably see the problems your self
<ikonia> and if not you'll be able to debug it easier with us
<UndertakerX2> sure
<UndertakerX2> atleast im trying here but lets come down hard on the new guy for trying
<ikonia> no-one is coming down hard on you
<ikonia> trying is great,
<UndertakerX2> well it looks like im not the only one who see it that way
<UndertakerX2> but whatever
<ikonia> but if your new and your making mistakes becauase your tired it's not a good idea
<UndertakerX2> grub time
<psteyn> Hi, I just upgraded my ubuntu dapper server to latest lts, and when I try start mysql I get: /etc/init.d/mysql: ERROR: The partition with your_home_directory/mysql/var is too full!
<psteyn> but df -h shows my /var parition as only 38% used...and the others are also below 30% use
<ikonia> psteyn: have you looked at the file system sizwe ?
<ikonia> psteyn: /mysql/var is not /var
<ikonia> psteyn: are any of the file systems close to full ?
<psteyn> ikonia: no
<psteyn> ./var is the fullest at 38% use
<ikonia> psteyn: firt thing to do is look at the init script and see what it's actually calling, then run that yourself to get better output
<ikonia> psteyn: also look at the syslog and the mysql.err log in /var/log
<ikonia> that may give you a better clue
<ikonia> psteyn: also look at your /etc/my.cnf (mysql config) to see what directories are required, "too full" could mean "can't write" which is a permissions error
<psteyn> nah its an init script error, just commented out the exit for now and seeing if it starts
<Deeps> psteyn: might wanna check what datadir is set to in /etc/mysql/my.cnf
<psteyn> ok
<psteyn> ok, now my php5 isn't loading its modules..even though the Loaded Configuration File 	/etc/php5/apache2/php.ini  has extension=mysql.so  extension=mysqli.so  extension=libgd.so  extension=gd.so
<psteyn> any ideas?
<UndertakerX2> are there any other file editors for command line, tried using the default vi but doesnt play well with my keyboard when suing vi in vmware or win xp
<Deeps> emacs, nano, pico
<Deeps> are all popular choices
<UndertakerX2> ok thanks deeps
<andol> UndertakerX2: If you are going to install emacs on a server you might want to take a look at the package emacs22-nox. That way you won't have to install all kinds of X dependencies.
<UndertakerX2> THANKS, NANO S WORKING GREAT THOUGH
<UndertakerX2> cap lock sorry
<techsupport> hi, little problem with screen
<techsupport> errrr , wrong nick
<orudie> screen -r
<orudie> There are several suitable screens on:
<orudie>         18928.pts-0.linode      (02/06/09 20:42:17)     (Detached)
<orudie>         2739.pts-0.linode       (02/02/09 21:43:42)     (Detached)
<orudie> Type "screen [-d] -r [pid.]tty.host" to resume one of them.
<UndertakerX2> When i try to access my server on my xp machine(ubuntu guest), no problem, but if i try to access it from a win 7 pv on my lan i get connection interupted error. Whats wrong?
<Mohammad[B]> ubottu, flood
<ubottu> pastebin is a service to post multiple-lined texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu.com (make sure you give us the URL for your paste - see also the channel topic)
<orudie> http://paste.ubuntu.com/115172/
<orudie> broblem ^ with screen
<UndertakerX2> When i try to access my server on my xp machine(ubuntu guest), no problem, but if i try to access it from a win 7 pv on my lan i get connection interupted error. Whats wrong?
<psteyn> awesome, got the upgrade done...went very smoothly I'm impressed.  From dapper to latest, only a few nags.  Last thing, I'm running 64bit server with 4gbs of ram but it's only showing around 2.5...I know how to fix this in the kernel config, but whats the ubuntu way to get this done
<psteyn> I saw a post saying I should install: apt-get install linux-headers-server linux-image-server linux-server
<psteyn> Would that do the trick?
<UndertakerX2> psteyn: are you running ubuntu as a a virtual machine?
<psteyn> no, live server
<UndertakerX2> k just checking
<psteyn> currently my uname -r shows: 2.6.24-23-server
<psteyn> and its running a dual core opteron
<psteyn> how can I get 4gb or more working on ubuntu server?
<LMJ> psteyn : choose a 64bits system
<LMJ> psteyn : by reading, i've seen you already have it
<psteyn> yeah, as far as I can tell it is 64bit already
<psteyn> but still dont see all ram :|
<psteyn> oh well, im tired now, will worry about that later
<psteyn> cheers, tnx for the help guys
<LMJ> k
<LMJ> ccu
<LMJ> cu*
<Deeps> bug 283543
<uvirtbot> Launchpad bug 283543 in wlassistant "archive removal request: wlassistant is uninstallable due to kicker being dropped" [Undecided,Fix released] https://launchpad.net/bugs/283543
<bn43> hi all - I have been using ubuntu server for file serving and internet gateway but now have to monitory heavy internet users - draw up a weekly report on each host - loaded ntop and still tryin to figure it out - it loses data on reboot
<bn43> is anyone an ntop guru here?
<bn43> anyone?
<CoolCold> by users u mean ips ?
<bn43> yes
<CoolCold> if yes, u can try to count bytes with iptables
<CoolCold> then read them and export data to rrd
<CoolCold> but i guess there should be more simple way
<imo> hello
<imo> how can i change my my DHCP to Static IP  ??
<imo> sorry i installed first time ubuntu server
<CoolCold> not sure about ubuntu, but in debian - edit /etc/network/interfaces
<Deeps> imo: https://help.ubuntu.com/8.04/serverguide/C/network-configuration.html
<imo> thanks
<imo> where can i find a help file for ubuntu server  ?
<imo> maybe in german :) ?
<Deeps> https://help.ubuntu.com/
<imo> thanks
<Kartagis> can anybody help me about roundcube please?
<CoolCold> and what the problem is?
<Kartagis> does roundcube check IMAP folders automatically?
<imo> i have open the file /etc/network/interfaces with nano and i have change the lines
<imo> but now i dont get any ip :D ?
<imo> i have changed auto eth0
<imo> iface eth0 inet dhcp
<imo> to
<imo> iface eth0 inet static
<imo> 	address 192.168.178.150
<imo> 	netmask 255.255.255.0
<imo> 	gateway 192.168.178.1
<imo> can anybody help me please ?
<imo> i have read the instruction and id do this
<imo> but i dont get any ip
<Nat_RH> Restart networking?
<imo> i restart the server
<alex_joni> imo: check "ifconfig" and look what it says
<imo> i checked
<imo> i dont have any ip
<imo> only localhst
<imo> its strange
<Nat_RH> /var/log/messages contain any errors?
<alex_joni> that means it didn't detect the card
<alex_joni> probably a missing driver or such
<imo> no
<imo> then i use dhcp
<alex_joni> imo: check "dmesg | grep eth"
<imo> i get a ip
<imo> how i tip | ??
<Deeps> imo: did you remove the 'auto eth0' as well?
<imo> on ubuntu server i have only console or desktop ?
<imo> yes i remove auto eth0
<imo> i have only
<Deeps> yep you probably want that in there still
<Deeps> auto eth0 means - automatically configure eth0 on boot using the settings in this file
<imo> iface eth0 inet static
<imo> 	address 192.168.178.150
<imo> 	netmask 255.255.255.0
<imo> 	gateway 192.168.178.1
<Deeps> put the auto eth0 back in and then restart networking and it'll work as you're expecting it to
<imo> no i need static ip
<Deeps> i know
<Deeps> auto eth0 means it will automatically configure eth0 on boot using the settings in this file
<imo> ahh ok
<imo> how can i restart the network ?
<imo> or must reboot ?
<Deeps> sudo /etc/init.d/networking restart
<imo> yes
<imo> i have ip :)
<imo> thanks
<Deeps> the reason it didnt appear in ifconfig before was because it hadn't been configured
<Deeps> `ifconfig -a` lists all network interfaces, configured and 'up' or not
<Deeps> an alternative to restarting the entire network would have been to simply `ifup eth0`, and that would bring up the eth0 interface based on the settings in /etc/network/interfaces
<Deeps> `ifdown eth0` would take it down too, so you can edit interfaces, ifdown eth0 && ifup eth0 and update that interface witohut a reboot or restarting the whole network
<imo> ok
<imo> thanks
<imo> how can i install openVPN ?
<DogWater> I'm going to ask a quick / quirky question. If you guys ordered a hosted server from a datacenter with 8.10 - server on it would you expect them to install Gnome / vnc on it?
<PurplePlus> Not really
<genii> Isn't that what ssh is for?
<DogWater> Right, I was just wondering. Someone wrote a bad review for a company because they just installed the base-os
<DogWater> kinda wierd that these RHCE guys get trained to be all GUI intensive
<genii> Obviously the reviewer likes his gui tools or so.
<DogWater> I mean you can install that stuff from ssh is all i'm saying
<DogWater> i believe its even all grouped together
<genii> DogWater: Yeah the point of having a barebones cli box is so you can set it up however you like
<genii> Although some web based gui would make more sense than Gnome/vnc or so
<DogWater> yeah but then you run into security issues with webmin, etc
<antdedyet> there is also the ebox framework, which has had some comments about it's ability to manage a ubuntu server via apache serving an http front-end and with some of ebox's back-end management plugins.
<genii> Webmin was deprecated and i think now removed. ebox is the supposed replacement but I do not think 8.04 for instance shipped with a working package of it
<Nafallo> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<genii> For the brave there is also manual install of cipux
<antdedyet> genii: not sure on the 8.04 version shipped, if any. it's in 8.10 though.
<genii> !info ebox hardy
<ubottu> ebox (source: ebox): the eBox platform - Base framework. In component universe, is optional. Version 0.11.99-0ubuntu11 (hardy), package size 293 kB, installed size 2324 kB
<antdedyet> there you go.
<genii> :)
<DogWater> ive seen some people also try to install cpanel on ubuntu ;-)
<DogWater> good times
<antdedyet> IIRC, some of ubuntu's developers were involved with the ebox development
<antdedyet> it should gain a little functional merit, from that aspect, one could assume
<ethana2> hello, wooooooo
<wooooooo> Hi
<wooooooo> I installed ubuntu server on my computer and then installed a gnome desktop environment on top of that.  By doing so, I wished to be able to have just the CLI of the server for raw processing power, but also be able to open up a GUI to do other things.
<wooooooo> my problem is that when I load up the ubuntu server, it automatically goes to the GUI.  I would like to go to just the CLI first.  Does anyone know how I can set the GUI to not load automatically????
<Deeps> at a guess, update-rc.d -f gdm remove
<ethana2> Deeps: so you're saying just put 'update-rc.d -f gdm remove' into the terminal?
<Deeps> `update-rc.d -f gdm remove`, rather
<Deeps> urr
<Deeps> `sudo update-rc.d -f gdm remove`
<wooooooo> alright
<wooooooo> thanks
<wooooooo> I'll try it
<wooooooo> it partially worked, but now my sound is disabled 'either because you have no sound devices or your sound card is not configured'
<wooooooo> and my user switcher failed to load
<Deeps> your 'user switcher'?
<wooooooo> yeah
<wooooooo> I guess that that'd be what asks for my user name and password
<wooooooo> and I could guess that that failed to load because I already logged into the server before going to the GUI
<ethana2> wooooooo: yes.
<Deeps> you should just get a text login prompt at boot time now
<wooooooo> yeah, I did
<ethana2> yeah, then it'd be a bug if you /did/ see the gdm login screen
<wooooooo> any idea what's going on with the sound card????
<ethana2> generally servers probably don't need sound
<ethana2> I'd guess it just skipped that
<wooooooo> yeah, but it worked in the GUI before I put in that line to get rid of the automatic GUI start
<ethana2> hmmmm
<Deeps> `sudo /etc/init.d/gdm start` will start up the gui for you again
<ethana2> Deeps: so not just 'gdm'?
<wooooooo> gdm didn't start
<wooooooo> I used 'startx' to get here
<Deeps> that may work too, but wouldn't be the recommended way
<ethana2> is it a good idea to use 'sudo' for that?
<wooooooo> it said I didn't have the permissions when I tried to start with 'gdm'
<Deeps> ethana2: that may work too, but wouldn't be the recommended way
<Deeps> ethana2: and yes, you need to start a system service with sudo
<ethana2> hmm
<ethana2> ahh
<ethana2> but it doesn't run it as root then
<Deeps> no
<ethana2> oh, ok, good
<ethana2> wooooooo: take that command and alias it
<wooooooo> so
<wooooooo> 'sudo gdm'
<wooooooo> ????
<ethana2> sudo /etc/init.d/gdm start
<Deeps> `sudo /etc/init.d/gdm start`
<ethana2> but first
<Deeps> will bring up your login chooser screen
<ethana2> gksu ~/.bashrc
<ethana2> I'm going to make this simpler for you
<wooooooo> k
<wooooooo> lol
<ethana2> whoops
<wooooooo> ????
<ethana2> gksu gedit ~/.bashrc
<ethana2> sorry about that
<Deeps> bad idea btw
<wooooooo> what does that do????
<Deeps> using aliases to perform system tasks
<wooooooo> I don't mind it bringing up my chooser login screen if it wants to
<ethana2> Deeps: wait, can non-root apps modify .bashrc?
<Deeps> ethana2: yep
<ethana2> holy crap
<ethana2> there goes all my security
<ethana2> how do I change that?
 * ethana2 modifies permissions on his .bashrc
<Deeps> well, it's typically owned by you
<Deeps> so your user account can edit it
<ethana2> yeah, I use that for all my system admin actions
<Deeps> if your account gets compromised, it can be editted
<ethana2> I can't have that able to be modified
<Deeps> if you dont want your useraccount able to modify it, change ownership to root, but allow your user still able to read it
<ethana2> k, set to read only
<ethana2> oh
 * ethana2 does that
<Deeps> bash may cry at login time though
<wooooooo> alright
<wooooooo> sudo /etc/init.d/gdm start
<wooooooo> I'll try that and see what it does
<Deeps> do that without X running
<ethana2> k, done
<ethana2> I'm glad you told me that, Deeps
<Deeps> ls -la ~
<Deeps> shows you all the files in your home directory, and the relevant perms + ownership on them
<ethana2> list -la ~
<ethana2> ah, k
<Deeps> ls, not list
<ethana2> list on my rigs
<ethana2> ;)
 * Deeps rolls eyes
<ethana2> I just wish long arguments didn't have two dashes
<Deeps> an alias to make a command longer, logic--
<ethana2> an alias to support my mom over the phone
<ethana2> logic++
<Deeps> haha
<ethana2> the CLI doesn't have to be scary
<ethana2> I also have a remove() function that moves files to the trash
<Deeps> fun
<ethana2> I want to start my own distro
<ethana2> Ethbuntu : So easy to use, it's not unix anymore.
<ethana2> wooooooo, I invoke thee
<Deeps> have a look at linux mint, it's attempting to do that
<ethana2> well, it goes the wrong way on several things
<wooooooo> Thank you, Deeps
<wooooooo> it worked
<Deeps> np
<ethana2> I'm going to test the permission changes I made to my .bashrc
<ethana2> by logging out and in
<wooooooo> but I have another question
<ethana2> brb
<wooooooo> do you have any idea how I could get wireless internet on here
<Deeps> iwconfig i guess
<wooooooo> the server doesn't seem to be detecting that
<wooooooo> alright
<Deeps> not sure how you'd go about configuring it in the interfaces file though
<wooooooo> shawn@ubuntu:~$ iwconfig
<wooooooo> lo        no wireless extensions.
<wooooooo> eth0      no wireless extensions.
<wooooooo> wmaster0  no wireless extensions.
<wooooooo> wlan0     IEEE 802.11bg  ESSID:""
<wooooooo>           Mode:Managed  Frequency:2.412 GHz  Access Point: Not-Associated
<wooooooo>           Tx-Power=0 dBm
<Deeps> not many servers run on wireless
<wooooooo>           Retry min limit:7   RTS thr:off   Fragment thr=2352 B
<wooooooo>           Power Management:off
<wooooooo>           Link Quality:0  Signal level:0  Noise level:0
<wooooooo>           Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0
<wooooooo>           Tx excessive retries:0  Invalid misc:0   Missed beacon:0
<Deeps> google friend, google is your friend
<wooooooo> shawn@ubuntu:~$
<wooooooo> mmhmm
<wooooooo> heh
<wooooooo> alright
<Deeps> as is paste.ubuntu.com
<Deeps> instead of pasting it all in here
<ethana2> works fine
<Deeps> cool
<wooooooo> It appears that I didn't have a driver that I needed
<Deeps> iwconfig sees wlan0 as being a wireless device, that means you have wireless support, you just need to configure it
<wooooooo> hm
<wooooooo> hm
<wooooooo> it doesn't seem to be working
<wooooooo> "unknown hardware address type 801"
<wooooooo> I tried to configure my wireless network, but it doesn't seem to be working
<wooooooo> any ideas????
<ethana2> wooooooo: run 'lspci', put it on paste.ubuntu.com, and put the link here
<ethana2> it's likely to be at least marginally helpful
<ethana2> remember to use your mouse to copy and paste with the terminal
<ethana2> as ctrl+c does something a little different...
<wooooooo> http://paste.ubuntu.com/115428/
<ethana2> Deeps: any thoughts?
<ethana2> ah yes, broadcom...
<wooooooo> Deep thoughts  :)  :)
<ethana2> in gnome, try the restricted driver manager
<Deeps> what command gives you that "unknown hardware address type 801" error?
<wooooooo> shawn@ubuntu:~$ sudo dhclient wlan0
<Deeps> have you configured wlan0 onto an essid?
<wooooooo> nope
<Deeps> you need to do that first
<wooooooo> how do I do that????
<Deeps> google iwconfig wireless ubuntu
<Deeps> http://www.dailygeeks.com/howto/manual-wireless-configuration-with-iwconfig-in-ubuntu/
<ethana2> https://help.ubuntu.com/community/WifiDocs/WirelessTroubleShootingGuide
<Deeps> https://help.ubuntu.com/community/WifiDocs/WiFiHowTo
<Deeps> you can skip past anything about driver configuration, your drivers are fine
<Deeps> you just need to configure with iwconfig
<wooooooo> I did lshw and didn't see a driver connected to the device
<wooooooo> configuration: broadcast=yes multicast=yes wireless=IEEE 802.11bg
<Deeps> last time: you dont have a driver issue, you simple need to configure wlan0 with iwconfig
<wooooooo> alright
<wooooooo1> Deeps
<wooooooo1> it still doesn't work
<wooooooo1> shouldn't my wireless be able to just see the available connection????
<hads> iwlist
<wooooooo1> hm....and I have my network manager in the panel and it shows eth0 and lo as my only options
<wooooooo1> shawn@ubuntu:~$ iwlist wlan0 scanning
<wooooooo1> wlan0     No scan results
<hads> Oh, if you're using network-manager you might get more help in a channel that uses GUIs more.
<wooooooo1> ah.  The reason I'm here is that I'm installing a GUI on top of the server
<wooooooo1> and I'm trying to get wireless capability
<Deeps> if you're using the gui to configure anything, #ubuntu is where you need to ask
<wooooooo1> alright
<larswey> How do i disable the monitor sleep function?
<CoolCold> btw, is there is way to check which binaries/libs where installed 'by hand' ?
<CoolCold> i guess it could be done with checking md5sums
#ubuntu-server 2009-02-08
<genii> Asked this in ##linux already but no takers, maybe on the offchance someone here knows: Any way to execute(not redirect it's output) an app on a different tty/pty ? Something like: echo -e "ls -l\r"  doesn't work. Also noticed if you use for instance \010  and then hit Enter on the other terminal, it does not register as a command either. Some way to stuff the keypress buffer perhaps of another tty?
<UndertakerX2> what are hgfx shares?
<ziroday> Hi, anyone familiar with snort? I can't work out how I am meant to include all the rule sets
<ropetin> ziroday: are they in the rules path?
<ropetin> If so, just put an include statement in the snort.conf file for each rule you want to include
<ziroday> ropetin: no, do I have to list each rule manually or can I do include $RULE_PATH/community* ?
<ropetin> I /believe/ you have to list each one manually, which is how I do it and it works
<ropetin> I don't 100% know though
<ziroday> ropetin: urgh, okay thanks!
<ropetin> NP!
<ziroday> ropetin: well I tried the /community-* and that didn't work
<ziroday> so time to go write out a bunch of include lines
<ropetin> :D
<UndertakerX2> i cant seem to access phpmyadmin
<UndertakerX2> even though it is installed and configuered for apache 2
<ziroday> UndertakerX2: permissions?
<UndertakerX2> not sure but its not showing up in var/www/ at all
<ziroday> UndertakerX2: err where did you save the phpmyadmin file then?
<UndertakerX2> I have no idea, i did sudo apt-get phpmyadmin, it asked me if it was apache2,apache,something else and light
<ziroday> UndertakerX2: okay
<UndertakerX2> i chose apache 2, and it said it was done
<ziroday> UndertakerX2: and going to http://myhost/phpmyadmin doesn't work?
<UndertakerX2> nope
<ziroday> UndertakerX2: sorry, only ever install phpmyadmin manually
<UndertakerX2> by downloading the php files?
<ziroday> UndertakerX2: yep
<ropetin> UndertakerX2: apparently you have to add something to the apache config file to make it work;
<ropetin> https://help.ubuntu.com/community/phpMyAdmin
<ropetin> Canonical have some good help documents
<UndertakerX2> oh ok i found another tut but didnt mention the apahce config edit
<UndertakerX2> thanks very much to both of you
<UndertakerX2> all though i would have though selecting apache 2 should have doen that for me, double checking now
<UndertakerX2> can i add that line nay where in apache.conf?
<ropetin> Looking at it, that appears to be for apache.  You have Apache2, right?
<UndertakerX2> yes
<UndertakerX2> that code worked all the same, thanks again ropetin
<ropetin> NP!
<UndertakerX2> ropetin: maybe you can help me with another roadblock? I am running ubuntu in wmare as guest on my xp machine(wired) however I have a laptop on my lan running win 7(wirless) and cant seem to access my server. Any ideas?
<UndertakerX2> the xp machine can access the server
<ropetin> routing issue?  Are they all on the same subnet?  Firewall issue?
<UndertakerX2> subnet, yes. As ofr firewall i run comodo pro in xp, and when it detects new netowrks it has an option to enable access from other pcs on the network. I check marked this if memorey servers me right.
<UndertakerX2> hmm then again i do have a firewall in my router.
<ropetin> Can you at least ping the server?
<UndertakerX2> maybe thats the culprit?
<ropetin> Could be
<UndertakerX2> havent tried
<ropetin> Go for it
<UndertakerX2> k
<UndertakerX2> request timed out when i pinf from win 7
<UndertakerX2> ping*
<ropetin> OK, so try disabling the firewall and try again
<UndertakerX2> software firewall off and it gave me ping time out again
<ropetin> What are the two IPs?
<UndertakerX2> 2 ips? which 2? :S
<UndertakerX2> obviously the server ip..
<UndertakerX2> and?
<UndertakerX2> oh the 2 ips ubuntu gives me?
<ropetin> The server IP and the one you're trying to connect from
<UndertakerX2> server = http://192.168.56.132/
<UndertakerX2> ip from notebook=192.168.1.3
<ropetin> And what netmask do they have assigned?
<UndertakerX2> 255.0.0.0 on server
<UndertakerX2> notbook = 255.255.255.0
<UndertakerX2> guest the subnet is diffrent :p
<ropetin> Yup yup
<UndertakerX2> err wait
<UndertakerX2> eth0 has the same subnet bu lo has 255.0.0.0
<ropetin> Which is fine
<ropetin> You mean both have 255.255.255.0?
<ropetin> If so, the two won't be able to talk to each other
<UndertakerX2> the server and win7 yes
<UndertakerX2> ohh?
<UndertakerX2> but how come my xp machine can access it?
<UndertakerX2> it has the same mask?
<ropetin> You're using VMWare correct?  It installs one or more 'fake' network adapters to communicate with the VMs, depending on how you have the virtual NICs configured
<UndertakerX2> yeah it has 2 installed
<ropetin> And one of those will have the same subnet configured as teh server, even if the physical NIC is different
<UndertakerX2> oh? ok so how do i proceed?
<ropetin> You could change the networking configuration of VMWare to use bridged mode, but this is REALLY beyond ubuntu-server support, I'd refer you to the VMWare documentation and their support
<UndertakerX2> that works, i have soemthing i gotta do anyways :p your a life saver though, thanks for taking an hour or so to help a noob, your help is more apreciated then you know!
<ropetin> NP!
<roy_hobbs> Is there some sort of repository server or cache to facilitate updating many clients on a local network?
<roy_hobbs> Slightly related, the Ubuntu server guide is great, but has anyone seen anything similar about managing desktops on a network (other than the authentication section) topics such as options for where to store system files (network or local) and where to store user files...
<ropetin> On the first question, apt-mirror might hel
<ropetin> p
<hads> Check out apt-cacher-ng
<roy_hobbs> thank you
<hads> There's also apt-cacher, apt-proxy, apt-something-else-which-i-forget but apt-cacher-ng has served me the best so far.
<roy_hobbs> what does the ng stand for?
<ziroday> roy_hobbs: new generation
<UndertakerX2> whats the best way to assign permisions to var/www ?
<UndertakerX2> sorry permisions so i can ftp to
<UndertakerX2> i can log in via ftp, just not transfer
<UndertakerX2> should i use apt-get install memcached php5-memcache to install memcache?
<ropetin> UndertakerX2: Sounds sensible
<ropetin> Are you using php5?
<UndertakerX2> yep
<UndertakerX2> i got it installed and working just checking if there was a better version for apche or soemthing yea know? :p
<uvirtbot> New bug: #326792 in openldap (main) "package libldap-2.4-2 2.4.11-0ubuntu6.1 failed to install/upgrade: package libldap-2.4-2 is not ready for configuration" [Undecided,New] https://launchpad.net/bugs/326792
<Hellsheep> Hey, how do i transfer a file from a windows machine onto a Ubuntu server?
<Kamping_Kaiser> i'd recomend ssh, try samba if you need 'integration' with 'doze though
<Hellsheep> i have samba and ssh installed
<Hellsheep> But i dont know how to use samba
<Kamping_Kaiser> neither.
<Hellsheep> Do you know how to use SSH to do it?
<ziroday> Hellsheep: using scp
<Hellsheep> Thanks
<Kamping_Kaiser> Hellsheep, or since its a doze box, try 'WinSCP'
<Hellsheep> Would this work:
<Hellsheep> scp -r /pathtofolder/ name@host:/targethetfolder/
<Hellsheep> Sry
<Hellsheep> This one: scp -r C:/vent.tar.gz hellsheep@Icarus:/vent
<Kamping_Kaiser> try it and see. unless you've installed ssh/scp specially it wont work though
<Hellsheep> I have SSH
<Hellsheep> not sure about scp
<Hellsheep> ill try it
<Hellsheep> ssh: C: Name or service not known
<Hellsheep> What does that mean? O_O
<Kamping_Kaiser> I guess it sees : in the file name, and assumes that the bit in front ( C ) is a hostname
<Hellsheep> Oh
<Hellsheep> Hmmm
<Hellsheep> I wonder how to tell it to find the file then
<Kamping_Kaiser> no idea how ssh/scp CLI tools work on windows
 * Kamping_Kaiser has only used winscp for it
<Hellsheep> This is soo annoying
<Hellsheep> How long will it take me to setup WinSCP
<Hellsheep> to get this damn file transfered
<Hellsheep> i dont want to spend 10 hours trying to transfer a single file to my server
<Kamping_Kaiser> 2 mintutes to download the 'run anyware' exe, and then double click
<Kamping_Kaiser> ok
<Kamping_Kaiser> er, sorry. ok not for you :S
<Hellsheep> ?
<Kamping_Kaiser> i was saying ok to someone else
<Hellsheep> kk
<Hellsheep> Who knew transferring a file would be so difficult =P
<Kamping_Kaiser> not me :p
<Hellsheep> i thought it'd be like
<Hellsheep> "Click a button or two and look the file is copied! YEY"
<quizme_> hellsheep: switch to linux
<Kamping_Kaiser> quizme_, beat me to it ;)
<Hellsheep> Wish i could
<quizme_> kamping_kaiser: lol
<Hellsheep> When i get my new computer
<Hellsheep> it'll have Ubuntu x64 on it
<Hellsheep> I hate windows
<Hellsheep> Don't even get me started on Internet Explorer.
<Hellsheep> Microsoft = fail
<Hellsheep> Finally
<Hellsheep> Thank you!
<Kamping_Kaiser> :) np
<afief> I keep getting "can't set the locale; make sure $LC_* and $LANG are correct" on my Ubuntu server, could anybody tell me how to fix this?
<Adri2000> what's the plan for samba in jaunty?
<Adri2000> update to 3.3? update to 3.2.x x>=6 ?
<ezimir> hello. i'm following Ubuntu Documentation > Ubuntu 8.10 > Ubuntu Server Guide > Network Authentication > OpenLDAP Server, and i have trouble with "LDAP replication" section... anyone here can spend some time with me finding out what's wrong?
<ezimir> 'ldapmodify -x -D cn=admin,cn=config -W -f syncrepl_cn-config.ldif
<ezimir> gives
<ezimir> ldap_add: Invalid syntax (21)
<ezimir>         additional info: objectClass: value #1 invalid per syntax
<ezimir> anyone?
<candrews> Can someone please bump tomcat-native? https://bugs.launchpad.net/ubuntu/+source/tomcat-native/+bug/290078 Right now, tomcat-native is useless due to bugs regarding ssl and ipv6
<uvirtbot> Launchpad bug 290078 in tomcat-native "bump tomcat-native to 1.1.15" [Undecided,New]
<ksoviero> whenever i start my server, mediatomb starts before the my external hdd mounts, and therefore dosent see any music.  how can i force mediatomb to wait until after the hdd mounts?
<ksoviero> there both init.d scripts
<ksoviero> anyone?
<imo> hello
<imo> how i can install samba server ??
<jtaji> !samba
<ubottu> Samba is the way to cooperate with Windows environments. Links with more info: https://wiki.ubuntu.com/MountWindowsSharesPermanently and http://help.ubuntu.com/ubuntu/serverguide/C/windows-networking.html - Samba can be administered via the web with SWAT.
<imo> ok
<imo> thanks
<imo> i have mac osx leopard
<imo> and i want to share all files on my ubuntu server
<imo> what its the
<imo> what is to be accessed the easiest away over the files??
<imo> ??
<TTT_Travis> Hi I have a data hard drive that I moved from my old ubuntu computer, now on the new computer the files are all highlighted green in terminal, I Think that means sticky bit -- how do I get the files back to normal?
<jimcooncat> I'm having a heck of a time doing preseeding. It works fine, when it works. I have eth0 start the install fine every time, but when d-i goes through dhcp, it intermittently reassigns my second ethernet card as eth0 and stalls. What can I do? It seems that I'd have to pass a MAC address on the startup line, but I don't see how
<jimcooncat> I think i got it using IPAPPEND=3. thanks anyway
<dou213> hi guys, i'm using ubuntu server and i wonder, a lot of programs, so i've read, provide a web interface for administration or else, can i use this kind of apps, e.g. Mailman, in server edition too (no X-Server) ?
<centaur5> dou213: You might want to look into ebox for web administration.
<dou213> centaur5, yes i've heard about ebox, it also provides a graphical interface or not?
<dou213> centaur5, and can i use it with server edition even if no X?
<centaur5> dou213: Yes, ebox works without X.
<dou213> ok thx centaur5
<centaur5> no prob
<Alysum> hi - I would like some advice on whether I should use 8.04 or 8.10 for a small single server
<dou213> centaur5, but i imagine you would need X for it to be graphical locally
<dou213> remotely is another story :)
<centaur5> dou213: Yes, well actually I've never tried it with lynx but it might work.
<dekkong> Hello guys! I have a computer with 300gb of storage and I would like to use the computer as a server storage for music and movies, would this be easy with ubuntu server 8.10?
<Nat_RH> dekkong: Certainly possible, but if thats all you want to do, there may be other options
<davexoxide> postfix vs exim?? or any other mail service.
<lamont> davexoxide: sure
<davexoxide> lamont: which one would you suggest?
<lamont> well, I maintain postfix, so I freely admit to being biased
<zul> hey lamont
<lamont> zul: sup?
<zul> lamont: not much
<zul> lamont:  how are you?
<lamont> doing well
<owh> o/
 * lamont sees what time it is, gets ready to run to town
<lamont> davexoxide: either postfix (my pref), or exim4 are fine - I wouldn't recommend any MTA from universe
<lamont> laters
<davexoxide> thx
<owh> davexoxide: If it helps, postfix is installed by default :)
<davexoxide> owh: I'm setting up my server on slicehost, I decided to use ubuntu8.10... I configured postfix and restarted it...
<davexoxide> shouldn't I be able to do mail on command line to test it?
<owh> davexoxide: No, that's part of mailx IIRC.
<owh> davexoxide: The command-line mail tool I mean, in-case that wasn't clear.
<davexoxide> ok what's the best way to test if postfix is working? the website i have up and running is giving me "Unable to send e-mail."
<owh> What language is the site written in?
<twb> Which site?
#ubuntu-server 2010-02-08
<sub> Roxyhart0: sudo iptables -L
<Roxyhart0> it work with ufw or something like that isnt'?
<sub> iptables -L should still tell you, but you can also do sudo ufw status
<Roxyhart0> if i want to desactivate this firewall?
<sub> sudo ufw disable if it's using that
<Roxyhart0> apparently i am using iptables, it is installed automatically
<sub> then sudo iptables -F
<sub> all of this information is in the man pages
<Roxyhart0> yes i am reading ...still i am so bad following "man"
<Roxyhart0> thanks a lot sub
<ujjain> your firewall will probably reset on reboot.
<sarthor> Hi, I configured PPPoE-server with the help of http://ubuntuforums.org/showthread.php?t=291926 , as this url says that you have to add each user as a regular users to your linux, Like , "adduser xyz" it create the home directory also each time. I dont want to add users like this , just wanna add users to pap or chat file in /etc/ppp/ directory, How can i? Need help please
<mdeslaur> kirkland: never mind, I figured out the problem
<sarthor> how can i redirect my LAN clients all browsing requests 192.168.0.1/24 to a web server running on 192.168.0.100 on my lan, Using iptbales
<savid> Hi, I'm trying to get postgresql to run on my server, and when I run the ubuntu init script for postgres,  nothing happens.  No errors, server doesn't start.  How do I debug this?
<savid> Nothing in the error logs either
<pmatulis> savid: apply the strace command to the init script (man strace)
<jmarsden> savid: sudo bash -x /etc/init.d/postgresql-8.3 start    # may give you an idea where in the init script things are going wrong
<savid> hmm.. looks like the conf file doesn't exist...
<jmarsden> savid: If this is a new install, sudo apt-get purge postgresql-8.3  && sudo apt-get install postgresql-8.3   # may fix that for you?
<savid> yeah, new install.  I'll try that
<savid> jmarsden,  nope it still didn't set up a conf file for me
<jmarsden> savid: Karmic Server?  Seemed to work for me here... odd.  I need to go AFK for a while, may be back later; might try a fresh Karmic Server install in a VM to see if that sheds any light, but not right now...
<savid> Yeah, karmic
<savid> Is there a different package for postgresql server other than "postgresql"?
<savid> ARGH this should not be this difficult
<jmarsden> savid: sudo apt-get install postgresql-8.4    # Just works for me here.
<savid> jmarsden,  and you see the conf file in /etc?
<savid> makes no sense at all
<jmarsden> I see the server start up automatically :)
<jmarsden> And a bunch of config files under /etc/postgresql/8.4/main/
<jmarsden> But now I really have to go... back later I hope.
<Roxyhart0> hi i need to reconfigure my nss and pam and dpkg-reconfigure doesnt work, how i can do it manually?
<savid> jmarsden, interesting,   an strace on dpkg-reconfigure shows this:  http://dpaste.com/156005/
<savid> What is the purpose of the files in /var/lib/dpkg/info?   How do I restore files that are missing from there?
<pmatulis> savid: pastebin your locale settings (command: locale)
<Roxyhart0> hi whwn i do dpkg-reconfiure libnss-ldap i got this error: Running nssldap-update-ignoreusers.any idea?
<savid> pmatulis,  http://dpaste.com/156009/
<pmatulis> savid: please study bug 162517
<uvirtbot> Launchpad bug 162517 in postgresql-8.2 "postgresql does not start" [Undecided,Invalid] https://launchpad.net/bugs/162517
<savid> pmatulis,  I had trouble with my locale in the bigging..  I ran   locale-gen en_US en_US.UTF-8; dpkg-reconfigure locales a little while ago
<savid> pmatulis, thanks, I'll check it out
<Roxyhart0> hi how i can know my nss-ldap configuration?
<Roxyhart0> before i did the configuration in a ldap.conf file but now is not coming any more?
<savid> Uhhh..  why do I get "unknown host" when I do "ping localhost"
<savid> localhost is in my /etc/hosts file
<savid> points to 127.0.0.1
<uvirtbot> New bug: #518653 in opie (main) "libopie exports conflicting symbols" [Undecided,New] https://launchpad.net/bugs/518653
<osmosis> does libvirts  domifstat have a rx_bytes and tx_bytes limit somewhere around 4,160,279?
<sabgenton> !cups
<ubottu> Printing in Ubuntu is done with cups. See https://help.ubuntu.com/community/Printers - https://wiki.ubuntu.com/HardwareSupportComponentsPrinters - http://linuxprinting.org - Printer sharing: https://wiki.ubuntu.com/NetworkPrintingFromWindows
<sabgenton> !cups server
<uvirtbot> New bug: #514610 in libvirt (main) "USB passthrough device ID interpreted as decimal instead of hex" [Undecided,New] https://launchpad.net/bugs/514610
<Roxyhart0> hi please sombody can tell me where is the configuration for libnss now? before i did the configuration in the file ldap.conf, but now is not anymore
<jmarsden> Roxyhart0: libnss has always been configured using /etc/nsswitch.conf  (as far as I know).
<Roxyhart0> i mean when i do dpkg-reconfigure i need to wrote many things, where are this information
<jmarsden> That's a TOTALLY different question.  Which is confusing.  Info stored by debconf goes into the debconf database, see man 7 debconf
<jmarsden> You can sudo apt-get install debconf-utils and then use debconf-show to see what is stored for each package, if that helps you.
<Roxyhart0> i am wondering why when i do getent password is just shows me the local useras and not ldap. when i do wbinfo it work fine
<twb> jmarsden: wouldn't you use debconf-list-selections?
<jmarsden> twb: Hmmm.  On my Karmic desktop here I don't have debconf-list-selections but I do have debconf-show .  Did the names of the utilities change?
<twb> Er, -get-selections
<twb> That just dumps the entire database
<Roxyhart0> i dont undertsand what ar eyou talking about :S
<jmarsden> Roxyhart0: You asked: <Roxyhart0> i mean when i do dpkg-reconfigure i need to wrote many things, where are this information
<Roxyhart0> before i did some configuration in a file ldap.conf which contend somethink like that http://pastebin.com/d3dc68a73. where i could set this informatin now?
<jmarsden> debconf-show and debconf-get-selections are ways to see that information.
<Roxyhart0> sorry about the spelling
<jmarsden> That's not configuring libnss, and it is not info stored as a result of dpkg-reconfigure either.
<Roxyhart0> yes because this is a old ubuntu 9.04
<Roxyhart0> which is working
<jmarsden> Roxyhart0: You are asking questions, and then when you get an answer, you seem to ignore the answer, and asking a different question.  This is... unhelpful, and frustrates those providing answers.  I feel as though I am wasting my time answering you tonight.  Either you are very confused, or you need to work on asking questions more clearly (or maybe I'm just not "getting" things today!?).
<Roxyhart0> sorry
<jmarsden> Roxyhart0: This might help?  https://help.ubuntu.com/community/ActiveDirectoryHowto#libnss-ldap
<jmarsden> But I do not know how up to date that information is.
<Roxyhart0> thanks yes i check it before and i will check again but i think i am so tired, so im going to the gym and then try to come back fresh...thanks a lot for your help
<jmarsden> You're welcome.
<twb> jmarsden: auth-client-config can turn debconf into nsswitch.conf
<twb> (As a pedantic counter-example.)
<jmarsden> OK... :)
<mathiaz> ivoks: hi!
<ivoks> mathiaz: hi
<ivoks> mathiaz: isn't it late at the other side of atlantic? :)
<ball> it's 01:58 where I am.
<mathiaz> ivoks: I'm in Brussels
<ivoks> mathiaz: oh, same timezone :)
<mathiaz> ivoks: yeah - won't have much time though - as I'm in a meeting all day
<ivoks> ok
<mathiaz> ivoks: I spoke with Fabio yesterday during FOSDEM
<ivoks> then just agree to my arguments and that's it :D
<ivoks> ok
<mathiaz> ivoks: I'll have to think about it
<mathiaz> ivoks: I'm just making everything has been considered
<mathiaz> ivoks: making *sure*
<ivoks> i know
<ivoks> well, i don't know what else to say
<ivoks> pacemaker is there and it works very well
<mathiaz> ivoks: right
<mathiaz> ivoks: seems like the new cluster stack is shaping well
<ivoks> (let's call it pacemaker, even though we aren't talking just about pacemaker)
<mathiaz> ivoks: I'm just wondering whether it's stable-ready for an LTS release
<mathiaz> ivoks: yeah - I have an overview of the whole stack in my head
<ivoks> you figured out corosync <-> openais relation? :D
<ivoks> anyway, do you know what features Fabio mentioned?
<ivoks> that are missing in pacemaker, but are available in rhcs?
<ivoks> mathiaz: /dev/drbd0 on /opt type gfs2 - yay
<\sh> soren: I filed bug #518742 I don't know what's going wrong...is there a vmbuilder switch to enable debug logs? (--verbose is not good enough)
<uvirtbot> Launchpad bug 518742 in vmbuilder "karmic vmbuilder with separate boot partition doesn't boot" [Undecided,New] https://launchpad.net/bugs/518742
<lau> hello, my dmesg cpu is CPU0: Intel(R) Xeon(R) CPU W3520 @ 2.67GHz stepping 05
<lau> and am looking for the linux kernel with hardy
<lau> apt-cache search 'linux-kernel' returned different 64 kernels
<lau> and I don't know which one to use
<lau> the results of the cmd are, linux-image-2.6.24-26-server - Linux kernel image for version 2.6.24 on x86/x86_64
<lau> linux-image-amd64-xeon
<lau> linux-image-amd64-server
<lau> I also read that it is good to use amd64 kernel with intel cpu? is that stil true?
<lau> http://www.ubuntu.com/files/server/UbuntuServerBrochure804LTS.pdf
<lau> page 6 says                                 are fully maintained in Ubuntu Server Edition.
<lau> AMD64 and Intel64 based systems
<maxagaz> how to debug a reverse dns problem ?
<ivoks> almost all newer intel cpus are 64bit
<ivoks> lau: to be precise, all with EM64T functionality
<lau> hello ivoks, thx for your reply, I guess that linux-amd64-xeon should be my kernel from the ubuntu repos
<ivoks> lau: yes
<lau> but aptitude show linux-image-amd64-xeon returns DescriptionÂ : Upgrade dummy package. Can be removed
<ivoks> lau: that's old name for the kernel
<ivoks> lau: just install linux-server and that's it
<ivoks> if you installed 64bit version of ubuntu, you'll have 64bit kernel
<ivoks> mathiaz: depends on the problem
<ivoks> er...
<ivoks> maxagaz: depends on the problem
<ewook> ivoks: my hero, care to take on a almost non server related question? :)
<ivoks> ewook: try me :)
<ewook> ivoks: good with converting / calculating subnets?
<ivoks> ewook: there are tools for that
<ewook> ivoks: well, I can't make 'em do what I want / need
<ewook> ivoks: to shorten the span.. : 83.188.192.1 - 83.188.255.255, that's the range I need to have a mask for.
<ewook> with my low knowledge, I'm guessing that's a b-class, but .. ya..
<ivoks> i guess you ment 83.188.192.0 - 83.188.255.255
<ivoks> that would be 83.188.192.0/18
<ivoks> Netmask:   255.255.192.0
<ewook> ivoks: http://krow.net/dict/subnet.html . so , yes, it's a /18 :)
<ewook> that was the best site ever. those calculators just gives me headaches :P
<ivoks> what's wrong with ipcalc?
<ivoks> ipcacl 83.188.192.0 - 83.188.255.255
<ivoks> ipcalc `ipcacl 83.188.192.0 - 83.188.255.255`
<ivoks> almost :)
<ewook> ivoks: I didn't have it, that was the wrong part :)
<uvirtbot> New bug: #518803 in nis (main) "package nis 3.17-25ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/518803
<c0dem4gnetic> im (or will be) using a bunch of virtualized servers in my environment... could anyone hint me in a direction where i could allow my users on the virtualized machines to authenticate against the host? that is, if the host has an user account then that account can also be used in a virtual machine
<c0dem4gnetic> other than ldap :)
<c0dem4gnetic> im thinking PAM but cant really figure out what approach i should have
<philsturgeon> hey guys. i have installed openssh-server and im trying to get private keys setup
<philsturgeon> i have created the keys on the client end and i want to add them to the server. how?
<c0dem4gnetic> guessing you insert the public key to /home/username/.ssh/authorized_keys
<lau> philsturgeon: man ssh-copy-id
<philsturgeon> lau: client id a mac
<philsturgeon> lau: think i got it now
<soren> \sh: --debug is your friend.
<ivoks> hey soren
<zul> morning
<soren> ivoks: Hey, dude.
<ivoks> zul: bowl
<zul> hey ivoks
<MatBoy> _ruben: man, how are you ?
<uvirtbot> New bug: #517704 in tftp-hpa (main) "package tftpd-hpa 5.0-11 failed to install/upgrade: " [Low,Incomplete] https://launchpad.net/bugs/517704
<uvirtbot> New bug: #518073 in samba (main) "package samba 2:3.4.0-3ubuntu5.4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Fix released] https://launchpad.net/bugs/518073
<zul> lamont: ping a valid hostname for postfix doesnt have a "." at the end right?
<uvirtbot> New bug: #518355 in php5 (main) "CURLOPT_WRITEHEADER fails" [Undecided,Fix released] https://launchpad.net/bugs/518355
<zul> soren: what do you think of bug #517478 upstream said the patches that we have for netcat are not good
<uvirtbot> Launchpad bug 517478 in libvirt "remotely executed netcat (nc) uses -q option which is not universally supported" [Undecided,New] https://launchpad.net/bugs/517478
<koolhead17> hi all
<koolhead17> :)
<sponzor> i m installing ubuntu server and it is at 25% setting users and passwords... about 10 minutes now did it crashed or is that normal?
<smoser> kirkland, ping
<kirkland> smoser: who dat?
<smoser> bah to you
<smoser> :)
<smoser> anyeay
<smoser> anyway
<smoser> i thought you had said you'd done the archive admin acceptance to universe for cloud-utils
<smoser> but its still pending
<smoser> https://launchpad.net/ubuntu/lucid/+queue?queue_state=0&queue_text=&start=30
<soren> zul: I don't know what Guido is up to. I added netcat-openbsd to Debian two years ago to avoid this.
<zul> soren: ok thanks
<smoser> kirkland, ^^
<kirkland> smoser: i had accepted it ... let me check
<\sh> guys, is there an easy way to see what vmbuilder is doing when adding grub to the disk images, when creating the vms? I don't see any possibility to debug why it fails to boot when having a /boot partition separated from the rootfs ... (bug #518742)
<uvirtbot> Launchpad bug 518742 in vmbuilder "karmic vmbuilder with separate boot partition doesn't boot" [Undecided,New] https://launchpad.net/bugs/518742
<Boevik> with php mail function, does anyone know which log file is used ?
<uvirtbot> New bug: #500484 in libvirt (main) "libvirt conflicts with existing dnsmasq installation" [Undecided,New] https://launchpad.net/bugs/500484
<lamont> zul: depends on your definitons...
<lamont> fully-quallified domain names end with a trailing dot, to anchor them.  many programs believe that there shouldn't be a trailing dot.
<zul> lamont: newaliases is complaining about the trailing dot i think
<lamont> the resolver library makes a WAG at whether or not to try the search list (is it an FQDN?) based on how many dots are in the name
<lamont> MTAs are pretty universal in not wanting trailing dots
<savid> Why in the world would I get "unknown host" when I do "ping localhost"?
<savid> my /etc/hosts shows 127.0.0.1     localhost localhost.localdomain
<lamont> savid: nsswitch.conf?
<savid> lamont, http://dpaste.com/156160/
<zul> lamont: gotcha thanks
<lamont> savid: good question then... strace might be helpful
<savid> lamont, http://dpaste.com/156162/     Not sure how to read that :-P
<lamont> open("/etc/hosts", O_RDONLY|O_CLOEXEC)  = -1 EACCES (Permission denied) <-- savid: chmod 644 /etc/hosts
<savid> ahh,  didn't see that :-)  thanks!
<jiboumans> kirkland: ping?
<kirkland> jiboumans: yo
<jiboumans> hi, can i borrow your brain?
<kirkland> jiboumans: heh, sure
<jiboumans> excellent; calling you in a few mins, and sending you something over mail to read along
<kirkland> jiboumans: cool
<panter> hi all .. i have problem with automounting NFS4 shares on boot ... i added NFS shares to /etc/fstab .. manualy is everything working .. but after reboot automount doesn't work .... any ideas?
<Xpistos|work> Hey can someone give me hand. I can't get SSH'd into my server
<Xpistos|work> I can get in through webmin and pull up a command prompt however
<Xpistos|work> Webmin shows that there is not ssh server running?
<Xpistos|work> I tried "sudo /etc/init.d/sshÂ restart"  but no luck
<panter> Xpistos|work, what was output of your last command?
<Xpistos|work> sorry
<Xpistos|work> I am an idiot
<Xpistos|work> The port forward wasn't changed to the correct ip
<Xpistos|work> it helps when you trouble shoot easiest to hardest
 * Xpistos|work feels like an idiot
<uvirtbot> New bug: #518883 in openssh (main) "ssh-copy-id does not work over non-standard port" [Undecided,New] https://launchpad.net/bugs/518883
<panter> any idea about my NFS issue?
<ivoks> panter: yes
<ivoks> panter: ubuntu 9.10?
<panter> ivoks, yes .. karmic
<ivoks> panter: add mount -a to /etc/rc.local :(
<ivoks> filesystems are mounted before network and network services are up
<Xpistos|work> panter: what problem are you having with NFS?
<panter> ivoks, i think that there is  _netdev option for this problem, or not?
<panter> Xpistos|work, i have problem with automounting NFS4 shares on boot ... i added NFS shares to /etc/fstab .. manualy is everything working .. but after reboot automount doesn't work
<panter> ivoks, ok .. if it is the only solution .. i'll try
<ivoks> panter: it's a bug in upstart
<panter> ivoks, ok . thanks a lot ..
<philien1> Hi, after the installation I lost my password, what can i do ?
<ivoks> i didn't have time to investigate why and how, but rc.local fixes the issue
<philien1> What is the root password
<ivoks> philien1: there's no root password
<ivoks> philien1: you can boot live cd
<philien1> But server (in recorvery mode) ask to a root password
<ivoks> then you set root password
<guntbert> philien1: ubuntu server? never
<philien1> But i never set a root password
<guntbert> philien1: what is the prompt you get?
<philien1> guntbert : Yes it's an ubuntu server
<philien1> Give your root password for maintnance or type ctrl-D for resume
<guntbert> philien1: did you get file system errors just before that?
<philien1> guntbert: No I just lost my password just after the install
<smoser> kirkland, mind if i tag https://bugs.launchpad.net/ubuntu/+source/euca2ools/+bug/517871 as milestone alpha3 ?
<uvirtbot> Launchpad bug 517871 in euca2ools "euca-describe-volumes fails in lucid" [High,Triaged]
<guntbert> philien1: that means you did set a root password or are you talking about your user password?
<philien1> guntbert: a root password
<guntbert> philien1: you should not do that :)  - does your system boot fine in "normal mode"?
<philien1> gunbert: no i do this to reset MY password
<guntbert> philien1: best way of handling: boot from a live CD, mount your ubuntu partition, chroot into it (see http://www.nistor.co.uk/2009/12/chroot-into-ubuntu-from-debian/ ), and then reset your password
<jalons> In sudoers if I turn on mail_always, is it possible to exclude one user (a system account that runs) from notifications being sent out?
<savid> Hi, I would like to be able to set up a repository for our custom .deb packages so that we can easily manage them on our servers -- what's the best way to do that?
<qman__> savid, probably a launchpad PPA
<savid> qman__, cool thanks, I'll read up on it.
<sponzor> how to test your disks in server? without shuting it down?
<padhu> Multiple SSL Certification with multiple name based virtual host with single ip & port is possible in apache2.2.11 with out sni ?
<kirkland> smoser: go for it
<smoser> kirkland, so, thats the beginning of the possibly large set of "euca2ools fix for boto 1.9" bugs
<kirkland> smoser: k
<smoser> i have a patch attached to it. and you can take if you'd like.
<kirkland> smoser: i'll get to it, though that's a bit further down in my queue today
<smoser> no problem.
<savid> I think I messed up my one of my postgresql conf files.  How can I get ubuntu to replace it with the default?
<savid> I tried dpkg-reconfigure postgresql,  but that didn't do it
<ivoks> take care... 'night
<bogeyd6> savid, download and extract the package
<sherringham> aptitude has a "reinstall" option as well - might work
<sponzor> is there any good howto set up iptables for ubuntu server?
<guntbert> sponzor: start with https://help.ubuntu.com/9.10/serverguide/C/firewall.html
<sponzor> ok
<uvirtbot> New bug: #517769 in eucalyptus ""Server internal error" when acl is set on a bucket using a cannel acl and no access control list (xml) in the request" [Undecided,Fix committed] https://launchpad.net/bugs/517769
<nvme> how much HDD space would i need to run minimal karmic + tomcat + oracle express + SVN ?
<uvirtbot> New bug: #518962 in openssh (main) "ssh client does not forward X11 to local user's networked DISPLAY" [Undecided,New] https://launchpad.net/bugs/518962
<lamont> I bet 518962 is a matter of the remote side having x11forwarding turned off
<lamont> mebbe not
<sponzor> the ubuntu uses apache.conf and no httpd.conf?
<MTecknology> sponzor: yup
<sponzor> hmm strange :P tnx
<MTecknology> sponzor: there's all sorts of variations between distributions
<sherringham> I have to admin rhel/centos as well and I much prefer the Ubuntu/debian Apache config format. Esp. for vhosts.
<jon23d>  Hello, I'm trying to get the updated GD library working on an ubuntu server, but am having issues.  I am following the instructions here: http://www.howtoforge.com/recompiling-php5-with-bundled-support-for-gd-on-ubuntu , but after running dpkg-buildpackage -rfakeroot I get: dpkg-buildpackage: failure: debian/rules build gave error exit status 2
<sherringham> Try and build it without any rules mods - sanity check your environment. If that works, but the build fails when you adjust the rules file, you know where to look.
<jon23d> kk, trying now, ty
<dereks> hi all. i am going to be running a headless home server for my home (to SSH into, backup, and a bunch of other small tasks). i am assuming an ubuntu-minimal install would suit me better, just want to make sure thoguh. would there be any reason you can think of for ubuntu server if i am not really looking to run a web server, db server, email server, etc...
<sherringham> You don't need to install stuff web,db etc. - you have a choice - server version would be better if headless - assuming no X required
<kusznir> Hi all: I'm trying to create a ubuntu domU on my xen hvm server.  I've been trying with the 9.10 x86_64 dvd iso.  I've got it loading the cd menu (language, etc), but when I select "Install ubuntu", my display hangs (the menu is cleared, a flashing cursor shows up for about 1 sec, then all that remains is the F1... stuff on the bottom of the screen), and the CPU uses 100% of one core until I kill the DomU.  Any suggestions?
<dereks> sherringham: is there a list of what comes on server by default?
<dereks> sherringham: and why is it better than the "minimal" install (ie, mini.iso)
<sponzor> is ext4 bugy or is it ok now?
<sherringham> dereks: why is it better - maybe it isn't :-) I am not familiar with minimal - go for it. You can install what you need afterwards easily anyway.
<sherringham> sponzor: current ext4 is considered "production" quality now.
<sponzor> what about the /boot should be on ext4 or ext3? i did all partitions on ext4 and the /boot on ext3 is that ok?
<image_q> how do I get the broadcast ip and the network ip to put into the /etc/network/interfaces file?
<image_q> do I get it from my provider>?
<dereks> sherringham: where can i get a list of what is installed on ubuntu-server by default?
<sherringham> dereks: I don't know - there's sme info here :
<sherringham> http://www.ubuntu.com/products/whatisubuntu/serveredition/techspecs
<sherringham> But is is more about what's available.
<sherringham> Remember - you can install a very minimal base.
<dereks> sherringham: thanks
<image_q> does anyone know a site that guides you with the tcp/ip networking that is easy to understand?
<sherringham> image_q: Try https://help.ubuntu.com/8.04/serverguide/C/index.html
<sherringham> Or : http://www.debian.org/doc/manuals/network-administrator/
<image_q> I  believe I've done all that stuff correctly, but for some reason when I do ifconfig the Bcast ip address is different from what I put into the interfaces file
<image_q> do I get my broadcast ip from my business internet provider?
<image_q> same question for the network id?
<image_q> and when I use "route -n" I don't see anything there
<Jeeves_> image_q: What is your ip?
<Jeeves_> And what is your submask?
<sherringham> image_q: ifconfig -a (perhaps)
<image_q> 96.56.144.156, 255.255.255.248
<image_q> respectivel
<image_q> I put in 96.56.144.7 as my broadcast ip
<ajavid> hi
<ajavid> I'm on ubuntu server 9.10 and I would like to know how to prevent my hard disks from being spun-down
<Jeeves_> image_q: http://pastebin.ubuntu.com/372060/
<ajavid> in other words, I DO NOT want Ubuntu to spin down my drives, ever.
<ajavid> I do not wish this power management
<ajavid> how can I have this?
<ajavid> Please advise
<ajavid> https://wiki.ubuntu.com/PowerManagement#How%20to%20get%20disks%20to%20spin%20down%20and%20idle%20correctly%20%28without%20excessive%20load%20cycling%29
<ajavid> is not very clear to me
<ajavid> it applies to laptops
<image_q> thanks I'll try that
<osmosis> do the values returned from  virsh domifstat   have a max value where it resets to 0?
<sherringham> Jeeves: ipcalc - forgot about that :-) I used a web based calc.
<image_q> Jeeves_: I put that in but it still gives me the Bcast of 159
<image_q> I restarted networking of course
<image_q> and I cant reach the internet
<image_q> this is weird
<ajavid> /dev/sdb1: setting standby to 0 (off)
<ajavid> so /dev/sdb1: setting standby to 0 (off)
<ajavid> if used with hdparm -S 0 (man hdparm)
<ajavid> says 0 will turn it off
<ajavid> do I have to restart my server for this to take effect?
<ajavid> or remount the disk?
<ajavid> A value of zero means "timeouts are disabled": the
<ajavid> device will not automatically enter standby mode.
<ajavid> $>sudo hdparm -I /dev/sda1 | grep -i power Advanced power management level: 254
<ajavid> it won't disable advanced power management
<ajavid> does anyone know how to disable this for hard disks?
<sherringham> image_q: describe your net connection - ethernet/eth0 -> router or switch? Where did you get the 96.56.144.156 address?
<image_q> router
<image_q> optimum online
<image_q> its a business network
<image_q> I added auto eth0 to the interfaces file (it accidentally had a # in front) and whenever I restart it gives me the message "Failed to bring up eth0"
<image_q> I try to add it with "route add -net 96.56.144.156 gw xx.xx.xx.xx dev eth0"
<image_q> but I get the message SIOCADDRT: Invalid argument
<image_q> (the xx.xx.xx.xx is my gateway address I got from the company)
<sherringham> gw : 96.56.144.153 / broadcast : 96.56.144.159 / IP : 96.56.144.156 ?
<image_q> yes
<sherringham> show /etc/network/inerfaces : http://pastebin.com/
<image_q> alright hold on
<image_q> http://pastebin.com/m496efe6c
<nvme> is there any way i can recover a lost password, using 9.10 in a VM
<sherringham> imageq: take the /29 off network
<nvme> (only 1 user on the installation, no root pass)
<image_q> already did that
<sherringham> *image_q ...
<image_q> same thing happens
<image_q> it still gives me the message "Failed to bring up eth0" when I try to restart
<sherringham> image-q: some are 244 - some 144?
<sherringham> Should all be 144
<sherringham> (except mask)
<image_q> thats just a typo on my part
<image_q> I'm using a separate computer so I cant copy/paste
<image_q> they're all 144 on the server
<image_q> (except mask)
<sherringham> Is the network h/w OK? i.e. module loaded and h/w found? i.e. sudo grep eth0 /var/log/dmesg
<image_q> ah it says there is a problem
<image_q> "forcedeth 0000:00:0f:0: ifname eth0, PHY OUI 0x732 @ 1m addr (mac add)
<image_q> and then
<image_q> eth0: no link during initialization
<image_q> eth0: link is not ready
<image_q> any guesses as to what I should do? should I reinstall linux?
<image_q> I recently added a second ethernet card, maybe thats why this happened?
<sherringham> image_q: not so quick on reinstall - almost certainly not
<image_q> ok, any other ideas about what I should do?
<sherringham> image_q: Is the other eth device installed and available?
<image_q> I have 2 internet cards atm yes
<sherringham> image_q: I'm just wondering whether you should consider getting the gw working with the original (m/board) ethernet i.e. configure without the other device - in case it's the problem.
<sherringham> i.e. physically remove temporarily - while you test
<image_q> it was working before
<sherringham> And stopped when you added the 2nd device?
<image_q> but I configured it with a different ip/gateway
<image_q> no I'm trying to put this on a different ip/different gateway etc
<sherringham> Well - you see where I'm going ... simplify config and test
<image_q> when I changed it it stopped working
<image_q> so you think I should remove the second device, and reconfig it?
<image_q> I think I'll just reinstall it, this machine doesn't have anything special on it anyway
<sherringham> OK - not sure what to suggest (other than take 2nd dev out and re-check)
<image_q> yeah it will take me the same amount of time to just reinstall it
<image_q> thanks
<sherringham> Good luck
<jon23d> sherringham, I tried building without any mods, but it still failed
<jon23d> I found this in test-results.txt: ERROR: invalid PHP executable specified by TEST_PHP_EXECUTABLE  = ./apache2-build/sapi/cli/php
<sherringham> jon23d: not sure - what is that file? : file ./apache2-build/sapi/cli/php
<jon23d> if I had to guess I would say the php command line interface generated by the build
<sherringham> Yes - but is it "valid" as per "file"? I am not a PHP person I'm afraid (or dpkg-buildpackage actually)
<sherringham> Any other errors or warning earlier?
<jon23d> well, not sure, I've never done this before!  I can tell you this though, when I run the file (./apache2-build/sapi/cli/php -f "echo 'hi';"), it works
<sherringham> OK
<jon23d> yeah, there were also warnings about it not liking running in safe mode
<sherringham> Maybe I will try it quickly .. hold on
<jon23d> tyvm
<sherringham> jon23d: building now ... need to make space on / - 96% used now ...
<jon23d> lol, kk, ty
<sherringham> jon23d: .. still going .. a bit more than I expected ... my laptop is getting hot :-)
<jon23d> yeah, its quite a process
<jon23d> it really sucks...
<jon23d> thanks so much
<uvirtbot> New bug: #519062 in eucalyptus (main) "Unable to connect to Eucalyptus Service on port 8773" [Undecided,New] https://launchpad.net/bugs/519062
<sherringham> jon23d: Phew - finished - that's a lot of code .. :-)
<sherringham> It seems to have worked for me
<jon23d> bah
<sherringham> No obvious error at the end
<sherringham> Karmic 9.10 i686
<jon23d> bah, I'll try it on another server, see what happens there
<jon23d> thanks for trying
<sherringham> No "ERROR" string in test-results.txt
<sherringham> No prob. That's me for the night. Cheers.
<jon23d> I think it may have something to do with safe mode
<jon23d> good night!
<Damm> meh, somehow someone overwrote the /var directory that holds the dpkg --list information... of all the packages from karmic to hardy
<Damm> what directory is that so I can uhhm, defuck this without apt-get reinstall world?
<Damm> eh nm i'll just reimage the box
#ubuntu-server 2010-02-09
<image_q> hello, I have one computer that I want to use as a router using iptables, once I set up the filters to accept information (from port 80 for example) how do I send it to server computer (which is connected through a network swtich)?
<image_q> hello, I have one computer that I want to use as a router using iptables, once I set up the filters to accept information (from port 80 for example) how do I send it to server computer (which is connected through a network swtich)?
<twb> A *router* just sends packets to where they ask to go
<image_q> ok, so how do I do that with iptables?
<image_q> and where exactly would I send it to?
<twb> That behaviour is orthogonal to iptables
<Roxyhart0>  Hi, i have a question. to connect windows client with linux samba member server, do i need to use winbind?
<image_q> ok, so how would I do it? and where would I send it to? The ipaddress on the server computer is 192.168.1.136, so how would I send it there?
<sabgenton> I am trying to set up cups most howtos tell me to setup a samba share so windows can auto detect it etc
<sabgenton> but can I just set a port on LPR like you do with print serving routers?
<Roxyhart0> hi sabgenton, so you did it before. did you use winbind in you configuration?
<twb> Argh, I thought this was #netfilter, where I'm allowed to be an ass.
<twb> I wondered what was up with all the samba questions.
<sabgenton> Roxyhart0: no I am a total noob
<sabgenton> to cups
<Roxyhart0> are u using ldap?
<sabgenton> I connected a windows machine to a print server over a port using  LPR
<sabgenton> wanted to do something like that with cups
<sabgenton> if posable
<sabgenton> do I have to use samba with cups
<twb> image_q: I guess you are using masquerading ("NAT") to share a single public IP between a number of hosts.  If this is the case, you need a DNAT rule to redirect connections to your masqueraded server.
<sabgenton> to connect a windows  machine
<Roxyhart0> or use iptables and forward the packages
<sabgenton> routers don't seem to use SMB for there print server things
<image_q> Roxyhart0: where would I forward them to, like how do I access another computer through the network switch?
<sabgenton> thats all
<Roxyhart0> i am doing that and i did time ago but now is not working and dont know why...i got problems with winbind-idmap
<image_q> twb: looking it upnow
<Roxyhart0> yes, i my case my server work as router, so any IP form the NAT is forwarding to the LAN
<image_q> I keep reading up documentation on turning a computer into a router but I can't find documentation on using your computer for a router via network swtich
<image_q> all the documentation assumes you use a separate network card for every computer you want in your network
<image_q> is there a way to use your computer as a router via network switch?
<uvirtbot> New bug: #519119 in autofs (main) "Transitional packages need some reworking" [Undecided,New] https://launchpad.net/bugs/519119
<uvirtbot> New bug: #297121 in irqbalance (main) "irqbalance causes ksoftirqd to use 100% CPU" [Low,Won't fix] https://launchpad.net/bugs/297121
<Roxyhart0> hi do you know a command to chekk how the logs are changing on real time? i mean to do debug from a application?
<KurtKraut> Roxyhart0, tail -f /var/log/filename
<Roxyhart0> thanks :)
<spenser> Hello, I'm looking for some guidence in reference to doing pam auth using authnz_external and pwauth.  Does anyone have a good reference because I cannot get it to work.
<spenser> I just continuously get prompted for my password over and over again
<spenser> \join #apache
<maxagaz> hi
<maxagaz> how to restart a ppp connection ?
<twb> poff, pon?
<uvirtbot> New bug: #519155 in libvirt (main) "package libvirt-bin 0.7.5-5ubuntu7 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/519155
<lwizardl> hi
<lwizardl> is there an easy to follow setup and configure guide for a true webserver configure (apache, mysql, php, dns, email server, ftp server, etc) I officially hate the howtoforge guide for ubuntu server never seems to work once I'm finished following their guide
<ball> You have an odd definition of "true webserver"
<lwizardl> ok i guess what i wanted to say would be a fully working webserver. all I can seem to get to work is internal networking and accessing the sites via the 192.x ips but if i use the real domains it fails
<lwizardl> never hate this kind of issue when i was using gentoo
<ball> lwizardl: Are you behind a router?
<lwizardl> yes
<ball> lwizardl: did you forward appropriate ports to your Linux host?
<lwizardl> and i had forwarded all the ports listed such as 80, 8080, 22, 25, etc
<ball> lwizardl: Why are you running DNS btw?
<lwizardl> just was following that howtoforge guide and figured it was needed
<ball> I've never seen that.  Following a guide without a good understanding of what you're doing sounds dubious though.
<ball> Have you verified that your domain points to your network?
<lwizardl> yeah i even tried to use zonedit for the domain and then point to the network ip from the isp
 * ball blinks
<lwizardl> err sorry name server
<ball> Can you ssh in from outside?
<ball> (using your fqdn?)
<lwizardl> no
<ball> Does your router log the connection attempt?
<lwizardl> in when i go to domain.tld it brings up the router login page
<ball> lwizardl: try from outside your LAN
<lwizardl> only time i can do that will be in the morning
<lwizardl> so i need to reconfigure the server tonight and then test again in the morning
<ball> Sounds inefficient.
<lwizardl> yeah but this is not going to be some huge hosting company type server
<lwizardl> its just my home page so I don't have access to other things like vpn accounts etc
<lwizardl> or access to something other then my home network at all times
<ball> lwizardl: In that case your "true Web server" set up definitely sounds like overkill.
<ball> lwizardl: Do you at least have a static IP address?
<lwizardl> yes my isp gives me a static ip
<ball> That helps then.
<lwizardl> kinda would be dumb to use a dynamic always changing ip
<ball> lwizardl: Why are you running a mail server on it?
<lwizardl> right now i am doing the base install on the server using the install cd and set it to install openssh server, lamp,
<lwizardl> umm maybe so people can email me ?
<ball> lwizardl: That's odd.
<ball> lwizardl: what you're URL?
<ball> s/you're/your/
 * ball is tired
<lwizardl> thats not something i am willing to share while i'm trying to configure the server
 * ball shrugs
<ball> I can't tell you whether it loads in my browser then.
<ball> If I were you I'd have a friend from outside run nmap against your fqdn and IP
<lwizardl> I have already said that I'm am doing the install again and its still installing
<ball> ...separately, then compare results.
<lwizardl> so I 100% doubt anyone would hit it right now
<ball> Something to consider once you get your new OS installed.
<ball> ...also think about each of those components (MTA, DNS etc.) and whether you actually *need* to run them.
<ball> I have to go.
<lwizardl> k thanks
<captbaritone> Trying to preserver 355 days of uptime! Ssh is timing out and when I plugged in a monitor and keyboard I get "Login timed out after 60 seconds." Is there any hope for me?
<captbaritone> *crying*
<pts> captbaritone: you could try to unplug the network cable in case it is network related. I would guess your box is having a very high load for some reason
<captbaritone> Excellent idea
<captbaritone> I fear I may have been linked to by some high traffic site (All the more reason to try to get back up as soon as possible)
<captbaritone> perhaps it's time to sacrifice uptime, and just restart
<captbaritone> but I'm SO CLOSE to a year!
<twb> captbaritone: if you are fapping over uptimes, then no, there's no hope for you
<pts> I guess so. High stability is better than high uptime ;)
<captbaritone> twb: It just seems so cruel.
<captbaritone> Here goes... restarting...
<captbaritone> :(
 * twb pats PFY on head.
<twb> You will... acclimatize to cruelty
<captbaritone> sigh
<captbaritone> fdisk failed
<captbaritone> sigh again
<twb> You should probably be using parted or cfdisk unless you're being clever
<Roxyhart08> i need to install an domain member server to as file server to be accesed by windows machine. Someone have any good documentation?
<twb> Roxyhart08: what documentation have you already tried?
<Roxyhart08> i tryed this one:http://us1.samba.org/samba/docs/man/Samba-Guide/unixclients.html#ch9-sdmsdc but i got this message uid_to_sid: winbind failed to find a sid for uid 0
<twb> Roxyhart08: did you try the Ubuntu server guide?
<Roxyhart08> but i didn find DMS
<Roxyhart08> just backup domain server and i dont to do that because the PDC is very old with different distrbution
<adac> Authentication on ssh login takes like forever lately. Any ideas what might be wrong?
<\sh> adac: dns reverse lookup?
<adac> \sh, well if i do ssh -vvv then It seems to be stuck on 'debug1: Entering interactive session.' What is dns reverse lookup?
<Roxyhart08> Hi, I am setting an domain member server and for some reason when i try to login form windows client is is not taking the user that i wrote instead take the user machine. any idea?
<adac> \sh, I set now 'UseDNS no'. Seems to have no effect
<adac> \sh, ok I removed now the debug output. It worked. Seems to get a lot faster now with reverse dns disabled. thx for the hint!
<\sh> adac: fix your DNS ;)
<adac> \sh, well which one? "When connecting to an OpenSSH server, one of the first things that the server does is to perform a reverse DNS loopuk on the clientâs IP" So It guess the problem relies on client side?
<twb> If the server is resolving the client's IP, why would that be a problem on the client side?
<inkvizitor68sl> hi all
<inkvizitor68sl> can someone explain me shortly what is Ubuntu cloud?
<twb> !cloud
<twb> bah.
<twb> Presumably it's just a wanky name for eucalyptus on Ubuntu.
<twb> eucalyptus is a FOSS knock-off of Amazon's EC2.
<inkvizitor68sl> ah
<inkvizitor68sl> so - is functions of UC similiar to Xen Cloud ?
<twb> I suspect that "cloud" is this week's buzzword, and its operational meaning is "I am a lying bastard salesdroid"
<inkvizitor68sl> xDD
<inkvizitor68sl> is services migrates between physical hosts?
<twb> inkvizitor68sl: see http://en.wikipedia.org/wiki/Cloud_computing
<inkvizitor68sl> %)
<inkvizitor68sl> i readed all of it)
<da65> any reason why recent updates have been kept back?  linux-generic linux-image-generic linux-restricted-modules-generic
<twb> da65: kept back by what command?
<da65> ran upgrade and just got that message
<andol> da65: the way certain kernel upgrades (bumped version number) works is that you get an actual new packages. A normal apt-get upgrade won't install any new packages (as depenencies), try apt-get dist-upgrade instead.
<twb> da65: aptitude upgrade is deprecated
<da65> kk, ty
<da65> yeah, wants to install
<da65> safe?  For a web server?
<da65> what happened to apt-get upgrade?
<twb> Nothing
<da65> I hate change :)
<twb> I recommend the mezozoic, then
<da65> lost me, still noobish here!
<da65> ty for Ubuntu server btw, great stuff
<twb> It's not my fault
<da65> hope not
<da65> 130mb, seems large?
<da65> not going to mess all settings will it
<twb> Oops, the mesozoic was actually a terrible suggestion
<da65> pinch of salt comes to mind :)
<da65> I might leave it, if it's not a security thing
<da65> is there a command to remove all packages that are not required for just a web-email server?
<da65> if that makes sense
<twb> Perhaps you want deborphan or debfoster
<da65> are they nice girls,  :)
<twb> No comment
<da65> lol
<da65> actually that sounds terrible, sry
<pts> any reason for why I cant find hb_gui? playing around with pacemaker-corosync, but I can seem to find this utility
<pts> I've installed pacemaker-openais and not pacemaker-heartbeat, is this maybe the reason?
<pts> any comments on what to choose for production usage; pacemaker-openais or pacemaker-heartbeat?
<Roxyhart08> hi i am configurin a samba member server and the groups permision is not working when a windows client try to access. getent group is fine. any idea ?
<Roxyhart08> somebody has working with samba as file server?
<Tek-5-8-6> Roxy, I had lots of issues with that too. I ended up just sharing the folders and Drives that I needed to under Nataulus and used my main name and pass to access the files
<Roxyhart08> but i need to give access to differnet groups of users to different folders
<Tek-5-8-6> Ahh, I understand. I tried many ways and still it wouldnt work
<Roxyhart08> i dont understand why is not working...before was working and when i changed the samba verisn doesn't work any more
<Roxyhart08> i think it is a bug
<Roxyhart08> hey Tek-5-8-6, which distribution did you use
<Roxyhart08> i just want to know if anybody in the room try to do the same and it work? i mean Domain member server and group permision?
<Roxyhart08> tek-5* i mean wich ubuntu version
<zul> morning
<Roxyhart08> no body?
<Roxyhart08> hi,  i just want to know if anybody in the room try to do the same and it work? i mean Domain member server and group permision? befor i change ubuntu for another distribution???
<Pupeno> Hello.
<Pupeno> Any idea how to make unnatended upgrades actually upgrade the installed packages?
<hashimi> when i mount my usb in linux and then goto windows. in windows part it has character problems. how i can solve this.
<uvirtbot> New bug: #366427 in mysql-dfsg-5.0 (universe) "errore segnalato dal sistema, l'ho appena aggiornato" [Undecided,Incomplete] https://launchpad.net/bugs/366427
<pts_> anyone who can provide me with some help with corosync. I've put up corosync.conf (http://pastebin.org/88842), but I get Feb 09 14:57:56 corosync [MAIN  ] parse error in config: No interfaces defined
<pts_> Feb 09 14:57:56 corosync [MAIN  ] Corosync Cluster Engine exiting with status -9 at main.c:918.
<zul> smoser: ping
<smoser> here
<zul> have you seen this bug ? bug 505482
<uvirtbot> Launchpad bug 505482 in euca2ools "euca-bundle-vol dies with "Invalid cert"" [Undecided,New] https://launchpad.net/bugs/505482
<smoser> i hadn't seen it. i'll have to take a look at it.
<Roxyhart0> hi someone has done a samba domain member server?
<zul> smoser: k
<oru_work> hi, how would i extract a gz file ?
<Pici> oru_work: gunzip file.gz
<oru_work> Pici, hmm, i did that now i have a .tar file :)
<Pici> oru_work: you didn't say it was a tar.gz file.  Normally, you would do tar xzvf file.tar.gz   but now you can just do tar xvf file.tar
<oru_work> sorr
<Pici> oru_work: no need to apoligize :)
<oru_work> i keep forgetting the options for tar
<oru_work> what is the difference between these two /etc/php5/apache2/php.ini
<oru_work> /etc/php5/cli/php.ini
<oru_work> ?
<Zider> cli is for commandline php and apache2 is for webserver php, I think
<Jeeves_> Indeed
<oru_work> well im installing this program called vTiger CRM and the installation page tells me this http://pastebin.com/m626cb117
<oru_work> and i have memory_limit set to 128 in /etc/php5/apache2/php.ini
<bigbrovar> hi guys when I try to restart apache am getting the following errors http://pastebin.com/m5af340b7
<TeTeT> what happened to the daily server builds for Lucid?
<Italian_Plumber> good morning.  What is the best way to use USB drives in ubuntu-server, to make insertion/removal simple?
<smoser> jjohansen, ping
<jjohansen> smoser: whats up?
<smoser> https://launchpad.net/ubuntu/+source/linux-meta-ec2
<smoser> that has 2.6.32.301.2
<smoser> which isn't getting 2.6.32-302 linux-image
<savid> Italian_Plumber,  not sure about ubuntu server but in desktop everything works automagically,   so you may want to try and mimic how desktop does it
<smoser> which is what is current now.
<bogeyd6> Question, how were you able to pull from the drive if the drivers would not read it anymore?
<jjohansen> smoser: hrmm, okay.  Sounds like the reference wasn't bumped, will have to make sure it is done for the next kernel update
<bogeyd6> i made the tech team close some old tickets and i get dumb replys
<smoser> jjohansen, well, can we kick it ? everything is based on that getting updated.
<smoser> my build scripts wont get the new version now, unless i manually hack some things.
<jjohansen> smoser: yeah will look at it
<Elad> is there a good program out there that will stop people from attempting to brute force my ssh port? I was thinking about writing a quick php script that would do it, but if there is a better solution I may use it
<smoser> php?
<Elad> I would write a php cron that parsed the most recent log and then would add the person to iptables
<Elad> if they had more than 3 offenses or something
<smoser> take a look at sshguard
<smoser> Elad,
<Elad> thanks, I am looking into it
<Elad> smoser: thanks, I am going to try it out
<uvirtbot> New bug: #517574 in net-snmp (main) "Please backport agent/mibgroup/host/hr_swrun.c to 5.4.1" [Wishlist,Incomplete] https://launchpad.net/bugs/517574
<ZimCS> Hi everyone.  I just build a machine to use as a home server and am using two 500GB drives that I'd like to setup using Raid 1.  When I am doing an install of Ubuntu Server, is there a recommended way I should partition the disks?  Ex: a partition for just the OS, another for users, etc?
<oru_work> how can I change the default character set of a database to UTF-8 using phpmyadmin ?
<jmarsden> oru_work: I'm not sure about phpmyadmin, but from a mysql prompt you can do  ALTER DATABASE mydatabase CHARACTER SET = 'utf8' ;
<jmarsden> ZimCS: Making /home be a separate partition for user data is very common and usually a good idea.  How much more complex than that you get is up to you.
<oru_work> how can I add a folder with its contents to a .zip ?
<oru_work> how can I archive a folder with its contents to a .zip ?
<ZimCS> jmarsden, thanks.  like i said it's only for home use.  at some point maybe host my site when my free hosting runs out
<tottto-drummond> can someone help me to configure properly configure samba here ?
<ZimCS> tottto-drummond: i've done it before, just look on google.  there are lots of good samba help websites
<tottto-drummond> ZimCS I ve tried that option but I can t figure out and understand exactly how to do it
<kirkland> mathiaz: yo!
<smoser> soren, ping
<ehnde> i'm feeling very lost...anyone know of a good tutorial/starting point that i can use to learn about administering a LAMP server and creating dynamic content once i have it set up?
<ehnde> right now i'm following directions on https://help.ubuntu.com/community/ApacheMySQLPHP#To%20install%20the%20default%20LAMP%20stack%20in%20Ubuntu%207.04%20%28Feisty%20Fawn%29%20Ubuntu%207.10%20%28Gutsy%20Gibbon%29%20Ubuntu%208.04%20LTS%20%28Hardy%20Heron%29,%208.10%20%28Intrepid%20Ibex%29,%209.04%20%28Jaunty%20Jackalope%29%20and%209.10%20%28Karmic%20Koala%29
<ehnde> (sorry for the long link)
<guntbert> ehnde: have you seen https://help.ubuntu.com/8.04/serverguide/C/web-servers.html ?
<ehnde> guntbert: no i have not, but that is exactly what i was hoping for
<ehnde> tyvm
<guntbert> ehnde: nice - the serverguide is always a good source - btw there is a version for newer releases too ( s /8.04/9.10/)
<ehnde> oh good! i'm running 9.10
<soren> smoser: wazzup?
<smoser> i think i forgot what i was going to ask. let me think.
<smoser> oh yeah.
<soren> Make something up.
<smoser> how were you planning on figuring out if a newer "base ami" was available for a rebundled image (https://wiki.ubuntu.com/EC2UpgradesSpec)
<soren> Ah.
<soren> To see if it's rebundled, I'd go through the ancestor list and see if any of them are in the /all thing.
<soren> If it is, and it's not the newest one, there's an update available.
<smoser> ancestor list ?
<soren> Yes.
<soren> It's actually what the pseudo code in section 6.2 does.
<soren> Part of an instance's meta-data is its ancestors.
<soren> If you run ec2-bundle-image from within EC2, it'll embed the AMI of the current instance in the new image's meta-data along with the current image's ancestor list.
<smoser> and otherwise the field isn't present
<soren> Since we build everything from scratch, you may never have seen this happen.
<smoser> yeah,, i'd never noticed it.
<smoser> probably not bundle-image, but bundle-volume would do that
<smoser> you have any ideas on a better way ?
<soren> Why?
<smoser> as i dont think we can really rely on that , especially as I suggest people dont use bundle-volume
<smoser> :)
<soren> What do you suggest they use?
<smoser> our tarballs
<smoser> or vmbuilder
<soren> So they'll never be making rebundled images.
<soren> :)
<soren> Simple.
<smoser> i tihnk it is borderline assassin to believe you can bundle up a booted instance.
<smoser> its just going to be filled with gotchas
<soren> People do it /all/ the time.
<smoser> people shoot themselves all the time. it doesn't mean i would recommend it.
<soren> No shit. That's how people make rebundled images. We (and Eric) are the only people crazy enough to always start from scratch.
<soren> s/crazy/anal/, if you please.
<soren> I'd never, ever recommend rebundling either.
<smoser> i know. but eric is publicly suggesting to start with our tarballs.
<soren> Right.
<soren> I just know that people do it.
<soren> ...and this mechanism is meant as a tool for them.
<soren> If people use other means for creating images, we need a different mechanism for telling them about upgrades.
<soren> smoser: Welcome back. :)
<smoser> yeah
<smoser> (/me dropped ... stupid wifi module)
<soren> smoser: What was the last thing you saw?
<smoser> If people use other ...
<smoser> and then i said "i'm thinking that embedding that information in the image might be the right way to do it."
<soren> Ok, then you didn't miss anything.
<soren> Ah.
<soren> What information, exactly+
<soren> ?
<smoser> well, enough to determine what you were, given nothing else.
<smoser> so right now
<smoser> http://paste.ubuntu.com/372722/
<soren> Why will that be any better/different?
<smoser> because unless its deleted it would stick
<Zider> is the /dev/mapper/foo_unformatted entries supposed to go away by themselves after a while?
<smoser> if its deleted, thats an explicit action by the user.
<soren> I don't think I follow.
<smoser> so in that pastebin, there are some "variables" at the top.
<soren> Right.
<smoser> of those, a booted system is able to figure out all bug
<smoser> but
<smoser> spin, release-line (which i woudl jsut assume is 'release'), release name, image type
<smoser> wait, and it can figure out image type
<soren> Right.
<smoser> so i'd put something into /etc/cloud that said "spin=server"
<soren> Ok.
<smoser> i think ih ave to put name in too
<smoser> where name is a serial (YYYYMMDD)
<soren> ok
<smoser> so then, given information in the system you could figure out that there were released images with serials newer than yours
<soren> Right.
<soren> The "spin" thing is new since I wrote that spec, obviously.
<soren> That will inevitably require additional in-image information.
<soren> I think I'm confused.
<soren> :)
<soren> What was the question again?
<soren> My goal back then was to avoid putting anything in the filesystem. Because I could.
<soren> When you say that Eric recommends people use our tarballs, what do you actually mean? Do people download the tarballs, loopback-mount the images, fiddle around, unmount, bundle, upload?
<smoser> soren, yes. http://alestic.com/2010/01/ec2-ebs-boot-ubuntu
<smoser> soren, i guess 'spin' doesn't require it you could make guesses based on presense of a package
<smoser> do you think it reasonable to put that information in.  outside of rebundling, it would allow currency to work for uec
<soren> How would it work for UEC?
<soren> I don't like guessing based on packages.
<smoser> me neither
<soren> I'm sure it will break things.
<smoser> for uec, the booted instance would have access to enough info to figure out if they were using the newest serial for a given suite, spin, arch
<smoser> what do you think will break things ?
<soren> Guessing spin based on packages will break things.
<smoser> yeah
<smoser> outside of an explicit package "uec-server". or "uec-desktop"
<soren> Yeah, the more I think about that, the more ways in which it'll break come to mind. :)
<soren> ..if we're doing that, we might as well put it in a file in /etc/cloud or whatnot.
<soren> Anyhow.. back to the uec thing..
<soren> I don't quite understand, still. Where would it get this information from?
<soren> Err...
<soren> I mean... Where would it look up its currency?
<smoser> it'd look up currency from uec-images (where i plan to put a tree with such data)
<soren> ..but that information maps the suite, spin, arch, etc.-tuple to ami's and such?
<smoser> amis and serial
<soren> Hm... Right, ok.
<smoser> and you canfigure out that yoru serial is < available serial
<soren> Right.
<soren> Ok.
<soren> smoser: On a completely unrelated note, UPS claims my laptop will be here by noon tomorrow, so less than 14 hours from now. w00t! :)
<smoser> wow
<smoser> that $200 got it there faster than the $9
<smoser> :)
<soren> Imagine that :)
<smoser> other unreateld note
<smoser> i got my smart card reader, plugged in card.
<smoser> 'gpg --card-status ' works for root, but not smoser
<smoser> how do you set permissions ? probably thats per-reader udev rules
<soren> Ah.
<soren> gnupg2 ships some udev rules.
<soren> Your reader might not be included.
<smoser> i've never seen gnupg2
<soren> You're very likely using it.
<smoser> well that package was not installed
<smoser> just gnupg
<soren> gnupg-agent?
<smoser> no agent either
<soren> Oh.
<soren> You want that for sure :)
<smoser> i had agent on a remote system, but not laptop
<smoser> well, that didn't magically fix things . oh well.
<smoser> poke at it later.
<Italian_Plumber> This thread http://ubuntuforums.org/showthread.php?p=8800818#post8800818 is server related -- not a "general help" question -- I thought I'd ask if anyone here might take a look at it.  It's an apt-cacher question.
<nitemovz> How do I configure Ubuntu-Server as a Mail Server
<nitemovz> leave
<xperia> hello to all. does anybody know if the package gforge can be installed and hacked on the server like any other package too.
<xperia> I mean if i install gforge do i get the php sources or only the binarys ?
<xperia> I need the php sources to change some things how gforge behave.
<xperia> maybe someone know a full open source simpler alternative to gforge ? how about launchpad ? is this open source ? does something simmilar exist as open source ?
<xperia> okay think have found it. wikipedia has delivered the answer.
<xperia> i need to use fusionforge.
<lifeless> Is it possible to run UEC on a hardy host ?
<thenthenio> which DHCP server package would you suggest me to install?
<thenthenio> which DHCP server package would you suggest me to install?
<uvirtbot> New bug: #507664 in mysql-dfsg-5.1 (main) "package zabbix-server-mysql 1:1.6.4-2build1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Incomplete] https://launchpad.net/bugs/507664
#ubuntu-server 2010-02-10
<uvirtbot> New bug: #519567 in euca2ools (main) "euca2ools does not correctly specify port when $http_proxy is set" [Undecided,New] https://launchpad.net/bugs/519567
<SpaceBass> had a software raid5 array fail yesterday - was a bad disk connection. Fixed the connector and its been rebuilding for over 24 hours - does that sound right?
<uvirtbot> New bug: #519163 in samba (main) "package samba-common 2:3.3.2-1ubuntu3.3 failed to install/upgrade: subprocess post-installation script returned error exit status 3" [Undecided,New] https://launchpad.net/bugs/519163
<sponzor> hi is there any kdump in ubuntu?
<sponzor> hi what to use for crash dump? that it captures kernel panic etc..?
<Roxyhart0> hi somebody know what is automonth for ldap, what is does?
<ja660k> hello, what directory is the php pear modules in?
<smoser> soren, erichammond anyone else who cares: "Query Interface" at https://wiki.ubuntu.com/EC2UpgradesSpec is updated. tree at http://uec-images.ubuntu.com/query/ has info
<smoser> i'm going to bed now.
<uvirtbot> New bug: #519653 in eucalyptus (main) "missing directories on NC after install" [Undecided,New] https://launchpad.net/bugs/519653
<uvirtbot> New bug: #505482 in euca2ools (main) "euca-bundle-vol dies with "Invalid cert"" [High,New] https://launchpad.net/bugs/505482
<uvirtbot> New bug: #519664 in squid (main) "squid FTBFS: dh_installinit: command not found" [Undecided,Confirmed] https://launchpad.net/bugs/519664
<fluvvell> i want to display photos on the screen of a server, and use eog -s -f --display= {second monitor} but don't know the syntax
<fluvvell> any ideas?
<pts_> anyone know if hb_gui is available for CRM (pacemaker-openais CIB manager) in any ubuntu repos?
<_ruben> pts_: according to packages.ubuntu.com, no
<pts_> I hoped it maybe was hidden somewhere :) Anyone knows why it hasnt been added? Using the pacemaker-openais package and wondering even if its compatible in a case a find the sources and want to try to compile it
<Speedy1> www.search2.net
<_ruben> pts_: wouldnt know, i hadnt had a chance to dive into the "new" pacemaker stuff, hell, i even havent had a change to even look into the crm stuff :p
<c0dem4gnetic_> what would a reasonable textmode mail client to use be?
<Jeeves_> mutt
<c0dem4gnetic_> mutt it is then, thanks :)
<pts_> could suggest pine too, but no idea how it compares to mutt
<rossouwap> hi, can anyone give me some info on the KVM -incoming command?
<TeTeT> ttx: is the cloud installation from CD already quite stable, or will it be changed? If not I can start to update the training materials
<ttx> TeTeT: it should be quite stable now.
<TeTeT> ttx: thanks!
<AnAnt> Hello, why did Ubuntu use w3m instead of elinks-lite for building doc for mutt package ?
<jpds> AnAnt: apt-cache showsrc mutt - shows that elinks is used?
<AnAnt> jpds: look at changelog of -5ubuntu1
<jpds> AnAnt: Ask mathias when he's online.
<AnAnt> ok
<pts_> is there any repos with updated pacemaker/corosync and DRBD?
<RoyK> isn't that in the default repo?
<RoyK> or is that just heartbeat?
<pts_> pacemaker 1.0.5, but 1.0.6 is newest I think
<pts_> and corosync is also outdated
<RoyK> outdated as in doesn't work?
 * RoyK still has a Solaris 7 running
<RoyK> s/run/box run/
<pts_> well, maybe. I'm totally new with clustering and it makes it a bit harder when CRM crashes while I follow a howto. When running the command sequence crm configure <enter> property no-quorum-policy=ignore <enter> commit <enter> crm crashes. CIB havent been changed at all before this, just made sure it exists as I expect
<uvirtbot> New bug: #495505 in tomcat6 "server.number reports 6.0.0.0 not 6.0.X.0" [Medium,Triaged] https://launchpad.net/bugs/495505
<uvirtbot> New bug: #427701 in openvpn "OpenVPN client always runs" [Wishlist,Triaged] https://launchpad.net/bugs/427701
<Sorell> hey guys,
<Sorell> does anyone on here know anything about how LTSP uses it's DHCP server
<Sorell> I'm having a bear of a time getting this setup.
<pts_> If I remmeber correctly it uses /etc/ltsp/dhcpd.conf. The "special" options you need are 	filename "/ltsp/i386/pxelinux.0";
<pts_> 	option root-path "/opt/ltsp/i386";
<pts_> you could try #ltsp if you need more help
<Sorell> k
<Sorell> I will give it a try ty
<sabgenton> I want to use cup-lpd
<sabgenton> anyone know the package name?
<dholbach> heya!
<dholbach> is something with php pear known to be broken at the moment?
<dholbach> bug 513765 looks like it
<uvirtbot> Launchpad bug 513765 in php-versioncontrol-svn "Sync php-versioncontrol-svn 0.3.3-2 (universe) from Debian unstable (main)" [Undecided,New] https://launchpad.net/bugs/513765
<sabgenton> oks cups-bsd
<kaushal> hi
<kaushal> i have a issue about Maximum Capacity: 4 GB while running dmidecode,but the actual memory is 8GB on san box. please suggest ?
<sherringham> kaushal: a) Check your BIOS settings (RAM/memory mapping) b) What arch - 32bit or 64 bit kernel? uname -a
<kaushal> 64 bit
<kaushal> 2.6.24-16-generic
<kaushal> sherringham: any clue ?
<sherringham> kaushal: Did you check your BIOS settings?
<kaushal> yes
<sherringham> BIOS sees 8 GB? Some chipsets don't support > 4GB RAM - see if you can find out for sure. Maybe try switching RAM around in the slots ...
<kaushal> sherringham: i was interested in how much RAM my san box would support ?
<kaushal> I mean the Max Total RAM Support
<kaushal> with out trying to contact the manufacturer
<kaushal> is there a way to find out that information ?
<kaushal> from the OS Side
<sherringham> Don't think so - you need hardware/system specs e.g. chipset. If it's Intel or AMD, should be easy to find though - or google.
<sherringham> Normally, the manufacturer will have this information.
<pts_> anyone know why I cant start corosync via the init.d script? Have to run corosync -f to start it
<zul> morning
<pmatulis> anyone heard of apache2 on 8.04 to suddenly stop logging?  this might be happening because of logrotate config
<zul> a new release is a paper cut?
<ivoks> is meeting today or tomorrow?
<zul> pmatulis: ive seen it before the large file becomes too large
<pmatulis> zul: this is the logrotate config if it matters:
<pmatulis> http://pastebin.com/f69bab815
<pmatulis> zul: maybe i should specify a log file size?
<zul> pmatulis: no it should be ok, what if they do the default one?
 * pmatulis looking for default one...
<pmatulis> zul: i'll have them try it
<incorrect> i've had a request to upgrade a 8.04 to 9.10
<incorrect> i am guessing i will have to go via 8.10 and 9.04
<RoAkSoAx> ivoks, today i believe
<Pici> incorrect: yes, you will
<Daviey> zul: My main concern with 5.3 was upstream php switching to default of short tags off.  Just had a look at debian experiment 5.3, and there is a debian/patch that re-enables it.  This will reduce stuff broken, so i am happy.
<zul> Daviey: good
<incorrect> oh i have to edit something to allow me to upgrade from 8.04 to .10
<smoser> command line completion is mostly fixed, kirkland ?
<kirkland> smoser: well, chris added the code upstream, but it's not working just yet
<smoser> like bash completion ?
<kirkland> smoser: yes
<kirkland> smoser: see /etc/bash_completion.d/
<kirkland> smoser: euca_conf with bash completion just uploaded to lucid!
<stgraber> kirkland: do we have anything against running tftpd-hpa as a standalone daemon ?
<stgraber> that's what would cause the biggest delta with Debian
<kirkland> stgraber: as opposed to under inetd?
<stgraber> the rest is basically a two line diff to change the default path and debconf priority
<stgraber> kirkland: yes
 * Daviey tends to deploy tftpd-hpa as a daemon
<stgraber> pushing an updated package to my PPA
<kirkland> stgraber: i don't care much either way, as long as the damn thing starts on boot ;-)
<kirkland> stgraber: most of the documentation in the Ubuntu wiki and server guide talks to running it under inetd
<kirkland> stgraber: we'd just need to ensure that those docs are updated (not hard to do, certainly not a blocker)
<ttx> I agree that changing the location of the tftpboot is a nice killer :)
<ttx> kirkland: btw, I didn't get a copy of your mirror rsync script, could you email/pastebin it to me ?
<kirkland> oh, sure
<kirkland> ttx: http://pastebin.com/f26ee31bd
<kirkland> ttx: you may want to tweak it, but you should get the idea
<ttx> sure, I'll use it as a starting point
<kirkland> ttx: btw, one paper cut down ;-)
<kirkland> ttx: just uploaded euca_conf with bash completion
<ttx> I'll make sure we count it :)
<kirkland> ttx: okay, uploaded iptables/db-deadlock fix for karmic/eucalyptus to ~ubuntu-virt ppa
<kirkland> ttx: updated the bug
<kirkland> nijaba: could you talk to TeTeT and/or laclasse about perhaps helping test?
<nijaba> kirkland: for euca ?
<nijaba> kirkland: url?
<kirkland> nijaba: https://bugs.edge.launchpad.net/ubuntu/+source/eucalyptus/+bug/503180/comments/11
<uvirtbot> Launchpad bug 503180 in eucalyptus "eucalyptus-cloud doesn't reply to requests (eucalyptus doesn't work after reboot or services restart issues due to upstart networking behavior)" [High,In progress]
<nijaba> kirkland: ok, will ask them to test
<kirkland> nijaba: ack, thanks!
<kirkland> nijaba: hopefully this will put the worst karmic/euca bug to bed ;-)
 * nijaba crossing his finger
<nijaba> my fingerS too
<TeTeT> nijaba + kirkland : booting my karmic UEC :)
<kirkland> TeTeT: the package is building in the PPA
<kirkland> TeTeT: should be published any minute now
<TeTeT> kirkland: need to update the systems anyway, they haven't been touched for a while
<kirkland> TeTeT: great, please try to reproduce the bug before you upgrade to the ppa version
<kirkland> TeTeT: i think you can reproduce it easily by rebooting, and seeing that you can't talk to the CLC for a long time (like 10-20 minutes)
<kirkland> TeTeT: at least, that's how I experienced the bug
<kirkland> TeTeT: then, I upgrade the packages, reboot again, and the CLC is up and communicative almost immediately (within 1 minute of login)
<TeTeT> kirkland: will do
<TeTeT> kirkland: I can reproduce it on the training cloud in the datacenter, but I don't have access to it right now
<uvirtbot> New bug: #224828 in nis (main) "NIS demon fails during startup if the roaming mode is turned off" [Low,Confirmed] https://launchpad.net/bugs/224828
 * dholbach tries asking again: is something with php pear known to be broken at the moment? bug 513765 looks like it
<uvirtbot> Launchpad bug 513765 in php-versioncontrol-svn "Sync php-versioncontrol-svn 0.3.3-2 (universe) from Debian unstable (main)" [Undecided,New] https://launchpad.net/bugs/513765
<dholbach> mathiaz, zul: ^
<zul> dholbach: looking
<sarthor> Hi, My pppoe-server is according this url "  http://ubuntuforums.org/showthread.php?t=291926  " and is working, but same username and passwords can connect from several computers, I to solve this problem. example, if username is "username" and password is "passwdd" So serveral clients can connect this  username from same time from several computers, My clients are on my lan, HELP,
<kirkland> TeTeT: okay, amd64 is built
<kirkland> TeTeT: and published
<TeTeT> kirkland: bummer, I only have a 32bit cloud at home
<kirkland> TeTeT: 32 is built too now
<nijaba> kirkland: reproduce 1 --> done, ow updating to current packages (no ppa) to reproduce again, will add ppa afterward
<TeTeT> kirkland: reproducing problem now, will wait for 15 minutes
<kaushal> hi
<kaushal> i am still not convinced about the response i got from ubuntu-server mailing list about dmidecode. please suggest
<kaushal> so what i understand from that email thread is to consult the manufacturer and not dmidecode to know the Maximum Capacity a san box can support ?
<kaushal> am i understanding it correctly ?
<nijaba> kirkland: :( can't reproduce after doing a normal update (without your ppa)
<kirkland> nijaba: hrm?
<nijaba> kirkland: running euca 1.6~bzr931-0ubuntu7.4
<kirkland> TeTeT: you should be able to just wait ~5 minutes
<kirkland> TeTeT: if it's not up by then, your db is wedged
<uvirtbot> New bug: #519904 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.3 failed to install/upgrade: subprocess dpkg-deb --control returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/519904
<TeTeT> kirkland: after 15 minutes it's there
<TeTeT> kirkland: should I do another reboot and test after 5?
<kirkland> TeTeT: right, it takes ~15 to get unwedged
<kirkland> TeTeT: sure, if you like
<kirkland> TeTeT: basically, eucalyptus loses connection to the database
<mathiaz> kirkland: hm bug 519653 - seems that running an NC and a front-end on the same system is working
<uvirtbot> Launchpad bug 519653 in eucalyptus "missing directories on NC after install" [Undecided,New] https://launchpad.net/bugs/519653
<kirkland> TeTeT: due to the changing network configuration
<kirkland> TeTeT: after ~15 minutes or so, the connection gets reset
<kirkland> TeTeT: with the fix, the db connection should be ready immediately on boot
<kirkland> TeTeT: were you able to confirm that you could not talk to the CLC for a feew minutes after boot?
<kirkland> mathiaz: with system mode network, yes, Ng told me as much
<mathiaz> kirkland: oh ok.
<kirkland> mathiaz: i have not tried it
<kirkland> mathiaz: and none of the other, advanced networking modes will work, though
<kirkland> mathiaz: but Ng has documented it on the topologies page in the wiki
<TeTeT> kirkland: yes, could not take to it immediately after boot
<TeTeT> kirkland: bummer, now it is available :(
<TeTeT> right away
<kaushal> checking in again for my query ?
<TeTeT> kirkland: ok, can't reproduce the bug anymore on my UEC here. 2 out of 3 reboots the cloud is responding to 'euca-describe-availability-zones' right awya
<TeTeT> kaushal:  sudo dmidecode | grep "Maximum Total Memory Size"  works for me
<kaushal> TeTeT: yeah i have already done it
<kaushal> TeTeT: shall i pastebin the output ?
<TeTeT> kaushal: afraid I'm not of any more help, that's all I had to offer.
<zul> dholbach: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=546164
<uvirtbot> Debian bug 546164 in php-pear "pear download directory is inherited from the build" [Important,Open]
<kaushal> http://paste.ubuntu.com/373246/
<dholbach> zul: ah ok, I'll see what it's about
<kklimonda> any idea whenever django 1.2 is going to make it to lucid?
<rbrunhuber9729> Can init/upstart start every (cli) application or just daemonized applications?
<kreuter> howdy #ubuntu-server.  can upstart run a service as a non-root user?
<karlheg> kreuter: dpkg --listfiles upstart | less
<karlheg> kreuter, that will show you what files it installed... see if it uses shell scripts to start the services.
<karlheg> kreuter, ps wwwauxf | less
<karlheg> kreuter, You'll see many services running as non-root users.
<kreuter> am I reading you as saying that it's necessary to indirect through a shell script to run as non-root (i.e., the upstart configuration files don't have any special support for it?)
<mathiaz> kreuter: correct - upstart doesn't natively support running programs as a non-root user
<karlheg> RTFM.
<uvirtbot> New bug: #519940 in keepalived (main) "Please merge keepalived 1.1.17-2 from debian testing" [Low,In progress] https://launchpad.net/bugs/519940
<karlheg> ... but it runs as root so it can do anything you program it to do via a shell script. The script can call 'su'.
<karlheg> So, there's no need to put that kind of functionality into upstart itself.
<kklimonda> zul, what is your opinion about django 1.2 in Lucid? I'm asking as you were the one requesting MIR for it. It's still likely to be released in march.
<kreuter> karlheg: sure, of course.  I just couldn't find anything about this by googling, so I figured I'd ask.
<kreuter> karlheg: while I'm at it, which FM did you have in mind?
<zul> kklimonda: i dont have a problem with it it probably wont get into main for lucid though
<karlheg> dpkg --listfiles upstart | grep '/usr/share/\(man\|doc\)'
<karlheg> FM
<kklimonda> zul, so MIR was a one time only? I guess there is no problem then as universe is known not to be perfect anyway :)
<karlheg> man 5 init
<karlheg> man 8 init
<zul> kklimonda: it was rejected for main because it has a poor security track record but no problems with universe
<karlheg> man 8 pizza
<kklimonda> zul, it was? hmm.. was it discussed somewhere after MIR was accepted? I must have missed it.
<zul> kklimonda: MIR was never accepted and wasnt filed because of the security history review done while considering the MIR
<kirkland> TeTeT: nijaba: so are you suggesting that the fix is not necessary for SRU to karmic?
<nijaba> kirkland: no, I am not suggesting this.  I am just saying that I am havig trouble reproducing on my setup today, but that does not mean it does not occur at all
<kklimonda> zul, Are we both talking about python-django? It was promoted to main in karmic.. I'm confused :)
<nijaba> zul: me too am confused...
<zul> kklimonda: yeah i was confused :)
<nijaba> zul: python-django | 1.1.1-1ubuntu1 |        karmic | source, all
<nijaba> python-django | 1.1.1-2ubuntu1 |         lucid | source, all
<zul> kklimonda: march is cutting a bit close for me but submit a bug to launchpad and we'll have a look closer to the day
<nijaba> kklimonda: AFAIK it won't be demoted for lucid, and I don't know of anyone suggesting that we should
<kklimonda> zul, there is already a bug 505440 - the problem is during 1.1 cycle django developers have decided to postpone RC for two or three months after the planned release. The number of opened bugs with milestone set to 1.2 on their tracker is also quite big. Can we just wait and request an exception from FeatureFreeze?
<uvirtbot> Launchpad bug 505440 in python-django "django 1.2 for lucid" [Undecided,New] https://launchpad.net/bugs/505440
<zul> kklimonda: probably ill have to look at it
<smoser> mathiaz, ping.
<mathiaz> smoser: hi!
<smoser> mathiaz, i got an answer elsewhere. you were too slow :)
<TeTeT> kirkland: same here, the latest I saw the problem happening was on the cloud training. I will try to reproduce it there tomorrow
<tolik> ÐÑÐ¸Ð²ÐµÑ Ð²ÑÐµÐ¼.
<smoser> jjohansen, ping
<jjohansen> smoser: whats up
 * smoser knows that jjhohansen really hates it when i piing
<smoser> i'm looking at a mail to ec2ubuntu
<jjohansen> smoser: only if it involves more work :)
<smoser> err, wait
<smoser> not that list.
<smoser> looking for mail
<smoser> https://lists.ubuntu.com/archives/ubuntu-ec2/2010-February/001270.html
<smoser> it looks like there are some broken package dependencies in karmic right now
<smoser> i've just booted the ami in question (ubuntu-karmic-9.10-amd64-server-20091027.1.manifest.xml)
<smoser> then done apt-get update
<smoser> sudo apt-get install linux-ec2 --dry-run
<smoser> The following packages have unmet dependencies:
<smoser>   linux-ec2: Depends: linux-image-ec2 (= 2.6.31.303.3) but 2.6.31.302.2 is to be installed
<smoser> E: Broken packages
<jjohansen> hrmm, yep that looks like broken deps
<smoser> :-(
<smoser> interestingly, though, the broken packages "save" him
<smoser> while nothign bad would happen, installing those new abi kernels is useless as he can't use them.
<smoser> jjohansen, bug 520015
<uvirtbot> Launchpad bug 520015 in linux-meta-ec2 "bad dependencies on karmic linux-ec2, linux-image-ec2" [Undecided,New] https://launchpad.net/bugs/520015
<sponzor> http://pastebin.com/m75d80fca what should be wrong? after this only established connections work. if i try to connect to server on 80 ssh etc.. everyting is denied. and ping from server also? any ideas?
<sponzor> nevermind i got it
<ZimCS> Hey guys.  I am not really new to linux, but usually have the installer partition the drives for me.  This time I would like to do it myself using a software RAID 1 setup.  If I make a boot partition and and apply it to RAID, if disk 1 fails and is removed from the system and the system is rebooted, will drive to be able to boot the system using GRUB?
<alkosmurf> Hi. How do i setup MRTG for Apache2 on Ubuntu-Server edition?
<lifeless> I hear and obey
<kirkland> lifeless: yo
<lifeless> ok
<lifeless> so I had a few teething problems I've filed as bugs
<lifeless> missing directories
<kirkland> lifeless: okay, so i gather you're running everything on a single machine?
<lifeless> missing files
<lifeless> yah
<kirkland> lifeless: yup, yup, i was looking into those
<lifeless> its a karmic desktop (started life as jaunty)
<kirkland> lifeless: i'm surprised you're the first to hit that
<lifeless> kirkland: I'm not
<lifeless> kirkland: there are a bunch of random 'help me' on the web that appear to have the same symptoms I saw at different stages
<kirkland> lifeless: oh, interesting; i wonder how network manager will play with eucalyptus' crazy networking and bridging stuff
<lifeless> NM is disabled
<kirkland> lifeless: nice
<kirkland> lifeless: i'll nail those missing dirs in the packaging
<lifeless> well, I say disabled - told not to touch etho0/br0
<kirkland> lifeless: i just need to figure out which package they belong in, and why others don't hit that problem
<lifeless> sure
<lifeless> I'm happy to purge and retry tests for you once we get it all working ;)
<lifeless> now, networking
<lifeless> iface eth0 inet manual
<lifeless> auto br0
<lifeless> iface br0 inet dhcp
<lifeless>     bridge_ports eth0
<lifeless>     bridge_fd 9
<lifeless>     bridge_hello 2
<lifeless>     bridge_maxage 12
<lifeless>     bridge_stp off
<lifeless> (just under my pastebin threshold :P)
<lifeless> the iface eth0 stanza tells NM to go jump :)
<kirkland> lifeless: okay
<kirkland> lifeless: looks okay to me
<lifeless> my home server is 192.168.1.2, it does DNS and DHCP
<kirkland> lifeless: cool
<kirkland> lifeless: can you set static dhcp leases?
<lifeless> when I installed UEC I told it 192.168.1.100-192.168.1.110
<kirkland> lifeless: okay, and you told your dhcp server not to touch that range?
<lifeless> as 'public addresses', but that seemed silly in hindsight: nothing could get to it
<lifeless> kirkland: yah
<lifeless> it allocates down in the 20's
<kirkland> lifeless: yeah, we should work on that wording
<kirkland> lifeless: sabdfl said he didn't like the wording either
<lifeless> so, given I have 192.168.1.0/24 at home
<lifeless> and complete control
<lifeless> and I don't care what happens above (say) 80
<kirkland> lifeless: okay
<lifeless> what should I have put it ?
<kirkland> lifeless: well, just any range of addresses that eucalyptus can assign to your vm's
<kirkland> lifeless: and not conflict with ips that your dhcp server will dole out
<lifeless> and by assign, it has them dhcp initially on virbr0, and then later on br0 ?
<lifeless> because they seem to end up with my main dhcp server issuing ip addresses to them
<lifeless> they get 192.168.1.100   192.168.1.14   for example
<kirkland> lifeless: grep VNET_MODE /etc/eucalyptus/eucalyptus.conf
<lifeless> MANAGED_NOVLAN
<glphvgacs> hi, apt-get install openssh-server says pkg is not avail. (samba karmic) /etc/apt/sources.list looks fine, I think
<kirkland> lifeless: https://help.ubuntu.com/community/UEC/Topologies
<kirkland> lifeless: your topology is "1 Physical System"
<kirkland> lifeless: see the notes there
<lifeless> ok, so I need to use SYSTEM ?
<kirkland> lifeless: i have never personally installed this topology; it was actually Ng who told me this was actually possible, and added the entry to that wiki page
<kirkland> lifeless: yes, according to Ng;  we might need his assistance to move you along much further
<kirkland> lifeless: otherwise, you're welcome to attempt my suppositions
<jjohansen> smoser: ogasawara updated the linux-ec2 meta package and it should be uploaded soon
<lifeless> ok, well I can switch to SYSTEM in a second now that I know of the 'CLEAN=' upstart parameter
<smoser> jjohansen, so what happened ?
<smoser> it appeared that the meta depended on a newer version that was available?
<kirkland> lifeless: yes, CLEAN=1
<kirkland> lifeless: also ....
<lifeless> kirkland: I'm guessing that the CC is expecting to issue 172.19.1.x addresses to the VM's
<kirkland> lifeless: have you hit a problem where it takes a *really* long time to get your CLC to start responding to requests?
<lifeless> kirkland: god yes
<kirkland> lifeless: yes; the 172.* is the internal addresses that nodes can use to communicate with one another
<lifeless> kirkland: and massive long waits for 'ec2 metadata server' on the console
<kirkland> lifeless: and the 192.* is how external network users talk to the vms
<lifeless> kirkland: and finally when it does come up the key doesn't seem to be on the vm
<kirkland> lifeless: okay, I think have a fix for that
<kirkland> lifeless: it's in the ~ubuntu-virt ppa, or I can give you a 2-line patch to add to your /etc/init/eucalyptus.conf
<kirkland> lifeless: i'd like to SRU this fix, but I'm looking for someone to verify it ;-)
<lifeless> 2-line me baby
<kirkland> lifeless: http://paste.ubuntu.com/373451/
<lifeless> actually what do you mean by CLC to start.. just so that I know we're measuring the same thing.
<kirkland> lifeless: just apply those two lines by hand
<kirkland> lifeless: that's the full debdiff
<jjohansen> smoser: I'm not sure.  This was the first round of updates to ec2 and the arm topic branches, there was a series of updates and the final abi is 304.10 so there was more than one thing missing
<kirkland> lifeless: well, there's a boatload of related problems...  basically, takes a long time for the web interface on 8443 to respond
<kirkland> lifeless: which stems from the fact that the CLC can't talk to the database
<lifeless> ah, no I see the API service timing out
<lifeless> giving permission errors
<kirkland> lifeless: right, i think that's related
<lifeless> and then it will come good
<lifeless> ok
<lifeless> so thats applied
<lifeless> rebooting - clean test for you
<kirkland> lifeless: yeah, so the problem is that the ip connection tracker from iptables is not getting loaded before eucalyptus services come up
<kirkland> lifeless: so network connections established before the network settles get dropped
<lifeless> makes sense
<kirkland> lifeless: eventually (10-20 minutes later), everything resets, and it starts working again
<kirkland> lifeless: those two iptables commands ensure that iptables comes up in time
<lifeless> it'll be a sec before that machine comes back :)
<kirkland> lifeless: no problem
<lifeless> so to fix one-machine installs
<Mack> hi
<lifeless> kirkland: which service embeds the crazy dhcp server?
<tolik> hi
<kirkland> lifeless: the eucalyptus-cc
<kirkland> lifeless: this is the "cluster controller"
<Mack> can anyone help me install the ioncube loaders?
<kirkland> lifeless: nodes are associated with -cc's
<kirkland> lifeless: well, nodes are associated with clusters
<kirkland> lifeless: clusters are controlled by the cc
<kirkland> lifeless: the cc doles out the dhcp addresses to the VMs
<kirkland> lifeless: i *think* this should be disabled, though, when you're in SYSTEM mode
<kirkland> lifeless: i *think* your networking is pretty much on your own, if you're in SYSTEM mode
<lifeless> kirkland: so, to make MANAGED_NOVLAN work with a single machine
<kirkland> lifeless: don't think it can be done
<lifeless> kirkland: I don't see why not, iptables is sex
<lifeless> kirkland: filter dhcp replies that are not from the cc and heading to nodes
 * Mack can't get the ioncube loaders installed no matter what i try
<kirkland> lifeless: i defer to those with more iptables notches in their bedpost
<lifeless> kirkland: I've made a note to try
<lifeless> if I get it happy with something crude I'll let the devs polish it ;)
<kirkland> lifeless: ack
<kirkland> lifeless: okay, so your system is back up now?
<RoAkSoAx> kirkland, Maybe you can help me out. What network management tools are good to monitor networks that implement the UEC and, by any chance, do you have any document on how network have changed to be used in UEC?
<lifeless> kirkland: yes seeing if it hangs like before
<lifeless> kirkland: the ugly hanging I was seeing appears gone
<lifeless> kirkland: \o/
<kirkland> lifeless: nice
<kirkland> RoAkSoAx: docs are all under: https://help.ubuntu.com/community/UEC?action=fullsearch&context=180&value=UEC%2F&titlesearch=Titles
<lifeless> kirkland: so please SRU that :)
<RoAkSoAx> kirkland, thanks :)
<lifeless> whats the bug number
<kirkland> lifeless: okay, i'll upload to -proposed
<kirkland> lifeless: if you could update to that package and ack it at your earliest convenience, that would be shiny
<lifeless> kirkland: sure, drop me a ping when its built in -proposed and I'll do that
<Mack> kirkland: do you know how to install the ioncube loaders with php5?
<lifeless> just on the bug wil be fine, I've subscribed
<kirkland> lifeless: uploaded
<kirkland> Mack: no idea whatsoever
<Mack> :( i cant get this to wrk
<Mack> work*
<lifeless> kirkland: ok, now I get stuck on Waiting for EC2 meta-data service
<lifeless> kirkland: which is I presume another ip routing fail
<kirkland> lifeless: what's sticking?
<kirkland> lifeless: is this running a VM?
<lifeless> yeah
<kirkland> lifeless: okay, we need smoser for that
<kirkland> smoser: ping
<smoser> here
<lifeless> INSTANCEi-40670700emi-E027107D192.168.2.101172.19.1.3running mykey ...
<lifeless> bah copy paste _fail_
<lifeless> smoser: I have a new all-on-one machine UEC
<kirkland> smoser: lifeless is having trouble starting an instance on 9.10
<kirkland> smoser: hanging at ec2 meta-data
<smoser> is the metadata service running?
<kirkland> smoser: what's the bug on that one, and is there a fix, or workaround for Karmic
<lifeless> my nodes are coming up ok, and being given a public ip like 192.168.2.100 and a private lke 172.19.1.2
<smoser> "all-in-one".
<sarthor> Hi, My pppoe-server is according this url "  http://ubuntuforums.org/showthread.php?t=291926  " and is working, but username  and passwords in /etc/ppp/pap_secrete "sarthor9"      *               "99999999" can be used by several clients on the same time from the different computers, how to solve this problem? help
<smoser> what odes that mean?
<lifeless> smoser: I have one physical machine running sc, cc, nc, clc
<smoser> if there is no metadata service (and i think som eof the Eucalyptus modes have no metadata service) than images in karmic will hang waiting for it.
<lifeless> smoser: its a test environment so that I can check a code change I'm making to a EC2 using project to UEC enable it works
<lifeless> smoser: its running in MANAGED_NOVLAN at the moment
<lifeless> how can I tell if the metadata service is running
<smoser> well, reading about that mode http://open.eucalyptus.com/wiki/EucalyptusNetworking_v1.5 and http://open.eucalyptus.com/forum/startup-scripts-vms , it "should" be running
<smoser> but it would appear that it is not.
<smoser> lifeless, what i would suggest, for debugging is:
<smoser> - mount image loopback
<Mack> smoser: you know how to install ioncube?
<smoser> (this is karmic, right)?
<lifeless> kirkland: note that I will need to get MANAGED_NOVLAN working :P
<lifeless> smoser: yes
<smoser> karmic instance
<smoser> right?
<smoser> mount image loopback
<lifeless> karmic on karmic
<lifeless> emi-E027107D specifically
<smoser> modify  /etc/ec2-init/is-compat-env (or remove it -- i think thats the file, i have
<smoser> and put your public ssh keys manually into /root/.ssh/authorized_keys (or /home/ubuntu/.ssh/authorized_keys)
<smoser> umount image
<smoser> upload image, register, boot
<smoser> then, i think that what you will find is that there is no metadata service.
<lifeless> so, the metadata service is 169.254.169.254 8773 ?
<smoser> metadata service is a web service that runs on http://169.154.169.254 forom the guests point of view
<smoser> shouldn't be 8773, should be 80
<smoser> and its per-instance data
<smoser> so each instance has a different world view of that web service
<lifeless> smoser: its dnatted to 8773
<lifeless> I totally agree it should be port 80 :)
<lifeless> PREROUTING
<lifeless> DNAT       tcp  --  *      *       172.19.0.0/16        169.254.169.254     tcp dpt:80 to:169.254.169.254:8773
<smoser> that might be magic
<smoser> idont know.
<lifeless> ok
<lifeless> I'll follow this thread
<smoser> you'd have to see how its configured elsewhere.
<lifeless> I suspect insufficient mangling in iptables
<smoser> but seriously, mount hte image and modify it as i suggested.
<lifeless> will do
<smoser> then you should be able to ssh to it and poke around from inside
<smoser> fwiw, there is a package now https://launchpad.net/ubuntu/+source/cloud-utils that has some scripts to make publishing an image easier.
<smoser> mainly 'uec-publish-image' might be of use. its one command for bundle upload register
<kirkland> smoser: saaaaweeet
<kirkland> smoser: i so need that
<kirkland> lifeless: send along patches, if you have any
<kirkland> lifeless: and, of course, I'll note that the lucid packages are ***far*** better than the karmic ones :-)
<lifeless> kirkland: do they depend on other changes in karmic ?
<lifeless> kirkland: or could I reasonably sensibly snarf eucalyptus-* from lucid?
<kirkland> lifeless: hrm ...  well, there's a few jars and libraries that have been updated
<smoser> lifeless, also, i'm sure that kirkland and i are not the only people that would love to see "all in one system" working
<kirkland> lifeless: so i can't quite recommend that yet
<kirkland> lifeless: and we haven't yet solved the karmic -> lucid euclayptus upgrade path yet
<lifeless> kirkland: so you're going to tease me. Fffffiine
<kirkland> lifeless: well, just saying :-)
<smoser> but then as soon as you get that someone is going to want you to do it with virtual-box, or no-hardware-virt ...
<lifeless> seriously though, I don't care about upgrade
<kirkland> lifeless: and warning not to live-upgrade to lucid yet and expect UEC to work
<lifeless> I can purge the packages and start over, if it is likely to make a different
<lifeless> *difference*
<smoser> i suspect that there is a bug with the metadata service in this setup.
<lifeless> smoser: I'm sure there is, I have money on iptables
<Mack> so nobody here knows how to install ioncube? :(
<lifeless> Mack: I don't even know what it is.
<Mack> lifeless: stupid encoder php devs use so you cant steal their code
<Mack> but the loader required to use encoded files is such a pain to install
<smoser> Mack, sorry , i had no idea what it was either.
<Mack> nobody knows what it is, and the ioncube support site sucks :(
<kirkland> encoding php files sounds like an awful idea; i'll avoid ioncube
<kirkland> lifeless: i can try to push eucalyptus to a karmic ppa and see if it builds, if you like
<kirkland> lifeless: i just haven't even tested the build, so i don't know how deep the rabbit hole goes
<lifeless> kirkland: please!
<lifeless> kirkland: that would rock
<kirkland> lifeless: pushed to ~kirkland ppa for karmic
<smoser> mathiaz, ping
<smoser> https://blueprints.launchpad.net/ubuntu/+spec/server-lucid-aws-client-libraries . i'm not shooting for main inclusion on those, right?
<smoser> ie, its ok for me to build-depend or runtime depend on universe
<kirkland> lifeless: you *might* need a newer euca2ools too
<kirkland> smoser: i doubt we're looking for main inclusions on those libraries
<lifeless> kirkland: you know what to do :)
<kirkland> lifeless: heh
<smoser> you "should not" need a newer euca2ools
<smoser> that is something that actually needs to function, as the api has not changed so we will need to support older euca2ools clients interacting with lucid euca
<lifeless> whats the poll frequency on the wait-for-metadata thing
<kirkland> lifeless: euca2ools karmic build pushed to same ppa
<lifeless> kirkland: thanks
<kirkland> smoser: oh
<kirkland> lifeless: okay, you might not need newer euca2ools
<lifeless> I won't install it until it appears obvious that its needed ;)
<uvirtbot> New bug: #520058 in mysql-dfsg-5.0 (universe) "package mysql-server 5.0.67-0ubuntu6 failed to install/upgrade: subprocess pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/520058
<smoser> lifeless, i think it tries, waits for 2*N seconds, adds one to N, tries again.
<smoser> something like that.
<smoser> it will timeout in an hour or so, or maybe half a day
<smoser> its painful
<kirkland> smoser: jeebus
<kirkland> smoser: that sucks
<smoser> yeah. soren copied the boto author on that.
<lifeless> so, ipv6 for uec ? :)
<kirkland> lifeless: i think it supports both
<kirkland> lifeless: kinda
<lifeless> uses dnsmasq, which doesn't do ipv6  ;)
<kirkland> lifeless: tries to, anyway
<lifeless> kirkland: did you see my http_proxy bug ? kinda fun
<kirkland> lifeless: not yet
<lifeless> on euca2ools
<_lance_> i seem to have hosed my system with a careless apt-get install. any easy way to revert a bunch of packages to hardy? i've been doing a few by dpkg -i, but there's dozens to go.
<bwallen> My machine sounds like it's constantly powering off and on my second hard drive. What causes this?
<lifeless> kirkland: is there a document somewhere that describes /what/ euca does with networking as nodes come up or down?
<lifeless> or should I just finish reverse engineering it?
<Sorrel> :/
<Sorrel> hey guys
<Sorrel> I'm having an issue setting up dhcp
<Sorrel> server
<Sorrel> on my 9.10 box.
<Sorrel> I have installed dhcp3-server
<Sorrel> but it comes up and says that it can't start
<Sorrel> I'm setting this up on a small local network
<Sorrel> any suggestions?
<Spanglish_7776> sorrel, have you tried to configure it?
<Sorrel> I have edited the dhcpd.conf
<Sorrel> file
<Sorrel> still fails
<Sorrel> to start
<Sorrel> and I can't seem to find the log file
<Spanglish_7776> did you check the error log? (possibly syslog)
<Spanglish_7776> maybe syslog.
<Spanglish_7776> /var/log/syslog
<Sorrel> cd /var/log/syslog
<Sorrel> err
<Sorrel> sry
<Spanglish_7776> cd /var/log
<Spanglish_7776> vi or nano syslog
<lifeless> don't use vi on syslog, has a tendancy to rename files if you edit by mistake :)
<lifeless> less /var/log/syslog
<Spanglish_7776> or tail ;)
<lifeless> anyhow, dhcpd logs to daemon.log, I think
<Sorrel> is there a place that I can upload this too?
<Spanglish_7776> hmm
<Sorrel> nvr mind
<Sorrel> looking at the file right now.
<Sorrel> it's a little overwhelming :)
<Spanglish_7776> try to start dhcpd and then check the end of the file
<Sorrel> k
<lifeless> kirkland: all working
<lifeless> kirkland: starting documentation now
<Sorrel> Not configured to listen on any interfaces!
<Sorrel> that's what I'm getting in the tail end of the log file
<Sorrel> :/
<Spanglish_7776> 1 sec
<Sorrel> :)
<Sorrel> googleing now
<Spanglish_7776> http://www.ubuntugeek.com/how-to-install-and-configure-dhcp-server-in-ubuntu-server.html
<Spanglish_7776> give that a go, ubuntugeek has been invaluable to me.
<Sorrel> thanks I will take a look
<Spanglish_7776> Sorrel: INTERFACES=âeth0â³ may be your fix
<Spanglish_7776> where eth0 specify your interface (usually eth0, but verify)
<Sorrel> I have a 1 and a 0
<Sorrel> it was complaining on the install that I only had one NIC
<Sorrel> so I put in another and then did the install
<Sorrel> ( LTSP from the alt CD )
<Spanglish_7776> hmm
<Sorrel> the documentation is really ambiguious for LTSP
<Sorrel> btw
<Spanglish_7776> which one is the active interface, eth0 or 1?
<Spanglish_7776> you're trying to get LTSP going?
<Sorrel> yeah
<Sorrel> um
<Sorrel> I guess 1 would be
<Spanglish_7776> what I mean is, which interface is plugged into the network where dhcp is going to be used.
<Spanglish_7776> i wonder why you need two intefaces.
<Spanglish_7776> interfaces*
<Sorrel> IDK
<Spanglish_7776> Sorrel, you using ubuntu?
<Sorrel> it doesn't say
<Sorrel> yes
<Sorrel> well it's from the alternatives CD
<Sorrel> but yeah
<Sorrel> 9.10 I think
<Spanglish_7776> ltsp iso, gotcha
<Sorrel> yeah
<Sorrel> all sorts of issues
<Sorrel> :(
<Spanglish_7776> yea, a few years ago, I got it going but didn't really utilize it. it was a pain, that is for sure.
<Spanglish_7776> hmm.
<Spanglish_7776> Sorrel: on the dhcpd.conf, you specified an INTERFACES="eth1" and tried again?
<Sorrel> yeah gives me
<Sorrel> No subnet declaration for eth0 (10.42.43.11).
<Sorrel> Feb 10 16:40:53 ubuntu dhcpd: ** Ignoring requests on eth0.  If this is not what
<Sorrel> Feb 10 16:40:53 ubuntu dhcpd:    you want, please write a subnet declaration
<Sorrel> Feb 10 16:40:53 ubuntu dhcpd:    in your dhcpd.conf file for the network segment
<Sorrel> Feb 10 16:40:53 ubuntu dhcpd:    to which interface eth0 is attached. **
<Sorrel> no idea what's happening
<lifeless> you haven't configured it with a range that is to be served out on eth0
<Spanglish_7776> yep, looks that way.
<Sorrel> do I have to specifiy that in /etc/dhcp3/dhcpd.conf ?
<Sorrel> what's in there now
<Sorrel> ddns-update-style none;
<Sorrel> #option domain-name-servers 145.253.2.75, 193.174.32.18;
<Sorrel> default-lease-time 86400;
<Sorrel> max-lease-time 604800;
<Sorrel> authoritative;
<Sorrel> subnet 192.168.0.0 netmask 255.255.255.0 {
<Sorrel>         range 192.168.0.200 192.168.0.229;
<Sorrel>         option subnet-mask 255.255.255.0;
<Sorrel>         option broadcast-address 192.168.0.255;
<Sorrel>         option routers 192.168.0.1;
<Sorrel> }
<mathiaz> !paste | Sorrel
<ubottu> Sorrel: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<Sorrel> ( is it okay to cp that much into the chat window?
<Sorrel> kk
<Sorrel> ty
<Spanglish_7776> http://paste.ubuntu.com/
<Sorrel> http://paste.ubuntu.com/373512/
<Roxyhart0> i i have a question. can i just move a ldap certificate form a server to another i mean without create again?
<Spanglish_7776> Sorrel: ifconfig, is your eth0 on the 192.168.0.0 subnet?
<Sorrel> no
<Sorrel> it seems to be completely ignoring that file
<Sorrel> http://paste.ubuntu.com/373515/
<Sorrel> there's my ifconfig
<Spanglish_7776> ah, I don't think dhcpd likes that.
<Sorrel> :(
<Spanglish_7776> you're specifying 192.168.0.0/24 and you have a different subnet alltogether
<Spanglish_7776> do you know how to configure the IP for the second NIC? eth1
<Sorrel> no
<Sorrel> been trying to figure it out
<Sorrel> :/
<Spanglish_7776> http://www.ubuntugeek.com/ubuntu-networking-configuration-using-command-line.html
<Spanglish_7776> shows you how to set the ip via command line
<Sorrel> ty
<Spanglish_7776> but
<Spanglish_7776> are you on the physical machine? (the one you're trying to configure ltsp on)
<Sorrel> yes
<Sorrel> do I need to get off it?
<Spanglish_7776> no  do this, plug in the second NIC(eth1) and
<Spanglish_7776> follow the instructions and use eth1 instead of eth0
<Sorrel> k
<Sorrel> that page really doesn't want to pull up for me
<Spanglish_7776> 1 sec
<guntbert> Sorrel: try again
<Spanglish_7776> http://paste.ubuntu.com/373520/
<Sorrel> ty
<Spanglish_7776> hope you're familiar with vi.
<Spanglish_7776> you can substitute nano if you want to.
<Sorrel> I like nano a good bit better :)
<Spanglish_7776> use nano (me too)
<Spanglish_7776> brb
<Sorrel> k
<Roxyhart0> hi can i use a ldap certificate from a difirent server, i mean move it?
<kirkland> bug 518911
<uvirtbot> Launchpad bug 518911 in cloud-utils "[MIR] cloud-utils" [Undecided,New] https://launchpad.net/bugs/518911
<Sorrel> Roxyhart0,  have you tried copying the file from the old server onto the new one
<Sorrel> ?
<uvirtbot> New bug: #520116 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu5 failed to install/upgrade: subprocess new pre-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/520116
<Sorrel> IDK if it will work
<Sorrel> but you could try it.
<Roxyhart0> hi Sorrel...no yest, it is just copy that?
<Sorrel> no idea
<Sorrel> but it seems like it could work
<Sorrel> that's going from the assumption that linux treats everything like a file
<Sorrel> ( which it does )
<Roxyhart0> i will try
<Sorrel> if you could get a server setup and put the file in the right place
<Sorrel> you may have to edit some config files as well.
<Sorrel> Spanglish_7776: I think I got it to work
<Sorrel> be back in a sec
<lifeless> kirkland: success
<kirkland> lifeless: \o/
<lifeless> https://help.ubuntu.com/community/UEC/Topologies#preview
<kirkland> lifeless: do you have a list of hacks required?
<lifeless> kirkland: no hacks
<lifeless> kirkland: the PackageInstall instructions created a bad config
<lifeless> because eucalyptus is a tad redundant with the live system config, changing that config means you need to also change eucalyptus - specifically putting stuff onto br0 not eth0
<Ng> lifeless: did you get your one-machine setup going?
<lifeless> Ng: yes
<lifeless> easy once I finished reverse engineering what it was doing
<lifeless> Ng: I've rewritten the one machine topology notes
<kirkland> lifeless: cheers, thanks
<kirkland> Ng: i'm curious why the Bug:123456 works on wiki.ubuntu.com, but not on wiki.ubuntu.com/community ?
<lifeless> kirkland: no probs; let me know if anything is unclear. I'm happy to write more prose if you want.
<kirkland> Ng: are they different instances?
<kirkland> lifeless: thanks for documenting; i might bust those config instructions out to a separate page, and link to it from the Topologies page
<lifeless> kirkland: pretty sure they are, yeah.
<mathiaz> kirkland: are you still doing testing with tamarind?
<kirkland> lifeless: just to keep the Topos page simple
<lifeless> kirkland: sure
<kirkland> mathiaz: i've been side tracked; i need to run the tests on the current Topo/install
<lifeless> kirkland: I'm going to blog as well I think
<kirkland> lifeless: thanks for doing in any case
<kirkland> lifeless: please do ;-)
<mathiaz> kirkland: ok - do you plan to reinstall soon?
<kirkland> mathiaz: let me kick the test ...
 * kirkland puts everyone else on pause
<mathiaz> kirkland: I'd like to test the new code I added for installation
<kirkland> mathiaz: how long does your tests take to run?
<mathiaz> kirkland: I don't want to *reinstall* the UEC now
<kirkland> mathiaz: oh
<mathiaz> kirkland: just test that the layout on tamarind is correct
<kirkland> mathiaz: okay, i won't be reinstalling now
<mathiaz> kirkland: great - thanks
<kirkland> mathiaz: http://pastebin.ubuntu.com/373535/
<mathiaz> kirkland: hmm - twisted is not installed on tamarind
<mathiaz> kirkland: hm wait
<mathiaz> kirkland: where did you run that command?
<lifeless> is there a simple way to get the root user enabled in the UEC images?
<kirkland> mathiaz: kirkland@tamarind:~/uec_testing/testing$  ./uec_test.py -c config_single.yaml
<mathiaz> kirkland: right - you can't run the test on tamarind
<kirkland> mathiaz: oh, i need to be on the CLC
<mathiaz> kirkland: because the euca2ools commands are not there
<mathiaz> kirkland: yop
<mathiaz> lifeless: hm - we're really trying to avoid the use of the root account on UEC images
<Ng> lifeless: I'm curious now what I did to make it work. I wasn't really making notes at the time
<Ng> kirkland: as far as I know they're the same wiki
<Ng> lifeless: ah yes, I set my bridge up identically to how you've done it. The only difference is I didn't bother even trying MANAGED_NOVLAN, I just went for SYSTEM so the nodes would appear as any other machine on my LAN
<lifeless> mathiaz: you may be trying to avoid it, but umpteen million third party tools assume it is where the key is loaded when you use EC2
<Ng> I hope you have something significantly more useful to do with you local cloud than I do. I only really set it up to see if I could ;)
<lifeless> Ng: making Hudson run with UEC
<lifeless> which it looks like it would, if root was usable.
<mathiaz> lifeless: what do you mean by the key is loaded?
<lifeless> euca-run-instances -k mykey emi-E027107D
<lifeless> installs a ssh key to use to log into the machine and $do $stuff
<mathiaz> lifeless: if you use the ubuntu account instead, you'll have passwordless sudo
<lifeless> mathiaz: yes, but that means changing about 4 layers of code and writing a UI to say 'use the ubuntu account and do sudo'
<mathiaz> lifeless: right - the root account is disabled in the Ubuntu images - instead use the ubuntu account with sudo
<lifeless> mathiaz: which is _not_ the same as EC2
<dasunsrule32> I am having a grub issue I believe, I cannot boot into the system. I have a seperate part for /boot on /dev/sda5, / is /dev/sda6. How can I go about getting this to boot again?
<mathiaz> lifeless: well - it's not the same as the images published in EC2
<lifeless> right
<lifeless> thus it gets in the way of 'seamless transition'
 * lifeless whinges some more
<TrickFinlay2> clear
<TrickFinlay2> ooops sorry
<mathiaz> lifeless: right - we had that discussion at the very begining
<lifeless> mathiaz: can one take the AMI's from EC2 and just use them ?
<mathiaz> lifeless: on one hand there is the Ubuntu policy that says: not root account enabled by default
<mathiaz> lifeless: OTOH there is the fact that EC2 images are run with the root account by default
<mathiaz> lifeless: yes
<lifeless> mathiaz: I can see the rationale, I'm just expressing my displeasure at the time and effort it is costing me; and the suspicion I have that it will add this cost and overhead to many other users too
<mathiaz> lifeless: it's an issue with the image itself and its sets itself up
<mathiaz> lifeless: running an unmodified EC2 EMI should work
<mathiaz> lifeless: *porting* an application to run on an UEC image requires some work
<lifeless> mathiaz: This means that you can't seamless transition though: when you exceed UEC capacity you need to move to a different image to spill onto EC2
<lifeless> mathiaz: thats the bit I have trouble understanding why we did this
<mathiaz> lifeless: not really - the image that is running on UEC can be rebundled to EC2
<mathiaz> lifeless: the part that sets the ssh key for the root|ubuntu account is done by the image itself
<lifeless> sure, if you weren't using vanilla images
<lifeless> mathiaz: yes, I am aware of that, it looks it up in the 16KB user data region or thereabouts.
<TrickFinlay2> if I want to install JeOS from my 9.10 CD, is it F4 -> OEM install?
<lifeless> mathiaz: given that UEC lives behind a firewall, I don't really see that avoiding root is really important.
 * lifeless adds this to his blog post
<mathiaz> lifeless: well - it's a policy in Ubuntu to not enable the root account by default
<lifeless> then the EC2 Ubuntu images should not enable it either ;)
<mathiaz> lifeless: whether you're behind a firewall or not is irrelevant here
<mathiaz> the EC2 Ubuntu images don't have the root account enabled by default
<lifeless> mathiaz: I think it is relevant, because the policy exists to solve specific problems, not as a fait accompli
<lifeless> TrickFinlay2: its ubuntu-vm-builder these days
<lifeless> TrickFinlay2: there is a wiki page about it.
<dinda> sommer: ping - you around?
<mathiaz> lifeless: hm - I'm not sure I get your point
<mathiaz> lifeless: none of the products in Ubuntu have the root account enabled by default
<mathiaz> lifeless: we decided that images published to EC2 and for UEC should behave the same way as any other Ubuntu product
<lifeless> mathiaz: I thought based on your earlier comment that the Ubuntu official EC2 AMI's put the supplied key into the root account
<mathiaz> lifeless: oh no - I don't think so
<lifeless> mathiaz: if they don't, then thats fine, its not a difference
<mathiaz> lifeless: I didn't not express myself correctly
<lifeless> still annoying to find bugs where folk assume it goes into root on EC2, but not unique to UEC in that case
<erichammond> lifeless: http://alestic.com/2009/04/ubuntu-ec2-sudo-ssh-rsync
<mathiaz> lifeless: yes - that's one of the difference the Ubuntu images and other images
<erichammond> lifeless: If you ssh to root@ on an official Ubuntu image on EC2, it prints out a message pointing you to use ubuntu@ instead.
<mathiaz> lifeless: you'd have to adapt your deployment/configuration scripts to use the ubuntu account when you deploy to an Ubuntu image
<lifeless> mathiaz: yeah
<lifeless> erichammond: thanks
<erichammond> lifeless: In the above article I also describe one command which can enable the root ssh if you really want to use the EC2 standard instead of the Ubuntu  standard.
<erichammond> I don't think I've been excommunicated yet for listing that.
<lifeless> As I need to change third party code anyhow
<jMyles_> I'm interested in using subversion on my ubuntu-server, but I don't know where to begin.
<lifeless> I'm just going to teach it how to use an arbitrary username
<lifeless> and a command prefix when running admin code
<erichammond> lifeless: The older community Ubuntu AMIs I published used ssh to root@ because I didn't think I could as an unknown individual sway the EC2 community to adopt the Ubuntu standard, but when Canonical started publishing AMIs, I encouraged them to do it the consistent (Ubuntu) way.  It did require a lot of back and forth and a compromise with passwordless sudo, but I am happy with the result.
<lifeless> ok
<lifeless> I was semi ranting because of the wrong end of the stick; I thought we were publishing UEC images differently to EC2 ones.
<lifeless> *that* would be very hard to justify
<lifeless> now I'm totally happy (though still with code changes to make to get this thing working)
<erichammond> lifeless: Not only is the behavior the same with EC2 and UEC, but the images themselves are exactly the same, except for the kernel.
<erichammond> lifeless: Can you share what product you're working on?
<lifeless> hudson-ci.org
<lifeless> moving the dx team test environment into the internal UEC instance once that comes online
<sherringham> jMyles_ : Google? https://help.ubuntu.com/9.10/serverguide/C/subversion.html
#ubuntu-server 2010-02-11
<uvirtbot> New bug: #520170 in mysql-dfsg-5.0 (universe) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.2 failed to install/upgrade: corrupted filesystem tarfile - corrupted package archive" [Undecided,New] https://launchpad.net/bugs/520170
<lifeless> hoo-ah
<uvirtbot> New bug: #360975 in ufw "Please add nf_conntrack_pptp and nf_conntrack_netbios_ns to IPT_MODULES" [Wishlist,Confirmed] https://launchpad.net/bugs/360975
<lifeless> ugh
<lifeless> sun-dlj-v1-1 license could not be presented :(
<genii> lifeless: On some automated install?
<lifeless> genii: yeah, UEC node
<lifeless> got the workaround though, thanks to persia
<robj> hello folks
<robj> anyone here a likewise open expert?
<Roxyhart08> hi how i can avoid this error:  Failed to issue the StartTLS instruction: Protocol error
<Roxyhart08> ?
<uvirtbot> New bug: #520234 in samba (main) "package samba 2:3.4.0-3ubuntu5.4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 100" [Undecided,New] https://launchpad.net/bugs/520234
<Spanglish_7776> anyone install openfire successfully on 9.10-server?
<uvirtbot> New bug: #520241 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu5 failed to install/upgrade: subprocess new pre-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/520241
<uvirtbot> New bug: #520253 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu5 failed to install/upgrade: subprocess new pre-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/520253
<wqkejwqeiqwojewi> !ops
<wqkejwqeiqwojewi> ubuntu sucks cock
<maxagaz> hi
<maxagaz> i have a fail2ban (only this) set on a server, then I try to open a port xx for a given machine on it (iptables -D INPUT -p tcp --dport xx -j ACCEPT), but it still appears as filtered, can someone help me with this issue ?
<lifeless> kirkland: I've filed the wishlist bugs as per you asking me too :)
<Roxyhart08> any doc to configurate a good mail server?
<uvirtbot> New bug: #520270 in eucalyptus (main) "Support SSL for web services" [Undecided,New] https://launchpad.net/bugs/520270
<uvirtbot> New bug: #520076 in mysql-dfsg-5.1 (main) "the update of mysql-server is defect, after this update, my mysql-server is broken (dup-of: 153868)" [Undecided,New] https://launchpad.net/bugs/520076
<Roxyhart08> somebody know how is created slapd.keytab?
<uvirtbot> New bug: #520269 in eucalyptus "support root-based web service URL's" [Wishlist,Confirmed] https://launchpad.net/bugs/520269
<Roxyhart0> hi i am setting a PDC and in log.smbd i got this error: failed to bind to server ldap://localhost with dn="uid=admin,dc=rx,dc=au" Error: Invalid credentials the password is ok. any idea please?
<twb> Roxyhart0: how do you know the password is OK?
<Roxyhart0> because i did the ldap configuration
<twb> So you have no evidence
<Roxyhart0> also when i do ldapsearch or aldapadd i use the same password
<twb> Use ldapsearch and bind with that DN and password
<twb> Does it work?
<Roxyhart0> i think yes it work
<twb> You "think"?
<Roxyhart0> work
<Roxyhart0> i just did
<twb> Then samba is doing something different to what you're doing, I guess.
<twb> You could try checking the slapd logs, and try increasing slapd's verbosity
<Roxyhart0> ok
<Roxyhart0> whic level is better? 4 ?
<twb> That question is not meaningful.
<Omahn> What's the recommended way of upgrading from 8.04 LTS to 10.04 LTS alpha? Updating sources and then dist-upgrade?
<sbeattie> do-release-upgrade --devel-release *should* do the right thing.
<Omahn> sbeattie: So it does, I'm impressed :-)
<Omahn> Fingers crossed....
<sbeattie> awesome! thanks for trying out lucid pre-release.
<Omahn> Just testing the upgrade process at the moment :-)
<uvirtbot> New bug: #520335 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu5 failed to install/upgrade: subprocess new pre-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/520335
<Roxyhart0> hi twb you was right i was using uid=admin instead cn=admin. however i dont know why in the log event the clients machine still are looking for uid=admin because i delete tdbs and restart again samba
<twb> Roxyhart0: I nearly pointed that out
<twb> Roxyhart0: but since you said it worked with ldapsearch, I assumed you meant to
<Roxyhart0> yes, but i didnt see that i wrote cn when i did ldapsearch
<Roxyhart0> but i dont know why sleep the clients ar elooking for uid=admin
<twb> When you're testing, you should be copy-and-pasting, rather than retyping
<Roxyhart0> yes
<Roxyhart0> thas right
<uvirtbot> New bug: #520339 in mysql-dfsg-5.0 (universe) "package mysql-server 5.1.30really5.0.75-0ubuntu10.2 failed to install/upgrade: subprocess pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/520339
<Callum__> hehe, configuring Dell PowerEdge 1800 servers with Ubuntu Server 9.10 for a radio startion
<Callum__> station*
<Nitemovz> Hello all, I am trying to figure out how to setup an e-mail server using LDAP authentication as well as web-based e-mail using the LDAP
<Nitemovz> can anyone help with this?
<Roxyhart0> question, i am configuatin my pdc. sould i join my pdc to ldap?
<uvirtbot> New bug: #520371 in samba (main) "package samba-common 2:3.3.2-1ubuntu3.3 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/520371
<Nitemovz__> Can anyone point me in the correct direction for LDAP setup and configuration tutorials?
<_ruben> Nitemovz__: i'd guess the ubuntu server guide would be a decent start
<Nitemovz__> I am working on setting up a network for a company I am starting of Software Developers, and I have heard that LDAP is the easiest way to go. I am reviewing the Ubuntu Server guide, and it really is not explaining much
<Nitemovz__> I also need to know how to use a validation from a Website using LDAP validation, and pass that into a webmail client.
<Roxyhart0> hi i can get SID for my PDC, getting this error: Can't fetch domain SID for name: DOMSERVR
<Roxyhart0> any idea
<alvin> Nitemovz__: I have no experience yet, but I can tell you that the ubuntu server guide is outdated for Karmic+ldap. What version of Ubuntu are you using?
<Roxyhart0> i am getting this log error bdb_equality_candidates: (associatedDomain) not indexed any idea please?
<koolhead11> hello all.i am in middle of an issue while setting up apt-mirror, help needed
<koolhead11> t143@t143-desktop:/var/log$ apt-mirror
<koolhead11> apt-mirror: can't chdir to skel at /usr/bin/apt-mirror line 320. This is the error am getting.
<sergevn> Hi
<sergevn> anyone has mod_fcgid for apache running on 64bit?
<sergevn> haryd
<sergevn> hardy*
<philsturgeon> installing postgresql and it errored on start during/after install
<philsturgeon> when i /etc/init.d/postgresql-8.4 start i get...
<philsturgeon> http://pastie.org/819782
<sergevn> apache 2.2 that is.
<philsturgeon> sergevn: if that was to me, i might need a little more spoon-feeding
<maxagaz_> how to get the username from the uid ?
<twb> getent passwd 0
<twb> Assuming GNU/Linux
<pts_> anyone know why /etc/init.d/corosync wont run? sudo corosync -f works like it should
<Omahn> pts_: Any error message? Are you running /etc/init.d/corosync as root or with sudo?
<pts_> I found it out, had to set YES in /etc/default/corosync
<pts_> Read tons of documentation about clusters, but nothing that mention that one :)
<Omahn> :-)
<Omahn> pts_: If you haven't spotted this it's worth a read
<Omahn> https://wiki.ubuntu.com/ClusterStack/LucidTesting#Pacemaker,%20drbd8%20and%20OCFS2
<pts_> Read it, but was actually looking for that page, thanks :)
<Omahn> np :)
<pts_> but the corosync file in etc/default should've been mentioned there
<Omahn> pts_: You're right, it doesn't mention it does it. Feel free to add it.
<philsturgeon> anyone know what could stop postgresql from starting? http://pastie.org/819782
<Omahn> philsturgeon: Is another process already listening on that port?
<philsturgeon> Omahn: nope i checked netstat and nothing there
<philsturgeon> Omahn: and, ping localhost is fine so not the other common error
<Omahn> Running postgresql as non-root?
<philsturgeon> Omahn: im a root user
<Omahn> What release are you running on?
<kwork> whats up with bacula and ubuntu, even karmic seems to have only 2.4x version
<philsturgeon> Omahn: 9.10 its a fresh cloud install
<kwork> even thou there is 3.x and 5.x present already
<Omahn> philsturgeon: On ec2/eucalptus/local disk?
<philsturgeon> Omahn: rackspace cloud
<Omahn> Is it default configuration for postgres or have you tweaked any of the config? (I'm just looking at recreating it here)
<philsturgeon> Omahn: just installed it
<philsturgeon> literally, apt-get install postgresql and it errored on starting
<Omahn> philsturgeon: Ok, I'll just updating my box then I'll give it a spin here.
<Omahn> *I'm just
<philsturgeon> Omahn: thanks :)
<lifeless> check via lsof :)
<lifeless> night
<Omahn> philsturgeon: ^^^ that's worth trying while we wait for my box to update.
<philsturgeon> Omahn: upgrade didnt help :(
<philsturgeon> updated lots of packages then same error lol
<Omahn> Have you rebooted the machine since getting that error message?
<Omahn> philsturgeon: Postgresql just installed and run first time on my test machine I'm afraid.
<philsturgeon> Omahn: i'll try
 * Omahn heads off for lunch
<philsturgeon> Omahn: it still doesnt work :'(
<philsturgeon> Omahn: enjoy lunch, thanks for trying
<sabgenton>  sudo cat file > /dev/lp0
<sabgenton> -bash: /dev/lp0: Permission denied
<sabgenton> :(
<uvirtbot> New bug: #520431 in samba (main) "package samba-common 2:3.3.2-1ubuntu3.3 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/520431
<Omahn> Is it no longer possible in 10.04 to have a 'noisy' boot by removing quiet and splash from the kernel options? (This is 10.04 upgraded from 8.04)
<KurtKraut> Omahn, just for checking: are you aware that 10.04 should be not used in production servers before its final release, right?
<Omahn> KurtKraut: I am aware, yes. We're just testing 10.04 (including the upgrade process) as I suspect it will be much easier to fix things now rather than later. :-)
<KurtKraut> Omahn, ok
<sergevn> philsturgeon: jokerrr
<sergevn> philsturgeon: please join #diss.
<ivoks> Omahn: have you tested gfs2/ocfs2 with pacemaker?
<Omahn> ivoks: Afraid not. I can give it a try either later today or tomorrow. Just trying to get 10.04 to boot after upgrading from 8.04.
<Omahn> Looks like upstart is in a loop but I can't get a shell to debug...
<GeorgeJ> Hello
<ivoks> Omahn: ok
<GeorgeJ> I seem to have some issues with my mysql server. When doing a mysql_connect in php, it says /var/run/mysqld/mysqld.sock does not exist. However, it does, I've tried switching off SElinx and apparmour, rebooted, restarted the mysql service, apache, did an apt-get upgrade. Nothing seems to be working.
<GeorgeJ> The permisions for mysqld.sock are allright. Nothing seems to be wrong, yet still it is not working
<ivoks> did you install php5-mysql?
<GeorgeJ> I have LAMP and phpmyadmin installed for quite a while now. It worked up untill now. It stopped working all of a sudden
<ivoks> disk full?
<GeorgeJ> No by a longshot
<GeorgeJ> The mysql socket is on a varrun filesystem, which has over 500Mb available
<GeorgeJ> And all the other mounted paritions have over 20% free space
<ivoks> and cli mysql client works without problems?
<GeorgeJ> aye
<ivoks> how about php cli?
<GeorgeJ> Hmm, lemme check, want me to run it as www-data or root?
<ivoks> as root
<GeorgeJ> Uhm, everything seems to be magicaly working now
<GeorgeJ> Gonna do another fast reboot, see it'll still work, I'll come back if theres still problems, thanks for your help!
<Fenix|work> Greetings and salutations
<Fenix|work> Quick question.  How do I change ubuntu-server's update option... at install you have 3 choices of manual, critical and another option.
<ivoks> depending on that choice, installer installed some packages
<ivoks> so, correct question is - how do you want upgrades to be installed?
<Fenix|work> I picked the middle one.
<Fenix|work> the 'automatically install critical updates'
<ivoks> and you want to do that manually now?
<Fenix|work> yes
<ivoks> go to /etc/apt/
<Fenix|work> yep
<Omahn> /etc/apt/apt.conf.d/50unattended-upgrades
<ivoks> there should be apt.conf.d
<ivoks> sorry i was on the phone
<Omahn> Comment out the lines for the origins you don't want to be automatically upgraded.
<ivoks> or remove it
<Fenix|work> comment the lines, or remove the entire file
<Fenix|work> ok, thanks!
<Fenix|work> updates ran last night and upgraded mysql, but for some reason, didn't start mysql upon completion
<Fenix|work> bad news on a web server :)
<Omahn> Rather than disabling it you can provide a list of packages not to upgrade automatically, such as mysql and apache.
<kriel> I'm on ubuntu server, trying to set up disk quotas for this user. This user has all of its files in its home directory. pastebin: http://pastebin.com/m4d7f34d3 quota reports that the user is using the same number of blocks as kiB the user is using, however the blocksize on that filesystem is 4kiB. 1kiB <> 4kiB. What am I missing?
<Fenix|work> Omahn, that is exactly what I am thinking
<Fenix|work> ivoks, Omahn:  Thanks a bunch!
<Omahn> Fenix|work: It works for us really well.
<Omahn> What I would really like is a 'lag' parameter. That way I could ensure some servers get updates before others so if anything breaks we can prevent any further deployments of that update.
<Omahn> lag=7days etc
<kriel> 'du -sk' reports the raw number of kiB the user is using, correct?
<techsupport> i need to add another domain, not sure where to start to make necessary configuration for postfix/dovecot
<Omahn> Does anybody know if the intention is for ubuntu server to have graphical/plymouth boot by default?
<Omahn> It appears to have a graphical boot that isn't disabled by removing quiet/splash?
<EtienneG> Omahn, no idea, currently investigating.  We are not getting a GUI in the Server Edition, that is for sure.
<jamey-uk> I'm trying to get X11 forwarding working but I keep getting "cannot connect to X server" messages, can anyone help?
<Omahn> EtienneG: Yeah, it seems very odd to have my machines booting graphically.
<laclasse> Omahn, ping, see this: https://bugs.launchpad.net/ubuntu/+source/plymouth/+bug/506297
<uvirtbot> Launchpad bug 506297 in plymouth "Graphical Ubuntu logo enabled on servers, no more login prompt" [High,Triaged]
<Omahn> laclasse: Perfect - thank you.
<uvirtbot> New bug: #518854 in libvirt (main) "Unable to create virtual machine: unknown parameter 'fmt'" [Medium,Triaged] https://launchpad.net/bugs/518854
<Omahn> EtienneG: Your comment from 16 hours ago in bug 506297 sums up my thoughts exactly.
<uvirtbot> Launchpad bug 506297 in plymouth "Graphical Ubuntu logo enabled on servers, no more login prompt" [High,Triaged] https://launchpad.net/bugs/506297
<EtienneG> Omahn, feel free to add you voice!
<Omahn> Will do :-)
<Omahn> Bug 504224 is nasty and seems to be affecting us :-(
<uvirtbot> Launchpad bug 504224 in mountall "NFS mounts at boot time prevent boot or print spurious errors" [Undecided,Confirmed] https://launchpad.net/bugs/504224
<orudie> I want to keep the same user accounts and set up mail for them just with a different domain, the old domain should stay active though
<orudie> I want to keep the same user accounts and set up mail for them just with a different domain, the old domain should stay active though
<orudie> not sure how to do that
<jamey-uk> can anyone help me? i'm stuck with these instructions: http://www.saycgi.com/wp/linux/x11forwarding-on-a-headless-server/
<Omahn> EtienneG: I'm going to submit a case for bug 504224 as I'm not sure which developer I should be prodding to look into it. It's a complete Lucid show stopped for us.
<uvirtbot> Launchpad bug 504224 in mountall "NFS mounts at boot time prevent boot or print spurious errors" [Undecided,Confirmed] https://launchpad.net/bugs/504224
<Omahn> *show stopper
<EtienneG> Omahn, we would be glad to have a look at it.  We will do the "developer prodding" no problem.  My colleague pmatulis is most likely the one that will handle your case.
<Omahn> EtienneG: No problem. Case should arrive any second now.
<EtienneG> Omahn, excellent!
<Omahn> Done, #8288.
<mathiaz> kirkland: hi - are you still using the UEC integration network systems?
<ttx> kirkland: could you send me your latest index.php ? Mine only has the basic CLC+CC+SC+Walrus and NC options
<orudie> i'm changing domain of my site, is there a way for apache to "rewrite" all the existing links to the new domain ?
<ttx> kirkland: Also for some reason at the end of the install it doesn't reboot on first hard disk, I end up on a netboot installer first screen -- any hint ?
<zul> orudie: look up mod_rewrite
<mathiaz> ttx: you need to check if the pxelinux config file has been updated correclty
<mathiaz> ttx: for the preseed files you may wanna check out lp:~mathiaz/+junk/uec-testing-preseeds/
<mathiaz> ttx: it has all the preseed templates for both lucid and karmic
 * ttx checks
<ehnde> is there a utility i can use to control what services run at boot time other than a simple chmod -x ?
<ehnde> i just got an ubuntu server vps, and it gets kind of slow at times
<ehnde> i want to disable unneeded services like sendmail, bind, and mysql
<Spanglish_7776> ehnde: http://www.unixtutorial.org/2009/01/disable-service-startup-in-ubuntu/ check that out
<ehnde> thank you!
<Spanglish_7776> no problem
<ehnde> if i install/enable ufw remotely over ssh is it going to kick me out?
<sherringham> ehnde: not if you are careful
<sherringham> ehnde: use screen or 2 logins, so you can test in one but stay safely logged in in the other (and can undo anything bad)
<uvirtbot> New bug: #383371 in libldap-ruby (universe) "Compiler error trying to build libldap-ruby from source" [Unknown,Fix released] https://launchpad.net/bugs/383371
<ehnde> alright thanks sherringham
<jdstrand> ehnde: in addition, I suggest doing: 'sudo ufw allow 22/tcp ; sudo ufw enable'. Ie, add the ssh rule *before* you enable
<databridge> helloooow
<databridge> does someone uses vnc remote desktop?
<smoser> kirkland, MIR for cloud-utils accepted. please add as Recommends to euca2ools
<kirkland> smoser: ack
<kirkland> smoser: would you mind opening a bug and assigning to me so that I don't loose track?
<smoser> https://bugs.launchpad.net/ubuntu/+bug/517696 will do ?
<uvirtbot> Launchpad bug 517696 in ubuntu "add package cloud-utils" [Medium,In progress]
<smoser> kirkland, you're assigned to task in 517696 now for Euca2ools
<kirkland> smoser: perfect, thanks
<uvirtbot> New bug: #517696 in ubuntu (main) "add package cloud-utils" [Medium,In progress] https://launchpad.net/bugs/517696
<mathiaz> kirkland: hey - are you using the UEC Integration Network hardware for now?
<kirkland> mathiaz: nope, go for it
<mathiaz> kirkland: great - thanks
<ezra-s> hello, due to password oudated I have been forced to change my login password, then I su - and changed it back, I realizaed my home filesystem would not mount with new password so I changed my password back to the new one... then following the manual I did a ecrypfs-wrap-passphrase .ecrypts/wrapped_passphrase and used the old password to wrap the new one.. no my home filesystem will not get decrypted.. can anyone please direct me howto fix i
<ezra-s> please help
<orudie> i'm adding a new domain to the current server, not sure why i can't ping mail.newdomain.com
<uvirtbot> New bug: #520615 in mysql-dfsg-5.0 (universe) "ntpdate can cause mysqld to shut down" [Undecided,New] https://launchpad.net/bugs/520615
<lifeless> moin
<lifeless> kirkland: so, did I file enough bugs for you ?
<kirkland> lifeless: i'm buried under a stack of pings at the moment
<lifeless> kirkland: :)
<lifeless> kirkland: no worries.
<lifeless> kirkland: Just letting you know that as per your request to document things that weren't seamless, I've filed a bunch of fairly specific bugs about UEC.
<kirkland> lifeless: thanks, we'll burn them down
<lifeless> they are all arguably wishlist
<smoser> lifeless, i tagged some of them as such
<smoser> is this possible: https://bugs.launchpad.net/ubuntu/+source/mysql-dfsg-5.0/+bug/520170
<uvirtbot> Launchpad bug 520170 in mysql-dfsg-5.0 "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.2 failed to install/upgrade: corrupted filesystem tarfile - corrupted package archive" [Undecided,New]
<smoser> the bug opener is indicating that the downloaded file was corrupt
<smoser> does apt not verify checksums of things it downloaded? i surely would have thought verification of signature would do that.
<lifeless> is there a discovery API for UEC?
<lifeless> by which I mean a standard page a users name + password can be given to which returns the EC2 and S3 endpoints for the cluster
<lifeless> or even without the username and password
<lifeless> just something to make programs (like Hudson, elasticfox etc) autoconfigure
<kohsuke> Hi
<lifeless> kirkland: smoser: kohsuke is the main dev for 'Hudson' - one of the most popular 'continuous integration' tools around. (We use it for the DX and Bazaar teams in-house)
<lifeless> he'd love to talk about UEC<->Hudson integration (making it slick, easy, etc) with the Eucalyptus devs, but I didn't know who in particular to introduce him to.
<lifeless> and its good for him to know you guys as well :)
<smoser> what would uec<->hudson entail?
<kohsuke> For example, having UEC web UI advertize the SOAP endpoints in a machine readable way
<kohsuke> (Hudson then talks to UEC to provision virtual machines for builds/tests)
<smoser> ah.
<lifeless> over avahi would rock too
<lifeless> (as an adjunct, not instead)
<lifeless> then you could have hudson just offer UEC support if its on a network with UEC
<kohsuke> and/or UPnP for auto-discovery
<lifeless> https://bugs.edge.launchpad.net/ubuntu/+source/eucalyptus/+bug/520645 <- asking or an autoconfig API
<uvirtbot> Launchpad bug 520645 in eucalyptus "configuration discovery" [Undecided,New]
<lifeless> smoser: so "small things to make a brilliant experience"
<smoser> sorry for being hudson ignorant.
<smoser> my onliy experience was using it for a build maachine reporting.
<smoser> would it be provisioning machines to do biulding ? and/or testing?
<kohsuke> It's capable of doing so.
<kohsuke> So let's say if someone wants to test their software on 4 different OSes. Hudson can notice that it needs to start a particular AMI to have the necessary environment, then it starts the VM, runs the tests, then shut it down when it goes unused.
<lifeless> smoser: it has a kitchen sink now :)
<ezra-s> anybody with ecryptfs experience here, I cant use my home directory I get an error saying keyctl_search: Required Key not available when I login
<lifeless> kirkland does, but I get the impression he's a tad busy right now.
<kirkland> ezra-s: ecryptfs support is in #ecryptfs on irc.oftc.net
<ezra-s> thank you very much
<ezra-s> hope someone is awake there
<kirkland> lifeless: thanks for the euca bugs
<kirkland> lifeless: there's definitely some opportunities for polish there
<kirkland> lifeless: a few of them, though, we'd like you to try and reproduce against Lucid, at your convenience
<kirkland> lifeless: i'll mark those incomplete, for now, with a request to test against Lucid, if you don't mind
<kirkland> smoser: okay ... i'm merging euca2ools
<lifeless> kirkland: I don't think my laptop has the grunt to do that
<lifeless> kirkland: and my other machines have stability needs
<kirkland> lifeless: okay, thanks;  "at your convenience" :-)
<lifeless> sure
<uvirtbot> New bug: #517871 in euca2ools (main) "euca-describe-volumes fails in lucid" [High,Triaged] https://launchpad.net/bugs/517871
<uvirtbot> New bug: #516486 in eucalyptus "euca2ools attributes often don't work  " [Undecided,Fix committed] https://launchpad.net/bugs/516486
<ribo> anyone use user-mode linux in karmic?
<ehnde> i'm about to bang my head on the desk trying to set up ufw
<ehnde> how do i allow all outgoing connections?
<jdstrand> ehnde: it does that by default
<jdstrand> ehnde: is this a host-based firewall or routing firewall?
<ehnde> that may be, but i was following a guide and ran "ufw default deny"
<ehnde> host based firewall
<jdstrand> ehnde: ufw default deny is also the default
<jdstrand> ehnde: for a typical desktop system, all that is needed is 'sudo ufw allow 22/tcp; sudo ufw enable'
<jdstrand> ehnde: that gives you an incoming default deny, and outgoing allow, with connection tracking. and of course incoming ssh
<ehnde> this is on a server, but the strange thing is i can't use outgoing connections on any port
<ehnde> ping: unknown host google.com
<ehnde> can ssh in, and the web server is accessible, but that's it
<jdstrand> and it can ping google if you disable ufw?
<jdstrand> (sudo ufw disable)
<ehnde> with ufw disabled, i can ping out
<jdstrand> ehnde: did you edit any of the /etc/ufw/*.rules files?
<ehnde> no
<jdstrand> ehnde: what version of ufw? 'ufw --version'
<ehnde> ufw 0.29-4ubuntu1
<jdstrand> ehnde: please paste the output of this command: 'sudo ufw status verbose'
<ehnde> http://pastebin.com/m79c074e6
<ehnde> confusing :|
<ehnde> it even says allow (outgoing)
<jdstrand> ehnde: please paste the output of this command: 'sudo ufw show raw'
<uvirtbot> New bug: #520707 in euca2ools (main) "euca-describe-snapshots invalid literal for int() with base 10" [Undecided,New] https://launchpad.net/bugs/520707
<ehnde> this one is a bit longer http://pastebin.com/d6567605b
 * jdstrand nods
<jdstrand> this is not an ubuntu kernel
<jdstrand> ehnde: what version of Ubuntu is this on?
<ehnde> interesting...it is a "preloaded" image provided by my vps company
<ehnde> 2.6.18-128.2.1.el5.028stab064.8 #1 SMP Fri Nov 6 12:26:59 MSK 2009 i686 GNU/Linux
<ehnde> whoa! cat /proc/version shows a red hat kernel
<ehnde> what on earth....
<jdstrand> ehnde: and the version of ubuntu? (lsb_release -a)
<ehnde> Description:Ubuntu 9.10
<ehnde> i will install the ubuntu server kernel...who knows, maybe that will help with the other performance issues
<ehnde> if it dies on me, this vps company has a remote restore/reboot feature
<jdstrand> ehnde: ufw has not been tested on the version of the kernel. it is known to work with 2.6.24. the 'show raw' command shows that you don't have everything available in this kernel that ufw expects. I suggests running 'sudo /usr/share/ufw/check-requirements' and contact your vps provider
<jdstrand> 2.6.24 and later that is
<ehnde> last time i put in a ticket it took them a week to respond :(
<ehnde> i'm going to try installing linux-image-server and see how that turns out
<ehnde> jdstrand: tyvm for your help
<jdstrand> ehnde: np
<sherringham> Redhat kernel with Ubuntu user space? V. Odd
<ehnde> maybe that was a dumb idea...i never thought that just maybe it's not possible to use a different kernel within a vps
<ehnde> "the VPS will use whatever Kernel the Host node is using, In the Case on Xen and OpenVZ the host controls the kernel."
<ehnde> that must mean the host machine is running red hat
<ZimCS> Hello everyone.  If I set read only = no in smb.conf does this give users the ability to delete as well as write or just write?
<beagleGuy> hey all, I'm trying to add a local user to my box and I'm getting the following error: http://pastebin.org/90368
<beagleGuy> authentication token error?
<beagleGuy> any ideas?
<ajavid> no
<ajavid> you never get support here
<ajavid> EVER,.
<Spanglish_7776> beagleGuy you still around?
<beagleGuy> yes, still here
<Spanglish_7776> what ver of ubuntu?
<beagleGuy> 2.6.28-11-server #42-Ubuntu
<Spanglish_7776> 10.4?
<beagleGuy> Ubuntu 9.04
<Spanglish_7776> gotcha
<Spanglish_7776> is the user created?
<beagleGuy> the user gets created
<beagleGuy> but the password just fails
<beagleGuy> with that msg
<beagleGuy> any local user
<Spanglish_7776> hmmm.. odd. have you tried sudo passwd jimjamz though I don't understand why you're getting that error
<beagleGuy> yep tried that too
<beagleGuy> no love, same msg
<beagleGuy> werid
<beagleGuy> never had this before
<qman__> if it's doing it for both users, it's probably a problem with authentication in general
<Spanglish_7776> hmm. likewise-open installed?
<qman__> did you recently set up LDAP?
<beagleGuy> I believe the box does use openldap, yes
<beagleGuy> I'm the developer/part time admin of the box so I didn't set it up originally
<qman__> well, that can happen if /etc/passwd, /etc/shadow, and the LDAP users don't line up correctly
<beagleGuy> I'm trying to just set up a non ldap local user, is there some ldap conf setting that's preventing that you think?
<beagleGuy> it does this on  two of my 4 boes
<beagleGuy> boxes
<Spanglish_7776> http://www.linuxquestions.org/questions/linux-newbie-8/passwd-authentication-token-manipulation-error-236955/
<qman__> if there's a user in LDAP with the same UID, name, GID, or group name, it's possible
<Spanglish_7776> curious if this may help
<qman__> also, compare your /etc/passwd and /etc/shadow, make sure the user info in those match up
<qman__> and that there are no syntax errors
<qman__> I noticed it's trying to use UID 1000
<qman__> which is the default for the first user
<qman__> make sure that's ok, or find out what UID range you should be using
#ubuntu-server 2010-02-12
<sabgenton> what is a shure fire way to test you printer from the comand line
<Spanglish_7776> hmm sabgenton 1 sec
<sabgenton> :)
<Spanglish_7776> this miight help http://ubuntuforums.org/showthread.php?t=222180
<Spanglish_7776> hmm 1 sec agin
<Spanglish_7776> again*
<Spanglish_7776> sabgenton you have cups installed?
<sabgenton> yeah
<sabgenton> is there not some way I can print without cups?
<sabgenton> just form the command line?
<sabgenton> a usb brother 2040 is plug in via usb
<Spanglish_7776> and it's detected?
<Spanglish_7776> ?
<Spanglish_7776> dmesg
<Spanglish_7776> are you using ubuntu-desktop
<Spanglish_7776> ?
<Spanglish_7776> sabgenton are you using ubuntu-desktop
<Avenegra> hello, anyone with experience with samba AD member fileservers?
<sabgenton> no ubuntu server headless
<Spanglish_7776> Aven, I'm actually working on the same thing.
<Spanglish_7776> sabgenton, gotcha
<sabgenton> sorry my internet just restarted
<Spanglish_7776> np sab, is you're printer detected and the driver installed?
<Spanglish_7776> you can unplug and plug the usb cable and in the command line type dmesg and see if it's detected, etc
<sabgenton> I've tryed  redirecting files to > /dev/lp0
<sabgenton> but nothing
<Spanglish_7776> is it showing in dmesg?
<Spanglish_7776> 1 sec
<sabgenton> nope
<Avenegra> anyone has experience in samba active directory integration? i have a server running ok but there's a problem: when connecting as the domain admin the files created appear owned as root:"domain admins", why it wont map correctly?
<sabgenton> Spanglish_7776: any Ideas?
<Spanglish_7776> googling 1 sec
<Spanglish_7776> sab- try lp filename
<Spanglish_7776> work sabgenton?
<sabgenton> $ lp filef lp: Error - no default destination available.
<Spanglish_7776> printer is probably not installed correctly
<sabgenton> yep thats why I'm here
<sabgenton> should lp work if cups isn't installed
<sabgenton> ?
<sabgenton> or do you need cups for every type of printing
<sabgenton> apparently I should have symlinked stuff before installing drivers?
<sabgenton> sudo ln -s /etc/init.d/cupsys /etc/init.d/cups
<sabgenton> ?
<sabgenton> do I need lpd drivers??
<sabgenton> I only installed the cups driver for my printer not the lpd
<sabgenton> ok symlinking seems silly as there is a reall file there
<sabgenton> oh wait
<sabgenton> the installer put it there
<sabgenton> probably
<sabgenton> ok I'm going to try move /etc/init.d/cups to /etc/init.d/cupsys
<sabgenton> and makeing the later a symlink to the former
<Roxyhart0> I i am trying to add this acl on ldap using the command: ldapmodify -x -D cn=admin,cn=config -W . But i am getting: invalid format (line 4) entry: "olcDatabase={1}hdb,cn=config"
<Roxyhart0> my acls are: http://pastebin.com/d4dbec0b . Any idea?
<Roxyhart0> i just include the acl but i am gettin this error: hi, i did the acl but when i restart samba i got this error: palm slapd[8779]: bdb_db_cache: db_open(sambaDomainName) failed:Permission denied (13) any idea?
<ZimCS> has anyone used backupPC before?
<twb> !anyone
<ubottu> A large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out?
<Roxyhart0> Does anyone/anybode know how i can know if my nss_ldap can connect to LDAP? i am getting this error but i dont know why..nss_ldap: could not connect to any LDAP server as cn=admin,d...
<twb> nss_ldap can connect to LDAP -- there wouldn't be any point to it if it couldn't.
<Roxyhart0> why could be the cause for this error?
<twb> libnss_ldap definitely SHOULD NOT be binding as the privileged binddn.
<twb> It probably doesn't need more than an anonymous  bind.
<Roxyhart0> ok, i will chage that
<Roxyhart0> and will try ...thanks
<ZimCS> ok, that was excessive.  Is backupPC a good solution for backing up PC's on a home server.  Would anyone recommend anything different?
<Roxyhart0> bakula?
<twb> I've used rsnapshot for backups to an offsite unix host.  I don't LIKE it, but it's less effort than amanda.
<Roxyhart0> twb i chage the user but still the same error
<pting> i'm trying to setup rssh to chroot certain sftp and scp users... i noticed in the release notes for 9.10 that upstart will prevent this from working. the workaround was to point /bin/true to /sbin/initctl... what exactly will happen when i make this change?
<qman__> ZimCS, I have not used it before, but the information on the site is interesting
<twb> I avoid backups to tape/dvd, because they require users to be awake, and that's not going to happen reliably.
<twb> pting: why wouldn't you just use OpenSSH's built-in chroot functionality?
<qman__> yeah, it's a built in option in recent releases, in ubuntu since 9.04 IIRC
<pting> twb, that's a good question, i should have looked for that first. i didn't realize. thanks
<twb> pting: it's relatively new -- not in 8.04, IIRC
<pting> twb, thx, i'll give that a shot
<qman__> yeah, it's not in 8.04
<qman__> I used jailkit for my hardy setups
<Roxyhart0> i solve it, i didt have installed nscd
<Roxyhart0> but still i am getting this error: bdb_db_cache: db_open(mail) failed: Permission denied (13). is it acl error?
<Roxyhart0> somebody know why is this error?
<uvirtbot> New bug: #520770 in autofs (main) "Removal request for autofs from lucid" [Undecided,New] https://launchpad.net/bugs/520770
<uvirtbot> New bug: #520775 in eucalyptus (main) "Eucalyptus apport fails: AttributeError: __AptDpkgPackageInfo instance has no attribute 'get_versions'" [Undecided,New] https://launchpad.net/bugs/520775
<Roxyhart0> hi i am installing a pdc and i am gettin this error. I try to join PDC, do a getlocalsid, etc but i doesnt work. somebody know about a doc to configurate properlu a PDC (ubuntu guide doesn work)
<Roxyhart0> hi somebody know how i can set a wins server?
<twb> Roxyhart0: that's part of Samba
<twb> Assuming you want the WINS server to be on Ubuntu
<Roxyhart0> yes
<Roxyhart0> tahnks
<Roxyhart0> i just found it :)
<Roxyhart0> hi when i do net getlocalsid i am getting this error. any idea? Can't fetch domain SID for name:rx
<jumbers> Is there a way to kill a console session via SSH? My datacenter seems to have left my machine logged in as root, at the console, for the past 7 days
<thebwt> jumbers: should be able to 'top' and find the 'bash' processes.
<jumbers> thebwt: Thanks, but somebody mentioned "skill" to me and that worked
<thebwt> jumbers: I just learned a new command :)
<jumbers> thebwt: skill -KILL -v tty1 or pts/1, etc
<thebwt> *nods*
<Roxyhart0>  hi aim having this error messagw ehen i try to join my PDC to the domain NT user token: (NULL) UNIX token of user 0, Primary group is 0 and contains 0 supplementary groups
<Roxyhart0> somebody have any idea?
<uvirtbot> New bug: #520841 in mysql-dfsg-5.1 (main) "Installation failed" [Undecided,New] https://launchpad.net/bugs/520841
<twb> I'm building disk images using live-helper.
<twb> Unfortunately, fbcon appears to be loaded by the userland during init: "Switching to colour framebuffer 80x30"
<twb> This is a pain, because I have to boot X to test VMs that use VESA instead of the 80x25 text console.  Where's the problem code live, and how do I shut it off?
<twb> (This is after switching from 8.04 to 10.04.)
<uvirtbot> New bug: #520857 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/520857
<ttx> soren: ping
<uvirtbot> New bug: #520865 in bacula (main) "package bacula (not installed) failed to install/upgrade: no package named `bacula' is installed, cannot configure" [Undecided,New] https://launchpad.net/bugs/520865
<uvirtbot> New bug: #520872 in dbconfig-common (main) "dbconfig-common: mysqldump must dump routines during upgrade, or risk data loss" [Undecided,New] https://launchpad.net/bugs/520872
<maxagaz_> how to get the uid of someone from its id ?
<maxagaz_> is there a command to do taht ?
<ara> hello all
<ara> I tried to install lucid latest ubuntu-server in KVM, and when it boots, after showing plymouth, it hangs with a cursor blinking in the upper left corner
<ara> any ideas?
<kaushal> hi
<kaushal> i get this error mount.nfs: No such device inside the domU while trying to mount the nfs inside the VM
<kaushal> "No such device" - NFS is not configured into the client's kernel.
<kaushal> Any clue ?
<sherringham> kausbal: do you need to install NFS support?
<sherringham> */kaushal/kausbal/
<kaushal> sherringham: i did not understand
<kaushal> sherringham: i do not have kernel inside domU
<sherringham> kaushal: nfs-common pckage? Try : sudo apt-get install nfs-common (in client)
<kaushal> sherringham: did that already :)
<sherringham> kaushal : "NFS is not configured into the client's kernel" - what kernel? uname -a
<kaushal> 2.6.24-24-xen
<sherringham> kaushal: OK, sorry. I don't have experience of Xen - maybe it has no NFS kernel support. Seems odd - but I don't know. Sorry.
<MenZa> I'm attempting to setup openvpn on my server, and my primary problem is creating a bridge interface. When I add it, it doesn't show up in ifconfig after restarting networking. I've used this guide as my starting point: https://help.ubuntu.com/community/OpenVPN
<twb> Since both Xen and NFS are implemented in the kernel, and Xen involves lying about the filesystem to DomUs, it wouldn't surprise me if NFS support was simply broken within Xen
<MenZa> Err. Why is an interface not defined in /etc/network/interfaces showing up in ifconfig?
<twb> MenZa: because it's configured?
<MenZa> twb: How do I remove it?
<twb> If you have accidentally installed NetworkManager, it will bugger up your networking
<MenZa> Oh, no -- I'm trying to setup a bridged device
<MenZa> Then networking went fubar, and I decided to remove it again
<twb> "ifconfig eth0 down" should deconfigure an interface eth0
<twb> bridges might be different
<MenZa> Well, I still can't connect to the thing.
 * MenZa growls.
<MenZa> Although br0 is now gone from ifconfig
<RoyK> ifconfig -a?
<MenZa> Oh, still running.
<twb> brctl is probably the way to drop bridges
<MenZa> Right
<MenZa> Success. I'm in.
<MenZa> Thanks.
 * MenZa phews.
 * MenZa draws a line under the large "DON'T TOUCH THE NETWORKING" sign on his wall.
<twb> You think that's funny
<MenZa> All I can say is "thank you, Linode, for LISH"
<twb> If you make a typo in /etc/hosts, suddenly sudo doesn't work
 * RoyK rearranges MenZa's networking
<MenZa> twb: indeed
<MenZa> twb: I was quite nervous when I had to change the hostname of this box :)
<RoyK> why?
<MenZa> For the same reason that I'd typo something. I read it over three times before :w'ing
<twb> Do not get me started on renaming LDAP slaves.
<MenZa> hehehe
<soren> ttx: What's up?
<ttx> soren: will talk to you later... if you're available
<soren> ttx: Sure.
<uvirtbot> New bug: #520309 in intel "[Patch] Multipath Tools: modify the path priority tool for Intel Modular Server support" [Critical,New] https://launchpad.net/bugs/520309
<uvirtbot> New bug: #520304 in mysql-dfsg-5.1 (main) "I don't know exactly, I read the message of system and I sent the report the it advises me (dup-of: 501655)" [Undecided,New] https://launchpad.net/bugs/520304
<vish> ttx: could you also close Bug 194472 sudo task as "wont fix" , desktop team wanted the server team to make the final call on that [seems no point in having an open bug ;)  ]
<uvirtbot> Launchpad bug 194472 in sudo "Entering password in Terminal gives no visual feedback" [Unknown,Fix released] https://launchpad.net/bugs/194472
<ttx> vish: done
<vish> thanks :)
<ttx> soren: wanted to have an updated status on the puppet/etckeeper thing
<walle_> hi, does anyone know how i can obtain a list of security updates for a ubuntu system as an unprivileged user (ie. unable to run apt-get update)? the goal is to write a monitor script which can be used by remote a remote monitoring solution to alert if there is a unpatched system is detected.
<uvirtbot> New bug: #520955 in mysql-dfsg-5.1 (main) "synaptic says that the packet is broken. errorcode 1" [Undecided,New] https://launchpad.net/bugs/520955
<soren> ttx: I'm working on the puppet merge today. I'll see if I can get the hooks sorted out today, otherwise it's at the top of my list for next week.
<ttx> soren: ok, thanks for the update
<ttx> kirkland: if you can send me your latest pxe/index.php, I could make use of it. I almost completed the local build testing infrastructure.
<kirkland> ttx: let me put it in a bzr repo
<ttx> kirkland: ok, let me know when done.
<kirkland> ttx: organizing now
<ttx> kirkland: I managed to have the installer use my local build eucalyptus-udeb, now I just need to convince it to use my additional local repository
<Roxyhart0> somebody know how i can know groups and users in linux?
<ttx> Roxyhart0: "getent passwd"and "getent group" ?
<Roxyhart0> thanks
<kirkland> ttx: lp:~kirkland/+junk/uec-auto-install
<ttx> kirkland: cool, thx
<Spanglish_7776> anyone familiar with Samba?
<kirkland> ttx: feel free to propose merges, if you can make it more generic to work with your setup too
<kirkland> ttx: would be nice to work off of a common framework
<ttx> yep
<kirkland> ttx: and would help to give to a newbie to get up and running quickly
<Spanglish_7776> I have configured a share but my xp box doesn't see it. and if I enter it manually it prompts me for authentication but doesn't accept
<ttx> As soon as I maange to have it pull from my $**!&% local repo
<erichammond> restarting mysql on cody
<erichammond> oops, wrong tab
<Pupeno> Any ideas how to run ufw enable in a non-interactive way?
<pmatulis> Pupeno: once enabled it will stay enabled (persistent across reboots)
<Kagarman> Hello
<Pupeno> pmatulis: I know that.
<pmatulis> Pupeno: ok, so rephrase then
<jdstrand> Pupeno: I'm assuming you are referring to the ssh prompt. Lucid will support '--force enable' soon. Ubuntu 9.04 and later support preseeding via debconf
<Kagarman>  	ÐÐ°Ðº Ð´ÐµÐ»Ð°?
<Kagarman> How are you?
<Pupeno> pmatulis: how do you want me to rephrase it? I want to run ufw enable and get the firewall enabled without a prompt.
<Pupeno> Well, thank god for yes... yes | ufw enable
<Kagarman> Do you speak Russia?
<Pici> !ru | Kagarman
<ubottu> Kagarman: ÐÐ¾Ð¶Ð°Ð»ÑÐ¹ÑÑÐ° Ð¿Ð¾ÑÐµÑÐ¸ÑÐµ #ubuntu-ru Ð´Ð»Ñ Ð¿Ð¾Ð»ÑÑÐµÐ½Ð¸Ñ Ð¿Ð¾Ð¼Ð¾ÑÐ¸ Ð½Ð° ÑÑÑÑÐºÐ¾Ð¼ ÑÐ·ÑÐºÐµ  / Pozhalujsta posetite #ubuntu-ru dlya polucheniya pomoshi na russkom yazyke
<Sorrel> hey, is there any difference between apt-get and aptitude?
<smoser> lifeless, i see you on txaws, we're wanting to package that and i was wondering if there was already a package.
<Pupeno> How do I make ufw forget about an allow/reject/deny of an app?
<jdstrand> Pupeno: ufw delete <rule>
<Pupeno> jdstrand: doesn't seem to work with apps.
<Pupeno> This: ufw delete OpenSSH fails.
<jdstrand> Pupeno: that is improper syntax. use:
<jdstrand> ufw delete allow OpenSSH
<Pupeno> oh, I see.
<jdstrand> Pupeno: basically, prefix 'delete' before the rule that you used to add it (see 'man ufw' for details)
<Sorrel> :/
<ttx> smoser: o/
<smoser> good morning ttx
<ttx> smoser: question for you, how is AWS library packaging looking ?
<smoser> i just opened 2 bugs for 'needs packaging' for right_aws (and dependency right_http_connection)
<smoser> i have packages building, but no real idea how to test
<smoser> just pinged lifeless above regarding txaws
<Sorrel> when setting up a static i.p. to the outside world domain name server is = gateway right?
<smoser> i've not looked at the other 2
<Sorrel> ls
<ttx> smoser: ok
<sherringham> Sorrel: not necessarily - but the function is often built into routers/modems (DSL/cable etc.)
<Sorrel> that's sherringham
<Sorrel> thanks sherringham
<sherringham> Sorrel: re: apt-get - aptitude/apt-get do the same thing pretty much, except aptitude also has a curses interface and is thought to have slightly more sophisticated deps checking/resolving
<Sorrel> sherringham:  so there's not really a reason to use aptitude over apt-get
<sherringham> Sorrel: as I say, aptitude might be preferred sometimes for resolving deps. But I use both interchangeably.
<TeTeT> soren: is there a vmbuilder backport for Hardy somewhere, so you can build karmic images on hardy?
<Sorrel> sherringham:  I understand now, Thanks :)
<soren> TeTeT: I'm not sure, to be honest.
<Fawzib> question: i have a linux server connected to my dsl modem (modem is dhcp server). in my linux server I have a router card. i want to be able to connect comps to the router card and redirect traffic to go out of the server main lan card which is connected to the dsl modem. how would i accomplish that?
<Sorrel> edit the /etc/network/interfaces
<Sorrel> file
<Sorrel> the nic that you want to use to go out to the world ( DSL ) should have a static I.P.
<Sorrel> and the internal one should have a static I.P. but have a broadcast range
<Spanglish_7776> i believe you'll have to also do packet forwarding (MASQ&NAT) ipchains.
<Spanglish_7776> and may want to utilize dhcp (broadcast range)
<Fawzib> ugh, has to be static? isnt there a way to everything comming from router card broadcast it?
<Sorrel> !pastebucket
<Sorrel> what is the link to pastebucket?
<Pici> !paste
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<Sorrel> something like this
<Sorrel> http://paste.ubuntu.com/374798/
<Sorrel> don't use those address
<Sorrel> ( anybody want to break into my network now )
<Spanglish_7776> Fawzib I'd suggest IPCop or pfsense, very good open source linux based router software, I use pfsense
<Spanglish_7776> very good.
<TeTeT> soren: ok
<mathiaz_> smoser: hi!
<mathiaz_> smoser: bug 520766
<uvirtbot> Launchpad bug 520766 in ubuntu "Unable to register lucid-server-uec-amd64-initrd-virtual: Invalid image - UEC image 	20100211" [Undecided,Invalid] https://launchpad.net/bugs/520766
<ttx> mathiaz_: What's the status on server-lucid-puppet-uec-ec2-integration ? Still planning to complete it for alpha3 ? Am I right in assuming this is not affected by FF ?
<mathiaz_> smoser: what is it invalid?
<mathiaz_> ttx: still planning to work on this
<mathiaz_> ttx: some of the item are impacted by FF
<smoser> because you tried to register a on-existant file
<smoser> ec2-bundle-image I_DO_NOT_EXIST
<smoser> s/on-existant/non-existant/
<Fawzib> pfsense is a full distribution, already have xbmc-live running on the server, just added a router card to connect my PS3 to it
<mathiaz_> ttx: mainly adding the puppet job to cloud-init
<mathiaz_> ttx: now that I have access to a UEC cloud I can work on this
<ttx> mathiaz_: ok
<Xpistos|work> Excuse me, where is the Trash directory in the Karmic?
<mathiaz> smoser: I'm not sure I understand what you mean
<mathiaz> smoser: using the same sequence of commands with 20100209 it works correclty
<smoser> try this, and you'll get the same error that you got in the bug report:
<genii> Xpistos|work: ~/.local/share/Trash/
<Xpistos|work> thanks
<mathiaz> smoser: ah gotcha
<smoser> euca-bundle-image -i THE_EYES_OF_TEXAS_ARE_UPON_YOU -r x86_64 --ramdisk true
<smoser> :)
<smoser> ok.
<smoser> it might be reasonable to open a bug against euca2ools to have a better error message than "invalid image"
<Xpistos|work> genii: That is in server?
<smoser> ie, "file does not exist"
<genii> Xpistos|work: It gets created if you are going a terminal server. A regular "Trash" doesn't exist otherwise though (as far as i know, since rm'd files don't go into some temp place)
<Elad> if I am getting the following errors, how do I fix them? (13)Permission denied: make_sock: could not bind to address [::]:80
<Elad> (13)Permission denied: make_sock: could not bind to address 0.0.0.0:80
<Elad> no listening sockets available, shutting down
<Elad> Unable to open logs
<Elad>    ...fail!
<Sorrel> running as root?
<sherringham> Elad: Apache? sudo /etc/init.d/apache2 restart
<Xpistos|work> genii: Thanks! I am trying desperately to recover lost files, but it is looking bad, I wanted to see if I could check in the trash.
<Elad> sherringham: the error was produced while doing /etc/init.d/apache2 reload
<Elad> I am afraid that a restart will take it down and not come back up
<Elad> or is that a common error when performing a reload?
<sherringham> Elad: Don't think I ever reload. What command failed? As what user?
<Elad> sherringham: haha, I wasn't sudoing it
<Elad> works now, thanks for the obvious
<Elad> another question I have, if I have a cert for https://www.mysite.com, users that hit https://mysite.com are getting a security exception - how do I tell apache to redirect all non www requests for that domain to auto-redirect to the www domain?
<RoyK> Elad: lots of ways - I usually use a php header() call with a 302
<Elad> I am trying the header('location: https://www.mysite.com') and it still serves up the error
<Elad> RoyK: looks like I have die( header('location: https://www.mysite.com')) - I wonder if the die is returning a different header code
<Elad> let me remove that and see what happens
<TeTeT> soren: when vmbuilder asks for 'Password for root on localhost?' - does it actually expect me to have a root password set on my system?
<soren> TeTeT: "asks for"? It should be completely non-interactive.
<TeTeT> soren: yeah, that's what's surprising me, I started it like: sudo vmbuilder xen ubuntu --addpkg=openoffice.org --addpkg=cups-pdf --suite karmic
<soren> TeTeT: It must be something cups-pdf is asking.
<soren> TeTeT: Could you try leaving that out and re-run?
<TeTeT> soren: will do, I report back
<soren> TeTeT: ta
<mathiaz> smoser: tried to use uec-publish-tarball:http://paste.ubuntu.com/374828/
<smoser> mathiaz, environment is set up ?
<mathiaz> smoser: mouaahahahahah - no :/
<smoser> :)
<mathiaz> smoser: \o/ - works! thanks for the help
<smoser> mathiaz, fyi, with euca2ools, you can now take that eucarc that it gives you and put that in ~/.eucarc
<smoser> no more need to export sensitive info in the environment
<jpds> Ah, missed ivoks by a few minutes.
<BeardedChimp> Is there a central place that I can use to empty log files on reboot so that they dont keep getting larger and larger? I have a few udev scripts that put things into /var/log. I could use /tmp but that seems to miss the point of /var/log
<sherringham> BeardedChimp: use logrotate to manage log files
<BeardedChimp> sherringham: This is perfect, thank you
<soren> zul: Mind if I assign the etckeeper MIR writing work item to you?
<Bookman> I cannot seem to get a printer working over the internet.  Any ideas why?  Both systems are running Ubuntu 9.10
<crazygir> hiya!
<crazygir> question, where is the "proper" place (in ubuntu) for vhosts (as a DocumentRoot) ?
<thebwt> crazygir: I use ~/www/<site name>/public_html
<thebwt> so that I have write access
<crazygir> they're not associated with any user in particular
<crazygir> they're just served off of the server :)
<thebwt> you could do /var/www/<site name> then
<crazygir> fantastic
<mathiaz> crazygir: the FHS recomends to put stuff in /srv
<thebwt> oh, my bad
<ezra-s> crazygir, that's really up to you, some use /var/www some use /home/www, some use /web
<crazygir> huh??
<crazygir>  /srv?
<ezra-s> apache is that flexible
<thebwt> /srv/wwww, no /var/www
<crazygir> I know apache is flexible, but it's more about ubuntu convention that I'm asking about
<thebwt>  /srv is the "standard"
<ezra-s> just tell apache which config file to run with the appropiate settings and voilÃ¡
<mathiaz> crazygir: http://www.pathname.com/fhs/pub/fhs-2.3.html#SRVDATAFORSERVICESPROVIDEDBYSYSTEM
<Bookman> I have my router forwarding port 631
<ezra-s> oh.. I see
<mathiaz> crazygir: there isn't any convention in ubuntu
<ezra-s> I'd say /var/www then
<crazygir> mathiaz: putting stuff in /srv isn't a convention?
<mathiaz> crazygir: as ubuntu follows the FHS
<crazygir> ok
<crazygir> thanks!
<uvirtbot> New bug: #521081 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu5 failed to install/upgrade: subprocess new pre-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/521081
<Bookman> I followed these instructions: https://help.ubuntu.com/community/NetworkPrintingWithUbuntu but I still cannot get it to print.
<uvirtbot> New bug: #521085 in samba (main) "Samba 3.4.0 denies access to Roaming Profiles for XP Clients" [Undecided,New] https://launchpad.net/bugs/521085
<Lam3r_co> hello
<sherringham> Bookman: did you check for errors in any log files?
<Lam3r_co> is problem with vsftpd enough server related?
<TeTeT> soren: it worked without cups-pdf, any chance to automate it with cups-pdf installed/
<sherringham> Lam3r_co: probably (running on ubuntu server)
<Lam3r_co> then, please how is it possible, that I can login on my ftpd and the other user cannot (bad login)
<Lam3r_co> I tried changing password, but still the same
<thebwt> sounds like the users aren't allow, permissions
<thebwt> allowed*
<Lam3r_co> how can I check it?
<thebwt> not positive.
<Lam3r_co> the other user has shell /bin/false, can it be it?
<thebwt> does ftp use shell settings?
<Lam3r_co> I have no idea
<da65> if anyone gets files holded back when running apt-get upgrade all you need to do is run apt-get autoclean worked for me
<thebwt> to be honest, I always use sftp. It sets up so much easier. So setting up standard ftp is unkown to me.
<Lam3r_co> the peeps I'm making this for don't know how to use sftp
<da65> if your accessing your Ubuntu server from a windows machine you will have a job to get better than WinSCP
<thebwt> Lam3r_co: what ftp client are they using?
<Lam3r_co> thebwt: total commander or filezilla
<Lam3r_co> thebwt: I use psftp
<Bookman> sherringham, which log file on which machine?
<da65> http://winscp.net/eng/index.php if in Windows, it's great, free to
<thebwt> all those support sftp, try connecting (it is this exact same as connecting with ftp)
<thebwt> just set it to sftp
<da65> wish they would do a unix version though
<Lam3r_co> okay, so I just remove VSFTPD and install sftpd?
<thebwt> sftp is with ssh
<thebwt> do you access your server with ssh?
<da65> to be safe yes :)
<thebwt> k
<thebwt> then it's already set up
<Lam3r_co> ooh, so I'm ready with openssh?
<da65> only way you will get root on ftp is sftp anyway
<thebwt> Lam3r_co: yup
<Lam3r_co> great, thanks guys :)
<thebwt> Lam3r_co: give it a try and see if it does everything you need
<da65> I love root
<thebwt> I love well done permissions
<sherringham> Bookman: no idea, I don;t use printing. Cups? Check /ar/log/syslog, others perhaps. On server probably.
<Bookman> Is there a way to monitor which ports have connections/attempted connections on the server?
<sherringham> Bookman: debug cups described here (incl. log file) :
<sherringham> https://help.ubuntu.com/9.10/serverguide/C/cups.html
<sherringham> Google search : debug internet printing +cups +ubuntu
<Sorrel> sudo make
<Sorrel> :/
<Sorrel> sry
<Bookman> maybe this is the error:
<Bookman> Request from "64.229.175.221" using invalid Host: field "clarkhomeftp.dlinkddns.com"
<Bookman> This is an error in the cups error log.  It looks like the client is contacting the server. but something is going wrong
<jiboumans> kirkland: remember the AA ppa review please
<jiboumans> thanks
<sherringham> Bookman: http://www.google.co.uk/search?hl=en&safe=off&client=firefox-a&rls=com.ubuntu%3Aen-GB%3Aofficial&hs=EXK&q=%22using+invalid+Host%3A+field%22+%2Bcups&btnG=Search&meta=&aq=f&oq=
<sherringham> *oops - sorry -search : "using invalid Host: field" +cups
<Bookman> sherringham, got it and many thanks.
<sherringham> Bookman: no problem. Helping you help yourself :-)
<Bookman> gotta sharpen my google skills
<smoser> mathiaz, kirkland , i'm in need of sponsor for for right_aws work:
<smoser> libright-aws-ruby (LP: #521002)
<smoser> libright-http-connection-ruby (LP: #521006)
<smoser> libuuidtools-ruby (LP: #521077)
<mathiaz> smoser: cool - I'll have a look at it
<smoser> ppa builds are on their way to https://launchpad.net/~smoser/+archive/ppa/+packages
<Eriroley|work> I'm running into some problems when trying to get my system to auth to a windows AD system via krb5.
<Eriroley|work> Auth works "as expected" but the windows security log is spammed with pre-authentication failures. Anybody have any hints, or suggestions to point me in the right way
<Eriroley|work> The google seems to have a lot of people that are having the same problem, but no solutions that I can find.
<smoser> mathiaz, for txaws, there is no upstream source releases, so what should i use for orig tarball/how do i handle that?
<mathiaz> smoser: ask upstream to make an upstream tarball release
<smoser> :)
<mathiaz> smoser: if upstream is using a setup.py you can use setup.py sdist to create the tarball
<mathiaz> smoser: in the get-orig-source
<mathiaz> smoser: and fix setup.py to properly work with sdist (ie everything is packaged as expected)
<smoser> upstream has a setup.py, but there isn't a released version
<mathiaz> smoser: ok - then use the an upstream version number based on the bzr revno you're packaging from
<mathiaz> smoser: like: 0.1~bzr1234
<smoser> ok
<smoser> mathiaz, so then i end up creating the .orig.tar.gz, right? thats what you're implying.
<mathiaz> smoser: yeah - it would be a native package
<mathiaz> smoser: since upstream doesn't have a released tarball
<mathiaz> smoser: I'd actually as in #ubuntu-motu
<mathiaz> smoser: there may be other options to handle the use case where an upstream doesn't have a released tarball
<smoser> k
<ribo> anyone use user-mode linux in karmic?
<nijaba> hello led-zep
<nijaba> nice to see you here
<led-zep> hi nick !
<led-zep> nice to be here :-)
<nijaba> led-zep: so this is where all the cool server people hang-out :)
<led-zep> ok a place to be for me for sure ;)
<soren> smoser: I usually just create a tarball of the content of upstream's VCS and use that as my orig.tar.gz.
<soren> smoser: ...so not as a native package, but with a home-grown upstream tarball.
<smoser> they released one
 * soren has done this quite a bit
<soren> Oh, great.
 * soren did that with network-manager-{openvpn,vpnc,pptp}, eucalytpus, libcloud, opennebula, libgfshare..
<soren> Come to think of it, I think most of my packages started out that way :)
 * soren wanders off again
<smoser> have a nice friday night soren
<smoser> mathiaz, also seeking review of lp:~smoser/+junk/python-txaws (bug 521121) now.
<uvirtbot> Launchpad bug 521121 in ubuntu "[needs-packaging] txAWS" [Medium,Triaged] https://launchpad.net/bugs/521121
<lifeless> smoser: I don't think anyone has packaged txaws, I may be wrong. Two groups to check with: U1, and landscape.
<smoser> lifeless, thanks. its on its way.
<koolhead17> kees:
<crazygir> for setting up postfix.. if all I want to do is send out emails via php applications.. should I use "internet site"
<crazygir> in the configuration utility
<Italian_Plumber> hello.  With grub, to choose the saveddefault item as the default item, is the line "default saveddefault", or just "saveddefault"?
<Italian_Plumber> or "default saved"
<zul> soren: mem
<zul> soren: meh even
<Xpistos|work> If I have a NFS share and I delete something off it can i still recover it on my server if I don't have a backup somewhere?
<momelod> greetings channel
<momelod> does anyone know why make-kpkg would fail on a xen patched kernel source?
<sherringham> Xpistos|work: I don't think so (unless you get down and dirty with the filesystem)
<Xpistos|work> sherringham: Thanks. I was able to rcover some things, but not everything and the pcitures is what I am most concerned about.
<sherringham> crazygir: satellite system might be best - smarthost. The postfix site (postfix.org) has very good docs.
<DrNick_> i'm sure there must be some 'un-delete' tools available for linux filesystems
<DrNick_> when one deletes a file on ext3/reiser, i'd imagine only the entry in the inode table is cleared
<sherringham> Yes, a google search finds some info - worth a shot, if you really need to.
<smoser> mathiaz, are you able to reproduce https://bugs.launchpad.net/ubuntu/+source/euca2ools/+bug/520707 on a UEC ?
<uvirtbot> Launchpad bug 520707 in euca2ools "euca-describe-snapshots invalid literal for int() with base 10" [Undecided,New]
<mathiaz> smoser: I can give it a try
<DrNick_> all i read to begin with was 'are you able to reproduce....'
<mathiaz> smoser: well - I can't reproduce it on an UEC setup
<mathiaz> smoser: I don't have any snapshots created though
<smoser> hm... funny.
<smoser> i can't reproduce it on ec2 where there *were* snapshots
<smoser> :)
<smoser> so i figured it was a bug when there were none.
<mathiaz> smoser: how do you create a snapshot?
<smoser> can you comment to that effect in that bug ?
<smoser> you probalby have to create a volume first
<smoser> euca-create-volume
<smoser> $ euca-create-volume --zone us-east-1a --size 1 sm1234
<mathiaz> smoser: http://paste.ubuntu.com/375007/
<mathiaz> smoser: wait - it worked
<mathiaz> smoser: with a size of 1
<mathiaz> smoser: ah size is in Gb
<mathiaz> smoser: I can reproduce the bug
<mathiaz> smoser: when I've defined a snapshot
<smoser> http://paste.ubuntu.com/375009/
<smoser> oh. wow. cause i just did that pastebin, ie, create volume, create snapshot, describe snapshot, delete snapshot, delete volume
<smoser> all worked on ec2
<mathiaz> smoser: right - my guess is that eucalyptus return the wrong value
<mathiaz> smoser: the error message is: invalid literal for int() with base 10: 'n/a'
<mathiaz> smoser: 'n/a' seems like something is missing from the answer
<smoser> yeah, i think this is a euca bug
<smoser> oh wait, yeah, i guess not necissarily
<smoser> mathiaz, i suspect its going wrong at boto/ec2/snapshot.py:54
<smoser> def endElement:
<smoser>         elif name == 'volumeSize':
<smoser>             self.volume_size = int(value)
<mathiaz> smoser: is the answer xml?
<smoser> answer?
<mathiaz> smoser: the answer from ec2/UEC
<smoser> probably
<mathiaz> smoser: then we should compare the answer from EC2 versus the one from UEC
<mathiaz> smoser: http://paste.ubuntu.com/375014/
<mathiaz> smoser: ^^ that's error we see
<mathiaz> smoser: IMO the answer from UEC doesn't include an integer
<smoser> yeah, i think so
<smoser> the argument we'll get there is that that is a new api that amazon implemented that isn't in euca yet
<smoser> mathiaz, confirmed that volumeSize was added to boto between 1.8 and 1.9
<smoser> along with 'ownerid' and 'description'
<smoser> mathiaz, i have to run. i posted my suspicion to bug. might have to work arond this in boto.
<mathiaz> smoser: ok
<smoser> can you try just changing that 'int()' and see where you get ?
<smoser> anywy, i'm out now.
<smoser> later.
<pting> i'm creating a 1 TB ebs to store a lot of large files probably 500mb+ a file.. i'm thinking of going with XFS... what's blocksize do you guys recommend?
<pting> probably like 32k?
<uvirtbot> New bug: #521191 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/521191
<rightsprocket> Hello everyone
<rightsprocket> I am trying to use an <FilesMatch> directive in apache2 but it is not working.  As if the module is not loaded.
<rightsprocket> Does anyone know what module I should be loading to get this to work?
<sherringham> rightsprocket: FilesMatch is "core" : http://httpd.apache.org/docs/2.2/mod/core.html#filesmatch
<rightsprocket> sherringham Thanks. I think i figured it out.  Missing an allowoverride in 000-default
<rightsprocket> sherringham Do you know why apache would ignore a filesmatch directive?
<rightsprocket> I am trying to figure out where to put alllowoverrides all and am having no luck.
<sherringham> Hard to say - you sometimes have to play - but keep things simple. For instance, I am using FilesMatch to deny access to various Adobe Contribute files on a server :
<sherringham> <FilesMatch "\.(lck|mno|bak|lbi|csi|dwt)$">
<sherringham> Order deny,allow
<sherringham> Deny from all
<sherringham> </FilesMatch>
<rightsprocket> sherringham It is as if apache is ignoring it
<rightsprocket> I cannot seem to get apche to allow a filesmatch in my .htaccess
<sherringham> What's your match?
<mconigliaro> can anyone tell me how to change the hostname on an amazon ec2 instance? and/or tell me why i shouldn't do this?
<mconigliaro> anything you do on the command seems to get overridden by what amazon provides through the dhcp client
#ubuntu-server 2010-02-13
<uvirtbot> New bug: #504530 in python-boto "euca-register fails to register an image: register_image() takes at least 2 non-keyword arguments (1 given)" [High,Fix released] https://launchpad.net/bugs/504530
<erichammond> mconigliaro: Hostnames on an Ubuntu EC2 instances can be changed the same was as a hostname on any normal Ubuntu server and it's fine to do so.
<erichammond> er, "same way"
<mconigliaro> erichammond: using the hostname command?
<mconigliaro> ive tried that
<mconigliaro> even though i get what i want in the bash prompt, hostname -f always returns the amazon hostname
<mconigliaro> /etc/hostname seems to be totally ignored
<erichammond> mconigliaro: Yep, there are a few things you need to update depending on what software you have installed. "hostname" command; /etc/hostname; /etc/hosts; /etc/mailname; /etc/postfix/main.cf; ...
