#ubuntu-server 2006-03-21
<neuralis> fabbione: have we considered shipping with some sane limits enabled by default in /etc/security/limits.conf?
<fabbione> neuralis: the defaults are sane. :)
<fabbione> no we are not going to touch them
<fabbione> not for dapper
<fabbione> and we are way past FF for that
<neuralis> i didn't think any limits are enabled by defualt, are they?
<fabbione> there are no limits
<fabbione> and we don't want them
<fabbione> it's more the time they break something that really protects you against stupidity
<fabbione> i have seen far too many apache installs broken for the crap in limits.conf
<maswan> if you have a multi-user system where you need them, you know much better what kind of limits you need
<neuralis> it seems strange that we ship a system that's susceptible to a forkbomb out of the box.
<fabbione> neuralis: i can give you a 20 lines C program that no matter what limits you put there it will kill your machine...
<neuralis> right, but an nproc limit is low-hanging fruit. i don't feel too strongly about it, but i do think we should ship one.
<maswan> hmm.. I think the only one we enforce is a 3 hour soft cputime limit on our multiuser machines
<maswan> and that's mostly because people forget looping processes
<maswan> neuralis: what should it be then? would a limit on 100k be useful?
<fabbione> neuralis: i think who really needs limits should set them up as it fits better for them
<maswan> neuralis: because below that I see it conflicting with real use
<neuralis> maswan: your users run 100k processes in parallel?
<maswan> neuralis: apache might
<neuralis> very unlikely, and that's a special case.
<neuralis> in any case, i'll consider throwing it into a spec for dapper+1, and we can get some other feedback.
<neuralis> fabbione: send me your 20-line C program. there are any number of ways i can think of to bring down a machine, but i'd love to see yours. :)
<fabbione> neuralis: just do a while loop with open(filefoo); close(fd);
<fabbione> make sure you open and close
<fabbione> a perfectly legal operation that will not hit limits at all
<fabbione> 1 file open
<fabbione> you will see your machine crashing in a few seconds.. depending on the RAM
<fabbione> do not sleep in the middle.. no need to do any operations in the loop
<fabbione> just open/close :)
<TMM> hi!
<TMM> to repost my question on -devel:
<TMM> what would me the chances of getting iscsi support into the -server kernel before dapper releases? slim? extremely small? near-zero? :) it pretty much doesn't touch any files, it just adds a couple
<mkrufky> zero -- dapper kernel is in code freeze
<TMM> crud...
<TMM> I only just noticed that it's missing
<mkrufky> TMM: they are only doing bug fixes
<mkrufky> TMM: try #ubuntu-kernel
<TMM> hahaha, ok :)
<mkrufky> TMM: maybe they can help you
* TMM joins the 3rd channel
<mkrufky> ;-)
<TMM> but, thanks mkrufky :)
<mkrufky> TMM: i try
<mkrufky> TMM: you shouldnt be afraid to compile your own kernel
<mkrufky> TMM: the ubuntu guys frown on it, though
<TMM> ow, I'm not, it's just that our customers won't like it very much
<mkrufky> TMM: you will lose ubuntu tech support
<mkrufky> gotcha
<TMM> they *really* won't like that
<mkrufky> well, you can always provide a package for them
<TMM> not having iscsi support is going to be a huge problem
<TMM> not only for me, but for others, and I am a fucking retard that I didn't check
<TMM> earlier
<TMM> I noteced it was missing from breezy as well, and never bothered to check dapper, until today, I was sort of assuming it would be there
<mkrufky> TMM:  here is a GREAT howto for building .deb kernel-pachages
<mkrufky> http://www.us.debian.org/releases/stable/i386/ch08s05.html.en#id2530099
<TMM> I really don't want to put any more sles boxes
<mkrufky> if i were you, I would build a kernel package, and host it in your own apt repo for your customers
<TMM> mkrufky: I know how to do all that, but then I would have to track security. and prompty recompile
<mkrufky> TMM: but, this DOES violate your support
<mkrufky> yup :-(
<TMM> I know, and I don't want that
<mkrufky> ok
* mkrufky just trying to share the knowledge
<TMM> also, our company is looking to become ubuntu support reseller... would be a pretty stupid move
<mkrufky> well, then.... your company may have some pull
<TMM> meh, doubtful
<TMM> we aren't yet
<TMM> I am just too late probably
<TMM> I am a fucking moron :)
<mkrufky> :-(
<TMM> trying to push ubuntu in the company I work for, and forgetting to implement something as critical as this...
<ajmitch> TMM: we're not at kernel freeze yet, so there still might be a chance
<TMM> that would be awesome... just tell me what I need to do :)
<Fujitsu> More than a month until kernel freeze.
<TMM> I'll do anything
<Fujitsu> It is quite possible that you could get it in, as there is a focus on servers this time around.
<Fujitsu> May 18.
<ajmitch> TMM: filed a bug in malone asking for it?
<TMM> I've got big hardware to test all of this crap on, I got 3 different types of iscsi sans to test from, got amd64 box too
<ajmitch> talked to the guys in #ubuntu-kernel?
<TMM> ajmitch: I just asked, there doesn't seem to be anyone home yet
<TMM> ajmitch: and I haven't asked on malone yet...
<TMM> having iscsi support would mean that I can stop putting crappy sles9 boxes in places where vmware needs to run for instance
<TMM> with rhcs now in dapper, I think it is strange that it isn't in actually :)
<TMM> rhcs is pretty darn cool
<TMM> I implemented a 6 node cluster on redhat as4 for a customer :)
<TMM> neat hardware too
<TMM> I felt like a kid in a candystore
<TMM> :)
<TMM> ajmitch: what would I need to do? put it in malone? I don't necceceraly want to request it as a feature, more like 'permission' or something, I don't like asking others to do "my" work :)
<TMM> ajmitch: plus, there is also the matter of the user-space utilities that would have to go into main/ then I suppose... that's probably a tad nastier
<TMM> I really need to go sleep now, early day tomorrow...
<TMM> ajmitch: could you please email me at hein-pieter.van.braam@ictivity.nl if you can help me with some information, please? :) I would really like to have this in dapper
<TMM> bye now
#ubuntu-server 2006-03-22
<Mooby> '
<J_P> hi all
#ubuntu-server 2006-03-23
<hunger>  /join #kubuntu-devel
#ubuntu-server 2006-03-25
<neuralis> fabbione: ping
<fabbione> neuralis: pong
<neuralis> i had a quick question about the server kernel; we're shipping that with HZ=100, right?
<fabbione> yes we should
<neuralis> what's the rationale? i seem to recall there being a ton of synchronization troubles on SMP machines running at HZ=100, no?
<fabbione> i am not 100% sure
<fabbione> it's something related to the scheduler
<fabbione> you better ask BenC directly
<fabbione> my memory starts to fall apart..
<neuralis> okay, will do
<neuralis> i'm about to send in the server chapter for the book in a few hours
<neuralis> let me know if you'd like the editor to send you a copy for comments
<fabbione> i really have no time for it
<fabbione> go ahead
<fabbione> i am confident in what you do
<neuralis> thanks, fabio. okay, i'm going to go finish things up. cheers!
<hunger> Lure: The parser for /etc/network/interfaces is bogus!
<hunger> Lure: It accepts the interface lines if "inet dhcp" is on a different line from "iface eth0"!
<hunger> Lure: ... which unfortunately is not valid in ifup/down.
<hunger> Oh, sorry... wrong channel again.
<juuva> would it be possible to update asterisk packages to repositoryes?
<juuva> current version in repository is Filename: pool/universe/a/asterisk/asterisk_1.0.9.dfsg-1_i386.deb
<juuva> and development goes currently somewhere in 1.2.4 which is stable
<fabbione> juuva: you are asking in the wrong chan
<fabbione> that's universe -> #ubuntu-motu
<juuva> thanks :)
<juuva> didn't know about that
<thefish> what changes are planned for the dapper release of server? I searched but couldnt find anything solid. Is it best to wait for this release than install 5.10?
<thefish> from what I could see, 5.10 server release would only have 18 months of support, same as desktop, but 6.04(6.06?) will have 5 years, is this true?
<neuralis> thefish: yes, that's correct.
<thefish> neuralis: thank you, i will wait then
<mad_phoenix> since Debian generally splits apache's httpd.conf into many different files, what would be the appropriate place for php_flag and php_value configuration options?
<thefish> mad_phoenix: not sure if you can do it per site
<thefish> but i guess you would just edit /etc/php[4|5] /apache2/php.ini depending on your setup
<Bigredman74> Hello all. I need some quick help with a server question.
<Bigredman74> We currently have cable internet in our office and we want the server to share this connection.
<Bigredman74> We currently have a windows work group set up for print sharing.
<Bigredman74> And we connect via a router that's connected to the cable modem.
<Bigredman74> The question, where should the server be located? Connected to the rounter, or should the router be connected the server?
<hunger> Bigredman74: ?
<Bigredman74> The server will be used a web server for select employees.
<hunger> Bigredman74: Is that server for internet users to use or internal only?
<Bigredman74> We have three locations, and we want to use the server to store and share large files and graphics.
<juuva> server should be connected to router which has accesslist to allow connection from selected networks
<hunger> Yes, or you could have the router connect to the other sites in a VPN.
<hunger> Bigredman74: In both cases you should connect the server just like the others to the router.
<hunger> Bigredman74: I'd never put a server that is used for internal stuff in front of the router (which probably does some packet filtering).
<Bigredman74> So attaching the web server behind the router will allow any one typing in the server's IP to acces it?
<juuva> if router allows access to it
<hunger> Bigredman74: Depends on how your router is configured.
<Bigredman74> Okay, I've looked at the router and I think I know where to configure this.
<hunger> Bigredman74: Usually you only have one IP address that is visible on the internet.
<hunger> Bigredman74: That is used by the router. It "hides" all the local machines behind that address.
<Bigredman74> Yes, when I type in the IP address, currently the router login pops up.
<hunger> Bigredman74: From the internet?!?!
<hunger> Bigredman74: You should turn that off!
<juuva> that's kind of bad thing to happen..
<Bigredman74> Yes, I'm assuming there's a setting somewhere in the router to forward it to the router.
<Bigredman74> Uh oh.
<hunger> Bigredman74: You should only be able to access the router from the local net or someone somewhere might get funny ideas.
<juuva> routers should not be allowed to configure from internet, usually password protection used on them is quite weak
<hunger> Bigredman74: Anyway: You can usually configure the router to pass on packets arriving on the internet for a certain port.
<hunger> Bigredman74: That way you can forward the packets to some machine in the LAN.
<Bigredman74> Ok, I'm going to take another look at that router right now.
<juuva> DMZ would propably be keyword
<hunger> Bigredman74: I wouldn't run sensitive internal services (i.e. printing) on a machine accessible from the outside though.
<hunger> Bigredman74: I'd use either a VPN between the sites (that way they become a virtual LAN where everyone has access to all machines), thus making the "server" obsolete.
<hunger> Bigredman74: Or put the server in a DMZ (if the router supports that) or at least on a separate system with all kinds of hardening.
<juuva> or simply limiting access to only needed services from internet
<Bigredman74> Thanks for advice. This is one the great things about the Ubuntu community. People like you guys taking the time and having the patience to help n00bs like me. Thanks again.
<hunger> Bigredman74: You are welcome.
<asw> fabbione : ping
* asw waves to all.   Are there ISO images of the release candidate for "Ubuntu Server Edition" (on AMD64). 
#ubuntu-server 2006-03-26
<Stinkydave> Has anyone set up a print server for a mac lab that authenticates to active directory????
* asw waves to fabbione 
<asw> found CD images here: http://cdimage.ubuntu.com/ubuntu-server/daily/current/
<Drac[Server] > Going offline temporarily to install a hub.
#ubuntu-server 2007-03-21
* Starting logfile irclogs/ubuntu-server.log
* genii sips an extra-large coffee and ponders
<genii> Any good online docs for Freeradius/Postgre/Postfix setup? I am migrating some ancient FreeBSD servers over
<nospi> hey
<genii> hi
<nospi> i want to make a site in php, i've just moved from windows to linux
<nospi> what are some good graphical editors?
<genii> Well, php is the same no matter the platform
<nospi> yeah
<genii> Are you using KDE?
<nospi> gnome
<nospi> but i have the KDE desktop
<nospi> its annoying me though, since i got it i can't change my login window preferences
<genii> Well, thats another issue :) But if you have KDE lots of ppl use kdevelop for general development 
<nospi> genii, yeah, i've got that
<nospi> genii, you don't know how to fix that login thing do you?
<genii> what, you can't choose to use gniome or kde from the login screen?
<nospi> genii, i like gnome better, so i use it
<nospi> genii, once i've logged in though, i go to System, Administration, Login Window Preferences
<nospi> genii, it asks for a password, says in the taskbar that it's Starting admin blah ...
<nospi> then it doesn't open
<nospi> disappears from the task bar
<genii> bleh...no clue
<nospi> damn
<nospi> the gnome splash screen and login thing is really annoying me
<nospi> i found a really cool login theme thingy and i can't use it 
<genii> you may want to ask in the general #ubuntu cvhannel, someone will likely know 
<nospi> i have, a few times
<nospi> might have been a bad time though
<nospi> how should i phrase it? it's a long question
<genii> something like: my "Login Window Preferences" window fails to open
<nospi> genii, that's a good one, thanks :p
<genii> :)
<nospi> no luck yet ;(
<nospi> can anyone help me install phpmyadmin and mysql?
<nospi> i have apache installed already, and php is working
<genii> http://ubuntuforums.org/showthread.php?t=114129
<nospi> genii, thanks
<genii> np
<nospi> hmm
<nospi> all of that is done
<nospi> but http://localhost/phpMyAdmin gives an error
<nospi> genii, Cannot load mysql extension. Please check your PHP configuration. - Documentation
<genii> you may need a package like phpmysql or so
<nospi> genii, oh right
<nospi> genii, nope. got it
<nospi> php-mysql
<nospi> maybe mysql isn't configured
<genii> Quite possible :)
<nospi> damn
<nospi> better google for a setup guide then...
<genii> You may want to do a restart of apache: eg    sudo /etc/init.d/apache2 restart    then try again
<genii> it keeps data from previous setup usually
<nospi> genii, ok
<nospi> how do i do this?
<nospi> Use the --with-mysql[=DIR]  
<nospi> sorry, im very new to linux
<genii> Usually that is the dir which the databases go by default. Normally something like /usr/var/mysql   or /var/mysql     but you may want to see whats in those dirs first
<nospi> but what do i run that configure option with? i don't know where phpmyadmin is installed, so i don't know where to run it from
<nospi> brb
<nospi> gotta go eat dinner
<nospi> hungry :p
<genii> If you put some url like http://localhost/phpmyadmin/   you may get some clue
<nospi> genii, bah, still not working. i'm following a few guides, i'll keep looking
<genii> OK. I'm to and from keyboard a lot
<nospi> i only just got back myself
<nospi> i asked on the ubuntu chat
<nospi> more people in there might know
<nospi> but i doubt it will help
<genii> Hmm, perhaps try http://www.inorp.com/blog/2007/01/22/ubuntu-php5-mysql-apache2-installation-order/
<nospi> thanks
<nospi> genii, ahh, that looks like that i needed
<nospi> i'll try that 
<genii> keep me posted :)
<nospi> genii, will do
<nospi> genii, yay!
<nospi> genii, i fixed it
<genii> Cool :)
<nospi> genii, i hadn't installed libapache2-mod-php5 because i didnt know i needed it
<nospi> genii, i had php4 installed too
<genii> Well, glad to see all is well then
<nospi> genii, thanks for your help :)
<genii> Glad to assist
<nospi> how do i copy a whole dir?
<nospi> cp ?
<genii> cp -R
<nospi> ahh, thanks :)
<genii> :)
<nospi> goddammit. one more question :p how do i delete a dir that is not empty without having to delete all the files in it?
<nospi> i did man rmdir
<nospi> but the --ignore-fail-on-empty didn't work :(
<nospi> nevermind :p
<nospi> anyone here know how to configure PHP-Fusion?
<nospi> i get a blank page after i have entered the db details
<genii> Are you running some ISP?
<nospi> genii, ?
<nospi> genii, just a home server
<genii> Ah, Ok
<nospi> genii, it displays the logo
<nospi> but nothing else
<nospi> and it's changing the info in config.php
<nospi> bah
<nospi> this used to be sooo easy
<genii> Did you just straight untar it or so into some dir?
<nospi> it's a zip file, it's in /var/www/php-fusion/php-files 
<nospi> unzipped
<nospi> i can get to the setup page
<genii> Check permissions
<nospi> yeah, permissions are fine
<nospi> it says Permissions check passed, complete the following and click next
<genii> Did you have a db premade ?
<nospi> i fill it out, click next and i get a blank page with just a php-fusion logo
<nospi> yeah
<genii> what user did you say to connect as?
<nospi> nospi
<nospi> has full permissions, both MySQL and phpMyAdmin
<genii> Dis you create that user previously on mysql?
<genii> Ah, OK
<nospi> doesn't work as root either
<genii> well, it shouldn't by default
<genii> try mysql as user for a test
<genii> Also, was there some .sql file you may need to create initial entries?
<nospi> no
<nospi> what do you mean, try mysql as user?
<nospi> i've never had to do this before
<nospi> i always used wamp, which was pre-configured for windows
<genii> I mean instead of root or nospci put the username as mysql    the default password should either be nothing or "mysql" (no quotes)
<nospi> oh right
<nospi> i'll try that
<nospi> is doesn't matter what i use, it still gives me that blank page :(
<genii> bleh :( Well, I just got a phonecall so must leave
<genii> good luck
<nospi> thanks :)
<nospi> bye
<genii> bye
<nospi> hey
<nospi> can one of you guys please test my site?
<nospi> http://www.nospi.co.nr
<mralphabet> I get a file listing
<mralphabet> looks like you don't have php turned on
<nospi> mralphabet, file listing? index.htm, content.php and nav.htm?
<nospi> yeah no, php is working
<nospi> i'll rename it index.html
<nospi> thats fine though, it's really only for private use at the moment
<nospi> web proxy for school :p
<nospi> all the good ones are blocked
<nospi> try again now
<mralphabet> content.php index.htm
<mralphabet> index of shorty
<mralphabet> sorry, saw index.htm and my brain read index.php
<mralphabet> sec
<nospi> oh lol ok
<nospi> it was .htm before, i think it's working now, as .html
<mralphabet> "where do you want to go" blah blah blah
<nospi> yep :)
<nospi> thats the one
<nospi> thanks :)
<mralphabet> np
<nospi> i couldnt test the .co.nr one cos it's hosted on my computer
<mralphabet> ya
<nospi> well, better be off to bed
<nospi> school tomorrow ;(
<mralphabet> later
<nospi> bye 
<lwizardl> Hi
<ivoks> hi
<lwizardl> what can i use to make a complete backup of my linux filesystem that I can also restore it later if needed?
<ivoks> mondo
<lwizardl> ok, say I messed up my server somehow and wanted to restore it back to where I had everything working would I just boot a linux livecd nd then restore the mondo backup?
<lwizardl> *and
<ivoks> mondo creates bootable CD
<lwizardl> oh perfect
<lwizardl> thank you ivoks 
<shwag> anyone know how to fix fcgi timeouts with an apache virtual host?
<shawarma> apache does fcgi?
<shawarma> Oh.. multiverse.. :-)
#ubuntu-server 2007-03-22
* Starting logfile irclogs/ubuntu-server.log
<nospi> hey
<nospi> what's the bext linux smtp server?
<\sh> postfix ;)
<nospi> thanks
<\sh> nospi: but that's only my opinion...some people like sendmail or exim or qmail...depending what experience they have..so you have to decide for yourself :)
<nospi> what's easier?
<nospi> sendmail?
<nospi> im usin php-fusion, just need it for my website
<nospi> ahh no actaully i need smtp for me email spoofer
<nospi> so i don't have to do it manually
<\sh> nospi: as I said, depending on the experience...read the documentation of postfix, and it's easy, learn m4 and sendmail is easy ;)
<ajmitch> learning m4 is the hard part
<ajmitch> & all the various tweaks for sendmail
* ajmitch just uses exim
<\sh> ajmitch: thinking of the past, when sendmail was the leader of the pack,-)
<mralphab1t> nospi: postfix or qmail are far easier to pick up then sendmail
<nospi> mralphab1t, postfix is confusing
<nospi> i think i actually have sendmail working out of the box
<nospi> im sending spoof emails to my gmail account with it
<shawarma> Maybe we should create a channel where server related support questions are actually ontopic..
<shawarma> Well, actually we should probably move development discussion elsewhere. You know: principle of least surprise.
<ivoks> well... i would suggest moving development to ubuntu-devel
<ivoks> since, there is a low traffic about ubuntu-server development
<shawarma> That's also an option. It's not like there's a lot of development discussion going on here anyway.
<ivoks> right, and #ubuntu is not good place for support for ubuntu-server
<shawarma> Definitely not.
<shawarma> I don't blame people for coming here asking support questions. I totally understand it.
<shawarma> Is there a u-s mailing list? lists.ubuntu.com says no, but "/msg chanserv info #ubuntu-server" suggests otherwise.
<ivoks> even better, support for ubuntu-server should be professional :D
<shawarma> We could start charging an entry fee.
<shawarma> :-)
<mralphabet> !
<shawarma> that's odd. http://lists.ubuntu.com/ doesn't list it, but https://lists.ubuntu.com/mailman/listinfo/ubuntu-server exists
<shawarma> fabbione: You're listed as the owner.. Why is it hidden?
<ivoks> to avoid support questions? :)
<shawarma> Possibly.
<shawarma> But how to get the proper people to join, then?
<ivoks> ubuntu-server needs marketing :)
<shawarma> Sure does.
<ivoks> hm... plans for next LTS?
<ivoks> LTS should have Roadmap
<ivoks> imho
<ivoks> i was thinking about disccusing this on mailing list
<ivoks> there is a problem with ubunntu-server :/
<ivoks> dapper, of course
<shawarma> which is?
<ivoks> latest dapper kernel supports more hardware than installer kernel
<ivoks> and new MBs come with newer Intel gigabit cards
<ivoks> we should update couple of drivers in kernel
<shawarma> Ah, that's one of the purposes of the point releases, isn't it? To fix this?
<ivoks> like e1000, 3w-9xxx, etc...
<ivoks> yes, so we should have a roadmap
<shawarma> There was a spec about this for Edgy, I think. Don't remember what happened to it.
<ivoks> so we could know when is next .2
<shawarma> ivoks: Oh, I thought you meant a roadmap for the next LTS as in Feisty+2 or whatever it's going to be.
<ivoks> shawarma: next LTS is far away
<ivoks> we should act on 6.06
<shawarma> Definitely.
<shawarma> That makes much more sense.
<ivoks> i've sent patch for 3w-9xxx
<shawarma> I don't think the next LTS release is *that* far away. It's not going to be 5 years. There's bound to be some overlap.
<ivoks> but we should have some way of updating all modules
<shawarma> ivoks: Yes. I'll see if I can find that spec.
<ivoks> shawarma: imho, it should go out every 2-2,5 years
<shawarma> ivoks: Agreed.
<shawarma> ivoks: Hence, feisty+2. :-)
<ivoks> right
<ivoks> but, i'm installing 2-3 ubuntu servers every month
<shawarma> ivoks: https://blueprints.beta.launchpad.net/ubuntu/+spec/driver-backports
<ivoks> Restricted Launchpad test site
<ivoks> huh?
<shawarma> Ah, remove the beta part. Sorry.
<ivoks> right
<shawarma> I thought they fixed that.. Oh, well.
<ivoks> that's it... almost :/
<ivoks> this is for desktop
<ivoks> ups... not :)
<shawarma> ..though it does not mention the installer in any way.
<ivoks> https://wiki.ubuntu.com/Ubiquity/DriverBackports
<ivoks> yes, but we have a situation where installer kernel doesn't support IDE controler, and latest kernel in release supports it
<shawarma> Yes, that's not good enough.
<ivoks> of course, there is hardware unsupported both in installer and latest kernel
<shawarma> Oh!
<shawarma> https://features.launchpad.net/distros/ubuntu/+spec/ubiquity-driver-updates
<ivoks> but that's for ubiquity :)
<ivoks> we need this for d-i
<shawarma> True. I don't know how they implemented it.
<shawarma> Maybe it's easily transferable.
<ivoks> it's already possible to include driver in d-i, from floppy
<fabbione> shawarma: no idea.. i will look at it after lunch
<ivoks> but once you upgrade kernel...
<ivoks> :/
<shawarma> "Installations using d-i are not handled by this process, so no .udeb packages need to be provided by vendors."
<shawarma> Darn.
<ivoks> what would be great if we could have someting like /lib/modules/isv
<ivoks> and /lib/modules/2.6.15-2x-server/ would somehow include it
<ivoks> and, when one installs ubuntu lts to new hardware
<ivoks> inserts floppy, which containes modules
<ivoks> those modules are saved in /lib/modules/isv
<ivoks> and every time you upgrade to new kernel, you have those modules
<ivoks> that could be done with ln :)
<fabbione> so ok..
<fabbione> i am logged in the admin interface
<fabbione> does anybody know how to uncloack the list?
<shawarma> Yes. 
<shawarma> 2 sec.
<fabbione> should appear now i think
<shawarma> Under "restrictions"
<fabbione> it's already there
<shawarma> Oh. Yes, it's there now.
<fabbione> ok
<fabbione> so i need people that can moderate the list
<fabbione> any volunteer?
<fabbione> there is an endless backlog
<shawarma> Oh, it's moderated?
<fabbione> yes like any other mailing list
<fabbione> or almost
<ivoks> just drop anything that doesn't come from non-member :)
<shawarma> How many posts a day? Roughly.
<ivoks> shawarma: 0 :)
<fabbione> dunno..
<shawarma> How many in the backlog right now?
<fabbione> ivoks: who is a member can just post freely
<fabbione> no idea?
<ivoks> fabbione: right, i know
<shawarma> if it's no more than 10-15 posts a day, I can do it.
<fabbione> shawarma: i don't even think there are that many
<shawarma> fabbione: Cool. Sign me up.
<fabbione> shawarma: ok.. i need to know with what email are you signed there
<shawarma> sh@linux2go.dk
<fabbione> ok....
<fabbione> i guess it's enough i tick the mod check box to make you a moderator, right?
<fabbione> hmm no
<shawarma> no?
<fabbione> ah here it is
<shawarma> Heh... I think I've gone through the first 100 messages or so and if I had a nickle for each legitimate mail in that backlog so far... I'd have a nickle. :-)
<ivoks> :)
<shawarma> 693 e-mails in the backlog. 3 were non-spam, one of those was wildly off-topic.
<shawarma> phew.
<ivoks> :)
* Starting logfile irclogs/ubuntu-server.log
#ubuntu-server 2007-03-23
<nospi> anyone know how to setup a php web proxy so i can get to blocked sites from school?
<nospi> brb
<jhutchins> I have a client who has asked about having webmin on his server.  Are there sane, supported alternatives for ubuntu?
<ivoks> oh no, not webmin again :)
<ivoks> run, hide! :D
<mralphabet> last I saw, there was "something more secure being developed"
<ivoks> jhutchins: what does he needs webmin for?
<ivoks> need
<jhutchins> Wants a GUI to configure domains for the mailserver; it will be distributing a mailing list.
<jhutchins> Or rather several for several clients.  He plans to use phplist
<jhutchins> http://phplist.com
<ivoks> um... what's wrong with mailman?
<jhutchins> I ain't arguin' with him, I'm just doin' what he asks.
<ivoks> :)
<ivoks> then download webmin and set it up
<jhutchins> !webmin
<jhutchins> What, no bot?
<jhutchins> <ubotu> webmin is no longer supported in Debian and Ubuntu. Please avoid using it.
<ivoks> it's not supported
<ivoks> but you can set it up
<joe_k> Hi, i just installed ubuntu server 6.10 and i can't apt-get install xfs-tools.... i didn't setup the network on first install, do I need to redo a setup to get network package repos?
<joe_k> Whoops, wrong package name. Thanks anyway!
#ubuntu-server 2007-03-24
<N6REJ> is anyone available to help with a config question?
<N6REJ> I'm trying to setup a "LAN" server that will not be accesible to FROM the outside and I'm unsure of a few config settings
<ivoks> like?
<mralphabet> ivoks: he apparently solved all his problems
<ivoks> :)
<blanky> what package is mysqladmin in I can't find it
<os1ris> can anyone help me with setting up wirless on my new server install 
<os1ris> wif0 is an interface.. just need to know how to set up my encrypting and sutff
#ubuntu-server 2007-03-25
<firecrotch> I need some major help
<deetah> hi guys
<deetah> i've got a problem
<deetah> how to change the language of my server's system?
<ivoks> howdy
<shawarma> back at you
<ivoks> so... what can we do to make ubuntu server even better?
#ubuntu-server 2008-03-17
<BCMM> I'm installing ubuntu server and went with default disk configuration. why are there three partition on the disk?
<timboy> soren, i've got tls running on postfix but ssl isn't. aren't they pretty much the same thing? do you recommend ssl over tls?
<michalski> how do you run an OpenPGP keyserver....
<BCMM> oops misunderstood fdisk
<timboy> yeah it just looks like it at first
<ScottK2> timboy: TLS is a newever version of SSL.
<timboy> ScottK, thx
<BCMM> what should i do about "Error 17: Cannot mount selected partition"
<BCMM> the live cd can read it
<soneil> any docs on tracking down a kernel panic?   I get nothing logged, and no cores, so all I've got to work with is a photo of the terminal noise
<BCMM> i mean the install cd
<BCMM> were you in X or at a terminal?
<BCMM> it you're at a terminal it should give you some info which could even tell you which driver did it
<soneil> terminal .. linux-xen in hardy is messy enough that I can't get as far as raising X
<soneil> (for me, atleast)
<BCMM> hmmm, normally when you are a terminal and it panics, you get a page of cryptic information...
<soneil> yeah, I have a photo of that page.  just nothing that makes good google-fodder
<soneil> it doesn't help that I'm on a mac laptop, so I can't pause, scroll, etc
<BCMM> ah... nothing that would suggest which module caused it?
<BCMM> can't really help then...
<BCMM> i've had panics which made it very clear that my wireless driver did it
<soneil> not a great source of debug, but what I did get is http://farm3.static.flickr.com/2083/2336356800_7013535f96.jpg?v=0
<soneil> which all looks like page/memory faults to me, but every test I've tried works out okay
<soneil> right now, all I'm really looking for is a way to create better logs / dumps / cores of the situation.  I know working from a screengrab isn't exactly optimal
<soneil> scrolling back .. which partitions were created?   I'm used to default creating root + swap
<BCMM> oh i was wrong about my partitions
<BCMM> however. now it won't boot
<BCMM> i can use hte rescue feature of hte live cd to access the drive fine
<BCMM> but grub won't mount root
<BCMM> oh nm it had them in the wrong order
<infinity> Anyone have a recommendation for the most simple "just works" IMAP daemon that can read maildir?
<sommer> infinity: dovecot works great
<sommer> some minor configuration required though
<michalski> so does anyone know how to run your own openpgp keyserver?
<timboy> what should I choose for authentication methods and why? i'm using tls and under authentication methods have plain-text selected should I change that?
<dthacker> michalski: I have not done that, however this link looks promising.  You will most likely need to do a bit of research. www.jcacademy.nl/spottedByTHTI/_down/sthuy_article_pgpkeyserver.PDF -
<michalski> thank you
<michalski> yay....its long
<dthacker> This is a quick attempt to get mrtg going.  I'm pasting the error message and two config files.  This is a gutsy install. http://paste.ubuntu.com/5752/
<dthacker> hmmm. it seems to be working.  just needed data I guess.
<BCMM> i did sudo apt-get install lm-sensors, and it asked me for the CD
<BCMM> however, i'm not at the machine
<BCMM> is there a way to make it use the network for future package installation?
<ScottK2> BCMM: Comment the CD out of the /etc/apt/sources.list
<BCMM> ScottK, thanks
<BCMM> that worked thanks
<RoAkSoAx> hello, does anyone knows if there are any dependencies error in Ubuntu Fiesty Fawn mysql package?
<ScottK2> RoAkSoAx: Feisty has been out long enought that if there were, there are probably bug reports.
<ScottK2> If there aren't it's reasonably safe to assume there aren't
<RoAkSoAx> ScottK2: i see, im trying to install mysql and i get this error, it is on a VPS: http://paste.ubuntu-nl.org/59889/
<ScottK2> That's not a dependency error, that's the postinst failing.
<ScottK2> It's difficult to tell why.
<RoAkSoAx> ok thanks, i had to download the package manually for i386, because the package it downloaded was for all archs.
<ScottK2> RoAkSoAx: What makes you think all doesn't include i386
<RoAkSoAx> ScottK2: i know all works for all archs but that package shows me the error during installation while the package for i386 arch does not.
<ScottK2> What did the package management system provide you and what did you decide you should install instead?
<RoAkSoAx> it provided me this one: mysql-server_5.0.38-0ubuntu1.2_all.deb
<RoAkSoAx> i download this one: mysql-server-5.0_5.0.38-0ubuntu1.2_i386.deb
<ScottK2> All the 'all' package does is depend on the latest arch specific package.  It shouldn't have made a difference.
<ScottK2> If you've got the arch specific one installed now, then you've got what you need.
<RoAkSoAx> ScottK: well i used apt-get to install it and that is what happened, so i downloaded the other package manually and it installs
<ScottK2> RoAkSoAx: OK.  That's odd.  All's well that ends well I guess.
<RoAkSoAx> ScottK2: i guess so, but well i've tried changing archive and the same thing
<RoAkSoAx> seems to be aproblem with the pkg
<ScottK2> RoAkSoAx: Would you please file a bug on that then.
<nxvl> ScottK2: the problem was his mysql.conf file
<nxvl> ScottK2: already fixed
<nxvl> ScottK2: postinst was faling on starting the service due a broken mysql.con
<nxvl> conf*
<RoAkSoAx> nxvl: know i have a similar problem with proftpd :S
<RoAkSoAx> nxvl: http://paste.ubuntu-nl.org/59897/
<ScottK2> nxvl: Thanks.
<nxvl> ScottK2: btw, now that there is no ubuntuwire, is there any other app showing the FTBFS bugs?
<ScottK2> nxvl: I think they've got it running somewhere else.  Ask in #ubuntuwire
<nxvl> ScottK2: thnx
<DrIP> hi is anyone active here?
<kgoetz> !anyone
<ubotu> A large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out?
<DrIP> lol ok...
<DrIP> i need to make my ubuntu install into a wireless router...
<DrIP> my internet is my wireless, and i need to make my wired available to my other systems
<kgoetz> DrIP: any guide to turning a system into a router/gateway is what your after
<DrIP> ok
<stiv2k_> is there any reason why the mediawiki1.10 package puts files in /usr/lib/mediawiki1.10 and /usr/share/mediawiki1.10 and they are all like symlinked to eachother
<stiv2k_> wtf is up with this?
<kgoetz> theres probbaly a reason, but i dont know it.
<stiv2k_> i have my own version of mediawiki installed without the package manager
<stiv2k_> and all of those files are in ONE directory
<kgoetz> bcause you installed from tarball
<stiv2k_> right
<kgoetz> debian policy will requir certain files in certain places, which i expct is why theres a symlinkk farm
<stiv2k_> im just saying, it seems to unreasonably complicate things
<kgoetz> would be nice if there was less symlinks, but files would have to be certain places for policy reasons
<stiv2k_> i want to transfer my custom installation into the debian installation and im afraid of overwriting the symlinks and fucking things up
<kgoetz> if yours is one dir, you shouldnt have a probem surely
<kgoetz> bbs
<stiv2k_> dont just leave me with that!
<kgoetz> back
<kgoetz> stiv2k_: whats up? :)
<Jeeves_> root@unknown # time mkfile -v 10g testje.img
<Jeeves_> real    0m17.416s
<_ruben> damn :p
<soren> mkfile?
<Jeeves_> soren: Solaris
<soren> Ah.
<kgoetz> Jeeves_: root@unknown - deja vu
<Jeeves_> kgoetz: :)
<Jeeves_> That's another one!
<kgoetz> :)
<Jeeves_> Got it booted yet?
<kgoetz> Jeeves_: work T1k? or yours?
<Jeeves_> Mine
<kgoetz> no, i havent had time yet
<kgoetz> i'll be back inn "a while" - i'mm catching up on some sleep. then i may catch up on my SC> skills :D
<soren> Jeeves_: What exactly does mkfile do?
<Jeeves_> soren: Not sure
<soren> Jeeves_: Never mind, found a man page.
<Jeeves_> soren: It's not the best way to test speed, I know that much
<soren> Jeeves_: So you have a storage system that does 600MB/s?
<Jeeves_> soren: A Sun Fire X4500
<Jeeves_> 48X 250GB SATA
<Jeeves_> Using zfs
<Jeeves_> I'm (or we, but it's my pet-project) going to run the Hardy release for .nl on one X4500 and two T1000's
<soren> I'm afraid I have yet to drink the ZFS cool-aid. Hence, I'm not going to subscribe to the belief that using zfs can somehow magically boost I/O performance by > 500% :)
<soren> Er... Sorry.
<soren> *cough*
<soren> 48 258GB drives?
<soren> Er, 250GB drives.
<Jeeves_> soren: Yes
<Jeeves_> http://gallery.bit.nl/main.php?g2_itemId=29482
 * soren drools uncontrollably
<Jeeves_> ;)
<Jeeves_> soren: sales@sun.com, you might even get a extra discount because canonical and sun are friends :)
<soren> :(
<Jeeves_> Hmm?
<Jeeves_> It's not that expensive
<Jeeves_> 20.000 EUR or so
<soren> I think I'm going to have a hard time justifying that sort of expense. :)
<Jeeves_> soren: Try and Buy :)
<Jeeves_> You can try it for free, for 60-90 days
<Jeeves_> And than, when you're done drooling, you send it back :)
<soren> Hm... Tempting :)
<_ruben> wonder if they'd accept it back when its covered with drool :p
<Jeeves_> _ruben: :)
<kgoetz> _ruben: as long as its in the box they sent it in, should be ok ;)
<kgoetz> only 48 drives though? soft :P
<kgoetz> try 128 ;) (running a properietary fs :( )
<Jeeves_> kgoetz: In a 4U box
<Jeeves_> 48TB storage, in 4U...
<kraut> moin
<kgoetz> Jeeves_: is that one of the 'drop in from the top' arangements?
<kgoetz> kraut: hey
<kraut> hi kgoetz
<Jeeves_> kgoetz: Hmm?
<kgoetz> Jeeves_: is it one of the boxes with hdds that drop in from the top?
<Jeeves_> kgoetz: Yes
<kgoetz> i love that idea :D
<Jeeves_> :)
<kgoetz> :)
<aurax> has anyone tried running a binary made by installjammer on ubuntu 7.10-server ?
<aurax> i run the binary file in shell and nothing happens.
<Jeeves_> https://lists.ubuntu.com/archives/ubuntu-devel-announce/2008-March/000400.html
<Jeeves_> Hmmm
<henkjan> badluck, no sparc release for 8.04 :(
<kgoetz> :O
<kgoetz> thats quite a blow for anyone who wants to use ubuntu on stable hardware
<henkjan> badluck for Jeeves_ playing with his T1000's
<kgoetz> bugger Jeeves_ , what about pschulz01 and me? :P
<Jeeves_> kgoetz: Hmm?
<Jeeves_> Ow, the release will run on gutsy :)
<Jeeves_> Too bad though that Canonical and Sun will not support eachother in Hardy
<kgoetz> seems a little silly - only 12 months support
<kgoetz> and theres not another lts for 18-24 months
<Jeeves_> Indeed
<Jeeves_> Anyways, luch
<Jeeves_> +n
<kgoetz> later
<nijaba> Jeeves_: wait and see, we could announce stuff with sun on x86...
<kgoetz> x86 sun != sun
<nijaba> right
<kgoetz> sigh. and my amd64 just crashed. *heh*.
<zul> morning
<faulkes-> heh
<faulkes-> morning zul
<kgoetz> morning
<kgoetz> yay for internet time
<faulkes-> nijaba: nice msg to -doc
 * faulkes- agrees
<nijaba> thanks
<jester45> im not sure if this is considered general but, i have a server with 2 connections to the internet (2 gateway dsl modems) and im wondering if there is a way to load balance them or route between them on a port basis (ie :80 goes to gateA :21 goes to gateB)
<Jeeves_> jester45: man ip
<nealmcb> nijaba: re: link to server guide from help.ubuntu: no - we must shroud the server edition in mystery so that only the "advanced" initiates will know the true secrets of its magic!
<nealmcb> :-)
<nijaba> :-)
<jester45> i figured i would have to use that.. does it let me have fail over incase 1 line goes down or would i have to change the settings
<faulkes-> neal: with ever increasingly complex rights of passage and secret irc handshakes right?
<nealmcb> nijaba: what do you think about my idea of actually labeling all the server guides with version numbers?  seems to me that it would help with clarity for readers and documentation developers alike
<nealmcb> faulkes-: shh- this is an open channel - do not speak of these things here
<faulkes-> neal: I believe it's a good idea, iirc Sommer is working on something like that
<faulkes-> alot of the confusion I see on the forums stem from two places, 1. people using non-communit/official documentation, 2. people using outdated or different version documentation
<faulkes-> "but I followed what www.xyz.com/randomguy said to do and now my system doesn't work!"
<faulkes-> not saying all offsite stuff is bad, just think people need to look at ubuntu first, then offsite
<faulkes-> a sort of, shall we say, indoctrination of sorts
 * faulkes- whistles innocently
<nealmcb> eek - I just saw more concrete proposals to hide the development version of the server guide via a robots file: https://bugs.edge.launchpad.net/ubuntu-doc/+bug/122297  That would hide good documentation for testers and developers.  I think a site guide would be better
<ubotu> Launchpad bug 122297 in ubuntu-doc "Server Guide draft has higher Google rank than released version" [Medium,Confirmed]
<nijaba> nealmcb: your proposal would make even more sense if we added a link/drop down menu to quickly jump to the other versions.
<nealmcb> see also https://bugs.edge.launchpad.net/ubuntu-doc/+bug/192202 on version numbering
<ubotu> Launchpad bug 192202 in kubuntu-docs "copyright dates not being updated" [Undecided,Fix committed]
<nealmcb> nijaba: yes!
<nealmcb> often, the new additions to the server guide apply to older versions, so hiding it entirely seems counterproductive
<nijaba> nealmcb: sure, but until we had the DRAFT watermark, people were really being confused.
<nijaba> in addition to that, doc.x.com is usually the official doc, not help.x.com
<nealmcb> nijaba: true - the DRAFT helps a lot, but links and version numbers would help also - like the packages site etc
<nijaba> nealmcb: could you draft a proposal for the version numbers and link that we could group to my request regarding the h.u.c landing page?
<nijaba> nealmcb: ask for comments about it on the server ml, then we'll forward to the doc ml once everybody agrees.
<nealmcb> nijaba: if sommer or someone on the doc team can wrangle the files Dean notes at https://bugs.edge.launchpad.net/ubuntu-doc/+bug/192202/comments/4 to do links, versions or site maps, I think it would be better received
<ubotu> Launchpad bug 192202 in kubuntu-docs "copyright dates not being updated" [Undecided,Fix committed]
<ivoks> nealmcb: yes :)
<nijaba> nealmcb: sure....  do you know anyone good with good html/xsl knowledge that could propose a fix?
<nealmcb> nijaba: I started looking at it, but am really hoping sommer knows how :-)
<nijaba> sommer: can you help?
<nxvl> jdstrand: you are taking a look at Bug #202706, didn't you?
<ubotu> Launchpad bug 202706 in mysql-dfsg-5.0 "MySQL 5.0.51: ORDER BY not working with GROUP BY" [High,Fix committed] https://launchpad.net/bugs/202706
<jdstrand> nxvl: I not only took a look at it, I fixed it :)
<nxvl> oh, so its already fixed!
<nxvl> fine
 * nxvl looks for the patch
<jdstrand> nxvl: I didn't attacha debdiff to the patch
<jdstrand> s/patch/bug/
<nxvl> jdstrand: yes i know, but thats why diff.gz exist :D
<jdstrand> nxvl: but it is uploaded and needs to get accepted due to beta freeze
<nxvl> jdstrand: is there any way to look at it now?
 * jdstrand is checking
<jdstrand> nxvl: https://launchpad.net/ubuntu/hardy/+queue?queue_state=3&queue_text=mysql-dfsg-5.0&start=20
<jdstrand> nxvl: oh wait
<jdstrand> nxvl: I think that is the old one
<jdstrand> nxvl: https://launchpad.net/ubuntu/hardy/+queue?queue_state=1&queue_text=mysql-dfsg-5.0
<sommer> nijaba, nealmcb: sure I'm in, what's the question?
<zul> nxvl: yep uploaded this morning
<zul> jdstrand: was on the ball
<nijaba> sommer: we would like to propose a patch for the documentation template so that the version of the doc being looked at is always shown + provide a link to other versions of the doc available
<sommer> for the serverguide or all docs?
<nijaba> server guide is our main concern, but could benefit to all
<nijaba> sommer: nealmcb pointed to https://bugs.edge.launchpad.net/ubuntu-doc/+bug/192202/comments/4
<ubotu> Launchpad bug 192202 in kubuntu-docs "copyright dates not being updated" [Undecided,Fix committed]
<nijaba> the comment list some of the template files
<sommer> ah, I'm with ya... I'll take a look
 * nijaba hugs sommer
<Rayn> anyone with experience setting up ircd-hybrid for client-ssl?
<sommer> nijaba, nealmcb: are you wanting the version numbers on a header at the top of the page, or something similar?
<sommer> I guess I'm not clear on that part
<nijaba> sommer: yep + a menu that links to other versions
<sommer> I see, looks like that will take some hackery, but it should be doable
<nealmcb> sommer: yeah - that's what I was thinking of
<nealmcb> labelling as "hardy draft" with links to other versions is probably the biggest help
<sommer> so you're only talking about doc.u.c?
<sommer> then link that to the help.u.c versions?
<nealmcb> that is the immediate concern
<nealmcb> but I think versions on everything would be appropriate - people probably copy this stuff, etc
<sommer> ah... that shouldn't be too hard, but doesn't help.u.c aleardy have the version (in the tab at the top)?
<faulkes-> sommer: it does but it's somewhat confusing in how it works
<faulkes-> at least I've found it to be
<sommer> okay, I'll work up some new htmls and do some testing
<sommer> or try to :-)
<faulkes-> don't worry
<nealmcb> sommer: yeah - h.u.c has release info, but not any "last updated" or version info.  we may know that it is rarely updated, but most folks won't, and contributors won't know how to diff it against other versions etc
<N0s25> hi, anyone here that can help with mailscanner installation?
<faulkes-> what about mailscanner?
<N0s25> I have run apt-get install on mailscanner
<N0s25> when I try start it, it's does nothing
<N0s25> doesn'te ven give me an error
<N0s25> root@phoebe:~# /etc/init.d/mailscanner start
<N0s25> root@phoebe:~#
<stiv2k_> should i be pointing my virtualhost's DocumentRoot to /var/lib/mediawiki1.10 or /usr/share/mediawiki1.10
<ScatterBrain> Anyone running Dapper on a Dell Poweredge 600SC?
<faulkes-> N0s25: what does "ps -ef | grep -i mail" show
<N0s25> root@phoebe:~# ps -ef | grep -i mail
<N0s25> root      3979  3922  0 21:29 pts/0    00:00:00 grep -i mail
<faulkes-> it should create a log, or otherwise tell the system what is happening
<faulkes-> is there anything in /var/log/syslog, /var/log/messages or /var/log/mail.*
<N0s25> syslog -  /USR/SBIN/CRON[3951]: (root) CMD ([ -f $LOCKFILE ] && exit 0; run_mailscanner=0; run_nice=0; if [ -f /etc/default/mailscanner ]; then . /etc/default/mailscanner; fi; [ $run_mailscanner = 0 ] && exit 0; [ -f /var/lock/subsys/MailScanner.off ] && exit 0; trap "rm -f $LOCKFILE" EXIT; touch $LOCKFILE; /usr/bin/nice -$run_nice /usr/sbin/check_mailscanner >/dev/null 2>&1; exit 0)
<N0s25> Mar 17 21:15:58 phoebe -- MARK --
<N0s25> Mar 17 21:17:02 phoebe /USR/SBIN/CRON[3977]: (root) CMD (   run-parts --report /etc/cron.hourly)
<N0s25> but I have set runmailscanner = 1
<dthacker-work> What is the best way to find if a fix has been released for a specific CVE?
<dthacker-work> My Googling has been ineffective.
<keescook> dthacker-work: currently, looking through http://launchpad.net/ubuntu-cve-tracker's "master" branch for an arbitrary CVE.
<keescook> dthacker-work: if it's for a package in main, http://ubuntu.com/usn/ will list it if it's fixed
<dthacker-work> keescook: thank you
<keescook> dthacker-work: I'm hoping to get a full report published that's easier to read/navigate
<emily_> by default, vim doesn't have highlighting turned on for me -- can someone let me know how to get that turned on?
<jdstrand> emily_: :syntax on
<jdstrand> emily_: add 'syntax on' to ~/.vimrc
<jdstrand> emily_: you probably want 'vim' and not just 'vim-tiny' IIRC
<emily_> jdstrand: yeah i tried that earlier, but it didn't work, it says I have the wrong version. how do I see if I have vim or vim-tiny?
<emily_> jdstrand: I think it was syntax enable that I tried actually
<jdstrand> dpkg -l|grep vim
<jdstrand> if it's not there as 'vim', then apt-get it.  can change the default with 'sudo update-alternatives --config editor'
<jdstrand> (system wide default that is)
<emily_> vim-common and vim-tiny showed up
 * jdstrand nods
<jdstrand> apt-get install vim
<emily_> thought I had done that. apparently i was using the default vim then?
<jdstrand> yes
<emily_> well that explains it :-) thanks!
<jdstrand> np
<emily_> jdstrand: there's also a vim-full...that supports gui? is that like a x gui or an ncurses gui?
<jdstrand> apt-cache show vim-gnome
<jdstrand> (I don't use vim-full, but it points to vim-gnome)
<emily_> ahh. got it..probably x then
<mathiaz> dendrobates: Have you looked at bug 196778 ?
<ubotu> Launchpad bug 196778 in likewise-open "Provide likewise-open-gui and likewise-open binaries rather than domainjoin-gui and domainjoin-cli" [Low,Fix released] https://launchpad.net/bugs/196778
<mathiaz> dendrobates: wrt kde support
<dendrobates> mathiaz: I saw it, I will fix it with next upload.
<lucasvo> I am running a dapper server. and I need a more up to date version of git, are there backports for git?
<mathiaz> lucasvo: there is a backport of git in dapper-backports: http://packages.ubuntu.com/dapper-backports/git-core
<lucasvo> mathiaz: cool, thanks!
<lucasvo> mathiaz: I've been fighting with my gitweb for days. it finally works.
<lucasvo> thanks a lot
<mathiaz> lucasvo: you're welcome :)
<mathiaz> lucasvo: but this is a community supported repository - just FYI
<lucasvo> mathiaz: yes. it is not my production server
<lucasvo> and hopefully it will be in hardy when it'll come out.
<mathiaz> lucasvo: hardy has 1.5.4.3-1ubuntu1
<mathiaz> sommer: do you know how the server guide is translated ?
<sommer> mathiaz: I think part of it is by LP and part by translaters
<mathiaz> sommer: I got an email from a french guy that is looking for ways to contribute to the Server Team.
<mathiaz> sommer: amongst the different task I though I could do is to translate the Server guide.
<mathiaz> sommer: I thought *he* could do
<mathiaz> sommer: I wondering if you had any pointers to help
<sommer> umm... I haven't really been too involved with the translation part, but if you/he sends a message to the doc ml I'm sure someone knows
<sommer> seems like there's a translation/translator site somewhere
<sommer> mathiaz: https://wiki.ubuntu.com/UbuntuFrenchTranslators?highlight=%28translat%29
<sommer> maybe?
<Jeeves_> kgoetz: I'm starting without you!
<mathiaz> sommer: kwel - I'll look into that. Thanks :)
<sommer> mathiaz: np
<N0s25> hey gus.. what ap do I install so I can run mail "email" -s from root?
<N0s25> guys
<N0s25> hey guys.. what ap do I install so I can run mail "email" -s from root?
<Lunks> I've got a notebook I'd like to try on an LDAP enviroment
<Lunks> But I've seen only 'ldap only' specifications
<Lunks> I don't want to be required to use LDAP, only when I want. Is it possible?
<owh> N0s25: There is no such application. What are you trying to do?
<N0s25> just from root.. type mail "emailaddress" -s test
<N0s25> and send a test mail from root
<owh> apt-get install mailx
<N0s25> k
<N0s25> thx
<Jeeves_> Hmm
<Jeeves_> The T1000's are connected to the wrong physiccal interface
<Jeeves_> It seems that I cannot boot from the interface I connected them to
<owh> Jeeves_: Isn't that when you cut off the network cable, put on a splitter and solder it all back together?
<owh> Don't laugh, I've seen it done - it didn't work, and they didn't blow anything up, but I shuddered :)
<Jeeves_> owh: Eh, right. :)
<ctgPi> How do I set up LVM on a hard drive with known bad sectors?
<owh> Buy a new hard drive.
<owh> Bad sectors are the beginning of the end.
<ctgPi> owh: I was half-hoping to use the disk for caching, so data loss wouldn't be a problem
<ctgPi> owh: but if it's non-trivial, bah, I'll toss it
<owh> ctgPi: I do not know if it's trivial or not, but if you make it into an ext2 then it should just work. If you know which blocks are bad AFAIK you can tell it in advance. Not sure why you'd want to put LVM on it just for caching though.
<ctgPi> owh: well, I wanted to skip over the neighborhood of bad blocks
<ctgPi> owh: but I suppose I could instead lie to mke2fs and blacklist the whole interval
<owh> Yup
<ctgPi> owh: with LVM I could pretend it was all a single contiguous block of space, that's why I asked
<ctgPi> owh: thanks for the help :)
<owh> ctgPi: But if ext2 has bad blocks on the single partition, it's still a single partition, just some bad blocks in it.
<owh> ctgPi: As for the help, not sure I gave you any, but you're welcome :)
<kinections> is there an apt repo where i can get apache 1.x instead of apache 2 for 7.10?
<Kamping_Kaiser> Jeeves_, :o
#ubuntu-server 2008-03-18
<owh> Hmm, I'm reading the stuff about FFE for the patch that kirkland and I are proposing. He's asked me to make a .tgz with all the stuff for his review while he has a sumptuous meal :) - but I'm unsure what to include - the mind is willing, but the flesh is unsure.
<owh> My documentation thus far is at: https://wiki.ubuntu.com/OnnoBenschop/ubuntu-server/init.d-status
<owh> Any pointers?
<mathiaz> owh: why would you need to make a tgz ?
<mathiaz> owh: you just need to attach a debdiff to the bug.
<mathiaz> owh: are you subscribed to ubuntu-devel@lists.u.c ?
<owh> mathiaz: I already did that part :)
<owh> mathiaz: Yes, I read the latest message on the subject. Kirkland hasn't seen it yet.
<mathiaz> owh: right - so using the LSB argument won't work.
<mathiaz> owh: and it seems that the init scripts handling will change for intrepid
<mathiaz> owh: with an integration with upstart.
<mathiaz> owh: So I'd just concentrate on adding a status action to the init script for daemon processes.
<owh> mathiaz: Yes, we saw that already from SJR's comments.
<mathiaz> owh: what is the bug number where you've attached your debdiff ?
<owh> mathiaz: Bug #203169
<ubotu> Launchpad bug 203169 in lsb ""status" function for init scripts" [Undecided,New] https://launchpad.net/bugs/203169
<owh> mathiaz: We figured that updating lsb was less code than individually patching each init.d script.
<owh> mathiaz: The list of packages affected is on the wiki page.
<owh> mathiaz: We were expecting to add them to this bug and fix them one at a time like the bug you showed us a little while ago.
<owh> mathiaz: The python-fix thing.
<mathiaz> owh: there are multiple lists on your wiki page - which list are you refering too ?
<owh> mathiaz: The actual affected packages are at: https://wiki.ubuntu.com/OnnoBenschop/ubuntu-server/init.d-status#head-9fa491ed97b93b78759171771d0c13f82b4784da
<owh> mathiaz: "List of unique packages"
<mathiaz> owh: libc6 ?
<mathiaz> owh: module-init-tools ?
<mathiaz> owh: netbase ?
<mathiaz> owh: procps ?
<owh> mathiaz: Those packages all include scripts that are in init.d
<mathiaz> owh: sysv-rc ?
<mathiaz> owh: udev ?
<mathiaz> owh: util-linux ?
<owh> It is possible that they include rc and rcS, in which case we can remove them.
<mathiaz> owh: these are packages that don't have daemons running IIRC
<mathiaz> owh: so I'd remove them from the list.
<owh> mathiaz: If you look at the list above you'll see the relationship.
<owh> mathiaz: For example libc6 has a script: /etc/init.d/glibc.sh
<owh> mathiaz: module-init-tools has the script: /etc/init.d/module-init-tools
<mathiaz> owh: well - I think that what we should aim for is to have status action for daemons
<mathiaz> owh: this is the part that always annoys me
<owh> mathiaz: The intent is to go through each script that's on the list and check to see if it actually needs a status. README, rc and rcS have already been manually removed from the list.
<mathiaz> owh: consedering where we're at in the release cycle, it will be hard to get things included in hardy
<mathiaz> owh: ok - so that's not the final list
<owh> mathiaz: The hard part is defining a daemon. I'm just basing this on the running processes, but things like postgres aren't even running yet.
<owh> mathiaz: No.
<mathiaz> owh: postgres should be running
<mathiaz> owh: and has a status action
<owh> mathiaz: Not on the hardy install that I'm currently running.
<mathiaz> owh: if the default install of postgres doesn't work, you should report a bug.
<owh> mathiaz: It does already have a status. My point was that it's not running, so there might be others like that.
<mathiaz> owh: how did you install it ?
<owh> mathiaz: Boot from CD, tick the boxes, wait. Reboot.
<mathiaz> owh: ok - it's a bug in the installer
<mathiaz> owh: it should be fixed for beta.
<mathiaz> owh: if you install with apt-get install once you've rebooted you should have working postgres installation.
<owh> mathiaz: What is the executable/daemon that postgress uses?
<ajmitch> ajmitch@ubuntu-desktop:~$ /etc/init.d/postgresql-8.2 status
<ajmitch> Version Cluster   Port Status Owner    Data directory                     Log file
<ajmitch> 8.2     main      5432 online postgres /var/lib/postgresql/8.2/main       /var/log/postgresql/postgresql-8.2-main.log
<ajmitch> one that already has a (non-LSB-compliant) status
<owh> ajmitch: Well my installation only shows the first line.
<mathiaz> owh: yes - it's a known bug in hardy.
<mathiaz> owh: you can safely remove postgres from your list - its init script has a status option and is working
<owh> mathiaz: Cool, then I don't need to worry about it.
 * owh updates list.
<owh> mathiaz: Bare in mind that I'm trying to make an automated list so nothing slips through the cracks. I suspect we're now at the end of that and now it becomes manual :)
 * mathiaz nods
 * ajmitch doesn't know if the usefulness of having a status action will outweigh having to have new uploads & rebuilds of a large number of packages
<mathiaz> ajmitch: well - we're already under 10 packages in the list
<mathiaz> ajmitch: so I wouldn't say it's a large number of packages.
<owh> mathiaz: I have 17 showing at the moment, but I agree with the point.
<mathiaz> ajmitch: and I think that having a status action *is* really usefull
<owh> mathiaz: The stuff that you showed, that is the ones you questioned, how did you exclude them? (libc6, netbase, etc.)
<ajmitch> mathiaz: sure, but the release manager may have other thoughts :)
<owh> ajmitch: One step at a time :)
<mathiaz> owh: just by looking at them and asking myself: does this stuff runs a daemon ?
<mathiaz> owh: if no, I'd exclude it.
<owh> mathiaz: So, which of my list are bogus in your opinion?
<mathiaz> owh: the list I've just given you
<owh> Here's my list: (17 lines)
<owh> apache2.2-common
<owh> at
<owh> bind9
<owh> cron
<owh> dovecot-common
<owh> klogd
<owh> libc6
<owh> module-init-tools
<owh> netbase
<owh> openssh-server
<owh> procps
<owh> samba
<owh> sysklogd
<owh> sysv-rc
<owh> udev
<owh> util-linux
<owh> winbind
<mathiaz> owh: libc6 module-init-tools netbase procps sysv-rc udev util-linux
<mathiaz> owh: ^^ these packages don't seem to start daemons.
 * owh is adding a '-' to the list to check the actual script and dependencies.
<ajmitch> samba+winbind are in a single source package, too
<owh> ajmitch: Yes
<owh> ajmitch: Uh, no.
<owh> ajmitch: Separate packages.
<ajmitch> source package, I said :)
<owh> Doh
<owh> :)
<owh> mathiaz: I'm checking the actual init.d scripts for those packages, but if they disappear then we're down to 10 and as ajmitch points out, 9 source packages.
<mathiaz> owh: yes - that's more reasonable and less scary for the release manager
 * owh likes that :)
<mathiaz> owh: and then we can really use the argument that having a status action for a daemon is *really* useful
<owh> mathiaz: You don't think that networking status is useful?
<owh> mathiaz: That comes from netbase.
<mathiaz> owh: it is, but let's first get the daemon going.
<owh> mathiaz: WFM
<mathiaz> owh: And to be honnest, I tend to use ifconfig to get the status of the networking stack
<mathiaz> owh: but I'd like to use init.d/daemon status to know if my service is running
<owh> mathiaz: Ah, but we're now creating an argument for ebox :)
<mathiaz> owh: without having to ps -ef| grep daemon
<owh> mathiaz: If that's all you want then we could write a four line wrapper cmd around the lsb-functions, single script in /bin. No need for any of this.
<owh> mathiaz: We'd still need to patch lsb, but nothing else.
<mathiaz> owh: I think that patching the init script makes the most sense
<mathiaz> owh: as putting common code in lsb, I also think it's usefull.
<owh> mathiaz: You'll call it like this: foo "$DAEMON"
<mathiaz> owh: but the release team may think it's too much.
<mathiaz> owh: this would be uncommon among the distros.
<owh> mathiaz: What I'm saying is that you'd get the same functionality and less intrusiveness.
<mathiaz> owh: just to give some background: most of the other distros have a status init script
<mathiaz> owh: we don't - let's fix this
<owh> mathiaz: You mean a switch, or a stand-alone-script that generates status?
<mathiaz> owh: patching lsb or adding a new command would be the same thing from the release team POV
<mathiaz> owh: I mean a status action in the init script
<owh> mathiaz: You mean in each init script right?
<mathiaz> owh: yes
<owh> mathiaz: What I'm saying - though I've not yet tested it, so I might be barking mad - is that we could create a completely stand-alone shell script that included the current-unpatched lsb functions, called it with the parameter supplied and returned an answer. No impact, no patching, addition of a single script.
<owh> mathiaz: Would it be useful to test that?
<owh> mathiaz: It may all die the moment I try to include the lsb functions which rely on some environment, but it might just magically work :)
<mathiaz> owh: well - you'd add this new script to the lsb package. Which means you'd patch the lsb package.
<owh> mathiaz: Sure but there would be no regression because no code changed :)
<mathiaz> owh: so from the release managers POV it's the same, whether you include a new script or add a function to the shell script.
<owh> mathiaz: Yes, but there would be no initial need to patch anything else.
<mathiaz> owh: add a function the lsb library shell script
<owh> Huh?
<mathiaz> owh: hm.. you'd still have to patch the init scrip to call the new wrapper ?
<owh> Nope
<mathiaz> owh: ohh - you'd say that the administrator would have to be educated to use this new command specific to Ubuntu to get the status of his daemons ?
<owh> mathiaz: Sure, while we're fiddling around getting upstart and intrepid integrated.
<mathiaz> owh: I don't think it's a good idea.
<mathiaz> owh: like kirkland said - administrators expect init script to have a status action
<owh> mathiaz: Strictly from a code management perspective it's the smallest non-invasive change that provides the functionality.
<owh> mathiaz: I'm not saying it's the best integrated.
<mathiaz> owh: This is something that administrator used to work in redhat environment find the most annoying in ubuntu - and I agree with tem.
<owh> mathiaz: You mean, extra scripts that do stuff :)
<mathiaz> owh: no - the status action in the init script
<mathiaz> owh: sysadmin expect that - we don't provide it -> need to fix it
<owh> mathiaz: Cool, I'll continue with the process in hand.
 * owh is nearly done eliminating the packages suggested by mathiaz
<mathiaz> owh: great - thanks
<owh> mathiaz: udev is "kernel event manager", isn't that a process/daemon?
<mathiaz> owh: no
 * owh removes it
<mathiaz> owh: it's a script that is called when a new device is plugged in the system
<mathiaz> owh: well - there is a udevd daemon running
<owh> mathiaz: So, perhaps it should stay?
<mathiaz> owh: so you could leave it on the liest
<mathiaz> owh: yes.
<owh> mathiaz: Cool, we're down to 11 packages or 10 source packages.
<owh> mathiaz: The following are packages: apache2.2-common, at, bind9, cron, dovecot-common, klogd, openssh-server, samba, sysklogd, udev, winbind
<mathiaz> owh: however, from a tactic POV, udev is maintained by the Scott, who is also the maintainer of Upstart.
<owh> Hmm
<mathiaz> owh: so I would try to add a status action to udev init script at last
<owh> That shouldn't really play into it though should it.
<owh> mathiaz: How do I get dpkg to tell me the source package name of a package?
<mathiaz> owh: apt-cache show apache2.2-common | grep ^Source
<owh> Doh
<mathiaz> owh: the list looks good to me
<owh> I was looking for something more complicated:)
<ajmitch> you can complicate matters & use something like grep-dctrl if you really want
<owh> Hmm, apt-cache show at returns stuff without a Source: line.
<ajmitch> then the source name is the same
 * ajmitch prefers apt-cache madison
<owh> ajmitch: How does that work?
<ajmitch> try it & see?
<owh> Heh
<ajmitch> ajmitch@ubuntu-desktop:~$ apt-cache madison at at | 3.1.10ubuntu4 | http://nz.archive.ubuntu.com gutsy/main Packages at | 3.1.10ubuntu4 | http://nz.archive.ubuntu.com gutsy/main Sources
<ajmitch> sigh, that didn't paste well
<owh> ajmitch: I saw the output.
 * owh is parsing it as we speak.
<nxvl> ajmitch: wow, nice, thanx for that hint!
 * nxvl HUGS ajmitch 
<owh> Cool, that seems to combine sysklogd and klogd as well.
<owh> mathiaz: It appears we're down to 9
<ScottK2> ajmitch: I've asked around and so far everyone who knows what I'm talking about wants your RC bug tracker running.  Would you be willing to share your setup for it (we've got an ubuntuwire box we can host it on)?
<owh> In case anyone is following, Here's the proposed list of source packages affected: https://wiki.ubuntu.com/OnnoBenschop/ubuntu-server/init%2ed-status#head-2b4f2602e168bb1a7185af274a286dc1b1ef6dcd
<ajmitch> ScottK2: sure, but it was only useful because I was rsyncing debian bug info
<ajmitch> in other words, I'd need to turn on the daily rsync again & push the generated results somewhere
<ScottK> ajmitch: Or we could set up the ubuntuwire box to do the same and do it all there.  It's a beefy box on a big pipe, so there's no need to worry about overloading it.
<ScottK> ajmitch: Best to discuss it on #ubuntuwire with Fujitsu or Nafallo.
<ScottK> Please .......
<ajmitch> ok, I'm there
 * nealmcb waves at ajmitch
<owh> Just out of interest, the spec here: https://wiki.ubuntu.com/EboxSpec suggests, hell it comes right out and says it, that it allows you to boot the Ubuntu CD and choose the ebox option. I must confess that I missed that option. Is it in the installer, or on the cd-boot menu?
<ScottK2> I don't think it's there yet.
<owh> Does that mean that it will be, or will this miss release?
<ScottK2> Dunno.
<owh> Tah
<owh> My head just exploded. On the hardy-alpha6 install that I have samba does not have a status section. I just downloaded the source to create a patch and I'm seeing a status part. How do I figure out if the package owner just did that or if I made a mistake?
<owh> NM, just found the change log :)
<soulc> anyone up?
<owh> soulc: No, we're all asleep.
<owh> I've just created a samba patch for status. Can someone please check if I'm not being a dunce: http://ubuntu.pastebin.com/d701c40e5
<owh> That's not the diff, just the code snippet.
 * owh just realised that this made no sense - carry on.
<kris_ph> Jack_Sparrow:
<kris_ph> Hello.. I have apache2 running with php. Is it okay that I will install Django and its database using postgresql? won't it give harm to my existing php and my php apps?
<Jeeves_> Morning
<kris_ph> gud morning.. do you have a background about django?
<Jeeves_> Nope
<Jeeves_> What's that?
<kris_ph> google it
<kris_ph> :)
<ere4si> !django
<ubotu> django is a high level python web framework that encourages rapid development and clean, pragmatic design. - see http://www.djangoproject.com
<Jeeves_> a python
<Jeeves_> ah, pyton
<ere4si> h
<owh> I'm preparing debdiffs for 10 source packages. Is there a mechanism for me to upload those somewhere so that I can get an automagic buildd report - so I can attach them to a FFE request, or should I just roll my own?
<kraut> moin
<_ruben> mornin
<juliux> morning
<juliux> has somebody nagios3 packages for gutsy?
<_ruben> juliux: let me know when you get your hands on them ;) .. a collegue of me will be deploying a new monitoring box shortly based on ubuntu+nagios3
<juliux> _ruben, i will build nagios from source now
<_ruben> ah
<juliux> that is faster;)
<_ruben> wonder how hard it'd be to 'upgrade' the package .. the looks of nagios3 dont differ too much from nagios2 .. doesnt say much about the package though
<nijaba> morning
 * soren sighs
<soren> There's nagios *3* now as well?
<_ruben> came out like yesterday or so
<soren> I was almost done upgrading to nagios2!
 * _ruben gives soren a sympathy hug
<henkjan> 03/13/2008 -
<henkjan> Nagios 3.0 Released
<_ruben> 5 days .. close enough ;)
<_ruben> hmm .. just curious, when running a local install/update mirror for ubuntu .. what kind of diskspace and bandwidth requirements should one keep in mind?
<soren> _ruben: You can fit {dapper,edgy,feisty,gutsy,hardy}-{amd64,i386} in about 180GB.
<henkjan> du -hs nl.archive.ubuntu.com/ 440G	nl.archive.ubuntu.com/
<henkjan> hmm, that includes cd images/releases
<_ruben> soren: that sounds very doable, since i'd only be interested in gutsy and hardy (when final) for those 2 archs .. what the ammount of updates?
<_ruben> +about
<soren> _ruben: Well, kernel images are quite large, so that might add a bit. Not more than a GB or two, though, I guess.
<_ruben> soren: but those are rather "rare" .. trying to get an idea how much traffic it'd cost to keep the repo up to date
<_ruben> damnit .. nasty downside of wireless keyboard, im suffering from "packet/key-loss" :p
<soren> _ruben: Keeping it up to date should be relateive cheap.
<_ruben> ok .. guess i'll look into it in a while and just set it up and monitor it for a while
<henkjan> openoffice updates are large :)
<_ruben> damnit .. now my mouse is lagging as well .. grr
<_ruben> if the updates would get too "bulky" i could shape them or something to keep things in line .. i dont have as much bw as henkjan and Jeeves_, but should be sufficient :)
<henkjan> _ruben: running a local mirror for personal use only wont cost you much traffic
<soren> henkjan: Oh, right, didn't think about openoffice.
<_ruben> henkjan: figured as much, just thought i'd check to be sure ;)
<_ruben> running a local sles9 install/update repo didnt impose a noticeable impact either
<henkjan> depending on the number of local servers wich use your local mirror it'll only save on bandwith
<henkjan> it may be an good idead to change security.ubuntu.com in /etc/apt/sources.list also to your local mirror
<_ruben> henkjan: the main benefit is quick, up2date net installs eventually .. and the speed difference isnt probably all that big .. then again, i'd probably be using more bandwidth with a local repo than without, since the ammount of packages we use is rather limited .. oh well .. its a nice endeavour to dive into
<henkjan> _ruben: https://weblog.bit.nl/blog/2008/03/11/bit-pxe-implementatie/
<_ruben> henkjan: partitioning including raid config .. interestign!
<_ruben> setting up sw raid in the debian installer can be rather tedious :p
<_ruben> beerware license .. gotta send you guys a beer if i wanna use it ? ;)
<_ruben> doh .. it *is* that
<_ruben> guess i'll have to drive to ede someday then :p
<juliux> _ruben, i found debian echt nagios3 packages, they are also working on gutsy
<_ruben> nice
<Folke> Anyone here using Jeos in vmware?
<_ruben> not yet
<_ruben> that is: im not using it yet, there are other who do tho
<Folke> _ruben: We are thinking of using it in our vmware enviroment instead of the "server" edition. But I don't really know all the cons / pros.
<_ruben> pro: its even smaller (size/resources/etc) .. con: uhm, less drivers as well which could lead to problems i guess
<BCMM> can someone recommend a dynamic dns provider?
<_ruben> using no-ip.org myself without any probs
<_ruben> hmm .. setting up a local ubuntu repo using rsync is even more simple than i'd thought
<kris_ph> hello..can apache2 and zope run on the same machine simultaneously?
<VoiDeT> Hi there, anyone there? If someone has time and would like to shed some light on passive ftp connections thatd be great!
<_ruben> VoiDeT: what exactly is it that you want to know?
<Kamping_Kaiser> _ruben, is it anything harder then running rsync?
<_ruben> Kamping_Kaiser: not really ;)
<VoiDeT> Well i set up proftpd, got it running fine, iptable rules set, i can ftp into it while its auth against mysql db, locally i can run my clients in active/passive, but when i try use an external ip on passive it connects, but wont iniate the LIST command
<_ruben> Kamping_Kaiser: never really used rsync myself tho
<_ruben> VoiDeT: do you have nf_conntrack_ftp and nf_nat_ftp kmods loaded?
<VoiDeT> how do i check this? i have modprobe ip_conntrack modprobe ip_conntrack_ftp in my iptables script
<VoiDeT> and that reports no errors
<Kamping_Kaiser> _ruben, :) i'm still using debmirror to make my mirror. need to switch over to the proper debian archive mirror scripts though
<_ruben> VoiDeT: ah, older kernel?
<VoiDeT> but when in passive mode locally, using only local connections, passive works, so its tracking established connections fine from what i can see
<VoiDeT> mm nope, im on 7.10, stock kernel
<_ruben> VoiDeT: you allow RELATED as well?
<VoiDeT> yup
<_ruben> VoiDeT: you need the nf_* mods, ip_* is for older kernls
<VoiDeT> "/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT"
<_ruben> ok
<VoiDeT> "/sbin/iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT"
<_ruben> VoiDeT: lsmod | grep ftp
<VoiDeT> nothing
<VoiDeT> oh wait
<kris_ph> hello..can apache2 and zope run on the same machine simultaneously?
<soren> Sure.
<_ruben> VoiDeT: the loading of ip_conntrack modules probably fails silently
<VoiDeT> http://paste.ubuntu-nl.org/60018/
<kris_ph> soren: is that sure for me?
<soren> kris_ph: Yes
<_ruben> VoiDeT: ah .. the nf_ ones are loaded
<kris_ph> soren: okay.. won't it slows down gutsy
<VoiDeT> _ruben: not good?
<soren> kris_ph: Why would it?
<_ruben> VoiDeT: that is good
<_ruben> VoiDeT: is the ftp running on a port other than 21?
<_ruben> VoiDeT: and/or are you using ssl/tls?
<VoiDeT> _ruben: its on 21, externally ppl get in through 23, i have a portforward rule on my router/modem to push it to 21 to my local ip
<kris_ph> just asking.... how about installing nginx with apache?
<VoiDeT> _ruben: ssl/tls on proftpd?
<_ruben> VoiDeT: ssl/tls can be used to encrypt ftp traffic, which breaks the conntrack/nat modules (it cant snoop the traffic)
<kris_ph> soren: nginx is already in the repo.. just want to confirm if it hurts gutsy and apache if m going to install nginx...
<VoiDeT> _ruben: i see, well i didn't enable it for proftpd, so hows a way of checking if it is enabled
<_ruben> VoiDeT: those 2 (encryption and diff port) are the most common problems .. im not aware of any other problems .. ow .. wait .. its behind a nat router, that means its up to your router/modem to do some fancy stuff
<_ruben> VoiDeT: you're not using it ;) you'd know if you were
<VoiDeT> _ruben: does that mean i have to port forward all the passive port range to the proftpd box
<VoiDeT> _ruben: i figured so hehe
<_ruben> VoiDeT: yes, unless your modem has a feature to properly nat ftp traffic (which most modems/routers nowadays do, so i thought)
<VoiDeT> ill look
<kris_ph> hello.. is it okay to install nginx in a machine running apache2?
<_ruben> VoiDeT: you can probably restrict the port range within proftpd, so you wont have to open that much ports (i'd go for 1-2 ports per expected concurrent connection)
<_ruben> meeting .. bbiab
<VoiDeT> _ruben: thanks a heap
<soren> kris_ph: I don't know what nginx is.
<kris_ph> soren: http://wiki.codemongers.com/Main
<soren> kris_ph: Well, as long as you don't try to run two http servers on port 80 at the same time, it should work just fine.
<_ruben> back
<jjesse> forward
<soren> And shake it all about..
<soren> Â¡Eee, macarena!
<jjesse> great now that stupid song is going to be in my head
<MenZa> hahaha
<_ruben> hehehe
<VoiDeT> yo _ruben
<VoiDeT> _ruben: i can connect via my external ip fine in passive, only if the iptables are flushed, also the nat routing on my router doesn't need to be changed, because my windows ftp shitbox runs fine in passive
<_ruben> VoiDeT: hmm
<_ruben> VoiDeT: it could be that the windows ftp software is 'smarter' than proftpd (could be a setting thing) .. ftp behind nat can cause various problems .. i'd compare the actual commands that flow back and forth .. especially the ip address thats communicated by the server to client (which might differ between the windows and ftp server)
<VoiDeT> http://paste.ubuntu-nl.org/60023/
 * _ruben hates his todo-list .. items appear quicker on it than that they get finished
 * VoiDeT hates sleepless nights
<VoiDeT> :D
<VoiDeT> sorry _ruben
<_ruben> VoiDeT: first thing i'd test if setting the output policy to accept .. setting output policy to anything other than accept is for advanced users only and should only be used when you really know what you are doing
<_ruben> VoiDeT: and take a very close look at the logs that your ftp client shows (from external) .. especially the ip addresses that are mentioned
<VoiDeT> sure
<VoiDeT> what the hell, now i turn iptables back up
<VoiDeT> and its workin
<VoiDeT> gotta love consistency
<_ruben> VoiDeT: could be a connection tracking 'issue'
<_ruben> VoiDeT: perhaps your traffic is accepted because its seen as established, which was allowed in the first place with the limited firewall rules
<VoiDeT> _ruben: pm
<_ruben> VoiDeT: you're not identified to services, hence cant send private messages
<VoiDeT> ah
<VoiDeT> tru
<ere4si> the basic server install users 1.1Gb - any way to reduce that?
<sommer> ere4si: is that without the optional packages?
<sommer> every base install I've done is around 500MB
<ere4si> sommer, no lamp or anyting
<sommer> ere4si: that's strange then, what file system are you using?
<ere4si> sommer, gutsy minimal cd - typed install server - had option for dhcp server, lamp server etc  - chose none - df -h after login said 1.1GB
<sommer> ere4si: so it wasn't the actual gutsy server iso file?
<ere4si> sommer, no
<ere4si> net install cd sommer
<sommer> ya, that would probably be why, if you use the server iso the install will be smaller
<ere4si> sommer, will try that - thnx
<sommer> np
<ere4si> :)
<_ruben> 700-800MB for an 1 day old install (incl openssh)
<ere4si> sommer,  - but the net install cd has options for cli, server or desktop ?
<sommer> ere4si: sure, but I think the installer process is different then when using the server iso
<sommer> ere4si: I would imagine the net iso, installs more network config type packages and such
<ere4si> sommer, I'll try in the morning then
<_ruben> hmm .. is there some sort of preseed file generator or smth ?
<sommer> I'm not an expert on the iso creation process, so you might want to double check :-)
<_ruben> or extensive documentation on how to properly write one
<ivoks> hm... i have an idea
<ivoks> let's create additiong binary inside dovecot source package
<sommer> ivoks: what's up
<ere4si> it came up with a menu for dhcp server,lamp server etc - I took that as a basic server install with additional extras
<ivoks> sommer: nothing much :)
<sommer> ivoks: I wrote up a bacula guide, and had a couple of questions about the bacula packages
<ivoks> yeah... right...
<ivoks> sommer: when i finish this sasl thing with postfix/dovecot, i'll start squashing bacula's bugs
<sommer> is the sqlite3 going to be the default catalog, or whatever
<ivoks> default will be mysql
<ivoks> but sqlite3 should be in main; that's what i've been told
<sommer> oh, doh... I'll need to adjust that
<sommer> ivoks: the other issue I noticed was that when using the sqlite3 back end the package fails, because there's no Archive Device under FileStorage in bacula-sd.conf
<nealmcb> sommer: I also just noticed that the server guide doesn't seem to contain the words "ubuntu server guide" on each page, making searches not work as well.  And based on the "Question on JeOS"  recently it seems that it would make sense to have a link to the draft version from the help.u.c server guide pages also
<ivoks> sommer: please, report it as a bug and i'll work on them all, as soon as i finish this sasl thing
<sommer> ivoks: sure, will do
<sommer> nealmcb: jeos question?
<nijaba> ivoks: as we are unsure that sql3 will be in main, the current proposal is to only include bacula-director-mysql and bacula-director-pgsql in main
<nijaba> *sqlite3
<VoiDeT_> mmm
<sommer> nijaba: what was the "question on jeos" ?
<_ruben> crap .. "You currently cannot use preseeding to set up RAID." .. thats from the 7.04 install guide tho
<zul> ivoks: I thought I fixed that in my last upload basically what happens that bacula install fails because it tries to the bacula servers but it cant because bacula is not configured properly yet
<nijaba> sommer: a translator was wondering if there was going to be a 8.04 jeos as doc was still reffering to 7.10
<nijaba> sommer: you should have it in the doc team ml
<sommer> nijaba: ah, oh ya... seem to remember something about that.  I worked on adjusting some of that, but wasn't sure about the entire document
<sommer> nijaba: want me to send it to you?
<nijaba> push it on doc.u.c, I'll read it there
<sommer> nijaba: will do
<nijaba> sommer: I should really update this tuto to speak about u-v-b anyway
<sommer> since it was you and soren's article I was a little hesitant about changing much
<nijaba> sommer: heh, it is now part of the official guide, so feel free to change it
<sommer> nijaba: cool, I commited the changes, so they should be on doc.u.c sometime today
<ivoks> nijaba: zul ack
<ivoks> zul: i would ask for your opinion, if you have 5 minutes of free time :)
<zul> ivoks: indeed I do
<ivoks> zul: there's QT version of bacula console; for it we need only one library in main - qwt
<ivoks> zul: qwt is small and doesn't bring anything new; do you think it's a worthwile to ask for inclusion in main?
<ivoks> zul: cause, we now don't have gui version of console; while we had two before :/
<zul> ivoks: I think it might be worth it
<ivoks> zul: i'm just not sure qwt is in active development :/
<zul> ivoks: lemme have a quick look
<ivoks> http://qwt.sourceforge.net/
<ivoks> last version is from 2007-06-10
<ivoks> oh, it is active
<ivoks> last svn upload was 5 days ago
<zul> yep according to this http://sourceforge.net/project/stats/detail.php?group_id=13693&ugn=qwt&type=svn
<zul> yeah I think it would be worth it
<ivoks> deal
<zul> how is debian maintainenace
<ivoks> 0 bugs
<sommer> ivoks:
<sommer> Bug #203557 filed
<ubotu> Launchpad bug 203557 in bacula "bacula-sd-sqlite3 package fails during install" [Undecided,New] https://launchpad.net/bugs/203557
<ivoks> sommer: great
<ivoks> zul: last debian update was 2007-18-10
<zul> yeah MIR should be good for qwt
<ivoks> zul: so, just 12 days after release
<ivoks> https://wiki.ubuntu.com/MainInclusionReportqwt
<ivoks> i already started :)
<zul> sweet
<zul> thanks
<zul> sommer: I think I fixed that in -ubuntu2
<sommer> zul: ah, cool.  I only used it because I thought sqlite3 was going to be the default, either way :-)
<zul> but the archive is frozen ;)
<zul> mysql should be if you install the bacula-server metapackage
<sommer> meh, there's a work around in the bug
<zul> heh
<nealmcb> sommer: sorry to be cryptic there - my assumption was just that it seemed that a translator didn't realize that there was a newer version of the server guide, and it got me thinking that links from the published ones to the draft version would give everyone a taste of what is to come, and promote more contribution to the documentation in general.  then they would all be linked together in both directions - one happy family of documentation
<sommer> nealmcb: okay I see what you're saying... but I think there's going to be some heavy resistnce to the idea of linking to the dev docs from the released ones
<sommer> nealmcb: I'm also not sure about how to get "Ubuntu Server Guide" on every page since there already is a header on the site
<sommer> wouldn't putting "ubuntu server guide", or whatever, in the meta data help searching as well?
<nxvl> hello everyone
<sommer> nxvl: yo
<nxvl> dendrobates: the new version of likewise-open has unused quilt instructions
<dendrobates> nxvl: they will be used with the next upload
<nxvl> dendrobates: i uploaded a patch on Bug #196778 commenting all of them
<ubotu> Launchpad bug 196778 in likewise-open "Provide likewise-open-gui and likewise-open binaries rather than domainjoin-gui and domainjoin-cli" [Low,Triaged] https://launchpad.net/bugs/196778
<dendrobates> nxvl: I saw that, thanks.
<sommer> dendrobates: so just so I'm clear, the binary names are going to change?
<ivoks> zul: done: https://wiki.ubuntu.com/MainInclusionReportqwt
<dendrobates> sommer: no
<zul> ivoks: you might want to get rid of the TODO
<sommer> dendrobates: okay, just wanted to update the docs if need be
<ivoks> zul: heh, good catch :)
<zul> and "The general purpose and context of the package should be clear from the package's debian/control filed. " but other than that looks ok to me, subscribe me to the MIR as well
<ivoks> zul: well, 'is clear'
<zul> yep that works :)
<nxvl> keescook: around?
<nxvl> for Bug #203449, is better to sync with the new version or just to add the patch?
<ubotu> Launchpad bug 203449 in dovecot "[dovecot] [CVE-2008-1199, CVE-2008-1218] privilege escalation" [Unknown,Fix released] https://launchpad.net/bugs/203449
<AnRkey> how can i delete a partition table or wipe a master boot record on a drive with fdisk?
<ivoks> nxvl: that's CVE bug? oh, lol
<ivoks> i don't see how 'Allows unauthorized disclosure of information' applys to this bug
<soulc> can anyone direct me to some help with fail2ban?
<soulc> I show up and everybody leaves?  What do I smell?
<nealmcb> sommer: I wonder why linking to hardy doc would be resisted - e.g. we link to the dev packages from the released packages.  http://packages.ubuntu.com/gutsy/web/ebox
<sommer> nealmcb: I was going by one of Matt Easts last comments on a ml thread...
<nealmcb> it's very puzzling to me
<sommer> the thought was that the dev docs aren't complete, may have errors, etc
<nealmcb> sommer: sure - and that was a big problem when they weren't properly labelled as draft, with version info etc
<nealmcb> but that is what we need to fix...
<nealmcb> and often they have the best info, even for older stuff
<nealmcb> should we try to hide the wiki also?
<nealmcb> incomplete, inaccurate at times, etc
<sommer> nealmcb: ah, the last comment on bug #122297
<ubotu> Launchpad bug 122297 in ubuntu-doc "Server Guide draft has higher Google rank than released version" [Medium,Confirmed] https://launchpad.net/bugs/122297
<jjesse> i thought for that bug we implemented something to block dco.ubuntu.com from being indexed
<sommer> jjesse: yep, but mdke spells out his argument for linking to dev docs in his last post
<jjesse> sommer: ah have't followed that email lately
<sommer> it sort of meandered some :-)
<jjesse> maybethat's why i ignored it
<mogli> hi, can anyone tell me the difference between running tftpd as a daemon and starting it with inetd ?
<sommer> nealmcb: I don't see the link to the dev packages on http://packages.ubuntu.com/gutsy/web/ebox ?
<sommer> mogli: not much I'd think, just a different way to execute the service
<nealmcb> sommer: there is a "hardy" tab there
<sommer> nealmcb: ah, I see it
<sommer> nealmcb: the other issue is that some of the instructions are very different for some applications between releases
<sommer> and that may just cause more confusion when copy and pasting say a hardy instruction into dapper
<mogli> does anyone have experience booting a macbook over the network ?
<sommer> nealmcb: also, what do you then recommend to users the released docs or the dev docs?
<sommer> nealmcb: personally I don't think adding a link is a big deal, but seems that others do ;-)
<sommer> nealmcb: maybe if we got the opinion of an "interface designer person", or whatever, because it seems to me the real issue is the overall website design, and making it more user freindly
<nealmcb> sommer: we recommend the released docs.  but we don't go out of our way to tell every web-based app, including mirroring utilities, search engines, indexing tools, etc, that the documents must not be visited by robots.  that is what robots.txt is about.
<sommer> nealmcb: sure I agree, but is that the same as linking from the released docs to the dev docs?
<nealmcb> true - I was reacting to the comment you referenced which is a bit different.  I think the link to the dev versions should be clearly marked, both in the packages pages and in the doc pages - "work-in-progress, for development use" or whatever
<nealmcb> it would help me to have a bigger perspective here - e.g. a diff of the current hardy tree and the gutsy tree - how much is catch-up documentation and how much is new/different/dangerous
<sommer> nealmcb: I'm with ya, and my thinking is that based on that bug comment the reaction to the idea is going to be the same
<sommer> nealmcb: it depends there are instructions in the hardy version that won't work at all for gutsy
<nealmcb> sure.  and there are hardy packages that would trash a gutsy system
<sommer> but OTOH there are some that will :-)
<nealmcb> so labelling them is #1 priority, and would lead people there in preference to the wiki, forums, etc which are not well labeled by release in general
<sommer> it's really a case by case basis, and if we keep the docs up to date it should resolve itself... in a year or so
<nealmcb> but I also want to make it easy for developers - google and relative links are just more friendly than following some of the official links - so when someone stumbles on  ebox in hardy I want them to also stumble across the documentation for it
<nealmcb> documentation requires testing also
<nealmcb> and vice versa - I want them to stumble on the documentation for ebox, and decide to try to test the package
<sommer> sure, but are you talking about testing if the instructions work or if you can find the instructions?
<nealmcb> both
<sommer> the instructions work :-)
 * nealmcb writes that down
<nealmcb> :-)
<sommer> maybe the subject is better discussed with the site maintainers?  I'm just not sure how much you can add to the content of the html to influence google
<sommer> but aren't there google "apps", or whatever, that can up your page rank?
<nealmcb> good titles and keyword usage in the text of the page are important for search engine optimization
<nealmcb> a good site map is another very helpful thing
<nealmcb> links are also very important
<sommer> ya, sitemap that's what I was looking for.  who controls that though?
<nealmcb> it is just more content on the site
<sommer> gotcha, but the docs are generated from the xml, and are only a fraction of the content... so wouldn't you need to talk to someone at canonical?
<sommer> at least for the sitemap
<nealmcb> sommer: a sitemap can be for an entire host, or for subsets of it - so there could  be one for https://help.ubuntu.com/7.10/ or one for just the server guide underneath that - https://www.google.com/webmasters/tools/docs/en/protocol.html#sitemapLocation
<nealmcb> so we don't have to figure it all out first.  note the "priority" field for specifying relative priorities for pages on your site
<baffle> Is anyone actually booting from a SAN using multipath here? I'm trying to set up a hardy server using multipath-tools/multipath-tools-boot but it doesn't really seem to work as intended.. I was under the impression that it was kindof "out of the box"? At least from looking at the very sparse documentation. :-)
<nealmcb> sommer: hmm - but since doc.u.c and help.u.c are different sites, we can't use a sitemap to affect the priority of one vs the other - just for intra-site priority settings
<nealmcb> huh - why is this still there? https://help.ubuntu.com/ubuntu/serverguide/C/index.html
<nealmcb> instead of redirecting to https://help.ubuntu.com/6.06/ubuntu/serverguide/C/index.html
<nealmcb> which has all the tabs...
<sommer> nealmcb: I think that's the old version?
<faulkes-> nijaba: email ok?
<sommer> nealmcb: I'm not sure what the priority for updating the site is, but it doesn't seem to be very high
<nijaba> faulkes-: great, thanks
<LiENUS> what do i need to have an ubuntu server support printing to a shared printer?
<faulkes-> let me know if you need more info or anything
<LiENUS> i want to configure my server to share a printer over samba but have it so iuts a queue containing two printers and it prints to whichever is optimum
<LiENUS> its a hp1300 which iirc is well supported in linux
<sommer> jdstrand: should I document putting the slapd apparmor profile in complain mode to use slapadd or slapcat?
<jdstrand> sommer: no-- not yet
<jdstrand> sommer: I am looking at it today
<sommer> ah, coolness
<keescook> nxvl: generally we just apply the patches.  dovecot will be a special case due to the config differences that were addressed.
<nxvl> keescook: i applied the patch just in case, the debdiff is on the bug report
<Jeeves_> kgoetz: I'm booting Ubuntu on the T1000 as we speak
<jdstrand> sommer: can you give me specific slapadd/slapcat commands that aren't working (so we are on the same page)
<sommer> jdstrand: slapcat -l example.com.ldif and slapadd -l example.com.ldif... more slapadd than slapcat, but I noticed slapcat has the same issue
<jdstrand> sommer: right-- will be working on it today
<jdstrand> sommer: thanks!
<sommer> np, thank you
<zul> mathiaz: has anyone tested dapper->hardy yet?
<mathiaz> zul: what do you mean ? dapper-hardy upgrades ?
<zul> moving from dapper to hardy
<mathiaz> zul: mvo is doing some work on that
<zul> ok
<mathiaz> zul: but I'd like to test things like a samba upgrade
<mathiaz> zul: or a LAMP upgrade
<mathiaz> zul: something higher level
<mathiaz> zul: I don't know if mvo is testing these use cases
<zul> ill do a a couple of run throughs and see what happens
<keescook> nxvl: cool, thanks
<keescook> I wonder who had a T1000 first, James Cameron or Sun.  I assume not Sun, in which case, I have to wonder, did they pick that model # intentionally?
<zul> because t999 was patented? ;)
<sommer> heh, it's the predecessor to doomsday!
<sommer> bum bum bum bumbum
<Jeeves_> Either way, it's still not installed. :/
<methods> you guys seriously don't support apache 1.x ?
<Jeeves_> methods: That's that webserver from the eighties, isn't it?
<methods> lol no 2.x is rather recent and when i use to use apache a few years ago 2.x was not thread safe
<methods> this was a major issue for scripting languages
<radone> After apt-get update && apt-get upgrade I have unmet dependency on package gs-common
<radone> unfortunatelly suggested: apt-get install -f fails
<radone> dpkg: error processing /var/cache/apt/archives/gs-common_0.3.9ubuntu1_all.deb (--unpack):
<radone>  trying to overwrite `/var/lib/defoma', which is also in package defoma
<radone> is there any chance to resume from this problem?
<twb> Hi, how can I determine if DSA 1524-1 (CVE-2008-0062 CVE-2008-0063 CVE-2008-0947) has been addressed by a USN?
<ubotu> ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0062)
<ubotu> ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0063)
<ubotu> ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0947)
 * twb is slightly impressed.
<keescook> twb: they have not yet -- krb5 went public 1 hour ago, USN is pending.
<twb> Thank you.
<twb> In general, how can I go from a DSA to a USN or vice versa?
 * Jeeves_ tries the gutsy installer
<keescook> twb: they don't map well, usually.  Debian's DSAs cover a wider set of software.  Ubuntu's USNs cover packages in "main".  Best is via CVEs, and there should be a public list soon
<Jeeves_> This seems to work
<twb> Historically I've been too lazy to look up the CVEs themselves; do CVE pages link to DSAs and USNs when they (DSA/USN) are published?
<twb> Ah, http://cve.mitre.org/data/refs/index.html seems to be such a mapping
<twb> On a related note, is there a security team for Universe?
<Nafallo> yes
<twb> Do you have a URL for their project page?
<twb> *subproject page, I guess
<mogli> hi, cant add a user to samba.. says Failed to modify password entry for user guest
<sommer> mogli: what is the command your using?
<mogli> smbpasswd -a guest
<mogli> in smb.conf , security = share
<sommer> is there a linux user named guest?
<mogli> so no system account is required, am i right ?
<mogli> no
<sommer> I thought that you had to have a system account, unless samba is configured to use a different backend, like ldap
<mogli> ok.. then ill use security=user
<sommer> easy way to test would be to add a system account... you can always delete it later :-)
<mogli> yep
<mrpoundsign> is there a tool for ubuntu server that will email the admin about out-of-date packages?
<mrpoundsign> I have been trying to get apt-listchanges to work, but it doesn't seem to automatically scan.
<twb> Maybe cron-apt plus a cron.daily script doing something like aptitude --dry-run full-upgrade ?
<Jeeves_> Still installing.
<Centaur5> How can I make a perl script show the output from doing apt-get install so I know if I need to provide input?
<Jeeves_> Centaur5: You're typing a perl-script around apt?
<Centaur5> Jeeves_: yes, unless there's a better way to have a list of applications installed automatically without user interaction.
<Jeeves_> Centaur5: Have a look at cfengine/autoapt.pl
<Jeeves_> Centaur5: http://www.debian-administration.org/articles/398/autoapt.pl.txt
<Centaur5> Jeeves_: Well I'm attempting to put this into the kickstart post-install script area.
<Jeeves_> kgoetz: I've won!
<Centaur5> Jeeves_: I'll check that out. Thanks.
<Jeeves_> Linux webserver2 2.6.22-14-sparc64-smp #1 SMP Tue Feb 12 04:16:25 UTC 2008 sparc64 GNU/Linux
<Jeeves_> bit-beheer@webserver2:~$ dmesg | grep -i cpu
<Jeeves_> [   80.715803] SLUB: Genslabs=23, HWalign=32, Order=0-2, MinObjects=8, CPUs=256, Nodes=1
<Jeeves_> [   80.803938] Brought up 32 CPUs
<Centaur5> Jeeves_: Do you think I'm better off rebuilding the Ubuntu cd?
<Jeeves_> Centaur5: What do you want to achieve?
<Jeeves_> A machine that boots automatically and installs and configures itselve?
<Centaur5> pre-install OEM installations on new machines with a few applications lots of people might want included.
<Centaur5> and yes configure itself as well
<nxvl> jdstrand: on Bug #203710 the problem is with debconf, doesn't it?
<ubotu> Launchpad bug 203710 in mysql-dfsg-5.0 "mysql-server-5.0 does not prompt for conffile update on upgrades" [High,New] https://launchpad.net/bugs/203710
<jdstrand> nxvl: dpkg handles conffiles, so I don't know what is going on there
<nxvl> jdstrand: ok, i will take a look
<jdstrand> nxvl: *awesome*
<jdstrand> nxvl: I don't know if something is getting overridden or what-- but you should be able to reproduce based on what's in the bug
<nxvl> jdstrand: i will try to reproduce it by installing it on my gutsy pbuilder environment and then upgrade it
<jdstrand> nxvl: I witnessed this on hardy
<nxvl> jdstrand: yep but if i install it on hardy i won't be able to upgrade the package
<jdstrand> nxvl: for the purposes of debugging, may just be able to install gutsy binaries on hardy, and then upgrade
<jdstrand> nxvl: well, however you need to do the upgrade scenario
<nxvl> jdstrand: with pbuilder is easier :D
<Jeeves_> Centaur5: And you really want to do that via upstart?
<jdstrand> that's fine.  just know that it's a hardy target
<nxvl> jdstrand: but thanks for the tip
<nxvl> jdstrand: sis you confirm that it is also present on my.cnf file?
<Centaur5> Jeeves_: Well I do a network pxe install and use kickstart to make it so we don't have to answer the pre-install questions. Then it would be nice to have a few applications installed and the machine updated automatically. kickstart has the ability to copy a script to execute after the install but perhaps it would be easier to build an installation?
<jdstrand> nxvl: I did not, as my.cnf is provided by mysql-common
<nxvl> jdstrand: so i need to check is also affects it
<jdstrand> nxvl: I can confirm that it is a problem with /etc/apparmor.d/usr.sbin.mysqld though
<jdstrand> nxvl: but it's clearly a more general problem
<jdstrand> nxvl: yea, you should check mysql-common as well
<Jeeves_> Centaur5: You should really look into cfengine
<jdstrand> that should have been 'yeah'
<Jeeves_> Although that might be overkill for you, it is very flexible
<nxvl> jdstrand: yes, i understud that, and that's the important part :D
<Centaur5> Jeeves_: Okay, I will do that.  Thank you.  :)
<jdstrand> nxvl: well, my.cnf is clearly very important, but all those little buggers can break your sytem if not upgrade properly ;)
<nxvl> jdstrand: yes, but is not good to fix one and left the other one
<nxvl> jdstrand: it doesn't affect debconf
<nxvl> jdstrand: err my.conf
<nxvl> jdstrand: also it doesn't touch my debian-start file
<mogli> must a computer, accessing an nfs share have an entry in hosts ?
<sommer> mogli: hosts or dns
<mogli> i have dns
<sommer> can you ping?
<mogli> yes
<mogli> do i have to set the fqdn ?
<sommer> what about the exports file?  does the client have rights?
<sommer> might try the fqdn
<nxvl> do we have plans to split apparmor-profiles in separate packages?
<sommer> nxvl: there is a apparmor-profile package :-)
<Jeeves_> mogli: You might experience locking issues if the client isn't in /etc/hosts on the server
<nxvl> sommer: yes, i mean to split that package in separate service-based packages
<sommer> nxvl: but some packages have profiles... like bind9, cupsys, etc
<nxvl> sommer: like apparmor-bind9 apparmor-mysql, etc..
<sommer> nxvl: I wouldn't think so, but you might double check with jdstrand or mathiaz
<nxvl> sommer: i will open a blueprint and propose it on UDS
<mogli> sommer: cant ping.. thought it was ok ..
<mogli> i think i have to set the computer in the forward lookup zone
<nxvl> dendrobates: did you know if this is already planned?
<sommer> mogli: you might add "search domain.com" to your /etc/resolv.conf
<sommer> mogli: replacing domain.com with your domain
<mogli> or no.. i use dhcp and dns.. so this cant be
<mogli> ok
<sommer> mogli: ah, you can add the domain using dhcp as well... I forget the options though
<sommer> mogli: does the nfs server have a firewall, might double check that the ports are open
<nxvl> mm i need to learn how to split packages
<sommer> nxvl: so you'd put one file in a package?
<nxvl> sommer: i don't understand the point of having 6 or 7 profiles on a one service profile
<nxvl> sommer: so yes i will :D
<mogli> yes all ports are open in lan now, im connected through ssh to the server, but i cant ping the notebook from the server, perhaps thats the problem
<sommer> nxvl: thought that's why the application package includes the profile?
<nxvl> sommer: are you sure about that?
<sommer> nxvl: I'm sure about the bind9 apparmor_profile :-)
<nxvl> sommer: checking
<nxvl> sommer: mysql for example doesn't
<sommer> nxvl: and the cupsys one
<sommer> nxvl: ah, might be on the conversion list or something... I guess my thought is that it would be a lot of work to package one file
<sommer> but if you want to discuss it at UDS, I'm not going to stop ya ;-)
<nxvl> sommer: you are right, bind9 comes with his profile
<sommer> nxvl: I would imagine it's a matter of gradually implementing the profiles
<nxvl> but also i don't understand why do i have to install a profile if i don't use apparmor
<nxvl> sommer: yes, maybe i can change my proposal to that
<sommer> nxvl: it's going to be enabled by default in hardy I believe... in enforce mode for some services
<jdstrand> nxvl: bind9, cupsys, mysql-server-5.0 and slapd all ship with a profile
<soneil> anyone use xen with disk images on hardy?   trying to figure out if this inability to losetup is 'normal'
<jdstrand> nxvl: mysql and bind9 migrated into the package in this cycle from apparmor-profiles
<Kamping_Kaiser> Jeeves_, awsome work :)
<nxvl> jdstrand: on gutsy to or is a "new feature" of hardy?
<jdstrand> nxvl: if you are not using apparmor, it is harmless
<jdstrand> nxvl: slapd, mysql-server-5.0 and bind9 shipping their own profiles is new in hardy
<nxvl> jdstrand: mmm ok so we better eliminate the apparmor-profile package and include the profiles on the service packages
<jdstrand> tnxthe idea has always been AFAIK, to create a profile, put it in apparmor-profiles, and migrate it to the package once it gets testing
<jdstrand> nxvl: ApparmorProfileMigration
<nxvl> jdstrand: oh ok, thnx
<nxvl> jdstrand: btw, i can't reproduce the bug
<jdstrand> nxvl: the migration of usr.sbin.mysqld and usr.sbin.named from apparmor-profiles is already done
<jdstrand> nxvl: this is on hardy?
<jdstrand> (not producing the bug)
<jdstrand> nxvl: you can't reproduce on hardy?
<nxvl> jdstrand: i have install mysql-server on gutsy, then upgraded the packages to hardy and nothing was touched
<nxvl> jdstrand: i put the steps i used to try to reproduce the bug on the bug report
<nxvl> https://bugs.edge.launchpad.net/ubuntu/+source/mysql-dfsg-5.0/+bug/203710
<ubotu> Launchpad bug 203710 in mysql-dfsg-5.0 "mysql-server-5.0 does not prompt for conffile update on upgrades" [High,Incomplete]
<jdstrand> nxvl: what do you mean by 'nothing was touched'?
<jdstrand> nxvl: that is the bug
<jdstrand> nxvl: upgrade should have prompted you because the conffile changed
<jdstrand> nxvl: mysql-server-5.0 upgrades without updating the file with no confirmation, even though the md5sum is different for /etc/mysql/debian-start than what is in /var/lib/dpkg/status.
<nxvl> jdstrand: oh! sorry, i understand it backwards
<jdstrand> nxvl: will you fix the report accordingly?
<nxvl> i thought it updated the file without asking
<nxvl> :P
<nxvl> sorry, my bad
<jdstrand> np
<nxvl> jdstrand: yup
<nxvl> btw
<nxvl> can i update a comment i did?
<jdstrand> nxvl: unfortunately no
<jdstrand> nxvl: only the description can be updated
<nxvl> mmm, i also add a comment saying it was my bad and that it is confirmed
<jdstrand> nxvl: cool thanks!
<mogli427> ok, got nfs working, but can't i share ntfs volumes ?
<nxvl> jdstrand: can it be because as it doesn't end on conf or cnf debconf isn't recognizing it?
<jdstrand> nxvl: not a debconf thing
<jdstrand> nxvl: this are conffiles as listed in /var/lib/dpkg/status
<jdstrand> nxvl: dpkg is supposed to detect that
<jdstrand> nxvl: I doubt it is a bug in dpgkg, so there might be some problem or overriding in the package
<jdstrand> man, I am typing too quickly
<jdstrand> anyhoo
<nxvl> :D
<jdstrand> nxvl: you might ask on #ubuntu-devel what might cause the behavior
<mogli427> .
 * ScottK2 dist-upgrades is test server to Hardy ...
<VoiDeT> Hey everyone, i'm going insane from trying to get proftpd workin with passive ports behind nat. Anyone care to lend a hand please?
#ubuntu-server 2008-03-19
<art3mis> is there anything that tells me EXACTLY whats all included as part of the ubuntu 7.10 server iso?
<art3mis> every single doc i've read seems to point taht lamp stuff isnt  and other related stuff
<art3mis> yet i know for a fact they are
<art3mis> it seems redundant to talk about "installing apache2" if it's already installed
<baffle> VoiDeT: Can't remember when I set that up last, but I guess it's not that different from setting it up to work with a normal iptables installation?
<VoiDeT> baffle: even with iptables its giving a port missmatch error. I'm reading up on ubuntuforums alot of people are having issues with nat, producing the same error, but i can't seem to fix it like they can :S
<art3mis> the ubbuntu server guide seems to be more of a "how to make ubuntu into a server" than anything related to the ubuntu-server iso
<ScottK2> sommer: ^^^^
<baffle> VoiDeT: If I remember correctly, the most important things is to define the range to use for passive ports in proftpd.conf, and also specify your external
<baffle> VoiDeT: If I remember correctly, the most important things is to define the range to use for passive ports in proftpd.conf, and also specify your external IP address to some option.. And to forward the range + normal ftp ports in to the server in question.
<VoiDeT> baffle: range is defined as 60000:65534, ports 20:21 are forwarded to the box, also are the passive ports, and MasqueradeAddress is set to my public ip
<baffle> VoiDeT: Well, then it works. :)
<baffle> (Clearly not, but anyway)
<VoiDeT> but its not :(
<VoiDeT> hehe
<baffle> As far as I can remember, that was the only options I set up last time I did this. Well, actually I wasn't using NAT, but except the MasqueradeAddress the setup is identical.
<baffle> Have you run tcpdump on the various servers?
<baffle> So that you know that the responses are correct etc.
<VoiDeT> well i see whats happening
<baffle> And are you actually checking from a remote host.. :)
<VoiDeT> they connect fine, login all that, but when a command to ls etc. is made, the client is told to use its local ip, and they try use that to execute the command,
<VoiDeT> because im seeing the ppls local ips, even though their on the other side of the world
<baffle> Uhh, that's strange.
<lamont> ScottK: thoughts on 180551?
<lamont> I rather suspect this is a simple case of freebsd(?) defaulting to actually setting hostname to the fqdn, not just one component... at least in Wietse's world.
 * lamont smacks bug 200308 into oblivion.  iz PEBCAK
<ubotu> Launchpad bug 200308 in postfix "Upgrade doesnt work if using mysql dict types" [Undecided,Invalid] https://launchpad.net/bugs/200308
 * lamont always loves it when the submitter finally gives sufficient information to verify that things are (not) working in exactly the manner that they told postfix to
<lamont> maybe I should have preinst and start check for stupidity in alias_database maptypes
<baffle> Anyone from the server team (or someone else) with insight in the multipath-tools-boot package?
<kgoetz> morning all
<art3mis> so anyone have an ubuntu-server guide that doesnt suck?
<art3mis> or perhaps a ubuntu-server document that actually says whats all installed instead of telling you how to install things that already exist on the server?
<art3mis> its great to say "lamp" but if it doesnt tell you what mod_xxx's exist or what versions of the lamp components are installed in the iso
<art3mis> man, someday im gonna remember how useless irc is most days.. off to centos!
<kgoetz> someone was here to make friends
<baffle> Yeah. He didn'y even have a question.
<VoiDeT> haha
<VoiDeT> admin overlord
<baffle> (Altho he did have a point, that server guide sure is pointless)
<kgoetz> he did have a question, just it wasnt obvious (and i wasnt looking...)
<kgoetz> baffle: how so?
<baffle> kgoetz: Well, maybe it isn't pointless for "most people". But nothing I've ever wanted to have answered has been there at least. :)
<kgoetz> baffle: tbh, i've never looked there *before* asking, so i dont really now :$
<kgoetz> *know
<baffle> kgoetz: I would expect an "advanced topics" section to include things like high availability, clustering of services, clustering of filesystems, lvm in depth, iscsi/fc storage information, multipath information etc.
 * kgoetz goes to look at what it actually inclused
<kgoetz> actually, no i wont, because works just deced i have stuff to do ;|
<lamont> baffle: do you have the conntrack_ftp module (or whatever) loaded?
 * lamont considers asking "there's a server guide?", then decides not to troll
<kgoetz> hehe.
<kgoetz> will be linked with hardy :)
<lamont> I generally just install the server bits, and then add what I want/need as I go.
<lamont> unless it's a desktop box, in which case s/server/desktop/ and lather/rinse/repeat
<baffle> lamont: I think most people do.
<lamont> well, and any of them tend to get 'home-config' from the repo at the house, which violates debian policy left right and sideways to make things what I want them to be on the home machines
<lamont> "because once you have tac nukes, everything starts to look like a small city"
 * kgoetz didnt follow that last rant
<lamont> tac nukes comment is my version of the hammer & nail cliche
<lamont> home-config is the "smack the config around right, and depend on those other packages I want" not-quite-meta package
<lamont> which also delivers my version of several other packages config files, etc.
<lamont> iz very policy-violating
<kgoetz> ah right
<kgoetz> Jeeves_: you around? wondering if you did hardy or an earlier ubuntu
<ScottK> lamont: is 180551 and affect of Bug #8980
<ubotu> Launchpad bug 8980 in netcfg "hostname -f does not return a proper FQDN" [Medium,Confirmed] https://launchpad.net/bugs/8980
<lamont> hrm... quite possiblt
<lamont> possibly, even
<ScottK> Bonus points for fixing bugs with numbers less than 10,000.
<baffle> Fix bug #1.
<ubotu> Launchpad bug 1 in ubuntu "Microsoft has a majority market share" [Critical,Confirmed] https://launchpad.net/bugs/1
 * lamont remembers getting the email from bugzilla when that bug was originally filed
 * lamont rapidly approaches time to head back home
<VoiDeT> :)
 * lamont -> home
<sommer> ah, he left
 * googlah|sleepy will give a try to install Spamassasin along with Postfix
<ScottK2> googlah|sleepy: You'll be happier in the long run if you use amavisd-new to glue them together.
<dthacker-laptop> I'm getting "unable to determine geometry of file/device" from gparted on a Compaq DL360 (orginal pIII)
<dthacker-laptop> darn.  does not recognize the array.
<sommer> baffle: the server guide currently is geared more to admins new to linux or ubuntu
<sommer> baffle: that doesn't mean it has to always be that way, do you have any other topic suggestions?
<dthacker-laptop> yeesh. I get to make a custom CD.
<googlah|sleepy> ScottK2: Don't seem to be any good tutorials out there though. But amavis seem familiar, isn't that which puts a line in each mail, that is has been checked?
<dthacker-laptop> googlah: I missed part of your conversation.  What is it that you are trying to accomplish?
<googlah|sleepy> ah, just said that I would give a try to install Spamassasin along with Postfix, but ScottK2 said Amavisd would be better in the long-run
<dthacker-laptop> googlah|sleepy: ok.
<sommer> googlah|sleepy: the "Mail Filtering" section covers amavis: http://doc.ubuntu.com/ubuntu/serverguide/C/index.html
<googlah|sleepy> Ah, thank you. great guide btw.
<sommer> googlah|sleepy: thanks, if you see any mistakes or issues please let me know... it can still be updated until thursday
<googlah|sleepy> Oh, its yours?! keep up the good work. Is it for the release of Hardy Heron?
<sommer> googlah|sleepy: yep, but most of it should work fine on gutsy, I don't think those packages changed much
<googlah|sleepy> Noo, me neither.
<ScottK2> googlah|sleepy: Also for postfix you can get the latest (2.5.1) in gutsy-backports
<lamont> ScottK: and 2.5.2 is due to be out sometime soonish (iz RC now)
<googlah|sleepy> sommer: May you not mention the --purge option in the Apt-Get section?
 * lamont sleeps
<sommer> googlah|sleepy: that's a good point
<sommer> I'll add some information on that
<googlah|sleepy> Yeah, sometimes you want to remove the configuration files as well
<sommer> definitely I use it frequently :)
<stiv2k_> hey
<stiv2k_> http://galatea.neoturbine.net/projects/phpsysinfo/
<stiv2k_> any reason why it doesnt show the mount points there
<googlah|sleepy> <?php
<googlah|sleepy> print_r (phpinfo());
<stiv2k_> uh
<googlah|sleepy> oops. tried the stable release of phpsysinfo?
<stiv2k_> is mine old?
<stiv2k_> it's always been like that though
<googlah|sleepy> no, yours is newer, but it's just an RC
<googlah|sleepy> beta
<stiv2k_> oh
<stiv2k_> i dunno, the stable one looked kinda old
<stiv2k_> but i mean it works with the beta one on different systems
<googlah|sleepy> it sure does, but try and see if thats where the problem is
<stiv2k_> perhaps i should try to read the code and see where it gets that information from
<stiv2k_> i dont think i feel like doing that right now
<googlah|sleepy> heh, no. but whats the time over there right now? it's not 5am as it is here. :p
<stiv2k_> lol, no
<stiv2k_> midnight
<googlah|sleepy> heh, yeah
<_ruben> mornin
<Jeeves_> kgoetz: Awake?
<_ruben> Jeeves_: 32-way web server? not bad ;)
<Jeeves_> _ruben: The T1000 has a cpu with 8 cores, and four threads per core.
<_ruben> Jeeves_: ah, nice
<_ruben> cant wait to start my virtualization project .. will be using a dual quad core with 32gb initialy
<Jeeves_> Nice :)
<_ruben> too bad another collegue gets to play with it first ... test with running office apps in an rdp application server
<_ruben> damnit .. too many ppl drinking hot choco, them bastards .. machine's out of cacao, same as yesterday morning .. sigh :p
<_ruben> Jeeves_ (or anyone else with archive access): could you tell me whats the size of the archive for just gutsy i386+amd64?
<Jeeves_> _ruben: Can't tell
<Jeeves_> All the files for the various releases are in the same directory
<_ruben> ah crap
<_ruben> not feeling like syncing releases i wont use anyways
<Jeeves_> _ruben: apt-proxy ?
<_ruben> thats one i havent looked into yet
<_ruben> apt-proxy doesnt build a 'full' mirror, only packages that have been requested once .. then again .. that might a decent solution afterall
<kraut> moin
<_ruben> mornin kraut
<kraut> mornin _ruben
<nijaba> morning
<Kamping_Kaiser> Jeeves_, around now
<Kamping_Kaiser> Jeeves_, whys your system got 32 cores, ours is only 24 :(
<Jeeves_> Kamping_Kaiser: Hi!
<Jeeves_> Upgrading to Hardy as we speak
<Kamping_Kaiser> _ruben, use debmirror and sync with that, it'll tell you how big the release is, then you ^C it and move on :)
<Kamping_Kaiser> Jeeves_, ah, so didnt install with gutsy/
<Kamping_Kaiser> ?
<Jeeves_> Kamping_Kaiser: I installed gutsy now
<Jeeves_> Dapper didn't work
<Jeeves_> Haven't tried the Hardy installer
<Jeeves_> So if you try that
<Jeeves_> That would be handy
<Kamping_Kaiser> hardy Doesnt Work For Me (TM)
<Jeeves_> Hmm?
<Kamping_Kaiser> well, the snapshot from 20080225 doesnt
<Jeeves_> On the Sun?
<Kamping_Kaiser> on a SunBlade 150 (workstation)
<Jeeves_> Ah ok
<Kamping_Kaiser> i havent tried the T1000 yet
 * Kamping_Kaiser has been upsettingly busy - your going to finish both systems at the rate your going
<Jeeves_> Kamping_Kaiser: I've fix /etc/ethers for you so you can edit that too
<Kamping_Kaiser> Jeeves_, cheers
<Jeeves_> I'm going into a meeting
<Kamping_Kaiser> can you email me the mac of the system your playing with and i'll leave it alone
<Jeeves_> will be back in about an hour
<Kamping_Kaiser> if you want :)
<Kamping_Kaiser> np
<_ruben> Kamping_Kaiser: debmirror seems useful btw, will look into that some more
<Kamping_Kaiser> _ruben, np. its handy
<_ruben> Kamping_Kaiser: you're using it yourself as well ?
<baffle> sommer: I have loads of topic ideas. :-)
<Kamping_Kaiser> _ruben, currently, yes i do. planning to switch to the proper archive mirror scripts probably, but debmirror for the moment
<baffle> sommer: What about "Secure and distributed AAA in the enterprise"? :) I.e. setup of kerberos kdc + slaves, replicated LDAP masters, libnss_ldap and all the friends.
<_ruben> Kamping_Kaiser: why if i may ask? ;-)
<Kamping_Kaiser> _ruben, because debmirror doesnt get "metadata" - eg lots of stuff required by debian-cd
<_ruben> Kamping_Kaiser: ic
<Kamping_Kaiser> if all you need is .deb files, debmirror is great. if you need to make cds... debmirror makes your life harder :)
<_ruben> perhaps i should just go down the full rsync route, and put some harddisks and our internet link to some good use ;-)
<Kamping_Kaiser> hehe
 * _ruben does have a few spare Mbps (95-percentile wise)
<Kamping_Kaiser> :O bugger
 * Kamping_Kaiser needs more nybles
 * _ruben bitchslaps some co-workers
<_ruben> they ordered (paralel) ata disks for our new backup server instead of sata
 * Kamping_Kaiser wonders if _ruben is a sysadmin
<Kamping_Kaiser> ahahahah
<_ruben> 8x500GB
<_ruben> wonder if i can take em home to upgrade my 6x200GB server ;)
<Kamping_Kaiser> hehehe
<Kamping_Kaiser> i'm going to need more hdd if i want to play with fossology properly :( i hate buying disc
<_ruben> fossology?
<_ruben> disks become cheaper way too fast .. buy today, half-price tomorrow
<Kamping_Kaiser> http://fossology.org/
<Kamping_Kaiser> i sleep with my computers in the same room. if i throw in more discs i need more servers (so another machine) andi have much more noise :(
<Kamping_Kaiser> _ruben, i want to feed debian+ubuntu+gnewsense into it. so i'll need *terabytes*
<_ruben> luckily i dont sleep in the same room as my computers no more
<_ruben> currently i have about 2-3TB of storage at home
<Kamping_Kaiser> i'd like some of that sort of storage at home :(
<Kamping_Kaiser> stuff we have at work doesnt count
<_ruben> got one server with 6x200GB ata disks .. and another with 6x250GB sata disks
<_ruben> sw raid5
<_ruben> but those you dont want to sleep next to ;)
<henkjan> eneco must be happy with you :)
<_ruben> henkjan: nah .. but essent might ;)
<_ruben> tho they actually reduced my monthly fee this year .. then again .. that was based on flawed info (moved there last august, and the first few months we didnt use much power)
<_ruben> henkjan: and further more, those two arent on 24/7 ;)
<_ruben> the only 'box' that's on 24/7 currently is an epia 500MHz mobo with a single hdd .. rest of the boxes have WoL
<henkjan> ah, i'm using an epia too, 533Mhz
<nhannt> my ubuntu server always frezes network service after 15-20min. When need to connect, I have to "ping" it then it's fine
<nhannt> anyone has such a problem?
<_ruben> henkjan: could be 533MHz indeed, got a 800MHz one as well, but that one isnt passively cooled
<_ruben> 533 it is
<cjsstables> Morning all.  I have a quick question regarding my ubuntu server set up.
<Kamping_Kaiser> !ask
<ubotu> Please don't ask to ask a question, ask the question (all on ONE line, so others can read and follow it easily). If anyone knows the answer they will most likely answer. :-)
<cjsstables> currently running a caching name server.  It appears that I can resolve ip addresses inside and outside of my private network, however, when I try to ping my internal name sever I don't get a response.
<cjsstables> idon'thave any firewall set up at this time
<_ruben> so you can resolve but not ping?
<_ruben> and you're sure you're using the same machine to resolve and are trying to ping?
<cjsstables> no can't resolve either,  but I can resolve other a recordson the internal network
<cjsstables> for instance i can resolve gateway which is an A record of 192.168.x.x
<cjsstables> I can ping it and I can typein http://gateway ....................and I get the routers web page
<cjsstables> so that appears to be resolving for me but I can't resolve to the main server
<cjsstables> which is my apache, ldap, samba server.
<_ruben> im guessing that your using your router's dns server which doesnt know about your own ubuntu  nameserver yet
<cjsstables> well my client is only pointing to my caching dns server but it also has the an entry for gateway
<cjsstables> my caching name serveralso has forwarders set up for external dns
<_ruben> cjsstables: are you trying to ping by hostname or ip?
<cjsstables> both, neither work
<cjsstables> oops hold on that..  one second let me verify
<cjsstables> I can ping ip ok but not by host name
<cjsstables> however i can ping my router by host name
<cjsstables> it has an A record in DNS  gateway 192.168.1.1
<_ruben> which means there's nothing wrong with ping, just the dns records being fubared
<cjsstables> but there is also an A record for the server DC01 192.168.1.2
<cjsstables> I don't understand how I can resolve one but not the other
<cjsstables> oops.  hold on..  I just did a ping on dc01 and it resolved
<cjsstables> it wasn't doing that before
<cjsstables> ok..  here is some moreinfo.   if I ping gateway I can resolve.  if i ping gateway.cjsoffice.local I can't resolve
<cjsstables> is it because my domain ends in local?
<_ruben> it depends on both your local machine's resolver settings and the nameserver configuration
<_ruben> .local itself shouldnt impose any problems
<cjsstables> ok. I haven't done anything with the resolv.conf on the localmachine.  could that be the issue?
<cjsstables> any clue is that I get an error message after boot as follows....  Could not look up internet address for client01. This will prevent Xfce from operating correctly
<cjsstables> what would I need to putintomy resolve.conf
<_ruben> "nameserver ip.address.of.nameserver" ... and optionally "search cjsoffice.local"
<cjsstables> ah.....  that makes sense.  I'll try that.  what service will I need to restart after I make those changes?
<cjsstables> or should I just do a reboot
<_ruben> nothing .. should work right away
<cjsstables> k. brb
<Jeeves_> Kamping_Kaiser: Still awake?
<Kamping_Kaiser> Jeeves_, still here
<Jeeves_> Hardy is broken for sparc
<Jeeves_> http://nl.archive.ubuntu.com/ubuntu/pool/universe/d/db4.4/libdb4.4_4.4.20-11_sparc.deb is a symlink to a non-existant package
<cjsstables> oklooking at my resolv.conf I have  domain cjsoffice.local then nameserver 192.168.1.2 nameserver "my ispsdnsaddy 1" nameserver "my ispsdnsaddy2"
<_ruben> i thought sparc support was dropped completely for hardy ?
<Kamping_Kaiser> Jeeves_, :( i knew it was unsupported, broken as well is upsetting
<Jeeves_> Kamping_Kaiser: I'm checking if it might be my mirror
<_ruben> Jeeves_: i'd blame the mirror in your case ;-)
<Kamping_Kaiser> hehe
 * Kamping_Kaiser might [re]suggest debian to his work
<Jeeves_> Kamping_Kaiser: Sorry, what?!
<cjsstables> _ruben Should I remove the external nameserver entries
<Kamping_Kaiser> Jeeves_, i might suggest a platform thats going to receive support to my workplace ... not being able to get things fixed on a server is a bit of a ... pain :|
 * Kamping_Kaiser sighs. i'll have to mentally thrash that out later
<_ruben> cjsstables: if your own nameserver is setup properly and always available, then they shouldnt be needed
<Jeeves_> Hmm, it seems that archive.ubuntu.com does have the needed file
 * _ruben suggests Jeeves_ and Kamping_Kaiser to team up to write a proper mirror script ;-)
<Kamping_Kaiser> hehehe. :P
<cjsstables> ok.  be back in a bit... thanks _ruben
<_ruben> ok .. thats enough makeing fun of innocent ppl for today ...
<_ruben> tho cant promise anything
 * Jeeves_ is syncing as we speak
 * _ruben probably should go try to get some actual work done for a change
 * Kamping_Kaiser laughs at doing work
<Kamping_Kaiser> pschulz01, hello
<Kamping_Kaiser> you just missed us talking about suns :)
<Jeeves_> Kamping_Kaiser: The box is upgraded to hardy
<Kamping_Kaiser> Jeeves_, and running ok? i may have to rip off a gutsy cd at work and try that.
<Kamping_Kaiser> its a shame to see sparc in ports again :(
<Jeeves_> Kamping_Kaiser: I'm rebooting as we speak
<Jeeves_> {0} ok boot disk
<Jeeves_> Boot device: /pci@7c0/pci@0/pci@8/scsi@2/disk@0,0  File and args:
<Jeeves_> Let's see what it does!
<Jeeves_> Loaded kernel version 2.6.24
<Kamping_Kaiser> :)
<Jeeves_> bit-beheer@webserver2:~$ uname -a
<Jeeves_> Linux webserver2 2.6.24-12-sparc64-smp #1 SMP Wed Mar 12 23:52:17 UTC 2008 sparc64 GNU/Linux
<Jeeves_> Works
<Jeeves_> (Fixed our mirror too, btw)
<Kamping_Kaiser> neat
<Kamping_Kaiser> so it can be made to run, but the support level may be less then ideal
<Jeeves_> Kamping_Kaiser: It seems, yes
 * Kamping_Kaiser is wgetting isos at work to test on the sunblade150
<Kamping_Kaiser> Jeeves_, so are you dualbooting that server, or just ubuntu on it?
<Jeeves_> Kamping_Kaiser: I've trashed Solaris
<Jeeves_> root@webserver2:~# cat /proc/mdstat
<Jeeves_> Personalities : [linear] [multipath] [raid0] [raid1] [raid6] [raid5] [raid4] [raid10]
<Jeeves_> md1 : active raid1 sdb4[2] sda4[0]
<Kamping_Kaiser> Jeeves_, ok. i still want to try a multiboot if the 2nd T1000 is still unused
<Jeeves_> Kamping_Kaiser: Feel free, but I want to test the whole bunch by monday
<Kamping_Kaiser> Jeeves_, right.
<Kamping_Kaiser> B - Backspace key sends    : BS
<Kamping_Kaiser> terminal emulators rock
<Kamping_Kaiser> Jeeves_, can you give me permission to use /dev/ttyS0? i need it for minicom. either changing its group, or adding me to dialout would work
<Jeeves_> Kamping_Kaiser: Ehm
<Kamping_Kaiser> or i could juse use ssh i guess
<Jeeves_> YOu should ssh to the ilom
<Jeeves_> console -f
<Jeeves_> ssh webserver1.ilom.ubunturelease.bit.nl
<Kamping_Kaiser> yeah, ssh works *smacks self*
<J_P> hi all
<Jeeves_> Hi
<pschulz01> kgoetz: pong
<J_P> people, I have ubuntu 6.10 in my server in production, but now I need python 2.5 for my app and default is 2.4 on 6.10. There are somes packages in python 2.5, but not all like as python 2.4. So I think what is better choice. Is update to last version of ubuntu 7.10 right ?
<pschulz01> kgoetz: Any idea how to get the ICA protocol working in the gnome 'Terminal Services Client'?
<Kamping_Kaiser> ICA?
<pschulz01> Kamping_Kaiser: Citrix
<faulkes-> ICA is citrix
<pschulz01> Kamping_Kaiser: The option is there.. but it's greyed out.
<Kamping_Kaiser> pschulz01, you need to install the citirix client, which gnome TSC wraps around
<Kamping_Kaiser> pschulz01, with luck they have fixed the client to Not Suck (eg, to allow it to do encryption)
<pschulz01> Ta.. alian it is then
<J_P> any idea for my question ?
<pschulz01> alien
<cjsstables> _ruben  stillout there?
<pschulz01> Kamping_Kaiser: Is there a package?
<Kamping_Kaiser> pschulz01, for citrix? i dont remember. i think it was staticly linked tarball stuff (installed it on 6.06 at the hut)
<_ruben> cjsstables: more or less ;)
<cjsstables> ok.  still no good.  I can't seem to resolve dc01.cjsoffice.local to an ip,  however i can resolve dc01 to an ip
<J_P> is possible update ubuntu 6.10->7.10, or for need 6.10->7.04->7.10?
<Kamping_Kaiser> J_P, latter
<J_P> Kamping_Kaiser: thanks
<Kamping_Kaiser> np
<Jeeves_> Lunch!
<Kamping_Kaiser> enjoy :)
<pschulz01> Kamping_Kaiser: Wants openmotif
<pschulz01> Kamping_Kaiser: sheesh.
<Kamping_Kaiser> heh
<Kamping_Kaiser> i hate citrix, and its over that one experiance with their client. its going to take a lot of technical brilliance to be unscarred
<J_P> I trying find page on ubuntulinux.com where say relation of number and nickname, but not find, anyone know ?
<pschulz01> Kamping_Kaiser: Doesn't look like the Linux client supports SSL yet.
<Kamping_Kaiser> pschulz01, i remember trying the native linux and java client, both sucked (wouldnt do crypto properly)
<pschulz01> "Citrix SSL server not accepting connections"
<Kamping_Kaiser> pschulz01, what level of encryption is the server using?
<Kamping_Kaiser> if its > 128 (iirc) bit you're stuffed (unless they fixed the client in the last few years)
 * Kamping_Kaiser frantically tries to remember how to send 'stop a' without a 'stop a' key
<Kamping_Kaiser> ^break i think
<Kamping_Kaiser> nope :/
<Kamping_Kaiser> oh well. tomorrows problem :(
<Kamping_Kaiser> Jeeves_, hope to catch you tomorrow.
<Kamping_Kaiser> night all
<J_P> Kamping_Kaiser: yet about update, I need reboot after each update version or Can I reboot only in last update ?
<Kamping_Kaiser> J_P, every update
<J_P> Kamping_Kaiser: ok
<sommer> baffle: Those are good ideas, I had planned on expanding the LDAP, and Samba sections for the next release.
<sommer> baffle: usually the first step in the process I've been using is to update or create an article in the wiki first, then place the content into DocBook for the official docs
<sommer> baffle: if you can help document any of those areas it would be greatly appreciated, either way thanks for the ideas... good stuff
<baffle> soren: Is there anyone on the serverteam hanging around that can assist in bugfixing multipath-tools-boot? I've discovered what has happend and created an ugly workaround. But I'm not familiar enough with it to implement it in a proper way.
<soren> baffle: "has happened"?
<baffle> soren: The initramfs first runs dmsetup (probably the lvm2 scripts) and discovers the logical volumes before the multipath script is run. This means that it can not create the /dev/mapper/mpath0, because there are allready mappings for it. If I stop the script, use "dmsetup remove /dev/mapper/<volumes>", "multipath", "kpartx /dev/mapper/mpath0", "lvm vgscan" then everything seems to work. :)
<soren> baffle: Hm.. Ok. Let me check something.
<baffle> soren: I.e. i'm going into a shell in the scripts/local-top/multipath script, entering the commands "dmsetup remove kvm1--5.v.kq.no-root" "dmsetup remove kvm1--5.v.kq.no-swap_1" "multipath" "kpartx -a /dev/mapper/mpath0" "lvm vgscan" and then exiting.
<soren> baffle: It might be a simple fix..
<baffle> soren: Yes, maybe. I'm also not sure how or when the "local" scripts might be run.
<Solarion> so I'm setting up a computing cluster (high-performance for solid-state physics).  What kind of server management support does Ubuntu have?
<Solarion> I'm looking at managing about 20-30 computing nodes
<Solarion> links are great
<soren> baffle: Are you at libery to fiddle a bit with the system?
<baffle> soren: Yes, very much so.
<soren> baffle: Cool. Could you try renamed /etc/udev/rules.d/95-multipath.rules to /etc/udev/rules.d/65-multipath.rules ?
<soren> s/renamed/renaming/
<Solarion> I'm also interested in how Canonical support would work (and cost) for such a system.
<soren> And the run an update-initramfs -u -k `uname -r`
<soren> Solarion: Hang on.
<Solarion> soren: thanks
<soren> Solarion: Canonical offers http://www.canonical.com/projects/landscape
<soren> Solarion: You get it for free along with a support contract.
<soren> I'm not sure what Ubuntu itself has in that area.
<Solarion> soren: Hmm.  What level of support contract?
<Jeeves_> It's too bad landscape can't be bought to run locally
<Solarion> soren: Also, how much would support cost for a 20-30 node cluster?
<baffle> soren: And rebooting I guess. :)
<Solarion> since it's kind of one and kind of many boxes
<soren> baffle: Yes :)
<soren> Solarion: You'd have to ask them.
<soren> http://forms.canonical.com/dashboard/survey/response.jsp
<Solarion> soren: ah, I thought you were a Canonical employee.  :)
<soren> Solarion: I am. :)
<Solarion> soren: do you have any detailed knowledge of how Landscape works?
<soren> Solarion: I don't sell support, though :)
<soren> Solarion: What do you want to know?
<Solarion> heh.  Fair 'nuff.  :)
<Solarion> so Landscape runs on Canonical's servers?
<soren> The server part of it, yes.
<Solarion> the page is kind of sparse on details
<soren> The agents fetch information from the server every once in a while and act upon the data it gets back.
<Solarion> soren: How would computing nodes hidden (and not routed to the Intarwebs) be managed in that case?
<soren> Stuff like "Add this user", "install this package", "run this script"..
<soren> Solarion: Dunno.
<Solarion> computing nodes can talk to the head node and shouldn't talk beyond it.
<Solarion> so it's kinda like Red Hat's management stuff then?
<soren> I'm not sure how that'd work. The good folks in our support centre would know, though :)
<Solarion> heh
<soren> Solarion: I have no clue about redhat's management stuff :)
<Solarion> it's small enough that I could always just do NFS and potentailly run an interior mirror, but the easier and more Canonical-supported, teh better.
<soren> Sure.
<baffle> soren: Nopes, same error. As I mentioned, I spawn a shell in local-top/multipath, and I checked, the path could not be created, and /dev/mapper/<lvm-volumes> existed. I also noticed that it seems to take a little while before the devices from the FC-bus actually gets registred, because the initial run of "multipath" didn't actually create *any* paths, but then some kernel messages popped out and running multipath again created mpath1 (wich doesn'
<soren> baffle: I'm struggling to remember why I moved it to 95..
<baffle> soren: So it is udev that runs dmsetup and creates the devnodes for lvm logical volumes?
<soren> baffle: You shouldn't need to run multipath manually.
<Solarion> soren: another reason to go Ubuntu is system76.  :)
<soren> baffle: udev should notice when new stuff shows up and ask multipath if it wants to use it for anything.
<Solarion> anyone have experience with them?
<baffle> Solarion: From what I've understood from Landscape it is quite simmilar to RHN, yes.
<baffle> (We have RHN for some customers)
<soren> baffle: Are you still in the initramfs?
<baffle> soren: No, I just booted, but I can boot back in.
<baffle> soren: Maybe it should be 64, not 65? I.e. so it is run before dmsetup.
<soren> baffle: Could you please check that the multipath rules files actually has 65- in  /etc/udev/rules.d/ ?
<soren> baffle: Heh. You could try.
<baffle> soren: I can just unpack the initramfs.
<Solarion> baffle: who is "we"?
<soren> baffle: Sure.
<soren> Solarion: It's them.
<soren> :p
<baffle> Solarion: A company.
<soren> *g*
 * soren goes to fetch some water
<Solarion> baffle: ok
<baffle> soren: Actually.. I can't seem to find *multipath* in etc/udev/rules.d/ from the initramdisk...
<Solarion> looking forward to the next LTS release btw
<Solarion> any estimate when gcc 4.3 will be available?
<baffle> Yes, with the new LTS release I know a lot of our customers will start using Ubuntu instead of RHEL/SLES/Debian..
<soren> baffle: Er.. That's... Er...
<baffle> Solarion: It is a teleco/isp called Ventelo in Norway.
<baffle> soren: Maybe that is the problem. :)
<Solarion> baffle: ah, sounded like you were a consulting biz
<baffle> Solarion: I am.
<baffle> Solarion: I work in the part of the company that does hosting of larger (mostly internet-facing) installations.
<baffle> Solarion: 4 datacenters, and the largest websites in .no.
<Solarion> COOL
<Solarion> dangit
<baffle> Solarion: Working with large clusters sounds more fun. :)
<Solarion> nijaba: sorry; not registered so I can't msg back.  I've put in a sales request so we'll see what they send back.
<baffle> soren: The comment "15:06 < baffle> Solarion: I work in the part of the company that does hosting of larger (mostly internet-facing) installations.
<baffle> 15:07 < baffle> Solarion: 4 datacenters, and the largest websites in .no.
<baffle> 15:07 < Solarion> COOL
<baffle> Ooops.
<Solarion> accidental posting of accidental caps.  heh.
<baffle> soren: The comment "# Only copy across relevant rules" in hooks/udev seems to be to blame?
<Solarion> baffle: so if I need to set up a website in Europe, I know whom to contact?  :)
<baffle> Solarion: As long as you want to pay a lot of money, sure. :)
<Solarion> heh
<soren> baffle: No, I think I am.
<baffle> soren: You are? Isn't this package just imported from Debian? :)
<soren> baffle: Nope.
<soren> baffle: So... You have the multipath binaries in the initramfs, right?
<baffle> soren: Yeah, they are there.
<soren> baffle: Interesting.
<soren> baffle: Er.. This is hardy, right?
<baffle> soren: As I mentioned, I can change things around so that it works.
<baffle> soren: Yes, hardy.
<baffle> Clean install from
<baffle> monday I think.
<baffle> From netinstall.
<soren> You have multipath-tools installed, and not multipath-tools-initramfs, correct?
<baffle> soren: Yes, multipath-tools and multipath-tools-boot
<baffle> "un  multipath-tools-initramfs"
<soren> God, I wish I had some hardware to test this..
<baffle> soren: You can use mine?
<baffle> soren: It's not like it is in production.
<soren> baffle: Nah, not quite yet.
<soren> baffle: Thanks, though.
<baffle> soren: Ah, you mean like in your lab so you can do regression testing etc. :-)
<baffle> soren: Don't you have a SAN lying around to test with? Jeez. :)
<soren> Ah... I think I see what's going on.
<baffle> soren: But if missing udev rules is to blame, maybe a "cp -p /etc/udev/rules.d/95-multipath.rules ${DESTDIR}/etc/udev/rules.d" should be added to multipaths hook?
<soren> baffle: multipath has no hooks. They were moved to multipath-tools-initramfs.
<soren> Which I somehow missed.
<baffle> Oh.
<baffle> But /usr/share/initramfs-tools/hooks/multipath exists?
<soren> Er... No?
<soren> Where does that come from?
<soren> dpkg -S /usr/share/initramfs-tools/hooks/multipath
<baffle> # dpkg -L multipath-tools-boot | grep hooks/mul
<baffle> /usr/share/initramfs-tools/hooks/multipath
<baffle> multipath-tools-boot: /usr/share/initramfs-tools/hooks/multipath
<baffle> soren: You have -boot installed as well, right?
<soren> Oh, I *thought* I did.
<baffle> Solarion: We've been working on a management system for all our customers, actually.. It incorporates package stuff from RHN, but we're trying to make it multiplatform. I.e. win32/win64/rpm-based linux/deb/freebsd/solaris. It's a challenge, but quite fun.
<soren> Lovely. that should probably install the multipath rules as well.
<baffle> soren: Where? It's not mentioned in the hook?
<soren> Right.
<baffle> soren: It just copies binaries etc.
<soren> Add:
<soren> cp /etc/udev/rules.d/*-multipath.rules $DESTDIR/etc/udev/rules.d
<soren> to the bottom.
<soren> of that hook script.
<soren> Rebuild, reboot, report :)
<baffle> Allready on it.
<soren> It's 65 now?
<soren> Or 95?
<baffle> No, I renamed back to 95.
<soren> Wonderful.
<soren> Carry on.
<baffle> Remote IP console sure rocks.
<soren> I believe you.
<baffle> Yay.
<baffle> It created mpath0
<soren> So we're happy?
<baffle> Not yet, I'll have to continue booting. And I think the management module of my bladecenter just rebooted..
<baffle> No, it was firefox exploding.
<baffle> And that is why it's called an alpha release. :)
<_ruben> heheh
<baffle> No, something else seems to have exploded....
<baffle> soren: No, not there yet. "Iii, panic! No root!"
<baffle> :-)
<soren> Ok.
<baffle> soren: I had to run "kpartx -a /dev/mapper/mpath0" for it to create the device nodes for the partitions.
<baffle> (And then follow up with LVM volumes)
<soren> baffle: Oh.
<soren> baffle: Right, rihgt.
<baffle> soren: But except that, it worked.
<soren> baffle: Add:
<soren> cp /etc/udev/rules.d/*-kpartx.rules $DESTDIR/etc/udev/rules.d
<soren> to the hooks script, too.
<soren> rinse, repeat.
<baffle> soren: Doesn't seem like kpartx was run, no root found.
<baffle> (95-kpartx.rules exists inside initramfs)
<baffle> soren: Running out of ideas? :)
 * soren is scratching his head
<soren> No, I'm not out of ideas.. My usual approach is a lot of poke, check, fiddle, check, ponder, poke, check.. It's not as easy when I need other people for the poking, fiddling, and checking :)
<baffle> soren: As I mentioned, you can get access to it if you want.
<soren> It's tempting.
<dthacker-work> Hi, I'm looking for a good HOWTO on setting up reverse DNS for a block of 64 addresses.   Many docs point to a site called Acme Byte & Wire  (http://acmebw.com) which seems to be down/gone.
<soren> dthacker-work: Talk to your ISP.
<soren> baffle: What sort of access can you get me?
<baffle> soren: Full KVM I guess.
<soren> baffle: I mean how? A java applet or some such?
<baffle> soren: Yes, java applet.
<soren> Won't work :)
 * soren is on amd64
<soren> No java applet love right now.
<soren> In a few days, sure. Right now? Not so much.
<baffle> soren: Oh, doesn't java work with amd64? Well, I can fix that as well. :)
<soren> baffle: So can I. In fact, I already did. It just needs to get uploaded :)
<baffle> soren: I meant in another way.
<soren> Do tell.
<baffle> soren: rdekstop to another machine, access from there.
<soren> baffle: Let me just think a little while longer before I get into something that involves rdesktop.
<baffle> soren: Okay. :)
<soren> Ok, so the multipath rules work fine..
<soren> New devices are created and they go through udev's processing.
<baffle> So far so good.
<soren> I don't see why the kpartx rules shouldn't see it.
<soren> baffle: Could you -- just for fun -- rename the scripts to 65, rebuild, reboot, etc?
<baffle> kpartx or multipath?
<baffle> Or both?
<soren> baffle: I was thinking both.
<baffle> booting
<soren> brb
<soren> back
<baffle> soren: No, doesn't seem to be a change. What puzzles me is that I in the local-top/multipath script I added the "sh" line after "multipath -v $VERBOSITY" (wich is set to 5 right now) and when I do an "ls /dev/mapper" only control shows up.. While I'm waiting for that, I get some kernel messages saying that the link on the FC adapters are up, some errors reading paths that are down etc, and then after some seconds I get /dev/mapper/mpath0.
<baffle> But no partitions.
<baffle> Is the scripts run alphabetically? Wouldn't kpartx udev run before multipath, now that both are at 65?
<baffle> (I never really understood udev, to be honest)
<soren> Doesn't matter.
<soren> They're not acting on the same devices anyway.
<baffle> True.. multipath is creating mpath0, and I guess then the same scripts are run over that device..
<soren> baffle: I don't quite understand what the point of the local-top/multipath  script is.
<soren> udev should totally handle all of that.
<soren> baffle: What is 'the "sh" line'?
<soren> Oh! That's how you break out of the boot process?
<baffle> soren: Yes, is that wrong? I just exit the shell to continue..
<baffle> soren: I think basically what is does is to run "multipath", to detect paths for multipathd.
<soren> It's probably fine.. I just use "break=bottom" on the kernel command line.
<soren> baffle: right, and that shouldn't be necessary.
<baffle> soren: It automatically breaks at the bottom as well, when it can't find root. :)
<soren> baffle: I thought you said it paniced?
<baffle> soren: No, not panic.
<soren> 15:35:52 < baffle> soren: No, not there yet. "Iii, panic! No root!"
<soren> :)
<baffle> soren: Ah, sorry. :)
<baffle> soren: It just runs the normal loop w/counter waiting for /dev/mapper/root-logical-volume to be available (not, it's not named that), and then exits to the shell.
<soren> baffle: The mpath device you mentioned earlier is a symlinnk, rigt?
<soren> Er....
<soren> ...is a symlink, right?
<baffle> soren: No..
<baffle> Hm.
<soren> Ah, no. I'm living in the past. Never mind.
<baffle> "user_friendly_names yes" is set in /etc/multipath.conf, maybe it barks because it doesn't just use dm0?
<baffle> I think that is the option that creates that name.
<soren> That's possible.
<baffle> Maybe I should reboot without that.
<soren> Is that the default or did you change it?
<baffle> multipath.conf doesn't exist, but it is mentioned as a common default in the example file.
<baffle> I'll try removing that file, remaking, rebooting.
<soren> Removing the example file?
<soren> baffle: Ah, changing that shouldn't matter.
<baffle> soren: Ah. Instead of /dev/mapper/mpath0 I now get /dev/mapper/1676a6767b76767c76767d767ee4211243 (The UUIDs I guess). .Yay! :)
<soren> baffle: Heh.
<soren> baffle: Do you have any links to that in /dev/disk/by-id ?
<baffle> soren: Yes.
<baffle> soren: dm-uuid-mpath-36006016027d01e004c41e4e1e7f4dc11 -> ../../mapper/36006016027d01e004c41e4e1e7f4dc11
<baffle> soren: dm-name-36006016027d01e004c41e4e1e7f4dc11 -> ../../mapper/36006016027d01e004c41e4e1e7f4dc11
<baffle> soren: scsi-36006016027d01e004c41e4e1e7f4dc11 -> ../../mapper/36006016027d01e004c41e4e1e7f4dc11
<baffle> (This is after boot, I didn't check that inside the initrd)
<soren> That's fine.
<soren> Oh!
<soren> Are there not /dev/dm-* device nodes?
<baffle> Hmm.
<baffle> soren: No?
<soren> That would exlain it. Hah!
<soren> Ok, grab the kpartx.rules, change the following:
<soren> At the bottom there are a few calls to kpartx.
<soren> "kpartx -a -p -part /dev/$kernel"
<soren> should read
<soren> "kpartx -a -p -part /dev/%k"
<soren> Please try that
<baffle> Should I rename them back to 95 as well?
<soren> That would be lovely.
<soren> ...so as to only test one fix at a time.
<sommer> soren: is there any issue with mentioning open-vm-tools in the documentation?
<soren> sommer: No, please do.
<sommer> soren: cool thanks
<TeTeT> server in the blogs: http://www.bmighty.com/blog/main/archives/2008/03/ubuntu_eyes_the.html
<baffle> Oh, I used the wrong name.
<baffle> $k, not %k. :)
<baffle> Nopes, no partitions in /dev/mapper still...
<baffle> I wonder how it compares to centos udev rules..
<soren> baffle: h..
<soren> hm..
<soren> baffle: You won't get much out of that.
<baffle> Probably not.
<soren> baffle: CentOS uses a completely different approach and an ancient kernel (AFAIK).
<baffle> soren: What does %k represent?
<soren> I belive it's the kernel's name for the device.
<baffle> And $kernel is?
<soren> unknown
 * soren thinkgs some more
<baffle> soren: The options to kpartx.. "-a -p -part <device>".. I guess -p -part just means the devices will be named mpath0-part1 -part5 etc.. So that's OK I guess.. Hmm..
<soren> Right.
<mohamed_> hello all, when i usind nfs server it work sometime and then not work again i get permission message " mount.nfs: homeserver:/downloads failed, reason given by server: Permission denied " any help ?
<baffle> soren: Maybe I (you?) should create a bug...
<baffle> bugreport.
<baffle> I guess the bug allready is there. :)
<soren> baffle: Ah.. $kernel is little-used synomym for %k.
<soren> Heh.
<ivoks> hm
<ivoks> dovecot -a
<ivoks> dupms configuration
<ivoks> idea! :)
<soren> YEah, we've used that before :)
<soren> baffle: Hmm... I think I know how I can fix it. I don't like it, though.
<ivoks> check if socket listen { client } is set; if not, add configuration to dovecot.conf; if yes, echo 'you already have configured sasl, you need to do bla bla...'
<soren> I wrote code to do that while back.
<soren> ivoks: Hang on.
<soren> ivoks: Doh! I put it on pastebin, and it's gone now.
<ivoks> never mind...
<soren> baffle: Are you in a hurry, or do you have time for me to read a few pages of stuff?
<soren> baffle: While you wait, maybe you could run "udevtest /block/<name of the mpath device>" and paste the output somewhere?
<soren> baffle: Hahah!
<soren> baffle: Ok, here we go.
<soren> Instead of %k, put either %N or $tempnode (they're equivalent, so whichever one you think is prettier).
<soren> ivoks: December 3rd, this channel. Check the logs :)
<ivoks> soren: lol
<ivoks> i already droped that idea...
<ivoks> we need conffile management system :D
<soren> Alright :)
<ivoks> we can't create package that would patch configuration file
<ivoks> that's insane
<ivoks> if someone alters configuration file, patching fails
<ivoks> maybe we could alter original dovecot.conf and replace # with #UBUNTU-SASL#
<ivoks> and then, after installation of dovecot-postfix-sasl package, just sed 's/#UBUNTU-SASL#//g' :)
<ivoks> anyone with better idea? :)
<mathiaz> ivoks: why don't we ship a default dovecot configuration with sasl enable ?
<ivoks> cause maybe postfix isn't installed
<ivoks> dovecot doesn't depend on postfix
<mathiaz> ivoks: and when the postfix-sasl package is installed we setup the sasl socket to the right path
<mathiaz> ivoks: like linking to it or something like that
<ivoks> and if there's no postfix, dovecot fails to start cause of missing direcotry in which it should create socket
<ivoks> we could try linking
<mathiaz> ivoks: ah yes - so make dovecot not fail it the directory is missing
<mathiaz> ivoks: /it/if/
<ivoks> why not create socket in /var/run/dovecot/auth-socket
<ivoks> and then, after installation of postfix-sasl, just link it to /var/spool/postfix/auth/whatever
<ivoks> that way we wouldn't touch dovecot's config and other programs could use it too...
<ivoks> ah... i know why...
<ivoks> that file should be writable by postfix user
<baffle> soren: Rinsing and repeating.
<ivoks> mathiaz: i don't think it would be easy to make dovecot not to fail if there's no directory
<ivoks> right... and softlink wouldn't work, since postfix is jailed
<soren> bindmount
<soren> we've been through this  :)
<ivoks> we were, yes
 * soren afj fir a little bit
<baffle> soren: %N = no luck.
<baffle> soren: Uhh, should I add something like touch /tmp/tried_%N in there and retry? :)
<baffle> soren: Can I have more than one RUN+ lines? :)
<ivoks> mathiaz: why not sed deovcot.conf? it's not conffile :)
<mathiaz> ivoks: it's control by ucf IIRC
<ivoks> so, we don't want to ask user anything on upgrade...
<ivoks> but we already do some seding on dovecot.conf in postinst scripts
<mathiaz> ivoks: in the postinst dovecot pkg ?
<mathiaz> ivoks: that's allowed.
<ivoks> no, in package that doesn't provide dovecot.conf
<ivoks> dovecot.conf is owned by dovecot-common
<ivoks> and we sed it with dovecot-imapd|pop3d
<mathiaz> ivoks: well - it's the same source package
<ivoks> ok, so from same source is ok?
<ivoks> then why not have another binary in dovecot source?
<ivoks> which would just sed dovecot.conf and add postfix hooks over postconf
<ivoks> exactly the same thing as -imapd|pop3d + postfix stuff
<ivoks> if it's ok for imapd, i don't see why it wouldn't be for another package
<soren> baffle: You need the conditions there too, so copy both lines and change the PROGRAM+ bit.
<ivoks> omg... i have /usr/shareFeisty directory :)
<soren> So?
<ivoks> eh... see you later
<soren> baffle: I'm dying to hear about your tests.
<soren> :)
<baffle> soren: A friend came by.
<soren> baffle: Quite alright.
<baffle> soren: What "PROGRAM+" bit?
<baffle> soren: You mean the RUN+ bit?
<soren> baffle: Yes. My bad.
<soren> baffle: brb
<baffle> soren: Hmm. Didn't work.
<soren> baffle: Could you pastebin the rules file as it is now?
<baffle> soren: http://www.pastebin.ca/949190
<soren> baffle: Oh, it should just read %N. Not dev/%N.
<baffle> Oh.
<soren> Sorry if I misled you.
<baffle> Well.. I'm excited at least. :)
<baffle> soren: Woooooohooo!
<soren> I like the sound of taht.
<baffle> soren: I think it worked. I'll just remove my debugstash.
<soren> baffle: Coolness.
<baffle> soren: Or, well, I'm quite sure it worked actually.
<baffle> soren: soren Yep, it booted up now. But it had to wait for the root device to be available for 10 secs or so, due to timeouts on the FC paths etc..
<baffle> soren: So, what we did was change 95-kpartx, and add copying of udev rules (multipath & kpartx) to hooks/multipath
<soren> baffle: Yup.
<baffle> soren: Package uploaded yet? ;-P
<soren> baffle: Hehe..
<soren> baffle: Is "Dag Stenstad" the right name to send a greeting to in the changelog? :)
<baffle> soren: Yeah.
<baffle> soren: Ah, I actually had set an ircname. :)
<nxvl> keescook: did you take a look at Bug #203449
<ubotu> Launchpad bug 203449 in dovecot "[dovecot] [CVE-2008-1199, CVE-2008-1218] privilege escalation" [Undecided,Confirmed] https://launchpad.net/bugs/203449
<keescook> nxvl: sure, working on a few other things currently.
<nxvl> keescook: oh! ok ok, i was wondering why wasn't it uploaded or marked as high importance :P
<nxvl> is Bug #129630 still needed on hardy?
<ubotu> Launchpad bug 129630 in dovecot "[feature-request-gutsy] Include managesieve patch in dovecot" [Wishlist,New] https://launchpad.net/bugs/129630
<keescook> nxvl: your debdiff for but 203449 seems to be for something else?
<nxvl> keescook: you are right, i upload the incorrect debdiff
<nxvl> keescook: fixed
<keescook> nxvl: thx :)
<keithclark> I seem to be having a problem starting Squid.  I returns no feeback/error codes at all, it just does not start?
<keithclark> Ignore that request!  My simple error, working fine now!
<LiENUS> what package is cups-config in?
<LiENUS> yis there a way to configure a printer class in cups to only use the second printer if the first is down?
<nijaba> LiENUS: I would go ask in #cups
<nijaba> LiENUS: hmm..  seem you are there already...
<LiENUS> already asked
<LiENUS> no ones talkjing
<nijaba> yep, not too many people there
<nijaba> be patient then, someone may come aroud and see your question
<LiENUS> its also not the official cups room
<nijaba> LiENUS: really?  which one is the official one?
<LiENUS> there is no official cups irc channel afaik
<nijaba> mmmh too bad
<LiENUS> damnit this printer just stoped working entirely
<LiENUS> i hate vista :/
<dthacker-work> LiENUS: best info I've found. My 15 minutes of googling are up......http://www.cups.org/newsgroups.php?s1+gcups.general+v2+T+Qfailover
<jdstrand> sommer: fyi-- the fix for apparmor/slapcat et al will be in post-beta
<sommer> jdstrand: sweetness
<jdstrand> sommer: see bug #203898
<ubotu> Launchpad bug 203898 in openldap2.3 "slapcat broken when default apparmor profile is enabled" [Undecided,In progress] https://launchpad.net/bugs/203898
<jdstrand> sommer: btw, the fix is simply to make slapcat and friends hard links rather than symlinks.  so you can do that locally and continue your testing
<sommer> jdstrand: that's cool, my main concern was how to document the process :-)
<jdstrand> sommer: they will work as expected once they are hardlinks
<nxvl> nijaba: that bug has been assigned to jelias by himself and i have a moral crisis right now
<nxvl> nijaba: at one hand he's to new to take care of something that important as his first assignement and we can't wait until he understands and fix it
<nijaba> nxvl: that's what i think
<nxvl> nijaba: on the other hand is kind of rude just to work on this and assing it to me
<nijaba> nxvl: so should we ask him if he needs a hand and tell him the importance of it?
<nxvl> mm
<nxvl> he doesn't even has a nickname or confirmed e-mail on his LP
<nxvl> meh, sometimes we need to be rude
<sommer> mathiaz: for your viewing pleasure: http://www.youtube.com/watch?v=jF9jEJg-K0Q&feature=related
<nxvl> nijaba: but if you want to do the bad part and comment on the bug report that this is to important to be done by him and that we need it quick due BF i will be really thankfull
<nijaba> nxvl: I'll do that
<mathiaz> sommer: :)
 * nxvl HUGS nijaba 
<nijaba> nxvl: what do you think of:
<nijaba> This bug just got highlighted a bit too much and beta is right at the door so I am going to ask nxvl to fix it quickly.  We tried to contact you before deciding this but could not find your details on Launchpad.
<nijaba> Please do not feel frustrated about this, there is nothing against you here and there are certainly other bugs where your help will be very appreciated and we'll have the time to mentor you.
<nxvl> nijaba: :D
<nxvl> mm
<owh> mathiaz: kirkland: Apologies for my absence at today's meeting. I spent most of the last hour and a half watching an fsck screen while my computer decided to check the file system after 30 reboots.
<nxvl> i don't even get a promt asking for password
<nijaba> sent
<nijaba> nxvl: isn't mysql already installed on your test machine?
<kirkland> owh: yuck
<kirkland> owh: you should be able to find the logs
<kirkland> owh: wrt us, the init script work for Hardy is pretty much dead
<owh> kirkland: Yeah, I'm waiting for the cron job to update: http://irclogs.ubuntu.com/2008/03/19/%23ubuntu-meeting.txt
<owh> kirkland: I figured that :)
<kirkland> ah
<kirkland> owh: it's not a totally bad thing
<kirkland> owh: they're right, ultimately
<owh> kirkland: C'est la vie.
<owh> kirkland: Who do I send the bill to :)
 * owh is kidding.
<kirkland> ;-)
<kirkland> owh: well, it's just delayed reallly
<owh> kirkland: So, yeah, where to next?
<kirkland> owh: there will be a pile of work to do when the Intrepid trees open
<owh> kirkland: So, was there agreement on how we should proceed?
<kirkland> owh: we will want to work closely with Keybuk, though, on getting this stuff working in upstart
<nxvl> nijaba: clean pbuilder
 * owh is still waiting for log update :(
<kirkland> owh: in the short term, we need to focus back on Hardy bugs
<kirkland> looking at the ones that are open, solving those
<mkeller> hi there
<nxvl> nijaba: i'm installing mysql-server-5.0, is that binary package, didn't it?
<owh> kirkland: Cool. Any I should know about right now?
<mathiaz> owh: http://blackbird.kaarsemaker.net/mootbot/meeting/ubuntu-meeting.log.20080319_2200.html
<kirkland> that's the hard core focus of the beta period we're in now
<owh> mathiaz: Tah
<kirkland> owh: i'd say just have a look at them, grab a couple that you think you can solve
<mkeller> can anyone give me a bit of support for postfix/ dovecot sasl?
<kirkland> owh: ping me or anyone else here, if you want some more direction
<nijaba> nxvl: really weird.  I reproduced it installing "sudo tasksel install lamp-server" on a clean install this afternoon
<nijaba> not testing that really, but as a side effect
<owh> kirkland: Any specific server bugs around?
<kirkland> mathiaz: you have any favorites?
<kirkland> owh: not off of the top of my head
<nxvl> nijaba: trying
<owh> kirkland: Email me if you think of any, meanwhile I'll keep my eyes open (in my "spare" time)
<nxvl> nijaba: i tested using apt-get install mysql-server-5.0
<owh> kirkland: I'm fighting an iridium short burst message data modem :|
<mathiaz> owh: kirkland: bug 203696 seems new - although related to dapper
<nijaba> nxvl: should be the same
<owh> kirkland: It knows what it wants to do, but refuses to tell me :)
<ubotu> Launchpad bug 203696 in dovecot ""undefined symbol: quota" on dapper while trying to use imap_quota" [Undecided,New] https://launchpad.net/bugs/203696
<nijaba> nxvl: it is a d-i question
<mathiaz> owh: kirkland: to confirm for dapper, we first need to make sure it's fixed in hardy
<nijaba> nxvl: errr a debconf question
<nxvl> nijaba: so i need to test the iso?
<nxvl> oh
<mathiaz> kirkland: there is also bug 189616 that should be investigated
<ubotu> Launchpad bug 189616 in dovecot "connection problems under load with hardy dovecot" [Undecided,New] https://launchpad.net/bugs/189616
<nxvl> i will tri dpkg-reconfiguring it
<mathiaz> kirkland: but it may be hard to diagnose
<nxvl> try*
<owh> mathiaz: Yeah, I was just going to say, how do you load test without load ?
<nijaba> nxvl: it will only be asked if the password was not there before I think
<owh> mathiaz: I suppose you could write some script that hammers away at it.
<mathiaz> owh: well - that's the interesting part of it ;)
<owh> Heh
<mathiaz> owh: how can you stress-test dovecot
<nijaba> mathiaz: just give it to elmo ;)
<owh> mathiaz: Hmm, just read that bug, and James already tried that :)
<owh> sommer: Did you need anyone to proof the server guide?
<owh> s/proof/proof read/
<nxvl> nijaba: i confirmed it, it was a problem with pbuilder
<mathiaz> owh: kirkland: there is also bug 197606 and 199144 that look interesting
<ubotu> Launchpad bug 197606 in mysql-dfsg-5.0 "Invalid db.table name 'g2_AccessMap' at /usr/bin/mysqlhotcopy line 845" [Undecided,New] https://launchpad.net/bugs/197606
<ubotu> Launchpad bug 199144 in apache2 "Apache2 with mpm_worker times out with many concurrent requests" [Undecided,New] https://launchpad.net/bugs/199144
<owh> mathiaz: I've just taken initial ownership of bug 203696.
<ubotu> Launchpad bug 203696 in dovecot ""undefined symbol: quota" on dapper while trying to use imap_quota" [Undecided,New] https://launchpad.net/bugs/203696
<mathiaz> owh: proof-reading the server guide would also be welcomed - the deadline for big changes is tomorrow
<owh> mathiaz: Yeah, I'm just looking at typo's, spelling, etc. No content.
<mathiaz> owh: you can read the current version of the server guide here: http://doc.ubuntu.com/ubuntu/serverguide/C/
<owh> mathiaz: Tah, just found the link myself :)
<owh> mathiaz: Is there a way to download the lot, or do I just mirror it with wget?
<mathiaz> owh: hum... mirror with wget would be great
<owh> As nijaba I think pointed out, this should be in the server MOTD.
<mathiaz> owh: you should also consider branch from bzr
<mathiaz> owh: If you don't mind reading the docbook format
<owh> mathiaz: Don't care either way, what ever is easiest to get to my local HDD.
<mathiaz> owh: that you way you can fix the grammatical errors right away, push your branch and sommer can merge it back in trunk
<owh> mathiaz: And simplest to give updates/
<owh> s/\//./
<mathiaz> owh: well if you're not afraid for bzr the most helpfull way is to branch the source code
<owh> mathiaz: I'm not afraid of things I don't know about :)
<owh> How do I find out where the bzr source is?
 * owh is wandering through ~ubuntu-core-doc
<mathiaz> owh: check out https://wiki.ubuntu.com/DocumentationTeam/Repository
<mathiaz> owh: I think the branch you wanna checkout is https://code.launchpad.net/~ubuntu-core-doc/ubuntu-doc/ubuntu-hardy
<mathiaz> owh: ask sommer about it to make sure
<nxvl> nijaba: if it fails 2 times i need to reask for password or just rise an error?
<owh> mathiaz: Yeah, I was trying to figure out how to just get the server guide.
<mathiaz> owh: apparently the server guide is burried in the ubuntu-hardy branch
<nijaba> nxvl: re-ask, after an error
<nijaba> nxvl: as we do for the user password on install
<owh> mathiaz: Not immediately obvious to me either: http://bazaar.launchpad.net/~ubuntu-core-doc/ubuntu-doc/ubuntu-hardy/files/asommer70%40gmail.com-20080319202309-2nfmhrdj9vufcvge?file_id=3487%401e033ed4-87e8-0310-8703-d68c7bbd86c9%3Atrunk%3Aubuntu
<owh> That seems to be the root of that.
<nxvl> nijaba: heh, i was just downloading the debian-installer source to copy the structure :P
<nijaba> nxvl: ;)
<mathiaz> owh: it's in generic/serverguide/
<mathiaz> owh: generic/serverguide/C/ to be exact
<owh> Ah, I was already in ubuntu :)
<owh> mathiaz: Yeah, now all I need to do is figure out the bzr command, but I think I have it licked :)
<mathiaz> owh: bzr branch http://bazaar.launchpad.net/~ubuntu-core-doc/ubuntu-doc/ubuntu-hardy
<mathiaz> owh: once you've started to make modification you push your own branch
<owh> mathiaz: I was going with bzr checkout --lightweight http://bazaar.launchpad.net/~ubuntu-core-doc/ubuntu-doc/ubuntu-hardy/files/asommer70%40gmail.com-20080319202309-2nfmhrdj9vufcvge?file_id=2104%401e033ed4-87e8-0310-8703-d68c7bbd86c9%3Atrunk%3Ageneric%252Fserverguide%252FC
<mrpoundsign> How does one get information/release notes for a given package it says it is going to update via apt-get update?
<mathiaz> owh: I'm not sure it'd work
<owh> mathiaz: It didn't :)
<mathiaz> owh: yes - you need to branch http://bazaar.launchpad.net/~ubuntu-core-doc/ubuntu-doc/ubuntu-hardy
<mathiaz> owh: and pull down the whole documentation src :/
<owh> mathiaz: I'm trying to avoid that.
<owh> mathiaz: This was close: bzr checkout --lightweight lp:ubuntu-doc/ubuntu-hardy/generic/serverguide/C
<owh> mathiaz: What about just downloading the 20 files individually, making patch files and adding them to a bug report or emailing them to sommer?
<mathiaz> owh: well - that's another option but it seems more work
<mathiaz> owh: on sommer's side
<owh> mathiaz: Yeah, I'm conscious of that too.
 * owh is beginning to fear bzr :)
<owh> mathiaz: Seems I'm not alone in my quest: http://www.mail-archive.com/ubuntu-server@lists.ubuntu.com/msg00830.html
<mathiaz> owh: yes
<LiENUS> i'm having a weird problem. I just removed hpijs and now when i go to add a printer it gets to the point where i give it a URI and when i click continue it hangs
<owh> mathiaz: I've given in and am now checking out the lightweight version of the whole guide :(
<mathiaz> owh: I think it makes sense - however it was never implemented
<mathiaz> owh: hopefully for the next cycle we can sort this out
<owh> mathiaz: The emails start a long discussion which indicate some staunch opposition to the idea as far as I can see.
<owh> mathiaz: This all works really well if you've got gobs of bandwidth. Not so much if you're not quite so well equipped.
<owh> mathiaz: I have a very high latency connection, 1second round trip, so all this interactive stuff, that is, the get something, parse it, get something else, parse it, really takes time.
<mathiaz> owh: I started a "bzr checkout --lightweight bzr+ssh://bazaar.launchpad.net/~ubuntu-core-doc/ubuntu-doc/ubuntu-hardy/" and it's already at 100M
<owh> mathiaz: Mine started at a similar time and it's 2.2M, its getting each individual file and not ever getting to 1Mbit.
<owh> mathiaz: As I said, high latency, this interactive stuff is just rubbish.
<owh> s/interactive/iterative/
<mathiaz> owh: yeah - it will take a looongg time to checkout the documentation
<owh> mathiaz: So much for taking it with me on my phone to have a read. Ah well. I'll kill it and start again when I return :(
<owh> Later all. Gotta run.
<LiENUS> anyone here got any idea why cups is hanging when i hit continue after inputing a device uri?
<nxvl> nijaba: i think i have it
<nxvl> nijaba: building for testing
#ubuntu-server 2008-03-20
<burzum> Hello
<burzum> Im using ubuntu 6.06 server and need to update php5 to 5.2.x is there no package aviliable for it? Do i really have to compile it on my own? :(
<ScottK> burzum: Did you look at dapper-backports?
<burzum> Uhh no, wait, let me check if i have them in my apt
<burzum> deb http://de.archive.ubuntu.com/ubuntu/ dapper-backports main restricted universe multiverse
<burzum> This one?
<ScottK> Yes.
<ScottK> If it's not there....
<ScottK> !backports will give you instructions on how to request it.
<ScottK> !backports
<ubotu> If new updated Ubuntu packages are built for an application, then they may go into Ubuntu Backports. See https://help.ubuntu.com/community/UbuntuBackports - See also !packaging
<burzum> Owww....
<ScottK> So no, you don't necessarily have to compile it on your own ...
<kris_ph> is there an application for ubuntu gutsy server to monitor the ports open and its traffic activity?
<kris_ph> I have chrootkit actually..
<keithclark>  Just wondering what the easiest way to tell the status of the Squid Cache size?  And efficiency?
<burzum> Is there a way to request a backport without need to create an account for launchpad?
<kirkland> burzum: aw, launchpad isn't so bad ;-)
<kirkland> kraut: netstat
<burzum> kirkland, possible, but im sick of all the effort it takes always to do something with linux, im running here local linux our company uses bsd on their live systems, maybe im going to try this.
<burzum> each time i run in a basicly simple problem (i would call updating a programm simple) i get in deep trouble with linux :(
<kirkland> keithclark: the various cache configurations are set in /etc/squid/squid.conf
<keithclark> kirkland, understood, but I want to be able to analyze the hit:miss ratio, cache size and so on.  On the Squid machine.
<burzum> But i found out that my problem is not related to a bug in my php version, so no need to update quickly. I'll replace the server with an win2003 server in the next few weeks.
 * mralphabet shakes his head
<burzum> but thanks for your help
<kirkland> burzum: updating a program is very simple.  "apt-get update; apt-get upgrade <PACKAGE>"
<burzum> kirkland, only if its aviliable
<mralphabet> is IIS 6 available for nt4?
<kirkland> burzum: you can build it yourself, if you want
<kirkland> mralphabet: yeah, you bet.
<kirkland> ;-)
<burzum> sure, but i dont want because it would require a lot of time and reading which i dont have yet
<burzum> mralphabet, i dont plan to use iis
<mralphabet> that wasn't my point
<burzum> and 6.06 is not even 5 years old, not to mention that nt is uhh at least 10 years old
<kirkland> keithclark: from the server, or from the client?
<kirkland> owh: howdy
<keithclark> kirkland: the server
<kirkland> owh:  you get some pointers from mathiaz today
<kirkland> owh: that was a question ;-)
 * mralphabet shakes his head at burzum
<kirkland> mralphabet: some people just need a punching bag
<kirkland> mralphabet: if he wants someone to put in the effort on his behalf to do a backport (several hours), but he doesn't have time to create a launchpad account (several minutes) to make the request.....
<mralphabet> kirkland: preaching to the choir
<kirkland> mralphabet: ;-)
<owh> kirkland: Yeah, I took ownership of bug 203696 to test in hardy at least. I'm also attempting to download the server guide, but if you've got a fast pipe, or have it already, a .tgz link would be well received :)
<ubotu> Launchpad bug 203696 in dovecot ""undefined symbol: quota" on dapper while trying to use imap_quota" [Undecided,New] https://launchpad.net/bugs/203696
<owh> kirkland: I'm trying to get: bzr checkout --lightweight lp:ubuntu-doc/hardy
<kirkland> owh: i do have a faster pipe than satellite ;-)
<owh> kirkland: It's not the speed that's killing it, it's the latency.
<kirkland> owh: yup
<kirkland> owh: i've been writing a bandwidth benchmark all day today
<kirkland> owh: which is part of the explanation for my latency in getting back to you
<owh> kirkland: One of my mates once wrote: "It's the latency stoopid." - Stuart Cheshire. Funny guy. Never underestimate the bandwidth of a station wagon packed full of CDs.
<owh> kirkland: Funny boy.
<owh> :)
 * owh has been trying to explain to a hosting company that TTL life exceeded is a problem.
<ghostnob> hi GUys....
<owh> They don't yet see it my way :)
<mralphabet> owh: hah
<kirkland> owh: ask them if they're bothered by their own personal TTL
<kirkland> owh: and how bothered they'd be if it were expired prematurely
<owh> I figured that this will change when I choose a different hosting company, or if I keep ringing the corporate support queue :)
<ghostnob> I'm trying to make Window server 2003 connect to my Ubuntu server at home, is it possible to also connect the windows mail server exchange with ubuntu mail server...? i know this is dumb but I play alot with this things at home and would like to know what I can up with...
<owh> At the moment they're blaming it on their load balancers. I think it is a routing issue myself :)
<mralphabet> ghostnob: what do you mean by connect?
<owh> ghostnob: What do you mean when you write: "connect the windows mail server exchange with ubuntu mail server"
<mralphabet> ghostnob: exchange forward to ubuntu forward to internets?
<ghostnob> yes... right..
<ghostnob> that's what I mean...
<mralphabet> sure
<mralphabet> exchange has a "relay everything through x.x.x.x"
<mralphabet> sendmail / postfix / whatever mta has a "relay everything for x.x.x.x"
<owh> kirkland: Should I continue to struggle with the bzr, or are you secretly squirrelling away in the background - there is no expectation either way.
<ghostnob> ok.. I'll try it this weekend and I'll let you guys know what I come up with.. I'm a student and I also work, so the little time I have is for my linux and windows administration development
<ScottK> relayhost is the configuration you want when you setup postfix
<ghostnob> ok..
<kirkland> owh: i'm pulling it down
<kirkland> owh: but this thing must be massive.....
<owh> Did you get the lightweight version?
<owh> No changelogs etc?
<ghostnob> I got the 7.10 DVD from UBUNTU....
<owh> kirkland: bzr checkout --lightweight lp:ubuntu-doc/hardy
<owh> kirkland: That supposedly is small, just the docs.
<ghostnob> I haven't explore everything yet... But I have it on my laptop and I use it with SUSE 10.1 server...
 * owh doesn't know as it's not here yet :)
<kirkland> owh: okay, i just restarted with that
<kirkland> owh: and it's going much faster
<owh> kirkland: If speed is an indication of size, then that's good :)
<owh> Oh, found the latency rant from Stuart: http://www.stuartcheshire.org/rants/Latency.html
<kirkland> owh: i agree with his statement.  i have a colo backup of my critical data at my parent's house, 500 miles away.  incremental changes I handle with rsync.  major sync differents, I jump in the car and drive with a USB hard drive and get some home cookin' out of the deal
<owh> kirkland: Yup. That's what I'm working on with my clients as well.
<kirkland> owh: even lightweight, it's still big
<owh> How big?
<owh> kirkland: How big so far?
<kirkland> owh: seems i've downloaded a measly 85M so far :-/
<keithclark> kirkland:  Are srg and squidview two examples of what I should me looking for?
<owh> kirkland: Kill it.
<kirkland> keithclark: hey, i'm still looking for your answer...  squidview i tried, but it looks like it analyzes from a client perspective
<keithclark> kirkland, yeah, that was my opinion as well.
<kirkland> owh: i had better luck with "apt-get source ubuntu-docs"
<owh> kirkland: Damn, that's a good idea.
<owh> kirkland: Tah.
<keithclark> kirkland, I just can't seem to scope out the right app.
<kirkland> owh: not as up-to-date as from the source repo, but pretty damn close
<kirkland> keithclark: i'm bothered by it too... i've run my own squid for years, but never personally questioned hit ratio
<kirkland> keithclark: now i'm curious ;-)
<owh> kirkland: Well, I've just fired up my hardy vm and I'll do an update and get it. It will have to do.
<kirkland> owh: i'd do both if i were you....  background a bzr pull in a screen session
<kirkland> owh: grab the source in the mean time
<keithclark> kirkland: haha, for sure.  I know it works as I'm using it remotely now, but I just have to know how efficient it is.  And, does it need more disc space?
<owh> kirkland: Nah, after half an hour of downloading the bzr I had all of 2.2 Mb.
<kirkland> owh: pooh
<owh> kirkland: Getting individual shitty little files just doesn't work.
<owh> kirkland: Now if I could tell bzr to pack in into a big chunk, then send it, I'd be laughing.
<kirkland> owh: it does that.... every time it builds a source deb ;-)
<owh> kirkland: Funny.
<owh> :|
<owh> Oh, it was a joke ;-)
<kirkland> ;-)
 * owh <grins>
<kirkland> a glass of wine and I'm a regular comedian
<ajmitch> owh: funnily enough, when checking out with a smart server at the other end, it should tar it all up & send it
<owh> ajmitch: Ah, so we just blame launchpad then?
<ScottK2> owh: That's my usual approach.
<ajmitch> yes, I think all that part is coming soon enough
<owh> Its funny and sad all at the same time in a way.
<keithclark> kirkland, should one not be able to access the file from OO Database and work with it there?
<kirkland> keithclark: it looks like "polygraph" is what people use to benchmark squid
<keithclark> let me check that out
<keithclark> do you use squid-prefet?
<kirkland> keithclark: no, never heard of it
<keithclark> kirkland: used for prefetching pages in squid
<kirkland> keithclark: fyi... there is a #squid on this irc server
<kirkland> keithclark: i think they may be a better resouce
<keithclark> kirkland, I tried, but no response
<owh> kirkland: What next, tell desktop users to ask questions in #ubuntu-server :)
<owh> kirkland: Or even s/ask/stop asking/
<owh> kirkland: Either way, the wine will help to make it funny :)
<owh> That's more like it, getting the source documentation now at up to 200kB/s.
<owh> That's not bad for a supposed 1Mbit connection :)
<keithclark> kirkland: thanks for trying!
<kirkland> keithclark: sure no problem.  ping me back here, if you figure it out.  i'm quite curious now.
<owh> kirkland: keithclark, what's the question?
<keithclark> kirkland, sure will!
<keithclark> owh, second....
<kirkland> keithclark: i'm most bothered that i've found a number of hits in google with people claiming a hit ratio of some such, but I can't for the life of me figure out how they determined that
<owh> kirkland: That's from the squid statistics / status page.
<keithclark> owh:  I want to be able to analyze the hit:miss ratio, cache size and so on.  On the Squid machine.
<kirkland> owh: okay, so from my squid server, how I would i find out what its running hit/miss ratio
<owh> kirkland: From memory there's a web interface for that.
<keithclark> owh cachemgr?
<owh> keithclark: I'm remembering a web server on port 3306, but I'm old and forgetful, so that might be wrong :)
<keithclark> owh....not a problem!  I'm also no spring chicken....I just wanted a simple app that would tell me how my server is doing....
<owh> kirkland: After all that pussing around, we're talking about a serverguide that's 484K. Count 'em. 484. I could have typed it faster :)
<owh> keithclark: Lemmie have a looksee.
<kirkland> owh: holy smokes
<keithclark> owh, that would be terrific!
<ajmitch> owh: 3306 = mysql :)
<owh> ajmitch: Told you I was old and forgetful :)
<owh> kirkland: Holy what, where?
<kirkland> owh: 484k
<owh> kirkland: Yeah.
<kirkland> owh: there's something wrong with that, IMO
<owh> kirkland: You're not wrong there.
<kirkland> owh: I'm still downloading th source
<owh> kirkland: Huh? I've just gotten that.
<owh> kirkland: Oh, you're talking about the bzr.
<kirkland> owh: yup
<kirkland> apt-get source happened very fast
<owh> keithclark: My memory is telling me that you want: squid-cgi, which gives you what you're after.
<owh> keithclark: That is, I searched the apt-cache, looked, did a google and it looks like what I'm remembering.
<keithclark> owh, let me check.
<keithclark> owh, yes but then don't I need apache installed and running?
<owh> keithclark: Not apache especially, just a web server.
<keithclark> owh, hmm, I just wanted a simple app.
<keithclark> owh, maybe my database analysis would work?
<owh> keithclark: I'm *guessing* that the cgi is calling an API of sorts, so I suspect that there is a command-line tool for it also.
<owh> keithclark: Well you could just run webalizer across the logs.
<owh> keithclark: From memory it's all pre-configured.
<keithclark> owh, ok, let me check that next!
<owh> keithclark: Also: http://www.squid-cache.org/Misc/related-software.dyn
<owh> keithclark: And: http://code.google.com/p/squidutils/
<keithclark> owh, yeah, I've been looking there but I've not found the right match.
<owh> keithclark: http://samm.kiev.ua/sqstat/
<keithclark> owh:  My match would be hit/miss ratio, disc space use.  Very simple and does not have to be real time.
<owh> keithclark: Well, that's two commands, du -sh . and grep "Miss" * | wc
<owh> keithclark: You don't need anything cool for that :)
<keithclark> owh, I know there are log analyzers out there galore to analyze all activity to the ultimate end, but I want a cloud view of my server
<owh> keithclark: So, run a cron job every hour that runs a few commands across your log file.
<keithclark> owh, I see what you are getting at
<owh> keithclark: KISS.
<keithclark> owh, that is what I wanted!  A KISS solution
<keithclark> owh: everything else is way too detailed.
<owh> keithclark: The ratio is trivial. Count the total number of requests, count the total number of cache misses, do maths.
<keithclark> owh:  I just want to know how much it is using, and should I give it more space, and how efficient is it
<kirkland> keithclark: yeah, if you're open to that, i think you have all you need in /var/log/squid
<kirkland> keithclark: plus some grep | wc | bc magic :-)
<kirkland> keithclark: step (3) profit
<owh> keithclark: If I had more hours in the day I'd offer you an hour to put it together for you, but not this day :)
<keithclark> owh kirkland: yup, I need to brush up on my command line
<owh> kirkland: Hey, where's step 4?
<kirkland> owh: fiji
<keithclark> owh, thanks for the offer, I'll try and if I get stuck, you might see me here.
<kirkland> owh: beach, sun, and drinks with little umbrellas
<owh> kirkland: Now there's an idea. No Internet would be good :)
<keithclark> But, it should be possible to import into Open Office Database and analyze as I see fit, no?
<owh> keithclark: I have to say that the wc/grep would be a whole lot simpler.
<kirkland> keithclark: i think so
<owh> keithclark: Your biggest problem wit OO will likely be the size of the log files.
<kirkland> keithclark: as a next step, though, i suggest persisting in #squid in +8, +12, and +16 hours
<keithclark> owh, you are right KISS
<kirkland> i think we're just off on our #squid timezone sweet spot
<kirkland> someone there will surely know the answer to this question without even thinking about it
<owh> kirkland: Yeah, but by that time, a cron job will give you output :)
<kirkland> okay, adios, manana
<keithclark> kirkland: thanks!
<owh> kirkland: That needs extra letters, but g'night :)
<keithclark> owh, thanks for your help as well.  I have the right mindset now!
<owh> keithclark: That's cool. Pleasure to help.
<keithclark> owh, command line is a lot of fun.  I've not done that since my DOS days
<owh> keithclark: I'll be around, feel free to ask questions. If I'm able I'll help.
<keithclark> owh:  awsome.
<_ruben> morning
<kamikaze> morning :)
<nijaba> morning
<Jeeves_> Morning
<kris_ph> will I give attention this warning [warn] NameVirtualHost *:80 has no VirtualHosts?
<_ruben> kris_ph: its a warning, hence non-fatal, but it indicates that your apache config isnt completely optimal
<_ruben> i have that message 3 times when i start apache on one of my server, havent gotten around to dive into it, works like a charm though
<kris_ph> _ruben: okay.. I appreciate that.. can you tell me how to fix it?
<_ruben> kris_ph: not in detail, but im assuming it has something to do with have "NameVirtualHost *:80" in your config but no "<VirtualHost *:80>"
<_ruben> or perhaps "<VirutalHost foo.bar.com:80>" for example
<_ruben> i suggest reading the documentation on virtualhosting on http://httpd.apache.org
<kris_ph> thanks..
<kris_ph> _ruben: my httpd.conf is empty.. why do you think?
<kamikaze> it's called apache2.conf in ubuntu if i'm right
<kamikaze> if using apache 2 that is
<_ruben> correct .. and apache 1 hasnt been supported for a while now in ubuntu, afaik
<_ruben> but most likely you'll need to be looking in /etc/apache2/sites-available/ *if* things were done properly
<kris_ph> _ruben: mmm.. what should be the correct configuration there?
<_ruben> kris_ph: this is probably a good start: https://help.ubuntu.com/community/ApacheMySQLPHP#head-8c16bcd2517fa5b9fa35d616f00d3bb59e981373
<kraut> moin
<J-_> I'm trying to configure for a static IP on my server. I've changed interfaces, and resolv.conf, is this correct? http://pastebin.ca/950060 If not, what do I need to change?
<kris_ph> J-: in your /etc/resolv.conf the entries there are the name servers of your ISP?
<J-_> kris_ph: no
<J-_> kris_ph: by nameserver's what do you mean? DNS?
<kris_ph> J-_: you should be using the nameservers (IP) of your ISP...
<J-_> k
<J-_> I think I need to set up the noip program to do so
<J-_> kris_ph: am I correct?
<kris_ph> J-_: https://help.ubuntu.com/7.10/server/C/network-configuration.html <<<<<< check it..
<kris_ph> I suggest.. you leave the file blank and try to restart your server.. and do "cat //etc/resolv.conf
<J-_> how do I kill a job that has been stopped?
<henkjan> you know the pid of the process? kill <pid>
<J-_> it won't die
<J-_> =S
<henkjan> try kill -9
<J-_> thaqnks a lot
<Kamping_Kaiser> Jeeves_, you about? i was wondering if you could disable boot on the T1000. i cant seem to send 'Stop A' to it :(
<Jeeves_> Kamping_Kaiser: Hmm?
<Jeeves_> You can do a 'break -y' to interupt the bootloader
<Kamping_Kaiser> Jeeves_, i cant send stopa to the sun as it boots, ^break hasnt worked either
<Kamping_Kaiser> break +y? i'll have to try that.
<Jeeves_> Kamping_Kaiser: If you reset it, you see al the 'cpu cpu cpu cpu cpu' messages
<Jeeves_> Than you send a break from the ALOM
<Kamping_Kaiser> hm.
<Kamping_Kaiser> i'm just trying to get into openfirmware, but `console -f` starts solaris booting
<J-_> How can I figure out what group my current user is?
<J-_> To be PHP pages admin
<Kamping_Kaiser> type `groups`
<J-_> Thanks
<J-_> Would the default group be admin?
<Kamping_Kaiser> default group for what?
<Jeeves_> Kamping_Kaiser: Succeeded yet?
<J-_> I'm trying to figure out which group I belong to so I can set myself up to be the PHP admin for apache.
<Jeeves_> J-_: open a terminal
<Jeeves_> J-_: type 'groups'
<J-_> https://help.ubuntu.com/community/ApacheMySQLPHP#head-6aac570a36ae91754513949f6b2d1df5e61fe5ac is what im trying to do
<Kamping_Kaiser> Jeeves_, no.  i'm sitting at a solaris login prompt, and i cant figure out how to break out :|
<J-_> I did and it listed 11 groups beside my name.
<J-_> one including admin, so I'm guessing that is what I'm looking for?
<Kamping_Kaiser> other then 'administer php' what do you want to do? whas the purpose?
<blue-frog> J-_: what do you want to do? write php code? go ahead write..
<Jeeves_> Kamping_Kaiser: I'll show you :)
<Kamping_Kaiser> Jeeves_, ok :)
<Jeeves_> Kamping_Kaiser: Can you still see what happens?
<Kamping_Kaiser> Jeeves_, yes i can :)
<Jeeves_> Good :)
<Jeeves_> first we reset the box
<Jeeves_> Than we send a break
<Kamping_Kaiser> from alom, i assume.?
<Jeeves_> Yes
<Jeeves_> You see it looking for hardware, right?
<Kamping_Kaiser> yep, and the ok prompt
<Jeeves_> And now it says '{0} ok '
<Jeeves_> Than 'boot net'
<Jeeves_> And than an error I've seen before, but I don't know why
<Jeeves_> :)
<Jeeves_> The only way I could come out of there, was to powerof and poweronn
<Jeeves_> So now it's turned off
<Jeeves_> Now we turn it on
<Jeeves_> (This takes ages)
<Jeeves_> btw: Anyone here who knows why ksoftirqd is eating 100% cup while only doing 40MiB/sec over the NIC?
<Kamping_Kaiser> Jeeves_, how are you breaking it while it boots? do you have two alom sessions open?
<Jeeves_> Kamping_Kaiser: Yes
<Kamping_Kaiser> hm. my ssh sessions to the alom both send the same data at the same time. (so i cant use one to break)
<Kamping_Kaiser> wonder if i'm doing it wrong
<J-_> I'm still having trouble changing the user, and group. I don't know what to strings to change. It's pretty confusion.
<Jeeves_> J-_: Skip the step
<Jeeves_> You don't need it
<Kamping_Kaiser> J-_, i still dont know what your trying to do it for
<J-_> Okay
<J-_> I'll skip
<Jeeves_> Kamping_Kaiser: So now we can instruct the bios bootloader
<Jeeves_> {0} ok boot net
<Jeeves_> Kamping_Kaiser: There you go
<Jeeves_> Kamping_Kaiser: 'break -y' is an ALOM command
<Jeeves_> Just like 'console'
<Jeeves_> Don't always type 'console'
<Kamping_Kaiser> ah
<Kamping_Kaiser> ahaha. i'm trying to boot the wrong mac :|
<Jeeves_> :)
<Jeeves_> Ok, so can I go back to work now? :)
<Kamping_Kaiser> hehe, should be able to :)
<Jeeves_> :)
<J-_> How would I copy/paste a file from my Desktop to my Server via SSH?
<Kamping_Kaiser> J-_, scp
<J-_> cp index.html ssh user@IP /var/www?
<J-_> hmm
 * J-_ googles
<Kamping_Kaiser> no, scp index.html user@host:/var/www
<Kamping_Kaiser> scp --help
<J-_> cool, thanks a lot, again. =)
<Kamping_Kaiser> :)
<J-_> permission denied!
<J-_> what the heck! =\
<Kamping_Kaiser> do youhave permission to write to /var/www on the remote server?
<J-_> No, I don't think so. How can I do so?
<J-_> it's not a remote server. I mean it's in my house, but, am using ssh
<faulkes-> probably best to create a subdirectory off of /var/www which you do have permission to use
<Kamping_Kaiser> heh. iw as about to say 'first ask yourself if you need to'
<faulkes-> sudo mkdir /var/www/mytesthost ; sudo chown myuser:myuser /var/www/mytesthost
<faulkes-> etc..
<Kamping_Kaiser> or mkdir ~/public_html (if you dont mind that sort of thing ...)
<J-_> don't I want /var/www at root of the server?
<J-_> would sudo chown -R $USER:$USER /var/www
<J-_> do the same?
<Kamping_Kaiser> why do you want to?
<J-_> because I want want a large URL, currently I have, http://site.no-ip.com/. I don't really want http://site.no-ip.com/rootofsite/, I want the root to be http://site.no-ip.com/
<Kamping_Kaiser> time to learn vhosts :)
<Kamping_Kaiser> well, that would be my first thought anyway
<Kamping_Kaiser> bbs
<J-_> hmm
<J-_> how can I see my permissions for /var/www?
<Kamping_Kaiser> <J-_> would sudo chown -R $USER:$USER /var/www
<ICU> J-_: ls -ld /var/www
<Kamping_Kaiser> oh, see, not set :|
<J-_> What permissions is 'drwxr-xr-x 4' Is it in any regards safe?
<blue-frog> J-_: you should start by reading the tutorials found here: http://www.ibm.com/developerworks/views/linux/libraryview.jsp?topic_by=All+topics+and+related+products&sort_order=asc&lcl_sort_order=asc&search_by=lpi+exam+topic&search_flag=true&type_by=Tutorials&show_abstract=true&start_no=1&sort_by=Title&end_no=100&show_all=false&S_TACT=105AGX59&S_CMP=GR-LPI
<blue-frog> J-_: the website is currently under maintenance but will certainly resume shortly
<sommer> morning
<VoiDeT> hurro
<_ruben> hrm ... trying to create a local mirror using debmirror and rsync, but either doing something wrong or nl.archives.ubuntu.com doesnt like me very much .. im guessing the first or both ;)
 * _ruben pokes henkjan & Jeeves_ 
<Jeeves_> Hmm?
<Jeeves_> What's up?
<_ruben> heh, figured that might draw some attention ;)
<Jeeves_> You're trying to rsync?
<_ruben> trying to steal ur data :)
<Jeeves_> loose the second /
<_ruben> think i tried that one
<Jeeves_> What's your cmdline?
<_ruben> sudo debmirror --progress --verbose --host=nl.archive.ubuntu.com --method=rsync --root=:ubuntu --dist=gutsy,gutsy-updates,gutsy-security --arch=i386,amd64 --rsync-options="--bwlimit=2048" /data/ubuntu
<Jeeves_> --root=ubuntu ?
<_ruben> then it tries to use ssh
<_ruben> the : is required when using rsync afaik
<Jeeves_> Try ::ubuntu?
<Kamping_Kaiser> _ruben, lookd at the debmirror guide on the wiki?
<Kamping_Kaiser> actually help.u.c now iirc
<_ruben> Kamping_Kaiser: yeah, i loosely based my commandline on that
<Jeeves_> rhineheart_m: That's not it
<Jeeves_> _ruben: That's not it
<Kamping_Kaiser> _ruben, what is the error?
<Jeeves_> Mar 20 14:29:56 ftp rsyncd[19817]: building file list
<Jeeves_> Mar 20 14:29:56 ftp rsyncd[19817]: skipping directory /.
<Jeeves_> That is
<_ruben> with :ubuntu : http://pastebin.ca/950270
<_ruben> yeah
<_ruben> i have no prior experience with rsync .. so dont really have a clue myself :p
<Kamping_Kaiser> i have no experiance with debmirror over rsync. http worked well enough for me
<_ruben> rsync has built-in bw limiter, thats pretty much the only reason
<_ruben> could use http and shape the traffic, but still..
<Kamping_Kaiser> know the feeling
<_ruben> for the sake of it i'll give http a try .. see what happens
<_ruben> or ftp even
<_ruben> getting 10Mbps .. not bad
<_ruben> wonder what the bottlenck is here .. or perhaps its just Jeeves_ sitting on the uplink ;)
<rhineheart_m> Jeeves_: "That's not it" <<<< what do you mean?
 * Kamping_Kaiser imagines Jeeves_ sitting with a 'kill _ruben 's bandwidth' tool
<Kamping_Kaiser> rhineheart_m, he ws taking to _ruben
<_ruben> hmm .. only 16GiB estimated download size
<Kamping_Kaiser> 16? not much
<_ruben> 2 archs for gutsy
<_ruben> unless debmirror got the number wrong ;-)
<_ruben> "Download all files that we need to get (16385 MiB)."
<_ruben> "Failed to download files (18143 errors)!"
<_ruben> some1 tripped over a cable? :-P
<_ruben> small hickup somewhere i guess
<Kamping_Kaiser> hehe
<Jeeves_> _ruben: What errors?
<_ruben> [  7%] Getting: pool/main/e/e2fsprogs/e2fsprogs-udeb_1.40.2-1ubuntu1_amd64.udeb  # failed:Connection closed at /usr/bin/debmirror line 1318, <RELEASE> line 855.
<_ruben> Jeeves_: just curious, is there speed limit on your side (for the ftp) ? or is it just my connection here not living up to its specs?
<Jeeves_> _ruben: No limit here
<_ruben> Jeeves_: didn't really expect that either .. if debmirror would use multiple connections it'd probably go faster, then again, this saves from doing shaping myself ;-)
<cjs> is there a quick answer to "how does ubuntu server edition stack up against other server-geared distros like CentOS/RHEL?"
<Jeeves_> cjs: It has a packagemanager that doesn't suck
<Nubae> How well does ebox work with LDAP out of the box?
<cjs> Jeeves_:  yum is fine
<Jeeves_> cjs: No it isn't ;)
<Nubae> does it install slapd and ldap client as well as do some sort of user migration from posix?
<_ruben> ebox is rather new, other than that i do not know much about it ;-)
<_ruben> i guess #ebox is decent place to start
<Nubae> What I'm looking for really is a unified control panel that manages squid, dansguardian, some sort of firewall, dhcp, dns and various subnets
<cjs> Jeeves_: well, I guess I meant more in terms of package reliability, support, and performance
<_ruben> the plans for ebox are rather big i think, but resources tend to be a limiting factor
<Nubae> that and central user management in which case I thought LDAP would probably be a good choice
<Nubae> ruben, I was advised to ask here about ebox
<Nubae> well, at least ebox and its current integration with ubuntu
<_ruben> ah ok ;)
<Jeeves_> cjs: I don't think performance is really different between the Linux'es
<Nubae> do you know if it is debian specific?
<Jeeves_> Canonical can offer you suppor
<Jeeves_> +t
<_ruben> Jeeves_: seems my ftp connection is stalled again, probably just my side though ;-)
<Jeeves_> cjs: There' no package-management-system like apt
<cjs> Jeeves_: I suppose that's a matter of opinion. Personally I like both apt and yum. imo, there's no package management system like the long dead red-carpet.
<Nubae> actually, sabayon's new package managemnt system looks quite interesting
<Nubae> so can someone with ebox experience tell me if its relatively easy to customise the gui?
<Nubae> easy as say webmin?
<_ruben> woohoo .. "Failed to download files (16172 errors)!"
<_ruben> lets switch from ftp to http to see if that improves things
<Jeeves_> Hmm
<_ruben> hmm .. debmirror doesnt show per-file progress when using http
<lamont> jdstrand: Mar 20 08:35:22 mix kernel: [303996.622460] audit(1206023722.207:54):  type=1503 operation="inode_permission" requested_mask="r" denied_mask="r" name="/var/lib/misc/shadow.db" pid=31189 profile="/usr/sbin/cupsd"
<lamont> why does adding 'db' to nsswitch require that cupsd have read access to the shadow file??
<jdstrand> lamont: I don't know off-hand
<jdstrand> lamont: does cups fail in some way?
<lamont> no.
<lamont> gnome-screensaver refuses to unlock the display unless it has read perms though...
<lamont> libnss_db.so needs to be taught how to check a password without actually reading the stupid file...
 * jdstrand nods
<jdstrand> lamont: btw-- I have another little patch for bind9.preinst *ducks*
<jdstrand> lamont: bind and mysql were the first apps to have a profile migrate from apparmor-profiles to the package
<lamont> jdstrand: win.
<jdstrand> lamont: as such, there has been refinement
<lamont> so, uh, package it locally and verify that you're happy this time????? :-)
<jdstrand> lamont: did you upload already?
<lamont> dunno
<jdstrand> it isn't critical
 * lamont was starting to get sick on tue, dead-to-the-world yesterday, and firing on about half-thrusters today
<jdstrand> lamont: oh, I have a whole battery of tests I run against it
<jdstrand> lamont: sorry to hear you aren't feeling well
<jdstrand> lamont: it isn't failures, but rather corner cases
<lamont> corner cases _are_ the only place that we find bugs, it seems...
<jdstrand> -8 is in sid now
<jdstrand> lamont: and it isn't a bug per se-- it's putting in force-complain in another instance (to be safer on upgrades)
<lamont> ah, right
<jdstrand> lamont: anyway-- I'll run my battery of tests and send it along
<lamont> go ahead and make it a new bug.
<lamont> Successfully uploaded bind9_9.4.2-8_i386.changes to ftp-master.debian.org.
 * jdstrand nods
<_ruben> ok, that's it for today .. time to go home .. lets hope debmirror wont require any intervention untill it completes
<lamont> afk for a bit
<jdstrand> lamont: won't get to it til tomorrow though
<jdstrand> lamont: hope you feel better
<lamont> it'll be at least tomorrow before I look at it anyway.
<Solarion> so, how do I go about setting /sys/bus/usb/<device>/power/autosuspend and friends automatically?
<Solarion> udev is driving me crazy and rc.local doesn't seem to do anything either
<nxvl> nijaba: did you take a look at the patch?
<nijaba> nxvl: yes.  it looks pretty straightforward.  I think mathiaz should be working on integrating it
<nijaba> nxvl: thanks a lot
<mathiaz> nxvl: I'm currently looking at it.
<nijaba> nxvl: where are you based, btw?
<nxvl> nijaba: based as in timezone/country?
<nxvl> mathiaz: oh great
<nxvl> mathiaz: let me know if something is wrong
<nxvl> also working on this i noticed that it is using .config, not postins
<nijaba> nxvl: yes.  Your name sounds spanish, but you could be anywhere...
<nxvl> nijaba: Lima - Peru
<nijaba> nxvl: cool!
<nijaba> nxvl: will I see you at UDS?
<nxvl> nijaba: yes!
<nijaba> nxvl: looking forward to it
<nxvl> nijaba: i'm really excited and counting the days for it :D
<nxvl> nijaba: also i will be going to paris after uds
<nijaba> nxvl: me too ;)
<nijaba> (but that's because that's where I live)
<nxvl> actually a long cross-europe trip, but i will stop in paris some days
<nxvl> nijaba: yes i know, i saw it at LP
<zul> nijaba: shouldnt you be able to just take the train then?
<nxvl> zul: that's what i will
<nijaba> nxvl: hey, I'll be glad to take you for a drink then
<nijaba> zul: train to prague? about 12h I think
<zul> heh...probably easier to fly then :)
<nxvl> nijaba: ok, i will ping you when i reach paris :D
<nijaba> nxvl: great
<nxvl> well, i'm going to the doctor, bbl!
<nxvl> mathiaz: when you are done reviewing the patch please send me some feedback on the report or by mail
<nxvl> mathiaz: i will be very apreciate since i needed o read and learn a lot for working on it
<nxvl> s/apreciate/gratefull/g
<mathiaz> nxvl: sure
<nxvl> mathiaz: thnx
 * nxvl HUGS mathiaz and nijaba 
<nxvl> see you later
<keithclark> If I change a client's proxy server via Network Proxy tool, does it then change it for every application run?
<stiv2k> are there any good alternatives to squirrelmail?
<sommer> stiv2k: you could take a look at horde imp, but I'm not really sure it's better or worse
<Jeeves_> stiv2k: Maybe roundcube?
<stiv2k> hmm
<stiv2k> im just looking for something not as boring
<stiv2k> i mean, cmon, squirrelmail uses frames
<stiv2k> that shit might have been cool back in 2001
<stiv2k> know what i mean?
<sommer> you could add some nudy pics :-)
<Jeeves_> stiv2k: Than you must take a look at roundcube
<stiv2k> Jeeves_: i am looking now, it looks interesting!
<stiv2k> sommer: lol :P
<keithclark>  If I change a client's proxy server via Network Proxy tool, does it then change it for every application run?
<stiv2k> Jeeves_: do i want package "roundcube", "roundcube-webmail" or both?
<Jeeves_> stiv2k: Ehm
<stiv2k> Jeeves_: aptitude search roundcube
<stiv2k> both packages have like almost identical descriptions
<Jeeves_> roundcube-webmail, i believe
<stiv2k> Jeeves_: am i going to need to create any custom apache config for it
<googlah|sleepy> just noticed I could do alt+1, and some (arg 1) came in shell, is that some kind of predefined stuff?
<keithclark> ok, I'll try later....
<nxvl> mathiaz: did you want me to apply the patch to the new version of mysql uploaded some hours ago?
<nxvl> nevermind
<nxvl> i make a version mistake
<nxvl> mysql has been uploaded to gutsy
<nxvl> mathiaz: i have just realize that the template is missing on the patch i uploadto Bug #162167
<ubotu> Launchpad bug 162167 in mysql-dfsg-5.0 "mySQL password asks only once" [Wishlist,Confirmed] https://launchpad.net/bugs/162167
<nxvl> mathiaz: i will upload it in a minute
<aurax> anyone here knows something about jsvc?
<aurax> i'm trying to load a jar as a service... but having problems with it
<nxvl> mathiaz: ok, uploaded
#ubuntu-server 2008-03-21
<J-_> If I change my SSH port on my LAMP server will it affect anything in regards to SSH? I know I'll have to connect on a different port, but will it mess anything up?
<Kamping_Kaiser> no. not unless you have something that depends on it running there
<J-_>  I just have a basic LAMP installation going with MySQL, and PHP set up proper. Not too much.
<Kamping_Kaiser> you'll be fine
<J-_> Cool, thanks. =)
<J-_> Is it possible to stream from an external drive on a LAMP server only and just have communication with LAN? I still want the LAMP part on the WAN side of things so others and myself can go to my website. I just don't want people streaming from my ext. drive. Why do I want the ext. drive on my server? So I don't have any cords attached to my laptop, and cna move around in my house anywhere without the ext. drive attached.
<Centaur5> I hope this question doesn't upset someone but I keep reading about people that have servers running for months without rebooting.  Does that mean they aren't updating kernels with security flaws or is there a secret I don't know about that prevents rebooting?
<J-_> I know LVM filesystems can be live while increasing / decreasing partition size. But I don't know if that really correlates to that question. I'd figure if you're on a LVM system you want the maximum uptime possible so maybe that has something to do with it?
<J-_> Mind you that's just a guess.
<J-_> But I do know you can change partitions, etc.. live.
<Centaur5> Interesting, well it's not too important as I am capable of rebooting cause it only takes a couple minutes.  I was just curious cause I know Linux is a lot more powerful than I can comprehend.  :)
<soneil_> Centaur5, no, you're spot on .. kernel updates require reboots.   for most uses, a scheduled reboot at 3am shouldn't be a kick in the pants
<Centaur5> I'll have to research automatic rebooting after automatic updates that require it.
<ernieb> im having issues installing 6.6-2 on dell 2450 -scsi raid
<ernieb> i tried  mylex and a perc 2
<ernieb> with perc2 installer wont initiate the controller and the mylex installs but wont boot to kernel just dumps me in busybox  -
<ernieb> is there a known work around for either of these scsi controllers
<rhineheart_m> Hello.. I'm using gutsy. My sites are running well. I just want to ask this concern. My sites are running in LAMP.  When I tried to do sudo apt-get upgrade this appear in the console: The following packages will be upgraded:  libmysqlclient15-dev libmysqlclient15off mysql-client mysql-client-5.0   mysql-common mysql-server mysql-server-5.0 unzip 8 upgraded, 0 newly installed, 0 to remove and...
<rhineheart_m> ...0 not upgraded. Need to get 43.5MB of archives. After unpacking 16.4kB of additional disk space will be used. Do you want to continue [Y/n]?. NOW.. is it alright to go ahead?
<Jeeves_> rhineheart_m: It usually is
<rhineheart_m> Jeeves_: thanks for that.. so is it safe? won't it destroy my existing databases?
<Jeeves_> No, that should not happen.
<rhineheart_m> thank you..
<rhineheart_m> Is there a bandwidth tool that could be done in the console...by which you could still do even if you're remotely connected to the box?
<Jeeves_> rhineheart_m: bmon
<_ruben> and iftop
<_ruben> Jeeves_: using http debmirror completed just fine it seems
<_ruben> just fyi ;)
<Jeeves_> _ruben: Hmm, ok
<keithclark> Is there a ubuntu home server project still active?
<_ruben> keithclark: what should such a project entail? (read: not sure what you're asking for)
<keithclark> _ruben, a distro that is meant or the average home user to setup a simple server.  Everything graphical and easy.
<_ruben> server + graphical .. hmm .. that's pretty much a contradiction in my book
<_ruben> with the upcoming release and ebox, i think ubuntu server itself would qualify tho
<keithclark> _ruben, I'm not sure why that would be a contradiction.  Someone like me, and they may be rare, would like to setup a simple home server without command line usage.  Just simple install point click and run.
<keithclark> _ruben, I've tried many things and they just confuse me.  So much research and assistance needed.
<keithclark> _ruben,do you see what I mean?
<rhineheart_m> is bmon realtime?
<_ruben> keithclark: after i said that i realised that "graphical" doesnt necesarily mean having an X server installed, a web interface would qualify as being graphical as well, which is where ebox comes in
<keithclark> _ruben, exactly!  Something simple.
<_ruben> keithclark: havent really looked into ebox myself, since its not much use to me, but from what i've heard/read about it, it sure looks promising
<keithclark> _ruben, I will look into that!
<keithclark> _ruben, thanks
<Jeeves_> http://releases.ubuntu.com/8.04/
<_ruben> woohoo ;)
<nijaba> morning
<_ruben> mornin nijaba
<faulkes-> yes, I'd agree, it is morning
<faulkes-> I am none to happy about it though
<faulkes-> nijaba: talked to the company about iscsi testing next week, they are cool with it
<nijaba> morning _ruben, faulkes-
<nijaba> thanks a lot faulkes-
<faulkes-> np
<faulkes-> nijaba: sun+ubuntu press annnouncement?
 * faulkes- raises an eyebrow of interest
<nijaba> faulkes-: yes?
<faulkes-> very nice to see server edition getting some press
<faulkes-> I forwarded it on to the upper mgmt and marketing here as well
<nijaba> always nice :)
<faulkes-> that should spur them on a bit more as well
<_ruben> i'll be playing with iscsi in the near future as well .. waiting for certain hardware to become available though .. might take a week or 2 even :(
<cjsstables> morning all.  how difficult is it to setup ubuntu-server to provide network logins where network clients desktop is maintained on the server.  All clients would be ubuntu clientsand there are no windows clients at all.  Is there a document out there that someone could point me to?
<rhineheart_m> try to read samba server for ubuntu..google it..
<blue-frog> cjsstables: ubuntu + ltsp, or edubuntu
<cjsstables> hey.. thanks blue frog..  Actually I have that docloaded in my browser right now and am reading it..  thanks again..
<blue-frog> cjsstables: if you have never played with ltsp, edubuntu will be the easiest to start with
<cjsstables> ok..  I will look at that as well.
<cjsstables> basically what I really wanted to do is to have several clients loaded with ubuntu.  have 5 network users that coulld sign into any of the client pcs but have all there info from the server.  we are currently doing this in a mac osx environment and would like to move it to a ubuntu environmnet
<cjsstables> we are a small company and no it resources so it would be selfdeveloped
<Kamping_Kaiser> cjsstables, theres a few ways, depending on how complex you can go
<Kamping_Kaiser> cjsstables, it would be worth your while to look at the various pam modules available (apt-cache search libpam*) to see your options for authenticatin/accounting
<cjsstables> well right now, I have a test environment set up that followed rrcomputer consulting server setup.  We can have network users logi in to each client, but the only thing that they get to their home folder and mounts that drive, but allof their desktop settings are stored locally.  we really don't want that.
<cjsstables> we'dlike the desktop settings to come to be stored and maintained on the server side.  Our authentication in the test environment works pretty well.
<cjsstables> sorry, my typingis pittyful
<Kamping_Kaiser> you could save that data on the server, but i havent tried myself
<cjsstables> The authentication is user level though LDAP/Samba.  I think what I'm looking for is for the client side to recognize a network logon. and then based on that have it look to the server for the desktop instead of the local client.  However, the system must also be non network client aware If alocal user signs on the desktop must come from the local user configuration
<Kamping_Kaiser> the network stuff is entirely posible, not sure about the un-networked stuff. i know it was a 'to impliment' item a few years ago. not sure if its done ye
<cjsstables> we also tried sme-server but that gave us the same thing as we have from rrconsulting except that it wasn't afull ldap implementation
<cjsstables> and it was geared towards windows clients..  which btw,  works well and the desktopis saved on the server
<Kamping_Kaiser> you'll have to hang around and hope someone else can help with the specifics of your question
<cjsstables> ok cool...
<faulkes-> morning chuck
<[mbm]> 'lo; anybody home?
<[mbm]> fromport: I've noticed that the packets go out the domU xen interfaces but the response never comes back into the domU
<fromport> i totally agree. on my firewall i have "arpwatch" running and i get an email everytime a new domU is triggered.
<fromport> you also see Tx counting where as Rx stays 0
<[mbm]> also noticing that running gutsy the domU's occasionally crash with 100% cpu load on all cpus, completely unresponsive to console or sysrqs
<[mbm]> trying to dig through a crash dump now to figure out why
<[mbm]> gdb is choking on the xen core file, which is hampering my efforts
<fromport> no core-dumps here yet <knock wood>
<[mbm]> seem to get them mostly from the www server
<fromport> has anyone here succeeded in getting KVM to run with bridging for the guests ?
<Jeeves_> fromport?
<fromport> yep!
<fromport> hi! long time no see/talk ;-)
<Jeeves_> Indeed!
<Jeeves_> You betrayed Debian as well? :)
<fromport> shhttt.
<Jeeves_> :P
<fromport> it's simply not moving fast enough..
<fromport> even though i'm running some servers on sid allready ;-)
<nijaba> fromport: yes, I have bridging working here
<fromport> nijaba: i followed https://wiki.ubuntu.com/KvmVirtManagerEtc  & https://wiki.ubuntu.com/KvmWithBridge
<fromport> but somehow i cant get the guest to get a "public" ip address.
<nijaba> fromport: and?
<fromport> They always seem to go through the 192.168.122.x range somehow
<faulkes-> that sounds suspiciously like dnsmasq
<nijaba> fromport: does it work with fixed ip?
<fromport> dnsmasq not installed :-)
<fromport> the br0 interface is up and running
<fromport> but the virt-manager doesn't seem to detect it
<[mbm]> you're using dhcp and you get a 192.168.x.x address?
<[mbm]> means there's a dhcp server on your network, use tcpdump to help find it
<replicant_> hi, does anyone know where i can find changes introduced in hardy heron for the server version?
<fromport> i'm using virt-manager, and i dont get a change to really choose for dhcp, is there ?
<fromport> you have a choise of "virtual network" or "shared network"
<[mbm]> oh, kvm
<fromport> i think i need the "shared" but in the dropbox there is no "device" to choose from ;-)
<[mbm]> belive those options roughly translate to nat or tap
<nijaba> fromport: try with virt-install instead
<fromport> with: kvm -m 512 -net nic -net tap  -cdrom /archive/iso/linux/ubuntu/hardy-desktop-i386-alpha6.iso -boot d
<fromport> i do get a bridged ip !!
<fromport> so only thing left is to convince virt-manager to use the bridging as well ;-)
<nijaba> fromport: yes, I believe so
<fromport> nijaba: got it working by editting the xml files:
<fromport> <interface type='bridge'>   <mac address='00:16:3e:3e:eb:ee'/>  <source bridge='br0'/>
<fromport> vs
<fromport> <interface type='network'>  <mac address='00:16:3e:00:f3:fb'/>  <source network='default'/>
<nijaba> fromport: yep, virt-install allows to create this while virt-manager does not (yet)
<nijaba> fromport: see the -w option of virt-install
<\sh> window 11
<\sh> grmpf
 * _ruben just uses alt-q for window 11 ;)
 * \sh shouldn't open so much channels ;)
<[mbm]> hmm .. not much symbol information available for the -xen kernels
<_ruben> only got 12 open atm
<Kamping_Kaiser> _ruben, can i have some of your sanity?
<_ruben> Kamping_Kaiser: rather not, its already rather rare
<_ruben> and i compensate a bit by having 60 firefox tabs open
<Kamping_Kaiser> :(
 * Kamping_Kaiser has epiphany+ firefox stuffed with tabs, then two irc clients (me and kgoetz ) with lots of tabs. generally, little sanity
<_ruben>  why 2 clients?
<Jeeves_> Kamping_Kaiser: Isn't it like 2 o'clock in the morning for you?
<Kamping_Kaiser> Jeeves_, 11pm
<Kamping_Kaiser> _ruben, because they share a base ~15-20 channels, then my home/work clients have extras on top of that
<_ruben> ah
<rhineheart_m>  /j ubuntu
<wo0f_> ahhhh
<wo0f_> at last
<wo0f_> ubuntu chan with resonable amount of users ;D
<_ruben> the number of schizo's here make up for that
<wo0f_> lol :P
<dthacker> Is he talking about you, dthacker
<dthacker> No, he's talking about *you* dthacker
<wo0f_> :O
<wo0f_> so why do you guys use ubuntu server rather than debian?
<_ruben> fast and fixed release cycle
<_ruben> debian takes ages to get new releases out
<_ruben> we used debian in the past .. then switched to suse since we needed a 2.6 kernel based os and sarge was getting delayed over and over .. currently we're transitioning from suse to ubuntu
<fromport> if i need something simple, but stable i'll go for debian. cutting edge -> ubuntu
<wo0f_> good points
<wo0f_> im finding the no-root su-do malarkly annoying atm
<wo0f_> can i just enable root?
<_ruben> i see it as an improvement
<wo0f_> id rather use su
<_ruben> on our suse machines we pretty do everything as root, which is far from recommended
<wo0f_> and screen
<_ruben> sudo passwd .. enter passwd twice .. and you can su
<wo0f_> rather than typing sudo infront of every single operation
<wo0f_> :D
<wo0f_> cheers _ruben
<_ruben> i like the idea of sudo actions being logged
<ScottK> wo0f_: You can.  It takes about a minute.  Do note that the default ssh config for Debian/Ubuntu allows ssh root access.  You'll want to change that.
<\sh> _ruben: well, then you should take a look on sudosh2 :) http://freshmeat.net/projects/sudosh2/
<wo0f_> lol ScottK
<wo0f_> why would i want to do that?
<ScottK> wo0f_: Why would you want to do which?
<wo0f_> oh sry
<wo0f_> misread that sry
<\sh> wo0f_: because an opened root account is evil...and most entries to machines are coming via brute force attacks on sshd's with PermitRootLogin yes settings
<_ruben> \sh: nice ;) .. but rather stick to the ubuntu-way
<wo0f_> neg
<wo0f_> ill just diable root access
<\sh> _ruben: well, you can add this the ubuntu way...the only change: it logs everything you type, too ;)
<wo0f_> i just wanted su ;]
<\sh> sudo su - is not enoug?
<\sh> alias su="sudo su -" is also a solution ;)
<wo0f_> pardon?
<\sh> enough even
<wo0f_> rofl
<_ruben> \sh: thats an approach i hadnt thought of
<ScottK> \sh: Actually you'd rather do sudo -i in that case than sudo su.
<wo0f_> innit!
<\sh> ScottK: yepp
<_ruben> in fact what i do here is give root a passwd, and have sudo require the root pw, this because we log on using ssh keys
<rhineheart_m> what's the difference between su and -i?
<ScottK> The environment variables are slightly different
<wo0f_> nothing i guess
<_ruben> and i create a global alias 'su=echo "do not use su, use sudo instead!"' :p
<wo0f_> both make the shell root
<ScottK> Most of the time sudo su will work, but sudo -i will give you a saner result in a few corner cases.
<rhineheart_m> _ruben: I guess its not a good practice to give password to root
<nijaba> fromport: I have update https://wiki.ubuntu.com/KvmVirtManagerEtc with instruction for bridging
<ScottK> People argue about root versus sudo all the time.
<ScottK> Personally, I think the main benifit of sudo is that it goes away after a while and you have to retype sudo so you don't stay root.  Personally, I think it's a crutch for sloppy admins.
<ScottK> YMMV of course.
<wo0f_> lol
<\sh> the only usage for root: If your server doesn't respond anymore and you need to boot into a root shell which is secured by a password...e.g. via iLO or another remote insight board
<rhineheart_m> but once you've used it already and you entered your password as admin.. it won't ask for a password anymore.. meaning you have the root access
<ScottK> rhineheart_m: That's about 98% right.  There are a few differences that almost never matter.
<nijaba> wo0f_: I believe sudo is essential as it brings role based tracable admin
<nijaba> Ubuntu also implements a role-based administration model with no default root access. Other Linux distributions typically provide this root access but role-based administration allows for better security, error prevention and auditing. This is particularly useful on systems where more than one user might have been given root access, as in a traditional model. This default can be reversed once the user is confident that root access will be secure
<nijaba> in their particular situation.
<ScottK> For me the biggest difference is that to get root via ssh with sudo you need one user name and one password.  With a root password you need one user name and two passwords (assuming you disable ssh root access).
<rhineheart_m> But I can't still the point.. why you should not be using root account well in fact root privilege is there with sudo.... :)
<rhineheart_m> *get
<ScottK> It's mostly because people get root and stay root, forget, and do something silly.
<\sh> rhineheart_m: the fun part: on a single user machine you are able to do whatever you want...even as root :)
<ScottK> sudo reverts itself automatically.
<_ruben> rhineheart_m: i know its not perfect .. but giving the users a local passwd without resorting to using ldap or smth because it wouldnt be maintainable otherwise
<nijaba> rhineheart_m: because: 1/ you will not know who does a modification if multiple admin have access to the machine
<ScottK> That's another difference that can be significant.
<nijaba> 2/ because it is dangerous to always be root if you leave the machine or type a bad command inavertantly
<rhineheart_m> how about if only one person has the access to the box? is it still a good choice?
<\sh> rhineheart_m: the serious part: in companies you have several admins doing different admin tasks...you don't want to give them root access, because they could destroy something which is not their area..so sudo can be configured to give other admins more rights to do tasks as root, but not to destroy other things...(this is the ideal idee behind it)
<wo0f_> anyways, glad to see iv sparked off this convo:P
<nijaba> rhineheart_m: that's really up to you to do a su passwd to have a root account
<wo0f_> just wanted to use su :)
<nijaba> but it should not be default
<nijaba> wo0f_: then sudo su will work
<rhineheart_m> honestly.. I gave root a pass before.. but when I encountered this issue.. I then reverse it to default... (without even knowing why did I reverse it.. for what reason or purpose LOL)
<nijaba> I must admit that I sudo su quit often, if I need to walk in a hierarchy my normal user does not have visibilty on
<_ruben> i already told my co-admins that they better have damn good reason ready when i see a sudo su - or sudo -i or smth similar in the logs ;)
<_ruben> then again, sudosh2 would make that less an issue, but still
<nijaba> rhineheart_m: having a root password is not "bad", encouraging the users to log in as root by default is, as it would be to have a simple password for root or for an account with sudo power
<rhineheart_m> ScottK: I got your point actually.. so.. it is possible to configure level of root privileges to an environment where more than I admin? Like there are superadmin (could modify the system) admin (less privilege) user (very limited)?
<nijaba> _ruben: the good thing with sudo su is that it is logged as well :)
<_ruben> nijaba: but the commands after that arent, right?
<nijaba> _ruben: in history of root only
<_ruben> nijaba: ah ok, im talking syslog here
<rhineheart_m> " as it would be to have a simple password for root or for an account with sudo power" <<<< what do you mean with this?
<nijaba> _ruben: yes, but I have been able to trace what a sudo su did through bash_history
<_ruben> nijaba: true enough
<nijaba> rhineheart_m: if you have an account in the admin group with an easy password, it is as bad as having a root account with a simple pssword
<nijaba> rhineheart_m: meaning it can and will be cracked by any dictionary attack
<nijaba> rhineheart_m: personally I disable password login on ssh on all my machine connected to the internet
<_ruben> same here
<rhineheart_m> so what did you do instead?
<nijaba> rhineheart_m: ssh keys
<rhineheart_m> ssh keys? mmm.... can you explain a little info about it?
<nijaba> rhineheart_m: and it is so much faster to logon :)
<rhineheart_m> is it secured?
<nijaba> rhineheart_m: take a look at ssh-keygen, ssh-copy-id
<rhineheart_m> I mean.. m sure it is... in fact you chose it.. I mean.. where that ssh keys saved?
<nijaba> rhineheart_m: yes, as long a the id file is kept secured and has a good passwor
<_ruben> public/private key authentication .. public key on server you want to logon to .. private key you keep secure and is protected with a passphrase
<nijaba> rhineheart_m: only on my laptop, that is always with me
<nijaba> rhineheart_m: some people store it on a crypted USB key
<nijaba> rhineheart_m: and you should never be reluctant to change it if you think it can have been compromised
<rhineheart_m> what if somebody can gain access in the USB..let's say.. it's lost...and you didn'y know it is lost promptly...
<nijaba> rhineheart_m: he needs one password to access the crypted file system and a second one to unlock the key
<nijaba> rhineheart_m: but that would constitute a potential compromise any way, so i'd change the key ASAP anyway
<rhineheart_m> uhuh! that's great.. honestly.. I've been using pass to gain access to the box remotely..
<nijaba> rhineheart_m: have you looked in your log how many connection attempt you get on ssh?
<rhineheart_m> yeah.. I could as well review the logs of incoming connections in my router...
<nijaba> rhineheart_m: it is really scary how many zombies are trying dictionary attacks these days
<nijaba> rhineheart_m: I'd say that a machine connected on the net with root root login would survive less than 10 min
<rhineheart_m> really? ows!horrible
<rhineheart_m> so.. where in the world I can get a guide the way you set up your ssh server to accept incoming connections?
<nijaba> rhineheart_m: man sshd ?
<nijaba> rhineheart_m: that's for limiting to key auth only
<nijaba> rhineheart_m: man ssh-keygen and man ssh-copy-id for creating and deploying the key (you should do that part first ;))
<nijaba> rhineheart_m: actually man sshd_config is more what ou need to look at
<rhineheart_m> can you point me to somewhere else with a guide on this matter?
<nijaba> rhineheart_m: I could write one or look for one, but I do not know one from the top of my head
<Schiz0|SD> Hey, I'm having an odd problems I can't seem to solve. I have an ubuntu 7.10 server running a few php/mysql websites. I've been having some problems with packet loss and the website timeing out A LOT. So it seems there's an etworking problem with our host. However, connecting to lcoalhost still has issues. For example, I run a caching BIND and a memcache daemon. Often, both DNS lookups say "no servers found" and memcached clients say ...
<nijaba> rhineheart_m: found this, looks good : https://help.ubuntu.com/community/AdvancedOpenSSH
<Schiz0|SD> ... "connection timeout to 127.0.0.1"
<rhineheart_m> okay. so what are the key terms here? so that I could find it myself?
<Schiz0|SD> what would cause connections to localhost time out all of a sudden? It was working perfectly a week ago, and nothing changed. I'm guessing some sort of ip stack corruption due to the packet loss issue or somethign? But I really have no idea
<nijaba> Schiz0|SD: when you do an ifconfig, do you see interface lo ?
<Schiz0|SD> yep, it's there
<Schiz0|SD> it does connect to lcoalhost, but only randomly. As in, it doesn't work all the time
<nijaba> Schiz0|SD: can you ping localhost?
<Schiz0|SD> Yeah, I just tried and it works fine
<Schiz0|SD> althoguh, I'm getting packet loss on localhost
<nijaba> Schiz0|SD: when you say "fail to connect" what service/command are you talking about
<nijaba> ?
<nijaba> Schiz0|SD: Packet loss on localhost?  really?  that is new to me !
<Schiz0|SD> --- localhost ping statistics ---
<Schiz0|SD> 30 packets transmitted, 12 received, 60% packet loss, time 29000ms
<Schiz0|SD> rtt min/avg/max/mdev = 0.036/0.052/0.060/0.011 ms
<rhineheart_m> how to review again the ssh logs?
<nijaba> rhineheart_m: /var/log/auth.log
<Schiz0|SD> nijaba: As for other connections, when I run "host www.google.com" it occasionally says "Server not found" The only thing in my /etc/resolv.conf is 127.0.0.1
<nijaba> Schiz0|SD: something is really wrong with your network
<Schiz0|SD> :-\
<_ruben> packetloss on localhost sure is new to me as well
<Schiz0|SD> could it be some sort of ip stack corruption or something?
<Schiz0|SD> $ host efnet.org
<Schiz0|SD> ;; connection timed out; no servers could be reached
<Schiz0|SD> it hsould be able to connect to bind on localhost :-\
<Schiz0|SD> I really have no idea what to do. I'm more of a php coder than a tcp/ip network tech :-X
<_ruben> Schiz0|SD: well .. it *could* also mean that you can reach your own dns server, but your dns server cant reach the actual dns server
<Schiz0|SD> ah
<rhineheart_m> is it possible to just allow ssh access to a range of IP? like I want it to be accessible by IP in our locality?
<Schiz0|SD> that makes sense
<_ruben> rhineheart_m: thats what packet filters are for
<rhineheart_m> packet filters? where would I configure it?
<rhineheart_m> ip tables?
<nijaba> Schiz0|SD: I would first try to find why you have packet loos on localhost, as it sounds like a much more fundamental problem
<kirkland> Schiz0|SD: out of curiosity, what is your MTU on localhost?
<Schiz0|SD> Could it be a duplex issue between some routing hardware at our host?
<Schiz0|SD> kirkland:
<Schiz0|SD> UP LOOPBACK RUNNING  MTU:16436  Metric:1
<kirkland> Schiz0|SD: it clearly a problem, that you have packet loss on loopback, but you might try narrowing it down by adjusting ping's packet size
<nijaba> Schiz0|SD: localhost is not going through the hw, so it should not be related
<rhineheart_m> ows.. I guess MTU should be somewhere 1300 -1500.. correct? mmm a newbie here. L)
<kirkland> Schiz0|SD: ping -s 10 localhost, ping -s 100 localhost, ping -s 1000 localhost, ping -s 10000 localhost, ping -s 65000 localhost
<kirkland> rhineheart_m: not on localhost, it can be much bigger
<kirkland> rhineheart_m: my MTU on localhost is also 16436
<rhineheart_m> okay.. that's for etho?
<Schiz0|SD> I'm getting a some of these errors during the pings:      ping: sendmsg: Operation not permitted
<kirkland> rhineheart_m: yeah, eth is usually more in the 1400-1500 range
<nijaba> rhineheart_m: yes, the value you gave are for ethernet
<Schiz0|SD> that would be the firewall, right?
<kirkland> Schiz0|SD: are you using any other parameters to ping?
<Schiz0|SD> Although, our firewall shouldn't touch localhost
<Schiz0|SD> nope, I just ran what you told me above, the first one
<rhineheart_m> they're of the same machine...right? lo and eth?
<kirkland> Schiz0|SD: and are you running as root, or unpriv user?  are you using sudo?
<Schiz0|SD> As root
<rhineheart_m> so.. it might be a hardware problem.. just don't know... :)
<kirkland> Schiz0|SD: "Operation not permitted" is emitted by ping, if perhaps you try and ping flood as an unpriv user
<nijaba> kirkland: I guess yo would know about flooding ;)
<Schiz0|SD> I can pastebin some output...gimmie a minute or two
<kirkland> nijaba: learned a bit about it this week, nijaba ;-)
<Jeeves_> Schiz0|SD: Try iptables -F
<Schiz0|SD> uhh.
<Schiz0|SD> what's that do Jeeves_?
<kirkland> Schiz0|SD: one other thing that could cause packet loss on localhost is if localhost is getting HAMMERED by something else at the same time
<Schiz0|SD> I think my ssh connection just died
<_ruben> could run a tcpdump -nvi lo as well to see that
<Jeeves_> Schiz0|SD: That flushes your firewall
<Schiz0|SD> yeah, it's not responding to anything now :-X
<_ruben> iptables -F can be rather harmful when performed remotely with policies set to DROP
<Schiz0|SD> Oh. Damn.
 * Schiz0|SD just got in trouble
<Jeeves_> _ruben: That's true ...
<Jeeves_> Schiz0|SD: Should I feel guilty?
<Schiz0|SD> Well. How can I fix it? or rather, how can our host fix it?
<_ruben> depending on ur host, reload the firewall ruleset should do the trick
<Jeeves_> Schiz0|SD: If you're policy is indeed DROP, you need te login locally and reload the firewall
<_ruben> then again, your connectivity problems *might* be caused by that very ruleset
<Jeeves_> And sorry for missing out on this step ..
<Schiz0|SD> Well considering I'm in the US, and the server is in Sweden :-X
<Schiz0|SD> It's fine Jeeves_...I should've looked up the manpage before running it anyway :-X
<Jeeves_> :/
<Schiz0|SD> Anyway, our firewall script is here: http://silenceisdefeat.org/~schiz0/iptables.rules
<Schiz0|SD> We've been using it for a while, and it's been ok
<Schiz0|SD> so I don't think that's the problem
<Jeeves_> echo "Setting default DROP policies ..."
<Jeeves_> # Set default policies
<Jeeves_> $IPT -P INPUT DROP
<Jeeves_> $IPT -P OUTPUT DROP
<Jeeves_> $IPT -P FORWARD DROP
<Jeeves_> Jup, that's dropping everything...
<_ruben> even output filtering .. hardcore ;)
<_ruben> hmm .. 'scary' :
<_ruben> [271085.238264] EDAC e752x: Non-Fatal Error DRAM Controler
<_ruben> [271085.238276] EDAC MC0: CE page 0xa279a, offset 0x640, grain 4096, syndrome 0x2, row 2, channel 0, label "": e752x CE
<_ruben> lets run a memtest86+
<ivoks> hello
<mathiaz> hi ivoks !
<ivoks> hi, sorry for meeting :/
<ivoks> how ugly would be to add new system group (sasl) and configure dovecot to provide sasl socket by default for that group
<mathiaz> ivoks: np - the earth is still round and the sun came back this morning :)
<ivoks> then, have an additional binary package (from dovecot source), which, when installed, would move that socket to postfix chroot and link old path to new path
<ivoks> and add postfix to sasl group
<ivoks> no configs would get changed
<ivoks> but it would be ugly to have /var/run/dovecot/sasl/socket linked to /var/spool/postfix/private//something
<ivoks> what say you? :)
<mathiaz> ivoks: that's seems complicated.
<mathiaz> ivoks: I've had a quick glance at the dovecot source code
<mathiaz> ivoks: and it seems that's it should be easy to modify dovecot to not break if the sasl socket doesn't exists
<mathiaz> ivoks: or better - if the directory to create the sasl socket doesn't exists
<ivoks> well, i'm not programmer :/
<ivoks> i tried changing code so that it doesn't fail; and it didn't, but it failed with another error, at glance, unrelated to non-existing directory
<ferric84> I have a ssh connection going that looks like this:  ssh -l <username> -L 8088:192.168.0.100:80 lan.mysite.com.  I'm trying to make sites on this lan local so I can work on them, by adding "hostname 127.0.0.1" to my hosts file, but I cannot get these to resolve in the browser... any ideas?
<ivoks> but, once i reverted those changes, it started normaly
<ivoks> ferric84: hosts is 'IP hostname', not 'hostname IP'
<ferric84> hmmm
<ferric84> arg
<ferric84> now it's a cannot find server erro
<ferric84> r
<J-_> does the normal LAMP install have wake on LAN installed or something? I just logged into the server from where it is, and it sounded like it did a fast boot up, almost like when you boot up a pc, just much more faster
<ivoks_> wol is bios thing
<J-_> hmm
<J-_> not sure what's wrong with this server. I shall restart and see if it works.
<ivoks_> bbl
<J-_> In dmesg, I see: "Call Trace" is that normal?
<Schiz0|SD> To those who were helping me earlier today: Our host rebooted the server and reloaded the iptables script, so all is well.
<Schiz0|SD> As for the networking issues, the reboot seemed to help A LOT. Everything seems to be running fine now, and there's no packet loss as far as I can see
<Schiz0|SD> So I'm still not sure what the problem was :-\
<J-_> In dmesg, I see: "Call Trace" is that normal for a server? It's quite repeatative.
<nijaba> Schiz0|SD: thanks for the follow up
<J-_> bleh
<fromport> could some operator mayby ban the pumpernickle ?
<themime> ah ok thanks, ill do that.  is there a way i can confirmed i did install the server version though?
<themime> oops
<themime> i just installed (what was supposedly ubuntu server 7.1), doesn't have sshd, apache...really any server stuff. anyway, regardless, im trying to install the server stuff i need, and this is my first time using ubuntu.  i installed apache using synaptic package manager, and i thought i also installed phpBB2, but i can't find it anywhere.  my past experience with phpBB2 was a tar, untaring in the appropriate folder, and configurin
<themime> also, is there a way to confirm i installed the server edition of ubuntu?
<fromport> all the other version start with a graphical login after bootup ;-)
<fromport> so if you have the text login: -> server version
<themime> i burned the right cd, and downloaded the right cd...hmm
<themime> cause i do have a graphical login.  and no server stuff installed
<fromport> what does "dpkg -l ubuntu-desktop" show ? only confirm if has an "i" at the beginnen of the line
<themime> ok, i typed in the command, what am i looking for in the response?
<ivoks> any objections for upload of new bacula (closes 3-4 bugs)
<ivoks> :)
<fromport> themime: there should be 1 line and at the beginning there is probably an "i" or an "u"
<themime> theres no ssh so i can't c/p but its more than 1 line, it looks like there was some sort of error.  let me get on irc on the box itself so i can c/p
<themime> er, sshd
<fromport> apt-get install ssh
<fromport> a server (and desktop as well) never is installed  with ssh. always have to install that seperately
<themime> ah ok
<themime> im epic failing to get pidgin to work with irc haha
<themime> theres no way this is the server edition, theres no server software on here at all
<themime> and it has a gui
<themime> Desired=Unknown/Install/Remove/Purge/Hold
<themime> | Status=Not/Installed/Config-f/Unpacked/Failed-cfg/Half-inst/t-aWait/T-pend
<themime> |/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad)
<themime> ||/ Name           Version        Description
<themime> +++-==============-==============-============================================
<themime> ii  ubuntu-desktop 1.79           The Ubuntu desktop system
<themime> after running the dpkg -l ubuntu-desktop
<fromport> ehh.. you're not supposed to use cut&paste. they will warn/ban you on certain channels :-)
<fromport> just the "i" at the beginnen of the line would have been suffciant
<themime> heh yea sorry, i should have used a pastebin
<themime> the other stuff seemed important too
<themime> so do i have desktop installed then?
<fromport> could be: OR during install it has asked you to install "desktop" . if you answered yes it installed the whole ....
<themime> i never remember it asking me if i wanted to install desktop
<themime> is there a way to install the server and uninstall the desktop without reinstalling via cd?
<fromport> just delete the graphical stuff: eg  aptitude purge ubuntu-desktop
<themime> did i mess up package stuff by using synaptic manager?
<themime> sudo apt-get install apache didn't work, said the package didn't exist
<fromport> no !
<fromport> it's apache2 nowadays
<fromport> apt-cache search apache2
<themime> ah ok
<themime> should i unstall using synaptic and reinstall with apt?
<themime> the mixed managers bothers me haha
<fromport> aptitude is just a graphical way to access the package system. apt-get/aptitude is from the command line.
<fromport> the effects are the same, you can mix&match.
<themime> why, when prompted for the "admin" password, i have to enter my user password and not the root password (like to install stuff?
<peterdv> themime: The password is for sudo.
<themime> which i thought was the root password
<peterdv> sudo(8): ...  Otherwise, sudo requires that users authenticate
<peterdv>        themselves with a password by default (NOTE: in the default configuraâ
<peterdv>        tion this is the userâs password, not the root password). ...
<jnkq> is ubuntu capable to be stable server?
<themime> ah, man sudo, im dumb haha
 * themime goes and rtfm
<J-_> http://pastebin.ca/951848 any ideas? What can I do to fix this?
<J-_> http://pastebin.ca/951851 Here is my syslog
<ivoks> J-_: did you check if /var/run/mysqld/mysqld.sock exist?
<J-_> ivoks: I just cd /var/run/mysqld, typed ls, and mysqld.sock doesn't exist.
<J-_> ivoks: what can I do to fix it?
<ivoks> J-_: can you start mysql?
<J-_> no
<J-_> I just tried to restart mysql, would that make it start?
<ivoks>  /etc/init.d/mysql start
<J-_> ivoks: http://pastebin.ca/951848 shows still
<ivoks> start i said
<J-_> sane thing
<J-_> same*
<ivoks> and syslog?
<J-_> http://pastebin.ca/951851 syslog
<ivoks> you already pasted that link
<J-_> yes
<J-_> that was syslog says.
<ivoks> i asked you to start mysql and paste syslog after that
<ivoks> not something you did 15 minutes ago
<ivoks> and there's more in syslog than 10 lines, so please, paste more than 10 lines
<J-_> ivoks: How can I show more than 10 lines?
<ivoks> tail -n 20 /var/log/syslog
<J-_> ivoks: http://pastebin.ca/951887
<J-_> Sorry about that. I was waiting for a reply, and didn't realize you typed something after I did, "/names" Pumpernickle is ghosting a lot.
<ivoks> Can't start server: Bind on TCP/IP port: Cannot assign requested address
<J-_> ivoks: What do I need to do to fix that?
<ivoks> can you 'telnet localhost mysql'
<ivoks> does it connect?
<J-_> Trying 127.0.0.1, and it hasn't connected yet.
<ivoks> ok
<ivoks> paste content of /etc/hosts on pastebin
<J-_> ivoks: http://pastebin.ca/951893
<ivoks> do you start mysql with sudo?
<ivoks> sudo /etc/init.d/mysql start
<ivoks> what did you do before it stoped working?
<J-_> ivoks: Yes I tried to start mysql with start. I was trying to configure my hosts, and connect from a static IP. I have the static IP configured I think, not sure if it's proper. But, I can ping google.
<J-_> I also configured SSl for apache
<J-_> I also installed phpmyadmin
<ivoks> i'm not sure what you mean with configure your hosts
<ivoks> ubuntu is basicaly plug and play when it comes to LAMP stack
<J-_> I tried configuring /etc/resolv.conf, and /etc/network/interfaces
<J-_> want me to pastebin both of those configs?
<ivoks> paste those files
<J-_> okay
<J-_> ivoks: http://pastebin.ca/951902
<ivoks> network is 192.168.1.0
<ivoks> not 1.1
<J-_> ivoks: Why the change?
<J-_> My router's IP address isn't 192.168.1.0
<ivoks> network isn't IP of your ruter
<ivoks> that's gateway
<J-_> k
<ivoks> change to 0
<ivoks>  /etc/init.d/networking restart
<J-_> Okay, I restarted networking, mysql doesn't start still.
<J-_> Nothing when I telnet 127.0.0.1
<ivoks> oh...
<J-_> err, when I telnet mysql sorry
<ivoks> you  don't have loopback in interfaces?
<J-_> What do I need to put in loopback?
<ivoks> http://pastebin.ca/951908
<ivoks> after you fix it, restart your computer, there are even more services that doesn't work
<ivoks> don't work
<J-_> Okay
<J-_> Just heard the server beep, it's restarting. =D I'm in another room.
<J-_> Okay it's restarted I'm SSH'd into it.
<J-_> ivoks: It says mysql already running it after trying to start it.
<ivoks> then it works
<ivoks> try restarting
<J-_> After trying to telnet to mysql it says, http://pastebin.ca/951914 Is that normal?
<J-_> ivoks: Restarting what? the server, or networking?
<ivoks> mysql
<J-_> k
<ivoks> that's normal
<ivoks> yes, it's working
<J-_> Awesome, it restarted.
<ivoks> leason learned? unix machines need loopback; never remove it
<J-_> ivoks: Thank you very much dude. You have the patients of a saint. =)
<ivoks> heh
<J-_> ivoks: Much appreciated.
<ivoks> np
<mitesh> hi i want to make a webserver with minimum configuration
<mitesh> and no additional package
<mitesh> how can i start
<mitesh> also can the appliance develop using Ubuntu JeOs be deployed on a real machine?
<mitesh> anyone there??
<fromport> mitesh: install ubuntu server , no extra's (graphical desktop etc) and add on demand what you want/need (eg aptitude install apache2 etc)
<mitesh> is ubuntu server a bare minimum
<mitesh> or it can still be futher stripped of
<mitesh> off
<fromport> jeos == normal ubuntu but only without all overhead. any application you generate/develop will run on any "real" other ubuntu (given cpu architecture etc etch_
<fromport> it's a bare minimum
<mitesh> fromport: ubuntu server is different from jeos
<mitesh> is JeOs only for Virtual appliance?
<fromport> jeos is meant for bare minumum under virtual environments (if i'm correct)
<fromport> so only has the drivers needed for that environment where as ubuntu-serverhas _all_ drivers (you dont know what hardware it will run on)
<mitesh> ok ... so is there a way we can stip off ubuntu-server so it may become similar to jeos
<mitesh> ?
<fromport> how minumum would you like to go ?
<fromport> why ?
<mitesh> i was actually going through this link http://www.ubuntu.com/products/whatisubuntu/serveredition/jeos and then later went and read this tutorial http://www.linux-mag.com/id/4829... so i am confused as can i use feos to make a webserver which can be deployed on a machine
<mitesh> as everywhere they are mentioning virtual appliance only
<fromport> let me read it real quick (still working too ;-)
<fromport> you cannot "copy" jeos from a virtual machine and expect it to run on a "real"machine
<themime> ok, i reburned the server install, so i _know_ its the right one.  how can i completely format the disk, boot disk and all
<fromport> but if you develope a website (some cms & database) you could transfer that information to another machine installed with ubuntu-server
<fromport> use guided partioning from the cd, it will wipe your hd clean ;-)
<themime> awesome, thanks
<themime> actually, before i go through with the install, is there a way to confirm the cd is the server install while booted into the livecd part
<Nafallo> the server install doesn't have a live part? :-)
<themime> haha, that should have been my first flag that went up.  haha so fromport, i think i burned the desktop install and labeled it "server install"
<themime> ok, so let me rephrase then: how do i wipe the drive clean from the server install =)
<fromport> just boot the server image
<themime> so a normal install
<mitesh> fromport: any suggestion for my problem
<fromport> themime: http://howtoforge.org/perfect_server_ubuntu7.10 looks a lot like hardy ;-)
<themime> badass, thanks
<mitesh> can i make a real appliance using jeos
<fromport> describe " real appliance" ?
<fromport> jeos is _not_ meant to run on hardware directly
<fromport> only in a virtual environment
<fromport> so it doenst know about 100.000 different kinds of hardware.
<fromport> ubuntu-server does know a lot of different hardware and hence it's much larger/more complex that jeos
<fromport> once it's running applications like apache/databases etc dont know the difference
<fromport> you lost me, what are you trying to achieve ?
<mitesh> real appliance one which i can thn copy on a cd and boot another machine from that cd
<mitesh> i got it thats what i need to know that jeos cant be run on hardware directly
<mitesh> do you have any idea about GNAP = Gentoo Network Appliance
<fromport> no knowledge of gentoo* whatsoever ...
<mitesh> ok thanks for the help
<fromport> good luck! ;-)
<mitesh> :)
<themime> heh, i used to have gentoo on this laptop, never did get the wireless to connect
<themime> i think the install took a full night for the _base_ install
<themime> open office took like 8 hours
<mitesh> yaa gentoo 1st compile everything firefox takes 48 mins to install
<themime> fromport: this "perfect server" link is awesome
<fromport> no other distro is so "tailor cut" for your system as gentoo. But it's not my "taste"
<fromport> *bsd people who want to switch to linux are probably delighted ... :-)
<fromport> emerge [this/that]
<mitesh> emerge world :P
<fromport> :-)
<[mbm]> anyone using xen under hardy?
<nxvl> why is ubuntu a partner of zimbra and zimbra isn't included on ubuntu?
<foo> Isn't Zimbra paid?
<nxvl> soren: around?
<sommer> nxvl: he's on vacation until tues
<nxvl> oh ok
<nxvl> did you know something about small-bussiness-server?
<nxvl> what's the state of it
<nxvl> i hvae just saw it was aproved on sevilla
<sommer> it's too small, and not enought businessy :-)
<nxvl> heh
<sommer> are you talking about a blueprint?
<nxvl> yup
<nxvl> https://blueprints.edge.launchpad.net/ubuntu/+spec/ubuntu-easy-business-server
<sommer> ah... my opinion, the whole small business, enterprise, etc doesn't really make much sense
<sommer> in the end you're really just talking about services :)
<sommer> is one service small business and another enterprise?
<sommer> nxvl: thinking of brining it up at UDS?
<sommer> the blue print that is
<sommer> nxvl: I had a thought about a LDAP management "something" would really be needed
<\sh> sommer: apache directory studio, eclipse based...;)
<sommer> mmm... that's interesting
<\sh> sommer: and works actually
<sommer> heh, that's always a plus
<\sh> sommer: serious, I'm using it for ldap management ( not the apache package but the eclipse plugin in my normal eclipse setup)
<\sh> you can edit all stuff you want and add new ldap objects etc.
<sommer> cool... I really like the php/web plugins for eclipse
<sommer> and the python, perl, ruby plugins :-)
<\sh> it was build when they started to work on an apache directory server, which works too..but not so known as openldap
<\sh> and full java power ;)
<rhineheart_m> hello.. is modsecurity2 in the repo? is it alright to install it in gutsy?
<sommer> \sh: thanks, I'll look into that
<\sh> sommer: you're welcome
<rhineheart_m> can anybody suggest here if it is safe to follow this tutorial? http://www.howtoforge.com/apache_mod_security
<dthacker> rhineheart_m: what are your concerns?
<rhineheart_m> dthacker: thanks for that.. I just want to mask my http header information something like to Apache (unix)..
<dthacker> rhineheart_m: I'm not sure if that tutorial will help you do that.  My concern with it is that it's using 2 year old versions.
<rhineheart_m> dthacker: Yeah.. I noticed it...that's why I didn't do it.. owss... are you using modsecurity2?
<dthacker> rhineheart_m: no I have a low traffic site and my config is very plain.
<rhineheart_m> dthacker: okay.. did you modify the way apache2 gives info in the http header request?
<dthacker> rhineheart_m: no
<rhineheart_m> Can anybody here tell me if this bug has been alreadu fixed and added to the repo? Bug #156748
<ubotu> Launchpad bug 156748 in iperf "Thread library bug for kernel >= 2.6.21" [Unknown,Fix released] https://launchpad.net/bugs/156748
<J-_> Hello, I'm having a problem with no-ip in the Dapper installation. I already set it up but, when I want to run it, "sudo no-ip -C" it says "file '/etc/no-ip.conf' is in the use of process 3723. Ending!" Can I kill -9 the process and reconfigure it?
<J-_> Nevermind, I just sudo killed the process. It worked.
#ubuntu-server 2008-03-22
<ghostnob_> hi everyone
<sommer>  yo
<ghostnob_> hi sommer
<ghostnob_> I saw some of your works on ubuntu mail list environment...
<sommer> heh, hope they were good works
<ghostnob_> yeah... I want to join but I don't what I want to do yet.. they are all interesting projects...
<sommer> ah, I'
<ghostnob_> I'm a web developer and I love scripting especially using linux is awesome since I started 2005
<sommer> I
<sommer> I've found that it's best to start with what you like
<sommer> new keyboard... keep hitting, enter when I'm not ready... heh
<ghostnob_> ok.. I'm thinking of packaging OR mysql
<ghostnob_> ahh
<sommer> have you checked into MOTU yet?
<sommer> that's probably the best place to start with regards to packaging
<ghostnob_> ok.. I've been looking into that since thanks for telling me.. I will surely do that for the sake of mentoring... lol
<sommer> server's a great place to start as well though!
<ghostnob_> cool
<sommer> another thing upcoming is the upgrade from dapper to hardy, so help with testing is greatly appreciated :-)
<sommer> but again, it's really a matter of what you'd like to do
<ghostnob_> thanks sommer... sorry I was seting my evolution mail...
<sommer> heh, not a problem, I'm just hangin out
<ghostnob_> one quick question:
<sommer> sure
<ghostnob_> I'm trying to set my ubuntu server as the main mail server; and I want to be able to transfer exchange server 2000 to it. do you thing it's possible...? i know it's dumb...
<Kamping_Kaiser> yes its posible, but may be a bit of work
<sommer> heh, ya kind of depends on how you use your exchange server
<sommer> IMHO the biggest functionality lack between exchange and Open Source solutions for email is shared calendering
<sommer> there are Open Source shared calendars, but as far as shared calendars integrated with email, it's not as integrated as exchange
<ghostnob_> ok... gotcha..
<ghostnob_> one last question... sorry I ask questions alot..
<Kamping_Kaiser> ease of integration isnt huge either, but thats partly because people spend their time making good stand alone apps, not easy to ingtegrate ones.
<ghostnob_> I use comcast, but I want to be able to access my computer from outside or work; how do you think I can do it.
<sommer> Kamping_Kaiser: I concur
<sommer> ghostnob_: ssh
<sommer> at least if your workstation is linux :-)
<ghostnob_> ok.. so it's possible...... yeh!
<Kamping_Kaiser> you could putty if its not
<sommer> just need to open port 22, but you should limit access to only the users needed
<ghostnob_> as long as I know my IP or do I need to create a new IP for it?
<ghostnob_> ok..
<sommer> you can port map through your firewall to your workstation
<sommer> it's a good idea to make sure you have a strong password though
<ghostnob_> ok...
<ghostnob_> i'm good at that
<ghostnob_> because there is something I'm trying to do and if it works, that would be awesome and I will definitely owe you guys... lol
<ghostnob_> but now the problem might be the router. I use a linksys router. do you think it's a problem?
<Kamping_Kaiser> if it can forward ports, you should be ok
<sommer> yeppers
<ghostnob_> ok.. it's the one with the speedbooster... lol
<ghostnob_> I will do everything and create users' access to the port...
<ghostnob_> I'll start tonight though if you guys are still online, I will surely exercise your ideas and tutorials...
<sommer> I'll probably be around for a while
<ghostnob_> ok..
<Kamping_Kaiser> 'tonight' is a very relative concept...
<sommer> heh, crazy globalization
<Kamping_Kaiser> hehe
<ghostnob_> have you ever noticed that it's difficult to remote desktop to a windows machine.. lol
<ghostnob_> I hate windows...
<ghostnob_> hehe
<sommer> not really, have you seen the rdesktop package?
<sommer> but I agree with the windows comment :-)
<ghostnob_> not really... let me check...
 * Kamping_Kaiser hasnt tried remote desktop on anything (unless xdmcp counts)
<sommer> heh, rdesktop is a RDP client for linux... good stuff
<ghostnob_> I don't think I have rdesktop
<sommer> sudo apt-get install rdesktop, should get you there
<ghostnob_> ok... one momnet
<sommer> that's the cli, there are gnome and kde integrated apps as well
<ghostnob_> I use gnome, I can't find it anywhere... I know I already installed it...
<sommer> do you have gnome-rdp?
<Kamping_Kaiser> also tsclient does it iiirc
<sommer> tsclient is the one I've used
<sommer> ya
<Kamping_Kaiser> wonder how easy it would be to create a copy of the server used at a place i volunteer at. it would be a good test upgrade system
<ghostnob_> i don't think I do... let apt-get it
<ghostnob_> I'm installing it now..
<ghostnob_> so what does VNC do...?
<sommer> basically the same thing as windows terminal server
<sommer> it allows access to a gui through a network protocol
<Kamping_Kaiser> as oposed to vpn, which i keep confusing it with ;)
<sommer> heh, ya not quite the same thing... but can be similar
<ghostnob_> cool.. I thought as much..
<ghostnob_> is it compulsory for me to provide a domain, because I'm just trying to connect to my laptop...
<sommer> you shoud be able to supply that once you connect, if necessary
<ghostnob_> I can't connect, it's showing some procedures of connecting
<sommer> are you on the local LAN?
<ghostnob_> yeah...
<ghostnob_> but my laptop is not... my laptop is wireless but on my network...
<sommer> and it's a win desktop?  if so have you enabled remote administration?
<ghostnob_> yeah...
<sommer> ya, that's a different port, which I wouldn't advise opening
<sommer> you can tunnel the RDP port through SSH though
<ghostnob_> ok...
<dthacker> rdesktop is wonderful if you have to windows..
<ghostnob_> cool...
<sommer> ya, best over VPN or on a LAN though
<ghostnob_> so, do I have to open port for my laptop? I can connect to my other windows computers anyway
<sommer> at leat that's the only times I've used or enabled it :-)
<sommer> a VPN is probably the best, most secure way to go
<ghostnob_> ok...
<sommer> I'd check your linksys for a vpn option
<sommer> then it's all encrypted and all good
<ghostnob_> ok....
<ghostnob_> I want to get disconnected for a second, I'll be back.. ok
<sommer> sure
<ghostnob__> hi
<ghostnob__> I'm back
<sommer> cool
<[mbm]> anyone running xen servers with hardy?
<dthacker> not me
<dthacker> I'm a big chicken
<[mbm]> noticing that it doesn't quite work
<ghostnob__> not me either
<[mbm]> hmm, was hoping someone would know how to fix it
<ghostnob__> I don't run XEN server.. you sound like a lazy chicken with a weak egg... do things by writing codes and package things not using a third party thing... lol
<ghostnob__> well, let's know..
<[mbm]> huh?
<ghostnob__> what's the problem, maybe I can help
<[mbm]> didn't even understand your last comment
<[mbm]> hoping that wasn't intended as some sort of insult
<ghostnob__> nope... just some technical humor.. lol
<ghostnob__> I'm still learning too.. but I learn through solving problems...
<[mbm]> I'm not asking someone to hold my hand; specifically I'm asking why the xen networking stack is broken on the domUs
<[mbm]> the tx path (domU -> dom0) works, but the rx path doesn't
<[mbm]> seems to be a glitch in the xennet code somewhere
<ghostnob__> uhmmm
<ghostnob__> let me see...
<ghostnob__> what is your result when you <ipconfig>
<ghostnob__> sorry, <ifconfig>
<[mbm]> let's get past the basics - hardy doesn't configure the initramfs for xenblk or xennet which have moved to modules in the hardy release (previously they were compiled into the kernel), so the first step is to fix the ramdisk to load the xen modules; that gets you the virtual networking interfaces
<[mbm]> the interfaces appear normal apart from the fact the data you send out through the interface essentially gets routed to /dev/null
<[mbm]> I've run tcpdump on both ends of the virtual interface and watched the packets go mising
<ghostnob__> try disabling your firewall, create a domU with a MAC, that could also cause a huge problem...
<[mbm]> there is no firewall
<[mbm]> the mac is hardcoded
<[mbm]> hardy's xennet is broken
<[mbm]> thre's already a bug filed against it
<ghostnob__> ok
<ghostnob__> one second
<ghostnob__> sorry talking to my girlfriend online... ok.. sometimes a manual configuration can help...
<ghostnob__> I remembered I have this links in my bookmarks maybe they will help...
<ghostnob__> http://lkml.org/lkml/2007/10/13/227
<ghostnob__> http://www.ussg.iu.edu/hypermail/linux/kernel/0710.1/2002.html
<[mbm]> not really related
<[mbm]> fwiw - https://bugs.launchpad.net/ubuntu/+source/xen-3.2/+bug/204010
<ubotu> Launchpad bug 204010 in xen-3.2 "networking not working" [Undecided,New]
<ghostnob__> http://kerneltrap.org/mailarchive/linux-kernel/2007/10/13/337161
<ghostnob__> well, the little i know of XEN are thos things... I wish I could help more....
<nxvl> ScottLij: is there any reason why zimbra isn't included in ubuntu yet, or is a matter of noone packaging it?
<nxvl> ScottK: is there any reason why zimbra isn't included in ubuntu yet, or is a matter of noone packaging it?
<nxvl> ScottLij: sorry :$
<ScottK> nxvl: Dunno.  I thought it had proprietary bits, but I've never really looked into it.
<mitesh> how can one futher stripp off ubuntu server
<fromport> mitesh: what are you trying to achieve ? why would you want to strup it further ? do you have space problems ?
<J-_> I'm currently looking into setting up an HP officejet 6200 printer on my 6.06 LAMP server. What do I need to install to get it working proper, there's no GUI on the server, and I want to be able to configure the server through the webpage-like interface.
<Kamping_Kaiser> J-_, cups UI doesnt help?
<fromport> is it connected via USB or ethernet ?
<J-_> USB
<fromport> install cupsys
<fromport> and install webmin: http://www.dth.net/new_machine/webmin
<Kamping_Kaiser> no, dont install webmin
<Kamping_Kaiser> ffs. why do people insist on recomending it
<J-_> hmm, okay I won't
<Kamping_Kaiser> cups and hp's driver both come with a web UI
<J-_> Should I install cupsys>
<fromport> kamping: please tell us why not to install it
<J-_> ?
<Kamping_Kaiser> !webmin
<ubotu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<Kamping_Kaiser> J-_, yes you should
<fromport> kamping: if you want to install ebox it will install apache2 and the lot:  69 newly installed packages
<fromport> that's MADNASS
<fromport> madness
<Kamping_Kaiser> i think both are crazy. tbh.
<fromport> i dont want to install a postgress database just to configure my machine with the aid of UI
<J-_> Kamping_Kaiser: Will <server internal ip>:631 work after installing CUPS?
<fromport> J: https://help.ubuntu.com/community/HOWTO-enable-cups-browsing
<fromport> google is your friend ;-)
<J-_> =\ I've looked into this a bit, plus, some #u-o discussion, and it seems too hard to follow... Plus that tutorial leaves CUPS unprotected.
<fromport> mayby seek help @ #u-cups (if it exists?)
<J-_> Nope, doesn't.
 * J-_ tries the tutorial. =(
<J-_> Ah, great. Adminstrative commands are disabled, and I have no GUI to make a user. =\
<mitesh> fromport: can i optimize it even futher as best for my need.. suppose i want to run a http server only, thn what will be the best configuration for it.. rempving the unwanted thing ..
<Kamping_Kaiser> you could use something like debfoster to remove unused packages, but you'll find the system extreemaly unflexible
<Kamping_Kaiser> *inflexable
<mitesh> can i do some thing like travel the dependencies og a http server and keep only it and stipp off the rest?
<Kamping_Kaiser> you could write yourself a bash script to do it. or look at debfoster ...
<mitesh> ok is there anything close to http://www.gentoo.org/proj/en/base/embedded/gnap-userguide.xml this in ubuntu see the goal part..
<J-_> hmmm, I used the tutorial, added group, and the user to the group, set the group in cupsd.conf and still doesn't work...
<J-_> maybe I should to make a shadow user? i think it is
<Kamping_Kaiser> mitesh, is that question related to what you just asked, or is it a second question?
<mitesh> you can relate it suppose you have a space constraint
<mitesh> and want to set up a server for less than 13 mb
<Kamping_Kaiser> *laugh*
<mitesh> ?
<Kamping_Kaiser> setup a server in < 13 mb.
<fromport> mitesh: you clearly dont know what you're talking about.
<Kamping_Kaiser> afk dinner
<Kamping_Kaiser> back in 60
<mitesh> embedded systems
<fromport> you are talking on #ubuntu-server
<fromport> things that have multiple cpu's terabytes of storage and connected with 10GE
<fromport> https://wiki.ubuntu.com/EmbeddedUbuntu
<fromport> ubuntu != gentoo. if you want/are used to do it the gentoo way: use gentoo
<fromport> :-)
<fromport> a fairly minimum ubunserver install is around 400 megabyte
<fromport> it has around 250 packages installed which you can see with " dpkg -l "
<fromport> if you're brave enough and know what you are doing you could purge a few of those.
<fromport> if you use aptitude you can search/look for packages and it dependancies
<fromport> good luck!
<J-_> !info hotplug
<ubotu> Package hotplug does not exist in gutsy
<J-_> !info hotplug=utils
<ubotu> Package hotplugutils does not exist in gutsy
<J-_> argh
<st_iron> hi
<XiXaQ> when I install a web application, it's available in http://localhost/appname. Where is that configured?
<XiXaQ> I mean, the webapp configuration. I'd like to have them in /home instead, because the root partition is very small.
<XiXaQ> well, for other reasons too.
<J-_> Does GoDaddy serve Canada as well?
<mralphabet> yes
<J-_> Cool
<J-_> I just noticed no mention of Canadian Currency. =)
<mralphabet> hmm . . .perhaps i should say "I believe so"
<J-_> What if I have a dynamic IP? My router has a Domain name setting I can use,,(wrt54gs)
<J-_> err
<J-_> probably a stupid question, but, I don't know
<J-_> When I buy a domain name, do I have to contact my ISP and configure it with my DNS?
<J-_> there we go
<J-_> backwards, but I didn't get any answers in #u-o
<Kamping_Kaiser> depends on your arangement with your isp
<Kamping_Kaiser> do you have a static IP?
<J-_> No, Dynamic
<Kamping_Kaiser> you need one to have a domain
<J-_> serious? =\
<Kamping_Kaiser> yes.
<mralphabet> well, "to have a domain hosted at your house"
<mralphabet> you could just use something like dyndns.org
<Kamping_Kaiser> true
<J-_> Wouldn't my router take care of that though since there's an option to type in a Domain in?
<mralphabet> which is what that field in your router is made for
<Kamping_Kaiser> unles it referes to your network domain, not internet domain
<J-_> There's a Host Name, and Domain Name
<Kamping_Kaiser> sounds internal to me, but we'd need more info
<mralphabet> nod, that sounds like the internal side
<mralphabet> there should be something somewhere else that refers to dyndns or a similar service
<Kirok> hmm I need a new network naming scheme... any suggestions
<mralphabet> I use superman villians
<Kirok> Good idea, I'd go gods or mythology but they seem overused
<mralphabet> at work we use mountain ranges, dog breeds, LOTR characters
<Kirok> Its a home network so its not a big deal, I was using 300 characters but ran out of names
<mralphabet> every time I reboot a server and I have to comment it, I put in "<server name> has been bad and Superman taught him a lesson!"
<mralphabet> ok, not really, but I thought it was funny
<Kirok> heh yeah, you can have epic battles if theres an outage
<mralphabet> heh, exactly
<peterdv> Planets are also a frequent topic used. Personally I find the Periodic Table funny. One of our servers ra (IP .88) appears to be more stable than the element itself ....
<Kirok> Yeah there all good I've considered some of them I just wanted to see what everyone else was using
<davebv> hi! I am fighting with ubuntu hardy and ebox
<mralphabet> make love, not war
<davebv> may somebody please give me a hand?
<davebv> hehe, I am fighting softly
<davebv> I have a problem, I installed ebox in a virtual machine
<davebv> with virtualbox, and ubuntu JEOS (and then, installed ubuntu-desktop)...
<davebv> and when I try to enable the "users and groups" module, it gives me an error: http://paste.ubuntu-nl.org/60560/
<davebv> nobody?
<Kirok> Sorry no idea, pretty cryptic message with just trace information
<Kirok> its worked in the past I take it
<davebv> I think it worked in other installation (not in a virtual machine)
<davebv> could it be something like the -virtual kernel is doing something strange?
<Kirok> I mean it could be, theres some interaction with Apache so it might be work checking that or looking up the line numbers and see what there doing
<davebv> it seems to complex  for my knowledge hehe
<davebv> I'll give a try with another kernel and see what happens, if it works, I'll fill a bug, if it does not... I don't know then hehe
<Kirok> Sorry I couldn't be of more help, maybe someone else will see and reply
<davebv> no problem, thank you anyway
<davebv> it works with generic kernel
<ivoks> what's the problem?
<davebv> I tried to enable the "users and groups" module in ebox, in a virtual machine with ubuntu JEOS installed and the linux-virtual kernel running
<faulkes-> I prefer to name my servers after alcohol or drinking related topics
<davebv> and it failed with this error http://paste.ubuntu-nl.org/60560/
<ivoks> ah, ebox...
<davebv> but this module enables ok with generic kernel
<ivoks> i don't see how this could be related to kernel
<faulkes-> have to agree, I can't see how it would be a kernel issue, just based on the stacktrace
<davebv> me neither
<davebv> but the point is that the error does not occur with the generic kernel, and it happens with the virtual kernel
<faulkes-> what version of ubuntu?
<faulkes-> interesting
<davebv> hardy JEOS
<faulkes-> zul (Chuck Short) has been doing the ebox work for hardy
<faulkes-> so you might wish to see if you can poke at him
<faulkes-> only thing I can think of is maybe it's a apparmor or selinux issue but that is just a wild guess
<davebv> no idea hehe
<davebv> maybe some apache module not build quite right for virtual kernel?
<ivoks> i will stop using linux if apache compiles with some kernel library :)
<ivoks> or apache
<davebv> hahaha
<davebv> I didn't mean that
<davebv> xD
<ivoks> faulkes-: apparmor makes sense
<faulkes-> ivoks: neither are more forte so, I just figured they might be culprits
<themime> i just ran apt-get install vim-full, it looks like its installing some gnome stuff....is it doing a full gnome install?
<Nafallo> dependencies and dependencies of dependencis etc...
<themime> does that include a full gnome install >.<
<Nafallo> you tell me. why would you need the vim-full metapackage to start with?
<themime> http://www.howtoforge.com/perfect_server_ubuntu7.10_p3
<themime> cause it says so
<Nafallo> ehrm
 * Nafallo goes to make a webpage that tell people to kill their families :-P
<sommer> lol, only if it's in a nice way
<themime> haha, i assumed this site knew what he was talking about
<themime> how do i undo the install?
<slide> Can anyone point me to guides or something to help me secure my server? I've been recently and just reinstalled and want to make sure it doesnt happen again
<Seamus> Hello, anyone tried doing an LTS upgrade yet?
<Seamus> I'm running a 6.06 server with vmware, samba, apache2, and sendmail.
<Seamus> I was wondering if there are any upgrade issues.
<fromport> i've heard a lot of problems with an upgrade. I did it with my laptop, i ended up doing a fresh install
<|Nemesis|2|> noooobs
<|Nemesis|2|> Laughing Out Loud
<kadakas> hi, has anyone run uTorrent on Ubuntu Server ?
<slide> Can anyone point me to guides or something to help me secure my server? I've been recently and just reinstalled and want to make sure it doesnt happen again
<lamont> kadakas: rtorrent is more common, I think
<lamont> slide: there are a number of books and howtos available...
<lamont> generally, you want to start with an ubuntu-server install, and then only install services that you actually need, etc.
<lamont> and each of those has different considerations to take into account in securing it.
<lamont> and many would add "never install php"
 * lamont wanders off again
<Nafallo> lamont: :-)
<lamont> Nafallo: well, it does seem to be the most popular vector for hacking most linux boxen
<Nafallo> lamont: I work with managed hosting dude... ;-)
<Nafallo> so I can confirm :-)
<lamont> of course, the first question to answer before we can help slide out much, other than generally, is "how did they compromise your box?"
<lamont> which, I rather expect, is gone without any forensic trail, with the reinstall
<eliaskate> buenas tardes, alguien sabe donde puedo buscar la manera de configurar shorewall para una pc con 2 placas de red
<eliaskate>  una recibe internet, y la idea es que la otra se encargue de filtrar inet actuando como un firewall para el resto de la red
<Nafallo> eliaskate: english channel, sorry.
<eliaskate> alright
<eliaskate> no problem
<eliaskate> i need to configure a sigle pc, who has 2 networks interfaces, one of them its pluged to the internet, the other one y conect to another pc
<eliaskate> and i'am trying to navigate from the other pc
<eliaskate> but it doesn't work
<eliaskate> any idea?
<Nafallo> forwarding turned on?
<Nafallo> snat in the NAT netfilter?
<eliaskate> let me check
<eliaskate> ip_forward enabled
<eliaskate> dnat configured in shorewall
<olie> Hi I have recently setup a ubuntu 7.10 server with apache2 ssl. The problem is that when apache starts it asks me for my pass phrase for ssl and at the same time i get a login prompt which just fucks both ssl pass phrase and the login up. Is there a way to get the server to wait for me to enter the pass phrase before continue with the booting sequense ?
<Kirok> olie: Take a look at http://www.debianadmin.com/install-and-configure-apache2-with-php5-and-ssl-support-in-debian-etch.html and http://www.ronanchilvers.com/notes/ssl.html it shouldn't do that
<Kirok> Oh crap, should have read your question. Maybe boot into single user mode and try to fix it
<olie> how could it fix it ? im not sure what is wrong, I have followed a simular guide as the second link you pasted
<Kirok> I mean it works fine for me, so I don't know the first guide is good up until the SSL point then I moved to the second
<Kirok> Did you sign the certificates?
<olie> i did a self signing thing, no CA signing
<Kirok> I mean passphrases are just used for private keys
<olie> hmm.. not sure what you mean, i followed this guide: https://help.ubuntu.com/7.10/server/C/httpd.html#https-configuration
<olie> I saw that some other guides uses apache2-ssl-certficate or something simular to generate a certificate but i couldn't find that script so i did it like that guide said instead
<Kirok> Yeah the guide you have wants you to enter the passphrase I didn't want that... all I can suggest is restart apache and enter the passphrase then
<olie> I have tried to login using another terminal, which works, but i can't restart apache i get a error saying someting about a file already in use or something
<Kirok> try sudo /etc/init.d/apache2 force-reload or have you tried that
<Kirok> or try to killall then restart
<olie> killing it and restarting it works, thanks... but it will be a hassle to do that every time i boot the server
<Kirok> I mean the passphrase can be removed with something like openssl rsa -in ca.key -out ca-new.key
<Kirok> Oh and then make the replaces in the apache virtualhost site config
<olie> ah ok, great thanks
<themime> what is this asking in laymans terms -> "Continue installing libc-client without Maildir support"
<themime> ok, i know what maildir is now, just read about it, but how do i know if i need it or not?
#ubuntu-server 2008-03-23
<googlah|1leepy> can't wait for hairy heron
<mralphabet> hairy?
<scapegoat> stupid question - where can you specify what daemons start on boot?  fresh install of 6.06 LTS there isn't an rc.conf
<scapegoat> and modules.
<Kamping_Kaiser> scapegoat, yes you can.
<Kamping_Kaiser> update-rc.d, and theres another tool (sysvconf?) which i forget the exact name of
<ctgPi> I've just installed X on my server, and I'm playing around with X tunneling via ssh
<ctgPi> gedit, gnome-terminal, run just as expected
<ctgPi> But if I try to invoke Firefox through the tunnel, the LOCAL firefox opens instead
<Kamping_Kaiser> ctgPi, which probably makes it an #ubuntu question
<scapegoat> thx Kamping, i'l take a peek.
<ctgPi> Kamping_Kaiser: OK, thanks
<Gnea> I am running exim 4.67-5build1 (heavy), using my ISP as a smarthost. I have my own domain and can send emails just fine, but receiving them is impossible - it provides error 550 relaying not permitted, even though I have set the domain and the local ip addresses (along with my internet ip) as being accepted in the configuration file... i'm looking at exim.org and the ubuntu forums and everything that's up there doesn't work after
<Gnea> and it's 7.10
<kgoetz> Gnea: checked your logs?
<mitesh__> hi mitesh
<Gnea> kgoetz: the 550 echos there as well
<Gnea> echoes? heh
<fromport> any particular reason my you use exim ? _i_ find postfix much easier to configure/maintain
<kgoetz> heh. _I_ find postfix absolutely horrible and unusable :)
<Gnea> oh i'm considering switching over to postfix.. been using exim for years, but this is just unexcusable :)
<fromport> there are many howto's on the web for both exim/postfix. google is your friend ;-)
<Gnea> been there, done that.
<Gnea> obviously, since i'm here asking now. :)
<fromport> gnea: lazy ? ;-)
<Gnea> fromport: do you enjoy getting your rocks off by attempting to insult people you don't know?
<fromport> so you feel insulted ? that's really _your_ problem
<fromport> i see a lot of people trying to help you.... that might also be a hint
<themime> i had ispconfig installed, realized i didn't really need it (i basically wanted to play around with it) and ran the uninstall; i wonder if it messed with it and didn't change it back. theres some vhost stuff left over from it, is there a process that i can go through to _actually_ uninstall it
<fromport> no , not really (afaik). probably have to check everything by hand.
<kraut> moin
<faulkes-> something like that, yes
<kgoetz> ello
<kgoetz> almost morning, but not quite :D
<faulkes-> oh, it's morning here, I just don't agree with the concept of "morning"
<faulkes-> it has all sorts of negative connotations
<kgoetz> Sun Mar 23 23:46:11 CST 2008
<faulkes-> like "waking up" and bars not being able to serve alcohol
<kgoetz> not morning yet!
<slide> What is getty? Im trying to remove any un needed programs on my server and i have this running "/sbin/getty 38400 tty1"
<olie> Hi, I have a small ubuntu 7.10 server with apache2 SSL, Trac and svn installed. I have two projects going on and some of the people in the first project is in the second project but not all and vice versa. Im using mod_auth as authentication right now and i have two password files, this is a bit of a hassle since if someone wants to change their password in the worst case i have to change the password in two files (not so hard with only two files but i
<olie> for instance allowing users from a specific group into one directory
<Wooksta> is there a way of installing & configuring vmware server on ubuntu server without having to install X?  Basically i want to run my ubuntu server (7.10) box as a vmware server and then have remote users connect to it using the vmware console
<aetaric> ok im probably sol on this...in typing something wrong, i just ran rm -r /etc
<aetaric> is there a way to recover /etc
<takedown> aetaric: nope, only reinstalling all packages with default configs
<takedown> aetaric: if you dont have backup ofcourse
<takedown> aetaric: make alias rm="rm -i" for future
<aetaric> ok i will do that right after i reinstall
<aetaric> got a recomended backup package?
<takedown> aetaric: i you have one system you can just tar /etc/ and burn it to cd or upload it to remote system
<takedown> s/i/if
<aetaric> i have a server that has an attached LUN with 1 TB of space
<takedown> aetaric: do you want backup all stuff?
<takedown> or only conf files?
<aetaric> i want everything backed up
<aetaric> if i can get it i would like it done like 2k3 does with volume shadow copy
<takedown> aetaric: then try bacula, its enterprise ready backup system with a lot of features
<aetaric> alright i'll give it a try. do you know when it first became avalible to ubuntu? im starting reinstallation with 6.06
<takedown> aetaric: It's in repository already
<aetaric> alright i'll add it to my build scripts
<[mbm]> anyone have any luck with xen+hardy yet?
<aetaric> mbm, if i am correct xen+hardy is still having networking issues
<aetaric> the guys in #ubuntu-xen can let you know more about the issue. im keeping my system back at gutsy till those problems are resolved
<J_5> how do i mount to the floppy drive?
<[mbm]> aetaric: yeah, that's what I keep running into
<MAXIMVS> Hello! Need some help migrating from Windows server to Ubuntu... Exchange issues. Please IM me.
<aetaric> MAXIMVS: did you get help?
<aetaric> j_5: the command is sudo mount /dev/fd0 /<mountpoint>
<J_5> i get /dev/fd0/ is not a vaild block device? does that mean its not installed?
<aetaric> run ls | grep fd
<aetaric> in dev
<J_5> fd and fd0 are listed
<aetaric> and running mount /dev/fd0 /mountpoint returns not a valid block device
<aetaric> is it a usb drive or a ide drive
<J_5> duh!! i mis typed something! it works
<J_5> thanks!
<aetaric> np
<J_5> is there a command to view what is on the floppy?
<aetaric> ls /mountpoint
<aetaric> or you can use dir mountpoint
<aetaric> or if you prefer, you can browse it in the GUI
<J_5> no GUI :( .
<aetaric> no GUI
<aetaric> its all good i use it rarely myself
<J_5> im told the way to start learning is by doing this in the commad line, is that true?
<aetaric> its the way you will learn it fastest. linux inherantly need the cli
<aetaric> linux came from unix and unix only has cli
<aetaric> well idk if they have gui now so don't hold me to that, but cli is almost always required for linux.
<aetaric> just remember there are 15 ways to do anything in the cli
<J_5> ha  i know! but that is what i like about it too. more ways to do things
<aetaric> if you know dos commands then you know som linux commands...minus the whole drive letter thing
<aetaric> you will pick up the simple things really fast...stuff like don't delete your /etc folder
<J_5> ha, yes. i did that when i first install ubuntu..that was no fun
<J_5> installed*
<aetaric> i have been on linux since before ubuntu...in redhat we didn't have sudo or fakeroot we were just root so the command rm -r /etc /dellomsa insted of rm -r /etc/dellomsa became a problem
<aetaric> and just 2 hours ago i removed etc on my server
#ubuntu-server 2009-03-16
<mister2> hello?
<mister2> is anybody here?
<mister2> kinda need some help
<mister2> hhheeeeeerrrrllllloooooooooooooooooooo?
<jhg> whats up?
<jhg> mister2: whats up?
<mister2> aha
<mister2> there is someone
<mister2> uh
<goofey> mister2: you will be much more successful is you just state the problem your having or ask the questoin you have rather than aksing if someone is around
<mister2> i was wondering how to see packaging dependencies via commandline
<mister2> i realised that
<goofey> mister2: apt-cache search package_name
<mister2> i also realised i could have just used the command to see al users
<mister2> sweet
<mister2> thanks
<goofey> mister2: oops, apt-cache showpkg package_name
<goofey> MianoSM: np
<goofey> dang, he left
<steelcityjim> ok my server I believe has suddenly stopped working can any give me some direction on how to troubleshoot
<goofey> steelcityjim: what makes you think it has stopped working?  I only ask because you say you believe is has - maybe not sure?
<steelcityjim> well my website is not coming up
<steelcityjim> so im assuming the server ain't working
<goofey> so you have physical access to the server?
<goofey> er, do?
<steelcityjim> yes
<steelcityjim> well what do you mean by physical
<goofey> is the computer running?
<steelcityjim> yes
<goofey> ok, can you ping it?
<goofey> this tells us if the OS is frozen or just the webserver
<goofey> or maybe network or?
<goofey> lots of reasons why a wesbite won't load
<steelcityjim> well I can acess the desktop on the server
<goofey> er, website
<goofey> ok, the OS is running
<steelcityjim> yes
<steelcityjim> ubuntu
<goofey> let's see if the webserver is still running - try ps -ef | grep apache
<steelcityjim> hang on
<goofey> k
<genii> In a .pinerc file, trying to make a line like : inbox-path={mail.mydomain.tld/notls/novalidate-cert/user=$USER}INBOX       however, "$USER" gets translated to a colon for some reason. Is it pine/alpine internal parser of it's config file doing this or am I missing something?
<goofey> steelcityjim: if it is still running, you might look in /var/log/apache2/error.log for errors
<steelcityjim> I cant get this fing hub to switch
<genii> (I am wanting to make a generalised solution so that there won't have to be a separate inbox-path={mail.mydomain.tld/notls/novalidate-cert/user=fullusername}INBOX     kind of deal for each user
<steelcityjim> I have a kvm switch and I can't get it to switch over to the server now
<goofey> steelcityjim: can you ssh into the server?
<steelcityjim> let me try
<steelcityjim> no wont connect
<goofey> steelcityjim: you either have a network issue or the OS is locking up
<goofey> steelcityjim: the KVM problems seems to point to the OS locking up
<goofey> steelcityjim: does the server respond to ping?
<steelcityjim> how do I do that
<goofey> ping "ip address of server"
<goofey> ie: ping 192.168.1.100
<steelcityjim> ok I am able to access the file share through the network
<goofey> steelcityjim: you have contradictory information - you can access share files, but are unable to ssh or view web pages
<steelcityjim> yes
<steelcityjim> ssh will not connect
<goofey> steelcityjim: and your kvm won't switch to that computer
<goofey> steelcityjim: but you've ssh'ed to that box before, right?
<steelcityjim> well the kvm is a keybaord issue
<steelcityjim> yes I have ssh the server
<goofey> steelcityjim: best thing (i think) would be plug a keyboard/monitor directly into the server to find out what's going on - my guess is maybe you ran out of disk space or ?????
<goofey> or fix the jeyboard so you can use the kvm
<goofey> otherwise it's hard to diagnose without ssh access
<steelcityjim> ok got on the sever
<steelcityjim> now what?
<goofey> let's see if apache and ssh are running
<goofey> ps -ef | grep apache and ps -ef | grep ssh
<goofey> also check df -h to make sure none of your disks are full
<steelcityjim> ok did ps -ef
<steelcityjim> bunch of stuff listed
<giovani3> he wanted you to run " ps -ef | grep apache"
<giovani3> so you could filter out all of the "stuff" that wasn't apache
<goofey> that's what the "| grep apache" is for, it pulls out lines that have the word apache in them
<goofey> giovani3: thanks
<steelcityjim> what is that line?
<goofey> ps -ef | grep apache
<steelcityjim> I don't see the vertical line on my keyboard
<giovani3> just copy-paste
<goofey> shift \
<giovani3> but, the vertical line is called a pipe, and is usually shift- and then the key above your enter/return key
<goofey> on most keyboards
<steelcityjim> ok got it
<steelcityjim> 6 or 7 lines came up
<goofey> ok, your webserver is running
<steelcityjim> www-data
<goofey> let's try:
<goofey> ps -ef | grep ssh
<steelcityjim> one line came up
<goofey> strange
<goofey> your network appears to be working because you can access files on the server
<steelcityjim> jim 19384 19314 0 20:22 pts/0 00:00:00 grep ssh
<giovani3> heh
<giovani3> no, ssh isn't running :)
<steelcityjim> actually wait 3 lines came up
<steelcityjim> root
<giovani3> ok ... paste them
<goofey> giovani3: ahh, right - thanks!
<goofey> ubottu: !paste | steelcityjim
<ubottu> steelcityjim: pastebin is a service to post multiple-lined texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu.com (make sure you give us the URL for your paste - see also the channel topic)
<steelcityjim> http:..paste.ubuntu.com/131786
<giovani3> heh
<giovani3> ok, ssh is running
<steelcityjim> im also using no-ip.org as my domain provider
<giovani3> run ipconfig on the server
<giovani3> and paste the output in ubuntu's pastebin again
<steelcityjim> do I do that from terminal?
<steelcityjim> ipconfig?
<giovani3> yes
<giovani3> sorry, ifconfig
<giovani3> wrong OS :)
<steelcityjim> 131787
<giovani3> uh ... this is NATed?
<giovani3> that's an internal IP
<giovani3> I'm betting you didn't forward your SSH port (properly) -- port 22
<steelcityjim> well I had a router issue last week
<steelcityjim> I just checked the 22 and 80 ports and they had the wrong ip address
<steelcityjim> I cahnged them but it still does not appear to be working
<steelcityjim> ok im able to access the html pages from the server via ubuntu desktop
<steelcityjim> im running this through no-ip.org since I don't have a dns address
<steelcityjim> i wonder if my isp is blocking this
<steelcityjim> port 80 is the incoming internet traffic correct
<goofey> steelcityjim: most isp's do block that port
<timburke> steelcityjim is everything correctly forwarded?
<steelcityjim> yes it was working
<timburke> hmm... who is your ISP
<steelcityjim> dls.net
<steelcityjim> they offer webhosting so Im wondering if they don't allow it from a residential account
<timburke> Residential DLS wireless subscribers may not use their wireless connections to run programs or servers that provide network content or connectivity to any 3rd party not at the location where the connection is installed. Examples of prohibited programs include, but are not limited to, mail, FTP, HTTP, game, newsgroup, proxy, and IRC servers. DLS reminds its customers that illegally distributing copyrighted material over any medium is against U.S
<steelcityjim> dude
<steelcityjim> so I can't remote access my own files?
<timburke> nope
<steelcityjim> wtf
<timburke> you might want to get AT&T's DSL service.. I believe they serve your area.. they allow servers
<steelcityjim> yea i know a few that have that service
<steelcityjim> its a pita
<timburke> I personally have Comcast Business.. and run servers off of it - works great
<steelcityjim> dude I feel censored
<timburke> steelcityjim: well, you're using your ISP's network.. they can do what they want with the network
<steelcityjim> but I have not files on the webpage
<steelcityjim> no
<steelcityjim> its just a lame webpage
<timburke> steelcityjim then why not get a cheap webhosting account... http://nearlyfreespeech.net for example
<steelcityjim> well i was trying to learn how to do it myself
<steelcityjim> since I have the extra equipment laying around
<timburke> you could colo it
<timburke> there are several good colo providers here in the chicago area
<steelcityjim> what does colo mean?
<timburke> colocation
<timburke> you ship the server off to a provider that will host it
<steelcityjim> oh im sure they would love my 10 year old compaq pentium 3 showing up
<timburke> haha
<steelcityjim> they would probably ship it right back
<steelcityjim> so that explains why my site won't come up they somehow have it blocked
<timburke> either that or you incorrectly configured your router
<steelcityjim> I did have try downloading a few files rmotely
<steelcityjim> they must have seen it on thier end and snipped it
<timburke> regardless, this isn't the place to discuss it.. this is only a room to talk about and get support about ubuntu server
<timburke> try #2,000
<steelcityjim> understood timburke
<steelcityjim> thanks for the assistance
<timburke> no problem
<Mal3ko> doesnt PAE allow 32 bit server to see 4gb ram?
<genii> Mal3ko: Yes, far more than 4Gb. But individual processes are still limited to 32bit memory usage
<Mal3ko> i exec free -m and i only see 3282
<Mal3ko> why i dont see 4096?
<genii> Mal3ko: Does:  lshw -C cpu              show in the line of: Capabilities         pae        ?
<Mal3ko> yes
<Mal3ko> capabilities: fpu fpu_exception wp vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe nx x86-64 constant_tsc arch_perfmon pebs bts pni monitor ds_cpl est tm2 ssse3 cx16 xtpr lahf_lm
<Mal3ko> ubuntu 8.10 server
<genii> Probably "free" itself is 32bit
<Mal3ko> including 'top'?
<genii> Mal3ko: Research indicates kernel needs recompiling with options CONFIG_HIGHMEM64G=y, CONFIG_HIGHMEM4G=y even if PAE is enabled
<Mal3ko> why they dont enabled that by default? are there side issues with those options?
<genii> I don't have the answers to those questions
<roy_hobbs> Anyone familiar with the sasl-sample-{client,server} utilities?
<xun911> hello, I'm running ubuntu server on a Dell XPS laptop, does anyone know how to turn the backlight off on it?
<twb> xun911: is there anything being displayed on the screen?
<xun911> at the moment it's a blank screen
<twb> Hmm.
<twb> If X is running, try "xset dpms force off"
<xun911> twb, ya, tried that, did not work.
<twb> Sorry, I don't know what else to try.
<xun911> it says "unable to open dislpay ""
<twb> That would be bcause X isn't running.
<xun911> yes, because I'm running it as server. this kinda bothers me....
<twb> You could just leave the lid shut
<xun911> twb, ya, but the backlight would still be on
<twb> xun911: then it's broken
<xun911> twb, haa... yes it is. the graphic card is displaying crap, that's why i'm using it as a server :) but i doubt if that's the issue
<xun911> twb, i'm just reroute the display to "external" at boot, then unhook the cable when it's fully started, seems to be working for now, yeah!
<Kamping_Kaiser> open it up and unplug the lcd
<twb> Good idea
<twb> I still need to learn to use emacspeak so I can be super hard-core and write programs without looking
<xun911> Kamping_Kaiser, ya, i did that few days ago atempting to fix the graphic card, dont' want to go through that again. also just in case something goes wrong & I can't ssh into it, a semi-working LCD is still useful
<Kamping_Kaiser> twb, ...
<twb> http://en.wikipedia.org/wiki/Emacspeak or http://emacspeak.sourceforge.net/
<Kamping_Kaiser> aaah.
<twb> Kamping_Kaiser: so you're sitting there with your external keyboard and your headphones and a zaurus in your shirt front, happily reading email and writing scripts
<PecisDarbs> hi people, is there any good webmin alternatives out there - propably more secure and better looking?
<PecisDarbs> I know ebox, but it is not quite what I need
<_ruben> PecisDarbs: then what do you need?
<PecisDarbs> _ruben: more like webmin, but better looking. Ebox feels like whole different distribution.
<_ruben> ebox is a web interface just like webmin is
<_ruben> with the big difference that ebox is supported on ubuntu, and webmin isnt
<PecisDarbs> ok, maybe I have just to try it
<iverson0881> Hello was having trouble with tab completion on my user. I always get sudo update_reub-sh: <( compgen -d -- 'update_reub' ): No such file or directory for any command i try tab completing. any ideas?
<echosystm> hi guys
<echosystm> i need to setup a ubuntu server in vmware, but 8.04.2 isn't supported and 8.04.1 is "experimental"
<echosystm> if i installed 8.04 and then did an apt-get upgrade, would this be the same as installing 8.04.2 ?
<iverson0881> echosystm: I've installed 8.0.4.2 on a production environment and works great.
<iverson0881> echosystm: under VMWare Server
<echosystm> ESX?
<iverson0881> echosystm: No haven't had the a chance to move to ESX yet
<echosystm> ok
<echosystm> did you install the vmware tools?
<iverson0881> echosystm: No
<echosystm> ok, well that's what doesnt work :P
<iverson0881> echosystm: When I did install it, sometimes it would cause weird networking issues :-p
<echosystm> doesnt it perform badly without vmware tools?
<soren> echosystm: Where does it say that 8.04.1 is experimental?
<iverson0881> soren: word
<echosystm> Ubuntu 8.04.1 LTS â experimental support on Workstation 6.5, 6.5.1
<soren> iverson0881: "word"? What?
<echosystm> im using workstation
<soren> echosystm: *Where*?
<iverson0881> soren: haha sorry, word as in "I agree"
<soren> iverson0881: With a question?