<erichammond> You might need to restart various services as well
<erichammond> The point is, however, that it's no different from a normal Ubuntu server.
<mconigliaro> i must really be doing something stupid
<mconigliaro> in the past, i just updated /etc/hostname, rebooted, and that was that
<smoser> mconigliaro, well that would work
<smoser> but ec2init is fighting you
<smoser> https://bugs.launchpad.net/ubuntu/+source/ec2-init/+bug/514492
<uvirtbot`> Launchpad bug 514492 in ec2-init "hostname modifications user are overwritten by ec2init" [Low,Triaged]
<smoser> good news is, it wont in lucid
<smoser> bad news is, no easy way to stop it now
<mconigliaro> hmm
<mconigliaro> well at least i know im not a total idiot
<smoser> mathiaz, thanks for reviewing
<smoser> i will address the points you raise on wed if not before.
<smoser> (some of them have already been ... the 1.9 stuff )
<sabgenton> I want to push windows printer drivers where is the default samba share location to put them
<sabgenton>  /usr/share/cups/drv/ ?
<erichammond> smoser: wow, I had assumed that bug was important enough to fix and stopped paying attention to it.  Can we get it corrected in the next Hardy and Karmic?  Changing the hostname of a server can break the functionality of that server.
<iclebyte> I'm having trouble building the postfix-2.5.1 sources after applying the VDA quota patch. The issue is actually at the dpkg-buildpackage stage, I get "dpkg-buildpackage: failure: tail of debian/changelog gave error exit status 1". Any suggestions as to a solution? I've been trying to resolve this for hours..
<mconigliaro> erichammond, smoser: yes, that bug is what's messing me up. if i change the hostname in rc.local, it works fine
<mconigliaro> although services already started are using the ec2 hostname
<mconigliaro> my workaround is to create a service called ec2-init-hostname that runs immediately after ec2-init and sets the hostname according to what's in /etc/hostname
<uvirtbot`> New bug: #521235 in krb5 (main) "package libgssapi-krb5-2 1.7dfsg~beta3-1ubuntu0.1 failed to install/upgrade: the sub-processus dpkg-deb --control returned a state 2 output error" [Undecided,New] https://launchpad.net/bugs/521235
<NineTeen67Comet> Not new to Ubuntu server (LAMP - Personal Web-server via FreeDNS -) .. But I'm looking for some understanding on e-mail server setup. I really would like to use my domain names (I've got a few) as my e-mail addresses respectively. The issue is my ISP I assume .. is there a way around this? (Need both a tutorial on how e-mail servers work and how to circumvent your ISP's port 25 etc) ...
<NineTeen67Comet> This one is "way" more than I'm looking for .. http://flurdy.com/docs/postfix/
<Roxyhart0> hi someone has installed heimdal ?
<Roxyhart0> hi, somebody know how i can know wich packages i got installed i want take off anything relative to kerberos and heimdal
<Tohsh> Can anyone assist me in assigning a users traffic to go through a certain IP address through iptables?
<Roxyhart0> hi iam trying to change users password and i got this error: passwd: Authentication information cannot be recovered
<Roxyhart0> somebody know about this problem?
<genii> Are you using some remote auth method like a radius server?
<Roxyhart0> no, i just instaled ldap and take off kerberos
<Roxyhart0> but my user is unix user
<Roxyhart0> how i restart pam?
<mufasis> i have a quick question
<mufasis> im taking a class on php and i have a spare server a buddy gave me and i cant decide if i want to run server 2003 or some type of linux to learn php with
<mufasis> lamp/wamp
<mufasis> any suggestions
<qman__> PHP works best in a unixy environment
<mufasis> why is that?
<qman__> that's what it was designed on
<qman__> apache on windows is very difficult to secure
<qman__> since it tends to run as administrator
<qman__> in ubuntu, LAMP is secure by default
<qman__> also, few situations in the 'real world' will use PHP on windows
<qman__> because windows is expensive, you only use it when you need it
<mufasis> that makes sense
<mufasis> how hard is lamp to setup and use on ubuntu?
<mufasis> see the thing is my buddy gave me this old proliant dl320 g2 server
<qman__> as hard as checking a box during setup
<mufasis> lol
<qman__> or, post-install, 'sudo tasksel install lamp'
<mufasis> just another quick question
<mufasis> in linux how hard is it to setup vpn or an ftp server
<mufasis> im not a linux pro but i can get by
<qman__> VPN, takes a little bit of work, but not too difficult
<qman__> you have to set up a PKI with the built in scripts, generate a CA cert and client certs
<qman__> and set up the base config
<qman__> FTP should be avoided if at all possible, in favor of SFTP
<qman__> FTP is insecure by design and just generally a pain to work with
<qman__> while SFTP is built into the openssh server, and is easy to configure securely in recent versions
<Siph0n> mufasis, I just set up an sftp server in a hour or two
<Siph0n> pretty easily, and even included the chroot feature
<Siph0n> and im a pretty newbie to it
<mufasis> the server is at my family house on a pretty fast home lan and im a student so i would only be able to work on it through putty or something similar....im taking some programming classes so i need to have lamp/wamp but i also need a way to upload and download files remotely ie ftp/vpn
<mufasis> besides initial setup which i would do right there with the server
<qman__> sftp is the way to go, you can use the command line apps with putty or get something fancier like winscp or filezilla
<qman__> if you don't need jails or accounts for other people, sftp is automatically set up by installing openssh
<qman__> another check box during setup
<qman__> the only thing that isn't already dealt with on a default install is bots attempting to brute force your SSH server
<qman__> if you have a reasonably quick machine and secured user accounts, it won't matter
<qman__> if you care about it, you can set up some iptables rules to slow them down
<mufasis> thank you for your help qman
<qman__> no problem
<mufasis> does 9.10 ubuntu server come with a gui
<jmarsden> mufasis: No.
<sherringham> mufasis: in general, servers run without a GUI/X - a waste of space. Use the comand-line.If you want though, you can stick a desktop on it ..
<mufasis> oh im just wondering cause like i said before im taking a php programming class and i cant decide between server 2003 and linux. can you type all the code in the command line and see a working version of the page?
<jmarsden> See it in a browser on your client PC, of course.  See it (in full graphical glory) on a text mode screen, no.
<mufasis> i think it wouldbe difficult to program a webpage in php through a cli no?
<jmarsden> No, it's trivial.  echo -ne '<?php\nphpinfo();\n?>\n" >somefile.php
<jmarsden> Bingo.
<jmarsden> I didn't even need a text editor :)
<jmarsden> Well, I mismatched my quotes... but apart from that :)
<mufasis> well im sure with your experience not a lot of things with linux seem hard but im semi new =/
<jmarsden> Is the server your only machine?  WOuldn't you be writing code from the comfort of a GUI desktop or laptop anyway?
<jmarsden> Why does the *server* need a GUI?
<jmarsden> PHP is a programming language.  It is stored as text.  You can therefore create it in a text editor, which can be done in a GUI or using a text mode screen.
<sherringham> mufasis: normally, you develop on a different system (with a GUI) then cp/scp/rsync your site/files to the server.
<sherringham> mufasis: but if you don't have another system, or want to test/play on the server itself and you are uncomfortable with command-line only - add a GUI! No problem.
<mufasis> yeah makes sense, ill be back in a few i have to attend to something
<mufasis> no i understand
<mufasis> but a friend of mine gave me an old proliant dl320 g2 server
<jmarsden> So use that as a server, but create web pages on your existing workstation (which already has a GUI).
<genii> then scp or so
<mufasis> yes i was just trying to figure out if i should use linux or server 2003, considering im better on windows then i am on linux but i can get by
<mufasis> ill brb
<qman__> using a GUI won't give you any advantages, the code is still written in text and the software is still configured with the same files
<qman__> there is no effective difference between running a GUI with a terminal and web browser open on the server, and running putty and your web browser on your client
<Callum__> awwwwww
<mufasis> back sry guys
<Callum__> the SCSI data cable in my server is being stupid, DAMN IT
<mufasis> the server i have is behind a router on 15mbps cable line
<mufasis> when running the lamp
<Callum__> I can't get the spare one I have at work until tomorrow...
<mufasis> will the webpage be visible to everyone to see?
<mufasis> i dont want that, i just want a running lamp server for development
<qman__> mufasis, it will only be visible if you forward port 80
<qman__> also, in order to get ssh access from the internet, you would need to forward port 22
<Callum__> mufasis: yeah, on a connection that fast your server should be visible to the Internet, of course after forwarding your ports like qman__ said
<Callum__> you will also need to forward port 443 for HTTPS
<mufasis> for running a website dont i need to register something with someone to have it online?
<qman__> no
<qman__> if you forward the ports, it will be available at your IP address
<qman__> you can find that out by browsing to a site like whatismyip.com
<qman__> if you want a domain name, you will have to register one
<qman__> you can also opt for free dynamic DNS through services like dyndns.com and afraid.org
<qman__> but that's all optional, the site would be available at your IP regardless
<mufasis> ok so if i want to test my code i would just navigate to my ip address with the correct ports forwarded through my router correct?
<qman__> yes
<mufasis> if i wanted an actual website name i would have to register it through a dynamic dns service?
<qman__> yes, either register a paid domain, or get a free dynamic DNS subdomain
<mufasis> now if i want to work on my server remotely i can use putty with port forwarding correct?
<mufasis> with putty though i cant upload and download from the server....
<mufasis> how would i do that
<qman__> you can if you forward port 22
<qman__> the putty suite includes pscp and psftp, which allow you to transfer files
<qman__> but you can get a graphical SFTP client like winscp or filezilla, too
<mufasis> what kind of maintenence or setup do i need to do when installing ubuntu server if i decide to go this route, i know eventually i will be working with linux but my semester is coming up quick and i need someone i can setup problem free very quickly
<Callum__> qman__: there is http://xname.org/ a free domain name registrar but you have to be running your own BIND server to use it
<qman__> mufasis, the install is as simple as following a menu guide, and maintenance is zero if you enable automatic updates
<mufasis> no ive installed ubuntu before but i dont know which packages i need and what does what
<qman__> my current record from disc in hand to production web server is ten minutes flat
<mufasis> also this server needs these drivers from hp because the fans are so fuckin loud without them, can i send you a link to see if these owuld work?
<qman__> you simply need to check LAMP and openSSH when prompted
<qman__> go ahead and paste the link
<qman__> I wouldn't be surprised if the drivers are included, given the how old the hardware is
<mufasis> http://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareDescription.jsp?lang=en&cc=us&prodTypeId=15351&prodSeriesId=3929672&prodNameId=3929673&swEnvOID=4085&swLang=13&mode=2&taskId=135&swItem=MTX-ee4cf438fc6a4fbb875baad8ed
<Roxyhart0> sombodey know what is nscd ?
<mufasis> no ive installed ubuntu before and i needed these certain drivers
<mufasis> i have them on my pc but i think these are updated
<qman__> if you've tested them before, then sure
<mufasis> it might be these
<mufasis> http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=T2811AA
<qman__> just copy the file over to the server, and 'sudo dpkg -i filename.dpkg'
<mufasis> it says these are for sarge 3.1 will they still work for 9.10?
<qman__> maybe, maybe not
<qman__> the first link says for ubuntu 9.10, so I'm going to guess it's newer
<qman__> january 2010
<qman__> I'd go with that one
<qman__> packages for debian aren't necessarily incompatible with ubuntu, but they may rely on packages or package versions that ubuntu doesn't have
<qman__> so it's something that you have to test and play with
<qman__> especially when you're dealing with drivers
<mufasis> on the second link i sent those are the ones i have used before and i know theyre dependencies so i know it works
<mufasis> just one more question with ubuntu server edition
<mufasis> what is the best way to partition the drive
<mufasis> i have 80gb to work with
<qman__> in your case, one big partition should be fine
<qman__> the 'guided (use entire disk)' option
<qman__> other partitioning schemes are more important when you have more disks or want to keep your personal data separated
<qman__> but for a simple development web server, it's not necessary
<Roxyhart0> hi i am trying to set the smbpasswd for root and i got this error:Failed to find entry for user root.
<Roxyhart0> anybody know what could be the error?
<qman__> Roxyhart0, that's _really_ not a good idea, but to answer your question, you must use smbpasswd -a to create a new one
<Roxyhart0> yes
<mufasis> doesnt the guided partition option make several partitions though? one for swap / /home etc?
<qman__> mufasis, no, just a / and swap
<Roxyhart0> my questio is when i try to acces with ssh to my server it is taking long time and i got a a error : ssh root@rx.au
<Roxyhart0> root@rx.au's password:
<Roxyhart0> Failed to add entry for user root.
<qman__> Roxyhart0, that's because root is disabled by default for security reasons
<qman__> use a normal user, then use sudo to perform actions as root
<Roxyhart0> but  i did before
<Roxyhart0> i dont know why t changed
<Roxyhart0> i dont like use sudo
<Roxyhart0> i need to repeat the password many times
<qman__> if you need to do a lot of things as root, use sudo -i
<Roxyhart0> i did, i access with my username and still the same error: Failed to add entry for user rosa.
<qman__> does smbpasswd also fail without -a?
<qman__> (for rosa)
<qman__> -a is only needed when a user does not already have an smbpasswd set
<mufasis> thank you qman ur awesome
<mufasis> i have another question how does remote file transfer and access work when im not on the same lan as the server using putty?
<qman__> mufasis, just forward port 22 on your router to the server, then connect putty to your external IP
<qman__> oh, also, thanks for the link to those drivers, I have an old proliant I haven't been using because it's so loud
<Roxyhart0> sorry qman_ yes also fail when i try to inslude in samba
<qman__> Roxyhart0, there must be something wrong in the samba configuration then, probably in the authentication backend setting
<qman__> I don't know enough about it to troubleshoot more than that
<Roxyhart0> thanks np
<mufasis> lol np
<mufasis> how do i transfer files tho
<mufasis> ?
<rightsprocket> Does anyone know why apache would ignore <directory> directives on ubuntu server?
<Roxyhart0> hi iam trying to add password and user and when i do smbpasswd -a userX i got this error:pam_smbpass(passwd:chauthtok): Failed to find entry for user
<Roxyhart0> somebody has any idea about this problem?
<rightsprocket> I am having an issue where apache2 is either ignoring my <directory> directive or <filesmatch> directives in .htaccess files.
<Roxyhart0> i im tryin to join a server to the domain and i got this error.  NT user token: (NULL)
<Roxyhart0> [2010/02/13 22:55:15,  5] auth/token_util.c:548(debug_unix_user_token)
<Roxyhart0>   UNIX token of user 0
<Roxyhart0>   Primary group is 0 and contains 0 supplementary groups
<Roxyhart0> somebody have any idea?
<Roxyhart0> h, somebody know why when i try to join to the domain with i got this in the log event:Primary group is 0 and contains 0 supplementary groups
<Roxyhart0> hi please, somebody know what mean this error:Failed search for base: sambaDomainName=RX,sambaDomainName=RX,dc=rx,dc=au error: 32 (No such object) (unknown)
<Roxyhart0> Hi i got this bug but i dont know how solve it. somebody know about that? https://bugs.launchpad.net/ubuntu/+bug/363554
<uvirtbot`> Launchpad bug 363554 in ubuntu "Failed to add entry for user XXX" [Undecided,New]
<Roxyhart0> https://bugs.launchpad.net/ubuntu/+bug/363554
<uvirtbot`> Launchpad bug 363554 in ubuntu "Failed to add entry for user XXX" [Undecided,New]
<bn43> hi I've installed fail2ban since having suspected of being target of dictionary attacks - the conf file of fail2ban shows it only use sendmail as mta - I would like to use exim - has anyone configured this?
<internalkernel> If exim is installed, then it should be sym-linked to sendmail...
<internalkernel> bn43: so it shouldn't matter that's its trying to use the sendmail command, it will still route through exim - as long as that is configured
<bn43> ok will try then
<bn43> thanks internalkernel
<internalkernel> your welcome
<MTecknology> !info yelp
<ubottu> yelp (source: yelp): Help browser for GNOME 2. In component main, is optional. Version 2.28.0-0ubuntu2 (karmic), package size 397 kB, installed size 4760 kB
<uvirtbot`> New bug: #521397 in samba (main) "Unable to mount shares from Windows ME" [Undecided,New] https://launchpad.net/bugs/521397
<JohnA> Dumb question, but how do I obtain and update my 9.04 or 9.10 server system - runs headless.
<JohnA> 2nd ?, how can I get it to automatically restart after a crash?
<guntbert> JohnA: 1) use ssh, 2) should be a bios setting (if you are talking about power failure)
<JohnA> no looks like a kernel crash, ups log show no distrubance. the system just stops working with a v long series of what llok like diag messages on terminal
<guntbert> JohnA: then I'd next assume a harware issue (heat, memory,...)
<JohnA> it doesn't look like that, iy certainly is not heat, system runs open frame, HW diags don't show anything so I am assuming SW. sys is lightly loaded - postfix, dovecot and ancillary SW
<JohnA> I wonder if I am missing some critical update, that why I asked about updates - how to for server 9.10 i tried apt-get but kept getting a error -1 says some packages not configured but these pkgs are not installed
<guntbert> JohnA: check the memory
<JohnA> ran memeory diags - nothing
<guntbert> JohnA: did you run them through? the tests 1-5 are only for the worst cases
<stas> hi guys, can somebody help me, how can I change how ubuntu sees the /dev/sdX drives
<stas> I got a usb drive that boots as /dev/sda, and I want it /dev/sdc for example
<guntbert> stas: you cannot - as far as I know
<stas> guntbert: the drive has netboot kernel, i can remove the drive after its loaded, again no?
<JohnA> guntbert: I wasn't running the linux diags was running some HW stuff from the electro lab, much more effective than the stnd stuuf
<guntbert> JohnA: then I don't know
<JohnA> ? is how can I get Linux to auto restart on crash
<guntbert> stas: but the assingment is a kernel thing
<stas> guntbert: so I cant make a "rescan" when I want one... ?!
<guntbert> stas: not to my knowledge
<guntbert> but that is limited :)
<stas> guntbert: oky, thank you
<stas> guntbert: actually i got an idea and it worked, I udevinfo -a -p /sys/block/mysda | grep -i drivers
<stas> modprobe -r the driver
<stas> and modprobe it back
<stas> :)
<guntbert> stas: grand :)
<stas> thanks again
<guntbert> stas: *you* solved your problem :)
<JohnA> guntbert: does setting kernel.panic in sysctl work in ububtu?
<stas> :)
<guntbert> JohnA: no idea - sorry
<JohnA> guntbert: not to worry, I'll try it and see what happens. thanks, take care
<guntbert> JohnA: Good luck :-)
<enherit> how can I create a "nginx" user with the same options as "www-data" user?
<sherringham> enherit: explain "options"? What are you trying to do?
<enherit> www-data doesnt' have home dir.
<enherit> www-data is used to run the apache process. I want to create a user just for running a process
<guntbert> enherit: www-data *has* a homedir set
<enherit> hmm. I think what I want is "a system user"
<enherit> what are "system user" good for?
<sherringham> See: man adduser (you probably don't need a "system" user i.e. id < 1000)
<enherit> thanks.
<MTecknology> I'm going to install xen on my server
<MTecknology> anybody want to help me?
<lifeless> nope
<lifeless> kvm is win
<MTecknology> :P
<MTecknology> kvm for a server?
<MTecknology> !kvm
<ubottu> kvm is the preferred virtualization approach in Ubuntu. For more information see https://help.ubuntu.com/community/KVM
<MTecknology> lifeless: how hard is it to learn to setup a vm in say an hour or two?
<lifeless> depends
<lifeless> can be a few minutes if what you want is already doc'd
<MTecknology> lifeless: probably is - um.. where are vm images normally stored?
<MTecknology> I'm partitioning the drive right now
<lifeless> whereever you like ? :)
<lifeless> read the KVM docs, they are pretty good
<MTecknology> alrighty - I'll just make /virt then :)
<lifeless> if this machine is also a DHCP & DNS server, I would not try putting UEC on it unless you're up for debugging the last bits of the single physical machine topology
<lifeless> kvm itself should be trivial (again -see https://help.ubuntu.com/community/KVM - really)
<MTecknology> yup - I'm there
<MTecknology> I like the kvm virt-viewer ssh+
<MTecknology> qemu+ssh*
<MTecknology> I mentioned using vmware for it but then I remembered how ugly vmware is on a system. We have a system with 8GB RAM and I'm pretty excited abotu it
<chrisboom> hey guys, trying to get BackupPC installed on ubuntu server 9.10
<chrisboom> getting told that 2010-02-13 20:43:15 $Conf{NmbLookupPath} = '/usr/bin/nmblookup' is not a valid executable program
<chrisboom> but i have samba installed
<lifeless> do you have /usr/bin/nmblookup
<MTecknology> When you install a server you can choose cloud cluster or cloud node; how does a cluster work? can you have mysql sitting across multiple servers with that?
<lifeless> cloud cluster is UEC; cloud node is a UEC node controller (which runs kvm instances for you)
<lifeless> do you have existing network infrastructure
<lifeless> like DHCP and DNS
<MTecknology> no
<MTecknology> we're not big enough to support that yet
<MTecknology> so the node is used to admin the cluster?
<lifeless> no
<lifeless> 'cloud node' is a member in the cluster
<MTecknology> I'm just trying to understand how it works - I want to setup some VM's in virtualbox and figure out what this stuff really is
<lifeless> 'cloud cluster' is the controller
<MTecknology> oh
<lifeless> if you are not planning on using UEC, then don't choose either of those things
<lifeless> you can use kvm without UEC
<chrisboom_> lifeless: when i look it up, it tells me its not there
<chrisboom_> so its not installed
<chrisboom_> but i cant seem to work out how to add it
<lifeless> you haven't installed the package it is in
<chrisboom_> i think its part of samba
<chrisboom_> which is defo installed
<MTecknology> lifeless: I have a sinlge desktop I bought today that will function as our best server. When we get to the point of moving into a datacenter I want to know what's going on
<lifeless> MTecknology: UEC is very nice, but a little temperamental on a single machine - I set one up last week on my home games machine. Doing it with that machine also hosting DHCP and DNS might be difficult
<MTecknology> lifeless: I'm only goingt o use kvm on this - I'm just trying to understand cloud computing
<lifeless> oh
<MTecknology> can you have mysql installed on the systems and pretty much have it replicated everywhere?
<lifeless> so UEC supplies an EC2-like system
<lifeless> which means
<MTecknology> or do you just have virtual machines that can be spread across multiple systems?
<MTecknology> I never understood EC-2 either :P
<lifeless> you have virtual machine templates
<lifeless> called 'machine images'
<lifeless> they get started on machines when you issue an API call
<lifeless> and stopped likewise
<lifeless> some basic firewall rules can be deployed at the same time
<lifeless> and there is an API for managing stored content (in S3 - called  walrus in UEC)
<lifeless> thats about the size of it
<MTecknology> so it's a lot like installing kvm on multiple systems with the ability to control all VM's from one system and some firewall rules into the systems?
<lifeless> yes
<MTecknology> so there's not really any redundancy involved either?
<lifeless> when a template is started it gets given an ip from a range you allocate the cluster, an ssh key (for the user starting it) copied into it
<lifeless> MTecknology: depends on your definition of redundancy
<lifeless> you can buy 10 machines when you need the capacity of 8
<lifeless> and if one blows up, restart the vm's that were on it and keep going
<MTecknology> ok
<MTecknology> thanks :D
<lifeless> the vm's get no persistent storage on the machine they are running on
<MTecknology> I think that clears things up a whole lot for me :D
<MTecknology> is it possible to have one server running on two systems?
<lifeless> no
<lifeless> or rather yes
<lifeless> :)
<lifeless> you can start the same machine image many many times
<lifeless> so if you have a MI that runs mysql in cluster mode, with an appropriate autoconfig as it comes online, then you can run that MI 10 times
<MTecknology> nifty
<lifeless> and size the machine type such that its unlikely to end up with two instances on the same node controller
<lifeless> of course then you need backend storage that is fast and reliably like lusterfs/cephfs etc
<MTecknology> I'm installing on ext4
<lifeless> or you need an S3 mysql storage engine
<lifeless> MTecknology: nothing to do with what you're installing on
<MTecknology> ok
<lifeless> when you install you are creating a substrate
<lifeless> its the foundations, nothing more
<lifeless> what else, oh, highly available clusters. I don't think that UEC itself is redundant
<chrisboom> so should there be an nmblookup AND an nmblookup.samba3 file?
<lifeless> rather you're able to create two seperate UEC clusters with disjoint resources, and configure your app to run in both simultaneously (often needs app development to enable this)
<MTecknology> lifeless: so two whole separate clsuters, then you setup the app so it runs in both systems simultaneously.... does mysql/apache support that?
<sherringham> chrisboom: sudo apt get install samba-common-bin
<sherringham> s/apt get/apt-get/
<lifeless> MTecknology: 'often needs app development' ;)
<MTecknology> lifeless: alrighty - thanks :D
<MTecknology> lifeless: I love how well you explain your vast knowledge
<lifeless> there is a big debate at the moment
<lifeless> on whether folk want 'reliable clusters' or 'cheap to deploy lots of clusters'
<lifeless> k, gotta run
<MTecknology> lifeless: I'm all for the reliable
<Zajjko1> I've managed to put my two main users on my server in /bin/false and as it turns out, for some unexplainable reason, my admin-user is not part of sudoers. These are the three users on the server. Is there any hope at all, without complete reinstallation?
<guntbert> Zajjko1: I think recovery system is available in server too
<Zajjko1> How do I access it? Would I need "sudo" to to so?
<Zajjko1> to do
<guntbert> Zajjko1: if I remember correctly you are dropped to a root console
<Zajjko1> Right on.
<Zajjko1> Hold on, though. By default in ubuntu server, root has no password and does no allow login
<Zajjko1> Come to think of it, that is by default in ubuntu overall
<guntbert> Zajjko1: should be no problem in recovery mode
<guntbert> Zajjko1: works as I said: you get a menu, choose net root and get a root console
<Zajjko1> guntbert: Ahh ok. So would I access it from the installed OS or via the install-CD?
<Zajjko1> guntbert: rather, How do I access it? : )
<lifeless> MTecknology: well reliable costs more than cheap redundant, is the argument. bye for now.
<guntbert> Zajjko1: you boot from the HD, and press <shift> until the grub menu appears, there you select recovery mode
<Zajjko1> Thank you, guntbert. Will try that
<guntbert> Zajjko1: be sure to press <shift> early enough
<MTecknology> !rl
<Roxyhart0> Hi I am setting my ldap according how to and I dont undestand why is necesary this entry: ldap idmap suffix = ou=Idmap
<Roxyhart0> My current ldap data doen't have this entry. Domebody know if is necesary to create? why?
#ubuntu-server 2010-02-14
<Zombie-Gaz> Can someone please tell me why I get a "sudo: unable to resolve host dante" whenever I run sudo ("dante" is the name of my machine)? Where can I just remove "dante" as my host - I want the machine to be called "dante" but don't need it to try and resolve that as the hostname.
<jpds> Zombie-Gaz: Sounds like something wrong with /etc/hosts or /etc/hostname.
<uvirtbot`> New bug: #521563 in vsftpd (main) "crashed during install" [Undecided,New] https://launchpad.net/bugs/521563
<Zombie-Gaz> jpds All that /etc/hostname reads is "dante". Can I just chance this to localhost to rid myself of the error?
<Zombie-Gaz> erp. change.
<echosystm> hi guys
<echosystm> whats the difference between ubuntu normal and ubuntu server?
<echosystm> is it a different kernel?
<pmatulis> echosystm: yes, a different kernel b/c there are different kernel options set
<echosystm> i usually get a lot of problems in a dist-upgrade
<echosystm> but 10.04 is goign to be released in the near future
<echosystm> would it be bad to jsut start running the pre-release now?
<echosystm> this server isnt mission critical so bugs are... tolerable
<echosystm> i just dont want to have to reinstall the os once supprot for 9.10 ends
<twb> echosystm: that really depends on whether you're capable of dealing with bugs when they arise.
<echosystm> i'd just wait it out until someone else fixes it :P
<twb> Where the bug is something like "does not boot"?
<echosystm> ok maybe i wont run 10.04 until its out then :P
<echosystm> dist upgrade on 6 vms is going to be fun lol
<echosystm> ahwell
<twb> You should just be able to map operaions over the VMs in parallel.
<twb> *operations
<twb> But IIRC Ubuntu has some other stupid upgrade tool you're supposed to use instead of dist-upgrade.
<echosystm> yeah
<MTecknology> time to go back to learning how to work with kvm
<MTecknology> here we go -  sudo ubuntu-vm-builder kvm karmic --domain kalliki.com --dest /virt/images/ --arch amd64 --hostname carpo --mem 768 --user michael --pass GR3en --addpkg vim openssh-server --libvirt qemu:///system ;
<twb> That's working with libvirt, not kvm, I think.
<MTecknology> twb: oh.. just skip the --libvirt part?
<twb> MTecknology: I mean that ubuntu-vm-builder isn't kvm
<MTecknology> oh
<MTecknology> I was just tryingto follow this - https://help.ubuntu.com/community/KVM/CreateGuests
<MTecknology> twb: should I not use ubuntu-vm-builder?
<twb> I don't know
<twb> I'm *still* trying to get a requisition for VT hardware through purchasing
<MTecknology> twb: My new startup company, I said, hey we need a system that can do something; the developer agreed and said he can't deal with it; we said let's go to best buy and get a decent system: we get back and decide it's enought to run 2 or 3 vm's on - it's jsut a dev system w/ 8GB ram
<MTecknology> so I decided it's time I learn about virtualization beyond the basic desktop
<MTecknology> twb: 2010-02-13 22:39:15,987 INFO    : Converting /tmp/vmbuilderjuNcjN/disk0.img to qcow2, format /virt/images/carpo/disk0.qcow2
<MTecknology> twb: qcow2 is qemu format - I don't know much more than that
<MTecknology> "the last argument will automatically add the newly created VM to KVM"
<MTecknology> twb: ok - you're right - the next part in the guide is converting the image
<twb> kvm talks qcow2
<MTecknology> twb: so ubuntu-build-vm is a python wrapper around libvirt and libvirt is an easy way to work with kvm ?
<twb> libvirt is an abstraction for various virtualization technologies.
<MTecknology> I'm starting up the VM
<MTecknology> twb: It looks like it booted fine, but I have no idea what the networking looks like :P
<MTecknology> I added the br0 interface like it said
<MTecknology> twb: you up for helping me on this one?
<twb> no
<MTecknology> I bet most anyone else is sleeping too :P
<MTecknology> twb: what are you up to?
<twb> I'm playing Star Ocean 4
<MTecknology> !info dillo
<ubottu> Package dillo does not exist in karmic
<MTecknology> heh...
<aaron> can some one help me under stand ubuntu cloud setup?  is it like terminal services where you login to a remote computer?
<erichammond> aaron: Are you wanting to use somebody else's hardware (e.g., Amazon EC2) or your own hardware?
<aaron> my own
<aaron> I want to setup a private cloud.  im not sure if its just sharing web apps or if its like a remote desktop system for linux
<aaron> ive researched and everything is just non detailed when it comes to exactly how it sets up and works
<aaron> erichammond: I'm wanting to experiment I have installed the ubuntu server cloud and dont know what to do next. I dont know how to configure or even what I can do with it. I just found my self setting in a shell not knowing what to do next.
<KurtKraut> aaron, could you paste the result you get with uname -a after this install:
<KurtKraut> aaron, ?
<aaron> I no longer have the system installed.
<KurtKraut> aaron, IMHO, 'cloud' is just a buzz word. It is just a word to make people belive that Ubuntu has something special, new and unique. It is probably just a kernel compile in a optimized way to run as a guest on Xen, VMware, Amazon EC2 and other virtualized system.
<aaron> I dont have a understanding of what a cloud server is I get the consecpt but dont know if its just a app server by web page or a desktop you login to
<sherringham> aaron: it is hard ot explain and it is too early on Sunday morning :-)
<sherringham> Try : http://en.wikipedia.org/wiki/Cloud_computing
<sherringham> Plus - it is somewhat ill-defined sometimes ....
<aaron> when I did the server install it had an option to install cloud server. ive looked for tutroils but just find info that cloud computing is remote service hosting apps and services
<aaron> ill look at the link
<aaron> what im worndering is if its like terminal services where you can login to it and get a desktop
<aaron> is it like having you OS installed on a remote system?
<sherringham> aaron: yes, you can that.
<aaron> how? is there a step by step how to on this?
<aaron> this is vary confusing based on what I have ready a cloud can be any thing. its two wide of a subject and there ant much doc on how to set any thing up well at lest I ant found any thing yet
<aaron> everything I have found about cloud computing tries to explain what it is and fails to explain how to get it working.
<aaron> Some end results examples would be nice too.
<aaron> Thanks.  Ill try asking again some time when it ant so late.
<rileyp> mythbuntu diskless clients have wrong time  server has ntp installed clients have ntp installed on image
<rileyp> anyone help me with this?
<rileyp> ntpsetting on client have been set to get  from server 192.168.1.10
<sherringham> rileyp: perhaps try : #ubuntu-mythtv
<chrisboom> hey, installed 9.10 server
<chrisboom> cant connect to network in installation
<chrisboom> last time it did it no problem
<chrisboom> on the same machine
<chrisboom> this time, ive got no ethernet
<chrisboom> exactly the same set up
<chrisboom> ethernet cable plugged in straight to router
<sherr> chrisboom: what do the logs say?
<chrisboom> how do i read them?
<sherr> text editor? e.g. vi, nano etc.
<chrisboom> sure
<chrisboom> sudo vi what...
<sherr> /var/log/syslog - look for init of eth0 (maybe) and errors/warnings ....
<sherr> Then maybe output of : ifconfig eth0 (or whatever)
<sherr> Then contents of : /etc/network/interfaces etc.
<sherr> https://help.ubuntu.com/9.10/serverguide/C/index.html
<chrisboom> ok syslog looks to be empty
<sherr> Never seen that - you sure? : ls -l /var/log/syslog
<chrisboom> ls -l /var/log/syslog
<chrisboom> types in that and one line came up saying rw-r-------1 syslog then some numbers
<sherr> Mine says : -rw-r----- 1 syslog adm 143856 2010-02-14 11:22 /var/log/syslog
<sherr> *143856* is the size in byts
<sherr> *bytes
<chrisboom> sorry got logged off
<uvirtbot`> New bug: #521666 in libaxiom-java (main) "Fake sync libaxiom-java 1.2.8-1 (universe) from Debian testing (main)" [Undecided,New] https://launchpad.net/bugs/521666
<chrisboom> seriously, need some help here
<chrisboom> installed 9.10 fine yesterday
<chrisboom> today, exact same setup
<chrisboom> fresh install
<chrisboom> 9.10 just totally not connecting to internet
<geser> Hello, does somebody know when the mysql-dsfg-5.1 / mysql-cluster-7.0 fight about libmysqlclient16{,-dev} will be resolved?
<geser> right now libmysqlclient-dev isn't installable on amd64
<Roxyhart0> hi somebody know what means this error. tdb(/var/run/samba/gencache.tdb): tdb_oob len 1426736479 beyond eof at 12288 ?
<dvheumen> Roxyhart0, I'm not familiar with that error, but from what I understand it seems like the tdb (it's a database I think) must be repaired
<dvheumen> some index in this db points to beyond the end of the file
<dvheumen> or maybe restart samba, because the file suggests that it might be automatically generated
<Roxyhart0> thanks! i just did
<dvheumen> and it worked (i assume you meant restarting)?
<KamaL> Hello.. linux noob here. I have a VPS with ubuntu server 9.10-x86. How can install a GUI to be able to connect to it remotely as a remote desktop?
<KamaL> i tried: apt-get install gnome
<KamaL> but i get: E: Couldn't find package gnome
<dvheumen> KamaL, you can always search through the packages with 'apt-cache search gnome'
<KamaL> ?
<dvheumen> I'm not sure about all the packages you need, but you need at least 'gdm' and ... I'm still looking for the correct gnome package
<dvheumen> ah right
<dvheumen> try 'sudo apt-get install ubuntu-desktop', then you'll get the full ubuntu desktop set
<KamaL> Reading package lists... Done
<KamaL> Building dependency tree... Done
<KamaL> E: Couldn't find package ubuntu-desktop
<KamaL> do i have to download it first ?
<KamaL> any idea?
<dvheumen> make sure that /etc/apt/sources.list contains at least the standard ubuntu repositories. You might want to look at the standard documentation on how to do that
<dvheumen> and after the repositories are entered in sources.list, run 'sudo apt-get update' to update your package list
<KamaL> here what is in the file u asked
<KamaL> http://paste.ubuntu.com/376252/
<KamaL> should i update it as explained here? https://help.ubuntu.com/community/Repositories/CommandLine
<dvheumen> yes, at the bottom of the page it says 'sudo apt-get update' to update your list of available packages, after that, 'ubuntu-desktop' should also be a known package you can then install
<bogeyd6> technically you could issue the command "sudo apt-get update && sudo apt-get dist-upgrade && apt-get install ubuntu-desktop"
<bogeyd6> erp
<bogeyd6> put sudo before each apt-get
<KamaL> which repositories should i add
<bogeyd6> if you had the default repos you would be able to install the desktop
<bogeyd6> probably at this time you should go to #ubuntu
<bogeyd6> as this is ubuntu-server and by definition is command line
<KamaL> i'm here because i coudln't install it\
<KamaL> i actually have no idea how to add new repos really
<dvheumen> KamaL, you don't need to, bogeyd6 see KamaL's pastebin earlier (http://paste.ubuntu.com/376252/)
<bogeyd6> installing desktop is still off topic for here
<dvheumen> true
<KamaL> http://paste.ubuntu.com/376259/
<bogeyd6> in its own right its confusing
<bogeyd6> most people dont know ubuntu desktop has all the server packages available
<KamaL> i have a VPS with ubuntu server preinstalled, i can't install the desktop version. that's why i'm trying to do this
<bogeyd6> lol :(
<KamaL> ?
<bogeyd6> what about your memory limit
<KamaL> i have 2GB of ram, is that what u mean?
<bogeyd6> how much you paying per month
<KamaL> ?
<KamaL> what does it have to do with my question
<bogeyd6> i was wondering cuz im in the market for a vps
<bogeyd6> kamal which version of ubuntu?
<KamaL> ostemplate:	 ubuntu-9.10-x86
<bogeyd6> kk
<KamaL> DE server, 100GB, 2GB ram, unlimited bw on a 100mbit port, for 34$
<bogeyd6> KamaL, http://paste.ubuntu.com/376262/
<bogeyd6> KamaL, can you link me up?
<KamaL> ?
<bogeyd6> KamaL, can you send me a link to the vps so i can get one/
<KamaL> it's from a friend, he has a dedicated, and he sold me this VPS
<KamaL> PM?
<bogeyd6> yeah
<bogeyd6> the pastebin link was sent to you contains a valid sources.list
<KamaL> so what do i do with it
<KamaL> sorry, extreme total noob in shell
<bogeyd6> replace your sources.list
<KamaL> how :P
<bogeyd6> uhm
<bogeyd6> sudo nano /etc/apt/sources.list
<bogeyd6> comment out every line by putting a # before every line that doesnt have one
<bogeyd6> copy and paste the pastebin sources.list into your ssh
<KamaL> sudo: nano: command not found
<bogeyd6> sudo apt-get install nano
<KamaL> haha
<KamaL> E: Couldn't find package nano
<bogeyd6> press cntrl X then y then enter
<bogeyd6> wat?
<KamaL> lol
<bogeyd6> hmm
<KamaL> i guess this one lacks so many packs
<KamaL> maybe i can download it through wget?
<bogeyd61> argh
<bogeyd61> KamaL, sudo vi /etc/apt/sources.list
<bogeyd61> KamaL, press i for insert and put a # before every line that does have one, then paste mine in at the bottom. press esc then : and type in w, then q
<bogeyd61> then your stuff will start working
<KamaL> maybe i can install ubuntu desktop and t
<bogeyd6> KamaL, press i for insert and put a # before every line that does have one, then paste mine in at the bottom. press esc then : and type in w, then q
<KamaL> sorry. dc
<bogeyd6> KamaL, sudo vi /etc/apt/sources.list
<olman> manejo de iptables
<olman> tengo 2 wan en mi servidor
<olman> como hago para crear redundancia?
<bogeyd6> !english
<ubottu> The #ubuntu, #kubuntu and #xubuntu channels are English only. For a complete list of channels in other languages, please visit http://help.ubuntu.com/community/InternetRelayChat
<bogeyd6> !en
<bogeyd6> !spanish
<olman> hello
<ubottu> En la mayorÃ­a de canales de Ubuntu se habla sÃ³lo en inglÃ©s. Si busca ayuda en espaÃ±ol o charlar entra en el canal #ubuntu-es. Escribe "/join #ubuntu-es" (sin comillas) y dale a enter.
<olman> i need script iptables with dual wan redundancy
<olman> my server 1 lan(static) and 2 wan (dhcp)
<olman> i have 2 isp provider
<jeeves_Moss> what do I have to remove from a desktop install to strip it out to make the install a CLI only server?
<KamaL> guys, my VPS with ubuntu server can't seem to connect to the internet somehow
<KamaL> can't ping to google.com etc...
<KamaL> DNS servers seem OK
<KamaL> what could it be
<slick666> hmmmmm what is your network setup like
<dvheumen> Hi, does anyone know about APC UPS-ses that support Ubuntu?
<nosse1> >	Hello guys. My Ubuntu server has just been upgraded to karmic, and the disk containing the user's home is fsck during startup (due to fstab "0 2"), yet users are allowed to login! Where can I configure SSH/login not to allow login before e2fsck is done? I didn't allow login prior to upgrade (from Jaunty)
<nosse1> ...It didn't allow login prior...
<marks256> Can anyone suggest a good High Availability clustering file system that supports user quotas? I've been trying unsuccessfully with LustreFS, but i cannot get ANY stability out of it.
<jpds> nosse1: SSH is started before disks are mounted?
<jpds> dvheumen: How do you mean "support Ubuntu" ?
<nosse1> jpds: Do you know when is the disks mounted? (which init.d script)?
<dvheumen> jpds, okay, I just found out that I'm making a certain assumption. Anyways ... I was planning to put 2 servers on a single UPS, one Ubuntu and one Windows. And then have the UPS connected to the Windows-server and have the UPS software communicate with the Windows-server for information about any sort of problems with the power. But now I'm now sure if it was the APC software that supports status communication over the network
<dvheumen> and I have seen that there exists a APC software for Linux, but it's all kinda vague, so I was wondering if someone here has some information on that
<jpds> nosse1: /etc/init/mountall.conf
<jpds> nosse1: Upstart replaced init.d on karmic.
<jpds> dvheumen: Surely it has a SNMP interface or something?
<dvheumen> jpds, great, didn't know about SNMP, now I know what to search for, tnx :)
<dvheumen> it's all about the keywords :)
<nosse1> jpds: I guess this confirms that there are some policy or script change.
<KamaL> guys, i'm trying to install gnome GUI for my 9.04 ubuntu server, but when i send the command, i get this
<KamaL> E: Couldn't find package gnome
<jpds> KamaL: Err.
<jpds> KamaL: Try: ubuntu-desktop.
<KamaL> i tried: sudo apt-get update
<KamaL> but still same error
<jpds> dvheumen: No problem, the APC UPSs I work with have SNMP.
<jpds> KamaL: There is no "gnome" package.
<KamaL> aha
<KamaL> it's working
<KamaL> it's dling stuff, like 450MB
<KamaL> it's gonna use about 2gigs, wow :)
<KamaL> thanks for the tip
<dvheumen> jpds, any particular package you use in Ubuntu for SNMP?
<jpds> dvheumen: The stuff in the "snmp" package?
<dvheumen> okay, tnx ;)
<jpds> dvheumen: For example, http://manpages.ubuntu.com/manpages/hardy/en/man1/snmpwalk.1.html
<dvheumen> jpds, okay, but in that case, have you scripted power availability detection yourself? (since snmpwalk only seems to read information)
<jpds> dvheumen: I just know that they support SNMP, haven't played with it myself. ;)
<dvheumen> jpds, okay. In that case I'll probably play around with the nut-snmp package I found. Thanks for the info. I'd like to be prepared before actually installing the server :)
<jumbers> I'm trying to access files with rsync over SSH that only root is able to view, but for obvious security reasons I've disable root access over SSH. Is there any way to get rsync to access these files?
<dvheumen> jumbers, you probably just want to log in via a normal user and gain root rights via sudo or su
<es21593> siema
<dvheumen> or run rsync daemon en map port through ssh to rsync daemon
<dvheumen> *and
<es21593> polish?
<jumbers> Well, I'm running a backup script that uses rsync like this: rsync -avz -e ssh root@xxx.xxx.xxx.xxx:/home
<guntbert> !pl | es21593
<ubottu> es21593: Na tym kanale uÅ¼ywamy tylko jÄzyka angielskiego. MoÅ¼esz uzyskaÄ pomoc w jÄzyku polskim na #ubuntu-pl.
<es21593> dziÃªki
<jumbers> I guess my other option is to push from the remote system to this one
<dvheumen> jumbers, is there any objection to running an rsync daemon?
<RoyK> dvheumen: it's far easier, and far safer, to run rsync through ssh
<RoyK> given registered users, of course
<RoyK> for anonymous rsync access, I guess a daemon will do fine
<RoyK> just rsync somehostwithsshenabled:/some/path /somewhere and it should try with ssh on its own
<RoyK> or add -e ssh if you're unsure
<dvheumen> RoyK, I'm not implying that you should open the port to the outside, just run the daemon with the right permissions and connect through an SSH tunnel
<dvheumen> but at least then you can configure the daemon to assume the required permissions
<RoyK> I use rsync almost daily this way, just -e ssh
<RoyK> no need for a daemon
<RoyK> I really don't see why you'd want one
<RoyK> ssh will fork one off on connect
<dvheumen> RoyK, see jumbers' question
<dvheumen> jumbers, RoyK can probably help you with your question
<RoyK> jumbers: the command given should work if ssh is installed on that box
<RoyK> on both boxes
<RoyK> if rsync isn't installed on x.x.x.x either install it or use some networked filesystem to reach the data
<RoyK> jumbers: any success?
<bc> can someone tell me where the default clamav quarantine directory is for the ubuntu package? damned if I can't find it on the filesystem or via google.
<RoyK> perhaps /dev/null?
 * RoyK giggles
<KamaL>  guys, I just installed ubuntu desktop on a ubunte-server, now when i try to connect to shell, Putty closes itself.... is this normal??
<bc> Okay, I've exhausted my search. I'll let it stay quarantined forever. The word doesn't even exist under /etc.
<bc> (nor in /usr/share/doc/clamav)
<bc> Sigh, solved -> /var/lib/amavis/virusmails
<RoyK> KamaL: apt-get install ssh?
<KamaL> RoyK: the problem is that i'm connecting to the VPS through putty, and it closes immediately after logging in
<RoyK> does other ssh clients work?
<RoyK> or give a useful error message?
<KamaL> the moment i login, it just shuts down
<RoyK> shuts down?
<RoyK> the link or the box?
<RoyK> does it work with another ssh client?
<KamaL> putty
<RoyK> please, try with another client
<KamaL> like what
<RoyK> or  ssh localhost
<RoyK> something
<RoyK> ssh localhost from the console is a good start
<KamaL> i'm connecting from home to a remote VPS
<RoyK> or ssh user@localhost
<RoyK> well, if you can't login to the box, there's nothing we can do other than asking you to try differently
<RoyK> do you have a console?
<RoyK> like with RDP or something
<RoyK> console access
<RoyK> also, another client, like cygwin ssh (given you're running windoze) might give an error message
<RoyK> putty can be pretty useless at that
<KamaL> trying that
<KamaL> btw, i have access to HYPERVM, so i can send commands through it too, if it's of any help
<RoyK> no idea what that is
<KamaL> well, it told me SSH is latest version
<RoyK> but can  you do something useful from there?
<KamaL> yes, send commands
<KamaL> apt-get etc....
<KamaL> maybe i can install vnc server through it
<KamaL> is it complicated?
<RoyK> don't you have an ubuntu VM for testing?
<KamaL> no
<RoyK> try that first
<RoyK> you need to know the commandline before you can try it blindfolded
<KamaL> aha
<KamaL> ok, vino is installed, so i just have to find a way to run it and connect to it
<smallsat> interesting problem I have... I seemed to have deleted the .qcow2 image of a running VM
<smallsat> anybody know how I can get it back? the VM is still running, and I'm scp'ing all the data out of it right now....
<smallsat> thanks
<brixsat> hello
<brixsat> i have 2 apps that start at boot time in rc.local, the app1 is a server and the app2 is the client, the problem is that app2 quits because app1 is slower loading
<brixsat> can i delay app2 a few seconds from start?
<zoran119> can someone tell what is the best way to keep my ubuntu 8.04 lts server up to date?
<zoran119> i normaly do 'auptitude update; aptitude upgrade' but the new kernel is being 'kept back'
<guntbert> zoran119: I just checked - sudo aptitude safe-upgrade *did* install a new kernel - it just doesn't get activated until you reboot
<zoran119> i'm a bit worried that the kernel may be vournable (patches not installed)
<zoran119> guntbert: ok... so is there a way to keep a kernel but get the package manager to only install the security updated for that kernel?
<liva> brixsat > are you using && operator ?
<zoran119> or do you have to upgrade the kernel to get the security patches?
<guntbert> !pin | zoran119
<ubottu> zoran119: pinning is an advanced feature that APT can use to prefer particular packages over others. See https://help.ubuntu.com/community/PinningHowto
<guntbert> zoran119: if you are talking about security patches to the kernel - those you get only with a new kernel - where is the problem?
<zoran119> guntbert: ok, so the fact that i haven't ran safe-upgrade some known kernel 'wholes' have not been secured
<zoran119> guntbert: i better go and run safe-upgrade then....
<guntbert> zoran119: I'm not sure if that is the reason - doesn't hurt to try though
<zoran119> guntbert: can you tell me... after i do safe-upgrade, will i still have 8-04 lts or will my server be upgraded to 9.10 or someting else...?
<guntbert> zoran119: no worries - safe-upgrade won't even do anything which might be slightly dangerous - it will let you stay on your LTS
<zoran119> guntbert: awesome... thanks for your help
<guntbert> zoran119: you're welcome :-) you might want to read man aptitude and search for safe-upgrade ....
<zoran119> guntbert: sure will
<d4n1> sup?
<brixsat> liva no && operator
<brixsat> i have a sh file with sleep function between files
<d4n1> if i get an error saying that my kernel needs functionality 0:6, what could it be?
<sherr> d4nl: that looks familiar to me, but I cannot recall why. From what?
<d4n1> well, it happened when i tried to boot my server, which i had just finshed formatting
<d4n1> im formatting again, i just wanted to know if it was a configuration error
<qman__> brixsat, you should run your apps in one line like this: serverapp && sleep 5 && clientapp
<qman__> err
<qman__> nevermind, that won't work
<qman__> because the server app doesn't finish
<qman__> you could wrap the client in a repeat script
<qman__> or evaluate the client's exit code
<brixsat> any one here uses shoutcast/sc_trans?
<qman__> brixsat, if the server app listens on a port, you could create a script for the client that nmaps for that port until it's listening, then starts the client
<brixsat> :) qman__ i solved that part
<qman__> ok
<brixsat> the problem is that sc_trans wont start if in rc.local
<qman__> can't run as root?
<brixsat> but the same sh script works fine if executed in shell
<brixsat> it can run as root :)
<brixsat> is there a "startup" log ?
<qman__> is the script written for bash?
<qman__> the default shell for scripts is dash
<qman__> and bash-isms won't work in dash
<qman__> so you could try '/bin/bash /path/to/script.sh'
<brixsat> yes
<brixsat> #!/bin/bash   (new line)  sc_serv /root/radio/sc_serv.conf (newline) sc_trans /root/autodj/sc_trans.conf
<brixsat> and in rc.local ---> sh /root/start.sh
<qman__> does sc_serv exit after it starts?
<qman__> if not it's just going to wait
<brixsat> no sc_serv runs ok :=)
<qman__> yes, but in that script
<brixsat> http://ouvir.radioamorportugal.com:6002 as you can see :)
<qman__> it waits until sc_serv exits before it runs sc_trans
<brixsat> :o
<brixsat> that may be it :D
<brixsat> should i put & im the end of the comand?
<qman__> you will have to tell it to daemonize, either by command line option or a & at the end
<brixsat> :D
<qman__> of course that makes it run the next command instantly
<qman__> so you'll have to add in a check or wait
<brixsat> qman__  trilian thanks :D
<brixsat> i did not expect to be the & problem
<brixsat> ;) i will dedicate a music to you ;) in the my show :D
<qman__> hah, no problem
<KamaL> hello, i have a VPS with ubuntu server 9.04 on it, and after installing ubuntu DESKTOP, something is messed up with configs, and i can't even ping to any site anymore. why is that??
<uvirtbot`> New bug: #521936 in mysql-dfsg-5.1 "MySQL Server character set and collation not UTF-8 by default" [Undecided,New] https://launchpad.net/bugs/521936
<mylarry> Hi! Systems i have used and seen were always so that there was one starting-point to where the requests came to and that server does (at least) the loadbalancing so routing the requests to differnet servers (which have nothing to do at the moment . But with this architecure you have at least this one server "the starting point" the router/loadbalancer that is a single point of failure. So if this server crashes nothing will work 
<mylarry> what can you do to have no single point of failure??
<zoran119> hey, i just did 'aptitude safe-upgrade' and there are packages being held back (linux-image-server and linux-server amongs them)... is it secure to run my server like this? have the kernel patches been applied?
#ubuntu-server 2011-02-07
<benlake> anyone know of a channel for mdadm before I rattle off here?
<patdk-lap> my mdadm seems to love the /dev/sd* chanels
<patdk-lap> channels
<uvirtbot> New bug: #714358 in openvpn (main) "update-resolv-conf doesn't support multiple dns search domains" [Undecided,New] https://launchpad.net/bugs/714358
<idleman> !dlem@n
<ball> That was odd.
<Pici> Indeed.
<fluvvell> ping
<twb> Is there *any* reason to use external sftp over internal-sftp?
<zephlit> first time installation novice user... setting up a LAMP stack. need basic security tips. anyone?
<bicranial> zephlit: public web server?
<zephlit> yes but trying to learn, not just get it running :D so i wanted to do everything "correctly"
<zephlit> it will be hosting sites that i previously relied on a web-hosting service to do...
<bicranial> physical server or VPS?
<zephlit> VPS... what would the difference be? (jw)
<bicranial> well if it were a local server in your home/office then you'd want it in a DMZ..
<zephlit> ahh i see. i misinterpreted the question... so "in a data center or in home/office" haha
<zephlit> or physical server or VPS/dedicated
<zephlit> :P
<bicranial> sorry, I should've been clearer there...
<twb> Why break the habit of a lifetime
<bicranial> have you looked for tutorials/howtos?
<twb> A basic security tip would be: don't run PHP
<zephlit> yeah i have... i've done a few steps already. creating a new user, disabling root for ssh (should i disable root for the OS?), iptables, seprate group for ssh login
<zephlit> twb: what if I needed php for future applications? are you suggesting an alternative
<twb> "The National Vulnerability Database maintains a list of vulnerabilities found in computer software. The overall proportion of PHP-related vulnerabilities on the database amounted to: 20% in 2004, 28% in 2005, 43% in 2006, 36% in 2007, 35% in 2008, and 30% in 2009."
<twb> http://en.wikipedia.org/wiki/PHP#Security
<zephlit> wow haha thats crazy-- but controversial to just say "don't run php"?...
<twb> No, controversial is advocating removing .com and all the assholes that are ruining my PERFECTLY GOOD military network
<zephlit> LOL. kk i'm still in the basics of learning how to SET UP a web server hahaha
<zephlit> thats a story for another day
<zephlit> at least for me :P
<twb> busybox httpd -p 8080
<twb> Done.  You now have a webserver exporting the current working directory, with your current user's privileges, on port 8080.
<zephlit> rofl i just googled what busybox was on my webserver... absorbing
<twb> Unfortunately Ubuntu's always-installed busybox is a bit crippled compare to Debian's :-/
<zephlit> see would i be able to set up virtual hosts with that
<zephlit> lmao i have multiple domains
<zephlit> you're probably like 'ogm' ... intentionally misspelled.  ahhhhhhhhhh (cry)
<zephlit> i'm just looking to learn... =/ basics, security. ive done a bit of reading before coming here. someone spare me!
<bicranial> have a read through a few tutorials/guides like: http://www.andrewault.net/2010/05/17/securing-an-ubuntu-server/
<zephlit> thanks :D
<bicranial> I'd suggets setting up a test env in a VM on your PC/notebook
<twb> There was a good article somewhere by an OpenBSD-type weenie, whose main gist was "applying security updates is dumb... it is better to NOT RUN services you don't need, and pick security-oriented implementations of the services you DO need."
<twb> zephlit: also #ubuntu-hardened
<zephlit> ic... is hardened about security?
<twb> Yes
<twb> "hardening" means making a system more secure
<zephlit> lol
<zephlit> thx
<zephlit> i'm liking UFW because the readings i've had on iptables meant going back and reading them a few more times... lol
<twb> Talk to #netfilter about it
<twb> Most iptables documentation is utter crap
<twb> ufw is reasonably sensible, as long as you just need to whitelist/blacklist a few addresses/ports
<zephlit> :D you're so rebellious against ... everything. its fun to hear
<twb> I'm a grumpy old man
<zephlit> ha. i wanna be like you one day
<zephlit> oops... locked myself out of my VPS. time to access the out-of-band console -.-
<zephlit> out of the SSH*
<zephlit> question : is read-only determined by chmod parameters or something else?
<twb> bicranial: that URL advocates "nmap localhost", which is obviously flaky.  It'd be better to test from an endpoint outside the local network.  I'd also do SSH rate limiting and port scan detection directly in netfilter, but that's just me.  Other than that, a reasonable article.
<twb> zephlit: that depends.
<zephlit> on?
<twb> zephlit: on a default Ubuntu 10.04 server, it'll be governed by POSIX DACs (what you call "chmod"), and by apparmor for specific services (e.g. squid).
<twb> Apparmor being an LSM MAC.
<twb> http://en.wikipedia.org/wiki/Discretionary_access_control, http://en.wikipedia.org/wiki/Mandatory_access_control
<zephlit> nmap localhost... ill ignore that part then
<bicranial> twb: agreed
<zephlit> okay so it was MAC is be dealin withs' :/
<zephlit> i's*
<twb> Unlikely
<twb> But if so, there'll be a report in /var/log/klog with the string "audit"
<zephlit> nope nvm :/ gonna go sleep. thx for the help twb -- i like the in depth-ness a lot :D
<markitoxs> hello
<markitoxs> i was wondering for a recommendation in doing HOT backups, without LVM, is it possible?
<RoyK> markitoxs: what do you mean hot backup?
<patdk-lap> royk, a backup where you don't shutdown the fs
<patdk-lap> where everything is still running live on the system, while you back it up
<RoyK> Anyone here using NIS? We're seeing wierd problem across a set of servers/workstations: Accessing files works well, but setting file rights, as with chgrp somegroup somefile, does _not_ work, even if the user is member of that group
<RoyK> patdk-lap, markitoxs: that should work well for most systems, except perhaps databases
<RoyK> database files shouldn't be backed up directly on most DBs
<RoyK> make a dump, then backup that
<andreasf> markitoxs: R1Soft CDP is a nice (commercial) solution.
<patdk-lap> royk, running nscd?
<markitoxs> sorry guys, was away from the screen
<markitoxs> yeah, i have only found R1Soft, that seems quite good
<markitoxs> i wish there was a simple way to migrate to LVM
<andreasf> markitoxs: It has an addon for hot MySQL backups.
<RoyK> patdk-lap: nope - at least not on those I have installed
<RoyK> markitoxs: just create a dump and back that up
<RoyK> for ordinary files, hot backup shouldn't be a problem
<RoyK> it's not like M$ where files are locked
<markitoxs> well, its an asterisk server
<RoyK> that shouldn't be a problem either
<RoyK> asterisk is only text files
<patdk-lap> that would be even simpler
<RoyK> plus perhaps a database
<patdk-lap> and voice recordings :)
<markitoxs> so, we have backups at the moment, dumping the whole FS
<RoyK> yeah
<markitoxs> into a tar.gz file
<markitoxs> but seems there could be room for improvement
<RoyK> markitoxs: why don't you use something like bacula?
<RoyK> markitoxs: if you have a database in the asterisk setup, make a cron job to dump that with mysqldump/pg_dump and then back that up
<RoyK> andreasf: should nscd help?
<markitoxs> Im more interested in mirroring the system
<markitoxs> I have a DB replication setup
<patdk-lap> markitoxs, well, use rsync
<markitoxs> i just wanna know what your opinion is on that
<patdk-lap> don't use rsync on the database
<markitoxs> oh yeah, learned that the hard way
<markitoxs> Bacula looks really good, btw
<markitoxs> andreasf, did you say there is a plugin for MySQL for R1Soft CDP?
<andreasf> markitoxs: Yes, it's nice. I used it for backup of a several hundred GB large DB for a large community.
<RoyK> http://pastebin.com/kYPS0N0D <-- file rights look good, but chmod doesn't work
<RoyK> any ideas?
<RoyK> http://karlsbakk.net/nfs-probs.pcap
<patdk-lap> heh? ls -ld .
<soren> RoyK: You are chgrp'ing, not chmod'ing.
<patdk-lap> chmod?
<soren> chmod!
<RoyK> soren: yes, sorry, that's the problem
<soren> Sorry, what's the question?
<RoyK> chgrp should work
<soren> Why?
<patdk-lap> I don't get the why chmod :)
<soren> patdk-lap: BEcause that's what he asked about.
<soren> patdk-lap: 11:42 < RoyK> http://pastebin.com/kYPS0N0D <-- file rights look good, but chmod doesn't work
<RoyK> patdk-lap: chmod works, chgrp doesn't
<soren> RoyK: It's not expected to.
<RoyK> soren: it certainly is
<patdk-lap> oh heh :)
<patdk-lap> I didn't even notice anything after the url
<RoyK> soren: it works locally, but not if the filesystem is mounted over nfs
<soren> RoyK: orly?
<RoyK> so long that the user is member of the target group, chown should work
<RoyK> soren: yes, really
<RoyK> chown/chgrp
<RoyK> chown :newgroup / chgrp newgroup
 * soren stares at the code again..
<RoyK> sec - I'll pastebin another example
<soren> RoyK: Oh, right. I see it now.
<soren> I misread a && for a !!.
<soren> Err..
<soren> heh.
<soren> For a ||, of course.
<RoyK> http://pastebin.com/MAz02dmd
<RoyK> that shows local test and test over nfs
<soren> I'm not sure how that's meant to work over nfs, really.
<soren> Group membership is a process attribute.
<uvirtbot> New bug: #714542 in net-snmp (main) "prTable reports running processes as NOT running on Ubuntu 8.04 LTS" [Undecided,New] https://launchpad.net/bugs/714542
<soren> ..and since the process trying to do the chgrp is on another host, it obviously can't check whether the group membership is valid.
<soren> RoyK: ^
<soren> RoyK: Which nfs version is this?
<RoyK> soren: 3
<soren> RoyK: :(
<RoyK> soren: seems local groups (defined in /etc/group) works, but that's about it
<lieuwe> i'm trying to set a mailserver up on my server, but for some reason when mailing something to it, i get a "delivery delayed" message the next day, and a "delivery failed" message the day after that, what gives?
<patdk-wk> lieuwe, what gives? your lack of stating the problem :) logs?
<lieuwe> patdk-wk: lol, http://codepad.org/R42mWHep
<patdk-wk> looks pretty self explanitory to me: No route to host
<lieuwe> patdk-wk: that doesnt mean anything to me tho, first time i'm setting a mailserver up.
<patdk-wk> that has nothing to do with mailservers
<patdk-wk> it's an ip thing
<patdk-wk> it looks like your attempting to run a mailserver at home
<patdk-wk> and most isp's don't allow that
<patdk-wk> therefor it doesn't work
<lieuwe> patdk-wk: where could i check if my isp allows it?
<lieuwe> (it's pretty lax with other stuff)
<greppy> is 82.161.50.114 your current IP?
<lieuwe> greppy: yeahs
<lieuwe> greppy: static ip :-3
<soren> RoyK: You're using the nfs3 server in the kernel, right?
<RoyK> soren: yes
<greppy> lieuwe: I think they are blocking inbound port 25, I can hit port 110, get dovecot response, but 25 gets no route to host.
<soren> RoyK: And you say it works for groups in /etc/group?
<RoyK> soren: yes
<soren> RoyK: On the server, you mean?
<soren> Ah..
<patdk-wk> ya, but I'm getting a tcp reject
<soren> Hmm..
<lieuwe> greppy: lemme check mah firewall
<patdk-wk> shouldn't that mean he isn't running a mailserver on his system
<RoyK> soren: writing a test program now...
<patdk-wk> cause a firewall and stuff should do icmp rejects, not tcp
<greppy> patdk-wk: could be stopped at the router.
<lieuwe> greppy: lol, my port 25 is indeed closed, lemme try and open it up
<soren> RoyK: As far as I can see, only nfs4 makes any attempt at transfering group info.
<lieuwe> greppy: could you try port 25 again?
<soren> RoyK: So for nfs versions lower than 4, it looks like only the current fsgid applies.
<greppy> lieuwe: that works :)
<soren> RoyK: I have a bit of a hard time following the code in some places, though.
<RoyK> soren: that sucks, but it makes somewhat sense to what I see
<lieuwe> greppy: okay, then that probably was the problem
<soren> RoyK: nfs4 fixes a *lot* of these problems.
<patdk-wk> connection refused, now it's a firewall issue :)
 * patdk-wk loves getting refused
<patdk-wk> reminds me of all the women
<lieuwe> now it gives "Relay access denied", wtf did i do wrong this time?
<greppy> lieuwe: that's a postfix configuration issue.
<lieuwe> greppy: well, fck
<lieuwe> greppy: what config should i be looking at?
<greppy> you just want it answering for dikzak.dyndns.org?
<greppy> can you paste the contents of your /etc/postfix/main.cf?
<lieuwe> greppy: http://pastebin.com/qxd4bhbC
<greppy> lieuwe: mydestination = server.fritz.box, localhost.fritz.box, localhost
<greppy> that's why, you need to put the hostname you want to recieve mail for there.
<lieuwe> greppy: got it working now, thanks.
<RoyK> soren: that doesn't make sense - I can chgrp from root with no_root_squash - or will that bypass checking the GID?
<RoyK> soren: forget it...
<RoyK> soren: still, if the groups weren't sent, why can I change a file, but not it's group?
<soren> RoyK: "change a file" means what?
<RoyK> echo wtf >> somefile
<soren> So the contents?
<RoyK> yes
<soren> Different types of checks.
<RoyK> right - I can't chmod the file even if the group I'm in has rw
<RoyK> that is, not the primary group, one of the others
<soren> The check for whether you can change ownership is quite a bit more complex than the one that checks if you can change the contents of the file.
<soren> The logic is completely different.
<soren> You can't chown at all if you're not root, for instance.
<soren> Well, you need to have CAP_CHOWN, relly.
<soren> really.
<RoyK> soren: seems to be a linux problem on the client, really
<RoyK> it works from a solaris client
<soren> Same uid/gid?
<RoyK> yes
<RoyK> soren: same NIS domain
<soren> Wow. NIS?
<RoyK> I said that initially
 * soren checks his calender
<RoyK> it takes some time to convert a truckload of servers/clients to something else
<RoyK> and there's a lot of things more pressing than that...
<soren> It's been a few years since NIS went out of style, to be honest :)
<RoyK> well, it's still a package
<uvirtbot> New bug: #438072 in exim4 (main) "package exim4-config 4.69-9ubuntu1 failed to install/upgrade: subproces post-installation script gaf een foutwaarde 2 terug" [Undecided,Won't fix] https://launchpad.net/bugs/438072
<soren> RoyK: We also have a gopher server in the archive... :)
<RoyK> soren: now, _that_ is ancient :)
<soren> RoyK: Just saying that being packaged doesn't say much about the technology's currency. :)
<lieuwe> i'm setting up my mailserver, but on receiving mail i get "mail_location not set and autodetection failed" from dovecot.
<uvirtbot> New bug: #333257 in exim4 (main) "Exim hangs on delivering mail, lack of entropy for TLS" [Low,Opinion] https://launchpad.net/bugs/333257
<uvirtbot> New bug: #480927 in exim4 (main) "karmic upgrade resurrected exim4 daemon" [Low,Incomplete] https://launchpad.net/bugs/480927
<uvirtbot> New bug: #638810 in exim4 (main) "exim4 config does not honour /etc/mailhelo" [Low,Incomplete] https://launchpad.net/bugs/638810
 * soren has never heard of /etc/mailhelo
<patdk-wk> maybe he means /etc/mailhost
<patdk-wk> oh, /etc/mailname is what I'm thinking of
<soren> ScottK: Have you hear of /etc/mailhelo? (re bug 638810)
<uvirtbot> Launchpad bug 638810 in exim4 "exim4 config does not honour /etc/mailhelo" [Low,Incomplete] https://launchpad.net/bugs/638810
<soren> *heard
<zul> dannf: ping when you are around
<acidflash> is is possible to mount 1 "folder" on several hdd's ?
<compdoc> I suppose you could have a folder on each drive and sync them
<acidflash> compdoc: how do i do that?
<compdoc> well, rsync could do that, and be run from cron, or whatever service
<patdk-wk> hmm, what is the definition of *mount one folder*
<patdk-wk> rsync just makes a copy of one folder on several drives
<patdk-wk> the mount bind command actually mounts one drive in many places
<patdk-wk> simpler than rsync would just be symlink
<acidflash> patdk-wk: what i want to do is the following, i have a HD which I would like to serve files from, and I will be caching thing on this folder, I have about 4 x 1TB HD and 1 x 1.5TB HD
<acidflash> I want all those disks to cache in "one folder"
<acidflash> that I will tell my web server that your root dir is this folder
<acidflash> i know that i can use raid
<acidflash> but I want to know if there is an easier way
<patdk-wk> oh, so you want all the *files* in the one directory to be split over all the drives
<patdk-wk> raid is the easy, and is the only way that will give you any real performance increase
<resno> acidflash: greyhole
<patdk-wk> other ways would be lvm
<acidflash> pat: yes
<resno> check out greyhole
<acidflash> resno: ok I will read about it!
<resno> i dont use it, but ive read about it. and it seems to match your needs
<resno> a friend uses it and hasnt had any problems
<acidflash> yeah almost exactly
<smoser> Daviey, had you seen bug 615442
<uvirtbot> Launchpad bug 615442 in eucalyptus "euca-describe-users fails with ImportError: No module named euca_admin.users" [High,Confirmed] https://launchpad.net/bugs/615442
<Daviey> smoser, yeah...
<Daviey> smoser, it was left with upstream making a change to their setup.py of their python module...
<smoser> upstream who?
<Daviey> smoser, there really needs to be a new binary package...
<Daviey> smoser, euca.
<smoser> there is no setup.py for eucalyptus
<Daviey> smoser, exactly.
<smoser> well, thats more than "a change" :)
<smoser> so anyway, that really should be fixed.
<Daviey> introducing new files = change :)
<Daviey> smoser, i really don't think it'll get fixed for maverick
<Daviey> natty.. yes
<smoser> well, it should be fixed for natty, and then, i can't imagine the fix is intrusive
<smoser> so it wouldn't be bad to get it back, but natty first.
<Daviey> smoser, if the issue was in lucid.. i'd agree... but SRUing Maverick for that seems non-essential
<Daviey> smoser, it would be nicer to find out why euca is FTBFS'ing in natty first :)
<smoser> i didn't know that.
<smoser> agreed.
<Daviey> annnnndd...... dhcpd is broken aswell
<Daviey> all in... it's a mess :)
<smoser> so you've got some work to do then, my friend.
<smoser> :)~
<uvirtbot> New bug: #714667 in libvirt (main) "Upstream to 0.8.7 for natty" [Undecided,New] https://launchpad.net/bugs/714667
<zul> ^^^ yes please :)
<uvirtbot> zul: Error: "^^" is not a valid command.
 * SpamapS stretches
<RoAkSoAx> SpamapS: /win 6
<RoAkSoAx> arrgh
<RoAkSoAx> SpamapS: morning btw :P
<SpamapS> RoAkSoAx: hah good morning :)
<RoAkSoAx> SpamapS: btw.. do you know of any USB to VGA adapter to be able to connect another external Monitor?
<genii-around> RoAkSoAx: I have one from StarTech that works under 8.04
<uvirtbot> New bug: #714702 in etckeeper (main) "Please merge etckeeper 0.52 (main) from Debian unstable (main)" [Wishlist,Confirmed] https://launchpad.net/bugs/714702
<SpamapS> RoAkSoAx: no I'm an apple fanboi when it comes to hadware. ;)
<SpamapS> hardware too :)
<RoAkSoAx> genii-around: yeah I was looking at that one and seems to work well with Ubuntu
<RoAkSoAx> SpamapS: yeah but I IIRC you mentioned something about one in Dallas...
<cocoa117> is ubuntu-virt channel died?
<cocoa117> should we all move over to ubuntu-server?
<SpamapS> RoAkSoAx: no, the one I mentioned in Dallas is mini-DVI to DVI
<RoAkSoAx> SpamapS:besides that, I think you mentioned that you saw someone... but anyawys, I can be mistaken :P
<SpamapS> RoAkSoAx: quite possible.. I talk way too much
<RoAkSoAx> lol
<ZacLnxNewb> hi
<SpamapS> ZacLnxNewb: hi!
<ZacLnxNewb> SpamapS: I'm looking for advice >.>
<ZacLnxNewb> SpamapS:  I'm attempting to make an online store using mysql and php
<ZacLnxNewb> SpamapS: However I have no experience doing this, and would like to know what to watch out for
<ZacLnxNewb> SpamapS: I have little experience with mysql, I can handle php.
<RoyK> ZacLnxNewb: look for systems already made - it'll probably save you a lot of headache
<zul> dannf: ping
<ZacLnxNewb> RoyK: aye, that's no challenge. :p
<dannf> zul: hey
<RoyK> ZacLnxNewb: no, but it'll save you a lot of work, and building online stores means you need to know a few things about PHP security
<zul> dannf: i had a look at your multipath branch if you can clean that up a bit i will be happy to upload it for you
<ZacLnxNewb> RoyK:  I'm sure I could do it, using php to interface with mysql for inventory and user logins.
<RoyK> ZacLnxNewb: sure, but an online store will be open to the internet - what do you do to prevent SQL injection? cross-site scripting?
<SpamapS> ZacLnxNewb: there's your advice. :)
<RoyK> if you know these things, sure, but if you don't, it may be rather expensive to try yourself
<SpamapS> ZacLnxNewb: if you use a framework.. (in the right way) then you'll be better off too. I like Symfony and Zend.
<ZacLnxNewb> RoyK:  how does sql injection work?
<RoyK> lol
<RoyK> http://xkcd.com/327/
<RoyK> ZacLnxNewb: ^ That's a good example
<RoyK> there are other less trivial examples, though
<ZacLnxNewb> RoyK: I learned to watch out for that when I made comment scripts in the past.  Caught people inserting css code to add effects.
<ZacLnxNewb> RoyK:  It's easy enough to strip all input of all un-needed characters, or store the characters in a nonthreatening form.
<RoyK> ZacLnxNewb: just use something that's proven to work - otherwise you'll spend three times the time, or more, and probably end up with something far less usable
<RoyK> ZacLnxNewb: there's a good reason there's only one linux kernel tree :P
<ZacLnxNewb> RoyK:  how lazy. :p  using such short cuts
<RoyK> ZacLnxNewb: not really - just use a platform that works and add to that
<ZacLnxNewb> RoyK:  apart from mysql injection and restricted access to php files, what else should I watch for?
<ZacLnxNewb> RoyK:  I will take your suggestion, but I do want to know how it works
<RoyK> cross site scripting can be quite bad
<RoyK> look it up
<SpamapS> ZacLnxNewb: if thats lazy, then so is using Ubuntu. You should be using LinuxFromScratch.
<RoyK> ZacLnxNewb: also, I really do understand that you want to write it from scratch, most newbies want that, just to do it, but with the current frameworks available, it's not really a good idea. It might have been a good idea ten years ago, but not really now
<ZacLnxNewb> RoyK: SpamapS  Cross site scripting would involve cookies and client side storage, I was planning on doing everything server-side
<ZacLnxNewb> RoyK: With very limited user input
<RoyK> ZacLnxNewb: I've just been in this game for 15 years - I'm only trying to give you some simple advice - but do as you please...
<ZacLnxNewb> RoyK:  Oh, I'm listening, honestly, and I will take your advice, but I keep on because I want to know how it all works. :p
<RoyK> I built a netshop in perl some 13 years ago, and beleive me, it was a very good thing we didn't accept credit cards on that one
<ZacLnxNewb> RoyK: This store would only use paypal
<RoyK> ZacLnxNewb: you still need a secure API to interface with paypal
<RoyK> otherwise that can be abused as well
<RoyK> ZacLnxNewb: http://www.dvwa.co.uk/ <-- this is worth a few hours
<RoyK> ZacLnxNewb: http://www.dvwa.co.uk/ <-- this is worth a few hours study, even
<ZacLnxNewb> RoyK:  what programming languages do you know?
<RoyK> currently, I mostly use php, C, some python, some fortran if I need to help others, C++ at gunpoint, javascript ...
<RoyK> and perl, of course
<RoyK> always perl
<genii-around> Heh, C++ at gunpoint...
<ZacLnxNewb> RoyK: mwaha, C++ at gunpoint, is it really that bad?
<RoyK> ZacLnxNewb: no, but I like C better :P
<RoyK> for web stuff, I use php/javascript with some DB backend
<RoyK> but trying to learn more Python
<RoyK> looks like a good language for most use, and a little cleaner than perl
<RoyK> not that _that_ says a lot, most languages are :P
<genii-around> Is there like a CPAN kind of idea for python?
 * RoyK currently doesn't do much coding, more operations, storage etc
<RoyK> genii-around: there is, but I can't remember the name of it...
<genii-around> OK, cool
<RoyK> try asking on #python
 * RoyK hands pennyless a penny
<RoyK> avis: wb
<avis> thank you
<RoyK> did you get my email?
<avis> i sure did
<avis> i have not read it thoroughly though
<avis> i will be getting comcast on friday so no more port 80 blocked
<RoyK> ah
<avis> i really do not like at&t at all
<avis> thank you for extending your help
<avis> i really do appreciate it
<RoyK> np
<avis> hope your doing ok today
<avis> my anxiety levels are up.  struggled with sleep last night.
<RoyK> that's not good...
<avis> i'm ok now tho
<RoyK> avis: go for a 1-2 hour walk
<RoyK> that helps
<avis> i think i know how to manage one of my old medications to fix that
<avis> ]i'd really needs meds then if i were to do so :)
<avis> thank you tho
 * RoyK has been taking some meds in his time, but there is little that helps better than going for a walk in the woods
<avis> its very difficult to make a bowl of ramen appear before you without any effort, as simple as it is :)  anyway, i'll be pm topic from now on :)
<avis> that sounds pleasant
<RoyK> hehe
<patdk-wk> !fetch ramen
<avis> i was in a car accident, major, caused neurological and physiological damage
<avis> thanks :)
<patdk-wk> I want to fetch lunch :9
<patdk-wk> :(
<RoyK> avis: heh - I've been through a little myself - still, walking is my cure
<patdk-wk> the fridge is in the hr office, and they are having a meeting in there right now :(
<avis> that sounds very good.  i would not want to be upright for too too long due to my back
<RoyK> avis: anyway - do you want a redirect before friday?
<ZacLnxNewb> I somehow managed to burn all of my eggs
<greppy> that's not that hard, just leave them on the stove too long.
<SpamapS> ZacLnxNewb: btw if you manage to build a web store without cookies and without a horrible user experience.. you should share that with the world.. otherwise.. XSS is always a danger.
<RoyK> ZacLnxNewb: apt-get install dragonegg
<ZacLnxNewb> SpamapS:  here's my very first webpage effort.  http://beyondsight.sswgn.com/
<RoyK> genii-around: pypi should be similar to cpan
<ZacLnxNewb> SpamapS:  I'm fairly certain I can accomplish intuitive user experiences :p
<lifeless> SpamapS: zul: what was the conclusion on the right way forward with ssl cache distribution?
<ZacLnxNewb> Lols
<ZacLnxNewb> http://i.imgur.com/em14R.jpg
<ZacLnxNewb> that's hilarious
<zul> lifeless: i packaged distcache this weekend it should be sitting in new
<zul> lifeless: waiting for an archive admin to review
<SpamapS> lifeless: Given that there's no set release date for apache 2.3, I think distcache is the simpler approach.
<lifeless> zul: SpamapS: wooo! \o/
<lifeless> that should be trivially backported to lucid, right ?
<zul> lifeless: yep
 * SpamapS wonders why we don't do more official backports for stuff like this
<zul> lifeless: i had nothing better to do this weekend ;)
<lifeless> is there a ppa you could drop that into as a lucid build? would save some [precious] sysadmin time backporting it to CAT
<lifeless> zul: I'm extremely happy
<zul> SpamapS: because we dont have the man power
<SpamapS> zul: maybe we should make backports take less man power.
<lifeless> you guys might like this - http://people.ubuntu.com/~lifeless/showtime.png
<lifeless> its going to show for devs only
<lifeless> at least to start with
<zul> SpamapS: right but it takes man power to make things more automated
<zul> lifeless: cool!
<SpamapS> lifeless: mmmmm metrics
<lifeless> indeed
<SpamapS> I also think PPA's have alleviated any real need for comprehensive backporting
<sidnei> lifeless, neat. we have something like that for landscape, except the javascript broken because it's not enabled by default.
<lifeless> sidnei: nice. Thats what we already have in a comment in every page, just shoved up top via js after the page is received
<lifeless> we'll probably add browser overlay time etc to it
<lifeless> but server side is our -huge- weakness atm
<RoyK> server side is whose weakness_
<RoyK> s/.$/\?/
<lifeless> launchpads
<RoyK> k
<lifeless> zul: so I think this got lost in a burst of chatter - any chance you could upload it to a lucid series in a ppa ?
<zul> lifeless: consider it done
<lifeless> fantastic! thank you,
<lifeless> s/,/./
<SpamapS> lifeless: note that another method of doing this (if, for some reason this doesn't work out) is to use ipvs and have it source-hash schedule connections... http://kb.linuxvirtualserver.org/wiki/Source_Hashing_Scheduling
<zul> lifeless: https://launchpad.net/~zulcss/+archive/distcache-lucid should be there in a couple of hours
<lifeless> zul: \o/
<shadow42085> I am getting this error Error opening Private Key smtpd
<shadow42085> 1822:error:02001002:system library:fopen:No such file or directory:bss_file.c:356:fopen('smtpd','r')
<shadow42085> 1822:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:358:
<shadow42085> unable to load Private Key
<shadow42085> any ideads?
<shadow42085> I am following the help.ubuntu.com/community/Postfix
<pmatulis> shadow42085: looks like the application (postfix) and the openssl tool disagree on where things are located
<shadow42085> I maybe missing the saslauthd program
<shadow42085> so how do I fix this issue
<shadow42085> my smtpd.key is located at /home/shadow42085
<shadow42085> is this the right foldler or does it belong somewhere else?
<shadow42085> nevermind I found the issue
<shadow42085> I missed the .key after smptd
<ahe> is it possible to make a lvm of a kvm host available to the guest such that the guest can create new logical volumes?
<DaBeast> hi guys
<shadow42085> hi
<DaBeast> i just installed ubuntu server on my laptop, with the mind of creating a torrent seedbox
<DaBeast> but, during the installation i accedently selected irda0 as a network device
<DaBeast> apperently it doesnt recognize eth0, and wlan0 is broken
<DaBeast> so, how can i fix this?
<DaBeast> this is my first linux expierence heh
<DaBeast> also, when using a usb wifi dongle, it doesnt show up at ifconfig
<RoyK> DaBeast: pastebin 'ifconfig -a'
<RoyK> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<shadow42085> I am being asked for a pem pass what is that?
<shadow42085> pem pass phrase**
<DaBeast> RoyK: how am i supposed to pastebin it? :p
<DaBeast> type it over? its kind of a long list xD
<RoyK> use a serial console :)
<RoyK> DaBeast: what interfaces does ifconfig -a list?
<DaBeast> eth0, irda0, lo, wifi0,wlan0,wlan1
<DaBeast> maybe more, its off screen
<DaBeast> serial console = ssh?
<shadow42085> DaBeast run Terminal
<DaBeast> well, its on my laptop :p
<DaBeast> i'm entering commands on my laptop, hehe
<RoyK> DaBeast: if you have eth0, does it have an IP address?
<shadow42085> just open a Terminal from Accesories
<shadow42085> the type in ipconfig -a list
<RoyK> shadow42085: if he was able to run ifconfig -a, he certainly has a terminal open
<DaBeast> shadow42085: i'm running the server edition of ubuntu :p
<DaBeast> RoyK: nope, no ip
<RoyK> DaBeast: have you set a static ip, or are you waiting for a dhcp reply?
<RoyK> DaBeast: btw, serial console != ssh
<RoyK> serial console means good-old serial port (perhaps over usb)
<DaBeast> no idea, at installation it was trying to auto detect dhcp, then i manually tryd to set up a connection (but i selected irda0 lol, there was no eth0)
<RoyK> DaBeast: edit /etc/network/interfaces
<DaBeast> i went there, theres only lo and irda0 there
<DaBeast> with nano*
<RoyK> DaBeast: http://pastebin.com/pBdi7CBU
<RoyK> that's an example
<RoyK> taken from this box
<DaBeast> when i do edit /etc/network/interfaces it says unknown mine-type or something
<RoyK> dollarbang: never mind that
<DaBeast> at /etc/network/interfaces i only see the loopback interface and irda0
<RoyK> dollarbang: just add eth0 there
<RoyK> as from what I pasted
<DaBeast> ah, i see, let me test that
<DaBeast> whats this broadcast?
<RoyK> never mind that
<RoyK> it's the network xor netmask IIRC
<RoyK> as in, if you have 192.168.0.0/24, the broadcast is 192.168.0.255
<RoyK> or, if you have 192.168.0.0/23, the broadcast is 192.168.1.255
<RoyK> et cetera
<RoyK> but it's not critical
<DaBeast> k, thanks
<uvirtbot> New bug: #704264 in bacula (main) "package bacula-director-mysql 2.4.4-1ubuntu5 failed to install/upgrade: le sous-processus post-installation script a retournÃ© une erreur de sortie d'Ã©tat 1" [Undecided,Fix released] https://launchpad.net/bugs/704264
<DaBeast> hmm, when i try to save the file it says unable to write file
<DaBeast> i guess i should have used sudo nano? :p
<RoyK> heh - yes
<RoyK> a normal user can't write to /etc
<DaBeast> darn :p
<RoyK> just write the file to /tmp
<RoyK> allowing all users to write to /etc would be - interesting......
<maedox> RoyK: You should try it :P
<RoyK> maedox: may you live in interesting times :)
<maedox> Yepp, I'm sure it would bring some interesting startup issues at best. :D
<RoAkSoAx> zul: symlinks s/win 11
<RoAkSoAx> arrrggh
<RoAkSoAx> sorry
<RoyK> maedox: http://en.wikipedia.org/wiki/May_you_live_in_interesting_times
<DaBeast> hmm, seems irda0 stays active even after i restarted it, restarting server
<RoyK> DaBeast: if it's activated in /etc/network/interfaces, it will
<RoyK> DaBeast: but do you get online on eth0?
<maedox> RoyK: I see. I think we already do.
<RoyK> :)
<DaBeast> RoyK: restarted my laptop, yup
<DaBeast> thanks man!
<smoser> SpamapS, i would appreciate your input on bug 714807
<uvirtbot> Launchpad bug 714807 in cloud-init "install of cloud-init without eth0 will cause boot hang" [Medium,Confirmed] https://launchpad.net/bugs/714807
<RoyK> DaBeast: np :)
<DaBeast> why was irda0 in there anyways xD who would want to use that as a primary device, rofl
<SpamapS> smng
<DaBeast> RoyK: about this serial console, do i "need" it?
<RoyK> DaBeast: not really
<RoyK> DaBeast: you need it if something goes really bad
<DaBeast> i see
<DaBeast> thx
<DaBeast> now, how do i shut this down safely? xD
<SpamapS> smoser: does cloud-init *have* to run before anything other than / is mounted?
<DaBeast> sudo shutdown 1 gives me some kind of maintenance menu
<uvirtbot> New bug: #434076 in cloud-init (main) "if key exists in /root/.ssh/authorized_keys, disable_root setting has no effect" [Low,Won't fix] https://launchpad.net/bugs/434076
<uvirtbot> New bug: #714807 in cloud-init "install of cloud-init without eth0 will cause boot hang" [Medium,Confirmed] https://launchpad.net/bugs/714807
<DaBeast> i got it, it was halt :p
<shadow42085> I am trying change postfix to use port 578 instead of port 25 since my blocks port 25
<shadow42085> ISP**
<pmatulis> shadow42085: nice
<shadow42085> I meant to say 587
<giovani> shadow42085: that's trivial to do -- I presume you mean for postfix to listen on port 587, and not to use that port for outbound SMTP connections for delivery?
<RoyK> shadow42085: just google for it
<shadow42085> yea
<shadow42085> use port 587 for secure submissions
<uvirtbot> New bug: #714814 in bind9 (main) "Serious validation errors in Bind 9.7.0" [Undecided,New] https://launchpad.net/bugs/714814
<shadow42085> I can't seam to get telnet to produce the results I need after telnel localhost 587 any ideas o fix it
<shadow42085> root@ubuntu:/home/shadow42085# telnet localhost 587
<shadow42085> Trying ::1...
<shadow42085> Connected to localhost.
<shadow42085> Escape character is '^]' is all I am getting
<guntbert> shadow42085: what should listen on 587?
<shadow42085> postfix
<guntbert> shadow42085: did you try to talk to it?
<shadow42085> I added the line 587 inet n - n - - smtpd
<shadow42085> to /etc/postfix/master.cf
<guntbert> shadow42085: no, you have to talk smpt with it
<shadow42085> how do I do that
<SpamapS> smoser: commented on that upstart bug
<guntbert> shadow42085: I'm too tired to teach you smtp, please look it up yourself (googling for smtp telnet  might be helpful)
<shadow42085> I followed the help.ubuntu.com/community/postfix tutorial
<smoser> danke.
<b0ot> I have been trying to get a simple tftp sever running to back up my cisco configs for 4 hours. I have tried tftpd, atftpd, and tftp-hpa with no luck. Any ideas
<pmatulis> b0ot: tftp-hpa is used a lot in ubuntu
<b0ot> pmatulis, do you have any recent documentation... all of the stuff I found was so outdated the files were different when I went to edit the config
<pmatulis> b0ot: no, it should be straight forward. maybe look at /etc/default/tftpd-hpa ?
<RoAkSoAx> argghhh
 * RoAkSoAx just erased all the work he has done today!! :(
<ZacLnxNewb> RoyK: hey, I wanted to thank you for all of your help.
<ZacLnxNewb> Does anyone know anything about server programming in python?
<lenios> yes
<lenios> do you want to know something?
<ZacLnxNewb> lenios:  say I have a large application with up to 2000 simultaneous users, and I need commands/data to be distributed as possible, what would be the best way to handle that?
<ZacLnxNewb> lenios: so far I've come up with using the select comamdn in python, to create read, write, and error lists used to process data
<ZacLnxNewb> lenios: however, having literally thousands of users, would it also be fast enough to use mysql as well, RAM ?
<ZacLnxNewb> lenios:  Because the user data/matrix would get quite large very quickly
<lenios> you're handling distribution by hand?
<lenios> you can use mysql, and put as much as you can in ram
<genii-around> Hm. If you make a ramdisk, them mv stuff into it and then rm the ramdisk, is it faster than recursively rm on say 2Gb of files?
<lenios> ZacLnxNewb, and 2000 simultaneous users is sure big, but it depends what they're doing
<RoyK> ZacLnxNewb: google it
<lenios> i don't see why mv would be faster than rm
<RoyK> ZacLnxNewb: there's plenty of resources for python out there
<ZacLnxNewb> RoyK:  :p you sound annoyed.
<ZacLnxNewb> RoyK:  Also, symfony is giving me trouble because php symfony configure:database is not defined
<genii-around> lenios: Try to mv a dir containing 2Gb of files, then try to rm -rf it :)
<RoyK> ZacLnxNewb: not annoyed - just asking you to google before asking here
<patdk-lap> genii-around, that all depends :)
<patdk-lap> 1 2gb file, rm is faster
<patdk-lap> 500 4k files, probably the same
<ZacLnxNewb> RoyK:  I have thoroughly, and I've created multiple working examples, but speed is questionable.  I don't have the proper hardware to test the speeds.
<genii-around> patdk-lap: Just that I have video surveillance files which need purging now and then in chunks of up to around 200Gb but to rm-rf is way long. I'm thinking if i ramdisk-rm them in manageable chunks no larger than my actual free ram could be better
<patdk-lap> all it's doing is caching the inodes
<RoyK> ZacLnxNewb: do as you please
<patdk-lap> so the rm goes faster
<patdk-lap> but it shouldn't make a difference at all
<patdk-lap> what would be better is writing those files with extents
<genii-around> Hmm
<patdk-lap> instead of lots of random block locations that take rm so long to clean
<ZacLnxNewb_> RoyK: I'm just worried about being able to handle even 100 users effeciently
<ZacLnxNewb_> RoyK:  flockdraw.com
<RoyK> ZacLnxNewb_: whn
<RoyK> erm
<RoyK> ZacLnxNewb_: what sort of application?
<ZacLnxNewb_> something similar to flockdraw.com
<RoyK> well, go on
<ZacLnxNewb_> RoyK:  I managed to get myself involved with several programmers working on a moderation system and several modified clients.
<patdk-lap> genii-around, or you could use xfs, it's fast at deletes
<ZacLnxNewb_> RoyK: The official project flockdraw.com is pretty much a dead end, and won't be going anywhere
<lenios> ZacLnxNewb_, 100 users shouldn't be a problem
<lenios> depends on hardware and how you code it though
<ZacLnxNewb_> lenios: RoyK  Let's put it this way,  flockdraw.com seems to have open about 1500 rooms at a time, with up to 10 users per room.  On top of that the application uses a lot of bandwidth.
<ZacLnxNewb_> RoyK: and I'm stuck in the instructions where you configure what database to use with the application, "configure:database is not defined"
<genii-around> patdk-lap: The xfs is a good lead, thanks
<patdk-lap> genii-around, if you want to read more, just google mythtv delete :)
<genii-around> patdk-lap: I'm using Zoneminder, but same idea, yeah  :)
#ubuntu-server 2011-02-08
<uvirtbot> New bug: #714932 in squid (main) "package squid 2.7.STABLE7-1ubuntu12 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/714932
<anzenketh> I have a DHCP server set to a static ip that keeps using DHCP to assign it's own ip address
<anzenketh> There is no DHCP server that I know of.
<anzenketh> running
<twb> anzenketh: to paraphrase: you have a server.  It serves DHCP to the network.  Its *own* network configuration *should* be static, but it is trying to use DHCP, and you want to know why.
<twb> anzenketh: is that correct?
<anzenketh> Basicly
<twb> OK, is network-manager (NetworkManager) installed?
<anzenketh> It is a server so it should not be
<anzenketh> No GUI
<anzenketh> Double checked nope network-manager is not installed
<twb> network-manager is a daemon, not a GUI.
<twb> But OK.
<twb> Now, pastebin your /etc/network/interfaces
<anzenketh> http://pastebin.com/U3ib1EcV
<twb> Now pastebin the output of "ip a"
<anzenketh> http://pastebin.com/pqUyVR6A
<anzenketh> I was in here earlier asking about DHCP and why a static ip system was accepting a DHCP address
<anzenketh> I forgot who was working with me.
<anzenketh> Well anyone can really help me I have a DHCP server that should have a static ip set that every one in a while it is taking a dynamic IP address
<anzenketh> http://pastebin.com/pqUyVR6A that is my ip a
<nandemonai> That doesn't really make sense anzenketh
<pmatulis> anzenketh: couple of problems there
<pmatulis> anzenketh: i would first find the rogue DHCP server
<anzenketh> Oh I already know what it is it is a crappy modem/router
<pmatulis> anzenketh: well turn it off
<anzenketh> Can't
<anzenketh> Becouse "It Is"
<pmatulis> anzenketh: why?
<anzenketh> Becouse even though I told it to turn off it is not
<anzenketh> like I said crappy firmware
<pmatulis> anzenketh: unplug it from the network, that should do it (for testing at least)
<anzenketh> Problem is it is also the modem
<pmatulis> anzenketh: (for testing at least)
<pmatulis> anzenketh: do that and see what happens when you restart networking
<anzenketh> Well why is the system which is set to a static ip taking a DHCP address
<pmatulis> anzenketh: i already said "couple of problems there"
<anzenketh> Ok
<nandemonai> You mean over reboots anzenketh?
<nandemonai> Sometimes it's static sometimes not kinda thing or?
<anzenketh> No I mean I have in /etc/network/interfaces it set to static
<anzenketh> But it is not keeping the IP I assigned it
<pmatulis> oh well, i'm gone.  good luck
<nandemonai> So it just up and changes while the machine is up?
<anzenketh> Yep
<nandemonai> That shouldn't be possible unless you're restarting networking.
<anzenketh> I am not the server is
<nandemonai> Even so with that interfaces file it shouldn't be asking for an IP to begin with.
<nandemonai> Very very odd.
<nandemonai> How do you know it's changing?
<anzenketh> Becouse messasges is braudcasted to the screen
<nandemonai> What message?
<anzenketh> as0t1: Disabled Privacy Extensions
<nandemonai> Might want to look and or pastebin /var/log/messages
<nandemonai> Might be something useful in there as to what is going on.
<anzenketh> http://pastebin.com/DU5Hs8b0
<anzenketh> That is what is in messages when the issue happens
<nandemonai> That's an OpenVPN adapter.
<anzenketh> Which makes sence due to I have openvpn installed
<nandemonai> Plot thickens then hehe
<nandemonai> I don't have a lot of experience with it.
<anzenketh> Could openvpn be causing this issue?
<nandemonai> considering the nature of the software I'd say yes.
<nandemonai> Have you configured it at all?
<anzenketh> OpenVpn Yes
<anzenketh> Just basic configuration
<nandemonai> I'd try disabling the service if possible and rebooting.
<nandemonai> See if the issue persists.
<anzenketh> I will try that
<anzenketh> Wish I new more about the repeatablity of the issue
<nandemonai> Well that would be a good start as to narrowing it down ;)
<anzenketh> What is this error message about no IPv6 Routers present?
<nandemonai> Do you need IPv6?
<nandemonai> If
<nandemonai> not disable it.
<nandemonai> Think it's one you can ignore regardless.
<anzenketh> ok
<anzenketh> and no I don't
<twb> anzenketh: I can't see why you're getting a DHCP client on eth1
<nandemonai> yeah me either.
<nandemonai> I'm taking a stab in the dark that openvpn is doing something funky.
<twb> anzenketh: have you restarted the system since configuring static networking?
<nandemonai> I could be way off.
<twb> anzenketh: it's JUST possible that a stale dhclient is still lying around and causing the strangeness
<anzenketh> the actual computer
<anzenketh> You know I don't know if I have
<anzenketh> Well now time to fight a windows virus issue.
<anzenketh> Thanks for your help will let you know how it goes
<glenp> greetings,  Got a quick question.  I have a 320gb and a 1tb SATA hd that I am going to put server on.  How would you set it up.  going to have DNS, SAMBA, SSH, and LAMPS.  Not sure what else yet but those are what I am thinking about.
<nandemonai> What exactly do you mean?
<nandemonai> How to partition the disks?
<nandemonai> If so I'd probably use the 320 for the OS and maybe homes depending if you needs heaps of storage for user homes.
<glenp> what would be the best way to divide up the disks
<nandemonai> The 1TB for data storage
<glenp> ok
<nandemonai> 320GB is heaps though.
<nandemonai> Unless you plan on having heaps of user data on there.
<nandemonai> In which case maybe put /home on the 1tb.
<glenp> going to set up so that it backs up a couple of laptops and for music storage
<nandemonai> You'll probably want that going to the 1TB then.
<nandemonai> :)
<glenp> thanks.   was wondering if anyone was watching the channel.  was bout ready to go to the ubuntu channel and ask
<nandemonai> No worries.
<nandemonai> Does get quiet in here around this time.
<Ender> Hi there everybody
<Ender> A user directed me to FreeNAS and Openindiana last time I was here, asking about setting up a network share with windows users
<Ender> I now have freenas running on vbox, and i was hoping for a little help getting it to work
<Ender> does anybody here want to help with that even though it's not a ubuntu server thing?
<Ender> or can somebody direct me to the right irc channel?
<nandemonai> Never used FreeNAS myself sorry.
<nandemonai> I assume it's got a nice web front end for configuring it.
<Ender> yeah, i'm sure it does. i'm using it in vbox tho cand can't get to the nice web front
<Ender> lol
<Ender> what do you use for nas?
<nandemonai> SAMBA / NFS and AFP.
<nandemonai> Samba and NFS off my ubuntu server.
<Ender> Network File System = nfs right
<Ender> can windows see those shares?
<nandemonai> Nope.
<nandemonai> But it can see Samba share.
<nandemonai> That's what you're after.
<Ender> yeah, i've had crappy experience with samba
<nandemonai> Depends.
<nandemonai> I haven't had too many issues with it.
<nandemonai> I wouldn't try and use it as a domain mater though in a Windows environment.
<nandemonai> *master
<Ender> what's a domain master
<nandemonai> Keeps tracks of all shares on the network.
<nandemonai> Ender: http://www.linuxtopia.org/online_books/network_administration_guides/samba_reference_guide/17_NetworkBrowsing_14.html
<nandemonai> Even using freenas you'll be using samba.
<nandemonai> It's the only open option afaik.
<nandemonai> For windows file sharing on non-microsoft OS.
<Ender> <nods> yeah that's what i thought
<Ender> that's what i've heard anyway
<Ender> and read
<Ender> is it possible to be able to access a GUI on my ubuntu server
<Ender> from a different computer
<Ender> like with Remote Desktop
<twb> Ender: by default, Ubuntu Server does not have a GUI.  We encourage users to administer their servers from the CLI.
<twb> Ender: as X11 is network-transparent, you can install GUI applications on the server and run them individually on your local machine (a la Citrix), or you can install a full desktop on the server, and then use it locally and/or export itover VNC.
<twb> There is an alpha-quality RDP server for Ubuntu/Linux, but I advise you not to bother with it.
<Ender> ok
<Ender> are vnc and rdp just different protocols to perform this task?
<Ender> !vnc
<ubottu> VNC is a protocol for remote desktop. https://help.ubuntu.com/community/VNCOverSSH describes how to use it securely.  It works best over fast connections, otherwise look at !FreeNX
<Ender> !rdp
<twb> VNC/RFB is a lowest-common-denominator raster damage protocol.
<twb> RDP is a little better, it uses win32 primitives.  It's Microsoft's clone of Citrix's architecture.
<twb> X11 is the native drawing system for Unix/Linux/Ubuntu.
<Ender> does RDP stand for Raster Damage Protocol?
<twb> X11 is reasonably wire-efficient, but in practice modern GUIs use it mostly for raster painting, meaning that it ends up being slower than VNC (which supports lossy compression) unless you use a compressor like NX.
<twb> RDP = Remote Desktop Protocol
<Ender> oic
<Ender> so FreeNX is porting the X11 drawing directly
<twb> NeWS is the best design given modern hardware, but unfortunately Sun charged hefty royalties, and when NeXT bought Apple they killed off its network transparency.
<Ender> whereas VNC allows X11 to draw it on the host machine, and then ports the visible image to the guest machine?
<twb> Nowadays it's being reinvented by web weenies on top of HTML Forms :-/
<twb> Ender: right.
<Ender> i see.
<twb> Ender: strictly, NX is just compressing the existing X11 drawing operations
<Ender> and for now, vnc is kinda the best option
<Ender> on non-windows machines
<twb> In a heterogeneous environment, VNC is your only choice
<Ender> right?
<Ender> oh.
<twb> Because RDP servers on Linux suck, and X11 clients (called "X servers") on Windows sucl
<twb> *suck
<twb> Of course, a CLI will be orders of magnitude faster than even VNC
<Ender> right
<Ender> i'm comfortable using the cli
<Ender> i just wanted to try it
<Ender> ok, but to abandon that now
<Ender> and instead:
<Ender> I'm trying to set up a Samba NAS on a ZFS pool in a heterogenous network environment. I'll need virus scanning for incoming files from windows boxes, and a firewall to block all internet traffic to one of the machines.
<Ender> how do you suggest i do that?
<thesheff17> Ender: I have used clamscan package
<twb> Ender: ZFS support on Linux is legally iffy
<Ender> yeah, i know. it really upsets me.
<twb> Ender: IMO you are better off using ext4 and migrating to btrfs when it becomes production-ready, or using opensolaris in interim
<Ender> i was thinking about using a virutal BSD os to handle the nas
<twb> (Except Oracle killed OpenSolaris.)
<Ender> ugh, another upsetting thing.
<twb> Just a reminder not to buy into in proprietary solutions :-)
<Ender> seriously!!!
<Ender> it's so hard sometimes though, you know
<Ender> people use Access to manage their orders, Quickbooks to handle finances, and Outlook for email
<Ender> that deer-in-headlights look at the mere mention of a different system, even a FREE system...<sigh>
<Ender> anyway...
<Ender> what i want is a software raid
<Ender> and my understanding is that zfs incorporates a whole lot of really interesting raid functions by default
<Ender> BUT i'm open to other suggestions
<Ender> is it possible to get data redundancy in a software raid using Ubuntu Server and ext4?
<thesheff17> Ender: You could use mdadm and whatever raid level you want...and format ext4.
<Ender> !mdadm
<gobbe> twb: eh? opensolaris is opensource, not proprietary, and there's already openindiana to continue from where opensolaris left
<Ender> can i run a good antivirus and firewall on openindiana
<gobbe> i would say that no
<jmarsden> Ender: How many viruses targetting openindiana are you aware of?
<gobbe> he's doing fileserver with samba (for windows)
<Ender> yeah.
<Ender> so i need oi to scan for windows viruses
<Ender> lol
<Ender> i just find that funny
<gobbe> Ender: freebsd has antivirus, firewall and zfs
<thesheff17> Ender: I use clamscan
<thesheff17> for anti-virus on ubuntu and can be used on any unix os.
<Ender> this needs to be a pretty hands-off system that auto-updates virus definitions
<Ender> does clamscan have a function like that?
<thesheff17> yes clamscand auto updates virus def
<thesheff17> the package on ubuntu is actually called clamav
<Ender> so what's the advantage of using ubuntu server instead of openindiana
<jmarsden> You get suppport in #ubuntu-server :)
<Ender> loll
<Ender> yeah seriously
<Ender> that's a huge factor
<Ender> afk 15
<jmarsden> Ender: This is a support channel for Ubuntu Server, not an advocacy channel.  Debate about "which OS is better" does not belong here.
<Ender> jmarsden, i didn't mean to violate any rules, i'm just investigating the best way to accomplish my goal. in fact i will stick with ubuntu server and seek support form this channel.
<jmarsden> That's fine... I just had visions of the channel deteriorating into why one OS is "better"... didn't happen, so all is well :)
<Ender> ha! nip it in the bud eh
<Ender> well done
<Ender> ok
<Ender> so...i have ubuntu server installed on a p4 system i rescued
<Ender> how do i make a samba share
<Ender> well first, a software raid
<Ender> do i need to instal Server on the software raid?
<thesheff17> Ender: https://help.ubuntu.com/community/Installation/SoftwareRAID
<tohuw> Is there some compelling reason why I shouldn't use the same public/private SSH keypair on all my computers? That is, the keypair I use to SSH into remote hosts. Or should I generate keys for each machine I use?
<jmarsden> It's easier to do software raid during the install, but if you understand what is going on I am pretty sure you can do it afterwards instead.
<Ender> hrm. i don't really understand what is going on.
<Ender> so how do i learn?
<Ender> just google software raid?
<thesheff17> Ender: I would do it through the gui install...pretty easy to do through that link I sent you.
<jmarsden> tohuw: Keep the private key on ONE host, and keep the public key on all the servers, that's usually fine.
<tohuw> jmarsden: sorry, i should be more clear. I have three computers I use. I remote into two servers. On this computer, I have a pub/priv keypair so I can ssh into both servers using that. Can I just copy this keypair to the other two client machines I use?
<Ender> ok i'll read that website, thanks!
<jmarsden> tohuw: You can put the same private key (you don't need the *pair* on any one computer) on multiple client machines, as long as all are equally secured against theft etc and you have a good passphrase.
<tohuw> ok
<tohuw> thats what i thought, thank you
<jmarsden> tohuw: Many people do not put their private key on a laptop/notebook, for example, because there's a higher risk of it being stolen or lost.
<tohuw> i remote into my servers frequently from my laptops. that being said, they're also relatively secure, and i would revoke my key from everywhere its authorized if I thought it was compromised. such are the risks one takes
<tohuw> live a little, i say
<Ender> do i need the samba packages to be able to READ samba shared or JUST to host them?
<jmarsden> the samba package itself is the server.
<jmarsden> Look at smbfs and smbclient for the client side of things, if I am remembering that right.
<Ender> so if i've made a samba share on my server then a default install of ubuntu desktop on another computer in my network should be able to read the samba share with no additional packages?
<thesheff17> smbclient is required on the client.
<glenp> new question If I am going to set up a SAMBA server, do I want to set up the mount points off my home directory?  like /home/samba
<thesheff17> glenp: its up to you...I usually put them in /mnt/<share> you can really define them any where in the config file.
<jmarsden> glenp: You can share any part of the Linux filesystem as a samba share... there is a [homes] section in smb.conf that makes it easy to share users home directories consistently if you have a multiuser machine
<draven_sol> please confirm if the default run level for ubuntu is level 2
<thesheff17> draven_sol: I believe it is 3
<glenp> ok   I have a 1tb and a 320gb   320gb is the os and all the stuff.  The 1tb was going to be the /home directory and also set that up for samba and backup.   Im trying to figure out how to divide the 1tb drive.   the only thing that I have not setup is the /home partition
<draven_sol> thesheff17, do you know a command i may run to test what level i'm currently in?
<thesheff17> draven_sol: I see runlevel
<draven_sol> thesheff17, thanks that's what i needed
<thesheff17> glenp: depends if you are having user shares or just a couple shares....you could easily just do /home/samba if you are going to have 1 share.
<glenp> I was going to make a share point so that people on the network could do like /home/samba/dir1  thru dir10
<overrider> I am looking to build a Fileserver using 8 2TB Drives and RAID6. Id like to use Ubuntus 10.04 mdadm. Am i better off to buy a good Raid Adapter or is mdadm ok? In addition, id be grateful for any Motherboard recommendations.
<gobbe> overrider: do you have several sata-bus?
<gobbe> overrider: it's ok if you put drives to several sata-bus, instead of one or two
<overrider> gobbe: im looking to purchase a motherboard with 8 sata ports - or a good raid adapter.
<gobbe> overrider: raid6 is ok with mdadm, i wouldnt go with raid5 and large sata disks because of huge rebuild-time
<gobbe> overrider: but your plan sounds reasonable
<overrider> gobbe: the question is whether mdadm and possibly lvm etc is more stable or a good raid adapter.
<gobbe> overrider: i would go with mdadm, separate raid-card is singlepoint of failure
<Ender> does mdadm reduce performance
<jmarsden> Ender: Compared to what?  On most modern CPUs it is no noticeable, but if your CPUs are super busy number crunching you might notice a slight difference.  Most 'normal' servers are I/O bound anyway, and so have spare CPU to use for mdadm.
<Ender> ok and what about on desktop hardware
<jmarsden> Ender: Also note that RAID1 needs less CPU than RAID5, if you want to minimize how much CPU mdadm uses.
<Ender> old desktop hardware
<Ender> like p4-era
<jmarsden> P4 isn't all that old :)  I ran software RAID on PIII servers a decade or more ago...  as long as you are not expecting that desktop to also be doing something super-CPU-intensive my guess is that you are unlikely to see the difference.
<andreasf> I used a 400 MHz Pentium II for a home file server with two disks in software raid 1 and four disks in software raid 5 until last year. Worked perfectly.
<Ender> wow sweet
<Ender> ok that's very reassuring
<Ender> i have four 80gb western digital caviars sitting here
<Ender> lemme go see if ican plug 'em all in....
<jmarsden> RAID 10 here we come? :)
<Ender> well damn
<Ender> this is a dell minitower
<Ender> no space for even a 2nd harddrive
<Ender> <sigh>
<nandemonai> I'm happy with Raid Mirrors for my backups :)
<nandemonai> Diff batches of disks obviously.
<Ender> what's the best way to increase the life of my storage drives
<Ender> i mean, the best way to set up a nas
<Ender> like, should i run the nas on the same harddrive/raid array as my server's OS
<Ender> or is it substantially better to run the OS from a separate physical drive
<Ender> ?
<airtonix> i'd start by learning how to use lvms
<Ender> airtonix, any particular suggestion on how to do that?
<airtonix> http://www.linuxconfig.org/Linux_lvm_-_Logical_Volume_Manager
<airtonix> http://en.wikipedia.org/wiki/Logical_Volume_Manager_(Linux)
<airtonix> https://wiki.edubuntu.org/Lvm
<jmarsden> Ahem... maybe start with the Server Guide: https://help.ubuntu.com/10.04/serverguide/C/advanced-installation.html
<jmarsden> Seeing as we are in #ubuntu-server :)
<airtonix> https://help.ubuntu.com/community/Installation/RAID1%2BLVM
<Ender> ok point taken
<Ender> i can use google just fine, thanks
<airtonix> i typically use google
<airtonix> but that last one is what you want
<zairo> hi. anyone can show me the way of ssl. been struggling on this issue for a couple of week, though. ubuntu server 10.10, though.
<zairo> the files: /etc/apache2/sites-available/abv.conf is at http://paste.ubuntu.com/564276/ and /etc/apache2/ports.conf is at http://paste.ubuntu.com/564274/
<Ender> ok good people of ubuntu-server, i am off to bed
<Ender> goodnight!
<Ender> and good hacking (:
<zairo> nite Ender
<jmarsden> zairo: Did you read the Server Guide about SSL in Apache2?  https://help.ubuntu.com/10.04/serverguide/C/httpd.html
<jmarsden> If you followed that, how far did you get and what happened?
<zairo> jmarsden: let me check it out first. before this my ref are http://www.tc.umn.edu/~brams006/selfsign.html http://www.tc.umn.edu/~brams006/selfsign_ubuntu.html
<jmarsden> zairo: It is usually safer to use official docs, not random stuff from elsewhere :)
<zairo> jmarsden: gulp. i guess i've slapped from far, hu2
<jmarsden> :)  The link to the Server Guide is in the /topic for this channel for very good reasons... it really does have quite a bit of useful info in it, and if that info is bad, we can file bugs and provide patches and get it corrected :)  We can't do any of that for other web pages "out there somewhere"...
<zairo> ok i read this also: https://help.ubuntu.com/10.04/serverguide/C/certificates-and-security.html
<jmarsden> OK.  So... try doing it and if you get an error, come back here and ask for help :)
<zairo> i should :) my due for this is end of this week.
<jmarsden> For just one web site, it should be only minutes of work, not days :)
<zairo> jmarsden: i am a programmer cum network, though. quite new on server but been 2 years on Ubuntu desktop.
 * jmarsden has been using Linux since 1992 :)
<zairo> jmarsden: your phone also Linux, don't u? mine Nokia N900
<jmarsden> Android G1, but I need it to stay working, so I have not hacked it :)   But, that's not really on topic in #ubuntu-server
<zairo> ok i am at step 6 of https://help.ubuntu.com/10.04/serverguide/C/certificates-and-security.html.
<xampart> zairo: so you have made a self-signed ca-cert and need a servercert signed by your ca?
<zairo> xampart: yep already servercert, i think.
<zairo> step 7 quite confusing
<zairo> ok i create new file name mydomain and put it at/etc/ssl/certs/
<jmarsden> zairo: A new file?  Or a copy of the correct part of /etc/ssl/newcerts/01.pem ?   Also, the filename of the certificate is usually mydomain.crt not just mydomain
<zairo> jmarsden i put extension .pem though
<uvirtbot> New bug: #715056 in dovecot (main) "invalid ssl-certificates in /etc/postfix/main.cf after security upgrade" [Undecided,New] https://launchpad.net/bugs/715056
<\sh> I wonder why people still using RHEL or CentOS...the default install of CentOS (without tweaking manually) is a mess and gives me a headache. Why on earth someone needs Squid on a default install? *bhod*
<jpds> \sh: At least it has SELinux by default.
<\sh> jpds: the only positive...but I wonder how many people are trained in writing selinux policies (is there a RHCE training for selinux? dunno)
<zairo> jmarsden: ok finish step8. i restart server and got error :Action 'start' failed.
<jmarsden> zairo: Usually this means you made a mistake in editing a config file somewhere.  Read the logs under /var/log/apache to see what the problem is.
<jmarsden> Um.... /var/log/apache2/
<zairo> Unable to read server certificate from file /etc/ssl/private/cakey.pem
<jmarsden> OK, so check file permissions on that file carefully.
<zairo> wrong cert file. what file i should use?
<zairo> ok. should be 600 rite?
<zairo> now Init: Private key not found
<jmarsden> zairo: If apache2 needs to read it, it may need to be 0640 and group www-data
<zairo> thanks. will do that now.
<_ruben> hmm .. been getting more and more kernel panics on my router vms .. not good .. about time to do some investigations
<TREllis> \sh: sure, there is training for selinux on rhce and afaik squid would never be on by default, depends which package groups you are installing.... bluetooth by default for @base in RHEL5 sucked though
<zairo> Init: Unable to read server certificate from file /etc/ssl/private/cakey.pem
<jmarsden> zairo: Is there really a valid server certificate in that file?
<zairo> i am not sure which is the correct file
<jmarsden> If you followed the instructions, I think cakey.pem is the root CA key, not a server certificate...
<\sh> TREllis: I just installed the server layout from centos without tweaking the package list manually...and squid is installed by default..which looks really awkward
<jmarsden> zairo: What makes you think cakey.pem should be a server cert?
<jmarsden> It's name says it is a CA key, and the instructions show it being a CA key... so why are you telling Apache it is a server certificate?  I'm confused...
<zairo> i follow all the steps and named. is there other name for key file in that tutorial?
<\sh> TREllis: and yes..bluetooth should be avoided
<zairo> sorry i am not really understand what i am doing.
<zairo> i just follow the step.
<jmarsden> if you "followed the steps" then your server cert should be a file called something like /etc/ssl/certs/mydomain.crt
<jmarsden> So did you tell Apache that is where the server certificate is?
<zairo> that is in which steps?
<jmarsden> Incidentally, "not knowing what you are doing" is fairly bad, this is security related setup you are doing here... you need to know what you are doing, to keep your server secured.
<zairo> i do. will try to understand after i manage to make it.
<jmarsden> Back on the https configuration page, I see "The directories /etc/ssl/certs and /etc/ssl/private are the default locations. If you install the certificate and key in another directory make sure to change SSLCertificateFile and SSLCertificateKeyFile appropriately"... what did you do regarding those paths
<zairo> i leave it as default folder
<jmarsden> Then why is Apache trying to read a *server* certificate from /etc/ssl/private/cakey.pem ?
<jmarsden> pastebin your ssl site config file so I can read it, please.
<zairo> ok wait a minute
<jmarsden> zairo: OK, but it is 01:24AM here, I do need to go to bed sometime soon :)
<zairo> http://paste.ubuntu.com/564318/
<jmarsden> Um.  So.. line 5.  Why did you tell Apache that there is a server certificate in the cakey.pem file????
<zairo> ic. may be u can show the way. i think i use the wrong file or something.
<jmarsden> Look at the example in line 10...
<zairo> ic. where is the correct file?
<jmarsden> It uses a .crt file.  You made one of those, right?  Hopefully /etc/ssl/certs/mydomain.crt
<zairo> line 10 is what i am doing before this
<jmarsden> Where did you put the server certificate that you made?
<jmarsden> In step 8.
<jmarsden> That is where it is.
<jmarsden> It is where you put it :)
<zairo> in /etc/ssl/certs/
<jmarsden> OK, so then the SSLCertificateFile line needs to say that :)
<zairo> that's for SSLCertificateKeyFile /etc/ssl/certs/api_undies_my.pem, rite?
<jmarsden> I don't understand the question.
<zairo> the error on certificateFile or CertificateKeyFile?
<jmarsden> Line 5 is definitely wrong.  I don't know about Line 6.
<jmarsden> So change line 5 and retest.
<Blinkiz> Hi. I need to create a couple of dummy interfaces which I can connect to a bridge (br0). Need to test mac number assignments against a switch. Any recommendations? It's like a bunch of virtual machines having there own interface.
<Blinkiz> tun?
<zairo> jmarsden: sorry for your time. may be i can solve it on my own.
<zairo> thanks a lot bro :)
<jmarsden> Blinkiz: It is late and I should sleep, but... do tun devices have MAC addresses??  If you need a MAC address, I'm not sure tun will get you one.
<jmarsden> zairo: OK... goodnight :)
<zairo> ok. nite n nice to meet u
<Blinkiz> jmarsden, tap? :)
<Blinkiz> aaa, tap seems nice
<jmarsden> Blinkiz: Maybe... sounds plausible, at least :)
<jmarsden> I really need to sleep, sorry :)
<Blinkiz> jmarsden, Sleep... It's 10am here :)
<jmarsden> 01:36AM here :)
<Blinkiz> Am sitting here a work. :)
<zairo> jmarsden: will continue tomorrow :)
<zairo> adios
<_ruben> ok, this is getting crazy .. got like 4 kernel panics in an hour
 * dwatkins wonders if there's a lost manpage for parted which has a --show-exact-bytes option documented
<jmarsden> dwatkins: Easier to read the source code than find a possibly nonexistent man page, I would suggest :)
<dwatkins> jmarsden: heh, I guess I may as well use sfdisk, then ;)
<dwatkins> I'm trying to document how a root mirror is defined, so I imagine I need to specify the exact partition size for the possibility one disk gets replaced and needs repartitioning and adding back into the mirror
<jmarsden> dwatkins: Oh... well... doesn't the   unit B   command in parted do that?  It's documented in the man page I have... is it missing from yours?
<dwatkins> ooh, I was expecting a switch...
<jmarsden> Always read the man page :)
<dwatkins> hehe
<dwatkins> also, read it in full, don't just skim looking for what you expect, as I've demonstrated :)
<jmarsden> Indeed :)  OK, now I really really need to go to bed... goodnight :)
<dwatkins> ciao jmarsden - and thanks
<jmarsden> You're welcome
<DaBeast> hmmm
<DaBeast> i'm trying to do this tutorial http://www.wtorrent-project.org/trac/wiki/DebianInstall
<DaBeast> i'm at the point where i putty into the server, and apt-get the list of packages
<DaBeast> but it says here it cant find some packages
<DaBeast> http://pastebin.com/0pN8K6C2
<DaBeast> how can i fix this? (note, this is one of my first linux expierences :D )
<dwatkins> Sounds like it's an old tutorial, DaBeast
<DaBeast> yup
<DaBeast> are there any replacement packages?
<DaBeast> there was more, but i fixed some (i think)
<dwatkins> It appears g++ is now at version 4.4
<dwatkins> 4.5.1-7ubuntu2 is the current version of libstdc++
<dwatkins> the ++ makes searching with apt-cache difficult
<DaBeast> yeah, i tryd that, and it came up with lots of irrelevant apps like VLC and codecs lol
<dwatkins> That sounds like a regexp problem, what did you try to do to install it?
<dwatkins> also, it may already be installed, check 'dpkg -l' output with grep
<DaBeast> gotta check my putty logs, its out of bounds hehe
<S1am> hello
<S1am> i want to host the reccomended packages for ubuntu server locally, saving bandwidth in a corporate environment. can anyone describe how to do this
<S1am> also to allow multiple installs without having to create more proxy exceptions and so on
<dwatkins> DaBeast: I suggest using GNU Screen to be able to scroll back (increase the default scrollback to a about 10,000)
<dwatkins> S1am: I believe you can use apt-mirror for this.
<DaBeast> ok, will install that, thanks!
<DaBeast> i'm kinda new to this, hehe
<dwatkins> DaBeast: screen is excellent for situtations where you might want to disconnect but leave processes running on a remote system, but takes a little getting used-to
<dwatkins> It's worth the learning-curve, imho
<S1am> how would you recommend hosting this?
<DaBeast> i see, is screen also a SSH client?
<dwatkins> S1am: I've never used it, so I can't really give any reccomendations - what do you mean by hosting, though?
<dwatkins> DaBeast: no, it provides the equivalent of a tabbed command line client but all with text
<S1am> well, should on it be a server all of its own with all the repositories as well, or could it be hosted on a server with a bunch of other apps
<DaBeast> nice
<S1am> can the server part be by itself and then all of the storage elsewhere
<S1am> *should it be on
<dwatkins> S1am: I suspect it's the same as hosting any other kind of file repository, it depends on your requirements in terms of bandwidth. Serving out files tends to be mainly bound by the network, not the CPU, so you should be able to run other services, depends on the overall load of each.
<dwatkins> Also, if you have multiple concurrent connections, the speed of disk access may be an issue, but I suspect network will still be your main bottleneck.
<S1am> ok
<qman__> S1am, there are a number of different ways to do what you're asking, apt-mirror is one of them
<qman__> they each have advantages and disadvantages
<S1am> apt-mirror downloads the packages right?
<qman__> I use squid to proxy them myself
<qman__> yes
<jpds> S1am: Transparent Squid proxy.
<S1am> at my work we have an inline bluecoat proxy
<Blinkiz> Hi. I need to test a dhcp server here by creating around 10 interfaces. I hope I can do this from only one computer. Meaning, 10 dummy interfaces with 10 unique MAC addresses
<Blinkiz> Any suggestions what am seeking for here? Some kind of bridge and tap interfaces maybe?
<qman__> the best thing about a transparent squid proxy is that there is zero client configuration
<DaBeast> Hmm no windows build, ah well, no biggie
<S1am> bluecoat provides this as well
<qman__> Blinkiz, nothing that complicated, configure interfaces as eth0:0, eth0:1, etc
<Blinkiz> qman__, Do they get different mac addresses this way?
<qman__> not sure
<Blinkiz> qman__, another problem is that it does not seems like I can get a subinterface up without specifying a static IP address for it
<S1am> how do you actually host the packages downloaded by apt-mirror
<S1am> is there a way of installing a http server with the right configuration
<S1am> and configuring the installer to download from that location
<qman__> S1am, no special configuration is necessary, you just need the files in the right tree
<qman__> the problem with that method though is that each client must be configured at install time to use your mirror
<S1am> iyes
<S1am> i'm ok with doing that though
<S1am> i'm trying to make cookie-cutter installs
<S1am> i work a at a mining company that has 2 mines and has just acquired a third
<S1am> each mine has lots of PLCs and they are networked with switches, we want to be able to monitor everything using nagios installed on ubuntu-server
<S1am> so i don't want to have to be downloading everything over and over- especially the remote sites
<qman__> well, the web server itself doesn't need anything special configured, the files just need to be in the right tree and places, and I'm fairly sure apt-mirror does that part for you
<qman__> you'd have to read the documentation for specifics, though
<S1am> i don't understand how the installer knows how to actually download it though?
<qman__> it's configured in apt
<S1am> ok given that this is always going to be installed on a virtual server via an iso
<S1am> can i just mount the iso and configure apt there
<qman__> you'd have to configure apt and then rebuild the image
<qman__> at least as far as I know
<qman__> I haven't done it myself, just going by what I've read
<S1am> what do you mean by rebuild
<qman__> there should be documentation on all of this, though
<S1am> as in set up the boot sector again
<qman__> no, build a custom iso image
<qman__> with your special configurations
<S1am> ok
<S1am> do you have any links to documentation on this
<S1am> building custom iso images?
<DaBeast> dwatkins: thanks, i got it to downloading files now
<dwatkins> cool DaBeast
<qman__> I don't have any off hand
<qman__> look into building custom live CDs and USB installers
<qman__> that should point you in the right direction
<S1am> k
<qman__> also, look for apt-mirror documentation
<qman__> since I'm sure you're not the first person who has wanted to do this
<S1am> yes
<S1am> thanks for the help
<qman__> disk imaging might be easier, too
<S1am> yeh up to a point
<qman__> since basically all you have to do is remove /etc/udev/rules.d/70-persistent-net.rules, set the host name, and configure the network to get a unique install
<qman__> a short script would handle it
<qman__> if you're using DHCP that last part goes away, too
<S1am> do you think disk imaging, in general, is more likely to corrupt an install over just installing everything naturally
<S1am> in the case of desktop pcs
<S1am> for a school, for instance
<qman__> corrupt installs only happen with hardware failure
<qman__> or broken operations/kernel crashes
<S1am> a lot of schools have aging computers with 5 year old hard drives
<qman__> and in the case of failing hard drives, corruption is equally likely with either method
<S1am> the question is which is easer on them, disk imaging or installing naturally
<qman__> you're more likely to notice the failure with imaging though
<dwatkins> If I were administering a school, I'd consider having the disks in the PCs replaced with either internal USB flash drives (cheap ones, glued in carefully) or have them boot off the network.
<qman__> since the disk imaging utility will tell you
<qman__> whereas a normal install may just have silent errors that manifest later
<S1am> true
<qman__> and yes, if you can afford one or two servers you can count on, network booting is a great option
<S1am> the case i am working on is for virtual servers
<S1am> vmware environment
<dwatkins> for virtual servers I tend to just copy the disk images, or clone them as required
<dwatkins> If I could authenticate via winbind, I'd run all my virtual servers on vmware
<S1am> the servers need to be configurable
<S1am> in terms of what software is installed to start with
<qman__> you can create a base image with no software/whatever you have on every server
<qman__> and then install on top of that
<qman__> or you can create a few baseline images to use
<S1am> ok so to install on top i would use apt-mirror?
<S1am> after configuring the installer as discussed above
<qman__> no, that's different
<S1am> how so
<qman__> if you want a base server image for virtualization, you just install from disc, configure it the way you want, then save a copy
<qman__> the stock disc
<S1am> yes
<qman__> then, you copy that image for all the new servers, already installed
<qman__> already configured to use your mirror
<S1am> ah i see
<qman__> you just have to change the hostname and configure the network for them
<qman__> which you could automate with a script
<_ruben> what would be the easiest way to grab the output of a kernel panic/oops? they tend to scroll off screen
<qman__> _ruben, use shift+pageup
<_ruben> qman__: isn't gonna do much good when the system is frozen
<qman__> well, if it's locked solid, not much you can do
<dwatkins> if it's reproducable, you can configure the console to output via the serial port
<qman__> yeah, and log with your client application
<dwatkins> well, you can do that in any case, but if it's a reproducable problem that's useful, I mean
<qman__> or configure your framebuffer to use a higher resolution, so it fits more on screen
 * dwatkins wondres if the magic SysRq keys might be useful here
<dwatkins> Do you have any details on the panic, _ruben?
<qman__> if the keyboard lights are still blinking, sysrq will probably still work
<dwatkins> also, is anything written to /var/log/messages at the time?
<qman__> and /var/crash
<dwatkins> It appears boot.log isn't kept between reboots
<_ruben> it's somewhere in the (ipv6) network stack, and might be triggered by ospfv3 mucking with the fib
<_ruben> it's a vm (esxi), wonder if i can get it to use a highres framebuffer for the console
<qman__> might as well ask again now that some people are here
<qman__> my file server is having an odd problem that mkdir takes a very long time
<dwatkins> for all users, local and otherwise, and in all locations, qman__?
<qman__> I checked it with tune2fs, and I'm not anywhere near running out of inodes
<qman__> yes
<qman__> well, all locations on the raid at least
<qman__> I can check the rest of the system
<dwatkins> have you tried running strace with the relevant timestamps to see what's taking the longest time?
<qman__> it's only mkdir, files are fine
<qman__> I have not
<dwatkins> Sounds like a metadata issue, but that would probably pinpoint it a little.
<dwatkins> Start with strace -fro mkdir $SOMEDIR
<dwatkins> no wait
<qman__> directories not on the raid are quick
<dwatkins> Start with strace -fro mkdir.trace  mkdir $SOMEDIR
<dwatkins> sorry
<qman__> so it's just that filesystem
<qman__> ok
<dwatkins> also, what kind of filesystem and how is it mounted
<qman__> when I do it with strace it goes quick
<qman__> ext3, mounted on /home
<qman__> only option is relatime
<dwatkins> that's really wierd that it would work better when you're running with strace, that suggests it's a buffering issue, perhaps
<dwatkins> like it's waiting for the queue to be full before committing the mkdir
<qman__> I have some stuff running in the background but it's half what my GUI desktop is doing
<qman__> it shouldn't be having any significant performance impact, the load is under .1
<qman__> iowait is normal
<dwatkins> I'd suggest looking at sar data in that case.
<dwatkins> get stats every 5 seconds for a couple minutes and have a good look at all of them.
<qman__> ok
<qman__> thanks for the tips, at least I have something to look for now
<dwatkins> you're most welcome, qman__ - I'd be very interested to know the cause when you find it.
<DaBeast> whats the hard drive equivilant of ifconfig? (i want to view all available drives)
<xampart> ls /dev/sd?
<TeTeT> probably fdisk -l
<DaBeast> with fdisk it says invalid option '1'
<xampart> "-l"
<DaBeast> still fails :p
<xampart> how about "sudo fdisk -l"
<DaBeast> invalid option -- '1'  :p
<xampart> not 1, but l as in list
<uvirtbot> New bug: #715141 in ntp (main) "ntp.ubuntu.com does not have AAAA record" [Undecided,New] https://launchpad.net/bugs/715141
<DaBeast> haha lol
<DaBeast> hard to see the difference xD
<xampart> cut+paste, eh?
<xampart> and -h -option usualle helps
<ogra> use a proper font in your IRC client :)
<DaBeast> :p
<DaBeast> makes sence :p
<DaBeast> can linux use fat32/ntfs partitions?
<DaBeast> i want to hook up my external harddrive to it
<m_tadeu_> when I sudo, my server keeps saying that it can't resolve the name of the server, dispite it's identified in /etc/hosts
<Pici> m_tadeu_: Is it the same in /etc/hostname ?
<m_tadeu_> Pici: sames name yes
<m_tadeu_> in /etc/hosts is identified like this "127.0.1.1 myserver" right after the localhost...should this also be a 127.0.0.1?
<zul> morning
<m_tadeu_> still unable to resolve
<m_tadeu_> what else can I do about it?
<uvirtbot> New bug: #715152 in ntp (main) "ntp wont run on IPv6 only host unless lo has 127.0.0.1 address" [Undecided,New] https://launchpad.net/bugs/715152
<RoAkSoAx> Morning all
<m_tadeu_> hi
<Pici> m_tadeu_: sorry, got stuck doing something else.  It can't hurt if you put in another line that has 127.0.0.1 like the 127.0.1.1
<m_tadeu_> Pici: it's ok...well I checked and the 127.0.1.1 is to resolve the name...apparentely sudo needs this...problem is it's there and set properly and it still complains about it
<Pici> m_tadeu_: Does `hostname` report the same hostname that you have set in /etc/hostname ?
<RoAkSoAx> hallyn: howdy!! libvirt 0.8.7 will be in natty right?
<m_tadeu_> Pici: in deed it does
<Pici> m_tadeu_: curious...
<m_tadeu_> Pici: I'm out of my environment here....not much of a sys admin :) and I run out of solutions pretty fast. but this is weird...can bind have anything to do with this?
<Pici> m_tadeu_: It could, if your server couldn't resolve its own hostname for some reason due to a misconfiguration.
<Pici> m_tadeu_: does   host $(hostname)   work?
<m_tadeu_> Pici: "not found: 3(NXDOMAIN)
<Pici> m_tadeu_: Theres your issue.  You can't resolve your own hostname.
<m_tadeu_> Pici: will uninstalling bind solve the problem?
<Roasted_> anybody offhand know the command to stop/start freeradius in ubuntu?
<resno> sudo /etc/init.d/freeradius restart?
<Roasted_> resno, why are you such a genius
<Roasted_> stop being so smart
<resno> heh
 * resno bows
<Roasted_> I was trying radiusd, because radiusd is what most other distros use.
<Roasted_> duur
<Roasted_> I feel like each freeradius guide I read, I have to adapt what I'm reading to ubuntu-based commands for it.
<resno> Roasted_: am i wrong? i was taking a guess
<Roasted_> no, you're right.
<Roasted_> I'm just explaining why I goofed.
<resno> ah lol
<Roasted_> it seems debian land loves to be different, since debian is the same way.
<Roasted_> but centos/etc has the "official" guide. pfft.
<Roasted_> hey resno here's a pop quiz question for you.
<uvirtbot> New bug: #461441 in exim4 (main) "package exim4-daemon-light 4.69-9ubuntu1 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,Won't fix] https://launchpad.net/bugs/461441
<Roasted_> my ubuntu install in VMWare loses external internet connection frequently. upon bootup as well as at random times. the fix? disable/renable network manager.
<Roasted_> why. :)
<Roasted_> Access denied
<Roasted_> . lolz.
<resno> ive actually read that
<Roasted_> because it's a server I'm probably going to take out NM and static the IP in the network file.
<resno> Roasted_: you got vmware running? what version of ubuntu?
<Roasted_> but I don't want to just accept that and not "fix" it or understand why
<Roasted_> 10.04.1 32 bit
<Roasted_> it's on a static IP too.
<Roasted_> it did it on DHCP though as well.
<resno> i use virtualbox now, i want to go to vmware
<Pici> m_tadeu_: I'm not familiar enough with bind configuration to say either way.
<resno> hey Pici
<Roasted_> I'm trying to SSH into the box now and it's saying access denied.
<Roasted_> yet I totally know my password is like, right, or something.
<resno> you are denied.
<Roasted_> :(
<Roasted_> resno, what did you read about that issue?
<resno> have any issues getting vmware running?
<Roasted_> I didn't get vmware running.
<Roasted_> the network admin did.
<resno> lol oh
<Roasted_> I'm just doing this project since it's linux based so it's kind of up my alley
<Roasted_> trying to halp out, etc.
<resno> ive just seen network manager have various issues when setting things up etc
<Roasted_> yeah. it's been behaving itself nicely since 10.04 tho
<resno> ah ok
<Roasted_> I guess I need to brush up on how to set up static interface files, I haven't done one in a while.
<resno> Roasted_: do you consider yourself a sys admin?
<Roasted_> no. I do desktop support, but they've been getting me more into server stuff.
<Roasted_> but I'm also a linux fanboy, so when a linux project came up it got tossed to me to do.
<Roasted_> I've worked with servers a lot, but never on a grand scale of an enterprise environment.
<resno> i think im going for a careear change, but i am not sure how best to get into it.
<Roasted_> resno, what in particular?
<resno> leaving developement and get into sys admining
<Roasted_> side question - if I'm setting a static IP without network manager, do I set the DNS entry in the resolv config or do I add it in network interfaces?
<resno> well, not leaving but just less focus
<Roasted_> resno, well, anything in IT is a royal headache. forwarning you.
<patdk-wk> that depends
<Roasted_> there's days I leave wondering why I come in here. But Is till enjoy it.
<patdk-wk> if you have resolvconf installed, in network/interfaces
<patdk-wk> if not, in resolv.conf
<Roasted_> resolv.conf is in /etc/network right?
<patdk-wk> no
<patdk-wk> /etc/resolv.conf
<resno> Roasted_: true, there are issues and headaches everywhere. when it works its wonderful.
<Roasted_> yeah I have /etc/resolv.conf
<Roasted_> resno, yep. gotta love it. :P
<patdk-wk> you should always
<patdk-wk> but do you have /etc/resolvconf
<uvirtbot> New bug: #581997 in exim4 (main) "package exim4-daemon-heavy 4.69-5ubuntu2 failed to install/upgrade: subprocess pre-removal script returned error exit status 3" [Undecided,Won't fix] https://launchpad.net/bugs/581997
<Roasted_> within /etc/resolv I have an update-libc.d folder.
<Roasted_> but thats it
<Roasted_> er
<Roasted_> yes, i do
<Roasted_> sorry. ID-10-T moment
<Roasted_> has an entry for generated by networkmanager.
<Roasted_> back it up and edit those entries accordingly?
<patdk-wk> na
<patdk-wk> safe method would be
<patdk-wk> add dns entrys in /etc/network/interfaces
<patdk-wk> and also edit /etc/resolv.conf
<Roasted_> is it nameserver or dns-nameserver?
<Roasted_> for when I add it to net interface?
<hallyn> RoAkSoAx: yes
<patdk-wk> resolvconf will wipe out /etc/resolv.conf if it wants do, but the network/interfaces one would be used then
<Roasted_> hm, so what's optimal here. Do I let resolvconf alone and just add DNS to net/interface? or do I add the DNS to both?
<patdk-wk> leave resolvconf alone
<patdk-wk> if resolv.conf doesn't say, autogenerated by xxxxx, edit it
<Roasted_> It says #Generated by NetworkManager
<RoAkSoAx> hallyn: someone filed a bug requesting the update, so I just assigned it to you :)
<patdk-wk> you have a gui installed on that box?
<zul> hallyn: tgt is horribly outdated in natty you want me to do an update?
<Roasted_> yes, it's a desktop installation virtually on vmware, but it will be acting as a light duty radius authentication server.
<Roasted_> I'm remoted in to it now
<Roasted_> network manager is acting up, so I want to disable it and use static via interface files.
<Roasted_> patdk-wk, by chance do you know the proper dns entry to put in net/interface? I've seen nameserver, nameservers, and dns-nameserver
<patdk-wk> man interfaces
<Roasted_> already been there.
<Roasted_> I saw everything *but* nameserver.
<Roasted_> MTU size, TTL time, etc.
<patdk-wk> odd
<Roasted_> gateway, pointtopoint, metric, bcast, netmask, etc.
<Roasted_> just not... dns/nameserver :P
<m_tadeu> Pici: it worked....I unsintalled bind and setup the dns on a router
<Roasted_> speaking of which, if I'm not using network manager, will /etc/init.d/networking stop/start/restart still work or does that only work to NM?
<patdk-wk> dns-nameserver x.x.x.x x.x.x.x
<Pici> m_tadeu: cool beans, sorry I couldn;t be of more help.
<Roasted_> thanks bro
<m_tadeu> Roasted_: it works for unmanaged interfaces
<Roasted_> I just read different guides and they all said soemthing different.
<m_tadeu> Pici: it's cool...you brought me the light to get there :)
<Roasted_> will it be sufficient to just remove NM from startup apps? I hate to uninstall it just yet.
<patdk-wk> no, it will remove itself
<m_tadeu> now for the next problem...I have asterisk installed, but when I reboot, the service doesn't start
<uvirtbot> New bug: #488615 in exim4 (main) "package exim4-config 4.69-5ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Incomplete] https://launchpad.net/bugs/488615
<uvirtbot> New bug: #526389 in exim4 (main) "package exim4-config 4.69-11ubuntu4 failed to install/upgrade: useradd: cannot lock /etc/passwd; try again later." [Undecided,Incomplete] https://launchpad.net/bugs/526389
<uvirtbot> New bug: #691162 in exim4 (main) "package exim4-config 4.71-3ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Incomplete] https://launchpad.net/bugs/691162
<Roasted_> removing it from startup apps won't uninstall itself though...
<Roasted_> connect: Netowrk is unreachable.
<Roasted_> :/
<m_tadeu> where can I check if a server is being run on boot or not?
<patdk-wk> service?
<m_tadeu> patdk-wk: service yes :) typo
<Roasted_> still cant get external access.
<Roasted_> nice.
<Roasted_> nice nice nice.
<patdk-wk> heh?
<patdk-wk> m_tadeu, I haven't found a good way
<patdk-wk> generally everything in /etc/init and /etc/init.d is run, and some of them disable themselfs depending on settings in /etc/default
<Roasted_> oh, nice. somehow interfaces/network is reverting back to normal when I reboot. I lose my entire eth0 entry.
<Roasted_> why would I lose my entire entry.
<uvirtbot> New bug: #715209 in rabbitmq-server (main) "Please sync rabbitmq-server 2.3.1-1 from Debian unstable" [Undecided,New] https://launchpad.net/bugs/715209
<uvirtbot> New bug: #378307 in exim4 (main) "local_scan modification and new package" [Undecided,Won't fix] https://launchpad.net/bugs/378307
<m_tadeu> please confir me...ubuntu only runs on run level 2?
<patdk-wk> there are no *levels*
<patdk-wk> the levels are just there to *fool* old startup scripts
<m_tadeu> patdk-wk: well it looks like they're still being used...and mine is nunning on L2...and the rcX.d dirs have all the links to the services
<patdk-wk> like I said, compatability mode
<Roasted_> unknown host: www.cnet.com
<m_tadeu> patdk-wk: got it...
<Roasted_> except, I have an ip, and subnet, and everything else.
<fullstop> Hi all.  I have a 10.04 server that I'd like to enter a bug report for.  Unfortunately, I backported packages from 10.10 to correct the problem, and I can't run ubuntu-bug to actually report the bug against the correct version.
<Roasted_> it just wiped my config.
<Roasted_> I was in the middle of reading over my network interface config and it came up and said something has changed, do you want to reload your file?> I hit reload and the entire eth0 entry disappeared.
<Roasted_> what in the world is causing this.
<zul> who is running the meeting today?
<JamesPage> zul: me
<zul> JamesPage: k i just added an agenda item
<JamesPage> zul: nice
<fullstop> Anyway, the qemu version in 10.04 has a pretty bad bug with virtio disks > 2TB in size.  Massive file system corruption.
<m_tadeu> is there a tool to control the services, if they start or not?
<Roasted_> why does my network interface file hate me.
<alvin> m_tadeu: Not yet (last time I looked). It's on the todo-list.
<m_tadeu> alvin: thx...not good...somehow my asterisk server is not running at startup and I can't figure out why
<DaBeast> how can i cd to /dev/sdb1 ?
<DaBeast> since cd /dev/sdb1 doesnt work
<EvilPhoenix> DaBeast:  mount /dev/sdb1 somewhere
<EvilPhoenix> I.E.
<EvilPhoenix> sudo mkdir /media/mountdir; <dir to mount at>; mount -t <partitiontype> /dev/sdb1 /media/mountdir
<Roasted_> Would it make sense that having DHCP still enabled on a machine with a static IP could result in the /etc/network/interface file changing at completely random times back to default?
<EvilPhoenix> that's one way at least
<EvilPhoenix> er
<EvilPhoenix> sudo mount*
<alvin> m_tadeu: Since Ubuntu switched to upstart (without the 'legacy mode'), a lot of stuff doesn't autostart. I'm having the same struggles, but with other software. Proper boot logging would be nice too.
<DaBeast> hmmm, let me try that, thanks :p
<DaBeast> so its sudo mount /media/mountdir; <dir to mount at>; mount -t <partitiontype> /dev/sdb1 /media/mountdir ?
<alvin> m_tadeu: Asterix is probably missing an upstart-compatible boot script
<EvilPhoenix> DaBeast:  well, that's the code, but you need to put a few things in there
<DaBeast> why does it do btw, the mounting
<EvilPhoenix> DaBeast:  (a) you need to decide what to name the mountdir
<EvilPhoenix> DaBeast:  (b) you need to know the partition type, and i have an extra ; in there
<m_tadeu> alvin: is upstart that thing that you start a service with "service xxxx start"?
<DaBeast> its ntfs, for windows compatibillity
<DaBeast> its an external usb drive
<Roasted_> How do I disable DHCP without uninstalling it? If I uninstall DHCP it'll take out ebox, whcih is something I NEED to stay installed. I just want to disable DHCP on eth0.
<EvilPhoenix> DaBeast:  then try this: sudo mkdir /media/<dir to mount at>; sudo mount -t ntfs /dev/sdb1 /media/<dir to mount at>
<DaBeast> do i need to mount it every time the server reboots?
<alvin> m_tadeu: Yes. (I think the 'service' part might be deprecated)
<EvilPhoenix> DaBeast:  generally, yes.  but if its a server, how often are you going to be rebooting it?
<DaBeast> whats the <dir to mount at> ? it seems odd to me, since its my first linux experience :D
<DaBeast> probably allot
<EvilPhoenix> DaBeast:  you put whatever directory name you want there :P
<EvilPhoenix> i.e.
<DaBeast> since it wont be online 24/7
<EvilPhoenix> if i wanted to name the directory i'm mounting the drive to "evil", i'd do this command then:
<m_tadeu> alvin: "service xxx start" works fine..."start xxx" says it doensn't know the job
<DaBeast> its an old laptop, i'm wanting to convert it to a seedbox :D
<EvilPhoenix> sudo mkdir /media/evil; sudo mount -t ntfs /dev/sdb1 /media/evil
<alvin> Isn't it 'xxx start'?
<EvilPhoenix> DaBeast:  lol, i dont recommend running a laptop as a server
<EvilPhoenix> at ANY time
<patdk-wk> m_tadeu, sounds like it was moved to upstart
<DaBeast> why not?
<EvilPhoenix> DaBeast:  they arent built for it
<EvilPhoenix> consider.
<DaBeast> true, it has ben on for a couple of days before tough
<EvilPhoenix> i've got this laptop here that runs standard Ubuntu Desktop edition.
<DaBeast> worked just fine
<EvilPhoenix> it overheats every other day if I run it without shutdown
<EvilPhoenix> now consider my desktop box.
<EvilPhoenix> custom built
<alvin> m_tadeu: There is a /var/log/boot (don't use - breaks your system) and a /var/log/boot.log (but information in there is not incorrect, but misleading)
<EvilPhoenix> running as a server
<alvin> m_tadeu: But if your daemon is in there, upstart at least attempts to start it
<DaBeast> hmm
<EvilPhoenix> overheats every 3 weeks that i dont keep tabs on the thing
<EvilPhoenix> also
<EvilPhoenix> more power in the desktop than the laptop
<EvilPhoenix> and when I say desktop, substitute server in for the word
<DaBeast> well, i'm wanting to underclock the laptop so it gets less hot
<EvilPhoenix> still dont recommend a laptop as a server platform
<DaBeast> its only for downloading some torrents and nzb's
<EvilPhoenix> OH GOD... torrents... o.o
 * EvilPhoenix walks out upon hearing the ungodly word that was just spoken
<DaBeast> yes, i'm a sinner xD
<DaBeast> also, torrents arent nessesairly illegal, you know :p
<alvin> m_tadeu: Does asterisk needs network connectivity in order to work?
<alvin> m_tadeu: (to start, that is)
<m_tadeu> alvin: it does...because it does some checking for name servers and other hosts, etc
<alvin> m_tadeu: That' bad news. That is in essence my problem too. Someone is working on improving this aspect. A service, or part of it that relies on the network being there will often fail. (NFS, libvirt,... and apparently also asterisk)
<alvin> I hear systemd has the same troubles with NFS... Booting isn't funny anymore nowadays. (But fast as ligtning!)
<m_tadeu> alvin: well should that try be logged in /var/log/boot.log? and the asterisk log should have something too, I guess
<alvin> m_tadeu: I think it should, yes.
<m_tadeu> alvin: well it's not...that's why I think it's not even trying to run it
<alvin> m_tadeu: My remark about the log nog being reliable is because the log might be full or errors/warnings about something not working, while it sometimes does. Like mounting remote drives.
<m_tadeu> alvin: I see
<alvin> m_tadeu: And after boot you can start it manually, without errors?
<DaBeast> EvilPhoenix now hates me xD
<EvilPhoenix> huh?
<EvilPhoenix> ohi
<EvilPhoenix> sorry, i was actually trying to find an excuse to get coffee
<EvilPhoenix> :P
<EvilPhoenix> anyways...
<DaBeast> lol
<EvilPhoenix> so where was I
<EvilPhoenix> oh right
<DaBeast> anyways, i think my laptop would be good starters hardware
<EvilPhoenix> *shrugs*
<EvilPhoenix> do what you want, I gave you the command structure for the mount command
<DaBeast> yes, thank you, kind sir :D
<EvilPhoenix> once you make the directory you're mounting to, though, you wont need to recreate it each time
<EvilPhoenix> but you WILL need to mount it each time
<EvilPhoenix> you restart
<DaBeast> cant i put it in some kind of autoexec?
<patdk-wk> dabeast, sure, install dos
<EvilPhoenix> maybe fstab... but idk
<EvilPhoenix> patdk-wk:  lol
<DaBeast> rofl patdk-wk
<patdk-wk> hasn't the whole auto-x thing cause most all security issues for microsoft?
<patdk-wk> autorun usb, cdrom, floppy, emailattachments, ...
<EvilPhoenix> patdk-wk:  indeed, but discuss that in ##windows or #ubuntu-offtopic
<EvilPhoenix> kay?
<patdk-wk> na, it's related to this
<EvilPhoenix> :P
<patdk-wk> why I wouldn't want an autorun on mount in my unix machines
<EvilPhoenix> he doesnt want autorun ya tard, he wants it to just MOUNT
<hallyn> cmagina: do you have any complaints to zul's plan to update tgt for lucid?
<EvilPhoenix> he wants the thing to mount automagically on boot
<DaBeast> i mean like, for network settings youd have /etc/network/interfaces
<patdk-wk> oh heh
<patdk-wk> it confused me :)
<zul> hallyn: no for natty
<patdk-wk> ya, fstab :)
 * EvilPhoenix cannot assist with fstab config :/
<DaBeast> also, what will happen when the drive isnt inserted?
<EvilPhoenix> it'll fail to mount :P
<EvilPhoenix> and probly spit an error into the logs somewhere
<DaBeast> i tought it might keep spamming the terminal or somethign :p
<hallyn> zul: d'oh.
<m_tadeu> alvin: yes with no problem at all
<EvilPhoenix> it might, since I've never actually had an issue with mounting, since I have RAID setup on my server box :P
<hallyn> zul: in that case, pure awesomeness, thanks
<patdk-wk> na, normally only once
<EvilPhoenix> i havent had an fstab issue yet so meh
<EvilPhoenix> :P
<DaBeast> :p
<patdk-wk> I have nfs fstab issues, I still can't solve
<alvin> m_tadeu: In that case, it's a bug in either asterisk or upstart. I'd try filing with $ ubuntu-bug asterisk
<DaBeast> is fstab a component of mount?
<DaBeast> because fstab doesnt seem to exist alone
<patdk-wk> man fstab, /etc/fstab
<patdk-wk> mount uses fstab
<patdk-wk> basically like a config file
<DaBeast> i see, thanks
<EvilPhoenix> except since you said you're a linux newb, i'd not go messing with fstab if I were you
<EvilPhoenix> unless you're guided through the process :P
<EvilPhoenix> you mess up fstab, you can seriously screw up your ability to boot :P
<DaBeast> darn :p
<alvin> EvilPhoenix: Can't get worse. The NFS part in my fstab is the same as the fstab of my collegue. My shares get mounted and his do not. We have the same errors during boot. (failed to resolve server, name or service not known, terminated with status 32)
<alvin> He always has to do mount -a after boot
<EvilPhoenix> lol
<patdk-wk> add the name to the hosts file?
<patdk-wk> I just nfs mount with ip's
<alvin> He's not here, but the machine is up. trying...
<alvin> patdk-wk: Well, well... it works. What's the difference?
<patdk-wk> your dns server isn't working when he boots
<patdk-wk> or, his dns server
<alvin> We have been searching for this a long time and I don't have to add the IP
<patdk-wk> what dns server you using?
<patdk-wk> and is it in your hosts file?
<alvin> We're both using DHCP.
<alvin> No, I don't have the server in the hosts file
<patdk-wk> what dhcp server?
<alvin> bind. It's the same machine as the dhcp server
<patdk-wk> heh?
<patdk-wk> you have atleast 3 machines there?
<alvin> Now his log doesn't complain about not finding the server. Mine still does
<patdk-wk> yours, his, and a dhcp/bind router?
<alvin> patdk-wk: Yes, (and about 80 other machines)
<patdk-wk> your machine must be faster than his then
<patdk-wk> guess his is taking too long to get dhcp going and started
<patdk-wk> where yours fails a few times, but then gets dns working, and goes on
<alvin> I think he's on a slower part of the network. His machine is a core duo. Mine is i5
<alvin> Before upstart, we could all boot and mount without trouble with the same fstab configuration.
<patdk-wk> yep
<patdk-wk> cause upstart changed it all
<alvin> Same network, but with some slower machines.
<patdk-wk> before everything was in a nice neat order
<DaBeast> EvilPhoenix: succes! :D
<DaBeast> i edited the fstab, it works
<DaBeast> long live wikipedia lol
<alvin> now it's chaos. This is my boot.log .... http://pastebin.com/vT92eYde
<alvin> One look at that file is always: omg! it's all going wrong!
<alvin> (and that's the log when shares actually do get mounted)
<patdk-wk> it's the same issue
<alvin> patdk-wk: Do you know an open bug about this?
<patdk-wk> I have searched and looked, and I think they are closed
<patdk-wk> atleast your issue is easy to fix
<patdk-wk> mine not so much, and stil not sure why
<alvin> Well, workaround.
<alvin> It's different?
<patdk-wk> well, if you didn't use dhcp, it would work without hosts, easily
<alvin> (I did file some bugs about this, but they are set to resolved.)
<patdk-wk> I use ip addresses, not host names, so I don't have your issue
<alvin> patdk-wk: I started using dhcp because it didn't work without it in the past... (resolved now)
<patdk-wk> but if my network card is down, boot hangs on nfs mounts
<alvin> ah
<alvin> There is this bug 275451
<uvirtbot> Launchpad bug 275451 in sysvinit "nfs mounts specified in fstab is not mounted on boot. " [Undecided,New] https://launchpad.net/bugs/275451
<alvin> For some people it only works when using DHCP, for some it only works with static IP.
<uvirtbot> New bug: #715281 in postfix (main) "Upon update, /etc/postfix/main.cf stopped procmail processing" [Undecided,New] https://launchpad.net/bugs/715281
<nhck> When installing WebDav on apache. How do I get it to create seperate directories for each user that logs in? like https://webdav.example.com -> user a logs in -> data gets mapped to folder a
<RoAkSoAx> kirkland: ok so what exactly woulod be the purpose of adding the indicator for testdrive?
<kirkland> RoAkSoAx: if someone has TestDrive installed, it would tell them when a candidate ISO is ready for A1, A2, A3, B1, RC, or GA
<RoAkSoAx> kirkland: if it's just for that, we might as well have notifications (notify-osd) with configurable remainders or something
<RoAkSoAx> until I can find a better use for the indicator
<RoAkSoAx> i'll have it anyways
<RoAkSoAx> kirkland: now, how can I determine if there's candidate ISO ready for A1,etc,etc?
<kirkland> RoAkSoAx: great question;  i'm not sure.  hggdh: is there a way to tell, programmatically?
<kirkland> RoAkSoAx: i was thinking something along the lines of the way the envelop lights up green, when you have email in the inbox
<uvirtbot> New bug: #715294 in openipmi (main) "Loading ipmi_msghandler generates a kernel Oops" [Undecided,New] https://launchpad.net/bugs/715294
<SpamapS> doesn't notify-osd disappear after a while? Seems the messaging indicator is a better place for this.
<SpamapS> kirkland: bingo! messaging indicator is t3h bomb. :)
<kirkland> SpamapS: yeah, i agree, notify-osd goes away
<RoAkSoAx> kirkland: SpamapS yeah messaging indicator then. The only problem would be to know how if the candidate ISO is available
<kirkland> RoAkSoAx: yeah, for that, let's talk to hggdh and the q/a team
<RoAkSoAx> s/how if/when is
<RoAkSoAx> hggdh: ping
<kirkland> RoAkSoAx: http://cdimage.ubuntu.com/releases/11.04/
<kirkland> RoAkSoAx: i think that should tell you
<hggdh> kirkland: no, there is no way to tell programatically if an ISO is a candidate...
<hggdh> RoAkSoAx: pong
<RoAkSoAx> kirkland: if they gives us a .manifest or .manifest-daily that would be the best
<RoAkSoAx> hggdh: ""
<kirkland> hggdh: hmm, well that seems to be something that we should remedy
<RoAkSoAx> hggdh: ^^
<kirkland> RoAkSoAx: let's see if cjwatson has any ideas
<hggdh> kirkland: iso.qa.ubuntu.com will send out an email when an ISO is *officially* available for tests, but this is all
<kirkland> cjwatson: howdy;  we'd like a programmatic way to determine when there are Alpha/Beta/RC candidate ISOs available
<kirkland> hggdh: hmm, can we get that process to put up a flag somewhere wgettable, too?
<hggdh> RoAkSoAx: we need an out-of-band (I guess) process for that
<cjwatson> kirkland: the best way right now is to scrape iso.qa.ubuntu.com
<hggdh> kirkland: this might be a way.
<cjwatson> candidate images are put there
<kirkland> cjwatson: okay, thanks
<cjwatson> I wouldn't want to add something on cdimage until we add some mechanism for us to programmatically push to iso.qa - otherwise things will get out of sync
<hggdh> one could wget iso.qa.u.c, and check the headers
<kirkland> cjwatson: fwiw, RoAkSoAx is going to add a Messaging Indicator to TestDrive, that will flag users of TestDrive when there are candidate images available
<kirkland> cjwatson: fair enough;  scraping should suffice for a first cut
<cjwatson> right, I scanned scrollback
<cjwatson> it's a good idea
<kirkland> cjwatson: thanks
 * kirkland is always nervous running ideas by cjwatson ;-)
<cjwatson> * cjwatson is now known as ogre
 * sbeattie recalls that stgraber add a manifest of some kind of official candidate images somewhere on iso.q.u.c
<sbeattie> s/add/added/
<hggdh> but there is an issue there -- right now, for example, iso.qa is open for alpha2 tests...
<cjwatson> heh, I generally like the idea of development-process indicators, we just haven't done many yet
<cjwatson> hggdh: well, we can clean up the metadata
<cjwatson> iso.qa is definitely the canonical place right now though
<hggdh> cjwatson: I agree.
<cjwatson> hggdh: I've hidden alpha-2
<cjwatson> (this may make it hard to test the indicator app though!  maybe stgraber or somebody can help you bring up a test instance?)
<RoAkSoAx> i guess the easies way to go would be to have a manifes at iso.qa
<hggdh> yes, this may be too restrictive. Or leaving it open (so that the bug references can be looked at) and adding a message/metadata "tests open/closed"?
<hggdh> RoAkSoAx: and how do you find out if the manifest is current?
<RoAkSoAx> hggdh: if the manifest is not empty :)
<RoAkSoAx> hggdh kirkland ok but first, if an image is in iso.qa, would that be the same image as in cdimage.u.c ?
<hggdh> it would be the same, yes
<hggdh> perhaps the easiest way would be to add metadata to the page when the tests are opened
<RoAkSoAx> hggdh: otherway would be something like having a .manifest with "alpha2 desktop" "alpha2 server" etc etc. when the images are available. when they are unavailable, then cleanup the manifest and leave it empty
<RoAkSoAx> hggdh: so that whoever tests the ISO with testdrive, he/she can just use the daily image in cdimage.u.c
<RoAkSoAx> hggdh: but the manifest will only server for the notification purpose
<RoAkSoAx> s/server for/serve
<hggdh> RoAkSoAx: I bite, it is workable -- cjwatson, agree?
<hggdh> and who will do it?
<geekbri> I have to say, ubuntu is easily the best distro to use with EC2.  Thanks anybody in here who is involved in that :)
<RoAkSoAx> hggdh: yeah cause be pretty much the same approach as the .manifest-daily on cdimage.u.c. If the image is available, make it available, if not, don't. So in the tracker, if the ISO image is available in the tracker, make it available, so that testdrive can make a notification
<RoAkSoAx> and then, testdrive will poll that tracker manifest every X seconds/minutes/hours and make the proper notification
<cjwatson> hggdh: if it's autogenerated by the ISO tracker, sure
<cjwatson> but I don't know that codebase
<stgraber> cjwatson,sbeattie : what's up ?
<hggdh> stgraber: welcome, sir!
<hggdh> stgraber: we are discussing how we can automate announcements of a new ISO candidate
<sbeattie> stgraber: IIRC, you added a path to iso.q.u.c that published the paths of the current isos under testing.
<sbeattie> s/path to/path on/
<hggdh> patch?
<sbeattie> stgraber: I don't recall what that path was (the dl-iso script doesn't make use of it)
<sbeattie> stgraber: (by paths, I mean it published the urls on cdimages to the isos)
<sbeattie> stgraber: do you recall the path on iso.q.u.c where that got published?
<lucascastro> someone already has used virtualbox-4.0 on lucid ?
<rossouwap> Does anybody know if Ubuntu runs on an HP DL385G7 Server - AMD Opteron 6172 processor?
<stgraber> sbeattie: good question, I remember I implemented that but I don't remember the URL, let me have a quick look.
<stgraber> sbeattie: /dllist apparently
<stgraber> yep, seems to work, though there's nothing on iso.qa.ubuntu.com yet
<sbeattie> stgraber: 404s for me, hrm.
<stgraber> sbeattie: iso.qa.ubuntu.com/qatracker/dllist
<sbeattie> stgraber: ah, cool!
<stgraber> not sure what the format is though, if I were to re-implement that now, I'd do it with a json interface like I did for my other Drupal project (Edubuntu weblive)
<sbeattie> hggdh: okay, there's the URL for testdrive to monitor for candidate isos/images: http://iso.qa.ubuntu.com/qatracker/dllist
<hggdh> RoAkSoAx: ^
<sbeattie> stgraber: IIRC it's just a straight list of URLs, no JSON or anything like that.
<hggdh> I understand that if the dllist is empty, there is no test currently scheduled
<hggdh> correct?
<stgraber> sbeattie: yeah, I remember it's plain text, not sure if that's just URL or if it also exports the name of the build and version (though that can be guessed from the URL)
<stgraber> hggdh: yep
<hggdh> RoAkSoAx: sounds easily implementable on testdrive
<RoAkSoAx> hggdh: cool then. That will do
<RoAkSoAx> thanks
<RoyK> evening
<zul> SpamapS: i uploaded the FTBFS for handlersocket
<nhck> When installing WebDav on apache. How do I get it to create seperate directories for each user that logs in? like https://webdav.example.com -> user a logs in -> data gets mapped to his/her folder on the server.
<SpamapS> zul: muy bien, gracias. :)
<zul> SpamapS: bien sur
<Roasted_> at random times, ebox (zentyal) magically stops responding when Im on the web interface of it through my ubuntu server, but when I go to my ubuntu desktop edition server it works fine. Then if I go back to the interface on my laptop, its magically working. What gives?
<AntiSociaL> lol
<RoAkSoAx> smoser: btw will start looking into the ebs root snapshots thingy after I eat lunch, in the next half hour or so
<EtienneG> hey kirkland!  I see that you have reviewed a proposed likewise-open SRU for maverick and lucid back in December.  It's marked as "Needs fixing".  Any idea if anyone is looking after that?
<kirkland> EtienneG: sorry, no :-/
<EtienneG> kirkland, as reference, that's related to https://bugs.launchpad.net/ubuntu/+source/likewise-open/+bug/534629
<uvirtbot> Launchpad bug 534629 in likewise-open "AssumeDefaultDomain does not work" [Medium,Fix committed]
<EtienneG> kirkland, no, as in "nobody is looking after it", or no as in "I do not know if someone is looking at it"?  :)
<kirkland> EtienneG: "i don't know"
<kirkland> EtienneG: but "i doubt anyone is"
<kirkland> EtienneG: let me check the bug
<EtienneG> kirkland, ah, ok!  get it
<EtienneG> err, *got it
<kirkland> EtienneG: hmm, where's the patch?
<kirkland> EtienneG: what bug is in "needs-fixing" state?
<EtienneG> kirkland, not sure, that's bug #534629
<uvirtbot> Launchpad bug 534629 in likewise-open "AssumeDefaultDomain does not work" [Medium,Fix committed] https://launchpad.net/bugs/534629
<kirkland> EtienneG: ah, i see
<EtienneG> kirkland, seems like you reviewed a branch on December 8th, it's marked "Needs fixing"
<kirkland> EtienneG: i reviewed the patch as part of my patch pilot day
<EtienneG> kirkland, I am not 100% up-to-date on developer practice.  IIUC, the "Needs Fixing" tag mean the patch needs to be cleaned up, right?
<EtienneG> so I guess I have to poke the guy who did the original patch
<kirkland> EtienneG: https://code.launchpad.net/~ssalley/ubuntu/maverick/likewise-open/likewise-open.fix627272/+merge/38741
<kirkland> EtienneG: there's my review comments
<kirkland> EtienneG: quoting myself, "I'll be happy to sponsor this as soon as (1) is trivially fixed in your branch, and as soon as each bug is updated per (2).  Then, the package will go into the -proposed queue, and we'll need you or someone else to go through each of those 9 bugs and work their way through the reproduce instructions, noting if the new package fixes the known bugs and does cause regression."
<kirkland> EtienneG: the diff is HUGE for an SRU, Diff: 1427 lines (+1234/-32) 14 files modified
<kirkland> EtienneG: and it claims to fix 9 bugs
<EtienneG> kirkland, ok, got it
<EtienneG> kirkland, thing is: there's a lot of bug to fix in likewise-open
<kirkland> EtienneG: heh
<kirkland> EtienneG: yeah
<kirkland> EtienneG: it might make more sense to just get a newer version in lucid-backports
<EtienneG> kirkland, but then lucid-backport come with no commitment of maintenance
<EtienneG> kirkland, I will ponder the question
<kirkland> EtienneG: true
<kirkland> EtienneG: alright, well, if you or someone will update each of the bugs fixed by this branch with an SRU statement in the top, i will sponsor the upload to -proposed
<kirkland> EtienneG: where it will need a fair amount of testing
<EtienneG> kirkland, I think that can be arranged.  I will see if I can delegate that to one of my minion :)
<kirkland> EtienneG: coolio
<kirkland> EtienneG: poke me when done
<RoAkSoAx> kirkland: btw!! jsut remembered... can you please release a new PowerNap when you have a chance?
<kirkland> RoAkSoAx: sure
<RoAkSoAx> kirkland: and let's discuss the second stage thing for powersave later this week ;)
<lirakis> im thinking of trying out ubuntu server for the first time, but i wanted to better understand the packaging lifecycle before I choose LTS or not
<lirakis> does LTS have a fixed package set (versions) that just get security backports?
<lirakis> or do the actual package versions get update between LTS releases
<pmatulis_> lirakis: no release updates the major version numbers
<EtienneG> lirakis, version are frozen at release time, and all releases (including LTS) only get security fixes
<lirakis> got it.
<lirakis> and .. are there migrations between releases for a box that has already been installed?  or do you pretty much have to wipe out the box and restart
<lirakis> because, I would like the shorter release cycle of non-LTS ... but if it just means that every 6 months i have to reinstall ... thats not really worth it.
<lirakis> fortunately though, i guess... 10.04 was cut not too long ago, so its probably got very recent set of package versions
<lirakis> Is there some where I can check what versions of specific packages are for a release, without having it installed?
<lirakis> like... i need to have libnl > 1.1  and some other bits for building a wireless access point
<shauno> lirakis: packages.ubuntu.com can be a goldmine for that kinda info
<lirakis> thanks again - i will check it ot
<lirakis> *out
<lirakis> do you guys generally see more people running LTS, or non-LTS
<lirakis> just want to know which has a larger user & support base
<resno> lirakis: LTS
<shauno> I can only speak for myself,  but LTS
<resno> at least imo is the ebst
<resno> by defitiontion support will be strongest for LTS
<resno> "larger user" base? who knows really
<shauno> 6 months is great for a desktop where I constantly want more toys.  but it's far too fast for servers.  that'd give me 3-4 months of stable before I'm already testing upgrades again
<pmatulis_> lirakis: of course you can upgrade to the next release
<EtienneG> lirakis, same here.  I would stick with LTS unless you have a very good reason not to
<lirakis> well i know LTS is supported for a longer period of time ... so I guess it has more time to accumulate users.... but if it was significantly less popular, it wouldnt necessarily "by definition" have more suport base .. from a community perspective
<lirakis> okay ... sounds like LTS is the way to go ... and fortunately its a recent release
<resno> who knows/cares what the community does?
<lirakis> resno, ... so I can research other peoples mistakes, and solutions
<lirakis> :D
<resno> lirakis: ah...
<lirakis> im bound to make the same ones
<lirakis> but barring package versions .. ill get LTS
<resno> in my opinion LTS is the best way to go.
<lirakis> thanks for the info guys
<resno> i havnet even updated my desktops yet
<EtienneG> lirakis, one of the thing to watch out for is hardware support.  lucid has kernel 2.6.32.  As long as it support your hardware, your golden.  Otherwise, you will either need to go for a "regular" release, or use the lts backported kernel
<lirakis> EtienneG, thanks for the heads up - I am not running any hardware newer than ... 2-3 years old.
<lirakis> so I should be fine with 2.6.32.
<lirakis> centos 5 is running 2.6.18 ... and libnl was an issue with a kernel that old
<lirakis> this is my first foray into ubuntu based servers ... so again, i appreciate the info, thanks!
<resno> lirakis: what did you use before?
<lirakis> resno, centos for the last 5 years or so
<EtienneG> lirakis, you are welcome.  be sure to check the ubuntu server guide.  It's nowhere complete, but it does have some good info
<lirakis> and ... gentoo previously
<resno> lirakis: heh, im just testing out centos now :)
<hggdh> zul: using the test rig?
<lirakis> resno, centos 5.5 is so old ... and 6 is too long in the waiting
<zul> hggdh: just cempedak
<zul> gimme a couple of minutes
<lirakis> at least i have some options with ubuntu for whether or not i want a more up to date, but less stable system ... centos doesnt have that
<hggdh> OK. Please do not reboot now, I will reset the systems to Hardy, and (then) put cempedak back into default PXE
<hggdh> so you will not get booted to Hardy also ;-)
<lirakis> EtienneG, I bought the official ubuntu server book just to have around .. but i will use online docs for sure
<k4k> So, I've noticed that the placement of files for apache in ubuntu is different from what I'm used to (rhel based systems) which file would one place the DirectoryIndex in on ubuntu?
<guntbert> k4k: are you talking about index.html et al. ?
<resno> lirakis: i will say this, support here friendly then in #centos
<k4k> guntbert: yes
<lirakis> resno, thats a nice thing :D
<k4k> I'm used to that being in the /etc/httpd/conf/httpd.conf file
<lirakis> i also run ubuntu on all my laptops ... its  a god send after using gentoo for so long
<zul> hggdh:its all yours
<lirakis> ... but i dont really know how it works behind the scenes so much
<lirakis> so .. i thought using it as a server might give me the opportunity to learn more about htat
<lirakis> *that
<lirakis> ive never had to "administer" a debian based system really ... so .. i figured i might as well learn since im using it for all my desktops now
<resno> lirakis: heh, its funny we are going opposite ways. me into centos,. you away
<lirakis> yeah
<guntbert> k4k: look into /etc/apache2/sites-available and sites-enabled
<resno> although i hold debain near and dear to my heart
<k4k> guntbert: thanks I've been looking there, I'm assuming that's where they go, but there were no lines yet specified for "DirectoryIndex" in there so I was not sure
<lirakis> untill ubuntu .. i just didnt find debian a "reasonable" os to run.  very dogmatic etc.
<k4k> I'll try it and see what happens
<lirakis> ok .. LTS torrent is d/ling ... ill wipe out my box tonight and get started on it
<lirakis> im sure ill be around :D
<guntbert> k4k: seems the best way - I have no installed apache right now :-)
<hggdh> zul: it is safe, again, to reboot cempedak
<zul> hggdh: cool thanks
<kirkland> smoser: ping
<smoser> here
<kirkland> smoser: where's the best documentation for someone who wants to customize the Ubuntu EC2 AMI?
<smoser> there isn't really good documentation :-(
<smoser> but, for an ebs image, use 'create-image'.
<smoser> for an instance store private image use 'ec2-bundle-vol'
<smoser> with either of those routes, you really should not make things public, just because there is a high possibility of leaking things (your credentials and such accidently)
<smoser> if you want to do it "right", then download image from http://uec-images.ubutnu.com and mount loopback, chroot, do things, ...
<kirkland> smoser: he definitely wants to keep them private
<kirkland> smoser: okay, so the loopback/chroot is the "correct" method?
<smoser> then euca-bundle-vol or create-image if you can be private.
<smoser> loopback and chroot via some revision controlled script, yeah, is what i'd really suggest.
<k4k> OK I've been going around in circles here. I have apache site-available/default set to /var/www like normal. I have index.php set as a DirectoryIndex for that site. I have a2enmod php5 says it's enabled and I have my index.php file in the document root. However, it still wants me to download the php file, not show it to me.
<Pici> k4k: can www-data execute the file?
<k4k> www-data?
<Pici> k4k: The user that apache normally runs as.
<k4k> good question...I will be so ashamed if that's all it is...
<k4k> does there need to be the execute flag on the file or can it just be rw-?
<k4k> ...meh, just answered that for myself, didn't make a difference
<lenios> k4k, you'll need "AddType application/x-httpd-php .php" somewhere
<lenios> like /etc/apache2/httpd.conf
<mrothhh> were can i download a xen based ubuntu=server
<k4k> lenios: would that be apache2.conf or in the sites-enabled/IOB file I'm using?
<lenios> apache2.conf
<k4k> lenios: ok I did that right below line "DefaultType" and it still won't work, I'm now getting a blank "index of /" page
<lenios> when getting http://host/index.php ?
<k4k> no when going to http://host
<k4k> doing /index.php after it get file not found which means something isn't looking in the right place, but I've got all the files pointed at the directory with this php file in it
<lenios> in what directory is the index.php file?
<DodgeThis> can anyone help-me with nagios?
<lenios> (full path)
<k4k> /var/www/outboard/
<lenios> http://host/outboard/index.php ?
<k4k> and I have DocumentRoot set to that same path and <Directory /var/www/outboard/> set as well
<lenios> oh
<lenios> does it work with an html file?
<k4k> let me check
<DodgeThis> how can i add hosts to nagios?
<k4k> lenios: nope, so it's definitely looking at the wrong directory me thinks
<lenios> i think so too
<k4k> what else could be telling it where to look though?
<k4k> omg I got it
<k4k> how stupid
<k4k> for future reference, if anyone cares. Moved /outboard to /opt/outboard and re-pointed sites-available/IOB to point there instead and it worked...had to have been permissions related
<soren> k4k: Uh.. You kept saying it was in /var/www/outboard/?
<RoAkSoAx> kirkland: something like this? http://me.roaksoax.com/Screenshot.png
<RoAkSoAx> SpamapS: ^^
<DaBeast> random question; how can i chmod my file to look like this? -rwxr-xr-x 1 root root 3000 2007-03-06 22:40 /etc/init.d/rtorrent
<DaBeast> i did sudo chown -R 0755 /etc/init.d/rtorrent
<DaBeast> but now its -rw-r--r-- 1 755 root 4394 2011-02-08 22:23 /etc/init.d/rtorrent :p :s
<patdk-lap> why not a chmod?
<DaBeast> whoops, pasted a second smiley :p
<DaBeast> dunno, is there a difference?
<patdk-lap> man chmod
<patdk-lap> man chown
<DaBeast> k
<SpamapS> RoAkSoAx: thats "bloody brilliant"
<DaBeast> how do i close the manual? lol
<air^> q
<DaBeast> thx
<DaBeast> got it, thanks
<RoAkSoAx> SpamapS: hehe now the hard part >P make it work rather than just display it lol!
<Roasted> does anybody know if there's a GUI for setting up freeradius on ubuntu?
<EtienneG> kirkland, regarding the likewise-open bugs we discussed earlier, if I want them to be SRU'ed in both lucid-proposed and maverick-proposed, I first need to confirm in each respective release, and then use "Nominate for series" to nominate them to lucid-updates and maverick-updates.  Correct?
<RoAkSoAx> EtienneG: correct
<EtienneG> RoAkSoAx, thx, mang!
<RoAkSoAx> no probs ;)
<EtienneG> RoAkSoAx, if I am not mistaken, it is the SRU team that add the verification-needed tag, right?  Or should I do it myself when I add the SRU blurb to the bug description?
<RoAkSoAx> EtienneG: correct! the SRU team is the one in charge of that
<EtienneG> cool beans, thx again
<DaBeast> Anyone know what LSB information is?
<DaBeast> update-rc.d: warning: /etc/init.d/rtorrent missing LSB information
<RoAkSoAx> EtienneG: so you should just get it fixed, get it uploaded or someone to sponsor the upload. Then the SRU team will put it in -proposed and add verification-needed for people to verify it actually fixes the bug.
<EtienneG> RoAkSoAx, got it!
<ZacLnxNewb> RoyK:  hi
<ZacLnxNewb> how's people?
<_Steve_P-T_> Hello everyone, Not sure if I'm in the correct place to ask about a vsftp problem?
<ZacLnxNewb> _Steve_P-T_:  try us
<ZacLnxNewb> _Steve_P-T_:  we hate FTP though
<_Steve_P-T_> I will ask it anyway, How you you share more folders in users other than there homes
<_Steve_P-T_> I was told to use the mount -- bind /folder   /userhome/folder    is that correct?
<ZacLnxNewb> _Steve_P-T_: can you repeat the question?
<ZacLnxNewb> _Steve_P-T_: I don't understand the question
<_Steve_P-T_> sorry, I will try again..
<_Steve_P-T_> How do I share floders with ftp users, SVFTP locks user into their homes. But I would like to give acess to other folders
<_Steve_P-T_> is the best way to  mount --bind /folder  /userhome/floder ?
<ZacLnxNewb> _Steve_P-T_:  right off the bat  everyone here would suggest SFTP
<ZacLnxNewb> _Steve_P-T_:  but for VSFTP it's probably in it's config, or it could possibly be as easy as sudo chown <user> folder
<_Steve_P-T_> ok thanks very much, will do some reading about SFTP
<ZacLnxNewb> _Steve_P-T_:  or changing directory permissions so that all users can view those folders.
<ZacLnxNewb> _Steve_P-T_:  what are you running?
<ZacLnxNewb> _Steve_P-T_:   I have a guiless ubuntu server
<_Steve_P-T_> I have running  ubuntu server 10.10 with vsftp  works fine
<ZacLnxNewb> _Steve_P-T_:  Then SFTP is already installed basically
<ZacLnxNewb> _Steve_P-T_:    I use putty to remotely manage my server from my windows 7 netbook.
<ZacLnxNewb> _Steve_P-T_:  and then I use FileZilla to connect via SFTP to the server.
<_Steve_P-T_> I also connect with PUTTY frm W7, mediatomb works fine. server is headless.
<_Steve_P-T_> I have an archive which I need to share with a number of users  whcih is spread over a number of folfers
<ZacLnxNewb> _Steve_P-T_:  in that case, connecting with a SFTP client is as easy as putting in your username and password that you use for putty
<ZacLnxNewb> _Steve_P-T_:  what ftp client do you use?  I use FileZilla, which has a  "File" -> "Site Manager" - > SFTP server connection area
<_Steve_P-T_> I think the term I was looking for was virtua folders, can SFTP creat those , Filezilla is used by the users
<ZacLnxNewb> _Steve_P-T_:  I believe so
<ZacLnxNewb> _Steve_P-T_:  to create a virtual folder, or link, I think that's     lk <fileorfoldername>  /wherever/wherever/
<ZacLnxNewb> _Steve_P-T_:  I warn you though, I'm a newb with linux. >.>
<ZacLnxNewb> _Steve_P-T_:  I was astouneded at how EASY it was for me to connect with SFTP
<ZacLnxNewb> _Steve_P-T_:  and how easy it was for me to get started, I was fearing a huge ordeal
<_Steve_P-T_> yes I know what you mean,
#ubuntu-server 2011-02-09
<Rallias> how do I tell sendmail to foreward mails over ssl port 587?
<twb> Don't use sendmail.
<twb> You ought to install postfix (or possibly exim4), or if it's a satellite host, possible msmtp.
<Rallias> twb: Sendmail is the only thing that will even accept mail, and I need to foreward mail to my other email account on hotmail.
<twb> Are you talking about sendmail-the-MTA or sendmail-the-API?
<twb> Because /usr/sbin/sendmail(8) is *not* always sendmail-the-MTA.
<Rallias> sendmail the mta
<twb> In that case, you're wrong.  Plenty of MTAs accept mail.
<Rallias> I'm not wrong. I'm going from something called EXPERIENCE.
<twb> Plonk.
<pmatulis> heh
<Rallias> believe it or not, I'm not as stupid as you may think I am.
<twb> Hint: if you ask volunteers for technical support, don't assume you know better than them.
<Rallias> I'm not.
<Rallias> I'm just saying you are calling me stupid and I don't appreciate that.
 * pmatulis re-reads
<pmatulis> nope, don't see any stupid in there
<Rallias> i'm sorry. I'm having a hard day today.
<Rallias> I must not have been clear. Every mta but sendmail is returning undeliverable whenever I try to send a test message.
<mike_miller> I'm trying to migrate a stock Ubuntu server instance to my own AMI(now that I've customized it). I'm following http://webkist.wordpress.com/2010/03/16/creating-an-amazon-ec2-ebs-ami-from-a-running-instance/. I get the following errors when booting the AMI: http://pastebin.com/ZvikvYGk.
<mike_miller> any ideas?
<mike_miller> (this is on Amazon EC2)
<Roasted> Has anybody ever set up FreeRadius on Ubuntu? I tried through a gui with Ebox (Zentyal) but it seems to have failed, and I'd like to install it manually or with another gui fi somebody can point me to a good guide to use or a good GUI to use.
<twb> mike_miller: AMI?
<pmatulis> Rallias: it's a matter of configuration.  postfix can forward to another address
<Rallias> pmatulis: Thats not my problem. My problem is that it won't even accept mail in the first place.
<mike_miller> amazon machine image. for the purposes of helping me, just think that I rsync'd over '/' to a device, and am hitting errors when booting from the device
<twb> Ah, right.
<mike_miller> "ALERT!  /dev/disk/by-label/uec-rootfs does not exist.  Dropping to a shell!"is the main error, I think
<pmatulis> Rallias: well, then it's an even more basic configuration issue then
<twb> Roasted: ebox is the web UI recommended by ubuntu/canonical, but personally I haven't been impressed with it, nor any other web UI.  I suggest doing it from the CLI and seeing how you go.  I haven't used freeradius, but I may be able to help with generic issues related to CLI use.
<Rallias> I just copied a working config from a different server with postfix, but it still won't work.
<pmatulis> Rallias: maybe pastebin output to 'postconf -n' as well as the full error logs
<twb> mike_miller: by-label is the ext2 filesystem label; it might not be correct or udev might not be updating /dev/disk/by-*/ on the fly.
<zairo> hi. ubuntu svr 10.10. i am following this: https://help.ubuntu.com/10.04/serverguide/C/certificates-and-security.html my error msg: caught SIGTERM, shutting down
<mike_miller> twb: https://forums.aws.amazon.com/thread.jspa?threadID=52633&tstart=-2&messageID=197585 says to run update-grub; I will try that
<Rallias> pmatulis: let me dig up an old archive that I have.
<twb> mike_miller: you could try passing root=/dev/X where X is something like sda1 or xda
<twb> mike_miller: you can also type "ls /dev/disk/by-label" into the rescue shell to see what IS there
<mike_miller> I can't see the rescue shell
<mike_miller> or
<mike_miller> I can see the output
<twb> mike_miller: ok
<mike_miller> might be able to get in somehow, but not sure
<mike_miller> is update-grub likely to solve the issue?
<twb> zairo: you're getting that from what command?
<twb> mike_miller: possibly, but I doubt it
<twb> mike_miller: update-grub tell it to use something other than root=/dev/disk/by-label/uec-rootfs
<zairo> tail /var/log/apache2/error.log
<mike_miller> twb: so what command should I try to fix the image up?
<zairo> twb: i think that i am having issue with certificate and key
<twb> zairo: that is not sufficient information.  Try pastebinning the entire error.log
<mike_miller> twb: I'm not sure what "I've changed it to /dev/sda1 as described in the Guide:" means. Do you have some insight?
<twb> mike_miller: OK, let me describe the boot process.
<twb> mike_miller: the BIOS loads the bootloader (grub).  Grub loads the kernel and ramdisk.  They then use the root=/dev/XXX option grub gave them to find the root filesystem, and they mount and enter it.
<mike_miller> where is that parameter set?
<twb> mike_miller: grub.cfg or menu.lst, in /boot/grub/
<mike_miller> everything is root=/dev/sda1
<twb> mike_miller: now, EITHER grub is passing the wrong value, OR grub is passing the right value, but something is wrong (e.g. missing drivers) in the kernel/ramdisk
<zairo> twb: only this: http://paste.ubuntu.com/564770/
<twb> mike_miller: it's hard to diagnose because you can't actually type diagnostic commands into the rescue shell.
<mike_miller> let me see if  I can get in
<twb> zairo: OK, you need to work out how to make apache emit more information.  It might already be doing so in /var/log/syslog.  I'm not familiar with apache, so wait patiently for someone else.
<twb> zairo: you can also try #httpd (the apache httpd channel)
<zairo> twb: somehow i think this more related to ubuntu rather than apache hu2
<twb> zairo: shrug.  You may be right.
<zairo> twb: here's my /etc/apache2/sites-avaiable/abc.conf http://paste.ubuntu.com/564771/ i think my cert file and key file is wrong
<zairo> step 6-8 in manual is quite confusing to me though https://help.ubuntu.com/10.04/serverguide/C/certificates-and-security.html
<twb> zairo: http://paste.debian.net/106975/ is what I have in /etc/apache2/sites-available/default-ssl, FWIW
<zairo> can i use the default?
<zairo> i mean default-ssl
<twb> I don't see why not.
<twb> It may not be best practice, I suppose.
<zairo> let me try using default-ssl first and see how the outcome
<donvito2> hello why i cant install tspc on my ubuntu
<zairo> twb: still the same error msg
<zairo> i mean does not match server name
<Roasted> Has anybody ever set up FreeRadius on Ubuntu? I tried through a gui with Ebox (Zentyal) but it seems to have failed, and I'd like to install it manually or with another gui fi somebody can point me to a good guide to use or a good GUI to use.
<zairo> twb: i'll ask on channel httpd. may be a good suggestion after all. thanks anyway bro.
<tf2ftw> i ssh-ed into my server and then lost power on my remote machine. I was in the middle of a dist upgrade. how can i check the progress of the upgrade now that im back on line with the remote?
<patdk-lap> did you screen it?
<tf2ftw> no
<tf2ftw> i was typing commands from my local computer :/
<patdk-lap> then most likely it died along with your ssh session
<tf2ftw> shit. apt locked too
<patdk-lap> well, see if apt is running
<patdk-lap> if not, most likely it's just a stale lockfile
<tf2ftw> yeah its locked
<twb> Grr, why is tcc i386-only in lucid
<tf2ftw> patdk-lap, thakns. how would i unlock it?
<twb> Ah, upstream didn't grow amd64 support until .25
 * twb grudgingly installs gcc on the varnish-flavoured reverse proxy
<uvirtbot> New bug: #715579 in krb5 (main) "krb5-kdc-ldap plugin crashes krb5-kdc sometimes when password policy is set" [Undecided,New] https://launchpad.net/bugs/715579
<isleshocky77> When trying to install ubuntu 10.04LTS it fails on installing the grub boot loader. I've done this setup with RAID 1 following the tutorials online. I believe the problem is I was never able to mark the root partition as bootable and I just moved forward anyways. 1, why would it not let me? 2, is there a way to mark it bootable after the fact. 3, can i install grub after without redoing the whole installation?
<twb> isleshocky77: are you using LVM?
<isleshocky77> no
<isleshocky77> twb: I don't believe so
<twb> Then I duno
<isleshocky77> Any idea why I can't turn the bootable flag on? I hit enter on it says it's doing something and then no change.
<cjwatson> the bootable flag doesn't make much difference anyway
<cjwatson> grub certainly doesn't care.  it's for legacy OSes
<isleshocky77> Oh, I figured that would be the only reason why it was unable to install the grub bootloader.
<cjwatson> DOS/Windows still cares about it, I believe
<cjwatson> what were the error messages?
<cjwatson> I wouldn't recommend guessing
<isleshocky77> cjwatson: Hold on I'm in rescue mode trying to install the bootloader again.
<isleshocky77> cjwatson: It seems to want me to partition the drive again in order to install the bootloader and is now giving me a warning up deleting things during the install. Does this sound right?
<cjwatson> I would prefer to work from the exact messages
<isleshocky77> cjwatson: Sorry. Is there any place I can find the error logs from the bootloader failing initially?
<cjwatson> don't know, it depends what package management tool you were using, but the most recent messages are most likely to be easily debuggable
<cjwatson> can you show me the output from what you're doing right now?
<isleshocky77> cjwatson: Currently it says "The file system on /dev/md1 assigned to / has not been marked for formatting. Directories containing system files (/etc, /lib, /usr,  /var, ..) that already exist under any defined mountpoint will be deleted during the install. Do you want to return to the partitioner?"
<cjwatson> uh
<cjwatson> that's not rescue mode
<cjwatson> that's an attempt to do a fresh install
<isleshocky77> I already installed the entire system up to the bootloader. It failed installing the bootloader so I hit continue without. I then loaded the cd back up and hit rescue mode.  Then it had an option for install bootloader. Hit that and it brought me back to the partitioner.
<isleshocky77> Yeah, that's what it sounded like to me as well.
<cjwatson> I don't think you actually selected rescue mode properly
<isleshocky77> If I go to rescue mode I can bring up a root shell in /dev/md1
<cjwatson> because rescue mode completely disables the partitionere
<cjwatson> *partitioner
<isleshocky77> ok, so I have "Enter rescue mode ... Device to use as root file system"
<cjwatson> pick whatever you used as your /
<isleshocky77> /dev/md0 is supposed to be my swap with /dev/md1 as my root. So I hit /dev/md1
<isleshocky77> So I now have a root prompt in /dev/md1
<isleshocky77> How can I get grub installed correctly and booting up /dev/md1 ?
<cjwatson> what are the device names for the drives that make up /dev/md1?
<isleshocky77> /dev/sda2 and /dev/sdb2
<cjwatson> (one thing though, if it crashed during the install, installing the boot loader isn't actually quite the last step in the installation, so your installation will have a few things a bit wrong)
<cjwatson> grub-install /dev/sda
<cjwatson> then if that works:
<cjwatson> grub-install /dev/sdb
<cjwatson> (oh, if you continued without installing a boot loader, that will have covered the last few steps in the installation, so disregard my last parenthesised comment ...)
<isleshocky77> cjwatson: /usr/sbin/grub-setup: warn: This GTP partition has no BIOS Boot Partition embedding won't be possible!. /usr/bin/grub-setup: error: embedding is not possible, but this is required when the root device is on a RAID array or LVM volume.
<isleshocky77> *GPT not GTP
<isleshocky77> cjwatson: Think it might have something to do with this:
<isleshocky77> https://bugs.launchpad.net/ubuntu/+source/partman-base/+bug/506670
<uvirtbot> Launchpad bug 506670 in partman-base ">2TB/GPT: Must warn if BIOS boot partition is missing (unbootable system!)" [Undecided,New]
<cjwatson> OK, so you'd better go and create one of those
<cjwatson> http://grub.enbug.org/BIOS_Boot_Partition
<cjwatson> has instructions on creating it
 * cjwatson -> bed
<cjwatson> I agree 506670 is a problem though
<DiagonalArg> Anybody up for a udev question?  I'm trying to figure out why this won't change my disk permissions: KERNEL=="md*", SUBSYSTEM=="block", ATTR{size}=="146483072", GROUP="vboxusers".
<isleshocky77> cjwatson: Thank you very much for trying to help me and listening. Think I got it.
<amin_> hi I need a ssh program which let me connect to server  and go through with my command even if I closed it and give my back the rest of process left when I log in again
<ecelis> amin_: use screen from your ssh session
<amin_> Does it do it?
<twb> Yes.
<twb> Or you could use nohup, dtach, or tmux.
<twb> Screen is the most popular, though.
<twb> e.g. ssh example.net nohup wget www/fred &
<twb> Er, ssh example.net "nohup wget www/fred &"
<twb> That will connect to example.net and run wget in the background, and it nohup will prevent wget aborting for lack of output terminal
<amin_> ecelis: is there any program like screen
<ecelis> tmux
<ecelis> why not use screen?
<ecelis> twb: gave you some other good options too
<twb> I should also mention byobu, which is a user-friendly wrapper around screen.
<twb> If you are new to screen, it is probably a good idea to use it
<SpamapS> I just heard about tmux for the first time recently
<SpamapS> they were talking about adding it to NetBSD since screen is GPL or something
<lifeless> SpamapS: hey
<lifeless> SpamapS: what was that bug you filed, api bug search being slow always
<twb> SpamapS: right; tmux uses a "please exploit me" license
<SpamapS> lifeless: long time ago, I think I accidentally said "give me all bugs"
<SpamapS> lifeless: I may not have been the original reporter.. its not in my +reportedbugs
<lifeless> SpamapS: :(
<lifeless> do you stil have the script that reproduces it?
<SpamapS> lifeless: possibly. standby, I'm expanding my search a bit more
<SpamapS> lifeless: https://api.launchpad.net/1.0/bugs ... I recall it was taking > 20s
<SpamapS> lifeless: takes 7.50s now
<lifeless> mmm, I thought it was more specific than that
<lifeless> anyhow, if its better, cool.
<SpamapS> lifeless: believe it or not.. I'm grepping my irc logs ;)
 * lifeless believes it
<SpamapS> hah..
<SpamapS> lifeless: this is the first thing I ever discussed in #launchpad-dev
<lifeless> :)
<SpamapS> lifeless: I was wrong, it was one that has gotten even better
<SpamapS> 11:15 < SpamapS> https://api.launchpad.net/beta/bugs/?assignee=clint-fewbar
<SpamapS> 11:15 < SpamapS> 11 seconds. :(
<lifeless> btw, /beta/ - bad
<lifeless>  /1.0/ or /devel/
<lifeless> SpamapS: its still 11 seconds
<SpamapS> yep
<lifeless> SpamapS: and you didn't file a bug for it ?
<SpamapS> I can't find one in my reported bugs
<SpamapS> maybe the irclogs will tell the tale
<SpamapS> lifeless: apparently the main result of the conversation was that you filed/"tickled" bugs that would give you better oops reports on API calls
<lifeless> oh yes
<lifeless> we have that now
<lifeless> though ++oops++ doesn't work
<lifeless> we get a header if a query genuinely oopses
<lifeless> I don't think we do that for soft oopses
<uvirtbot> New bug: #715640 in libezmorph-java (main) "Package does not generate Maven artifacts" [Low,In progress] https://launchpad.net/bugs/715640
<JenniferB2> Hi folks.. we have ubuntu server on a separate machine.. ssh using a login the specied login and password.. create a user for myself.. added to sudoers and gave a password... su myusername and enter password... all fine.. but my command line starts with a dollar $ and doesn't behave the same as the username I was given.. why not ? how can I fix this ?
<SpamapS> JenniferB2: su to a user name does not give you the env of the user completely.
<SpamapS> JenniferB2: try 'su - username'
<JenniferB2> No directory, logging in with HOME=/
<JenniferB2> $
<SpamapS> JenniferB2: ahh, how did you create the new user?
<JenniferB2> sudo adduser
<JenniferB2> not right ?
<SpamapS> that should be ok
<SpamapS> JenniferB2: somehow your user didn't get assigned a home dir
<JenniferB2> yeah.. it appears so
<JenniferB2> noithing under home
<JenniferB2> why not ? :(
<JenniferB2> try again ?
<SpamapS> yeah I suppose
<DigitalFlux> Hi Guys
<DigitalFlux> I'm writing an init script for an app that i have
<DigitalFlux> Should i go with upstart method on Ubuntu 10.04 ?
<DigitalFlux> The docs at upstart.ubuntu.com mentions some stuff that looks like it didn't land on 10.04 ..
<DigitalFlux> I have upstart 0.6.5-7
<SpamapS> my brain is a little bit fried so not really able to think right now. ;)
<SpamapS> DigitalFlux: upstart has changed very little since 0.6.5-7
<JenniferB2> SpamapS: sudo -s ; sudo adduser jen ; sudo adduser jen admin ; sudo passwd jen ?
<twb> SpamapS: like in that silence-of-the-lambs sequel
<DigitalFlux> SpamapS: Hmm, i see i have no initctl command
<DigitalFlux> no /etc/inittab ..
<SpamapS> twb: nolittle brain, fried ;)
<SpamapS> err
<twb> DigitalFlux: that's old stuff
<SpamapS> twb: take 2.. action.. "no that was a little brain, fried"
<twb> DigitalFlux: what are you trying to do?
<DigitalFlux> twb: Well, first of all, where can i write the events ?
<twb> DigitalFlux: here's a simple upstartization example: http://paste.debian.net/107012/
<twb> DigitalFlux: in 10.04 they're in /etc/init/
<DigitalFlux> Aha ! those are commands not config file directives ..
<JenniferB2> SpamapS: now it works.. I logged in as sudo -s ... earlier I did sudo adduser
<JenniferB2> from the non-root account
<DigitalFlux> Actually they are config file parameters but they should go under /etc/init too :)
<DigitalFlux> I thought that /etc/init files contains just the actions
<DigitalFlux> and the events should be written somewhere else
<DigitalFlux> So that initctl command is kinda deprecated ?
<SpamapS> DigitalFlux: no its not at all
<DigitalFlux> SpamapS: well, i can't find it with 0.6.5-7 with Ubuntu 10.04
<DigitalFlux> SpamapS: should i install an additional package or something ?
<SpamapS> DigitalFlux: what can't you find?
<DigitalFlux> SpamapS: the initctl command
<DigitalFlux> OK it is there :)
<SpamapS> DigitalFlux: if you don't have /sbin/initctl .. your system is broken
 * DigitalFlux dump me 
<twb> SpamapS: ah, sorry, I was thinking that was a binary that upstart didn't provide
<SpamapS> pretty important to the boot
<twb> Well, its aliases like "start" are
<SpamapS> initctl is too.. used to init some of the events
<SpamapS> anyway, I'm much to sleepy to think about this
 * SpamapS passes out
<twb> Yeah, because there's no event -> initctl symlink
<uvirtbot> New bug: #715686 in tgt (main) "tgtd should be respawned by init job" [Undecided,New] https://launchpad.net/bugs/715686
<Daviey> oh joy.
<atretes> Is there any eucalyptus experience here?
<atretes> I'm currently setting up a cloud base on 10.04 and I've downloaded a repackaged image from ubuntu uec but when I launch it into the cloud and attempt to ssh into it I get 'No route to host'?
<rkhshm1> hi all
<rkhshm1> I'm trying to build libaxis for eucalyptus and i get tihs error http://pastie.org/1544704
<rkhshm1> i would be grateful if anyone can give me some leads...
<rkhshm1> anyone here guys ?
<knxville> Do you recommend using a custom font for a banner or simple make a banner picture with the font in it?
<knxville> cause I have trouble using the custom font in my .css file.. Is there a way to see what "name" the server have registrered it under
<qman__> knxville, the server doesn't care what fonts you use, only the client rendering the web page
<qman__> as such, only fonts which the client has installed will work for that client
<qman__> if you want to use a font that you don't expect people visiting your web page to already have, you should make an image instead
<knxville> Alright! :)
<pmatulis> rkhshm1 + atretes: try #ubuntu-cloud
<uvirtbot> New bug: #715765 in krb5 (main) "Can't change kerberos password" [Undecided,New] https://launchpad.net/bugs/715765
<RoAkSoAx> morning all
<JamesPage> RoAkSoAx: morning
<zul> hey RoAkSoAx
<RoAkSoAx> how's it going today guys?
<pmatulis> fine
<JamesPage> RoAkSoAx: good thanks - any you?
<RoAkSoAx> JamesPage: with a flu... but good ;) thanks!
<JamesPage> nice :-)
<Roasted> anybody ever play with freeradius, or zentyal?
<atretes> pmatulis: thanks will try it
<Err404NotFound> i have a server with nfs mount in fstab, how do i assure that even if there are any issue in mounting it, server still boots up
<patdk-wk> with I knew
<patdk-wk> using the _netdev option is suppost to do that
<patdk-wk> but I can't get it to work, for me atleast
<Err404NotFound> hmmm
<Roasted> am I fighting a losing battle trying to set up freeradius?
<Roasted> I feel like I've been on every google and linux site that exists as well as a series of linux/server based chats, all without anybody saying oh yeah I know how to do this.
<alvin> Err404NotFound: subscribe to bug 275451, bug 504224 and bug 384347
<uvirtbot> Launchpad bug 275451 in sysvinit "nfs mounts specified in fstab is not mounted on boot. " [Undecided,New] https://launchpad.net/bugs/275451
<uvirtbot> Launchpad bug 504224 in mountall "NFS mounts at boot time prevent boot or print spurious errors" [Medium,Fix released] https://launchpad.net/bugs/504224
<uvirtbot> Launchpad bug 384347 in util-linux "_netdev not working" [Undecided,Confirmed] https://launchpad.net/bugs/384347
<alvin> Oh, he's gone already.
<Err404NotFound> If i am looking to have domain.com, www.domain.com, and www3.domain.com to be on https, i need a UCC SSL, right/
<alvin> Err404NotFound: For your previous question: subscribe to bug 275451, bug 504224 and bug 384347
<uvirtbot> Launchpad bug 275451 in sysvinit "nfs mounts specified in fstab is not mounted on boot. " [Undecided,New] https://launchpad.net/bugs/275451
<uvirtbot> Launchpad bug 504224 in mountall "NFS mounts at boot time prevent boot or print spurious errors" [Medium,Fix released] https://launchpad.net/bugs/504224
<uvirtbot> Launchpad bug 384347 in util-linux "_netdev not working" [Undecided,Confirmed] https://launchpad.net/bugs/384347
<uvirtbot> New bug: #715818 in ec2-api-tools (multiverse) "ec2-api-tools FTBFS in natty" [Undecided,New] https://launchpad.net/bugs/715818
<Err404NotFound> alvin: i used noauto in fstab, and used rc.local to mount the nfs volume
<alvin> Is that how far Ubuntu has come? Using rc.local to mount volumes... (I don't blame you though)
<JamesPage> hggdh: we need to talk minimal server install size for natty
<hggdh> JamesPage: let's do it
<JamesPage> OK so the test case say 'less than 500MB'
<Roasted> radius
<Roasted> anybody
<hggdh> JamesPage: yes. I found it -- on manual install -- to be 529 M
<JamesPage> hggdh: so todays amd64 ISO minimal install was 602MB - was the 529MB a i386 or amd64 install
<JamesPage> todays i386 was 577MB for reference
<RoAkSoAx> win 9
<RoAkSoAx> arggh
<hggdh> JamesPage: weird. an i386 was around 519, amd64 529
<JamesPage> so a few questions then;
<JamesPage> a) are we installing the right kernel - its passing in the tests so I would assume so
<hggdh> agreed
<JamesPage> b) that makes the testing overlay huge! Maybe the python libraries we are using are doing something odd.
<hggdh> it might be. A way of findinf out our direct overhead is to manually install the minimal, measure, and then install our packages and measure again
<hggdh> then run the tests and measure again
<hggdh> JamesPage: and now we save the d-i syslog, one more M in the pot
<JamesPage> The overlay installs the following packages; openssh-server python-couchdb subunit python-subunit python-junitxml
<JamesPage> hggdh: have you got a handy minimal install kicking around?
<Roasted> Has anybody used a GUI called "dialupadmin" for use with FreeRadius? If so, please inquire.
<JenniferB2> Hi folks.. I am trying to ssh to a server and have the username and password already filled in as part of the url... what is the syntax and command ? >> ssh jen:mypassword@192.168.2.1 ... I thought that was it.. but I am being logged in as user jen:mypassword and asked for a password
<hggdh> JamesPage: no, not now (had to reinstall)
<JamesPage> OK - I'll install one now....
 * patdk-wk notes ssh != wget, ssh doesn't use url's
<patdk-wk> ssh jen@192.168.2.1
<patdk-wk> type in password
<hggdh> JamesPage: and right now I am running some SRU tests on Hardy under KVM, so my laptop is, ah, busy
<JamesPage> hggdh: whats killing your performance at the moment? bonnie++?
<cjwatson> JamesPage: do you have the d-i syslog from that minimal install?
<hggdh> cjwatson: they are all saved now :-)
<cjwatson> hggdh: URL?
<JamesPage> cjwatson - yep - finding one now
<JamesPage> cjwatson: http://hudson.qa.ubuntu-uk.org/job/natty-server-i386_minimal-virtual/ws/66/test-results/d-i-syslog.log/*view*/
<JamesPage> JenniferB2: if you are trying to avoid having to interact i.e. type in a password to login to the server I would suggest you setup key based authentication.
<hggdh> heh JamesPage was faster by a *lot*
<hggdh> cjwatson: full logs for this run: http://204.236.234.12/job/natty-server-i386_minimal-virtual/66/artifact/66/test-results/
<JamesPage> hggdh: must fix that annoying bug where all workspaces contain all every test result - its no longer required....
<hggdh> JamesPage: yes... I found it the hard way, when my /var went backrupt
<JamesPage> JenniferB2: take a look at the SSH Keys section of the server guide - https://help.ubuntu.com/10.04/serverguide/C/openssh-server.html
<JamesPage> hggdh: oops - its on my todo list just have not had time.....
<cjwatson> your testing overlay certainly pulls in a non-trivial amount of cruft
<hggdh> cjwatson: yes. But even on a manual install it was 19/29M over
<cjwatson> yeah, there's definitely unnecessary stuff here
<hggdh> i.e., no hudson overhead
<cjwatson> I'm sure you can live without language-selector-common, say
<cjwatson> or indeed language-pack-en
<Roasted> Has anybody used a GUI called "dialupadmin" for use with FreeRadius? If so, please inquire.
<hggdh> cjwatson, JamesPage: for reference, this is bug 712145
<uvirtbot> Launchpad bug 712145 in ubuntu-meta "ubuntu-server JEOS ISO install uses 519M of storage" [Undecided,New] https://launchpad.net/bugs/712145
<cjwatson> yeah
<cjwatson> I'll have a poke at the preseeding after meetings
<patdk-wk> heh, upx :)
<ChrisBuchholz> Hello. How would i change the ssh port 22 to port 443 on my 10.04.1 server?
<compdoc> 443 is an https port, no?
<RoyK> ChrisBuchholz: see ListenAddress in sshd_config (5)
<ChrisBuchholz> and are there any security vulnabilities involved in doing this? I need this because a few of the places where i use wifi frequently only have port 80 and 443 open, so i cannot ssh to it to create an ssh tunnel there
<RoyK> compdoc: normally used for https, yes
<ChrisBuchholz> compdoc: yes, but read ^^
<RoyK> ChrisBuchholz: should work
<ChrisBuchholz> RoyK: i will check it out
<RoyK> ChrisBuchholz: you can start one manually too, sshd -p 443
<ChrisBuchholz> RoyK: but wouldnt i need to let openssh on the server accept ssh requests on port 443, no?
<RoyK> ChrisBuchholz: sshd is the ssh server, so yes :P
<ChrisBuchholz> RoyK: oh, i just read `ssh -p 443`;)
 * RoyK hands ChrisBuchholz his glasses :P
<ChrisBuchholz> RoyK: would there be any vulnabilities involved? Do i need to remove 443 as a https port or something?