<echosystm> http://pubs.vmware.com/guestnotes/wwhelp/wwhimpl/common/html/wwhelp.htm?context=guestnotes&file=guestos_ubuntu804_2.html#4905554
<echosystm> i tried to install 8.04.2 before i read this
<iverson0881> soren: I was just thinking the same thinking so I was agreeing with your valid question
<echosystm> got a tonne of errors
<echosystm> it doesnt recognise the kernel, so it tries to build all the packages itself
<echosystm> needless to say, it doesn't go down too well
<soren> "build all the packages"?
<soren> What does that mean?
<soren> echosystm: Oh, the vmware installer thing?
<echosystm> vmware tools yes
<echosystm> brb 5 mins
<kraut> moin
<wo0f> whats the best method the setup kiosk mode with gnome?
<kaushal> hi
<kaushal> I am running tomcat 5.5.27 on Ubuntu Server 8.04, sun-jdk-5
<kaushal> i am getting An unexpected error has been detected by HotSpot Virtual Machine:
<kaushal> http://rafb.net/p/ejaJv811.html
<ttx> kaushal: that's a bug in Sun's JDK, I would say
<ttx> nothing we do in Java should be able to crash it.
<kaushal> ttx, ok
<kaushal> can you please confirm via Bug No of Sun JDK if there are any ?
<erichammond> zul, soren: I'm probably going to miss the server meeting this morning since it's in the middle of my sleep cycle at 9am, but wanted to register my vote *against* making screen the default on login to EC2 instance.
<soren> erichammond: I'll pass it on.
<erichammond> My primary reason is that the EC2 Ubuntu server should be as close as possible to standard Ubuntu server except where absolutely required because of EC2 environment, but also because screen is not easy for the uninitiated to grasp and I believe in the principle of least surprise.
<erichammond> Thanks.
<soren> erichammond: I agree completely. I'm against it as well.
<erichammond> That said, I always use screen personally and wouldn't mind if it were installed by default :)
<soren> For much the same reasons.
<erichammond> especially if it could be installed by default on the standard server.
<soren> In its current form, screen is simply too invasive. Even moreso with the screen profiles on top.
<zul> im against it as well for what its worth
<o891_> hi
<jwstolk> hi. I'm running ubuntu-server-64 8.10, kernel 2.6.27-7, which fails to re-build a raid-10 array (known bug: http://bugzilla.kernel.org/show_bug.cgi?id=11967 )
<uvirtbot> bugzilla.kernel.org bug 11967 in MD "md raid10 fails to resync when disks added" [Blocking,Resolved: code_fix]
<jwstolk> is there an easy way to switch to kernel 2.6.28 ?
<jwstolk> or going back to 2.6.26 ?
<jwstolk> "apt-get install linux-image-2.6.28-4" should work, but how do I find out if 2.6.28-4 is the latest available kernel for ubuntu-server?
<Deeps> apt-get install linux-image-server
<Deeps> metapackage that will always point to the latest 'stable' kernel release
<jwstolk> Deeps: thanks. (I need a 28 kernel (stable or not...) to be able to re-build my raid volume)
<jwstolk> hmm. I got 2.6.27-11  :(
<jwstolk> and that can't rebuild a raid-10
<Deeps> umm, linux-image-2.6.28-4 is only in jaunty, which is still in pre-release condition
<Deeps> you can always build your own kernel
<jwstolk> (see bug above) I could go back to 2.6.26 ?
<Deeps> apt-cache search linux-image | grep ^linux-image
<Deeps> will show you all the kernel images
<jwstolk> only 2.6.27
<Deeps> having followed your bug link
<Deeps> it links to https://bugs.launchpad.net/ubuntu/+source/linux/+bug/285156
<uvirtbot> Launchpad bug 285156 in linux "mdadm RAID10 arrays cannot be rebuilt, will not use available spare drives" [Undecided,Fix committed]
<Deeps> which features: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/285156/comments/10
<Deeps> and then: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/285156/comments/11
<Deeps> read the comments in the launchpad bug, has a solution of sorts
<Deeps> (for intrepid, with a patched .27 kernel)
<jwstolk> fixed in 2.6.27-9? interesting. didn't seem to work with 2.6.27-11 here...
<Deeps> you said you're using 2.6.27-7
<jwstolk> ah! should re-boot of coerce.
<jwstolk> I did install 2.6.27-11 when you said so.
<jwstolk> rebuilding raid started automatically (like it should) thanks!
<jwstolk> (after re-boot)
<Deeps> cool
<jwstolk> 1.9% this is going to take a while. I'm running raid-10.f2 using just 2  WesternDigital Green 1TB drives. (on our company file server) the single-file read-speed is really neat.
<o891_> trying to setup postfix smtp auth
<o891_> it keeps giving the SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory error, i cant even find the file anywhere, someone know a solution to this?
<ScottK> o891_: Did you follow the Ubuntu server guide documentation on setting up SASL?
<o891_> ScottK: sort of, that didnt work for me so I tried a few different things
<o891_> ScottK: is the file part of the dovecot--common package?
<o891_> *dovecot-common
<ScottK> OK.  My first suggestion is to go back to how the Ubuntu docs tell you to set it up.
<Deeps> um, raid10 using 2 disks? why bother?
<ScottK> We chroot postfix by default and I suspect that's where your problem is.
<o891_> ScottK; ok, well I thing I will trash everything and then start again...
<o891_> ScottK: thanks anyway
<o891_> ScottK: by the way: I am so impressed with the ubuntu community (u are all very helpful)
<o891_> Thanks!
<ScottK> o891_: If you follow the docs as exactly as you can and still have problems, that will maximize the chances someone here can help you.
<o891_> ScottK: yeah true, well I think a clean start is what I should do anyway, the problem is that the documentation doesnt explain how to do virtual mailboxes so I used this: https://help.ubuntu.com/community/PostfixVirtualMailBoxClamSmtpHowto    but it doesnt cover SASL
<o891_> ScottK: anyway its all gotten a bit messy now, so I should do it again anyway: would you recommend using MySQL for non-unix accounts or would you go with files?
<ScottK> o891_: You want to start small and work up.  So start with the server guide on sasl and then add stuff.
<ScottK> o891_: Generally I'm not a big fan of making the reliability of my mail system depend on mysql.  Unless you have a large system with lots of users, it's probably more pain than it's worth.
<o891_> ScottK, ok well I will do what the doc says till I get it working for one user and then I will try to set up using that virtualMailBoxes Documentation
<o891_> ScottK: well its not for many users so I will go with files, anyway I think it is more secure too
<o891_> ScottK: thanks for the help :)
<jwstolk> Deeps: I wanted the (almost) double read speed for single (large) files. and a bit of redundancy saves a lot of work when replacing drives.
<ttx> zul: could you have a shot at a samba 3.3.2 merge ? I can't really do it right now and we need to get regression in bug 337037 handled asap...
<uvirtbot> Launchpad bug 337037 in samba "MS Office reports "Access Denied" when saving to samba share" [Unknown,Fix released] https://launchpad.net/bugs/337037
<zul> ttx: yep I can do it this afternoon
<ttx> zul: cool.
<ttx> coffeedude: hey. the new sources worked for me as well, we should be all set. Some more review on the packaging today and I'll upload it tomorrow.
<coffeedude> ttx: Wonderferful news !  Thanks :-)  I'll be online pretty constantly for the next few days so if anything comes up, let me know.  Thanks again for the help.
<ttx> coffeedude: np, I'll ping you :)
<scope006> i have a conversation topic if anyone is willing to discuss
<scope006> what tools do you guys/gals like to use for log consolidation and review
<scope006> i see that ubuntu ships with ebox, and there's always manually looking at logs
<scope006> anyone in the community here have any tools / methods that they are really sold on using?
<kpettit> Anybody have a good recommendation for backup software?  My servers are good, I need to figure out something for my desktops users. Most of my users are offsite with Windows or Mac laptops.
<kpettit> It's been awhile sense I've had to deal with desktop users so Im not sure what's the best solution out there that uses Linux for the server component that also has a good Windows desktop piece
<sommer> kpettit: backuppc is good for clients
<kpettit> ok.  is it pretty easy use
<sommer> kpettit: I think so... haven't really used it much, but it does backups at the share level, so you don't need to install additional software on the clients, which is nice
<sommer> kpettit: it has a web interface for configuration and management... there should be a page or two on help.ubuntu.com/community about it
<kpettit> oh cool.  thanks, I'll check it out
<sommer> np
<zul> ttx: samba uploaded
<ttx> yay, one rgression down
<bigbyrd> oks I am trying to use tomcat server and i need to edit tomcat-users.xml but it says i dont have permission....
<bigbyrd> I thought when i login into the server i have root access, how do i not have access to this
<bigbyrd> anyone home?
<Vog-work> Hello bigbyrd
<Vog-work> What are you using to edit the text file
<bigbyrd> i installed gnome so i could graphically find the files easier... just right clicking and using txt editer, says at the top of page gedit, then below has the no access warning
<Vog-work> Ok, so the problem is you need to be able to run those programs as root first.
<Vog-work> It would be simpler to go into the command line, and use "sudo nano and the pathe to the file
<Vog-work> for instance "sudo nano /var/www/domain/index.php" without the quotes
<bigbyrd> ok dokie, will try
<Vog-work> it will prompt you for the root password allowing you to edit the file.
<Vog-work> Also try and read up on sudo on the ubuntu forms it will explain a lot.
<goofey> but if still want to use the gui, try gtksudo texteditor_of_choice
<goofey> ubottu: !sudo | bigbyrd
<ubottu> bigbyrd: sudo is a command to run programs with superuser privileges ("root"). Look at https://help.ubuntu.com/community/RootSudo for more information. For graphical applications see !gksu (Gnome, XFCE), or !kdesudo (KDE)
<Vog-work> :) beat me to the punch goofey
<goofey> :)
<goofey> ubottu rocks
<ubottu> Sorry, I don't know anything about rocks
<goofey> lol
<bigbyrd> yeah, i am a windows user trying to set up server for office to do Document management system
<Vog-work> bigbyrd: Well hopefully in time you'll feel like a linux user and will be able to help your office save money in licensing fees :)
<yeason> I'm trying to setup a mail server and everything seems ok except I cannot connect to the server via telnet to test it. I get 'Connection closed by foreign host'. What's the problem here? I'm out of ideas
<olcafo> what's your system? Default Postfix install on 8.10...?
<yeason> more or less default, I've been tinkering for a few days attempting to customize it
<yeason> and figure out what the problem is
<olcafo> the first thing you should do before costomizing it is to make sure it works with the default settings. Makes things much easier to troubleshoot.
<yeason> yea... well there's a huge margin dividing the things I do from the things I should do... =P
<olcafo> do you have a firewall running on the machine blocking port 25?
<yeason> yes I have a firewall, port 25 is forwarded to the mail server tho
<yeason> and I've tried using the local IP address from the internal network and I get the same error
<olcafo> is it hooked up to the internet? my favourite tool: www.mxtoolbox.com
<yeason> lmfao... yea, it's hooked up to the internet...
<yeason> I have no problem starting over from scratch on this if that's what you would recommend, try defaults next time
<olcafo> just looking something up, hold up a sec.
<olcafo> I know I might be stating the obvious here, but have you checked the mail logs?
<olcafo> what do they say regarding the telnet session? does it even record it?
<yeason> hang on a sec... let me find it
<yeason> hmm... I've got my network ip wrong apparently... let me change it and try again
<yeason> hmm... don't mind me, I'm just retarded...
<W8TAH> good afternoon everyone -- (or morning or evening depending) ive a server install running that has for some inexplicable reason frozen at updating apt sources -- (roughly 70%) its been sitting there for over an hour -- what do i do?
<yeason> I had my 'local networks' set wrong
<olcafo> next time you'll know where to look ;)
<yeason> yup =)
<aurigus> crtl-C and start over
<W8TAH> ugh - -ok
<W8TAH> thanks
<olcafo> could be that the server your downloading from became unavailable
<W8TAH> ok
<W8TAH> thanks
<olcafo> I've had it happen to me on the canadian server. I changed to Japan'.
<bosco_> does anyone know of a good website hits tracker with an ubuntu package
<olcafo> webalizer
<bosco_> olcafo, ok installed it via aptitude now what ?? do i have to create symlinks from my /var/www to get it to output ????
<olcafo> the apache conf should be in /var/www/conf.d/
<olcafo> you should just be able to go to www.yourwebsite.com/webalizer
<olcafo> it will be available to the public by default I believe.
<olcafo> you can set up htaccess to retrict it.
<bosco_> k one sec
<bosco_> olcafo, nope not available but it is logging in /var/www/webalizer/
<olcafo> you can add a alias in you website's apache config to the webalizer directory.
<bosco_> olcafo, huh???
<bosco_> ln -s
<bosco_> you mean symlinks
<olcafo> http://httpd.apache.org/docs/2.2/mod/mod_alias.html
<bosco_> thanks
<bosco_> so i am linking /var/www/webalizer/ to /home/user/your-site/webalizer/
<bosco_> with the totorial
<olcafo> pretty much.
<olcafo> if /home/user/ is where your site is
<bosco_> yes
<bosco_> why not just do it with ( ln -s ) symlinks
<olcafo> keeping it in the apache conf files makes it easier to read and troubleshoot.
<bosco_> ah ok
<olcafo> also, I'm not sure apache would recognize the link... I've never actually tried it.
<bosco_> olcafo, look at this
<bosco_> http://pastebin.com/m26ee5489
<Noble> Hi, Im having problems starting dhcp3-server. Its set to start on eth1, but somehow eth1 does not get activated on startup even though I have set it to use static IP
<Noble> result, dhcp3 does not start
<Noble> when i do "sudo ifconfig eth1 10.0.0.1" followed by "sudo /etc/init.d/dhcp3-sever start" it works
<Noble> but I dont want to do that everytime it starts..
<sommer> Noble: in /etc/network/interfaces do you have a "auto eth1" line?
<Noble> yes
<sommer> Noble: if you do a /etc/init.d/network restart does the interface come up?
<Noble> failed to bring up eth1
<sommer> Noble: are there any errors in /var/log/syslog?
<sommer> Noble: you might also check dmesg | grep -i net
<Noble> 2 sec
<Noble> both gives me quite a lot output
<Noble> not sure what im looking for
<sommer> Noble: errors related to eth1
<sommer> Noble: there should be something to hint at where the problem is
<Noble> lets see, Don't seem to be have all the variables for eth1/inet
<Noble> thats from /etc/init.d/networking
<Noble> I have set adress netmask broadcast network
<Noble> anything else i need?
<sommer> Noble: gateway
<Noble> I have no idea what to set as gateway, I have set up 2 nics into NAT
<Noble> dhcp is on the internal
<Noble> eth1 that is
<sommer> Noble: maybe eth0?
<Noble> lol probably, do I write the eth0 ip?
<sommer> Noble: I'd think so... also you might lose network connection playing around with these options, so you might want to make sure you have physical access to the machine
<Noble> Taken care of ;)
<sommer> Noble: I'd give it a try then, can't hurt :)
<Noble> rebooting the server.. 2 sec
<Noble> im on the wifi so im up anyways
<Noble> dont ask..
<Noble> still fails
<Noble> during startup it gives me something with rc2 and eth1 not found
<Noble> flashes by so i cant see
<uvirtbot> New bug: #343762 in openldap (main) "postinst ignores dpkg-statoverride" [Undecided,New] https://launchpad.net/bugs/343762
<Noble> wait, thats an old script of mine
<Noble> removed :P
<Noble> Would it solve my problem if I just set eth1 to look for dhcp?
<Noble> Ok, now everything is working, with NAT and shit. Hurray.
<Noble> Still needs to manually set eth1s ip and then restart dhcp3 and bind9
<Noble> is it possible to make a startup script for this?
<Hans67521> hello all
<Hans67521> has any here used fetchmail
<_ruben> this isnt the place to hold polls .. i assume you have another fetchmail related question as well?
<Hans67521> yes sorry
<Hans67521> i am using ubuntu8.10 server with postfix dovecot for email
<Hans67521> i am not using virtual users
<Hans67521> must i use procmail with fetchmail?
<Hans67521> my isp is hosting my email, id like to download the mail with fetchmail and push the email thru postfix/spamassassin
<Hans67521> how should my postfix main.cf be confiured?
<bigbyrd> i think i installed tomcat twice!!!
<uvirtbot> New bug: #343870 in php5 (main) "php-cli segmentation fault with mysql extension" [Undecided,New] https://launchpad.net/bugs/343870
<Noble> Hi, during startup setting static IP fails, which results in dhcp3 not starting. Suggestions?
<albertico> hi
<albertico> has anyone configured iscsi on ubuntu server 8.04?
<soren> albertico: Yes.
<albertico> soren, I have been configuring a server to use a Dell MD3000i, but got lost on the part identifying the device
<albertico> these are the steps I did: 1)configured the iscsi.conf file 2)iscsiadm -m discovery -t sendtargets -p <MD3000i IP>
<albertico> 3) iscsiadm --mode node --targetname <LUN ID> -p <MD3000i IP> --login
<maesx> hello, I would like to add a package cd of ubuntu-server
<albertico> soren, then I don't know where to look for the device
<soren> albertico: Try in /dev/disk/by-path, for instance.
<pjsturgeon> any idea what could be causing a SATA II HDD (plugged into a PCI SATA card) to swap between sda and sdb on boot?
<pjsturgeon> it takes the point out of an automated system if each time i have to SSH and swap the fstab entry
<giovani3> pjsturgeon: use UUIDs instead
<soren> pjsturgeon: That's *exactly* why Ubuntu uses UUID based mounting.
<soren> pjsturgeon: The order in which the kernel discovers stuff is semi-random. Making assumptions about it is a recipe for disaster.
<soren> maesx: What do you mean?
<maesx> soren: add a Paket the CD
<soren> maesx: Which package?
<pjsturgeon> soren & giovani3: I currently use /dev/sdb1       /media/second-drive     ext3    defaults        0       0  what is correct for a basic ext3 mount?
<maesx> soren : one created by my
<soren> maesx: Do you want it added to the official CD's or do you just want to have it on a single CD?
<soren> pjsturgeon: Use vol_id to find the UUID.
<maesx> soren: added to the official CD's
<soren> maesx: It needs to be in the archive first.
<soren> maesx: You should talk to #ubuntu-motu about including it in the archive.
<maesx> soren: is one deb
<soren> maesx: That doesn't change anything :)
<pjsturgeon> soren: cheers, testing now
<albertico> soren, the server was restarted... I executed the discovery and login commands again... checked /dev/disks/by-path and found two lun devices registered... but then, if I restart the open-iscsi daemon, I get a "no records found" message and can't find the device anymore
<maesx> soren : thanks
<soren> albertico: Sorry, it's been a while since I've dealt with iSCSI. I forget how that's supposed to work.
<albertico> soren, oh well, thanks anyway
<albertico> Has anyone dealt with iSCSI?
<albertico> iSCSI anyone?
<hobo> Any one here have any knowledge on getting broadband cards working?
<Vog-work> hobo: what sort of card?
<Vog-work> you question might be sest answered in #ubuntu not #ubuntu-server
#ubuntu-server 2009-03-17
<sparky_> hey guys, (the noob back :)),  i have a general question about where to mount my share dir for the mass my files on my raid.  I know it's probably just a personal preference but is there a typical location to mnt my raid to share it on my home network?
<olcafo> default mount location for ubuntu is /media/yourdrive
<jlc> nfs and stuff like that, I'll do an /export/home or something like that
<jlc>  krutch.local:/home    2.4T  1.4T  911G  60% /export/home
<jlc> 8)
<sparky_> when i set it up i can make it where my mac see //servername/dirname  ?  Because I have all my music mapped to a certain path and I don't feel like repoint over 6.5k worth of music (and no that isn't 6.5k memory size, that's number of music files)
<twb> IMO you ought to use /srv/nfs or /srv/<something else>
<twb> Since /export is not part of the FHS 2.3.
<hads> Yeah, /srv/foo or /mnt/foo rather than /foo
<hads> I'm not up on the specs for what goes on in /media
<twb> hads: /media is for removable media; /mnt is for temporary mounts
<twb> e.g. "argh, let me just mount one of the RAID1 nodes directly with -o ro for some debugging"
<twb> *temporary sysadmin mounts, that is
<hads> Yeah, I though /media was mostly for removeable stuff
<jlc> if it is for you on your box, you can make it /mydamnmount for the fhs matters :)
<hads> True. Though /srv would be the correct place.
<sparky_> i'm alittle confused with the /srv? was that directed to me?
<sparky_> oh, so it should be  /srv/dirname ?  then I can share it as //servername/dirname  ?
<twb> jlc: you might find that things like updatedb.conf default to doing the Right Thing if you follow the FHS.
<twb> For example, updatedb skips all of /media and /mnt by default.
<twb> But if you mount a removable drive at /im-in-a-hurry-dammit, updatedb will read the entire drive.
<jlc> lol
<jlc> yeah
<twb> Just that bit me on the arse recently because another admin was "clever" and made backup mount points in /b/ and /bb/.
<jlc> sounded like sparky was doing it at home, so it didn't matter
<jlc> i use export/home at home from my solaris days
<sparky_> yea, it's for my home server
<jlc> just like calling partitions slices
<jlc> :)
<kansan> is 1024MB of ram enough for a computer to run ubuntu hardy server?
<kansan>  thinking of buying:  DELL GX280 SFF P4 3.4GHz 80GB
<kansan> is that enough to install nagios on?
<giovani3> kansan: there's no generic advise on specs -- it all depends on the load on the server
<giovani3> advice*
<giovani3> nagios will run on 64 or 128 MB of ram probably ... not that I'd recommend it for production
<twb> giovani3: you wouldn't recommend nagios for production?
<giovani3> twb: read what I said
<giovani3> twb: I was clearly referring to the amount of ram
<twb> giovani3: you said "it"; it's not clear which "it" you're- OK.
<twb> It wasn't clear to me.
<giovani3> heh
<giovani3> nope, nagios is nice for production work, I've been meaning to finish up that book, "Pro Nagios 2.0"
<giovani3> other things got in the way mid-read
<twb> kansan: 1GiB of RAM is adequate for *some* roles.  It depends what the server will be doing.
<mister2> hey i have a quick question, what is the command to see what php version i have installed?
<kansan> twb, i want to install nagios on it and use it to monitor production websites
<twb> kansan: and will the host be doing anything *other* than nagios?
<kansan> and also, to runa  configuration management server called chef
<giovani3> mister2: php -v I presume
<kansan> that has apache as a front end
<mister2> thanks, will try it
<giovani3> mister2: in general, -v is used to print the version of applications -- when in doubt, read the manpage ("man php" in this case)
<hads> dpkg -l | grep php
<kansan> what would my ideal box specs be if i want to run:  nagios, chef-server, apache (only to connect to chef, a ruby based configuration management server)
<twb> kansan: I haven't done that before, but I'm guessing 1GiB would be adequate.
<twb> kansan: usually it's easy to stuff in up to 4GiB, so you have an easy upgrade for RAM if that turns out to be inadqeuate.
<giovani3> 1GB should be plenty to start at least ... unless you're monitoring 100+ hosts in nagios
<kansan> no i'm just monitoring like 10
<giovani3> you'll be more than fine then
<giovani3> however, apache can be a ram hog
<kansan> ok good to know
<giovani3> I'd advise, honestly, against running apache just to provide yourself web management
<giovani3> but, obviously that's up to you
<twb> web management is eeeeevil
<twb> Even Windows have MMS instead.
<giovani3> yeah, except windows isn't any better
<giovani3> it renders all of the management consoles using html :)
<sparky_> jle and twb: I didn't understand the deal with updatedb.conf,  and how that plays with FHS
<twb> sparky_: don't worry about it
<twb> sparky_: it's just big boys talk
<twb> I should say "grown up" talk ;-)
<sparky_> i'm trying to learn that too, lol
<trentster> Hey all, How do I stop mail to root@localhost its messing up my postfix stats, it seems to be triggered every time a cron job is fired.....???
<sparky_> so for setting up a home file server mnt my raid in /mnt or /srv would be better?
<twb> trentster: fix /etc/alias
<twb> trentster: i.e. add an alias root: trentster@example.com
<twb> trentster: note that cron only emails you if something is broken
<trentster> twb, its showing me that the import of awstats log file completed., its starnage beacuase on the cronjob entry at the end of the line i have ">> /dev/null 2>&1"
<twb> That should be >, not >>
<twb> Not that redirecting all output from a crontab entry is a good thing...
<trentster> hmm ok let me change it and see
<twb> It'd be better to use --quiet or similar.
<trentster> twb, thanks, I dont have much experience with cron entries....to use "--quiet" do I just apend to end of the line....eg my cron entry is as follows.
<trentster> "*/5 * * * *  awk 'NF>5{for(i=1;i<=NF;i++){if(i>8&&i+9<NF){printf "%s_",$i}else{printf "%s ",$i}}print ""}' /var/log/xferlog > /var/log/xferlog1 >> /dev/null 2>&1"
<twb> Ow.
<trentster> it would probably be better to place the awk statement into a script file I gather <grin>
<giovani3> it seems to only be emailing STDERR
<giovani3> which is fine
<giovani3> no?
<trentster> giovani3, I dont want anything going through postfix logs as it screws up my awstats
<giovani3> yeah, I can't even follow what's going on in that code :)
<giovani3> too dense for 10pm
<trentster> lol
<trentster> giovani3,  ok the mail from that line says "/bin/sh: -c: line 0: unexpected EOF while looking for matching `''  any ideas how to silence this?
<x409> What is the best groupware i can install on ubuntu ?
<giovani3> trentster: well, that's an error -- so fixing it would silence it, or you could stop sending errors to yourself
<trentster> giovani3, <grin> I know, I just dont know how to fix it.......I did not write the awk statement.....so I dont know why its giving an error, It is working and doing want it needs to do tho
<giovani3> trentster: who wrote it?
<trentster> giovani3, an irc helper
<twb> Haha
<ball> hello doginize
<doginize> hi, ball
<yeason> I've got a postfix server going, it was working fine then I tried to add spam-assassin to the mix and now nothing works. I'm getting an error "line 96: bad transport type: -o" for the master.cf file. line 96 is a blank line. any suggestions?
<yeason> anybody have any ideas at all...?
<kraut> moin
<Scix> i'm working on a server running cups, but I cant find /usr/share/cups/model. Where is the ppd files listed in ubuntu 8.10?
<Scix> Found them. /usr/share/ppd/ :)
<maxb> If you want a list of all installed ones, "lpinfo -m".
<maxb> For some reason that takes ages to run, I'm not sure why
<maxb> Actually it might be loading the printer name out of every PPD
<pablasso> i upgraded from server dapper to hardy (everything went smooth :) but the prompt for regular users is screwed. My PS1 is "${debian_chroot:+($debian_chroot)}\[\033[01;31m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$" and the root prompt is ok, but any other user literally prints the PS1 variable instead of using selected dirs and colors
<pablasso> damn, that was an ugly text. Anyways, any clue on why all the users prompts (except root) aren't obeying PS1?
<okkare> my ssh password and username should be the same as i use to login ot my host machine right?
<thefish> okkare: yes
<okkare> doesn't seem to work :(
<okkare> thefish
<thefish> so you can log in locally on the machine with your username and password, but not over ssh?
<okkare> how do i specify the username
<thefish> ssh username@host
<okkare> thanks
<okkare> worked :D do you know how to set up a folder to be shared via samba as well by any chance
<okkare> via ssh
<okkare> say i want to set / to be shared
<thefish> okkare: thats probably not a brilliant idea
<okkare> i realize that but it would be so much easier for me XD
<thefish> check the default samba config, and modify the demo share to suit you
<okkare> ok
<thefish> okkare: as your attorney, i recommend sharing /srv/smb instead
<okkare> and last question, where is the htaccess/www folder?
<thefish> why would you want / shared over samba?
<thefish> the default webroot for apache on ubuntu is /var/www but it can be wherever you lke
<okkare> oh yeah, thought it was etc/www for some reason
<okkare> i want to share /var/www then
<thefish> fair enough
<thefish> okkare: http://www.subvs.co.uk/linux_web_and_file_server_for_windows_users
<okkare> thanks
<okkare> since you're so helpful :D here's another
<okkare> if i have a 1.4ghz, 512md ram, 400kb/s uploadspeed server, how many hits could it handle per hour, with wordpress
<thefish> 14
<thefish> 15 on tuesdays
<okkare> :P
<okkare> any idea?
<thefish> check out some stress testing tools
<thefish> you also need to add another variable there
<thefish> acceptable page load time
<okkare> right
<thefish> install apache2-utils, and i think there is an app called ab in there (apache benchmark tool)
<okkare> i'll try that
<okkare> but think it could handle 5000+
<okkare> and load in less than 5 sec
<hads> You just pcik that number arbitrarily?
<okkare> that's about what i got with one of my sites hosted elsewhere
<thefish> okkare: was that on a dedicated server?
<okkare> yeah, with a hosting company
<thefish> fair enough
<thefish> remember that network speed will also change things
<okkare> yeah
<okkare> could i handle that with what i have?
<thefish> so if you only have a 10M internet connection, it will probably be less than the isp who probably had 100
<okkare> mine's like 400kbs
<thefish> adsl?
<okkare> cable
<thefish> that will probably bork out before your apache does
<okkare> yeah, that's gonna be the bottleneck
<thefish> in fact it would be safe to wager a small amount of money on that fact
<thefish> or large, depending on how risk averse you are
<okkare> haha, i guess is hould buy some more
<okkare> or hack my modem ;)
<thefish> heh
<okkare> oh wait, my isp now says it's 1mbs
<okkare> Mbps that is
<okkare> or is it
<thefish> that will be your downstream
<okkare> hmm well my dad works for the cable co, so maybe he can pull some strings
<thefish> why not stay with an isp?
<okkare> nope, the download is 15Mbps
<thefish> k
<okkare> the cable co is the isp
<thefish> i mean a dedicated server
<thefish> with a nice 100M network connection
<okkare> oh, i see
<okkare> i guess i just want the expirience
<thefish> fair enough
<okkare> plus i'll never have to move big files via ftp and all that
<thefish> but i dont think you will sustain 5k hits per hour on that line
<okkare> :(
<Al_lA> okkare - there is some seriously cheap hosting out there eh. we use dreamhost here
<Al_lA> virtual servers, you get a terminal interface, can run pretty much any app but they prefer you to stick to web services if you can
<okkare> i don't have money though :/
<Al_lA> not even like $15 a month?
<Al_lA> okay fair enough
<okkare> certainly not
<Al_lA> i had loads of fun just with IIS on my home line, then apache later
<Al_lA> i saw you were using wordpress which i assume is php
<okkare> yeah, but i also use magento
<Al_lA> remember that php and your probably mysql backend  cache frequent requests so your cpu load is even less than what you'd calculate
<okkare> yeah, bandwidth will be my enemy i think
<okkare> i think my video card is fried right now... woe is me
<okkare> so I'm using my regular desktop as the server
<Al_lA> noes... i have a collection of half-fried cards that will work in a pinch but arent dead enough to throw away
<Al_lA> i also have an exam in 9 hours so i'm out, 'night
<okkare> haha mail me one!
<okkare> see you
<okkare> hmm i read that guide and didn't really get how to make var/www shared
<okkare> i need to set up /var/www to be shared using samba, anyone know how
<okkare> i just installed USE
<Pres-Gas> okkare, is the machine joined to an active directory domain or using local users and groups?  Also, will the shares need to be accessed outside of your lan?
<okkare> everything is default, and lan
<Pres-Gas> Oh, so LAN only?
<okkare> yepp
<Pres-Gas> okkare, this should get you started: https://help.ubuntu.com/community/SettingUpSamba#Samba%20Server%20Manual%20Configuration
<Pres-Gas> okkare, what web developing software do your people use?
<okkare> i use dreamweaver but i'll probably switch to something open source soon
<Pres-Gas> Most IDE's have sftp hooks to edit/upload pages in them, then all you need to do is enable sshd and utilize the filesystem permissions.
<okkare> oh really?
<okkare> neat
<Pres-Gas> Yeah, doublechecking with dreamweaver....
<Pres-Gas> okkare, doublecheck this with your documentation, but it looks like in the "New Site" dialog, you would select ftp, but there is a checkbox that says to "Use Secure FTP (SFTP)".
<okkare> and that just needs ssh to work?
<Pres-Gas> Yeah
<Pres-Gas> sshd, okkare, not just ssh
<Pres-Gas> ubottu, tell okkare about !sshd
<ubottu> Sorry, I don't know anything about !sshd
 * Pres-Gas shakes fist at ubuttu
<okkare> is that operating by default on USE 8.10?
<Pres-Gas> okkare, you would have to see if you have the openssh-server installed or see if "sudo /etc/init.d/ssh status" gives you anything.
<okkare> yeah, that's installed
<okkare> i'm using it atm
<Brazen> join ubuntu-meeting
<Brazen> oops
<okkare> hehee
<sLaeYa> Hi, I am having problems with ALC for OpenLDAP, when I run the command
<sLaeYa> ldapmodify -x -D cn=admin,cn=config -W -f acl-del.ldif
<sLaeYa> i get the error: ldapmodify: wrong attributeType at line 3, entry "olcDatabase={1}hdb,cn=config"
<sLaeYa> I have used sudo and also root.  I'm not sure what I am doing wrong
<Pres-Gas> okkare, then what you may want to do is create a group like webdev, then add your web developers to that...then make your sites group owned by webdev.  You will not want to change the user ownership.
<sommer> sLaeYa: can you pastebin the contents of acl-del.ldif?
<okkare> so i don't go and edit smb.conf?
<sLaeYa> dn: olcDatabase={1}hdb,cn=config
<sLaeYa> delete: olcAccess
<sLaeYa> olcAccess: to attrs=userPassword,shadowLastChange by dn="cn=admin,dc=example,dc$
<sLaeYa> olcAccess: to dn.base="" by * read
<sLaeYa> olcAccess: to * by dn="cn=admin,dc=example,dc=tld" write by * read
<sLaeYa> sorry ssh was in a small screen ill paste it again
<sLaeYa> dn: olcDatabase={1}hdb,cn=config
<sLaeYa> delete: olcAccess
<sLaeYa> olcAccess: to attrs=userPassword,shadowLastChange by dn="cn=admin,dc=example,dc=tld" write by anonymous auth by self write by * none
<sLaeYa> olcAccess: to dn.base="" by * read
<sLaeYa> olcAccess: to * by dn="cn=admin,dc=example,dc=tld" write by * read
<sommer> !pastbin
<ubottu> Sorry, I don't know anything about pastbin
<sommer> !pastebin
<ubottu> pastebin is a service to post multiple-lined texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu.com (make sure you give us the URL for your paste - see also the channel topic)
<sLaeYa> oh ok, sorry.
<okkare> XD
<sommer> sLaeYa: are you just trying to remove all ACLs?  I assume so you can change the order?
<Pres-Gas> okkare, I almost missed your reply ;)  No, you would not need to edit smb.conf
<sommer> sLaeYa: you might try: http://paste.ubuntu.com/132480/
<okkare> hmm ok
<sLaeYa> to be honest sommer, I think I'm in over my head, I'm attempting to setup a postfix virtual hosting server with ldap backend.
<sommer> !serverguide
<ubottu> The Ubuntu server guide may be found at http://help.ubuntu.com/8.04/serverguide/C/
<sommer> sLaeYa: there's a section on both LDAP and postfix in the serverguide
<sommer> sLaeYa: you may need more in depth information though
<okkare> hmm well i got "private" to show up, pres-gas, by adding it to the smb.conf
<okkare> but there's an error
<okkare> i'll work it out
<Pres-Gas> Keep hammering away, okkare!  :)
<sLaeYa> sommer, I actually found a comprehensive guide for installing it on ubuntu intrepid, which I have been following but have found no-one who could help me, however it would appear you have just fixed my problem.
<sommer> sLaeYa: party!
<okkare> yay got it to work
<Pres-Gas> okkare, ssh or smb?
<sLaeYa> thanks for your help
<sommer> sLaeYa: np
<fevel> hi
<fevel> how can I send a file to my ubuntu-server
<sLaeYa> Where do you want to send it from fevel ?
<fevel> from a macbook on the same network
<sLaeYa> is there a particular method you want to send it by, do you have ssh setup, or ftp, or samba ?
<okkare> !computers
<ubottu> Sorry, I don't know anything about computers
<okkare> !anything
<ubottu> So, you wanted to lure me into saying I don't know anything about anything? Yeah, that would be funny, of course. Now leave me alone.
<okkare> XD
<fevel> sorry for the delay  sLaeYa, ssh would be better
<Pres-Gas> okkare, you said you got your setup working...with sshd or smb?
<okkare> smb, although i can't write
<Pres-Gas> That is not helpful, eh?
<okkare> not really :/
<sLaeYa> fevel you could sue sftp ?
<sLaeYa> use*
<ball> Does sftp have any money?
<sLaeYa> I don't know what you mean by that ball
<Pres-Gas> Play on words, sLaeYa
<ball> sLaeYa: I was joking because you typed "sue" instead of "use"
<Pres-Gas> You said sue...to litigate for money
 * ball nods
<sLaeYa> Sorry, its just gone past midnight and I've been batteling to keep my eyes open, although I know I have to sort this silly server somehow
<sLaeYa> so I have this LDAP server - or believe I have it setup and when I come to adding a user I am presented with Auth Failure http://paste.ubuntu.com/132508/ Am I doing something wrong? Do I need more coffee?
<sommer> sLaeYa: are dc=example,dc=tld
<sommer> sLaeYa: already created in the directory?
<sLaeYa> to see this wouldn't I have to use "ldap search" ?
<sommer> sLaeYa: yeppers: ldapsearch -xLLL  is usually what I use
<sLaeYa> No such object (32)
<sommer> try ldapsearch -xLLL -b dc=example,dc=tld
<sLaeYa> i get the same response
<sommer> sLaeYa: you can edit /etc/ldap/ldap.conf to set the basedn and connection
<sommer> sLaeYa: it's not created then... try ldapsearch -xLLL -b dc=nodomain
<sLaeYa> same again :s
<sLaeYa> oops
<sLaeYa> here is /etc/ldap/ldap.conf http://paste.ubuntu.com/132519/
<sommer> sLaeYa: is there anything in the directory yet?  cause if not you can do sudo dpkg-reconfigure slapd and set the base
<sLaeYa> I dont have anything in slapd directory
<sommer> sLaeYa: I'd just run the dpkg-reconfigure then... you should then be able to add entries
<sLaeYa> do you mind if i give you a link to the readme I'm following ?
<sommer> sLaeYa: it must be dated... the serverguide OpenLDAP section is updated for Intrepid
<sLaeYa> yes I guess your right, I'm just reading some of the comments on the bottom of it now
<sommer> sLaeYa: I'd recommend following the serverguide for the openldap part, then the other guide when it comes to postfix configuration... or at least the postfix ldap configuration
<sommer> you might use the serverguide instructions for the base postfix config, then ldap after everything is working
<sLaeYa> !serverguide
<ubottu> The Ubuntu server guide may be found at http://help.ubuntu.com/8.04/serverguide/C/
<ScottK> mathiaz: I won't be able to make the meeting today.  Enjoy.
<sLaeYa> is there a way to delete my old database sommer ?
<sommer> sLaeYa: dpkg-reconfigure will take care of that
<sLaeYa> I am getting an error when making the new one because the way I have setup my last one -  http://paste.ubuntu.com/132526/ - the reconfigure didn't and I've run it a couple of times with the different options
<sommer> sLaeYa: do you have an ou=people?
<sLaeYa> no
<sommer> sLaeYa: you'll need to create that first
<uvirtbot> New bug: #344281 in samba (main) "CIFS kernel bug crashes system" [Undecided,New] https://launchpad.net/bugs/344281
<nealmcb> need to update the meeting time on the fridge - still says 16:00 utc
<mathiaz> ok - let's get the Ubuntu Server Team meeting started here
<ttx> \o/
<nijaba> o/
<sLaeYa> thats not shown in the serverguide part I'm reading, is there a different part in the server guide on how to create those ?
<mathiaz> since there is a conflict with the Asia Membership board
 * ball waves
<ball> I didn't get time to read the agenda
<mathiaz> and we'll be in the same situation next week again
<mathiaz> so - let's get the server team meeting started
<mathiaz> #startmeeting
<nealmcb> Agenda: https://wiki.ubuntu.com/ServerTeam/Meeting
<mathiaz> nealmcb: thanks!
<ScottK> Oh.  I guess I won't miss the meeting then.
<nealmcb> :)
<mathiaz> Last week minutes: https://wiki.ubuntu.com/MeetingLogs/Server/20090310
<kirkland> o/
<ScottK> o-
<mathiaz> I don't seen any specific items from last week
<mathiaz> anyone has anything to add regarding topics discussed last week
<mathiaz> ?
<zoopster> Documentation for Eucalyptus in Ubuntu
<kirkland> mathiaz: we delayed the screen-profiles talk until zul got back
<mathiaz> kirkland: ok - I'll add to today's agenda
<ttx> mathiaz: I would like to talk about likewise-open5
<kirkland> mathiaz: i'd also like to discuss testing kvm-84 in hardy
<zul> hi
<mathiaz> ttx: ok
<mathiaz> kirkland: ok
<ttx> so as an item from last week or an item for this week, your choice :)
<mathiaz> [TOPIC] KVM backport in hardy
<mathiaz> kirkland: ^^ ?
<kirkland> mathiaz: i'd like to ask for some assistance testing a kvm-84 package that i've prepared for hardy
<kirkland> mathiaz: its available in a PPA at https://edge.launchpad.net/~ubuntu-virt/+archive/ppa
<kirkland> mathiaz: here's the basic premise ...
<kirkland> mathiaz: hardy shipped with kvm-62
<ScottK> kirkland: When you have a tested backport and you need it approved, feel free to ping me.
<kirkland> ScottK: understood, thanks.
<kirkland> ScottK: kvm is such an important package, i'm asking for a bit more extensive testing that what i can do alone
<kirkland> also, we're talking about more than just applying a couple of bug fixes...
<kirkland> we're talking about taking hardy's kvm from kvm-62 to kvm-84
<kirkland> there's both a kernel piece, and a userspace element
<ScottK> kirkland: +1 for lots of testing.
<mathiaz> kirkland: ie the goal is to prepare an SRU for kvm in hardy?
<zul> just a quesiton how are you going to backport the virtio stuff in the hardy kernel for kvm
<kirkland> these can be upgraded independently, though I'm suggesting we backport both
<kirkland> mathiaz: yes, SRU which actually provides a major version bump
<kirkland> zul: kvm-source provides the kernel space bits
<ScottK> Ah.  If it's SRU, then not mine to approve.
<kirkland> zul: that package is a dkms-built kernel module
<kirkland> i'm getting sidetracked here ....
<zul> kirkland: heh ill talk to you about it after
<kirkland> so the key points are that we believe that kvm-62 has become unsupportable
<kirkland> there are a number of design flaws in that version of kvm that are fixed later versions
<kirkland> as such, these are major architectural changes that cannot be fixed with backported patches
<kirkland> this information comes directly from the upstream maintainers
<kirkland> so i propose that we either need to compose a lengthy list of 'won't fix' and 'can't do' items for hardy's kvm
<kirkland> (such as SMP guests)
<kirkland> or consider a major version bump
<kirkland> i know that at least myself and mathiaz are running kvm-84 under hardy
<kirkland> both kernel and userspace bits, right mathiaz ?
<kirkland> (i'm running both)
<mathiaz> kirkland: yes
<zul> thats fine with me but if you do consider a major version bump then you will want to get the kernel team involved and get their opinon as well
<kirkland> so there is some basic, measurable amount of success
<kirkland> zul: absolutely, agreed.
<kirkland> zul: or, we need to recommend that people use kvm-source for their kvm kernel module
<kirkland> mathiaz: that's basically all....
<zul> the virtio stuff that hardy has already concerns me a bit though
<kirkland> mathiaz: i'll compose a blog post, asking for testing of those packages
<kirkland> mathiaz: i'm quite hoping that some -server team members can do some early testing too
<mathiaz> kirkland: ok - so the first step is to get more testing done from the ubuntu-virt PPA
<sommer> kirkland: I can help test... is there a wiki page listing what to test?
<mathiaz> kirkland: +1 on the blog post
<kirkland> mathiaz: yes, i plan to start the SRU procedures when Jaunty hits beta
<mathiaz> kirkland: as sommer mentionned documentation is very important too
<kirkland> mathiaz: right
<kirkland> sommer: i'll put those together in the blog post
<mathiaz> kirkland: especially on how to setup the new kvm from the ubuntu-virt PPA
<kirkland> mathiaz: okay
<mathiaz> kirkland: I don't think we can really outline what to test (ie test multiple configuration etc...)
<mathiaz> kirkland: but focus on how to install the new version of kvm
<kirkland> mathiaz: well, right, that's part of the reason i can't do it all myself
<kirkland> mathiaz: there are some crazy ways people use kvm and virtualization
<kirkland> mathiaz: that i have not considered
<mathiaz> kirkland: agreed.
<kirkland> mathiaz: EOF
<mathiaz> [ACTION] kirkland to write a blog post asking for testing of kvm 84 backport to hardy with specific instructions on how-to setup kvm 84 from the ubuntu-virt PPA
<mathiaz> kirkland: thanks for the update.
<mathiaz> anything else to add for kvm 84 on hardy?
<mathiaz> I'm running it and it's faster
<sommer> how does the kvm update affect the other tools, like libvirt?
<kirkland> sommer: unknown
<kirkland> sommer: unknown by me, at least
<kirkland> sommer: i'm using kvm from command line,  i think mathiaz  is using virsh (which uses libvirt)
<ScottK> I would appreciate it if we'd be clear about is this a backport or an SRU.  They land in different repos and have different approval mechanisms.
<mathiaz> right - I'm using libvirt to manage all of my vms
<kirkland> ScottK: there are actually 3 approaches on the table
<ScottK> Using the terms interchangably is a recipe for confusion (mine if  no one elses).  OK
<sommer> kirkland: gotcha, I can help test libvirt and such
<kirkland> ScottK: the security team also want to fix a stack of CVE's
<mathiaz> ScottK: the goal is an SRU.
<kirkland> ScottK: which are all fixed in kvm-84
<kirkland> ScottK: i need to evaluate the best place to land this
<ScottK> kirkland: With clamav major updates I've put them in -backports first for extensive testing and then later -security/-updates
<kirkland> ScottK: my original thinking was -backports, but the more we discussed this, -updates started to make more sense
<kirkland> ScottK: as of yesterday, the security team was asking me to fix some CVE's
<ScottK> You might start with -backports and then migrate.  It's worked well for the clamav migrations (which are pretty intrusive).
<kirkland> ScottK: before i spent any effort trying to isolate and cherry pick fixes, i mentioned that i'm already investigating the possibility of an sru and/or a backport
<mathiaz> kirkland: may be using the following approach would make sense: ubuntu-virt PPA -> hardy-backports -> hardy-updates?
<kirkland> ScottK: mathiaz: i agree with that approach
<kirkland> ScottK: mathiaz: what about -proposed?
<kirkland> backports -> proposed -> updates ?
<ScottK> mathiaz: Actually if there's CVEs fixed you want to go -backports ->-security ->-updates.
<mathiaz> kirkland: it will go to -proposed before -updates
<kirkland> ScottK: there are cve's
<mathiaz> kirkland: -proposed is always part of the SRU process.
<ScottK> -security to -updates is normal.
<kirkland> backports -> security -> proposed -> updates ?
<ScottK> kirkland: If it goes to security it'll go straight to updates from there.
<mathiaz> kirkland: no - backports -> security -> updates
<kirkland> ok
<ScottK> that's normal for all security fixes.
<mathiaz> kirkland: or backports -> proposed -> updates
<ScottK> mathiaz: But if you're fixing CVEs this way you can't leave -security out.
<kirkland> ScottK: well, my goal was to affect the fewest people first, more later
<ScottK> Having CVEs fixed in -updates that aren't fixed in -security would run counter to how things normally work.
<jdstrand> ftr, kirkland knows this already, but if it is destined for -security, please build without -update (or -backports)
<ScottK> You might go -proposed to -security and -updates at the same time, but IME enough people run backports that's a sufficient testing ground.
<kirkland> jdstrand: done!  in the latest https://edge.launchpad.net/~ubuntu-virt/+archive/ppa
<mathiaz> ok - let's move on
<kirkland> ScottK: mathiaz: thanks for the info
<mathiaz> kirkland: I think the next step is defined (blog post)
<mathiaz> kirkland: we'll discuss later whether it should go trough security or proposed
<kirkland> mathiaz: okay
<mathiaz> kirkland: thanks for the update on this topic.
<mathiaz> [TOPIC] likewise-open 5 in jaunty
<mathiaz> ttx: ^^?
<ttx> yes, an Ffe has been granted to get likewise-open5 in Jaunty (thanks, ScottK !). I just uploaded the package and it's in the NEW queue right now
<ScottK> Ah.  Good.
<ttx> This is a separate package because the upgrade requires you to leave and rejoin the domain, which we consider unacceptable for our current likewise 4.1 users (or at least not our choice to make).
 * ScottK was wondering.  Did you set the bug to fix committed?
<ttx> I was about to. uploading can be long with sucky bandwidth.
<ttx> So Likewise Open 5 will coexist with Likewise Open 4.1 in Jaunty.
<ttx> For the Karmic cycle we'll work with upstream to propose a seamless upgrade for all users to the latest version, and phase out 4.1
<ttx> We'll also make sure they work with pristine krb5 1.7 libraries to avoid maintaining a separate GSSAPI implementation there.
<ttx> so as soon as it lands, please test it, given the late upload we'll not have much time for this.
<ttx> From my testing it works better than 4.1... but I clearly didn't test all scenarios
<ttx> since I don't have such a wide array of AD domains to test against.
<ttx> eof
 * ScottK considers the Server Guide ought to answer the question "Which do I use?"
<ttx> yes, I was planning to discuss that with sommer
<ScottK> Excellent.
<ttx> I also have a couple of likewise-open bugs that are fixed in likewise-open5
<mathiaz> ttx: what happens if you have a system with 4.1 installed and you install 5?
<ttx> it removes likewise-open (resulting in domain leave) and installs 5
<sommer> ttx: sure just ping me
<ttx> mathiaz: it just won't happen automatically by upgrading to Jaunty. Losing domain membership in the upgrade is not really acceptable
<mathiaz> ttx: ok - and joining the domain is not done during postinst?
<ttx> mathiaz: you need the windows AD admin password to join.
<ttx> which in most use cases the local admin won't have
<sLaeYa> is there a way to restore your server to the initial install without reinstalling it ?
<ttx> so no, it's not done in postinst.
<mathiaz> ttx: ok.
<mathiaz> ttx: I'm wondering if we should print a message to explain that the machine has been removed from the domain and should be rejoined (in the use case of 4.1 -> 5 upgrade)
<mathiaz> ttx: doing this *pseudo* upgrade would leave the system unusable and providing as many hints as possible would be good
<ttx> There is a message printed when the domain is left (when likewise-open is removed)... but that could appear more clearly.
<ScottK> mathiaz: It should probably go in a Debian.NEWS for the package.
<ttx> mathiaz, ScottK: noted.
<mathiaz> ttx: and probably in the release notes
<ttx> mathiaz: I'm not sure. Installing likewise-open5 is up to the user, it won't influence an existing setup just by upgrading
<[HU]gnanet> Hi, i have a problem with my production system running ubuntu hardy: I run 3 xen servers where i have one hardy guest for mysql and one hardy guest for apache-php-lighttpd-squid. The webserver farm gets its data from a ocfs2 partition. My webserver guests are dying with kernel page faults, i heard of a kernel problem with the hardy xen kernel, so i thought of changing kernels, but the Intrepid kernel has OCFS2 1.5.0 modules, the hardy 1.3.3, an
<ttx> so I wouldn't say it's release notes material.
<ttx> not something you need to know before/after upgrading to Jaunty.
<mathiaz> ttx: right
<ttx> it's something you need to know if you plan to install that particular package.
<mathiaz> ttx: the point here is that we need to get the word out
<ttx> so Server Guide, Debian.NEWS...
<mathiaz> ttx: but I agree that the release notes may not be the best place
<nealmcb> it could go in the package description
<ScottK> nealmcb: I think that's overkill.
<mathiaz> ttx: what about a message in likewise-open 5 preinst?
 * ttx agrees with ScottK
<mathiaz> ttx: you should be able to detect wether 4.1 is around and get a message to the user
<ScottK> mathiaz: When will that get seen that NEWS wouldn't?
<ttx> I'm not sure that would increase visibility that much. Someone installing a new package should be ready for some change anyway.
<mathiaz> hm - ok.
<ttx> He needs to know he has to (re)join  the domain after install... but too much warning in advance might not be necessary
<ttx> it's the same things he needs to do after installing likewise-open in the first place
<mathiaz> ok - let's move on. It seems that we've identified places where the warning message should be put.
<ttx> yes.
<mathiaz> ttx: anything else to add on the likewise-open front?
<ttx> no.
<mathiaz> ttx: allright then. Thanks for the update
<mathiaz> and we're looking for testers!
<mathiaz> let's move on
<mathiaz> [TOPIC] screen-profiles by default
<mathiaz> kirkland: zul ^^?
<zul> this is just for ec2 right?
<mathiaz> zul: yes
<kirkland> mathiaz: i'm proposing this, yes
<mathiaz> screen-profiles by default in *EC2*
<kirkland> mathiaz: in EC2 yes
<zul> im against it, the goal of the ec2 is to behave exactly what we have now in the server
<kirkland> mathiaz: ubuntu-server in ec2 is inherently console-less.  you attach, run something, perhaps detach, reattach later
<zul> soren ehammond1 and I already discussed this and we were against it
<kirkland> mathiaz: this lends itself very well to screen
<zul> kirkland: i agree its nice to have its installed on the images but I dont think it should be enabled by default
<kirkland> mathiaz: furthermore, i believe it's a great way to differentiate what are very similar servers in the ec2 space
 * Brazen agrees with zul
<mathiaz> kirkland: right - does running screen by default would have an impact on automated installation (via ssh)?
<soren> kirkland: Do you feel you've overcome the concerns people have raised with screen?
<soren> kirkland: Like, say, overlapping key bindings?
<kirkland> soren: the outstanding issues i know about are: https://bugs.edge.launchpad.net/ubuntu/+source/screen-profiles
<kirkland> and
<kirkland> https://bugs.edge.launchpad.net/ubuntu/+source/screen
<kirkland> soren: i don't feel that any of these are blockers for adoption
<ttx> I tend to agree screen is especially useful in the EC2 case... but I also agree that we should mimic what's in the default server install.
<kirkland> mathiaz: if soren, zul, and eric are opposed, i withdraw my suggestion
<soren> I can't spot the "hijacks application's keybindings" thing in there anywhere.
<soren> I've never filed it as a bug. Perhaps because it's behaving as advertised or because I just don't see a clean way around it. I don't know. I just haven't :)
<kirkland> soren: that was worked around by providing an option to disable and/or customize the keybindings applied by screen-profiles
<mathiaz> kirkland: I think it's an idea worth exploring - however I'm not sure that using screen by default on *EC2* only is good.
<soren> kirkland: Which means more work by default.
<mathiaz> kirkland: we should investigate if we should enable screen by default *everywhere*
<kirkland> mathiaz: i agree with you;  i though ec2 would be a perfect place to start
<mathiaz> kirkland: true.
<kirkland> mathiaz: these are machines that you are *never* physically sitting in front of
<kirkland> mathiaz: in this case, they are very unique
<kirkland> mathiaz: "they" being hosted servers of any kind, ec2 being the present example
<zul> kirkland: i think its a good idea overall but its too soon
<nealmcb> could it be in the motd for ec2?
<soren> I must say that while screen-profiles surely solves a problem, I think it will annoy a rather large group of users. Me, for instance :) It's too in-my-face. I don't really want to know that screen is there until I want to do something with it.
<Brazen> I think screen is just as useful, and maybe more so when physically at console (with no X, such as with servers), so I don't see the relevance of ec2 being remote-only
<kirkland> mathiaz: i suppose we can revisit this in karmic
<mathiaz> kirkland: right.
<mathiaz> we're running out of time
<mathiaz> even though we have the whole channel for us for *ever*
<mathiaz> kirkland: thanks for bringing this up - we should definetly revisit this topic for karmic
<mathiaz> kirkland: you could also send an email on ec2-beta
<mathiaz> kirkland: to get some feedback there
<mathiaz> [TOPIC] Open Discussion
<mathiaz> anything else to add?
<sommer> I think zoopster  mentioned eucalyptus documentation?
<zoopster> I did.
 * erichammond wakes up, scans the meeting log, nods, and heads out to an off-site meeting.
<zoopster> but given time...I can take it offline
<sommer> zoopster: okay
<simplexio> hmm what is screen-profiles ? keybindings for screen
<mathiaz> ok - let's wrap up
<mathiaz> [TOPIC] Agree on next meeting date and time
<mathiaz> so next week the TB is running at 15:00 UTC
<mathiaz> at the same time as our currently scheduled meeting
<mathiaz> so my proposal is to run the meeting at 15:00 UTC in #ubuntu-server
<mathiaz> same as this week
<mathiaz> (and last week)
<mathiaz> so: same time, same place (#ubuntu-server), next week?
<fevel> where does ubuntu server put the apache vhosts conf file please?
<mathiaz> ok - I don't see any objections - so see you all next week, same time, same place (#ubuntu-server)
<Brazen> fevel: /etc/apache2/sites-available/
<mathiaz> thanks for attending and happy beta testing!
<fevel> thanks
<mathiaz> #endmeeting
<[HU]gnanet> Sorry for filling up the meeting with my problem, but can anyone give me a clue?
<mathiaz> [HU]gnanet: np - you'd better post your question again
<[HU]gnanet> ok
<[HU]gnanet> So again:
<[HU]gnanet> Hi, i have a problem with my production system running ubuntu hardy: I run 3 xen servers where i have one hardy guest for mysql and one hardy guest for apache-php-lighttpd-squid. The webserver farm gets its data from a ocfs2 partition. My webserver guests are dying with kernel page faults, i heard of a kernel problem with the hardy xen kernel, so i thought of changing kernels, but the Intrepid kernel has OCFS2 1.5.0 modules, the hardy 1.3.3, an
<[HU]gnanet> kernel version on domU is /was 2.6.24-19
<Brazen> Any reason you are using Xen instead of KVM?
<[HU]gnanet> Brazen> the CPU doens not support KVM as we checked in the beginning
<Brazen> I mean, I don't have a clue about your problem, but for future reference I would suggest KVM.
<Brazen> oh
<Brazen> in that case, I would use (and do use) qemu with kqemu.
<[HU]gnanet> i will investigate it (qemu) for the future
<Brazen> anyway, since no one else is piping up... page faults sounds like it is a memory problem, so it could be an issue with fighting over RAM, or a problem with swap space.
<jdbrowne> Hello, to which extent can our company benefit from a canonical support contract provided we run a modified kernel? at this time, we run a modified kernel to use specific dvb drivers at least.
<zoopster> jdbrowne: no one is responding - generally speaking a system running a modified kernel cannot be supported
<shame> I have a small 2 node xen cluster, both nodes running gutsy because of https://bugs.launchpad.net/ubuntu/+source/xen-3.2/+bug/209893.. I'm considering how crazy it may be to rebuild one of the nodes using hardy+kvm and rebuild each of the guests up on that node as a kvm guest until everything's up on that kvm node, then rebuilding the other xen node
<uvirtbot> Launchpad bug 209893 in xen-3.2 "Xen kernel oops loading 3w-9xxx driver" [Undecided,Incomplete]
<shame> I'm assuming the scsi driver wouldn't be an issue because it seemed to only have issues with the xen kernel(s) IIRC
<shame> I guess I'm wondering if any of you have done a xen->kvm migration and have anything to say of your experience
<simplexio> just inrested. is kvm nowdays "the choice" for virtualization or does xen has it points still ?
<shame> *shrug* kvm appears to be a more sane long term solution to me
<shame> do the xen folks still recommend using 2.6.18?
<jmedina> I still use Xen in production, there is active development, novell, suse, citrix are working in xen, redhat' s server virtualization is based on xen, not KVM, I think redhat recomends KVM for desktop virtualization
<jmedina> is live migration supported in KVM?
<zoopster> however redhat has publicly stated that xen is maintenance only now...all future dev will be for kvm only
<ball> jmedina: any thoughts on Xen Vs. VirtualBox?
<shame> jmedina, yep kvm does that.. the last time I checked it didn't do full paravirtualization so you couldn't use it on machines that lacked the special virtualization sauce in the cpu or something
<jmedina> ball: I havent used virtualbox for server virtualization, only for desktop
<soren> shame: VirtualBox isn't very useful for server virtualisation.
<shame> I'm not talking about VB
<soren> ...as you can't detach from the console while keeping the VM running.
<[HU]gnanet> Virtualbox headless is an interesting effort ... but the resources...
<shame> KVM
<soren> shame: Sorry.
<shame> :)
<jmedina> I have not compared kvm vs xen performance, especially in I/O for disks an network
<soren> ball: ^^ What I just said to shame about virtualbox was for you.
<jmedina> full virtualization performance in xen is really poor, then redhat released GPL Paravirtualized drivers for full vrt enviroments
 * ball nods
<shame> I've been pondering it for sometime but it came back into mind this morning when one of my dom0's rebooted and the guests come up without network connectivity (still not sure wtf is up with that
<shame> dom0 has connectivity, all the interfaces are up.. but it's like the bridge is broken or something
<jmedina> there is GPL windows paravirtualized drivers in xen, they help increase performance for windows
<ball> Can Ubuntu Server be dom0?
<soren> ball: Hardy can, yes.
<jmedina> ball: yeap, I use ubuntu-xen-server package in hardy
<shame> ball, yes, I'm using gutsy
<shame> jmedina, 64bit?
<jmedina> jmedina: yeap
<cjwatson> jdbrowne: you should ask your support contacts about that, rather than this channel
<soren> right, sorry. "=< hardy" can do it.
<shame> :)
<jmedina> with AMD X2 and xeon 54xx queadcore
<shame> there wasn't a 64bit package available for ubuntu-xen-server when we were setting these up
<shame> it was right around the hardy release, maybe just prior to it
<jdbrowne> cjwatson, zoopster: thx
<simplexio> hmm how i figure out if my cpu support amd-v, i have opteron 165
<soren> simplexio: grep svm /proc/cpuinfo
<ball> Could I have 64-bit dom0 with 32-bit dom1?
<simplexio> cpuinfo dosnt have anything about amd-v
<soren> simplexio: "svm" is what you're looking for.
<simplexio> thanks soren. it look like 165 is too old model
<J_P> are there source list for feisty active?
<J_P> I wnat install smartmontools, but apt-get update not find more feisty
<Jeeves_> J_P: Better upgrade to something newer ;)
<J_P> Jeeves_: Yes I know, but for now I need still that version
<J_P> install smartcl
<J_P> Don't are a old.ubuntu repos for me set in my sources.list ?
<fevel> does anyone know how I can make external_acl_type session work every time the browser is launched?
<fevel> better yet "squid_session"
<kees> kirkland: for a full version bump that included security fixes, it would go  -proposed -> -security -> updates.  but the -proposed step would go through the security-proposed queue so it didn't get built against -updates.
<jdstrand> kees: ScottK was suggesting security-proposed -> -backports -> -proposed (optionally) -> -security
<jdstrand> kees: he posited that more testing will be done in -backports
<jdstrand> kees: fyi only
<kees> jdstrand: really?  more testing in -backports?  if that's true, sure.  though you could probably put it in -backports and -proposed at the same time.
 * jdstrand nods
<jdstrand> kees: they certainly are not mutually exclusive
<axisys> can I have multiple up route commands or do I have to add all of them to a script and do up /path/to/script for interfaces file ?
<infinity> You can have as many "up" commands in interfaces as you want.
<infinity>        The following "command" options are available for every family and method.  Each of  these
<infinity>        options  can  be  given  multiple times in a single stanza, in which case the commands are
<infinity>        executed in the order in which they appear in the stanza.  (You can ensure a command never
<infinity>        fails by suffixing "|| true".)
<infinity> axisys: man 5 interfaces
<axisys> infinity: thanks a lot
<uvirtbot> New bug: #344490 in mysql-dfsg-5.0 (main) "apt fails to install mysql-server-5.0" [Undecided,New] https://launchpad.net/bugs/344490
<billyk> hi
<billyk> does anyone know of a way to ssh into a server that's on dhcp behind a router? (and without port forwarding in the router)
<Deeps> ssh to the router and ssh from there?
<Deeps> ssh to another machine behind the router that has ports forwarded to it?
<Deeps> remote desktop to another machine behind the router that has ports forwarded to it?
<Deeps> (in both previous cases, ssh on from there)
<billyk> no, just ssh to a machine behind a router without port forwarding
<billyk> so it has to be initiated outbound?
<Deeps> if you're outside of the network currently, you're out of luck
<Deeps> if you're on the machine in question, you can use ssh's feature of remote port forwarding
<billyk> so could I keep a ssh connection outbound to a wan static IP?
<Deeps> ssh -R 3000:localhost:22 user@remotemachine
<Deeps> and then remotemachine:3000 would forward to your natted machine, as long as the ssh session to remotemachine remained online
<Deeps> well, thats not striclty true
<Deeps> as remote port forwards bind to localhost on the remotemachine
<billyk> hmm, i gotta draw a picture of what I'm trying to do
<_ruben> and -g to able to connect to it from other hosts
<_ruben> dunno if -g works for remote ones
<Deeps> does -g work with remote port forwarding?
<Deeps> i was under the impression that only worked with local port forwarding
<billyk> ok, so if I initiate a connection outbound from the server, and do keepalive or heartbeat, I can always see where it's coming from
<_ruben> could very well be, never tried tbh :)
<Deeps>      -g      Allows remote hosts to connect to local forwarded ports.
<billyk> can i use that connection to go inbound too? like to remotely manage the serer
<billyk> okay
<Deeps> i was right ;)
<Deeps> billyk: read what i've said already, info's there
<billyk> ah
<Deeps> billyk: (ssh -R)
<Deeps> natmachine: ssh -R 3000:localhost:22 user@remotemachine
<billyk> yeah, i want to be able to drop a box on a consumer lan (with a dynamic wan IP and lan IP) and remotely manage it
<billyk> gotcha
<Deeps> remotemachine: ssh -g -L 3001:localhost:3000 localhost
<Deeps> anywhereintheworld: ssh -p 3001 user@remotemachine
<Deeps> and you get ssh'd into natmachine
<uvirtbot> New bug: #344499 in samba (main) "samba crash" [Undecided,New] https://launchpad.net/bugs/344499
<billyk> okay
<_ruben> or do it the proper way and setup a vpn ;)
<Deeps> or that :)
<billyk> well then you'd need a vpn server on the edge of the remote network
<Deeps> openssh has built in vpn now
<Deeps> although you need it enabled in the remote sshd
<billyk> ok
<Deeps> likewise do you need AllowTcpForwarding enabled in the remote sshd (it is by default)
<billyk> okay
<Deeps> GatewayPorts may also be of interest (man sshd_config)
<Deeps> PermitTunnel relates to the sshd's vpn server
<Deeps> enjoy breaking out of your corp/school firewall ;)
<Deeps> and enjoy getting your login suspended when networks find out ;)
<billyk> lol thats not what i'm doing
<Deeps> haxing neighbours wifi?
<billyk> i'm trying to build an appliance that I can sell and drop on someone's network and then be able to remotely access it
 * Deeps trying to think of scenarios where you cant just port forward
<Deeps> ah
<_ruben> the ease of ssl tunnels (over port 443 for instance) are a bitch to block .. wonder if i could tweak our squid to block such stuff
<billyk> also looked at corkscrew
<billyk> haha
<Deeps> _ruben: could just use timeouts
<Deeps> kill off any active ssl sessions that have been active > Xmins
<_ruben> Deeps: and the vpn would just reconnect .. doesnt help much i guess
<billyk> lol
<Deeps> if you kill off any sessions > 60 seconds, you'll piss whoever it is off enough that they'll give up after a while
<billyk> oh, also how can I start firefox without a display manager or desktop environment?
<Deeps> X forwarding
<billyk> so just barebones xorg, firefox, and its dependencies
<Deeps> google for the rest
<Deeps> ssh -X remotehost, remotehost: /usr/local/bin/firefox &
<billyk> yeah, I did... but i'm kinda lost about creating displays and stuff
<billyk> no, locally
<Deeps> indeed, if you have X forwarding enabled on the remote sshd, it'll forward the X data to your local X server over ssh
<Deeps> but run the app on the remote machine
<billyk> no, like run firefox on the server
<Deeps> and view it where?
<billyk> sooo serer with screen attached via vga cable
<billyk> local display
<Deeps> it'd need an X server running
<billyk> startx?
<billyk> or something
<Deeps> and ideally a window manager too probably
<Deeps> thats outside the scope of this channel though
<_ruben> server doesnt have X installed by default .. nor any window manager
<Deeps> #ubuntu for GUIs
<_ruben> and installing X makes a server a desktop :)
<hads> If you must, ratpoison has few dependancies.
<billyk> eh, I just need firefox fullscreen with no border at all times
<billyk> so would a window manager really be necessary?
<hads> As was mentioned, it's not really on topic here.
<billyk> ugh I know #ubuntu is just gonna send me back here since I'm working off a ubuntu-server base
<billyk> and this machine has a LAMP sooo it's more  of a server
<billyk> and it has no input devices but network
<billyk> more server
<Deeps> billyk: X is outside the scope of this channel, google however is your friend
<billyk> Deeps: haha okay, I had to try :-)  Thanks!
<hads> X with no input devices? Odd.
<_ruben> sounds more like a kiosk than a server to me
<alonea> ok, was told to ask my question over here.
<alonea> ok, I have a cvs server, but wanted to have it mail out the commit changes to everyone. So I tried cvsspam, but it seems i wont be able to use sendmail, but it supports smtp, but problem again. Gmail has to have the authentication stuff, so I am lost on what to do here.
<Deeps> sounds like a monitoring server
<billyk> yeah, like a display
<billyk> slideshow box basically
<billyk> not h4x0ring a school or anything
<_ruben> alonea: we use syncmail for that .. didnt configure it myself though, dunno any details of it
<Deeps> in short, install xorg and an ultralightweight window manager (wm, icewm, evilwm, etc.), google will be able to give you more help on that though, and be prepared to install stuff from sources
<alonea> _ruben: well, I might try that, but I am limited on what I can do on this server. i will take a look at it. its really the authentication that seems to be the problem, unless you know of a way to get a free smtp server that doesn't require it?
<billyk> thanks Deeps
 * hads prefers ratpoison
<_ruben> alonea: install postfix on that box and configure it to relay through gmail using authentication .. perhaps ssmtp does support it aswell
<billyk> hads: not stumpwm?
<Deeps> billyk: it's okay, i learnt how to do all this because i needed to break out of a school + corp network ;)
<billyk> yeah :-) yay ssh tunnels
<alonea> _ruben: I will look at that. does it require having any type of root access to install? really all I can do is run scripts and use the stuff that is already installed system wide.
<_ruben> alonea: postfix most likely does, ssmtp can probably be installed as a normal user without too much hassle
<_ruben> enough for today, im out
<alonea> thanks again
<alonea> nope on both programs....ssmtp wants access to /usr/local
<Administrator> Where can I find my usb stick from the terminal
<moz> i heard it was under /media/disk or something
<moz> but i only have cdrom and cdrom0 and they are both empty
<ost> Hi, I am trying to setup a mail server and everytime (I have tried it a few time) I get this error: Relay access denied
<ost> does someone know what this could be?
<o891> Relay access denied
<o891> Hi, I am trying to setup a postfix mailserver and I keep getting this error: Relay access denied
<o891> does someone know what this could be?
<o891> anybody?
<genii> o891: It means the machine to which you are sending mail to will not deliver them to locations outside of the domain it belongs to.
<o891> genil: thanks, do you know how i can fix it?
<genii> o891: That has to be done on the machine to which you are sending mail
<o891> genil: i have tried a few different ways and so I went back to the Basic Setup Guide and I still get this error
<genii> (to allow your ip or so as a trusted source that it will relay mail for)
<o891> genil: but I get it with anywhere I am sending mail, even if I send mail to myself I get the error
<o891> genil: but my server is the smtp server
<genii> o891: Likely then your ISP does not allow you to use your connection for an email server
<hads> Huh
<o891> genil: could it be something else?
<Mal3ko> genii
<o891> genii: or is it my ISP not allowing it for sure?
<Mal3ko> [11:48:12] <genii> Mal3ko: Research indicates kernel needs recompiling with options CONFIG_HIGHMEM64G=y, CONFIG_HIGHMEM4G=y even if PAE is enabled
<Mal3ko> http://tinypaste.com/e3cec
<genii> o891: try telnet to port 25 of the machine which is supposed to be the one sending your mail and see if you get an smtp server response
<hads> `sudo dpkg-reconfigure postfix` should get you most of the way to setting up a basic postfix config.
<genii> Mal3ko: Did you get it resolved finally? (free not showing your full ram)
<o891> genii: I get a response but after setting rcpt to:<fmast@o891.net> I get the error
<genii> o891: Do you legally own the domain of 0891.net ?
<o891> genii: yes
<o891> genii: o891.net
<genii> o891: Is the IP the machine sending mail is on in the dns server list for that domain?
<genii> or does it have an MX entry, etc
<o891> genii: yes it does: the mx entry is mail.o891.net and it points to the IP of the serve
<o891> r
<genii> o891: You might want to check your mailrc file or so then
<genii> o891: hads' suggestion of postfix reconfigure may give you some of these options like mail relay etc
<o891> genii: in the log I get the following error, maybe you have seen this before: Mar 17 22:59:27 ost postfix/smtpd[24190]: NOQUEUE: reject: RCPT from 84-75-23-205.dclient.hispeed.ch[84.75.23.205]: 554 5.7.1 <fmsaster@o891.net>: Relay access denied; from=<root@o891.net> to=<fmsaster@o891.net> proto=ESMTP helo=<o891.net>
<o891> denii, hads: I will try that now, see if it gives me any options (sorry I didnt realise before that that message was for me, thanks hads)
<genii> o891: looks like the next box from you upstream won't relay. Likely your machine fails some test like rarp or so
<o891> genii, hads: I just did the reconfigure and it doesnt say anything about relay
<o891> genii: the next box being my isp? that makes sense because I can send mail localy as in diretly from root to fmaster
<genii> o891: Yes, your ISP
<hads> There's nothing in that log about another SMTP server.
<o891> Would that also block my imap and pop because I had those two working today.
<o891> hads: So what does that mean?
<genii> o891: The problem is this: your isp has the name 84-75-23-205.dclient.hispeed.ch assigned to the ip which you are also using for o891.net
<genii> So when you try to send email from o891.net it appears to be coming from 84-75-23-205.dclient.hispeed.ch instead
<o891> genii: ok thats the node name right?
<o891> genii: And that means that the SMTP Server doesnt allow it because it thinks that it is coming from the wrong server, right? Could I allow 84-75-23-205.dclient.hispeed.ch as a smtp relay in postifx?
<genii> o891: Not sure about node name or so. But when some other box on the internet gets email supposedly from your domain and looks up the ip it gets a different name and so rejects it
<moz> im trying to use my usb stick, i've tried "mount /dev/sda1 /mnt" but i dont really know what that does and and what to do next?
<o891> genii: ok I see, well do you know of anyway to overcome this problem?
<genii> moz: sda is usually the primary drive and not a one like second drive or usb or so on
<genii> o891: Convince your isp to put in their dns your domain for that ip
<o891> genii: so when I telnet the rcpt address the server IMMEDIATELY checks the IP of the recpt domain?
<genii> o891: It should, yes
<o891> genii: ok I see. Well I doubt they will do that as I don't even have a static IP address...
<o891> genii: I suppose that that means that I can't run a smtp server on my box, right?
<genii> o891: You could use some service like no-ip or other kind of ddns
<o891> o891: I was looking into DynDNS the other day, so I might have to use that after-all...
<o891> genii: well thanks for the help anyway, I will look into it!
<moz> genii: what should i be mounting then, im a little confused, quite new to linux
<hads> DNS is not the issue. I don't have time to work through a mail setup but it looks like you don't have your domain in mydestination.
<o891> hads: in the postfix main.cf I have the following line: mydestination = o891.net
<o891> hads: should that be mail.o891.net then?
<genii> moz: If you do: sudo fdisk -l   it should list there all your hd. Looks for the one which size is the usb one. if for instance it is sdc1   then use that in the mount command instead of sda1
<o891> hads: I just changes that line to mail.o891.net then restarted postfix and it still gives the error
<Stargazer> Does ubuntu server run just as easily as the desktop version (in terms of wired/wireless connections) ?
<moz> genii: i need to unmount sda1 but its the hard drive, and its not letting me unmount it because its busy, what should i do ?
<okkare> it's command-line only by default stargazer
<okkare> so it may not be as "easy"
<Stargazer> I'm fair in CLI.
<okkare> but it connects via dhcp automatically
<Stargazer> But normally ubuntu will just connect when i plug in.
<Stargazer> Ubuntu Desktop*
<okkare> it should do that, yeah, i set mine to a static ip just by editing /etc/network/interfaces
<genii> moz: sudo umount -f /mnt ; sudo mount -a
<genii> moz: This should remount sda1 in it's proper place
<moz> what does the -a command do ?
<genii> moz: the -a mounts all stuff you have in /etc/fstab
<moz> im still getting device or resource busy
<Stargazer> Ohh, i remember installing Server edition and having trouble with seup. something about 'what type of server will this be?
<moz> for the first command
<Stargazer> '*
<uvirtbot> New bug: #340437 in dhcp3 (main) "cannot get ip address from dhcp" [Undecided,Incomplete] https://launchpad.net/bugs/340437
<moz> genii: because its the harddrive i guess its busy
<genii> moz: Because root fs is always busy and likely sda1 was that partition, the -f (force) might not work. The fast thing instead of mucking about live is just reboot it and things will mount where they are supposed to again.
<moz> ahhh ok
<moz> cool
<moz> i just installed this: linux-image-2.6.27-11-server 2.6.27-11.27
<moz> because i needed it, it has inbuilt drivers to recognize my usb wireless stick
<moz> but now when i restarted, the system has paused at "loading hardware drivers"
<moz> i just pressed crtl-alt-del to restart, and it presented me with the login screen, and im in, what happened there?
<moz> its doing it each time,  when i press crtrl-alt-del something is being killed, its not working properly, why didnt installing the kernel update work? it worked when i did it on xubuntu desktop
<uvirtbot> New bug: #306541 in mysql-dfsg-5.0 (main) "mysql apparmor profile forbids raising max open files limit" [Undecided,New] https://launchpad.net/bugs/306541
<cmoss1> question: i have a dell desktop computer that is running ubuntu server, but I have it hooked up to a monitor...after a little while, it will blank the screen, but will keep the led light on the back of the monitor on.  I have tried setterm, and it doesn't seem to do anything to stop sending a signal (even if it is just a blank screen)
<moz> also, i installed the kernel using sudo dpkg -i linux-image-2.6.27-11-server 2.6.27-11.27
<moz> was that correct
#ubuntu-server 2009-03-18
<moz> does no one know anything about this? sorry i've posted this question but im new and totally stuck
<moz_> my laptop is making a really loud continious bleep sound, after a couple of minutes of loading, is this over heating? only have heard it since i installed ubuntu server
<moz_> earlier today
<moz_> and it wont stop till i shut it down
<Stargazer> I'm installing Ubuntu server and it's asking what the server will be for. I'm only going to use it to script some programs and compile them, what do i set the server as ?
<moz_> i dont have permissions for anything
<moz_> i cant even create a new file, says "cannot open swap file for <file> recovery impossible"
<hads> Stargazer: Just select nothing
<moz_> whats happened to my installation, i dont have permissions for any file
<moz_> even with sudo
<moz_> ok i think i've managed to fix that
<moz_> im in kernel 2.6.27-11-server which i have installed
<moz_> which is meant to automatically provide support for wireless cards that use the RTL8781 drivers
<moz_> *RTL8187 i mean
<moz_> i've added the line 'rtl8187' to /etc/modules, and after restarting, when plugging in my usb wireless stick, i get a short high piitched noise instead of nothing as before, but im still not seeing it, i guess it should appear in 'ifconfig' as wlan0 but it doesnt, any idea why this is?
<moz_> the light on the wireless stick is not on
<moz_> please can someone assist me on this, really quite stuck, need to get my internet back working on my laptop
<moz_> im using the F5D7050 USB dongle i found this blog to help : http://linuxsoftwareblog.com/blog/?p=30
<twb> moz_: is this related to ubuntu *servers*?
<moz_> twb: yes because i got it working on ubuntu previously
<Stargazer> Is there a command available to check on battery level ?
<Stargazer> -on +the*
<twb> Stargazer: the raw data is in /sys/class/power_supply/
<twb> Stargazer: e.g. sh -c 'cd /sys/class/power_supply/BAT0 && echo \ $((100 * `cat charge_now` / `cat charge_full`))%'
<Stargazer> You remembered that, no, you _KNEW_ all that ?
<twb> Stargazer: all what?
<Stargazer> All that command.
<Stargazer> There an easier way to check ? like battery -%
<Stargazer> 'battery -%' *
<twb> Stargazer: well, just write that line into a file
<twb> Stargazer: but I imagine there are packages to do it for you
<Stargazer> Oh, about that.
<twb> Note that my line above assumes you only have one battery.
<Stargazer> Ubuntu Server didn't connect to my router when i was installing.
<p_quarles> Stargazer: acpi -t will give you battery info on many systems
<twb> p_quarles: thanks, that'd be one of those packages that I forgot the names of :-)
<Stargazer> ... how do i connect ubuntu server to my router ?
<p_quarles> Stargazer: with an ethernet cable? if it doesn't get an ip address automatically, you'll need to  start looking for error messages
<Stargazer> Where should i look for the errors, on startup ?
<p_quarles> run 'sudo dhclient'
<Stargazer> 'egrep: /etc/resolv.conf: No such file or directory;'
<Stargazer> For the most part that's all. ^
<p_quarles> interesting; what's the result of ls -l /etc/resolv.conf ?
<Stargazer> -rw-r--r-- root root 46 2009-03-17 21:39 /etc.resolv.conf
<p_quarles> well then it's lying
<Stargazer> Bug, maybe ? (8.10)
<twb> I blame NetworkManager
<twb> In my experience, it is the root cause of all network problems.
<twb> *ALL* of them!
 * twb smashes through a wall
<p_quarles> Stargazer: what it's telling you doesn't make sense; I've got no clue; best bet here is to idle until someone who does answers
<p_quarles> twb: +1
 * Stargazer will soon begin to rot.
<twb> Issues like "I installed a NIS client as normal on my new Ubuntu desktop and now my machine takes half an hour to boot."
<twb> Yes, that's right, kids, NetworkManager was trying to use NIS to find out who owned itself!
<Stargazer> Mind***~
<Stargazer> So, um, i use 'sudo su' and do 'dhclient' and that file(/etc/resolv.conf) now exists in it's all power sight.
<p_quarles> "sudo su" is something that works but isn't right; please use sudo -i
<p_quarles> because at least people QA that
<Stargazer> What does 'QA' mean ?
<p_quarles> quality assurance
<Stargazer> Ah.
<p_quarles> as far as I know, chaining sudo and su isn't supported by anyone
<hads> sudo -s would be the equivilent
<p_quarles> and sudo has its own options for opening shells
<p_quarles> hads: that too
<hads> sudo -i would be sudo su -
<hads> (just to be pedantic) :)
<moz_> how do i check if my wireless usb stick is installed?
<Kamping_Kaiser> if a usb port is full, its probably 'installed' :
<Kamping_Kaiser> :P
<p_quarles> hads: yes, you're absolutely right; I just prefer sudo -i / su - :)
<moz_> Kamping_Kaiser: what do you mean ?
<twb> sudo su is wrong; it should be 'sudo su -'
<p_quarles> moz_: iwconfig
<Stargazer> Either way, '/etc/resolv.conf' now exists. so, um, no "errors" as far as i can tell.
<hads> twb: We just had this discussion :)
<p_quarles> twb: the first preserves the user environment; the second (better imo) switches to root's environment
<moz_> oh i've got a wlan0, i guess that means installed
<twb> Right.
<twb> Otherwise root shits all over your e.g. .aptitude/config
<hads> See above, sudo -(i|s)
<Kamping_Kaiser> twb, more important - it mods your .vimrc! :O
<twb> Kamping_Kaiser: I wouldn't know about that.
<twb> I use vi.
<Stargazer> Ubuntu has evolved to the point where it adapts to it's pleasing.
<twb> vim is for little girls who never learnt ed
 * Kamping_Kaiser shuns twb 
<hads> Is sudo su for people that didn't learn sudo?
<twb> hads: chiark-really is that :PO
<JanC> twb: so why don't you use ed instead of vi then  :P
<hads> heh
<p_quarles> hads: insofar as using both at the same time is redundant, yes
<genii> Gah. editor warz
<twb> JanC: actually I mostly use cat and sed --in-place.
<Stargazer> New topic/question: how do i enable the rest of the repos ?
<twb> Stargazer: carefully
<hads> Stargazer: /etc/apt/sources.list
<moz_> how do u actually try connecting to a wireless network with a terminal
<moz_> only ever done it with network manager
<storrgie> i am running a verlihub server on ubuntu, how can I add it to my hosts.allow
<moz_> sudo iwconfig eth1 essid "tp1"
<moz_> i tried this
<moz_> but it just returned straight away there was no wireless activity noise
<moz_> what am i doing wrong?
<moz_> ok i got it, sort of
<moz_> i set the essid and then the key
<moz_> then connected using sudo dhclient wlan0
<moz_> but i got some messages saying egrep /etc/resolv.conf: no such file or directory
<TimReichhart> could anybody help me with a issue with nagios3
<moz_> chown: failed to get attributes of '/etc/resolv.conf' : no such file or directory
<moz_> chmod: failed to get attributes of '/etc/resolv.conf' : no such file or directory
<infinity> moz_: You really wanted to be setting this up in /etc/network/interfaces (man 5 interfaces) and using ifup/ifdown to manage the interface.
<infinity> moz_: dhclient run raw will not often behave quite as you expect.
<moz_> i can ping my router
<moz_> but not any internet address
<moz_> so thats something
<infinity> moz_: Define "internet address".
<moz_> ping google.com
<moz_> was unknown host
<infinity> moz_: If you mean hostnames, rather than IP addresses, that would be because you have no resolv.conf. :P
<moz_> infinity: why is that? what does the file do
<TimReichhart> does anybody know nagios3?
<infinity> moz_: dhclient needs to write your nameserver addresses to resolv.conf.
<infinity> moz_: No nameservers, no DNS resolution, no google.com
<moz_> but it cant access that file, do I need to create it? im not sure how to fix it
<infinity> moz_: Like I said, you would have been much better off doing this with higher level interfaces (ifupdown) rather than manually. :/
<infinity> moz_: But, at a guess, "sudo touch /etc/resolv.conf && sudo dhclient wlan0" would fix it up.  Ish.
 * infinity goes to find some dinner or something.
<moz_> infinity: i will try thanks
<TimReichhart> ok i guess no help then
<TimReichhart> anybody know how to reconfigure a package inside of ubuntu 8.10 server?
<infinity> TimReichhart: dpkg-reconfigure <package>
<TimReichhart> thanks infinity
<moz_> a question, im trying to update my installation, but its tell me i need to install the kernel linux-image-2.6.27-7-server when i just installed linux-image-2.6.27-11-server as this is the first kernel with a driver that works with my USB stick, should I allow the update?
<moz_> i thought 2.6.27-11-server was stable now
<oh_noes> why isnt ubuntu server spitting out anything on /dev/random?
<oh_noes> Im trying to generate a gpg but its not generating it, it wants random but cat /etc/random isnt giving me anything
<oh_noes> is there an AMD64 version of Ubuntu JeOS hardy 8.04?
<giovani3> oh_noes: not afaik, it says right on the JeOS page, x86
<giovani3> and I don't know why /dev/random isn't working for you -- it should
<oh_noes> it's working .. it's just not outputting a lot of info.  So random apps, take a long time to get a bugger
<oh_noes> buffer*
<giovani3> right, try /dev/urandom instead
<giovani3> less entropy
<oh_noes> can't ... it's gpg reading /dev/random, not me.  Anywho, it finished it just took longer
<mennis> Anyone here familiar with Coraid AoE based SANs?
<yoophglup> hello, i need help with remote desktop connections is this a good place for help
<yoophglup> i am using ubuntu and vinagre
<hads> yoophglup: Try #ubuntu
<sLaeYa> !paste
<ubottu> pastebin is a service to post multiple-lined texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu.com (make sure you give us the URL for your paste - see also the channel topic)
<sLaeYa> hi I have just installed a fresh copy of ubuntu 8.10 - which worked seemlessly and then ISPconfig
<sLaeYa> I am now having problems when the server starts with bind9 and pop3 failing - Error log for bind http://paste.ubuntu.com/132863/
<sLaeYa> help or suggestions would be greatly appreciated
<sLaeYa> hey is anyone in here who can help with bind9 please
<uvirtbot> New bug: #344678 in samba (main) "samba password create error after user has been deleted" [Undecided,New] https://launchpad.net/bugs/344678
<kraut> moin
<uvirtbot> New bug: #343740 in samba (main) "Update from 8.04.1 to 8.10 failed" [Undecided,Incomplete] https://launchpad.net/bugs/343740
<dman> hey guys, for some reason when i hotplug my sata drive it keeps getting an incremented /dev/sd* entry
<dman> any idea why?
<lex> hola
<sLaeYa> evening all
<sLaeYa> !paste
<ubottu> pastebin is a service to post multiple-lined texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu.com (make sure you give us the URL for your paste - see also the channel topic)
<sLaeYa> I'm currently having issues with authing on my mailserver - via webmail and also external mail clients ie. outlook, here is a snippet from the log file http://paste.ubuntu.com/133003/
<soren> sLaeYa: Yes?
<soren> sLaeYa: Have you cecked your MYSQL_{SERVER,SOCKET} settings?
<heath|work> hello... what is the command to refresh /dev/disk/by-uuid ?
<[1]sLaeYa> hi soren, sorry my internet is playing up
<[1]sLaeYa> I haven't checked the MYSQL_{SERVER,SOCKET} settings as I am not sure how to do this
<soren> [1]sLaeYa: It says how right there in your error message?
<[1]sLaeYa> oh, i thought you were referring to mysql config
<[1]sLaeYa> i have absolutely nothing in /etc/courier/authmysqlrc does this mean I have setup my mysql wrong ?
<[1]sLaeYa> however I have a file authmysqlrc~
<soren> it's kind of hard to tell with the amount of information you've given.
<soren> What have you done to teach courier to talk to your mysql server.
<soren> =
<soren> ?
<[1]sLaeYa> I followed a readme to install an Ubuntu 8.10 server with ISPconfig
<heath|work> Can you have 2 disks with the same label mounted?
<heath|work> [1]sLaeYa, we run ISPconfig here on ubuntu... what issue are you having?
<Ethos> hi guys, whats the easiest way to regenerate grub
<Ethos> i've copied over a server to a new hdd and it won't boot
<Ethos> I assume it's just grub that's messing up as it says "non-system disk"
<[1]sLaeYa> I am unable to authenticate with webmail or using pop3 I am getting this error in the log http://paste.ubuntu.com/133003/
<heath|work> are you able to log in to the admin side of ISPconfig?
<sLaeYa> I also have the worst wireless internet connection at home, but thats another story
<sLaeYa> ***the last thing I saw before I dropped was*** my post about pastebin
<sLaeYa> I mean - my post with a pastebin link
<heath|work> sLaeYa, can you connect via the admin portion of ISPconfig?
<sLaeYa> yes
<heath|work> everything is working in there then, user and sites are add
<ScottK> Ethos: Did you create and copy over the /boot partition?
<sLaeYa> everything is working, I can add users I have added a site
<sLaeYa> and email accounts, and ftp users
<sLaeYa> FTP works - email doesn't
<Ethos> It was supposed to, but i've got a feeling it didn't
<Ethos> I used "ping" and selected all 3 partitions
<heath|work> in the services in the admin... is email running?
<sLaeYa> yes - all services are running
<sLaeYa> webserver, ftpserver, smtpserver, pop3server, bindserver and mysqlserver all show as running
<heath|work> sLaeYa, try to telnet to 110 and make sure it is answering.  telnet server 110
<sLaeYa> yes its working
<sLaeYa> +Ok Hello there.
<heath|work> The only other thing I can think of is you forgot to put a check by Mailuser login of the site
<ivoks> ispconfig?
<heath|work> yeah
<heath|work> sLaeYa, is having issues logging in to get mail
<heath|work> pop or web
<sLaeYa> both
<sLaeYa> i have ticked the mailuser box
<heath|work> does anyone know the command to refresh /dev/disk after adding a new partition?
<ball> Is software RAID tricky to set up on Ubuntu Server?
<heath|work> ball, no
<heath|work> I use mdadm
<sLaeYa> im ready to format the silly thing, only ive done this 3 times and it hasnt helped
<ball> heath|work: thanks
<heath|work> np... there are plenty of good tutorials on the net
<heath|work> sLaeYa, I believe everything is setup right.
<sLaeYa> I thought it was but I'm still getting the authentication error
<heath|work> how are you trying to log into webmail... using user@domain.com ?
<sLaeYa> Mar 18 20:49:56 server1 authdaemond: authmysql: MYSQL_SERVER nor MYSQL_SOCKET set in/etc/courier/authmysqlrc.
<sLaeYa> I have tried user@domain.com web1_user web1_user@domain.com
<Ethos> sounds like you simply haven't set it up right
<Ethos> have you tried following the guides?
<heath|work> sLaeYa, http://www.howtoforge.com/forums/showthread.php?p=172319
<soren> heath|work: udevadm trigger
<heath|work> soren, nice... that will not change anything in use?
<bromic94> hey how do i know if apache is starting as root
<soren> heath|work: It probably will.
<soren> heath|work: Proceed with caution :)
<heath|work> hmmm.... I used a cmd once and of-course didn't write it down that worked perfect, but I can't find it
<soren> heath|work: Could have been udevadm trigger (or just udevtrigger, depending on the age of the system).
<heath|work> soren, thanks... I will read through the man pages to see how bad off I cam... I have a production server that I created a new part for, but need to get the UUID in /dev/disk
<sLaeYa> heath that confused me more than anything :(
<heath|work> lol... sorry, it just looked like your issue
<soren> heath|work: Oh, you could just try "partprobe /dev/sd?"
<heath|work> soren, THAT's IT
<heath|work> damn... I have been torturing myself all morning!!
<heath|work> thanks
<sLaeYa> it looked similar but it was written by someone who didn't have a good grasp of english, english isn't my first language so I don't understand it properly
<soren> heath|work: I thought you had just changed the contents of existing partitions. In that case, you /do/ need to udevadm trigger to pick up the new uuid.
<soren> heath|work: From Jaunty and onwards, though, you wouldn't need to do anything. Both things would automatically be dealt with by udev.
<heath|work> I even typed part... lol
<bromic94> what are the big changes in 9.04 server?
<heath|work> soren, cool, this server is going to be here till 2013 though
<heath|work> LTS
<soren> heath|work: "both things" being "adding a partition and putting a filesystem on it" and "re-mkfs'ing an existing partition and have the new uuid symlink pop up"
<ball> I'm debating whether to try Ubuntu Server on this machine
<soren> bromic94: I don't have a list handy, I'm afraid. I think there's something on the wiki, but I'm not sure. I know the few things, I've been working on myself, and some of the stuff others have been working on, but I don't have an exhaustive list.
<bromic94> soren: what have you been working on
<bromic94> i just meant what you guys are aware of
<soren> bromic94: I've been working on lots of virtualisation and cloud computing stuff.
<bromic94> nice
<soren> bromic94: And probably some other stuff I've forgotten about.
<soren> I keep myself busy :)
<bromic94> when i set up phpmyadmin i get invoke-rc.d: unknown initscript, /etc/init.d/apache-ssl not found
<bromic94> it can not find the directory apache-ssl bc its not there
<bromic94> but i followed these instructions to setup ssl http://www.tc.umn.edu/~brams006/selfsign_ubuntu.html
<bromic94> i want it to be only apache-ssl and not apache2-ssl and apache2
<soren> bromic94: You really don't :)
<soren> bromic94: apache-ssl is *ancient*
<bromic94> oh ok
<bromic94> i want to go this: https://serverdomain.com/phpmadmin goes to phpmyadmin only not http
<soren> I think the Roman Empire's web page was hosted on it. Seriously, tt's not what you want.
<Ethos> lol
<AnRkey> how can i stop the debian-installer from checking security.ubuntu.com repo during preseeded installs?
<bromic94> ok
<bromic94> i want a secure connection to phpmyadmin through https and not http
<soren> AnRkey: Put "d-i apt-setup/security_host string" in your preseed.
<soren> bromic94: Set up phpmyadmin as you normally would and move the "Alias /phpmyadmin" definition into your SSL VirtualHost.
<bromic94> oh ok...so in the VH for http take out the alias
<bromic94> the alias for https is alraedy in there i just nwat to remove the one for htpt
<sLaeYa> how would I do a clean install of the sasl ?
<AnRkey> soren, thanks trying it now
<bromic94> that alias would be in the file /etc/apache2/sites-avaiable/default?
<AnRkey> soren, thanks that fixed my problem
<soren> AnRkey: cool
<AnRkey> shweet, it's flying past that part now, much faster
<AnRkey> w000t
<bromic94> anyone?
<bromic94> i think it is under there but did not find it
<orudie> ivoks, hi
<bromic94> when you install phpmyadnmin it goes for https and http i wnat to remove access via http how can i do that
<bromic94> i know i haev to go and remove the alias but where is the alias listed
<AnRkey> bromic94, i know a little about apache configs (very little) taking a look at mine for u quick
<AnRkey> brb
<AnRkey> bromic94, have you setup https for apache yet?
<AnRkey> if you want to force https you can do it with a .htaccess file and leave http on
<AnRkey> that way if someone uses http it auto switches to https
<AnRkey> bromic94, http://plesk.hostza.co.za
<AnRkey> example of it working there
<uvirtbot> New bug: #344816 in mysql-dfsg-5.0 (main) "mysql-server-5.0: Leaves password in debconf database" [Undecided,New] https://launchpad.net/bugs/344816
<genii> Hm. Another reason not to use mysql
<bromic94_> who sent me the stuff for gruffi.hostza.co.za?
<bromic94_> and yes i have https set up for apache
<bromic94_> already
<moz_> is there a quick guide to setting up phpmyadmin on ubuntu server?
<Ethos> sudo apt-get install phpmyadmin
<Ethos> To set up under Apache all you need to do is include the following line in /etc/apache2/apache2.conf.
<Ethos> Include /etc/phpmyadmin/apache.conf
<bromic94_> Ethos: want to set it up only for https
<bromic94_> not http
<Ethos> No idea
<Ethos> I just read "[14:16] < moz_> is there a quick guide to setting up phpmyadmin on ubuntu server?
<Ethos> "
<Ethos> Which says nothing about https :D
<moz_> http
<moz_> thanks
<bromic94_> Ethos: oh ok
<bromic94_> sorry
<Ethos> :)
<moz_> will give it a whirl
<bromic94> finally lol
<bromic94> whats a good web admin gui for server
<bromic94> like webmin, cpanel, etc
<henkjan> bromic94: openpanel
<henkjan> bromic94: depends on your needs
<bromic94> the sources.list is where again?
<henkjan> /etc/apt
<bromic94> ok thanks
<bromic94> memory lapse lol
<bromic94> henkjan: going to try it out
<bromic94> is that the only open source one?
<genii> bromic94: There is ispconfig and ebox
<bromic94> i hate ebox
<bromic94> i have not dealt with ispconfig
<bromic94> could you send me a screen shot of openpanel id ont see where uc an see ss on their site
<genii> bromic94: ispconfig is good but as far as I know no deb package right now, so manual install
<dexem> bromic94, why you don't like ebox?
<bromic94> i just done
<bromic94> *dont
<bromic94> for what i need to use it for like stuff that is precompiled
<bromic94> ebox u have to add stuff
<henkjan> bromic94: http://documentation.openpanel.com/index.php/End_users
<orudie> i need help please i followed this tutorial https://help.ubuntu.com/8.10/serverguide/C/mail-filtering.html now no mail is going in or out
<bromic94> dexem: u use ebox?
<bromic94> henkjan and dexem and genii ebox the people would need to use it dont have time to manually install it even though it is not that hard
<orudie> please someone help
<giovani3> orudie: did you do the "testing" section with telnet?
<dexem> bromic94, well, somehow yes...
<dexem> bromic94, what things do you usually need to add manually?
<orudie> giovani3, yes i have
<orudie> i just want to undo it
<giovani3> orudie: and what happened?
<giovani3> then undo it ... all the steps you did are right there
<jurism> Hi! Can You help me with file permissions? I have virtualmin (webmin) I have 2 partitions one /root, other /home (where all WEB content are located). I replaces system disk (/root) and now I have permission problems. Can You give me pelase some suggestions? Thank You!
<orudie> giovani3, i have, but nothing is going in or out
<orudie> giovani3, i am trying to undo it for now
<giovani3> then you didn't undo all of your steps :)
<orudie> well by stopping daemos
<orudie> can you please help me with this
<orudie> sudo postconf -e 'content_filter = smtp-amavis:[127.0.0.1]:10024'
<orudie> that right there i dont know how to undo
<orudie> giovani3, dude please
<giovani3> orudie: you have to calm down ... this is free support, I'm working
<orudie> giovani3, ok... not sure how to undo this line sudo postconf -e 'content_filter = smtp-amavis:[127.0.0.1]:10024'
<giovani3> orudie: it's in your /etc/postfix/main.cf
<giovani3> I believe
<orudie> ok i removed that line now able to receive messages, but not send out
<giovani3> once again ... you simply have to undo what you've done -- I have no clue what you've done
<orudie> ok i have undone everything and it seem to work like before
<orudie> i'll work on this at night to make sure there is no email downtime
<moz_> i cant see to upload a file on my ftp client, to my ftp server that is running ubuntu server
<moz_> i have enabled write access in the config files, and my 'www' directly is set to 777 chmod
<moz_> im using vsftpd
<moz_> and smart ftp from a windows machine as client
<moz_> are there any common mistakes i may have made
<moz_> oh it seems to have made it in now... little bit confusing
<uvirtbot> New bug: #328688 in bind9 (main) "[dapper] socket.c:1616: INSIST(!sock->pending_recv) failed [fixed 9.3.5-P2]" [Undecided,New] https://launchpad.net/bugs/328688
<orudie> is there a way to move files from one box to another using terminal ?
<billyk> orudie: rsync is probably easiest
<billyk> you could also use netcat and scp
<orudie> oh scp i remember using that a while ago
<billyk> orudie: if you need to copy to a windows box, smb might be easiest though since windows supports that natively
<billyk> but rsync is my fav <3
<orudie> nope not windows
<orudie> from ubuntu server to centos
<genii> You can install rsync on windows boxes with for instance cygwin
<billyk> genii: didnt know that.  cool :-)
<genii> billyk: np
<maswan> You can also install ubuntu on windows boxes with for instance the ubuntu-server cd ;)
<genii> maswan: Hehe :)
<billyk> haah i know that
<genii> billyk: MS also has some utilities called Services For Unix which includs stuff like nfs which can also be used for backups
<billyk> meh, I'm happy with rsync for backups
<billyk> oh, one question I had, I've always wondered which was fastest for copying data (least overhead)
<billyk> ftp, scp, smb, rsync, nfs
<genii> differential rsync for me
<{bosco}> anyone know of a good site (how to ) to make it so users on my server can only view there own home dir and nothing else so they cant {cd} outsite of it???
<heath|work> when is the release date for 9.04?
<heath|work> {bosco}, there was a put my users in jail thread on the forums...
<heath|work> here it is... http://ubuntuforums.org/showthread.php?t=696103
<{bosco}> thanks i will take a look
<heath|work> {bosco}, are they local users or remote?
<{bosco}> i only allow sftp and ssh access or will once the switch is done
<{bosco}> heathjwork
<{bosco}> heath|work:
<{bosco}> you there
<heath|work> {bosco}, can't you just change the other perm to 0 for all folders you don't want them to get inito
<{bosco}> idk lol
<{bosco}> i just want them not to be able to view anything else but there home dir how hard can that be lol
<{bosco}> heath|work:
<{bosco}> you there
<heath|work> it's not hard something like find / -maxdepth 1 -type d -exec chmod o-rwx '{}' \;
<heath|work> you can't cd on a dir that is not exec
<heath|work> test that first^^ I just shat it out
<jmarsden> heath|work: If your system is a web server that will break it, and so on and so forth... :)  I think the more interesting issue is exactly *why* {bosco}  feels that for users to be able to look at the contents of (say) /bin or /usr/bin is a problem and something he needs to prevent...??  What is in there that is so secret??  if there are a few directories on his machine that for some reason *are* secret but publica
<jmarsden> lly readable, then it makes sense to just protect those...
<heath|work> I agree
<mennis> Anyone here familiar with SAN gear from Coraid?
<uvirtbot> New bug: #344911 in mysql-dfsg-5.0 (main) "apparmor profile deny write to /tmp in Ubuntu 8.10" [Undecided,New] https://launchpad.net/bugs/344911
<orudie> i'm using a vps account to deploy ubuntu 8.10 server
<orudie> and it installs only the "basic core" , how would i get it to the standard ubuntu server , lets say if i would have installed it from a cd
<mathiaz> kirkland: likewise-open questions?
<kirkland> <kirkland> mathiaz: https://bugs.edge.launchpad.net/ubuntu/+source/likewise-open/+bug/323601
<kirkland> <bugbot> Launchpad bug 323601 in likewise-open "[FFe] Upgrade to likewise-open 5 for Jaunty" [Wishlist,Fix committed]
<kirkland> <kirkland> mathiaz: looks to me that likewise-open5 is a completely new package
<kirkland> <kirkland> mathiaz: that's going to need to co-reside with likewise-open
<uvirtbot> Launchpad bug 323601 in likewise-open "[FFe] Upgrade to likewise-open 5 for Jaunty" [Wishlist,Fix committed]
<kirkland> <kirkland> mathiaz: which is 4.1
<uvirtbot> Launchpad bug 323601 in likewise-open "[FFe] Upgrade to likewise-open 5 for Jaunty" [Wishlist,Fix committed] https://launchpad.net/bugs/323601
<mathiaz> kirkland: correct
<kirkland> mathiaz: and this new package is destined for universe, for jaunty, right?
<mathiaz> kirkland: yes
<kirkland> mathiaz: coolio, that's all i had ;-)
<kirkland> mathiaz: thanks.
<mathiaz> kirkland: np :)
<kpettit> I'm trying to use the GUI network-manager for VPN.  It works great, but if I try to add anything custom through the GUI like routes, etc it looses those changes once I leave the dialog box.  Any ideas what I can do to keep the custom information I put in?
<kpettit> it's using network-manager with the pptp module
<smetj> hello, I was a bit surprised with the lack of official support for xen in ubuntu server and choosing kvm instead.  I was wondering if kvm is actually already production ready, and why xen is denied in such a way?
<kpettit>  Ah I think I figured it out.  Have to hand edit  a script in /etc/ppp/ip-up.d
<kpettit> Anybody know how I can findoud the default route from the commandline?  I need to grab the default route in the script I'm going to write.  I want to avoid having to parse through the route -n info
<kpettit> smetj: I feel your pain.
<kpettit> I love xen, but for some reason it's a pain in the ass to setup and use.  I've had problems with xen on every distro I've tried.  kvm was ok, but i think it's still slow
<kpettit> My favorite vm solution so far is the free vmware-server 2.x
<kpettit> Gives you a web interface that you can add/edit/view vm's.  Just need to have firefox or ie
<racecar56> ie = fail
<kpettit> IE is my favorite thing in the world, but it's nice for my users.
<stefan_can> kpettit, but is xen faster than vmware ?
<kpettit> It's supposed to be, but I'd have to have it running first to find out
<racecar56> well, if anyone here had experience in helping me from before about my hp mediasmart ex475... i have news
<stefan_can> that is if you tried it , as I didn't have the  chance yet
<racecar56> im vmware-ing a vm of it now, and i can be able to see what to do now...
<kpettit> xen requires the newer processors with the VM extensions to work at all.  And I know if you have a linux xen server running linux it's faster than just about anything besides uml (user mode linux)
<kpettit> racecar56: Make sure first of all that you have one of the newer processors that can run xen
<racecar56> well... is amd live good enough?
<racecar56> thats what its got
<racecar56> with 512 mb ram
<jmarsden> kpettit: For the default route, you can either parse route -n output or parse /proc/net/route :)  But, since it *is* the default, does your script truly need it?
<racecar56> (heehee)
<kpettit> I think the process extension is vt or vtx
<kpettit> jmarsden: yes.  Becuase I need to have a proper if-down type of script.   So I want to have that info at the ready
<kpettit> racecar56: I don't think so.  If the processor is older than about 1-2 years probally not
<racecar56> ok... i was planning to use it as a web server anyway
<kpettit> racecar56: check this out http://wiki.xensource.com/xenwiki/HVM_Compatible_Processors
<kpettit> racecar56: you can still use vmware or VirtualBox.  VirtualBox I beleive is opensource, or was anyways.  Been awhile sense I've tried it
<racecar56> there is opensource and freeware versions of vbox... and my desktop pc (alongside my old laptop) can run that...
<kpettit> FYI don't use VMware or the like to run a gateway, or voip vm.  It's caused me alot of headache trying, there are some minute timing issues
<jmarsden> racecar56: Run    egrep '(vmx|svm)' --color=always /proc/cpuinfo     to check for the relevant CPU flags See https://help.ubuntu.com/community/KVM/Installation
<kpettit> jmarsden: nice.  I'm going to have to note that one
<racecar56> well i cant do that now its running in a vmware vm
<racecar56> which would mean it would say stuff about vmware's/my host pc's processor (intel core 2 quad 8D )
<jmarsden> racecar56: No, do that in a shell on running on the "real" OS, not one inside a VM :)
<racecar56> where 8D = :D with sunglasses
<racecar56> i cant see whats on my server o.o
<racecar56> i dont have a monitor port
<kpettit> racecar56: it's the real os (host) that needs to have the proper processor extensions
<kpettit> you can ssh to it
<racecar56> so i ssh it instead... but i yet have to find out will it work
<jmarsden> You can't ssh into the real OS on your server???
<racecar56> it dosent have internet/dosent even boot
<jmarsden> Ah... if you can't boot it, you can't run shell commands on it... OK.
<jmarsden> Then again, if you can't boot it, for sure you can't run VMs on it anyway :)
<racecar56> i plan to use it for backup/web hosting
<smetj> kpettit: any idea if you can have a kvm guest have direct access to a pci device?
<kpettit_> ughh, route messed me up
<smetj> kpettit: apparently with vt-d capabilities on the proc
<kpettit_> sorry?  I think I missed the first part of that with my connection dying
<smetj> oh I was wondering if it was possible with kvm to give guests direct access to pci devices
<smetj> in kvm
<smetj> apparently yes but you need vt-d on your proc
<kpettit_> ah.  I have no idea.  Haven't tried it.  I know you can with devices like usb/serial, etc.  Not sure how that would work with PCI type devices
<TimReichhart> can anybody help me configure nagios3?
<TimReichhart> can anybody help me configure nagios3?
<jmedina> TimReichhart: it is well documented in official howtos
<TimReichhart> where show me because noting on nagios3 dont line up
<TimReichhart> with what is installed onto my server
<Deevz> hey folks
<zoopster> TimReichhart: maybe this will help?  http://bit.ly/ujem
<zoopster> Deevz: if you are waiting for an ack...you might be waiting a while...just ask a question!
<Deevz> Haha
<Deevz> Well, I just downloaded ubuntu server, getting rdy to set up my very first web server
<Deevz> I was going for FreeBSD at first, but I found out about ubuntu server and I decided it would be more friendly for a newb like me
<zoopster> Good choice Deevz
<Deevz> ie, I have no unix-like os experience at all
<Daviey> Deevz: you should be fine :)
<Deevz> glad you guys tell me that
<Deevz> Do you think it is better than freebsd?
<RoAkSoAx> any KVM expert around?
<zoopster> with 183 ppl in the room, I'm sure there are a few, what's the question RoAkSoAx
<zoopster> Deevz: you are asking a biased crowd that question
<RoAkSoAx> i wanna know how can i create snapshots or anything like it
<Deevz> Lol zoop, I am very aware of that
<Deevz> Its tough to get unbiased opinions in that software world :)
<RoAkSoAx> anyone know how to create snapshots in KVM, or anything like it?
<jmedina> RoAkSoAx: I think there is no way in KVM, I usually do snapshots of guest in Xen using LVM snapshots
<jmedina> of cours guests are installed in LVMs
<RoAkSoAx> jmedina, well... it seems i'll have to just many backups
<RoAkSoAx> s/many/make
<jmedina> oif course if you were using LVM with KVM, you culd use lvm snapshots, and in my oppinion it is the better way in performance
<Deevz> Are most servers 64-bit or 32-bit?
<jmedina> All my guests are LVM under RAID1, backups done with snapshots and backed up in an external servers
<RoAkSoAx> jmedina, thanks for the advice... but suddenly i'm not using LVM
<stefan_can> Deevz, depends how good you are at configuring and maintaining
<Deevz> Why does it matter?
<stefan_can> Deevz, if you have more than 4gb of mem in your server than it will use  a 64 bit os
<Deevz> Of course
<Deevz> Its probably not required to run a small website and a database then
<jmedina> or you can use PAE withc sucks when you have 64bit hardware
<jmedina> sorry for the bad word :S
<Deevz> The ubuntu server installation is much more friendly than the freebsd one :)
<uvirtbot> New bug: #342578 in mysql-dfsg-5.0 (main) "mysqldump doesn't pick up /etc/mysql/my.cnf" [Low,Incomplete] https://launchpad.net/bugs/342578
<stefan_can> uvirtbot, you might want to check the mysql bugs page
<uvirtbot> stefan_can: Error: "you" is not a valid command.
<stefan_can> lol
<Deevz> Hmmm... I cant install ubuntu server in virtual box
<Deevz> The installer is stuck at "Detecting hardware"
<Deevz> Is there any special trick to install it?
<Deevz> Nevermind, it was a problem VirtualBox just froze...
<Deevz> Why cant there be a graphical interface to ubuntu server? :(
<jpds> Deevz: https://help.ubuntu.com/community/ServerGUI#Arguments%20Against%20a%20GUI are some points.
<Deevz> Is it easy to uninstall the desktop-environment once I am ready to get rid of it?
<Deevz> I just moved to linux, I like my GUI, but apparently at some point it will be best to get rid of it
<genii> Deevz: The graphical interface(s) to ubuntu server are usually in it's web based control panels you install for whatever specific things you run on it, etc
<Deevz> I see
<Deevz> Which control panel package do you suggest?
<genii> Deevz: The default one which is recommended now is ebox (used to be webmin was default but is now not included or supported in ubuntu)
<Deevz> ok, thx
<bosco_> i need to know if there is a better vps or deticated server other than linode.com that offers ubuntu ????
<bosco_> budget is 40 per month
<bosco_> i know i wont find a deticated for that price
#ubuntu-server 2009-03-19
<kees> say, anyone familiar with nscd?
<zul> bosco_: ec2
<genii> Bah. Does anyone know what encryption is used by pine/alpine when -passfile option is used?
<jmarsden> It's something feeble and reversible... considered dangerous except on single user machines... don't use it :)
<jmarsden> genii: Look at pine/imap.c for the function xlate_out to see what they do to "decrypt" a password from that file.
<genii> jmarsden: Was hoping I wouldn't have to poke around in it's source code just yet but it looks like this might be neccesary, unfortunately...
<jmarsden> Yes, it's a homebrew "encryption", so if you really need to undo it, you'll want to read that code.
<genii> jmarsden: Thanks
<{bosco}> www.serverpronto.com what is wrong with them
 * genii wades through reams of macos_store_pass references
<{bosco}> @lart {bosco}
<{bosco}> @lert {bosco}
<{bosco}> www.serverpronto.com what is wrong with them
<{bosco}> srry did not mean to push enter twice
<bromic94> having issues with openpanel any other programs like that, that you recommend guys?
<jmarsden> {bosco}: what does serverpronto have to do with Ubuntu server?  I'd guess they are a low cost hosting place with the usual low prices and low support?
<jmarsden> bromic94: The official recommended control panel for Ubuntu Server is ebox
<{bosco}> jmarsden, becuase you can run ubuntu on there deticated servers and i was thinking about going with them since i can run ubuntu
<jmarsden> You can run it pretty much anywhere... the question is how good is their support when things break, and how good they are at preventing things from breaking in the first place...
<twb> ...which are not really questions for #ubuntu-server, I think.
<jmarsden> Which was my original point :)
<twb> jmarsden: my boss had a look at ebox and he said it was just as flaky and horrible as all the other web admin tools
<jmarsden> So he's now writing a better one, right? :)
<twb> jmarsden: I'd rather just give my customers (who are not very technical) a VNC connection and run gnome-system-tools.
<twb> (I'd tunnel X, but they are often using Windows desktops with an Ubuntu server.)
<bromic94> thank jmarsden i will try out ebox
<bromic94> not a huge fan but oh well
<bromic94> i can try it again
<bromic94> u have to add the modules in right?
<twb> jmarsden: do you have an opinion on that approach?  (I haven't actually tried it yet, currently we are still using webmin with CentOS)
<jmarsden> A tweaked webmin is what I am used to doing too...
<twb> webmin needs to die, no question about that.
<bromic94> what u use now
<bromic94> lol twb
<twb> Run lintian on the third-party webmin debs, and you'll see what I mean
<bromic94> jmarsden: what do you use now webmin or ebox
<bromic94> you ahev to install different modules though in ebox right?
<jmarsden> webmin.  But it is officially a bad idea to use webmin on Ubuntu these days...
<bromic94> why
<jmarsden> The way it manages some config files is incompatible with Ubuntu packaging and updates, I think is the official reason... basically you can't use it and not know exactly what it is doing... so it doesn't really work as an "easy" way to admin a box for newcomers.  You can get yourself into trouble with it.
<bromic94> ebox u have to add different modules right/
<jmarsden> Have to?  I think it depends what you want it to do.  Try it :)
<racecar56> i emulated my server in vmware and installed ubuntu 8.10 server on the 'virtual machine' in vmware where the harddisk was the physical server's main hard drive.. it is a hp mediasmart ex475 and i really want to get web hosting and backup working on it...
<racecar56> it dosent seem to have internet
<bromic94> i removed stuff from openpanel and i think it just scrwed my sever
<bromic94> luckily its a VM
<bromic94> racecar56: so your server has no internet?>
<racecar56> bromic94 it seems not
<bromic94> hmm
<bromic94> what do you get when you get ifconfig
<bromic94> *when u run ifconfig
<racecar56> its a headless erver >_>
<racecar56> *server
<racecar56> with no video card
<bromic94> ?
<bromic94> oh ok
<bromic94> why no video card
<bromic94> can you ssh into it?
<racecar56> well if it has no internet... no
<bromic94> jmarsden: i guess it killed my ssl as well
<bromic94> if you are on the same network it might be able to get on
<jmarsden> racecar56: How did you get vmware onto it with no screen and keyboard and no network connection? Serial console connection??
<bromic94> when you say internet i think u have access to ur intranet but not internet
<racecar56> jmarsden helooooooooooo its on my desktop pc
<twb> vmware's not part of ubuntu, so you shouldn't expect it to work
<racecar56>  you dont understand
<jmarsden> Then you don't really have a headless server... and your issue is with vmware.
<racecar56> you have 0% idea of what i mean
<twb> racecar56: plonk.
<racecar56> i said i mounted my vm's hard drive to the REAL one...
<racecar56> it is _NOT_ vmware's fault, when i run the _REAL_ server on the previously-vmware'd hard disk it dosen't have internet
<racecar56> twb see my message
<bromic94> the network adapater sounds like its not set up correct in vmware
<bromic94> i hate vmware
<bromic94> really raelly do
<bromic94> i use virutal box
<bromic94> its better
<racecar56> its NOT running in vmware
<bromic94> in my opiion
<racecar56> i like vbox too but it cant mount real ard disks
<racecar56> *hard
<racecar56> and i even use vbox
<bromic94> why cant it?
<twb> kvm is the officially santctioned virtualization technology for Ubuntu.
<bromic94> never heard of KVM
<bromic94> will have to check it out
<racecar56> i have and it sucks... it only interferes
<Stargazer> Is there a way to open PDF file in the CLI ?
<bromic94> was that to me or twb ?
<twb> kvm is also the only virtualization technology included in the default Linux kernel.
<racecar56> well anyway how the heck do i get the stupid internet working
<jmarsden> bromic94: https://help.ubuntu.com/community/KVM
<twb> Stargazer: yes: pdftotext, or by rasterizing each page and displaying it using a framebuffer image viewer.
<Stargazer> I like the sound of pdftotext.
<racecar56> it works when i run the server in vmware but if i put the server's hd into the server it seems like it boots but dosent have internet
<twb> Stargazer: it is lossy in most circumstances.
<Stargazer> But i just realized there are no tabs in CLI mode.
<bromic94> jmarsden: you run kvm in linux
<racecar56> you see: i want to be able to ssh the server and that's all
<bromic94> ok
<jmarsden> bromic94: I use Virtualbox because my CPU isn't beefy enough for KVM, on my desktop here...
<Stargazer> Twb: do you know if pdftotext keep italics ?
<bromic94> i think i am going to put ubuntu desktop 8.04 on my other laptop any words of wisdom or any drivers i may not be able to get it is like 2-3 years old'
<bromic94> *2-4yrs old
<twb> Stargazer: it does not; it emits a plain text file.
<twb> jmarsden: where "beefy" means "has VT extensions"?
<racecar56> oh and did i forget to mention i had to go through a bunch of crazyness before too
<racecar56> i really would like the server for backup/web hosting
 * Stargazer curses
<jmarsden> twb: Yes.  I have an E5200 here, an E8400 would have meant an exra $100 or so, a significant percentage of the total system cost :)
<twb> jmarsden: bummer.
<Stargazer> Is there any way to get tabs or seperate instances(that can be switched to) in CLI mode ?
<jmarsden> Stargazer: try using screen
<Stargazer> What ?
<twb> Stargazer: GNU Screen provides multiplexing facilities, including an optional "taskbar" of open windows.
<Stargazer> And the package is called..?
<jmarsden> Stargazer: the package called screen.  As in   sudo apt-get install screen    # and then man screen
<twb> Stargazer: "screen"
<twb> Stargazer: see also /join #screen
<racecar56> soo... what should i try doing? i have an ip scanner and i scanned for hosts between ip 192.168.1.0 to 192.168.1.100 and then i did 192.168.1.100 to 192.168.1.150 and it returns nothing but some other networked computers......
<JanC> and 'screen-profiles' for extra fun  ;)
<twb> JanC: that's a package?  Yeesh.
<racecar56> it dosent exist for me
<JanC> it's in jaunty
<racecar56> doh
<racecar56> im on intrepid
 * twb is afraid.  Very afraid.
<racecar56> both on my server and desktop
<racecar56> and even my (old) laptop
<twb> JanC: if stuff like screeen is easy to learn, how will I justify the extra zero on my "senior admin" paycheck?
<JanC> twb: you write your own custom -profiles including an ASCII-art company logo?
 * racecar56 waits
<jmarsden> racecar56: Plug a screen and keyboard into the physical server hardware machine and troubleshoot its networking that way.
<racecar56> jmarsden "it has no video card"
<racecar56> as i said before
<jmarsden> OK, use a serial cable and set it up for serial console and then troubleshoot its networking from that.
<racecar56> whaat?
<genii> jmarsden: There's always PLIP...
<jmarsden> racecar56: https://help.ubuntu.com/community/SerialConsoleHowto
<twb> JanC: it looks to me that all that provides is some wanky colours in the hardstatus line
<hads> It's not.
<hads> It's detailed in blog posts, you can find out what it does if you desire.
<twb> hads: well, I was looking at the source package.
<twb> hads: reading blogs is too complicated
<JanC> twb: plus a menu, plus some scripts for statuses ("new updates" & "you should reboot")
<twb> JanC: ah, using backticks?
<racecar56> it sayd it assumes that i have enabled the serial console in your BIOS... server's? if so then scratch that
<jmarsden> racecar56: Let me guess... your server has no serial port either??
<JanC> twb: I didn't look at it in detail, it's mostly kirkland's project AFAIK
<racecar56> jmarsden probably not... what does it look like?
<jmarsden> Serial port.  DB9 connector.  Serial, like RS232 serial... wow... I must be getting old...
<twb> JanC: I started approaching the problem (discoverability in screen) from the approach of writing a "Screen Hacks" textbook, but I only managed a couple of chapters before I got distracted.
<kirkland> JanC: what's up?
<racecar56> i know it has this: usb ports (many), a lock thingy, ethernet adapter, esata, power (durrrrr........) and thats it
<JanC> kirkland: twb asked how the status symbols in the ubuntu screen-profile work
<jmarsden> racecar56: So this is new-ish hardware.. but has no video card and no way to add one??  What sort of "server" is this beast??
<kirkland> JanC: ah, thanks for the plug
<racecar56> jmarsden it's a hp mediasmart ex475 and i got it from last december... it came with winblows 2008 but i wiped it
<kirkland> I think there's a bit more there than "wanky colors in the hardstatus line"
<racecar56> jmasrden some people say there is a possibility of a video card, but it's *H*A*R*D* to do
<racecar56> (for me)
<hads> kirkland: Indeed
<bromic94> yea my server is not foobared
<Stargazer> So, um, how do i take a screenshot in CLI mode ?
<Stargazer> And save it to a SD Card ?
<jmarsden> racecar56: Sounds like you are in the realm of playing with a NAS box that isn't really designed for Linux/*nix use... until you have some way ot getting console access you're giong to find it hard to get anything at all working on it.  If there is a modding community working with that hardware, check their web site/wiki/whatever for how far they have got, I suppose.
<jmarsden> Stargazer: you can use script to save everything in a session to a file, and then you could just copy that file to an SD card or whereever else you need it?
<Stargazer> No picture ?
<racecar56> jmarsden there is a website called www.mediasmartserver.net but my account is hacked up (cant login, but i didnt get banned, nor does it say so)
<jmarsden> Picture?  in text mode??
<jmarsden> racecar56: Open a new account, or email the sysadmin.
<racecar56> doh....
<racecar56> jmarsden http://samuel.thollander.net/projects/linux-on-hp-ex470 is proof
<racecar56> jmarsden the model is a bit different but ex475 is just a bit better :>
<jmarsden> racecar56: Did you read his article?  He says he hasn't got networking working yet...!
<racecar56> jmarsden ahhhhhhhh...................
<racecar56> DOH!
<jmarsden> He added an external USb NIC instead of using the onboard one...
<racecar56> not good
<racecar56> i guess ill have to get a external network card O_o
<jmarsden> Well, external USB NICs are pretty cheap...
<racecar56> holy cow 3 dolars
<JanC> jmarsden: you can even play movies in text mode  ;)
<Deevz> What is the LDAP server?
<jmarsden> JanC: I'll pass on that wonderful opportunity :)
<Deevz> I am installing eBox and I am asked to enter a hostname
<Ubun00b> looking for some postfix help if someone has some time
<jmarsden> Deevz: installing ebox should be as easy as    sudo apt-get install ebox  # plus any ebox-* modules you want to use
<Ubun00b>  postfix[4993]: fatal: open /etc/postfix/main.cf: No such file or directory
<Deevz> hmmm... well this is what I get
<Deevz> http://www.jetScreenshot.com/demo/20090318-171-65kb.jpg
<JanC> Stargazer: when you are using 'screen' you can make a "hardcopy" of the text modus screen
<racecar56> aaaaaaa visa
<racecar56> *vista
<Stargazer> JanC: ho ?
<Deevz> any idea what that screen is?
<Stargazer> How*
<Big_Ham> my main.cf is there, but empty ... not sure how it became empty, but help filling in necessary values would be appreciated
<jmarsden> Deevz: You are configuring ldap-auth-config, not ebox...
<jmarsden> Big_Ham: Probably easiest to uninstall and reinstall postfix?
<racecar56> hey jmarsden i found a LUCKY one... ill get it
<racecar56> jmarsden a usb network card..
<Big_Ham> cant uninstall without uninstalling MYSQL
<Big_Ham> and Apache and MySQL work fine
<Deevz> And what is that, jmarsden?
<jmarsden> Big_Ham: Why not?
<Big_Ham> just what I read online
<jmarsden> Deevz: It is a package designed so you can authenticate users against an LDAP server...
<jmarsden> Big_Ham: Makes no sense to me... let me try it here (Ubuntu 8.10 Intrepid x64)...
<Big_Ham> ditto on Ubuntu version, but x86
<Big_Ham> FYI
<Big_Ham> thank God for the IRC ... by the by
<jmarsden> Big_Ham: Seems to work for me leaving mysql-server and mysql-client alone...
<Big_Ham> what command did you use?  apt-get remove?
<jmarsden> sudo apt-get remove postfix
<Stargazer> "God" ? thank the guys who sat on their butts for 24h/d for weeks on end creating person-to-person chatting and then someone else coming along and exploding it from person-to-person to an entire room.
<Big_Ham> spoken like a true programmer
<Big_Ham> successfully removed, and you appear to be right, jmarsden
<jmarsden> Good :)
<Big_Ham> reinstalling
<Big_Ham> when running newaliases, I get multiple warnings
<Big_Ham> but at least this time I get "relay access denied" from mail client
<Big_Ham> that's a better message
<jmarsden> Can you pastebin the warnings somewhere and provide us a link?
<Big_Ham> not familiar with pastebin ... but I can take a screeny and get it up
<jmarsden> Big_Ham: if you insist... but go to http://pastebin.ubuntu.com and cut and paste your text into there...
<Big_Ham> nice tip
<Big_Ham> it's up
<Big_Ham> under Big_Ham
<jmarsden> Give us the URL to it so we can find it, please?
<genii> You have to sort of let us know the url...
<Big_Ham> http://pastebin.ubuntu.com/133363/
<Big_Ham> sort of huh?
<Big_Ham> can you tell I'm new to pastebin/Ubuntu?
<Big_Ham> :)
<Big_Ham> <--- Windows admin turning Ubuntu Admin
<racecar56> someone had a pastebin 133337!
<Deevz> Thats nice big_ham
<jmarsden> OK, so basically there is a problem in your /etc/aliases file, so pastebin that and provide the URL for *that* one too.
<Big_Ham> :)
<Deevz> <--- Windows non-admin nub turning Ubuntu Admin
<Deevz> rofl
<racecar56> lol
<jmarsden> Deevz: Did you get past the unwanted ldap-auth stuff?
<Big_Ham> http://pastebin.ubuntu.com/133365/
<Deevz> To be honest, I wrote just anything
<Deevz> I guess it is the url I will enter in my browser to log in to the web console
<Deevz> but its just a wild guess
<jmarsden> Big_Ham: Woah, that's not an /etc/aliases file, that is a /etc/postfix/main.cf file!
<jmarsden> Did you accidentally mv your main.cf to /etc/aliases or something??
<Big_Ham> i don't know how I could have
<Big_Ham> to be honest
<Big_Ham> i just uninstalled and reinstalled to boot
<Big_Ham> if I delete aliases, will it recreate?
<Deevz> what is the command to shut down the computer?
<Deevz> ok nm me
<Deevz> its shutdown rofl
<Big_Ham> is this quiz for me, Deevz?
<jmarsden> Big_Ham: Replace it with the contents of http://pastebin.ubuntu.com/133366/
<genii> Deevz: telinit 0     works too
<jmarsden> Deevz: sudo shutdown -h now  # would be conventional on Ubuntu...
<Deevz> ok thx
<Deevz> hmmm
<Deevz> I typed man shutdown and I am stuck at the end of the page
<Deevz> cant enter a command
<jmarsden> Deevz: hit q for quit
<Big_Ham> ok, done jmarsden
<Deevz> oh thx
<Deevz> didnt know how that pager works
<jmarsden> Big_Ham: OK, now run sudo newaliases
<Big_Ham> seems to have run
<jmarsden> Deevz: When you have time try man less   and man more  for info on those two pagers
<Big_Ham> no error anyway
<jmarsden> Big_Ham:  Then you should be all set.
<Big_Ham> where can I find relay access settings?
<Deevz> thx j
<Big_Ham> and ... thanks for the help with that one jmarsden
<jmarsden> /etc/postfix/main.cf # but they are not really there in the default one...
<Deevz> jmarsden, which pager is on by default? "more" or "less"?
<Deevz> or are they rly the same pager
<Big_Ham> my main.cf is empty there
<genii> Deevz: They're not the same. less is better
<Big_Ham> interesting ...
<twb> less is more bloated
<jmarsden> Deevz: They are different... less is the one to learn and the one most commonly used these days.
<genii> twb: You can't go backwards in more
<twb> The "default" depends on what /etc/alternatives/pager links to, and to the logic in sensible-pager.
<twb> genii: I'm aware of that.
<JanC> there is also 'most' is you can't choose between more or less
<twb> JanC: and w3m
<Deevz> LOL
<Deevz> the ubuntu developers sure know the names
<twb> Deevz: these utilities existed for decades before Ubuntu existed.
<Deevz> I see
<jmarsden> Big_Ham: main.cf is empty??  That's... not what I would expect.  Look in /usr/share/postfix/main.cf.dist for a very complete and commented one.
<Deevz> how should I be able to access my ebox interface now?
<Deevz> I didnt specify an url to access it
<Deevz> and I cant just type the ip of the web server since its a virtual machine on virtualbox...
<jmarsden> http://your.ip.address/ebox  # I think?
<jmarsden> Why can't you type the IP of that virtual machine's network interface?
<Deevz> because I dont know it
<Deevz> let me check if I can find
<jmarsden> BTW if you are a beginner why are you using Virtualbox... ????
<Deevz> what else to use?
<jmarsden> Real hardware?
<Deevz> Well, I have my desktop
<jmarsden> Virtualization adds complexity.
<Deevz> Its powerful enough to run virtual machines
<Big_Ham> checking it out ... is any of this uncommented or do I need to go through the whole file?
<Deevz> and beside that, I have my eee pc...
<Deevz> I think virtualization is a good option, I have the power, the screen real estate to run it, and it doesnt require me to have 2 sets of hardware
<jmarsden> Deevz: Do you need the virtualization, the separation of roles, for something?
<Deevz> Not rly
<Deevz> My physical machine is the client and I have a virtual server on it
<Deevz> thats how it is atm
<jmarsden> So why not just run ebox on the main machine??
<jmarsden> Where is the benefit?
<Deevz> you mean install ubuntuserv on my desktop?
<jmarsden> if you really need Ubuntu Server... but why not just install ebox on your desktop, which runs Ubuntu Desktop...?
<Deevz> hahaha
<Deevz> because it doesnt
<Deevz> I come from windows
<jmarsden> Why not learn Ubuntu Desktop first (by running it on your desktop machine) and then learn about server admin things later, when you are comfortable with Ubuntu in general?
<jmarsden> If you already have VirtualBox-OSE all happy and working, and you fully unerstand its networking stuff, then fine, no real problem, I uppose...
<jmarsden> But if not, it is one more piece of complexity...
<Deevz> In apparence, virtualbox doesnt seem so complex...
<jmarsden> Then... how come you don't know what IP you assigned to the VM running Ubuntu? :)  Virtual machines *are* complex things...
<Deevz> hmmm
<Deevz> maybe I should pick up a vbox book then
<Deevz> nm, no such thing on amazon >.<
<jmarsden> If you had installed on a real space PC you would have typed in a static IP address and so forth at Ubuntu server install time, and you'd *know* what its IP was from that... now... I have no idea what you did...
<jmarsden> s/space/spare/
<jmarsden> Anyway, for now I'm going AFK to eat, probably back a little later...
<Deevz> ok
<Deevz> cya, thx for the help
<Stargazer> How do i mount my SD card ? (i thought it was being auto-mounted but the message stuck for several minutes so i ^C to close) any idea ?
<Stargazer> Ideas*
<Big_Ham> OK jmarsden, one more very specific postfix question ... I need to know how to create authentication by mail password only, and not by ipaddress, network, etc
<Andre_Gondim> how may i change de screen resolution in server?
<jmarsden> Big_Ham: Will the users with passwords be doing POP3 or IMAP to your server to pick up received email also?  Or will they have Unix shell accounts on it?
<jmarsden> Andre_Gondim: Ubuntu Server has no GUI, only a text console... so there is really no concept of "screen resolution" to change...
<twb> jmarsden: there is if you use a framebuffer.
<Big_Ham> jmarseden they will have shell accounts, and I have dovecot ... they will use POP3
<Big_Ham> also have squirrelmail installed
<jmarsden> OK, so you can use saslauthd to authenticate them to postfix.  I've not done that under Ubuntu but I'm pretty sure that's the way to go...
<Andre_Gondim> jmarsden: but I have a 17' monitor, how can i use with "full screen"
<Big_Ham> did you mean sslauthd?
<jmarsden> No, SASL is the protocol concerned... let me check how to get that in Ubuntu...
<Big_Ham> nevermind ...
<Big_Ham> http://ubuntuforums.org/showthread.php?t=26339
<Big_Ham> is that a good reference?
<Big_Ham> looks like I need postfix-tls first
<jmarsden> It's a bit old, and I think the chroot stuff is not the same in Intrepid, but otherwise yes.  postfix-tls is definitely the place to start.
<Big_Ham> thank god for webmin
<jmarsden> Andre_Gondim: I don't understand... the text console will occupy all of the screen no matter the size of your monitor.  Unless you are running Ubuntu Server virtualized or something??
<uvirtbot> New bug: #345219 in php5 (main) "8.04 server ppc - apache2 server fails after upgrade" [Undecided,New] https://launchpad.net/bugs/345219
<racecar56> jmarsden just bought the external nic...
<racecar56> :> hope it works now
<Big_Ham> jmarsden, are you on during the day at all?
<jmarsden> Not usually, but it has been known to happen... evenings (Pacific Time) are more usual.
<sbeattie> Andre_Gondim: if you want a higher resolution text display, you'll want to add something like "vga=0x31a" (1280x1024 16bit color) to the kernel line in your grub menu.lst. See http://en.wikipedia.org/wiki/VESA_BIOS_Extensions#Linux_video_mode_numbers for some commonly available resolutions.
<Big_Ham> ahhh
<Big_Ham> well, I'm in Tampa, so I'm picking up with this one tomorrow
<Big_Ham> thanks for the tips tonight
<jmarsden> No problem.  Goodnight.
<jmarsden> Stargazer: sudo mount -t vfat /dev/sda1 /media/floppy  # or whatever device name and directory you need rather than sda1 and floppy
<jmarsden> racecar56: See http://mediasmartserver.net/forums/viewtopic.php?t=1290 for a guy selling custom cables so you can hook up a keyboard, mouse and screen to your server :)
<racecar56> :DDDDD
<racecar56> jmarsden i saw that page too
<Mal3ko> is there way to login into server when you have accidently blocked ssh port with firewall?
<jmarsden> Mal3ko: Use the physical keyboard and screen on the server to log in?
<Mal3ko> aside from that?
<Mal3ko> cause its a remote server at datacenter
<jmarsden> Call the datacenter NOC and have them sort it out for you.
<jmarsden> If there *were* a way to get past your firewall, it wouldn't be a very good firewall :)
<Mal3ko> lol..
<Mal3ko> it was a stupid mistake..after i logged out only then i realized that i had enabled ufw without adding the ssh port to the allowed port first..
<jmarsden> Mal3ko: Yes, it's advisable to keep multiple ssh sessions open when changing firewall settings... this is something you only ever learn the hard way, it seems... it's just that I firewalled myself out about 15 years ago or so...
<hads> Multiple SSH sessions aren't going to do a lot if you block yourself
<jmarsden> hads: It depends what you do... if you reload the config and have "related" stuff allowed through existing sessions stay open.  Then you test by starting a new session, and if if fails you fix things using the earlier (still) open session.  I've done it several times.  Not with ufw, but with iptables and ipchains rulesets.
<twb> I want to correlate a datapoint.  Does anyone have a server doing software RAID1, which they installed via the Ubuntu Server CD?
<twb> I want to know what d-i places in /etc/mdadm/mdadm.conf.
<twb> Specifically, does it just have an ARRAY entry for each device, or does it use some smarter form of autodetection?
<twb> On a couple of machines I've created md RAID1 arrays after the base install (because I had to), and they are not automatically raised at boot time.
<RoAkSoAx> heya guys anyone expert with KVM that can help me with cloning issues?
<racecar56> well i gotta go... bye everyone
<okkare> is mod perl the same as perl
<hads> No
<okkare> do you know what packages i need to install for perl to run
<hads> perl
<okkare> i found some tutorials but they all say mod perl
<okkare> and for php5?
<hads> So, you're talking about a web server.
<okkare> yepp
<hads> It's best to specify things when asking questions.
<hads> apt-cache search libapache2-mod
<okkare> that's perl?
<okkare> i see
<okkare> sorry, is libapache2-mod-perl2 mod perl or perl then..
<p_quarles> it's the perl module library for Apache; "mod perl" is a shorthand way of saying that
<Fishscene> Hello everyone
<Fishscene> I just installed Ubuntu 8.10 server (x64) and I'm getting EDAC MC0 errors about once every second. This makes it nearly impossible to type in complex commands. Is there a way to disable these notifications?
<simplexio> Fishscene: probably. maybe /etc/syslog.conf could help with that
<Fishscene> I'll attempt to look at it.
<Fishscene> Uneditable. The errors display over the syslog.conf editor (nano).
<simplexio> how about rmmod edacsomething
<Fishscene> Actually, I found those errors don't display if I SSH into the server.
<jtaji> Fishscene: do they display in every virtual console?
<Fishscene> jtaji, on the server console, yes. But not in an SSH remote session.
<jtaji> Fishscene: I mean have you tried switching to other consoles, ALT+1 through 6
<jtaji> sorry if this is obvious to you already ;)
<Fishscene> ok so, in editing syslog.conf, the only thing I can make heads or tails of that seems related is the section: "# Logging for INN news system"
<Fishscene> No, not a problem
<Fishscene> I'd rather explain this 4x than put up with the constant stream of error messages =(
<Fishscene> oh, sorry, jtaji, yes, all alt+1-6 consoles get these error messages.
<jtaji> Fishscene: so it seems like EDAC errors are in relation to memory error correction
<Fishscene> correct.
<Fishscene> I have ECC RAM on this machine.
<jtaji> could you perhaps have non-ECC memory while ECC is selected in the BIOS ?
<jtaji> oh ok
<jtaji> Fishscene: bad module perhaps?
 * Fishscene wonders if this is related to ESXi auto-kernel crashing upon boot on the same server.
<Fishscene> It's possible a module went bad. Although I didn't suspect a thing because Ubuntu Dekstop x64 worked just fine. But ESXi suddenly and mysteriously crashing was a complete mystery to me.
<jtaji> that's odd
<Fishscene> You're telling me
<jtaji> how much memory total do you have?
<Fishscene> 4GB
<jtaji> by x64 do you mean x86, or x86-64?
<Fishscene> 64-bit version
<Fishscene> Interesting. memtest86 reports ECC off
<Fishscene> ok, I found an example output of the error I'm seeing
<Fishscene> EDAC MC0: UE page 0x1fffa, offset 0x0, grain 4096, row 0, labels ":": i82875p UE
<Fishscene> I was wondering if "row" refered to the slot that the RAM stick sits in that's having issues. My row says "3"
<jtaji> Fishscene: perhaps, I guess you have 4 modules?
<Fishscene> Yup
<jtaji> yeah I'd probably try pulling two at this point
<Fishscene> ok. Sounds like a project for later today after I get some sleep (1:24am)
<jtaji> good luck :p
<Fishscene> Thanks jtaji. :D
<Fishscene> You know what I like *most* about the Ubuntu community?
<Fishscene> Hundreds of people hanging out waiting help people out. Average response time to my questions: 5 minutes. AT&T? 28 hours. Microsoft? 2 hours.
<jtaji> hehe
<jtaji> the community aspect of this project was definitely insightful
<Oakbox> Hi all, I'm having trouble with host names, anyone around to maybe help out?  I can ping other computers on my local network by IP but not by name...  I have just changed my ISP/router and have just recently setup an ubuntu server (LTS) box.
<simplexio> Oakbox: dnsserver is not configured right
<simplexio> Oakbox: old way is add static dnsserver ip's into  /etc/resolv.conf, dunno if there is another way
<andol> Oakbox: As simplexio mentioned, it's about your computers not having any way of knowing each others names. The simple, but not very scalable, solution is to put the information in /etc/hosts
<Oakbox> thanks for that, I would like to set up a name server on my ubuntu box, would anyone be able to help out with that?  some of my boxes are DHCP windows it would be nice if i could give them their hostnames etc automaticaly...
<Oakbox> I am currently running a linxsys router and seems to be setting my resolve.conf file to domain_not_set.invalid
<teson> need help with postfix / relay (non ssl) / pam
<AJenbo> Hi, i updated from Ubuntu 8.04.1 to 8.10 and now i can't get the virtual servers back up and running in apache
<AJenbo> i have tried uninstaling and reinstaling apache 2.2.9 but i can't get it to work :(
<AJenbo> It simply runs the default host on all domains
<AJenbo> I mosty use webmin to setup the server
<jtaji> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<dexem> !ebox | AJenbo
<ubottu> AJenbo: ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<pjsturgeon> Would anybody like to help me test my new PHP add-ons for transmission daemon?
<pjsturgeon> I have modified wereHamster's watch finished script to move all finished downloads using PHP (it automatically uses the passwords and settings from your main settings file) and have a watched folder script based on the same code. trying to make a nice little "fun-pack" and will soon have it sending emails and creating an RSS feed
<pjsturgeon> just need someone to add 3 files and give em a try to see how it goes before I progress and release it
<Deeps> if nobody in here volunteers, someone in transmissions irc channel (#transmission?) may be more forthcoming
<philsturgeon> sodding IRC client, it has autoloaded me into ubuntu server but is showing me in transmission :p
<AJenbo> thanks for pointing to ebox, ill have a look at it. Turns out the virtual servers didn't work because i set the port to any, setting it to 80 fixed it, preaty odd you would think 80 was in the range of any...
<AJenbo> hmm nice, on the link to eBox you gave me it sayes it doesn't work properly with 8.10
<kinnaz> [sudo] password for myuser:
<kinnaz> -su: wxport: command not found
<kinnaz> whats up with that ?
<kinnaz> when su succeeds i get that wxport error
<kinnaz> where should i look for reference to that
<vollmer> is there a package for the tmpfs module for 2.6.24-23-server (64bit) I'm not seeing one in hardy
<kinnaz> so anyone has seen that wxport command not found error ?
<vollmer> yes, do you have an executable 'wxport' program? I'm guessing no?
<kinnaz> vollmer,  the question is why do i even get that error
<kinnaz> what could be referencing do it
<kinnaz> i would quess wxport is smt about gui
<vollmer> whatever is trying to run it
<kinnaz> but i have no xorg installed there
<vollmer> figure out when it happens and look what just ran?
<kinnaz> vollmer,  thats the queston is why
<kinnaz> everytime i do sudo su -
<kinnaz> i get that error
<kinnaz> and nothing in rooc bashrc
<kinnaz> root
<vollmer> strace it dude
<AJenbo> i can't get ebox to install on 8.10 :(
<dexem> AJenbo, I think there is a way... you can go to #ebox and ask :P
<vollmer> AJenbo: I'll trade you tmpfs support for ebox
<AJenbo> Sure what is your issue with tmpfs?
<vollmer> it's not compiled in evidently, and there is no module for it
<AJenbo> simply just install an older os (i belive this is also the supported solution for my problem)
<vollmer> um
<vollmer> haha riiiigh can't really just wing it and reload a server on the fly
<AJenbo> :)
<vollmer> grabed the backported modules package but it's not in there
<_ruben> sudo su isnt recommended btw, sudo -i is
<AJenbo> his copy paisting a line in to the end of sources.list the propper way to do it?
<soren> vorian: What makes you say it's not compiled in?
<soren> vorian: Sorry, not for you.