<RoyK> different processes can't listen to the same port
<ChrisBuchholz> and what will i sacrifise by doing this?
<RoyK> but no, it shouldn't be any security problems with it
<RoyK> gotta go - bbl
<ChrisBuchholz> bye
<ChrisBuchholz> okay, now it works on port 443.
<compdoc> its not likely that anyone would try to connect to 443 with an ssh client - should be safe
<ChrisBuchholz> compdoc: sounds great. I checked today that 443 is open, so i hoped im not mistaken
<compdoc> you dont run apache?
<compdoc> httpd?
<ChrisBuchholz> now i just need to get irssi to use my SOCKS-proxy, which uses the ssh-tunnel, and i should be able to use irssi in school
<ChrisBuchholz> compdoc: yeah, i run apache
<compdoc> good luck - gtg
<ChrisBuchholz> stupid university-it-administrators
<ChrisBuchholz> okay, bye
<EtienneG> kirkland, as you saw, we're getting busy with likewise
<EtienneG> we'll beat the thing into shape, promised
<kirkland> EtienneG: nice ;-)
<ChrisBuchholz> I just noticed, that now i have added the "ListenAdresse 0.0.0.0:443" to my sshd_config, and i now can ssh'e on port 443, ssh on port 22 doesnt work, even though sshd_config still have "port 22"
<ChrisBuchholz> Isnt it possible to have both applied?
<shauno> I believe you should be able to have two Port lines, but without the :443 on ListenAddress
<kirkland> RoAkSoAx: uploaded powernap 2.3 last night
<RoAkSoAx> kirkland: yeah saw it!! thanks ;)
<zul> EtienneG: good because the person who tested is gone ;)
<EtienneG> zul, who was that?
<zul> EtienneG: ttx afaik
<ttx> ... and it was a bit painful ;)
<ttx> that said, last time I looked, it was owned by Likewise and proxied by the Desktop team
<EtienneG> ttx, I've got a minion doing it
<zul> EtienneG: huzzah for minions
<EtienneG> talking about minion, here he is
<ehw> hey now
<EtienneG> kirkland, ttx, zul, be nice to ehw, I have the poor guy install Windows and stuff
<zul> muhahahhahahhahaa
<highvoltage> where do you get these... minions? I want ones too :(
<ehw> 7 years win-free and now I'm elbow deep in ads :(
<EtienneG> highvoltage, that's the thing: I don't get them, they come to me!
<EtienneG> highvoltage, btw, just curious, are you in Sherbrooke these days?
<ehw> (or get volunteered by their managers)
<highvoltage> EtienneG: yep, I am indeed!
<ttx> Ah I remember that. Did it once, saved it in a VM
<EtienneG> highvoltage, cool!  Welcome, my new compatriot!
<zul> heh i amost went to school in sherbrooke
<ttx> so that I didn't have to set up ADS ever again
<EtienneG> it's a nice city
<highvoltage> EtienneG: :)
 * highvoltage -> Lunch
<EtienneG> same here, off for lunch
<JamesPage> hggdh: my minimal amd64 virtual install is only 466MB!
<hggdh> JamesPage: now I am confused
<hggdh> JamesPage: I will repeat it
<JamesPage> hggdh: I did the F4/Minimal virtual install option on the first boot menu - that was right?
<ChrisBuchholz> shauno: can you further describe how to do it?
<JamesPage> hggdh: overlay looks to be +44MB installed
<hggdh> JamesPage: yes
<hggdh> I will repeat now
<ChrisBuchholz> shauno: okay, it seemed i could just ditch the ListenAddresse and just specify two Ports
<DaBeast> How can i see on how much ghz the server is running?
<JamesPage> hggdh: it could be that the autotest preseed does not disable kernel headers - 96MB installed - which would get us to about the right ballpark
<JamesPage> hggdh: whereas the preseed on the ISO does disable installation of headers....
<hggdh> JamesPage: hah!
<hggdh> so it is a fluke...
<JamesPage> hggdh: may just need a preseed template change then!
<hggdh> aye
<RoAkSoAx> win 2
<RoAkSoAx> arg
<Roasted> freeradius. anybody.
<cjwatson> JamesPage: where do the autotest preseeds live?
<cjwatson> JamesPage: I would like to be able to modify them when I change CD preseeds, if possible
<cjwatson> JamesPage: I think we should remove language-selector-common and language-pack-en from the minimalvm profile as well - do you agree?
<JamesPage> cjwatson: the preseeds are templated in the ubuntu-server-iso-testing project
<JamesPage> cjwatson: https://code.launchpad.net/~ubuntu-server-iso-testing-dev/ubuntu-server-iso-testing/trunk
<JamesPage> cjwatson: however at the moment any preseed change needs a re-package of the project; this is not great.
<cjwatson> as in an upload to natty?
<JamesPage> cjwatson: I have it on my TODO list to put the test metadata including the preseed templates into a separate branch so make this easier to manage
<JamesPage> cjwatson: no - its PPA managed at the moment
<JamesPage> cjwatson: not sure about removing  language-selector-common and language-pack-en from minimalvm profile; are they completely superfluous in a minimal install?
<cjwatson> I think so
<cjwatson> language-selector-common is so that you can determine which language-support packages to install, and they're mostly desktop
<cjwatson> actually, given the current preseeding, it's a bug that it's installed
<cjwatson> I suppose language-pack-en is fairly harmless to keep, and might be slightly useful in cases where C isn't the same as en_US
<patdk-wk> my servers installed via 10.04 minimal have 4 language packs installed, nothing depends on them
<cjwatson> it's under a megabyte anyway
 * patdk-wk wonders why language-pack-gnome-en(-base) is installed
<cjwatson> I'm more worried about l-s-common pulling in half the lower desktop stack
<cjwatson> patdk-wk: didn't seem to be in the natty log JamesPage provided
<patdk-wk> ya, this is a 10.04 install :)
<cjwatson> so I assume that's been fixed
<patdk-wk> just seening what I'm currently on my servers :)
<JamesPage> OK suggest we remove language-selector-common but keep language-pack-en
<JamesPage> (as its so small anyway)
<cjwatson> do you know the fix you need for headers?
<patdk-wk> hmm, on 10.04 it's hard of ubuntu-standard? changed in natty?
<JamesPage> yep - just picked it from the preseed on the iso image itself.
<cjwatson> no, language-pack-gnome-en has never been part of ubuntu-standard
<patdk-wk> no, language-select-common
<cjwatson> oh, yes, that used to be in standard
<cjwatson> JamesPage: lp:~ubuntu-cdimage/debian-cd/ubuntu data/natty/preseed/ might be generally more convenint
<cjwatson> *convenient
<JamesPage> thanks for the pointer.
<NoiseEee> im on ubuntu server 10.04, i've set a static IP via "/etc/network/interfaces" properly, and its been great.  then without word, reboot nor warning, I was just given a DHCP address.  I've since done a " /etc/init.d/networking restart" and I'm back with my specific IP, but any idea how that happened??
<RoyK> NoiseEee: if for some reason the dhcp client is started (manually), it'll ask for an IP and override whatever's set
<RoyK> but there is no way ubuntu will start that unless you tell it to do so
<NoiseEee> yeah i would figure as much :\
<RoAkSoAx> kirkland: still around?
<JamesPage> hggdh: I can pickup the preseed template update tomorrow if you like
<cjwatson> JamesPage,hggdh: pkgsel uploaded, should get rid of language-selector-common
<hggdh> JamesPage: if you do not mind, thank you, I am in the middle os the kernel SRU tests, and figuring out all the multiple issues on them :-(
<hggdh> cjwatson: thank you very much, sir
<JamesPage> hggdh: will do first thing
<hggdh> JamesPage: IOU, dear sir
<JamesPage> cjwatson: thankyou!
<kirkland> RoAkSoAx: yo
<RoAkSoAx> kirkland: is this what you were thinking of? http://me.roaksoax.com/Screenshot.png
<Roasted> FREERADIUSSSSSSSSSSS
<RoAkSoAx> Roasted: http://ubuntuforums.org/showthread.php?t=151781
<RoAkSoAx> http://ubuntuforums.org/showthread.php?t=151782
<Roasted> been there
<Roasted> and there
<Roasted> weeeeeeeeeeee
<NightDragon> quick question -- is there software out there similar to deviantart's propriatary stuff that would allow image hosting/tagging/etc?
<Roasted> If I wanted to just launch OpenLDAP on Ubuntu, how would I do it? In synaptic I see ldap-utils but not openldap in particular. Curious if that's it or not
<EtienneG> Roasted, look for slapd instead
<EtienneG> not obvious, I know
<Roasted> why do you sya that EtienneG
<soupdegrace> Hello! I'm trying to build php 5.3.5 from source but I'm having some problems...
<EtienneG> Roasted, if you want the OpenLDAP *server*, look for slapd in synaptic.
<EtienneG> that's the name of the package
<Roasted> oh! I gotcha. I thought slapd was an atlernative to openldap. My bad.
<Roasted> EtienneG, I'm not seeing it in 10.04. Is it only in 10.10 repos or something?
<EtienneG> Roasted, it's there, look carefully!
<EtienneG> "slapd" is the package name
<zul> so yeah....mysqlclient fun
<bcessa> hi there, any one knows about some docs or stuff to get nginx + php-fpm working with PHP 5.3.2-1ubuntu4.7 on a 10.04 server, I keep getting some bad gateway errors
<SpamapS> zul: I'm just wondering if this has happened to any other libraries.
<zul> SpamapS: it probably has
<SpamapS> bcessa: as I understand it, the fpm that was included in 5.3.3 and earlier was fairly buggy
<SpamapS> zul: so making the soname libmysqlclient.so.16.1.0 would at least allow us to move forward w/o recompiling the whole world..
<zul> SpamapS: possibly we will have to test it again
<bcessa> oh, and any ideas on how to make it work properly? this apparently random bad gateway erros are really getting old quickly :/
<zul> SpamapS: but this is starting to give me the hebbie jebbies
<SpamapS> bcessa: You could try backporting the 5.3.4 package from natty, or try compiling the upstream fpm.
<SpamapS> zul: I think we need to give mysql a chance to respond more formally.
<SpamapS> That may also have been a poorly informed bug triager.
<zul> SpamapS: agreed
<bcessa> ok, looking into it, thnx
<zul> can you open up a bug agabout it
<SpamapS> zul: yeah I wanted to wait a few business hours to see if there was a response before doing so
<SpamapS> zul: mostly because that one is very highly rated on google searches for the error string
<zul> SpamapS: maybe talk to jpugh about it
<SpamapS> hehe.. yeah.. Oracle is going to say "see! just let us manage every ubuntu user's mysql.. we know better" ..
<SpamapS> and we're going to *laugh* *hard* and *loudly*
<zul> SpamapS: i mean he might have a contact that might be able to do something about it
<SpamapS> true
<RoyK> bcessa_: apt-get source the package, download the original source, copy the debian/ directory into the original source, dpkg-buildpackage
<RoyK> bcessa_: apt-get source the package, download the original source, copy the debian/ directory from the ubuntu source into the original source, dpkg-buildpackage
<bcessa_> RoyK amm let me give it a try
<SpamapS> zul: I thought we had 5.3.4 merged into natty already
<SpamapS> RoyK: thats going to get ugly actually.. there are a ton of patches in debian/patches
<zul> nope 5.3.3
<SpamapS> that have been applied upstream
<RoyK> SpamapS: for that particular package?
<RoyK> SpamapS: anyway - if building a package, it's easy to roll back
<RoyK> far easier than if installing from source
<SpamapS> RoyK: php5 ... yes.. php5 is a cherry picking machine
<RoyK> bcessa_: are you having problems with the current install?
<RoyK> if no, don't upgrade
<SpamapS> the fpm we shipped in lucid is really broken..
<SpamapS> RoyK: you may want to scroll back. He's having lots of issues w/ fpm.. most are known I'm sure.
<Roasted> EtienneG, hey you still out there?
<RoyK> SpamapS: wouldn't it be a good idea to fix it, then? an LTS release should, at least in theory, be somewhat stable.....
<zul> SpamapS: im thinking now punting it into universe
<SpamapS> RoyK: right, the fix has been at least discussed to backport the entire FPM module from 5.3.4 into the lucid php5 package...
<soupdegrace> crapfuck
<Pici> soupdegrace: Please mind your language here.
<soupdegrace> But.. but.. my Ubuntu Server just a launched a swarm of nanobots against me.
<soupdegrace> They look serious too
<soupdegrace> *Argh* they are ... turning ... my anatomy into .. grey goo
<soupdegrace> I'm melting over here! Just because I tried to build php5.3.5 from sources
<soupdegrace> Yes, my defence implants are starting to counter attack...
<soupdegrace> Whee - take that anti matter grenade, Ubuntu Server!
<SpamapS> zul: yeah, given http://bugs.mysql.com/bug.php?id=59106 too .. to universe it goes
<soupdegrace> Phew, that was a close one
<soupdegrace> Need to replace the server tho
<SpamapS> soupdegrace: Maybe also replace some of your meds?
<NoiseEee> hi folks, if i'm planning on making a folder on my Ubuntu Server system available to Windows, is it just "apt-get install samba" or is there something in addition i need?
<soupdegrace> My medichines? Not my precious medichines!
<SpamapS> NoiseEee: you'll need to share the folder .. if its permanent you'll probably want to add it to /etc/samba/smb.conf
<NoiseEee> SpamapS: gotcha.  but still, "samba" is the only package i need to install to get this up and running?
<soupdegrace> whatEVAH
<SpamapS> NoiseEee: if you just use basic user auth yes it should be pretty simple.
<NoiseEee> thanks SpamapS
<uvirtbot> New bug: #716026 in openssh (main) "regression: ssh-agent running but not working" [Undecided,New] https://launchpad.net/bugs/716026
<Roasted> has anybody tinkered with openldap on ubuntu?
<SpamapS> Roasted: its a popular use case.. covered well in the server guide
<SpamapS> !server guide
<SpamapS> !serverguide
<ubottu> The Ubuntu server guide may be found at http://help.ubuntu.com/10.04/serverguide/C/
<_Techie_> does anybody here have experience with linksys wireless N products, routers or modems?
<Roasted> SpamapS, do you know if there's a way in openldap to suck up the contents of an MS Ldap user base?
<uvirtbot> New bug: #716043 in sysstat (main) "Sync sysstat 9.1.7-2 (main) from Debian sid (main)" [Wishlist,New] https://launchpad.net/bugs/716043
<_ruben> i'll add ldap to my todo list again once support is there to store public keys in it and have sshd use em
<_ruben> native support that is, don't feel like doing my own patching
<SpamapS> _ruben: thats what kerberos is for
<mfraz74> I've only been running Ubuntu server for a little over a month now, but how do I know when after doing an update that the server needs rebooting?
<_ruben> SpamapS: you mean like SSO and stuff like that? i'm not fond of tieing my linux boxen into the corporate AD
<RoyK> mfraz74: it'll tell you during login
<mfraz74> RoyK: That's what I thought, but I've done kernel updates and not had a notification
<_ruben> SpamapS: and won't work for "outside" access
<RoyK> SpamapS: kerberos is the old three-headed dog that guards the entrance to Hades
<RoyK> mfraz74: log out, and then in, if the intro screen doesn't show "recommended reboot", don't worry
<SpamapS> _ruben: kerberos works fine w/o AD. The outside access problem of kerberos is indeed one that requires some thought.. IIRC there are ways to make it work w/o exposing your KDC's to the net and w/o requiring extra auth layers.. but I forget them at the moment.
<_ruben> i guess the "standard" option would be to use a nfs share for /home which would hold your keys .. but i'm no fan of nfs (for this purpose) either .. yes, i'm picky ;)
<NoiseEee> hi folks, don't know if i should take this to #samba, but for the life of me, I cannot get samba to recognize the workgroup name i've given in smb.conf
<NoiseEee> i'm always showing up in Windows under "WORKGROUP" which was the default... even after restarting smbd over and over
<NoiseEee> [global]   workgroup = NEWTHING
<Roasted> has anybody set up openldap before? I'm wondering how long the SASL/EXTERNAL authentication process takes. IT's been running for quite a while.....
<RoyK> NoiseEee: windows will cache that for a while
<RoyK> iirc ipconfig /registerdns will reset it
<NoiseEee> RoyK: It's even showing up that way when I'm browsing the "Windows Network" from another Ubuntu desktop box
<markatto> I was installing cacti, and I accidentally selected "apache" instead of "apache2" in the automagic setup scripts
<markatto> I have tried a remove/purge and reinstall, but every time it tries to install it for apache 1.x
<RoyK> NoiseEee: sorry, no idea
<lenios> markatto, try removing apache and installing apache2
<markatto> lenios: apache2 is installed
<markatto> i will check if it tried to install apache
<markatto> lenios: thank you, that seemed to do the trick!
<lenios> :)
 * markatto grubles about too much "magic" in his packages
<SpamapS> zul: http://bugs.mysql.com/bug.php?id=60061
<SpamapS> zul: a response to that bug (or both of the linked bugs) is required before we go anywhere with libmysqlclient from 5.5
<zul> SpamapS: cool i just subscribed to it
<pmatulis> is it possible to have a server request a dhcp lease upon cable connection like netwok-manager does on the desktop?
<pmatulis> dbus script perhaps?
<lenios> if there's no cable, isn't interface down?
<pmatulis> lenios: i suppose
<lenios> you must be able to force dhcient on ifup then
<_ruben> doesn't dhclient do that by itself already ?
<lenios> actually, i think it does
<zul> mathiaz: hey
<mathiaz> zul: hello!
<uvirtbot> New bug: #716097 in bind9 (main) "Sync bind9 1:9.7.2.dfsg.P3-1.1 (main) from Debian sid (main)" [Wishlist,New] https://launchpad.net/bugs/716097
<uvirtbot> New bug: #716099 in quota (main) "Sync quota 4.00~pre1-7 (main) from Debian sid (main)" [Wishlist,New] https://launchpad.net/bugs/716099
<robbiew> RoAkSoAx: well done on the indicator
<RoAkSoAx> robbiew: hehe thanks!
<clayd> I think i am missing something.  I have set up a apache server with php on ubuntu 10.04.  i have also installed postfix as i am under the impression i need that in order for php to send mail.  for some reason i still can not.  any thoughts on were to look for something the check?  sorry for being so open ended.
<mrmist> Check to see if you can send email outside of php. That should at least narrow it down to which component.
<clayd> i will give it a try
<_Techie_> Doesn't php use sendmail to send over postfix
<clayd> i think sendmail is installed when you install postfix
<clayd> i think
<_Techie_> Quite possibly,  but it never hurt to install it just incase
<mrmist> postfix is a sendmail replacement, it fudges the sendmail exe for compatibility
<clayd> i think my issue is in my postfix configuration
<mrmist> /var/log/mail.* might give you some clues as to what is wrong
<clayd> warning: unable to look up public/pickup: No such file or directory
<intel352> hey guys, can anyone suggest a good solution to ensure that a mount bind exists on reboot for chrooted environments (virtual hosting)? the chroots are created via a shell script, so it would be best to avoid having to add entries to fstab (or similar)
<mrmist> clayd: anything relevant on this page? http://ubuntuforums.org/showthread.php?t=666018
<metric> hello
<metric> can anyone help me get CVSD working?
<lirakis> metric, have you heard of git?
<lirakis> serious question.. not trying to be a jerk
<metric> lirakis, yes, I have also heard of svn :P
<metric> problem is I have a repo with like 50 projects totally roughly 20K lines of code
<lirakis> ok
<metric> and I need to move it from my windows server 2003 to ubuntu server and thought I installed everything correctly but when I do a "netstat -tap" its not listeneing
<lirakis> i havent set up a cvs server... ever  ... and an svn one in ages .. so im sorry i cant help
<lirakis> metric, do logs show anything?
<lirakis> errors, config issues etc.
<metric> which logs should I check?
<lirakis> whew...  ...
<lirakis> /var/log/ .... messages .... cvsd    ?
<metric> I've never used linux for anything difficult :P
<metric> give me a sec
<metric> lirakis, I got a couple errors, but nothing related to CVS
<metric> hmm I just tried to do a local checkout and it says no CVSROOT is specified
<metric> lirakis, i have to go, I'm gonna try again, thanks for the help so far
<lirakis> whew ... dodged that bullet
<AtomicSpark> Has anyone used/seen/heard of FOSS software that can interact with HP's Lights Out management or that can poll some of the health things on the server? Like check to see if any hardware has failed, etc.
<clayd> just wondering does a lamp server need postfix or sendmail in order to send mail?
<AtomicSpark> Yes.
<AtomicSpark> LAMP only includes apache, mysql, and fastcgi (php)
<AtomicSpark> (and their proper respective package names)
<clayd> thanks.
<stgraber> AtomicSpark: I don't know of any FOSS one, though the one shipped on the CD by HP usually works fine and can quite easily be integrated with nagios or similar monitoring system
<AtomicSpark> stgraber: I was thinking of adding an "icon" to byobu or something simular.
<AtomicSpark> I should have checked if the cd came with a linux binary or some such.
<mrmist> clayd: you can use either.
<clayd> what is that?
<clayd> wait... sorry
<clayd> my brain is slowly crapping out on me.
<AtomicSpark> I set up a mail server awhile back, never got it to work (gmail requires ssl) and I don't remember the steps I had taken. Oh well.
<stgraber> AtomicSpark: the cd usually comes with a debian repository on it and at least two useful tools, hpacucli and hp-health
<stgraber> hp-health is used for monitoring and is probably what you want to play with
<stgraber> hpacucli is to configure/monitor raid controller (smart array)
<clayd> yay.
<AtomicSpark> stgraber: Thank you. I'll look into that.
<clayd> mrmist:  that article you sent me to a bit ago helped.  sendmail and post fix were both running
<clayd> once i stopped sendmail everything is working
<mrmist> clayd: *nod* good.
<clayd> same back.  thanks a ton
<hallyn> is it me, or does the dovecot postinst file dealing sith postfix look whack?
<hallyn> it wants to only tweak postfi settings of POSTFIX_BCK doesn't exist.  But before checking -e $POSTFIX_BCK, it does mv $POSTFIX_BCK $POSTFIX_BCK-`date`, essentially
<hallyn> zul: in a 'debian/*.postinst' file, what is '$2' usually?  (where i can find that documented?)
<ZacLnxNewb> RoyK:  You on?
<ZacLnxNewb> I have a question, say I wanted to hook up speakers to my server and be able to play sound across the house, using my netbook as a remote.  What could I use?
<hallyn> PLUS ssh-agent keeps dying on me silently, once a day or so
<hallyn> hm
<SpamapS> damn.. launchpad ro...
<ZacLnxNewb> hi
<SpamapS> hallyn: debian policy defines what $1 and $2 are
<SpamapS> hallyn: I believe $2 is the old version or new version depending on $1
<ZacLnxNewb> SpamapS:  Hi. Do you think you could give me an answer? :p
<SpamapS> hallyn: http://www.debian.org/doc/debian-policy/ch-maintainerscripts.html
<SpamapS> ZacLnxNewb: good question. :)
<SpamapS> kirkland: don't you use a web app to manage your MP3 collection on a server? Does it have the ability to play the music server side?
<kirkland> SpamapS: yup, 'sudo apt-get install musica'
<hallyn> SpamapS: kewl, thanks
<SpamapS> ZacLnxNewb: ^^
<kirkland> SpamapS: oh, wait ... "server side"
<kirkland> SpamapS: what do you mean?
<ZacLnxNewb> kirkland: play the music at the server's side
<SpamapS> Its a cool idea
<kirkland> ZacLnxNewb: ah, no, not yet
<SpamapS> and makes sense really
<kirkland> ZacLnxNewb: i'm working on that part
<kirkland> ZacLnxNewb: i have some ajax hackery that should get that going one day
<kirkland> ZacLnxNewb: when i implement it, it will go into musica
<ZacLnxNewb> kirkland:  D: but we don't have any working examples yet?
<kirkland> ZacLnxNewb: not yet
<ZacLnxNewb> kirkland:  So you're building musica?  I look forward to it working.
<kirkland> ZacLnxNewb: i wrote musica in 1998 and continue to maintain it ;-)
<SpamapS> ssh: connect to host bazaar.launchpad.net port 22: Connection refused
<SpamapS> :(
<ZacLnxNewb> SpamapS:  3:
<ZacLnxNewb> kirkland: isn't there a lot of trouble with sound card support?
<kirkland> ZacLnxNewb: nope
<kirkland> SpamapS: Launchpad is undergoing maintenance and is in read-only mode. You cannot make any changes. You can find more information on the Launchpad system status page.
<SpamapS> kirkland: thanks. ;) I just want to bzr pull. :(
<kirkland> SpamapS: i think you have to use the bzr+ssh:// url
<kirkland> SpamapS: or the http url
<SpamapS> Or play sim city for an hour while they finish.. :p
<ZacLnxNewb> SpamapS:  Sim city 2000
<ZacLnxNewb> Good sir. >:3{=]
<SpamapS> ZacLnxNewb: #!#$^^==@#!..||op
<ZacLnxNewb> SpamapS:  What's that mean?
<SpamapS> When you can decipher it, you are ready for the knowledge it imparts.
#ubuntu-server 2011-02-10
<SpamapS> RoAkSoAx: hrm.. "  * debian/control: Switch to python-support; Add missing Dependencies." .. did you mean switch to dh_python2 ?
<twb> I thought dh_python picked either, and defaulted to -support
<SpamapS> Yes unfortunately the default is support, but there is a migration underway to eliminte everything except dh_python2
<SpamapS> Actually in debian/control I don't think anything has to be done.. dh_python2 is in the python package
<RoAkSoAx> SpamapS: right but still it depends on python-support
<RoAkSoAx> hggdh_: is there a way someone can generate test data for http://iso.qa.ubuntu.com/qatracker/dllist
<hggdh_> RoAkSoAx: I dont know -- stgraber or ara would be the best bets
<RoAkSoAx> hggdh_: ok cool :)
<RoAkSoAx> stgraber: still around?
<SpamapS> RoAkSoAx: hrm? What from python-support are you depending on?
<RoAkSoAx> SpamapS: build-depends
<twb> SpamapS: is dh_python2 the recommended way by the debian-python policy?
<SpamapS> twb: yes
<twb> Okey dokey.
<SpamapS> dh --with python2 .. or dh_python2 if you're old school
<twb> I don't package python stuff for the main archive, but I'll try to remember that in future.
<SpamapS> Its a transition that only started a few months ago
<twb> post-squeeze?
<SpamapS> But its now policy in the DPMT that if you touch a package, you migrate it to dh_python2
<SpamapS> for squeeze it was optional
<twb> Shiny
<SpamapS> wheezy I believe they plan to not have pysupport or pycentral anymore
<RoAkSoAx> SpamapS: that's why the changelog says switch to python support :P
<twb> And the win is that we end up with a single python support framework?
<SpamapS> RoAkSoAx: but the point is, python-support will be *gone*.
<SpamapS> twb: a single one, with all of the lessons learned over the last few years, yes. ;)
<SpamapS> ;)
<SpamapS> just in time for python 3
<RoAkSoAx> SpamapS: it doesn't really matter in my package cause im installing in debian/tmp/usr/lib/python*/*/
<twb> Yeah, I remember what it was like when debian-haskell were trying to get a working support structure.
<twb> While arch had a completely automated build whenever upstream made a new release :-P
<SpamapS> RoAkSoAx: why doesn't that matter? you're breaking w/ policy by putting files directly there. They're supposed to go into /usr/share/pyshared
<SpamapS> RoAkSoAx: which, dh_python2 handles
<SpamapS> essentially as long as setup.py lists your modules.. you shouldn't need to do anything
<RoAkSoAx> SpamapS: do ytou hve  a link to the policy for dh_python2
<SpamapS> Heh.. it would appear that this is all "mailing list policy" from the wiki's and web pages. How frustrating. Let me dig a little deeper.
<RoAkSoAx> SpamapS: cause dh_pysupport is "dh_pysupport is a debhelper program that will scan your package, detect public modules in /usr/lib/pythonX.Y/site-packages,"
<RoAkSoAx> obviosly the manpage is outdated
<RoAkSoAx> but that's why I'm installing there
<SpamapS> how embarassing. ;)
<SpamapS> for me I mean. ;)
<RoAkSoAx> lol
<RoAkSoAx> SpamapS: anyways, first time trying testdrive?
<SpamapS> RoAkSoAx: No I was looking at the changelog. I won't have time to try testdrive for a while.. the work is piling up
<SpamapS> RoAkSoAx: http://wiki.debian.org/Python/Packaging  is all I have.. a newbie guide which suggests only dh_python2
<RoAkSoAx> k thanks for the link
<SpamapS> RoAkSoAx: I'm quoting the mailing list for debian python modules team that they're working to replace all pysupport/pycentral w/ dh_python2 .. it seems they haven't quite made it canon law yet
<RoAkSoAx> SpamapS: and I personally use TestDrive for everything that involves downloading ISO's or quick tests as it is quick and simple
<RoAkSoAx> SpamapS: indeed
<RoAkSoAx> anyways, I gotta go check the mail
<SpamapS> RoAkSoAx: cool. :) I know it will be useful for some things I need to do soon. :)
<SoulPropagation1> hey, how can I get into a root shell automatically on login? I tried putting sudo -s in my .bashrc but that made it impossible to exit
<SpamapS> SoulPropagation1: uh, don't do that
<SoulPropagation1> SpamapS: why? I only log in for administrative stuff
<DaBeast> yes, but linux has exploits from time to time
<JanC> you don't care about security?  ;)
<SoulPropagation1> No, not really
<DaBeast> why not?
<SpamapS> SoulPropagation1: you can do administrative stuff without root
<SoulPropagation1> I don't feel like spamming sudo
<JanC> eh
<SoulPropagation1> because there's nothing on the box worth securing
<JanC> sudo lovesto be spammed
<SpamapS> SoulPropagation1: there's the other boxes it can connect to. ;)
<SoulPropagation1> nothing of value on there either
<SpamapS> sudo is like a fat hawaiian surfer.. eats spam all day!
<SpamapS> SoulPropagation1: so its not on the internet?
<DaBeast> SoulPropagation1: well, hackers can still exploit your server to use it as a spamserver, botnet or even ddos server
<JanC> SoulPropagation1: sudo's whole purpose of existence is to be spammed  ;)
<DaBeast> and if thats at home, your isp might disconnect you :p
<SoulPropagation1> right and if they could access it I don't think it would be that hard to forge my password twice
<DaBeast> well, like i said, there are exploits too
<SoulPropagation1> yeah I'm pretty sure there are easier better targets
<DaBeast> true
<SoulPropagation1> I mean.. I understand that most servers are relatively juicy targets, what with all sorts of backups on them and stuff and it's probably a good idea that you promote that level of security
<SoulPropagation1> but I don't exactly have much in the liquid assets department, nor do I have anything particularly useful worth taking from me. SO
<SoulPropagation1> can someone please tell me how to automatically go into interactive sudo when I log in without breaking bash?
<lifeless> sudo su -
<SoulPropagation1> in .bashrc?
<JanC> SoulPropagation1: the most valuable asset of your server would be to install a spam mail server or a proxy on it behind your back, not whatever data is on it...
<SoulPropagation1> JanC: I'm sorry but that's just not a big concern of mine. if I notice any devious shenanigans then I'll reconsider.
<qman__> juicy targets are easy targets
<qman__> and doing something like that would make you an easy and therefore juicy target
<JanC> SoulPropagation1: if you don't care, others will care (blacklist your and ask your ISP to disconnect you)
<qman__> yep
<nandemonai> Some spammers are smart too. You wouldn't even necessarily notice the missing bandwidth.
<JanC> right, you'll only notice after being disconnected  ;)
<nandemonai> Yup, seen it happen before.
<JanC> at which point fixing things gets difficult  :P
<nandemonai> heh indeed.
<SoulPropagation1> so you're saying that right now I can log into any server I want without needing to know a username or password?
<qman__> if you knew a new 0day exploit
<qman__> and they happen
<qman__> see the not-so-random SSH key fiasco a few years back
<nandemonai> May I pm you SoulPropagation1?
<SoulPropagation1> nandemonai: sure
<DaBeast> nandemonai has teh hax D:
<nandemonai> huh?
<DaBeast> "so you're saying that right now I can log into any server I want without needing to know a username or password?" where you say a couple of lines further "may i pm you" xD
<nandemonai> lol
<nandemonai> Not quite.
<airtonix> i am jacks twicthing elbow
<DaBeast> i know, it was a joke
<DaBeast> i'm so funny hurrr
<nandemonai> I'll say.
<DaBeast> anyways, sorry =)
<nandemonai> Na buddy all good.
<DaBeast> k :p
<Kiall> humm - does anyone have a maverick system they can test something for me on (what does "invoke-rc.d plymouth status" output?) .. it *should* give output but i'm not getting any :/
<donvito2> i just noticed
<donvito2> that my ubuntu-server is hacked
<donvito2> via ipv6
<donvito2> i found this
<donvito2> root@Maverick:~# ls
<donvito2> f  replay_arp-0119-010828.cap  tmp
<donvito2> is it possible to be hacked ?
<airtonix> how did you find it ?
<airtonix> did this "server" have a complete hard drive format before being installed with maverick ?
<donvito2> yes
<donvito2> i typed w
<donvito2> so my username donvito
<donvito2> was loged in from ipv6 ip that i dont own
<donvito2> i saw in bash history the commands are wroted
<donvito2> i found sudo su -
<donvito2> so than i foudn this ls
<donvito2> f  replay_arp-0119-010828.cap  tmp
<airtonix> isn't that an ettercap capture file ?
<airtonix> or an aircrack capture
<airtonix> does your server have a wifi interface ?
<donvito2> yes
<pmatulis> yes, google for 'ARP Request Replay Attack'
<airtonix> yeah its an aircrack replay capture
<airtonix> check if you have aircrack installed
<pmatulis> and change the root password, *now*
<donvito2> all ports
<donvito2> are closed now
<donvito2> box is under NAT
<pmatulis> donvito2: you should seriously consider re-installing
<donvito2> yep
<donvito2> doing that now
<airtonix> and install that thing that auto creates iptable drop rules on ip addresses which are the source of failed X number of logins within a certain time period
<stgraber> RoAkSoAx: I can't add any data there without sending an e-mail to everyone who's subscribed to these builds, sorry
<hallyn> SpamapS: around?
<uvirtbot> New bug: #716248 in sheepdog (universe) "lsb functions not being source in init script" [Undecided,New] https://launchpad.net/bugs/716248
<donvito2> how can i know what root typed
<donvito2> what actually user loged as root did to my server
<donvito2> what kind of commands etc
<thesheff17> donvito2: history
<thesheff17> donvito2: but there are ways to clear that as well
<donvito2> just found
<donvito2> what he did
<donvito2> what for is command less
<thesheff17> usually less is pipped to file so you scroll the file in the terminal example cat /var/log/auth.log | less
 * twb hits thesheff17 with the UUOC bat
<thesheff17> twb: what does that mean?
<donvito2> how can i get complete log
<twb> http://en.wikipedia.org/wiki/Useless_use_of_cat
<donvito2> what he did
<donvito2> i get only screen log
<donvito2> nothing more
<donvito2> i need more
<thesheff17> twb: thx...I have used that command for years: less < /var/log/auth.log :)
<thesheff17> donvito2: all I know is history...and what do you mean screen log?
<donvito2> well when i type history
<donvito2> i get just some commands
<thesheff17> usually it is limited to 1000 commands...maybe he executed more commands under a different user?
<twb> thesheff17: UUO <
<twb> thesheff17: less can open a file
<twb> It can even open >1 file, and use :n and :p to move between them
<thesheff17> twb: lol didn't know that either
<airtonix_> i'm having problems getting nfs-kernel-server to start : http://pastebin.com/ZsLdVg4P
<airtonix_> gah nvm
<airtonix> actually... it still doesn't want to start, citing : Cannot register service: RPC: Unable to receive; errno = Connection refused
<Ender> hi i'm trying to set up a samba share on my ubuntu server
<Ender> does anybody have a recommended guide they can point me to? i've seen a few posts on the forums but they can't seem to agree on what parameters to set
<twb> Ender: the Ubuntu Server Guide covers it
<Ender> kk
<airtonix> awesome! nfs-kernel-server won't start
<twb> airtonix: is it a VM or container?
<airtonix> twb: this is not a virtual-machine
<twb> Dunno then
<airtonix> http://pastebin.com/LLVZ6GsG
<jmarsden> airtonix: Does your kernel have the nfsd.ko module available to it?  "Won't start" is a bit generic... check logs for details?
<airtonix> jmarsden: i did : sudo apt-get install nfs-kernel-server
<airtonix> i expect a working nfs-server
<jmarsden> airtonix: That does not answer the questions I asked, though.
<twb> A novice was trying to fix a broken Lisp machine by turning the power off and on.  Knight, seeing what the student was doing, spoke sternly: âYou cannot fix a machine by just power-cycling it with no understanding of what is going wrong.â  Knight turned the machine off and on.  The machine worked.
<airtonix> jmarsden: because i don't know how to work out if it does im going to say "don't know"
<airtonix> jmarsden: http://pastebin.com/xkJAqT9U
<jmarsden> He went away?
<jmarsden> airtonix??
<airtonix> ok looks like something else is running on port 2049
<jmarsden> airtonix: sudo netstat -ntlp |grep :2049       # might tell you what that something is
<twb> jmarsden: rpcinfo -p
<twb> Or is that just for clients?
<twb> Obviously he'll also need an entry in exports(5)
<jmarsden> Not sure... but yes, i was wondering if the issue he has is lack of RPC myself.
<airtonix> nfsd[14745]: nfssvc: Address already in use
<airtonix> nfsd[1707]: nfssvc: Setting version failed: errno 16 (Device or resource busy)
 * airtonix rages
<jmarsden> Ah, so you are running the userland nfs server and now trying to install the kernel one at the same time?  This may not be wise.
<twb> Hear, hear
<Ender> would i be better off, performance wise, running a virus-scanned nat through a VM on a windows vista computer with a core 2 duo processor or directly on a p4 system?
<Ender> just anecdotally based on your experience or guesstimates is fine
<Ender> i'm sorry, i meant virus-scanned NAS, not NAT
<jmarsden> Ender: I wouldn't run VMs on Vista to start with :)  Having said that: If you expect the bottleneck to be CPU, and the VM has enough RAM, then the modern dualcore would probably win.  But if the bottleneck for your scanning is disk I/O... it'd be more even, I'd guess.  Can you install on both and then do some performance measurements? :)
<Ender> yes actually i can
<Ender> and i will
<Ender> eventually
<Ender> haha
<Ender> but right now i'm still learning the background on the task i have at hand
<Ender> started with the ubuntu server samba guide, but i didn't understand some stuff - so now i'm all over wikipedia, learning about ldap
<Ender> does anybody in here have any experience with or knowledge of openERP
<airtonix> jmarsden: ok assuming a fresh start, i removed all traces of nfs from my server that i was able to with apt-get
<Ender> if i'm preparing to create a samba nas on my school's network so that my co-workers can  have a local networked storage location, i should NOT configure Samba to be a WinNT Domain Controller right?
<jmarsden> Ender: Correct.  Also, for the sake of your own reputation, test SAMBA in your home or on a test LAN first, and get familiar with it, before deployment in a production setting such as a school.
<Ender> yeah that's what i'm trying to do
<Ender> but naturally the brilliant researchers in my lab bought a 215k piece of equipment to analyze their data without thinking about how they're going to transfer files to their workstations
<Ender> the euqipment is up and running but they all have to crowd around the damn thing like kids in  a lunch line to use it for analysis
<Ender> so i kinda need this running asap
<Ender> but your point is very, very well taken. and i'm currently working on it at home and i'm using a vm at work to test.
<Ender> The reason i ask about domain controllers is that the ubuntu server guide assumes you want to set it up as a domain controller and dives into setting up LDAP
<Ender> since i'm doing this test on my home server, is it a good idea to go ahead and do that just so i know that procedure too
<Ender> ?
<airtonix> Ender: if you've not played with ldap before then you're in for a learning curve
<airtonix> Ender: as a start, google for ubuntu bloke ldap samba
<Ender> ok i'm on that. one of the pre-requisites is "An NFS server exporting the users' home direcories"
<Ender> I don't think i have that.
<airtonix> i think the ubuntu bloke blog has a post on that too
<airtonix> but hey, i wouldn't know since i can't get nfs server to even run
<Ender> lolll
<Ender> blind leading blind
<airtonix> yeah so awesome hey
<airtonix> after removing nfs-kernel-server and restarting, there is still nfs-kernel-server files all over the place
<Ender> so in order to set up a windows-readable network share i have to run an nfs server, ldap server, and samba server?
<airtonix> no
<airtonix> you just need a samba server
<airtonix> you only need ldap if you want centralised authentication
<Ender> well i need the share to only be accessible to poeple in my lab
<airtonix> and you only need nfs if you want a network file share system that has less network traffic overhead than samba
<Ender> but all the workstations are independent, they don't authenticate over the network at all
<airtonix> you only need samba then
<Ender> why does the ubuntu server guide assume you need ldap?
<Ender> it says ldap is a means of managing users; without it you need custom scripts or some other method fo rmanaging users.
<Ender> so if not ldap, what then?
<airtonix> no
<airtonix> what are you reading by the way ?
<Ender> https://help.ubuntu.com/10.10/serverguide/C/samba-ldap.html
<airtonix> https://help.ubuntu.com/10.10/serverguide/C/windows-networking.html
<jmarsden> Ender: So you are reading a guide section that starts out "This section covers configuring Samba to use LDAP for user, group, and machine account information and authentication."  -- and now asking why it needs LDAP ??? :)
<airtonix> Ender: https://help.ubuntu.com/10.10/serverguide/C/samba-fileserver.html
 * Ender feels like an idiot
<airtonix> :)
<airtonix> reading slowly is required
<Ender> well at least i learned a lot about ldap from wikipedia (:
<airtonix> Ender: if you do bother to do something with ldap, i recommend this first : http://tuxnetworks.blogspot.com/2010/07/howto-samba-ldap-on-1004-lucid-short.html
<jmarsden> Ender: If possible, read all of Chapter 17 of the Server Guide, and then use the parts that are actually relevant to what you are trying to do.
<airtonix> jmarsden: ok apparently removing nfs-kernel-server doesn't actually remove it
<jmarsden> airtonix: You can try sudo apt-get purge nfs-kernel-server
<jmarsden> airtonix: Or you can rmmod the loaded kernel module, if that is your issue?
<Ender> sudo /etc/init.d/samba stop is not working. how do i stop samba so i can alter the smb.conf file
<Ender> oh nvm i figured it out
<jmarsden> Ender: sudo service smbd stop
<Ender> had to sotp the smbd instead
<Ender> yeh thx
<Ender> oh, service?
<Ender> i just used sudo stop smbd
<airtonix_> its a shortcut
<airtonix_> doesn't work with all services
<Ender> but sudo service <name> stop will work with all services?
<airtonix_> pretty much
<twb> Rather, service is a backwards compatbility layer for RHEL refugees
<Ender> so the real way uto do it is use /etc/init.d/<name> stop
<Ender> "real" *
<Ender> ?
<Ender> the no-i'm-not-a-RHEL-refugee way
<airtonix_> sudo apt-get remove nfs-kernel-server && reboot, (some time later) , sudo apt-get update && sudo apt-get upgrade && sudo reboot, (some time later), sudo apt-get install nfs-kernel-server : http://pastebin.com/4MkrUfEd
<airtonix_> yay for fail
<airtonix_> :(
<Ender> did you try the purge
<airtonix_> yes
<Ender> did you try to remove nfs-common
<Ender> purge* nfs common
<airtonix_> yes
<Ender> try to just install nfs-common
<Ender> how do you trigger the nfs-common configuration
<Ender> "dpkg --reconfigure nfs-common"??
<airtonix_> ok nfs-common isntalled and no errors yet
<airtonix_> http://pastebin.com/xJTRzJh1
<Ender> kayyyyyy
<Ender> and nfs-server??!
<Ender> what's the vi command to start editing at the end of the current line
<xampart> a(ppend)?
<Ender> no dice, that's to add at the current cursor location
<Ender> how's "a" different from "i"
<airtonix_> i prefer pico or nano
<airtonix_> less fluffing around
<airtonix_> then you actually use the home and end keys for what they were intended for
<xampart> my bad...not really comfortable with vi
<Ender> yeah but all the cool kids use vi
<Ender> lol
<airtonix_> only the ones that like to cut themselves
<xampart> =)
<Ender> oh, it's A not a
<Ender> on the right track to xampart
<Ender> thx
<xampart> \o
<Ender> tho*
<airtonix_> so installing nfs-kernel-server on ubuntu lucid is impossible
<airtonix_> that makes me so happy
<Ender> lol
<Ender> what happened? it was fine after nfs-common wasn't it?
<airtonix_> no
<airtonix_> i still have the problem with rpc
<xampart> impossible?
<airtonix_> apparently
<Ender> !impossible
<Ender> what is that?
<Ender> <ubottu> Sorry, I don't know anything about impossible
<airtonix_> it's where it can't be done
 * Ender experiences a segfault
<Ender> does not compute
<Ender> nah man it can be done
<Ender> maybe not tonight
<Ender> but it can and will be done
<jmarsden> airtonix_: (a) What makes you think you need the nfs-kernel-server in the first place?  What is so wrong about using a userspace nfsd ?
<airtonix_> pardon ?
<jmarsden> Either way should work fine... both at once probably won't.
<airtonix_> i'm pretty sure i haven't install any kind of nfs prior to this
<airtonix_> so why should somethin you call "user space nfs" be installed ?
<jmarsden> I've set up NFS on Ubuntu 10.04 before, it worked then... but you are claiming it is "impossible"?
<airtonix_> apparently it is
<airtonix_> http://dpaste.com/401214/
<airtonix_> refuses to start
<airtonix_> or rather refuses to install
<twb> jmarsden: the main thing wrong about it, is the speed
<jmarsden> OK, I'll create a Ubuntu server VM and install it... just to check...
<twb> FWIW nfs-kernel-server works on lucid just fine
<twb> Also hardy.
<jmarsden> That's what I thought too.
<jmarsden> But if airtonix_ says it is impossible for him, he can use the userspace one... he call.
<jmarsden> s/he/his/
<airtonix_> well why won't it install the lucid machine i have here ?
<airtonix_> ok so you think i have the user space nfsd installed. how do i remove it
<jmarsden> I'm not sure what you have and have not got installed, at this point :)
<jmarsden> Do you have a working portmapper?
<airtonix_> it restarts with out errors
<twb> airtonix_: if you haven't actually used this host for anything yet, it might be easiest to just reinstall from scratch, rather than us trying to work out how you screwed it
<Ender> is a mask like some kind of permissions facade or is it just a term to descibe the process of assigning permissions?
<airtonix_> twb: not an option
<airtonix_> twb: and btw i didn't "screw it"
<airtonix_> i just tried to install nfs-kernel-server
<twb> airtonix_: well it's screwed, and *I* didn't do it
<airtonix_> so then apparently nfs-kernel-server is broken on lucid at the moment
<twb> Ender: in what context?
<twb> airtonix_: plonk.
<Ender> smb.conf's [share] section parameters
<airtonix_> i fear to install anything else from ubuntu now
<twb> Ender: do you mean a umask?
<jmarsden> airtonix_: Failure to take responsiblity for your own actions => unlikely to get help here.
<Ender> the serverguide says set the "create mask" parameter to 0755
<airtonix_> jmarsden: ? i admit i ran " sudo apt-get install nfs-kernel-server"
<twb> Ender: OK, that's not a umask.
<twb> Ender: what that's saying is, if you don't ask for specific permissions, by default they will be 0755, i.w. rwxr-xr-x.
<twb> A umask is basically the same except the bits are reversed, e.g. in your case they would be 022.
<Ender> twb, right, so all files moved onto the smb share will be rwx by owner, rx by group, rx by everybody
<twb> Ender: unless the thing creating them further restricts it, yes
<Ender> twb, where is a umask useful
<twb> Ender: umasks are how unix does the same thing
<twb> Ender: e.g. if you run "umask" in your shell, it'll tell you that shell's current umask
<twb> Ender: it defines the (maximum) default permissions of newly created files
<Ender> twb, files created by the current user, i presume
<twb> Ender: in that shell, yes
<twb> umask is process-specific, and inherited from the parent process.  Typically it's set from some default when you initially log in, e.g. in /etc/profile or ~/.bash_profile
<Ender> why's the umask 0022 in a root-owned direcory like /etc the same as in my home directory
<twb> Ender: er, umask is PER PROCESS, not per directory.
<Ender> process specific.
<Ender> so if i run umask and it tells me 0022, that means what
<Ender> "any process you run here will operate with 0022 permissions"?
<Ender> ermmmm lemme do some reading on t his first
<jmarsden> Any new file you create here will not have group write or other write permission bits set
<twb> Ender: I was about to suggest that
<twb> Ender: http://en.wikipedia.org/wiki/Umask
<Ender> already there (:
<twb> Ender: if you don't already understand how binary and octal work, go learn those first.
<Ender> well i generally understand what binary is
<Ender> oh isee
<Ender> yes actually i did know that, but i've never used binary to specify file permissions
<jmarsden> airtonix_: http://paste.ubuntu.com/565266/
<twb> Ugh
<twb> "# do not edit this file, it will be overwritten on update"
<twb> So how am I supposed to disable you, you darn udev persistent-net-generator.rules?
 * twb tries a dpkg-divert
<airtonix_> jmarsden: thats good
<jmarsden> airtonix_: Exactly.  So... you messed with your server such that it breaks, and then refused to take responsibility for doing so.  Remember: "<airtonix_> so then apparently nfs-kernel-server is broken on lucid at the moment" ?
<airtonix_> jmarsden:  um no?
<airtonix_> jmarsden: i just tried to install an nfs server.
<Ender> is it better to use upstart than init.d to manage services that have been converted to upstart jobs?
<Ender> it keeps complaining when i use /etc/init.d to start/stop smbd
<Slyboots> Hi
<Slyboots> Uh.. not quite sure whats ahppened but my proxy "squid" service seems to have stopped and I cant figure out why or.. how to restart it
<Slyboots> Only thing in the logs is this "Feb 10 07:50:40 beluga init: squid main process (1401) terminated with status 1"
<Ender> have you tried /etc/init.d/squid restart
<Slyboots> No such command, nor does service squid restart work (so such service)
<Ender> did you recently install anything that might have broken it
<Ender> or uninstalled something
<Slyboots> Nothing for several days
<twb> Goddammit, why is my interfaces(5) file filled with mtab entries
<Ender> have you restarted your system to see if that fixes it?
<Slyboots> I was using it right up to the moment it crashed it .. just exited
<Ender> twb, it's probably because your squid proxy service is broken like Slyboots
<Slyboots> well the service has been running for two months without issue
<jmarsden> Slyboots:   What does    dpkg -S /etc/init.d/squid     output?
<Slyboots> dpkg: /etc/init.d/squid not found.
<jmarsden> Did you install squid from the Ubuntu package?  or some other way?
<twb> Ender: no it's because e2fsck is playing silly buggers
<Slyboots> Ahh.. think I installed it from the ubuntu repo
<Ender>  twb fsck added lines to your interfaces file?!?!
<Ender> baaaaaad
<jmarsden> Slyboots: OK, what does     dpkg -l squid      output?
<Ender> why isn't my samba share showing uppppppp
<twb> Ender: no it shuffled inodes around
<Slyboots> ii  squid            2.7.STABLE9-2ubu Internet object cache (WWW proxy cache)
<jmarsden> Slyboots: So... you installed it from a package, but something deleted the /etc/init.d/squid file.
<jmarsden> Do you have any idea what might have done that?
<Slyboots> Not in the slightest
<Ender> maybe it was just an fsck-shuffled inode
<twb> jmarsden: no, squid is an upstart job in 10.04
<twb> lrwxrwxrwx 1 root root 21 2011-01-26 14:15 /etc/init.d/squid -> /lib/init/upstart-job
<twb> OK, so that backwards-compatibility link should still be there...
<jmarsden> twb: I just installed it in a VM and   dpkg -S /etc/init.d/squid    works here ...
<Ender> yeah, plus he already tried service squid restart
<Ender> which is calling it as an upstart job right
<twb> Throw down debsums or cruft and work out what else is missing
<twb> Ender: yes
<Ender> well if it was installed from a package, why not just uninstall the package and install it from the repos?
<Ender> won't that re-generate the /init.d file?
<jmarsden> Ender: And we will have no idea what deleted bits of it, so most likely whatever did it will do it again...
<Ender> ah, yes, well...there's that, huh
<Slyboots> Mmm
<jmarsden> Slyboots:   sudo apt-get install debsums  && sudo debsums -g  && sudo debsums squid   # I think?
<Slyboots> Whats that do?
<jmarsden> Slyboots: We need to find out what other bits of the squid package have been deleted or corrupted, so we install the debsums package, generate sums for packages that have none already, and then test the ones for squid against the installed squid files.
<Slyboots> OKau
<jmarsden> Slyboots: But you can do just   sudo apt-get install debsums    and then read the man page, since you should not trust random people you meet in IRC, including me :)
<Ender> kkjj
<jmarsden> Ender: IRC is not vi :)
<Ender> rather, my samba share isn't working! why?
<Ender> lol
<Ender> seriously
<Ender> i should be able to browse the samba share form a linux desktop right
<Ender> or, for that matter, from a windows VM in side my ubuntuy desktop right
<twb> Ender: test it with smbclient on the server, then smbclient on another host.  Only *then* try a GUI client
<twb> jmarsden: I would be doing "debsums -S" or so, to ask it about ALL packages
<jmarsden> Ender: testparm /etc/samba/smb.conf  might also be wise
<Slyboots> Okay; ran the program and created the checkcumns
<Slyboots> But says "No checksums for squid"
<airtonix> jmarsden: btw, :) i didn't "screw anything up" nfs doesn't like ipv6
<airtonix> jmarsden: but hey thanks for your help
<Ender> you're using ipv6 on this server?
<airtonix> no
<airtonix> it's enabled by default
<Ender> so you disabled it and now it's working?
<airtonix> apparently
<Ender> wow cool
<Ender> how'd you disable it
<airtonix> http://www.webupd8.org/2010/05/how-to-disable-ipv6-in-ubuntu-1004.html
<airtonix> but obviously i'll need ipv6 at some point in the future so, not a foolproof plan
<airtonix> maybe i can disable it for the WAN interface only
<Ender> how do i run a samba client on the server
<Slyboots> Yea for some reason the system does not have the md5 sums for squid
<airtonix> Ender: smbclient
<airtonix> Ender: or did you mean something else ?
<Ender> no that's right, but i need additional arguments
<Ender> how do i use smbclient
<jmarsden> Slyboots:  Try  sudo debsums -p /var/cache/apt/archives/ -g squid
<jmarsden> Ender: Did you read its man page?
<Slyboots> No md5 sum or deb avaibable heh
<Ender> the man page is terrible for smbclient
<Ender> well i'm sure it's fine but it's late, i'm tired, and it's very voluminous
<Ender> but i found a website with the correct information
<Ender> and yes, i can see share on smbclient run from the server itself
<airtonix> but ?
<Ender> but i can't access it form other systems on the network
<jmarsden> Slyboots: sudo apt-get -d squid --reinstall
<jmarsden> Slyboots: And then   sudo debsums -p /var/cache/apt/archives/ -g squid
<Ender> wtf i can view the share using smbclient from my ubuntu box but i can't open it in the gui
<jmarsden> Ender: There is a GUI on your server???  How did that get there?
<Ender> i'm getting tired and being unclear. i apologize.
<Ender> i'm running the gui on my desktop
<Slyboots> jmarsden: Okay; it reports.. All OK
<jmarsden> OK.  Does the server run any kind of firewall/packet filter?  ufw maybe?
<jmarsden> Ender: ^^
<Slyboots> jmarsden: Aye, I use ufw
<Ender> i didn't install it
<Ender> but it appears to be installed
<jmarsden> Ender: So, did you makethe relevant holes in it for SMb traffic ?
<Ender> i just ran ufw allow samba
<Ender> and it worked
<Ender> is that all i have to do?!?
<jmarsden> Try accessing your shares from a workstation to answer that question :)
<Ender> well i don't think it was a permissions issue, actually
<twb> Ender: 19:17 <twb> Ender: test it with smbclient on the server, then smbclient on another host.  Only *then* try a GUI client
<Ender> twb, i already did that, and smbclient reported the share when run from the server
<Ender> in fact, smbclient reports the share when run from my desktop
<twb> That should've tipped you off that the firewall was the problem
<Ender> AND i can SEE the share in firefox from my desktop
<Ender> wait...the fact that i could see it with smbclient form my desktop indicates it's a firewall problem?
<twb> Note that ufw is *installed* by default, but not *enabled* by default
<Ender> oic, then it's disabled
<Ender> i haven't enabled it, anyway
<twb> Ender: sorry, I thought "19:32 <Ender> is that all i have to do?!?" was rhetorical
<jmarsden> Ender: sudo ufw status
<Ender> Status: inactive
<Ender> so it's not a firewall problem
<jmarsden> OK, it is not that.  So... what is the issue?  smbclient works from the workstation, you said?
<Ender> well i type smbclient -L <serverip> and it kicks back a line naming my share and giving the description i loaded into smb.conf
<Ender> i haven't used smbclient to touch a file or anything
<jmarsden> Ender: OK, so now test that smbclient can actually use the share to read and write files
<Ender> well yeah but i don't know how smbclient works yet
<Ender> lemme fidn out
 * jmarsden retreats to bed... goodnight all.
<Ender> gnight jmarsden
<Ender> ok
<Ender> so i have now been able to connect to the share on my server from my desktop and place a file from my desktop to my server using smbclient
<Ender> why can't i connect using the Network location on gnome?
<jmarsden> Ender: I'd guess that Windows/SAMBA network browsing is not working on your network.  Are both workstation and server in the same workgroup ?
<jmarsden> (But I really am going to bed!)
<Ender> no, but i told the share to be browseable
<Ender> shouldn't i be able to browse shares on other workgroups?
<Ender> besides, does ubuntu even have a workgroup?
 * jmarsden thinks you need to read up on widnows network browsing now, and to read /etc/samba/smb.conf to answer the last question.
<Ender> lol
<Ender> i'm done reading for tonight
<Ender> goodnight!
<jmarsden> Goodnight.
 * Ender really IS going to bed, unlike jmarsden
<Ender> (:
<jmarsden> :)
<[diablo]> morning all
<[diablo]> I am looking to setup an installation mech. similar to Kickstart ... I have done those before on RHEL... whats the mech. for Ubuntu Server please?
<jmarsden> https://help.ubuntu.com/community/KickstartCompatibility  if you must.  https://help.ubuntu.com/10.04/installation-guide/i386/appendix-preseed.html for the "Debian way", preseeding
<twb> +1 for preseeding
<twb> I never understood why kickstart was ported to d-i
<[diablo]> mmmm
<[diablo]> thanks guys
<jmarsden> You're welcome.
<[diablo]> is preseed cuter than kickstart?
<[diablo]> I remember KS was pretty nice
<jmarsden> In the Debian/Ubuntu implementation, preseed is more functional than kickstart.  Cuteness is not relevant for server admins anyway :)
<[diablo]> hahaha
<[diablo]> will read thru the doc you linked me, and give it a whirl
<twb> [diablo]: preseed is more elegant
<[diablo]> cute
<twb> [diablo]: in that it doesn't conflate multiple DSLs in a single translation unit
<[diablo]> sorry, mean cool :P
<twb> Anybody playing with this new elliptical curve stuff in openssh?
<twb> (Just curious, rather than wanting technical support.)
<[diablo]> twb, wot is it?
<uvirtbot> New bug: #716310 in openssh (main) "ssh connections disconnects automatically" [Undecided,New] https://launchpad.net/bugs/716310
<twb> [diablo]: a new key type, like DSA and RSA, but "more betterer"
<[diablo]> oh
<twb> http://tools.ietf.org/html/rfc5656
<[diablo]> interesting...
<[diablo]> did not know of that
<twb> You'll need natty; it's new as at 5.7
<twb> Huh.  Did you know that if you use the same passphrase to symmetrically encrypt your private keys, ssh-add will reuse it to decrypt all of the keys you pass it?
<maswan> twb: I was curious and read up a bit on it, The SHA2 family consists of four variants -- SHA-224, SHA-256, SHA-384, and SHA-521 -- named after their digest lengths
<maswan> "
<maswan> don't they mean sha-512? :)
<twb> Er, until it changes.
<twb> I have two passphrases, but due to the ordering, it prompted me four times: http://paste.debian.net/107132/
<rtyuio> hello there
<rtyuio> what this command do ?
<rtyuio> svn co file:///svnroot/master/ \ 				~/repositories/
<tsimpson> creates an SVN checkout of /svnroot/master/ to ~/repositories/
<tsimpson> file:// is a URI schema for local files, just remove the "file://" to get the path
<soren> Well..
<soren> It depends.
<soren> If you write it on one line, it'll probably fail.
<soren> I don't think svn co can take three arguments.
<soren> Oh, it does work.
<soren> Well, it doesn't work, but svn co does accept three arguments. It wants the second one to be a url. " " isn't.
<rtyuio> i can't cd to /svnroot tsimpson
<tsimpson> rtyuio: I don't know where you got the command from, so I can't comment on how to fix it
<rtyuio> i ask the question in general
<tsimpson> soren: I assumed that the paste was 2 lines concatenated to one for the paste
<rtyuio> how work a command like that ?
<tsimpson> you are giving the arguments "co file:///svnroot/master/ \     ~/repositories/" to the svn command
<soren> tsimpson: I've been here for too long to make assumptions like that :)
<soren> rtyuio: That command will checkout from svn at /svnroot/master to ~/repositories/ (if typed correctly).
<rtyuio> checkout what ?
<tsimpson> rtyuio: see http://en.wikipedia.org/wiki/Apache_Subversion for a description of what svn is
<Roasted> has anybody set up openldap on ubuntu? I'm at a step that's hanging and I'm not sure why.
<kobrien> Anything change in 10.04 that'd make the network slower for dual nic setup?
<kobrien> any reason at all the my network would be slower on 10.04? any setting's I can tweak to make it go faster?
<takamarou> Hi all.  I'm trying to connect a ubuntu server 10.10 to a Iomega Storecenter NAS with NFS enabled.  I was able to connect to the NAS a couple days ago, but after a reboot I am having issues.  I'm not sure which version of NFS the storcenter uses, but everything I try gives me an error.  NFSv3 says the requested nfs version is not supported... NFSv4 says Protocol Not Supported.  Any ideas?
<twb> takamarou: rpcinfo -p?
<takamarou> any certain line you are looking for?  Or should I pastie it?
<twb> The latter
<twb> I'm just triaging man
<takamarou> http://pastie.org/1548915
<uvirtbot> New bug: #298823 in exim4 (main) "Exim mail failure messages go to local address, even if no local delivery is available" [Undecided,Incomplete] https://launchpad.net/bugs/298823
<RoAkSoAx> morning all
<airtonix> takamarou: what is in /etc/default/portmap ?
<takamarou> airtonix, looks pretty empty
<uvirtbot> New bug: #702714 in exim4 (main) "package exim4-base 4.71-3ubuntu1 failed to install/upgrade: subprocess new post-removal script returned error exit status 1" [Undecided,Incomplete] https://launchpad.net/bugs/702714
<takamarou> airtonix, OPTIONS="" and a bunch of comments
<airtonix> takamarou: wait is your ubuntu machine the nfs-kernel-server or the Iomega machine ?
<takamarou> ubuntu machine is the client connecting to the NFS.  The Iomega Storcenter is the one the NFS Server
<airtonix> that changes things
<airtonix> because now, you have to seek support from iomega
<takamarou> damnit
<takamarou> It's not an error on the Iomega.. I think.  I can mount the NFS just fine from my local ubuntu box
<airtonix> which is version ?
<airtonix> 10.04 or 10.10 ?
<takamarou> 10.04
<airtonix> ;)
<airtonix> what reason is there to have 10.10 on the server ?
<Japje> +6
<takamarou> None.. Actually, I intended to have 10.04 on it, but hit the wrong download.
<takamarou> But now it's in production..  can't take it down at this point
<RoyK> airtonix: none at all unless you hit bugs that aren't fixed in 10.04, or if you need newer hardware support or features
<airtonix> i'm out of ideas
<takamarou> OK.  Thanks for your help :)
<JamesPage> Daviey: this might sound like an odd question but would you expect the 127.0.0.1 address on the loopback device to be disabled in ipv6 only installations?
<Daviey> JamesPage, i know what bug you are talking about...
<Daviey> :)
<Daviey> JamesPage, I only have mixed ipv4 and ipv6 machines, so i need to disable ipv4 and test that bug
<Daviey> With ipv4 disabled, i wouldn't expect lo to have 127.0.0.1
<Daviey> ...and ubuntu (ntp) still work
<JamesPage> Daviey: doing some testing at the moment - the only way I can find to get rid of the ipv4 address is to manually remove it (ip addr del)
<JamesPage> is there a way of globally disabling ipv4
<Daviey> yeah
<Daviey> ::1 <-- ipv6 localhost
<Daviey> (shortage notation)
<rcaskey> any hints on my my 10.04 install's terminal is very slow when used in kvm?
<zul> hey spdw
<spdw> howdy zul
<zul> whats the error again?
<spdw> sendmail gives me this when an email does not go out: Feb 10 14:12:28 arkli sm-mta[13934]: p1AECCKH013934: localhost [127.0.0.1] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA-v4
<zul> Daviey: seen that before: ^^^
<spdw> it is intermittent, the same message a few minutes later to the same address went through fine
<Daviey> interesting..
<zul> spdw: i dunno use postfix ;)
<zul> spdw: actually you can grep p1AECCKH013934 in the same log file and see what it is doing
 * RoyK thought sendmail went out of style some time before y2k
<spdw> zul: I know how you lean.  Sendmail came for free when rackspace commissioned the server.  At least that's what I'm being told.
<Daviey> spdw, Are you using auth to the relay server?
<spdw> Daviey: is there an easy way to find out?  I did not setup sendmail
<spdw> I don't like sendmail
<Daviey> spdw, If you have root, i would consider switching to ubuntu favoured mta which is postfix, or debian's which is exim4
<spdw> Daviey: I definitely do and if that's the easiest fix then I'm good with that.  I was hoping this was a small misconfiguration problem but it doesn't appear to be that way.
<soren> There's no such thing with sendmail :)
<Daviey> spdw, many agree that sendmail is a world of pain
<spdw> soren: that has been my experience in the past too.  Hence my comment about not liking sendmail
<zul> i still have my bat book but its collecting dust
<Daviey> spdw, i would try sending mail via telnet to port 25...
<spdw> zul: you live in the middle of nowhere, I'm not stopping by to pick that thing up :)
<spdw> Daviey: trying now
<Daviey> spdw, How is the mail getting to sendmail... some app?
<zul> spdw: its light reading
<Daviey> hah
<spdw> Daviey: telnet is fine
<Daviey> spdw, That error seems to happen if you just 'ehlo server' and 'quit' with no payload.
<spdw> Daviey: the email is sent through php
<Daviey> spdw, i think it's your php app to blame TBH.
<Daviey> spdw, if you run those two commands quoted, do you see the same error in your mail logs?
<spdw> checking
<spdw> Daviey: yep, you're right
<Daviey> spdw, So, that indicates sendmail IS working
<Daviey> but the PHP app is failing to send a payload.
<spdw> Daviey: cool, I'll take a look from that side then
<Daviey> spdw, super
<Daviey> spdw, I'd love for you to feedback what caused it.
<spdw> Daviey: sure.  I believe, but will verify, that we're just using the mail() method.
<zul> spdw: ill bring the bat book tomorrow for you
<spdw> Daviey, zul: Thanks for the help
<zul> Daviey: np
<zul> er...spdw
<Daviey> spdw, np
 * RoAkSoAx time for rhcs3.1 testing 
<zul> hallyn: do you have a doc or a pointer to setup lxc and libvirt?
<hallyn> zul: there is http://s3hh.wordpress.com/2010/09/07/easier-creation-of-libvirt-lxc-containers/ if that's what you mean
<hallyn> zul: but that's all
<hallyn> zul: did you have q, or are you thinking for release notes?
<zul> hallyn: no i was just looking for a general guide
<JenniferB2> hi folks... I have an svn repo on a ubuntu-server... and I need to change the password.. but when I do on the server.. I am having trouble logging again from ssh ... how do I update my key locally ? entering the new password doesn't seem to be enough
<zul> hallyn: but if im using you lxc-guest package do i need to do half of those things in the script there?
<hallyn> zul: checking the scripts, cause i don't recall offhand what all i had to do
<hallyn> zul: all right, you're starting with a full uec guest image, right?
<hallyn> zul: the one thing I expect you to have to do is provide a console service on /dev/pts/0, bc that's where libvirt-lxc offers console
<zul> hallyn: yep unmodified as of right now
<zul> gotcha
<zul> thanks
<zul> ill ask if i have any more questions
<RoAkSoAx> great between kvm and python my CPU is 100%
<Daviey> RoAkSoAx, that sounds great!
<Daviey> RoAkSoAx, have you tried starting kvm with --don't-abuse-me?
<hallyn> zul: ok - yeah all the rest looks ok.  You can still use my base.xml as a template if you haven'te already devised your own
<zul> hallyn: thanks
<RoAkSoAx> Daviey: lol... seems virt-manager issue
<Daviey> RoAkSoAx, ahh
<Daviey> virt-manager is a troubled soul at times.
<RoAkSoAx> Daviey: indeed
<Roasted> Is a "complete removal" in synaptic = sudo apt-get remove --purge *package* ??
<Daviey> Roasted, try #ubuntu ... i imagine most here don't use synaptic.
<xds> e cineva ;))
<xds> http://problemepc.team-forum.net/
<Roasted> Daviey, good point :P
<mdeslaur> Daviey: unfortunately, there have been humungous fixes to bind for DNSSEC support between 9.7.0 and 9.7.2P3
<mdeslaur> Daviey: I don't know if it's sanely possible to pick them all out and try to backport them
<Roasted> if sudo killall -9 freeradius is the wayt o kill the freeradius process, how can I restart it without rebooting?
<mdeslaur> Daviey: and it kind of sucks that Lucid doesn't have working DNSSEC support
<RoAkSoAx> hallyn: have you seen KVm using 100% CPU lately?
<mdeslaur> Daviey: maybe we should try and get a one-time SRU of 9.7.2P3 into lucid and maverick
<RoAkSoAx> hallyn: or at least more than 50%
<zul> hallyn: yay it works
<hallyn> RoAkSoAx: on natty?
<hallyn> RoAkSoAx: it sounds familiar, can you search lp bugs?  i think someone else had that with virtio
<hallyn> though i thought that was maverick
<RoAkSoAx> hallyn: right now with maverick, I'm launching a VM with testdrive and in somepoints doing IO it goes all the way to 100% CPU usage, and for a while was around 50%
<highvoltage> y/win 26
<RoAkSoAx> hallyn: launching it with virt-manager, it does stay in 100% even though I close virt-manager, kvm stays in 100%
<hallyn> lemme check my list
<hallyn> RoAkSoAx: no, i was thinking https://bugs.launchpad.net/ubuntu/+source/kvm/+bug/703811 but this sounds different
<uvirtbot> Launchpad bug 703811 in kvm "kvm guest's cpu usage with virtio storage driver goes up to 100% because of flush process" [High,Incomplete]
<hallyn> RoAkSoAx: is it doing anything in the meantime?
<hallyn> i.e is the VM moving along?
<RoAkSoAx> hallyn: yeah. let me get you a quick video
<Roasted> if sudo killall -9 freeradius is the wayt o kill the freeradius process, how can I restart it without rebooting?
<RoAkSoAx> hallyn: yeah I think that's the one!! I'm crrently installing a new VM and while installing the base system and things that do disk IO apparently, that's when the load goes up
<jmarsden> RoAkSoAx: maybe kill -HUP   would reload its config file?  I don't have it installed here, what does the man page say?
<jmarsden> ^Roasted
<uvirtbot> jmarsden: Error: "Roasted" is not a valid command.
<jmarsden> Bah.
<Roasted> I got it
<Roasted> :)
<Roasted> facing a new problem now
<Roasted> but I doubt any of you guys have tinkered with freeradius. It's a specific error to freeradius itself.
<SpamapS> hallyn: did you resolve whatever it was you needed last night?
<hallyn> SpamapS: i sent the email to upstart-devel instead
<hallyn> SpamapS: no replies yet, and i've had no brilliant ideas
<hallyn> SpamapS: so i think i'll just end up having to special-case cgred in /etc/init/libvirt-bin
<RoAkSoAx> hallyn: http://me.roaksoax.com/kvm.ogv (ignore the sound :) )
<hallyn> lol, now i gotta go watch :)
<hallyn> RoAkSoAx: but your fflush-N aren't showing high usage?
<RoAkSoAx> hallyn: nope, just the CPU and the graph in vrit-manager is half load
<SpamapS> hallyn: oh I did see that email
<hallyn> RoAkSoAx: pls file a new bug, mention it MIGHT be a dupe of that one, and upload your .xml's so i can take a look
<hallyn> RoAkSoAx: you're sure you're using kvmand not plain qemu right? :)
<RoAkSoAx> hallyn: yeah i;m using KVM lol :)
<uvirtbot> New bug: #559307 in exim4 (main) "Local delivery hard link vulnerability" [Low,Fix released] https://launchpad.net/bugs/559307
<hallyn> SpamapS: were you drafting a reply? :)
<SpamapS> hallyn: will later for sure.
<zul> Roasted: you do know there is a specific channel for freeradius right? #freeradius
<Roasted> oh believe me, I know
<Roasted> go ahead and hang out there and see how many people talk in 72 hours time
<Roasted> ;)
<SpamapS> Roasted: thats a good sign that maybe its time has passed.. ;)
<patdk-wk> I haven't used freeradius in atleast 5 years
<Roasted> SpamapS, you're telling me.
<Roasted> but isn't freeradius still more secure than standard WPA2?
<RoAkSoAx> hallyn: what other xml's should I upload besides the VM's one?
<SpamapS> Roasted: there is no wifi security. ;) Use VPN and/or SSL at all times.
<Roasted> SpamapS, well, you know what I mean...
<Roasted> Is radius still "more" secure than WPA2?
<patdk-wk> they have nothing to do with each other
<Roasted> I thought they did...
<patdk-wk> nope
<patdk-wk> wpa2 is a wifi encryption thing
<patdk-wk> it can use radius auth, or psk auth
<Roasted> how does radius auth differ from psk?
<hallyn> RoAkSoAx: the VM ones, and the storage ones
<Roasted> psk = personal right? passphrase, etc.
<patdk-wk> no
<patdk-wk> psk means preshared key, one password for everyone
<patdk-wk> radius auth you have one per person
<hallyn> RoAkSoAx: virsh vol-dumpxml and virsh pool-dumpxml
<patdk-wk> and you can limit with certificates too
<Roasted> well from that standpoint alone I would think radius would be far superior.
<patdk-wk> so user must have valid cert to access
<patdk-wk> ya, but it has nothing to do with how secure wpa2 is
<Roasted> so it's not how secure it is, it's the way it implements the authorization?
<patdk-wk> ya
<Roasted> but in a way I would think that would still aide in greater security, even though it's using the same level.
<Roasted> it just goes about it in a more complicated way, it seems.
<patdk-wk> yes, over all it would be more *secure*, but it doesn't make the encryption of the channel any better :)
<Roasted> well, I work in IT at a school district. One of the students last year got some program to reveal the passphrase we were using for wifi.
<Roasted> as a result, they would get on our network on their phones, etc.
<Roasted> I think that's why radius has something to offer us.
<Roasted> It's not entirely my decision. I'm just the one with the project that was assigned to me.
<patdk-wk> if you use cert verification, that would block it
<Roasted> cert verification with... radius right
<patdk-wk> you can only do cert verification with radius
<Roasted> okay
<Roasted> I thought so
<Roasted> just wanted to make sure we were on the same page
<Roasted> yeah right now I'm trying to generate some certs for my test environment.
<patdk-wk> I set that same thing up, years and years ago
<Roasted> but the guide is telling me to run "make" but that's it, which isn't working for me.
<Roasted> Is there anything better to use than radius for our scenario, given you now know why we were aiming for radius?
<Roasted> this make thing is getting old. I have no idea how to work around this.
<Roasted> their documentation sucks.
<kirkland> lynxman: ping
<lynxman> kirkland: pong
<kirkland> lynxman: hey, i just uploaded a new mcollective fixing the two bugs you filed (thanks for the reminder, zul)
<kirkland> lynxman: i need you to do one more thing ...
<uvirtbot> New bug: #716528 in qemu-kvm (main) "kvm 100% when performing apparently IO operations" [Undecided,New] https://launchpad.net/bugs/716528
<kirkland> lynxman: create a .postrm script that removes the user
<lynxman> kirkland: just updated the bug with the script
<kirkland> lynxman: rock
<lynxman> :)
<kirkland> lynxman: i'll get another upload
<lynxman> cool \o/
<kirkland> lynxman: in the future, if you want credit in the changelog, send a debdiff ;-)
<kirkland> lynxman: if you don't care, this works too :-)
<patdk-wk> roasted, I dunno, I haven't used radius on unix for so long, I have one radius setup I use for everything just about, but it's windows based, cause they are running AD
<lynxman> kirkland: I'll have it in mind, thanks ^^
<lynxman> kirkland: just happy to see the package doing cool stuff :)
<hallyn> RoAkSoAx: so just to make sure, have you tried just running 'kvm -hda delme.img -cdrom ubuntu-10.04-server.iso -boot d -m 1G" and seeing what it does with your cputime?
<kirkland> lynxman: mcollective_1.0.0-0ubuntu4 should be ready for your testing shortly
<kirkland> lynxman: please test package installation and uninistallation for me ;-)
<lynxman> kirkland: excellent, thank you ;)
<lynxman> will do so
<Slyboots> Ahh! lol.. Figured ouy why my Squid Proxy kept crashing..
<Slyboots> out of disk-space :P
 * SpamapS hands Slyboots the Sombrero of Glory
 * Slyboots glows with mighty uh.. mexican power?
<SpamapS> Ole!
 * SpamapS forgets how to do accents
<Roasted> patdk-wk, yeah, we have MS Radius set up now, but there's a bug with MS Radius that backfires with certain wifi cards. It just so HAPPENS that it's the card we have in 540 something laptops... which drops authentication after 30 days and doesn't regain it unless we hardwire them to re-authenticate. I've heard from numerous people FreeRadius doesn't have this issue, hence our interest.
<RoAkSoAx> hallyn: by running kvm etcetc the load is not so high, so it is something related to libvirt
<RoAkSoAx> or must be
<hallyn> RoAkSoAx: not necessarily - have you also tried
<hallyn> kvm -drive file=delme.img,if=virtio,index=0 -cdrom x.iso -boot d ?
<RoAkSoAx> hallyn: im running the same isntalling through TestDrive (which uses the username you are logged in and rtuns a vm with virtio and kvm -etcetc) and the load is not that high
<RoAkSoAx> s/same installing/same ISO installation/
<RoAkSoAx> s/rtuns/runs
<Roasted> patdk-wk, I'm assuming that FreeRadius can integrate with MS LDAP... ???
<RoAkSoAx> hallyn: this is the command used in testdrive: "kvm -m %s -smp %s -cdrom %s -drive file=%s,if=virtio,cache=writeback,index=0,boot=on %s"
<patdk-wk> ldap is ldap
<Roasted> but LDAP is where the users are, and we have nearly 2,000... that's where the user base is stored to authenticate "from".. right?
<RoAkSoAx> hallyn: also note that the high load appears when apparently is doing intesive IO operations
<RoAkSoAx> hallyn: and at the same step of the installation, the load is different between a kvm launched by libvirt than the one launched by testdrive
<hallyn> RoAkSoAx: pls use 'ps -ef | grep kvm' to get the full commands executed by both
<RoAkSoAx> hallyn: libvirt /usr/bin/kvm -S -M pc-0.13 -enable-kvm -m 512 -smp 2,sockets=2,cores=1,threads=1 -name natty1 -uuid 31631c3c-a914-6365-12b7-9103b4e07a3b -nodefconfig -nodefaults -chardev socket,id=monitor,path=/var/lib/libvirt/qemu/natty1.monitor,server,nowait -mon chardev=monitor,mode=readline -rtc base=utc -no-reboot -boot dc -drive file=/var/lib/libvirt/images/natty1.img,if=none,id=drive-virtio-disk0,boot=on,format=raw -device virtio-blk-pci,
<hallyn> RoAkSoAx: and paste in the bug.  i'll look there in a few mins
<RoAkSoAx> hallyn:yeah that's what I'm doing :)
<hallyn> RoAkSoAx: thanks :)
<RoAkSoAx> ;)
<panfist> i just rebooted and for some reason my root is mounted as a read only file system?
<patdk-wk> probably cause it's corrupted
<patdk-wk> reboot into recovery mode, and try fsck'ing the fs
<panfist> for some reason my grub timeout is zero so i'm booting into a live cd now
<patdk-wk> thta works
<panfist> using 10.04 by the way
<panfist> it seems really hard to change the grub timeout... there is no more menu.lst file, and some script called 00-header or something has timeout stuff all over the place
<panfist> not sure what to touch in there
<patdk-wk> heh, /etc/default/grub
<hallyn> RoAkSoAx: ///
<hallyn> sorry, internet connection fail
<hallyn> RoAkSoAx: is comment #5 correct?
<hallyn> RoAkSoAx: bc it shows 'if=none'.  it looks garbled
 * hallyn bbl
<RoAkSoAx> hallyn: yeah something's weiord going on here :/
<lirakis> panfist, grub has been updated to grub 2 which is different in the way in manages its config
<uvirtbot> New bug: #716576 in tftp-hpa (main) "package tftpd-hpa 5.0-11ubuntu2 failed to install/upgrade: ErrorMessage: il pacchetto tftpd-hpa non Ã¨ pronto per la configurazione  impossibile configurarlo (stato corrente "half-installed")" [Undecided,New] https://launchpad.net/bugs/716576
<RoyK> we had a little accident at work the other day - a generator was started and pumped 1kV or so into our servers.... some 30% of them died, but all of the supermicro servers survived, some 12 boxes or so. According to the statistics, at least four of them should have died, but they are all running... Bad thing those Sun boxes that cost 4x the price of the supermicros died :P
<air^> :)
<guntbert> RoyK: testing emergency power supply gone bad?
 * alvin holds 1 minute of silence for those poor Sun boxes
<RoyK> not even testing - the power was to be shut down for an hour or so
<RoyK> so we got a generator - we've done it before - but now, during startup, the generator generated a rather ugly surge
<RoyK> alex_joni: make that a second :P
<RoyK> or some milliseconds
 * RoyK doesn't like Sun^WOracle hardware
<patdk-wk> ya, I don't like *connecting* generators till they are warmed up
<RoyK> I didn't
<alvin> I was going to say: "why not, they're indestructible. But well,...."
<RoyK> perhaps they should have warmed it up before they fused it?
<shauno> shouldn't the ups eat the overvoltage?
<shauno> ah.  timestamp fail
<patdk-wk> shauno, depends
<shauno> we typically feed both pole & genny into a transfer switch, and then into the ups from there.  let the ups handle the phase distribution, and eats the time between the pole going down and the genny coming up
<shauno> that way the ups would still do it's job if the genny's dirty
<patdk-wk> hmm, could easily be a faulty ups part also
<patdk-wk> maybe it detected the large spike, and might of been too large for it to handle
<patdk-wk> and that caused it to go into bypass mode?
<patdk-wk> heh, electricity is fun, all kinds of unexpected things can happen :)
<shauno> that should go to battery
<shauno> bypass is typically the ups can't give you juice, so it feeds you the wall and hopes it works
<shauno> just curious; I work with/for a particular brand of ups, so I have trouble picturing layouts that aren't what we deploy
<patdk-wk> ya :)
<patdk-wk> I had a ups on my, just turning itself off cause of the generator
<patdk-wk> found the generator was bad
 * patdk-wk wonders if there is a wol issue I missed :)
<patdk-wk> seeing thousands of wol requests flooding me from the inet
<uvirtbot> New bug: #716654 in postfix (main) "latest ubuntu updates killed mail delivery" [Undecided,New] https://launchpad.net/bugs/716654
<uvirtbot> New bug: #716659 in multipath-tools (main) "Root filesystem goes "Read only" after installing multipath-tools on Lucid" [Undecided,New] https://launchpad.net/bugs/716659
<NDROfTheLine> hi there
<NDROfTheLine> i've got samba working properly on my virtual server! yeahhhhh
<NDROfTheLine> now i need to set up some rudimentary security. how?
<NDROfTheLine> for example, i'd like to require all users to have to supply a password to access the sahre
<NDROfTheLine> how do i do that?
<SpamapS> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=612296
<SpamapS> Ruh roh
<uvirtbot> Debian bug 612296 in wnpp "O: bacula -- network backup, recovery and verification - meta-package" [Normal,Open]
<NDROfTheLine> ruh roh
<NDROfTheLine> bug=612296
<NDROfTheLine> how'd you get that to pop it up
<NDROfTheLine> just the URL?
<SpamapS> the URL
<NDROfTheLine> ic. cool.
<SpamapS> zul: ^^ .. bacula has been orphaned
<NDROfTheLine> why is swat refusing un:root and the root password?
<SpamapS> NDROfTheLine: because it wants to protect you!
<zul> SpamapS: hmmmm...
<SpamapS> NDROfTheLine: you can define a non-root user as an administrator and use that
<NDROfTheLine> SpamapS, well i understand the danger of root logins, i really do, but in order to create a new share and manage my existing shares i need root access don't i
<NDROfTheLine> SpamapS, i've tried logging on with my account and all i can do is view information about my shares.
<SpamapS> zul: does Canonical use it internally? Might be strategic for us to take up maintainership
<zul> SpamapS: already one step ahead of you
<NDROfTheLine> planning open-world domination huh
<zul> SpamapS: im not sure but we should take it over
<RoAkSoAx> redhat cluster debian maintainer  is also looking for someone else to maintain it
<NDROfTheLine> why can't i administer my samba shares with my normal login?
<NDROfTheLine> on swat, that is
<zul> SpamapS: just fired off an email to John
<SpamapS> cool
<zul> SpamapS: thanks for pointing that out
<SpamapS> NP.. just by chance saw it w/ the changelog for bug #689327 getting fixed
<uvirtbot> Launchpad bug 689327 in dbconfig-common "bacula-dir.conf shows syntax error when mysql dbname is left blank" [Low,Confirmed] https://launchpad.net/bugs/689327
<NDROfTheLine> asdf
<NDROfTheLine> sorry, i hit the wrong button. on the Ubuntu Community Swat page, it says "Log inas a user with proper priveleges"; how do i ensure my user has proper privelege to administer samba?
<zul> SpamapS: replied to the bug as well
<samael6> anybody here know where the ubuntu server guide is
<guntbert> !serverguide
<ubottu> The Ubuntu server guide may be found at http://help.ubuntu.com/10.04/serverguide/C/
<guntbert> samael6: ^
<samael6> no i just installed it from the ubuntu software center and i cant find it
<guntbert> samael6: I'd look under/usr/share/doc....
<NDROfTheLine> does anybody know how to set up a user with proper priveleges to use SWAt to manage my samba shares?
<guntbert> samael6: and you can always ask dpkg (-l  or -L,  not sure)
<NDROfTheLine> it's -l
<NDROfTheLine> what's the package name of the guide
<samael6> ubuntu server guide
<guntbert> ubuntu-server-guide
<EvilPhoenix> there's a guide as a package?
<NDROfTheLine> well i can't install it with apt-get
<NDROfTheLine> iuno, that's what samael6 is saying
<EvilPhoenix> its ubuntu-serverguide
<guntbert> !info ubuntu-server-guide
<ubottu> Package ubuntu-server-guide does not exist in maverick
<EvilPhoenix> !info ubuntu-serverguide
<ubottu> Package ubuntu-serverguide does not exist in maverick
<EvilPhoenix> or not
<EvilPhoenix> :P
<NDROfTheLine> well it is actually ubuntu-serverguide
<NDROfTheLine> !ubuntu-serverguide
<NDROfTheLine> !info ubuntu-serverguide
<samael6> i followed your advice and found the package bubt it wasent what i expected
<samael6> its a log
<NDROfTheLine> yeah me too
<guntbert> !info ubuntu-server-guide lucid
<guntbert> !info ubuntu-serverguide lucid
<ubottu> Package ubuntu-server-guide does not exist in lucid
<ubottu> ubuntu-serverguide (source: ubuntu-docs): The Ubuntu Server Guide. In component main, is optional. Version 10.04.3 (lucid), package size 371 kB, installed size 2608 kB
<NDROfTheLine> maybe you'll have to install ubuntu-docs
<NDROfTheLine> to get the offline version installed in your docs directory
<guntbert> !info ubuntu-serverguide lucid
<ubottu> ubuntu-serverguide (source: ubuntu-docs): The Ubuntu Server Guide. In component main, is optional. Version 10.04.3 (lucid), package size 371 kB, installed size 2608 kB
<NDROfTheLine> but anyway just google filetype:pdf ubuntu server guide and get the pdf
<guntbert> no, the package exists
<NDROfTheLine> yeah but it doesn't install the server guide in /usr/share/docs
<iclebyte> non sever related but what are you guys using to player your music in on linux?
<iclebyte> (it goes hand in hand with sever administration though)
<iclebyte> server*
<NDROfTheLine> you can ask that question in #ubuntu if you want recommendataions on desktop music players
<NDROfTheLine> i just use rhythmbox
<iclebyte> fair enough
<guntbert> it is installe in /usr/share/ubuntu-servguide
<guntbert> *installed
<guntbert> NDROfTheLine: ^^
<samael6> thanks i got it
<guntbert> NDROfTheLine: and its dpkg -L <package> which gives you a list
<guntbert> NDROfTheLine: sorry, I forgot who asked the original question
<samael6> but i thought it was a application thats shows the html files
<NDROfTheLine> no prob it wasn't me
<NDROfTheLine> dpkg -l by itself returns the entire list of isntalled packages
<NDROfTheLine> anyway
<NDROfTheLine> i'm still trying to get swat working. how do i configure a user that can administer samba??
<samael6> im not looking for commands im looking for where this can be viewed
<NDROfTheLine> open firefox.
<NDROfTheLine> in the location bar, type /usr/share/ubuntu-serverguide/html/C/index.html
<NDROfTheLine> guntbert, how'd you figure out the storage location of the ubuntu-serverguide? google? dpkg?
<samael6> NDROfTheLine hes probbaling dozing
<RoAkSoAx> zul: /win 19
<RoAkSoAx> arrrrgh
<NDROfTheLine> well i missed his logoff due to a timeout
<RoAkSoAx> zul: quick questions. I have a init script I pass this in rules: dh_installinit -p gfs2-utils --no-start --no-restart-on-upgrade -- start 65 S . start 2 0 6 .
<samael6> what languages do you guys under your belt
<samael6> have
<RoAkSoAx> zul: in the init script Default-Start: S and Default-Stop 0 6
<RoAkSoAx> zul: but when installing, this happens: update-rc.d: warning: gfs2-utils start runlevel arguments (2 3 4 5) do not match LSB Default-Start values (S)
<RoAkSoAx> update-rc.d: warning: gfs2-utils stop runlevel arguments (0 1 6) do not match LSB Default-Stop values (0 6)
<RoAkSoAx> ideas?>
<RoAkSoAx> SpamapS: ^^
<KB1JWQ> Welcome to #ubuntu-server, psywiped
<psywiped> trying to set up a script to twitter my servers ip address but it keeps saying that gt is not a valid command using this page as a guide http://onthefencedevelopment.com/?p=289
<KB1JWQ> psywiped: gt isn't defined as a command anywhere there.  Pastebin your script, redacting anything sensitive please.
<psywiped> http://pastebin.ubuntu.com/565591/
<KB1JWQ> psywiped: And the exact, copy pasted error you get? :-)
<shauno> heh; line 11
<shauno> $CURRENT_IP &gt; $IPFILE
<KB1JWQ> Ah, tere it is.
<shauno> &gt; is the html entity for >
<KB1JWQ> There we go. :-)
<KB1JWQ> I wondered why they were backgrounding something.
<psywiped> http://pastebin.ubuntu.com/565593/
<psywiped> o hell
<psywiped> that would make sense
<psywiped> so echo $CURRENT_IP >; $IPFILE
<shauno> without the ;
<psywiped> ok now im getting this http://pastebin.ubuntu.com/565597/
<shauno> I think that's just because of the space between -- and user
<psywiped> use # to comment out in bash?
<shauno> correct
<psywiped> it looks like the space between -- user was causing the problem
<shauno> :)  -- alone means something very specific to most commands
<psywiped> now to figure out why its not updating twitter
<psywiped> my issue is that i dont trust the dynamic dns im using right now to update if my servers ip address changes and i want a backup method
<psywiped> but the script doesnt look like its working
<psywiped> http://pastebin.ubuntu.com/565605/
<psywiped> but no update in twitter
<psywiped> this is what i'm going off of http://onthefencedevelopment.com/?p=289
<psywiped> forever alone
<SpamapS> RoAkSoAx: re the update-rc.d warning.. that just means that the postinst is override the LSB header.
<SpamapS> overriding
<uvirtbot> New bug: #716767 in clamav (main) "clamav-daemon does not start because of "Malformed database" daily.cvd" [Undecided,New] https://launchpad.net/bugs/716767
#ubuntu-server 2011-02-11
<psywiped> how do i add /home/user/checkipaddress to crone and run it every 5 mins?
<shauno> psywiped: crontab -e will make a crontab for user.  the entry will be something like "*/5 * * * * /home/user/checkipaddress", but you'll probably want to man crontab instead of flying too blind there
<psywiped> shauno: man crontab?
<psywiped> and that would run it as ./checkipaddress
<shauno> that'll show you the manual that describes the file's format fully
<psywiped> shauno: thanks its working had to add a trick to the end of the webaddress to get it to work but chron and the update is now functioning. heres what the code ended up looking like
<psywiped> http://pastebin.ubuntu.com/565625/
<shauno> heh, I haven't seen that before.  suspect the android client doesn't use OAuth yet, so they've added a workaround for it
<shauno> glad you figured out how to glue it all together tho :)
<psywiped> well i think its more for people that havent updated it
<psywiped> its going to suck when it stops working
<shauno> there's a decent handful of python twitter clients.  I'm sure you'll be able to glue it back together when they break it
<psywiped> yep going to have to try and get twidge up and running
<psywiped> dont know where its config file goes tho
<nfearnley> I'm trying to get an Amazon EC2 instance of Ubuntu Server running. I can't seem to ssh into it. Is ssh enabled on the server by default, or do I have to connect by some other method to set it up?
<edubuntu> sup bro
<nfearnley> I figured it out. I just had to open the firewall. The default Amazon EC2 firewall looks open, but it's not :P
<jkg> hi hi. I suspect this is a dovecot specific issue, but... my imapd is spewing http://paste.ubuntu.com/565639/ in logs. the machine isn't overly short of RAM, and I've increased login_process_size in dovecot.conf -- anyone got any ideas?
<KB1JWQ> strace?
<KB1JWQ> And is this actua;;y under vmware?
<jkg> unfortunately, it is under vmware.
<jkg> (can I easily attach strace to a service? I've no idea how to do that)
<jkg> ahah! perversely, setting login_process_size = 0 has fixed it. given I was allowing 128MB I dread to think how large this means my login processes are...!
<RoAkSoAx> kirkland: ping?
<psywiped> pong
<uvirtbot> New bug: #716836 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/716836
<NDROfTheLine> Hello all
<NDROfTheLine> I finally got samba up and running on my server and I'm not sure why I'm having such poor performance.
<NDROfTheLine> Once I'm connected to the share it seems to do file transfers just fine, but initially opening it takes a good 20 seconds
<NDROfTheLine> What can I change to reduce this lag?
<twb> NDROfTheLine: sounds like a nss cockup
<NDROfTheLine> !info nss
<ubottu> Package nss does not exist in maverick
<twb> NDROfTheLine: pastebin /etc/nsswitch.conf
<ranger03> i like swat..it makes samba configs of like 10 lines long..easier to config than 200 line samba config file
<NDROfTheLine> how the eff do you configure a user with the proper permissions to use swat?
<NDROfTheLine> i've been playing with that for a while now
<NDROfTheLine> twb, please excuse my ignorance, but how do i get that information to pastebin
<NDROfTheLine> i mean, i'm ssh'ed into my server
<NDROfTheLine> i know how to display a file on vi
<NDROfTheLine> oh nvm
<NDROfTheLine> duh, just highlight in terminal and mid-click in pastebin
<NDROfTheLine> sorry
<NDROfTheLine> http://pastebin.com/fZdMMhfa
<uvirtbot> New bug: #716860 in nmap (main) "zenmap.desktop and zenmap-root.desktop have errors" [Undecided,New] https://launchpad.net/bugs/716860
<NDROfTheLine> how do i change apache2's DocumentRoot
<jmarsden> NDROfTheLine: You can also   sudo apt-get install pastebinit and then use that from the command line to send things (files, command output, etc) to a pastebin site.
<NDROfTheLine> so then i just run the command and port it to pastebin it?
<NDROfTheLine> like cat <file> | pastebinit
<NDROfTheLine> ?
<jmarsden> NDROfTheLine: DocumentRoot is a per-site thing, so you edit the file for the site concerned, under /etc/apache2/sites-enabled/ and then reload the apache config.
<jmarsden> Well, yes, but   pastebinit /path/to/filename   works for the case where you already have a file
<NDROfTheLine> oh cool thanks
<NDROfTheLine> good to see you again jmarsden
<NDROfTheLine> i was under Ender yesterday
<NDROfTheLine> just fyi
<NDROfTheLine> and you too twb
<NDROfTheLine> does my nss config look strange?
 * jmarsden was going... "I don't remember that nick..." :)
<jmarsden> NDROfTheLine: Not to me, but I'm not expert on that.  Do you have working DNS for the servername that you use ?
<twb> NDROfTheLine: I dunno man
<NDROfTheLine> I don't think I have a DNS
<jmarsden> NDROfTheLine:  from the client PC, does    dig SEVERNAME    return a sensible result with the correct IP for your serber
<jmarsden> NDROfTheLine: OK, so how are you expecting the client to find out where the server is?
<NDROfTheLine> But it does find the server
<NDROfTheLine> it just takes too long, like 20 seconds
<jmarsden> WHat command line are you using for that connection?  smbclient ... what?
<NDROfTheLine> nautilus
<twb> Try again with smbclient
<jmarsden> Um.  I am fairly sure that yesterday, it was suggested that you use smbclient first, and only switch to a GUI client when smbclient worked fine...
<twb> jmarsden: that was me suggesting it
<jmarsden> OK, good :)
<twb> Damn users...
<NDROfTheLine> it did work
<NDROfTheLine> i followed your adviceeeeee
<NDROfTheLine> and it worked
<jmarsden> With a 20 sec delay?  or not?
<NDROfTheLine> no delay with smbclient
<twb> and test on lo first
<NDROfTheLine> but now i've forgotten how i connected
<NDROfTheLine> smbclient <ip address> doesn't work
<jmarsden> Was it an IP address that you gave nautilus, or a machine name?
<NDROfTheLine> i just clicked "network" then "windows network" then my workgroup, computer, and share.
<NDROfTheLine> hrm. the delay seems to have gone away...could it be due to a windows computer being logged onto the network?
<NDROfTheLine> my wife's computer was connected a moment ago when i was experiencing the delay.
<jmarsden> Unlikely... you can reconnect it and retest, to find out.
<NDROfTheLine> ok. the smbclient man page appears to say that the command "smbclient -I <ipaddress>" will connect to the share on the given ip address
<NDROfTheLine> OR, "smbclient --ip-address <ipaddress>"
<NDROfTheLine> but
<NDROfTheLine> neither does.
<NDROfTheLine> what am i doing wrong here?
<DiagonalArg> Hi all, RAID Question// Created RAID1 using liveCD/mdadm, named md2. On another machine installed ubuntu to installer-created RAID1 (md0/1/2). Trying to see all RAIDs from liveCD, but mdadm always names the first RAID1 "md2" (as seen in mdadm.conf), conflicting with the second. How can I make it automatically assign md*'s?
<MTecknology> hm.. this is interesting... http://paste.ubuntu.com/565721/
<MTecknology> this makes it more odd... http://paste.ubuntu.com/565722/
<MTecknology> two files of the exact same name
<MTecknology> nope- nevermind... d and q looked too close to the same thing
<MTecknology> that other email is apparently a failed email to email me that the email failed to send
<NDROfTheLine> lol
<NDROfTheLine> mailfail
<NDROfTheLine> so i guess i had to use the full name of the server AND the share to connect with smbclient
<NDROfTheLine> but i am able to connect with zero delay
<NDROfTheLine> well in fact, there's zero delay with nautilus too
<NDROfTheLine> the problem yesterday is that on my smb.conf i had "browseable = yes" instead of "browsable = yes"
<MTecknology> ouch
<NDROfTheLine> seriously. othe rplaces in smb.conf it's spelled browseable. i checked.
<NDROfTheLine> now how do i set up security for my share? a required password ?
<MTecknology> I jsut purged sendmail and it's dependencies and reinstalled and get the same thing....
<MTecknology> I kinda doubt this is just because I'm using +1
<jmarsden> NDROfTheLine: You should be able to detect such spelling issues in smb.conf by running testparm /etc/samba/smb.conf
<MTecknology> oh... this is gonna be fun; I get to reboot... yay... :(
<MTecknology> 1|(status)     '2|#ubunt~drupal'3|#ubuntu-us-sd'4|#nginx-master'5|#nginx       '6|#freenode-gab'7|#ubun~ardened'8|#ubunt~kernel'9|#ubuntu-motu '0|#ubun~ckaging'q|#ubuntu-news 'w|#ubun~website
<MTecknology> e|#ubun~assroom'r|#ubun~-server't|#launchpad   'y|#laun~pad-dev'u|#ubuntu-irc  'i|#freenode-gms'o|#sluglinux   'p|#l3ib        'a|#ubuntu-us   'd|#can~sysadmin'f|#ubuntu      'g|#freenode
<MTecknology> j|#drupal      'k|#bash        'l|#linode      ';|#pressflow   'z|#terminator  'x|#drupal-docs 'c|#crunchbang  'v|#pantheon    'n|#debi~mentors',|#bzr         '.|#ubuntu+1    'Q|#drup~ultants
<MTecknology> Sorry!
<NDROfTheLine> heh
<MTecknology> I didn't mean to do that.... :(
 * jmarsden thinks... that's not what my machine does when it reboots :)
<NDROfTheLine> jmarsden, you know, i did run testparm and it didn't actually report any errors
<NDROfTheLine> jmarsden, it did NOT however list the browseable = yes line
<NDROfTheLine> which gave me pause. i thought i had it misspelled, so i checked in other parts of the example smb.conf that samba comes installed with
<jmarsden> Strange.  You may even have found a bug in there somewhere.
<NDROfTheLine> everywhere else i found it was "browseable"
<NDROfTheLine> so i assumed i had it spelled right and was doing somethying wrong, but today i was configuring a different server and started from scratch using the Ubutnu Server Guide itself and boom. "browsable".
<NDROfTheLine> http://pastebin.com/ZQABREsZ
<jmarsden> NDROfTheLine: The man page for smb.conf says the two spelling are synonymns, and a quesck test hers shows that to be true.
<NDROfTheLine> there's the output of testparm with "browseable" misspelled
<jmarsden> s/quesck/quick/ :)
<jmarsden> brows(e)able = yes is the default, so you only see it in testparm output if you set it to no, I think.
<NDROfTheLine> well...now i've changed the spelling from "browsable" to "browseable", restarted smbd, and viola! I can't access my share with nautilus.
<jmarsden> And don't do "cat /etc/samba/smb.conf | tail", just do   tail /etc/samba/smb.conf    :)
<NDROfTheLine> oh ok that's helpful
<NDROfTheLine> see, and i just changed te spelling back to browsable and now i can access it from nautilus
<jmarsden> Wow, you have a USA-spelling only version of samba :) :)
<NDROfTheLine> so there's some difference in the way MY machine, at least, is treating browseable/browsable
<NDROfTheLine> lol seriously
<NDROfTheLine> anyway whatever
<NDROfTheLine> good to know, i guess
<jmarsden> BTW, doing   egrep -v '^#|^;|^$' /etc/samba/smb.conf    gets you a compact, commentless version of your smb.conf  :)
<NDROfTheLine> wtf is all that goobldegook
 * NDROfTheLine searches for google
 * NDROfTheLine finds google and uses it to search for gobbledegook
<jmarsden> A regular expression.   man 7 regex for a long detailed explanation of regexes :)
<jmarsden> Use the docs on your machine before resorting to Google :)
<NDROfTheLine> well fair enough but without your input i wouldn't have known to look for regex
<NDROfTheLine> what does the 7 parameter do to man?
<jmarsden> NDROfTheLine: man egrep    would have got you the idea that it uses regular expressions...
<jmarsden> It's SEE ALSO section lists regex(7).
<jmarsden> 7 is section 7 of the manuals.
<jmarsden> man man   for info on that :)
<NDROfTheLine> do you just remember that regex(7) is what to look for or di dyou reference that somewhere
<jmarsden> Some of us learned Unix before Google existed :)  I did man regex and got the man page for the library call, then did man 7 regex
<jmarsden> But as I said, man egrep and reading it, including its SEE ALSO section, would have got you to regex in section 7, which man pages write as regex(7) and which you can read by typing in   man 7 regex  :)
<NDROfTheLine> very cool. thanks.
<jmarsden> You're welcome.
<NDROfTheLine> last night right before i signed off you said i needed to read about workgroups
<NDROfTheLine> oh in fact its probably still in the script here...
<NDROfTheLine> yep
<NDROfTheLine> you know, it's a lot of fun learning things this haphazard way, by tumbling into a problem and then clawing out of it, but if i wanted a more top-down learning experience, what would i need to do?
<jmarsden> well, one place to start might be http://tldp.org/LDP/intro-linux/html/intro-linux.html
<jmarsden> For a more concentrated more admin-oriented one, try http://rute.2038bug.com/index.html.gz
<jmarsden> For a whole bunch of free online books, try: http://www.linuxlinks.com/article/20090405061458383/20oftheBestFreeLinuxBooks-Part1.html :)
<NDROfTheLine> jmarsden, do you work all day and then come here to help lost souls like me just because you enjoy it? what's your motivation?
<jmarsden> More or less, yes :)  I believe enough in Linux to want to help others use it and not run away from it frustrated.  And I do learn by helping others, sometimes, too :)
<jmarsden> On occasion someone will ask something, and I'll think "That's an interesting question!" and find the answer out for myself, as well as for them :)
<NDROfTheLine> incredible.
<NDROfTheLine> i mean, i believe it, obviously, but still, hard to believe.
<NDROfTheLine> if i told somebody else how this worked they wouldn't believe me.
<jmarsden> Try it :)  Spread the word :)
<NDROfTheLine> I do, I spread it.
<NDROfTheLine> now that libreoffice has more solid support for .docx files i actually might be able to get a few people here and there to really switch
<jmarsden> There are entire books and articles written on motivating people to make that transition... and yes, for many people the file format "lock in" issue can be a big obstacle.
<NDROfTheLine> seriously. i had a golden opportunity a few weeks ago, a nonprofit in my area asked me to come in and install an office program for them.
<NDROfTheLine> i mentioned openoffice but the lady shook her head like she had experience with it, and said that she gets stuff from her marketing departmentshe has to edit and return
<NDROfTheLine> so it was a no-go
<twb> You should just teach them TeX
<NDROfTheLine> maybe once i *learn* TeX
<twb> NDROfTheLine: get on with it then
<NDROfTheLine> ha! indeed.
<NDROfTheLine> it's going on my list
<twb> I haven't used a word processor for year
<twb> *years
<NDROfTheLine> aren't you a teacher yourself
<NDROfTheLine> i mean irl
<twb> That's one way of putting it...
<NDROfTheLine> no, like as your profession
<NDROfTheLine> aren't you a cs professor
<twb> No.
<NDROfTheLine> oh ok, i thought i encountered you a while back. nvm.
<twb> I'd kill myself if I *had* to deal with students
<NDROfTheLine> lol
<NDROfTheLine> and yet, here you are, subjecting yourself nonetheless
<twb> I'm the cs equivalent of the muso who prefers to flip burgers rather than sell out to sony
<twb> NDROfTheLine: yes but *I* choose when to stop.  If I was paid to be here, I'd be honour-bound to be here even when I didn't want to be
<jmarsden> It's very different here.  You can take breaks any time, you can stay away for weeks or months (I have done that)... you can ignore annoying people completely if you choose... :)
<twb> Volunteers Can Say Noâ¢
<NDROfTheLine> (tm)
<NDROfTheLine> heh
<twb> ÎÏ'Ï Î±Î»Î» Î¸Î½Î¹ÏÎ¿Î´Îµ Î·ÎµÏÎµ, Î´Î¸Î´Îµ!
<twb> Pft, crappy input method can't even autodetect final sigma
<NDROfTheLine> why don't LUGs offer free open-source consulting for nonprofits
<jmarsden> NDROfTheLine: LUGs are whatever their members make them.  I'm giving a talk at my local one on Saturday :)  So if yours has an interest in helping non-profits, cool, set something up there.
<NDROfTheLine> have you ever heard of something like that?
<jmarsden> I don't think so... you'd perhaps need more local non-profits than many LUGs have access to, to make such a thing practical as more than a one-off?
<NDROfTheLine> in the peace corps, people serve for 27 consecutive months in a country of the program's choosing doing all kinds of things for the local community. the pay is sufficient to cover your bare living costs, but that's about it.
<NDROfTheLine> how likely do you think it might be that a just-graduated programmer would be willing to do a similar thing, but instead of build houses, build open code?
<jmarsden> Sure.  I think there was a proposal for "geekcorps" at some point, try googling for that perhaps?
<NDROfTheLine> ah, yes.
<NDROfTheLine> geekcorps is a little differnt, they focus on getting IT adopted in the developing world
<greppy> that level of income probably won't pay the student loans that people have now though.
<NDROfTheLine> the peace corps has programs that forgive portions of loans
<NDROfTheLine> assuming something coul dbe worked out to defer loan payments, and that the pay would be sufficient for basic living,
<NDROfTheLine> what do you think the likelihood is that there would be a strong response?
<greppy> people might go for it.
<NDROfTheLine> would you go for it?
<greppy> now? no.
<greppy> I have a mortgage to pay :)
<NDROfTheLine> well, i meant when you graduated
<NDROfTheLine> would you have
<greppy> I never graduated from college.
<greppy> :)
<NDROfTheLine> bah! you catch my drift though, sir.
<NDROfTheLine> with sufficient skills you don't need a degree for the peace corps either
<greppy> yes, but I could say "Sure, I'd go for it!" now, but when I was in my early 20's... I honestly don't know.
<NDROfTheLine> <nods>
<NDROfTheLine> i just think that a CodeCorps that worked like the peace corps or americorps or whatever would be really cool
<NDROfTheLine> and could accomplish a lot
<greppy> it could.
<greppy> but I would probably aim for more just becoming part of an existing corp.
<NDROfTheLine> there's no way in hell i could even begin contemplating *starting* a thing like this, not now anyway
<NDROfTheLine> but a boy can dream, you know
<NDROfTheLine> i'm joining the peace corps, actually, departing in may.
<NDROfTheLine> anyway
<NDROfTheLine> i volunteer at the red cross and a local nonprofit clinic
<EvilPhoenix> uh...
<twb> We have ALWAYS been at war with oceania
<EvilPhoenix> we DO have an -offtopic channel you know
<NDROfTheLine> oh right
<NDROfTheLine> sorry
<NDROfTheLine> "/rant"
<EvilPhoenix> no problem :P
<NDROfTheLine> #ubuntu-offtopic?
<EvilPhoenix> mhm
 * NDROfTheLine wanders off....
<doorntje> Hello, I've got a question. Someone here tries to install Ubuntu Server on a server. But after selecting the language and selecting to install he gets a message with server timeout etc.
<jmarsden> doorntje: Can you post the exact message he gets?
<doorntje> http://imgur.com/4T1Yf << Here it is
<EvilPhoenix> not loading
<EvilPhoenix> that image
<doorntje> http://i.imgur.com/4T1Yf.jpg
<EvilPhoenix> kernel panics
<EvilPhoenix> but at that zoom it doesnt help at lal
<EvilPhoenix> all*
<jmarsden> doorntje: we need to see the whole width of the screen, not just part of it.
<EvilPhoenix> mhm
<doorntje> Sorry, he doesn't have another photo. He'll try to get another one later...
<EvilPhoenix> we need ALL the data
<EvilPhoenix> before we can help you.
<doorntje> Ah, ok.
<EvilPhoenix> so "He'll try to get another one later..." means we'll help you later :P
<doorntje> Well he'll try to get one of the full width of the screen...
<doorntje> EvilPhoenix: i'll understand.
 * EvilPhoenix believes this "friend" is actually doorntje himself
<doorntje> EvilPhoenix: I'm at school now, you understand? But he doens't speak english very well..
<doorntje> Maybe you have seen someone called JamLaMin on the forums?
 * EvilPhoenix understands this perfectly.  EvilPhoenix also understands that digital photos of installation errors arent very useful at any zoom level.
 * EvilPhoenix hasnt been to the forums in several months
<EvilPhoenix> :/
<doorntje> I'll tell him...
<EvilPhoenix> dont tell him my speculations :P
<EvilPhoenix> my speculations are my own :P
<doorntje> Oh, ok...
<EvilPhoenix> i'm just stating a general dissatisfaction with digital images of issues from a screen
<NDROfTheLine> goodnight
<iclebyte-work> how can I find out the current IO throughput of one of my servers? (this is for requirement gathering of our new vm solution)
<JamesPage> iclebyte-work: try bonnie++
<iclebyte-work> i want to see what my current system is using, rather than what it's capibal of
<iclebyte-work> will bonnie do this?
<JamesPage> bonnie++ will give you benchmarks; if you want to look at what IO your system is currently doing then try sar
<JamesPage> its part of the sysstat package
<soren> iclebyte-work: If it's for VM's, you can get this information from the hypervisor.
<soren> iclebyte-work: Well... Any hypervisor worth its salt anyway.
<iclebyte-work> well currently they are physical machines, i'm trying to work out what kind of throughput our storage backend is going to need to be able to keep up with
<soren> iclebyte-work: kvm for instance will happily tell you how much I/O traffic it generates.
<soren> iclebyte-work: Ah.
<soren> vmstat gives you some of that info.
<soren> "vmstat 5" will tell you how much block I/O has been done across the entire system every 5 seconds.
<iclebyte-work> and which values should i be looking at?
<iclebyte-work> bi and bo?
<soren> Yes.
<soren> Those are blocks tranferred in and blocks transferred out, respectively.
<iclebyte-work> how does this relate to the read/write speeds of my storage backend?
<soren> speed is <some general unit of measurement>/<some unit of time>. You have a reading for every 5 seconds...
<soren> So, if bi is 3000 and bo is 250, that's 3000 blocks * 512 bytes/sector / 5 seconds = 307200 bytes/second.
<soren> + 250 blocks * 512 bytes/block / 5 seconds = 25600 bytes/second.
<soren> Sorry, I meant "block" where I said "sector".
<soren> For a total of 332800 bytes/second.
<soren> Hm.... That doesn't add up.
<iclebyte-work> ?
<soren> I just tried it, and the numbers are off.
<iclebyte-work> thats 325kb/sec
<soren> kB, not kb, but yes.
<soren> It should be.
<soren> But it's not.
<soren> Perhaps those blocks are larger than I think.
<soren> I think they're actually 4k.
 * soren glances at blockdev --getss
<soren> Ah.
<soren> Yup.
<soren> Should have used blockdev --getbsz. My bad.
<soren> They're 4k.
<iclebyte-work>  tune2fs -l /dev/sda5 | grep -i 'block size'
<soren> So it'd be 3000 blocks * 4096 bytes/block / 5 seconds = something entirely different.
<iclebyte-work> this is for ext3?
<janimo> hello server people! What is the recommended way in a headless setup for a package to notify the user that some action could be taken - optionally.
<soren> I think this is separate from the filesystem's idea of block size.
<iclebyte-work> janimo, email?
<janimo> A bootloader package gets updtaed so it want to tell the user that they can flash the new bootfiles if they wish
<janimo> iclebyte, not a server, just headless, so no email guaranteed
<janimo> it is for arm headless images
<soren> Morse code?
<iclebyte-work> string and 2 cups?
<soren> We're helping!
<iclebyte-work> soren, let me try some numbers from some of my production systems
<janimo> no really is there no equivalent of the GUI, 'restarte required' or similar notifications at the console?
<soren> janimo: I'm not sure I understand... How would you do it on a regular system?
<janimo> but a fallback to morse will be considreed all else failing :)
<iclebyte-work> janimo, or do you have any IO methods? a light or something maybe?
<janimo> soren, on a GUI system some packages set up some hooks in post-install, which are show in the notif area - like firefox restart required or system reboot required
<janimo> iclebyte-work, no this is supposed to be realtively hw indep
<janimo> a sort of notification area for text mode :)
<soren> janimo: Is there any reason you can't just use a debconf notice?
<janimo> like on next login the user gets told, hey there's a new U-Boot you may want to flash it
<iclebyte-work> what about remote syslog?
<soren> janimo: Well, you could hook into update-motd.
<janimo> soren, debonf notice is fine, except I don't know what that is, so any solution that does it is fine by me. I just knew the server team know more about headless so I came here
<soren> janimo: Ok, let's try it this way: How do you expect people to upgrade the package?
<soren> janimo: Using apt-get over ssh?
<janimo> soren, they will use an existing tool that is installed. But this does not need to happen automatically as it is risky
<soren> janimo: Something other than apt/dpkg?
<janimo> soren, a new package get updated which has fgirmware/bootlaoder blobb
<janimo> soren, yes, it goes to a hidden vfat partition
<janimo> so special tool like the onel flashing kernel and initramfs on arm
<janimo> potentionall to NAND later, etc
<soren> janimo: I think we're talking about different things.
<janimo> so not part of /
<janimo> soren, ok, let me link to the spec
<janimo> https://blueprints.launchpad.net/ubuntu/+spec/other-arm-n-handle-core-boot-files-update
<soren> janimo: I think(!) you're talking about the kernel itself. I'm talking about the package that contains the kernel.
<soren> janimo: You started out saying "A bootloader package gets updtaed...".
<soren> janimo: Is that a .deb at any point in time or is all of this completely separate from the packaging system?
<janimo> soren, yes for ex the uboot package gets updated via dist-upgrade
<soren> Excellent.
<soren> Then it's simple enough.
<iclebyte-work> soren, the bi and bo values are they *1000 ?
<soren> Well, as simple as debconf :)
<soren> iclebyte-work: No.
<soren> iclebyte-work: Raw numbers.
<janimo> so we need to tell the user, hey new blobs for uboot ara available, you can flash them into the boot area if you wish
<soren> janimo: Right.
<janimo> soren,  it comes in a deb
<soren> janimo: Excellent.
<janimo> and the tool uses the fiels from the deb
<soren> janimo: Then it's straight forward.
<janimo> so that is the only use for the deb
<soren> "man 7 debconf" is the canonical guide, but I recommend finding a package that uses it and copy magic from there.
<soren> If you ask some of your team mates for help showing a debconf notice some of them should be able to guide you.
<janimo> soren, I have used debconf for pkg configuration, are notices something less used?
<soren> debconf abstracts such pesky things as UI for you.
<janimo> soren, ok, so regular debconf question while installing?
<soren> You just tell it that you want to ask a question or show a notice or whatever, and it does the right thing depending on the available UI and configuration.
<janimo> ok
<soren> janimo: If you've used questions, this is almost identical.
 * janimo start looking for debconf notices
<janimo> soren, thanks
<soren> man 7 debconf-devel
<soren> is your friend.
 * janimo is just confused as this requirement was said to be satisfiable by any of jockey, update-manager, debconf,update-motd
<soren> Look for THE TEMPLATES FILE->Type->Note.
<soren> janimo: update-motd is an option, too.
<iclebyte-work> soren, would it be fair to run vmstat 5 for 1 minute (i.e. 12 outputs) then take the median?
<iclebyte-work> i.e. the middle of the highest and lowest number?
<soren> janimo: update-motd lets you put scripts in a directory that get executed on login and can put stuff in motd. You can check for updates and notify people logging in that there's stuff to do.
<soren> iclebyte-work: I can't say.
<soren> iclebyte-work: Depends on what you need the numbers for.
<soren> iclebyte-work: I would have thought you need the max.
<iclebyte-work> i'm trying to work out how much throughput i need from a SAN
<soren> "need" means you want to find the max, doesn't it?
<iclebyte-work> yea i suppose that makes sense, better to have too much than not enough
<iclebyte-work> yes =)
<iclebyte-work> soren, have you any experience with gluster?
<soren> iclebyte-work: Some.
<iclebyte-work> have you used it for virtulization ?
<soren> iclebyte-work: Not in any sort of production setting, though.
<soren> iclebyte-work: Yes.
<iclebyte-work> what kind of hardware did you use for the bricks?
<iclebyte-work> i'm thinking of using some old G4 DL380's with ultra320 disks in RAID0 then using replication and installing bricks in pairs for redundancy
<soren> iclebyte-work: Whatever I had lying around. A laptop and a spare desktop box.
<iclebyte-work> then adding pairs as and when needed for the VM's
<iclebyte-work> ah =)
<soren> glusterfs is cool. I'm sad I haven't gotten to play more with it.
<iclebyte-work> soren, do you work on ubuntu-server full time?
<soren> iclebyte-work: I used to.
<iclebyte-work> you've answered some of my questions on the mailing list
<soren> What's your name?
<iclebyte-work> Jamie McDonald - I had problems with my KVM's not hitting the outside world - turned out to be fasthost locking the switches down to mac
<soren> That's pretty common.
<soren> The problem, not the name. I think.
<iclebyte-work> it's pretty frustrating =)
<soren> It's not that hard to work around, though.
<iclebyte-work> they added the mac's for me no questions
<soren> Ah, great.
<soren> Instead of bridging VM's onto the LAN directly, you can just route through them.
<iclebyte-work> but then how do you allow incomming packets to a public facing ip?
<soren> That's how routing works, really.
<soren> Packates destined for your box travels through a bunch of routers already. All of them just know that somewhere behind them, there is your box. They just send the packets to the next hop.
<soren> Your box can do the same thing.
<iclebyte-work> yes but where would the routes get pushed too if you don't have control of the internet routers
<janimo> soren, only a handful of packages seem to use Type:note on my installed system. I'll have to think if this use case warrants it, as the manpage says it should be there for serious messages only.
<soren> Typically, what a hosting provider does is just add a routing table entry for the extra subnet, sending the packets to your primary host.
<iclebyte-work> ah yes, but you'd still need the host's cooperation
 * janimo goes to discuss this in the arm channel
<soren> iclebyte-work: Well, sure.
<soren> iclebyte-work: ...but you need the hosts's cooperation for running the VM's, too :)
<soren> It's quite simple.
<iclebyte-work> dedicated servers
<soren> Instead of creating a bridge and connecting your eth0 to and as well as all your VM's, you just leave your eth0 connected to the physical network.
<soren> ...and assign an IP from the extra subnet you've been assigned to the bridge.
<soren> ...and that's pretty much it.
<iclebyte-work> right so.. just to double check.. this box is probably my most heavily loaded it's not doing much reading but the BO value is 3746 - i calculate that to 2.92mbps ?
<soren> iclebyte-work: You said "I had problems with my KVM's not hitting the outside world".
<soren> iclebyte-work: I thought we were talking about VM's?
<iclebyte-work> yes - they run on the dedicated server.
<soren> iclebyte-work: Right.
<iclebyte-work> you don't need fasthosts cooperation to run virtual machines i was saying.
<soren> iclebyte-work: As for your 3746 reading. Is that from vmstat 5?
<iclebyte-work> yes vmstat 5
<soren> iclebyte-work: Yeah, that makes about 3 MBps.
<soren> (Those are megabytes. Not millibits.)
<soren> mb vs. MB.
<soren> iclebyte-work: Oh, I see what you mean now. When you said "host", I though you meant your host box.
<soren> iclebyte-work: Uh, no, then you don't need their cooperation.
<soren> iclebyte-work: If they've assined an extra subnet to you, they've already set this route up.
<soren> iclebyte-work: Really, this is the simple way to do it.
<soren> iclebyte-work: You need the hosting provider's cooperation to do it the way you did it (as you've just said yourself).
<iclebyte-work> soren, sorry - manager pulled me away
<iclebyte-work> excellent. thanks for checking my values
<soren> iclebyte-work: No problem. I can keep myself busy :)
<iclebyte-work> yes i'm sure you can! =)
<uvirtbot> New bug: #716931 in dbconfig-common (main) "dbconfig-common doesn't work properly when the version of the database script for upgrade is greather than 1.10, 1.10.1, 1.10.2, 1.10.3, 1.11, 1.12" [Undecided,New] https://launchpad.net/bugs/716931
<uvirtbot> New bug: #716948 in openssh (main) "Can't connect to local MySQL server through '/tmp/mysql.sock' (2)" [Undecided,New] https://launchpad.net/bugs/716948
<uvirtbot> New bug: #717098 in openssh (main) "ERROR 1045 (28000): ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)" [Undecided,New] https://launchpad.net/bugs/717098
<patdk-wk> man, the quality of bug reports this morning
<SpamapS> patdk-wk: reading the bug in "openssh" on "ubuntu" noted above by uvirtbot was rather amusing. :)
<SpamapS> actually these almost look like trolling or a broken apport or something
<patdk-wk> :)
<soren> smoser: around yet?
 * patdk-wk will have to submit a new bug report
<patdk-wk> my job hasn't been fully assimilated by ubuntu yet, when can I expect to loose my job?
<soren> smoser: I'm seeing intermittent boot failure of the UEC images on OpenStack, and ttx suggested you knew the cause: https://jenkins.linux2go.dk/job/Nova-user-test/2039/IMAGEVERSION=natty,distro=maverick,userdata=no/console (search on that page for "CONTROL-D")
<ttx> smoser: ISTR we have/had the same errors booting UEC images on Eucalyptus, and you have a bug open about it
<soren> ttx: What would that be reported against?
<soren> ttx: Go on. Amaze me with you Launchpad-bug-searching-fu.
<soren> s/you/your/
<ttx> soren: that's the tricky part. I think that was a mountall... lemme check
<ttx> soren: my lp-bug-searching-fu is failing me
<soren> Mine too.
<ttx> hggdh: maybe the error rings a bell to you ?
<ttx> soren: you have it on Lucid hosts only ?
<Daviey> it's not one i've seen :/
<soren> No, it's everywhere.
<ttx> I used to see it all the time on my previous laptop. Would prevent me from testing even starting a single instance.
<soren> My current hypothesis is mountall exiting prematurely due to plymouth having disappeared. Mountall doesn't seem to handle SIGPIPE, so if Plymouth is gone things go boom.
<ttx> My new laptop is so fast he jokes about it.
<soren> ...and it's exactly an unclean exit of mountall that gives this prompt.
 * soren tries patching mountall and takes it for a spin.
<Daviey> Does seem to be known http://open.eucalyptus.com/forum/problems-running-instances
<Daviey> but i don't remember an LP bug regarding it
<jpds> Worst forum URL maker, ever.
<Daviey> jpds, slug > />threadid=2354&post=78773
<Daviey> damn keyboard layout... s/>/?/
<jpds> Daviey: Until you have two forum threads with the same name.
<Daviey> jpds, ack.. i would hope it would check that first before melting all over you.
<Daviey> appending 2 :)
<zul> i find the url strangely ironic
<zul> or misleading
<soren> zul: How is it misleading? BEcause it suggests that it sometimes works? :)
<zul> soren: the open part
 * soren registers problems-running-instances.com and points it to Eucalyptus :)
<RoAkSoAx> morning all
<hggdh> Daviey: I do not remember a LP bug about this
<Daviey> yeah, i'm kinda suprised with the amount of instances you have started with eucalyptus you hadn't witnessed it yourself either
<Daviey> I suspect it only happens on slow hardware..
<Daviey> soren / ttx ^^
<soren> Daviey: You're implying that I ran many instances on Eucalyptus.
<soren> Daviey: I *tried* a lot.
<smoser> hm.. i'll come here
<smoser> so... is that log you see all one instance boot ?
<Daviey> hallyn, Were you looking to do a multipath-tools merge?
<hggdh> I remember we having plymouth integration issues
<hggdh> on lucid, IIRC
<Daviey> soren, know, i was talking about hggdh running bazillions of instances.
<Daviey> s/know/no/
<soren> Daviey: Ah.
<Daviey> soren, but hggdh uses hardware that is overspec... which would explain why it's only visible on slow hardware.
<thesuliban1980> Hi! is there an openldap pro here who could answer me some questions regarding openldap + sasl and why openldap with sasl is more secure, even if the user passwords have to be stored in cleartext, then without sasl and encrypted passwords?
<patdk-wk> well, you ALWAYS have to have plain text passwords somewhere
<patdk-wk> either stored in your backend
<patdk-wk> or transmitted to the server for each login
<Daviey> patdk-lap, not sure i agree with that..
<Daviey> err patdk-wk
<patdk-wk> what method doesn't? besides going pure pki
<Daviey> patdk-wk, The client can transmit a hash :)
<patdk-wk> then you need plaintext on the server to verify the hash
<zul> RoAkSoAx: what about ocf?
<Daviey> patdk-wk, i disagree.
<patdk-wk> then how is it secure?
<patdk-wk> I could just *replay* the has
<patdk-wk> hash
<patdk-wk> unless you salt it, then you need the password to verify it
<RoAkSoAx> zul: still waiting for upstream to do the official release, last week they said ~14 days
<Daviey> patdk-wk, If i take my IMAP as an example, an encrypted password is sent over TLS... and the password is a hash on the server.
<patdk-wk> encrypted password?
<thesuliban1980> The point is: When  I don't use sasl then I authenticate w/o encryption  to the ldap and I transmit a password hash which then is compaired to the one stored in the directory. In that case anyone can see the hash on the network... but nor user root or ldap admin know the users passwords....
<thesuliban1980> on the other hand
<patdk-wk> daviey what login method?
<thesuliban1980> when I use sasl, the connection from the ldap client to it's server might be more secure, but after hacking the ldap's admins password or the system root ones, I know all users passwords....
<hallyn> Daviey: cmagina was testing my port from debian-experimental, I'm waiting on his final ok or nack
<thesuliban1980> isn't it?
<patdk-wk> http://wiki.dovecot.org/Authentication/Mechanisms
<Daviey> hallyn, awesome.
<patdk-wk> unless you mean the TLS is the encryption, and that doesn't count, cause the password is still plaintext inside
<thesuliban1980> let me start over:
<cmagina> hallyn: the package didn't work for me.  it resulted in constant path fofb, io errors, and scsi error handling kicking off
<Daviey> patdk-wk, In which case https is  insecure.
<patdk-wk> I didn't say that
<Daviey> a secure tunnel != plain text.
<patdk-wk> but I did say, besides pki
<patdk-wk> I said passing the password as plaintext
<thesuliban1980> If sasl requires all passwords to be in cleartext within ldap, and someone hacks the ldap admin's password, then he has access to the cleartext password from all users...
<cmagina> hallyn: i had tossed the logs onto a server in my home directory.  i had taken a glance at them, but i've been side tracked with other work since, so haven't had a chance to dig deeper
<thesuliban1980> whereas without sasl only the password hashes...
<patdk-wk> thesuliban1980, sasl doesn't require it, but using any login methods other than a plaintext password won't work
<thesuliban1980> that makes a big difference to me...
<hallyn> cmagina: d'oh, that's right
<patdk-wk> and either way, the server will know the plaintext password at some point
<patdk-wk> either always, or just when you attempt to login
<hallyn> cmagina: let me try and get other things out of the way so i can look at those logs this afternoon
<thesuliban1980> patdk-wk: I don't understand why.
<cmagina> hallyn: i might have some spare time to look at them as well.  the logs contain the console from the server, the servers logs, and even logs from the SCMs
<ttx> soren: <smoser> so... is that log you see all one instance boot ?
<patdk-wk> if you want to pass the hash over the internet, you need plaintext password in sasl to verify it
<jdstrand> ScottK: hey. not sure you are aware of this: http://lurker.clamav.net/message/20110211.125402.ce5e76db.en.html
<thesuliban1980> My concern are not password hashes or cleartext traveling the network - therefore I use tls/ssl...
<smoser> he got back to me, ttx
<patdk-wk> if you want hash in sasl, you need plaintext passed over the internet (but can be inside ssl/tls) to verify
<jdstrand> ScottK: basically v12663 daily.cld crashes 0.95 servers. they fixed it, but if you see bug reports with something like: "Thu Feb 10 17:25:09 2011 -> ERROR: reload db failed: Malformed database", that is why
<ScottK> jdstrand: I saw that.  We also got a bug about it too.
<thesuliban1980> my concern is that it if the admin's account is hacked using sasl all user passwords are cleartext... otherwise only hashes...
<jdstrand> ScottK: ok. apparently I am behind the curve :)
<ScottK> jdstrand: Thanks for pointing it out.  It does suggest to me that pushing 0.96 to lucid-proposed once the freeze is lifted might not be a bad idea.
<thesuliban1980> So in the end: which advantage do I have If I use sasl?
<jdstrand> ScottK: yeah. cause they said they are only actively regression testing 0.97 and 0.96
<jdstrand> ScottK: I did find this interesting (0.97 aiui): "The current
<jdstrand> version of freshclam has a special option "TestDatabases", which is
<jdstrand> enabled by default and makes sure the new databases can be loaded
<jdstrand> properly before they get installed in the system."
<hggdh> thesuliban1980: privacy on the path
<ScottK> I'm running 0.96 from backorts, so I never saw the issue.
<Daviey> jdstrand, Are you doing AA work today?
<ScottK> That's a nice feature.
<jdstrand> Daviey: yes
<jdstrand> ScottK: it is
<thesuliban1980> I, not familiar with that expression "on the path". What does it mean exactly?
<jdstrand> Daviey: I haven't looked at it yet though
<Daviey> jdstrand, good :)
<jdstrand> Daviey: good that I haven't looked at it yet? sounds rather ominous...
<Daviey> jdstrand, well... bind9 was uploaded the other day and it's still in unapproved... and it could really do with an extra patch (as pointed out by mdeslaur)... if you were to reject it, or rather not approve it.. that would be good :)
<Daviey> lucid-proposed
<jdstrand> Daviey: oh sure thing
<Daviey> jdstrand, cool, thanks
<thesuliban1980> ?
<jdstrand> Daviey: fyi, it has 'lucid-updates' in the changelog. that should be 'lucid-proposed'
<jdstrand> Daviey: so I'm rejecting 1:9.7.0.dfsg.P1-1ubuntu0.2
<jdstrand> Daviey: done
<Daviey> pah... how did that happen :/
<Daviey> jdstrand, thanks
<jdstrand> Daviey: sure, np
<bobg> i want to deploy ldap-auth-client on a lot of machines. Is there a way that I can preseed the answers to the debcnf questions when I am installing the package with apt-get?  i.e. I know how to do it at OS install time, but not for packages installed after installation
<rubbs> I've got a vps provider claiming that the 2.6.32-306-ec2 #11-Ubuntu SMP kernel handles memory different than the other distros they offer as a justification as to why my ram usage jumps from 100mb to 600mb after a kernel update. Can I call BS on this? (Note: this is a fresh install 100mb, then update&&upgrade all of the sudden 600mb, no packages installed)
<t3cki3> guys i'm using backintime on my ubuntu 10.04 is there a way in which i can change the time of the backup as i need to run the backup job at 13:00 not 00:00
<t3cki3> you guys are the experts... come on ppl... i kno someone out here knows the answer to this
 * patdk-wk has no clue what backintime is
<genii-around> I imagine it's like a system snapshot
<bcessa> hi there, I just create an EC2 instance of ubuntu lucid lynx in AWS and get a message that a newer build is available, the thing is I don't really know how to upgrade it, any ideas?
<bobg> bcessa, "sudo apt-get update;  sudo apt-get upgrade"  ?
<bobg> that updates lucid to the latest packages
<bcessa> amm not really, as far as I can tell that upgrade the packages but not the AMI build itself :o
<bobg> i am not sure if you are talking about some sort of amazon upgrade
<bobg> then I don't know
<bcessa> don't think so, the AMI I'm using is the official ubuntu image, looks there's a new release of it, thnx for the attention anyway :)
<bobg> i figured out my earlier question ( on a machine where I manually installed the package, "sudo debconf-get-selections | grep -i ldap > auth.preseed" then before installing on a new machine, "cat auth.preseed  | debconf-set-selections "
<bobg> now I am wondering how to install a custom auth profile
<zul> smoser: where is the ttylinux images you had at one point?
<uvirtbot> New bug: #717243 in vlan (main) "vlan interface won't start with ifup, can be started manually" [Undecided,New] https://launchpad.net/bugs/717243
<gswallow> heya, anyone here ever configure ufw from within preseed.txt?
<smoser> zul, http://lmgtfy.com/?q=smoser+ttylinux
<zul> smoser: arse
<jdstrand> gswallow: see /usr/share/doc/ufw/README.Debian
<gswallow> jdstrand: thanks.  I have that stuff included.  I also had some other things set (ufw/existing_configuration and ufw/allow_custom_ports) set, based on what I found when I ran debconf-show ufw.  I removed those.  Will retry.
<bpgoldsb> Anyone know of a tool that will assist in building a list of all security updates on an ubuntu-server and pushing them into a reporting tool?
<bpgoldsb> i.e. scraping apt for data and pushing it to a mysql db with a web or other frontend.
<bobg> anyone know why there are both ldap-auth-client and ldap-auth-config? The descriptions are similar, and there is a circular dependency so that if you install either one, both will be installed. ldap-auth-config -> ldap-auth-client ->libpam-ldap -> ldap-auth-config (where -> stands for 'depends on')
<siege-> Hello - I upgraded the dovecot-postfix package this morning, and now my main.cf is missing some changes I had made. Specifically DNSBL and postgrey settings.
<siege-> Did the package update move where those settings should be stored?
<SpamapS> siege-: I believe that package may have a bug where it generates a config file without warning users that it will be overridden on upgrade..
<SpamapS> siege-: the upgrade didn't ask you to confirm changes right?
<siege-> yup, exactly. I've gotten that warning for upgrades in the past
<SpamapS> but not this time?
<SpamapS> I wonder if it was moved out of the package and now isn't protected as a conffile.. :-/
<siege-> To be honest I'm not certain it was that package that gave the warning in the past, I just know not this time of course :)
<siege-> Yeah that's what I was wondering if the conffile was moved and it's using a different one now
<siege-> My bad for not backing it up! Now to find the tutorials I used for setting up RBL and postgrey :)
<siege-> SpamapS: thanks for the help, I'll be more cautious updating the package next time
<SpamapS> siege-: you may want to report that as a bug
<SpamapS> siege-: or look through the existing bugs.. I swear I've seen it reported
<siege-> Ok - I will take a look, thanks
<Slyboots> Anyone know any good sites for uh.. Ubuntu.. Training?
<Slyboots> .. *free*
<Slyboots> I mean things like.. network hardening, good system pratices.. diagnosing problems..
<Slyboots> SysAdmin stuff
<greppy> Slyboots: the ubuntu manual?
<siege-> Slyboots: https://help.ubuntu.com/10.10/serverguide/C/index.html
<zul> there is a q+a session going on in #ubuntu-classroom right now
<Slyboots> Its just I keep running into small nigglign problems and Im conserned about teh secuirty of my machine :D
<uvirtbot> New bug: #717298 in dovecot (main) "dovecot-postfix upgrade overrides main.cf" [Undecided,New] https://launchpad.net/bugs/717298
<siege-> hey that's me
<siege-> SpamapS: I just learned that the main.cf did get backed up though, so all hope is not lost (/var/backups/dovecot-postfix)
<Slyboots>  Actually what I really want right now, is Decent Adblocking in a way thats not going to trash webpages
<SpamapS> siege-: oh good!
<Slyboots> Sort of like Adblock; but network wide, Im using Squid with Privoxy right now but.. its a bit of a mess
<avis> has anyone seen eagles051 on this channel ?
<patdk-wk> a few months back
<avis> thank you
<avis> i lost his email
<pmatulis> anyone know of a ftp daemon stress test tool?
<genii-around> avis: Try #kubuntu-offtopic
<avis> thank you
<avis> comcast today.  i'll be setting up a apache2 webserver, very basic, using dyndns.org and port 80.  i really only want to use it for streaming media simply, deposit sound file and stream elsewhere
<Slyboots> avis: Use MPD?
<avis> i gave debian my best shot.  ubuntu won.
<avis> i didn't mean on a lan
<Slyboots> Dont see how that makes a difference
<avis> i'll research that thank you
<nimrod10> Slyboots, probably what you need for adblocking is something to put in your host file
<Slyboots> nimrod10: that doesnt really work terribly well, What Im trying to do is replicate what Adblock does (Strip all adds and dynamically reformat the HTML to remove them"
<Slyboots> Rather than have huge popup windows open with "Cant display page"
<Slyboots> Which isnt much of an improvment :)
<lirakis> finally got hostapd working for a wifi access point this morning
<nimrod10> I see
<lirakis> very finiky
<lirakis> wouldnt work in b mode
<lirakis> only in g
<lirakis> bizzare
<bobg> i am trying to find out info on writing pam-auth-update profiles -- the man page is not much help -- googled to no avail -- anone have a tip?
<lacovima> where can I find out more about the Orchestra project mentioned by robbiew?
<robbiew> lacovima: https://blueprints.launchpad.net/ubuntu/+spec/cloud-server-n-install-service
 * RoyK sends his greetings to the Egyptian people :)
<binBASH> RoyK: Party time!
<RoyK> :)
 * binBASH was in Egypt four times...
 * RoyK has never visited an arab country
<binBASH> RoyK: well it's one of the best destinations for scuba divers like me ;)
<RoyK> ok :)
<binBASH> Ohh nice, ripe got a new site \o/
<zul> robbiew: for the virtual-networking spec do we really need a checkbox test since it has its own testsuite when the package is built?
<robbiew> zul: huh? /me needs to read it
<robbiew> one sec
<robbiew> zul: what's the aim of the checkbox test
<zul> robbiew: i have no idea its something that nijaba brought up at the session at uds
<robbiew> so I imagine the testsuite in the package verifies the code
<robbiew> but a checkbox test
<robbiew> would run some sort of networking tests across the virtual device
<robbiew> to ensure it works
<robbiew> but I imagine we could just run any existing networking tests
<robbiew> just over that virtual devices
<robbiew> device
<robbiew> right?
<zul> i guess but i dont think we ever used checkbox for server tests
<zul> unless there is something i dont know about which is a pretty good chance
<zul> i dont see the point right now
<kees> bpgoldsb: security updates> what's the specific goal?
<kees> bpgoldsb: you could just look at the -security pocket Packages file for a full list? I'm not sure what exactly you're looking for.
<zul> robbiew: oops i was wrong about checkbox
<robbiew> zul: ok
<pting> using tcpdump, is it possible to log the process id of the packet captured? i can't seem to find an example anywhere
<bpgoldsb> kees: 1. Generate a list of pending security updates (as you get when you login by default).  2. Handle sending that list to a central location (database).  3. Provide a frontend (web) to look at all my hosts reporting, and what packages are security-updates are pending on them.
<flic> hi
<flic> is atheros wifi card 100% supported on ubuntu-server 10.4?
<flic> it works on ubuntu-desktop
<RoyK> flic: server and desktop uses the same kernel and drivers, so it should work
<flic> ok
<RoyK> that is, the same _version_ of the kernel, but then, that shouldn't affect a driver
<flic> it's not the same kernel conf, yea
<RoyK> minor diff
<RoyK> scheduling and HZ differences
<RoyK> that's about it
<guntbert> pting: cannot be possible - that information is not within the packets
<hggdh> smoser: ping re. Hardy proposed kernel on ec2
 * smoser runs and hides
<smoser> hardy kernels on ec2 much different that others
<smoser> we will need someone to build one
<hggdh> who would be the victim, er, volunteer?
<smoser> well, in the past it has been jjohansen, or zul i think
<smoser> hardy is significantly different....
<hggdh> zul ^ would you mind?
<smoser> we have to somehow get one built, and then i have to manually upload it.
<hggdh> bummer
<torrancew> Hi all, we're beginning to deploy Lucid server on ESX 3.5, and we're seeing some strange performance issues - commands taking a while to return when there's no load, etc, and we're seeing a few strange segfaults in the logs. Has anyone encountered this?
<jmgalloway> anyone know why my installer hangs on the language selection?
<torrancew> http://pastebin.com/ZC1eZA9f <--- One of the segfaults we're seeing
<jmgalloway> Im trying to install a new copy of ubuntu server and the install is hanging
<RoyK> jmgalloway: hanging where?
<lenios> on the language selection
<jmgalloway> language selection
<jmgalloway> I am downloading the iso again to see if that was the problem
<MACscr> hmm, im trying to get snmp to work on my ubuntu 8.04 server, but for the life of me i keep getting: Timeout: No Response from localhost
<MACscr> i have it working just fine on 20 other servers, though they are centos based
<patdk-wk> and install and run an snmp server?
<MACscr> patdk-wk: i have it installed already and a custom snmpd.conf setup
<jjohansen> hggdh: I've kicked off a hardy xen build (I think)
<jmgalloway> how long does it usually take on the language selection part of the install?
<hggdh> jjohansen: super, thank you
<torrancew> jmgalloway: did you let it try to pick for you?
<jmgalloway> try to pick?  I just see all of the languages listed and english hilighted
<torrancew> jmgalloway: hit enter
<jmgalloway> i did
<torrancew> ah
<jmgalloway> frozen
<torrancew> so, there are 2 parts IIRC of the langauge bit (been a while since I did a manual install)
<torrancew> one where you choose a general langauge, and one where you set the keyboard layout
<jmgalloway> right
<torrancew> which are you at?
<jmgalloway> general language, the first graphical image of the install
<torrancew> yeah, that's not normal.
<jmgalloway> nope, I've downloaded the iso twice and burned it like 5 times
<torrancew> jmgalloway: did you try burning at lower speeds?
<jmgalloway> no, I'm just using the window's 7 burning software...it wont let me change the burn speed
<torrancew> sorry, I know that's not a fun answer to hear, but it needs to be asked...
<torrancew> ah
<torrancew> ouch
<jmgalloway> this is a new machine, first os to be loaded on it
<torrancew> jmgalloway: i'd recommend you find a way to burn at a lower speed (boot linux on a usb, or another machine), to rule that out
<jmgalloway> yeah, let me go see if that windows machine has some other tool for burning
<uvirtbot> New bug: #717396 in tomcat6 (main) "please sync 6.0.28-10 from unstable" [Undecided,Fix released] https://launchpad.net/bugs/717396
<uvirtbot> New bug: #717397 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/717397
<jdstrand> hallyn: hey. I was wondering if you saw my latest comment in the kvm instability bug: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/694029/comments/24
<uvirtbot> Launchpad bug 694029 in qemu-kvm "[natty] kvm guests become unstable after a while" [Medium,Confirmed]
<hallyn> jdstrand: yeah.  i wasn't sure where to go from here :)
<jdstrand> hallyn: don't you have an x201s?
<hallyn> jdstrand: it sounds like kvm_intel and the wireless driver stepping on each other
 * jdstrand nods
<hallyn> jdstrand: no
<hallyn> kirkland: has something like it
<jdstrand> hmm
<hallyn> i'm not one of the cool boys :)
<jdstrand> hehe
<hallyn> jdstrand: in any case it sounds like it needs to be reclassified as against linux-image i guess
<hallyn> i wouldn't mind looking through the driver source
<hallyn> jdstrand: which driver is in use according to lspci -v?
<jdstrand> hallyn: as a qemu-kvm maintainer, would you mind doing that?
<hallyn> retargetting?  happily :)
<hallyn> oh you already had targetted it at linux.
<jdstrand> hallyn: the lspci should be in the bug
<hallyn> ok
<jdstrand> hallyn: I used 'ubuntu-bug linux' when I filed it
<hallyn> i'll write down a note to look at the driver source, though not optimistic
<jdstrand> hallyn: I can say that I don't otherwise have instabilities using the wireless
<jdstrand> hallyn: so, it does seem kvm related
<hallyn> (my own wireless card won't let me join my ad-hoc wireless network.  that one hurtsright now)
<jdstrand> hallyn: I'll also test the maverick kernel with wireless too, to double-verify it is ok on maverick
<hallyn> jdstrand: but qemu-kvm package doesn't provide the kernel module
<hallyn> how weird would it be to assign the linux bug to myself while i look at the drivers?
<hallyn> (since i'm not on kernel team)
<jdstrand> hallyn: I realize that. but it is still a 'kvm-y' sort of thing, so I don't know where the server and kernel team's draw the linie
<hallyn> don't wanna step on any toes
<jdstrand> hallyn: I'm sure they would not mind in the least
<hallyn> heh, probably 2 arm's lengths away from our respective selves :)
<jdstrand> heh
<kirkland> jdstrand: i have an x201
<kirkland> jdstrand: what's up?
<jdstrand> kirkland: talking about bug #694029
<uvirtbot> Launchpad bug 694029 in qemu-kvm "[natty] kvm guests become unstable after a while" [Medium,Invalid] https://launchpad.net/bugs/694029
<jdstrand> kirkland: with >=2.6.37 kernels there is severe guest instability when the host is using wireless
<kirkland> jdstrand: okay, let me test here ...
<jdstrand> kirkland: the best test I've found is to have two VMs-- let's say maverick -- and then either pull down a bunch of packages or do apt-get upgrade from release
<jdstrand> kirkland: so have a couple of throwaway server installs, and then do 'apt-get install ubuntu-desktop' in both
<jdstrand> kirkland: it might take a few times, but I hit it pretty darn all the time
 * kirkland is really sad byobu is no longer on the live desktop :-( :-( :-(
<jdstrand> kirkland: you might check if you have the same wireless nic as I reported in the bug
<hallyn> why is it gone?
<hallyn> jdstrand: have you reproduced it withOUT having simultaneous i686 and amd64 VMs?
<jdstrand> hallyn: oh yes
<kirkland> jdstrand: i have Centrino Ultimate-N 6300
<jdstrand> one VM is easily enough here
<hallyn> oh
<jdstrand> Intel Corporation Centrino Advanced-N 6200 here
<kirkland> jdstrand: okay, i have two live desktops dist-upgrading 84 packages right now
<hallyn> oh, yieah, the 6300 is where they fixed that flaw in the 6200 where it would randomly write to user memory
<kirkland> jdstrand: over wireless
<jdstrand> kirkland: cool. thanks. like I said, it might take a couple of times. I wrote a script and let it run over and over, and 'grep -i error' (though 'grep Segmentation' would also do it)
<jdstrand> (cause I ssh into them to run the command, send the output to tee, and grep that)
<binaryhat> it appears that when i use virtualization and craps out, my server turns off
<binaryhat> any ideas?
<patdk-wk> psu too small?
<binaryhat> i was copying a file over
<binaryhat> patdk-wk, my psu?
<binaryhat> u think so?
<patdk-wk> just one of I'm sure many many issues
<patdk-wk> well, with all the info you provided, I'm sure it can't be anything else :)
<jdstrand> kirkland: at the risk of being daft, you are using a natty host with a 2.6.37 or higher kernel, right?
<patdk-wk> natty is 2.6.28 (or was)
<jdstrand> 2.6.38
<patdk-wk> ya, what I meant, damn keys moving on me
<binaryhat> i have a 450W PSU patdk-wk
<patdk-wk> and what all is in your computer?
<jjohansen> hggdh: where do you want your -xen debs?
<patdk-wk> cpu, drives, cards?
<patdk-wk> hmm, 2.6.38-3 now :(
<binaryhat> is that not enough?
<patdk-wk> how should I know? my computers normally need a 1000w or larger
<kirkland> jdstrand: absolutely
<kirkland> jdstrand: i am suffering through natty with the rest of you
<kirkland> jdstrand: 2.6.38-3-generic
<jdstrand> kirkland: haha
<kirkland> jdstrand: my X and desktop are almost completely UNUSABLE
<jdstrand> kirkland: well, yes, but some might boot into a maverick kernel still. I was cause of this bug until I found everything was stable with wired
<kirkland> jdstrand: i spend most of my day in a tty hugging w3m, irssi, and mutt
<kirkland> ctrl-alt-f1 is my savior
<jdstrand> kirkland: oh, you might want to upgrade with today's compiz fixes. finally got the stacking right so no invisible windows (gosh that was annoying)
<jdstrand> haha
<kirkland> jdstrand: can you alt-tab?
<kirkland> jdstrand: or resize windows?
<kirkland> jdstrand: or move windows?
<jdstrand> I can alt-tab
<kirkland> dammit
<kirkland> i can't
<jdstrand> I can resize windows
<kirkland> dammit
<kirkland> i can't
<jdstrand> kirkland: this is unity I presume?
<hallyn> i can see a second gnome-terminal under my current gnome-terminal
<kirkland> jdstrand: nope
 * hallyn waits for more cursing
<jdstrand> ah, I am using unity
<kirkland> hallyn: dammit, i can't
 * hggdh grabs some popcorn
<hallyn> \o/
<jdstrand> I don't know what is going on with classic
 * RoAkSoAx wants to kill corosync+cman integration xD
<jjohansen> hggdh: kernel.ubuntu.com/~jj/linux-headers-2.6.24-28-xen_2.6.24-28.86_amd64.deb
<jjohansen> kernel.ubuntu.com/~jj/linux-headers-2.6.24-28-xen_2.6.24-28.86_i386.deb
<jjohansen> kernel.ubuntu.com/~jj/linux-image-2.6.24-28-xen_2.6.24-28.86_amd64.deb
<jjohansen> kernel.ubuntu.com/~jj/linux-image-2.6.24-28-xen_2.6.24-28.86_i386.deb
<hallyn> oh - on my other laptop classic doesn't work right, but i start up unity, it says ' you dont' have 3-d support', and then ti gvies me a nice desktop
<kirkland> jjohansen: do you happen to have ppa kernel builds of your ecryptfs filename patches?
<hggdh> jjohansen: thank you
<hallyn> jjohansen: and do you happen to have a git tree of your ecryptfs filename patches? :)
<hggdh> smoser: ^
<jjohansen> kirkland: not a ppa, but I have debs
<jjohansen> hallyn: yep git://kernel.ubuntu.com/jj/ubuntu-natty.git
<smoser> dagummit jjohansen i was hoping you wouldn't do that so quickly
<jjohansen> kirkland: I have to say I really hate kernel ppas and just use debs when I can
<jjohansen> kirkland: I can set one up now that we are trying to get wider testing
<kirkland> jjohansen: that's fine
<hallyn> jjohansen: thx, i'm noting that to take a look next week
<kirkland> jjohansen: apw does something similar for me from time to time
<jjohansen> kirkland: I was going to attach a link for the current .debs to the bug report
<RoAkSoAx> kirkland: do you still have the image with eucalyptus?
<RoAkSoAx> the cloud in your pocket one
<binaryhat> im using 10.10 and in order for network bridging to work, I have to add three parameters to /etc/sysctl.conf and do  sysctl -p /etc/sysctl.conf.  isnt there a better way?
<torrancew> binaryhat: not trying to sound like a grey-bearded sysadmin, but what's so wrong with that?
<binaryhat> nothing except dmesg reports that xyz is deprecated torrancew
<torrancew> ah, didn't realize that, binaryhat
<binaryhat> it happened again!  I had virtual connection to kvm running and my server shut off!
<binaryhat> 3rd time
<binaryhat> why would it do that
<kirkland> RoAkSoAx: i think it's linked to from my blog
<RoAkSoAx> kirkland: k cool thanks
<uvirtbot> New bug: #713917 in bind9 (main) "bind < 9.7.2 can return SERVFAIL for unsigned zones (dup-of: 651875)" [Undecided,New] https://launchpad.net/bugs/713917
<binaryhat> it appears that when i use virtualization, my server turns itself off
<binaryhat> plenty of memory, 8gb and 450w psu
<uvirtbot> New bug: #714239 in tomcat6 (main) "Tomcat6 version below 6.0.32 can be easily brought down" [Undecided,Fix released] https://launchpad.net/bugs/714239
<MACscr> i have a stalled kernel module that i cant seem to remove with rmmod because it says its still in use. Any recommendations short of rebooting?
<jmgalloway> anyone know why ifup eth0 does not work?  I cant get eth0 working to have a connection to my server
<avis> hello all
<avis> i am finally on comcast without a port 80 blocked.  i would like to run an apache webserver for private file sharing.  i had heard something about webdav and something about being able to share files over the web using a script, and i have such a script.  i just don't know if its functional.
<hggdh> smoser: is it possible to update the kernel on a Hardy ec2 image?
<avis> could someone look at this script and tell if it could be used as a dropbox replacement ?
<avis> http://pastebin.com/fFqUiF2V
<avis> share-http-here.sh
#ubuntu-server 2011-02-12
<isnoop> Hey all.  I'm trying to auto-mount some partitions but modifying my fstab file makes the box fail to boot.  I've tested with mount -a and that works great.
<isnoop> Here's my fstab: http://pastebin.com/JaxG51t2
<isnoop> I'm running this in EC2, so I can take my root partition and mount it in another instance to fix it.
<smoser> hggdh, it is not.
<smoser> hggdh, i will try to get those hardy images uploaded tomorrow, but it might be monday
<intel352> hey guys, i have 2 servers, both ubuntu 10.10, both running nginx from apt. on both, i have chrooted users that host nginx vhosts from their chrooted environments. one server, the jail is in /home/jail, the other it's just /jail. Nginx (as www-data) can access /home & /home/jail with no problem (and serves up files properly), but the other server, Nginx (as www-data) cannot access /jail or subdirs... Any thoughts why? /ho
<intel352> me, /home/jail, /jail are all owned by root, same chmod on each as well...
<intel352> fixed it, cheers
<binaryhat> kvm seems to be shutting off my server when i am using a virtual connection
<Mark___> Hey, i need help configuring bind on my VPS, I have gotten the rest of the server set up, i really just need to attach a domain to dit.
<Mark___> Can anyone help me with the above mentioned question?
<uvirtbot> New bug: #717556 in samba (main) "package samba-common 2:3.4.7~dfsg-1ubuntu3.3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/717556
<Yanksrule> !ops
<ubottu> Help! Channel emergency! soren, lamont, mathiaz or tom
<Yanksrule> i am gangsta
<no-name-> hi. I am using ubuntu-server with icewm and fluxbox and I would like to use it without a display manager but when I don't use a display manager I get no sound while when I do use one (xdm in this case) I do... anybody know how to get sound working without one?
<sunit_> Can anybody tell me Ubuntu 10.04 LTS certified hardware with RAID configuration ?
<hvnsweeting> I followed tut on FCM build the perfect server with u9.10, after installed squirrelmail, how to access it? there isn't firefox on Ubuntu Server. (I install Ubuntu server on Virtual Machine) tks!
<tejas> q
<tejas> bye
<tejas> quit
<tejas> q
<tejas> bye
<tejas> exit
<tejas> #exit
<Odaym> hello
<Odaym> is it common to use Ubuntu Server on servers?
<Odaym> just as reliable and solid as the next RedHat?
<Odaym> or CentOS for example?
<greppy> Yes, it is common.
<greppy> Yes it is stable.
<binBASH> And no it's not Red Hat
<Odaym> yes of course it's not
<binBASH> But I can tell you
<binBASH> I switched after 10 years Red Hat to Ubuntu Server
<Odaym> but i mean me as a not-so-knowledgeable enduser..i get the impression that RedHat is the only reliable and most powerful server out there
<binBASH> and I'm quite happy I did that switch
<lenios> the main difference is ubuntu does not include professional support
<lenios> (i mean, paid support)
<greppy> I've been using LTS releases as servers for quite a while now, works fine.
<Odaym> but there's the forums
<Odaym> which i depend entirely on for whatever i come across on Ubuntu
<lenios> you'll find support, you'll just don't have official hotline
<Odaym> ok
<Odaym> i was at a conference about ubuntu for some friends of mine, and i didnt take the CD for the server
<Odaym> but now that i need one, RedHat needs money and a lifetime to make it function...CentOS' netinstall is not burning on the CD properly..
<lenios> don't you have usb key?
<Odaym> i do
<Odaym> i can just move it to the usb and launch from there with CentOS?
<Odaym> doesnt it need to be identified that X was copied here as an image?
<lenios> i can't tell you about centos, but you can put the ubuntu server iso on a usb key
<Odaym> just place it tehre
<Odaym> really
<Odaym> not like...WUBI?
<Odaym> or something like that?
<lenios> https://help.ubuntu.com/community/Installation/FromUSBStick
<lenios> you can put the iso file on the usb key, and install grub2 on the usb key to boot it
<Odaym> noo now its getting complicated
<Odaym> haha
<Odaym> ok ok
<Odaym> do i need to worry if Meerkat is as good as other releases when it comes to the Server line?
<lenios> it's as good as others
<Odaym> can you tell me the command that will let me know if i am on a 64 or 32-bit machine?
<lenios> but you won't get support and updates for 5 years as with lucid
<lenios> uname -a
<Odaym> Linux Hive696 2.6.35-25-generic #44-Ubuntu SMP Fri Jan 21 17:40:48 UTC 2011 i686 GNU/Linux
<Odaym> i686
<greppy> I personally use the LTS releases for servers, but you are free to go with the others :)
<Odaym> but i686 is 32?
<greppy> yes
<lenios> there's also read -a infos < <(grep bits  <(lshw -C processor 2>/dev/null)) && { (( ${infos[1]} == 64 )) && echo "64 bits ready" || echo "not compatible 64 bits."; }
<Odaym> a script to nail it, then
<lenios> to get the information from the processor
<Odaym> it says 64 bits ready
<lenios> then you are running a 32 kernel on a 64 bits ready processor
<Odaym> i see, so only my OS is 32
<Odaym> but my machine is 64
<lenios> yes
<Odaym> am i losing some of my processor power because of this?
<lenios> it depends
<Odaym> i mean in order to take advantage of the processor's potential, should it be running a 64 OS?
<lenios> you should yes
<Odaym> ok
<Odaym> and changing to the same Meerkat but on 64..this is not done through an Upgrade process?
<Odaym> have to format entirely?
<greppy> yes
<greppy> it's a big change to go from 32 to 64 bit packages and kernel.
<Odaym> but it can be done without changing any core data?
<Odaym> my files, etc...
<greppy> if /home is on a seperate partition, yes.
<greppy> otherwise it's a total format.
<Odaym> and i find that out through....free?
<Odaym> df?
<greppy> yeah
<Odaym> nope, not on a separate partition
<Odaym> FLARN!
<Odaym> ok
<greppy> then back stuff up first :)
<Odaym> yep
<lenios> you don't need to reformat
<Odaym> like usual
<Odaym> what then?
<lenios> just install over the old installation
<greppy> ah
<lenios> without formatting the partition
<Odaym> i will back up and try that
<greppy> true, I'd still backup, just in case :)
<Odaym> there is always an option to Upgrade from the installer, yea?
<lenios> installation will warn you if you didn't backup :)
<greppy> and if you want to make a /home partition so you don't have to worry about it in the future, that may not be a bad idea.
<lenios> you don't want to upgrade, you want to install
<Odaym> yes but that will give it the impression that it's a fresh copy..
<lenios> upgrade is when you're coming from an old version
<lenios> and you'll end up with something like a fresh copy
<Odaym> so if i need to run a Ubuntu server, with 2 ubuntu clients, all connected to a switch
<Odaym> and i want to be able to access them all, i will be able to through "smb:///etc..."
<Odaym> ?
<greppy> Odaym: if you install samba, yes.
<greppy> well, install and configure. :)
<Odaym> ok
<lenios> you only want samba access?
<RoyK> Odaym: with all ubuntu, nfs might be a better idea
<Odaym> i dont know, i want to be able to BE the server
<Odaym> like having a Domain on Windows
<RoyK> NIS is the old way, LDAP the new
<RoyK> we're still using NIS at work for historical reasons :P
<RoyK> NIS is rather ancient, though
<lenios> what's the use of the domain?
<Odaym> just to try it out
<Odaym> it's a home network
<RoyK> if it's just a user database, it's no problem. if you want roaming profiles, that's just common mounts of homedirs.
<lenios> do you need more than ssh?
<RoyK> Odaym: read up on NFS first - you don't want SMB mounts in a unix network, really
<RoyK> NFS is native to unix
<lenios> https://help.ubuntu.com/6.06/ubuntu/serverguide/C/network-file-system.html
<lenios> pretty old, sorry
<lenios> https://help.ubuntu.com/10.10/serverguide/C/network-file-system.html
<Odaym> ok
<Odaym> thank you
<lenios> page didn't change that much in 4 years though
<RoyK> if not using nfs4, nothing much has changed :P
<RoyK> !nfs
<ubottu> nfs is the network file system. See https://help.ubuntu.com/community/SettingUpNFSHowTo for information on installing and configuring NFS.
<Odaym> watching a lion getting dissected on natgeo
<Odaym> haha
<RoyK> hm... massive protests in Algeria - perhaps they're next?
<Odaym> really :)
<Odaym> power to the people man
<RoyK> let's just hope that'll be it - we haven't seen the end of this in neither Tunisia nor Egypt...
<Odaym> sure we have
<Odaym> Tunisia is forming a ministry
<Odaym> a new government
<RoyK> nope - none of them have a new government yet
<RoyK> we don't know how that will work
<Odaym> not yet
<Odaym> but it's a long process
<RoyK> we'll know in a year or so
<Odaym> even here in Lebanon
<lenios> as much as i like to read about it
<lenios> !ot
<ubottu> #ubuntu is the Ubuntu support channel, for all Ubuntu-related support questions. Please use #ubuntu-offtopic for other topics (though our !guidelines apply there too). Thanks!
<Odaym> we dont have a fully formed government yet since we booted out the others
<Odaym> sorry lenios
<RoyK> :)
 * RoyK is sorry for having gotten OT, but what's happened in Egypt is interesting...
<lenios> it sure is, it's just OT
 * RoyK joined the OT channel :P
<floown> hello
<floown> for migrate a Jaunty server to the last LTS, what should I do, please?
<RoyK> !jaunty
<ubottu> Ubuntu 9.04 (Jaunty Jackalope) was the tenth release of Ubuntu. End Of Life: October 23, 2010. See !eol and !upgrade for more details.
<floown> thx
<floown> !upgrade
<ubottu> For upgrading, see the instructions at https://help.ubuntu.com/community/UpgradeNotes - see also http://www.ubuntu.com/desktop/get-ubuntu/upgrade
<RoyK> floown: just run do-release-upgrade to take it to 9.10, then again to take it to 10.04
<floown> RoyK: ok, in two times ?
<RoyK> yeah, you can only upgrade one step at a time
<RoyK> except for LTS, which can be done from one LTS to the next
<floown> ok, thx a lot
<floown> RoyK: I have save my /etc  my /home and /var, what can I save too ?
<RoyK> so once on 10.04, /etc/update-manager/release-upgrades will be set to prompt=lts, and it won't allow upgrading to 10.10 unless you change that to 'normal'
<floown> ok
<RoyK> floown: just backup your data - normally it won't be needed - it'll just work - but then, you never know...
<RoyK> btw, I'm not sure if /etc/update-manager/release-upgrades is updated automatically... better check
<RoyK> set it to lts if that's what you want
<floown> ok, I do a backup for my database too, I have no recent backups
<RoyK> floown: just dump it - mysqldump/pg_dump
<sabgenton> any one with isuse for 10.10?
<sabgenton> 10.04 has given me wifi isuses so far
<sabgenton> I am hoping the hirer kernel number of 10.10 will help
<sabgenton> or should I hope that the new .2 point release will help me here
<RoyK> RTFM! http://www.youtube.com/watch?v=xFAWR6hzZek
<sabgenton> heh
<sabgenton> funney
<RoyK> sabgenton: what sort of wifi issues do you have?
<RoyK> and have you tried updating to 10.04.2?
<nimrod10> RoyK, lol @RTFM, brilliant youtube video
<RoyK> nimrod10: it was created to this javazone thing in norway some years back :)
<RoyK> they have a few others that are quite good...
<sabgenton> RoyK: well basicly if I restart the computer nat or routing etc goes down untill I set the card in to promiscusumode
<sabgenton> and I can turn it off after that
<sabgenton> promic
<RoyK> wierd
<sabgenton> it's really weird I have tried all sorts of networking combanations
<RoyK> dunno - sorry - try 10.04.2 - it's just an apt-get dist-upgrade away
<sabgenton> restart allways screws it up
<sabgenton> hmm ok
<sabgenton> RoyK: interesting I didn't know it was out
<RoyK> :)
<sabgenton> havent seen iso's
<RoyK> well, it's in the repos
<sabgenton> is it not on disc yet?
<RoyK> http://pastebin.com/MyJ2y0gh
<RoyK> sabgenton: no need for that, is it?
<RoyK> I just install from some lucid cd and update
<sabgenton> allso I knowtice uname -r returns -generic at the end
<sabgenton> not -server
<sabgenton> I installed form usb
<sabgenton> not cd
<RoyK> sabgenton: apt-get install linux-server
<RoyK> sabgenton: the difference isn't a lot - just some scheduling / Hz settings
<RoyK> I'd guess for 90% of servers installed, you won't notice any difference
<sabgenton> RoyK: why did I end up with -generic?
<RoyK> no idea
<sabgenton> mabye the usb install method is buggey?
<RoyK> not really
<RoyK> it's just a boot medium
<RoyK> just install whatever kernel you need
<RoyK> again, it doesn't matter much
<RoyK> it's the same version
<RoyK> it's just built with a few different flags
<RoyK> sabgenton: what version are you running?
<RoyK> seems 2.6.35 is in the repos
<RoyK> also, there are some packages named like linux-backports-modules-compat-wireless
<sabgenton> RoyK: how much data will be downloaded in a dist-upgrade
<sabgenton> just a fussy guess
<sabgenton> I'm on .0
<sabgenton> not that it says .0
<RoyK> sabgenton: it'll tell you
<Guinness2702> how do I stop 10.04 server from loading the graphical ubuntu logo (usplash or plymouth?) at boot.  I normally run it headless, but when I plug a monitor in, the display corrupts when the graphical screen comes up.  What's worse is it's displaying some error (probably disk check required after I killed the power), but I can't see what the error is or how to resolve it :(
<RoyK> btw, 10.04.2 doesn't come with a new kernel IIRC
<RoyK> sabgenton: which kernel are you using now?
<Guinness2702> ...or for that matter, just change the video mode to something else which works?
<sabgenton> 2.6.32-25-generic
<uvirtbot> New bug: #717690 in qemu-kvm (main) "package qemu-kvm 0.13.0+noroms-0ubuntu12 [modified: usr/share/man/man1/qemu-user.1.gz] failed to install/upgrade: trying to overwrite '/usr/bin/qemu-ppc64', which is also in package qemu-user 0.13.50-2011.02-0-0ubuntu1" [Undecided,New] https://launchpad.net/bugs/717690
<sabgenton> yeah mabye I should just go 10.10
<sabgenton> how less stable is it I spose
<RoyK> sabgenton: just install 2.6.35
<RoyK> it's in the repositories
<sabgenton> now theres a nice .2 release of LTS
<sabgenton> ok
<RoyK> sabgenton: apt-get dist-upgrade first
<RoyK> then look for 2.6.35
<RoyK> install it
<RoyK> reboot
<RoyK> try again
<sabgenton> thats not suported is it
<sabgenton> 35 on LTS
<RoyK> it certainly is
<RoyK> since it's in the default repository
<RoyK> linux-image-2.6.35-23-server - Linux kernel image for version 2.6.35 on x86_64
<sabgenton> do i just apt-get install linux-server
<RoyK> apt-get install linux-image-2.6.35-23-server
<sabgenton> or do I have to specify
<RoyK> I'd guess linux-server will use the old 2.6.35
<RoyK> 32
<RoyK> not 35
<sabgenton> ok
 * patdk-lap can't wait for 2.6.38
<RoyK> but please update to 10.04.2 first
<sabgenton> intereesting will .2 iso come with  35
<RoyK> patdk-wk: what's new in there?
<patdk-lap> some ipv6 support
<sabgenton> or will it still start out on 32 by defualt
<RoyK> sabgenton: doubt it - I guess they stick to .32
<patdk-lap> using ra/rs with ipv6 forwarding enabled
<RoyK> .35 is there if you need it
<sabgenton> and suported
<sabgenton> yay
<RoyK> patdk-wk: I thought most of ipv6 was supported years ago :P
<patdk-lap> yes
<RoyK> what is ra/rs?
<patdk-lap> but if you enable forwarding, it EXPLICITALLY disables, and turns off ra/rs
 * RoyK isn't very literate in the ipv6 world
<sabgenton> RoyK: is that the same kernel package that 10.10 uses?
<patdk-lap> route advertisement, router solicitation
<RoyK> ok
<RoyK> sabgenton: no idea
<sabgenton> I'm probably sounding naive
<RoyK> sabgenton: just try the new kernel - if it doesn't do what you want, well, go back to the old one
<patdk-lap> bsically, if you turn on forwarding, you MUST use static ip's and static routes
<sabgenton> well 10.10 has that kernel I mean
<sabgenton> I think
<RoyK> 10.10 has 2.6.35
<RoyK> but just upgrade the kernel
<RoyK> no reason to do a full upgrade
<sabgenton> yeah
<RoyK> LTS is far better for servers than non-LTS
<sabgenton> but upgrade to .2
<sabgenton> y?
<RoyK> sabgenton: yes - apt-get update && apt-get dist-upgrade && reboot
<RoyK> or perhaps install 2.6.35 before rebooting
<sabgenton> RoyK: what key reason do u see LTS as better
<sabgenton> just suport
<RoyK> sabgenton: it's far better supported - focus is on stability, not fancy features
<sabgenton> suport I don't really need but stability ..
<sabgenton> but then wifi dies anyway ..
<sabgenton> heh
<sabgenton> ok will try all of the above
<RoyK> sabgenton: apt-get update && apt-get install linux-image-2.6.35-23-server && apt-get dist-upgrade && reboot
<RoyK> that's your one-liner
<sabgenton> it's funey I don't see isos out onthe main download page
<sabgenton> if you click download it still gives u .1
<sabgenton> u missed out the infamous sudo
<sabgenton> :P
<RoyK> sabgenton: I was expecting you to be sudo -i'd in :P
<sabgenton> or sudo bash -c 'it'
<aliverius> i am building a print (among others) server with ubuntu
<aliverius> the system sees the printer and can print to it and all that is done from my desktop which can connect to the server to administer
<aliverius> now what i need is to make my desktop print through the server
<aliverius> Q: can i setup my server in a way that any client will discover the network printer?
<dlarmeir> ping google.com
<Odaym> i type "samba" and i get the following The program 'samba' is currently not installed.  You can install it by typing:sudo apt-get install samba4
<Odaym> but when i type "apt-cache policy samba" i getsamba:
<Odaym>   Installed: 2:3.5.4~dfsg-1ubuntu8.2
<Odaym>   Candidate: 2:3.5.4~dfsg-1ubuntu8.2
<Odaym> is it installed or not? :o
<smoser> zul, around ?
<uvirtbot> New bug: #717779 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/717779
<uvirtbot> New bug: #484734 in libnss-ldap (main) "User names searches are case insensitive; group membership lookups case sensitive" [Undecided,Fix released] https://launchpad.net/bugs/484734
<binaryhat> When I connect to my Virtual O/S (Windows 7) on my Ubuntu 10.10 server, the server completely looses power, hence turns off without warning
<qman__> Odaym, in samba 3, the program names are smbd and nmbd
<qman__> so, even though samba 3 is installed, there is no 'samba' command
<Odaym> oh
<Odaym> alright
<Odaym> so i DO have it?
<qman__> probably
<qman__> test with something like `sudo service smbd status`
<Odaym> running
<Odaym> :0
<Odaym> :)
<binaryhat> When I connect to my Virtual O/S (Windows 7) on my Ubuntu 10.10 server, the server completely looses power, hence turns off without warning
<binaryhat> im using kvm
<qman__> that's pretty strange
<qman__> sure your power supply is ok/powerful enough?
<binaryhat> 450w
<binaryhat> it has happened 3x
<qman__> what kind of hardware?
<binaryhat> asus mobo, amd cpu, 8gb ram
<qman__> also, you could use something like stress to determine if it's a kvm-specific issue or a load-related issue
<binaryhat> brb
<binaryhat> stress?
<qman__> yes
<qman__> it's a program that puts various loads on your machine for testing purposes
<binaryhat> not familiar w/ it
<qman__> e.g. `stress --cpu 8 --vm 8` starts 8 CPU-stressing threads and 8 memory-stressing threads
<binaryhat> ok
<binaryhat> ill chec it out
<binaryhat> bbl
<uvirtbot> New bug: #635703 in libvirt (main) "No sound from virtual machines" [Wishlist,Triaged] https://launchpad.net/bugs/635703
<binaryhat> qman__, u there?
<binaryhat> qman__, i did stress --cpu 8 --vm 8 and my server completely shutt off
<Odaym> so guys, "scp oday@Hive696:~/file1 ~/Music/" is copying file1 back to the same machine but in the Music directory
<Odaym> how do i copy from the machine that i'm connected to, to the machine that i am connecting from?
<thesheff17> Odaym: you can do scp root@server:~/bla/bla . the dot means pull to current dir.
<binaryhat> i did stress --cpu 8 --vm 8 and my server completely shutt off
<Odaym> no thesheff17, that copied the file back to the same machine
<binaryhat> what gives?
<thesheff17> Odaym: do you want to push or pull? maybe I'm confused on what you mean.
<Odaym> i am in an SSH connection from my server, i am connected to my client
<Odaym> i want to copy files from the client to the server
<Odaym> qman__
<Odaym> any idea?
<thesheff17> Odaym: to push files it would just be scp -r ~/files/ root@server:~/files/
<Odaym> ok thank you thesheff17
<Odaym> :)
<Odaym> and what about directories?
<zul> smoser: whats up?
<smoser> jjohansen above posted links to haryd kernel debs
<smoser> but there was no linux-modules in the list
<thesheff17> Odaym: scp -r will be recursive
<Odaym> ah ok
<smoser> do you know if he had source ? coudl we ppa build ?
<Odaym> so without -r, i can use it only for singular files
<thesheff17> Odaym: yea you could use * so scp ~/files/* root@server:~/files/
<thesheff17> that will just do files
<Odaym> aah true
<Odaym> true
<Odaym> let's say i am on SSH with my client
<Odaym> and i want to display a dialog box
<Odaym> on the screen of that machine
<Odaym> is there a default dialog box i can use?
<Odaym> not having to write java GUI i mean..
<thesheff17> Odaym: what do you mean default dialog box?
<thesheff17> it sounds like you want to remote control through vnc or freeNX https://help.ubuntu.com/community/FreeNX
<binaryhat> i did stress --cpu 8 --vm 8 and my server completely shuts off.  any ideas?
<thesheff17> binaryhat: anything in the logs? sounds like a hardware issue.
<binaryhat> everytime it shuts off im not sure if anything is logged
<thesheff17> binaryhat: maybe the power supply is faulty...not delivering enough power under load...is the machine fine when just idle?
<binaryhat> yes
<thesheff17> what kind of machine? server? can you check the bios or LILO card to make sure all the hardware is working correctly.
<binaryhat> the only resource intense thing i do is virtualization
<thesheff17> maybe do a mem test or hd test may help to start to rule out devices.
<binaryhat> server yes, home built newegg parts
<binaryhat> bios is fine
<thesheff17> binaryhat: I would start with the power supply or testing hardware with software from the manufacturer.
<binaryhat> its not fancy hardware
<binaryhat> http://www.stresslinux.org/sl/
<binaryhat> thesheff17, how should i test the psu?
<thesheff17> binaryhat: do you have another one to try?  If the machine powers off with a new one you know it isn't the power supply...this is one advantage to having a server bought from a specific company...usually there is allot more in site into failed hardware when it comes from hp, dell, etc.
<thesheff17> I don't know any way to specifically to test the power supply.
<binaryhat> hmm
<binaryhat> i dont think its the psu....maybe memory
<thesheff17> try memtest on the ubuntu cd
<binaryhat> ok
<binaryhat> the pc is only 30 days old
<qman__> binaryhat, that means your power supply is insufficient to power your computer under full load
<qman__> it's either not powerful enough or going bad
<qman__> Odaym, scp works like cp, source then destination
<qman__> scp user@sourcehost:/path/file user@destinationhost:/path/file
<binaryhat> my server completely shutoff during memtest!!!
<qman__> then the power supply is most likely bad
<binaryhat> arrrggh
<qman__> freezing would indicate bad memory
<qman__> but powering off is usually the power supply
<binaryhat> 450w thermaltak
<binaryhat> http://www.newegg.com/Product/Product.aspx?Item=N82E16817153138
<binaryhat> thats what i have
<binaryhat> barely 30 days
<binaryhat> suggestions on a psu?
<Odaym> haha
<binBASH> did you tell already what hardware you have? ;)
<Odaym> i tried to run a GUI java program while on an SSH client
<Odaym> wanted it to pop up there on that machine
<Odaym> says it cant
<Odaym>  no X11
<Odaym> how do i ..fix this
<Odaym> install X11 there? im sure it already has X11
<binaryhat> qman__, suggestions for a new psu
<qman__> binaryhat, it depends on what equipment you have, what your CPU is rated at, number of hard drives, etc
<binBASH> Odaym: ssh -X
<Odaym> doesnt work
<Odaym> says wrong parameter
<qman__> for a basic system, dual core, one drive, that's big enough and it's probably just bad
<qman__> but for a six-core with multiple drives, that's pushing it
<binaryhat> qman__, https://secure.newegg.com/WishList/MySavedWishDetail.aspx?ID=16522027
<qman__> says it's empty
<binaryhat> oops
<qman__> I buy budget power supplies based on customer ratings
<qman__> hundreds of five-star ratings is usually good
<qman__> for must-work builds, I get seasonic
<binaryhat> i have 5 hdds sata...
<binaryhat> 4 as raid
<uvirtbot> New bug: #717837 in openssh (main) "sshd fails to restart after /dev/null is changed to regular file" [Undecided,New] https://launchpad.net/bugs/717837
<qman__> what CPU?
<qman__> also, do you have a discrete graphics card?
<binaryhat> qman__, http://www.newegg.com/Product/Product.aspx?Item=N82E16819103687
<binaryhat> no http://www.newegg.com/Product/Product.aspx?Item=N82E16813131668
<qman__> without discrete graphics, 450w should be enough for that
<qman__> I'd try and return it on warranty
<qman__> oh, one more thing
<qman__> make sure your power button isn't faulty
<qman__> sometimes that happens
<binBASH> hdds should consome max. 160W
<qman__> turn on the computer, then disconnect the power button and see if it still shuts off
<binBASH> consume
<qman__> power supplies typically run optimal at 50% load
<qman__> so that's about right for your build
<binaryhat> power button isnt faulty im sure
<qman__> then the most likely case is the power supply is just bad, it happens
<qman__> I'd try swapping one from another computer to test
<qman__> it could also be a very specific problem with the motherboard
<binaryhat> i dont have a spare psu
<qman__> well, odds are about 20:1 power supply
<qman__> I'd return it
<qman__> get a replacement
<binaryhat> if i disconnect the power button  and  it still shuts off...means what?
<qman__> means that it isn't the power button
<binaryhat> and its the psu
<uvirtbot> New bug: #717166 in eucalyptus "Broken with v4 isc-dhcp-server in Natty" [Undecided,New] https://launchpad.net/bugs/717166
<uvirtbot> New bug: #717844 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/717844
<soren> smoser: The SIGPIPE thing is fixed now. I ended up fixing it in Plymouth. It'll be in the UEC images tonight.
<soren> smoser: plymouth 0.8.2-2ubuntu16 is the thing to look for.
<Adman65> how can I find out what directories are taking up the most space on my server?
<avis-> has anyone here used webfs httpd daemon ?
<lenios> avis-, why would you want to use webfs?
<Code_Bleu> Im trying to pxe install JeOS 10.10 and i get to the part to choose my archive and when i do, i get the following error: mirror does not support specified release (maverick).  Can someone help me figure out why this is happening?
<lenios> Code_Bleu, change the mirror?
<Code_Bleu> ive tried
<Code_Bleu> is there an alternative CD for server (JeOS) ?
<Code_Bleu> i tried doing the local http method and it still errors out.  I copied the server iso to my /var/www/<web dir> and have that in my ks.cfg file, but i still get an error that the mirror does not support specified release (maverick)
<RoAkSoAx> kirkland: ping?
#ubuntu-server 2011-02-13
<Joe______> Hi all, i really hate to ask for help, but i've been configuring my VPS to run as a nameserver, so i can run a small host for friends, i'm totally stuck, and i could use some help.
<shauno> got a box where klogd doesn't start.  it hangs at "Starting kernel log daemon...", showing klogd as a defunct process.  any clues where to start looking?
<gravity1187> hell anyone have any experience install kolab on ubuntu server 10.04
<t73net> Hey all. I'm looking for someone to help me troubleshoot some domain name issues using Webmin/Bind Dns Module. PM me for info please
<t73net> Anyone here? Or just all ghosting ?
<shauno> here, but haven't used webmin in 5+ years, so no use to you :)
<t73net> heh thanks for the reply at least
<jmarsden> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<notquitehappy> Can anyone assist me with setting up a server using vmware? I've been following a guide, but for some reason I haven't achieved the guide's results.
<notquitehappy> Why are there so many people, yet no one is willing to assist me?
<vice_virtue> Is there a way to get vmbuilder to output to a specific .qcow2 file?
<pickett>  hi, when i copy over the network I only get 600k/s with wireless n, if I change the connection to wireless g i get 2.4mb/s, anyone know why this would be?
<pickett> also when i copy from a windows comp over the network with wireless n i get 4.5-5.5mb/s
<pickett> and it doesn't matter if i'm using samba or sshfs to share files
<zkirill> Why is it good security practice to disable ssh login to root account?
<shauno> zkirill: watch your logs.  you'll see random attacks trying to guess passwords all day long.  It's really not worth letting them stumble on root's password.
<jmarsden> zkirill: That sounds like a security class homework question!  root is a fixed known username on every unix-like machine in the world, so dictionary attacks can use it and just try passwords.  If you disable it for ssh, then dictionary attackers have to guess both username and password to succeed.
<zkirill> Yeah, but I don't see the point if the root account is a gigantic alphanumeric + symbols password.
<zkirill> Although I do see the point in doing the standard hardening procedure thing.
<zkirill> shauno, jmarsden: thanks for the help
<shauno> if you're going to allow root, I (personally) think it's better to disallow passwords all-together, and stick to keys.  difficult passwords lower the chance, but don't eliminate the chances
<zkirill> shauno: well I don't think I am, I was just curious why it was 'de facto'. I'm guessing too many stupid sys admins set the root password to an English word and had it brute forced.
<zkirill> It just seems a little far fetched that someone can brute force a generated password.
<toddc> anyone able to guide me in 10.04.1 raid 1 insta
<toddc> intstall with grub workaround?
<shauno> zkirill: I think I stick to my initial observation; watch your logs.  the sheer number of attacks will make you paranoid :)
<zkirill> shauno: haha i will and thanks for the tip man :)
<versificator> morning, anyone here use ubuntu server with whole disk encryption?
<lenios> versificator, any question?
<ePierre> hi everybody
<kklimonda> hey, I'm working on a libevent2 transition - so far, I'm at the point when I'm trying to asses if it's even something that still can be done for natty. As 3 of 4 packages in main that depend on libevent are server ones I'd like to know if you know of reasons not to do that update. All packages from main did build, but I haven't yet tested them - if anyone knows of bugs, it would save me some
<kklimonda> time. :)
<kklimonda> the update bug is bug 701471, there is also a list of packages that depend on libevent, and a link to the ppa where I try to rebuild all packages with it.
<uvirtbot> Launchpad bug 701471 in libevent "Sync libevent 2.0.10 from Debian experimental" [Wishlist,Incomplete] https://launchpad.net/bugs/701471
<lmarino> Hi all, its my first time in irc
<gagarine> lmarino welcome
<lmarino> thanks
<lmarino> I am starting at Amazon EC2.
<lmarino> I've installed an email, lamp and dns server.
<lmarino> Know i am trying to install wordpress. Anybody knows how to do that. if i enter in localhost/wordpress it works fine.
<lmarino> but when i enter in the ip of the computer dont work
<nt93> hi, can you tell me why ubuntu server doesn't get a new ip, even the interfaces are auto
<Boring10> is your router setup to assign the same IP to the same computer?
<nt93> sorry i forgot to mention - i plug it into another network and it still has the old ip
<Boring10> Your router can be set to dhcp and still assign the same IP address.
<lmarino> The apache2 its working fine. i have received the msg its works
<geekbri> lmarino: are you trying to access it with your EC2 publicly accesible DNS name?
<nt93> does nobody have an idea?
<geekbri> nt93: why not just renew the ip?
<Boring10> @nt93 you never changed the network config file from dchp to static correct?
<nt93> geekbri: i want to use it without a screen, just with ssh
<nt93> Boring10: yes
<Boring10> nt93: try sudo dhclient- r then sudo dhclient
<nt93> yeah it gets a new ip but if i change the network again it still has the old ip
<nt93> i would do that over ssh but i dont think thats possible if that thing doesn't have the right ip
<Boring10> sounds to me like the router is setup to give the computer the same IP address.  You have any way to access the router?
<ChrisBuchholz> Hello, i have a user on my 10.04.1 server which when you ssh in to in verbose mode, outputs: "Read from remote host 12...30: Connection reset by peer \ Connection to 12...30 closed. \ \ \ debug1: Exit status -1". What can be the cause of that? I was messing with some permissions and ownership on the accounts home dir when afterwards it got messed up, though the permissions and ownership should be right - like i use on the other users a
<nt93> i have 2 different networks -> 2 different routers ;)
<Boring10> nt93: oh sorry misunderstood, I can't think of a reason why that would happen unless the network config file was changed.
<nt93> it's a fresh installation of ubuntu server
 * patdk-lap needs to learn how to read
<patdk-lap> 'it's a french install....'
<nt93> lol
<ChrisBuchholz> okay, i got it fixed now. It was just set the ownership back to what it was before
<nt93> any other ideas why this doesn't happen automatically?
<nt93> ok i just reboot it and it gets the right ip - it's a server it doesn't neet to change the ip 'on the fly'
<Boring10> I trying to look it up but I can't figure out why something like that would be happening 2 different networks.
<nt93> thanks for your help guys ;)
<nt93> yeah i don't get it too but it doesn't matter
<nt93> my idea of plug it into another network while that thing is running is also really pointless ;)
<uvirtbot> New bug: #394494 in beautifulsoup "Package falsly contains test scripts / misses docs" [Wishlist,Fix released] https://launchpad.net/bugs/394494
<uvirtbot> New bug: #478932 in beautifulsoup "python-beautifulsoup should have some docs" [Wishlist,Triaged] https://launchpad.net/bugs/478932
<yellabs-r2> hello there
<yellabs-r2> i am going to install ubuntu server , what is the best option, to use phpmyadmin or webmin ?
<patdk-lap> neither?
<yellabs-r2> hmm really ?
<patdk-lap> well, we can talk all day about stuff, but till we know the *goal*
<yellabs-r2> ah i see..
<yellabs-r2> i would like at first to try to install ubuntu server and then wordpress
<uvirtbot> New bug: #718318 in ethtool (main) "package ethtool 6-0 failed to install/upgrade: " [Undecided,New] https://launchpad.net/bugs/718318
<patdk-lap> I would stay away from webmin
<patdk-lap> could use phpmyadmin if you really want to, but make sure you secure it good
<yellabs-r2> what would be the recommended web interface for ubuntu server ?
<yellabs-r2> if needed
<patdk-lap> none
<yellabs-r2> okey , cool
<patdk-lap> webinterfaces will always get you into issues
<yellabs-r2> as you can tell i am new to all of this
<patdk-lap> and you will not have any clue what to do when that happens, other than reinstall
<patdk-lap> where if you start by editing configs yourself, you will know how to fix issues
<yellabs-r2> did do some reading,..
<yellabs-r2> i have tried two installs sofar
<yellabs-r2> third try right now
<qman__> AFAIK the preferred method of installing wordpress is `sudo apt-get install wordpress`
<yellabs-r2> i just did that
<yellabs-r2> now the trouble is, i cant acces wordpress admin..
<yellabs-r2> i see apache is running ( see the up page )
<yellabs-r2> so.. stuck there
<qman__> it should have asked you for any passwords during install
<qman__> mysql root password, etc
<qman__> I don't use wordpress myself, so I don't know the quirks of that particular application
<yellabs-r2> yes yes, thats setup
<yellabs-r2> true
<qman__> where is the admin page normally located?
<yellabs-r2> wp-admin
<uvirtbot> New bug: #718326 in clamav (main) "false positive" [Undecided,New] https://launchpad.net/bugs/718326
<qman__> apparently php5-gd is also recommended
<qman__> but that would only affect graphs and such being generated
<yellabs-r2> trying to find an how to...
<qman__> yeah, I don't see any
<qman__> I guess it's supposed to just work
<qman__> I found one for 6.06 but that's way old
<yellabs-r2> something is wrong in this ubunt server and wordpress
<yellabs-r2> reading this how to, see if it enlightens me..
<yellabs-r2> http://www.packtpub.com/article/ubuntu-server-and-wordpress-15-minutes-flat
<qman__> that will work, but that's a manual way of installing it
<qman__> you will have to update wordpress yourself
<yellabs-r2> hmm..
<yellabs-r2> strange
<yellabs-r2> i am in the phpmyadmin right now, so that works okey, i installed it to see whats wrong, or what could be wrong
<qman__> just FYI, phpmyadmin isn't really secure, and expects you to handle security some other way
<qman__> so I suggest you disable or restrict it once in production
<yellabs-r2> i will kick it out ( uninstall ) when i dont need it any more, just to see whats up..
<yellabs-r2> This MySQL server has been running for 0 days, 0 hours, 25 minutes and 54 seconds. It started up on Feb 13, 2011 at 07:37 PM.
<yellabs-r2> seems to be okey
<yellabs-r2> so thats not the issue
<RoyK> mysql sucks
<yellabs-r2> hehe
<yellabs-r2> i think my problem has to do with this http://wordpress.stackexchange.com/questions/2816/wordpress-package-configuration-in-ubuntu-server
<RoyK> lucid?
<yellabs-r2> maverick
<yellabs-r2> hmm, well..
<yellabs-r2> i am stuck there
<yellabs-r2> never mind i will try to sort it out later..
<yellabs-r2> or if all else fails, go for turnkey again , like the other servers we run, to bad though , i would have liked it to work out of the box..
<yellabs-r2> thanks for you time, might be back later with some better news ! :)
<yellabs-r2> take care and , again thanks for the help sofar  :)
<yellabs-r2> bye
<intel352> anyone here familiar with using Jailkit for chroot jails? I'd like to allow my users to change their own passwords while in their jail, but I'm not sure that would be possible...
<lirakis> hmmm
<lirakis> no matter what i do .. i cant get dhcp3-server to start on boot
<lirakis> it starts fine when i run /etc/init.d/dhcp3-server start
<lirakis> and i checked /etc/rc2.d/ and it is listed in there at S40....
<lirakis> but when i reboot the box ... it doesnt start up
<lirakis> any hints or help on this is appreciated
<lirakis> this is my first non chkconfig like environment
<nkv> Hi all.  I am testing a new cluster of VMWare servers that are SAN attached.  I've already run tiobench, bonnie++ and iozone.  Does anyone have any recommendations on a good burn-in benchmark suite to run?
<uvirtbot> New bug: #718404 in bacula (main) "Newer Version Available" [Undecided,New] https://launchpad.net/bugs/718404
<uvirtbot> New bug: #718410 in exim4 (main) "package exim4-config 4.71-3ubuntu1.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/718410
<uvirtbot> New bug: #718411 in exim4 (main) "package exim4-config 4.71-3ubuntu1.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/718411
<nimrod10> lirakis, look in /etc/default for additional settings for dhcp
<lirakis> nimrod10, already have my listen device set there
<lirakis> i figured out the problem
<lirakis> network manager starts after all other servis
<lirakis> and dhcp3-server requires an ip on the interface
<lirakis> so ... it breaks
<lirakis> i added the service up to my /etc/networking/interfaces script
<nimrod10> ah . you're running X , cool , at least you've figured the problem
<lirakis> so that it starts after the bridge gets setup
<lirakis> it works now
<lirakis> nimrod10, no .. not running X
<lirakis> its console only
<lirakis> the network manager ... whatever it is ... brings up the interfaces later on in the init process ... its not a function of the rc.d numbering either
<lirakis> im not sure how the underlyin networking stuff works with ubuntu
<nimrod10> cool . I thought you're on abou the gnome network-manager
<hggdh> JamesPage: I rebooted the hudson server (just in case) -- Hudson seems to have been hit by a OOM error
<smokesmoko> greetings
<smokesmoko> greetings to all in the name of the creator
<smokesmoko> just need a little help with ddns, I have setup bind9 on webmin and its working great, I can't seem to get clear instructions on ddns, i yelp help!
<smokesmoko> I'm new to DDNS, can someone help me?
<uvirtbot> New bug: #718454 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/718454
<airtonix> lirakis: my server uses network manager, bind and dhcp3-server and doesn't experience any problems
<awanti> Hi, I used ubuntu landscape, its very cool but when i saw the price ($150/node) its very hot. I thought its very of cost.
<awanti> So any body can tell me. How do i implement this without spending so much of money.
<airtonix> spending alot of time
<twb> You can't.  The landscape server side is proprietary software.
<Hellz_Bellz> Hello, I've just installed 8.04 on an old p3 and im trying to get an rtl8187 usb device and a pcm100 pcmcia working and so far its been a nogo even after modprobe -l -t /lib/modules
<twb> Hmm, isn't hardy EOLd in about six months?
<Pici> No.
<awanti> some where i read! if we are installed landscape server on our own place, then no need to pay yearly subscription chargers. Is this right?
<Hellz_Bellz> what is landscape?
<Pici> Hardy is supported for 3 years on the desktop and 5 years on servers.
<Hellz_Bellz> !landscape
<ubottu> Landscape makes the management and monitoring of Ubuntu systems simple and effective by combining world-class support with easy to use online management tools. https://landscape.canonical.com/
<twb> I'm thinking of dapper I think
<Hellz_Bellz> you can effectivley replace landscape with a competent admin
<Pici> twb: likely :)
<twb> Hellz_Bellz: that and a change management infrastructure, like puppet, cfengine, etc.
<Hellz_Bellz> !cfengine
<smokesmoko> Anyone knows how to setup DDNS?
<smokesmoko> DDNS server on webmin?
<qman__> !webmin | smokesmoko
<ubottu> smokesmoko: webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<nertil> grrr
<nertil> ebox is like webmin
<nertil> but ebox is pain to configure it
<nertil> causes problems with apache
<smokesmoko> ubottu: I'm using debian lenny, so its still working with no problem
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<qman__> it may work for you, but the point is, webmin is not supported here
<smokesmoko> qman__: any pointers where I can get more info?
<nertil> if u use ubuntu nope
<nertil> if u use gentoo or debian
<nertil> try their pages and channels
#ubuntu-server 2012-02-06
<Thermionix> yo, quick question - I setup 12.04 server alpha 2 the other day, and it has linux-image-3.2.0-12-generic instead of linux-image-server
<patdk-lap> yep
<Thermionix> is that meant to be?
<dravekx> I'm trying to setup a bash script to add user accounts. I think I'm doing it wrong. anyone give me a hand? http://pastebin.com/28VkfHNL
<twb> Thermionix: the latter probably depends on the former
<twb> dravekx: yes, that is wrong
<twb> Second line should be "adduser $i sftponly".
<dravekx> ah
<twb> You should have a set -e and a trap to report it, so that the script will abort on errors instead of carrying on regardless.
<twb> set -eEu; set -o pipefail; trap 'echo >&2 "$0: unknown error"' ERR
<twb> Line (4) should probably be an argument to the first adduser
<twb> Lines 6 through 8 should be an install(1) call, and line (5) should probably be recursive.
<twb> You should also ensure that e.g. PHP evaluation is disabled in such users' public_html dirs
<twb> Oh, and htaccess, although IIRC that is off in the default configuration for those dirs
<twb> Further discussion should be directed to #bash (for scripting) and #httpd (for apache httpd).
<dravekx> I need php in userdirs. they have php apps. :S
<twb> dravekx: they should probably have separate jails then
<twb> dravekx: talk to the #httpd people about best practice; my policy is simply "no PHP on my system at all"
<dravekx> they are jailed in the public_html folders.
<dravekx> k
<twb> dravekx: SSH is but not http, I expect
<twb> i.e. they write and upload a PHP program, that PHP program when run won't be jailed by the sshd_config
<dravekx> ah really? I didn't know that.
<dravekx> lots to learn then. lol.
<Thermionix> anyone think its worth setting up mcelog? running a c2d processor kernel 3.2 x64
<sectionme> Anyone know of an options for nfs exports to allow nesting of mounts on the server-side, eg. /exports/work/{project1,project2,project3} which say project2 is on a different mount point, currently it gets exported as the empty directory as if it wasn't mounted, nohide doesn't seem to solve the issue.
<renagadexx> I can't get a stupid damn subdomain to work with apache2. I've added virtual hosts to httpd.conf and I'm pretty sure the DNS is configured properly, but I keep getting 500 errors every time I go to the subdomain.
<renagadexx> Any ideas why?
<twb> Thermionix: IME no
<greppy> renagadexx: anything in the logs?
<renagadexx> yeah, want me to pastebin?
<renagadexx> greppy: Let me paste. It may have something to do with pywebsocket...
<cemc> hi. I have a 6core AMD Opteron server (HP DLXY G6), 16GB RAM. I've installed a 10.04.3 LTS 64bit on it, and then I installed a CentOS 6.2 64bit in a vm in KVM.
<cemc> I have a constant 0.2-0.3 load on the host, but the vm is not doing anything at all.
<cemc> http://pastebin.ubuntu.com/831053/ - this is the host, sorted by TIME column. that kvm is the only one running
<cemc> http://pastebin.ubuntu.com/831056/ - this is the vm, also sorted by TIME
<greppy> renagadexx: yeah, that's not apache that's having the problem, it looks like your python bits are the problem.
<cemc> is there anything I should know about or tweak maybe, to not get this load. I mean if I start multiple VMs and I'll have 1+ load while idle, that's no fun
<renagadexx> chill...I'll add handlers for the subdomain and see what happens!
<sectionme> cemc: what kind of disk are you using for your guest? img/cow/cow2/etc or lvm? I've noticed load on my hosts using img over lvm.
<cemc> sectionme: LVM
<cemc> sectionme: should there be this much load with the vm idling?
<sectionme> cemc: have you tried using kvm_stat?
<cemc> sectionme: nope, I'm trying it now, thanks. anything else?
<sectionme> cemc: could always try cloning your guest and starting that up also, see if theres an increase in load or if it remains the same on the host. I don't have any unloaded hosts here to try on myself, so can't help all that much more.
<cemc> sectionme: alright, thanks for the tips anyway
<sectionme> cemc: one thing that springs to mind is the kernel that the guest is running, eg. is it tickless? is it the eqiv. of -virtual?
<cemc> sectionme: I don't think so, it's the default centos 6.2 one. but the strange thing is, this same vm doesn't cause load on a centos 6.2 host with kvm
<cemc> sectionme: how can I check the tickless part?
<sectionme> cemc: that is a little strange, for the kernel config, it might be under /proc/config.gz depending on the kernel build.
<sectionme> cemc: Btw have you tried asking in #kvm? They _should_ know better :)
<renagadexx> greppy: well shit, mod python isn;t playing nice
<renagadexx> its comlaining there is no _path
<cemc> sectionme: I will, thanks!
<jasonmsp> hey all.. Im in the process of learning git and came up with a tutorial that is looking for gitk..  Since im sshd into the server I don't have a graphical interface, nor do I want to.  What is the alternative to gitk for a command line view?
<greppy> jasonmsp: just... git?
<sectionme> jasonmsp: http://stackoverflow.com/questions/1570535/guide-to-understanding-gitk explains some-what the commands gitk uses from git to display the information it does.
<jasonmsp> thx
<cemc> sectionme: seems like it was the usb/tablet 'hardware' I had enabled. after I removed it, load got back to 0.00
<Daviey> Buenos dÃ­as a todos
<lynxman> morning o/
<lynxman> Daviey: buenos dias seÃ±or
<jasonmsp> hey all.  Anyone know how to view what files will change before doing a git merge?  git diff remote/master seems to be showing the actual changes.  I just want to see what files will be changed.
<uvirtbot> New bug: #927540 in multipath-tools (main) "multipath ignores blacklist in multipath.conf" [Undecided,New] https://launchpad.net/bugs/927540
<uvirtbot> New bug: #925772 in php5 "UPDATE REQUEST: php53u 5.3.10 is available upstream" [Undecided,New] https://launchpad.net/bugs/925772
<jdstrand_> Psi-Jack: er apparmor documentation> have you seen https://wiki.ubuntu.com/AppArmor. it has links to man pages, server guides, upstream documentation and tutorials, etc
<pmatulis> Psi-Jack: so the problem is a lack of documentation?
<koolhead11> hi all
<sectionme> cemc: glad you got it sorted.
<cemc> sectionme: thanks for the help
<samba35> how  to search for .iso  file from some web server
<_ruben> samba35: try rephrasing your question as it does not make much sense
<samba35> ok
<samba35> if i want to download some iso file from abc server but i don't know location of url ,i want to search iso file and download it
<BigRedS> samba35: it depends on whether the server offers a means of searching. It's not a standard feature
<BigRedS> the web generally revolves around links for which the endpoints are known, it's not searchable like a filesystem
<samba35> ok
<_ruben> if said iso is linked from somewhere, google might have found it :)
<samba35> i tryed that
<samba35> filetype:iso
<SpamapS> jamespage: you around today?
<mechcozmo> hello, does anyone here have experience installing OpenCV?
<mechcozmo> I am trying to get the PHP face detection bindings to work, but every OpenCV guide has been broken or otherwise unhelpful
<smb> zul, I hate to ask but... is there a good reason for xen in precise being 4.1.2-2ubuntu1 but xen-common being 4.1.0~rc6-1ubuntu2? (I mean mainly the 4.1.<0> compared to <2> part, cause Debians version in testing is 4.1.2-1
<zul> smb: probably not...i can get that fixed right now
<smb> zul, Ok, i'd appreciate that before I start complaining about the xendomains script being broken... ;-P
<zul> :P
<zul> smb: uploaded
 * smb probably should save of his fixed version in case it is still broken...
<smb> zul, Ok, I'll wait for that and check again
<uvirtbot> New bug: #926468 in openssh (main) "Stopping ssh with a logged in user causes init to spin at 100%" [High,Fix released] https://launchpad.net/bugs/926468
<hallyn> SpamapS: there's an open bug for qemu-kvm, to have qemu-common Replace: qemu, which is only relevant for hardy2lucid upgrades.
<hallyn> i can just mark it fix released (without adding that replaces) and then sru it right?
<hallyn> (jfdi i say)
<SpamapS> hallyn: hm
<SpamapS> hallyn: bug #?
<SpamapS> hallyn: are you suggesting that its no longer an issue in the main distro? If so, then Invalid would be the appropriate status.
<SpamapS> hallyn: or if it literally already was fixed, then Fix Released
<hallyn> SpamapS: <shrug> it's not an issue since qemu is now a meta-package.  sure, invalid it is.  thx
<uvirtbot> New bug: #927705 in openvpn (main) "openvpn fail to start at boot" [Undecided,New] https://launchpad.net/bugs/927705
<cloudgeek> any irc for hosting
<cloudgeek> guys those using ubuntu server
<SpamapS> hallyn: right, the bug status on the main release is just to signal to us SRU people that the fix doesn't need working on in the dev release.
<EvilResistance> cloudgeek, i'm not sure i understand your question... what do you mean by "any irc for hosting"?
<SpamapS> cloudgeek: "hosting" is almost as broad as "the cloud"
<plm> people, I will buy a dell server.. R510, I I really not know id memeory single rank is so good than dual rank
<plm> 16GB RAM single rank is teh same price of 32GB RAM dual rank
<plm> what you think?
<SpamapS> hallyn: IMO, all hardy2lucid bugs are High importance.
<rbasak> smoser: instead of cache deny for squid.conf hitting an apt mirror, I'm using "refresh_pattern \/(Packages|Sources)(|\.bz2|\.gz)$ 0 0% 0;refresh_pattern \/Release(|\.gpg)$ 0 0% 0". It forces squid to check for updates every time, but it will still use the cache if the file hasn't changed. Seems to work and speed things up a bit.
<bthefirst> smoser: instead of cache deny for squid.conf hitting an apt mirror, I'm using "refresh_pattern \/(Packages|Sources)(|\.bz2|\.gz)$ 0 0% 0;refresh_pattern \/Release(|\.gpg)$ 0 0% 0". It forces squid to check for updates every time, but it will still use the cache if the file hasn't changed. Seems to work and speed things up a bit.
<rbasak> I would propose a change to orchestra, but not sure if that's worth doing right now.
<SpamapS> rbasak: lifeless pointed out that this will only work if all RRdns partners return the same Etag/etc.
<rbasak> they sync the mtime though, right? If they do, then it'll fail by refreshing, which is the same as a cache deny anyway.
<SpamapS> rbasak: thats basically the same as must-revalidate , if I understand must-revalidate
<rbasak> OK
<rbasak> I think I need to learn more about this
<SpamapS> rbasak: the mtimes will be the same once all mirrors are up to date, yes. But there are large multi-minute windows where they are not in sync.. which has been the frustration thus far
<rbasak> I think this needs to be sorted out - by modifying apt if needed. With all the automated installation that's going to be on (juju, cobbler, mass, etc) there needs to be a way to make this work flawlessly.
<smoser> rbasak, it is definitely worth fixing.
<smoser> (this is part of the reason i sent the pastebin)
<smoser> so that someone would say "thats stupid"
<smoser> hoping that that someone would be lifeless
<smoser> and he woudl say "this is how you should do it"
<SpamapS> "The workarounds are either must-revalidate (server side, works but only if all the round-robin mirrors are returning the same ETag and other metadata) or not caching the signed content.
<rbasak> well you're doing the same as orchestra-server which I think is sensible
<SpamapS> I believe cache deny matches the 'not caching the signed content'
<smoser> so what i might do for my proxy, is to pin to a single mirror
<SpamapS> smoser: is there any movement on producing an atomic apt-mirror?
<rbasak> Is there a bug on this? I'm thinking "apt-get and debootstrap should work flawlessly with http proxies against our mirrors"
<smoser> but SpamapS that is the least complicated of the issues.
<smoser> the larger issue is the multi-mirror inconsistent.
<smoser> clearly the single mirror inconsistent is REALLY BAD.
<patdk-wk> I personally had nothing but issues with squid and pkg caching
<patdk-wk> switched to apt-cacher-ng to fix it
<smoser> but that problem goes very much away after release, and SRUs taper off...
<jacobw> hello
<smoser> patdk-wk, well, i've seen issues in apt-cacher-ng too, under load.
<SpamapS> smoser: indeed, its basically in need of a 2-phase commit
<patdk-wk> smoser, ya, older apt-cacher-ng I had some issues too, haven't recently though
<SpamapS> smoser: build new mirror copy on all mirrors.. when they're all consistent, commit them all at once
<jacobw> wrt slapd on current lts, how can i find out what rootdn,rootpw,basedn etc the configure scripts have chosen for me?
<SpamapS> smoser: rsync --link-dest would work
<smoser> SpamapS, yeah. it is definitely improvable.
<SpamapS> For the client side.. all we can do is retry.
<smoser> but i do not know of anyone working on it.
<smoser> but for my proxy, i think i'll just pin squid to a single mirror
<smoser> and then use rbasak's suggestion to cache those if they're valid.
<SpamapS> smoser: I'd be reasonably happy with an option for apt-get like --retry-on-inconsistent-mirror
<jacobw> without searching for guessed tree structures name based on current hostname
<smoser> as a 'apt-get update' is like 22M now.
<lifeless> oh
<lifeless> someone should really file a bug (if they haven't) about squid rotating between round-robin hosts too much
<lifeless> or at least there being no knob
<rbasak> I don't think that's a bug
<rbasak> I think the bug is that apt+mirror system needs to not break when there's an http-compliant proxy cache in the middle
<lifeless> there are valid reasons to want slow rotation in the client
<lifeless> that is definitely something we(squid) should support tuning of
<rbasak> slow rotation would just reduce the error rate.
<rbasak> the real solution should result in a zero error rate
<lifeless> agreed; that requires either apt handling it (by retryign with a max-age 0
<lifeless> or a different disk format
<lifeless> because this error is intrinsic and can happen with no caching present at all
<rbasak> Am I right in understand that the only intrinsic problem here is if the Release and Packages files don't match, because they conceptually update atomically but we see a skew?
<smoser> yeah. so no matter what, apt shoudl support retrying
<smoser> as "Read Release", "Read Packages" is going to result in out of sync at some point
<smoser> with increased likelyhood over a slower connection
<smoser> but i think that might be getting fixed...
<smoser> by putting the Release and the Packages in the same file ? or something to that extent in apt.
<SpamapS> Perhaps the answer long term is that Packages* should be versioned
<SpamapS> Release would point to the current version of Packages
<smoser> yeah, joining them doesn't really help.
<SpamapS> seems like this would be an easy, backward compatible fix
<SpamapS> Release can grow some new bits that don't interfere w/ old versions of apt reading it.
<SpamapS> The Packages file can still be updated as a link to the latest version
<SpamapS> but new versions of apt will grab the latest versioned Packages file.
<lifeless> rbasak: no, thats one of the intrinsic issues
<lifeless> rbasak: there are three;
<lifeless> a) Foo and Foo.gpg having skew
<rbasak> thanks
 * rbasak is filing a bug on this
<smoser> rbasak, i'm filing squid bug
<lifeless> b) chained signed-by-hashes having skew (Release->Packages, Packages->other)
<rbasak> I was filing an apt bug
<adam_g> rbasak: ping
<adam_g> er
<smoser> we have a open RT for canonical IS regarding "mirrors sometimes/often inconsistent"
<adam_g> roaksoax: ping
<smoser> rbasak, but please file a "apt should support retry" or something.
<lifeless> c) garbage collection occuring during slow clients (a special case of b, where the referenced file is a .deb)
<lifeless> there are bugs filed
<lifeless> no need to file dupes
<rbasak> what are the bugs numbers, please? I couldn't find any.
<lifeless> bug 24234 bug 33505
<uvirtbot> Launchpad bug 24234 in apt "apt-get update failing with bad signature. (dup-of: 24061)" [High,Confirmed] https://launchpad.net/bugs/24234
<uvirtbot> Launchpad bug 24061 in apt "GPG error with apt-get/aptitude/update-manager behind proxy (BADSIG 40976EAF437D05B5)" [High,In progress] https://launchpad.net/bugs/24061
<uvirtbot> Launchpad bug 33505 in apt "BADSIG errors using transparent http proxies" [High,Fix released] https://launchpad.net/bugs/33505
<rbasak> Fix released?
<smoser> https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/927744
<uvirtbot> Launchpad bug 927744 in squid3 "rotate around round robin hosts is not configurable" [Undecided,New]
<lifeless> I haven't checked the change that was made, so can't comment on the appropriateness
<lifeless> the IS response to these issues is (reasonably so) to try and mitigate as much as possible
<lifeless> the root cause is the apt disk format; a tolerable workaround can be done by apt-get itself in principle (but with limited success as some intercepting (aka transparent) proxies do not honour cache-busting requests.
<smoser> rbasak, for my proxy, i'll just update /etc/hosts and pin squid to one mirror.
<lifeless> I have to go, baby needs me
<smoser> can you give me a suggested squid.conf given that ?
<smoser> for reference, the original is at http://paste.ubuntu.com/831432/
<Pici> 58
<rbasak> smoser: OK, I reckon then http://paste.ubuntu.com/831618/
<lifeless> smoser: just putting the host that apt is using in the hosts file should be enough
<smoser> lifeless, right.
<smoser> but then i want to have it cache, and currently it denies all of those.
<lifeless> for the refresh pattern thing; mm, I'm not sure it will dtrt, but I can't dig into it now. syntax error on that alt config btw - RELEASE isn't defined
<lifeless> give it a go, your test bed should show it up fairly quickly
<rbasak> smoser: oops, remove line 47
<smoser> rbasak, so it would seem that deny is no better than your solution for orchestra, right?
<smoser> and we might as well have yours.
<uvirtbot> New bug: #927744 in squid3 (main) "rotate around round robin hosts is not configurable" [Undecided,New] https://launchpad.net/bugs/927744
<smoser> err.. deny is definitely worse (caches less) and does  not improve or worsen the inconsistent issue
<rbasak> smoser: I believe so, yes. But without a /etc/hosts pin, I was still getting mirror errors, so I didn't propose a change.
<smoser> rbasak, well, there are still 2 issues..
<smoser> a.) host actually inconsistent (non-atomic update)
<smoser> b.) apt general issue even in perfectly atomic archive update
<smoser> but you were probably hitting 'a'
<rbasak> Yes, I think so
<smoser> which does happen, and i had a script running, and saw that number to be 1 or 2 % of my attempts
<smoser> on precise
<smoser> something on that order... way too high. but it largely goes away after release (when archive is less active)
<smoser> so we should prpose the change.
<rbasak> So in the automated testing I've been doing, since Thursday night, I've had: 923 successful installs, two unknown (timeouts), 1 kernel oops, 26 debootstrap failures, 19 other what I think are mirror failures, 3 kernel panics, and 67 of another type of what I think are mirror failures.
<rbasak> So ignoring the other problems, I believe I have a 4% installation failure rate due to some kind of mirror skew.
<rbasak> That's using my proposed squid.conf, though no pinning of mirror on my squid host (which I've just added)
<smoser> rbasak, https://bugs.launchpad.net/ubuntu/+source/orchestra/+bug/927750
<uvirtbot> Launchpad bug 927750 in orchestra "orchestra squid config should not deny apt packages" [Undecided,New]
<smoser> rbasak, if you pinn, you will really decrease your failure rate on apt
<smoser> and if you pin to one of the "new mirrors" you'll further decrease
<rbasak> smoser: I'm just restarting my statistics. I'll let you know :-)
<smoser> (ie, older mirrors just slower hardware and rsync slower)
<rbasak> Which is a "new mirror"?
<smoser> i dont know. .
<smoser> :)
<smoser> i think actually, they may have removed those recently.
<smoser> but from  bad memory, i might suggest not selecting
<smoser>  31.88.189.91.in-addr.arpa domain name pointer leningradskaya.canonical.com.
<smoser> and instead, pick one of them that is in http://paste.ubuntu.com/831636/ multiple times.
<smoser> i picked cursa
<Vexiant> https://help.ubuntu.com/10.04/serverguide/C/dns-configuration.html#dns-caching-configuration
<Vexiant> I need help with the DNS caching part
<Vexiant> can anyone help me?
<rbasak> smoser: thanks, I'll also use cursa for consistency in case we have issues later
<rbasak> smoser: interestingly cursa is one after ports of which there is only one
<rbasak> Actually, that's a point. I've been using ports, of course, so I shouldn't been having the hitting two different mirrors problem at all.
<smoser> hm..
<smoser> i dont know.
<smoser> maybe the ports are just slower ?
<smoser> maybe that host is slow and thus open more so to single-inconsistency issues.
<acidflash> hi everyone
<acidflash> ping: sendmsg: Operation not permitted <-- i am getting this message occasionally, i have googled it, but i dont have ipmasq or anything in iptables which might cause that problem
<acidflash> it is happening when i get really high loads on my network card (ie: about 10,000 packets @ 70 Mb)
<sectionme> acidflash: sounds like your trying to do something that requires root, eg. ping -f
<acidflash> any ideas or suggestions?
<acidflash> i am logged in as root sectionme
 * sectionme srugs sholders
<cwillu_at_work> acidflash, I'm going to go with "prove it" :p
<Vexiant> <Vexiant> https://help.ubuntu.com/10.04/serverguide/C/dns-configuration.html#dns-caching-configuration
<Vexiant> * ahasenack (~andreas@200.146.81.216.dynamic.adsl.gvt.net.br) has joined #ubuntu-server
<Vexiant> <Vexiant> I need help with the DNS caching part
<Vexiant> <Vexiant> can anyone help me?
<acidflash> cwillu_at_work: im not sure what you mean ?
<cwillu_at_work> acidflash, as a general rule of troubleshooting, when somebody tells you "I'm pretty sure", you shouldn't be surprised if the opposite ends up being the case
<cwillu_at_work> that said
<cwillu_at_work> I'm apparently incapable of reading english today
<cwillu_at_work> could have swore that "<acidflash> i am logged in as root sectionme" was "<acidflash> i am logged in as root sometimes"
<acidflash> cwillu_at_work: hehe :)
<cwillu_at_work> acidflash, can you provide the exact command line you're using, and any other relevant details? :p
<acidflash> sure
<acidflash> ubuntu 10.04
<acidflash> ubuntu-server*
<acidflash> i am using this as a caching server
<acidflash> 10.04 -> one of the network cards is a gigabit pci-express card
<acidflash> there is about 10K Packets @ about 70 Mb traffic
<acidflash> iptables is just redirecting any incoming connection to port 3128
<acidflash> nothing else running except openssh and the server software
<cwillu_at_work> can you provide the exact command line you're using,
<acidflash> yes
<acidflash> ping xx.xx.xx.xx
<acidflash> :)
 * cwillu_at_work is unimpressed
<acidflash> no switches or parameters
<acidflash> will occasionally go from <1 to 1.x ms
<acidflash> and then it will give: ping: sendmsg: Operation not permitted
<acidflash> for a few times, then it works again
<cwillu_at_work> are you pinging an ip or a hostname?
<cwillu_at_work> and is it ipv4 or v6?
<acidflash> ipv4
<acidflash> and its an ip
<cwillu_at_work> what do you mean precisely by "iptables is redirecting any incoming connection to port 3128"?
<acidflash> i can show you
<acidflash> 1 min
<acidflash> /sbin/iptables -I PREROUTING -t nat -p tcp --dport 80 -i ${local} -j REDIRECT --to 3128
<acidflash> /sbin/iptables -A PREROUTING -t nat -j MASQUERADE
<cwillu_at_work> acidflash, pastebin is good
<acidflash> sorry,
<acidflash> your right
<cwillu_at_work> (for one thing, it allows me to continue to see these things after they've scrolled off the top)
<acidflash> okie yes
<cwillu_at_work> acidflash, can you pastebin the output of iptables --list-rules?
<acidflash> http://pastebin.com/CQ9kA6BF
<acidflash> yes
<acidflash> http://pastebin.com/pfWEVcPf
<cwillu_at_work> acidflash, iptables --list is as empty?
<acidflash> http://pastebin.com/rUquhzhi
<roaksoax> smoser: bug #927750 IIRC, doing so created cache errors
<uvirtbot> Launchpad bug 927750 in orchestra "orchestra squid config should not deny apt packages" [Undecided,New] https://launchpad.net/bugs/927750
<cwillu_at_work> acidflash, and what address are you pinging?
<acidflash> my gateway
<cwillu_at_work> loopback?  address of the machine?  other machine on the same segment?
<cwillu_at_work> k
<smoser> roaksoax, there are caching errors, but it seemed to those present here in that discussion that they would not be worsened by this.
<smoser> hm...
<cwillu_at_work> acidflash, sorry, my iptables is rusty
<zul> adam_g: just as a heads up ill be merging some of the debian keystone changes (dbconfig changes mostly) this week
<acidflash> its ok
<cwillu_at_work> acidflash, can you do iptables --list-rules -t nat
<cwillu_at_work> (important -t there :p
<cwillu_at_work> acidflash, and on a similar note, does it work before you add those rules?
<adam_g> zul: cool
<acidflash> it worked fine before and after, the only thing that increased was the traffic
<acidflash> it wasnt that much before
<acidflash> about 5-6K packes
<acidflash> packets
<acidflash> http://pastebin.com/F5jYwLhv
<roaksoax> smoser: right, but caching those files kinda broke the cache various times IIRC, forcing us to clear the cache, and restart squid
<smoser> right.
<smoser> yeah.
<smoser> that sucks.
<smoser> so you just cache a broken state, which is not good.
<roaksoax> exaclty
<smoser> but it still should resolve itself as the etag shoudl only go forward
<smoser> so you'd just be stuck until the mirrors were in a consistent state.
<smoser> dpm
<smoser> s/dpm//
<smoser> don't you think?
<roaksoax> smoser:  yeah, which caused some of the problems we experienced before
<smoser> roaksoax, but only sort of.
<rbasak> Yeah, I think it'll be fine unless the mtime appears to go backwards
<smoser> because if you're saying "not caching anything made it better"
<smoser> that simply can't be true
<roaksoax> smoser: i'm not aggains commiting your fix, but rather, ifproblems show back again, then we can simply revert changes
<smoser> hm..
<smoser> yeah.
<smoser> yeah.
<smoser> there are lots of issues at play here.
<roaksoax> indeed
<smoser> and unfortunately it doens't look like they're all going to be fixed at once
<smoser> (or even by 12.04 release)
<rbasak> roaksoax: by default, squid will cache a file for some period of time before checking to see if it has been updated upstream. It sounds like this is what was biting you. So you can either set squid never to cache the file, or to check it against the mirror every time. This change will make it check against the mirror every time. I'm not sure there is a situation where the check will return that the cached file can be served even though a newer one
<rbasak>  is available on the mirror, and if this is true then this change is safe.
<cwillu_at_work> acidflash, double check that ipmasq isn't installed?
<cwillu_at_work> (or rather, the binary isn't there)
<cwillu_at_work> acidflash, can you post lspci?
<acidflash> yes
<acidflash> http://pastebin.com/ZT3TdVyB
<cwillu_at_work> acidflash, http://lists.danga.com/pipermail/memcached/2006-September/002726.html seems to show the same symptoms, but there's no resolution there, or any real details beyond the "ping fails under load" thing
<cwillu_at_work> acidflash, and which interface is the one where things stop working?
<cwillu_at_work> the realtek or the marvell?
<acidflash> via gigabit pci-x
<acidflash> ahh i dont see it in the list
<acidflash> let me find it, 1 min
<cloudgeek> any webshoter here
<acidflash> yeah its the realtek
<roaksoax> rbasak: sure, I don't really mind merging the fix, what I'm saying is that if I come accross the nasty issues seen during the oneiric cycle, it will be merged back to original
<cwillu_at_work> acidflash, what's the current value of /proc/sys/net/ipv4/ip_conntrack_max, if you have such a key?
<acidflash> i dont, but i can show you if you want my sysctl parameters
<rbasak> ok, fair enough
<cwillu_at_work> acidflash, just cat /proc/sys/net/ipv4/ip_conntrack_max
<acidflash> they are injust to the system
<acidflash> ok
<roaksoax> rbasak: cool then ;)
<acidflash> no such file or directory
<cwillu_at_work> acidflash, mind pastebinning the output of dmesg?
<acidflash> sure
<cwillu_at_work> (note that this may include your ip address :p)
<acidflash> cwillu_at_work: no problem, anything specific you want to see in dmesg or do you just want me to do a straight forward dmesg?
<cwillu_at_work> whole thing please
<cwillu_at_work> I'm just on a fishing expedition at the moment
<acidflash> okie
<acidflash> just a moment pastebin is under heavy load at the momeny, pastebinit cant create a link
<acidflash> http://pastebin.com/F55DnnS3
<cwillu_at_work> acidflash, I think we have a winner
<cwillu_at_work> nf_conntrack: table full, dropping packet
<acidflash> cwillu_at_work: okie, kernel overload you think ?
<kerframil> just as an aside, that path might not be right (in recent kernels anyway). sysctl -n net.netfilter.nf_conntrack_max should be reliable.
<cwillu_at_work> kerframil, thanks
<cwillu_at_work> acidflash, ^^
<acidflash> aha, so its the kernel not the card dropping the packets?
<cwillu_at_work> what does sysctl -n net.netfilter.nf_conntrack_max  say?
<acidflash> 65536
<cwillu_at_work> and net.netfilter.nf_conntrack_count?
<acidflash> 65502
<kerframil> ouch
<acidflash> i think im starting to understand why
<acidflash> thats the maximum amount of open tcp sessions ?
<cwillu_at_work> acidflash, what sort of load is on the machine?
<acidflash> and how much i currently hoave?
<kerframil> acidflash: that can be handled by the connection tracking system in netfilter (not just tcp either)
<acidflash> its a caching server serving around 5000 users
<acidflash> caching proxy
<cwillu_at_work> acidflash, yes, although I think it's actually "things that it's tracking", not necessarily just tcp
<acidflash> mm
<acidflash> okie can i increase the conntrack_max number in sysctl?
<acidflash> or is that not recommended
<kerframil> acidflash: yes. see also /etc/sysctl.conf.
<acidflash> okie i thought so
<kerframil> acidflash: acidflash: if you actually need connection tracking, just increase the limit and keep an eye on the count in future. you can also use the 'RAW' table in netfilter to except some connections from connection tracking (I do this for traffic to and from LAN subnets, not being forwarded).
<kerframil> oops, sorry for double nick
<acidflash> kerframil: the second option sounds like something worth reading about, can you point me somewhere ?
<acidflash> and yes i am going to see the value in sysctl to something larger
<kerframil> acidflash: googling will turn up some stuff, as will the man page. I can give you a direct example.
<acidflash> okie, ill do
<kerframil> http://dpaste.com/698479/
<acidflash> i think i am going to set that conntrack_max to about 200,000
<kerframil> in my case, $local_net contains "10.0.0.0/16". the important thing is never to use this trick for packets being forwarded - otherwise you can end up in hot water.
<kerframil> that's why -s and -d are the same there
<acidflash> aha
<kerframil> as for conntrack_max, please use a power of 2. if you increase it to something significant (like I do), consider changing the bucket size. moment.
<acidflash> kerframil: okie, but apparently it cant be set in the sysctl.conf
<acidflash> couldnt be in 2007, not sure about now though, im reading
<kerframil> acidflash: conntrack_max?
<acidflash> yes
<acidflash> no it seems you can
<acidflash> i think that article is just old
<kerframil> acidflash: http://rackerhacker.com/2008/01/24/ip_conntrack-table-full-dropping-packet/#comment-15409
<acidflash> yah i was reading that :D
<kerframil> acidflash: very good comment there
<kerframil> acidflash: I have conntrack max at 2^21 (2 million) and have changed the hashsize to maintain a bucket depth of 4
<acidflash> kerframil: thats a great article thanks alot for the help..
<acidflash> I am going to read it and make some changes
<acidflash> if i have any more problems, ill be back, but in the mean time thanks a lot for your help guys
<kerframil> acidflash: also worth bearing mind is that the default period for a TCP connection being reaped within conntrack is a week
<kerframil> acidflash: net.netfilter.nf_conntrack_tcp_timeout_established
<acidflash> kerframil: my software normally times out after 60 seconds, do you think i should set it in sysctl as well?
<kerframil> acidflash: I would say that's far too short. this determines after which time conntrack considers a TCP connection as dead after it has been established but where it is inactive (no traffic seen)
<kerframil> acidflash: I use 24 hours, if you want a benchmark
<kerframil> the being established part is obviously done through the initial SYN and the three way handshake. but, in my case, I don't want inactive connections to clog up the table for a whole week.
<RoyK> can some smart-guy out there explain to me where the libpng.so binary file may reside? http://paste.ubuntu.com/831720/
<pmatulis> RoyK: you want to find the file on your filesystem?
<koolhead17> netsplit
<JanC> RoyK: what ubuntu version?
<JanC> if you are using 11.10, it's probably located in /lib/x86_64-linux-gnu/libpng12.so.0.46.0
<JanC> if you are looking for the real file and not the symlinks used for compatibility
<uvirtbot> New bug: #927805 in cloud-init (main) "t1.micro instance defect after dist-upgrade" [Undecided,New] https://launchpad.net/bugs/927805
<uvirtbot> New bug: #927808 in nova (main) "nova-compute fails to attach volumes: FileNotFound: File /etc/iscsi/initiatorname.iscsi could not be found." [Undecided,New] https://launchpad.net/bugs/927808
<RoyK> JanC: lucid - it was under /lib
 * RoyK wonders wtf such libs are placed under /lib and not /usr/lib
<SpamapS> RoyK: because the boot splash uses it
<RoyK> ah
<JanC> RoyK: right, lucid didn't have multiarch yet  âº
<RoyK> nope, it doesn't
<RoyK> but I don't use anything non-lts for servers...
<JanC> 12.04 LTS will have multiarch
<RoyK> yeah
<JanC> which is very cool  âº
<RoyK> so I guess I'll move to that when 12.04.1 is released
<RoyK> (which is, IIRC, the default upgrade path)
<JanC> AFAIK it is
<RoyK> perhaps upgrade the compute nodes first - some of those scientists are rather greedy on new versions...
<JanC> RoyK: if new versions improve compute time significantly, I can understand
<RoyK> not really, but they come with new versions of scipy/numpy
<JanC> although in most cases improving algorithms is likely to help a lot more
<JanC> well, I guess upgrading those on an LTS should be possible too (maybe providing them through -backports)
<RoyK> JanC: or, as we do, compile them in a separate tree and just use whatever versions needed
<JanC> right
<JanC> although having them available in some repository would be nice
<JanC> provided scientist organisations want to cooperate on that...   :P
<RoyK> not really, better keep a baseline for most and let those in desperate need for the latest and hottest and hippest compile their own in a shared folder somewhere
<RoyK> there's a "scientific linux", which should be rather well updated, but, being redhat-based, I don't want to touch it
<_johnny> hi. any gdb users? i used to have a cmd which gdb would evaluate every time it breaks. like "x/s $eax" and such. i can't see *watch doing this. am i making this up, or? :)
<hallyn> Daviey: for adding a (lxc) section to ubuntu server guide.  there is no 12.04 server guide yet.  is there a staging area for it?  Or should i start with a basic (oneiric-relevant) section in the 11.10 server guide, and just wait to add the precise bits?
<skyler_> Hi, does anyone know how to raise the virtual memory limit?
<SpamapS> skyler_: what do you mean by "the virtual memory limit" ?
<skyler_> When I try to compile anything, I get: "virtual memory exhausted: Cannot allocate memory"
<skyler_> so (as suggested by google) I ran ulimit -v 20000
<skyler_> and now I can't even run ls
<skyler_> and I can't raise the limit back to what it was
<Vexiant> I need help
<Vexiant> https://help.ubuntu.com/10.04/serverguide/C/dns-configuration.html#dns-caching-configuration
<Vexiant> "The default configuration is setup to act as a caching server. All that is required is simply adding the IP Addresses of your ISP's DNS servers. Simply uncomment and edit the following in /etc/bind/named.conf.options:"
<Vexiant> can someone help me?
<Daviey> hallyn: can i answer that tomorrow?  I need to check in the docs team (and other matters.)
<adam_g> roaksoax: pign
<hallyn> stgraber: now, emitting the net-device-up for lo in lxcguest for oneiric+precise won't hurt anything right?  ( seems not worth checking the container release before emitting)
<hallyn> (re bug 924337)
<uvirtbot> Launchpad bug 924337 in lxc "lxc on precise is not working with lucid containers (container does not reach runlevel 2)" [High,Fix released] https://launchpad.net/bugs/924337
<stgraber> hallyn: should be safe indeed
<hallyn> thx
<roaksoax> adam_g: pong
<Vexiant> I see that everyone else can get help other than me
<hallyn> hm, i suppose lp:~serge-hallyn/+junk/lxc-test could be turned into a lxctest package residing in lxc source pkg....
<hallyn> (not today)
<adam_g> roaksoax: is there any way to limit the number of concurrent requests cobbler makes to power management?
<adam_g> roaksoax: for whatever reason, that CDU in the CI lab is slowing down and requests sometimes get lost if the CDU is busy handling 5 other calls
<roaksoax> adam_g: i don't think there's a way to do that in cobbler
<roaksoax> adam_g: maybe, the CDU's configuration provides a way to control concurrent requests for that matter
<hallyn> jodh: /etc/init/lxcmount.conf currently emits 'mounted MOUNTPOINT=/run'.  (will stop soon).  but it doesn't have an 'emits mounted' at top.  What will go wrong?
<adam_g> roaksoax: couldn't find anything. might create some little daemon to queue and dispatch requests accordingly, cobbler can just call that instead
<roaksoax> adam_g: maybe that would be a good improvement within cobbler
<roaksoax> s/within/for
<adam_g> roaksoax: or the fence agents libraries
<JanC> hallyn: "emits ..." is only documentation, so nothing should go wrong?
<JanC> (or did I miss something)
<roaksoax> adam_g: or that too, but maybe, could it be a bug within the cdu agent itself? maybe it its not correctly closing the connections to the cdu
 * roaksoax brb
<adam_g> roaksoax: thats all handled by the fencing.py library (which is a bit of a mess, IMHO)
<hallyn> JanC: thanks, that's what i was wondering.
<hallyn> esp whether some automated tools might miss out on possible event paths...
<JanC> hallyn: there might be automated tools depending on this documentation of course, but not in default Ubuntu AFAIK
<JanC> I mean, everybody can write a script depending on that without knowing it's not mandatory
<roaksoax> adam_g: most likely lol!
<hallyn> naturally :)
<hallyn> stgraber: do you see any issue with http://people.canonical.com/~serge/lxc_0.7.5-3ubuntu18.dsc?  (It seemed best to add the emit to a new 'start' section rather than the pre-start script...)
<hallyn> oops
<hallyn> meant http://people.canonical.com/~serge/lxc.debdiff
<stgraber> hallyn: hmm, this looks wrong, different code path as what we have starting with oneiric/precise
<stgraber> hallyn: you should either do "ifup --allow auto lo" or emit net-device-added
<uvirtbot> New bug: #927863 in lxc (main) "container reboot patch broke clean lxc-execute exits" [Medium,Confirmed] https://launchpad.net/bugs/927863
<stgraber> hallyn: emitting net-device-up bypasses ifupdown and all the scripts in /etc/network/* which doesn't seem right
<stgraber> hallyn: "initctl emit net-device-added INTERFACE=lo" should give you the same thing as you'd get from udev on a regular system
<hallyn> hm, ok, yeah.  i think that's what i originally did during natty cycle.  thanks.
<hallyn> stgraber: you think i should do -n there?
<hallyn> probably not.
<stgraber> hallyn: I'd recommend the -n otherwise you'll end up stuck there until the whole list of dependencies has been processed and all these jobs are started
<stgraber> which in this case, should only be network-interface.conf but well, probably still a good idea
<hallyn> notes that lxcmount.conf doesn't do -n.  i suppose i shoudl add it?
<uvirtbot> New bug: #927883 in lxc (main) "lxc-execute fails due to missing /dev/shm" [High,Confirmed] https://launchpad.net/bugs/927883
<uvirtbot> New bug: #927887 in rabbitmq-server (main) "package rabbitmq-server 2.6.1-1ubuntu4 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/927887
<kirkland> jcastro: ping
<mgw> pong
<mgw> oh sorry, didn't see jcastro part
<mgw> :-)
<StrangeCharm> I backed up my secring, exported my primary key (& its subkeys) to a file, then made changes to the subkeys. I deleted some of my encryption subkeys, but not to worry, because I have backups! However, I seem get GPG to re-import the sub-keys. When import the key file, it's all like "Oh, I already have that master key, so I don't need to worry about its subkeys." I want those subkeys back in my main key, how do I fix it?
<hallyn> stgraber: any complaints from you if I switch lxc over to upstart?
<hallyn> We might end up missing new features in Debian as a result...
<hallyn> man apt-cacher-ng is really messed up
<stgraber> hallyn: no complaint, just make sure the start condition works for most use cases (at least wait for local-filesystems, possibly for more)
<hallyn> stgraber: i'd probably do "start on (runlevel [2345] and stopped networking RESULT=ok)" like libvirt does
<hallyn> which, actually, i thought i changed that in libvirt
<chelz> does anyone or has anyone heard of various runlevels actually being used?
<hallyn> thought that had been set to 'static-network-up'
<stgraber> hallyn: RESULT=ok for networking is risky
<stgraber> hallyn: networking is meant as a fallback for interfaces that can't be brought up by events, so someone making a typo in some of these interfaces would prevent your job from starting ...
#ubuntu-server 2012-02-07
<methods> is there any good resources on installing newer mysql server ?
<EvilResistance> methods, define "installing newer mysql server"
<methods> >=5.5.3
<EvilResistance> which version of mysqld (mysql daemon aka mysql server) do yo uwant to install?
<EvilResistance> methods, unless its in sid or already packaged, you might have to compile/install from source
<EvilResistance> lemme check debian sid
<methods> sid ?
<EvilResistance> Debian Sid
<methods> well .. mysql download page offers debian downloads
<methods> but the package names aren't the same and stuff so I know that might cause issues where apt-get'ing something may require mysql-server to be installed which clobbers my setup
<methods> http://www.mysql.com/downloads/mysql/#downloads
<EvilResistance> i know the page
<EvilResistance> i'm reading atm
<EvilResistance> methods: if you can wait to precise, there's a mysql-server-5.5 you can install
<methods> precise ??
<EvilResistance> but it doesnt seem to be fully tested
<EvilResistance> holy god, you arent aware of release names are you?
<EvilResistance> !precise
<ubottu> Ubuntu 12.04 LTS (Precise Pangolin) will be the sixteenth release of Ubuntu. Codename announcement here: http://www.markshuttleworth.com/archives/784 - Blueprints at https://blueprints.launchpad.net/ubuntu/precise - Discussion and support in #ubuntu+1
<EvilResistance> you should learn version numbers vs. codenames
<methods> code names are kind of annoying rather just have versions
<EvilResistance> Lucid is 10.04, Maverick = 10.10, Natty = 11.04, Oneiric = 12.04
<methods> but honestly i just upgrade my desktop whenever i don't care really to remember
<EvilResistance> well in Debian, codenames need to be known anyways
<EvilResistance> because Debian 6 is denoted as 'squeeze' in the sources.list entries :P
<methods> well I'm on amazon anyway and they are behind
<EvilResistance> sid = unstable
<EvilResistance> etc.
<EvilResistance> oh you didnt mention this was on an amazon "cloud vps"
<methods> trying to find out what their latest is
<methods> i wonder if i could get away with the precise package
<methods> it might work fine on older ubuntu
<hallyn> stgraber: well, i *think* that's pretty much what we want :)  (wrt a typo)  but, do you agree static-network-up is the way to go?
<Lazerath> hay all
<Lazerath> ok
<Lazerath> my grub wont load
<hallyn> i think i'm going to do the emit in pre-start after all
<hallyn> should be ok if i do --no-wait
<Lazerath> so it used to load but i moved the server and it loads to a grub prompt
<Lazerath> I am pretty sure i am using a LVM
<Lazerath> so when I am at the grub prompt and I do the ls command
<Lazerath> I see the hd0 hd0,1 hd1 hd1,1 but none of them have my grub on them
<Lazerath> it is on the drive "landl"
<Lazerath> but I am not sure how to explain it
<Lazerath> when i load from the live cd and recover broken system
<Lazerath> I see the landl partition
<Lazerath> and i shell to there but grub-install sg1
<Lazerath> does not work
<Lazerath> the only drive is a scsi raid set up
<twb> Lazerath: pastebin contents of /proc/partitions.
<twb> Lazerath: run file -s across each of the partitions listed in /proc/partitions, it will report if a bootloader is installed on them.
<Lazerath> do that from the recovery shell off the live cd
<twb> Lazerath: another test is dd if=/dev/sda bs=512 count=1 | strings
<Lazerath> it used to work
<twb> That test will print a bunch of strings, including "GRUB" if grub is the bootloader on sda
<Lazerath> i think it is sg1 not sda
<twb> I have never seen disks called "landl" or "sg1" before; the latter is believably but the former sounds very unlikely.
<twb> sg1 is more likely to be the CD or tape drive
<Lazerath> ok landl is my own partion
<twb> As I said, look at /proc/partitions.  The number of partitions on a device and their sizes should make it very obvious which one(s) are you drive(s).
<Lazerath> the only drives hooked up to the server are a cd rom and a SCSI External 7disk raid stack with 2 partitions
<Lazerath> but i will check that out quick
<Lazerath> should i check the /proc/partitions from the grub shell on my failed boot or from the recovery mode on the live cd
<twb> Ah, OK, stupid hardware raid stuff often shows up in bizarre ways
<twb> Lazerath: you need to check it from a live medium
<Lazerath> I think the landl partition is the LVM
<mtaylor> smoser: around?
<twb> The grub shell is pretty useless
<Lazerath> yeah it is
<mtaylor> smoser: why does python2.7 conflict with python-profiler/
<mtaylor> ?
<Lazerath> ok i will just boot ubuntu live cd and check it out
<Lazerath> i was going to do that next anyway
<Lazerath> i think i have grub and not grub2 not sure though but i will check this out... Thanks mate
<twb> It doesn't matter much
<Lazerath> WELL live cd is still loading
<Lazerath> but i will check the /proc/partitions directory
<Lazerath> what was the command with the -s variable you said
<twb> 11:55 <twb> Lazerath: run file -s across each of the partitions listed in /proc/partitions, it will report if a bootloader is installed on them.
<hex20dec> Can someone please help me pass this part???
<hex20dec> https://help.ubuntu.com/10.04/serverguide/C/dns-configuration.html#dns-caching-configuration
<hex20dec> What IPs are they  talking about??
<hex20dec> Anyone??
<kerframil> hex20dec: the DNS servers operated by your Internet Service Provider. that information is also false; you don't *have* to specify forwarders, as long as bind is aware of the 'root' name servers.
<twb> hex20dec: "the IP Addresses of your ISP's DNS servers"
<Vexiant> yo dawg
<kerframil> hex20dec: I'll answer here. most folk want their DNS servers to answer queries for records outside of any 'local' zones that might be maintained. you may tell yours to forward such requests to a specific set of nameservers. rationale for using nameservers operated by your ISP is that they might be faster.
<kerframil> hex20dec: if you don't specify forwarders, than the root hint servers will be used (see /etc/bind/db.root)
<kerframil> hex20dec: if you do not perform recursion at all, then your own clients will not work very well. dns servers have to be able to ask other dns servers for information.
<Vexiant> persay
<Vexiant> forwarders {
<Vexiant>                 1.2.3.4;
<Vexiant>                 5.6.7.8;
<Vexiant>            };
<kerframil> well, they don't, but ... that's a common configuration
<Vexiant> the IP's go in the two number sets
<Vexiant> what IPs would be put there?
<Vexiant> https://help.ubuntu.com/10.04/serverguide/C/dns-configuration.html#dns-caching-configuration
<Vexiant> I'm talking to you, kerframil
<Vexiant> hex and I are both trying to set the stuff up correctly
<kerframil> Vexiant: if you don't know, then you don't have to specify any forwarders at all - as noted before. it's optional, even though the doc there suggests it isn't.
<kerframil> Vexiant: a default bind setup will be aware of the 'root' nameservers, which can be used for upstream queries.
<Vexiant> thanks
<kerframil> Vexiant: if you do want to use your ISP nameserver, ask them. or look for the info in their knowledge base or such.
<Vexiant> ok
<kerframil> Vexiant: be careful though. some organisations operate really crap nameservers. you might actually be better off using the root servers, especially if you're caching anyway.
<kerframil> Vexiant: Google's work alright too (8.8.8.8, 8.8.4.4)
<Vexiant> thanks
<stgraber> hallyn: static-network-up sounds good yes
<twb> kerframil: IMO it is advisable to tell stupid noobs to use their ISP's DNS server, so as to reduce the load on the root servers
<twb> If that *does* cause them problems, it can be dealt with then
<kerframil> twb: a reasonable assertion
<twb> My favourite annoying one is telstra seems to resolve all unqualified hosts to help.telstra.com or so, so when I'm at my dad's place, I can't just "getent hosts <an office host>" to test if I'm in the office
<kerframil> twb: gah
<hallyn> stgraber: i'm feeling burned out, think i'll wait on that.  maybe next upload.  Or maybe just on next merge.
<stgraber> hallyn: would be nice to have for 12.04, but we can probably argue it's not technically a feature so can maybe wait post-Feature Freeze
<hallyn> oh right.  that.
<hallyn> stgraber: ok, so if we switch to upstart, do you think 'stop  lxc' should behave like 'stop libvirt' - and not shut down its network?
<hallyn> (at all)
<hallyn> right now, /etc/init.d/lxc stop will shut down the lxc nwetork if no devices are attached to the lxc bridge
<hallyn> eh, ok, i'll see what i can do
<hallyn> i'm trying to see if poor jodh has run into any other lxc-caused bugs
<hallyn> and i wonder how your upstart lxc changes are faring
<uvirtbot> New bug: #927519 in makedev (main) "makedev fails to upgrade in lxc container with error 'Device or resource busy'" [Medium,Confirmed] https://launchpad.net/bugs/927519
<stgraber> hallyn: I'll do some poking for the upstart changes, I know jodh has been pretty busy with upstart bugfixes and plymouth stuff ...
<hallyn> and lxc-caused bugs
<stgraber> hallyn: for the network, I'm not sure, same for the containers, I think killing the network if we no longer have anything in the bridge is fine, otherwise it's probably a bad idea
<stgraber> I'm also not sure if "stop" should kill all the containers marked as "auto", I guess people would expect us to do so, but it won't react like libvirt then
<stgraber> and we'll need to be careful not to "restart" lxc on package upgrade (or we'll suddently kill and start all the containers)
<stgraber> hallyn: just saw your comment on the console/tty bug, I guess that'd work indeed, we could use a sub-directory too if that makes things easier
<stgraber> hallyn: though I'm wondering how hardcoded /dev/console is, I wouldn't be surprised if software were using it directly (upstart being one of them)
<hallyn> stgraber: maybe we can affect that with upstart arguments (akin to '--console /dev/ttyS0')
<hallyn> still, i'm afraid you're probably right, it would end up missing something
<stgraber> hallyn: indeed. Something else that we'd need to think about is how to deal with older version of the OS in the container
<stgraber> though, I agree this would solve most of our problems (if not all) around upgrades/dist-upgrades in containers, so it's definitely worth investigating
<hallyn> i was going to mention to you tomorrow i think we need a serious devns design discussion at uds
<hallyn> anyway
<stgraber> hallyn: yep, that seems to be our biggest pain nowadays (with these devices + udev storms), so indeed worth booking some time to sit and think about it
<designbybeck> hello all, I am a server newbie i have a Mahara site setup, that someone walked me through, I am working on a Moodle site as well. My Mahara site points correctly to the subdomian, but the Moodle subdomain just pulls up the root domain
<designbybeck> this works: http://mahara.triside.com ....but this doesn't http://moodle.triside.com
<designbybeck> I made the VirtualHost file the same as each other with their directories pointing to their respective locations
<designbybeck> I have restarted apache2 and it showed OK I think I forgot something, i just don't know what I missed
<qman___> servername, most likely
<designbybeck> inside the vhost file qman___ ?
<qman___> to work properly, the virutalhost must be * (*:80 / *:443 ok too)
<qman___> and the servername directive defined for each host
<qman___> one bad one can mess up the whole config
<Vexiant> Yo, how do I find out the IP of a server via terminal?
<designbybeck> ok, I'll keep looking, thanks qman___
<Vexiant> anyone know?
<designbybeck> qman___, here is what both vhosts look like, but they aren't in the same file http://www.pasteall.org/28928
<kerframil> Vexiant: ip addr show
<designbybeck> Vexiant, or you can try ifconfig i believe as well
<Vexiant> ifconfig is for your own ip
<Vexiant> thanks kerframil
<qman___> designbybeck, those are good, but make sure no other virtualhosts are defined that defy that convention
<designbybeck> hmm none that i know of
<qman___> the way the apache config works is all those config files cross-reference each other into one big config
<qman___> so it could be anywhere
<designbybeck> oh
<qman___> use grep -R to find any extraneous hosts
<qman___> you should also have "NameVirtualHost *"
<designbybeck> http://www.pasteall.org/28929
<designbybeck> those are the vhosts files
<designbybeck> hmmm... I haven't ran acros the NameVirtualHost
<qman___> do like so
<qman___> sudo grep -R NameVirtualHost /etc/apache2
<designbybeck> and here is the sample moodle file from their site: http://www.pasteall.org/28930
<qman___> sudo grep -Ri ^\<virtualhost /etc/apache2
<qman___> this particular issue doesn't have anything to do with the application being run, it's just a general apache virtualhost problem
<designbybeck> qman___, here is that output
<designbybeck> http://www.pasteall.org/28931
<qman___> well that answers it
<designbybeck> nto sure what the unable to resolve host triside is all about
<qman___> your hosts are not enabled, only the default is
<designbybeck> but triside.com works and mahara.triside work?
<qman___> the default site is enabled
<qman___> the files are probably available through it
<designbybeck> hmmm
<qman___> also, that message means 'triside' doesn't resolve in /etc/hosts
<qman___> you should add it such that it points to the LAN adapter's IP
<designbybeck> i actually haven't edited the default file
<qman___> see a2ensite and a2dissite
<qman___> and your virtualhosts should be each in their own file in /etc/apache2/sites-available
<designbybeck> i do have them in their own files
<designbybeck> what do you mean by see a2ensite and a2disiste? what does that mean
<qman___> commands
<designbybeck> i thought that mean /etc/apache2/sites-available
<designbybeck> oohh
<Lazerath_Phone> Ok
<Lazerath_Phone> The boot drive is sda1
<Lazerath_Phone> But the files are on the lvm sda5
<qman___> designbybeck, according to that output, your site configurations are either not formatted correctly or are not in the right place, because they'd show up in that list if they were
<qman___> like default-ssl does
<designbybeck> ahhh qman___  i did see that on the mahara install instruction site it did have this command:  sudo a2ensite mahara.conf
<designbybeck> but i haven't done anything like that for the moodlevirtualhost file
<Lazerath_Phone> the sda1 does have some files for booting
<Lazerath_Phone> But the lvm is locked so how do I reinstall grub
<qman___> designbybeck, ah, they didn't show because of the whitespace
<qman___> not sure if that matters or not
<qman___> but anyway, you need to enable both of those sites, and should probably disable the default site if you're not using it
<designbybeck> ok
<designbybeck> let me try that command
<designbybeck> LOL.... well....it doesn't point to the root anymore
<designbybeck> qman___, i did the a2ensite and that seemed to work ok
<designbybeck> then i restarted apace2 and that seemed to work ok
<designbybeck> letme see how to disable default
<qman___> should be sudo a2dissite default
<qman___> and you can verify by doing ls /etc/apache2/sites-enabled
<qman___> those two commands are glorified symbolic linkers
<qman___> but it works pretty well
<designbybeck> ok i dod see the moodlevirtualhost in sites-enable
<designbybeck> and default too
<qman___> that should work as expected then
<qman___> provided the servername directive is set correctly for each site, when you visit by those URLs, you get the right site
<qman___> you can also use the serveralias directive to add more names
<designbybeck> a2dissite is the other command?
<qman___> yes
<designbybeck> so it would be sudo a2dissite default ?
<qman___> yes
<qman___> also, those servernames should resolve to your server, i.e. be in /etc/hosts
<qman___> but that's not strictly necessary, and in fact I just checked mine and it isn't
<designbybeck> oh yeah i think i forgot to set those up
<designbybeck> well....i think we're gettting smoewhere
<designbybeck> ...but now triside.com is the same as mahara.triside.com
<designbybeck> because i took off default?
<designbybeck> let me check the /etc/hosts
<qman___> if that was your default site, yes
<qman___> each site must be defined, the default site takes over any that aren't
<designbybeck> qman___,  here is the /etc/hosts http://www.pasteall.org/28932
<qman___> remove the second and third 127.0.0.1 lines
<qman___> actually, make it look like this: http://www.pasteall.org/28933
<designbybeck> do you have to restart apache afer that?
<qman___> yes
<designbybeck> qman___, http://www.pasteall.org/28934
<designbybeck> i learned a few thigns this time
<designbybeck> gave some errors
<marrok5146> anyone here familiar with openvas?
<qman___> ok, that means two things
<qman___> first, that that directory doesn't exist
<qman___> and second, that one of your servername directives doesn't resolve and needs to be added to /etc/hosts
<designbybeck> ok...first thing, i thought i had the dir there
<designbybeck> DOH! ...yeah i forgot i used the www for mahara, but for moodle (to keep them separate) i put it in its own dir
<qman___> that'll do it
<qman___> you may need to add your subdomains to /etc/hosts, if so, just tag them on the end
<qman___> like: 1.2.3.4 site site.com sub.site.com sub2.site.com
<designbybeck> yeah i didn't get that error this time, but it still got the nameserver error
<designbybeck> apache2: Could not reliably determine the server's fully qualified domain name, using 108.166.105.36 for ServerName
<designbybeck> ok i'll try that in the /etc/hosts
<designbybeck> Sweet!! moodle.triside.com resolved
<qman___> yeah, it's not super complicated, but unfortunately, unless you've done it before, it's not obvious where the problem is when it's not working as expected
<designbybeck> well it was setting up apache and the file structure that obviously i'm still learning
<designbybeck> i guess i thought things had to be in a very specific location
<Lazerath> I the "cat partitions" command in the /proc folder
<Lazerath> The boot drive is sda1
<Lazerath> But the files are on the lvm sda5
<Lazerath> the sda1 does have some files for booting
<Lazerath> But the lvm is locked so how do I reinstall grub
<designbybeck> but the important thing is that you just tell the file where to go
<qman___> yeah, it's a pretty flexible system, that's why it didn't throw any errors until you disabled the default site
<designbybeck> ok so now i have to address the 2nd thing
<designbybeck> i did put in the sub.site.com stuff in
<designbybeck> is service apache2 reload the same as restart?
<qman___> they're not the same
<qman___> reload causes apache to reread all the configuration files live
<qman___> restart actually shuts down and restarts apache
<qman___> reload is faster and is in many cases good enough, but sometimes a full restart is needed
<designbybeck> let me give it a good ol' restart then
<designbybeck>  * Restarting web server apache2                                                                                 apache2: Could not reliably determine the server's fully qualified domain name, using 108.166.105.36 for ServerName
<designbybeck>  ... waiting apache2: Could not reliably determine the server's fully qualified domain name, using 108.166.105.36 for ServerName
<Lazerath> yeahi found with apache i needed to restart sometimes when changing settings
<designbybeck> ok that ServerName would be in the /site-available file correct?
<qman___> that servername could be anywhere
<designbybeck> hmmm
<qman___> sudo grep -R ServerName /etc/apache2 to list them all
<qman___> and make sure all the ones listed (and which are not commented or disabled) resolve
<qman___> but bear in mind also that as long as your sites work the way you expect, that warning can be safely ignored
<designbybeck> i'm not sure what this means qman___ , but is it missing smoething? http://www.pasteall.org/28936
<designbybeck> oh
<designbybeck> yes my two resolve correctly
<designbybeck> so for my testing purposes it is working thus far!
<designbybeck> Thank you for your help qman___ !! I've learned a lot tonight !
<dforthman> Hi. I have Ubuntu 11.10 Server running, all updates applied. I'm trying to install Nagios NRPE plugin, but I'm getting "Unable to find SSL libraries" compilation error. I've installed libssl-dev, but I'm getting the same error on compilation. Is there another package I need for the ssl libraries?
<qman___> dforthman, suggest you install the nagios-nrpe-server package instead of rolling your own
<qman___> compiling your own software is not a best practice on production servers
<dforthman> No, but when I installed the package from the repos, it was missing configuration files and wouldn't start. Uninstalled/re-installed several times and got the same result.
<qman___> I've installed said package without incident, did you modify them yourself?
<qman___> in any case, install then purge
<qman___> then remove the cached package file from /var/cache/apt/archives
<qman___> and download the fresh one
<qman___> purge gets rid of all configuration files so that the next install will recreate them
<qman___> remove does not
<dforthman> Did all that. It was still missing the config files.
<qman___> what file(s) are you expecting which is missing?
<qman___> also, are you trying to set up your monitoring server, or the servers that are being monitored?
<qman___> because nagios-nrpe-server is what
<qman___> 's needed on the servers being monitored
<dforthman> We're off-topic. Are there additional packages I need for the SSL libraries? Or where do I point --with-ssl-lib=/path/to/ssl/lib?
<Vexiant> https://help.ubuntu.com/10.04/serverguide/C/dns-configuration.html
<Vexiant> "Also, create an A record"
<Vexiant> I keep seeing "A record"
<Vexiant> What does that mean?
<dforthman> "A record" is an address record. It points your domain name to an IP address.
<Vexiant> @       IN      A       127.0.0.1
<Vexiant> @       IN      AAAA    ::1
<Vexiant> ns      IN      A       192.168.1.10
<Vexiant> what would I put inplace of the A's?
<qman___> you don't
<qman___> the As belong there
<Vexiant> /etc/bind/db.xxx.com:14: unknown RR type 'AAA' (Note, the X's are just there to hide the site)
<Vexiant> welp, check BIND gave me that error
<qman___> a AAAA record is an ipv6 record
<qman___> your version of BIND is not interpreting ipv6 records
<qman___> remove the errant record or fix your BIND to accept ipv6 records
<Vexiant> So what should I do?
<Vexiant> errant? Sorry, I'm new to all of this
<dforthman> Remove the line with AAAA
<Vexiant> Ok
<dforthman> then restart Bind
<Vexiant> ok, thanks
<qman___> dforthman, you probably need libssl-dev, but again, there's nothing wrong with the packaged versions
<qman___> I use them, they work
<Vexiant> Yo, thanks so much, guys. It just removed ALL my errors!
<dforthman> I've installed libssl-dev but it's still giving the error. I'll try the packaged version again.
<dforthman> And I'm trying to install the NRPE addon to the Nagios monitoring server.
<qman___> that one needs the -plugin package
<qman___> nagios-nrpe-plugin
<twb> qman___: or he just typed AAA instead of AAAA
<qman___> true, I assumed his paste was what was in his records but it could not have been
<qman___> could have not been*
<Vexiant> it was AAA
<Vexiant> the problem is solved, as I stated. Thanks to qman___ and dforthman
<twb> Vexiant: there are 4 A's in an AAAA
<qman___> but odds are you don't need any AAAA records, especially if you don't already know what they are
<twb> Vexiant: if you get that wrong dumb things happen
<dforthman> thanks to qman___, I just translated.
<Vexiant> twb, I got nothing wrong. It was already set like that
<twb> I have lost interest in this discussion
<Vexiant> yes, the problem has been colved
<Vexiant> solved*
<dforthman> alright, let's see how this nagios on the repos goes this time
<dforthman> "Not replacing deleted config file"
<qman___> purge and try again, that normally fixes it
<qman___> it might be a dep too
<Lazerath> ok all
<Lazerath> I ran the "cat partitions" command in the /proc folder...The boot drive is sda1...the sda1 does have some files for booting..like: initrd.img-2.6.32-32-generic-pae..But the files are on the lvm sda5..like: initrd.img..But the lvm is locked so how do I reinstall grub.... I can access the lvm when booting recovery from the cd.... i got some type of error when i ran "grub-install hd0" which i cannot remember right now.
<dforthman> Total Warnings: 0 Total Errors:   7
<dforthman> it won't let me purge, either. i'm getting error messages
<qman___> pastebin the whole log on the purge
<qman___> it usually amounts to touching the missing files to satisfy apt
<qman___> so it can remove them
<Lazerath> bah
<Lazerath> +-++++++
<dforthman> http://pastebin.com/xw7mAj0e
<qman___> ah, looks like an in-nagios checking issue
<qman___> try commending out / removing all the checks on localhost's config
<dforthman> ugh. no good
<dforthman> now i'm getting "No checks defined"
<dforthman> and it errors out
<dforthman> "No services defined" rather
<qman___> ok, try purging nagios3-common nagios3-core nagios3 nagios3-cgi all at once
<qman___> nagios3 looks like a metapackage and that may be why it's wanting things to work before you can remove it
<dforthman> seems to be working
<dforthman> sh: getcwd() failed: No such file or directory sh: getcwd() failed: No such file or directory sh: getcwd() failed: No such file or directory
<dforthman> should that worry me?
<qman___> not necessarily
<qman___> what's your current working directory
<dforthman> var/cache/apt/archives
<qman___> a little odd then, but it could just be missing files/directories
<qman___> in any case, a successful purge marks it as totally gone
<qman___> and then you can manually delete any files left over
<qman___> and install fresh
<qman___> I've had bad downloads make for very bad days before
<dforthman> ok, so which nagios package has nrpe?
<qman___> nagios-nrpe-plugin installs the monitoring server bits for nrpe
<qman___> you also need a working nagios (or icinga) for it to be useful, obviously
<dforthman> yeah. i'm gonna set that up now
<qman___> nagios-nrpe-server are the bits for the machines being monitored
<qman___> that naming threw me for a loop for quite a bit
<dforthman> eh, that's what the NSClient++ is for haha
<dforthman> we don't run anything linux except for the nagios server
<qman___> I use nsclient++ too, works pretty well
<qman___> that is, when the untangle firewall isn't corrupting the download, which it was with 0.38 for some reason
<dforthman> haha
<twb> 10.04 ubuntu fortune file has a link to https://help.ubuntu.com/9.10/serverguide/C/networking.html
<twb> That should be checked and fixed for precise
<twb> fortunes-ubuntu-server 0.3, I mean
<dforthman> ok, so where are the actual check command file(s) located on the repository nagios?
<dforthman> nevermind, found 'em
<twb> dforthman: /etc/nagios3/*.conf is sourced by the master file therein IIRC
<dforthman> i was looking fore /etc/nagios-plugins/http.cfg
<dforthman> had to add a command to check for non-80 http servers
<clone_> hi all, know somthing about closed connection with Ubuntu Server 11.10
<clone_> I got some servers with that problem
<clone_> after few bytes of transfer the connection wiht the services are close
<clone_> like ssh or apache web server
<clone_> but only with some Ip
<clone_> not all of it
<dforthman> so, now i'm getting "Could not parse" errors on my check_nt commands. Is the formatting different? or should check_nt!SERVICESTATE!-d SHOWALL -l "SQL Server (BKUPEXEC)" still work?
<dforthman> needed to add -p in the nt.cfg file
<clone_> any Idea why apache2 - Connect to Apache times out randomly in ubuntu 11.10
<clone_> the same thing with ssh
<clone_> just after call a command the ssh frozed
<stiv2k> hi
<stiv2k> anyone here alive
<clonemtz> hey
<chelz> clonemtz: look for errors in the logs
<chelz> and google those
<stiv2k> i have a couple commands in my /etc/rc.local file that runs at startup
<stiv2k> just two, like this
<stiv2k> # Run IRCD
<stiv2k> /home/ircd/Unreal3.2.7/ircdcron/ircdchk >/dev/null 2>&1
<stiv2k> # Run BOPM
<stiv2k> /home/ircd/bopm/bin/bopm
<stiv2k> but it runs them as root
<stiv2k> what can i do to not run my ircd as root?
<chelz> stiv2k: su <user> /home/ircd/Unreal3.2.7/ircdcron/ircdchk
<chelz> su stiv2k /home/ircd/Unreal3.2.7/ircdcron/ircdchk >/dev/null 2>&1
<chelz> i dunno if rc.local has issues with arguments, i know cron stuff does. might have to put that line in a two line shell script
<twb> chelz: apt-get install ircd-irc2; it runs as irc by default, not root
<twb> Sorry, @stiv2k
<twb> You probably should use start-stop-daemon(8) or upstart(8), though.
<twb> For the latter ref. init(5) also.
<twb> kirkland: hey, did you leave Canonical?  I notice your bzr commit emails changed :-)
<stiv2k> twb: irc2?
<stiv2k> whats that
<stiv2k> chelz: i thought that was su -c ?
<twb> stiv2k: people who need *an* IRC and don't care about the details
<chelz> stiv2k: right, might be. i take no responsibility for my syntax :P
<stiv2k> twb: i already have an irc server setup
<twb> stiv2k: running out of /home?  Real professional.
<stiv2k> twb: it runs as its own user
<chelz> yeah but to do stuff 'properly' using upstart and all that is the 'proper' way. if you start running a few custom services then you should look into it, but for the first few i figure rc.local is fine
<stiv2k> chelz: what is upstart
<twb> chelz: depends on whether you want to be lazy now or lazy in twelve months
<twb> stiv2k: ubuntu's clusterfuck of a init replacement
<stiv2k> twb: clusterfuck? so you dont like it?
<twb> I do not like it.
<chelz> twb, stiv2k it's what we must use. as it has been decided. so say we all
<stiv2k> ok
<chelz> stiv2k: yeah but it's basically init++
<chelz> gl with that :P
<stiv2k> but then i have to write my own stop and start script for it right
<twb> chelz: no, that's insserv.
<chelz> eh
<chelz> ok nvm then
<twb> chelz: upstart is not an incremental improvement, but a complete paradigm shift
<twb> stiv2k: yes, but simple upstart jobs are straightforward
<chelz> stiv2k: right yeah it's kind of an ordeal. for a production env you should use it, for personal stuff i don't think it really matters. if you want to learn it go for it
<twb> http://paste.debian.net/155377/ example
<stiv2k> i will look into it
<stiv2k> twb: whats wrong with running my ircd out of /home
<twb> stiv2k: it's not integrated properly with the rest of the system
<stiv2k> how so
<twb> stiv2k: so, for example, apt will happily remove the C libraries it needs to run when nothing else keeps them installed
<chelz> stiv2k: wait, for one thing, why aren't you using an ircd from the repos?
<twb> chelz: EXACTLY
 * chelz hits stiv2k with a stick
<chelz> stop doing wrong things
<stiv2k> because man
<twb> chelz: but probably because irc servers upstreams have a hard-on for running stuff out of CVS HEAD
<stiv2k> i compiled mine myself
<stiv2k> with specific options
<stiv2k> that i want
<twb> Gentoo is <over there>
<stiv2k> i dont want to compile the whole OS
<twb> But we discourage that kind of thing
<stiv2k> just my ircd
<chelz> eh
<chelz> stiv2k: look into deb-src
<chelz> i think that's the name
<chelz> stiv2k: you grab the src for a package in the repos, then you can compile your own tweaked version of it, but it's still mostly within the package management system
<dforthman> where'd qman___ go?
<dforthman> to bed?
<twb> chelz: add deb-src entries to sources.list; apt-get source foo; cd foo-1.0; sensible-editor debian/rules; dch -i "custom build"; debuild; dpkg -i ../*deb
<chelz> twb: yeah that's looks good
<stiv2k> what O_o
<twb> Example: http://paste.debian.net/155378/ and http://paste.debian.net/155379/
<chelz> just have to do that again when it updates but that's the price of a custom package, but that'll be hardly ever
<twb> Although the latter can be substituted by a simple dpkg -i, or an elaborate reprorepo or so
<chelz> twb: there a good guide anywhere for ubuntu/debian deb-src stuff?
<chelz> i think i saw on one reddit some time ago. didn't end up reading it but the idea of a guide like that is a good one
<twb> Those pastes run out of cron and are responsible for recompiling openldap against openssl whenever ubuntu issues a new security update, you see.  It lands in the in-house apt repo where it is signed, and unattended-upgrades on the various hosts are configured to upgrade to the new in-house build automatically.
<chelz> that's pretty neat
<twb> chelz: there isn't really a one-stop document, but the #debian-mentors group on OFTC can direct you to LOTS of documentation that helps, even if a lot of it is various levels of stale
<twb> e.g. dh_make tends to encourage newbies to use pre-dh7 style rules files
<chelz> oh hm, so this gets into some packaging stuff. i've yet to master those dark arts.
<chelz> on my todo list though since quite a few projects are in need of some packagers
<twb> A lot of it is easy, you just need to say "hey I want to do <blah>" and have someone point you to the appropriate bit of helper code
<stiv2k> hmm
<stiv2k> i wonder if i should keep the ircd files on the SSD or the HDD
<twb> stiv2k: both
<stiv2k> the / is on the SSD
<twb> RAID1 them with HDD configured as write-mostly write-behind
<stiv2k> and /home is the HDD
<chelz> oh hmm
<chelz> https://help.ubuntu.com/community/UpdatingADeb
<chelz> found that
<stiv2k> twb: i dont think the machine supports raid
<stiv2k> twb: http://stats.stiv2k.info
<twb> stiv2k: md raid.  Hardware raid is completely useless unless you are paying $200 at least, and it has a BBU or equivalent.
<chelz> also the obligatory cyberciti.biz guide, dunno if what they say is good or not on this one: http://www.cyberciti.biz/faq/rebuilding-ubuntu-debian-linux-binary-package/
<stiv2k> i have good uptime thought :)
<stiv2k> though*
<chelz> more guides: https://www.google.com/search?q=rebuild+ubuntu+package+deb-src
<chelz> stiv2k: rsnapshot to do backups of important stuff from one to the other
<twb> I'm the rsnapshot upstream :-)
<stiv2k> chelz: what i wanted was to keep OS files on the SSD, things that mostly read from but not written to
<stiv2k> chelz: and user data, torrents, websites, etc, on the HDD
<chelz> twb: whaa
<twb> chelz: this is a reasonable example of how to package something: http://darcs.debian.org/collab-maint/mg
<twb> Except ignore the get-orig-source and the override rules to deal with a non-autoconf ./configure script.
<twb> But the best way to learn packaging is to lurk on #debian-mentors (on OFTC)
<chelz> otfc
 * chelz shakes fist
<chelz> also oftc
<twb> HTFU you big baby
<chelz> yeah yeah
<chelz> well i dnno how good they are but googling for packaging docs sure brings up a lot
<twb> Of uncertain vintage and reliability, sure
<twb> It staggers me how many jackasses come in here "following a blog they found" and they're trying to apply 8.04 or 6.06 docs to a 12.04 install
<chelz> haha
<chelz> yeah, that doesn't work out
<chelz> can't say i know the right or wrong ways to package things but that mg looks pretty good
<chelz> also looks like a neat project
<Vivek> kirkland: Are  you around ?
<Vivek> roaksoax: Are you around ?
<Vivek> Daviey: Are you there ?
<Vivek> kirkland suggested that I have a word with both of you regarding some queries I had with dnsmasq on Orchestra.
<Vivek> Since I am in the IST (Indian Standard Time). I am not able to get to talk to the developers while they are available.
<twb> Try asking your real question first
<erichammond> Vivek: You could try the ubuntu-server mailing list: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
<Vivek> erichammond: Thanks.
<Vivek> twb: The question was asked on Friday itself :)
<Vivek> twb: Let me repaste the chat log with kirkland for you.
<Vivek> twb: Pastebin it rather.
<Vivek> twb: http://paste.debian.net/155392/
 * twb reads
<Vivek> jono: Hi
<jono> hey Vivek
<Vivek> jono: Vivek Cherian here.
<twb> Vivek: please also pastebin dnsmasq.conf
<Vivek> It was nice meeting you here mate.
<Vivek> twb: sure give me couple of mins.
<twb> No worries
<twb> Vivek: so basically the problem is dnsmasq appears to be serving requests to both your ifaces?
<jono> hey Vivek :-)
<Vivek> twb: The problem is that inspite of having configured inteface=eth1, dnsmaq seems to be (I figured out that it might not be) serving I.P Addresses via eth0 also.
<Vivek> Now the reason why we suspect that dhcp requests are being made via eth0 is because of the presence of directories named after I.P Addresses in /var/log/orchestra/rsyslog/2012/01/25
<twb> I need the pastebin
<Vivek> Sure
<jamespage> morning all
<Daviey> Vivek: hello
<Vivek> Daviey: Hi
<Daviey> Vivek: Hi!
<SpamapS> crap
<SpamapS> Daviey and jamespage are up
<SpamapS> I should probably have been in bed an hour ago then
<jamespage> SpamapS, almost certainly
<jamespage> SpamapS, good morning!
<SpamapS> jamespage: indeed, good morning. :)
<Vivek> Daviey: I have some queries which I am working out with twb.
<Vivek> SpamapS: Hi again and prolly bye :)
<Daviey> SpamapS: sleep well :)
<Daviey> SpamapS: if it helps, i've been up 2 hours :)
<Daviey> Vivek: sounds good, shoot away!
<Vivek> Daviey: For some background http://paste.debian.net/155392/
<Vivek> twb: http://paste.debian.net/155397/
<Vivek> twb: http://paste.debian.net/155398/
 * SpamapS must finish this epic email about mysql :-P
<twb> Vivek: ok, check /proc/<pid of dnsmasq>/cmdline to see if it's getting any overriding args
<twb> tr '\0' '\n' </proc/N/cmdline if you have trouble with NULLs
<Daviey> Vivek: firstly, can i check - you are not doing this (or targetting Precise?)
<twb> Also I would try using exclude-interface=eth0 instead of interface=eth1 (check syntax in dnsmasq manpage)
<uvirtbot> New bug: #928147 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.41-3ubuntu12.10 failed to install/upgrade: EOF on stdin at conffile prompt" [Undecided,New] https://launchpad.net/bugs/928147
<twb> Also pastebin output of "ip a" and "ip r" please
<Vivek> Daviey:  It is Oneiric 32 bit i386
<Vivek> twb: ok
<twb> btw here is a working dnsmasq (non orchestra) PXE server: http://paste.debian.net/155401/
<twb> I notice you're not doing TFTP inside dnsmasq
<Vivek> twb: paste.debian.net/155402/
<Vivek> twb: http://paste.debian.net/155403/
<twb> Yeah OK so you also need to check /etc/dnsmasq.d/* if there is anything in there
<Vivek> ok
<Vivek> It only has a README :)
<twb> How confident are you that it's dnsmasq that's responding on eth0, and not a rogue DHCP server?
<twb> Because I can't see how it's happening
<Vivek> Me too and I need to prove to the management here that it is not happening :)
<twb> btw I would never use 192.168.[01].* as a range, due to conflicts with everyone else
<Vivek> The Corporate range is the 10.x.x.x
<twb> Vivek: on eth0, do a dhclient -n -v or so, see who is responding by MAC
<dforthman> or 192.168.100.0
<twb> Using 192.168.<not 0 1 or 100>/24 or something in 172.16/12
<Vivek> Why are those directories getting created in /var/log/rsyslog/orchestra ?
<twb> Vivek: that would be up to /etc/rsyslog.conf.d/*.conf
<Vivek> The directories in the 10.x.x.x range ?
<dforthman> i see 10.0.0.0 and 172.20.0.0 everywhere i go
<twb> Vivek: but probably because someone in 10/8 is talking to your rsyslog.
<Vivek> twb: exactly
<twb> dforthman: I haven't ever seen anything in 172.16/12 AFAIK
<Vivek> I have a theory
<Vivek> I need you to tell me if that will sell :)
<twb> cosmic rays?
<Vivek> dnsmaq is broadcasting on eth0 saying hey I am a DHCP server out here...
<Daviey> Vivek: the log is pushed to rsyslog, thanks to the kernel command line options sent to the installer.
<Vivek> 10.x.x.x machines are asking for a I.P Address.
<Vivek> dnsmaq is refusing it saying I can serve only on the 192.168.1.x range.
<dforthman> electronic healthcare resellers love to use the 172.20.0.0 range dunno why
<Vivek> The 10.x.x.x are created in rsyslog simply by the virtue of the 10.x.x.x contacting dnsmaq and on the virtue of leasing and I.P Address in the 10.x.x.x range.
 * Vivek stops and waits for brickbats or an applause.
<twb> Vivek: that's not what happens, no
<Vivek> twb: ok.
<Vivek> twb: What is happening ?
<twb> Vivek: dnsmasq says "I was told to serve 192.168.1.5 through .200 or whatever you said.  That is routed via eth1, so I will respond on eth1"
<Vivek> ok
<twb> Under no circumstances should dnsmasq respond AT ALL (for DHCP, anyway) on eth0
<twb> Not with that config
<Vivek> Then why is it responding, which means creating those 10.x.x.x directories in the rsyslog ?
<twb> If your eth1 link is guaranteed to be up before dnsmasq (unlikely if you use upstart), then you could use --bind-interfaces instead of --interfaces.
<twb> Vivek: I am not convinced it *is* responding
<twb> Vivek: so far your only evidence is rsyslog hits, which is why you should be testing with dhclient -n -v eth0 or so
<Vivek> Me too but we need to prove it, currently the presence of the 10.x.x.x cannot make us say for certain that no dchp activity is happening via eth0.
<Vivek> ok
<Vivek> Going to do that now.
<twb> Another thing you could do, is simply have dnsmasq serve a bullshit next server programmed to do something silly, like eject the CD drive.
<twb> Then wander around the office looking for ejected CDs
<twb> But that's probably more elaborate than you can be bothered doing
<twb> Also you may want --no-dhcp-interface instead of --except-interface
<Vivek> ok
<twb> Telling it to keep a leasefile and then keeping an eye on that, is also a handy check for stupidity
<Vivek> ok.
<twb> And of course --log-dhcp
<twb> At this point I'm just looking at the dnsmasq manpage, which you should be doing
<Vivek> I have already done that couple of times before and edited that dnsmasq.conf file which I gave you.
<Vivek> I'll try the other options too.
<twb> Good luck
<xokvictor> hi all! who can resolv my problem? when my ubuntu server (10.04.2) try booting system is stoped on "run-init: /sbin/init: No such file| Kernel panic"
<Vivek> twb: I even tried taking a tcpdump on eth0
<dforthman> xokvictor did you update your kernel recently?
<xokvictor> dforthman, yes
<Vivek> Nothing conclusive to day that a dhcp request was made via eth0, those directories in the rsyslog are what is creating the confusion.
<dforthman> in grub, there should be an option to boot to the old kernel - if that works you can just keep running that one and try to update again. otherwise, it'll be time to reinstall
<Vivek> Also it would be kind if some one guides me to the part of the code that creates those directories.
<Vivek> I have the orchestra, dnsmasq and ryslog source code downloaded via apt-get source.
<Vivek> They source code is the best documentation so a pointer to where I can find the directory creation part in /var/log/rsyslog/ would be nice.
<dforthman> Vivek - Can you grep out the directory it creates from the code? That'd be my first stop if I was looking for it
<xokvictor> dforthman, i press shift button before system boot and select boot olders kernels, but problem persists :(
<SpamapS> jamespage: I'd love to discuss automated reboot testing when I wake up .. perhaps after the meeting?
<jamespage> SpamapS, sounds OK to me
<SpamapS> ok, time to go pass out
<jamespage> SpamapS, night night!
 * jamespage thinks it unlikely that SpamapS will chair todays IRC meeting... :-)
<xokvictor> dforthman, my way - only reinstall?
<dforthman> If you can't boot to any kernel, that's the only thing I know to do. Someone else might have a better option for you, though.
<xokvictor> dforthman, thx
<Vivek> dforthman: Tried grepping once, could not find it.
<dforthman> I wish I slept. Today's gonna suck haha
<dforthman> Vivek did you grep through all the subdirectories also? I have no idea what you're trying to do, though.
<dforthman> alright, time to start getting ready for work. thanks for all your help with the issues i had earlier, guys and gals
<xranby> jamespage: hi, are the apache cassandra database in ubuntu?
<jamespage> xranby, no - although the cassandra project does produce some .deb's of their own
<xranby> OK, i will try those
<jamespage> Daviey: do meeting minutes go to -server and -devel?
<jamespage> (well when they get sent at least :-))
<Vivek> jamespage: In which channel is the meeting held ?
<jamespage> Vivek, #ubuntu-meeting
<Vivek> jamespage: Am I allowed in ther ?
<jamespage> Vivek, yep!
<jamespage> its where most ubuntu related IRC meetings are held
<Vivek> jamespage: Thanks.
<jamespage> Vivek: np - its normally 1600UTC on a Tuesday
<Daviey> jamespage: just sevrer is suitable IMO
<koolhead17> Daviey: is meeting over?
<jamespage> Daviey, great - thats what I did
<jamespage> koolhead17, 1600UTC today
 * koolhead17 is allready in the channel!! :)
<irvie> so i have a fresh ubuntu server install on a linode and i'm running drupal (which uses php's mail settings to send mail by default). what's the easiest way to set up a mail server to send mail from this machine without opening myself up as a spam relay. the drupal install and the mail server would be on the same host
<irvie> 10.04
<acidflash> hi all, in ubuntu 10.04, if i want to add this line -> options ip_conntrack hashsize=32768 ; where do I put it (its supposed to go int /etc/modprobe.conf but i cant find it
<acidflash> there is only modprobe.d, what should i put inside modprobe.d instead?
<Vivek> jamespage: Any other ubuntu specific channels that you would recommend ?
<mdeslaur> jamespage: thanks for testing tomcat6 and for the call for testing!
<mdeslaur> jamespage: is that another package that showed up on your SRU report?
<jamespage> mdeslaur, no problem
<jamespage> it did show up on the SRU report; Daviey poked me about it this morning....
<mdeslaur> jamespage: hrm, I wonder how we can make sure it's clear those are security updates...just to make sure the security team publishes the proper USN, and it gets put into -security when it's ready to be published
<mdeslaur> jamespage: should I always write so in the bugs? I was assuming the SRU report was checking the SRU team membership on the bug, but that's probably not the case
<smb> zul, bug 928182, not a too big deal and for a change I even tried to be helpful by providing a debdiff. :)
<uvirtbot> Launchpad bug 928182 in xen-common "xendomains produces ugly output on shutdown" [Low,Triaged] https://launchpad.net/bugs/928182
<irvie> so i have a fresh ubuntu server install on a linode and i'm running drupal (which uses php's mail settings to send mail by default). what's the easiest way to set up a mail server to send mail from this machine without opening myself up as a spam relay. the drupal install and the mail server would be on the same host. ubuntu server 10.04
<jamespage> mdeslaur, not sure exactly how the report is generated but I suspect its based off the server team packageset + magic!
<mdeslaur> jamespage: hehe, ok, I'll just write a note in the bug
<mdeslaur> jamespage: thanks for the testing!
<irvie> what do i need to install on ubuntu server 10.04 in order to have php send mail?
<ikonia> irvie: an MTA and php
<zul> smb: yay!
<irvie> so if i just install sendmail i'll be fine? is there a way to restrict it to only listen to the local machine?
<irvie> ie only send mail coming from 127.0.0.1?
<irvie> i just don't want spammers hijacking the sendmail server
<ikonia> yeah, thats standard lock down
<ikonia> ubuntu comes with postfix I think, so you could use that
<ikonia> unless you know/like sendmail better
<irvie> i just installed sendmail, so it should already be restricted to 127.0.0.1?
<smb> zul, And just one observation: seems that the updated xen-common has the effect that you cannot use xm and xl at the same time anymore.  Which is probably a good thing. It defaults to xm. I think that is right now a better default because libvirt rather interacts with how xm does things
<smoser> mtaylor, sorry, just saw  your question. i'm not sure why, i'd just have to dig around. maybe ask in #ubuntu-devel
<irvie> or do i have to actually tell it that
<zul> smb: right
<memoryleak> how can I see response body using Curl command line ?
<andol> memoryleak: response body, as in the http headers?
<memoryleak> andol: the HTTP headers I see, but no body (like html content)
<andol> memoryleak: odd, because the default curl behavior is to send the actual content to stdout
<andol> memoryleak: On the other hand, it doesn't show http headers by default, so perhaps you have a .curlrc tripping you up?
<memoryleak> what would the option to show the http headers also?
<memoryleak> andol: ok got it, mixed up uppercase and lowercase -i option
<stgraber> hallyn: hey, just had an idea, not sure if it'd work though :) Can't we have LXC create /dev/lxc/, put console and all the ttys in there, then have /dev/console and the other be symlinks?
<stgraber> hallyn: AFAICS this would work whatever the version of Ubuntu in the container and should make upgrading udev/makedev/... work
<stgraber> hallyn: it won't be perfect because /dev/console and /dev/tty* won't be usable post-upgrade until you reboot, but at this stage you should already have the gettys started anyway and if you upgrade udev/makedev you should reboot post-upgrade regardless
<stgraber> hallyn: can you remove/mark as merged/abandoned https://code.launchpad.net/~serge-hallyn/ubuntu/precise/upstart/upstart-containers now that all these changes are in my branch?
<hallyn> ok
<hallyn> so would lxc while starting up the container do 'rm -f /dev/console; ln -s /dev/tty/console' ?
<hallyn> i guess so
<stgraber> hallyn: yes
<stgraber> hallyn: so on upgrade, the symlink will be replaced by an actual node but at least won't fail and will be replaced next time the container reboots
<stgraber> hallyn: as we'd put that code in lxc itself, it should just work, whatever the distro in the container
<hallyn> hopefully no gettys are out there refusing to work over symlinks
<hallyn> also i could see selinux policy getting in the way
<hallyn> stgraber: so beside that, getting upstart changes in, and the apparmor mount enforcements, how much more've we got to add to lxc this cycle?
<hallyn> (perusing bugs)
<hallyn> all of the upstart-contingent ones of course
<stgraber> I think that should be pretty much it for 12.04
<stgraber> getting a new upstream would be nice though
<stgraber> *upstream release
<hallyn> daniel said he'd cut one "in the next few days" (last weekend)
<stgraber> good, hopefully merging your branch before that :)
<hallyn> well i did say that a new release is more important, so if merging my branch first is a blocker, then just do that
<hallyn> oh, right
<hallyn> gary_poster: do you care about lxc-start-ephemeral working with lvm-backed contaienrs?
<stgraber> hallyn: btw, jodh told me he'd have a look at my upstart branch today/tomorrow
<stgraber> hallyn: so hopefully by the end of the week we can get rid of lxcguest and announce that you can run a clean Ubuntu system in a container ;)
<hallyn> unless my luck of this cycle continues,
<hallyn> where each closed bug opens 2 new ones
<stgraber> hehe, well, that's what post-FeatureFreeze is for no? :)
<hallyn> heh
<hallyn> i guess so.  i've got the wrong point of view!
<hallyn> now, i if i don't test and clean up lxc-clone upstream first, the next merge could be a bear...
<hallyn> oh!  the lxc-ubucloud template
<roaksoax> Vivek: i'm here now
<gary_poster> hallyn, I'm pretty sure the answer is "no" because LVM is not part of our current story.
<Vivek> roaksoax: Hi
<hallyn> gary_poster: ok, thanks - then i'll leave that to deal with later
<Vivek> I am still testing some issues dnsmasq was throwing up.
<hallyn> stgraber: i gather you're not doing the lxc device move right now?
<Vivek> roaksoax: http://paste.debian.net/155436/
<Vivek> That's my dnsmasq.conf
<gary_poster> ack thanks hallyn
<Vivek> I've configured it to lease I.P Addresses only though eth1
<stgraber> hallyn: correct, though I ran a quick test running getty on a symlink and it seems to work
<roaksoax> Vivek: ok...
<stgraber> hallyn: I can do the change if you're busy with other things though
<Vivek> I find that directories with the 10.x.x.x is created in /var/log/rsyslog even when it is not supposed to do it.
<Vivek> eth0 serves the 10.x.x.x in my case
<hallyn> stgraber: i'm happy to do it, but wouldn't get to it until this afternoon (if i try to do it during meetings, experience says it will go badly)
<Vivek> and eth1 the 192.x.x.x
<hallyn> stgraber: if you do, just take the bug?  i'll check before i start
<hallyn> thx
<Vivek> The dnsmasq.conf is as I have posted above.
<Vivek> My questions is why are those directories appearing ?
<roaksoax> Vivek: ah yes, i've heard that before
<roaksoax> though, rsyslog sends the ip address of the orchestra server to the client
<roaksoax> Vivek: I don't really think dnsmasq has anything to do with that
<roaksoax> Vivek: let me check the config for a sec
<Vivek> ok.
<Vivek> ok.
<smoser> rbasak, ping
<smoser> utlemming, maybe you or even Daviey also answer.
<rbasak> smoser: pong
<smoser> is there a qemu-system-arm that supports hard float ?
<rbasak> The beagle one should, I think
<smoser> ok. thank you.
<rbasak> Most of what we call hard float is really a userspace ABI thing. All (almost all?) armv7 hardware has actual hard float support
<roaksoax> Vivek: So yeah, as I ws thinking, the orchestra server preseeds the IP address of itself to the clients. That server address is then used for the clients to fconnect to rsyslog
<hallyn> stgraber: on second thought i'd prefer to concentrate on the lxc-ubucloud template this afternoon if nothing else comes up
<roaksoax> Vivek: so I'm guessing 1 of two things. Either rsyslog uses eth0 by defaulkt, or the address of the orchedstra server is in the same 10.0.0.X range
<hallyn> don't want smoser giving me a noogie at uds
<roaksoax> Vivek: which causes the clients to use that subnet
<smoser> rbasak, good enough for me.
<smoser> rbasak, see email.
<drPoO> hi all. I am trying to free up some space on  my ubuntu server 10.04  /boot directory. I want to remove old kernels to fix a problem I have. I am running 'sudo apt-get remove linux-image-2.6.32-21-server' and get an unmet dependencies error: http://pastebin.com/cP61hzXG
<drPoO> I dont know how to override the unmet dependencies error so that I can remove the kernel
<Vivek> roaksoax: I have 2 ethernet interfaces eth0 and eth1, the clients are configured to only use the range 192.168.1.x supplied by eth1
<Vivek> roaksoax: They are supposed to ignore the 10.x.x.x provided by the eth0 interface.
<roaksoax> Vivek: that is in terms of dhcp, correct?
<Vivek> roaksoax: Yes
<roaksoax> Vivek: ok so rsyslog and dhcp are not tied up together
<roaksoax> Vivek: what you would have to do is to change rsyslog config and provide the IP address of the server which is from the range of 192.x.x.x
<Vivek> Why am I getting the directories with I.P Addresses in the 10.x.x.x range in /var/log/orchestra/rsyslog ?
<Vivek> roaksoax: What parameter of rsyslog.conf should I change for this to happen ?
<Vivek> I don't find any range provided in rsyslog.conf now.
<roaksoax> Vivek: could you pastebin your /etc/rsyslog.d/99-orchestar.conf (or orchestra itself)
<Vivek> pl
<Vivek> ok
<roaksoax> Vivek: you are getting those because the orchestra clients connect to the rsyslog server using the IP address of the 10.x.x.x range (that's what I'm assuming
<drPoO> is it possible  for me to just 'rm' old kernels from the /boot partition without using apt???
<Vivek> roaksoax: http://paste.debian.net/155440/
<roaksoax> Vivek: that's the server, what about any of the clients?
<drPoO> is there a way of emptying /boot and reinstalling kernels??
<pmatulis> drPoO: treat the kernels like any other package.  remove the oldest ones
<Daviey> Ursinha: What meeting clashes?
<Ursinha> desktop meeting
<Ursinha> starting a while after server one
<Ursinha> Daviey, ^
<smoser> bug 893926
<uvirtbot> Launchpad bug 893926 in eucalyptus "Contains traces of UEC" [High,In progress] https://launchpad.net/bugs/893926
<smoser> Daviey, that is you.
<smoser> dagummit
<jjohansen> Daviey, hallyn: so mount rules, should be up in a ppa by eod for me
<hallyn> jjohansen: \o/  thanks!
<jjohansen> hallyn: the labeling patches, won't hit this week, and if we do them will need a FFE
<hallyn> jjohansen: is that what's in the test kernel attached to that bug?
<hallyn> no, that was a bug fix.  this is enhanced feature?
<jjohansen> hallyn: no, that is what I would call the fallback patch.  That will be available in the ppa, and part of the pull request
<hallyn> ok
<jjohansen> it is independent of labeling
<hallyn> excellent.  thanks.
<jdstrand> zul: re bug #881464> you gave my the url to the keystonelight branch in the keystone MIR report
<uvirtbot> Launchpad bug 881464 in keystone "[MIR] keystone" [High,Incomplete] https://launchpad.net/bugs/881464
<jdstrand> s/my/me/
<hallyn> i skimmed the aa doc (despite it being libreoffice :)  So do i gather i'd be able to say "label /some/path XYZ" and later refer to it as XYZ in permissions?
<zul> jdstrand: i did
<jjohansen> hallyn: yep, labeling is start are of being able to access the label on files.
<jjohansen>   eg.  label=foo rw,
<jjohansen> much better for files passed into a namespace than connect_disconnected
<jdstrand> zul: I'm confused. I thought keystone and keystonelight were different (with keystonelight being changed to quantum)
<zul> jdstrand: no they are different basically keystone->keystonelight
<hallyn> jjohansen: and so we can assign a label recursively?  "everything under /var/lib//lxc/p1 is label=xyz"?
<hallyn> do that in parent profile, use it in child profile?
<jdstrand> zul: so is the code I reviewed for this mir not relevant any more?
<hallyn> if so, nifty.  if not, i'm sure it's still nifty :)
<jjohansen> hallyn: err not exactly, but yes you will be able to use it in a child.
<zul> jdstrand: right
<hallyn> cool.  i'll stop taking your time.  thanks :)
<jdstrand> zul: so I reviewed keystone for nothing?!?
<zul> jdstrand: no at the time it was every intention of getting it into main, but upstream decided to switch mid cycle
<zul> jdstrand: im not impressed either
<jdstrand> impressed. I'm ticked. I don't have a lot of spare cycles for reviews that are obsoleted a month later
<zul> jdstrand: i totally understand
<jdstrand> zul: would you mind updating the bug to change the package accordingly and clearly explain the upstream transition so that everyone is clear on what needs to be done?
<zul> jdstrand: i will
<jdstrand> fyi, I'm usually spending a full day or more on requested security reviews
<jdstrand> zul: thanks
<FunnyLookinHat> Anyone here know how I can utilize SOCKS proxy with SSH to tunnel my SSH connections?  I'm doing ssh -D 9999 user@remotehost and I want to go through remotehost to remotehost2
<kraut> did you used socks4 in ff f.e.?
<kraut> it's a socks proxy, not a http proxy
<rbasak> bug 926160, smoser and utlemming - interesting! Perhaps it's an appropriate time to normalise by passing it through a tarball stage, then mkfs directly to destination size and unpack? The images would probably be more compressible then as well. I have no idea how much work this would be though.
<uvirtbot> Launchpad bug 926160 in ubuntu "precise cloud-images significantly larger than oneiric" [Medium,Confirmed] https://launchpad.net/bugs/926160
<utlemming> rbasak: the initial analysis is that the root cause _is_ the mkfs difference. Between the instance-store and EBS, the journal alone is 96MB bigger for EBS
<rbasak> yeah, that would make sense. mkfs will make different decisions for performance reasons depending on the requested size
<utlemming> rbasak: for the instance-store the rootfs is created as a 1.4GB and then grown to 8GB, while the EBS has the rootfs created as a 10GB volume.
<utlemming> but for EBS we do exactly what you suggest -- grab the tarball, mkfs and then lay down the tarball.
<rbasak> Then perhaps the size difference is acceptable. If this means what I think it does, then performance will be reduced for the smaller images otherwise.
<roaksoax> jamespage:
<roaksoax> jamespage: fence-agents and cobbler now ship the fence_cud and template respectively, if you can it it a try would be very much appreciated
<jamespage> roaksoax, great - will do - is that in precise only?
<roaksoax> jamespage: yes
<Daviey> smb: you are welcome to join the chair roster if you want :)
<smb> Daviey, Thanks a lot but .... no
<Daviey> lol
<zul> we should get community people to do it as well like ttx :)
<ttx> zul: you still had community people, by then :P
<zul> ttx: hehe
<smoser> i've recently seen ttx commenting on how he is ubuntu core dev
<smoser> i think part of that requirement shoudl be running meetings
<koolhead17> ttx: i liked your forkhub related blog though!! :P
<jamespage> utlemming: issues? https://jenkins.qa.ubuntu.com/view/Precise%20ISO%20Testing%20Dashboard/view/Daily/job/precise-server-ec2-daily/
<jamespage> utlemming, no EBS anymore?
<Vivek> roaksoax: I have to call it a day now.
<utlemming> jamespage: smoser fixed that....
<Vivek> roaksoax: Catch you tommorow.
<smoser> rbasak, the difference that is not understood in that is that apparent size (per du) is identical, but we still have used filesystem growth.
<smoser> and significant
<rbasak> smoser: that's expected, surely?
<smoser> why?
<rbasak> filesystem overhead
<smoser> no
<smoser> rbasak, see 'file tot' lines
<smoser> filesystem total went up by 2.9%
<smoser> but 'df' grew by 15%
<smoser> utlemming, suggested that maybe it is symlinks causing the additional fs usage
<smoser> due to python3
<CantWinn> Hello peeps
<CantWinn> Does anyone know of a great "exchange" style open source server?
<hallyn> smoser: there is no way to have ubuntu-cloudimg-query directly spit out the '*-root.tar.gz' url right?
<Mez> ok, I have a new dedicated server - which is provided with a custom kernel - trying to boot up off of the normal kernel causes it to not come up (I believe this is cause it's not starting the network card)
<Mez> can anyone suggest a way of getting it up? I can provide custom boot dmesg vs ubuntu kernel dmesg
<roaksoax> Daviey: you want me to ship a preseed just for the enlist stuff or would it be better to just add a snippet into the regular preseed
<Daviey> roaksoax: Requirements are: it gets pushed to a system that cobbler hasn't previously seen. The second requirement is, it should be possible to overide variables via the API
<Daviey> outside that, whatever you think best :)
<roaksoax> Daviey: hehe right, but "system that cobbler hasn't previously seen" that's handled by the enlistment process, isn't it?
<Daviey> roaksoax: erm, right - you are doing the enlistment stuff, right?
<Daviey> roaksoax: The default preseed is a way of passing values where enlist should push back it's details..
<roaksoax> Daviey: i'm doing the cobbler side
<Daviey> such as hostname
<Daviey> right
<roaksoax> Daviey: excalty, so my point being is should I install something like: enlistment.preseed and work from there, or use orchestra-client.preseed with a snippet that passes the enlistment stuff
<Daviey> d-i boots dumb, the preseed provides values to the enlist udeb on how to operare. Right?
<Daviey> Oh, and tftp default flavour, right?
<Daviey> roaksoax: i think a seperate snippet sounds tastu
<Daviey> tasty
<roaksoax> Daviey: yeah I'm doing this: 1. create a cobbler-enlist profile with a special preseed. 2. create a 'default' system 3. cobbler sync --> next client that tries to boot and has no system, defaults to the cobbler-enlist profile
<Daviey> roaksoax: that sounds beautiful
<roaksoax> Daviey: and I'm basing this on a i386 image
<Daviey> roaksoax: I think for now that works just fine, rbasak and Justin are currently investigating ways to differentiate arm.. You'll need to be prepaired to take their changes
<roaksoax> Daviey: cool
<Daviey> (probably something like a system default-armhf or something)
<adam_g> smoser: if this looks okay with you, i'll merge into my branch. https://code.launchpad.net/~gandelman-a/+junk/smoser-deployer
<smoser> looking
<adam_g> smoser: nothing major, renamed the argument and avoided an error when running it against an environment that already has all services deployed, which is useful when a relation has failed, you've resolved and want to continue on with relations
 * Daviey goes afk
<smoser> adam_g, seems good enough to me.
<adam_g> cool
<roaksoax> adam_g: by any chance do you have the latest enlistment preseed available?
<adam_g> roaksoax: i never had one, i was only working on the cobbler-enlist utility. i think there is something on the CI cobbler server, let me see
<adam_g> roaksoax: http://paste.ubuntu.com/832978
<roaksoax> adam_g: cool thanks
<hallyn> (going afk for awhile)
<args[0]> i wanna add a sub-domain to my server, how can i do that using CLI?
<soren> zul, Daviey: Do you guys not you dch when updating changelogs?
<soren> Err...
<soren> zul, Daviey: Do you guys not use dch when updating changelogs?
<zul> soren: yes
<soren> zul: You do?
<zul> soren: yes
<soren> zul: So you manually go in afterwards and turn the multi-maintainer changelog things into a non-standard format?
<zul> soren: how do you do it?
<soren> dch "Did some stuff"
<soren> done
<zul> soren: ok
<soren> How do you do it?
<zul> vi
<soren> zul: Do you use vi or do you use dch?
<zul> i use vi
<soren> Ok. Can you please invoke vi by calling dch from now on?
<zul> yep
<soren> With no arguments, it runs $EDITOR
<soren> Only difference is that dch ensures standard format is used for changelog entries where multiple people participate.
<soren> Also, can you please not leave those UNPUBLISHED changelog entries in there?
<zul> in which branch?
<soren> All of 'em?
<zul> k
<bencer> is anybody willing to sponsor new zentyal (old ebox) packages? we mailed -server ml but nobody stepped, only robbie suggesting to mail -sponsors. soren maybe you as our first sponsor? :)
<soren> bencer: Where are the packages?
<bencer> soren: https://launchpad.net/~jacalvo/+archive/zentyal-precise/
<soren> bencer: How are upgrades handled?
<bencer> no upgrade path, we have a migration tool from 2.0 to 2.3, but is beta and not packaged
<bencer> actually, packages on lucid and later releases are quite broken
<bencer> nothing that depends on ldap works
<bencer> so i think doesn't worth to provide a migration path
<bencer> anyway, we can improve that, but we are in kind of a hurry now
<bencer> because feature freeze is in a week, and after that no new packages will be accepted without an exception
<kagz> hi!!
<robo> is apt-get clean safe to run? It says that it "clears out the local repository of retrieved package files."  and that sounds important
<Daviey> soren: wait, what have i done?
<Daviey> soren: UNPUBLISHED or UNRELEASED ?
<ChmEarl> robo, /var/cache/apt/archives gets cleared. Back it up first if needed
<Daviey> bencer: Are these NEW packages, or new versions?
<robo> ah, ty che3ver
<robo> ChmEarl,
<Driip> Hello Ubuntu Community! I was wondering if any of you know any Web interface Firewall for ubuntu. Cant seem to find any decent once which is "easy" to port forward etc
<Daviey> as in, all of these packages have a lower version already in the archive?
<ChmEarl> robo, locate "*.deb"  -> results should be from that dir
<kagz> robo iits always good to first backup as chmearl says
<robo> i'm in a bit of a spot here. I built a package for node.js called custom-nodejs.deb which I told apt that it requires libssl-dev. So I went to install libssl-dev and I got this error: "libssl-dev: Depends: zlib1g-dev but it is not going to be installed". Then I try to install zlib1g-dev and I get: custom-nodejs: Depends: libssl-dev but it is not going to be installed
<_ruben> robo: try sudo apt-get install -f
<robo> _ruben, will that cause unexpected behavior?
<bencer> Daviey: are new packages that replace the old ones, now the project is called zentyal, was called ebox before
<_ruben> robo: it'll try to fix any inconsitencies by installing packages that are missing by dependencies
<bencer> Daviey: they have the replace headers in control and so on
<Driip> bencer: what is Zentyal exactly? is it some kinda wrapper for ubuntu or does like change the whole operating system
<Driip> like would i be able to still use the ssh to do normal commands in ubuntu.
<robo> _ruben, I think i'm going to take a snapshot just in case this breaks something :-)
<bencer> Driip: it manages some services in a "best as we can" way
<bencer> we you enable a module, admin gets a notification of files going to be managed
<Driip> bencer: so its basicly just like webmin?
<bencer> you can merge you changes with zentyal configuration editing these templates
<bencer> Driip: actually not, we try to be distribution friendly
<bencer> and not to smash the system
<_ruben> robo: it shouldn't .. and it'll ask for confirmation after telling you what it'll do .. iirc :)
<robo> ah
<Driip> bencer: but apart  from that it would be a yes? :P
<robo> okay
<bencer> Driip: is not only a web interface, we do integration between the modules and services
<bencer> all modules talk to ldap, firewall, etc modules
<bencer> and we use .d folders where possible
<Driip> bencer: But lets say, i have other services like Game servers etc. would this be a problem to run on ubuntu after a Zentyal installation. or is the base system still accessible? What im afraid of is that my system goes all clearOS on me
<bencer> Driip: of course not, we are a set of packages that we touch only the modules we manage
<bencer> we dont destroy the system, you can still work with apt like you are used to
<bencer> and if you disable a module, you can keep on modifing the conf files as you would expect on plain ubuntu
<Driip> that sounds sweet
<Driip> does this work with debian aswell or is it only ubuntu support ATm?
<bencer> this is one of the things more people like of zentyal, they install the packages to manage the server, and the things they found missing, they configure them by hand
<bencer> should be pretty easy to use it on debian
<bencer> but i didnt have the time to test it
<bencer> ubuntu server is our priority
<Driip> mhm i see
<bencer> we use upstart for many things, but that's present on debian too
<Driip> i use ubuntu on most of my servers. but debian tends to be more stable
<Driip> ill actually try it on debian first and if it all works smoothly ill go for it on rest of em :)
<Driip> looks awsome
<bencer> well i don't think there is a huge different, both are quite similar and i prefer ubuntu server for some things
<bencer> like the guarantee support lifecycle
<bencer> or having upstart to respawn servicies out of the box, and not having to install runit or things like that
<Driip> thats true :). I had a problem with my server a while ago where my NIC or whatever went to sleep without any reason. And i randomly appeared on the network again after x amount of time (normally hours)
<Driip> after that i had to port some of my servers to debian
<Driip> never figured it out
<bencer> soren, Daviey is you find the time to sponsor the packages, would be great, let me know, please
<Driip> Anyways. thats for the help/explanation. ill get back to work now!
<Driip> thanks*
<soren> Daviey: Looking more closely, it seems it may have been bzr rebase that screwed with me. I'm not entirely sure, though. More proof the rebasing is evil.
<roaksoax> Daviey: still around?
<Eruadan> hi
<RoyK> ho
<Eruadan> sup RoyK
<roaksoax> smoser: around?
<smoser> roaksoax, here
<jamespage> SpamapS, ping
<hallyn> smoser: so the cloud image has lxcguest built in, right?  template shouldn't have to do anything after downloading it?
<smoser> hallyn, correct
<smoser> it should boot in lxc.
<smoser> if not, you have something to fix
<smoser> :)
<hallyn> and what about username/pwd?
<SpamapS> jamespage: oh my! you're still here. :)
<jamespage> SpamapS, took a break and eat pizza
<jamespage> ate that is
<SpamapS> MMMMMmmm pizza
<SpamapS> jamespage: I'm actually modifying the jenkins charm to allow plugins. :)
<jamespage> SpamapS, sweet!  How are you enabling them?
<SpamapS> jamespage: dropping them in /var/lib/jenkins/plugins :)
<SpamapS> 2012-02-07 13:20:18,416 unit:jenkins/0: hook.output ERROR:   Issued certificate has expired.
<SpamapS> Unfortunately, updates.jenkins-ci.org's cert expired yesterday
<jamespage> bah!
<jamespage> are you using the distro packaging in oneiric?
<SpamapS> jamespage: yes still oneiric
<jamespage> SpamapS, hmm - thats tickling something at the back of my mind...
<SpamapS> jamespage: more plugins in precise now?
 * jamespage goes to take a look
<jamespage> SpamapS, I remembered something but if was for plugin signing not the cert on the website.
<jamespage> hmm - I know that the core jenkins folk have been travelling
<SpamapS> jamespage: its ok, this just needs --no-check-certificate to wget until they fix it
<jamespage> SpamapS, you should take a look at jenkins-cli as well
<jamespage> SpamapS, I see discussion about this issue on #jenkins
<jamespage> SpamapS, jenkins-cli -s http://localhost:8080 install-plugin gives more help
<jamespage> it talks to jenkins over its RESTful API and tells it to download X plugin from the update-centre
<jamespage> you can get it to restart once they have been installed as well
<jamespage> SpamapS, so you wanted to discuss reboot testing?
<Daviey> roaksoax: long enough to write this :)
<SpamapS> jamespage: yes, give me a couple minutes... and thanks for the tip on jenkins-cli
<roaksoax> Daviey: so i'll give you something to think
<roaksoax> Daviey: the enlister has d-i cobbler-enlist/host-profile string precise-x86_64
<roaksoax> enlister preseed*
<roaksoax> so that's the profile for the system. How do we select on automatically?
<roaksoax> Daviey: the same applies for user/pass
<roaksoax> Daviey: there's no way to determine it automatically
<Daviey> roaksoax: make it a templatetag that can be updated/overidden via the api?
<jamespage> SpamapS, if I manage to pull my finger out in the next few days I'll see if I can enable the SSH module in the precise version
<jamespage> means you don't have to have java installed
<jamespage> todo remote admin
<roaksoax> Daviey: what do you mean?
<roaksoax> Daviey: http://paste.ubuntu.com/833205/
<Daviey> roaksoax: I'm sorry, but i can't talk right now.. give me 30mins
<roaksoax> Daviey: no worries ;)
<adac> I'm trying to install etherpad (via etherpads deb repo) and it tries then to install all this packages: http://pastebin.com/hJ80QBkK I was wondering if thes are grafical packages?
<adac> mean if it does intalla grafical UI
<jamespage> adac, etherpad uses java itself and also uses openoffice for document generation
<rallias> is there software that I can employ the use of that allows me to encrypt the contents of my server's files and transparently decrypt them upon use?
<adac> jamespage, hmm so it isntalls a graifacl desktop?
<adac> grafical
<rallias> preferably that I can install after the server is up and running.
<jamespage> I would suggest looking at etherpad-lite - its entirely node.js and uses abiword instead for doc generation which is a much smaller footprint
<jamespage> adac, unfortunately I think that a full Java JDK is required which does pull in some X related libraries; but not a full desktop
<adac> jamespage, i see yes
<adac> jamespage, maybe light would be enough though...but i guess both need these grafical packages
<jamespage> adac, no - etherpad-lite does not use Java at all
<jamespage> (not that I have anything against Java :-))
<adac> :)
<adac> jamespage, yes I understand...but abiword is grafical, right?
<jamespage> adac: well it runs headless under etherpad-lite - and its dependency footprint is much smaller
<SpamapS> jamespage: ok, so.. did you get my email about the test stuff?
<jamespage> SpamapS, I did - just checked it out
<jamespage> want to walk me through it?
<adac> jamespage, i guess etherpad-light just won :)
<jamespage> adac: its much more active in terms of development community
<jamespage> adac: https://github.com/Pita/etherpad-lite
<jamespage> 1.0 works pretty well
<adac> cool thanks!
<SpamapS> jamespage: Its been updated a lot since I sent that.. but it seems to work for me
<SpamapS> jamespage: should get the result of both the post-reboot test and the regular test..
<rallias> is it possible to change the home directory of a service user such as www-data and enable encryptfs with it in the new home directory?
<Eruadan> i'm learning to program...what should i do firt, ror or node.js?
<jamespage> SpamapS, so I remember that run_test gets injected into the initrd that boots and installs the system;
<Eruadan> first*#
<jamespage> how are you adding boottests.py and the reboot_test_cases?
<SpamapS> jamespage: same way
<rallias> Eruadan, Whichever you see as more useful in the field you wish to program in.
<SpamapS> jamespage: boottests.py goes in the initrd too.. reboot_test_cases goes in couchdb
<jamespage> SpamapS, so did you make changes to ubuntu-server-iso-testing as well?
<Eruadan> i see a lot of rails apps ready, i feel more secure with ruby. But i see javascript and node beautiful, just imature
<SpamapS> jamespage: yes
<SpamapS> jamespage: oh I thought I included that.. hang on
<Eruadan> and i'm into web programming
<Eruadan> it seems ^^
<SpamapS> jamespage: lp:~clint-fewbar/ubuntu-server-iso-testing/add-post-reboot-tests
<SpamapS> jamespage: this is a bit of a mess really.. hard to follow and understand without days of covering yourself in the mud
<Eruadan> rallias, do you know ruby?
<jamespage> SpamapS: agreed - I've hardly touched run_test since it was first written many moons ago
<jamespage> hence why qa want to stand back from this and re-develop
<SpamapS> jamespage: I thin juju would actually be an easy choice for this
<SpamapS> jamespage: it just needs a libvirt provider. :)
<jamespage> SpamapS, lol
<Eruadan> i might leave node.js for a second step, ror seems a nice way to get out of drupal chain, and learn something useull
<Eruadan> i do site building for 2 years already
<SpamapS> Eruadan: trading drupal for ror is like trading a sperm whale for a grey whale... they're both mostly blubber
<rallias> Eruadan, No. The only languages I know are perl and php.
<jamespage> hm - I seem to have a magical new keyboard shortcut that minimizes all my windows!
<jamespage> SpamapS, well bearing in mind the context of the code changes it looks OK to me
<SpamapS> jamespage: the end result is an extra results file..
<jamespage> yeah
<SpamapS> -rw-rw-r-- 1 clint clint 847 Feb  4 12:06 POST-REBOOT-TEST-lamp-reboot.xml
<SpamapS> jamespage: actually I think there's a bug as that is duplicated from the regular result
<SpamapS> jamespage: but, once that is fixed.. whats the next step to get those feeding jenkins?
<jamespage> you might want to rename that to TEST- POST-REBOOT-lamp-reboot.xml
<jamespage> Jenkins looks for **/TEST-*.xml
<jamespage> SO; Step 1) would be to propose the changes to ubuntu-server-iso-testing
<Eruadan> SpamapS, i just cannot learn drupal module development, it's a mess
<jamespage> jibel and hggdh will want to review as well
<Eruadan> rails is much more clean, in my view
<jamespage> Minor glitch maybe that we agreed not todo any more feature development in this project
<jamespage> but its prob OK.
<jamespage> Once its merged we can then get it deployed in the lab with some new jenkins config; that will really need QA team involvement
<jamespage> I can do it but they are taking more of a lead these days....
<SpamapS> jamespage: heh, yeah, nobody told me that we can't do features. :)
<hallyn> stgraber: would it be deemed an unholy hack to have dnsmasq by default expliclty say --except-interface=virbr0,lxcbr0?
<jamespage> SpamapS, well there ain't nowhere else to deliver it from yet!
<hallyn> because ppl get bitten by it more often than i'd like
<SpamapS> jamespage: ok I'll get it a little cleaned up.
<stgraber> hallyn: what kind of issue is it causing by not having --except-interface? (yes it'd be a pretty big hack causing even weirder bug reports)
<hallyn> there's bug 925511
<uvirtbot> Launchpad bug 925511 in lxc "lxc init script should fail when it ... failed" [High,Fix released] https://launchpad.net/bugs/925511
<hallyn> (looking ofr the most recent libvirt one)
<SpamapS> jamespage: hrm, jenkins-cli would be helpful if I could coax it to ignore bad certs. ;)
<jamespage> SpamapS, lol
<hallyn> stgraber: bug 918807 and bug 925511 i guess
<SpamapS> jamespage: thanks btw for the review. I release you to bedtime. :)
<uvirtbot> Launchpad bug 918807 in libvirt "[precise] virbr0 not created during fresh install when dnsmasq is running with --except-interface=virbr0" [Low,Confirmed] https://launchpad.net/bugs/918807
<uvirtbot> Launchpad bug 925511 in lxc "lxc init script should fail when it ... failed" [High,Fix released] https://launchpad.net/bugs/925511
<jamespage> well once that is fixed ....
<SpamapS> jamespage: actually I think it can just take a bare http:// url for the .hpi so it should work fine
<robbiew> zul: ping
<SpamapS> jamespage: https://code.launchpad.net/~clint-fewbar/charms/oneiric/jenkins/add-plugins/+merge/91930 .. if you get bored. :)
<stgraber> hallyn: well, the problem is going to be when someone creates virbr1
<robbiew> zul: nevermind
<kantlivelong> anyone here use NUT for UPS monitoring?
<hallyn> stgraber: at that point they can surely take care of themselves
<hallyn> i don't suppose --except-interface can handle wildcards :)
<robbiew> kantlivelong:  roaksoax/RoAkSoAx *might* be able to help
<robbiew> kantlivelong: Uzuul is the real expert -> https://launchpad.net/~aquette
<robbiew> I don't think he's around, but you can certainly email him...he's driving this spec for 12.04 https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-cloud-power-management
<kantlivelong> robbiew: its just kinda weird..
<kantlivelong> instead of waiting for a low battery warning it just shuts down after X seconds of being on batt.. kinda sillly....
<MTecknology> kirkland: You happen to have a PPA for oVirt? :D
<kirkland> MTecknology: no, sorry
<kirkland> robbiew: is anyone working on oVirt at this point at Canonical?
<MTecknology> kirkland: :'{   You should. I'm having a bitch of a time trying to build it
<kirkland> MTecknology: heh
<robbiew> in terms of building it...nope
<kirkland> MTecknology: ^
<MTecknology> so.. so work being done to make it a nice sexy package?
<hallyn> smoser: if i set root:root password in lxc-ubucloud, are you going to cry?
<MTecknology> Any chance you can help me with this?.. http://dpaste.com/699214/
<hallyn> smoser: because otherwise, since agetty clears the screen on startup, i miss the supposed printing out of ubuntu user password
<hallyn> maybe i'll do ubuntu:ubuntu
<robbiew> MTecknology: yuck :/
<hallyn> oh no then your cloud still will overwrite it
<MTecknology> robbiew: I was trying to follow with http://www.ovirt.org/wiki/Building_Ovirt_Engine  using the repos for everything except jbossas
<utlemming> hallyn: couldn't you just use "--noclear" for agetty?
<hallyn> utlemming: it's your f'ing image
<hallyn> you tell me
<robbiew> MTecknology: yeah...so this is why we haven't tackled ovirt...JBoss
<hallyn> i'll just do root:root until someone has a better idea
<hallyn> or did i misread?  is passw0rd always the ubuntu pwd?
<robbiew> MTecknology: jamespage is our resident java man...but he's probably asleep..or should be (in the UK)
<robbiew> you could try posting to ubuntu-server...loads of folks on there
<MTecknology> robbiew: perhaps I'll bug him when he's awake. I'm about to go home for the day, if I don't catch him before the morning, I'll try the ML. :)
<MTecknology> robbiew: I _should_ be able to do this not horribly painfully, right?
<robbiew> heh
<utlemming> hallyn: the default password for the ubuntu images is ubuntu:ubuntu with the user password disabled
<robbiew> MTecknology: sure..on Redhat :/
<MTecknology> :(
<hallyn> utlemming user password disabled?  so how do i log in?
<robbiew> unfortunately other distros (even SuSE) have additional hurdles
<jamespage> MTecknology, try running maven with a -X flag - it should tell you a bit more
<MTecknology> robbiew: I don't wanna; are there any other things I could use that give non-linux guys a pretty way to manage a few hundred hosts?
<utlemming> hallyn: cloud-init needs to enable it...or we need to rethink the tooling of the images in that context
<MTecknology> jamespage: I restarted it with -e, I'll do with -X
<robbiew> MTecknology: landscape.canonical.com..but of course, I assume you mean for free ;)
<MTecknology> robbiew: landscape will manage deploying VM's on a KVM host?
<robbiew> MTecknology: no idea, tbh...fwiw, we are involved with ovirt...just not actively working on enabling it this cycle...plate is more than full, if you know what I mean
<robbiew> oh..no
<robbiew> lol
<robbiew> sorry
<robbiew> misunderstood
<MTecknology> I do think landscape is nice and pretty, but higher up guys wouldn't go for it
<robbiew> understand
<MTecknology> k- it's go home time.
<hallyn> utlemming: would it be fair for me to push the lxc-ubucloud template as I ahve it, and let you open a bug to explain how it should be done better?  (cause i don't understand what 'cloud-init needs to enable it' means)
<robbiew> MTecknology: have a good one
<utlemming> hallyn: do you have a link to your template?
<hallyn> smoser: utlemming: stgraber: and, what woudl be a better name than ubucloud
<jamespage> MTecknology, this might be a stupid question but how much free RAM do you have?
<hallyn> utlemming: one sec, i'll push it
<utlemming> but yeah, that is probably the way to do it
<MTecknology> -/+ buffers/cache:        408         88
<robbiew> MTecknology: http://openetherpad.org/ovirt-on-debianubuntu ...fyi
<jamespage> When java forks it can be very memory intensive at the point it forks and it won't push into swap
<hallyn> utlemming: http://people.canonical.com/~serge/lxc-ubucloud
<MTecknology> jamespage: you think that might be killing it?
<jamespage> MTecknology, probably
<hallyn> utlemming: 'lxc-create -t ubucloud -n cloud1' works fine for me with that template (and i can start it just fine too)
<jamespage> if it hit 650M usage and tried to fork it would need another 650M of non-swap memory to fork successfully
<jamespage> (or so I remember - got caught out with forking solr cache warmups in an application server)
<jamespage> it might not need that afterwards....
<jamespage> MTecknology, leave me a message if that does not sort you out - as robbiew says I should be in bed...
<smoser> hallyn, ubuntu-cloud-images
<MTecknology> jamespage: will do- thanks :D
<Eruadan> just have this node.js running my head....I might learn javascript, it seems more purposes than ruby.Besides, you need to know ajax anyway...
<Eruadan> yes, i will go for javascript, i decided now
<utlemming> hallyn: how about http://paste.ubuntu.com/833283/
 * robbiew wonders if one could install the dependencies and then use alien on the ovirt packages
<hallyn> utlemming: so cloud-init itself won't mess with it?
<utlemming> hallyn: yes, cloud-init will leave the Ubuntu user alone unless the user sends a cloud-config to mess with it
<hallyn> utlemming: testing, but it's fine with me long's it works
<hallyn> utlemming: hm, usermod -U ubuntu: No such file or directory
 * utlemming looks
<hallyn> (trying with full path, just in case)
<utlemming> and it should be just "ubuntu" not "ubuntu:"
<hallyn> utlemming: that's just part of the error msg
<utlemming> ah
<hallyn> oh, i don't think you can do the quotes :)
<utlemming> :(, really?
<utlemming> surprising
<hallyn> there is command called "usermod -U ubuntu"  :)
<hallyn> nah, chroot isn't that smart
<hallyn> or, it doesn't want to maek assumptions about yoru pathanmes
<utlemming> for image building we do chroot "meh" all the time
<hallyn> (after all, space is ok in a pathname)
<hallyn> yes
<hallyn> but not "meh hello workd"
<hallyn> yeah that worked
<hallyn> well, haven't fired it up yet
<hallyn> stgraber: feh!  my reboot patch for lxc is messed up still.  my check for reboot support is bogus.
<hallyn> utlemming: ok, all good. I'll do it that way, thanks.
<hallyn> utlemming: question still stands, do you want a different name, or is ubucloud ok?
<utlemming> hallyn: ubucloud is kind of catchy, but probably ubuntu-cloud
<utlemming> for branding consistency
<hallyn> bleh.  that's a lot of typing
<hallyn> but ok
<hallyn> maybe we need bash completion for lxc-create
<mgw> has anybody experienced an issue where the partition manager (in the installer) keeps returning to the main screen if you select anything other than "Guided - Entire Disk"?
<mgw> (11.10)
<JanC> mgw: I used it fairly recently and didn't see that
<mgw> JanC: thanks, i wonder what's going on; do you know if the server images are updated with bug fixes?
<mgw> within a specific release (e.g., 11.10)
<JanC> serious bugfixes yes (security bugfixes certainly, serious bugfixes if somebody takes the time?)
<mgw> JanC: thanks
<JanC> mgw: just thinking about it, only LTS server images get updated   ;)
<mgw> Yeah, i just noticed everything on 11.10 still has Oct 13 datastamp
<uvirtbot> New bug: #918807 in libvirt (main) "[precise] virbr0 not created during fresh install when dnsmasq is running with --except-interface=virbr0" [Low,Confirmed] https://launchpad.net/bugs/918807
<uvirtbot> New bug: #928524 in lxc (main) "lxcbr0 fails to come up when dnsmasq is installed" [Low,Confirmed] https://launchpad.net/bugs/928524
<uvirtbot> New bug: #928550 in php5 (main) "PHP Comparison Issues ...  0 equates to 'D'" [Undecided,New] https://launchpad.net/bugs/928550
<abrotman> I'm trying to dist-upgrade from 8.04 to 10.04, and for whatever reason, the 8.04 is using EVMS.  When the system boots, it stops, and says it cannot find the device for /, and asks me to wait, hit S or M for Skip or Manual.  If I hit Skip, i can then mount everything as normal (though I have to remount / as rw).
<MTecknology> three away nick changes in one screen of text...
<abrotman> It seems to be a bug in mountall and/or udev, but I'm looking for a way to maybe have udev rescan the devices or something along those lines .. I'm really not sure
<abrotman> i found a few bugs in launchpad related to this, but they reference an issue with LVM, not EVMS .. and the fixed packages seem to already be in place.
#ubuntu-server 2012-02-08
<pukeko> hi there.. i have a Gbit rated lan, and am getting speed readings of approx 260mbits from XP clients when connecting to a local samba server ( at non peak time ) is this too low ?
<qman___> pukeko, bitrate and throughput are two very different things
<qman___> mediocre desktop computers can only transfer files in the 35-50MB/s range, older poorer performing ones lower
<qman___> in ideal conditions, a windows vista/7 computer with a multi disk raid 0 can achieve 80MB/s from a linux samba server
<qman___> the server must also have a multi disk raid to keep up with those numbers
<hallyn> utlemming: smoser: stgraber: I may push http://people.canonical.com/~serge/lxc.debdiff  tonight.
<pukeko> if i perform the same test (iperf) from another linux box im getting approx 700mbits -- am wondering if its the SMB 1.0 overhead ..
<hallyn> (leaving tests running as i get some dinner)
<stgraber> hallyn: "++    echo "Please login as Ubuntu." => shouldn't it be "ubuntu"?
<hallyn> stgraber: I figured utlemming meant user Ubuntu
<pukeko> should i set the Tcp Window to the same on the XP and the Linux ..?
<hallyn> i.e., username
<hallyn> i'll change it.  should i list the pwd too?
<utlemming> hallyn: yup
<stgraber> probably a good idea yeah
<pukeko> if i do that i get around 700mbits also
<stgraber> hallyn: I'm guessing this won't work until we have the new upstart though right?
<hallyn> works fine :)
<hallyn> the cloud images have lxcguest built in
<stgraber> ah ok, so we'll break them when we remove lxcguest, good to know ;)
<hallyn> in fact we'll have to think whether new upstart will cause it problems
<hallyn> yeah
<hallyn> i dno't know if automated cloud image generation will break, or just say "<shrug> no lxcguest, s'coo"
<hallyn> utlemming: ^
<utlemming> hallyn: I'm not sure I follow the concern
<hallyn> utlemming: pretty soon lxcguest will be removed from precise
<stgraber> utlemming: the lxcguest package won't exist anymore next week (hopefully)
<utlemming> ah....that's not a problem
<hallyn> sweet
<utlemming> the package is being installed via the server^ pattern
<utlemming> we are not explicitly installing it
<hallyn> i don't know what that is
<utlemming> apt package group
<hallyn> ok, sweet.  thx.
<stgraber> oh, which means that lxc will be automatically moved back to universe once lxcguest is dropped
<stgraber> because currently the source and lxcguest are in main as lxcguest is in a server seed
<stgraber> when that's no longer the case, it'll be fully moved back to universe and so anyone who's MOTU will have upload rights again
<hallyn> are we ok with that, or do we beg for MIR for lxc?
<stgraber> I think it'd make sense to have lxc at least be in the supported seed but that'll require an MIR
<stgraber> I mean, we kind of hope people are going to use it in 12.04 otherwise we wouldn't put that much effort into it, so then I think it makes sense to have it as part of the LTS
<hallyn> out for dinner, bbl
<hallyn> stgraber: tests all pass.  did you ahve any more comments, or shoudl i push?
<stgraber> hallyn: nope, that was the only thing I noticed
<hallyn> ok thx
<EvilResistance> anyone able to guide me through this?  http://askubuntu.com/questions/102381/configuring-ubuntu-server-to-act-as-a-gateway-similar-to-a-router
<qman___> EvilResistance, assuming you have both interfaces configured already, eth0 is internet, eth1 is LAN, `echo 1 > sudo tee /proc/sys/net/ipv4/ip_forward; sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE; sudo iptables -A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT; sudo iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT`
<EvilResistance> qman___, the configuration of eth1 is the main issue i'm having, it doesnt want to work :P
<qman___> that is doing it live, to have said configuration automatic at boot requires a few config file changes
<qman___> you'll have to be more specific
<qman___> "it doesn't work" isn't enough to go on
<EvilResistance> qman___, system isnt detecting the second networking card :P
<EvilResistance> at least...
<qman___> well, that's a hardware problem then
<EvilResistance> not within networking... lspci has it, but its not being confiugred as an interface
 * EvilResistance agrees
<EvilResistance> qman___, alternatively, other question I had is related:
<EvilResistance> how can i set up just the LAN part
<mgw> any cobbler experts know what causes this on a cobbler replicate: Exception value: 'cobbler trigger failed: cobbler.modules.sync_post_restart_services'
<qman___> ?
<EvilResistance> qman___, that is to say, configure the box as a LAN controller, without having external gateway access
<EvilResistance> and also, to provide IPs to each machine (also unconfigured on this box)
<qman___> there's nothing to control
<qman___> give it an IP
<qman___> oh, you want to provide DHCP, you need a dhcp server
<EvilResistance> mhm
<EvilResistance> consider this is going to work with 45 systems, i dont want to be setting 45 IPs by hand :p
<qman___> apt-get install dhcp3-server, or apt-get install dnsmasq
<qman___> dnsmasq has the main benefit of also including DNS caching and automatic local DNS
<EvilResistance> thanks.
<qman___> for future reference, if you know what you need, but not which package to install, you can use 'apt-cache search x' to try and find it
<qman___> among a larger list of things, 'apt-cache search dhcp server' returned both of the above results
<EvilResistance> i see
<Patrickdk> apt-cache search what I need
<EvilResistance> qman___, last question, assigning an IP to the box itself for the LAN.  Can either dhcp3-server or dnsmasq do this automatically and give it, say, 192.168.1.1?  or does that get set up statically separate from the configuration of dnsmasq
<qman___> your dhcp server must have a statically configured interface
<qman___> actually that's not strictly true, in some rare instances
<qman___> but for your purposes, and most all purposes, the DHCP server needs to already have a statically configured LAN interface in /etc/network/interfaces
<qman___> the default gateway must always have a static IP
<EvilResistance> indeed.  i assume i can configure the thing to hand out IPs from the 10.0.0.0/8 range, rather than 192.168.1.1?
<EvilResistance> s/192.168.1.1/192.168.0.0\/16/
<qman___> yes, you can use any range you want, though you should pick ranges in the designated private address spaces
<EvilResistance> 10.0.0.0/8 is defined in the RFCs to be private-use if i'm not mistaken...
<qman___> yes, it is
<twb> 192.168/16, 10/8 and 172.16/12
<twb> Also 169.something is reserved for the .local mDNS/DNSSD pseudodomain
<qman___> 169.254/16
<qman___> for APIPA
<twb> avahi and all its friends need to FOAD tho
<EvilResistance> alrighty, i'm going to go take a stab at this, i shall return and let you know of the results
<EvilResistance> qman___:  i've installed dnsmasq, and it is running.  I've followed (as far as I can tell) the correct configuration modification to enable the integrated DHCP server, and assign from a range of 45 IPs in the 10.0.0.0/8 area, with a 12 hour lease: dhcp-range=10.0.0.5,10.0.0.50,12h.  I hook up one of the machines that i'm trying to get to work on this, and it doesnt receive an IP at all
<qman___> EvilResistance, requisites: the server's interface must be up and configured, dnsmasq must have been restarted since the configuration change
<EvilResistance> one second, *fixes something unrelated*
<Resistance> okay, so now my system died >.> figures.
<Resistance> ANYWAYS i've put this into /etc/network/interfaces, i'm not even sure this is correct for what needs to be configured: http://pastebin.com/BS7umd1q
<qman___> that is not correct
<qman___> gateway cannot be itself
<qman___> you can omit a gateway if there is none
<Resistance> that's what i wasnt sure about :P
<Resistance> and still nothing :/
<Resistance> of course, network manager on the system connecting to the DHCP thing doesnt give me detailed information at *all*
<qman___> well, the mere presence of network manager can break everything
<qman___> I assumed you were using a server
<qman___> to eliminate network manager as the problem, 'sudo service network-manager stop'
<qman___> other thing to check is the logs
<Resistance> i am
<Resistance> the server doesnt have network manager
<qman___> and restart dnsmasq after you bring up your 10.0.0.1 interface
<Resistance> the client system *connecting* to the server is
<qman___> ah, ok
<qman___> well, you can still stop network manager and use dhclient -v instead
<qman___> that'll show you what's going on on the line
<Resistance> but because network manager is a piece of [REDACTED], it doesnt give useful error messages
<Resistance> ah
<Resistance> ... only problem is that the system i'm trying to connect to the server is the system i'm talking from...
<Resistance> and thats running off of a local wifi i have access to...
<Resistance> if i stop network manager on here, the connection will die :/
<qman___> unfortunately, yes
<qman___> but network manager is pretty persistent
<qman___> can't reliably dhclient with it running
<qman___> can try though
<Resistance> meh lemme load up colloquy off my iphone so i can continue to communicate here
<Resistance> note my response speed will be far slower
<Resist|WEB> okay, lemme bring down network-manager here...
<Resistance> seems to be trying to broadcast to 255.255.255.255, but nothing seems to be responding...
<twb> gateway line looks wrong
<Resistance> there is no more gateway line.
<qman___> ok, if nothing's coming back, then next step to try is to make sure you can communicate at all
<twb> http://paste.debian.net/155527/ is how I'd do it
<qman___> manually set an address with ifconfig or ip, and try to ping the server
<twb> But you want a 0/0 route *somewhere*, it just makes no sense to have it routed to yourself
<qman___> there's no internet in his scenario yet, because his second NIC doesn't work
<twb> OK
<qman___> but yeah, normally you'd set one
<Resistance>  qman___ no respons... oh for the love of god...
 * Resistance face desks
<twb> Resistance: purge NM entirely
<Resistance> I forgot to edit the firewall
<qman___> that'll do it
<qman___> stopping/starting network-manager works pretty reliably for my laptop
<qman___> I often have to set it up as a router/gateway or bridge to troubleshoot stuff on the job, but also need network manager for wifi
<qman___> and VPN
<qman___> I know I don't NEED it for those functions, but it does them well and is way easier than doing it by hand
<hallyn> zul: could you please syncpackage -d unstable numactl ?
<arrrghhh> is there a way to find out what is the physical location of an image file ?  all i see is /dev/loop0 on /media/xda when i run 'mount'.  lsof didn't seem to find it either..
<Resistance> bleh, still not working
<Resistance> I'll fix it later, I have other stuff to do :/
<twb> arrrghhh: losetup
<twb> arrrghhh: /proc/mounts MAY tell you, I think that's new in 3.2
<arrrghhh> ah, excellent
<arrrghhh> 2.6.32 here lol
<arrrghhh> sudo losetup -a did it.
<arrrghhh> thanks
<twb> mount -o loop uses losetup internally, you see
<arrrghhh> interesting...
<arrrghhh> the rabbit hole goes deep usually on linux.  especially ubuntu
<hallyn> not to use arrrghhh's name in vain, but I just realized I lost an hour of last night's work by accidentally terminating an instance :(
<uvirtbot> New bug: #928608 in bind9 (main) "package bind9 1:9.7.3.dfsg-1ubuntu2.3 failed to install/upgrade: subproses skrip post-installation terpasang menghasilkan kesalahan status keluaran: 1" [Undecided,New] https://launchpad.net/bugs/928608
<arrrghhh> hallyn, i've been used for worse.
<hallyn> even with wrath-of-khan-level gesturing?  good, cause it was painstaking ugly-patch-porting work...
<cloneMX> hey all, someone alive?
<twb> No
<cloneMX> lol
<cloneMX> someone not-bot alive?
<arrrghhh> he's not a bot.
<cloneMX> looks like
<cloneMX> simple and clear
<cloneMX> just a Not
<arrrghhh> but he usually has a pretty good catalog of knowledge, he's answered more than a handful of questions i've had.
<arrrghhh> er
<arrrghhh> i guess i'm assuming he.
<arrrghhh> meep.
<kantlivelong> anyone here using apcupsd with a RFC1628 SNMP card?
<arrrghhh> anyhoo, you got a question?
<cloneMX> yep
<twb> !anyone
<ubottu> A high percentage of the first questions asked in this channel start with "Does anyone/anybody..." Why not ask your next question (the real one) and find out? See also !details, !gq, and !poll.
<cloneMX> well
<arrrghhh> kantlivelong, i'm using apcupsd... but i don't think with that card.  sorry.
<cloneMX> well cause polite first
<kantlivelong> arrrghhh: its an ethernet based card :P
<arrrghhh> i have a USB connection from the ups to the PC
<kantlivelong> ive tried NUT and it seems good except one goof that it doesnt shutdown based on batt percent..
<arrrghhh> hrm
<arrrghhh> it's an APC?
<kantlivelong> no
<cloneMX> well mi problem is with some services at ubuntu 11.10
<arrrghhh> oh
<kantlivelong> RFC1628 compliant snmp web card
<cloneMX> just stop sending bytes after a request
<cloneMX> ssh and apache
<kantlivelong> arrrghhh: which apcupsd says it supports
<arrrghhh> hrm..
<cloneMX> but the things is not with all host
<cloneMX> just with some of it
<kantlivelong> i hope its just my OS giving me the segfault for apcupsd:P
<kantlivelong> (not ubuntu for the host node)
<cloneMX> well think 2 problmems at the same time are not posible
<cloneMX> lol
<kantlivelong> i hope this works :)
<kantlivelong> APCUPSD > NUT
<cloneMX> guys you know if Ubuntu 11.10 got some kind of intruders network detector
<twb> Is apcupsd APC-specific?
<twb> I'm mainly usint nut because I don't know any better
<twb> cloneMX: not out of the box.  Here is the one I use: http://cyber.com.au/~twb/doc/iptab.ips
<twb> cloneMX: I also recommend running regular pentests from outside the network, e.g. openvas
<cloneMX> well I was asking cause I dont know why the server is closing my network service conections like apache2 and ssh
<cloneMX> but not from all Hots
<cloneMX> hosts
<cloneMX> : D
<arrrghhh> have you checked the logs?
<twb> cloneMX: probably because your switch is fucked or your NATing router is fucked, or you have a bad cable or similar.
<arrrghhh> i would think all connections would drop if it was on the host side.
<arrrghhh> no/
<arrrghhh> ?
<cloneMX> well im  using a brand new adsl modem
<twb> cloneMX: do the normal fault isolation things, such as checking the logs (as arrrghhh suggests), turning other services off, turning debugging on/up, swapping out components
<cloneMX> over a pppoe
<cloneMX> no logs
<cloneMX> no firewall
<twb> testing components in isolation, e.g. connecting locally before connecting over the network
<cloneMX> no info
<arrrghhh> no logs?
<arrrghhh> there's logs.
<cloneMX> yep
<arrrghhh> apache logs, ssh logs
<cloneMX> no information over the logs
<cloneMX> it just work from some hots
<arrrghhh> hrm
<cloneMX> and not from others
<cloneMX> for example
<cloneMX> now I can see the host from home
<cloneMX> my adsl
<twb> cloneMX: there is a limit to how much we can babysit you
<cloneMX> lol
<cloneMX> ty anyway
<arrrghhh> cloneMX, first, quit using the enter key as  punctuation.  ask your question all in one line.
<twb> cloneMX: it sounds like you're inexperienced enough that you really need someone on the ground who can isolate the fault.
<twb> cloneMX: find your local linux user group (LUG) and ask them to recommend someone
<cloneMX> kk
<cloneMX> letme explain it
<twb> You've been explaining the symptoms for 48 hours without getting anywhere.  Repeating yourself is not going to help.
<cloneMX> im just did what you said
<arrrghhh> oh i haven't been here to see it, sorry.
<qman___> from what you've said, it sounds like a generic network fault, which could be your NIC, or a piece of hardware somewhere between the endpoints, or just the internet being the internet
<cloneMX> from basics
<arrrghhh> cloneMX, WAN residential connections are best effort.
<arrrghhh> they have pretty much no QoS.  certainly they won't take anything that is passed thru your LAN
<cloneMX> ok
<qman___> home connections in general, and DSL in particular, are fairly unreliable
<arrrghhh> yea... DSL suxxxxxors.
<arrrghhh> i'm so very glad i vowed to never use it again :D
<qman___> and if you're running on the ISP provided equipment, it's just as likely the box they gave you is crap
<qman___> they do it all the time
<arrrghhh> see the previous on dsl sucking ^^
<cloneMX> ok
<arrrghhh> cloneMX, you want a reliable host?  VPS.
<twb> arrrghhh: what are you using instead, satellite down, PSTN up?
<arrrghhh> lol@PSTN
<twb> That's the only alternative to DSL in .au
<twb> FSVO alternative = can't get DSL
<arrrghhh> cable.. tis the best my area has to offer at the time being
<arrrghhh> oh
<arrrghhh> i forget about regional issues
<arrrghhh> some areas have fiber
<arrrghhh> some have... no choice
<qman___> yeah, in the US cable is the best trade off
<arrrghhh> indeed
<qman___> FIOS is a better line, obviously, but is only available in select areas
<arrrghhh> comcrast has run some fiber, and their connections are the fastest.
<qman___> cable is widely available and fairly reliable as long as you have good equipment
<arrrghhh> yup, no FiOS here.
<EvilResistance> qman___:  i beg to differ on the FiOS thing
<arrrghhh> qman___, always purchase my own.
<arrrghhh> i wish that community internet would take hold
<EvilResistance> qman___:  identical allowable internet bandwidth in the same location, homes literally next to each other, comcast has more net reliability than FiOS
<arrrghhh> look up 'greenlight cable'
<EvilResistance> at least out at my home
<arrrghhh> i installed that head-end.  10mb up AND down for $40/mo
<EvilResistance> out here where I am now, though, Comcast has the domination
<arrrghhh> 100/100 for... i want to say $99/mo
<cloneMX> lol
<qman___> comcast also has a 250GB/month cap
<qman___> FIOS does not
<cloneMX> ok guys ty
<arrrghhh> i know.  dicks.
<Darkwing> I like my Cox cable... No cap, static IP address
<Darkwing> 25up 10down
<arrrghhh> wait, what?
<twb> Darkwing: ah, but is it a static IPv6 addrses
<arrrghhh> other way around i assume
<qman___> for home lines anyway, business class comcast is better
<arrrghhh> 25up lol
<EvilResistance> qman___:  if available ;P
<Darkwing> IPv4, but it works for a small home server :D
<EvilResistance> business class isnt available out here
<qman___> most of the customers I work with have comcast business lines, but at my house there is only charter communications
<qman___> it's charter, dialup, satellite, or T1
<qman___> no other options are available
<twb> What's charter, a guy on a horse with a bag of USB keys?
<qman___> cable, just a lesser known provider
<qman___> costs more than comcast with less speed, but no usage cap
<raddy_> Hello Everybody
<raddy_> I installed postgresql 8.4 in ubuntu 10.04.
<raddy_> But, /etc/postgresql/8.4/ folder not created
<raddy_> Can anybody suggest what could the problem
<lapsusbrutus> bat crashes on startup.. needs 9101 to function but fails to listen to this port. installed bacula also.  did same thing on a debian computer and no problem at all.
<journeeman> Connection problems :/
<journeeman> Sorry for flooding but, I'll repost the question - I recently installed Oneiric Server-amd64 on a Dell Poweredge 2950 which has an embedded ATI ES1000 card. I need to use virt-manager to manage a few VMs (having trouble with virsh) so, I installed xubuntu-desktop. On reboot, the screen just keeps flickering for a while before blanking out. The radeon driver is installed. There is no xorg.conf file
<journeeman>  to edit in /etc/X11.
<journeeman> Please help :)
<henkjan> journeeman: you can connect with virt-manager on your workstation to libvirt on the server
<henkjan> journeeman: or ssh -X to your server
<henkjan> installing a graphical environment on your server to run virt-manager is not wat you should do imho
<journeeman> Oh ok
<journeeman> Will try them out. Thank you henkjan :)
<chelz> journeeman: pretty sure you can use virt-manager to remotely connect to machines
<chelz> File -> Add Connection -> Connection: [dropdown menu]
<chelz> in that dropdown you can select various kinds of remote access
<chelz> journeeman: so you really don't need to install something as heavy as a full DE
<chelz> and even then, lxde is better than xfce, or dwn, ion, ratpoison, etc
<greppy> ( as a screen and tmux user, /me <3 ratpoison )
<chelz> dwm*
<jkyle> hwo would I laod hte megaraid_sas driver in a preseed.cfg? my hands off install is not detecting the raid card correctly
<RoyK> jibel: afaik that should happen automatically if the PCI ID of the board is known to the driver
<Ruetobas> anyone using orchestra? just installed on an vm instance and the distro list is empty...
<jkyle> RoyK: the driver is a megaraid_sas, it says it can't detect the drives. I load teh driver, and the install proceeds
<jkyle> so, need to automate that selection
<yahoo123> Good day to you all!
<jkyle> tried: disk-detect/module_select select megaraid_sas
<jkyle> actually, I think I got it...nice
<Vivek> kirkland, roaksoax, SpamapS, Daviey : Anyone around ?
<Vivek> roaksoax: The /etc/rsyslog.d/99-orchestra.conf is pasted here http://paste.debian.net/155555/
<uvirtbot> New bug: #928769 in nova (main) "nova-compute fails due to absence of policy.json" [Undecided,New] https://launchpad.net/bugs/928769
<Daviey> uksysadmin: Can you raise a bug please?
<uksysadmin> yeah will do
<Daviey> Trying to work out why others haven't spotted this as yet.
<Daviey> including our CI
<soren> Daviey: What's this+
<soren> ?
<Vivek> Daviey: hI
<Daviey> soren: bleed over from #openstack
<Daviey> hey Vivek
<Vivek> Daviey: I am still working on the DHCP issue from yesterday.
<Daviey> Vivek: happy times!
<Vivek> roaksoax has asked me for my 99-orchestra.conf file which was pasted earlier.
<soren> Daviey: Ah, there. Awesome.
<Vivek> My query was regarding creation of directories in the /var/log/orchestra/rsyslog directory corresponding to machines in the eth0 interface.
<Vivek> In dnsmasq.conf also I have set up the interface eth0 to not give out any dhcp requests via eth0.
<Vivek> eth0 is in bridged mode and the provisioning server runs inside a virtualbox . eth1 is the internal network range.
<Vivek> The internal network range is something like 192.168.1.x
<Vivek> eth1 is in internal networking mode.
<Vivek> I would like to know why those directories named after 10.x.x.x I.P Addresses are created inside /var/log/orchestra/rsyslog.
<Daviey> Vivek: i suspect they are created when the installer starts sending stuff back to the rsyslog server
<Vivek> ok
<Vivek> I understand that.
<Vivek> Daviey: Can you point me to exact source code that causes this to happen ?
<Vivek> Daviey: I would also like to know why there is dhcp and dhcp3 directories in /etc
<Vivek> Which one does orchestra use ?
<Daviey> Vivek: i think that is how rsyslog works.. you'd need to grep the rsyslog souce code for that.
<journeeman> chelz, henkjan Thank you :)
<Vivek> ok
<Vivek> Daviey: There are no machines installed in the 10.x.x.x series
<Vivek> via eth0
<Vivek> All machines are commissioned via the eth1 interface with I.P Address 192.168.1.x series
<Daviey> Vivek: i suspect it's something to do with your enviroment, virtualbox bridge?
<Vivek> Yes
<Vivek> eth0 is in virtualbox bridge
<Vivek> eth1 is in internal network mode.
<Vivek> eth0 has the 10.x.x.x series I.P Address assigned to it
<Vivek> and eth1 has the 192.168.1.x series I.P Address.
<uvirtbot> New bug: #928834 in nova (main) "nova-compute depends on qemu-kvm, even if kvm is not used" [Undecided,New] https://launchpad.net/bugs/928834
<zul> good morning
<uvirtbot> New bug: #928848 in nova (main) "nova-common installation triggers nova-manage db sync on compute node" [Undecided,New] https://launchpad.net/bugs/928848
<Daviey> zul: does bug 892754 impact us?
<uvirtbot> Launchpad bug 892754 in glance "test suite doesn't work with sqlalchemy v7" [Low,In progress] https://launchpad.net/bugs/892754
<zul> looking
<zul> Daviey: possibly
<zul> Daviey: i think we should be fine
<Daviey> zul: oh?
<zul> we are already running 0.7.3 on precise
<Daviey> zul: Precise has v7 of sqlalchemy, no?
<Daviey> right
<Daviey> "test suite doesn't work with sqlalchemy v7"
<zul> Daviey: right but according to the pip-requires you need >= 0.6.3
<zul> https://review.openstack.org/#change,3814
<Daviey> zul: Are you following what i am saying?
<zul> Daviey: i might be missing
<Daviey> precise has 0.7 (aka v7) right?
<zul> right
<Daviey> "test suite doesn't work with sqlalchemy v7"
<Daviey> *doesn't*
<zul> oh suck i totally missed that :(
<zul> yeah we need that patch
<jjohansen> hallyn: so I have a bug or two that have slowed me down and I am to tired/stupid to see it atm.  I need to get a few hours sleep and then I get back to finding the problem and getting the ppa together for you.
<hallyn> jjohansen: thanks
<jcastro> jamespage: excellent blog post, I've totally ripped it off and resyndicated it everywhere
<jamespage> jcastro: so I noticed - thanks!
<hallyn> kirkland: byobu-tmux problem
<hallyn> kirkland: log in as user1, run byobu-tmux.  life is good.
<hallyn> kirland: log in as user2 in another window.  run byobu-tmux.  frowny face.
<hallyn> kirland: 5929  mkdir("/tmp//tmux-1001", 0700)    = -1 EACCES (Permission denied)
<tgardner> changing the orchestra.preseed to 'd-i  user-setup/encrypt-home boolean true' causes the installer to stop and complain that empty passwords are not allowed. Anyone seen this before ?
<kirkland> hallyn: how odd
<kirkland> hallyn: what's the uid of user1 and user2?  1000 and 1001?
<kirkland> hallyn: did user1 DoS user2 by mkdir'ing /tmp/tmux-1001?
<kirkland> hallyn: you can change the tmux socket path with the -S option (see tmux.1)
<hallyn> kirkland: just reporting what i've found so far.  i'll test a fresh install later.  didn't explictly do any DoSing.  seems like byobu-tmux should pick a socket it can use automatically :)
<hallyn> if i can reproduce on clean install i'll file a bug
<kirkland> hallyn: yeah, I've talked to the upstream about this, it is actually pretty easy to annoy another user, though not completely DoS them
<Vivek> kirkland: Hi
<kirkland> Vivek: hi
<Vivek> I am still trying to figure out the reason for those directories in /var/log/orchestra/rsyslog.
<Vivek> kirkland: Does canonical have any case studies of Orchestra implementations ?
<tgardner> jamespage, have you been testing orchestra preseeds with encrypted home directories? I'm finding that it stops the automated install.
<kirkland> Vivek: not that I know of, though as I mentioned last week, I no longer work for Canonical, sorry
<kirkland> Vivek: the /var/log/orchestra/rsyslog directories are the remote logging information from deployed clients
<Vivek> Correct.
<kirkland> Vivek: including the installation logs
<Vivek> Correct.
<Vivek> In my case I have used your installation instructions.
<Vivek> 1) Set up a virtual machine in Virtualbox
<Vivek> 2) eth0 is bridged to the external world and has an I.P Address in 10.x.x.x range.
<Vivek> 2) eth1 has an internal network set up in the 192.168.1.x range.
<Vivek> Nodes are getting commissioned without any issues.
<Vivek> So far so good.
<Vivek> Now in /var/log/orchestra/rsyslog/ I am getting directories of the form 10.x.x.x which should not happen as Orchestera is only supposed to commission nodes in the 192.168.1.x series.
<Vivek> In dnsmasq I have used the interface=eth1 option so no dhcp requests should go via eth0
<kirkland> Vivek: hmm, well, something's wrong then...  as that means that rsyslog is picking up remote system logging from 10.x addresses
<Vivek> ok.
<Vivek> Which according to me is a bug.
<kirkland> Vivek: i really need to pass you over to Daviey and/or roaksoax for help on this
<Vivek> ok np, I've had my conversations with them earlier today.
<Vivek> Daviey, roaksoax : Are you folks around ?
<Daviey> Vivek: I don't know what else i can add. Something is clearly posting logs back to the rsyslog, if we saw them, it would help.
<Vivek> I can pastebin the logs np
<Vivek> Which logs do you need ?
<Vivek> Let me pastebin those logs.
<Vivek> Daviey: http://paste.debian.net/155584/
<Vivek> That is what is done.
<Vivek> happening rather...
<Daviey> Vivek: Golly.
<Vivek> root@orchestra:/var/log/orchestra/rsyslog/2012/02/08/orchestra# ping 10.130.55.205
<Vivek> PING 10.130.55.205 (10.130.55.205) 56(84) bytes of data.
<Vivek> 64 bytes from 10.130.55.205: icmp_req=1 ttl=128 time=0.987 ms
<Vivek> 64 bytes from 10.130.55.205: icmp_req=2 ttl=128 time=0.922 ms
<Daviey> Vivek: So, orchestra is the hostname it came from.
<Vivek> ok...
<Daviey> i'm going to guess that is localhost of the rsyslog server
<Daviey> Therefore, orchestra has done nothing incorrect.
<Vivek> No
<Vivek> 10.130.55.205 is not the localhost of the rsyslog server
<Daviey> Vivek: you aren't listening. :)
<Vivek> The I.P Address is 10.130.55.x but not 205.
<Vivek> ok
<Daviey> oh wait
<Daviey> Vivek: what is 10.130.55.205
<Daviey>  ?
<Vivek> It is a machine on my corporate network trying to contact the orchestra server for some reason.
<Daviey> So what is the problem?
<Vivek> It is not  a node commissioned by orchestra
<Daviey> Vivek: ignore orchestra.. this is rsyslog
<Vivek> ok.
<Daviey> Someone sat in a desk next to you tried to ssh to your orchestra server, right?
<Vivek> Why are remote servers trying to log to the orchestra syslog ?
<Vivek> I don't think so
<Daviey> They are not..
<Vivek> Unless the IT department is spying :)
<Daviey> The log originated FROM localhost.
<Vivek> ok
<Vivek> I don't think any attempt was made to ssh to 205
<Vivek> My concern is dnsmasq broadcasting still on eth0, a tcmpdump says no....
<Daviey> Vivek: You have it the wrong way around...
<Vivek> ok.
<Daviey> .205 was trying to ssh into your orchestra server.
<Vivek> Yes, I got it. That is how remote clients provide the logs to rsyslog.
<Vivek> Why is .205 trying to ssh into the orchestra server ?
<Daviey> Vivek: I can book a flight, and conduct a survey around your office if you want?
<Vivek> lol
<Daviey> Vivek: find out who has .205, and ask them?
<Caribou> jdstrand: ping ?
<Vivek> Yes have 6000 staff so that would not be feasible :)
<Vivek> Anyways, thanks.
<Vivek> Let me phrase the question in another way, when a new node comes up, is it possible to view that log some where on orchestra, rsyslog ?
<Vivek> As far as I know it can be viewed in /var/log/orchestra/rsyslog/ but there I find those 10.x.x.x directories also.
<Vivek> If i write to parse those logs and automate some action based on those logs which logs should I refer to ensure that a new node has come up ?
<Vivek> write a script
<Vivek> Or even pointing me to section of code that creates those logs would be appreciated...
<kpettit> Anybody know of a good opensource drop box type of tool?  I need a way to let users upload large files and share them via link.  But we want it on our own systems
<jdstrand> Caribou: hi
<Caribou> jdstrand: morning
<Caribou> jdstrand: I have a question for you that should be easy
<Caribou> jdstrand: when doing NAT through iptables, what is needed to have tftpd packets accepted from the NATted network ?
<Caribou> I read that nf_nat_ftp & nf_conntrack_ftp modules were needed
<Caribou> jdstrand: right now, the tftpd daemon gets the request but refuses connection from the NAT address
<smoser> rbasak, so for your private cloud issue, lynxman wants there to be an entry for `hostname` in /etc/hosts.
<smoser> but we've had repeated issues with doing that.
<jdstrand> Caribou: so nat clients are trying to connect to an un-natted tftpd?
<smoser> one way it pisses off some thing, one way  it pisses off another.
<Caribou> jdstrand: what do you mean by "un-natted tftpd" ?
<lynxman> smoser: it's just so we're in line with the experience we deliver with the server install
<rbasak> smoser: how about doing it if a hostname is explicitly specified in user-data, but not otherwise?
<rbasak> Otherwise specifying a hostname with cloud-init is broken
<lynxman> smoser: I recall we had a talk about this at the rally
<smoser> rbasak, then just set 'manage_etc_hosts: localhost'
<smoser> and you'll be happy
<smoser> or even 'template' i think
<smoser> http://bazaar.launchpad.net/~cloud-init-dev/cloud-init/trunk/view/head:/doc/examples/cloud-config.txt
<Caribou> jdstrand: the tftp requests (actually PXE boot requesting pxelinux.0) coming from a 2nd NIC in a NATted subnet
<jdstrand> Caribou: is the tftpd daemon on the same nat network as the clients?
<Caribou> jdstrand: no, that's the issue
<rbasak> Aha, I didn't know about this setting. Thanks!
<jdstrand> Caribou: ok, so you see the nat address of the client in the tftpd logs, not the address of the router doing the nating?
<koolhead17> hi all
<Vivek> koolhead17: Hi
<koolhead17> hi Vivek
<Daviey> Vivek: I said, those locations get created by rsyslog itself.
<Vivek> Daviey: I am trying to identify what those machines are by nmap
<Vivek> Those machines that are trying to ssh
<Daviey> Vivek: honestly, if you have 6000 staff - and have no way of tracking internal IP addresses back to an owner, you have MUCH bigger problems
<Vivek> Daviey: Tracking them would involve coordinating with the Internal IT which is again going to be a PITA.
<Vivek> Daviey: Let me do my homework first :)
<Daviey> cool
<koolhead17> so what are you tracking Vivek?
<Vivek> Looks like IT monitoring me :)
<Vivek> Need to figure that out mate.
<Vivek> Had a talk with out manager.
<Vivek> our*
<koolhead17> are you downloding porn at work?
<Tixos> hey
<Vivek> No :)
<Tixos> can someone tell me if this is a 'default' ubuntu user on a new server
<Tixos> citadel:x:103:112:Citadel system user,,,:/var/lib/citadel:/bin/false
<Tixos> googled the name, and it comes up with some admin panel ?
<koolhead17> Tixos: where did you got the image? did you check MD5 checksum
<Tixos> its a dedi, the provider installed it
<Tixos> and trust me they are useless
<koolhead17> Vivek: better work then downloading poer
<Vivek> I got the nmap output, the OS is Microsoft Windows. with the open ports they are running.
<rbasak> smoser: I've tried manage_etc_hosts: template and manage_etc_hosts: localhost but neither seem to have any effect. Is there something I'm missing?
<koolhead17> Tixos: your at wrong place then
<Tixos> not really
<Tixos> look at my questions, its perfectly valid here
<Tixos> also, citadel is in the repos, so if you dont want to help, thats fine
<koolhead17> Tixos: the provider can remaster and upload the image. :)
<koolhead17> afaik during deployment one has to create a user
<Tixos> you havent even answered my question, im only assuming from your replies that its not default
<koolhead17> Tixos: yes
<Tixos> there is no home dir for that user
<Tixos> no home DIR at all infact
<Tixos> for a user that is...
<koolhead17> Tixos: its a application
<Vivek> koolhead17: The downloads I do are perfectly legal and done after managements approval. I don't know if using tor is the reason.
<Tixos> its not installed though >    p   citadel-client                                            - complete and feature-rich groupware server (command line client)
<koolhead17> no security threat. :) install server like mysql on the host and check /etc/passwd you will see
<Vivek> In that case I am stopping that too now that IRC SSL ports are open.
<koolhead17> Vivek: will talk tomorrow in office
<Tixos> which is the correct way to create a user again, useradd or adduser :P
<Tixos> ive been told off for this before
<smb> zul, smoser So I finally figured out why there is bug 922486. I hope to have spelled out all my findings along with one proposal how to fix it. Based on testing it seems to work well but I guess someone with libvirt experience may want to make sure this is not too much of a hack.
<uvirtbot> Launchpad bug 922486 in libvirt "libvirt boot race on xen hypervisor" [Undecided,New] https://launchpad.net/bugs/922486
<Vivek> koolhead17: Yes, in that case IT will have to answer for disrupting my work :)
<Vivek> koolhead17: Anyways tommorow.
<Tixos> Fetched 15.4MB in 0s (21.2MB/s)  yum
<zul> hallyn: ^^^
<zul> smb: it looks fine to me, but i want hallyn's oppinon as well
<Tixos> adduser or useradd?
<smb> zul, Ah, ok. Sure. Sorry, forgot him as libvirt stuff reviewer
<hallyn> smb: looking
<hallyn> <shrug>  seems to make sense, not knowing any of that code.  if it fixes it, go for it :)
<hallyn> zul: let's hope we don't forget that fix if we go with 0.9.9
<smb> Tried to be careful and have it in the ubuntu patches section with that debdiff. Cannot upload it though. :)
<hallyn> smb: no it's just that i already cut a 0.9.9 candidate, just have to not forget about your patch :)
<hallyn> smb: you don't have upload rights?
<smb> hallyn, nope. not beyond kernel (so only harmless things)
<hallyn> heh
<hallyn> smb: so that debdiff has been tested, and should be pushed?
<smb> hallyn, Hm, I tested the version with a lot more debugging in it. Give me a sec, I have not yet tested the compile of the debdiff
<hallyn> ok.  your comment in #6 also seems sensible, just based on a glance
<smb> hallyn, Only that change I did never make to test it. Just looked a bit odd, and I was wondering why there was no real error message in the logs
<smb> hallyn, Hm, think I need a bit more testing. Noticed some error messages when booting and am not sure they are because of my change...
<smb> hallyn, Ok, seems the "ERROR:  Can't find hypervisor information in sysfs!" when booting in non-xen mode is independent to my change in libvirt. So it looks ok to upload it
<hallyn> smb: the exact debdiff in comment 5, no changes?
<hallyn> i'll toss in the new 'start on' at the same time then
<smb> hallyn, yes exactly that
<hallyn> ok, will push, thanks
<smb> hallyn, thanks for uploading. I'll pick up the results tomorrow
<hallyn> pushed - gnight
<Vivek> laters
<Vivek> &
<SpamapS> jamespage: here?
<hallyn> save the earth!
<hallyn> oops, wrong chan :)
<hallyn> i need to better control my windows! :)
<hallyn> (you know, to reduce wasted packets, which waste energy)
<acidflash> is anyone familiar with bcache?
<webPragmatist> i'm trying to figure out how to install http://old-releases.ubuntu.com/ubuntu/pool/universe/t/ttf2pt1/
<webPragmatist> it doesn't seem to be a part of a package in apt
<hallyn> zul: have you had a chance to test libvirt 0.9.9?
<hallyn> i'm going to fire off a qa-regression-test against it i guess
<zul> hallyn: yeah i tested it a little last night, ill do some more tonight
<utlemming> hallyn: it looks like you can't SSH into the cloud images when run under LXC
<utlemming> hallyn: I'm looking now. The root cause is that SSH keys are not being generated on boot within LXC
<hallyn> utlemming: it *might* be due to a missing upstart event bc of something that doesn't happen in containers (yet).
<utlemming> hallyn: it looks like sense cloud-init is not seeing a data-source, it does not generate the SSH Keys
<adam_g> utlemming: what does cloud-init use as a data-source when booting in a container?
<adam_g> (ive got no idea, just curious)
<utlemming> adam_g: it looks for the 169.???.???.??? address
<adam_g> utlemming: thats the ec2 metadata service
<adam_g> utlemming: when we boot cloud-init on hardware in teh CI lab, we're injecting metadata and userdata into /var/lib/cloud/seed/nocloud-net/ after installation, which gets picked up on first boot by cloud-init
<adam_g> utlemming: http://paste.ubuntu.com/834299/ http://paste.ubuntu.com/834302/
 * utlemming looks
<utlemming> hallyn: I'll have to revist that script later, but I think we'll end up with ubucloud and ubucloud-local, where the ubucloud-local unclouds the image.
<hallyn> utlemming: you mean the templates?  If so, we can just add '--local' to the template-specific flags
<hallyn> though i'd rather to '--ec2', and have local be the default
<hallyn> so, 'lxc-create -t ubuntu-cloud -n cloud1 -- --ec2'
<utlemming> hallyn: yes...and I like that
<hallyn> if no ec2, then always create the ssh keys, and don't waste my time looking for 169.*
<utlemming> hallyn: although, I would have a generic label like "--no-cloud"
<utlemming> er, "--cloud"
<zul> hallyn: new libvirt looks ok so far
<hallyn> utlemming: that's good.  how involved is the mangling we have to do in the rootfs?
<hallyn> zul: qrt tests going ok so far.  though ih ad to edit the qatest/qatest.xml to not specify /usr/bin/qemu as the emulator
<utlemming> hallyn: it should be easy
<utlemming> hallyn: and less mangling than you'd think
<zul> hallyn: ah cool
<utlemming> hallyn: let me test my fix
<hallyn> zul: actually, virsh appears to be hung doing an attach-interface (as part of the qrt)
<zul> hallyn: thats not good
<kraut> hi
<kraut> i'm using a nfs-export from my ubuntu server on my dvb reciever for timeshift. it happens sporadic that the video freezes and i see at that moment a high usage of kworker
<kraut> is this an issue in anyway?
<stgraber> hallyn: ETA for upstart upload is 5pm eastern (so I believe 4pm for you)
<hallyn> stgraber: exciting!
<stgraber> hallyn: do you already have a lxcguest-less LXC source package?
<hallyn> no
<hallyn> stgraber: should we create an empty lxcguest package for it?  Or just yank it out of the source pkg?  or have lxc now conflict with old lxcguest?
<stgraber> hallyn: well, upstart will conflict with lxcguest, so there's no way anyone could install the package ;)
<stgraber> hallyn: I guess we should just drop it entirely from the source and update the template to only install it pre-precise
<stgraber> then file a binary removal bug to get lxcguest out of the archive to avoid having it included in the cloud images
<stgraber> that should take care of all the use cases I can think of
<smoser> hallyn, did you hvae a questionon generation of ssh keys in cloud images ?
<smoser> cloud-images don't have ssh keys generated, and don't generate them unless there is a instance-id found.
<smoser> we maybe should fix that so that they generate the keys anywhay.
<utlemming> smoser: I did...I'm patching the lxc-ubuntu-cloud to take care of that
<smoser> wait...
<smoser> no, lets do it right.
<smoser> cloud-init should do that as leaving no ssh keys is quite generally useless.
<smoser> what did you to disable cloud-init?
<utlemming> smoser: I'm preseeding some meta-data
<utlemming> smoser: and allowing users to define host name, instance-id and user-data
<utlemming> smoser: which I think is valuable to the end user
<smoser> yeah, that makes sense. but keys should get generated anyway.
<hallyn> stgraber: were you queueing up any lxc changes right now?
<stgraber> hallyn: nope
<utlemming> hallyn: here's my patch for lxc-ubuntu-cloud, http://paste.ubuntu.com/834391/
<hallyn> utlemming: ok, thanks
<hallyn> smoser: ^ that fits in with what you want (always generating keys) too?
<smoser> hallyn, but wait.
<smoser> hostname ?
<smoser> isnt that non-sensical?
<smoser> or conflicting with an lxxc container setting ?
<danp> yo! I'm wondering if the scripts used to build HVM AMI ami-976da7fe (099720109477/ubuntu/images-sandbox/hvm/ubuntu-lucid-daily-amd64-server-20110930-backport-kernel-oneiric) are available somewhere. I can't seem to find anything for that in the ec2-publishing-scripts or automated-ec2-builds repos /cc smoser
<utlemming> afaik, it doesn't
<smoser> danp, they are there.
<smoser> "hvmify"
<utlemming> danp: the EC2 registration tools are NDA for HVM though
<smoser> thats the only difference between the hvm and the instance-store.
<smoser> er.. i  meant to say hvm and ebs.
<smoser> but, also, what utlemming said.
<smoser> but more than the NDA bit is your account wont have credentials to say --virtualization-type=hvm
<danp> you mean the ability to directly register images as HVM?
<smoser> on a register.
<smoser> yeah.
<smoser> now...
<smoser> if you want to try to be tricky..
<danp> I don't believe I need that if I do some hackery and run CreateImage against a running/stopped instance
<hallyn> smoser: utlemming: no, --hostname/-H doesn't conflict with an arg, but it does conflict with an option you can specify inthe config file
<smoser> (i've wanted someone to do this, and only tried once or twice because failures cost $2.8 or whatever it is).
<smoser> http://paste.ubuntu.com/834399/
<smoser> danp, i recently did that on HP public cloud, which basically replaced a running oneiric instance with a precise instance.
<smoser> you could follow that and get into a root fs from an ephemeral disk and populate the clean root ebs.
<smoser> but the times i've tried, there was mysterious failure
<smoser> hallyn, right. which doesn't make much sense. and cloud-init will read `hostname` fine. so i dont think you nee dthat
<smoser> utlemming, you have funny indentation in that
<danp> smoser: my plan has been to run a cc1.4xl using the AWS AMI, stop it, detach the root EBS, attach a prepped EBS at /dev/sda1 (can't attach to just /dev/sda), then run CreateImage against it
<hallyn> smoser: keep the rest?
<smoser> danp, yeah, that did not work for me.
<smoser> it does seem like it should
<smoser> and i'm interested in knowing if it does for you.
<danp> could probably ask AWS for the ability to register HVM directly as well. but it would be nice to not need that
<smoser> hallyn, well, do you pick up a dependency on 'bc' for that ?
<smoser> danp, i honestly do not know anything about this, but i suspected when my start/stop/detach/attach/register failed, that the failure was intentional
<hallyn> stgraber: note that we have things like net-device-added lo which still could stand to have lxcguest
<stgraber> hallyn: not in precise though
<smoser> hallyn, other comments on that patch there are to not use full paths to files
<danp> smoser: yeah, my guess would be not being able to attach the partitioned EBS to /dev/sda. it shows up in the AWS AMI DescribeImage block device mapping as /dev/sda1 though. not sure
<smoser> trust PATH
<hallyn> smoser: utlemming: anything wrong with just uuidgen | cut -c -8 ?
<danp> smoser: please forgive my bzr ignorance, I've run `bzr branch lp:~ubuntu-on-ec2/ubuntu-on-ec2/ec2-publishing-scripts` and `bzr branch lp:~ubuntu-on-ec2/vmbuilder/automated-ec2-builds` and I don't see hvmify in either of those
<hallyn> stgraber: not for runlevel 2, but ther emight be something out there waiting for lo?  or not?
<smoser> danp, its part of ec2-image2ebs
<danp> got it. thanks!
<stgraber> hallyn: all initscripts I saw so far are explicitly ignoring lo for net-device-up
<hallyn> ok
<stgraber> hallyn: I'd really like to see lxcguest go away completely, if that becomes a problem, I'd rather have the hack part of ifupdown/upstart than in lxcguest
<hallyn> excellent
<hallyn> then away it goes
<stgraber> yeah!
<hallyn> can anyone explain why i can read paste.ubuntu.com jsut fine, but when i hit 'downlaod as text' i have to go through auth?
<stgraber> IIRC it's to avoid using paste.ubuntu.com for file storage
<stgraber> by making it difficult to retrieve the raw data
<danp> smoser: I see now. I was hoping to find a script that installed the backported kernel and all that as well. would that have been done with the way these tools were run to create that image?
<hallyn> is uuid-runtime always present?
<smoser> danp, well we dont install a backported kernel.
<smoser> but just mount the image chroot (modify /etc/resolv.conf) and apt-get install stuff
<danp> smoser: oh, but it looks like this is lucid with a kernel PPA added and linux-image-3.0.0-12-virtual installed from there. was wondering exactly how that was done so I could replicate it as closely as possible
<smoser> ah. you booted the lucid sandbox one i uploaded once.
<smoser> i created that like this:
<smoser>  http://paste.ubuntu.com/834442/
<danp> smoser: yeah. that's the only lucid HVM AMI available, right?
<danp> outstanding! thank you very much
<smoser> yes, but note the 'sandbox' in its name
<danp> understood
<adam_g> anyone happen to know the significance of the difference in the return code of the same 'ip addr add' command (2 vs 254) on two different systems: http://paste.ubuntu.com/834454/
<adam_g> glancing thru the iproute source, i was only to find this :) http://paste.ubuntu.com/834456/
<utlemming> hallyn: regarding uudigen....I really don't have much preference, just generating a random id
<hallyn> utlemming: cool, will do the shorter thing then
<hallyn> waiting to test (libc6 upgrade is slowing me down)
<stgraber> hallyn: lxcguest-free world -15min ;)
<stgraber> hallyn: it's upstart o'clock ;) uploading now
<stgraber> hallyn: uploaded
<axisys> how do I remove md3 and add the slices to md2 to increase the raid10?
<axisys> md2 : active raid10 sdg1[4] sdc1[0] sdd1[1] sdh1[5] sdf1[3] sde1[2]
<axisys> md3 : active raid10 sdh2[3] sdf2[1] sdg2[2] sde2[0]
<hallyn> stgraber: sorry, how does http://people.canonical.com/~serge/lxc.debdiff look?
<hallyn> zul: hm, that test also fails with 0.9.8
<hallyn> zul: so, if libvirt is treating you all right today and tomorrow... maybe we should push 0.9.9.  <cringe>
<zul> i havent had any problems with lxc i havent tried with kvm yet
<hallyn> ok.
<hallyn> utlemming: /etc/apt/sources.list has http://ubuntu-mirror.localdomain/ubuntu .  that's kinda useless in no-cloud situation
<utlemming> hallyn: yes it does
<utlemming> s/does/is
<hallyn> what's the easiest way to have it use deafult mirror there you think?
<hallyn>  /etc/cloud/templates/sources.list.tmpl
<hallyn> ?
<utlemming> hallyn: well, cloud-init is the one doing it, so I think a cloud-config line
<hallyn> that would look like what?
<utlemming> hallyn: one minute...
<utlemming> hallyn: right under my "#cloud-config:" line, you want to add, "apt_mirror: <URL>"
<utlemming> hallyn: methinks that reading the host machines /etc/apt/sources.lists and fetching the URL out of there would be the most prudent course of action
<hallyn> utlemming: that seems a bit fragile (who knows which line to use).  There is a MIRROR option in /etc/default/lxc.  Use that if set, else use archive.ubuntu.com?
<utlemming> hallyn: I like that idea.
<CharlieSu> Hi all.  I'm using a preseed file to automate my Ubuntu installation for a bunch of computers.  Everything works wonderfully, but I'm looking for a strategy to give each computer a unique hostname automatically.  Anyone do something like this ever?  Possibly based off of the MAC address?
<hallyn> utlemming: testing, will show you debdiff before i push
<utlemming> hallyn: sounds good
<hayer> How can I set up shared directories in pure-ftpd-mysql?
<stgraber> hallyn: sorry for the delay, was dealing with upstart FTBFS because of the new libc ;)
<stgraber> hallyn: looking now
<hallyn> stgraber: fwiw i'm stil making changes to the lxc-ubuntu-cloud template, but not touch lxcguest
<stgraber> hallyn: ok. The diff looks good, I'll just check with the actual code next to it though ;)
<hallyn> stgraber: ?
<stgraber> hallyn: right, looks good (wanted to check what else was in that else/elsif and make sure it was indeed only the code installing lxcguest)
<hallyn> ah ok
<stgraber> hallyn: new libnih was uploaded which once build will fix upstart's own build, so in an hour or so everything should be built
<stgraber> hallyn: upstart built fine on i386 though, so you can use that for testing (once it's published)
<hallyn> utlemming: http://people.canonical.com/~serge/lxc.debdiff   works for me (tm)
<utlemming> hallyn: looks good to me
<hallyn> stgraber: so I'm pushing lxc?
<stgraber> hallyn: yep, I expect upstart amd64 to start building in the next 10min or so
<hallyn> lxc is away
<stgraber> hallyn: cool!
<hallyn> stgraber: bug 929086 has me confused
<uvirtbot> Launchpad bug 929086 in lxc "Missing depends: dnsmasq" [High,New] https://launchpad.net/bugs/929086
<hallyn> (it *is* listed in Depends)
<stgraber> hallyn: yeah, doesn't make any sense :)
#ubuntu-server 2012-02-09
<stgraber> lamont: did you by any chance remove /usr/sbin/dnsmasq on your system? :)
<lamont> un  dnsmasq                 <none>                  (no description available)
<lamont> I did not remove the binary.  I removed the package
<lamont> ages ago
<lamont> hallyn: dnsmasq-base is listed.  /usr/sbin/dnsmasq comes from dnsmasq, not dnsmasq-base
<zul> adam_g: http://paste.ubuntu.com/834637/
<stgraber> stgraber@castiana:~$ dpkg -S /usr/sbin/dnsmasq
<stgraber> dnsmasq-base: /usr/sbin/dnsmasq
<adam_g> zul: https://bugs.launchpad.net/nova/+bug/929127 should fix that. the issue is iproute2 has switched its return code, and nova was never updated to ignore rc 2
<stgraber> lamont: ^
<lamont> hrm
<uvirtbot> Launchpad bug 929127 in nova "linux_net.ensure_metadata_ip() fails on precise" [Undecided,In progress]
<lamont> yeah. interestingly, I see it there too
<lamont> oh.
<lamont> heh
<lamont>  /usr/sbin/dnsmasq
<lamont> locally diverted to: /usr/sbin/dnsmasq.base
<zul> adam_g: i had a patch for that that ignores the rtnetlink error if it exists but told not to because of what you previously mentioned
<lamont> that's right.  it annoyed me and I killed it with fire
<lamont> hallyn: 929086 is invalid.  you want the pleasure, or shall I?
<adam_g> zul: are you using nova-rootwrap?
<zul> adam_g: no
<lamont> hallyn: though to be fair, I'd prefer it to just work anyway
<zul> not explicitly
<adam_g> zul: if you were using the broken rootwrap, it would havebeen returning 0 and nova would have been happy. :)
<lamont> maybe one day, my hatred for dnsmasq and the way we automatically set up bridging and antifirewalling for guests will soften
<zul> adam_g: right i think it might be something else though (i probably have a weird setup locally)
 * lamont needs to run
<lamont> hallyn: killed bug 929086 for you
<uvirtbot> Launchpad bug 929086 in lxc "Missing depends: dnsmasq" [High,Invalid] https://launchpad.net/bugs/929086
<lamont> stgraber: thanks for the ping
<lamont> and to answer your original question truthfully, yes.
<stgraber> perfect, would have been an horribly weird bug otherwise ;)
<hallyn> phew - thanks
<stgraber> hallyn: upstart amd64 is building now
<stgraber> armhf, armel and powerpc all failed to build because a test won't pass but that's not new ... I'll remind James about it tomorrow
<hayer> Hm-m.. I got disconnect while zero'ing a disk using mkfs. How can I get back to that screen?
<jkyle> I changed my preseed.cfg partman/choose_recipe from  multi to atomic. The filesystem type remained ext4
<jkyle> the pxe boot completes without erorr, on first reboot it drops to the grub rescue prompt saying "out of disk"
<jkyle> ls shows (hd0) (hd0,gpt3) (hd0,gtp2) (hd0,gpt1)
<jkyle> if I set prefix=(hd0,gpt1)/boot/grub, then > insmod (hd0,gpt1)/boot/grub/linux.mod to load the modules (for a normal grub prompt) I get "unkown filesystem"
<pmatulis> you must have done something wrong
<GoldenP> hi folks
<GoldenP> could somebody help me with telling how to update apache to 2.2.22 on ubuntu 10.4 server? apt-get is only showing 2.2.14 as the latest available apache version
<twb> You can't have that
<twb> GoldenP: Why do you want it?
<GoldenP> I am having problems with apache going 100% on production servers and only a hard server reset can "unfreeze" the system
<GoldenP> so I was thinking that it could be a security flow
<GoldenP> or a newer version might help
<GoldenP> (I mean 100% cpu on 6 cores and over 60 in load avereag in top)
<twb> So your solution to "I have a bug" is to try to upgrade to a version that isn't integrated with the OS?
<twb> Maybe you should analyse the problem first.
<twb> e.g. IIRC PHP bloat appears under apache in the process tree if using PHP via mod_php instead of mod_fcgi.
<twb> IME the most probably cause is a crap PHP script.
<jkyle> when I have a large dis, say 5TB, and configure it as one large partition on install, I get a grub<rescue> prompt on first boot and an "error: out of disk" error.
<jkyle> oneiric 11.10
<jkyle> I'm configuring an hands off install, so any lead on where the failure point is would be great
<twb> jkyle: that's because >2TiB disks must use GPT, and to use GPT grub needs its stupid little hand held with an extra ~100MB special grub bootstrap partition
<GoldenP> that's right... I already did so. I could find nothing :) So now I am eliminating the "usual suspects". One of these usual suspects is outdated software. I see apache 2.2.14 having some security flaws, like this: http://m.h-online.com/open/news/item/Tool-causes-Apache-web-server-to-freeze-Update-1330105.html?mrw_channel=open;mrw_channel=open;from-classic=1
<jkyle> ah, hm. when I ls, it says they're (hd0,gpt1) through 3
<twb> If your "5TB disk" is actually a raid array, that might not be the case, but the installer defaults to using GPT for >=2TB (note: this includes <2TiB disks)
<jkyle> so I suppose the failure is not enough room to load the modules or something. thus, out of disk
<twb> What you should do is reinstall and pick "managed partitioning" or whatever, then go back and rearrange your main partitions but leave the special grub ones as-is
<jkyle> twb: it'l need to be automated
<twb> You MIGHT also have luck booting priority=low ("expert install") and forcibly telling it to use msdos instead of GPT disk label, by clicking on the disk itself in partman UI
<jkyle> so I'll have to dig into the manual install presed docs
<twb> jkyle: in that case you are in for a long night
<jkyle> nah
<jkyle> they're homogeneous machines
<twb> jkyle: you need to find how grub wants it set up, and then preseed that
<twb> jkyle: unfortunately I can't just tell you because I tend to throw such machines out the window in frustration
<jkyle> it'd be a whole lot of money to throw out
<twb> Shrug
<jkyle> got a full pod :P. this shouldn't be bad
<twb> Ugh, is that one of those "just add disks as you go" pseudo-NASes?
<twb> I forget the product name
<jkyle> no, qantas
<twb> The airline?
<jkyle> SAS * 1TB * 12 in a RAID 10
<jkyle> quanta* the computer manufacturer
<twb> Ah
<jkyle> they're good machines :)
<jkyle> yeah, teh auto installer is only giving grub 1mb
<twb> maybe 1mb is right I don't remember
<twb> It basically contains code to make EFI look like BIOS or something
<twb> Some dirty-ass hack
<jkyle> twb: I'll be damned
<iToast> Can someone help.
<iToast> I just reinstalled ubutnu 11.10 server
<iToast> The reason I call it a piece of crap is since 11.10, i dont get video out.
<iToast> I don't have a ssh dameon installed to controll it over the network so I can't do anything and when i try and install 10.4 LTS, it thinks it needs cdrom drivers that don't exist.
<iToast> Now im stuck with a broken system.
<iToast> Can someone help?!
<greppy> iToast: do you not get any video out, or does it stop after grub?
<iToast> I dont get video out
<iToast> The machine boots, it has a status light at the front that turns green when its at the login screen
<iToast> My monitor will stay active for about 5 mins after the boot then just goes to standbye due to a lack of video
<iToast> greppy,
<Caribou> iToast: what kind of system is this ?
<iToast> Caribou, Its a thin client by wyse
<iToast> Caribou, ubuntu 10.4 had no problem
<iToast> 8.4 too, 11.4 had some issues
<Caribou> maybe some boot param has changed, lemme check
<Caribou> iToast: did you try to add vga=791 as a boot param to manually force the resolution ?
<iToast> Caribou, no
<iToast> As soon as its suppost to show grub, the screen goes blank
<Caribou> oh, I thought that you had the system installed and it was going blank after the reboot
<iToast> Its installed
<iToast> It boots, i can't get to grub or console...
<Caribou> Can I ask why you're using Ubuntu Server on a thin client ? I would expect Desktop to be used there
<iToast> I need a low power machine that is supported by almost every linux distro.
<Caribou> ok, make sense
<iToast> Its like a mac, you have one set of hardware...
<iToast> Finding support is very easy the hardware is common and you can run almost anything ;P
<Caribou> I don't remember if grub behaves the same way on server, but on desktop you don't get the grub menu unless you keep the <Shift> key pressed
<Womkes> Does anybody have a guide for installing a KVM client on a DRBD resource?
<henkjan> Womkes: have a look at http://code.google.com/p/ganeti/
<Womkes> I will have a look now
<Womkes> Well henkjan
<Womkes> that looks freaking awesome
<Womkes> Going to try it this afternoon when Im home
<lynxman> morning o/
<Womkes> henkjan, what distro and virtulisation option would you recommend for ganeti?
<Womkes> seems it is geared a bit more towards xen then kvm
<Womkes> and debian instead of ubuntu
<henkjan> Womkes: i would use ubuntu. its packaged and available in universe
<henkjan> Womkes: kvm support was added in 2.0 releases and should work
<chmac> Does /tmp get cleared when ubuntu restarts?
<Womkes> Ah, thats great, so I just have to add the universe repo to my install
<Womkes> and get going
<chmac> Yes they do, thanks DuckDuckGo :-)
<Daviey> jamespage: Hey, have you seen - http://kohsuke.org/2011/12/27/jenkins-now-acts-as-an-ssh-daemon/ ?
<jamespage> Daviey: yep - had spotted that
<jamespage> was working on the toolchain for jenkins modules yesterday
<jamespage> it's not playing that well with maven-debian-helper ATM
<jamespage> (oh - its implemented as a jenkins module I think)
<Daviey> sounds interesting, anyway :)
<Womkes> Sure is
<Womkes> I am having difficulties with getting CLI to work here
<jamespage> Daviey: once I get that working we should at least have support for SSH keypairs for cli access in precise
<jamespage> once/if
<Womkes> Cant figure out why it is not working, getting timouts
<Womkes> API works fine
<Daviey> jamespage: on the public facing instance?
<jamespage> Daviey: probably not :-)
<jamespage> but TBH having access to the public instance for Ubuntu does not actually get you anything - its a dumb read-only copy
<jamespage> Womkes: whats not working in the CLI?
<Womkes> Well, I am in the guy in our company assigned to CI project. Have setup a Jenkins environment for this
<Womkes> But I cannot get the CLI to work
<Womkes> It works fine in my local test setup but not on the production server
<Womkes> I get a timeout error
<Womkes> like this
<Womkes> java -jar jenkins-cli.jar -s http://url.to.jenkins/ help
<Womkes> Exception in thread "main" java.io.EOFException: unexpected stream termination
<Womkes>         at hudson.remoting.Channel.<init>(Channel.java:408)
<Womkes>         at hudson.remoting.Channel.<init>(Channel.java:366)
<Womkes>         at hudson.remoting.Channel.<init>(Channel.java:327)
<Womkes>         at hudson.remoting.Channel.<init>(Channel.java:323)
<Womkes>         at hudson.remoting.Channel.<init>(Channel.java:311)
<Womkes>         at hudson.cli.CLI.connectViaHttp(CLI.java:122)
<Womkes>         at hudson.cli.CLI.<init>(CLI.java:105)
<Womkes>         at hudson.cli.CLI.<init>(CLI.java:83)
<Womkes>         at hudson.cli.CLI._main(CLI.java:267)
<Womkes>         at hudson.cli.CLI.main(CLI.java:216)
<Womkes> takes few minutes then I get this error
<Daviey> !pastebin | Womkes
<ubottu> Womkes: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<lynxman> Daviey: normally for bugs as #107044 should I just close it as "Invalid" or as "Fix Released"?
<Womkes> Sorry
<Daviey> bug 107044
<uvirtbot> Launchpad bug 107044 in ubuntu "[needs packaging] Apache ActiveMQ" [Wishlist,In progress] https://launchpad.net/bugs/107044
<Daviey> lynxman: sorry, i'm overwhelmed with bugs such as ipxe related ones to track all the others.
<Daviey> If only someone would help close ipxe bugs, i'd have a better idea :P
 * lynxman *gets it*
<Aison> i've got my own mailserver with postfix + dovecot and I would like to have got an autoreply on one of the email addresses. What do you recommend?
<Aison> do I need some special service or is it supported by dovecot or such?
<lynxman> Aison: both postfix and dovecot support Sieve, I'd recommend that way, although I'm Sieve biased (http://koansys.com/tech/sieve-server-side-mail-filtering-with-postfix-dovecot)
<andol> Sieve is nice.
<Aison> thx :)
<Aison> other question: do you guys know a nice webbased software for a todo list or very simple project management? We are just three people and search something simple and not this big project managment tools
<Aison> I already lookt at "Tracks"
<Aison> -t +ed
<Womkes> Aison, I have done some research into this past few weeks
<Womkes> Tried a couple
<Womkes> Hard to find a good one, but I think Iá¸¿ going with Open Atrium
<samba35> what is "true" way to configure FQDN
<Aison> oh, nice, have to try that :)
<Aison> samba35, what do you mean with "true" way? :P would you like to setup your own dns servers?
<samba35> i have many version of configure FQDN
<lynxman> samba35: follow the path of the fqdn warrior.... or just configure your /etc/hosts with both the hostname and full fqdn :)
<samba35> do i have to replace 127.0.0.1
<Aison> no
<Aison> 127.0.0.1 is expacted to be localhost in hosts file
<samba35> if i have mail server and web server on same machine 192.168.1.10 ,do i have to use privite ip or public ip for
<Aison> if the name ist public, use the public ip, else the private
<samba35> i want to host webserver with my domain
<Aison> well, if your domainname is   foobar.example.com  and you would like to have got email@example.com
<Aison> you have to setup    IP   foobar.example.com  foobar
<Aison> in your hosts file and of course you have to setup your dns server also
<Aison> the zone file for example.com have to contain a line like
<Aison> @ IN MX 10 mail
<samba35> i have setup a blog when i use www.abcd.com it work  when i run www.abcd.com/blog then it show localhost in address bar
<Aison> while mail is
<Aison> mail IN CNAME foobar.example.com.
<samba35> ok
<samba35> i will try this again and get back to you
<samba35> thanks for you co-operation
<Aison> np
<samba35> do u have fqdn on your server
<samba35> or any working host file
<samba35> with fqdn
<Aison> yes
<Aison> but i've got only one IP on my server and this is public
<samba35> if you dont mind can you pleae pastbin to me ?
<Dutchy^> hi Gents...
<Aison> samba35, http://lazarus.jaison.ch/hosts
<samba35> ok
<Dutchy^> pretty new on a ubuntu aws box and i managed to login with putty after converting the default key-pair...
<Aison> samba35, http://lazarus.jaison.ch/db.jaison.ch
<samba35> so i have to use my publip ip
<Aison> this is the zonefile
<cwillu_at_work> Dutchy^, presumably there was a question coming? ;p
<Dutchy^> but when i want to add more user to getin with ssh without having the public sent in front,,,is ther a link for this how to do this?
<Dutchy^> http://blog.sofasurfer.org/2011/07/16/ubuntu-ec2-add-new-admin-user/ this a action per user right?
<cwillu_at_work> Dutchy^, not entirely sure what you're doing
<Dutchy^> hi cwillu_at_work!
<cwillu_at_work> Dutchy^, what do you want to be able to do? (not in terms of ssh, but what you actually want to do)
<samba35> Aison: if i want to use my isp's control pannel for dns and add dns /mx thier in that case what i will require on my local machine ?
<Dutchy^> well normally on a box,,,i add users and when those users are login,,,,they are promt to save the key and go ahead right?
<cwillu_at_work> please cut out the ",,,"
<cwillu_at_work> Dutchy^, do you mean "key" or "password"?
<Aison> samba35, well, you need an smtp server that accepts the mails ;)
<Dutchy^> but to answers your question
<samba35> Aison: can i send you pm ?
<Aison> yes
<samba35> THANKS
<Dutchy^> i want to add users set the password and enable then with ssh
<cwillu_at_work> Dutchy^, do you want to permit people to log in via ssh using their password?
<Dutchy^> yes!
<cwillu_at_work> that's the default behaviour
<cwillu_at_work> you don't need to do anything further, other than making the user (and making sure it's not a system user)
<Dutchy^> PasswordAuthentication yes
<cwillu_at_work> Dutchy^, two things to keep in mind though:
<cwillu_at_work> one: password authentication is only as strong as the weakest password, and a strong password becomes weak the moment you type it into a keylogger by accident :p
<Dutchy^> oke i will test again wanted to make sure if this was a aws image issue
<funkyHat> If you must allow password login via ssh, you really really should install fail2ban
<NeoNetNinja> Hello peepz, I just built my own NAS and am installing Ubuntu Server via USB. After running "Check disc for defects" it says "not a valid Ubuntu disc". I created the USB flash in Ubuntu GUI with the Startup Disc Creator. Is this normal or should I re-image the USB media? Giga-thanks!
<cwillu_at_work> two:  be careful who you give shell access to; there's a constant trickle of vulnerabilities that can permit a non-root user to gain root permissions
<cwillu_at_work> Dutchy^, it's strongly recommend to disable password auth in ssh and just use keys instead
<Dutchy^> good point cwillu_at_work, however the usecase are on demand boxes for education
<Dutchy^> so i have to setup 15 users who will work on this box and then i stop it
<NeoNetNinja> Or, what would be the best way to install Ubuntu Server from a USB flash drive? Ergo UnetBootin or is Startup Disc Creator fine?
<NeoNetNinja> Or would I get the same result with both?
<NeoNetNinja> :)
<NeoNetNinja> I'll try UnetBootin... see how it goes... install-fest!;)
<Dutchy^> cwillu_at_work : so i logged in. made useradd test -g test, then passwd user and now should be able to login?
<cwillu_at_work> believe so
<NeoNetNinja> Is "Checking Disc for Defects" for Ubuntu Server on a USB flash drive the same as checking it on CD/DVD media? I'm getting the same result having created it with UnetBootin. The exact working is "No valid Ubuntu CD-ROM". Its saying that because its USB media and not an actual CD I assume, right?
<NeoNetNinja> Is it ok to go ahead and do the install?
<NeoNetNinja> wording*
<Dutchy^> cwillu_at_work, well during ssh connect its asking for apublic key
<NeoNetNinja> "The CD-ROM you have inserted is not a valid Ubuntu CD-ROM. Please change the disk"
<cwillu_at_work> Dutchy^, what does it say exactly?
<Dutchy^> i am using crt: a public key has not been specified for this session, do you want to specify now?
 * NeoNetNinja is being anal (lol)
<Dutchy^> The client has disconnected from the server.  Reason: Unable to authenticate using any of the configured authentication methods.
<cwillu_at_work> Dutchy^, pastebin /etc/ssh/sshd_config and /etc/passwd
<cwillu_at_work> Dutchy^, can you verify the problem with openssh's client?
<Dutchy^> lets try putty
<cwillu_at_work> lets try openssh :p
<Dutchy^> justamoment
<cwillu_at_work> I don't have putty in front of me, which makes it basically impossible to verify that things are working as expected
<Dutchy^> Permission denied (publickey).
<Dutchy^> its the same story,that my connects wants a public first
<Dutchy^> never had that with oter non aws boxes
<Dutchy^> so its not running as default and thats why stories as http://blog.sofasurfer.org/2011/07/16/ubuntu-ec2-add-new-admin-user/ exists
<Dutchy^> so how to get it just a a normal box to allow me the session in public setup, thats the q i think right?
<cwillu_at_work> <cwillu_at_work> Dutchy^, pastebin /etc/ssh/sshd_config and /etc/passwd
<cwillu_at_work> it's not that it wants a public first, it's that it's only accepting a public key
<Dutchy^> http://pastebin.com/cDwJjh31
<cwillu_at_work> Dutchy^, you might want to kill PermitRootLogin yes
<cwillu_at_work> PasswordAuthentication no needs to be yes
<cwillu_at_work> that should be all you need to do
<Dutchy^> cwilu_at_work :-)!
<Dutchy^> superb sir, i overlooked this
<Dutchy^> feel a little bit dumb, thanks a lot
<Dutchy^> i was landed to much in the keys
<tyska> hi guys
<tyska> to change the hostname of one machine i have to edit /etc/hostname and reboot the machine right?
<henkjan> tyska: you can change the hostname of a running system with 'hostname yourdesiredname'
<zul> good morning
<tyska> hi guys, there is anyone here?
<ikonia> tyska: many people
<kaipanoi> Set up a new md array yesterday. Saw this as it was finishing, should I be worried or is Linux going to work around the problem? http://pastebin.com/Sj44G83J
<ikonia> kaipanoi: and you manipulate the meta device ?
<abcdude> hi
<abcdude> i have only small font in CLI . how to do?
<abcdude> i try setupcon. not ok
<kaipanoi> You mean in a terminal window or on the tty console?
<abcdude> <kaipa
<abcdude> kaipanoi i dont know what to call. the login screen I got after installing ubuntu server version 10.x
<kaipanoi> that's probably a tty then
<MTecknology> Is eucalyptus something I could use to manage a whole lot of KVM hosts?
<kaipanoi> Check out sladen's post http://askubuntu.com/questions/97469/what-is-the-default-debian-ubuntu-console-tty-font-called
<kaipanoi> that was meant for, abcdude
<MTecknology> kaipanoi: had to clarify that I'm not worth your time, huh?
<kaipanoi> wow, really? Sounds like you might need to take some time off. I was trying not to WASTE your time.
<kaipanoi> ikonia: what do you mean?
<abcdude> if I change or edit default console fonts, it is just temporary. after reboot, i still see the same
<abcdude> small font
<MTecknology> hm.. i guess he couldn't tell i was joking :(
<abcdude> what should I do?
<MTecknology> I've never changed tty fonts - I didn't even know that was possible (figured it should be but never thought about it)
<abcdude> I got this problem twice
 * pmatulis remembers doing that in slackware installer (changing tty fonts)
<abcdude> i notice that whenever i installed on computer with better graphic port (on board) or graphics card, I got the same problem with small fonts
<abcdude> what do I do?
<zul> rbasak: ping
<rbasak> hey zul
<zul> rbasak: can you resubmit your console.fifo plllllleeeease :)
<rbasak> Resubmit to where? Upstream?
<zul> yeah
<zul> i dont want to have to main it
<MTecknology> abcdude: I assume you did a quick google search and found this already? http://www.tankmiche.com/tips/customize-tty-appearance/
<rbasak> They won't take it unless it's reworked to use processes, AFAIK.
<zul> arrgh...need sleep
<zul> can you try to rework it?
<rbasak> It's a lot of work, and I feel that it would be quite invasive. I'm not sure how to approach it in a way that would be acceptable to upstream.
<zul> rbasak: can you ask on #openstack-dev perhaps bug soren
<zul> rbasak: because its a rather large patch that we have to carry and its going to cause nightmares for me in falsom
<rbasak> The last I spoke to Daviey on this, my understanding is that I wouldn't be doing it because of the amount of work it would be for me
<zul> lovely...:)
<rbasak> Yes, that's what I said too, but Daviey didn't think it would be too much work. If it is, maybe he can reconsider applying this to Precise?
<zul> Daviey: ^^^
<zul> maybe Daviey can get it upstream
<chmac> mysql --debug --ssl --ssl-ca ca-cert.pem --ssl-cert client-cert.pem --ssl-key client-key.pem -h host.tld -u user -p = Segmentation Fault
<chmac> Well, it asks for the password first, the segfaults.
<chmac> I tried --debug, but it says debug is not installed.
 * Daviey will re-read scrollback after this call
<rbasak> I designed it to have a very small and clean integration point with nova - nova just has to tell the class when to start and stop logging. Integrating it with processes is really down to how upstream want nova to manage processes of this form - making this happen should not affect the rest of the patch. I'm happy for upstream to take this on, or Daviey if he likes.
<rbasak> I would just try and fork, but IIRC I tried that and bad things happened to sqlalchemy. I think spawning a process "properly" would be needed.
<rbasak> I'm a bit miffed that upstream don't take this more seriously, tbh. It is a security vulnerability that they're carrying after all.
<Madkiss> hi folks
<Madkiss> just a quick question; will there still be an "alternative installation cd" with Ubuntu 12.04, given that the server and desktop branches will be merged?
<smb> zul, I think after upgrading the xen-utils-common, this broke (or at least makes it very unintuitive) usage of the xl state. Switched it around to xl, rebooted and have lots of trouble to get a pv guest to have a network... :(
<smb> *s/state/stack/
<zul> son of a..
 * zul shakes his fist
<smb> I can do manually by adding the vif to the bridge I want and then ifconfig up it. Just not very user friendly... And documentation about that is... sparse
<smb> I know
<abcdude> tweaking or chaning various fonts in console-setup is not ok for me
<abcdude> what do I do?
<abcdude> it worked as i wish temporary. but after reboot, it changed back to small fonts
<abcdude> what do I do?
<smoser> zul, or Daviey you have thoughts on my comment in bug 929523 ?
<uvirtbot> Launchpad bug 929523 in bacula "bacula-director does not start, dummy libbaccats " [Undecided,New] https://launchpad.net/bugs/929523
<smoser> this stuff is new to me.
<hallyn> stgraber: I'm considering the following lxc debdiff (http://people.canonical.com/~serge/lxc.debdiff), but there must be a more robust way to do the networking?
<smoser> please? someone?
<hallyn> some type of network setup macros i'm not aware of...
<stgraber> hallyn: the check could at least be changed to [ -d /sys/class/net/${LXC_BRIDGE} ]
<zul> smoser:  maybe remove the other libaccts and just have them symlinks maybe?
<zul> smoser:  other than that im not sure..i might take a crack out of it
<hallyn> stgraber: ok (there's another instance of that check, will change both)
 * Daviey reads scrollback
<stgraber> hallyn: you could also check for "/sys/class/net/${LXC_BRIDGE}/brif/*/" to detect bridge members I believe
<Daviey> zul: Is there complexity attached to porting this patch to precise?
<zul> Daviey: no its done, it just needs to be tested and maintained so whenever the code changes then the ci stuff will break
<Daviey> zul: break, or inform us we need to refresh the patch?
<zul> Daviey: inform
<zul> Daviey: break in my mind though ;)
<smoser> zul, i dont htink that would fix it though
<smoser> as its going by the soname
<smoser> i tihnk
<zul> i would like to see how redhat does
<zul> does it
 * zul cant type today
<smoser> ie, if we moved the libbaccats-mysql-5.2.5.so to libbaccats-5.2.5.so, it would still have the soname describing the 'mysql' bit
<smoser> and then it wouldn't resolve.
<smoser> the one option i thin would work is to just override the deps
<smoser> ie, shlibs.local
<dforthman> Hi. I'm using the check_nrpe plugin checking the event log on a Windows host running NSClient++ with NRPE plugin installed. When I run my query, filtering for Backup Exec source, errors only, it comes back saying Eventlog check is ok. But when I look at the server, there's several error messages that are not being reported.
<zul> smoser: try it
<smoser> zul, i'm not sure of the format and it seems generally like a bad idea
<smoser> :)
<zul> there is no bad ideas just stupid ones :)
<cloudgeek> any good link for a student to setup a webhosting on ubuntu server laptop, i serach google not any relevant link can any provide or guide me
<cloudgeek> plz
<cloudgeek> if anybody can do
<EvilResistance> SpamapS, around?
<smb> mdeslaur, Hey, would you be the one to talk about an issue with virt-manager?
<cloudgeek> which is best option as a firewall
<cloudgeek> Iptable
<cloudgeek> or shorewall
<cloudgeek> ??
<mdeslaur> smb: hrm, maybe :P
<mdeslaur> smb: what's up?
<stgraber> hallyn: so wrt switching lxc to upstart, I believe it should be done before feature freeze. It's not technically a feature because it "should" be pretty much identical to the user, but it's still a pretty significant change
<smb> mdeslaur, Still would need to file a bug. But it seems to me there is a minor issue of it to detect that a xen guest has shut down.
<smb> Doing a virsh connection and list, this is displayed correctly
<smb> Just the icon (and I think internal state) of the gui remains as running
<hallyn> stgraber: ok.  I need to get those changes queued up for dlezcano, but will upstartify after that.
<mdeslaur> smb: file a bug, but usually virt-manager just does what libvirt says
<smb> mdeslaur, Ok, will do. Though I realize that maybe I need to try again with a precise desktop. /me keeps the work-desktop a bit back right now and does forget that fact sometimes
<tjaalton> uh, so lxc wants to run it's own dnsmasq, and fails horribly when I already have it set up?
<tjaalton> by cobbler
<stgraber> hallyn: I just noticed pitti uploaded a new LXC...
<hallyn> d'oh!
<hallyn> presumably mine will be rejected then
<hallyn> i'll rebase
<hallyn> tjaalton: yes, i watned to ask stgraber about a way to fix that
<hallyn> (checking bug #)
<tjaalton> hallyn: ok, cool
<hallyn> stgraber: the suggestion in bug 925511
<uvirtbot> Launchpad bug 925511 in lxc "lxc init script should fail when it ... failed" [High,Fix released] https://launchpad.net/bugs/925511
<tjaalton> also, looks like resolvconf doesn't follow dns-nameservers on /e/n/interfaces
<SpamapS> EvilResistance: here now, whats up?
<EvilResistance> SpamapS, incoming /query
<stgraber> tjaalton: hmm, it definitely does, I'm using it on a few machines (resolvconf is the owner for the dns-* stuff in /e/n/interfaces)
<nottheoilrig> i can configure policy routing with "ip route ..." and "ip rule ..."
<nottheoilrig> where is the correct place to put these commands so they "stick" when i reboot?
<tjaalton> stgraber: well it doesn't seem to work here :/
<stgraber> tjaalton: can I have your /etc/network/interfaces + know where /etc/resolv.conf points to + "status resolvconf" + content of /run/resolvconf/resolv.conf and content of /run/resolvconf/interface/* ?
<tjaalton> stgraber: ok one sec
<tjaalton> stgraber: http://paste.ubuntu.com/835370/
<dforthman> Hi. I have an Ubuntu Server 11.10 set up as a Nagios server. I have the check_nrpe addon installed, and am pulling the EventLog from a Windows2k8 machine running NSClient++ with NRPE addon. When I run my query, it returns with no errors in the event log. But, there are clearly errors when I remote to the server and look manually. Does anyone have any experience with Nagios and NSClient++? There's noone responding in #nagios
<stgraber> tjaalton: ok, that's pretty weird. I'm unfortuantely busy breaking my test machine at the moment so can't look at it just now, will do in a bit.
<tjaalton> stgraber: no problem, I've just added the nameserver in resolv.conf.d/tail for the time being :)
<tjaalton> I'll try to trace the script myself
<smb> mdeslaur, bug 929626 filed (seems to be same still in precise)
<uvirtbot> Launchpad bug 929626 in virt-manager "virt-manager misses xen guests shutting down" [Undecided,New] https://launchpad.net/bugs/929626
<mdeslaur> smb: thanks...I may merge virt-manager and virtinst this week, so I'll probably test with the new versions before taking a look at the old ones
<smb> mdeslaur, ok. as soon as I see newer uploads I will re-test anyway
<cloudgeek> how to amzon like service
<roaksoax> Daviey: free?
<Daviey> roaksoax: always for you.
<roaksoax> Daviey: so http://paste.ubuntu.com/835415/
<roaksoax> Daviey: the default profile/system preseed for the enlister is worrying me
<roaksoax> :)
<Daviey> roaksoax: ok
<roaksoax> Daviey: we are passing, user/pass, host-profile
<Daviey> roaksoax: right
<roaksoax> Daviey: so, there's no *easy* way to determine this automatically
<roaksoax> Daviey: and we are passing the password in clear text
<roaksoax> Daviey: so I don't personally think we should have automatic enlisting by default, but rather, have the user input at least password, and a profile if different from default
<Daviey> roaksoax: cjwatson and SpamapS worked to make the preseed channel ssl.
<roaksoax> Daviey: right but apart from that, you could read the kickstart by doing this: http://192.168.123.1/cblr/svc/op/ks/profile/oneiric-arm
<roaksoax> which will also show the password
<Daviey> roaksoax: that needs tightening up. :)
<Daviey> roaksoax: lets get the functionality there, and we'll poke it next week.
<Daviey> roaksoax: Note, that this is a prerequisite for other work.  we won't be passing cobbler creds long term.
<roaksoax> Daviey: ok but besides of using ssl for preseeding, there's no way for us to automatically determine what password to use (as this is set when installing cobbler) unless we store it somewhere in base64 and decrypt it at the time of reading the preseed
<Daviey> roaksoax: it can be overridden via the API?
<jjohansen> hallyn: I tracked down the problem I was having, and it is looking like its going to take a while to fix.
<jjohansen> How import is being able to define rules based off of options?  Well most of them specifically options that are not (bind,remount,move)
<jjohansen> eg. you could still do
<jjohansen>   bind /foo -> /bar,
<jjohansen>   deny bin /foo -> /bar,
<jjohansen>   mount fstype=procfs -> /bar,
<jjohansen> but
<jjohansen>   mount options=rw,
<roaksoax> Daviey: you mean, if the enlisting process fails due to a wrong apassword, could you input it?
<roaksoax> Daviey:
<Daviey> roaksoax: yeah!
<rbasak> Daviey: I've spent the last couple of days poking at openmpi. I have potential rebuild failures with libboost-(something)mpi, and haven't tested that much else (just one other package which works). So I'm concerned about getting it all fully rebuild tested before feature freeze, especially since I'm struggling with tooling to do rebuild tests against local openmpi build-depends.
<roaksoax> Daviey: i guess so if the enlister udeb adam_g was working on supports that checking
<rbasak> Just trying to make sure you know before the last minute.
<Daviey> rbasak: can you draft a mail to ubuntu-release@lists.ubuntu.com outlining what you are doing, and potential concerns which might make it slip FF?
<jjohansen> hallyn: I am thinking of just disabling the option match for now, you could still specify them but nothing would happen.  That would should let me get you a ppa today and then I can mess with fixing the options stuff over the weekend
<rbasak> We could just dump it all in the archive to see what happens, but we won't know what happens until a rebuild test.
<rbasak> Daviey: I'm not sure it's anything fundamental to what I'm doing, but more that I'm unfamiliar with the tooling around testing dependent package rebuilds before uploading stuff, thus making me slow.
<hallyn> jjohansen: so we would be able to distinguish bind from non-bind right?
<Daviey> rbasak: yeah, that is understandable
<hallyn> that's still helpful
<roaksoax> Daviey: anywya, i'll just put a sample preseed with a default user/pass cobbler:cobbler and make sure the functionality works.
<Daviey> roaksoax: cool
<hallyn> jjohansen: heck prolly useful without even that.  we don't want to allow proc to be mounted *anywhere* else (or /sys), to enforce the rules we have
<hallyn> stgraber: can you comment on bug 928524 ?
<uvirtbot> Launchpad bug 928524 in lxc "lxcbr0 fails to come up when dnsmasq is installed" [Low,Confirmed] https://launchpad.net/bugs/928524
<hallyn> jjohansen: and then i'l lneed to think about how to handle user-specifed per-container restrictions.  but i can't think about that right now.
<rbasak> Daviey: you want me to email ubuntu-release@lists.ubuntu.com regardless?
<Daviey> rbasak: If it's a concern that something with lots of rdepends won't be ready, it's probably wise.
<rbasak> OK
<Daviey> (we could do with being more communicative :)
<smb> zul, Dammit, ok I found out why networking fails. Apparently we need vifscript uncommented and pointing to the full path (/etc/xen/scripts/vif-bridge) for it to be found. What I have not figured out is how to force it to use something different than xenbr0 without having that repeated in every guest cfg.
<smb> (meaning in /etc/xen/xl.conf and for xl)
<webPragmatist> whats a cool graphical cli of junk regarding a system?
<webPragmatist> like htop
<webPragmatist> but cooler
<roaksoax> adam_g: how do you debug the enlistment process
<roaksoax> in the installer
<adam_g> roaksoax: should be output in syslog, or drop to a shell and exec the enlister yourself with the same arguments you've preseeded?
<adam_g> roaksoax: also, you can export COBBLER_ENLIST_DEBUG=1 and get more verbose debug from the tool.
<ragnar_> Just installed a new virtual network card. How do I make ubuntu server detect it?
<MTecknology> Is it possible to use a password for a LUKS volume but feed the password in throught stdin or something?
<MTecknology> I'm trying to have a one server log into another and mount that volume through an ssh connection so the server itself doesn't mount the luks volume, but a remote system does
<roaksoax> adam_g: cool... and does it validate things like wrong password and stuff like that (i.e. what if the password send by the preseed is wrong, does it request to input a new one?)
<roaksoax> adam_g: what about the hostname?, can it be preseeded empty, or would it automatically detect a hostname?
<adam_g> roaksoax: you'll get an xml fault from the server, cobbler-enlist will print that and ext 1
<adam_g> roaksoax: theres a branch here; https://code.launchpad.net/~gandelman-a/ubuntu/precise/cobbler-enlist/avahi
<adam_g> roaksoax: taht supports discovery of the orchestra server, feel free to take that
<adam_g> roaksoax: the avahi advertisement it looks for is hardcoded, so you'll need to update it to whatever it is your looking for
<roaksoax> adam_g: right, so what i'm doing is simply create a default system with a enlistment preseed/ Once the machine boots, it will boot to this preseed by default and will register itself to cobbler, this, however, requires cobbler's user/pass, hostname and profile to use AFAIK. So my point was, if any of these are not passed in the preseed, will the process fail and cause an error?
<roaksoax> adam_g: so if no ohstname is passed, will it just fail, or will it request to enter a hostname? if no profile to register the system with is passed, witll it be requested? If the password (or iuser) are wrong, will it be requested?
<kirkland> jcastro: ping
<roaksoax> adam_g: http://paste.ubuntu.com/835626/
<roaksoax> Daviey: ^^
<adam_g> roaksoax: if cobbler-enlist fails, it will exit with an xml fault and rc 1.  it also will fail if it does not have the minimum required parameteres (hostname, username, password, profile and a few others i think)
<roaksoax> adam_g: alright, so we were talking with Daviey about it, and we kinda agreed that if for example, password is incorrect, it should request for user input
<roaksoax> adam_g: on the other hand, wouldn't it be better for the udeb to determine its own hostname with its mac address?
<adam_g> roaksoax: currently there is no user interaction like that in cobbler-enlist, if you can handle that in d-i great
<adam_g> roaksoax: yeah.
<roaksoax> adam_g: ok cool, I;ll run this with Daviey and see what could be good improvements for it
<roaksoax> thanks for the info
<adam_g> roaksoax: or generate a random hostname thats some mangled version of its mac
<roaksoax> adam_g: indeed
<roaksoax> adam_g: i do like that idea, cause the provider (cobbler) can't determine a hostname based on the mac cause we are preseeding that to a unkwnon system
<adam_g> roaksoax: yeah, just generate it somewhere on the client system and pass as input to cobbler-enlist
<roaksoax> adam_g: ok cool
<aFeijo> hi folks, sudenly my ubuntu 10.10 has no internet, but I am accessing it thru putty so it works in my LAN. What can be the problem?
<cwillu_at_work> aFeijo, dns, bad gateway, incorrect routing tables, misconfigured firewall, busted router
<aFeijo> checking...
<roaksoax> adam_g: so if I do not specify hostname/profile in the preseed, it asks for it, however, it doesn't register the system in cobbler
<roaksoax> adam_g: if I preseed those values, then it does register it successfully
<itgeo> hello guys, i install some pentest tools from another distro on kubuntu but i am not able to get the pentest menu in kmenu. They are all under Lost and Found menu
<jcastro> kirkland: pong
<hallyn> smoser: trying ot test out my port of your btrfs extensions to lxc-clone.  but sure enough, after creating the first btrfs continer and start+stopping it, i can't mkdir on the fs at all any more - read-only filesystem
<smoser> hallyn, as in you think there is a bug in my code or a bug in btrfs
<smoser> ?
<smoser> its possible i just used it wrong, being a luser
<smoser> hallyn, remember i had some of the lxc-clone stuff done
<smoser> but i ditched it
<smoser> wiat..
<smoser> i had some of the lxc-create done
<smoser> lxc-clone is committed.
<hallyn> hm, actually maybe it's not btrfs's fault.  I dunno.
<roaksoax> adam_g: so this is what I did to set the hostname/profile temporarily untill we find a better solution
<roaksoax> adam_g: http://paste.ubuntu.com/835716/
<roaksoax> Daviey: ^^
<smoser> hallyn, the whole fs goes ?
<smoser> or just that dir ?
<smoser> can you show me a recreate ?
<roaksoax> smoser: ^^ you might also be interested as this is from bug #898840
<uvirtbot> Launchpad bug 898840 in cobbler "'default' preseed should be enlister" [Medium,In progress] https://launchpad.net/bugs/898840
<hallyn> smoser: the whole fs.
<smoser> well i dont think thats my fault then.
<smoser> kernel messages?
<hallyn> smoser: it happens after the lxc-stop.  so i imagine it's being umounted badly.
<hallyn> smoser: i was never thinking it was your fault.
<hallyn> i thought btrfs was corrupted.  but now i think it's lxc's fault
<smoser> i'm confused as to what you're doing though.
<Steevca> I am having a problem with my network connection,the guy from ubuntu told me to ask here.I can't connect at all.
<Steevca> http://paste.ubuntu.com/835463/  This is what i got from followin a tut.
<hallyn> smoser: http://paste.ubuntu.com/835728/   on a canonistack instance
<adam_g> roaksoax: cool
<hallyn> smoser: even if i add 'mount --make-rslave /var/lib/lxc', it still does it.  so i think it's a problem with btrfs.  but i'll need to think up some testcases for it when i have time
<RoyK> http://paste.ubuntu.com/835745/ <-- where can I find the connection between sdX and ataN?
<hallyn> smoser: nm, it happens with ext4 too.  it has to do with my bind mounts
<_ruben> RoyK: i posted a similar question on askubuntu, which did get answered i think
<Daviey> roaksoax: okay, and that works with cobbler/cobbler creds?
<roaksoax> Daviey yes it does
<roaksoax> Daviey we still need to find thr better way to handle that and probably request the pass if not preseeded
<Daviey> roaksoax: if it is a null value, password request will happen.
<Daviey> roaksoax: We need to check in with bigjools, because it will not require a user/pass combination long term.
<roaksoax> Daviey ok maybe a token that expires after registration will catch up with him next week
<Daviey> roaksoax: cool, i think it's going to be a use-once oauth token.  However, it's still conceptial.
<roaksoax> Daviey cool
<Daviey> rbasak: bug 929780 :)
<uvirtbot> Launchpad bug 929780 in nova "console.ring files should not be world readable" [Undecided,New] https://launchpad.net/bugs/929780
<rbasak> Daviey: I think that's an upstream bug. It's the permission on the instance directory or one of its parents that should be secure, and that has nothing to do with console.ring.
<Daviey> rbasak: ah, ok. thanks
<rbasak> (though it isn't clear what the permission of the parent directories are - maybe they're protected already?)
<undecim> What does it mean if a system responds to pings, but there is nothing in /var/log/ to indicate that it booted?
<Daviey> rbasak: *shrug* :)
<rbasak> I suppose we could create console.ring 600, but we'd also have to worry about anything else that might go in that directory. I'd say it's sufficient to just protect the directory, but if it's decided otherwise I'd be happy for the ringbuffer class to accept a umaskk.