<uvirtbot> New bug: #345330 in samba (main) "smbfs, samba & samba-common are uninstallable" [Undecided,Incomplete] https://launchpad.net/bugs/345330
<soren> vollmer: What makes you say it's not compiled in?
<soren> vorian: A quick "mount" should show you at least one tmpfs already mounted.
<AJenbo> adding the sugested lines gives me a NO_PUBKEY 5F99A088342D17AC when i run apt-get update :(
<soren> vorian: Gah, that wasn't for you either :)
<kinnaz> waitpid(-1, -su: wxport: command not found
<kinnaz> strace not really helpful :P
<soren> AJenbo: You need to add the archive's key.
<soren> AJenbo: It's a PPA, I presume?
<soren> AJenbo: On its page on Launchpad, there are instructions for adding the key to your apt keyring.
<petia> ivoks, hello friend
<petia> ivoks, its orudie
<ivoks> hi
<petia> :)
<petia> i tried setting up spam filter yesterday by following this https://help.ubuntu.com/8.10/serverguide/C/mail-filtering.html
<petia> i am pretty sure i did everything accordingly but emails stopped going in or out completely
<petia> do you think this is a good tutorial ivoks ?
<petia> or guide rather
<ivoks> yes, it's good
<petia> so what do you think could have caused the emails to stop going in / out ?
<simplexio> thats what i call good spam filter :)
<ivoks> petia: lack of knowledge
<petia> ivoks, heh
<petia> i'm trying man
<petia> question if /etc/hostname file does not exist , should i create one ?
<ivoks> ?
<ivoks> you don't have /etc/hostname?
<petia> nope :(
<ivoks> you deleted it?
<petia> ivoks, have you heard of a problem where someone sends an email, and an email client would get like 10 messages in a row of the same message
<ivoks> no :)
<mib_qwvziz> i just got done doing an aptitude install bastille on my vps ubuntu box new to ubuntu server never heard anything about bastille anything else i should do to make it more secure and will bastillie work
<mib_qwvziz> well
<{horhay}> well
<petia> ivoks, out of 10 people in the office, only one person is having this problem and its intermnittent. He is also the only person that is using blackberry to receive emails
<trifecta> z	i just got done doing an aptitude install bastille on my vps ubuntu box new to ubuntu server never heard anything about bastille anything else i should do to make it more secure and will bastillie work
<ivoks> interpunction?
<ivoks> mathiaz: hi
<petia> ivoks, any reason why that could be happening ?
<_ruben> well .. the usage of a blackberry sure seems part of the cause :)
<mathiaz> ivoks: hi - how are you doing?
<kpettit> good morning
<ivoks> mathiaz: a bit sick, but good :)
<mathiaz> ivoks: welcome to the club! ;)
<ivoks> mathiaz: sorry for missing meeting, i had some things to do
<mathiaz> ivoks: np
<mathiaz> ivoks: I had a question wrt to bacula
<ivoks> mathiaz: i've seen lots of... errorrs
<ivoks> errors
<mathiaz> ivoks: while sponsoring your diff yesterday I saw that bacula-director-sqlite{,3} was in universe
<mathiaz> ivoks: errors?
<mathiaz> ivoks: should we move director-sqlite3 in main?
<mathiaz> ivoks: mysql and postgresql are already in main
<ivoks> iirc, sqlite3 was in main
<ivoks> umm... not
<ivoks> i guess we forgot about it
<mathiaz> ivoks: http://packages.ubuntu.com/search?keywords=bacula-director
<ivoks> at the time, sqlite3 (binary) wasn't in main before
<petia> what is the new ubuntu release ?
<mathiaz> ivoks: oh really?
<ivoks> so after it went into main, we didn't push bacula-director-sqlite3 in there
<mathiaz> ivoks: I thought we always had one of the sqlite in main.
<mathiaz> ivoks: or may be it was just the library
<ivoks> library yes, but not the binary
<mathiaz> ivoks: and not the binary
<ivoks> http://packages.ubuntu.com/search?keywords=sqlite3
<ivoks> it went into main in hardy
<acicula> petia: next one is jaunty jackalope i think
<ivoks> but we forgot to push director too :(
<mathiaz> ivoks: ahh.. and the binary is used by the directory to ... ?
<ivoks> create database
<mathiaz> ivoks: right. So I guess we should move director-sqlite3 to main.
<ivoks> correct
<ivoks> bacula failed to build on lots of archs
<ivoks> but the problems weren't related to bacula
<ivoks> https://launchpad.net/ubuntu/+source/bacula/2.4.4-1ubuntu5/+build/909616/+files/buildlog_ubuntu-jaunty-ia64.bacula_2.4.4-1ubuntu5_FAILEDTOBUILD.txt.gz
<mathiaz> ivoks: what about bacula-sd-sqlite3?
<ivoks> this one is strange:
<ivoks> https://launchpad.net/ubuntu/+source/bacula/2.4.4-1ubuntu5/+build/909617/+files/buildlog_ubuntu-jaunty-lpia.bacula_2.4.4-1ubuntu5_FAILEDTOBUILD.txt.gz
<ivoks> mathiaz: it's on to push it into main
<ivoks> er... sd
<ivoks> sorry...
<VSpike> g'day folks. To run 8.04 server on VMWare 2.0, without X, is there any reason to install VMWare tools?
<mathiaz> ivoks: right - I've seen a couple of build failure for other packages on some archs.
<VSpike> They sound X related to me (video, mouse..)
<ivoks> mathiaz: if we push director, we should push sd too
<ivoks> mathiaz: since that sd is used for recovery of sqlite3 DB when catalog isn't available
<mathiaz> ivoks: right - I think they can easily be moved to main as these are only binary packages
<mathiaz> ivoks: they don't require a full MIR.
<ivoks> /usr/lib/libldap_r-2.4.so.2: undefined reference to `sasl_global_listmech@SASL2'
<ivoks> i guess this is a problem in libldap library
<ivoks> mathiaz: should i write it?
<ivoks> mathiaz: i could do it for dovecot-postfix too
<mathiaz> ivoks: I've just asked in ubuntu-devel.
<mathiaz> ivoks: no need for a MIR
<mathiaz> ivoks: I will just update the seeds.
<ivoks> great
<mathiaz> ivoks: bacula-{director,sd}-sqlite3 added to the dvd seed
<mathiaz> ivoks: that way it should end up in main for jaunty.
<mathiaz> ivoks: where could dovecot-postfix be put?
<ivoks> well, which seeds are there? :)
<ivoks> i'm testing the solution for bug 339966
<uvirtbot> Launchpad bug 339966 in dovecot "dangerous action: dovecot-postfix force-installs new conf file" [Low,Confirmed] https://launchpad.net/bugs/339966
<Andre_Gondim> when i install my ubuntu server jaunty alpha 6, had a question if I want to use landscape, i choose it, but i read to use this i had to pay, how may i change that option?
<acicula>  Andre_Gondim i think you can just deinstall the landscape package
<Andre_Gondim> acicula: but I remember that has a option to automatically download securty packages, how can i change for this?
<acicula> unattended_install does that
<RoAkSoAx> Hi guys. Anyone had problems with the network interfaces in a Cloned KVM guest?
<acicula> that's not related to landscape i think, at least i use it to automaticly apply sec updates
<acicula> Andre_Gondim: it's called unattented_upgrades even
<acicula> ugh
<Andre_Gondim> I want to use a automatically sec updates
<acicula> unattended-upgrades
<acicula> that'll do it
<acicula> i just installed it , configuration is under /etc/apt/apt.conf.d/50unattended-upgrades
<thefish> is there a special way to get /proc/bus/usb/devices ?
<thefish> its just that devices file i seem to be missing
<thefish> its a link to .usbfs/devices
<joesuffceren> I'm running 8.04.1 64 bit server as a virtual machine. The machine is used for mail filtering (spam, viruses, etc.) and nothing else. I have mailscanner and mailwatch installed on it, and it has been operation and working splendidly for months. Nothing has changed with the machine, but this morning it won't accept mail, I can't get to the interface of the software served via apache....
<joesuffceren> ...Essentially the only network connectivity it has is that it will respond to pings
<joesuffceren> Other virtual machines on the same host have no such problems, so I believe it's isolated to this machine
<joesuffceren> I've tried restarting networking and even rebooting the box to no avail. Iptables -L shows no entries, and I'm not running apparmor
<joesuffceren> any ideas on where to begin troubleshooting would be much appreciated
<ivoks> can you telnet to port 80 or other open ports?
<jmedina> joesuffceren: check your sendmail/mailscanner daemons are runing, if so, check the logs
<jmedina> have you tried telnet 25 from Internet to your mail filter?
<jmedina> hi there, anyone here using pam_mount?
<joesuffceren> ivoks: no, I cannot
<joesuffceren> jmedina: I'm actually running postfix, but postfix, mailscanner, and other expected daemons are running
<joesuffceren> I'll look at the logs again
<jmedina> joesuffceren: is it accesible from Internet?
<joesuffceren> port 25 for mail and some other ports for razor pyzor and DCC
<joesuffceren> jmedina: I have tried telnet 25, and it times out
<joesuffceren> ivoks: I take that back, I can telnet to 80, but I never get http headers. I'm not familiar, though, with what I should see when I do that to apache
<ScottK> joesuffceren: You know that Postfix upstream recommends not using mailscanner, right?
<acicula> if you telnet you have to send an http command first
<acicula> or just type something and you'll get an error response
<joesuffceren> ScottK: I was not aware of that. while I regret that what I'm doing is not a recommended practice, do you think that would have anything to do with my sudden inaccessibility of the network?
<joesuffceren> acicula: I hit enter several times and got a bunch of special characters back
<ScottK> joesuffceren: No.  It's not likley related.  I'd encourage you to look at the archives of postfix-users when you have some time.
<acicula> joesuffceren: means there's at least something running i suppose
<joesuffceren> ScottK: will do! thanks
<sLaeYa> !pastebin
<ubottu> pastebin is a service to post multiple-lined texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu.com (make sure you give us the URL for your paste - see also the channel topic)
<acicula> joesuffceren: though if it's apache you should just get an error message, not special characters
<sLaeYa> hi I am having problems with my apache service failing to start properly - http://paste.ubuntu.com/133726/
<acicula> sLaeYa: looks like it needs the suexecmodule loaded?
<acicula> http://httpd.apache.org/docs/2.0/mod/mod_suexec.html
<PecisDarbs> Hi people, how can I enable safely support for old passwords in Hardy MySQL 5.0 server?
<PecisDarbs> Should I update root password first?
<joesuffceren> hmmm, yikes, whatever it is is not apache. I just did "/etc/init.d/apache2 stop" and I get the same thing when I telnet 80 as I did before
<sLaeYa> yes I believe so, I have a fresh install of ubuntu 8.10 and attempted to install ISPconfig3 which presented me with that error
<acicula> what does netstat say that is listening there
<ivoks> maybe you have two machines with the same IP?
<joesuffceren> ivoks: by jim, I think you're right
<lamont> ScottK: upstream only recommends that because mailscanner is TOTAL API IGNORING CRACK
<lamont> :-D
<ScottK> Yep.
<joesuffceren> I'm sorry to bother you guys with a stupid question. I should have checked that first. I don't know why my dhcp server is handing out addresses in my server range, but that problem I can solve
<ScottK> lamont: And even worse they defend the practice as reasonable.
<joesuffceren> thanks so much for all the prompt and helpful input. I'll definitely be back. You've made my first foray into this channel very welcome.
<joesuffceren> ScottK: I'll definitely read those digests
<joesuffceren> thanks again, all
<ivoks> np
<sLaeYa> thankyou acicula, I don't know how I missed it - I'm sure I used "a2enmod suexec" all is well now though
<ivoks> hm... is kernel aware of duplicate IP?
<ivoks> windows is aware when someone uses the same IP
<lamont> ScottK: hence the "TOTAL" and "CRACK" ...
<ScottK> Agreed.
<joesuffceren> not sure. it's an xp home box that took the ip
<joesuffceren> but I got no warnings on the ubuntu box (that I saw. they may be in a log somewhere)
<ivoks> there are no warnings like that
<ivoks> i'll ask kernel guys
<jmedina> ivoks: not really, redhat network scripts uses arp to query for ip conflicts
<jmedina> it is the only distro it does that
<ivoks> hm...
<ivoks> so, this is something we should work at
<jmedina> I think it is not kernel job, you can use IPwatch
<jmedina> in ipwatch main page there is some explanation about how to use arp to detect IP conflicts, just like redhat does
<jmedina> ivoks: http://www.linuxconfig.org/IPwatchD_an_IP_conflict_detection_tool_for_Linux
<ivoks> jmedina: thanks
<jmedina> ipwatch has a GUI notification interface, or simple logs notification
<ivoks> we should include this into ubuntu
<jmedina> by the way any simple tool to create a hardware report?
<ivoks> lshw
<jmedina> I know oscinventory, gpli
<jmedina> yeap that is
<jmedina> :D
<jmedina> I forgot the name, dmidecode gives a lot
<big_ham> jmarsden ... do you happen to be around?
<ivoks> mathiaz: ok, i have a working fix for dovecot -> dovecot-postfix upgrades
<big_ham> ahhh, you guys are already talking dovecot/postfix
<big_ham> I'm using TLS (sasl) to authenticate POP3
<big_ham> and SMTP
<ivoks> and outlook doesn't work? :)
<big_ham> unable to connect to server to send mail
<big_ham> webmail works fine
<big_ham> but Thunderbird won't work, so OBV outlook won't work either
<ivoks> that's jaunty's dovecot-postfix?
<big_ham> not sure ...
<big_ham> I used simple apt-get
<ivoks> what ubuntu version?
<big_ham> 8.10
<ivoks> which
<big_ham> then followed directions here:
<ivoks> so, you did manual configuration
<ivoks> 9.04 will have automatic configuration
<big_ham> https://help.ubuntu.com/community/Postfix
<mathiaz> ivoks: what's your proposal?
<ivoks> mathiaz: i'll attach debdiff to the bug
<mathiaz> ivoks: awesome.
 * jmedina finally migrated from hardy to intrepid for desktop :D
<ivoks> https://bugs.edge.launchpad.net/ubuntu/+source/dovecot/+bug/339966
<uvirtbot> Launchpad bug 339966 in dovecot "dangerous action: dovecot-postfix force-installs new conf file" [Low,Confirmed]
<jmedina> it rocks 64bits with kde 4.2.1
<jmedina> :S this is server channel
<big_ham> any help for my client AUTH issue?
<ivoks> big_ham: so... what's the problem?
<big_ham> squirrel mail works fine
<big_ham> but customers will be using some POP client
<ivoks> squirrelmail doesn't do auth
<big_ham> just set up TLS
<ivoks> are we talking about smtp-auth or pop/imap?
<big_ham> but when I try to send mail from Thunderbird, it repeatedly asks for my PASS
<big_ham> this would be SMTP-AUTH
<big_ham> pop auth seems to work fine
<ivoks> are you using TLS/SSL when doing smtp-auth?
<big_ham> yes
<ivoks> in thunderbird
<big_ham> TLS
<ivoks> which sasl do you use? saslauthd or dovecot?
<big_ham> saslauthd
<ivoks> bah...
<big_ham> bah?
<jmedina> :D
<ivoks> i haven't used that one in ages...
 * jmedina still uses saslauth with ldap, mysql and pam :S
<big_ham> i used setup I linked to earlier
<ivoks> jmedina: you can do that with dovecot too
<jmedina> then you are using dovecot
<ivoks> no, saslauthd is there
<ivoks> big_ham: did you check /var/log/mail.log?
<jmedina> ivoks: yes I know, I already did it, I need to get the time to migrate maildrop filtring and shared folders from courier imap
<ivoks> we should advertise /var/log as most important directory on Ubuntu-server
<jmedina> big_ham: did you pass all tests?
<jmedina> ivoks: I always teach that for new linux users
<jmedina> about logs
<ivoks> logs, /usr/share/doc and manpages
<ivoks> if you know those three, you know everything
<big_ham> hmmmm
<petia> heh, ivoks is spoonfeeding jmedina just like he spoonfeeds me
<big_ham> Mar 19 12:41:03 phx-server postfix/smtpd[7690]: warning: SASL authentication failure: Password verification failed
<ivoks> there... that's step in right direction
<jmedina> big_ham: did you pass all tests from the doc?
<ivoks> my guess is misconfigured saslauthd
<big_ham> Mar 19 12:41:06 phx-server postfix/smtpd[7690]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
<big_ham> yes, passed all tests
<jmedina> about telnet and see AUTH
<ivoks> hehehe chrooted postfix
<big_ham> you can telnet to 67.79.129.18
<jmedina> :S my ISP blocks 25
<big_ham> booooo
<jmedina> we use submission
<jmedina> big_ham: I recomend disable TLS until SMTP AUTH works with simple plain text
<lamont> ivoks: chrooting postfix _has_ been  one of my most painful things
<big_ham> ugh ... that setting is in a bunch of places, no?
<mathiaz> kirkland: according to your activity report:  * Syncing and testing the daily server iso, mini.iso
<mathiaz> kirkland: what kind of testing do you conduct on a daily basis?
<jmedina> big_ham: well, not really a couple of lines in main.cf
<big_ham> i can just comment them out?
<jmedina> big_ham: could you pastebin your main.cf file?
<jmedina> without comments
<big_ham> sure thing
<jmedina> we should add paste.ubuntu.com to pastebinit package
<jmedina> it hels a lot something like
<jmedina> egrep -v '^$|^#' /etc/postfix/main.cf | pastebinit
<big_ham> http://pastebin.ubuntu.com/133768/
<kirkland> mathiaz: i rsync the daily iso's overnight
<kirkland> mathiaz: and any time I need a new vm for anything, really, i install from that iso into a kvm
<jmedina> big_ham: change smtpd_use_tls = yes to no
<kirkland> mathiaz: always doing the encrypt-home option (looking for regressions there)
<kirkland> mathiaz: this is instead of using vm-builder, or something faster
<mathiaz> kirkland: did you automate the install from the iso?
<kirkland> mathiaz: ensure that the installer gets some exercise on a daily basis
<big_ham> ok, done
<kirkland> mathiaz: nope
<kirkland> mathiaz: which is why i'm looking forward to your blog post on the topic ;-)
<big_ham> now just test with thunderbird and turn TLS off there?
<mathiaz> kirkland: hehe... okidoki
<jmedina> big_ham: firest restart postfix
<big_ham> ok done
<big_ham> now testing thunderbird
<ivoks> lamont: i like chrooted postfix
<big_ham> damn
<ivoks> jmedina: why 'no'?
<big_ham> keeps asking me to re-AUTH
<big_ham> as if PASS is bad
<ivoks> jmedina: smtpd_use_tls is for sending mail from mail server
<ivoks> it's very easy
<jmedina> ivoks: is for receiving mail from anothers MTA
<ivoks> you have /etc/sasldb2 right?
<jmedina> smtp cilent is which send mail to another MTA
<jmedina> and smtpd is also used to authenticated roaming smtp clients
<ivoks> jmedina: right, anyway, it doesn't have anything to do with big_ham's problem
<ivoks> big_ham: ls -dl /etc/sasldb2
<jmedina> ivoks: ok
<lamont> ivoks: you notice I've never strayed from the decision to chroot it (nor do I think that would be wise.)  at the same time, well.... sigh
<big_ham> -rw-rw---- 1 root sasl 12288 2009-02-25 13:08 /etc/sasldb2
<lamont> as in, I understand upstream's decision to not want to deal with it
<ivoks> big_ham: ls -dl /var/spool/postfix/etx/sasldb2
<big_ham> bathroom ... afk 5 min
<ivoks> lol
<ivoks> etc
<big_ham> ls: cannot access /var/spool/postfix/etx/sasldb2: No such file or directory
<big_ham> ls: cannot access /var/spool/postfix/etc/sasldb2: No such file or directory
<jmedina> mm, big_ham is your saslauthd configured to use sasldb or pam as auth mechanism?
<big_ham> pam
<big_ham> i really need to hit the head for 5 mins ... brb
<ivoks> the thig is that for postfix /etc/sasldb2 is actually /var/spool/postfix/etc/sasldb2
<jmedina> afaik it doesnt need /etc/sasldb2 as saslauthd is using pam
<jmedina> I dont remember having troubles with /etc/sasldb2 even with postfix chrooted
<ivoks> he should use dovecot anyway :)
<jmedina> yeap
<jmedina> if he is using dovecot then there is no need to uses saslauthd
<big_ham> ok back
<big_ham> sorry
<big_ham> i have dovecot
<ivoks> then, set up postfix to use dovecot
<big_ham> is there a site you can point me to with clear instructions?
<ivoks> https://help.ubuntu.com/community/PostfixDovecotSASL
<ivoks> note that 'mechanisms' should be 'plain login' instead of 'plain digest-md5'
<ivoks> bah...
<ivoks> stop
<ivoks> ignore this manual
<big_ham> yeh?
<ivoks> who wrote this?
<big_ham> not me
<big_ham> :)
<ivoks> https://help.ubuntu.com/community/PostfixDovecotSASL?action=recall&rev=2
<ivoks> this is correct onw
<ivoks> one
<ivoks> sommer: ping
<big_ham> ok, going to run through it
<big_ham> its talking about older Ubuntu versions
<big_ham> does that matter?
<big_ham> I'm on 8.10
<ivoks> just follow it
<ivoks> it's the same
<big_ham> roger that
<ivoks> for 7.10
<ivoks> we should really have non-editable docs for supported configurations
<ivoks> in this case someone forced a very uncommon use case as default configuration
<big_ham> Note: the smtpd_sasl_path configuration needs to be a path relative to the Postfix queue directory.
<big_ham> what is the postfix queue dir?
<big_ham> etc/postfix?
<ivoks> ?
<ivoks> just copy paste those lines :)
<big_ham> I did already
<big_ham> just making sure that default path with be ok
<ivoks> postfix is chrooted
<big_ham> ok
<ivoks> that means it isn't aware of rest of the system
<ivoks> it knows only what's under /var/spool/postfix
<big_ham> i see
<ivoks> for it / is what /var/spool/postfix is for you
<jmedina> postconf -d queue_directory
<jmedina> that will give you default value
<jmedina> if you changed something in main.cf then use
<big_ham> 250-AUTH PLAIN
<jmedina> postconf -b queue_directory  (for new configs)
<big_ham> woo hoo
<ivoks> you didn't add login
<big_ham> fking a ... totally worked
<big_ham> that absolutely rocks
<big_ham> this mail server needs to be live tomorrow
<big_ham> you guys (along with jmarsden who was helping rocme last night) totally
<big_ham> rock
<big_ham> now I can flip DNS switch tonight
<ivoks> this isn't enough
<ivoks> outlook won't work
<big_ham> thunderird did
<ivoks> yeah, but outlook is broken
<big_ham> fking hate MS crap
<big_ham> ok ... what's next then?
<ivoks> look for mechanisms = plain in /etc/dovecot/dovecot.conf
<ivoks> and replace it with
<ivoks> mechanisms = plain login
<ivoks> restart dovecot
<big_ham> ok ... and since I have Outlook on my laptop, I'll test here
<jmedina> ivoks: do you know if login is needed for MS outlook
<ivoks> jmedina: it is
<big_ham> I'm using TLS at this point?
<big_ham> or plain AUTH?
<jmedina> afaik it was only required for old outlook express but not for MS outlook
<ivoks> always TLS/SSL
<big_ham> awesome
<big_ham> brb ... testing
<ivoks> Another plaintext mechanism is LOGIN. It's typically used only by SMTP servers to let Outlook clients perform SMTP authentication. Note that LOGIN mechanism is not the same as IMAP's LOGIN command. The LOGIN command is internally handled using PLAIN mechanism.
<ivoks> http://wiki.dovecot.org/Authentication/Mechanisms
<big_ham> outlook is repeatedly asking me for login info
<big_ham> do I need to be using SPA?
<jmedina> ivoks: Im afraid that is not the same postfix people says
<ivoks> big_ham: did you add login mechanism?
<big_ham> ys
<big_ham> yes
<big_ham> and restarted dovecot
<ivoks> what's the ip?
<big_ham> 67.79.129.18
<ivoks> looks ok
<ivoks> big_ham: are you sure you are using tls?
<ivoks> i think outlook doesn't do TLS
<ivoks> only SSL
<big_ham> it says "Secure Password Authentication" or SPA
<jmedina> in outlook 2007 it does
<ivoks> lamont: any chance we get smtps enabled by default?
<ivoks> big_ham: that's not it
<jmedina> big_ham:  let spa unchecked
<lamont> ivoks: I don't see why not....
<lamont> pretty much afk atm though
<big_ham> yeah, just figured that out
<ivoks> jmedina: not everybody has 2007
<big_ham> OK I got it
<big_ham> outlook just sucks balls
<big_ham> SSL is buried/hidden
<ivoks> big_ham: enable smtps in postfix
<big_ham> i had AUTH checked, but didn't see SSL
<big_ham> 5 levels of tabs later, I found it
<jmedina> ;D
<big_ham> i just can't test sending and receiving tactual mail because MX record isn't pointing to my box y
<big_ham> yet*
<ivoks> yes you can
<big_ham> gmail gave me bad recipient
<ivoks> lol, i sound like omana
<ivoks> obama
<big_ham> because it was @67.79.129.18
<ivoks> tell me one email that your mail server will accept
<big_ham> actually ... I take that back ... I was ableto send out
<big_ham> from Outlook
<big_ham> phoenixadmin@
<ivoks> @...?
<big_ham> 67.79.129.18
<big_ham> MX record points elsewhere ... normal domain is phoenixretailservices.com
<ivoks> there...
<big_ham> very nice
<ivoks> 250 2.0.0 Ok: queued as 20E7B5964FE
<ivoks> works?
<big_ham> sure did
<big_ham> what recip address did you use?
<ivoks> @phoenixretailservices.com
<big_ham> created a local route for the MX?
<ivoks> no... i used telnet :)
<big_ham> ahhhh
<jmedina> :D
<big_ham> very nice
<big_ham> thanks for doing that ...
<big_ham> now, and this isn't urgent, but they're setting up email addresses to receive certain attachments for clients
<big_ham> they want those attachments sent to those specific addresses (ideally) to drop into their FTP (on the same box)
<big_ham> seems like this would be relatively easy, yes?
<ivoks> haha
<ivoks> well, not relatively easy
<big_ham> i do use webmin, where things seem somewhat easier
<Big_ham5> honestly
<Big_ham5> wifi toggle switches are not the best design
<Big_ham5> right under my wrist
<Big_ham5> did you provide any info to dropping attachments in a specified dir while I was disconnected?
<ivoks> nope
<ivoks> you should search for that on google
<jmedina> you can write an script that extracts attachments from email, and use postfix's pipe, so whenever a mail arrives, postfix send the message using pipe to the scripts, you scripts filters, extracts attchments and sent it to a ftp server
<jmedina> you can even change body and add the URL :S
<jmedina> dont remember what tool already do it
<espacious> hello i followed howtoforge tutorial installing squirell postfix and mysql but when i login in squirell i get an error
<espacious> ERROR: Connection dropped by IMAP server.
<ivoks> espacious: /var/log/mail.log will help you
<espacious> virtual_alias_maps map lookup problem for admin@guest.kgs.si
<espacious> that's .log
<ivoks> si?
<ivoks> slovenia?
<espacious> yes.
<ivoks> you are from slovenia?
<espacious> yes.
<espacious> why?
<ivoks> onda ti necu pomoci :)
<espacious> najs.
<espacious> :D
<espacious> a zasto to?
<ivoks> hehe
<ivoks> english only...
<espacious> so.
<espacious> please ignore im from .si and give me an idea...
<espacious> :D
<ivoks> have you configured virtual alias maps?
<espacious> i did.
<espacious> maybe wrong.
<jmedina> you can test it with postfix tools: postmap -q admin@guest.kgs.si mysql://etc/postfix/file-with-alias-maps-configs.cfg
<espacious> let me check
<espacious> file alias maps is mysql-virtual_mailboxes.cf?
<ivoks> probably
<ivoks> you configured it :)
<espacious> i followed that tutorial .
<espacious> postmap: warning: connect to mysql server 127.0.0.1: Access denied for user 'admin'@'localhost' (using password: YES)
<ivoks> there you go
<espacious> so mysql rights?
<jmedina> yeap
<espacious> or missing user ...
<jmedina> did you create admin user in postfix database?
<espacious> hmm.
<espacious> how do i check this?
<jmedina> re-reading the unsupported howto
<jmedina> or querying your database
<HellMind> I got an 8.04 lts   with an ftp server that isnt work if I enable UFW, I got my tcp port open on ufw, what else I need?
<ivoks> ftp has two ports
<ivoks> 20 and 21
<HellMind> but the listening one is just 21
<HellMind> right?
<ivoks> right
<jmedina> HellMind: and depends on the method you are using
<ivoks> but you have to enable both
<ivoks> data goes over 20
<jmedina> and be sure ftp contrack module is  loaded
<HellMind> I got a vm, in there too, and that ftp service works fine, with ufw, I forwad the 21 and its ok
<HellMind> but the local server hang on list, and I cant use pasv!
<ivoks> HellMind: it depends on configuration of ftp service
<HellMind> so both methods doenst work
<HellMind> ivoks : Which cfg?
<ivoks> which ftp daemon are you using?
<HellMind> I tried proftpd and pureftpd
<HellMind> -d
<ivoks> i like vsftpd
<HellMind> I think I miss something in ufw
<Gargoyle> Greetings strangers.
<HellMind> ivoks : so tell me
<HellMind> why passv doesn't work?
<espacious> this file should conatin actual pass and users? /etc/postfix/mysql-virtual_mailboxes.cf
<ivoks> espacious: yes
<jmedina> HellMind: do you have ftp modules loaded?
<HellMind> I tried with ip_conntrack_ftp
<HellMind> what else do I need :S
<Big_ham5> sorry ... was AFK ... just to clarify my question about dropping attachments to FTP, the FTP dir is on the localhost of the SMTP/POP3 server, does that change your answer?
<ivoks> HellMind: you should at least provide configuration file; i don't have magic sphere
<espacious> so for any new use u have to type actual pass and user there?
<HellMind> ivoks its default cfg! I didn't chagned anything!
<HellMind> If i do a ufw disable it works like a charm
<jmedina> espacious: not, it is the user that reads records in the database, mail users are in database
<ivoks> espacious: ?
<jmedina> HellMind: which howto did you read?
<espacious> jmedina u right.
<HellMind> howto about what?
<HellMind> ufw?
<jmedina> HellMind: that was for espacious
<espacious> so jmedina http://pastebin.com/f7983d4d0 this should be ok.
<jmedina> espacious: yeap
<jmedina> you can try with
<jmedina> mysql -h 127.0.0.1 -u mail_admin -p mail
<jmedina> if you can login then yes
<ivoks> HellMind: passive mode opens port > 1023
<ivoks> HellMind: if your firewall policy is deny, then just opening port 21 won't help
<espacious> jmedina i can login with that credentials
<jmedina> ok
<jmedina> test agina with postmap
<HellMind> ivoks : well my default input is deny, there is no security without that
<espacious> let me change all files back.
<ivoks> HellMind: depends on the view
<HellMind> ivoks: : why the ftp i got on a vm (trough nat) works?
<ivoks> cause it's nated
<ivoks> you prorably have nf_nat_ftp module loaded
<HellMind> ivoks : but the default is still drop
<HellMind> ah thats right
<HellMind> what rule do I need to open those port then?
<HellMind> s
<ivoks> you need ip_conntrack_ftp module
<HellMind> Its loaded
<HellMind> nf_conntrack_ftp       18856  1 nf_nat_ftp
<kansan> does this guy look like it will have good compatibility with ubuntu server (hardy):  http://www.ascendtech.us/viewcart.asp?url=VC&Tp=&VCT=&WERR=&qty1=
<ivoks> could you paste iptables -L?
<HellMind> its a mess with ufw I will try
<Big_ham5> ivoks
<ivoks> kansan: we can't see your shopping cart
<HellMind> http://rafb.net/p/HSjwNs94.html
<Big_Ham> i am creating mail users (shell users) now for that server, do they need to be in a group other than "users" in order to send/receive mail?
<espacious> jmedina still the same
<espacious> postmap: warning: connect to mysql server 127.0.0.1: Access denied for user 'mail_admin'@'localhost' (using password: YES)
<ivoks> Big_Ham: nope
<kansan> ivoks, ok hang on
<HellMind> ivoks : my ftp port is 1021 , http://rafb.net/p/HSjwNs94.html
<Big_Ham> awesome ... thank you
<jmedina> espacious: please show me again the mailbox.cf file
<espacious> http://pastebin.com/f230e1d5e
<HellMind> ivoks: my service ftp is 1021 ( the 21 is the nat ftp server)
<ivoks> HellMind: well, you didn't  allow it
<jmedina> espacious: change 127.0.0.1 with localhost
<jmedina> and try again
<espacious> only in that file?
<HellMind> ivoks: I did, its the ftp one, line 103
<jmedina> I think you created mysql user with localhost
<espacious> or in all mysql_vhosts...
<jmedina> espacious: well in the file you are using for testing
<espacious> ok.
<ivoks> HellMind: ftp is port 21
<HellMind> ivoks: remember I can connect to it and send the command LIST
<ivoks> HellMind: you just said your ftp service is on 1021
<HellMind> I got 2 ftp server
<ivoks> right
<ivoks> one is on 21
<HellMind> the local one is 1021 - service ftp
<ivoks> and the other is on 1021
<ivoks> you allowed only 21
<HellMind> the nat one is 21 no service (thats why shows the number)
<ivoks> ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ftp
<ivoks> this is for 21
<HellMind> ftp is 1021!
<ivoks> dpt:ftp - destination port - ftp
<HellMind> I changed that
<ivoks> grep ftp /etc/services
<ivoks> ftp		21/tcp
<kansan> ivoks, ok hang on:  http://pastie.org/421289
<espacious> postmap: warning: connect to mysql server localhost: Access denied for user 'mail_admin'@'localhost' (using password: YES) same ....
<HellMind> ivoks:  I CHANGED IT!
<HellMind> ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:21 (21)
<HellMind> ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ftp (which means 1021)
<espacious> i addes also an admin@localhost use...and mail...
<espacious> but neither that is able to login.
<kansan> does this guy look like it will have good compatibility with ubuntu server (hardy):  http://pastie.org/421289
<ivoks> HellMind: how do you know it means 1021?
<espacious> Mar 19 18:33:46 mailserver authdaemond: failed to connect to mysql server (server=localhost, userid=mail_admin): Access denied for user 'mail_admin'@'localhost' (using password: YES)
<espacious> Mar 19 18:33:46 mailserver imapd: authentication error: Input/output error
<ivoks> HellMind: you changed /etc/services?
<HellMind> ftp-data        1020/tcp
<HellMind> ftp             1021/tcp
<jmedina> espacious: did you refreshe privileges in mysql?
<HellMind> thats right
<ivoks> why would you do that?
<HellMind> because I wanted to chose another port, not 21
<HellMind> Should I change it back :S
<ivoks> you don't change services then
<HellMind> Its the same
<jmedina> :O
<HellMind> ok
<espacious> i reloaded the privileges now from phpmyadmin
<ivoks> but the fireall and ftp configuration
<HellMind> ivoks : now its the same, but the ftp means 21 and 1021 got no alias
<ivoks> HellMind: so what
<ivoks> you don't need it
<HellMind> well I changed it back!
<espacious> jmedina same thing.
<ivoks> change configuration of your ftp service
<ivoks> to listen on 1021
<HellMind> ivoks : http://rafb.net/p/Lji2wW86.html
<HellMind> it listen on 1021!
<ivoks> ok
<HellMind> I can connect to it, remember, the list command hangs
<ivoks> try now
<HellMind> I tried!
<HellMind> you can try to   190.210.47.169  1021
<jmedina> HellMind: if you change your FTP port
<jmedina> then you need to load ftp contrack module with option using the new port
<HellMind> thats usefull
<ivoks> i didn't know that, heh :)
<HellMind> where is the optimun way to load that module in this distro?
<HellMind> ivoks : jmedina owns you
<ivoks> add options to modules in /etc/modprobe.d/
<ivoks> HellMind: well, i wasn't the one who camed with questions with tears in eyes :)
<HellMind> ivoks: no tears , just intrigue :P
<jmedina> wait, which kernel version?
<jmedina> HellMind: ?
<HellMind> 2.6.24-23-server
<espacious> jmedina can u help me a bit more?
<HellMind> espacious : wait your turn
<ivoks> HellMind: well, he was here before you
<espacious> im here.sitting down.
<HellMind> but I ask better question and faster
<HellMind> :P
<ivoks> even though he's slovenian, he deserves some attention :)
<ivoks> :D
<espacious> hehe
<jmedina> jajaja
<HellMind> ivoks thank you me you 've learned  how to set a ftp on a different port firewalled
<espacious> what youf ftp issue i have pureftpd up and running...
<ivoks> espacious: what's the problem?
<HellMind> jmedina : de donde sos?
<espacious> so i run trough that hoto to setup mailserver..
<ivoks> Big_Ham: if you are adding users only for email, it would be wise to add them with /bin/false as shell
<jmedina> HellMind: mexico
<espacious> and stil on that problem mysql or imap server not letting me login
<ivoks> espacious: imap server?
<ivoks> espacious: or postfix? (smtp server)
<jmedina> espacious: imap?
<espacious> i got this error in squirell
<jmedina> I tought we were talking about postfix
<espacious> we are.
<ivoks> no we aren't
<ivoks> postfix is for smtp
<jmedina> then is not postfix problem
<jmedina> :S
<ivoks> squirrelmail doesn't touch postfix
<ivoks> unless you send email
<espacious> ERROR: Connection dropped by IMAP server.
<jmedina> is this postfix day?
<ivoks> espacious: what do you use for imap?
<espacious> that squirel web-gui
<espacious> i use smtp. no imap.
<jmedina> espacious: did you configured squirrelmail?
<ivoks> smtp is for sending mail
<espacious> i did as show in the tutor.
<ivoks> imap is for reading
<ivoks> you need imap for webmail
<jmedina> espacious: which tuto?
<espacious> let me paste.
<espacious> http://www.howtoforge.com/virtual-users-domains-postfix-courier-mysql-squirrelmail-debian-lenny-p2
<ivoks> courier? oh, god...
<espacious> :D
<espacious> bad?
<ivoks> 5 pages
<ivoks> there's an easier one
<ivoks> dovecot + postfix + mysql + postfixadmin
<espacious> i didnt found that to complicated.
<espacious> hmm.
<ivoks> http://www.opensourcehowto.org/how-to/mysql/mysql-users-postfixadmin-postfix-dovecot--squirrelmail-with-userprefs-stored-in-mysql.html
<ivoks> knock your self out
<HellMind> so where to put it ip_conntrack_ftp on 2.6.24-23-server deb 8.04lts, etc-modules ?
<espacious> but i should now remove all stuf done...
<jmedina> espacious: first do it by hand
<jmedina> modinfo ip_conntrack_ftp
<espacious> jmedina what?
<jmedina> something like modprobe ip_conntrack_ftp ports=1021
<jmedina> :S
<ivoks> espacious: did you install courier?
<jmedina> that was for HellMind
<espacious> i think yes.
<ivoks> try:
<ivoks> telnet localhost imap
<HellMind> modinfo: could not find module ip_conntrack_ftp :(
<espacious> * OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION STARTTLS] Courier-IMAP ready. Copyright 1998-2008 Double Precision, Inc. See COPYING for distribution information.
<ivoks> ok, imap works
<espacious> youp.
<kansan> does this guy look like it will have good compatibility with ubuntu server (hardy):  http://pastie.org/421289
<ivoks> check /var/log/mail.log
<ivoks> kansan: NETWORKING:   10/100Mbps ETHERNET ADAPTER (LAN) - this doesn't tell us much
<espacious> Mar 19 19:12:16 mailserver postfix/pickup[1786]: 9AD933CC57A: uid=0 from=<root>
<espacious> Mar 19 19:12:16 mailserver postfix/cleanup[1792]: warning: 9AD933CC57A: virtual_alias_maps map lookup problem for admin@guest.kgs.si
<jmedina> HellMind: then you are not using that module
<ivoks> espacious: ignore postfix
<HellMind> im using it
<ivoks> espacious: look for courier
<jmedina> it is modinfo nf_conntrack_ftp
<HellMind> nf_conntrack_ftp       18856  1 nf_nat_ftp
<HellMind> ah you are right :(
<HellMind> i didn't saw that nf :(
<espacious> ivoks no courier related entries in that log...
<ivoks> espacious: then imap
<HellMind> ip_conntrack_ftp is the alias :S
<ivoks> imapd
<espacious> Mar 19 19:11:03 mailserver imapd: Connection, ip=[::ffff:127.0.0.1]
<espacious> only one all other are postfx related...
<HellMind> jmedina : what for modinfo :S? I need to reload it , where can I put it?
<jmedina> HellMind: to see wich param you need to use to change ftp port
<espacious> Mar 19 19:06:03 mailserver imapd: LOGIN FAILED, user=asd, ip=[::ffff:127.0.0.1]
<HellMind> parm:           ports:array of ushort
<jmedina> espacious: increase verbosity to authdaemon
<ivoks> espacious: there you go
<jmedina> you will see more info
<ivoks> espacious: have you created 'asd' user?
<espacious> where do i do this?
<espacious> no that was just dalse try....
<espacious> false*
<ivoks> no comment
<jmedina> nf_conntrack_ftp ports=21,49
<espacious> i tryed entring nonexisting user to see if the err is the same.
<jmedina> something like that
<jmedina> modprobe nf_conntrack_ftp ports=1021
<ivoks> espacious: pase the line with existing user
<HellMind> jmedina : but where :(, I want to load at boot
<jmedina> but you need to unload module depend
<HellMind> or at firewall  (ufw) startup
<jmedina> HellMind: ivoks already tould you where
<HellMind> jmedina : but you said stop! which kernel is he using :S
<HellMind> I ignored ivoks
<jmedina>  /etc/modprobe.d/options
<jmedina> something like
<espacious> Mar 19 19:16:49 mailserver imapd: Connection, ip=[::ffff:127.0.0.1]
<espacious> Mar 19 19:16:49 mailserver authdaemond: failed to connect to mysql server (server=localhost, userid=mail_admin): Access denied for user 'mail_admin'@'localhost' (using password: YES)
<espacious> Mar 19 19:16:49 mailserver imapd: LOGIN FAILED, user=admin@guest.kgs.si, ip=[::ffff:127.0.0.1]
<ivoks> i wouldn't put it there...
<jmedina> options nf_conntrack_ftp ports=1021
<espacious> Mar 19 19:16:49 mailserver imapd: authentication error: Input/output error
<HellMind> argh flooder
<ivoks> i would create my own file
<espacious> sorry.
<ivoks> since options will get overwritten on upgrade
<ivoks> espacious: ok, so, authdaemon doesn't have access to mysql
<jmedina> espacious: did you increase authdaemond verbosity?
<espacious> no where do i do that?
<jmedina> all the prolem is in mysql
<jmedina> :D
<jmedina> and authentication
<espacious> u think?
<jmedina> yeap
<ivoks> espacious: grep authmodulelist /etc/courier/authdaemonrc
<jmedina> ivoks: courier it is already using mysql
<espacious> http://pastebin.com/f1506822e
<ivoks> espacious: grep MYSQL_SERVER /etc/courier/authmysqlrc
<jmedina> espacious: increase verbosity, in the same file you set user, db, host, password for courier authdaemon
<espacious> http://pastebin.com/f74318054
<jmedina> espacious: change it to 127.0.0.1
<jmedina> and restart courier audhdaemon
<ivoks> espacious: check MYSQL_USERNAME and MYSQL_PASSWORD in /etc/courier/authmysqlrc
<espacious> slowly!
<espacious> :D
<espacious> so what to 127.0.0.1?
<ivoks> you don't need to change that
<ivoks> leave it as localhost
<Hans67521> hi need some help with fetchmail
<ivoks> espacious: check MYSQL_USERNAME and MYSQL_PASSWORD in /etc/courier/authmysqlrc
<Hans67521> downloading email for my domain to a local box but fetchmail wants to deliver mail as user@localhost?
<Hans67521> not to user@domain.com
<espacious> http://pastebin.com/f5cdc089b
<ivoks> espacious: mail_admin_password?
<ivoks> espacious: did you replace that with *real* password?
<jmedina> MYSQL_PORT 0 ???
<espacious> jmedina i cant find that verbosity...
<ivoks> lol
<espacious> no...?!?!? ivoks
<HellMind> Eureka!, it works
<espacious> should i?
<espacious> :D
<mathiaz> zul: why do I have to run apt-get update before apt-get install on an freshly new booted ec2 instance?
<ivoks> bas si slovenac...
<espacious> :D
<espacious> let me change that.
<espacious> was a joke ivoks! where u from?
<ivoks> zagreb
<zul> mathiaz: because the sources.list is based on the zone that you are in
<ivoks> mathiaz: any chance in reviewing dovecot-postfix patch? :)
<zul> if you are in the us zone then you get the us mirror if you are in eu then you get the eu mirror
<jmedina> espacious: in /etc/courier/uthdaemonrc
<jmedina> change DEBUG_LOGIN=0 to 1
<jmedina> and restart courier-authdaemon
<Hans67521> ?
<jmedina> espacious: and comment the line: MYSQL_PORT 0
<ivoks> jmedina: he is connecting to mysql
<mathiaz> zul: couldn't this part of the standard boot process?
<ivoks> jmedina: he was just supplying wrong password
<mathiaz> ivoks: on my todo list - it's not that urgent though
<jmedina> Â¬Â¬
<ivoks> mathiaz: ok
<mathiaz> zul: you'd have to run apt-get update *everytime* before you can install a package
<espacious> done all changes
<espacious> still same
<espacious> let me check the logs now.
<zul> mathiaz: what?!
<jmedina> never close log
<jmedina> :D
<jmedina> one tab for commands and another for logs :D
<espacious> tail -f :D
 * jmedina preferes multitail colorized logs
<mathiaz> zul: I mean that every time you boot a new instance, the first thing you have to do is to run apt-get update
<mathiaz> zul: otherwise you cannot install new packages.
<mathiaz> zul: seems that could be automated during the boot process.
<espacious> http://pastebin.com/m3d58591
<zul> mathiaz: yeah i see what you mean ill tell the script to run apt-get update after sources.list is updated
<espacious> what is that?
<espacious> multicolorized?
<espacious> :D
<zul> mathiaz: thanks
<genii> Bah. Adaptec and their love for rpm
<ivoks> espacious: great... this is good
<ivoks> espacious: in /home/vmail, create directory guest.kgs.si
<ivoks> espacious: and chown it to vmail user
<espacious> jmedina? u what u say?
<ivoks> hahaha
<espacious> ok let me do ivoks
<Hans67521> where can i find help for fetchmail
<jmedina> espacious: your auth is ok
<jmedina> but the problem is this:
<ivoks> Hans67521: i don't think fetchmail can deliver to domain
<jmedina> #
<jmedina> Mar 19 19:27:22 mailserver imapd: chdir guest.kgs.si/admin/: No such file or directory
<jmedina> #
<jmedina> Mar 19 19:27:23 mailserver imapd: Connection, ip=[::ffff:127.0.0.1]
<jmedina> your imap server chant change to admin mailbox
<jmedina> :D
<espacious> i see. so let me do...
<jmedina> classic
<ivoks> Hans67521: but then again... i don't know
<jmedina> you need a way to automate mailbox creationg
<espacious> but i sended a test message to activate/create that dir...
<jmedina> well didnt work
<ivoks> hm
<espacious> the command used is on that tutor...
<ivoks> chdir guest.kgs.si/admin/
<ivoks> this is full path
<ivoks> and that path is wrong
<jmedina> it is relative to /home/vmail/
<ivoks> ah, ok
<jmedina> he alrady have a search base path /home/vmail
<jmedina> I like to use maildrop with courier-imap
<espacious> i forgot which the user is...
<ivoks> vmail
<jmedina> http://tuxjm.net/docs/mailserver-howto/mysql-based/xhtml/ch04s07.html
<jmedina> that is my howto
<espacious> chown vmail:vmail guest.kgs.si/ so?
<jmedina> well I use /home/vmail/dominios
<jmedina> chown -R
<jmedina> espacious: how did you create the mailbox?
<espacious> mkdir....
<jmedina> :D
<jmedina> well you better use maildirmake
<espacious> what u mea?
<espacious> :D
<jmedina> it will create all the required subfolders
<espacious> what u mean...
<jmedina> or follow the howto I posted for automatic mailbox creation
<espacious> umm can u explain again ...
<espacious> im lost:D
<ivoks> btw, you didn't create mailbox
<ivoks> since your postfix also can't access mysql
<ivoks> you are using wrong password for mysql in it
<espacious> ok better now
<espacious> ERROR: Could not complete request.
<espacious> Query: SELECT "INBOX"
<espacious> Reason Given: Unable to open this mailbox.
<espacious> but im in
<ivoks> right, maildir isn't created
<espacious> i created /vmail/guest.kgs.si/admin/
<espacious> with maildircreate command
<jmedina> espacious: that path needs some especial subdirs
<espacious> so what should i run.
<jmedina> espacious: could you post full log?
<jmedina> well with context
<ivoks> i'm shocked that courier can't create dirs on login
<ivoks> is it really that bad?
<jmedina> ivoks: if you  are using courier MDA maildrop you can
<jmedina> but I dont know what espacious is using
<ivoks> i guess he also doesn't know that :)
<espacious> i dont in fact.
<espacious> Mar 19 19:42:16 mailserver postfix/cleanup[1789]: warning: 9A9DB3CC57A: virtual_alias_maps map lookup problem for postmaster@guest.kgs.si
<espacious> Mar 19 19:42:16 mailserver postfix/pickup[1786]: 9ABAB3CC57A: uid=0 from=<root>
<espacious> Mar 19 19:42:16 mailserver postfix/cleanup[1792]: warning: 9ABAB3CC57A: virtual_alias_maps map lookup problem for admin@guest.kgs.si
<espacious> that all in log...
<peeps[work]> does anyone know if the max length of env. variable values is configurable?
<espacious> suddenly pastebinit command dont work
<tristanbob> is there any easy way to transfer one ubuntu ufw setup to another server?
<ivoks> espacious: that's postfix
<tristanbob> I wish I could copy paste like a cisco device
<espacious> Mar 19 19:16:49 mailserver authdaemond: failed to connect to mysql server (server=localhost, userid=mail_admin): Access denied for user 'mail_admin'@'localhost' (using password: YES)
<espacious> Mar 19 19:16:49 mailserver imapd: authentication error: Input/output error
<ivoks> espacious: check /etc/postfix/mysql*
<ivoks> espacious: i bet you didn't put *real* mail_admin_password
<espacious> ivoks i did those files aer done like in the tutor...
<jmedina> :S
<jmedina> again?
<espacious> oh let me recheck.
<jmedina> I tought imapd auth was fixed
<jmedina> I think you better fix postfix
<jmedina> then imap
<ivoks> tristanbob: iptables-save
<ivoks> tristanbob: there's also /var/lib/ufw
 * jmedina loves shorewall+shorewall-lite
<tristanbob> thanks ivoks
<espacious> ivoks i have real pass there... still same
<ivoks> great
<ivoks> now... you fixed mysql password for courier
<espacious> Mar 19 19:48:25 mailserver imapd: LOGIN, user=admin@guest.kgs.si, ip=[::ffff:127.0.0.1], port=[49216], protocol=IMAP
<espacious> Mar 19 19:48:25 mailserver imapd: DISCONNECTED, user=admin@guest.kgs.si, ip=[::ffff:127.0.0.1], headers=0, body=0, rcvd=21, sent=57, tim
<ivoks> what happend since then?
<ivoks> afaik, it's 20:49 in slovenia now, not 19:49
<espacious> umm..sorry asking again where?
<espacious> ntp isnt installed.
<ivoks> :)
<jmedina> :S
<espacious> written in...
<ivoks> so, you can login with webmail?
<ivoks> and work with it
<espacious> i got a different error.
<espacious> ERROR: Could not complete request.
<espacious> Query: SELECT "INBOX"
<espacious> Reason Given: Unable to open this mailbox
<espacious> in the webgui
<ivoks> ah... non existing directory again
<espacious> there is no mailbox..u said.
<espacious> hmm im blind.
<espacious> how do i create it?
<ivoks> send a mail to it
<ivoks> this howto is 'how to work 2 hours on mail server and not getting it to work'
<espacious> :D
<espacious> i resended the mail-
<jmarsden> tristanbob: Look under /etc/ufw for all the ufw config files.  Tar (or zip?) them, and untar (unzip) them on the new server.
<espacious> same shit maybe the mail isnt send...
<ivoks> now check the logs
<jdstrand> jmarsden: and /var/lib/ufw
<espacious> Mar 19 19:16:49 mailserver authdaemond: failed to connect to mysql server (server=localhost, userid=mail_admin): Access denied for user 'mail_admin'@'localhost' (using password: YES)
<espacious> Mar 19 19:16:49 mailserver imapd: authentication error: Input/output error
<ivoks> not that one
<ivoks> that was an hour ago
<jmedina> espacious: show full log
<espacious> Mar 19 19:53:49 mailserver postfix/trivial-rewrite[2130]: warning: do not list domain guest.kgs.si in BOTH mydestination and virtual_mailbox_domains
<espacious> Mar 19 19:53:49 mailserver last message repeated 26 times
<espacious> Mar 19 19:53:49 mailserver postfix/local[2131]: warning: alias database loop for postmaster
<espacious> which one.
<ivoks> there
<jmedina> :S
<espacious> sorry i know is not polite to paste here.
<ivoks> remove it from mydestination
<jdstrand> really, if all one does is use the 'ufw' command, copying /var/lib/ufw and doing 'ufw enable' is enough
<espacious> let me fix pastebin...
<jmedina> espacious: stop postfix and fix courier, or stop courier and fix postfix
<espacious> hmm.
<espacious> fix what?
<jmedina> :D
<jmedina> :S
<ivoks> fix main.cf
<jmedina> Â¬Â¬
<ivoks> in postfix
<ivoks> look at the line you pasted
<espacious> aha i see... duplicate..
<ivoks>                    warning: do not list domain guest.kgs.si in BOTH
<ivoks>                    mydestination and virtual_mailbox_domains
<ivoks> remove it from mydestination
<espacious> where should it be virtual?
<espacious> ok.
<jmedina> that is a problema when people configure postfix ifst usiing debconf and then change to virtualdomains
<jmedina> that is what in my howto I started with a clean main.cf
<ivoks> jmedina: or people don't read howto:
<ivoks> postconf -e 'mydestination = server1.example.com, localhost, localhost.localdomain'
<ivoks> or the howto is wrong :)
<ivoks> 'Go sure that you replace server1.example.com with a valid FQDN, otherwise your Postfix might not work properly!'
<jmedina> :D
<espacious> hmm.
<espacious> i removed it same error.
<espacious> let me check logs
<jmedina> espacious: show us the logs
<jmedina> not what you understand
<espacious> Mar 19 19:53:49 mailserver postfix/local[2131]: warning: alias database loop for postmaster
<ivoks> restart postfix
<ivoks> GRRRRRRRRR
<ivoks> that's an old log!
<espacious> i did.
<espacious> sory.
<jmedina> not
<espacious> let me fix pastebin.
<jmedina> it is same process,
<espacious> log is long.
<ivoks> last lines
<jmedina> espacious: not full log
<ivoks> open a terminal
<jmedina> but with context, 5 or more longs around
<ivoks> connect to server
<ivoks> run in it 'tail -f /var/log/mail.log'
<ivoks> hit enter 5 times
<ivoks> then send mail
<ivoks> paste new lines
<jmedina> tail -f is useless if you dont read the logs carefully
<espacious> http://pastebin.com/f223c64af
<ivoks> man
<ivoks> i give up
<ivoks> these are old logs
<espacious> how old?
<espacious> quota, "", "" FROM users WHERE email = 'admin@guest.kgs.si'
<espacious> Mar 19 20:01:55 mailserver authdaemond: password matches successfully
<espacious> Mar 19 20:01:55 mailserver authdaemond: authmysql: sysusername=<null>, sysuserid=5000, sysgroupid=5000, homedir=/home/vmail, address=admin@guest.kgs.si, fullname=<null>, maildir=guest.kgs.si/admin/, quota=10485760, options=<null>
<espacious> Mar 19 20:01:55 mailserver authdaemond: Authenticated: sysusername=<null>, sysuserid=5000, sysgroupid=5000, homedir=/home/vmail, address=admin@guest.kgs.si, fullname=<null>, maildir=guest.kgs.si/admin/, quota=10485760, options=<null>
<espacious> Mar 19 20:01:55 mailserver imapd: LOGIN, user=admin@guest.kgs.si, ip=[::ffff:127.0.0.1], port=[60769], protocol=IMAP
<espacious> Mar 19 20:01:55 mailserver imapd: DISCONNECTED, user=admin@guest.kgs.si, ip=[::ffff:127.0.0.1], headers=0, body=0, rcvd=21, sent=5
<espacious> damn i make mess:D
 * jmedina thinks espacious wants to give up with a ban
<espacious> i dont get the point.
<espacious> sorry no.
<ivoks> espacious: do you understand how email works?
<espacious> a bit.
<ivoks> espacious: do you know what is smtp, and what is imap?
<espacious> i know.
<ivoks> espacious: are you sure?
<espacious> im more used to MS servers.
<espacious> yes.
<jmedina> espacious: do you understand smtp is handled by postfix process
<ivoks> obviously, they don't teach you a thing
<jmedina> and imap for imapd (corier_
<espacious> im new to postfx and squirel and ....so on.
<ivoks> postfix = smtp
<ivoks> imap, pop3 = courier
<ivoks> so, when you send a mail, you are looking for errors in... which program?
<jmedina> so, that is what I told you to stop courier imap and fix postfix, that way you wont get confused with a lot of logs
<jmedina> or your can use tail + grep
<espacious> ok i got that.
<ivoks> and when you change configuration
<espacious> let me stop curier.
<ivoks> and want to see if the new config works, you don't paste logs from an hour ago
<ivoks> but most recent
<espacious> that was a mistake
<jmedina> whenever you click  "send button" watch the logs
<ivoks> i have yet to meet a person that managed exchange, that actually understand how email works :/
<espacious> heh
<ivoks> but the funniest thing is that most of the spam comes from unix/linux mail servers
<espacious> ok now i stoped all courier-* proceses.
<espacious> now i send a mail with
<espacious> mailx admin@guest.kgs.si
<espacious> from console
<ivoks> ok
<espacious> aha!
<espacious> Mar 19 20:09:56 mailserver postfix/virtual[2689]: warning: perhaps you need to create the maildirs in advance
<espacious> Mar 19 20:09:56 mailserver postfix/virtual[2689]: 80CF93CC478: to=<admin@guest.kgs.si>, relay=virtual, delay=0.06, delays=0.03/0.01/0/0.02, dsn=4.2.0, status=deferred (maildir delivery failed: create maildir file /home/vmail/guest.kgs.si/admin/tmp/1237493396.P2689.mailserver: Permission denied)
<jmedina> ok that is progress
<ivoks> ls -dl /home/vmail/guest.kgs.si
<espacious> thanks.
<espacious> that is great.
<espacious> :D
<ivoks> ls -dl /home/vmail/guest.kgs.si/admin
<espacious> drwxr-xr-x 3 vmail vmail 4096 Mar 19 19:38 /home/vmail/guest.kgs.si
<jmedina> ivoks: yeap, in the other room a customer is taking a Interscan messaging suite from trend micro (betrayers) and they are teaching postfix
<jmedina> :D
<ivoks> espacious: ls -dl /home/vmail/guest.kgs.si/admin
<jmedina> espacious: ok that message is from virtual process, who handles virtual mailbox
<jmedina> virtual process is unable to create directories
<espacious> drwx------ 6 vmail vmail 4096 Mar 19 19:39 /home/vmail/guest.kgs.si/admin
<espacious> damn that tutor i followed is a mess i see now.
<ivoks> grep vmail /etc/passwd
<espacious> vmail:x:5000:5000::/home/vmail:/bin/sh
<ivoks> hm
<jmedina> espacious: ls -l /home/vmail/guest.kgs.si/admin
<jmedina> why  drwxr-xr-x 3 vmail vmail 4096 Mar 19 19:38 /home/vmail/guest.kgs.si
<espacious> http://pastebin.com/f5ea5c11
<jmedina> and then drwx------ 6 vmail vmail 4096 Mar 19 19:39 /home/vmail/guest.kgs.si/admin
<jmedina> ohh sorry
<espacious> admin was created manualy ...
<ivoks>     * Unknown post id, it may have expired or been deleted
<jmedina> espacious: sorry it was ls -la /home/vmail/guest.kgs.si/admin
<espacious> http://pastebin.com/f5ea5c113
<ivoks> root?
<ivoks> why root
<ivoks> chown -R 5000:5000 /home/vmail
<jmedina> because he ran maildirmake as root
<espacious> yes.
<espacious> true
<ivoks> don't run maildirmake
<espacious> already did.
<ivoks> postfix can create dirs by it self
<ivoks> ok, run:
<ivoks> chown -R 5000:5000 /home/vmail
<espacious> ok chroot done.
<jmedina> I think that perms were already fixed
<espacious> chown...
<jmedina> :S
<ivoks> now send mail
<espacious> http://pastebin.com/m769a5690
<espacious> huh!
<giovani3> espacious: that's good :)
<ivoks> that's it
<espacious> ok now its delivered
<espacious> so what is the next step?
<ivoks> now start courier
<ivoks> and check the mail
<ivoks> with webmail
<espacious> problem of irc is i cant buy u guys a beer!:D
<espacious> which courier-*
<ivoks> well, i'm not that far away
<espacious> all of them?
<ivoks> all
<espacious> if u come to lj i buy u a ber 4 sure.
<ivoks> i'll stop there in 2 months
<ivoks> on my way to austria
<espacious> nice u can call me.
<espacious> :D
<ivoks> i doubt, you guys will smash my car :)
<espacious> so what courier should i start?
<espacious> haha
<ivoks> all of them
<espacious> damn!
<espacious> u aer good!
<espacious> work like a charm.
<Big_Ham> they are totally awesome in here
<espacious> ivoks u damn .hr ! i buy u a ber 4 sure:D but LASKO
<Big_Ham> i couldn't have gotten better support even if I posted in a forum and waited days for all the replies
<ivoks> lasko is really bad beer :)
<espacious> so realy thanks ivoks jmedina
<espacious> !
<ivoks> the red one is better
<espacious> hehe why ivoks becouse is ours?:D
<espacious> i agree.
<ivoks> still, both are worse than karlovacko
<espacious> haha.-
<espacious> so any other concerns before i put this server in production?
<ivoks> lots of them :)
<espacious> any good modifications ..
<espacious> :D
<jmedina> espacious: now create another mail user and test that everything works
<espacious> should i get devcot?
<ivoks> espacious: you could buy an hour or two and get a review
<espacious> jmedina doing that...
<espacious> ivoks what?
 * jmedina can fix systems, but cant fix toilet :S
<ivoks> espacious: buy professional support for a review
<ivoks> espacious: i could do review in an hour :)
 * jmedina accepts beer by paypal
<jmedina> :D
<ivoks> :)
<jmedina> or rapidshare accounts :D
<jmedina> XDDDD
<espacious> haha
<espacious> i will be glad to offer u a beer.
<espacious> also to get some more support on courier postfix and other...but i have also other things to do...
<espacious> i taught irc help channel are for free:D
<ivoks> well, we helped you for free, didn't we?
<espacious> thats 100% true.
<espacious> and thanks again.
<ivoks> but if you are asking us to tell you that your server is ready for production, that would require serious review
<espacious> i know.
<espacious> im running a separate MS excange...
<espacious> now i discovered...proxmox...KVM...
<espacious> and installed mail gateway...
<espacious> if u know that...
<espacious> so i was courious if i can make a similar sistem by hand...as proxmox mailgateway has a limit to jus one fqdn...or one subnet i mean...
<espacious> just*
<jmedina> I think promox uses postfix+amavisd-new
<jmedina> you can even add mailfiltering to your postfix server
<ivoks> serious mailfiltering
<espacious> i know.
<espacious> proxmox mail gateway is infact postfix modded...
<espacious> i will have a separate proxmox mailgateway for that mailserver u guys helped me to config..
<ivoks> i don't get it...
<espacious> and slowly i want to add all features to my postfix and get rid of that proxmoxmailgateway..
<espacious> ist's a theory:D
<ivoks> why don't you just replace exchange?
<espacious> ?
<espacious> i use exchange for all users and several domains
<ivoks> you have a mail gateway for exchange, right?
<espacious> proxmox mailgateway is limited to one domain.
<espacious> so i wanted to play with it.
<ivoks> well, postfix supports more domains than exchange :)
<espacious> i also need new acc cca 100-200 for GUEST:::kgs.si
<espacious> so i decided for postfix.
<ivoks> so...?
<espacious> ivoks mailgateway for exchange?
<espacious> no proxmox mailgatway is not infront of exchange...
<espacious> or what u mean?
<espacious> proxmox will be infront of this new posfix...
<ivoks> i mean drop promox and exchange and put ubuntu mail server
<ivoks> why?
<ivoks> why do you need mail server in front of mail server?
<espacious> i cant drop exchange...but thats not a problem since i got more ips...
<espacious> proxmox mailgateway is not mail is a spam cut off thingy
<ivoks> you don't need it
<ivoks> you can fight spam better than proxmox
<espacious> i know i can config all features included in it in postfix...
<espacious> fact is it has a nice interface...to see whats going on ....
<espacious> can i ask sth not so legal or will be someone angry?
<espacious> :D
<espacious> yes/no?
<ivoks> i didn't understand last line
<espacious> so.
<espacious> proxmox mail gateway has a limitation...u download a licence ...and a free one is limited to only one host! all other mails get droped...
<ivoks> ok
<espacious> so im practicaly asking how this is done and if i can go arround this...
<espacious> but its illegal since u have just to pay and u have as many domains u like...
<espacious> i just want to know how this is done ...coded down to accept ony that domain.
<espacious> pure curiosity.
<espacious> i dont intend to resell it:D
<jmedina> espacious: well I think we dont use promox because is so closed, even when is based on open source
<jmedina> :D
<jmedina> so, you better find another solution and more flexible
<espacious> pracicaly i did and u helped me.
<espacious> i just have to learn a bit more about postfix and stuff...
<jmedina> now you can install amavisd-new spamassassin, clamav and you have antispam and antivirus
<espacious> but! take a lok at proxmox its great.
<ivoks> http://www.postfix.org/documentation.html
<jmedina> of course you need to configure each one and integrate amavisd-new with postfix
<ivoks> its great, lol
<ivoks> it's postfix+amavis
<espacious> why its not?
<jmedina> because is not totally open and free
<jmedina> :D
<ivoks> why? it's less flexibile than your solution
<espacious> thats the bad part.
<espacious> i agree.
<jmedina> that is the only part I care
<jmedina> open or nothing :D
<espacious> big + is it has realy n00b easy web based gui.
<espacious> i like that.
<jmedina> you can use maia mailguard
<espacious> since im n00b.:D
<espacious> what is that?
<ivoks> LINUX syslogd uses synchronous writes by default. Because of this, syslogd can actually use more system resources than Postfix.
<ivoks> i used mailzu for quarantine
<espacious> btw what about that scripts to autocreate dirs or better a way to delete accounts if not accesed for defined time perios and what about batch creating users?
<jmedina> ivoks: mailzu is good, but lacks the option to let users whitelist or blacklist using the interface
<ivoks> jmedina: well.... :)
<ivoks> jmedina: there are patches for that
<jmedina> ivoks: didnt know
<ivoks> jmedina: mailzu doesn't have developers atm
<petia> ivoks, friend, you think you'll be able to help me out with spam filter ?
<ivoks> jmedina: so someone forked it and patched it with all the patches
<jmedina> what I like about maia is that user can request to relase a mail from querantine then the admin can relase it and whitelist it
<ivoks> jmedina: users can release spam/virus in mailzu, also
<jmedina> ivoks: ohh didnt know, what is the fork name?
<ivoks> jmedina: http://sourceforge.net/mailarchive/forum.php?thread_name=493914E9.6010809%40husku.net&forum_name=mailzu-users
<ivoks> jmedina: http://trac.husku.net/mailzu-ng/
<jmedina> ivoks: thanks
<jmedina> so whos next?
<ivoks> :)
<petia> me
<jmedina> just kidding
<jmedina> I need to eat
<ivoks> it would be great to have postfixadmin and mailzu integrated
<ivoks> shouldn't be too hard
<jmedina> ivoks: yeap
<ivoks> both are php, iirc
<ivoks> jmedina: are you interested in working on that?
<petia> ivoks, why you didnt tell me about postfixadmin before ?
<jmedina> ivoks: there is a postfixadmin fork for greilistng and amavis setttings
<jmedina> ivoks: I dont code :S
<jmedina> I only know how to type faster in shell
<ivoks> jmedina: i don't too, but php shouldn't be too hard :)
<petia> damn ivoks likes to ignore me sometimes
<ivoks> :)
<jmedina> petia: probably because your nicks sounds like PITA
<ivoks> jmedina: postfixadmin+mailzu+roundcube :)
<ivoks> http://nejc.skoberne.net/projects/rcpfa/
<ivoks> ou yes!
<ivoks> now we just have to add mailzu to this combination :)
<petia> i cant use my real nick cause i left irc on at home
<jmedina> ivoks: http://www.oav.net/projects/openvisp-admin/
<ivoks> and we have point and click interface to quarantine, account management
<jmedina> that is postfix admin fork
<ivoks> jmedina: looking nice!
<ivoks> and instead of mysql, use ldap
<ivoks> and there you go - exchange :)
<petia> anyway, i'll talk to you guys later
<ivoks> wow... i'll work on this for 9.10
<ivoks> hm... that might be too narrow use case for distribution
<espacious> heh ivoks i know that guy /nejc.skoberne.net
<espacious> its from my town.
<ivoks> ?
<espacious> the author of the link u pasted..
<ivoks> ah
<ivoks> take care
<ivoks> time for offline mode
<fenix> hello
<fenix> i'am brazilian
<fenix> help me
<NetSkay> hey guys
<NetSkay> im need of a bit of assistance
<NetSkay> with openVPN
<NetSkay> anyone :P
<jmedina> NetSkay: what is the problem?
<NetSkay> im stuck at the RSA keys
<NetSkay> im following this how to
<NetSkay> and i edited my vars
<NetSkay> withte h proper country, province bla bla
<jmedina> which howto?
<NetSkay> the one at openvpn.net
<NetSkay> so i type ./vars
<NetSkay> ./clean-all
<NetSkay> then ./build-ca
<NetSkay> and it tells me i need to source ./vars
<NetSkay> and i need to edit vars to reflect my config
<NetSkay> so im a bit lost
<jmedina> use
<jmedina> source ./vars
<NetSkay> i tried that
<NetSkay> lol
<NetSkay> same thing
<jmedina> :D
<jmedina> Â¬Â¬
<jmedina> you only need to use clean-all the first time
<jmedina> to create al clean PKI
<NetSkay> well
<NetSkay> im doing source ./vars
<NetSkay> and i do
<NetSkay> sudo ./clean-all
<NetSkay> and it says
<jmedina> letme do it here
<NetSkay> please source the cars script, amke sure you have edited it to reflect ur config
<NetSkay> im cd-ed in /etc/openvpn/easy-rsa/2.0/
<jmedina> ok
<jmedina> im in there
<jmedina> ok
<jmedina> source ./vars
<jmedina> ./clean-all
<jmedina> and the
<jmedina> ./pkitool --initca --pass
<jmedina> that works here
<jmedina> and ./build-ca
<NetSkay> when i do
<NetSkay> ./pkitool part
<NetSkay> says same thing as if im running ./build-ca
<NetSkay> i donno if my vars script is wrong or not
<jmedina> ok, you are doing it in the same session right?
<NetSkay> i just edited the last lines for location info and email
<jmedina> which distro?
<NetSkay> yea same session
<jmedina> version?
<NetSkay> umm
<NetSkay> how can ic heck?
<NetSkay> about?
<jmedina> lsb_release -a
<NetSkay> ubuntu 8.1 intrepid, server edition
<jmedina> ok
<jmedina> same here
<NetSkay> i386
<NetSkay> or w/e it was
<NetSkay> and i copied easy rsa from /usr/share/openvpn/examples
<jmedina> ok
<jmedina> from the begining
<NetSkay> and the dir is
<jmedina> # cp -a /usr/share/doc/openvpn/examples/easy-rsa/2.0 /etc/openvpn/easy-rsa
<NetSkay> ok
<NetSkay> let me rm it
<BitWraith> if I use apt to install skype (assuming it is in a repo ubuntu knows... maybe it's not) would that pull in X11 or Gnome as a dependency?
<jmedina> # cd /etc/openvpn/easy-rsa/
<jmedina> root@jmdesk:/etc/openvpn/easy-rsa# source ./vars
<jmedina> NOTE: If you run ./clean-all, I will be doing a rm -rf on /etc/openvpn/easy-rsa/keys
<jmedina> root@jmdesk:/etc/openvpn/easy-rsa# ./clean-all
<NetSkay> jmedina done
<jmedina> root@jmdesk:/etc/openvpn/easy-rsa# ./pkitool --initca --pass
<NetSkay> o let me do that
<jmedina> Using CA Common Name: Fort-Funston CA
<jmedina> Generating a 1024 bit RSA private key
<jmedina> .......++++++
<jmedina> I didnt edit vars for testing purposses
<NetSkay> do i ahve to sudo clean-all cause i get permission denied, or should i chown?
<NetSkay> nope, same thing man
<NetSkay> this time i didnt edit anything
<NetSkay> i did exaclty what u did
<orudie> would someone volunteer to help me out with this guide to get the spam filter working?
<orudie> https://help.ubuntu.com/8.10/serverguide/C/mail-filtering.html
<NetSkay> jmedina fixed it
<jmedina> NetSkay: good, what was the problem?
<mrbull> hello
<mrbull> does anyone knows how to remap some keys and make it persistent? I've tried editing /etc/kbd/remap but it didn't work.
<jmedina> for shell or X?
<jmedina> for X you can use Xmodmap
<mrbull> just shell
<jmedina> what are you doing?
<orudie> jmedina, hi where is ivoks ?
<jmedina> orudie: living, I guess
<jmedina> I dont know, he went offline a few hours ago
<NetSkay> jmedina, i just enabled my root account, sudo passwd root, i guess it sources under regular user and when i try and sudo doesnt work, i really dont know lol
<mrbull> im trying to switch esc for caps lock. if it works ill probably remap right meta to return
<orudie> jmedina, do you think you can help me with setting up mail filter ?
<mrbull> (i used readline in vi mode, which is why i asking)
<mrbull> use*
<jmedina> mrbull: yes I can
<jmedina> I have a howto in spanish :S
<jmedina> but Im leaving in 30 mins
<mrbull> jmedina: i can read spanish with no problems
<jmedina> good
<jmedina> tuxjm.net/docs/mailserver-howto/mysql-based/
<jmedina> mrbull: in same box or mailgateway ?
<mrbull> wait, something good mixed up... i think this is meant for orudie
<mrbull> got*, not good
<orudie> i like good
<jmedina> damn
<orudie> :)
<mrbull> i just want to know why the system isn't picking up my keybindings from /etc/kbd/remap
<jmedina> how hard is to get ubuntu certification
<jmedina> LPI doesnt help too much
<jmedina> orudie: it is for gentoo
<jmedina> but most things works using same configs
<jmedina> just skip pyzor config
<jmedina> it is not recommend and maintained
<orudie> what about antivirus ?
<jmedina> amavisd-new dont recomend, it uses a lot of resources
<jmedina> orudie: I use clamav
<jmedina> orudie: where do you want to enable mailfiltering
<jmedina> in the same MTA box?
<jmedina> or in a separate box?
<orudie> same
<jmedina> orudie: are you using postfix?
<orudie> yes
<orudie> postfix/dovecot
<orudie> and smtp-auth
<orudie> everything is working like a charm
<jmedina> orudie: and what is the problem with the howto?
<orudie> but no mail filter :(
<domas> did cyrus die lately? why is everyone using dovecot? :)
<orudie> the problem is that after doing all the steps mail stopped working
<jmedina> domas: it is cool
<orudie> no errors or anything, though i didnt have time to check the logs
<jmedina> orudie: and what about logs?
<domas> I used to build big stuff on cyrus ages ago
<orudie> see, the email server i set up for my company
<domas> it seemed to be perfect ;-)
<jmedina> orudie: could you pastebin your main.cf and master.cf files?
<orudie> jmedina, i had to undo everything i did in the howto , because like i said mail stopped coming in / out
<orudie> it was in the middle of a busy day
<orudie> so i had to quickly undo everything
<orudie> and didnt even have time to check the logs
<orudie> but i do in fact have time right now
<jmedina> well I cant help you
<jmedina> I just need to go out for 30 minuts then come back
<orudie> ok i'll wait
<jmedina> ok for now follow the same howto
<jmedina> and stop when you get to the postfix section
<orudie> oh but you said.... dont set up razor ?
<jmedina> dont worry
<jmedina> well I said pyzor
<jmedina> razor is good
<orudie> so dont install pyzor ?
<jmedina> no
<jmedina> only razor
<jmedina> orudie: done?
<orudie> jmedina, a little stuck here hang on
<jmedina> ok
<jmedina> ok
<orudie> cant establish connection to outgoing server with outlook :(
<orudie> wtf
#ubuntu-server 2009-03-20
<jmedina> ?
<orudie> trying to set up an email account from hom e
<orudie> brb
<orudie> man... cant establish connection to outgoing smtp server
<orudie> it was working fine i dont get it
<orudie> how do i tail a log ?
<hads> tail /log/file
<orudie> http://pastebin.com/m119240e8
<orudie> all the sudden getting this error when trying to send mail using outlook
<NetSkay> ugh whats up with the lagg
<jmedina> orudie: orudie did you change someting in postfix?
<orudie> nothing
<orudie> 0
<orudie> shit...
<orudie> sorry for the language
<jmedina> orudie: try thunderbird
<orudie> i tried
<orudie> same thing
<jmedina> orudie: paste more lines from the log
<orudie> i would really like to observe the tail of the log
<orudie> tail mail.log shows a few lines , but rerurns back to bash
<orudie> returns
<jmedina> orudie:
<jmedina> use tail -f /var/log/mail.log
<jmedina> and dont close that
<orudie> ok
<jmedina> orudie: what is your domain name?
<jmedina> I cant help you test with telnet :D
<orudie> hey
<orudie> not telnet
<orudie> jmedina, pm
<mrbull> managed to remap keys outside of X. can't believe it was so simple and i was overlloking it.
<mrbull> if anyone needs to do it, just run "dumpkeys > ~/yourkeymap; vim ~/yourkeymap" and then after that just do a loadkeys yourkeymap
<twb> Or sensible-editor :P
<mrbull> twb, let's not get into that discussion :P
<twb> mrbull: well, on your system it would run vim.
<mrbull> twb: well, vim comes as default, even if stripped down...
<hads> If you know you want vim then it's much easier to type.
<twb> Well, "ed" is even easier, especially on qwerty
<chriszf> Question. Is there another way to configure samba besides /etc/samba/smb.conf?
<jmedina> chriszf: nop
<jmedina> there are graphic interfaces
<jmedina> a lot
<Alex_21> Is Apache's HTAccess turned on by deafault?
<Alex_21> In 8.04?
<chriszf> jmedina: I'm just curious what the right click->share folder mechanism uses, because it doesn't do anything in the /etc/samba directory.
<jmedina> chriszf: I dont know, dont use ubuntu desktop
<jmedina> ubuntu server doesnt have click->share
<chriszf> Yeah, I know it's kinda the wrong place, there's just a lot of noise in the #ubuntu channel.
<chriszf> Thanks, though.
<jmedina> chriszf: so what is the problem?
<twb> chriszf: that uses some funky gnome thing that I don't fully understand.
<jmedina> it is really easy create shares in samba
<jmedina> well that is GNOME :D
<chriszf> jmedina: Oh, I used it to make a share initially, then I dropped gnome, and I'm trying to reconfigure it.
<mrbull> chriszf: have you checked samba's section in the server guide? http://help.ubuntu.com/community/SettingUpSamba
<mrbull> oops, that's actually in the community section, but end result is the same
<chriszf> mrbull: yeah, it's the usual 'edit smb.cnf', '/etc/init.d/samba reload' stuff. The mystery here is where my share is actually defined.
<chriszf> It's not in smb.conf.
<mrbull> chriszf: in the conf itself as a section named as how you want it to appear in the network
<mrbull> for example: [all_my_illegal_mp3s]
<chriszf> mrbull: Right. I think I didn't explain it correctly.
<mrbull> then inside you define its path and permissions.
<chriszf> I created a share with the graphical nautilus bit.
<mrbull> ok
<chriszf> And it exists and serves up files
<chriszf> BUT it doesn't put an entry into smb.conf
<chriszf> Now I want to change it, and I'm not using nautilus, but I can't find where the heck it's configured.
<mrbull> have you tried "locate smb" in the terminal?
<mrbull> maybe it's somewhere else
<chriszf> Yeah, I haven't tried that yet.
<twb> I think you want the nautilus-share package.
<twb> Description: Nautilus extension to share folder using Samba Nautilus Share allows you to quickly share a folder from the GNOME Nautilus file manager without requiring root access.
<twb> Homepage: http://gentoo.ovibes.net/nautilus-share/
<twb> chriszf: have a look at the /usr/share/doc files, and other files (dpkg -L) for that package.
<chriszf> Ah, that looks promising.
<mrbull> http://ubuntuforums.org/archive/index.php/t-780709
<mrbull> ah crap
<jmedina> ah it uses net usershare :D
<mrbull> my other computer, from which i was copying the link for a discussion on nautilus-share went to sleep on its own
<jmedina> it was introduces in 3.0.23
<jmedina> introduced
<chriszf> Ah, excellent.
<jmedina> you can use "net usershare" as normal user
<jmedina> and you dont requiere root access
<mrbull> http://ubuntuforums.org/archive/index.php/t-780709.html
<chriszf> Perfect. That's exactly what I needed. Thanks,  folks.
<jmedina> another happy customer
 * jmedina goes out, time to real work
<mrbull> twb: on the "sensible editor" comment... i just had to reconfigure $EDITOR to vim as hitting v on vi mode for bash was popping nano. nano is NEVER sensible.
<jmedina> mrbull: you can use alternatives
<mrbull> jmedina: am i about to be preached? :P
<mrbull> i'm not joining the church!
<chriszf> mrbull: I think he means update-alternatives
<jmedina> yeap
<mrbull> oh
<chriszf> And not.. uhh. emacs.
<chriszf> Which is like, a blight on humanity.
 * mrbull feels embarrassed
<chriszf> Haha.
<jmedina> mrbull: dont worry, I dont understand "preached" meaning :S
<twb> mrbull: haha, nano is rated higher than vim
<mrbull> emacs would probably be great with a foot pedal
<twb> mrbull: I didn't know that
 * jmedina goes to dictionary
<chriszf> mrbull: I think it might also work with a throttle control and maybe some overhead switches.
<mrbull> chriszf: and beer goggles or a beer helmet
<twb> http://www.emacswiki.org/emacs/FootSwitches
<twb> http://www.emacswiki.org/emacs/GamePad
<mrbull> twb: GamePad? lol
<twb> Specifically, http://www.emacswiki.org/emacs/EmacsVersor is a way to run Emacs using a gamepad or other device with limited inputs.
<jmedina> last year I was with Stallman in the same car, he doesnt need a footwitch
<jmedina> footswtich
<jmedina> neither a gamepad
<jmedina> well he doesnt use X at all
<twb> jmedina: that's because he is so good
<mrbull> i can imagine a power emacs user wearing those datasomething one-per-hand keyboards, foot pedals and beer goggles
<twb> datahands
<mrbull> yeah
<chriszf> Haha. Does he have beard tendrils to handle the key combinations?
<twb> I expect his beard is a symbiotic lifeform
<mrbull> well, i guess i COULD use footswitches as esc/ctrl for vim
<twb> There's also http://www.emacswiki.org/emacs/EmacSpeak
<twb> ...which is Emacs for the visually impaired.
<TimReichhart> Hi I am needing help on configuring Exim4 using google as smtp
<mrbull> honestly i have to say i never did give emcas a try as most ssh sessions i connect to don't have emcas installed. plus, i find it ugly. but the last remark is just to piss twb off :P
<mrbull> the emcas typo wasn't though
<mrbull> that's bad typing
<twb> mrbull: only people who actually know Emacs can truly hate it.  You merely dislike it.
<twb> mrbull: /msg fsbot salespitch
<goofey> twb: lol
 * mrbull is wearing a tinfoil hat
<twb> TimReichhart: do you just want to forward mail to an upstream smarthost?
<mrbull> twb: you won't convert me
<twb> I don't want to
<mrbull> i'm shielded
<twb> Emacs is like the dark side: powerful and corrupting.
<TimReichhart> yes if i can do that twb
<hads> And bad.
<twb> Slowly it takes over your system, so that one day CTCP VERSION rcirc on GNU Emacs 23.0.91.1
<twb> TimReichhart: in that case I recommend you just use msmtp instead of a full-blown MTA.
<twb> TimReichhart: an example /etc/msmtprc is http://twb.ath.cx/Preferences/.msmtprc
<twb> TimReichhart: note that gmail requires you to supply it a username and password, unlike (probably) your ISP's smarthost.
<TimReichhart> so can you please tell me how to use my isp for doing that?
<twb> TimReichhart: you just supply your ISP's FQDN instead of mail.gmail.com, or so.
 * jmedina has spanish instructions for postfix
<TimReichhart> well would it be like this mail.hometowncable.net
<twb> TimReichhart: if you look at the file I linked you to, you can see there is "internode" and "internode-nocrypt" there, which are ISP smarthosts.
<twb> TimReichhart: that depends on your ISP, you need to ask them
<TimReichhart> well that is the outgoing email server address
<twb> TimReichhart: that's probably what you want.
<TimReichhart> but when I tried that first time I got rejected email
<twb> That'll be because you misconfigured things.
<TimReichhart> well i am using nagios3 so how would i switch that to what your saying?
<twb> nagios3 should just send mail using /usr/sbin/sendmail, which is provided by whatever MTA you are using.
<TimReichhart> well nagios3 came with exim
<twb> Er, no it doesn't.
<twb> Installing nagios3 will probably for *an* MTA to be installed, which *by default* will be exim4.
<TimReichhart> yep
<TimReichhart> that is what im using
<TimReichhart> all i am looking to do is send out email
<twb> Regarding the smarthost settings, you should find something like this on your ISP's website: http://www.internode.on.net/support/guides/email/secure_email/
<TimReichhart> well I know the my isp email server outgoing email server address
<twb> Then the next step is to attempt to inject mail into it directly using netcat.
<twb> e.g. "nc mail.foo.com smtp", which will open a connection, then "HELO" and the rest of the protocol.
<TimReichhart> so can you guide me how to reconfigure the exim
<twb> If it doesn't accept your connection, then you know your connection details are wrong.
<twb> TimReichhart: no, because we don't know if your details are right yet.
<TimReichhart> what is netcat?
<hads> Google will tell you.
<TimReichhart> i just did but im not understanding its saying
<twb> TimReichhart: do "sudo aptitude install netcat"
<TimReichhart> it said its already installed
<twb> OK, so what FQDN and port is your ISP's smarthost?
<chriszf> netcat is the best tool ever.It will make you feel like a hacker.
<twb> chriszf: ahem; socat.
<TimReichhart> well its my isp server is mail.hometowncable.net port 25
<twb> TimReichhart: OK, so do "nc mail.hometowncable.net smtp"
<TimReichhart> I did that and here what I got : 220 mail.hometowncable.net ESMTP IceWarp 9.1.0; Thu, 19 Mar 2009 21:56:08 -0400
<twb> TimReichhart: OK, good.
<twb> Now into that connection, do "HELO Fred".
<twb> It should say helo back.
<TimReichhart> i got 500 command unrecognized "HELO Fred"
<TimReichhart> 5.5.1*
<twb> Hmm, that's odd.
<twb> As for me, I get "550 5.7.1 Permission Denied"
<TimReichhart> nvm I had "" in there
<jmedina> TimReichhart: try with "ehlo domain.com"
<twb> jmedina: that's not necessary for a basic test.
<jmedina> HELO is for SMTP and EHLO for ESMTP
<jmedina> twb: ok
<twb> OK, so we have established that there is an MTA there and it's listening to you, and will probably accept mail.
<orudie> jmedina, hi
<twb> TimReichhart: this is good enough to configure exim4.
<twb> TimReichhart: now do "sudo dpkg-reconfigure exim4-config", IIRC.
<TimReichhart> so how do I configure the exim then
<twb> Note that in general I would recommend postfix or msmtp (according to need) rather than exim4.
<twb> For your case I can't be bothered to argue for them, though.
<orudie> jmedina, so if i cant telnet from home, that means i cant even work on it ?
<TimReichhart> alright what option do i pick? mail sent by smarthost by via stmp or mail sent by smarthost  no local mail
<twb> orudie: you really ought to use either ssh or (if you're abusing telnet) netcat, not the telnet protocol.
<twb> TimReichhart: the former, I think.
<twb> TimReichhart: you want a "satellite", some configuration screens call it
<TimReichhart> when i did that reconfigure first comes up with that  mail sent by smarthost by via stmp or mail sent by smarthost  no local mail
<TimReichhart> any ideas?
<Alex_21> Is Apache's HTAccess turned on by deafault?
<Alex_21> In 8.04?
<Alex_21> I mean .HTAccess files
<Alex_21> In the Apache configuration
<TimReichhart> alright i got it resetup and i sent a test message to my account and still didnt get it
<TimReichhart> you still there twb?
<twb> Yes.
<twb> TimReichhart: look in /var/mail for non-zero files, error messages will probably appear there.
<TimReichhart> alright twb I dont see any errors in there
<TimReichhart> but I dont see the test message when I sent it to my gmail account
<twb> Shrug.
<twb> There's no much else I can do.  You probably want to talk to your ISP's tech support, and to people who use exim4.
<TimReichhart> what should I ask when I speak to my isp tech support?
<twb> TimReichhart: you tell them what MTA you're using, how you configured it, the test mail you tried to send, and that it didn't arrive.
<twb> TimReichhart: but I expect they will probably tell you to fuck off and install Windows.  YMMV, etc.
<twb> I can't really be bothered to help on this anymore.
<TimReichhart> what do you mean you cant be bothered to help?
<twb> It means you're on your own now.
<NetSkay> lol
<NetSkay> thats was funny
<NetSkay> sorry
<orudie> whos around ?
<twb> !anyone > orudie
<ubottu> orudie, please see my private message
<TimReichhart> just remember netskay when he say that to you
<TimReichhart> then it would be more funny
<twb> TimReichhart: hmm?
<orudie> is there a way to change the port number of smtp server ?
<twb> orudie: yes.
<orudie> twb, is it even wise to do that ?
<twb> orudie: generally it is unwinse.
<twb> *unwise.
<twb> orudie: the most common case I can think of is trying to run an MTA when the ISP specifically blocks port 25 and provides no way to enable it.
<orudie> twb, this is exactly my situation
<ScottK> orudie: Changing it won't help.  Even if you talk to a different port, no one will be listening.
<twb> ScottK: unless you futz things around, which is usually not worth the effort.
<twb> orudie: in that case I would normally recommend either getting a business-grade connection (which is good for other reasons), or to farm off your MTA service to a VPS or colo or similar.
<twb> The kind of domestic accounts that typically block port 25 aren't the kind you want to run an MX on anyway.
<orudie> my MTA is on a VPS
<ScottK> If you want to relay via a different port to your MTA on a VPS, that's quite doable.
<twb> orudie: if port 25 is blocked on your VPS, then that's almost certainly something you can call your provider and ask to have changed.
<orudie> port 25 is blocked by my isp, i installed ubuntu server 8.10 and postfix/dovecot on a VPS
<twb> OK, maybe we're using the term "VPS" differently.
<orudie> cant authenticate to smtp server on port 25 from my isp which is blocking it
<orudie> virtual private server ?
<twb> To my mind, a VM is something your run on your own box.  A VPS is something you rent from a company in some datacenter, and you don't deal directly with an ISP.
<orudie> yes, i rent a VPS from linode
<twb> OK, so the misunderstanding is with regards to what's being blocked.
<orudie> port 25 by my home's isp
<twb> Are you trying to connect from your home ISP *to* port 25 at linode?
<orudie> yeah
<twb> OK, then the filthy hack way would just be to use a port forward or tunnel or listen on a different port at linode.
<orudie> hmmm
<twb> e.g. you configure postfix at linode to listen to port 587 (which it probably already does), and then you configure your MTA or MUA at home to send to that port instead of 25.
<twb> I don't know if submission (587) is routinely blocked by jackass ISPs
<orudie> i think it is too :(
<twb> Obviously a better solution would be to switch to an ISP that is less retarded, thereby punishing your current ISP and rewarding good behaviour.
<twb> orudie: OK, so pick something else again
<ScottK> I run a mail service and I've only had a customer have 587 blocked once.
<ScottK> And that was in a hotel.
<twb> For hotels you probably want to just give up and use a VPN anyway
<orudie> how can i find out if my server is configured to listen to on port 587 ?
<ScottK> The reasons to block 25 don't at all apply to 587, so it's probably OK.
<twb> orudie: attempt to connect to it (with netcat).
<ScottK> orudie: What MTA?
<twb> 14:03 <orudie> port 25 is blocked by my isp, i installed ubuntu server 8.10 and postfix/dovecot on a VPS
<ScottK> Postfix it's easy enough.
<twb> You can also run "postconf" to see what the settings are.
<ScottK> The standard main.cf has a 'submission' service commented out that you just need to uncomment and restart postfix.
<twb> I wonder why it's not on by default
<orudie> lemmi try something ... where should i start ?
<ScottK> You'll also probably want SMTP Auth (which is covered in the Ubuntu Server guide)
<twb> submission always struck me as an obvously good idea
<ScottK> Look in the server guide.
<orudie> ScottK, smtp-auth is set up
<orudie> ScottK, i followed the guide entirely
<ScottK> Then it should be just a matter of uncommenting the submission service in master.cf.
<ScottK> (I mistakenly said main.cf the first time)
<ScottK> If you have a firewall you'll need to open that port too.
<orudie> postfix/error[2872]: 0970F8049: to=<cdi@mts.net>, relay=none, delay=132641, delays=132641/0/0/0.01, dsn=4.3.0, status=deferred (mail transport unavailable)
<orudie> anything on this ?
<twb> Sorry, nope
<orudie> actually
<orudie> uncommenting the submission service in master.cf worked very well :)
<orudie> thanx boys
<orudie> i was stuck for good amount of hours on this
<orudie> :)
<orudie> i even called my ISP to tell them WTF they blocking my port 25 for
<twb> orudie: there's a good reason to make 25 blocked by default
<orudie> so i should block it ?
<orudie> i'm talking about the server's side
<twb> ISPs block port 25 by default because otherwise their customers can become zombie spammers
<orudie> should i make it stop listening on port 25 ?
<orudie> oh
<twb> But it should still be opt-in, so that smart people like us can say "yes, please let me run postfix on my Debian network"
<orudie> my isp unblocks ports 25, 80 if you subscribe to the web hosting package for an additionaly 15/month
<twb> BTW, can I make SMTP run over UDP?
<ScottK> There's good statistics that blocking port 25 outbound is a win for ISP spam control.
<ScottK> twb: No.
<orudie> my point is you can unblock it for 15/ month
<orudie> i guess thats worth it for spammers ?
<twb> orudie: you misunderstand.
<twb> orudie: the spammers gain control of Windows users' machines
<twb> orudie: the spammers don't actually own the connection they're using, so they can't pay more money to unblock a port
<orudie> oh yeah
<orudie> thats right
<orudie> i know a guy who is an idiot spammer
<twb> So basically opting in to having an open port 25 means that you are taking reponsibility for not becoming a spambot.
<orudie> imbeds some stupid mailers into the torrents
<twb> orudie: you should report him to the appropriate local authorities
<orudie> heh
<twb> What he's doing amounts to organized crime.
<orudie> i know him for very long time
<twb> That doesn't stop it being wrong.
<orudie> true but i'm not gonna report him
<^law^> guys, i have ubuntu server in my laptop vmware n conected to host only( my laptop), my laptop is connected to interned via pcimca modem card, how can i share the internet connection to my ubuntu server, can help me ?
<orudie> ^law^, which host OS ?
<uvirtbot> orudie: Error: "law^," is not a valid command.
<orudie> ^law^ which guest OS ?
<uvirtbot> orudie: Error: "law^" is not a valid command.
<orudie> god damn your nick
<^law^> host is winxp
<^law^> my laptop os win xp , n i have ubuntu-server in vmware
 * ScottK suspects your odds go up with a less annoying nick.
 * ScottK is headed to bed anyway.
<orudie> did you use bridged networking ?
<^law^> no i use host only
<twb> ^law^: permaplonk, until you change nick
<uvirtbot> twb: Error: "law^:" is not a valid command.
<orudie> ^law^ change your nick will ya ?
<uvirtbot> orudie: Error: "law^" is not a valid command.
<orudie> get rid of the ^^
<^law^> oh
<^law^> ok
<^law^> wait
<orudie> trying to be creative ?
<orudie> :)
<achou> yo i changed oledy
<achou> my nick
<mrbull> achou: lol
<achou> hi mrbull
<mrbull> hey ^law^
<achou> my vmware ubuntuserver connected to my laptop with host only option , n my lptop connected to internet via pcimca modem , then i wanna share the internet connection with my vmware ubuntu server, how to do tat ?
<achou> XD
<orudie> achou, vmware desktop ?
<achou> hmm the 1 i installed is called vmware server
<orudie> achou, which version of vmware did you install  ?
<achou> 1.04
<orudie> achou, were you able to install guest OS ? ubuntu server you said right ?
<achou> ya
<achou> i oledy installed the ubuntu server in my vmare
<orudie> look in the settings of your networking in vmware server
<achou> then?
<achou> i set it to connect to host only
<orudie> what options you see there
<orudie> one of them should say bridged
<orudie> what do the other say
<achou> it has 3 : NAT, bridgeg n host only
<orudie> so try NAT
<achou> then?
<orudie> then restart networking in ubuntu server
<orudie> sudo /etc/init.d/networking restart
<achou> ok
<orudie> ping google.com
<achou> wait i try it now
<orudie> achou, i have to go now, hope that works out for you. I would also suggest to look into http://www.virtualbox.org/ , its similar to vmware just free open source software . You shouldnt have a problem like this with it.
<twitzel> Good evening
<twitzel> I have a problem with udev and multipath-tools that I can't get a handle on in ubuntu server 8.04
<twitzel> I have configured a Dell MD3000 RAID using multipath, the scsi_dh_rdac and mptsas driver
<twitzel> I can see the mapped devices in /dev/mapper/mpath0 .... and I see dm-0 etc in /proc/partitions, but there is no /dev/dm-0 and so devices
<twitzel> I can make the /dev/dm-x devices with mknod and then use kpartx to make the partitions visible in /dev/mapper
<twitzel> But none of this is done automatically on boot as it appears in other distributions. What am I doing wrong ?
<Guest96241> orudie, it's work ican ping google after change it into NAT options in my vmare
<Guest96241> Thanx orudie
<Guest96241> but i don't really understang wat is NAT is XD
<achou> can someone here explain to me wat is it NAT ?
<rdw200169> achou, Network Address Translation
<rdw200169> achou, its a masking system.  There are too many people and not enough IP addresses for all of them.
<rdw200169> achou, in the past, ISP's assigned ranges of IP addresses to subscribers so *more than one* device (router, computer, etc...) could connect to the network.
<rdw200169> achou, obviously, that is not possible anymore.  so, NAT was constructed as a means to rectify this problem.
<rdw200169> achou, basically, ISP's issue only one IP address that is assumed to be assigned to a router.
<achou> then?
<rdw200169> achou, the router (doing what a router does) assigns a local network, usually 192.168.1.0/24
<rdw200169> achou, so, you have the WAN (the IP issued by the ISP) and the LAN, the local network
<rdw200169> achou, now, you need to get a computer on the 192.168.1.0/24 network on the internet
<rdw200169> achou, but there's a problem: 192.168.1.0 is a Private network and the ISP will *not* route those IP addresses
<rdw200169> achou, this is the axe.
<achou> ok so  the router do the NAT stuff
<rdw200169> achou, so, the router does *translation* of traffic.
<rdw200169> achou, when it receives internet-bound traffic from the LAN, it *translates* the information in that packet such that it *seems* that it is coming from the router's assigned ISP IP address
<achou> ic
<rdw200169> achou, and it keeps track of all these connections.
<rdw200169> achou, so when traffic comes back, it remembers who to send it back to in the LAN
<achou> so the network connection between the router to other pc is using NAT?
<rdw200169> achou, not really.  it's more like a 'magic' that takes place b/w the LAN and the WAN
<rdw200169> achou, in the router
<rdw200169> achou, the internet (webservers, ISP, etc...) *thinks* that it is receiving traffic from the WAN IP address assigned by the ISP, NOT the LAN IP address it is actually originating from
<achou> hmm i usually c tat the router is connected ti the hub 1st then the others pc connect to routher through the hub
<rdw200169> achou, hubs and switches are Layer 2 devices and don't fit into this whole thing
<rdw200169> achou, Layer 2 is ethernet, Layer 3 is IP addressing and routing
<rdw200169> achou, routers do Layer 3
<rdw200169> achou, and NAT is primarily concerned with Layer 3
<rdw200169> achou, of the OSI model (wikipedia this)
<achou> ya i've read the theory
<achou> but don't know wat is the implementation in reall live
<rdw200169> achou, of the OSI model?
<achou> ya has 7 layer
<achou> rite
<achou> haha learn it at univ
<achou> but i'm newbie so not really understand the wat implementation in reall live
<achou> then if i want to make a lan that can connect to internet , i need to make router connect to hub n make all pc connect to hub ?
<rdw200169> achou, no.  you can use switches or hubs
<rdw200169> achou, its pretty simple.  you just connect one port of the hub/switch to a router switch port.
<rdw200169> achou, then you connect your LAN subscribers accordingly to the other ports on the hub/switch
<rdw200169> achou, if you need more ports, either get a bigger switch/hub or attach another switch/hub in a daisychain like manner
<achou> oo then all the pc tat connected to LAN can acces internet automatically?
<rdw200169> achou, the router provides DHCP services (if its turned on, which is usually the default)
<rdw200169> achou, generally, you don't have to do anything to get DHCP right, even if you have daisy chained Layer2 devices
<rdw200169> achou, just don't go over 3 links in a chain, otherwise things can get slow...
<rdw200169> achou, this depends primarily on the quality of the hardware, etc...
<achou> hmm
<achou> is there any simulator that can be used to simulate this?
<rdw200169> achou, sort of.  there's stuff like NetSim which can do it.
<rdw200169> achou, but you really don't need them
<achou> since i don't have the physical hardware
<rdw200169> achou, unless you have some very complicated Cisco configurations, etc...
<achou> o so wit netsim i can simulate creating lan that connect to internet ?
<rdw200169> achou, sort of.  but that is an extremely basic configuration thats not worth the time spent simulating it
<rdw200169> achou, what are you trying to do exaclty?
<achou> hmm i just wanna  learn how to build lan tat can connect to internet
<achou> but don't have the hardware so i start thinking using vmare to build a lan
<rdw200169> achou, all you need is an off the shelf router, like a standard linksys wireless router or something
<achou> hmm can i do the stuff i want with simulator?
<rdw200169> achou, *sigh* yes
<achou> can u tell me how?
<achou> or give me so web reference
<achou> some
<jmarsden> achou: network simulation is not really on topic for #ubuntu-server... for basics of how The Internet works, see http://tldp.org/HOWTO/Unix-and-Internet-Fundamentals-HOWTO/
<achou> ok
<achou> is there any software can do the simulation?
<jmarsden> achou: How would any software simulate the Internet???  To simulate a Cisco router there are some simulators out there, but they need a Cisco IOS image... see http://www.ipflow.utc.fr/index.php/Cisco_7200_Simulator for one example.
<achou> ok thx
<Noble>  basicly I can do iptables -P FORWARD ACCEPT and iptables --table nat -A POSTROUTING -o eth1 -j MASQUERADE and block incomming traffic on the ports I dont want accesed from internet?
<Noble> woudl that be secure?
<Noble> *Would
<kraut> moin
<Tuxist> hi
<Tuxist> i have problems with nfs and ubuntu http://pastebin.com/m61aaa0b
<Tuxist> anybody knows a solution ?
<Jeeves__> Tuxist: Never seen that message
<Jeeves__> is that nfsv4?
<Tuxist> yes
<Tuxist> i use a heimdal kdc with openbsd 4.4
<eolo999> hi i'm having weird problems with kvm on hardy... my guestVM shows grub prompt instead of booting; any advice?
<domas> are there any utilities to automate post-install fstab editing? :)
<stefan_can> not that I know of
<rst-uanic> cat, sed?
<rst-uanic> awk, grep, bash?
<stefan_can> good point rst-uanic those are the tools for the job
<oruwork> ScottK, hi
<ScottK> oruwork: Hello.
<oruwork> ScottK, i need to set up mail filter, you think you can assist me with this while i follow the guide ? i tried it before and mail stopped working , thats why i need some support
<ScottK> oruwork: I can probably answer specific questions (as can others here), but I don't have time to walk you through it.
<ScottK> I should be around for the next 6 or 7 hours mostly.
<oruwork> i'm kinda afraid to touch it because its the middle of the work day
<oruwork> its my company's email server
<ScottK> I'll be around mostly tomorrow too.
<ScottK> if it's a production box, don't mess with it now.
<oruwork> k
<oruwork> yeah i was thinking to do it during the weekend
<mrwes> Will 8.04 support this esata card?  Rosewill RC-210 Silicon Image e-SATA PCI Controller Card - Also includes an additional Low Profile Size PCI Bracket - Retail
<oruwork> but i'm sooooo tempted to do this ScottK lol
<oruwork> mrwes, do you mean 9.04 ?
<ScottK> oruwork: Of course, but be a responsible admin and break the system in off hours.
<oruwork> ScottK, :)
<mrwes> no, 8.04 LTS Server edition
<oruwork> ScottK, i'm glad i was able to convice my boss to ditch ISP's mail server
<oruwork> but now he is busting my balls for all the spam
<ScottK> Yes.  As he should.
<oruwork> damn
<phaidros> hi, just to clean my head: grouping of users is only possible with htdigest, not htpasswd, right?
<robertj_> ok guys, fun question. Is there a way to see all files on a system that do not match a presently installed package
<acicula> well yes, you can use dpkg-query to see the list of installed files per package, match it agains a list of all files and presto
<acicula> or use dpkg-query to see if a file is owned by a package or not
<Deevz> How can I upload/download files from my server using ebox?
<robertj_> acicula: thanks
<acicula> dpkg-query -l <package> to list the files owned by a package, dpkg-query -S /path/to/filename to see if it belongs to a package
<acicula> robertj_: mind you this just checks the filename/path, if the file was overwritten or modified it will still show up as belonging to the package
<acicula> not sure if the hash of the original file is stored so you can check for that
<robertj_> acicula: guess I can always extract it and do it that way
<acicula> well, i think the hash is stored, i installed my own libflash at some point and after uninstalling the package the file was left
<acicula> so it at least seemed to have detected modification
<acicula> what do people use to monitor logs and such, i've been using ossec for a bit but it doesnt really aggregate information nicely, there is a webui interface but it needs quite a bit of priviledges to work
<Deevz> acicula: ebox?
<acicula> nah that looks like a full server managment, just need something that monitors connects, filesystem , heavy load on services, that sort of thing
<soren> robertj_: debsums
<robertj_> soren: also tantalizing
<soren> robertj_: Eh?
<robertj_> debsums looks like it does what I need
<robertj_> I also just wrote a very ugly python script to figure out what packages have been installed
<robertj_> installed: nagios-nrpe-server, ubuntu-standard, installation-report, linux-ubuntu-modules-2.6.24-19-server, backuppc, ubuntu-minimal
<robertj_> not sure why installation-report is not a depend of something else htough
<bromic94> [Fri Mar 20 11:12:18 2009] [warn] NameVirtualHost *:0 has no VirtualHosts
<bromic94> that is what i get when i run /etc/init.d/apache2 start
<bromic94> and i can not gain access to my web server either
<bromic94> nvm
<rst-uanic> bromic94: and if you delete :0 ?
<rst-uanic> from the /etc/apache2/sites-available/default
<bromic94> u telling me to do taht?
<rst-uanic> yes
<rst-uanic> either leave NameVirtualHost * or NameVirtualHost *:80
<rst-uanic> but not *:0
<bromic94> i fixed it
<bromic94> thanks!
<rst-uanic> welcome)
<\sh> moins...
<\sh> guys, can somebody confirm, that intrepids grub installer via d-i doesn't work on hp smartarrays? I'm just trying to install intrepid server flavour on one of my hp machines with smartarrays E200i or P400i and it fails..everything is installed, manually I can boot it even from grub boot loader menu...but somehow it fails finding the menu.lst
<\sh> and Launchpad doesn't know anything about it
<rst-uanic> I have servers with e200i running interpid
<\sh> rst-uanic: did you install via CD or netboot? looks like that it strikes me only via netboot
<rst-uanic> \sh: via cd
<\sh> rst-uanic: ok...that matches with my tryouts..cd works but netboot d-i not
<\sh> (only on hps..)
<rst-uanic> and netboot never works?
<\sh> never...(which means, only grub is not installed correctly)
<\sh> but when I enter the root, kernel and initrd lines manually grub boots the kernel et al and after that system is up and running...I'll have to check the installation report or whatever gives me a hint on what goes wrong
<rst-uanic> \sh: have you tried jaunty?
<\sh> rst-uanic: no..but hardy...and hardy works
<rst-uanic> \sh: interesting.. i will try to install one of my hp server using netbook on monday
<\sh> rst-uanic: sounds good :)
<kraut> http://pastebin.com/m5809a418
<kraut> time for happy happy joe joe!
<kraut> GAH!
<\sh> kraut: reproducable? x86 or x86_64 ? ;)
<kraut> \sh: x86 on via epia
<kraut> \sh: actually i couldn't say, the system is more or less dead
<kraut> looks like a reboot
<kraut> bbl, need to reboot :/
<Big_Ham> hey guys
<Big_Ham> Q about PHP/GD ...
<Big_Ham> anyone around?
<kraut> re
<TimReichhart> hey guys I am having problems sending out email using exim
<sparky_> is anyone good with ethtool?  I'm having trouble setting the autoneg to "off".  I have tried it via ssh and it hangs for a while then kicks out the error of  "Host is down" and doing it via the server's screen it seems like it does it but then on further looking at it it is still set to on.  I have also tried restarting /etc/init.d/networking with no success.  I have to reboot the server in order to get acces via ssh agai
<Deeps> you might need to set the speed + duplex at the same time
<sparky_> trying that now via the server's screen but it looks like it is stalling again
<Deeps> are you setting a speed/duplex unsupported by your switch?
<sparky_> no, i'm setting them to what they are already set too
<sparky_> i can't even ctrl-z to stop the stalling right now
<Tarea> if anyone has time can soneome help me with ubuntu 8.10 server  the sound dosent work :)
<MianoSM> you need sound for the server?
<giovani3> MianoSM: plenty of potential reasons, yeah
<Tarea> my woman is bitching she needs the sound
<giovani3> what's the sound for though?
<MianoSM> odd
<giovani3> MianoSM: for example, asterisk
<Tarea> she wants to watch video and play om her pc whiles she is farming in darkfall
<giovani3> Tarea: that doesn't sound like a server
<Tarea> it is but not muuch used :)
<Tarea> i dont think anyone can anwser this so i'll just do something else :)
<giovani3> I don't think you're in the right channel
<Tarea> i've been sent her and there and well if this isint the right channel then wich one is it
<giovani3> where were you that you were told to come here?
<Tarea> ubuntu
<giovani3> well it sounds like you're not running a server
<giovani3> so, I doubt they sent you here unless you told them you were
<MHS_> where can we check the IP's of the network cards?
<giovani3> MHS_: ifconfig
<MHS_> on the terminal?
<giovani3> yes
<giovani3> where else?
<giovani3> you're running a server, no?
<MHS_> yes. I was 99.9% sure that's what you meant to run it under but I rather be safe then sorry
<giovani3> but where else do you interact with your server?
<MHS_> We are just starting the server
<uvirtbot> New bug: #345957 in open-iscsi (main) "iscsid is looking for targets prior to network being available" [Undecided,Incomplete] https://launchpad.net/bugs/345957
<fevel> how can I share my ethernet internet connection through the wireless on my macbook
<fevel> oops sorry... wrong channel
<simplexio> hey.. importand question .. what is the file where i define ctrl+alt+del bahior, i dont find /etc/inittab file
<soren> simplexio: /etc/event.d/control-alt-delete
<simplexio> thanks
<simplexio> when that change happened
<soren> simplexio: In Edgy.
<soren> simplexio: October 2006.
<beawesomeinstead> i've read recently about VCS for config files. is it 'good to have in 15.04' or 'should be done soon' feature?
<mathiaz> kirkland: if you setup an RAID system in the installer, grub should installed to all the disks right?
<kirkland> mathiaz: in most cases, yeah
<kirkland> mathiaz: if /boot is on a raid1
<kirkland> mathiaz: grub should be installed to each disk serving a copy of /boot
<kirkland> mathiaz: i think that's the logic we agreed upon
<soren> That sounds reasonable.
<ivoks> good blog posts
<orudie> ivoks, hi
<ivoks> hi
<orudie> man i need to set up mail filter ivoks
<ivoks> soren: we need to define DIT asap
<jmarsden> DIT could be defined as "Do It Tomorrow" ?  But that may not be helpful :)
<ivoks> it's just the hardest thing to define
<ivoks> but we have to take the bullet and do it
<ivoks> after that we can extend everything...
<ivoks> mail servers, http authentication...
<soren> ivoks: Thanks. I'm glad you like it. :)
<ivoks> soren: both you and thierry write about the same stuff i think
<chriszf> What's this about now?
<ivoks> we should make ubuntu-server a product, not a pool of choices
<soren> ivoks: Yeah, I just wanted to jump onto the wave that Thierry started :)
<ivoks> and "ubuntu-server-advanced" as a pool of choices
<soren> ivoks: And since I had already written min, it was easy :)
<ivoks> who's in favour pushing LDAP as default for.... everything? :)
 * ivoks o/
<ivoks> hehe
<soren> \o/
<soren> I'm so tired that the first time I tried to type  "\o/", it came out "o/~2". Go figure.
<ivoks> hehe
<ivoks> it's 23:33
<soren> I have no clue how that makes sense.
<ivoks> time to kill the lid? :)
<soren> Just a few more e-mails and I'm off to bed.
<soren> But seeing how badly I'm typing, that might take a while.
<ivoks> well, enough for me
<ivoks> good night
<soren> Good night, ivoks.
<soren> Have a good weekend.
<ivoks> yeah, a working one :)
<ivoks> you too soren
<AnArrayfulOfPerl> What do i tell my domain registrar to use as my nameserver? just my ip?
<tonyyarusso> I'm looking for a way to have my contacts information stored on a central server so as to avoid discrepancies between computers and for better availability / easier maintenance.  It's just for personal use.  Would an LDAP address book be a good approach for this?  (As an aside, I'd love it if I could define custom fields.)
<charlesatlas> Could anyone lend me a hand with how to install Dansguardian?
<tonyyarusso> AnArrayfulOfPerl: That depends on how you have things set up.  Usually people will use nameservers offered by their registrar.
<AnArrayfulOfPerl> i want to have my own DNS.
<AnArrayfulOfPerl> my registrar has shitty DNS servers
<jmarsden> AnArrayfulOfPerl: Then run your own DNS servers and tell your domain registrar that your domain uses those servers...
<AnArrayfulOfPerl> k
<jmarsden> You'll need two separate machines on two different static public IPs ... but you probably already know that.
<Deeps> not /need/
<charlesatlas> I figured it out....
#ubuntu-server 2009-03-21
<TimReichhart> can anybody tell me if I can tell if msmtp is working on my ubuntu server
<AnArrayfulOfPerl> what ports do i need to forward to use a dns server inside my router
<AnArrayfulOfPerl> what ports do i need to forward to use a dns server inside my router
<orudie> hi
<roy_hobbs> I'm having trouble configuring Dovecot for GSSAPI, where am I supposed to specify the hostnames of my KDCs?
<jmarsden> roy_hobbs: Probably /etc/krb5.conf ?  Do you have a working Kerberos realm already?
<roy_hobbs> jmarsden: ah damn, i shoulda thought of that =(
<roy_hobbs> i suppose i need to install the krb5-user stuff - anyone know?
<jmarsden> http://www.alittletooquiet.net/text/kerberos-on-ubuntu/ may be of help
<roy_hobbs> Well, i've done all that on my workstation, now i'm trying to configure the imap server.  i don't think the PAM and NSS stuff is necessary
<jmarsden> OK, so your workstation can already authenticate you using Kerberos for some other service(s), such as shell logins?  If so, then the file /usr/share/doc/dovecot-common/wiki/Authentication.Kerberos.txt may be all you need??
<roy_hobbs> Hmm, that seems to have partially worked
<roy_hobbs> Well, I was using this: http://wiki.dovecot.org/Authentication/Kerberos
<roy_hobbs> but thunderbird is telling me that the server doesn't support secure authentication
<jmarsden> Try telnet to port 143 and see what capabilities the IMAP server thinks it has, maybe?
<roy_hobbs> i think that it worked, the problem might be my ldap setup now
<roy_hobbs> for the userdb stuff
<jmarsden> Could be.  Is https://help.ubuntu.com/community/SingleSignOn any help with that??
<roy_hobbs> i meant dovecot's ldap settings
<roy_hobbs> kerb and ldap work fine, i have pam authenticating with kerb, and nss pulling from ldap, logins, homedirs, shells, all that works fine
<jmarsden> Oh, then you are (in theory) very close indeed to working setup :)
<jmarsden> /usr/share/doc/dovecot-common/wiki/UserDatabase.NSS.txt any use?
<roy_hobbs> I think I want to use LDAP as my user database
<roy_hobbs> I just want to be careful not to try to double authenticate (once to kerb, then again to ldap)
<roy_hobbs> jmarsden: do you have a similar setup?
<jmarsden> No; I had a server that did something similar running RHEL but it was at least a couple of years ago...
<roy_hobbs> eh, now i broke something else.  ohwell
<roy_hobbs> Mar 21 02:10:02 imap dovecot: auth(default): LDAP: Can't connect to server: ldaps://ldap.example.loc
<roy_hobbs> Mar 21 02:10:06 imap dovecot: imap-login: Internal login failure (auth failed, 1 attempts): user=<user.name>, method=GSSAPI, rip=192.168.1.152, lip=192.168.1.41
<roy_hobbs> user.name is the kerberos principal i have a ticket for on the client though, not the "dn" setting
<AnArrayfulOfPerl> bind fails to start, help me!
<ropetin> Does it log anything as to why it doesn't start?
<quizme> hello, i'm running crontab -e, but it doesn't seem to be working
<quizme> root      3867  0.0  0.0   3480  1020 ?        Ss   Feb02   0:00 /usr/sbin/cron  <--- cron seems to be running
<gnu_dio> Hi, I have a Hardy server that I have some php code that emails logs on. The problem is that the emails aren't getting sent (it's not a php problem, I think it's an exim4 config problem) here's the /var/log/exim4/mainlog http://pastebin.ca/1366982   any ideas?
<nyad> hello, I am trying to host online games. people can see my games but cannot join, all worked in 8.04 but in 8.10 people cannot join like they could with 8.04. I have disabled ufw and my routers ports are forwarded
<nyad> what other things could be stopping people from joining my games?
<nyad> although my platform is the Desktop edition, my question pertains to networking and in essence is a server, so plz dont ignore if you think it is off topic
<acicula> left already?
<nyad> hi im back
<nyad> must I repeat my question or did you get it?
<nyad> hello anyone alive?
<nyad>  hi im trying to host online games. I could do it fine in 8.04 but in 8.10 people can't join my game yet they can see it. I have turned off ufw and my router ports are forwarded. What has changed in 8.10 that no longer allows me to host?
<kraut> moin
<nyad> moin?
<Kamping_Kaiser> nyad, hes saying morning :)
<acicula> nyad: what game?
<Kamping_Kaiser> nyad, you may not have provided enough information for people to help, or its possible here no one runsa  game serer :)
<Kamping_Kaiser> *runs a game server
<acicula> guessing it's your router or a misconfigured game?
<nyad> warcraft3 with wine, I doubt that wine is the problem here though
<nyad> I can host in windows so its not router
<nyad> game is taken directly from the windows install so game is not misconfigured
<nyad> it all worked in previous 8.04 so im assuming something from 8.10 has been added and is now in the way
<nyad> it mimics the problem one has when you host with windows firewall turned on, so im guessing its the ufw firewall. which I have disabled, so im fresh out of ideas now
<Kamping_Kaiser> sounds like an #ubuntu question to me.
<nyad> they told me to come here coz they said you guys know networking better
<acicula> can you join other games?
<nyad> ya
<nyad> can do everything but host
<nyad> so it sounds like 8.10 is not forwarding packets properly, could it perhaps be a configuration in the kernel, im sure ive seen a IPv4 packet forwarding option somewhere
<Nafallo> forwarding shouldn't be necessary for what you try to do.
<domas> hehe, I attempted merging in apparmor to 2.6.28 manually :)
<domas> no-go
<domas> I'd love apparmor to be part of stock kernel :)
<acicula> i thought it was?
<acicula> oh i'm using server 27, it's in there
<acicula> at least i am using profiles there
<domas> apparmor so far is just suse/ubuntu manual merges
<acicula> ah like so
<domas> I reported serious apparmor bug recently
<domas> and it went ubuntu->suse path
<acicula> are you patching manually or can you get it patched via git?
<acicula> domas: think novell or suse are maintaining apparmor?
<domas> was trying manually
<domas> yeah, novell
 * domas points to https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/329489/
<domas> :)
<uvirtbot> Launchpad bug 329489 in linux "locks on unlinked files leak memory in apparmor" [Medium,Fix committed]
<acicula> maybe try the git tree, i'm not much help, havent compiled a kernel in years
<domas> ghm, good idea, I should backport jaunty kernel :)
<domas> what is the easiest way to fetch kernel source from jaunty? :)
<acicula> git?
<acicula> or apt-get source, but i think using git is nicer
<domas> launchpad doesn't provide git
<domas> or does ubuntu kernel team have their own git repo? :)
<acicula> dunno, lets ask google :)
<acicula> https://wiki.ubuntu.com/KernelGitGuide
<acicula> google says yes :)
<acicula> git://kernel.ubuntu.com/ubuntu/ubuntu-jaunty.git
<domas> ha!
<domas> I wonder if distribution patches go there, should check
<acicula> distribution patches?
<acicula> you mean the ones applied by ubuntu?
<domas> ye
<domas> damn, git doesn't support proxy specifications, damnit
<domas> and here google gives same thing what I tried, env http_proxy=... which fails :)
<acicula> upper case maybe?
<domas> nah
<domas> it uses http_proxy just for http:// links
<domas> and doesn't use neither http/https for git:// (though CONNECT works)
<domas> omg, UBUNTU: SAUCE: forcedeth: msi interrupt fix
<domas> if only that would hit hardy :)
<domas> heh, my bug is happy though, one of last fixes for new hardy kernel: http://kernel.ubuntu.com/git?p=ubuntu/ubuntu-hardy.git;a=shortlog
<nyad> hi what is the <super> key in compiz?
<nyad> for keyboard shortcuts
<nyad> sorry wrong channel
<mrwes>  I have a simple ubuntu file server that shares files with Windows machines, I'm going to install ClamAV, should I just schedule a cron to scan the samba shares or run Clam-daemon?
<ivoks> yes
<mrwes> yes what?
<mrwes> daemon or cron?
<mrwes> seems cron would suffice
<domas> well, the cost will be nearly same
<domas> unless you have lots and lots of changes to certain files
<mrwes> hrmm...no, mainly addtions
<mrwes> does it do smart scans, that is only scan files if the time/date stamp has changed?
<lex> hola
<lex> hello
<Trae> What is a good, easy way to backup an Ubuntu Server?  I've googled and looked at several different methods.  But, I'd like it to be as easy of a solution as possible.  Plus, I need the full system backed up.
<Deeps> !backup
<ubottu> There are many ways to back your system up. Here's a few: https://help.ubuntu.com/community/BackupYourSystem , https://help.ubuntu.com/community/DuplicityBackupHowto , https://wiki.ubuntu.com/HomeUserBackup , https://help.ubuntu.com/community/MondoMindi - See also !sbackup and !cloning
<furicle> Boy - that mondo info link is out of date.  I guess I'll have to update it some....
<furicle> !cloning
<ubottu> To replicate your packages selection on another machine (or restore it if re-installing), you can type Â« aptitude  --display-format '%p' search '?installed!?automatic' > ~/my-packages Â», move the file "my-packages" to the other machine, and there type Â« sudo xargs aptitude --schedule-only install < my-packages ; sudo aptitude install Â» - See also !automate
<orudie> ScottK,
<orudie> hi
<furicle> !sbackup
<ubottu> sbackup is a tool to create complete and/or incremental backups (which can be scheduled to be automatic, and can be done over a network). It is available in !Universe
<axisys> anyidea why my server is rebooting ? i tried reboot command twice as root
<axisys> is not rebooting
<axisys> here is the dmesg http://pastebin.com/f13510a89
<axisys> Broadcast message from iqbala@improvise (/dev/pts/1) at 13:12 ...
<axisys> The system is going down for reboot NOW!
<axisys> but is not rebooting
<axisys> i am using /dev/ttyS0 to connect to my ibm netvista server (ubuntu) from my laptop (ubunut client) using minicom .. but nothing on the screen.. any help would be appreciated
<giovani3> axisys: well clearly you'd need to configure that terminal first, did you do that?
<axisys> giovani3: i have the minicom setup.. i am not sure what u meant by terminal
<giovani3> axisys: that's a serial console ... the computer you wish to connect TO has to be told to provide a shell on that terminal ...
<giovani3> the serial port can be used for many things
<axisys> giovani3: sorry i am a newbie.. i have been using this same minicom setup for a while to connect to servers at work.. but i never played with a ibm netvista server
<giovani3> sigh
<giovani3> you need to configure serial console access both in your bios (if you want that), and in the OS: https://help.ubuntu.com/community/SerialConsoleHowto
<giovani3> serial consoles don't just work out of the box, unless the distro has configured it to
<axisys> giovani3: i have the ibm bios and what changes do I make there? I do not see anything says enable com1 redirect
<giovani3> axisys: this is a channel for ubuntu server
<giovani3> not for ibm support
<giovani3> contact ibm
<axisys> giovani3: i was hoping to get some help with BIOS redirect to minicom.. i doubt ibm would know. hehe
<axisys> giovani3: thanks anyways
<giovani3> yes, ibm will know
<giovani3> it's their bios
<giovani3> your bios' support of, or lack of support for serial console is not related to ubuntu
<axisys> giovani3: but calling ibm for support will probably cost a lot .. this is my cheap 150 ibm netvista refurbished server
<giovani3> axisys: then google should be a resource you learn to use
<axisys> giovani3: no it is not.. thanks for your help
<jmarsden> axisys: I'd guess that if there is no setting for it, then your machine does not support BIOS redirection to the serial port, so you can't do that.  But that's just a guess.  If you have a manual for the BIOS then try reading that...
<giovani3> sometimes a bios upgrade will offer newer features
<axisys> giovani3: true
<axisys> jmarsden: thanks
<axisys> let me see what kind a bios related info out there.. with coreboot available for use for newbies
<jmarsden> np.  For basic console redirection you don't *need* BIOS redirection anyway... it's just good to have it it *is* supported.
<axisys> s/with/wish/
<axisys> i always have to borrow my gf's monitor and power supply to see what happend to bios ..not too often .. but it would help..
<giovani3> axisys: for older machines, if you can't use serial console -- you can buy a cheap kvm switch
<giovani3> so that you don't need to borrow monitors, etc
<axisys> is there any cheap pci card that I can put in for a SP access like X4100s
<giovani3> on modern machines ... IPMI/KVMoIP is best
<giovani3> not cheap ... but yes, pci cards exist
<giovani3> http://www.realweasel.com/pcivga.html
<giovani3> they probably cost more than your server did
<JanC> take care with cheap kvm switches (some can blow up your monitor)
<giovani3> really? never had a problem
<axisys> giovani3: looks like I have the newer bios
<JanC> giovani3: there have been some (too) cheap ones on the market that could cause peaks on the VGA cable
<axisys> giovani3: this url http://www-307.ibm.com/pc/support/site.wss/document.do?lndocid=MIGR-42952 24KT55A
<axisys> that is what I have
<axisys> per dmidecode
<giovani3> axisys: ok? like I said ... we can't help ya with your bios
<giovani3> it was just a casual recommendation to verify that you have the newest version
<atomic__> !cloning
<ubottu> To replicate your packages selection on another machine (or restore it if re-installing), you can type Â« aptitude  --display-format '%p' search '?installed!?automatic' > ~/my-packages Â», move the file "my-packages" to the other machine, and there type Â« sudo xargs aptitude --schedule-only install < my-packages ; sudo aptitude install Â» - See also !automate
<axisys> giovani3: casual comment too :-)
<axisys> giovani3: i am not trying to piss u off my friend .. just making comments
<axisys> giovani3: isn't it suppose to be ttyS0 in the kernel command in this file
<axisys> https://help.ubuntu.com/community/SerialConsoleHowto
<axisys> since the /etc/event.d/ttyS0  is created
<giovani3> axisys: paste the line you'er talking about
<giovani3> you're*
<axisys> kernel          /boot/vmlinuz-2.6.10-5-386 root=/dev/hda1 ro quiet splash console=tty0 console=ttyS0,115200n8
<axisys> the first console=
<giovani3> it's outputting to the first terminal, as well as serial
<giovani3> what's wrong?
<giovani3> console=ttyS0,115200n8
<giovani3> that's clearly defining the serial console, like you wanted
<axisys> oh ok ... i did not know u can send it in two places at the same time.. thnx
<axisys> giovani3: cool! i can now see the console !!
<axisys> from the grub and onward..
<giovani3> axisys: yes, that's all that will be possible without bios support
<axisys> giovani3: now the grub menu was prompting press any key to start.. is there a way to autoboot w/ hitting a key ?
<axisys> terminal --timeout=15 serial console  this line need change for that?
<giovani3> axisys: grub, in ubuntu, by default doesn't require you to hit a key to boot
<giovani3> it requires that you hit a key to stop the normal autoboot process
<axisys> Press any key to continue is filling up the screen
<axisys> oh i see for 15 secs .. since the timeout is 15
<axisys> 3) When you next reboot, the output from grub will go to the normal console unless input is received from the serial port. Whichever receives input first becomes the default console. This gives you the best of both worlds.
<axisys> now I see why
<axisys> i want to have access to my home server from work.. so I setup a port forward like this ssh -R8022:localhost:22 remotehost .. but to make sure it does not die i setup autossh and using that to make the connection alive always... but to make this connection stick a reboot I have a rc script which only does `exec autossh -R8022:localhost:22 remotehost' .. but then it ssh to remotehost and stuck there..  Manually I open a screen, make the 
<giovani3> axisys: what is the purpose of ssh tunneling your ssh session?
<giovani3> why not just run your ssh server ... and forward port 22?
<axisys> home# ssh -R8022:localhost:22 work   then work# ssh -p8022 0
<axisys> giovani3: cheap vpn
<giovani3> axisys: it's not a vpn
<giovani3> you're only forwarding ssh
<giovani3> it makes no sense
<axisys> giovani3: i dont want any inbound traffic to my home .. so I am doing the port forward ..
<giovani3> the traffic is still inbound
<giovani3> that's how data gets from outside your network to inside
<axisys> giovani3: but only my work computer has access to it.. it is not listening for any inbound traffic
<giovani3> I'm aware
<giovani3> it's a silly, overcomplicated setup, that adds negligible, if any security
<axisys> giovani3: it is working fine actually.. minus the reboot part that i still need to hash out
<giovani3> I didn't say it wouldn't work ...
<giovani3> have fun
<theshadow> I've tried just about everything I can think of to remove apache. From apt-get remove apache2 to apt-get autoremove apache2 and apt-get remove --purge apache2 But when I attempt to reinstall apache2 none of the /etc/apache2 files are being installed.
<theshadow> can anyone hlep?
<axisys> how do I have that command run within init script so it sticks the reboot?
<giovani3> thefish: dpkg -l | grep apache shows nothing (after you uninstalled it)?
<theshadow> giovani3: ty! is there a reason why apache2 isn't a meta package encompassing the others?
<giovani3> thefish: it is a metapackage
<giovani3> sorry, theshadow*
<giovani3> "Description: Apache HTTP Server metapackage"
<acicula> reinstalling the meta package just reinstalls the meta-package
<acicula> not the packages it pulls in
<tzd> hi, will an upgrade from 8.04 to 8.10 mess up my email server and other server configs please?
<jmarsden> theshadow: Try removing and then installing apache2.2-common since several of the files under /etc/apache2 belong to it
<jmarsden> tzd: Upgrading to 8.10 shouldn't "mess up" things, but backing up your config files regularly would be a wise thing to do anyway, if they are at all important to you.  So back them up first!
<axisys> got it! http://pastebin.com/f165547f8
<tzd> jmarsden: ok will do. :) Thanks! Turns out i actually had 8.10... was sure i had 8.04 ;P
<jmarsden> tzd: OK.  cat /etc/lsb-release will tell you which release you have installed :)
<tzd> unfortunately I'm stuck with my problem... I'll try posting it here as well... i've got a problem with my pxe booting ubuntu server. When the client is about to download the files on the iso it gets a 404 error. I've checked the path and for some reason it's referring to "hardy" instead of the iso's "intrepid" version. How do i change this please?
<tzd> jmarsden: neat ;) Very useful stuff! Cheers
<nyad>  hi. my ubuntu 8.10 rejects everything that tries to connect to it. I want to turn this off. I have disabled ufw. yet my pc still refuses to let apps connect to my machine. how do I allow all connections?  ( i know this is a insecure idea)
<Deeps> iptables -nvL, check your default input and output policy, as well as if you have any rules defined. pasting the output of that and/or iptables-save to a !pastebin may be of use too
<nyad> http://pastebin.com/d1bb8fb32
<Deeps> sounds like it's accepting inputs, can you ssh in?
<nyad> ssh: connect to host 10.0.0.100 port 22: Connection refused
<Deeps> cat /etc/hosts.deny; anything there?
<nyad> empty
<Deeps> netstat -anp|grep ssh
<Deeps> (is sshd even running?)
<nyad> I put  ALL: ALL into /etc/hosts.allow
<Deeps> is sshd even running? netstat -anp|grep sshd
<nyad> it is now
<nyad> ssh works
<Deeps> demonstrating that there's nothing actually blocking inbound connections
<Deeps> and your services simply arent running
<nyad> not exactly
<Deeps> what other services appear to be blocked?
<nyad> the main problem is that when I host LAN games other people cant connect to my games
<Deeps> is there any other firewalls or routers between your server and your clients?
<nyad> we are using a router, however my other pc can host and I can join. yet when I host, the other pc cant join
<Deeps> what function is the router performing? can you draw a small picture of your network map?
<nyad> well its basically functioning as a hub, im not sure if that's what you meant by 'network map'   (the layout of the network?)
<Deeps> so there isn't a router between your 2 machines? both machines are on the same physical network, in the same subnet
<Deeps> ?
<nyad> yes
<Deeps> both machines running ubuntu?
<nyad> no
<nyad> one is windows
<Deeps> and the windows one running the server works, but the ubuntu one running the server doesn't?
<nyad> ya
<Deeps> ok, simply put, the problem's at the application level; the application you're trying to run as a server isn't working correctly under linux
<Deeps> there is nothing in your current ubuntu configuration (As far as i can see, and as far as we've been able to demonstrate) that is preventing any connectivity
<Deeps> so either you've misconfigured your application, or it's buggy and doesn't work.
<Deeps> what is the application?
<Deeps> have you tried running it, and then running netstat -anp to see if it's running, what IPs it's bound to, and what ports it's listening on
<nyad> im running warcraft 3 through wine. this has worked in 8.04 yet now in 8.10 it doesn't. I have tried different wine versions as well
<Deeps> completely off topic for #ubuntu-server i'm afraid, we dont deal in anything relating to X
<Deeps> you're probably best off asking in a WINE specific channel
<nyad> alright. i just felt it must be my ubuntu blocking it since I thought I had tried all the other possible points of breakdown
<Deeps> it's not anything at the system level, as far as we've checked and demonstrated
<Deeps> so it's possibly an issue with the version of wine, or anything else it depends on
<nyad> alrighty. thank you for your time. at least you've helped confirm that it's not ubuntu stopping me
<Deeps> np, good luck!
<uvirtbot> New bug: #346535 in php5 (main) "pecl install SPL_Types many problems" [Undecided,New] https://launchpad.net/bugs/346535
<Begs> i am having some trouble with my server and i was wondering how i convert file permissions from 6755 to 0755 as chmod 0755 .... doesnt seem to work
#ubuntu-server 2009-03-22
<jmarsden> Begs: sudo chmod 0755 somefile   # In other words, make sure you have root privileges when running the chmod ?
<moz_> anyone know why my USB wireless connection seems to be disconnecting when I changed my port forwarding configuration on port 80
<moz_> every single time I change it, it disconnects
<sparky_> Ok, so I have a raid 5 setup on a 8.04.2 home server.  I added another drive to it and it is in the process of reshaping.  I have uped the speed_limit_min from 1000K/s to 10000K/s but I only see a raise in speed from 1500K/s to 3700K/s.  From what I have found thur google it should have increased alot more the just 1200k/s and I have tried other speeds too (lower and higher values).  The max is set at 200000K/s, any sugge
<giovani3> maybe your cpu is maxed out?
<sparky_> nope, i have ran top and have been watching the cpu and the most usage that happens is about 2 or 3%
<giovani3> run "vmstat 5 5"
<giovani3> and paste the output at www.pastebin.ca
<sparky_> http://www.pastebin.ca/1367716
<giovani3> this is while it's rebuilding raid?
<sparky_> correct
<sparky_> it has been building for about 24hrs now
<giovani3> yeah, honestly, I don't know -- that seems odd, how little disk traffic there is
<giovani3> sorry I can't be of more help
<sparky_> so vmstat is for diskusage?
<giovani3> no, vmstat shows a variety of things, as you can see from the column headers there
<giovani3> it shows memory, disk io, cpu usage, etc
<sparky_> my raid is reshaping not rebuilding would that matter any?
<sparky_> while my raid is reshaping would it be a bad idea to copy files to it, would the reshaping take longer?
<sparky_> also, if i shutdown my server in the middle reshaping will it resume reshaping after the start up or will start reshaping from the begining?
<JanC> it will probably take a little longer
<JanC> not sure about rebooting while the reshaping is busy though
<sparky_> ok, thx
<AnArrayfulOfPerl> my dns server works fine when i call it by it's internal name but is does not work when i call it by my outside ip address. what's wrong?
<twb> AnArrayfulOfPerl: why would your DNS server be providing DNS services to the WAN?
<AnArrayfulOfPerl> cause my domain's registrars' DNS servers ar shitty
<bitsbam_> hey all
<AnArrayfulOfPerl> my dns server works fine when i call it by it's internal name but is does not work when i call it by my outside ip address. what's wrong?
<bitsbam_> hey again
<twb> AnArrayfulOfPerl: I would not expect a DNS server to listen to upstream interfaces.
<AnArrayfulOfPerl> i mean i am having my modem forward DNS to my server and it does kinda work
<twb> AnArrayfulOfPerl: what are you actually trying to achieve?
<AnArrayfulOfPerl> my domain's registrars' DNS servers are shitty and i have a very nice network connection so i would like to host my own DNS server
<twb> AnArrayfulOfPerl: do you mean hosting a cache of an upstream DNS server, or do you mean hosting the A record for your own machine?
<AnArrayfulOfPerl> hosting the A record for my own machine
<twb> I don't know why you'd bother.  Just use zonedit or dyndns or whatever.
<AnArrayfulOfPerl> because i already have a domain and i don't want to have to pay for DNS
<twb> zoneedit claims to be gratis for the first few domains.
<bitsbam_> hey all
<AnArrayfulOfPerl> k, i never have heard of zonedit
<timburke> everydns also works nicely
<AnArrayfulOfPerl> k
<timburke> run by the same guy who started opendns
<AnArrayfulOfPerl> i wuv opendns
<bitsbam_> i use zoneedit
<bitsbam_> never had a complaint
<bitsbam_> how long can a MySQL replication slave be down before it might be a problem re-syncing with the master?
<twb> Dunno; I tend to prefer postgres or, for toys, sqlite.  You could try #mysql.
<bitsbam_> right, will do
<BentFranklin> 3:45 I have Kubuntu 8.10.  I want shell scripts to be able to send emails.  Do I need sendmail?  What else?
<twb> BentFranklin: you need a mail transport agent.
<BentFranklin> Hi twb!
<BentFranklin> Ok, all I need is the client stuff.  The mails erver is one my ISP
<BentFranklin> Maybe I just install Thunderbird?  I suppose there is a way to control it from command line.
<ropetin> You can use Mutt to send E-Mails from the CLI, might do what you want
<twb> BentFranklin: thunderbird is an MUA, not an MTA.
<AnArrayfulOfPerl> Telnet and google ;-)
<twb> In theory, MUAs are not supposed to speak SMTP natively; they are supposed to rely on an MTA on the localhost to accept and relay the mail.
<twb> Unfortunately Outlook and friends have started a trend of doing SMTP inside the MUA, meaning that only end users (and not scripts) can send mail.
<ropetin> But any modern MUA does talk SMTP, even Mutt these days
<AnArrayfulOfPerl> Telnet and google
<twb> This is particularly bad if e.g. SMART or cron errors rely on emailing you to notify you of problems.
<ropetin> AnArrayfulOfPerl: mailfrom:<me@myserver.com> ?
<BentFranklin> Yes, I want messages from cron jobs
<ropetin> rcpt to: :)
<AnArrayfulOfPerl> yes
<ropetin> Old school :)
<twb> AnArrayfulOfPerl: you cannot use netcat (or if you really insist, telnet) to inject mail into gmail unless you can speak SSL by hand.
<twb> BentFranklin: you will want to install an MTA, then.  This will provide a file /usr/sbin/sendmail which scripts will use to forward mail to the appropriate person.
<twb> Of the two MTAs in the `main' category, I would recommend postfix over exim4.
<AnArrayfulOfPerl> Sorry i've not been in serverey stuff for a looooooooooong time think perl 2 ;)
<BentFranklin> So, sendmail is an email server?  Or do I tell it the IP of my SMTP server?  Or both?
<ropetin> No love for qmail? :)
<AnArrayfulOfPerl> more like qfail
<twb> BentFranklin: I don't know what an "email server" is.
<twb> BentFranklin: sendmail is a mail transport agent (MTA).  All Unix MTAs provide a file "/usr/sbin/sendmail", which bears only historical ties to the sendmail MTA.
<ropetin> BentFranklin: the problem is most people these days don't understand really how email works, so the idea of an 'email server' isn't really valid
<BentFranklin> Interesting...
<twb> BentFranklin: you probably want to configure your MTA to forward all outbound mail to a "smart host", and to not accept inbound mail at all.
<twb> BentFranklin: that "smart host" will be your ISP or company mail server.
<ropetin> AnArrayfulOfPerl: I agree with the qfail comment, but I spent so long supporting it I know bunches of little tricks for it, so it ends up being easier for me to use than postfix
<ropetin> exim gave me hives just reading about it, so I never really tried it
<BentFranklin> I'm going to try postfix.
<kraut> moin
<CarlFK> u-server.. I am trying to mount a external drive.  so that the user can write to it.  I can mount it, but touch: cannot touch `/media/sdc1/x': Permission denied
<CarlFK> /dev/sdc1 on /media/sdc1 type ext3 (rw,noexec,nosuid,nodev,user=juser)
<orudie> ScottK, around ?
<giovani3> CarlFK: right ... you don't have permissions
<CarlFK> giovani3: I chmoded the mount point before it was moutned.  that reall makes a difference?
<giovani3> CarlFK: ext3 has permissions inside of it ...
<giovani3> ls -l /media/sdc1
<giovani3> and paste the output on www.pastebin.ca
<CarlFK> oh, sorry - got it working
<orudie> hi i'm trying to set up mail fliter get this error http://pastebin.com/m5887ecda
<orudie> giovani3, ...
<orudie> http://pastebin.com/m6ded6e4d
<orudie> i'm at this guide trying to set up mail filter https://help.ubuntu.com/8.10/serverguide/C/mail-filtering.html
<orudie> i removed the user
<orudie> but i guess not entlirely ?
<giovani3> I guess not ... why did the user exist in the first place?
<orudie> because this is the second time i'm following this guide
<orudie> remember ?
<orudie> i had problems before
<giovani3> no, of course I don't remember
<orudie> ok
<giovani3> sudo grep -i amavis /etc/passwd
<giovani3> run it
<orudie> ok i did
<giovani3> any results?
<orudie> yeah shows system user
<giovani3> guess you didn't remove the user then
<orudie> i did deluser amavis
<orudie> ok now i did
<orudie> giovani3, http://pastebin.com/m303bd229
<giovani3> sounds like you've completely messed up your system
<giovani3> I can't help you
<giovani3> maybe someone else here can
<orudie> completely messed up my system ?
<orudie> here is the entire output
<orudie> http://pastebin.com/m439715da
<orudie> messed up my system? the only commands i run are were from this guide
<orudie> can spamassassin be set up without antivirus ?
<ivoks> spamassassin doesn't do antivirus at all
<l337ingDisorder> Can anyone help? I'm running ubuntu server and I've installed the partimage-server package. Everything works when I run it manually, but I'd like to have it automatically run on startup. I can find how-to's for running on startup for gnome, but with ubuntu server there's no gnome.. Does anyone know how to auto-run a program with the command-line-only Ubuntu Server?
<ivoks> l337ingDisorder: /etc/rc.local is your friend
<l337ingDisorder> awesome, thanks :)
<l337ingDisorder> and that'll run even if no one has logged in yet?
<orudie> ivoks, hi my friend
<ivoks> l337ingDisorder: open it and read it :)
<l337ingDisorder> ivoks: Hmm.. seems to imply that runs at the END of the runlevel.. I need this to run when the system starts up, not when someone logs out
<l337ingDisorder> not when someone logs in either, just when the system first starts up
<ivoks> l337ingDisorder: so, you really don't know what runlevel is, right?
<ivoks> linux has runlevels
<ivoks> 0 1 2 3 4 5 6
<ivoks> 0 is shutdown
<l337ingDisorder> well I have a vague understanding.. runlevel 0 = off, 1 = root, etc
<ivoks> 1 is single user
<ivoks> 6 is reboot
<orudie> ivoks, http://pastebin.com/m439715da
<ivoks> others are available for customization
<ivoks> to make story short, user can't even login before the end of runlevel
<ivoks> so, /etc/rc.local is really what you want
<l337ingDisorder> but I would tend to think the "end" of the runlevel would be when the system finishes that runlevel (ie, if I was logged in as runlevel 5, which I believe is standard, then that runlevel would end when I log out). Is that incorrect?
<orudie> ivoks,  chown: invalid user: `clamav:adm'
<ivoks> l337ingDisorder: you don't log into runlevel
<ivoks> runlevel runs
<ivoks> ends and then users can login
<l337ingDisorder> ahh ok
<ivoks> check /etc/rc2.d/
<l337ingDisorder> thanks :)
<ivoks> 2 is default runlevel in ubuntu
<ivoks> when everything from /etc/rc2.d/ is finished, users can log in
<ivoks> notice that last is 'starting rc.local'
<l337ingDisorder> last question.. if I want to execute something with rc.local do I need 'exec' at the beginning of the line?
<ivoks> no
<orudie> ivoks, do you feel like helping today ?
<ivoks> 'ivoks, do you feel like doing my job?'
<orudie> lol
<orudie> i just need to set it up and forget about it
<ivoks> that's worst thing you can do
<ivoks> so,you don't want antivirus,but still, you install it
<ivoks> why?