<rbasak> I don't recall console.log being anything other than 644 either, though I could be wrong :)
<Daviey> rbasak: Honestly, i don't know without reproducing
<xystem> anyone have real world experience setting up ubuntu to authenticate and share drives over an existing active directory enviroment running server 2k8 r2?
<xystem> I can authenticate... but my user has sudo permissions, unable to edit network controllers, or see the domains shared drives
<xystem> but the local user can
<mgw> https://gist.github.com/1784058 <<<< given a d-i partition map such as that, how can I determine which partition has what device name (sda1, sda2, etc)?
<xystem> well, looks like linux fails to do what 50 million people want it to do.. and fails on any support... all documentation on the internet is old.. does not apply.... and this chan is so far dead
<xystem> and likewise-open is garbage
<Jeeves_> xystem: What are you brabbling about?
<xystem> my first three posts
<Jeeves_> Well, first of all. You seem to have issues with likewise-open, and blaim linux for it
<xystem> no
<Jeeves_> That's kinda strange
<xystem> kerberos does not work
<xystem> neither does samba
<Jeeves_> samba works fine for me, if i'd need it
<xystem> im a long time user of linux.. never had to join to an active directory before... and this is not working
<xystem> I use samba at home.. it's great
<xystem> but in an enterprise envi... not so much
<Jeeves_> You should never join active directory :)
<xystem> too bad.. it rules most networks... and makes the money
<xystem> well
<Jeeves_> No, it costs the money
<xystem> bussiness networks
<xystem> it breaks.. i fix the active directory... therefore it makes me the money
<Jeeves_> Anyway, might be more useful to elaborate about your issue, than to blame all documentation on the internet that does not apply and nobody wants to support
<RoyK> IT'SÂ THEÂ INTERNET'SÂ FAULT
 * RoyK sniggers
<xystem> what more is there to elaborate?
<Jeeves_> I'm of no help, btw. I haven't used Windows environments for about 15 years
<xystem> documentation does apply
<Jeeves_> Yay!
<xystem> but old
<RoyK> xystem: RTFS!
<xystem> already did
<xystem> im not stupid.. and this is why the ubuntu chan sucks...at least when i have an issue the mint chan doesn't have condescending assholes
<Jeeves_> Hi, you again?
<Jeeves_> Calling me an condescending asshole? :)
<Jeeves_> xystem: Have you ever considered to buy support? As you do with you super-duper Windows environments?
<xystem> yeah well.... you are still doing it....    and im a single user, the only user in this network running linux... no use buying support.. in fact.. it's an attempt to convince my company to support linux.. but i have to figure this out myself
<xystem> I can not help that most people use windows... therefore I have to support it
<xystem> does not mean I like it
<xystem> and yes
<xystem> you are what I called you
<qman___> amazing what people expect for nothing
<Patrickdk> hmm?
<Patrickdk> I can't remember ever having issues using AD on my ubuntu machines
<qman___> I've never actually done it successfully, but it's got nothing to do with ubuntu or even linux in particular, just goes with the territory
<Jeeves_> Off to bed, see ya
<qman___> I just mean that whole bit about how we're the jerks because a free support channel comprised mostly of volunteers doesn't have an immediate resolution to his specific problem
<Patrickdk> hey, he had a question
<Patrickdk> it wasn't solved on his timeline
<Jeeves_> We should ddos the ** out of him!
<Patrickdk> therefor the internail fail
<Patrickdk> internet
<mpz> ubuntu server n00b, is it possible to enable pkgs for later releases? we're running lucid 10.4 which runs mysql 5.1.41 which has a bug. can i upgrade mysql to newer 5.1 release without upgrading the release? thanks for the help
<Patrickdk> if it's in backports
<Patrickdk> mpz, personally, I would just install mysql from http://www.percona.com/doc/percona-server/5.5/
<Patrickdk> you can get newer 5.1 and 5.5 there
<jkyle> the service utility fails to stop the networking service with "stop: unknown instance"
<mpz> Patrickdk: not in backports, if i'm on lucid can i not enable maverick repo?
<Patrickdk> mpz, not without making a complete mess
<Patrickdk> if you do, it will bring in every maverick dependency
<Patrickdk> and things you have in lucid could and likely will start breaking
<mgw> https://gist.github.com/1784058Â <<<< given a d-i partition map such as that, how can I determine which partition has what device name (sda1, sda2, etc)?
<qman___> sometimes you can install a package from a newer or older release, but definitely do not add a repo
<Patrickdk> mpz, personally, I use the percona lucid build, rebuild myself and added to my ppa
<qman___> if you go that route, manually download the package or packages you need from packages.ubuntu.com and install with dpkg
<uvirtbot> New bug: #929523 in bacula (main) "bacula-director does not start, dummy libbaccats " [Undecided,Fix released] https://launchpad.net/bugs/929523
<uvirtbot> New bug: #929769 in cobbler-enlist (main) "Enlistment fails if some values are not preseeded" [Undecided,Confirmed] https://launchpad.net/bugs/929769
<uvirtbot> New bug: #929780 in nova (main) "console.ring files should not be world readable" [High,New] https://launchpad.net/bugs/929780
<uvirtbot> New bug: #929848 in nagios3 (main) "init script has hard coded chown" [Wishlist,Incomplete] https://launchpad.net/bugs/929848
<uvirtbot> New bug: #929888 in openldap (main) "ldap_result returns -1 when called from sssd" [Undecided,New] https://launchpad.net/bugs/929888
<uvirtbot> New bug: #929382 in lxc (universe) "package fails to install: SIOCSIFNETMASK: Cannot assign requested address" [High,Fix released] https://launchpad.net/bugs/929382
<uvirtbot> New bug: #929514 in lxc (universe) "package lxc 0.7.5-3ubuntu20 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [High,Fix released] https://launchpad.net/bugs/929514
<uvirtbot> New bug: #929563 in bind9 (main) "apparmor profile does not include local overrides" [Undecided,Confirmed] https://launchpad.net/bugs/929563
<uvirtbot> New bug: #929827 in krb5 (main) "KDC (krb5-kdc-ldap) and kadmin.local segfault in libkdb5.so.5.0." [Undecided,New] https://launchpad.net/bugs/929827
<adam_g> yikes
<uvirtbot> New bug: #929086 in lxc (main) "Missing depends: dnsmasq" [High,Invalid] https://launchpad.net/bugs/929086
<uvirtbot> New bug: #928990 in cloud-init (main) "fsck / dirty filesystem on instance is death" [High,Triaged] https://launchpad.net/bugs/928990
<mpz> Patrickdk: thanks for the heads up, i can't find any percona pkgs with "apt-cache search percona"
<Patrickdk> mpz, you do know how to click on url's I posted right?
<mpz> Patrickdk: so used to cli i forgot how to :p
<hallyn> stgraber: all right, got bogged down today, but i'm hoping tomorrow to upstartify lxc.init, and fix ureadahead and udevtrigger
<stgraber> hallyn: cool
<hallyn> the /dev/lxc/console thing would be nice to get done too, but that would require the rest to go VERY smoothly
<stgraber> hallyn: I did a few more tests with the whole having /dev/console and /dev/tty* be symlinks, getty definitely starts on a symlink but it seems to only receive partial input for some reason
<stgraber> not sure if that was my system being broken though ;)
<hallyn> drat
<hallyn> oh right and of course there is the whole multiple devpts mounts thing - though i think for 12.04 we rely on apparmor mount restrictions for that
#ubuntu-server 2012-02-10
 * hallyn out - maybe bbl
<stgraber> hmm, and now my tty works fine ...
<stgraber> hallyn: I'll do some more tests and e-mail you the results. I don't have a working C implementation though (and I believe you'd be much faster at doing that than I'm ;))
<Tohuw> I'm reinstalling Ubuntu Server 11.10 on a system where I had previously setup an LVM to use software RAID 1. I no longer want to use software RAID, but now whenever I attempt an install, the installer reports it has found one or more disks containing a RAID configuration. How can I remove this configuration? I have reformatted the drives... I also ran dmsetup and cleared the device mapper... what am I missing?
<cloakable> Blank the drives, iirc.
<cloakable> Just zero the drives for a bit, enough to wipe the raid headers.
<Tohuw> cloakable: what would be the most reliable way to do this? I have the server install and I can get to a shell from there using the "Rescue a broken system"
<kerframil> with the 1.0 metadata format, the superblock is at the end
<kerframil> anyway, surely the installer can be told to shut up and proceed (it can via preseed, at least)
<Tohuw> I told it not to activate the raid devices, which lets me partition as I would expect, but the  resulting installation does not have a working GRUB
<Tohuw> it blanks out before even displaying what stage it is loaading
<cloakable> Tohuw: "dd if=/dev/zero of=/dev/<hard disk device>" iirc.
<cloakable> May take a while, depending on disk size.
<Tohuw> 2x 1.5 TB, SATA II... coffee breaks
<cloakable> Mmhm.
<cloakable> Run the command in parallel, leave it a while.
<Tohuw> Can someone point me to  TFM to R so I can understand superblocks, and the way partitioning actually works below the filesystem level?
<Tohuw> I understand RAID in a practical sense, and I understand LVMs, but not the mechanics; e.g. what's actually happening under the hood and where that is living in relation to what is actually visible to the OS
<Tohuw> cloakable: what is the correct way to run this command in parallel? I'm having difficulty grokking parallel's page on GNU.org
<cloakable> Tohuw: "dd if=/dev/zero of=/dev/<hard disk device> &" will run the command in the background until it completes.
<Tohuw> cloakable: yeah, I ended up doing that... I was trying to get all fancy with it >_< clearly coffee time
<cloakable> Haha
<BuenGenio> hello, what are these  -- MARK --
<BuenGenio>  messages that keep being logged in /var/log/messages?
<savid> Has anyone seen any issues where virtual interfaces won't show up in ifconfig?
<savid> The interface can be brought up, and it works, just not visible to ifconfig apparently
<rf5> hello. im trying to run the apache in my virtual server i installed apache2 but still cant access the ip
<fluvvell> I found linux-ip.net stuff to help me set up two internet connections that I have, but the examples show them coming in on two different interfaces, whereas I have two routers that are connected on the same lan.
<fluvvell> I want all traffic coming in on one connection, to go back out the same connection.
<Pupuser> Hello, Linux noob here. Does anyone know if I can use wubi to install ubuntu server, or any other ubuntu distro?
<tash> has anyone had problems with apache2 and php5 on Ubuntu server 11.10?
<rf5> i am having tash
<rf5> mine is not even opening lol
<twb> fluvvell: you can't have that
<tash> I'm getting a white screen :)
<tash> I moved my site from old server to this, and can't get it to load ... :(
<tash> the only thing that I can get to work is the It Works! page
<fluvvell> twb, I cant have two incoming internet connections?
<twb> fluvvell: it's possible if you have an AS (i.e. you're an ISP).
<rf5> i cant get it working tash.
<qman___> not like that at least, you need a load balancer
<tash> I don't know if I'm missing VirtualHost config or what
<fluvvell> what do you mean by an AS
<tash> anyone able to help rf5 and I out?
<twb> fluvvell: otherwise you can approximate it with a lot of fiddly netfilter and ip rule rules, which are beyond your capabilities
<rf5> what did u do tash, just apt-get install apache2?
<tash> I did apt-get install php5 and it installed apache2 for me
<tash> and then apt-get install mysql-server php5-curl curl
<twb> fluvvell: each ISP gets an AS number.  The backbone of the internet has an entry in each backbone router for every AS.  An AS means you are an autonomous part of the internet, you answer to no one.  This allows you to populate GRE tables with multiple routes from <the internet> to you.
<fluvvell> twb: http://linux-ip.net/html/adv-multi-internet.html, http://kindlund.wordpress.com/2007/11/19/configuring-multiple-default-routes-in-linux/
<twb> I haven't investigated the cost, but getting an AS these days would probably cost in the tens-of-thousands range
<twb> fluvvell: those URLs discuss the "appoximation that's over your head" approach
<fluvvell> twb, I'm always keen to learn further.  I try not to talk up my abilities, but I understand the concept of routing tables.
<twb> fluvvell: you should take this to #netfilter
<fluvvell> twb, ok. Its always good to get some advise anyway.
<twb> fluvvell: when you go there, I will tell you more
<fluvvell> twb, thanks.
<Guest22249> hey, I need help please... I have an apt-mirror server which has updated now, with the normal things and debian-installer, running 11.10. I want to net install my computers on the network using a USB, everything work 100%, but there is no ubuntu desktop, i have to ssh in and tasksel multiselect ubuntu-dekstop. How do i get it to install ubuntu desktop? currently using kickstart and preseed together, but it does not install ubuntu desktop. my prese
<Guest22249> ed.cfg tells it to install ubuntu-desktop
<Guest22249> ed?
<Guest22249> please note i am a newbe
<Guest22249> how do i tell the USB installer to use ed.cfg?
<Guest22249> hey, I need help please... I have an apt-mirror server which has updated now, with the normal things and debian-installer, running 11.10. I want to net install my computers on the network using a USB, everything work 100%, but there is no ubuntu desktop, i have to ssh in and tasksel multiselect ubuntu-dekstop. How do i get it to install ubuntu desktop? currently using kickstart and preseed together, but it does not install ubuntu desktop. my prese
<Guest22249> ed.cfg tells it to install ubuntu-desktop
<_ruben> Guest22249: you're preseed file likely wrong then, also be sure to check the installer's logs for any oddities
<_ruben> i dont do desktop preseeds, so dunno if there's any caveas
<_ruben> caveats
<armand-jhb> well... i took the preseed file from the ubuntu cd.... so it cant be wrong
<armand-jhb> in there, there is no way that it can call other files
<armand-jhb> the preseed file tells it to also install ubuntu-desktop... but nothing
<Tribaal> HI all
<koolhead17> hi all
<linocisco> i have created apt.conf under /etc/apt. I dont want to reboot. how to refresh or update that entry in apt.conf?
<Daviey> jamespage: do you know why we have a karmic PPA on https://jenkins.qa.ubuntu.com/view/Precise/job/precise-server-ec2/ARCH=i386,REGION=us-west-2,STORAGE=instance-store,TEST=cloud-config,label=ubuntu-server-ec2-testing/3/console ?
<dns53> linocisco why would a reboot be required?
<jamespage> Daviey: yes - the cloud-config specifies it as a manually added PPA
<jamespage> we don't actually care that its karmic - just that its present (proves cloud-init did its stuff)
<linocisco> dns53, because i have put some entries in apt.conf like proxy authentication
<Daviey> jamespage: I wonder, is it a good idea to use one which is outside ubuntu developers control? :)
<Daviey> mind you, it can't be uploaded it.. the release is EOL'd
<dns53> linocisco i had assumed that it was always read when apt is used and it would be used on the fly
<jamespage> Daviey: feel free to raise a bug - https://bugs.launchpad.net/ubuntu-server-ec2-testing/+filebug
<jamespage> its good point but low priority IMHO
<linocisco> dns53, no
<linocisco> dns53, there is no apt.conf in 10.04 LTS server version
<smb> There is no apt.conf by default, but it is honoured as soon as it is there
<smb> (only using it to change the proxy myself)
<smb> dns53, If you sort of did the same, the next time you run apt-get it is in effect (without rebooting)
<dns53> that is what i have seen in the past, it will read an apt.conf first, then apt.conf.d/* then command line options to apt so it should not require anything to update
<dns53> it has been a while since i had to use a proxy but it did just require updating /etc/apt/apt.conf with the settings
<smb> dns53, right. Oh and I think I confused person asking and anwering. sorry
<smb> linocisco, ^
<linocisco> smb , what?
<smb> linocisco, The file is not present by default but it will get used the next time you use any apt-get command
<dns53> linocisco no need to reboot, just run apt again and it will use the settings,   there are also command line options where you could specify the proxy server if you want to test things before updating the config file
<linocisco> dns53, apt again means ?? apt-get update or what?
<smb> Or apt-get install
<dns53> linocisco yes, apt-get, aptitude, synaptic etc
<linocisco> dns53, the error i got is "extra junk at the end of the file
<linocisco> "
<dns53> linocisco with the config file or during a transfer?
<smb> does the line in apt.conf look like
<smb> Acquire::http::Procy "http://<host>/";
<smb> *Proxy
<linocisco> smb, I got it now
<linocisco> syntax error
<smb> linocisco, ok
<linocisco> smb, are you samba expert?
<smb> linocisco, not really. using it only a bit
<linocisco> who is using vbox with windows to host  ubuntu server guest?
<dns53> so you want to mount a windows share under ubuntu?
<dns53> is your computer part of a windows domain?
<linocisco> dns53, no. our server is NOvell
<linocisco> dns53,  clients are windows XP
<dns53> they still exist? i thought they died with the dinosaurs
<linocisco> dns53, actually I want to setup ubuntu mail server and mail clients from windows will use
<dns53> do you want to connect to the novell network?
<linocisco> dns53, all clients XP are installed with Novell clients for widnows software to authenticate network drive and internet access. now
<dns53> so you want the users to be able to login to email etc using their novell credentials?
<linocisco> dns53, no. it is to test for my own with my test users
<linocisco> dns53, I have only windows XP which has internet. now it hosts ubuntu server with vbox (NAT) setup. i have installed mail server role with internet site.
<linocisco> dns53, before I start anything, I am trying to start "ping" from host to guest and guest to host
<dns53> you don't want nat you want a bridge, you can ping up the chain but not down the chain in nat
<linocisco> dns53, yes. I can ping from guest to host. but not host to guest
<linocisco> dns53, what do I do?
<linocisco> dns53, what type of adapter would be better or more suitable?
<dns53> linocisco well you will need to set the vm to use bridge networking (other computers on the network can connect to the vm) or internal (only your computer can connect to the vm)
<dns53> windows i believe you just need to shut down the vm, go to the networking config page and you should have the option of specifying the type of network
<linocisco> dns53, in my setup, i dont need other computers to connect to my ubuntu mail server. Just host XP's mail clients thunderbird has to connect to Guest" ubuntu server.".
<dns53> linocisco so configure the network interface in virtualbox to use internal networking
<linocisco> ok
<linocisco> dns53, so , i think i should make virtualbox host only adapter on my xp and ubuntu-server's eth0 in same subnet or network. right?
<dns53> linocisco i believe so, just choose an ip that does not exist on your normal network
<linocisco> dns53,  pretty sure. thanks alot
<jamespage> lynxman, around - have a rabbitmq-erlang-client query for precise
<linocisco> btw, how to give shutdown/reboot right to normal user or first user created on ubuntu server
<linocisco> maning default user during installation
<linocisco> meaning default user
<dns53> you can add a user to the admin group,    sudo   usermod -a -G admin  username
<lynxman> jamespage: sorry wasn't paying attention, shoot :)
<jamespage> lynxman, OK; so I noticed that that rabbitmq-erlang-client is still at 2.5.0
<jamespage> in precise
<lynxman> jamespage: hmm I sent all the packages to zul to pump them to 2.6.1
<lynxman> jamespage: at the Budapest rally
<lynxman> jamespage: there's erlang client and stomp
<jamespage> lynxman, OK - looks like this one got missed - I'll take a loop
<linocisco> dns53, is "admin" a group name already created?
<lynxman> jamespage: darn
<lynxman> jamespage: it's on my PPA
<jamespage> rabbitmq-stomp FTBFS at the moment
<lynxman> jamespage: I'll ping zul later then
<dns53> yes, the admin is the group that the first user gets that makes sudo etc work
<lynxman> jamespage: it'll fail if erlang-client is not there, it depends on it
<jamespage> yep
<lynxman> jamespage: I'll ping zul when he's awake and get back to you as soon as it's sync
<jamespage> lynxman, great - if he is busy I can upload for you
<jamespage> I think friday is openstack upload day!
<lynxman> jamespage: if you wish so... :) it's in https://launchpad.net/~lynxman/+archive/ppa/+packages
<uvirtbot> New bug: #930115 in php5 (main) "php5 5.3.2-1ubuntu4.13 introduced regression" [Undecided,New] https://launchpad.net/bugs/930115
<jamespage> lynxman, OK - I'll check with zul and upload
<zul> hmmm?
<Daviey> Anyone fancy giving me a peer review of a diff?
<Daviey> http://pb.daviey.com/bWFR/
<lynxman> jamespage: thanks :)
<lynxman> zul: morning!
<lynxman> Daviey: looks good, pretty straight forward
<Daviey> lynxman: you missed something :)
<lynxman> Daviey: ? it's just adding a patch innit
<Daviey> lynxman: missed the bug number on the d/changelog :)
<lynxman> Daviey: lol
<uvirtbot> New bug: #930116 in lxc (universe) "lxc slow start & unexpectedly disconnected from boot status daemon" [Undecided,New] https://launchpad.net/bugs/930116
<lynxman> Daviey: it's on the patch
<lynxman> Daviey: it's always required in both?
<Daviey> nah, but the fact that there is one - means it should be in the cl
<lynxman> Daviey: aah I see
 * lynxman always pays not much attention to changelogs
<jamespage> Daviey, looks OK to me - just uploaded a very similar one for dahdi-linux
<Daviey> jamespage: yeah, you sponsored it right?
<jamespage> yep
 * Daviey strikes that off his todo :)
<Kiall> Daviey: I wen't with the 3.2 mainline on oneiric due to constant CPU stalls and and kernel panics with the stock kernels...
<Kiall> (I filed / added to bugs.. but nothing ever came of them sadly)
<Daviey> Kiall: crikey, smb/apw ^^ is that news to you?
<Kiall> This is on a bunch of HP DL165 G7's BTW..
<Daviey> Kiall: can you point me to the bug numbers please?
<ikonia> Kiall: are these the amd or xeon 165's ?
<jamespage> zul: rabbitmq-erlang-client needs an upload for 2.6.1 - lynxman has prepared - OK if I upload for him?
<Kiall> AMDs
<smb> Daviey, not sure which stalls and panics actually. Running the oneiric kernel without those
<ikonia> Kiall: there is a bug on the intel
<Kiall> Will see If I can dig them out.. There were a few others filed that I didn't comment on though. Probably never going to find those ones again...
<apw> Daviey, ?
<zul> jamespage: yep
<apw> Daviey, we use oneiric kernels routinely on servers, so i assume its not a generic issue
<Kiall> Daviey: here is one .. https://bugs.launchpad.net/ubuntu/+source/linux/+bug/905219
<uvirtbot> Launchpad bug 905219 in linux "Linux Kernel crash in Netfilter both in Natty (2.6.38-8-server) and oneiric(3.0.0-13-server/3.0.0-14-server) kernels" [High,Confirmed]
<Daviey> apw: Kiall is saying he had regular freezes with a class of HP servers on Oneiric.
<apw> Daviey, and i assume as a server person you are doing lots of testing too and would have noticed
<Kiall> Regular as hell ;) https://launchpadlibrarian.net/89219509/uptime-day.png
<Daviey> apw: I was more wondering if you had come across bugs with it.
<apw> Daviey, i am sure we arn't aware of it, unless you have been made aware and made either of us aware :/
<Daviey> apw: Heh, ok.. (i don't triage incoming kernel bugs fwiw.
<Kiall> Daviey: Another two https://bugs.launchpad.net/ubuntu/+source/linux/+bug/870168 and https://bugs.launchpad.net/ubuntu/+source/linux/+bug/881968
<uvirtbot> Launchpad bug 870168 in linux "Kernel Oops - Oneiric KVM/OpenStack triggers 'Unable to handle kernel NULL pointer deference'" [Undecided,Confirmed]
<ikonia> Daviey: there is a HP bug filed also I'll see if I can get that, although it's on the Intels' not the AMD
<ikonia> (so may be a different issue with similar symptoms)
<apw> Daviey, indeed, and nor does anyone else, there are far tooo many to get any real depth on any of them
<smb> first one seems to require netfilter involved
<ikonia> it's the 165's and a certain blade model
<Kiall> ikonia: I'm seeing those three issues on AMD 165's
<ikonia> yes, the issue (same symptoms) is known to HP on the intels but not the xeons
<jamespage> lynxman, rabbitmq-erlang-client uploaded
<Kiall> not on AMD I assume? anyway.. the 3.2 mainline has been rock solid for me on the same hardware.
<smb> And is this real hw? I see kvm_mmu blah in the first bugs dmesg
<Kiall> Yea, Its real hardware hosting KVM vms
<Kiall> Also - I actually know of another person who's been experiencing #905219 (the first one), but fairly infrequently and not on HP hardware.
<Kiall> Let me dig out the email to see if the trace is identical...
<linocisco> hi i made"   sudo   usermod -a -G admin  username" but still can't shutdown with that username
<smb> apw, It would help if those bug reports would not have a mix of various traces. Some with the beginning, some from the end ...
 * cwillu_at_work is impressed by the screenshot of a remote viewer of a remote viewer
<Kiall> cwillu_at_work: that would be mine ;)
<cwillu_at_work> Kiall, that "view" menu doesn't maintain more of a log? :p
<Kiall> Nope!
<cwillu_at_work> and you can't copy/paste out of it?
<Kiall> Which bug was that BTW, because that was likely a dell server from memory
<Kiall> No - Its a VNC session
<Kiall> (Via a RDP session)
<cwillu_at_work> Kiall, conveniently, both things which support shared clipboards :p
<Kiall> This VNC server doesn't do clipboards ;)
<Kiall> Daviey: re http://pb.daviey.com/bWFR/
<Kiall> should that not have been a new file in /usr/src/iscsitarget-1.4.20.2/patches/compat-3.2.patch ?
<linocisco> anybody help me to setup working email server?
<ikonia> linocisco: what are you not sure on ?
<linocisco> ikonia, i have just install ubuntu server on vbox and i chose mail server option during setup. now postfix is running at loading message
<linocisco> ikonia, i want to make it running mail server
<ikonia> linocisco: ok - so what part are you not sure about ?
<linocisco> i read flurdy page. too complicated
<Kiall> linocisco: there are plenty of guides online, It would be worth going through one of those.. Without a specific problem, IRC tends to be fairly useless :)
<Kiall> This one looks decent https://help.ubuntu.com/community/PostfixBasicSetupHowto
<linocisco> ikonia, i just want to know if I need internet to install any component to mail server
<ikonia> linocisco: you will need the internet to install software from the repos and updates, or use the CD to get software off the CD
<linocisco> ikonnia. now i just wanted to email from one user to another
<linocisco> can i quickly make it done in simple way ?
<ikonia> linocisco: ok - so you want to mail internally over the internet, or internally on the same server ?
<linocisco> ikonia, first only between internally
<linocisco> ikonia, from user1 to user2 and vice visa
<ikonia> linocisco: ok, so when you setup the mail server there was an option that allows you to send internet over the internet or internally, which did you select
<linocisco> ikonia," internet site"
<ikonia> linocisco: why did you select "internet" if you wanted to mail internally ?
<linocisco> ikonia, first i thought it might be easiler
<ikonia> linocisco: why ??? what reason would it be easier ?
<ikonia> linocisco: the whole point of that menu is to ask you what you want to do, and you select the option you need
<ikonia> linocisco: you wanted to "mail internally" yet you selected "mail internet", I cannot grasp how that would be thought of as an easier option than the option that did exactly what you wanted
<linocisco> ikonia, actually in real setup with virtual box, it is not easier to give mail access to host connected to internet from guest ubuntu server
<linocisco> ikonia , so should I choose dpkg-reconfigure postfix and setup  again?
<ikonia> linocisco: to be honest, I think you need to look at what you actually want to do, then research what you need to do to set that up, then ask questions on anything you are unsure about or something that is not working
<linocisco> ikonia,  i agree you will think so
<linocisco> ikonia, i want to get it done fast. i chose my final dream setup
<ikonia> linocisco: getting it right/secure is the priority
<ikonia> linocisco: getting something done "fast" as the priority for a mail server is not a good model
<linocisco> ikonia,  i m not seting up production server now. i just want to feel myself i setup working test mail server
<ikonia> linocisco: again right/secure is still (in my view) what you need to focus on
<ikonia> anyway, it's up to you, good luck
<linocisco> ikonia, i wish you could suggest what to install and how to configure
<uvirtbot> New bug: #930139 in keystone (universe) "Add dbconfig support in Keystone" [Undecided,New] https://launchpad.net/bugs/930139
<ikonia> linocisco: you've been given a link
<ikonia> linocisco: if you want to learn how to setup a mail server, get researching rather than asking "what do I type"
<linocisco> ikonia, that is for internet site
<ikonia> linocisco: apply thought and change approach for internal
<linocisco> ikonia, i m linux newbie. so please kindly understand me
<ikonia> linocisco: I do understand you
<linocisco> ikonia, i run dpkg-reconfigure postfix. should I choose locally?
<ikonia> linocisco: apply thought process in your head. Do you want to send mail locally or over the internet ?
<linocisco> ikonia, it has "no config", "internet site", "internet with smart host", "locally"
<linocisco> ikonia, locally in meaning. but not emailing from system to root
<linocisco> ikonia, i want locally between two users
<ikonia> linocisco: root is a user, so again, think it through, do you want to send mail over the internet
<linocisco> ikonia, not now
<ikonia> linocisco: do you want "no configuration"
<linocisco> ikonia, just between two users at least and i can sleep well tonight
<ikonia> ok - I give in now
<ikonia> I shouldn't have to spoon feed at this level for a mail server, good luck
<linocisco> ikonia, if i choose no config, what do i do next?
<ikonia> linocisco: you don't choose that, I'm not going to help you with this. Please ask someone else
<linocisco> ikonia, thanks anyway
<ikonia> no problem, good luck
<linocisco> ikonia, having no physical server sucks
<ikonia> it makes no difference
<linocisco> what is the error "update-alternatives"warning: forcing reinstallation of alternative /usr/bin/bsd-mailx because link group mailx is broken"?
<lynxman> jamespage: can I ask you a couple ipxe related questions? :)
<jamespage> lynxman, fire away!
<lynxman> jamespage: when I do the upstream merge, you told me I could do that and my changes to the debian structure in a single commit? Or do two commits but keep the package version the same?
 * jamespage scratches his head
<jamespage> I think that you get one commit for the import of the upstream tarball
<jamespage> and then you have todo another for the packaging changes
<lynxman> jamespage: so two commits but keep just one package version in changelog then, right?
<jamespage> yes
<jamespage> bzr commits != changelog entries
<jamespage> lynxman, it might work out like that once the package gets imported to the official branch post upload
<lynxman> jamespage: yeah of course, I just wasn't sure what was the procedure on this one
<jamespage> so takes as many commits as you like on your working branch - they get flattened post upload
<lynxman> jamespage: fair enough, thanks :)
<Tixos> hi, is anybody knowledgeable in DNS that could help me configure BIND?
<linocisco> hi all , I am following "https://help.ubuntu.com/community/PostfixBasicSetupHowto". but i have question on "Setting Postfix Support for Maildir-style Mailboxes"
<linocisco> when I  su - fmaster,
<linocisco> MAIL=/home/fmaster/Maildir,
<linocisco> mail  , I found no mail
<linocisco> what do I do?
<Daviey> Kiall: No, it's a distro patch.
<Kiall> Ah - fair enough
<Kiall> I had thought they were distro patches too, considering they are only used by debian/rules
<Kiall> (a different kind of distro patch that is..)
<Kiall> I had figured that style of patch was used to allow for a broader range of kernel support in a single package.. with a normal patch, it always gets applied regardless of the target kernel version
<uvirtbot> New bug: #898355 in swift (main) "Some scripts from "bin" are not installed" [Medium,Fix released] https://launchpad.net/bugs/898355
<linocisco> i got problem with netcat
<linocisco> netcat: getaddrinfo: Name or service not known
<linocisco> "netcat: getaddrinfo: Name or service not known" . what do i do??
<linocisco> Ursinha-lunch, hello
<linocisco> hi all
<linocisco> netcat: getaddrinfo: Name or service not known
<greppy> linocisco: what is the command you are trying to use with netcat?
<linocisco> greppy, netcat mail.mydomain.com 25
<greppy> does mail.mydomain.com exist?
<uvirtbot> New bug: #930172 in bacula (main) "bacula-director-mysql config results in bad bacula-dir.conf " [Undecided,New] https://launchpad.net/bugs/930172
<linocisco> greppy, it is on server
<linocisco> greppy, not registered domain name on ICANN
<linocisco> soren, hi bro
<linocisco> soren, as a long term geek, could you help me?
<greppy> linocisco: so, can you do "ping mail.mydomain.com"?
<linocisco> greppy, from CLI ?
<greppy> yes.
<linocisco> greppy, unknown host
<greppy> well, there is your problem with netcat as well.
<linocisco> greppy, so what do I do?
<linocisco> greppy, actually I want to setup postfix only one local user to another
<linocisco> greppy, first. before I can setup internet based mail
<greppy> when you installed postfix it should have asked if you wanted to be a local only mail site, if you selected that, it should work.
<linocisco> gre
<linocisco> greppy, i run dpkg-reconfigure postfix with locally
<linocisco> greppy, stil netcat is not working
<greppy> locally it won't be listening on port 25
<greppy> because it's a local only server
<linocisco> greppy, so what to test if I m setting up mail server from one user to another like user1@mydomain.com to user2@mydomain.com
<greppy> from a shell, "echo 'testing' | mail user2@mydomain.com"
<greppy> then check the logs in /var/log/mail.* to see what happens.
<linocisco> greppy, "echo 'testing' | mail user2@mydomain.com" shows nothing
<greppy> right.
<greppy> that should end up with an email sent to user2
<linocisco> greppy, if mail server setup is so difficult, let it be
<linocisco> greppy, i will just try how to give shutdown right to default server user
<linocisco> greppy, "sudo   usermod -a -G admin  username" doesnot work
<greppy> linocisco: so the user can't do "sudo shutdown"?
<linocisco> greppy, yes. it said need to be root
<greppy> k
<greppy> is the admin group in your /etc/sudoers file?
<linocisco> greppy," sudo   usermod -a -G admin  username", admin group should exist?
<greppy> sudo visudo
<greppy> or, add that user to the sudo group instead of the admin group.
<greppy> also, you will need to log out that user and log back in for the change to take affect, when you put a user in a new group.
<linocisco> greppy, i typed sudo visudo, and i found sudoers file , what to do next?
<greppy> check to see if there is an 'admin' group specification
<linocisco> greppy, where to check?
<linocisco> greppy, %admin=ALL
<greppy> ok, so that should wokr.
<linocisco> greppy, my default user is not found in that sudoers file
<linocisco> greppy, how to add default user to admin group ?
<linocisco> sudo   usermod -a -G admin  username is not enough??
<greppy> that adds them to the group
<linocisco> greppy, but i didn't see that user name in sudoer file
<greppy> if you type 'id' in a shell, it should list the groups.
<greppy> it won't be.
<greppy> the user will be in the /etc/group file
<greppy> if you don't see 'admin' in the output of 'id', then you need to log out and log back in.
<linocisco> greppy, i tried logout and logi  n. i found my username is in the list twice
<greppy> ok
<greppy> so what happens when you type 'id'? does 'admin' show up as one of the groups?
<Daviey> roaksoax: around?
<linocisco> greppy, uid=1000(myusername) gid=1000(myusername) groups=4(adm), 20 (dialout), 117(admin)
<linocisco> greppy, 1000(myusername)
<linocisco> greppy, is that correct?
<greppy> yup, so myusername is in the admin group, so 'sudo reboot' should reboot the box.
<linocisco> greppy, not ok
<linocisco> greppy, rebooting is done. not ok yet
<linocisco> greppy, thanks anyway
<linocisco> greppy, cu
<roaksoax> Daviey: im here
<Daviey> roaksoax: sorry, can i re-ping in 40 mins, on a call.
<roaksoax> Daviey: sure
<Tixos> can anyone help with this error, i installed apache2 and php as you would, so i dont see why there would be permission issues?
<Tixos> PHP Notice:  session_start(): ps_files_cleanup_dir:
<Daviey> zul: bug 930139 is fixed in both ks and ksl?
<uvirtbot> Launchpad bug 930139 in keystone "Add dbconfig support in Keystone" [Undecided,Fix released] https://launchpad.net/bugs/930139
<zul> just ks ill get to the ksl after im done the uploads
<Daviey> zul: cool
<Daviey> adam_g: How are the charms looking for ksl?
<uvirtbot> New bug: #930231 in samba (main) "smbd crashed with SIGABRT in set_nt_acl()" [Undecided,New] https://launchpad.net/bugs/930231
<Tixos> can someone please paste me their cron for php5.3
<Tixos> /etc/cron.d/php5
<undecim> What does it mean when my (10.04) server responds to a ping, but I can'
<undecim> t ssh to it, and there is no sign in /var/log that the system even booted
<Tixos> how are you seeing /var/log if you cant ssh in
<undecim> Took the hard drive out
<undecim> looking at it with a SATA-USB adapter
<Tixos> lol
<undecim> It's clearly using the static IP from /etc/network/interfaces. I changed it and the IP changed
<Tixos> how do you know if ssh was running
<Tixos> what error did you get from trying to connect via ssh?
<undecim> Because every other time I started the system (though admittedly only twice) ssh started
<undecim> This time the system doesn't even seem to be booting, except that it responds
<Tixos> so boot it again
<undecim> connection refused
<undecim> nmap indicates all ports are closed
<Tixos> how have you installed this?
<lynxman> jamespage: question for you, what would be the best way to clean a copyright file?
<Tixos> what changes have you made?
<Tixos> if it worked before, it indicates you broke something :)
<jamespage> lynxman, update it? hmm
<jamespage> licensecheck -r * is a good start
<lynxman> jamespage: cool ty
<undecim> 10.04 server amd64, sda1 for / and sdb, sdc in RAID 1 for /home
<hallyn> SpamapS: jodh: say, exactly which script sections in an upstart job are run with 'set -e'?
<hallyn> only pre-start?
<undecim> Tixos: Yes, I'm sure I broke something, but that's what I'm trying to find
<undecim> Tixos: What boggles my mind is that the network is started, but nothing is logged
<lynxman> jamespage: I'm trying to solve lintian complaining about ipxe source: syntax-error-in-dep5-copyright paragraph 6 after the field
<cjs226> running into an issue where omrelp doesn't send all logs to the remote server even though *.* is used.  for example, php errors aren't sent.  any ideas?
<jamespage> lynxman, read http://dep.debian.net/deps/dep5/
<jamespage> its probably an empty line in a license block
<lynxman> jamespage: k
<hallyn> no, i guess 'script' is also
<hallyn> and post-stop.  ok, not sure why i thoughtonly pre-start did.  oh weel
<SpamapS> hallyn: all
<hallyn> SpamapS: yup, thanks :)
<lynxman> jamespage: ipxe pushed to the branch ready for review (again)
<jamespage> lynxman, OK - lemme take a look
<roaksoax> Daviey: so what's up?
<Tixos> can someone please paste me their PHP cron job !
<uvirtbot> New bug: #930255 in keystone (universe) "Keystone's precise dbconfig uses incorrect case for roles." [Undecided,New] https://launchpad.net/bugs/930255
<jamespage> lynxman, all looks OK apart from the get-orig-source target - mind if I take a stab at getting it working right?
<lynxman> jamespage: oh please do :) both Daviey and I worked on that one but somehow it wasn't 100% right on the spot
<lynxman> jamespage: will be happy to copycat your optimisation for future packages *whistles*
<jamespage> lol
<jamespage> its not helped by the crap version numbering
<jamespage> sorry  I should have said 'bad'
<lynxman> jamespage: since the upstream maintainer didn't want to change it I couldn't myself :/
<uvirtbot> New bug: #930266 in ntp (main) "Add samba4 ntp signing socket to ntpd apparmor profile" [Undecided,New] https://launchpad.net/bugs/930266
<hallyn> SpamapS: if job b is 'start on starting a', will b start before a's pre-start script section?
<SpamapS> hallyn: yes
<hallyn> excellent.  thanks.
<SpamapS> hallyn: b will start before a's goal is even changed to 'start'
<hallyn> SpamapS: and pre-start runs after 'goal' is set to start?
<hallyn> stgraber: http://people.canonical.com/~serge/lxc.debdiff is working for me so far.  do you have time to do the ureadahead+udevtrigger changes?  (then i'll try the console changes in lxc source, and a kernel patch for remount,ro)
<uvirtbot> New bug: #930280 in bind9 (main) "AppArmor profile for named prevents reading of samba4 zone and keytab" [Undecided,New] https://launchpad.net/bugs/930280
<SpamapS> hallyn: right.
<stgraber> hallyn: any reason not to keep --no-restart-on-upgrade?
<hallyn> stgraber: because the upstart jobs are smart enough not to mess up (i hope)
<hallyn> stgraber: lxc.conf won't shut down containers unless entering runlevel [016],
<hallyn> and lxc-net.conf won't shut down network if there are attached nics
<hallyn> so, it wouldn't hurt, but i don't think it's needed
<jamespage> lynxman, OK I think this works  - http://paste.ubuntu.com/836806/
<lynxman> jamespage: and it looks a lot smoother than mine :)
<jamespage> the rules file was trying to parse an iso/unix date from the version string which did not exist
<jamespage> this just grabs the latest snapshot and increments that awkward prefix number used in the upstream version
<stgraber> hallyn: I "think" I'd prefer that we drop these checks from the job and use --no-restart-on-upgrade. Because I can see some people expecting "stop lxc" to stop their containers and "start lxc" to start them
<stgraber> hallyn: with the current jobs, they'd have to figure out they need to set RUNLEVEL
<jamespage> lynxman, so 1.0.0+git-3.55f6c88 -> 1.0.0+git-4.d3630b6
<jamespage> based on the snapshot now...
<lynxman> jamespage: sounds good to me
<jamespage> OK
<lynxman> jamespage: all the changes I did are good anyway
<jamespage> yep
<hallyn> stgraber: hm.  guess that makes sense
<hallyn> SpamapS: so if b is 'stop on stopped a', will b's post-stop happen after a is stopped?  (I assume so)
<SpamapS> hallyn: yes
<uvirtbot> New bug: #930285 in lxc (universe) "lxc & hpsa driver" [Undecided,New] https://launchpad.net/bugs/930285
<SpamapS> hallyn: init/job.c job_next_state is quite easy to read the state progressions, and then job_change_state shows what happens when each one changes
<hallyn> stgraber: so what do you think lxc-net.conf should do at post-stop if lxcbr0 has attached interfaces?  exit with failure?  forcibly detach?
<hallyn> i'll continue to just not shut it down and NOT return error
<hallyn> SpamapS: ok
<stgraber> hallyn: I belive the current behaviour of lxc-net is correct
<jamespage> lynxman, all looks good (did a quick test as well)  uploading now
<lynxman> jamespage: cool, thank you sir :)
<jamespage> lynxman, np - thanks for being patient with my constant feedback!
<lynxman> jamespage: my pleasure
 * lynxman goes back to his jamespage shrine to pray some more
<smoser> utlemming, was just thinking as this bit me.
<jamespage> SpamapS, hey
<smoser> ubuntu-cloudimg-query uses https to cloud-images.ubuntu.com
<jamespage> nice spot on the jenkins reload problem
<jamespage> could be an issue with java server stuff generally TBH
<smoser> thats good (to avoid spoofing), but for the data transfer, it means that it wont be proxied (http_proxy=) which sucks.
 * jamespage ponders whether zookeeper does the same thing
<smoser> so just thinking that with the new data, including checksums and signatures, hopefully we can get the important data over https and the bulk over http
<utlemming> smoser: that is what I was just thinking
<utlemming> smoser: the new meta-data coming over https will give the authenticity with checksums, which should be more than adiquete to discover a man-in-the-middle
<utlemming> smoser: for the bulk data
<smoser> right.
<smoser> so maybe we need to publish 'mirrors' at /query2 ?
<SpamapS> jamespage: HUP needs to be handled. :)
<SpamapS> jamespage: enjoy your weekend, we'll discuss that next week. :)
<smoser> do you think ? so you could actually discover that http://cloud-images.ubuntu.com is a http mirror of https://cloud-images.ubuntu.com
<utlemming> smoser: I am not sure I follow your line of thought here
<smoser> th file data has some 'file_path' right?
<utlemming> smoser: yes
<smoser> and you have to somehow know that that file_path is to be appended to https://cloud-images.ubuntu.com/
<smoser> to actually get a full url
<smoser> but in /query, should we have data that indicates mirrors
<smoser> authoritative_mirror: https://cloud-images.ubuntu.com/
<utlemming> smoser: ah, that makes sense
<smoser> mirrors: http://cloud-images.ubuntu.com, http://cloud-images-data.s3.amazonaws.com
<smoser> something like that.
<utlemming> ok, I follow now
<hallyn> stgraber: all right, new http://people.canonical.com/~serge/lxc.debdiff appears to be working perfectly  (shoulda done this ages ago)
<hallyn> arguing with myself over whether to push this, or wait until i fold in another change
<stgraber> hallyn: looks good
<hallyn> man, all these snprintfs in lxc start should be checked for overrun...
<roaksoax> smoser: ping
<smoser> here roaksoax
<roaksoax> smoser: bug #930233 so... while I don't have any argument against using squid-deb-proxy, back when we decided to go with squid directly was because using default s-d-p created lots of archive errors so we decided to go with our own custom squid confug
<uvirtbot> Launchpad bug 930233 in orchestra "consider using squid-deb-proxy for proxy solution" [Undecided,New] https://launchpad.net/bugs/930233
<roaksoax> smoser: the squid config is based on the config used internally IIRC
<smoser> that was commonly believed
<smoser> but i dont think true
<smoser> anyway... it makes all the sense in the world to get it done right in one place.
<roaksoax> smoser: i agree with you
<roaksoax> smoser: either way, s-d-p is just squid3 + custom config + avahi for auto discovery
<roaksoax> right?
<smoser> right.
<smoser> yeah, the avahi is a wart to us
<smoser> but...
<roaksoax> smoser: i don't have a problem switching completely to stock s-d-p as long as we can ensure that nothing breaks
<roaksoax> and we save ourselves the hasle of having to ship a custom squid config
<smoser> sounds like a plan to me.
<smoser> the one thing i wish squid could do that i don't think it can is to say "this group of base urls are all the same"
<smoser> i think apt-cacher-ng can do that.
<smoser> ie, http://us.archive.ubuntu.com/ubuntu and http://archive.ubuntu.com/ubuntu are the same
<smoser> but squid does not know that.
<roaksoax> smoser: right, but isn't it that archive.u.c is in the UK while us.a.u.c is actually a mirror in the US?
<smoser> that would make sense, wouldnt it
<smoser> :)
<smoser> they're the same.
<smoser> but the knowledge of "just act like these are the same" is beneficial
<roaksoax> interesting
<smoser> as if you have one machine that uses archive.ubuntu.com and most use us.archive.ubuntu.com
<smoser> you get no benefit on the one machine
<smoser> and duplicate data all throughout your squid cache
<smoser> (even if they weren't *actually* round robin mirrors anyway)
<roaksoax> smoser: yeah
<hallyn> stgraber: doing the lxc console and tty move during lxc startup doesn't work because /dev gets remounted by the container itself...
<hallyn> stgraber: i think we might just have to leave that bug open until next cycle and use it to drive device ns
<stgraber> hallyn: hmm, no, /dev is mounted by lxc and left alone by mountall
<mgw> is there a way to keep the orchestra-server installer from doing an immediate import of various ISOs upon install?
<hallyn> stgraber: well hmm.
<hallyn> d'oh.  lemme try again
<uvirtbot> New bug: #800520 in lxc (universe) "default fstab could be expanded" [Low,Fix released] https://launchpad.net/bugs/800520
<undecim> How do I automatically start my RAID before partitions are mounted?
<WarDekar> hey I'm running 10.04LTS with command-line only and am having trouble figuring out how to connect to a PPTP server and route all network traffic through it, does anyone have any good links on how to set it up? there are so many on google and every one i've tried hasn't worked
<kirkland> smoser: https://bugs.launchpad.net/ubuntu/+source/orchestra/+bug/930233 :-)
<uvirtbot> Launchpad bug 930233 in orchestra "consider using squid-deb-proxy for proxy solution" [Wishlist,Confirmed]
<hallyn> stgraber: all right, well i think i have all the devices set up right, but either getty or login appears to be unhappy with 'lxc/console'
<kirkland> smoser: that's where we started :-P
<hallyn> stgraber: d'oh
<hallyn> i'm a loser today.  i know the problem.
<smoser> kirkland, yeah. i know.
<smoser> i sent some flame bait to an internal list, hoping to get some people to tell me "you're doing it all wrong"
<smoser> and what i got back was "really... you should be using squid-deb-proxy"
<hallyn> stgraber: id on't have any speed issues like you had.  works fine for me.  only issue is, lxc/* needs to be added to securetty, not sure where we want to do that
<smoser> it makes sense to have one thing that is done right.
<hallyn> lemme wrap this up and put a bow on it and hand it over to you
<kirkland> smoser: fair enough, i *so* wanted squid-deb-proxy to "just work"
<smoser> smb, you still around ?
<kirkland> smoser: but it "just didn't"
<kirkland> smoser: so hopefully you'll have more success than me there
<kirkland> smoser: good luck ;-)
<smoser> smb, if so.. bug https://bugs.launchpad.net/ubuntu/+source/linux-ec2/+bug/929941
<uvirtbot> Launchpad bug 929941 in linux-ec2 "Kernel deadlock in scheduler on m2.2xlarge EC2 instance" [Undecided,New]
<smoser> kirkland, well, the issue that made me stay away from it was no ppas
<smoser> but that has since been easily configurablelly resolved.
<smoser> and then i think we *thought* we saw more missmatch issues with it compared to some other solution
<stgraber> hallyn: yeah, I'm really not sure what went wrong with the speed configuration here ... anyway, if it works the way you did it, yeah!
<smoser> but i doubt we had hard data on that.
<undecim> can someone tell me wtf is going on with this /proc/mdstat? http://pastebin.com/6rJ4DUFr
<kirkland> smoser: I think we also needed support for s-d-p in the server installer itself
<kirkland> smoser: whereas it was pretty trivial to just set an http proxy in d-i
<kirkland> smoser: but that may have been solved since then too
<smoser> s-d-p is just a squid proxy
<hallyn> stgraber: http://people.canonical.com/~serge/lxc2.debdiff   that works (on top of http://people.canonical.com/~serge/lxc.debdiff for upstart),
<hallyn> stgraber: but like i say there's the issue of /etc/securetty
<hallyn> stgraber: (if we decide to go through with it we can squash them into one commit of course)
<hallyn> while you stew on that i'll go see about the kernel patch
<hallyn> although, maybe we're better off just using an apparmor mount rule to say "you can't mount --remount /"
<stgraber> patch looks good, for securetty it's indeed problematic especially as our default user is root ...
<stgraber> for 12.04, it's easy, we can simply add them to securetty in the login package
<stgraber> as usual previous releases and other distros are the problem
<stgraber> can we make the feature optional requiring a flag in the container config?
<stgraber> then we could have it off by default in lxc itself and turn it on for lxc-ubuntu for >= precise
<hallyn> or, we could take the opportunity to add 'ubuntu:ubuntu' everywhere and recommending doing 'su root' with password root
<hallyn> that would sync with the ubuntu-cloud template
<stgraber> hallyn: I guess we should do that on top of the rest, people upgrading their machine to Precise won't understand why they can't enter their old containers and some people will also wonder why they can't login as root after setting a password to root
<hallyn> all right - i just hate adding cruft into the config namespace if we dont' have to
<stgraber> agreed though this one seems worth it as it's a high potential for regression on upgrades not to mention being confusing to users
<hallyn> lag.  hate lag.
<stgraber> hallyn: can you confirm that adding lxc/console lxc/tty1 lxc/tty2 lxc/tty3 and lxc/tty4 to /etc/securetty works for you?
<hallyn> stgraber: ok.  it'll make the patch a bit more involved.  do you think we should push the upstart patch now?
<stgraber> if so, I'll upload login
<stgraber> yeah, I guess you can upload the upstart change now, that'll give more time for people to complain about potential regressions :)
<hallyn> upload login?
<hallyn> oh
<hallyn> stgraber: yes, it works for me.
<stgraber> ok, will upload login in a few minutes then
<mgw> soâ¦ is it possible to use in-target late command to run a puppet manifest that installs additional packages?
<hallyn> hm, kernel patch may have been even simpler than i'd hoped.  (but let's see if it compiles :)
<smoser> utlemming, you have thoughts on boto 2.2.1 ?
<Daviey> smoser: have you smoked it?
<smoser> for 10  minutes.
<smoser> :)
<smoser> during development of https://review.openstack.org/#change,4025
<Daviey> development?
<Daviey> i don't follow, that isn't your code?
<smoser> well, when i was doing that, i was using new boto.
<smoser> thats not my cde ?
<smoser> it has my name on it.
<Daviey> ah, sorry - i opened the wrong tab
<smoser> phew!
<Daviey> ETOOMANY gerrits
<smoser> i was concerned i'd forgotten my name again
<smoser> new boto has that hot new function everyone is talking about
<smoser> https://github.com/boto/boto/pull/432
<Daviey> that is a must have
<mgw> is there any reason an in-target script that installs orchestra-server would hang indefinitely? I finally got the install to continue by logging in on another console and killing the dpkg command
<smoser> mgw, rabbitmq?
<mgw> smoser: rabbitmq?
<smoser> i sweare i saw a hang like that the other day, but dont remember when
<smoser> oh.. nah it wasnt in install, it was thorugh devstack.
<smoser> mgw, the dpkg can take a logn time.
<smoser> but it should not hang permenently.
<hallyn> stgraber: do you think we should make it "lxc.ttydir = lxc" (more flexible) or just "lxc.devlxctty = 1" (0 by default)?
<mgw> there was zero outputto /var/log/dpkg.log for 30 min
<mgw> and nothing to syslog either
<jdstrand> hallyn: hey, if I am using juju, am I supposed to expect that the container is going to come up right if lxc-start is confined with apparmor?
<mgw> after doing a chroot
<mgw> to the installed system
<hallyn> jdstrand: on precise?  yes
<hallyn> well,
<mgw> smoser: I'll paste the dpkg command
<hallyn> probably, though i don't know what weirdness juju introduces i suppose
<jdstrand> let me try to disable the apparmor profile to see if that helps
<hallyn> but we're nto doing any pathname-based restrictions right now
<stgraber> hallyn: we can go with the flexible option (assuming not setting it will just default to nothing => /dev)
<jdstrand> hallyn: are there any limitations with using lxc inside of kvm?
<mgw> smoser: https://raw.github.com/gist/4d81aa0b55fe2f01ac49/43f981b1594ef3fbd0ea5a9ffe625959988c6d0e/gistfile1.txt
<mgw> everything I checked had already been installed
<hallyn> jdstrand: none
<smoser> mgw, do you have a client that pastebins' to gists?
<stgraber> hallyn: shadow uploaded for the securetty change
<mgw> no, why?
<smoser> just curios
<smoser> because i've wanted one
<smoser> :)
<mgw> smoser: wget ?
<mgw> or curl
<mgw> ;-)
<mgw> 2012-02-10 11:37:04 status half-configured ubuntu-orchestra-provisioning-server 2.21-0ubuntu2.1
<mgw> that was the last line of dpkg.log
<jdstrand> hallyn: should I be using a precise guest or is precise host enough?
<mgw> from another server where I did the orchestra install outside of the ubuntu installer, i see there's one more line:
<hallyn> jdstrand: older guests are supposed to work
<mgw> 2012-02-07 17:16:03 status installed ubuntu-orchestra-provisioning-server 2.21-0ubuntu2.1
<mgw> smoser: would it be normal to take 30+ min between those two log entries?
<smoser> mgw, i dont know.
<smoser> its the kind of thing you only pay attention to when it fails
<Daviey> soren: around?
<smoser> one thing that could have gone wrong.. there is no libperl5.12 now
<smoser> mgw, but also possible tha tthere is a quesiton being asked in debconf.. i'n not sure if that'd cause hang or not.
<smoser> roaksoax, ^
<Daviey> zul: are we not using UNRELEASED pcoket for openstack staged uploads?
<zul> Daviey: yes we are
<Daviey> zul: ah, great - thanks
<mgw> smoser: I think it would, but this exact puppet manifest I've installed many times from a regular shell and there are no debconf questions
<smoser> mgw, it might not in the installer
<smoser> but if it is, then we should fix that.
<smoser> DEBIAN_FRONTEND=non-interactive and force conf old
<smoser> mgw, you did this in late_command ?
<smoser> via cobbler?
<smoser> i'm being prompted for nagios3-cgi
<mgw> DEBIAN_FRONTEND=non-interactive and force conf old
<mgw> What does that do?
<smoser> makes debconf not ask you annoying questions
<mgw> does that need to be done in-target/
<mgw> ?
<smoser> http://paste.ubuntu.com/837052/
<smoser> mgw, i'm not sure actually. i know at one point i pulled haair out
<smoser> and fought to get the in-target environment set up well.
<mgw> one sec, posting my late command
<soren> Daviey: Um... Ok.
<soren> Daviey: 'sup?
<mgw> smoser: https://gist.github.com/088aab0ed8bd3ee8dc75
<Daviey> soren: Did you say you were unhappy with using UNRELEASED pcoket in d/changelog?
<mgw> maybe I should add what you pasted in my in-target subshell
<smoser> mgw, well, what i suspect has happened is that some process has stdin or stdout open
<smoser> and by doing that, the chroot (via in-target) wont exit
<mgw> hmm
<mgw> so something puppet is installing perhaps
<smoser> mgw, i asked specifically about rabbitmq because i'd seen that there
<smoser> bug 878600
<uvirtbot> Launchpad bug 878600 in rabbitmq-server "service start rabbitmq-server' does not fully detach from parent" [Medium,Fix released] https://launchpad.net/bugs/878600
<jdstrand> stgraber: is lxc-ls supposed to require sudo?
<stgraber> jdstrand: no
<mgw> smoser: thanks; any suggestion (once I get back to that point in the install process) how to determine what, if anything, has stdin/out open?
<jdstrand> stgraber: /usr/bin/lxc-ls: line 35: cd: /sys/fs/cgroup/cpuset///lxc: Permission denied
<jdstrand> that is indeed root owned and not world readable
<guntbert> are there known issues when installing in a XEN PV vps? I keep getting dropped to busybox with the error message "ALERT! /dev/disk/by-uuid/....... does not exist. In fact /dev/disk-by-uuid   doesn't exist itself..
<stgraber> jdstrand: hmm, it works here ... (no permission denied)
<stgraber> hallyn: ^
<guntbert> after the reboot after installing, that is...
<stgraber> though lxc-list seems to require sudo for some reason (it doesn't crash but it doesn't show the running containers)
<hallyn> smoser has seen this before
<hallyn> stgraber: it's supposed to show running containers without sudo
<hallyn> jdstrand: do you have cgroup-bin or cgroup-lite installed?
<jdstrand> I do have cgroups-lite installed
<smoser> mgw, you can swear a lot.
<smoser> that might help
<smoser> :)
<smoser> mgw, i think it was just plain bisecting stuff that got me to finding rabbitmq.
<hallyn> jdstrand: uptodate precise for sure?
<smoser> mgw, its probably a daemon process running (and see what is running with 'ps' the list is likely not that long)
<jdstrand> hallyn: the host might be out of date. let me try that
<smoser> hallyn, i tihnk i fixed this in a branch somewhere.
<hallyn> smoser: fixed it in what?
<smoser> ah. i fixed the  lxc-ls bug
<smoser> but you nack'd it.
<jdstrand> hallyn: cgroup-lite is what I want though?
<hallyn> yeah
<stgraber> stgraber@castiana:~$ lxc-info -n qatracker01
<stgraber> lxc-info: failed to get state for 'qatracker01': Permission denied
<smoser> but i  must have not really submitted it.
<stgraber> hallyn: ^
<stgraber> hallyn: that's why it doesn't show up in lxc-list for me
<hallyn> oh, lxc-info
<smoser> jdstrand, do you have btrfs ?
<jdstrand> smoser: I like my data :P
<jdstrand> smoser: that means 'no' :)
<hallyn> stgraber:lxc-ls doesn't use lxc-info
<stgraber> hallyn: indeed and lxc-ls works for me
<smoser> jdstrand, well, good, then you are hitting it outside of my code, that i thought might be cuasing it.
<stgraber> hallyn: I said above that I couldn't reproduce jdstrand's issue with lxc-ls but that I seem to have an issue with lxc-list not showing running containers
<stgraber> hallyn: I guess we'd need to make lxc-list either not use lxc-info or have it require root
<hallyn> i feel a certain resentment having lxc-list dumped on me
<hallyn> but more to the point, i can't find where lxc-info comes from
<soren> Daviey: Yes.
<hallyn> oh there
<soren> Daviey: I mean.. it's fine (and expected) for work-in-progress stuff.
<hallyn> stgraber: yeah, bc lxc-info require perms to get state appears to be a feature (in src/lxc/state.c)
<Daviey> soren: Did you encounter one that got uploaded?
<soren> Daviey: Perhaps I'm getting thrown off by the fact that ~openstack-ubuntu-packagers/nova/ubuntu isn't the packaging branch you're using.
<soren> Daviey: ..beucase I think that's where I saw it.
<hallyn> jdstrand: i think your lxc would have to be older than 0.7.5-3ubuntu6 to have the error you're getting.  or older than 0.7.5-3ubuntu8 to get something similar
<hallyn> else the bug perlexes me
<hallyn> perplexes even
<smoser> hallyn, bah. you're just pretending to not see things.
<jdstrand> well, I've blown away the vm and trying another
<smoser> i reported with something newer than that.
<hallyn> smoser: wer eyou also using juju?
<smoser> juju just uses lxc
<hallyn> huh?
<mgw> smoser: thanks for your help, i'll let you know if i figure anything out
<smoser> mgw, fwiw, i just tried http://paste.ubuntu.com/837080/
<smoser> on a fresh instance
<smoser> (or 'to' a fresh instance)
<soren> Daviey: I'm beginning to sound like a broken record... but where is your packaging branch again?
<smoser> and it came back
 * jdstrand is downloading 0.7.5-3ubuntu22 now
<smoser> so, mgw what i'm saying is I didn't see any issue with one of those packages launching a daemon incorrectly.
<mgw> ok
<mgw> smoser: at the moment I'm running my same script but with puppet installing fewer packages
<smoser> mgw, oh.
<smoser> one thing you could do
<smoser> is just close stdin and stdout  and stderr
<smoser> then they *couldn't* be left open
<smoser> (ie, close them before running anything in shell)
<mgw> rightâ¦ how do you do that?
<soren> Ah, yes.
<mgw> (or rather, How do I do that0
<mgw> )
<soren> Daviey: found it.
<smoser> mgw, sh -c ' exec 0<&- 1>&- 2>&- ;'
<smoser> that closes stdin out and err
<mgw> smoser: thanks
<smoser> for you you might just want to close stdin and redirect stdout and err to a file even
<smoser> but one inside the chroot
<mgw> yeah âll just add that to the beginning of my bash -c line in late command
<soren> Daviey: What's the logic behind naming it "essex" rather than "precise"?
<smoser> sh -c ' exec 0<&- 1>/root/in-target.stdout 2>/root/in-target.stderr ; .... '
<smoser> mgw, ^
<smoser> mgw, but if a package/daemon is misbehaving that will just hide it
<hallyn> jdstrand: say, can you pastebin output of /proc/mounts and ls -l /sys/fs/cgroup and ls -l /sys/fs/cgroup/cpuset?
<smoser> and i'd like to fix it.
<hallyn> jdstrand: (i couldn't reproduce here with new oneiric container, but of course i'd have to start with fresh cgroup mounts to recreate bad mkdir of /sys/fs/cgroup/cpuset/lxc)
<jdstrand> hallyn: ok, I got my precise vm up to date, rebooted, then install lxc etal and now it seems to be working
<jdstrand> $ lxc-ls
<jdstrand> jamie-local-0-template
<jdstrand> I had a kernel update in there-- maybe it was that
<hallyn> jdstrand: ok if it happens again with uptodate precise please open a bug.
<hallyn> possible
<jdstrand> hallyn: thanks and thanks for trying to reproduce
<hallyn> actually apparmor *coudl* be it with an olde rkernel, though not for cgroup accesses...  <shakes head>
<jdstrand> I removed the lxc-start profile
<jdstrand> *shrug*
<jdstrand> hallyn: meh, now I see it :(
<hallyn> without even a reboot?
<jdstrand> $ lxc-ls
<jdstrand> jamie-local-0-template	jamie-local-wordpress-0
<jdstrand> /usr/bin/lxc-ls: line 35: cd: /sys/fs/cgroup/cpuset///lxc: Permission denied
<jdstrand> notice, before I could see jamie-local-0-template fine
<jdstrand> I tried to start jamie-local-wordpress-0 via juju, and got this error
<jdstrand> /sys/fs/cgroup/cpuset///lxc is 700
<hallyn> ok juju must mess with it somehow
<hallyn> especially if it worked before, then you ran juju, and it change the perms
<jdstrand> I tend to agree
<hallyn> stgraber: http://people.canonical.com/~serge/lxc4.debdiff
<hallyn> stgraber: with that, if you add 'lxc.devttydir = lxc', then console + tty{1-4} get set up in /dev/lxc/
<hallyn> stgraber: (i could'nt just to 'lxc.ttydir' bc of shortxcomings in the confile parsing)
<jdstrand> hallyn: if I destroy the service (the lxc instance), lxc-ls works again, but the directory is still 700
<hallyn> jdstrand: yes, lxc doesn't chmod it, it just specifies a good mode when it mkdirs
<hallyn> jdstrand: you can just chmod it by hand
<hallyn> chmod 755 /sys/fs/cgroup/*/lxc
<jdstrand> hallyn: well, I'm saying I get back to seeing jamie-local-0-template
<jdstrand> I think it is a different code path that is being taking
<hallyn> all in lxc-ls?
<jdstrand> hallyn: yes in lxc-ls
<stgraber> hallyn: cool!
<hallyn> stgraber: do you midn testing that debdiff - and maybe adding a 'adduser + chroot' for ubuntu:ubuntu in the lxc-ubuntu.in template, if you're ok with the patch?
<hallyn> jdstrand: can you open a bug against juju+lxc with very precise reproduction instructions?
<stgraber> hallyn: yeah, I can test it and do the template changes
<hallyn> stgraber: thanks!
<mgw> smoser: on a different (related) subject â do you know if there is a debconf option to *not* run orchestra-import-isos on install?
<mgw> actually, nm
<mgw> bug 892328
<uvirtbot> Launchpad bug 892328 in orchestra "debconf question to run orchestra-import-isos or not during installation" [Medium,Fix released] https://launchpad.net/bugs/892328
<smoser> mgw, yes. ther eis.
<smoser> yeah.
<stgraber> hallyn: does setting "lxc.ttydir = " mean the same thing as not setting it?
<mgw> smoser: but that's not in a stable release yet :-(
<stgraber> *devttydir
<hallyn> stgraber: heh, i didn't test that.  ideally yea
<smoser> stable, what fun is that.
<mgw> hey, i'm pushing things going with non LTS
<mgw> We might be bleeding edge company, but we still have to keep our systems sta ble
<mgw> btw, my late command ran fine without the orchestra install â now i've added the redirects and am trying again with orchestra
<jdstrand> hallyn: bug 930430
<uvirtbot> Launchpad bug 930430 in lxc "lxc-ls requires root access after deploying an LXC instance" [Undecided,New] https://launchpad.net/bugs/930430
<hallyn> jdstrand: thanks
<Daviey> zul: why do we build-dep on python-all-dev ?
<Daviey> (for nova)
<uvirtbot> New bug: #930430 in lxc (universe) "lxc-ls requires root access after deploying an LXC instance" [Undecided,New] https://launchpad.net/bugs/930430
<mgw> smoser: awesome, it worked!
<mgw> would it make sense to patch in-target to automatically do the redirect?
<mgw> actually it didn't work
<mgw> smoser: it caused everything after it to simply not run
<mgw> (after the redirect)
<smoser> mgw, i suspect you had some syntax error.
<smoser> but i dont know where it would have gotten placed.
<smoser> (ie, where youd' see the output of the error.
<smoser> i have to run..
<smoser> sorry
<mgw> smoser: ok
<mgw> ty
<smoser> later.
<stgraber> hallyn: running test build now, did quite a few more changes in the template
<stgraber> hallyn: for some reason we were modifying /etc/dhcp/dhclient.conf to basically set the same value "<hostname>" in it means, use whatever is the current hostname
<stgraber> hallyn: I also made the code removing tty[56] to be < Precise
<stgraber> hallyn: and moved another udev config change to also < Precise (this one might need fixing in udev if it still affects us)
<hallyn> stgraber: sounds good.  now are you also adding the to the template to add 'lxc.devttydir = lxc' for precise+ contaienrs?  cause i didn't...  or should we leave that up to the user for now?
<stgraber> hallyn: yep, I'm also setting devttydir for >= Precise
<hallyn> and adding ubuntu:ubuntu for all releases?  or did you decide against that?
<hallyn> (it sort of seems like unnecessary tweaking, but...)
<stgraber> ubuntu:ubuntu for all releases, guessing what's the sudo group based on the release
<uvirtbot> New bug: #930444 in keystone (universe) "Keystone Ubuntu Precise dbconfig install broken - show stopper" [Undecided,New] https://launchpad.net/bugs/930444
<hallyn> stgraber: oh, ok - i was figuring we'd count on su and ignore sudo, but that works
<hallyn> stgraber: thanks a lot.  ttyl
<hayer> How can I give the www-data user access to the program hddtemp?
<stgraber> hallyn: seems to work fine, uploading to my ppa now
<hallyn> cool
<hallyn> whats ff date again?  still need to get the ureadahead and friends ... :(
<stgraber> hallyn: 16th
<hallyn> phew
<stgraber> hallyn: lxc built and published in my experimental ppa if you want to give it a try
#ubuntu-server 2012-02-11
<hallyn> stgraber: ido, but can't right now.  will try it later tonight or tomorrow
<stgraber> hallyn: ok, thanks
<hallyn> (if you want to push now, i won't mind...)  thanks, ttyl
<josephoenix> Hello all
<josephoenix> I'm running a bunch of per-user PHP5-FPM pools and for some reason they're dying at irregular intervals.
<josephoenix> I don't see anything around that time in syslog
<josephoenix> Any ideas? :\
<SpamapS> josephoenix: what release of Ubuntu / PHP5 ?
<josephoenix> php5-fpm is 5.3.6-13ubuntu3.5
<josephoenix> Ubuntu 11.10
<josephoenix> Hmmm it was at 6:30 am and there's a cron job running around then.. gonna look into that.
<josephoenix> Nope, the user crons are only @reboot and @monthly
<SpamapS> josephoenix: perhaps there is a bug in php5-fpm .. I'd start logging stderr/stdout.
<SpamapS> josephoenix: also if you haven't disabled core files, try to see if there are any core files from segfaults
<josephoenix> It's about 20 different instances of php5-fpm with a worker or two each that all disappeared around the same time
<josephoenix> If core files are enabled by default, I should be able to get to them. Where do they live, again?
<josephoenix> (Nothing in the php5-fpm log, though there might have been something written to stderr I don't know about)
<hayer> I got a disk that fdisk -l says "system: linux" - how can i make it NTFS? mkfs.ntfs -q /dev/sdb1 dosnt seem to work - it just hangs
<cfc__> ohh cool
<cfc__> there is a server support
<WinstonSmith> ls -al
<WinstonSmith> ah sry
<cfc__> hello all i need help with updateing drivers for my Ethernet card but do not know the command to do this why this is, its cuz i have installed the server on my laptop then transferd it to my desctop since my desktop was unable to load the instalation
<cfc__> thats how you update l?s-al
<cfc__> is here ppl or is this chat dead???
<Daviey> Pushing to ~ubuntu-server-dev/nova/essex/ without review, as it's blocking CI
<uvirtbot> New bug: #929127 in nova "linux_net.ensure_metadata_ip() fails on precise" [High,Fix committed] https://launchpad.net/bugs/929127
<cfc__> hello all i need help with updateing drivers for my Ethernet card but do not know the command to do this why this is, its cuz i have installed the server on my laptop then transferd it to my desctop since my desktop was unable to load the instalation
<exvito> Looking for help on unexpected soft RAID behaviour after replacing failed disk in RAID1 device.
<exvito> 1. Disk failed. 2. Power down. 3. Replace disk. 4. Power up with degraded array. 5. fdisk. 6. mdadm -add. 7. Array syncs. 8 /proc/mdstat looks good. 9. Reboot. 10. Back to degraded array!!
<exvito> ...any hint? :)
<jetole_> Hey guys, this isn't ubuntu specific but this seemed like a good place to ask. I'm a systems engineer in a growing firm and I wanted to know, whats the best way to handle passwords more then one person should have where you can't have seperate passwords like, for example, most our machines use openLDAP for single sign on but then there is a the root password which, as we're expanding I feel I now need to share
<jetole_> like I imagine there is some software someone wants to recommend as a central web based password store or well, I'm jumping to conclusions but I'm sure there is some best practices industry accepted method of doing this
<jetole_> btw, I mention root in the event a machine doesn't connect to the net and someone needs to go to the data center and manually configure it
<cwillu_at_work> jetole, well, given physical access you typically have root anyway
<jetole> cwillu_at_work: so bob the admin I work with needs to go the data center and log in to server42 to find out why it's not connecting to the net and needs the root password. How does he get that root password and where is it stored?
<cwillu_at_work> he has physical access?
<jetole> sure
<jetole> bob and server42 are hypothetical but I'm trying to find a methodology to apply to our real world situation
<cwillu_at_work> (sorry, sec)
<jetole> maybe he needs access to switch12 which doesn't support radius or multiple users
<cwillu_at_work> jetole, how do you secure physical access?
<cwillu_at_work> (i.e., why can't they just reboot, and bring up the recovery console?)
<jetole> cwillu_at_work: well the data center which is one of the largest in the world takes care of that. Our cabinet is locked and the keys never leave the site. We provide ACL's to the data center of whom has access to what
<cwillu_at_work> jetole, then why not just let that be your local auth?
<cwillu_at_work> i.e., console user has root privileges
<jetole> cwillu_at_work: well in most cases they can though I think ubuntu 10.04 which is our primary OS has password issues with boot into single user more (I think, not positive) but then what about switch12 for example
<cwillu_at_work> single user mode will permit a root login without password, it's just a config option
<jetole> cwillu_at_work: I'm sure there has to be lots of other circumstances I can't think of at the moment to make this a legitimate question. no?
<cwillu_at_work> switch12 is another matter, but I fail to see how this really relates to that :p
<jetole> cwillu_at_work: well the question is how do I store passwords where it's not an individual users password
<jetole> I guess I just feel, and maybe I'm mistaken but, I feel, some things need to be shared but I need to implement some form of ACL as to who has access to those things
<cwillu_at_work> one approach would be to have a audited and secure database of server root passwords
<cwillu_at_work> index cards in envelops in a vault, for instance :p
<jetole> cwillu_at_work: I considered that and was part of the conclusion I jumped to but if so, I hope someone has already designed a package to manage this
<jetole> ha
<cwillu_at_work> you could also do that plus an otp system
<jetole> a little too 18th century for my taste at index cards in vault
<jetole> otp?
<cwillu_at_work> one-time-password
<cwillu_at_work> either a pregenerated list which have to be used in order (thereby making it obvious from an audit standpoint), or any number of more sophisticated approaches
<cwillu_at_work> the list approach has the benefit of being quite practical with index cards
<jetole> hmmm. Don't know how I would do that. I know ssh has a mechanism for that but don't know how that would be applied to a physical system or then again other objects like I know we have a few switches this would apply to
<cwillu_at_work> (and don't scoff at that, index cards still work when the password server blows up
<jetole> hmmm. good point at list and auditing
<jetole> well another big project is we're eliminating all single points of failure
<jetole> HA throughout the house
<jetole> but I like it as far as auditing is concerned
<cwillu_at_work> just remember that physical access == root access
<jetole> also, can you think of another good room for me to ask about this in?
<cwillu_at_work> the most you can do is encrypt the data such that one _has_ to be there with a password to unlock it
<jetole> cwillu_at_work: yeah I know. It's not all nessecarily physical access. Last night I had to give another engineer the windows admin password so he could log into a system that wasn't playing well with active directory and fix that and the system was actually a VM
<cwillu_at_work> not off-hand; lots of random technical channels' -offtopic channels have knowledgeable people though
<jetole> cwillu_at_work: nah. That level of access isn't really a concern of mine at the moment
<cwillu_at_work> jetole, in which case, access to the host is root to the vm :p
<jetole> cwillu_at_work: I'd still like to find a means to manage these passwords if I can
<jetole> I shouldn't be the only guy where I work to know the root and windows admin passwords
<jetole> though it would be a nice level of job security
<cwillu_at_work> so don't be the only guy
<cwillu_at_work> give the boss an sealed envelop with the root password in it
<jetole> cwillu_at_work: thats the point
<cwillu_at_work> don't make it complicated
<jetole> cwillu_at_work: and if I choose to use a different root password on every host and we have a new host about twice a month?
<cwillu_at_work> jetole, I'll leave that as an exercise... :/
<jetole> hehe. Thanks
<cwillu_at_work> (hint:  stationary is cheap)
<jetole> well you have been helpful because you put auditing in a new light
<jetole> I probably use paper more then anyone I work with but it is cumbersome in many applications
<jetole> on another note
<jetole> and speaking of auditing...
<cwillu_at_work> I live and die by my index cards :p
<cwillu_at_work> 4x6 <3
<cwillu_at_work> (unruled)
<jetole> what are some good means to audit actions on Linux servers? I was thinking perhaps prohibit shells through sudo (which is a one step configuration since we use sudo through LDAP) and have ldap email all commands
<cwillu_at_work> hmm, I should actually get some printed up as a business card come to think of it
<cwillu_at_work> jetole, that's a tough game to win
 * jetole has a 6x8 notepad in front of him now and pretty much at all times when sitting at a desk
<jetole> cwillu_at_work: yeah I figured at tough game to win
<cwillu_at_work> logging of all privilege-related stuff to a remote box is a start
<jetole> I looked at, I think the package is auditd but it's a nightmare to decipher and still prone to manipulation
<cfc__> hello all i need help with updateing drivers for my Ethernet card but do not know the command to do this why this is, its cuz i have installed the server on my laptop then transferd it to my desctop since my desktop was unable to load the instalation
<cwillu_at_work> and then providing sufficient infrastructure that people don't feel the need to circumvent the rules to get work done
<jetole> cwillu_at_work: logging to remote box how?
<cwillu_at_work> (if people use the hole they found every day because it's the only way to do foo, you've lost)
<jetole> cwillu_at_work: well let's assume I trust everyone I work with. What are your thoughts on how to log this?
<cwillu_at_work> jetole, rsyslog and company can all write to remote daemons
<jetole> for every command as the command is run?
<cwillu_at_work> no, but that's not really the point
<jetole> oh
<cwillu_at_work> (I'm gonna have to run momentarily)
<jetole> :-(
<jetole> cwillu_at_work: thanks for the help
<cwillu_at_work> have you looked at what gets logged to /var/log/auth.log in the default config?
<jetole> occasionally
 * jetole takes a look now
<cwillu_at_work> you should probably have a good look :p
<jetole> cwillu_at_work: not much
<cwillu_at_work> the important thing is that somebody doing something nefarious or illadvised can't do it without making at least one noteworthy log entry
<jetole> cwillu_at_work: on my home 10.04 desktop I see a log of pam session opened stuff, some RSA stuff involving ssh(d)
<cwillu_at_work> gotta run
<jetole> have fun
<jetole> thanks again
<cwillu_at_work> gonna have to understand that stuff if you want a hope of implementing this :p
<jetole> cwillu_at_work: well yeah. I was asking what it is I need to understand
<cwillu_at_work> jetole, rsyslog and related is a start ;p
<jetole> cfc__: drivers are all kernel modules. You can view them with lsmod, remove them with rmmod, load them with modprobe and install a specific one that has the same name as a known modprobe one but in a different directory by using insmod
<jetole> cwillu_at_work: again, thanks again
<jetole> ;-)
<jetole> cfc__: also have a look at /etc/modprobe.d
<diuneigh> Could I get the assistance of an experienced Ubuntu user? To make a long story short Ubuntu crashed and now I cannot access my encrypted drive. Thank you.
<jetole> diuneigh: why and how?
<jetole> errors? console messages? etc?
<diuneigh> â¢jetoleâ¢ long story...1) installed playonlinux 2) it crashed while trying to get a game to work 3)when I rebooted it would not login and just loop back to the login screen. 4) I googled some solutions and tried them with a console Alt-f2 mode 5) after attempting to fix that problem I was unable to access my encrypted home dir. that is where I am now.. any ideas?
<jetole> diuneigh: this is #ubuntu-server. Try joining the room #ubuntu
<diuneigh> I already did. they suggested I try you as well.
<jetole> diuneigh: your question sound very, very off-topic
<jetole> diuneigh: then they were wrong
<jetole> diuneigh: as the name of the room suggests, this is a room about ubuntu running on a server
<jetole> diuneigh: I'm going to join #ubuntu now and see if I can help you there so let's follow up in that room but don't ask questions in the wrong room even if someone suggests you do
 * jetole will continue this conversation in #ubuntu 
<diuneigh> â¢jetoleâ¢ thanks...
<diuneigh> â¢jetoleâ¢ I am already in that room..
<hallyn> stgraber: d'oh, lxc-delete should delete any symlink in /etc/lxc/auto/
<stgraber> hallyn: it should indeed...
<hallyn> i'm just gonna file that as a low prio bug right now
<mgw> smoser: ping
<hallyn> stgraber: ruh roh - useradd: group 'admin' does not exist
<hallyn> (creating an oneiric container)
<stgraber> oh, that's interesting ...
<stgraber> what's creating the admin group on oneiric then?
<mgw> anybody know why http://x.x.x.x/cblr/svc/op/nopxe/system/foo would be failing to disable pxe boot on system foo?
<mgw> when I wget that url (with my cobbler IP) I get back the content 'false' and netboot is still enabled
<hallyn> stgraber: no idea :)
<stgraber> hallyn: ok, will add a groupadd --system admin || true to the template
<hallyn> soudns good
<hallyn> stgraber: oh.  so, you don't set root:root pwd at all any more?
<stgraber> right
<hallyn> didn't expect that :)  probably for the best, though
<stgraber> the ubuntu way, one account with sudo rights
<stgraber> I guess that's what the cloud images do too
<stgraber> hallyn: empty lxc.devttydir != missing lxc.devttydir :(
<stgraber> hallyn: so the Oneiric container fails with: lxc-start: File exists - failed to create symlink for console
<hallyn> stgraber: all right then i'll need to update the patch.  that's not for tonight
<hallyn> i'm trying to get the kernel patch out the door
<stgraber> hallyn: I have a patched template that will work with the current patch though (simply commenting the line)
<stgraber> hallyn: ok, the patched template works fine. I'll just try and make the default login/password more visible or I'm sure we'll get bug reports
<hallyn> so you'd want to push the package as is and send the patch fix later?
<hallyn> really it should be a one-line fix
<hallyn> stgraber: no wait,
<hallyn> stgraber: apparently we just need to use group 'sudo' everywehre?
<stgraber> I'm not completely sure how far back that worked and I know command-not-found and some others only started looking for 'sudo' in Precise
<stgraber> so we really should be using sudo only from Precise and use admin for previous releases
<hallyn> but admin doesn't exist in previous releases
<hallyn> so i end up with a lucid container where i can't sudo
<stgraber> no, the template I currently have will create the group if it doesn't exist
<hallyn> oh.  sorry.  misunderstood
<hallyn> all right, kernel patch away.  SO isn't here glaring at me yet so lemme try see about fixing the patch fixed too for empty lxc.devttydir.  if id isappear, i'll send it monday
<hallyn> stgraber: http://people.canonical.com/~serge/0040-consoles-into-devlxc.patch  you just need the two new lines in confile.c from that patch
<hallyn> (though it also adds DEP3 (or is it DEP5?) tags)
<stgraber> hallyn: http://paste.ubuntu.com/837376/
<hallyn> looks good
<stgraber> hallyn: http://paste.ubuntu.com/837379/
<stgraber> hallyn: anything else or should I do a test build of that, confirm it works for oneiric and precise and then upload?
<hallyn> stgraber: unless you want to add the removng of /etc/lxc/auto/ symlinks on delete, i say push
<hallyn> (maybe test a lucid container too...)
<hallyn> btw the symlink removing could get murky...  depending on how admins behave
<stgraber> hallyn: right, I guess it's not too bad in most cases because a devtmpfs is usually mounted on /dev, so even if they move their container back on a physical machine it should still work (or the case where you boot your VM in a container, then boot it back in kvm)
<stgraber> though it might be worth trying to cleanup on shutdown (but ignoring any error as we don't really know what the user does in the container)
<uvirtbot> New bug: #930525 in lxc (universe) "lxc-destroy should remove symlink from /etc/lxc/auto/ if it exists" [Undecided,New] https://launchpad.net/bugs/930525
<roaksoax> smoser ?
<roaksoax> smoser what was the issue with thqt half installed package
<hallyn> stgraber: oh, sorry, i meant just the removing of the /etc/lxc/auto symlinks.  though yeah, the /dev/console symlink might bite us one day
<stgraber> hallyn: oh right, different symlink ;)
<stgraber> hallyn: uploading lxc now
<stgraber> hallyn: confirmed to work fine on Oneiric, can't test precise as debootstrap fails (worked fine with an existing container)
<stgraber> hallyn: uploaded
<uvirtbot> New bug: #930551 in quota (main) "System with quota enabled hangs after upgrade to 11.10" [Undecided,New] https://launchpad.net/bugs/930551
<clearwood> Hello I want to ask if anyone kan help me set up my apache server so that it connects to the dir public_html.  Have tried to read a few guides but it does not seem to work.
<dns53> so a per user share or is it just you?
<dns53> have you tried a2enmod mod_userdir ?
<dns53> that should be   sudo a2enmod userdir
<clearwood> yes as a per user share.  Have tried that. I am now looking up the file that I used.
<dns53> well first you need the apache module enabled, then put  the following in   /etc/apache2/sites-avalable/default   :-    UserDir public_html
<clearwood> is it correct with the following to enable the module,
<clearwood> I edit this file: /etc/apache2/apache2.conf
<clearwood> I add the following lines,
<clearwood>  # Turn on userdirs
<clearwood>   <IfModule mod_userdir.c>
<clearwood>     UserDir public_html
<clearwood>     <Directory /home/*/public_html>
<clearwood>       Order allow,deny
<clearwood>       Allow from all
<clearwood>     </Directory>
<clearwood>   </IfModule>
<clearwood> #
<clearwood> is that correct?
<clearwood> are u there?
<dns53> sorry i was distracted
<RoyK> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<dns53>  so if the module is enabled use that rule, is the module enabled?   use a2enmod userdir    is the "debian way"
<RoyK> clearwood: debian/ubuntu uses a set of symlinks in /etc/apache2/mods-enabled to enable/configure mods - the way you use here, is the hard core apache way, which isn't the 'normal' debuntu way
<dns53> normally you would put that in a vhost config   ie /etc/apache2/sites-avalable/default (or  another file in that dir)  which you have also run a2ensite filename
<RoyK> dns53: erm - no
<RoyK> dns53: the userdir is normally global
<RoyK> it might be good to use it under a vhost, though, but that's a choice to make
<dns53> RoyK ok, i have not used it myself but i know it can be done
<clearwood> where do I use a2enmod userdir in the file apache2.conf ?
<RoyK> I use userdir a bit...
<RoyK> clearwood: a2enmod is a command
<RoyK> not a configuration setting
<RoyK> a2enmod creates a symlink under /etc/apache2/mods-enabled pointing to the module and its config under /etc/apache2/mods-available
<RoyK> creating the symlink manually does the same thing
<clearwood> but then I have to type it every time I turn the server on dont I
<RoyK> last I checked, symlinks were persistent ;)
<clearwood> ok Ill try it thanks
<RoyK> remember to restart/reload apache after that
<RoyK> apache2ctl restart/graceful/something
<clearwood> yes
<clearwood> I use this : sudo /etc/init.d/apache2 restart
<RoyK> that works too
<clearwood> I then get this response: Module userdir already enabled
<clearwood> so my problem must be that the directory public_html is not connected
<clearwood> I allso put the following in /etc/apache2/sites-avalable/default UserDir public_html
<clearwood> and rstarted
<clearwood> upon restart I get ... waiting apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName
<clearwood> when I try to access through firefox with
<clearwood> http://127.0.1.1/  I get
<clearwood> It works!
<clearwood> This is the default web page for this server.
<clearwood> The web server software is running but no content has been added, yet.
<clearwood> and I know that theres something in my public_html directory
<clearwood> but it does not show up??
<dns53> so user directories would be http://127.0.0.1/~username/
<clearwood> Then I get the following:
<clearwood> Forbidden
<clearwood> You don't have permission to access /~rub on this server.
<clearwood> ls -l|grep public_html
<clearwood> gives me:
<clearwood> drwxrwxr-x  3 rub  rub     4096 2012-01-28 09:59 public_html
<clearwood> is that by the way to unsecure?
<dns53> you need write on a directory to be able to look inside
<dns53> unless another user is in the "rub" user group you should be fine
<dns53> have you created a .htacces file and included a config line that denied access to the directory?
<dns53> could you try removing your own config from your apache2 config, i wonder if it is using the /etc/apache2/mods-available/userdir.conf file as well as your own config
<clearwood> I lost my connection I am back
<clearwood> where do I find the former comments are they lost forever?
<clearwood> fighting with tryin to set up public_html to my apache server
<clearwood> used a2enmod userdir
<clearwood> but no connection to the directory with firefox to http://127.0.1.1/~username
<clearwood> does anyone know how to set up acces?
<clearwood> please :)
<clearwood> is any one there?
<albert23> clearwood: former comments are at http://irclogs.ubuntu.com/2012/02/11/%23ubuntu-server.html
<hayer> Why does my whole '/' seem to be read-only?
<uvirtbot> New bug: #930652 in lxc (universe) "lxc & swapoff: Not superuser" [Undecided,New] https://launchpad.net/bugs/930652
<orated> Hello! I need some help with NFS configuration. I'm not able to access filesystem on server from client with the following settings - http://paste.ubuntu.com/837967/ Is the config right? How can I fix it?
<patdk-lap> da what?
<patdk-lap> you can't export disks
<patdk-lap> you have to export folders
<orated> Its filesystem what matters isn't it?
<orated> Well in the end of the paste, you can see the config which worked before
<patdk-lap> that doesn't invole stuff in /dev
<orated> yes
<patdk-lap> nfs can't handle filesystems
<patdk-lap> it doesn't work on block level devices
<patdk-lap> use nbd if you want that
<patdk-lap> or the ataoe
<orated> Alright. Is there any command to run after changing exports file on server?
<patdk-lap> yes
<patdk-lap> been too long, don't remember
<orated> restart nfsd and portmap process?
<orated> ah-ok
<orated> What do you use for such purpose?
<jacobw> orated: to restart services?
<jacobw> service foo restart|start|status
<orated> sudo /etc/init.d/portmap restart and same for restarting  nfs-kernel worked
<orated> s/same/likewise*
<jacobw> init.d scripts are the pre-upstart method of running services, some things still provide init.d scripts but most common services now use upstart scripts
<jacobw> anyhow, init.d scripts or upstarts scripts will work.
<jacobw> given the security issues of NFS, its bad a idea to export your root directory to NFS
<orated> ah.. yes. Thanks :) BTW I was trying to edit exports. / 192.168.10.0/24(rw,no_root_squash,async) and /home 192.168.10.0/24(rw,no_root_squash,async)  in exports on server and then 192.168.10.101:/ /mnt/ nfs rsize=8192,wsize=8192,timeo=14,intr 0 0 & 192.168.10.101:/home /mnt/home nfs rsize=8192,wsize=8192,timeo=14,intr 0 0 in fstab on client gives - mount.nfs: Stale NFS file handle error twice
<jacobw> make use previous mount attempts have been umount'd and try to mount to somewhere else
<jacobw> /mnt/nfs1 for example
<orated> Yes, tried that - umount.nfs: /mnt: device is busy
<orated> sec
<jacobw> force with `umount -f`
<orated> I got same error with - umount2: Device or resource busy
<jacobw> hmm, perhaps try `umount -l` for 'lazy umount'
<jacobw> unilateral umount is more accurate description imo
<orated> great!
<jacobw> lol, i've just realised i'm #ubuntu-server not #ubuntu-uk
<orated> heh
<Tixos> hi,i am trying to find out why my page speeds are so slow,   10.53761 seconds  the server speed is very fast using this online tool  http://www.serverscores.com/speedtest
<Tixos> default vhost on apache
<jacobw> what test gives you 10.5 seconds?
<jacobw> i'd guess that 'server speed' is ping and page speed is to receive the http url
<Tixos> yes
<Tixos> why would it be so slow
<jacobw> does your page depend on any database queues?
<Tixos> its default apache,
<Tixos> 'It works' page
<Tixos> i would like to say its DNS, but thats from server IP
<jacobw> slow upstream?
<Tixos> the server is lightning
<jacobw> DNS is common to ping and http retreive and would be cached anyway.
<jacobw> lightning?
<Tixos> get 30mb/s from it
<Tixos> download
<Tixos> what can effect page load?
<Tixos> i mean, its defautl apache2 vhost, what about PHP settings? they are also default
<jacobw> the php5 module isn't enabled by default in ubuntu server
<Tixos> obviously i have installed it..
<jacobw> anyhow, the 'it works' page doesn't invoke the php interpretter
<Tixos> neither is apache2
<Tixos> ok good point.
<Tixos> how else can i test this?
<Tixos> locally ?
<jacobw> that's true, but one might expect the apache2 package to include and enable php5
<jacobw> you need to find out where it is slow from, i.e. at point between you and the server does it become slow?
<Tixos> how can i test page speed load locally?
<Tixos> everything else seems fine
<Tixos> i will PM you the IP to show how slow it is?
<orated> jacobw: I tried unmounting and remounting to reset NFS.. What used to mount before doesn't mount now and vice-versa
<jacobw> Tixos: try httperf
<Tixos> ok, can you load the page for me and report what its like ?
<jacobw> Tixos: how long ago was this server brought online?
<Tixos> hm,
<Tixos> 3days 30minutes
<Tixos> is this a bad result?   >  Reply time [ms]: response 9328.6 transfer 0.0
<jacobw> from what?
<Tixos> not sure how to read this output (httpref)
<Tixos> should i pastebin ?
<Tixos> http://pastebin.com/FRNhkPhn
<jacobw> Tixos: i doubt this is a problem with apache
<Tixos> do those results look normal? why would you conclude that ?
<jacobw> Tixos: there's most likely nothing wrong unless can you prove a slow connection to upstream
<Tixos> you mean like this?
<Tixos> httperf --server=www.google.com
<Tixos> Request rate: 4.1 req/s (244.0 ms/req)
<Tixos> my server
<Tixos> Request rate: 0.1 req/s (18697.6 ms/req)
<jacobw> Tixos: how is your server provided?
<Tixos> how do you mean ? its a dedi
<jacobw> orated: stop nfs on the server and try to umount those points again
<orated> jacobw: Yes, on it
<jacobw> Tixos: how much bandwidth should you have?
<Tixos> unlimited
<Tixos> jacob, these results dont indicate something wrong with http?
<jacobw> they indicate that http to your server is slow from where you are right now
<Tixos> can you help me debug man :(
<Tixos> im putting my traffic onto another server for the minute, to see if it effects the server
<Tixos> ealier before i swtiched to this server, it was so fast
<jacobw> fast http?
<orated> jacobw: / and /home access from client works good. But not the /media..
<Tixos> never used httperf, but yes load time view browser was less than 1 second
<Tixos> i have no firewall etc, i cant think of anything else!
<Tixos> other server is centos, and has no issues, is there any default ubuntu apache2 configs that could cause this if the server receives alot of traffic?
<jacobw> the apache configurations should be similar, both should use virtual hosts by default
<Tixos> yes, what about client limit ? i read somewhere
<Tixos> im out of ideas, so i came ehre :(
<Tixos> just moved traffic to backup server
<jacobw> where is the other server in relation the ubuntu server?
<Tixos> so i will give it 5minutes, and check again with httperf, like i said this morning it was very quick
<Tixos> same country
<jacobw> same network?
<Tixos> not sure, do you think it could be beyond the dedi then ?
<Tixos> like a global IDS for the rack or something?
<jacobw> ping is fast enough
<Tixos> yea i know
<Tixos> GRR
<jacobw> httperf tells us that http is slow
<Tixos> so why would it be?
<Tixos> config?
<Tixos> got slower
<jacobw> if the centos host is on the same network, compare apache configurations, if not use iperf to test tcp speed from your location to the ubuntu server
<Tixos> faster
<Tixos> Request rate: 0.1 req/s (9849.8 ms/req)
<jacobw> if the centos and ubuntu servers are on the same network, you can test between them to rule out the ubuntu server as the cause
<Tixos> they are not
<jacobw> ok, use iperf to test tcp speed between you and the server, if that's good then you know its the http server, otherwise contact the provider and ask for a test nearer the server, i.e. from before upstream
<Tixos> how to use iperf?   >$ iperf -s IP ?
<jacobw> http://rackerhacker.com/2010/03/20/testing-network-throughput-with-iperf/
<orated> hey jacobw! Its working fine now after restarting almost everything
<jacobw> :)
<orated> Thanks
<orated> But I think I can have problems with NFS. Could you tell me how NBD does the same job is a better manner?
<jacobw> it doesn't really
<jacobw> actually, i'm not so sure, it might work well if your on a fast LAN
<Tixos> jacob
<Tixos> nothing i can do with the speed, it seems fine on old server
<jacobw> so you ran iperf -s on your ubuntu server and connected with iperf -c <ip> from your machine?
<Tixos> sec
<Tixos> connected
<Tixos> what do i do lol
<Tixos> ah
<Tixos> i see
<Tixos> [  3]  0.0-11.1 sec  2.12 MBytes  1.61 Mbits/sec
<Tixos> seems fine?
<jacobw> yeah
<Tixos> now im really getting annoyed? is it my provider or my configuration man ?
<jacobw> configuration
<Tixos> not an issue with the port?
<Tixos> can i run iperf on a port?
<Tixos> i mean, could their router be monitoring port 80 ?
<jacobw> its possible
<Tixos> can i use iperf to rule it out?
<jacobw> iperf -s -p 80 / iperf -c <ip> -p 80
<Tixos> sec
<Tixos> bind failed: Permission denied
<Tixos> need to sudo for this?
<Tixos> bind failed: Address already in use
<jacobw> yeah, it might do, stop apache and try again.
<Tixos> ok
<Tixos> hm
<Tixos> [  3]  0.0-10.0 sec  0.00 ï¿½ ï¿½ï¿½s  14746021652466558976 Bytes/sec
<jacobw> you tested from your machine where you are?
<Tixos> wtf? lol
<Tixos> yes i ran that from my machine
<Tixos> try yourself
<jacobw> try running it again on port 443
<Tixos> k
<Tixos> [  3]  0.0-11.1 sec  2.00 MBytes  1.50 Mbits/sec
<Tixos> so it is ???
<Tixos> btw i apprecaite you time man
<Tixos> :)
<jacobw> how did you stop apache?
<jacobw> using `service apache2 stop`?
<Tixos> yes
<jacobw> check if its still running, `ps -e | grep apache2` and see what's listening, `netstat -nultp`
<Tixos> ok sec
<jacobw> now you know that 443 which is the port for HTTPS works ok, so if you can prove that nothing on the your server is wrong, you can assume that port 80 is being proxied or otherwise mangled by the provider
<Tixos> while i look, if i view 'top' many apache instance are there, this is wrong?
<jacobw> yes
<jacobw> killall apache2
<jacobw> ps -e | grep apache2
<jacobw> to confirm all instances are dead
 * jacobw â chinese food
<Tixos> ok pal, ill update and wait :)
<Tixos> man im getting like 20 PIDs for apache, once i start it.... there is nothing when i stop, but when i start there are LOADS
<Tixos> i think its normal
<Tixos> my other server has the same
<mdeslaur> roaksoax: FYI, I'm going to merge virtinst... (you TIL)
<Tixos> would KeepAlive effect things?
<jacobw> run httperf on the ubuntu server itself
<Tixos> if i run localhost its fast, if i run the IP its 15,000ms
<Tixos> let me PM you ip again, its loading very fast for me via browser now, not sure if its a cache thing
<Tixos> how fastis it for you ?
<jacobw> it's not a cache thing
<Tixos> then run httperf on it, how fast is this for you ?
<Tixos> i am comparing 3 servers i have, and there is not much diff in the httpd confs, only keepalive, and prefork
<jacobw> how is prefork different?
<Tixos> server start  = 8
<jacobw> for testing, i'd want to have a single apache process
<jacobw> change it to 1
<Tixos> few other higher values, but the other ubuntu server i have is the same as thus one
<Tixos> and httperf results are fine
<Tixos> i didnt want to edit too many things
<Tixos> before testing 1 thing at a time?
<jacobw> what files?
<jacobw> you should test one thing at time
<Tixos> just httpd conf
<Tixos> yes, so keepalive wont effect?
<jacobw> test, disable it and try again
<Tixos> so i should only use httperf? because browser seems fine now
<jacobw> httperf elimates caching, but you can clear the browser cache
<Tixos> so httpd is still 13-20,000ms
<Tixos> per request
<Tixos> i cant see how it can be config issues if another ubuntu sever i have is fine?
<Tixos> back soon :S
<jacobw> test your other server with httperf
<Tixos> jacobw: i did, and its fine :P
<jacobw> Tixos: you know that traffic to port 80 on your problem server doesn't proceed as expected
<jacobw> Tixos: this is could be caused by HTTP proxying by the provider
<jacobw> Tixos: try running apache on port 443 which tested good to isolate the problem with port 80
<jacobw> Tixos: just enable sites-available/default-ssl and reload apache
<jacobw> Tixos: generate your own ssl certificate first and specify the key and certificate in default-ssl
<Tixos> ive got an ssl vhost there
<Tixos> man
<Tixos> its fine on 443
<Tixos> 331ms/s
<Tixos>  / request sorry
<jacobw> good
<jacobw> now there's two possibilities
<jacobw> its already disproved, httperf was ok running locally on your ubuntu server
<jacobw> if there was some problem with apache it wouldn't have worked
<Tixos> ok i wil speak with them, but they are useless :(
<Tixos> is there a temp fix
<Tixos> to redirect all traffic to 80 to 443, or is it too late once its listened and received on 80 ?
<tasty> Hi, I was wondering if anyone could tell me if this looks correct: http://pastie.org/3362703 or if something is wrong.
<tasty> everyone dead?
<tasty> was told to come here
<ikonia> for what ?
<StrangeCharm> I've just created a new user account for running a program that has special permission needs. How do I give this user write access to / ?
<tasty> for help
<ikonia> tasty: with what
<Tixos> StrangeCharm: why do you want full write access over / ?
<ikonia> StrangeCharm: you've just asked this in #ubuntu - please don't cross-post
<ikonia> StrangeCharm: I've just answered you in #ubuntu
<tasty> ikonia, with apache2
<ikonia> tasty: you need to actually state the problem if you want help
<tasty> Nice!
<tasty> ikonia, does this look wonky? : http://pastie.org/3362703
<Tixos> tasty: he said post the problem
<tasty> Tixos, that's the problem
<Tixos> where?
<ikonia> tasty: in what way "wonky"
<tasty> : http://pastie.org/3362703
<Tixos> dont be a moron :P
<qman___> a configuration file isn't a problem
<Tixos> leave him settle
<Tixos> he will get the message
<ikonia> Tixos: no need for name calling, but I don't see the issue
<tasty> should it work?
<ikonia> in what way ?
<qman___> that depends on what 'work' is
<qman___> can't read your mind, bro
<ikonia> actually - I don't care, I'm not pulling information from people
<ikonia> if you want help - ask a question / state a problem
<ikonia> I shouldn't have to beg for information, good luck
<tasty> this is how trolls become trolls
<Tixos> ikonia: scroll back 2 hours and feel free to give your opinion on my issue :)
<tasty> I don't know how to ask the question
<ikonia> Tixos: I see lots of discussion, quick summary please
<Tixos> httperf on port 80 to my server returns great request time/s
<ikonia> Tixos: (just high level overview)
<Tixos> sorry, it doesnt
<Tixos> but to port 443 it does
<tasty> I'm having an issue and I need to make sure this : http://pastie.org/3362703 looks right
<ikonia> wow, that's back to front
<Tixos> getting 13 second page load times on 80
<ikonia> Tixos: I'd have expected 443 to be slow (due to the handshake) and 80 to be quicker
<Tixos> google = 200ms/request   port443 = 300   port80 = 18,000
<qman___> tasty, it's syntactically valid; beyond that we can't help unless you describe what it is you're trying to do, and give details on what the problem is, exactly
<ikonia> Tixos: curious, if you telnet $server 80 and just do a "get" on it, what happens ?
<tasty> qman___ that is ALL I FUCKING WANTED TO KNOW
<tasty> thanks dicks
<ikonia> !ops | tasty please remove the troll
<ubottu> tasty please remove the troll: Help! Channel emergency! soren, lamont, mathiaz, Pici, Daviey, Tm_T or pmatulis
<Tixos> <title>400 Bad Request</title>
<Tixos> i just typed 'get' though lol
<ikonia> Tixos: that's ok, is it "quick" to get the bad request ?
<Tixos> 10seconds?
<Tixos> lemme try on 443?
<ikonia> Tixos: slow, wow
<Tixos> 443 doesnt give nothing back
<ikonia> Tixos: if you do a google there is a good document on how to do a correctly formatted http get over telnet
<Tixos> ill pm you IP, compare the 2 ports on httperf for me? :P
<ikonia> Tixos: be interested in trying that on port 80 - see if you get any info
<ikonia> Tixos: sure, I'll telnet in
<jacobw> 443 wouldn't give anything back to plain request because it expects ssl
<ikonia> yeah, I just wanted a connection test
<ikonia> I think I see the issue
<tasty> ikonia, quit kicking me
<ikonia> tasty: stop the attitude and offensive language
<tasty> I will voodoo you
<tasty> good thankyou
<pangolin> tasty: threatening anybody in Ubuntu channels is a bad idea and I recommend you check your attitude and adjust it accordingly
<pangolin> Please :)
<tasty> pangolin, they were very rude to me
<pangolin> they were not.
<pangolin> i didn't see them swearing or calling names
<tasty> a huge barrage, and then them telling me they wouldn't help
<pangolin> Please just relax a little and try to understand that the nature of IRC means people are not always around to help
<pangolin> When they asked for more details you didn't provide any
<pangolin> Were they supposed to guess?
<tasty> I asked a very specific question.
<pangolin> and they asked for more info
<tasty> qman___ answered iot
<tasty> it*
<pangolin> i'm glad he was able to help you. then you replied with calling everybody in here dicks and morons
<pangolin> great way to show appreciation
<tasty> no. I called everyone in here morons from #ubuntu
<pangolin> you're not helping yourself
<pangolin> anyway, it is over now. back to helping people :)
<tasty> well, don't be so rude
<tasty> fine
<tasty> qman___ isn't a moron
<tasty> is there some place where I can ask questions and not have so much trouble?
<pangolin> ##linux
<tasty> how about not on IRC, some place where the majority are not rapidfire autists
<jacobw> lol
<jacobw> this is the internet ;)
<qman___> you get what you give
<qman___> nobody to blame but yourself on this one
<tasty> I asked a pretty specific question
<ikonia> tasty: enough - stop now
<tasty> you were the only one that could answer it
<qman___> you were not specific about it - "is it right?" is very open ended and generic
<qman___> you could have stated you wanted a syntax check
<ikonia> tasty: STOP.
<qman___> syntactically valid doesn't always mean right, or usful
<tasty> ikonia, qman__ and I are trying to have a conversation
<ikonia> tasty: this channel is not for that sort of conversation
<ikonia> tasty: people will help you with ubuntu server issues, if you ask clear questions
<ikonia> tasty: please try to just ask clear questions and people will help
<tasty> do you have a list of commands ikonia?
<ikonia> tasty: a list of commands to do what ?
<tasty> ikojnia --help
<tasty> ikonia --help
<ikonia> tasty: please don't be silly in here, I'm trying to help you get actual help
<tasty> ikonia I'm being serious, how do I ask questions the way you need them to be asked?
<ikonia> tasty: really simple (using the example problem you had)
<ikonia> tasty: "Hi, I'm trying to create an apache2 config so that everytime someone does $myurl/poker it does a pass through and forwards to port 3001
<ikonia> I'm havine a problem as it's giving a 404 rather than the pass through, here is my config"
<jacobw> http://catb.org/esr/faqs/smart-questions.html
<ikonia> tasty: or "I've created this config file - can you see any obvious syntax problems with it $pastebin_url"
<tasty> ...if I knew how to ask the question why would I even come here!
<ikonia> tasty: asking a question and the answer are two different things
<ikonia> tasty: if you knew the answer, I can see no value you in you coming here, but being able to ask a question will get you the help you want
<tasty> if I already knew how to ask the question, I wouldn't need to come here though
<tasty> I could simply google it
<ikonia> tasty: then I'm sorry you won't be able to get help without the issues you've faced today. Best of luck going forward
<tasty> so next time I will ask you guys what question I should ask.
<ikonia> tasty: please don't be silly, you knew you wanted a config check on apache, just ask for that
<qman___> it's fine to not ask the perfect question, but when people ask for details, the correct response is to provide them, not harass the people trying to help you
<pangolin> clearly you are intent on arguing no matter how wrong you are.
<ikonia> I can't be bothered any more, I'm off to do other things
<tasty> why do you guys keep doing that?
<tasty> that is what pissed me off to begin with!
<tasty> putting words in my mouth and then being rude again
<pangolin> G.I. Joe was right, Knowing IS half the battle. I know when to give up.
<tasty> instead of saying, "oh well i don't care, I can't be bothered talking to you", just go...
<pmatulis> is everything ok here?
<tasty> Does it make you happy if I say I am wrong?
<tasty> when I came here to get help and all I am here for is to "get help"
<tasty> now this is cleared up. I will speak no more of it
<tasty> is this okay with everyone?
<Tixos> jog on
<tasty> cool!
<Tixos> such a waste of life man, either get your business done here and get on with other things, or just leave and continue your life. its quite sad
<tasty> Tixos, you are a waster
<Tixos> cool!
<tasty> http://pastie.org/3362703
<tasty> what port is that listening on?
<jacobw> tasty: what is it supposed to do?
<zastaph> does ubuntu server install /usr/sbin/named by default? even if dont choose DNS server in the software selection during install?
<jacobw> tasty: port 80
<tasty> room:80?
<Tixos> no zastaph
<zastaph> can't find out how it got there then
<qman___> probably got installed as a recommend
<qman___> the base install does not include a DNS server
<jacobw> tasty: yeah
<tasty> jacobw, thanks man
<zastaph> ok found the source, bind9 was hidden in a long apt-get guide I followed :p
<ikonia> tasty: also be aware of #httpd channel for apache questions
<jacobw> tasty: typically, you'd have a 'DocumentRoot' directive
<jacobw> tasty: i.e. 'DocumentRoot /var/www'
<tasty> ikonia: thank-you
<tasty> jacobw, thank-you
<tasty> now I know the issue lies in my perl kit or python
 * tasty slowly removes himself from the room
<tasty> don't get any funny ideas, I'm watching you guys. XD
<tasty> Hi, I just wanted to let you guys know, you helped me decide to quit linux
<qman___> good, we're better off without that kind of attitude
<popey> apw: filed bug 930778 if you have any info you think should be added I'd appreciate knowing. have mailed my friend to let him know I filed it
<uvirtbot> Launchpad bug 930778 in linux "Thinkpad X40 doesn't support PAE, so unable to install 12.04" [Undecided,New] https://launchpad.net/bugs/930778
<Tixos> tard
<aarcane> can ubuntu kvm-quem + guests be configured such that when an OOM Killer event has to happen, that first an attempt is made to reclaim memory from the baloon dynamically ?
<josephoe1ix> Hmm. How can I make sure my php5-fpm processes restart when a php update is installed by automatic updates?
#ubuntu-server 2012-02-12
<k3vmcd> I'm looking for a way to be able to reinstall my entire server, with all current packages and config files included, in the case that my primary and backup servers both go down simultaneously. Is there a good way to do this? I tried using Remastersys, but am unable to reinstall the backed-up system to the disk from the command line (maybe I have the wrong commands, but it seems like it requires a GUI to install)
<greppy> k3vmcd: save the output of 'dpkg --get-selections' and backup /etc.  That should let you reinstall packages and have the config files to go with them.
<k3vmcd> ah yes, that makes sense
<k3vmcd> thanks greppy
<greppy> probably want to snag some other directories/files as well
<greppy> like /var/spool/cron
<greppy> but that should get you started.
<greppy> the thing to do is to TEST your backup/restore procedure before you need it.
<greppy> so shove it all back onto a clean install in virtualbox or something to make sure it works.
<k3vmcd> i'm thinking if I back up /etc and /var then I'll capture everything i need
<k3vmcd> i think my approach with Remastersys was a bit of an overkill
<jeffrubic> k3vmcd: /var includes a bunch a log files which you typically don't need
<k3vmcd> true, but it does have my web server files and my SQL databases
<jeffrubic> k3vmcd: I didn't mean to suggest that you exclude /var, just /var/log, unless you need them.
<Zilly> how doth I maketh another account easily???
<Zilly> how doth I makith another user account easily???
<k3vmcd> hey, thanks jeffrubic and greppy. I was just looking through my server files after your suggestions and I figured out a good set to keep backed up. Just wanted to say thanks for the help
<k3vmcd> Zilly: try the "adduser <username>" command. Alternatively you can search on how to use the "useradd" command instead
<Zilly> k3vmcd: I've done that and I have the user, it's just when I login with that user I have to reboot
<Zilly> i have to reboot because nothing is there
<Zilly> just blankness
<Zilly> anything I can get that will set up the user completely?
<Zilly> edit fstab and set everything up in X?
<k3vmcd> are you ssh-ing in?
<Zilly> no, vbox
<k3vmcd> hmm, I ran into something similar when the user was set to /bin/false but I think that might only apply to ssh
<qman___> Zilly, 'useradd' is the base command and requires options to set a user up, but the 'adduser' command does set everything up, creates the home directory, all that
<k3vmcd> does the user have a folder in /home ?
<Zilly> going to try adduser, I think I already did but am uncertain now
<Zilly> k3vmcd: yes
<Zilly> if I'm not back it didn't work
<Zilly> bbl
<k3vmcd> I guess it didn't work :(
<stgraber> hallyn: is lxc within lxc working for you? I just tried to setup some automated d-i testing in an LXC container instead of a VM and the containers won't start in there
<stgraber> hallyn: with no clear error in the log or dmesg
<stgraber> hallyn: http://paste.ubuntu.com/838620/ and http://paste.ubuntu.com/838621/ (not sure that really helps ...)
<stgraber> hallyn: as you can see, I tried a few times ;) the veth pairs get created and never cleaned, the container never starts
<stgraber> oh, and I just noticed I don't have cgroup-lite (running with --no-install-recommends by default here ...)
<stgraber> that'd explain it I guess :)
<stgraber> yep, that was it ...
<stgraber> hallyn: sorry ;)
<uvirtbot> New bug: #930881 in samba (main) "smbd crashed with SIGABRT in rep_strlcpy()" [Undecided,New] https://launchpad.net/bugs/930881
<rdjmhgh> Has abyibe akready looked at http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652026 with regard to ubuntu (12.04) I suppose ubuntu is affected as well
<uvirtbot> Debian bug 652026 in amavisd-new "perl 5.14 broke use of s-s-d --name on initscript" [Important,Fixed]
<EvilResistance> rdjmhgh, #ubuntu+1
<EvilResistance> which i told you earlier :P
<uvirtbot> New bug: #930916 in amavisd-new (main) "amavis start-stop script fails to stop amavisd" [Undecided,New] https://launchpad.net/bugs/930916
<maxagaz> hi
<maxagaz> as someone tested OpenNebula and Eucalyptus ?
<maxagaz> I heard from a friend that OpenNebula is much more stable than Eucalyptus
<maxagaz> but Ubuntu seems to promote Eucalyptus
<maxagaz> any advice about which one I should use ?
<Tm_T> hi
<Tm_T> maxagaz: euca has been stable for us and working well
<Tm_T> maxagaz: any particular issue known or just gut feeling?
<greenhost> hi all
<maxagaz> Tm_T: a former colleague used euca before, and has now switched to open nebula, he just told be that now he doesn't any problem while he add a lot of little problems with euca
<maxagaz> Tm_T: but no particular issue known
<greenhost> who have done ubuntu mail server for windows clients?
<maxagaz> Tm_T: and it's neither just a gut feeling
<greenhost> who have done ubuntu mail server for windows clients?
<Tm_T> maxagaz: I see
<Tm_T> greenhost: I don't think client OS does matter (:
<Tm_T> ah
<Tm_T> was going to give this for greenhost: https://help.ubuntu.com/community/MailServer
<greenhost> who have done ubuntu mail server for windows clients?
<Tm_T> 1423.30 < Tm_T> was going to give this for greenhost: https://help.ubuntu.com/community/MailServer
<Tm_T> 1422.33 < Tm_T> greenhost: I don't think client OS does matter (:
<Tm_T> as long as the client is using sensible protocol (imap, pop), ofcourse
<zastaph> it seems to me that dnsutils is a package related to bind9. But if I want to use dnsmasq instead of bind, do I uninstall bind9 and dnsutils, and thus I will no longer have access to dig or nslookup ?
<greenhost> Tm_T I installed today with postfix and dovecot
<greenhost> Tm_T . not ok.
<Tm_T> zastaph: there shouldn't be a problem to have both packages installed?
<greenhost> Tm_T : I frist tried as mentioned on Postbasichowto official documentation. but starting from netcat mail.yourdomain.com. I got error.
<zastaph> tm_t, well dnsmasq can't start because port 53 is in use with /usr/share/named
<zastaph> tm_t, but perhaps dnsutils and dnsmasq can be together
<Tm_T> zastaph: I would assume you can disable the other one if you don't need it
<Tm_T> greenhost: can you be more specific what kind of problems you had with, for example, dovecot?
<zastaph> tm_t, yes im going to uninstall bind9 package, but just wonder if I should get rid of dnsutils too... nslookup and dig seems like useful tools
<Tm_T> zastaph: no need to get rid of dnsutils AFAICS
<jacobw> zastaph: there's no reason to remove bind9
<jacobw> zastaph: just stop the sevice
<jacobw> service*
<greenhost> Tm_T I tried /etc/init.d/dovecot restart. but it looked like that file is corrupted
<zastaph> jacobw, ok.. but I have no need for bind9 if I'm going to use a different dns tool
<greenhost> Tm_T " process(58888) error. bla bla
<Tm_T> greenhost: what file? and you have to be more specific
<greenhost> Tm_T as I am now at cyber cafe with winows XP. I dont remeber all my errors and try at the same time
<Tm_T> greenhost: roger, just hard to know what went wrong (:
<greenhost> Tm_T: actually I would like to use email from any mail clients( thunderbird or outlook2003) or something available. I first just want to email locally.so how coud I configure on postfix and dovecot?
<Tm_T> greenhost: there seems to be rather clear and good howto at https://help.ubuntu.com/community/Dovecot
<jacobw> zastaph: bind9 has a small footprint
<jacobw> zastaph: unless the dnsmasq package conflicts, there's no reason to remove it
<zastaph> jacobw, and whats the reason to keep it? :)
<greenhost> Tm_T . you are right. but there are more security based complicated packages to install from internet whenever I read documentation. I have no internet at home on my mail server. so i want to be ok with installer CD alone
<jacobw> zastaph: there's none, i'm just saying that there's no reason to remove a package to install a similar package
<greenhost> Tm_TI just would like to know what line in postfix and what lines in dovecot to configure or change to email from user1 to user2 locally from windows mail clients
<greenhost> Tm_T it is pity there is no English version simple video for that to see step by step
<greenhost> Tm_T even on youtube
<jojoburk> greenhost: there's is nothing special to do. simply mail from user1 to user2 locally should normaly works out of the box
<greenhost> jojoburk: just testing from CLI: mailing from root to another user called user1. is fine in CLI alone. but to email really from windows using mail clients need extra configuration i think. I was never been successful
<jojoburk> greenhost: take a look at the output from netstat -tulpe to see on which address the dovecot and postfix server are bound. possible just on localhost?
<greenhost> jojoburk yes just on localhost . last time
<greenhost> jojoburk: my question is so simple. I wouldl really like to make sure if it is possible to set up mail server for windows clients with server installer CD alone without internet
<jojoburk> greenhost: when postfix and and dovecot are installed, yes it is.
<greenhost> jojoburk: can I also install postfix and dovecot using server installer CD without internet?
<jojoburk> greenhost: postfix yes, but i'm not sure about dovecot. give it a try: just try installing dovecot using apt-get or aptitude only with the cd as source
<jojoburk> greenhost: otherwise you can download dovecot package from other pc and copy and install it on your server
<greenhost> jojoburk; honstly I followed https://help.ubuntu.com/community/PostfixBasicSetupHowto, I was stucked since sudo apt-get install courier-pop
<greenhost> sudo apt-get install courier-imap
<greenhost> jojoburk: yes. I am on windows XP machine now. there is no linux here at cyber. How could i copy/download required full packages where there might be dependencies
<greenhost> ?
<jacobw> greenhost: so you want mail delivery between local users accessible by imap?
<greenhost> jacobw: imap or pop or whatever. I don't mind. As long as I can email between local users. it is fine for me
<greenhost> jacobw : but using any email clients from windows
<jacobw> yes
<jojoburk> it seems that his problem is to install a mailserver without internet connection. i understood that dovecot is not installed at the moment.
<jacobw> you can use apt on your ubuntu server to find out what packages you need, but its laborious.
<jacobw> apt-get -s install will list all packages that would be installed if you ran apt-get install
<jacobw> apart from that, see http://library.linode.com/email/postfix/dovecot-system-users-debian-6-squeeze
<samba35> can i install vmware image in kvm ? if yes which file i suppose to import (from which i will able to boot)
<greenhost> jojoburk: I took my home server to office to download courier-pop and courier-imap to follow the guide line. but not ok
<greenhost> jojoburk: downloading was ok. Though DNS was fine, I could not proceed
<jacobw> samba35: to run a kvm/qemu vm with libvirt on ubuntu server you need a qcow2 disk image and an xml definition
<samba35> ok
<greenhost> jojoburk I would like to have somebody to pointout what i might be wrong in which steps based on "https://help.ubuntu.com/community/PostfixBasicSetupHowto",
<jacobw> samba35: you can convert a vmware disk image (vdi) to qcow2 using qemu-img convert foo.vdi -O qcow bar.img
<samba35> ok let me try
<jojoburk> greenhost: i dont can help you at the moment, im sorry
<greenhost> jojoburk: thanks anyway
<jacobw> greenhost: that wiki page is outdated
<jacobw> greenhost: sometimes the community documentation is
<greenhost> jacobw: where should I see updated one?
<jacobw> greenhost: dovecot has been the recommended mda at least 8.04
<greenhost> jacobw: is it better than courier?
<jacobw> greenhost: try following the document I linked earlier
<jacobw> http://library.linode.com/email/postfix/dovecot-system-users-debian-6-squeeze
<fluffypony> hi guys - I'm seriously struggling to get PSAD working on 10.04 (with UFW). I've just installed a new minimal installation on a web server, and it's not logging anything. Previously (on 8.04) I configured sysklogd to write to psadfifo, but that no longer seems to be an easy option with rsyslogd?
<greenhost> jacobw it looked good and too much configuration. But it used "internet site" settings. If I wanna use, locally only. What else should I change.?
<greenhost> jacobw: it is pitty I can't follow and install packages without internet
<greenhost> jacobw: http://pastebin.ubuntu.com/838994/
<greenhost> jacobw: http://pastebin.ubuntu.com/838994/
<kklimonda> tjaalton: hey, what's the current packaging status of freeipa in ubuntu/debian? Anything I could do to help? :)
<jojoburk> greenhost: the joke is that you have to configure postfix for internet site. locally only means that postfix is just configured for the use on localhost!
<tjaalton> kklimonda: if you're an archive admin then sure ;)
<samba35> jacobw, there is no .vdi file there are vmx, vmdk,nvram ,vmsd,cmxf file are there
<greenhost> jojoburk: do you mean I have to configure as internet site though my mail server is not without internet?
<jacobw> greenhost: so your ubuntu server can only access the LAN?
<kklimonda> tjaalton: it's already that far? :)
<tjaalton> kklimonda: most of it is packaged, some are waiting in NEW
<jacobw> samba35: yes, i made a mistake, vdi is the format for virtualbox
<tjaalton> pretty far yes
<greenhost> jojoburk jojoburk: do you mean I have to configure as internet site though my mail server is without internet?
<tjaalton> kklimonda: though I haven't tested server install yet
<greenhost> where can I download dovecot full tgz package?
<kklimonda> tjaalton: where do you keep all the packaging? I'd give it a shot to see how it breaks ;)
<jacobw> samba35: vmdk is the format for vmware, qemu-img supports images from vmware 3 and 4
<samba35> ic
<tjaalton> kklimonda: git.debian.org
<jojoburk> greenhost: yes, because "internet site" means that die daemon is accessible from "other" hosts in network (no difference between internet and lan).
<samba35> how do i check whether image is 4 or 5
<greenhost> jojoburk : That is the very important point.
<jojoburk> greenhost: ... and not just from the server itself (localhost)
<fluffypony> hi guys - I'm seriously struggling to get PSAD working on 10.04 (with UFW). I've just installed a new minimal installation on a web server, and it's not logging anything. Previously (on 8.04) I configured sysklogd to write to psadfifo, but that no longer seems to be an easy option with rsyslogd?
<tjaalton> kklimonda: there is no easy way to test it atm though
<samba35> ok file give me  results its 4
<samba35> CentOS5.2small.vmdk:  VMware4 disk image
<jacobw> samba35: you might want to try using virt-convert on the directory containing the images and definitions to get a qcow2 image and libvirt xml definition
<greenhost> jojoburk: I am now leaving cybercafe. so I might need to download dovecot tgz so that I can take it home with flash drive.
<jacobw> hi fluffypony
<greenhost> jojoburk where could I get dovecot full package tgz file?
<samba35> ok
<fluffypony> hi jacobw
<jojoburk> just search for dovecot download?
<samba35> CentOS5.2small.vmdk:  VMware4 disk image ?
<samba35> sorry
<samba35> virt-convert CentOS5.2small.vmdk ?
<jacobw> don't download the tarball, its a source package not packaged for ubuntu
<jacobw> building dovecot would not be trivial
<kklimonda> tjaalton: I'm really interested in getting it packaged (and working) in Debian and Ubuntu. I don't really expect it to work out of the box right now, I was just interested where the packaging is so I can start working on it :)
<samba35> ok
<tjaalton> kklimonda: https://launchpad.net/~ubuntu-389-directory-server https://launchpad.net/~freeipa
<tjaalton> kklimonda: pki is mostly packaged, but upstream is keeping it all in pki.git, so would need to merge it all back in at some point, maybe not for this push though
<jacobw> greenhost: run `sudo apt-get -s install dovecot-common` on your ubunu server, note what package it wants to install, and get the DEB files from packages.ubuntu.com
<tjaalton> kklimonda: there are ppa's too, but the oneiric ones are not fully uptodate
<jacobw> samba35: virt-convert the directory
<tjaalton> best to test stuff against precise at this point
<kklimonda> yeah, I'm already working (and testing stuff against) precise
<tjaalton> kklimonda: are you on collab-maint?
<tjaalton> alioth
<kklimonda> tjaalton: yes, I should have access via pkg-gnome
<samba35> ok
<tjaalton> ok
<greenhost> jojoburk: I want to download from windowsXP. no apt-get. I know I can download from package.ubuntu.com. but nested dependencies. how to take it all?
<jacobw> fluffypony: what have you done so far?
<tjaalton> kklimonda: i'll probably set up a project around freeipa, like there is pkg-fedora-ds
<tjaalton> same for sssd/ding-libs
<fluffypony> jacobw: psad is installed and setup (same as on 8.04) and configured to my liking. added the two iptables rules straight from the cipherdine site. psad -S status shows no packet counts?
<jacobw> greenhost: http://wubdepends.sourceforge.net/
<kklimonda> tjaalton: great to hear that :)
<tjaalton> kklimonda: actually did that too, but the admins asked if it could be under collab-maint instead. now it's clear that a separate sub-project would be better
<tjaalton> so it could have a mailing list, and commit mail sent there etc
<jacobw> fluffypony: what are those rules?
<jacobw> http://cipherdyne.org/psad/docs/config.html
<fluffypony> http://www.cipherdyne.org/psad/docs/fwconfig.html
<fluffypony> yes
<fluffypony> I also tried this: http://bodhizazen.net/Tutorials/psad
<samba35> jacobw, cool man now i got  boot screen
<samba35> thank you !
<fluffypony> where he adds it to the UFW before.rules - -A ufw-before-input -j LOG --log-level warn
<fluffypony> but that just broke UFW
<fluffypony> and it wouldn't even start
<jacobw> following bodhizazen's guide?
<kklimonda> tjaalton: what was their argument for collab-maint? not enough packages (or contributors) to warrant a separate group?
<fluffypony> jacobw: yes - that UFW rule is invalid (it seems)
<tjaalton> kklimonda: it would've been ok to create the project, but it was kinda put on hold. no specific arguments
<tjaalton> i just couldn't decide, so went for collab-maint
<kklimonda> right, it works fine anyway untill there are more people who are interested in helping out
<greenhost> jacobw I found no .exe file for windows
<jacobw> fluffypony: it seems that problem is with lucid switching to rsyslog
<fluffypony> jacobw: yep - in 8.04 I could just echo -e 'kern.info\t|/var/lib/psad/psadfifo' >> /etc/syslog.conf and then restart sysklogd
<kklimonda> tjaalton: hmm, do you use some different setup for git-buildpackage, or don't use it at all?
<tjaalton> don't use it
<jacobw> fluffypony: have you added any rules to /etc/rsyslog.d/* ?
<fluffypony> no - 20-ufw.conf  50-default.conf  postfix.conf
<jacobw> greenhost: http://sourceforge.net/projects/wubdepends/files/wubdepends/Initial/wubdepends3.exe/download
<zaur-ibr> hi
<fluffypony> zaur-ibr: bye
<fluffypony> :-P
<jacobw> fluffypony: add a rule to rsyslog.d/psad.conf to pipe all messages containing 'firewall' to /var/lib/psad/psadfifo, restart rsyslog and test
<fluffypony> ok doing now
<jacobw> fluffypony: check /etc/ufw/*.rules to make sure that messages are being logged after all other rules
<jacobw> fluffypony: and restart ufw, or start it if its not running
<fluffypony> ufw's off atm
<fluffypony> so it's just the iptables rules I've added
<tjaalton> kklimonda: if you have further questions you can email me, or the lists on launchpad
<fluffypony> jacobw: doesn't seem to be working
<fluffypony> I think the problem is with iptables not logging anything
<greenhost> jacobw how to isntall python terminal for windows?
<fluffypony> I mean, I've got this in my Chain INPUT and Chain FORWARD: LOG        all  --  anywhere             anywhere            LOG level warning prefix `firewall '
<jacobw> fluffypony: have you restarted rsyslog?
<jacobw> fluffypony: if not, check /var/log/syslog for 'firewall' messages first
<kklimonda> tjaalton: sure, I will :)
<jacobw> confirm iptables is logging, then confirm rsyslog is piping correctly to /var/lib/psad/psadfifo
<jacobw> after that, confirm that psad is reading /var/lib/psad/psadfifo
 * jacobw â back soon
<fluffypony> Feb 12 16:08:02 primary rsyslogd: [origin software="rsyslogd" swVersion="4.2.0" x-pid="7926" x-info="http://www.rsyslog.com"] (re)start
<fluffypony> ja no - syslog has no entries in it
<fluffypony> I mean, it has entries, but no firewall entries :)
<fluffypony> hmmmmm
<fluffypony> I have a feeling that even though UFW is disabled it's rules are still in iptables, and mine are added after the UFW rules
<fluffypony> time to kill of UFW
<fluffypony> hrm
<fluffypony> server crashed
<fluffypony> sigh.
<jacobw> inaccessible by ssh?
<fluffypony> well that was fun - router decided to restart as well :-P
<fluffypony> ok where was I
<fluffypony> so I removed UFW, and inserted those rules
<fluffypony> but I'm not getting anything in syslog
<jacobw> fluffypony: which rules?
<fluffypony> the iptables rules
<jacobw> these ones? http://bodhizazen.net/Tutorials/psad#Configure_psad
<fluffypony> no
<fluffypony> those are borked
<fluffypony> http://glycogen.net/2011/05/05/setup-psad-in-ubuntu/
<fluffypony> those ones
<jacobw> ok
<fluffypony> ok - time to reinstall
<fluffypony> then I'll re-evaluate if it still doesn't work
<fluffypony> thanks jacobw
<jacobw> hang on
<fluffypony> ok
<jacobw> pastebin iptables -L
<fluffypony> that's the reason I'm reinstalling - I installed Zentyal to play with
<fluffypony> and that has messed up my entire installation
<fluffypony> and apt-get remove zentyal && apt-get autoremove didn't fix it
<fluffypony> clearly they want you to install and never remove it
<jacobw> it depends how its packaged
<fluffypony> yeah
<fluffypony> aaaah
<jacobw> did you add the psad.conf rule to rsyslog.d/ ?
<fluffypony> I see it installs a bunch of modules as well
<fluffypony> how nice
<fluffypony> *removes*
<fluffypony> jacobw: yes
<fluffypony> but I'm not seeing stuff get logged to the syslog
<jacobw> check /var/lib/psad/psadfifo
<fluffypony> so that rule will never kick in
<fluffypony> emkpty
<fluffypony> empty
<jacobw> ok, if you added the rules from glycogen.net to the top of 50-default.conf it'd explain no messagesg in syslog despite iptables logging
<jacobw> so, there's a package called pastebinit that provides a script that you can pipe things to, it uploads its input to pastebin and gives back a url
<fluffypony> ok cool
<fluffypony> so the rules shouldn't be at the top of 50-default??
<fluffypony> *confused*
<jacobw> if you want messages containing 'firewall' to go to /var/lib/psad/psadfifo and nowhere else, then yes
<jacobw> there's two rules, the first matches and pipes to psadfifo, the second matches and drops
<fluffypony> aaaaaaah
<fluffypony> that's why I'm not seeing it
<fluffypony> ok commented out the second one
<jacobw> iptables -L | pastebinit
<fluffypony> hrrrrrrm
<fluffypony> I can't install pastebinit
<fluffypony> no DNS resolution
<fluffypony> brb -
<fluffypony> ok flushed iptables
<fluffypony> http://pastebin.com/5ewUTPRs
<jacobw> ok, rm psad.conf or remove the lines from 50-default and restart rsyslog
<fluffypony> k
<fluffypony> done
<fluffypony> btw the way I'm testing is nmap -sV -F from a different box
<fluffypony> that should trigger those rules, right?
<jacobw> everything will be logged
<jacobw> psad analyses the log
<fluffypony> ok
<jacobw> tail -f /var/log/syslog
<fluffypony> already checked - nothing
<fluffypony> just postfix
<fluffypony> and some other junk
<fluffypony> I should be seeing tons of stuff being logged
<jacobw> yes
<fluffypony> ok so
<fluffypony> iptables isn't logging
<fluffypony> and iptables is clearly on - those Zentyal rules locked everything down (in a bad way)
<fluffypony> so maybe iptables is logging to a non-standard locationm?
<fluffypony> boom
<fluffypony> dmesg
<jacobw> it logs to the kern.* facility
<fluffypony> so dmesg is showing the firewall messages
<fluffypony> and rsyslog is dropping them
<jacobw> see if the message are in /var/log/kern.log
<fluffypony> nope
<jacobw> hmm
<fluffypony> yeah I know
<jacobw> i assumed that iptables would log to syslog, which is usually configured to be the case, but rsyslogd might not do this
<fluffypony> yeah - asking in #rsyslog, but it seems like the quietest channel on earth
<jacobw> rsyslogd uses a module to read from the kernel log and write to syslog
<jacobw> imklog
<fluffypony> ok
<Onepamopa> guys, can anyone help with trim @ ssd raid 1?
<jacobw> so, `grep -Rl /etc/rsyslod*`
<Onepamopa> I added the "discard" option, rebooted the server
<Onepamopa> but according to the test I am doing - trim is not working
<fluffypony> rsyslog.conf:$ModLoad imklog
<fluffypony> so it's loaded in rsyslog.conf
<jacobw> yeah
<Onepamopa> great support ...
<jacobw> Onepamopa: what test are you doing?
<Onepamopa> seq 1 1000 > testfile
<Onepamopa> hdparm --fibmap testfile
<Onepamopa> sync
<samba35> jacobw, do you have any idea on postfix/dovecot ? i have problem with pop3 server
<Onepamopa> hdparm --read-sector <the_sector> /dev/sda
<Onepamopa> then deleting testfile and reading same sector
<jacobw> samba35: what problem do you have?
<Onepamopa> jacobw it should output only zeros after I deleted testfile and sync
<Onepamopa> but it outputs the same as first hdparm --read-sector <the_sector> /dev/sda
<samba35> i am behind a utm (using proxy /relay for mail) i am using smarthost i am able to send mails but i am not able to get mail
<jacobw> ok, so added 'discard' to fstab?
<Onepamopa> # / was on /dev/md0 during installation
<Onepamopa> UUID=327d76c1-f61a-4da1-bd12-502049142982 /               ext4    discard,errors=remount-ro 0       1
<Onepamopa> # /var/lib/mysql was on /dev/md1 during installation
<Onepamopa> UUID=4f152a4c-7e84-4835-b1b3-5ecfd3f4ce0a /var/lib/mysql  ext4    discard,defaults        0       2
<jacobw> samba35: how are you testing receive mail?
<jacobw> samba35: with imap/pop?
<samba35> pop
<samba35> now idea how to setup a imap
<jacobw> samba35: postfix logs to /var/log/mail.log
<jacobw> samba35: dovecot does pop and imap
<samba35> ok let me try again from client now i am on server
<samba35> i will try from client
<jacobw> samba35: its likely that postfix isn't delivering properly to dovecot
<Onepamopa> jacobw any thoughts?
<samba35> when i send mail from gmail to my account mail doesnt get bounce so its comming but i fail to understand where its comming
<jacobw> fluffypony: test where kern.* messages go with logger
<fluffypony> kern.*                          -/var/log/kern.log
<fluffypony> according to 50-default in rsyslog.d
<fluffypony> and that seems to match with reality
<jacobw> Onepamopa: what kernel are you running?
<jacobw> samba35: check /var/log/mail.log for messages from postfix about delivery
<fluffypony> ok so check
<fluffypony> rock and hard place
<fluffypony> http://toastresearch.com/2011/04/09/packet-logging-with-iptables/
<fluffypony> "i wasted 2 hours of my life getting this working on a fresh install of unbuntu 10.10. turns out that the default version of rsyslog that you get when you âapt-get install rsyslogâ is version 4.x, which has a bug that prevents the logging from being directed correctly to /var/log/iptables.log"
<fluffypony> so I'm going to just upgrade rsyslog, right?
<fluffypony> except
<fluffypony> WARNING: there is a bug with kernels < 2.6.34 causing rsyslog to eat cpu time
<fluffypony> *bangs head against wall*
<jacobw> i also dislike rsyslog
<fluffypony> I suppose I can replace it with syslog-ng
<jacobw> are you running 10.10?
<fluffypony> no
<fluffypony> 10.04 LTS
<fluffypony> it's a server after all :-P
<jacobw> check 50-defaults for iptables > /var/log/iptables.log
<fluffypony> I added to 50-defaults for that
<fluffypony> and then was trying to find out why it wasn't working
<jacobw> sometimes ok
<jacobw> er, -sometimes
<jacobw> check /var/log/messages
<jacobw> just find out where the iptables messages are going, find the rule in rsyslog.d/ and redirect to psadfifo :)
<fluffypony> if I grep for iptables in /var/log
<fluffypony> all that comes up are entries in dpkg.log
<fluffypony> lol
<fluffypony> holy crap
<fluffypony> upgraded rsyslog
<fluffypony> my kern.log is now 447mb
<fluffypony> 592mb
<jacobw> the messages might not be tagged with 'iptables'
<fluffypony> rofl
<jacobw> rsyslog will be writing cached messages now
<fluffypony> yeah no
<fluffypony> it's the bug
<jacobw> see if it slows, if not add a log chain to iptables and only log certain traffic types etc
<fluffypony> ok
<fluffypony> so I killed rsyslog
<fluffypony> installed syslog-ng
<fluffypony> much better
<fluffypony> ok sweet
<fluffypony> works
<fluffypony> syslog-ng supports named pipes
<Delemas> Anyone know if the 11.10 64 bit server installer iso has xfs support natively? I was surprised that the 10.04 one does not...
<yakster> anyone help? I need to recursively search all folders under a directory, and move all files with a specific extension to another locationâ¦ Ie, all files under movies with the extension AVI, move to hereâ¦ where here is my move locationâ¦ I am thinking mv -R *.avi /media/Goflex/AVI
<Patrickdk> find . -name '*.avi' -exec 'mv' '{}' '/media/Goflex/AVI/' ';'
<yakster> Thank you
<yakster> ok, now how can I rename all the files to remove the first 5 charters but keep everything the same
<Patrickdk> rename
<yakster> so "01 - HomeVid0001" to "HomeVid0001"
<yakster> I have some thousand filesâ¦
<yakster> if not more
<Patrickdk> since when did rename work on one file at a time?
<yakster> well that is why I am asking
<Patrickdk> and I told you to use rename
<yakster> okâ¦. what is the pearlexp? IDK anything about pearlâ¦.
<Patrickdk> regexp
<Patrickdk> rename 's/^[0-9]+ - (.*)$/$1/' *.avi
<Patrickdk> might do what you want
<yakster> ok, I appreciate your help, can you explain that syntax?
<Patrickdk> http://lmgtfy.com/?q=regexp
<yakster> yes that workedâ¦ thank you
<kklimonda> tjaalton: any idea where is ndr_nbt library from?
<kklimonda> (it's one of freeipa dependencies, it's not in our samba4 sources, like other "ndr" libraries)
<kklimonda> ah, apparently it's a new library, not present in alpha17 release - holy molly, it feels like freeipa folks are doing everything to make it harder to build this stuff on systems other than fedora/rhel..
<Tixos> what is the correct way to fix this bug/error   >   PHP Notice:  session_start(): ps_files_cleanup_dir:
<qman___> a notice is just that, a notice
<qman___> it doesn't mean anything is wrong
<Tixos> its blocking lots
<Tixos> hmm
<Tixos> i disagree :P
<Tixos> i dont like them
<Tixos> i know i can supress, but it does mean something is not quite right
<qman___> the notice itself is not an error, it may be hiding the actual error
<Tixos> well i read that PHP doesnt have write access to its garbage location?
<Tixos> on ubuntu
<Tixos> but the default in ubuntu cleans this folder anyway
<Tixos> so in this case i guess i can suppress the warning
<qman___> error levels go something like this: info, notice, warn, error
<qman___> info and notice are just letting you know that things are happening
<qman___> warn could be a problem, but could just be a warning, and error means something fatal happened
<qman___> if you're getting unexpected behavior, info and notice can lead you to the problem, but they're not direct errors of problems, and won't necessarily lead you to what's wrong by themselves
<Tixos> it seems messy though, i had a script and was getting tons of 'index not defined PHP errors' i have wrapped some of them in '''s and it fixed the warning
<Tixos> is that just poor coding>?
<qman___> the script is probably written for an older (or possibly newer) version of PHP
<Tixos> yea i thought that
<Tixos> so this
<Tixos> in ubuntu
<qman___> the major version points to be careful of are PHP4 to PHP5, 5.0 to 5.2, and 5.2 to 5.3
<Tixos> PHP Notice:  session_start(): ps_files_cleanup_dir: opendir(/var/lib/php5) failed: Permission denied (13)
<Tixos> there is no clean way to fix this error ?
<Tixos> or 'notice'
<qman___> I'd think that'd be more than a notice, but you'd have to find more information on that particular issue
<qman___> unless it's causing a problem, I would leave it
<qman___> but if it is, you could change the permissions on that directory
<qman___> be aware though that this could have major security implications
<Tixos> i would like to fix so i came here :)
<Tixos> changing permissions also seems a little 'naughty'
<Tixos> like i said i think there is a cronjob for it in ubuntu ?
<qman___> well, that's how you correct 'permission denied'
<qman___> but it may be denied for a good reason
<Tixos> but if ubuntu is already doing the job, maybe i should remove it from the php ?
<Tixos> i want the 'cleanest' way :)
<qman___> there are only two ways
<qman___> change permission, or disable the function that's being denied
<Tixos> this is what causes the error
<Tixos> session_start();
<Tixos> but its PHP usage of this that causes the notice?
<qman___> quick google reveals bug 619855
<uvirtbot> Launchpad bug 619855 in php5 "session.gc_probablity=1 in /etc/php5/apache2/php.ini conflicts with permissions on /var/lib/php5" [Low,Won't fix] https://launchpad.net/bugs/619855
<qman___> and from what I'm reading there, it's a problem between upstream and ubuntu's way, and is safe to ignore completely
<qman___> if you just want the messages gone, use @session_start(); instead
<Tixos> should i set gc_prob to 0 ?
<Tixos> id rather not have it filling up my logs
<qman___> they will still occur with that set to 0, just less often, and that actually reduces functionality
<Tixos> ic
<Tixos> i like this guys reply > AgustÃ­n FernÃ¡ndez (yo-agustinfernandez)             wrote             on 2010-09-09:
<Tixos> surely one of the other should be fixed, settings or permissions, via ubuntu/php
<qman___> the final reply sums it up best
<qman___> it's unfortunate but it provides the best default
<Tixos> lol
<Tixos> should i chown the DIR to root:www-data?
<qman___> it's a matter of which is worse, breaking security, breaking compatibility, or log noise
<qman___> right now there's log noise
<qman___> changing permissions break security
<qman___> and changing the setting breaks compatibility
<Tixos> can i 'loosen' them like he suggests
<Tixos> without breaking security
<qman___> not likely
<qman___> I would leave it as is, personally
<Tixos> makes reading logs painful :)
<qman___> second choice modifying the script with the @session_start();
<qman___> third choice disabling the feature
<Tixos> guess i can grep the errors out though
<Tixos> what does the @ do ?
<qman___> suppresses errors for that line
<Tixos> nice.
<Tixos> :)
<Tixos> ty
<stgraber> hallyn: just noticed a few more services failing because of the lack of net-device-up of 'lo'. I'll upload a new ifupdown including a new upstart job emitting the needed net-device-added and making everything work for containers.
<Tixos> If i am using a SSL virtualhost, like the default one in ubuntu, so i replace _default_ with serverIP or domain name?
<Jeeves_> Tixos: No, why?
<Jeeves_> Will you be using multiple vhosts ?
<Tixos> what should it be?
<Tixos> the domain name?
<Tixos> getting some 408 errors, wondering if its related at all to bad config
<Tixos> but like this, what does it mean
<Tixos> [12/Feb/2012:16:26:38 -0600] "-" 408 145 "-" "-"
<Tixos> any ideas? getting quite a few, should i jack up max clients or something?
<Tixos> keepalive timeout ?
<shauno> tum tee tum
<shauno> gah, wrong window, sorry
<koolhead17> hi all
<fraterm> hello there
<koolhead11> hi fraterm
#ubuntu-server 2013-02-04
<azbyin> hi all..
<azbyin> i've got a windows2003 virtual running within kvm. I have enabled remote desktop within the virtual machine. How do I now access this remote desktop when connecting from outside my linux box?
<azbyin> i tried rdp over an ssh tunnel, but am unable to get a connection to the internal vm
<guideX> I know this is a little off topic, but how do I point my ubuntu 12.10 lamp apache to a website on my hard drive? I did the etc/hosts, or maybe someone knows a good link
<guideX> i've already done the etc/hosts part
<patdk-lap> dunno what /etc/hosts has to do with it at all
<patdk-lap> you need to do something in /etc/apache/sites-enabled/
<guideX> oh so I can type dev.mywebsite.com in the browser
<guideX> ah ok
<guideX> i will check etc/apache/sites-enabled
<guideX> hmm there is no apache folder in etc
<guideX> I had this problem with a tutorial i found too
<virusuy_> guideX: do you want to resolve dev.mywebsite.com locally, right ?
<virusuy_> so, if you go to dev.mywebsite.com , will show your local lamp server
<virusuy_> right ?
<guideX> yes
<guideX> I think I have that part working, but how do I setup the site too?
<guideX> how do I tell apache where my site is
<virusuy_> where do you have it ?
<virusuy_> in wich directory ?
<guideX> hmm 1 sec..
<guideX> let me find the patrgh
<virusuy_> apache by default looks at /var/www
<guideX> I have it in /home/ubuntu/dev
<guideX> and then a folder off of that
<virusuy_> then just copy your folder to /var/www
<guideX> oh
<guideX> so only one at a time? I was hopeing to dev others from this server
<virusuy_> oh
<guideX> was hopeing I could do like dev.whatev.com and dev.whatev2.com etc
<guideX> pointing to different folders
<virusuy_> and point those to diff folds?
<guideX> yeah
<virusuy_> oh, then take a look at this
<virusuy_> http://httpd.apache.org/docs/2.2/vhosts/name-based.html
<guideX> cool thanks
<virusuy_> That will explain (even better than me) how set up what do you want
<guideX> i'm checking it out now, thx
<virusuy_> yw
<guideX> ah so just make new files in sites-available eh
<azbyin> guideX, yes.. then just symlink them into sites-enabled as you need them or just use a2enmod (which does pretty much the same thing for you)
<azbyin> err.. a2ensite
<guideX> in a gui?
<guideX> I would much perfer that heh
<guideX> I will check that out
<azbyin> nah, its not a gui.. after you make the conf in sites-available you need to enable it
<guideX> ah ok
<azbyin> the process is really just: (i) make symlink in sites-enabled (ii) reload apache conf
<guideX> hmm ok
<guideX> heh I don't think it worked
<guideX> but I learned a lot more, thanks i'll keep trying
<Darm0k> hi
<Darm0k> do i need to re-compile a module with change from 3.5-0.22 to 23?
<Darm0k> hi
<Darm0k> i hope no because i don't know to compile the module with another knerl
<guideX> is there some way to troubleshoot when it's not working
<guideX> when I put my virtual host in the url the page doesn't come up
<guideX> is there a tool that does this for you?
<guideX> for noobs like me?
<guideX> like iis manager...
<guideX> when I run 'service apache2 reload' i get these errors, do you know what to do? www.nomorepasting.com/getpaste.php?pasteid=39093
<azbyin> guideX, did you run: sudo service apache2 reload   ? or did you run it without sudo?
<guideX> after sudo it's better, but not perfect.. I still get the namevirtual host error..
<guideX> is there something wrong with my sites-available file? www.nomorepasting.com/getpaste.php?pasteid=39094
<guideX> I still go to the "It works!" page when visiting dev.testsite.com
<guideX> not my test page
<guideX> any ideas?
<azbyin> guideX, change <VirtualHost *> to <VirtualHost *:80>
<guideX> ok
<azbyin> try that, otherwise you need to /join #apache  and ask there :)
<guideX> i'm there
<azbyin> also, just try sudo service apache2 restart
<azbyin> just to be sure there are no issues with simply reloading the confs. (there really shouldn;t be any issue with just reloading)
<guideX> omg it worked
<guideX> thanks!
<guideX> I see my test page
<azbyin> http://httpd.apache.org/docs/2.2/mod/core.html#virtualhost  if you read that page, it says: ... Addr can be: * the ip addr of vhost, * fqdn (not recommended), * the character '*', which is used only in combination with 'NameVirtualHost *' to match all IP addrs, or * the string _default_
<guideX> oh i see
<azbyin> and the first example actually uses *:80,  http://httpd.apache.org/docs/2.2/vhosts/examples.html
<azbyin> even though it actually has NameVirtualHost *:80
<azbyin> guideX, theres something called webmin, it provides a web interface for system management. not sure how good its apache conf integration is
<guideX> hmm I will give it a shot, it might be quicker for me.. I'm more used to iis7 which has a ui you can deal with instead of these commands which for me are intimidating atm
<azbyin> sure will be intimidating now, but trust me editing the conf file (and having this insanely good documentation) provides much more flexibility (+power) :)
<guideX> does zend pages require an install?
<guideX> or just lamp + mysql will do
<Deep6> anyone here done ldap based layered autofs mounts?
<thomedy> help help help please
<thomedy> i have a  a lamp install and i idid it at xampp for linux... and when i started it i found that i had a webserver running already so istopped that an dhtne it said ihad a webserver with ssl running already so i followed the steps at the ubuntu website and now ican start it
<thomedy> but i cant get localhost/xampp
<SpinningWheels> any weigh-ins on best method to mount a folder from a remote machine over a LAN (encryption not necessary).
<qman__> sshfs is the simplest, since you probably already have ssh installed
<qman__> other common options are nfs and cifs/samba
<SpinningWheels> awesome, thanks for the suggestions
<thomedy> please help
<thomedy> i finally got lampp / xampp re running on my comp
<thomedy> but they have  anew security concept that is ruining my day
<thomedy> i googled it and followed a couple tuts and restarted /opt/lamp/lamp
<thomedy> but still no access
<thomedy> its gotta be local
<thomedy> i am local
<qman__> that's not a supported configuration
<thomedy> what one am i supposed to use
<qman__> you should use the ubuntu server guide on LAMP to set up your web server
<thomedy> i juwt want to right code here.. im getting frustraited
<qman__> start over using the server guide, not the xampp setup
<thomedy> okay... i know this is ubuntu and i should command line the shit  out of everything but ihave everything im doing already i just need my server im sorry .. your aamazing and awesome for helping
<thomedy> is this going to be quic
<qman__> yes
<qman__> it takes about 15 minutes
<cfhowlett> thomedy, it's a server.  Not likely to be "quic"
<thomedy> okay thank you.. i can do 15 as long as i can see an end in site
<qman__> you install from disc as normal, then at the end, you check the box next to LAMP
<Deep6> SpinningWheels: autofs
<qman__> drop your files in /var/www
<qman__> that's all there is to it
<thomedy> wait i cant reinstall my ubuuntu... is that what your recommending?... am i being difficult... this was working 3 hours ago but i was tryi ng to set up mail and i have never done this im not so good at the admin stuff yet because my work doesn't cal for it all that much
<thomedy> do i have to reinstall ubuntu to do this
<qman__> yes, I am recommending you reinstall ubuntu, because you've installed third party software manually, which can (and probably has) break the built in software
<Darm0k> how to depmod for a other kernel e.g instead 3.5.22 3.5.33 if running 3.5.22
<thomedy> okay while i realize that what your recommending is absolutely right... thats just not an option for me.. so if that means your unwilling to help..â i understand and i still think your great
<SpinningWheels> autofs doesnt sound like what i need, but that does sound very useful. :P
<Darm0k> i have to install a driver into 23
<SpinningWheels> i've got 8 different verions in my /boot, do i get rid of them by deleting them or is there some process that i need to use?
<cfhowlett> SpinningWheels, I'm assuming you mean old kernels.  you can delete, but best practice is to keep at least ONE old version in case an upgraded kernel breaks your system
<SpinningWheels> yes, and okay. thx
<sword23> any one use ksplice?
<yolanda> hi, i tried to install mongodb package on raring, but service isn't starting, and doesn't write any logs, do you know if package is working ok in raring?
<PenguinCSC> I have a small computer technicians lab. I want to install a server to serve as a VM Machines and file sharing
<PenguinCSC> anyone can point me to a good step-by-step guide?
<melmoth> PenguinCSC, https://help.ubuntu.com/community/KVM/ for the vm part
<melmoth> PenguinCSC, for file sharing, it depends what you need. Easy option are nfs ,apache or ftp.
<D0minat0r> Hello everyone! Does nyone know if its possible to make rar arhcive on ubuntu server?
<D0minat0r> I got Sample.mp3 that i want to make to Sample.r1 Sample.r2 and so on, like a scene released is packed
<RoyK> D0minat0r: 7z supports rar
<sandstrom> Something on my machine is sending emails, `/var/log/mail.log` shows about 1 attempt per minute, how can I investigate?
<RoyK> sandstrom: can you pastebin some logs?
<sandstrom> RoyK: yes
<sandstrom> RoyK: http://pastie.org/private/cfamt4poa1mil8m3gjblg
<RoyK> hm... dunno, sorry
<sandstrom> RoyK: there is a sendmail process started every minute, can I run some commmand that shows what script/process initiates sendmail?
<RoyK> check cron
<sandstrom> RoyK: It's not a cron job
<melmoth> sandstrom, what does the logs says ? you should have a sender adress there.
<RoyK> dunno, then - I don't use that MTA
<melmoth> as well as a recipient
<RoyK> melmoth: doesn't look like sSMTP even logs that
 * RoyK sticks to postfix
<melmoth> ahh, ssmtp. this will not help :)
<sandstrom> I tried disabling the cron scripts under `crontab -e` and it keeps trying to send. But perhaps I shouldn't rule out cron entirely, it could be the cron job of some other user too.
<melmoth> can you send mail with ssmtp ?
<melmoth> may be it s doing this for each and every mail ?
<melmoth> and may be the error message that should be bounced got trap in an infinite loop this way or something ?
<sandstrom> I just got this `www-data 29488  0.0  0.1  32648  1960 ?        S    Apr02   0:00 /usr/sbin/sendmail -i -FCronDaemon -oem www-data` off ps aux
<melmoth> looks like a web application is trying to send mail (www-data)
<melmoth> i wonder what the -F option is for
<RoyK> sandstrom: check /etc/cron*
<RoyK> or perhaps try to stop cron for a few minutes
<sandstrom> I've shut down the webserver, that didn't make any difference. I've also checked /etc/chron* and found nothing
<sandstrom> (there are a few cron scripts, but nothing that would explain this)_
<RoyK> did you try to stop cron?
<sandstrom> I'll try
<sandstrom> Stopping cron seems to shut it down
<RoyK> then there's a cron job running every minute :P
<RoyK> cron is configured under /etc/cron* and /var/spool/cron/crontabs/
<_ruben> probably a crontab for user www-data .. got some devs who tend to put stuff there as well .. annoying as fuck
<IdleOne> _ruben: No need for swearing.
<_ruben> heh .. got me confused there a bit .. somehow i read that as "no need for answering" .. guess i need me some glasses :)
<sandstrom> _ruben: RoyK I think you are right, I'll investigate further
<IdleOne> hehe, no. Please answer allthe questions you like
<_ruben> ;)
<IdleOne> some of the ones you don't like also, just keep it clean :)
<sandstrom> _ruben and RoyK Thanks, it was indeed a crontab for www-data, it's squelched now. Your help is much appreciated!
<_ruben> good :)
<zul> Daviey: im going to re-upload python-pecan with a fixed debian/copyright this ftbfs for ceilometer is starting to bug me
<D0minat0r> Anyone knows any good video splitter for ubuntu server?
<Daviey> zul: there is a new dep that yolanda is working on aswell
<zul> Daviey:  w3m?
<Daviey> hah, no
<Daviey> it's in her PPA.. maybe she needs sponsorhsip?
<zul> is the the one i reviewed on friday?
<Daviey> talk of the devil
<yolanda> i reboot a minute and i loose all the fun :)
<yolanda> zul, yes, the python-wsme dep
<zul> yolanda: cool which ppa is it in?
<yolanda> zul, it's only the source in my launchpad branch
<zul> yolanda: heh url please im kind of lazy this morning :)
<yolanda> https://code.launchpad.net/~yolanda.robla/+junk/python-wsme
<zul> cool thanks ill get it uploaded today
<yolanda> great
<huttan> Anyone here who are familiar with configuring ldap server/clients? I have some problem with shared sudo authentication
<therianthrope> Hey there. I am here to see if there is a way to report abuse and get information about a user of try.cloud.ubuntu.com who connected to my IRC network and compromised some NickServ passwords.
<therianthrope> We have dates and times of the attack, as well as IP and Hostmask. Who can we contact for an abuse report?
<patdk-wk> this is normally why there is an abuse address for ip addresses
<therianthrope> The user was using a try ubuntu cloud account. The abuse contact was AWS.
<patdk-wk> ah, it's hosted in ec2
<therianthrope> AWS provided no help, saying they don't control the IP in question.
<therianthrope> Does canonical have an address I can contact for people spawning these free trial servers and committing abuse against our IRC network? We have banned access from them, but this user needs to be delt with.
<therianthrope> Is there any abuse address for the service?
<zul> therianthrope: you might be able to use the feedback form
<RoyK> therianthrope: I beleive #freenode is a good place to start
<therianthrope> this has nothing to do with freenode.
<therianthrope> This user abused -my- IRC network, from -your- service.
<RoyK> oh
<RoyK> *your* network
 * therianthrope nods.
<Myrtti> from Canonicals service
<RoyK> usually abuse@isp.tld
<Myrtti> not "our"
<ilj> hi, I was wondering how to interpret {a} in linux-headers-3.2.0-34{a}. I see that when I do aptitude install linux-headers-3.2.0-34. When I was removing other kernels, aptitude sweeped 3.2.0-34 as well and showed it as linux-headers-3.2.0-34{u}. What do {a} and {u} mean?
<the_rat> Hello. I'm setting up a KVM machine with vmbuilder but I get a problem
<the_rat> I run vmbuilder and it creates the qcow2 files, but it doesn't define a domain. I can't see it in virsh list --all
<the_rat> The command I run is something like: sudo vmbuilder kvm ubuntu --suite precise --flavour virtual --arch i386 -o --ip 192.168.42.180 --hostname davide --part vmbuilder.partition --user davide --name davide --pass pass
<the_rat> I don't even know where to start debugging this. I see no error logs
<the_rat> Ok, this is the output from vmbuilder: http://paste.ubuntu.com/1609761/
<zul> jamespage:  ping https://code.launchpad.net/~zulcss/keystone/keystone-ftbfs/+merge/146482
<ruben231> hi guys how do i install ldap dependency..? or development..?
<ruben231> anyone have idea
<adam_g> Daviey: jamespage i'd like to put together the next round of openstack SRUs today. was it decided whether we want new ubuntu bug tasks for upstream bugs? re-reading discussion in #Ubuntu-release last week, seems like it can still go either way
<ruben231> hi guys how to install ldap dependency with ubuntu server 12.04 LTS
<jck77> anyone with knowledge on Tandberg tape backups ? TS400 ?
<zul> adam_g: ping https://code.launchpad.net/~zulcss/keystone/keystone-ftbfs/+merge/146482
<RoyK> jck77: isn't that lto-2?
<hallyn> roaksoax: hey!
<hallyn> roaksoax: could I get you to take a look at, and consider sponsoring, http://people.canonical.com/~serge/spice-tests.debdiff ?
<jck77> RoyK: yes
<jck77> I thing I just figured out
<hallyn> roaksoax: this could be the last step in getting spice MIRd so we can watch beautiful video from qemu from main
<adam_g> zul: thought i approved ?
<jck77> think*
<RoyK> jck77: what backup software?
<zul> adam_g: ah ok i didnt see it
<jck77> bat
<jck77> but I can't see the tape on the GUI
<patdk-wk> bat?
<jck77> bacula
<RoyK> try #bacula
<jck77> thx
<jamespage> adam_g, new ubuntu bug tasks are not required.
 * jamespage looks at bug bug 1069597
<uvirtbot> Launchpad bug 1069597 in juju "juju, zookeeper, and disk usage" [High,Confirmed] https://launchpad.net/bugs/1069597
<adam_g> jamespage: i know they are not required, but do we want them? im looking at the new stable nova release, there are 0 bugs with ubuntu tasks.
<adam_g> (assuming we tag anything we open v-done)
<jamespage> adam_g, no - under the terms of the MRE they are not required :-)
<jamespage> it sufficient to generate the changelog and reference the bugs but not actually close them
<jamespage> adam_g, if that makes any sort of sense
<Daviey> smoser: Hey.. If i wanted to run cloud-init on first boot from a d-i install, with a preseeded config (nocloud).. [what work do you think would be involved?
<smoser> you'd have to buy me a beer.
<smoser> are you asking how you woudl write the 'nocloud' datasource ?
<Daviey> smoser: no.. I'm asking for a d-i preseed to JFDI ;)
<smoser> so you want to input a blob of cloud-config to d-i ?
<Daviey> smoser: I wonder how well cloud-init works with a d-i install
<Daviey> smoser: No, i want to pre-declare during d-i some code to run on first boot.  With cloud-init being the harness
<adam_g> jamespage: by that you mean, continue to include bot parsable bug references in the changelog?
<Daviey> smoser: ie, run cloud-init on first boot, with a pre-provided datasource.
<smoser> right. so this is essentially a combination of how maas interacts with cloud-init
<Daviey> smoser: yeah!
<smoser> and how i was invoking the fast path installer
<jamespage> adam_g: yes - so if a end-user wants to check the openstack project bug report out thats fine
<jamespage> so (LP: XXXXXX) rather than (LP: #XXXXXX) which would also generate a Closes
<jamespage> adam_g: I think most ubuntu based terminals will understand how to link to that :-)
<adam_g> jamespage: still unclear to me, sorry. we want bugs /w no ubuntu task to use the (LP: XXXXXX) format and those /w ubuntu tasks to use the (LP: #XXXXXXX) ?
<Daviey> adam_g: If there is already a ubuntu bug task then give it a proper closes statement, if there isn't a ubuntu bug task... then use the fake format
<Daviey> adam_g: Ie, don't open tasks purely for SRU procure  - creating noise
<Daviey> adam_g: "Nova fails to properly initiate iptables on centos" wouldn't require a ubuntu task.
<Daviey> jamespage: That is your understanding, right?
<Daviey> adam_g: As we already poll LP with the tooling we wrote, it shouldn't be that complicated, right?
<smoser> Daviey, it can work. and we can/should make the nocloud datasource be selectable all from config.
<Daviey> smoser: do you have capacity to write a quick standalone preseed demoing this?
<jamespage> adam_g, Daviey: yes that is my understanding
<smoser> Daviey, i can. give me a minute to finish up what i was working on
<sweettea> Anyone know how to increase the number of written leases on a dhcpd server?
<Daviey> smoser: thanks :D
<adam_g> Daviey: right, its a tiny change. my concern is whether or not a proposed SRU with *no* related ubuntu bug tasks actually shows up on the SRU radar (except the meta-bug, if we still do that?)
<sweettea> I think my dhcpd server is not sending out more addresses b/c of a limitation the dhcp.leases file has
<sweettea> dhcpd: Wrote 200 leases to leases file.
<sweettea> the range is much higher
<sweettea> but it always writes only 200 leases on this file
<RoyK> jck77: bacula is a great backup system, but is has a rather steep learning curve
<Daviey> I think we are still doing the metabug, jamespage ^ ?
<jck77> RoyK: I can see
<jck77> a lot of doc to read
<RoyK> jck77: yes, or ask on #bacula - specific questions are usually answered quickly
<yolanda> i have a new nice template here: http://serverteam.ysoft.biz/ - comments, proposals? i will only accept the nice ones :)
<patdk-wk> yolanda, sadly, that hurts my eyes
<TheLordOfTime> what patdk-wk said
<hallyn> roaksoax: uh, on second thought, please DISREGARD my request about spice
<genii-around> I thought perhaps someone in here may know... If I have some old telco stuff someone wants to pick up for free, is there a good channel to announce that in on freenode?
<genii-around> eg: Norstar ( Meridian) NT5B20 wallmount with DR5 module.. Bayly OMNIflex 19" rackmount with T1 Quad card 051539, one PairGain HRU-402 HDSL endpoint card in single card enclosure box, one ADC H2TU-R-402 HDSL endpoint card in double card enclosure box.
<jaimevg123> Buenas, sucede lo siguiente: Ando en la configuracion de una VPN utilizando openVPN sobre ubuntu 12.04, no es la version server pero ya esta adapatado y tiene un server funcionando sobre el. Para la configuracion de la VPN he seguido el siguiente manual (http://www.deigher.com/2012/07/instalar-openvpn-en-ubuntu-12-04-lts/), todo marcha bien, tanto el server como los clientes los he configurado y me generan la interfaz tun0, a la hora de llevar a c
<jaimevg123> Correcion: he intentado solucionarlo pero sigo .... (Si he intentado)
<sarnold> jaimevg123: try #ubuntu-es ?
<jaimevg123> sarnold, I tried that, no one gives me solution
<jaimevg123> really, I need to fix this. If I have to speak in another language I'll try
<sarnold> jaimevg123: can you restate the problem in english? (your english is better than my spanish :)
<jaimevg123> mmm ok wait
<jaimevg123> I set up a VPN with OpenVPN. I follow the current system configuration of a server, given by the official documentation canonical, (https://help.ubuntu.com/11.10/serverguide/openvpn.html), I set the keys for the server and one client. When you reboot after changing openvpn server.conf and client.conf files generated tun0 interface. I try to initialize openvpn with the following in the terminal: openvpn server.conf and get the following: http://pas
<sarnold> jaimevg123: you were cut off at "get the following: http://pas"
<jaimevg123> mmmm
<jaimevg123> the following  http://paste.ubuntu.com/1610433/ . I tried to resolve it, but I could not. If anyone has any comments, ideas, or possible solution thank you very much
<jaimevg123> when I try to make the connection between the server and the client, the client is trying to make the connections infinitely. Both are under Ubuntu 12.04
<sarnold> jaimevg123: rather than "openvpn server.conf" -- try /etc/init.d/openvpn restart
<jaimevg123> I did that before openvpn server.conf
<sarnold> jaimevg123: why are you running "openvpn server.conf" by hand? you should let the initscript do everything for you..
<jaimevg123> If you're right, but I have not been able to establish the connection and I'm trying everything.
<sarnold> jaimevg123: "TCP/UDP: Socket bind failed on local address [undef]: Address already in use"
<sarnold> jaimevg123: that says to me that the program is already running -- and trying to run another copy of it has failed
<sarnold> jaimevg123: I recommend, /etc/init.d/openvpn restart -- then try to connect with a client -- then look in the openvpn server logs for errors
<jaimevg123> ok y try
<jaimevg123> I try
<jaimevg123> sarnold, look http://paste.ubuntu.com/1610574/
<jaimevg123> but still can not make the connection between the server and the client.
<sarnold> jaimevg123: have you tried connecting a client yet?
<sarnold> jaimevg123: does the client provide any good logs? or an error message?
<jaimevg123> tun0 interface generates me, but I have not looked at the syslog
<maco> i followed this wiki page https://help.ubuntu.com/community/PostfixBasicSetupHowto and can now send and receive email from the command line (but haven't figured out how to specify which of my domains to use on the From when  using the "mail" command) or receive over imap to my phone, but i can't send from my phone through my server
<maco> netstat only shows unix sockets for smtpd, not any tcp sockets
<maco> how do i fix postfix to let me send email with my imap'ified phone?
<ikonia> maco: postfix is just an smpt server, it's not an imap server
<maco> ikonia: courier-imap is doing the imap side of things
<sarnold> .. but not being able to send is still postfix's fault :)
<maco> my attempt at sending from phone through postfix went belly-up
<ikonia> I may have missunderstood, what's the issue
<maco> phone autodetected 587 as the port
<ikonia> maco: what do you get, failed connection, a bounce etc
<maco> phone says "cannot connect to server (cannot connect to host)"
<zul> hallyn: i figured out the cause of that kernel-oops with qemu-nbd its a race in openstack
<ikonia> maco: is postfix listening ?
<maco> mmm nope apparently not. how do i make it listen then?
<ikonia> maco: in the config file is it set to listen on the default port 25 ?
<maco> ikonia: would that be main.cf or master.cf?
<ikonia> ooh good question, I'd guess master.cf but I'd have to check
<maco> i dont see anything about ports in either of them
<ikonia> maco: lets do an easy test, "telnet localhost 25"
<maco> ikonia: i did do that one yesterday and had it work, as i was going through the wiki page
<ikonia> maco: is it working now ?
<maco> yup
<ikonia> cool, so there is an smtp daemon listening
<ikonia> maco: so set your mail client to send via port 25
<ikonia> what happens
<maco> ikonia: cannot connect to server. (no valid authentication mechanism found)
<maco> that's with "authentication" set to "automatic"
<maco> anything else says "authentication not enabled" if i try it
<ikonia> have you set up any auth
<ikonia> (just scanning the wiki for what you've done)
<maco> beyond setting a unix password?
<ikonia> maco: just reading won't be a second
<ikonia> maco: as I'm reading that guide, the only auth I see setup is the ip range locking
<ikonia> maco: looks like it's only going to respond to "mynetworks" in that example
<ikonia> main: have you set the internal network range correctly
<maco> ikonia: i left it at the default. it didnt make sense to me to set it to include all the internal ips in rackspace...
<ikonia> maco: that's valid
<ikonia> maco: so that config is only going to repond/relay mail from anything in "mynetworks"
<ikonia> maco: so you'd need to open it up, but then setup a user/auth system to stop it being relayed
<ikonia> through
<maco> to avoid having one of those open relays that scared me into not setting this up two years ago when i got the domain?
<ikonia> maco: ok, so there are two things here (apologies if I'm underestimating your mail awareness)
<ikonia> there is getting mail - and sending mail
<maco> my mail awareness is "open relays are how your server gets blacklisted as a spammer"
<ikonia> the domain is good for "getting" mail, and for acting as a relay, eg: I'll only relay mail for that domain
<ikonia> however in terms of acting as a sender authentication method on the public internet, a domain won't really work (in your setup)
<hallyn> zul: what was it?
<ikonia> maco: basically what you've got there (from reading that config)
<zul> hallyn: nova was destroying the container while its still running
<ikonia> maco: is anyone can connect to your mail server to send mail to it....which is good, but only the people in mynetwork can connect to it to realy/send mail out of it
<maco> ikonia: i just mean i wouldve liked to have user@mydomain a while ago but shied away from it because id heard how easy it is to accidentally make an open relay and i didnt want to get in trouble
<ikonia> ahhh
<hallyn> so actually doing rm -rf of the rootfs contents whiel it was running?
<hallyn> zul: but really libvirt-lxc should be asked to create the container without the rootfs being in the namespace on the host...
<ikonia> sorry, thought you where suggesting using your domain as an auth model
<hallyn> zul: you have a fix then?
<zul> hallyn: agreed...i need to think about it
<zul> hallyn: probably umount the rootfs but not kill the qemu-nbd
<hallyn> zul: oh nova kills the qemu-nbd?
<zul> yeah
<zul> hallyn:  it umounts then disconnect the qemu-nbd soo still thinking
<hallyn> zul: there's no simple way to have nova not delete the container while it's running? :)
<zul> hallyn: yeah
<zul> it only affects qemu-nbd not lvm though
<hallyn> zul: right, without the qemunbd process, the container gets hung (i assume) not able to read from disk.  with lvm, you have pins to keep things from unreasonably going away
<zul> hallyn: exactly
#ubuntu-server 2013-02-05
<m_tadeu> hi...I'm using tomcat and I'm trying to change the amount of memory used by an application....which I'm failing to do
<m_tadeu> where should I set that?
<mortrca> I would really like to see an answer to the question posed here: http://ubuntuforums.org/showthread.php?t=2032129
<sarnold> (for the curious, mortrca's answer is that "apt-get install foo^" looks to install the "foo" task. neat. never seen that before, it's only been around since 2007...)
<patdk-lap> sarnold, the problem is probably that it was documented in the manual
<sarnold> patdk-lap: w/was/wasn't/  :) at least, searching for "\^" does not find it; nor does "task". heh.
<sarnold> patdk-lap: if it wasn't documented in the changelog, it'd be even harder to find...
<sarnold> (grepping for ^ in the apt source is .. surprisingly worse than one might suspect. :)
<patdk-lap> :)
<patdk-lap> it's documented under tasksel
<patdk-lap> https://help.ubuntu.com/community/Tasksel
<sarnold> haha, best part, it documents that it isn't documented anywhere.
<patdk-lap> :)
<patdk-lap> fun, I just upgraded postfix yesterday, and a new version comes out today
<sarnold> haha, figures... hope it's nothing too important for you :)
<patdk-lap> actually, no, that was dovecot
<patdk-lap> hmm, mem leak, and a null reference
<patdk-lap> not a huge deal, but
<sarnold> null reference in postfix? o_O I'm surprised.. it's always seemed like really awesome code. :)
<patdk-lap> The local(8) delivery agent dereferenced a null pointer while
<patdk-lap>     delivering to null command (for example, "|" in a .forward
<patdk-lap>     file)
<patdk-lap> well, that was one easy patch to apply
<patdk-lap> what I like to see :)
<patdk-lap> new version posted to my ppa <3hours after release
<ober_> http://zeniv.linux.org.uk/~ober/lvm_test seeing hangs when deleting a lvm snapshot. can easily reproduce on different installs of ubuntu server, but not on any other distor.
<SpinningWheels> anyone have any idea why an mdadm array would randomly go from /dev/md0 to a read-only on /dev/127? i cant find any errors in any logs that i've found. any ideas?
<cantah> Howdey, just looking for information regarding setting up a distributed (cluster) environment for email. Need some help in that direction
<Daviey> interesting... debian bug 699791
<uvirtbot> Debian bug 699791 in wnpp "ITP: sftpcloudfs -- SFTP interface to Rackspace Cloud Files and OpenStack Object Storage" [Wishlist,Open] http://bugs.debian.org/699791
<Daviey> more interesting than say, debian bug 699790 :)
<uvirtbot> Debian bug 699790 in wnpp "ITP: ftp-cloudfs -- FTP interface to Rackspace Cloud Files and OpenStack Object Storage" [Wishlist,Open] http://bugs.debian.org/699790
<maswan> lamont: Hey, do you have a guesstimate on the chances of the RRL patches making it into precise bind?
<Pupeno_w> I need to backup a lot of files to S3â¦ around 400k of them. I was using s3cmd sync so far, but it takes ages and it consumes too much memory. I think it's building a list, in memory, of all files, or something like that. Is there any other option for such a big amount of files?
<andol> Pupeno_w: Do some basic shell scripting, passing one file at the time to s3cmd?
<andol> Not that running ls on a 400k files folder is much fun, assuming all files are in the same folder?
<Pupeno_w> andol: if I decide to take that route, I'll probably write it in ruby and use as S3 library. But I'm trying to find a better alternative for now.
<Pupeno_w> andol: heheheâ¦ they are not in the same folder. They are spread through many folders carefully so no folder has a huge amount of files.
<phoenixsampras> how to install ubuntu from the network/.
<phoenixsampras> ?
<vezq> phoenixsampras: define network, you mean without console access?
<phoenixsampras> well, im in citrix, and it is asking me an url to get the installation files, etc
<vezq> no experience with citrix
<vezq> but could try some ubuntu download mirror
<phoenixsampras> what is a common url for a mirror? ramdisk... etc
<vezq> maybe this helps: http://serverfault.com/questions/404201/ubuntu-12-04-netinstall-url-xen-host
<phoenixsampras> oh fabulous
<phoenixsampras> http://archive.ubuntu.com/ubuntu/dists/precise/main/installer-i386/
<phoenixsampras> thats it
<phoenixsampras> Thanks!!
<hatake> help
<hatake> how to fix this http://dpaste.com/909494/
<vezq> hatake: first question, why do you compile squid?
<vezq> and then is your server clock correct?
<hatake> hmm, meaby date expired
<hatake> now installed ntp
<Pupeno_w> What's the name of that program that easily creates a package from source code (configure, make, make install)?
<rbasak> Pupeno_w: are you looking for dh_make?
 * rbasak doesn't use it though
<Pupeno_w> rbasak: why?
<Pupeno_w> nevermind
<Daviey> Pupeno_w: you are thinking of checkinstall.. but it's less than nice.. but still better thank just make install.
<Daviey> rbasak: ^
<rbasak> Ah, that rings a bell
<Daviey> talking of nasty tools, when was the last time someone here used alien to convert rpm to deb?
 * rbasak doesn't use that either :)
<Daviey> rbasak: good :)
<jamespage> zul: bug 981269, I think I'll ask the reporter to get it committed to stable/essex and then we can pickup in the next SRU
<uvirtbot> Launchpad bug 981269 in openstack-dashboard "instance_type is still set as a property value of "none" even when flavors cannot be retrieved" [Medium,In progress] https://launchpad.net/bugs/981269
<zul> jamespage: or we could do it on his behalf :)
<jamespage> zul: it looks a suitable candidate to the stable/essex branch to me
<jamespage> zul: however the upstream gerrit review is abandoned
<jamespage> zul: and the backport does not include the tests...
<zul> jamespage:  yeah buts its horizon
<zul> jamespage: im not too thrilled it adds an extra dependecy as well
<yolanda> Daviey, zul: https://code.launchpad.net/~yolanda.robla/ceilometer/grizzly
<yolanda> i did some changes in the ceilometer package
<catphish> what is the correct way to specify a secondary ipv6 address in the interfaces file?
<RoyK> heh - reading the linux-raid mailing lists shows tons of "recover from raid-5 with double disk failure" threds...
<jamespage> zul: what do you want todo with it then?
<wmp> hello, i want to change order in init script. Now i have networking before fstab, and i want change this.
<wmp> http://serverfault.com/questions/475589/how-to-change-upstar-order-network-after-fstab
<zul> jamespage: the horizon thingy?
<jamespage> zul: yah
<zul> jamespage: ill do it
<jamespage> zul: is that likely to make it upstream or should we just accept the patch into Ubuntu?
<zul> jamespage: yeah i didnt know why it sat idle
<zul> jamespage: i just woke up so.... :)
<jamespage> zul: lol - well it looks OK; the actual fix is inline with that in Folsom even if it does not include the test cases
<zul> jamespage:  yeah looks ok
<zul> jamespage: the essex packaging for horizon will need to be updated
<jamespage> zul: guh
<jamespage> yolanda: whats the status on the essex sru's that are in the -proposed branched in the lab?
<yolanda> jamespage, don't know about it, i raised the bugs but haven't received any notice
<jamespage> yolanda: do you have the bug reference?
<yolanda> let me check
<jamespage> ta
<yolanda> mm, i've found an old one that i did, but i marked that as invalid because i joined all in a single bug, still searching
<yolanda> https://bugs.launchpad.net/ubuntu/precise/+source/keystone/+bug/1089488
<uvirtbot> Launchpad bug 1089488 in nova "Meta bug for tracking Openstack Stable Updates" [Undecided,Confirmed]
<yolanda> that's it
<yolanda> no progress since i filed it
<jamespage> yolanda: hmm - that is somewhat unsatisfactory - I wonder what the hold-up is
<jamespage> the updates where uploaded in December...
<yolanda> i know
<yolanda> can i do something to speed it?
<jamespage> yolanda: poke the SRU team; I'd do it via the tracking bug first and then on irc a day or so later...
<yolanda> i add a comment on the bug?
<jamespage> yolanda: yes
<rbasak> The 12.04.2 freeze is holding up all SRUs right now, isn't it?
<jamespage> rbasak: hmm - probably - but this has been in queue since last year
<jamespage> rbasak: TBH we don't ship these packages so its irrelevant for the ISO's; but it would be nice to push these out.
<Castrol> hi
<Castrol> I upgraded my 12.04 server and restarted, and now dnsmasq doesn't seems to serve DHCP requests
<Castrol> I see an UDP listening port at: 0.0.0.0/67
<Castrol> But, how can I perform some kind of PING to test the connection?
<zul> yolanda: can you have a look at the python-pecan stuff? you can find it ay http://anonscm.debian.org/gitweb/?p=openstack/python-pecan.git
<zul> Castrol:  by pinging an address?
<yolanda> zul, is there any problem?
<zul> yolanda:  just licencse issues
<yolanda> ok
<Castrol> Castrol: I expect some kind of command like: udp_ping IP_ADDR 67
<yolanda> zul, is there any bug related to that?
<zul> nope
<zul> yolanda: https://lists.ubuntu.com/archives/ubuntu-archive/2013-February/045991.html
<yolanda> ok
<stetho> Is there a way I can do a dist-upgrade of a 10.10 Maverick server still? All the Maverick repos have gone from the servers.
<jcastro> https://help.ubuntu.com/community/EOLUpgrades
<jcastro> stetho: ^^ check that out
<stetho> Thanks. Exactly what I was after but couldn't find. That "google" thing is rubbish.
 * RoyK sniggers
<coker89> hi
<RoyK> ho
<coker89> i need help
<coker89> but, ,i englsih is so bad
<RoyK> !ask | coker89
<ubottu> coker89: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<zul> jamespage/yolanda/adam_g: Can you have a look? https://code.launchpad.net/~zulcss/python-keystoneclient/keystone-requests/+merge/146660
<coker89> what??
<coker89> idon't understand!!
<hallyn> ahs3`: debian import freeze coming up;  can you push netcf to experimental this week so i can request a sync? :)
<hallyn> stgraber: there's a blueprint WI for lxc to add RLIMIT_NPROC for userns.  My feeling is that is not particularly useful given other things that can be exploited - and default placement of system users into memory cgroups is better approach.  Disagree?
<stgraber> hallyn: well, finding ways to avoid fork bombs is still relevant, memory cgroup helps there but you have to put a very strict quota to avoid running out of PIDs
<stgraber> hallyn: ultimately where it's implemented doesn't matter a lot but I think we want some way to prevent a given container to use all of the hosts' PIDs
<hallyn> i'll have to check, but seem to recall that by default it has far fewer pids anyway
<hallyn> i could be wrong about that
<tangomike>  /j #centos
<hallyn> traitor
<hallyn> all right - i guess rlimit_nproc for the host uid really is a convenient place for it.
<jamespage> zul: reviewed
<jamespage> and approved
<zul> thanks
<decci> Hi Guys
<decci> I have Ubuntu 12.04.1 which I want to install directly on compellent SAN. I am using Intel I350 card but its not detecting the SAN at install time
<decci> Just to get some more clarity, I installed Ubuntu 12.04.1 on local disk and then tried installing open-iscsi and see if it sees compellent SAN. I got this:http://paste.ubuntu.com/1613270/
<decci> May I know if the output shows if it detects compellent SAN
<zul> jamespage:  and another one: https://code.launchpad.net/~zulcss/python-novaclient/novaclient-requests/+merge/146678
<nwilson5> silly question, but in the shell doing "cat file1 file2 file3" will show the text in the order of the files you cat right
<sarnold> yes
<sweettea> im new to ubuntu server, what is the equivalent of chkconfig ?
<sweettea> The program 'sysv-rc-conf' is currently not installed. You can install it by typing:
<sweettea> is it not that?
<sarnold> sweettea: the upstart init replacement changed a few things (imho, mostly for the better)...
<sarnold> sweettea: to list all jobs, initctl list  -- http://upstart.ubuntu.com/cookbook/#list-all-jobs
<sweettea> sarnold: thank you
<sarnold> sweettea: that's often enough, because upstart assumes if a service is installed, that you want it to run
<sarnold> sweettea: but you can disable services easily using an .override file: http://upstart.ubuntu.com/cookbook/#override-files
<maxb> Alternatively, not everything is converted to upstart, and for classic /etc/init.d/ type stuff, it's generally a good idea to have a look in /etc/default/<service>
<sweettea> I just need to see whats running by default, so to disable it
<sweettea> for example on rhel theres always the stupid NetworkManager
<sweettea> im using a 12.10 box as a virt container, so I need to update security, disable everything not required, and edit iptables
<sarnold> sweettea: if you don't want something running, maybe uninstall it :)
<sweettea> understood
<sweettea> but i just dont know whats what yet, learning :)
<hatake> what best for cache content dymanic, squid 3.x or lusca ?
<eagles0513875_> hey guys im running postfix + dovecot on 12.04 and the client is connected using pop3s i was wondering are there any known issues with pop3 over ssl on ubuntu
<zul> adam_g: https://code.launchpad.net/~zulcss/python-novaclient/novaclient-requests
<jaimef> http://zeniv.linux.org.uk/~ober/lvm_test creating a lvm snapshot, then trying to delete it on 12 server results in errors and system hang. been able to repro on 3 different systems.
<supNow> Hello all I have a quick question I'm sure someone in here could answer very easily...
<supNow> I setup lamp on ubuntu-server and installed phpmyadmin. I then switched the apache directory to one in the home directory. I was able to install a site using the db information I setup with phpmyadmin which was done before changing directories and the site that was setup after changing directories installed with no issues... however I can only pullup the login page for phpmyadmin now, when I try to login I get a NOT FOU
<supNow> ND?
<RoyK> !asm | supNow
<supNow> the index.php file it is referencing is still in the phpmyadmin folder so I'm not sure why it's not finding it
<RoyK> wonder perhaps if this quiestion is better answered in #phpmyadmin
<resno> RoyK: when you do email what do you do/use?
<adam_g> jamespage: Daviey zul just proposed the 2012.2.3 folsom changelogs into the lp:~openstack-ubuntu-testing/$foo/folsom branches. adjusted our scripts to only add a proper bug ref if there is an ubuntu task open. still using the metabug. let me know what you think
<Daviey> adam_g: keystone empty ?
<Daviey> adam_g: erm, i thought we were doing "LP: #Already-ubuntu-bugtask" and "LP: No-ubuntu-bug-task"
<Daviey> ie, lack of a #.. meaning it doesn't get cuaght by regex.
<RoyK> resno: ?
<adam_g> Daviey: i opted for (LP: #Already-ubuntu-bugtask) + LP: No-ubuntu-bug-task, since (LP: #XXXXXX) is what i've alwasy used.
<adam_g> er
<adam_g> Daviey: (LP: #Already-ubuntu-bugtask) + LP: #No-ubuntu-bug-task.  does the latter get picked up the same as (LP: #XXXX) ?
<adam_g> i can quickly regen if so
<Daviey> LP: #x == (LP: #x)
<adam_g> ah, ill drop the # then
<Daviey> adam_g: you need to drop the #
<minorix> Does IPsec with ESP in Tunnel Mode contain a layer 2 header at all or just layer 3?
<sarnold> minorix: I'd expect just layer3; once it leaves one ethernet and travels to another network, it might be on a completely different layer 2..
<minorix> Ok, so the "packet" that is encapsulated by ESP would not have layer 2 information then
<minorix> I am trying to figure out how proxy ARP works in this sense
<sarnold> minorix: unless you're encapsulating l2, of course, something like l2tp?
<minorix> I have just a IPsec VPN
<minorix> For my VPN, I had a VPN client on the same subnet as internal hosts and without proxy arp enabled on the VPN router, the two could not talk
<minorix> So in this case, the router was responding to ARP requests for the VPN client
<Daviey> adam_g: Oh, dang.. a keystone sec vuln is landing shortly
<adam_g> Daviey: np. easy enough to rebase once it lands (happened last time). just wanted to get the tooling aligned to the new format/process in the meantime
<Daviey> adam_g: yeah, rocking!  thanks :)
<adam_g> Daviey: those branches are updated. also: http://people.canonical.com/~agandelman/folsom/keystone-2012.2.1-0ubuntu1.1~cloud0/ ready for staging
<adam_g> zul: ^
<Daviey> adam_g: too tired to look now, will gander tomorrow.. thanks
#ubuntu-server 2013-02-06
<keithzg> Hmm, I'm trying to mount an iscsi volume via UUID, but neither blkid nor listing /dev/disk/by-uuid seem to list it.
<Seven_Six_Two> I've got a server, and I've connected via xdmcp. both are on my lan. I've plugged a usb hd in to the server, an icon appears on my xfce desktop. When I click it, it says failed to mount, not authorized. I've installed gvfs, autofs, all ntfs packages. I've added my username to plugdev, disk, gvfs. I've rebooted.
<Seven_Six_Two> I'm using xfce4
<zul> adam_g: ill take a look tomorrow
<Seven_Six_Two> I also have almost all privs under user privileges
<Seven_Six_Two> still can't mount!!\
<Seven_Six_Two> option to automount is set in dconf-editor
<decci> Hi Guys
<decci> I have Ubuntu 12.04.1 to be installed on directly on Compellent SAN. While installing it is not able to see SAN. While CentOS is able to see that
<blkperl> decci: you probably need some driver or package
<decci> blkperl: What I did is trying installing Ubuntu 12.04.1 first on local disk and then trying installing open-iscsi and see if it detects the SAN
<decci> blkperl: Let me send paste the output
<decci> blkperl: http://paste.ubuntu.com/1614757/
<decci> blkperl: Can you look into this? I am unable to see SAN under /proc/partitions
<patdk-lap> you have a local disk installed?
<blkperl> decci: is it not sda?
<decci> patdk-lap: sda is my local disk
<decci> blkperl: sda is my local disk
<blkperl> decci: anything in the logs?
<blkperl> my iscsi knowledge is weak
<patdk-lap> what about: iscsiadm -m session -P 3
<sarnold> do I recall that the last time someone had problem with a compellent SAN that they might not have authorized the new machine on the SAN controller or something similar?
<patdk-lap> sarnold, well, he has two issues kindof
<patdk-lap> first, his i350 is setup for hardware iscsi, and centos sees it as hardware hba
<patdk-lap> but ubuntu doesn't seem to see it
<patdk-lap> second, is him playing with soft-iscsi
<decci> patdk-lap: correct
<decci> patdk-lap: sudo iscsiadm -m session -o show output is there
<patdk-lap> that is not what I asked for though
<decci> patdk-lap: let me try this command
<decci> blkperl: My VPN is creating issue. I will come back after 4-5 hours
<decci> blkperl: Will you be here to see those output and logs
 * patdk-lap will be long asleep
<decci> patdk-lap: I am back
<decci> patdk-lap: here is your output: http://paste.ubuntu.com/1614802/
<decci> patdk-lap: Here is the complete http://paste.ubuntu.com/1614805/
<decci> patdk-lap: Are you there?
<decci> blkperl: u there
<escott> decci, people go in and out of the channel at times
<decci> I think if I insert driver for openm-iscsi  into Ubuntu 12.04.1 image it should work
<decci> escott: ok
<escott> decci, if you want to give a quick recap others can take a look
<decci> I have Ubuntu 12.04.1 to be installed on directly on Compellent SAN. While installing it is not able to see SAN. While CentOS is able to see that
<sarnold> decci: patdk-lap said one of your problems might have been trying to use the software iscsi support when you've got a hardware card that should do it for you ... assuming you could get drivers for it loaded?
<decci> http://paste.ubuntu.com/1614757/
<decci> sarnold: I did tried that right...installing Ubuntu locally and then attaching it to SAN rather than directly installing onto the SAN
<decci> sarnold: All I am facing issue is with /proc/partitions while it is detecting the compellent SAN
<decci> sarnold: http://paste.ubuntu.com/1614805/
<decci> escott: Any views?
<escott> decci, i dont know anything about iscsi
<decci> escott: oh
<decci> escott: Can you help me how to insert driver into ubuntu image?
<escott> decci, if you just need a module in the initramfs you put it in in /etc/modules.d and then update-initramfs
<genii-around> I think it's more like /etc/initramfs-tools/modules
<escott> genii-around, cool thanks. i never knew about that file
<decci> escott: Can you forward me what steps I wouldneed
<jimmyz> newbie here - sorry... how do i figure out the ip address at which to access teh webhost running on a vm?
<xnox> jaimef: it would be nice to see all mounts between running the command. Also one should be calling $ udevadm settle , between lvm commands in such a script due to racing with udev.
<ruben231> hi guys... any help
<ruben231>  i have a mysql datasbed server which on critical Filesystem            Size  Used Avail Use% Mounted on /dev/mapper/opendatabase   128G  112G  9.6G  93% / <------------------------storage is almost full 93 pecent , any suggestion how do  i resolve this issue, im afradi i might break anything with existing databased, dont know what todo
<ztane> damnit nodejs, always too old for anything
<ztane> goin for chris-lea ppa
<ztane> ruben231: is it on lvm?
<ztane> can you give it more space or need to compress?
<lool> hey, not sure this is the best place to discuss cloud images, but wanted to mention that http://cloud-images.ubuntu.com/releases/lucid/release is gone or 403s since a couple of days, and I wondered whether this was accidental or intended
<ruben231> ztane: yes lvm
<smb> lool, I would suspect accidental, but I am not in the position to do anything.
<lool> Ok; I'll file a bug against ubuntu-on-ec2, hopefully that's the right place
<Daviey> utlemming: ^
<smb> lool, I wrote an email to Ben/Scott which I think may be in the position to change stings
<smb> things
<smb> Daviey, Since both of them are not really in this tz, I suspected email works better. :)
<Daviey> smb: You underestimate the power of scrollback highlights :)
<Daviey> But sure, thanks for sending it
<smb> Daviey, You underestimate the power of "meh, this is long ago" :-P
<smb> Maybe not so bad for them, but I usually only find someone having Samba issues...
<lool> smb: ah thanks; I filed https://bugs.launchpad.net/ubuntu-on-ec2/+bug/1117181
<uvirtbot> Launchpad bug 1117181 in ubuntu-on-ec2 "http://cloud-images.ubuntu.com/releases/lucid/release gone since a couple of days" [Undecided,New]
 * smb subscribed Ben
<lool> the sad part is that I notice some changes that might be bugs because it breaks for the lucid files I was mirroring, but the changes appear to date back to 10.10 timeframe because I hadn't updated my mirror, oh well
<ztane> ruben231: if you have space and the filesystem is resizeable, you can use lvextend -L +10G /dev/mapper/opendatabase
<ztane> ruben231: then if it is ext4 say, resize2fs /dev/mapper/opendatabase
<ruben231>  ztane: so i just add HDD..? coz during install i just used the default setting --> entire disk with LVM
<ruben231> would this do..?
<Yizi> need a expert advice on web server (ubuntu) should i host the virtual hosts in /var/www or home/username ?
<Ben64> /home/username is pretty much how everyone does it
<ztane> ruben231: the question is whether you used all the space already
<Yizi> ok another issue i have with that is when i assign a user to home directory e.g. /home/ben the user can access oher home directories
<Yizi> I just did it and ssh into the system
<Ben64> define "access"
<ztane> Yizi: there are patches to kernels where the users cannot read others files even though they would have "permissions"
<Yizi> being able to read/write files
<Ben64> shouldn't be able to write files for sure
<Yizi> right my first job is to move the site from /var/www to /home/
<Ben64> you could look into ACLs
<ztane> why?
<Yizi> i need to host 3 sites on one server
<Yizi> setup ubuntu and did the apache virtual host
<Ben64> https://help.ubuntu.com/community/FilePermissionsACLs
<Yizi> installed phpmyadmin with php all worked great, can see the site too but the only issue i have no is giving access directory access to the web design company
<Yizi> i followed this guide for setting up the virtual hosts https://www.digitalocean.com/community/articles/how-to-set-up-apache-virtual-hosts-on-ubuntu-12-04-lts
<ztane> Yizi: you also need php in safe mode / cgi if you really do not want the users to read the other users homedirs using the www-data account
<Ben64> a really good idea is don't host people you cannot trust
<Yizi> ok i will put the php in safemode now
<ztane> which will then mean that nothing really works :D
<Yizi> huh?
<Ben64> almost everything good requires safe mode to be off
<ztane> which means if the sites need to run anything substantial, you cannot use safemode
<Yizi> im pretty confused with this, i think i'll just give up on ubuntu really did try
<ztane> and instead need to configure php in some cgi mode or fastcgi or I do not actually know... so that the php actually runs with the user's account
<Ben64> if you're going to be doing shared hosting, you should trust all the people on it
<Ben64> otherwise, use vms
<ztane> Ben64: not necessary
<Ben64> its impossible to be 100% secure
<ztane> but 98 % secure
<ztane> meaning: if the users are not really malevolent...
<Ben64> so if they roll 20, critical hit and your server dies
<ztane> but really you wouldnt want
<ztane> do things like have 1 bug on 1 site mean that everyone can without any problems breach to all the other sites too
<Yizi> you are right the user is not a sudoer so it cant create anything or modify in other home direcories
<Yizi> it would just make it a lot easier if i could allow a user to access /var/www/domain.com so when they ssh they only have access to the folder
<Ben64> uh...i don't think its what you want.... http://www.binarytides.com/setup-a-jail-shell-with-jailkit-on-ubuntu/
<Yizi> how about setting up a FTP and assigning a user to access /var/www
<Ben64> whats your obsession with /var/www
<Yizi> because i spend 2 days setting up the site in /var/www
<Ben64> theres nothing you can do there you can't do in /home
<Yizi> ok guys does this sounds better now
<Yizi> created a home user
<Yizi> moved the whole site to their
<Yizi> renamed the virtual to point to the new location
<Yizi> so the site is now under /home/ben/domain.com
<Yizi> another home user can see the files on another home users directory e.g. cat index.php but isn't able to edit it, how can i stop them view the files
<Yizi> is there a simple permission file?
<yolanda> Daviey, jamespage, hi, what's best way to debug a hook? i tried with debug-hooks and running the hook there as it's shown in the manual, but i receive that error: subprocess.CalledProcessError: Command '['unit-get', 'private-address']' returned non-zero exit status 2
<RoyK> hrmf. seems if I want to snapshot a vm, it's suspended for the time the snapshot takes, which is several minutes
<Ben64> yeah
<smoser> jamespage, in virtualmaas http://bazaar.launchpad.net/~virtual-maasers/charms/precise/virtual-maas/trunk/view/head:/scripts/setup-maas how did you make the nodes search .virtualmaaas.com
<smoser> ie, when they boot i dont see how they'd have that in their search... or, maybe they dont, but they only end up with fqdn i guess.
<yolanda> zul, Daviey. Found a new problem with ceilometer. It has a requires for requests<1.0, but our version is 1.1.0-1, what should we do? do we pin that to the old version?
<Daviey> hgwehhwefhoiergw'jeoigboiegbkjpgjopgohigopjgekop
<zul> yolanda:  nope submit a patch upstream requrests<=1.1
<jamespage> smoser: not quite sure I understand the question?
<jamespage> do you mean the physical server or the kvm instances?
<yolanda> ok
<Daviey> zul: this caused some issues, https://review.openstack.org/#/c/21221/
<smoser> instances
<smoser> jamespage, i'm sorted, i think.
<smoser> maas dhcp doesn't send 'search' or 'domain-name' entries in ists responses.
<smoser> so the nodes can only resolve by fqdn.
<Daviey> zul: it's fixed with, https://review.openstack.org/#/c/21258/
<smoser> but thats ok, because theey only get fqdn (ie, when juju connects them to another node, they get the fqdn of the other node)
<Daviey> zul / yolanda: Therefore.... we are potentially screwed.
<zul> Daviey: gimme a sec
<zul> fuckers
<yolanda> oh, so we should stay under 1.0?
<zul> yolanda: thinking
<sarthor> HELP, Trying to ssh to one of my ubuntu-server installed machine 1 from ubuntu installed machine 2, I am not able to ssh , the message says, "ssh_exchange_identification: Connection closed by remote host". while I can ssh from other computers.
<zul> Daviey/yolanda: we can do something like this for python-keystoneclient
<SpamapS> zul: crazy idea.. patch ceilometer to work with 1.1 ?
<zul> SpamapS: its is a crazy idea
<zul> Daviey/yolanda: there is a mini transition going on  there is a transition going on i think, novaclient (https://review.openstack.org/#/c/20119/) and python-cinderclient (https://review.openstack.org/#/c/21222/ although the fix is not correct), and python-keystoneclient got reverted but im working on a proper fix.
<RoyK> sarthor: running denyhosts or something?
<yolanda> maybe we can put that on hold then?
<sarthor> RoyK: no
<zul> yolanda: it will make openstack uninstallable on ubuntu imho
<RoyK> sarthor: I've seen that if the host is in /etc/hosts.deny - otherwise, check the ssh logs
<yolanda> yes, problem is on ceilometer but also on the other packages i see...
<yolanda> from my side i can test ceilometer with newest requests version,
<zul> yolanda:  yeah im going through the other packages, novaclient was fixed yesterday in the upload i did to our openstack-ci
<zul> keystoneclient will be fixed soon, and keystone will be fixed soon as well
<sarthor> RoyK: I checked /etc/hosts.deny, there is entry of two IPs, sshd 192.168.1.82 and sshd 192.168.1.2, that 192.168.1.2 is the computer, from which i am tryin to access. I removed that two lines. but after a minute the lines again there. Why? and how to solve.
<yolanda> i must double check ceilometer deps again, this wasn't added and i found the problem when ceilometer wasn't starting
<RoyK> sarthor: check if denyhosts is running
<RoyK> sarthor: dpkg -l | egrep 'denyhosts|fail2ban'
<sarthor> RoyK: denyhosts    2.6-10   Utility to help sys admins thwart ssh crackers
<RoyK> bingo
<RoyK> cd /var/lib/denyhosts
<RoyK> grep for your ip there
<RoyK> that is
<RoyK> stop denyhosts first
<RoyK> then remove your ip from the files there
<RoyK> add it to allowed-hosts
<RoyK> remove it from /etc/hosts.deny
<RoyK> start denyhosts again
<sarthor> in which file I have to check my IP.
<RoyK> all of them
<RoyK> sarthor: adding your ip to allowed-hosts will whitelist it permanently
<sarthor> RoyK: there is hosts-valid file, no allowed hosts.
<RoyK> make it
<sarthor> and I deleted from all the files there. and then added to hosts-valid file , restarted denyhosts again.. this time I connected but the password did not work. and now added again to that /etc/hosts.deny
<RoyK> I said allowed-hosts
<RoyK> also, stop denyhosts, then clean up the files, then add to allowed-hosts, then start denyhosts
<sarthor> RoyK: there is no file name allowed-hosts in that directory
<RoyK> 15:55 < RoyK> make it
<sarthor> RoyK: Worked great. Thanks friend.
<sarthor> Thanks to All of you.
<ogra_> Daviey, poke
<Daviey> ogra_: poke yourself :)
<ogra_> haha
<Daviey> I need to dash for 10.
<yolanda> hi, what's syntax in debian/control to specify a min and max version for a package?
<zul> yolanda: https://code.launchpad.net/~zulcss/python-keystoneclient/fix-requests-2/+merge/146887
<yolanda> ok
<yolanda> magical patch
<yolanda> done
<zul> jamespage: ping keystone testsuite runs fine now (needed to fix the python-requests building of python-keystoneclient)
<jamespage> zul: great!
<sarthor> HI, please help me. .pl URLs are downloading instead of displaying
<genii-around> sarthor: Do you have libapache2-mod-perl2 installed and enabled?
<xiaoy> When i use ssh with my DNS Tunnel (dns2tcp) i always get "Connection to localhost closed by remote host." by the ssh server on the DNS server host...
<genii-around> sarthor: eg: sudo apt-get update && sudo apt-get install libapache2-mod-perl2   ... then make sure that the file perl.load is in /etc/apache2/mods-enabled   and do sudo service apache2 restart
<yolanda> zul https://code.launchpad.net/~yolanda.robla/ceilometer/grizzly/+merge/146899
<zul> yolanda: have you tested this?
<yolanda> zul, i've done a build
<zul> and it isntalls?
<yolanda> you have to manually install pecan, wsme...
<yolanda> but after all is fixed, it installs
<zul> yolanda:  i think the tools/test-requires for ceileometer is not complete because you need pep8 for the tools/hacking.py
<yolanda> let me check
<yolanda> it's not listed in tests requires?
<yolanda> and not on pip requires even
<yolanda> should i submit a patch?
<zul> yolanda: please
<yolanda> ok
<Note> Hi guys, does anyone know whether a 512MB Ubuntu server is big enough memory to run a very small web server and a znc?
<Note> As well as a few other things I might want to add in the future
<rbasak> Note: that meets the minimum requirements: https://help.ubuntu.com/12.10/serverguide/preparing-to-install.html#system-requirements
<rbasak> Note: I don't see why you'd have a problem for a minor web server
<Note> Ok, thanks :)
<adam_g> zul: http://people.canonical.com/~agandelman/folsom/keystone-2012.2.1-0ubuntu1.1~cloud0/
<adam_g> jamespage: ^
<zul> adam_g: +1
<zul> adam_g: i swear i was going to get to that today ;)
<sweettea> where is the proper way to edit iptables rules on ubuntu-server ?
<patdk-wk> sweettea, not to
<patdk-wk> use like ufw or something
<sweettea> I dont want to install ufw
<sweettea> I was just reading about it
<sweettea> if I make iptables edits, is there a iptables save function
<sweettea> that will reload on boot, etc?
<sweettea> https://help.ubuntu.com/community/IptablesHowTo
<sweettea> iptables-save
<sweettea> :)
<yolanda> zul https://review.openstack.org/21338
<hallyn> ahs3: woohoo, thanks
<yolanda> zul, saw the comments for dhellmann? is that right if that is added in tox.ini? should we also consider that file?
<zul> yolanda: yeah it needs to be test-requires as pep8==1.3.3
<yolanda> although it's already listed in other files as dhellmann says?
<ahs3> hallyn: np
<zul> yolanda: yes
<yolanda> ok
<yolanda> i'll modify the proposal and answer
<yolanda> why is that pinned to that version?
<zul> yolanda: its standard across openstack projects
<yolanda> zul, can you check the openstack-metering channel? i don't have arguments to explain that
<yolanda> why is that needed also in test-requires, and not only in tox
<Note> Hello guys, I have a ZNC running for IRC, but when I connect it sets my hostname to HEX.me (.me is the my domains tld), but on the network i'm connecting my VNC to, I have a vhost, my znc idents me but if I ident myself then my vhost activates, but if i just let my ZNC ident me it doesn't activate, why is this?
<yolanda> zul, so the MP should be ok then?
<zul> yeah go ahead
<Akendo> Hello guys, some got an idea about this: In our OpenStack installation, booting a Ubuntu Cloud Image fails at creating ssh keys. So we're unable to connect to the VM.
<Akendo> We check the logs of the VM and saw that the sshd is not able to use any key exchange
<sarthor_> Hi, .pl is downloading not opening apache. HELP me please
<sarthor_> ubuntu server using
<Pici> sarthor_: is mod_perl enabled?>
<sarnold> sarthor_: you probably want to search for mod_perl
<patdk-wk> seriously doubt it is going be mod_perl compatable
<patdk-wk> probably just want normal cgi support
 * Pici shrugs
<sarthor_> Pici: how to enable that  ? I am not an expert
<Pici> patdk-wk: mod_cgi then?
<patdk-wk> probably just missing the mapping that .pl should use cgi
<genii-around> sarthor: I explained this to you earlier
<patdk-wk> http://www.thesitewizard.com/archive/addcgitoapache.shtml
<sarthor_> genii-around: I asked that time i was somwhere else. I left from that place. the machine is still on there. but know I am miles away from that place. So I was unable to see your answer genii-around
<sarthor_> but now*
<genii-around> sarthor: eg: sudo apt-get update && sudo apt-get install libapache2-mod-perl2 ... then make sure that the file perl.load is in /etc/apache2/mods-enabled and do sudo service apache2 restart
<patdk-wk> I would be very careful about mod_perl, as it's doesn't run perl scripts the same way you do at the command line
<zul> adam_g: looks like nova-manage config convert went away so should we just remove it?
<genii-around> patdk-wk: Aah. I don't use perl on apache so wasn't aware of that. cgi runs them the way they were intended however?
<patdk-wk> ya
<patdk-wk> mod_perl runs it fine, but it doesn't *clean state* between runs, the program is always active, so you can easily have state pre-existing, or leak memory easily when using it
<sarnold> also, perl running in the apache process address space. a bit gross. :)
<patdk-wk> ya, everything should be fastcgi :)
<sarthor_> genii-around: I did as your said. perl.load file is also there. i did restart apache2. checked again .still dowlnoading
<xiaoy> I'm using DNS Tunnel (dns2tcp + ssh dynamic port forwarding) but my ssh tunnel just crashes after a few seconds (Connection to localhost closed by remote host.)
<xiaoy> I just don't understand what is wrong? It works only for few seconds, than the server just shuts down the connection... :(
<xiaoy> i tried also different dns-tunnel server clients, but the result is the same, it's just something with the ssh server...
<xiaoy> This is my sshd_config file on the "fake" DNS server http://pastebin.com/XQvTwqH6
<xiaoy> dunno, maybe some of you guys have some experience with this
<patdk-wk> ya, there is a lot of other setup you need to do to activate mod_perl
<patdk-wk> and it needs to be done, per perl script
<sarthor_> patdk-wk: will that be too tough to do? In case i am not expert. I just used to read instructions and do as instructed. every I do not understand them.
<patdk-wk> not a good idea
<sarthor_> yea... but I am a learner
<patdk-wk> then learn from the link I supplied
<yolanda> zul: https://code.launchpad.net/~yolanda.robla/ceilometer/grizzly/+merge/146899
<yolanda> can you approve it?
<patdk-wk> unless the script you are using says it was MADE for mod_perl, and gives you instructions for it, I wouldn't even attempt it
<genii-around> I think now I remember why I don't like perl under apache
<sarthor_> but I think in that start I am doing this stuff which is tough for me. may be it will make me run from learning.. :)
<sarthor_> also too much green chilli and lemon on beans.. Muuuh....Several battles to win
<stgraber> hallyn: do we actually have anything to do for https://bugs.launchpad.net/ubuntu/precise/+source/lxc/+bug/1060404 in precise?
<uvirtbot> Launchpad bug 1060404 in lxc "update-grub runs and fails in containers" [High,Fix released]
<hallyn> stgraber: i don't think so.  bug is in grub
<stgraber> hallyn: right, let me get rid of the lxc task then
<sarthor> genii-around: Hi again, as you told me I did like for the .pl files downloading issue. as you told me in the previous message. I did like that and restarted the apache2 but no change. Then I restarted the machine, and know there is not downloading issue. but the files are just opening as text files in the browser. Any solution please?
<digitalsanctum> hi, would someone be able to help me with specifying a preseed file for automated install?
<RoyK> sarthor: if you set the content-type to text/plain, it should work out nicely
<sarthor> RoyK: I am using mozilla and chrome. on cromium is like txt file. but on mozilla firefox still that .pl download file.
<RoyK> sarthor: try, from the commandline, HEAD http://url
<RoyK> see what content-type is set to
<sarthor> RoyK: that says Content-Type: text/plain
<RoyK> sarthor: url?
<sarthor> 500 Can't connect to url:80 (Bad hostname)
<sarthor> I am in that machine where sql-ledger is installed. and I put this command on that machine command prompt.   HEAD http://localhost
<stgraber> hallyn: Does /etc/dnsmasq.d-available/ work for you or do you have a better name suggestion? (I don't particularly like the long name but that's the best I could come up with)
<sarthor> Content-Type: text/html
<sarthor> RoyK:  Content-Type: text/html
<hallyn> stgraber: yeah that's fine with me
<hallyn> obvious enough if you look at all
<hallyn> and reminiscent of /etc/apache2/sites-available
<stgraber> hallyn: yeah, I took the name from what apache and freeradius do with their config
<stgraber> hallyn: ok, I have a fix for lxc in raring. Will do some more testing, if it works as expected, I'll upload lxc in raring, quantal and precise with that fix and any other pending SRU.
<hallyn> stgraber: cool, i'll copy that into libvirt then, thanks :)
<smoser> hallyn, did we lose the man page to kvm in raring?
<smoser> or is it just me
 * RoyK checks
<m_tadeu> hi...I just installed gcc4.7 from a ppa, but now this is not the default gcc (which is 4.6)...how can I change that?
<stgraber> smoser: well, kvm is just a compatibility symlink at this point so you'd technically want to check the manpage of qemu-system-x86_64, but we can probably provide a symlink to make that easier
<RoyK> smoser: looks so
<hallyn> smoser: looks like it
<hallyn> stgraber: actually kvm will become a wrapper, not just a symlink
<hallyn> have i not pushed that whole merge?  FEH
<stgraber> root@castiana:~/data/vm/lxc# ls -l /usr/bin/kvm
<stgraber> lrwxrwxrwx 1 root root 18 Jan 29 12:55 /usr/bin/kvm -> qemu-system-x86_64
<hallyn> yeah i never finished that merge
<stgraber> I think I updated my laptop this morning
<hallyn> stgraber: yeah the merge isn't finished
<hallyn> it'll have to wait until monday at this point
<smoser> hallyn, i opened a bug.
<smoser> bug 1117636
<uvirtbot> smoser: Error: Could not parse data returned by Launchpad: The read operation timed out
<hallyn> smoser: thanks, fixed in my git tree (git://github.com/hallyn/qemu #de.jan28.ubuntu2)
<hallyn> meanwhile debian exp has moved to 1.4.0 upstream, but I'm not sure I want ot do that this late
<hallyn> so i may stick with 1.3
<smoser> kvm will be a wrapper ?
<smoser> what will it do
<stgraber> my guess is, detect kvm support and call qemu with --enable-kvm when found
<hallyn> smoser: it will do "qemu-system-x86_64 -enable-kvm "$*"" :)
<hallyn> actually
<hallyn> exec qemu-system-x86_64 -machine accel=kvm:tcg "$@"
<smoser> always qemu-system-x86_64 ?
<hallyn> yup
<Daviey> hallyn: hey.. Do you know where we seem to be seeing different cpu types in kvm instances?
<Daviey> hallyn: http://pb.daviey.com/982y/ , http://pb.daviey.com/c9g4/ , http://pastebin.ubuntu.com/1617691/
<hallyn> Daviey: yeah the switch from qemu-kvm to qemu makes some changes, but they shouldn't be much
<Daviey> hallyn: the qemu64 standardisation was good for live migrations
<Daviey> hallyn: the variance seems to be causing woe.
<Daviey> (this is precise)
<hallyn> Daviey: wait what, you're seeing unexpected result in precise, or the qemu64 default in precise was good?
<hallyn> Daviey: you had a patch specifically to default to qemu64 right?  I'm sure we can write a new patch for qemu to do the same, if that would suffice.  (not sure if it would)
<Daviey> hallyn: no, this oddity is on precise
<Gateway69> simple question, how can you boot a new ubuntu server image, and have it execute some scripts you want after boot up.. ? aka like a script outside of the image that it loads and runs, is this possible?
<hallyn> Daviey: then no, i have no idea.
<Daviey> And i don't think my patch forced it to qemu64.. simply exposed vmx in the already default qemu64
<Gateway69> somethign like , lets say i have a script that says build me a haproxy server, then another script that says build me db server, so we can automate our stack to launch, a new image, update all software on the server, install what we need and configure files
<hallyn> Daviey: but you did just remind me that your patch to expose nested vmx to qemu64 instances was never upstreamed
<hallyn> right
<hallyn> Daviey: and we don't (yet) have that patch in raring's qemu.
<Daviey> hallyn: looking at, https://github.com/aliguori/qemu/blob/master/target-i386/cpuid.c .. it seems it's not using the default qemu64 for some reason
<Daviey> I wonder if this is something in openstack doing it..
<hallyn> Daviey: precise is on qemu-kvm, not qemu,
<Daviey> hallyn: a similar patch was proposed upstream and lazily NAK'd
<hallyn> Daviey: yeah...
<hallyn> Daviey: i'm just commenting that i need to remember to re-add that to raring
<hallyn> Daviey: but so you're saying that in lucid through oneiric, it woudl default to qemu64, and in precise and later it does not?
<Daviey> super :)
<Daviey> hallyn: No.. I'm saying that using an openstack deployment, spanning multiple nodes.. and seeing different cpu types. :/
<Daviey> My hunch is openstack is overriding the cpu type now.
<Daviey> which raises a big *sigh* if it is indeed the case
<hallyn> Daviey: ok, so nothing for me to do in precise's kvm then - just wanted to make sure
<hallyn> it would seem (to a naive goon like me) like exposing the unerlying cpu type by default would make sense :)
<m_tadeu> how can I change the default gcc version?
<hallyn> i realize that doesn't make sense wrt migration,
<Daviey> hallyn: *sigh* - https://bugs.launchpad.net/nova/+bug/1003373
<uvirtbot> Launchpad bug 1003373 in nova "support to Nova to allow exposing specific CPU models to the guest, including the host CPU native model." [Wishlist,Fix released]
<hallyn> Daviey: ok but support for that != making it the default
<Gateway69> anyone have any ideas?
<Daviey> hmm
<rbasak> Gateway69: look at cloud-init userdata. But juju will set up a stack to your liking automatically for you, to save yourself a lot of trouble.
<rbasak> Or you can reinvent it yourself if you wish :)
<Gateway69> haha, juju, yea.. i started looking into that.. ideally internally be able to launch our stack and test it locally, then push any code changes to the cloud.. does juju work with VM? ..
<Daviey> hallyn: https://review.openstack.org/#/c/8527/6/nova/virt/libvirt/driver.py does suggest it's disabled by default..
<Daviey> my head hurts
<Shogoot> hello loverly people :) im stuck trying to set up my firs fileserver at home.... (yes newbie incomming). the question. i got access to my server via ssh, i m remotely on it. but i cannot access internet from the server. as i get no response when i do ping. i got a hiint that it might be /etc/network/intercades but i got my gateway correctly set. so it might be resolv.conf. but on that i get this warning ive never seen before.
<Shogoot> Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
<Shogoot> #     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
<sarnold> Shogoot: see /etc/resolvconf/* files for explanations there :)
<sarnold> Shogoot: when testing network connectivity, check both ips and hostnames; 4.2.2.1 and 8.8.8.8 both respond to pings, so try those..
<Shogoot> dang... 8.8.8.8 works
<Shogoot> but i cannot do apt-get update... why is that?
<sarnold> Shogoot: try ping 91.189.91.15
<sarnold> (that's an IP for us.archive.ubuntu.com)
<Shogoot> working
<Shogoot> hmm.. so it is the dns list... but how o i edit the dns list without the resolv.conf?
<sarnold> good :) then you've got busted dns and get to figure out why :)
<sarnold> Shogoot: either your dhcp server isn't handing out a dns server to query, or that dns server isn't working, or .. meh, variety of reasons. but you can hard-code new resolvers in /etc/resolvconf/resolv.conf.d/* files
<Shogoot> i have a static ip...
<sarnold> ah then you can probably apt-get purge resolvconf and be done with it :)
<Shogoot> i dont get it. resolv.conf/* has two files head wich has taht warning that the wolrd will explode if i edit it and base that is empty.....
<sarnold> Shogoot: those are there for you to edit. well, maybe one or another is more appropriate, but the entire resolv.conf is built out of those.
<Shogoot> friking linux people
<Shogoot> ;)
<sarnold> Shogoot: but if your resolver should never change because the machine has a static address, you may as well remove the package and go back to just editing your /etc/resolv.conf by hand when you change the resolver manually :)
<Shogoot> i was used to the resolv conf back in the day
<sarnold> Shogoot: yup.
<sarnold> Shogoot: and until I found those files I hated the newfangled thing..
<hallyn> Daviey: i dunno, i dont' see where the new guest.cpu ends up being used (or whether having it to default to None does what thecomments say it will)
<Shogoot> sarnold, i did that purge thing.... just to see what it did....
<Shogoot> and ofc i now dont got resolvconf and i cant reinstall it because i dont got any dns...
<Shogoot> argh... help...
<stgraber> hallyn: there you go: http://paste.ubuntu.com/1617905/
<stgraber> turned out to be far trickier to do that I first thought ;)
<stgraber> I spent 30min trying to figure out why the postinst was broken to notice it was just some bad dh ordering...
<stgraber> anyway. I think I'm happy with this one so I'll push to raring and then prepare the SRUs
<hallyn> stgraber: oh yeah, i've run into that before...
<hallyn> stgraber: so (just asking) no reason to remove /etc/dnsmasq.d-avilable/lxc on purge?
<stgraber> hallyn: well, it's a conffile, so purge should do that anyway
<hallyn> oh.  right :)
<Shogoot> is there any way to do apt-get update but spesifying the ip to do it from? I have a DNS problem and i need to resintall my resolvconf files.... but as i got the dns problem apt-get update just gives me the unable to resolve host error
<ivali> I am running ubuntu server (clean install). Flushed iptables cand disabled ufw.Can it be something else that is blocking me certain ports (135,139,445, 1433 etc.) or should i talk to my ISP?
<escott> ivali, it would be very strange for an isp to block a high port
<ivali> I've made some tests http://pastebin.com/JeEkhMJd
<ivali> Can I assume that my default gw (81.180.93.129) is blocking that port (139) or can it be a problem with the server?
<stgraber> hallyn: lxc precise SRU: http://paste.ubuntu.com/1618032/
<stgraber> hallyn: note that I had to pretty much rewrite the cloud patch as smoser's branch was changing a quarter of the file to fix some identation. I "think" the code does the same thing though.
<stgraber> I'll push to a PPA and very all the fixes here before pushing to -proposed (and I'll have to find some clever way of testing some of those, the lucid outdated cache thing will be hard to test)
<smoser> stgraber, you *could* test it :)
<sarnold> Shogoot: add whatever IP address your resolver is at to /etc/resolv.conf -- if you don't have one yet, then use 8.8.8.8 (google runs a public DNS server just for this purpose :)
<sarnold> Shogoot: you can either stick with google's DNS or you can install your own recursive resolver.
<stgraber> smoser: yeah, as I said, I'll test all that mess before uploading to precise-proposed. I just don't enjoy a 30s cherry-pick turning into a 15min diffing session ;)
<smoser> fair. i'm not sure why i did that.
<smoser> but i will admit to not being able to stand mixing tabs and spaces
<hallyn> stgraber: so now if the user removes the dnsmasq.d/lxc symlink, removes and reinstalls, they'll get the file back.  Is that ok?
<hallyn> (as opposed to if they make changes, the changes will persist over remove/reinstall)
<hallyn> i guess it's what the bug submitter wanted?  but it seems inconsistent
<stgraber> hallyn: yes
<stgraber> hallyn: if they want it gone, they need to wipe the conffile, not the symlink
<stgraber> or empty it, or whatever
<hallyn> stgraber: I don't quite get that from the comment at top of the dnsmasq file
<hallyn> stgraber: but I'm nto sure how to concisely make it better
<hallyn> stgraber: nm, it's fine as is.
<hallyn> roaksoax: hey, bug 1109209 should be fix released for raring right?
<uvirtbot> Launchpad bug 1109209 in python-tx-tftp "[SRU] python-tx-tftp to Precise" [Undecided,New] https://launchpad.net/bugs/1109209
<roaksoax> hallyn: yes!
<roaksoax> hallyn: but raring has ubuntu7, quantal6.1
<roaksoax> which is the same
<SpinningWheels> anyone have any idea why an mdadm array would randomly go from /dev/md0 to a read-only on /dev/127? i cant find any errors in any logs that i've found. any ideas?
<escott> SpinningWheels, /dev/127? shouldn't there be something in front of that like sda127 or md127?
<SpinningWheels> erm, yeah, md127
<escott> SpinningWheels, what is the mdstat?
#ubuntu-server 2013-02-07
<chrish1> in a preseed file, how do I force an unbuntu server install to configure multiple interfaces?
<chrish1> i am pxe-booting from eth0 and need eth1 configured by our corp dhcp server ro allow access to the package repos
<SpinningWheels> escott, mdstat and details says everythings fine and reports no events. but something had to happen for it to go to md0 to md127 read-only.
<escott> SpinningWheels, could be that the arrray is functional but the filesystem itself is corrupted. you should fsck it
<adam_g> zul: wrt that quantum test fixes patch, i spent along time trying to figure out why the db plugin / subnet tests are failing. i think it points to an issue in the dependency chain.
<adam_g> zul: ...where data gets returned in a dict that isn't ordered correctly, or how the test expects. using a fresh venv from the pip-requires, its comes back fine
<adam_g> zul: i'd like to get that passing b/c it points to something subtle that may lead to other problems if we continue to just skip it. gonna look at it again tomorrow. cya
<hallyn> roaksoax: I just meant, it's currently New/undecided for both raring and precise, ISTM it should be fix released for raring
<zul> adam_g: ack
<maco> ive got an ubuntu 12.04 amazon ec2 instance that doesn't seem to have ssh running (connection refused on 22). i mounted the root disk on another instance, turned on bootlogging, put it back, and booted it then shut it down again and once again mounted it to see what the logs would say. i dont see anything about sshd in /var/log/boot.log. mostly i just see stuff about cloud-init. syslog also doesn't show sshd starting, but openssh-server is still
<maco> installed and /etc/init/ssh.conf looks reasonable. any idea how i can further debug what's going on?
<jcastro> make sure you have ssh/22 enabled in the AWS rules
<jcastro> it's in your console thing
<jcastro> http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html
<jcastro> maco: ^
<maco> hey jorge! i did check that
<maco> i don't see anything in syslog about sshd attempting to start on the last couple boots. last thing i see is when we did a "sudo service ssh restart" after modifying sshd_config
<maco> but then, i think it's pam logging that, not sshd itself, so i'm not convinced it would show up on boot
<ruben231> hi guys how do i block all income traffice from a particular port and allow specific pubci ip address only..any idea..?
<sarnold> ruben231: you can use ufw for that: https://help.ubuntu.com/12.10/serverguide/firewall.html
<dns53> is there anyone around who has worked with uefi?
<tcope> having issues installing grub2 on a 12.10 system with linux raid on /dev/md0p1  /boot .. when running update-grub it returns grub-probe error cant find physical vol (NULL) .. did not have this issue with prev distros has any one else experienced this and is and found a solution ?
<koolhead17> hi all
<cfhowlett> koolhead17, greetings
<koolhead17> hello cfhowlett
<Blinkiz> Hello. I can see that kernel 3.5.x exist in 12.04 LTS now days. How can I make sure my server always get's the latest kernel when it is released? Am still at 3.2.x after apt-get dist-upgrade
<marcreichelt> Hi! I have tomcat7 installed on my Ubuntu 12.04 64bit machine. It runs correcty if I start it manually (sudo /etc/init.d/tomcat7 start), and it is in the correct runlevels 2 to 5, but it doesn't get started on boot. I need some help here...
<acidflash_> join #c
<yolanda> hi, is that the right source for mongo charm? http://jujucharms.com/charms/precise/mongodb
<marcreichelt> How can I find out why a certain init.d script is not called on boot, although it is linked from the correct runlevels?
<kzar> Have SSH running on a server that's hooked up directly to the internet with an ip address and no local network. Guy there is able to ssh from local term to server's external ip OK. When we try and ssh from our machines we get login prompt but credentials are rejected. We have denyhosts installed and otherwise default ubuntu sshd settings. Any ideas?
<patdk-lap> kzar check the log file?
<kzar> patdk-lap: Yes I want to, server is unfortuntely off no and in korea :(
<kzar> now*
<joners1> Hi, can anyone provide some assistance to a linux noob. Trying to send email from ubuntu server to a WS2K8R2 SMTP relay
<ikonia> joners1: what's the issue ?
<joners1> Well I can send mail to the windows relay using ssmtp
<joners1> but cant using postfix, afraid i know so little about it that im afraid im either running around in circles or missing something obvious!
<ikonia> ok, so just set relayhost
<ikonia> in the postfix configutation
<ikonia> http://www.postfix.org/postconf.5.html#relayhost
<ikonia> for example
<joners1> Hi, tried that one didnt seem to work
<joners1> sorry, should give you some more information
<joners1> i also need to set the 'sender' address as well, the windows box will only accept email from one mail address
<joners1> tried the relayhost option but didnt get any mail through
<jacobw> joners1: postfix only sends mail originating from a relayhost
<joners1> ok, any idea how i can send email through the relay at all? :)
<jacobw> joners1: the MUA sets the 'From' field, postfix relays the message and other MTAs (postfix, exim, exchange) carry the message usually only it came from the host the PTR record for the domain in 'From' specifies
<qman__> joners1, http://www.dnsexit.com/support/mailrelay/postfix.html
<qman__> also, exchange may not allow you to send mail "From" anyone except the user you're logging in as
<joners1> thats right, thats what is happening in this case
<qman__> if you have control of the exchange server, the better solution is to allow relay from your postfix server
<joners1> we are just moving to office 365 and have a secure connection from the Windows Box to a 365 account (using TLS)
<joners1> i wanted to create a white list of ips that can relay email through, for things like printers and scanners etc
<qman__> is this postfix intended to work after the move?
<qman__> if so you may not be able to do that
<qman__> I don't think office 365 allows mail relaying
<joners1> it does but only through a specific account
<qman__> then what you need to do is configure your devices to send mail from that account
<qman__> there may be a way to accept the messages in postfix and mangle them so they fit, but that's beyond my knowledge of postfix
<ikonia> I wouldn't say that's a good solution
<joners1> lol maybe not
<joners1> any other suggestions at all? I can get it working with ssmtp with no issues
<qman__> that
<joners1> points to the windows relay and the mail goes out to 365 and delivered with no problems
<qman__> that's because ssmtp isn't a 'real' mail server, and doesn't relay
<qman__> it can easily log in with your credentials and send from the right account
<joners1> its not logging in though, just pushing email to that relay to send on
<joners1> the windows relay is authenticated in to office 365 so anything else that points to the relay is unauthenicted, basically an open relay internally
<joners1> sorry, hope that im not confusing the issue here
<qman__> you're changing your story
<qman__> also, if exchange was configured for open relay, postfix would work
<joners1> ok, shall i start again and try and clarify?
<qman__> what version of exchange?
<qman__> because there's big differences between them
<joners1> no exchange at all
<joners1> Office 365 is a hosted email platform
<qman__> yes, but what runs on your windows server?
<joners1> just the SMTP relay feature, part of IIS
<qman__> and it's configured to authenticate to office 365?
<joners1> thats correct
<qman__> to relay mail
<joners1> yes
<qman__> ok
<qman__> what's your ssmtp config?
<joners1> what i need to figure out, is how to send email to that relay
<joners1> two seconds
<joners1> ill get it now
<joners1> ssmtp.conf simply looks like.....
<joners1> root=emailaddress@domain.com
<qman__> ok
<qman__> is that a valid email in your office 365 domain?
<joners1> mailhub=ipaddress_of_windows_relay:25
<joners1> yes
<qman__> and is there any auth configured there or just anonymous?
<joners1> rewriteDomain=ourdomainname.com
<qman__> ah, there you go
<joners1> hostname=ubuntuserver name
<qman__> that's the feature it has
<joners1> the rewrite domain name?
<qman__> postfix doesn't have that as far as I know
<qman__> yes
<qman__> at least not as a builtin
<joners1> gotcha!
<joners1> how about sendmail or something else?
<qman__> your ssmtp is faking that all mail is comfing from your actual domain
<joners1> ok, so faking the email details to the windows relay
<qman__> sendmail is a disaster, I couldn't begin to tell you how
<qman__> right, ssmtp is mangling outgoing email messages
<joners1> thats what i noticed looking at the web
<qman__> to change the "from" headers to your domain name
<joners1> ok
<joners1> do you know of any way to send attachments from ssmtp?
<qman__> it should be possible with postfix but I don't know how, it's not a normal config
<joners1> ok
<joners1> well thank you for your help :)
<joners1> ill see if i can do some more research, that narrows things down for me though
<qman__> it's very extensible but how difficult, I have no idea
<joners1> i shall have a read up on it and see what i can find
<qman__> one possible workaround is to change the system mailname, but that'll get confusing in logs
<qman__> your server will pretend to be yourdomain.com
<qman__> and that might break other stuff
<joners1> interesting....
<joners1> might be worth a go, ive got a couple of test boxes that i setup to play around with different configurations
<joners1> the mail name is located in /etc/mailname right?
<feisar> what would cause resolv.conf to have the header bit in twice along with my old DNS settings?
<feisar> (12.04 server)
<feisar> (with a static IP config)
<feisar> hmm... for some strange reason /etc/resolvconf/resolv.conf.d/original and tail have my old settings in them
<res22> ubuntu server seems to completely not listening to my file permission, in sudo or otherwise
<feisar> res22: explain
<res22> it's hard
<feisar> what command are you running?
<res22> I have a group of users who I want to be able to write to a specific directory. The directory is chowned to that group, and the permission are recursively g+rw
<patdk-wk> I hope you included x also, for directories
<res22> they can't. Also sudoers simply doesn't work when I specify a group, but it does when I specify a user
<res22> yes
<patdk-wk> and they have x permission all the way to root?
<res22> they can access the directory, they can't write to the files
<feisar> can they create a dir or 'touch' a new file?
<res22> permission denied
<res22> brb
<jamespage> Daviey: any idea when the iso started being oversized?
<jamespage> may 20/01?
<Daviey> jamespage: NFI, sorry
<jamespage> Daviey: well I think I have the answer
<jamespage> Daviey: quantal: apt-get install kvm -> Need to get 11.3 MB of archives.
<jamespage> Daviey: raring: apt-get install qemu-kvm -> Need to get 50.4 MB of archives.
<Daviey> ugh
<jamespage> Daviey: maybe hallyn can comment on the increase :-)
<Daviey> jamespage: Possibly recommends which could be suggests
<Daviey> hallyn: Can we look at this ASAP please?
<Daviey> (it's pushing our cd images over limit)
<jamespage> Daviey: guh - also noticed that qemu drops the BD on librbd-dev - so no ceph RBD support
 * jamespage crys a bit
<jamespage> Daviey: I'll raise bugs
<Daviey> jamespage: super.  I know hallyn is aware of some mismatches... He tried to align with the debian package closer.
<Daviey> but having bugs to track this stuff is optimal :)
<jamespage> hallyn: bug 1118406 for rbd support
<uvirtbot> Launchpad bug 1118406 in qemu "qemu lacks support for Ceph RBD in raring" [Undecided,New] https://launchpad.net/bugs/1118406
<jamespage> Daviey: this highlights the gap we have in openstack testing on current dev series...
<Daviey> ugh, yeah
<jamespage> hallyn: bug 1118407 for the bloat-out
<uvirtbot> Launchpad bug 1118407 in qemu "qemu-kvm/system has a large number of dependencies" [High,Triaged] https://launchpad.net/bugs/1118407
<hallyn> jamespage: all right, i'm going to finish the merge of lastest debian qemu stuff this afternoon.  will fix rbd then.  for the size increase, i'll take a close look.  I'm not sure it's dependencies - it may be due to pulling in of all arches
<hallyn> if it's due to all arches, then next upload should help (as it splits qemu-system-common-x86 into separate package)
<hallyn> but i'll take a look,thanks!
<jamespage> hallyn: in a general finger pointy kinda way - "libgl1-mesa-glx | libgl1" looks like it might pull in quite a bit
<hallyn> will look
<jamespage> hallyn: ta
<xpistos> Hi all. How can I tell if my computer will run ubuntu server 12.04? Right now it is running 10.04 and I would like to upgrade it.
<genii-around> xpistos: You could check first if it's on the list here: http://www.ubuntu.com/certification/server/
<xpistos> genii-around:  Thanks. I will check that out nw.
<xpistos> genii-around: This isn't a "server" persay. It is Dell Dimension 4400 (circa 2001). Is there a doc with the hw reqs somewhere?
<Pici> !requirements
<ubottu> Hardware requirements to install, boot and comfortably use Ubuntu are listed at https://help.ubuntu.com/community/Installation/SystemRequirements - For a !flavor with lower requirements, see !Xubuntu or !Lubuntu
<Pici> hrm
<_ruben> heh, nice .. no clue what key combo i just accidentally hit (area of arrow keys / enter / ins/del / etc) .. but it backgrounded my irssi .. though i was no way near ctrl-z
<genii-around> Pici: The requirements there look pretty old...
<xpistos> Pici: Thanks. I checked and I am good. I have 1.3 Ghz proc and 2 GB of Ram
<Pici> xpistos: I'm running it here on a VPS with 512mb of ram, so you should be just fine.
<xpistos> and I use it headless so, looks like I have a project on Saturday
<stgraber> smoser, hallyn: hey, got that while testing the fix for bug 1045955 on precise:
<uvirtbot> Launchpad bug 1045955 in lxc "lxc-create -t ubuntu-cloud broken on quantal images (no ubuntu user)" [Medium,Fix released] https://launchpad.net/bugs/1045955
<stgraber> ++ ubuntu-cloudimg-query quantal released i386 --format '%{url}\n'
<stgraber> confused by argument: quantal
<stgraber> it looks like the cloudimg query tool doesn't even know what quantal is, so even with the fix in lxc, it's not likely to work
<smoser> stgraber, apt-get install distro-info
<smoser> stgraber, for places that i've had to know a name like that, i've hard coded one, but if distro-info is available, i'll use it
<smoser> and at least currently, cloud-utils is Recommend'ing distro-info
<stgraber> smoser: any chance you can SRU that Recommends?
<stgraber> win 26
<stgraber> oops
<smoser> i'm not opposed to that. but it would/might change package content in a cloud-image (not sure if distro-info is there on precise)
<smoser> ie, cloud-utils is seeded
<rbasak> Could somebody comment on bug 1081489 please? I'm not sure about the status of sssd, or what to suggest to the reporter. Is an MIR even on the table, and what would that involve?
<uvirtbot> Launchpad bug 1081489 in autofs "autofs package is missing the lookup_sss.so module(!); negating autofs-enabled sssd functionality (automount fails)" [Medium,New] https://launchpad.net/bugs/1081489
<smoser> stgraber, i think you could have just done 'q' to that and it would maybe work.
<smoser> ie, single letter arguments 'hklmnopqrstuvwxyz' are then checked to see if they might be a release.
<zul> yolanda:  https://code.launchpad.net/~zulcss/nova/nova-config/+merge/147147
<yolanda> ok
<yolanda> zul, done
<zul> yolanda: thanks
<paco1> hello masters!
<paco1> i would like to compile openldap source with openssl ubuntu package. But when i compile openldap, it doesn't see openssl....how can i do that?
<paco1> thanks in advance!
<sarnold> paco1: is there a ./configure switch that you need to add to add ssl support?
<paco1> yes, i do that.
<sarnold> paco1: is it still set during the build? :)
<paco1> i found the right package > libssl-dev
<sarnold> paco1: did you forget it as a build-dep in the package? (sorry for not thinking itsooner..)
<paco1> yes, and i found also "libsasl2-dev" to give --with-cyrus-sasl
<paco1> it's perfect. thanks!
<sarnold> :D
<stgraber> hallyn: lxc sru uploaded to precise-proposed. Will now poke at quantal
<feisar_> ok, so if I have mysql-common installed why isn't the mysql client installed (anymore) it should be in /usr/bin right?
<sarnold> feisar_: did you install mysql-client?
<feisar_> ah, that'll be why then... although I'm sure I used the client before...
<feisar_> sarnold: thanks, that's installing now
<sarnold> woo :)
<feisar_> something really odd happened today my webserver can no longer talk to my MySQL server (wordpress just says error connecting to db) and I do not understand why (yet)... i did some updates
<sarnold> feisar_: anything interesting in the logs?
<feisar_> I am just trying to find where mysql (mariadb) logs it's connections
<patdk-wk> is mysql even running?
<feisar_> hmmm... a manual login from the webserver to the db server tells me I'm not allowed to log in but my IP has not changed
<zul> adam_g: https://code.launchpad.net/~zulcss/cinder/cinder-ftbfs-version/+merge/147205
<longdays> I have created a custom upstart job. When starting the job with the service command everything works well
<longdays> the minor problem is that the command does not autocomplete in bash. For example, service networking start, autocompletes the word networking, but with my custom upstart script, "myname" myname does not autocomplete
<longdays> anyone know how to fix this annoyance?
<paco1> integrate the path of your command in the system
<sarnold> longdays: perhaps start reading /usr/share/bash-completion/bash_completion -- there's a lot in there for services handling..
<sarnold> longdays: oh. forget that. look in /etc/bash_completion.d/upstart
<longdays> thanks, will look there
<Jeeves> Grrr
<Jeeves> Package: python-pyclamd
<Jeeves> Depends: python, python-support (>= 0.90.0), clamav-daemon
<Jeeves> WHY!?
<Jeeves> Why should a python-lib depend on the daemon :(
<RoyK> perhaps someone slipped
<RoyK> use easy-install
<Jeeves> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=645872
<uvirtbot> Debian bug 645872 in python-pyclamd "python-pyclamd package installs  dependencies no necessaries" [Normal,Open]
<Jeeves> Open since october 2011 :(
<stgraber> hallyn: and quantal equivalent taken care of
<hallyn> stgraber: woohoo :)  thanks
<hallyn> i'm hunkering down for a massive qemu update
<hallyn> i'll peek my head out in a few hours :)
<stgraber> hallyn: unless we messed up bug triaging, those two uploads should close all outstanding sru bugs
<Shogoot> Hi fine people. I got a fresh isntall of ubuntu server 12.10. I wan to make it a fileserver as the server has a usb hdd. i read in a guide that the usb hdd woould mount automaticaly in /media, but i cannot find it there... my fdisk -l here: http://pastebin.com/SDDAMXtn
<RoyK> Shogoot: first, I wouldn't use neither non-lts nor a single usb drive for a file server
<RoyK> secondly, a server install won't automount anything
<Shogoot> im aware of the non lts and siingle usb hdd. i take the risk, all data is backuped
<RoyK> oh, and using ntfs for a fileserver won't perform very well
<RoyK> since it'll be handled in userspace
<RoyK> but of course, you can always add that to /etc/fstab and automount it and share it with samba
<Shogoot> argh. isee its ntfs.
<Shogoot> is it possible to see if the hdd has some data on it from linux even beeing ntfs?
<Shogoot> its suposed to be empty, now im in doubt
<RoyK> just mount it
<RoyK> apt-get install ntfs-3g
<RoyK> (if that's not installed already)
<Shogoot>  sudo mount /dev/sdb1 /media/newhd
<Shogoot>  like that , right?
<RoyK> yeah
<RoyK> if there's no data on it, make another filesystem like ext4 or xfs or something on it
<lfreeway> hello, does anyone know how to fix byobu disable f-keys under 12.04
<kirkland> lfreeway: what's the problem?
<Shogoot> smn@neoguaton:/media/newhd/newhd$ ls -a
<Shogoot> .  ..
<Shogoot> smn@neoguaton:/media/newhd/newhd$
<lfreeway> kirkland: using 12.04 with tmux as backend and Shift + F12 is not working... I googled quite a lot and counld find a resolution. I'm using it without anything else.. Only thing it works is if i Ctrl+a and manually write :source /usr/share/byobu/keybindings/f-keys.tmux.disable
<Shogoot> seems its empty
<RoyK> Shogoot: better unmount it, then and create a good filesystem on that dev
<kirkland> lfreeway: I can't reproduce on latest upstream ... can you try the latest upstream PPA, "sudo apt-add-repository ppa:byobu/ppa && sudo apt-get update && sudo apt-get install byobu"
<Shogoot> sudo umount sdb1?
<feisar_> hi, where does mysql log failed login attempts?
<maxb> nowhere
<res22> Hi all. I was asking for help earlier with ubuntu server ignoring /etc/group permissions, or seemingly atleast. I have set up groups with users assigned in the file, but sudoer entries that specify the groups permissions are ignored, and users with group read/write permissions to files aren't given these permissions. This has been very annoying to diagnose, any help?
<RoyK> Shogoot: umount it and mkfs -t ext4 ...
<RoyK> res22: probably a configuration issue - post your configs
<res22> which ones?
<Shogoot> RoyK, partitioning is done
<RoyK> res22: ls -la on those files/dirs, "groups" of the user etc
<escott_> res22, if memory serves sudo follows the first match that it finds. is it possible that there are multiple matches
<RoyK> Shogoot: partitioning or making the filesystem? ;)
<Shogoot> RoyK,  hehe i guess its the making the filesystem
<feisar_> ah! mysql uses reverse lookups...
<RoyK> Shogoot: then use blkid to get the uuid and dd that to to the fstab
<RoyK> Shogoot: with usb the device name may change, so better use the uuod
<RoyK> well, with anything the device name may change, really
<Shogoot> what in all heavens is that :)
<lfreeway> kirkland: brb
<RoyK> Shogoot: what what?
<Shogoot> i have no idea how to use uuid
<Shogoot> oh wait sudo vol_id --uuid /dev/sdb2 ?
<RoyK> just run blkid
<RoyK> or sudo blkid if you're not root
<RoyK> then add something like this to your fstab
<RoyK> UUID=03987de0-d66a-4dc8-922e-83745dffd9d1	/boot		ext2	noatime					0	2
<RoyK> oops
<RoyK> UUID=03987de0-d66a-4dc8-922e-83745dffd9d1 /boot ext2 noatime 0 2
<RoyK> just change that to ext4
<Shogoot> http://pastebin.com/efEhxKFg
<RoyK> UUID="03987de0-d66a-4dc8-922e-83745dffd9d1" /whereever ext4 noatime,errors=remount-ro 0 2
<RoyK> something like that
<RoyK> perhaps add ,nofail to the options column in case you haven't plugged in the usb drive
<RoyK> otherwise it'll fail booting
<Shogoot> its plugged in
<RoyK> well, if you rebooted the server without it, would you like the box to come up cleanly?
<Shogoot> its been rebooted with the usb hdd pluggged in.
<Shogoot> im a bit unsure on the line i shall add to fstab
<RoyK> just saying it might help
<RoyK> pastebin it
<RoyK> erm
<Shogoot> http://pastebin.com/hqB8KCcZ
<RoyK> don't use my UUID
<RoyK> no
<sarnold> what if he wants to boot your disk...? :)
<Shogoot> again... this is my blkid output:  http://pastebin.com/efEhxKFg
<RoyK> Shogoot: more like UUID=81bd9741-f527-4454-a008-68b4d168619d /mountpoint ext4 noatime,errors=remount-ro 0 2
<lfreeway> kirkland: updated to lastest upstream (5.31) via the ppa and still with tmux as backend shift + F12 is not working... I'm doing something wrong?
<RoyK> sarnold: heh
<kirkland> lfreeway: what terminal are you using?
<lfreeway> kirkland: ctrl+a ! gives me "Can't break with single pane"
<Shogoot> ok . line added. shal i reboot ?
<kirkland> lfreeway: this is almost certainly a problem with your terminal
<RoyK> Shogoot: given you have console access, yes
<Shogoot> yes
<lfreeway> kirkland: the default one
<kirkland> lfreeway: you're on an Ubuntu desktop, running gnome-terminal?
<lfreeway> kirkland: no, I'm server
<RoyK> lfreeway: screen?
<lfreeway> kirkland: on the desktop with gnome-terminal it's working fine
<kirkland> lfreeway: okay, so you're on a tty then where its broken?
<Shogoot> RoyK, where im suposed to find the hdd?
<RoyK> Shogoot: where you mounted it?
<lfreeway> kirkland: don't know, that's the weirdo - both with tmux and screen as backend it's not disabling the f-keys... I also did a apt-get purge before installing the from the PPA
<RoyK> Shogoot: pastebin your fstab again
<lfreeway> also I don't have a thing in .buobu
<Shogoot> ah.. i see it /mountpoint
<kirkland> lfreeway: okay, I did reproduce it on a tty
<kirkland> lfreeway: it seems Ubuntu's tty doesn't handle shift-F* correctly
<kirkland> lfreeway: and it looks like tmux eats ctrl-a ! to break the current pane
<lfreeway> kirkland: exactly
<kirkland> (which is a pickle, I admit)
<kirkland> lfreeway: can you please file a bug?
<kirkland> lfreeway: thanks!
<lfreeway> kirkland: sure
<lfreeway> kirkland: may I use the occassion to thank you for your work, it really makes working in terminal enviroment much much easier
<Shogoot> RoyK, its mounted where i want and this part is OK! now..... i got to find out how i make that hdd shared on my network
<RoyK> !samba | Shogoot
<ubottu> Shogoot: Samba is the way to cooperate with Windows environments. Links with more info: https://wiki.ubuntu.com/MountWindowsSharesPermanently and https://help.ubuntu.com/12.04/serverguide/C/windows-networking.html - Samba can be administered via the web with SWAT.
<Shogoot> RoyK, thanks btw, great help
<Shogoot> i got samba already, i gotto find out of config
<RoyK> Shogoot: btw, don't bother using swat - it's better to do the config manually
<RoyK> it's not hard
<Shogoot> heeeeelp ;)
<RoyK> no, just edit smb.conf
<RoyK> there's a lot of help in there
<RoyK> or man smb.conf
 * RoyK slaps Shogoot with a small herring
<Shogoot> http://fish.dnr.cornell.edu/nyfish/Clupeidae/blueback_herring.jpg
<RoyK> perhaps a small perch or a roach
<RoyK> or a northen pike, if I feel evil :D
<Shogoot> ha-ha
<RoyK> Shogoot: well, never mind the fish, server running?
<Shogoot> best fish for slappnig is : http://en.wikipedia.org/wiki/Salmo_trutta_trutta tasty too
<Shogoot> running, yes. security= user smb.conf working
<RoyK> well, a bit heavy, better stick with something smaller and more spiky like a perca fluviatilis
 * mandoguit thinks that something fishy is going on here and those links are red herrings
<RoyK> mandoguit: heh - esox lucius is a bit fishier ;)
<RoyK> or perhaps nastier
<RoyK> doesn't taste very well either
<RoyK> but I guess that's {{oftopic}} somehow
<RoyK> s/oft/off/
<RoyK> bah
<Shogoot> soooo ok...  ive configed and i can actually see the stuff on the hdd... goodie.
<Shogoot> but where do i find the permitions to add directories from my win7 machine?
<Shogoot> cant see it
<escott_> Shogoot, win7? win7 is not posix it doesn't have permissions as we understand them
<escott_> ok this is samba
<Shogoot> RoyK,
<Shogoot> yes escott_ samba is installed
<RoyK> Shogoot,
<Shogoot> i was under the impression samba would fix the win vs linux filesharing thing
<RoyK> well, obviously you need to allow the users to write to this place
<RoyK> if you're using authenticated users, you need a common group or a very wide umask
<RoyK> otherwise, if the system is closed, you can turn off authentication
<RoyK> security = user
<RoyK> aka none
<Shogoot> i got security = user
<RoyK> then just chown the whole tree to the samba user
<Shogoot> errrrrr
<Shogoot> and samba has only one user wich is myself
<RoyK> sec
<Shogoot> rgr
<RoyK> sorry
<RoyK> security = share
<RoyK> that'll disable auth
<RoyK> aka "win 95 security"
<RoyK> perhaps add "guest only = yes"
<RoyK> but don't let anyone near this system unless you want to restrict data
<RoyK> s/unless/if/
<Shogoot> not working and i am restarting smbd and nmbd
<Shogoot> i still cant make a directory from my win7 box on the shared hdd
<RoyK> tried settiing security = share?
<RoyK> if you don't want free access, use smbpasswd 'username' to set a password
<RoyK> the unix password hashes aren't compatible with those windows uses
<RoyK> if you use security = user, don't use guest only = yes
<mandoguit> making my way through the ubuntu server guide here > remote administration > puppet       any particular good reason to install/implement this software over just using ssh connection and cli commands?   tnks
<RoyK> puppet is a large system for mass-administering systems. if you don't understand linux, don't even try
<Shogoot> RoyK, http://pastebin.com/MQPBxFNT
<RoyK> Shogoot: that's just comments
<Shogoot> bah sorry it didnt cut out all the teks
<RoyK> !pastebinit | Shogoot
<ubottu> Shogoot: pastebinit is the command-line equivalent of !pastebin - Command output, or other text can be redirected to pastebinit, which then reports an URL containing the output - To use pastebinit, install the Â« pastebinit Â» package from a package manager - Simple usage: command | pastebinit -b http://paste.ubuntu.com
<mandoguit> RoyK:  just a home system setup right now....sounds like it would be overboard for my general purposes then.   thnks
<RoyK> mandoguit: no reason for puppet for a home system unless you're trying to learn it
<mandoguit> Royk:   maybe later on then... again tnks. :)
<lfreeway> exit
<RoyK> mandoguit: learn the system, use the commandline, edit the files and you'll learn how to work things out
<Shogoot> patebininit coolest thing i must say. http://paste.ubuntu.com/1622288/
<Shogoot> looka t line 280
<Shogoot> most of the juicy stuff is tehre
<RoyK> so, can you connect to the box?
 * RoyK needs to sleep soon
<Shogoot> yes
<Shogoot> i can se it on  explorer.exe too
<RoyK> well, then auth isn't a problem
<Shogoot> just cant make a directory or file on it
<RoyK> try to chmod 777 that dir
<Shogoot> what is taht with makein smb user chmod
<RoyK> then create a dir
<RoyK> then see what user created it
<Shogoot> fixt
<Shogoot> how do isee who made it?
<RoyK> you can't if you don't use autentication
<RoyK> security = share == no auth
<Shogoot> im going to change that to  = user
<RoyK> then you'll have to use smbpasswd to set passwords, or reconfigure samba to use pam auth
<RoyK> and better get some cheap drives for a small raid while you're at it
<RoyK> a single drive will fill up with all sorts of crap and won't be backed up until it dies
<Shogoot> all data has backup
<Shogoot> how do i see who made the directory?
<RoyK> at which time people scream in a solitary havoc
<Shogoot> i changed security to user again
<RoyK> restart samba
<RoyK> not reload
<RoyK> and log in
<RoyK> and your username will be on the files
<Shogoot> rgr
<RoyK> grrbprpprpbb
<Shogoot> who is the local boot here in channel=?
<Shogoot> !samba
<ubottu> Samba is the way to cooperate with Windows environments. Links with more info: https://wiki.ubuntu.com/MountWindowsSharesPermanently and https://help.ubuntu.com/12.04/serverguide/C/windows-networking.html - Samba can be administered via the web with SWAT.
<Shogoot> !ubottu sleep
<Shogoot> cant remember these commands
<Shogoot> i guess ill need voice anyways
<RoyK> well, my time to /sleep ;)
<RoyK> Shogoot: just rtfm
<RoyK> it's not that hard
<Shogoot> RoyK, thank again.
<Shogoot> im gonna set my hdd to the test now ;)
<RoyK> smartctl -t long is a good start
<RoyK> or perhaps forget about that and just get a few cheap drives to setup in a raid
<RoyK> Shogoot: I've been working with storage for 10+ years, and what I've learned is that all drives fail
<Shogoot> :)
<RoyK> perhaps tomorrow, perhaps in five years, but you never know
<RoyK> most drives fail the first 3 months, if they survive that, they can live a long time
<RoyK> that is, not "most drive fails the first three months", but "most drives that fail are either < 3 months or > 3 years"
<Shogoot> ive got this hdd for more then 5
<Shogoot> :S
<RoyK> what does smartctl say about it?
<Shogoot> but im not worried its gonna be a clone of an newer hdd
<Shogoot> havent run it
<Shogoot> sec
<RoyK> start with smartctl -H
<RoyK> then smartctl -t short
<RoyK> usb drives don't always support checking, though
<Shogoot> errr
<Shogoot> http://pastebin.com/FGgAinGS
<RoyK> yes
<RoyK> you have to give it the device name
<RoyK> obviously ;)
<RoyK>  /dev/sdb or something
<RoyK> !man | Shogoot
<ubottu> Shogoot: The "man" command brings up the Linux manual pages for the command you're interested in. Try "man intro" at the  command line, or see https://help.ubuntu.com/community/UsingTheTerminal | Manpages online: http://manpages.ubuntu.com/
<Shogoot> smn@neoguaton:/dev$ smartctl -H /dev/sdb1
<Shogoot> smartctl 5.43 2012-06-30 r3573 [x86_64-linux-3.5.0-17-generic] (local build)
<Shogoot> Copyright (C) 2002-12 by Bruce Allen, http://smartmontools.sourceforge.net
<Shogoot> Smartctl open device: /dev/sdb1 failed: Permission denied
<Shogoot> smn@neoguaton:/dev$
<Shogoot> woops
<RoyK> !pastebin | Shogoot
<ubottu> Shogoot: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<Shogoot> i know i know :P
<Shogoot> http://pastebin.com/Dw5A4yDf
<RoyK> you need to be root to run that - put sudo in front
<Shogoot> SMART Health Status: OK
<RoyK> well, good
<RoyK> still, it'll eventually die
<Shogoot> http://paste.ubuntu.com/1622345/
<RoyK> so beware of hardware failure
<RoyK> typical usb thing
<Shogoot> rgr
<RoyK> better get a cheap sata card
<RoyK> install internally
<RoyK> add a mirror
<RoyK> do it right
<RoyK> that usb drive will eventually die
<RoyK> get two smallish drives, create a raid-5 on them
<RoyK> copy the data over
<RoyK> add another if you get out of space
<RoyK> grow it to raid-6 if you get a lot of drives
<RoyK> remove the smaller drives during time, when all drives are at the same size, the raid will grow
<RoyK> or you can grow it to all what's left
<RoyK> so, Shogoot, learn linux, learn md raid, preferably - start off with a vm where you can play around a bit with it
<RoyK> that way you can avoid the errors most newbies do
<RoyK> your single drive server will probably work for a while, but that lone drive will eventually die
<RoyK> so better get a raid running
<RoyK> just my 2c
<Shogoot> i will :)
<RoyK> nite
<Shogoot> good night
<Shogoot> if off too. bye bye people and boots
<sweettea> I asked before, what is the equivalent of chkconfig --list on unbutu-server?
<chrisd___> Hello. I have a nice PXE setup for automatically deploying servers. Everything is over gigabit LAN with local mirrors. However, even a minimal installation seems to be slow -- mayb 30-60 minutes. Anyone have thoughts on how to speed this up or better rapid delpoy solutions?
<Pici> sweettea: service --status-all   ?
<chrisd___> http://www.ubuntu.com/business/server mentions that there are great new rapid deployment tools, but fails to mention what they are.
<Pici> chrisd___: I believe that is referring to juju, which is the cloud/maas deployment thing.
<sweettea> Pici: I want to get a list of all the services running that I might want to turn off
<sweettea> like networkmanager
<chrisd___> Pici: It mentioned that there are a bunch of things for deployment, and then mentioned JuJu as a secondary thing for cloud deployment.
<sarnold> chrisd___: perhaps maas is what you're after?
<Pici> http://www.ubuntu.com/cloud/orchestration/deployment
<Pici> http://maas.ubuntu.com/ too
<sarnold> juju is only going to make sense on a pile of machines if yo'uve got maas on them, or install openstack on them manually
<sarnold> juju won't get you to installed machines more quickly
<chrisd___> Yeah, those things just seem like the new Ubuntu-y way of doing Cobbler or Puppet or such. Which isn't a bad thing, but not going to help speed up the Ubuntu Installer itelf.  I'm seriously an hour deep on this automated preseed install for a minimal KVM server. I can do the same in RHEL in 10 minutes.
<chrisd___> Just trying to figure out if I'm doing something wrong/there's a faster way to do this, or if the installer and preseed are just inherently slow?
<sarnold> chrisd___: I've never done installs over the network, but on a local vm, it only takes a few minutes :/
<sweettea> Pici: sysv-rc-conf --list
<sweettea> that sound about right?
<sarnold> sweettea: ps auxw  would be more useful
<sweettea> does anyone know how to stress test a ton of memory thats not using memtest
<sweettea> sarnold: thats what I have been using :)
<chrisd___> sarnold: Are you using preseed files to automate the local vm install, or is that with doing things manually it's still faster?
<chrisd___> I'm trying to figure out the bottleneck here, but it just seems like the Ubuntu Installer itself. The slow parts are installing all the packages and what not.
<sarnold> sweettea: compiling qt4-x11 is pretty stressful..
<sarnold> sweettea: start as mnay of those as it takes to push you into swap.. :)
<sarnold> chrisd___: preseed to automate the local vm install
<sarnold> chrisd___: (I don't actually know how the tool does it, but preseeding the isos is one of the steps :)
<chrisd___> sarnold: Cool, I'll have to try that and check the speed difference.
<sarnold> chrisd___: there's also the FAI tool, in universe, that might do the job. At least they claim "minutes" too..
<sarnold> chrisd___: but .. I've got to wonder if it is something more basic, like wrong NIC speeds, or not writing to the disk correctly, or .. meh. it really shouldn't take long.
<chrisd___> sarnold: I've seen it with multiple systems in different network segments.
<sarnold> chrisd___: hrm. :/ if you don't come up with a good reason soon, perhaps filing a bug report or askubuntu.com question would be the way to go :/
<sweettea> sarnold: damn I think I have bad memory
<sweettea> any experience setting up mcelog? I need to find out whih dimm is bad :(
<sarnold> sweettea: sudo apt-get install mcelog
<sarnold> sweettea: then watch file /var/log/mcelog
<sarnold> sweettea: compiling qt4-x11 is how I discovered I had a bad motherboard or cpu :(
<sarnold> (and, like you, memtest86 never showed any problems)
<RoyK> does it log to mcelog by default? I thought syslog was still default
<sarnold> RoyK: /var/log/mcelog worked for me on 12.04 lts..
<sweettea> sarnold: do I have to do anything aftr I install mcelog?
<sarnold> newer or older might be different :) but it had its own files and put very little effort into setting it up.
<RoyK> ok, last I had issues was with 10.04
<sweettea> like run it?
<sweettea> i ran memtestr and the machine froze
<sweettea> memtester
<sarnold> sweettea: iirc, it should start automatically...
<RoyK> sweettea: memtest86 or the one you have in the boot menu should work
<sarnold> sweettea: if not, probably "service mcelog start" would be sufficient
<sarnold> RoyK: that doesn't spot everything though :(
<RoyK> neither does mcelog
<sweettea> i heard memtest sucks
<sweettea> yea
<sarnold> RoyK: I had a clean bill of health from memtest86, but mcelog routinely would log cache coherency problems, and once in a while, the machine would lock up -- when an irrecoverable fault would happen.
<RoyK> sarnold: but if he had a hang during memtest, well
<sarnold> RoyK: true enough, true enough...
<sarnold> RoyK: heh, that weas memtestr, I assumed that was a linux program...
<sarnold> RoyK: it won't be able to help find the dimm to replac,e if any
<sarnold> sweettea: oh, I asked a buddy, apprently the "banks" reported via mcelog have nothing to do with the physical banks of memory.
<RoyK> sweettea: desktop system or server?
<sweettea> server
<sweettea> ecc memory
<sweettea> amd AD
<RoyK> then call support
<sweettea> huh
<sweettea> i built it myself
<sweettea> budget
<RoyK> oh
<RoyK> ok
<sarnold> sweettea: ah, /etc/init.d/mcelog start   :)
<RoyK> enable mcelog by default, as sarnold suggests
<sweettea> mcelog is running.
<sarnold> yay
<sarnold> good luck :)
<sweettea> its running
<sweettea> mcelog file is empty
<sweettea> dmesg has stack errors
<RoyK> sweettea: was it running last time things crashed?
<RoyK> memory errors can block i/o
<RoyK> so better use a network console or a serial one if you're an old timer
<sarnold> .. I don't think it'll tell you anything about the past. it has to be running to log anything.
<sweettea> ohhh
<sweettea> so it cant write to disk?
<sweettea> errors?
<sweettea> blarg
<sarnold> often not
<sarnold> and when I tried netconsole, I got nearly nothing :( it wasn't worth the hassle. :(
<RoyK> serial console always work
<RoyK> netconsole should too
<sweettea> I dont have that hooked up, I already racked the crap
<sarnold> I'd have more faith in serial console..
<sweettea> I might as well just buy memory and replace
<sarnold> sweettea: iff it is memory
<sweettea> im pretty sure its not hd
<sweettea> I was writing dd overnight
<RoyK> sarnold: tried to do a good old memtest86?
<sarnold> it could be chip :/
<sweettea> to the hd
<sarnold> RoyK: yes, it never found anything. I assumed it was because the faults weren't on the boot cpu.
<sweettea> Ive never had a bad chip in my entire life
<sarnold> (well, by 'never', I mean "not in 30-something hours..)
<sweettea> if it is
<sweettea> ill be sad
<RoyK> sarnold: memtest86 tests everyhing
<sweettea> memtest wont tell me which dimm is bad
<sarnold> sweettea: if it is just a bad dimm, it ought to ..
<RoyK> it'll tell you the address
<sweettea> but I guess it would tell me if its indeed mem vs cpu
<sarnold> sweettea: or, at least, I've had success with taking bad addresses from memtest86 and blocking them out with mem=....
<RoyK> sweettea: the address is absolute in a small system
<sweettea> its 64G of ram
<RoyK> not big
<sweettea> will take at least 1 day right
<RoyK> something like that, yes
<RoyK> for a full run
<RoyK> the memory errors usually show up before stage 3-4, though
<RoyK> early random writes etc
<sweettea> okay going to the DC :(
<sarnold> good luck sweettea :)
<sweettea> thanks for your time guys
<dingo> i want to use the command line only to listen to radio and songza.com problem is these are flash and java based. i know i can use mplayer with an ip to steam, but i am having problems finding the ips i want. if songza.com streams to a gui browser doesnt there have to be an ip somewhere to get?
#ubuntu-server 2013-02-08
<talntid> I have a multihomed machine (2 NIC's, 2 valid gateways, on different networks) and I am having trouble making it so the machine can send/recieve traffic on both interfaces flawlessly. Is this not possible?
<talntid> if I use the default settings, sometimes it goes out over eth0, sometimes over eth1. I want the machine to send its traffic out over whatever interface it recieves it from - and in the case it is initializing its own traffic, just send it out over eth0.
<sarnold> talntid: perhaps the LARTC website will be useful: http://lartc.org/
<sarnold> talntid: here we go: http://lartc.org/lartc.html#LARTC.RPDB.MULTIPLE-LINKS
<drag0nius> anyone had troubles loading config on 12.04?
<qman__> !anyone | drag0nius
<ubottu> drag0nius: A high percentage of the first questions asked in this channel start with "Does anyone/anybody..." Why not ask your next question (the real one) and find out? See also !details, !gq, and !poll.
<drag0nius> SHOW config_file; points to right file
<drag0nius> but even though listen_addresses are set to '*' in the file 'SHOW listen_addresses;' prints localhost
<qman__> what software are you referring to?
<drag0nius> postgresql9.1
<drag0nius> netstat -tlnp shows postgres on 127.0.0.1:5432
<drag0nius> but connections are not allowed
<sarnold> do you need to do anything to reload the config?
<qman__> normal service restart/reload
<drag0nius> yeah i tried restarting/reloading/stopping -> starting
<drag0nius> nothing works
<sarnold> logs?
<drag0nius> there is nothing
<drag0nius> hmm
<drag0nius> 'incomplete startup packet'
<drag0nius> http://wklej.org/hash/7da7e6e01e8/
<drag0nius> could not connect to server: Connection refused (0x0000274D/10061) Is the server running on host "192.168.1.1" and accepting TCP/IP connections on port 5432?  thats whole error
<drag0nius> i even tried putting 0.0.0.0/0 trust in ph_hba.conf
<drag0nius> nothing seems to work
<sarnold> drag0nius: maybe try listen_addresses 127.0.0.1,192.168.1.1
<drag0nius> i don't think it loads that config file at all
<drag0nius> psql still shows localhost
<sarnold> drag0nius: strace -f -o /tmp/pgsql service postgresql restart
<sarnold> drag0nius: find out for certain what config files it reads :) damned blunt hammer, but..
<drag0nius> what am i supposed to search file for?
<qman__> my first guess would be that there's a syntax error in it causing it to be ignored
<qman__> but I don't know
<drag0nius> 3936  faccessat(AT_FDCWD, "/etc/init/postgresql.conf", R_OK) = -1 ENOENT (No such file or directory)
<drag0nius> that?
<qman__> I'm not intimately familiar with how postgres handes its config files
<qman__> that's upstart
<drag0nius> then there is 3936  stat("/etc/postgresql/9.1/main/postgresql.conf", {st_mode=S_IFREG|0644, st_size=19259, ...}) = 0
<drag0nius> i guess that 'SHOW listen_addresses;' should display right value to start with
<drag0nius> maybe let's just try restarting machine
<koolhead17> hi all
<elfranne> i am doing so developing to parse some website but the amount of data and their servers are quite slow, is there a way to do some sort of forced proxy to cache the content ?
<lifeless> you could use a proxy yourself :) - such as squid
<mah454> Hello
<mah454> I want to run Clud Computing .
<mah454> OpenQRM or OpenStack ?
<mah454> what choice is better ?
<koolhead17> melmoth: hola
<melmoth> hola koolhead17
<Berndt> Hey, I am trying to install a wow server, and I am stuck on a step on this guide where I am to install databases. It has to do with mySQL which I have no experience of dealing with, and I just don't understand what I am supposed to do. I have installed a mySQL server on my server computer, and I have downloaded the .sql files, but I don't know how to install them... :S
<Berndt> The guide I am following is http://collab.kpsn.org/display/tc/How-to_Linux, I am on the step "INSTALLING THE DATABASES"
<melmoth> Berndt, looks like you have to create database in mysql, a user, grant privileges for this user on this database
<melmoth> and then inject the sql dump in this database
<Berndt> I would like to learn to use mysql but I don't have any clue how to do that. I have tried creating databases but I have no clue where to start.. Any tips on how I can learn to do that?
<TuxLof> normalizing
<melmoth> http://webcheatsheet.com/SQL/mysql_backup_restore.php
<melmoth> this show how to create backups sql file (i bet this is the kind of file you have) and how to restore them
<melmoth> http://www.debuntu.org/how-to-create-a-mysql-database-and-set-privileges-to-a-user/
<melmoth> and this on how to create a db and some user
<hallyn> jamespage: fancy reviewing a qemu upload?
<hallyn> jamespage: oh, nm.  I fear in this case it'll just waste your time.
<hallyn> Daviey: can you update the qemu-kvm listing in the server seed to be qemu-system-$arch?
<hallyn> (we have: qemu-system-x86, qemu-system-ppc, qemu-system-arm, qemu-system-sparc, qemu-system-misc, qemu-system-mips)
<Daviey> hallyn: do you want to propose a merge proposal?
<hallyn> Daviey: for which?
<hallyn> for the server seed?  I didn't realize there ws a package/source for that
<hallyn> be happy to though
<hallyn> d'oh
<hallyn> stgraber: Daviey: qemu is not in the server set yet?
<hallyn> I don't have upload rights
<Daviey> ugh
<stgraber> hallyn: let me look into that :)
<stgraber> because it should be so we need to fix that
<hallyn> Daviey: oh since i didn't see you there yesterday, you can relive it:  https://wiki.ubuntu.com/LxcUsernsIrcChat
<hallyn> stgraber: thanks
<stgraber> stgraber@castiana:~/data/code/ubuntu-archive-tools$ ./edit-acl add -P ubuntu-server -s qemu -S raring
<Daviey> hallyn: i thought you had PPU for qemu anyway :>
<stgraber> Added:
<stgraber> qemu
<Daviey> hallyn: I look forward to reliving
<hallyn> stgraber: thx
<hallyn> Daviey: for qemu-kvm, but not qemu
<Daviey> ah!
<hallyn> roaksoax: hey, could I get you to sync netcf from debian experimental to raring?
<Daviey> hallyn: so you probably want to s/qemu-kvm/qemu-NEW-BINARIES/ in virt-host seed ?
<hallyn> Daviey: well per infinity's comment last night, i assume something like qemu-system-x86 [ i386 amd64 ] \n qemu-system-ppc [ ppc ] etc
<hallyn> but yeah
<hallyn> Daviey: I'll do a mp.  should I assing you, or leave it blank?
<hallyn> heh, how does one test that :)
<hallyn> are powerpc, i386 and amd64 the only ones we officially support in server seed?
<Daviey> hallyn: you can germinate yourself.. but generally JFDI
<Daviey> hallyn: yes
<Daviey> hallyn: I will happily review + merge it
<hallyn> Daviey: are you trying to get me in trouble with the local law?  my attempts to test my server seed change have led me to "Cannabis Seeds Germination Troubleshooting Guide"
<Daviey> hallyn: why do you think they call it high level management ?
<hallyn> Daviey: ok, anyway this has to wait until the new pkgs are published, so i'll do mp on monday - thanks, ttyl
<Daviey> super
<Daviey> thanks
<Daviey> hallyn: actually, if you could do it later today... that would mean that next ISO would be undersized..
<hatake> hy how to fix this http://dpaste.com/915775/
<hallyn> Daviey: but i can't, qemu-system-x86 doesn't exist yet
<hallyn> i'll see how quickly it builds
<hallyn> wait, did it already build?  wow
<hatake> hy how to fix this http://dpaste.com/915775/ ?
<hallyn> Resolving terrrtertetetertertertertertertertertertretrtbh (terrrtertetetertertertertertertertertertretrtbh)... failed: Name or service not known.   wow
<hallyn> dns problems?
<hatake> no dns fine
<hallyn> roaksoax: ping
<roaksoax> hallyn: pong
<hatake> eror http://dpaste.com/915863/
<hallyn> roaksoax: hey, do you mind syncing netcf from debian experimental into raring?
<roaksoax> hallyn: netcf (1:0.2.3-1) experimental; urgency=low ?
<hallyn> roaksoax: yup
<roaksoax> hallyn: done: syncpackage: Request succeeded; you should get an e-mail once it is processed. :)
<hallyn> roaksoax: thanks!
<hallyn> now to wait for the qemu fallout.  i've got a hair patch to review meanwhile, bbl
<Techdude1011> hi all, I am having a problem with my time server - Server dropped: strata too high
<Techdude1011> any help would be greatly appreciated
<sarnold> Techdude1011: going strictly by that error message here, I wonder if the machine you had set as your time source is too many hops away from a strata 0 time server (say, a GPS radio or something)
<Techdude1011> sarnold:only behind a single router
<Techdude1011> stratum keeps showing up as 16 for some reason
<sarnold> Techdude1011: hehe, sorry, not those hops.. getting time from machines that got their time from machines that got their time from .. all the way down.
<sarnold> though 16 makes me wonder if your upstream time source is missing altogether? 16 is a magical number..
<Techdude1011> sorted :) it was apparmor
<sarnold> ah!
<sarnold> Techdude1011: please file a bug if it is too-tight policy :D
<Techdude1011> think it's just down to lack of knowledge on my part
<Techdude1011> thanks for the help btw
<sarnold> Techdude1011: my pleasure :)
<MACscr> how do i update my nameservers in resolve.conf? Ive read that i need to change them in /etc/resolvconf/resolv.conf.d/tail, but im really sure how to then get those to apply
<sarnold> MACscr: it ought to happen the next time resolvconf regenerates your config -- say, next dhcp lease or something
<sarnold> MACscr: feel free to make the same changes to /etc/resolv.conf if you don't want to wait or turn networking on and off again
<sarnold> (yes, they'll be thrown away, but you made the same edits in the 'tail' file, so they'll be replaced :)
<hallyn> sarnold: without trying, doesnt 'restart reslvconf' regenerate immediately?
<sarnold> hallyn: dunno? :)
<sarnold> hallyn: if so, that'd be way easier...
<hallyn> (test)  yup
<sarnold> yay thanks :)
<sweettea> MACscr: you can specify nameservers in the interfaces file
<jkyle> I'm trying to install the lvm2 package on 12.04, it throws this error: lvm2 : Depends: watershed (>= 2) but it is not installable
<escott> please dont crosspost
<jkyle> sure thing, seemed kinda dead. I'm not even seeing a watershed package in my cache
<escott> jkyle, thats part of what makes the crossposting worse... someone will leave the window on the dead channel open and start answering something that was already answered in the other channel 30 minutes ago
<pmatulis> jkyle: works fine here.  something might be messed up with your source files (/etc/apt)
<escott> !info watershed
<ubottu> watershed (source: watershed): reduce superfluous executions of idempotent command. In component main, is extra. Version 6build1 (quantal), package size 11 kB, installed size 60 kB
<jkyle> yeah, I'm poking around in there
<jkyle> I found it on the package search for precise
<escott> !info watershed precise
<ubottu> watershed (source: watershed): reduce superfluous executions of idempotent command. In component main, is extra. Version 6 (precise), package size 11 kB, installed size 60 kB
<escott> jkyle, certainly should be there. make sure you arent pinning by accident
<escott> !pinning
<ubottu> pinning is an advanced feature that APT can use to prefer particular packages over others. See https://help.ubuntu.com/community/PinningHowto
<escott> or holding for that matter "dpkg -l "watershed"
<jkyle> fresh install: https://gist.github.com/jameskyle/4741513
<jkyle> basically the first reboot after install
<jkyle> dpkg -l => un  watershed                                            <none>
<escott> jkyle, perhaps your apt mirror is out of sync and has an update to the lvm2 package but not the corresponding watershed package
<jkyle> well, odd thing is apt-cache search watershed doesn't find a watershed package. Let me point my sources.list somewhere else (currently pointing to us.archive.ubuntu.com)
<melter> i'm installing 12.10, and it's failing on "configuring apt"; is there a way to work around this?
<jkyle> switched to the mirror.anl.gov site, same error
<melter> i've tried a dvd and a flash drive, so it's not the medium
<melter> "An installation step failed. You can try to run the failing item again from the menu, or skip it and choose something else. The failing step is: Configure the package manager"
<jkyle> watershed is part of ubuntu core, really weird that it's not even in my apt cache
<guma> I was wondering is there is a way to create user 'suser' with nologon (I got that) and setup so users from specific group can 'su - suser' with no password?
<jck77> a root user with no password isn't really smart
<RoyK> guma: man visudo
<RoyK> or sudo
<RoyK> guma: it's not very smart, though, as jck77 said
<RoyK> guma: %somegroup ALL=(ALL:ALL) NOPASSWD:ALL
<RoyK> will do it
<RoyK> but then, if someone gets in with that group membership, you're fucked
<guma> RoyK: I do not want this user be root
<RoyK> then use specific sudo access
<RoyK> it's in the manual
<guma> I want to have common accoutn that you can't ssh to and people from "group can su to it and run specific software
<RoyK> that's easy with sudo
<RoyK> just rtfm
<guma> RoyK: ok RTFM
<RoyK> man sudo or google it
<sarthor> HI, .pl files are downloading instead of opening via mozilla, while on chrome that is opening as text. HElp please, I Installed sql-ledger on my ubuntu-server.
<escott> sarthor, when you crosspost please note it in the channel you are leaving
<sarthor> escott: Sorry I am unable to understand, Can you please write in a bit easy english. Sorry friend.
<kirkland> smoser: utlemming: Okay, I've just launched several Ubuntu 12.04.1 instances in AWS, and on my first login to a virgin system, I'm getting "can't create socket: No space left on device"
<utlemming> kirkl;and: ami id?
<utlemming> er, kirkland: ^
<utlemming> region?
<kirkland> utlemming: us-east-1d, hang on, might be user error....
<kirkland> utlemming: smoser: okay, false alarm, script kept logging me into the same instance where I'm seeing that problem
<kirkland> utlemming: that error is strange, though, as they is plenty of space left on all devices
<Daviey> growroot failed?
<utlemming> kirkland: can I take a peak?
<kirkland> utlemming: sure, what's your lpid?
<utlemming> kirkland: utlemming
<kirkland> $ ssh-import-id utlemming
<kirkland> mktemp: failed to create file via template `/tmp/tmp.XXXXXXXXXX': No space left on device
<kirkland> :-)
<utlemming> kirkland: are you playing with overlayfs?
<kirkland> utlemming: nope
<kirkland> utlemming: one sec, let me get you in there
<kirkland> utlemming: ssh ubuntu@ec2-23-22-241-88.compute-1.amazonaws.com
 * utlemming is in
<utlemming> kirkland: wierd. mtab isn't populated...and its refusing to populate
<kirkland> utlemming: this is a fresh boot--i've rebooted several times now
<Daviey> kirkland: what was the user-data?
<kirkland> Daviey: nothing passed whatever amazon loads by default when launching from the web interface
<utlemming> kirkland: this is really odd...I've never seen an instance behave like this
<kirkland> utlemming: me neither
<utlemming> kirlkand: out...can you paste a console log?
<kirkland> utlemming: yeah...one sec
<kirkland> utlemming: http://paste.ubuntu.com/1626918/
<utlemming> kirkland: nothing obvious...
<kirkland> utlemming: hmf
 * Daviey bets ir's just broken infrastructure 
<kirkland> utlemming: okay, I'm just going to STONITH this instance
<kirkland> utlemming: as i have a copy of it
<ianrossi> Hi there, I'm configuring Juju with a local install of Openstack (devstack) in a VM and I'm getting an error I can't get past.
<ianrossi> Is there anybody there that can help with Juju configs?
<utlemming> kirkland: that's what I would do
<kirkland> utlemming: thanks
<ianrossi> Here is my environments.yaml sanitized http://pastie.org/6098782
<ianrossi> The error I'm getting is "2013-02-08 17:30:16,292 ERROR 'object-store'"
<ianrossi> Looking for someone on the juju team, anybody there?
<sarnold> ianrossi: a few folks in #juju or #juju-dev, depending upon your needs..
<ianrossi> Thanks sarnold
<grufftech> Hey folks.  So i've ran into a bit of a dumb issue.    Brand new Ubuntu Server 12.04 LTS virtual machine, updated fully, trying to get PHP-gd bundled installed.   http://pastebin.com/wyu1c2ZC  are my commands so far. Modified debian/rules accordingly, (http://pastebin.com/devs1DD2)   and the compile fails shortly after creating "its own mysql database"
<hallyn> Daviey: https://code.launchpad.net/~serge-hallyn/ubuntu-seeds/ubuntu.raring/+merge/147491
<grufftech> Really confused as to why "apt-get build-dep php5" doesn't ACTUALLY get all the PHP5 dependancies, as well, but that's a side issue
<hallyn> Daviey: i couldn't assign you because it claimed you didn't have the rights to read the original branch
<sarnold> grufftech: since the builds are done in chroots with very minimal default packages, it really _should_ list all the build deps..
<grufftech> sarnold: I would think so as well.  I mean it's a bare bones install of Ubuntu Server 12.04 LTS, and i can't do something simple like recompile...  i'm missing something.
<grufftech> I'm compiling again, so i'll have the exact error here in 4-5 minutes.
<maxb> grufftech: I don't know that much about GD, but is there some reason why 'apt-get install php5-gd' doesn't supply what you need?
<Daviey> hallyn: merged with comment on MP for your review.
<Daviey> thanks
<grufftech> maxb: unfortunately ubuntu doesn't package php-gd with the version of gd that is typically packaged with php; therefore a rather large list of functionality missing from the ubuntu-packaged version.
<maxb> ah
#ubuntu-server 2013-02-09
<grufftech> maxb: basic functionality is there, but functions like rotating, resizing, ect are all not included.  which for my software, is a rather big deal.
<grufftech> and as much as I could get away with keeping 10.04 LTS for another 2 years on our production platform, I'd rather upgrade and keep current with the rest of ubuntu.
<hallyn> Daviey: not sure what you mean - we're not preventing anyone from installing qemu-system-x86 on ppc and vice versa.   I guess we can just install both everywhere if you like.
<hallyn> I was just assuming ppl primarily want to run kvm for their native arch
<hallyn> I don't have a preference - long as qemu-system-lm32 stays off :)
<hallyn> Daviey: thanks!  gnight
<dexterboy1106> I am trying to get my ubuntu server running had everything good then I ran into permission problems and I am reinstalling now, what i would like to do is have my owncloud  and my nas in the same dir and be able to move files between the two is that possible
<solitude88> Before I make a big mistake Im sure. I need to make a few directories writeable by apache user which is www-data and right now all the files folders are owned by user and usergroup ubuntu. Question is is it ok to change all the ownership of all files and folders to www-data?
<solitude88> files from from /var/www are owned by ubuntu
<sarnold> solitude88: it would be better if your data isn't owned by your webserver user account -- an exploit for the webserver, or any scripts that may execute as the webserver, would have the ability to overwrite your data files
<sarnold> I've seen more than a handful of sites with exploit javascript embedded into their HTML files by hacked servers or scripts.
<sarnold> ideally, your webserver has write permission to only its logfiles and whatever database socket it needs to do the job..
<solitude88> thanks sarnold. How would you suggest that I do this. Currently I have a plugin that needs read/write access by the same user as the webserver
<sarnold> of course, if the whole point is that your webserver lets you manipulate files, then that might be what you have to do. but I'd be skeptical of such tools. :)
<solitude88> well this is bad news lol
<solitude88> thanks so much sarnold
<solitude88> sarnold does it make a difference if all the files are under the public folder?
<sarnold> solitude88: not really, that's just a convenient naming convention
<solitude88> why would they make a plugin like this if its conviently exploitable
<sarnold> because people _like_ doing those sorts of things :)
<solitude88> sarnold look at this at the 1 minute mark http://vimeo.com/47685092
<dexterboy1106> s am trying to get my ubuntu server running had everything good then I ran into permission problems and I am reinstalling now, what i would like to do is have my owncloud  and my nas in the same dir and be able to move files between the two is that possible
<sarnold> solitude88: heh, he mentioned "standard upgrade script". that sounds ideal. :)
<solitude88> I guess theres always a give take when dealing with simplicity over security
<solitude88> and vice versa
<sarnold> solitude88: sometimes. I for one would rather update something via "ssh foo@host" followed by "upgrade_script.sh"   rather than loading a webpage and clicking a bunch of things. but that's just me. :)
<solitude88> yeah you're a cli jedi
<solitude88> me just a hobbyist
<solitude88> :)
<sarnold> hehe, I started out as a hobbyist once :) made a right mess of things once in a while too.. hehe.
<solitude88> lol
<solitude88> been there
<solitude88> done that
<solitude88> still doing
<sarnold> yay :) hehe
<dexterboy1106> I am trying to get my ubuntu server running had everything good then I ran into permission problems and I am reinstalling now, what i would like to do is have my owncloud  and my nas in the same dir and be able to move files between the two is that possible
<dexterboy1106> if a directory is highlighted green how do I change it back to blue
<dexterboy1106> I did it earlier but cant remember
<hallyn> uh what?  i guess it depends on your DIRCOLORS.  For me green is an executable file and blue is a directory.  i can't change from oen to the other :)
<dexterboy1106> how do i change an executable to a dir
<dexterboy1106> i didnt finish reading sorry
<dexterboy1106> i did it earlier but cant remeber what site I saw it on
 * patdk-lap doesn't know what colors are
<patdk-lap> I live in a monocrome world
<patdk-lap> 50 shades of grey?
<dexterboy1106> now the directory is highlighted green whith blue letters
<mattwj2002> hi guys
<blackjack> hy i want to cloning 10 pc i use clonezilla how to
<blackjack> can help my
<blackjack> i use ubuntu server 12.04
<dexterboy1106> ok fixed it
<dexterboy1106> damn
<dexterboy1106> chmod -R 776 *
<dexterboy1106> chmod -R 755 *
<mattwj2002> fixed what?
<dexterboy1106> now the directory is highlighted green whith blue letters
<mattwj2002> huh?
<dexterboy1106> you weren't in the chat yet
<mattwj2002> ok
<dexterboy1106> I had a directory that was highlighted green with blue letters I had permissions set for everybody 777
<mattwj2002> oh okay
<mattwj2002> any idea why an ubuntu server install keeps locking up on grub-install dummy?
<mattwj2002> how long does it normally take?
<KurtKraut> mattwj2002, are you sure the ISO you are using is okay? Also, is the hard disk okay?
<mattwj2002> I have used two different versions of ubuntu cd
<mattwj2002> the ubuntu cd
<hatake> how to fix this. http://dpaste.com/916486/ help
<hatake> how to fix this. http://dpaste.com/916486/ help
<hatake> plz fix http://dpaste.com/916535/
<dch> I'm moving some scripts from screen to upstart, but have found little reliable information about correct dependencies using upstart.
<dch> this works:  start on (static-network-up and filesystem and local-filesystems and net-device-up IFACE!=lo)
<dch> this doesn't: start on (static-network-up and filesystem)
<dch> Are there any other examples other than the upstart cookbook, or a list of events / dependencies you'd recommend?
<dch> [SOLVED] this is what I was looking for -- http://manpages.ubuntu.com/manpages/precise/en/man7/upstart-events.7.html
<jpds> dch: Well, you don't want to use net-device-up IFACE!=lo anyway.
<dch> jpds: so far I think local-filesystems is redundant, and my current (testing now) is `start on static-network-up and and started filesystem` does that look better?
<jpds> dch: Yep.
<dch> I'm reading that as "when the static-network-up event is emitted and the filesystem /etc/fstab are all mounted, then start"
<dch> I think my mistake was not differentiating between events and states.
<jpds> The problem with "IFACE!=lo", is that the device might exist... doesn't mean you have networking...
<dch> thanks for the clarification. it seems that a *lot* of people are using it though.
<dch> in fact that's been my single biggest frustration with upstart is that the examples on the net are frequently incorrect and simply don't work on a fast system running in parallel.
<dch> not a fault with ubuntu per se, mind.
<RoyK> iirc someone in here was talking about buggy intel NICs http://blog.krisk.org/2013/02/packets-of-death.html
<Plizzo> Hello! I've just performed a clean install of 12.10 on a new SSD in my server, but for some reason it does not find my RAID partition (md0). I have three disks in a RAID5 - /dev/sda, /dev/sdc, /dev/sdd, but there seems to be no raid anymore.
<Plizzo> fdisk -l tells me that these drives are Linux raid autodetect, so they should be okay. How would I get mdadm to assemble theese disks into an array again without any data loss?
<patdk-lap> tell mdadm to search and find them
<Plizzo> I just did sudo mdadm --assemble --scan
<Plizzo> And it did actually assemble them again
<Plizzo> But I noticed one disk has jumped out, so I'll have to add it again..
<Plizzo> Well, I solved it myself, but it will take about 5 hours for the rebuild :P
<Flavr> hello
<Flavr> http://www.youtube.com/watch?v=eTOKXCEwo_8&feature=player_embedded
<Judith> What is adult novelty?
<Judith> What is adult novelty?
<mbnoimi1> I installed horde from ubuntu repository by apt-get... I'm wondering now what's next? Do I've to configure it or it's has already configured?
<blkperl> mbnoimi1: you probably need to configure it
<mbnoimi1> blkperl: Is there any manual or documentation for that? I googled a lot about this issue but I got many articles explain how to install from the scratch not from ubuntu repos.
<SpamapS> mbnoimi1: it is most likely available at $hostname/horde/
<mbnoimi1> SpamapS: I tried http://localhost/horde but I got 404!
<mbnoimi1> installation command was "sudo apt-get install turba2 horde3 kronolith2 horde-sam nag2 gollem mnemo2 dimp1 sork-forwards-h3 sork-vacation-h3 imp4 ingo1 ansel1 sork-passwd-h3"
<hatake> i need Stage Tarball for ubuntu
<blkperl> mbnoimi1: google thinks theres a webmail-install command, did you run it?
<blkperl> mbnoimi1: found a guide http://www.swapninfoways.com/?p=168
<JanC> most likely there is documentation in /usr/share/doc/<package-name>/
<JanC> often in a file named README.Debian or something similar
<mbnoimi1> blkperl: thanks I found http://www.dalouche.com/wordpress/2006/01/19/horde3-and-imp4-howto-under-ubuntudebian/ I think it'll helps me out
<JanC> (might have a .gz extension if it's large & compressed)
<hatake> can help my http://dpaste.com/917498/
<verticalvoid> hello all.  i've been working on installing my server (12.04 LTS) and have been trying to set up a mail server properly.  i've pretty much have followed the howto guides (https://help.ubuntu.com/community/PostfixCompleteVirtualMailSystemHowto), but am now at an empasse because squirrelmail is not working!
<verticalvoid> i already have postfix and postfixadmin (although, not sure if I need that ? ) installed, courier is also what i am using.  it's probably a simple mistake in the MX records, and in the config settings for squirrelmail (i.e. which servername to point to, etc. since i'm trying to use multiple domains).
<verticalvoid> but, this is my first attempt at setting up a webserver ... so this mailserver stuff is tricky.  any help greatly appreciated.  back to reading more howto's ... but thought live help might be better.
<FaroukBA> hello! well I want to ask about something: every time I update my kernel the processor's ventilator starts turning at max, stays like that about 3 min then returnes to normal. is it normal?
<verticalvoid> FaroukBA:  i dunno.  seems like an odd thing to occur.  hence why you're here.
<verticalvoid> anyone have any knowledge on setting up mail servers on a home server with multiple domains? (virtual hosts, etc.)
<FaroukBA> verticalvoid, because I forgot where's the kernel dev channel :p
<verticalvoid> this i do not know ... maybe ubuntu-dev ?
<FaroukBA> :) thanks anyway
<verticalvoid> anyone know anything about mail servers?
<patdk-lap> they help me get more spam
<verticalvoid> sure ... just trying to get mine set up on my homeserver.  but thanks for the extraneous info.
<patdk-lap> you have a home server that doesn't block port 25? that is strange
<patdk-lap> you did ask a very undirected question, and you expected a better answer?
<verticalvoid> ok, very true
<verticalvoid> let me be a bit more specific
<verticalvoid> i just installed squirrel mail (i have postfix all set up ... i hope), and am setting up squirrelmail on multiple domains.  let www.mydomain.com = *, be any of about 12 domains i am hosting.  i want to be able to redirect */squirrelmail to the one directory that squirrelmail is located at on the server.  how is that possible with virtual hosting? seems simple but can't find an answer.
<verticalvoid> <--- new at any webserver stuff, always had a 3rd party host, but am moving to the DIY model more and more . . .
<patdk-lap> yep, just make a virtual host entry, and assign server aliases
<verticalvoid> right ... so, like .. <VirtualHost *>
<verticalvoid>   #ServerAlias /squirrelmail /usr/share/squirrelmail
<verticalvoid>   DocumentRoot /usr/share/squirrelmail
<verticalvoid>   ServerName www.matthewniemerg.com/
<verticalvoid> oops, uncomment out #ServerAlias
<verticalvoid> probably comment out the servername too ...
<Sanariel> hi
<verticalvoid> hello
<Flavr> Fatal error: require_once() [function.require]: Failed opening required '/app/config/boot.php' (include_path='.:/usr/lib/php:/usr/local/lib/php')
<Flavr> any help ?
<[HUN]Bitvilag> hi everyone
<[HUN]Bitvilag> i really need some help with my situation regarding ubuntu and lvm usage
<[HUN]Bitvilag> i have prematurely deleted the partition table of two harddrives that were in an lvm still active on the third harddrive with the system on
<[HUN]Bitvilag> what should I do?
<jpds> Check the backups.
<[HUN]Bitvilag> could you elaborate?
<jpds> Check the backups of the data on those drives. :)
<[HUN]Bitvilag> lol thanks but...are those backups on the system?
<jpds> OK, I was hoping you'd have a backup server just in case serious things like this happened.
<[HUN]Bitvilag> ohh
<[HUN]Bitvilag> nooo
<[HUN]Bitvilag> home server
<[HUN]Bitvilag> due to power consumption
<[HUN]Bitvilag> i had only one
<[HUN]Bitvilag> but ...i am thinking of..
<[HUN]Bitvilag> upgrading
<[HUN]Bitvilag> but thats does not solve my issue
<[HUN]Bitvilag> :S
<[HUN]Bitvilag> any other advice?
<patdk-lap> why would backups use power?
<patdk-lap> you either have to manually recreate your parition table
<patdk-lap> or forget about your data
<[HUN]Bitvilag> ohhh i thought you meant like a network raid
<[HUN]Bitvilag> so server backup
<[HUN]Bitvilag> full time
<[HUN]Bitvilag> noo u r right i shoudl have done backup
<[HUN]Bitvilag> and does manually recreating partition table possibel at al?
<[HUN]Bitvilag> is*
<[HUN]Bitvilag> all*
<[HUN]Bitvilag> possible*
<[HUN]Bitvilag> i mean i hardly know any info on the drives
<[HUN]Bitvilag> what do i need to know?
#ubuntu-server 2013-02-10
<kermit> has anyone ever connverted an existing badly mismanaged non dpkg based system to ubuntu by installing apt?
<qman__> what?
<kermit> i inherited 1000 gentoo systems
<qman__> there's no such thing as 'converting' another system to ubuntu
<qman__> apt only works because it manages everything
<SpamapS> kermit: perhaps whoever left them to you should have taken them to the grave instead... :)
<qman__> you can't just tack it on and expect anything to improve
<SpamapS> kermit: you are going to be better off replacing the systems one by one with clean installs
<qman__> portage isn't awful, but that assumes the previous maintainer stuck to portage
<qman__> lots of people don't
<qman__> so yes, the only solution is to replace it system by system
<SpamapS> with 1000 systems.. frankly even using apt is dicey without some kind of unifying configuration management
<qman__> yeah
<qman__> you need to put together your roles and standardize at the very least
<qman__> even if you don't use a large scale software management solution, you need standard builds
<SpamapS> Its just a nightmare if you have a problem and the answer isn't to just do a clean install and throw your usual tools at it.
<qman__> right
<qman__> you have to make those decisions up front in how you're going to do things
<qman__> even if they're not ideal for each situation
<qman__> I actually just put together the first version of a debian build we're going to use for our LaCie NASes at work
<qman__> and we only have a couple hundred of them
<qman__> took a couple weeks
<SpamapS> qman__: "build" meaning something you can repeat with one command?
<qman__> not quite but close, it's an image, we copy it to a flash drive
<qman__> set up boot order, run a setup script
<SpamapS> ^5 yeah thats the way to scale out
<uvirtbot> SpamapS: Error: "5" is not a valid command.
<qman__> it auto configures raid based on the number of drives
<qman__> auto installs our labtech agent for management
<qman__> sets up hostname and mail and all
<qman__> we have a bunch of lacies but it could really be used on any x86 device with evenly sized hard drives
<verticalvoid> anyone know why when i telnet into my database i'm using for my mail server that when i run the command "SELECT INBOX" Unable to open this mailbox, but I am able to SELECT INBOX.Sent ?
<patdk-lap> that doesn't make any sense
<patdk-lap> you can't telnet into a database
<patdk-lap> sounds more like your telnetting into imap
<verticalvoid> ok, that's what i'm doing.  sure why not.
<verticalvoid> *shrugs* i dunno.  first time attempting installing a homeserver and wanted to try to set up mail on it.  excuse me for improper use of terminology. :S
<verticalvoid> but, yes, i am using telnet localhost imap to get in there
<Koheleth> anyone got a small transparent ubuntu server logo?
<alimj> Question: I need a file system that supports "Transparent Compression" to store lot's of text files. Inasmuch as EXT* won't do that, what is your recommendaton? Btrfs (Oracle) is still in beta phase, Reiser4 implementation appears to be complicated?!
<alimj> Or possibly I have to forget compression at all?
<patdk-lap> I only know of ywo things
<patdk-lap> use a fuse compression layer ontop of any fs
<patdk-lap> or use zfs
<alimj> patdk-lap: Thanks. Will look into that
<alimj> patdk-lap: Checked both zfs and fuse. I am going with fuse. It appears that zfs has compliance issues with GPL. I wish that Kernel supported a native filesystem with transparent compression though. Thanks again
<JanC> alimj: btrfs has transparent compression and is close to be considered stable
<JanC> some distros will use it by default soon...
<JanC> depends on how critical your use of it is, of course
<RoyK> JanC: achem - "closte to be considered stable" is subjective
<RoyK> alimj: there's a native port http://zfsonlinux.org/
<RoyK> dunno how stable it is, though
<alimj> JanC: Thanks. I was considering btrfs (mentioned in 1st message). However, since it is still in development (by Oracle), we have to wait
<RoyK> zfs under fuse works ok, but write speeds tend to suck rather badly
<JanC> RoyK: it's as subjective as considering ext4 stable  ;)
<RoyK> JanC: no, it's not
<RoyK> JanC: ext4 is used by thousands upon thousands of machines out there, whereas btrfs still changes the ondisk formats
<JanC> ext4 has been seeing lots of bugs
<RoyK> JanC: btrfs is still on the bleeding edge
<RoyK> well, of course, there are bugs
<RoyK> but not comparible
<RoyK> if you want to run btrfs, make sure you recompile kernel and btrfsprogs once a week or so
<JanC> it's difficult to compare if you don't test servers with either of them
<RoyK> if you ask for help on an issue, running ubuntu 12.10 or perhaps 12.04, they will ask you to install the latest bleeding-edge kernel/userspace from git
<RoyK> JanC: well, I have 100+ servers on ext4 and a few test machines with btrfs. there are far more issues with those 3(?) btrfs machines than with the rest of the server park
<RoyK> so I guess I can compare
<alimj> OK, we currently have more than necessary good and reliable choices. I will use fuse until BtrFS is finalized ... :)
<RoyK> alimj: I gues that'll happen somewhere around 2017
<alimj> !!!!!!!!!!!!
<JanC> RoyK: well, that might be some good comparison point
<JanC> RoyK: depending on how you use both  âº
<RoyK> raid-[56] support was announced some 3.5 years back and the first git tree with the code was announced a month back
<RoyK> in btrfs
<RoyK> and it doesnÃ¦t work too well
<JanC> I wouldn't use RAID 5/6 with btrfs right now
<RoyK> btrfs development doesn't happen too quickly
<RoyK> JanC: well, I've just tested it in a vm, was a bit curious
<JanC> RoyK: I mean, I wouldn't use it in production
<RoyK> JanC: I used to run some 100TiB zfs machines in my last job
<RoyK> on openindiana
<RoyK> if you need zfs, better use something like illumos or freebsd
<JanC> what I mean is: some parts of btrfs might be stable enough for certain purposes
<RoyK> JanC: sure, but how can you know which parts?
<RoyK> it's a lottery
<JanC> testing  âº
<RoyK> better not use btrfs for something in production...
<RoyK> use ext4 or xfs
<JanC> and obviously, things that have been tested by others might be a good indication
<JanC> e.g. have a look at what SuSE will support
<patdk-lap> personally, I'm doing ext4 ontop of zfs volume
<patdk-lap> so I get compression, without any ugly linux mess
<blackjack> hy all
<blackjack> I'm still confused with this topology, in my ubuntu server using 2 nic, one onboard headed to swith, the second nic toward mikrotik, mikrotik ip 192.168.1.2, http://postimage.org/image/91p7e8eyj/
<blackjack> i want to make proxy squid mode bridge, can help my :(
<alimj> blackjack: Do you mean that you require a transparent proxy?
<blackjack> alimj, yeah right , can help my sir plz
<RoyK> blackjack: squid won't bridge, it will proxy
<RoyK> blackjack: to make your linux box a router, setup nat
<RoyK> routing+nat
<RoyK> pretty easy
<blackjack> RoyK, how to ?
<blackjack> RoyK, im using mikrotik+ubuntuserver for proxy
<alimj> blackjack: Let's clarify. What do you really want 1) Share internet 2) Share and cache content
<RoyK> blackjack: tried googling that?
<blackjack> alimj, number two share and cache content, i use squid/lusca
<blackjack> RoyK, already sir
<RoyK> http://bit.ly/UU4uJi
<blackjack> alimj, and RoyK so far I only use 1 nic and now I'm going to try the method bridges, by using the 2 nic, but im confuse
<RoyK> what are you trying to do?
<RoyK> single nic to router and then another to your home lan?
<alimj> blackjack: Then you require routing+nat+transparrent squid+ip tables. It is a long story. Not easy to say on IRC
<alimj> RoyK: I think he wants to NAT but meanwhile, cache HTTP content.
<RoyK> routing is easy, nat is pretty easy (with iptables), transparent squid proxy is very easy (with iptables) after a quick google search
<blackjack> alimj, yeah i now, before im using 1 nic, this http://images01.olx.co.id/ui/15/75/41/1319911088_270737441_2-JASA-SETTING-ROUTER-MIKROTIK-SQUID-EXTERNAL-PROXY-SERVER-Bisa-di-Set-Dari-jarak-Jauh-Pekan-Baru.jpg
<blackjack> now il try this http://postimage.org/image/91p7e8eyj/
<blackjack> so ?
<RoyK> oh, mikrotik - I guess you want to configure that router to use the squid proxy?
<RoyK> or not
<RoyK> just saw that last image
<RoyK> well, first of all, configure the two NICs on different subnets
<RoyK> setup NAT
<RoyK> setup transparent proxying
<RoyK> if you bridge, you wan't be able to control traffic that easily
<qman__> you can do it as a bridge
<qman__> http://freecode.com/articles/configuring-a-transparent-proxywebcache-in-a-bridge-using-squid-and-ebtables
<qman__> it's not easy but it's doable
<RoyK> as I said "not that easily"
<blackjack> no, I use a mikrotik to share the bandwidth, and I'm using ubuntu server as a proxy
<RoyK> and imho there's no point of bridging if you can use nat
<qman__> reduced complexity, drop-in replacement
<blackjack> qman__, RoyK alimj what the best, 1 nic or 2 nic
<RoyK> blackjack: just setup a different ip subnet for the second nic
<RoyK> enable nat
<alimj> I would say NAT with 2 nics
<RoyK> when that works, go further with transparent proxying
<blackjack> hmm meaby i know
<alimj> With 1 nic, users can setup IPs manually and connect to your mikrotik directly (bypassing Squid entirly)
<RoyK> if you have 10.10.10.0/24 on the wan side of that server, setup 10.10.11.0/24 on the other (or something)
<blackjack> pic just example, this my config
<RoyK> pastebin it
<blackjack> http://dpaste.com/918731/
<RoyK> blackjack: just drop the bridging
<alimj> blackjack: It is already too late here. I have to go. Hope the others would help. Good luck
<RoyK> blackjack: setup eth0 on 192.168.1.250 and eth1 on 192.168.2.250 (or something) and configure nat
<alimj> RoyK: I think that he could mix these two solutions: http://www.cyberciti.biz/tips/linux-setup-transparent-proxy-squid-howto.html    &    http://codeghar.wordpress.com/2012/05/02/ubuntu-12-04-ipv4-nat-gateway-and-dhcp-server/
<blackjack> RoyK, alimj i use this config http://dpaste.com/918734/
<blackjack> on rc.local
<blackjack> whether this is true ?
<RoyK> blackjack: and I would recommend against using a bridge - as alimj posted
<RoyK> blackjack: anyway, using rc.local for configuring network isn't really a good idea
<RoyK> better do it properly in /etc/network/interfaces
<alimj> RoyK: It is too complex. Too much for IRC. Blackjack: Follow those two posts. 1st setup Nat mode and then setup transparent cache proxy for HTTP (Port 80)
<RoyK> blackjack: really, get rid of that config in rc.local, and setup the two nics with addresses on different networks
<RoyK> enable routing
<RoyK> enable nat
<blackjack> alimj, my My proxy is running, I just want to use the bridge method
<RoyK> when that works, enable transparent proxy
<blackjack> RoyK, ok
<alimj> OK. Then I have to say goodbye and wish you all good luck :) See you
<RoyK> nite, alimj
<blackjack> thank you RoyK alimj :D
<miker> Yeah, I need big help.
<miker> It has to do with ubuntu server networking setup, I have a thread on Ubuntu Forums with more information.
<miker> http://ubuntuforums.org/showthread.php?p=12497490
<miker> If someone could just look at that, and possibly help me or direct me to help. That'd be amazing.
<RoyK> miker: packet loss? does ifconfig report it?
<RoyK> btw, you should add a netmask to ifconfig
<RoyK> or to /etc/network/interfaces
<miker> How do I know if ifconfig reports it?
<RoyK> pastebin ifconfig -a
<miker> Once sec.
<RoyK> !pastebinit
<ubottu> pastebinit is the command-line equivalent of !pastebin - Command output, or other text can be redirected to pastebinit, which then reports an URL containing the output - To use pastebinit, install the Â« pastebinit Â» package from a package manager - Simple usage: command | pastebinit -b http://paste.ubuntu.com
<miker> I'll add "netmask 255.255.255.0" then try it.
<RoyK> it won't help your problem
<qman__> honestly, it's probably a defect in the switch
<RoyK> qman__: the ifconfig output from that post shows no bad packages
<miker> But when I have it hooked up to my windows computer it works flawlessly no packet loss at all.
<qman__> if you watch a tcpdump/wireshark capture and see a bunch of random garbage, that'll confirm it
<RoyK> s/packages/packets/
<qman__> oh, no errors/dropped?
<RoyK> monitoring the switch may help as well
<RoyK> but, miker, pastebin ifconfig -a first
<Sendoushi> been starting to use ubuntu and having some fun with it. Now i want to do a virtual machine for a home server. i'm a developer which wants to try out the development on my own network. Talking about LAMP and Node.js. Should I go with ubuntu or server or... even devian?
<RoyK> doesn't matter much
<RoyK> depends what you like
<Sendoushi> what would be the main difference in your point of view?
<RoyK> starting out with a 12.04 server (or perhaps 12.10 if it's only for development) should do
<RoyK> Sendoushi: about the same difference as between blondes and brunettes
<qman__> the difference is the default set of packages and the release schedule
<Sendoushi> eheh
<qman__> you can do pretty much whatever you want with both
<Sendoushi> i don't know much about the linux terminal and such but... i guess i'll try a ubuntu server
<Sendoushi> it doesnt hurt to try!
<RoyK> nope
<Sendoushi> i already have a ubuntu desktop installed also
<qman__> one thing you will quickly learn is that server applications are administered by the command line
<RoyK> ubuntu desktop is merely ubuntu server with a ton of X stuff
<qman__> it's not that difficult though, don't let it scare you off
<Sendoushi> i kind of like the command line ehehe
<RoyK> good
<Sendoushi> just get to get used to it
<RoyK> it's got a rather steep learning curve, but once you know it, well, it makes things rather much easier
<qman__> use the tab key
<qman__> it is your friend
<Sendoushi> tab key?
<Sendoushi> aaah ok ehehe
<Sendoushi> to get stuff already there :)
<Sendoushi> i use it on sublime text ehehe
<Sendoushi> or even c++
<qman__> ubuntu has lots of tab completion built in by default
<qman__> for more than just filse
<SpamapS> sometimes its actually overzealous
 * RoyK uses RHEL at work and doesn't like it too muc, except it's very stable
<SpamapS> Like I don't care that the file is called .foo I know its a tar..
<SpamapS> RoyK: "stable" how?
<RoyK> as in rock stable
<SpamapS> if you mean it never changes and has tons of outdated software.. agreed.. very stable. :)
<RoyK> of course
<RoyK> but if you only need samba or apache or some mysql or postgresql server, it's stable
<qman__> I actually ran into a customer who was still using a redhat 7 server a few months back
<qman__> they wanted me to restore some files from tape backup
<SpamapS> RoyK: MySQL 5.1 is *way* less reliable than 5.5....
<RoyK> agreed
<SpamapS> RoyK: its slower, it breaks on more replication scenarios, and has a dangerous optimizer that chooses horrible query plans.
<RoyK> but then, I don't like mysql in the first place
<SpamapS> RoyK: so yes, its predictably crap. :)
<miker> But it did report the packet loss.
<RoyK> what nic?
<miker> http://s9.postimage.org/4ljuzsw5b/IMG_20130210_130345.jpg
<miker> eth0
<RoyK> what sort of nic, is what I meant
<miker> "dropped: 43"
<miker> You mean like speed or brand?
<RoyK> miker: pastebin is a bit better ;)
<RoyK> brand
<miker> Yea I tried to pastebin it but it wouldn't uplead because of the packet loss.
<RoyK> heh
<RoyK> miker: what distro version?
<miker> 12.10
<RoyK> and what nic?
<qman__> lspci | grep net
<miker> And I'm looking up the brand, it's just a built in one on a IBM xServe 335
<Sendoushi> how many space (hard drive) do you think that the system needs?
<RoyK> miker: lshw
<RoyK> pastebin that
<qman__> Sendoushi, a stock install of ubuntu server takes approximately 1GB, though 2-4GB is going to be a lot more comfortable
<qman__> if you intend to have files and stuff saved, bigger is always better
<Sendoushi> ok so... 4gb plus like... 2gb for files
<Sendoushi> since it is only supposed to be server
<miker735> Okay.
<miker735> It's a Broadcom NetXtreme BCM5703X Gigabit card
<miker735> And http://pastebin.ubuntu.com/1634045/ that's pastebin lshw
<Sendoushi> installer is asking for partition disks
<Sendoushi> what is this LVM thing?
<Sendoushi> what should i use?
<miker> http://pastebin.ubuntu.com/1634069/ that's for ifconfig -a
<miker> What should I do?
<qman__> have you tried different switch ports? also, if you can, watch the traffic from the switch's point of view
<miker> Let me try another port.
<miker> I don't think I can monitor it from my switch
<qman__> Sendoushi, for a VM you probably don't need lvm, I'd just go manual and make one partition the full size of the virtual disk
<qman__> miker, can you ping from the switch?
<Sendoushi> well gone for lvm
<Sendoushi> now http proxy
<Sendoushi> should i ignore this for now?
<qman__> if you don't know, leave it blank
<Sendoushi> i think i need this http thing
<Sendoushi> ok then
<RoyK> miker: those broadcom NICs are rather infamous for their drivers
<RoyK> broadcom doesn't document their hardware openly, so unless you sign a badass NDA, you won't get access to them
<Sendoushi> damn just installed lamp
<RoyK> if you do, you can't write open source software
<miker> New port doesn's help
<Sendoushi> when they said "no gui" it was reallly no gui
<Sendoushi> so... how does the ubuntu desktop just weights the same than ubuntu server?
<qman__> what?
<miker>  
<qman__> miker, in that case, it's probably the NIC or the switch config
<qman__> the problem with old cisco gear is that it's old, and they often have bad ports and stuff, but usually it's only a couple, otherwise nothing would work
<miker> What could I change? Because when I bring the switch up to my room it runs perfect, 0% packet loss.
<Sendoushi> how can i get the pt keyboard layout??
<miker> And I use the same port in my room as I do for my server.
<miker> dpkg reconfigure keyboard
<qman__> in that case I suspect the NIC or NIC driver in the server
<miker> But when I connect my server straight to my router I get no packet loss.
<qman__> yes
<miker> How could it be the drivers then?
<qman__> what I'm saying is, there's an incompatibility between your NIC or driver and that cisco switch
<unami> Hi there. I'm configuring a Ubuntu server on an existing  network, and I was wondering if there was a good guide for configuring Postfix. I'm unsure about whether I need to be configured as an internet site, or a satellite. There is an existing smtp server that I would need to use for sending any mail.
<qman__> if the switch has any VoIP features or STP on, I'd try turning those off
<qman__> and any extra functionality beyond dumb switch, and see if it solves the issue
<qman__> unami, if you are using an existing SMTP server, then you need either satellite system or internet site with smarthost
<qman__> which depends on how you want to use postfix
<qman__> if you only want local mail to get to the internet, smarthost
<qman__> if you want to provide mailboxes for other systems and users, internet site
<qman__> err
<qman__> if you only want local mail to get to the internet, satellite
<qman__> if you want to provide mailboxes for other systems and users, internet site with smarthost
<Sendoushi> damn how will i know what layout of keyboard i have and how to get the right one?
<unami> qman__: This is helpful - thank you.
<miker> I'm not even sure if this switch has any special features like that.
<Sendoushi> not getting the right keyboard setup :s
<Sendoushi> not even getting the /
<Sendoushi> i'm accessing console-setup for the keyboard but not really changing a thing
<Sendoushi> besides vim is there any easier text editor?
<maswan> Sendoushi: nano is often recommended for something easier to learn
<Sendoushi> how can i nano?
<Sendoushi> damn i dont get it keyboard layout was just fine and now restarted the machine and once again... on the wrong one
<Sendoushi> how can i change display resolution?
<Sendoushi> guys how can i access the cd?
<Sendoushi> isn't there something like a dir from dos?
<Sendoushi> i need to get to the folder media inside the cd (i think it is there)
<_Andrei_> what do you mean by cd ? Sendoushi , the comand line ?
<Sendoushi> already solved
<Sendoushi> thanks
<Sendoushi> :)
<_Andrei_> oh yes change dir
<Sendoushi> already installed apache also and now checking how to do stuff on this
<Sendoushi> like... how can i connect to the ftp and such
<Sendoushi> or even dock it on my mac
<_Andrei_> ok ;)
<Sendoushi> ideas on how to do this?
<Sendoushi> i'm using a vm
<Sendoushi> ips are different, tried to bridge already but... not really working
<Sendoushi> but accessing the ip of the ubuntu machine... works so...
<_Andrei_> you're on an apple vm on ubuntu ?
<Sendoushi> apple vm
<_Andrei_> i'm on Ubuntu actually but MacOS i don't really know how it works
<Sendoushi> i also would like to change the display resolution of the machine
<Sendoushi> noe it is something around 1024x768 or something
<Sendoushi> but i would like to have like 500x768
<_Andrei_> have you asked some questions on #ubuntu channel ?
<Sendoushi> something like that. like a column so i can work on the other side you know?
<Sendoushi> i did
<Sendoushi> i tried
<_Andrei_> hope you'll find out, got to go, sorry
<Sendoushi> no problemo cya
<Sendoushi> how can i set a nfs folder on ubuntu server?
<Sendoushi> ubuntu server is inside a vm on mac and i want to access a folder inside ubuntu
<awaterma> hey all
<awaterma> I wonder if anyone's seen issues with installing vmbuilder on 12.10? I can't seem to install that nor python-vmbuilder due to missing (and uninstallable) dependencies?
<SpamapS> awaterma: uninstallable packages are a pretty serious (and usually easily fixed) bug. Perhaps report it?
<awaterma> I've only seen it on this local machine, I run 12.10 on a server and don't have this problem.
<Patrickdk> make sure you run apt-get update first
<awaterma> Yeah, I've updated and upgraded all sources. No complaints.
<awaterma> However, when I try and install python-vmbuilder I get:
<awaterma> The following packages have unmet dependencies: python-vm-builder : Depends: debootstrap (>= 1.0.9) but it is not installable
<awaterma> launchpad says it's available: https://launchpad.net/ubuntu/quantal/+source/vm-builder/0.12.4+bzr481-0ubuntu1
<g16> I thought that 0.12.4 < 1.0.9.
<g16> oh, it's another package, my bad, please ignore my comment.
<awaterma> got it.
<awaterma> Works if I update the mirror: http://packages.ubuntu.com/quantal/all/ubuntu-vm-builder/download
<awaterma> No fun running quantal on this old mac mini server. Nearly all working now, though.
<awaterma> One would think that "tasksel" would install a way to make vms for a server that handles virtual machines ....
#ubuntu-server 2014-02-03
<N0tMe> hey all
<N0tMe> does anyone know of a way to monitor /dev/null... I would like to mirror it to a logfile
<hitsujiTMO> N0tMe: you can't: man null
<maxwlang> Why does fuse refuses to work? modprobe fuse returns module fuse not found and /dev/fuse doesnt exist. Can anyone help?
<N0tMe> sorry this netbook has issues LoL
<N0tMe> .
<N0tMe>  hitsujiTMO the man page basically just describes that it is a device...
<N0tMe> i want to log users activity that pipe session hist to /dev/null
<hitsujiTMO> N0tMe: its a device that swallows everything and only spits out null
<N0tMe> yeh
<N0tMe> I want to see if I can find a way to log anything sent to it
<N0tMe> if I created it as any other device or a file,  it wouldnt send back a null when used to clear a file
<hitsujiTMO> N0tMe: you can't monitor it, and you shouldn't monitor it
<hitsujiTMO> N0tMe: what exactly is the end goal?
<N0tMe> I just have a user that pipes his session to /dev/null so there is no history
<hitsujiTMO> N0tMe: then modify it so its piped elsewhere
<Titanium> just remove write permissions to /dev/null and the problem goes away :)
* pratchett.freenode.net changed the topic of #ubuntu-server to: Ubuntu Server discussion and support | For general (not server specific) support visit #ubuntu | IRC Guidelines: https://wiki.ubuntu.com/IrcGuidelines | Get involved: https://wiki.ubuntu.com/ServerTeam/GettingInvolved | Docs and resources: https://help.ubuntu.com/12.04/serverguide/ | Quantal (12.10) roadmap bugs, http://status.qa.ubuntu.com/reports/ubuntu-server/release-bugs.html
<RoyK> trying to setup ldap auth against AD here, but it seems I must've made some mistake. How can I have it log debug status somewhere?
<teward> ol
<teward> oops
<cjwatson> Hi.  Could somebody deal with SRU verification of bug 1134103, at least for precise?  I need to close out the list of updates for 12.04.4 today, and the other bugs fixed by the openvswitch output look as though they're probably important.
<psivaa> hello, starting from 20140129, trusty server minimal installs for amd64 is now ~37MB larger than the i386 ones.
<psivaa>  it is roughly 32MB overhead that is being used in the smoke tests.
<psivaa> i could not find the package that started the bloat.
<psivaa>  dont know the significance either. but could adjust the smoke test if this is not a big issue
<hxm> hi, I should give a directory to 150:8 uid:gid, how do it?
<hxm> if I use chmod it uses the username not the numbers
<sarnold> you have a user named "158"?
<hxm> id vmail
<hxm> uid=150(vmail) gid=8(mail) grupos=8(mail)
<hxm> /home/vmail/Maildir should be owned by 150:8
<hxm> and now is drwx------ 7 vmail mail
<sarnold> okay, so ls -lnd /home/vmail/Maildir
<hxm> is the same?
<hxm> when I do ll, I see this: -rw-r--r-- 1  5000 5000  3637 mar 30  2013 .bashrc
<hxm> drwx------ 7 vmail mail  4096 feb  2 18:43 Maildir
<sarnold> ls -ln asks to use the numeric uids and gids, it's handy if name lookups are slow (ldap) or you have multiple ids for one name (that happened to me once, stupid ldap and unix accounts..)
<hxm> fine, thanks
<mgw> Doesn't dpkg avoid overwriting an existing /etc/default file? I've built a package, but every time I install it, it overwrites /etc/default/<mypackage>.
<ciastek> I use LXC containers and have set LXC's dnsmasq to offer ip addresses based on container hostname. It doesn't work anymore. How can I make dnsmasq to ignore client's DHCPREQUEST and offer address assigned to the client's hostname?
<mgw> any ideas why my package is overwriting its /etc/default file on upgrade? I thought dh_installinit would ask before replacing /etc files.
<Praxi> I started a apt-get remove for something and did not monitor its dependencies very well.  I noticed that it ran a reconfig on something I wanted to keep.  I switched to another terminal session and killed all the related dpkg processes.  I assume dpkg is going to recognize that it has uninstalls to do and try to proceed with the uinstalls.  Is there a way for me to stop that from happending?
<Wilkim> hello
<Wilkim> If I have a dedicated (really good but rather useless) laptop dedicated as a ubuntu-server setup running nginx, php5-fpm, mysql etc. Anyone has any recommended methods of having a real-time sync of the same files on my PC for editing, so I could edit, make a change, and then view them in the browser immediately to have the change to have taken?
<sarnold> Wilkim: if your server exports the contents over nfs or cifs or similar, you could edit those on the PC..
<Wilkim> Yea, I tried Samba-server for linux, works well but the IDE I use lags with the speed penalty of using cifs, thats why I was looking for syncing of some sort
<sarnold> Wilkim: ah, fair enough; you could use something like incron (http://inotify.aiken.cz/?section=incron&page=doc&lang=en) to kick off an rsync ..
<sarnold> that would move the lag to the viewing, but it'd be tolerable enough for small sites
<TJ-> Wilkim: Have you tried sshfs ?
#ubuntu-server 2014-02-04
<mgw> I'm having an issue related to conffiles with a package I've built.
<mgw> Any packaging gurus around?
<Patrickdk> hmm?
<Patrickdk> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<mgw> Patrickdk: thanksâ¦ the issue is this: depending on the order of dh_installinit and dh_installdeb, the /etc/ files are either always updated or never updated. What I want is for dpkg to ask whether to replace if and only if both files have changed. I thought this was default behavior for conffiles.
<mgw> (thank you ubottu, also ;-) )
<Patrickdk> hmm, there is a packaging channel that could answer that better
<Patrickdk> but I can't think of it's name
<Patrickdk> that is just alittle above my limited packaging ability :)
<teward> #ubuntu-packaging probably
<teward> Patrickdk: you mean that channel?
<teward> ;)
<Patrickdk> dunno
<teward> that's the packaging help channel
<Patrickdk> maybe, maybe #launchpad
<teward> well, no, not #launchpad
<Patrickdk> it's been several years
<teward> #launchpad's kinda launchpad-only now
<teward> #ubuntu-packaging's where I send people for general packaging help
<teward> (and where the packaging help channel seems to be)
<teward> mgw: maybe try asking in #ubuntu-packaging
<teward> but be patient, responses won't be fast
<mgw> Patrickdk, teward: thanks, I'll check there
<MarGul> Is it safe to go with the ondrej PPA if my server currently is running nginx? Because I see that it is installing some apache software as well
<bapestore> where are mounted items at? like cdrom, ehdd directories?
<hitsujiTMO> bapestore: mount                  will list all mount points
<bapestore> hitsujiTMO: thanks
<bapestore> i think i typed mnt /mnt/cdrom /mnt
<bapestore> and it worked. hitsujiTMO
<bapestore> When installing server in a virtualbox, how does my host connect to its httpd server through localhost.domain?
<wizard-pc> i'm on amd64 ubuntu server13.10. Is there an installation guide on tftp server to install win7 through this server onto another machine in the network
<Tazmain> Hi all I am using ubuntu server 12.04.1 LTS how do I disable gdm from starting up ?
<hitsujiTMO> Tazmain: no need to ask that question in 2 channels. we're answering you in #ubuntu
<wizard_A> in https://help.ubuntu.com/community/Installation/Netboot i see /etc/dnsmasq.conf but in ubuntu13.10 server i do not any such file??
<rbasak> yolanda: do you want to take bug 1276032? Since I spoke to upstream/Debian about monitoring plugins, the Debian maintainer has been quite interested in making sure that Ubuntu stays up-to-date - but he's not familiar with the merging process. So I asked him to file merge bugs as appropriate when he thinks we should catch up.
<rbasak> https://bugs.launchpad.net/ubuntu/+source/nagios-plugins/+bug/1276032
<yolanda> rbasak, sure
<yolanda> i can take a look this afternoon
<rbasak> Thanks!
<yolanda> np
<rbasak> roaksoax: fyi, bug 1248054 https://bugs.launchpad.net/ubuntu/+source/dlm/+bug/1248054
<rbasak> Looks like it's pretty broken.
<zul> hallyn:  this is something we need http://libvirt.org/git/?p=libvirt.git;a=patch;h=6e5c79a1b5a8b3a23e7df7ffe58fb272aa17fbfb
<hallyn> zul: looks like
<zul> hallyn:  ill get it today
<hallyn> thx
<hallyn> i guess i need to start this qemu merge
<jo-erlend> I have a weird networking issue. I've taken som old junk and built a server from a fruit case. Quite perfect. Since I don't have a monitor cable, I used the disk as a raw device in vbox, installed Ubuntu with openssh-server there and then mounted the disk in the fruit case. It boots and responds to pings. However, I get connection refused form sshd all the time. When I take the disk back into the desktop and boot with vbox, I connect
<jo-erlend> just fine.
<jo-erlend> any ideas?
<mardraum> udev and /etc/udev/rules.d/70-persistent-net.rules ?
<sarnold> jo-erlend: egress firewalling on your outgoing ssh connections?
<jo-erlend> why would this apply only to one of my computers? I haven't configured any of this. Was something changed in 12.04.3?
<jo-erlend> I did the exact same thing to another computer a week ago and that worked perfectly.
<sarnold> jo-erlend: dunno, it doesn't make much sense. i'd expect it to work as you experienced the first time aroud..
<jo-erlend> I think it's very strange.
<jo-erlend> oh.. We're at 12.04.4 now?
<sarnold> I think 12.04.4 is thursday?
<jo-erlend> sarnold, ok. It says 12.04.4 when I log in.
<tomixxx> hi, i have the following set up: an ubuntu server is connected via switch to two nodes. moreover, the server is connected via another network interface to the internet. the "interfaces" file looks as follow: http://pastebin.ubuntu.com/6873464/ The question now is: How is it possible that the NODES get internet access?
<tomixxx> So, eth1 connects my server to the i-net and eth0 connects my-server to the two nodes
<tomixxx> And both nodes need internet access
<tomixxx> how could i achieve this? ;)
<sarnold> jo-erlend: hunh. very odd. did you grab it from a daily iso or similar?
<jo-erlend>  sarnold, no, it's the 12.04.3 image.
<jo-erlend> uhm. I did install upgrades though.
<jo-erlend> but the ssh issue was there before I installed those upgrades.
<sarnold> tomixxx: investigate masquerading, snat, dnat.
<tomixxx> sarnold: so this cannot be achieved with bridges?
<jo-erlend> hmm. It doesn't reply to http either. Why?
<raub> Why is there an freeipa client package for ubuntu? Isn't freeipa as far as a client is concerned garden-variety ldap+kerberos+sprinkles?
<sarnold> tomixxx: it can if you have sufficient IPs
<tomixxx> sarnold: k, i have no idea if i have sucfficient IPs
<jrwren> tomixxx: teh server which is connected to the internet would act as a NAT router. You'd set a default gateway on those 10.0.0.9 to the server.
<jrwren> tomixxx: what kind of OS does the server run?
<tomixxx> jrwren: ubuntu server 12.04.3
<sarnold> tomixxx: ah, I see you're in #juju too getting some advice there :)
<sarnold> tomixxx: most people asking that kind of question are aiming at sharing an internet connection
<jrwren> is that not the case here?
<sarnold> tomixxx: do you have another router on your network doing NAT? or is this machine going to be your external-facing firewall?
<tomixxx> jrwren: no, i want to deploy a private cloud
<jrwren> tomixxx: openstack?
<tomixxx> sarnold: not sure, however, eth1 connects me to the "university network"
<tomixxx> jrwren: yes
<jrwren> tomixxx: dhclient -i eth1 ?
<sarnold> openstack on three machines? o_O
<tomixxx> sarnold: 2 nodes, 1 server
<tomixxx> sarnold: so, yes, ressource are limited right now
<tomixxx> jrwren: http://pastebin.ubuntu.com/6873601/
<jrwren> oh, I guess I remembered it wrong.
<jrwren> sorry tomixxx
<jrwren> gl hf
<jrwren> #openstack might help too
<jrwren> but in general, i've found wiht openstack you are largely on your own, trying things, failing, digging through docs, fixing things.
<jrwren> its a steep learning curve
<tomixxx> jrwren: i have to write my master thesis and the topic is cloud computing :-)
<sarnold> I love the bit that starts "for an HA openstack cluster, you'll need at least 28 machines..."
<tomixxx> jeepi, i have passed an exam :-)
<jrwren> an exam?
<tomixxx> jrwren: y, exam on the university
<jrwren> tomixxx: that is a pretty wide topic for a masters thesis. Do you have a more detailed topic?
<tomixxx> jrwren: yes, the goal is to parallelize NLP tasks with cloud computing and to investigate, which cloud provider is best in terms of a few indicators
<jrwren> ah, interesting.
<jrwren> public and private? how many public and privates will you be considering?
<tomixxx> at the moment, microsoft azure, amazon webservices as public clouds and one private cloud, at the moment Maas+openstack
<jrwren> tomixxx: sounds interesting. link me to your publication when you are done :)
<tomixxx> jrwren: kk, hopefully, i will finish some day
<vlad_starkov> Question: Choosing between Ubuntu/CentOS/OpenSUSE which OS is better for KVM host?
<jrwren> vlad_starkov: you are asking in #ubuntu-server so you are trolling. of course the answer is ubuntu
<vlad_starkov> jrwren: OK, I just looked for fair answer :)
<jrwren> vlad_starkov: my fair answer is still ubuntu
<jrwren> centos exists for people who have to deal with rhel and commercial support.
<jrwren> opensuse, I know nothing about.
<jrwren> just run ubuntu-server, it is very good.
<jrwren> not to mention good at openstack which does much more than KVM host
<vlad_starkov> jrwren: open stack is the goal, but first things first â kvm
<vlad_starkov> jrwren: it turned out that I cant boot Ubuntu Server on my specific hardware (it throws with CPU soft lockups errors and does not boot)
<sarnold> vlad_starkov: dang, no fix there? :(
<vlad_starkov> sarnold: nope, still...
<vlad_starkov> sarnold: when does Ubuntu plan to release next stable with fresher kernel?
<sarnold> vlad_starkov: a day or two, iirc
<sarnold> vlad_starkov: https://lists.ubuntu.com/archives/ubuntu-devel-announce/2014-February/001077.html
<sarnold> vlad_starkov: well, I've never used centos, so it might be unfair to judge, but I've never been a big fan of red hat's "there's only one way to do something" philosophy, they often picked tools I didn't care for. If ubuntu wasn't an option, I'd try opensuse before trying centos.
<vlad_starkov> sarnold: 12.04.4 is the latest LTS release. But any news on 14.0 LTS?
<sarnold> vlad_starkov: 12.04.4 will come with a refreshed kernel
<sarnold> vlad_starkov: 14.04 will come in another two or two and a half months
<jrwren> 14.04 will be end of April
<vlad_starkov> sarnold: do you knwo which kernel will be in 12.04?
<jrwren> vlad_starkov: if you are just doing KVM, i see little reason to use LTS.
<vlad_starkov> jrwren: 13.04 doesn't work for me too
<sarnold> vlad_starkov: it'll be based on the 13.10 kernel: https://lists.ubuntu.com/archives/kernel-team/2013-November/034753.html
<jrwren> vlad_starkov: what about 13.10 ?
<jrwren> vlad_starkov: what hardware are you using that none of these kernels work?
<sarnold> jrwren: supermicro motherboard, iirc..
<vlad_starkov> jrwren: that's a strange issue with my hardware over there
<jrwren> its rather unbelievable to be honest.
<vlad_starkov> sarnold: is it possible to make custom build of Ubuntu Server 12.04.4 64bit with a fresher kernel?
<jrwren> sure, its possible, but it is a lot of work.
<vlad_starkov> jrwren: I think I eventually will try all of them booting from USB flash and see which one will boot correctly
<vlad_starkov> I love Ubuntu and actually not to be too happy to switch to another OS
<vlad_starkov> Thanks for your advices. I think I'll try all of them.
<tomixxx3> i have tried to NAT the traffic from the LXC bridge to the internet-capable network interface eth1: http://pastebin.ubuntu.com/6874102
<tomixxx3> but it does not work, this means the lxc containers cannot be created because they fail to download sth
<tomixxx3> maybe i have misconfigured sth in the interface file?
<jmedina> tomixxx3: are you sure ip forwarding is enabled?
<jmedina> or that the nat rule is loaded?
<tomixxx3> jmedina: how do i check this?
<jmedina> cat /proc/sys/net/ipv4/ip_forward
<jmedina> and
<jmedina> iptables -t nat -L -v -n
<jmedina> and by the way
<jmedina> I dont see any default gateway in your setup
<jmedina> sorry, that is by dhcp
<tomixxx3> cat ... returns me "1"
<tomixxx3> and "iptables -t nat -L -v -n" prints the following: http://pastebin.ubuntu.com/6874148
<hallyn> zul: smb: does xen on ubuntu use the stock qemu, or a xen-customized one?
<tomixxx3> jmedina: so, port-forwarding from that side should working?
<smb> hallyn, depends... :-P
<smb> hallyn, When using the xm toolstack a xen-customized one. Starting with Saucy and Xen-4.3 and using xl its the stock qemu
<hallyn> smb: i'm being told (on oftc#debian-qemu) that seabios is about to break qemu in xen
<hallyn> smb: (not sure if you want to join there :)
<smb> hallyn, hm... not either sure... :)
<hallyn> don't be shy :)
<smb> hallyn, What they mean by is "about to"
<hallyn> at next debian upload i think
<smb> hallyn, Its less shyness and more the eagerness to start joining channels latish... If it must be...
<hallyn> zul: have you pushed that new libvirt yet?
<hallyn> zul: if not, could you add http://libvirt.org/git/?p=libvirt.git;a=commit;h=29ea437e408e441bad67e4ffae731286d356ca4a ?
<zul> hallyn:  not yet
<zul> hallyn:  sure
<hallyn> thx
<hallyn> hm wait, didn't i already take that one?
<hallyn> zul: yeah never mind, that's already in there
<hallyn> zul: do you have any objections to my dropping the symlinks for kvm-nbd and kvm-img?
<hallyn> (cause i'm doing it :)
<zul> hallyn:  context?
<hallyn> zul: kvm-nbd and kvm-img are symlinks to qemu-nbd and qemu-img.  I'm going to dro pthem in the next qemu merge from debian
<zul> hallyn:  thats fine
<hallyn> k
<hallyn> i actually could at this point turn them into one tree for both jessie and trusty, but mjt convinced me merges are simple enough not to do it yet.
<snori74> Hi, LTS12.04 box booted on kernel 3.8.0-35 gives "gave up waiting for root". Only able to resolve by reverting to 3.8.0-34. Any idea why - or how to best resolve this?
<Dry_Lips> I
<Dry_Lips> I'm unsure about what the correct SPF record would be.... v=spf1 mx include:domain.com ~all      or     v=spf1 mx include:domain.com -all
<Dry_Lips> in other words, - or ~ ?
<FunnyLookinHat> Is anyone aware of a bug or work item to update config files for apache2 in 14.04 for the new authz parameters?
<FunnyLookinHat> I can't find one - wondering if I should file or if I'm searching incorrectly
<rostam> Hi I have created a deb pkgs which once a while when I want to upgrade it I get the following error: "E: dpkg was interrupted, you must manually run 'dpkg --configure -a' to correct". I have not done any thing that could cause interruption. Is there anyway I can get more information on what has gone wrong? thx
#ubuntu-server 2014-02-05
<redneckJEDI> hello, first time user here. have stoopid question.
<redneckJEDI> 1) am i in a chat room and is anybody there?
<shauno> you are, we are
<redneckJEDI> fantastic.  i might not suck at this!
<redneckJEDI> question will follow the preceeding line:
<redneckJEDI> sudo ldapadd -Y EXTERNAL -H ldapi:/// -f backend.example.com.ldif
<redneckJEDI> what in the WORLD does EXTERNAL -H do?
<redneckJEDI> i ask at the risk of exposing my noobish skill.  :)
<shauno> I have precisely zero exposure to ldap, so all I could do is parrot the man page; but generic advice would be that if no-one replies, wait around a while - people do peek it, but not on a constant basis
<redneckJEDI> understood, thank you
<shauno> but I would check "man ldapadd" to see how it explains what -Y and -H are expecting  (I don't have it installed).  it's always a good start
<redneckJEDI> maybe EXTERNAL is part of the internal working of LDAP because the man pages don't show up for EXTERNAL explicitly.  must be buried in another man page
<redneckJEDI> will do that.  maybe i missed something
<redneckJEDI> your inspiration is much appriciated
<mgw> I'm building a package. Depending on the order of dh_installinit and dh_installdeb, the /etc/ files are either always updated or never updated. What I want is for dpkg to ask whether to replace if and only if both files have changed. I thought this was default behavior for conffiles. Any suggestions?
<Guest83103> hi, how do i enable anon delete on my ftp server? im running vsftpd
<Guest83103> hello?
<cfhowlett> Guest83103, greetings
<cfhowlett> Guest83103, can't answer, but you were seen ...
<Guest83103> damn
<Guest83103> im trying to add a website to my apache server via ftp
<Guest83103> not going so good man
<Guest83103> but i figured out how to edit the default apache page so i got that going for me
<Guest83103> i got this domain for .50 cents man www.thatonecomputergeek.com
<villf> hey guys im having some issues with my ubuntu server, i upgraded my server and now every time i boot i get this
<villf> http://www.picpaste.com/photo_1-MXWtKCUT.JPG
<villf> http://www.picpaste.com/photo_2-wWifVpea.JPG
<villf> http://www.picpaste.com/photo_3-zEY2DWCE.JPG
<villf> can any one help me or guide me on how to get my server to boot normally and not in degraded raid mode?
<hitsujiTMO> villf: are you on a live cd now?
<villf> no i am booted in degraded mode
<hitsujiTMO> villf: what type of raid?
<villf> i believe its raid10 software raid
<villf> i think i was first getting a md10 not found error before, but now i have the option to boot in degraded raid mode
<hitsujiTMO> villf: ok. can you boot a live cd
<villf> okay brb
<villaf> im booted in live cd now
<hitsujiTMO> villaf: ok: sudo apt-get install pastebinit
<hitsujiTMO> villaf: dmesg | pastebinit && pastebinit /var/log/syslog
<villaf> ubuntu@ubuntu:~$ sudo apt-get install pastebinit
<villaf> Reading package lists... Done
<villaf> Building dependency tree
<villaf> Reading state information... Done
<villaf> E: Unable to locate package pastebinit
<villaf> ubuntu@ubuntu:~$
<villaf> says unable to locate package pastebinit
<hitsujiTMO> villaf: sudo apt-get update && sudo apt-get install pastebinit
<villaf> hitsujiTMO , i pmed you the result
<villaf> E: Unable to locate package pastebinit
<hitsujiTMO> villaf: i can't see pms. can you enable the universe repo please. then try again
<villaf> im sorry im rather inexperianced how do i enable universe repo?
<villaf> sudo add-apt-repository "deb http://archive.ubuntu.com/ubuntu $(lsb_release -sc) universe"
<villaf> http://paste.ubuntu.com/6877358/
<villaf> http://paste.ubuntu.com/6877359/
<hitsujiTMO> villaf: seeing serious errors straight away: [    4.992198] EXT4-fs (sdb1): bad geometry: block count 244192478 exceeds size of device (262144 blocks)
<hitsujiTMO> [    5.084152] EXT4-fs (sdd1): bad geometry: block count 244192478 exceeds size of device (262144 blocks)
<villaf> is there any way i can somehow clone the data off that raid onto 1 500gig ssd drive?
<hitsujiTMO> villaf: i presume none of the drives are attached via usb?
<hitsujiTMO> villaf: usb issues: [  195.436267] hub 4-0:1.0: Cannot enable port 1.  Maybe the USB cable is bad?
<villaf> i have two 2 tb usb 3.0 drives attached to the server now, internally i have 4 500 gig sata drives
<hitsujiTMO> villaf: which drivers are involved in the raid?
<villaf> you mean drives? i think all four 500 gig western digital drives
<hitsujiTMO> drives*
<villaf> raid 1-0 or raid 10
<hitsujiTMO> villaf: ok. sudo fdisk -l 2>&1 | pastebinit
<villaf> http://paste.ubuntu.com/6877376/
<hitsujiTMO> villaf: sudo mdadm --examine /dev/sd[abcd]1
<villaf> sudo: mdadm: command not found
<hitsujiTMO> villaf: sudo apt-get install mdadm
<villaf> ever since i ran update of ubuntu this issue appeared
<hitsujiTMO> villaf: then once its installed: sudo mdadm --examine /dev/sd[abcd]1
<villaf> ubuntu@ubuntu:~$ sudo apt-get install mdadm
<villaf> Reading package lists... Done
<villaf> Building dependency tree
<villaf> Reading state information... Done
<villaf> The following extra packages will be installed:
<villaf>   postfix
<villaf> Suggested packages:
<villaf>   procmail postfix-mysql postfix-pgsql postfix-ldap postfix-pcre sasl2-bin
<villaf>   dovecot-common postfix-cdb postfix-doc
<villaf> am i supposed to be installing postfix?
<hitsujiTMO> villaf: no harm. it wont actually be used
<hitsujiTMO> villaf: or: sudo apt-get install mdadm --no-install-recommends
<villaf> http://paste.ubuntu.com/6877451/
<hitsujiTMO> villaf: sudo mdadm --examine /dev/sd[abcd]2 | pastebinit
<villaf> http://paste.ubuntu.com/6877455/
<hitsujiTMO> villaf: are you missing b in that last one?
<villaf> ?
<hitsujiTMO> villaf: are you missing b here? its missing from the output: sudo mdadm --examine /dev/sd[abcd]2 | pastebinit
<villaf> mdadm: No md superblock detected on /dev/sdb2.
<villaf> http://paste.ubuntu.com/6877474/
<hitsujiTMO> villaf: ok. serous problems then
<villaf> nice ;-/
<hitsujiTMO> villaf: lsblk | pastebinit
<villaf> http://paste.ubuntu.com/6877485/
<hitsujiTMO> villaf: sorry that last bit should be: sudo blkid | pastebinit
<villaf> http://paste.ubuntu.com/6877490/
<villaf> any glimmer of hope?
<hitsujiTMO> villaf: sudo mdadm --assemble /dev/md0 /dev/sda2 /dev/sdb2
<hitsujiTMO> villaf: well, it looks like one of the mirrors might be intact at least, ans one of the md parts may not actually be used so it might be ok
<villaf> ubuntu@ubuntu:~$ sudo mdadm --assemble /dev/md0 /dev/sda2 /dev/sdb2
<villaf> mdadm: no RAID superblock on /dev/sdb2
<villaf> mdadm: /dev/sdb2 has no superblock - assembly aborted
<villaf> i know my data is all there
<villaf> im able to boot in degraded mode and run apache and web server and all
<hitsujiTMO> villaf: might be best to recreate the raid0 on /dev/sda1 + /dev/sda2. then it my work.
<villaf> how do i do that
<hitsujiTMO> villaf: do you know what params were used to create the raid in the first place? is it documented?
<villaf> i have no documentation
<villaf> is there anyway we can tell if i boot it in degraded mode?
<villaf> when booted in degraded mode i have access to the local filesystem
<hitsujiTMO> villaf: not that i know of.
<hitsujiTMO> villaf: if you come back in a few hours there's a few peeps that me be able to help better than i can.
<villaf> is there anyway i can like mount the array in live cd
<villaf> and clone the data onto a clean 500gig ssd?
<villaf> and just boot from the ssd with no raid?
<hitsujiTMO> villaf: sudo mdadm --assemble /dev/md1 /dev/sdc2 /dev/sdd2
<villaf> mdadm: /dev/md1 has been started with 2 drives.
<hitsujiTMO> villaf: sudo blkid /dev/md1
<villaf> /dev/md1: UUID="49dc4e8e-6cff-4ace-9307-0278ca483289" UUID_SUB="987eb754-f646-5a97-ffe3-d0ba5f63df10" LABEL="server:10" TYPE="linux_raid_member"
<hitsujiTMO> villaf: sudo mdadm /dev/md2 /dev/md1
<hitsujiTMO> villaf: sudo mdadm --assemble /dev/md2 /dev/md1
<villaf> mdadm: An option must be given to set the mode before a second device
<villaf>        (/dev/md1) is listed
<villaf> mdadm: /dev/md2 has been started with 1 drive (out of 2).
<hitsujiTMO> villaf: sorry missed the option ^
<villaf> yay! i see it
<hitsujiTMO> villaf: sudo blkid /dev/md2
<villaf> its mounted
<villaf> /dev/md2: UUID="e506b79d-cd73-4d95-a61b-1ee3c169ad17" TYPE="ext4"
<hitsujiTMO> villaf: ok. you would need to change partitions in fstab and the grub config in /boot (boot is in one of /dev/sd[abcd]1)
<villaf> for the ssd?
<hitsujiTMO> villaf: yup
<hitsujiTMO> villaf: i have to sign off for a bit. good look
<villaf> i have no idea how to do that
<hitsujiTMO> villaf: get your data first anyway. thats the most important bit
<psivaa> starting from 20140129, trusty server minimal installs for amd64 is ~37MB larger than the i386 ones.	
<psivaa> it is roughly 32MB overhead that is being used in the smoke tests.	
<psivaa> i could not find the package that started the bloat.	
<psivaa> dont know the significance either. but could adjust the smoke test if this is not a big issue
<psivaa> jamespage: hallyn rbasak ^. just in case it interests you
<hallyn> psivaa: you say "it is roughly 32MB overhead used i the smoke test" - not sure what yo umean by that.
<psivaa> hallyn: i meant amd64 limit was 32MB more than that for i386 minimal installs, for install_size:
<psivaa> http://bazaar.launchpad.net/~ubuntu-server-dev/ubuntu-test-cases/server-tests-raring/view/head:/testsuites/minimal-virtual/test_install_size/test.py#L43
<mgw> I'm trying to figure out why my files in /etc are not being treated as described here: http://www.debian.org/doc/manuals/maint-guide/dother.en.html#conffiles
<ikonia> mgw: what do you mean ?
<ikonia> what's not happening that you expect to happen
<mgw> ikonia: depending on the order of dh_installinit and dh_installdeb, they're either always or never replaced
<ikonia> do you mean existing files are not replaced ?
<mgw> I think I figured it out, I think it was the order in the old package
<sarnold> hallyn: is this error message from useradd expected? "useradd: /etc/subgid konnte nicht gesperrt werden; versuchen Sie es spÃ¤ter noch einmal." https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1276714
<uvirtbot> Launchpad bug 1276714 in openssh "package openssh-server 1:6.2p2-6ubuntu0.1 failed to install/upgrade: Unterprozess installiertes post-installation-Skript gab den Fehlerwert 1 zurÃ¼ck" [Undecided,New]
<hallyn> sarnold: hm, no;  did useradd previously hang or something?
<hallyn> does /etc/subgid show up in /proc/locks?
<hallyn> oh i see:  line above that says "useradd: existing lock file /etc/subgid.lock without a PID
<sarnold> hallyn: oh cool! I've not seen /proc/locks before.
<hallyn> sarnold: well i don't see anything in dmesg, but it sure looks like a previous usermod/userad mustve crashed
<sarnold> hallyn: any idea what would lead to a crash in usermod/useradd?
<hallyn> no.  i thought we were pretty well protected
<sarnold> same here
<hallyn> rechecking termlog
<hallyn> well there is: adduser: Â»/usr/sbin/useradd -d /var/lib/nfs -g nogroup -s /bin/false -u 142 statdÂ« gab den Fehlercode 18 zurÃ¼ck. Programmende.
<hallyn> oh that came after the first lockfile
<hallyn> <shrug>  cani reproduce?
<sarnold> I haven't tried
<hallyn> well this is messed up.  ec2 host cant' fidn any nfs packages
<sarnold> hallyn: in a saucy VM I installed nfs-kernel-server without trouble. it obviously takes more than that alone..
<hallyn> sarnold: yeah ditto.  also can'tn reproduce it with 'for i in `seq 1 10`; do sudo usermod -w 90000-99000 ubuntu'
<sarnold> hallyn: well, alright, thanks for giving it a look. I'll keep an eye out to see if more like this show up..
<hallyn> sarnold: now really i guess usermod should remove the empty lock file if it exists.
<hallyn> sarnold: 'touch /etc/subgid.lock; usermod -w 99000-1000000 ubuntu' will never recover without manual intervention.  not sure if that's wanted
<sarnold> hallyn: it feels like cleaning up after stale locks is expected these days, but I understand the hesitation..
<hallyn> might be worth asking for his /var/log/syslog{,.*}
<Underbyte> Quick question: when do the rules (conf files) for the cgrules and cgred daemon take effect? Do i need to restart my box? or will restarting the daemons suffice?
<jrwren> not what I want to see on Ec2: Feb  5 20:33:22 heed-1 kernel: [84730.984521] apt-get[6130]: segfault at 7f9fff1dd154 ip 00007fa0004b41c9 sp 00007fff37c00f70 error 6 in libapt-pkg.so.4.12.0[7fa0003df000+121000]
<sarnold> almost nothing requires restarting the whole machine -- kernel upgrades require it, libc upgrades mostly require it. Most evreything else could be done some way to not require reboot..
<sarnold> jrwren: o_O odd.
<sarnold> Underbyte: so, based on that, I think restarting the daemon should be sufficient :)
<jrwren> sarnold: very odd. this makes me very sad.
<jrwren> oh well, worked around
<sarnold> kirkland: I thought you'd like this http://blog.cr.yp.to/20140205-entropy.html
<kermit> how can i make apt install things without worrying about some unrelated broken dependancies?
<sarnold> kermit: what do you mean?
<bekks> kermit: if you do so, you would break your box.
<bekks> kermit: dependencies and the unability to ignore them being broken saves you from breaking your box.
<bekks> kermit: Whats the actual problem leading to your question?
<kermit> not being able to install things with apt is fairly broken..  http://pastebin.com/M0RpwNVH    i dont want it to touch my pidgin setup, i want to keep the version i'm using.
<sarnold> how on earth did you get your system so broken in the first place? o_O
<bekks> o.O
<bekks> Wow, that looks broken far beyond messed up pidgin deps.
<sarnold> I mean, I can appreciate juts wanting to leave all that mess alone and getting bcrypt installed, but .. wow.
<sarnold> kermit: my first thought it abusing the equivs package to build up some fake packages with matching version numbers, but .. I don't think that would work well, since you want the real packages installed.
<sarnold> kermit: that'll be difficult to maintain.
<sarnold> kermit: good luck :) time for me to run
#ubuntu-server 2014-02-06
<axisys_> getting this error ...
<axisys_> getopt unrecognized option --fstype=ext2
<axisys_> so kickstart config is wrong?
<axisys_> raid /boot --level=1 --device=md0 --fstype=ext2 raid.01 raid.03
<axisys_> trying to boot lts
<axisys_> not much help from google
<jrwren> kickstart or preseed?
<axisys_> jrwren: kickstart
<axisys_> ks=cdrom:/ks.cfg in the append line
<jtran> anyone know why after a fresh install of precise on a 4tb /dev/sda I always get grub console>  ?
<jtran> the only way i can get it to work is if prior to installation i boot from livecd and use parted to create a msdos label
<jtran> then install then everythign works.  However, if i need to reinstall (guided partitioning use entire disk without lvm) , it always ends up w/ the same grub console> instead of booting into the os
<Kei1ch> Hey, I'm new to setting up webservers, and was wondering what I need to get to run my PHP scripts
<bwk1> does ubuntu server 1310 come with php servers sql server ruby etc?
<bwk1> is there a list of the type of daemons you can get for ubunter server?
<Kei1ch> I don't think so
<bwk1> I don't really know what they're called, but I want support for them on a web server.
<Kei1ch> ohh nvm I
<Kei1ch> ve got it
<bwk1> nvm I'll just get LAMP :)
<bwk1> :|
<Kei1ch> My PHP script won't receive input from a form and send it to my email
<Kei1ch> is it because I am using gmail? what should I use?
<jrwren> axisys_: allow me to discourage use of kickstart and encourage use of preseed?
<axisys_> jrwren: lot simpler to define raid/lvm/parition size is lot simpler with kickstart .. let me know why you are discouring..
<jrwren> preseed is better for ubuntu/debian IMO.  kickstart is some redhat stuff
<axisys_> jrwren: if you worked with preseed to define raid/lvm/size.. you know how scary the config looks like..
<jrwren> yup
<jrwren> its a pain
<axisys_> ;-)
<axisys_> which is super super simple with kickstart
<jrwren> cept it don't work
<bwk1> is ther a command to free all cached ram?
<jrwren> no, why would there be?
<bwk1> cached ram means?
<bwk1> that it is just on reserve?
<bwk1> I just don't understand why my comp is using all 8 gigs of ram.
<jrwren> woudl you rather it NOT use all the resources it has at its disposal?
<jrwren> google for linux bufcache
<bwk1> jrwren: just confused abotu it.
<jamespage> zul, how would you feel about taking the haproxy from experimental for trusty? its still a dev release but includes the SSL termination stuff
<jamespage> which I think neutron is going to rely on
<makara> hi. I'm trying to set a static IP, following this: http://www.howtogeek.com/howto/ubuntu/change-ubuntu-server-from-dhcp-to-a-static-ip-address/
<makara> it says to remove dhcp-client, or dhcp3-client
<makara> i don't have those. But I see from `ps aux` dhclient3
<makara> i've uninstalled isc-dhcp-client, but when I restart networking I still see dhclient3
<makara> problem is solved, but what's up with dhclient3?
<Blinky_>  Hi guys, could someone please tell me how to set the permissions on my /var/www directory so that new adding files can be seen on the website?
<PricelessTalk> chmod a+rx * -Rf
<rbasak> zul, jamespage: did you get anywhere with a micro-release exception for mysql-5.5? I spoke to upstream about it at FOSDEM, and they've kindly drafted an application. Shall I send it on to the tech board?
<rbasak> Also, we've not previously applied for mysql-5.5, right? Or have we?
<rbasak> jamespage_: did you get anywhere with a micro-release exception for mysql-5.5? I spoke to upstream about it at FOSDEM, and they've kindly drafted an application. Shall I send it on to the tech board?
<jamespage_> rbasak, I've not done it yet - can I take a peek?
<rbasak> jamespage_: I'll forward it.
<jamespage_> ta
<jamespage> rbasak, looks good
<rbasak> jamespage, jamespage_: thanks. I'll sort out the application then.
<NeverHere> I have been to httpd and they told me to come here, im trying to reinstall apache2 on ubuntu 12.04 but for some reason its not installing into /etc/
<jamespage> rbasak, that would be much appreciated - thankyou!
<jamespage> NeverHere, did you delete your /etc/apache2 files manually?
<NeverHere> jamespage, yes
<jamespage> ah
<NeverHere> jamespage, is it possible to get the files from somewhere?
<jamespage> NeverHere, yes
<jamespage> NeverHere, I think its : apt-get -o Dpkg::Options::="--force-confmiss" install --reinstall <pkgname>
<NeverHere> thanks
<jamespage> NeverHere, for furture reference "apt-get remove"  does not drop files from /etc
<jamespage> apt-get purge does
<jamespage> (and leaves the system in the right state afterwards)
<NeverHere> jamespage, someone messed up the config files
<jamespage> cheerio
<NeverHere> jamespage, I got it, but now i need to load its modules do i just mv them to the mods-loaded dir?
<jrwren> a2enmod
<w0rmie> isc-dhcp-server restart: job failed to start (under 12.04 LTS)
<w0rmie> any ideas?
<TJ-> w0rmie: Check the syslog
<w0rmie> TJ- : init: isc-dhcp-server pre-start process (2832) terminated with status 1
<TJ-> w0rmie: Very helpful :)
<w0rmie> TJ- : me or the syslog lol
<TJ-> w0rmie: Have changes been made to the dhcp configuration recently?
<w0rmie> yes, i am making a configuration for pxelinux.0
<TJ-> w0rmie: OK, do "sudo dhcpd -t" which will test the configuration and report errors
<w0rmie> TJ- : ok it shows that there are some errors, i am fixing them, hope i can test after couple minutes.
<TJ-> w0rmie: most daemons have some way of doing an offline test of the config file before you deploy it, and some (like dhcpd) allow you to specify a different file to test (so you avoid making edits to the live config)
<tom_af> hi is this where I should post something about a failing package mirror for Amazon EC2?
<sarnold> tom_af: #ubuntu-mirrors may be better; check the /topic to see if there is a vanguard at the moment, if so, use their nickname in the report
<tom_af> @sarnold yes, I'm trying there too, though there isn't a vanguard
<sarnold> tom_af: darn. hopefully one will arrive eventually.
<tomixxx3> hi, i have two network interface cards plugged into my ubuntu-server, now i have rebooted and one card is not working anymore, if i type "ifconfig" i cannot see it anymore
<gammalget> tomixxx3: dmesg says?
<hallyn> jdstrand: hi, bug 1276719, I suppose to handle that safely we would need to have virt-aa-helper detect VFIO?
<uvirtbot> Launchpad bug 1276719 in libvirt "apparmor denies VFIO passthrough: RLIMIT_MEMLOCK and /dev/vfio/XX" [Undecided,New] https://launchpad.net/bugs/1276719
<tomixxx3> gammalget: a lot of entries
<gammalget> tomixxx3: ah, truth..
<gammalget> If you do.
<gammalget> dmesg | grep eth1
<tomixxx3> gammalget: it says link is not ready
<rbasak> tomixxx3: have you tried "ifconfig -a"? "ifconfig" only shows you configured cards.
<rbasak> tomixxx3: also look at mii-tool and/or ethtool to see connection status.
<tomixxx3> rbasak: y, ifconfig -a shows me eht1 but the interface gets no ip
<tomixxx3> rbasak: it should get one from the dhcp
<tomixxx3> rbasak: and now, i always get a dialog after reboot indicating some "system problem detected"
<gammalget> have you changed the "mac address" if virtual?
<gammalget> Then udev rule 70-net kicks in.
<tomixxx3> no
<rbasak> tomixxx3: a dialog? Are you sure this is a server?
<tomixxx3> rbasak: i ve installed gnome as a GUI :-)
<gammalget> tomixxx3: oh.
<rbasak> tomixxx3: then you could have interesting interactions with NetworkManager. Out of scope for me now, sorry.
<gammalget> did it install "network-manager" too?
<gammalget> rbasak: :)
<tomixxx3> gammalget: "network", "network tools" are listed as applications
<sarnold> tomixxx3: "dpkg -l network-manager"
<gammalget> tomixxx3: dpkg -l | grep network-manager
<gammalget> I'm slow nowdays.. Starting to get old :D
<tomixxx3> gammalget: 4 red words listed
<tomixxx3> i guess this means "yes"
<tomixxx3> eht1 worked yesterday perfectly
<gammalget> does it say ii - network-manager
<gammalget> or rc - network-manager
<tomixxx3> yes
<tomixxx3> the problem dialog says "system program problem detected" but WHERE can i see details to the problem?
<tomixxx3> AAAAAAAAAAAAAAAAAAH
<cyphermox_> tomixxx3: ls -l /var/crash
<tomixxx3> sorry
<cyphermox_> you'll know what failed.
<tomixxx3> ahh, some problems with maas
<tomixxx3> but i guess this has nothing to do with a working ethernet card?
<cyphermox_> if you don't care you can just remove all files in that directory, but I encourage you to file the bugs for those
<cyphermox_> tomixxx3: you can't know just from the file name
<cyphermox_> (hence why I say file the bug)
<cyphermox_> ubuntu-bug /var/crash/<.crash file>
<gammalget> gammalget: What is the last thing that you installed?
<gammalget> tail /var/log/apt/history.log
<rbasak> jamespage: see bug 1276909 - arm64 in juju-core. Do you want a distro patch for this?
<uvirtbot> Launchpad bug 1276909 in juju-core "error detecting hardware characteristics: unrecognised architecture: aarch64" [Undecided,Triaged] https://launchpad.net/bugs/1276909
<tomixxx3> "sorry, ubuntu 12.04 has experienced an internal error."
<gammalget> tomixxx3: when you did the tail?
<tomixxx3> gammalget: i have done this tail
<gammalget> there you see the last installed/updated packages.. Anything "big" installed before the last reboot?
<tomixxx3> gammalget: yeah, i have installed some images for maas-server
<tomixxx3> i _will_ uninstall maas agbain.... sth strange going on here
<gammalget> tomixxx3: Humm, I am not familiar with maas. I'm sorry.
<tomixxx3> kk
<sarnold> I suspect maas will not expect network-manager
<gammalget> Never messed with it on physical servers, only virtual and only boot up and try :)
<tomixxx3> i could cry these days ^^
<sarnold> tomixxx3: your network configuration is special enough that you might do much better to purge network-manager and related stuff and manage your NICs yourself. Dunno how well a MAAS headend will handle also being a NAT system if you're doing that for your other machines
<tomixxx3> 1 step forward, 2 steps back all the time
<sarnold> tomixxx3: (or did you find out from your IS staff if you can plug multiple machines right into a switch?)
<tomixxx3> sarnold: i got a routing-script from #maas-guys which should solve some problems
<tomixxx3> sarnold: however, first i need to get eth1 work again...
<sarnold> tomixxx3: oh, nice!
<gammalget> tomixxx3: well, I guess that just like sarnold says.. maas is not used to work in a network-manager enviroment.
<tomixxx3> kk, so i sould remove network-manager?
<tomixxx3> k, i have purged this network-manager
<sarnold> tomixxx3: maybe. it'll be a huge change for your local networking, so I suspect it'll feel like four or five steps backwards. But I think the end result will be more predictable.
<tomixxx3> :( hope so
<tomixxx3> how can i activate a ethernet card? eth1 is in state "inactive"
<tomixxx3> i dont understand this: i do "sudo ifup eth1" it says" interface eth1 already configured but if i do "ifconfig" i cannot see eth1
<sarnold> tomixxx3: ifup is a nice wrapper around e.g. /etc/network/interfaces
<parallel21> ifconfig -a
<tomixxx3> yeah, i can see eth1 with ifconfig -a
<tomixxx3> but it gets no ip
<parallel21> dhclient eth1?
<sarnold> tomixxx3: you will probably want to use lower-level tools like ifconfig or ip to configure the interface before converting that into /etc/network/interfaces configuratoin
<tomixxx3> parallel21: commant not found
<parallel21> oh... because you purged network-manager maybe
<parallel21> Hrmm...
<tomixxx3> k, i will reinstall it
<tomixxx3> damn, i have no access to inet
<sarnold> tomixxx3: what do you intend to do with eth1? will it be your dhcp server for your downstreams? or is that how you connect to your uni?
<parallel21> eep
<tomixxx3> sarnodl: connection to uni
<parallel21> set ifconfig ip manually
<tomixxx3> for eth1
<parallel21> yeah, I mean do you know an ipaddress and netmask and the like?
<tomixxx3> ive only ip and subnet
<parallel21> I imagine you can guess the gateway
<tomixxx3> nothing works here - ah - it makes me crazy! even things, EVER worked, does not work anymore...
<sarnold> tomixxx3: you've got old packages in /var/cache/apt/archives/
<sarnold> tomixxx3: but I think you'd be better off using a standard dhcp client rather than relying upon network-manager scripty things.
<parallel21> sarnold: Doesn't --purge remove the packages?
<sarnold> parallel21: --purge uninstalls the package and deletes the configurations
<parallel21> I did not know that.
<sarnold> parallel21: --purge leaves alone the apt cache, that is managed via apt-get clean
<sarnold> look into /var/cache/apt/archives/, you probably have a few hundred packages in there :)
<parallel21> Oh
<parallel21> I'm taking a look see now
<tomixxx3> yeah, there are a lot of packagesf
<tomixxx3> sd
<sarnold> it'll get you out of some seriously inconvenient situations, and if you ever need to free up a few gigabytes in a hurry, there you go :)
<tomixxx3> so, maybe i should execute "apt-get clean" ?
<sarnold> tomixxx3: no.
<sarnold> tomixxx3: you can dpkg -i one of those network-manager packages if you wanted it badly enough..
<parallel21> I have a whole gig of packages, who knew?
<tomixxx3> hmm, now i switched the cables and now eth0 does not work so i guess it has nothing to do with the ethernet cards
<parallel21> did you get dhclient back?
<tomixxx3> no, i have no internet-access
<tomixxx3> because eth0 now gets no ip
<tomixxx3> instead of eth1
<tomixxx3> what the hell is going on here, maybe some admin locked the MAC addresses?
<sarnold> could be, especially if you exposed a DHCP server to their network.
<tomixxx3> yeah
<tomixxx3> hmmm, now i did "sudo ifup eth0" and i get the following response: "RTNETLINK answers: Network is down"
<sarnold> did you configure /etc/network/interfaces correctly for eth0?
<parallel21> looks like it is part of isc-dhcp-client
<tomixxx3> sarnold: auto eth0 iface eth0 inet dhcp
<tomixxx3> sarnold: and there are some other statements but commented
<sarnold> tomixxx3: and ethtool or mii-tool?
<tomixxx3> ok, it seems one comment sign "#" was not separated with whitespace from one line
<tomixxx3> now the message is gone but it says "run-parts: /etc/network/if-up.d/avahi-autoipd exited with return code 2
<tomixxx3> "please enter your password to access problem reports of system programs"................... which _password_ do i need here?
<sarnold> user password
<tomixxx3> does not work
<tomixxx3> i swear
<sarnold> check capslock?
<tomixxx3> no capslock
<tomixxx3> i have tried it all the time, on multiple reboots, never worked
<semiosis> jdstrand: ping
<tash> anyone in here using Ubuntu MAAS to pxe boot servers on the network? I'd like to use something to deploy Ubuntu Server via pxe
<tash> seems like it might work, but looking for opinions
<sarnold> tash: I've used it in VMs, it looked neat, but I suspect a simple pxe bootserver would be easier to configure and use you're not using the rest of maas
<zul> hallyn:  ping
<hallyn> zul: hey
<zul> hallyn:  im going to move pm-utils from suggested to recommends for libvirt ok?
<hallyn> zul: sounds good
<hallyn> is it currently included in the server seed?
<hallyn> (wondering if we're going to grow the server iso)
<zul> hallyn:  its in main so should be ok
<hallyn> alrighty
<med_> jamespage, zul, why do all of the openstack docs say to remove the ubuntu dashboard as it is broken (upstream github openstack-manuals which also appear online as OpenStack docs)
<med_>   apt-get remove --purge openstack-dashboard-ubuntu-theme
<med_> (claims are that it is broken in Grizz and Havana)
<zul> wtf
<hallyn> smb: mjt points out that commit 360e607b88a2 in upstream qemu should be needed for xen using qemu (since 1.6).  have you run across anything likethat?
#ubuntu-server 2014-02-07
<jamespage> med_, well it might be in icehouse - but it should be ok in grizzly and havana
<tucemiux> how do you guys suggest I configure the management of upgrades?  Do it automatically or use landscape?
<cocoa117> what's the easiet way for linxu admin to get code onto all his controlled machine?
<cocoa117> other then write a virus, :)
<ciastek> cocoa117: i use ansible [1], but am not sure, if it's the easiest way. [1] http://docs.ansible.com/
<mardraum> puppet or something? rsync and scripts?
<cocoa117> ciastek, ok, thanks, i have look
<cocoa117> shame, we have to pay for ansible for more then 10 machines. is anyone here using it for home usage?
<smb> hallyn, No but I did not run XP. And it also depends on whether one uses xm or xl and xl only for Saucy because before that both were using the xen specific fork (aka qemu-xen-legacy)
<cocoa117> No, wait there is github!!!
<smb> hallyn, Ok, so potentially we want to pick that patch for Trusty. Saucy still had qemu-1.5 which should not be affected.
<makara> hi. What certifications should someone follow interested in Ubuntu Server, Ceph - basically provisioning for a dev shop
<daaaaaaaaa>  Hello! I want to mount a hard drive from one ubuntu server to another, want to mount it under like /home/user/hdd1, wich would be the easiest way to do this?
<makara> mkdir /home/user/hdd1; sudo mount /dev/sdx /home/user/hdd1
<daaaaaaaaa> Dont i need to use NFS to do this over internet?
<makara> we need a server provisioned every day, and the sysadmin needs upsmarting because its taking too long :)
<hxm> im using log watch, but I don't find if I can ban ips automatically
<hxm> in example after N fail ssh logins
<geser> take a look at fail2ban
<rbasak> hxm: you want something like fail2ban for that
<rbasak> hxm: I think there's another alternative too, but I don't remember what it is right now.
<hxm> oh, thank you so much, there i go
<hxm> fail2ban is pretty nice
<rbasak> I don't like its principle of operation. Parsing textual log files feels error-prone. I wonder what arbitrary text I might be able to inject into your logfile
<rbasak> ?
<rbasak> And then fail2ban must parse that and it must run as root.
<hxm> but log files are owned by root no?
<hxm> supposed fail2ban prevents the brute force, not fix the already-joined-in
<geser> didn't fail2ban have that error that it also triggered if you used the error as the ssh user?
<PricelessTalk> rbanffy deny host is an alternative
<hxm> at the moment I see nothing wrong
<geser> CVE-2013-2178 which should be fixed now
<uvirtbot> geser: The apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and apache-overflows.conf files in Fail2ban before 0.8.10 do not properly validate log messages, which allows remote attackers to block arbitrary IP addresses via certain messages in a request. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2178)
<rbanffy> PricelessTalk, ?
<PricelessTalk> DenyHosts is an alternative to fail2ban
<PricelessTalk> ssh only though
<geser> http://seclists.org/oss-sec/2013/q4/535
<geser> that's the issue I recently read about
<rbasak> hxm: logfiles that fail2ban parse typically contain untrusted data. This exposes fail2ban to more risk than necessary, since in theory the banning could be done at failure time with no parsing of untrusted input. It means that there is a bigger attack surface than there needs to be.
<hxm> but my log file is full of http scanning botnets and many brute-force attacks to default directories /phpmyadmin /admin /login.php and same thing with ssh port
<hxm> apart of an iptables rule what software can manage that properly? better than fail2ban
<rbasak> So what? You want to hide the evidence and pretend that people aren't trying to break in? Sure, use fail2ban then.
<mardraum> "welcome to the internet"
<hxm> no, I don't want to hide the evidence, I know this is the world where I am but I just don't want make it so easy
<rbasak> Does it really make it harder? Attackers control many IPs. Banning them is like playing whack-a-mole.
<hxm> okay I just miss the times of irc war
<rbasak> OTOH, using fail2ban introduces more attack surface. What if someone targets fail2ban?
<rbasak> It's a tradeoff. There's no clear answer. I just like it the other way.
<mardraum> the times of irc war?
<jpds> hxm: What kind of website are you running?
<rbasak> (and I use AppArmor to contain any vulnerable daemons, use write-only backups to another system, etc)
<hxm> i just have a dedicated server with a few websites, an commerce and other stuff
<patdk-wk> why must fail2ban run as root?
<patdk-wk> and how is the user injecting their own crap into logfiles
<patdk-wk> if invalid user data is going into a log file, that is the same security issue as basically sql injection
<jpds> patdk-wk: Sounds like they were faking the IPs of the connect to Apache, and fail2ban banned the IPs.
<patdk-wk> that doesn't work
<patdk-wk> if you spoof a tcp connection, the connection doesn't get created
<patdk-wk> and apache doesn't log anything
<patdk-wk> ip spoofing is limited to connectionless protocols
<rbasak> patdk-wk: it must run as root to inject iptables rules, surely? And the user selects usernames, URLs, user agents, etc. All of that ends up in the log files.
<rbasak> patdk-wk: you assume that fail2ban correctly understands the escaping mechanism of everything that writes to the log files, so that it can extract what it needs correctly.
<rbasak> patdk-wk: and also that everything that writes to log files does in fact escape everything correctly.
<geser> https://vndh.net/note:fail2ban-089-denial-service describes the problem nicely
<patdk-wk> fail2ban runs in 2 parts
<rbasak> I'm not saying that there's a specific vulnerability (I'd have reported it if I knew about any). I'm saying that it's at risk.
<patdk-wk> a client, reading logs, and a server injecting iptables
<sarnold> patdk-wk: iirc, there were problems with fail2ban being run on log files that just logged, without mangling, data supplied by clients. they didn't spoof their IP, they simplied supplied user-agent strings or user names or whatever that looked like new log entries. hey-prestro, fail2ban will happily lock out real admins
<patdk-wk> personally, I never have it touch iptables directly
<sarnold> the numbre of people surprised: 0
<sarnold> hehe
<patdk-wk> oh, that is just a logging issue then, or a fail2ban reading log issue
<sarnold> logging issue
<sarnold> not much fail2ban could do about it
<rbasak> geser: thanks. That explains my point exactly.
<patdk-wk> I'm logging to a database
<rbasak> patdk-wk: doesn't matter where the issue comes from. That's why I said I didn't like its principle of operation.
<patdk-wk> and use sql to locate abuse
<geser> and you use regex in the SQL queries?
<patdk-wk> no
<patdk-wk> and if I did
<patdk-wk> say I used regex sql, issue?
<sarnold> patdk-wk: hah, yes, a well-formatted database would nicely side-step the issue.
<patdk-wk> but the real issue is, sloppy log formatting, and/or sloppy regex matching
<rbasak> No, the real issue is a principle of operation that is vulnerable to sloppy log formatting or sloppy regex matching.
<patdk-wk> rbasak, if that was followed, there would be nothing
<patdk-wk> cause nothing would be made unless it was perfect
<rbasak> As I say, it's a tradeoff. Here, I don't think fail2ban is worth the tradeoff. It doesn't buy you much.
<rbasak> Sure, there will be cases where fail2ban might save you. There also might be cases where fail2ban might make you vulnerable.
<rbasak> IMHO, fail2ban isn't worth the benefit. YMMV.
<hallyn> smb: mjt has cherrypicked it into debian-qemu yesterday:  http://anonscm.debian.org/gitweb/?p=pkg-qemu/qemu.git;a=commit;h=bd910ee4b6e8e68bd1758d008c3cfcbccb6edb49
<patdk-wk> ya, that whole fail2ban issue is sloppy regex
<patdk-wk> they didn't follow basic rules of fixing the strings to the beginning of hte line
 * patdk-wk wonders if there is a way to slip in a newline
<smb> hallyn, Ok, so if we pull from Debian we will get it. If we do rebase again for T of course
<hallyn> smb: yup i'm going to do a merge on march 1.
<sarnold> vlad_sta_: https://lists.ubuntu.com/archives/ubuntu-announce/2014-February/000180.html
<smb> hallyn, wfm, at least we don't have an issue to worry about for older releases. :)
<vlad_sta_> sarnold: Hi. Nice, 3.11 kernel. Will try it.
<sarnold> vlad_sta_: cool! I hope that one works for you. :) if not, please file bugs...
<vlad_sta_> sarnold: yep. thanks for good wishes :)
 * beisner is here.  good morning!
<MavKen> can someone point me in the right direction... I want to create a script to automate creating a new user, creating a mysql username and db for that user and a few other things.  From the command line I want to enter "mavapp username" and then it plug in the username as a variable in my script file.  Is this possible and if so, what is that process called so I can do some googlin?
<MavKen> Thanks
<sarnold> MavKen: look at the adduser(8) manpage; there's a hook file, /usr/local/sbin/adduser.local, that you could use for creating your database users and so forth
<MavKen> thanks!  will check it out
<sarnold> MavKen: (of course if you don't want every newuser t oget database credentials and so forth, it might be easier to just write your own script for it all.)
<MavKen> ok.  I have the script written, just not sure how to make it work from the command line.  For example I want to have 2 commands that I can use, "mavapp addclient username" and "mavapp remclient username" and use the username variable in the script.  Some of the script involves mailing out initial password and instructions to change pass.
<sarnold> MavKen: the details of that would depend upon the language you've used; bash would use $1 and $2 and so forth, C would use argv[1], argv[2], and so on
<MavKen> my only experience is as a front end developer using php/mysql... what would be the easiest?  Basically, I have a text file right now of each command I normally enter 1 by 1 for when I add a new client or remove.  If I can get this to work, would help avoid the need for cpanel
<sarnold> MavKen: that is awfully close to a bash script; this might be helpful: https://help.ubuntu.com/community/Beginners/BashScripting http://tldp.org/LDP/abs/html/index.html
<MavKen> thanks
<MavKen> is it possible to use php cli and run system commands as root?
<sarnold> MavKen: yes, but that terrifies me. PHP is .. not a precise language.
<MavKen> ok
<shredding> Hey all.
<shredding> Is this crontab meaning it's running at 15 past 12: 12 */4 * * *?
<Pici> No. Its running every 4 hours at 12 minutes past.
<sarnold> crontab lists minutes, hours, DOM, mon, DOW -- that ought to run at 0:12 4:12 8:12 12:12 16:12 20:12
<shredding> Pici: So basically 6 Times a day?
<shredding> Thanks!
<shredding> sarnold: Thanks!
<w0rmie> cp: cannot stat '/./home/server/.gvfs': Permission denied.
<w0rmie> even i set /home/server to chmod 777 and recopy again i get the same permission failure.
<w0rmie> i am under ubuntu server 12.4 LTS with xubunto GUI installed
<w0rmie> any ideas?
<smb> roaksoax, Looks like people start "complaining" about the progress of bug 1185756 ;)
<uvirtbot> Launchpad bug 1185756 in drbd8 "drbd8-utils not compatible with linux-lts-raring kernel in 12.04" [High,Confirmed] https://launchpad.net/bugs/1185756
<roaksoax> smb: argh! sorry.. been pretty busy lately! I'll get to that!
<smb> roaksoax, Cheers. :) Or find someone willing and with the right powers. ;)
<roaksoax> smb: i'll talke care of it now. So the  https://launchpadlibrarian.net/151933272/debdiff-raring.patch is debdiff between what we have in raring/saucy against the latest?
<smb> Let me make sure
<roaksoax> smb: it is just raring it seems
<smb> roaksoax, Yeah, I think it is (for the sake of simpler patch)
<smb> So changes I mean what is on top of saucy/raring version
<smb> The source package should be on chinstrap
<smb> roaksoax, ~smb/4review
<roaksoax> smb: cool thanks
<smb> hm... not yet but soon
<smb> ok now
<smb> roaksoax, So I also put a debdiff between current P and the new R/S version. Of course that looks scary as one would expect
<roaksoax> smb: are we sure we only want 8.4.3 (which is in saucy) or we want 8.4.4 what's in trusty?
<smb> roaksoax, right now I'd say 8.4.3 and then check again before T gets out
<roaksoax> smb: ok cool
<rostam> HI how to set unlimited file handles on a particular user?
<sarnold> rostam: does this user log in or is it a service user?
<bekks> Whats the actual problem behind all that?
<rostam> sarnold,  log in
<RoyK> rostam: you can use ulimit or setrlimit(), but the global limit will be the max
<sarnold> rostam: /etc/security/limits.conf
<rostam> RoyK ,  sarnold  thank you.
<MavKen> anyone happen to know if centos has something similar to tasksel?
<MavKen> any recommended open source control panels?
<w0rmie> how can i adjust the TFTP server timeout response?
#ubuntu-server 2014-02-08
<MavKen> is there a way to automatically have a mysql user/db created when I use adduser ?  and then for it to be removed when deleting a user?  I also want the /home/user director removed after deleting user
<shauno> MavKen: adduser can run a script when it creates a user (it's subtle in the docs, look for adduser.local in adduser's manpage).  however, it doesn't have access to the user's password, which would complicate issues.  (ditto for man deluser -> deluser.local)
<MavKen> ok... wonder if I could create it so that it generated a random password and then used sendmail to send it out
<halvors> I've setup a slave dns server with bind9 on ubuntu. But it doesn't write the records received from its master. This because of apparmor, may anyone help me figure out the issue. I don't hav eany idea :(
<halvors> Here is the error i'm getting in syslog: http://pastebin.com/uKHE4bFb
<rostam> HI general question , I need to  choose a system management software, I am wondering to choose either Puppet or salt. Any recommandation greatly appreciated? thx
<NeverHere> Is there a way to reinstall the default config files after apt-get purge?
<teward> NeverHere, reinstall the package after the purge, maybe.
<NeverHere> teward, i did apt-get install but the config files did not come back
<teward> what package if I may ask
<NeverHere> postfix
<NeverHere> for sasl
<gdeeble> If i'm running a file server and install squid, will it work even though it's not a gateway? I'd like it to be there for caching purposes
<LLKCKfan> Is there any natural ways to relieve pain without using herbs or weed? No drugs
<cfhowlett> LLKCKfan, you are clearly in the wrong channel
<cfhowlett> !ot|LLKCKfan,
<ubottu> LLKCKfan,: #ubuntu is the Ubuntu support channel, for all Ubuntu-related support questions. Please use #ubuntu-offtopic for other topics (though our !guidelines apply there too). Thanks!
<mapps> hi
<LLKCKfan> hi
<mapps> having trouble with squid and squidguard..compiled squidguard from source..thought i was working but when i run squidguard -C all on the blacklists its just sitting there
<mapps> and i dont think it's working as the squidguard site says it should say started..
<codenomics> howdy
<codenomics> got a python file that I want to start at boot and can't find a good way to do this, any recommendations?
<cfhowlett> !python
<ubottu> python is a popular Object Oriented scripting language included in Ubuntu. For more on Python please see http://www.python.org/ or #python
<codenomics> well that was helpful
<codenomics> are you telling me to go ask in #python?
<cfhowlett> codenomics, of course - they ARE the experts ...
<codenomics> um... this is not a python question more as a "how do I get things to start at boot" question
<mardraum> codenomics: man 5 crontab
<codenomics> um... ok
<codenomics> nevermind
<codenomics> I will continue to google it
<mardraum> can't read?
<codenomics> I can read
<codenomics> I can read just fine
<mardraum> "Instead of the first five fields, one of eight special strings may appear:" string @reboot  meaning Run once, at startup
<codenomics> I know
<codenomics> read that
<mardraum> good on you.
<codenomics> trying to 30 minutes of reading to do this one little thing
<codenomics> trying to avoid**
<mardraum> yeah, I hate learning too.
<codenomics> yeah, that is exactly what I said
<mardraum> even when some chucklenuts on irc gives you the exact answer to a vaguely worded question.
<codenomics> also, been told this is not the right way to do it
<codenomics> vaguely worded? how was that vague?
 * cfhowlett bookmarks "chucklenucks" ...
<mardraum> sounds like you know more
<codenomics> I have a python file that I want to run at boot...
<mardraum> why is this "not the right way"?
<codenomics> mardraum: I have no idea... please read what I type... "been told this is not the right way"
<mardraum> well that clears it all up
<codenomics> oh screw it... not going to argue with the buntu trolls
<codenomics> nevermind, will ask elsewhere
<LLKCKfan> Is there any natural ways to relieve pain without using herbs or weed? No drugs
<mardraum> hit your head against the keyboard
<mardraum> why would you keep asking that here?
<cfhowlett> mardraum, don't feed
<NeverHere> how can i create a mailbox for a user and not have then access to the server its on
<NeverHere> *them
<bekks> Create a virtual mail user. You may have to configure your mailserver to do so first.
<NeverHere> how do you do that?
<bekks> That depends on the mailserver you are using.
<NeverHere> postfix
<NeverHere> well
<bekks> https://help.ubuntu.com/community/PostfixCompleteVirtualMailSystemHowto
<NeverHere> thanks
<vedic> Hey guys, I run a small office of 10 people. Currently I don't have any network monitoring & control mechanism. All the users surf the stuff that they should not visit during office hours.
<vedic> Also want to block torrent etc. How to setup such a server to monitor? Does setting up a proxy server through which all traffic should pass is the right way?
<vedic> Could you suggest tutorial and tools for that?
<Seveas> vedic: generally one would block direct internet access and enforce the use of a proxy (e.g. squid). And in the proxy you can enforce things like 'no facebook'.
<mardraum> that's the most straightforward technical solution, but I can't help but think in a office of only 10 people you have a HR or rather Management issue.
<mardraum> (the technical solution may make that worse. It won't solve it).
<vedic> mardraum: You can monitor all the employees all the time specifically if some of them work in shifts (time rotation).
<vedic> mardraum: You can't
<vedic> Seveas: Thanks. I will read more on squid
<mardraum> I'm not suggesting you monitor them
<mardraum> I'm suggesting you fix the people problem by perhaps giving them clear guidelines about what is ok and what is not
<mardraum> torrenting at work? not ok
<mardraum> some personal use? ok
<vedic> mardraum: Making guidelines and enforcing them are two different things
<vedic> If every body in the world follow guidelines then we don't need police
<mardraum> good luck man.
<vedic> mardraum: I agree with you that there should be guidelines. I am not creticising but just highlighting the point that setting up technical solution do have their advantages
<Seveas> I'm with mardraum on this. We (company with 7000+ employees) only enforce the use of a proxy to enforce the use of virus scanning and blacklist malicious urls (e.g. known phishing urls)
<vedic> why can't both go hand in hand
<Seveas> other than that one should not solve people problems with technology.
<vedic> Seveas, mardraum: Setting up a firewall and preventing all to access internet directly has many security advantages
<Seveas> well, yes, that's what I just said :)
<Seveas> I should add we do block all other ports as there is nothing work-related they can do via those ports and it helps against attakcs/viruses etc.
<vedic> We keep 2 systems in office that can be used in free time to access personal emails, facebook youtube etc. But guidelines doesn't allow them to use work systems. But people still do that
<Seveas> the proxy (squid) can also be used for things like ftp and ssh
<vedic> I see
<JanC> vedic: huh, reading personal mail on a shared company PC?
<JanC> you're teaching them bad internet hygiene  :p
<halvors> [01:41] <halvors> I've setup a slave dns server with bind9 on ubuntu. But it doesn't write the records received from its master. This because of apparmor, may anyone help me figure out the issue. I don't hav eany idea :([01:42] <halvors> Here is the error i'm getting in syslog: http://pastebin.com/uKHE4bFb
<mortrca> I'm a student and I'm trying to teach myself about server virtualization. I have read the virtualization section in the server guide, but I'm not understanding how the different pieces (libvirt, JeOS, and vmbuilder) are supposed to work together.
<mortrca> Perhaps I am misunderstanding these components and they don't work together. Either way, could someone shed some light on this for me?
<TJ-> libvirt manages the hypervisor; JeOS is a kernel build targeted at known virtual machine environments (VMWare, KVM), vmbuilder create guest images
<mortrca> So, JeOS is the host operating system for the virtual systems created by vmbuilder?
<TJ-> mortrca: Yes, it was originally a separate install but is now the "minimal" server install
<mortrca> Okay
<TJ-> mortrca: because we know the small range of devices presented to VMware and KVM guests, the drivers in the image can be limited. A standard install carries every possible driver.
<mortrca> TJ-: I thought that was how it worked and tried to get a setup running with that in mind
<JanC> JeOS is the guest OS
<mortrca> Now I'm confused, I thought it was the host
<TJ-> mortrca: "Just enough Operating System"
<TJ-> mortrca: because, the guest contains a small subset of hardware, the kernel is minimal size and the only the essential base packages and configuration are needed in the guest
<JanC> the hardware that a guest sees is very limited
<mortrca> So, JeOS is what would be installed on a virtual machine? If so, what is the virtual machine running on - a full server install?
<JanC> only whatever the hypervisors provide
<JanC> yes, regular server instal
<mortrca> Ah, that clears some things up
<mortrca> I think I can figure out the rest of this now. My last question is, where does vmbuilder get the installation media?
<JanC> it probably uses debootstrap
<JanC> and a quick check seems to confirm that  :)
<mortrca> JanC: Can you elaborate? Does this mean I don't need to provide an image for the virtual machines to install?
<JanC> yes, no image needed
<JanC> it downloads the necessary debs and unpacks them
<mortrca> Doesn't seem very efficient, but okay
<JanC> actually, it's usually more efficient, especially if you have a local mirror
<TJ-> mortrca: Very efficient. Instead of needing an image that carries everything everyone wants, it allows just the packages wanted by the user to be fetched
<JanC> no need to run a complicated installer etc.
<mortrca> Okay, that makes sense
<mortrca> Thanks TJ- and JanC
<LLKCKfan> Is there any natural ways to relieve pain without using herbs or weed? No drugs
<genii> LLKCKfan: That's not really a support question for your Ubuntu Server
<TJ-> I find chopping my head off usually does the trick; that or installing ubuntu server :)
<genii> LLKCKfan: Might want to try some channel like #health
<LLKCKfan> genii I have
<LLKCKfan> No help
<hitsujiTMO> LLKCKfan: try: rm -rf /sys/class/pain
<hitsujiTMO> LLKCKfan: if it doesn't go away, then run the command with sudo
<genii> LLKCKfan: At any rate, try applying heat or ice, perhaps both in an alternating series
<JanC> LLKCKfan: so now you are going to troll other channels too?
<LLKCKfan> Ice makes it worse
<LLKCKfan> And heat does not help
<LLKCKfan> Not a troll
<teward|phone> how can I pin a PPA to be a higher priority than other packages?
<genii> !pinning
<ubottu> pinning is an advanced feature that APT can use to prefer particular packages over others. See https://help.ubuntu.com/community/PinningHowto
<teward|phone> genii: that didn't give me any help to answer my question.  It doesn't state how to get the exact statement to put in the pinning for any given PPA
<genii> teward|phone: Use something like:  Package: *    then: Pin: release a=<ppaname here>  ..then: Priority: 990
<genii> Work, AFK
<teward|phone> genii: i'll test that.  fortunately on a 12.04 system the PPA's version number is higher than what's in precise/precise-updates/precise-security/precise-backports, so it's less of an issue
<teward|phone> but on a 13.10 server it won't hence the question :/
<teward|phone> i can always install it with a version pin but meh
<teward|phone> genii: i'll try that, on the 13.10 servers affected
<teward|phone> (everything prior is clear because the PPA version is higher than others)
<genii> teward|phone: You can additionally add a stanza for the regular repository with a negative number value for Priority, this means it will not get updated from there. But instead of * use the actual packagename(s)
<genii> teward|phone: A description of the number values can be found by: man apt_preferences
<Titanium> is there a good way to remove lines matching a regex from a file?
<Titanium> i tried using sed, but when i redirect the output back into the file... it wipes it
<hitsujiTMO> Titanium: use sed -i
<JanC> Titanium: use a temporary fil
<JanC> * file
<JanC> (which is what sed -i does)
#ubuntu-server 2014-02-09
<Diegonat> hi guys... Do you have any experience with netapp?? Im cloning a volume from a flexclone and I am wondering if I will have all the snapshots of the source volume. Can you help me?
<teward> is there a way to remove an sbuild chroot?
<teward> like, without manually deleting things
<rbasak> teward: not that I ever found. Not much to delete manually though. One file from /etc/schroot/chroot.d/, and the chroot itself from /var/lib/schroot/chroots/. IIRC, that's it. I presume you close all sessions using the chroot first :)
<teward> rbasak: mhm
<teward> it's really irrelevant, though, my only concern is when raring is gonna be removed from the mirrors
<teward> (because when i update the chroots, raring will fail when raring's removed from the mirrors)
<teward> i'm usually smart enough to not debuild -S raring packages though nowadays :P
<teward> only raring folder I have is for wireshark, but meh.  that's gonna go away :P
<teward> (the server i use to run sbuild on is why i'm asking here)
<Wilkim> hello
<sheptard> hi
<Wilkim> i have ubuntu-server 13.10 x64 installed on my Dell Latitude E6410 laptop, and the wlan0 works fine since I installed it.  I just hooked up a wired connection today to the rj-45 port. when i do ifconfig eth0, it tells me the device was noit found
<sheptard> its probably not named eth0
<Wilkim> how can I tell?
<sheptard> do ifconfig -a
<Wilkim> i treid eth1 too
<sheptard> it's probably p2p1
<Wilkim> em1, lo, wlan0
<Wilkim> lo and wlan0 only have ip addressesd
<sheptard> wtf em1
<sheptard> but that'll be it
<Wilkim> let me setup the interfaces and see if it works
<Wilkim> ah it works
<Wilkim> ty
<Wilkim> im use to it being eth0, why is it em1? jw
<sheptard> well thats almost a bsd thing
<sheptard> bsd names its interfaces after the driver used
<sheptard> em = intel
<sheptard> on my 13.10 server install, my devices are named p2p and p3p
<Wilkim> oh, i liked eth* :( o well lol, ty
<sheptard> I've not read on why they changed the naming
<Wilkim> i just assumed i had a very special laptoip that didnt have a driver
<sheptard> haha
<sheptard> unlikely these days ;)
<Wilkim> i know lol
<Wilkim> is it possible for wlan0 to be disabled until em1 is down or disconnected?
<Wilkim> also for being on the same home network im getting a 400 to 1200 ms dely on a ping to the machine, is that norma, pc i am typing on is wireless (its annoying typeing in ssh)
<Titanium> is there something special to ssh into an ubuntu instance on AWS ?
<bekks> No?
<Titanium> i can connect to the amazon linux just fine
<Titanium> ec2-user and my key file
<sHUSTRIk> ÑÑÑÑÐºÐ¸Ðµ ÐµÑÑÑ? Ð½ÑÐ¶ÐµÐ½ ÑÐµÐ»Ð¿
<bekks> !ru | sHUSTRIk
<ubottu> sHUSTRIk: ÐÐ¾Ð¶Ð°Ð»ÑÐ¹ÑÑÐ° Ð½Ð°Ð±ÐµÑÐ¸ÑÐµ /join #ubuntu-ru Ð´Ð»Ñ Ð¿Ð¾Ð»ÑÑÐµÐ½Ð¸Ñ Ð¿Ð¾Ð¼Ð¾ÑÐ¸ Ð½Ð° ÑÑÑÑÐºÐ¾Ð¼ ÑÐ·ÑÐºÐµ. | Pozhalujsta naberite /join #ubuntu-ru dlya polucheniya pomoshi na russkom yazyke.
<sHUSTRIk> ÑÐ°Ðº Ð±Ñ ÑÑÐ°Ð·Ñ
<anjopaster> new to this chat and apache ... Difficult in configuring/viewing a new web page locally.
<tash> has anyone here successfully setup cobbler on Ubuntu server? If so, I'd really like to pick your brain. I'm having some issues.
<dcosnet> had to look that up. forgot what it was
<dcosnet> root@x8.dcos.net // gaze what cobbler
<dcosnet> Cobbler is a Linux boot server that allows for rapid setup of network installation environments. With a simple series of commands, network installs can be configured for PXE, reinstallations, and virtualized installs using Xen or KVM. Cobbler uses a helper program called 'Koan' (which interacts with Cobbler) for reinstallation and virtualization support.
<dcosnet> no idea if that will help you but it might
<JoshStrobl> Anyone here familiar with Juju charm development that can help me out? Asked my question in #juju and #juju-dev and seems like nobody is home :D
<JanC> JoshStrobl: maybe because it's Sunday (evening) in many parts of the world...  ;)
<JoshStrobl> JanC: Yea, Sunday 23:16 in my neck of the woods.
<JanC> :16?
<JoshStrobl> 23:16, as in 16 minutes past 23 (11pm)
<JanC> what country has a "halfway" timezone ?
<JoshStrobl> None, 16 minutes is merely the minutes past the clock you know...
<JoshStrobl> UTC+2
<JanC> either your clock is wrong, or you aren't at UTC+2...   :)
<JoshStrobl> clock is wrong apparently
<JoshStrobl> forgot to re-enable chrony
<JanC> I suppose it's 22h for you now
<JoshStrobl> yea
<teward> if I have a question about the archive mirrors themselves who do I poke?
<teward> (not sure really where to ask)
<bekks> Just ask your question :)
<TJ-> teward: #ubuntu-mirrors, probably
<tash> dcosnet, no unfortunately it doesn't
<tash> I have cobbler setup, but the server that I'm trying to pxe boot doesn't get the initrd ... or whatever it would be called.  I see the dhcp request on the cobbler server in /var/log/syslog
<mortrca> I've installed apt-cacher and it is working for apt-get, but I can't get it to work with vmbuilder. I've tried passing vmbuilder "--mirror http://S2Cache:3142/ubuntu" as the documentation says to, but I keep getting a "Couldn't resolve host name" error.
<mortrca> I have determined that it is the cache server that can't resolve the host name, not the server that I am running vmbuilder on
<mortrca> Thanks for listening to me babble, I just had a light bulb moment and got it working
<dcosnet> tash: ahh, are you using a tftpd to send the files? or does cobbler do that itself?
<dcosnet> at one point i considered toying with cobbler but never got around to it
<dcosnet> mortrca: what made it work?
<mortrca> dcosnet: I had to use "http://S2Cache:3142/us.archive.ubuntu.com/ubuntu"
<dcosnet> S2Cache is your local server cache?
<mortrca> Yes
<dcosnet> cool
<dcosnet> :)
<dcosnet> i might set that up on my server
<dcosnet> i planed to setup a web proxy cache like clarkconnect 4.3 had (think year 2002) but havent done that yet either. probably will set it to cache images, exe's, and all linux file types
<bekks> dcosnet: Just use squid, which is a current proxy server.
<dcosnet> yea thats what clarkconnect used
<dcosnet> i'll probably examine their config since i recently setup that in a vm for that purpose
<bekks> Then there is no need for ClarkConnect at all.
<dcosnet> never said their was
<bekks> Never said you said :)
<dcosnet> other then just now for examination purposes
<dcosnet> mm true
<dcosnet> when the clarkconnect project changed it's name to clearos they started removing features
<dcosnet> thats one they removed
<bekks> Yeah, just install quid and follow the ubuntu wiki - squid is setup in less than 5 minutes.
<dcosnet> ah cool
<wgwinn> Are there any known issues using either 12.10 server or 12.04 server on an e-350 based board? I can launch 'install this system' but then the keyboard stops responding, lighting up the numlock key while a key is pressed for all keys. F6 allows to edit the boot line, f4 to change some install options (normal, oem, minimal) but I didn't see anything specifically 'pick a special keyboard.  I've...
<dilligafoo> 3.141592653589793
<wgwinn> ...tried the options I could see, but it's a standard logitech mk120 US keyboard on an E-350 board.
#ubuntu-server 2015-02-02
<thor77> hey, is anyone using nginx + munin + fcgi?
<thor77> i dont get it running..
<thor77> im following this doc http://munin.readthedocs.org/en/latest/example/webserver/nginx.html#using-fastcgi
<thor77> but if i try to start the fcgi-process it says "spawn-fcgi: child exited with: 2"
<holms> hello, how can I include config file (with env vars) into upstart script
<holms> is this channel for solving issues =/?
<thor77> its for support i think
<holms> so when is working hours :D
<thor77> looks like not now :P
<holms> ok seems to be here's an answer http://serverfault.com/questions/128605/have-upstart-read-environment-from-etc-environment-for-a-service
<Sierra> Got an ubuntu server that's displaying this when we attempt to boot it: 'Error: file not found'. And on the next line, it shows 'Grub rescue'. I've already done some research and determined I need to run a boot repair while running off an ubuntu disk, but I havent found a definite answer on what could have caused this. Any ideas?
<MassReflex> hey everyone
<SchrodingersScat> hey MassReflex
<MassReflex> i have a few issues that im trying to wrap my head around
<MassReflex> first question..  if i set up a vpn and rout all traffic through it..  how would it effect my servers running.. for instance.. on my ubunut sever.. i run plex media server
<MassReflex> would plex still use my local network...  or would it pipe through the internet and what not
<MassReflex> and second.. i was hoping someone could help me with using iptables to block all traffic from an app except for on ip's of 10.8.x.x - 10.9.x.x
<X123> hrm
<X123> 6 hrs of quiet?
<lordievader> Good morning.
<afl_ext> Hello. Is it possible to force squid to connect to world from particular virtual device, in this case tun0?
<cocoa117> is there a way to create vlan on ethernet card without installing vlan package?
<afl_ext> Hello. I have set up ubuntu from mini.iso on virtualbox - host is ubuntu too - and it boots to black screen. No grub, not even a blinking cursor. The same behaviour occurs on host but it finally shows desktop when X got initialized, but absolutely nothing before. What happens? I can SSH that server because I guessed its IP
<hxm> hello
<lordievader> Hey hxm
<hxm> i have installed trusty in a powerpc G4 apple macbook pro, and i have no ethernet
<lordievader> hxm: Is the nic listed under lspci?
<lordievader> With a driver?
<hxm> it is
<hxm> Ethernet controler: Apple Inc. UniNorth 2 GMAC
<lordievader> hxm: That is good, does 'ip link' show it?
<hxm> it does
<hxm> says state DOWN when the cable is connected
<lordievader> hxm: Does 'ip link set dev <eth0?> up" fix that?
<lordievader> Replace <eth0?> with the actual interface.
<hxm> nope, same message, i go to connect direct to router with other cable
<lordievader> hxm: What does dmesg say about it?
<hxm> i see some errors about api see some messages with no error details, but it is trying to link up
<hxm> im trying to find the |
<hxm> ah, works now, ip link set dev eth0 says state UP
<hxm> but still no ip
<hxm> works, not sure how
<hxm> i restarted 2 times
<lordievader> hxm: Setting the up state doesn't give the nic an ip, you need to do an dhcp request for that (<-- applies if not static set up).
<hxm> installing the isc-dhcp-server package?
<lordievader> hxm: No, running dh-client. Or whatever Ubuntu uses.
<lordievader> dhclient, it is.
<hxm> yea, dh-client is a command from package isc-dhcp-client
<hxm> thanks
<lordievader> That should already be installed.
<jrwren> hello, is there any effort to make start-stop-daemon cgroup aware? e.g. stop/restart of any service which is also running in a lxc fails because start-stop-daemon sees the service already running.
<sarnold> jrwren: hmm, seems very complicated; what problem are you trying to solve?
<jrwren> sarnold: "service mongodb start" fails on host if there is already a mongodb running in an lxc guest.
<sarnold> jrwren: why does it fail?
<jrwren> sarnold: "already running"
<jrwren> sarnold: afaict, start-stop-daemon looks at all running processes cmdline and if one matches, it fails with already running.
<sarnold> jrwren: damn. I was hoping it'd gve a more specific error message
<sarnold> jrwren: -really-?? eww.
<jrwren> sarnold: I'm thinking maybe /etc/init/mongodb.conf should be updated to use mognod --pidfilepath and that same path could pass to start-stop-daemon --pidfile
<jrwren> sarnold: i'm going to try it, since it sounds like cgroup aware start-stop-daemon is not a thing.
<smoser> hallyn, is there a recommended way of saying "get me the sane qemu-system-ARCH package" ?
<smoser> i guess maybe not that important as to use it i'd still have to know to run qemu-system-ARCH
<sarnold> jrwren: looks like it might be fixable in the initscript for mongodb: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718702
<hallyn> smoser: no.  i think infinity has mentioned that before
<jrwren> sarnold: excellent, I'm on the right track.
<sarnold> jrwren: woo :)
<cydizen> cydizen
<cydizen> cydizen
<xcyclist> I am trying to convert an apache file from a vi edit on Ubuntu to be used on Windows Server, and when I download the attachment from Outlook it has no newlines or otherwise is somehow all run together.
<xcyclist> I use unix2dos, but I still get this problem.
<xcyclist> unix2dos before emailing to the server as an attachment.
<sarnold> xcyclist: those kinds of programs can get confused if there are some unix-style line endings and some dos-style line-endings; try running dos2unix on the file twice then unix2dos on the file.
<R1ck> heya. We've had a number of 14.04 vmware nodes that since 3.13.0-44-generic are experiencing random lockups. Is anything known about this, or where do I go to find out more?
<bekks> R1ck: "14.04 vmware nodes" - do you mean "Ubuntu 14.04 running VMware Workstation"?
<R1ck> no, I mean 14.04 LTS guests running on ESXi hosts
<bekks> Ah ok. I'd install linux-generic-lts-utopic as described in https://wiki.ubuntu.com/Kernel/LTSEnablementStack then.
<R1ck> okay, and why exactly? :)
<R1ck> for now we have downgraded the affected hosts to 3.13.0-43 which doesnt seem to have the issue
<bekks> Because thats the current LTS stack.
<shauno> xcyclist: I believe apache on windows has no problems with such line-endings.  they mostly affect humans.  if you use something like notepad++ (or even wordpad!) instead of windows' notepad, your problems should magically disappear
<sarnold> R1ck: please do file a bug :)
<R1ck> bekks: thats the bit I dont understand, if those are the "real" LTS kernels, why are we not getting those updates automatically?
<bekks> Because kernels arent updated automatically, especially when talking about hardware enablement stacks.
<R1ck> as far as I can tell, they are the kernels from 14.10, which isnt an LTS release
<R1ck> I think we're misunderstanding eachother.. I've gotten plenty kernel updates, automatically (unattended-upgrades)
<bekks> The are ported to 14.04, and supported like this: https://wiki.ubuntu.com/Kernel/LTSEnablementStack#Kernel.2BAC8-Support.A14.04.x_Ubuntu_Kernel_Support
<R1ck> after googling a bit, it looks like those kernels are ported to support newer hardware
<R1ck> I'll go install linux-generic-lts-utopic on these two nodes, see if they remain unaffected
<sarnold> I hope it works out, but please don't forget that bug report
<sarnold> it's probably easier to file before upgrading them :)
<JanC> xcyclist: you should probably run unix2dos on Windows, not on linux
<R1ck> sarnold: bit difficult though.. we haven't gotten a specific memorydump or something
<R1ck> but I definately will
<R1ck> best I can do is a screenshot of a partial kernel panic
<sarnold> anything helps :)
<xcyclist> shauno:  I somehow got it with unix2dos after changing the filename and trying again.  I fear I may have been suffering from latency with gmail.  Apologies.
<xcyclist> JanC:  No, when I ran it on Linux, I eventually got something that worked.
<JanC> xcyclist: oh, good
<JanC> xcyclist: I was wondering if maybe whatever you were using to mail it was "sanitizing" it  :)
<koolhead17> hello all
 * koolhead17 wonders if oldies are still holding up ^^
<cluelessperson> Hey guys, I can't seem to get httprequest to work in ubuntu server
<marc____> hi everybody
<marc____> I need an advice
<marc____> I have a couple of raspberry pis that I use as low power servers at home
<marc____> when I got them I installed arch linux on them because raspbian came with GUI packages pre-installed and I preferred to start from a minimal configuration and add packages as I needed them instead of removing the packages form a default gui installation
<marc____> now, tomorrow I'll get two raspberry pi 2 and I saw that there is an image of ubuntu snappy core for it
<marc____> arch is no longer an option because it could take a long time until the board is supported by archlinux-arm
<marc____> now the piece of advice for which I came here, is the following: is it possible to install ubuntu server directly without needing to pass through raspbian? did anyone try this before? (being an ARMv7 it would seem reasonable)
<marc____> but I have no experience with debian and the raspberry pi
<marc____> moreover the ubuntu snappy core is a bit confusing to me... it seems that there are very few packages and that one cannot use apt-get... but is this true also inside a container? could I install any debian package inside a contaier?
<shauno> I can't answer this (personally, I'd expect to see ubuntu-armv7, debian-armv7 images appear sooner than you may think).  but I will point out there's a #snappy channel who may be better to answer specifics
<marc____> thanks shauno!
<sarnold> marc____: fwiw, I don't think snappy is -quite- there unless you're interested in helping develop snappy; hopefully there's a more traditional server image available for it ..
<marc____> sarnold: yup, I saw it was in alpha... maybe you are right, I could go for the raspbian and remove some packages, or as shauno suggest wait a bit to see if an ubuntu-armv7 images comes out...
<marc___> bye guys, and thanks again for your help!
#ubuntu-server 2015-02-03
<morenoh150> ansible vs salstack go!
<morenoh150> saltstack
<sarnold> saltstack has a terrifying history: https://github.com/saltstack/salt/pull/7356 https://github.com/saltstack/salt/commit/5dd304276ba5745ec21fc1e6686a0b28da29e6fc
<sarnold> I don't know that ansible is _better_, mind, but I certainly don't recall anything quite so horrible in their history
<morenoh150> how can I verify that my harddrive is experiencing hardware failure
<morenoh150> nvm
<lordievader> Good morning.
<ivoks> stgraber: around by any chance? :)
<rsevero> Hi, I'm finishing the configuration of my second server being migrated from Gentoo to Ubuntu. Unfortunatelly, when I did a last boot to see if everything would come up ok the boot process started to hang on "Stopping Send an event to indicate plymouth is up". Any ideas what might be causing this?
<teward> rbasak: ping if you're around
<rbasak> teward: here but a bit tied up this afternoon
<teward> rbasak: ahh, well, i"ll leave you be, just making a note WRT bug #1267255 that nginx suggests the use of php5-fpm for their PHP configurations, althuogh it can be done with php5-cgi and others, FPM makes it quick-and-easy
<teward> just wanted to at least make you aware of that one.
<teward> which is one point for the MIR, if we wanted to ship, say, a LEMP stack option in Ubuntu
<teward> 'tis all :)
 * teward returns to fiddling with his tablet
<rbasak> teward: yeah, understood. I think we'll probably have the fpm mir done eventually. But I think it should block on fixing all the fpm related bugs first.
<teward> mhm
<teward> rbasak: assuming that someone steps up - those bugs can be... tricky.
<teward> rbasak: for the record i'll prep the SRU/Debdiff for https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1230917 - the patch as is from upstream (Ondrej) doesn't apply cleanly, so I'm going to go the evil method and rebuild the patch manually with quilt (looks like something doesn't like the patch as-is)
<teward> oh duh, it's d/ changes
 * teward facedesks
<AkivaAvraham> Hey all: Live Ask Ubuntu Anything live in 5 minutes: http://ubuntuonair.com | #ubuntu-on-air
<alias_neo> Hey guys, anyone know how I can take advantage of hardware RNG in my Xeon on Ubuntu-Server for VM use?
<alias_neo> KVM*
<ssarah> hallo. Guys, someone told me it's ALWAYS safe to leave security updates on ubuntu-server
<ssarah> as in, it wont break running applications, like puppet, etc
<ssarah> true?
<ssarah> *automatic security updates on
<akae> Hi everyone
<akae>  I'm having a problem with ubuntu-server 14, which does not mount at start a sdb1 SSD disk even if it is configured in fstab, but mounts perfectly when I run mount -a
<akae> does anyone have an idea of what could be happening?
<jrwren> ssarah: that is the goal AFAIK
<rsevero> akae: As it mounts when you run "mount -a" I believe you have the "auto" option enabled on this particular volume, right?
<Tzunamii> mount -a mounts everything in /etc/fstab
<lordievader> It mounts everything that doesn't have 'noauto' set.
<ssarah> jrwren: the "goal" ?
<ssarah> they are telling me to be afraid the security upgrades would bream something else
<jrwren> ssarah: its always a possibility, but it is highly unlikely.
<kaje> So, I have a tricky problem that could easily be solved by using a setuid bit on a script, but ubuntu seems to block that.
<kaje> I have a user with a private ssh key set up to connect to a remote server. That user has a specific command it wants to allow other users to perform on the remote server, but no other commands.
<bekks> kaje: Which command is that, in particular?
<kaje> I created a script that just has "ssh -i keyfile "the command"" in it.
<kaje> I am trying to think of another solution for this problem that doesn't give other users direct access to that keyfile since that will give them full access to the remote server.
<kaje> I tried doing the C file with a system call to the script trick, but that didn't work either.
<sarnold> kaje: I suggest creating a key specifically for that one command
<sarnold> kaje: look for command=  in authorized_keys(5)
<kaje> How do I prevent someone from sshing in with that key using ssh -i ?
<kaje> ok, thanks
<NymeriaFR> Hello every body
<NymeriaFR> I have a little question about docker
<NymeriaFR> if someone can help me
<pmatulis> ask away and someone may help NymeriaFR
<NymeriaFR> If all my application run inside docker, are library shared ?
<NymeriaFR> For exemple, if I have two application which use the same library (Qt for example), is Qt library shared between application ?
<jrwren> NymeriaFR: i don't now of any special handling for this. So the answer is: maybe.
<jrwren> NymeriaFR: I assume you mean 2 different containers, one running each app?
<NymeriaFR> Sorry, I wasn't very specific
<NymeriaFR> Yes the applications are in differents containers
<NymeriaFR> I assume in ubuntu touch, each application is lunch in differents containers, isn't ?
<NymeriaFR> in ubuntu snapy*
<jrwren> NymeriaFR: I don't know.
<jrwren> NymeriaFR: ultimately, share libraries being loaded only once happens because the linker uses mmap. If the library files are the same on disk, like is the case for aufs, then the mmap calls will only map once.
<Fun> hey folks
<Fun> say i sell vps and dudes use them to hack something, does DC mind?
<Fun> I could simply close they account when reports arrive
<Fun> however there are no cheap way to see what people are upto with rented vps :D
<sarnold> "DC"?
<Fun> data centre
<Fun> IP providers
<Fun> since most likely complains go into arin IP email
<Fun> unless its mine
<lenios> you might get your IP banned before you close their account
<Fun> or them I sell vps and some ips may get complains
<Fun> :d
<Fun> its  not a big deal for them if I lease IPS long term
<Jeeves_Moss> is there a netflow EXPORTER for Ubuntu?  I'd like to monitor my boxes using my netflow monitor
#ubuntu-server 2015-02-04
<dtscode> hey guys... ive got a teamspeak server that for whatever reason decided to stop working today. it worked yesterday, no changes as far as i can tell. the server is running with default ports, but the client cant connect to it
<sarnold> client or server expired certificates?
<dtscode> maybe
<dtscode> how would i fix that?
<sarnold> depends on which side is broken; check logs on both sides to see if you can find error messages...
<TimelessUser> can someone help me with the date on my ubuntu server, niether the UTC or local time are correct
<dcosnet> https://takeaction.takepart.com/actions/tell-the-doj-nomoreaarons-sign-the-petition-for-better-oversight-for-federal-attorney-misconduct
<lordievader> Good morning.
<kk_> Need help to mount android device on beaglebone without desktop.
<kk_> Can we use gvfs without gnome?
<p3rL> hello
<p3rL> helppp
<p3rL> W: Failed to fetch http://91.189.92.190/ubuntu/dists/lucid-security/universe/source/Sources  Could not connect to 91.189.92.190:80 (91.189.92.190). - connect (110 Connection timed out)
<p3rL> E: Some index files failed to download, they have been ignored, or old ones used instead.
<p3rL> heloooooooooooooooooooooooo
<ame> i have installed ubuntu 12.04 and make my server as LTSP server.The problem now is if my clients connecting pendrive the client is detecting but  if they connect anyother devices like arduino board or any electronic board i cant even see that in dmesg itself
<zotta> I noticed unusually high OUTGOING traffic. It sems to have something to do with a program called ntpd
<zotta> Is that normal? Does that mean the box was hacked?
<lordievader> Ntp can be used for DDoS attacks.
<zotta> It does not seem to have much impact on the server so far. just the traffic graphs look unusual.
<Kevindf> Hello, I am at school and accidently pressed print on a batch script with a cups server running on mu pc problem is it keeps printing the pages now even when im still at the login menu
<Kevindf> How can I stop that? Cant afford to get more pages printed
<Kevindf> Would stopping the cups service upon startup help?
<LeMike> hello. shouldn't `rsync -avz` do nothing when two drives have the same content? mine here is starting over and over again :((
<Fun> hi
<Fun> when I buy whmcs full license I can use it on all servers?
<Fun> or 1?
<SchrodingersScat> what is whmcs?
<Fun> software to manage customers
<Fun> billing and so on
<tvw> I have a boot problem. Since the last update of my Ubuntu 14.04 server it stops booting with the message, that it cannot find the root-disk with the given UUID. It stops in initramfs. When I then make a blkid or a ls /dev/disk/by-uuid, the missing drive is there. I also can mount it, when I start a rescue system from cd.
<tvw> Then I booted the server with editing the boot parameters and set root= from root=UUID=... to root=/dev/sda3. Now it boots.
<tvw> Any idea, why it does not find the disk, when using UUID?
<Walex> it could be a timing issue, the disk gets discovered too late
<Jeroen1> Hi there, who can help me? I'm running my website on a ubuntu server but the problem is that my database has gone offline. How can I get it online again?
<guntbert> Jeroen1: what do the logs say?
<Jeroen1> how do I get them guntbert?
<Jeroen1> Just a little bid in panic :p
<Jeroen1> and I'm noob in this.
<guntbert> Jeroen1: panic doesn't help any --- cool down :-)
<guntbert> what database is it? mysql?
<Jeroen1> Yes
<Jeroen1> I can get on the phpmyadmin page
<Jeroen1> but when I try to login I get this error: #2002 Cannot login to MYSQL-Server
<Jeroen1> Well it's installed with Nginx but I don't know exactly how they did it as someone else installed the server and I cannot reach that person. :/
<guntbert> Jeroen1: don't you have ssh access?
<Jeroen1> I'm now in the server on root.
<Jeroen1> Is there a way I can see the logs?
<guntbert> Jeroen1: now look into /var/log/mysql.log
<Jeroen1> what is the command in Ubuntu again? :/
<sarnold> less is nice
<guntbert> Jeroen1: less /var/log/mysql.log
<Jeroen1> clean
<guntbert> Jeroen1: try     sudo service mysql staus
<guntbert> Jeroen1: try     sudo service mysql status
<Jeroen1> stop/waiting
<guntbert> Jeroen1:      sudo service mysql start
<Jeroen1> You're my hero! Thank you very much.
<Jeroen1> :D
<sarnold> -please- do take the time to investigate why it died. it's worth finding.
<guntbert> sarnold: +1!!
<sarnold> it'd be best to avoid this kind of panic again :)
<Jeroen1> But is this normal? mysql start/running, proess 17168
<sarnold> Jeroen1: that output is norming, but mysql stopping is not normal.
<sarnold> Jeroen1: check dmesg output in addition to the mysql logs
<Jeroen1> how do I get there?
<sarnold> Jeroen1: dmesg | less
<Jeroen1> ok well that doesn't make any sense to me.
<Jeroen1> How do I know if something is wrong? :p
<sarnold> Jeroen1: head towards the very bottom; the first few hundred lines are normally of use only when debugging boot problems
<guntbert> Jeroen1: another hint: really do use the nick of a person you are talking to - that way they get alerted when you say something - we are often reading many channels and doing  something else as well
<sarnold> Jeroen1: but if there's e.g. disk errors or segmentation violations near the end, you might find something useful
<hallyn> jdstrand: hey, running qa-regression-tests test-libvirt.py, i get failures and skipped tests unless the 'deny /tmp...' rules are commented out in /etc/apparmor.d/abstractions/libvirt-qemu
<hallyn> this is per bug lp#1403648
<hallyn>   #deny /tmp/{,**} r,
<hallyn>   #deny /var/tmp/{,**} r,
<hallyn> iiuc commenting those out should NOT add any new permissions right?