<orudie> i mean for forget about it for now
<orudie> i dont know if i need antivirus for mail
<l337ingDisorder> ivoks: thanks eh!
<ivoks> well, do you get viruses over email?
<orudie> but surely spamassassin i need to have set up
<ivoks> fighting spam is more complex than just installing spamassassin
<orudie> i would imagine
<orudie> so should I go on with the guide ?
<ivoks> yes
<orudie> next command is this sudo apt-get install dkim-filter python-policyd-spf
<orudie> should i run it ? i'm afraid its gonna give an error i tried it before
<ivoks> well, you didn't finish installing amavis and clamv
<ivoks> people don't read these days?
<orudie> ivoks, i'm just really stuck
<orudie> this stuff is totally new to be but yet it needs to get set up
<ivoks> then install clamav
<ivoks> sudo apt-get install amavisd-new spamassassin clamav
<orudie> ivoks, http://pastebin.com/m5b7f4dba
<orudie> chown: invalid user: `clamav:adm'
<orudie> ivoks, this talks about this error http://bit.ly/Qc9x
<orudie> ivoks,  should i do sudo adduser --system --no-create-home --disabled-password --disabled-login --shell /bin/false --group --home /var/lib/clamav clamav
<ivoks> yes
<orudie> ivoks, http://pastebin.com/m14f03569
<orudie> better, but some errors
<ivoks> what ubuntu version is that?
<orudie> 8.10
<roy_hobbs> Is it possible to have your MTA (postfix) and MDA (dovecot) on separate machines?  Or in general does every MDA need at least a simple MTA on the same machine?
<ivoks> sure they can be on different machines
<ivoks> but you should somehow deliver mail to another machine
<ivoks> you can use MTA for that, or on a lower level, NFS/DRBD
<roy_hobbs> You mean mount the mailstore from the MDA on the MTA?
<ivoks> yes
<ivoks> or other way arround
<roy_hobbs> =)
<ivoks> depends on where the load is higher
<orudie> ivoks, not sure whats next
<ivoks> orudie: sudo apt-get purge clamav.*
<ivoks> orudie: sudo apt-get install clamav clamav-daemon
<orudie> awww what a beauty
<orudie> :)
<orudie> i seriously just said that at loud
<orudie> no errors ivoks daemons started
<orudie>  * Starting ClamAV virus database updater freshclam                                                                         [ OK ]
<orudie>  * Starting ClamAV daemon clamd                                                                                             [ OK ]
<orudie> ivoks, sudo apt-get install dkim-filter python-policyd-spf
<orudie>  ?
<orudie> should i run that now ?
<ivoks> yes, continue with the guide
<orudie> do i need pyzor and / or razor ?
<orudie> it says its optional
<Nafallo> razor is good for shaving :-)
<orudie> Nafallo, and whats pyzor good for ?
<orudie> :)
<Nafallo> orudie: dunno. shaving pythons? :-P
<orudie> lol
<orudie> ivoks, any thought on pyzor / razor ?
<ivoks> if you don't know what they are, don't use them
<orudie> E: Couldn't find package unzoo
<orudie> is that a typo ?
<orudie> unzoo ?
<orudie> .zoo archives
<orudie> ivoks, do i need to do sudo adduser clamav amavis
<orudie>  ? thouse users are already created right ?
<ivoks> yes
<ivoks> you are adding clamav user to amavis group
<orudie> ok done
<orudie> Starting SpamAssassin Mail Filter Daemon: spamd.
<orudie> it didnt tell me if it was started OK
<orudie> but no errors so i guess its fine ?
<orudie> i'm upto the step where it tells me to uncomment 4 lines in /etc/amavis/conf.d/15-content_filter_mode
<orudie> now need to edit /etc/amavis/conf.d
<ivoks> you shouldn't be doing this on a production system
<ivoks> since you don't know exactly what you are doing...
<orudie> ivoks, i know but i dont have any other choice
<orudie> i'm upto postfix config
<orudie> this is whats really throwing me off
<orudie> ivoks, it tells me to add a whole bunch of text to the master.cf
<ivoks> that's right
<ivoks> and that's ok
<ivoks> you need that
<orudie> so just copy paste all that to the buttom of master.cf right below the last line ?
<orudie> then it says add another 2 lines right below "pickup" transport service
<orudie> so right below this line ? pickup    fifo  n       -       -       60      1       pickup
<ivoks> yes
<orudie> ok done
<orudie> http://pastebin.com/m181e44d1
<orudie> ivoks,
<ivoks> yes?
<orudie> now cant connect to smtp
<orudie> same as i when i tried this on my own a few days ago
<ivoks> check the logs
<ivoks>  /var/log/mail.log
<orudie> yep looking at the logs here
<ivoks> always remember to look at the logs
<orudie> http://pastebin.com/m239cfce5
<ivoks> if something doesn't work, you aren't lost, you can always find out what's wrong
<orudie> yup i am looking at logs tail
<ivoks> there, it even said which line
<orudie> observing whats happening
<ivoks> now, take a look at the guide
<orudie> i see , line 24
<orudie> but
<orudie> that was before i tried
<ivoks> content_filter doesn't go into master.cf
<ivoks> you've didn't read carefully
<orudie> you mean this ? sudo postconf -e 'content_filter = smtp-amavis:[127.0.0.1]:10024'
<moz_> im getting really frustrating problems, where my wireless connection is being lost not always but often whenever i perform a certain action, like trying to view on ftp a directory called "user", and its not simple losing signal as i have another wireless windows machine im on at the moment next to it working fine
<ivoks> orudie: right...
<moz_> it is also disconnects often but not always whenever i run a certain gimp script
<ivoks> orudie: paste your master.cf on pastebin
<moz_> and i have to replug in my USB wireless device to get it working again, i have no idea why
<orudie> ivoks, so remove this line from master.cf ?ok i will
<moz_> i just tried it again, 3 times in a row my wireless connection disconnects when I view a certain directory i cant get to it, anyone have any idea whats happening, what oculd be causing this sort of problem ?
<ivoks> moz_: on server?
<moz_> ivoks: yeah
 * ivoks doesn't see connection between gimp and server
<orudie> ivoks, http://pastebin.com/m76d25eb5
<moz_> ivoks: this time its ftp, whenever i open the directory /var/www/user/ which has a list of about 150 pictures, it will disconnect
<moz_> and will fail to reconnect untill i replug my usb wireless device
<ivoks> orudie: put [tab] in front of the lines you added bellow the pickup
<ivoks> orudie: guide tells you to put some space
<ivoks> strange... dmesg shows nothing?
<ivoks> orudie: http://pastebin.com/m5b9f44 like this
<orudie> yup done
<moz_> ivoks: im a bit new, i see dmesg is a kind of device log? how can i see its recent activity?
<ivoks> moz_: tail -f /var/log/dmesg
<moz_> thanks
<ivoks> moz_: then do whatever you do to break the connection
<orudie> ivoks, ok well mail is working now at least
<orudie> not sure if spam is blocked though
<ivoks> orudie: check the source of the mail
<ivoks> orudie: headers
<ivoks> it should have 'X-Virus-Scanned' header
<ivoks> and that's very basic anti-spam
<ivoks> anyway, i'm leaving now
<orudie> ivoks, wait bro how do i check the source ?
<orudie> you mean html source ?
<ivoks> mail isn't html
<moz_> ivoks: typical it works! but i'll leave this log open no doubt it'll go wrong soon
<orudie> ivoks, http://pastebin.com/m2540ae90
<ivoks> orudie: follow the guide
<ivoks> Troubleshooting
<orudie> ok i will, how does main.cf look though ?
<orudie> i think im getting that error because i didnt add $myhostname = 'mail.example.com' to /etc/amavis/conf.d/50-user file
<ivoks> omg
<ivoks> If you see the following error in /var/log/syslog when amavisd is trying to scan a message:
<orudie> ?
<orudie> thats the reason ?
<orudie> he left :(
<jerrymcfarts> hey I was wondering if anyone tried installing http://mixblendr.com/
<moz_> can anyone reccomend a popular USB wireless stick that works natively with ubuntu-server, im tired of having problems with them
<moz_> that i wont have any driver issues with and is also a reliable stick
<supertanker> Hey, this is more of a sort of linux 'theory' question...should my little Ubuntu server have Make and such on it so I can, say, compile an ircd?
<p_quarles> supertanker: well, yes, if you need to compile things, you need the build-utils; that's not really theory
<andol> supertanker: Just install it when/if you need it. build-essential is a convienient meta-packages.
<supertanker> Thanks
<Noah0504> Eh, can anyone help me out with Samba?  I've been able to configure it in the past, but I was trying to make it a little more secure, but all of the documentation I read is a little confusing.
<zox> Noah0504: i might help if you specify the exact problem :-)
<supertanker> Wow, andol, build-essential *really* is convenient! Thanks
<storrgie> would anyone know about smart monitoring in linux?
<MianoSM> sourceforge has some good info
<storrgie> MianoSM: i saw one on there that was a boot utility... i want to be able to check on a booted up machine... have a big array I would like to be checking.
<Noah0504> zox: Well, I used to just have one share that had different folders in it for people or things around the house.  I started looking into sharing home directories, which appears to work on my Mac, but Windows won't let me log in.  Also, I need to make a share that is basically public for my media center.
<zox> Noah0504: you can user security as 'user' and use [private] and [public] sections, thats how i setup my samba server
<Noah0504> zox: I have that set up for home shares right now.  I can log in perfectly on my Mac, but Windows isn't having it.  Also, how do I set permissions for a public share?
<zox> Noah0504: guest only = yes; guest ok = yes and you must also specify the guest account in [global] section and also that user must have write permissions to the path
<Noah0504> Ah, okay.  Well, I'll keep going at it.  I think I'm getting close to accomplishing everything now.
<Noah0504> Thanks.
<zox> np, hope it works if not let us know.. if we can we will help out
#ubuntu-server 2010-03-22
<VSpike> qman__: I went with imap because i was using a desktop and a laptop, and dual booting on both (win/linux on one and ubuntu/arch on the other) ...
<VSpike> qman__: and also because I couldn't decide which email client i liked, so i wanted to have the spam filtering and folder filtering all done server side
<VSpike> qman__: it's hard to give up that flexibility once you get used to it
<Sorell> does unbuntu server have a "sleep" mode
<Sorell> it seems like my server likes to go to sleep
<Sorell> and I have to ping it to wake it up.
<Sorell> I can't visit the website when this happens or ssh in
<Sorell> but if I ping it everything is fine.
<Sorell> any ideas?
<rberger> Are there examples of creating a profile for pam_auth_update so as to enable pam_limits.so for all users including those that su?
<bikcmp> Hello everyone, I'm trying to setup UEC on my box, but, as always, it doesn't quite work as expected.
<bikcmp> http://pastebin.com/VzVUJ2pU
<bikcmp> Seems dead in here.  I'll try #ubuntu.
<djveer> Hey guys, i'm getting errors saying "ata3.01: status: { DRDY ERR }" and "ata3.01: error: { UNC }" when trying to boot my ubuntu server. An attempt to fsck the volume gives me "Buffer I/O error on device sda1, logical block 548742" Error reading block... etc
<djveer> This a corrupted file system? or could there be a hardware problem here, and how do I tell
<djveer> *?
<twb> djveer: your disk is dying
<twb> djveer: go stick it in the freezer, wrapped in a towel, for half an hour.  Then take it out and dd the data off it.  Then you can attempt to fsck the dd image instead of the dodgy disk.
<djveer> twb: okay cool thanks for the advice... what dd command would I use? dd if=/dev/sda1 of='filename' bs=1M   or something like that
<twb> djveer: if you have dd_rescue, that would be easiest.
<djveer> twb: okay, i'll look into it. Can it be done with just the standard dd utility though?
<djveer> i've never honestly used dd_rescue, so not sure of it's function
<twb> dd_rescue is just dd with some bodgy patches to make it slow down or speed up when reads fail
<djveer> okay, good to know
<twb> i.e. it's designed specifically for your current use case
<djveer> twb: great stuff, thanks :)
<ubuntu_user_01> my OS hdd is failing and i need to swap it out...i have a raid 6 seperate from that hdd, is it possible to do a fresh install of ubuntu on a new HDD and rebuild or boot the raid 6 post install?
<twb> ubuntu_user_01: sorry, you have the OS on an un-raided single disk, and a separate RAID 6 array that's used for something else?
<ubuntu_user_01> yess
<ubuntu_user_01> sorry for the delay
<twb> ubuntu_user_01: is it md raid?
<ubuntu_user_01> yes mdadm raid 6
<twb> Are you raid6-ing the disks, or partitions on the disks?
<ubuntu_user_01> raid 6 the disks
<twb> Bummer.
<ubuntu_user_01> 8 full hdd in raid 6
<ubuntu_user_01> well thats not good hahaha
<twb> Otherwise you could easily just put /boot on a second set of raid1 partitions, and move the root partition into the array.
<twb> Which is what I'd do for a fresh deployment.
<twb> I *think* GRUB2 can understand a /boot stored on LVM on md RAID now, but I wouldn't want to rely on it.
<ubuntu_user_01> can i drop another HDD in and make my failing HDD a raid 1 with the new 1, yank out the failing drive and then rebuild the raid 1 with another new hdd
<twb> ubuntu_user_01: so you would end up with 10 disks, a raid-1 array of two disks for / and /boot, and the original, unchanged raid6 of eight disks for /srv?
<ubuntu_user_01> wait...i think i am raid partitions
<ubuntu_user_01> yea
<twb> That ought to work
<ubuntu_user_01> sweet...now i just got to go break down my raid 0 in the hackintosh till i can get some new hdd
<ubuntu_user_01> haha
<twb> You'll need to dance with grub during the transition, so make sure you have a live CD ready, preferably one with mdadm and lvm2 installed in it
<ubuntu_user_01> alternate cd comes with both correct?
<twb> Not in rescue mode, although you can probably anna-install them from the CLI while in rescue mode.
<twb> I would normally use a hand-rolled rescue image, or the CentOS 5 live CD, or knoppix.
<twb> IMO that's less hassle than trying to use d-i's rescue mode.
<ubuntu_user_01> kk thanks for the help
<axisys_> twb: hmm.. so jfs fs gets destroyed if it is external array while the internal disk has the OS which went bad?
<axisys_> twb: hmm would be nice if jfs behaved like zfs where i can destroy my OS on internal disk and no worry
<twb> axisys_: huh?
<twb> I don't know anything about JFS.
<axisys_> ubuntu_user_01's raid6 was on JFS aparently based on his comment on #ubuntu
<twb> axisys_: surely you mean JFS was on RAID6.
<axisys_> twb: that was what he said
<twb> axisys_: YOU said RAID6 was on JFS, i.e. backwards
<axisys_> twb: oops.. yep
<twb> I don't see why the filesystem would matter.
<twb> He had his OS filesystem separate from his data filesystem
<carmony> What command can I run from the terminal to determine what interfaces I have available?
<qman__> carmony, I assume you mean ethernet interfaces--ifconfig -a will show all the interfaces with drivers loaded
<twb> qman__: ITYM "ip addr"
<carmony> qman__: thanks
<qman__> twb, I use ifconfig
<qman__> old habits die hard
<qman__> it's a temporary means anyway, anything permanent should be in /etc/network/interfaces
<swift> hi guys, if i start 'vncserver' on my linux box, I should be able to connect to it via vnc right?
<swift> it's not working for me
<qman__> swift, vncserver requires an X session to be running to connect to
<qman__> ubuntu server does not have a GUI
<swift> qman_.. i got it goin.. thanks for your input!!
<twb> qman__: um, I think vncserver uses a new Xvfb instance
<twb> And installing vncserver ought to have pulled in X.
<twb> Unless you're talking about x0rfbserver, which exports a normal X instance.
<maxagaz> hi
<maxagaz> mailq returns the following error for thousands of emails: mail system configuration error
<maxagaz> how to debug it ?
<twb> Maybe by configuring the mail system correctly?
<twb> What MTA are you using?
<ruben23> anyone tired vyatta CE router..?
<twb> ruben23: does it run Ubuntu Server?
<ruben23>  twb:yes
<germanjew_> an anyone here please help me with setting up a cloud?
<germanjew_> can*
<twb> Is there an ubuntu-cloud channel we can direct these people to?
<twb> EUC bores me.
<germanjew_> if you help me I'll be gone and you won't be bored anymore
<twb> germanjew_: I can't; I know nothing about EUC
<germanjew_> hehe ok
<twb> It's hard enough for me to keep normal hosts running, let alone a big sort of "blob" of them
<sherr> germanjew_: https://help.ubuntu.com/community/UEC
<sherr> There's also a PDF best practices doc on Intel's site about Ubuntu :
<sherr> http://software.intel.com/en-us/articles/intel-cloud-builder-best-practices/
<sherr> germanjew_: But I cannot help more either because I don't know much about it (and am not that interested currently)
<twb> sherr: ooh
<twb> Oh, just best practices for euc
<twb> I thought you meant ubuntu in general
<sherr> No, cloud - but still a useful doc with some nice diagrams. Maybe I'm missing the nice diagrams, and that's why I don't see the point ..:-)
<germanjew_> sherr: thanks alot, but I think I figured out what the problem was
<Akos> hi everyone
<eagles05138785> hey guys where can i find kernel modules
<eagles05138785> i just got a 2nd network cable for my server and its not the same as the first one and it seems like i dont have the module installed
<_ruben> network cables dont require drivers
<eagles05138785> what i mean though is the nics are 2 different broadcome models
<eagles05138785> one is a pci xpress nic
<eagles05138785> the other is a normal giga broadcome nic
<eagles05138785> and the regualr one isnt showing up with an ip or anything when i do ifconfig
<eagles05138785> _ruben: i got it
<eagles05138785> had to bring it up
<ruben23> hi, how do i install  sources for the 2.6.24-27-rt kernel
<sherr> ruben23: apt-get
<ruben23>  sherr: apst get..? what..? source  2.6.24-27-rt kernel ..?
<eagles05138785> hey guys i want your feedback on something i have a router connected directly to the outside via cable modem and i have a server which has to nics and i was wondering if i set that up as a firewall should i put that directly to the cable modem and then the router or can i leave my setup the way it is
<eagles05138785> the router has a simple nat firewall it seems like
<sherr> ruben23: There are manuals installed on every system - useful to know how to find out information yourself i.e. man apt-get. See the "source" option.
<Guest66551> :
<joschi> hi, I'm trying to boot ubuntu over PXE in a vmware ESXi virtual machine. when the vm has a network interface of the types vmxnet2 or vmxnet3 it throws a kernel panic during the boot process. when the network interface is e1000 compatible, it works as expected
<joschi> used kernel is 2.6.31-20-server
<joschi> anyone has had similar problems?
<pths> which package proves samba.schema for LDAP?
<sherr> pths: you can search packages and package contents on packages.ubuntu.com
<pmatulis> pths: that would be samba-doc
<pmatulis> pths: (apt-file search samba.schema)
<jalons> I have a failed drive in a 9.04 server raid5 array, when I pass bootdegraded it's still not constructing, however I can assemble it from initramfs (busybox?)
<jalons> how can I either A. get bootdegraded (i also tried bootdegraded=true and bootdegraded=1) to work so I can copy data off then try the rebuild, or B. get network going from the initramfs environment so I can copy the data off
<sherr> jalons: no console access?
<sherr> I guess "bootdegraded" needs sme updates to the system you haven't got.
<jalons> sherr: I do have console access
<sherr> I thought that a degraded RAID would allow bootup but expects you to "hit enter" (or something)?
<jalons> looks like in 8.10 they changed it
<sherr> Painful problem that : https://wiki.ubuntu.com/BootDegradedRaid
<jalons> i think it actually tries to continue on, but mdadm is throwing an error that it can't create the array
<zul> lamont: ping when you get a chance can you have a  look at #542955
<sherr> jalons: there's always a liveCD/recovery mode?
<jalons> sherr: yeah, waiting on approval to get access to a CDR to burn a recovery cd
<jalons> thanks, I'll explore that venue
<nijaba> kirkland: hello!  do you know if there is a way in euca to prevent a node from accepting new instances?
<diago> how can I revert a fail apt-get install
<mealstrom> apt-get install -f
<mealstrom> ?
<diago> fails with the same errors
<jalons> resolve the errors
<sherr> diago: maybe pastebin your errors ...
<diago> it's a syntax error in one of the packages trying to be installed. I just want to kill the attempt
<diago> third party package of course
<lamont> -rw-r--r-- root/root   1549844 2010-03-19 15:18 ./usr/lib/libdns.so.64.1.0 <-- zul: looks pretty non-empty to me...
<lamont> or is that not what ldconfig.real means by that error?
<zul> im not sure
<lamont> anyway, afk for a couple hours - breakfast
<jalons> diago: so the package is throwing a syntax error, so it won't install?  is it listed in dpkg as partially installed?
<jalons> you may be able to dpkg --purge pkg and then apt-get install -f
<diago> it is showing as partial but I'm finding out that removing it will totally uninstall open-xchange
<diago> great, MONDAY
<jalons> ahh dependency hell
<jalons> Sorry man, at that point I find a new machine and start over.
<diago> lol... not really an option right now. I'll see what #open-xchange has to say. Thanks though.
<diago> can I run a virtualbox question by in here. Windows host - ubuntu guest?
<soren> diago: Depends.
<soren> diago: It's easier to say after you asked the question, I guess.
<diago> ok. I'm having trouble using a windows host and ubuntu guest server. The network adapter in the guest can ping the gateway but if I ping an outside address the name is converted by DNS but I receive no packets
<_ruben> sounds like a config issue in the host and/or virtualbox, as in: its not nat'ing/bridging/whatevering properly
<soren> diago: Yeah, that doesn't sound like an Ubuntu problem, really. It sounds like something in the hypervisor or on the host side, to be honest. I suggest you try some kind of VirtualBox support forum.
<diago> ok, I just tried a different adapter (intel server) and it seems to be working... strange
<diago> thanks though
<zul> ttx: nut ffe uploaded
<zul> 2 more to go ;)
<diago> well, it works fine when dhcp is used so it must be my config
<diago> this is crazy, if the guest receives info from dhcp it works fine, static no dice
<_ruben> diago: is the static config similar to the dhcp config?
<diago> from what I can tell, the only additional param I am using is network 192.168.0.0
<diago> but even if I remove that I still get nothing
<diago> well, I can get around internal fine
<zul> mathiaz: when you get a chance can have a look at https://bugs.edge.launchpad.net/ubuntu/+source/rabbitmq-server/+bug/506985
<MTecknology> I just got my Ubuntu 9.10 CD's :D
<MTecknology> 1 desktop, 1 server - /me is excited
<smoser> ttx, do you happen to have any insight on https://bugs.launchpad.net/ubuntu/+source/ec2-api-tools/+bug/542395
<ttx> smoser: not really. Maybe doko can help you
<ttx> smoser: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=573742
<smoser> yeah, i just saw that and was going to test the -Djava.net.preferIPv4Stack=true
<ttx> smoser: if you confrm it's the same, you should change the package affected and link to the debian bug
<smoser> works
<ttx> smoser: maybe we can workaround it... but we should keep a bug open against openjdk
<RoAk> kirkland, found a way to parse the config files
<smoser> ttx, yes.
<smoser> thanks.
<ttx> kirkland, mathiaz, smoser: I'm about to call it a day -- anything you need from me ?
<smoser> not from me.
<mathiaz> ttx: not from me.
<ttx> jsdelfino: I think we worked together circa 1997.
<kirkland> ttx: nope, thanks
<kirkland> RoAkSoAx: cool
<RoAkSoAx> kirkland, i'll work on it and post all my code for you to take a look at it
<RoAkSoAx> kirkland, and I uploaded a branch with the testdriverc change for obtaining the code name: lp:~andreserl/testdrive/codename-change
 * ttx disappears
<kirkland> RoAkSoAx: yeah, i saw that one; it's not quite what i had in mind; i have a better design in mind; don't have time to detail it right now; but i'll try to get it in tonight
<kirkland> RoAkSoAx: shouldn't affect your modularity, though
<RoAkSoAx> kirkland, it should since I'm planing to handle that differently, other than that I'll just merge your change sin mine
<kirkland> RoAkSoAx: cool
<kirkland> RoAkSoAx: basically, i'm going to move the config code that builds the list of ISOs to a different file
<kirkland> RoAkSoAx: different config file
<kirkland> RoAkSoAx: that only gets sourced if we're in the "Select an ISO" code path
<kirkland> RoAkSoAx: which necessarily requires network connectivity
<kirkland> RoAkSoAx: I want to avoid requiring network connectivity for those code paths that don't actually need it
<kirkland> RoAkSoAx: like "testdrive -u /path/to/local/foo.iso"
<RoAkSoAx> kirkland, woulnd't it be more user to keep the menu but show "no network connectivity, please insert path to iso"? instead of showing the whole menu?
<RoAkSoAx> kirkland, I have just uploaded my changes to a branch for you to take a look at: lp:~andreserl/testdrive/module
<RoAkSoAx> an initial modularization is pretty much done, but It still requires many changes to improve the code basically
<RoAkSoAx> and I'll probably merge the launch_kvm launch_virtualbox and launch_parallels functions from the executable to the "module"
<RoAkSoAx> kirkland, there's also a "prueba" script that shows how to use the configparser
<RoAkSoAx> and I'm creating the ISO list in the "module" instead of creating it in the config
<kirkland> RoAkSoAx: i'm really slammed all day today, so i won't be able to get to it until tonight
<RoAkSoAx> so that it is used for both, the command line, and the PyGTK interface in the future to create a manu
<RoAkSoAx> kirkland, its ok, I'm gonna do some work on it today with the way I was planing to parse the config file, so that you can see all that tonight
<kirkland> RoAkSoAx: awesome
<mathiaz> kirkland: http://paste.ubuntu.com/399417/
<mathiaz> kirkland: http://paste.ubuntu.com/399432/
<wack479> when running rsync on my ubuntu 9.10 server kernel 2.6.31-20 when it gets to a large file, it kernel panics and then reboots, anyone else had this problem?
<RoyK^> oh
<RoyK^> 2GB limit?
<soren> wack479: Oh, wow. Which filesystem?
<Callum__> wack479: are you copying to or from a FAT32 filesystem? or any other filesystem with relatively small file size limits?
<RoyK^> even if was FAT12, a panic is bad news
<scar_> my friend wants to build a couple of devices that will link to each other sharing processing power and other resources, I've offered to help him out on the software side. For starters we tried Eucalyptus via the 9.10 server cd inside virtualbox
<scar_> we followed both the server guid and community documentation, but still was not able to get it working
<sherr> scar_: can't help with the cloud stuff myself, but know you'll need to define how it didn't work in more detail. What exactly didn't work?
<scar_> one thing that baffle me is that eucalyptus needs 40gb space for both clustor and nodes
<scar_> sherr I had problems building my own images (with vm-builder) and starting the image afterwards
<sherr> UEC folks : Good PDF article on Clud Best Practice (with Ubuntu UEC) here :
<sherr> http://software.intel.com/en-us/articles/intel-cloud-builder-best-practices/
<sherr> (scar_) that's not to help you out specifically
<sherr> Clud? Cloud* :-)
<scar_> right now I think it's better for me to focus on other possable solutions, since giving each device 40gb hdd space isn't really an option right now
<nosse1> Hello. After I upgraded my server to karmic, the ssh daemon lets the users log in, even before fsck is done checking the user's disks. How can I change the order?
<sherr> scar_: where does it state those requirements?
<scar_> https://help.ubuntu.com/community/UEC/CDInstall
<ttx> kirkland: did you notice
<ttx> https://lists.ubuntu.com/archives/ubuntu-server/2010-March/003906.html
<kirkland> ttx: sorry, no, haven't gotten to it
<ttx> kirkland: nothing urgent, just something to keep an eye on, I guess :)
<ttx> I'll do a few tests when I'll be back on Friday.
<kirkland> ttx: yeah, agreed
<ttx> kirkland: I experienced sluggish performance under kvm recentely, and it might have been when I did iso testing over qcow2 images.
<smoser> jdstrand, i just opened bug 544435 i believe its a problem with app armor profiles for libvirt
<a|3x> hi
<a|3x> when i run posix_getpid in php i get pid of apache process, why is that?
<joschi> a|3x: probably because you're running mod_php
<a|3x> joschi: would it be possible to have apache start different process for each page request?
<joschi> sure. run php with mod_cgi or suphp
<joschi> but this means a certain performance hit
<joschi> normally you want to avoid that
<a|3x> thats how its done on centos i believe
<a|3x> the problem is i have a long polling app and i would like to prevent clients from long-polling more than once
<a|3x> to do that i was planning to use pid checking
<a|3x> is there any other way to do it?
<joschi> why not just check a cookie or (more error-prone) the ip address before starting your expensive calculations?
<a|3x> what if they are behind a nat
<joschi> then cookies will still workâ¦
<a|3x> i have non-browser client apps i and would really like to keep them simple and not require cookies
<a|3x> plus, cookies can be hacked
<a|3x> actually, this is more of a licensing issue rather than calculation
<joschi> how would knowing the process id of your php process prevent that in any way?
<a|3x> lock mysql db lock, get pid in database next to key they provided, see if that process is still alive, if yes, return with key already used error, else save pid, unlock lock, go on
<a|3x> i could use the db lock for that but i need it for efficient long-poll
<a|3x> i could set flags in the db but what if the process dies and the flag never gets reset
<a|3x> how big of a performance hit is it?
<joschi> the php binary will have to be loaded for each request
<joschi> since it's in the cache after the first run, at least it doesn't have to be read from the disk every time
<joschi> a|3x: just try it
<a|3x> the question is, after each long-poll event i am going to have everybody requesting it again all at the same time
<a|3x> question: how much of a hit it will be when 100 php processes start all at the same time
<a|3x> compared to what i have now
<a|3x> that is mod_php
<joschi> 100 * size of a single php binary
<joschi> do your maths ;)
<a|3x> how does mod_php work?
<a|3x> fork?
<a|3x> no wait
<joschi> a|3x: the interpreter is embedded in the apache processes. that's why you only see apache's pid. no forking is done on a request.
<a|3x> would it be possible to see if a particular php script is still executing within some apache process?
<a|3x> unique id of some sort maybe?
<RoAkSoAx> kirkland, is it really necessary to load multiple config files in testdrive?
<kirkland> RoAkSoAx: yes; talk to hggdh
<RoAkSoAx> hggdh, ping
<RoAkSoAx> kirkland, ok, because I really don't see the point of having multiple config files :)
<hggdh> RoAkSoAx, pong
<RoAkSoAx> hggdh, is it really necessary to have multiple config files for testdrive, why?
<hggdh> RoAkSoAx, we need to be able to test different scenarios -- for example, no network connectivity
<hggdh> or different memory allocations
<hggdh> etc
<hggdh> RoAkSoAx, you mean the successive loads?
<RoAkSoAx> hggdh, yeah
<hggdh> RoAkSoAx, they do not hurt -- and allows one to only change what is needed
<hggdh> for example, I usually base mysefl on /etc/testdriverc, and only add my own changes
<kirkland> RoAkSoAx: basically, we need 2 ... on distro level set of defaults
<kirkland> RoAkSoAx: and 1 local one for users to override those
<kirkland> RoAkSoAx: various people "complained" about where that local one was located
<kirkland> RoAkSoAx: I thought ~/.testdriverc made perfect sense, but then some people wanted in ~/.config/ and other newfangled locations
<kirkland> RoAkSoAx: so it's best to just create one process for sourcing a config file, and pass that process an array of locations, in order
<RoAkSoAx> kirkland, hggdh, uhmmm ok, because I was thinking on doing something like if it does not exist in ~/.testdriverc use the one in ~/.config/ if not, use the default in /etc/testdriverc
<kirkland> RoAkSoAx: that's not how traditional Unix configs work ....
<hggdh> RoAkSoAx, I would rather first source the default in /etc/, *then* whatever the user wants
<kirkland> RoAkSoAx: the traditional Unix config process is a) first source a global config
<kirkland> RoAkSoAx: b) then source local configs
<kirkland> RoAkSoAx: please don't go changing this sort of core testdrive functionality
<kirkland> RoAkSoAx: that part is there for a reason ;-)
<hggdh> heh. kirkland stated it more nicely
<RoAkSoAx> kirkland, yeah I just trying to figure out the sourcing of config files since I'm using configparser for that functionality
<kirkland> RoAkSoAx: right ... so for that, just concatenate all of them together
<kirkland> RoAkSoAx: and then run the conf parser across it whole blob
<kirkland> RoAkSoAx: assuming that later variables overwrite earlier ones
<hggdh> and catenate them in the correct order ;-)
<kirkland> RoAkSoAx: right, what hggdh said ;-)  order matters!
<RoAkSoAx> kirkland, i was either thinking on having something like "testdrive-globals" and testdrive-locals and they *had* to be different and nto override, but I guess that we should be able to override in local config a global variable, correct?
<hggdh> correct
<hggdh> the global gives the user sane defaults
<hggdh> the user config can be as messed up as the user wants, but the global *has* to be sane
<kirkland> RoAkSoAx: the key being that ***we*** get to change the globals, but ***users*** get to override them with whatever they want
<hggdh> ideally, nobody will ever need to change /etc (heh, at least I can hope)
<RoAkSoAx> hggdh, kirkland ok so, now a python programming question: is it possible to for example do something like: var = KVM_ARGS, then pass that var to a function, and in the function do something like self.var = "-usb" where self.var should actually be self.KVM_ARGS
<RoAkSoAx> so to the function I can pass functio(var,value)
<RoAkSoAx> and var is an attribute in a class
<RoAkSoAx> set_function(self, var, value)self.var = value
<RoAkSoAx> something like that?
<hggdh> so you are actually defining a class, and heper methods in it
<hggdh> as long as the helper methods are in the class, no problem
<hggdh> I was, in fact, thinking of setting all the config in a class, and passing it to the emulator to be used
<RoAkSoAx> hggdh, http://paste.ubuntu.com/399537/
<RoAkSoAx> hggdh, how can I make that self.var = value, if var is a variable, but should refer to a varibale in the class instead of to the variable var
<RoAkSoAx> idk if you understand me :)
<hggdh> RoAkSoAx, easier to have all the attributes in the class
<hggdh> so that you can just do testdrive.mem=<value>
<RoAkSoAx> hggdh, http://pastebin.ubuntu.com/399538/
<RoAkSoAx> hggdh, i actually modifying the attributes of the class from the main(), however, I'd rather have a set_values class to be able to set the value to a specified var so that I dont have to do it from main
<RoAkSoAx> because IIRC, it is better to modify the attributes of a class from class functions and not from main, correct?
<hggdh> RoAkSoAx, opinions vary there ;-) I personally do not like a generic setter like this, makes following the code harder to understand
<hggdh> if this was an extremely complex programme, then (probably) yes; but you are already using configparser...
<hggdh> and, BTW, it is better -- following you example -- to do if x: ... elif y: .... elif z: ...
<hggdh> may be ugly, but such is life
<RoAkSoAx> hggdh, haha indeed, but it would be better that way in my opinion, that's why Im wondering if theres a way to do that
<hggdh> and yes, whenever possible, modify class attributes via helper methods
<hggdh> most probably there *is* a way. Not sure it is worth your time (right now)
<hggdh> also -- in the helper methods you would probably add syntax and semantic, and whatever, checks
<RoAkSoAx> hggdh, ok then, since this is just first modularization i guess I will stick to if if if :)
<hggdh> for example, the memory size is expected to be an integer, greater than zero and less than <memory available>, expressed in Megas
<hggdh> so 384 == 384Mbytes
<hggdh> (of course, this is a simple example, but you could have more stringent checks for, say, URLs)
<RoAkSoAx> hggdh, kirkland ok. The config loading is done and should work with various configs. the only thing would be that each user will have to add [testdrive] in the config file
<RoAkSoAx> kirkland, hggdh_ lp:~andreserl/testdrive/module, just pushed my latest changes
<a|3x> how would i make apache run php scripts with mod_cgi?
<kirkland-suds> mathiaz: smoser: yeah ...  well, 27kB/s ... no better :-(
<smoser> bah
<kirkland-suds> smoser: mathiaz: smells nice in here though
<kirkland-suds> smoser: ask nurmi if Goleta's uplink is a carrier pigeon
<Burgundavia> kirkland-suds, ping re: byobu
<kirkland-suds> Burgundavia: what's up?
<kirkland-suds> smoser: actually, i just spiked to 250kB/s
<smoser> woohoo
<mod> hey all
<Burgundavia> kirkland-suds, ripping out my hair for last minute Ubuntu book stuff. Is byobu seeded by default anywhere?
<mod> is it generally true that if I am running RAID 1 with two drives, I should be able to pull one drive and mount it stand alone?
<kirkland-suds> smoser: can you see ESSID sbsoap ?
<mod> not matter the RAID 1 is hardware or software or which ever brand?
<smoser> no. i've never seen it.
<kirkland-suds> smoser: okay, i'm rocking now
<Burgundavia> kirkland-suds, specifically, it is seeded on the Ubuntu server/desktop/netbook cds? my browsing says no
<kirkland-suds> Burgundavia: it's a recommends of screen
<kirkland-suds> Burgundavia: actually, it is, as of Karmic
<kirkland-suds> Burgundavia: fire up a Lucid desktop ISO (by Testdrive, perhaps, and you should be able to open a terminal on the LiveCD and just run 'byobu')
<Burgundavia> kirkland-suds, no kvm on this laptop. and now I feel stupid. I saw that dependency chain and for some reason it didn't connect in my mind
<Burgundavia> thanks
<kirkland-suds> Burgundavia: Testdrive works with VirtualBox too ;-)  but yeah, it's seeded
<kirkland-suds> Burgundavia: glad to hear byobu's earned a mention in your book
<kirkland-suds> Burgundavia: what book is it?
<kirkland-suds> mathiaz: screaming through the langpacks now
<Burgundavia> kirkland-suds, official ubuntu book, the command line chapter
<kirkland-suds> Burgundavia: cool ;-)
<kirkland-suds> Burgundavia: poke me if you want a byobu deep dive some time; happy to show you the advanced features if you like
<Burgundavia> kirkland-suds, for the next edition of the server book, we should probably do something, but that isn't my baby.
<Burgundavia> but thanks, yes
<kirkland-suds> Burgundavia: sure thing; is that Kyle Rankin's book?
<Burgundavia> yep
<kirkland-suds> Burgundavia: cool; i have an email from him that i need to respond to
<kirkland-suds> Burgundavia: thanks
<Burgundavia> kirkland-suds, for a quick sanity check, do you have time for a 10 minute look at what I have written?
<hggdh> RoAkSoAx, you are mixing tabs and spaces, not a good idea
<kirkland-suds> Burgundavia: sure
<kirkland-suds> Burgundavia: wanna email it to dustin dot kirkland at gmail dot com ?
<Burgundavia> doing so now
<Burgundavia> kirkland-suds, did you get it?
<kirkland-suds> Burgundavia: got it
<kirkland-suds> Burgundavia: where's the track changes option?
<Burgundavia> edit-->changes-->record
<Burgundavia> and edit-->changes-->show
<kirkland-suds> Burgundavia: the only suggestion I have really, would be to mention F6 (detach) and byobu -x (re-attach), and F7 scrollback
<kirkland-suds> Burgundavia: otherwise, it's a nice concise introduction
<Burgundavia> thanks
<kirkland-suds> mathiaz: smoser: lang packs complete
<kirkland-suds> on to kernels :-/
<kirkland-suds> smoser: mathiaz: bandwidth is great though; should work from here tomorrow
<kirkland-suds>     21200896  68%  683.60kB/s    0:00:14
<mathiaz> kirkland-suds: is there someone around?
<kirkland-suds> mathiaz: there's a few people in here, but there's a cafe with tables and chairs just outside
<kirkland-suds> smoser: mathiaz: do either of you have a laptop cable lock?
<smoser> nope
<mathiaz> kirkland-suds: nope
<kirkland-suds> smoser: mathiaz: bummer
<mathiaz> kirkland-suds: how long is this going to take?
<kirkland-suds> mathiaz: it's about 20x faster, but it'll still be a while
<kirkland-suds> mathiaz: i'm just on pool/main/l/linux/linux-image-2.6.32-17-preempt_2.6.32-17.26_amd64.deb
<kirkland-suds> mathiaz: gotta make it through the rest of main, then universe
<kirkland-suds> mathiaz: smoser: http://pastebin.ubuntu.com/399589/
<a|3x> i am having difficulties setting up suphp, anybody care to help?
<a|3x> Invalid command 'suPHP_UserGroup', perhaps misspelled or defined by a module not included in the server configuration
<kirkland-suds> smoser: mathiaz: made it through the kernels
<RoAkSoAx> hggdh, tou mean spaces for def and tabs for everything else?
<hggdh> RoAkSoAx, no, actually one should use *either* spaces *or* tabs in a Python source, but not both (PEP 8 highly recommends spaces)
<hggdh> in my vi edit of the source, everything seems to be on the same column (because my vi is configured to \t == 4 spaces)
<hggdh> RoAkSoAx, bye either/or, I forgot to add -- but not both
<hggdh> my, my, am I writing bad today or what?
<kirkland-suds> hggdh: RoAkSoAx: but I *strongly* prefer tabs and tabs only!
<hggdh> RoAkSoAx, the master's voice ;-)
<kirkland-suds> two reasons: a) 1 tab = 1 byte, b) anyone can configure their editor to represent a tab as as much (or as little) whitespace as they like
<maxb> a) is largely irrelevant in the face of disks, bandwidth and compression technology of today
<hggdh> kirkland-suds, as long as it is either/or (but not both) Python feels good...
<RoAkSoAx> kirkland, hggdh ok, better yet, I love using tabs for coding
<maxb> b) is a noble goal which starts to fall apart once questions of where the right margin is, and how long statements should be wrapped, enter the picture
<RoAkSoAx> hggdh, kirkland-suds NAyways, just ping if somethings is need, Call of Duty MW2 awaits me :)
<RoAkSoAx> later
<maxb> But really, so long as no-one mixes both in a single file, that's a good start
<hggdh> maxb, yes indeed, and a lot of hard-core old coders (see coreutils, for example) are moving out of \t
 * hggdh does not care, as long as it is only one of them
<hggdh> ok. Time to get the grill
<kirkland-suds> hggdh: agreed
<kirkland-suds> maxb: understood; (a) is not about bytes-on-disk, it's about left-and-right-arrow to me ;-)
<kirkland-suds> smoser: mathiaz: openjdk is figgin huge
<a|3x> anybody care to help me figure out why my suphp setup is not working?
<kirkland-suds> smoser: mathiaz: oh, FCOL ... openoffice :-/
<ruben23> hi
#ubuntu-server 2010-03-23
<smoser> kirkland, mathiaz http://www.scratchbox.org/ is what i was talking about
<smoser> at lunch
<pmatulis> when was iSCSI support available in linux?
<twb> 2.6.12
<twb> http://en.wikipedia.org/wiki/ISCSI
<pmatulis> twb: thanks.  i wanted to compare with OpenBSD (which is just now working on it)
<erichammond> what is the syslog that Ubuntu prefers over syslog-ng?
<erichammond> ah, rsyslog (I think)
<sbeattie> erichammond: correct, rsyslog.
<erichammond> sbeattie: Thanks.  Just finished reading the feature list.  disk-based buffering sold me, but I was impressed by many others.
<erichammond> I plan to convert from syslog-ng at the next opportunity.
<stsm> is there a mips version?
<twb> I think persia told me it was in an pre-alpha state
<twb> Debian has mipsel, of course...
<stsm> lol i'm not even gonna say what i think about debian
<stsm> generally its the most negative place i found so far on freenode intirely, thats all i'll say
<stsm> i'm looking for something else that supports mips
<stsm> if there's nothing else available then debian i'll just choose for nothing
<twb> stsm: Debian is not on Freenode.
<twb> stsm: if you went to #debian on Freenode, you'd find only the people who are too stupid to read announcements.
<stsm> twb, its also on freenode next to oftc
<stsm> twb, last time i went to oftc the same people were there
<stsm> debian is just no option anymore for me
<stsm> so no mips yet for ubuntu-server or ubuntu?
<twb> Shrug.  I've told you what I know.
<stsm> yeha pre-alpha
<psteyn> Hi, any reason why cacti depends on libapache2-mod-php5?  I'm trying to convert my apache2-mpm-prefork +  libapache2-mod-php to an apache2-mpm-worker + libapache2-mod-fcgid setup, but don't want to lose Cacti
<psteyn> I think this is a bug
<stsm> only thing i can find was a place on launchpad, but its from last year so
<stsm> twb, thanx for the info
<twb> psteyn: then report it as a bug
<psteyn> on it
<Callum__> Does anyone know if copying a MBR from one drive to another using dd if=/dev/sd* of=/dev/sd* bs=512 count=1 will wipe out all the other information on the drive?
<Callum__> on the drive I'm copying to
<twb> Callum__: that copies the partition table, too.
<twb> So it'll "wipe it out" in the sense that nothing will see the original partitions
<twb> From memory, the bootloader lives in the first 446 bytes.
<Callum__> okay
<jayvee> soren: if I did you a debdiff of #535397 (hopefully right this time) would you be more likely to fix it? :)
<jayvee> hmm, ubottu doesn't recognise it
<jayvee> LP #535397
<jayvee> https://launchpad.net/bugs/535397
<jayvee> ubottu seems to be in a coma
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<jayvee> so I see.
<eagles05138785> hey guys im following this tutorial https://help.ubuntu.com/community/Git when it says copy the public key what public key?
<sherr> eagles05138785: ssh public key it assume you have or know how to make. This is not on topic for #ubuntu-server.
<eagles05138785> sherr: i asked in here cuz im setting up git on ubuntu server
<sherr> eagles05138785: It is not relevant or specific to server (or desktop) though. Maybe try #git?
<eagles05138785> sherr: ok. thanks ill just follow the ubuntu wiki how to on how to generate a key
<mealstrom> has someone worked with puppet? how to copy files from client to server ?
<eagles05138785> mealstrom: i would recommend scp (secure copy)
<jayvee> eagles05138785: irrelevant.
<jayvee> puppet works differently.
<eagles05138785> ahhh
<jayvee> mealstrom: puppet has a built-in puppet:/// URI scheme
<eagles05138785> i was answering his 2nd part of the question jayvee
<jayvee> oh right
<jayvee> well when you know what puppet is, then you see that they are really just one question.
<mealstrom> jayvee: yes, I can copy from server to client . and daes it work in client to server way ?
<jayvee> ah, I see
 * jayvee scratches chin
<mealstrom> just want to copy some backups
<eagles05138785> mealstrom: ya it does but not 100% sure how to do it
<eagles05138785> mealstrom: how big are the backups cuz if they are of decent size you can eat up all your bandwidth
<eagles05138785> unless this is a home network
<mealstrom> office network 100 Mbit... looks like puppet has "filebucket"  for backup storage.
<mealstrom> lets dig filebucket :) thanks btw
<twb> Depends what you're backing up.
<mealstrom> home directories every 3 month's
<twb> If you mean backups of, say, /home, puppet's filebucket is probably not the right thing
<mealstrom> FILEFC="/tmp/`ifconfig | grep 192.168.1. | cut -d' ' -f12 | cut -d':' -f2`"
<mealstrom> tar -cvzf $FILEFC.tar.gz /home . then just copy this backup to server
<twb> mealstrom: I'd just use rsnapshot to backup to another building, and do that every night.
<twb> If you have tape or generally want to go overboard, there's amanda
<twb> I don't know why anyone would deploy a new tape solution, though.
<jayvee> why?
<jayvee> what's wrong with tape?
<twb> jayvee: it's expensive and slow
<twb> For WORN, sure.
<yann2> hello, I got a bug to file against the samba apparmor profile in lucid, should I file it against apparmor, against samba, ...? technically it's more a bug of the configuration
<yann2> official ubuntu manual recommends to put folders to share in /srv/samba, but apparmor prevents smbd from accessing /srv
<jdstrand> yann2: is this from the apparmor-profiles package?
<jdstrand> (samba should not be shipping a profile for smbd by default)
<yann2> I believe so, I can't remember installing it manually, but I wouldnt rule it out...
<yann2> maybe its from apparmor-profile, not impossible that I installed it and forgot about it
<jdstrand> yann2: dpkg -S /etc/apparmor.d/usr.sbin.smbd
<twb> yann2: report it against apparmor; if you're wrong it'll be reassigned.
<yann2> indeed then :)
<yann2> apparmor-profiles it is
<jdstrand> yann2: feel free to file a bug against apparmor. that profile needs work (it is on the TODO list), is complain mode only and also community supported atm (ie, it's in universe)
<jdstrand> yann2: what I mean be all of that is that even though it is installed and noisy, it shouldn't be blocking anything, unless you manually put it in enforcing mode
<yann2> was in enforce mode... but I tink I had a play with apparmor a long time ago
<yann2> (is a dev server)
<yann2> so maybe I just activated it :)
<jdstrand> yann2: probably. if you have modified it in such a way that it works well with a default samba installation according to the Ubuntu manual, then please submit your updated profile in the bug and we can review it for inclusion in the package (and upstream)
<yann2> haven't touched it (yet)
<jdstrand> (and by 'package', I mean the apparmor-profiles package for now)
 * jdstrand nods
<yann2> is there a way to report a bug using http://bugs.launchpad.net ?
<yann2> oh man the guy who decided to remove the "report bug" link on that page really should get fired every time I try to report a bug I just cant find out how to do it
<jdstrand> yann2: https://bugs.launchpad.net/ubuntu/+source/apparmor/+filebug
<yann2> thanks
<jdstrand> np
<yann2> alright done: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/545061 , thanks a lot for your help jdstrand . I believe quite a few people will get in trouble trying to share other folders when this profile get into enforce mode though ;)
<BulleTh0> If I have a subnet routed behind an ip how do I use an ip from that subnet with windows desktops ?
<baba_b00ie> hello
<BulleTh0> How do I disable NAT ?
<baba_b00ie> i'm looking in to building my first ubuntu server. my server would be used as a file server and media sharing with my xbox 360. was hoping someone could point me to some rockin faq, doc websites
<Rafael_> i need help with Webmin: si coloco https://xxx.xxx.x.xx:10000 i can see webmin, but if i place  https://hostname:10000 nothing..can somebody please help me?
<reisi> Rafael_: could it be intentional?
<hggdh> Rafael_, try 'ping `hostname`, and see if the IP addresses match
<Rafael_> let me try
<Rafael_> hggdh: 64 bytes from myplasticare (127.0.1.1): icmp_seq=2 ttl=64 time=0.019 ms
<Rafael_>  the ip address of the lan ubuntu should be 192.168.1.11 not 127.0.1.1
<hggdh> Rafael_, check your /etc/hosts, I am quite sure you will find your hostname maped to 127.0.1.1
<Rafael_> hggdh: i am a newby..let me try, if not i will google and if not i will ask you
<yann2> mmh it seems hardy's puppetmaster can't handle lucid's puppet :(
<yann2> [2010-03-23 14:35:04] 10.0.10.108 - - [23/Mar/2010:14:35:04 GMT] "PUT /production/certificate_request/10.0.10.108 HTTP/1.1" 404 324  < is that worth a bug report, or isn't it supposed to work?
<Rafael_> hggdh: this is what i found:
<Rafael_> ::1 ip6-localhost ip6-loopback
<Rafael_> fe00::0 ip6-localnet
<Rafael_> ff00::0 ip6-mcastprefix
<Rafael_> ff02::1 ip6-allnodes
<Rafael_> ff02::2 ip6-allrouters
<Rafael_> ff02::3 ip6-allhosts
<Rafael_> 192.168.1.11    myplasticare
<tremby> how do upgrade to the latest? currently on Hardy and some of its software is a little too old for my current needs
<Pici> tremby: If you want to upgrade to the next LTS, you'll need to wait until the end of April. Otherwise you can upgrade to 8.10->9.04->9.10
<tremby> need to make a move today, really. it's blocking my work. do i have to go through each step like that?
<tremby> would things break if i just pointed it to the 9.10 repos and said dist-upgrade?
<jpds> tremby: That's not supported.
<Pici> tremby: Its likely.  I definitely wouldn't do that on a production server.
<tremby> it's a testing server
<Pici> tremby: You can upgrade from one LTS to the next though.  So you will be able to go from 8.04 to 10.04 once its released.
<tremby> oh, i see
<tremby> hmm, in that case maybe i'll work around my issue, build some stuff from source
<Rafael_> hggdh: can you give me some idea on what to do?
<tremby> thanks
<jaraco_mobile> How do I run a process as a different user? I'm using Ubuntu 9.10 (as found on rackspace-cloud). When I run "su tomcat6 whoami" I get no output. When I run "sudo -u tomcat6 whoami", it reports the username. I want to launch this as a script, so sudo is not appropriate.
<tremby> jaraco_mobile: you probably mean su tomcat6 -c whoami
<jaraco_mobile> tremby: same result - no output.
<jaraco_mobile> BTW, root account is enabled... and I'm running su as root.
<tremby> hmm, all i can say is it works for me
<tremby> sudo su -; su tremby -c whoami
<tremby> gives me "tremby"
<jaraco_mobile> odd
<jaraco_mobile> I'll try a clean server and if it's still behaving as such, I'll try rackspace support.
<jaraco> Okay. I found that su works for a regular user account, but not for the tomcat service account.
<hggdh> !pastenbin | Rafael_
<jaraco> Whose shell is set to '/bin/false'
<tremby> oh there you go. use the shell switch of su
<hggdh> !pastebin| Rafael_
<ubottu> Rafael_: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<jaraco> tremby: thanks for the tip. I'll look into it.
<tremby> su tomcat5 -s /bin/sh -c whoami
<jaraco> Indeed, that does the trick. Thanks!
<tremby> no prob. should have realized you were trying to use a system account...
<jaraco> I sure do love rackspace cloud. I was able to stand up a new, clean server and eliminate all other variables in just a few minutes.
<jaraco> Is using 'su' the best way to launch a system process under a particular userid, or should I be using something else?
<yann2> sudo -u jaraco ls
<tremby> it's su or sudo really. or using that user's own crontab i guess
<Pici> I usually drop things into the user's crontabs.  Then again, these are accounts that don't belong to particular people that I deal with.
<hggdh> Rafael_, IIRC, webmin will by default only allow localhost to connect
<tremby> i think it's a bit neater to stick them all in root's crontab. hard to keep track otherwise
<Rafael_> hggdh: did i did rigth the pastebin?
<hggdh> Rafael_, I guess you did not ;-)   Did you post the link here?
<Rafael_> sorry...not let me try
<Rafael_> hggdh: i guess is: http://pastebin.com/p0GG7KXd
<hggdh> Rafael_, some issues: (1) you have multiple definitions of the mypasticare and mypasSticare
<hggdh> Rafael_, (2) lines 5 and 19 are simply plain wrong
<hggdh> Rafael_, so, please correct/clean up your /etc/hosts, and then you can try again
<Rafael_> hggdh: should i just delete or correct
<Rafael_> hggdh: sorry but when i copy and paste something wsa paste not correctly..this is a new pastebin: tkae a look and please give me your feedback:  http://pastebin.com/VmkpeX73
<smoser> https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/523148
<smoser> kirkland, https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/542324
<hggdh> Rafael_, lines 2 and 11 conflict
<Rafael_> hggdh: Thanks so much for your help as you can see i am a newby and not so smart..just learning...question..so if i have assign on my LAN a static ip address of 192.168.1.11, can i delete line 2 or what is 127.0.1.1
<hggdh> Rafael_, yes, you can delete line 2
<Rafael_> hggdh: will try..what is the 127.0.1.1?
<hggdh> Rafael_, any addresses in the 127/8 range are non-routeable addresses (this is what is usually called the localnet). 127.0.0.1 should usually be set to localhost
<_ruben> bah .. pmacct is built without ipv6 support
<Rafael_> hggdh: i try and clean it, this is how it looks now http://pastebin.com/74hkyhrm  i reboot ubuntu but still webmin is not working with the hostname
<bogeyd6> kk Rafael_
<bogeyd6> Rafael_, what do you have in /etc/hosts
<Rafael_> hggdh: if i do a ping now i get: 64 bytes from myplasticare (192.168.1.11): icmp_seq=1 ttl=64 time=0.022 ms
<Rafael_> bogeyd6: see http://pastebin.com/74hkyhrm
<bogeyd6> and you cant go to http://myplasticare?
<RoAkSoAx> ahasenack, ping
<ahasenack> RoAkSoAx: hi
<ahasenack> RoAkSoAx: hi
<RoAkSoAx> ahasenack, hi, may I PM you?
<Rafael_> bogeyd6: my original question was:  i need help with Webmin: si coloco https://xxx.xxx.x.xx:10000 i can see webmin, but if i place  https://hostname:10000 nothing..can somebody please help me?
<ahasenack> RoAkSoAx: yes
<soren> RoAkSoAx: Thanks for pushing the glusterfs update. I really appreciate it.
<Rafael_> any help?
<djveer> hey guys, I got a ubuntu server  box running MySQL/Apache that the hard drive is in a buggered state in... I tried to use dd on the drive to make an image but even with the noerror option, it still is giving me input/output errors. Is there anyway I can make it run  enough to get a dump of the MySQL database I need?
<djveer> This was just a testing box so it's not super important (or I would have made backups) but I would be handy to get the data off
<djveer> *it would
<djveer> There any way to do a dump of the database from a liveCD?
<kirkland> smoser: http://paste.ubuntu.com/400069/
<kirkland> smoser: something like that in the header
<ttx> kirkland, smoser, mathiaz: how is it going ?
<smoser> excellente
<kirkland> ttx: we made some progress yesterday; i have pictures of our todo/done stuff from the flipchart
<kirkland> ttx: i'll email those to you, if you like
<kirkland> ttx: our main blocker right now is that we have a 49KB/s download speed from the hotel where we're working
<ttx> kirkland: beh
<sherr> djveer: maybe ddrescue?
<RoAkSoAx> soren, no prob :)
<smoser> http://cdimage.ubuntu.com/releases/lucid/beta-1/
<djveer> sherr: can dd_rescue be ran from a live CD environment?
<kirkland> ttx: https://bugs.edge.launchpad.net/server-papercuts/+bug/545262
<ttx> ack
<sherr> djveer: I see no reason why not. It's in the repos - have a go. Good luck :-)
<ttx> kirkland: approved as papercut, assigned to you :P
<djveer> sherr: Thanks! I think i'm going to try freezing the drive for 30 min or so before
<djveer> sherr: i've been told people have had good luck doing that
<sarthor> Hi, i have ubuntu-server  9.10 installed. squid/dhcp/shorewall 4.4/pppoe-server,  running, i want to put one access point having no security key, that the people can connect, and when they start browsing, so all their browsing redirect to http://192.168.0.100:80, Coz there is my page with detail to get user name and password and use internet,, I am also running pppoe-server,
<jdstrand> zul: hey, just hitting the nut upgrade. is it just me or should /etc/nut/ups.conf not be a conffile? I'm getting prompted on upgrade and there is no reasonable default afaict. the same goes for upsd.users, upsmon.conf and nut.conf
<zul> jdstrand: hmm....not sure can you open up a bug just in case
<kirkland> ttx: thanks
<Rafael> hggdh: any other help you can provide me?
<Rafael> bogeyd6: Any oither help that you csan provide will be appeciated
<bogeyd6> Rafael,
<bogeyd6> Rafael, is it sitll the problem of https://hostname doesnt work?
<bogeyd6> from the client, not the webmin server
<Rafael> bogeyd6: yes if i type https://myplasticare:100000 does not work
<bogeyd6> Rafael, which dns server is the client set to use?
<Rafael> bogeyd6: just to be sure..how can i check that
<bogeyd6> Rafael, on client if windows just type "ipconfig /all" in a commmand windows
<bogeyd6> Rafael, if linux just type "cat /etc/resolv.conf"
<Rafael> bogeyd6:thanks, let me check on windows client
<bogeyd6> k
<Rafael> bogeyd6:http://pastebin.com/sV1azZkb
<bogeyd6> Rafael, and the dns server 156.154.70.22 is set to resolve http://myplasticare ?
<bogeyd6> Rafael, another fix would be to edit the host file of the windows client
<ninjix> I'm having a problem with likewise-open not being able to change password for AD account. Anyone experienced with likewise-open?
<kirkland> smoser: mathiaz: http://www.southcoastdeli.com/menu.html
<shennyg> I am looking into using AWS ELB for my commerce site. Will my site/code/php be able to see the users IP address? I have geolocation on my site and from the research I have done is that under https it doesn't pass the users IP. Is that correct?
<smoser> kirkland, bug 541486 is ready to be sponsored... it could be queued with other eucalyptus changes, but i think its ready.
<kirkland> bug #541486
 * kirkland smacks ubottu 
<Rafael> bogeyd6: sorry i have to leave, but i am back. you are saying that i should edit the host file on the windows client?
<jaraco> I have a java servlet that I would like to deploy on Ubuntu. I'm able to download the stock apache binaries for tomcat 6.0.20 and deploy the app in that environment. I would prefer to use Apt and the ubuntu tomcat package, but when I do, I get cryptic errors. Can someone suggest how I might track down the differences between the Ubuntu package and the stock tomcat binaries?
<jaraco> Sorry, I realize that's not a very specific question.
<sherr> jaraco: I guess you could a) look at the version number and b) Go through the changelogs and compare
<hggdh> mathiaz: I *did* restart the CC with CLEAN=1 (tried different things, and found this requirement elsewhere)...
<mathiaz> hggdh: hm...
<hggdh> mathiaz: but, anyway, I am going to do it all again ;-)
<mathiaz> hggdh: did you "restart *eucalyptus-cc* CLEAN=1"
<mathiaz> hggdh: or restart euclyptus-*cloud* CLEAN=1
<hggdh> mathiaz: yessir
<mathiaz> hggdh: ?
<hggdh> oh
<hggdh> *now* I am in doubt
<hggdh> I followed the docs
<mathiaz> hggdh: eucalyptus-cloud doesn't support CLEAN, eucalyptus-cc does
<mathiaz> hggdh: right - I've updated the test cases
<hggdh> mathiaz: I will have to do it again, so we will find out :-)
<mathiaz> hggdh: right
<mathiaz> hggdh: how is the uec test rig doing?
<hggdh> mathiaz: did not touch it since Monday
<hggdh> mathiaz: can I keep on using it?
<mathiaz> hggdh: yes
<mathiaz> hggdh: testing beta1 and you getting familiar with the test rig is the most important thing
<hggdh> mathiaz: ack
<hggdh> mathiaz: will restart the tests, then, from the beginning (still set to use the ISOs
<norkakn> I have a server with a load of about 970.  `ps aux` and `lsof` freeze and dont' return anything.  There are lots of runaway defunct ps procs that I cannot kill
<norkakn> is there any way to kill things?
<norkakn> There are some dmesg things about the raid, but mdadm says everything is fine
<norkakn> kernel is 2.6.24-19-server
<sherr> norkakn: sounds bad. If you have a console, maybe an "init 1" and try and clean up?
<norkakn> it's a mail server, and it is still responsive, and it is 3 hours away from the nearest coworker
<norkakn> I'm at a bit of a loss, I haven't had things resistant to -HUP then -9 before
#ubuntu-server 2010-03-24
<kirkland> smoser: http://paste.ubuntu.com/400294/
<rameshwor> i'm using lampp.. and i get two different hosts for " localhost " and " 127.0.0.1 "    shouldn't they be same ?
<yann2> not necessarily
<yann2> 127.0.0.1 will serve you the first virtual host declared, while localhost will serve you the host declared with Servername localhost
<rameshwor> yann2: ok..
<twb> vhosts piss me off.
<yann2> twb ?
<twb> I shouldn't have to add entries to my laptop's /etc/hosts or write GET requests directly just so that the site will work through an SSH port forward.
<yann2> uh? what are you trying to do?
<twb> Access an internal vhost from outside a LAN by hopping through a bastion.
<twb> e.g. ssh -fNL 8080:porn:80 example.net && w3m http://127.0.0.1:8080 will fail, because w3m will send "Host: 127.0.0.1" which doesn't match the vhost "porn".
<twb> The godsawful workaround being to make "porn" resolve to "127.0.0.1" locally, and then tell w3m to go to "http://porn:8080/"
<yann2> I'm afraid you might be right :)
<yann2> on the other hand its your fault if porn doesnt resolve locally, as really it should ;)
<kirkland> smoser: http://paste.ubuntu.com/400316/
<twb> yann2: it's a weak point if DNS failures also break the HTTPd.
<yann2> twb, well you're right again but then that's how much of the internet work 'plus it's up to you to have enough dns servers :)
<twb> "That's how much of the internet works" isn't an excuse.
<twb> Rather, it's an invalid excuse.
<smoser> kirkland, http://paste.ubuntu.com/400322/
<kirkland> smoser: http://paste.ubuntu.com/400323/
<trimeta> I just ran smartctl -t short on my drives, and it's giving me a LifeTime(hours) of 2600. Is that the estimated time until the drive fails, or just how long it's been running so far?
<twb> trimeta: you need a big bag of grok to understand the numbers that come out of SMART
<twb> But based on what you've said and my memory, I'd expect lifetime is the number of hours the disk has been running so far -- not how long it has left.
<trimeta> twb: Cool.
<trimeta> The drives I bought have some negative reviews, and I figure I should probably be monitoring them to make sure they don't die when I least expect it.
<twb> Unfortunately I don't have any good references to give you (re grokking)
<twb> Oh, these are new drives?  Then 2600hrs runtime wouldn't make sense.
<trimeta> No, it's been a couple of months since I got them.
<trimeta> Beginning of December, I think.
<twb> That'd be about 2900 hours if they were running continuously
<trimeta> WolframAlpha gives me 2592 hours since December 5th, which is when the RAID says it was first created. So it's probably fine.
<soren> trimeta: LifeTime is how long they've been running for.
<twb> What is a WolframAlpha?
<twb> soren: thanks.
<trimeta> twb: Wolfram's "knowledge engine;" there was a bunch of hype when they released it about how it was better than Google, able to actually understand your searches and find the answer from its own database; in practice, it's useful if the question you've got can be answered definitively with some calculations.
<trimeta> So time between two dates, what day of the week something falls on, that sort of thing is useful.
<twb> I would normally use Emacs for those
<twb> Or GNU date
<twb> $ date -d '1 Jan 1970' +%a ==> Thu
<twb> I don't know how to do P intervals, but you can kludge it thusly:
<trimeta> Well, it does things other than date stuff, too...I can't remember anything useful, though.
<twb> $ sh -c 'TZ=GMT date -d @$(($(date -d "$2" +%s) - $(date -d "$1" +%s))) -Iminutes' -- '22 Jan 2010' '18 Oct 2010' ==> 1970-09-27T00:00+0000
<twb> ...which means 9 months, 27 days (more or less)
<trimeta> Easier to let someone else parse my human input string and give me the answer.
<twb> FSVO someone = proprietary, unaccountable third-party
<trimeta> This is purely factual stuff, I'm not concerned about them fucking up horribly.
<trimeta> Plus this is the company behind Mathematica. They know math.
<trimeta> I wouldn't trust them as far with encyclopedic information, but I'll believe in their internal Gregorian calendar.
<axisys_> i am failing to start apache2
<axisys_> [Tue Mar 23 23:15:58 2010] [error] Unable to configure RSA server private key
<axisys_> [Tue Mar 23 23:15:58 2010] [error] SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
<axisys_> any help would be appreciated
<axisys_> it was working until thursday
<psteyn> Hi guys.  I've had some filesystem inconsistency which fsck has fixed, but now when booting the process is taking very long at 'Checkign qoutas..'
<psteyn> Any idea how I can either skip Quota checking, or is it normal to take that long?
<rap424> I am getting ready to run "euca-run-instance -k keyname " where can I find the keyname, or create one?
<lifeless> euca-describe-keypairs
<rap424> "EC2_ACCESS_KEY environment variable must be set"
<rap424> I just ran "euca-add-keypaid mykey > mykey.priv"
<rap424> ran a couple more commands and get the same environment variable must be set
<lifeless> well, do you have it set ?
<rap424> I am not sure what to set it to
<lifeless> you generally set it by sourcing the eucarc that the euca admin web pages give you in a zip file
<lifeless> follow the general getting started stuff if you don't know what I'm talking about
<rap424> Thanks, probably  should've done that in the first place. Thought it would be as easy as downloading from the web interface
<Xodiac13> i just mounted a ext hdd to my ubuntu server i need help because it gives me the total and I formated the 320gig hd and without the ext hd it was about 280gig and now its 586gigs but with 568gigs used how can i get it to give up more space thats its not even using
<Xodiac13> i am doing all this in the command line and if there is any way i can get some help by leading me to a website
<Xodiac13> baffle: can you plz help me
<rap424> Xodiac13: Did you add a file system to the ext hd?
<Xodiac13> rap424: no i just want to add extra space to the server its on a laptop and i want to add a 329gig ext hdd
<axisys_> i did follow this https://help.ubuntu.com/9.04/serverguide/C/httpd.html
<axisys_> still failing to start apache2 ssl
<Xodiac13> rap424: i mounted it but it shows that 560 gigs total and 530 gigs used i just formatted the hd
<eross> is the cloud the same as google os?
<eross> i meant similar
<rap424> run "mkfs.ext3 /dev/sd*"
<Xodiac13> rap424: okay
<rap424> Xodiac13: make sure to subsitute sd* for the ext hd, and unmount it first
<Xodiac13> rap424: okay
<rap424> lifeless: Would the keypair end with .pem?
<lifeless> no, you'll nee dto create it
<Xodiac13> rap424: i just unmounted and did what you said and it said it needed to be unmounted?
<lifeless> the command you ran before errored ;) - check the file it created
<Xodiac13> rap424: somehow its still mounted with the command
<rap424> Xodiac13: When you ran fdisk did you just erase all the partitions?
<Xodiac13> rap424: no i get this /dev/sda1 is mounted; will not make a filesystem here!
<rap424> Xodiac13: I don't think the ext hd will be sda1, that is generally your first hd
<Xodiac13> rap424: thats wierd cause hda1 is the filesystem
<twb> He might have PATA disks and a pre-libata release
<Xodiac13> rap424: thats how i got it mounted by using sda1
<Xodiac13> rap424: i also renamed the mnt extdisk
<rap424> Xoadiac13: Run umount extdisk
<Xodiac13> rap424: k
<Xodiac13> rap424: it says its not mounted
<Xodiac13> rap424: or not found sorry
<rap424> Xodiac13: When you run "ls /dev/sd<tab>" what comes up?
<rap424> lifeless: cat eucarc >> .profile ??
<Xodiac13> rap424: i get this ls /dev/sda1
<rap424> Xodiac13: That is all that is listed?
<Xodiac13> rap424: yeah
<Xodiac13> rap424: im runing ubuntu server 8.04
<rap424> Xodiac13: I am guessing twb might be right
<Xodiac13> rap424: twb?
<rap424> Xodiac13: Are your disks PATA?
<Xodiac13> rap424: im thinking they are
<rap424> Xodiac13: There should be more partitions on your drives, unless you manually created partitions during startup and didn't make a swap partition
<rap424> Xodiac13: Try "ls /dev/hd*<tab>"
<Xodiac13> rap424: i just used the auto install
<Xodiac13> rap424: it says its not found
<lifeless> rap424: or add '. path_to_eucarc' to .profile
<Xodiac13> rap424: im using webmin if that makes a difference from actually being on the server
<rap424> Xodiac13: I have never used webmin, so not sure
<Xodiac13> rap424: is there anything i can do to get my ext hdd working for extra space
<rap424> Xodiac13: I am sure there is, but I am not sure why there is only one partition showing up in /dev
<Xodiac13> rap424: uh
<rap424> Xodiac13: On a manual install Ubuntu should create a primary partition and a swap partition, usually /dev/sda1 and /dev/sda2 or /dev/hda1 and 2
<Xodiac13> rap424: uh thats wierd
<Xodiac13> rap424: is there anyother way to format it and then after that it should work just fine?
<rap424> Xodiac13: All I know of is fdisk
<Xodiac13> rap424: okay i will try
<rap424> Xodiac13: If you have a windows box you can double check there
<Xodiac13> rap424: what program can i use for windows to format it to ext3
<rap424> Xodiac13: I don't think there is one, but you can format it to FAT. Linux will read FAT
<rap424> Xodiac13: or just format it to FAT, and when Linux recognizes it format it to ext3
<Xodiac13> rap424: okay but with FAT i dont think it can use 320gigs though
<rap424> Xodiac13: but at least you will make sure you formatted the right drive with fdisk, it will be labeled as a FAT drive
<Xodiac13> rap424: true
<rap424> lifeless: Not enough resource :(
<rap424> lifeless: ./eucarc didn't even work, had to copy and paste
<pwnguin> what's the channel for ubuntu sysadmins?
<pwnguin> the planet RSS fails to validate
<qman__> yeah, it's coming back empty
<qman__> been that way all day
<pwnguin> qman__: its not empty
<pwnguin> qman__: it just doesn't validate
<pwnguin> if someone cleared the planet cache it would probably pick right back up
<qman__> ah
<rcsheets> is this the right channel for UEC issues, or is there a better place for that?
<Callum__> rcsheets: yes, this is the right place to ask for help on Ubuntu Enterprise Cloud (Eucalyptus) if that is what you are talking about
<rcsheets> cool, thanks. sorry that was kinda asking to ask :)
<Callum__> lol
<rcsheets> i've done the cloud controller install, which seemed to work fine, and i rebooted. i was under the impression that the first node i install would get its network configuration via dhcp, with the cloud controller being the dhcp server, but there doesn't seem to be a dhcp server running.
<rcsheets> in fact, when asked which interface would be used to communicate with nodes, i said eth0, and eth0 didn't have an ip address at all
<Callum__> rcsheets: did you select a DHCP server to be installed while installing Ubuntu Server on the cloud controller?
<rcsheets> no, was that somethingg i needed to do manually?
<Callum__> rcsheets: no
<rcsheets> i just accepted defaults for virtually everything
<Callum__> rcsheets: eth0's configuration shoud have been configured during install too
<Callum__> should*
<rcsheets> i said eth1 was my primary network connection, and that the nodes would be on eth0
<Callum__> ah
<rcsheets> eth1 is using dhcp (served by my router) and that is working fine
<Callum__> rcsheets: you will have to configure eth0 manually by editing the /etc/network/interfaces file as superuser
<rcsheets> ok. did that.
<Callum__> rcsheets: did you ifdown eth0 && ifup eth0?
<rcsheets> do i need to tell something to run a dhcp server there, beyond simply telling the installer that the nodes will be on eth0?
<rcsheets> i rebooted (the machine needed to be moved off the floor :)
<Callum__> ah lol
<Callum__> so everything is working but you need a DHCP server to assign IP address to the nodes?
<rcsheets> eth0 now shows both 169.254.169.254/32 and 10.10.10.1/24
<rcsheets> i am only assuming that a dhcp server should be running to assign IP addresses to nodes. i haven't begun the install on the first node yet. i was trying to sanity check the cloud controller configuration before i went down that road.
<rcsheets> i can install dhcpd if i need to ... i was just kind of surprised it (or something similar but more UEC-themed) wasn't already there, so i thought maybe something was wrong
<Callum__> rcsheets: obviously not =) sorry, I'm not familiar with cloud computing configuration because I don't use it on any of my servers, but I'll assume installing a DHCP daemon on that server and configuring it will do the trick
<Callum__> rcsheets: it needs to be specified to be installed at install-time
<rcsheets> ok
<rcsheets> with the "Install Ubuntu Enterprise Cloud" option i had been hopeful that it would install all the necessary software by itself
<rcsheets> but i will go get dhcpd :)
<Callum__> rcsheets: you can select more than one option
<Callum__> rcsheets: using the space bar and then pressing enter once you have selected all you need
<rcsheets> oh, dhcp3-server is installed
<rcsheets> Callum__: on which menu do you mean?
<Callum__> rcsheets: when you go through the Ubuntu Server installer, I mean..
<rcsheets> the UEC install process doesn't present the task selection menu
<rcsheets> (or i missed it)
<Callum__> Hmmm
<rcsheets> it seems to be a bit single-purpose
<rcsheets> i think i might try it again with eth0 as the primary interface, in case something is assuming the first interface will be primary
<Callum__> okay
<Callum__> heh, my SCSI cables keep getting damaged or something (probably because of the way it is in the case...) so that my array becomes degraded and I have to get a new cable and then rebuild the array... I'm pretty sure its the way I have the cables sitting in the case, I'm going to rearrange my drives so that the SCSI drives are in a much better place where they can't get damaged
<rcsheets> haha
<Callum__> s/drives/cable/
<rcsheets> that's an unusual reason for an array to be degraded :)
<Callum__> rcsheets: I know lol, but this is kinda old equipment so I'm waiting on some 1TB SATA drives to be ordered so I can put this hardware SATA RAID controller I also have in the machine to good use
<rcsheets> cool
<rcsheets> oh one other oddity with UEC i'm noticing ... any idea why some uids wouldn't be resolved to usernames by ps?
<Callum__> sometime I may be able to "borrow" an external SCSI enclosure to put some SCSI drives in so I can still use my SCSI RAID controller (since that is still fine)
<Callum__> rcsheets: not sure about that I'm afraid
<rcsheets> if you're curious... http://pastebin.com/vi1jVmSJ
<Callum__> wow, that is weird...
<Callum__> rcsheets: maybe its because they are remote users?
<Callum__> well, are they?
<rcsheets> nope
<Callum__> hmmm
<rcsheets> 'getent passwd 102' and 'getent passwd 107' do exactly what you'd expect
<rcsheets> 107 is eucalyptus and 102 is messagebus
<Callum__> because I notice that happens when foreign users put content onto my home server...
<rcsheets> right
<rcsheets> maybe from expanded tarballs with the uids preserved
<Callum__> yeah
<rcsheets> yeah but these are running processes, and the users are in /etc/passwd
<Callum__> rcsheets: it that a problem, or it just nitpicking? =P
<Callum__> is*
<rcsheets> well ...
<rcsheets> it's weird. i wonder if it's a symptom of some larger problem.
<Callum__> if you know what UID 107 and 102 are, its not a big problem
<rcsheets> well, sure. it's not like a showstopper.
<rcsheets> oh i guess i never mentioned this is on lucid beta1
<Callum__> Hah, I see
<rcsheets> it just seems like some polish that would be nice :)
<Callum__> rcsheets: it might be a good idea to report the bug, it can and might be fixed by the final release...
<Callum__> unless its been reported already
<rcsheets> ok
<rcsheets> i'll look around
<Callum__> I defy the laws of the man... I'm multitasking, talking here, fixing a server and doing my Japanese homework
<rcsheets> yeah the closest thing i'm seeing to the task selection menu (which would have the option for manual package selection, i think) is [!!] Select cloud installation mode
<rcsheets> which asks me if i'd like this to be a cloud controller, walrus storage service, cluster controller, storage controller, and/or node controller
<rcsheets> with the first four selected by default
<Callum__> Hmm
<Callum__> In which case, DHCP server should be installed by at least one of those, not sure about it being actually being configured
<rcsheets> then i tell it which interface to use to talk to the nodes
<rcsheets> (in this case eth1)
<rcsheets> then i wait forever for mkfs.ext4
<rcsheets> yeah, then it starts installing packages. there's no opportunity to select extra packages.
<rcsheets> which is probably fine for the UEC installer
<rcsheets> wow, 9999% cpu usage
<rcsheets> reported by top
<rcsheets> taht's a lot
<Callum__> heh
<rcsheets> hmm yeah
<Callum__> hmm, whats the plain past form of ã verbs...
<rcsheets> i specified eth1 as the interface for the controller to talk to the nodes, but 'sudo grep -ir eth1 /etc' shows nothing even vaguely related to eucalyptus
<rcsheets> that definitely doesn't seem right
<rcsheets> i'll file a bug tomorrow after i investigate a bit more. for now, some sleep.
<rcsheets> thanks for the help Callum__, and good luck with homework
<Callum__> rcsheets: there is probably some information about setting up Eucalyptus at the Ubuntu and/or Eucalyptus website...
<Callum__> rcsheets: thanks lol
<rcsheets> yeah it looks like i need to set VNET_PRIVINTERFACE="eth1"
<rcsheets> but it's set to eth0
<rcsheets> later
<jetole> does anyone know how I can view what the current version of a package is from the command line before I install it?
<jetole> nevermind, got the answer from someone else
<Callum__> okay
<rcsheets> Callum__: my ps username resolution bug turns out to be a wontfix. https://bugs.launchpad.net/ubuntu/+source/procps/+bug/14027
<maxo> hi, I've been looking into virtualization, but I'm still confused about it - what are the immediate benefits?
<Callum__> rcsheets: I see. Well, that's too bad...
<Callum__> maxo: you can run many different "machines" on a single computer provided you have the hardware, and you can backup, restore and run VMs on different computers easily, as well as do some other fancy things
<Callum__> maxo: virtualisation is really only advantageous if your machine is actually capable of running more than one or two
<Callum__> as it can be difficult to set up for users who don't know what they are doing
<Callum__> and VMs are slower than running on native hardware
<maxo> Callum__, I'm considering getting a new server where I work and put Ubuntu on it. But there are 2 issues: the first, the organisation uses Microsoft's ISA server firewall, and I'm worried that configuring Ubuntu to get through that firewall could be a problem. The second issue, it would be good to be able to run ASP.NET applications, and Mono didn't work that well for me. So I'm considering whether it might be worth running Ub
<Callum__> maxo: ISA can be configured to allow Ubuntu through it (although technically it definitely should give it access without any configuration as all the protocols are operating system independent)
<Callum__> maxo: I'm afraid ASP.NET requires IIS, which as I'm sure you know is Windows only and always will be
<Callum__> oh wait
<Callum__> Mono can run ASP.NET?
<Callum__> heh, never knew...
<maxo> Callum__: yes it does, but I had problems testing it out. I got some things working, but not quite how I wanted. It's not ideal
<Callum__> but anyway, an IIS server is always best if you are locked into a Microsoft technology such as ASP.NET
<Callum__> maxo: you could always virtualise Windows Server lol
<maxo> Callum__: as for the ISA server, I think it grants permission on a user basis? But on Ubuntu, I'd have local users trying to connect to the internet, like apache's user account, and then apt does something different I think
<maxo> I think connecting through to the ISA server is my main worry. If I can't even use apt - that would be terrible!
<Callum__> maxo: APT uses direct HTTP downloading...
<maxo> Callum__: yes but ISA servers use some strange different protocol to normal proxies
<rcsheets> unless you have some kind of NAC going on which isn't willing to let Ubuntu onto the network, I'd expect it would work fine
<rcsheets> you could always try a live cd
<Callum__> maxo: well you can always try it out and see what you come up wioth
<Callum__> with*
<maxo> the ISA server definitely requires some kind of authentication. Even on my windows machine logged on, because Google Chrome doesn't fully pick up proxy settings, it prompts for a login when I go to any external website
<Callum__> maxo: hmmm, so when you try to go to a website it instead asks you to login...
<maxo> I think I might need to set up something like this: http://ntlmaps.sourceforge.net/ - but then I would need to configure every account to go through the proxy, and I'm not sure how I'd do that.
<Callum__> maxo: yeah, Ubuntu would have problems with something like that
<Callum__> well, APT would
<incorrect> can i stop dhcp client from setting the default route?
<lenios> yes incorrect
<incorrect> i don't see an option like "no route" in the dhclient.conf file
<lenios> look in /etc/network/interfaces
<lenios> wait, you're talking about routes, not adresses?
<incorrect> when you say dhcp as the config method you then defer configuration to dhclient
<incorrect> that has its own config
<incorrect> i've stopped it from setting my resolv.conf, now i want to bring up multiple interfaces using dhcp, just need to stop the default route from getting set by dhclient
<lenios> do you have multiples interfaces with dhcp?
<incorrect> i will do once i can bring them up without over riding the default route
<lenios> but how do you set the routes then?
<incorrect> with dhclient, just for only one interface
<lenios> looks like this is interesting https://help.ubuntu.com/community/InternetAndNetworking/DualHomedGatewayDHCP
<incorrect> sort of
<incorrect> the guy only has one dhcp configured interface
<incorrect> i am going to have 4
<maxo> Callum__: ok so I looked some more into it, and it seems it's possible to configure an ISA server to allow computers through by IP address. So that would probably solve things. And then perhaps I could even run windows server virtually on ubuntu lol
<lenios> he's creating a hook in /etc/dhcp3/dhclient-exit-hooks.d
<Callum__> maxo: yeah, that would do the trick =)
<lenios> well,  /etc/dhcp3/dhclient-enter-hooks.d too
 * Callum__ facepalms
<Callum__> I hate these SCSI drives
<Callum__> They are the bane of my existence in my home servers...
<Callum__> why can't they be like my SATA drives, aka "just work"
<Callum__> there, good push in of everything made it bloody work...
 * Callum__ closes up the case and tidies up everything
<geneticx_rs> Good morning everyone. Anyone know how to run rsync so that it copies the results to a file but still maintaining verbose on the screen (-v) ?
<henkjan> geneticx_rs: man tee
<henkjan> tee - read from standard input and write to standard output and files
<henkjan> geneticx_rs: http://en.wikipedia.org/wiki/Tee_(command)
<geneticx_rs> henkjan: thanks
<RoyK> anyone that knows a tool on how to automatically create a network map, layer two? I guess some switch autodiscovery protocol would do
<bogeyd6> RoyK, there are a couple but they are made of fail of and disappointment
<bogeyd6> RoyK, you got solarwinds, cisco, 10strike
<djveer> Hey guys, I am making a dd_rescue copy of my failing hard disk's ubuntu server install currently but I was wondering if there is a way to do a mysqldump (to export the databases) without actually having to boot the OS.. aka can I dump them from the image?
<djveer> or does mysql actually have to be running to get them
<zul> axisys_, http://www.enterprisessl.com/ssl-certificate-support/server_faq/ssl-server-certificate-apache.html
<ninjix> djveer: you could collect the data files
<ninjix> there are KB available on restoring MySQL from data files.
<djveer> ninjix: interestnig.. because even dd_rescue is giving me 'bad block' errors tryign to create this image.. so this hdd is probably pretty buggered.
<djveer> however the databases aren't very big.. maybe I can get them off there without getting I/O errosr
<ninjix> I've done it from a failing Win2k box to a new Ubuntu server a year ago
<djveer> *interesting, *errors
<ninjix> djveer: I'm a big fan of Steve Gibson's SpinRite for HD recovery (even if it isn't OSS) it just works.
<djveer> Oh yeah .... dang I think I had a copy of that... isn't it a paid for thing now?
<ninjix> IMHO it's cheap from a cost / benefit analysis of your time and money.
<djveer> yeah true
<ninjix> if you can get your disk to a "readable" enough state, other recovery options may become available
<djveer> yeah, thanks for your recommendations ninjix
<djveer> this hard drive is really buggered. getting I/O errors like 10% into the dd_rescue transfer
<djveer> lol
<ninjix> ouch
<ChrisRut_> How can I jump to the EOF in nano ?
<bpgoldsb> I'm trying to do a little planning for the upcoming 10.04 release.  It looks like there's no native Xen Dom0 support, and thus no native 8.04 -> 10.04 upgrade path, for Dom0's.  Is that the case?
<zul> bpgoldsb: you are own your own
<bpgoldsb> I guess the suggestion is to use KVM instead?
<Jeeves_> bpgoldsb: Yes, I think so
<henkjan> bpgoldsb: maybe switch the dom0 to debian
<BillyBoy^B> hi can anyone help me.. i'm stuck configurating FW and mysql access
<BillyBoy^B> i've mysql user test set to allow login from % .... and via UFW i've allowed Anywhere ALLOW 192.168.2.0/24
<BillyBoy^B> if i'm right this should be enough right?
<BillyBoy^B> to allow connections from local lan to that machine wtih that user
<henkjan> BillyBoy^B: by default mysql-server is not listening on external interface but only on localhost
<BillyBoy^B> hmm ok.. and where can i allow it.. do you know?
<henkjan> BillyBoy^B: /etc/mysql/my.cnf
<henkjan> bind-address           = <your-ip>
<BillyBoy^B> huh shit mysql is binded by default... omg
<jpds> BillyBoy^B: To the local address right?
<BillyBoy^B> now it works
<BillyBoy^B> henkjan thx
<bpgoldsb> henkjan: Do newer Xen kernels talk back to older hypervisors without issue?
<vegar_> Hi, I'm running a system-wide pulseaudio server to receive sound from computers around the house to play on my speaker system. I'm encountering two issues, one of which is after the server has run for around 24 hours, the network interface on the server stops listening to traffic of any sort(incl. ssh). Restarting networking on it solves it, but it's still fairly annoying.
<henkjan> bpgoldsb: i'm running the lucid 2.6.32-302-ec2 kernel on my domu vms without any problems
<vegar_> anyone encountered something similar?
<bpgoldsb> henkjan: Running Lenny or Etch as the Dom0?
<vegar_> The server does not have the same problem when I'm not running the pulseaudio server, thus leading me to believe pulseaudio is the culprit
<henkjan> bpgoldsb: lenny
<bpgoldsb> henkjan: Did you have to set the clocksource, or was that not an issue for you?
<axisys_> zul: thanks
<nucc1> how do i make my postfix respond to sender address verification requests?
<zoopster> anyone know of a updated amazon AMI tool .deb that may be in a PPA somewhere?
<jpds> Maybe smoser.
<axisys_> ok /etc/apache2/sites-enabled/default-ssl is pointing to the following
<axisys_> SSLCertificateFile    /etc/ssl/certs/puppet.crt
<axisys_> SSLCertificateKeyFile /etc/ssl/private/puppet.key
<smoser> zoopster, hold on
<axisys_> the modulus are matching on key and crt file
<smoser> zoopster, https://launchpad.net/~ubuntu-on-ec2/+archive/ec2-tools
<axisys_> but i am still getting this error
<axisys_> [Wed Mar 24 00:17:06 2010] [error] SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
<smoser> the karmic ones are probably fine for intrepid or jaunty
<axisys_> any idea why?
<zoopster> smoser: you rock thanks
<mathiaz> hggdh: hi!
<mathiaz> hggdh: what's up with the UEC test rig? Are you using it?
<hggdh> mathiaz: yes, I am running the tests
<hggdh> mathiaz: you need it?
<mathiaz> hggdh: not for noow
<hggdh> mathiaz: OK. Then we may have a problem. The maximum instances test failed
<mathiaz> hggdh: how?
<hggdh> mathiaz: all 64 sessions go into pending, then are terminated
<hggdh> mathiaz: same with 32 sessions
<mathiaz> hggdh: is starting one instance working?
<hggdh> mathiaz: yes, just did it, then started 7 more, which worked, now I am adding 8 more
<hggdh> mathiaz: 16 sessions (starting as I described above) working. Will stop all, and start 16 in one single sweep
<mathiaz> hggdh: seems like a good plan
<hggdh> mathiaz: -n 16 worked. Adding 8 more
<hggdh> mathiaz: ah, got it:  Not enough addresses left in the network subnet assigned to requested group: default
<mathiaz> hggdh: ha - makes sense then
<hggdh> mathiaz: so we either increase the address allocation, or decrease the stress test
<mathiaz> hggdh: increase the address allocation
<mathiaz> hggdh: hm - I though there was more than 16 addresses allocated thogh
<hggdh> mathiaz: roj. Should it be documented somewhere?
<mathiaz> hggdh: we should the preseed files
<mathiaz> hggdh: to configure an infrastructure that supports maximum number of instances the hardware can run
<mathiaz> hggdh: the public ips are: 10.55.55.100-10.55.55.240
<mathiaz> hggdh: that should be more than enough for the testing
<hggdh> so the CC /etc/eucalyptus/eucalyptus.conf is seeded from there?
<hggdh> mathiaz: (I see a VNET_ADDRSPERNET="32" there)
<mathiaz> hggdh: right
<mathiaz> hggdh: is 32 the limit you've hit?
<hggdh> mathiaz: not sure, will check now
<hggdh> mathiaz: 24 seems to be the limit\
<mathiaz> hggdh: -n 31 fails?
<mathiaz> hggdh: make sure that there aren't instance running
<mathiaz> hggdh: another way to test it is to create a new security group
<mathiaz> hggdh: and try to start instances there
<hggdh> mathiaz: will do it simple first
<hggdh> mathiaz: but, anyway, this does not explain why starting 66 sessions from idle does not leave any sessions running
<mathiaz> hggdh: right - creating a new security group makes sure you're starting from scratch
<mathiaz> hggdh: 66 -> you're above the 32 limit for a single security group
<mathiaz> hggdh: it should fail IIRC
<mathiaz> hggdh: however starting -n 31 instances in a security group should work
<hggdh> mathiaz: I have just terminated all of them, and will start 31 now
<mathiaz> hggdh: I've updated the test case to cover the maximum number of instances
<hggdh> mathiaz: thank you
<hggdh> mathiaz: how long should it take for the instances to get to running? 31, this run
<hggdh> mathiaz: 10 minutes?
<mathiaz> hggdh: hm - it should be fast actually
<mathiaz> hggdh: what's the scheduling policy?
<hggdh> mathiaz: round-robin
<mathiaz> hggdh: ok
<hggdh> mathiaz: right now, 8+ minutes from the euca-run-instances -n31, and all are pending
<mathiaz> hggdh: ok - it may take more time
<mathiaz> hggdh: the NC needs to prepare the local files for each disk
<mathiaz> hggdh: which takes a lot of IO
<mathiaz> hggdh: so it may take more time
<hggdh> mathiaz: roj. So we may be on disk contention
<mathiaz> hggdh: probably
<mathiaz> hggdh: you can log on one of the NC and double check
<hggdh> mathiaz: will do
<hggdh> mathiaz: complete failure. No nodes running
<mathiaz> hggdh: hm - and 16 works correctly?
<hggdh> mathiaz: roj
<mathiaz> hggdh: next step is to log on the NC
<mathiaz> hggdh: on one of the NC
<mathiaz> and go through the logs to figure out what failed
<hggdh> mathiaz: any one should do, right?
<mathiaz> hggdh: I usually grep from one of the instance ID
<mathiaz> hggdh: yes
<mathiaz> hggdh: you may need to figure out which instance ID had been running on which NC
<mathiaz> hggdh: you can look at the cc.log on the CC
<hggdh> mathiaz: ack
<mathiaz> hggdh: on the CC grep for RUN_INSTANCE in the cc.log file and you should be able to get which NC the instance ID was sent to
<mathiaz> hggdh: and then on the NC you can dig through the log files
<hggdh> mathiaz: /me is confused: on the cc.log all I see (for one of the instances) is:  TerminateInstances(): calling terminate instance (i-32C006C7) on (10.55.55.5)
<hggdh> mathiaz: no previous reference for this instance
<mathiaz> hggdh: the cc.log are automatically rotated
<mathiaz> hggdh: you may find a previous reference in one of the rotated log
<hggdh> mathiaz: still...
<mathiaz> hggdh: how did you start the 32 instances?
<hggdh> euca-run-instances -k mykey $EMI -t c1.medium -n 31
<hggdh> mathiaz: ^
<hggdh> mathiaz: also, $EMI is set to the image I downloaded from the store
<mathiaz> hggdh: ok - you may have run into a bug then
<hggdh> \o/
<soren> jdstrand: Have you guys seen this? http://www.vupen.com/english/advisories/2010/0581
<jdstrand> soren: yes, mdeslaur is looking at it
<jdstrand> soren: thanks for the heads up :)
<soren> jdstrand: Cool.
<soren> jdstrand: sure, no worries. A colleague just pointed it out. I completely missed it myself.
<mdeslaur> soren: they're all kernel issues. we've fixed CVE-2010-0309 already. CVE-2010-0298 and CVE-2010-0306 are waiting for a proper upstream fix, and CVE-2010-0419 I just marked as a kernel issue, so it'll get done with the next kernel updates.
<soren> mdeslaur: Awesome, thanks.
<vegar_> I have installed ubuntu-server on an ideapad laptop. After a while, the machine becomes unreachable from the network. I cannot ping the server, and the server itself is unable to ping any other hosts, including the router.
<hggdh> mathiaz: there is bug 462140 which seems to describe a similar issue. Would you like me to reopen it, or to open a brand new one?
<vegar_> The problem started after installing the pulseaudio server on it and configuring it to listen for incoming audio streams
<mathiaz> hggdh: new one
<mathiaz> hggdh: with a reference to the old bug
<hggdh> ack
<vegar_> The problem occured just now, I cannot ping it. It cannot ping other machines. Are there any tests I could do on it to determine what the problem is? If I restart networking, it solves the problem temporarily, but I'm looking for a more permanent fix.
<sherr> vegar_: suspicious re: pulseaudio .... ideapad is "fairly" new hardware - what is it? Atom?
<vegar_> yeah, atom n270 i believe
<vegar_> it's an ideapad s9e
<vegar_> if I turn off pulseaudio server, the problem never occurs. It's been running for weeks just fine until I installed pulseaudio server
<vegar_> I saw a post somewhere that when RTP is enabled(which it isn't currently) the network can be saturated with multicast packages rendering the interface unreachable
<vegar_> I tried restarting the router/switch as well, but the problem remains.
<sherr> vegar_: Hmmm - do without a oulse server? Maybe you can enable some logging/debug in it and check the logs? Might be something the pulse devs would be interested in? Maybe fixed in a newer version (Lucid)?
<vegar_> Doing without the pulse server is hardly a solution :p It's immensely useful when it works, and it does work most of the time.
<vegar_> The logs seem fine. Are there any tests I can do to see if the network interface is saturated with traffic or some kind of buffer is full or something like that?
<elb0w> I installed the Cloud from ubuntu server and one node. I have added the node. Now whats my next step?
<elb0w> should euca-describe-availability-zones verbose take awhile to respond?
<Pici> elb0w: I know this channel isn't nearly as busy as #ubuntu is, but this is where the gurus are. :/
<elb0w> its fine
<elb0w> Getting an error now though :/ http://pastebin.ca/1851696
<elb0w> People taking time to respond normally allows you to solve your own problems :P
<lullabud> how do i get an ubuntu vmware guest to report its IP# and DNS name to the vmware host (esx)?
<hggdh> mathiaz: the limit on concurrent sessions on the default install seems to be 29, not 32
<hggdh> mathiaz: perhaps IP addresses are also allocated for the CC, SC, etc?
<Sripa> Hi, i need help on setting up UEC...any one can help ??
<Sripa> got few configuration doubts
<Sripa> stuck at a point
<thebwt> don't ask to ask ;) just ask
<thebwt> if somone can help, they will
<Sripa> I have setup uec on i cc and i nc with karmic 9.10
<thebwt> *nods*
<Sripa> I can see my available resources using euca-describe-availability-zones but when i launch an instance (downloaded from uec-images) i jus cant ssh it
<Sripa> It asks me for a password
<Sripa> which i don have
<Sripa> wat to do ?
<thebwt> default password for the ubuntu image.... sec trying to recall (also hitting the wiki)
<Sripa> okay
<thebwt> oops?
<Sripa> I  tried it as ubuntu@IP, admin@IP, root@IP...no luck!
<Sripa> I have a dhcp server running on cc as well as my router...will there be any conflicts ?
<thebwt> if you're getting a password request, it seems that you're connection is just fine
<Sripa> But i got a password request when the ip was 0.0.0.0
<Sripa> but when my dhcp assigned an ip 192.168.10.106 (as my dchp server log shows too) I don even get it
<thebwt> isn't 0.0.0.0 loopback?
<thebwt> ah kk
<thebwt> no wonder I don't recall passwords
<thebwt> euca does it all with keys
<Sripa> the fresh errors in my logs:
<Sripa> 1. I can see from the logs of dhcp server on my router that my instance had been assigned 192.168.10.106 IP though im unable to ssh it. So my instance is assigned an IP successfully though it took sometime to show up on the euca-describe-instances. ssh ing it gives the following error
<Sripa> ssh -vi mykey.priv eucalyptus@192.168.10.106
<Sripa> debug1: connect to address 192.168.10.106 port 22: Connection refused
<Sripa> **I have executed both euca-describe-groups and euca-authorize -P tcp -p 22 -s 0.0.0.0/0 before running the image.
<Sripa> 2. On trying euca-get-console-output i see the following errors.
<Sripa> mountall: mount /mnt [419] terminated with status 32
<Sripa> mountall: Filesystem could not be mounted: /mnt
<Sripa> * Setting preliminary keymap... [80G * Starting AppArmor profiles [80G * Setting up console font and keymap... [80G [ 10.962236] ext3: No journal on filesystem on sda2
<Sripa> mount: wrong fs type, bad option, bad superblock on /dev/sda2,
<Sripa> missing codepage or helper program, or other error
<Sripa> In some cases useful info is found in syslog - try
<Sripa> dmesg | tail or so
<Sripa> mountall: mount /mnt [705] terminated with status 32
<lullabud> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<thebwt> https://help.ubuntu.com/community/UEC/CDInstall
<thebwt> step 7
<thebwt> specifically part 5 and 6
<Sripa> YEs
<Sripa> I understand that
<Sripa> But..
<Sripa> it gives something like this
<Sripa> ssh -vi mykey.priv eucalyptus@192.168.10.106 debug1: connect to address 192.168.10.106 port 22: Connection refused
<Sripa> what does that mean and where am I making a mistake ?
<Sripa> sorry for sounding like an idiot, Im a newbie :)
<thebwt> I'm no pro either, I've just tinkered with it a bit.
<lullabud> Sripa: "connection refused" usually means there's no ssh server listening on your target host, 192.168.10.106
<lullabud> Sripa: at least not on port 22...
<elb0w> Everytime I start a EUCA instance it goes from running to shutting down
<thebwt> my thoughts exactly
<Sripa> ok lullabud, so what do i need to do ?
<elb0w> Any ideas?
<lullabud> Sripa: start an ssh server on that host, it will default to port 22.
<Sripa> elb0w...you sure you are running the right architecture instance ?
<Sripa> coz 64bit ones doesnt run on a 32 bit machine
<elb0w> I have a 64bit head with 32bit node
<elb0w> is that an issue?
<lullabud> Sripa: http://www.cyberciti.biz/faq/ubuntu-linux-openssh-server-installation-and-configuration/
<Sripa> thanks lullabud, but it being a virtual instance
<elb0w> im trying to run a 32bit instance
<Sripa> I don have acces to t hat host
<thebwt> Sripa: are you using a stock image or custom?
<lullabud> Sripa: then call tech support.
<Sripa> @elb I had the same problem before, and running 32 bit image did the trick :)
<Sripa> I am using a stock image
<Sripa> From uec-images.ubuntu.com
<elb0w> so run a 32bit on the cluster you mean?
<Sripa> 32bit
<elb0w> for the image or the actual server?
<Sripa> @elb Think so, not sure buddy..as i said..i am a new bie too
<elb0w> k
<elb0w> ty
<thebwt> hmm I assume those are the same as the ones fetched with the web interface
<Sripa> yes, i too think they are the same ones got from the web UI...isnt it ?
<thebwt> back at those steps, int step 7, did you do part 2 as well? (auth the ssh ports)
<thebwt> that seems to be specifically related to this sort of issue
<Sripa> yes, I did authorize them with euca-authorize command
<Sripa> Is having dhcp servers both on cc and on the router physically connected to nc and cc acceptable ?
<Sripa> or does it raise any conflicts ?
<thebwt> it can
<Sripa> And do i need to allow port forwarding on my router specifically ?
<thebwt> not always, but it is not a good setup
<thebwt> not if you're also behind it
<Sripa> oh ok, yes i am behind a router
<Sripa> My router is WRTN120N linksys and it is Auto dhcp configured
<Sripa> My UEC mode is SYSTEM
<Sripa> have a look at this too .. http://adommeti.webs.com/imagesproject.htm
<Sripa> do I need to configure anything on my router ?...jus in case..
<Sripa> or is it totally related to my configuration on my CC/NC ?
<thebwt> Sripa: don't know, it can be either at this point
<thebwt> either that port is blocked some how, or the ip is wrong or unreachable
<Sripa>  Both the <strong>httpd logs in CC and NC show the following error: ERROR: Disallowed command ///usr/share/eucalyptus/populate_arp.pl</code>
<Sripa> wat does this mean ?
<thebwt> good question, pasted into google yet?
<Sripa> IP is assigned for sure, as my dhcp log shows a new instance of ubuntu running on 192.168.10.106
<Sripa> But i am unable to reach it
<Sripa> yes, pasted it. couldnt find much information though
<Sripa> Also tried it in eucalyptus support forums, but the replies come either very slowly or rarely
<Sripa> I got 10 more days for my project submission, so need to get things right soon, shd say!
<Sripa> BTW...I can ping my instance, supposedly running on 192.168.10.106
<Sripa> But cant ssh/telnet to it
<thebwt> *nods*
<thebwt> telnet should never work :p
<Sripa> Hehe lol! yes
<Sripa> And the axis 2 logs show: OXS ERROR [x509.c:287 in openssl_x509_get_subject_key_identifier] oxs default error , The extension index of NID_subject_key_identifier is not valid
<Sripa> donno wat it means :-/
<thebwt> what version of everything are you using?
<Sripa> I see that support to uec is very less as of now, is it really is ?
<thebwt> err what ubuntu version
<Sripa> I am using ubuntu 9.10 karmic, I got a cd dispatched by canonical to my home
<thebwt> UEC is -very- young right now
<RoyK^> hi all. I have 10+ ubuntu servers running and I want them to be in sync in respect of installed packages and their versions. Any idea what I can use to do this properly?
<Sripa> !pastebinit mountall: mount /mnt [419] terminated with status 32
<Sripa> mountall: Filesystem could not be mounted: /mnt
<Sripa> * Setting preliminary keymap... [80G * Starting AppArmor profiles [80G * Setting up console font and keymap... [80G [ 10.962236] ext3: No journal on filesystem on sda2
<Sripa> mount: wrong fs type, bad option, bad superblock on /dev/sda2,
<Sripa> missing codepage or helper program, or other error
<Sripa> In some cases useful info is found in syslog - try
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<Sripa> dmesg | tail or so
<thebwt> Sripa: I have no idea then, the ip seems to be correct (because you can ping it), the port just isn't opening..
<thebwt> Sripa: stop pasting into here
<thebwt> Sripa: use pastebin
<Sripa> okay, sorry i didnt knew that
<RoyK^> erm.. anyone?
<Sripa> I get the following error in doing euca-get-console-output on the running instance http://paste.ubuntu.com/400746/
<Sripa> anyidea wat it means ?
<pmatulis> RoyK^: landscape
<pmatulis> https://landscape.canonical.com/
<Sripa> And what I also find weird is when i ssh to 0.0.0.0 It asks me for a password, but after a while when it gets an IP from the dhcp, it says connection refused, not even a password...why ?
<thebwt> not sure, but I don't think 0.0.0.0 is related at all
<RoyK^> $150 per node per year. I wonder if something open exists, oer perhaps it's worth it
<Sripa> yes, I too think the same.
<thebwt> RoyK^: there are ways to do it free, I can't name them off hand, but I know ti can be done. Sorry I can't be more help.
<RoyK^> I think 0.0.0.0 will connect to localhost
<Sripa> @Roy^K yea think so...but giving the root password doesnt logs me in :-D
<Sripa> What does this in euca-get-console-output mean ?: mountall: mount /mnt [419] terminated with status 32
<thebwt> Sripa: not sure, to be honest
<Sripa> oh ok, do you think i need to try lucid instead ?
<thebwt> Personally, I would.
<thebwt> Though if the issue is ntwrok related, this wont change anything
<Sripa> yes, that is there..
<Sripa> Is it an issue with my router ? I have also tried it on my college network...but the same result
<thebwt> can't tell
<thebwt> brb
<Sripa> My college network is also a dhcp network
<Sripa> okay
<Sripa> Anyone else out there with similar issue ?
<RoyK^> any idea how Canonical defines a "node"?
<RoyK^> is it a machine or any 64MB RAM VM with ubuntu?
<Sripa> don think so
<RoyK^> don't think what?
<Sripa> Any machine which can offer its resources, and on which VM's can be run
<Sripa> so shd have VT on it
<Sripa> for sure!
<Sripa> And the more the RAM, more can be allocated to the VM's
 * RoyK^ emails Canonical
<thebwt> hrmm
<thebwt> well if a NC is a node controller
<Sripa> So what do you think i gotta do thebwt
<Sripa> Are there anymore forums apart from eucalyptus support ?..
<thebwt> nope
<Sripa> Many on eucalyptus forums had similar problems, few got solved, few didnt. or atleast they didnt post them
<thebwt> this si the best place for questions honestly, the issue is that we don't fully understand your site, and can't do so unless we are there
<thebwt> yea, people don't post when they have no problems :p
<Sripa> okay
<Sripa> I will put my situ we explained on my site and get back tomorrow, will it do ?
<Sripa> Wit screen shots, if possible :P
<Sripa> btw...are you able to open http://open.eucalyptus.com/
<Sripa> It says Forbidden for me :-/
<thebwt> I am
<Sripa> You mean you can ?
<Sripa> oh yes, i jus got it :)
<thebwt> also: nodes are instances/vms, a Node controller runs nodes
<thebwt> @ RoyK^
<Sripa> Have a look at this to better understand my problem
<Sripa> http://open.eucalyptus.com/forum/image-running-cannot-connect-my-instance
<RoyK^> thebwt: haha - so if using Landscape a new VM will cost me $150?
<RoyK^> that reduces the likelyness of purchasing Landscape with a small truckload of percent
<thebwt> RoyK^: lol not sure
<zul> mathiaz: the mysql testsuite is available as a deb now
<Sripa> Also this is an almost a same one but SOLVED: http://open.eucalyptus.com/forum/problem-accessing-image
<RoyK^> these days, I use a new VM for most stuff instead of installing whatever app on an available server
<RoyK^> far easier to manage
<Sripa> please let me know when you are done with them..
<thebwt> Sripa: I have to go away for a bit, good luck with your issue (give lucid a spin)
<thebwt> I have som stuff to work on ;)
<Sripa> yeah ok
<Sripa> see you again, ifpossible
<Sripa> thanks
<Sripa> bubye!
<thebwt> no problem, good luck!
<mathiaz> zul: have you checked whether the mysql tests can be run if the package is installed?
<zul> mathiaz: they should be there is documentation all over for it
<mathiaz> zul: have you tried to run it?
<mathiaz> zul: there may be some issue with the path
<zul> mathiaz: not yet
<incorrect> my isp has given me 5 static ip addresses, however they use dhcp to configure them,  my firewall has 2 nicks, which means unless i can create multiple interfaces configured with dhcp i can't use more than one
<incorrect> so i wonder, can i use vlans to create multiple interfaces on the same vlan
<jeffesquivel> incorrect, how about using virtual network interfaces?
<incorrect> jeffesquivel, tried that,
<jeffesquivel> incorrect, do you need to use vlans or you want to use them just to have the multiples ip addresses?
<lenios> why do you want to use more than one?
<RoyK^> ip addr add dev eth0 1.2.3.4/24
<incorrect> well i am trying to figure out a way to get dhclient to run on multiple virtual interfaces
<incorrect> i thought i might be able to do it with vlans
<RoyK^> incorrect: if it's http, just use the host header
<incorrect> if dhcp is http, err sure
<RoyK^> if you have five ip addresses on a server, where does dhcp get in?
<incorrect> i have 5 static ip addresses, problem is my isp assigns them from dhcp
<incorrect> each interface needs its own mac address
<incorrect> this is not a problem if i have 5 devices or 5 ethX's
<RoyK^> I don't think you can assigne multiple mac addresses on an interface
<incorrect> RoyK, if you can virtualise the interface
<RoyK^> well, of course
<incorrect> else you can could run a vm
<incorrect> vlan's could if you can assign the same vlan create a virtual interface with a different mac address
<RoyK^> but wouldn't it be easier to just set them statically?
<RoyK^> I don't think I've heard of an ISP not allowing static IPs
<RoyK^> yet
<incorrect> well you have now
<RoyK^> then agagin
<RoyK^> again
<RoyK^> why do you need five IPs?
<RoyK^> if it's not for VMs
<incorrect> https
<RoyK^> ah
<RoyK^> ic
<lenios> why does it help?
<RoyK^> is it possible to run these web servers in tiny VMs?
<incorrect> also i don't like my smtp gateway being on the same ip i am nat'ing from
<RoyK^> lenios: you can't use host header with https
<incorrect> no because my firewall is not my vm farm
<RoyK^> omg
<RoyK^> get a new isp
<incorrect> can't
<incorrect> sounds where i live
<incorrect> i am sure its not hard to virtualise
<RoyK^> then use your server as the firewall
<RoyK^> ufw is rather nice and can do much stuff
<incorrect> my servers as a firewall, eh no
<incorrect> err i can write iptables rules, don't nee ufw
<RoyK^> then no,  I have no idea.
<RoyK^> you can prolly do some userspace hacking with iptables and make it work, but don't ask me
<RoyK^> or manual dhcp client hacking
<lenios> can't you do https with only one ip address?
<incorrect> well if you know of a way to assign multiple vlan interfaces to the same vlan that would be good
<RoyK^> but this is way out of the ubuntu server stuff
<RoyK^> lenios: if you have two https servers, yo need two addresses unless you have some wierd extension that I don't think the normal apache supports
<incorrect> RoyK, also your cert would be broken
<incorrect> your server would say, hi i am blahblah,com when you are hehehehe.com
<lenios> why would you want two https servers?
<lenios> behind a nat with limited dhcp
<incorrect> 5 static ip address is enough for 5 https sites
<RoyK^> seems it's rfc2817 for https to work
<jeffesquivel> incorrect, have you read this: http://ubuntuforums.org/showthread.php?t=483375  ?
<RoyK^> and that should be supported on recent apache versions
<incorrect> :)
<incorrect> looks interesting
<jeffesquivel> incorrect, I think OP may be using your same ISP
<jeffesquivel> incorrect, but he doesn't answers to say if it did work
<incorrect> jeffesquivel, looks promising
<jeffesquivel> incorrect, yep, that's what I thought :-)
<incorrect> thank you
<jeffesquivel> incorrect, np
<lifeless> kirkland: http://people.canonical.com/~kirkland/ubuntu-vm-builder.html seems out of date
<kirkland> lifeless: dreadfully, yes
<kirkland> lifeless: soren has always hated it
<kirkland> lifeless: i'd like to get it up-to-date, and into the vm-builder package itself
<lifeless> ok
<kirkland> lifeless: so that you could point a browser to something local
<lifeless> so I want to make a VM
<lifeless> to do LP patches
<lifeless> so I don't have to change etc/hosts etc etc
<kirkland> lifeless: open a bug against vm-builder, though, and i can try to get it updated
<lifeless> sure
<kirkland> lifeless: what's your goal?
<kirkland> lifeless: and can you just use testdrive?
<lifeless> anyhow, what is the rune I should use to get a VM with a couple of GB of memory, say 4GB of disk, lucid
<lifeless> kirkland: I need persistent storage
<kirkland> lifeless: k ...  yeah, vmbuilder is supposed to do that for you
<kirkland> zul: around?
<kirkland> zul: lifeless is having some trouble with vm-builder
<kirkland> smoser: or maybe you can give lifeless the one-liner?
<lifeless> --help tells me I need to pass parameters that I don't know the value of, and man ubuntu-vm-builder gives me 'cmmand without man apge' :P
<lifeless> info ubuntu-vm-builder is less helpful still
<kirkland> lifeless: gimme a minute
<lifeless> no worries; Ima grab foodstuff anyhow
<jeffesquivel> hmm... gotta leave for classes... bbl
<mathiaz> hggdh: hi
<mathiaz> hggdh: what's the state on the Uec beta1 testing?
<hggdh> mathiaz: I am going over the topologies
<hggdh> so far, no probs
<hggdh> mathiaz: where can I find the stress tests?
<mathiaz> hggdh: in the uec-testing-scripts, you can use the config_multi.yaml
<mathiaz> hggdh: stress testing is build around the functional test
<mathiaz> hggdh: running it multiple times
<mathiaz> hggdh: in a loop, starting multiple instances, etc...
<mathiaz> hggdh: I'm not it's documented in the testcase wiki
<hggdh> mathiaz: thank you, will look at it
<hggdh> mathiaz: for the 'starting multiple' instances... being doing it in many different forms today ;-)
<mathiaz> hggdh: right - the multi instances setup also covers using *multiple* users
<hggdh> mathiaz: OK, that's different. All I did was setup multiple groups, and run then in paralel, per se, start & terminate , etc
<mathiaz> hggdh: groups or users?
<mathiaz> hggdh: I guess you've always used the default admin account
<hggdh> mathiaz: so far, groups
<hggdh> mathiaz: you meant the iso_testing_scripts, right?
<mathiaz> hggdh: yes
<ruben23> anyone here have live email server production
<hink> If i want ssh 4.8 or higher on 8.04 do I have to compile myself?
<hink> ssh server rather
<hggdh> mathiaz: in the iso-testing-scripts there is no config_multi.yaml
<mathiaz> hggdh: *uec* -testing-scripts?
<hggdh> mathiaz: OK. Where is uec-testing-scrupts?
<mathiaz> hggdh: lp:~mathiaz/+junk/uec-testing-scripts
<hggdh> mathiaz: ah. This one I did not have, thank you
<hggdh> mathiaz: and this is run from tcempedak?
<mathiaz> hggdh: yes
<mathiaz> hggdh: I'd suggest to look at the README.testing file
<mathiaz> hggdh: in the uec-testing-preseed branch
<mathiaz> hggdh: on tamarind
<mathiaz> hggdh: it outlines how to use the uec-testing-scripts for testing
<hink> Does anyone know if there is a port of ssh 4.8+ for Hardy?
<hink> ssh-server
<hggdh> mathiaz: thank you
<kirkland> smoser: https://bugs.edge.launchpad.net/ubuntu/+source/eucalyptus/+bug/520707
<kees> mathiaz: can you add bug 423252 to your radar?  it sounds like it needs a lot more investigation.
#ubuntu-server 2010-03-25
<elb0w`> Anyone know why im getting this error when trying to run UEC?  libvirt: internal error no supported architecture for os type 'hvm' (code=1)
<lifeless> hmm, no love for u-v-b
<kb9vqf> Any chance of getting this patch for apr-util into the repositories?
<kb9vqf> https://bugs.launchpad.net/ubuntu/+source/apr-util/+bug/525629
<kb9vqf> It's breaking builds of other packages ATM
<kirkland> smoser: https://bugs.edge.launchpad.net/ubuntu/+source/eucalyptus/+bug/506332
<smoser> kirkland, lp: ~ubuntu-on-ec2/ubuntu-on-ec2/cloud-utils
<kb9vqf> Any chance of getting this patch for apr-util into the repositories?
<kb9vqf> https://bugs.launchpad.net/ubuntu/+source/apr-util/+bug/525629
<kb9vqf> It's breaking builds of other packages ATM
<kb9vqf> ;-)
<lifeless> kirkland: https://code.edge.launchpad.net/~lifeless/ubuntu/lucid/vm-builder/fixes/+merge/22094
<lifeless> kb9vqf: just repeating the question won't get it addressed more quickly.
<lifeless> that should be trivial. kirkland: can you upload apr-util ? with https://bugs.launchpad.net/ubuntu/+source/apr-util/+bug/525629 applied ?
<kb9vqf> lifeless: Sorry; didn't know if anyone "heard" it
<kb9vqf> I'm used to being on these channels when no one else is
 * kirkland looks
<lifeless> kb9vqf: it has ubuntu-sponsors subscrbied already
<lifeless> kb9vqf: which is what is required, but queue processing can be ... sporadic.
<lifeless> kirkland: thanks! and if you apply my little vm-builder patch there will be one less open bug.
<kirkland> kb9vqf: i'll upload
<kirkland> lifeless: any reason why bzr commit doesn't use sensible-editor?
<lifeless> kirkland: you're assuming it doesn't.
<lifeless> kirkland: do you have EDITOR set ?
<kirkland> lifeless: i'm pretty sure it doesn't ...
<kirkland> lifeless: ah, but sensible-editor does one more nice thing ... it runs select-editor
<kirkland> lifeless: such that you don't get dumbed into using nano
<kirkland> lifeless: and sensible-editor then DTRT with EDITOR
<lifeless> kirkland: ok, so I've checked. We don't run sensible-editor at the moment.
<kirkland> lifeless: twould be really nice :-)
<lifeless> however we do check EDITOR and BZR_EDITOR
<lifeless> we generally avoid depending on os-specific helpers
<kirkland> lifeless: yeah, but all the other good debian tools use sensible-editor, if it's available
<lifeless> kirkland: e.g. if EDITOR isn't set, we try editor, vi, pico, nano, joe
<lifeless> kirkland: so arguably, if you have EDITOR set to something you don't want to use.... thats a bug in your config.
<lifeless> I'll check that sensible-editor meets our needs though
<lifeless> kirkland: we need an editor that does not return until the file is changed
<lifeless> sensible-editor doesn't specify what it does in this regard
<kirkland> lifeless: well, it's more that default Ubuntu uses nano
<lifeless> kirkland: does default Ubuntu set EDITOR ?
<kirkland> lifeless: which is fine and dandy, i guess, as we're trying to be the distro for the masses
<kirkland> lifeless: but nano sucks so badly for non-newbie users
<kirkland> lifeless: so we hacked sensible-editor to do something really cool in Intrepid
<lifeless> kirkland: why doesn't default ubuntu set EDITOR to sensible-editor ?
<kirkland> lifeless: basically, ask you to select your editor the first time
<kirkland> lifeless: circular dependency, i think
<lifeless> kirkland: meh, solvable
<kirkland> lifeless: but that's a decent question
<kirkland> lifeless: kees do you know why we don't?
<lifeless> if $EDITOR == sensible-editor, ignore $EDITOR
<lifeless> kirkland: specifically, man select-editor claims that EDITOR wins over SELECTED_EDITOR
<lifeless> kirkland: *and* bzr chooses vi before nano if EDITOR is not set
<lifeless> so it seems to me that EDITOR must be set, and set to nano.
<lifeless> changing it to be set to sensible-editor would seem to make this all nice and lovely - for more than just bzr
<kirkland> lifeless: cool, let me check on that
<kirkland> lifeless: doesn't appear we set EDITOR
<kirkland> lifeless: i have a pending patchset for bash, i'll test and tuck that in too
<lifeless> kirkland: ok, so to confirm:
<lifeless> you don't have EDITOR set
<lifeless> and bzr is showing you nano ?
<lifeless> do you have vi (not vim) installed?
 * kirkland clears out his config and tests
<kaushal> hi
<lifeless> kirkland: oh, and VISUAL - check that too
<kaushal> I have questions about ossim
<kaushal> no one is replying me at #ossim
<lifeless> kirkland: we check BZR_EDITOR, global config, $VISUAL, $EDITOR, then /usr/bin/editor', 'vi', 'pico', 'nano', 'joe'
<lifeless> kaushal: what is ossim ?
<kaushal> Open Source Security Information Management
<kirkland> kb9vqf: uploaded
<kirkland> lifeless: okay, kb9vqf's stuff is uploaded, let me test
<lifeless> kaushal: quite a mouthful :). Whats its relevant to Ubuntu server ?
<kaushal> http://www.alienvault.com/community.php?section=Home
<kirkland> lifeless: if EDITOR= and VISUAL= and I bzr commit, i get dropped to nano
<lifeless> kirkland: do you have /usr/bin/editor ?
<kirkland> export EDITOR=/usr/bin/sensible-editor
<kirkland> is notgood
<kirkland> hanging my system
<lifeless> kirkland: so we need to patch it ;)
<kirkland> heh
<lifeless> kirkland: do you have a /usr/bin/editor
<kirkland> load coming down from 53.4
<kirkland> lrwxrwxrwx 1 root root 24 2010-03-01 17:07 /usr/bin/editor -> /etc/alternatives/editor*
<kirkland> lrwxrwxrwx 1 root root 9 2010-03-01 17:07 /etc/alternatives/editor -> /bin/nano*
<lifeless> right
<kirkland> lifeless: and that's the ubuntu default
<lifeless> thats whats being picked up
<kirkland> k
<lifeless> so, is that a candidate for sensible-editor-ification
<kirkland>         select-editor && . ~/.selected_editor 2>/dev/null || true
<kirkland> that's the magic i added to sensible editor some time ago
<kirkland> per-user editor selection
<lifeless> I guess what I'm really saying is that we're already honouring editor selection
<lifeless> so lets fix that editor selection at root
 * kirkland looking
<lifeless> it will likely require a code change to the sensible-editor glue
<kirkland> yup
<kirkland> lifeless: okay, i think i have it
<lifeless> cool
<mathiaz> hggdh: are you still using the uec test rig?
<kalesian> Hi. Does anyone know how to set fan speed on Proliants?
 * kb9vqf thanks kirkland
<kaushal> kalesian, the manual will defintely say :)
<kirkland> lifeless: http://paste.ubuntu.com/400910/
<kalesian> kaushal: hmm, I've been looking for solutions for about half a day now
<RoAkSoAx> kirkland, i've jsut noticed thsi message while testdriving: pci_add_option_rom: failed to find romfile "pxe-virtio.bin"
<kirkland> lifeless: and after that, we can safely set EDITOR=/usr/bin/sensible-editor in Ubuntu :-)
<kaushal> kalesian, whats your model
<kalesian> kaushal: the manual says how to replace them and how to install hp's health-monitor, but not actually how to set
<kaushal> ok
<kalesian> kaushal: Proliant DL585 G1
<kirkland> lifeless: i uploaded the sensible-utils change
<kirkland> RoAkSoAx: sudo apt-get install kvm-pxe
<kirkland> RoAkSoAx: oh, testdrive is in universe so it could/should pull those in
<kaushal> kalesian, did you contacted HP support center ?
<RoAkSoAx> kirkland, right, but has this been change recently or created recently, since Its the first time I ever see that warning. Or it could be because I just upgraded
<kalesian> hmm, not yet, I'm not sure they'd support this model anymore
<kirkland> RoAkSoAx: recent change i made to qemu-kvm caused this
<kaushal> ok
<kaushal> is it outdated ?
<kalesian> well, I think they're on G5 now or G6.
<kaushal> which ubuntu server have you installed on it ?
<kalesian> 9.10
<kaushal> please shoot a email to ubuntu-server@lists.ubuntu.com
<kaushal> I am sure you will defintely get an answer
<kalesian> okay, thanks
<kaushal> np
<RoAkSoAx> kirkland, yep I guess it is not being pulled by testdrive since I installed and it didn't pulled it automatically
<kirkland> RoAkSoAx: i'm uploading a fix now
<RoAkSoAx> kirkland, awesome. Anyways, I was wondering if you already decided about the change of the ISO list creation and ubuntu+1 name pulling?
<kirkland> RoAkSoAx: done
<kirkland> RoAkSoAx: i have, i need to fill you in on it
<kirkland> RoAkSoAx: i'm at a sprint this week, working very long hours
<kirkland> RoAkSoAx: i fly on Friday, though
<kirkland> RoAkSoAx: so i'll spend some time on the plane reviewing it
<kirkland> RoAkSoAx: cheers ;-)
<RoAkSoAx> kirkland, ok cool :)
<RoAkSoAx> cheers
<lifeless> kirkland: also handle sensible-editor (no explicit path) please, I'm sure someone will try it ;)
<lifeless> kirkland: going to upload the vm-builder change, while you're doing uploads ?
<kirkland> lifeless: sure, will do
<kirkland> lifeless: was off at dinner
<kees> kirkland: not sure; I was leaving the logic on the editor bits up to you and the debian maintainer :)
<kirkland> kees: heh, sure
<lifeless> kirkland: kk
<kirkland> lifeless: http://paste.ubuntu.com/400969/
<kirkland> lifeless: that's a little more robust
<lifeless> yeah
<kirkland> lifeless: okay, now, i'm on your vmbuilder
<lifeless> :>
<lifeless> which reminds me, time to read that man page
<lifeless> is there a gui version of vmbuilder ?
<kirkland> lifeless: nope
<kirkland> lifeless: closest there is is that javascript parameter generator you found
<lifeless> ok
<lifeless> there is a gui virsh though, isn't there?
<kirkland> lifeless: sort of ... virt-manager
<kirkland> lifeless: pushed and uploaded
<kirkland> lifeless: thanks for playing
<lifeless> :>
<lifeless> someday I'll apply for core
 * kirkland goes blog about ssh-import-lp-id
<lifeless> honestly
<kirkland> lifeless: ;-)  +1
<kirkland> lifeless: http://manpages.ubuntu.com/manpages/lucid/en/man1/ssh-import-lp-id.1.html
<kirkland> lifeless: you might enjoy that one
<kirkland> lifeless: useful in UEC instances
<lifeless> cute
<lifeless> man, wifi can suck sometimes
<lifeless> 2.4MB over wifi from my local server
<lifeless> :<
<lifeless> kirkland: loving my new lenovo :P
<furuno> hello, I'm having the phpmyadmin "Cannot start session without errors, please check errors given in your PHP and/or webserver log file and configure your PHP installation properly." error on a ubuntu server 9.10. I've checked where the sesion is stored(/var/php) and confirmed that it's accessable. I check the log, but can't find any phpmyadmin related error on my apache log. I'm installing phpmyadmin with apt-get. However, o
<furuno> *Anyone?
<furuno> oh, and during installation, I've configured my machine as LAMP server
<furuno> uh-on anyone here? :/
<furuno> well solved, thanks anyway :/
<ruben23> hi anyone have idea on this error log ----> http://pastebin.com/HJwvi06g
<ruben23> and also this----> http://pastebin.com/vGw1pKHu
<sherr> ruben23: yopu havew a networking problem : mount: No route to host
<sherr> Whichever server you atre using NFS with (mount).
<ruben23>  sherr: the ubuntu server
<ruben23>  sherr: how do i remove the mount..?
<sherr> Lots of resources around on the web about NFS/mount etc. - Be good if you knew how to solve this. It is very basic.
<sherr> An NFS mount will be defined in your /etc/fstab file
<sherr> See : man mount , man exports , man nfs - and lots of other resources on NFS = NETWORK File System
<sherr> (assuming this is NFS, mind you ...)
<jeffesquivel> ruben23, hmm... are both errors ocurring on the same machine or on different ones?
<Daviey> zul: Has something "odd" happend with 5.1.41-3ubuntu8 build?  A build that depends on amd64 libmysqlclient16 is reporting that it's broken.  Looking in the archive pool, there only seems to be an AMD64 ubuntu8, but nothing with mysql is reporting a FTBFS.
<AcidBanger> Goodmorning everyone.
<AcidBanger> I have a question about making clones over network and deploying them :) what program would you guys suggest to use and wich version of Ubuntu server since it is for a company.
<sherr> AcidBanger: maybe look at Clonezilla - and for Ubuntu Server - the current release (9.10)
<AcidBanger> You think that is the best way ? and since I am gonna use it in a company isn't it better to use 8.04 Ubuntu since it is still getting a 3 year support ?
<Pierreb> anyone know of some good mailfilter/spamfilter thats opensource and "enterprise" grade?
<Jeeves_> Spamassassin, Amavisd-new, MailScanner
<Jeeves_> There are nice frontends for amavisd-new too, iirc
<RoyK> dspam is nice
<RoyK> dunno if it's ported to osol, but I think so
<jasonmchristos> i have a desktop i am going to run my server on and 4 ide hd's if i use lvm these can be run as 1 partition i know, but does lvm offer any redundany incase 1 drive fails so it will not break my whole lvm partition?
<jasonmchristos> i am asking because using 4 ide hds increases the chances of failure 4 fold
<jasonmchristos> please tag the response with my name as i am going to minimize the window
<zul> Daviey: not that I know
<Zider> jasonmchristos: as far as I know, LVM doesn't have any redundancy at all
<Daviey> zul: 11:03:51 < slangasek> unfortunately, the new package that's causing mysql to be held up in the queue is broken and built for the wrong  architecture (arch: all when it should be arch: any); let me fix this properly before letting it through
<zul> Daviey: fu..k
<pmatulis> jasonmchristos: you can use mirroring with lvm.  this will provide fault tolerance
<elb0w> Has anyone setup the cloud?
<elb0w> Im trying to get the ssh keys to work
<elb0w> not sure if im supposed to use one of the files from the server or generate my own
<bogeyd6> Has anyone backported landscape-common or update-motd
<zul> to what?
<bogeyd6> zul, to hardy
<bogeyd6> Has anyone backported landscape-common or update-motd to Hardy?
<maxo> hi
<maxo> does anyone here know about running ubuntu server virtually on top of windows? is this feasible/a good idea?
<twb> Running ANYTHING on top of Windows is likely to be a bad idea.
<twb> At least for production purposes.
<maxo> twb: here's my requirements: I want to set up a server with Trac and SVN for development purposes. In-house we use .NET a lot so it would be good to have the server running as a staging server also. But I'm not sure what the best way of combining all this is?
<twb> Drop apache2, trac and subversion directly on Windows?
<twb> I dunno; if you're doing .NET you're probably already fucked.
<Jeeves_> twb: :)
<maxo> I'd like to have a linux server tho :-)
<twb> (de Icaza's mania notwithstanding)
<maxo> ... but I don't know how :-(
<twb> maxo: deploying  it on real hardware will be less hassle, IMO
<maxo> I've been using virtualbox but I don't know how well it scales in a server environment
<twb> I'm a bit biased against virtualbox because it tries to be hand-holding desktop-in-desktop GUI wank, and I'm only interested in command-line server-in-server roles.
<twb> That and the bits Sun wrote after they bough vbox tend to be non-Free software
<elb0w> maxo I have done it
<maxo>  I don't know though whether it can all be automated. Like at the moment I have to start it up, click a start button to start the system etc.
<maxo> elb0w: how did you do it?
<elb0w> using sun virtual box
<elb0w> but since it was small I ended up buying a netbook and loading it
<elb0w> I didnt like sharing the resources
<twb> maxo: well, if vbox is running on Windows, you'd have to ask ##windows about how to automate it
<maxo> I've got ubuntu server running on vbox on my windows desktop machine and it runs fairly nicely. but a server is a different matter I would have thought
<elb0w> why?
<elb0w> Depends on the load
<elb0w> You tell the vbox how much resources you are going to give it
<elb0w> It wont go over that
<twb> Well, you don't care about tunnellling AIGLX to the guest OS with a server
<twb> (Stupid compiz users...)
<maxo> but I mean in terms of automation. and also port forwarding is a bit of a concern
<elb0w> hey compiz-fusion + beryl gives nice effect :o
<twb> maxo: just set it up in bridged mode.
<twb> elb0w: I really *REALLY* don't care.
<elb0w> hahaha
<twb> if you want nice effects, go drop some acid and stop hogging the cycles
<maxo> twb: but what if I send a request for port 80 to the host system (windows) - how does it know whether to connect to a process listening on port 80 in windows or the ubuntu guest in vbox?
<twb> maxo: just set up a network bridge
<twb> maxo: then your VM will present itself (mostly) as a separate host, at the IP layer.
<twb> (Obviously it's not separate at the 802.3 layer)
<elb0w> hey twb have you played with the UEC?
<twb> Nope
<elb0w> k
<maxo> what about kvm or xen? I'm looking at them and they look a bit more enterprise-seriousy than vbox?
<twb> Depending on whether you want zones or full emulation, I would recommend either LXC or KVM.
<twb> I am right-royally sick of OpenVZ and Xen for zones.
<maxo> what are zones vs. full emulation?
<twb> A zone/jail is where some resources, particularly the kernel, are shared with the host OS.
<twb> As a cute example, I can run dhclient3 in a jail that has its own networking stack and process table, but shares the filesystem with the host OS.
<twb> But more practically, you'd often use zones to give idiot PHP coders their own sandboxes in which to break their own copies of apache, without breaking those in the other sandboxes.
<elb0w> you mean php scripters
<twb> Whatever
<elb0w> haha
<elb0w> php is so messy, I dont get how people use it
<twb> Anyone that thinks HTTP is a better transport than NeWS for thin clients.
<twb> (Yes, I know NeWS is dead.  Don't remind me.  Fucking X consortium.)
<elb0w> ok im so confused at this point. I brought down all my nodes on my cloud and the instance is still up
<elb0w> wtf lol
<elb0w> html5 will kill alot of php
<twb> elb0w: gotta get the corporates to drop IE5 and IE6 first
<elb0w> It astonishes me
<ghostlines> hi all, i'm trying to understand what's an acceptable label string for amanda backup, the config file says DailySet1[0-9][0-9]*$   I don't understand what *$ means
<elb0w> that they still enforce IE
<elb0w> my old job my boss got reemed out by IT for using firefox
<maxo> twb: does kvm support full bridging as well? because I'm looking at its documentation now and it seems to say that you can give a virtual os an IP address, but you can only connect to that IP from the host system. but the instructions all seem rather dense, I'm getting worried how difficult this might be to set up!
<twb> maxo: kvm does, but it's a pain in the arse
<maxo> I'm feeling a bit stuck then - I want to set up Trac and SVN on ubuntu with the beauty of a couple of apt commands, but I also want access to a windows environment for asp.net. hmmm
<Jeeves_> maxo: Just drop your second requirement :)
<maxo> Jeeves_: that would make things easier. but our development is predominantly on .NET
<Jeeves_> maxo: Why? :)
<maxo> that was how it was set up when I started the job. and actually, coming from an open-source background, I've kinda been won over by it
<maxo> there's a huge amount of in-house code on .net
<sherr> maxo: VirtualBox works well - use it to host Ubuntu - at least test/try. It will be fine.
<twb> sherr: in what way is it better than every other virtualization solution?
<twb> sherr: or have you just tried one, and are spouting subjective fanboyism?
<sherr> twb: I didn't say it was better. I said it works well. And please stop being obnoxious.
<maxo> well we're getting a new server for just our department and I want to max it out and use it to its full potential. so that's the situation I'm in really
<fvaresi> Hi guys, i'm trying to install ssh2 for PHP in hardy but when running aptitude it tells me it will remove unused apache2 which doesn't make sense. Does anybody have a clue why it may do it?
<Jeeves_> ssh2 for php?
<Jeeves_> Ah, the worker is removed
<Jeeves_> And the prefork apache is installed
<fvaresi> i want to be able to use ssh2_connect and ssh2_scp_recv
<axisys_> i am still having issue trying to start apache2 .. here is my post..
<axisys_> http://www.linux-archive.org/ubuntu-server-development/346095-failing-start-apache2.html
<\sh> php doesn't work with mpm-worker, only with prefork
<fvaresi> i see... thanks guys! I learned something new :)
<mathiaz> hggdh: hi!
<axisys_> should I just reinstall apache2?
<mathiaz> hggdh: I'd like to use the uec testing rig today
<axisys_> how do I remove old apache2 .. apt-get purge apache2 did not remove /etc/apache2
<sherr> axisys_: apache2-common etc. perhaps
<axisys_> Package apache2-common is not installed, so not removed
<axisys_> sherr: ^
<axisys_> how do I find out which pkg /etc/apache2 or /usr/lib/apache2 belongs to?
<axisys_> dpkg -S /path/
<axisys_> thanks
<axisys_> sherr: apache2.2-common
<axisys_> sherr: thanks
<hggdh> mathiaz: go for it, I will do the stress tests when you clear me
<mathiaz> hggdh: great - thanks
<elb0w> Is is odd that I still have an instance on UEC going yet euca-describe-instances is empty
<elb0w> ?
<axisys_> is this document still valid on how to start ssl on apache ?
<axisys_> /usr/share/doc/apache2.2-common/README.Debian.gz
<Jeeves_> axisys_: If you install libssh2-php, it depends on another version of apache
<djveer> Weird, it's looking more and more like all the I/O errors and bad blocks on my test ubuntu server machine was perhaps a corrupt file system. Backed up the data, flattened the system with a fresh install, restored the data and no I/O errors so far
<djveer> I thought it was a pooched drive originally
<jasonmchristos> pmatulis: thanks for that bit of advice on mirroring but the last person to respond said that it does not have mirroring and thats also what i have read
<pmatulis> jasonmchristos: yes, lvm has built-in multi-sided mirroring
<jasonmchristos> thanks is it available from installation?
<sherr> pmatulis: but is LVM mirroring redundant? i.e. if a disk dies, does the volume start?
<sherr> I generally use LVM on top of MD
<jasonmchristos> i heard you need mdad
<jasonmchristos> read i mean
<sherr> I think md raid1 or raid5 is a good idea - put LVM on top.
<pmatulis> jasonmchristos: no, not from installation (although that would be a good thing to have)
<ninjix> sherr: agreed
<pmatulis> jasonmchristos: boot with live cd and configure manually
<sherr> But I know LVM does mirroring - just never used it. My worry would be that it is not redundant like MD "mirroring" (raid1). But I might be wrong.
<pmatulis> jasonmchristos: multi-sided mirroring is special
<gregcoit> is it true that jaunty server support ends in October 2010?
<jasonmchristos> pmatulis: special , how so?
<pmatulis> sherr: what do you mean?  mirroring is mirroring
<pmatulis> jasonmchristos: normal mirror is 2 sided.  with lvm you can have more than that
<jasonmchristos> thats what i thought mirroring implies redundancy
<jasonmchristos> pmatulis: well since its not a default option i am going to have to experiment, for now im just using 1 hd i already have the server setup and am trying to get it to serve my printer
<jasonmchristos> the tutorial im reading says to login to the web interface and configure from there but i dont want to open a security hold by giving it acess to the shadow file so i want to forget web iterface
<gregcoit> ie: non-server, non-lts support is 1.5 years - are ubuntu serves the same?
<jasonmchristos> does anyone know a good tut to help me configur my cups srver
<alvin> jasonmchristos: Yes, use tasksel to install cups, and see the CUPS Administration guide on cups.org. The ubuntu-server guide is also possible, but covers only very little and only points you to the cups web interface.
<jasonmchristos> yeah im on the ubuntu one i added the ort but it doesnt seem to be serving with just that change
<jasonmchristos> thanks guys although i had to just give it acess i think i will make my print server a seperate box in the near future
<djveer> Hey guys, i'm trying to run a shell script I created based off of ... https://help.ubuntu.com/8.04/serverguide/C/backup-shellscripts.html   the simple shell script on that page.. didn't change anything other than the backup destination and a few entries to the backup locations. However when I try to run the script with 'sudo bash backup.sh', it gives me ":command not found:" a bunch of times and doesn't seem to run anything.
<djveer> What am I missing?
<gregcoit> is it true that jaunty server support ends in October 2010 (non-server, non-lts support is 1.5 years - are ubuntu serves the same)?
<\sh> gregcoit, non LTS are always 18 months, there is no difference between desktop or server or NBR
<gregcoit> \sh: thanks!  good to know
<kindjal> Is there any reason to expect a Ubuntu 9.10 netboot install to be different than the ISO install?  Specifically of Ubuntu Enterprise Cluster (UEC)?
<kindjal> The netboot install does not offer an "Install Ubuntu Enterprise Cloud" option, you don't get that until you specify install packages (tasksel)... and then you have an UEC (instance) option, a cluster option, and a node option.  Do these differ from the ISO install?
<MTecknology> Is there any 'privacy policy' posted somewhere for ubuntu?
<jpds> MTecknology: http://www.ubuntu.com/legal
<MTecknology> jpds: in a launchapd question somebody said that's not good enough
<jpds> MTecknology: Link?
<MTecknology> https://answers.edge.launchpad.net/ubuntu/+question/104897
<Bookman> I would like to transfer a file to my webhost server via ftp, but I want to do it from a shell command.  Is there a command for that?
<MTecknology> Bookman: ftp?
<MTecknology> last i knew ftp works fine from the shell
<Bookman> Is the command just ftp?
<MTecknology> yup
<MTecknology> !ftp
<ubottu> FTP clients: Nautilus (Places -> Connect to server), gFTP, FileZilla (for !GNOME); Konqueror, Kasablanca, KFTPGrabber (for !KDE); FireFTP (for Firefox); ftp, lftp (for !cli) - See also !FTPd
<MTecknology> ...
<MTecknology> !info ftp
<ubottu> ftp (source: netkit-ftp): The FTP client. In component main, is standard. Version 0.17-19 (karmic), package size 52 kB, installed size 164 kB
<Bookman> Got it, thanks!  I've just never tried it from the cl before.
<MTecknology> Bookman: i have, but I hate ftp so I'm not much help beyond that
<Bookman> No problem, I will refer to the manual.
<Bookman> Is there an easier way to transfer files between my local machine and my webhost?
<Bookman> Will scp work?  I don't have remote shell access on the webhost
<MTecknology> Bookman: you need ssh on their side to use scp or rsync afaik
<dassouki> i have ubuntu server installed; i installed sun's 6 java/jdk
<dassouki> I still get a java_home error
<dassouki> so in etc/profile i added export path=$path:/usr/lib/jvm/java-6-sun-1.6.0.16/bin/
<dassouki> and i still get the error that java_home is improperly set
<dassouki> any ideas on how to trouble shoot this problem ?
<wack479> hello, i am working with mdadm and was able to create raid, and copy files, but after restart the partition on the raided drives had been deleted, and the raid array was gone. Any ideas what is going on?
<Infra-red> dassouki: Not sure about JAVA, but shouldn't the path be all capatlized?
<Infra-red> ie PATH=$PATH:....
<wack479> anyone?
<cemc> wack479: you mean you don't have /dev/mdX ?
<dassouki> Infra-red: it is in the file
<Infra-red> dunno then... don't do much with Java.  Google might have some help.  First link I found talks about setting up several environment variables and not just your path.
<dassouki> aa
<dassouki> yaa
<dassouki> thanks ..
<wack479> cemc: yes /dev/md0 no longer exists, and when i "fdisk -l" it says
<wack479> cemc: "Disk /dev/sd*  doesnt containt a valid partition table"
<wack479> cemc: but partitions were there b4 the reboot
<cemc> stange
<cemc> you sure about that? :)
<wack479> cemc: yeah, i had been working on it for a while, b/c i had some issues getting it to work, and it ended up being a software glitching with mdadm, the raid was working and mounted
<wack479> cemc: even did some rsycn backups to the array
<sherr> wack479: /proc/mdstat <-- first port of call for MD trouble
<sherr> Then syslog etc.
<wack479> hey again sherr!
<sherr> Maybe /etc/mdadm/mdadm.conf
<wack479> mdadm.conf is empty
<sherr> Hey - Should be some indication of the problem somewhere ... :-)
<wack479> agreed!
<cemc> wack479: you had autoraid partitions defined on sda, sdb etc?
<wack479> cemc: yep
<cemc> wack479: then you mdadm --create ? the mkfs, and mount ?
<wack479> cemc: yes mkfs ext4
<wack479> i believe
<wack479> yes it was ext4
<cemc> you sure you created partitions on sda, sdb etc, and not used the whole disk in --create'ing ?
<wack479> yes, did it separate using fdisk
<cemc> those disks are real disks or some external storage or something else, could've they "disappeared" somehow? or did you active some hardware raid after reboot or something?
<wack479> created partition, then changed type etc
<cemc> did they get reinitialized maybe, I dunno, just guessing
<wack479> no they are actual drives, and i can seem them from here
<wack479> no didnt change anything in the bios
<wack479> thats whats so weird
<cemc> it's a mistery then ;)
<cemc> did you try another reboot? are you looking at the right disks with fdisk?
<wack479> yes, and yes lol
<cellZero> Anyone know of good *nix network monitoring and analysis tools?
<cemc> wack479: weeeelll... I would probably try to recreate the partitions with the exact same parameters as before, on one disk, and i would try to assemble the array in degraded mode (i'm guessing it's a raid1)
<wack479> its raid 5 actually
<cemc> umm
<wack479> um? lol
<nxvl> kirkland: ping
<cemc> wack479: I guess you can try the same with raid5 too, but I don't know, never installed a raid5 in linux
<nxvl> kirkland: i'm trying to set up an UEC testing environment, is there any way i can do it without real hardware?
<cellZero> exit
<MTecknology> jpds: did you ever take a peak at that link?
<M0n3ySh0t> having trouble mapping an ubuntu samba share to a windows drive, what is the unc for this?
<wack479> moneyshot: does it work using the ip addy?
<arch0njw> wack479: he is also over in #kubuntu asking the same question and receiving help.
<wack479> arch: k thnx
<arch0njw> wack479: fwiw, the IP does work for him, but it is apparently not recognizing the share name.
<wack479> hmm, interesting
<wack479> gotta be a sbm settting
<wack479> *smb
<arch0njw> aye.  sounds that way.  share is configured, but not properly to be visible.