<hallyn> only silence denials.  so im' confused
<jdstrand> hallyn: that's right, unless the test itself is adding them for some reason
<jdstrand> which is plausible last time we chatted
<hallyn> hm
<jdstrand> hallyn: oh wait, can you post a denial?
<hallyn> no
<hallyn> will do so once i reset things
<hallyn> jdstrand: sorry...  i guess i'll pin gyou tomorrow :)
<hallyn> (there are 3 perplexing sources of numbers of failures right now;  that's one of them)
<Fun> who here got vps for 50 cent? lol
<Fun> would be fun
<Fun> under dollar vps
<SchrodingersScat> holla holla chicken dolla
<Fun> :D
<SchrodingersScat> cloudatcost had lifetime vps, if you live long enough that's under 50 cents
<SchrodingersScat> if /they/ live long enough as well
<Fun> :)))
<hallyn> jdstrand: odd, installed auditd, not a single DENIED msg in audit.log
<jdstrand> can you put 'audit' in front
<jdstrand> hallyn: I should have mentioned that
<jdstrand> 'audit deny /tmp...'
<hallyn> k
<jdstrand> hallyn: actually, I need to head out, but I'll check backscroll
<hallyn> jdstrand: ok but i thought having them commented out would make the denials show up
<hallyn> ok, will paste when i get results - thanks
<hallyn> jdstrand: http://paste.ubuntu.com/10061827/ has the list.
<hallyn> so three of them are from a test trying to save state to a file called "state" under /tmp
<hallyn> four
<hallyn> the other three are a storage pool test.
<hallyn> so i guess we just need ot update those paths in qrt
<hallyn> or just update profile from qrt to allow those paths.
<hallyn> hm, or are those actual bugs in that virt-aa-helper should be granging perms to those?
#ubuntu-server 2015-02-05
<zotta> I want to execute a conversion program on data uploaded to a website. However the converter is known to have security issues all the time.
<zotta> Is there a way to run such a program in a sandbox?
<zotta> Basically I want to restrict reading files to one input file and writing to one output file, prevent network access and limit execution time and ram
<sarnold> zotta: you can wrap the converter in an apparmor profile
<Patrickdk> well, if you combine apparmor and ulimit will do most of that
<Patrickdk> but never looked at limiting network access
<sarnold> apparmor can deny network access, "deny network," ought to do the trick -- but that might also forbid e.g. unix sockets if that's how the web server drives it, hehe
<jjohansen> sarnold: sure but you can allow unix sockets, and just not allow network
<jjohansen> since its default deny, network will be denied
<sarnold> hey jjohansen :)
<jjohansen> hey sarnold
<zotta> Does it support whitelist for file read access?
<sarnold> zotta: yes
<sarnold> zotta: for example, here's my irssi (irc client) profile: http://paste.ubuntu.com/10062642/
<zotta> Sounds great. I will up on it.
<sarnold> hmm, that could use some slight improvements...
<sarnold> but I hope it helps convey the flavour of apparmor profiles :)
<zotta> :) thx
<Patrickdk> I had to adjust my apparmour profile today :(
<Patrickdk> users couldn't send email
<jjohansen> Patrickdk: what was the message that was logged?
<jjohansen>   dmesg | grep DENIED
<jjohansen> or
<jjohansen>   grep DENIED /var/log/syslog
<Patrickdk> heh?
<Patrickdk> the message that was logged was, denied x to /usr/sbin/sendmail
<Patrickdk> as, by normal sanity, there is nothing in /usr/sbin a user needs, except sendmail aparently
<sarnold> you let your users send email? how decadent :)
<Patrickdk> sarnold, heh, it's been like this for years, first time someone had a problem
<sarnold> :)
<Patrickdk> calling sendmail is such a hack though
<jjohansen> Patrickdk: so since we don't supply a send mail profile I would recommend going with either
<jjohansen>   /usr/bin/sendmail  ix,
<jjohansen> or
<jjohansen>   /usr/bin/sendmail pix,
<Patrickdk> wouldn't work
<Patrickdk> /usr/sbin/sendmail ix
<Patrickdk> is what I used
<Patrickdk> it then required, /usr/sbin/postdrop ix
<jjohansen> oh fun
<Patrickdk> name="/usr/sbin/sendmail" pid=10663 comm="mailx" requested_mask="x" denied_mask="x"
<Patrickdk> I just have a huge profile I wrote, that gives the users exactly what they need and nothing else
<Patrickdk> then I locked it to bash and dash
<Patrickdk> works really well
<jjohansen> nice
<Patrickdk> users start with bash shell, and can't change it
<Patrickdk> hmm, only 133 lines :)
<Patrickdk> I saw apache suexec got apparmor support :) that is nice
<Patrickdk> I had patched mine a long time ago with it, works well there too
<jjohansen> oh nice, I didn't know that suexec had apparmor support, /me will have to look at what they are doing. apparmor does have the mod_apparmor apache plugin that allows profiles to be set based off of urls etc
<jjohansen> but the suexec change is new to me
<Patrickdk> oh, maybe it was mod_apparmor
<Patrickdk> I know it could use hatchange in apache
<Patrickdk> and suexec would be affected
<Patrickdk> maybe it wasn't directly in suexec
<jjohansen> ah maybe still worth looking into
<grendal_prime> you know this seems stupid..like i should know this, but isnt it possible to send all traffic destined for an fqdn to a local ip.... i mean without setting the hosts file on the client?
<grendal_prime> i have a dns server but i only want to do this with...like port 80 traffic
<grendal_prime> ya so this is whack
<grendal_prime> it seems like if i set that in the hosts file of my ubuntu router, it should just route things to there.
<grendal_prime> but that is not working
<lordievader> Good mornining
<sarnold> grendal_prime: hunt around for a "transparent proxy howto", it'll have iptables rules that you can use to redirect traffic as you wish
<grendal_prime> ya thats how i usually do this..but that does not seem to be working
<grendal_prime> i cant figure out what the heck is going on actually
<grendal_prime> i have used haproxy to do this as well..but its werid..its like my ip tables changes are not taking effect.
<grendal_prime> sarnold, i actually like the haproxy approach for what im doing, cause i can subdomain the web requests...and well also the xmpp i think.
<grendal_prime> well...maybe not on those.
<grendal_prime> well actually it looks like ya thats doable
<grendal_prime> the proxy works from outside..but..hmm i think this is an issue with the router/firewall between my router/firewall and the wall.
<grendal_prime> this is getting very frustrating.  The domain does not resolve to that internal ip and, hmm
<grendal_prime> this is fn crazy
<grendal_prime> i just...grrrrrr
<grendal_prime> I have access to the dhcp server..i have access to the dns server...i cant make the internal machines go to something inside instead of outside the network?
<grendal_prime> its just nuts
<Anteac> im got aids
<Anteac> just now
<Anteac> from serverpilot
<alias_neo> Hi guys, I'm trying to get the hw_random working in my xeon on ubuntu server, I'm struggling to get it to work properly, anybody got experience with it? I cant seem to get the intel kernel module to load and /dev/hwrng doesn't show up unless i start virtio-rng
<alias_neo> Is 19GiB/s plausible for urandom if it's not using hwrng?
<alias_neo> rngtest: input channel speed: (min=2.161; avg=169.892; max=19073.486)Mibits/s
<alias_neo> or is that a red herring?
<patdk-wk> hwrng has nothing to do with urandom
<patdk-wk> urandom is based purely on your cpu bandwidth
<jrwren> alias_neo: remember: http://www.2uo.de/myths-about-urandom/
<alias_neo> jrwren thanks
<jrwren> alias_neo: afaik, kernel will use RDRAND if the instruction is available.
<alias_neo> my rngtest bandwidth doesn't seeem to suggest I'm using the hwrand capability of my Xeon
<alias_neo> rngd doesn't see it, modprobe-ing intel-rng doesn't work (no such device)
<alias_neo> I'd like to be able to pass the hardware rng through to my kvm guests, because my IPA server for example on F21 is running out of entropy all the time
<alias_neo> crap, now my ubuntu server has dropped my ssh connection and won't reconnect
<jsmith-argotec> hi all
<jsmith-argotec> how would I figure out the exact versions of each library dependency that would be installed with a package from the 12.04.00 without installing 12..04 from original media and installing the package?
<pmatulis> jsmith-argotec: is this what you're looking for?  http://paste.ubuntu.com/10075458/
<pmatulis> jsmith-argotec: ah, without installing 12.04
<pmatulis> jsmith-argotec: probably a few ways but i think the easiest is to create an LXC container and doing the above
<jsmith-argotec> pmatulis: hmm ok ty
<jsmith-argotec> I'm having a problem with my pacemaker cluster software after the server was rebooted.  One direction I'm going down is that a security update to a library may have caused an incompatiblity with the package
<jsmith-argotec> different question - what should I look for in an strace to help look in the right direction?
<pmatulis> jsmith-argotec: it would depend on the problem.  w/o specifics it's hard to help
<jsmith-argotec> ok I'm getting "corosync [IPC ] Invalid IPC credentials" error when I start pacemaker followed by "attrd: [28829]: ERROR: main: HA Signon failed"
<jsmith-argotec> pmatulis: corosync communications are working and both nodes are members.  When I start pacemaker I get those ^^^ errors
<ivoks> jsmith-argotec: er
<jsmith-argotec> pmatulis: what started it was the node was fenced. after reboot it wouldn't rejoin and had these errors.  I found it had booted with an incorrect kernel which I correct but still getting the same errors
<jsmith-argotec> ivoks: hi!
<ivoks> jsmith-argotec: check package version of pacemaker and liblrmd
<jsmith-argotec> ivoks: I was wondering if its the same issue that was just SRU'd in trusty and up
<jsmith-argotec> ivoks: ... no liblrmd installed...
<ivoks> liblrmd1
<ivoks> or something
<ivoks> dpkg -l | grep liblrmd
<ivoks> dpkg -l | grep pacemaker
<jsmith-argotec> got it
<sarthor> Hi, I have ubuntu-server 14.04 running, when ubuntu export some text to pdf, I can not see arabic words in a proper way. irregular fonts showing, How can I fix this. HELLP please.
<ivoks> version should be exactly the same
<jsmith-argotec> not even close
<jsmith-argotec> 1.1.6-2ubuntu3 for pacemaker, 1.0.8-2ubuntu6 for liblrm2
<ivoks> uh, that's an old version
<jsmith-argotec> on 12.04
<jsmith-argotec> precise
<ivoks> liblrmd
<ivoks> not liblrm
<jsmith-argotec> dpkg -l | grep liblr
<jsmith-argotec> ii  liblrm2                              1.0.8-2ubuntu6                    Reusable cluster libraries -- liblrm2
<jsmith-argotec> that's all I have
<ivoks> i don't remember how it was in 12.04
<sarthor> sarthor:
<jsmith-argotec> ivoks: not available for install via apt-get either
<pmatulis> 1.0.8-2ubuntu6 is correct on 12.04
<jsmith-argotec> according to showpkg dependecies lists liblrm2 not liblrmd
<pmatulis> but pacemaker is 1.1.6-2ubuntu3.3
<ivoks> that's fine
<ivoks> liblrm is not from pacemaker source
<ivoks> it's from cluster-glue
<jsmith-argotec> pmatulis: yes thats the latest but I was running 1.1.6-2ubuntu3 when I had issues. tried upgrading which didn't help
<pmatulis> oh
<ivoks> did you just upgrade pacemaker or did you do dist-upgrade?
<jsmith-argotec> and downgraded back just in cast
<jsmith-argotec> case
<jsmith-argotec> just pacemaker
<pmatulis> so problems with both versions?
<jsmith-argotec> but I have upgrade some libraries along the way from security etc
<jsmith-argotec> pmatulis: yes
<ivoks> see if dist-upgrade will install something in addition
<jsmith-argotec> and I put other working node in maintenance and restarted the services there and now it's exhibiting the same errors
<pmatulis> jsmith-argotec: did you ever reboot successfully on any version?
<jsmith-argotec> pmatulis: yes I have a reboot/successful rejoin from Decemeber
<pmatulis> jsmith-argotec: and you rebooted again, w/o changing anything and you have problems?
<pmatulis> jsmith-argotec: and then you tried fixing by upgrading stuff?
<jsmith-argotec> ivoks: theres over 300 packages that would update... dont really want to update all of them
<ivoks> try upgrading cluster-glue, if available
<jsmith-argotec> pmatulis: node was fenced so it rebooted, then it didn't work.  There had been (at least) one package installed between.
<jsmith-argotec> pmatulis: it booted with a newer kernel also which I reverted and also uninstalled everything from the last package install.  Still not working so I tried the upgrade
<jsmith-argotec> ivoks: nothing new for cluster-glue
<ivoks> i doubt that
<ivoks> i bet on user error :)
<jsmith-argotec> doubt what... nothing new for cluster-glue/
<jsmith-argotec> ?
<ivoks> are you starting pacemaker as a service or is corosync starting it?
<jsmith-argotec> I start corosync manually and then pacemaker manually (plugin ver 1)
<jsmith-argotec> as a service
<jsmith-argotec> for history these 2 nodes have been running stable in production (failed over a few times as designed) for over 18 months
<ivoks> mount | grep shm
<jsmith-argotec> ivoks: it's on tmpfs:  none on /run/shm type tmpfs (rw,nosuid,nodev)
<jsmith-argotec> which is correct I believe?
<ivoks> yes
<ivoks> and /var/run/crm exists?
<jsmith-argotec> in the strace there was something about libgpg-error right around the time of the HA signon error in the logs... is that something?
<sarthor> Hi, I have ubuntu-server 14.04 running, when ubuntu export some text to pdf, I can not see arabic words in a proper way. irregular fonts showing, How can I fix this. HELLP please.
<ivoks> is /var/run also tmpfs?
<jsmith-argotec>  run is... tmpfs on /run type tmpfs (rw,noexec,nosuid,size=10%,mode=0755)
<jsmith-argotec> none on /run/lock type tmpfs (rw,noexec,nosuid,nodev,size=5242880)
<jsmith-argotec> none on /run/shm type tmpfs (rw,nosuid,nodev)
<ivoks>  /var/run
<jsmith-argotec> don't see /var/run
<jsmith-argotec>  /var/run -> /run
<ivoks> do you have /var/run/crm?
<jsmith-argotec> and run is on tmpfs
<jsmith-argotec> yes
<jsutherland> Our next server is likely going to be a Dell R730 or HP DL380 Gen9. Both run best with either Dell or HP branded SAS drives. What limitations would I run into if I use generic Seagate SAS drives?
<ivoks> jsmith-argotec: and permissons on stuff in /var/run/crm look ok?
<jsmith-argotec> umm no.. hang on
<jsmith-argotec> all should be hacluster:haclient right?
<ivoks> do you have another cluster running on the same network?
<jsmith-argotec> no
<jsmith-argotec> uhh wait
<jsmith-argotec> maybe
<ivoks> quite possible, i'd say
<ivoks> and you didn't set authkey
<ivoks> or change the multicast port
<jsmith-argotec> let me check that!
<jsmith-argotec> ivoks: yes there are two 2 node clusters... wasn't thinking about the other set the other admin setup.
<ivoks> always use authkey in corosync
<jsmith-argotec> but.. both have secauth on, authkey created, both have 2 rings on 2 seperate redundant nics (2 direct connect, 2 LAN), and all 4 are different mcast addresses
<ivoks> always.
<ivoks> you need to change mcast port
<jsmith-argotec> so each cluster needs to use a different port at least on the common LAN even if different mcast addresses?
<ivoks> which mcast addresses do you use?
<jsmith-argotec> isn't that particular to corosync communications not pacemaker or am I way off?  'cause both nodes are members of the coro rings
<ivoks> both?
<ivoks> you have only two nodes?
<jsmith-argotec> one cluster: mcastaddr: 226.94.1.1, mcastaddr: 239.192.0.1.  second cluster: 239.198.10.1,  239.199.20.1, all port 5405
<jsmith-argotec> yes only 2 nodes in each cluster, 2 clusters
<ivoks> er
<ivoks> different mcast addresses on different nodes in the same cluster?
<jsmith-argotec> I can pastebin the corosync.conf if you like?
<ivoks> sure
<ivoks> oh, those are different rings
 * ivoks is around for next few minutes, and then I'm out of here
<jsmith-argotec> http://paste.ubuntu.com/10076093/
<ivoks> http://manpages.ubuntu.com/manpages/saucy/man5/votequorum.5.html
<jsmith-argotec> this is the config from the 2 nodes that are having the issue
<ivoks> SPECIAL FEATURES
<ivoks> two_node: 1
<jsmith-argotec> ivoks: but it has been working fine for months... or was that just dumb luck?
<ivoks> it works while there's no distruption
<ivoks> or if you reboot both at the same time
<ivoks> if you reboot one by one, all kinds of things can happen
<ivoks> i'm not sure that's the cause of your problem, but for start, your configuration is missing this important bit
<jsmith-argotec> OK will correct that one
<sarthor> Hi, I have ubuntu-server 14.04 running, when ubuntu export some text to pdf, I can not see arabic words in a proper way. irregular fonts showing, How can I fix this. HELLP please.
<hallyn> jdstrand: hm.  well, the thing is, the libvirt-qemu file ends in '}', so appending a rule doesn't suffice :)  i wonder why it worked in the karmic case.
<hallyn> i guess i'll just sed the file first...
<hallyn> wait, that's messed up
<hallyn> heh, mea culpa
<jdstrand> hallyn: actually, it would suffice cause the '}' corresponds to the 'profile qemu_bridge_helper {' child profile
<jdstrand> hallyn: (however, karmic didn't have that child profile)
<hallyn> yeah;  so i'm trying ot figure out why it's still not working
<jdstrand> hallyn: but if you're adding a rule that is covered by an explicit deny rule, remember that deny rules are evaluated after allow rules, so you may need a sed regardless
<hallyn> mayb ei'll just do /tmp/** rw
<hallyn> oh,
<jdstrand> yeah
<hallyn> i thought 'deny rules evaluated after allow rules' meant they are subservient
<jdstrand> deny /tmp/** r,
<jdstrand> /tmp/** r,
<jdstrand> the deny always wins that
<hallyn> near as i can tell i can't use testlib then
<hallyn> or, i'll just make a backup and then sed to my heart's content, i guess
<jdstrand> hallyn: you can-- just not with append
<jdstrand> hallyn: read in the contents, remove the deny rules, add your rule, then replace the file without appending
<hallyn> that seems more complicated
<jdstrand> testlib should support what I just mentioned
 * hallyn looks
<jdstrand> it is, but it means you can simply use a _restore() in the tearDown
<hallyn> i can still do that if i make the backup using testlib._bakcup
<jdstrand> hallyn: _update_config in test-libvirt.py does basically what I said
<jdstrand> hallyn: it could be much simpler for your case, but it is there for inspiration
<hallyn> jdstrand: ok, thanks
<jdstrand> np
<hallyn> i'd thought this would be a quick fix, but i'm messing it up at each attempt :)  there's still another but to fix before we can release, sigh
<jsmith-argotec> ivoks: I made the quorum change and both members rejoined.  Still getting the same error though
<dtscode> hey guys... i followed this https://www.digitalocean.com/community/tutorials/how-to-set-up-apache-virtual-hosts-on-ubuntu-12-04-lts but when i get to sudo a2ensite ts3.dtscode.io it says ERROR: Site ts3.dtscode.io does not exist! how can i fix this?
<justizin> is it just me, or does trusty not have add-apt-repository? *looks confused*
<justizin> i mean, i guess i can add it manually, it just seems like a lot of trouble has been gone to to make this simple..
<justizin> apt-cache search add-apt-repository also comes up empty for me
<sarnold> dtscode: did you name your config file with a .conf file extension? I think that's required
<sarnold> justizin: it's in the software-properties-common package
<dtscode> sarnold, thanks :D that did it
<justizin> interesting.. i guess i have typically gotten that by installing python-software-properties, but it now installs python3-software-properties
<justizin> i'll try to remember software-properties-common :)
<justizin> also i guess the official ubuntu vagrant virtualbox image doesn't have it, not sure if it's expected to be present.
<justizin> kind of seems like it makes sense to be, but i'm sure there was some long arcane e-mail flamewar that resulted in this decision. ;d
<sarnold> I suspect the truth is less interesting than you suspect :) hehe
<justizin> sarnold: likely. :)
<justizin> btw tks sarnold!
<sarnold> you're welcome justizin :)
<arcsky> hello i have some ubuntu servers at work. i wonder if there are any good mangment tool for upgrade and maintain all the servers
<sarnold> arcsky: many; landscape, ansible, puppet, chef, cfengine (ancient)
#ubuntu-server 2015-02-06
<joren> Hey, I'm trying debug my tftpd server but it seems to have stopped logging to syslog. I verified that the --verbose flag is set but I just can't figure out where it's logging to. anyone have any reccomendations?
<sarnold> joren: check old rotated log files
<joren> I just tried running it with -L to stay in the foreground and still no output, I'm thinking my tftp requests might not be making it to the server which is why I'm not seeing any logs
<sarnold> tcpdump? :)
<joren> eh, yeah, might come to that :P
<joren> I think the wrong darn dhcp server was running... ugh -_-
<Patrickdk> I had a rather useless tcpdump today :(
<Patrickdk> tcpdump on client machine
<Patrickdk> can access one ip fine, but not another a few ip addresses away
<Patrickdk> connection starts, ssl kindof gets setup, then server keeps sending dup packets, cause it doesn't get an ack
<Patrickdk> since tcpdump was running on the client, it is not an issue of the client ack getting lost, they didn't exist in the tcp dump
<Patrickdk> then like 50seconds later, some acks go out
<Patrickdk> then another 50seconds, it figured it all out, and fixed the mtu scaleback
<Patrickdk> insane, odd issue
<sarnold> "50 seconds" sounds like spanning tree protocol pain
<Patrickdk> want to look at the dump?
<sarnold> nothanks :)
<Patrickdk> :)
<Patrickdk> it's not big :) thankfully
 * X123 specializes in odd issues
<Patrickdk> spanning tree running on the clients win 8.1 desktop? :)
<sarnold> Patrickdk: ugh
<Patrickdk> really odd, and I doubt that dump is a proper sample of our real issue
<Patrickdk> that seems to be, likely, one of our clients got their domain *improperly* listed on virgins blacklist again
<Patrickdk> they keep thinking it's some porn site, no idea why
<sarnold> .uk? :)
<Patrickdk> uk, plus other random parts of eu too
<Patrickdk> but it seems virgin is the most *sensitive*
<pmatulis> i think there's a joke in there somewhere
<joren> "who-has es-pxe0" well that's not right, missing a dash :)
<dtscode> hey guys... i followed this to a T, https://www.digitalocean.com/community/tutorials/how-to-set-up-apache-virtual-hosts-on-ubuntu-12-04-lts and it worked before, but now its not working. any ideas why?
<sarnold> dtscode: iirc, the apache initscript has a 'configuration check' option; it's worth running that to make sure the config file parses properly, no errors, etc..
<sarnold> dtscode: if that doesn't report anything, check the logs, both for the specific virtualhost and generic error logs..
<dtscode> ok
<dtscode> and whats the init script again?
<sarnold> /etc/init.d/apache or apache2 or similar.
<dtscode> thanks
<tdelam> I need openssl 1.0.2 due to pci scan, I installed openssl via apt-get, I noticed apt only has 1.0.1, how can I install 1.0.2? Do I revert to installing from source?
<sarnold> tdelam: ugh. hate.
<tdelam> sarnold: ?
<sarnold> tdelam: I don't know why they always assume everyone builds their servers themselves...
<tdelam> yea :(
<dtscode> sarnold, im not seeing any help option. just {start|stop|graceful-stop|restart|reload|force-reload|start-htcacheclean|stop-htcacheclean}
<sarnold> tdelam: completely ignoring that nearly everyone runs something like ubuntu or debian or rhel or sles and uses packages with backported security fixes....
<sarnold> tdelam: maybe aim the auditor at this? http://people.canonical.com/~ubuntu-security/cve/pkg/openssl.html
<sarnold> dtscode: dang. maybe it's an apachectl command line option? I could have sworn it was offered by the initscript though :/
<dtscode> maybe it just always does a sanity check?
<sarnold> dtscode: but there should be a way t oget the sanity check without stopping a running server
<dtscode> hmmm... ill have to google
<sarnold> ... and get the messages to your terminal, rather than a log file ;)
<tdelam> sarnold: I've tried to argue with this but given the size of the company they only live on version number consistency. Sadly, we got bought out and now we're stuck trying to satisfy bigwigs.
<tdelam> I don't do IT, I just have access and know my way around Ubuntu from using it at home. Tthis is a bandaid solution until migration is complete.
<tdelam> I build software, not mess with this stuff :(
<sarnold> tdelam: this one feels worth pushing back on -- you'd have to rebuild all your services that use openssl to use your own from-source openssl
<sarnold> tdelam: .. and then you'd have to keep up on the security updates for openssl and all your other services yourself. That's what we're here for. :)
<tdelam> sarnold: well, happily this server is only a proxy server that onnly forwards requests to one web site. SSL is not even being used
<sarnold> tdelam: ha! sigh.
<dtscode> dtscode@dtscode:~/ackbot$ apache2ctl configtest
<dtscode> Syntax OK
<tdelam> yea, sarnold... I know.
<sarnold> dtscode: nice :)
<dtscode> :/
<sarnold> dtscode: so, time to go hunting through log files...
<tdelam> couldn't I just remove it?
<dtscode> sarnold, meh. i was hoping it was the issue. easy fix. yep. log file time
<sarnold> tdelam: maybe. worth a shot...
<sarnold> tdelam: d'oh. that'd remove openssh-server. that's not going to be a good solution.
<tdelam> sarnold: that's what I will do. Not a single thing OpenSSL is being used on this server, this server is nothing but a bandaid.
<tdelam> oh ssh has to be turned off
<sarnold> o_O
<tdelam> it's not even running, hasn't been in a few months. I do this all through some ugly java console.
<sarnold> what a wacky auditor..
<tdelam> I hate it.
<sarnold> *ahem* how's the resume?
<sarnold> sounds like a silly place to work
<sarnold> sorry :)
<tdelam> sarnold: I turned it off. I will ask him to do a dryrun before our official PCI scan in a few days.
<tdelam> sarnold: I don't work there anymore, I do some contract still at a VERY high rate.
<sarnold> tdelam: sweet. :)
<tdelam> Yep, thanks sarnold. All else fails; delete.
<dtscode> how can i tell what {APACHE_LOG_DIR} is?
<sarnold> dtscode: it's probably /var/log/apache*
<sarnold> hehe
<dtscode> ah thanks
<dtscode> nothing helpful in the logs :/
<sarnold> what helps me debug webservers is to have a tail -F *  in the log directory, then start hitting it with requests -- watch them as they happen..
<edenist> hey
<Anteac> anyone experienced with ispconfig autoinstaller?
<bigbrovar> hello guys.. am kinda new to quotas especially warnquotas.. I have setup quota for users in an nfs home dir.. that is working fine..  i read warnquota can mail any user who has gone past its soft limit.. my questions is... how can I indicate to warnquota the user email address. how does it determine the user email address.. I can't seem to find this information anywhere and this don't seem to be anywhere in the config where this info can be stat
<bigbrovar> ed
<arcsky> sarnold: thanks
<arcsky> morning, which ones do you guys recommend  landscape, ansible, puppet, chef, cfengine (ancient) ?
<Sling> for doing what, in what environment, scale, etc
<eren> hello
<eren> where are the source packages for openstack juno release? I can get the sources with "apt-get source" but I would like to see the source packages in some kind of a git tree
<eren> is it how it's developed?
<Sling> eren: probably better to ask in #openstack
<Sling> unless you specifically mean the ubuntu openstack package development
<eren> Sling: I'm asking for ubuntu openstack package development
<arcsky> i just have few (5-10) ubuntu servers i our company. and has not scale that good lets say 10 more. in next few years. running DNS,NTP,FTP,HTTP. Finance industry so has to be high focus on security
<eren> kernel team maintains git repository so that I can checkout and create debian packages
<eren> I would like to, if possible, do the same with openstack packages
<Sling> eren: can't seem to find it, weird launchpad stuff
<Sling> I ended up at https://jenkins.qa.ubuntu.com/view/Openstack_Testing/view/Juno/
<Sling> perhaps that gives some lead to where the actual repositories are with src :)
<eren> Sling: thanks! :) I guess I need to ask the actual maintainers. I hope it's in git repository
<eren> bzr stuff is really a pain
<Sling> indeed
<Sling> semi-opensource
<MaamuT> hi all \o
<MaamuT> sorry for my funny english, i'm french ;)
<MaamuT> 2 server with ubuntu 14.04 TLS
<MaamuT> in both : apt update
<MaamuT> in first : Hit http://mirrors.gandi.net trusty/main amd64 Packages
<MaamuT> in second : Hit http://mirrors.gandi.net trusty/main amd64 Packages 404 Not Found
<MaamuT> oops
<MaamuT> in second : Err http://mirrors.gandi.net trusty/main amd64 Packages
<MaamuT> arg, sorry
<MaamuT> in first : Hit http://mirrors.gandi.net trusty/main amd64 Packages
<MaamuT> in second : Err http://mirrors.gandi.net trusty/main amd64 Packages 404 Not Found
<MaamuT> same sources.list on both
<MaamuT> same provider
<eren> Sling: just got an email from maintainer, apperantly it's developed in bzr and lp, not git
<eren> need to learn bzr workflw
<lordievader> Good morning.
<YamakasY> hu guys!
<YamakasY> does someone have a good example for the sources.list without the i386 issues ?
<pruttel> Should sudo be a primary group for a sudo user or does this user only need to be member (what's the difference?)
<pruttel> From what I read now, I think, it does not need to be a primary group.
<rbasak> jpds: any opinion on bug 1418287 please? Do you have time to look it it before feature freeze?
<rbasak> https://bugs.launchpad.net/ubuntu/+source/unbound/+bug/1418287
<jpds> rbasak: Surely we can just sync from Debianfor unbound?
<jpds> rbasak: All we did in the Ubuntu package was enable the testsuite for main inclusion.
<rbasak> jpds: I see a fair few more changes than that: https://launchpad.net/ubuntu/+source/unbound/+changelog
<rbasak> jpds: a sync would be fine if the delta can be dropped, but I'm not familiar with the changes and so am not sure without further investigation.
<jpds> rbasak: I'll have to look at things once I'm back from the sprint.
<jpds> Looking at the build logs, Debian still hasn't enabled the testsuite... :(
<rbasak> jpds: thanks!
<bigbrovar> hello guys.. am kinda new to quotas especially warnquotas.. I have setup quota for users in an nfs home dir.. that is working fine..  i read warnquota can mail any user who has gone past its soft limit.. my questions is... how can I indicate to warnquota the user email address. how does it determine the user email address.. I can't seem to find this information anywhere and this don't seem to be anywhere in the config where this info can be stat
<bigbrovar> ed
<arcsky> what ubuntu mangment tool do you guys use for maintain your ubuntu servers?
<henkjan> arcsky: mostly apt and vim :)
<YamakasY> does someone have a good example for the sources.list without the i386 issues ?
<arcsky> henkjan: i mean system for mangement like apt-get update on all. GUI wise
<nivv> Hey guys! I have a group called www-data. This group is the owner of the folder /var/www/site
<nivv> I then have a user called mongo
<nivv> mongo can create files fine because he's in the www-data group.
<nivv> Then comes the user foobar and wants to edit the file mongo created, but he cant. Permission denied.
<nivv> This is because the file that mongo created didn't inherit the permission of the folder
<nivv> Why is that?
<ikonia> what groups is the usuer foo in ?
<nivv> www-data
<ikonia> what is the permissions on the file
<nivv> 644
<ikonia> so there you go
<ikonia> no write permission
<nivv> yes
<teward> nivv: 644 is too restrictive - that's -rw-r--r--
<nivv> I want user created files to be 664
<nivv> -rw-rw-r--
<nivv> but when Mongo creates a file it becomes 644 automatically
<ikonia> then set the umask
<nivv> Yes, ikonia , I've read some about it and ppl are saying it's a bad idea
<nivv> can you set umask on folder level?
<ikonia> if it's a bad idea, why do you want to do it ?
<jrwren> setfacl should let you, yes.
<nivv> Nevermind, I don't know
<nivv> basically I want all users in the www-group to be able to edit files in /var/www
<nivv> and it shouldn't matter who created them
<nivv> as long as they are in the www-data group of course
<ikonia> you'll need to set either ACL's or the umask
<nivv> hm okay
<teward> nivv: I question the need to put users into www-data anyways, because if it's a standard user without admin rights they could easily get db auth data and hijack the site and the db
<teward> but that's just my security paranoia at work
<nivv> teward, that's true I suppose
<nivv> doesn't really fix my problem though
<nivv> :)
<teward> nivv: no, it doesn't, i'm just making that security concern of mine known - you'll either need to set ACLs or the umask to do what you want to
<nivv> Yup, trying to find some good resources on how to do that
<nivv> teward, ik
<jrwren> nivv: setfacl -m d:g:www-data:rw /var/www/
<nivv> ah yiss
<jrwren> nivv: if you are publishing web content from multiple editors, there are likely many other better ways to do it.
<jrwren> nivv: keep your web content in source control and use a post commit hook to publish to the server for example.
<nivv> jrwren how so? The other guys are using sftp, the don't even know what git is
<nivv> they*
<nivv> jrwren yea, that would be ideal, but we have many small projects using the same cms, that is source controlled. can't really update all of them if I push a commit
<jrwren> nivv: I'm idealizing the world. Now is a great time for them to learn :)
<nivv> jrwren they're still using asp classic -.-
<jrwren> nivv: good times that was.
<nivv> jrwren what does the "d" and "g" mean in d:g:www-data:rw /var/www/
<jrwren> nivv: default. it sets the default for new files.
<nivv> jrwren okay, it didn't work :)
<nivv> It seems that if I create a folder it sets the permissions correctly, but not new files
<nivv> or scratch that, it doesnt
<jrwren> nivv: filesystem mounted with acl support?
<nivv> huh nope
<nivv> shieet
<nivv> that's sounds like a big thing to change?
<jrwren> nivv: no. update /etc/fstab and mount /PATH -o remount,acl
<nivv> is that all? I'm on a hosted vps, and that sounds scary :D
<nivv> isn't there any other way? ;)
<nivv> jrwren what does the PATH refer to?
<jrwren> nivv: whatever the mount point is. probably /, but you might have /var/www elsewhere.
<nivv> jrwren seems like standard /var/www ? https://www.dropbox.com/s/6xapm303nwi41f5/Sk%C3%A4rmklipp%202015-02-06%2015.27.28.png?dl=0
<jrwren> nivv: mount will show you which filesystems are mounted at which points.
<nivv> https://www.dropbox.com/s/193k1ce1ges3as7/Sk%C3%A4rmklipp%202015-02-06%2015.29.06.png?dl=0
<jrwren> nivv: yeah, go for it with / then.
<jrwren> nivv: a bit strange that you don't have devfs, sysfs, procfs and tmpfs mount points showing.
<nivv> Do I have to reboot or how do I remount?
<nivv> jrwren like this? https://www.dropbox.com/s/3wfrlhse5t0kjpx/Sk%C3%A4rmklipp%202015-02-06%2015.32.07.png?dl=0
<jrwren> nivv: no no no
<jrwren> nivv: undo all that.
<jrwren> nivv: lets not touch fstab for now, K?
<nivv> hah, sure!
<jrwren> nivv: sudo mount -o remount,acl /
<jrwren> nivv: just that.
<jrwren> nivv: then try that setfacl again.
<jrwren> nivv: use getfacl to confirm that the setfacl worked.
<nivv> hm, this seems somehow safer http://superuser.com/questions/612771/how-to-set-umask-for-a-folder-and-its-subfolder
<jrwren> nivv: if you can get that to work, go for it! :)
<nivv> I mean safer in a "at least I didnt bring down the server kind of way"
<jrwren> we have different definitions of safety in that regard :)
<jsmith-argotec> ivoks: you around?  still working on that pacemaker problem if you have a few minutes to help troubleshoot
<nivv> jrwren hm, I guess
<zzxc> Hey how do I change the mailserver from mailx to mailutils in ubuntu 14.04?
<zzxc> or more accurately the "mail" command.
<nivv> jrwren what should happen when I run sudo mount -o remount,acl / ?
<nivv> should I do the setfacl after that?
<nivv> I've already did it once
<jrwren> nivv: use getfacl to read the acls and see if you need to do it again.
<nivv> jr
<nivv> jrwren now or after? https://www.dropbox.com/s/rg9pi05lfbh3s5u/Sk%C3%A4rmklipp%202015-02-06%2015.42.37.png?dl=0
<jrwren> nivv: looks like the setfacl did not work because the fs was not mounted with acl support.
<nivv> When I did "sudo mount -o remount,acl /" I got bad option
<nivv> okay good
<nivv> "mount: / not mounted or bad option"
<jrwren> nivv: works for me. Sorry. I don't know why that would fail.
<nivv> jrwren alright!
<nivv> jrwren, it's strange that this little task i so complicated
<nivv> I mean, why even have group if the group doesn't allow the group to edit the files :)
<jrwren> nivv: it does of course. group has rwx, just like user and everyone
<nivv> Yeah but if a new file is created then it should be applied to the new file as well
<jrwren> nivv: should it? there is strong argument for both.
<nivv> jrwren, the only solution for us is to either to use ACL. Which seems to be a pain to setup, or we both have to use the same account :/
<jrwren> nivv: many other possible solutions when you take a step back and try to solve the bigger problem.
<nivv> jrwren I knowm I know
<jrwren> nivv: did you try http://superuser.com/questions/612771/how-to-set-umask-for-a-folder-and-its-subfolder yet?
<nivv> yes, But then you said something concerning security so I passed on that one :)
<nivv> you see, I'm like a 5 yr old child, if someone tells me something, it's the absolute truth
<nivv> :D
<nivv> it  did work, I tried it, but I don't know what consequences it might have on security.
<jrwren> nivv: it wasn't me. someone else said something about security :)
<nivv> Hah, alright
<nivv> I mean, if I set the umask to 002 then only users in the www-group can edit the files right?
<jrwren> nivv: no. you should probably read and fully understand modes and masks
<nivv> jrwren really a shame that I have to go. I need to get better at his. I
<nivv> The folder I'm talking about is owned by the group www-data, then that would only allow users in the www-group to edit the files?
<nivv> jrwren thanks for the help though!
<coreycb> zul, also need python-oslo.context in vivid
<coreycb> in adition to the oslo bumps
<zul> coreycb: it should be there
<zul> coreycb:  bah
<coreycb> yeah not seeing it unless I spelled it wrong
<coreycb> zul, test-requirements.txt for ceilometer needs gabbi(?) and pyhon-elasticsearch (in universe)
<zul> wtf is gabbi?
<coreycb> zul, https://pypi.python.org/pypi/gabbi/0.1.1
<zul> seriously
<lucidguy> Just enabled/configed eth1, it is responding to the network but iftop and iptraf does not seem to log any traffic, thoughts?
<sarnold> lucidguy: perhaps they enumerated the interfaces at start and don't periodically re-enumerate interfaces? check the docs, sometimes you can send daemons a signal to force them to re-initialize themselves
<adebayo> hi, pls i need help concerning openvswitch
<adebayo> there is a problem with the latest kernel and i need to remove it to install another one
<lucidguy> hmm, I have an ubuntu server that traffic packets were custom/changed to go out certain devices depending on source nic, where does one set that?
<sarnold> adebayo: run this to see what kernel versions you have installed: dpkg -l 'linux-image*' | awk '/^ii/ {print $1, $2, $3}'
<sarnold> adebayo: if one of those will suffice, you ought to be able to select a new kernel at the grub prompt when you reboot, if you have console access
<adebayo> I was told the one i install is  Package: openvswitch-datapath-dkms 2.0.2-0ubuntu0.14.04.1 which is causing the problem and i need to install another one without the datapath which i dont know how to
<adebayo> sarnord: can you pls help me out with that
<sarnold> adebayo: ah, so you need a different version of the module?
<adebayo> yes
<sarnold> adebayo: apt-get install openvswitch-datapath-dkms=..... -- where the ... are the version that you need; apt-cache show openvswitch-datapath-dkms  ought to show you the versions that are available
<adebayo> i have run the command you gave me the kernel is 3.13.0.45.52 amd64
<adebayo> hi sarnold
<Aison> is there some ppa with bacula version 7 packages for ubuntu
<Aison> ubuntu bacula packages are quite old
#ubuntu-server 2015-02-07
<teward> Aison: consideration point that Debian is pretty old too.
<teward> (probably why Ubuntu's is old)
<Aison> going to compile them myself. I guess
<Aison> maybe it would be nice to create a package out of it to distribute it over my other servers
<mach20x> Any development on an adaptive OS-hopping ostensible mesh-networking protocol?
<lordievader> Good morning.
<teward> is there any kind of IDS/IPS software that exists in the repositories for 14.04 that is updated?  Or am I better off just using Snort somewhere?
#ubuntu-server 2015-02-08
<wiehan> I have an endless boot cycle of "Attempting to start the RAID in degraded mode... started the RAID in degraded mode" I need help
<wiehan> How can I force boot a degraded RAID 1 from, say, the GRUB menu
<lordievader> Good morning.
<YamakasY> is there no cleancss package like uglifyjs ?
<wligtenberg> I want to configure dovecot to use imaps, previously, there was a line in dovecot.conf that went like this: protocols = pop3 pop3s imap imaps Now I cannot find that anymore...
<wligtenberg> ok, I fgured out that that line has been replaced by !include_try /usr/share/dovecot/protocols.d/*.protocol which in my case loads imap
<wligtenberg> But for some reason I still cannot connect to dovecot when I try openssl s_client -connect ip-adres:993
<wligtenberg> it times out
<wligtenberg> stupid me... the vps provider also applies a firewall :)
<YamakasY> someone running subversion edge here on this svn server ?
<ash_m> hey, so I read https://help.ubuntu.com/lts/serverguide/automatic-updates.html
<ash_m> and the notifications section lists 2 methods of sending mail for automatic-updates....
<ash_m> but it doesn't make it clear if (1) Unattended-Upgrade::Mail is required and apticron is ancillary; (2) You can configure Unattended-Upgrade::Mail or install apticron (3) Use either but both can be used togther
#ubuntu-server 2016-02-08
<Kimse> Anybody here ever tried to use automount inside a NAT'd LXC container to mount home directories shared via NFS? Can't get it to work on a NATd container
<twb> Waaaay back in 10.04, if you installed screen, it would pull in update-notifier-common, which would change the MOTD to remind you if there was a newer kernel to reboot into.
<twb> Can anyone tell me offhand if that's still the case?
<twb> That is: if I install update-notifier-common, will MOTD start warning about pending kernel updates
<twb> (I suspect this used to happen via byobu, and I have no idea what's happened in byobu.)
<tarpman> twb: yeah, update-notifier-common still does the motd updating stuff
<twb> Cool, so I can install just that and get that feature
<tarpman> http://packages.ubuntu.com/xenial/all/update-notifier-common/filelist
<twb> Thanks
<tarpman> twb: I think you might also need update-motd installed, if you don't already have it (looks like it's recommended by libpam-modules)
<twb> I'll find out if this change request gets approved :-)
<capitanocrunch> hello
<capitanocrunch> im newbie playing with ubuntu server 12.04
<capitanocrunch> i want to setup dns server but /etc/init.d/bind9 start fail
<twb> Unless you need to stick with 12.04, it is a good idea to install a newer release --- 14.04 will be supported for longer than 12.04.  And I guess 16.04 is due out next month.
<capitanocrunch> the issue with bind9 is: bridge.grumpy-troll.org/2012/05/pangolin-update/
<capitanocrunch> so if i upgrade the distro, it will work without no fix/workaround needed?
<twb> Don't know :-)
<twb> I use nsd3 rather than bind.
<twb> (But I'm weird, and I'm not a regular here.)
<twb> From the URL you gave, it's not clear to me what the issue is
<karstensrage> how do you guys deal with updating distros
<karstensrage> for many many servers
<twb> if $boss has his way, we just don't :/
<karstensrage> are LTS -> LTS updates reliable?
<twb> Assuming you use do-release-upgrade, they should be.
<twb> I've blown my foot off once or twice by doing something it didn't expect, like writing "auto lo eth0" in interfaces(5), which the upgrade script didn't understand.
<karstensrage> its seems like there could me a lot of stuff that has to manually updated if you change anything
<inteus> yeah, mmight be a bit more difficult if you have a lot of customization
<twb> In Debian, weird things are just documented.  In Ubuntu, do-release-upgrade tries to automate it with scripts.
<twb> The weirder you are, the more likely the scripts are to fall over.
<twb> Because I'm very weird, I prefer the Debian approach :-)
<twb> I also had problems where if do-release-upgrade crashed halfway, it didn't make any attempt to roll back
<twb> Since most of my gear is stuck of 10.04, I can't comment on recent upgrades
<karstensrage> seriously?
<twb> ya: 12:57 <twb> if $boss has his way, we just don't :/
<karstensrage> i get so much shit from the packaging community about wanting to put my packages on natty and saucy
<karstensrage> i keep telling them its not realistic to expect everyone to be on the latest
<karstensrage> i really dont like packaging
<twb> "it's behind a firewall so it doesn't matter if it's EOLd"
<nocontrol> can anyone please help http://stackoverflow.com/questions/35221886/export-foreman-workers-from-rails-app-to-systemd ?
<twb> "foreman" is some kind of software?
<nocontrol> yes, it's awesome
<twb> What version of systemd do you have?  systemctl --version
<twb> Unfortunately systemd's "No such file or directory" doesn't tell you *which* file it failed to access.  It could be seriapp.target, or some underlying file.
<twb> The fact that "systemctl start seriapp" reports seriapp.target instead of seriapp.service is suspicious.
<twb> What systemd units are you using / have you written?
<nocontrol> twb: systemd 215
<twb> Also you wrote "export systemd /etc/init", which seems wrong to me -- /etc/init is for upstart, not systemd
<twb> systemd jobs typically go into /etc/systemd/system/
<nocontrol> twb: I've done it wrong but now rvmsudo foreman export systemd -a seriapp -u deploy says I must specify a location
<nocontrol> twb: yes I removed that
<nocontrol> hmmm should I try with /etc/systemd/system ?
<twb> I don't know.  It is not clear to me what your setup currently looks like.
<twb> It sounds like you made several mistakes at once, fixed some, and some are still there
<twb> Can you pastebin a summary of what your system looks like right now?  e.g. "systemctl", "systemctl cat seriapp.service" "systemctl cat seriapp.target", &c
<nocontrol> twb: I 've looked for a log file but it seems there isn't any in /var/log
<twb> systemd writes to a "journal", this starts out in /run and moves into /var/log/ later.  You read it with "journalctl" rather than by catting files in /var/log/.
<twb> If you are using rsyslog (or similar), you might ALSO have logs copied back out of journald into traditional logfiles
<nocontrol> twb: systemctl cat seriapp.target doesn't return anything
<nocontrol> journalctl -> No journal files were found.
<twb> That is interesting.
<tiblock> Hi. Is there software to automaticaly restart script that exit. I know you can use bash for this, but is there some package for that?
<twb> nocontrol: what environment is this?  e.g. a regular Ubuntu 14.04 install, or what
<twb> tiblock: there are many ways to achieve that, which to use depends on your specific case
<nocontrol> twb: tbh it's a raspbian
<twb> nocontrol: for raspbian, this is the wrong place
<twb> !raspbian
<tiblock> twb, i just need to start binary file again when he crashes.
<nocontrol> twb: does it have any difference ?
<twb> On #debian it says: 18:25 <dpkg> Raspbian is a distribution <based on Debian> made specifically for the <Raspberry Pi>.  Raspbian is not Debian and it is not supported in #debian.  Please use #raspbian on irc.freenode.net for support.   http://www.raspbian.org/
<twb> nocontrol: I don't actually know!  That makes it hard to support :-)
<twb> tiblock: if it is a daemon, you can tell upstart or systemd to restart it
<twb> tiblock: if it is something like rtorrent, then the best way is different
<twb> nocontrol: you could also try asking the foreman or ruby communities, or #systemd.
<tiblock> twb, its not daemon, its handmade thing. I mean if i do "./prog" then when it chashes nothing happens. I want "relaunch ./prog" so it will restart on crash. Is there such "relaunch" software?
<twb> tiblock: hrm... I don't know of a good one
<twb> tiblock: here is one I wrote years ago: http://cyber.com.au/~twb/.bin/twb-loop
<tiblock> twb, okay, will use .sh scripts. Thank you
<twb> The simplest is: while ! ./prog; do sleep 1; done
<twb> But that does not do exponential backoff, logging &c
<twb> tiblock: you can ask #bash for help with writing scripts like this, but be aware they can be grumpy and rude :-)
<lordievader> Good morning.
<Kimse> Anybody here who can help me with an autofs/lxc issue: http://askubuntu.com/questions/729950/automouting-nfs-share-inside-natd-lxc-container-fails ?
<sb_9> hi folks
<sb_9> http://pastebin.com/UEyE83Ak
<teward> sb_9: iptables and ip6tables need to be configured individually
<teward> sb_9: so for permitted v6 addresses, you have to add ACCEPT rules for those sources going to that port
<teward> sb_9: i.e. ip6tables -I INPUT 1 -s ipv6-address -p tcp --dport 2070 -j ACCEPT
<teward> it looks like you already have one such rule in place though
<sb_9> teward: configured ipv6 tables to allow the known ipv6 address. But DROP Rule from Ipv4 fireall configuration is rejecting the connection.
<teward> sb_9: no, because v6 goes through ip6tables rules
<teward> NOT iptables
<teward> trust me, assuming iptables handled both v4 and v6 is how I got breached through the v6 IP on one of my VPSes
<teward> sb_9: are you getting timeouts or just "connection refused"?
<teward> connection refused could mean it's not listening on v6
<sb_9> teward: it allowed to make a connection when i removed the DROP rule from iptables.
<teward> sb_9: that's likely because you're not using v6 as expected
<teward> sb_9: if the iptables rule is blocking, then you're going over v4, apparently
<sb_9> teward: did i configured ipv6 wrongly.
<teward> ip6tables is the one that would be handling v6
<teward> sb_9: i can't say, i'm not at your location to do diagnostics - you have to make absolutely certain that the computer initiating the connection to the system is in fact using IPv6
<teward> for that connection attempt
<sb_9> teward: i have configured ipv6, but it is not working as i expected.
<teward> sb_9: configured on the server, or the system you're using to reach to port 2070 on the target server?
<sb_9> teward: configured on the server.
<teward> i'm not talking about the server
<teward> i'm talking about the client you're on
<teward> I.E.
<teward> which system is connecting to the server at port 2070
<teward> sb_9: telnet -6 SERVERIPV6ADDRESS 2070
<teward> after putting that iptables rule back in place
<teward> if it works, then you know it's not an issue with the v6 on the server
<teward> (yes it may not be telnet, it's just one way to see if there's a connection that can get through)
<sb_9> teward: then what should be the issue. do you mean client system is trying with ipv4 connection?
<teward> yes that's exactly what i'm saying
<teward> sb_9: if the client system doesn't have proper v6 it may be falling back to v4
<sb_9> teward: i am testing with telnet only. but didn't tried  option   -6 .
<teward> in which case ip6tables wouldn't see it and iptables would
<teward> sb_9: use -6 - it forces IPv6
<teward> sb_9: the client system you're using - does it have proper working v6?
<sb_9> teward: since my client is trying to connect it. i just asked to send him the ip address shown by Google. "my ip address".
<teward> make sure it's showing an ipv6 address
<teward> and if it is, then use `telnet -6` to *force* Ipv6
<teward> if it's still not working, then it could be a client-side configuratin
<teward> but if you don't *know* that you have properly-working IPv6, then that may be the issue
<sb_9> teward: it is showing ipv6 address only.
<teward> sb_9: with -6 does it try and connect?
<teward> (you never answered that heh)
<sb_9> teward: not yet. need to do. But if it fails?
<teward> then remove the ip6tables DROP rule and try again
<sb_9> teward: to test that I need to connect my client system
<teward> if it still fails, it may be your client system that's not doing v6 right, through whatever connection is in place
<sb_9> teward: okay. let me try it.
<sb_9> teward: thanks for your suggestion.
<teward> whee, power outage >.>
<m1dnight_> I have a server here at my lab which keeps getting zombie processes.
<m1dnight_> How can a process become a zombie process and not be collected by init?
<m1dnight_> Can the application itself cause that?
<necrophcodr>  alright, i have a huge issue with postfix and virtualmin. I've got a virtual and canonical mapping going, and I want to restrict sending email to ONLY be allowed from addresses in virtual/canonical db
<necrophcodr>  currently i've used smtpd_sender_restrictions = reject_unauth_pipelining permit_mynetworks permit_sasl_authenticated reject_unauth_destination reject_unlisted_sender reject_rbl_client cbl.abuseat.org reject_rbl_client zen.spamhaus.org reject_rbl_client bl.spamcop.net
<necrophcodr> i know a bit about how postfix works, but this one has me tied
<necrophcodr> i've read the ubuntu docs, and the postfix manuals including postconf(5)
<sdeziel> necrophcodr: you could probably add a check_sender_access (http://www.postfix.org/postconf.5.html#check_sender_access) to your smtpd_sender_restrictions
<necrophcodr> alright, so having a canonical and virtual db setup with postfix, how do you use that to reject emails being sent from the server, not listed in those db?
<necrophcodr> it can be as restrictive as possible or not, as long as only those in canonical/virtual maps are allowed to send
<sdeziel> necrophcodr: make the DB lookup via the check_sender_access restriction
<necrophcodr> sdeziel: is that really absolutely the only way? i mean if it is, it's what i'm gonna have to do, although that requires a different db
<sdeziel> necrophcodr: maybe this would be better suited: http://www.postfix.org/postconf.5.html#reject_unlisted_sender
<necrophcodr> sdeziel: the following is what i've been using
<necrophcodr> smtpd_sender_restrictions = reject_unlisted_sender, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject
<necrophcodr> it wasn't enough
<sdeziel> necrophcodr: odd. Maybe you could try debugging this with debug_peer_list. I'd also recommend checking postfix own IRC channel (if any) and/or the mailing list as I'm not familiar with postfix DB integration
<necrophcodr> sdeziel: thanks, i'll give both a shot.
<kuly-zu> when i run netstat i saw some PID/program-name has a -, even if it's run with sudo, why?
<teward> !crosspost | kuly-zu
<ubottu> kuly-zu: Please don't ask the same question in multiple Ubuntu channels at the same time. Many helpers are in more than one channel and it's not fair to them or the other people seeking support.
<sdeziel> kuly-zu: connections opened by the kernel shows has having a prog name of "-"
<daum_> hey guys - is there a good guide for the tuning of a server for high network activity.  We have a micro http service that is getting around 150k req/sec then makes at least one db request per to our db cluster over a second nic.
<ikonia> what is your current network through put
<ikonia> how big is each request
<ikonia> what does the processing of that request
<daum_> looks like 38MiB RX, 31MiB tx on the http bound interface, then 15MiB rx and 26MiB txt on the DB facing interface
<daum_> ikonia, the http requests are simple get requests
<ikonia> yes but what do they do
<daum_> processed by a netty app
<ikonia> whats serving them
<ikonia> what is load thats creating
<ikonia> how many requests are those stats for
<daum_> load right now is about 33% of capacity
<daum_> 150 req/sec  is the stats above
<ikonia> what makes you think it won't scale up ?
<daum_> just trying to look into tuning the network side same point we're tuning our app more
<ikonia> I think you'd need to look at a problem to "fix" rather than "generic" tuning
<ikonia> as what you change for A impacts B
<daum_> true makes sense
<daum_> i guess one question would be what to look for that points to network issues vs app level
<ikonia> it will really depend on the behaviour
<ikonia> depending on what's happening you'll get a few tell tail signs
<ikonia> but it depends on the situation,
#ubuntu-server 2016-02-09
<stwalcher> Hey guys, I'm hoping you can help me out on something. Just recently converted my webserver from CentOS to 15.10 and I'm running into a problem with uploading files via PHP. On the old server, there was no issue, but with this new one, I can only ever get an error 3 (file was partially uploaded). I have all permissions set correctly, and the php ini vars (upload max size, post max size) set to 512M. I
<stwalcher> t's honestly driving me a little crazy at this point.
<stwalcher> Also, weird thing, the POST and FILES superglobals are empty on it. A normal non-multipart form has them populate just fine, but using that kind of form kills them for some reason.
<stwalcher> Any ideas?
<tomreyn> "check your php + webserver logs."
<stwalcher> i have, and there's no entry for anything at the time of the upload
<stwalcher> i'm trying to see if there's a way to just debug the partial upload, but i haven't found a way yet
<tomreyn> increase log verbosity, check the webservers' configuration for maximum post size
<lordievader> Good morning.
<doda> ubuntu-14.04.3-server-amd64.iso fails to mount cdrom when installing from usb stick, everything works fine if i manually mount /cdrom
<Kimse> Anybody here ever tried to use automount inside a NAT'd LXC container to mount home directories shared via NFS?
<zetheroo> is there a firewall setup and running in Ubuntu Server 14.04 by default?
<mastahh|work> Hi all, I was wondering if it was possible to load a .sh file as soon as a user logs in to a Ubuntu server via SSH?
<teward> is the server team holding a meeting today?
<jgrimm> teward, yes there should be a meeting today
<teward> cool
 * teward waits
<jgrimm> beisner, are you able to chair today?  you are still at front of the queue since we cancelled last week's irc meeting
<beisner> hi jgrimm - i've got mtg conflicts (all/most openstack team does).  we may need to either adjust one of our mtgs, as it's a recurring conflict.
<beisner> jgrimm, i pinged gaughen and matsubara as next-non-openstack in line (internal chan).  sounds like gaughen also has a conflict.
<jgrimm> beisner, and matsubara is out on vacation all week
<jgrimm> beisner, i'll take
<beisner> jgrimm, much thanks
<jgrimm> no worries
<jgrimm> irc meeting time
<aziz> hay
<aziz>                         
<aziz> any one there
<pmatulis> yep
<Obi1kenobi> hi guys, not quite sure if that's the right channel to ask this question, but I have two servers, serverred and serverblue, on serverred I have 2 websites hosted. The websites are domain1.com and domain2.com. On serverred I have directadmin where there are 2 e-mail accounts active, email@domain1.com and email@domain2.com. Now I want to move the websites to serverblue and keep using
<Obi1kenobi> directadmin with the e-mail accounts on serverred. If the DNS of domain1.com and domain2.com will be changed so it points to serverblue instead of serverred, how can I redirect email@domain1.com and email@domain2.com to work with the new DNS of domain1.com and domain2.com ?
<sarnold> Obi1kenobi: you just need the MX records to point to the right hosts
<Obi1kenobi> hm sarnold MX record "domain1.com MX mail.domain1.com" in the DNS of the domain which is pointing to serverblue and in the directadmin on serverred an A record "mail A ip.of.serverblue"
<Obi1kenobi> would that be the setup?
#ubuntu-server 2016-02-10
<hallyn> smb: by chance do you have the fix for bug 1541810 in your xenial libvirt merge?
<ubottu> bug 1541810 in libvirt (Ubuntu) "libvirt-bin.service does not read /etc/default/libvirt-bin" [Undecided,New] https://launchpad.net/bugs/1541810
 * hallyn d/ls the trees to look at debdiff in any case
<hallyn> smb: cgmanager-dev should not be needed for libvirt in xenial
<smb> hallyn, the service should now read the right file I think, cgmanager could try to drop. But it would help to get this via email
<lordievader> Good morning.
<phpcoder> hello
<phpcoder> https://gist.github.com/anonymous/3275dc5e67b64c8be18b
<phpcoder> i cannot remove mysql-server-5.6
<phpcoder> how can i remove it brutally?
<lordievader> Can you reinstall the package to see if it creates the script? (apt-get install --reinstall)
<phpcoder> lordievader, nothing
<phpcoder> same thing...it can not creates the scrupt
<phpcoder> lordievader, should i remove it brutally_
<lordievader> No, that is a bad idea.
<halvors> Hi. The IPv6 connectivity of my server is now working propatly.
<phpcoder> lordievader, eh but i cannot install it
<phpcoder> or reinstall
<phpcoder> lordievader, how can i do that
<lordievader> What version of Ubuntu are you running?
<halvors> The roouting table looks just fine.
<phpcoder> lordievader, 15.10
<lordievader> phpcoder: Could you comment on bug 1455818 and mention you found it on 15.10 too? (Besides the bug report contains a workaround)
<ubottu> bug 1455818 in mysql-5.6 (Ubuntu Wily) "mysql-server-5.6.postrm fails when /usr/share/mysql-common/configure-symlinks doesn't exist" [High,Triaged] https://launchpad.net/bugs/1455818
<phpcoder> lordievader, i am not registered there
<lordievader> Do you mind making an account?
<phpcoder> lordievader,
<phpcoder> i see another user worte: "I just ran into this issue on my new install of Ubuntu Server 15.10."
<lordievader> I know.
<lordievader> But still, please do comment that it affects you too.
<purefan> Hello! I read http://www.cyberciti.biz/faq/linux-cve-2016-0728-0-day-local-privilege-escalation-vulnerability-fix/ and decided to upgrade the kernel of my server from 3.13-0-68-generic to something newer, but I dont want to do a dist-upgrade, just update the kernel. I found http://kernel.ubuntu.com/~kernel-ppa/mainline/ but dont know which one to choose...
<phpcoder> lordievader, i am doing it
<purefan> Ohh... and the ppa for trusty isn't here http://ppa.launchpad.net/kernel-ppa/ppa/ubuntu/dists/
<dholbach> hiya
<dholbach> can you guys please help out a bit with sponsoring?
<dholbach> http://reqorts.qa.ubuntu.com/reports/sponsoring/
<dholbach> we have a number of server/cloud related requests
<dholbach> roaksoax, ^ do you think you can please bring this up with somebody who can do a broader call for help?
<dholbach> (or anyone else really...)
<dholbach> Beret maybe too: ^
<Beret> dholbach, yeah, I'll help
<dholbach> thanks a lot
<dholbach> :-)
<Spyware> Hello, I want to use zabbix and I hesitate between ubuntu and debian server, which distro you advise me? Thank you
<coreycb> jamespage, ddellav:  ceilometer has a new dep on gnocchiclient but I'm going to leave it in universe and move it to Suggests.  I looked at MIRing gnocchi and gnocchiclient, but gnocchi in particular at this time is a rabbit hole of MIRs.
<gcmacmalloc>  I have the following issue with the cloudimg 14.03 on openstack: ALERT!  /dev/disk/by-label/cloudimg-rootfs does not exist.  Dropping to a shell!
<gcmacmalloc> anyone can confirm or infirm this ?
<rizzuh> I installed 14.04 in OEM mode. After installing and configuring, there is no oem-config program to run. What do I do next to reset the installation?
<SpamapS> rbasak, jamespage, utlemming, smoser: My old friends, I have a question for you about this MIR: https://bugs.launchpad.net/ubuntu/+source/libiscsi/+bug/1271653
<ubottu> Launchpad bug 1271653 in libiscsi (Ubuntu) "[MIR] libiscsi" [Undecided,New]
<SpamapS> would the server team be willing to triage for libiscsi? I'd like to enable libiscsi support in qemu so we can run nova in an unprivileged container.
<jamespage> SpamapS, so that does userspace based iscsi target access?
<SpamapS> jamespage: correct!
<SpamapS> jamespage: I also wonder if it might be useful for something like LXD or Docker to support that so it could inject a device node into the container without that container needing privileged access.
<SpamapS> jamespage: qemu already has support for libiscsi, but it has to be turned off in Ubuntu.
<jamespage> SpamapS, might have context there as well - are you working on getting bits of openstack running in containers?
 * jamespage read that into "I'd like to enable libiscsi support in qemu so we can run nova in an unprivileged container"
<jamespage> SpamapS, I'd be supportive of having libiscsi in main for qemu enablement
<SpamapS> jamespage: yes. :)
<jamespage> SpamapS, we should compare notes
<jamespage> :)
<SpamapS> jamespage: I'm actually proxying Jessie Keating from BlueBox, who you may see, commented on that MIR.
<jamespage> SpamapS, I saw
<sarnold> is that my old buddy who worked at rhat for a while?
<SpamapS> sarnold: indeed
<SpamapS> we're both over at IBM now. :)
<sarnold> SpamapS: cool :)
<jamespage> hah - this has been in since kilo
<jamespage> hallyn, zul, rbasak: ^^ I think this would make a nice additional generally for openstack - make sense to you guys as well?
<hallyn> ?
<jamespage> hallyn, libiscsi enablement in qemu - needs MIR for libiscsi
<zul> jamespage: +1
<jamespage> hallyn, mterry has +1'ed but it still needs security team review
<hallyn> +1 fromme,
<hallyn> of course
<hallyn> hopefully it's gone up not downhill :)
<jamespage> apparently so
<jamespage> I feel its going to be pretty light to added -server and -openstack teams for triage...
<jamespage> SpamapS, just needs  a sec team +1 now
<SpamapS> jamespage: thanks. I had poked them earlier and they suggested they're really busy right now, but I'd ask you guys to weigh in first so they can prioritize appropriately.
<sarnold> it's on our short list :)
<jamespage> \o/
<jamespage> sarnold, hopefully with neutron-vpnaas ?
 * jamespage crosses fingers :)
<SpamapS> jamespage: you are the best, thanks. :)
<SpamapS> is neutron-vpnaas still a forked l3 agent?
<jamespage> kinda
<jamespage> forked is harsh - it depends on the core l3-agent code and adds stuff I think
<sarnold> jamespage: interesting, I hadn't looked into it before.. yeah I can see why that'd be useful. it's not currently on our shortlist but we'll try to get as many done before relesae as we can
<SpamapS> jamespage: btw, I opened this bug for tracking the qemu change https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1544216
<ubottu> Launchpad bug 1544216 in qemu (Ubuntu) "libiscsi support is disabled" [High,Confirmed]
<kulyzu> is there a way to alias a command, like u[0-9]+ will be anything the user type like u1 u2 u3 ...u333
<hallyn> SpamapS: ok you sold me at unpriv containers
<sarnold> I have trouble seeing how libiscsi would help lxd beyond being an image store
<sarnold> actually 'mounting' any luns for container use would require the kernel's involvement, right?
<SpamapS> hallyn: right? ;-)
<hallyn> SpamapS: sarnold: that's where sforshee comes in handy i guess
<SpamapS> sarnold: Is there no way to have a user space daemon serve as the backing for a block device?
<hallyn> or just qemu-nbd
<sarnold> SpamapS: like a fuse but for block devices? dunno.. -can- fuse do that?
<sarnold> SpamapS: the only other usrespace iscsi support im' aware of is stgt, and that looks like it's primarily an iscsi target, and perhaps long abandoned..
<SpamapS> sarnold: yeah, no, targets aren't what this is about anyway, this is about clients.
<sarnold> yeah
<sarnold> i've only ever seen the initiators built into nics or the kernel -- or libiscsi with qemu :)
<patdk-wk> or, ipxe :)
<sarnold> oh :) nice
<tmartins> hey guys... When using cloud-init with OpenStack Heat, is it possible to have 2 "user_data" sections at the same time?
<tmartins> Like this: http://pastebin.com/7HiDpjWr ?
<ikonia> tmartins: I don't think so
<ikonia> (I don't KNOW though)
<tmartins> :-/
<tmartins> cloud-init is very limited...   :(
<nacc> tmartins: i'd ask in #cloud-init?
<tmartins> Mmm... Good one...   =P
<ikonia> it is very limited
<tmartins> yeah...   =/
<ikonia> I think thats it's design though - simple tasks to configure an image
<ikonia> it would end up being a workload to configure a server if it wasn't light and simple
<tmartins> basically, initially, I'm creating a user, then, I'll run a script, that will call Ansible
<tmartins> simpler -> complex
<coreycb> beisner, can you promote 1.4.1-0ubuntu1.2~cloud1 to juno-updates?
<coreycb> oslo.messaging
<beisner> o/ howdy coreycb - sure, looking ...
<coreycb> thanks beisner
<coreycb> beisner, can you also promote neutron 1:2014.1.5-0ubuntu2~cloud0 and 1.3.0-0ubuntu1.4~cloud0 to icehouse-updates?
<beisner> coreycb, hah, i was just reading serge's bug comment.   where's my neutron?
<coreycb> beisner, ah yeah that
<beisner> coreycb, ok oslo.messaging 1.4.1-0ubuntu1.2~cloud1 pushed from proposed to juno-updates in UCA
<coreycb> beisner, thanks
<beisner> coreycb, ok neutron 2014.1.5-0ubuntu2~cloud0  pushed from proposed to icehouse updates in UCA re: bug 1318721
<ubottu> bug 1318721 in neutron (Ubuntu Trusty) "RPC timeout in all neutron agents" [High,Fix committed] https://launchpad.net/bugs/1318721
<beisner> coreycb, fyi, promoted oslo.messaging 1.3.0-0ubuntu1.4~cloud0  icehouse-updates in uca for same bug ^
<coreycb> beisner, awesome, thanks!
<beisner> coreycb, yw
#ubuntu-server 2016-02-11
<acmehendel> can someone suggest how to deploy node on a prod machine?
<sarnold> probably it's best to get it from upstream and sbuscribe to their security list if they've got one; no one tends to the node packages in the archive so they may be a bit stale
<sarnold> .. unless you want to be the one to tend to the archive packages ;) hehe
<acmehendel> say I installed node.js under a user rather than root...how would I have node js launch automatically under services?
<sarnold> you coulduse upstart with proper user and group configuration options http://upstart.ubuntu.com/cookbook/  or you could use vixie cron's @reboot specifier (look in the crontab(5) manpage)
<mwhudson> rbasak: do you have opinions about maintaining packages in git vs just using git for merges?
<mwhudson> rbasak: and are they written down anywhere?
<rbasak> mwhudson: in the end I'd like to do both. That makes future merges easier, since every logical change will be a separate commit that could be rebased.
<rbasak> mwhudson: for now, don't worry about it too much though. The git merge process can adapt ordinary uploads.
<mwhudson> i'm not doing a merge here :-)
<mwhudson> just some fairly hairy surgery
<mwhudson> rbasak: do you use gbp much?
<rbasak> mwhudson: not much. I used to. I think git-dch may still make sense.
<mwhudson> is that sort of the opposite of debcommit ?
<rbasak> gbp's import function works well when maintaining an upstream directly
<rbasak> I never really understood debcommit
<rbasak> It just updates debian/changelog with the commit messages from previous commits.
<mwhudson> i've used it as a sort of one-off thing, gbp import-dsc current version, hack hack hack, get result uploaded, throw repo away again
<rbasak> Rather than updating debian/changelog with each commit, which is another common pattern.
<rbasak> Ah. For that, I use git-dsc-commit from my merge tooling.
<mwhudson> um, i thought it committed to vcs with commit messages taken from d/changelog
<rbasak> No, it's the other way round.
<mwhudson> but hey, i have commit rights in debian golang now so ...
<mwhudson> it would be nice to maintain the ubuntu stuff in git and push it to lp
<mwhudson> extra confusion from us being ahead on upstream version too
<mwhudson> eh i guess that doesn't really matter
<mwhudson> rbasak: do you have a replacement for gbp import-orig too?
<mwhudson> argh now i remember why i dislike gbp: cleaning up after a mistake is such a pain
<rbasak> mwhudson: no. I use gbp import-orig for example in maintaining MySQL in Debian. But for Ubuntu dev, I just treat upstream as part of the same tree.
<rbasak> (and just rely on Launchpad to keep the orig)
<rbasak> mwhudson: also I understand that pristine-tar is considered fundamentally broken and deprecated now.
<mwhudson> oh ok
<mwhudson> agh well i've messed up my repo enough for one night i think
<rbasak> Use tags and reset back. Can't mess up a repo then since you can undo everything.
<rbasak> (and you can use the reflog if you didn't leave tags)
<mwhudson> rbasak: well you have to reset back on two branches and delete 1-2 tags
<mwhudson> it's not impossible of course, just a bit annoying
<rbasak> mwhudson: I wonder if there should be some tooling around this. Essentially back up .git/refs and restore it, but in a safer way.
<rbasak> kickinz1: I'm reviewing ntp now. Tag "logical/new-ubuntu" is what I should be reviewing for upload, right?
<rbasak> Commit d4cc365?
<rbasak> Oh, you're on holiday.
<rbasak> Never mind!
<caribou> rbasak: I did the CVE review on another tag, let me fetch it for you
<caribou> rbasak: It was review/robie-1st-stage
<rbasak> caribou: OK, thanks.
<rbasak> That makes sense.
<caribou> rbasak: btw, I'm mostly done with the clamav merge but there are a few things I'd like some expert's eyes on
<rbasak> caribou: no problem. I can look after this ntp review. Do you want to leave me some notes?
<caribou> rbasak: yes, I'll get that ready for you in a minute
<caribou> where should I push the GIT tree ?
<rbasak> caribou: do you want to try the full MP review process we've been developing? I can tell you what to push where for that. It's good for peer review as well as sponsor/sponsoree review.
<caribou> rbasak: that's why I took the learning curve to use your git method so sure
<caribou> rbasak: I did my best to follow the server team Wiki article
<rbasak> OK so first in ~/.gitconfig:
<rbasak> [url "git+ssh://racb@git.launchpad.net/~racb/ubuntu/+source/"] insteadof = lpmep:
<caribou> rbasak: there might be some rough edges & missing bits but I think it is not so bad
<rbasak> insteadof is on a second line there, paste error. And replace both occurrances of racb with your own lpid
<rbasak> caribou: definitely rough edges and missing bits in the docs. And the exact process still. Feedback and wiki edits appreciated :)
<rbasak> Then, push to lpmep:clamav
<rbasak> You can push everything you like, since that helps with any review around the process.
<rbasak> For sponsorees, I would specifically like the logical/<old ubuntu> tag
<rbasak> And a "merge" branch for the actual proposed upload.
<rbasak> Then propose a merge for that merge branch against the "ubuntu/dev" branch in ~ubuntu-server-dev.
<rbasak> I see that does exist for clamav yet.
<rbasak> Does not exist
<rbasak> We will have an importer soon.
<rbasak> Until then sponsorees are requesting the branch be created (by me right now) first, so that the work can be based on it.
<rbasak> If done afterwards, it is still possible to rebase upon it, but that is a little painful.
<rbasak> So not sure what you want to do there. The totally accurate (process-wise) way to do it would be for me to import and then for you to rebase, but I appreciate that's painful and maybe not worth the effort.
<caribou> rbasak: maybe the best for now is just for me to push my git repo so you can look at it with my upcoming comments
<caribou> rbasak: then once everything is ok, I can upload it the normal way for now
<caribou> rbasak: then we can arrange the proper git repo for the next merge
<caribou> how does that sound ?
<rbasak> caribou: sure, that's fine.
<caribou> rbasak: I'm finding a few more things as I'm writing the notes so I'll fix those along so it'll be a bit longer 'til I send it your way
<rbasak> OK, no problem. I'm still working on NTP.
<dannymichel> pressing up to go to past commands gives me weird character like '^[[Aâ any ideas why?
<hateball> dannymichel: how are you connected to the console
<dannymichel> Just normal ssh via Mac terminal hateball
<hateball> hmmm, usually get such issues if I connect with weird encoding, but OS X should be using utf8 as well
<hateball> dannymichel: and you're not holding ctrl or any modifier key down? :p
<dannymichel> not holding any keys down, no
<hateball> I've no experience with OS X really so I can't say. Can you see if you get the same issue locally or using a linux ssh client?
<dannymichel> it doesnât happen when Iâm logged in as root
<hateball> root on OS X or ubuntu?
<dannymichel> ubuntu
<hateball> heh
<hateball> check what locale the regular user has then
<hateball> compared to root
<dannymichel> not sure if i get your meaning
<dannymichel> one thing thats different about this user is that bash starts at just $ rather than a username like dmichel@s:~$
<hateball> is their shell even bash
<mikky> hi, how am I supposed to turn around network interface on a 14.04-based server remotely and still be able to connect to it afterwards?
<patdk-wk> what does, turn around, mean?
<mikky> reload settings
<maswan> you mean restart networking or ifdown+ifup? the second you can do in screen(1) on one command line with "ifdown eth0; ifup eth0". Of course, it is better to do it over an OoB console login
<patdk-wk> I have never found any reason to do that ever
<maswan> I have, fairly frequently actually
<patdk-wk> the only thing I can think of, is to switch from/to dhcp/static
<maswan> like swiching from dhcp to static, adding ipv6, moving to a bridge
<patdk-wk> anything else, you can adjust without taking the interface down
<patdk-wk> and even that, you can, just harder
<maswan> yes, but that doesn't test that your new interfaces is correct
<mikky> sorry, forgot to mention its a bond interface, set up as static. Somehow it works on boot but at runtime, it seems to fail. "restarting" the interface after changing network/interfaces is important if you want to be sure it will set up correctly at boot
<maswan> My primary suggestion is to login over the console to do this
<maswan> Otherwise, one command line in screen works if you make no mistakes
<maswan> If you make mistakes, you need the OoB console login anyway
<mikky> accessing the console is possible but it's a complicated company process, security-wise
<maswan> then I suggest you don't make mistakes. :)
<maswan> having a second interface would also help
<mikky> ok, seems the problem is with bonding rather than network setup. I keep getting "waiting for slave to join bond0" for 60 seconds and then failing. But if I then ifup all the bonded slaves, it get up automagically. At boot, on the other hand, the bond get configured correctly.
<patdk-wk> what is in your interfaces file?
<mikky> it's rather long, the machine's got quite a few other interfaces. let me pull the relevant parts
<mikky> interfaces: http://pastebin.com/rJCKEgss
<mikky> i've tried both bond-slaves p3p2 p3p1 and bond-slaves none. No obvious difference.
<patdk-wk> hmm, dunno
<beisner> coreycb, ok, to confirm:  *-icehouse x next + stable ... and trusty-liberty x next + stable  ...  all @ proposed?
<beisner> for deploy/tempest sru checks
<beisner> coreycb, or, feel free to trigger at will  :-)
<coreycb> beisner, sure I'll go ahead
<coreycb> thanks
<beisner> coreycb, ok cool.  yw & thanks too
<beisner> jamespage, re-confirmed 14:17:44 ceph/0 does not have pool: cinder on the ceph erasure pool test
<beisner> coreycb, can you confirm - will the icehouse uca sru pull all of these?   http://pastebin.ubuntu.com/15016392/
<coreycb> beisner, yeah basically we just need to flush everything from http://reqorts.qa.ubuntu.com/reports/ubuntu-server/cloud-archive/icehouse_versions.html to updates
<beisner> coreycb, ack
<rbasak> kickinz1: argh. I missed that pps-tools is in universe, and ntp is in main.
<coreycb> beisner, can you promote horizon and neutron from trusty-liberty proposed to updates?  testing is complete.
<coreycb> beisner, might as well also promote qemu as it was included in the testing.
<AapjesKijken> hi good evening all
<tarpman> good morning
<AapjesKijken> how are you?
<tarpman> not totally awake just yet :)
<AapjesKijken> hehe maybe koffie?
<tarpman> in progress
<AapjesKijken> nice, take it easy
<AapjesKijken> do you know ubuntu good?
<teward> AapjesKijken: asking a real question will help
<tarpman> teward: so hasty :)
<teward> tarpman: you try dealing with people saying "hi who knows ubuntu" in #ubuntu every day
<teward> :p
<tarpman> ^^
<teward> having said that, real questions DO actually get you better replies
<teward> so just asking if someone knows Ubuntu gets you nothing worthwhile, as that's not a real question
<AapjesKijken> my english is not so good but i will try
<AapjesKijken> haha sorry for that, this all is new for me
<AapjesKijken> if i have dowloaded ubuntu and i want install ubuntu
<ogra_> teward, and it is kind of redundant inside an #ubuntu-* channel ;)
<AapjesKijken> but if i wanna instal it there is a problem and i can't install it
<AapjesKijken> sorry for that, but i'm new and don't know how i can start that question :$
<AapjesKijken> somebody speak dutch?
<teward> ogra_: indeed
<teward> !dutch | AapjesKijken
<ubottu> AapjesKijken: Nederlandstalige ondersteuning voor Ubuntu (en vers gezette koffie) is te vinden in #ubuntu-nl
<teward> i think
<AapjesKijken> thank you, i go try it again
<nacc> smoser: for the eventual removal of php5 (or say tomcat7) ... how do we sync the removal from the archive with the seed update? or woudl that be the last thing the admins would help out with?
<smoser> nacc, well i think you'd do the seed update first
<smoser> which woudl drop it from main
<smoser> and then at leisure archive admin can remove it from archive.
<smoser> to clear it up for me, we're going to not have php5 packages when debian would, right ?
<AapjesKijken> do some body now were i have to be for penetration testing/hacking? (wanna learn, now i have to sit home for few  months) ..
<nacc> smoser: right, same for tomcat7 possibly
<nacc> smoser: so i supposed we'd also need to avoid sync'ing automatically?
<smoser> yeah, i dont actually know how that happens.
<smoser> ive never dealt with a package that ubuntu did not want to have that debian did have.
<AapjesKijken> very iritating ..
<rbasak> nacc, smoser: autosync ignores anything with "ubuntu" in the version string in Ubuntu.
<rbasak> It might be worth changing the seeds first, because though that'll through up a ton of component mismatches, then we know that things destined for main are built correctly with only main enabled. I'll defer to slangasek or infinity or some other archive admin though.
<ogra_> arent we in DIF already anyway ?
<rbasak> ogra_: DIF is synced with FF nowadays, so no.
<ogra_> ah, but only a few days away :)
<rbasak> Yes, it is tight :-/
<nacc> rbasak: ok, i'll ask them that separately
<beisner> coreycb, delayed response - do we have a bug and a card for the T-L promotions?
<coreycb> beisner, no it's just the results of auto-backports from trusty SRUs that I wasn't a part of AFAIK
<coreycb> beisner, sorry yes theres a card, no bug
<beisner> coreycb, got it, thx
<wk-work> is there any way to configure an network network interface with kickstart with additional routes? just specifying the ip, netmask and gateway is not enough to get network access.
<beisner> coreycb, promoted from proposed @ liberty cloud archive:  horizon 2:8.0.1-0ubuntu1~cloud0, neutron 2:7.0.1-0ubuntu1~cloud0, qemu 1:2.3+dfsg-5ubuntu9.2~cloud0
<coreycb> beisner, thanks
<haidar_> hello , I would like to create a cisco router on ubuntu server after I download dynamips and dynagen and during the procedure need to create a dynagen configration file I already have the configration but How can I create thats file also where should put the file to run the Dynagen any Idea please??
<genii> haidar_: /etc/dynagen.ini
<haidar_> thanks sir
<genii> ..is where you want to put the file, and what it's name should be
<genii> :)
<genii> haidar_: Might also want to point your web browser at: file://usr/share/doc/dynagen/docs/tutorial.htm
<haidar_> ok sir create a folder or just type like that
<wk-work> is there any way to configure an network network interface with kickstart with additional routes? just specifying the ip, netmask and gateway is not enough to get network access.
<sarnold> do you need it during the kickstart or after the install is over?
<sarnold> can you specify 'up' lines in /etc/network/interfaces in the kickstart?
<wk-work> i need it during install yeah
<wk-work> sarnold: thats what i'm asking if i can, i need it both during and after
<sarnold> if you need it during install then perhaps the /etc/network/interfaces direction won't help much..
<sarnold> can you run arbitrary scripts during kickstart? or is it entirely declarative?
<wk-work> basically, we're using a kickstart file for automating VM installations. all vms are issued global ip addresses (not natted or on a local network) but require additional routing to get internet connectivity.
<rbasak> wk-work: OOI, why aren't you just using Ubuntu cloud images instead of messing with "installations"?
<wk-work> we're using KVM
<sarnold> wk-work: it might be a touch more work but this sounds likes omething that ought to be done via ubuntu's cloud images, which have cloud-init support built in.. not that I know how to do the multiple routes with that off the top of my head either, but i know cloud-init makes it easy to supply scripts, files, etc..
<rbasak> That's fine. Ubuntu cloud images work with KVM.
<wk-work> never even heard about that
<wk-work> my google-fu has failed me
<rbasak> Google for "cloud-init". It's pre-installed on Ubuntu cloud images.
<rbasak> You boot a pristine, official image. cloud-init runs inside and sets it up sensibly on first boot. That's it - done.
<rbasak> You do need to tell cloud-init what you want (eg. ssh key or something else to make the system usable)
<rbasak> Look up cloud-init docs on how to do that.
<wk-work> ah i see, the thing is we're using a web interface for creating VMs, much like solusvm
<wk-work> let me take a look
<sarnold> rbasak: does uvtool serve the cloud-init data to the cloud images? I always get a bit confused about how you actually feed cloud-init data :)
<rharper> sarnold: via config drive (cloud-init)
<rharper> sarnold: uvtool creates a second disk (iso format) and use cloud-localds to write out the userdata and metadata
<sarnold> rharper: aha ;) thanks!
<rharper> sarnold: sure
<VelusUniverseSys> hello all im not to sure if this is the best place to ask but where can i get a bit of software to stream playlists to an icecast server? does anyone know any good bits of software?
<sarnold> apt-cache search icecast playlist   :)
<VelusUniverseSys> hmmm give me a few to look at, im needing something that would do video lol
<VelusUniverseSys> and easy to set up and have the list updated daily?
<VelusUniverseSys> hmmm ezstream seems good but i cant find docs
<VelusUniverseSys> lol
<VelusUniverseSys> got them lol
<nacc> rbasak: smoser: for demoting php5/promoting php7... shoudl i go ahead and send the seed update for php5 demotion now? it might lead to some component mismatches, but if i can get swig going (slogging through it on the side), they will be resolved by the end of the php7 update. Should it be two merge requests? one to demote and one to promote? Or is it better to do it in one commit and be sur there is s
<nacc> ome php available in the seeds?
<VelusUniverseSys> sarnold, how would i do a apt-get install ezstream to include suggested pacakge
<sarnold> VelusUniverseSys: you can use apt-get install --install-suggests ezstream   if you want to include the Suggested: packages too
<sarnold> VelusUniverseSys: note that that is recursive, which might mean that it installs a lot more packages than you really need
<VelusUniverseSys> thanks
<VelusUniverseSys> geese 2682 to intnall lol thats a lot lol
<VelusUniverseSys> thanks god my hosting company gave me 100tb of space for free lol
<sarnold> packages? o_O or kilobytes? or..
<VelusUniverseSys> packages
<sarnold> that seems .. wrong :)
<VelusUniverseSys> thats what it said lol its a new system
<sarnold> I've got 2847 packages on my system now, it's been through 3.5 years of upgrades, installing packages on a "geewhiz that looks neat" basis, etc :)
<VelusUniverseSys> hmmmm ok
<VelusUniverseSys> i now just need to know how a playlist is set out like how does the format look like for m3u so then i can create a php script to do it in the backgound every day lol
<nestor_> ubuntu/nginx/php5 I set memory_limit=512M but limit shows as memory_limit=256M - Any ideas?
<nestor_> I set it in the /etc/php5/fpm/pnp.ini
<VelusUniverseSys> try a phpinfo() and check there which php.ini file its reading from? it may be reading from somewhere else
<sarnold> pnp.ini?
<VelusUniverseSys> i think he ment php.ini
<nestor_> I create a phpinfo.php file and that is the one I am looking at.  I also copied it somewhere else and still the same memory_limit
<VelusUniverseSys> hmmm
<nestor_> I can see that the loaded config file is /etc/php5/fpm/php.ini
<VelusUniverseSys> sarnold, can you think of a php script that can create a m3u playlist
<sarnold> VelusUniverseSys: sorry, never looked for one
#ubuntu-server 2016-02-12
<VelusUniverseSys> grrr
<sarnold> VelusUniverseSys: does it need to baslically do something like "for every file in every directory, output this name with this server"? Or do you want some pretty clicky thing that lets you drag and drop files and directories and so on?
<VelusUniverseSys> i will find one lol i will create one where it would collect data from an mysql table, the table will have something like time, file, name, duration, extention and maybe some more that wont need to be on the play list. it just needs to grab info from the db and then create the list
<sarnold> I suspect there are many such tools already written :)
<VelusUniverseSys> it would need to be like all files from x time for 24hours (i will also need to include a ads rotator aswell
<sarnold> if you want to create one don't let me deter you -- but if you just want the job done, I suspect it already exists
<VelusUniverseSys> yeah but im struggling to find one lol i can do the collecting of the data but doing the play list is hard
<VelusUniverseSys> sarnold, it seems to want to install postfix aswell lol i wonder why
<sarnold> VelusUniverseSys: probably php pear::mail() or something like that
<VelusUniverseSys> sarnold, it wants to install to much lol it wnated to intstall things like icecast (which is on another server) how would i get it to install ezstream wit certian other packages that are suggested lol
<sarnold> VelusUniverseSys: you can also apt-get install the specific Suggested: packages by hand
<VelusUniverseSys> ok
<sarnold> that means you don't need the --install-suggests -- which can really help cut down on how many packages get installed
<VelusUniverseSys> yh
<VelusUniverseSys> it only suggested a few but when i done that it gave tones lol i think its because the few need so ,amy
<VelusUniverseSys> many
<VelusUniverseSys> but i think i have found a way around the problem for the php system i just need to create a file with the extention .m3u and have it connect to the mysql grab the list and then have it put it in the file but it will be complex as i will need to incorparate a ad system too which will be harder lol
<sarnold> VelusUniverseSys: consider looking at these things http://idjc.sourceforge.net/ http://www.rivendellaudio.org/
<sarnold> VelusUniverseSys: http://aras.sourceforge.net/
<sarnold> I can't recall the name of the tool now, I once did some internet radio with something that plugged into jackd... but I can't find it again on http://jackaudio.org/applications/
<smoser> i think the seed early is ok.
<VelusUniverseSys> thats for audio though mins video
<smoser> but i would ask someone in ubuntu-release
<VelusUniverseSys> i will be doing it my self now i know how to do it lol i will be able to get a lot more
<VelusUniverseSys> ?
<VelusUniverseSys> grrr i have a program thats slowing my pc down grrr
<VelusUniverseSys> this orogram is crap and anoying
<VelusUniverseSys> hey i went to oggcamp last yeah and there was a ubuntu stall on and they was playing big buck bunny, and i thought the guy at the stall looked a lot like the bunny lol
<VelusUniverseSys> sarnold, i have it working now yay but i need to get the video.js to work lol
<sarnold> VelusUniverseSys: nice
<VelusUniverseSys> yeah if you look at the streaming channle its tiny lol
<VelusUniverseSys> sarnold, do you know video.js by any chance?
<sarnold> VelusUniverseSys: never heard of it
<VelusUniverseSys> its working now i just had a / at the end
<VelusUniverseSys> well sort of working its just a green screen it did that before aswell i think i need to tweek it slightly
<VelusUniverseSys> sarnold, do you know icecast at all ?
<sarnold> VelusUniverseSys: not really, I haven't looked at it in a decade or so
<VelusUniverseSys> ok
<k2gremlin> Hello all, setting up a site-to-site OpenVPN. Server side LAN clients can ping Client side LAN clients. However, Client site LAN cannot ping server side LAN. tcpdump on the Ovpn server shows icmp both direction on the ETH interface to the Server LAN.. but the TUN interface only shows inbound icmp. Thoughts?
<XinZhao> hey all
<XinZhao> I am running ubuntu server in a vm
<sarnold> k2gremlin: how about tcpdump on the server-side machine that's being pinged? maybe it's set to respond to only certain pings, or drop pings, or drop icmp entirely?
<XinZhao> oh wait nm
<k2gremlin> sarnold, the server side client I am trying to reach is Windows Server 2012 with DC. Firewall turned off
<sarnold> k2gremlin: maybe try different protocols? traceroute? tcptraceroute?
<k2gremlin> sarnold, well another symptom just popped up.. from the CLient Side LAN PC.. I can ping 192.168.1.85 which is a Ubuntu Desktop VM on the Server LAN.
<k2gremlin> sarnold, However, from the OpenVPN Client.. machine, I cannot ping that IP
<k2gremlin> so freaking weird
<k2gremlin> When I trace from my PC, it shows hops through the openvpn client to the openvpn server
<VelusUniverseSys> sarnold, i got the ezstream working now lol
<sarnold> VelusUniverseSys: nice :)
<VelusUniverseSys> now im just going to create some legall docs for the company lol this will be fun to do
<VelusUniverseSys> if you want sarnold can check the stream out
<sarnold> sure
<VelusUniverseSys> http://stream.virtualworldtv.tk:8000/channel1
<sarnold> woo
<sarnold> video plays and everything
<VelusUniverseSys> yeah thats on constant run till i work on the php script and the other bits and get the content i need
<k2gremlin> VelusUniverseSys, That stream is nice.
<k2gremlin> udp stream?
<VelusUniverseSys> nope http stream i am using icecast2 and ezstreamer
<sarnold> impressive that it survived as well as it did from turkey to west coast us :)
<VelusUniverseSys> from turkey?
<sarnold> .tk ?
<VelusUniverseSys> that only the domain its from manchester uk lol i will be getting a new domain eventually
<sarnold> ahhhh
<VelusUniverseSys> and .tk is tiki ilands its free
<VelusUniverseSys> i thiknk tiki islenads
<sarnold> sigh can't belieeve I screwed that up :)
<VelusUniverseSys> its ok its easy
<sarnold> it's been years since i've talked with my turkish pal though..
<VelusUniverseSys> sorry the tokelau territory of new zeland
<VelusUniverseSys> awwww
<k2gremlin> sarnold, Any chance you could look over my setup via Join.me or teamviewer?
<k2gremlin> sarnold, this vpn connection is really kicking my butt
<sarnold> k2gremlin: sorry, i'm done thinking for the day, just a few email replies left and i'm off to hunt down some dinner..
<sarnold> k2gremlin: my generic debugging advice may help though: (a) read the logs on all the involved systems -- dmesg, syslog, openvpn, etc. tail -f on all of em..
<sarnold> k2gremlin: (b) test different layers: icmp, udp, tcp, both with IPs and DNS names .. try to find bits which work and bits which fail
<Xin> hey guys, I have a smb share mounted from a windows box
<Xin> I added it to my fstab which looks likee...
<Xin> http://prntscr.com/a25ree
<Xin> but there's no files in there when I open the folder
<Xin> folder permissions are 777
<Xin> it was working when I was mounting under /media/
<sarnold> try "mount /var/www/html/_google" and see if that fixes it
<Xin> hmm ok
<VelusUniverseSys> finding a legal template is hard lol
<Xin> yeah that did fix it
<Xin> how can I make it work correctly via fstab ?
<Xin> @ sarnold
<sarnold> Xin: try adding the 'auto' keyword to the option column -- see the fstab(5) manpage for details
<Xin> ok ill give that a go, thanks mate
<Xin> hmm nah that didn't seem to work
<sarnold> 'auto' should cause it to be mounted at reboot; how did you test that it was working?
<Xin> opened it, there was no files, ran the command you gave, opened it, there was files
<Xin> added auto as the first option in fstab line
<Xin> rebooted
<Xin> no files
<Xin> ;(
<sarnold> Xin: to make sure, when you say "first option", you mean you changed "guest,uid=1000,iocharset=utf8" to "auto,guest,uid=1000,iocharset=utf8", right?
<Xin> yessir
<Xin> unless there's an invisible char in thereeeee....
<sarnold> hehe
<Xin> but there doesn't seem to be
<sarnold> Xin: is there anything useful in /var/log/upstart/mountall*  ?
<Xin> lets seeeee...
<Xin> no logs in /upstart/
<sarnold> ah, are you on a new enough release that it's using systemd instead?
<Xin> very latest, not sure though
<Xin> the folder for upstart does exist
<Xin> but yeah, empty
<Xin> no systemd folder
<sarnold> it might be something journalctl for the mountall service..
<sarnold> you could also try systemd's native mount units: http://manpages.ubuntu.com/manpages/wily/man5/systemd.mount.5.html
<Xin> this is all a bit foreign to me sorry, I generally only use ubuntu-server for basic lamp stacks
<Xin> I just use vm's though and my file storage is external as it's accessed by many servers
<sarnold> heh, and I haven't used a systemd system yet -- and I haven't used samba / cifs mounts in 15 years or so.
<Xin> haha, well its less confusing than "automagic" vmware file shares
<Xin> which just add a layer of complexity
<VelusUniverseSys> sarnold, you may be able to help me with this one, i have a virtual user email setup with postfix-mysql and wondered if i used an alieas as no-reply@.... to go to inbox webmaster@.... can i smtp into webmaster@.... and use no-reply@.... as the sending email? it would be done through php
<sarnold> VelusUniverseSys: there's generally no checking at all of the From: headers on outgoing mails
<VelusUniverseSys> ok
<sarnold> Xin: hehe yeah, I'd rather control that myself too
<VelusUniverseSys> i hate my development pc its crashing again lol
<Xin> is there just like a .sh script I can add that mount line to?
<Xin> thats executed at startup by default
<VelusUniverseSys> but then i do have 5 ssh open god knows how many web pages open with 4 browsers lol and other things lol
<sarnold> Xin: maybe /etc/rc.local ? does that exist on your system?
<sarnold> VelusUniverseSys: I often have a dozen VMs, a dozen ssh sessions, and firefox open with 200+ tabs. That ought to work fine..
<VelusUniverseSys> yeah but i have other things on like netbeans its on windows aswell i have at the bottom about 80 folders open 3 email clients 7 office docs notepad++ with loads of tabs this calander zoiper (vboip phone) skype, steam and more
<sarnold> netbeans, is that a java IDE?
<VelusUniverseSys> yes
<sarnold> aha. "Good Luck". :)
<VelusUniverseSys> its the best i have found that is good enough for more than one type of work
<Xin> sarnold, there's a bunch of rc#.d/ folders
<sarnold> Xin: anything with 'local' in the name? :) that'd be the place to put it if it exists..
<VelusUniverseSys> oih yeah i also have firestorm open connected to secondlife
<sarnold> VelusUniverseSys: to each their own of course but that's a likely reason why things are slow, hehe
<VelusUniverseSys> yeah its that that is the slowest atm
<Xin> sarnold, doesn't appear to be
<Xin> the numbering looks like it just ccontrols the batching order of commands
<Xin> hmm
<sarnold> Xin: hmm. well, you could also use @reboot in the crontab but .. that might rnu before networking is up, etc. really, if fstab doesn't work then I'd go with the systemd mounting unit thing.
<sarnold> alright, time to bail,good luck xin :) have fun VelusUniverseSys
<VelusUniverseSys> i w3ill
<Xin> later :)
<Xin> hmm
<Xin> I just checked man  fstab
<Xin> there's a noauto option
<Xin> but doesn't list auto
<Xin> suggesting that's the default
<Xin> http://prntscr.com/a261lg
<Xin> how weird
<Xin> ohh
<Xin> https://wiki.ubuntu.com/MountWindowsSharesPermanently#Unprotected_network_folder_won.27t_automount
<Xin> @ sarnold fyi :)
<Xin> thanks for the help
<Xin> ps; for above you need to use smbfs not cifs
<Xin> urgh ok no that's not working eitherrrrrr
<Xin> fml
<Xin> so, that fix doesnt work with cifs
<Xin> and smbfs is no longer available as its superceded by cifs
<Xin> ill make a specific user to access as, but this is fairrly definitely a bug
<System_Error_Mes> hi im having trouble with my ubuntu server install
<System_Error_Mes> its stuck in a mdadm create user root not found loop
<System_Error_Mes> it only loops that line and mdadm create group not found loop
<rbasak> nacc: I'd do the seed update now, with one commit, assuming the AAs are OK with that. One commit because it's easier to make sense of things later, no strong reason.
<Razva> hey! It's my first Ubuntu Cloud setup so excuse my dumb questions :)
<Razva> I'm setting up MAAS right now. Added the LAN NIC
<Razva> but I have no idea what I should set at the "Default Gateway IP" section
<Razva> should I set the Internet gateway? like...the external IP gateway?
<Razva> (which I've used for the NET nic settings)
<System_Error_Mes> ubuntu server just doesnt seem to work with RAID
<System_Error_Mes> i mean its a serverOS and i would really like to use the cloud features otherwise i'll have to switch back to openSUSE
<System_Error_Mes> windows networking just doesnt work
<System_Error_Mes> The internet gateway is your router
<Razva> System_Error_Mes talking with me? P)
<System_Error_Mes> doesnt seem like anyone is on now
<System_Error_Mes> Razva, regarding internet gateway
<System_Error_Mes> unless your cluster access internet through your controller than the controller is your gateway
<Razva> darn, how the heck can I see all the nics?
<Razva> seems that my nics are "eno" not "eth"
<Razva> buuut I can see only eno1
<Razva> and no, eno2 doesn't works :))
<Razva> logical name: eno1
<Razva> logical name: enp0s25
<Razva> so the logical name for the second nic is...enp0s25?!
<hateball> the glory of systemd
<Razva> ifup enp0s25?
<Razva> Ignoring unknown interface enp0s25?=enp0s25?
<Razva> mmmm...?
<System_Error_Mes> use the NIC that works first and then configure the rest
<Razva> isn't the network "auto-configured" when using MAAS?
<System_Error_Mes> From what i read about the manual is that you have your controller performing all the network duties including dhcp and such so auto configure should work if you did seperate your cluster network
<System_Error_Mes> If you didnt seperate your cluster network from your main network than you're probably doing it wrong
<Razva> http://i.imgur.com/KiLwaap.png
<Razva> it's the main cluster, connected directly to the net + vlan
<System_Error_Mes> it looks right but is your controller connected directly to the net or behind some router?
<System_Error_Mes> im going to try reinstall ubuntu, i changed some partitions but i dont think reinstalling would work
<System_Error_Mes> during the install it failed to detect the partitions on the hard drive raid arrays but had no trouble with the SSD raid
<Razva> it's dirrectly contected to the net, into the same vlan as the server that I'm trying to PXE boot
<System_Error_Mes> so are you saying you've installed your controller and are trying to install the rest of the machines or are you currently installing your controller?
<System_Error_Mes> because the other machines would boot of pxe from the controller in their own seperate network and not connected to the internet
<System_Error_Mes> i would install the cluster but i still cant get ubuntu server working on my main server
<Razva> I've installed the controller + mass
<Razva> and now I'm trying to PXE boot the other machines from maas
<System_Error_Mes> well it looks right so just make sure that the cluster network is entirely isolated while doing the install
<System_Error_Mes> i would do a layer 1 segmentation to make sure but as long as layer 2 segmentation works on your switch as well
<System_Error_Mes> also in linux the first count is 0
<System_Error_Mes> so pn0 is your first NIC and pn1 is your 2nd NIC
<System_Error_Mes> pn2 doesnt work because it doesnt exist unless you have a 3rd NIC
<John[Lisbeth]> Reliable guide for updating a system with custom PPAs from 15.10 to 16.04?
<Razva> folks, shouldn't MAAS auto-configure DHCP for the lan NIC...?
<Razva> I have two NICs, one connected to the net, one connected to a VLAN
<Razva> on setup I'm manually configuring the NET one, obviously.
<Razva> but the other one gets disabled, and stays disabled even after adding it on MAAS
<Razva> any hints...?
<Razva> BUMP
<John[Lisbeth]> Razva, I am not sure if this is the same project, but there is also a #maas channel
<jamespage> rbasak, I got bored of having to pip install juju-deployer so I've bumped the latest version of that and jujuclient into xenial
<jamespage> just an fyi
<Razva> oh God this is SO frustrating :|
<Razva> what I want is just to deploy a simple Ubuntu Cloud. the doc is so simple, but in reality it basically crashes at step 4. :|
<Razva> crashes = MAAS doesn't provides PXE via DHCP
<Razva> (no, nobody is replying on #maas)
<jamespage> Razva, hmm
<jamespage> which doc are you referring to?
<Razva> http://www.ubuntu.com/download/cloud/install-openstack-with-autopilot
<Razva> and I swear to God that I don't see any Networks in the menu: http://i.imgur.com/wKDBvvX.png
<jamespage> Razva, is your maas node wily or 14.04?
<Razva> 15.10
<jamespage> Razva, and which step are you on?
<Razva> 3. Install MAAS
<Razva> Go to the âNetworksâ tab and for each of the networks auto-created, click âEdit networkâ to add the default gateway and DNS server details
<Razva> jamespage here's the network result, from cli: http://pastebin.com/UwZbu65F
<rbasak> jamespage: that's fine, thanks.
<jamespage> Razva, anything in the networks tab at all?
<Razva> jamespage http://i.imgur.com/wKDBvvX.png < can you see any Networks tab?
<Razva> maybe I'm too tired and cannot see it right in front of me...
<jamespage> Razva, try subnets - this may be a doc bug
<jamespage> roaksoax, I think step 3 of http://www.ubuntu.com/download/cloud/install-openstack-with-autopilot needs an update for the 1.9 release
<jamespage> roaksoax, see backscroll ^^
<Razva> jamespage http://i.imgur.com/op7705L.png < I cannot see any trace of Add Network or Edit Network
<jamespage> Razva, click the subnet
<jamespage> Razva, your hitting a bug on the documentation - apologies
<jamespage> Razva, that said in the MAAS I have access to, I can't edit those settings from the subnet screen
 * jamespage keeps poking
<Razva> jamespage ok, I'm on the Subnet page
<Razva> next...? I can see only the current IP class, but I cannot find a way to add a new one (192.168...)
<jamespage> Razva, can you dump that as well pls?
<jamespage> Razva, so you will only get a subnet for the network configuration of the MAAS server itself
<Razva> ok and how can I add a new subnet?
<Razva> at Ubuntu setup I've added just the NET NIC, the other one didn't.
<Razva> I have two nics: one for NET (217.19.1.0/24) and one for LAN (192.168.1.0/24)
<Razva> I've configured NET, obviously, and now I'm looking for a way to add the LAN one in order to PXE boot from LAN
<jamespage> Razva, ok - you need to add that as a managed interface as part of the cluster configuration
<jamespage> 'Clusters' tab - then click name of the cluster controller
<jamespage> you should see LAN as unmanaged - hover over, click the edit icon and configure that - I think that will create the subnet...
<jamespage> LAN == interface configured for LAN
<Razva> http://i.imgur.com/eQlOfCK.png
<Razva> the only interface I can see in the list is the one already existing
<Razva> should I manually add enp0s25?
<Razva> enp0s25: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 100 < this would be the LAN NIC
<jamespage> Razva, yes
<jamespage> add the interface
<Razva> DHCP and DNS, right?
<jamespage> Razva, yup
<Razva> Default Gateway IP < none, it's a LAN, right?
<jamespage> Razva, well consider that this network will be use for provision and install - machine will need access to the ubuntu archives etc...
<jamespage> so I would expect a gateway of some description
<pitastrudl> could someone recommend me a vps provider with a stable connection but very cheap price? a lowend vps. i just need it to host quassel irc and a znc instance
<Razva> weeeell...I cannot use the net gateway, it's in a totally different class...
<Razva> [u'217.19.1.1 not in the 192.168.1.0/24 network']
<jamespage> Razva, sure - but you could configure the server on which MAAS is install to provide that gateway
<jamespage> acting as a NAT router in effect
<Razva> true...
<jamespage> MAAS won't do that for you - you'll have to do that yourself
<Razva> any tutorial (for dummies) for doing that?
<jamespage> Razva, one sec
<jamespage> Razva, concepts are here - https://help.ubuntu.com/lts/serverguide/firewall.html
<jamespage> looking for a script I had todo this
<jamespage> Razva, http://paste.ubuntu.com/15023804/
<jamespage> Razva, will need some tweaks for your env
<jamespage> but dtrt
<jamespage> Razva, I have to drop for today - hopefully roaksoax might appear - but this is a good channel to ask questions in about MAAS
<Razva> http://i.imgur.com/IGdMwnI.png < post-NAT settings are ok?
<jamespage> also #juju
<jamespage> Razva, if you're going to the NAT option, gateway and IP should be the same
<jamespage> ttfn
<Razva> or I might add the IP as another nic:1 ?
<jamespage> ok
<Razva> thanks so much!
<Razva> me pings roaksoax
 * Razva pings roaksoax again :)
<Razva> or...anybody who can help me setting up this darn server...
<ikonia> Razva: you'll do better if you just explain your problems
<ikonia> rather than ask if people can fix it without knowing what you're asking
<Kimse> I'm having an issue with using autofs to mount shared home's via NFS inside a Linux container.
<Kimse> when cd'ing to an automounted directory, it just freezes eternally. Until I stop the autofs service.
<Kimse> The only error I see is: handle_packet_missing_indirect: token 47, name <username>, request pid 2543 from the automount program
<Kimse> The containers are NATd
<Kimse> And I can mount the nfs share manually
<jamespage> Razva, hello again
<Kimse> And i have modified the apparmor profile to allow mounting of NFS and do not see any errors regarding that
<jamespage> Razva, once you have your private network setup and configured in MAAS, you'll need to power on and network boot the servers you want to use;the obviously need to be physically connected to the private network
<jamespage> Razva, its also important that maas has network access to the ilo/drac/whatever BMC controller for the servers, otherwise it won't be able to control them later
<Razva> jamespage so glad you are here. I'm basically plucking my hair here :))
<Razva> I've just asked roaksoax of I need to setup the LAN IP manually, before installing MAAS, or should I add it through the GUI after installing MAAS. his answer was yes.
<Razva> SO, I'm at the installation point again, with the ISO boot up
<jamespage> I'm going to be in-and-out for the rest of the day so I may be a bit async
<jamespage> Razva, reading around on MAAS might be useful - http://maas.ubuntu.com/docs/
<Razva> I have two nics: eno1 (net) and enp0s25 (lan). I've setup enp0s25 (lan) with a static IP (192.168.1.2), then run this: sudo iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o eno1 -j MASQUERADE . Is this enough in order to have a NAT that will provide internet access to the lan IPs?
<nacc> rbasak: ok, thanks!
<Razva> jamespage, roaksoax ...anybody? :(
<VelusUniverseSys> sarnold, you about?
<Razva> when using maas, any idea why the heck all the nodes are shutting down after booting from PXE?
<sarnold> Razva: iirc they're waiting to be turned on :)
<sarnold> hey VelusUniverseSys
<VelusUniverseSys> im still having problems with ezstream and well thinking of swatting up on snowmix again but thats hard
<sarnold> did you have any luck writing that script to populate the m3u?
<Razva> sarnold well great, but I cannot power it on...
<Razva> 1 node cannot be powered on. To proceed, update your selection.
<sarnold> Razva: eep. if there's nothing obvious in the logs, head into #maas, they'll be more familiar with it
<Razva> nobody is there...
<sarnold> hmm; maybe try the mail list then?
<VelusUniverseSys> still working on that but if im having problems then why do that
<sarnold> bad timing though, the weekend's started for many, and three-day weekend for many..
<VelusUniverseSys> sarnold, can i pm you please?
<sarnold> VelusUniverseSys: sure
#ubuntu-server 2016-02-13
<waters33637> Question: Webmin has problems with ubuntu .. as i just found out ... does ispconfig or ebox work better .. or do they have the same problem with ubuntu?
<VelusUniverseSys> from personal experiance ispconfig is built towards deb based unix never heard of ebox
<VelusUniverseSys> waters33637,
<VelusUniverseSys> and waters33637 reading on the ebox (or what i can see is it) it seems to support ubuntu as in the front page its on about ubuntu
<cihhan> hi all! i am trying to install xfce4 to my ubuntu server -- i installed by apt-get install xfce4; however it doesnt auto start and i have to write startxfce4 everytime. is there a way to make it run at automatically at boot time?
<John[Lisbeth]> I'm looking for some thorough online materials about dist-upgrade
<John[Lisbeth]> preparing for my first one from 15.10 to 16.04
<Seveas> John[Lisbeth]: don't use dist-upgrade for that.
<Seveas> do-release-upgrade is what you want
<John[Lisbeth]> Does do-release-upgrade only go one way, and how does it determine which version to install?
<lordievader> Good afternoon.
<k2gremlin> lordievader, Morning :P
<lordievader> Hey k2gremlin
<k2gremlin> lordievader, So what's on your agenda today?
<lordievader> Not much, finishing some assignment.
<k2gremlin> lordievader, I need to finish my bio paper :/
<k2gremlin> and figure out why my openvpn traffic is retarded.
<if_gaga0> hello all ! i have 15.10 and xen-4.5 kernel, that kernel have bug, and i will patched they. My question is: how i can get ubuntu xen4.5 kernel sources? How-to https://wiki.ubuntu.com/Kernel/BuildYourOwnKernel for kernel source without xen 4.5 patches
<RoyK> if_gaga0: my question is: Why do you use xen when kvm does it far better?
<if_gaga0> RoyK: because, i'm need PV mode
<RoyK> what is that?
<RoyK> paravirt?
<RoyK> kvm has paravirt all the way
<if_gaga0> yep, paravirt
<RoyK> even amazon has kicked out xen
<if_gaga0> http://www.linux-kvm.org/page/FAQ#What_is_the_difference_between_KVM_and_Xen.3F
<RoyK> what sort of guests are you running?
<waters33637> VelusUniverseSys: Thanks ...
<if_gaga0> "KVM does not support paravirtualization for CPU"
<RoyK> what sort of guests are you running?
<RoyK> do you need cpu paravirt?
<RoyK> most of us just need that for I/O
<if_gaga0> yep, i'm have 90% of linux vm
<RoyK> then kvm will be fine
<if_gaga0> 95%
<RoyK> on windows too
<RoyK> imho xen is a pita
<if_gaga0> may be
<RoyK> I stopped using xen som 4-5 years ago
<if_gaga0> RoyK: Overall, Xen and KVM were performing well compared to the host's performance. Xen tended to have the most wins while KVM generally came in right behind and the two were very competitive with one another, either are great solutions for Linux virtualization depending upon your specific needs (c) http://www.phoronix.com/scan.php?page=article&item=ubuntu-1510-virt&num=5
<RoyK> if_gaga0: the bonus with kvm is that you don't need to care about reserving memory to the machines, and no need for a specific kernel, and it's widely supported
<if_gaga0> can you clarify about "memory reserving" ?
<if_gaga0> for dom0?
<RoyK> if_gaga0: iirc xen reserves memory for domU and only lets the dom0 use the rest - kvm is dynamic on this
<RoyK> if_gaga0: I don't see a single reason of using xen these days
<if_gaga0> RoyK: thnx for notion
<John[Lisbeth]> Does do-release-upgrade only go one way, and how does it determine which version to install?
<patdk-lap> it installs the next version
<patdk-lap> that is all it does
<RoyK> John[Lisbeth]: it installs the next version - if you're on LTS, it installs the next LTS version - see /etc/update-manager/release-upgrades - if it says "lts" it will only upgrade to lts releases - if it says "normal" it'll upgrade to whatever's the next thing
<kauli_> hello, I would like to run dynamips on ubuntu server and I would like to read cisco image when I write dynamips -H 7000 it is open it and bulid date and get hypervisor TCP control startec port 7000 but nothing happen after that or try to read configration file ??
<kauli_> hello, I would like to run dynamips on ubuntu server and I would like to read cisco image when I write dynamips -H 7000 it is open it and bulid date and get hypervisor TCP control startec port 7000 but nothing happen after that or try to read configration file ??
<John[Lisbeth]> Would you say it is safe to upgrade a system to 16.04 at this point, or would you wait until april?
<John[Lisbeth]> It's not mission critical
<teward> i would not, John[Lisbeth]
<teward> John[Lisbeth]: stick with teh LTS, or 15.10 if you need newer software.
<teward> i would wait for 16.04 release first
<John[Lisbeth]> Alright, thanks for the heads up.
<tucemiux> anyone knows if there is a GUI app that will allow you to remotely administer virtual machines stored on kvm ?
<Sling> tucemiux: http://www.linux-kvm.org/page/Management_Tools
<VelusUniverseSys> how od i upgrade again without reinstalling /
<VelusUniverseSys> ?
<Sling> VelusUniverseSys: upgrade what to what?
<VelusUniverseSys> 15.04 to 15.10
<Sling> do-release-upgrade
<VelusUniverseSys> im asuming to do an update from 15 - 16 would mean a whole wipe and resintall?
<Sling> not really, you never have to 'wipe'
<Sling> this isn't windows ;)
<VelusUniverseSys> lol yeah but would be hard on a vps system lol
<Sling> how so?
<VelusUniverseSys> well how would i be able to upgrade from 15 - 16 without any disks and in comandline only
<VelusUniverseSys> do-release-upgrade?
<VelusUniverseSys> all i can say is thank god for tywo screens at work and home lol i can watch the upgrade and code at the same time
<Sling> VelusUniverseSys: yes, with do-release-upgrade, over the internet
<Sling> it will update the repository and fetch all needed packages
<VelusUniverseSys> even from 15 - 16
<Sling> yes
<Sling> 16 just means it's one of the releases in 2016
<VelusUniverseSys> thats cool thought you couldnt but yeah when will 16 be relased
<Sling> always in april and october
<Sling> hence the 04 and 10
<VelusUniverseSys> ok cool
<Sling> 16.04 = april 2016
<VelusUniverseSys> would 16 be lts?
<Sling> yup
<VelusUniverseSys> and would 16 have php7?
<maswan> yes
<VelusUniverseSys> good i wonder when centos will get php7 lol they still on php5.5 now
<Sling> probably (unless there is a confirmation somewhere I didn't see yet)
<maswan> Package: php
<maswan> Depends: php7.0
<Sling> cool
<maswan> I'm on 16 for my laptop
<Sling> VelusUniverseSys: well 5.5 isn't *that* old
<Sling> there was no php6
<VelusUniverseSys> yeah i know but they are behind on stuff most things these days are on php5.6 and there is a bit you cant do on php 5.5 that you can on 5.6
<VelusUniverseSys> i cant wait to see how my apps run on php 7? see if they break or not lol
<maswan> I know people still working on migrating off centos5, it is starting to get really painful for thme now
<VelusUniverseSys> yeah i used to love it it was good but its so behind i didnt know this till a while back then i found fedora yeah thats good and nearly up to date but it goes out of date quick so now im on ubutu now
<VelusUniverseSys> and thinking of creating my own os for me to use
<VelusUniverseSys> lol
<VelusUniverseSys> well two really one for me and one for a group of people to use lol
<Razva> any idea why all the servers that I connect to MAAS got shut down, and I have no option to start them...?
<VelusUniverseSys> sarnold, it looks like im going with nginx and rtmp which will hopefully be better
<compdoc> ubuntu server doesnt have a subsys directory. What happens when I install a program that specifies /var/run/subsys? does it just get ignored?
<RoyK> compdoc: iirc /var/run is /run, which is tmpfs, so that program needs to create the subsys dir to be able to use it, or you'll need to hack it into somewhere in systemd or somewhere
#ubuntu-server 2016-02-14
<Razva> hi there! networking/linux newb here. I have a simple question (for you at least). I have one machine that has two nics, one for net and one for lan. I would like to NAT lan to net in order to provide net access to lan clients. currently the lan IP is 192.168.1.2. should I create another IP address (192.168.1.1) and NAT traffic through it, or use .2 directly as the gateway, or rename .2
<Razva> into .1?
<Razva> should I use 14.04 LTS for Ubuntu Cloud Images?
<Razva> or 15.10?
<vbotka> Razva, should it be a bastion host (https://en.wikipedia.org/wiki/Bastion_host) ?
<vbotka> Razva, as an example brief google query shows http://www.cyberciti.biz/faq/linux-bastion-host/
<Razva> vbotka yes, it's a bastion host
<Razva> MAAS
<Razva> should I use 15 or 14 for Cloud (Liberty)?
<lordievader> Good morning.
<Razva> lordievader mornin'
<lordievader> Hey Razva
<Razva> any idea if, for OpenStack Liberty, I should use 15 or 14 (full autopilot/maas setup)?
<lordievader> I have no experience with OpenStack.
<vbotka> Razva, I'd say the (1) newest possible that fit your (2) support expectations
<Razva> vbotka 15 will get upgraded to 16?
<Razva> or to any LTS?
<vbotka> Razva, you might want to review the life-cycle http://www.ubuntu.com/info/release-end-of-life
<lordievader> You can upgrade 15.10 to the 16.04 LTS, yes.
<vbotka> lordievader, I've never reviewed this. Is there a commitment of guaranteed upgrade?
<lordievader> That is the normal upgrade path. For 'normal' installs an upgrade should be a breeze.
<lordievader> Even upgrading over ssh ain't that big of a problem anymore.
<vbotka> lordievader, I know. But, I'm not aware of a commitment, that upgrade will not break any functionality installed.
<lordievader> I don't think they make that guarantee for anything else than the default install.
<lordievader> If they make it at all.
<vbotka> lordievader, yes, thats the difference between upgrade and install
<Razva> vbotka any experience with Ubuntu Cloud?
<vbotka> Razva, not yet, to be honest I'm running FreeBSD as a cloud servers atm.
<Razva> vbotka what type?
<vbotka> Razva, STABLE one
<vbotka> 10.2 atm
<Razva> no no, what virtualization type (KVM etc)?
<Razva> btw, any idea of how to restart IMPI...?
<Sling> Razva: ipmitool
<Razva> Sling I've logged into the IMPI via SSH
<Razva> but now no idea of how to restart the IPMI
<Sling> 'ipmitool mc reset warm' or 'cold'
<Sling> google for it :)
<Razva> Sling will this reset the IMPI, or the server?
<Sling> just ipmi
<Sling> warm will do a restart, cold will reset it and (i think) also clear the configuration
<Razva> but I suppose that I need to run ipmi tool from the machine that has the same ipmi, not remotely..right?
<Razva> ipmitool -H 95.154.222.13 mc reset warm
<Razva> Password:
<Razva> Error: Unable to establish LAN session
<bekks> Razva: then ipmi would make any sense.
<Razva> any idea of how to see the firmware-specific flag I should use?
<Razva> I can root@ssh the IPMI, but I cannot send any ipmitools command :|
<Sling> Razva: if you ssh to the ipmi interface you are in a ssh session, not on an ipmitool shell or something
<Sling> (busybox)
<Razva> Sling what I'm trying to say is that the ipmi is not "broken" or "unresponsive", as I can ssh in. right...?
<Sling> Razva: if you are inside the busybox shell, you can type 'reboot' there to restart the bmc
<Sling> well there can be many things broken @ IPMI if you can still SSH to it
<Sling> it's not very.. robust
<Sling> i have seen non-functioning web interfaces plenty of times while the ssh was working fine
<Razva> error_tag    : COMMAND NOT RECOGNIZED
<Razva> ^ that would be reboot
<Razva> and "restart"
<Razva> http://pastebin.com/wrqTec4k < this is the help
<dannymichel> anybody know which irc channel iâd join to debug unreal irc server?
<marlinc> irc.unrealircd.org
<marlinc> Channel #Unreal
<dannymichel> thanks
<tkeith> Which EC2 AMI should I be using? I see options for "hvm", "hvm-ssd", "ebs", "ebs-ssd" and some others. I want to use SSD EBS storage on an HVM instance...
<jrwren> sounds like evm-ssd to me
<Razva> hey guys. I have no idea why but maas refuses to interpret the right status from IPMI...
<Razva> the server is powered down, I can see that via DRAC and console. but still maas reports the server as being online. any hints...?
<froike> hi! there is an ftpd with credit system of upload and download ratio?
<Kimse> glftpd
<froike> Kimse, thanks
<Razva> Kimse can you please take a look at http://screencast.com/t/vIhiZSVM5 ? is it me or everything is OK? but even if I press enter...nothing is hapening...
#ubuntu-server 2017-02-06
<rizonz> tomreyn: ok
<ChmEarl> when using ubuntu-server ISO, ubiquity is not used, only d-i?
<rfkrocktk> Hello! We are running ami-9e158c89 in us-east-1, which is an Ubuntu 14.04 image. We had a very strange issue where three servers running RabbitMQ in a VPC simultaneously started freaking out, claiming they could not write to disk until the kernel killed the processes. When we reviewed this with our Amazon account managers and an actual EC2 developer, we were
<rfkrocktk> told to reach out to Canonical and that there was a known bug in the enhanced networking drivers for Ubuntu 14.04. Is there a known bug?
<pmatulis> rfkrocktk, maybe pastebin some logs
<rfkrocktk> I'll try to do that, but I honestly think it was just AWS lying to us about some underlying problem ð
<rfkrocktk> It was more of a general query regarding the enhanced networking driver in 14.04, are you aware of any significant (or otherwise) bug reports concerning it in 14.04 EC2 AMIs?
<patdk-lap> rfkrocktk, if you didn't manually update the driver, yes
<patdk-lap> I have a newer driver in my ppa
<patdk-lap> it's documented from intel
<rfkrocktk> can you link to the bug? how long ago was it?
<patdk-lap> the bug is linked to right on aws ec2 page, where it documents the enhanced network option
<rfkrocktk> trying to find
<rfkrocktk> it's not on here: https://help.ubuntu.com/community/EC2StartersGuide
<patdk-lap> http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sriov-networking.html
<rfkrocktk> thank you patdk-lap
<patdk-lap> that ubuntu page doesn't talk about enhanced networking at all
<patdk-lap> https://launchpad.net/~patrickdk/+archive/ubuntu/production/+sourcepub/4863517/+listing-archive-extra
<patdk-lap> I made it a dkms, unlike the aws page, you won't have to screw with it again on each kernel update
<patdk-lap> never had any issues, ran some very large and high traffic mongo servers on it
<patdk-lap> I should probably update my package
<rfkrocktk> I can't seem to find the actual bug
<patdk-lap> what?
<rfkrocktk> like they mention that there is a bug but they don't clarify what it is
<rfkrocktk> unfortunately
<patdk-lap> yes, it's MANY bugs
<rfkrocktk> ð¬
<patdk-lap> svio support wasn't very good in versions < 2.14
<patdk-lap> if you are expecting aws to file a bug against ubuntu, your mistaken
<patdk-lap> you would have to file that bug, aws couldn't care less
<patdk-lap> aws already went and did the work and found that you need >= 2.14 to be stable
<patdk-lap> the version in ubuntu 14.04 is 2.11.3-k
<rfkrocktk> I'm just wondering why Canonical hasn't published an updated version of the driver in their EC2 AMI images.
<rfkrocktk> If this is a known issue, then it would make sense for canonical to address it by publishing a fix.
<patdk-lap> ask them
<patdk-lap> I wouldn't assume they know about it though
<patdk-lap> https://bugs.launchpad.net/cloud-images/+bug/1254930
<ubottu> Launchpad bug 1254930 in cloud-images "AMIs do not have EC2 Enhanced Networking flag set" [Undecided,Confirmed]
<rfkrocktk> thank you, this is the bug
<lordievader> Good morning
<Genk1> Hello all
<lordievader> o/
<Genk1> What is the best strategy for a mail server High avaibility ?
<Genk1> I have postfix and devecot running on the same server and I want to create a backup (slave) for taking control in case of the master faillure
<bhuddah> having more than one, i guess.
<refeaime> Hi chat
<bhuddah> Genk1: what level of HA are you aiming for?
<Genk1> bhuddah, I didn't get the point ? can you explain more please ? thanks
<bhuddah> Genk1: it's not necessarily a fail-over setup you want. you can also have active-active setups. it all depends on what your goal is. and your budget.
<Genk1> bhuddah, I have a distant cloud environment of 3 VM
<Genk1> bhuddah, my goal is to always have the service UP and I guess an active-active setup is not necessary in my case
<Genk1> I don't have a huge traffic
<bhuddah> Genk1: "always" is impossible.
<Genk1> bhuddah, Ok let's say a 99.99 % avaibility then :)
<bhuddah> Genk1: it sounds like a simple backup will be enough.
<bhuddah> Genk1: depending on the size of the mail store you might need some time to restore though.
<Genk1> bhuddah, you mean a secondary MX server ?
<bhuddah> Genk1: i just mean a traditional data backup. regular and tested.
<Genk1> bhuddah, OK, what's about the cost in system faillure ? do I have to operate manually ?
<Genk1> bhuddah, hmm
<bhuddah> as long as your downtime is shorter than a couple of days you won't lose any mail. so you just gotta make sure that you can restore quick enough. (in a couple of hours)
<Genk1> bhuddah, you mean to simply backup files and be able to mount a server quickly ?
<bhuddah> Genk1: you can get quite quick with that if you train it regularly.
<Genk1> bhuddah, I see, but the problem is that the operators need to answer mails as fast as possible
<Genk1> bhuddah, the corporate activity is depending heavily on emailing system
<bhuddah> the system will fail. sooner or later.
<bhuddah> a good single system will last years and years before you have unscheduled downtime.
<Genk1> bhuddah, OK I see
<Genk1> what if I want to go with an MX backup ?
<Genk1> having 2 servers operating if the master fail the secondary server takes control ?
<bhuddah> of course you can grow your system to multiple mx servers
<bhuddah> cluster operation is necessarily a lot more complex than single server systems.
<Genk1> bhuddah, you're absolutly right
<Genk1> but what can you suggest me for a multiple mx setup ?
<bhuddah> it's a trade off where you might gain little and have a lot more risk to handle.
<bhuddah> i'd run with multiple active MX's then.
<Genk1> especially if I have 2 systems to put in HA (Postfix and devecot)
<bhuddah> they can throw mails in a centralized backend storage pool.
<Genk1> hmm
<bhuddah> and users access that storage pool via the dovecot server(s)
<Genk1> bhuddah, perfect thank you al ot
<bhuddah> Genk1: good luck.
<Genk1> bhuddah, Ah! one last question please. how about the storage pool ? what can you suggest me for a clouding environement ? using Gluster, NFS.. for example ?
<bhuddah> usually whatever you already have for storage.
<Genk1> bhuddah, hmm I don't think that our hoster has a lot of things to offer in that area
<bhuddah> some might just use a NAS. others might have a larger SAN storage.
<Genk1> bhuddah, what's about rsync ?
<bhuddah> no. it must be real-time. in that case.
<Genk1> bhuddah, wow OK that's the difficult point then
<bhuddah> HA systems are complicated.
<Genk1> bhuddah, true, and cost a lot
<bhuddah> you can calculate how much a day or two downtime cost.
<Genk1> bhuddah, but I don't see the need for a real-time stuff ? I think that 1 min and more is tolerable in our case
<bhuddah> and then you know what you can invest to mitigate that.
<Genk1> bhuddah, yes true
<bhuddah> Genk1: the point isn't the speed but the shared locking because there are multiple paths through the system.
<Genk1> bhuddah, you're right
<patdk-lap> bhuddah? your cheap vps provider will last years and years before you have any kind of outage? not true
<patdk-lap> I don't know why you want to get all fancy attempting to make this HA
<cpaelzer> coreycb: zul: hi, the qemu triggered nova test opn ppc64el failed again - did you happen to find what it really is?
<patdk-lap> just use simple dovecot built in HA
<zul> cpaelzer: no i wasnt able to reproduce it
<patdk-lap> http://wiki.dovecot.org/Replication
<bhuddah> patdk-lap: you get what you pay for. certainly. so the cheapo vps provider will fail earlier :)
<coreycb> cpaelzer, zul: well for our failing deployment which hit a similar issue, it was due to needing a newer version of seabios backported to the cloud archive
<zul> cpaelzer: i was thinking of getting back on a ppc64el and running autopkgtest
<cpaelzer> zul: ok, the seabios in zesty is pretty new (4 weeks)
<cpaelzer> zul: your access on the machine of last week should still be good
<cpaelzer> zul: please let me know if I can help to resolve
<zul> k
<zul> coreycb: im going to start on the rc1 candidates but not upload them
<coreycb> zul, ok
<jdstrand> tomreyn: fyi, 'ufw disable' is good enough
<jemoo> Help! i can not send mail from one pc to another which are in the same network!
<jemoo> i only see the mail in side the sender pc /var/mail....lab1
<jemoo> the sender pc is using exim4 and the receiver pc is using postfix
<jemoo> helpp!!!!
<jemoo> any one in here and help!
<jemoo> Help! i can not send mail from one pc to another which are in the same network!
<jemoo> i only see the mail in side the sender pc /var/mail....lab1
<jemoo> Helppp!
<jemoo> Help! i can not send mail from one pc to another which are in the same network!
<jemoo> i only see the mail in side the sender pc /var/mail....lab1
<lordievader> !patience | jemoo
<ubottu> jemoo: Don't feel ignored and repeat your question quickly; if nobody knows your answer, nobody will answer you. While you wait, try searching https://help.ubuntu.com or http://ubuntuforums.org or http://askubuntu.com/
<sonu_nk> i am installing webmin on ubutnu server.. but when i tried  lsb_release -a it is showing me  " No LSB modules are available. | Distributor ID: Debian  | Description: Debian GNU/Linux 8.6 (jessie) | Release: 8.6"
<Ussat> FYI:  https://blog.sucuri.net/2017/02/content-injection-vulnerability-wordpress-rest-api.html
<pmatulis> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<Pici> also that
<blueking>  I have a firewall on ubuntu...   have set policy rules and zones... app on ubuntu itself   does it use loc or fw  ?
<patdk-wk> what firewall software are you using?
<patdk-wk> but normally anything on the machine itself is fw
<blueking> ok
<blueking> so what are 'loc' for ?
<patdk-wk> no idea, what did you configure loc as?
<blueking> loc = local ?
<patdk-wk> if I make a very broad guess, loc might mean local, and stand for anything coming from the local network
<blueking> ah ofc  'facepalm'
<blueking> was thinking local = machine itself
<patdk-wk> I don't use local in any of my firewall configs
<drab> hi, trying to preseed some boxes where the OS disk already has some stuff on it. No matter what I try I keep being prompted about what to do with my disk
<drab> I would like to simply tell the install to nuke whatever is there and install as if it was a blank drive, ignoring all partitions
<drab> anybody that has had that problem and has a working config?
<genii> drab: Use the partitioning recipe section in the sample preseed file to go by. It has the other options given as well to automatically proceed and so on. https://help.ubuntu.com/lts/installation-guide/example-preseed.txt
<genii> drab: The relevant section says "# This makes partman automatically partition without confirmation, provided
<genii> # that you told it what to do using one of the methods above." with the d-i options to use below
<drab> genii: yeah I already have all of that, and it works on blank drive, but not on a drive on which for example windows had been installed on
<drab> or another version of ubuntu for that matter
<drab> I've seen some people having similar problems if the drive in question had lvm on it and the autodetect would find the volumes and try to reuse them despite the options in the preseed
<drab> some of those folks seem to have sort of abused the d-i early_command to delete the VGs and delete the MBR
<genii> drab: I had before an automatic install system with preseed. Unfortunately I do not currently have access to the preseed options that were used. But when for instance it stalled I would examine the output of console 4 for what kind of input it was expecting then alter the preseed accordingly
<drab> genii: how do you check? I guess I'll test that later, I thought I cycled through all the terminals and don't remember a way to see what questions exactly it was asking
<drab> if that was possible that'd be great
<genii> With server install it gives you 4 terminals, tty0 is the default you see, tty1 and tty2 you can use to gain a commandline, tty4 is where you can see output like what commands are currently being executed to produce whats on the first terminal
<genii> tty3, rather
<drab> genii: ok,thanks, I'll try to look at that output and see if I can recognize a question. Is there an obvious link between what shows on screen and a preseed option?
<genii> drab: It should actually be showing you something like the actual d-i command which is currently running
<zul> coreycb: updating openstack cruft in universe
<rharper> dannf: hey,  testing out the smbios paramters in qemu-system-aarch64;  can you test passing in '-smbios type=1,manufacturer="Foobar"` and then in the booted image see if this shows up in /sys/class/dmi/id/*  ?
<dannf> rharper: checking..
<dannf> rharper: $ sudo grep -ir Foobar /sys/class/dmi
<dannf> $
<rharper> modprobe sysfs_dmi ?
<rharper> also, dmidecode
<rharper> I was on an arm64 cloud (beisner had one) which had /sys/class/dmi/* populated, Xenial image IIRC
<dannf> rharper: it is populated
<dannf> rharper: there just isn't any file that contains that string
<rharper> ok, that was what I saw as well
<rharper> so smbios on qemu aarch64 isn't working
<rharper> =(
<rharper> but it should be =)
<dannf> rharper: however, iirc, ARM may rely on a newer version of the spec
<rharper> was going to file a bug and have someone look at fixing qemu
<dannf> maybe type needs to be updated?
<rharper> not sure
<rharper> but it's been in qemu for almost 2 years
<dannf> lemme dig up a bug...
<rharper> cool
<rharper> dannf: the goal here is to have openstack nova pass the OpenStack Nova product name into the guest so cloud-init can know it's on an OpenStack cloud and do the right thing with datasources
<dannf> rharper: i don't think the bug i was looking at is relevant. yeah, doesn't seem to work.
<rharper> ok
<rharper> it's likely regressed; I suspect that some thigns work
<rharper> for example, -uuid still works
<dannf> 1:2.6.1+dfsg-0ubuntu8
<rharper> but other stuff doesn't
<rharper> dannf: if you file a new bug, can you add me to it?  or do you want me to file one right now?
<dannf> rharper: i'd say go for it, but feel free to subscribe me in case upstream needs a quick test
<rharper> dannf: ok
<blueking> anyone into lacp/bonding ?
<blueking> just wonder what mode I should choose
<rharper> dannf: https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1662345
<ubottu> Launchpad bug 1662345 in qemu (Ubuntu) "smbios parameter settings not visible in guest" [Undecided,New]
<dannf> rharper: cool
<drab> blueking: fwiw I've just put in a quad port nic into my machine and will get to that question shortly
<sarnold> doesn't it boil down to the question, why do you want it? redundancy or throughput?
<blueking> throughput...
<drab> still afail it's not as easy as x $num_of_nics
<drab> that's not how LCAP works
<drab> I've been reading around and to achieve that sort of multiplier ppl seem to have done weird shenanigans with vlans etc
<sarnold> really? I haven't seen any vlan shenanigans
<sarnold> but if you've only got two computers involved and use only say two tcp connections between them, there's a 50% chance both connections will be sent over the same NIC..
<patdk-wk> lacp doesn't give you throughput, only redundency
<patdk-wk> to get throughput with lacp requires a LOT of clients
<patdk-wk> if you want throughput, you need to use roundrobin, not lacp, and switches don't like roundrobin
<sarnold> they don't? oh :/
<sarnold> I've always been under the impression there were three types available: active/passive, hash-based, and round-robin, and I've always had the impression that round robin was more expensive than hash, so no one used RR...
<drab> I was aware that switches didn't like RR tho, but yeah, that was my impression too, lcap in the end doesn't really give you tput
<drab> especially not for a single connection, which is what most people think of when wanting to use bonding
<drab> ie cp a large file over nfs or something
<drab> s/was aware/wasn't aware/
<sarnold> yeah, "but it could do two of those at once" is often little solace when you're waiting forever for a file copy to finish :)
<patdk-wk> sarnold, there are like 6 or 7 types
<patdk-wk> rr is the best, but it only works on DIRECT links, server to server
<patdk-wk> I use it for my HA links
<patdk-wk> active/backup is fine if you just need simple failover and have simple switches or something
<patdk-wk> lacp (hash) works good if you have a switch that does lacp also, but getting > single port speed is not a goal of lacp
<patdk-wk> now, the other two tlb and alb where made to get >single port speeds, but they require the switch and the client machines to behave with it
<patdk-wk> tlb normally works, and does so by sending packets out multible links in a round-robin type way, but receiving only on a single link
<sarnold> o_O
<sarnold> that sounds crazy
<patdk-wk> the issue is, it uses multible mac addresses to send, and some clients that gets confusing (mac based auth checks)
<sarnold> heh
<patdk-wk> so while it worked great for *normal* things
<patdk-wk> I could not login to my network switch using that link
<patdk-wk> cause it would verify the source mac was the same as the user logged in on
<sarnold> hah
<sarnold> that even sounds like a good idea on the face of it..
<patdk-wk> alb takes it a step more, and spoofs the arp to the clients to balance incoming traffic
<sarnold> all this sounds like compelling reasons to just buy nicer hardware
<patdk-wk> lacp can load balance from the hash sure
<patdk-wk> but it's VERY hard to maintain that balance and to balance it, unless you have a LOT of clients
<patdk-wk> so for a home, lacp won't do crap for you
<patdk-wk> unless you just want a more advanced active/backup
<sarnold> how does it help with backup?
<sarnold> does it automatically re-do the hashing alg if a link goes down?
<patdk-wk> yes
<sarnold> alright that's friendly enough
<patdk-wk> as long as you don't setup a static lacp, static lacp uses any active port, if it's plugged into a lacp configured thing or not
<patdk-wk> dynamic lacp will use what is configured on the other side for lacp only
<patdk-wk> so if you plug in your laptop into a server lacp configed port by accident, everything doesn't go nuts
<sarnold> but then you're trusting lacp to dtrt -- does it? :)
<patdk-wk> it should, it's simple
<patdk-wk> if not, your switch has issues
<sarnold> yay
<sarnold> hehe
<patdk-wk> reminds me of my netgear switch, that send broadcast packets across every vlan
<sarnold> which returns to "buy nicer hardware"
<sarnold> "you asked for broadcast"
<patdk-wk> but I marked a vlan tag on it, not ALL vlans
<patdk-wk> that caused some fun tcpdumps
<Pinkamena_D> I just closed a server image but I want it to appear mostly unused, is there any semi automated way to remove all of the log files?
<Pinkamena_D> cloned*
<sarnold> Pinkamena_D: try this on something unimportant first: for f in /var/log/* ; do > $f ; done
<Pinkamena_D> so that looks like it would just truncate all of the files under /var/log ... does it do subdirectories too?
<sarnold> no, just those files
<sarnold> you could add /var/log/*/* if you wanted files in the subdirs
<Pinkamena_D> I guess that should be good enough
<Pinkamena_D> thanks!
#ubuntu-server 2017-02-07
<drab> anybody got any suggestion why testing with fio reads would come back slower than writes?
<drab> using O_DIRECT, no BBU caches, "simple" nvme device
<patdk-lap> hmm, flash tends to buffer writes
<average_guy> where are the commands you enter stored? so when you hit up they reappear
<drab> patdk-lap: mmmh, that could be, however I had a spare one of these nvme and put it into a machine that's slower/worse than the server I was testing on and the gap doesn't show
<drab> so it's something on this paricular machine that's causing the reads to be 2/3 slower
<drab> I'm testing with fio using a test script so that's consistent on the machines with the same nvme device and same pcie adapter in a x16 slot
<drab> even more interesting, I found out that's really concurrency killing it
<drab> if I run fio with 1 job, the newer server obliterates the others and reads are 2x writes almost
<drab> but if I just up jobs from 1 to 4 booom, reads crawl from 2.7GMps down to 200MBps
<drab> writes also slow down, but of only a "few" hundred MBs, staying about 700 or so, which is btw what the manufacturer spec'ed this for, so that's cool
<drab> if I didn't have the other system to compare to I'd agree, since flash is indeed caching and this paricularly one has a nice SLC cache before writing to TLC Nands
<drab> so maybe the real issue here is that concurrency simply kills performances on this box period but doesn't on another fo reasons I dont get (same ubuntu xenial with same kernel)
<vamadir> I buy vps server with ubuntu. And now i have 2 process GETTY, i think its server provider connet(some reboot etc...) from web panel. But i want delete this, its will be ok?
<vamadir> i need only ssh
<lordievader> Good morning
<jamespage> rbasak, around? I have a query re the current inflight ceph sru's
<m1dnight_> Anyone here have experience with msmtp?
<m1dnight_> msmtp keeps setting my from address to "default", while I have clearly configured the from to be "foo@example.com"
<m1dnight_> <default>: Sender address rejected: need fully-qualified address
<jamespage> rbasak, nm I figured it out - the tag was not quite 'verification-done' - doh!
<frickler> cpaelzer: https://bugs.launchpad.net/ubuntu/+source/strongswan/+bug/1587886 is still affecting me on Xenial it seems (when running neutron-vpnaas), is there a chance to backport the fix? or get the version from zesty into UCA?
<ubottu> Launchpad bug 1587886 in One Hundred Papercuts "strongswan ipsec status issue with apparmor" [High,Triaged]
<cpaelzer> hi frickler, let me take a look
 * cpaelzer has no ECC-memory in his brain :-/
<cpaelzer> frickler: are you the Dr. that did the last update a few minutes ago on  the bug?
<frickler> cpaelzer: yes. and neutron does use the plain xenial package indeed
<cpaelzer> frickler: ok, since I have no good local repro I have provided a ppa with the fix backported to Xenial
<cpaelzer> frickler: it is currently in some more testing, but if you could verify it solves it for you that would be great
<cpaelzer> frickler: if it does comment on the bug please (I did so announcing the ppa)
<cpaelzer> frickler: also if you could provide a short "Test Case" section for https://wiki.ubuntu.com/StableReleaseUpdates#SRU_Bug_Template that would be great as well
<cpaelzer> frickler: I'm good adding the rest
<frickler> cpaelzer: sure, thx
<frickler> cpaelzer: so the fix works, minor issue: updating only strongswan itself doesn't pull in the updated other packages automatically, needed to update strongswan-charon and -starter explicitly
<frickler> cpaelzer: I'll try to find a simpler test case than install OpenStack with certain settings and configure a VPN link now
<cpaelzer> thanks
<genii> drab: Did you make any headway on the preseed file?
<matsaman> just installed 12.04.5 as a virtualbox guest, and it seems like trying to apt-get install anything throws 'no installation candidate'
<nacc> matsaman: did you run `apt-get update` first?
<matsaman> I've run that, yes
<nacc> matsaman: can you pastebin that output, and then an example `apt-get install ...` output?
<matsaman> looks like https://bugs.launchpad.net/ubuntu/+source/debian-installer/+bug/1430648
<ubottu> Launchpad bug 1430648 in debian-installer (Ubuntu) "Ubuntu 12.05.4 apt-setup has old Release file" [Undecided,New]
<matsaman> I'm doing an update, upgrade, & dist-upgrade now
<matsaman> I'm assuming this is because I opted out of automatic updates at install time
<matsaman> which is a habit I've developed because that has, IME, _increased_ the likelihood of the installer failing
<matsaman> the irony, there is no escape
<nacc> matsaman: :)
<matsaman> as if I'd be installing 12 if I wanted updates anyway! heh
<zul> cpaelzer/coreycb: im not able to reproduce http://paste.ubuntu.com/23949041/
 * matsaman sighs
<matsaman> no improvement
<zul> coreycb: rc1 incoming
<matsaman> oh thank heaven
<matsaman> fixed with http://askubuntu.com/questions/297757/why-after-fresh-ubuntu-12-04-installation-update-arent-being-installed#answer-300930
<drab> genii: no, I got stcuk with another nasty issue, trying to debug some nvme device that's giving out seemingly random performances...
<drab> also trying to reconcile dd with fio... I thought if I ran fio with 1 job same filesize same block value I would get the similar readings, but nope
<drab> fio's value are way way lower for whatever reason I don't get (in a reading O_DIRECT should play no role and a sync and flush buffers before running dd)
<sarnold> drab: what exact dd commandline are you using?
<blueking> I have samba share  on mine ubuntu server.. but workgroup/ubuntu server aren't visible on my lan, tho I could connect to mine samba share as it was configured before... changes I've made  added two more nic, made those two nic into one  interface name bond0  interface that samba share was on before are disabled..  I've changed smb.conf    I need to change somewhere else too ?
<sarnold> blueking: check samba logs, maybe it's telling you the error..
<blueking> ok
<blueking> how long time should it take to have devices visible at explorer  networked devices visible 'WORKGROUP' as an example..
<sarnold> try using smbclient directly without trying to browse
<sarnold> browsing is handled by a different protocol, and it may not be indicative of the success or failure of the sharing protocol
<blueking> but samba share works from old setup.. I could access it from mine windows pc
<sarnold> when troubleshooting it's worth trying to break big problems into small problems and then solve them one at a time, from the most basic upwards
<sarnold> you know how it goes, starting with "is it plugged in and turned on?", "is the network cable plugged in?", "are there link lights on both the NIC and the switch?" and onwards and upwards :)
<sarnold> bonding makes things a bit more complicated since I don't know how to e.g. check if the machine's responding to arps correctly; but you could test ping and ssh inbound and outbound and make sure that the machine still has networking at all
<sarnold> and if it appears to have networking still, then you can focus on the two protocols in windows sharing -- the sharing bit (smb) and the browsing bit (nmb)
<sarnold> bonding makes things a bit more complicated since I don't know how to e.g. check if the machine's responding to arps correctly; but you could test ping and ssh inbound and outbound and make sure that the machine still has networking at all
<sarnold> and if it appears to have networking still, then you can focus on the two protocols in windows sharing -- the sharing bit (smb) and the browsing bit (nmb)
<ikonia> win 10
<ikonia> oops
<compdoc> wot?!   ban!
<powersj> nacc: can you import dlm for jgrimm and I?
<nacc> powersj: running now
<powersj> nacc: great thx!
<nacc> powersj: of course, should be done soon
<nacc> powersj: done
<powersj> nacc: thanks again
<nacc> powersj: np!
<drab> sarnold: to write I'm testing with dd of=/dev/nvme0n1 if=/dev/zero count=10000 bs=128K conv=fdatasync,notrunc oflag=direct
<drab> sarnold: for reading sudo dd if=/dev/nvme0n1 of=/dev/null count=10000 bs=128K
<genii> drab: What kind of drive is it?
<genii> ( the EVO apparently have some issue)
<sarnold> drab: good good
<drab> genii: http://mydigitalssd.com/pcie-m2-ngff-ssd.php
<sarnold> drab: the downside of course is that now I'm out of suggestions why the two would have different values :)
<drab> sarnold: :)
<sarnold> drab: if fio were -faster- that'd make loads of sense, I could say "oh it's probably doing multiple requests"
<sarnold> but fio is slower and I'm 99% sure dd isn't going to be submitting multiple IO requests :/
<drab> yeah, that's also what I don't get...
<sarnold> drab: maybe capture .1s of strace output? I'm curious what the write patterns are for both
<drab> the other thing is that results are inconsistent... sometimes I get lots of context switches and low tput, sometimes high tput and pretty high ctx, other times high tput and low ctx
<drab> these are test servers doing nothing other than being hammered with fio, so I don't get why the huge flactuation in ctx
<drab> but it's the only thing I can see diff besides the speeds
<drab> (in fio output)
<drab> it might be the hw, but blaming it on the hw isn't a great solution... we're a non profit and money is tight, trying to get some older drives to behave by putting a decent cache in front of them
<drab> and this seemed like a very good option, low price, good perfs, really good reviews on tomshardware & a few other places
<drab> it's not top of the line, but plenty for us
<drab> except that I just can't get consistent numbers no matter what
<sarnold> drab: ohhhhhhh
<drab> what, you solved it? :)
<sarnold> drab: my new theory -- the drive's firmware is compressing the hell out of a string of zeros. it's writing almost nothing most of the time.
<sarnold> drab: probably fio knows about this and is sending uncompressable blocks to the disk to write.
<genii> According to the webpage for the drive, it does have some fancy firmware
<drab> sarnold: that's an interesting thought, I might try to find a way to test around it
<drab> thank you
<drab> I'm still left with the problem of inconsistent tests tho
<sarnold> yeah :/
<drab> I've had maybe 3 or 4 times in a row fio giving me back 1.5GBs reads
<drab> and then seen those plummet to 700MBps
<drab> and no way to get them back up, not even with a reboot, nothing
<sarnold> I started by looking at the page to see if they mentioned how much overprovisioned space they had, in the hopes that that might help dictate just how much garbage compaction it might do, and -that- is what kicked off the neuron that remembered that most flash firmwares try hard to reduce writes..
<sarnold> OUCH
<sarnold> that's one heck of a penalty once you hit it
<drab> then at some point I tried to write a 10GB file as a test, and got 1.5GPBs again...
<drab> and that is stable on one test machine, meaning I keep getting 1.5GBPs, but I can never get that speed on a 1GB file sample, needs to be at least 3GB to get close to 1GBps
<drab> on the other machine however going back and forth with 10GB makes no diff, it's "stuck" at 700MBps
<sarnold> where is your 1gig file coming -from-?
<drab> I have no idea how fio gens that
<sarnold> unless it was already stuffed in RAM you might be testing the read speed of the drive holding it, or the throughput of the pcie bus that's got the devices..
<drab> I guess I might look into that since I'm out of options
<sarnold> probably fio does the right thing and generates a megabyte or two of uncompressable data at startup and just re-uses it
<sarnold> though that might encourage folks to do de-dup. so maybe they'd have light-weight modifications in place too..
<powersj> nacc: finished dlm merge
<powersj> set you as the reviewer so you can judge how well jgrimm taught me ;)
<jgrimm> ha! nice
<nacc> powersj: thanks, will probably get to it tmrw
<sarnold> drab: what kind of drives will you be putting behind this nvme? even 700MBps is way faster than spinning metal drives, maybe the odd performance bumps might not matter in the end
<sarnold> drab: I'm curious what the cause is, but at some point it might not really matter
<JoseLuis_> Good afternoon
<jgrimm> nacc, i am curious why dlm wasn't auto-updated by the importer?
<jgrimm> powersj, ^^
<nacc> jgrimm: how do you mean?
<jgrimm> since it had been imported before.. i thought it would be kept fresh when newer debian available
<JoseLuis_> Does anyone know those files ( /usr/bin/xjrcsubbir and /etc/init.d/xjrcsubbir) ? is running in my server ubuntu Ubuntu 16.04.1 LTS
<nacc> jgrimm: it will be updated when a new publish is seen in launchpad
<nacc> jgrimm: relative to when the importer itself last ran
<sarnold> JoseLuis_: I've never seen it. my archive mirror doesn't have anything like it.
<sarnold> and just as troubling, google reports "Your search - xjrcsubbir - did not match any documents"
<JoseLuis_> thanks sarnold, my server is running in in linode.com
<jgrimm> nacc, how is that useful?
<nacc> jgrimm: sorry?
<nacc> jgrimm: maybe we can discuss this in our 1x1
<sarnold> JoseLuis_: -maybe- it's something they built but even so I'd expect to find some reference to it somewhere on the internet.
<sarnold> JoseLuis_: try asking in #linode on irc.oftc.net
<jgrimm> nacc, yep! all good. not urgent in the slightest. :)
<JoseLuis_> thanks sarnold
<JoseLuis_> Does anyone know those files ( /usr/bin/xjrcsubbir and /etc/init.d/xjrcsubbir) ? is running in my server Ubuntu 16.04.1 LTS on linode.com
<JoseLuis_> mistake!!
#ubuntu-server 2017-02-08
<drab> sarnold: in front of a bunch of older spinning drives , about 8TBs of WD reds
<sarnold> drab: yeah that sounds like quite a step up :)
<drab> sarnold: you may be right tho, and I will give up shortly because it's taking up a lot of my time and I may not need it right now
<drab> and maybe it's a firmware thing that will get fixed
<drab> so I just need to hold tight for a while, emailed the vendor with some deets after a call so we'll see what they have to say
<sarnold> drab: oh! cool
<sarnold> lets hopeyou can reach a human :)
<drab> I got to one, let's see how good this human is, they have honeslty already done more than most by not just saying "fio? oh sorry, we just run CDM on windows, your problem"
<drab> which is in many ways an understandable business strategy when your market is primarily ms desktop/laptops
<sarnold> understandable but dissapointing
<sarnold> of course I can relate, I've got near-zero ability to help with windows things. so. :)
<drab> the one thing that does worry me is taht testing with a higher numjobs seems to pose quite a challenge :(, whcih is actually closer to the workload given that server is supposed to run a bunch of VMs
<drab> the other thing I have not been able to put my finger on is to map a workload in terms of block size reads and writes
<drab> I wonder if I can do something with iostat or whatnot
<drab> but I don't think that tells you what kind of block size reads/writes happen at from say mysql or apache etc
<sarnold> drab: hopefully useful https://github.com/iovisor/bcc/blob/master/tools/bitesize.py
<sarnold> drab: fwiw I've never used the bcc version of that tool, only the perf version: https://github.com/brendangregg/perf-tools/blob/master/disk/bitesize  -- but the bcc version may have lower overhead
<drab> sarnold: thanks, will take a look
<drab> sarnold: thanks, that's really nice, I ended up installing bcc and it has a biosnoop which does already what I needed (prints a SIZE column with the size of the IO request , per process)
<drab> in fact that's a great toolset I didn't know about, thank you for sharing it
<sarnold> drab: here have a weekend's worth of reading or videos, whichever you prefer :) http://brendangregg.com/
<drab> I'm also going to try and give kernel 4.9 a go just in case, I'm seeing a bunch of updates to nvme
<drab> altho I still feel like firmware at this point
<drab> various tests with higher numbjobs peg at 700MBs consistent, so somehow that seems a cap and it's not the PCIe bus cap, not the interlink with the CPU
<Village> Good evening, what server solution is beter 16.04 or 16.10 ?
<Village> i think i chose 16.04
<Village> and swap 1024 MB getting off? i mean enoght?
<patdk-lap> no idea, dunno what your doing on it
<sarnold> Village: I strongly recommend picking LTS releases (16.04 LTS) over non-LTS releases unless you happen to like filing bug reports and so on :)
<patdk-lap> personally if you need any swap at all, I would consider you are using too much
<patdk-lap> unless you plan to use hibernate
<sarnold> the kernel can make some better use of memory if you have -some- swap space
<sarnold> but if you wind up using it often then probably you didn't buy enough hardware
<patdk-lap> the kernel always does bad things using swap for me
<sarnold> one gigabyte is probably a good idea
<Village> patdk-lap, it's three partitions swap last 1024 MB, boot - ext4 200 MB and data
<Village> it's by default i leave it
<patdk-lap> my servers run with 300megs swap
<Village> last configuration was not bad, ok thanks Guys
<patdk-lap> 1gig boot
<sarnold> that sounds like a small /boot
<sarnold> one gig /boot is better
<patdk-lap> 200mb boot? that isn't going get you anywhere
<Village> hm very much boot
<patdk-lap> if it's efi, then that is different
<Village> boot / data / three swap
<sarnold> right
<patdk-lap> if using efi boot, no need for a seperate /boot
<patdk-lap> I had gotten so used to newer systems
<patdk-lap> that on many of my servers, I stopped using /boot
<patdk-lap> and hit a stupid raid card bios that can only boot the first 4gigs of the disk :(
<sarnold> ewwww
<patdk-lap> I found it had an option to change it to 8gigs, if I reformatted the raid
<gentoo> while atempting to install radeon drivers there is encountered configure problems preventing install
<gentoo> starting with udev
<gentoo> dpkg --configure udev doesn't work for not finding update-intramfs
<gentoo> how can update-initramfs be found in the packages with the end result of installing radeon drivers in mind?
<Seven_Six_Two> I have a vm exporting /var/www, which is mounted rw by my desktop. guest and host have same username. I've done chmod -R g+w on the mounted /var/www, and verified that apache is so far unaffected. I've added my host user to the www-data group, so that I can modify files in mounted system, and verified group membership with id command. But I can't modify or create still.
<sarnold> what filesystem type?
<Seven_Six_Two> both ext4
<sarnold> and how about the network filesystem between the two?
<Seven_Six_Two> nfs?
<Seven_Six_Two> mount command shows it's mounted RW
<Seven_Six_Two> nfs4
<sarnold> nfs usually works with userids, not usernames; does id show the same -numbers- everywhere?
<Seven_Six_Two> oh in trying to describe my issue, and your question, I may have found my solution.
<Seven_Six_Two> thanks
<sarnold> oh? :)
<sarnold> what was it?
 * sarnold <-- always happy to be a rubber ducky
<Seven_Six_Two> oh I don't know yet, I'm assuming my first search result was related, as it's about nfs version differences
<Seven_Six_Two> but I haven't got that far yet. They do have the same user id, actually
<sarnold> and group ids?
<Seven_Six_Two> for www-data?
<Seven_Six_Two> they're the same. both ubuntuish
<sarnold> no kidding, i never noticed that it was the same everywhere; 33? my three easy hosts show 33
<Seven_Six_Two> user and group id for my users also match (all 1000)
<Seven_Six_Two> I was wrong, also. I haven't found my answer yet.
<sarnold> aww :(
<Seven_Six_Two> ok I might have found an issue. when I do   id myuser   i see www-data as a group, but when I just to id      I don't see it. But I'm logged in as myuser
<sarnold> AH
<sarnold> hrm this description might take some time
<sarnold> processes inherit their ids from their parents
<sarnold> and when you logged in via sshd or lightdm or whatever, PAM told the process which groups to use for your process
<sarnold> you fiddled with group database, but that only affects when processes go through PAM again -- existing processes are unchanged
<sarnold> so you can either use 'newgrp' or 'sg' to start a new shell with the new group
<sarnold> or you can log in again via ssh or lightdm or whatever
<sarnold> (note that /usr/bin/newgrp is setuid root -- it will essentially take the place of sshd or lightdm, and run through the full PAM stack again)
<Seven_Six_Two> hm
<Seven_Six_Two> odd. I ran newgrp and it changed my bash history. I'll log in again. Thanks!
<sarnold> well that's the thing
<sarnold> it started an entirely new shell :)
<sarnold> that's the only way to get the group in a process -- to be a child of a process that had it, the setuid newgrp.
<samba35> i am using openvswitch on ubuntu 16.04.1 ,on this host machine i have installed one guest (centos) using kvm ,please help me to correct my understand or is that expected
<samba35> when i run arp on ubuntu i am getting incomplete message with ethernet but bridge  show ip and mac both end mac id correct (ubuntu is dhcp client)
<samba35> on guest machine /centos  ? (192.168.80.125) at  xxxxmac id of host  [ether] on eth0
<rbasak> teward: how's nginx looking? FF next week.
<caribou> rbasak: would you have the time to review the second nut merge branch ?
<caribou> rbasak: I cannot see any tagging issue with it, wrt https://code.launchpad.net/~louis-bouchard/ubuntu/+source/nut/+git/nut/+merge/311471
<caribou> rbasak: maybe I should just drop this MR & create a new one with the _v2 branch ?
<rbasak> caribou: sure, though it's my SRU day today. Can I look tomorrow?
<caribou> rbasak: oh, sure np
<caribou> rbasak: or point me to the bits you use to verify it and I can start to have a look
<caribou> in case i see something obvious
<rbasak> caribou: you can run wip/review from the usd-importer repo. But you have to edit the top, and read stdout/stderr carefully IIRC.
<caribou> rbasak: ok, I'll have a look
<blueking> sudo vconfig add eth0 100  <- this  are tagged or untagged ?
<mwhahaha> coreycb, jamespage: did you guys push new UCA packages? watcher is broken http://logs.openstack.org/28/430828/1/check/gate-puppet-watcher-puppet-beaker-rspec-ubuntu-xenial/de2a6c1/logs/watcher/watcher.txt.gz#_2017-02-08_12_19_50_416
<jamespage> mwhahaha, are you using ocata-proposed?
<mwhahaha> jamespage: yea
<jamespage> not changed since 2017-01-17	
<mwhahaha> jamespage: i guess we didn't both testing that one since the last update, well it's broken
<jamespage> mwhahaha, I see an update in staging, coreycb is working through some challenges re cells stuff for b3/rc1 which I think is blocking our testing atm
<jamespage> coreycb, ^^ is that correct?
<mwhahaha> oh cell v2, how i know that pain
<coreycb> jamespage, yes cells is blocking
<mwhahaha> that's fine i just wanted to make sure you're aware. i'll just skip it for now.
<jamespage> coreycb, zul: ok this is our old favorite don't pull from github.com problem
<jamespage> coreycb, zul: can we phase in a policy to update watch files to use release tarballs from tarballs.openstack.org please
<jamespage> tarballs based on github tags and no better that using git + tags
<zul> jamespage: slowly changing the watch files as I go ;)
<jamespage> zul, awesome - looks like watcher needs a recut/re-upload to fix missing alembic migrations
<zul> jamespage: fudge
<coreycb> jamespage, zul: ok.  i see alembic.ini file in the package source but it doesn't get installed so it may need a manual install in d/rules too.
<coreycb> thanks mwhahaha we'll get that fixed up
<mwhahaha> np
<zul> i think we should be adding basic dep8 tests to more stuff as well
<jamespage> coreycb, zul: this problem will go away if we switch to using the release tarball
<jamespage> coreycb, zul: adding things to d/rules is death by a 1000 cuts for this sort of thing
<coreycb> jamespage, ok.  why is that though, is the manifest missing in the git tarball?
<jamespage> coreycb, yes - because the git tarball is just a snapshot of the tree, whereas the release tarballs is generated from the tree usng pbr via sdist
<coreycb> jamespage, ok that makes sense
<jamespage> coreycb, this is what we do in the ci system - we grab git, generate the tarball using python setup.py sdist and then package against that
<jamespage> pbr does some automagic stuff and generates a better MANIFEST
<jamespage> coreycb, relying less of human brains to get things right
<coreycb> jamespage, right.  they've been dropping manifest files because pbr does manifest magic now.
<powersj> xnox: when you ran vmtest on s390x in the past do you recall if you were customizing the images? still trying to figure out why all of a sudden s390x-tools was required.
<cpaelzer> powersj: which should be default installed anyway - I don't see much cases to run without it
<cpaelzer> zul: coreycb: I had no luck in reproducing the qemu triggered nova test isssue either
<cpaelzer> zul: coreycb: I went for the more reduced proposed set first "--apt-pocket=proposed=src:qemu"
<cpaelzer> zul: coreycb: and then wit hsome hackery to get it working to run in a KVM guest
<coreycb> cpaelzer, ok.  we need to add some extra debug to our dep8 test
<cpaelzer> zul: coreycb: ?unfortunately? all are working so far
<cpaelzer> zul: coreycb: there is one thing I found thou
<cpaelzer> zul: coreycb: maybe that helps with your thoughts on debug
<cpaelzer> zul: coreycb: look at https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-zesty/zesty/ppc64el/n/nova/20170208_114508_9825b@/log.gz and https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-zesty/zesty/ppc64el/n/nova/20170203_151321_9825b@/log.gz
<cpaelzer> zul: coreycb: do note that they fail at DIFFERENT spots in the nova-compute-daemon tests
<coreycb> cpaelzer, what do you mean by different spots
<zul> cpaelzer/coreycb: im in the middle of fixing the dep8 tests and will be trying to add more debug stuff if there is a failure
<cpaelzer> zul: coreycb: search for "NOVA-COMPUTE FOR nova-compute-" in there - one stops at kvm one at qemu
<cpaelzer> zul: coreycb: but the other works in each case
<cpaelzer> zul: coreycb: so it might be racy as well
<cpaelzer> zul: coreycb: furthermore - I requested the config of the autopkgtest flavor and got it from Laney
<coreycb> cpaelzer, oh i thought it was just nova-compute-qemu that's been failing
<cpaelzer> zul: coreycb: with the same sizes I still get all PASS, but when attaching to the serial main console I see plenty of OOMs
<cpaelzer> zul: coreycb: OOMs could be the factorr that makes this somewhat transient
<coreycb> cpaelzer, ok interesting
<cpaelzer> coreycb: zul: like "Out of memory: Kill process 12028 (nova-conductor) score 70 or sacrifice child"
<zul> hmmm...interesting
<cpaelzer> all lxc based tests will never get this until host is exchausted ( I dont think we have mem limits, and even if so it is more efficient)
<cpaelzer> but with KVM as I set it up I see them
<cpaelzer> I need to do another rerun once the current one is over, trying to get the log out to a file or so
<cpaelzer> coreycb: zul: FYI 1536 M is the limit
<cpaelzer> coreycb: zul: I have a local repro - on the third re-run
<cpaelzer> coreycb: zul: yet it is somewhat dead, so I assume even more the OOM to be involved
<zul> cpaelzer: how much memory does the instance has...since i just ran a regular test and i get a "failed to fork" on the tests
<cpaelzer> the ppc64el autopkgtest flavour has 1536M
<cpaelzer> it just cleaned up and should get me to shell-fail soon - I can then check if thre were OOMs in this case as well that I had reproducing
<cpaelzer> zul: coreycb: here the ooms in the failing case http://paste.ubuntu.com/23954935/
<cpaelzer> zul: coreycb: maybe it is transient depending on what the OOM killer hits
<zul> cpaelzer: yeah if the nova-conductor goes away then the nova-compute tests fail
<cpaelzer> I'm analyzing on my system (whats left) where the memory goes to
<cpaelzer> it seems to be a fight with openstack respaning things and OOM Killer reaping it - already 60 kills and up
<cpaelzer> I'm restarting it with way more memory to see if it would work then
<cpaelzer> to note - the test is waiting for me due to shell-fail - but spawning and killing goes on
<cpaelzer> zul: are you ok with me restarting this - or do you think you need any debug data from this case?
<zul> cpaelzer: try it with more memory please
<xnox> powersj, i have note.
<xnox> powersj, i have note
<xnox> powersj, but note, that previously s390-tools used to be declared as important and installed everywhere (including chroots/containers)
<xnox> powersj, very late in the cycle (can't remember which) we have made s390-tools unimportant (thus not debootstrapped by default)
<xnox> and instead made it to be installed as part of cloud-image generation, and inside d-i's zipl-installer
<xnox> such that it is only installed on systems that are going to boot.
<xnox> powersj, i can't remember what vmtest does, but it does make sense if one now needs to add "apt install s390-tools" somewhere.
<nacc> xnox: powersj: will read bakctrace, but sounds like maybe an arch dependency in tools/vmtest-system-setup?
<xnox> probably. before it was automagic =)
<xnox> nacc, and/or maybe whatever generates maas images should be including s390-tools
<xnox> if it start off from stock container tarballs
<nacc> xnox: ah good point
<powersj> xnox: thanks for the info, the priority change at least explains why it is no longer there
<cpaelzer> zul: coreycb: with 8G all passing and no OOM
<zul> cpaelzer: thought so
<coreycb> cpaelzer, ok thanks for digging into that
<cpaelzer> coreycb: zul: I'm at EOD - would you let me know what the conclusion on this will be once you settle on the new tests you said you are working on?
<zul> cpaelzer: ack
<jayjo> I need to transition a server over to a colleague. This server lives on AWS. What do I need to do to get them primary access? I create an ssh key, and create a user, but how do I promote that user to the level of my old user?
<rbasak> You could add your key to authorized_keys. Handing over control over the instance (for example permission to terminate it) is really a question for Amazon.
<jayjo> It is more for the scripts and jobs the server runs, not the "ownership" on the AWS side. If I give them ssh access, that's the end of it?
<rbasak> By default users belong to the admin and/or sudo groups. You may want to add those.
<rbasak> Beyond that, it depends on what you set up.
<rbasak> There's also stuff like libvirtd, which on install copies the admin group (IIRC). Or something like that. libvirtd probably doesn't apply to an AWS instance though.
<drab> anybody knows enough about block devices to help me understand why, with a O_DIRECT flag, I'm still seeing much faster speed writing to a filesystem than writing to the raw device?
<drab> I thought once o_direct was enabled FS caching would be out and at most I'd be using the same OS cache that dd would
<rbasak> drab: I'm under the impression that O_DIRECT is best effort, and it depends on your filesystem.
<drab> mmmk, I'm testing on ext4 and the diffrenc between writing directly to /dev/nvme or to a file on an ext4 fs on it is huge
<rbasak> I don't know that it does, but I wouldn't be surprised to hear that ext4 completely ignores O_DIRECT.
<sarnold> rbasak: I think drab's test is to open the raw block device with O_DIRECT and write to it that way
<rbasak> I assumed he meant he was opening a file on the filesystem O_DIRECT.
<drab> both, well fio is doing taht for me (and dd), not coding anything up
<drab> it's both opening the raw device with o_direct and in another test a file on a ext4 fs on the same device
<drab> ls -l
<mdeslaur> nacc: hi! I'm currently preparing security updates for php5...are you planning an SRU to php 7.0.15 soon?
<nacc> mdeslaur: yeah, i think i'm going to need to for a bug in the last SRU
<nacc> mdeslaur: was hoping to do that this week
<mdeslaur> nacc: oh, interesting
<nacc> mdeslaur: an upstream bug, that is
<mdeslaur> ok, so I'll fix php5 with backports, and I'll wait for your 7.0.15 SRU to go through, and once it does, I'll rebuild it and re-release it as a security update, how's that sound?
<mdeslaur> unless you think it's safe to just update to 7.0.15 directly as a security update
<mdeslaur> but I really hate doing that as I can't back out patches if there's a regression
<mdeslaur> nacc: ^
<nacc> mdeslaur: yeah, that makes sense to me
<coreycb> beisner, hi can you promote qemu 1:2.3+dfsg-5ubuntu9.4~cloud3 to liberty-proposed and qemu 1:2.2+dfsg-5expubuntu9.7~cloud8 to kilo-proposed please?
<beisner> hi coreycb, both synced to -proposed.
<coreycb> beisner, thanks
<beisner> yw coreycb
<Seven_Six_Two> I have an ubuntu vm exporting /var/www as an NFS share. host and guest have same username, each with same user ID and group ID. host user belongs to www-data group, and folders/files in mounted folder are g+rwX but I still can't create or modify files.
<patdk-lap> none of that matters, unless your using nfs3
<patdk-lap> nfs4 is a totally different beast
<sarnold> hey Seven_Six_Two, still no luck? :(
<Seven_Six_Two> patdk-lap, I am using 4. I got a hint at that last night, but didn't find a solution. No sarnold, but I haven't worked on it since yesterday
<countingdaisies> I'm not sure what to search for ...  I have a situation where I need to install multiple php applications (1 currently installed and 1 one lined up to install any time soon).  I don't know enough about what scheme/system/type of soln I need to employ so that the urls used to access each application are unique. I have heard different terms related to configuring a web server or something like...
<dino82> What is in your /etc/exports
<countingdaisies> ...that, but I don't know what to choose or where to begin. Can someone steer me in the right direction?
<Seven_Six_Two> dino82, /var/www *(rw,sync,no_subtree_check,no_root_squash)
<patdk-lap> that is defently a nfs3 export
<sarnold> countingdaisies: depends upon your webserver of choice; nginx for example has multiple location blocks: https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
<Seven_Six_Two> but my mount on the host:  webdev1.local:/var/www on /home/username/Workspace/vm/Webdev1 type nfs4 (rw,relatime,vers=4.0,rsize=131072,wsize=131072,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=192.168.168.3,local_lock=none,addr=192.168.168.81)
<sarnold> countingdaisies: apache may also call their things "location"..
<Seven_Six_Two> I'm also unsure of whether my guest user or host user needs to be a member of www-data. or both? but like you mentioned patdk-lap maybe it's irrelevant?
<countingdaisies> sarnold: Thanks.  I have a package called eramba installed (the installed php package) but I don't know in what way it was configured since I just followed instructions (from more then one source). Now I also want to install media wiki which is a php application. Right now I access eramba by entering "http://localhost/login" or if I type "http://localhost/" it redirects to the first. Also ,...
<countingdaisies> ...eramba is not installed properly (barely installed I'd call it) though That's my current sitch. I'm using apache2 (ubuntu's version/default). Wish i had a clearly laid out plan to achieve my goals but feeling a bit overwhelmed at the prospect.
<countingdaisies> Sorry, I'm wordy (Lord knows I try)
<Seven_Six_Two> countingdaisies, I use apache for multiple sites.
<sarnold> this may be a usful high-level overview of ubuntu-style apache config https://help.ubuntu.com/lts/serverguide/httpd.html
<countingdaisies> Seven_Six_Two: I'm sure that's what I need to do, but how? Where to start if what I want is merely to solve a problem not learn everything there is to know?
<Seven_Six_Two> countingdaisies, you just need a config file in /etc/apache2/sites-available for each website that you have. The config file specifies the url that the site will respond to, and until you have a real domain name, you can just make one up and use /etc/hosts to point it to 127.0.0.1
<countingdaisies> sarnold: I'll read that, ty
<Seven_Six_Two> then you enable it using   sudo a2ensite siteconfigfile.conf
<Seven_Six_Two> or whatever the file name is in /etc/apache2/sites-available (and it must end in .conf)
<sarnold> heh, good point about 'ending in .conf'. it's easy to lose -hours- trying to track that down.
<Seven_Six_Two> yeah, the switch messed me up, as I wasn't really reading the release notes like I should have been
<countingdaisies> Seven_Six_Two: Are you suggesting that it's permissible to change the address in a apache config file to estend beyond the primary domain?  eg: localhost/some_additional_stuff_I_completely_make_up   ??
<sarnold> Seven_Six_Two: you weren't the only one
<countingdaisies> Seven_Six_Two: That super super helps a lot. ty
<countingdaisies> sounds simple
<Seven_Six_Two> countingdaisies, your "ServerName" directive doesn't have to be a real domain. But it has to be something that your browser can resolve, hence the hosts entry
<Seven_Six_Two> I use business.local or something like that
<sarnold> .local is trouble since apple bonjour assumes it owns it
<sarnold> (very annoying)
<Seven_Six_Two> just don't use a .com or .org..oh really? I guess anything not-official would be best then? is .dev a real tld?
<Seven_Six_Two> oh no, they are now...
<sarnold> looks like .dev is owned by google https://en.wikipedia.org/wiki/List_of_Internet_top-level_domains
<sarnold> s/owned/operated/
<Seven_Six_Two> I guess I should switch!
<sarnold> afaik there's no "safe" tld choice set aside for folks to use internally :(
<Seven_Six_Two> really it can be anything though. If I block a website called something.dev, I guess it's a risk I take.
<sarnold> if you haven't hit it yet.. :)
<Seven_Six_Two> or, the only one set aside is the one you own
<sarnold> good point
<countingdaisies> Seven_Six_Two: Like death, the day I'd have to learn this had to come. Glad you made it a little easier to swollow.
<Seven_Six_Two> np! apache isn't so bad, once you give it a chance
<Seven_Six_Two> but it's definitely not meant for your average user, since misconfiguration of a public server can be tragic
#ubuntu-server 2017-02-09
<nacc> mdeslaur: thanks for the poke, i uploaded 7.0.15 will work on the SRU tmrw AM
<nacc> mdeslaur: from your perspective, and given the decision in 16.04, do you have an opinion on what to do about php7.1 in 17.04?
<nacc> mdeslaur: it's in universe right now, and i believe is safely coinstallable with php7.0. But I'm not sure we want to have both be availabe
<nacc> rbasak: --^ may also have an opinion
<countingdaisies> What are options for nomenclature of the files in /etc/apache2/sites-enabled  ?? I'm wondering if, like /etc/hosts, I can just make up whatever naming scheme I want and how apache2 handles it when it looks for them?
<countingdaisies> is 000-*    the only format one could use?
<sarnold> make sure the filenames end in .conf
<sarnold> the numbers are just there to make it easy to sort
<countingdaisies> sarnold: Right on. And, is there a reason that numbers are prefixed with the default naming?  (ie: 000-default.conf)?
<countingdaisies> I mean a practical reason one 'better' do it that way?
<sarnold> the 'default' is just there so you know it's a default :)
<nacc> countingdaisies: more than likely that is to ensure a particular order of loading
<countingdaisies> nacc: I see.
<countingdaisies> thx
<nacc> i'd have to verify in the init script, but that's typical, at least, and affects the globbing
<sarnold> didn't apache suck that into the daemon startup?
<nacc> sarnold: oh might be true, yeah
<mdeslaur> nacc: meh, we definitely want it in 18.04, which means we probably want it in 17.10....but for 17.04, it's probably not worth the time trying to make sure everything is co-installable and works
<mdeslaur> nacc: personally, I'd wait until 17.10 and then get rid of 7.0
<nacc> mdeslaur: yeah, that's my thinking as well
<monokrome> Does anyone know if I can have a .xsession file in my home directory for my window manager? I am trying to avoid having it in /usr/share/xsessions/
<sarnold> monokrome: hehe, yeah, your home dir is far more usual
<monokrome> sarnold:  I would think that, but everything I see online says to throw it in /usr/local/
<monokrome> Do you know where it needs to be placed?
<sarnold> monokrome: that might be just so an admin can give users happy defaults so they don't have to write their own
<sarnold> monokrome: I can't recall if it is ~/.xsession or ~/.Xsession. It's been so long :/
<monokrome> aaran: Well, usually you have to create a .xsession file in /usr/local/xsessions that points to ~/.xsession or whatever you want to call it
<monokrome> and I'm trying to avoid creating the desktop entry in /usr/local
<sarnold> I thought all that was configured already in /etc/X11/Xsession*
<monokrome> ah
<monokrome> maybe it's automatic now
<monokrome> will try
<monokrome> Thanks :)
<monokrome> Well, that didn't workl
<sarnold> you may need to select something specific at the graphical login screen if you're using one
<monokrome> There aren't really any options in there
<monokrome> I'm just using the default Ubuntu login screen
<monokrome> whoa, sorry - I did *not* realize that I tabbed into #ubuntu-server instead of #ubuntu
<Seven_Six_Two> okie dokie pokie. so I followed the nfs4 instructions here: https://help.ubuntu.com/community/NFSv4Howto  and still have the same problem. filesystem mounts rw, but I can't write to is..
<Seven_Six_Two> no errors. /etc contains the lines:  /export	192.168.168.0/24(rw,fsid=0,no_subtree_check,sync)
<Seven_Six_Two>  /export/www 192.168.168.0/24(rw,nohide,no_subtree_check,sync)
<Seven_Six_Two> and I mount the child explicitly.
<Seven_Six_Two> ugh. I wish documentation was better for NFSv4. Here's where I'm at.
<Seven_Six_Two> https://paste.ubuntu.com/23958578/
<Seven_Six_Two> any NFSv4 pro out there? I can mount, but I can't write.
<Seven_Six_Two> uid gid on client and server match. /etc/idmapd.conf contains domains on both (but not in pastebin for server. it's there!)
<nacc> Seven_Six_Two: what happens when you try to write?
<Seven_Six_Two> touch: cannot touch 'text.txt': Permission denied
<nacc> Seven_Six_Two: can you cd to the mount point and ls?
<Seven_Six_Two> yes
<nacc> Seven_Six_Two: ok, then most likely, the denial is being issued by the server
<nacc> Seven_Six_Two: i believe nfs can/does log stuff?
<Seven_Six_Two> I don't know. I can't find anything
<nacc> Seven_Six_Two: also, trying to understand, but would the uid on the server be able to write to /export?
<Seven_Six_Two> no, but that's not the root, not the folder that I'm trying to write to
<Seven_Six_Two> *that's the root
<nacc> Seven_Six_Two: ok, then /export/www
<Seven_Six_Two> so, no. /export/www is root.root
<nacc> Seven_Six_Two: right, so how would you be able to write to it over NFS?
<nacc> Seven_Six_Two: i don't know much about it, but that's where i'd start, at least
<Seven_Six_Two> it's actually a subfolder of that, owned by www-data.www-data that I'm trying to write to
<nacc> even that, though, unless you modify the permissions on it, won't generically be writeable over NFS, aiui
<Seven_Six_Two> ok, I'm not sure how to change it, and it's bind mounted
<nacc> or you need to do some swizzling, maybe
<Seven_Six_Two> I changed the subfolder and all contents to g+rwX
<patdk-lap> you setup kerberos?
<Seven_Six_Two> no
<Seven_Six_Two> no kerberos
<Seven_Six_Two> trying to use uid gid
<patdk-lap> not sure nfs4 will work right for security without it
<nacc> Seven_Six_Two: i might be wrong on my point, as NFS4 has changed it signifcantly
<patdk-lap> but then, I have only played with nfs4 on solaris
<nacc> Seven_Six_Two: were you following https://help.ubuntu.com/community/NFSv4Howto
<Seven_Six_Two> yes. that's one that I started with
<nacc> Seven_Six_Two: i note that you have not set 'sec=sys' in both places
<nacc> Seven_Six_Two: from the client, what are the permissions on the directoryou want to write to (`ls -ahl`) ?
<Seven_Six_Two> drwxrwxr-x 10 www-data www-data
<nacc> Seven_Six_Two: and is your user either www-data or in the group www-data?
<nacc> Seven_Six_Two: and note that help.ubuntu.com page tells you how to enable logging, which seems like something you should do
<Seven_Six_Two> nacc, I think I skipped sec=sys because a bit later on, it says "They do not work", which I took to mean sec=sys in both places does not work. It looks like the guide has had multiple edits
<nacc> Seven_Six_Two: you have it on, in your client
<Seven_Six_Two> interesting. I see that. It isn't in my mount command
<nacc> Seven_Six_Two: i believe if you set sec=sys on your client, then it will use local uid/gid to determine permissions
<Seven_Six_Two> and I don't see where to put that in the server
<nacc> Seven_Six_Two: and if you are doing this as the 'fathead' user (based upon mountpoint), then you probably don't have appropriate permissions to write to the directory
<Seven_Six_Two> so it's set, and uid and gid match
<Seven_Six_Two> I added fathead to www-data group on client
<nacc> Seven_Six_Two: are you logged in as that user?
<Seven_Six_Two> yes
<nacc> Seven_Six_Two: did you logout & login after the group change?
<Seven_Six_Two> rebooted
<Seven_Six_Two> I hit that wall yesterday  ;)
<Seven_Six_Two> uid=1000(fathead) gid=1000(fathead) groups=1000(fathead),4(adm),24(cdrom),27(sudo),29(audio),30(dip),33(www-data),46(plugdev),108(lpadmin),110(sambashare),1001(realtime)
<nacc> Seven_Six_Two: well, i'd start by adding the logging as on that page and see if it's client or server-side denial
<nacc> Seven_Six_Two: and then https://workaround.org/articlenfs-secsys-or-ruin-your-day/ this sort of implies it's a pain...
<nacc> Seven_Six_Two: sorry, i'm done for the day, gl! hopefully others can ehlp
<Seven_Six_Two> thanks a lot nacc!
<patdk-lap> why if you want something this basic, I would just recommend using nfs3
<Seven_Six_Two> because I've made a bunch of changes, and I'm afraid that if I try to revert, I'll forget one, and get even more frustrated.
<patdk-lap> that isn't hard
<Seven_Six_Two> I mount nfsv3 shares, so I know it works
<patdk-lap> nfs3 doesn't understand all that stuff or use it, so it will be ignored :)
<patdk-lap> but if the goal is to use nfs4, sure
<Seven_Six_Two> no. the goal is to make it work, and I guess my client assumed nfsv4 so I kept going on that road.
<patdk-lap> yes, nfs4 has been the default for awhile
<Seven_Six_Two> damn. nothing in the logs showing an error either.
<Seven_Six_Two> ok. I'll try to switch back.
<Seven_Six_Two> do I have to unbind the directory?
<countingdaisies> I had no idea apache was this easy nor that it gave you such a deep level of control. Ya'all are a lifesaver for real.
<countingdaisies> Someone else did that for me years ago with file paths and how that works and it opened up a whole new level for me bc of the one little conversation. Super cool.
<Seven_Six_Two> so I think I've reverted everything. when I try to mount the nfs export using -t nfs
<Seven_Six_Two> it still mounts nfsv4. and -t nfs3 isn't an option like nfs4
<Seven_Six_Two> https://help.ubuntu.com/community/SettingUpNFSHowTo   even using NFS Client settings, instead of NFSv4 Client settings mounts as nfs4.
<patdk-lap> vers=3
<patdk-lap> you also likely didn't setup the server to reject v4 connections
<Seven_Six_Two> no I don't think I did. I came across a blog that mentioned it, but the entirety of the instructions seemed overblown
<patdk-lap> https://ubuntuforums.org/showthread.php?t=2160663
<Seven_Six_Two> I'm using nfs3 using fstab where it's explicit. It's strange that that option isn't mentioned in mount manpage or any other nfs setup guide
<patdk-lap> it's an option, vers=3
<patdk-lap> I'm using nfsvers=3
<Seven_Six_Two> oh that page. yeah, I didn't do that because I didn't need it for current mounts (but version is in fstab)
<patdk-lap> in fstab: nfs.server.... /var/... nfs noatime,rw,nfsvers=3,rsize=131072,wsize=131072,hard,intr
<Seven_Six_Two> and there was no confirmation that it works. and it's 4 years old
<patdk-lap> oh, add on also _netdev
<patdk-lap> well that is easy to verify, man rpc.mountd
<Seven_Six_Two> yeah, I have it in fstab for my server, but I've had problems with long filesystem hangs when nfs mounts aren't available, and since this is a vm, putting mount in fstab seemed like a bad plan.
<patdk-lap> nobootwait
<Seven_Six_Two> I've had nautilus not list files in my home folder when nfs mounts aren't there.
<Seven_Six_Two> ok, I'll look in to those. I saw _netdev on one tutorial
<patdk-lap> you need _netdev
<patdk-lap> nobootwait would depend on useage
<patdk-lap> wait for nfs mount to work, during boot
<Seven_Six_Two> do I just put _netdev in fstab?
<patdk-lap> or skip
<patdk-lap> yes
<Seven_Six_Two> oh my. It finally works!
<Seven_Six_Two> It only took me hours longer than it should have.
<Seven_Six_Two> thanks for your input patdk-lap
 * Seven_Six_Two closes a thousand tabs, and turns music back on.
<countingdaisies> Does anyone know what to do?  http://imgur.com/a/jxmNu
<countingdaisies> I think I'm supposed to use apt-get to solve this one, but I need some clarification. Any help would really be appreciated.
<countingdaisies> And it isn't clear to me what packages it's saying are missing (as in the exact package names)
<alkisg> countingdaisies: since eramba isn't an ubuntu package, I would assume it's not supported in the ubuntu channels, but in their own channels...
<alkisg> Don't they have any irc channels or forums or mailing lists to ask?
<countingdaisies> alkisg: check it out, no they don't, not at all. They have very little documentation, what there is is glossed over (expected base knowledge is a bit high for me), it's a php application (which involves apache and mysql), and have very very little exper with any of them. This, eramba, is GRC software and is the only open source GRC software that I can find (probably is the only 'foss' one in...
<countingdaisies> ...existance). I perceive it is a very very good application, but I need some help to get over the bumps on this. The ubuntu apache package is unique to ubuntu (ie: different than upstream) - that's what I'm told when I as questions in #httpd (and mysql is the same).  Are over 400 users logged into this chanel being forbidden to address my question?
<countingdaisies> Mow I've been going in circles with this application for several weeks now - what exactly am I expected to do (other than what I'm doing right now)?
<alkisg> countingdaisies: http://www.eramba.org/resources/enterprise-services/
<countingdaisies> #ubuntu explicitly advised to come to this chanel with these questions earlier tonight
<alkisg> I see they have support contracts there
<countingdaisies> I know
<alkisg> Well, that's how they are supposed to keep development going
<countingdaisies> alkisg: if you don't want to talk about it then don't
<countingdaisies> let someone else then
 * lynorian has never used that software
<countingdaisies> now I asked a very direct question: "Are over 400 users logged into this chanel being forbidden to address my question?"
<cpaelzer> countingdaisies: it isn't the most used software, so experience with it might be low
<samba35> today i update my 16.04.1(for some package 16.04.1 is update long time back from 16.04 ) after update openvswitch is behaving very rude :( ,after every boot config setting is lost ,need to reconfigure every time
<countingdaisies> cause then maybe the mod in #ubuntu would wonder why when he gave me explicit direction to come to this chanel with these questions
<countingdaisies> no damit
<lynorian> countingdaisies, no they are not forbidden to address your question sometimes people just might not know
<cpaelzer> countingdaisies: there was no experience there and he likely had hoped that the server folks might know
<cpaelzer> countingdaisies: no bad things in that
<countingdaisies> cpaelzer: I only ever asked permission to ask the question (0bbiously I have to fight to be a part of the community)
<cpaelzer> countingdaisies: did you follow that https://www.youtube.com/watch?v=rmxdBCLmk9c to get to your failing dependency checks?
<samba35> cpaelzer: Hallo morning
<cpaelzer> countingdaisies: you never have to ask for permission to ask, but OTOH you can neither force an answer - especiall in a topic that only a super-low percentage has experience with
<cpaelzer> hi samba35
<samba35> is there was some update for openvswitch today/yesterday
<cpaelzer> countingdaisies: I must smile comparing your rant on their documentation and seeing on the eramba website "the installation procedure has been well documented on our website"
<cpaelzer> samba35: which release?
<samba35> 16.04.1
<countingdaisies> cpaelzer: https://www.youtube.com/watch?v=qt6IQ4Kf8HM  and  https://github.com/ivuk/eramba-vagrant/blob/master/eramba_deploy.sh   are what I used, now I'm trying to work through the specific problems reported but unsure what they mean
<countingdaisies> and the documentation on their site (I forgot)
<alkisg> (08:44:39 ÏÎ¼) countingdaisies: alkisg: if you don't want to talk about it then don't ==> I can't talk about it because I've never used it; I was just trying to help you in finding the correct place to get help. If you don't want that kind of help, I'll gladly stop trying to help you that way.
<cpaelzer> countingdaisies: I never touched eramab, but skimming over their doc appears to me to be bound on very old dependencies
<cpaelzer> countingdaisies: e.g. look at Operating System Specs at https://docs.google.com/document/d/1vxh1knFcB6_ZVPUF4hy9i5XafIR3BijoZffCL_vjRVU/edit
<cpaelzer> php7 not supported
<cpaelzer> Maybe the doc is outdated, but that is what they link still
<lynorian> cpaelzer, yeah that can easily happen for people to forget to update documentation
<countingdaisies> alkisg: no offense. It's something I consider to be a barrier to finding the help I need. Again, no offense, just a sensitive spot for me
<countingdaisies> cpaelzer: I had to downgrade to php5
<cpaelzer> yeah--
<countingdaisies> I think the community edition is the prev edition
<lynorian> yes they have not updated the application to php 7 I think
<countingdaisies> It was/is my only hope to ever use this type of software as i probably will never afford the cost associated with grc software.
<cpaelzer> countingdaisies: I'd expect that their other deps are on an older level as well - and no matter how unreadable their check is - for know not knowing better, I'd assume that
<cpaelzer> countingdaisies: have you tried to set up on a ubuntu 14.04
<cpaelzer> ?
<countingdaisies> Could the dependency (eg: curl libraries  for example) be missing from within the application (rather than ubuntu)?
<cpaelzer> countingdaisies: my reading is that the system either doesn't have or has only incompatible libs/plugins of these
<countingdaisies> cpaelzer: I haven't. I suppose I would save that for a last ditch option though
<cpaelzer> countingdaisies: any chance you can read german - that seems straight forward (on 14.04) https://hpz.eu/blog/installation-von-eramba-auf-ubuntu-14-04/
<countingdaisies> cpaelzer: by "system" what do you think is being referred to? eramba? Ubuntu? Apache? or mysql?
<cpaelzer> countingdaisies: system = the operating system and its binraies/libraries
<countingdaisies> cpaelzer: maybe 2 words  :)
<countingdaisies> cpaelzer: huge. ty, now I know 'where' to solve the problem
<countingdaisies> ty so much
<cpaelzer> countingdaisies: autotranslate  is even kind of usable https://translate.google.com/translate?hl=en&sl=de&tl=en&u=https%3A%2F%2Fhpz.eu%2Fblog%2Finstallation-von-eramba-auf-ubuntu-14-04%2F
<cpaelzer> countingdaisies: I'd take the original to copy examples/configs to make sure not to get translations in there
<countingdaisies> cpaelzer: right on
<samba35> cpaelzer: if there was no update for openvswitch ,then how do diagnose or fix config lost issue
<cpaelzer> samba35: I can't tell you what happened, I only checked and there was no new OVS release for Xenial as far as I could see
<samba35> ic
<cpaelzer> samba35: what config was lost - a file back to original content?
<samba35> when u run ovs-vsctl show out is just two line /defualt line of version
<cpaelzer> hm, that is in a db of ovsdb - I've even see that survive uninstalls/reinstalls
<cpaelzer> samba35: I once realized that when removing the bridge all childs go away as well - might there be a chance such a thing happened for you?
<samba35> but every boot ?
<samba35> why config should lost and this happen today only
<samba35> it was working fine till yesterday
<cpaelzer> Dmitrii-Sh_: hi, the last qemu update for bug 1656480 seems to cause issues
<ubottu> bug 1656480 in qemu (Ubuntu Xenial) "QEMU Does not Send L2 Broadcasts After Live Migration" [High,Fix released] https://launchpad.net/bugs/1656480
<cpaelzer> Dmitrii-Sh_: I don't really think it is the update - as the errors are in a totally different place
<cpaelzer> Dmitrii-Sh_: it more seems like people testing new ARM HW to me
<cpaelzer> Dmitrii-Sh_: yet we have these checks to be extra careful
<cpaelzer> Dmitrii-Sh_: https://errors.ubuntu.com/?release=Ubuntu%2016.04&package=qemu&period=day&version=1%3A2.5%2Bdfsg-5ubuntu10.8
<Dmitrii-Sh_> cpaelzer: hmm, any bug id?
<cpaelzer> Dmitrii-Sh_: I'll forward you the automated mail I got - it is just the #errors tracker that kicked in
<Dmitrii-Sh_> cpaelzer: ok
<cpaelzer> Dmitrii-Sh_: mail should be in your inbox
<Dmitrii-Sh> cpaelzer: got it, I'm going to have a look now
<Dmitrii-Sh> cpaelzer: I submitted a form to view error report data btw - not sure who marks this for approval
<cpaelzer> I don't know either - the bot is from barry - maybe mail him?
<Dmitrii-Sh> cpaelzer: I can see that errors were triggered in the page translation code though
<cpaelzer> yeah, that is what I ,eant  that I expect them to be not related
<Dmitrii-Sh> cpaelzer: not sure if that code path is even invoked
<cpaelzer> ack
<Dmitrii-Sh> cpaelzer: 2 notes
<cpaelzer> new arm  HW being tested is my guess
<cpaelzer> and just happen to match the SRU by timing
<Dmitrii-Sh> cpaelzer: 1 - 16.10 had the same failure which contains this fix but from the upstream
<Dmitrii-Sh> cpaelzer: 2 - we should check x86_64 or any other arch as well
<Dmitrii-Sh> cpaelzer: ack
<rbasak> nacc: I don't like the idea of shipping two versions. If too late to switch to 7.1 in main, I think we should remove it from universe and do the transition next cycle.
<rbasak> Probably less important for a non-LTS though
<rbasak> stretch isn't about to ship with both, is it?
<Geom> mayu i know what is the cobinary command for build a .deb from source?
<Geom> cobinary=binary*
<cpaelzer> Geom: not exactly sure where you question is going to - debuild ?
<cpaelzer> Geom: https://wiki.debian.org/BuildingTutorial
<Geom> the link is perfect. thanks cpaelzer
<cpaelzer> yw
<Geom> my first ever deb is doneâ¦ thanks again cpaelzer
<cpaelzer> Geom: a pleasure to help, for better reliable builds if you do it more often I'd look at https://wiki.ubuntu.com/SecurityTeam/BuildEnvironment
<cpaelzer> Geom: but one step at a time - gz for your first deb!
<Geom> Noted! :)
<blueking> I am trying to get connection between tagged vlan on nic/ubuntu to vlan tagged  on switch  but no connection  the default vlan id 1 untagged works on switch-nic(ubuntu)
<cpaelzer> rbasak: could you run the importer on dovecot so it can fetch latest Debian and give me a ping afterwards?
<blueking> does it matter if auto bond0.100  iface bond0.100 inet static  vlan-raw-device bond0  or  auto vlan100  iface vlan100 inet static    ?
<blueking> does it matter if auto bond0.100  iface bond0.100 inet static  vlan-raw-device bond0  or  auto vlan100  iface vlan100 inet static vlan-raw-device bond0   ?
<blueking> problem get box online on vlan100
<blueking> I can ping interface on that given ip on vlan100  but  not to router on same vlan
<DK2> what does the server trying to load when it hangs at "Booting." ?
<DK2> its stuck there forever
<DK2> is grub missing?
<cpaelzer> jamespage: wanted to check with you are ok with me enabling openvswitch-swicth-dpdk for bug 1663206?
<ubottu> Error: Could not gather data from Launchpad for bug #1663206 (https://launchpad.net/bugs/1663206). The error has been logged
<jamespage> cpaelzer, go for it
<cpaelzer> jamespage: ok
<cpaelzer> jamespage: I expect it might hang on migration the same neturon test that zul is on already, but content wise I have it ready
<cpaelzer> uploading after some tests
<rbasak> cpaelzer: dovecot imported
<cpaelzer> rbasak: thanks
<cpaelzer> rbasak: just reviewed squid merge
<cpaelzer> rbasak: there are a few open points, let me know if you want to discuss any of them
<rbasak> cpaelzer: thank you! I replied in the MP.
<cpaelzer> rbasak: hmm not seeing the reply on the MP
 * cpaelzer is hitting F5 over and over
<rbasak> Hmm.
<cpaelzer> rbasak: did you reply by mail and LP might need a minute to pick it up?
<rbasak> I replied by email.
<rbasak> Yeah, maybe!
<rbasak> cpaelzer: stop being so efficient :-P
<cpaelzer> hey I got so much done the last 24 hours - I could almost forget the 48 hours before where evything was Â§$%&/
<rbasak> :)
<cpaelzer> rbasak: hey could you throw your experienced LP-eyeballs at liblockfile for me?
<cpaelzer> rbasak: I did a syncpackage yesterday after I sorted out remaining open points
<cpaelzer> rbasak: but I can't find it anywhere (neither passed, nor proposed, nor on https://launchpad.net/ubuntu/+source/liblockfile)
<cpaelzer> rbasak: as if it would have been a no-op
<clvx> Hi all, I want to know if there's a difference between choosing automatics over no automatics update at installation time on Ubuntu Server Xenial?.
<nacc> rbasak: correct, stretch only has 7.0; 7.1 is only in unstable
<clvx> This is because I have 2 vm's where one has automatic updates enabled and the other doesn't. Both have unattended-upgrades package installed, and pretty much the same config in /etc/apt/apt.conf.d/ . You can see the dump of the config files of both machines here: http://paste.ubuntu.com/23960844/
<cpaelzer> clvx: the if is auto-updates yes/no :-) do you mean if you can enable it later?
<cpaelzer> clvx: I see, and one of them does not update as the other does?
<clvx> So, I'm concerned if there's a difference, because the config files are identical.
<clvx> cpaelzer: both do the updates.
<cpaelzer> clvx: I'd think not, but you might need an d-i expert to answer if they do any extra twists there
<rbasak> cpaelzer: I'd expect it in https://launchpad.net/ubuntu/+source/liblockfile/+publishinghistory or in the "Latest upload" section. I see no trace either.
<rbasak> Perhaps it was a Launchpad error that the syncpackage tool didn't detect?
<rbasak> I don't recall if a sync leads to a confirmation email or not.
<cpaelzer> rbasak: under the circumstances I'd run it again with verbose enabled
<rbasak> I see no harm in trying to run it again.
<clvx> cpaelzer: I'll open a question in askubuntu and wait for something. Thanks for your time.
<cpaelzer> clvx: sorry I couldn't help more
<cpaelzer> clvx: in fact I thought this is my chance for a reason to d-i code, but I couldn#t find a direct pointer
<cpaelzer> in the source to the auto updates
<cpaelzer> rbasak: this time I got a normal accept email
<cpaelzer> can check on migration tomorrow then
<zul> coreycb: is the dashboard stuff in git?
<coreycb> zul, yeah
<countingdaisies> I have this application I installed on 16.04 but its telling me there's a problem with curl libraries --> http://imgur.com/a/jxmNu     sudo dpkg -l | grep curl   gives the following result -->  http://imgur.com/a/jxmNu   Is there any way to tell more precisely what the problem is?
<compdoc> how did you install eramba?
<compdoc> normally, apt resolves dependecies
<countingdaisies> compdoc: sorry, was off looking for answers answers. I use a combination of the only 3 decent information I could find: https://www.youtube.com/watch?v=qt6IQ4Kf8HM    https://docs.google.com/document/d/1vxh1knFcB6_ZVPUF4hy9i5XafIR3BijoZffCL_vjRVU/edit    and    https://github.com/ivuk/eramba-vagrant/blob/master/eramba_deploy.sh  Last night someone showed me some web page in German on it (I...
<countingdaisies> ...don't speak German) but they ran it through a translator   https://translate.google.com/translate?hl=en&sl=de&tl=en&u=https%3A%2F%2Fhpz.eu%2Fblog%2Finstallation-von-eramba-auf-ubuntu-14-04%2F    (but I'm running 16.04).
<countingdaisies> There are several issues with it and I'm not sure the best one to pick fix first (sometimes fixing one thing solves the others - if you get the right one). So I just tried to pick something concrete (one concrete problem its showing me) and ask help for it.
<countingdaisies> compdoc: One of the issues is that this (community edition) is the old version (you pay for the up to date one). Probably it's his first beta and never updated it after that. I had to (try to) downgrade to php5 and I think that it generally can only run with old versions of stuff (libraries, etc).
<compdoc> sorry, on the phone with a customer. their internet is down
<BrianBlaze420> I am trying to install an older version of ubuntu onto a tower so I can update a server on the side and not effect the production server
<powersj> nacc: can I please get you to import nagios-nrpe
<BrianBlaze420> my issue is I can't get passed the detect and mount cd
<BrianBlaze420> I am booting via cd lol
<BrianBlaze420> also I tried booting from usb same issue
<BrianBlaze420> how can I get around that
<nacc> powersj: running
<powersj> nacc: thank you sir
<sarnold> BrianBlaze420: what error message do you get?
<BrianBlaze420> Unable to detect cd-rom drive select device
<BrianBlaze420> normally when I got this message I booted from usb and then had an install disc in the cd rom drive to get around this
<BrianBlaze420> but it's not working and can't detect my cd-rom which it is booted off of lol
<BrianBlaze420> to make it worse i have no commands to actually see the drives in the console
<BrianBlaze420> and when I do an ls of /dev there are too many and none look like a cdrom drive
<sarnold> hrm I don't have any systems with cdrom drives installed
<sarnold> it makes it a bit hard to figure out what to suggest if I can't test first :)
<sarnold> lsblk perhaps? dmesg | grep sd perhaps?
<BrianBlaze420> it's busybox
<BrianBlaze420> so lsblk, fdisk lsusb
<BrianBlaze420>  do not work :'(
<BrianBlaze420> all it sees is my hdd installed in the tower :(
<BrianBlaze420> with dmesg
<BrianBlaze420> the irritating thing is I get the same message when I try with a usb
<nacc> ls -ahl /dev/disk ?
<nacc> err, /dev/disk/by-path
<BrianBlaze420> it only sees sda... which is my hddd
<BrianBlaze420> weird
<BrianBlaze420> especially weird because it boots from cd and usb lol
<BrianBlaze420> without issues it's just when it's trying to detect a cd-rpm
<BrianBlaze420> cd-rom*
<sarnold> you could try setting a pxe booting environment instead; set up a tftp server with install media, setup a dhcp server to point to it, and go that way. I've done that before when I didn't have spare usb flash drive laying around to do an install
<BrianBlaze420> it just makes no sense to me that I have to do weird work arounds when I can boot from cd's and usb's no problem even this ubuntu install works up until it needs to detect the cd rom... I will have to do a pxe
<sarnold> I wonder..
<sarnold> sometimes bioses can be set to do silly things with the storage
<sarnold> maybe treating the sata ports as pata compatibility or using a raid setup rather than ahci or who knows what
<sarnold> maybe a few minutes in the bios first would save you the hassle of pxeing?
<BrianBlaze420> true
<BrianBlaze420> thanks for putting thoughts in my brain
<BrianBlaze420> u r a genius sarnold
<BrianBlaze420> of cours it was a bios setting lol
<BrianBlaze420> thanks very much
<BrianBlaze420> lol
<sarnold> great! :D
<sarnold> much easier than goofing around with pxe and tftp and dhcp
<sarnold> not that that's terrible
<BrianBlaze420> I know right
<sarnold> but this is way eaiser
<BrianBlaze420> but it's a good idea to have
<BrianBlaze420> one thing at a time tho :)
<nacc> powersj: done
<teward> anyone got a Yakkety server that isn't a production-critical system, and want to help me test something quickly?
<teward> sarnold: ^ relevant if only because PIE may have blown stuff up in nginx Stable for Yakkety
<rbasak> No, but "lxc launch ubuntu:yakkety"? :)
<teward> assuming lxc was installed
<teward> i think i removed it at one point...
<rbasak> Why?
<teward> because it fubard networking for a time
<rbasak> Hmm.
<teward> default put it on a conflict subnet
<teward> so i had to remove the bridge
<rbasak> The latest lxd packaging works hard to avoid conflicting I think.
<teward> NOW i can fix it heh
<teward> rbasak: 16.04 fresh install
<teward> wasn't as kind.
<teward> it also won't detect other VLANs :P
<teward> it was in conflict with my DMZ subnet
<teward> where DNS on my network sits
<rizonz> I have a /19 which I use where a server has a 172.16.2.11 on eht0 and a 172.16.13.11 on eth1, all outbound traffic needs to go over eth0 and local over eth1... issue when my routers are in 172.16.0.248/29
<rizonz> or not ?
<sarnold> rizonz: I don't know how to configure your setup but this guide will teach you how to make the kernel do what you need http://lartc.org/howto/
<sarnold> rizonz: translating that into configuration files so it's still set the next reboot may take more work still
<rizonz> sarnold: there is no nextboot issue
<tomreyn> rizonz: you can pointopoint the 172.16.2.11 to your router
<tomreyn> like this https://wiki.hetzner.de/index.php/Netzkonfiguration_Debian/en#Dedicated_Servers
<tomreyn> it's ugly but it works
<rizonz> tomreyn: why is it ugly ?
<tomreyn> well the netmask is 255.255.255.255
<tomreyn> either your ip address and that of your gateway is formally / logically outside of that ;)
<tomreyn> s/ and / or /
<rizonz> meh
<rizonz> doesn't work
<rizonz> sarnold: should it be possible ?
<sarnold> rizonz: just about anything is possible
<sarnold> rizonz: you may need to insert direct routes to your routers if they aren't reachable via the subnet routing rules you've already got
<rizonz> sarnold: true but this is weird that my ping stops on my eth0 when I do my /19 route on my eth1
<rizonz> when I traceroute on the box, all traffic floats out on eth0
<sarnold> 'ip route get' may help you understand what the machine is doing
<rizonz> fixed :)
<sarnold> great :)
<rizonz> sarnold: needed the route to my router on the eth0
#ubuntu-server 2017-02-10
<Grapes> Are we on 17.04 yet?
<sarnold> Grapes: feature freeze is next week
<Grapes> schweet
<rizonz> Grapes: meh I'm just deploying 16.04 :P
<countingdaisies> When I run sudo a2enmod php5.6-curl  it tells me  "ERROR: Module php5.6-curl does not exist!"  but when I run sudo dpkg -l | grep curl I get this:  http://paste.ubuntu.com/23964773/  which shows that php5.6-curl is installed (doesn't it?). What am I doing wrong?
<sarnold> hrm if you're going to use sury' repo you may have to ask him for help :/
<patdk-lap> thinking that php curl has anything at all to do with apache
<sarnold> oh? is it enought to just have it installed and then php can use it?
<patdk-lap> no
<patdk-lap> isn't that what phpenmod is for?
<sarnold> no idea
<sarnold> tis a silly language, I never go there :)
<countingdaisies> not sure what all that means but ok.
<patdk-lap> countingdaisies, that was the point
<gaurangt> hi, is OpenStack mitaka release supported for xenial (16.04). It seems the documentation is little confusing here - https://wiki.ubuntu.com/OpenStack/CloudArchive
<gaurangt> the timeline here shows that the Mitaka release is the latest stable supported release for Xenial (16.04). But the below section "How to enable and Use" states that the mitaka cloud archive is only supported on trusty (14.04).
<gaurangt> I also see a bug opened for this which is confirmed but not yet fixed.