<arch0njw> ^^^ that's my guess anyway.
<wack479> yeah, mine too, only b/c i have had the same issues in the past, and its always been permissions, etc
<wack479> lol too many times to count! never exactly right the first time i add a share!
<wack479> lol
<cemc> wack479: did you get the RAID stuff back?
<MTecknology> !kvm
<ubottu> kvm is the preferred virtualization approach in Ubuntu. For more information see https://help.ubuntu.com/community/KVM
<geoffmcc> hello. I am running Ubuntu Server 9.10 on 2 machines and a Windows 7 Machine. I have 1st Ubuntu server using ICS to power the rest of my computers
<geoffmcc> i wish to have a counter strike server on ubuntu server 2 but am having problems forwarding ports =- anyone do this b4?
<geoffmcc> i can get the CS server to show on the internet tab using this "iptables -A PREROUTING -t nat -i eth0 -p udp --dport 27015 -j DNAT --to 192.168.10.2:27015" but it shows up 20 times
<kirkland> soren: what did you decide a more reasonable value for /sys/kernel/mm/ksm/sleep_millisecs to be?
<Rafael> anybody know how to eliminate rom ubuntu 3 old installer packages from webmin
#ubuntu-server 2010-03-26
<Rafael> how can i use rsync to copy a folder of my windows client to my ubuntu server?
<kirkland> smoser: cookies in the lobby!!!
<RoAkSoAx> hggdh, you must know this: How do I add a stacktrace in a package hook script or it is added automatically?
<hggdh> RoAkSoAx: apport processing does it: (1) at hook time, the hook is called after a first-try on gdb tracing has been done; (2) at back-office, retrace time, gdb is run again
<bianster> "m wondering if anyone can help. I'm trying to register memdisk as a kernel image on a private UEC but eucalyptus is not recognising it as such, i.e treating it as a normal image (emi-XXXXX)
<bianster> the context is that i'm trying to get a win2k3 instance running on it with kvm. The same issue happens with registering the boot floppy as a ramdisk too
<Bookman> What is the syntax to wput a whole directory?  I cannot seem to get it to work
<twb> Bookman: scp -r foo/ fs:bar/
<Bookman> That works for an ftp connection
<Bookman> ?
<twb> http://mywiki.wooledge.org/FtpMustDie
<Bookman> Ok, but not sure that is going to help me out.:)
<twb> The only way to win with FTP is not to play
<Bookman> Ok, but how else to get a directory up to my webhost?  I think they only support ftp protocol
<twb> Change webhost, or ask them for SFTP :-)
<twb> You can give them the same link
<Bookman> Ok.
<Sripa> Hi ppl...I am trying out UEC on my home network as my project and I have run into a problem as described in here...any help ?? http://paste.ubuntu.com/401512/
<Sripa> My Image is up and running with IP assigned by my DHCP, But when i ssh it I am asked for a password which I dont have !!
<Sripa> guys...please help!
<qman__> sorry, I don't know CentOS
<Sripa> Even with ubuntu uec image, I am asked for the password
<qman__> debconf asks you to enter any passwords needed, there are no default ones set
<Sripa> I think the rsa key isn't getting injected, which might be a cause for the problem...but why ?
<qman__> what's probably going on, is it's supposed to be using key auth
<qman__> but you don't have the key
<Sripa> yes
<Sripa> I have generated the keypair successfully
<Sripa> But I feel it isnt taking it!
<Sripa> What does "Cannot determine ream for numeric host address" mean ?
<Sripa> couldnt find much on googling it too
<Sripa> anybody ?
<Psi-Jack-> No, I'm Psi-Jack.
<Psi-Jack-> I'm curious. Can Ubuntu install domU's as Debian-Lenny, by chance for Xen?
<Sripa> Im using KVM on UEC
<twb> As long as the domu has a domu-capable kernel, it shouldn't care, surely?
<Psi-Jack-> I don't care a spit about kvm. ;)
<Sripa> lol!..but that is what comes by default with uec
<Psi-Jack-> twb: You'd think. But. I just want to know if it's got xen-tools setup to be able to do it.
<Psi-Jack-> Sripa: Which is why I don't use uec.
<twb> Damned if I know
<Psi-Jack-> heh
<Sripa> What all other options we got ?
<Psi-Jack-> Xen
<Psi-Jack-> Pure Xen
<twb> I find it hard to believe that all these new UEC weenies actually have a compute farm to put the cloud on, and aren't just fapping into a bucket because it's the first virtualization system they found
<Psi-Jack-> Heh
<Psi-Jack-> I just downsized from 12 servers into almost 6 now, thanks to Xen methods and clustering a reasonably proper way.
<qman__> I tried xen once, never actually got it to work
<qman__> but that was a while ago, manual install
<Sripa> sorry for tht ppl, but what i need is a probable solution or suggestion as of now..any sugestions ?
<Psi-Jack-> It's not as "easy" as kvm is, for sure.
<Sripa> Yup, and am a newbie :(
<qman__> of course I have no real use for it either
<qman__> if I did I would have spent more time and figured out the problem
<Psi-Jack-> Yeaah. ;)
<Psi-Jack-> Well, I've been building a couple cluster machines just for that very purpose, both to learn and to use.
<Psi-Jack-> kvm has some use, but totally useless on systems I still have that have no hardware virtualization.
<qman__> I don't have any VT-enabled hardware to spare
<Psi-Jack-> You don't need VT-enabled hardware specifically for Xen
<Psi-Jack-> Only kvm.
<Sripa> I am from india and I don have much support over here, I am a student and so trying to something..that is why stuck to uec
<twb> Sripa: UEC is probably not the best choice for a beginner.
<Psi-Jack-> Or enterprise for that matter. heh
<Psi-Jack-> I couldn't believe how unstable, unreliable, over bloated that thing was.
<Sripa> So do you suggest me to tryout Xen on Ubuntu server ?
<qman__> kvm-qemu does work on non-VT hardware, but it's slow as molasses
<qman__> virtualbox and vmware are faster, far as desktop virtualization goes
<twb> qman__: without VT, kvm-qemu is qemu.
<Psi-Jack-> Xen is just Xen. Very nice .;)
<twb> You could paravirtualize with kqemu, but it's flaky IME
<Sripa> twb ?
<Sripa> Should I be trying out Xen, but as you ppl said...it is really hard and I got less than 15days to complete all this!
<twb> Sripa: what are you actually trying to achieve?
<Sripa> I am trying to setup a private college for my campus to host applications on it
<Psi-Jack-> Sripa: Why do you have a time limit on learning?
<Sripa> private cloud sry
<Psi-Jack-> Great.
<Psi-Jack-> Grub2 on Ubuntu 9.10 doesn't like ext4 boot/.
<Sripa> We over here have a timelimit to do our project which sucks :(
<twb> Sripa: you don't need UEC if you only have one host
<Sripa> Now for setting up the cloud I am using UEC
<Sripa> I am clustering 500 odd computers of my college
<Psi-Jack-> Frackin A.. I just went through a full installation of ubuntu 9.10, and it fails to boot.
<twb> Psi-Jack-: unfortunately, neither does extlinux 3.x
<Sripa> But firstly I need to show a prototype..so I am trying it out on my home network
<twb> Sripa: ah, OK
<Sripa> With a two core2duo PC's
<twb> Sripa: then UEC is probably the right thing
 * Psi-Jack- shivers.
<qman__> yeah
<Psi-Jack-> I spent maybe 30 minutes looking at UEC.
<qman__> I haven't done it myself, but UEC is really the only one with that sort of prebuilt kit around it
<Sripa> Yup, but I am running throught a few errors which I am unable to find a solution for
<Sripa> I couldnt find much support online, in forums too
<lifeless> Sripa: what errors ?
<Sripa> I guess UEC is still a new-bie
<Psi-Jack-> No offense to anyone here, but I would rather be hanging my my toenails, secured to my toes by nails, with lemon and sugar-dipped razerblades were slowly peeling away my flesh, before using UEC.
<Sripa> Errors: http://paste.ubuntu.com/401512/
<twb> Sripa: UEC didn't exist twelve months ago
<lifeless> Psi-Jack-: thats very vivid; you could tone it down just a little :)
 * Psi-Jack- chuckles.
<Sripa> I can get my image running, but when i acces it, I am asked for apassword inspite of generatng a keypair successfully
<lifeless> Sripa: what user are you sshing into it as ?
<qman__> Sripa, did you copy the key to your client?
<Psi-Jack-> That's exactly the part I hate /most/ about UEC. The SSL keypairs.
<lifeless> Psi-Jack-: do you mean ssh ?
<Psi-Jack-> No, I mean ssl. Which it uses SSL keys for.
<Sripa> In short, ssh ing it asks as password and the ssh sequence looks like the image at the bottom in this : http://adommeti.webs.com/imagesproject.htm
<lifeless> Sripa: please answer my question
<Sripa> How do I manually copy keys to client ?
<Sripa> lifeless: I am sshing it to root@IPaddress
<lifeless> that won't work
<twb> Doesn't UEC rely on read-only disk images?
<Sripa> of the running image
<lifeless> ssh to ubuntu@IPaddress
<Sripa> Yup, I tried that too...ubuntu@IP...same result!
<lifeless> twb: images are used to seed a filesystem, you can write to the fs of a running image
<qman__> Sripa, IIRC I used ssh-copy-id to do it
<lifeless> twb: and its discarded
<lifeless> Sripa: ok, are you specifying the key name when you do euca-start-instances ?
<twb> lifeless: well, obviously -- a read-only disk image unioned with a cow
<Sripa> lifeless : Yes
<lifeless> twb: no, its not that
<twb> An ephemeral cow
<twb> lifeless: hmm
<Psi-Jack-> Alllriiighty then, trying this once again with an ext3 /boot, xfs / (instead of ext4), and RAID10+XFS /mnt/nas
<Sripa> How do I mount a filesystem of a running image ? while I cant access it and is asking for a password
<lifeless> Sripa: ok. and when you generated the key, did you save the private copy of it locally ?
<Sripa> Yes, I have it in my home directory "mykey.priv"
<Sripa> I can see it!
<Psi-Jack-> My question is, why DOES UEC use SSL keys for all this?
<lifeless> Sripa: try ssh -o mykey.priv ubuntu@ipaddress
<lifeless> sorry
<lifeless> Sripa: try ssh -i mykey.priv ubuntu@ipaddress
<twb> Psi-Jack-: what would you prefer
<Psi-Jack-> My root password.
<qman__> wow
<Sripa> I did that, and it is what gave me that error in here http://adommeti.webs.com/imagesproject.htm
<twb> Psi-Jack-: so, symmetric crypto?
<qman__> I haven't used a root password in years
<Psi-Jack-> No crypto.
<twb> Psi-Jack-: so basically you want to talk telnet to the cloud
<twb> That doesn't strike me as a good idea
<lifeless> Sripa: that error shows root as the username
<lifeless> Sripa: it has to be ubuntu
<Psi-Jack-> twb: That's what ssh is for.
<Psi-Jack-> Not to start/stop the instances of virtual machines.
<Sripa> I mean I have tried the same which i didnt capture, I did give the same error :(
<Sripa> This is what the euca-get-console-output like : http://paste.ubuntu.com/401528/ - any clue ?
<Psi-Jack-> To login, securely, and start/stop them, like Xen does easily without all this excessive bloat of SSL encrypting stuff.
<twb> Psi-Jack-: but starting/stopping a VM instance in the cloud will probably involve an RPC
<twb> Xen doesn't have to deal with that because the Dom0 is on the local host.
<Psi-Jack-> Precisely. :)
<Sripa> lifeless: As me if you need any info from logs, i have all of em
<Sripa> Ask me, sorry
<lifeless> Sripa: I'd like to see an error when you try with -i mykey.prive ubuntu@
<Sripa> okay, gimme a few mins, is that fine ?
<lifeless> sure
<Sripa> I will have to reboot. brb
<lifeless> console output looks fine
<Psi-Jack-> twb, qman__: Keep in mind, too. I'm /very/ old school. I use a root password. Anytime I install Ubuntu, it's always the first thing I set.
<lifeless> Psi-Jack-: ssh isn't used to stop/start the vm's
<lifeless> Psi-Jack-: the accesskey/secretkey combination are used to do VM control via the API
<twb> Psi-Jack-: with priority=low or preseeding during installation, you can set it up during the install
<Psi-Jack-> heh
<twb> Unfortunately you have to jump through hoop to ensure that NO user has a valid password.
<Psi-Jack-> Yeah, I don't mind making it simple, and just doing it post-install.
<lifeless> Psi-Jack-: you can create a custom EMI with a root password set. Its easy.
<Psi-Jack-> It's just extremely bad practice to call sudo command, for everything you want to do as root, when you don't truely get all the environment of root by doing so.
<qman__> you can with switches
<twb> Psi-Jack-: *root* is a bad design.  RBACs are better.
<Psi-Jack-> Yeah, -i
<twb> -i only simulates a root login.
<Psi-Jack-> I am curious about this grub2, though for sure.
<Psi-Jack-> heh
<qman__> well, it's only something like half-way done in 9.10
<Psi-Jack-> Yeah? hmmm.
<twb> I'm surprised that grub2 can't talk ext4.
<Psi-Jack-> Well, 10.4's coming out soon. ;)
<qman__> it actually has feature regressions from grub-legacy
<qman__> yeah, here's to hoping they finish it
<Psi-Jack-> Son of a..
<twb> extlinux 4.00~alpha does
<Psi-Jack-> It's STILL giving me Error 15 at boot
<lifeless> twb: hmm ? I boot grub2->ext4 just fine
<twb> It also boots from btrfs, but not with -ocompression :-(
<twb> lifeless: on lucid or karmic?
<lifeless> lucid
<twb> OK, so it does, but didn't.  Shrug.
<qman__> it was definitely jumping the gun in 9.10
<qman__> but I understand why they did it
<twb> qman__: Ubuntu jumping the gun is why I refuse outright to run non-LTS releases
<twb> Moving LDAP to in-database config was another one
<Psi-Jack-> heh, that's openldap, not ubuntu.
<twb> Well, the #openldap people said you guys fucked up
<qman__> grub2 gave me all kinds of trouble, so I gave up and installed grub-legacy
<twb> Maybe they were lying, or I misunderstood them
<qman__> worked great
<qman__> I was a bit miffed that it wasn't an option during install
<twb> qman__: it should be, with sufficiently low priority
<qman__> considering it's a fully supported configuration through upgrades
<Psi-Jack-> Okay, I'm pissed.
<lifeless> Psi-Jack-: what at ?
<Psi-Jack-> Error 15 on grub.
<twb> lifeless: he wants to boot grub2 on karmic *at all*.  He initially had /boot on ext4 and it fell over, so now I think he's trying to get grub2 working after moving /boot to ext3.
<Psi-Jack-> SECOND install, this time with /boot as ext3
<lifeless> and you've checked your device map is correct
<lifeless> ?
<Psi-Jack-> Hey, it just did it. I didn't tell it to do anything. :p
<twb> That device map is the bane of my existence
<MTecknology> I have /boot on ext4
<MTecknology> worked fine in 9.10 and still works in 10.04
<twb> I like syslinux's static MBR that just chainloads the boot sector of the first partition with the boot flag
<qman__> I only just recently started putting /boot on ext3
<twb> It doesn't care if the order of the disks changes
<qman__> I used to use ext2, old habit thanks to gentoo
<MTecknology> qman__: i thought they patched it to work with ext4 now
<Psi-Jack-> I did set my /boot as bootable, nothing else has it set bootable, cause it's mostly just a PATA 80GB with /boot, swap, /, and 4 SATA2-500's RAID10.
<qman__> for a couple hundred megs, it doesn't really matter what filesystem you use as long as it works
<twb> Psi-Jack-: grub doesn't care about the boot flag
<qman__> the boot flag only matters insofar as your BIOS loads grub
<qman__> if it's installed to the MBR it doesn't matter at all
<Psi-Jack-> Yeah, I watched it install to MBR hd(0)
<Psi-Jack-> Which in the rescue mode of the ubuntu disc, it shows /dev/sde* as the drive I'm working with.
<Psi-Jack-> a, b, c, d are my SATA drives.
<twb> Psi-Jack-: you might want grub-install --recheck or whatever it is
<Sripa> lifeless you there ?
<qman__> I had a similar problem on a system with three SATA disks
<qman__> the solution ended up being changing the boot order
<qman__> apparently the device map wasn't matching up with the boot order
<Psi-Jack-> The PATA drive /is/ primary for booting.
<lifeless> Sripa: ye
<twb> The #grub people say that device.map MIGHT be optional now; they weren't too sure
<Psi-Jack-> Ubuntu's been the only one failing this. Debian, OpenSUSE, no problem. Ubuntu, panics.
<lifeless> Psi-Jack-: does grub start up? if so hit shift, and edit the root etc definitions using tab complete to check whats working
<Sripa> lifeless: I have a crashed ubuntu :(..can I get back to you with the images I little while later ?
<lifeless> Sripa: me, or someone else, sure.
<Psi-Jack-> It starts with Error 15.
<Sripa> ok, If possible, please do respond
<Sripa> Thanks lifeless, see ya then..bye!:)
<Psi-Jack-> And yeah, device.map is 0 bytes
<arvind_khadri> hi, is there a package which provides just an ldap-client ??
<Psi-Jack-> is the ldap-client still "recommending" the server?
<Psi-Jack-> Interesting.
<Psi-Jack-> grub-install hd0, Cannot find a GRUB drive for /dev/sde1 . Check your device.map
<Psi-Jack-> Which is 0 bytes in size.
<lifeless> (hd0)   /dev/sda
<lifeless> you want it to be soemthing like that
<lifeless> or (hd0) /dev/sde
<lifeless> or whatever
<arvind_khadri> ldap-client is a virtual package i believe.
<lifeless> delete the device.map
<lifeless> and run sudo /usr/sbin/grub-install
<Psi-Jack-> lifeless: So make the contents of device.map (hd0) /dev/sde, then delete it, then rub grub-install.
<Psi-Jack-> Interesting.
<lifeless> no
<lifeless> just delete it
<lifeless> then run /usr/sbin/grub-install
<Psi-Jack-> It's saying (hd0) is  /dev/sda now. heh
<lifeless> right
<lifeless> probably hd4 is sde
<Psi-Jack-> Yep
<lifeless> so, /usr/sbin/grub-install /dev/sda (or /dev/sde, or whatever)
<lifeless> then try rebooting
<Psi-Jack-> We have boot. ;)\
<Psi-Jack-> I.. Think.
<Psi-Jack-> Yeah, it's booting now, finally.
<Psi-Jack-> And, of course, root password set. LOL
<Psi-Jack-> Fricken annoying though.
<Psi-Jack-> That's a definite bug in the installer for 9.10
<Psi-Jack-> Cause it was sde, even in the installer, and it failed.
<Psi-Jack-> prolly installed it to one of my RAID'd drives, instead of the right one.
<MTecknology> We should have a bot in here that tosses out a link if a new post ever comes up in the forums
<lifeless> ugh
<MTecknology> lifeless: sorry, just sounded like a fun idea
<MTecknology> lifeless: that was apparently a bad idea?
<lifeless> yes
<lifeless> if you want to be notified of forum events, subscribe to the forum
<MTecknology> lifeless: i suppose that would work too
<lifeless> this is a discussion area, having noise in it is not a good thing
<Psi-Jack-> Well, that makes a HUGE difference in speed. ;)
<Psi-Jack-> Going from a RAID5 all PATA configuration on GigE, to a RAID10 all SATA2 with dual bonded-alp GigE.
<Psi-Jack-> Ugh.
 * Psi-Jack- grunts. "Users aren't defaultly added to the "users" group....
<RoAkSoAx> kirkland, ping?
<leku> hello
<leku> is this amazon ec2 stuff a good replacement for a web hosting serer?
<leku> server
<ttx> leku: it's probably expensive for a long-running not-so-much-active server
<leku> hm
<ttx> look at the costs and decide by yourself ;)
<leku> yeah i just ran some numbers
<leku> is the first 10tb free?
<ttx> I have no clue
<leku> i don't suspect so but it wasn't clear
<leku> k
<leku> 62$ a month
<leku> about
<Xbert> I did and apt-get upgrade which crashed on 10.4, I ran the upgrade again and it completed but now I get the MOTD diplayed twice on login and one MOTD stiill shows 38 updates to do, anyone have any idea how to fix this?
<Anthoo> hello !
<whalesalad> Hey guys. I am doing some client work for someone in sweden, and the ssh account they've given me prints everything in Swedish. Is there a way to change the locale for my account?
<bogeyd6> Does console-log actually log the console to /var/log/something.log ?
<jmazaredo> two nic on same network will it be faster?
<bogeyd6> jmazaredo, when properly bonded, yes
<zul> ttx: ping for facter im going to revert back for what we had in karmic for debian/rules so we dont have to put ruby-pkg in main
<bogeyd6> jmazaredo, https://help.ubuntu.com/community/UbuntuBonding
<ttx> zul: sounds like a good option, how optional is it ?
<ttx> it's a separate build system or something ?
<jmazaredo> nice will check
<zul> karmic didnt have ruby-pkg so it should be a matter of copying/paste
<pmatulis> jmazaredo: if using a switch, then it needs to be able to handle "link aggregation" and configured accordingly
<jmazaredo> got two wifi cards
<jmazaredo> connecting to an ap
<bogeyd6> yowza
<bogeyd6> 08:37:34 up 13 days, 28 min,  1 user,  load average: 8.36, 7.69, 4.73
<bogeyd6> jmazaredo, i dont think you can bond two wifi cards
<pmatulis> bogeyd6: please investigate those load averages
<bogeyd6> pmatulis, its a vmware machine that has a WSUS server on it
<jmazaredo> will try though :D
<pmatulis> bogeyd6: WSUS?
<bogeyd6> jmazaredo, your net gain first of all will be nil
<bogeyd6> jmazaredo, mathematically you fail before you start
<bogeyd6> pmatulis, windows system updates server
<jmazaredo> brb :D
<bogeyd6> i take that back on bonding
<bogeyd6> with the proper linksys wrt54g router and using a firmware that allows you to bond two channels together, now we got ourselves a start
<bogeyd6> jmazaredo_, http://www.dd-wrt.com/wiki/index.php/Bonding
<bogeyd6> snap!
<bogeyd6> pmatulis, ironically vmware has a hard time coping with that load
<pmatulis> bogeyd6: what do you mean?
<bogeyd6> pmatulis, get lots of disk errors and crashes
<pmatulis> bogeyd6: what kind of vmware are you running?
<bogeyd6> pmatulis, vmware server 2
<pmatulis> bogeyd6: guess you should be using a different solution or a different machine
<bogeyd6> !!!!
<bogeyd6> pmatulis, you are a genius
<bogeyd6> GENIUS!
<CVirus> Where can i find a list of the packages installed with the ubuntu server edition ?
<Jeeves_> dpkg -l
<Jeeves_> dpkg -l | grep ^ii
<CVirus> Jeeves_: I don't have it installed .. I want to create a customized CD
<Jeeves_> Aren't you looking for the seeds-file than?
<bogeyd6> packages.ubuntu.com/hardy
<CVirus> Jeeves_: I have no clue yet what I'm supposed to do
<CVirus> i think this will help https://help.ubuntu.com/community/InstallCDCustomization
<CVirus> ?
<bogeyd6> CVirus, http://packages.ubuntu.com/hardy
<bogeyd6> replace hardy with what you want to use
<CVirus> thanks
<bogeyd6> CVirus, yes that website helps
<Jeeves_> CVirus: That wikipage is what you're looking for indeed
<CVirus> lol
<CVirus> thanks again
<Anthoo> hello
<Anthoo> franÃ§ais ou anglais ?
<_ruben> english it is in here
<Anthoo> ok ##ubuntu-server-fr
<Anthoo> french ?
<Anthoo> French if someone comes here wants to redirect it to please the French channel is: # # ubuntu-server-com, thank you
<hggdh> there is no such channel
<Anthoo> si
<Anthoo> hggdh: ##ubuntu-server-fr
<hggdh> Anthoo: ah, merci
<Anthoo> :)
<hggdh> Anthoo: you might want to announce it also on #ubuntu-fr
<Anthoo> o, he will not want to pub
<Anthoo> no, he will not want to pub
<wack479> anthoo:haha, are u talking about gaming?
<Anthoo> wack479: ?
<wack479> anthoo: i used to play pc games, and they used the term "want to pub" for playing on a public server. I just hadn't heard that term in forever. Don't know if thats what ya meant or not
<Anthoo> ah
<soren> kirkland: Just upping it to like 2000 would make a tremendous difference.
<zul> soren: hey, got an idea about #506985
<soren> bug #506985
<soren> Huh? Where's my bot?
<sorensbot> https://bugs.edge.launchpad.net/ubuntu/+source/rabbitmq-server/+bug/506985
<zul> *cough*
<soren> zul: Awesome :)
<wack479> I am having an issue with my RAID 5 array, everytime i reboot, it deletes the RAID partition
<wack479> I am having an issue with my RAID 5 array, everytime i reboot, it deletes the RAID partition, and therefore will not mount. However, the array still shows when in /proc/mdstat?
<henkjan> wack479: 'deletes'. What do you mean by that?
<henkjan> if it still shows up in /proc/mdstat its not deleted
<wack479> henkjan: hmm, thats weird, not it shows it as working
<wack479> it didnt b4
<wack479> thats weird
<wack479> *now it shows it as working
<soren> uvirtbot: Welcome back.
<uvirtbot> soren: Error: "Welcome" is not a valid command.
<soren> No, it's more of a friendly greeting.
<soren> meh
<uvirtbot> New bug: #292971 in libnss-ldap (main) "nscd leaking memory using libnss-ldap" [High,Triaged] https://launchpad.net/bugs/292971
<soren> zul: I've commented on the bug.
<zul> soren: thanks
<aubre> what's the big differences between UEC in Karmic and Lucid?
<uvirtbot> New bug: #541439 in php5 (main) "php5 should provide php5-mhash transitional package to remove mhash.ini conffile" [Wishlist,Confirmed] https://launchpad.net/bugs/541439
<uvirtbot> New bug: #541468 in eucalyptus (main) "euca-describe-images <img> lists all images when querying against ec2" [Undecided,Fix committed] https://launchpad.net/bugs/541468
<uvirtbot> New bug: #541486 in eucalyptus (main) "ubuntu-bug eucalyptus-common attaches massive files" [Low,Fix released] https://launchpad.net/bugs/541486
<uvirtbot> New bug: #541520 in tomcat6 (main) "Using incorrect JVM Garbage Collector" [Medium,In progress] https://launchpad.net/bugs/541520
<soren> Sorry about the flood. uvirtbot has been gone for a few days, so it's still catching up on things.
<uvirtbot> New bug: #541563 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.5 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Low,Incomplete] https://launchpad.net/bugs/541563
<uvirtbot> New bug: #541604 in samba (main) "package samba 2:3.4.0-3ubuntu5.5 failed to install/upgrade: sub-processo novo script post-removal retornou estado de saÃ­da de erro 1 (dup-of: 349469)" [Undecided,Confirmed] https://launchpad.net/bugs/541604
<uvirtbot> New bug: #541633 in groovy (main) "Missing groovy-all.*.jar" [Low,Incomplete] https://launchpad.net/bugs/541633
<uvirtbot> New bug: #541681 in samba (main) "3.4.x (x < 6)  does not allow printing under 64 bit clients" [Undecided,Fix released] https://launchpad.net/bugs/541681
<uvirtbot> New bug: #541758 in linux (universe) "Unknown HL-340 USB-Serial adapter cannot send break sequence in minicom" [Undecided,New] https://launchpad.net/bugs/541758
<uvirtbot> New bug: #541869 in samba (main) "package samba 2:3.4.6~dfsg-1ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 128 (dup-of: 522514)" [Medium,Confirmed] https://launchpad.net/bugs/541869
<uvirtbot> New bug: #541886 in clamav (main) "clamd: can't initialize the internal logger" [Undecided,Invalid] https://launchpad.net/bugs/541886
<uvirtbot> New bug: #541918 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.5 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1 (dup-of: 541563)" [Undecided,New] https://launchpad.net/bugs/541918
<uvirtbot> New bug: #541926 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.5 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1 (dup-of: 541563)" [Undecided,New] https://launchpad.net/bugs/541926
<uvirtbot> New bug: #541981 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.5 failed to install/upgrade: subproces installed post-installation script returned error exit status 1 (dup-of: 541563)" [Undecided,New] https://launchpad.net/bugs/541981
<uvirtbot> New bug: #542005 in samba (main) "faulty symlinks on mounted samba volumes" [Medium,Confirmed] https://launchpad.net/bugs/542005
<uvirtbot> New bug: #542027 in dovecot (main) "Purge and Reinstall Isn't Functioning" [Low,Incomplete] https://launchpad.net/bugs/542027
<uvirtbot> New bug: #542062 in awstats (main) "logresolvemerge.pl does not reap its children" [Low,New] https://launchpad.net/bugs/542062
<uvirtbot> New bug: #542066 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.5 failed to install/upgrade: el subproceso script post-installation instalado devolviÃ³ el cÃ³digo de salida de error 1 (dup-of: 541563)" [Undecided,New] https://launchpad.net/bugs/542066
<uvirtbot> New bug: #542108 in ubuntu (universe) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.3 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/542108
<uvirtbot> New bug: #542120 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.5 failed to install/upgrade:" [Undecided,Invalid] https://launchpad.net/bugs/542120
<uvirtbot> New bug: #542285 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.5 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Won't fix] https://launchpad.net/bugs/542285
<uvirtbot> New bug: #542307 in postfix (main) "package postfix (not installed) failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Low,Incomplete] https://launchpad.net/bugs/542307
<uvirtbot> New bug: #542373 in ubuntu (main) "Unable to install any updates after cpu upgrade " [Undecided,New] https://launchpad.net/bugs/542373
<uvirtbot> New bug: #542389 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.5 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1 (dup-of: 542388)" [Undecided,New] https://launchpad.net/bugs/542389
<uvirtbot> New bug: #542395 in openjdk-6 (multiverse) "ec2-api-tools with java-6-openjdk fail with java.net.SocketException" [Medium,Fix released] https://launchpad.net/bugs/542395
<uvirtbot> New bug: #542414 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.5 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Won't fix] https://launchpad.net/bugs/542414
<uvirtbot> New bug: #542543 in mysql-dfsg-5.1 (main) "Access denied for user 'root'@'localhost' to database SOMEDB" [Medium,New] https://launchpad.net/bugs/542543
<uvirtbot> New bug: #542745 in squid (main) "does not terminate at computer shutdown (dup-of: 539469)" [Undecided,New] https://launchpad.net/bugs/542745
<uvirtbot> New bug: #542746 in squid (main) "does not terminate at computer shutdown (dup-of: 539469)" [Undecided,New] https://launchpad.net/bugs/542746
<uvirtbot> New bug: #542770 in puppet (main) "package puppet-common 0.25.4-2ubuntu3 failed to install/upgrade: conflicting packages - not installing puppet-common (dup-of: 542768)" [Undecided,New] https://launchpad.net/bugs/542770
<uvirtbot> New bug: #542768 in puppet (main) "package puppetmaster 0.25.4-2ubuntu3 failed to install/upgrade: subprocess new pre-removal script returned error exit status 1" [Low,Fix released] https://launchpad.net/bugs/542768
<uvirtbot> New bug: #542788 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.5 failed to install/upgrade: Unterprozess installiertes post-installation-Skript gab den Fehlerwert 1 zurÃ¼ck" [Undecided,Fix released] https://launchpad.net/bugs/542788
<uvirtbot> New bug: #542871 in postfix (main) "package postfix 2.6.5-3 failed to install/upgrade: el subproceso script pre-installation nuevo devolviÃ³ el cÃ³digo de salida de error 1" [Low,Incomplete] https://launchpad.net/bugs/542871
<uvirtbot> New bug: #542938 in apache2 (main) "no clean url altough mod_rewrite" [Undecided,Invalid] https://launchpad.net/bugs/542938
<uvirtbot> New bug: #542955 in bind9 (main) "/sbin/ldconfig.real: File /usr/lib/libdns.so.64 is empty, not checked. " [Low,Incomplete] https://launchpad.net/bugs/542955
<uvirtbot> New bug: #543094 in samba (main) "mount error 13 - permisison denied when mounting samba shares on ubuntu server using cifs " [Undecided,Invalid] https://launchpad.net/bugs/543094
<uvirtbot> New bug: #543148 in mailman (main) "Private Archive Permissions Are Incorrect" [Low,Incomplete] https://launchpad.net/bugs/543148
<uvirtbot> New bug: #543197 in bacula (main) "package bacula 3.0.2-3ubuntu6 failed to install/upgrade: no package named `bacula' is installed, cannot configure" [Low,Incomplete] https://launchpad.net/bugs/543197
<uvirtbot> New bug: #543212 in php5 (main) "php5-cli in lucid-beta1 missing readline/libedit support" [Low,Fix released] https://launchpad.net/bugs/543212
<uvirtbot> New bug: #543767 in openssh "ssh logins doesn't show the MOTD when connecting with public key authorisation" [Low,Incomplete] https://launchpad.net/bugs/543767
<uvirtbot> New bug: #543798 in squid (main) "does not terminate at computer shutdown" [Undecided,Fix released] https://launchpad.net/bugs/543798
<uvirtbot> New bug: #543909 in samba (main) "package samba 2:3.4.0-3ubuntu5.5 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Invalid] https://launchpad.net/bugs/543909
<uvirtbot> New bug: #544030 in mysql-dfsg-5.0 (universe) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.2 failed to install/upgrade: subprocess new pre-removal script returned error exit status 1" [Undecided,Incomplete] https://launchpad.net/bugs/544030
<uvirtbot> New bug: #544052 in php5 (main) "Fatal error: Call to undefined function ldap_connect()" [Undecided,Fix released] https://launchpad.net/bugs/544052
<uvirtbot> New bug: #544134 in samba (main) "Windows ME unable to authenticate" [Low,Incomplete] https://launchpad.net/bugs/544134
<uvirtbot> New bug: #544216 in ntp (main) "time synchronizes even when config is set to manual" [Low,Confirmed] https://launchpad.net/bugs/544216
<uvirtbot> New bug: #544265 in bacula (main) "package bacula-director-mysql 3.0.2-3ubuntu6 failed to install/upgrade: " [Medium,Incomplete] https://launchpad.net/bugs/544265
<uvirtbot> New bug: #544315 in dhcp3 (main) "Inconsistent leases files with multiple interfaces in dhclient.conf" [Low,New] https://launchpad.net/bugs/544315
<uvirtbot> New bug: #544330 in qemu-kvm (main) "qemu-system-ppc: unable to boot past 'returning from prom_init'" [Wishlist,New] https://launchpad.net/bugs/544330
<uvirtbot> New bug: #544377 in tftp-hpa (main) "PXE Error: Only absolute filenames allowed (dup-of: 531123)" [Undecided,New] https://launchpad.net/bugs/544377
<uvirtbot> New bug: #544426 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu5 failed to install/upgrade:  (dup-of: 522185)" [Undecided,New] https://launchpad.net/bugs/544426
<uvirtbot> New bug: #544510 in postfix (main) "package postfix 2.7.0-1 failed to install/upgrade:" [Low,Incomplete] https://launchpad.net/bugs/544510
<aubre> soren: whee
<uvirtbot> New bug: #544673 in euca2ools (main) "euca-describe-images yields no output when -a/-o/-x unspecified (dup-of: 544676)" [Undecided,New] https://launchpad.net/bugs/544673
<aubre> people still use Windows ME ?
<uvirtbot> New bug: #544748 in resolvconf (main) "resolveconf fails if postconf not installed" [Medium,Incomplete] https://launchpad.net/bugs/544748
<uvirtbot> New bug: #544760 in squid (main) "fails to start: Unknown job: squid" [Undecided,Fix released] https://launchpad.net/bugs/544760
<uvirtbot> New bug: #544961 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.5 failed to install/upgrade: Unterprozess installiertes post-installation-Skript gab den Fehlerwert 4 zurÃ¼ck" [Low,Incomplete] https://launchpad.net/bugs/544961
<uvirtbot> New bug: #545004 in qemu-kvm (main) "kvm VMs don't start: qemu: could not load PC BIOS 'bios.bin' (dup-of: 545302)" [High,In progress] https://launchpad.net/bugs/545004
<uvirtbot> New bug: #545052 in squid (main) "package squid 2.7.STABLE7-1ubuntu10 failed to install/upgrade: squid upstart job failed to start" [Medium,Incomplete] https://launchpad.net/bugs/545052
<uvirtbot> New bug: #545142 in puppet (main) "Lucid's puppet unable to make a certificate signing request to Hardy's Puppet" [Undecided,Won't fix] https://launchpad.net/bugs/545142
<uvirtbot> New bug: #545170 in sysstat (main) "Sar adds together the block I/O of /dev/sda and /dev/sdaX" [Undecided,New] https://launchpad.net/bugs/545170
<pmatulis> geez
<uvirtbot> New bug: #545294 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.5 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Incomplete] https://launchpad.net/bugs/545294
<uvirtbot> New bug: #545319 in nut (main) "nut configuration should be config files, not conffiles" [Low,New] https://launchpad.net/bugs/545319
<soren> aubre: Whee indeed. There's still three days' worth of bugs to go, apparantly.
<uvirtbot> New bug: #545327 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.5 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Low,Incomplete] https://launchpad.net/bugs/545327
<uvirtbot> New bug: #545331 in squid (main) "package squid 2.7.STABLE7-1ubuntu10 failed to install/upgrade: squid upstart job fails to restart" [Medium,Incomplete] https://launchpad.net/bugs/545331
<uvirtbot> New bug: #545683 in logwatch (main) "ignore file missing from logwatch package" [Undecided,Invalid] https://launchpad.net/bugs/545683
<uvirtbot> New bug: #545739 in php5 (main) "lucid - php not parsed in user directory" [Undecided,New] https://launchpad.net/bugs/545739
<uvirtbot> New bug: #545741 in qemu-kvm (main) "package qemu-common 0.12.3+noroms-0ubuntu1 failed to install/upgrade: trying to overwrite '/usr/share/qemu/keymaps/fr', which is also in package qemu-kvm 0:0.11.0-0ubuntu6.3" [High,Fix released] https://launchpad.net/bugs/545741
<uvirtbot> New bug: #545798 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade: il sottoprocesso vecchio script di post-installation ha restituito lo stato di errore 1 (dup-of: 545797)" [Undecided,New] https://launchpad.net/bugs/545798
<uvirtbot> New bug: #545864 in samba (main) "Error WBC_ERR_DOMAIN_NOT_FOUND in pam_winbind causes passwd to fail" [Undecided,New] https://launchpad.net/bugs/545864
<uvirtbot> New bug: #546191 in quagga (main) "bgp won't advertize ipv6 routes" [Undecided,New] https://launchpad.net/bugs/546191
<uvirtbot> New bug: #510086 in eucalyptus (main) "localhost connection timeouts after start of eucalyptus" [Medium,Fix released] https://launchpad.net/bugs/510086
<uvirtbot> New bug: #423252 in sudo (main) "NSS using LDAP on Karmic breaks 'su' and 'sudo'" [Unknown,Confirmed] https://launchpad.net/bugs/423252
<uvirtbot> New bug: #546526 in euca2ools (main) "euca-bundle-image --help gives 'Invalid user' message" [Low,Fix released] https://launchpad.net/bugs/546526
<uvirtbot> New bug: #546548 in euca2ools (main) "euca-bundle-image --block-device-mapping is broken" [Undecided,Fix released] https://launchpad.net/bugs/546548
<uvirtbot> New bug: #546551 in euca2ools (main) "euca-describe-image-attribute --kernel or --ramdisk fails" [Undecided,Fix released] https://launchpad.net/bugs/546551
<uvirtbot> New bug: #546563 in redland (main) "apache2 crashed with SIGSEGV in librdf_free_uri()" [Undecided,New] https://launchpad.net/bugs/546563
<uvirtbot> New bug: #546567 in euca2ools (main) "euca-download-bundle usage says --manifest_path instead of --manifest" [Low,Fix released] https://launchpad.net/bugs/546567
<uvirtbot> New bug: #242009 in qemu-kvm (main) "Virt- manager grabs mouse when you press ctrl-alt" [Wishlist,Confirmed] https://launchpad.net/bugs/242009
<uvirtbot> New bug: #546572 in euca2ools (main) "euca-modify-image-attribute -l -a exits success on non-existant id" [Undecided,New] https://launchpad.net/bugs/546572
<soren> Ok, almost there now.
<uvirtbot> New bug: #546677 in puppet (main) "puppet should recommend etckeeper" [Wishlist,Triaged] https://launchpad.net/bugs/546677
<uvirtbot> New bug: #546691 in mysql-dfsg-5.1 (main) "MySQL package dependancies are broken for Lucid" [Undecided,Fix released] https://launchpad.net/bugs/546691
<uvirtbot> New bug: #546745 in libvirt (main) "libvirt tries to read /etc/sasl/libvirt.conf not /etc/sasl2/libvirt.conf despite docs" [Undecided,New] https://launchpad.net/bugs/546745
<uvirtbot> New bug: #546820 in mysql-dfsg-5.1 (main) "mysql-testsuite ships arch-dependent binaries in arch:all package" [High,Triaged] https://launchpad.net/bugs/546820
<uvirtbot> New bug: #246659 in backuppc (main) "Backuppc no compression when change topdir" [Undecided,Confirmed] https://launchpad.net/bugs/246659
<uvirtbot> New bug: #546896 in samba (main) "package samba-common-bin 2:3.4.0-3ubuntu5.6 failed to install/upgrade: subprocess installed post-installation script returned error exit status 2" [Low,Confirmed] https://launchpad.net/bugs/546896
<uvirtbot> New bug: #547038 in postfix (main) "package postfix 2.5.5-1 failed to install/upgrade: subprocess post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/547038
<uvirtbot> New bug: #547059 in eucalyptus (main) "euca-describe-snapshots gives different output than ec2-describe-snapshots" [Undecided,Fix committed] https://launchpad.net/bugs/547059
<uvirtbot> New bug: #536876 in eucalyptus "euca-describe-availability-zones verbose is undocumented" [Low,Fix committed] https://launchpad.net/bugs/536876
<uvirtbot> New bug: #547249 in mailman (main) "Move the web interface to a separate package to remove apache dependance" [Wishlist,Confirmed] https://launchpad.net/bugs/547249
<uvirtbot> New bug: #548483 in euca2ools "euca-confirm-product-instance broken" [Undecided,New] https://launchpad.net/bugs/548483
<uvirtbot> New bug: #476619 in eucalyptus "Networking problem in Eucalyptus when VNET_PUBLICIPS has an IP being used in its range" [Wishlist,Won't fix] https://launchpad.net/bugs/476619
<uvirtbot> New bug: #548785 in postfix (main) "postfix_2.7.0-1 failed to install on 10.04" [Undecided,New] https://launchpad.net/bugs/548785
<uvirtbot> New bug: #548823 in php5 (main) "php-cli blank on Lucid 32" [Medium,Triaged] https://launchpad.net/bugs/548823
<uvirtbot> New bug: #548885 in ntp (main) "ntp host name not found error" [Undecided,New] https://launchpad.net/bugs/548885
<funkyHat> Hello. Is anyone using aide? I've installed it but it's logging more details than I want and I'm finding the config files confusing
<funkyHat> Or would anyone recommend a different IDS?
<pmatulis> funkyHat: haven't used the stuff in donkey's years, does tripwire still exist?
<funkyHat> Yes
<funkyHat> I guess tripwire would be good to try... it seems to be more well known, maybe it has frendlier defaults
<Schmidt> funkyHat: I have the same problem... Have you looked at ossec ?
<funkyHat> Schmidt: no, not seen that one
<Schmidt> I am thinking about reviewing it for my employer
<Schmidt> Haven't looked ossec myself yet
<lamont> 548785 - "when I removed this config file a while back, I broke my machine.  Now it's giving me these errors"
<MTecknology> I can't figure this out... php-cgi works completely perfect loading the first page and stays running - but once you load the second page it dies
<MTecknology> I'm wondering if something broke in 10.04 with php-cgi
<MTecknology> Any of you use php-cgi and have a system your testing 10.04 on?
<MTecknology> I'm starting to think it could be a bugin php.ini.... if I run php-cgi with -n (no php.ini) it will keep running - but obviously can't load any web pages because it's missing almost everything required to load anything
<ScottK> There are those that would consider PHP not loading web pages to be progress.
<mathiaz> hggdh: hi!
<mathiaz> hggdh: you can use the uec test rig to resume your Beta1 testing
<MTecknology> ScottK: why's that?
<ScottK> Security nightmare
<MTecknology> ScottK: php is the future man! :P
<ScottK> Maybe yours
<MTecknology> I run one php-cgi instance per user as that user and all the web content is their permission so any file systems changes happen as that user rather than other users, it helps
<MTecknology> ScottK: I'm not the biggest fan of PHP - especially after trying to package it myself - but everything we rely on uses it - save for the one that uses ruby....
<MTecknology> I'm not understanding what's breaking and I can't get any verbose output....
<MTecknology> I guess I'll get to deal with strace
<ScottK> Sorry, so far I've managed to avoid touching php and plan to continue the streak.
<MTecknology> ScottK: you've not touched php you're entire life?
<ScottK> Yep.  I'm not much of a web guy.
<ttx> mathiaz !
<MTecknology> oh, that's 80% of what i do
<funkyHat> Akismet is lying to me
 * mathiaz hugs ttx 
<ttx> mathiaz: coudln't get status from you in time for the release meeting, so I invented.
<mathiaz> ttx: sorry about that
<ttx> mathiaz: I didn't see any email about the multi-network automated tseting
<mathiaz> ttx: I hoped the updates I made yesterday were clear enough
<ttx> does that mean it works ? Or that it's so broken you wouldn't talk about it
<mathiaz> ttx: work in progress
<ttx> ok
<ttx> so not abandoned yet
<MTecknology> sendto(5, "<9>suhosin[8689]: ALERT - canary"..., 159, 0, NULL, 0) = 159        close(5)   = 0
<MTecknology> that's interesting
<ttx> Do you expect to have time to look into the openldap beta2-targeted bugs ?
<ttx> or will you need help on that ?
<ttx> mathiaz: ^
<mathiaz> ttx: hm - considering that the beta2 freeze is next Thursday
<mathiaz> ttx: and I plan to work on MySQL next Tuesday and Wednesday
<mathiaz> ttx: I don't think I'll have to look into slapd bugs before Thursday
<mathiaz> ttx: ie upload a slapd package to fix the beta2 bugs before beta2 freeze kicks in
<mathiaz> ttx: if you agree with that ^^, I'd need help with slapd beta2 bugs
<ttx> mathiaz: could you debunk the issues today and Monday ? so that someone else can take it up and try to do something before Beta2Freeze ?
<mathiaz> ttx: nope
<mathiaz> ttx: I won't have the necessary connectivity to do the testing
<ttx> Hmm, I'll see what I can do. Otherwise maybe a Milestone Exception will be in order.
<ttx> if that's our only one, we are in good shape
<mathiaz> ttx: I can probably work on the bugs on Thursday
<mathiaz> ttx: which means having an upload on Thursday or Friday next week
<mathiaz> ttx: if that works for you, then I don't need help on the slapd beta2 tests
<ttx> ok.
<ttx> smoser: I propose we have the discussion on ramdisk/EC2 during the team meeting next week, to decide before Beta2Freeze
<smoser> thats fine.
<smoser> it woudl help to have some thoughts from keybuk on it. suspecting what is the cause and why ec2 would not see it.
<hggdh> mathiaz: thanks, will do
<uvirtbot> New bug: #548970 in php5 (main) "[lucid] php5-cgi crashes when attempting to load page" [Undecided,New] https://launchpad.net/bugs/548970
<ivoks> hello :)
<zul> hey ivoks long time no see :)
<ivoks> did you miss me? :)
<zul> not really :)
<ivoks> i was studying for my last exam
<ivoks> and i passed it!
<ivoks> yay
<ivoks> was a freaking time...
<ivoks> i know, cluster stack spec is outdated
<ivoks> mail stack is outdated
<zul> bacula updated
<ivoks> nice
<zul> most of our changes have made it into debian actually
<ivoks> awesome
<ivoks> well, i just stoped to say hi
<ivoks> and let you know i didn't go away... yet :D
<zul> heh
<ivoks> i have a meeting in 15 mins
<uvirtbot> New bug: #354434 in vsftpd (main) "ftp(vsftpd 2.0.6)  download crc error, thus the data is good on disk(via ssh orsftp). Help needed!" [Undecided,Incomplete] https://launchpad.net/bugs/354434
<sammy> so I'm confused. I'm looking for the meta package that includes not only the server image, but also the server image's headers. linux-server and linux-image-server seem to be mutually exclusive, and while both pull in linux-image-generic-pae, neither pull in linux-headers-generic-pae
<uvirtbot> New bug: #549022 in eucalyptus (main) "NC publication job should support specific IP" [Undecided,New] https://launchpad.net/bugs/549022
<MTecknology> zul: hi, where can I grab php5-5.3.2 ?
<zul> its in lucid
<MTecknology> zul: I'm on lucid and I still seem to have 5.3.1
<zul> should be there
<guntbert> !info php5 lucid | zul
<ubottu> zul: php5 (source: php5): server-side, HTML-embedded scripting language (metapackage). In component main, is optional. Version 5.3.1-5ubuntu2 (lucid), package size 1 kB, installed size 20 kB
<zul> checking
<MTecknology> perhaps still in the pocket?
<MTecknology> if that's the right term :S
<MTecknology> I'm still trying to understand all the packaging doo dadyy that goes on :P
<ScottK>       php5 | 5.3.1-5ubuntu2 |         lucid | all
<ScottK>       php5 | 5.3.2-1ubuntu1 |         lucid | source
<ScottK> At a glance, 5.3.2 isn't built.
<ScottK> That's part of the output from rmadison php5
<sammy> ScottK: where did you get that output from? oh. madison.
<ScottK> sammy: rmadison
<zul> im uploading a fix
<zul> k it should be built now]
 * zul is having a blonde week
<MTecknology> zul: how long till i can install this amazing fix?
<zul> MTecknology: couple of hours maybe
<MTecknology> zul: that's sad - I want it now :P
<MTecknology> zul: so how does that work? the source was uploaded but the binary wasn't?
<zul> MTecknology: source was uploaded but the binaries were waiting for a dependency...
<MTecknology> zul: so you just uploaded the dependency?
<Nonpython> how do I a 403 error when ever I try to run a python cgi script?
<Nonpython> how do I fix a 403 error when ever I try to run a python cgi script?
<kirkland> jdstrand: will respond; have been sprinting all week
<kirkland> soren: agreed, i was eyeing 2000
<MTecknology> zul: I'm mostly just curious about the process, i'll go ask in -motu
<kirkland> soren:  you can open a bug and assign to me, if you like; otherwise, i'll just get to it
<jdstrand> kirkland: cool, thanks. no rush on my end-- mostly just wanted to make sure you saw it :)
<kirkland> jdstrand: definitely; and it wasn't something that i could respond to quickly :-)
<jdstrand> :)
<zul> MTecknology: well it goes to a queue to be built then it goes to the archive and then goes to the mirrors basically
<jbartus> hi all, curious if anyone has had a crack at Ubuntu Enterprise Cloud (bundled eucalyptus) yet
<jbartus> i'm in the middle of a RHEV demo now, and its making my teeth hurt
<skrite> anyone know what may cause an Innodb mysql server db to take a long long long time to shutdown or restart?
<KillMeNow> first guess is how much data is getting shoved in to the DB at any giving time?
<jbartus> skrite: http://www.mysqlperformanceblog.com/2009/04/15/how-to-decrease-innodb-shutdown-times/
<skrite> jbartus, cool, thanks !
<jbartus> learned that one the hard way, standing in a datacenter using a tiny laptop at 1am desperatly hoping it would finish shutting down with enough time left over to do my actual change inside the outage window
<skrite> jbartus, damn
<soren> kirkland: Erm, it's a kernel team thing, surely?
<uvirtbot> New bug: #549072 in spamassassin (main) "Sync spamassassin 3.3.1-1 (main) from Debian unstable (main)" [Wishlist,Confirmed] https://launchpad.net/bugs/549072
<uvirtbot> New bug: #546874 in samba (main) "passwd - can't login, change password" [Undecided,Triaged] https://launchpad.net/bugs/546874
<timClicks> is it possible to sell the space capacity in my private cloud to a public cloud vendor?
<tyska> Hello guys!
<tyska> Where is the best source of information about Ubuntu Enterprise Cloud
<tyska> ?
<KillMeNow> what kinds of info are you looking for Tyska?
<KillMeNow> how to?
<KillMeNow> or ?
<KillMeNow> http://www.ubuntu.com/cloud/private is the typical high altitude stuff
<tyska> im looking for support
<tyska> to solve some problems im having
<tyska> the how to is really great but if i get some error in the proccess, where can i find information
<tyska> ?
<KillMeNow> https://enterprise.ubuntu.com/professional_services.php
<KillMeNow> see if that helps you
<ScottK> You can also ask questions here
<KillMeNow> http://www.ubuntu.com/news/canonical-launches-enterprise-cloud-service
<tyska> i dont know how to use elastic fox
<tyska> where i get the AWS credentials?
<soren> tyska: For UEC or for EC2 proper?
<tyska> for UEC
<tyska> someone knows where can i find the AWS credentials to put in elasticfox?
<soren> tyska: Log into the management console.
<soren> tyska: You'll see them there.
<tyska> the management console is that through the web browser?
<soren> Yes.
<tyska> ok
<tyska> there is a tab called Credentials
<tyska> There is a option called Query interface credentials in this tab
<tyska> this show me the Query ID and the Secret Key
<tyska> this is the aw credentials?
<soren> Seems like a good guess.
<tyska> =/ i dont know to configure elasticfox =(
<tyska> for UEC
<tyska> it seems that elasticfox is configured to EC2
<tyska> i found a how to configure elasticfox for UEC ;)
<tyska> im on the right way =)
<geneticx_wrk> hi everyone. I'm using ubuntu's network manager IPSec VPN client, I'm able to connect to the VPN but cannot ping LAN or Internet however when I connect from a windows machine it works flawlessly, any ideas why?
<tyska> lol, i cant define a new region on elastic fox =(
<KillMeNow> geneticx_wrk:  check to see if the route is getting added properly
<geneticx_wrk> KillMeNow: i dont think they are being added properly, because the Default gateway is all zeros when in reality it should be the VPN IP i get
<tyska> hello guys
<tyska> someone knows how can i see if my cloud have the nodes properly installed?
<tyska> or better saying, properly discovered
<tyska> hello someone?
<tyska> someone is online and reading the chat?
<tyska> hello people
<KillMeNow> what's up
<KillMeNow> geneticx:  i would expect a 0.0.0.0 if you're doing a split horizon VPN
<tyska> how can i know that the nodes are working properly?
<tyska> there some way to see a list in the cluster controller?
<KillMeNow> i'm not the one to ask in regards to the cluster
<tyska> do you already use rightme, or landscape? if yes, wha tis the best one
<tyska> how can i realize a ssh connect in virtual machines?
<MTecknology> zul: :( php5-5.3.2 didn't fix the issue
<zul> MTecknology: what issue are you talking about?
<MTecknology> zul: bug 548970
<uvirtbot> Launchpad bug 548970 in php5 "[lucid] php5-cgi crashes when attempting to load page" [Undecided,Incomplete] https://launchpad.net/bugs/548970
<zul> MTecknology: what php application is it? and is it just one application?
<MTecknology> zul: Drupal, I don't have any others running on here
<zul> which version?
<MTecknology> 6 and 7
<MTecknology> hrm...
<MTecknology> zul: ok..... http://connect.kalliki.com/info.php
<MTecknology> so the issue is with drupal?
<zul> MTecknology: probably
#ubuntu-server 2010-03-27
 * MTecknology *sighs* *expletive*
<MTecknology> zul: from that strace do you have any idea what might be causing it?
<zul> MTecknology: nope
 * zul wonders off for dinner
<MTecknology> zul: alrighty, I'll try grabbing another php app and try that out
<MTecknology> zul: I figured out where suhosin stops it, but it doesn't make sense... http://drupalbin.com/14079
<MTecknology> Mar 26 19:12:28 incipio suhosin[17431]: ALERT - canary mismatch on efree() - heap overflow detected at 0x2181398 (attacker '96.2.97.126', file '/home/michael/drupal6/includes/bootstrap.inc', line 1269)
<MTecknology> !suhosin
<MTecknology> Maybe this is a question for -hardened
<funkyHat> Is there a way to use more than one IP with a single network interface?
<funkyHat> Ah, iface eth0:0 â¢)
<uvirtbot> New bug: #549253 in samba (main) "package samba-common-bin 2:3.4.0-3ubuntu5.4 failed to install/upgrade: subprocess dpkg-deb --control returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/549253
<RoAkSoAx> funkyHat, indeed, you can also configrue them in /etc/network/interfaces to be iface eth0:0 inet static... etc etc
<funkyHat> RoAkSoAx: yes that's what I've done â¢)
<RoAkSoAx> awesome then ;)
<funkyHat> Still trying to figure out this silly dnsmasq wildcard thing though
<funkyHat> http://serverfault.com/questions/122631/how-to-configure-a-static-wildcard-subdomain-with-dnsmasq/122646#122646 the answer there doesn't work
<VSpike> This is the iptables setup on my nat gateway + squid server. http://pastebin.com/xy2EZetR
<RoAkSoAx> i have played little with dnsmasq so i dont think i can help you with that
<VSpike> can anyone tell me what I need to do to forward an external port to a specific machine/port on the private lan?
<agentk> An example for my firewall: iptables -A PREROUTING -s ! 192.168.0.0/16 -i ppp+ -p tcp --dport 25 -j DNAT --to-dest 192.168.1.23
<agentk> VSpike: It's very similar to your squid redirect. That what you were asking?
<VSpike> agentk: i think so .. thanks.. let me pick it apart with iptables doc :)
<agentk> VSpike: No prob. Mine's been made fairly specific the the system here. Basics are: PREROUTING <match rules> <action rule>
<agentk> VSpike: Another example with port redirection too: iptables -t nat -A PREROUTING  -i ppp+ -s 192.168.0.0/16 -d ! 192.168.0.0/16 -p tcp --dport 80   -j DNAT --to-dest 192.168.1.1:8081
<VSpike> agentk: that second one redirects outgoign traffic on port 80 to 192.168.1.1:8081 ?
<VSpike> except it says in interface is ppp+ which seems to be the WAN
<agentk> VSpike: It's for traffic comming in over a vpn in through ppp0 and ppp1 to be sent to a squid machine
<VSpike> source is local network, destination is not local network.  that seems to be a contradiction, so i'm probably missing some.... ah!
<VSpike> vpn of course
<agentk> I start with the broadest match rules that work, and narrow them down until it still works and gets closest to the match I need.
<uvirtbot> New bug: #549291 in php5 (main) "package php5-ldap 5.3.2-1ubuntu2 failed to install/upgrade: trying to overwrite '/usr/lib/php5/20090626 lfs/ldap.so', which is also in package libapache2-mod-php5 0:5.3.1-5ubuntu2" [Undecided,New] https://launchpad.net/bugs/549291
<Psi-Jack-> UEC supports Xen, correct?
<Psi-Jack-> Okay, so it does, you just have to install xen-utils with it. However, does it have installers for xen-based domU's?
<uvirtbot> New bug: #549335 in php5 (main) "package php5-ldap 5.3.1-5ubuntu2 failed to install/upgrade: Ð¿Ð¾Ð¿ÑÑÐºÐ° Ð¿ÐµÑÐµÐ·Ð°Ð¿Ð¸ÑÐ¸ '/usr/lib/php5/20090626+lfs/ldap.so', ÐºÐ¾ÑÐ¾Ñ(ÑÐ¹)Ð°Ñ ÑÐ°ÐºÐ¶Ðµ Ð½Ð°ÑÐ¾Ð´Ð¸ÑÑÑ Ð² Ð¿Ð°ÐºÐµÑÐµ libapache2-mod-php5 0:5.3.1-5ubuntu2" [Undecided,New] https://launchpad.net/bugs/549335
<ddecator> can anyone help me get my server (first one i've setup) to join my wpa2 wireless network through a wireless usb adapter? the adapter works and it picks up the network, i just don't know how to get it to use the passkey so it can actually use the connection
<ddecator> nvm, got it
<MTeck-ricer> where is mysql data stored?
<rcsheets> by default it will be under /var/lib/mysql
<MTeck-ricer> rcsheets: thanks :)
<rcsheets> it's configured in /etc/mysql/my.cnf though
<rcsheets> it's datadir
<MTeck-ricer> rcsheets: so if I did a dumb **** move, is it possible to recover mysql data from that data only?
<MTeck-ricer> a move like losing everything except /var, /home, /etc, and /usr
<rcsheets> so um ... /var, /home, /etc, and /usr have pretty much all your data in them, typically
<MTeck-ricer> i was backing up those, but toasted the system
<rcsheets> unless you had stuff in /srv, i guess. you've pretty much lost the parts of the system that will be restored if you install from scratch.
<MTeck-ricer> How can I recover mysql data from that?
<MTeck-ricer> rcsheets: those partitions are what I kept
<MTeck-ricer> everything else is gone
<rcsheets> if this was just a database server, i'd suggest installing ubuntu server on a different machine, installing mysql there, and then restoring /etc/mysql and /var/lib/mysql to the new box, and see if it works ok
<rcsheets> i would actually be pretty surprised if that didn't work
<MTeck-ricer> rcsheets: awesome :D
<MTeck-ricer> thanks
<MTeck-ricer> I'll have to start resurrecting this tomorrow morning
<ddecator> could someone help me setup an ssh connection between my comp and my server? i am trying to get irssi+screen setup, but i have no idea how to connect the two. i'm following https://help.ubuntu.com/9.10/serverguide/C/openssh-server.html but i'm still lost
<Bob28> hi
<uvirtbot> New bug: #549449 in samba (main) "package samba-common-bin 2:3.4.0-3ubuntu5.5 failed to install/upgrade: subprocess dpkg-deb --control returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/549449
<Britany_okla> hi
<Skaag> I have upgraded a box from 9.04 server to 9.10 server, and now during boot time it's stuck on: init: ureadahead main process (1327) terminated with status 5
<Skaag> google doesn't reveal much about this
<uvirtbot> New bug: #549508 in krb5 (main) "Can't resolve realm kdc with a fully qualified hostname" [Undecided,New] https://launchpad.net/bugs/549508
<ScottK> Skaag: IIRC the beta 1 release notes had something on an issue with server startup.  Not sure if it's related or not.
<Skaag> I took a screenshot of a video feed to that machine :-)
<Skaag> this is it: http://dl.dropbox.com/u/40057/Ubuntu910NoBoot.png
<Skaag> excuse the bad quality of the image
<Skaag> what would you suggest to do in such a situation
<ScottK> Not sure.
<uvirtbot> New bug: #549527 in samba (main) "Cannot find domain controller when joining a domain" [Undecided,New] https://launchpad.net/bugs/549527
<Skaag> ok found the issue
<Skaag> I setup that machine as a virtual machine host
<Skaag> so it was using vmlinuz-2.6.26-2-xen-686
<Skaag> but in Karmic, to boot properly you need a kernel around vmlinuz-2.6.31-20-generic or vmlinuz-2.6.31-20-generic-pae
<Skaag> so now I can't run the virtual machines
<Skaag> and now that I think about it, I brought that kernel from debian
<Skaag> due to an issue with the ubuntu one
<sherr> Skaag: All very important and relevant bits of information for upgrade trouble! :-)
<uvirtbot> New bug: #549535 in samba (main) "Failed to join domain: failed to connect to AD: Operations error" [Undecided,New] https://launchpad.net/bugs/549535
<mrlemao> What is considered a best practice in terms of installing apps (server only). Should I create a user for each app and install it in its home (user per app)? Or are there better strategies?
<sherr> mrlemao: the package manager (apt/apt-get/aptitude) will setup the applications and create necessary users/files etc. I doubt there's a need to do anything else. What apps?
<mrlemao> Sorry, these are my own apps on top of an existing install
<mrlemao> btw, http://tinyurl.com/ubuntuserv link is broken
<sherr> Limiting an app via a separate uer or group could be considered good practice from a security perspective.
<sherr> uer->*user
<mrlemao> sherr: thanks. I will do so
<Anthoo> hello
<Anthoo> Someone knows he iptables?
<gzur_> Hi - I'm running Ubuntu 8.0.4 LTS and can only access it via SSH. A technician connected an external drive to my server yesterday and I'm having trouble mounting it.
<gzur_> Can I disconnect/reconnect the external drive somehow via SSH?
<gzur_> Since I don't have physical access to the server itself.
<gzur_> maybe a reboot would do the trick?
<gzur_> trying that now :)
<joschi> gzur_: what kind of drive? does your kernel have the necessary drivers and are they loaded?
<gzur_> it's an NTFS usb drive
<gzur_> it comes up in fdisk -l as   HPFS/NTFS
<joschi> gzur_: make sure the ntfs module is loaded
<gzur_> how can I make sure?
<joschi> gzur_: and then just mount the appropriate partition
<joschi> gzur_: check the loaded modules with `lsmod`
<joschi> gzur_: and load ntfs with `modprobe` if it hasn't been loaded yet
<gzur_>  lsmod | grep ntfs gives bubkiss
<gzur_> can I install it through apt?
<joschi> gzur_: it should be part of linux-image
<joschi> so you don't need to install it seperately
<gzur_> so I only need to activate it?
<gzur_> doesn't it get activated automatically if I try to mount an NTFS drive?
<joschi> try it...
<gzur_> http://ubuntu.pastebin.com/EJB9vzuN
<gzur_> looks like a problem with the drive
<gzur_> which is weird, I was copying onto it from windows yesterday morning
<gzur_> and it worked fine
<gzur_> sudo fdisk -l gives this: http://ubuntu.pastebin.com/QM1zgL5G
<sherr> gzur: got anywhere?
<uvirtbot> New bug: #549668 in samba4 (universe) "package samba4-common-bin 4.0.0~alpha8+git20090718-1 failed to install/upgrade: le sous-processus script post-installation installÃ© a retournÃ© une erreur de sortie d'Ã©tat 2" [Undecided,New] https://launchpad.net/bugs/549668
<asti> I was hoping someone could help me please. I have 5x 1.5TB WD EARS drives which I am trying to put into a Raid 5 mdadm based array. I would like to avoid having horrid performance (the dreaded 4kb-sector issue), so was wondering how to align the partitions and have them put into an mdadm array.
<asti> I originally attempted to add all the drives to a ZFS-Fuse based Raid Z pool but that ended up having 23MB/s copy ceiling to the array so I gave up.
<sherr> asti: This LWN article offers useful background but I suspect things will be more complicated if you are looking at performance over RAID5/MD.
<sherr> http://lwn.net/Articles/377895/
<asti> thank you
<that0n3guy> ok I have an issue, trying to figure out if i've been hacked.... my domain.com goes to the right place, but www.domain.com goes someplace else...
<that0n3guy> I checked my vhost config file, my .htaccess, my registrar, cant figure out how they are forwarding the www someplace else...
<ScottK> What domain?
<that0n3guy> programmablecoffeemaker.org
<that0n3guy> that goes to my site... then add the www. and it goes someplace else
<that0n3guy> I'm on linode vps
<ScottK> Is 67.222.48.64 your IP address too?
<ScottK> And 69.164.198.113?
<ScottK> I see both in DNS for your domain.
<that0n3guy> only 68....113
<ScottK> It's a DNS issue then.
<ScottK> Sometimes I get 113 and sometimes I get 64.
<ScottK> So that's an issue at registrar-servers.com
<ScottK> Gotta run.
<that0n3guy> oh wait... 64 is me forwarding to a diff host
<that0n3guy> 67.222.48.64 is not mine
<that0n3guy> how did you check that?
<guntbert> that0n3guy: there is a wonderful tool: dig
<that0n3guy> so if my registrar is having a dns issue, do I just email them and tell them hey have a problem?
<that0n3guy> guntburt, thanks for the heads up on dig
<guntbert> that0n3guy: first look at what his DNS server has to say about it - maybe its a question of spreading the info
<that0n3guy> hu? by "spreading the info" do you mean just telling someone?
<guntbert> that0n3guy: no, sorry - the DNS servers talk to each other to keep the database consistent - and that *can* take up to a week
<that0n3guy> ok, but haven't changed anything in months
<that0n3guy> im going to shoot them an email
<guntbert> that0n3guy: seems best - (but if I may give uncalled advice: just ask what is the matter - don't accuse them of misconfiguring something :-))
<that0n3guy> ha, yeah good call, being nice usually ends up w/ better results... thanks guntbert
<guntbert> that0n3guy: Good luck :-)
<that0n3guy> have a good one
<monkey_dust> folx, in /etc/network/interfaces, how do i configure a local static IP addres for awireless connection -- eth0 works
<uvirtbot`> New bug: #549848 in php5 (main) "package php5-ldap 5.3.1-5ubuntu1 failed to install/upgrade: tentando sobrescrever '/usr/lib/php5/20090626+lfs/ldap.so', que tambÃ©m estÃ¡ no pacote libapache2-mod-php5 0:5.3.1-5ubuntu1" [Undecided,New] https://launchpad.net/bugs/549848
<nicodarious> evening all
<nicodarious> anyone on here that knows much about automated backups by chance?
<nicodarious> been trying to set up a dual hdd system for my parents.  I'm having a bit of trouble trying to set up a backup system while trying to keep it simple for them (since I won't be there for tech support).  Been trying to work with dd, rsync, and such, but I can't find an easy way to set up an automated backup to the secondary drive.  Anyone have some ideas?
<sherr> nicodarious: You've installed ubuntu-server for your parents? :-)
<nicodarious> no, it's only the desktop version.
<nicodarious> but I am sure that I can install the necessary programs in order to create a type of 'server' for them.
<sherr> OK, this is the server channel, so it's a bit off-topic. But what sort of problems have you had?
<nicodarious> I'm just trying to make a complete copy of one drive to another, then set the second into standby until the first drive fails.
<nicodarious> well, the reason why I came here is because this is a little more of setting up a server rather than a regular desktop.
<sherr> What about RAID-1 mirroring?
<nicodarious> well, thought of that, but I have had, in my time, noting but trouble with setting up RAID1.
<sherr> You can sort that out at install time.
<sherr> It's very smooth usually today.
<sherr> Alternatively - clonezilla can create disk images. Maybe that can be automated - but at least a "snapshot" of an install.
<nicodarious> not only that, but both drives would be used all the time.  I'm trying to conserve one drive as a 'storage' backup drive, so if the primary fails, the secondary has a complete system that was created by a cron job or something.
<sherr> If one drive fails ... sounds like your want RAID really :-)
<sherr> Anyway - alternatives :
<nicodarious> well, here's what I have run into so far.  I have tried using 'dd' to make an image of sda to sdb.  this works great... all except for one problem.  it also copies the uuid info
<sherr> clonezilla (image), rdisk-backup, backup-pc (gui), bacula (maybe too complex) ...
<sherr> Lots of options.
<sherr> Alternatively, a cronjob that does an rsync at 04:00 hrs
<nicodarious> at boot time, grub gets confused sometimes and / might be sda /boot may be sdb and /home may be sdb.....  sometimes, it's all confusing.  what I am thinking is if there's some way to inplement into my cron job for dd, some way to change the uuids on sdb partitions?
<sherr> nicodarious: grub gets confused? Use labels or UUID's for grub and fstab ... grub should never be getting confused nowadays.
<sherr> What OS/version are you talking about?
<nicodarious> sherr, that's what i though also. but with sdb and sda having the 'exact' same info, including uuids, it's kinda interesting.
<nicodarious> sherr, i'm trying to set up Ubuntu 9.10.
<nicodarious> tried arch (since that's what i personally run on all my machines, but the problem was even worse)
<sherr> If you want to have this sort of redundancy, use RAID-1. Else - clone a snapshot after install (perhaps).
<sherr> Then forget aboyt sda,sdb,uuids etc. just rsync form 1 or more filesystems (/,/home etc) to the backup (/mnt/backupdisk)
<sherr> Anyway, this is #ubuntu-server, so off-topic ... and I'm off to bed :-)
<sherr> Good luck
<nicodarious> hmm...  ok, thanks, but I thought this might be right up this channels ally.  thanks anyway.
<Trek> got a question, how can I view a history of connections and commands issued through ssh?
#ubuntu-server 2010-03-28
<RoyK^> anyone that knows how to make landscape make temperature monitoring work?
<RoyK^> afaik it uses acpi
<RoyK^> lmsensors reports temp ok, but not acpi
<Nick386> hi
<shennyg> I am trying to only install mysql on an ec2 instance (not a webserver) and I run this: "aptitude install -y mysql-server" then try to run "mysql -p" and it says I don't have it installed.
<shennyg> this is w/ 9.10
<uvirtbot`> New bug: #550022 in samba (main) "package samba-common-bin 2:3.4.0-3ubuntu5.6 failed to install/upgrade: subprocess installed post-installation script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/550022
<Chandler243>  I am trying to install ubuntu server 9.10 to an unformatted external harddrive using a live cd, I keep having issues getting past the first reboot after install. Can anyone help?
<JanC> Chandler243: I suppose disks are enumerated differently or something like that, and because of that grub not finding what it needs (looking on the wrong disk)
<Chandler243> JanC: thank you, does that mean a new install should be preformed?
<JanC> a new install might give the same results
<JanC> I'd suggest not installing on external media
<JanC> ;)
<Chandler243> Ok, thank you!
<JanC> or maybe fix grub
<JanC> but that requires some knowledge about how it works
<Chandler243> I was almost thinking about trying lilo, I know how to fix grub from past experience, But if it didnt install all the components, that wouldnt help much
<MTeck-ricer> how do I create a volume in lvm that takes up 100% of the remaining space?
<RoAkSoAx> hggdh, ping
<MTeck-ricer> I tried lvcreate -l%FREE -nhome sys
<Rafael_> how can a make copies of windwos client folder into ubuntu server
<JamesHarrison> Hi, my ubuntu server machine appears to have autoeuthanized by way of a very odd bug of some sort, I'm fairly sure. Clean shutdown, 500GB RAID1, moved it between two houses and booted it, box now throws a kernel panic on boot with "Error parsing configuration: No such file or directory" and "Kernel panic - not syncing: Attempted to kill init!"
<JamesHarrison> It was throwing ReiserFS issues up, I've since gone in and fsck'd to fix those
<JamesHarrison> (through recovery console on a 9.10 iso; the box itself is 9.04)
<JamesHarrison> Just looking for ways to get the thing back on it's feet again given that there doesn't seem to be a hardware fault and the disk seems fine
<ScottK> All the cables fully plugged in?
<JanC> what "configuration"?
<JamesHarrison> ScottK: Yeah, I've not cracked it open to look but the RAID config on the BIOS reports all is well, and I can see data on the drive just fine from the recovery CD
<JamesHarrison> JanC: Not a clue, that's all the message says.
<ScottK> First thing I would do if a computer failed after moving it is make sure all the cables are well seated.
<JamesHarrison> ScottK: The cables are seated fine because I can see data going across them just fine :) I'll have a quick poke but given they're all locking connectors I think it's extremely unlikely there's a fault
<ScottK> JamesHarrison: You're probably right, but I always check it anyway.
<JamesHarrison> ScottK: Yeah, I know the sentiment ;)
<JanC> JamesHarrison: I hope the reiserfs fix didn't move any grub files?
<JamesHarrison> JanC: Don't believe it did, no, was just the root volume, grub's all on /boot, yes?
<JanC> well, depends if /boot is its own partition  âº
<JamesHarrison> hm, should be. aside from the esoteric and probably misguided filesystem choice (this is just a development box I have under my desk, nothing vital) it's a standard setup, default partitioning
<JanC> default partitioning has /boot on the / partition
<JanC> well, except with the RAID maybe
<JamesHarrison> Well, RAID1, so really just one logical drive, but I'm not an expert at linux fs/partitioning stuff so I don't know if it handles it differently :)
<JamesHarrison> Grub seems to work okay, or at least the bootloader portion
<JamesHarrison> that said, doing 'ls /boot' in recovery console through the 9.10 iso wasn't showing any files, which it should have if it was on /
<JamesHarrison> Okay, poked around inside and the cables are all sound and secure
<JamesHarrison> nothing untoward in there, toasty as heck but that's what you get from a P4 in a pizzabox...
<uvirtbot`> New bug: #550050 in samba (main) "package winbind 2:3.4.0-3ubuntu5.6 failed to install/upgrade: le sous-processus script post-installation installÃ© a retournÃ© une erreur de sortie d'Ã©tat 127" [Undecided,New] https://launchpad.net/bugs/550050
<ChmEarl> uninstalled postfix, but the init script is still there. However, the top line is !#/bin sh -e. Does this turn off the script?
<ChmEarl>   #!/binsh -e
<ChmEarl>   #!/bin/sh -e
<ScottK> ChmEarl: If you want the init script removed, purge, don't remove.
<ChmEarl> yes, thats it!
<ChmEarl> dpkg -P <name>
<ScottK> apt-get purge <name> works too
<eekeek> zoneedit / DynamicDNS router settings working with the exception of - www.domain.com takes me to correct index.html file, but http://domain.com takes me to the router login page. Any idea what I'm missing?
<ScottK> What domain?
<eekeek> ScottK: what the actual domain is doesn't make a difference does it?
<ScottK> If I'm going to look up it's DNS records and see if they are right it does.
<handheldCar> Postfix is set up on my machine, but I don't think it can send mail through my service provider; so I installed Drupal's PHPMailer; but I don't think that can get through Postfix. Can anyone help? I might have to turn off Postfix. I had PHPMailer working on another machine before.
<ChmEarl> going to build the Xen pv_ops kernel, there are 176 lines in config for snd. If I running a server box with no X11, can I delete all those lines?
<ScottK> Generally I don't ask for useless information.
<ScottK> handheldCar: I don't think php-mailer is an MTA.  I'm pretty sure it needs one.
<eekeek> ScottK: www.nfotown.com
<ScottK> You can set up Postfix to relay mail through your service provider.
<ScottK> eekeek: They both resolve to the same IP address, so it appears your DNS is correct.
<handheldCar> ScottK: The PHPMailer module adds SMTP support by sending mail through a GMail account.
<ScottK> Ah.
<ScottK> OK.
<eekeek> Scottk: k
<handheldCar> setting up Postfix to relay mail through my service provider sounds better since Postfix is already configured.
 * handheldCar found something about a mail.cf file.
<handheldCar> might be a typo - main.cf
<ScottK> If you aren't familiar with Postfix, sudo dpkg-reconfigure postfix and then select internet with relay host as an option might be easier.
<handheldCar> ok
 * handheldCar thinks that was harder, probably broke it.
<ddecator_> hey all, noob question. i setup a server at home so i can use irssi and screen, used "ssh user@ip" to connect before, but now that i'm at school (and thus on a different network) i'm wondering how i can connect to the server?
<sherr> ddecator_: if your server has a public IP address, no problem. If nehind a firewall/router, you will need to forward the SSH port to it.
<ddecator_> sherr: so i just have to forward the port to the modem it's wirelessly connected to? that's not hard, but i'm nowhere near home, haha
<sherr> yes, that sounds right. make sure you a) use SSH keys or b) choose very strong passwords. You will get cracking attempts. Might be worth moving SSH to a different port.
<ddecator_> i'm using ssh keys, but i'll also create a new password when i set it up and change the port. thanks for the help =)
<handheldCar> I actually made a little progress I think because the mail that's supposed to show up in an inbox is showing up in Webmin. I've been trying to get it out but no success.
<RoyK^> Anyone that knows how to make landscape make temperature monitoring work? afaik it uses acpi. lmsensors reports temp ok, but not acpi
<dnivra> can someone tell me where I can the package libapache2-mod-wsgi for jaunty? I want to install it on a server that doesn't have internet connection now. where can  I find the deb package for this?
<Callum__> dnivra: http://packages.ubuntu.com/
<dnivra> Callum__, I've searched there but couldn't find it there. am searching again. if you do know where it is there, please do tell me.
<Callum__> dnivra: could you download it using the package manager? If so, it is there
<dnivra> Callum__, I'm using karmic but the server's running jaunty. plus the server doesn't have internet connection either.
<ChmEarl> when runlevels are need for udev service?
<ChmEarl> what runlevels are needed for udev service?
<Callum__> ChmEarl: udev should be running on all runlevels
<ChmEarl> I have 2-5 , is that ok?
<Callum__> ChmEarl: Ubuntu only uses runlevels 0, 1, 2 and 6
<ChmEarl> all is 0-6
<ChmEarl> k
<ChmEarl> this is karmic server with no x11
<ChmEarl> I need udev for Xen
<Callum__> ChmEarl: udev should be installed by default and starting in runlevels 1 and 2
<RoyK^> I don't think I've ever seen ubuntu without udev
<Callum__> RoyK^: maybe older versions might have... old versions of Debian didn't require udev to be installed IIRC
<RoyK^> yeah, but even debian uses udev now
<RoyK^> and the ubuntu 8.04 we use on our servers, definetely use udev
<RoyK^> just apt-get install xen :P
<uvirtbot`> New bug: #550138 in php5 (main) "package php5-ldap 5.3.2-1ubuntu2 failed to install/upgrade: trying to overwrite '/usr/lib/php5/20090626+lfs/ldap.so', which is also in package libapache2-mod-php5 0:5.3.1-5ubuntu2" [Undecided,New] https://launchpad.net/bugs/550138
<RoyK^> any idea how to tell cron to run a job every fortnight? I can't find that in the manual...
<lenios> RoyK, "* 12 10-16/4 * * root backup.sh" is an example that runs every 4 days
<lenios> my paste may be wrong actually, but it's the /4
<lenios> * 23 * * */4 root backup.sh
<uvirtbot`> New bug: #550201 in samba (main) "package samba 2:3.4.0-3ubuntu5.6 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/550201
<resno> i am thinking about setting a asterick server for my house. i see many guides, is this somehting i shsould contiune with?
<RoyK^> lenios: thanks - works like a dream except on opensolaris where this job was to be run :P
<Sripa> Hi all
<Sripa> I got a prob with setting up UEC on my home network
<Sripa> Where when i ssh my running karmic instance, I get the error : connect to host 192.168.10.104 port 22: Connection refused
<Sripa> Any idea where am I making a mistake ?
<Sripa> I am a student and an absolute newbie..so please bear with me if my questions sound silly at times..
<Sripa> Anyone to help ?
<Sripa> I get the error : connect to host 192.168.10.104 port 22: Connection refused
<Sripa> Anyone can help, please  ?
<alex_joni> Sripa: sounds like you don't have an ssh server installed
<alex_joni> sudo apt-get install openssh-server
<alex_joni> if that's not the exact name, you can find it using apt-cache search ssh | grep server
<Sripa> oh ok, lemme check
<Sripa> I can logon to my NC using ssh
<Sripa> Now tht should prove that my ssh is working right
<Sripa> I guess my ssh is working fine
<Sripa> wat else might be the problem ?
<RoyK^> anyone that knows how I can make acpi temperature monitoring work?
<sherr> RoyK^: ACPI can be a real pain to get working (my home PC doesn't work with it enabled at all). Maybe Lucid will work better (newer kernel). Or it might be nothing to do with kernel ... maybe BIOS? Who knows ...
<incorrect> i wish i could think of a way to create multiple virtual ethernet cards so i can assign multiple dhcp clients with different mac addresses
<RoyK^> sherr: acpi works well, but I can't get temperature output from it, so landscape can't monitor that
<RoyK^> incorrect: did you try assigning different mac addresses to eth0:1 and so on?
<incorrect> yes
<incorrect> it only pics up the mac for the base
<uvirtbot`> New bug: #550278 in php5 (main) "php5-dev is missing a dependency on libpcre3-dev" [Undecided,New] https://launchpad.net/bugs/550278
<mrlemao> What is the best way to convert an ext3 root volume into a XFS?
<sherr> mrlemao: As far as I know, you will have to copy data off, mkfs.xfs, copy data back. Why do you want to?
<mrlemao> I need consistent snapshots in a Ubuntu Karmic EC2 instance with mysql and my starting point is the EBS image ami-7d43ae14 provided by alestic. The problem is that this image is ext3 and the consistent-snapshot assumes XFS.
<mrlemao> sherr: consistent-snapshot == ec2-consistent-snapshot (http://alestic.com/2009/09/ec2-consistent-snapshot)
<sherr> mrlemao: Ah, xfs_freeze ... anyway, no conversion really. A wipe, create and restore.
<mrlemao> sherr: Are you saying that due to xfs_freeze used in the snapshotting script a conversion wont do and I need to create the XFS from scratch?
<sherr> mrlemao: I don't know how to convert ext3 to XFS. They are completely different filesystems. I don't think you can "convert" one to another.
<sherr> My comment on "xfs_freeze" was just interest in this mechanism - probably the whole reason they are using XFS in the first place. XFS has some useful features.
<mrlemao> sherr: I see. Yes, that is the case. freezing the fs garantees that multiple files will remain consistent when backing up the volume. The script has additional provisions for locking the db and flushing to disk etc
<handheldCar> This makes sense to me, too. I would also try to backup my config files in /etc, mkfs and then put my configurations back in their places. This is in addition to SQL tables and whatnot.
<gbear14275> ran into an error (probably my fault) but thought I would see if anyone has seen it before.  Upgraded my server and may have installed grub to the wrong disk (although thought I picked the right one).  Ran into a grub rescue> prompt and have been following a rescue walkthrough.  on the insmod /grub/linux.mod step though I run into the following error, " error message: 'grub_puts_' not found"  Following steps here:  h
<arrrghhh> does anyone use rtorrent on their ubuntu server?  i'm having trouble with the startup script.  if i run rtorrent manually, it's fine... but the init.d script, not so much.  I just downloaded a fresh one from their website, put my username in and it's still failing...
<sherr> arrrghhh: what error do you see?
<arrrghhh> well that's the odd thing, i don't see any error.  even in the rtorrentInit log.
<arrrghhh> hrm... i just tried using the sh script
<arrrghhh> instead of the bash script
<arrrghhh> and it seems to be workin now... i don't get it.  same output, but rtorrent actually runs this time.
<handheldCar> Let's put it on a wiki
<sherr> Some scripts use /bin/sh and expect "bash" - not necessarily true. Causes problems.
<RoyK^> sherr: heh - that's stupid :)
<Sripa> Hi all
<Sripa> Is there anyway I can access my virtual instance running on my nc from command line
<Sripa> I mean, will I be able to mount it and access its inner data
<Sripa> ?
<Sripa> Im using UEC
<arrrghhh> sherr, thanks.  not sure what it was, the tops of the script were correct for which was bash and which was sh... meh.  like their site said, the sh script is more compatible.  not sure what i'm missing in "features" compared to the bash script, but oh well.
<sherr> Sripa: yes, run an SSH server and connect that way. You should also have conmsole access (or VNC perhaps).
<Sripa> sherr: I am unable to connect to the instance using ssh, it says connection refused
<Sripa> That is why I am asking if I can access the virtual instance running on nc, frm nc..is there any such possibility to do it ?
<MTeck-ricer> how do I grow an ext4 fs to fill the remaining space?
<handheldCar> isn't that unfortunately impossible?
<Sripa> What does this indicate ? http://img690.imageshack.us/img690/5971/dsc04624o.jpg
<Sripa> What might be the problem  ? sry im a newbie
<handheldCar> Did you change your configuration files?
<Sripa> I created a key using ssh-keygen
<Sripa> Shoudn't I do it ?
<handheldCar> hmm, I never do that. I just ssh in.
<Sripa> ok
<Sripa> I created a keypair using euca-add-keypair mykey > mykey.priv
<Sripa> And the run the instance using mykey
<RoyK^> handheldCar: the host keys should be generated automatically. ssh-keygen makes user keys by default
<Sripa> And ssh -vi mykey.priv ubuntu@IP
<Sripa> RoyK: But when I saw the contents of both the keys, they were the same
<RoyK^> just make the key and it'll be stored under $HOME/.ssh and used automatically
<Sripa> Now does that make a difference ?
<Sripa> I have an id_dsa key in ~.ssh directory
<Sripa> And it is different from mykey.priv that I have generated
<Sripa> ssh -vi mykey.priv ubuntu@IP gives http://img690.imageshack.us/img690/5971/dsc04624o.jpg
<Sripa> what should I be doing? any ideas ?
<handheldCar> Sripa: Don't generate user keys?
<Sripa> handleCar: I didnt get your point
<handheldCar> I'm not familiar w/ the server side of ssh. What's the necessity of generating them?
<Sripa> They authenticate the client to the host
<Sripa> correct me if I am wrong
<handheldCar> Personally, I don't do this on my server. I log in from my desktop or a remote desktop at school. I don't limit myself to one or two computers that I authenticate with keys, but that's not necessarily a safe idea. I'm still new too.
<uvirtbot> New bug: #550409 in libvirt (main) "Slow disk IO for all guests with all disc modes and types." [Undecided,New] https://launchpad.net/bugs/550409
<sherr> Sripa: are you using a guide? Can you post a link?
<RoyK^> handheldCar: it's a bad idea to just use keys imho
<RoyK^> using fail2ban or something to stop probes is better
<sherr> RoyK^: It's a debatable point. But maybe UEC requires keys? Some applications do.
<guntbert> RoyK^: why do say that using "just keys" is a bad idea?
<RoyK^> requiring all users to use keys is a bad idea if you have 500 of them on various platforms
<guntbert> RoyK^: agreed
<dinger1986> does anyone here use any server monitoring systems?
<sherr> dinger1986: I have a very old and crusty MRTG at work, and played with munin at home.
<sherr> + cacti
<dinger1986> sherr: do you know if it will monitor servers which are external?
<nimrod10> is there a way to increase a linux partition without rebooting the system ? the partition has ext3 on top.
<sherr> You mean servers that are not running the monitoring software? I have used MRTG to do a "ping" test to an external server - but that's all.
<sherr> nimrod10: Yes, most filesystems require you to unmount them before resizing. I believe XFS does a resize online mounted though. Depends what partition.
<dinger1986> ah dont wanna just do a ping test, want to be able to see which services are running or not
<ChmEarl> anyone running Xen4/pv_ops kernel on karmic 9.10? getting failed hotplug scripts when starting a domU
<sherr> dinger1986: I think many/most are extensible - write your own plugin/scripts to do a test
<dinger1986> ok fair enough
<sherr> I wrote the "ping" test - nagios does this as well I think.
<sherr> ChmEarl: I have started playing with Xen this week - but on Debian Lenny. It looks like it is supported better (more easily).
<sherr> I am quite impressed with it so far. It seems quick. A bit of a pain to figure out how to do some things though ... still learning :-)
<ChmEarl> sherr,  did you use all defaults in xend-config.sxp? did you have a br0 before using Xen?
<sherr> YEs, I have not touched that file. The networking was all default and "magic" (created "eth0" as a bridge now). All just apt-get install ...
<sherr> My pain was installing guests (Squeeze via d-i, Centos5)
<nimrod10> sherr, so without rebooting if I unmount the partition, resize the part, resize the filesystem  and mount back that should do it ?
<sherr> Some (possibly) useful guide material, including Ubuntu here : http://bderzhavets.wordpress.com/
<sherr> ChmEarl: ^^ Xen
<sherr> nimrod10: yes
<nimrod10> thanks sherr I'll give it a go
<sherr> nimrod10: no guarantees here though - know what you are doing but have backups!
<nimrod10> yes I'll back things up before
<sherr> See (for ext2/3 maybe 4) : man resize2fs
<ChmEarl> sherr, I susbscribe to xen-users mailing list where Boris is guru
<ChmEarl> sherr, the ##xen people are telling me to avoid karmic and try fedora 12.. ugh
<sherr> ChmEarl: Go Debian Lenny. Seems stable and working + next release has support as well.
<sherr> My knowledge is slight so far though. So far so good though ...
<sherr> The thing is - there are too many machines without h/w virt - and want to put them to use. Xen is ideal.
<sherr> ChmEarl: what kernel are you using as a domU? Did you build it yourself?
<uvirtbot> New bug: #550458 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.6 failed to install/upgrade: subprocess installed post-installation script returned error exit status 135" [Undecided,New] https://launchpad.net/bugs/550458
<codilechasseur> Anyone have any opinions on apache and which version would be best for a dev server?
<codilechasseur> prefork or threaded
<RoyK^> sherr: there's a -virtual for domU
<codilechasseur> or whateber else
<RoyK^> depends on what you need, really
<RoyK^> prefork is stable and works with php and the flock
<RoyK^> threaded is also stable, but mostly for high-traffic servers
<RoyK^> and bad php support
<RoyK^> that's php's fault, but still
<codilechasseur> ok, so prefork i think  then
<codilechasseur> i just need to get it tuned i guess
<RoyK^> prefork works well
<RoyK^> for a dev server?
<codilechasseur> it's always seemed a little slower than
<RoyK^> probably no tuning needed
<RoyK^> prefork is slower on high traffic
<codilechasseur> it'll be maybe 10 people developing drupal sites
<RoyK^> you won't notice that on a dev server
<RoyK^> just use prefork
<codilechasseur> apache2-mpm-prefork?
<codilechasseur> is that the package
<RoyK^> yeah
<codilechasseur> sweet. i'm actually just trying to get a script together that'll install everything we need for dev
<RoyK^> most of the stuff is ready in the packages
<codilechasseur> do i need to specify mysql-server-5.1 or does just mysql-server suffice?
<RoyK^> it'll suffce
<RoyK^> suffice
<RoyK^> depending on version, you might get an older mysql than 5.1, so if you need just that, specify it
<codilechasseur> don't think it matters, as long as it's 5 which i'm pretty sure it is
<codilechasseur> libmysqlclient15-dev?
<RoyK^> that's the mysql5 client
<codilechasseur> what about mysql-client?
<handheldCar> I got mysql 5.0 and 5.1
<RoyK^> codilechasseur: it'll follow
<RoyK^> codilechasseur: and you won't need it much if it's just a server, just the libs
<codilechasseur> which one won't i need?
<codilechasseur> the -dev package?
<RoyK^> -dev is only needed if you want to compile something that links to it
<RoyK^> the client installs automatically with the server
<codilechasseur> ok, so all i really need for a server is mysql-server
<codilechasseur> and i get the corresponding client for free
<RoyK^> afaik yes
<codilechasseur> nice, thanks RoyK^
<handheldCar> if not just apt-get install mysql-server mysql-client
<ChmEarl> xen: hotplug script errors starting a domU on karmic 9.10 http://paste.ubuntu.com/404454/
<osmosis> how can I open a terminal to connect to   /dev/pts/7  ?
<JamesHarrison> If I need to resize a reiserfs filesystem inside a LVM from 500gb down to 150gb, reiserfs_resize should be all I need, right?
<JamesHarrison> "reiserfs_resize -s 150G /dev/mapper/daedalus"
#ubuntu-server 2011-03-21
<Theravadan> only shows 2011-03-20T23:59:41+0000
<Theravadan> which ami should i use here: http://uec-images.ubuntu.com/maverick/current/
<pnunn> We are using ami-22423c70 on a huge machine quite happily.
<Theravadan> i need a 64 bit ebs, not sure if it really matters which one i choose
<Theravadan> nice
<Theravadan> Client.InvalidAMIID.NotFound: The AMI ID 'ami-22423c70' does not exist
<pnunn> OK... that's odd, I got that ID straight off my EC2 panel.  Ahh.. its in ap-southeast-1b that's probably why, are you using US?
<Theravadan> pnunn: i will use any region, whatever works... i 'm in the US
<pnunn> OK.. well, that ami is in the southeast zone.
<pnunn> We are running it in an m2.4xlarge
<Theravadan> ec2-describe-availability-zones on ly shows us-east-1 so i guess i cant put anything there
<Theravadan> nice, so it is possible... hmm
<pnunn> Change your region to Asia Pacific (Singap.).
<pnunn> But... there should be workable instances in US regions too.
<Theravadan> i'd prefer the US
<Theravadan> oh southeast = southeast asia, thought you meant southeast US
<pnunn> When I was setting this one up, I just looked for EC2 instances that were pretty recent.
<Theravadan> just tried the ami i-9ce227f3 from http://uec-images.ubuntu.com/releases/10.04/release/ ... terminated and no console output.
<Theravadan> lemme try from the gui
<Theravadan> pnunn, u using ebs?
<pnunn> Theravadan: Yep.
<Theravadan> pnunn, how is that going? reddit.com seems to be down because of ebs
<Theravadan> i am just going to run m2.4xlarge and put the db in memory so it doesnt use I/O.
<pnunn> Theravadan, pretty much what were doing.  The reason were on Huge is so we can put our db into a ramdisk.
<Theravadan> pnunn, do any load balancing? Not sure if a need a static id for each of the servers in rotation, hope not
<Theravadan> err static ip
<Theravadan> ok i created the machine via the gui and that worked
<pnunn> Good stuff...
<Theravadan> pnunn, gonna create a 500gb ebs and mount it, never done this, any tips?
<Theravadan> i'll create it via the gui first, gui seems to be better than cmd line
<pnunn> Theravadan, I've only ever used the gui to this point.. it seems to work well.
<Theravadan> pnunn, last time i used ec2 was 2 years ago and there was no gui so i'm used to the cmd line but.. gui seems to be easier to use
<pnunn> Theravadan, yeh, its come a long way.
<Theravadan> anyone have success with the new cluster instances? seems to be kinda beta from the feedback i see via google searches
<pteague> downloaded & burned the iso... booted it up & i get "1. \n 2. \n Select CD-ROM Boot Type : _"  ... uh, ok?
<pmatulis> pteague: do you have a question?
<pteague> was wondering which to do... apparently 2 skips the cd/dvd so must be an odd bios issue even though i've set up the bios to boot correctly off the cd/dvd
<Theravadan> if I create an ami from an existing ebs instance via the gui, it takes a snapshot, so when i create the new instance from the created ami, will it also have a totally new ebs volume?
<sako> hey guys any way to get the numeric permission value of a file? such as 440 or 755?
<twb> sako: stat
<twb> stat -c %a foo
<sako> thanks!
<sako> i want to make a good ubuntu desktop/server anyone build a computer recently can give me some advice? :)
<sako> was looking at either i5 or i7
<sako> not sure if i _really_ need an i7...
<twb> sako: those are just marketing names
<twb> i5 is marketed at home/desktop, i7 at business/server
<twb> But you should be looking at the actual specs
<sako> yea
<twb> Most businesses won't care about paying an extra $80 for an i7-flavoured system
<twb> Check with your management
<twb> Ugh, aptitude is so slow on embedded hw
<\sh> moins
<jamespage> good morning
<laen> Mooooorning
<kim0> Hi folks .. What's the root password for lxc container
<soren> kim0: How did you set it up?
<kim0> soren: sudo lxc-create -n lxc1 -f lxc.conf -t natty ?
<kim0> lxc.conf is just networking stuff
<soren> kim0: "root", it seems.
<kim0> soren: thanks :)
<soren> kim0: Sure :)
<uvirtbot> New bug: #739297 in nmap (main) "Please update nmap: stable upstream version is 5.51" [Undecided,New] https://launchpad.net/bugs/739297
<uvirtbot> New bug: #738968 in samba (main) "Can't See Parts of DFS CIFS Share" [Undecided,New] https://launchpad.net/bugs/738968
<pmatulis> anyone have problems with tftpd-hpa on lucid after recent kernel upgrade?
<patdk-wk> pmatulis, nope, but I haven't used a tftp client yet
<patdk-wk> I can't imagine the kernel upgrade could have any effect at all on it
<zul> morning
<teddymills> cat /proc/sys/fs/file-nr   < --why is file descriptors alwayz zero ? is that okay ?
<patdk-wk> dunno, kind of hard for me to see that file on your system from over here
<RoAkSoAx> morning all
<SuperRoach> Hello there. I have a general question - I'm running 8.04 on a rented vps. I've asked about doing an upgrade to 10.04 which appears dooable in the community guide, however they say they can only do 9.04, and require a complete recreation of the vm. Could you think of why they would go against doing an inplace update?
<patdk-wk> because it's a vps
<patdk-wk> and I wouldn't use 9.04, it hasn't been supported for awhile, and will get no security updates
<patdk-wk> updates for 9.10 will end next month also
<patdk-wk> so options are 8.04 or 10.04
<_ruben> or 6.06 ;)
<patdk-wk> doubt he wants to downgrade :)
<SuperRoach> _ruben, heh i noticed that in the list too (6.06)
<jdstrand> 6.06 runs out in june
<jdstrand> I know it was a joke, but I don't want there to be *any* confusion :)
<SuperRoach> patdk-wk, I understand. I didn't understand why I could only be offered 9.04 though... It seems the guide isn't relevant for a  vps?
<patdk-wk> nothing is relevent for a vps
<Pici> o.O
<SuperRoach> aw :(
<Pici> Sure it is.  It just depends whether you're planning on using the OS images provided by your provider or upgrading yourself.
<patdk-wk> I would imagine it would be pretty easy to break the vps doing an upgrade
<SuperRoach> pici - preferbly I was preferring to do an inplace upgrade if possible
<Pici> SuperRoach: I've had no issues upgrading this VPS from 8.04 to 10.10, one release at a time as they came out.  Then again, this isn't being used for anything critical, just my personal stuff.
<Pici> (linode)
<patdk-wk> I only have one vps, and hate it, they are doing 10.04 ontop of centos5
<SuperRoach> The lack of grub made me weary of attempting it for starters though
<patdk-wk> kernel is so broken :(
<SuperRoach> pici - yeah just personal stuff here too
<SuperRoach> You've mentioned that you done one release at a time. I take it you mean 8.04 -> 9.04 -> 10.04 on your vps?
<patdk-wk> that is two releases
<patdk-wk> 8.04 -> 8.10 -> 9.04 -> 9.10 -> 10.04 ....
<SuperRoach> ahh, so not just the lts, got it.
<patdk-wk> 9.04 is not lts
<Pici> "not just the lts"
<SuperRoach> pici - yeah, the .10's ?
<Pici> Or maybe it was 8.10 first.  Anyway, I started paying for it in late 2008, and as each release has come out I've upgraded.
<SuperRoach> Ok. And you had no problems in your experience with your vps? Did you need to modify your boot parameters with each inplace update
<Pici> SuperRoach: No. I didn't touch them.
<Pici> There have been some configuration file changes across upgrades, but nothing unexpected.
<SuperRoach> That's good to know
<zul> SpamapS: you up yet?
<SuperRoach> patdk-wk, you mentioned nothing is relevant for a vps before - is that because of a vendor thing, or because of vps - actual installation difference?
<patdk-wk> well, it all depends on the vps
<patdk-wk> there are atleast 3 different versions they like to use
<patdk-wk> and each one works differently
<patdk-wk> I atleast have never seen a ubuntu vps upgrade manual, they are all for bare hardware
<patdk-wk> so they aren't really relevent
<SuperRoach> I see. Would knowing the vps version help? I'm aware it is Xen.
<patdk-wk> are you sure it's xen? generally vps's don't use xen
<patdk-wk> normally openvz
<patdk-wk> if it's xen, it can be considered a vm
<patdk-wk> and upgrades are ok
<SuperRoach> Just got an email confirming... yeah I thought it was openvz too... Xen, and thats the reason for 9.04 it seems... they don't support 10.04.
<patdk-wk> the only issue you will have is, when using 10.04 or higher, you need to use an ec2 kernel
<patdk-wk> and you will loose console output doing that
<SuperRoach> Eek.
<patdk-wk> I have two I run like that
<patdk-wk> don't really need console
<SuperRoach> if you don't have console, how do you admin?
<patdk-wk> ssh
<patdk-wk> and hope it doesn't break :)
<SuperRoach> lol
<SuperRoach> was there a change that requires the need of ec2
<patdk-wk> ya, xen isn't supported :)
<SuperRoach> losing console sounds like one of the scariest things possibnle
<patdk-wk> ec2 is based on xen though
<patdk-wk> so instead of installed kernel-xen, you install kernel-ec2
<patdk-wk> and if you don't have grub
<patdk-wk> you probably don't have control over the kernel or ramdisk images
<patdk-wk> and therefor can't upgrade them anyways
<SuperRoach> ah, darn.
<orudie> while ubuntu server installation I get the following red screen "unable to set password for the mysql root user" , any idea  ?
<RoyK> can someone please test http://transport.nilu.no/products/fukushima and see if it works ok? the news hit .jp/.us and the server wasn't too happy about that...
<jkg> the page loads, are you after testing anything specific?
<patdk-wk> hmm, that is an old page
<uvirtbot> New bug: #739408 in mysql-dfsg-5.1 (main) "package libmysqlclient16 (not installed) failed to install/upgrade: trying to overwrite '/usr/lib/libmysqlclient.so.16.0.0', which is also in package mysql-cluster-client-5.1 0:7.0.9-1ubuntu7" [Undecided,New] https://launchpad.net/bugs/739408
<raubvogel> mysql question: should I have a file somewhere in /etc/mysql/conf.d/ with my local settings, which then will outrank my.cnf, or is it ok to edit my.cnf?
<pmatulis> Caribou: o/
<Caribou> Hello pmatulis
<Caribou> hmm. looks like grub2 will be a good friend of mine...
<hggdh> smoser, good morning, we need another hardy ec2 from proposed...
<smoser> hggdh, remember you don't so much need it
<smoser> because you can apt-get install kernel.. and reboot
<smoser> if you've launched with pv-grub aki
<hggdh> smoser, huh.
 * hggdh blushes, and hides
<Orfeous> hi! is it possible to make my samba-server like a domain controller? on my client computers on my lan i want to logon to a domain wich has all users and passwords etc centralized instead of using the local users accounts on the client computers.. is this the right channel for that question? im using ubuntu server 10.10
<uvirtbot> New bug: #739447 in puppet (main) "puppet-common: home directory `/var/lib/puppet' permissions issue" [Undecided,New] https://launchpad.net/bugs/739447
<kirkland> hallyn: fyi, spice question on ubuntu-server@ mailing list
<kirkland> hallyn: figured you'd be best equipped to answer that one
<hallyn> kirkland: actually kim0 might be as i've packaged it but he's used it :)  but thanks i'll take a look
<kim0> just replied
<hallyn> kirkland: this is the week that dev-zero should be updating his packages and taking some of my stuff into his, and then hopefully pushing into universe
<kirkland> kim0: rock
<hggdh> zul, can I use cempedak?
<kim0> hallyn: can I post another answer that it should be landing in universe soonish :)
<kim0> didn't know that
<hallyn> kim0: i don't have your response yet, but sure
<zul> hggdh: go ahead
<hggdh> zul, thank you, destroying cempedak now
<zul> nooooo :)
<hggdh> heh
<plm> Hi all
<plm> How I configure in ssh for some users can't to do login?
<kim0> plm: any idea why they can't login ?
<Japje> kim0: i thought he was asking for a way to disable SSH for some users
<kim0> :s
<kim0> ah maybe indeed
<kim0> plm: check out AllowUsers and AllowGroups in sshd_config
<Japje> or change their shell to something like /bin/false :P
<plm> kim0: thanks
<kim0> Japje: that way they can't login locally either :)
<Theravadan> what's the bwhat's the best way to create an AMI from a running instance? I am about to create a bunch of instances, should I make them EBS instances so I can make an AMI from the first one easily and clone the rest?e
<uvirtbot> New bug: #739495 in openssh (main) "include in .ssh/config" [Undecided,New] https://launchpad.net/bugs/739495
<SpamapS> Theravadan: you might want to consider using configuration management rather than image management to make your systems repeatable.
<Orfeous> got some problem with PAM...
<Orfeous> my errors looks like this: http://pastebin.com/6rAFEBAr
<RoyK> Orfeous: erm ... that shouldn't happen. Take down the system in single and fsck the root
<RoyK> s/root/root dev/
<Orfeous> i cant understand why this has happened
<RoyK> Orfeous: really, it shouldn't
<Orfeous> maybe there was an upgrade of a package that did this
<RoyK> doubt it
<Orfeous> using "natty"
<RoyK> I guess a filesystem corruption
<RoyK> well, playing with alphas is like gasoline and matches... :)
<RoyK> what filesystem?
<RoyK> ext4?
<Orfeous> ext4 yes
<Aison> the harddrive of my test ubuntu server is failing, how can I copy the system to a new harddrive? what's the best way?
<Orfeous> RoyK: this pam issues is causing my imap-server not working propertly when i try to login.. :(
<RoyK> Orfeous: obviously
<RoyK> Orfeous: but I don't think it's a pam issue - those files really _should_ be there unless they have changed something major on natty
<Orfeous> RoyK: the files isnt in the specified directory..
<Orfeous> ive checked
<Orfeous> i reboot and i will see :)
<Orfeous> soon back
<Orfeous> the reboot did it :)
<Orfeous> PAM working again
<Orfeous> but the files isnt there anyway :D
<RoyK> they're there on my natty VM
<Orfeous> amd-64?
<RoyK> yep
<RoyK> lemme update to the latest...
<Orfeous> lemme?
<RoyK> let me
<RoyK> Orfeous: heh - just upgraded my natty install and that seems like it broke it
<Orfeous> yes, you see..
<RoyK> forgot to make a snapshot before it also - oh well - a test VM isn't much of a loss :P
<Orfeous> is it a bug or just a change? because pam is working without the files
<RoyK> probably a change
<Orfeous> when i rebooted
<RoyK> or somewhere in the middle of two changes :P
<Orfeous> hehe
 * RoyK wouldn't use an alpha for anything but testing
<jkg> I am trying to use trickle to rate-limit a file transfer over ssh (as in, tar ... | trickle -s -d 5 -u 10 ssh tar ...). without trickle it works great. with trickle the file transfer fails, and all I see is "Read from socket failed: Resource temporarily unavailable". Any ideas where I should be looking?
<jkg> this is on ... urgh, hardy, apparently.
<RoyK> jkg: rsync --bwlimit
<RoyK> rsync uses ssh for transport by default (since five years back or so) and does a better job than most
<jkg> I'm trying to remember why I ditched rsync in the first place
<RoyK> standard ops (that I use) are rsync -avP --bwlimit /path/to/somedata somehost:/new/path
<jkg> also ... you're telling me for *5 years* I've been typing "-e ssh" needlessly?
<jkg> oh well :)
<RoyK> yeah, waste of calories :)
<RoyK> rsync had some nasty bugs before v3
<RoyK> v3 works well
<jkg> part of me says "switch to this other tool" is the wrong answer when "why doesn't this tool work" is the question ... however "ditch the tool you've never encountered and go back to one you use daily" is, so I will :-)
 * RoAkSoAx starving... off to lunch
<Pici> rsync 3.0.4 is in Hardy's backports, but 2.6.9 is in its normal repos.
<a7ndrew> i'm not sure if this is helpful but if you use scp there is a -l switch
<a7ndrew> for rate limiting
<RoyK> Pici: rsync 3.0.7 is in lucid
<a7ndrew> i'd never heard of trickle :)
<Pici> RoyK: jkg stated he was using hardy.
<RoyK> k
<RoyK> ah
<RoyK> ok
<RoyK> sorry
<Pici> :)
<RoyK> then I'd use a backport
<jkg> yeah, for my sins. legacy machine, and all that.
<RoyK> rsync <v3 has some nasty issues
<Pici> Hardy is still supported.
<RoyK> perhaps they've backported the fixes, then
<Pici> rsync | 2.6.9-6ubuntu2 |         hardy | source, amd64, i386 VS rsync | 3.0.4-3ubuntu1~hardy1 | hardy-backports | source, amd64, i386
<RoyK> ok
<RoyK> we've moved (almost) all our servers to lucid
<jkg> so, backports ... it's been a while, and it was probably on Debian Etch, so, any pointers? :)
<jkg> sorry that's a dumb question, I'll STFW.
<RoyK> one 8.04 box still on - can't get g77 for lucid :P
<Pici> jkg: If you're just looking to upgrade rsync from backports, I'd uncomment the line in /etc/apt/sources.list , sudo apt-get update then sudo apt-get install rsync   (replace with aptitude if you prefer that).
<Pici> jkg: You *may* want to disable the repo after that though, as there were other packages backported that you may not necessarily want.
<jkg> ok, thanks
 * RoyK should go pack for the trip to the north - a bit sad to leave the spring now.... :P
<jkg> "rsync  version 3.0.4  protocol version 30" -- well that was less painful than I remember, and I didn't see the word "pinning" once ;)
<a7ndrew> jkg: scp -l should work, and it uses ssh for its transport
<Pici> I suppose there are other ways to enable backports safely using pinning, but that is complicated.
<jkg> can scp preserve timestamps/permissions though? (the original reason to use tar | ssh tar was to keep those)
<jkg> Pici: yeah, I think if the machine was ever going to go back into external-facing production I'd look deeper into the "right" solution, but for now, that worked great
<a7ndrew> man page says it can do timestamps and 'modes' with the -p option. I've never used that though
<RoyK> a7ndrew: any reason to use scp when rsync exists?
<jkg> a7ndrew: oh! I was looking for -a, as per cp/rsync. doh :-) but rsync -az will suffice
<RoyK> jkg: add a --partial (or -P if you want --progress too) so that if you're rsync'ing large files, they can be resumed if interrupted
<a7ndrew> well, i could be wrong about this, but i find rsync sometimes spins its wheels a lot before doing anything, and uses a bunch of memory. I guess I only uses rsync for those cases where some of what i want to copy is on the other side.
<a7ndrew> typing that out, those seem like sketchy reasons :P
<jkg> RoyK: this is for an unattended process run out of cron, so I'll keep it quiet, but thanks for -P (combining those options is what I usually want and don't bother to do)
<RoyK> a7ndrew: rsync may use rather large amounts of memory (or at least in earlier versions) for the initial index process - no idea if that still is a case for v3 - don't think so
<RoyK> jkg: for an unattended process, you surely don't want -P :P
<RoyK> no reason to get emails that size :Ã¾
<jkg> indeedy
<jkg> given this process is going to run every minute (but look for, create and destroy a lock file, so not really every minute), I *really* don't want those emails
<a7ndrew> I used to rsync stuff to and from a ARM-powered NAS box at home, very slow process. In fairness though it was probably the processor struggling with the encryption as much as the memory issue.
<a7ndrew> I'm on the mailing list for backuppc and there are regular complaints there about rsync for the memory issue, but that's moving whole disks around
<jkg> woo, all working. thanks folks.
<jkg> oh, spoke too soon. it failed on one file :-/
<jkg> http://paste.ubuntu.com/583487/
<jkg> (a typical file is /srv/data/documents/queue/test.add/$timestampTIFF001.XSM/blah.tif)
<emindmedia> Hi everyone. I am getting ready to setup a new webserver, Does anyone know if ill have trouble with ubuntu on a poweredge 1650 / raid 5
<ScottK> emindmedia: I think you shouldn't.  Of course no one can say for sure in advance if you will.
<emindmedia> ScottK: I was just preparing to follow the guide step by step. I figured I would check, thank you.
<jkg> emindmedia: it might be worth checking the list on http://www.ubuntu.com/certification/make/Dell/servers -- if you want a 'sure thing', pick from that list.
<jkg> that said I wouldn't expect a problem with any kit that wasn't really quite weird :-)
<emindmedia> JKG: Thank you, unfortunately I'm stuck setting this up on servers we own before I can justify the CAPEX to buy certified equipment.
<emindmedia> jkg: Thanks, I'm sure it will go smoothly. Or hopefully. :-)
 * jkg finds and fixes the stupid bug in his rsync invocation
<jkg> hrm, no. rsync is failing right at the end of transferring each file, when it comes to rename the file
<jkg> (I fixed the path-doubling-up thing, but it still breaks in the same way)
<uvirtbot> New bug: #739694 in cloud-init (main) "KeyError: 'handler'" [Undecided,New] https://launchpad.net/bugs/739694
<jkg> ok, throwing away rsync and picking up scp. wonder hwo long until I'm back trying to get trickle working ;)
<RoyK> jkg: why did you ditch rsync?
<jkg> at the end of transferring any file of significant size, the rename it does was failing. I tried with/without --delayed-updates, got the same errors.
<jkg> (glad I tested it with real files, I had just been creating a directory structure with mkdir/touch!)
<jkg> oddly, scp has worked perfectly, except that it failed to set the timestamp on one particular file, claiming it didn't exist
<gtaylor_laptop> Anyone else notice that Ubuntu EC2 instances take -forever- to restart? Or get stuck and don't restart until you restart them a second time through the EC2 management console?
<jkg> gaibdube
<jkg> GAHA
<jkg> wrong terminal
<jkg> uh, nobody saw that, right, I don't need to change any passwords...
<guntbert> jkg: of course not
<jkg> (also: when will GNOME implement focus-follows-eyes?)
<guntbert> and the logs wil just show *****
<jkg> the blessing is that I only use it in 3 places, for relatively unimportant accounts...
<jkg> ... make that used. whew.
<hallyn> does anyone here use the open-vm-tools?  The community documentation doesn't say anything about the kernel modules in open-vm-dkms.  Are they actually required on the host for the vm-tools in the guest to work?  (i'd assumed so)
<RoAkSoAx> SpamapS: ping
<Theravadan> i want to add swap to my ec2 ebs instance, i'd prefer to put it on local disk, is that an option? using ebs for swap seems wrong
<soren> hallyn: I don't believe they're needed on the host at all, no.
<SpamapS> RoAkSoAx: pong, sup?
<RoAkSoAx> SpamapS: quick question about mysql. I'm doing this: mysql_install_db --datadir=/mnt/export
<RoAkSoAx> SpamapS: that installs a mysql dir under /mnt/export (/mnt/export/mysql)
<hallyn> soren: interesting, thanks.  so they're for the guest?
<RoAkSoAx> SpamapS: now, when running the daemon, should I sue /mnt/export or /mnt/export/mysql as datadir?
<guntbert> RoAkSoAx: don't sue your system  - sorry, couldn't resist :-))
<SpamapS> RoAkSoAx: /mnt/export
<soren> hallyn: Yes.
<soren> hallyn: They're their paravirt drivers.
<soren> hallyn: ...and such.
<hallyn> good then i don't need to worry as much about ltp crashing with them installed
<soren> hallyn: There's a special driver for the emulated nic, there's a driver for a host-guest shared fileystem... err... and some toher stuff.
<soren> hallyn: I forget. It's been a number of years by now :)
<hallyn> one custom-designed to screw up xfs?  :)
<hallyn> soren: thanks.
<RoAkSoAx> SpamapS: I get this though:
<RoAkSoAx> Mar 21 21:57:36 natty1 mysqld_safe: Starting mysqld daemon with databases from /mnt/nfsexport
<soren> hallyn: Sure thing.
<RoAkSoAx> Mar 21 21:57:41 natty1 mysqld_safe: mysqld from pid file /var/run/mysqld/mysql1.pid ended
<SpamapS> RoAkSoAx: looking at /var/log/mysql/mysql.err?
<RoAkSoAx> SpamapS: for some reason the port is still open even though mysql is stopped
<soren> *blink*
<SpamapS> RoAkSoAx: lsof -n -p | grep 3306
<SpamapS> err
<SpamapS> netstat -tnlp | grep 3306
<SpamapS> mixed two commands there
<RoAkSoAx> SpamapS: will ping you later. Split brain in my cluster :)
<storrgie> Is it possible to use a PERC 5 as an HBA instead of as a hardware controller?
<pyrophelia> I've got 45 disks in a single 4u, how do I determine the identity of a bad disk from an error in the syslog.  [ 8670.445436] ata11.03: exception Emask 0x100 SAct 0x0 SErr 0x0 action 0x6 frozen
<pyrophelia> I need to figure out which disk that is in /dev/ so I find identify the right backplane
<kim0> Hi .. How do I update the tgz file that lxc clones to create guests?
<pyrophelia> for whatever reason this sytem does not boot with the same disk order every time.
<kim0> pyrophelia: I'm not sure .. but /dev/disk/by-path/ would probably show reboot consistent device paths
<RoAkSoAx> SpamapS: ok this is what I keep getting: http://pastebin.ubuntu.com/583558/
<pyrophelia> I do but it reports PCI addresses not, ATA :/
<SpamapS> RoAkSoAx: netstat -tnlp | grep 3307 should show anything listening on 3307
<RoAkSoAx> SpamapS: doesn't
<pyrophelia> s/I do/it does
<SpamapS> RoAkSoAx: whats bind-address set to?
<RoAkSoAx> SpamapS: 127.0.0.1
<RoAkSoAx> SpamapS:daahh I think that's the problem
<pyrophelia> I don't get it.  Why does the syslog report errors in ATA addresses but I can't translate that to an actual address.
<RoAkSoAx> SpamapS: apparently not
<RoAkSoAx> SpamapS: i think it is apparmor
<sbeattie> RoAkSoAx: is there anything in dmesg?
<soren> pyrophelia: There's a lot of symlinks in /sys that might help you.
<RoAkSoAx> sbeattie: it is not an error with apparmor, but rather it is enforcing mysql whne I don't really want it to
<RoAkSoAx> sbeattie: at least that's what I'm thinking might be going on
<sbeattie> RoAkSoAx: I'm only picking up the tail of the discussion, and am not sure what you're trying to do, but you can put the mysql profile in non-enforcing mode via aa-complain or aa-disable (the latter is natty only)
<Daviey> ooo, i didn't know about aa-disable...
<RoAkSoAx> sbeattie: I'm trying to get MySQl in an HA Cluster, and actually launching mysql from another datadir which causes apparmor to not allow MySQl to do so
<patdk-lap> well, edit apparmor
<RoAkSoAx> patdk-lap: that';s what I already did
<patdk-lap> :)
<pyrophelia> soren, nothing uselful.  thanks anyway
<pyrophelia> ok maybe i'm going about this wrong
<pyrophelia> when you have a ton of disks in a single system, how do manage them?
<pyrophelia> there has to be something better than syslog errors
<pyrophelia> ata11.03 tells me nothing if I can't resolve it
<RoAkSoAx> SpamapS: ok, this is the mysql command I'm using: /usr/bin/mysqld_safe --defaults-file=/etc/mysql/my.cnf --pid-file=/var/run/mysql1.pid --socket=/var/run/mysql1.sock --datadir=/mnt/nfsexport --user=mysql --bind-address=192.168.122.254 and the conf is: http://paste.ubuntu.com/583581/
<RoAkSoAx> SpamapS: the error it shows is that it cannot bind the port, ideas?
<jeeves_moss> just wondering, if I put 2 NICs (in the same box) on 2 diff subnets, then have the router with static NAT routers for the "web only" subnet, what other configs do I need to do?
<twb> jeeves_moss: what are you trying to achieve?
<jeeves_moss> twb, I'm trying to keep ETH0 as our "web interface" so all web traffice coming into/out of this box stays on that one interface,and the gig interface is ONLY for inter....  nm, answered my own question.  dual gateways
<SpamapS> RoAkSoAx: does that IP actually exist?
<RoAkSoAx> SpamapS: yes
<SpamapS> RoAkSoAx: strace it and figure out the errno that its catching
<RoAkSoAx> SpamapS: ok ;)
<SpamapS> RoAkSoAx: that really doesn't make any sense
<jeeves_moss> twb, can you quickly have a look @ the config for me please?  http://pastebin.com/nQ1CmK3j
<twb> jeeves_moss: you have two upstream interfaces?  That is, two ISPs?
<twb> Hm, except they're both using /24s in 192.168/16, so that doesn't make any sense
<jeeves_moss> twb, they dual into a single router with dual NATs to the same external interface
<RoAkSoAx> SpamapS: weird, it is like if this bug: http://bugs.mysql.com/bug.php?id=28516 was still present
<jeeves_moss> twb, with the current config, I can see it externally.  but I've only got 2 ports open, so I think I've got it licked.  I don't think it's a Ubuntu issue
<twb> I think the problem is you not knowing what you're doing
<jeeves_moss> twb, that's a distinct possibilty
#ubuntu-server 2011-03-22
<RoAkSoAx> SpamapS: yes http://paste.ubuntu.com/583586/
<RoAkSoAx> SpamapS: found the error
 * RoAkSoAx really needs some eye rest
<SpamapS> 1923  bind(12, {sa_family=AF_FILE, path="/var/run/mysql1.sock"}, 110) = -1 EACCES (Permission denied)
<SpamapS> that?
<SpamapS> Oi.. super late.. have to run
<knoxy> hi all.. How can I do to install Ubuntu Server in my HP Proliant DL120 G6 using the Smart Array B110i SATA? I'm trying, but the ubuntu can't detect my logical drives...
<iggi> Can anyone help me with an weird apache issue? I can see it listening on port 80, but when I try to view the web page I get The server is taking too long to respond.
<twb> iggi: you're testing with "curl -v http://127.0.0.1/" ?
<RoyK> omg... someone in .jp tweeted http://transport.nilu.no/products/fukushima
 * RoyK is in severe need for sleep
<iggi> twb: No, I am trying from a remote machine. It worked fine, I restart the host and then it gives me this
<iggi> twb: I tried stop-start, restart. Checked configs, etc.
<smoser> kirkland, ubuntu uec image faile dto build with:
<smoser> VMBuilder.exception.VMBuilderException: Process (['chroot', '/tmp/vmbuilderwWI9QQ/root',
<smoser> 'dpkg-reconfigure', '-fnoninteractive', '-pcritical', 'console-setup']) returned 2.
<smoser> stdout: , stderr: md5sum: /usr/share/console-setup/vtrgb: No such file or directory
<smoser> update-alternatives: error: alternative path /etc/console-setup/vtrgb doesn't exist.
<kirkland> smoser: hmm
<kirkland> smoser: okay ... I wonder why that file isn't found
<kirkland> smoser: can i see smore logs?
<kirkland> smoser: i think this should be easy to solve with some more log
<kirkland> smoser: nevermind, i think i see it
<kirkland> smoser: uploading a fix
<kirkland> smoser: thanks; fix uploaded
<smoser> kirkland, well, might be fixed might not be
<smoser> i just realized that 0.11 vmbuilder copies /etc/console from the host to the target
<smoser> which i think is disgusting
<smoser> but works without issue from lucid -> karmic, lucid, maverick, natty (until today)
<smoser> or at least without issue that i know of
<smoser> oh, and add hardy to that list
<kirkland> smoser: hmmf
<kirkland> smoser: yeah, that's pretty bad
<lifeless> SpamapS: hey
<lifeless> SpamapS: can has lucandra?
<lifeless> :>
 * lifeless is all want want want
<SpamapS> lifeless: !WINNING
<SpamapS> lifeless: can you point me to the install HOWTO?
<lifeless> of course
<lifeless> https://github.com/tjake/Lucandra
<lifeless> (its really solandra now, but he hasn't renamed it)
<lifeless> From the Solandra base directory:
<lifeless> mkdir /tmp/cassandra-data
<lifeless> ant
<lifeless> cd solandra-app; ./start-solandra.sh
<SpamapS> heh
 * SpamapS starts looking for jars
<lifeless> AIUI we'll need to run two clusters
<SpamapS> lifeless: I've been having trouble w/ Cassandra 0.7.4 .. it doesn't like one of the lib versions in maverick/natty
<lifeless> one random partitioner
<lifeless> and one solandra w/ordered partitioner
<SpamapS> ordered because it will be time-archived right?
<lifeless> so it may make sense to just have different packages with different data dirs etc - so that devs can have a 1-node cluster of both by apt-get install
<SpamapS> lifeless: I think *all* of its dependencies except cassandra are already in the archive.. +++
<SpamapS> of course.. they've been very explicit about versions.. because java people don't know how to do forward/backward compatibility.. so hopefully there's an extensive test suite. :-P
<lifeless> SpamapS: I'll drop matt a mail asking to confirm this, concrete data is a little hard to get
<SpamapS> ahh no such luck.. needs thrift too
<SpamapS> lifeless: hopefully somewhere between puppet, lxc, and ensemble, we can have a dev story that involves a more realistic environment. :)
<lifeless> SpamapS: mmmm
<twb> Didn't you know?  "Enterprise" means you ship a distro worth of deps in /opt, so you know you get the tested versions of same!
<lifeless> SpamapS: -very- unconvinced
<twb> What's ensemble?
<lifeless> SpamapS: love ensemble, but test suites requiring -that stack- - not keen
<SpamapS> lifeless: what stack?
<SpamapS> twb: service management tool..  https://launchpad.net/ensemble
<lifeless> SpamapS: lxc etc
<SpamapS> lifeless: lxc is integrated fully into natty and can run lucid as a guest w/ minimal tweaking..
<lifeless> SpamapS: 'make check' spinning up containers, debugging, etc - not going to be pretty
<SpamapS> lifeless: I dunno.. its being written with just this sort of story in mind
<lifeless> SpamapS: I'm sure it /can/ be done; the question is why would you want to.
<lifeless> SpamapS: so not interesting. Fantastic deployment story.
<lifeless> dev cycle story, I just don't get it.
<SpamapS> lifeless: to stop the cascade of failures that happen when dev assumptions cause QA/production fail
<twb> That's an Canonical-driven project?
<SpamapS> twb: its an experimental thing righ tnow
<twb> OK, then I stop caring :-)
<SpamapS> twb: been under dev for a while.. just now functional
<lifeless> SpamapS: thats a pipeline scenario, not a unit test scenario
<twb> I can't think of much Canonical has funded that I actually like
<lifeless> twb: not even Ubuntu ?
<SpamapS> lifeless: I tend to think the closer you can make a dev's environment to reality, the less translation problems you will have.
<twb> I hate ubuntu
<lifeless> twb: ...
<SpamapS> fine line between love and hate
<twb> I use it because 1) management/customers won't go for Debian; and 2) at least it isn't RHEL/CentOS/SLES.
<lifeless> SpamapS: if you do a pareto analysis on LP severe problems, its lack of automation + high latency reporting, not being 'like production'
<SpamapS> twb: to be fair, I'm fairly certain that you don't like *anything*
<twb> Oh definitely
<lifeless> SpamapS: remember, we can't use production data (data protection act), and to detect problems you *need* 300GB of DB.
<lifeless> SpamapS: I want test suites that can run a single test in < 3-4 *seconds*
<SpamapS> lifeless: agreed its hard to detect log(n) scaling problems when n is 2. ;)
<lifeless> SpamapS: I just don't see a big stack, no matter how good, participating in that story.
<SpamapS> lifeless: the stack would already be running the pieces that don't need updating...
<lifeless> SpamapS: apt-get install does that pretty well
<SpamapS> lifeless: and if your machine sucks.. some of the items can spin up in EC2/private cloud for better scale out during the tests
<lifeless> SpamapS: thats massively slower again
<SpamapS> lifeless: unless the nodes are already spun up and you're just slapping a container on top
<lifeless> SpamapS: I repeat, I can see how you *can* do this, I don't see why I'd *want LP devs doing it*
<SpamapS> Interesting. launchpad is I'd say one of the more complex deployments.. and yet its still desirable to have a machine that can do it all.
<SpamapS> I would not think that.
<lifeless> SpamapS: there are, IMO, three deployment scenarios
<lifeless> SpamapS: local dev fast-iteration
<SpamapS> I would think you'd want the deploy and test to be the same thing w/ different HW. :-P
<lifeless> SpamapS: entire-complex iteration (CI tool, etc)
<lifeless> SpamapS: and production (qastaging, edge, production itself etc)
<SpamapS> Its sort of the opposite of what many web dev shops are doing now w/ Vagrant and other tools
<lifeless> SpamapS: These three things have vastly different confidentiality, performance, *accessability* and debugging characteristics
<SpamapS> But that may be because their code is not as easily configurable as LP
<lifeless> SpamapS: an example; we don't want a breakpoint in a production server instance, ever.
<lifeless> SpamapS: but during a test iteration and fiddle - almost certainly.
<SpamapS> Right.. I guess my point is that in order to make this work.. I assume you have a set of static "local" configs that have to be maintained in parallel w/ the production ones, yes?
<lifeless> SpamapS: I don't see having to rsync to an lxc container to add that being a benefit for devs, and I don't see any substantial risk for the inner loop being done on local stuff
<SpamapS> rsync? no no no
<SpamapS> snapshot, boot
<lifeless> SpamapS: how many seconds will that take?
<lifeless> SpamapS: best case
<SpamapS> depends on your snapshotting tech
<lifeless> say snapshotting is free
<SpamapS> if you're on LVM or btrfs, closer to 0 than 1
<lifeless> SpamapS: and you're snapshotting your /home ...
<SpamapS> Should work similar to schroot, but with network separation.
<SpamapS> Yes
<lifeless> so, a pretty big burden, IME
<lifeless> its unnessary for 99% of things developers have to do
<SpamapS> snapshotting doubles write load
<lifeless> SpamapS: I'm talking complexity
<SpamapS> I have looked into another machine type of just "local"
<lifeless> SpamapS: LP is massively complex already. Adding another complex stack to it makes it even harder for devs to get their head around it
<SpamapS> where it just deploys the formula locally
<lifeless> SpamapS: I don't want devs having to even consider all the multi-machine stuff
<lifeless> it should be behind APIs that they call, fin.
<lifeless> SpamapS: remember too that we're really not in a cloud deployment story: 300GB db's, multi terabyte archives - these things don't play all that nicely with VM's :)
<SpamapS> lifeless: the idea is that they'd just model the way their service relationships.. the api would be "ensemble deploy-stack launchpad" and their environment would define how to do snapshots or chroots, or lxc's or spawn ec2's ...
<SpamapS> err
<SpamapS> the way their services relate
<lifeless> SpamapS: right, or we just don't do anything.
<lifeless> SpamapS: and developers continue on happy as a happy thing.
<SpamapS> happy but breaking stuff because they test on maverick and deploy onto lucid?
<lifeless> SpamapS: they don't
<lifeless> SpamapS: we break stuff, but not for that reason
 * SpamapS puts on old school non-devops sysadmin hat
<lifeless> SpamapS: your story here is a non-issue for LP.
<SpamapS> you break stuff because thats what developers do!
 * SpamapS takes hat off
<SpamapS> lifeless: you guys have already solved this
<lifeless> SpamapS: we break stuff because we don't have automation where we should; and bringing up new instances of scale-out components is one of those areas.
<SpamapS> lifeless: so indeed, LP is not in need of better service management, nor is it targetted at the cloud...
<lifeless> I'm very interested in ensemble for the scalable components
<lifeless> just not for developers (they don't need to scale a deployment locally, not by default), and probably not for CI (though it is a possibility)
<SpamapS> lifeless: the lifecycle ensemble is trying to ease is    develop single instance web app on laptop -> deploy onto ec2 -> scale out on ec2 -> get successful and try to bring in house
<lifeless> SpamapS: I don't get it :)
<lifeless> SpamapS: I don't understand the link between the first step and the rest
<SpamapS> lifeless: thats the lifecycle we hear about when talking to startups who are stuck on ec2
<SpamapS> lifeless: you don't get it, because you write modular, configurable code...
<SpamapS> lifeless: the ruby kids aren't really as mature in those skills.. ;)
<SpamapS> lifeless: also you have *the entire Canonical Platform Team* at your beck and call  ;)
<lifeless> SpamapS: I wish, oh what I could do ...
<lifeless> SpamapS: seriously though, yes, we write code thats designed to be deployable
<SpamapS> Yeah, so the ruby kids write stuff and want to test the deploy fast.. faster than they can by deploying to EC2
<SpamapS> right now virtualbox+vagrant gives them that but its still a whole giant VM to spawn
<SpamapS> lifeless: but I see that the basic assumptions of developers salivating over containers may be flawed when dealing with mature code bases. :)
<ScottK> So what do containers give salivating code monkeys they don't get from rails/capistrano (I think that's what they're using in one project I'm on right now)
<SpamapS> ScottK: most of the existing systems deal very well with static systems... not so well with cloud instances.
<ScottK> OK.
<SpamapS> ScottK: the exception to that is Chef, which has a nice model for handling those.. but scales *horribly* because it is such a beast.
<ScottK> Because if I could figure a way to partition this data usefully into small chunks so I could distribute the load accross something big, then I might want a code deploying in the cloud thingy.
<SpamapS> ScottK: of course, OpsCode will be happy to scale the server up for you, at a price. :)
<ScottK> Sure.
<SpamapS> ScottK: unfortunately I'd say ensemble is just getting past "cool toy" phase into "useful tool for the brave"
<SpamapS> ScottK: specifically, the data snapshotting stuff is handled by libhandwaving0
<ScottK> Maybe it'll be mature by the time we get the data split model working.
<SpamapS> which AFAIK, is not thread safe.
<SpamapS> To be fair to chef.. when I say horribly.. I mean it can't scale past the 30 - 40 nodes of one type, without sacrificing response time.
<SpamapS> So.. if ensemble isn't there for you... chef might be a decent choice.
<ScottK> Maybe.
<Saturn2888> Ubuntu Server isn't installing properly from the USB. I have this problem every time I install via USB. Does anyone know why it doesn't detect it from the installer? It says "Insert CD-ROM" or something and gives this error: http://launchpadlibrarian.net/47554702/ubuntu-1004-install-fail.gif
<uvirtbot> New bug: #739977 in php5 (main) "PHP5 FTBFS in Natty" [Undecided,Confirmed] https://launchpad.net/bugs/739977
<MTecknology> Is there any easy way to see what apps have stuff in swap?
<jmarsden> MTecknology: run top, press O p and then Enter      # sorts processes by swap usage
<MTecknology> ooh.. thanks :)
<jmarsden> MTecknology: You're welcome
<a7ndrew> I'm trying to enable acls on my root ext4 filesystem. Asides from adding acl to the options in fstab and doing a mount -a, is there anything else necessary?
<a7ndrew> i'm wondering if a reboot is going to be necessary
<soren> a7ndrew: mount -a won't apply new mount options. "mount -o remount,acl /" should do the trick, though.
<a7ndrew> soren: It did the trick, thanks!
<guampa> anyone using make-kpkg? dunno why it started appending its own alphanumeric suffix to compiled kernel and debs, besides my --append-to-version string
<Daviey> guampa, You might have more success asking in #ubuntu-kernel
<guampa> sounds a good deal, i'll go there. thx
 * zul shakes his fist
<zul> Daviey: you know that rebuild you did for the server seed at one point in the natty release cycle? can you do it again so we can see the multiarch changes that we need to do
<zul> its not like you have anything else to do ;)
<Daviey> zul, Yeah.. that isn't a bad idea... not something i can do until probably tomorrow now...
<zul> Daviey: thats fine
<Daviey> I think it took about 24 hours to build the packages we are subscribed to last time.
<soren> php5 needs fixing, but I assume you've seen that.
<RoAkSoAx> morning all
<raphink> hello
<smoser> kirkland, fyi, uec-image is still broken with console-setup 1.57ubuntu17
<soren> smoser: How is it broken?
<soren> smoser: I'm using the uec-images for some tests, so I wonder if it's something I'd see.
<smoser> they dont build
<soren> Ah.
<soren> Great :)
<smoser> vm-builder copies console-setup from /etc/ -> target
<soren> That won't affect my builds.
<smoser> which was questionable at best
<smoser> and now doesn't work
<soren> Yeah, that's dreadful.
<smoser> i'm glad you agree :)
<soren> I always hated that.
<smoser> you have a solutoin ?
<smoser> because it looks like i have to come up with one
<smoser> RSN
<soren> In concepts, not in code. I think.
<soren> I think I started working on it in days past, but I don't think I got anywhere useful.
<soren> Easy solution: Don't attempt to copy any settings from the host. Just do whatever the installer does.
<kirkland> smoser: can i see a full log?
<soren> smoser: The solution that would be in line with the original intent of that code would be to attempt to derive the current settings in the host and then apply the same settings in the guest without assuming they share the exact same mechanics for setting these things.
<smoser> kirkland, http://uec-images.ubuntu.com/server/natty/20110322/
<soren> smoser: So, e.g. try to figure out which locale is used on the host and then apply that locale in the guest in a manner compatible with whatever version is being built.
<soren> ...but just skipping that step altogether should get you close to a usable solution.
<smoser> i really didn't want another thing that was MUST_FIX
<smoser> but i do thikn that kirkland's console-setup work is really nice
<smoser> other than the whole making my life suck thing :)
<kirkland> smoser: :-/  sorry dude
<kirkland> smoser: i'm happy to help, if i can
<kirkland> smoser: why isn't console-setup installable in the chroot?
<smoser> soren, ^
 * smoser says "that was before my time" or "i just work here" 
<kirkland> smoser: does it require hardware access or something?
<smoser> i suspect that is the case.
<kirkland> smoser: note that there's also console-setup-mini
<soren> smoser, kirkland: Sorry, guys, I'm really tied up right now.
<soren> smoser: I think removing the bit of vmbuilder that copies stuff from the host is the right thing to do.
<smoser> thanks soren . i'll poke at it later today.
<RoAkSoAx> kirkland: howdy1! forgot to remind you yesterday about the binaries for python-ethtool :)
<iggi> Can anyone help me troubleshoot a UFW issue? I had a working web server prior to reboot, but after reboot ufw is blocking connections even when it says apache2 is in the exceptions
<RoAkSoAx> zu/win 11
<RoAkSoAx> lamont: hi there! Do you think it would be worth to consider bug #739297
<uvirtbot> Launchpad bug 739297 in nmap "Please update nmap: stable upstream version is 5.51" [Low,Triaged] https://launchpad.net/bugs/739297
<RoAkSoAx> SpamapS: can you take care of bug #738219 and bug #738209 when you have the change please?
<uvirtbot> Launchpad bug 738219 in autofs "autofs should always start before at and cron" [Undecided,New] https://launchpad.net/bugs/738219
<uvirtbot> Launchpad bug 738209 in autofs "autofs appears to be started before it is truly functional" [Undecided,New] https://launchpad.net/bugs/738209
<emindmedia> Hello, anyone here know how to recover a username?
<twister004> hi guys... how can view a samba folder structure in ubuntu server?
<twister004> I have samba shares on another ubuntu machine, which I wanna see on my server(VNC session)
<jamespage> hggdh: ping
<kirkland> RoAkSoAx: k, getting them now
<WoLfLoonie> Hello everyone. I'm having a bit of an issue figuring out how to change the screen mode on console.. after installing 10.10 it became really small.. Tried searching a bit for that, as I remember there should be a choice on a reconfigure option or something.. but I only got results about editing grub2..
<RoAkSoAx> kirkland: thank you ;)
<kirkland> RoAkSoAx: done
<RoAkSoAx> kirkland: thanks ;)
<RoAkSoAx> chuck_: ^^
<zul> hmmm?
<RoAkSoAx> zul: python-ethtool
<RoAkSoAx> :)
<zul> RoAkSoAx: what about it?
<RoAkSoAx> zul: binaries accepted
<zul> RoAkSoAx: oh sweet
<hggdh> jamespage, I am all ears
<hggdh> but a bit deaf
<jamespage> hggdh: right then; I've finally managed to get time to setup another ec2 instance and migrate the current Hudson configuration + archive etc.. onto it.
<hggdh> jamespage, super!
<jamespage> its got lots of storage for jenkins - 20GB on a separate ebs volume
<hggdh> wow!
<jamespage> Any chance you can re-point one of your slaves so I can test it works OK?
<jamespage> URL is : http://ec2-184-72-204-166.compute-1.amazonaws.com/
<hggdh> of course, getting it done now
<RoAkSoAx> SpamapS: https://wiki.ubuntu.com/ClusterStack/Natty#HA MySQL
<jamespage> hggdh: thanks
<WoLfLoonie> hmm. I think I've fixed it through grub.. GRUB_CMDLINE_LINUX="nomodeset"
<rynop> I'm using ubuntu 10.10 64bit daily build ami in ec2. When i ssh in i see there is a newer "server image" release. Is there a way to upgrade to the newer server image without having to rebuild my EBS?
<hggdh> jamespage, running, the output states connected, but jenkins does not seem to see it
<hggdh> jamespage, this is slave nhanga
<jamespage> hggdh: hmmm - might be that it had an old hudson slave.jar cached
<jamespage> hggdh: try shutting it down, rm /var/lib/ubuntu-server-iso-testing/.slave.jar (I think) and start up again.
<knoxy> Hi. I've a HP DL120 with Smart Array B110i. I create RAID 1+0 with 4 HD's and Ubuntu installer cannot detect this logical volume. How can I do to fix it? I'm trying with Ubuntu Server 10.10 amd64
<jamespage> hggdh: I think thats the issue - just tried connecting one from my locality and it worked OK.
<hggdh> jamespage, nhanga is up
<hggdh> that was it indeed
<jamespage> hggdh: thought it might be \o/
<hggdh> :-)
<hggdh> jamespage, worth the effort to add in the postinst for next update?
<jamespage> hggdh: I'll have to take a look and see why that happened - I think the python script might be doing sometihing odd.
<jamespage> It should always download a new slave.jar - just in case the master has been upgraded.
<jamespage> hggdh: PS do you like the Font?
<hggdh> jamespage, yes, I do. And I think I have seen it somewhere else ;-)
<SpamapS> RoAkSoAx: would be cool to write a plugin for pacemaker that could just manipulate upstart via dbus
<RoAkSoAx> SpamapS: there is one but it is not recommended :)
<SpamapS> RoAkSoAx: we should maybe put some dev time into that... ;)
<RoAkSoAx> SpamapS: let's discuss it post meeting
<SpamapS> indeed
<lamont> RoAkSoAx: it's on my list to get that done, I rather expect that it's a big enough change that I do not plan to propose it for natty
<lamont> RoAkSoAx: and frankly, it'll probably be a week before I actually force myself to take time to deal with it
<RoAkSoAx> lamont: ok :), and I was thinking the same (big change for natty)
<RoAkSoAx> SpamapS: so anyways... the reason why upstart is not the best for a cluster is becuase upstart only knows that the application is running or not, but doesn;t really know if the application is doing what's supposed to be doing
<RoAkSoAx> SpamapS: for i.e. upstart will now that mysql is running, but for the cluster that's not enough
<RoAkSoAx> SpamapS: because, I might want to know if I can pull certain info from a table in mysql, or even access a table, allowing the cluster to determine "yeah, it is up and running, and serving X type of requests, so I can confirm that I should bring up the other services"
<SpamapS> RoAkSoAx: sure it does. Thats what post-start is for.
<RoAkSoAx> SpamapS: in turn, the OCF Resource Agents, provide the capability to determine whether the resource is running, but additionally, you can also have diferent dephs of monitoring
<SpamapS> RoAkSoAx: anything beyond that is the realm of monitoring
<SpamapS> RoAkSoAx: so the plugin, it seems, is missing the ability to define a monitoring script.
<RoAkSoAx> SpamapS: i guess that can be done
<RoAkSoAx> SpamapS: but afaik, kirkland tried to add support to monitor a daemon in upstart by adding scripts but was rejected
<SpamapS> yes, its been deemed out of scope
<SpamapS> thats no reason to give up on it though. :)
<SpamapS> there are two things that I agree to disagree w/ regarding upstart. pidfiles aren't always evil, and there should be a status stanza.
<RoAkSoAx> SpamapS: right, but from HA Clustering point of view, upstart should just only tell us if the dameon is running or not
<RoAkSoAx> however, as I said, that's sometimes not enough
<RoAkSoAx> SpamapS: that's why LSB initi scripts are not recommended either
<RoAkSoAx> SpamapS: but anyways, upstream themselves have rejected one of the patches that are necessary for it to work
<RoAkSoAx> and have given recommendations to the creator to fix it
<RoAkSoAx> but yet, it hasn't; been fixed
<RoAkSoAx> SpamapS: and upstream are even considering in dropping the upstart support
<RoAkSoAx> SpamapS: becuase as per their standards, OCF Resource Agents should be used to monitor resources
<RoAkSoAx> SpamapS: the whole problem was that when Ubuntu switched to upstart, everything was broken becuase all those services with no OCF RA's were treated as LSB initi scripts, which in turn created a problem
<RoAkSoAx> because of no return codes
<RoAkSoAx> SpamapS: http://www.gossamer-threads.com/lists/linuxha/dev/68379?search_string=possible%20deadlock%20in%20lrmd;#68379
<SpamapS> RoAkSoAx: good enough > perfect but not ready yet
<RoAkSoAx> SpamapS: right but the real sisue with upstart is that it leaves open IPC sockets
<RoAkSoAx> s/with upstart/with the upstart plugin
<SpamapS> IPC? whats it doing w/ IPC?
<RoAkSoAx> SpamapS: corosync is the communication layer that pacemaker uses between nodes of the cluster
<RoAkSoAx> SpamapS: so, using the upstart plugin as Resource Agents causes corosync to leave open IPC sockets
<SpamapS> RoAkSoAx: ah sounds like its unrelated to usptart
<RoAkSoAx> SpamapS: not with upstart, but with the upstart pluging
<SpamapS> right
<RoAkSoAx> SpamapS: yeah... so anyways, mregardless of weather upstrart is fully supported in the HA cluster stack, OCF RA's are still recommened for service monitoring
<bcessa> hi there, I'm trying to install oracle-xe on AMD64 ubuntu server, I added this to package sources "deb http://oss.oracle.com/debian unstable main non-free" but I get this error message as soon as I try to run apt-get upgrade: W: Failed to fetch http://oss.oracle.com/debian/dists/unstable/Release  Unable to find expected entry  main/binary-amd64/Packages in Meta-index file (malformed Release file?)
<Mathuin> I have questions about Ubuntu and EC2.  Is this the right place to ask them?
<pankaj_sharma> yes
<Mathuin> I currently do some computations on my home server that take about 12 hours on a 8G 4x3GHz machine.  If I moved that to the cloud, could I do it in less clock time and not pay an arm and a leg.
<Mathuin> The computations are all in Python.
<bcessa> so the problem is my server is AMD64 and the packages in the repo are i386, stupid question but is there a way around this or a manual installation is required?
<thesheff17> Mathuin: is your python multi threaded?
<asmod4n> oh hi, installed apparmor and dovecot, now everytime my email client connects to it apparmor spams dmesg with ALLOWED messages... how to disable that?
<asmod4n> apparmor seems to send everything it does to the kernel log.. is that the default behavior?
<jdstrand> asmod4n: you installed apparmor-profiles. apparmor-profiles has profiles for dovecot that are in complain mode, which log things like you are seeing
<asmod4n> so i just have to set them to enforce?
<jdstrand> asmod4n: see https://help.ubuntu.com/community/AppArmor#Disable%20one%20profile on how to disable it. alternatively, you could enable the profile and have it in enforcing mode
<jdstrand> asmod4n: yes
<thesheff17> bcessa: you can enable 32 bit libs: apt-get install ia32-libs and you should be able to run any 32 bit program.
<bcessa> thesheff17: thnx for your answer, I already have the package installed, how ever when I add the oracle repo to the sources.list I keep getting the following error when trying to run apt-get update: W: Failed to fetch http://oss.oracle.com/debian/dists/unstable/Release  Unable to find expected entry  main/binary-amd64/Packages in Meta-index file (malformed Release file?)
<bcessa> don't really know how to "force" the system into using those packages or if it will work at all
<thesheff17> bcessa: what are you trying to accomplish?  what programming language with oracle?
<bcessa> I just wanna install the oracle server for an existing application, no programming involved on my end
<thesheff17> bcessa: hmm...there has to be 64 bit for oracle.
<bcessa> that will be really nice, I was trygin with this and get the error I mentioned above https://help.ubuntu.com/community/Oracle
<bcessa> there's also some tutorials for manual installations but don't think is the best way to go, if there's no alternative I'll do it, I'm just trying to find another/cleaner way
<thesheff17> bcessa: well the deb files are here. http://oss.oracle.com/debian/dists/unstable/non-free/binary-i386/ you could download them and do a dpkg -i packageName...it should find all the required packages...use with caution though ;)
<thesheff17> bcessa: also check this out http://littlebrain.org/2008/05/12/how-to-install-oracle-xe-in-ubuntu-64-bit/
<bcessa> I'll give it a go and let you know I my machine just blow LOL :)
<thesheff17> bcessa: basically forcing the packages to install
<uvirtbot> New bug: #740379 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/740379
<RoAkSoAx> zul: could you please take care of bug #619712. I just decided to patch it
<uvirtbot> Launchpad bug 619712 in keepalived "keepalived vrrp race condition and fix (versions 1.1.17 and 1.2.0 but perhaps all?)" [High,Fix committed] https://launchpad.net/bugs/619712
<bcessa> thesheff17: just finish the installation and everything seems to be working just fine, thanx a lot ;)
<bcessa> I'll configure and test the installation further ;)
<zul> RoAkSoAx: yep as soon as im off this call
<thesheff17> bcessa: no problem I have used oracle xe w/ ubuntu before and it is weird they don't have 64 bit support.
 * RoyK wonders why people use oracle xe when there are so much good open alternatives, such as postgresql
<RoAkSoAx> zul: sure take your time. thanks ;)
<Mathuin> The installer for 10.10 desktop didn't allow me to build a RAID.  Stinky.  What's the proper way to do that nowadays?
<thesheff17> Mathuin: you have to use the alternative cd
<Mathuin> Oh for pete's sake.  There's a lost hour.  Sigh. :-)
<Mathuin> Thanks for the tip.
<RoAkSoAx> kirkland: ping
<kirkland> RoAkSoAx: pong
<RoAkSoAx> kirkland: quick question. When someone contributes to PowerNap with let's say a new Monitor, should the copyright be assigned to canonical/us, or just the authors?
<kirkland> RoAkSoAx: PowerNap is not governed by the Canonical CA
<Aison> evening
<Aison> i'm searching a movie database or organizer web software. Eg. where ppl can search for a movie etc...
<Aison> I would like to install it on my ubuntu server (with about 1000 movies stored on it)
<RoyK> Aison: there are several - google for it
<Aison> I did
<RoyK> one of my first hits was http://www.techsupportalert.com/best-free-dvd-collection-software.htm
<Aison> :)
<_1094kms> I just created a lvm volume from scratch (new hd). When I run vgchange -ay I get an errormessage :  http://paste.ubuntu.com/583948/  is this something to worry about?
<patdk-wk> that isn't good
<_1094kms> got my answer - I had old volumes still in the cache and vgchange -ay checks them all while they were not existing anymore.
<rynop> anyone used tmpfs to back their web app sessions before? I'm using PHP and looking to use tmpfs instead of db/file backed.  Wondering if there is some pitfall i'm not thinking bout.
<RoyK> rynop: not really - should work, except load balancing won't be easy across servers if they can't share the sessions
<rynop> RoyK, I have the session affinity covered cuz i'm using amazon elastic load balancer - so I think i'm only in trouble if my server goes down - which in taht case i don't care bout the session data :)
<RoyK> ok
<rynop> RoyK, in the reading i've done, tmpfs falls over to swap space if it ever uses up the allocated mem space right?
<rynop> and if i allocate 200meg of mem to tmpfs, and i only use 100meg, the extra 100meg is available to the system right?
<RoyK> rynop: think so - iirc it allocates 50% of RAM
<RoyK> rynop: and the allocation is dynamic, not like old ramdrives that used a specific amount
<rynop> RoyK, cool thx.
<RoyK> meaning if you use 30kB, it'll use 30kB of your precious RAM
<RoyK> if on a low-memory system, remember to increase swappiness, so that the kernel can swap out stuff not in used and rather use the memory for something useful
<RoyK> echo vm.swappiness >> /etc/sysctl.conf && sysctl -p
<RoyK> erm - wrong
<rynop> isnt it: /bin/echo â1â³ > /proc/sys/vm/swappiness
<RoyK> echo vm.swappiness=100 >> /etc/sysctl.conf && sysctl -p
<rynop> oh
<RoyK> rynop: swappiness is set to 0-100 - setting it to 1 will make linux hardly swap at all until the shit really hits the fan
<RoyK> which is not what you want
<RoyK> echo 100 > /proc/sys/vm/swappiness will set it, but not store it over a reboot
<rynop> RoyK, dont i only want to do swappyiness of 100 for my tmpfs drive? not the other processes using memory?
<RoyK> swappiness is system global
<RoyK> but it usually makes sense to set it high
<RoyK> that is, unless you're doing something like realtime linux, but then you don't want swap at all
<rynop> what does swappiness default to? i dont currently have any 'swap' strings in my /etc/sysctl.conf file
<RoyK> 60
<rynop> I see, so setting it to 100 wont rip out a session in memory (in tmpfs)? it woudl only rip it out if its not in use (duno how it knows that but i'll trust u)
<rynop> why is the default not 100? seems like there is no downside.
<RoyK> rynop: google for it - there have been a lot of discussions on it. I have a bunch of servers all set to 100, and it works well. Worst case is if you have some lesser-used process that gets swapped out and it takes a second or two to get it back
<RoyK> that is - a whole process won't be swapped out - just pages not in use
<rynop> RoyK, ah ok thx.
<RoyK> erm - pages not used very recently, that is
<uvirtbot> New bug: #740477 in krb5 (main) "kinit should print an error if credentials cache has invalid permissions" [Undecided,New] https://launchpad.net/bugs/740477
<JoePrro> hi im new to linux and irc. I was hoping to find someone with some experience to share
<JoePrro> Im am setting up a ubuntu server...it has six scsi drives 2 36.4 gbs and 4 146gb drives.  the 36s are raid 1 and the 146s are raid 5 on a serveraid 7k card.  i want to install ubuntu server on raid one array with home folder and mysql on raid 5.  what is the best practice for this?
<guampa> JoePrro: put / in the raid 1, and two partitions for /var and /home in the raid 5 ... maybe / could be split in more partitions if you wish, for /, /boot and /tmp  f.e
<JoePrro> guampa: I am actually still in the partioner stage of the ubuntu setup.  it see the the arrays as two disks scsi3(0,0,0) & scsi3(0,1,0) Do I install ubuntu and swap on 36 gig or do I create a software raid5 with those two disks
<JoePrro> i unsure how software raid works or is needed with a hardware raid setup
<guampa> if you don't have a controller for those two and have to go software you have to decide between 0 and 1 afaik
<JoePrro> i do have a controller... its an ibm xseries with serveraid 7k card
<JoePrro> so no special setup. no need for software raid setup?
<guampa> if you can make the two arrays hw based, go for it. hasn't always got the same flexibility as sw but everyone and his mom keeps saying that they aren't even near in terms of performanve
<guampa> performance
<JoePrro> so harware is the answer...huh? So just install ubuntu & swap on raid1 and then configure folders to reside on raid 5
<guampa> ditto. a common choice for fs's would be XFS for the raid 5 areas, and say, EXT4 for the two-disk array
<BbluE> Hello everyone.
<BbluE> Everyone afk?
<JoePrro> makes sense
<BbluE> I guess.. :(
<JoePrro> does the xfs need to be primary or logical
<BbluE> I think Primary, but don't quote me.
<guampa> since you will only boot linux it more or less doesn't matter if the parts are primary or logical, or even if you don't use partitioning and go directly to LVM over raid
<guampa> the schemes make important to pay atention to what OS loader you use in some situations, but i believe GRUB2 should work in almost every scenario
<JoePrro> great thank you...so I have configured sda 34.9gb ext4 and #5 sdb 1.5 GB swap and now i need 2 partions on xfs volume one for var and one for home...right?
<JoePrro> or just one large partition on xfs volume
<guampa> yes, you can put them in the same partition too. i don't know much about the specifics of your server, you can decide based on the amount and type of data you'll be putting in /home and /var
<JoePrro> its a basic lamp server...running i use ispconfig3 phpmyadmin and joomla
<JoePrro> i have it up right now on a dell vostro with just a 500 gig sata drive. I am trying to put redudancy on now before i go live with my site
<BbluE> I'm trying to set up a basic lamp server too.. it's destroying me from the inside out! lol.
<JoePrro> lol
<JoePrro> i feel ya man
<guampa> if it's going to be small then go with the big partition, no need to add worries then :)
<JoePrro> yes small....sortof...its a membership site so mysql will grow large
<BbluE> I started this morning, trying to make my dang .htaccess work... Google, is finding me more questions like mine, with no answers.. I have a few different Ubuntu PDF books, and I think those are just talking me around my issue.. but, not directly through it... etc, etc.
<BbluE> I think he means to just go with the one partition, instead of adding multiple... and keeping it simple
<JoePrro> BbluE: Howtoforge got me up and going really good stuff there
<BbluE> Sweet, I'll go check that out. Thank you for the lead.
<JoePrro> thanks so much for help guampa...I think i was making this a bigger monster than what it is
<guampa> sorry was afk, yes setting up servers are a great adventure, even more the first ones
<guampa> s/are/is
<guampa> still tuning my english :P
<guampa> anyway glad to be of help
 * RoyK pats his 100TB OpenIndiana boxes
<BbluE> Lol, :D
<RoAkSoAx> kirkland: do you think bug #735452 is worth uploading for natty?
<uvirtbot> Launchpad bug 735452 in powernap "IOMonitor Plugin does not use optimal /proc parameter to find process PID" [Low,In progress] https://launchpad.net/bugs/735452
<hackeron> hey, I try to do: hal-find-by-capability --capability video4linux - in maverick it showed a list of v4l devices - in natty it shows nothing - is there an equivalent command?
<PoorNewb23> hi there
<PoorNewb23> Why use Ubuntu-server, and not any other flavour?
<PoorNewb23> (it's serious question)
<PoorNewb23> I couldn't find any concrete answer in help/faq and general webpage.
<ruben23> hi guys does ekiga have g711 codec-ulaw and alaw
<hackeron> PoorNewb23: Ubuntu server is pretty barebone, you don't have a graphical user interface, it's just typing commands - it's suitable when you don't plan to ever plug a keyboard and mouse to the PC/server after it's set up
<hackeron> PoorNewb23: and naturally no monitor either
<hackeron> ruben23: I believe so, you can use ekiga as an asterisk client when asterisk is configured to use ulaw/alaw
<ruben23>  hackeron: you have idea how do i do conference call with ekiga on asterisk..?
#ubuntu-server 2011-03-23
<PoorNewb23> hackeron: Thanks for answering. But can't you get the same with other 'server' versions of other distros?
<XATRIX> hi guys, may a ask a newbie question ? 1) how should i configure my apache2 to be able to access the directory list on http://someipaddress/repo  2) how can i access my website index.php on http://someipaddress/web ?
<hackeron> ruben23: http://lmgtfy.com/?q=ekiga+asterisk
<hackeron> PoorNewb23: sure, the rest is personal preference really - which community you like best, how bleeding edge you want to be, how security updates are handled, etc
<iggi> I keep getting "2003 can't connect to mysql server on 'IP' (10061)" when trying to connect to my mysql server remotely even though I allowed the port through ufw
<hackeron> PoorNewb23: many like centos because it's similar to redhat enterprise, I find it much easier to work with ubuntu personally and everything is a lot more up to date, yet still rock stable
<fishscene> Greetings. I was wondering if CD/DVD burning was going to be included with LTSP. I found this page: https://blueprints.launchpad.net/ubuntu/+spec/ltsp-cd-burning but it is quite old..
<iggi> Can anyone help me install the perl module ExtUtils::Embed, It says I need a version of perl newer than in apt?
<TommyC> Hiya. A while back I had to install sendmail on one of our servers. I tried using apt-get install sendmail to install it, but got a message saying couldn't find sendmail. So I downloaded the tar file from sendmail's website. Anyway, my boss asked me to remove it completely, and so I tried apt-get remove sendmail (I forgot the apt-get install didn't work), and that didn't work. Is there
<TommyC> another way to uninstall applications from Ubuntu? Or do I have to "locate sendmail" and delete the files and folders it finds? Thanks in advance for all your help.
<qman__> TommyC, you can only automate removal if you used a package manager to install
<TommyC> Yeah. The manual install needs to be done. Any particular way I can go about doing that?
<qman__> for future reference, you should use checkinstall or similar to build packages from source, rather than just installing directly with 'make install'
<TommyC> All right.
<qman__> that way they can be easily removed
<qman__> but if you just ran a make install, you will have to manually locate and remove the files
<TommyC> Gotcha.
<qman__> it may have made it easy on you and installed to /usr/local/
<qman__> but it depends on the compile options
<TommyC> All right, thanks.
<gtaylor> anyone ever tried aborting a fsck prematurely?
<twb> Yes
<gtaylor> how did that go for you?
<twb> I didn't say it was me
<gtaylor> how did it go for whoever?
<twb> But it'll depend on the filesystem
<gtaylor> forgot to run the damned thing on screen, and I need to close the SSH terminal
<twb> For ext3 you are probably OK
<gtaylor> ext4, late kernel
<twb> I assume ext4 isn't much different
<Patrickdk> ext4 should be better
<gtaylor> we're on hour 8 of this stupid thing
<twb> I mean, I wouldn't interrupt it unless you have a choice
<Patrickdk> sounds like mine :)
<twb> gtaylor: is this after rebooting, because it hasn't been fscked for 30 days?
<Patrickdk> twb, what is nice is when I do a bios reset, or have a bad bios battery, fs timestamp in future, fsck disk NOW
<twb> Oh yeah, I've seen that
<gtaylor> twb: It's a secondary mount that corrupted independently of the root partition, so it's un-mounted and fsck'ing
<Patrickdk> and 10tb and millions of files later :)
<gtaylor> twb: So I'm not worried about the root partition. It's just got a lot of valuable media files in it.
<gtaylor> and no, not porn
<Patrickdk> what a waste of a server
<kirkland> RoAkSoAx: if the fix is small, sure
<ScottK> SpamapS: sommer appeared from within the server community, not the docs community.  I'd recommend someone go hunt him down and ask pretty please with a cherry on top what would it take to get you to come back ....
<ScottK> (just read the backscroll from today's meeting)
<ScottK> Heya kirkland.
<kirkland> ScottK: hi
<ScottK> I appreciate all the work you're doing getting things sorted.
<kirkland> ScottK: sure, you're welcome
<RoAkSoAx> ScottK sommer said he was busy with his new job
<ScottK> Oh.  OK.
<RoAkSoAx> yeah he said he was gonna be around by beta
<RoAkSoAx> hopefully he will
<ScottK> Just about time then.
<RoAkSoAx> kirkland could u please upload new powernap? the fix os in the trunk
<RoAkSoAx> ScottK indeed :)
<uvirtbot> New bug: #740666 in beautifulsoup (main) "package python-beautifulsoup 3.1.0.1-2build1 failed to install/upgrade: error writing to '<standard output>': Success" [Undecided,New] https://launchpad.net/bugs/740666
<ideaman> tftp
<twb> ideaman: what abou tit
<ideaman> just trying to get familiar with it when it comes to using it to back up IP phone configs
<ideaman> just out googling and looking for good articles relating specifically to that
<twb> curl tftp://phone1/config.txt ?
<ideaman> so will that set it up so anytime the phone reboots, it'll pull that config file and overrite anything someone's tried to do?
<twb> Oh, the phone acts as a TFTP client?
<ideaman> yes.
<twb> Then you just need a read-only TFTP server for the phones to be pointed at
<ideaman> The setup I have now was done before I came along and tftp was already installed on my server, so I only know how to edit it after the fact
<ideaman> just learning how to do it from nothing
<twb> If you also use DHCP, then dnsmasq is the easiest way to do it
<ideaman> Yea, that's what I've been told, so everytime they reboot, TFTP sees the DHCP request, then loads it's config if it isn't already loaded
<ideaman> I don't know about dnsmasq though
<twb> That's not how it works
<ideaman> Yea, I know I'm missing pieces of it
<ideaman> or even the whole process
<twb> The phone is a DHCP client.  It asks for a DHCP response.  The DHCP response will contain "next-server" and "filename" options, which are e.g. 1.2.3.4 and /phone.conf respectively
<twb> Then the phone makes a TFTP GET request to 1.2.3.4 for file /phone.conf and then, presumably, applies it
<twb> ...at least, that's how it would normally work.  Your vendor may be silly in some way
<ideaman> I am the vendor/IT guy so we're good
<ideaman> That makes alot more sense
<ideaman> so once I've apt-get tftp, how do I set it up initially so those linksys/polycom phones are looking for that .conf file
<twb> No, tftp is the client
<ideaman> option in the phone intially where I need to point the phone to the IP of the TFTP server?
<twb> You need a tftp *server*
<twb> Either dnsmasq or tftpd-hpa are good choices
<ideaman> I guess I just need to put that tftpd-hpa on my box and get familiar with it
<twb> It is not very different from an FTP server
<twb> In terms of setup, I mean.  The protocol is quite differrent
<ideaman> It doesn't seem like there's to many parts
<ideaman> *too
<ideaman> Alright, thanks for your help, I'm outta here!
<zee313> I was using itunes for my ipod classic. I there any software for syn. ipod with my ubuntu PC
<zee313> ?
<shauno>  zee313 https://help.ubuntu.com/community/PortableDevices/iPod   is probably a good start; otherwise I'd suggest that -server's not the most obvious channel for that, and you may have more luck in #ubuntu proper
<twb> For an second- or fourth-gen iPod, they were just HFS+ filesystems with a single metadata file.  There is a simple tool to generate the metadata file.
<twb> Those gens were around in, like, 2004, so new ones are probably completely different.
<shauno> I had an 'ipod photo', which was 4th or 5th.  it was happy with vfat, but same idea for metadata.  rhythmbox & co never had a problem with it tho
<twb> 4th was monochrome LCD
<twb> Oh, apparently there were 4G color units
<twb> Maybe I had a third-gen
<twb> According to http://en.wikipedia.org/wiki/IPod_Classic I had a 3G and a 4G.  I know my first one had a non-mechanical scroll wheel (which was awesome).
<shauno> I guess the good news is that they're still amongst the best supported on linux.  the 'classic' line has remained largely stable since they went heard first into 'iOS'
<twb> Cool
<aliverius> goodmorning
 * aliverius is going to rebuild a raid-0 array for the 1st time
<_ruben> raid0 doesn't really exist
<Syria> Hi, i have hired a vps with ubuntu -server installed on it and suddenly i can't connect to it using sftp and can't import Sql database.
<_ruben> complain to the vps provider?
<Syria> is it something caused by me or them?
<laen> You expect us to know?
<twb> _ruben: last time I looked, RAID0 existed
<twb> _ruben: OK, it wasn't *R*edundant, so I guess it's better called "AID0"
<Syria> Can I upload files from my computer to the vps server using terminal? i am connected to it via ssh.
<twb> If you have shell access over SSH, then you almost certainly can use SFTP or scp.
<Syria> twb:  When I try connecting to it using sftp it just jeeps loading without showing me any files or folders.
<Syria> *keeps
<_ruben> twb: exactly (wrt (R)AID0) :)
<_ruben> Syria: do the logs show anything odd ?
<twb> Syria: that is probably by design.  You need to talk to your VPS vendor.
<Syria> Thank you very much guys.
<shauno> if they've given you a ssh account (on the host) that attaches to a tty (on the guest), it's probably locked down to do just that.  it's usually intended to give you a last-resort access in case you goof up, not a usable sftp session
<twb> shauno: hum, fair enough
<_ruben> then either the vps provider changed something, or the initial problem description was misleading
 * _ruben points at "suddenly"
<shauno> the 'terminal' bit threw me off.  the ssh my vps provider offer, goes straight to a stty.  it's like having a serial console on a physical machine.
<shauno> the sshd on the guest itself is my job, and the provider doesn't touch it
<twb> yeah right
<shauno> was a big "if" I guess, but the most sensible reason I can think of for a lack of sftp
<twb> Sigh.
<twb> Which monkey wrote lucid's /etc/init/squid.conf
<twb> grepconf2()?  I mean really
<soren> twb: It's from the init script, actually.
<soren> twb: It's been there since at least 2004.
<twb> Yeah, I guessed
<twb> FWIW I replaced it all with a normal upstart job and I haven't had any problems
<twb> http://paste.debian.net/111679/
<twb> What prompted me to do this was that I rebooted my LXC server, and the squid container was hanging around for minutes -- preventing the entire system from rebooting promptly.
<twb> http://paste.debian.net/111675/
<uvirtbot> New bug: #740777 in samba (main) "smbd.conf needs to wait for network up event" [Undecided,New] https://launchpad.net/bugs/740777
<BlackDex> Hello there,
<BlackDex> how can i disable the system information "motd" after an ssh login for specific users?
<BlackDex> ok.. i finally found it... just by adding .hushlogin
<twb> BlackDex: that information is in the fortunes-ubuntu-server package, which provides helpful hints in the MOTD :-)
<Daviey> Talking of which fortunes-ubuntu-server needs some love...
<Daviey> anyone want to have a go with it? :)
<raphink> it's about adding new smart quotes to it? ;-)
<aliverius> when i installed ubuntu i chose a raid0 setup. i had one disk atm but it still accepted to do the raid0. now that i connected the 2nd hard disk, how easy will it be? is there an automated way?
<raphink> aliverius, I'm not sure if mdadm allows to add drives to a RAID0
<raphink> (Google seems to say it doesn't)
<raphink> what is your need, and have you considered using LVM striping instead?
<_ruben> because raid0 isn't realy raid, it'll work with just one disk just fine .. as for adding extra disks, probably: sudo mdadm /dev/m0 --add /dev/sdX
<_ruben> then again, raid0 is useless especially when running lvm on top of it
<raphink> yep
<raphink> raid0 is pretty useless in a lot of situations
<raphink> and software raid0 is a waste of ressources in most cases (especially with one drive)
<Syria> Hello, I can't edit anything in phpmyadmin, i have hired a vps with ubuntu 10.4 installed on it. the support team at the company told that i have to fix this.
<_ruben> i wonder what the person whas smoking who "created" raid0 in the first place
<raphink> _ruben, well, LVM didn't exist at the time I believe
<raphink> maybe the guy who created raid0 was running Windows and couldn't attach partitions/drives to mount points...
<raphink> _ruben, there is a point about raid0 though, which is performance
<_ruben> raphink: that's not the point .. raid0 contradicts itself, it *can't* exist
<_ruben> you can stripe disks for performance, sure, but it's not raid
<raphink> you have more writing heads on the same logical volume
<jkg> I think calling it RAID Level 0 is exactly appropriate as a description of what it is -- the 0 matters :-) and it has to be part of the RAID family, for, e.g. RAID 10.
<raphink> that said, you put the data of two (or more) disks at risk with raid0
<raphink> since if one disk crashes, you destroy and array and lose the data on both disks afaik
<raphink> jkg, right
<raphink> it makes sense to use it in this context
<Syria> What should I do if I want to delete and re-install phpmyadmin and all the data bases please?
<raphink> apt-get remove --purge phpmyadmin
<Syria> But this will not remove the data bases right? i want to remove and re-install everything.
<raphink> not sure if that removes the DB. If the DB is myisam, you can delete the files associated with it in /var/lib/mysql
<Syria> raphink:  I can't edit any value from phpmyadmin after clicking "Go" the page keeps loading so do you think that this might solve the problem?
<raphink> certainly, bleaching the machine will not resolve the problem as far as clicking "Go"
<aliverius> heyyyyyyyyyyyyyyyyyyyyy did i say raid0???????!!! i meant raid 1 so let me repeat what i said
<raphink> you won't have a "Go" button anymore if that helps ;-)
<raphink> aliverius, I think you did ;-)
<aliverius> when i installed ubuntu i chose a raid1 setup. i had one disk atm but it still accepted to do the raid1. now that i connected the 2nd hard disk, how easy will it be? is there an automated way?
<Syria> raphink:  and how am i supposed to save to changes?
<aliverius> there you go, i corected it
<raphink> aliverius, _ruben answered you then
<raphink> Syria, I'm no phpmyadmin expert (I am more of a cli user)
<Syria> raphink:  Thnx anyway.
<raphink> removing the database is probably not the best solution to your issue though
<jkg> Syria: what error message, if any, do you get when it fails?
<Syria> jkg:  The page keeps loading and i don't get any messages.
<raphink> Syria, is there anything in the apache logs?
<aliverius> ok guys thanks
<aliverius> i will come back with more questions i am sure
<Syria> raphink:  http://paste.ubuntu.com/584185/  this is the error.log
<Syria> raphink:  And this is the access.log http://paste.ubuntu.com/584186/
<raphink> Syria, there's not much there ...
<Syria> raphink:  Is there anything that I can do?
<Syria> anything else?
<aliverius> if one drive fails and is removed will the other drive boot normally?
<aliverius> or is brub installed on only one drive
<aliverius> grub
<aliverius> does ubuntu know how to setup both grubs at the same time?
<Syria> raphink:  I have removed and reinstalled phpmyadmin using apt-get --purge-- remove phpmyadmin $ apt-get install phpmyadmin
<Syria> but now i can't log in :(
<raphink> Syria, you mean you can't log in on phpmyadmin, right?
<Syria> raphink: Yes.
<raphink> Syria, have you configured it?
<Syria> yes, sudo dpkg-reconfigure phpmyadmin is this correct?
<raphink> that, or looking at the config.php or whatever else it uses
<jamespage> jhunt: around for a quick upstart question?
<jhunt> jamespage: hi
<jamespage> jhunt - lemme just pastebin the config
<jamespage> jhunt: http://pastebin.com/1W0HDbLS
<jamespage> so this is the upstart config for jenkins
<jamespage> couple of things I wanted some guidance on
<jamespage> I noticed that sometimes a restart fails - it looks like the java process running jenkins was not fully shutdown before the new process was started.
<jamespage> do I need to use any extra config as the java process gets run through su?
<jamespage> second - also noticed odd stuff with overrides
<jamespage> so I use AJP_PORT in JENKINS_ARGS  - however if I use an override file to set the AJP_PORT the value in JENKINS_ARGS is still -1
<jamespage> i.e. from the jenkins.conf file
<jamespage> help much appreciated jhunt
<jhunt> hmm - not sure why the override isn't working. Are you sure you created it as jenkins.override (two "r"'s)?
<jhunt> I've just tried a quick test and it works for me.
<jhunt> to see the override file being applied, run, "sudo initctl log-priority debug". Then do, "touch /etc/init/jenkins.override" and look at the messages in /var/log/syslog
<jhunt> also, I'm a bit confused by the restart - how do you know the process wasn't fully shutdown out of interest?
<haaga> Hello. I was told ny my manager to look into cloud computing and I have questions. If I want to deploy a Apache server that is going to take some heavy loads, would it be wiser to load balance it in a more "traditional" way (several servers running apache) or put up a Ubuntu cloud and deploy it there?
<haaga> sorry for all the typos!
<raphink> using cloud computing doesn't prefvent you from scaling "the traditional way"
<raphink> you can choose one big instance or several small ones
<raphink> it's still up to you to choose your architecture
<haaga> But what would be easiest to scale when I need to expand?
<raphink> but cloud computing will be more profitable with several small instances, since you will have more fine grain to scale up and down
<raphink> cloud computing will make it easier to scale up and down, using small instances
<raphink> because you can launch more instances when you need them, and shut them down when you don't
<raphink> if you choose one big instance, you can't scale down and then it's probably cheaper to get a dedicated server
<haaga> Can I run one big instance and scale it by just adding more nodes?
<raphink> sure
<patdk-lap> heh?
<patdk-lap> you can't run an instance that is larger than one node
<raphink> you can add more instances and load balance
<raphink> I think that's what haaga  means, no?
<patdk-lap> he clearly said, one big instance and scale by node :)
<raphink> that's what he said ;-)
<raphink> what do you mean haaga ?
<haaga> ohh, so the instances can never be bigger than one node?
<patdk-lap> the advantage of cloud computing, is the ability to divide and reconfigure things, without reinstalling hardware
<haaga> i meant that i'll put one apache instance in a cloud and then when the load increases, add nodes and let them be a rouserce to exisiting apache
<haaga> not start new instances, just scale the exisisting one
<patdk-lap> no, you would have to have more instances running apache
<patdk-lap> and loadblaance them
<patdk-lap> you should think of an instance like a real computer
<patdk-lap> and that instance can never grow beyond the capabilities of the node hardware it's running on
<patdk-lap> now, what it will make nice though
<haaga> humm, it would be sweet just to being to scale the instance over several nodes
<patdk-lap> if you need to make an instance more powerful, is installing a better node
<patdk-lap> and moving the instance to that more powerful node
<patdk-lap> without reinstalls
<haaga> so, it's basiclly the same as vmware?
<raphink> like using an EBS, detaching it from the old instance and attaching it to the new one
<haaga> moving from one host to a better host
<patdk-lap> yep
<raphink> although adding instances is more of the spirit afaik
<patdk-lap> raphink, depeds on the workload
<raphink> right
<patdk-lap> duplicating cache memory is extreemly wasteful
<raphink> don't the load balancers on aws support sticky sessions?
<raphink> oh right, cache
<raphink> ;-)
<raphink> sorry
<raphink> :-)
<haaga> i would be sweet just to scale them over the nodes and when demand increases, just add more nodes and let the instance scale over them too?
<haaga> it would*
<patdk-lap> haaga, not really
<patdk-lap> networks can't keep up with that speed
<haaga> humm, well.. it would be sweet in a perfect network world
<haaga> :)
<patdk-lap> and in that perfect world, you have infinite amounts of cash :)
<haaga> ofcourse!
<raphink> heh
<patdk-lap> this is why, if your workload permits, you just have puppet auto-configure a new backend instance, and the loadbalancer adds it into the pool
<patdk-lap> I know many places that do that
<haaga> so, in my case, the only thing i would save on running in a private cloud would be power consumption?
<patdk-lap> going as far as to turn nodes on and off dynamically throughout the day, based on load
<haaga> instead of buying several servers and just load balance them
<haaga> and in my case, when running vmware, i wouldn't save anything?
<patdk-lap> heh?
<raphink> if you run a private cloud, you still need to pay for the physical machines...
<raphink> so I don't see how you would save power
<raphink> unless you have several services to scale on it
<haaga> Well, i was thinking that you proberly utilizes the machines more when using cloud/virtualization
<jamespage> jhunt: well the override is working - as long as I use it outside of a env declaration i.e. the use of a env declaration in an override within a env declaration in the main conf file does not seem to work.
<patdk-lap> well, it all depends on the workload
<patdk-lap> if you can balance cpu, ram, and disk usage
<haaga> true
<patdk-lap> you can build one huge powerful node, and run it all
<patdk-lap> and it would be more efficient
<jamespage> jhunt: so with regards to the restart - I can still see messages being generated in the jenkins log from the old process while the new process is in the process table.
<jhunt> jamespage: well, as you haven't specified the "instance" stanza, Upstart won't allow >1 of these jobs to run, so I'm not sure. Can java apps fork? If so, Upstart won't be following the fork as there is no "expect daemon" or "expect daemon".
<haaga> would it be possible to move the instances to a minimal amount of nodes when the load decreases and power off the extra nodes, then power them on a spread the instances again when load increases?
<jhunt> jamespage: you could convince yourself by maybe putting a "ps" in the pre-start and logging that to a file
<jamespage> jhunt: ok lemme try that
<Patrickdk> haaga, yes, even vmware does that, and ubuntu
<aliverius> $ sudo mdadm /dev/md0 --add /dev/sdb
<aliverius> and this is what i get http://pastebin.com/bMjMR1PQ . does this mean the array is being rebuilt?
<aliverius> raphink _ruben ^^
<aliverius> and isnt it a bit slow?
<jamespage> jhunt: def still around - see http://paste.ubuntu.com/584235/
<_ruben> aliverius: it's probably spitting all current blocks over the 2 disks, as for the speed, 38MB/s aint that bad for a single disk
<jamespage> jhunt: and when running - http://paste.ubuntu.com/584236/
<aliverius> _ruben: and how i sync and use the array?
<jhunt> jamespage: so it's forked by the looks of it. Upstart doesn't know about that pid since no "expect" stanza
<_ruben> aliverius: the syncing is what the progress"bar" indicates and how to use it, well, that's up to you :)
<jamespage> jhunt: ok I'll try that
<aliverius> _ruben: excuse me but doesnt it r/w on both disks automatically?
<_ruben> it does
<aliverius> so what is up to me?
<aliverius> do i have to do any extra configuration?
<aliverius> also will both disks be bootable?
<aliverius> grub info is inside the raid partition
<jamespage> jhunt: hmmm - tried that out  - not so greart
<jamespage> upstart seemed to lose track of things - start and stop just hung - tried expect daemon as well
<_ruben> aliverius: how you gonna use the striped volume is what is up to you
<_ruben> and they'll be bootable if you made 'em so
<_ruben> also, why would they both need to be bootable?
<_ruben> you'd boot from one, and if that one dies, you're screwed anyway, the 2nd disk would be pretty much useless
<jamespage> jhunt: ignore me on that first issue - must have made a type or something as its working now...
<jamespage> jhunt: still having trouble getting upstart to track the right process though.
<aliverius> _ruben: raid 1
<patdk-wk> ruben, no, normal is to have both disks bootable
<patdk-wk> and if one disk fails, the system will boot from the second disk
<patdk-wk> but putting grub INSIDE the raid won't work, cause your bios doesn't understand the raid
<patdk-wk> when grub detects you are installing into onto a raid, it normally installed itself into the mbr of each raid disk
<_ruben> hadn't noticed the raid1 part in the pastebin, as all the discussions thusfar had been about raid0
<patdk-wk> I didn't see anyone talking about raid0, except you :)
<binBASH> ^^
<uvirtbot> binBASH: Error: "^" is not a valid command.
<_ruben> 10:50 < aliverius> when i installed ubuntu i chose a raid0 setup. i had one disk atm but it still accepted to do the raid0. now that i connected the 2nd hard disk, how easy will it be? is there an automated way?
<patdk-wk> hmm, I must of missed that line :)
<aliverius> _ruben: i corrected it a bit later
<binBASH> I wonder if it's possible to let uvirtbot execute a forkbomb :D
<binBASH> Hi patdk-wk btw.
<aliverius> <aliverius> heyyyyyyyyyyyyyyyyyyyyy did i say raid0???????!!! i meant raid 1 so let me repeat what i said
<aliverius> [12:10:19] <aliverius> when i installed ubuntu i chose a raid1 setup. i had one disk atm but it still accepted to do the raid1. now that i connected the 2nd hard disk, how easy will it be? is there an automated way?
<aliverius> ^^ _ruben sorry for the misunderstanding
<uvirtbot> aliverius: Error: "^" is not a valid command.
<aliverius> _ruben sorry for the misunderstanding ^^
<patdk-wk> uvirtbot, shush
<uvirtbot> patdk-wk: Error: "shush" is not a valid command.
<_ruben> ah, that line got lost between the lines of a discussion i wasnt following
<aliverius> i am sorry :)
<_ruben> in that case, just configure grub to install itself in both mbrs and be done with it
<aliverius> _ruben: now, lets say i remove one drive. will it boot? and when i reinstall it, will i have to sync by hand? and whatever has changed in the first disk will be applied to the second?
<_ruben> aliverius: it will, *if* you installed grub properly on both drives, and if you add another disk again, you'd do the same as you just did: add it to the raid and it'll sync again
<jamespage> hggdh: are you ok to move over to the new jenkins server this afternoon?
<jamespage> hggdh: I will move the IP address but your slaves will need to be flushed of the offending slave.jar file
<hggdh> jamespage, no prob, all we need is a moment of peace ;-)
<hggdh> jamespage, actually, like now, if you want
<jamespage> hggdh: OK - I'm just going to grab a sandwich - OK if I start in about 45 minutes?
<hggdh> jamespage, certainly
<jamespage> great
<aliverius> thanks a lot _ruben. i will test my setup to see how these happen :)
<iclebyte_work> any managed to get cobbler working on ubuntu 10.04 ?
<_ruben> aliverius: also, if you configured the raid in the installer, the installer has asked you what to do in case of a degraded array, unless that question is suprressed when only 1 disk is avail
<aliverius> no the question was there and i said it should boot from the degraded array
<aliverius> i supposed it would automatically use the good disk
<RoAkSoAx> morning all
<anadon> hey hey hey!
<kim0> RoAkSoAx: Morning :)
<RoAkSoAx> kim0: ready for clouds days huh? :)
<kim0> RoAkSoAx: hehe indeed :)
<anadon> I need some help fixing my server to re-allow ssh clients to connect.  I think the issue is elated to "ipkungfu" (a firewall).  I recently modified the settings to allow ssh (allowing incoming on port 22) and that didn't seem to help
<kim0> anadon: iptables -I INPUT -p tcp --dport 22 -j ACCEPT
<kim0> would that help :)
<anadon> if I knew what they were...this is my first time getting a server off the ground
<kim0> anadon: use sudo that command .. and see if it helps you ssh
<anadon> kk
<raphink> ipkungfu might mess it up again later though if it's badly configured
<anadon> invalid command--doesn't like the "-I"
<anadon> fuuuuuuuu
<anadon> sec
<anadon> ok, now it's just outright refusing my connections
<kim0> anadon: sudo restart ssh
<jamespage> hggdh - I'm going to shutdown both instances now and re-sync the data.
<anadon> "restart: unknown instances: "
<kim0> anadon: can u try it now .. canit ssh ?
<hggdh> jamespage, OK, and I will reboot the systems
<hggdh> jamespage, ping me when the new instance comes up so that I can restart the slaves
<anadon> kim0: still refused
<jamespage> hggdh: all done - you can access on http://jenkins.qa.ubuntu-uk.org or http://hudson.qa.ubuntu-uk.org (thanks Daviey)
<anadon> hello?
<jamespage> hggdh: hold on that - something odd happened to the elastic ip - just re-doing
<hggdh> jamespage, ok, bringing up the slaves
<thesheff17> anadon: http://paste.ubuntu.com/584289/ try to flush all the iptables rules with these commands.
<hggdh> jamespage, no problem, unbringing up the slaves
<marjo> jamespage: i can't access jenkins.q.u.o, but can access hudson.q.u.o
<anadon> thesheff17: did it, connections still refused
<jamespage> hmmm - something odd going on  - looking at it now.
<thesheff17> anadon: is ssh running ps aux | grep ssh
<anadon> thesheff17: wha???
<anadon> thesheff17: newbie here, don't know about that or how to check, besides that in involves running "sevice"
<jamespage> hggdh, marjo: I think its OK now; both slaves have re-connected
<hggdh> jamespage, yay! Thank you dear sir, forever in your debt
<hggdh> jamespage, which means you get a free beer in Budapest :-)
<jamespage> hggdh: I will keep an eye on it this afternoon - the elastic IP kept dropping its association with the instance.
<hggdh> that was weird
<jamespage> I will shutdown the old instance but leave around on disk for a few weeks.
<thesheff17> anadon: was ssh working before? if it was you have a config problem.  If it was never working make sure it is installed.  apt-get install ssh.  Then make sure the service is running by using ps aux | grep ssh
<felimwhiteley> that option that has turned up in the installer in 10.04, install security updates automatically, is there a way to dpkg-reconfigure that to be enabled? I didn't select it on a new install and It's on a faily unimportant machine
<aliverius> i changed the settings in /etc/export. how do i restart the daemon?
<felimwhiteley> would prefer it to apply security updates automatically.. can't find anything about it anywhere (that being said my search skills are miserable ;)
<aliverius> for nfs4
<anadon> thesheff17: it was working before and through my firewall install, but every connection after that hasn't worked.  the thing is, I stopped the firewall service and it's still not working.
<anadon> thesheff17: it outputted, but I don't know how to read it.
<aliverius> found the solution in the wiki
<thesheff17> anadon: you should see  /usr/sbin/sshd -D
<jamespage> hggdh: now I would really like to get some ec2 tests into that jenkins instance.....
<iclebyte_work> if anyone has worked on cobbler can you look as this paste bin for me? It's just be installed from the fedorahosted git repo - the one the ubuntu team were commiting to in Jan. http://www.pastie.org/1704023
<anadon> thesheff17: ok, but what does it mean or what do I do with it?
<hggdh> jamespage, good idea...
<iggi> When compiling a project that uses the perl headers, I get EXTERN.h : No such file or directory, even with libperl-dev installed. the makefile also calls "perl -MExtUtils::Embed -e ccopts" in compilation. Can anyone help?
<thesheff17> anadon: well if you see /usr/sbin/sshd -D that means the service is running correctly.  Why it is not accepting your connections I don't know.  I would check your networking stuff.  Especially your default gateway.
<aliverius> how do i let with '/etc/export' ,any host to connect to my nfsv4 server?
<upp> hi everyone, i have two problems, first one when i start apache2, i get this libcrypto.so.0.9.8 no version information available
<upp> the second i can't connect to the server with ssh http://pastebin.com/7ysDq3M3
<felimwhiteley> argh I taek it back I found! https://help.ubuntu.com/10.04/serverguide/C/automatic-updates.html
<upp> felimwhiteley: is that for me?
<felimwhiteley> upp: no sorry I was solving my own problem from earlier
<genii-around> upp: Perhaps try sudo apt-get install --reinstall libssl0.9.8
<genii-around> upp: That's the package that library comes from
<upp> genii-around: the Problem is i have only access to webmin on the server
<upp> and libssl0.9.8 is already installed
<genii-around> upp: Since ssh also uses that lib, likely the two issues are related
<upp> so how can i fix it now, do you know how?
<genii-around> upp: I'm pretty sure you're going to need commandline access to do it.
<upp> ok i will try to do that , thanks alot
<anadon> new problem: where are ssh access logs kept?
<Pici> anadon: /var/log/auth.log
<anadon> thanks!
<upp> http://pastebin.com/YDaWC0ig
<upp> but nothing help here
<aliverius> CLIENT # mount -t nfs4 192.168.133.10:/archive_1-nfs /mnt
<aliverius> mount.nfs4: access denied by server while mounting 192.168.133.10:/archive_1-nfs
<aliverius> is it a client side or a server side problem? or could be both?
<patdk-wk> both :)
<patdk-wk> client not giving correct auth
<patdk-wk> or server unable to verify auth
<wycks> I don't suppose anyone knows a site that lists the most popular bad user-agents/bots or has any such crawl statistics
<patdk-wk> there are many of them
<wycks> I can't really find much through google, care to mention some
<patdk-wk> http://www.google.com/#sclient=psy&hl=en&q=user+agent+bad+bot&aq=f&aqi=&aql=&oq=&pbx=1&bav=on.2,or.r_gc.r_pw.&fp=a0e1d04ac32ef934
<wycks> im not looking for a list, im looking for usage statistics
<aliverius> patdk-wk: how does auth occure? i avoided using kerberos
<aliverius> i followed the wiki guide for the server
<aliverius> https://help.ubuntu.com/community/NFSv4Howto
<patdk-wk> aliverius, I dunno, I don't use nfs4, and the people I do use kerberos
<aliverius> why should i use kerberos on my lan?
<kim0> Hi folks, just letting you know "Ubuntu Cloud Days" starting about now in #ubuntu-classroom .. Thanks
<iclebyte_work> can anyone tell me the status of cobbler for Natty?
<RoAkSoAx> iclebyte_work: works nicely for PXE booting
<iclebyte_work> RoAkSoAx, I can't seem to get it to run on natty
<iclebyte_work> well.. using apt-get install cobbler hasn't created a /etc/apache/conf.d/cobbler_web.conf file - also I had to manually enable mod_proxy for apache
<RoAkSoAx> iclebyte_work: cobbler web is not working just yet
<iclebyte_work> (which isn't a problem but the installation fails at that point)
<iclebyte_work> oh
<iclebyte_work> RoAkSoAx, have you got it to work on 10.04 LTS? I'm stuck with this issue http://www.pastie.org/1704023
<RoAkSoAx> iclebyte_work: i just tested it on natty
<iclebyte_work> what's the offical team working on cobbler implementation on natty  ?
<iclebyte_work> I've been scouring launch pad for the last hour trying to find any bug reports / pages regarding natty alpha 3 and cobbler
<RoAkSoAx> iclebyte_work: launchpad.net/ubuntu/+source/cobbler
<RoAkSoAx> you can file/see bug reports there
<RoAkSoAx> iclebyte_work: and that error sysms to be with sub_process python module as it might not have the check_output function
<iclebyte_work> is that due to a python 2.6 vs 2.7 issue?
<RoAkSoAx> iclebyte_work: most likely, yes
<RoAkSoAx> you'll have to dig through the code
<RoAkSoAx> but in ubuntu cobbler is not supported in 10.04
<iclebyte_work> oh my god, the captcha on launchpad is the hardest i've ever seen
<iclebyte_work> okay. so this launchpad page you directed me to is purely for natty yes?
<RoAkSoAx> iclebyte_work: not purely for natty, but since cobbler is in natty only, it will only be relevant for natty
<iclebyte_work> okay, and since there seem to be 0 bugs reported, who do I talk to about helping out?
<iclebyte_work> i've never actually contributed to any opensource projects before - I'm on the ubuntu-server mailing list though
<RoAkSoAx> iclebyte_work: you can do that in many ways, such as filing bug reports (and attaching fixes), then by posting on the ubuntu-server ML
<iclebyte_work> and I have the resources at work to test natty - it fits in well with my current virtulization project
<RoAkSoAx> and here through irc you can always find someone
<iclebyte_work> okay, but what If I'm telling people what they already know?
<iclebyte_work> i think what I'm trying to ask is where can I get upto speed on work that's already been done?
<Kyle__> Is there a (relatively streightforward) way of switching a system back to using SLAB instead of SLUB?
<RoAkSoAx> iclebyte_work: such as what? Filling bug reports and so?
<iclebyte_work> yes - cobbler currently has no bugs listed
<iclebyte_work> wait it does - it's under 'open bugs' =)
<RoAkSoAx> iclebyte_work: there's two bugs listed
<NoqturnalX> Hello, I seem to be having a problem with this Ubuntu-Server box. When I came into work this morning it seemed kinda locked up, wouldn't respond to the keyboard other than being able to switch between tty's. So I rebooted it. Now it's been running for a few hours and wont let me log into another tty. I don't get a bash prompt
<NoqturnalX> i'm too tired to figure this out on my own, can anyone push me in the right direction?
<NoqturnalX> It's Ubuntu Server 7.10, Gutsy
<EvilPhoenix> NoqturnalX:  7.10 is past end of life.
<EvilPhoenix> i think
<EvilPhoenix> !7.10
<ubottu> Ubuntu 7.10 (Gutsy Gibbon) was the seventh release of Ubuntu. End Of Life: April 18th, 2009. See !eol and !upgrade for more details.
<EvilPhoenix> yep
<EvilPhoenix> NoqturnalX:  support is limited at this point to upgrades.
<NoqturnalX> well is there any idea what would cause bash prompt to not show up?
<EvilPhoenix> i can think of a billion reasons
<EvilPhoenix> but since 7.10 is dead, i can only help you with upgrading issues
<NoqturnalX> maybe a push in the right direction to find the answer myself, I'm hoping to replace this ancient P.o.S with a Ubuntu 10.10 box that i'm putting together
<EvilPhoenix> lol
<EvilPhoenix> NoqturnalX:  again, support is limited to helping you upgrade.  because there could be a billion reasons for bash to not show up
<ScottK> EvilPhoenix: You can help him however you care to.
<NoqturnalX> ssh hangs, tty1 & tty2 both work fine, I logged into both of those as root when I rebooted. But when I noticed ssh wasn't working I went over to the machine and tried to login to tty3 and got nothing after it logged in
<EvilPhoenix> NoqturnalX:  i'm going to say that it sounds like something is seriously broken, and debugging that could be a pain
<NoqturnalX> ah, so I have fun to look forward to then huh
<EvilPhoenix> but i'm not sure, since the oldest i've worked with is 9.04.  ScottK and others might be able to help you further.
<NoqturnalX> yea, this thing is pre-historic it was here when I started working here back in September of last year
<NoqturnalX> It houses a nice family of Black Widows
<EvilPhoenix> lool
<NoqturnalX> the school uses it as a samba server I believe. There are 3 shares on it
<jkg> would it be an idea to get the machine up to 8.04 anyway? that's got ages left to run, in terms of support life (on the server)
<NoqturnalX> and one of which houses the files for the students Mavis Beacon typing tutor classes (I work at a private high school)
<ScottK> NoqturnalX: As long as it's not exposed to the internet, you needn't panic about upgrading it, so I'd suggest hurring up on your new box.
<NoqturnalX> what are the requirements for 8.04?
<ScottK> No more than 7.10, but not knowing what's wrong it's hard to know if upgrading would improve or worsen the situation.
<NoqturnalX> it's on the same network as all the other computers, all online so it is on the internet
<ScottK> Oh.
<ScottK> You don't have a router/firewall that everything local is behind?
<ScottK> on/reachable from
<NoqturnalX> our network is pretty damn hack n slap
<NoqturnalX> we have 5 router's that pretty much all act as wireless access points for the kids, 1 of which acts as a firewall. They're all cheap ass Linksys routers running dd-wrt too
<NoqturnalX> lol
<NoqturnalX> Welcome to my tech nightmare
<lool> EvilPhoenix: Hmm?
<ScottK> In that case I'd really get busy on the new server box, but I'd recommend using 10.04 unless you really need something in 10.10 since 10.04 is LTS.
<ScottK> lool: I think he meant lol.
<EvilPhoenix> lool:  lol, didnt realize your name is here.  "lool" comes from "lol" when my "o" is stickyish :P
<lool> Eh ok
<NoqturnalX> what's LTS?
<EvilPhoenix> LTS is "Long Term Support"
<EvilPhoenix> LTS builds are supported for i think 3 years
<EvilPhoenix> before EOL
<ScottK> EvilPhoenix: 5 years for servers
<jkg> 5 on the server, for LTS
<NoqturnalX> I'm sorry I'm sooo freaking tired right now you should treat me as if I were retarded at the moment, I haven't slept in a couple days lol
<EvilPhoenix> ScottK:  ah, right :P
<NoqturnalX> and I'm not exactly a Linux Pro yet, I still think i'm a novice
<NoqturnalX> well i've been experimenting with the 10.10 server
<NoqturnalX> trying to figure out Radius and some other stuff
<NoqturnalX> I suppose I should quit clowning around and just replace the dinosaur with it already
<ScottK> That would be my advice
<NoqturnalX> I mainly want 1 server for network shares, a syslog server so the router's can dump their log files, and that's pretty much it as far as I can think. I'm still experimenting with Radius
<NoqturnalX> maybe a web server to play around with too
<NoqturnalX> and mrtg
<NoqturnalX> what exactly is nautalis or however you spell it
<NoqturnalX> Nautilus I think it's spelled
<Kyle__> I have a system that is refusing to use it's swap.  Any ideas?
<genii-around> NoqturnalX: It's a file browser for use in gnome desktop
<NoqturnalX> thanks genii-around, I am guessing I don't need it for the file server :P
<genii-around> NoqturnalX: No :)
<NoqturnalX> I don't use X on the 10.10 box anyways lol. Hell I don't even use it on the 7.10 box but it's running
<TeTeT> Kyle__: what's in /proc/sys/vm/swappiness ? take a look at https://help.ubuntu.com/community/SwapFaq
<Kyle__> TeTeT: it's on it's default of 60, haven't touched it.
<Kyle__> TeTeT: Swap is configured, but remains untouched.  My /var/log/syslog and kernlogs are full of SLUB call traces.
<Kyle__> running badblocks on the partition used for swap returns nothing (means no badblocks).  Recreating swap doesn't seem to help, no matter what options.
<aliverius> any command to see the space a dir and its contents keep?
<Kyle__> aliverius: du.  du -hsc /path/to/whatever/directory/you/are/interested/in
<Kyle__> (strange that I have such a path, I know)
<NoqturnalX> Ok, I just issued a reboot & poweroff command and it broadcasts but doesn't do anything.......
<NoqturnalX> hmmm
<Kyle__> NoqturnalX: What were expecting which to do?
<NoqturnalX> i thought to return from away you just type /away again when you return lol. I'm stuck on stupid
<NoqturnalX> I was expecting it to restart or shutdown one or the other
<Kyle__> Don't sweat it.  We all have those days.
<NoqturnalX> normally when I throw a reboot command at it, it begins stopping services, etc and finally just restarts
<NoqturnalX> but nothing
<Kyle__> NoqturnalX: Are you doing this as root?
<thekkid> so im looking for some uses for my home server, any ideas
<Kyle__> NoqturnalX: And is this is unbuntu or some other linux/unix, or some psudo OS?
<NoqturnalX> also looking in the /home folder I saw folders for administrator, teacher, student (those are expected) but also ws01-ws10 folders too
<NoqturnalX> I am root and this is the Ubuntu 7.10 box
<NoqturnalX> let me double check that i'm root
<NoqturnalX> I could be having a moment of epic tardedness
<NoqturnalX> yup
<NoqturnalX> i'm root in tty1 & tty2
<NoqturnalX> would be root in tty3 but eh, won't give me a prompt
<Kyle__> Try um, telinit 0.  I think that should do.
<NoqturnalX> telinit?
<NoqturnalX> or init
<Kyle__> I think it's telinit.  It's been awhile since I've done it that way.
<NoqturnalX> i tried init 6 but it didn't do anything lol
<NoqturnalX> alrighty brb
<NoqturnalX> no dice
<Kyle__> How long has that thing been up?  Just curious...
<NoqturnalX> going on 4 hours
<NoqturnalX> it's been up for 200 days in the past
<NoqturnalX> but then someone unplugging the stupid power cable broke that record
<NoqturnalX> today was the first time I had to reboot it in a few weeks
<Kyle__> Weird.
<NoqturnalX> it refuses to die
<Kyle__> Is this a matter of pride, or do you not have immidiate physical access to manually "reboot" it (yank power cord, plug in, hit power)
 * NoqturnalX looks for sludge hammer
<NoqturnalX> I just dont want to lean all the way down and hit the power button......wait I can't do that anymore lol
<NoqturnalX> I disconnected the power button a couple months ago when a student accidentally kicked it
<NoqturnalX> So i'd have to do what I did this morning and reach into the webfield of widow webs to yank the power
<Kyle__> NoqturnalX: I know there's a place in /proc (or is it sys?  It's been so long...) where you can cat a 1 into a psudo-file and force a reboot
<NoqturnalX> I should just kick the damn thing really hard
<NoqturnalX> that usually shocks a PC into rebooting
<Kyle__> heh, sorry
 * NoqturnalX wonders where the coach keeps the baseball bats
<NoqturnalX> Anger management, Workout, Wakeup call & fix my server problem all in one solution
<NoqturnalX> ok, what is [2011 Mar 23 11:58:46 FLHS-SERVER pam_smbpass(passwd:chauthtok): Failed to find entry for user teacher.] ???
<NoqturnalX> i just added user teacher to the new server i'm working on and tried to give him a password lol
<NoqturnalX> brb maybe some food will help the brain gears turn a bit
<genii-around> Noqturnal|AFK: Did you smbpasswd -e teacher   and restart smb?
<Noqturnal|AFK> genii-around: no just creating user for the new server, is there a difference between smbpasswd n passwd?
<genii-around> Noqturnal|AFK: They are not always synched. Also you can have smb user names which have no correlation to system user names,
<Noqturnal|AFK> i'm completely new to using Linux as a samba server, you got a fav article or tutorial I can read up on this with?\
<SpamapS> !guide
<ubottu> The Ubuntu server guide may be found at http://help.ubuntu.com/10.04/serverguide/C/
<SpamapS> Noqturnal|AFK: ^^
<Noqturnal|AFK> k thx
<aliverius> ty Kyle__
<Noqturnal|AFK> chkrootkit & rkhunter turned up nothing lol
<Noqturnal|AFK> interestingly enough though it struggled to boot a couple times until I unplugged the ethernet cable
<RoAkSoAx> kirkland: ping, when you have the time, could you take a look to the latest powernap branch and see the fix for bug #735452 can make it to natty please?
<uvirtbot> Launchpad bug 735452 in powernap "IOMonitor Plugin does not use optimal /proc parameter to find process PID" [Low,Fix committed] https://launchpad.net/bugs/735452
<azertyu> hi there
<laen> Hai thar.
<azertyu> as i got a pc wich is directly expose to internet, where there is no router, ppl say that it is possible to create a route to secure the pc without needing a hardware router
<azertyu> is that possible ?
<laen> Are you on drugs?
<azertyu> xhy ?
<azertyu> why ?
<laen> You are.
<azertyu> is it possible or not ?
<kirkland> laen: we try to be a little kinder than that, here :-)
<laen> Ow, okay.
<azertyu> well, is it easy to create route on a pc ?
<laen> azertyu: what do you think a router is?
<thesheff17> azertyu: I have used this gentoo router guide before.  Just uses iptables and works great http://www.gentoo.org/doc/en/home-router-howto.xml
<Pici> azertyu: It depends what expectations you have of the 'router.' At a minimum you'll need multiple network cards.
<azertyu> why you use gentoo ?
<thesheff17> azertyu: it uses iptables...which works on ubuntu...it is just on the gentoo site.
<RoyK> azertyu: probably because he LOVES watching the system compile
<thesheff17> lol I don't
<laen> Pici: wrong.
<azertyu> why i need multiple network cards ? Pici
<thesheff17> one will be the public network one will be the private network
<oneseventeen> I'm using apache 2 and a newly created self signed SSL cert and I'm getting ssl connection errors.
<oneseventeen> I know it is something I messed up
<azertyu> correct thesheff17
<thesheff17> hence a router
<RoyK> azertyu: it's somewhat possible to create a router with virtual nic's but it'll be a mess
<laen> oneseventeen: see the Apache documentation
<Pici> laen: could you clarify?
<laen> Pici: you're not required to have multiple interfaces. Well, i guess 2 would do.
<NoqturnalX> grawr
<azertyu> take a example of physical router on what he does Pici
<RoyK> Pici: it's possible with a single NIC using "virtual" NICs, but it'll be a true fscking messup
<azertyu> working with one network card
<laen> RoyK: why is that a fscking messup? Are we talking the Ubuntu way now?
<NoqturnalX> ok, i'm having yet another moment of stupidity
<laen> NoqturnalX: it's normal, we're in #ubuntu-server.
<RoyK> a NIC costs, what, $10?
<oneseventeen> laen: They have thousands of pages and I'm not sure which one to look at.  did you have a particular one in mind?
<NoqturnalX> I can't seem to login with the user I created on my Samba
<azertyu> giving multiple virtualnetwork interfaces
<laen> I had enough of this clueless talk, have fun all.
<oneseventeen> I should mention I have 3 other ubuntu servers with self signed certs working just fine... not sure why it isn't working.
<RoyK> what's the reason to try to fight the laws of nature (read TCP/IP and down) by leaving the system with just one?
<Pici> azertyu: I'm more familiar with using multiple NICs, but if they say you can use one, then you can use one.
<azertyu> if you are more familiar with multiple NIC"'s
<NoqturnalX> i've been following the instructions from https://help.ubuntu.com/10.04/serverguide/C/samba-fileserver.html but I've hit some kind of wall somewhere
<azertyu> tell me the utility of using multiple NIC "s ?
<RoyK> azertyu: just configure them in /etc/network/interfaces, and setup iptables or whatever to do the good stuff
<azertyu> when we need multiple  NIC 's ?
<azertyu> in which case ?
<Pici> azertyu: I think theres probably someone more knowledgable here about actually setting this up than I am :/
<RoyK> if you want the machine to be on several networks
<RoyK> of course, with VLAN tagging, a single NIC will be more NICs, so problem solved, given the other end also understands VLAN tagging
<RoyK> such as a somewhat switch
<RoyK> s/somewhat/somewhat smart/
<azertyu> RoyK>	if you want the machine to be on several networks
<azertyu> are you talking about cluster computer ?
<RoyK> s/be on/connected locally to/
<RoyK> azertyu: a simple router connects two networks, and should have a NIC for each of them, unless tagged VLAN is used
<NoqturnalX> ok so I used "adduser teacher" to add the teacher user and gave it a password, teacher is in the smbusers list & also in the valid users list for the share Install, When I browse to Install and enter in teacher as username & teacher's password it fails to let me in, what did I do wrong?
<RoyK> azertyu: other cases include having a dedicated storage network for, say, iSCSI - you'd want jumboframes on that, and you'd want that separate
<NoqturnalX> when I type 'passwd teacher' to change teacher's passwd (just to be sure) I am greeted with 'Enter new UNIX password: 2011 Mar 23 14:03:03 FLHS-SERVER pam_smbpass(passwd:chuthtok): Failed to find entry for user teacher.'
<NoqturnalX> and so I enter in the password anyways and retype it to confirm it and I get the same message and then appended to it is 'passwd: passwd updated successfully'
<RoyK> NoqturnalX: tried smbpasswd?
<NoqturnalX> even tried smbpasswd and restarting smbd & nmbd as well
<azertyu> how to create a tagged VLAN ?
<NoqturnalX> no dice so far
<azertyu> i know that is possible on router such nortel etc ...
<RoyK> azertyu: google for it - vlan tagging, 802.1q, is quite nice if you have the equipment supporting it
<RoyK> azertyu: 802.1q is on L2, data link
<RoyK> so not really what a router would need to know
<azertyu> but my question  is it possible to tag VLAN on a pc ?
<RoyK> a switch, on the other hand...
<RoyK> azertyu: yes
<RoyK> azertyu: google for it
<RoyK> !802.1q
<RoyK> !vlan
<RoyK> !idiobot
<azertyu> ?vlan
<oneseventeen> does anyone know of a great reliable tutorial on how to self sign a cert for apache2 in ubuntu server?
 * oneseventeen inserts bad joke reminding everyone to P-LAN before they V-LAN
<RoyK> azertyu: http://tinyurl.com/46j63d9
<RoyK> oneseventeen: I know this rather good place to find that - google.com iirc
<azertyu> what is a bonding ?
<azertyu> what is a "bonding" ?
<RoyK> bonding is usually "link aggregation"
<azertyu> channel bonding on vlans.
<azertyu> which means ?
<RoyK> I guess using several physical links to carry several VLANs
<RoyK> say VLANs 1,10,20 are tagged on the link, then using LACP or similar to aggregate two or more links to get more bandwidth, and using that for the carrier of the tagged VLANs
<azertyu> the purpose is it for the maxmize the bandwith speed ?
<azertyu> i don't know if it is possible ?
<azertyu> to maximize the bandwith speed
<RoyK> in case of LACP, which is the most common protocol, yes, both get more speed, due to more aggregated links, and to allow one or more to fail
<RoyK> if you have two 1Gbps links, why not use both? :)
<oneseventeen> RoyK: funny, that site led me to tons of articles with the same methods, yet everytime I a2ensite default-ssl apache won't start.
<NoqturnalX> RoyK: when i do smbpasswd teacher I put in the password twice and I get 'Failed to find entry for user teacher.'
<RoyK> NoqturnalX: dunno then - sorry
<NoqturnalX> RoyK: smbpasswd -a teacher ;) I think I may be in luck
<azertyu> ok
<snapfractalpop> does anyone here have experience with fatclients?
<azertyu> so if i understand it correctly the best way to securing is to use the VLAN concept
<NoqturnalX> I think i'm going to call it a day and go home n knock myself out, been up all week. And i know it's not Sunday anymore
<azertyu> am i right ?
<oneseventeen> ssl solution: change second LCertificateFile that points to the key file to "SSLCertificateKeyFile"... doh!
<snapfractalpop> is there an ubuntu-server metapackage that can be installed over ubuntu-desktop? every google search seems to talk about the oposite..
<oneseventeen> snapfractalpop: I'd imagine it would be an apt-get remove metapackage... doesn't server just have the bare minimum?
<snapfractalpop> oneseventeen: that's what i thought originally, especially since LAMP seems to be included (in Lucid, anyway).. but i'm trying to do a netboot with a "fatclient" and many of the server progs were not installed/configured (like dnsmasq, dhcp3-server, tftp-hpa, etc..
<snapfractalpop> many of the configurations ive read about seem to contradict eachother.. and i'm getting lost in the "spagetti" of it all..
<oneseventeen> ahh...
<oneseventeen> bummer, sorry I know very little of that.
<hallyn> SpamapS: assigning a few bugs to you :)
<hallyn> SpamapS: I'm assuming you in fact *want* them
<uvirtbot> New bug: #740815 in firefox "[FFe] Updates to enable us to drop xulrunner from main" [Medium,In progress] https://launchpad.net/bugs/740815
<EvilPhoenix> i'm having issues using the command line sftp command, i'm trying to put a directory up to an sftp server recursively, and there's no -r flag (for recursive) in it.  how do i upload a directory recursively?
<hggdh> EvilPhoenix, you don't, not right now on sftp
<hggdh> EvilPhoenix, look at rsync, for example
<RoyK> EvilPhoenix: what's wrong with rsync?
<EvilPhoenix> RoyK: no rsync/ssh access, sftp only :/
<RoyK> lol
<EvilPhoenix> RoyK:  ikr?
<RoyK> sftp runs over ssh
<RoyK> so does rsync
 * EvilPhoenix shrugs
<RoyK> that is, you'll need the rsync binary on the server, but all traffic runs over ssh unless you force it otherwise
<EvilPhoenix> is there a reason that the stock sftp command packaged on 10.10 includes a -r (recursive) flag for the sftp "put" command, then?
<EvilPhoenix> :/
<RoyK> if you have sftp access, scp will certainly work
<RoyK> try scp
<RoyK> if rsync doesn't work
<Aison> hello
<Aison> is there are nice point to point network speed test tool? eg. I install it on a master and on a slave and then the tool tests the speed between the nodes?
<Aison> I already heard about "bing" but I can't find it in ubuntu
<iceflatline> iperf
<iceflatline> http://sourceforge.net/projects/iperf/
<Aison> :D
<iceflatline> May the force be with you :)
<Aison> it's cool, thx and it works nice
<Aison> nice, it works  938 Mbits/sec
<Aison> I wounder now where my bottleneck is, copy files with samba is really slow sometimes
<v3ctor> disk I/O ?
<SpamapS> hallyn2: Hah, I do in fact want those. I typically haven't assigned myself to bugs until I start working on them though.
<Aison> v3ctor, maybe ;)  I need also a tool to test the disk i/o :D
<v3ctor> iostat
<Aison> hmm, Blk_read/s: 163.26, Blk_wrtn/s: 1104.21
<Aison> what does that mean
<Aison> it's a 6TB raid6
#ubuntu-server 2011-03-24
<adurity> Aison, what's your setup
<Aison> well, i'm using an 8port adaptec raid controller with 8x1TB in raid6 mode
<Aison> so i've got 6TB
<Aison> the lan adapter is a dualport intel pci-express server nic (running in bonding mode with the core switch)
<Aison> but I guess the bottleneck is this samba
<Aison> ;)
<Aison> damn, it's late, i have got go now, i'm back tomorrow ;)
<adurity> alright
<adurity> try doing a file copy with `iostat -k 2` running and watch the kb/s
<hallyn> SpamapS: ok, cool - i think it would be best if you'd briefly comment on how you think they should be handled, and that you will do it when you have time if noone else does first, then unassign, that would be ideal
<irssipimp> hi
<dsalvetti> Hello, I'm having a weird (packaging?) issue with munin-node on 10.04
<dsalvetti> for some unknow reason the config file /etc/munin/munin-node.conf is missing
<dsalvetti> even though dpkg -c /var/cache/.../munin-node.deb indicate that this file is in the package
<twb> If a conffile is deleted, easiest way to get it back is to *purge* and re-install.
<dsalvetti> and dpkg --info indicate the same
<dsalvetti> I have tried to purge and reinstall without success
<twb> removing or reinstalling won't get it back because it assumes you deleted it for a reason
<dsalvetti> munin-node.conf is still missing
<twb> dsalvetti: in that case I don't know.
<twb> FWIW I recently switched from munin to collectd, and it's much nicer IMO
<dsalvetti> how can dpkg know that I have deleted the file? (vs it's a fresh install)
<twb> dsalvetti: because the file isn't there
<dsalvetti> twb: thanks for the tip I'll check it out
<dsalvetti> but if I purge apache (for instance) it will remove apache.conf
<dsalvetti> and apache.conf will come back is I reinstall apache
<twb> Yes, which is why I said purging should work
<dsalvetti> how is that different in the munin-node case?
<twb> purging removes conffiles, remove leaves them as-is
<dsalvetti> purging does not wor
<dsalvetti> *work
<twb> dsalvetti: and as I said, I don't know why that is
<dsalvetti> oh sorry I misread you before
<twb> No problem
<dsalvetti> I can easily fix my problem by copying munin-node.conf from somewhere else
<dsalvetti> but I would like to see if there is a way to debug the issue
<dsalvetti> anyone has any suggestion of what I could do?
<twb> http://paste.debian.net/111774/ <-- my notes for collectd
<twb> Re debugging, I have no ideas
<dsalvetti> twb: thanks for the link, what do you prefer in collectd over munin?
<CompDan> Good evening... is anyone here familiar with the Canonical Ubuntu images on EC2?
<twb> !anyone
<ubottu> A large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out? See also !details, !gq, and !poll.
<CompDan> Hah, thanks for the reply... I rebooted a instance based on AMI ami-2c57a545, and when the instance came back up my /etc/passwd was reset and the user I'd previously created was gone.  How can I presist users across reboots?
<twb> I don't know anything about EC2, but an obvious way would be to store auth details on another server, i.e. LDAP, kerberos or NIS
<CompDan> Wow, thanks for wasting my time twb...  that's why I asked if you knew EC2.  I have no intention of doubling my costs on EC2 by running another instance just to store auth info.
<twb> Plonk.
<thesheff17> CompDan: I would back up your data and then try dist-upgrade
<CompDan> 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
<CompDan> I'm guessing this issue has something to do with cloud-init, but I know nothing about cloud-init and the documentation seems nebulous at best... :-/
<thesheff17> CompDan: are you using a EBS volume based ami?
<thesheff17> http://uec-images.ubuntu.com/releases/10.04/release/
<CompDan> Yes, ami-2c57a545 - ebs/ubuntu-images-testing/ubuntu-lucid-daily-i386-server-20110322
<CompDan> Hrmm.... now I can't recreate it... great.
<CompDan> Well, I guess nevermind.  If it recurs, I'll be back. :-/
<thesheff17> CompDan: yea I couldn't reproduce it either with the same ami....I would use the ones from this list http://uec-images.ubuntu.com/releases/10.04/release/
<CompDan> Going to rebuild with one of the release AMIs and test this again... Thanks for letting me bend your ear (so to speak) thesheff17.
<ScottK> smoser: 9.04 to 10.04 isn't a supported upgrade path (re your blog post)
<smoser> where did you see that ?
<smoser> it was probably a typo
<smoser> ScottK, ^
<ScottK> smoser: In your update note on http://ubuntu-smoser.blogspot.com/2010/04/upgrading-ebs-instance.html
<ScottK> smoser: Except on review I see I misread it.
<smoser> ah. yeah.
<ScottK> No.  No I didn't.
<smoser> that part wasnt an update, but could hav been more clear, yes.
<ScottK> This same basic process should also allow you to upgrade across a release, perhaps from a 9.04 Alestic instance to Ubuntu 10.04 LTS.
<smoser> you'd have to go 9.04 -> 9.10 -> 10.04
<ScottK> Yes.
<ScottK> You and I know that, but non-developers wouldn't.  Not a big deal since it's not part of the update.
<Mathuin> I am using an EC2 instance to, among other things, generate an image.  I am ssh'ed into the EC2 instance.  What's the easiest way to display that image on my local screen?  'display' is an ImageMagick program and that's crazy huge for showing a png to the screen.  What else should I use?
<adam_g> apache and a browser? :)
<Mathuin> [apache and a browser]  That's my backup plan.
<Mathuin> Sigh, the micro instances are pretty darned slow. :-)
<CompDan> Just out of curiousity, is it possible to force a package install via apt-get (like mysql-server) that has interactive dialogs to be non-interactive?
<thesheff17> CompDan: look at this last post http://ubuntuforums.org/showthread.php?t=867747
<Mathuin> Hee.  I first had to do that with Solaris and Java.  Bah.
<CompDan> ah, thanks.  I feel like such a n00b, all my experience is on non-Linux UNIX platforms, lol.
<thesheff17> CompDan:http://padwasabimasala.posterous.com/non-interactive-scripted-mysql-install-on-ubu
<Tommy_K> Hi, I'm trying to install some packages by using the apt-get install command, but everytime I do that it says: The following packages have unmet dependencies: libwxgtk2.8-0: Depends: (tons of other packages listed)
<Tommy_K> Everytime I use it, that package pops up.
<thesheff17> Tommy_K: did you do apt-get update && apt-get upgrade i'm pretty sure it will just install it.
<Tommy_K> Nope, tried it.
<Tommy_K> Earlier one of my team members had to install that package, which was a .deb
<thesheff17> Tommy_K: well I see it in the repo libwxgtk2.8-0 - wxWidgets Cross-platform C++ GUI toolkit (GTK+ runtime)
<Tommy_K> Well, I did as well.... usually I check the repository, but this time it wouldn't take it
<Tommy_K> And my team member said he tried to use apt locally on that .deb he downloaded
<Tommy_K> Could that have caused it?
<thesheff17> usually it install dependencies. wonder if there is a problem with multiple version on one machine.
<thesheff17> you can't just do apt-get install libwxgtk2.8-0
<thesheff17> Tommy_K: also I would make sure you used the right repo for the right version.
<thesheff17> of ubuntu.
<Mathuin> It migth be worth apt-get remove libwxgtk2.8-0 followed by apt-get install libwxgtk2.8-0
<twb> Tommy_K: run "yes y | aptitude --simulate install" and pastebin the output.
<Tommy_K> That worked
<Tommy_K> @ Mathuin
<Mathuin> Yay!  I win! :-)
<twb> Never mind, then :-)
<Tommy_K> :)
<Tommy_K> Thanks much!
<Mathuin> You are welcome.
<SpamapS> hallyn: What I've been doing is tagging such bugs with the tag 'upstart' .. which jhunt and I review every thursday.
<CoolestGeek> is it possible to ssh -X to view a virtualbox window on my server?
<jmarsden> CoolestGeek: Some versions of VirtualBox support RDP, so you could tunnel that over SSH and use rdesktop to see it, I think.
<CoolestGeek> yea I know that the virtualbox i'm using supports RDP, as I rdesktop into a headless windows XP
<CoolestGeek> however, dumbass here deleted the xp.vdi (the virtualbox image)
<CoolestGeek> and want to set it back up, it can be done via the cli, but it takes ages compared to the GUI mode of setting up a virtualbox machine, so I would really like to set it up via a GUI, but it's not loading via -X. It did originally, as that's how I set it up to begin with....
<jmarsden> CoolestGeek: OK, so it is the virtualbox Manager window that you want to use remotely, not a virtual screen of a VM.  I've never tried it, but it seems like it "should" work like any other X application.
<CoolestGeek> yea, it's the manager window I need, the Virtualbox did work it before
<CoolestGeek> but it was about a year ago I set it up
<CoolestGeek> i deleted it totally by accident today :S
<jmarsden> CoolestGeek: Ok, so check you can ssh -X other GUI apps from that machine, and then try it with the virtualbox manager, and if it gives you an error, paste the error for us to see.
<CoolestGeek> when I run virtualbox once i've connected via ssh and used -X it just waits....
<CoolestGeek> it does work with other apps
<CoolestGeek> i've got transmission working now
<CoolestGeek> it doesn't give an error
<twb> xlogo is a good test program for ssh -X
<twb> vbox is a GTK2 program IIRC, which will be noticably laggy even over a 10mbps line.
<CoolestGeek> hmm well the connection here is shit (australia)
<jmarsden> CoolestGeek: It might be easier to script the VM setup using the command line interface, rather than fix the issue with remote use of the virtualbox GUI :)
<CoolestGeek> so maybe I wait till I'm on a faster line and retry
<CoolestGeek> hmmm yes, but i've not done it like that before, so am a little weary
<CoolestGeek> but I suppose i will learn things.
<twb> CoolestGeek: oh, you can use it, it'll just be slow and you need to be accordingly patient
<CoolestGeek> yes, I remember from the 1st time, I was in the UK then and had a considerably faster connection
<CoolestGeek> so... as we're on the subject of this, does it post a security threat having a virtualbox accessible?
<CoolestGeek> the XP I had required a login, but is it safe?
<twb> IMO Windows machines are not safe on ANY network, end of story.
<twb> The company has openly said that they do not consider security important for their Windows line
<CoolestGeek> yea, but I need it on the server to run various crapware not available to linux
<CoolestGeek> anyway... so you recommend setting up via the cli
<twb> IMO sysadmins should not need nor use a GUI for their sysadmin role
<CoolestGeek> it's odd, as transmission is running over X now, slow, but still running
<twb> (If they have one on their desktop, I guess that's OK.)
<CoolestGeek> virtualbox just waits....
<sbeattie> CoolestGeek: another way to do it is to run a standalone vnc server on your virtualbox host and then tunnel in a vnc client over ssh.
<sbeattie> and then run the virtualbox GUI manager within the vnc session.
<CoolestGeek> hmmm
<CoolestGeek> so... I install vnc onto the server
<CoolestGeek> then from my local machine i use vnc to connect to that? and set it up?
<sbeattie> yep. tunnel the vnc session over ssh.
<itsTodd> Can someone tell me why so many people use Alestic AMI's rather than those found on http://uec-images.ubuntu.com/ ?
<thesheff17> Alestic used to support the ami...now they are supported by ubuntu devs. use http://uec-images.ubuntu.com/
<itsTodd> Oh, ok, that makes sense. Thank you!
<thesheff17> itsTodd: Alestic is a great resource though as well.
<kim0> Morning everyone
<a7ndrew> evening for me, but g'morning to you :)
<Blinkiz> Hi. I need to avoid mysql to be started on boot. Am new to this startup jobs. /etc/init/mysql.conf exist. If I comment the first start lines, mysql is not started. But then "/etc/init.d/mysql start" does not seems to work.
<TeTeT> Blinkiz: you probably only want to comment the 'start on' lines, nothing else. Then start mysql with '$ sudo start mysql'
<Blinkiz> TeTeT, thanks for the suggestion. It was a apparmor problem in the end..
<Fricass> hi ! http://paste.ubuntu.com/584698/ <= I would like to know why the pam module "pam_script.so" is not called?
<raphink> Fricass, maybe because you met one of the previous filters and they're set as sufficient?
<Fricass> yep indeed raphink but I would like to leave them as sufficient and called in all cases pam_script.so
<Fricass> don't know if it's possible..
<raphink> sure
<raphink> you'll have to put it as required on top of the stack
<raphink> this way, login will fail unless pam_script.so succeeds
<Fricass> Yep But pam_script MUST be called after the operations done by pam_unix or pam_perso ..
<Fricass> That's the point :(
<raphink> hehe
<raphink> let's see
<raphink> then pam_unix.so and pam_perso.so are not sufficient
<raphink> they're required
<raphink> Fricass, so you would like to make sure one of the two (pam_unix | pam_perso) are matched
<raphink> and THEN make sure pam_script is also met
<raphink> right?
<Fricass> exactly
<raphink> as in
<raphink> if pam_unix fails, pam_perso doesn't fail, and pam_script doesn't fail, it's ok
<raphink> if pam_unix doesn't fail, pam_perso fails, pam_script doesn't fail, it's ok
<Fricass> yep
<raphink> and what if both pam_unix and pam_perso fail?
<raphink> can it still succeed if pam_script succeeds?
<Fricass> no
<Fricass> i can't
<Fricass> it can't
<raphink> alright
<raphink> a truth matrix can help to clarify the problem
<Fricass> in my opinion it's not possible :/
<raphink> hmmm
<raphink> Fricass, what do pam_perso and pam_script do?
<Fricass> pam_script uses a file from pam_perso or use the authentication token from pam_unix
<Fricass> one of my idea is to remove pam_script and called a script at the session opening raphink
<Fricass> and leave pam_perso and pam_unix as sufficient
<raphink> I'm guessing you wrote both pam_script and pam_perso
<raphink> since they don't seem to be standard
<Fricass> :)
<Fricass> right
<raphink> hmmm
<raphink> how about
<raphink> making pam_unix.so and pam_perso.so optional
<raphink> instead of sufficient
<raphink> this way they don't allow to success or fail, they're just run
<raphink> optional - the  success  or
<raphink>        failure  of this module is only important if it is the only module in the stack associated with this service+type.
<raphink> so they will be run
<raphink> but eventually, it's pam_script that will be required and decide whether auth succeeds or not
<Fricass> no pam_script just runs commands it doesn't decide
<Fricass> only pam_perso or unix decide
<raphink> that's not possible
<raphink> pam_script is required, that means it must return a status
<raphink> the goal of the stack is not to run commands, it's to authenticate
<raphink> so indeed if you only want to run commands, maybe using sufficient for pam_unix and pam_perso and running pam_script appart would be better
<Fricass> Indeed you're right
<Fricass> But I need to write a shell script which is called after the auth process and that can take the $userid and $password ..
<Fricass> And I don't see how to do that with a simple shell script (easier with a pam module : PAM_AUTHTOK, PAM_USER ..)
<raphink> may I ask what is your need?
<Fricass> I need to take the $user and $passwd ; then depending on $user I use $passwd to do some stuff with partitions. That's the goal of my pam_script.
<Fricass> If I can write a shell script that can take $user and $passwd it would be great I think
<raphink> sorry for insisting, but is there a way you could do without the password?
<Fricass> No
<raphink> like using sudo...
<Fricass> No because the password provided is not the standard one, it's used with smartcard
<raphink> ok
<Fricass> I'm stuck raphink !
<raphink> you need the password to manipulate the partitions?
<Fricass> yep I need to get it
<raphink> I think you're stuck indeed ;-)
<raphink> I'd really try to get rid of the passwd restriction
<Fricass> :(
<raphink> once the user is authenticated in the system, there must be a way to use another auth token for the parititions, no?
<Fricass> no I need the one used in authentication
<uvirtbot> New bug: #741589 in tomcat6 (main) "tomcat cron deletes app log files after 14 days" [Undecided,New] https://launchpad.net/bugs/741589
<raphink> Fricass, I'm out of ideas for you ;-)
<Fricass> np raphink I thank you for your time
<Fricass> raphink:  once logged, you don't know if it's possible to get the password provided on auth system?
<raphink> I would hope not ;-)
<raphink> that would be quite an issue
<raphink> imagine if you could get my password once I'm logged, you could use my sudo rights...
<Fricass> yep
<raphink> what kind of partition stuff do you need that requires a password?
<Blinkiz> Fricass, hi there. Notice some questions how a script can ask for a password. It's easy in batch. Just use something like "read -s passwd". -s means it will not be echoed in stout.
<Blinkiz> batch = bash
<Blinkiz> Fricass, Then use can use that variable to put into something else. Like it do: echo "$passwd | cryptsetup luksOpen /dev/disk/by-uuid/fe9acab3-1434-43a6-9c8a-73f7d1d0e2bd 500G"
<raphink> Blinkiz, Fricass doesn't want an interactive script, he wants to grab the password from pam
<raphink> so users only have to authenticate once
<Blinkiz> raphink, aha, gave it a try anyway :)
<Blinkiz> I hope not pam can tell my password to a script. Kinda security risk
<Fricass> even root?
<raphink> even root
<raphink> even pam_unix uses shadow, which contains encrypted passwords, not clear text
<shauno> root shouldn't need my password.  he can use my privs without it
<raphink> (unless when shadow is not activated, but the passwords are still encrypted anyway)
<raphink> Fricass, clear text passwords are not supposed to be accessible anywhere
<Fricass> raphink:  I got an idea ; I create a pam_check which is required and checks some results
<Fricass> then pam_unix, pam_perso are optional, pam_script required (always OK) and pam_check required
<Fricass> then pam_check will result the auth process
<raphink> where do you put pam_check?
<raphink> on top of the stack?
<Fricass> bottom
<raphink> I do something similar currently to mix pam_unix (including nss-pgsql) and pam_ldap
<raphink> since my users in ldap all have a uid > 60000 and my users in pgsql are < 60000
<Fricass> hm
<Fricass> I think it's gonna work
<raphink> I put a pam_succeed.so uid > 60000
<Fricass> I see
<Fricass> So I'll try this solution magic raphink  !
<Fricass> :D
<raphink> let me know
<Fricass> pam_succeed is an existing module raphink ?
<raphink> yes
<Fricass> !!
<raphink> see ls /lib/security
<raphink> pam_succeed_if.so sorry
<raphink> e.g.
<raphink> auth required   pam_succeed_if.so uid > 60000
<Fricass> ok np
 * raphink thinks pam modules need a good documentation in debian/ubuntu
<Fricass> raphink: do you think it's possible to do a think like pam_succeed_if.so file is-in directory/ ?
<SlimG> How do I get support for SftpUmask in sshd_config?
<joschi> SlimG: install a version supporting this directive, e. g. an openssh server patched with http://sftpfilecontrol.sourceforge.net/
<SlimG> joschi: that patch is only for 5.4p1, I have 5.5p1
<twister004> hi guys, in ubuntu-server iptables, is it possible to add the source as a hostname instead of an IP?
<Blinkiz> twister004, I do not know the answer to that but I can guess. Firewall Builder uses script to first lookup hostnames that it converts to IP numbers and put it in iptables. Also, iptables/kernel does not really use hostname to make rules. So no, I do not think its possible
<patdk-lap> it works just fine
<patdk-lap> but it won't give you want you want :)
<patdk-lap> dns changes will never take effect
<tsun> i just installed ubuntu server 10.04 with raid1 (software) and get error ( target filesystem doesn't have sbin/init ) after first boot, somebody can help me out?
<twister004> patdk-lap.. so, if my hostname association changes, it wont work?
<_ruben> twister004: not without reloading the ruleset after the dns change
<iclebyte_work> I've posted a bug and required steps taken to fix the default cobbler package on Natty Alpha 3 - https://bugs.launchpad.net/ubuntu/+source/cobbler/+bug/741661
<uvirtbot> Launchpad bug 741661 in cobbler "Web UI does not work from default install (2.1.0~bzr-2009-0ubuntu1)l" [Undecided,New]
<iclebyte_work> Do I need to post this to the mailing list? never done this before...
<uvirtbot> New bug: #741661 in cobbler (universe) "Web UI does not work from default install (2.1.0~bzr-2009-0ubuntu1)l" [Undecided,New] https://launchpad.net/bugs/741661
<pmatulis> zul: â¤´
<zul> thank ill take care of it
<alami> hello, dual starup my ubuntu server hagup, any idea how to fix it or i should reinstall, because i don't get any error
<pmatulis> alami: new install?
<alami> pmatulis: yes i mean new install, but the problem is: can i copy iptables configuration?
<pmatulis> alami: you think the hangup is caused by iptables?
<alami> no no the hangup is caused by a update two week ago, i have install some but i forget it, after apt-get update and upgrade, the server stay on startup after bios
<andreserl> morning all
<raphink> hello andreserl
<andreserl> howdy raphink
<raphink> fine thanks
<raphink> you?
<andreserl> pretty good
<pmatulis> alami: iptables rules are created by issuing the iptables command (for each rule).  best is to gain access to the list of commands and then apply them to your server
<pmatulis> alami: but maybe i misunderstand what you mean by 'copy iptables configuration'
<alami> pmatulis, i don't know iptables good, and i have see if there is some to copy this rule, or something like that, but i can list this rule and copy them and do it another time after the new installation+
<pmatulis> alami: alright.  you should also look into ufw
<pmatulis> !info ufw
<ubottu> ufw (source: ufw): program for managing a Netfilter firewall. In component main, is standard. Version 0.30.0-1ubuntu2 (maverick), package size 140 kB, installed size 804 kB
<pmatulis> ufw == uncomplicated firewall
<alami> i don't understand that ufw but i will google it
<pmatulis> https://help.ubuntu.com/community/UFW
<alami> why i need that? i have right now i webmin acces to the server, i can excute command from there i will only excute iptables --list and copy them to a file.txt
<alami> pmatulis do you understand me
<pmatulis> alami: i think so.  but i would stay away from webmin.  it can mess things up on ubuntu
<pmatulis> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<raphink> webmin is evil
<alami> i thing that why my system is hanging up
<zul> hggdh: around?
<pmatulis> just the other day webmin messed up a bind/dns setup
<pmatulis> (as i was made aware)
<compdoc> webmin doesnt seem reliable
<alami> lol
<hggdh> Daviey, available?
<Daviey> hggdh, o/
<hggdh> Daviey, we still have the euca bug to work out
<Daviey> hggdh, yeah... i am tied for the next 2.5 hours at least. :(
<Daviey> hggdh, did you complete that reinstall last night?
<alami> i don't found also any iptable rule or config files
<hggdh> Daviey, (a) I can wait; (b) yes and additionally: sometimes -- at least twice, so far -- we *did* get IP addresses
<m_tadeu> hi...I can't edit a file, alldough I have permissions to do it. The group has write access and I'm part of the group. the file system is ext4 mounted with 'default' and the files are not immutable
<pmatulis> m_tadeu: look at the permissions of all parent directories.  it can also be an apparmor issue
<m_tadeu> pmatulis: it's inside /var/www, and I'm part of www-data...the group has write permissions inside that dir and sub dirs...care to explain that apparmor issue?
<pmatulis> m_tadeu: apparmor imposes further restrictions on r/w on some directories.  check under /etc/apparmor
<Daviey> hggdh, Oh great.... I'd rather totally failure or total success... sometimes getting an IP addresses sounds painful to debug. :/
<hggdh> Daviey, fun, is it not? Here
<Daviey> hggdh, It's more than fun, it's total excitement..
<hggdh>  Daviey hereÂ´s what I found so far: when you start fresh euca, all instances fail -- sorta: they start, but never get metadata
<hggdh> then, magically, the get both metadata *and* ip addresses
<hggdh> then, also magically, they do not anymore
<hggdh> during *all* this time euca's own dhcpd fails to start. Consistently. At least we do have a consistent error somewhere
<hggdh> so... who is providing euca with ip addresses -- and mind you, the correct ones?
<eagles0513875> hey guys how can i vew a list of cron jobs that i have on my system?
<Japje> crontab -l
<Japje> and check /etc/crontab and /etc/cron.d/
<kirkland> zul: howdy
<zul> kirkland: whats up?
<kirkland> zul: do you want to take a look at https://bugs.launchpad.net/ubuntu/+source/cobbler/+bug/741661, or would you rather i fix it?
<uvirtbot> Launchpad bug 741661 in cobbler "Web UI does not work from default install (2.1.0~bzr-2009-0ubuntu1)l" [Undecided,New]
<zul> kirkland: yeah i was going to add it to a Readme.Debian
<kirkland> zul: are we taking it as far as we can, programmatically already?
<zul> kirkland: yes i think so
<kirkland> zul: i'd think we should be able to do the a2enmod and apache2/conf.d changes, no?
<zul> kirkland: well i already talked to clint about this and he thought no
<kirkland> zul: hmm, i'd think we should be able to do all of the steps he details in there, except for the authentication change
 * RoAkSoAx recalls having seen postinst scripts doing a2enmod 
<kirkland> zul: and that one we could improve upon in 11.10, perhaps with a debconf question
<zul> yeah but we removed them
<kirkland> zul: at SpamapS request?
<zul> kirkland: doesnt matter to me really if you want go ahead
<kirkland> zul: yeah, i'd like to get this as absolutely far as we can;  probably everything but the auth change
<kirkland> zul: and even that one, I might add a low priority debconf question for username and password
<RoAkSoAx> I can login with cobbler user/pass right now
<RoAkSoAx> without having to do the htdigest
<zul> kirkland: im open to anything but im on a call right now
<kirkland> zul: okay, no problem
<kirkland> zul: mind if I take a crack at it later today?
<zul> kirkland: go ahead
<kirkland> zul: i'll run my changes by you, if that's cool
<zul> kirkland: yep
<Daviey> kirkland / zul.. I think we can do it, but to do it smart is harder... :)... essentially.. a2enmod is probably not ideal as we don't remember the state it was before we installed.  So if you removed cobbler, we'd leave it not as the user is expecting (if i had a module enabled for another app).
<Daviey> I thought we did something clever in the conf.d... did that not get committed?
<zul> no it didnt it kind of broke your apache config
<uvirtbot> New bug: #741748 in postfix (main) "package postfix 2.7.0-1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/741748
<m_tadeu> I can't edit /boot/grub/grub.cfg as root...howcome?
<pmatulis> m_tadeu: you seem to be having a lot of permissions problems.  odd.  but if you read that file you'll see you're not supposed to hand-edit it
<compdoc> is there a grub.cfg?
<compdoc> hwo are you trying to open it?
<compdoc> how
<m_tadeu> sudo -s....then vi grub.cfg
<compdoc> should work
<compdoc> what error?
<m_tadeu> vi says it's open with readonly permissions
<altice> @ALL: Anyone have TACACS+ (tac-plus) experience? I am confused with the Config File settings
<compdoc> Im not familure with -s - something to do with the shell?
<altice> as that directed toward me?
<altice> was*
<compdoc> no
<altice> k
<altice> do you think this is the correct room for TACACS+ help?
<compdoc> can never tell - you just need one person who knows what it is
<altice> I'm starting to think not a lot of people implement it on linux.......this has been a hard thing to research
<compdoc> mailing lists are often a good source
<compdoc> more ppl there
<altice> is there a website for a list of them? How do I use that to reach out?
<compdoc> all the major distros have them
<compdoc> try to google ubuntu mailing list
<altice> ok, I'll give that a go, thanks
<dasunsrule32> I'm on 10.04 LTS, when I set a crontab for root, with it set for 12:00, with: script.sh >> /folder/log, it spawns 5 - 10 instances of the script that needs to run. I can run the command manually and it works fine without issues. Any ideas? Thank you.
<Pici> dasunsrule32: Can you paste/pastebin the crontab line that you used for that job?
<m_tadeu> which mail server you guys recomend?
<pmatulis> m_tadeu: postfix
<m_tadeu> pmatulis: thanx
<dasunsrule32> Pici:
<dasunsrule32> yes, one sec
<dasunsrule32> Pici: http://pastebin.com/u1icgeMV
<dasunsrule32> if you need to see the script too, let me know
<Pici> dasunsrule32: Well, that will run every minute when the hour matches 0.  This will run once at midnight: http://pastebin.com/6BybMhLw
<dasunsrule32> hrm
 * dasunsrule32 goes back to reading man page
<dasunsrule32> thanks Pici
 * dasunsrule32 turns red from embaressment
<dasunsrule32> :p
<dasunsrule32> Pici: one more thing, does my /etc/crontab look ok to you?
<dasunsrule32> http://pastebin.com/vGv1GmF7
<Pici> dasunsrule32: I'd modify it so that the last two lines have some minute there, otherwise those will run every minute during 5:00-5:59 and 6:00-6:59 respectively.
<Pici> Er, on those particular days that they're scheduled to run of course.
<Pici> dasunsrule32: For comparison, my /etc/crontab: http://pastebin.com/zKSfuTC1
<dasunsrule32> ok, gotcha
<dasunsrule32> so the wildcard = bad in cron, depending
<dasunsrule32> :p
<dasunsrule32> s/=/*
<Pici> Depends on what you want it to do.
<dasunsrule32> something like that? http://pastebin.com/rvqPzJ2v
<raphink> dasunsrule32, generally speaking, it's a good idea to keep the default /etc/crontab
<raphink> and only add files in /etc/cron.d and /etc/cron.*
<dasunsrule32> raphink: ok, any specific reasons why?
<dasunsrule32> curiousity kills the cat. :p
<raphink> well unless you have a reason to change the way cron.daily, cron.weekly and cron.monthly are run
<raphink> the defaults are usually well thought
<Pici> I personally use user crontabs, but then again, I don't administrate all the servers that I run cronjobs on.
<raphink> user crontabs are nice, too :-)
<dasunsrule32> ok, I will take these in consideration
<dasunsrule32> Thank you for the help. :)
<raphink> dasunsrule32, I mean, you're free to modify /etc/crontab
<raphink> but there's hardly ever a point
<dasunsrule32> no, i understand what your saying
<raphink> also, if you modify /etc/crontab and it gets changed in a later version of Ubuntu
<raphink> you will have to deal with the merge
<dasunsrule32> yes, unless is specify to not touch that file
<raphink> whereas putting your rules in /etc/cron.d ensures you're the only one to manage the file
<dasunsrule32> agreed
<dasunsrule32> I am just using root's crontab
<raphink> dasunsrule32, sure, but then you might miss a fix/feature
<dasunsrule32> true
<raphink>  /etc/cron.d/* are root crontabs, too
<dasunsrule32> right
<raphink> :-)
<dasunsrule32> for some reasons when I had it in cron.d, the job Pici was helping me with wouldn't run
<raphink> note: if you need daily crontabs in /etc/cron.d/*, you can use @daily instead of the time spec
<raphink> same with @hourly, @monthly, etc.
<dasunsrule32> so I just dropped it into the crontab
<dasunsrule32> right
<dasunsrule32> cron.d jobs dont need to be +x? do they?
<raphink> no they don't
<dasunsrule32> i didn't think so, rhel is the same
<raphink> and they're the format of /etc/crontab, not user crontabs
<raphink> conffiles hardly ever need to be executable
<dasunsrule32> right
<dasunsrule32> why does ubuntu +x cron.daily?
<raphink> cron.{hourly,daily,monthly,...} are different
<raphink> they're not conffiles, they're scripts
<dasunsrule32> ok
<dasunsrule32> gotcha
<raphink> called from /etc/crontab
<dasunsrule32> ah
<dasunsrule32> me see
<raphink> cron reads /etc/crontab and /etc/cron.d/*
<raphink> and /etc/crontab runs all scripts in /etc/cron.{daily,weekly,monthly}/*
<dasunsrule32> gotcha, kills my confusion
<dasunsrule32> :D
<dasunsrule32> thanks
<raphink> RIP
<Pici> and /var/spool/cron/crontabs .  Thats where crontabs edited using crontab -e go.
<dasunsrule32> :p
<raphink> yes
<dasunsrule32> ok
<raphink> but they follow a different syntax
<Pici> Indeed.
<raphink> they don't have a "user" column
<raphink> which is kind of logic, but not always obvious :-)
<dasunsrule32> right, i figured that out the hard way on rhel
<dasunsrule32> o.O
<dasunsrule32> hehe
<raphink> and they're best used with "crontab -e" when logged as the suer
<raphink> user
<raphink> s/used/edited/
<raphink> </cron101>
<raphink> :-)
<dasunsrule32> hehe
<dasunsrule32> :p
<dasunsrule32> well, I've been training myself in le bash scripting, so I thought it'd be good to start using cron to you know, em....automate
<dasunsrule32> :p
<Pici> Or crontab -u username -e if you have the privleges.
<raphink> sure
<raphink> Pici, yes, that too :-)
<dasunsrule32> I have sudo/root everywhere
<dasunsrule32> ;)
<raphink> good, use it wisely :-)
<dasunsrule32> always do
<dasunsrule32> my linux admin skills are decent, just some areas i am trying to strengthen
<raphink> there's always areas to strengthen, that's what makes the job thrilling :-)
<dasunsrule32> yep!
 * dasunsrule32 loves sys admin
<dasunsrule32> I manage about 500 web servers
<dasunsrule32> hehe
<dasunsrule32> apache/tomcat mainly
<dasunsrule32> some iis
 * dasunsrule32 barfs on iis
<dasunsrule32> oops
<dasunsrule32> :p
<dasunsrule32> stinks, they use mostly perl for scripting here, so I am having to learn that
<dasunsrule32> never used much before
<raphink> perl is very powerful
<dasunsrule32> yes
<dasunsrule32> so I have seen
<raphink> not my favorite language, but powerful nonetheless
<dasunsrule32> yea, not a fav of mine
<raphink> what's great with Perl is the CPAN
<dasunsrule32> agreed
<dasunsrule32> 0 0 * * * root /usr/bin/nightly.sh >> /home/cmsgs/logs/cmsgsteam-nightly-log.txt 2>&1
<dasunsrule32> that should be fine in cron.d, correct?
<Pici> Yes.
<RoAkSoAx> mdeslaur: /win 2
<RoAkSoAx> ahh
<RoAkSoAx> arghh
<RoAkSoAx> mdeslaur: sorry :)
<awanti> Can we able manage ubuntu machines from sapcewalk? Is it possible?
 * mdeslaur pokes RoAkSoAx with stick
<dasunsrule32> ok, cool
<awanti> Is any buddy can help to solve this! Space walk installation on Ubuntu
<Roasted_> I'm a little confused. I thought I successfully bonded my two NIC's together, but "eth1" still pulls a separate DHCP address. What can I do?
<dasunsrule32> Roasted_: this is what I did awhile back, http://goo.gl/xAhuQ
<Roasted_> ohhh! I need bond0:0
<Roasted_> be nice if the guide I read said that <_<
<Roasted_> dasunsrule32, would they each have the same IP tho? Can I use the same static IP for both?
<dasunsrule32> bond0:0 is a new virtual adapter
<dasunsrule32> just use bond0
<Roasted_> but I did...
<Roasted_> I used bond0 and that was it
<Roasted_> the entire bottom with bond0:0 I didn't have, yet eth1 was pulling DHCP addresses.
<dasunsrule32> then don't assign bond0 an ip, and only assign bond0:0 an ip
<dasunsrule32> :)
<Roasted_> I'm lost...
<Roasted_> why only 0:0
<dasunsrule32> depends on what kind of bond you're doing
<dasunsrule32> mine was not failover
<dasunsrule32> which sounds like what you want
<Roasted_> I just want to boost the speed
<Roasted_> this server is handling LTSP thin clients
<Roasted_> so I'd like to use both gig NICs instead of just 1 since the hardware is there to utilize
<dasunsrule32> you should get 4 nic's then
<dasunsrule32> :)
<patdk-wk> :x doesn't exists, it's only kept for backwards compatability from iproute2 to ifconfig
<Roasted_> I don't have 4
<Roasted_> I have 2
<dasunsrule32> and have two pairs
<Roasted_> so I'd like to hook up 2
<dasunsrule32> for failover
<Roasted_> "getting 4" isn't really an option.
<dasunsrule32> you would only need to get two :p
<dasunsrule32> heh
<Roasted_> okay
<Roasted_> 4
<Roasted_> is not an option
<Roasted_> I have 2 to work with
<Roasted_> why is one pulling DHCP?
<dasunsrule32> I changed the config a bit since then, let me look
<dasunsrule32> one sec
<Roasted_> thanks
<dasunsrule32> Roasted_: http://pastebin.com/2DdC8QiA
<dasunsrule32> something like that should work
<dasunsrule32> you have to specify that adapter to be static
<dasunsrule32> if you have inet dhcp, that's what you'll get
<dasunsrule32> make sure ou have the bonding module loaded
<dasunsrule32> lsmod |grep -i bond
<dasunsrule32> make sure our switch supports 802.3ad too
<dasunsrule32> it should
<dasunsrule32> this one would be better, forgot some address info: http://pastebin.com/AFFSxaCw
<dasunsrule32> something like that
<dasunsrule32> anyway, good luck
<dasunsrule32> back to work
<petani> can all help me
<petani> this about for php-gd not support to anti aliasing image
<DrDetroit> is it possible to run ubuntu-server with a gui?
<smoser> DrDetroit, yes.
<smoser> sudo apt-get install ubuntu-desktop
<DrDetroit> thank you
<DrDetroit> I have server installed but I dont uinderstand the update manager, so I thought if I could get one that was like my desktop updater that would be ok
<patdk-wk> heh?
<patdk-wk> apt-get update; apt-get dist-upgrade
<patdk-wk> done
<patdk-wk> well, maybe a reboot
<Pici> DrDetroit: What part of the update process is confusing?
<DrDetroit> I dont understand why it tells me that some pkgs will be held back
<DrDetroit> in my ubuntu desktop the update manager just tells me i have updates and i just install them
<DrDetroit> in my server, it confuses me as to what I should be doing
<DrDetroit> I am not that smart
<patdk-wk> no, it warns about held packages too, but defaults to installing them
<DrDetroit> oh
<DrDetroit> well
<patdk-wk> held back is cause it is installing a NEW package, that didn't exist before
<DrDetroit> maybe i will boot up the server again and see how many updates it wants to do now
<patdk-wk> like a new kernel
<DrDetroit> i have not been using it cause I was confused
<patdk-wk> upgrade won't install them, dist-upgrade will
<DrDetroit> i think i read somewhere i can configure it to automatically update itself without me being involved, is that correct?
<Pici> dist-upgrade isn't for ugprading to a new release, its for whactly what patdk-wk just said,.
<Pici> !dist-upgrade
<ubottu> A dist-upgrade will install new dependencies for packages already installed and may remove packages if they are no longer needed. Please see !upgrade for the proper way to upgrade to a new version of Ubuntu.
<Roasted_> Would anybody have any experience with bonding network interfaces? I tried to bond them based on an official Ubuntu guide but I'm not really getting anywhere with it.
<DrDetroit> its not that I want to upgrade, i have 10.04 LTS
<DrDetroit> i just want it to stay current
<patdk-wk> Roasted_, several
<Roasted_> several what?
<Pici> DrDetroit: apt-get update will only upgrade packages that are already installed.  If one of those packages now depends on a new package that you don't have installed it will be held back.  Thats what dist-upgrade is for.
<Slyboots> Hello, Im curious.. got a bit of "weird" trafic on my firewall logs and Im trying to do some sniffing to see.. what it actually is
<Slyboots> Now I've fired up tcpdump, but it doesnt seem to output anything usful.. I was expecting it to output the sort of thing you would get with Wireshark
<centHOGG> hi, freenas to ubuntu server
<gdi2k> Hi, my syslog is showing a lot of messages relating to issues with ata3, but I'm not sure how to relate that to the disk device names (/dev/sda etc.) - any suggestions?
<centHOGG> hello.... hello (echo)
<ikonia> hello
<DrDetroit> hello
<centHOGG> hi
<centHOGG> hi, freenas to ubuntu server
<Pici> Thats not a question.
<centHOGG> many q
<Pici> Don't ask to ask, just ask.
<DrDetroit> Pici: thanks for the info, I have started up aptitude again to see if I can understand it better
<centHOGG> do you use ubuntu server as a nas
<ikonia> centHOGG: not at this moment, I have used it as such in the past
<centHOGG> thx...
<DrDetroit> Pici: apprecitate the help, I have 45 security updates and 50 upgrades to do, but I did figure it out with your help and the help pages
<Pici> DrDetroit: good to hear :)
<DrDetroit> I am hoping this will make a excellent replacement for my front end machine, which is the firewall, web and mail server for me
<DrDetroit> my old one has been running since 02 and is getting long in the tooth
<robbiew> zul: I'm assuming the netboot testing was for x86 and i386 only, right?
<zul> robbiew: yep thats what i have :)
<robbiew> zul: and frankly all we care about at this point
<zul> robbiew: ding ding
<DrDetroit> How does ubuntu-server display the very nifty system information when I first log into it?
<DrDetroit> I would like to be able to do that whenever I want, not just when starting up
<jkg> DrDetroit: landscape-sysinfo
<DrDetroit> thanks so much!!
<jkg> (for the rest of the MOTD contents, see files in /etc/update-motd.d/ that generate each piece :-))
<DrDetroit> will do, thank you
<DrDetroit> ok now i need to configure my eth0
<DrDetroit> for my local network
<DrDetroit> back to reading
<kerneloops_> hello guys
<artuio> hello
<kerneloops_> Can I change screen resolution in Ubuntu server?
<kerneloops_> with sudo nano /etc/X11/xorg.conf
<kerneloops_> ?
<artuio> i can't able to install post fix i got this error
<artuio> i got this error : http://paste.ubuntu.com/585025/
<artuio> what i have to do ?
<artuio> hello
<guntbert> kerneloops_: very few people run a server with a GUI, so prepare for patience :-)
<kerneloops_> xD
<kerneloops_> guntbert: nice one
<guntbert> :)
<guntbert> artuio: in my opinion the  Â»  and -> characters are wrong, delete them and try again
<kerneloops_> guntbert: <holstein> https://help.ubuntu.com/community/ChangeTTYResolution
<kerneloops_> that not X :P
<guntbert> kerneloops_: of course, but you were specifically asking about X (or so I understood at least)
<kerneloops_> yeah my bad
<guntbert> kerneloops_: if you want to go that way remember that grub2 is configured differently
<kerneloops_> guntbert: sudo nano /etc/default/grub
<kerneloops_> ?
<guntbert> kerneloops_: right, but might want to try it first from the grub menu without changing any files,   -- and afterwards run sudo update-grub
<artuio> well guntbert
<artuio> i try this one :http://paste.ubuntu.com/585034/
<artuio> not working too
<artuio> i got this error now http://paste.ubuntu.com/585035/ guntbert
<guntbert> artuio: there are still :     ->        characters are wrong, delete them and try again
<artuio> no not
<artuio> see this http://paste.ubuntu.com/585034/
<artuio> this is the syntax
<artuio> and this one http://paste.ubuntu.com/585035/  is the output of that
<artuio> where you see -> ?
<artuio> well i find it just to need to Â» by '
<artuio> and woking
<artuio> thanks for your participation
<guntbert> artuio: glad you worked it out :-)
<artuio> an other thing
<artuio> is it easy is it easy to script all my work ?
<artuio> i mean automate the installation of all things
<PleXs> anyone can tell me a good proxy server? :)
<kerneloops_> PleXs: open proxy?
<guntbert> PleXs: nearly everybody uses squid
<kerneloops_> oh :P
<kerneloops_> you want to setup one
<kerneloops_> I would learn to setup a vpn instead
<PleXs> no I want to limit internet wifi use
<kerneloops_> k
<guntbert> kerneloops_: those two tasks are not related (in my opinion)
<PleXs> and use IPSec tunnel to use full option internet :)
<PleXs> and local lan
<PleXs> guntbert, you would advice squid ?
<guntbert> PleXs: I don't know any other - so yes - if the idea of "web proxy" suits your needs at all
<bastidrazor> i'm installing 10.04.2 server and what application does it use for the dns server?
<guntbert> bastidrazor: Ubuntu ships with BIND (Berkley Internet Naming Daemon)  (from https://help.ubuntu.com/10.04/serverguide/C/dns.html )
<bastidrazor> okay, i'm used to unbound. i guess a little learning can't hurt on bind.
<bastidrazor> thanks guntbert
<guntbert> bastidrazor: :)
<macrocosm> ugh... when will the php gd thing end! lol
<guntbert> macrocosm: wrong window?
<macrocosm> no lol
<macrocosm> ubuntu ships with a very old gd
<macrocosm> just gets old recompiling php every time I use ubuntu
<patdk-lap> hmm, why recompile it?
<patdk-lap> why not just package it, and be done with it
<macrocosm> because you cannot update it
<patdk-lap> sure you can
<patdk-lap> I do all the time
<macrocosm> any instructions on the net? ive looked everywhere and tried a lot of things . best is usually to recompile
<macrocosm> there is a debian fix .. but that broke some other things on my system
<macrocosm> hmm ... will look into it .. thanks for the tip
<macrocosm> :)
<macrocosm> patdk-lap ... what do you mean by "package it" doesnt really do much in google search.
<mok0> Is there a system-wide way to autostart a notification system for all users when they log on to the console? (Other than writing to every users autostart directory)
<mok0> The program I need to start is a disk-quota warning system, it will pop up notifications at fixed intervals prompting you to clear out diskspace if you've exceeded the soft quota limit
<mok0> I don't want the users to be able to switch off the autostarted program via their System->Preferences thing
<mok0> ... and it should work for both Gnome and KDE users...
<kerneloops_> acpi-support shouldn't I use this in my old ubuntu server machine?
<ScottK> How old?
<kerneloops_> ScottK: 10 years old maybe
<kerneloops_> or 11
<ScottK> Anything made 2000 or after should be ~OK.
<ScottK> << 2000, no.
<kerneloops_> ScottK: when I shutdown it continues turned on
<kerneloops_> at least the fans
<ScottK> Dunno.
<kerneloops_> need to press down power button until it shuts down
<kerneloops_> hehe
<kerneloops_> need to find motherboard manual for it
<kerneloops_> holy 107mb the old kernel
<kerneloops_> how can I upload a file to my SSH server?
<kerneloops_> with scp?
<semiosis> kerneloops_: yeah scp can do that
<iggi> Can anyone help me with some shell scripting
<kerneloops_> semiosis: having trouble because of spaces in file path
<kerneloops_> ^
<semiosis> you can put a backslash (\) in front of the space, or enclose the whole filename in quotes " or '
<kerneloops_> semiosis: i am using scp filepath user@host -P portnumber
<kerneloops_> k
<semiosis> well you also need a colon (:) after user@host to tell scp that it is a remote location, like this...
<semiosis> scp "/path/to/file with spaces" user@host:
<kerneloops_> semiosis: it's over lan
<semiosis> that will put the file in user's home directory on host
<kerneloops_> do i need to use it?
<semiosis> without the colon scp will make a local copy to a file named user@host, just like regular cp
<kerneloops_> k
<semiosis> you can specify a particular file to write to after the colon as well, like this...
<semiosis> scp "/path/to/file with spaces" "user@host:/tmp/remote copy of file"
<semiosis> i think that will work, you can also read the scp manual (command: man scp) for more details
<kerneloops_> semiosis: I need to change the port
<kerneloops_> portnumber: No such file or directory
<kerneloops_> lol
<semiosis> scp -P 22222 "/path/to/file with spaces" "user@host:/tmp/remote copy of file"
<kerneloops_> yeah
<kerneloops_> thanks a lot semiosis :)
<semiosis> check the scp manual, in your shell with command "man scp" or here http://manpages.ubuntu.com/manpages/maverick/en/man1/scp.1.html
<semiosis> good luck, i have to go
<semiosis> you're welcome :)
<kerneloops_> bye
<DrDetroit> Is a ubuntu server running at 55C too hot?
<kerneloops_> that's hot
<kerneloops_> r u in hell
<kerneloops_> :P
<DrDetroit> hehe
<DrDetroit> my desktop runs at 65C
<kerneloops_> damn
<DrDetroit> just trying to decide if i should move the server to a larger case with more and bigger fans
<DrDetroit> I run them with the cases open
<DrDetroit> just cause they seem to get too hot when enclosed
<kerneloops_> DrDetroit: maybe it's time to use a good cooling system
<kerneloops_> there is a channel about ##hardware
<DrDetroit> kerneloops: these are just junker machines I make out of old stuff, the reason server runs hot is that the ps sits right underneat the ps in the mini tower
<DrDetroit> I am considering moving it to a large tower case with 4 fans
<DrDetroit> where the cpu will sit away from the ps
<kerneloops_> what is ps
<kerneloops_> :p
<DrDetroit> power supply
<DrDetroit> i am too poor to buy new stuff
<DrDetroit> hehe
<kerneloops_> ok
<kerneloops_> im having fun with a computer i found in the garbage
<kerneloops_> :P
<DrDetroit> mine are all garbage
<kerneloops_> even the main one?
<kerneloops_> x)
<DrDetroit> my main box (firewall, mail server, webserver is a pentium 2
<DrDetroit> hehe
<DrDetroit> been running since 02 without a hitch
<DrDetroit> also does dhcp
<DrDetroit> for my home network
<DrDetroit> but i figure eventually it will fail and i want to have a replacement ready
<kerneloops_> lol
<DrDetroit> it runs redhat 7.3
 * DrDetroit giggles
<kerneloops_> u are too leet for me
<kerneloops_> heh
<DrDetroit> i have servers running rh7.3 debian 3, 4, 5 and freebsd 6 and this ubuntu 10.04 desktop and now a ubuntu 10.04 server
<kerneloops_> im using 10.10 sv
<DrDetroit> ah
<kerneloops_> just for fun
<DrDetroit> nod
<DrDetroit> thats all this is, just for fun
<kerneloops_> to learn and get used to cli
<kerneloops_> x)
<DrDetroit> i used to own and run a rural isp and I hate to forget all that I leared in the old days
<DrDetroit> so i like to continue to make and run servers to keep my hand in the game, so to speak
<kerneloops_> hehe
<kerneloops_> u r pro
<DrDetroit>  my chat server runs on debian
<DrDetroit> naw
<DrDetroit> i swim in the shallow end of the gene pool
 * DrDetroit grins
<kerneloops_> I am trying to make soundcard work
<kerneloops_> aplay -l shows
<kerneloops_> card 0: SI7018 [SiS SI7018], device 0: trident_dx_nx [Trident 4DWave]
<kerneloops_>   Subdevices: 32/32
<kerneloops_> 32??
<DrDetroit> I have no clue
<DrDetroit> sorry
<WinstonSmith> KIT KIT
<WinstonSmith> sry wrong tab
<kerneloops_> may I safetly remove /root/.aptitude ?
<kerneloops_> I uninstalled it
<Slyboots_> kerneloops_: It might implode the universe
<kerneloops_> what
<kerneloops_> big bang?
<Slyboots_> Kind of..
<Slyboots_> So if you dont mind killing everything, you can delete it
<kerneloops_> Slyboots_: config file is empty and i purged aptitude
<kerneloops_> i use apt-get
<Slyboots_> Aye delete it, odds are its just configuration
<kerneloops_> i'll leave it anyway
<kerneloops_> yes it is
#ubuntu-server 2011-03-25
<kerneloops_> damn still no sound
<kerneloops_> configuration: driver=Trident4DWaveAudio latency=64 maxlatency=24 mingnt=2
<kerneloops_> description: Multimedia audio controller
<kerneloops_>        product: SiS PCI Audio Accelerator
<NoqturnalX> greetings fellow server humans
<kerneloops_> ei
<NoqturnalX> Can anyone help me understand how the file colors work in bash by default
<NoqturnalX> I thought if a file was colored blue when you do a ls it was a folder, but now I see some with green backgrounds and blue lettering
<NoqturnalX> I moved everything from the old 7.10 server to the new 10.10 server via sshfs yesterday. and the files that are moved, some have different colors than I expected when I do a ls
<NoqturnalX> anyone able to point me to a resource where I can learn about how bash deals with colors in a default ubuntu server 10.10 install?
<pmatulis> NoqturnalX: yes
<pmatulis> NoqturnalX: man ls
<pmatulis> NoqturnalX: the dircolors command essentially
<NoqturnalX> thx pmatulis :P
<pmatulis> NoqturnalX: you have to be careful with sshfs/fuse, you need to specify ownership and permissions during the mount
<pmatulis> NoqturnalX: man sshfs
<NoqturnalX> ah, that's probably what made the changes.
<NoqturnalX> cause I mounted the samaba share in sshfs from the old server and did cp -pfR * to the sshfs mounted spot
<NoqturnalX> so I thought I was just essentially copying the files from the old server to the new server via sshfs with the preserve, force & recursive flags :P
<NoqturnalX> so far it looks like nothing bad happened yet, so I guess I should learn from this and read up on sshfs thanks again pmatulis :P
<pmatulis> NoqturnalX: yw
<kerneloops_> How do I know if a package is installed?
<bastidrazor> kerneloops_: apt-cache policy packagename
<kerneloops_> ty
<kerneloops_> Why do I need to run sudo alsamixer in Ubuntu Server via SSH????
<kerneloops_> help
<kerneloops_> take look at my alsamixer http://i56.tinypic.com/2rxzpdf.jpg http://i55.tinypic.com/2hptw1u.png
<kerneloops_> SOUND WORKING SOUND WORKING SOUND WORKING SOUND WORKING SOUND WORKING SOUND WORKING SOUND WORKING SOUND WORKING
<kerneloops_> it was permissions problem
<bastidrazor> i had apache2 working fine then i installed php5 and mysql-server and accompanying packages.. now my http://domain fails but http://IP works .. what might i have done?
<kerneloops_> anyone use ksplice here?
<kerneloops_> https://www.youtube.com/watch?v=a22T27rU4b0
<qman__> I used it on my router when it was still free
<qman__> great idea, good system
<qman__> I'd pay for it if I had an IT budget, but I don't
<dschuett> where are the stats pulled  from when u sign into ubuntu server?
<DrDetroit> hehe i asked that quetion today
<DrDetroit> in the update-motd
<DrDetroit> it comes from /etc/update-motd.d
<DrDetroit> dschuett: it comes from /etc/update-motd.d and landscape-sysinfo
<dschuett> DrDetroit: any reason it would stop showing when i log in?
<DrDetroit> dschuett: not that I know of, but I am basically a newb to ubuntu-server
<DrDetroit> it always shows me the page when I log it
<DrDetroit> i think you can basically see the same info by typing landscape-sysinfo
<DrDetroit> rebooting
<DrDetroit> back shortly
<dschuett> yeah, it always showed me my cpu usage, memory usage, interfaces etc... but as of yesterday it stopped
<DrDetroit> what happens when you cat /etc/motd
<DrDetroit> and back
<kerneloops_> bye all
<jmarsden> dschuett: If there is a file ~/.hushlogin in your account, that would suppress printing of the MOTD
<sky1> kann mir jemand bei einem update script helfen... ich kirege immer einen fehler auf line 28 zurÃ¼ck sehe da aber keinen .....
<lifeless> ich nein sprachen ze deutch
<sky1> k
<kim0> Morning
<uvirtbot> New bug: #742307 in samba (main) "Winbindd 2:3.4.7~dfsg-1ubuntu3.5 panic affter run cron daily " [Undecided,New] https://launchpad.net/bugs/742307
<uvirtbot> New bug: #742104 in openldap (main) "OpenLDAP remote DoS: CVE-2011-1081" [Undecided,In progress] https://launchpad.net/bugs/742104
<Abhijit> hi
<Abhijit> i added this line Listen 127.0.0.1:80 to  gksudo "gedit /etc/apache2/ports.conf" so that my server will only .listen to localhost only. but while restarting apache it says sudo /etc/init.d/apache2 restart * Restarting web server apache2 apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName
<Abhijit> help
<Abhijit> do i need to edit some other file too?
<Pici> Abhijit: Thats just a warning, it won't stop the server from actually running.
<pmatulis> Abhijit: http://tinyurl.com/y2l2zay
<Abhijit> Pici, but does it now successfully only listen on localhost and not on internet? because what i have told him is 127.0.0.1 but whta he has used is 127.0.1.1
<Pici> Abhijit: Both of those addresses only refer to the local machine.
<Abhijit> Pici, oh. ok. thank you.
<uvirtbot> New bug: #742421 in postfix (main) "package postfix 2.7.0-1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/742421
<zul> Daviey: where are with the dhcp/eucalytpus stuff so i can mention it in the release team
<Daviey> zul, 2 moments
<zul> k
<RoAkSoAx> morning all
<uvirtbot> New bug: #742431 in drbd8 (main) "package drbd8-source 2:8.3.7-1ubuntu2.1 failed to install/upgrade: drbd8 kernel module failed to build" [Undecided,New] https://launchpad.net/bugs/742431
<Daviey> zul, bug 717166 ... emails with upstream eucalyptus and communication and testing with hggdh.
<uvirtbot> Launchpad bug 717166 in eucalyptus "Broken with v4 isc-dhcp-server in Natty" [Critical,Triaged] https://launchpad.net/bugs/717166
<zul> kirkland: ping for the server-maverick-uec-liveusb spec the milestone target is set to beta-1 shouldnt that be pushed back?
<zul> Daviey: coolio
<zul> kirkland: also it doesnt have anything for beta-1 so thats why im asking
<tyreza> hi
<tyreza> how to " select all " using vi ?
<_ruben> shift-g shift-v g g
<tyreza> how to copy then ?
<_ruben> y
<tyreza> ctrl c now working
<tyreza> ctrl c not working
<kirkland> zul: no, it's done
<kirkland> zul: i need to blog post it today
<kirkland> zul: sorry
<kirkland> zul: i'd like to get one working with openstack too, actually....
<zul> kirkland: can you update the blueprint in launchpad then?
<raphink> hello :)
<kirkland> zul: ack wilco
<zul> kirkland: thanks
<zul> hi raphnik
<kirkland> zul: do you have the link in front of you?
<zul> kirkland: https://blueprints.launchpad.net/ubuntu/+spec/server-maverick-uec-liveusb
<kirkland> zul: thanks dude
<kirkland> zul: dun
<zul> kirkland: thanks
<tyreza> _ruben: still not working
<tyreza> i can able to select all with GVgg
<tyreza> but can't able to copy and paste to an editor
<RoAkSoAx> zul: don't forget to sponsor this one please :) bug #619712
<uvirtbot> Launchpad bug 619712 in keepalived "keepalived vrrp race condition and fix (versions 1.1.17 and 1.2.0 but perhaps all?)" [High,Fix committed] https://launchpad.net/bugs/619712
<zul> RoAkSoAx: yep its on my toodo list
<RoAkSoAx> zul: awesome, thank you
<kirkland> RoAkSoAx: did you end up getting a docking station for your x201?
<kirkland> RoAkSoAx: if so, does it work with natty?
<RoAkSoAx> kirkland: nope I didn't. I ended up bayuing a dualhead2go
<RoAkSoAx> and works beatifully
<kirkland> RoAkSoAx: oh, hmm, okay
<RoAkSoAx> kirkland: image quality is good enough
<RoAkSoAx> for my dual monitors
<RoAkSoAx> the only thing is that, it appears to be like one huge monitor
<RoAkSoAx> kirkland: are you looking into dual monitors too?
<kirkland> RoAkSoAx: no, just the one
<kirkland> RoAkSoAx: i want to drop my x201 into my docking station, and go straight to external monitor, my 24" 1920x1080
<kirkland> RoAkSoAx: worked perfectly in Maverick, been busted for most of Natty
<RoAkSoAx> kirkland: the docking station or dual monitors?
<RoAkSoAx> kirkland: gnome-display-properties causes to not display correctly in dual monitors btw
<RoAkSoAx> kirkland: bug #737891
<uvirtbot> Launchpad bug 737891 in gnome-desktop "gnome-display-properties unable to correctly enable monitors connected to VGA" [Low,New] https://launchpad.net/bugs/737891
<kirkland> RoAkSoAx: i'm not doing dual monitors
<kirkland> RoAkSoAx: i just want one or the other
<kirkland> RoAkSoAx: either my 1280x800 lcd on the thinkpad, or my 1920x1080 external monitor
<RoAkSoAx> kirkland: yeah, so you are with the same issue as me in bug #737891
<uvirtbot> Launchpad bug 737891 in gnome-desktop "gnome-display-properties unable to correctly enable monitors connected to VGA" [Low,New] https://launchpad.net/bugs/737891
<RoAkSoAx> kirkland: connect your laptop to external monitor, enable it, then disable LVDS with xrandr
<RoAkSoAx> if you disable it with gnome-display-properties, it won't work
<zul> hggdh: around? can bug #712145 be closed?
<uvirtbot> Launchpad bug 712145 in pkgsel "ubuntu-server JEOS ISO install uses 519M of storage" [Medium,Fix released] https://launchpad.net/bugs/712145
<hggdh> zul, yes, it can. I actually thought it had been closed already, james & colin fixed it good
<zul> hggdh: thanks
<_ruben> tyreza: vi *is* an editor
<tyreza> i never said vi in an OS _ruben
<twb> An editor is an application; it's not part of the OS.
<shauno> emacs doesn't have a kernel yet?
<twb> The OS is the stuff that sits between applications and the bare metal.
<twb> shauno: it does not.
<twb> shauno: you can use it as pid1, but that's all
<twb> shauno: you can do the same with LiCE on Movitz, which lets you get emacs running off a floppy, but that's about it.
<shauno> the hurd chaps are slacking then :/
<twb> no surprise there
<_ruben> eh? whatever
<tyreza> hello there
<tyreza> very quick question ?
<tyreza> how to select all using vi ?
<uvirtbot> New bug: #742501 in mysql-5.1 (main) "Apparmor profile prevents read/write from /tmp" [Undecided,New] https://launchpad.net/bugs/742501
<soren> tyreza: :5y
<soren> whoops
<soren> tyreza: :%y
<tyreza> my question is how to select all ?
<tyreza> not working if i do :%y it say :1369 lines yanked
<tyreza> i need to select all
<tyreza> to copy then and paste it
<_ruben> yank = copy
<tyreza> listen carrefully i got 1000 lines on a file
<tyreza> i need to select all line copy and paste it
<tyreza> how to do ?
<_ruben> sigh
<soren> sigh
<soren> tyreza: :%y
<soren> tyreza: copies it.
<soren> tyreza: p pastes it.
<tyreza> i need to copy to notepad
<soren> tyreza: There's a #vim irc channel.
<tyreza> ctrl c not working
<oCean> sigh
<tyreza> oops ctrl v not working
<oCean> "p pastes it"
<oCean> where is ctrl v in that line?
<semiosis> use command "cat <filename>" in your shell to dump contents of file, then copy from one window to the other
 * semiosis hopes that helps
<tyreza> yes i know how to use the same thing with cat
<tyreza> with my question is using vim
<semiosis> vim may not be the best tool for that job
<tyreza> soren: say somethign with :%y
<_ruben> just use scp to transfer the damn file
<tyreza> but why that's not working ?
<_ruben> pardon my french
<tyreza> what is the usage of scp ?
<tyreza> lol
 * _ruben gives up
<semiosis> use command "man scp" to find out all about scp
<soren> tyreza: "*:%y
<_ruben> yanking in vim won't help transferring it to a windows machine
<soren> Oh, he's connected over ssh or something?
<_ruben> 15:42 < tyreza> i need to copy to notepad
<_ruben> presumably
<tyreza> the way is with cat
<tyreza> leave vim himself alone
<tyreza> thanks a lot
<tyreza> bye
<soren> That was very annoying.
 * soren pimps "set clipboard=unnamed"
<semiosis> was that IRC trolling?
<soren> If it was, I'm impressed. Well played.
<semiosis> totally
<RoAkSoAx> zul: just realized that cobbler is still missing the python-koan package :/
<zul> RoAkSoAx: gah...
<adac> if apt wants to install libgl1-mesa-dri and libgl1-mesa-glx and xterm does this mean that X server is also installed?
<jamespage> jhunt: ping
<jhunt_> jamespage: hi - in a meeting currently
<jamespage> jhunt: np pong me later - found resolution for java daemonisation problem/upstart
<xperia> hello to all. i have here a hardware problem with ubuntu. i am trying installing and testing the newest alpha3 version of ubuntu natty
<xperia> but for some reason i have big trouble with the pcmcia SiL 3512 Sata Link Card
<jhunt_> jamespage: awesome! we'll add it to the cookbook :)
<xperia> this here is the output of lspci => http://pastebin.com/tEzBrT4Q
<xperia> ubuntu does recognise pretty well the card and load also the driver that works with that card
<xperia> # lspci | grep Sil
<xperia> 06:00.0 Mass storage controller: Silicon Image, Inc. SiI 3512 [SATALink/SATARaid] Serial ATA Controller (rev 01)
<xperia> but for some reason first the leds on the card does not blink or burn
<xperia> and second when i connect my sata harddisk i get allways error messages
<Pici> adac: 'xterm' will pull in x11-common, but that is not xorg in its entirety. See http://files.nullcortex.com/rdepends.svg
<Pici> (not a permanent url, its a scratch space for when I make those graphs)
<adac> Pici, oh ok i see :)
<adac> thx
<xperia> http://pastebin.com/vMM33wFg
<xperia> it say allways ata4: SATA link down (SStatus 0 SControl 310)
<xperia> hello to all. i have here a linux hardware problem with the pcmcia SiL 3512 Sata Link Card.
<xperia> this here is the output of lspci => http://pastebin.com/tEzBrT4Q
<xperia> does recognise pretty well the card and load also the driver that works with that card
<xperia> #lspci | grep Sil
<xperia> 06:00.0 Mass storage controller: Silicon Image, Inc. SiI 3512 [SATALink/SATARaid] Serial ATA Controller (rev 01)
<xperia> but for some reason first the leds on the card does not blink or burn
<xperia> and second when i connect my sata harddisk i get allways error messages
<artuio> hello there
<artuio> post fix is a good server  mail ?
<EvilPhoenix> artuio:  postfix is a good mail server, yes.  it requires some configuration before you can use it, but after you configure it, its a good mail server.
<artuio> well
<artuio> i m on the point of installation
<artuio> when i m trying to ehlo localhost
<kerneloops_> hello
<artuio> it say command not found
<artuio> the syntax is it correct ?
<kerneloops_> artuio: trying to what?
<artuio> ehlo localhost
<artuio> i got command not found
<kerneloops_> that command doesnt exist.
<kerneloops_> what do you want to do?
 * genii-around telnets to port 25
<uvirtbot> New bug: #735351 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/735351
<EvilPhoenix> "ehlo localhost" <--- wtf is "ehlo"?
<artuio> ehlo
<artuio> is checking for conf
<artuio> working fine now
<artuio> now i got an other error : http://paste.ubuntu.com/585487/
<shauno> ehlo's an extension to smtp.  rfc 1870 is your google-fu
<EvilPhoenix> artuio:  there's an SQL syntax error
<EvilPhoenix> -SQL
<EvilPhoenix> its a syntax error nonetheless
<andygraybeal_> can i flush things out of virtual memory back into regular memory (i have plenty of regular memory)
<shauno> I'm not sure actually, short of swapoff'ing.  I tend to just trust the kernel, if it thinks disk caches are going to be more productive than a process that's been quiet long enough to get tucked away
<andygraybeal_> yea, i trust it too.. i'm having issues with my machine thouhg; when it does swap... it takes forever and no one can get any work done.
<andygraybeal_> thank yuo shauno
<andygraybeal_> something makes me think i'm losing a drive
<andygraybeal_> slowly
<semiosis> andygraybeal_: you can use the command "sync" to write file buffers to disk, but that may not actually result in less "virtual memory" being used
<andygraybeal_> semiosis, interesting thank you
<queso> Greetings. I am going through the 10.04 serverguide for openldap.  I'm at the point where it says to create a file ( frontend.example.com.ldif ) and add the entries using ldapadd.  When I do this it errors and I can't determine what is wrong.
<jhunt_> jamespage: pong?
<jamespage> jhunt_: give me 2 ticks
<jhunt_> jamespage: np
<queso> I am creating a test directory. Here is the error I get when running the command:  http://paste.pocoo.org/show/359558/
<artuio> well i try to create alias with postfix
<artuio> this is the error what i got : ERROR 1062 (23000): Duplicate entry 'info@example.com' for key 'PRIMARY
<artuio> pastebin here : http://paste.ubuntu.com/585507/
<jamespage> jhunt_: http://paste.ubuntu.com/585505/
<jhunt_> jamespage: thx! I'll digest and regurgitate something appropriate into the cookbook.
<jamespage> jhunt_: seemed to work best with start-stop-daemon as upstart was able to track the java process correctly.
<jamespage> jhunt_: anyway have a good weekend - speak next week
<jhunt_> jamespage: thanks very much for the info! ttfn
<NoqturnalX> greetings again
<NoqturnalX> what would be better to use syslogd or syslog-ng, I have 5 routers that I want to collect logs from (running dd-wrt) and I forgot how I had it setup on the old box
<NoqturnalX> on a Ubuntu-Server 10.10 box
<patdk-wk> anything wrong with rsyslog that comes by default?
<NoqturnalX> i dunno, i thought syslogd was the default
 * NoqturnalX mans rsyslog
<NoqturnalX> lol
<NoqturnalX> no manual
<patdk-wk> now my 8.04 machine uses syslog :)
<NoqturnalX> It's another stuck on stupid day for me. I had all this stuff figured out cause I setup either syslog or syslog-ng on the other server to collect the logs from my dd-wrt routers
<NoqturnalX> but i can't remember what I did
<patdk-wk> I am using syslog-ng
<patdk-wk> I plan on switching to rsyslog though
<patdk-wk> and check how it performances compared, but haven't yet
<patdk-wk> but my old system used syslog-ng
<NoqturnalX> there's no man entry for rsyslog :( nothing in apropos either
<patdk-wk> man rsyslogd
<NoqturnalX> did
<patdk-wk> odd
<NoqturnalX> i even apropos syslog to see if anything like rsyslog shows up
<NoqturnalX> nothin
<patdk-wk> I have it and rsyslog.conf man
<NoqturnalX> I got logger, pam_syslog, pam_vsyslog, pdbtool, syslog, syslog, syslog-ng, syslog-ng.conf, Unix::Syslog, vsyslog
<patdk-wk> dunno what an apropos is
<patdk-wk> well, that is why
<patdk-wk> you already installed syslog-ng
<patdk-wk> that forces rsyslog to deinstall
<NoqturnalX> search the manual page names and descriptions
<NoqturnalX> but I still have rsyslog on the system
<patdk-wk> maybe it's config files
<NoqturnalX> there's a rsyslog.d in /etc and a rsyslog.conf too
<patdk-wk> but not the program itself
<patdk-wk> like I said, it deinstalled, it wasn't purged
<patdk-wk> therefor configs stay
<NoqturnalX> suppose your right
<Roasted_> So I have an Ubuntu server on a Windows domain using Likewise Open. In the past when I've connected to Windows file servers from the Ubuntu server on the domain, it would just let me in because it auto authenticated me based on my logged in name. On this new server, that's not the case. I have to type my credentials in each time. I'm setting this server up for a school, so this uh.. isn't possible to let go. How can I fix it?
<NoqturnalX> apt-get install rsyslog :P
<uvirtbot> New bug: #734316 in apache2 (main) "plymouth made SSL pass phrase dialog can't read input" [Undecided,New] https://launchpad.net/bugs/734316
<NoqturnalX> so what do I do for rsyslog to start logging my routers?
<NoqturnalX> slap a line in the config file somewhere for each router?
<patdk-wk> that depends what the other machines can do
<NoqturnalX> dd-wrt has a syslog option in the WebGUI where you just specify the IP address of the machine that's supposed to log
<patdk-wk> http://www.google.com/url?sa=t&source=web&cd=1&ved=0CBQQFjAA&url=http%3A%2F%2Fwww.ubuntu.com%2Fsystem%2Ffiles%2FCentralLogging-v4-20090901-03.pdf&rct=j&q=log%20central%20rsyslog&ei=kOCMTYvhLIzrgQfpifGyDQ&usg=AFQjCNEL3sc8W3FDTyyFUyG4alXFQP8o2w&cad=rja
<patdk-wk> oh that is ugly
<NoqturnalX> yikes
<NoqturnalX> lol
<patdk-wk> http://www.ubuntu.com/system/files/CentralLogging-v4-20090901-03.pdf
<NoqturnalX> need one of those goo.gl shortners
<NoqturnalX> I should just hire a stand in for the day
<Roasted_> Is there a way to "unbond" network interfaces? I tried to bond them yesterday and it kinda bombed out, and due to time restraints I wanted to get that out of there and just use one NIC for now.
<semiosis> NoqturnalX: if you've re-installed rsyslog, check out the file /etc/default/rsyslog, in there you'll see some comments at the top
<semiosis> NoqturnalX: so of those options, you'll want -r in the RSYSLOGD_OPTIOSN variable, to enable the UDP syslog listener
<semiosis> NoqturnalX: then just do 'service rsyslog restart' to reload the config, then you can set your routers to send to the IP address of your linux box, and the logs will get collected
 * cloakable hmm
<NoqturnalX> thanks semiosis i just got back from lunch, looks like i'm just in time :P
<NoqturnalX> i think my next goal is to setup freeradius on this thing :P
<NoqturnalX> anyone got any experience with radius? Tips? pointers? advice? horror stories maybe??
<zul> have a good weekend
<zul> SpamapS: i thought we fixed the apache ssl thing in maverick?
<SpamapS> zul: no we opted not to because it would change the boot
<zul> SpamapS: ok i muse have mismembered
<SpamapS> zul: it was uploaded right at the start of natty
 * RoAkSoAx does out for a late lunch ... starving...
<zul> right
<uvirtbot> New bug: #742748 in backuppc (main) "package backuppc 3.2.0-3ubuntu3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/742748
<azizLIGHTS> what sould i use to transcode a video file to lower res/quality and have a client computer be able to see that
<zertyui> hello
<zertyui> there
<zertyui> i got this error with postfix http://paste.ubuntu.com/585589/
<zertyui> what's wrong ?
<cavefish> zertyui: can you tell me whats wrong... i have nog browser on this linux console :P
<zertyui> you can use elinks cavefish
<zertyui> console browser
<azizLIGHTS> +1 for elinks
<azizLIGHTS> can use mouse even
<cavefish> oke done links2
<cavefish> zertyui: INSERT INTO 'transport' should it be ;)
<zertyui> sorry i don't get you cavefish
<cavefish> when i paste your postfix i got a SQL related issue in Links2
<zertyui> ok
<zertyui> are you asking to run this command on my mysql cli : INSERT INTO 'transport'
<zertyui> ?
<cavefish> the error says you got the name wrong
<cavefish> the table name
<zertyui> but i can't understand
<zertyui> as you can see there on my pastebin i just create the table
<zertyui> but i got that error
<zertyui> i don't know why ?
<cavefish> i know but the table on the CREATE statement should be the same as the one on the INSERT statement
<zertyui> what is the correct line  i have to enter ?
<cavefish> INSERT INTO `post_db.transport` (`domain`, `transport`) VALUES ('example.com', 'virtual:');
<zertyui> http://paste.ubuntu.com/585603/ cavefish
<cavefish> INSERT INTO `transport` (`domain`, `transport`) VALUES ('example.com', 'virtual:');
<cavefish> Normal i work with MSSQL, seems like Mysql handles the prefix itself
<zertyui> yes working now
<zertyui> thanks a lot cavefish
<cavefish> your welcome man
<hallyn> zul: do you mind taking a look at https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/742770 and telling me if you think the fix is worth trying to push through freeze?
<uvirtbot> Launchpad bug 742770 in lxc "Erorr in syntax in ubuntu templates" [High,In progress]
<dev001> Hi.  I'm new to ubuntu server.  Did a net install of a remote headless server in a hosted XenVM, and set up NFS4 kernel-server & client.  Via client, I can mount NFS4 shares @ another server from cmd line, and if I add to /etc/fstab, and 'mount -a', that works too.  But at reboot, it simply hangs & "sits" no further output @ console.
<dev001>  Is there something I should immediately consider re: NFS @ boot, or how do I get more verbose logging in this case?
<semiosis> could try adding "nobootwait" to the mount options for the nfs mount in your fstab
<^Mike> http://releases.ubuntu.com/10.04.1/ubuntu-10.04.1-server-amd64.iso.torrent is a 404
<ScottK> ^Mike: Try 10.04.2.
<uvirtbot> ScottK: Error: "Mike:" is not a valid command.
<ScottK> Nice.
<^Mike> :D
<^Mike> I'm just following links on http://www.ubuntu.com/desktop/get-ubuntu/alternative-download#bt
<^Mike> Also, http://www.ubuntu.com/server/get-ubuntu/download is a 404 (linked from http://www.ubuntu.com/desktop/get-ubuntu/download)
<ScottK> Assuming 10.04.2 works, please file a bug against ubuntu-website.
<remix_tj> use torrent, is preferred
<ScottK> There's no one on this channel who can fix it.
<^Mike> apport doesn't like ubuntu-website: "Package ubuntu-website does not exist" and I've never figured out how to submit a bug without using it
<ScottK>  ^Mike: https://bugs.launchpad.net/ubuntu-website/+filebug
<^Mike> thanks
<ScottK> Apport is just for package in Ubuntu (which the web site clearly isn't).
<ScottK> You're welcome.
<echosystm> i have a question for people with a strong background in enterprise linux/unix (redhat/centos/solaris/aix/etc.)
<echosystm> how do you find ubuntu server?
<echosystm> i need to use rackspace for some hosting and my only options for a managed SLA are centos, ubuntu and rhel
<echosystm> rhel is too expensive, centos is getting too old now (still only 5.5)
<echosystm> i find desktop ubuntu to be a pretty low quality distribution, im just wondering if the server is the same
<cavefish> Ubuntu Server work fine for me
<guntbert> echosystm: in what way do you "find desktop ubuntu to be a pretty low quality distribution"?  - although the discussion is more appropriate in #ubuntu-offtopic
<wout-lnx> anyone know if there is a ppa with spice enabled kvm, virtmanager etc etc???
<cavefish> Did someone get the BCM4328 driver working on Ubuntu 9.10 server with the latest kernel
<echosystm> guntbert: i mean ubuntu desktop hasa lot of bugs in comparison to rhel/debian
<echosystm> i've certainly found it to be extremely shakey
<echosystm> hell, i've found less bugs on my archlinux box
<guntbert> echosystm: I don't share that view - but maybe from less experience .... please don't discuss it further in a support channel - try #ubuntu-offtopic
<echosystm> ok, no worries
#ubuntu-server 2011-03-26
<Techie> i am currently using iptables for my gateway, however this does not seem to support uPnP port forwarding, is there an alternative that does support uPnP?
<Patrickdk> ya, iptables :)
<Patrickdk> linux-igd
<Techie> do explain?
<Techie> does linux-igd work with iptables, or is it a gateway software itself?
<Patrickdk> that is why google exists
<Techie> i was hoping you might be able to inform me while i furiously search, however google does make the world go roun
<Techie> round*
<Techie> hrmm, will be back in a bit, gotta put my server back into the network
<aslan> hi, i work in hospital and we have almost 150 client, we try to use Active Directory Domain Controller, but if we do this, we will have so much money to pay for licence. i want to install computers ubuntu. our hospital software works in linux. and i want to make something like windows Active Directory system, i hear about openldap and pfsense. i take a look of them and these are so confused for me. does anyone suggest me a good software same active
<aslan> directory ? but i want software that can be controlled with a good user interface. thanks.