<gaurangt> https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1616454
<ubottu> Launchpad bug 1616454 in software-properties (Ubuntu) "Mitaka cloud-archive not supported on Xenial" [Undecided,Confirmed]
<cpaelzer> gaurangt: 16.04 effectively "IS" Mitaka
<cpaelzer> gaurangt: if you look at the drawing on the link you sent, you see that M is the last one on top of 14.04
<cpaelzer> gaurangt: and then 16.04 LTS starts and it starts with an M right underneath
<cpaelzer> with the same support time
<cpaelzer> gaurangt: so the reason for "Mitaka cloud archive only supported on Trusty" is that Xenial does not need a "cloud archive" to have it
<cpaelzer> it is just supported by being Xenial
<cpaelzer> gaurangt: sorry - does that make any sense to you?
<sarnold> thanks for the explanation cpaelzer -- it helps me anyway :)
<cpaelzer> great, if gaurangt would ack I could maybe move that into the bug as explanation.
<gaurangt> cpaelzer, thanks. Does that mean we need not add the cloud archive in xenial for mitaka and it can itself install the packages from standard xenial repo, right?
<cpaelzer> gaurangt: exactly
<gaurangt> cpaelzer, ok. That helps. Thanks :)
<cpaelzer> rbasak: nis doesn't seem to be in usd-i, could you run an import and ping me ?
<gaurangt> cpaelzer, if someone wants to install the OpenStack M release in xenial and doesn't have internet access, what are the recommendations?
<sarnold> a full ubuntu archive is only a tb, you could mirror the whole thing from starbucks and set up your own mirror in your bunker on that :)
<gaurangt> sarnold, yeah, some customers may choose not to have internet access to their machines. So I believe we should recommend them to have a local mirror setup on one machine which has access to internet and then access this mirror from the machines we need to access.
<gaurangt> sarnold, thanks :)
<sarnold> gaurangt: the juju / maas / conjureup stuff should all handle proxies of some sort by now, I think
<sarnold> (I have to admit I haven't tested, but it seemed to be a frequent request a year ago and I don't see much of it today..)
<cpaelzer> also many of those caring enough to do local mirror also go for this and many other things that landscape provides
<cpaelzer> https://landscape.canonical.com/static/doc/user-guide/ch09.html#idm46055123390496 https://landscape.canonical.com/static/doc/api/repositories.html
<cpaelzer> gaurangt: ^^ you might take a look
<cpaelzer> that will also do like update management and oh so many other things
<gaurangt> cpaelzer, sure, will check. Thanks
<sarnold> cool, i've not seen this before :)
<cpaelzer> rbasak: I was going through my old repo of nis, and identified that all Deltas can be dropped now making it a sync
<cpaelzer> rbasak: I'll do some tests
<cpaelzer> nacc: ah FYI - I picked nis
<cpaelzer> rbasak: arr another upload permission thing - this time nis
<cpaelzer> rbasak: this is MOTU at the moment
<cpaelzer> rbasak: it will become a sync now, but I can't sync it
<cpaelzer> rbasak: what would you think - is adding server-dev to nis reasonable?
<cpaelzer> rbasak: or OTOH - you might just call the sync for me if you want (syncpackage --debian-version=3.17.1-1 --force --verbose nis)
<rbasak> cpaelzer: I think I should sponsor the sync for you for now, and you should use it as evidence for your MOTU and/or core dev applications :)
<rbasak> cpaelzer: so for that purpose you do you mind using requestsync please?
<cpaelzer> rbasak: of course
<cpaelzer> rbasak: I have even documented the reasoning for why a delta drop is ok http://paste.ubuntu.com/23965942/
<cpaelzer> rbasak: can I add that on requestsync anywhere?
<rbasak> Ah, great!
 * cpaelzer goes studying requestsync
<rbasak> requestsync is just a wrapper around filing a bug. So you can always add stuff to the bug later.
<cpaelzer> rbasak: I just see that was the weird TIL lock remerge you did over it
<cpaelzer> rbasak: can you to make my stament 100% proven a usd-i sync for it ?
<cpaelzer> I want to check any potential delta in ubuntu2 and ubuntu3 more explicitly
<cpaelzer> I'm running through debdiffs now, so if usd-i doesn't work it is ok
<rbasak> Running it now.
<cpaelzer> rbasak: sync request bug 1663535
<ubottu> bug 1663535 in nis (Ubuntu) "all Delta can be dropped, please sync nis 3.17.1-1 (universe) from Debian unstable (main)" [Wishlist,New] https://launchpad.net/bugs/1663535
<cpaelzer> Also added my Tests as extra proof now
<cpaelzer> rbasak: I started a "reason for MOTU" example list, once it reaches three items I'll apply
<cpaelzer> coreycb: zul: qemu is still blocked on the OOMing test - if not resolved anyway til then could we meet in a Hangout on Monday to talk about how to get things passing before FF?
<cpaelzer> coreycb: zul: in that case just drop me an invite for monday when it works for you
<cpaelzer> coreycb: zul: in the case that you have an upload that fixes it anyway - thanks and no need for a call then
<metachr0n> hi everyone ... i've been experiencing issues relating to pam and systemd ... ssh logins are terribly slow ... it was like this before ... did an update went away ... new update and its back
<metachr0n> pastebin.com/6TJE2zhS
<metachr0n> that is during an sudo
<metachr0n> the odd thing is that its done this like three times
<metachr0n> its 16.04 btw
<metachr0n> and basically ... a dist-upgrade and its fixed for awhile
<metachr0n> another and its broken again
<metachr0n> any ideas?
<metachr0n> i can't disable PAM because yeah ... thats no good
<metachr0n> we use LDAP and normal user accounts, and google authenticator
<metachr0n> getent passwd is without delay
<metachr0n> any help in troubleshooting or seeing more verbosity might be helpful too
<frickler> what is the difference between nova-api and nova-api-os-compute? installing the former removes the latter, but also nova-placement-api, though if I understand http://docs.openstack.org/developer/nova/placement.html correctly, I need to run the placement API in addition to either of the first two
<teward> this may sound like an odd question, but is there a way to add a user to the group that can work with lxc/lxd without needing to use `sudo`?
<teward> 'cause apparently I can't figure out how to do it
<teward> oh wait i probably should reboot nevermind
<BloodStone> teward, you can allow a user to run sudo on a specific command in /etc/sudoers.d/
<nacc> cpthanks
 * nacc hitting enter before reading if tabcomplete worked -^ :)
<blueking> one can't access ssh on ubuntu from different subnets ?
<powersj> nacc: can I get you to import autofs please?
<drab> blueking: well can you ping the host to begin with?
<drab> if the subnets aren't routable the host won't simply be reachable
<nacc> powersj: running
<powersj> nacc: thank you sir
<blueking> drap after set rp_filter=0 on /proc/sys/net/ipv4/conf/  all  and default  I can ping ubuntu machine
<blueking> drab even :P
<blueking> drab looked like drap :P
<blueking> drab from denmark ?
<drab> nope, from... I actually don't even know anymore, sometimes I feel like I was born in an airport
<drab> blueking: what do you get if you run ssh -vvvv host ?
<drab> does it try to connect at all or what?
<blueking> that have to wait adding two more hdd's on machine now
<drab> k, np
<blueking> damn have seagate killed those middle holes  only 4 holes  2 on each side    used to be 3 on each side...
<blueking> hard drive mounting brackets doesn't fit :/
<blueking> it's too short :/
<nacc> powersj: done
<DosTuMai> o/
<soop> anyone care to point me to a howto to convert a physical ubuntu box to a vm?
<lynorian> soop, first question what hypervisor will you be using for the vm?
<sarnold> my first attempt would look like: boot to another media; dd if=/dev/sda of=/tmp/vm_img.raw ; qemu-img convert to qcow2 or whatever
<soop> lynorian: hyper-v *blech*
<lynorian> soop, sorry do not know anything about hyperv so cannot help you there
<DammitJim> why is it that just now I ssh'd into my ubuntu 16 server and I'm seeing *** System restart required ***
<DammitJim> I thought I had selected NOT to perform automatic updates?
<drab_> DammitJim: do you have unattended-upgrade installed? you may have selected "security updates" only, which may require a restart
<drab> see if you have unattended-upgrade installed and what /etc/apt/apt.conf.d/50unattended-upgrades says
<DammitJim> oh, let me check
<nacc> powersj: are you waiting on any more reviews from me for your merges
<powersj> nacc: nope just that one, rbasak has my other
<powersj> nacc: thanks for looking at it! that was my first :)
<nacc> powersj: np
<Village> Hello, what means - "dpkg -L lua-socket" command at terminal?
<tarpman> Village: list the files owned by the installed package "lua-socket"
<OerHeks> dpkg -L = --listfiles package-name
<tarpman> Village: for more details: man 1 dpkg
<Village> oh so not interesting command
<Village> thatk guys
<Village> thanks
<sarnold> what do you mean "not interesting"? :) I use it all the time :)
<genii> sarnold: I find dpkg -S filename  generally useful
<sarnold> genii: I use that one more frequently, yes :)
#ubuntu-server 2017-02-11
<lordievader> Good morning.
<teward> sarnold: evil is evil.
<teward> (https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1663937 is relevant to why this comment was made)
<ubottu> Launchpad bug 1663937 in nginx (Ubuntu Yakkety) "[SRU] Please update nginx in Xenial and Yakkety to 1.10.3" [Wishlist,Triaged]
<Village> how install older mysql version to Ubuntu 16.04.1 LTS ?
<OerHeks> Village, not i guess, besides you might break something too.
<Village> What you mean, i faced with problem " nMySQL::cQuery - Error in query ~SHOW COLUMNS FROM SetupList~ " and i think need older version that it's works, because something wrong, i have one idea try with older mysql
<Village> ?
<Village> i can remove 5.7 version, but how install older from apt-get install
<maxb> You can't. A distribution is a set of software versions that have been tested to some degree as working together. The counterpart to that is you don't get a free choice of versions of anything whilst relying solely on the distribution's packages
<OerHeks> Village, again; not. 5.7 is the only version available
<Village> understand from Ubuntu source, one way download upload and install package from teminal uploaded
<Village> something wrong i think, but no ideas what
<maxb> Village: I'm sorry, what you just said did not make any sense. You might be better off looking for an IRC channel where you can ask about Ubuntu in your native language.
<OerHeks> if you want to build yourself, go ahaead, https://launchpad.net/ubuntu/xenial/+source/mysql-5.7 but i am not sure it will work properly ( besides vulnerabilities )
<OerHeks> focus on your error, and fix that
<Village> Ok, now i don't in mood fix it and look variables who can be wrong
<Village> All good thanks guys, until
<van777> hey! i'd like to share an app  to get notifications from the server. Just installed it and it works great. I've been using  PUSHBULLET for some years, but it's the first time the cli interface for the server..  Here you go https://github.com/GustavoKatel/pushbullet-cli
<drab> anybody happens to be familiar with ipset and can explain the difference between hash and bitmap and when you'd want to use which?
<jancoow> HI . I just ahd a harddrive failure (ugh) so need to reinstall everything
<jancoow> however
<jancoow> I just installed 16.04.1Â LTS but systemctl doesn't exist anymore 0.o
<jancoow> while on my last 16.04 install systemctl was still there
#ubuntu-server 2017-02-12
<tomreyn> jancoow: on 16.04, systemctl is part of systemd. you should defintely have it available as root. if not, it suggests that your upgrade did not work out well.
<tomreyn> there are counter measures against hdd failures. one of them is RAID with a mirroring confiuguration - that's pretty easy if you can afford another disk. the other is to do backups, and do them properly and reliably, which you need to do either way.
<jancoow> I replaced my serve casing
<jancoow> i've 7hhd's in greyhole configuration
<jancoow> the only not redunant disk, the os drive, broke during the move...
<jancoow> the sata connectors littarly broke from the pcb and now th drive isn't spinning anymore
<jancoow> Last backup is from 2 months ago..
<JanC> there shouldn't really be anything important on the OS drive, right?
<sarnold> drab: the best documentation of the difference of hash and bitmap might be the source code
<sarnold> drab: chances are you probably want one of the hash versions
<ChmEarl> is it possible to run the early preseed script and modify the /etc/mke2fs.conf?
<ChmEarl> or is there another way to set ext4 options in preseed?
<lordievader> Good morning.
<rbux> mornin
<gordonjcp> hi
<gordonjcp> is there a way to get normal network interface names back in 16.04?
<gordonjcp> at them moment they're all stuff like enp39asdfasdfblahblahblah and they change on every boot
<lordievader> gordonjcp: https://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames/
<lordievader> They shouldn't change every boot...
<gordonjcp> okay, why are they called "predictable" when they're essentially random
<lordievader> They are named based on where the bios says they are.
<gordonjcp> o_O
<gordonjcp> the bios has no idea what a network interface is
<lordievader> It does know where the device is.
<lordievader> In short, read the link I gave you.
<gordonjcp> I'm reading it
<gordonjcp> it seems like a pretty pointless change, which only makes things more difficult for users
<lordievader> In my opinion it makes more sense than the old way.
<gordonjcp> randomly assigning names to interfaces, based on when systemd gets around to looking at them?
<lordievader> The point is that it is not random.
<gordonjcp> okay, but it's not stable
<lordievader> It is.
<gordonjcp> it changes on every boot
<lordievader> Those ethX names werent. "Oh hey a new interface in the same location, lets give it a new name.
<lordievader> "
<lordievader> Anyhow, these are just opinions.
<gordonjcp> is there a way to get rid of systemd in 16.04?
<gordonjcp> or if there isn't, is there a way to force it to work *exactly* like sysvinit
<gordonjcp> right now it doesn't seem to run init scripts in any predictable order
<gordonjcp> "oh hey, I can't see one of the network interfaces.  Never mind, I'll just start up dnsmasq on it, then I'll bring up the xl2tpd tunnel, oh hell everything on fire now"
<gordonjcp> I guess that's a no
<gordonjcp> so Ubuntu Server isn't actually intended for use on servers, then?
<gordonjcp> or is there something fundamental I'm not getting about this
<drab> sarnold: yeah I got some answers in #netfilter, turns out it's mostly a choice based on types and features
<drab> looking closer it indeed makes sense for example bitmap:ip expects a range to be specified upon creation, something I hadn't noticed at first
<patdk-lap> I would imagine bitmap to be much faster, as no hasing needed
<patdk-lap> more geared for matching against local network
<drab> patdk-lap: that's a good point, I hadn't thoguht of it, thank you
<SupaYoshi> Hi
<SupaYoshi> How do I upgrade my 12.04-LTS server to 16.04 LOTS
<SupaYoshi> *LTS
<compdoc> I just didnt that for a system. worked great, and I was doing it over ssh
<compdoc> oh, wait. I think it was 14.04. nm
<lucidguy> is it possible to rsnapshop backup to a windows/ntfs share?  I would think not since it relies on hard links.. no?
<xpistos> Hey all. I am having a bit of trouble with vim. I have several lines in the script that are formated mm-dd-yyyy like 01-01-2017, 01-08-2017 etc. how can I delete them all in one shot? I have tried g/^0?-*/d but that does not seem to work.
<xpistos> And now that I think about it I will have like 10, 11 and 12 so even using ^0?-* wouldn't work anyway.
<jancoow> Hi there. How to change this service into the new systemctl ? http://pastebin.com/8cnuJzZG
<Doow> Hi! I'm trying to set up some backup scripts and I noticed that the backup user don't have write access to its home directory (/var/backups) What's the reasoning behind this? What's the preferred workaround (my specific problem right now is that gpg can't create the .gnupg directory)
<patdk-lap> heh?
<patdk-lap> backup user?
<patdk-lap> there is no backup user unless you created one
<patdk-lap> and /var/backups isn't exactly something you want to backup, as it's outdated infomation, why it's called backups
<Doow> patdk-lap: I don't want to backup the contents of /var/backups, I want somewhere for my backup user to write metadata :)
<Doow> patdk-lap: are you 100% sure there's not a backup user by default? cause I have no memory of creating one and a 'random' person in #ubuntu had the exact same settings as me in his /etc/passwd
<Doow> backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
<patdk-lap> hmm, I do have a backups user on this system
<Doow> I could of course create a "backups2" user with its own home directory that I control, but it feels a bit silly. I don't want to change the current user without knowing why it's setup the way it is.
<Doow> In case I break something
<jancoow> backupgs "sigh"
<Doow> It looks to be a heritage from debian, they appearantly have an open bug from 2001 about it...
#ubuntu-server 2018-02-05
<law> hey all, I'm trying to netboot an ubuntu-server iso over ipxe/uefi, but it hates me.  Is the ubuntu-server image UEFI-compatible in Xenial?
<mason> law: yes
<masber> good afternoon, for some reason my ubuntu server does not want to boot
<masber> it says "gave up waiting for root device"
<masber> and goes to (initramfs)
<masber> https://pasteboard.co/H6bAYZY.png
<cpaelzer> good morning
<cpaelzer> masber: in the early env there is no lsblk yet
<cpaelzer> masber: try looking for /dev/<dependingonyourdevice>
<cpaelzer> masber: also dmesg might be interesting to see if anything failed while initializing the disk or controllers
<lordievader> Good morning
<jamespage> cpaelzer: hmm well all seems good with a fresh snapshot
<jamespage> \o/
<jamespage> https://bileto.ubuntu.com/#/ticket/3124
<cpaelzer> oO
<cpaelzer> nice
<jamespage> coreycb: I'm going to push staging->proposed now
<coreycb> jamespage: +1
<coreycb> jamespage: i'm re-running nova dep8 tests. they passed for me locally.
<jamespage> coreycb: ok
<rbasak> cpaelzer: I wonder if you might know if there's an easy way to tell how much memory of a process cannot be evicted from the resident set? Eg. the heap, which would need to go to swap, vs. memory mapped libraries which can just be evicted.
<rbasak> I ask because the amount on a vanilla server install seems to have gone up, so I'd like to measure it.
<TJ-> rbasak: /proc/self/map ~ /proc/$PID/map  ?
<rbasak> TJ-: I'm aware. I'm wondering if there's a tool that'll give me a number, instead of having to calculate it myself.
<rbasak> (and it's maps, not map)
<TJ-> rbasak: gotya, I saw some perf tooling a while ago but can't recall where or what exactly
<TJ-> ahhh, "mem_usage"
<TJ-> Mine notes I sourced it from https://elinux.org/images/d/d3/Mem_usage
<cpaelzer> rbasak: look at the tool smem
<cpaelzer> it has no good huge page support yet, but other than that is great
<rbasak> cpaelzer: thanks! I'm trying it, but I think it's still counting memory that could be swapped out though?
<rbasak> Uh
<cpaelzer> it counts it "as it is"
<cpaelzer> so it can be mapped, swapped or both
<cpaelzer> if it is swapped, but not discarded
<rbasak> What I want is the total memory per process that _has_ to be swapped out when under pressure.
<rbasak> Rather than how it is now.
<cpaelzer> _has_ -> could ?
<rbasak> Not exactly
<rbasak> Say I have no swap
<cpaelzer> define "has to be" please
<rbasak> I'm under memory pressure.
<cpaelzer> ok
<rbasak> What are the processes that I'm not using but are resident that are getting in the way?
<cpaelzer> the ones with the biggest USS in this output
<rbasak> In that situation, the kernel could evict everything that has a backing file.
<cpaelzer> smem -tk -c "pid user command swap vss uss pss rssâ
<cpaelzer> there is another cmdline for the mapping view
<rbasak> USS will include what is in memory but could be evicted, no?
<rbasak> The figure will be inflated.
<cpaelzer> hmm - I see, you want to know the minimal set that has to stay - is it that?
<rbasak> Right
<rbasak> Without putting the system under pressure, since that feels like it could introduce noise in my results depending on how I do it, what else is happening, etc.
<cpaelzer> rbasak: but they are "just" userspace
<rbasak> I don't follow
<cpaelzer> rbasak: essentially all but maybe the mlocked pages "could" be swapped - in your non-swap case that can't be done
<cpaelzer> so you look for "shrinkable" memory
<cpaelzer> that the processes will not hold
<cpaelzer> the smem output of above is what the program has on it's own allocated
<cpaelzer> it is NOT what e.g it has in page cache (discardable) due to reading a file
<rbasak> I thought USS would include, say, an mmapped ro file that's read only of which some is resident but that's the only process that has it mapped.
<cpaelzer> you mean because it can be discarded and brought back
<cpaelzer> hmm
<rbasak> Right
<cpaelzer> yeah you are right
<cpaelzer> it is overaccounting for your check
<cpaelzer> rbasak: but
<cpaelzer> rbasak: see the second command above
<cpaelzer> to get closer to what you want you should be able to remove all that is mapped on files there
<cpaelzer> so your mmapped ro file would show up there and have an USS matching its file
<cpaelzer> rbasak: I don't know how to check (in this simplified view) what is dirty/cow and can therefore not be discarded
<cpaelzer> rbasak: do you need that for a single process?
<rbasak> I'd like a per-process amount
<cpaelzer> rbasak: so process X - how much of its open file #2 is in memory?
<cpaelzer> so a system wide overview still
<rbasak> I'd like a per-process _total_ amount
<rbasak> Right.
<cpaelzer> hmm, no then I don't know a tool yet
<rbasak> I want to identify the "bad" processes, and how bad they are.
<cpaelzer> proc smaps parsing
<cpaelzer> maybe a small extension to smem
<cpaelzer> it is python after all, so you might be close
<rbasak> OK, thanks
<cpaelzer> I once had a hugepage extension
<cpaelzer> not too bad (but a bit outdated)
 * rbasak wonders if it's worth it
<cpaelzer> fyi the reverse I asked for is "man mincore"
<rbasak> There are two candidates I've less subjectively identified
<rbasak> less objectively
<rbasak> iscsid and snapd
<simulant_> hi can anyone please help me out. I have two machines on my local network that can't ping each other. they can ping other devices, other devices can ping them - but they can't ping each other!
<simulant_> it's driving me bonkers if anyone can please help
<rbasak> simulant_: I would narrow down the problem by seeing what is leaving and what is arriving where, using tcpdump. Sorry I don't have the time to go through the details with you.
<nacc> cpaelzer: was the llast comment in LP: #1733572 a private ping?
<ubottu> Launchpad bug 1733572 in kopanocore (Ubuntu) "php-mapi conflicts with other version" [Undecided,Triaged] https://launchpad.net/bugs/1733572
<nacc> i have the 'fix' for that issue in particular in the MP (wich you can review). I have a feeling we are being bit by an openssl issue, but not sure yet.
<cpaelzer> nacc: It was making clear that you are already on it
<cpaelzer> and for the review last week it was WIP - you say it is open for review now?
<nacc> cpaelzer: no, it's still not
<nacc> i haven't figured out teh segv yet
<cpaelzer> ok waiting for your ping still then
<cpaelzer> no urge by me, just needed to check if still in the state I knew
<nacc> *but* it passes onn debian
<nacc> and historically this has been due to some ssl issue, when the same segfault is seen
<nacc> they are also only testing 7.0 and 7.1 :)
<HackeMate> hello, is there a deployment generator for ubuntu server? such like opengnsys or the old rembo
<HackeMate> or any image-restore via network
<sarnold> cloud-init, maas, fai-server are all popular and serve slightly different purposes
<HackeMate> thank you sarnold
<coreycb> jamespage: networking-bagpipe/bgpvpn were a pita for b3 as they both reverse-depend on each other and won't pass tests without b3 of each other
<coreycb> jamespage: and i see they're ftbfs in proposed now
<coreycb> jamespage: if we can upload 8.0.0~b3-0ubuntu1 of both packages to queens-proposed, they have tests disabled. then we can promote the current version to queens-proposed.
<axisys> I need to call a script at network change.. running it on my laptop which is sometimes on wifi at home and sometimes on ethernet at work.. where is the right place to put the script, so it gets called at network change? I am on 16.04 lts
<mason> axisys: Use /etc/network/interfaces and have "up" directives. You can have multiple location-based configs for each interface.
<axisys> mason: for laptop that file is mostly empty
<mason> axisys: It can be as empty or as full as you make it.
<mason> It's how I do it for my laptop. Works well.
<axisys> mason: yep, use it for server..
<mason> If you're looking for a way to do this with Network-Manager, then 1) don't do that, and 2) there's no way to do that.
<sarnold> axisys: investigate ip monitor or rtmon
<axisys> sarnold: thanks a lot!
<sarnold> axisys: don't thank me just yet. :) you might not like these solutions much, hehe
<powersj> nacc: I think this run will get us self-test: https://jenkins.ubuntu.com/server/job/git-ubuntu-ci-redux/4/console
<nacc> powersj: will watch
<nacc> powersj: i'm also wondering if we can possibly leverage https://forum.snapcraft.io/t/snapcraft-clean-doesnt-clean-with-snapcraft-container-builds-set/2291
<nacc> powersj: (well the popey-mentioned commands int hat bug report)
<nacc> to reuse the containers for building in CI
<nacc> that would speed it up significantly, sinnce our deps don't geerally change (only our code itself)
<powersj> that would be really nice
<nacc> powersj: https://insights.ubuntu.com/2017/11/22/announcing-snapcraft-2-35/
<nacc> i will see how that works if the underlying build target keeps changing
<mason> sarnold: rtmon looks interesting, but the dinosaur in me wants to manually control which network I'm on
<sarnold> mason: heh, yeah, I never really "got the hang" of network manager ..
<mason> sarnold: I remember a long while back asking how to tie scripts to network-up events, and the NM guys told me it wasn't possible. So I kept using ifupdown.
<mason> I still don't think it's possible, despite it being an obvious thing to want to do.
<sarnold> mason: it seems like such a basic thing :(
<mason> Hrm, this says NM just drives ifupdown: https://askubuntu.com/questions/258580/how-to-run-a-script-depending-on-internet-connection
<mason> But I don't think that's true nowadays.
<nacc> powersj: ok, yeah, it seems that will do what we want
<nacc> powersj: i should test it a bit locally
<powersj> nacc: any issues if we are running multiple CI jobs at a time?
<nacc> powersj: ah probably :)
<nacc> let me ask
<nacc> powersj: see #snappy?
<powersj> I'm not in that channel
<nacc> powersj: ah ok
<nacc> basically, the container used is dtermined by the directory it's called from (and the snap's name)
<nacc> i'm trying to think of the matrix of decisions we want to make here
<powersj> nacc: doh failed: 'bash -l -c git-ubuntu -h'
<powersj> not sure why that failed, I thought it exits 0. Anyway I'll rerun without the call to -h and just skip to self-test
<nacc> powersj: hrm, that exited 1 here .. not sure why either
<nacc> xnox: is there a way with gpg2 to find out where private keys are stored (filename)? it used to be you could pass --secret-keyring, but that's ignored now and keys are put in private-keys-v1.d/ ... asking because php-horde-crypt calls gpg with --secret-keyring still and assumes it is honored
<xnox> nacc, that will not work, no. one is supposed to use gnupg-agent; non-agent access to private keys is no longer supported.
<nacc> xnox: ok, so the test as-written just doesn't make sense
<xnox> nacc, you can and should use GNUPGHOME, then you can control which toplevel dir will be used.
<nacc> xnox: yep, they do
<nacc> i guess i could just look for the one key created in there :)
<nacc> xnox: thanks
<powersj> nacc: https://paste.ubuntu.com/26527006/
<nacc> powersj: sigh ok
<nacc> powersj: will pivot back to that in a bit
<powersj> ok, you can basically re-run that last build to re-test
<powersj> I added the failure stop to, so it won't run the integration tests next time
<nacc> powersj: https://paste.ubuntu.com/26527216/
<nacc> powersj: you're building on xenial, right?
<powersj> nacc: correct
<nacc> powersj: with updates enabled?
<nacc> i'm not sure why you're versioning is different, which also ssems a bit odd
<nacc> powersj: do you have the log from the buildl?
<powersj> all I have is the jenkins log https://jenkins.ubuntu.com/server/job/git-ubuntu-ci-redux/4/console
<powersj> woops 5 was the failure of self-test: https://jenkins.ubuntu.com/server/job/git-ubuntu-ci-redux/5/consoleText
<nacc> powersj: ack, reading
#ubuntu-server 2018-02-06
<cpaelzer> good morning
<lordievader> Good morning
<jamespage> coreycb: dealing with the cmake foobar in queens-proposed now (we need a newer version for debhelper compat 11)
<ahasenack> rbasak or cpaelzer, hi, could one of you please (re)import ubuntu-advantage-tools into git? I think it's out of date there
<rbasak> Looking
<rbasak> Importing
<ahasenack> thx
<rbasak> ahasenack: it's still running but didn't seem to take anything new
<rbasak> ahasenack: https://code.launchpad.net/~usd-import-team/+git lists it as updated just now.
<rbasak> ahasenack: did we just race the importer?
<rbasak> Or did cpaelzer just do it?
<ahasenack> rbasak: anyway, it looks fine now
<ahasenack> but odd that we would have raced the importer, since there were no new uploads in weeks
<rbasak> You're right
<rbasak> Perhaps we raced cpaelzer :-)
<ahasenack> or maybe I missed a --force in my previous pull
<ahasenack> thanks anyway
<rbasak> It's definitely just been pushed to
<ahasenack> rbasak: I'm getting a debian/patches warning with this repo: https://pastebin.ubuntu.com/26529688/
<ahasenack> rbasak: to my knowledge there shouldn't be such a directory (it's a native package), much less an empty one
<cpaelzer> ahasenack: rbasak: I didn't import it
<cpaelzer> not in a racy manner at least, maybe weeks ago but not today
<ahasenack> it exists here, though: https://git.launchpad.net/~usd-import-team/ubuntu/+source/ubuntu-advantage-tools/tree/debian/patches
<coreycb> jamespage: oh that's a pita
<ahasenack> rbasak: cpaelzer: there is something wrong with my MP to ubuntu-advantage-tools (https://code.launchpad.net/~ahasenack/ubuntu/+source/ubuntu-advantage-tools/+git/ubuntu-advantage-tools/+merge/337213), I could use some assistance
<ahasenack> fyi the diff is showing "new" files like debian/rules (!)
<ahasenack> or debian/tests/control
<ahasenack> but they exist already in the git repo, branch ubuntu/devel (https://git.launchpad.net/~usd-import-team/ubuntu/+source/ubuntu-advantage-tools/tree/debian/tests/control)
<slashd> how one can test a partman-partioning patch using a PPA ? So far I have tried to build partman-partitioning and then d-i within the same PPA and redirect the installer to my PPA using "apt-setup/overlay ..." but without success.
<ahasenack> slashd: maybe you need to create a new iso. I know simpoir has done that to test a landscape-client patch for a bug that happened inside the ubuntu server install, he might have scripts to help doing that
<slashd> ahasenack, tks will ping him
<rbasak> ahasenack: I don't follow what's going on there either.
<rbasak> Maybe a Launchpad bug or oddity?
<rbasak> #launchpad might be the place to ask
<ahasenack> ok
<cpaelzer> ahasenack: I don't see d/rules as new file
<cpaelzer> ahasenack: maybe it was an artifact while still updating the diff?
<ahasenack> cpaelzer: in launchpad?
<cpaelzer> yes
<cpaelzer> on https://code.launchpad.net/~ahasenack/ubuntu/+source/ubuntu-advantage-tools/+git/ubuntu-advantage-tools/+merge/337213
<cpaelzer> I thought that was what you linked
<cpaelzer> ... yes it was
<ahasenack> I just reloaded
<cpaelzer> 3 hits for debian/rules - all ok
<ahasenack> it's still showing, for examplple, debian/rules (+6/-0)
<rbasak> I see preview diff c05adda into ae690c9 on 2018-02-06
<rbasak> Line 117
<cpaelzer> same preview hashes
<cpaelzer> for me
<rbasak> diff --git a/debian/rules b/debian/rules
<rbasak> new file mode 100755
<rbasak> index 0000000..0cd4e1d
<rbasak> --- /dev/null
<rbasak> +++ b/debian/rules
<jamespage> coreycb: I think its a straight backport - just waiting for the arm arch to build and will re-test ceph
<coreycb> jamespage: that'd be nice
<cpaelzer> not for me
<cpaelzer> ah well now I see
<cpaelzer> yeah the header is null vs d/rules
<cpaelzer> but the content is just fine
<ahasenack> but it's treated as a new file
<cpaelzer> or is that just that small of a d/rules
<ahasenack> all lines are new
<cpaelzer> checking the actual mp
<cpaelzer> just a sec
<ahasenack> that's the whole d/rules
<cpaelzer> oh I see
<ahasenack> the only diff should be in the flake8 line
<ahasenack> from: 	flake8 tests
<ahasenack> to: 	python3 /usr/bin/flake8 tests
<ahasenack> and that's what you see if you do "git diff ubuntu/devel" while on my branch
<cpaelzer> yeah I checked git diff c05adda ae690c9 -- debian/rules
<ahasenack> git diff bionic-version-14..ubuntu/devel -- debian/rules
<ahasenack> shows the correct thing
<cpaelzer> yep
<cpaelzer> which are the names for the hashes I used
<ahasenack> even better
<cpaelzer> but also the same hashes that LP displays
<cpaelzer> odd
<coreycb> jamespage: i'm fixing up heat-dashboard to include the js files
<cpaelzer> ahasenack: do you mind submitting the same in a new branch name?
<cpaelzer> ahasenack: to see if it is reproducible
<ahasenack> basically git checkout -b new-name; git push ?
<ahasenack> and make a new mp?
<cpaelzer> yep
<ahasenack> ok
<cpaelzer> we could also use resubmit proposal, but I'd keep the broken one for later analysis by LP team
<ahasenack> same thing
<ahasenack> https://code.launchpad.net/~ahasenack/ubuntu/+source/ubuntu-advantage-tools/+git/ubuntu-advantage-tools/+merge/337215
<ahasenack> diff is updating still, but the "31 files modified" again shows debian/rules as a new file
<cpaelzer> I refreshed and see it - same problem
<ahasenack> I'll delete it
<jamespage> coreycb: I need todo some sort of bootstrap dance for networking-bagpipe/bgpvpn right?
<coreycb> jamespage: yes. i wasn't sure if i should upload directly to -proposed so i didn't touch that.
<Odd_Bloke> cpaelzer: Thanks for that vagrant review!  I'll look at it soon.
<coreycb> jamespage: if you upload 8.0.0~b3-0ubuntu1 of both first, then you'll be able to upload the latest versions once those publish
<cpaelzer> Odd_Bloke: y
<cpaelzer> y
<cpaelzer> damn
<cpaelzer> yw
<jamespage> coreycb: ok - I'll delete current versions and direct upload to -proposed
<cpaelzer> IRC stutter
<coreycb> jamespage: ok thanks
<Odd_Bloke> cpaelzer: Hah, I hadn't nominated it for series because I didn't think I could; turns out I can!
<cpaelzer> use your powers Odd_Bloke
<Odd_Bloke> cpaelzer: So I went for ubuntu1 because ubuntu0.1 suggests a security fix to me; more than happy to change it, just explaining my thought process. :)
<Odd_Bloke> But I couldn't quite decide (and eventually just went with what dep3changelog produced. :p)
<cpaelzer> I knew
<cpaelzer> Odd_Bloke: the format it creates for the LP ref is unique
<cpaelzer> so one can see that it was dep3changelog
<cpaelzer> :-)
<cpaelzer> Odd_Bloke: force pusher :-P
<cpaelzer> Odd_Bloke: reviewed the new code and acked
<cpaelzer> Odd_Bloke: added a hint to reuse on the SRU template
<cpaelzer> Odd_Bloke: do you need me to sponsor this?
<cpaelzer> I assume you are in ubuntu-cloud-uploaders, so I guess not
<jamespage> coreycb: ah
<jamespage> python-sphinxcontrib.blockdiag (>= 1.5.4), python-sphinxcontrib.seqdiag (>= 0.8.4)
<coreycb> jamespage: gah, what's that from. that is my fault.
<Odd_Bloke> cpaelzer: :)  I _think_ I'm fine.
<coreycb> jamespage: my handy new tool is too precise ;)
<jamespage> coreycb: that was from the networking-bgp/bagpipe stuff
<coreycb> jamespage: oh i thought i got rid of that
<jamespage> coreycb: do I just need to skiptest each one
<coreycb> jamespage: yes, for the first upload and then they'll be good to run tests next upload
<coreycb> jamespage: maybe you can just do that with DEB_BUILD_OPTIONS
<nacc_> coreycb: jamespage: buildl profile?
<jamespage> nacc_: yeah I was pondering that but don't quite know how to get that to happen in a PPA
<nacc_> jamespage: yeah there is a way, let me see if i can find it
 * jamespage sighs
<jamespage> coreycb: I messed up with the versioning...
<jamespage> fixing now...
<nacc_> jamespage: oh maybe it was just being discussed as possible (by the LP folks), sorry
<nacc_> possible to implement
<nacc_> I just did it "in archive" for PHP by commenting out stuff, then re-adding it
<Scott0_> im getting uncompression error system halted during both full iso and with the mini using usb
<Scott0_> memtest shows no errors with memory
<Scott0_> im not sure where to go from here
<Scott0_> does it try to uncompress to disk or to memory during install?
<TJ-> Scott0_: have you verified the image on the USB device is not corrupted?
<Scott0_> yes
<Scott0_> I compared to checksum
<Scott0_> im using rufus to write the usb from iso
<Scott0_> I assume it does a check before it says its completed
<Scott0_> maybe a bad assumption :/
<Scott0_> but I've tried the mini afew times and the regular iso a few times
<Scott0_> is this just a matter of memory bad or the usb being corrupted?
<Scott0_> is there a version of the installer that's smaller where I can download packages from the net to complete the install?
<Scott0_> I read one page that talked about the dvd drive being sda and causing conflict with where ubuntu expected to decompress the image
<Scott0_> but that seems unlikely
<TJ-> Whenever I've had a doubt I've generated a hash of the image on the USB device itself to be sure it's not corrupt. If that is fine it suggests there's some I/O errors during reading the device, or as you've suggested, RAM problems
<Scott0_> yeah I've tried 4 different usb drives
<Scott0_> and memtest ran for 24h with no errors
<Scott0_> im gonna try an ubuntu livecd and see if I can get that to install. I read that there is no difference in the server and desktop kernel now
<teward> there isn't in the kernel.  there's difference from the overhead needed to run the system.
<teward> (GUI is evil!)
<Scott0_> I know
<Scott0_> im confused as to why there is even a gui on a server install...
<Scott0_> that seems silly
<teward> (there isn't, it's a TUI)
<Scott0_> tui?
<dpb1> text user interface!
<teward> text-based user interface.
<Scott0_> odd I remember it loading a gui a while back for server install
<teward> instead of a graphical user interface.
<teward> Scott0_: never has had a GUI installer for Server.  GUI is Desktop only.  You *could* run a server via the GUI installer, but...
<teward> the GUI adds headaches.
<Scott0_> so I could use a desktop livecd to install server?
<dpb1> Scott0_: it shouldn't be warned, the live image as of today hits this: https://bugs.launchpad.net/ubuntu-cdimage/+bug/1747723
<ubottu> Launchpad bug 1747723 in Ubuntu CD Images "ubuntu server daily has no subiquity snap, installer does not start" [Undecided,New]
<Scott0_> can I avoid the gui install?
<dpb1> Scott0_: but, as long as you are not testing bionic, you will be fine.
<teward> Scott0_: I would use the server ISO if you want a non-GUI installation prompt
<teward> the desktop ISO and server ISO also install different default packagesets in the OS, mostly GUI and such software instead of the 'bare minimum' needed for servers
<Scott0_> teward, im having an issue installing from the server iso
<Scott0_> black screen
<Scott0_> if I use vga=ask and then continue, I get an uncompression error system halted
<Scott0_> wow, I tried with the livecd and I still get an uncompression error
<teward> sounds like you have a bigger problem than just the ISO used for installing
<Scott0_> yeah
<Scott0_> if not memory what else could it be?
<Scott0_> is it maybe something with ahci?
<teward> Scott0_: have you confirmed that you have valid ISOs, verifying the sums against known good ones?
<Scott0_> yes
<Scott0_> every time
<teward> have you run memtest or something to actually test your RAM to determine if it's bad or not?
<teward> i know it sounds like stupid questions, but i arrived late :)
<Scott0_> yes ran 24h with no errors
<Scott0_> 32BG 4 sticks total
<Scott0_> the ahci bios does say something on boot about being only for sata and dvd drives
<Scott0_> would this cause issue with the usb?
<Scott0_> I have not tried as IDE yet, but I didn't intend to install without ahci
<Scott0_> nevermind, uncompression error on IDE also :/
<Scott0_> memtest can load to memory and so can freedos, why can't ubuntu?
<Scott0_> it could be that every usb disk I write is corrupted
<Scott0_> what would cause that?
<sarnold> usb sticks are notoriously crap
<apb1963>  ubuntu 16.04...  hostapd exits prematurely.   some details here: https://pastebin.com/GcNS6V4J
<nacc_> !crosspost | apb1963
<ubottu> apb1963: Please don't ask the same question in multiple Ubuntu channels at the same time. Many helpers are in more than one channel and it's not fair to them or the other people seeking support.
<apb1963> nacc_, yes... many are... and many aren't.
<apb1963> nacc_, I was addressing those that aren't.
<nacc_> apb1963: so ... ignoring the faq.
<apb1963> nacc_, I'm curious... how old are you?
<nacc_> apb1963: why does that matter?
<nacc_> apb1963: please stay ontopic
<apb1963> nacc_, just curious if your attitude can be attributed to your age.
<nacc_> apb1963: i'm not sure what attitude you have a problem with. You crossposted a question, which we try to discourage, and I pointed you to the reasoning not to do that.
<apb1963> You mean because of the overwhelming number of questions being asked here?  The tremendous activity?
<nacc_> apb1963: no, and that's not the reason cited in the faq.
<sarnold> because it's annoying as hell to work with someone in one channel while they're getting different advice in another channel.
<apb1963> sarnold, And if I were getting advice in another channel... I wouldn't ask in a second one.
<nacc_> !patience | apb1963
<ubottu> apb1963: Don't feel ignored and repeat your question quickly; if nobody knows your answer, nobody will answer you. While you wait, try searching https://help.ubuntu.com or https://ubuntuforums.org or https://askubuntu.com/
<nacc_> apb1963: so one or both of those FAQs apply.
<apb1963> I didn't repeat it, I asked it elsewhere.
<nacc_> apb1963: you asked in #ubuntu
<apb1963> yes... yes I did.
<nacc_> apb1963: then rather than wait for an answer there, you posted in a *different* channel
<nacc_> apb1963: so you were both impatient and crossposted.
<apb1963> I waited long enough to see that nobody was going to respond in a reasonable period of time.
<nacc_> apb1963: 6 minutes?
<apb1963> yep
<apb1963> I should wait for hours?  Days?  What is acceptable to you oh king?
<nacc_> apb1963: alright, I hope you have a nice day.
<apb1963> you too
<Scott0_> teward: when writing to the usb with passmarks imageUSB, I did receive errors on writing to the usb and numerous failures on the verify operation
<Scott0_> teward: im gonna try a new usb with imageUSB and ubuntu server and see if I have better luck
<Scott0_> odd that rufus doesn't do verification after the write
<Scott0_> success!
#ubuntu-server 2018-02-07
<cpaelzer> good morning
<sarnold> gnight :)
<cpaelzer> rbasak: the htop MIR is acked by te MIR team, could you today take a look again at https://code.launchpad.net/~paelzer/ubuntu-seeds/18.04-support-htop/+merge/337201 ?
<lordievader> Good morning
<cpaelzer> hi lordievader, how are you today?
<lordievader> Doing good here, how are you?
<cpaelzer> good as well
<cpaelzer> rbasak: if you are in a review-flow 1744072 holds two similar MPs to the seeds
<cpaelzer> rbasak: to uncouple the two acks, you could (if ok) ack with "ack subject to a MIR team ack on the MIR bug"
<cpaelzer> then I could "move" as soon as the MIR Team does so
<rbasak> ack
<ahasenack> any idea what exit status 10 is, if it's something special:
<ahasenack> dpkg: error processing package grub-pc (--configure):
<ahasenack>  subprocess installed post-installation script returned error exit status 10
<ahasenack> ?
<rbasak> sysexits.h doesn't list 10
<rbasak> I'm not aware of anything in Debian policy that defines specific exit codes
<rbasak> So it's likely that it's just passing through the exit code from whatever failed in the script I think.
<ahasenack> yeah, and it's a huge one
<ahasenack> (huge postinst, I mean)
<ahasenack> it's from a bug, not my system
<rbasak> If it's a current bug, you could see if the reporter can reproduce (eg. with dpkg-reconfigure or whatever), and if so, then instrument the postinst with a "set -x" at the top (by hacking /var/lib/dpkg/info/<package>.postinst IIRC).
<ahasenack> yep
<ahasenack> I wonder why this is the default in ssh_config:
<ahasenack> SendEnv LANG LC_*
<ahasenack> every non-us person will get this warning when logging in to a remote us/uk system
<ahasenack> WARNING! Your environment specifies an invalid locale.
<ahasenack> DANGER!
<ahasenack> meh
<ahasenack> why would anyone want to impost the local locale settings on a remote system by default
<ahasenack> s/impost/impose/
<mdeslaur> what would set it on the remote system if you're logging in via ssh?
<jamespage> coreycb: looped back to the os-vif test failures - resolved and uploaded
<jamespage> coreycb: os-brick only failed unit test in the jenkins setup - in PPA and on my larger, newer build its fine...
<jamespage> coreycb: so did a bypass of the tests in jenkins to effect the upload
<jamespage>  one to watch
<coreycb> jamespage: ok that was the test that was timing out
<coreycb> jamespage: backports for queens are back to normal \o/
<jamespage> coreycb: hurrah!
<jamespage> long live the queen
<jamespage> (s)
<coreycb> lol :)
<coreycb> jamespage: i was chatting with lbragstad in #openstack-pkg yesterday. summary is that in keystone v3 35357 and 5000 are the same, so we can drop the admin port.
<coreycb> jamespage: you can still listen on both if you want, we just don't need to. he's updating docs so i'll keep him posted on what we do.
<jamespage> coreycb: oh ok will need good testing in the charms
 * jamespage crosses fingers that everything is actually using keystone provided port values...
<ahasenack> mdeslaur: I comment that SendEnv, get no warning, and things just work
<mdeslaur> so you inherited whatever lang was setup as the remote system default
<ahasenack> and I suspect they work better than with me trying to use pt_BR.UTF-8 in an unknown remote system by default
<ahasenack> imagine the success rate of someone with a Japanese locale ssh'ing elsewhere outside of Japan
<mdeslaur> imaging you inheriting the japanese locale ;)
 * mdeslaur shrugs
<dpb1> ahasenack: en_us always works fine
<dpb1> :)
<ahasenack> see? :)
<dpb1> hah
<ahasenack> mdeslaur: at least it would be installed on the remote system I'm logging in to, so that would be expected
<boxrick> inside /etc/environment bashvars such as $USER don't work. Is there a way of fixing that?
<coreycb> jamespage: ok going to update the keystone package to just use the public port and will open a bug for the charms for now
<mason> Woot, qemu-system-ppc for the win. Painless.
<coreycb> jamespage: i'm tripping over this with tempest on queens: https://bugs.launchpad.net/nova/+bug/1747511
<ubottu> Launchpad bug 1747511 in OpenStack Compute (nova) "server create fails with "Can not find requested image" when CONF.glance.api_servers is not set and [service_user] is set" [High,In progress]
<coreycb> fyi
<tdb> hey all - just wondering if bionic will ship with a new version of ZFS?
<dpb1> tdb: 0.7.5 is in proposed right now
<dpb1> you can help by testing it. :)
<dpb1> !proposed | tdb
<ubottu> tdb: The packages in Ubuntu are divided into several sections. More information at https://help.ubuntu.com/community/Repositories - See https://wiki.ubuntu.com/RecommendedSources for the recommended way to set up your repositories.
<dpb1> hm
<dpb1> not the link I was thinking of
<dpb1> tdb: https://wiki.ubuntu.com/Testing/EnableProposed
<tdb> ah! sweet :)
<monokrome> hey all
<monokrome> Does anyone know if there's a way w/out user interaction to choose an option from the dialog that shows when you install a .deb?
<monokrome> When I install the MySQL official deb, it asks if you want to add mysql 5.6 or mysql 5.7
<monokrome> but defaults to 5.6 - which isn't what I want, but since it's an automated install I think I'm maybe out of luck for 5.7?
<sarnold> monokrome: maybe take one more step back and describe what problem you're trying to solve :)
<monokrome> sarnold: Installing MySQL 5.7 w/ ansible
<sarnold> monokrome: aha -- stuff in something like apt-get update && apt-get install --yes mysql-server-5.7
<monokrome> sarnold: mysql-server-5.7 isn't in the package listing, so I had to install the MySQL deb for it
<monokrome> I think we're on LTS
<monokrome> but the MySQL deb makes you choose a version w/ dpkg
<monokrome> so I'm trying to figure out how to tell it which version
<monokrome> Does that make sense?
<sarnold> yikes, I wonder how the heck they do that.
<sarnold> you might have to mail oracle.
<sarnold> there's a debconf mechanism that is often used to prompt the admin for package settings
<sarnold> but I've never used it for anything quite as huge as "what version do you want to install"
<sarnold> so I wonder if oracle decided to do Something Strange.
<mason> Hm. I'm stuck on something... virt-manager on my host connects to libvirtd in a guest, and I get a warning that KVM is not available. I've not tried nested virt with KVM before... Is there a way to get my host (Xenial) to pass through virtualization extensions?
<sarnold> s/never used it/never seen it used/
#ubuntu-server 2018-02-08
<sarnold> mason: what does kvm-ok in the guest report?
<mason> sarnold: Is there an EL equivalent? The guest is running RHEL 6.
<monokrome> sarnold: It's using dialog, same way that most `dpkg-reconfigure` stuff works?
<mason> I don't see vmx or svm in feature flags in /proc/cpuinfo, but I'm not sure if that's a comprehensive list.
<mason> ah, it's a script - moving it over
<mason> Yeah, that's looking for vmx and/or svm too. vmx given that I'm on Intel I guess.
<mason> Oh well. I'll dig for how to pass through VMX to guests after dinner.
<sarnold> mason: how about /sys/module/kvm_intel/parameters/nested ?
<mason> sarnold: Looking.
<mason> Hm, no go - I assume because it needs vmx passed in: FATAL: Error inserting kvm_intel (/lib/modules/2.6.32-696.20.1.el6.x86_64/kernel/arch/x86/kvm/kvm-intel.ko): Operation not supported
<sarnold> mason: on the host?
<mason> oh
<mason> 'Y' on the host
<sarnold> very confused.
<sarnold> maybe it has to do with the guest type? or guest cpu type?
<mason> I didn't see any obvious options, but I'll look again.
<mason> http://www.rdoxenham.com/?p=275 is interesting
<mason> Looks like maybe I want  <feature policy='require' name='vmx'/> in my config.
<mason> for the VM
<mason> Hm. Everything I'm seeing says to do that manually.
<mason> virsh edit for the win, as there's no way to specify that in virt-manager. My laziness finally fails me.
<mason> Anyway, with that feature policy line shoved into the VM config, kvm-ok sees vmx in the guest, and I can nest.
<sarnold> woot
<mason> \o/
<sarnold> I'm surprised it's not the default
<sarnold> but maybe it comes with consequences I don't know about
<mason> Yeah, interesting choice.
<mason> Hm, still not seeing SPEC_CTRL in guests... I think I need to restart things perhaps.
<mason> For those playing along at home, my VM defaulted to Broadwell, but it needed to be Broadwell-IBRS.
<cpaelzer> sarnold: mason: it actually is the default of libvirt to have a type with vmx/svm
<cpaelzer> sarnold: mason: but that is a virtual cpu type that has almost no other features
<cpaelzer> sarnold: mason: virt-manager does detection and selects a defined cpu type, like broadwell in this case
<cpaelzer> the definition of that type doesn't have it by default as you have realized
<lordievader> Good morning
<cpaelzer> jamespage: could it be that nova/2:17.0.0~b3-0ubuntu3 is borked - I see all dep8 tests fail
<cpaelzer> jamespage: analyzed, see bug 1748123
<ubottu> bug 1748123 in nova (Ubuntu) "Policy "os_compute_api:os-server-usage":"rule:admin_or_owner" was deprecated for removal in 17.0.0" [Undecided,New] https://launchpad.net/bugs/1748123
<cpaelzer> jamespage: coreycb: bug 1748123 now has a MP linked that would need your ack if possible
<ubottu> bug 1748123 in nova (Ubuntu) "Policy "os_compute_api:os-server-usage":"rule:admin_or_owner" was deprecated for removal in 17.0.0" [High,New] https://launchpad.net/bugs/1748123
<jamespage> cpaelzer: looking now
<jamespage> cpaelzer: meh lets just do allow-stderr for nova - it won't inpair the testing in any way IMHO
<jamespage> cpaelzer: I'll sort that now
<cpaelzer> jamespage: I'm ok with that as well
<cpaelzer> jamespage: please ping me once the new version is in proposed so that we can retrigger all the blocked packages
<cpaelzer> jamespage: ok ?
<jamespage> cpaelzer: yes - uploading now
<cpaelzer> ok, that was fast :-)
<cpaelzer> I wonder when exactly I can retrigger all the fails then - probably once it shows up as published on all arches in proposed
<jamespage> cpaelzer: its a pretty trivial change
<cpaelzer> jamespage: will it be 2:17.0.0~b3-0ubuntu4 ?
<cpaelzer> ok I see it, tracking that then - thanks
<cpaelzer> hmm actually I think hte nova needs to fully migrate
<cpaelzer> as testing is "only the testee from proposed"
<cpaelzer> jamespage: do you think it would be correct to still mark ..ubuntu3 as bad-test?
<cpaelzer> that would help to resolve that quicker and with les sload to the machines
<cpaelzer> all logs I checked had the ok on the actual test
<jamespage> cpaelzer: I think that's fine
<cpaelzer> jamespage: I'll update the MP with that
<cpaelzer> the bug will get auto-updated as soon as you migrate
<cpaelzer> thanks
<jamespage> Commented to that effect
<cpaelzer> oh that is even better
<cpaelzer> apw: if you are around a merge of https://code.launchpad.net/~paelzer/britney/hints-ubuntu-mask-nova-for-oslo-policy-deprecation/+merge/337331 would free up at least a small portion of the current proposed migration stall
<rbasak> cpaelzer: did you have a uvtool MP for me to review? I can't find it.
<cpaelzer> rbasak: there was an acked one that isn't merged
<cpaelzer> rbasak: https://code.launchpad.net/~paelzer/uvtool/+git/uvtool/+merge/335884
<cpaelzer> the approved state might mask it from your usual search for open todo's
<cpaelzer> but it isn't in git afaict
<rbasak> Thanks!
<rbasak> cpaelzer: pushed to git and built in https://code.launchpad.net/~uvtool-dev/+archive/ubuntu/master
<cpaelzer> thanks rbasak!
<rbasak> cpaelzer: if you'd like me to upload I can do that two but if so please could you test the PPA works as expected? The only two changes vs. bionic are your last two commits :)
<rbasak> I can do that oo
<rbasak> I can do that too
 * rbasak seems to have lost the ability to write proper English in the last couple of days :(
<cpaelzer> I realize that for a non native speaker too and two sound similar, but you ?
 * cpaelzer checks if rbasak has fever
<rbasak> They sound the same for me too
<rbasak> I think the typing part of my brain just doesn't do grammar and just types what it hears me say internally or something.
<cpaelzer> but for you correct words should flow out of your soul, and not go the "sounds like, could be, lets write that" process
<cpaelzer> I'll check the ppa later on
<cpaelzer> rbasak: can I just check bionic ?
<rbasak> Sure
<rbasak> I only expect to upload Bionic anyway
<rbasak> For the older series there's the PPA. I've never done anything more than that.
<cpaelzer> rbasak: tests complete
<cpaelzer> rbasak: http://paste.ubuntu.com/26540860/
<cpaelzer> rbasak: I'll have a new MP soon for the other issue I found (arm64 only)
<cpaelzer> rbasak: fix is here https://code.launchpad.net/~paelzer/uvtool/+git/uvtool/+merge/337352
<cpaelzer> rbasak: if you are doing the effort to push a new ver anyway we should include that right away :-)
<cpaelzer> I missed that when we did initial arm support as my /tmp was set up special
<cpaelzer> but on my new maas deployed arm system I today saw the issue
<cpaelzer> anyway fix is easy, please review and merge rbasak
<rbasak> cpaelzer: merged and pushed
<rbasak> cpaelzer: do you want a PPA rebuild? Or are you happy for an upload without that?
<cpaelzer> the fix is trivial and I tested by changing the template locally
<rbasak> OK I'll upload
<cpaelzer> so unless there is a typo it is good
<cpaelzer> you might check if the xml is still valid xml
<cpaelzer> for typos on closing /> or such
<cpaelzer> other than that good for upload I'd think
<cpaelzer> checked it with xmllint in my branch
<cpaelzer> it is good
<cpaelzer> go for an uplaod rbasak
<rbasak> Uploaded.
<frickler> jamespage: are you planning to upload ceph-12.2.2 for artful, too? I need to rebuild ceph for our pike-uca, using the version from bionic fails because it depends on newer boost versions
<tobasco> jamespage: was any gnocchi changes able to make it into queens m3, cannot see anything in the uca queens repo
<frickler> jamespage: actually building 12.2.1 from artful fails on xenial+uca-pike, too. seems you have some special tricks to build these
<frickler> found https://bugs.launchpad.net/cloud-archive/pike/+bug/1739002 , will comment there
<ubottu> Launchpad bug 1739002 in ceph (Ubuntu Artful) "[SRU] ceph 12.2.2" [Undecided,Confirmed]
<ahasenack> rbasak: hi, do you know if debian's new salsa infrastructure is taking MPs for packages?
<ahasenack> it does look like it
<rbasak> Generally yes, _if_ the maintainers have moved to salsa.
<ahasenack> they have
<ahasenack> ok, thx
<ahasenack> should I file a corresponding debian bug?
<ahasenack> I see salsa has its own "issues" tab
<ahasenack> project in question is samba, and the vcs url in the package already points at salsa
<rbasak> I don't think Debian has really figured out the answer to that yet :)
<rbasak> Depending on the maintainer, I imagine a Debian BTS bug in addition to a salsa merge request is either an extra unnecessary thing to close or an essential thing to track everything that needs doing.
<ahasenack> then I think a normal debian bug is still a good thing to have
<ahasenack> if it's not figured out yet
<ahasenack> I'm also checking for existing "issues" in these projects
<ahasenack> I see none open
<ahasenack> I also don't know if they merge-then-upload, or upload-then-merge
<ahasenack> they might be staging commits in the git tree and then someone uploads eventually
<rbasak> I imagine most salsa users would merge-then-upload
<ahasenack> anyway, I'll experiment
<ahasenack> cpaelzer: hi, do you know if uvt-kvm can create debian vms?
<cpaelzer> ahasenack: if you have debian cloud images
<cpaelzer> ahasenack: so no
<ahasenack> k
<cpaelzer> ahasenack: https://wiki.debian.org/KVM#Creating_a_new_guest
<ahasenack> I'll try virt-install
<mason> cpaelzer: Thank you for the clarification!
<cpaelzer> better late than never mason :-)
<cpaelzer> as an excuse - I was sleeping well while you discussed that :-)
<mason> heh
<mason> To balance things out, I was sleeping while you clarified.
<cpaelzer> fair enough :-)
<mason> cpaelzer: So, is this a virt-manager quirk, and I'd end up with the default if I build something with virt-install?
<ahasenack> cpaelzer: hm, virt-install is not an automated install :/
<cpaelzer> ahasenack: no it is not
<cpaelzer> ahasenack: you realize why people love uvtool :-)
<cpaelzer> well I do
 * cpaelzer hugs rbasak for uvt-kvm
<mason> Hrm, I've not heard of uvtool. Looking.
<cpaelzer> mason: TL;DR - it is the "give me a ubuntu guest" command
<mason> ah, kk
<cpaelzer> mason: this is the three lines to a guest http://paste.ubuntu.com/26541379/
<cpaelzer> from there you'll see the flexibility it provides if you often need to spawn guests base on cloud image
<cpaelzer> s/this is/these are/
<mason> Seeing a checkmark on a command line is unusual. But, neat.
<cpaelzer> oh I might have copied to omuch :-)
<cpaelzer> yeah kill from the bracket in front of the checkmark
<mason> Alright, that makes it seem more approachable. :)
<cpaelzer> my console reports last RC in this - checkmark is 0, otherwise it is  an x=$rc
<mason> Oh, that's clever.
<cpaelzer> and time when I did the command and command number for reference - the usual stuff
<cpaelzer> normal people have nice office, we all have nice (and very different) console prompts :-)
<mason> Mine is a boring PS1="$USER@$HOSTNAME$WIN\${PWD}\$ "
<cpaelzer> still much better as a "cmd:>"
<jamespage> frickler: use the version from the pike uca - it has a patch to use the bundled boost version
<jamespage> tobasco: sorry I've been bogged down in unsticking a load of other bits
<frickler> jamespage: oooh, nasty hack ;) well, at least you get more upstream-y packages that way I guess. thx for the hint
<jamespage> frickler: https://code.launchpad.net/~ubuntu-cloud-archive/ubuntu/+source/ca-patches/+git/ca-patches
<jamespage> contains series aligned patches required for backporting
<jamespage> frickler: well if avoids a) patching for older boost and b) carrying boost in the UCA (which I won't do - we did it for trusty and it was a nightmare)
<frickler> jamespage: yeah, I do see your point. I'm still wondering why ceph needs to be in UCA in the first place, though, that does cause some issues for our deployments
<jamespage> frickler: well technically it might not need to be but it does create online intermediate update points for LTS users
<frickler> jamespage: it also creates complicated upgrade scenarios when running a ceph cluster with mixed openstack and non-openstack use :(
<tobasco> jamespage: okok
<jamespage> tobasco: I have a time critical thing to get done today (summit talk submissions) so hopefully I'll get to it tomorrow
<tobasco> jamespage: no worries, let me know if i can help with anything
<ahasenack> rbasak: hm, that autopkgtest cmdline doesn't work so well out of the box
<ahasenack> autopkgtest -U samba -- lxd images:debian/sid/amd64
<ahasenack> ...
<ahasenack> E: You must put some 'source' URIs in your sources.list
<ahasenack> E: You must put some 'source' URIs in your sources.list
<ahasenack> autopkgtest [14:53:13]: ERROR: testbed failure: rules extract failed with exit code 100 (apt failure)
<ahasenack> afaik autopkgtest needs to change the image a bit, does it not?
<rbasak> ahasenack: perhaps the images changed to drop the deb-src lines?
<rbasak> I'm pretty sure it used to work.
<rbasak> ahasenack: though I'm not really sure why autopkgtest needs deb-src lines.
<ahasenack> there was another command which required src lines and I never understood why
<ahasenack> ah, apt-get build-dep iirc
<rbasak> build-dep needs to see the source package metadata to see the Build-Depends header which isn't available in binary package metadata.
<rbasak> But autopkgtest shouldn't need that if it's only building from your .dsc.
<ahasenack> but not when I'm using it like "apt-get build-dep ./"
<rbasak> (from your _local_ dsc)
<ahasenack> it just needs to peek into debian/control
<rbasak> I didn't know it could do that.
<rbasak> I guess that's a bug.
<ahasenack> doesn't work in trusty, but xenial+ works
<ahasenack> maybe something in between trusty and x also worked
<ahasenack> meh
<ahasenack> https://github.com/lxc/lxc/issues/1799
<ahasenack> debci + lxc does not work out of the box
<ahasenack> (and it does not have lxd support)
<pankaj_> How to install modules in irssi. It is saying me to install Text::charwidth module.
<ahasenack> rbasak: hey, got a good bug in my samba dep8 tests when running them on debian
<ahasenack> cannot create /home/ubuntu/data: Directory nonexistent
<ahasenack> :)
<ahasenack> assumption about the ubuntu user being there :)
<Odd_Bloke> smoser: Does sstream-query use GPG by default?
<smoser> Odd_Bloke: no.
<smoser> well... yes.
<smoser> by default it uses streams/v1/index.sjson
<Odd_Bloke> Pick one. ;)
<smoser> and verifies that signed inline json with 'gpgv' (from gpg-verify)
<smoser> and cries if it doesnt work
<smoser> it does not by default assume any keyring not assumed by gpgv.
<smoser> ie, it wont use --keyring=/usr/share/keyrings/ubuntu-cloudimage-keyring.gpg
<Odd_Bloke> So why doesn't it cry all the time, given most people don't have the appropriate key?
<smoser> but if you hae added those keys to the keyring ~/.gpg then those will be used.
<Odd_Bloke> Or is this the yes/no duality? :p
<smoser> well, it does cry most of the time.
<smoser> http://paste.ubuntu.com/26542581/
<smoser> you can pass '--no-verify' and it wont verify
<Odd_Bloke> OK, so maybe it just works for me because I've done something in the past.
 * Odd_Bloke checks in a container.
<Odd_Bloke> OK, yes, there we go.
<smoser> Odd_Bloke: i assume 'gpg --list-public-keys' shows the 4A3CE3CD565D7EB5C810E2B97FF3F408476CF100 for you
<smoser> or D2EB44626FDDC30B513D5BB71A5D6C4C7DB87C81
<smoser> whichever one its signed by
<Odd_Bloke> Yep, the former.
<Odd_Bloke> smoser: Thanks for the help. :)
<blizzow> I'm running a bunch of 16.04 servers with the 4.13.0-32-lowlatency #35~16.04.1-Ubuntu SMP PREEMPT (hwe-16.04-lowlatency-edge) kernel. The spectre/meltdown checker is telling me I'm still vulnerable and I've downloaded all the latest and greatest updates. My BIOS is up to date as well. What can I do to mitigate the problem?
<sarnold> hey blizzow, I've got to run, hope this helps https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown
<mason> blizzow: What bits are showing vulnerable?
<sdeziel> blizzow: the 4.13 kernel with mitigation for all 3 vulns is currently in artful-proposed. Presumably, it will land shortly in artful-updates and will then be backported to 16.04
<mason> Oh, didn't see the newer kernel.
<sdeziel> blizzow: otherwise, you may want to use that PPA https://launchpad.net/~canonical-kernel-team/+archive/ubuntu/spectre/?field.series_filter=xenial
<blizzow> the script puts out that Spectre Variant 2 is still vulnerable.
<blizzow> I think that's the one that requires a microcode update and Dell doesn't seem to have released a new BIOS yet for the poweredge 620.
<blizzow> I also have some supermicros that I have to look up.
<sdeziel> blizzow: retpoline mitigations do not depend on updated microcode
<sdeziel> blizzow: this machine runs an old microcode but has the 4.4 kernel from the above PPA: https://paste.ubuntu.com/26543638/
<blizzow> I guess I'm not understanding what you're trying to tell me sdeziel. I am running the HWE lowlatency 4.13 kernel and the table (column 5 row 2) shows that spectre variant 2 is "F" (updates have been published to mitigate the issue but require updated firmware/microcode).
<blizzow> I have to install this script to get a kernel with retpoline?
<blizzow> sorry *PPA* not script.
<sdeziel> blizzow: what I'm saying is that a retpoline enabled kernel (from the PPA) should mitigate spectre V2 (https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown#Pre-release_Updates_Available_For_Testing)
<sdeziel> blizzow: so yeah :)
<sdeziel> gotta run
<blizzow> Is there a due date for HWE lowlatency with retpoline to be released to the standard repos without using the PPA? I'm not too keen on adding a new ppa to all of my servers.
<sdeziel> blizzow: as I said, it's currently baking in artful-proposed
<sdeziel> I am not aware of an official due date, sorry
<sdeziel> blizzow: maybe someone in #ubuntu-hardened will be able to tell you
#ubuntu-server 2018-02-09
<HardcoreKrypton> anyone knows how to use cloud-init
<rbasak> Yes.
<HardcoreKrypton> can you tell me ?
<rbasak> http://cloudinit.readthedocs.io/en/latest/
<rbasak> If you have a specific question, please ask it.
<HardcoreKrypton> thank you !
<HardcoreKrypton> okk
<rbasak> There's also #cloud-init
<ahasenack> rbasak: hi, is there a way to tell git ubuntu merge to use debian/experimental instead of sid?
<rbasak> ahasenack: I'm not sure, sorry. I've not been much involved in that subcommand.
<ahasenack> ok
<ahasenack> oh
<ahasenack> I guess I should have read --help more carefully
<ahasenack> "onto                  A reference to a commit whose corresponding version to prepare to merge with. If not specified, debian/sid is used. "
<ahasenack> :)
<coreycb> jamespage: qemu and libvirt updates are in kilo-staging and ocata-staging
<jamespage> coreycb: hurrah!
<rbasak> ahasenack: looking at https://code.launchpad.net/~ahasenack/ubuntu/+source/ubuntu-advantage-tools/+git/ubuntu-advantage-tools/+merge/337213
<ahasenack> rbasak: ok
<rbasak> I'm not very keen on stuff using bash in /etc/update-motd.d/. Debian and Ubuntu moved away from bash due to startup times, and update-motd.d is in the critical path for login time.
<rbasak> What actually puts files into /etc/update-motd.d/ please? I don't see it in the packaging.
<ahasenack> rbasak: debian/install
<rbasak> Ah. Thanks
<ahasenack> rbasak: I continued using bash (the main ubuntu-advantage script already uses bash) because it's not a new dependency
<ahasenack> I didn't think about startup times
<rbasak> I think it'd be fine for the ubuntu-advantage script itself since it isn't in any critcal path.
<rbasak> But update-motd really needs to be kept quick.
<rbasak> (especially for stuff present by default on all systems)
<ahasenack> rbasak: well, the motd script will call ubuntu-advantage status
<rbasak> Or else, measure it and convince me :)
<rbasak> Oh
<rbasak> Well then that matters too
<ahasenack> it's either that, or reimplement in the motd the logic that determines what's the status
<rbasak> Yeah
<ahasenack> you would gain a bit by reimplementing in the sense that "ua status" determines the status of all 3 services
<ahasenack> livepatch, esm, and fips
<ahasenack> livepatch is a snap call
<ahasenack> esm and fips is an apt-cache policy call
<rbasak> Another way might be to shortcut it. If a user has never had UA, then detect that and do nothing quickly.
<ahasenack> you mean had an ua contract, or the ua package? The ua package will be there always
<ahasenack> from the start, I mean, it can be removed
<rbasak> Then the buck is passed to Canonical to make sure that adding UA doesn't slow things down. I'm fine with that :)
<dpb1> wait
<ahasenack> if livepatch is available, then the motd becomes an advertisement
<dpb1> update-motd.d runs on a schedule
<rbasak> ua contract, or the ua package> I mean had UA contract related functionality enabled.
<rbasak> Or "has" would be better I suppose.
<ahasenack> dpb1: no
<dpb1> it's not in critical path for login time?  or am I very wrong
<ahasenack> unless there is some smarts that only calls the scripts in update-motd.d in a schedule
<dpb1> ah
<dpb1> script-by-script basis?
<rbasak> dpb1: AIUI, update-motd.d runs on every MOTD display, but some scripts do their own caching.
<rbasak> Right
<ahasenack> yes
<dpb1> got it
<guzzlefry> howdy
<dpb1> ahasenack: what is the path for the default install case, does ubuntu-advantage get called there?
<ahasenack> dpb1: default install of that, ubuntu?
<dpb1> install server, then login.
<ahasenack> s/that/what/
<ahasenack> the motd script runs at login
<ahasenack> ssh, terminal
<ahasenack> nothing else calls "ua <stuff>" on its own
<dpb1> yes, I mean, in that case
<dpb1> does ua <stuff> get called there
<ahasenack> yes, we do one "ua status" call to determine the livepatch status
<ahasenack> save the output, and then look for the bits we want in that output
<ahasenack> a grep and two seds, something like that
<dpb1> I'm looking for what is done for motd.ubuntu.com
<ahasenack> that must be different, since it's a network call
 * dpb1 can't find it :/
<rbasak> 50-motd-news
<dpb1> is it on xenail?
<dpb1> xenial
<rbasak> I don't see it on Xenial
 * dpb1 checks bionic
<rbasak> Looks like 50-motd-news only prints from a cache to me.
<rbasak> And the cache is updated out of band.
<rbasak> Unless --force is used, which is commented to happen from the systemd timer
<dpb1> hm
<rbasak> Seems to me that there is a common need for caching.
<dpb1> yes
<dpb1> and there is a systemd
<dpb1> that updates the same file
<rbasak> Who wants to write a general caching infrastructure for update-motd.d? :)
<dpb1> lol
<dpb1> well
<ahasenack> rbasak: if we cache the "ubuntu-advantage status" output, would you be ok with the motd script itself be in bash?
<ahasenack> or do you want that in dash as well
<ahasenack> or are you still looking and have other comments?
<ahasenack> rbasak: of course, we have to find a common denominator involving trusty all the way up to bionic regarding that caching
<ahasenack> systemd might be out of the picture
<rbasak> ahasenack: you could use cron
<ahasenack> probably
<rbasak> ahasenack: I want everything in dash, unless it's demonstrated that if everything in update-motd.d moves to bash, it wouldn't cause any significant difference.
<rbasak> ahasenack: since I think this package should be consistent with everything else; there's no reason to grant it an exception on this.
<ahasenack> ok
<ahasenack> can you make these comments in the mp please?
<ahasenack> (if you haven't already)
<rbasak> ahasenack: done just now :)
<ahasenack> thx
<rbasak> ahasenack: I'm EODing soon. I'll finish reviewing on Monday.
<ahasenack> ok
<HackeMate> hello folks
<HackeMate> i have configured bind9 for dns forwarding as cache, it works fine, now i want to set up a dns proxy, or any system that filter all dns queries in order to block porn sites
<HackeMate> is there a project working in this way?
<sarnold> HackeMate: https://dnsdist.org/ is cool stuff
<HackeMate> oh, thanks
<HackeMate> i wonder how big should be your curriculum sarnold
<dpb1> HackeMate: if you bottom out on anything, you could update https://help.ubuntu.com/community/ParentalControls
<sarnold> HackeMate: what do you mean?
<HackeMate> dpb1: thanks
<HackeMate> sarnold: you have a huge knoweldge
<HackeMate> that's what i mean
<sarnold> heh, it feels like I'm learning less than is being created every day .. it feels like endlessly slipping backwards :)
<HackeMate> that feelings makes you powerfull
<sdeziel> HackeMate: the implementation probably depends on the kind of block list you use. For example, you could leverage OpenDNS FamilyShield by setting their IPs as forwaders in your bind
<BenXVII> Hello is there anybody on that could enlighten me with an issue I have on my HP server ?
<teward> BenXVII: not unless you give details about the 'issue' and ask your *real* question
<teward> failing that nobody can help you.
<BenXVII> I didn't know wether this was the proper place to ask. I plugged a 4TB SAS drive. But for some reason it is not recognized. In hpssacli it says "Status: Unsupported". It's an HP ProLiant DL370 G6 server.
<teward> BenXVII: that's an HP hardware question, so this isn't the right place
<teward> so you'd need to contact HP probably for assistance with the system saying it's unsupported
<BenXVII> Thank you teward :)
<BenXVII> It doesn't even appear in gparted :)
<teward> probably because it's not a supported drive or something else, the fact it doesn't show up *sounds* like the drive and your hardware aren't compatible
<BenXVII> I will contact HP support. I hope it won't be too expensive :p
<patdk-lap> are you even sure the port you plugged it into supports sas disks?
<patdk-lap> you didn't plug it into a sata port did you?
<BenXVII> patdk-lap, yes I am sure, the server only supports SAS
<patdk-lap> I have never seen a server that only supports sas
<BenXVII> Might be that the controller is outdated and doesn't support 4TB volumes
<teward> patdk-lap: I have.  some older poweredges here :P
<patdk-lap> teward, heh?
<teward> they're sitting in the scrap pile for destruction, but they only have 3 hotswappable disks, all SAS
<patdk-lap> every poweredge and hp I have ever had supported sata, and ones with raid cards did both
<patdk-lap> hotswappable sas != sas only
<BenXVII> I tried to plug in a SATA drive once and it wasn't supported
<BenXVII> all drives are in the front bays, there are 8 of them
<teward> patdk-lap: well, this one *only* had SAS drives, I guess whomever set it up played safe.
<teward> *shrugs*
<teward> ultimately irrelevant, we have much newer servers :p
<patdk-lap> https://h20195.www2.hpe.com/v2/getpdf.aspx/c04282679.pdf?ver=1
<patdk-lap> supports sas and sata
<patdk-lap> the raid card that comes in it only supports 2tb drives though
<teward> ah that explains that
<teward> BenXVII: unsupported drive size.
<BenXVII> Thought so. Do you guys think I can use 2 2TB SAS and make them in the OS as one logical volume of 4 ? The purpose of the drive is to backup an attached NAS.
<patdk-lap> hmm, it can support 4tb, if your lucky and have upgraded firmware
<patdk-lap> also, those raid cards do not support passthough that I know of
<patdk-lap> so you have to setup a raid config
<BenXVII> Oh well, it's for a local non-profit, I will tell them to the backup of the NAS on two 2 TB dirves :)
<BenXVII> RAID is already setup, so I don't want to start all over again :p
<crester48> hello
<BenXVII> patdk-lap and teward .. thanks a lot for your help
<BenXVII> Have a good night everybody :)
#ubuntu-server 2018-02-10
<Space-Duck> What are your thoughts on installing Webmin on production web servers?
<andol> My first thought? Why on earth would you do that?
<Space-Duck> Cause I'm lazy... I'm tired of configing
<Space-Duck> But is my convenience worth it?
<andol> Using Webmin seems a lot more work than to have your config reusable in a configuration management system.
<HackeMate> how does opendns work, they are a dns server with a huge /etc/hosts file?
<lordievader> HackeMate: They are an open resolver. They forward queries to the authoritative nameserver. And probably cache the answer.
<sileht> jamespage, coreycb, zul, ddellav Hi, last libvirt/qemu released on cloud-archive looks broken : https://bugs.launchpad.net/cloud-archive/+bug/1748622 don't hesiate to ping me for any additional log/output/debug
<ubottu> Launchpad bug 1748622 in Ubuntu Cloud Archive "with last proposed libvirt/qemu update instances missing" [Undecided,New]
<Redfoxmoon> Hello! just installed ubuntu server 17.10 on a computer with an e1000e ethernet controller, in the installer it's able to configure the ethernet controller correctly
<Redfoxmoon> However when it reboots into the installed copy, there's no ethernet entry in /etc/network/interfaces, adding one doesn't help either
<Redfoxmoon> Quite stumped as to what to do...
<Redfoxmoon> ..... lalala installed *again* and now it just magically works
<Redfoxmoon> my luck ;_;
<Redfoxmoon> nvm.
<Redfoxmoon> and I solved it! yay
<tomreyn> well done ;-)
<Redfoxmoon> *sigh* it's a tiny bit annoying the old interfaces crap was left in though, honestly:-)
<Redfoxmoon> Makes it just slightly confusing..
#ubuntu-server 2018-02-11
<KingParrot> dummy package vs metapackage?
<KingParrot> Hello room
<mason> Hrm, that's not how to use IRC.
<KingParrot> Hello room
<KingParrot> I am thining about attempting to install a MATE desktop on  server from a deb file.
<mason> KingParrot: From earlier, a dummy package is usually a transitional package name, as I remember, where a metapackage is a collection of packages.
<mason> KingParrot: This might be more appropriate to #ubuntu, but you probably want "apt install mate-desktop-environment"
<KingParrot> Ty
<KingParrot> I allready found the important info
<KingParrot> My notes this is a "dummy package" not a "metapackage" the main diffrance is a dummy package can be safely removed.
<mason> Sounds reasonable.
<KingParrot> I am giving some thought to attempting to install a Desktop from deb files
<mason> It's better to use a proper repository, so you get timely updates.
<KingParrot> I currently have mate-desktop-environment-extra -   gir1.2-mate-desktop -  ubuntu-mate-desktop
<KingParrot> I think when it comes to ubuntu-mate-desktop and mate-desktop-environment-extra I haft to pick one or the other.  but I am not sure
<KingParrot> my server is not set up to go online.
<mason> I'd be surprised if they conflicted. You should be able to pick a session type if you're using lightdm or gdm or similar.
<KingParrot> I want to build everything on my server offline.
<KingParrot> I am not very fumilur iwth lightdm or gdm
<KingParrot> I have herd of lightdm
<KingParrot> I have my ways to find out info fast
<KingParrot> LightDM theme and default configuration for Ubuntu MATE
<KingParrot> but I suspsect that LightDM does much more then theme aspects.
<KingParrot> Is LightDM a GUI in and of its self?
<mason> No, it's a display manager, like XDM
<KingParrot> I am not fumilure with XDM
<mason> Graphical login prompt
<KingParrot> I did notice when looking at the list of MATE deb files many where API.
<KingParrot> I did not download or file any of the MATE API because think the copy of ubuntu-mate-desktop that I have is a full desktop environment is what it says.
<KingParrot> but I do suspect that I may need some of the MATE API in the list just not sure witch ones would sufice.
<mason> KingParrot: A bulletproof way to identify the full list you need isn't coming to mind, since I don't know what you've got installed to start.
<KingParrot> I have ubuntu 16.04 but I don't recall what other things I installed in it's instalation,
<mason> Exactly.
<KingParrot> I am thinking about installing rxvt-unicode on it.
<mason> Good choice.
<KingParrot> I did install Opera as a od exspirmint.
<KingParrot> on some Distros Opera did not requir any depandancies.
<KingParrot> but in my test on the server install it required about 6
<KingParrot> To my understanding is because I am mostly just a server I may need to install comands libray.
<KingParrot> So far all the commands I have used I think worked.
<KingParrot> I think I installed MYSQL on it.
<KingParrot> becuase in my notes I do have a pass word.
<KingParrot> and user name for MYSQL
<mason> Hm, been a while since I set up MySQL from scratch. Maybe there's a database user account, like 'postgres' for PostgreSQL.
<KingParrot> I have not attempted to access it.
<mason> There'll be docs available from the package(s).
<KingParrot> I think the MYSQL dose not have a seprite user account.
<KingParrot> I occured to me when logged into the server and when I did cat /etc/passwd it had 3 accounts
<KingParrot> 2 of the accounts I made after the server instalation.
<KingParrot> so the MYSQL password must be for the main account.
<mason> KingParrot: https://www.digitalocean.com/community/tutorials/how-to-install-mysql-on-ubuntu-16-04
<KingParrot> LAMP was a seprit optoin and I normaly do install it because it seems to be a main one to use.
<KingParrot> This is a good page to look or mason it sugjest to make a none root user and a firewall.
<KingParrot> I alwise make none root user accounts some times 2 or 3 of them.
<KingParrot> from my espirments it seems that user accounts in certain distros are not as sovrin as they could be.
<mason> How so?
<KingParrot> It would be nice that if install programs that it would only make changes to that exsact user accout with out affecting other user accounts thus the main system.
<KingParrot> example if I install Maxthon in one user profile then in the onther user profile maxthon would not be installed.
<mason> I'm not familiar with Maxthon, but that sounds like a sort of sovereignty if per-user installs are limited to that user.
<KingParrot> if the user accounts were more sovrine like that it would be awsume
<KingParrot> Maxthon is a web browser
<mason> By default in Ubuntu you're not installing things for individual users/accounts.
<KingParrot> Maxthon is a odd ball browser it use 2 engince on like most broswers.
<KingParrot> because Maxthon uses 2 engines it runes more processes.
<KingParrot> it is like running 2 web browsers at the same time.
<KingParrot> one of the core engines is trident out of Microsofts IE explorer and the other I think is webkit but I don't recall for sure.
<KingParrot> mason is  linux PC your main online pc?
<mason> KingParrot: Maxthon is interesting, but I think I'd trust a free-software browser more.
<KingParrot> http://www.maxthon.com/blog/maxthon-cloud-browser-for-linux-v1-0-4-0-beta-is-released-feature-the-new-cloud-sync-manager/
<KingParrot> Maxthon is free
<KingParrot> but I don't think it is open sorce.
<KingParrot> Maxthon is out of China
<KingParrot> I have used it on windows.
<mason> Yeah, I meant "libre" rather than "gratis" when I said "free".
<KingParrot> I had tried to find it off and on for linux but yester day I manages to obtain 3 copies
<mason> That's a problem you wouldn't have with free software.
<KingParrot> Some of the very first Opera browser a person had to pay to use.
<KingParrot> I have a copy of a paid version of Opera.
<KingParrot> can install it and run it but can't use it online I don't think
<mason> The only commercial software I use regularly nowadays is xv.
<KingParrot> I avoid trial versions.
<KingParrot> I was testing out vpn and one of them had a 7 day trial so I sent them a Email.
<KingParrot> I told them they needed to be more bold and more clear that it was a trail version.
<KingParrot> I think that is what I told them.
<KingParrot> Pay stuff of free stuff I am fine with but deceptive trial version junk I dispise.
<KingParrot> One thing I don't like about these new windows PC is you pay for the OS but they do not provide a copy of that OS with the PC.
<KingParrot> bunch of crimanals.
<mason> Yeah, that practise is a bit troubling.
<KingParrot> If I pay for all that system soft were it should also be in the box.
<mason> Luckily Ubuntu doesn't have that problem. :)
<KingParrot> I wipe HD often
<KingParrot> I do clean installs often
<KingParrot> but recently I did a funny
<KingParrot> Linux has been a real trip I had done things I never done with windows.
<KingParrot> I currently have 8 o
<KingParrot> I have 8 OS on this HD
<KingParrot> I messed up on the one and gavein the partion size of the OS to small so even defragmenting it did not help its performance.
<mason> KingParrot: I need to head off for the night, but good luck with your MATE install, and have fun!
<KingParrot> so instead of wipeing the Drive I just Installed that Esact disro again but with more drive space.
<KingParrot> u have a Email?
<KingParrot> mysqladmin
<KingParrot> idk what or if I should get a LightDM.
<KingParrot> they can walk
<KingParrot> 	alex
<KingParrot> ftp
<rthornton> what files do I need to edit in order to setup a static IP system?
<TJ-> rthornton: depends which release of Ubuntu. Recent releases use netplan
<rthornton> ok, so I am experiementing with both 16.04LTS and 17.10
<rthornton> is netplan installed by default, or I sudo apt install netplan
<TJ-> nplan allows you to write a service-agnostic configuration which at boot-time is processed by a generator to write the correct config for the system's network handling service, systemd-netword or network-manager are the two renders currently supported
<TJ-> rthornton: for 17.10 it'll be by default; for 16.04 you'll need to install package 'nplan'
<rthornton> ok, thx
<HardcoreKrypton> anyone use curtin ?
<KingParrot> Hello Wackos and Gents
<KingParrot> bleach
<KingParrot> Any one here use vsftpd?
<cncr04s> no it sucks
<Ussat> ftp....really ?
<KingParrot> yes
<KingParrot> my attempts to use Samba has not gone well
<Ussat> ftp = bad
<Nivex> is sftp an option?
<KingParrot> I did set up ftp on WinXP
<KingParrot> sftp?
<KingParrot> what is the diffrance?
<Nivex> sftp is a subsystem of SSH
<KingParrot> is one easyer to set up then then the other?
<Ussat> use scp or sftp
<Ussat> they are secure
<Nivex> if you already have SSH working, you've got the server side done
<Ussat> Nivex, you mean scp
<KingParrot> I think my CentOS 6.8 may have SSH out of the box.
<Nivex> Ussat: I said what I meant.
<KingParrot> What should I use?
<Nivex> sftp will more closely resemble a standard ftp client. scp can act more like cp but with network paths
<Nivex> what is your use case?
<KingParrot> This package provides the "Very Secure FTP Daemon", written from the ground up with security in mind. It supports both anonymous and non-anonymous FTP access, PAM authentication, bandwidth limiting, and the Linux sendfile() facility.
<KingParrot> sftp?
<Nivex> without using acronyms, tell us what you are trying to do
<KingParrot> Implements the SSH2 protocol and its SFTP subsystem for ProFTPD
<KingParrot> I have a Ethrnet cable from Linux PC to WinXP
<KingParrot> I would like to send a large ISO file from the Linux to the XP
<Nivex> directly cabled? no switch or network infrastructure?
<KingParrot> It is not a fance cable just a patch cord
<KingParrot> I would not mind having a fancy usb cable made for doing this.
<KingParrot> Pure-PHP implementation of SFTP
#ubuntu-server 2019-02-04
<lordievader> Good morning
<terra> Guys, I always install server from minimal iso and I don't use netplan. Ifupdown setup works fine during but...
<terra> "systemctl restart networking" doesn't set new settings on /etc/network/interfaces
<terra> *buring boot
<terra> *during boot..
<ducasse> ok, what happens? nothing?
<terra> yes
<ducasse> any hints in 'journalctl -u networking'?
<terra> Stopping/Stopped/Starting/Started Raise network interfaces...
<terra> for each attemp
<ducasse> so the interface is stopped and restarted?
<terra> Does it really matter if new settings not applied?
<terra> And I don't know messages indicates interfaces actually got up/down
<terra> probably there are other people here using ifupdown instead new uber super tech "netplan" gÄ±zmo
<terra> Maybe netplan will be deprecated again... when get used to use it. Hope playing with core components doesn't occur so often.
<ducasse> i'm using ifupdown myself, haven't seen this issue
<terra> https://paste.ubuntu.com/p/9QpPmgyJSY/
 * lordievader +1 for ifupdown, netplan.io is one of the first things to go on a new install.
<cpaelzer> jamespage: coreycb: I'm not seeing the qemu/libvirt from Disco in https://launchpad.net/~ubuntu-cloud-archive/+archive/ubuntu/stein-staging/+index?batch=300
<cpaelzer> since we agreed that stein will have those I wanted to double check if that is going well?
<jamespage> cpaelzer: next on my list to backport
<jamespage> not started on it yet
<cpaelzer> thank you jamespage
<JulietDeltaGolf> Greetings ! Does anybody know what kind of performance are to be expected with a MD RAID6 ?
<JulietDeltaGolf> I'm running ubuntu 18.04.1 with kernel 4.18.0-14-generic and have a 12 drives RAID6.
<JulietDeltaGolf> I expected a single dd write to the MD devices from /dev/zero would give me something close to 2 GiB/s but I get 96 MiB/s.
<JulietDeltaGolf> What am I missing ?
<kstenerud> Is there such a thing as an apt proxy that caches downloads, and can be addressed by other machines on the LAN?
<kstenerud> such that you set up a deb entry for the caching machine
<ahasenack> kstenerud: apt-cacher{,-ng} is smart like that, iirc it uses avahi-daemon to let others know it exists
<ahasenack> you can also install squid-deb-proxy, and squid-deb-proxy-client on the client machines
<kstenerud> ahasenack: So does that mean that if I have a proxy on the lan, any system will pick it up automatically via avahi-daemon?
<ahasenack> kstenerud: that's the theory, but I'm not using it, I set up an actual squid proxy, and point my machines at it
<tomreyn> JulietDeltaGolf: maybe the raid is stil being bult by the time you're testing?
<JulietDeltaGolf> tomreyn > not I waited patiently
<JulietDeltaGolf> for it to finish
<JulietDeltaGolf> but I've just found out 4 drives were doing a background check
<tomreyn> JulietDeltaGolf: so you had checked /proc/mdstat
<JulietDeltaGolf> that helped a bit
<tomreyn> oh ok
<JulietDeltaGolf> then I did a dd with an absurdly large blocksize
<JulietDeltaGolf> and now I get ~600 MiB/s
<JulietDeltaGolf> and the raid process is using around 93% of the cpu
<tomreyn> are you using oflag=direct ?
<tomreyn> 93% of CPU?! that sounds wrong
<JulietDeltaGolf> sooooooooooo I guess o_direct is not only bypassing the VFS cache
<JulietDeltaGolf> but the MD and the disk cache as well ...
<JulietDeltaGolf> and I didn't expect that... that should be O_SYNC flag's job
<JulietDeltaGolf> tomreyn > yeah ...
<JulietDeltaGolf> sorry I meant 93% of a core :)
<JulietDeltaGolf> hum ... so it would mean the RAID6 implementation is single threaded and I will never go above that ever.
<RoyK> JulietDeltaGolf: what sort of drives are these?
<RoyK> JulietDeltaGolf: keep in mind that dd is a very poor performance test tool - try fio
<RoyK> fio is built to benchmark disks - dd is made to move data
<JulietDeltaGolf> RoyK > old spinning rust :)
<JulietDeltaGolf> setting 1 in group_thread_cnt
<JulietDeltaGolf> seems to help
<RoyK> JulietDeltaGolf: as for that of singlethreadedness - I really don't know. How large are these drives? what's their rpm? what's the expected workload?
<RoyK> JulietDeltaGolf: for raid-specific questions, there's also #linux-raid
<JulietDeltaGolf> RoyK > 8TB 7200k NL SAS
<tomreyn> with 18.04, we have both rsyslogd and systemd-journald. isn't this redundant - would not make sense to have only one or the other?
<blackflow> tomreyn: well, you can't get rid of journal. and removing rsyslog would probably break legacy stuff that relies on those logfiles being available.
<blackflow> and there'd be additional pitchfork mobs if rsyslog was removed. so it's a good default for now.,
<blackflow> personally I prefer to use journal as a short (100M) in memory (volatile only) buffer, and forward everything to a syslog for persistent logging.
<tomreyn> blackflow: yes, that's probably true, and the redundancy doesn't really hurt. maybe the addition of systemd-journal should be mentioned in the release notes, possibly accompanied by a hint that users may want to replace rsyslogd if they don't need it.
<sdeziel> I've also heard that systemd-journald makes a poor network log aggregator (doesn't scale well)
<tomreyn> i see, that's good to know.
<blackflow> tomreyn: journald is core component of systemd, it was here since 15.04
<tomreyn> oh, it's been in 16.04, too? i wasn't aware!
<blackflow> yup.
<teward> rbasak: i may have to add a third party plugin go nginx-full and -extras - there's a headache with GeoIP legacy being discontinued and not available freely anymore; there's a GeoIP2 third party module that was requested in Debian, and I asked sarnold to do a cursory review, and he said for -full and -extras it'd be acceptable (it's Universe so..).  Just wanted to give the FYI.  It adds to the delta, but I'd rather have a 'freely usable' GeoIP
<teward> module in the NGINX config than one which you have to pay MaxMind for to utilize.
<teward> thoughts?
<teward> (all server team members are permitted to give comments0
<rbasak> teward: OK, thanks. And good job on checking with the security team and letting them know :)
<teward> rbasak: always :P
<teward> sarnold gets pokes from me about that stuff regularly :P
<teward> rbasak: sarnold's usually the first one I ask for cursory code reviews for any major evils
<teward> in this case there wasn't any major problems identified, but it's also in Universe so we're not needing a heavy in-depth analysis at this point, just the ultra major headaches/concerns (since it's not in Main)
<teward> rbasak: though in the future we may need to talk on a MIR to include that module, since GeoIP's... well, now a 'paid product' for the geoip date from MaxMind.
<teward> cyphermox: noticed something odd on an 18.04 machine - netplan's 51-local-config.yaml (made in house) and 99-vmware-cfg.yaml (provided by VMware Template), netplan only processes 51 and not 99, is this normal?
<teward> (similar behavior when 50-cloud-init.yaml is present too)
<super_koza> Hi! I need to pick someones brain... :)
<super_koza> I want to copy data from an external drive back to the Ubuntu Server 18.04 and I use rsync for that.
<super_koza> However, it is painfully slow.
<super_koza> When I was copying data from the server to the drive, it was rather fast (USB3)...
<super_koza> What could be the cause for this, or what should I look at...
<sarnold> just how slow is it going?
<super_koza> I started rsync maybe a minute ago and it still says sending `incremental file list`
<super_koza> But when I earlier tried to copy files, it was up to 2MB/s
<super_koza> Given that I have almost 1TB of data, this is crazy...
<amcclure> hello
<benharri> o/ amcclure
<amcclure> hi Ben
<super_koza> The drive is partitioned as ext4
<benharri> small world, hey?
<amcclure> yep lol
<benharri> super_koza: you might want to try something like https://github.com/jbd/msrsync
<super_koza> Ok, when I try copying big files, the speeds reach up to 150MB/s
<sarnold> that's not a big surprise
<sarnold> getting information about small files can take forever, lots of syncs, lots of syscalls, etc
<sarnold> but copying huge files can issue huge read() calls, usually it's sequential copies..
<super_koza> For example: 2.03G 100%    8.38MB/s    0:03:51
<amcclure> I don't really know why since I didn't have this issue with older Ubuntu Server versions or other distros, but when I type "sudo [command]" there's always a long delay before it asks to enter my password. After that however there aren't any delays unless I try running a command with sudo again.
<sdeziel> readahead also possibly help with bigger files
<amcclure> is there anything I could do to fix this issue?
<sarnold> amcclure: is that delay about six, twelve, or eighteen seconds?
<super_koza> It was showing ~150MB/s, but as it took long, the avg is only ~8MB/s
<amcclure> super_koza: yes
<amcclure> wrong tab sorry
<amcclure> sarnold: yes
<sdeziel> smells like DNS lookups
<sarnold> amcclure: smells like busted dns lookups, as sdeziel mentions
<amcclure> dns lookups?
<sarnold> you may be able to configure the PAM module doing the lookups to not do them, or install records in your DNS server or /etc/hosts to give speedy answers..
<sarnold> or maybe it's sudo doing the lookups..
<sdeziel> sarnold: I'm curious to know where you took those 6, 12, and 18 s? resolv.conf mentions the default timeout to be 5s and retry 2
<super_koza> is there anything else that I could use?
<sarnold> sdeziel: hmm, I thought it'd be six seconds forever, and the 12 and 18 in case the second and third listed resolvers give trouble..
<amcclure> it was a hosts issue
<amcclure> didn't think sudo and hosts were connected at all
<sarnold> sudo's config file lets you specify specific permissions on specific hosts
<sdeziel> super_koza: for this transfer I don't know but if you need to do this frequently, there are possibly better ways than rsync
<sarnold> then you can distribute one config file to every server in your organization
<super_koza> sdeziel: no, I won't do this frequently, but please do tell me what would be a better option in that case
<sdeziel> super_koza: you could use "modern" filesystems (like btrfs or zfs) to send snapshots arounds instead of copying individual files
<sarnold> and depending upon how much changed vs how much stayed the same, it might be faster to skip rsync and just cp -R instead
<sarnold> computing diffs between source and dest can require reading them both in.. but cp -R will have fewer reads of the destination drive..
<sdeziel> sarnold: I think that rsync defaults to using --whole-file when the src/dest are both local
<sdeziel> but maybe cp -R can still beat it, I never compared both to be honest
<sarnold> sdeziel: ooh, nice
<super_koza> msrsync doesn't seem to do much
<super_koza> the terminal stays blank even though I have specified -P flag
<super_koza> When I try copying the files with rsync to my laptop over USB2 port, speeds of 30MB/s are reached for larger files
<super_koza> Whis seems decent I would say.
<super_koza> Why the hell is my server so slow then?
<super_koza> How can I check USB speeds?
<lordcirth__> amcclure, does your hostname for 127.0.0.1 in /etc/hosts match your hostname in /etc/hostname ?
<lordcirth__> Oh, nvrm, you found that
<sdeziel> super_koza: maybe your server is doing other things taking away IO bandwidth?
<super_koza> Nope, it is doing nothing
<lordcirth__> super_koza, in future, using tar might make this a lot faster
<lordcirth__> btrfs/zfs snapshots are great, but if the problem is random IO being really slow, tar will turn it into a single sequential IO
<super_koza> I have done a very very stupid thing
<lordcirth__> oh?
<super_koza> I have changed permission on my home with -R 777 :D
<super_koza> I have no idea why I did this...
<lordcirth__> Well, that's not nearly as bad as doing it to /
<super_koza> How can I recover from it?
<sdeziel> your subconscious wanted to test your backup procedure ;)
<super_koza> I can't ssh anymore
<sarnold> are there other untrusted users on the system?
<lordcirth__> super_koza, you need to remove permissions from ~/.ssh. chmod -R o-rwx ~/.ssh
<lordcirth__> -> recursively remove 'rwx' from 'others'
<benharri> .ssh should just be 700
<super_koza> ok
<super_koza> let me try it
<super_koza> so I should do chmod -R 770 /home/myuser?
<sarnold> then once you're done with that, figure out how to remove that execute bit from files that shouldn't have it
<super_koza> damn
<super_koza> :D
<sarnold> I thinkt he last time I needed to clean up after someone's chmod 777, I used find . -type f -exec .. and find .  -type d -exec ..
<super_koza> what does that do?
<sdeziel> super_koza: "-type f" will only run the -exec stuff on files, "-type d" will deal with dirs only
<super_koza> Now I have mounted the drive into /mount
<super_koza> and now I get decent speeds
<super_koza> Not sure how that makes any difference, but hey, whatever works...
<jilocasin> evening all
<jilocasin> anyone have any idea why *the* default installer for 18.04.1 LTS Server is a subiquity based cloud one?
<rbasak> I don't think that question can be answered in a way that would satisfy you. Defaults get decided by the project according to our governance structure.
<jilocasin> rbasak: wondering because; there is no warning, it *requires* a network connection to install or start, and it litters the install with cloud based programs and configuration files.
<rbasak> See bug 1750819.
<ubottu> bug 1750819 in subiquity "Impossible to install without network" [Undecided,Triaged] https://launchpad.net/bugs/1750819
<jilocasin> rbasak: yea I found that entry *after* I ran head first into that bug.
<rbasak> As for "litters", you'll need to explain why that's actually a problem. It's common to end up with things that people don't specifically need in order to provide a more comfortable experience and to help reduce the bug count (fewer possible combinations generally means fewer bugs).
<rbasak> For example, you also end up with a ton of hardware drivers you don't need.
<rbasak> The advantage is that everyone* is using the same kernel, which makes bugs shallower.
<jilocasin> back everyone...
<jilocasin> bye now.
#ubuntu-server 2019-02-05
<lordievader> Good morning
<jamespage> cpaelzer: libvirt+qemu is now into stein-proposed for the UCA
<cpaelzer> thank you ++ jamespage
<cpaelzer> you get +1 on my "need to spend a beer list"
<jamespage> cpaelzer: I'll exchange that beer for help with
<jamespage> "configure: error: Could not find DPDK library in default search path, Use --with-dpdk to specify the DPDK library installed in non-standard location"
<jamespage> when backporting openvswitch to bionic (complete with meson and dpdk from disco as well)
<jamespage> :)
<ahasenack> cpaelzer: do I need to do something special to get the *-dbgsym packages from the bileto ppa?
<ahasenack> cpaelzer: https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3631/+packages I see, for example, samba-dbgsym in there
<ahasenack> but apt-cache policy doesn't, it's still trying to fetch the dbgsym packages from the archive (ddebs.ubuntu.com)
<ahasenack> rbasak: do you know? ^
<ahasenack> anyone?
<rbasak> ahasenack: pastebin the policy output please?
<rbasak> Oh, hang on.
<rbasak> The ddebs go through some special process to get built I think?
<rbasak> Do PPAs even build them?
<rbasak> Oh yes, they are there.
<ahasenack> rbasak: https://pastebin.ubuntu.com/p/2cp8xgTgqK/
<rbasak> ahasenack: looks like you'll need to add the debug bit to your sources.list.
<ahasenack> and if I download the deb, and install it with dpkg -i, apt-cache policy shows it as installed of course, but from /var/lib/dpkg/status
<rbasak> Try http://ppa.launchpad.net/ci-train-ppa-service/3631/ubuntu bionic/main/debug
<ahasenack> rbasak: how? The ddeb entries I have look like normal sources.list lines
<ahasenack> # cat /etc/apt/sources.list.d/ddebs.list
<ahasenack> deb http://ddebs.ubuntu.com bionic main restricted universe multiverse
<ahasenack> ...
<rbasak> Uh
<rbasak> deb http://ppa.launchpad.net/ci-train-ppa-service/3631/ubuntu bionic main/debug
<rbasak> Maybe
<ahasenack> that worked
<ahasenack> witchcraft
<ahasenack> thanks!
<rbasak> You're welcome! If it helps, what I did was: found the ddebs being built in https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3631/+packages; browsed at the URL given by the PPA sources.list; found http://ppa.launchpad.net/ci-train-ppa-service/3631/ubuntu/dists/bionic/main/debug/binary-amd64/Packages.gz; and reverse engineered the correct sources.list line from that.
<ahasenack> as I said, witchcraft
<ahasenack> :)
<rbasak> Oh, and manually looked in the Packages.gz to confirm it contained the ddebs
<rbasak> :-)
<cpaelzer> ahasenack: sorry to be late , but a while ago I think I added this https://wiki.ubuntu.com/DebuggingProgramCrash#Installing_dbgsym_packages_from_a_PPA
<cpaelzer> is that the way you ended up using?
<ahasenack> yes
<ahasenack> "have no fear", heh
<cpaelzer> jamespage: I usually built it in a sbuild env to debug it when I had that error
<cpaelzer> that was what was leading me to the OVS upstream patch to suppotr pkg-config based libs
<cpaelzer> it very likely is related to the same
<cpaelzer> jamespage: do you have the configure.log available?
<jamespage> cpaelzer: no that's from the backporter
<cpaelzer> what could it be - I bundled the new pkg-config macros
<cpaelzer> hmm
<cpaelzer> jamespage: I think without a configure.log we are lost :-/
<paride> ahasenack, I can confirm LP #1783129 is solved in the 18.04.2 RC. I was a bit surprised by finding the bionic-backports repo enabled by default, but its Release file has a 'NotAutomatic: yes' line, so I'm sure everything is as it should be.
<ubottu> Launchpad bug 1783129 in subiquity "Only "main" component enabled after install" [High,Confirmed] https://launchpad.net/bugs/1783129
<jamespage> cpaelzer: I'll need to repro then doing something else right now
<teward> stgraber: do you know any oddities with AppArmor on a host system running LXD not being able ot reload or restart itself to refresh apparmor rulesets?
<teward> i ask because i ran into this yesterday when adjusting my apparmor overrides for bind9 so it could use a location ondisk without getting killed, and then apparmor couldn't restart/reload/refresh itself because of something related to the LXD snap
<teward> not sure what exactly but
<sdeziel> teward: to apply changes made to a profile, you not need to restart Apparmor. Instead: apparmor_parser -r -T -W /etc/apparmor.d/usr.sbin.named && service bind9 restart
<teward> sdeziel: there needs to be an easier 'reload' mechanism :P
<teward> sdeziel: thanks though
<teward> sdeziel: still intersting to note that AppArmor can't start if LXD is running though, in the case of, say, an AppArmor crash
<teward> it can't start itself up in that case of LXD containers running snapped.
<ahasenack> rbasak: do you know what this is about in mysql-server-8.0?
<ahasenack> 2019-02-05T18:23:37.165647Z 0 [ERROR] [MY-011300] [Server] Plugin mysqlx reported: 'Setup of socket: '/var/run/mysqld/mysqlx.sock' failed, can't create lock file /var/run/mysqld/mysqlx.sock.lock'
<ahasenack> mysql itself seems to be running fine, I can connect to it
<ahasenack> mysqlx is something new
<rbasak> ahasenack: I'm not seen that. I'd need Skuggen's (not here) help with that.
<rbasak> You can ask him in #ubuntu-devel, but see my message there just now.
<ahasenack> rbasak: I think we will need new apparmor rules
<ahasenack> rbasak: https://pastebin.ubuntu.com/p/cWq7ymJKBR/
<ahasenack> rbasak: last one is about that mysqlx socket
<ahasenack> rbasak: and there is openssl, since it links with it now
<ahasenack> the /sys ones I thought was resolved already?
<ahasenack> waat (deleting mysql8 from proposed)
<ahasenack> well, at least the patches I added to net-snmp were not mysql-8 exclusive, I took the extra work so that it should still build with 5.6.x
<ahasenack> er, 5.7.x
<rbasak> That makes sense.
<rbasak> Please tell Skuggen though!
<ahasenack> rbasak: I can file a bug, objections?
<rbasak> No objections, but might be worth checking the bug won't be impacted by the delete.
<rbasak> Apart from that, bugs against 8.0 would be helpful for tracking, thanks.
<how2hack> hi, i'm trying to join a ubuntu client to a ubuntu server domain controller, but i run into the following error: https://paste.ubuntu.com/p/vyppT2SCQf/
<how2hack> a quick look in the journal shows these two errors: https://paste.ubuntu.com/p/XDMVx2BMyY/
<how2hack> can anyone tell me how to fix this?
<lordcirth__> how2hack, check that your time on the two systems is accurate (<1s)
<lordcirth__> 'date'
<how2hack> oh, it's not
<how2hack> it's off, by exactly 1hour
<sarnold> lordcirth__: nice :)
<how2hack> https://paste.ubuntu.com/p/DS7b6czYTc/
<how2hack> i changed the hour so it's the same in both but still i get that error in the journal
<zzlatev_> Hi guys
#ubuntu-server 2019-02-06
<cleron>  Hello im using Ubunto 16.04 With Webmin/Virtual min.  Wondering if anyone can help, i need to have php 5.6 and 7.x installed at the same time i tried installing 5.6.... seemed like in installed but it does not show up in virutal min. what can i do?
<sarnold> cleron: LXD or virtual machines is probably going to be your best bet
<lordievader> Good morning
<cpaelzer> rbasak: the qa.ubuntuwire.org which is the backaend for reverse-depends now updated
<cpaelzer> so it might be every 24h maybe - just to set expectations on this data
<cpaelzer> kstenerud: ahasenack: ^^ FYI
<tumbleweed> cpaelzer: reverse-depends is updated twice a day
<cpaelzer> tumbleweed: thanks - we were wondering yesterday what the frequency might be
<tumbleweed> the cron entry is 7   9,21 * *   *
<kron3> Hi, I have a problem with Ubuntu Server 18.04 LTS as a VM on Hyper-V Server. After fresh install, and apt-get upgrade VM is hanging at boot up. How can I solve that problem?
<kron3> but I can run VM with ubuntu, when I choose oldest kernel (4.15.0-29)
<kron3> Now I installed third VM with only IDE hard disk
<kron3> this one works
<kron3> So there is something with disk drive? Or address?
<kron3> I found out, that VM without Network adapter starts normally...
<kron3> So could anybody help me with that?
<blackflow> kron3: you'll have to explain your problem with more detail, it's not clear what it is.
<kron3> Ok, Sorry. Fresh install of Ubuntu Server 18.4 LTS as VM in Hyper-V Server 2012. Is that clear?
<blackflow> So far so good.
<kron3> After 3 commands: sudo apt-get update, apt-get upgrade, reboot - VM doesn't start...
<blackflow> kron3: and then you apt upgrade, reboot, and it hangs? what about the third VM with IDE hard disk (and why IDE?) what do you mean by "works"? It doesn' thang after reboot after apt upgrade?
<kron3> "third VM " was mistake...
<kron3> Now I'm sure, that when I remove virtual network adapter - VM start normally
<blackflow> kron3: the one that otherwise hangs on boot? starts normally when you remove the virtual NIC?
<kron3> Yes, exacly
<blackflow> ok, what NIC driver are you using? virtio?
<kron3> I'm not sure... it's from standard installation...
<blackflow> kron3: no, I mean, what driver have you configured on the hyper-V side
<blackflow> if that is even configurable, I don't know. It is with qemu-kvm and virtualbox, for example.
<kron3> It is: "Network card", not "Older network card"
<kron3> In hyper-v there are 2 types of virtual network adapters
<kron3> there is no choose of driver, only this type, and... with old one VM also boot
<blackflow> kron3: I had to look it up. it says there's "legacy" and "synthetic", so I'm assuming you're using the "synthetic" one?
<kron3> Yes, synthentic
<kron3> There is something wrong with network driver in kernel? Now I checked, that the legacy one is working...
<blackflow> according to this, you need "Linux integration services":  https://stackoverflow.com/questions/14389722/hyper-v-network-adapter-drivers
<blackflow> and according to this, you need to install "linux-azure" kernel package: https://docs.microsoft.com/en-us/windows-server/virtualization/hyper-v/supported-ubuntu-virtual-machines-on-hyper-v
<kron3> Strange, because I use Ubuntu Serveer from years in Hyper-V. It always works, and LIS was bouild in in standard instalation....
<kron3> After Clean install (so with older kernel) It works ok...
<blackflow> kron3: do you have any more info on how the boot hangs? is there anything displayed in the console?
<blackflow> yeah those are relatively older posts, could be it's now all integrated in the main kernel package.
<kron3> I see: something about mouse...
<blackflow> kron3: can you take a screenshot and post it to imgur or wherever?
<kron3> and it stops.. we must wait now, because it will be more on screen after some time....
<kron3> Yes, I'm doing screenshoots
<kron3> https://imgur.com/a/ej3AYCz
<maeud> Hi, does anyone have a working partman partition recipe for lvm, crypto and efi on Xenial Xerus?
<maeud> my preseed works fine on Bionic, with Xenial it doesn't load the initramfs
<tomreyn> ^ cross-posted to and now being discussed in #ubuntu
<kron3> https://imgur.com/a/xDs1l3X and https://imgur.com/a/9yLC4wu
<blackflow> kron3: looks like it _is_ booting, just extremely slow. 5 minutes 'til login prompt. Now that you're logged in, perhaps you could pastebin the entire contents of dmesg, to see where the choke points are. and there was some hardware exception as well there.
<blackflow> sorry, almost 10 minutes, not 5 (500+ seconds)
<kron3> No, I can't login ...
<blackflow> huh you're right, that's not a login prompt. perhaps wait a bit more until it appears?
<kron3> https://imgur.com/a/MZeQQq3
<kron3> I can wait... But I was waiting about 1,5 hours... and nothing
<blackflow> kron3: boot into previous kernel that you say works, and then inspect the journal of previous boot?  journalctl -b -1
<kron3> On other, older VMS I'have kernel 4.15.0-45, 0-44 and 0-34 (only this works). On fresh install 0-29....
<kron3> https://pastebin.com/auWMac3B
<blackflow> kron3: is that the previous or current boot...
<kron3> It looks like current... :-(
<kron3> but I use command you write: journalctl -b -1
<blackflow> kron3: is your journald not persistent? anyway, maybe you can check /var/log/syslog for entries before 'Feb 06 13:09:49'
<kron3> https://pastebin.com/5zAQmJ8a
<oskie> is there a way to prevent package removal during do-release-upgrade?
<kron3> Also here I don't see nothing ...
<tomreyn> oskie: i don't think so, but why would you want to?
<tomreyn> there is --allow-third-party if that's what you mean
<oskie> tomreyn: ah, thanks. I dunno, but it wants to remove some PPA icinga-web
<tomreyn> oskie: that's a PPA, so it tries to remove it, unless you'll use --allow-third-party, in which case it *may* get around doing so.
<oskie> tomreyn: unfortunately, my do-release-upgrade does not have --allow-third-party
<oskie> also, how do I upgrade a server with mysql-server-5.5 running trusty to xenial? it wants to remove that one as well
<tomreyn> oskie: which ubuntu release are you on?
<tomreyn> oh trusty
<tomreyn> it's normal that 5.5 is removed since it upgrades to 5.7
<tomreyn> https://packages.ubuntu.com/search?keywords=mysql-server
<oskie> ah ok! thanks
<ahasenack> oskie: you can create a config for that setting
<ahasenack> but of course I don't have that at hand, sorry :(
<ahasenack> oskie: found it, old notes:
<ahasenack> mkdir /etc/update-manager/release-upgrades.d
<ahasenack> echo -e "[Sources]\nAllowThirdParty=yes" > /etc/update-manager/release-upgrades.d/allow.cfg
<Epx998> 18.04.2 drops tomorrow, right?
<ahasenack> that's the plan, I hear
<ahasenack> watch #ubuntu-release
<Epx998> will do
<mybalzitch> I looked in /etc/defaults, but didn't see how I set which device grub attempts to install to by default when updating packages (it tries sda, but it should be sdb)
<sdeziel> mybalzitch: I believe this is configurable with debconf, not /etc/defaults/grub{,.d/*}
<mybalzitch> sdeziel: that gave me some more google results to check, thanks
<sdeziel> mybalzitch: check: debconf-get-selections | grep grub-pc/install_devices
<sdeziel> I _think_ that's what you'd need setting
<mybalzitch> sudo dpkg-reconfigure grub-pc did it
<sdeziel> mybalzitch: I don't know if that will remember your choice though, I'm not familiar with debconf
<mybalzitch> I dunno, it seemed to do stuff
<mybalzitch> and your command seems to return the correct device now
<teward> Epx998: an email just went out indicating it will be delayed
<teward> due to LP Bug #1814555
<ubottu> Launchpad bug 1814555 in linux (Ubuntu) "Ubuntu boot failure. 4.18.0-14 boot stalls. (does not boot)" [Undecided,Incomplete] https://launchpad.net/bugs/1814555
<Epx998> Oh good info - any indication of a new eta?
<teward> Feb 14
<teward> see https://lists.ubuntu.com/archives/ubuntu-release/2019-February/004694.html
#ubuntu-server 2019-02-07
<cpaelzer> jamespage: what is the usual acceptance time for patches on OVS?
<cpaelzer> jamespage: I now have two acks and it is up quite some days - I just want to set my expectations right if we will get that into 2.11 as well or at least into master until we upload final 2.11
<ducasse> on bionic, if i add -l to libvirtd_opts in /etc/default/libvirtd (as the file says to do), systemctl fails to restart/start libvirtd.service with 'respawning too fast'. should i file a bug?
<ducasse> i've had someone else confirm this, so it's not a local issue.
<cpaelzer> ducasse: let me take a look first
<ducasse> sure thing
<cpaelzer> ducasse: I'll test on disco, what release are you on so that I take a look there as well?
<ducasse> bionic
<cpaelzer> ducasse: once you enable listening on tcp you also need certificates - the issue after enabling -l is "Cannot read CA certificate '/etc/pki/CA/cacert.pem': No such file or directory"
<cpaelzer> you can use the package ssl-cert to create one or take a look at certbot/letsencrypt (for a real cert) I think
<ducasse> oh, i must have missed that when i looked at the log. perhaps there should be a note on this in /etc/default/libvirtd?
<cpaelzer> IMHO it is not really abug, if anything a note there would be nice
<lordievader> Good morning
<ducasse> yeah, i've already got a cert i can use
<cpaelzer> hi lordievader
<ducasse> morning lordievader
<lordievader> Hey cpaelzer , ducasse
<lordievader> How are you doing?
<ducasse> but thanks for taking a look, cpaelzer
<cpaelzer> well I'm not done
<cpaelzer> give it a try, but on bionic the error is less obvious - as you say when you checked the log
<cpaelzer> it is the same issue, even though the error looks slightly different and is not yet auto-marks as crit by journal
<cpaelzer> error : virNetTLSContextCheckCertFile:120 : Cannot read CA certificate '/etc/pki/CA/cacert.pem': No such file or directory
<cpaelzer> ducasse: so yes, using a cert shoul help you
<Haugli92> Im having some problems with pptp-linux on 16.04. When using "poff", routes doesn't seems to reset correctly. Any idea how to fix this? I can always run "networking restart", but doesn't like it :P Route log: https://pastebin.com/eB4N3RV5
<cpaelzer> ducasse: the config is in debian/libvirt-daemon-system.libvirtd.default (in packaging) and shared with Debian - I'd not want to add Delta jsut for that as we share the issue
<cpaelzer> ducasse: if you report a bug about adding a hint in the conffile (which is fine) would you report to Debian as well - when you open an ubuntu bug state the Debian bug number so we can track it from LP
<cpaelzer> ducasse: or to make things more easy you can only open a Debian bug and let me know the number
<ducasse> i could add a debian bug, ask for a brief note to be added. it wouldn't take many words
<cpaelzer> ducasse: excactly
<ducasse> ok, i'll do that later today, i'll update you with bug number
<cpaelzer> thanks ducasse
<ducasse> np, thanks for the help
<cpaelzer> btw man libvirtd will list all the certs/keys involved
<cpaelzer> so that you know all the paths at once
<cpaelzer> ducasse: for a qucik not recommended way out you could always set listen_tls = 0  listen_tcp = 1  in /etc/libvirt/libvirtd.conf
<cpaelzer> that will make tcp listening "work" but well without security it isn't as nice :-)
<cpaelzer> just saying, in case someone reads this and just wants it to listen on the network without the need for certs
<ducasse> yeah, i think i'll use a cert (even though there's nothing to target on this system)
<patstoms> maybe someone is familiar with intel_pstate and would know why ubuntu server instalation could not use it by default for xenon E5 processor?
<jamespage> cpaelzer: I dug into the ovs build failure and can reproduce it against the bionic/stein UCA
<jamespage> the -I/usr/include/dpdk gets a trailing , so none of the dpdk related imports work
<cpaelzer> a trailing colon - hmm
<cpaelzer> why did that work for me
<cpaelzer> jamespage: can you log onto any of those builds and check what pkg-config returns
<cpaelzer> to see if it is in broken in the pkg-config of dpdk or somewhere else
<jamespage> cpaelzer: pkg-config return looks fine
<cpaelzer> hmm
<cpaelzer> ok
<jamespage> one sec - its just running tests...
<cpaelzer> jamespage: so what yould be the difference to my build that I linked a few days ago?
<cpaelzer> y->c
<jamespage> "-include rte_config.h -march=corei7 -I/usr/include/dpdk/../x86_64-linux-gnu/dpdk -I/usr/include/dpdk"
<cpaelzer> the march is a ugly beast, but I discussed it with many people there seems to be no way around - I don't see your colon thou
<jamespage> cpaelzer: I think if I tweak one of the patches like this - http://paste.ubuntu.com/p/QhNtDJWQqp/
<jamespage> it resolves the issue
<cpaelzer> jamespage: that seems to make no sense to me yet
<cpaelzer> that colon is a colon for the autoconf handling
<cpaelzer> and it seperates differnt actions
<cpaelzer> one is the assign of PDDK_INCLUDE and the second one is the assign of DPDK_LIB
<jamespage> cpaelzer: comma needs to be outside of [] ?
<cpaelzer> no
<jamespage> https://www.irccloud.com/pastebin/KSuoLJlt/
<cpaelzer> this is the definition PKG_CHECK_MODULES(prefix, list-of-modules, action-if-found, action-if-not-found)
<cpaelzer> and in our case we are reaching the path of action-if-found
<cpaelzer> which we set as
<cpaelzer> [DPDK_INCLUDE="$DPDK_CFLAGS", DPDK_LIB="$DPDK_LIBS"]
<cpaelzer> the colon inside of this separates multiple elements of that action
<cpaelzer> at least I thought so
<jamespage> that evaluates to
<jamespage> DPDK_INCLUDE="-I/usr/local/include/dpdk -I/usr/include/dpdk", DPDK_LIB="-ldpdk"
<jamespage> in the script
<cpaelzer> that is wrong, so much I agree
<cpaelzer> but it should be two separate actions
<cpaelzer> and btw - if you are in the path that you mentioned then you are wrong
<cpaelzer> because that is the "no pkg config found path"
<cpaelzer> you should be hitting the one above it
<cpaelzer> the one I listed 12 lines above here
<jamespage> yes but even that will append the ,
<jamespage> [DPDK_INCLUDE="$DPDK_CFLAGS", DPDK_LIB="$DPDK_LIBS"]
<cpaelzer> yes that one should be yours
<cpaelzer> https://stackoverflow.com/questions/12735432/how-to-pack-multiple-statements says newlines instead of commas
<cpaelzer> arr I'd like to find the right official definition to be sure
<jamespage> https://www.irccloud.com/pastebin/vyQ1pt9I/
<cpaelzer> well that matches what I had above
<jamespage> cpaelzer: re-confirmed - the patch as is generates
<jamespage>         DPDK_INCLUDE="$DPDK_CFLAGS", DPDK_LIB="$DPDK_LIBS"
<jamespage> and then the checks for features fail as we get the trailing comma
<cpaelzer> I mean the definition for "one" of those
<cpaelzer> yeah that would be wrong for sure then
<cpaelzer>  
<cpaelzer> maybe more reasbale with newlines
<cpaelzer> let me try
<jamespage> trying that now
<cpaelzer> jamespage: http://paste.ubuntu.com/p/52S6ftNZ2g/
<cpaelzer> would that work for you
<jamespage> it appears to be
<cpaelzer> I still don't get why it worked for me and the OVS travis Ci then
<cpaelzer> I have prepared a mail to the discussion of the patch upstream
<cpaelzer> jamespage: please give me a ping once you can confirm that this resolves your build
<cpaelzer> I'll hit send then
<cpaelzer> I should see the result of that in my build log right ...
<cpaelzer> jamespage: I mean on the disco build of the same I literally run traffic over OVS-dpdk ports so that must have been working
<jamespage> cpaelzer: its certainly odd
<cpaelzer> jamespage: here a gcc line of my 18.04 backport PPA
<cpaelzer> building OVS with dpdk enabled against 18.11
<cpaelzer> gcc -DHAVE_CONFIG_H -I. -I.. -I ../include -I ./include -I ../lib -I ./lib -Wdate-time -D_FORTIFY_SOURCE=2 -Wstrict-prototypes -Wall -Wextra -Wno-sign-compare -Wpointer-arith -Wformat -Wformat-security -Wswitch-enum -Wunused-parameter -Wbad-function-cast -Wcast-align -Wstrict-prototypes -Wold-style-definition -Wmissing-prototypes -Wmissing-field-initializers -fno-strict-aliasing -Wswitch-bool -Wlogical-not-parentheses -Wsizeof-array-
<cpaelzer> argument -Wbool-compare -Wshift-negative-value -Wduplicated-cond -Wshadow -mssse3 -include rte_config.h -march=corei7 -I/usr/include/dpdk/../x86_64-linux-gnu/dpdk -I/usr/include/dpdk -I/usr/include/libnl3, -D_FILE_OFFSET_BITS=64 -g -O2 "-fdebug-prefix-map=/<<PKGBUILDDIR>>=." -fstack-protector-strong -Wformat -Werror=format-security -MT lib/odp-util.lo -MD -MP -MF lib/.deps/odp-util.Tpo -c ../lib/odp-util.c -o lib/odp-util.o
<cpaelzer> could you check your build for the same line and post it
<cpaelzer> I'd be eager to see the difference
<cpaelzer> as there would be the colon that you assume is rendered into that string right?
<cpaelzer> well you might not get that far as your configure breaks already :-/
<cpaelzer> jamespage: ^^
<jamespage> cpaelzer: odd - you still have a trailing , - its just after libnl3?
<cpaelzer> hmm yeah - thanks for spotting
<cpaelzer> but it is not breaking it oO
<cpaelzer> jamespage: once your build is complete using the newlines please let me know how this line looks like then
<jamespage> cpaelzer: yep doing that now - testing bionic and disco
<jamespage> cpaelzer: https://launchpad.net/~james-page/+archive/ubuntu/stein LGTM
<cpaelzer> I must admit I don't understand it
<cpaelzer> but let me send the mail to ovs-dev
<cpaelzer> sent, you are on CC in cae there are specific questions about you encountering the issue at first
<jamespage> I think so
<jamespage> oh I am yes!"
<jamespage> doh,
<cpaelzer> is that the trailing comma
<cpaelzer> after doh
<jamespage> ð
<cpaelzer> jamespage: we have an ack and prior art on the newline suggestion
<cpaelzer> and bluca is really good at autoconf
<cpaelzer> I'll respin my patch for OVS-dev
<jamespage> great
<cpaelzer> jamespage: sent
<maeud> Hi, can anyone help me with an issue doing a UEFI install on a Hyper-V gen 2 VM?
<maeud> I've got a preseed working fine for Bionic, I'm trying to do one for Xenial
<maeud> The install completes and the machine shuts down
<maeud> but then I can't boot into it, unless I go to recovery, type exit and it puts me into it properly
<maeud> Preseed, images, explanation I've wrote up here: https://pastebin.com/raw/YbRD73j4
<leftyfb> why do you need/want UEFI in a VM?
<maeud> I don't need/want it, but with Gen 2 you get access to better devices
<maeud> It works for Bionic, just not Xenial
<maeud> not sure how to troubleshoot this any further
<maeud> also leftyfb, this is in test for rolling out to our users, that's the primary reason for running it in Hyper-V
<maeud> It will be going to bare metal when it works
<maeud> So I'd like to have UEFI/secure boot working for that
<boblamont> Hi, I've got a Linode VPS on which I'm running Ubunutu. I run a web server, but I handle mail on a separate shared hosting account. I have a wordpress plugin that I'd like to be able to send mail. I found this guide https://www.linode.com/docs/email/postfix/postfix-smtp-debian7/ is that the best way to set things up?
<blackflow> boblamont: you don't need a full MTA if all you want is to use an external one. take a look at dma (Dragonfly Mail Agent)
<blackflow> !info dma
<ubottu> dma (source: dma): lightweight mail transport agent. In component universe, is optional. Version 0.11-1build1 (bionic), package size 48 kB, installed size 148 kB
<tomreyn> there's also ssmtp, nullmailer and a couple others, i think
<blackflow> boblamont: also note that wordpress can probably be configured to use an external MTA directly via some smtp lib
<blackflow> ssmtp is imho abandonware at this point
<boblamont> thanks, I wondered if that was possible... I want to install and configure as little as possible since it's just to send emails out of a single plugin
<tomreyn> many php web apps can do smtp and smtp-auth, and hopefully also tls nowadays.
<blackflow> personally I always prefer a locally available mail transport so it can also send mail for cron etc, or locally deliver mail to root (eg. some problem reports). but if you don't need/want that, then definitely use a smtp lib based WP plugin to talk to the external MTA directly
<coreycb> jamespage: well i think we're mostly narrowed down to neutron-ish backport failures for the stein cloud archive. i'll handle the vitrageclient one
<coreycb> mostly just waiting on os-key i think for neutron
<boblamont> that was easy, a plugin, a wizard and a successfully received test email, thanks for pointing me in the right direction!
<tobias-urdin> coreycb: hello o/ are you around?
<tobias-urdin> i took some time to struggle trough ubuntu 18.04 + py3 + stein in puppet openstack just one thing left
<tobias-urdin> http://paste.openstack.org/show/744673/
<tobias-urdin> python3-websockify is not installed for nova-novncproxy
<coreycb> tobias-urdin: we've historically had issues with getting websockify into main due to security concerns so we can't add it to nova Depends. we should have it in nova Suggests though and that is a bug.
<coreycb> tobias-urdin: oh maybe we're good to go now. bug 1108935. jamespage do you agree we can add websockify to nova Depends now?
<ubottu> bug 1108935 in spice-html5 (Ubuntu) "[MIR] websockify, spice-html5" [High,Confirmed] https://launchpad.net/bugs/1108935
<jamespage> coreycb: +1
<jamespage> coreycb: tbh that should have been on the depends anyway, but just unseeded at the nova-novncproxy level
<coreycb> jamespage: ok cool. i'll add it.
<coreycb> tobias-urdin: i'm adding that dependency and you'll see it soon. thanks as always for the feedback. :)
<gislaved> Hi guys, my routes are not added using netplan... any idea ?
<gislaved> lotuspsychje ok :P
<lordcirth__> gislaved, can you pastebin your netplan config?
<gislaved> lordcirth__ not really as I'm on KVM but I use the netplan examples
<teward> without seeing your config it's hard to give guidance
<lordcirth__> gislaved, cat /etc/netplan/* | nc termbin.com 9999
<lordcirth__> The link should be short enough to retype
<gislaved> I know but it's more like when I get the same info from DHCP and set it staticly should that work ? it's a VPS and it doesn't surprise me as they don't allow static IP set
<gislaved> lordcirth__ how would that be possible when I don't have a route ;)
<teward> gislaved: i'd use DHCP at least to get a route in the interim
<teward> then share the configs you're using.  It's possible the routes you think are being added *aren't*
<teward> DHCP does some weird things like that :P
<gislaved> yes it does as it's a /32 ip and the GW is a /24 lower :S
<gislaved> on dhcp
<teward> gislaved: then your netmask needs to be /24
<teward> not /32
<tobias-urdin> coreycb: thanks :)
<teward> for your setup.  it won't allocate the entire range but it DOES state how to actually hand things around
<teward> A /32 IP cant reach anything outside it, the netmask is actually /24 typically
<gislaved> tewaroh man that I ddin't try that
<teward> or /26 or /18 or {INSERT CIDR RANGE HERE} depending on how they split things around
<gislaved> no but why does DHCP the /32 ?
<teward> gislaved: i had the same headaches at times setting IPv6 up on a VPS, where the GW was in the /48 above a /64
<gislaved> as it's single assigned ?
<teward> gislaved: no idea, but if you're static-ing it use /24
<gislaved> teward ok I feel less stipud :P
<teward> gislaved: To be fair
<gislaved> stupid, I hate these VPS providers
<teward> I don't know
<teward> but the consideration point is this:
<gislaved> tell me
<teward> I have a VPS assigned 1.2.3.4.  The gateway is 1.2.3.0.  The subnet for the IP address on the *server* may be a /32 single assigned IP address, but the gateway sits in the /24 subnet, so you have to adjust the subnet to be a /24 on the IP itself
<teward> this is just how 'subnetting' works
<gislaved> now it still doesn't apply my nameservers, I need to find out why
<gislaved> yap
<teward> gislaved: you should probably focus on *getting the thing back on the net* first :P
<gislaved> it's on the net
<gislaved> oh no not yet
<gislaved> sorry my misstake :)  I turned on dhcp but on a /24 my route is there
<teward> well again as i said i'd need to see the configs
<teward> even if you just take a picture of what you see on your screen
<teward> and upload that picture to an image hosting site :P
<teward> the problem is without *seeing* your configs it's impossible to know what's going on
<teward> and I'm sure lordcirth__ and others will say the same :p
<gislaved> I need to know the subnet of the vps
<gislaved> and gw
<gislaved> gw is what I know but still
<teward> you can probably get the subnet from `ip -4 addr list` after DHCP
<teward> but i'd probably reboot the VPS to make it 'refresh' its network configs cleanly
<teward> so we don't have any cruft lying around in there
<teward> and stop trying to apply your stuff temporarily
<teward> start with "working" then we'll get details.
<gislaved> nah /32 for dhcp
<teward> i can still figure out the stuff from once it's working, because I know things
<teward> I KNOW THINGS!
<teward> but still
<teward> COFFEE TIME, back in a bit
<teward> rbasak: may I add to the trello board adding the 3rd party plugin to the nginx stuff?  As a to-do item for me because GeoIP is now paid-only
<teward> (because of MaxMind)
<teward> rbasak: it's got some funky chaos in there for building modules that I have to debug first, so I need a reminder item :P
<tobias-urdin> coreycb: do you know if swift packages is py3 yet? seems like it's running with py2.7
<teward> (did it anyways rbasak xD)
 * genii 's ears perk up momentarily at the mention of coffee
<coreycb> tobias-urdin: it's py2. upstream is py2 only so far.
<coreycb> unfortunately
<tobias-urdin> coreycb: ImportError: No module named keystonemiddleware.auth_token
<tobias-urdin> maybe it doesn't depend on the keystonemiddleware py2 pkg
<rbasak> teward: sure, no problem
<teward> rbasak: cool.  just as an FYI, if Upstream doesn't move quickly to geoip2 it may end up with a MIR because of GeoIP being pretty important :P
<teward> though come that time we'll have to visit whether we want to adjust -core to actually include the module
<teward> because as I said, GeoIP is a pretty useful function in the core modules :|
<teward> but that's down the road yet :P
<tobias-urdin> coreycb: another question, nova packages has never depended explicitly on python-rbd/python-rados/python-ceph right?
<smoser> mwhudson: just fwi, i am really greatful for 'go' snap.
<teward> rbasak: saw your response to the backports proposal, i'll review when I get a minute :P
<teward> probably poke Laney too since Laney made a bunch of the suggestions there :
<teward> P
<teward> bleh stupid keyboard again
<rbasak> teward: need SRU information in bug 1808882 prior to the upload of the SRU debdiffs please.
<ubottu> bug 1808882 in chkrootkit (Ubuntu Disco) "false positive on tcpd" [Low,Triaged] https://launchpad.net/bugs/1808882
<teward> rbasak: 1 moment
<rbasak> The Disco upload looks good to go
<teward> ERR:SLOW
<teward> maybe IS should prod the wiki server to speed it up :|
<teward> rbasak: added though I'm bouncing around between 10 tasks
<teward> so let me know if i missed anything
<coreycb> tobias-urdin: interesting question re: ceph deps. i don't think they ever have had explict deps on them. we generally only depend on what's in (test-)requirements.txt
<rbasak> Sure, thanks.
<teward> we had a major AD outage that fubar'd all email on the work network so I'm helping to pick up the pieces and make things work again so :|
<teward> (hence 10 tasks)
<coreycb> tobias-urdin: did you hit the swift keystonemiddleware error on install?
<maeud> Hi, can anyone help me with an issue doing a UEFI install on a Hyper-V gen 2 VM? I've got a preseed working fine for Bionic, I'm trying to do one for Xenial. The install completes and the machine shuts down but then I can't boot into it, unless I go to recovery, type exit and it puts me into it properly
<maeud> Preseed, images, explanation I've wrote up here: https://pastebin.com/raw/YbRD73j4
<maeud> I've tried the HWE and GA kernel
<tobias-urdin> coreycb: swift-proxy does not start because python-keystonemiddleware is not installed, i assume it has worked before because some other package has always installed keystonemiddleware py2
<tobias-urdin> but now only swift is py2 i think swift itself should depend on that
<coreycb> tobias-urdin: probably so, have a traceback by any chance? it might be that another pkg needs it b/c i'm not seeing an import other than in tests for swift.
<coreycb> tobias-urdin: maybe keystone... this is tricky
<tobias-urdin> coreycb: http://logs.openstack.org/13/635513/1/check/puppet-openstack-integration-5-scenario002-tempest-ubuntu-bionic/2a97889/logs/swift/proxy.txt.gz
<tobias-urdin> swift can be used without keystone, but with keystone middleware loaded by paste it will fail
<coreycb> tobias-urdin: thanks. i'll dig in more later but for now we have bug 1815093.
<ubottu> bug 1815093 in swift (Ubuntu) "swift-proxy fails to start on stein - missing python-keystonemiddleware" [Undecided,New] https://launchpad.net/bugs/1815093
<rbasak> teward: mind if I change your bionic SRU version string to 0.52-1ubuntu0.1? 0.52-1ubuntu1 won't cause a technical problem but I prefer making it obvious it's an SRU by using the security team's scheme (which I think we should make more official for SRUs anyway)
<rbasak> teward: https://launchpadlibrarian.net/408977730/lp1808882-cosmic.debdiff has a spurious duplicate patch I think?
<teward> rbasak: wrt string: go ahead
<teward> rbasak: yep looks like quilt exploded.  i can fix that in a bit.
<teward> that's not a hard fix :P
<teward> rbasak: cosmic/disco had additional patches past 23 which is why it fubar'd did Disco have the same issue?
<teward> rbasak: https://launchpadlibrarian.net/410209868/lp1808882-cosmic.debdiff  <-- this should be much cleaner
<teward> for Cosmic
<rbasak> OK thanks!
<teward> rbasak: and regarding version strings, if it's off minorly like that then sure go ahead
<teward> sometimes reading through the sec team's version schemes is tricky :P
<teward> rbasak: actually
<teward> rbasak: if this document is wrong, then you need Security to update it
<teward> https://wiki.ubuntu.com/SecurityTeam/UpdatePreparation#Update_the_packaging shows:
<teward> ''Previous version''          ''Security update''
<teward> 2.0-2                         2.0-2ubuntu0.1
<teward> oops multiline paste :|
<teward> but that's why 0.1 was used
<teward> rbasak: if *this* is in difference with the sec team version policy then the policy needs updated
<teward> cc sarnold ^ because sec team
<rbasak> I think that document is correct.
<rbasak> Previous version was 0.52-1 in one release only.
<rbasak> So what would you use?
<teward> oh WOW i'm blind
<teward> rbasak: E:NOCOFFEE
<teward> rbasak: on my side it's 0.1 that patch as 1
<rbasak> No worries :)
<teward> so maybe I uploaded the patch, fixed it, then forgot to reupload :|
<teward> *derps*
<teward> ten bucks says dch did it the first time >.>
<teward> rbasak: i also misread what yo uwere saying, my bad.
<teward> that's the OTHER problem that lack of sleep causes >.>
<teward> rbasak: my apologies for not paying attention enough :|
<teward> thankfully i have a day off tomorrow so :P
<teward> rbasak: thanks for catching the version string issue as well, that's actually the most MINOR of the issues heh
<teward> rbasak: thanks for sponsoring :)
<teward> stupid IRC client >..
<teward> rbasak: did SRU get subscribed to that bug?
<teward> or do we need to add them
<rbasak> teward: no subscription needed. They'll pick it up from the queue.
<teward> ack
<mwhudson> smoser: np, i keep meaning to have another run at getting go upstream to maintain it
<mwhudson> (why do they keep doing releases on fridays dammit)
<teward> rbasak: looks like it's landed now for Disco, thanks :)
<gislaved> teward it's an ubuntu issue I have
<sarnold> do I need to worry about this? "device-mapper: reload ioctl on osprober-linux-sdb1  failed: Device or resource busy" -- I got a bunch of them while updating: http://paste.ubuntu.com/p/hS7YTdkRZk/
<ahasenack> no idea
<sdeziel> "Found Ubuntu 11.04 (11.04) on /dev/sdn3" sweet :)
<sdeziel> os-prober is the 2nd package I purge on a machine, the first being nano ;)
<sarnold> sdeziel: oh yeah?? I friggen hate those messages in my dmesg..
<sarnold> sdeziel: please promise me it's okay to purge? :)
<sdeziel> sarnold: IIRC, it probes every block devices looking for bootable OS/bootloaders, not something I need nor want
<sarnold> that 11.04 image.. I popped the drive in to try to find a lost file on an old source control snapshot (it wasn't there) ... and left it in hoping that it would encourage me to actually copy off the data that I want :D
<sdeziel> sarnold: I especially don't like when my hypervisor tries to probe the disks assigned to my (running!) VMs
<sarnold> sdeziel: and new grub packages, new linux-image packages, those install and work fine afterwards?
<sdeziel> sarnold: oh yeah
<sarnold> sdeziel: thanks! purging.. :)
<lordcirth_> If you aren't dual-booting, you don't need os-prober
<sdeziel> for sarnold, it's probably more octo-booting though ;)
<sarnold> I don't even like single-booting
<lordcirth_> I think my record was 7
<sarnold> I want to pretend my machine is always running
<sarnold> back when I did dual-boot, I did it by yanking one drive and inserting another. to make sure nothing got bright ideas about scribbling over the other os
<sdeziel> kexec'ing another OS must be fun
<sarnold> sdeziel: WAY FASTER reboots
<trippeh> kexec is the bestest.
<trippeh> rebooting 2 socket servers with like 4-5 seconds of downtime.
<sarnold> exactly, no more five minutes for who knows what it's doing :)
<lordcirth_> Although, actually spinning down hard drives occasionally is a good idea - you don't want to find out they don't spin up all at the same time.
<lordcirth_> Assuming you actually have spinning disks.
<sarnold> indeed this machine's got a bunch of em
#ubuntu-server 2019-02-08
<tanja84dk> I have a small issue I'm trying to manually add a ca cert to a linux server I manage for someone else ( he runs every connection over internal proxy ) but for some reason update-ca-certificates does not pick up the cert I have added
<tanja84dk> how come does it not pickup the newly added cert when I update the cert database? I did put it in /usr/share/ca-certificates/extra/
<dirtycajun> has anyone gotten arm64 working on the RPi 3 B+ ? Ive been fighting this for about 2 hours to no avail
<lotuspsychje> !arm | dirtycajun can this help?
<ubottu> dirtycajun can this help?: ARM is a specific (RISC) processor architecture used in a variety of applications such as handhelds and networkdevices. For more information see https://wiki.ubuntu.com/ARM . For ARM specific support, stop by the #ubuntu-arm channel.
<dirtycajun> ah. have to go to another channel. roger
<dirtycajun> actually that channel is for v6/v7
<lotuspsychje> what does that mean dirtycajun
<lotuspsychje> maybe if you explain your issue, volunteers can try to think along?
<dirtycajun> https://wiki.ubuntu.com/ARM/RaspberryPi#Ubuntu_arm64.2FAArch64
<dirtycajun> i followed the wiki arm64 documentation to a T
<dirtycajun> but it will not even load the bootloader
<dirtycajun> with armhf (v7) it boots just fine
<gislaved> please don't tell me netplan is buggyu as hell ?
<gislaved> *buggy
<lordievader> Good morning
<ducasse> cpaelzer: i didn't get around to filing the debian libvirtd bug until this morning, it's number 921713
<cpaelzer> ducasse: thanks and ... subscribed
<ahasenack> hi, anyone here familiar with systemd's .path files? To start units if certain path related conditions are met?
<ahasenack> I'm trying to prevent the zpool import service from running until I have unlocked the luks-encrypted drives, it's a mirror pool
<ahasenack> so I created /etc/systemd/system/paths.target.wants/zfs-import-cache.path
<ahasenack> with: https://pastebin.ubuntu.com/p/Q9mckDqbVy/
<ahasenack> but it seems to start as soon as one path exists, and I need both to be there (it's a mirror)
<ahasenack> in other words, is that conditional an OR or an AND? The manpage isn't clear
<ahasenack> actually, the file is /etc/systemd/system/zfs-import-cache.path
<ahasenack> it's for the zfs-import-cache service
<ahasenack> maybe I need to specify the two paths under one directive
 * ahasenack tries that
<ahasenack> hm, no, doesn't seem to work at all
<ahasenack> rbasak: when you have a moment, I'd like to talk about https://code.launchpad.net/~orion-cora/ubuntu/+source/sssd/+git/sssd/+merge/362837
<rbasak> ahasenack: o/
<ahasenack> rbasak: his patch is good, but I want to add dep8 tests on top
<ahasenack> rbasak: my options?
<ahasenack> rbasak: a) I add it, add myself to d/changelog, upload that
<ahasenack> rbasak: b) I ask him to do it, upload that
<ahasenack> or something else
<ahasenack> in the case of (a), what happens to the mp?
<rbasak> You asked him already, right?
<ahasenack> I did last night
<ahasenack> but I also have (a) ready
<rbasak> If you add to his commits and then upload tag the result, the MP should automatically get marked as merged I believe.
<rbasak> I would make the " -- Orion..." tagline use your name unless he signs off on it.
<ahasenack> and in the case of (a), d/changelog would have to list myself instead of him in the authorship line, right? I would just keep his name in []
<rbasak> But he'd still get credit with the "[Orion..." section.
<ahasenack> right
<rbasak> You don't have to do it - nothing will stop you doing otherwise.
<rbasak> But it feels to me that the bottom tagline is a sign-off on the whole upload.
<ahasenack> so if (a), use my name in the tagline, his name in []
<rbasak> Yes
<ahasenack> if (b), I'm just in []
<rbasak> Right
<rbasak> And in (a), you'd also have a [] section to yourself too of course.
<ahasenack> and we are not sure about what happens to the MP in the case of (a)
<rbasak> I'm pretty sure that the MP will automatically be marked as merged.
<rbasak> 90%
<ahasenack> but d/changelog would not match
<ahasenack> since I would be changing the tagline
<rbasak> It's not required to match.
<rbasak> git-ubuntu only cares that the upload tag commit tree matches the dput exactly.
<rbasak> If so, the upload tag will end up as part of ubuntu/xenial-devel's history.
<ahasenack> ok
<ahasenack> it will, but his mp has something that won't be merged
<ahasenack> and that's the d/changelog as he wrote it
<rbasak> Launchpad machinery does the MP automatic mark as merge. To work that out, Launchpad only cares that the proposed branch of an MP has become an ancestor of the target branch, which it will be.
<ahasenack> ah, ancestor
<ahasenack> gotcha
<rbasak> You'll have added a commit to the end of his branch changing d/changelogl
<ahasenack> my branch will have his as part of my history
<ahasenack> right
<rbasak> So long as you don't rebase his branch, and only build on it, it should be fine.
<rbasak> Right
<ahasenack> very cool
<ahasenack> ok, thanks
<ahasenack> I might as well do (a) then, I don't want to lose this fix again
<rbasak> The only bit of this I'm not totally sure about is Launchpad's machinery.
<ahasenack> but I was worried about the perception to him, if he would see his branch being rejected or sometihng
<kstenerud90> I'm getting a strange error from autopkgtest-build-lxd:
<rbasak> I assume it cares only about the ancestor.
<rbasak> But if not, just mark the MP as Merged manually :)
<ahasenack> sure
<kstenerud90> $ autopkgtest-build-lxd ubuntu-daily:disco/amd64
<kstenerud90> Detected local apt proxy, using http://10.105.237.1:3142 as container proxy
<kstenerud90> Creating autopkgtest-prepare-oLv
<kstenerud90> Starting autopkgtest-prepare-oLv
<kstenerud90> Timed out waiting for container to boot
<ahasenack> kstenerud: it's possible it cannot reach the proxy
<ahasenack> between Starting and Timed out, you have some time, you can lxc exec into it and poke around
<kstenerud> ahasenack: I'm not sure why it's even trying to use a proxy, let alone a proxy on address .1
<ahasenack> kstenerud: do you have apt-proxy installed, something like that? env vars set?
<ahasenack> might also be set in /etc/apt/apt.conf.d/*
<kstenerud> No apt-proxy. Not sure hat env vars to look for
<ahasenack> env|grep -i proxy
<ahasenack> and grep -i proxy -r /etc/apt
<ahasenack> lxd might also have a proxy configured, that's via lxc config ....something I don't remember.....
<kstenerud> gmm
<kstenerud>  /etc/apt/apt.conf.d/01acng:Acquire::http::Proxy "http://127.0.0.1:3142";
<kstenerud> What would have caused that?
<ahasenack> apt install apt-cache or what is its name
<ahasenack> although "01acng" is a funny name
<kstenerud> weird... it's apt-cacher-ng. I've uninstalled it
<ahasenack> purged?
<ahasenack> although "remove" should have disabled that I believe, since the service is removed
<kstenerud> I don't even remember installing it to begin with... weird
<ahasenack> you were asking about it the other day
<kstenerud> yeah, I messed with installing it in an lxd container
<kstenerud> maybe I mistyped and installed it in my host...
<ahasenack> maybe you confused prompts and did in on your host too
<ahasenack> yeah
<kstenerud> wow... even apt purge doesn't get rid of the file
<kstenerud> OK, cache gone, but autopkgtest still times out. According to the logs, nothing's happening
<kstenerud> hmm
<kstenerud> Feb  8 12:20:27 autopkgtest-prepare-xwc snapd[505]: handlers.go:394: Reported install problem for "lxd" as eaf84f2a-2b9b-11e9-9d86-fa163e102db1 OOPSID
<kstenerud> Same error I saw when disco tries to update snapd
<kstenerud> Might be related to https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1815173
<ubottu> Launchpad bug 1815173 in snapd (Ubuntu) "snapd package upgrade hangs in disco container" [Undecided,New]
<ahasenack> kstenerud: login and poke around
<ahasenack> kstenerud: and/or list processes from the host, you should see the container processes
<ahasenack> and it could still be a network/proxy issue, you can check with netstat if there are SYN_SENT connections for example, or what it is trying to reach
<kstenerud> autopkgtest-build-lxd ubuntu-daily:cosmic/amd64 works fine; disco hangs and dies
<ahasenack> rbasak: git question, any idea why that zz* file is showing up in "git add -i untracked", but not in git status? I also tried "git status --ignored": https://pastebin.ubuntu.com/p/HxW8Z7VWkZ/
<rbasak> ahasenack: it skips entire untracked directories I think.
<rbasak> ahasenack: try "git status -u --ignored" maybe?
<ahasenack> rbasak: ah, then it shows up
<ahasenack> $ git status -u --ignored|grep zz
<ahasenack> 	debian/initramfs-tools/share/hooks/zz-dhclient
 * ahasenack should add a "git realstatus" alias
<ahasenack> rbasak: git workflow logical step question
<ahasenack> rbasak: we have a delta which is adding an apparmor profile
<ahasenack> rbasak: at some point later, that apparmor needed a fix, and that has a bug number
<ahasenack> rbasak: so now the delta looks like a) add apparmor profile; b) fix apparmor profile (#XXXXXX)
<ahasenack> rbasak: I would squash those two together and leave just "add apparmor profile"
<ahasenack> rbasak: but then I would lose the bug number from the changelog entry, is that relevant?
<ahasenack> rbasak: I think not, because it will be mentioned in older changelog entries
<rbasak> ahasenack: I agree. You can drop the bug reference and rely on older changelog entries.
<ahasenack> ok
<ahasenack> hi, does anybody know what's wrong with https://pastebin.ubuntu.com/p/Q9mckDqbVy/ ? I need a logical "AND" between those two path conditions, but what I'm seeing is that as soon as one of those two paths becomes available, the corresponding unit is started
<sdeziel> ahasenack: have you tried ConditionPathExists instead?
<ahasenack> sdeziel: that is for service units, not path "units"
<ahasenack> but yes, I tried that for the actual service unit
<ahasenack> it won't start then, but I would like it to automatically start then those paths become available
<ahasenack> if I use ConditionPathExists in the foo.service file, I have to, after unlocking the disks, issue a restart for foo.service
<ahasenack> with .path, this happens automatically
<sdeziel> ahasenack: I'd see what #systemd folks have to suggest
<sdeziel> ahasenack: but if I understood your requirements properly, in the .path I'd use both PathExists but would add the 2 corresponding ConditionPathExists clauses in the .service
<sdeziel> ahasenack: this would kick the .service as soon as one of the PathExists is matched but then the ConditionPathExists that are logically AND'ed in the .service would do what you want, I think
<lordcirth_> sdeziel, that would cause the service unit to start when 1 is up, then stop because both aren't up
<sdeziel> lordcirth_: I was hoping it wouldn't start due to the other ConditionPathExists not being met
<lordcirth_> ahasenack, What about making a 2 .path units, then making the service dependent on both?
<lordcirth_> sdeziel, docs say that if ConditionPathExists is false, it will count it as started but do nothing
<ahasenack> sdeziel: the service is being kicked just fine
<ahasenack> but too soon. Just one path of those 2 needs to exist
<lordcirth_> ahasenack, I think .service depending on 2 .paths is the correct answer
<sdeziel> ahasenack: could you share the .service too?
<ahasenack> sure, it's a standard ubuntu one
<ahasenack> https://pastebin.ubuntu.com/p/jZSHB8rPPG/
<ahasenack> and the corresponding .path one: https://pastebin.ubuntu.com/p/5k2gXgxx2w/
<ahasenack> I have disabled zfs-import-cache.service
<ahasenack> I even get a warning when I do that, saying that the corresponding .path service might still start it
<ahasenack> the manpage allows for multiple conditions, but fails to explain how they are considered
<ahasenack> "obvious", someone must have thought :)
<lordcirth_> ahasenack, alternatively, have you considered getting ZFS 0.8 and using ZFS's built-in encryption?
<lordcirth_> It's at rc3 status
<ahasenack> my other laptop is using that
<ahasenack> but this is for a home server nas-like, that I want to be able to reboot unattended and later login and unlock the disks, remotely
<ahasenack> so far this other laptop is doing fine with 0.8
<ahasenack> and nice initramfs integration, with just a small bug or two
<lordcirth_> ahasenack, you can configure 0.8 to import the pool, do scrubs, etc on boot and then give it the key later
<sdeziel> ahasenack: I just tested what I proposed and it worked
<ahasenack> sdeziel: two .path services or what?
<sdeziel> ahasenack: one .path (2 PathExists) and one .service (2 ConditionPathExists)
<ahasenack> lordcirth_: yeah, that could perhaps work. Not on that laptop which has zfs on /, but on the nas, maybe. But I think I cannot zfs send anymore then, unless all my pools are 0.8
<ahasenack> sdeziel: and if you remove the ConditionPathExists from the service, it stops working?
<lordcirth_> yeah, you would need 0.8 to receive an encrypted pool
<ahasenack> because then it should be like what I have. If it still works for you, then I have something else wrong
<ahasenack> lordcirth_: 0.8 is the common destination, 0.7 would be the sending side. I remember testing this, but I can't remember in which direction
<ahasenack> I think it was 0.7 to 0.8 and it failed, but I would have to retest to be sure
<lordcirth_> that should work, but test
<sdeziel> ahasenack: the 2 ConditionPathExists are need as it's where the logical AND is applied
<lordcirth_> sdeziel, but ConditionPathExists doesn't do the right thing. He needs it to wait until both are true, then run the service. ConditionPathExists skips starting the service.
<lordcirth_> ahasenack, btw, how did you install 0.8? Is there a .deb?
<sdeziel> lordcirth_: ahasenack: my test stuff: https://paste.ubuntu.com/p/WCHtN2TxR8/ when I touch /tmp/foo-a, nothing happens with foo.service
<sdeziel> foo.service only get started when I then touch /tmp/foo-b
<sdeziel> after touching only foo-a, I get this: https://paste.ubuntu.com/p/P4vMsp8Yfv/
<lordcirth_> So it starts then fails, yes
<lordcirth_> sdeziel, and does it get automatically started again when you touch /tmp/foo-b?
<sdeziel> lordcirth_: It never started until both conditions were met
<sdeziel> I read "start condition failed" as "not starting due to unmet conditions"
<lordcirth_> I see
<sdeziel> the journal extract is from an older run which can cause some confusion
<lordcirth_> The docs aren't very clear, then
<ahasenack> brb, in a call
<ahasenack> lordcirth_: from the make deb or sometihng target from upstream 0.8
<lordcirth_> ahasenack, so you built a .deb?
<ahasenack> yes
<ahasenack> a bunch
<ahasenack> one of which is a dkms
<ahasenack> I should probably update the git branch and build new ones
<ahasenack> something for the weekend
<ahasenack> sdeziel: it still sounds like the .path file should be enough to trigger the start of the service, and that ConditionPathExists is just a safeguard
<ahasenack> a safeguard that shouldn't be needed
<lordcirth_> 0.8 is on rc3. Hopefully there will be a stable release soon.
<ahasenack> I have rc2
<ahasenack> 0.8.0-rc2_42_g06f3fc2a4
<ahasenack> they are saying it's an OR :(
<sdeziel> ahasenack: both PathExists from the .path do trigger the start of the service. The 2 ConditionPathExists are merely there to have the AND logic
<sdeziel> ahasenack: the PathExists are documented to behave as OR conditions
<sdeziel> ahasenack: so I don't agree on the "safeguard" word, I'd call this glue logic to have the 2 conditions AND'ed
<ahasenack> I'll give it a try, now that it is established that the [Path] conditions are OR'ed
<TheHonorableKitt> Ok people's of the great majestic. I need ya help. Getting errors when I try to do apt-get update. Check it, please tell me what I have to do to fix these prollems without uninstalling software. https://pastebin.com/7eg2TUhy
<sdeziel> TheHonorableKitt: wait a little (both for the mirror sync to complete and for your question to be answered...)
<THKitten> wot?
<THKitten> I've tried to do this update twice now, once three days ago, failed, and again today, failed. figured it was time to speak up
<Poster> It looks like you're missing the public key for yarnpkg, please follow the instructions noted here with curl and apt-key add: https://github.com/WhitewaterFoundry/WLinux/issues/289
<sdeziel> THKitten: hmm, I though you left but you renamed
<THKitten> heh
<THKitten> yeah I don't like the long name
<sdeziel> and yes, either remove the yarnpkg repo or import the gpg key proper
<THKitten> ok, ran the command mentioned in that link. tried again, still get errors: https://pastebin.com/p126MfuU
<sdeziel> one less error
<sdeziel> so linode mirrors are still sync'ing it seems but you have more problems with apt.typesafe.com
<THKitten> yeah I dunno how to fix that one, I tried fixing it before but could never figure it out
<Poster> Not finding their key listed, did you install the linked package? http://apt.typesafe.com/
<lordcirth_> The package which contains the keys and is served without TLS... whyyy
<THKitten> yeah I couldn't figure it out :(
<lordcirth_> THKitten, did installing that package not fix it?
<THKitten> one sec, I have to remember how to install debs.
<THKitten> nope
<THKitten> how do I find out what app is even using typesafe? I might not need it...
<sarnold> remove it and see what breaks? :)
<THKitten> lulz
<lordcirth_> THKitten, https://www.ostechnix.com/list-installed-packages-certain-repository-linux/
#ubuntu-server 2019-02-10
<runelind_q> bleh, looks like I can't mount a FreeBSD zfs pool on 18.04 - messing delphi spacemap or somesuch feature.
<runelind_q> at least not in RW mode
<law> hey all, is Cobbler available in Bionic?  I'm finding packages for Xenial, but I'll be darned if I can find them for Bionic
<lotuspsychje> !info cobbler bionic
<ubottu> Package cobbler does not exist in bionic
<lotuspsychje> seems like not law
<law> well shucks
<law> I found it here - https://launchpad.net/ubuntu/bionic/amd64/cobbler/2.6.6+dfsg1-13
<law> but it doesn't say if it's in main, universe, or multiverse
<lotuspsychje> hmm weird
<lotuspsychje> talk to the #ubuntu-release guys law they might know more
<law> will do.  many thanks!
<OerHeks> https://launchpad.net/ubuntu/bionic/amd64/cobbler
<OerHeks> Deleted on 2018-02-26 by Steve Langasek (From Debian) ROM; no time for this package, nobody adopting, RC buggy; Debian bug #889099
<ubottu> Debian bug 889099 in ftp.debian.org "RM: cobbler -- ROM; no time for this package, nobody adopting, RC buggy" [Normal,Open] http://bugs.debian.org/889099
<OerHeks> obsolete
<OerHeks> so build it from github https://cobbler.github.io/
<OerHeks> hmmm 2017 https://github.com/cobbler/cobbler/releases/tag/v2.8.2
<OerHeks> oops
<OerHeks> https://github.com/cobbler/cobbler/releases/tag/v2.8.4
<law> yup, going through that whole process now
<cryptodan_mobile> I'd like to say that ubuntu server 18.04 runs nice on hp ml350p
<siavoshkc> Hi. In apache2 config. I need to put my python venv path for python-home parameter. In my venv there are a few directories like bin and lib. The pth should be to its root or some other directory inner?
<blackflow> siavoshkc: the venv root
<siavoshkc> blackflow: I thought maybe it should be site-packages
<blackflow> nope. https://modwsgi.readthedocs.io/en/develop/user-guides/virtual-environments.html
<blackflow> siavoshkc: and for more info to understand how PYTHONHOME env works (to which mod_wsgi's python-home translates), see this: https://docs.python.org/3/using/cmdline.html#envvar-PYTHONHOME
<siavoshkc> alright. thanks
<siavoshkc> authorized_submit_users = !root, static:all
<siavoshkc> I saw that^ in postfix config. Is it normal to block root here?
<siavoshkc> It seems to be causing fatal errors in journalctl
<blackflow> it's not
<blackflow> in fact, if anyone could/should sendmail, it's root.
<siavoshkc> blackflow: now it can
<siavoshkc> https://termbin.com/pnbv https://termbin.com/2r0d
<siavoshkc> Although I changed the config of apache2 to use a venv it seems it is still using the global python env^
<talx> hey
<talx> do you get anaconda.cfg
<talx> after installing ubuntu ?
<zzlatev> Hi guys
<zzlatev> I have a problem with one package
<zzlatev> I try to install tvheadend from official repo
<zzlatev> but I get this error:
<zzlatev> unable to fetch some archives maybe run apt-get update or try with fix-missing
<lotuspsychje> zzlatev: can you pasetbin your issues please, volunteers can think along better
<lotuspsychje> *pastebin
<zzlatev> lotuspsychje: I paste my issue
<zzlatev>  unable to fetch some archives maybe run apt-get update or try with fix-missing
<lotuspsychje> !pastebinit
<ubottu> pastebinit is the command-line equivalent of !pastebin - Command output, or other text can be redirected to pastebinit, which then reports an URL containing the output - To use pastebinit, install the Â« pastebinit Â» package from a package manager - Simple usage: command | pastebinit
<zzlatev> apt-get install tvheadend | pastebinit ?
<zzlatev> lotuspsychje:
<lotuspsychje> yes
<lotuspsychje> sudo
<zzlatev> lotuspsychje: http://paste.ubuntu.com/p/qFcypZQc8B/
<lotuspsychje> !info tvheadend trusty
<ubottu> Package tvheadend does not exist in trusty
<zzlatev> so I can't install tvh on 14
<lotuspsychje> zzlatev: does apt-cache search tvheadend show anything usefull?
<OerHeks> zzlatev, you seem to have updates held back, run apt full-upgrade ?
<OerHeks> always start with an updated system, when installing something
<lotuspsychje> +1
<zzlatev> what do you mean start with an update-system
<zzlatev> I should update the system when I try to install any package?
<Deihmos> What is the recommended backup software?
<OerHeks> zzlatev, normally one would do that, yes, *before* installing something
<Deihmos> Is there anything similar to acronis on windows
<zzlatev> OerHeks: OK
<OerHeks> Deihmos, backup as in cloning the system? or just data?
<Deihmos> Cloning in case I want to do a full restore
<OerHeks> live server iso, and DD the partitions to an empty drive is one solution
<siavoshkc> supervisor.service: Failed at step EXEC spawning /usr/bin/supervisord: No such file or directory
<lotuspsychje> rsync & clonezilla are also liked by many
<siavoshkc> But I am seeing the file there
<blackflow> siavoshkc: why would you even want to run supervisord under the supervising systemd to begin with? :)
<siavoshkc> blackflow: I am not sure what you mean. But I think you mean it is systemd's job to supervise and it will do that better than supervisord. So why on earth I am try to run it as a daemon by systemd
<blackflow> siavoshkc: yes, that's what I mean :)
<siavoshkc> You see I didn't config this server. Somebody else did and now I am trying to fix errors reported by sudo journalctl -xe
<blackflow> siavoshkc: what errors, "No such file" that you mentioned before?
<siavoshkc> Yes, that is one of the errors. Another one was that the root didnt have postfix access right
<blackflow> siavoshkc: so do you need help with any of them in particular?
<siavoshkc> Fixed the access problem by editing postfix config. Now I need help for this one.
<blackflow> siavoshkc: can you pastebin the entire .service unit file? that error tends to be misleading in some cases, eg. when sandboxing is used
<siavoshkc> blackflow: Where can I find it?
<blackflow> siavoshkc: systemctl cat supervisor.service
<siavoshkc> https://termbin.com/w648
<blackflow> siavoshkc: what about   journalctl -U supservisor.service -n 50
<blackflow> (sans typos of course :) )
<siavoshkc> And there are to conf files for it.  siavosh @ kamanacademy.ir: ls /etc/supervisor/conf.d/*.conf /etc/supervisor/conf.d/laravel-worker.conf  /etc/supervisor/conf.d/statsd.conf
<siavoshkc> Failed to parse timestamp: supervisord.service
<blackflow> can you pastebin the output of that journalctl command? the whole log context is important
<blackflow> I'm assuming last 50 lines are relevant, feel free to adjust if that's not the case
<siavoshkc> blackflow: https://termbin.com/lztx
<blackflow> siavoshkc: my bad, use -u and not -U  (I'm working with psql at this very moment and it uses -U, so finger memory did it....)
<siavoshkc> lol https://termbin.com/jotx
<blackflow> siavoshkc: is python installed?
<blackflow> python2
<siavoshkc> Well. At least it was!
<siavoshkc> Now it is missing. That one is my doing
<blackflow> that's the problem. the "No such file" error comes from the supervisord shebang line that invokes python
<siavoshkc> I think I mistakenly removed it from update-alternatives
<blackflow> siavoshkc: altered default python command?
<siavoshkc> blackflow: Yes I did. Fixed it :-))))
 * lotuspsychje prepares a python cookie :p
<blackflow> siavoshkc: yeah. :) PEP-394 .... NEVER alter the version of `python` command. by established technical standards (the said PEP), `python` is always supposed to be python 2.x.
<blackflow> (except in virtualenvs where the only installed python3.x may have `python` symlink)
<siavoshkc> Yes according to that I removed alternatives. but i should have only removed python3s. I did it altoghether
<super_koza> I have installed Ubuntu Server 18.04
<super_koza> After setting up a couple of things, I did apt update, apt upgrade.
<super_koza> The PC upgraded itself and now on booting, the new GRUB option gives me kernel panic and doesn't boot up.
<super_koza> The old one is still working fine.
<super_koza> What should I do?
<lotuspsychje> wich kernel is that failing super_koza
<super_koza> Just a sec
<super_koza> 4.15.0-45
<siavoshkc> blackflow: Thank you
<super_koza> 4.15.0-29 still works
<lotuspsychje> super_koza: is it possible to paste the error line kernel panic to the channel? volunteers can take a look for you
<super_koza> I can try to take a photo of the screen and paste it here
<blackflow> siavoshkc: you're welcome
<super_koza> lotuspsychje: here it is
<super_koza> https://drive.google.com/file/d/1mOY8fsnFvhPXR-8JjBAgq7Dkw4R1HF1W/view?usp=sharing
<tomreyn> super_koza: what's the hardware?
<tomreyn> which installer did you use?
<tomreyn> (iso image file)
<super_koza> I used the old installer
<super_koza> I think this one: ubuntu-18.04.1-server-amd64.iso
<tomreyn> super_koza: so, which hardware? can you look for a firmware upgrade, too?
<super_koza> Lenovo X201t
<tomreyn> hmm so not actually a server. but of course the default kernel image should be working fine.
<tomreyn> super_koza: can you upload your previous boots' log and post it here? this would do it for you (except for pasting the url): journalctl -b -1 | nc termbin.com 9999
<super_koza> Oh no
<super_koza> sorry
<super_koza> it is a server
<super_koza> I just snatched the iso name of the ubuntu website
<super_koza> to show that it is not a live iso
<tomreyn> super_koza: i mean it's not actually server hardware
<tomreyn> ubuntu-18.04.1-server-amd64.iso is indeed a server installer (the alternative one, based on debian installer), so this could have been correct.
<super_koza> Oh, that is true
<tomreyn> super_koza: you should still not be running into this issue, so if you like posting the journal i'd be happy to review it
<super_koza> Just a second
<super_koza> tomreyn: https://termbin.com/jhrf
<super_koza> here it is :)
<tomreyn> super_koza: hmm, do the timestamps of when your boots were logged, as per "journalctl --list-boots | tail" then suggest that the 4.15.0-45 boot wasn't logged?
<super_koza> I booted with 4.15.0-29
<super_koza> let me see what I get with that command
<super_koza> https://termbin.com/j9ih
<tomreyn> super_koza: journalctl | grep -F ' kernel: Linux version' | tail | nc termbin.com 9999
<super_koza> https://termbin.com/1r2f
<super_koza> I can't get inst 0-45 at all
<super_koza> *into
<tomreyn> i see
<tomreyn> super_koza: is the intel graphics the only graphics chipset on this system, or is there something else, such as nvidia
<super_koza> No, there is only iGPU on the board
<tomreyn> !recovery | are you able to boot to recovery, super_koza
<ubottu> are you able to boot to recovery, super_koza: If your system fails to boot normally, it may be useful to boot it into recovery mode. For instructions, see https://wiki.ubuntu.com/RecoveryMode
<tomreyn> on -45, that is.
<super_koza> Nope, can't do that
<super_koza> Kernel panic - not syncing: VFS: Unable to mount root fs on unkown-block(0,0)
<tomreyn> hmm unknown block? interesting.
<super_koza> What are my options here?
<tomreyn> do you have lvm, disk encryption raid etc?
<super_koza> Can I remove this kernel, or should I reinstall everything as I was just setting up the PC.
<super_koza> Nope, I have nothing
<tomreyn> may i repost the photo you uploaded to googleyou could purge the -45 kernel image and reinstall it
<tomreyn> i meant to write: you could purge the -45 kernel image and reinstall it
<tomreyn> also: may i repost the photo you uploaded to google to imgur.com ?
<super_koza> sure thing, I don't believe that photo has any sensitive data
<tomreyn> https://i.imgur.com/hjM0syR.jpg
<super_koza> Notice the line in the middle... :D
<tomreyn> i did ;)
<tomreyn> i'll have a shpwer, bbl. but please post if you have more findings
<tomreyn> *shOwer ;)
<_Trullo> I installed Ubuntu Server and then ubuntu-desktop. trying to set static ip. but when I go into network settings, wired is not there.. only VPN and Proxy..
<_Trullo> network is working fine, I have done updates and stuff, so nothing wrong with the connection, it's just not there..
<gislaved> meh I need to find a sane way to deply all my certs from my CA proxy without having half of them failing on renewal
<siavoshkc> OK. We have django website and apache2 on Xenial. I created a python3 venv and configured apache2 to use it. I am trying to use wsgi_mod in damon mode. Accessing website causes an error log to be written down in server log.
<tomreyn> _Trullo: is your ethernet interface actually detected and a driver loaded, though? lspci -knnv | nc termbin.com 9999
<blackflow> siavoshkc: you need an application server like wsgi for that
<siavoshkc> blackflow: mod_wsgi apache module does that
<siavoshkc> It will interface between django and apache2
<tomreyn> you mioght want to post the error log
<siavoshkc> tomreyn: https://termbin.com/3zxp
<tomreyn> siavoshkc: first hit on web search: https://stackoverflow.com/questions/6454564/target-wsgi-script-cannot-be-loaded-as-python-module
<siavoshkc> tomreyn: yes I did. I installed wsgi_mod for python3 based on that thread.
<siavoshkc> also sudo chmod a+x django.wsgi
<siavoshkc> also changed python3 from global mode to venv mode
<tomreyn> django.wsgi? this log suggests that kamanquest/wsgi.py was called
<tomreyn> maybe this is a question for #django really (not sure this channel exists, but you could check)
<siavoshkc> I think the solution lies here https://modwsgi.readthedocs.io
#ubuntu-server 2020-02-03
<lordievader> Good mornig
<lordievader> morning*
<danboid> Is there not an IRC channel for Landscape?
<lotuspsychje> !landscape | danboid
<ubottu> danboid: Landscape makes the management and monitoring of Ubuntu systems simple and effective by combining world-class support with easy to use online management tools. https://landscape.canonical.com/
<lotuspsychje> danboid: official support falls under canonical
<danboid> I looked here https://wiki.ubuntu.com/IRC/ChannelList and couldn't see one
<lotuspsychje> there isnt one danboid
<danboid> OK
<danboid> I've just installed landscape-quickstart and I've found 2 bugs in the first 30 minutes
<lotuspsychje> danboid: contact canonical about it
<cgi> does anyone run a quic server in production here?
<lotuspsychje> cgi: best to ask your specific question to the channel, so volunteers can think along with you
<cgi> what is a good production server to run for supporting quic? Currently I use nginx, but would like to support quic in production.
<pragmaticenigma> cgi: Not sure I understand the issue/limitation with Nginx in a production environment. Lots of companies/webservers run nginx on the Interent
<tomreyn> cgi: https://caniuse.com/#search=QUIC
<tomreyn> vs https://caniuse.com/#search=HTTP%2F2
<Ussat> is 20.4 abaliable in beta ?
<pragmaticenigma> !ubuntu+1 | Ussat
<ubottu> Ussat: Focal Fossa is the codename for Ubuntu 20.04 - Support only in #ubuntu+1
<Ussat> Thanks
<Ussat> Not looking for support, but thanks
<pragmaticenigma> Ussat: Support and/or questions need to be directed there
<Ussat> ...
<sorin-mihai> is there some method/documentation about loading additional drivers/kernel modules in the server installer?
<pragmaticenigma> sorin-mihai: I thought that was what DKMS was/is for
<sorin-mihai> actually testing the focal server installer on a server with nvme drives in raid and some 10g nics, and neither are detected properly, so i tought i could just manually load them
<pragmaticenigma> sorin-mihai: 20.04 hasn't been released yet, likely you're encountering a bug. I would recommend building with 18.04, unless this a testing machine. If you are testing, then you're question would be better asked in #ubuntu+1
<sorin-mihai> true, true. yet, is there a method already established for loading drivers that are not in the standard iso?
<pragmaticenigma> sorin-mihai: This might help: https://help.ubuntu.com/community/InstallCDCustomization
<sorin-mihai> thanks
<danboid> Does anyone know how to use landscape-config to join a machine to a landscape server as a container?
<danboid> Also, does the landscape client need to be installed on the landscape on-prem server for it to be updated with Landscape or not?
<danboid> I'm going to request both these get added to the Landscape FAQ
<danboid> I'm pretty sure you do need to install the client on the server to get it to update itself as when you first start it no computers ae registered
<danboid> https://bugs.launchpad.net/landscape/+bug/1861722
<ubottu> Launchpad bug 1861722 in Landscape Server "Documentation: Registering containers and updating the OPL server" [Undecided,New]
<teward> danboid: i believe it has to have the landscape client installed on it but I"d be careful pushing updates blindly lol
<danboid> teward, Do you know how to register a Landcape client as a container instead of a full machine?
<teward> no, but containers need specialized Landscape licenses
<teward> to be used *as* containers
<teward> and usually I think they require some kind of MaaS deployment or Juju deployment to make that work.
<teward> with a free landscape onprem you don't get to nitpick between full or containers I don't think
<danboid> teward, No, the free version supports up to 50 containers and 10 full machines
<teward> then that's changed since I last used it
<teward> not sure how to specify what is or isn't a container though that's probably in the docs somewhere deeo
<teward> danboid: what 'client' is this?  Docker container?  LXD?
<danboid> I'm interested in both LXC and LXD
<teward> VM?
<teward> no i mean the one you're tryign to register as a container instaed of a full machine
<danboid> I have both LXC and LXD containers I'd like to register
<teward> have you *tried* registering them?
<danboid> Yes, as a full machine but it doesn't auto-detect its a container
<danboid> That was a LXD. I've not tried LXC yet
<danboid> landscape-config has a --cloud option but that seems to be for Amazon EC2 instances
<danboid> The man page makes no mention of containers
<teward> yeah i think it's going to autodetect them, an LXC container and an LXD container are different beasts
<teward> the on prem page indicates this:  a free license with 10+50 seats (bare metal plus LXC containers)
<teward> where it says **LXC** containers
<teward> not LXD
<teward> so my guess is test an LXC container and see what happens
<teward> if it works for LXC but not LXD then the issue is LXD != LXC containers
<teward> and may not be covered under the standard 'containers' group
<danboid> Seems funny it doesn't support LXD as that's a Canonical thing
<danboid> and its hardly new
<teward> to be fair i think their use cases are different but I don't know specifics to that end unfortunately
<danboid> I'm pretty sure juju uses LXD for its containers
<teward> ohnston
<teward> oops
<teward> cjohnston: since you replied to ^ their bug, I thought I'd ask you stop in
<cjohnston> hi
<teward> cjohnston: apparently, danboid is using landscape, and trying to reg LXD as containers but it regs bare metal instaed
<teward> hence the inquiry as how to *tell* it to use a container license.
<teward> sorry to drag you in here but since you replied on the bug... :P
<cjohnston> danboid: can you screenshot your license page?
<teward> danboid: also this is onprem yes?
<teward> (not Canonical SaaS cloud Landscape)
<teward> (like I have xD)
<danboid> cjohnston, Not now but I can tomorrow. It's in work and I turned it off overnight as I've notset up the firewall etc yet
<cjohnston> ok
<danboid> Yes its on prem
<danboid> cjohnston, Should it auto-detect an LXC or LXD install?
<cjohnston> danboid: yes
<danboid> I've only tried it in a LXD so far but it thought it was a bare metal machine
<cjohnston> danboid: are you running the trial or did you purchase landscape?
<danboid> It was a 16.04 container tho, if that makes any difference, on a 16.04 host
<danboid> trial
<cjohnston> shouldn't
<danboid> I need to install the client onto the server to get it to update itself right? It is safe to do that I presume?
<danboid> cjohnston, ^^
<cjohnston> correct
<danboid> Update the Landscape on-prem server I mean
<arooni> how do i disable atop logging permanently?  run sudo rm -rf /var/log/atop in crontab ?
<sarnold> why not just uninstall it if you don't want to use it?
<arooni> because i wanted to like it
<arooni> but havent had time to really delve into it
<teward> just uninstall it until you get the time to delve into it
<arooni> this is the right answer
<arooni> what is a 'comfortable' amount of space to have for my / partition?
<arooni> and in todays ubuntu; is it stupid to have a separate / from /home partition?
<sarnold> arooni: you can always reinstall it when you want to try it out
<arooni> (comfortable free space) i have 28gb currently; and have 4gb free (on laptop ubuntu) but i also run an ubuntu vps
<sarnold> arooni: and apt install atop   is way easier than trying to remember how you disabled logging because you didn't want to run apt purge atop   :)
<arooni> well said
<sarnold> re free space.. a lot of cloud instances are created with 10-20 gig root filesystems
<sarnold> physical machines may want to do something different ;)
<arooni> is it still good practice to keep the root partition separate?
<sarnold> I do; but that may be old superstition
<teward> it really depends
<teward> i don't separate my root partitions anymore 'cause I LVM everything, and most of my systems are backed up externally as well
<Ussat> ^^
<Ussat> same
<coreycb> jamespage: sahid: promoting ussuri-staging->proposed, there are currently 5 tempest failures
<Ussat> I am currently useing ansible to manage/patch etc my ubuntu systems, this is the snipit of the play I use for that, I am finding that this is NOT cleaning /boot of old kernels. Any idea what I am missing ?:   https://pastebin.com/UkLHpbcU
<oerheks> autoremove: yes
<oerheks>                     purge: yes
<oerheks> https://www.cyberciti.biz/faq/how-to-use-ansible-to-autoremove-unwanted-package-dependency-with-apt/
<oerheks> so not 'true' ??\
<Ussat> ahhh thats what I was missing, purge, thanks
<oerheks> true > yes
<Ussat> Thanks
<oerheks> have fun!
<Ussat> appreciated.
<Ussat> that will leave 2, I assume
<Ussat> yes, it does, thanls
<oerheks> yes, current and previous kernel.
<tds> it can leave up to 4, there's some logic for it
<Ussat> Excellent, thanks
<Ussat> I had a script that wasdoing this, I just forgot to put that part in the play
<Ussat> Thanks again
#ubuntu-server 2020-02-04
<lordievader> Good morning
<coreycb> sahid: I think once we get cinder updated for focal the remaining tempest failures will get resolved
<sahid> coreycb: i was not able to fix the issue that you had for merging so i created an other snapshot
<sahid> which is comming with some dependencies versions that i need to bump up
<coreycb> sahid: ok need a hand with the dependencies?
<sahid> thank you that should be fine i will ping you to merge when ready
<sahid> can you have a look at python-ironic-lib and python-openstacksdk
<sahid> they are ready I guess
<coreycb> sahid: yep
<sahid> coreycb: also i don't understand the problems with alembic, python-mistral and python-neutron-lib
<sahid> if you can have a look
<coreycb> sahid: ok I'll take a look
<jamespage> sahid, coreycb: https://bugs.launchpad.net/ubuntu/+source/pyrsistent/+bug/1860422 needs a bit of love
<ubottu> Launchpad bug 1860422 in pyrsistent (Ubuntu) "[MIR] pyrsistent, required by python-jsconschema" [High,Incomplete]
<coreycb> jamespage, sahid: I'll take a look
<sahid> jamespage, coreycb ack
<coreycb> sahid: python-ironic-lib and python-openstacksdk uploaded, thanks
<sahid> ack
<coreycb> sahid: jamespage: everything in ussuri-staging is now promoted to ussuri-proposed. matplotlib and networkx will build successfully once the pandas SRU for bionic is released (tomorrow hopefully).
<jamespage> coreycb, sahid - could we take a look at removing python3-keyring from our dependency chain in Openstack? see comments on https://bugs.launchpad.net/ubuntu/+source/jeepney/+bug/1861268
<ubottu> Launchpad bug 1861268 in jeepney (Ubuntu) "[MIR] jeepney" [Undecided,New]
<coreycb> jamespage: sure
<coreycb> sahid: hmm, python-openstacksdk is hitting some timeouts
<coreycb> jamespage: looks like python3-pyrsistent is already in main. updating the bug to say that.
<smoser> bryce: if you're around.. https://code.launchpad.net/~smoser/usd-importer/+git/usd-importer/+merge/378282 is happy now (i think) and the '-B' simplifies things.
<bryce> smoser, great, thanks.
<smoser> i guess that a nwere version of 3.6 must have come in with the -B flag that you thougt was not available until 3.8
<bryce> yeah I was just wondering the same
<slimschwifty> Hey all, I'm looking for some advice. I'm upgrading my existing headless ubuntu server and plan to add an RX 580 to help encode my DVR captures. The server doesn't have any GUI as it never needed it, but I believe I need one to utilize the vaapi acceleration with ffmpeg. Is lubuntu-gtk-core my best bet for an absolute minimal GUI for this purpose or is there a better alternative?
<bryce> slimschwifty, not really a server question, but I think it might be possible to run pure X.org with no WM.  Depends on what you're trying to maximize/minimize I guess.
<bryce> however it seems like there must be a way to run ffmepg even with vaapi, without any X/Wayland at all.  But that may be more a question for ffmpeg folks
<slimschwifty> I may be misunderstanding the requirements. I'll try the ffmpeg folks, thanks
<Sven_vB> hi! I'm using xinetd on xenial to guard a weak proxy from being overrun. I do this by limiting the number of instances my xinetd proxy service is allowed to have. when apt tries to hammer it, xinetd blocks it. is there a way to have xinetd instead hold up to a few hundred connections in limbo until it's their turn to be served?
<Sven_vB> to clarify, "xinetd proxy service" is a xinetd service that netcats to the real proxy.
<Sven_vB> wow, even with cps = 512000, "Deactivating service ??? due to excessive incoming connections."
<Sven_vB> maybe I underestimated how intense apt update really is
<Sven_vB> even if I increase to "instances = 2500" and of course reload xinetd
<Sven_vB> I wonder just what is happening
<Sven_vB> as a stopgap I'll use a node.js connection limiter in front of xinetd.
<Sven_vB> but would be nice to have a more basic solution.
<sdeziel> Sven_vB: nowadays, I use systemd-socket-proxyd instead of xinetd
<sdeziel> dunno if it's available on Xenial but it is on Bionic
<Sven_vB> sdeziel, thanks, I'll try that.
<Sven_vB> can it hold connections idle until the service is ready?
<Sven_vB> "ready" as in, below limits again
<sdeziel> Sven_vB: not that I know. It only lets you set a cap on the number of connections
<Sven_vB> yeah I do have that. it's part of the problem.
<sdeziel> Sven_vB: if you want something fancy, haproxy does a good job
<Sven_vB> I can choose between apt not working because xinetd blocks the rage, or apt not working because the weak proxy breaks down.
<sdeziel> Sven_vB: but I'm surprised that you need to proxy to a proxy ;)
<Sven_vB> I wouldn't consider "just wait and do nothing" as "fancy"
<sdeziel> true but I don't have good alternatives to propose
<Sven_vB> yeah I'd prefer all apps I use were kind of friendly, but most of them just don't care about how aggressive they are, because their intended target servers are ready to deal with the assault.
<Sven_vB> I mean I kinda accept that lack of respect from overworked people at hipster companies, but now even apt? :<
<Sven_vB> well I should study the apt manual again
<Sven_vB> maybe it can restrain itself afterall
<sdeziel> Sven_vB: there is a Queue-Mode param mentioned in apt.conf man page
<sdeziel> can't find what's the default though
<tomreyn> there is Acquire::http:Pipeline-Depth also
<Sven_vB> https://linux.die.net/man/5/apt.conf covers it, a crude way to limit to 1 connection per criteria
<Sven_vB> ah maybe that one will allow a better compromise.
<Sven_vB> s:compromise:tradeoff:
<tomreyn> see apt-transport-http(1) for details
<Sven_vB> thanks!
<Sven_vB> strange, it looks like apt only got into that rage because the network interface to the interwebs was down, which I didn't notice at first. now that it's up, it goes way more slowly.
#ubuntu-server 2020-02-05
<lordievader> Good morning
<weedmic> where is the update log?  I'm looking for a way to see which user applied which update and what date/time stamp.  it was not in /var/log
<tomreyn> well thats where it normally is, though. if you run a supported ubuntu release with default configurations and are asking about apt software updates
<weedmic> i see an unattended-upgrade log, but these were attended - perhaps the log is there - what is the name?
<tomreyn> history.log and term.log in apt/
<tomreyn> as every server admin would know thanks to reading the manual ;)
<ducasse> weedmic: you'd need to correlate other files to determine which user installed what, though
<weedmic> waar
<weedmic> i mean correct
<coreycb> jamespage: cpaelzer: I'm planning to drop libssh-dev for the ussur qemu backport. let me know if you object.
<cpaelzer> coreycb: I object :-)
<cpaelzer> coreycb: I have sent you a mail pointing to the commit that I added for you to revert
<cpaelzer> use that and you'll be good
<cpaelzer> well, you might have recreated the same change now, but to help following the hints I provided in that mail will help
<cpaelzer> coreycb: hmm I didn't even mention ssh in that mail :-/ mostyl around nesting
<coreycb> cpaelzer: thanks I'll take a look. I figured since it hadn't been enabled until focal it was not that big of a deal.
<cpaelzer> coreycb: the point is that src:qemu can now work with libssh while formerly it used libssh2
<cpaelzer> libss2 universe was the reason to disable it
<cpaelzer> libssh is in main since forever
<cpaelzer> so you can keep it enabled on the backport
<cpaelzer> coreycb: ^^
<coreycb> cpaelzer: the problem is qemu can't use the libssh in bionic and I don't want to backport libssh to the ussuri cloud archive
<ChmEarl> coreycb, I've done the backport of libssh-4 in bionic from disco to run qemu-4.1 it was easy
<ChmEarl> version was 0.8.6-3ubuntu0.3
<coreycb> ChmEarl: good to know, thanks
<coreycb> jamespage: pike-proposed regression tested successfully in case you're ready to promote ceph
<coreycb> jamespage: queens-proposed tested successfully as well
<coreycb> jamespage: rocky-proposed successful too
<coreycb> jamespage: cpaelzer: ok libssl and qemu both backported with libssl enabled. security team will be supporting via focal updates so I think we're good.
#ubuntu-server 2020-02-06
<cgi> is anyone here using a http3 server yet?
<benl90> Hello. I want to ask, how to enable PubkeyAuthentication? I already set PubkeyAuthentication yes on /etc/ssh/sshd_config and ssh-copy-id my key to server, but I still asked with password when login. Is there anything that I missing? Thanks
<sarnold> benl90: the usual problems are (a) modes on ~ or ~/.ssh or ~/.ssh/authorized_keys are too permissive (b) the key wasn't available to the ssh client for whatever reason
<sarnold> benl90: check server logs on the server side and maybe try adding some extra -v to the ssh client side
<benl90> sarnold: I already check the file permission, no problem on the permission. This's the log https://paste.ubuntu.com/p/K6TV7N5274/
<benl90> It seems the key failed, but mine is working to other server
<sarnold> benl90: is the client-supplied username correct for the server?
<benl90> yes, after the key failed, I insert the password for that username
<benl90> the authorized_keys on the server same with my id_rsa.pub on local
<benl90> https://paste.ubuntu.com/p/VP3BhVKktn/ this's the log off success login using same username. I did ssh-copy-id ben@192.168.9.32
<sarnold> benl90: did you need to edit the config to enable keys in sshd? (I wouldn't expect this to be necessary, but you never know...)
<sarnold> benl90: how about sudo sshd -T | grep -i pub  ?
<sarnold> benl90: did you find anything in the server logs that might indicate something specific?
<benl90> ehm I have long time never touch ubuntu server, is that on /var/log/secure like RH based or /var/log/auth.log?
<benl90> sarnold: ehm it's enabled by default I think on server on /etc/ssh/sshd_config
<benl90> for the PubkeyaAuthentication
<sarnold> benl90: try journalctl -u ssh -ex   and /var/log/auth.log
<benl90> Ok wait
<benl90> hello I've question, does upgrading ubuntu server will delete database on mysql server or not?
<sarnold> it shouldn't; but backups are always good, you know?
<benl90> sarnold: ahaha.. seems yes.
<benl90> ok I will backup it first
<sarnold> and make sure to keep those things running after upgrade, too :)
<benl90> because 14.04 mysql 5.5 having strange problem.
<benl90> sarnold: After do release upgrade I should restart right?
<cpaelzer> thanks for the info coreycb
<lordievader> Good morning
<ruben23> hi there guys anyone can help, i have set a Vhost with this config its like https://pastebin.com/beAgy7ci --> but when i open it im getting ERR_CONNECTION_TIMED_OUT
<ruben23> any idea guys
<ducasse> !crosspost | ruben23
<ubottu> ruben23: Please don't ask the same question in multiple Ubuntu channels at the same time. Many helpers are in more than one channel and it's not fair to them or the other people seeking support.
<ruben23> ducasse: ok sorry
<lordievader> An error like that sounds like the problem is before apache
<ruben23> lordievader: any suggestion somehow
<ruben23> Server version: Apache/2.4.7 (Ubuntu)
<lordievader> Start troubleshooting your connection to determine where it hits the fan
<ruben23> i tried to check the error logs and access logs during i load the page does not display anything related to the link at all
<lordievader> Start at the beginning. Can you resolve the address (DNS). Can you connect to the ip/port (firewall). Etc
<ruben23> on the firewall port 80 is open and it lsitening to apache2, resolved DNS im not sure what to do with this?
<lordievader> What happens when you run `curl http://<address>/`?
<ruben23> lordievader:  i wil run on the command line itself on the server.?
<lordievader> From the same host you get the connection time out from
<rbasak> ahasenack: bug 1723350 hit our 60 day alert. Any action needed?
<ubottu> bug 1723350 in sssd (Ubuntu Bionic) "sssd offline on boot, stays offline forever" [High,Confirmed] https://launchpad.net/bugs/1723350
<ahasenack> I can't get to it now, it's behind other stuff
<ahasenack> there is a patch, if someone wants to give it a o
<rbasak> Sure
<rbasak> "In the queue" is fine :)
<ruben23> lordievader:   --->  curl: (7) Failed to connect to 209.126.68.76 port 80: Connection refused
<ruben23> lordievader:  when i disable the firewall the link works now, but i need to have a firewall what can you suggest what should i enable the ports
<lordievader> ruben23: Open the port only for what you want...?
<ruben23> lordievader: yes like open port 80, but i tried its the same error again when i put up the firewall back
<lordievader> Look at the rules of your firewall, make sure the port is allowed.
<coreycb> sahid: I'm going to test  cinder with a 3.8.0 min version for taskflow to see if that fixes the backport. it might also be blocked on the networkx backport which is blocked by the pandas SRU.
<sahid> coreycb: ack
<coreycb> cpaelzer: have you run across this by any chance with libvirt 6.0.0? https://paste.ubuntu.com/p/Y84y3ZXdQz/
<cpaelzer> coreycb: no - does not ring a bell
<cpaelzer> coreycb: search-foo shows: https://bugs.launchpad.net/nova/+bug/1580728
<ubottu> Launchpad bug 1580728 in oslo.log ocata "UnicodeDecodeError: 'ascii' codec can't decode byte 0xc3 in position 386: ordinal not in range(128) in nova.virt.libvirt.vif:unplug with unicode instance.display_name" [Medium,Incomplete]
<cpaelzer> maybe there is something to learn in there
<coreycb> cpaelzer: ok thanks
<cpaelzer> and the older https://bugs.launchpad.net/nova/+bug/1390380
<ubottu> Launchpad bug 1390380 in oslo.i18n "'ascii' codec can't decode when create a instance" [Undecided,Invalid]
<cpaelzer> and https://ask.openstack.org/en/question/55470/ascii-codec-cant-decode-byte-0xc3-in-position-30-ordinal-not-in-range128-error-when-launching-an-instance-in-rdo-juno/
<cpaelzer> and so on
 * cpaelzer stops spamming links
<cpaelzer> intrestingly all I found where in openstack context
<cpaelzer> maybe some interface is filled with unicode by openstack but processed as str by libvirt?
<coreycb> sahid: ok confirmed cinder backport needs new networkx and then unpatched taskflow rebuilt. but that's blocked on the pandas sru so I'll sort that out once the pandas sru is done.
<coreycb> cpaelzer: thanks, it's probably an easy fix. currently trying to figure out what file it's processing when failing.
<cqs> Hey, someone knowledgeable when it comes to Ubuntu landscape? My issue is that when i upgrade landscape-client via landscape ui, the job gets stuck. is this scenario even supported?
<lotuspsychje> !landscape | cqs
<ubottu> cqs: Landscape makes the management and monitoring of Ubuntu systems simple and effective by combining world-class support with easy to use online management tools. https://landscape.canonical.com/
<cqs> got it, i'll contact ubuntu support
<lotuspsychje> cqs: cool ; )
<sarnold> benl90: oh yeah, definitely restart after upgrading :) most things will probably continue to work, but, uh, it's not great :) rebooting once in a while is a good idea anyway :)
<Ussat> you all see this:  https://www.theregister.co.uk/2020/02/05/sudo_bug_allows_privilege_escalation
<powersj> Ussat, https://usn.ubuntu.com/4263-1/
<Ussat> gotcha, sorry
<powersj> Ussat, no worries - totally fine to ask :)
<rabbithole980> is ufw the easiest firewall to configure?
<coreycb> cpaelzer: switching to LC_CTYPE=C.UTF-8 in the backport fixes it. related upstream change: https://github.com/libvirt/libvirt/commit/ada268012a03b9be83756aba2c0e14d206f5e70f
<sdeziel> rabbithole980: I've never really used it but the it seems to work well for simple stuff, see https://help.ubuntu.com/lts/serverguide/firewall.html#firewall-ufw
<rabbithole980> thanks!
#ubuntu-server 2020-02-07
<ruben23> hi guys any idea my key in data on crontab -e, after some tiem suddenly dissapear and its empty, any idea what might be the issue
<cpaelzer> coreycb: interesting - that should only be a problem for the UCA backport since Bionic has python3.6 and not an issue for the 3.8 in focal right?
<lordievader> Good morning
<albech> My apache webserver crashes randomly during graceful restarts: https://paste.ubuntu.com/p/dQsr6mgzvD/
<kiokoman> albech: you are not alone https://stackoverflow.com/questions/54213685/apache-seg-fault-krb5int-key-delete-assertion-destructors-setkeynum-1-fail https://krbdev.mit.edu/rt/Ticket/Display.html?id=8863
<albech> kiokoman: yeah i saw that one, but no solution :/
<kiokoman> we need to wait i suppose -_(O_O)_-
<albech> guess so.. thanks anyway
<albech> meanwhile.. i may write a script that checks if its down and do a hard restart
<tomreyn> geez using RT as a bug tracker is a really bad idea
<tomreyn> albech: please make sure you file a bug agains tthe relevant package in ubuntu if this hasn't been reported against ubuntu on launchpad, yet
<albech> tomreyn: working on just that right now
<tomreyn> is this backed by a "snap" (snapcraft.io) package? "mod_fastcgi/mod_fastcgi-SNAP-0910052141"
<tomreyn> albech: great, make sure you use the "ubuntu-bug" command so log files are added, too
<tomreyn> alternatively use "apport-collect BUGID" on the affected system after filing the report.
<CrummyGummy>  Hi! Have any of you seen a problem where an IP address gets changed on a container with dhcp and the old routes remain?
<CrummyGummy> Maybe some netplan wierdness but the containers now have old source addresses attached to the routes and it's messing up my networking.
<CrummyGummy> I'm not really even sure why the ip addresses are changing anyway tbh.
<CrummyGummy> how does Netplan control dhcp anyway?
<CrummyGummy> does it run dhcp-client?
<rbasak> It configured systemd-networkd or Network Manager.
<rbasak> They take care of DHCP as necessary.
<rbasak> configures*
<friendlyguy> hi there! i am struggeling with a ubuntu vm where /boot has 0 free space left
<friendlyguy> its 18.04, but it has been release upgraded several times
<lordievader> friendlyguy: How large is your `/boot` and how many kernels/initramfs-es are on there?
<friendlyguy> boot is 236mb
<friendlyguy> about 9 of them
<lordievader> Yeah, that is rather small.
<friendlyguy> autoremove doesnt work
<lordievader> Especially for that number of kernels.
<friendlyguy> yup, its default from the setup
<friendlyguy> never changed it
<lordievader> Manually remove the kernels except for the last and in use ones.
<friendlyguy> i just assumed that the size would make sense back then
<lordievader> For a couple of kernels (<=3) it is fine.
<friendlyguy> okay, i check with uname -a which kernel version i run and delete all others in boot?
<friendlyguy> where can i specify the number of kernels to hold there?
<lordievader> Remove the packages.
<friendlyguy> is this usually done with "autoremove"?
<ducasse> friendlyguy: use dpkg -P to remove them
<lordievader> If only `linux-image-generic` (or however Ubuntu calls the package) is installed this should happen automatically.
<friendlyguy> i have a couple of vmlinuz files, a couple of initrd files, a couple of config files
<lordievader> friendlyguy: Only if the versions are not explicitly installed.
<friendlyguy> i never installed a version "manually", only ever ran upgrades
<friendlyguy> so... do i delete the files that do not match with the kernel version, or do i uninstall them with dpkg -P?
<lordievader> friendlyguy: What is the output of `dpkg -l|grep linux-image`?
<friendlyguy> https://paste.ubuntu.com/p/HHQrsMxkvw/
<lordievader> friendlyguy: `sudo apt purge linux-image-4.{15.0-5{5,8},4.0-154}-generic`
<lordievader> Whatever is left of those other 9 minus 4.15.0-60 need to be removed manually.
<ducasse> friendlyguy: use dpkg
<friendlyguy> back again
<friendlyguy> okay, lets try that
<friendlyguy> argh, cant copy paste any more... brb
<friendlyguy> okay, that failed because of unmatched dependencies
<friendlyguy> https://paste.ubuntu.com/p/3F4yKPRDCv/
<friendlyguy> when i do the --fix-broken i get this: https://paste.ubuntu.com/p/WgsM7tbQFg/
<friendlyguy> back in half an hour... need to eat somethign
<lordievader> friendlyguy: Are you mixing repos?
<coreycb> cpaelzer: yes that just affects bionic with python 3.6
<friendlyguy> lordievader: erm... not intentionally
<friendlyguy> how can i verify that? check the sources.list?
<lordievader> Yes, and the contents of `/etc/apt/sources.list.d/*.list`
<friendlyguy> https://paste.ubuntu.com/p/PXcX8vc7CB/
<friendlyguy> thats what i have in the sources.list
<friendlyguy> i dont remember editing it though
<friendlyguy> oh, there are a bunch of config in the sources.list.d folder
<friendlyguy> deb http://ppa.launchpad.net/ondrej/php/ubuntu xenial main
<friendlyguy> thats the only one in the sources.list.d that isnt commented out
<friendlyguy> ah, xenial looks old... shall i get rid of it?
<friendlyguy> ah, i just noticed thats a repo for php versions
<friendlyguy> all others were disabled during migration to trusty/xenial/bionic
<lordievader> Your sources look sane.
<lordievader> Are there updates available?
<friendlyguy> yup, but cant install: 0 space left on boot
<lordievader> Hrmm
<lordievader> Well, guess (re)moving old kernels is the easiest way around this.
<friendlyguy> removing as in delete it from the filesystem without using a package manager, right?
<lordievader> Yes
<friendlyguy> okay, let me try that
<coreycb> jamespage: sahid: all the current backport failures will get fixed up once pandas gets to bionic-updates. I'll push on that monday.
<friendlyguy> okay, cleaned all that stuff... (there even was a 3.3 kernel around)
<friendlyguy> so... shall i update now, or try to "autoremove" or... whats the best way to continue?
<friendlyguy> the --fix-broken?
<lordievader> Yes, update. And then remove/purge the old kernel packages.
<friendlyguy> my guess is that this will fill up boot right away again
<friendlyguy> (i guess we both meant update == upgrade
<friendlyguy> )
<sahid> coreycb: ack thanks
<lordievader> friendlyguy: Install the available updates, yes. (I know apt calls this upgrade)
<friendlyguy> lordievader: wont let me... i need to run the fix-broken first: https://paste.ubuntu.com/p/VRpnzZfqp6/
<lordievader> Hrmm, do that first then ð
<friendlyguy> lets c if that works or if i run out of space again
<friendlyguy> ~200mb free space on boot
<friendlyguy>  APT had planned for dpkg to do more than it reported back (78 vs 82).
<friendlyguy>    Affected packages: initramfs-tools:amd64
<friendlyguy> but apart from that it went through nicely
<friendlyguy> 60 mb space left
<friendlyguy> running a autoremove now to get rid of old entries
<friendlyguy> okay, so far so good. rebooting to switch to the new kernel now...
<friendlyguy> yay, that did work :)
<friendlyguy> running a upgrade now
<friendlyguy> btw, kernel now is 4.15.0-76-generic
<friendlyguy> oh boy... now it looks like things go south
<friendlyguy> https://paste.ubuntu.com/p/6QwFrZyDnD/
<friendlyguy> tried to install the old kernels again and fille boot up again
<friendlyguy> i cant figure out why
<friendlyguy> everything looked good after the autoremove... until i ran the "apt upgrade"
<friendlyguy> i guess there is a old package somewhere with dependencies to a very very old kernel
<friendlyguy> but still, why would it pull multiple old kernels?
<friendlyguy> frustrating
<friendlyguy> lordievader: got an idea for me?
<itsame> "gzip: stdout: No space left on device" ?
<itsame> always a bit situation to be in =X if you have a bood cd you could move things around a bit after a backup (making boot a bit bigger)
<sdeziel> friendlyguy (if you come back), I sometimes resort to truncating a vmlinuz and initrd when I'm *sure* they are not needed anymore. To truncate: "> /boot/vmlinuz-$FOO"
<itsame> aptitude why <packagename> <- helps to figure what causes a package to be installed
<sdeziel> by nuking a bunch of unused initrd, you should reclaim a good chunk of space
<itsame> interesting, one of the older version kernels is installed because it provides aufs-dkms on my machine, which is also provided by the newer version, but i guess the way the dependecies resolves causes it to still be flagged as required
<itsame> ((vaguely described xD))
<itsame> sdeziel: you think that can be seen as bug? i wonder somehow
<sdeziel> itsame: dunno, I was just trying to give some cues to friendlyguy on how to deal with his out of space problem on the rootfs
<itsame> i think about it some more later and when i get around to it file a bugreport i guess
<rbasak> bryce: CI passed on https://code.launchpad.net/~racb/usd-importer/+git/usd-importer/+merge/378744, ready to go. No major rush. Monday would be fine - I've got other bits to get on with.
<bryce> ok
#ubuntu-server 2020-02-08
<johnfg> hi guys
<johnfg> is there a way to get my xfce4-terminal to open in the same place on the desktop?
<johnfg> I looked at preferences, but didn't see that choice (maybe i missed it?).
<sarnold> many X applications let you give them parameters like -geometry 800x800+0+0 to stuff it at specific size and place
<friendlyguy> morning
<friendlyguy> still fighting with that vm...: ran out of space on /boot, cleaned old kernels manually from /boot, did a apt --fix-broken which went through nicely. after that i ran an upgrade and watched it fill up boot with very old kernels again
<friendlyguy> its 18.04.4 lts... but has been dist upgraded several times
<friendlyguy> i saw it try to download even a 3.13 kernel
<friendlyguy> lordievader: are you around by any luck? :) you did help me a lot yesterday
<tomreyn> 3.13 is not available on ubuntu 18.04 LTS for sure. unless you installed it from elsewhere or an ubuntu release upgrade faield in the middle, or you're working on a container and don't actually manage your kernel.
<tomreyn> friendlyguy: ^
<friendlyguy> hi there! well, its not a container. its a vm
<tomreyn> this gathers some basic info on apt:  sudo /bin/true && cat &>/tmp/aptlog < <(sudo apt-get -y update 2>&1; apt-cache policy 2>&1; sudo apt-get -syV full-upgrade 2>&1;); nc termbin.com 9999 </tmp/aptlog && rm /tmp/aptlog
<tomreyn> add this for basic OS info: nc termbin.com 9999 < <(lsb_release -ds;cat /proc/{version,cmdline};echo "Session: $XDG_CURRENT_DESKTOP ($XDG_SESSION_TYPE)";echo Shell: $SHELL)
<friendlyguy> thats what happend during upgrade: https://paste.ubuntu.com/p/6QwFrZyDnD/
<tomreyn> dpkg --purge     this 3.13 kernel
<tomreyn> to see what's installed:   dpkg -l | grep ' linux' | nc termbin.com 9999
<friendlyguy> https://termbin.com/8z27
<friendlyguy> aaand the os info https://termbin.com/zqrj
<tomreyn> you have php installed from a PPA. i don't know whether this is a supported upgrade path for this PPA
<friendlyguy> installed is: https://termbin.com/lag5
<tomreyn> 4.15.0-76 is running, purge all but 4.15.0-76 and 4.15.0-64
<tomreyn> then ensure sufficient disk space is available on all relevant mounted file systems, then    sudo apt -f install && sudo apt -V upgrade && sudo apt -V full-upgrade
<tomreyn> also purge linux-cloud-tools-virtual-lts-xenial
<tomreyn> and linux-tools-virtual-lts-xenial
<dsofeir> Hello, I am trying to get the ubuntu 18.04 cloud image to run on KVM on CentOS 7 and having no luck. I can resize the image, setup the cloud-init iso and start the VM however the console does not work and the machine does not get an IP address via DHCP.
<friendlyguy> tomreyn: currently trying that
<friendlyguy> i removed all non 76 kernels and files from boot (deleted from filesystem), but once i run a purge it fills them up right away again
<tomreyn> friendlyguy: i don't think dpkg -P would fill up /boot if that's what you're saying
<dsofeir> Could anyone help me? I am trying to get the ubuntu 18.04 cloud image to run on KVM on CentOS 7 and having no luck. I can resize the image, setup the cloud-init iso and start the VM however the console does not work and the machine does not get an IP address via DHCP.
<friendlyguy> i did a apt purge for the linux-cloud-tools
<friendlyguy> (the xenial ones)
<friendlyguy> https://paste.ubuntu.com/p/bkKTvGFGDx/
<tomreyn> dsofeir: does DHCP work with other VMs? by "console", do you mean VGA console or serial console?
<tomreyn> friendlyguy: right, apt purge ia not dpkg --purge
<dsofeir> tomreyn: Yes, DHCP works when I use a CentOS cloud image in the same Ansible playbook. I mean serial console
<tomreyn> dsofeir: i don't really know about how the cloud images are configured or setup but unless it's said anywhere that a serial console will work out of the box i wouldn't expect that to be the case
<dsofeir> tomreyn: fair enough. Although the machine not getting any address via DHCP makes no sense. Do the cloud images still use cloud-init
<tomreyn> dsofeir: i don't really know, have never used those.
<tomreyn> my guess is "yes"
#ubuntu-server 2020-02-09
<learningDude> hello
<lotuspsychje_> welcome learningDude
<learningDude> thx.
<learningDude> was looking for more info on 18.04 and 19.10 - basic NAT / DNSMASQ - Wondering if anyone had some time?
<lotuspsychje_> learningDude: best to ask your specific issue to the channel, then wait if volunteers can help you
<learningDude> IP forwarding and routing - along with NAT - So - I have address x.x.0.1/24 WAN Side and I want to MASQ my subnet x.x.1.1 with hosts on x.x.1.0 network to be able to run apt and configure software.
<learningDude> Are the NAT rules still applied with IP tables?
<ducasse> depends on the rules. at this time you might have better luck in ##networking, quiet here outside of eu office hours
<RoyK> lotuspsychje: no reason to scare people to leave - we're always a set of ppl hanging out here in the weekends as well, albeit a small set, it shouldn't be a problem to answer that question
<lotuspsychje> RoyK: i wasnt trying to scare them away, but elaborate their issue so everyone can read it
<kierank> Is "post-up" in ifupdown allowed to be used with vlans?
<kierank> it doesn't seem to apply