<uvirtbot> New bug: #742994 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.2 failed to install/upgrade: le sous-processus script post-installation installÃ© a retournÃ© une erreur de sortie d'Ã©tat 1" [Undecided,New] https://launchpad.net/bugs/742994
<volkan> Heey! Saturday morning terror... I wanted to install some packages on our ubuntu server and after a connection error the amazon based server was unavailable. Only stopping and starting the instance got the server back to life. Now i tried dpkg --configure -a to finish the installation but the server got unavailable again.... Heeeelp?
<raphink> volkan: first you could try running the dpkg --configure in a screen
<raphink> in case the configure steps cut the ssh connection, it will at least allow them to continue while the ssh is cut
<volkan> heey! Thank you...
<raphink> and then you can reattach later
<volkan> @raphink: dpkg: --configure needs at least one package name argument
<raphink> volkan: -a I mean
<raphink> the one you were trying
<raphink> maybe it could be interesting to see the list of packages yet to configure
<raphink> dpkg -l | grep '^iU'
<raphink> will tell you that
<raphink> that migth give you a hint on which package is the issue
<volkan> Thes server get's unavailable when i run dpkg --configure -a...
<raphink> I understood that part volkan
<volkan> I just activated multiverse to install the ec2 admin tools... The last ssh output is: Setting up openjdk-6-jre-headless
<raphink> so I'm suggesting ways to find out why and fix it
<volkan> update-alternatives: using /usr/lib/jvm/java-6-openjdk/jre/lib/jexec to provide /usr/bin/jexec (jexec) in auto mode.
<volkan> Uh... Nice:
<raphink> by unavailable, what do you mean exactly?
<raphink> does the ssh connection reset
<raphink> do other services still work?
<raphink> does the server crash (and do you have anything in dmesg then?)?
<volkan> ssh connections hangs... apache off everything is gone...
<raphink> alright
<volkan> what is dmesg?
<raphink> kernel messages
<raphink> useful to debug when a machine crashes
<raphink> type "dmesg" in a console
<volkan> i did dpkg -l | grep '^iU' Do you want the output?
<volkan> ok
<raphink> you could paste the output of dpkg -l | grep '^iU' in a pastebin
<raphink> pastebinit is a useful too for that by the way
<raphink> dpkg -l | grep '^iU' | pastebinit
<volkan> ok one moment!
<raphink> (apt-get install pastebinit)
<raphink> forget about that last one if you don't want to make your server crash again ;-)
<volkan> no apt-get :)
<raphink> just copy and paste into a pastebin :-)
<raphink> or use pastebinit from your local machine :-)
<raphink> ssh ubuntu@ec2-instance dpkg -l | grep '^iU' | pastebinit
<volkan> http://pastebin.com/Z58tfutt
<raphink> :-)
<raphink> ok, that's dmesg
<volkan> http://pastebin.com/166JW6hc
<raphink> just these 6 lines?
<volkan> Yes!
<raphink> ok
<raphink> and when you run dpkg --configure -a, you see
<raphink> update-alternatives: using /usr/lib/jvm/java-6-openjdk/jre/lib/jexec to provide /usr/bin/jexec (jexec) in auto mode
<raphink> and then it crashes
<raphink> right?
<volkan> new pastebin:
<volkan> http://pastebin.com/F9avmFJk
<raphink> ok
<raphink> lets see
<volkan> And when i do -a
<raphink> can you paste the contents of /var/lib/dpkg/info/penjdk-6-jre-headless.postinst?
<volkan> http://pastebin.com/HMuTPHi1
<volkan> oh that was something else... Yes one minute...
<raphink> sorry, missing an o
<raphink> can you paste the contents of /var/lib/dpkg/info/openjdk-6-jre-headless.postinst?
<raphink> ;-)
<volkan> http://pastebin.com/HEVqzLQZ
<raphink> sooo
<raphink> the update-alternatives commands in run in the loop from 37 to 59
<raphink> these work fine it seems
<raphink> sorry, even down to 65 actually
<volkan> Oke....
<raphink> that's the jexec alternative
<raphink> which we see works fine
<raphink> or not actually
<raphink> let me see :-)
<volkan> By the way: Thank you! :)
<raphink> we see
<raphink> update-alternatives: using /usr/lib/jvm/java-6-openjdk/jre/bin/tnameserv to provide /usr/bin/tnameserv (tnameserv) in auto mode.
<raphink> and then it crashes
<raphink> tnameserv is listed in jre_tools, so it's in the loop from 37 to 59 probably that it crashes
<raphink> or right after
<volkan> Can't i just cancel that install?
<raphink> you could
<raphink> but I'd rather find why it does that :-)
<volkan> Ok!
<volkan> Better!
<volkan> By the way: i'm doing all the server stuff but i'm kind of an advanced noob... Are you available for paid support sometimes?
<raphink> I don't have a company to bill
<raphink> canonical provides server support, you know?
<raphink> :-)
<raphink> let's see
<raphink> can you try running this (long command)?
<volkan> haha... ehm... i don't have the company that can pay for it :)
<raphink> update-alternatives --install /usr/bin/jexec jexec /usr/lib/jvm/java-6-openjdk/jre/lib/jexec 1061 --slave  /usr/share/binfmts/jar jexec-binfmt /usr/lib/jvm/java-6-openjdk/jre/lib/jar.binfmt
<raphink> can you run that?
<volkan> ok...
<volkan> update-alternatives: using /usr/lib/jvm/java-6-openjdk/jre/lib/jexec to provide /usr/bin/jexec (jexec) in auto mode.
<raphink> and it doesn't crash?
<volkan> but seriously we could buy you stuff at amazon... Is actually better than getting payed... You will get presents!
<volkan> nope!
<raphink> ok
<raphink> let's try another one
<volkan> it's still there..
<raphink> (thanks for the suggestion ;-)
<raphink> hmmm
<raphink> edit  /var/lib/dpkg/info/openjdk-6-jre-headless.postinst
<raphink> and add "set -x" after the line that says "set -e"
<raphink> so that will add a line 6 before current line 6
<raphink> right
<raphink> ?
<volkan> yes!
<raphink> save the file
<raphink> then run
<volkan> did it..
<raphink> dpkg --configure -a
<raphink> again
<volkan> :)
<raphink> that will make the whole thing verbose
<raphink> so we see where exactly this "Timeout, server not responding" message comes from
<volkan> http://pastebin.com/mx7nFfiD
<volkan> oke stopping and starting the instance again...
<raphink> is that all you saw?
<volkan> Yes...
<volkan> And the timeout server not responding...
<raphink> ah, you did see it
<raphink> so you're crashing at line 80
<raphink> line 74 is nuts
<raphink>     case java-6-openjdk in
<raphink>         *cacao|*shark);;
<raphink>         *)
<raphink> etc.
<raphink> the string "java-6-openjdk" will never match *cacao or *shark
<raphink> from your package list yet-to-be-configured
<raphink> I see you have cacao, so I guess you want to use that
<raphink> and the statement at line 74 is wrong and gets you in the default case when  you should enter the first one, which does nothing
<raphink> and hence does not crash ;-)
<volkan> sorry no idea what cacao is but it some dependency...
<raphink> you know what
<raphink> change line 74 (which is now 75 for you with set -x)
<raphink> sorry, line 75, now 76
<raphink> into
<raphink>    *|*cacao|*shark);;
<raphink> save and run dpkg --configure -a again
<raphink> ;-)
<raphink> so you don't get into the case that crashes for you
<volkan> instance isn't up already... just a sec...
<raphink> ok
<volkan> YEEEY!
<volkan> Hero of my weekend!
<raphink> now you have to make sure that java actually works ;-)
<volkan> Do you a quick test?
<volkan> Do you know a quick test?
<raphink> well I don't know, there's probably a reason why you have java installed on this server, no?
<raphink> :-)
<volkan> dependency of amazon tools... I just tried them seems to work!
<raphink> ok then that should be fine
<raphink> :-)
<raphink> that said, it might not hurt to open a bug on this package
<raphink> with your fix and a note on how the case statements look very weird ;-)
<volkan> Really thank you... You saved my weekend... should i do it or do you want to do it?
<volkan> I will do it!
<raphink> thank you
<raphink> you can subscribe me
<volkan> How?
<raphink> there's a subscribe someone link to the right of each bug
<raphink> put "raphink"
<raphink> :-)
<volkan> oke! You are not interested in amazon stuff are you :) ?
<volkan> I have some performance problems on a lamp stack...
<jfb_h20> suddenly my computer won't boot when a external USB drive is plugged in... any suggestions on what to check?
<a7ndrew> bios boot order?
<peta> hello everybody
<peta> i'm faced by a tricky challenge
<peta> i got a remote machine based on 10.04. during the the last days i set it up, did finetuning and securing. now i want to "clone" the system, transfer the image via ssh to my local machine and use it in a virtual machine. the remote machine has has a 2x750gb RAID1 setup. the problem is that i only want to "clone" the actual os files (users,groups,packages, settings, asf.) without the grub settings, so that i can just copy the image 
<peta> use it without a neat.
<peta> might it be sufficient to do a remote rsync, or some other "simple" file/folder copy action?
<downloadSSH> ei
<downloadSSH> in BIOS of my old computer there is an option for "shared memory"
<downloadSSH> what is that
<downloadSSH> I think it's related with the graphics card
<downloadSSH> so.. should I disable it since I am running ubuntu server?
<froud> Hi, have Ubuntu Server Ubuntu 10.04.2 LTS with LAMP stack installed and Postfix. Having trouble enabling php mail to send mail from apps like joomla and weberp, but when I run my own script using phpmail it works. I've tried removing postfix for sendmail but the result remains the same, cannot send messages from phpmail functions. Anything one may suggest I have missed. The same problem is...
<froud> ...on two servers.
<downloadSSH> ok so now I have another issue
<downloadSSH> in TTY
<downloadSSH> im trying to type !
<downloadSSH> but it adds some chars
<downloadSSH> I am using alt + !
<downloadSSH> do you know what this means
<downloadSSH> "ac97 codec read timeout"
<downloadSSH> in tty
<DrDetroit> Dovecot seems to have loaded at install, and I have postfix also installed, but not running. Can someone point me to a good howto on how to get postfix and dovecot working correctly on ubuntu-server 10.04
<TTY_problem> "With some keyboard layouts, AltGr is a modifier key used to input some characters, primarily ones that are unusual for the language of the keyboard layout, such as foreign currency symbols and accented letters. These are often printed as an extra symbol on keys."
<TTY_problem> AltGr key replacement:
<TTY_problem> than i dont know what to choose
<jmarsden> TTY_problem: With some (many) other keyboard layouts, there is no AltGr key... so if you do not have one, leave it out :)
<TTY_problem> U have it
<TTY_problem> I
<TTY_problem> jmarsden
<TTY_problem> it's next to space bar
<TTY_problem> jmarsden: http://i55.tinypic.com/2dkfern.png
<jmarsden> TTY_problem: You have one labelled AltGr?  or you are trying to fake an AltGr key by using some other 'replacement' key?
<TTY_problem> jmarsden: I have one key saying alt gr
<TTY_problem> Â¬Â£Â£Â£Â£Â§@@Â£Â£@@Â£
<jmarsden> if it is just to the right of the space bar, the default "Right Alt" is probably the one you want.
<TTY_problem> see
<TTY_problem> ok
<TTY_problem> :)
<TTY_problem> now it's asking for a compose key
<TTY_problem>                  â The Compose key (known also as Multi_key) causes the computer to interpret the next few keystrokes as a combination in order to produce a character not found on the keyboard.                           â
<jmarsden> Same deal.  if you don't have one, tell it you don't have one.
<TTY_problem> jmarsden: when I use thr arrows in TTY it types characters
<TTY_problem> :s
<jmarsden> That might not be a keyboard-configuration issue, you can usually fix that with entries in ~/.inputrc
<jmarsden> But for now use the tab key to move around, or try ctrl-n for next and ctrl-p for previous instead of using the arrow keys.
<TTY_problem> jmarsden: right arrow = [C
<TTY_problem> damn
<jmarsden> DrDetroit: the dovecot-postfix package does the configuration work for you...
<jmarsden> TTY_problem: That's fine, that can be fixed with .inputrc and is not a keyboard layout issue.
<DrDetroit> jmarsden: i get an error /etc/main.cf not found
<TTY_problem> how jmarsden ?
<TTY_problem> I just want to fix the ! and 1 problem
<jmarsden> DrDetroit: Did you install postfix from the Ubuntu package, or from a tarball??
<DrDetroit> jmarsden I chose it when I did the initial server installation
<DrDetroit> I can see dovecot is running, and I assume when I get a main.cf in the /etc dir it will run also
<RoyK> DrDetroit: iirc, that should be /etc/postfix/main.cf
<DrDetroit> Royk: I know, but it is not there
<DrDetroit> I am wondering if i have to run some sort of postconf command to get one
<TTY_problem> ok it's in /etc/imputrc
<TTY_problem> how do i fix it
<jmarsden> DrDetroit: The package version of postfix looks in /etc/postfix for main.cf not in /etc/
<DrDetroit> i apoligize, I am in /etc/postfix and main.cf is not there
<jmarsden> TTY_problem: Try  as a test    export INPUTRC=/etc/inputrc
<RoyK> DrDetroit: postfix comes with a generic one
<DrDetroit> there is no main.cf in the /etc/postfix directory
<RoyK> or (iirc) dpkg --configure postfix will create one
<jmarsden> DrDetroit: OK, so can you do    sudo dpkg-reconfigure dovecot-postfix
<TTY_problem> jmarsden: what does the command do?
<RoyK> erm, dpkg-reconfigure - yes
<RoyK> ignore my post above
<DrDetroit> ok thank you I wil try that
<jmarsden> TTY_problem: sets a variable that makes your shell read that file of key mappings
<DrDetroit> jmarsden: ah dovecot-postfix is not installed
<TTY_problem> jmarsden: im sshing to the computer and other keyboard is connected but im stuck at login prompt
<TTY_problem> because of keyboard layout
<jmarsden> DrDetroit: Yu can either configure each of them separately, or use that package to do both together.  Using dovecot-postfix is, I would say, easier for beginners.
<DrDetroit> can i istall that package with apt-get install dovecot-postfix?
<jmarsden> TTY_problem: Do you have this issue on your local machine, or only over SSH?
<TTY_problem> jmarsden: the problem is the keyboard in TTY
<TTY_problem> over SSH works fine
<jmarsden> DrDetroit: Yes.  Might be good to sudo apt-get purge dovecot postfix    # first, to remove the ones you have installed now.
<jmarsden> TTY_problem: You said: <TTY_problem> jmarsden: im sshing to the computer and other keyboard is connected but im stuck at login prompt
<jmarsden> So now I am confused, which is it? :)
<TTY_problem> jmarsden: im stuck localy
<jmarsden> Ah, that's not what I thought you said earlier.
<TTY_problem> jmarsden: because I need to type ! for the password ;)
<jmarsden> WHy would arrow keys not working prevent you from logging in locally?
<TTY_problem> but 1 or ! chars dont work
<TTY_problem> and arrows also dont work
<TTY_problem> and backspace
<TTY_problem> and delete..........
<TTY_problem> got it?
<TTY_problem> :p
<TTY_problem> all this in TTY from where im trying to login
<jmarsden> And there is a 1 or a ! in your password??
<TTY_problem> yes
<TTY_problem> there is a !
<TTY_problem> and it shows "login incorrect" becuaseo obviously the password was not typed correctly because of keyboard
<TTY_problem> because*
<DrDetroit> jmarsden: one final question, when configuring postfix, i am assuming I do NOT choose use procmail, since dovecot will used, is that correct?
<TTY_problem> this is really annoying problem
<jmarsden> DrDetroit: From memory, don't specify postfix as the local delivery agent unless you need it.  procmail and dovecot do different things
<jmarsden> TTY_problem: Sounds like at install time the wrong kind of keyboard was specified, or else there is a bug somewhere in how Ubuntu handles your keyboard...
<jmarsden> But let me play a little before I give you more things to try...
<DrDetroit> jmarsden: thank you I will play arround with this for a while
<jmarsden> DrDetroit: You're welcome
<TTY_problem> jmarsden: when I installed it everything worked fine
<TTY_problem> now doesnt
<TTY_problem> really weird.
<jmarsden> TTY_problem: OK... so what changed just before it stopped working?
<TTY_problem> nothing
<TTY_problem> just installed things on the server
<TTY_problem> :s
<jmarsden> What things?  Anything keyboard or input related?
<jmarsden> OK, one more thing to try:   sudo dpkg-reconfigure console-setup   # Did you do this already?
<TTY_problem> jmarsden: yes
<jmarsden> OK... I'm running out of ideas... does the output of     grep  ^X /etc/default/console-setup      look reasonable for your keyboard?
<jmarsden> (on the ssh session, obviously, since you can't yet log in locally)
<TTY_problem> jmarsden:
<TTY_problem> the problem is the key "1"
<TTY_problem> it's adding chars
<TTY_problem> :P
<jmarsden> You mean you have a sticky '1' key, a hardware issue with the keyboard??
<TTY_problem> jmarsden: output http://pastebin.com/raw.php?i=keSY0y1j
<jmarsden> Seems sane to me.  Can you check whether other Linux/Ubuntu PCs you have that work fine have the same settings there?
<TTY_problem> jmarsden: I even counted the keys
<jmarsden> I'm guessing you have a desktop machine or laptop, as well as the server?
<TTY_problem> it has 105 keys
<TTY_problem> then i searched for the model on the  wweb and  found a site say my model is 107/108 keys
<TTY_problem> :P
<jmarsden> TTY_problem: One more (maybe strange?) idea: Can you swap the keyboard of the server with the keyboard of some other PC, just to check that the issue is not a hardware problem in the keyboard itself?
<TTY_problem> jmarsden: ill try
<TTY_problem> jmarsden: btw im in recovery mode now
<TTY_problem> and im browsing the system with root user
<TTY_problem> o.o
<TTY_problem> i didnt type the password but i logged in
<jmarsden> Why?  You were browsing it over SSH just fine before... Anyway... try swapping keyboards and see if that helps.
<TTY_problem> changed the keyboard now it works.
<jmarsden> TTY_problem: OK, so it was a hardware issue... annoying, but buying a new keyboard should be inexpensive :)
<TTY_problem> jmarsden: I installed Ubuntu with another keyboard but I was convinced that i didnt :P
 * RoyK renicks TTY_problem to PEBKAC_problem
<TTY_problem> jmarsden: using recovery mode I edit /etc/hosts file without typing a password
<TTY_problem> isnt this really dangerous..
<RoyK> TTY_problem: just set a root password
<RoyK> sudo passwd root
<RoyK> it's all documented in the handbook
<RoyK> !handbook
<RoyK> wtf
<RoyK> !guide
<ubottu> The Ubuntu server guide may be found at http://help.ubuntu.com/10.04/serverguide/C/
<RoyK> sorry
<jmarsden> TTY_problem: Anyone with physical access to your machine can fairly easily do anything they want to it anyway (e.g. boot from a CD, or even remove its hard drives!), so recovery mode not needing a password is not a significant weakness in practice.  Servers need good physical security.
<TTY_problem> jmarsden: yeah but I would know that I got "robbed"
<TTY_problem> if they edit files I wont notice xP
<jmarsden> TTY_problem: So if they boot from a CD, edit files and reboot, how is that different from booting into recovery mode in terms of damage done or discoverability?
<TTY_problem> jmarsden: couldnt 'they' install a  keylogger..
<TTY_problem> jmarsden: Im just worried with the system not the hardware
<jmarsden> Yes, either by booting from CD or using recovery mode :)  Physical security is important.  Secure your server.
<TTY_problem> so I just need to set a root password right?
<jmarsden> No, that does not prevent someone walking up to the sevrer and booting it from a CD.
<jmarsden> You "just" need to physically secure your servers.
<TTY_problem> jmarsden: ah you disabling boot from cdrom
<TTY_problem> in bios
<TTY_problem> and setup a password etc?
<TTY_problem> you mean*
<TTY_problem> or just lock the server on a room?
<TTY_problem> :p
<jmarsden> Then they remove the drives, connect them to their laptop and edit the files, then put your drives back in.
<jmarsden> I mean you physically secure your servers.
<TTY_problem> ye
<jmarsden> Locking them up is one way to do that, yes.
<TTY_problem> jmarsden: if I encrypt the disks
<TTY_problem> they cant edit
<TTY_problem> the files right
<TTY_problem> they cant access
<jmarsden> Yes, if you use full disk encryption and get it exactly right you can avoid that kind of attack.  Is the risk of such attack really worth the extra work and issues of using full disk encryption for your circumstances?
<TTY_problem> jmarsden: no
<TTY_problem> jmarsden: Im just trying to understand how to secure a server
<TTY_problem> but in practice i dont need it
<TTY_problem> at least now
<jmarsden> There are books written on that subject... read them when you need them.
<TTY_problem> k
<TTY_problem> jmarsden: should I use a password in BIOS?
<TTY_problem> if I lost it how can I reset it?
<jmarsden> That depends on the motherboard, usually there is a BIOS reset jumper you can use to set the BIOS back to a default state...
<DrDetroit> Jmarsden: thanks for your help, I have my postfix sending mail, but not receiving it, but thats ok for now anyways, since I am trying to set up a replacement server and can't set the correct domain name until i retire the old box
<DrDetroit> jmarsden:
<jmarsden> DrDetroit: You're welcome.
<DrDetroit> now onto configuring the eth0 for a fixed ip, even though I dont want to use that yet
<TTY_problem> jmarsden: yeah I've reset it phisically
<TTY_problem> ok so that's it
<TTY_problem> doesnt matter to use password in bios if the "attacker" can open the computer
<TTY_problem> :p
<jmarsden> DrDetroit: https://help.ubuntu.com/10.04/serverguide/C/network-configuration.html see section titled "Static IP Address Assignment"
<DrDetroit> jjmarsden: thanks again! I have 2 ethernet ports, currently using eth1 for my connection, but will try and set eth0 as a fixed ip interface for when I put the box in place
<jmarsden> TTY_problem: Right.  So you end up back at "physically secure the machine" :)
<TTY_problem> :)
<RoyK> TTY_problem: a good approach is to monitor system uptime and react if the system was taken down - then - if your data requires safety, encrypt the data part.
<RoyK> or, as jmarsden says, simply secure the physical system
<RoyK> TTY_problem: a server secured by 100 tons of cement, not connected to a network, will be safe, but not very usable :P
<TTY_problem> heh
<TTY_problem> :)
<TTY_problem> later
<TTY_problem> back
<TTY_problem> damn
<TTY_problem> I can type ! and 1 in gedit
<TTY_problem> but in terminal it adds characters
<TTY_problem> really weird
<TTY_problem> if i type 1 it writes  ~1
<kb_problem> damn lulz
 * davygravy greets ubuntu-server-gurus, acknowledges their network expertise... clears throat and proceeds to ask his question...
<davygravy> not ubuntu-server oriented specifically, but was referred here after visiting ubuntu channel
<davygravy> I've got a bootloader on an embbedded/NAS device that will only boot if it can ping & get a response from a specific (hardcoded) ip addy
<davygravy> what console utility (cli) will send a spoofed response to it, spoofing that ip?
<jmarsden> davygravy: Just add that IP as an alias on one of your existing network interfaces; the network stack will respond to pings, not any cli tool :)
<davygravy> hmmm... the hardcodded ip addy belongs to a dev machine ...  which because it is powerhungry 700W beast, is turned off frequently
<jmarsden> Then change the dev machine to use some other IP and then proceed as I suggested :)
<davygravy> dev machine provides a tftp server that sends initrds to the embedded devices when their drives die, allowing them to go into an emergnecy/maintenance mode
<jmarsden> davygravy: Either use that "dev machine" as a tftp server and leave it on 24x7, or migrate that tftpd function to some other less power guzzling machine that you leave on 24x7 -- either it is a server that can be expected to be around, or it is not, you can't have it both ways :)
<davygravy> tftp server addy is hardcoded, as well, into the bootloaders
<davygravy> yeah, the router runs uclibc optware, so I should be able to migrate stuff to it
<jmarsden> davygravy: hack the bootloaders to use DHCP or BOOTP, maybe, to get that tftp server address dynamically?  Hard coding things like that is ... not pretty.
<davygravy> thanks, jmarsden- I'm thinking that I can go in and tinker w/ nvram maybe... maybe not-so-hard-coded
<davygravy> thanks for the chance to bounce ideas  ;)
<davygravy> the router can run netcat/nc (so I can manipulate the boot process via netconsole), as well, so problem might be solved
<jmarsden> davygravy: You're welcome :)
<storz> I have a bit of an easy question but I have a feeling that there is alot more to it than just this.
<storz> I'm following the guide https://help.ubuntu.com/10.04/serverguide/C/postfix.html
<storz> What would be my imap username, server, and password?
<jmarsden> storz: (a) if you are running imap on your own server, you should know what your own username, password and hostname are ; (b) if you use IMAP provided by an ISP, ask them for that info :)
<jmarsden> storz: IMAP is not something provided by postfix, btw, so you might be a little confused?
<uvirtbot`> New bug: #743280 in samba (main) "Folder-watching is broken" [Undecided,New] https://launchpad.net/bugs/743280
<storz> @jmarsden: I'm running it myself.  I've installed dovecot as per that guide so imap should be working, correct?  And yes, I am incredibly confused.  This is my first go at a mail server.
<storz>  assume that my username would be the username I set up (storz@mydomain.com) and my password.  But I'm getting password mismatch errors when I attempt to connect in my mail log.
<storz> Mar 26 12:47:16 ve dovecot: auth-worker(default): pam(storz@ve.7hnjx2yh.vesrv.com,127.0.0.1): pam_authenticate() failed: Authentication failure (password mismatch?)
<jmarsden> storz: Unless you are using virtual domains in some way, your username is probably storz, not storz@mydomain.com
<jmarsden> BTW this is about dovecot, not postfix, see the log line you just posted :)
<Jasonn> How do i install KLIPS support on ubuntu server?
<storz> jmarden: are you referring to apache's virtual domains?  If so then yes, I am using them.
<jmarsden> storz: No, I am referring to dovecots virtual domains, because it is dovecot you are authenticating to :)
<jmarsden> storz: Can you just    telnet localhost imap     and then type in     .login storz yourpassword    and see what happens ?
<jmarsden> Oh, that should be   . login storz yourpassword
<jmarsden> (with a space between the . and the login)
<jmarsden> Jasonn: I don't really know, but ipsec tncfg  may help, see http://manpages.ubuntu.com/manpages/lucid/man8/ipsec_tncfg.8.html
<Jasonn> thanks
<jmarsden> Jasonn: You're welcome
<Jasonn> Do you have any idea of how to install it?
<Jasonn> Or better yet
<Jasonn> could you explain to me like a 5 year old how to install a vpn?
<jmarsden> Jasonn: sudo apt-get install openswan
<jmarsden> If you need "like a 5 year old", why are you asking about KLIPS >
<Jasonn> Because
<Jasonn> it sais that KLIPS support is not installed
<jmarsden> Step back and ask your real question.  What are you trying to do?  What devices or computers will be at each end of the VPN tunnel?
<Jasonn> My server on one end
<Jasonn> and my desktop on the other
<Jasonn> and my cellphone too
<storz> jmarsden: Got it.  Thanks.  No, I can't.  I get NO (AUTHENTICATIONFAILED) Authentication failed.
<davygravy> jmarsden: thanks, I think I found the solution I was originally looking for ...   icmpush ... will build this w/ my Buildroot/uclibc toolchain & try it that way.  In any case, thanks for your advice & insight.
<storz> Hold on.  Could it be that I have my dovecot installed incorrectly?
<storz> Postfix definitely is correct as I can receive email no problem.  Perhaps my dovecot is not reading my email database for logins?
<jmarsden> storz: by default dovecot uses the unix password database
<jmarsden> storz: That is why I said you should know your own username and pw earlier on :)
 * davygravy waves goodbye to nice, friendly people
<jmarsden> davygravy: You're welcome
<Jasonn> jmarsden:
<storz> @jmarsden: That would do it.  I've been assuming that it would connect to my mysql db and work with it.  Do you know if dovecot has this functionality (but needs to be enabled I guess)?
<jmarsden> storz: You can make it use whatever back end db you need, I think by editing its pam config file under /etc/pam.d/ but there may be other ways too
<storz> Jmarsden: Thank you!  I tried using my unix account and it is working perfectly.  Thats what I was missing.  I'll see if I can't get it to worth with mysql now.
<jmarsden> storz: You're welcome
<Jasonn> How can i remove all package i have installed?
<Jasonn> only the ones *i* installed
<jmarsden> Jasonn: sudo apt-get purge PACKAGENAME1 PACKAGENAME2 ... PACKAGENAME99
<jmarsden> Do you know which ones you installed?
<Jasonn> no
<jmarsden> You may be able to read /var/log/dpkg.log to figure that out.
<Jasonn> Hm
<Jasonn> Thanks:)
<jmarsden> You're welcome.  Lesson to learn: make notes as you configure a server, documenting what you do and why.  It makes reverting changes easier.  (Of course, having good backups is another way to deal with this!)
<jmarsden> Jasonn: if you used apt-get you can also look in /var/log/apt/history.log
<Jasonn> Ok i got it
<kees> anyone ever noticed thunderbird + dovecot sucking HUGE bandwidth?
<Jasonn> no
<ScottK> kees: I read that first time through as "anyone ever noticed thunderbird sucking?" and thought, "Duh."
<ScottK> :-)
<Jasonn> jmarsden: Dont really know if this is your area of expertise, but is there a better client to use on ubuntu desktop to connect to VPNs??
<jmarsden> kees: After upgrading to TB 3,  its default options changed to sync everything locally (or something like that), I had that issue until I figured it out and told it not to do that...
<jmarsden> Jasonn: Have you tried openvpn? https://help.ubuntu.com/10.10/serverguide/C/openvpn.html
<Jasonn> No, i mean a client
<jmarsden> Jasonn: You want a pretty GUI wrapper?  No, I don't know what to suggest for that, sorry.
<Jasonn> Ok
<Jasonn> thanks :)
<slim_> hi, any recommendation for a sip server that can integrate with MS OCS ?
<kees> ScottK: heheh
<old_keyboard> wazzup
<uvirtbot`> New bug: #743322 in awstats (main) "Man page for awstats-update installed in the wrong place" [Undecided,New] https://launchpad.net/bugs/743322
<zertyui> hello there
<zertyui> anyone know about postfix ?
<old_keyboard> I dont
<DrDetroit> jmarsden was helping me get it set up, but i think he is away atm
<DrDetroit> i wonder if i can somehow migrate my old iptables setup my new ubuntu 10.04 server
<old_keyboard> DrDetroit: cant you copy them?
<old_keyboard> sudo iptables -L
<DrDetroit> old_keyboard:  my old iptables rests on a rh7.3 machine, so even though it's iptables was taken years ago from a debian machine, I was not sure it would work
<DrDetroit> On may old machine, we had a file called iptables and in it were all the rules
<DrDetroit> old_keyboard: according to the manual I think i can just take my old rules and copy them as /etc/iptables.rules onto the new machine
<old_keyboard> ok :)
<DrDetroit> of course removing anything that is not a rule
<old_keyboard> If I change /etc/motd does it update the system info after a kernel update?
<old_keyboard> On Ubuntu systems, /etc/motd is typically a symbolic link to /var/run/motd.
<Jasonn> Hey, i wanna run a web proxy on my server, how do i do this?
<old_keyboard> Ithink you need squid
<Jasonn> No, i want a webproxy not a proxy server
<old_keyboard> hm
<old_keyboard> try https://help.ubuntu.com/10.10/serverguide/C/
<old_keyboard> change link if not maverick
<old_keyboard> Is ifup and ifdown the same as ifconfig ?
<DrDetroit> no
<old_keyboard> I mean the function
<DrDetroit> ifup (interface) or ifdown (interface) turns on or turns off the specified interface
<DrDetroit> ifconfig configures an interface
<DrDetroit> or gives you a report on one
<DrDetroit> ie ifconfig eth0 should show  you the relevant information for that interface
<DrDetroit> see man ifconfig
<old_keyboard> DrDetroit: sudo ifconfig eth0 up
<old_keyboard> sudo ipup eth0
<old_keyboard> looks the same
<DrDetroit> i switch to root when i want to do something so i dont use sudo
<DrDetroit> sorry
<old_keyboard> lol
<old_keyboard> DrDetroit: forget the sudo look at the commands
<old_keyboard> I think they do the same thing.
<DrDetroit> maybe ipup and ifup are the same, but i dont think ipup and ifconfig are the same
<DrDetroit> and it very well may give the same results
<DrDetroit> i never use ifup or ifdown or any of that stuff
<DrDetroit> i like my stuff to stay on all the time
<DrDetroit> <---simple minds require simple stuff
<old_keyboard> :D
<DrDetroit> I am new to ubuntu server, I have mostly run debian and before that FreeBSD and Redhat in the old days
<old_keyboard> k
<old_keyboard> I am running ntpd how do I know if ntpdate is running at boot?
<old_keyboard> i just want ntpd
<old_keyboard> anyway i just purged ntpdate.
<qman__> ntpdate is in the default install
<qman__> in order to provide good time the server must get its time from a reliable source
<qman__> when you install ntpd, things get configured the right way for it to work
<old_keyboard> qman__: yes i use ntp
<old_keyboard> and i use a server near me
<qman__> ntpdate is the tool that retrieves the time
<qman__> ntpd is the service that provides it
<old_keyboard> o.o
<old_keyboard> qman__: they are different things
<old_keyboard> for the same purpose
<old_keyboard> get time from internet
<old_keyboard> but ntpd is more accurate
<old_keyboard> correct me if i am wrong
<old_keyboard> https://help.ubuntu.com/10.10/serverguide/C/NTP.html
<old_keyboard> "Ubuntu has two ways of automatically setting your time: ntpdate and ntpd. "
<qman__> it isn't more accurate
<qman__> it just adjusts it smoothly and constantly
<qman__> your time is only as accurate as the time source
#ubuntu-server 2011-03-27
<old_keyboard> lol ofc
<aliverius> is it possible that many pcs access the same nfs share withou;side effects?
<old_keyboard> but those ntp servers are accurate.
<qman__> aliverius, that's sort of the entire point of nfs
<aliverius> great cause i need to  share data between a kvm host and guest
<old_keyboard> qman__: I just dont understand why ntpd listen at UDP port 123
<old_keyboard> to get time (duh)?
<old_keyboard> I dont to run it as a server
<old_keyboard> dont want
<qman__> ntpd serves time on that port
<qman__> if you don't want others accessing it, block it in your firewall
<old_keyboard> but i dont want to serve
<old_keyboard> I did.
<old_keyboard> qman__: so I can use my machine as server even that i get that time from other sv?
<qman__> that's how ntp works
<qman__> you get time from class 2, 3, 4 servers depending on your configuration
<qman__> your ntpd then becomes one class above that
<old_keyboard> nice :)
<old_keyboard> but there should be an option to listen
<qman__> and each link in the daisy chain is one class higher, until 16
<old_keyboard> :x
<qman__> 16 is considered totally unreliable
<old_keyboard> to close listen port
<old_keyboard> i meant
<old_keyboard> yeh
<qman__> most people who run ntpd run it to provide network time
<qman__> as ntpdate is good enough for 99%
<old_keyboard> i run it to get time
<old_keyboard> :p
<qman__> the other 1% can block it in the firewall
<old_keyboard> k
<Patrickdk> hmm, the default ntp config doesn't serve time
<qman__> IIRC, it doesn't serve time, but it still listens on the port
<qman__> and simply rejects any requests
<Patrickdk> ya, cause port 123 is much more than just receive/send time
<Patrickdk> it's also the control interface and stuff
<Patrickdk> if your paranoid about it listening on port 123, use ntpdate
<old_keyboard> Patrickdk: :D
<Patrickdk> just make sure you script it properly
<old_keyboard> no im paranoid
<old_keyboard> i just block 123 port
 * Patrickdk runs a pool server :)
<old_keyboard> Patrickdk: if default ntp config doesnt act as server there's not secutiry risk then
<Patrickdk> I dunno what happened, but been getting flooded with ntp requests from china for the last month
<Patrickdk> there is always a security risk
<Patrickdk> and it does act as a server
<old_keyboard> ddos
<Patrickdk> just cause it doesn't respond
<Patrickdk> doesn't mean someone won't find a vaunerability
<old_keyboard> ok
<Patrickdk> it's just the likelyhood is even less
<old_keyboard> thanks for clarifying my doubts
 * Patrickdk has never been scared though of it
<old_keyboard> config shows
<old_keyboard> # By default, exchange time with everybody, but don't allow configuration.
<Patrickdk> hmm?
<old_keyboard> restrict -4 default kod notrap nomodify nopeer noquery
<old_keyboard> ./etc/ntp.conf
<Patrickdk> noquery makes it not let other people request time
<old_keyboard> restrict 127.0.0.1
<old_keyboard> only at localhsot right
<Patrickdk> allow everything on localhost
<old_keyboard> oh
<old_keyboard> # Local users may interrogate the ntp server more closely.
<old_keyboard> and how I do that?
<Patrickdk> http://support.ntp.org/bin/view/Support/AccessRestrictions
<Patrickdk> you want to allow local access?
<old_keyboard> no just get time
<Patrickdk> restrict 192.168.0.0/16 default nomodify notrap nopeer
<old_keyboard> Patrickdk: ok it means that i can access it from subnet
<Patrickdk> oh that isn't right
<old_keyboard> # If you want to provide time to your local subnet, change the next line. # (Again, the address is an example only.) #broadcast 192.168.123.255
<Patrickdk> restrict 192.168.0.0 mask 255.255.0.0 notrap nopeer nomodify
<Patrickdk> is what I'm using
<old_keyboard> 0.0?
<Patrickdk> hmm, ya
<old_keyboard> should I  disable restrict 127.0.0.1 restrict ::1
<old_keyboard> ?
<old_keyboard> with #
<Patrickdk> why?
<old_keyboard> i dont want anyone to access it
<Patrickdk> you don't trust your own machine it's running on?
<old_keyboard> :)
<Patrickdk> if you do, ntpq and stuff won't work
<old_keyboard> ah k
<Patrickdk> you could always password restrict it
<old_keyboard> Patrickdk: restrict -4 default kod
<old_keyboard> -4 is for ipv4?
<Patrickdk> ya
<old_keyboard> and default and kod?
<Patrickdk> kiss of death
<Patrickdk> it won't do really anything, without the limit option
<Patrickdk> not sure about default :)
<Patrickdk> never really use it myself
<old_keyboard> default is to listen all adresses maybe
<Patrickdk> no
<old_keyboard> OH
<old_keyboard> By default, exchange time with everybody, but don't allow configuration.
<old_keyboard> so if i want to configure need to remove default
<old_keyboard> Patrickdk: so i just need restrict 192.168.0.0 mask 255.255.0.0 notrap nopeer nomodify
<old_keyboard> and to open 123 port in router?
<Patrickdk> if your subnet uses 192.160.x.x
<old_keyboard> and soft firewall
<Patrickdk> 192.168.x.x
<old_keyboard> yea
<old_keyboard> got it
<old_keyboard> Patrickdk: and i only want the router
<old_keyboard> I put its IP?
<Atomhunter> Hey how do you select multiple software packages to install when installing ubu server?
<old_keyboard> restrict 192.168.1.69 mask 255.255.0.0 notrap nopeer nomodify
<old_keyboard> for example
<old_keyboard> ?
<Patrickdk> why the odd restrict ip?
<old_keyboard> Patrickdk: if router is 192.168.0.1
<old_keyboard> I use that IP?
<old_keyboard> why did u use 0.0 as example?
<old_keyboard> is it like wildcard?
<Patrickdk> cause anything that is a 0 in the netmask is pointness to define in the ip
<Patrickdk> and lots of programs will bomb out if you do
<old_keyboard> bomb out?
<Patrickdk> cause mine was *correct* and yours is, odd :)
<Patrickdk> crash, syntax error, fail, ...
<old_keyboard> Patrickdk: i just want the router to access the sv
<old_keyboard> so i just put router ip
<old_keyboard> is that correct?
<Patrickdk> NO
<old_keyboard> or i use my local ip
<old_keyboard> ?
<Patrickdk> NO
<old_keyboard> NO
<Patrickdk> learn how ip subnets work
<old_keyboard> tell me teacher
<Patrickdk> google, ip subnet
<old_keyboard> :D
 * old_keyboard reading in is native language
<old_keyboard> Class C
<old_keyboard> B in that case
<Patrickdk> ignore anything talking about classes
<old_keyboard> B 	10 	128.0.0.1 	191.255.255.254 	255.255.0.0 	/16
<old_keyboard> it's kinda advanced
<old_keyboard> Patrickdk: I found this config on a site http://forums13.itrc.hp.com/service/forums/questionanswer.do?admit=109447627+1301185010084+28353475&threadId=1357094
<old_keyboard> restrict default ignore restrict 127.0.0.1 restrict your.ntp.server
<old_keyboard> and in here http://www.debianadmin.com/ntp-server-and-client-configuration-in-debian.html they say to use restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
<Patrickdk> man, you really can't be bothered to learn what anything does?
<Patrickdk> just blindly follow whatever anything tell you to do?
<old_keyboard> i am learning
<old_keyboard> you say something other ppl say something different
<old_keyboard> :)
<Patrickdk> I told you exactly what you wanted
<Patrickdk> those are generic
<Patrickdk> and the first one has nothing to do with anything you want
<old_keyboard> ok
<old_keyboard> restrict 192.168.0.0 mask 255.255.0.0 notrap nopeer nomodify
<Patrickdk> you could remove the nopeer if you want
<old_keyboard> gonna get hacked :(
<Patrickdk> why?
<old_keyboard> what is the nopeer
<old_keyboard> option
<old_keyboard> no connections?
<Patrickdk> you shouldn't allow anyone using a 192.168.x.x network range on your network
<Patrickdk> it's for when two ntp servers agree to talk to each other
<Patrickdk> they can use each other as clients or servers
<old_keyboard> so i remove that I could mess it up
<Patrickdk> no
<old_keyboard> hm
<old_keyboard> ok
<Patrickdk> it means another ntp server on your network could become the source of time
<Patrickdk> and if that person is screwing with you
<Patrickdk> could theoredically cause your server to get bad time
<old_keyboard> nice
<old_keyboard> Patrickdk: and restrict 127.0.0.1 is for unlimited access
<old_keyboard> ?
<Patrickdk> ya
<old_keyboard> see i've learned something new today
<old_keyboard> then sudo service ntp restart
<old_keyboard> Patrickdk: what about the -4 and -6 should I remove it?
<Patrickdk> doubt it matters, dunno
<old_keyboard> doesnt make a difference since i only use ipv4
<Patrickdk> I haven't bothered
<old_keyboard> k
<Patrickdk> the ORDER in the file matters a LOT though
<old_keyboard> k
<old_keyboard> i comment out those 2 lines and add restrict 192.168.0.0 mask 255.255.0.0 notrap nomodify
<Patrickdk> so now your open to everyone?
<old_keyboard> not yet
<Patrickdk> well, if you commented out the restrict default lines
<old_keyboard> but added restrict 192.168.0.0 mask 255.255.0.0 notrap nomodify
<Patrickdk> just add the restrict 192.168.0.0 line AFTER those
<old_keyboard> #restrict -4 default kod notrap nomodify nopeer noquery #restrict -6 default kod notrap nomodify nopeer noquery
<Patrickdk> ya, so now since no one is restricted by default :)
<old_keyboard> gonna get hax00red
<Patrickdk> or maybe it doesn't
<Patrickdk> but that never opened it up for me
<Patrickdk> probably have lots of other things going on with my config, cause it's a few hundred lines long
<old_keyboard> so im open to my subnet
<old_keyboard> and the rest of the world if i forward port in router
<old_keyboard> ?
<old_keyboard> all the options here http://www.eecis.udel.edu/~mills/ntp/html/accopt.html
<shaggy2> hello people. I need assistance with changing the IP addess of my ubuntu server, I have obtained a seet of ip's from my isp and have them running on the network, I just checked the ip of the server and it's still runing the old one, how to I change it?
<Atomhunter> that is a google-able question
<shaggy2> the current ip is 192.168.0.8 and I need to change it to *.*.*.139 (the * rep the puplic ip)
 * patdk-lap still doesn't get why people bother hiding ip addresses
<patdk-lap> they are *public* knowledge, and of a small enough space to *guess*
<shaggy2> so I can't help on this item in the ubuntu-server HELP channel?
<old_keyboard> use a VPN
<patdk-lap> technically, the answer is simple, edit /etc/network/interfaces
<shaggy2> last time i sent a public ip here I ended up with DOS attacks
<patdk-lap> but the question you didn't ask, and can't do much about really is
<patdk-lap> you have to change the config of all your programs also
<shaggy2> that I can get help from the program website, as it's one master program that changes everything, just wont do the eth ip
<patdk-lap> they overloaded your internet connection?
<shaggy2> yes
<shaggy2> ok it seems that the ip address is obtained automaticly, how do I do a release renew in ubuntu-serer?
<shaggy2> the interface is eth1
<patdk-lap> you run a server via dhcp?
<shaggy2> I set static via the router. but I need to get the ip on the server first
<shaggy2> it hasn't failed me yet
<Atomhunter> ifconfig -a will show you its address
<patdk-lap> does the router have a public ip?
<patdk-lap> and it's going route that public ip into the same network your mixing private ip?
<patdk-lap> and you have no issue with that?
<Atomhunter> i don't know if he realizes the issue....
<shaggy2> all devs on my network will be running the public ip addresses
<shaggy2> I have firewalls on all systems
<Atomhunter> *facepalms hard*
<shaggy2> are firewalls not good enough
<Atomhunter> no, you want to subnet public from private
<shaggy2> how do I do that?
<Atomhunter> what type of routers do you have?
<shaggy2> netgear
<patdk-lap> model numbers :)
<shaggy2> dg834g
<shaggy2> but it will be changing
<Atomhunter> serial numbers...
<shaggy2> u need that for?
<patdk-lap> oh, home system crap
<shaggy2> you cant get the info on the model?
<Atomhunter> nvm.... I didn't realize that was model...
<Atomhunter> yea... your need more commerical system... I'm using a home system netgear... so wish i could stick a different firmware on it
<shaggy2> I can get the serial number if you need it
<Atomhunter> no need
<shaggy2> ok recomend?
<Atomhunter> something you can flash pfsense onto...
<Atomhunter> yeah I can't recommend somethign... I'm only a security student atm...
<shaggy2> oh ok. sorry guys I am new to this type of networking
<Atomhunter> get shoved into a sys admin role?
<shaggy2> not really, I am starting a hosting company, so learning on the fly BEFORE I get customers
<Atomhunter> ooohhh... erm... whats your computer knowledge?
<DrDetroit> shaggy2: how are you connected to your isp? dedicated line?
<shaggy2> 2 decicated lines
<DrDetroit> ok
<DrDetroit> Just configure each machine on your network with a different ip from the range you have been assigned
<shaggy2> I have 2 ADSL2+ connections atm, first in line when fiber comes into my town (if your from australia then you'll know what I am on about if not the lookup the Australian NBN)
<DrDetroit> haha i live in Arkansas, we just retired the  tin can and string
<DrDetroit> I assume you have a router on each line
<shaggy2> so on a system that I don't want on the public network, I just set for eg 192.168.0.3 on the same subnet as the public systems?
<Atomhunter> i live in south dakota... we still have pony express
<DrDetroit> router---->main box----->switch---->rest of the boxes
<DrDetroit> the main box can do  your firewalls and nat
<Atomhunter> *cough* pfsense
<DrDetroit> hehe ok
<DrDetroit> i will be quiet now
<Atomhunter> oh hey... keep going :_
<Atomhunter> I was just suggesting using pfsense
<shaggy2> both modem are going into a linux box that goes to a router all in the main room, then in my server room trunk cable (5 line) into a switch then into 3 systems and a server
<DrDetroit> sounds like you know what your doing, I will be quiet
<shaggy2> everything runs from the main modem, the 2nd only kicks on on reduncy
<Atomhunter> make sure to test that it'll kick in aka unplug the main, so you don't discover its not working
<shaggy2> already done, I do a weekly test
<shaggy2> the router after the linux box in the dg834g
<DrDetroit> I run my network as i showed above
<Atomhunter> i'll be quite now too... look up some linux sys admin/network admin books if you need to look into subnetting and stuff
<DrDetroit> my main box has the public ip the rest are private
<DrDetroit> main box does firewall, nat, web and mail but mostly just tosses packets around
<shaggy2> well thats how I had it before, but had to make changes so I can run a DNS server
<Atomhunter> mine is schools network -> crapy router -> switch -> boxes
<shaggy2> that is what got me unstuck
<DrDetroit> just put the dns server on the main box also
<shaggy2> I could view all domians on my network, but the people that was outside couldn't get to see them cause it was directing to local address's
<old_keyboard> 123/tcp closed ntp
<old_keyboard> shouldn't it respond as open
<old_keyboard> ?
<DrDetroit> if you are hosting other folks then i would assume you would have those boxes with public ip's also
<DrDetroit> so that they can get to them
<shaggy2> well I only had 1 pub ip untill today
<DrDetroit> still the configuration i gave you will do that too
<DrDetroit> nod
<shaggy2> so anyways back to changing the ip on the ubuntu server
<shaggy2> I can manualy set it
<DrDetroit> sure
<shaggy2> just need someone to tell me how
<patdk-lap> this is much more of an issue than that
<patdk-lap> you need to resign your whole network
<DrDetroit> http://www.howtogeek.com/howto/ubuntu/change-ubuntu-server-from-dhcp-to-a-static-ip-address/
<patdk-lap> and I don't think that *router* you have will let you do it
<shaggy2> well this is the only thing that "NEEDS Static"
<shaggy2> it's allready done, I was on the phone with netgear support for 3 hours having them telling me that it wont do it, and then after 3 hours saying do this and this and this and now it works
<DrDetroit> dont forget to make a backup before you edit the file
<shaggy2> paid them $89.95 for them to tell me to buy a new mobem, only to then turn around after abusing them then it now works
<DrDetroit> my advice is worth what you paid for it
<DrDetroit> hehe
<DrDetroit> take a look at that artice, it should fix you up
<shaggy2> sweet thank you, but how do I make a backup of that file?
<Atomhunter> hey how can i see if my raid is mounted or not?
<DrDetroit> cp filename filename.original
<DrDetroit> also make sure you look at the comment from
<DrDetroit> Nickname007 and do that too
<KMFrog> could also set static dhcp per mac
<DrDetroit> otherwise you wont have any name resolution
<DrDetroit> hope that helps
 * patdk-lap still wonders how using a static ip inside the nat part of that router will work
<KMFrog> shaggy2 you hosting webservers?
<DrDetroit> shaggy2: if your changes dont work you can always cp filename.original filename and be back where you started
<Atomhunter> formatting my server's 1.5tb raid... zeroing... omg... so much time...
<tonyyarusso> What does the automatic generation of /etc/ssl/private/dovecot.pem?
<lookin_for_MB> hi
<lookin_for_MB> Do you know a good website to search mother board model?
<uvirtbot`> New bug: #683591 in sensors-applet (universe) "sensors-applet randomly picks up duplicates" [Undecided,Invalid] https://launchpad.net/bugs/683591
<lookin_for_MB> hm
<jmarsden> tonyyarusso: The postinst maintainer script in the dovecot-common package
<tonyyarusso> jmarsden: Ah.  Is there an easy way to re-run it (to change the hostname), or do I have to walk through things manually?  (The primary system hostname is johnmarty.org, but I want Dovecot's certificate for mail.johnmarty.org)
<jmarsden> I'm not sure.  Look at /var/lib/dpkg/info/.dovecot-common.postinst and maybe you can copy it somewhere, edit that script to do just the certificate generation, and run your modified copy?
<tonyyarusso> seems reasonable
<jmarsden> Make that   /var/lib/dpkg/info/dovecot-common.postinst
<tonyyarusso> jmarsden: I ended up having to do a bit more than that, but got it now.
<uvirtbot`> New bug: #743484 in nut (main) "libupsclient.pc contains unresolved symbols" [High,Confirmed] https://launchpad.net/bugs/743484
<shaggy2> hello
<shaggy2> anyone know anything about frame routes. or where I can get help
<shaggy2> Atomhunter: are you there?
<DrDetroit> shaggy2: how did changing to a fixed ip go?
<shaggy2> not goot
<shaggy2> all ips are done
<DrDetroit> why?
<shaggy2> but my router dun support framed routes
<shaggy2> fucken netgear
<DrDetroit> ah
<shaggy2> lookin for a decent router that will do it, was pointed at cisco
<shaggy2> it's a shame
<shaggy2> the netgear dg834g has been in use for about 4 years now across heaps of different isp's, and this is the first time it hasn't been able to do something
<DrDetroit> sorry to hear that
<shaggy2> it is gunna be a sad day to see it go
<shaggy2> never missed a beat
<air^> no matter how good it was, it's no good once it fails to keep up. :)
<shaggy2> had a problem connecting once my ISP said I need a new modem, I said no check everything else first, thats when they found out the my line was pulled from the ADSL socket in the exchange
<shaggy2> how dodgy is that
<shaggy2> so can anyone recomend a router for me
<DrDetroit> cant your isp recommed what you should be using?
<air^> shaggy2: so, you'r looking at an adsl modem + router combined?
<shaggy2> yeah
<air^> I've never liked that combo, rather have a bridged adsl modem than wont messup + standalone router.
<shaggy2> dun have to be, I do have a dlink adsl2+ that I can use
<air^> currently I use a bridged zyxel + apple's time capsule, howeverm the timecapsule is not that great.
<air^> the bridged zyxel on the other hand doesn't fuck up. it just does it's thing. :)
<shaggy2> cool
<shaggy2> I just need something that supports framed routes... I have never played with this before so it's all new to me
<air^> (this is the cheapest basic version of the zyxel adsl modem, just one port in, one out, and in bridged mode, basically all it's features are disabled and can't break)
<air^> but I know nothing about framed routes, so can't recommend anything there. :/
<shaggy2> lol same with my ISP who sell them
<air^> afk. gott go get my house built. :)
<shaggy2> lol
<air^> seriously.
<air^> it ain't gonna build itself. :)
<shaggy2> lol
<kickar> hey guys, i am having a bit of a problem with apache displaying php errors in browser, I have set my my php.ini varialbles to display errors
<lenios> what's the problem kickar ?
<kickar> lenios,  hi, I can't get php error message displayed in browser
<kickar> if there is an php error i get either plain white screen either
<kickar> "The page you are trying to view cannot be shown because it uses an invalid or unsupported form of compression."
<KMFrog> kickar what browser
<kickar> KMFrog,  every well know browser
<kickar> IE, Mozilla, CHrome
<KMFrog> they all say that exact thing?
<kickar> yes error 330 Error content decoding failed
<kickar> on my gentoo machine displayes mysql conn. error
<kickar> i believe it is php/apache related issue
<KMFrog> can you wget / telnet it to see the raw output?
<kickar> KMFrog,  yes I can
<kickar> it says "Warning: mysql_connect(): Unknown MySQL server host 'http' (1) in /var/www/qa-db.php on line 50"
<KMFrog> you doing your own compression?
<KMFrog> in php
<kickar> i have tried to install a cms
<kickar> have you seen that before
<KMFrog> ah, ok, CMS is maybe trying to do its own gzip compression and its all failing because of the error
<KMFrog> you will need to remove the http:// from your config i would guess by that message
<KMFrog> if its http://localhost it needs to be localhost
<KMFrog> for the db address
<kickar> KMFrog,  i am not trying to fix this particular issue, I am trying to get apacge to show
<kickar> the error in browser
<KMFrog> the CMS probably says its a compressed page, but then the error is in plaintext so the browser dies
<kickar> it is the same on the test script that i wrote
<kickar> KMFrog,  do you have any idea?
<KMFrog> fixing the mysql error
<kickar> I mean at all
<kickar> check http://otgovorimi.com
<kickar> this is the ubuntu server
<kickar> this is the gentoo machine
<kickar> http://dhwebservices.com/web/
<kickar> it is the same script
<shauno> oh that's odd.  your first url has something in the first four bytes which kills my browser
<kickar> shauno,  they are the same script
<kickar> the first is ubuntu server
<kickar> the second one is gento
<kickar> gentoo*
<shauno> the good page starts ef bb bf  .. and then into the html.  the bad one has an extra byte, ef bb bf 0a ...
<kickar> shauno,  maybe I have miskaten something in php / apache configuration
<kickar> KMFrog,  welcome back
<KMFrog> srry, client died -_-
<kickar> did you get my last 2 lines ?
<kickar> ubuntu server: http://otgovorimi.com
<kickar> genoo server: http://dhwebservices.com/web/
<kickar> the same script
<kickar> the same error
<shauno> oh, 0a's just a linefeed.  I've no idea why that's making any difference
<kickar> maybe apache conf?
<KMFrog> kickar I would say its a case of the CMS not handling errors very well, if you fix the error it will probably work
<KMFrog> what cms is it
<kickar> KMFrog,  the same with WP, Joomla, and so on
<kickar> it is some free q&a cms
<kickar> just for testing
<kickar> my goal is not to fix this particular error, but to fix apache
<KMFrog> apache is probably ok
<KMFrog> it looks like php issues
<kickar> maybe i have missed a module
<lenios> kickar, try to do a test page in php and see if errors are displayed
<kickar> what php modules I should install to have a good production enviroument
<KMFrog> good test page:   <?php phpinfo(); ?>
<KMFrog> anyname.php
<lenios> error page: <?php echo 'test'.'not ended; ?>
<lenios> i might have a syntax error besides the missing quote
<kickar> http://otgovorimi.com/info.php
<KMFrog> works fine
<kickar> http://otgovorimi.com/error.php
<kickar> displays the error fine now
<KMFrog> makes me think again that CMS is not dealing with errors very well
<lenios> cms related, yes
<kickar> KMFrog,  but what about the other url?
<kickar> the are both the same script on different systems set the same way
<KMFrog> kickar if error.php is <?php echo 'test'.'not ended; ?>  .. then its normal it wont work :p
<kickar> i mean about
<kickar> for example i have set up a wp here
<lenios> can you give phpinfo(); for both servers?
<kickar> just a second
<ikonia> kickar: have you asked the guys in #wordpress as I suggested
<ikonia> kickar: you seem to be repeating the same question as in #ubuntu
<kickar> ikonia,  just looking for an answer
<kickar> i have asked in #php as well
<ikonia> kickar: did you ask the guys in #wordpress who I told you HAD the answer and explained it to me
<kickar> ikonia,  their solution is adding a ling in .htaccess to show error, but this is not going to fix my entire server
<kickar> http://dhwebservices.com/info.php
<kickar> lenios, here is the gentoo one
<lenios> maybe it's just not your server
<KMFrog> was the .htaccess line to disable gzip?
<ikonia> lenios: it's not a server issue
<kickar> lenios,  i have had the same issue with WHMCS, Joomla!, Wordpress etc.
<ikonia> my RHEL and Fedora machines to it too, it's how PHP clasifies errors
<ikonia> the guys in ##php should be able to explain this, and the guys in #wordpress explained this to me approx 2 days ago
<lenios> my error test page is displayed as expected, anyway
<ikonia> the settings in the php.ini need to be set a certain way, it's not just enabling logging and restarting
<kickar> ikonia,  thet gave me that link now:  http://codex.wordpress.org/User:Sivel/FAQ
<kickar> they*
<kickar> and it is not a bit of a help
<kickar> ikonia,  can you do me a favor and pastebin me you php.ini  file?
<ikonia> kickar: why ?
<kickar> so i can compare mine to yours
<ikonia> why ? mines not got logging enabled
<kickar> ok
<ikonia> pastebin yours, we can look over it
<kickar> http://gist.github.com/889114
<ikonia> kickar: this is ubuntu 10.04 ?
<jkgeyti> Any idea why I only see ./powerbtn in /etc/acpi/event in ubuntu server 10.04 ? I want to to run a script on power change.
<kickar> 10.10
<ikonia> kickar: why did you set the error_reporting = -1
<kickar> ikonia,  -1 should be everythinh
<ikonia> really, I thought that was nothing ?
<ikonia> I know mine didn't use -1
<kickar> ok, now is : E_ALL | E_STRICT
<kickar> the same
<ikonia> I didn't change that
<kickar> do you remember what did you change,  or maybe point me to some reading
<aliverius> $ sudo mdadm -r /dev/md0 /dev/sdb
<aliverius> mdadm: hot remove failed for /dev/sdb: Device or resource busy
<aliverius> how do i remove this from my raid 1 array?
<aliverius> i erroneusly made the whole /dev/sdb a mirror while i should have made just one partition
<ikonia> aliverius: is it still building the array
<aliverius> no
<ikonia> kickar: I don't remember, I got the info from #wordpress guys
<aliverius> ikonia: i marked it as faulty
<ikonia> aliverius: but is the build/sync process totally complete ?
<aliverius> and it still doesnt remove
<aliverius> how do i unmark it faulty?
<ikonia> aliverius: you have to remove and hot add
<ikonia> marking it as faulty should have removed it though
<aliverius> how do i unmark it?
<ikonia> you don't
<ikonia> you need to remove and re-add it
<aliverius> both drives?!
<ikonia> no, the one you have marked as faulty
<ikonia> and I don't mean physially remove it
 * aliverius fears he will render the 1st disk non bootable
<ikonia> remove it from the array
<aliverius> sudo mdadm -f /dev/md0
<aliverius> i marked all the array faulty :(
<ikonia> ooh, you marked the array, not the disk
<aliverius> i mucked up right?
<ikonia> well, it's not the end of the world
<aliverius> please help me
<ikonia> can you pastebin the output of cat /proc/mdstad please
<ikonia> can you pastebin the output of cat /proc/mdstat please
<aliverius> http://pastebin.com/FNXwnyuM
<ikonia> aliverius: great, no problems, was it disk sdb you wanted to remove ?
<aliverius> yes
<aliverius> shall i mark that as faulty?
<ikonia> yes, mdadm -f /dev/sdb
<aliverius> $ sudo mdadm -f
<aliverius> mdadm: an md device must be given in this mode
<aliverius> this is what made me mark the whole array
<aliverius> ok lets do as you said
<ikonia> aliverius: mdadm /dev/md0 -f /dev/sdb
<ikonia> you don't want to fail the whole array, just the one disk
<aliverius> mdadm: hot removed /dev/sdb
<aliverius> ty ikonia
<ikonia> there we go
<aliverius> now i can partition it and make it like the first disk
<aliverius> :))
<ikonia> excellent
<aliverius> but how do i partition it exactly as the first disk?
<aliverius> when i built the array
<aliverius> i thought it would use part of sdb not the whole sdb...
<ikonia> aliverius: just make a partition the same size as the one you want to mirror
<ikonia> be aware though that you may have performance issues if you've using part of a disk for a mirror and part for something else
<ikonia> mirroring is normally done disk/disk mirroring partitions like for like
<aliverius> really? nobody ever told me
<ikonia> not a partition on a disk for mirroring and a partition for something else
<aliverius> but ok
<aliverius> it may boot a bit slower and that's all
<aliverius> i need to mirror only 700G
<aliverius> the other 2x1.3G are precious
<aliverius> as space
<aliverius> not the data inside them
<ikonia> no
<ikonia> general performance may suffer
 * aliverius is wondering if he will be able to run the server headless forever
<aliverius> :(
<aliverius> anyway, i cant do otherwise now
<ikonia> it won't be "that" bad
<ikonia> I don't mean your machine will grind to a halt
<aliverius> i will have to logout
<aliverius> so, bb and thanks ikonia
<peta> hello guys
<hardwired> how do I enable and disable a daemon at boot? e.g. smdb. I am confused by all those possibilities with upstart, update-rc, runlevels
<hardwired> seems unnecessarily complex.
<lenios_> hardwired, it depends on the daemon
<hardwired> lenios: OK, what are the possibilities, and how can I identify which daemon uses which method?
<hardwired> and... why does it depend on the daemon? can't there be one single way for all daemons?
<hardwired> do I edit files in /etc/init/ ? won't they get overwritten at the next upgrade?
<iceflatline> sysv-rc-conf
<hardwired> iceflatline: thanks, I'll check that out.
<hardwired> iceflatline: this doesn't show smdb, yet it is started at boot.
<hardwired> iceflatline: and it has no markers for cron, yet cron is started at boot.
<hardwired> iceflatline: oh wait, it has smbd.
<hardwired> iceflatline: but no marker for cron.
<hardwired> aha;
<hardwired> CAVEATS
<hardwired>        sysv-rc-conf only manages the symlinks in the "rc{runlevel}.d" directories. It's possible that packages may have
<hardwired>        other ways of being disabled or enabled.
<iceflatline> I think cron is started in user space but I don't recall.
<hardwired> what do you mean started in userspace?
<hardwired> of course cron runs in userspace and not in the kernel
<hardwired> I think I got the rc stuff covered with that sysv-cr-conf, thanks!
<hardwired> now I need to fugure out the other half, the upstart stuff.
<hardwired> initctl list gives a nice list of what is running
<qman__> sysv-rc-conf will only work on sysv scripts, not upstart ones
<qman__> AFAIK there is no simple, easy way to manage upstart scripts, you must edit them manually
<hardwired> qman__: I think i just found one:
<fefwerf> Hello all
<hardwired> With newer versions of Upstart, you can make use of override files and the manual stanza to achieve the same result in a simpler manner:   echo "manual" >> /etc/init/myjob.override
<fefwerf> Does someone know a good tutorial on setting up Dovecot+Postfix+SASL+LDAP on a recent Ubuntu sever?
<fefwerf> I seem to be unable to do it despie an overkill of information
<fefwerf> i need some virtual users
<qman__> fefwerf, that's covered in the server guide
<hardwired> fefwerf: I suggest you find some preconfigured config files and use them as a base for your system
<fefwerf> qman__ looking at the right as we speak
<hardwired> fefwerf: that's what I did with dovecot+exim+postgres
<qman__> it's under postfix
<qman__> it covers SASL and postfix+dovecot
<fefwerf> https://help.ubuntu.com/10.04/serverguide/C/postfix.html did not work. Should I just install the postfix-dovecot package an add on LDAP&virtual users?
<qman__> what do you mean by "did not work"?
<fefwerf> postfix/smtpd[4657]: fatal: no SASL authentication mechanisms
<fefwerf> I don't understand
<fefwerf> do I have to activate SASL somewhere, Dovecot and Postfix are running
<qman__> did you do the configuration in dovecot, and restart dovecot?
<fefwerf> ye
<fefwerf> Sorry i just checked,  dovecot-auth is NOT running
<fefwerf> I will try to fix that
<qman__> eh, that guide needs updating
<qman__> it uses /etc/init.d to restart services
<fefwerf> auth-worker(default): Killed with signal 15 (by pid=1 uid=0 code=kill)
<shauno> I did postfix/dovecot/sasl with that guide a couple of months ago.  I don't remember stumbling across anything that got in my way
<fefwerf> looks like somehow my dovecot is not configured right, I'll look into it
<fefwerf> dovecot main process (5061) terminated with status 89
<hardwired> qman__> it uses /etc/init.d to restart services
<hardwired> ha!
<hardwired> the transission to upstart is a mess :-)
<qman__> yeah
<qman__> really not a fan of upstart
<hardwired> what they should have done is look at the NetBSD rc.d system
<hardwired> it is so simple and effective
<qman__> systemd is pretty brilliant too
<fefwerf> Sorry hardwired&qman___ looks like I broke my dovecot.conf, will correct and try again
<hardwired> yep. the rc.d lacks parallel startup. that's a big drawback these days
<hardwired> fefwerf:  not need to apologize :-)
<fefwerf> I think parallel startup is no big issue for most servers
<fefwerf> But what do I know ;)
<hardwired> very true
<hardwired> my upstart is not recent enough for the above-mentioned method to work
<fefwerf> OK fixed my dovecot.conf, looks like Postfix can use SASL now
<fefwerf> Now i need to add on LDAP&Virtual users
<fefwerf> I want a combination of local system users and virtual LDAP users for my Dovecot-Postfix setup
<fefwerf> how should I do that?
<fefwerf> is https://help.ubuntu.com/community/PostfixCompleteVirtualMailSystemHowto a good starting point?
<hardwired> laters
<wout-lnx> Hallyn???
<wout-lnx> You awake?
<dku> I created an Upstart service, but it is unable to start for some reason, while if I run the same command I pass to exec from the command line, it works fine. How can I debug this?
<dku> (by unable to start, I mean the service immediately terminates)
<elnur> There was a way to restrict a user to his home dir by typing a special home dir in /etc/passwd. I can't remember it. Could anyone remind me of it?
<elnur> There was an additional character to prepend/append to home dir in /etc/passwd
<zul> hallyn: i got a box that can amd qemu-kvm now fyi
<aliverius> ikonia: are you there?
<ikonia> aliverius: yes
<aliverius> ikonia: i partitioned the second disk with exactly the same size
<aliverius> do i proceed normally?
<ikonia> yup
<aliverius> sudo mdadm -a /dev/md0 /dev/sdb4
<aliverius> ?
<ikonia> depends on your partion layout and raid type
<ikonia> read up on the options this time
<aliverius> raid 1 and the partition will be sdb4
<aliverius> i am browsing the man pages but still i am not confident
<ikonia> what is not clear to you ?
<aliverius> if that is the correct syntax
<ikonia> what makes you think it's not
<aliverius> the fact the man page doesnt make it clear
<aliverius> but from my experience it should be the right one
<ikonia> ok, what are you worried is not right
<ikonia> and what part does the man page not make clear ?
<ikonia> (trying to get you confident in what you're doing)
<uvirtbot`> New bug: #743763 in exim4 (main) "package exim4-config (not installed) failed to install/upgrade: le sous-processus script post-installation installÃ© a retournÃ© une erreur de sortie d'Ã©tat 1" [Undecided,New] https://launchpad.net/bugs/743763
<aliverius> ikonia: nothing is unclear, maybe i wanted to have an example command, just to be sure
<aliverius> but oh
<aliverius> mdadm [mode] <raiddevice> [options] <component-devices>
<aliverius> beggining of the man page :p
<aliverius> ok now i am sure
<aliverius> lets build the array!
<aliverius> mdadm: /dev/sdb4 not large enough to join array
<aliverius> oooops
<aliverius> http://pastebin.com/rghs01j4  <--- /dev/sdx4 are the two partitions that would become an array
<aliverius> is it ok if i give the second disk partitio a few megabytes more?
<ikonia> sure
<aliverius> isnt it strange since the blocks are exactly the same?
<ikonia> aliverius: the disks aren't
<aliverius> no they are
<aliverius> both same model
<ikonia> that's odd
<ikonia> not uncommon though
<aliverius> ikonia: http://pastebin.com/XAgdjStA :)
<aliverius> afterwards is there anything more to do?
<ikonia> nothing more
<ikonia> aliverius: great news, nice job.
<ikonia> sit back and enjoy
<aliverius> thanks a lot
<aliverius> i dont see you in lfs
<aliverius> got bored of it?
<centHOGG> hi, anybody here install server on a USB stick?
<ikonia> you can do that, but very frew people would
 * centHOGG server NAS
<centHOGG> yeah
<centHOGG> ever seen freeNAS?
<centHOGG> runs off a USB stick
<centHOGG> for boot
<ikonia> don't want to run a nas of usb
<centHOGG> actually freenas is pretty clever.. just too much FS overhead
<xperia> hello to all. i have heavy prolems here with ubuntu server i installed just yesterday
<xperia> problem is the hybrid disk that i use inside that server
<xperia> after the installement of ubuntu everything worked like it should
<xperia> but then after several reboots ubuntu wanted check the disk with fscheck
<xperia> here it stuck now
<xperia> somehow ubuntu crashes full when it try to fscheck the hybrid disk
<xperia> before it worked everything all fine but this fscheck breaks now everyting
<uvirtbot`> New bug: #743821 in samba (main) "package winbind 2:3.5.8~dfsg-1ubuntu1 failed to install/upgrade: le sous-processus dpkg-deb --fsys-tarfile a retournÃ© une erreur de sortie d'Ã©tat 2" [Undecided,New] https://launchpad.net/bugs/743821
<xperia> is anybody here to help me ?
<centHOGG> whaz wrong
<guntbert> xperia: not that I'm not willing to help, but alas I have no idea hwat a hybrid disk might be
<centHOGG> ditto
<guntbert> *what
<thesheff17> xperia: I don't know much about the hybrid disks..I'm running a Seagate Momentus XT 500 GB 7200RPM SATA 3Gb/s 32 MB Cache 2.5 Inch Solid State Hybrid Drive ST95005620AS-Bare Drive Seagate Momentus XT 500 GB 7200RPM SATA 3Gb/s 32 MB Cache 2.5 Inch Solid State Hybrid Drive ST95005620AS-Bare Drive with no problems on an 64 bit 10.04 Desktop version.
<centHOGG> kewl
<thesheff17> xperia: I would test for the drive being bad. Then try to re install ubuntu..did try different kernel version during boot?
<xperia> thesheff17: i have the exact harddisk here is it a Seagate Momentus XT 500 GB 7200RPM SATA 3Gb/s 32 MB Cache 2.5 Inch Solid State Hybrid Drive
<thesheff17> xperia: what version of ubuntu are you using?
<xperia> i am using it on the newest ubuntu server natty alpha 3 release
<xperia> it boot all fine till fscheck
<xperia> but then it crash full
<xperia> screen goes off and nothing happen
<thesheff17> xperia: try 10.10 or even 10.04 which is an LTS...why alpha?
<centHOGG> LTS
<thesheff17> LTS = long term support
 * centHOGG concur
<xperia> thesheff thanks for tip
<storz> Hey everyone.  I have a question about dovecot.
<xperia> looking just right now if disk is good
<storz> When postfix saves an email, it saves it into /home/vmail/domain/user/new (or cur or tmp).
<storz> But when I try to access it via imap, dovecot goes to /home/vmail/domain/user/Maildir/new (or cur or tmp).
<storz>  How do I correct this?  In dovecot.conf, it is set to: mail_location = maildir:/home/vmail/%d/%n
<xperia> storz this is more a postfix / doecot question
<xperia> normally all the info configuring this software is availble on the net
<xperia> if you dont have luck possibility is to ask in the chanels of postfix and dovecot
<storz> xperia.  Thanks. I know.  I was just hoping that one of you have run into this before.  Figured it'd be a bit quicker.
<Al-Bundy> what is the command to configure network on Ubuntu server?
<guntbert> Al-Bundy: see https://help.ubuntu.com/10.04/serverguide/C/network-configuration.html
<aliverius> lets say i decide to boot my raid 1 without one disk
<aliverius> then i reboot woth both disks connected
<aliverius> what happens? does it sync automatically to the newst disk?
<uvirtbot`> New bug: #743858 in openssh (main) "sshd not appending to /var/log/btmp" [Undecided,New] https://launchpad.net/bugs/743858
<xperia> thesheff17: i booted the server now with a live cd. maked a fsck on the disk and ubuntu server load all fine now
<xperia> after the reboot
<xperia> looks like a problem with fsck in ubuntu natty alpha 3
<xperia> okay have to do see you all next time bye
<aliverius> ikonia: you there? i made some questions above
<uvirtbot`> New bug: #743883 in samba (main) "cannot load packages.  Broken packages" [Undecided,New] https://launchpad.net/bugs/743883
<uvirtbot`> New bug: #743920 in tftp-hpa (main) "package tftpd-hpa 0.49-1 failed to install/upgrade:" [Undecided,New] https://launchpad.net/bugs/743920
#ubuntu-server 2012-03-19
<hilarie> Is it possible to expand / to another disk (usb in this case) http://paste.ubuntu.com/890030/ plenty of room not on that one
<qman__> not after the fact, you'd have to have used LVM to begin with
<hilarie> What's LVM?
<qman__> it's not a good idea to do that anyway, one USB flash drive is bad enough, two is going to make it perform much worse
<qman__> !lvm
<ubottu> Tips and tricks for RAID and LVM can be found on https://help.ubuntu.com/community/Installation/SoftwareRAID and http://www.tldp.org/HOWTO/LVM-HOWTO - For software RAID, see https://help.ubuntu.com/community/FakeRaidHowto
<hilarie> Its not that bad after the cache sizes gets really large :)
<hilarie> So there is nothing to save it now?
<qman__> technically possible but very involved, quicker and easier to start over with LVM
<hilarie> Would it be possible install ubuntu server via a virtual machine, onto a different usb drive, then just swap them out? (the server doesn't have a monitor anymore)
<epifanio> hi All
<epifanio> i'm running ubuntu server (lucid) .. i'm trying to load an "user" script at login .. i tried with rc-update but no clue ... the script is executed as root and not in the home directory
<epifanio> it is a simple shell script to run a pytohn services ... i'd like to load it when the machine start (so to avoid to login with ssh and start the command from the shell manually)
<epifanio> have you any hints on how can i do ?
<twb> epifanio: should this python service run as root?
<epifanio> twb no, i need it as normal user
<twb> Then run crontab -e as that use, and write an @reboot entry into his crontab
<twb> *as that user
<epifanio> my server has no desktop environment ... i tried  on an other linux box (xfce4 based) and actually a solution can be to copy a runscript.desktop  inside the directory :  /home/user/.conf/autostartup/
<epifanio> oh!
<epifanio> i'll try it :)
<epifanio> to have it running at each boot .. i have to  use all ''
<epifanio> .. all :  '*'  ?
<epifanio> like :  * * * * 1 executable arg1
<epifanio> oh i see  .. @reboot   sorry
<twb> man 5 crontab, IIRC
<epifanio> @reboot /usr/local/bin/ipython notebook --no-browser
<epifanio> works great!  thanks!!!
<twb> You should probably just use a shebang
<jetole> Hey guys. Not sure if this is the right place to ask but I have a firewall system with two IP on two subnets on the same LAN which is how it is supposed to be for now however I have dhcpd running which has a subnet defined for only one of those lans and I find it's mostly working however the clients are getting the dhcp config from the other lan IP even though it's the right config. For example the fw has 10.1.0.1/24 and 172.16.0.1/24 on the ...
<jetole> ... same nic and it is server dhcp to 10.1.0.0/24 and it's doing it right except it's sending the data for the 10.1.0.0/24 network from the 172.16.0.1 IP. Does anyone know if there is any way to confine it to that one IP address?
<twb> jetole: slow down.  You have one network running two IP ranges, e.g. 192.168/16 and 10/8?
<jetole> twb: sure. yes
<jetole> twb: the firewall has IP's for each net. They are both on the same broadcast LAN. The firewall is serving dhcp for 10/8 via 192.168/16 IP. 10/8 is the only configured subnet in dhcpd. The clients are getting the correct config. They are just getting it from an IP outside of the scope of the subnet they are receiving it from
<jetole> twb: does that make sense?
<twb> Sorry, was elsewhere
<jetole> it's cool. any thoughts?
<twb> "getting config" as in they're seeing a DHCPACK?
<jetole> As in they are being properly setup with IP, routing, DNS servers etc.
<jetole> As far as I can tell everything is working as it should except the server is sending it's reponses from the wrong IP but that doesn't seem to interfere. Nothing seems broken. Just logistically speaking it doesn't look right
<twb> oh I see
<twb> So what you're saying is that the server running dhcpd has (say) 10.0.0.1 and 192.168.0.1, and it's sending DHCP responses saying "you are not 10.0.0.2" but it's sending them with a src ip of 192.168.0.1?
<jetole> it's sending responses saying "you _are_ 10.0.0.2" but from the source ip of 192.168.0.1. yeah. Thats about it
<twb> IIUC that's because UDP can't know which IP to use on a multi-IP iface, so it picks the widest/primary IP on that iface.  If both IPs on that iface are in the same subnet, you can use "ip address" to set which is primary
<jetole> well they are on different subnets. I don't think this is anything UDP specific but I think dhcpd is replying based on some logic that says just use this IP but I'm wondering if there is some way I can define which one to use
<jetole> I haven't figured it out yet from the man page though
<twb> Dunno, sorry
<twb> Try talking to the dhcpd people
<esuave> got a question, so i can telnet on port 22 to my server but cannot ssh..
<esuave> i am able to ssh for a few hours.. than when i come back to it.. it wont let me ssh.. it times out
<esuave> any ideas?
<twb> esuave: 22 is not for ssh
<twb> Er, sorry
<twb> 22 is not for telnet.
<esuave> ?
<esuave> right.. but i can telnet on 22
<twb> telnet runs on tcp/23, ssh runs on tcp/22.
<esuave> i can telnet to the server on port 22 which means the port is not being blocked.
<esuave> i just cant ssh in to the box.
<esuave> its like the server is going into some kind of sleep mode or something
<twb> Oh, you're abusing telnet instead of using nc
<twb> It is most likely PMTUD
<esuave> netcat works too
<twb> Are you blocking ICMP?
<esuave> no ports are forwarded
<esuave> the correct ports are forwarded
<twb> That's not what I asked.
<esuave> i was able to ssh just fine like 2 hours ago
<esuave> i have to reboot the machine to ssh again
<twb> Please confirm that ICMP is not blocked.
<esuave> twb: ICMP would be on the router?
<esuave> i would think it wouldnt be blocked since i reboot the machine and I am able to ssh? i dont know.. it seems like a few hours later it always locks up and i cant ssh :/
<esuave> its odd
<twb> esuave: on ANY router between the SSH server and SSH client, or on the SSH server, or on the SSH client.
<twb> If you can't ping the host, ICMP is probably blocked.
<esuave> i can ping it
<twb> However just because ping works doesn't mean the PMTUD types of ICMP aren't blocked.
<twb> OK, have you looked at the logs of the ssh server?
<twb> Are you on a dynamic IP?  Maybe the IP just changes and you don't know the new IP.
<esuave> yeah.. nothin unusual there
<esuave> nah its static
<twb> If you have an SSH session going and it hangs, maybe you don't have TCP keepalives turned on in .ssh/config ?
<esuave> you think the computer might be doing some kind of power saving mode?
<esuave> from a bios setting?
<twb> That is also possible.
<twb> One would hope the BIOS fucks off as soon as the kernel loads.
<esuave> yeah cuase the server works perfect for like 2 hours than i goes blank..
<twb> Is it always exactly two hours?
<esuave> yeah
<twb> That is highly suspicious.
<esuave> yeah.. i might just do a reinstall :/
<twb> Can you reproduce this issue with other hosts on the client side, perhaps at other sites?
<esuave> its just a test server anyway
<esuave> nah.. thats the only host i have running on that IP
<esuave> its an old piece of crap computer too
<esuave> that doesnt probably help either
<esuave> lol
<esuave> oh well. ill try a reinstall.. maybe move to heron.  Thank you for your help twb!
<twb> hardy?
<twb> If you are running something older than hardy you have big problems
<twb> All of those (except maybe 6.04 dapper) are already end-of-lifed
<esuave> nah im running 10.04 right now
<esuave> but i wanna move back to hardy
<twb> He's nuts.
<Tm_T> morning
<uvirtbot> New bug: #959073 in samba (main) "package samba 2:3.6.3-2ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/959073
<_ruben> urgh .. stupid "kernel time sync status change" log messages, cluttering up my logs
<twb> _ruben: tell logcheck to ignore them
<twb> I gave up trying to actually get rid of them 18 months ago
<_ruben> twb: i *could* add a grep to  my tail -f, but meh :)
<twb> grep --line-buffered
<twb> BTDTBTTS
<twb> tail -fn0 /var/log/syslog /var/log/auth.log | grep --line-buffered foo is one of those things I type by pure reflex
<twb> Oh add an & on the end
<twb> Nearly as much as egrep -v '^[[:space:]]*(#|$)' /etc/foorc
<lynxman> morning o/
<twb> Don't call me o/
<jamespage> morning all
<bencer_> morning jamespage, did you have a look at my last upload?
<jamespage> bencer_, good morning
<jamespage> looking at it right now
<bencer_> great! thanks
<tjaalton> oh this is just great
<tjaalton> I fixed cobbler-ubuntu-import -U to actually work, just that now it removed all systems using precise-*
<tjaalton> and the profiles
<tjaalton> yeah, it's totally hosed :(
<tjaalton> it'll rename the old profile, and then later remove it
<tjaalton> then all the systems using the old profile will get deleted as well
<tjaalton> smoser: ^
<koolhead11> tjaalton: well i doubt systems will get deleted :)
<tjaalton> koolhead11: how so? I've reproduced it
<koolhead11> you can system edit and modify profile it should now point too
<tjaalton> I have a distro/profile I'm not using. added a system using the profile, then deleted the iso so d-u-i would update it. after it's finished the system is no more
<koolhead11> tjaalton: on paper systems and profiles are two separate entity i suppose. System is a wrapper on top of profile which means when you want one of your VM to say install "glance" other "nova" another "keystone" in terms of openstack
<koolhead11> you will create 3 system file on top of the precise profile
<tjaalton> yes, I don't understand how all that is relevant though
<koolhead11> i can only think of replacing my new profile to available system.
<koolhead11> if system gets deleted i am afraid its a flaw
<tjaalton> no shit :)
<koolhead11> tjaalton: :D BTW i have not touched the shiny web-interface, i do all my mighty cobbler stuff with command line
<tjaalton> this is fairly new functionality in c-u-i that got merged recently, and apparently not tested at all, since before my changes it would just leave "tmp-$profile" and fail
<tjaalton> now I'm thinking perhaps to revert the changes so no one will break their systems..
<koolhead11> jamespage: the systems bug on oneric would be fixed now?
<jamespage> koolhead11, cascading deleted
 * jamespage sighs
<jamespage> dependent objects get deleted in cobbler (well they did last time I looked)
<koolhead11> tjaalton: well your correct then.
<koolhead11> and i would say that is a flaw in cobbler then. :D
<jamespage> koolhead11, tjaalton: not its best feature
<tjaalton> found the bug
<tjaalton> cobbler distro rename --name="$old_distro" --newname="last-$old_distro"
<tjaalton> descendants=`cobbler profile find --distro="$old_distro"`
<tjaalton> what's wrong with the second line? :)
<koolhead11> tjaalton: try cobbler distro rename <enter>
<tjaalton> "--name is required" ?
<koolhead11> it will give you the exact comamnd parameters also its not good idea to rename distro. most thing cobbler makes sense with starts from profile IMHO :)
<koolhead11> tjaalton: provide the current name then
<tjaalton> I know what's wrong with the code
<tjaalton> no need to teach me cobbler cli :)
<koolhead11> tjaalton: sorry sir. :)
<tjaalton> the fix is to use --distro="last-$old_distro" in the descendants= line
<tjaalton> uploaded
<jamespage> bencer_, uploading now
<bencer_> jamespage: cool! so now what's next? an archive admin needs to review it from the new queue, right?
<jamespage> bencer_, yep - might get some feedback but hopefully they will be accepted.
<jamespage> bencer_, Riddell has stuck it on his list of things TODO today
<bencer_> jamespage: cool thanks
<tjaalton> oh fun, now ubuntu-enlist profile is broken
<Psi-Jack> Is there anything in Ubuntu 10.04 that somehow makes use of a file /etc/iptables.up.rules or is this something likely custom setup?
<Psi-Jack> Ahhh, nevermind, it was something someone did custom, which is epic lame.
<jcastro> SpamapS, this bug sucks: https://bugs.launchpad.net/ubuntu/+source/psmisc/+bug/877894
<uvirtbot> Launchpad bug 877894 in psmisc "fuser forks and never reaps its children (dup-of: 876387)" [High,Confirmed]
<uvirtbot> Launchpad bug 876387 in psmisc "fuser forking uncontrollably in cron job" [Undecided,Confirmed]
<weaselbe> I'm having trouble accessing an apache site running on my local network.
<husien> hello guys
<uvirtbot> New bug: #959289 in nova (main) "missing nova-consoleauth init/init.d file" [Undecided,Invalid] https://launchpad.net/bugs/959289
<husien> is it must to regestar the domain name into the domain reseller?
<husien> sorry i'm new
<husien> 4 weaks ago i install ubuntu server 11.10 into my virtual box.
<husien> after that i follow how toforge The Perfect Server - Ubuntu 11.10 With Nginx [ISPConfig 3]
<hallyn> jjohansen: if i ship a profile in /etc/apparmor.d/lxc/lxc-default, which gets optionally transitioned to by /etc/apparmor.d/usr.bin.lxc-start,
<hallyn> jjohansen: from debian/rules should i just do 'apparmor_parser -r' on that file?
<hallyn> jjohansen: (on the other file i'm doing dh_apparmor, but i can't do that with this file right?)
<hallyn> stgraber: i'ts not quite done yet, but i'm thinking of just going with lp:~serge-hallyn/ubuntu/precise/lxc/lxc-aa for per-container profiles.
<jjohansen> hallyn: I think so, but I am no expert on dh_apparmor, lets ask jdstrand^
<hallyn> stgraber: i.e., i won't create custom profiles, just support them if user wants to creat them
<hallyn> jjohansen: thanks
<hallyn> libvirt only creates them when vms get defined, and doesn't create a default, so i can't look to it for an example :)
<stgraber> hallyn: how are you dealing with nesting then? I thought having per-container profiles was the only way to allow /sys/fs/cgroup/*/<hostname>/**
<jdstrand> hallyn: you don't want to run apparmor_parser -r from debian/rules. I assume you mean in some postinst?
<hallyn> stgraber: we'll just not support it by default, but offer (on wiki?) profiles which support it?
<hallyn> stgraber: or we can quickly add that later, i just want to focus on getting per-container support in first
<hallyn> jdstrand: well, IIUC dh_apparmor --profile-name=usr.bin.lxc-start from debian/rules creates the postinst bit for me
<hallyn> so yeah, i guess i would add the parser line to postinst myself :)
<hallyn> jdstrand: but i guess my q was whether there is some other dh_* i should use instead,
<hallyn> or if that's ok
<hallyn> jdstrand: and yes, if you hadn't corrected me i would've unthinkingly, wrongly put it into debian/rules :)  thanks
<jdstrand> hallyn: I am not totally clear on what you want to do. you ship /etc/apparmor.d/lxc/lxc-default, which you use dh_apparmor on, then you want to optionally support /etc/apparmor.d/usr.bin.lxc-start, which you do not ship?
<stgraber> hallyn: right, getting per-container profiles at all is more important than having the nesting by default, agreed
<hallyn> jdstrand: no, /etc/apparmor.d/usr.bin.lxc-start is entered always by lxc-start;  then
<hallyn> jdstrand: right before running /sbin/init, it will manually aa_change_policy to a new policy;
<hallyn> jdstrand: by default that will be /etc/apparmor.d/lxc/lxc-default,
<hallyn> jdstrand: or the config file for the container can specify another policy under /etc/apparmor.d/lxc/lxc-*
<hallyn> jdstrand: of course i could stick clsoer to the libvirt model and always create a unique policy for each container...
<jdstrand> hallyn: so you just need to make sure /etc/apparmor.d/lxc/lxc-* is loaded so aa_change_profile() doesn't fail. correct?
<hallyn> jdstrand: the reason i'm not is that there's question then about whether the general lxc-create program should do that, or the per-distro templates should
<hallyn> jdstrand: yes
<jdstrand> hallyn: I don't think you can solve that wholly in packaging. ie, if the user changes the config file, the user won't fiddle with 'dpkg-reconfigure' to make sure that the policy is loaded
<jdstrand> hallyn: seems that the lxc tools need to load the policy that is specified in the config file
<jdstrand> (like we do in libvirt)
<hallyn> jdstrand: meaning on container start, do apparmor_parser ont he specified policy file?
<jdstrand> hallyn: if the thing doing the container start reads that config, yes
<hallyn> jdstrand: i was just going to require users to load the policies they create... wasn'g going to try and second-guess that in packaging.  only the deafult policy i want to load at pakcage install
<hallyn> jdstrand: then, later on we *will* create policies for *some* containers, which we'll load after creation
<jdstrand> hallyn: that works too-- then just ignore the lxc-* stuff as well. you aren't updating it via packaging anyway- no reason to fiddle with it in packaging postinst
<hallyn> wait...
<hallyn> jdstrand: 'that works too' = loading policy at cotnainer start?
<jdstrand> jdstrand: ignoring it
<hallyn> ah
<jdstrand> either load it at container start, or just ignore it in packaging completely, letting the user do it
<hallyn> jdstrand: but can i load just the lxc-default profile at package postinst?
<jdstrand> hallyn: sure. that is a file you are providing, correct?
<hallyn> jdstrand: mind if, when i get it working, i send you a pointer to the bzr tree with the diff?
<hallyn> yes
<jdstrand> hallyn: yes, then that makes sense. I'm just saying if you aren't providing the files via packaging, don't manage them via packaging. you could make it easier on the user and load it on container start, but that is a different issue
<hallyn> jdstrand: ok
<hallyn> jdstrand: thanks, ttyl
<jdstrand> np
<hallyn> jdstrand: say, i have a diff q.  libvirt-bin.postrm does delgroup libvirtd.  I thought I'd read somewhere that policy was to not remove users/groups at package removal?
<hallyn> (wondering whether to do same for lxc)
<jdstrand> hallyn: it isn't policy. some people remove it some don't. there are arguments for and agaisnt it. it has been discussed a bit in Debian
<hallyn> jdstrand: ok - thanks
<jdstrand> hallyn: the trend seems to be more people are doing it
<jdstrand> (doing the removal)
<SpamapS> jcastro: that bug, btw, is fixed in precise
<uvirtbot> New bug: #959352 in lxc (universe) "Ephemeral containers have "/rootfs" prefix in /proc/self/maps entries" [Undecided,New] https://launchpad.net/bugs/959352
<jcastro> SpamapS, doing wonders for me over in what we ship for real. :)
<SpamapS> jcastro: marked that bug for SRU..
<SpamapS> jcastro: psmisc's fuser is apparently pretty broken in 11.10
<uvirtbot> New bug: #959393 in samba (main) "samba deb archives should use lzma or bzip2 compression" [Undecided,New] https://launchpad.net/bugs/959393
<zul> jdstrand: im just trying to get updated did anything happen with the keystone MIR last week
<jdstrand> zul: yes, I conditionally ackd it
<jdstrand> zul: see the bug (881464)
<zul> jdstrand: cool thanks
<jdstrand> zul: welcome back!
<zul> jdstrand: thanks
<benji> hallyn: I want to alert you to the existance of bug 959352; it shouldn't cause too many people problems, but what problems it does cause will likely be hard to diagnose
<uvirtbot> Launchpad bug 959352 in lxc "Ephemeral containers have "/rootfs" prefix in /proc/self/maps entries" [Undecided,New] https://launchpad.net/bugs/959352
<hallyn> benji: yeah, i'm looking at that right now
<benji> cool
<zul> jdstrand: have you started the horizon security review yet?
<jdstrand> zul: nope. I am working on juju, then cobbler then horizon. that was the priority as specified by Daviey et al
<zul> jdstrand: gotcha thanks :)
<bencer_> jamespage: btw, i've just pushed to lp and proposed a merge of a changeset that includes a zentyal chapter on the ubuntu-server guide :)
<jamespage> bencer_, nice one!
<bencer_> i would have liked to include some screenshots
<bencer_> but i didn't see any screenshots on the server-guide and despite i asked on the ml and on irc channel, nobody replied
<bencer_> so i dont really know the procedure or even if its allowed
<uvirtbot> New bug: #959426 in nova (main) "nova services start before mysql on boot" [Undecided,New] https://launchpad.net/bugs/959426
<ahs3> jamespage: you have a few minutes for some questions about the jenkins-slave packages in precise?
<jamespage> ahs3, sure
<ahs3> jamespage: groovy.  so, the upstart attempts to download slave.jar and ends up with a zero length file -- i'm assuming i'm doing something stupid, yeah :)?
<jamespage> ahs3: is the jenkins server running when it tries to start?
<ahs3> jamespage: well, i've got the master up and visible in a browser; is there another process to be run?
<ahs3> jamespage: the other curiosity is that /var/run/jenkins doesn't seem to get created for me automagically...
<uvirtbot> New bug: #959461 in quota (main) "Language incongruence making edquota -t" [Undecided,New] https://launchpad.net/bugs/959461
<jamespage> ahs3, no that should be sufficient
 * jamespage goes to take a look
<ahs3> jamespage: hrm.  getting a 404 on the wget in the upstart script...
<jamespage> ahs3: have you configured a slave in the jenkins master for this jenkins slave?
<jamespage> I think it will 404 if you have not
<ahs3> jamespage: yup, the node is set up as a slave, and the master tries to contact it
<jamespage> ahs3, that has a few contradictory configurations in it
<jamespage> ahs3: can you walk me through what you have done so far?
<ahs3> jamespage: argh.  found it.  JENKINS_URL was not set properly in defaults :(
<jamespage> ahs3, that would be it
<jamespage> you can run slaves in a few different ways
 * ahs3 reminds himself not to edit scripts late at night...
<ahs3> right.  this was just my first attempt at setting up a slave
<ahs3> part of what i wanted to experiment with was the different ways to run them
<jamespage> ahs3, so the jenkins slave package is really aimed at
<jamespage> 1) deploying slaves via SSH - it has all the right dependencies to support SSH access, Java, users etc...
<marrusl> who here loves nscd?  :)
<jamespage> that requires no setup on the slave - just configuration in Jenkins
<jamespage> ahs3: 2) where you can't SSH to the slave - you can configure the JENKINS_URL for the jenkins-slave upstart config and have the slave initiate the connect to the master
<ahs3> jamespage: ah, okay.  so in the default case, i do no config on the slave at all, just install the packages?
<ahs3> jamespage: sorry, default meaning the "deploy via SSH" case...
<jamespage> ahs3, yep - you will need to installs the ssh-slaves plugin on the Jenkins master
<jamespage> (I'm working on making that part of the default jenkins install)
<ahs3> jamespage: nod.  k, i was doing more than needed
<med_> Hi, which cloud-image works best with LXC?  precise-server-cloudimg-amd64.tar.gz -or-  precise-server-cloudimg-amd64-root.tar.gz  -or-  precise-server-cloudimg-amd64-disk1.img (all from cloud-images.ubuntu.com)
<utlemming> med: precise-server-cloudimg-amd64-root.tar.gz
<med_> utlemming, danke
<utlemming> med: you can automagically use it with "lxc -n AutomagicCloudImage -t ubuntu-cloud"
<utlemming> er...lxc-create
<utlemming> and there are options to uncloud them too
<med_> utlemming, I'm doing this inside of openstack so I can't use the automagic.
<blendedbychris1> should i be using lvm if i am virtualizing with hyperv?
<ikonia> BlendedByChris: up to you
<BlendedByChris> just curios if there is an advtage
<ikonia> BlendedByChris: use lvm because you want/need to, nothing to do with the virtualized host
<ikonia> no more / less than using lvm on a physical host
<BlendedByChris> well my linode says i can't resize the disk with lvm
<BlendedByChris> just wondering if that's a xen thing or hyper-v thing or what
<zul> Daviey: ping
<Daviey> zul: ping is so outdated... i use spark-ping.. written in ruby and everything
<zul> Daviey: heh so ok webob...
<Daviey> $ spark-ping ubuntu.com
<Daviey> ^Cââââââââââââââ 96.6 ms
<uvirtbot> Daviey: Error: "Cââââââââââââââ" is not a valid command.
<zul> Response.request and Response.environ got deprectated in 1.1.1 which is in precise
<hilarie> I've tried to read the man page I swear, I am grabbing stuff off of rsync remotely, to a server at my house, and when the ssh to my local server dies, the connection stops, how can I prevent that?
<zul> and all of openstack uses it *everywhere*
<zul> glance, keystone, nova
<Daviey> hilarie: run it in screen
<hilarie> there is no screen hooked up to the server at my house :(
<zul> Daviey: and it got undepracted in 1.2b1 but with a slight variation
<Daviey> zul: is support removed, or just noisy with depreccation warnings?
<zul> its just noisy deprecation warnings
<Daviey> hilarie: no, run "screen" command.. it gives you a persistence console
<Daviey> hilarie: then reconnect later on with 'screen -r'
<Daviey> zul: is it would just patching out the warnings?
<Daviey> s/would/worth/
<zul> Daviey: yeah might be
<hilarie> Daiviey what you are saying is read the man page on screen :) got it
<Daviey> zul: seems less destructive than a new upstream version at this stage.
<zul> Daviey: my thoughts exactly
<Daviey> zul: Might be worth raising an upstream bug, so we can track this for next release.
 * ogra_ grins
<ogra_> stop confusing the poor bot
<ogra_> (it doesnt speak ruby apparently)
<zul> Daviey: ack
<Daviey> Although, 'undepreciated' concerns me.
<Daviey> ogra_: heh
<zul> Daviey: lemme pull up the commit
<uvirtbot> New bug: #959419 in postfix (main) "package postfix 2.7.0-1ubuntu0.2 failed to install/upgrade: sous-processus nouveau script pre-installation tuÃ© par le signal (Relais brisÃ© (pipe))" [Undecided,New] https://launchpad.net/bugs/959419
<zul> Daviey: https://github.com/Pylons/webob/commit/627593bbcd4ab52adc7ee569001cdda91c670d5d
<Daviey> zul: in that case, it makes total sense to remove the deprecation warnings.
<zul> with that patch above?
<Daviey> zul: do you know what upstream are QA'ing against?
<zul> depends on the project
<Daviey> zul: might be better just to create a patch which removes the dep warnings.. rather than morphing the characteristics
<zul> Daviey: gotcha
<zul> Daviey: but i think they are standardizing on 1.0.8
<roaksoax> zul: do you have a good example of a package that handles upgrades (db migrations and stuff)
<zul> not really off the top of my head
<sidnei> anyone else having issues starting lxc containers in precise? (lxc-start: Permission denied - failed to mount 'proc' on '/usr/lib/lxc/root//proc')
<Daviey> roaksoax: eucalyptus
<Daviey> roaksoax: http://pb.daviey.com/Viat/
<Daviey> obv. it should be using invoke-rc.d
<roaksoax> Daviey: yeah I saw.. though in our case is not that helpful because we would likely have to update it with every single new bzr branch that we upload
<Daviey> roaksoax: right.. well, it's safe to do a south migration on each update.
<BlendedByChris> is us.archive.ubuntu.com usually pretty slow?
<Daviey> roaksoax: if there is nothing to do, then it'll handle it ok
<roaksoax> Daviey: right, postinst only handle configure|reconfigure
<roaksoax> Daviey: but i'll figure it out
<Daviey> roaksoax: every package gets configured, regardless if it is an upgrade or not :)
<roaksoax> Daviey: so on first install, if the dbconfig-common question has been answered true, then it does syncdb and stuff, if its answered as NO, then it does not run syncdb, but on every uipgrade you need to run it
<Daviey> roaksoax: $1 = "upgrade" btw
<roaksoax> Daviey: http://bochs.sourceforge.net/cgi-bin/lxr/source/build/debian/postinst.ex
<roaksoax> Daviey: postinst should not handle 'upgrade'
<Daviey> ah, that is preinst.. crap
<roaksoax> yep
<Daviey> roaksoax: The other thing you can do, is run migrate on the upstart job?
<Daviey> roaksoax: nova essentially runs migrate on each start.
<roaksoax> Daviey: uhmm ok, I'll take a look at it
<Daviey> roaksoax: But really, why not run migrations on each configure?
<roaksoax> Daviey: migrations are run on each configure, the different is if you install for the first time, and the DB is not created by dbconfig-common, then it will fail and cause a install failure
<Daviey> ah
<uvirtbot> New bug: #959597 in puppet "missing parenthesis in process_name.rb produces ruby warnings" [Undecided,Confirmed] https://launchpad.net/bugs/959597
<BlendedByChris> any reason why hyper-v would be masively slow
<hallyn> gary_poster: whatever happened with lxc-start-ephemeral vs. overlayfs?
<hallyn> gary_poster: i was expecting to find aufs had been re-enabled, but it doesn't seem to be?
<gary_poster> hallyn, hi.  I want to use overlayfs, and am trying to use it as long as I can.  My comment to the list was hot on the heels of finding another issue--that we have a workaround for and that Andy had a patch for last I looked.  aufs is my backup-plan--and a mediocre one at that, since we may indeed discover issues with it as well, because we have used overlayfs since January.  I'd like to see
<gary_poster> an option in ephemeral to use aufs
<gary_poster> it has not been a priority, and overlayfs hasn't bitten us lately
<gary_poster> but I should get someone to do it, unless you want to, hallyn.
<hallyn> gary_poster: well, if it's been working lately...  i just couldn't remember where we'd left that
<hallyn> what was the thing that was failing again?
<gary_poster> hallyn, the hard link of a 0444 file broke
<gary_poster> chmod 444 I mean
<gary_poster> hallyn, when's the freeze?  Has it already snuck up on me?  I know it is soon.
<hallyn> not yet anyway
<gary_poster> heh
<hallyn> checking
<hallyn> another freezer mar 22, though i don't think that's the last one
<hallyn> jinkeys, i'd better get these other things in then
<gary_poster> btw hallyn did you see bug 959352?
<uvirtbot> Launchpad bug 959352 in lxc "Ephemeral containers have "/rootfs" prefix in /proc/self/maps entries" [Low,New] https://launchpad.net/bugs/959352
<gary_poster> eh you probably triaged it
<gary_poster> yeah
<gary_poster> sorry :-)
<hallyn> oh yeah haven't had a chance to reproduce that yet (the machine i was using was failing lxc-=start-ephemeral entirely so i couldn't reproduce to mark it confirmed yet)
<hallyn> ok lemme get this lxc-shutdown thing wrapped up and then i'll look at ephemeral
<gary_poster> cool tahnks hallyn
<hallyn> gary_poster: I guess think it through, and if you think you want aufs re-enabled, pls file a bug today or tomorrow and i'll re-enable it
<gary_poster> ack hallyn will do
<hallyn> thanks - ttyl
<gary_poster> hallyn, I finally got an answer about bzr + git + quilt, and it is not a particularly good one.  In sum: (1) there is no good bzr + git + quilt answer now, according to people who should know; (2) there is a nascent bzr + quilt answer that is in the works, which has been usable recently (though is not necessarily right now), and you could check with Jelmer Vernooij if you wanted to track that or learn more.
<hallyn> gary_poster: perhaps this should be a tutorial/ahckfest at uds
<gary_poster> (He's Canonical, on the bzr team, nick "jelmer")
<gary_poster> hallyn, sounds very reasonable.  This sounds like the problem is affecting a decent number of people
<hallyn> gary_poster: it just means i merge/sync by hand rather than being able to have bzr do it.  it'd be neat to have a better sol'n, but it's not really in the way
<gary_poster> fair enough
<uvirtbot> New bug: #959647 in samba (main) "smbd crashed with SIGABRT in dom_sid_compare()" [Undecided,New] https://launchpad.net/bugs/959647
<adam_g> hallyn: you're the only hit on google for 'sbuild +"Only one build is permitted"'  any idea what that error is all about?
<hallyn> can you point me to the hit?
<hallyn> adam_g: are you by chance on xfs?
<hallyn> (tbh i've not used sbuild in awhile...)
<hallyn> (bad serge)
<adam_g> hallyn: http://irclogs.ubuntu.com/2011/07/27/%23ubuntu-devel.txt  14:25
<adam_g> hallyn: not much there, just wondering if you ever figured that out. im hitting it here for the first time
<adam_g> after Ctrl-C'ing outta a build
<hallyn> yeah found it.  i can't recall what caused that offhand
<hallyn> oh
<hallyn> maybe *.dsc globbed to > 1 file
<hallyn> that's my guess
<hallyn> since i prety quickly sounded sheepish
<adam_g> hehe
<hallyn> yeah that must've been it.
<koolhead17> hi all
<adam_g> zul: ping
<zul> adam_g: pong
<koolhead17> what is the url for build result for essex on precise?
<koolhead17> and curious to know if build passes for Horizon
<adam_g> zul: when is nova rc out? is it decided?
<adam_g> koolhead17: jenkins.qa.ubuntu.com, though our CI stuff was moved to a new datacenter over the weekend and is currently offline
<zul> adam_g: i thought it was today
<zul> ttx: ^^^
<koolhead17> adam_g, so the build for Horizon fails
<zul> adam_g: bugger ill do an upload tonight
<Daviey> hey, anyone fancy giving me a diff review?
<koolhead17> zul, that was for me :P
<adam_g> koolhead17:  in what way?
<zul> Daviey: sure
<adam_g> Daviey: review for what?
<Daviey> http://pb.daviey.com/ScAq/
<koolhead17> https://jenkins.qa.ubuntu.com/job/precise-openstack-essex-horizon-milestone/ adam_g
<Daviey> dh python2
<koolhead17> but it looks way old
<adam_g> koolhead17: https://jenkins.qa.ubuntu.com/view/Precise%20OpenStack%20Testing/job/precise-openstack-essex-horizon-trunk/  <- thats what you should be watching
<zul> Daviey: looks ok
<koolhead17> adam_g, ooh trunk
<adam_g> Daviey: looks okay assuming d/control lists the correct deps?
<Daviey> adam_g: $ debdiff python-setproctitle_1.0.1-1ubuntu1_i386.deb python-setproctitle_1.0.1-1ubuntu1_i386.deb
<Daviey> File lists identical (after any substitutions)
<Daviey> No differences were encountered between the control files
<fidothe> hey tjere
<fidothe> i just upgraded an 11.04 box to 11.10 and on restart I can no longer start my KVM guests
<fidothe> the error is kvm_create_vm: Device or resource busy
<fidothe> i can confirm that the relevant packages all seem to be there. virsh / virt-install are all there and at least seem functional. the problems start when i try and start a guest or create a new one
<nOStahl> hey guys I just installed 11.04 server and its blank screen when I boot up
<star314> Hi! I'm currently testing Ubuntu Server 12.04 Beta1. Anyone else here who can confirm the following shutdown problem? "halt" shuts the machine down, as it should be, but does not power off it. However, on the same machine running 10.04 it works.
<star314> nOStahl: no text or cursor at all?
<nOStahl> nadda
<nOStahl> bios posts fine
<star314> hmm
<nOStahl> so I don't get a grub screen at all to press e to modify settings
<star314> Do you see the grub boot menu?
<star314> ah
<star314> to slow
<star314> :D
<star314> nOStahl: Looks like something went wrong during the install procedure.
<nOStahl> guess i'll try it all over again heh
<nOStahl> its installed on a raid
<star314> Maybe grub wasn't installed correctly?
<star314> ahhh
<star314> nOStahl: which type of RAID?
<nOStahl> raid 1
<nOStahl> it was a re-install over an 11.10 install
<nOStahl> using the same raid array
<nOStahl> think that might have messed things up
<star314> k
<star314> booting from a raid1 should be not a problem.
<star314> nOStahl: How experienced are you with using Linux?
<star314> nOStahl: Do you know how to handle a rescue system and chroot?
<nOStahl> i've done it
<star314> nOStahl: ah, ok
<nOStahl> but I don't like to do it on what will be production install
<nOStahl> it needs to work right from the start heh
<star314> That's what I would try next
<star314> Boot a rescue system, chroot, install grub to both disks of the RAID1.
<star314> And hopefully everything works fine. :)
<star314> nOStahl: oh, now I see. Maybe it was a typo. Did you mean 12.04 instead of 11.04?
<sbeattie> SpamapS: can I assign bug 959683 to you?
<uvirtbot> Launchpad bug 959683 in mysql-5.5 "mysql testsuite fails to run; needs updating for InnoDB as default engine?" [Undecided,New] https://launchpad.net/bugs/959683
<nOStahl> I installed 11.04 instead of 11.10 that was on it
<star314> nOStahl: What's the reason for the downgrade?
<nOStahl> eucalyptus
<nOStahl> setting up a little cloud here
<ttx> adam_g: RC1 will be out when https://launchpad.net/nova/+milestone/essex-rc1 has no bugs left
<adam_g> ttx: thats what i thought
<ttx> adam_g: almost there for nova
<ttx> glance and keystone probably later this week
<adam_g> ttx: thanks
<SpamapS> sbeattie: sure!
<adam_g> zul: do we need a FFE to add a new binary pkg to nova (nova-consoleauth)?
<nOStahl_> Hrmm
<zul> adam_g: shouldnt
<zul> Daviey: ^^^
<michael_tn> good day all, i'm looking for some help trying to generate a preseed file for U11.10 that will lvm/partition four disks
<michael_tn> i can get preseed to work with a single disk easily
<SpamapS> michael_tn: LVM on 4 disks is unsafe without mirroring, you know this, right?
<michael_tn> i do
<michael_tn> they are compute nodes
<michael_tn> cluster nodes, if it fails, i can reimage
<guntbert> SpamapS: why is it particularly unsafe with 4 disks?
<SpamapS> guntbert: with more than 1 its unsafe
<SpamapS> with 1 its unsafe actually :)
<nOStahl> Agh there we go
<nOStahl> Coluguy bounce setup huh
<SpamapS> michael_tn: so its throw-away data. :) Ok.. just checking.. there's an example pre-seed for debian somewhere..
<michael_tn> yes, no real data on them, will be running as nova-compute nodes
<SpamapS> michael_tn: http://www.debian.org/releases/squeeze/example-preseed.txt
<nOStahl> I have raid1 and the installer is asking I'd it can install grub to the master boot record?
<nOStahl> Yes or no?
<xlyz> hi. just updated my oneiric lxc server and lxc clients network stopped working. any hint how to solve it?
<michael_tn> SpamapS: i've looked at that but could not work out how to get partman to see more than one disk if i was not doing raid.
<michael_tn> ok, if i do an install from media, the installer will leave a sort of proto preseed file around won't it?
<michael_tn> i'm not really an ubuntu users, so i'm sort of struggling a bit here :-|
<SpamapS> michael_tn: Hrm, I don't see partman in the debconf selections so maybe not
<SpamapS> michael_tn: I know thats how I learned how to do it on RH systems ;)
<michael_tn> i've done a fair bit of googling on this but could not find an example
<SpamapS> michael_tn: it does seem rather complex doesn't it? :-P
<michael_tn> yes, seems like something that would have been worked out
<michael_tn> :-)
<SpamapS> michael_tn: I'm sure it has, but people don't seem to be sharing
<michael_tn> i do have a build of orchestra doing nice pxe installs though, its rather nice
<SpamapS> michael_tn: part of the reason may be that you could just install on one disk, and then vgextend onto the others later
<michael_tn> hmmm, yes, i might try that in a post install script
<hallyn> stgraber: lp:~serge-hallyn/ubuntu/precise/lxc/lxc-shutdownv2 has my new lxc-shutdown and per-container apparmor stuff rolled into one, tested and working.  If you'd like to take a look, pls do, else i think it's ready to push
<hallyn> i think i'll step away from the laptop (after mail check) to clear my head and make sur ei'm not missing anything aobut why this is a bad idea
<nOStahl> hey guys I'm having an issue, getting this error doing sudo apt-get upgrade  ( start: Job is already running: eucalyptus )
<nOStahl> any ideas
<orionsonofneptun> ahh
<orionsonofneptun> hello
<stgraber> hallyn: feel free to upload when you're ready. Foundations is having an installer sprint so my LXC team is quite limited until Thursday.
<stgraber> hallyn: you may want to test booting a container with rootfs=<block device> and make sure that older versions of Ubuntu work fine with apparmor
<stgraber> hallyn: let me copy/paste part of jjohansen's mail earlier today
<stgraber> hallyn: forwarded, much easier like this
<orionsonofneptun> ok ive got a question how can i use the command shell in the setup option on ubuntu server cd to  operate irc bot ive got a disk in a pc without hdd and a pc running ubuntu 11.10 desktop im wondering if i can use usb cable to store info on hdd in pc running ubuntu 11.10
<JanC> what do you mean by "usb cable"?
<orionsonofneptun> ive got a toshiba laptop with only optical drive and no hdd
<orionsonofneptun> running ubuntu server os cd
<orionsonofneptun> ive opened command prompt
<orionsonofneptun> im going to use usb ports to tie it to other laptop running ubuntu 11.10
<JanC> orionsonofneptun: if you have an USB-to-ethernet cable or something like that
<orionsonofneptun> well im trying to figue how to use this to operate irc bot
<JanC> a plain simple USB cable won't work, obviously
<orionsonofneptun> ive got ethernet cable
<orionsonofneptun> and ethernet ports on both macines
<orionsonofneptun> why wont usb cable work
<JanC> if you have ethernet, you can use NFS or Samba to access the other machine's storage
<orionsonofneptun> how to use command prompt to
<orionsonofneptun> set this thing up
<JanC> orionsonofneptun: USB cable are host/device-based
<orionsonofneptun> i dont understand janc
<JanC> and most PCs only have "USB host ports"
<orionsonofneptun> please explain further
<JanC> do you understand client/server-architecture?
<orionsonofneptun> kinda
<orionsonofneptun> very little but im here to learn
<JanC> USB has servers (hosts) & clients (devices)
<hallyn> stgraber: older version of ubuntu = lucid containers on precise host with my lxc version?
<orionsonofneptun> so server dont understand usb????
<JanC> most PCs only have host ports
<orionsonofneptun> hmm you can hokk external hdd
<hallyn> stgraber: in other words, was your suggestion a general one, or specific to my proposed upload?
<orionsonofneptun> hook external hdd so why cant server
<JanC> orionsonofneptun: external HDD is a device/client, PC is a host/server
<hallyn> if not specific to my upload, then i'll push now and test those tonight.  Otherwise, I'll hold off on pushing until i have a chance to test :)
<JanC> if you have 2 PCs/laptops, they will both be "servers"
<stgraber> hallyn: specific to the apparmor profile in general, not necessarily to your changes. Part of that e-mail from jjohansen look like I missed some entries in the apparmor profile that really should be fixed in the next upload
<orionsonofneptun> i cant think now
<hallyn> stgraber: cool, thanks.  i'll look at that tonight
<hallyn> (and hold off on pushing)
<hallyn> ttyl.  have a good sprint :)
<JanC> orionsonofneptun: USB can not talk host-to-host (or server-to-server if you want)
<orionsonofneptun> can ubuntu server use usb port
<orionsonofneptun> if hdd info goes threw then why not
<JanC> orionsonofneptun: this has nothing to do with Ubuntu, it's a hardware limitation of USB?
<orionsonofneptun> so ubuntu server doesent limit use of usb port?????
<JanC> of course not?
<JanC> at least, not intentionally
<JanC> (unless it would be a security risk or something?)
<orionsonofneptun> ok im really lost here
<orionsonofneptun> im trying
<orionsonofneptun> to
<orionsonofneptun> install ubuntu server
<orionsonofneptun> is anyone able to tell me what to do
<adac> I'm trying to remove an old kernel: http://pastebin.com/fTC1DvQr but I get an error. unfortunately my boot partition is full, so i cannot execute apt-get -f install. Any ideas?
<orionsonofneptun> i cant mount cd-rom
<orionsonofneptun> why???
<orionsonofneptun> what is enlist system with ubuntu orchestra server
<orionsonofneptun> option
<orionsonofneptun> ok who wants to get me familiar with ubuntu server ????
<orionsonofneptun> ??
<ikonia> https://help.ubuntu.com
<ikonia> there is documentation there - please read it
<orionsonofneptun> i can t read it
<ikonia> why ?
<orionsonofneptun> ive got wireless issues now
<ikonia> you are clearly on the network as you are chatting
<ikonia> read the documentation on the machine you are on now
<orionsonofneptun> someone has included thier network withmine a big mistsake i dont know the first step in correcting
<ikonia> orionsonofneptun: read the documentation
<orionsonofneptun> where
<ikonia> I gave you the link
<orionsonofneptun> oh ill try agian
<orionsonofneptun> still i can t read it
<Daviey> anyone fancy doig a pkg diff review?
<Daviey> doing*
<pabelanger> link?
<Daviey> pabelanger: http://pb.daviey.com/FKQ2/
<pabelanger> Daviey, shouldn't it be dh $@ --with python2
<pabelanger> I also believe you might need X-Python-Version: all too
<Daviey> pabelanger: good catch.. on this occasion seems ot was a copy/paste error.. but well noticed!
<pabelanger> reading from
<pabelanger> http://wiki.debian.org/Python/TransitionToDHPython2
<Daviey> pabelanger: "XS-Python-Version is still supported, but X-Python-Version is preferred. It supports the same syntax, except current and all keywords are gone. If you don't know what the package's minimum required Python version is, don't add this field until a bug report informs you that foo doesn't work with an older Python version."
<pabelanger> ya, just read that
<ikonia> impressive spotting typo's in a diff
<ikonia> good eye
<pabelanger> Daviey, a side from that ship it
 * Daviey ships.
<Daviey> thanks pabelanger !
<pabelanger> danke
<ikonia> I know who to come to for checks now. That's pretty solid effort
<zul> Daviey: you are missing the with python2
<Daviey> zul: copy and paste error to the pastebin
<Daviey> but, also - good catch :)
<zul> Daviey: ah
<Daviey> SpamapS: Are you trying to get python-central back into main? :)
<SpamapS> Daviey: I miss its soft, soothing code
<Daviey> SpamapS: heh, i guess you caught it?
<SpamapS>   Uploading landscape-client_12.04-0ubuntu1_source.changes: done.
<SpamapS> Daviey: about 5 people caught it before you did.. none of whom were me. ;)
<Daviey> SpamapS: heh
#ubuntu-server 2012-03-20
<SpamapS> sbeattie: ugh.. the 5.5 test suite doesn't seem to want to be run out of tree. Probably will have to patch it a lot. :-P
<SpamapS> sbeattie: oh wait.. hah.. no.. the problem is that mysql-testsuite is no longer a meta-package in 5.5 .. so installing it pulls in 5.1's test suite
<sbeattie> SpamapS: oh! Haha.
 * sbeattie sighs.
<SpamapS> sbeattie: my bad. ;) I'll fix that in the upcoming 5.5.21 upload
<sbeattie> SpamapS: thanks, appreciate you digging into it.
<SpamapS> Still waiting for upstream to confirm that they do not believe it is safe to have a dynamically linked /usr/bin/mysql
<uvirtbot> New bug: #959856 in mod-wsgi (main) "installing mod-wsgi doesn't create link in /etc/apache2/mods-enabled" [Undecided,New] https://launchpad.net/bugs/959856
<uvirtbot> New bug: #959864 in samba (main) "/etc/init.d/smbd is missing LSB information" [Undecided,New] https://launchpad.net/bugs/959864
<hallyn> jjohansen: jdstrand: is there a sort of aa_get_profile() to complement aa_change_profile()?
<hallyn> really i just want to know if i'm confined.
<hallyn> (and if not, not try to transition)
<jjohansen> hallyn: yes see man aa_getcon
<hallyn> jjohansen: thanks!
<jjohansen> hallyn: note aa_get_peercon will only return an error atm because socket labeling isn't implemented yet
<jjohansen> hallyn: also technically you are getting the context, which could be more than a profile, but since stacking isn't yet supported it is currently only a profile
<jjohansen> also the profile name "unconfined" will indicate no confinement
<jjohansen> hallyn: there should also be perl, python, and ruby bindings for those fns
<sp4z> hi is how do i change the resolution on my ubuntu server?
<hallyn> jjohansen: thanks.  i only need c, and only want to check if i'm unconfined (if a transition failed)
<hallyn> jjohansen: hm, seems aa_onexec requires a different transition perm than aa_change_context
<hallyn> and http://wiki.apparmor.net/index.php/AppArmorAPIs uses wrong name (aa_onexec_profile)
<hallyn> all right i guess lxc will use aa_change_profile() for now.  it'll work, though it's not really "correct"
<jjohansen> hallyn: hrmm, sorry about the wiki, its uhmm about the last documentation to get updated, I'll make sure it gets a refresh for those.  change_onexec does use a slightly different variation to the change_profile perm.  I look and see why it isn't working
<blendedbychris> is there a quick way to tunnel a request on a specific port through a ubuntu box/
<SpamapS> blendedbychris: ssh -L or ssh -D
<SpamapS> blendedbychris: or ssh -R if you want to go from the remote to your local machine
<blendedbychris> SpamapS: can that watch for any application though that tries to use port 389 for instances
<blendedbychris> instance*
<SpamapS> blendedbychris: no, thats just a quick and dirty tunnel.. you'd have to tell the app to use the tunnel
<SpamapS> blendedbychris: if you want an IP level tunnel.. openvpn is pretty simple
<blendedbychris> what do you call the "middle" node? the proxy?
<blendedbychris> the openvpn method might work if i could set some arbitrary hostname
<blendedbychris> so ldap://proxy:389 -> 50.32.111.22 (my proxy) -> ldap://10.32.33.53:389
<SpamapS> blendedbychris: yeah, you could just use ssh for LDAP with 'ssh -L 389:10.32.33.53:389 50.32.111.22'
<SpamapS> blendedbychris: but that would only work if you did that on every client
<SpamapS> blendedbychris: for openvpn you're basically setting up an IP tunnel, so it gets more complicated
<blendedbychris> SpamapS: are you pretty familiar with ldap?
<blendedbychris> i'm kinda naive in the subjectâ¦
<blendedbychris> does the standard ldap:// protocol have encryption at all?
<blendedbychris> this really just solves half the problem is what i'm getting at â¦ that internal server needs to be encrypted too ideally
<SpamapS> blendedbychris: LDAP can use STARTTLS to do encryption, or you can run it fully wrapped in SSL as 'ldaps' which runs on port 636
<SpamapS> blendedbychris: depends on what your clients support. Most modern ones can do starttls
<blendedbychris> client meaning the app requesting say an ldap search?
<SpamapS> blendedbychris: righ
<blendedbychris> SpamapS: gotchaâ¦ currently it looks like i am only able to connect via plaintextâ¦
<blendedbychris> if i force TLS i get TLS: peer cert untrusted or revoked (0x42)
<blendedbychris> running ldapsearch -h 10.1.50.211 -p 389 -ZZ -d5 -b "" -s base "(objectClass=*)"
<blendedbychris> not sure if i've set my certs up properly though
<SpamapS> blendedbychris: looks like no
<twb> FFS
<SpamapS> blendedbychris: probably not trusted. Thats why people avoid end-to-end SSL.. its a nightmare to manage :)
<blendedbychris> do i have to grab the cert from the ldap server?
<twb> "Customer, you need to enable 88 and 464 from AD to your test VM for me to set up krb on it" "Them, I opened 88 and 464, what was your IP again?"
<twb> IOW I think they just opened their krb to the internet :-/
<blendedbychris> too many acronyms
<blendedbychris> brain imploded
<SpamapS> blendedbychris: this is a twinkie.. it represents the normal bad security energy on the internet for any one entity. Now, imagine a twinkie roughly the size of manhattan.
<blendedbychris> ugh
<blendedbychris> i'm ignoring that
<blendedbychris> tcpdumpâ¦ how do i make it output the actual data instead of just the summary ?
<blendedbychris> haha
<blendedbychris> love it
<twb> SpamapS: where is that quote from?
<twb> Ghostbusters?
<blendedbychris> with TLS should I see unencrypted data in tcpdump?
<twb> blendedbychris: only the word "STARTTLS"
<blendedbychris> twb: thanks
<twb> blendedbychris: well that and maybe a EHLO or HELO or whatever, depends on the protocol
<blendedbychris> well definatly not the password right heh?
<twb> blendedbychris: you're using 389?
<blendedbychris> yes
<twb> Port 389 I mean
<twb> OK so that's starttls
<twb> the ldaps port is assumed to be TLSd from the get-go
<blendedbychris> wait what?
<twb> There are two ways of doing TLS.  Either you use the plaintext port and start every conversation with "quick turn on TLS!" or you use a dedicated port.
<SpamapS> twb: yes that was ghostbusters :)
<twb> e.g. smtps. imaps, ldaps are dedicated ports
<twb> SpamapS: good because I couldn't find the bloody quote... stupid ddg
<SpamapS> it was really badly botched
<twb> http://en.wikiquote.org/wiki/Ghostbusters
<blendedbychris> i have a more important questionâ¦ who the hell would enable 389 and not force starttls?
<twb> SpamapS: no kidding
<twb> blendedbychris: lazy people
<SpamapS> Well, let's say this Twinkie represents the normal amount of psychokinetic energy in the New York area. Based on this morning's sample, it would be a Twinkie... thirty-five feet long, weighing approximately six hundred pounds.
<twb> I think I'm still doing it at some prisons
<blendedbychris> is it typical to run 686 with starttls?
<twb> blendedbychris: you can't run *starttls* on 636
<twb> That only takes tls
<blendedbychris> gotcha
<blendedbychris> does this sound rightâ¦ i'm asking my it dudes for the public cert and an account that has access to "poll" the directory
<blendedbychris> query the directory?
<twb> They should have a certificate hierarchy, and you should add their CA cert to your trusted cert list
<blendedbychris> isn't that what i'm asking for?
<blendedbychris> their public ca cert?
<twb> If they are stupid and lazy, instead of having a cert hierarchy, they will have self-signed certs everywhere, in which case you ask specifically for the cert they're using for LDAP
<twb> certs are always "public"; they're just public keys signed by other keypairs
<blendedbychris> okay so what's the smartest way i can ask heh
<twb> What are you actually trying to achieve?
<blendedbychris> get the cert and probably have them make another account to query ad
<blendedbychris> so i can use starttls
<blendedbychris> on some web server we run externally
<blendedbychris> currently we have an internal web server that is performing queries in plaintext
<twb> So ACTUALLY what is happening is you have a working AD LDAP/krb infrastructure, and you have a new httpd, and you want people to be able to log into web apps under the new httpd using their existing AD accounts?
<blendedbychris> correct
<twb> And everything is working except it's not encrypting the LDAP conversation?
<blendedbychris> well i am about to add another httpd that isn't even hosted internally so starttls is a must
<blendedbychris> but yes
<twb> OK
<twb> The new httpd is running Ubuntu 10.04?
<blendedbychris> ya
<twb> And is it apache, or what?
<blendedbychris> nginx
<twb> OK, is nginx using PADL libpam_ldap, or what?
<blendedbychris> php's whatever
<blendedbychris> is the client
<twb> Ugh
<twb> Do you know the path to the ldap.conf that <whatever> is reading?
<twb> e.g. is it /etc/ldap.conf or /etc/ldap/ldap.conf
<blendedbychris> big ol guess that it's /etc/ldap/ldap.conf
<twb> You need to know what LDAP client it's using and what config file to edit
<twb> Ubuntu at a minimum has both the ones I just mentioned, used by different LDAP clients :-/
<blendedbychris> let me double check
<blendedbychris> it's using openldap
<twb> On what do you base that conclusion?
<twb> Actually an easy way to test it would just be to put bullshit in the suspected file, restart the app, and see if it is broken
<twb> Looking at ldap.conf(5), it seems that you cannot say "always use starttls".  You can either set an ldaps://... URI, in which case it uses tcp/636, or you can make sure the *app* issues a starttls by configuring the app.
<twb> FWIW I just use ldaps, although the #openldap people didn't seem to like that
<blendedbychris> ya
<blendedbychris> everything i read it's "dated"
<blendedbychris> whatever
<blendedbychris> twb: i'm basing that conclusion on php manual i guessâ¦. it mentions openldap
<twb> http://paste.debian.net/160386/ is what my ldap.conf looks like; I symlink /etc/ldap.conf and /etc/ldap/ldap.conf together; the #openldap people hate that, too.
<twb> Note that "ldap" resolves to my LDAP server, which listens on 636/tcp, and cyber.pem is my CA cert
<blendedbychris> righto
<blendedbychris> either way though i just need to ask for a the ca cert for ldap and an account to do queries
<twb> IMO your first step is to make sure 636 is open
<blendedbychris> why? i don't care to use ldaps i just want to use starttls
<twb> 18:32 <twb> Looking at ldap.conf(5), it seems that you cannot say "always use starttls".  You can either set an ldaps://... URI, in which case it uses tcp/636, or you can make sure the *app* issues a starttls by configuring the app.
<blendedbychris> hrm
<blendedbychris> i see what you are saying
<blendedbychris> the server needs to force starttls
<twb> If you want to use starttls specifically, rather than "I want the traffic encrypted", then you'll need to ask #php for help
<blendedbychris> imho
<twb> blendedbychris: if the ldap server only allows starttls, then you'd have a non-working system AFAICT
<blendedbychris> indeed
<twb> The starttls request is issued by the client side
<blendedbychris> i should have a non-working system because the system that is working is working in such a way that it shouldn't :)
<twb> Either the libldap to use 636 which implicitly forces TLS, or ask #php or whatever how to force starttls
<blendedbychris> okayâ¦
<blendedbychris> thanksâ¦ you have gone above and beyond my desired wishes
<twb> Er, s/the/tell/
<twb> Be grateful they don't want SPNEGO
<sabgenton> if I install a dependency with dpkg -s bladep.deb then run apt-get install thing_that_needs_that_dep
<sabgenton> will it pick up bladep?
<uvirtbot> New bug: #959990 in ntp (main) "unnecessary ntpdate invokation" [Undecided,New] https://launchpad.net/bugs/959990
<twb> sabgenton: use apt, not dpkg
<sabgenton> twb: dude the very reason I'm asking this is for times when my package isn't in a repository
<twb> You should tell your vendor to fix that
<sabgenton> twb: or are you saying I can use apt on a .deb?
<sabgenton> twb: I very much dought ubuntu is going to repo every thing I ask for
<twb> If some random crack-head makes a .deb and doesn't know how to put it in an apt repo, it is probably not a good deb for you to install.
<sabgenton> I think that's a bit rude to call someone who doesn't use debian or ubuntu a crack-head
<twb> I'm not interested in your opinions.
<sabgenton> twb: do I basicly have to make a PPA if I want a deb to be known to apt?
<sabgenton> twb: sorry
<greppy> sabgenton: not everyone is twb :) just because someone stuffs it into a repo doesn't magically make it better.
<twb> sabgenton: this is a deb *you* made?
<twb> greppy: better for the end users than gdebi, which will ignore Recommends and generally make a mess of things.
<twb> greppy: but sure, putting it in apt won't make it better, but hopefully someone who knows how to do that, also knows how to use things like lintian
<sabgenton> no I didn't make the .deb
<sabgenton> and I don't really want to talk about one .deb  because I have had countless times where there's something I want to install that is a .deb but not in a repo
<sabgenton> greppy: Is PPA the only way to make apt happy
<sabgenton> ?
<sabgenton> only decent way
<twb> You shouldn't install such things because they're very likely to be crap quality and mess up your system
<twb> webmin would be a textbook example; its deb has three critical errors and hundreds of minor errors
<sabgenton> twb: even the deb in the ubuntu repos?
<sabgenton> (webmins in the repos right)
<twb> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<sabgenton> heh ok
<sabgenton> interesting did  not know that
<sabgenton> twb: so say I do make my own private package then
<sabgenton> And I don't want to upload it to ubuntus repo
<sabgenton> whats the best way to get it working with apt's dependency knowlage?
<twb> Probably sbuild or pdebuild and reprepro
<sabgenton> twb: ok, which is more preferable out of  the two
<twb> I haven't used sbuild before.
<twb> I think pbuilder is "good enough"; sbuild is better but harder to get started with
<sabgenton> wait do those tools just make .deb's
<sabgenton> ?
<sabgenton> I'm asking how to make apt aware of them
<twb> That's what reprorepo does.  You upload .changes files to it using dcmd and it builds an apt repo
<sabgenton> oh see
<sabgenton> (sbuild or pdebuild) and reprepro
<sabgenton> so the ones in paren's just make the package
<twb> In a deterministic clean environment, yes.
<sabgenton> twb: so with reprorepo I would make a repository on my localhost then just point /etc/apt/sources.list to it?
<twb> Yes.
<sabgenton> ok I guess I'll look at that
<sabgenton> spose I was hoping there was an easy way to just make apt see a .dep in some sort of already made default repo on localhost
<sabgenton> twb: thx for the help
<lynxman> morning o/
<jamespage> Daviey: rabbitmq
<lynxman> jamespage: that's all needed to nag Daviey nowadays? :)
<jamespage> lynxman:yep
<Daviey> jamespage: yes, yes.. will do it today
<Daviey> Sorry for being crap
<jamespage> Daviey: no problemo
<jamespage> Daviey, in all likelyhood I'm not sure its needs a FFe
<jamespage> and we don't have to MIR the new packages...
<ghatak> Looking for a lightweight monitoring ( preferably with history ) tool for a linux system. Don't want to use cactai/nagios etc. I want something that is quick and can monitor things like ( CPU, Memory, IO, Network ). Suggestion ?
<iclebyte> ghatak, we use zabbix for this
<ghatak> right let me checkzz thanks
<iclebyte> just run a small agent on the remote host and let zabbix poll it. it stores historical data
<iclebyte> we monitor about 40 hosts with it.
<ghatak> rightoo
<cloakable> Got my eye on a hifn hardware raid card for my server... would it benefit ubuntu server though?
<jamespage> bencer_, all the zentyal source packages have now been accepted - they are just working their way through the binary NEW queue now
<bencer_> jamespage: so the only thing needed to have them included is waiting the builders finish their work? :)
<jamespage> bencer_, they have build but the new binary packages need to be accepted by the archive-admin's as well
<bencer_> aha ok, cool
<jamespage> bencer_, https://launchpad.net/ubuntu/precise/+queue
<bencer_> jamespage: onces they hit the archive we should request the removal of ebox packages, right?
<jamespage> bencer_, yes - I have a bug raised for that
 * jamespage digs it out
<jamespage> bencer_, bug 957109
<jamespage> hmm - no bot today
<jamespage> bencer_, https://bugs.launchpad.net/ubuntu/+source/ebox/+bug/957109
<bencer_> jamespage: ok perfect
<uvirtbot> Launchpad bug 957109 in ebox "Please remove libebox, ebox and ebox-* packages from the precise archive" [Undecided,Incomplete] https://launchpad.net/bugs/957109
<uvirtbot> Launchpad bug 957109 in ebox "Please remove libebox, ebox and ebox-* packages from the precise archive" [Undecided,Incomplete]
<uvirtbot> New bug: #960144 in lxc (universe) "lxc-start failing to setup mounts" [Undecided,New] https://launchpad.net/bugs/960144
<zul> Daviey: can we rethink the nova console patch...its causes the testsuite to fail because the fifo stuff doesnt exist in the buildd
<Daviey> zul: that is new?
<zul> Daviey: no
<zul> Daviey: just frustrating
<pabelanger> zul: I heard something about the Debian openstack team adding dbconfig-common support to nova and glance, do you know where that code lives? Or if it exists?
<zul> pabelanger: http://anonscm.debian.org/gitweb/?p=openstack/$proj.git
<zul> not swift though
<pabelanger> Is the pkg-openstack team considered upstream for packaging or is ubuntu?
<zul> pabelanger: for ubuntu we do our own packaging and we are kind of upstream as well
<pabelanger> zul: I see, so we would never sync openstack from debian, is that safe to say?
<zul> pabelanger: yes we had the packging done before them
<pabelanger> zul: okay, I only ask because I have 2 reviews up for dbconfig-common support, but Debian has already added support.  The patches take 2 different approaches, so I'll just wait and see how we want to move forward
<zul> pabelanger: yeah i just got back from vacation so its in the queue im not so sure about adding dbconfig-common support to nova at this late in the cycle though
<pabelanger> Understood, I was likely to late to the game to get it merged upstream.  However, it does help with automated deployments. Worst case I'll have to package it locally
<zul> pabelanger: ack
<roaksoax> zul: do you have any examples that uses debconf questions for a 'select'?
<zul> roaksoax: what do you mean?
<roaksoax> zul: debconf questions that are of the type 'select'
<zul> roaksoax: not off the top of my head
<zul> postfix
<roaksoax> zul: cool thanks
<uvirtbot> New bug: #960262 in lxc (universe) "include an option to use aufs instead of overlayfs in lxc-start-ephemeral" [Undecided,New] https://launchpad.net/bugs/960262
<Daviey> jamespage: does the rabbitmq requested upload have a PPA?
<Daviey> i'd ike to point it to another upstream project to validate it.
<uvirtbot> New bug: #960276 in nova (main) "a bad AMI can hang an entire compute node" [Undecided,New] https://launchpad.net/bugs/960276
<jamespage> Daviey: no - but it can have one
<SpamapS> jamespage: whats the situation on rabbitmq? I know 2.7.1 regressed the start/stop behavior.. anything else? Did I hear that there was a FFE needed for something?
<jamespage> SpamapS, lynxman did some work to fold in the current plugin packages that are universe to rabbitmq-core
<jamespage> it creates NEW binary packages from rabbitmq-server source
<jamespage> I fixed up the start/stop behaviour
<jamespage> but thats about it
<SpamapS> Ah ok
<Daviey> SpamapS: in hope of getting it in today, if it works out ok
<Daviey> jamespage: does it have Breaks / Replaces?
<lynxman> Daviey: it does :)
<jamespage> Daviey, yes it does
<Daviey> lynxman: cool
<bencer_> jamespage: how long do you think will take zentyal hit the archive? the seems that from the docs team doesn't want to merge the doc until the packages are not in the archive...
<jamespage> bencer_, they should land in the next day or so - the AA's review periodically
<bencer_> ok thanks
<hallyn> gary_poster: do you prefer I use the old aufs option ('-t|--type'), or ('-U|--union') ?
<uvirtbot> New bug: #960336 in cloud-init (main) "grub-legacy-ec2 missing dependency: ucf" [Undecided,New] https://launchpad.net/bugs/960336
<Daviey> SpamapS: meeting?
<Daviey> utlemming: meeting?
<gary_poster> hallyn, sorry was lunching.  If -U does not take an argument, that makes sense to me.
<gary_poster> -t is more future proof though, I suppose
<gary_poster> IOW, hallyn, I don't have a string opinion.  I guess at this instant in time, I'd lean towards -t, preferring the future-proof argument.
<hallyn> -U would take aufs or overlayfs
<hallyn> just as -t did
<hallyn> -U just seems to be more obvious :)  i was just wodnerng if anyone would be using -t in a script (from oneiric)
<hallyn> gary_poster: ^
<gary_poster> hallyn...not us, and this is a new script, so go with the more obvious choice
<hallyn> ok
<blendedbychris> i have a hyper-v server with a "synthetic" interface and a "legacy" interface i can't get the synthetic interface to show up
<blendedbychris> any idea where to start ?
<blendedbychris> supposedly this kernel has this driver
<hallyn> jjohansen: to make /etc/apparmor.d/lxc/lxc-default be loaded at reboot, what should i do?
<hallyn> (i'd have thought all files under /etc/apparmor.d just get loaded?)
<jjohansen> hallyn: it should be unless its disabled.  Is there a link in /etc/apparmor.d/disabled ?
<hallyn> nope
<jjohansen> hallyn: you can test what gets auto load with /etc/init.d/apparmor restart
<hallyn> even if it's under a subdir?
<jjohansen> hallyn: oh. no subdirs aren't auto-loaded
<hallyn> ah
<hallyn> so what shall i do?
<hallyn> can i make a list somewhere?
<jjohansen> hrmmm, jdstrand^ what do you think the best way to approach is
<hallyn> gary_poster: d'oh, my test kernel doesn't have aufs.  But I *think* lp:~serge-hallyn/ubuntu/precise/lxc/lxc-shutdownv2 should be enabling aufs for lxc-start-ephemeral.  (and at least doesn't break overlayfs ones)
<jjohansen> hallyn: sorry when it comes to packaging and ubuntu init I still find stuff that surprises me, jdstrand and kees handled most of that stuff
<hallyn> jjohansen: thanks
<gary_poster> hallyn, cool, getting and looking
<jjohansen> hallyn: there are a couple things that can be done that I can think of.  Drop a symlink in the top dir, drop an include dir in another profile file
<jjohansen> hallyn: is lxc-start in the main dir?
<hallyn> yes
<jjohansen> you could drop an include at the end of the file
<jjohansen> just include the directory
<hallyn> jjohansen: i suppose i can just leave them in the main dir.  I just wanted to not pollute it too much
<hallyn> ?
<jjohansen> any file in the directory would get included
<jjohansen> so you can drop files in as you want
<hallyn> #include "lxc/" ?
<jjohansen> yep
<hallyn> thanks will try
<jjohansen> make sure the include is outside of the profile, just stick it at the end of the file
<jjohansen> oh, hrmm that may mean modifying the included profile file
<jjohansen> slightly so that it doesn't include the global abstraction stuff again, that has been on my list to fix for awhile but has been low priority
<memoryleak> hi
<hallyn> jjohansen: yeah i just noticed it's complaining about redefs
<hallyn> redefinitions
<jjohansen> yeah
<hallyn> just made it a new empty file with only the #include :)
<hallyn> thanks, i'll stop taking your time (cause i want that getcon fix :)
<jjohansen> that will work
<jjohansen> :)
<gary_poster> hallyn, looks good, and I confirmed that it works with -U aufs here.  The only issue I saw was because I already had another ephemeral running (because of the one-at-a-time aspect of lxc-wait).  I'll run it through some more tests later, but +1 from me.  Thank you!
<hallyn> gary_poster: I may write a lxc-wait script to replace that
<hallyn> I think I have to
<gary_poster> that would be great, if sad that you have to do that
<jdstrand> hallyn: sorry, did you get your question about policy loading during init answered?
<blendedbychris> after  i install ubuntu-desktop how do i remote into the gui?
<jdstrand> hallyn: well, in case not, if you are shipping an upstart job, you can look at avahi-daemon.conf for inspiration. eg add something like:
<jdstrand> pre-start script
<jdstrand>     /lib/init/apparmor-profile-load <subdir>/<profile>
<jdstrand> end script
<jdstrand> (note '<subdir>/<profile>' should not have '/etc/apparmor.d/' prepended
<jdstrand> )
<hallyn> jdstrand: what i'm doing right now is shipping a /etc/apparmor.d/lxc-containers which just has '#include <lxc>'.  It's working
<smoser> utlemming, if you poke at the locale stuff... i think profile.d could be  made usable.
<hallyn> jdstrand: if that's deemed less desirable, i'll change it, but it's working
<utlemming> smoser: I've tested that profile.d code and it works
<utlemming> smoser: even with the bash-isms, but yeah, I'll get that implement this week
<jdstrand> hallyn: that would certainly work. it is a little odd in some ways, but is also nice in that anything else that gets dropped into /etc/apparmor.d/lxc will magically get loaded
<hallyn> jdstrand: right - cool, thanks.
<jdstrand> hallyn: can you paste the output of 'sudo aa-status' after having done that?
<smoser> utlemming, well of course it will work in bash with bashisms.
<smoser> but not if your shell is /bin/sh or zsh
<smoser> profile.d probably has to be posix shell pure
<hallyn> jdstrand: http://paste.ubuntu.com/892472/
<jdstrand> hallyn: what are the contents of your /etc/apparmor.d/lxc directory?
<hallyn> jdstrand: just /etc/apparmor.d/lxc/lxc-default right now
<hallyn> (shipped with the package)
<jdstrand> hallyn: and that has 'profile lxc-container-default ... {...}'?
<hallyn> Recommendation in server guide will be to drop per-container profiles there if desired and manually load
<hallyn> yes
<jdstrand> hallyn: ok, so this will work. keep in mind that if containers start before the apparmor initscript is loaded, then things won't be confined
<hallyn> jdstrand: actually they refuse to start then
<jdstrand> hallyn: this is where the upstart job change would help
<hallyn> jdstrand: lxc-start fails aa_change_profile() and bails
<jdstrand> hallyn: ok, fair enough-- you might get a bug report about things failing to start
<blendedbychris> i installed the package ubuntu-desktop â¦ how can i remote access the gui?
<blendedbychris> on server
<blendedbychris> can i make it startx remotely?
<hallyn> jdstrand: could be.  I'm open to changing it to try and autoload, but i don't want to complicate it at this stage
<hallyn> jdstrand: i'm not sure where upstart job would help with new profiles...
<jdstrand> hallyn: you could fix that condition by adjust lxc-start to load the policy (like we discussed before), or use the upstart snippet I gave above to load /etc/apparmor.d/lxc-containers
<jdstrand> hallyn: (which would use your #include lxc trick)
<hallyn> jdstrand: I've missed something
<jdstrand> hallyn: ok, the upstart job has:
<jdstrand> pre-start script
<jdstrand>     /lib/init/apparmor-profile-load lxc-containers
<jdstrand> end script
<jdstrand> /etc/apparmor.d/lxc-containers contains:
<jdstrand> #include <lxc>
<hallyn> but lxc-containers gets loaded at start anyway... what does it gain to have it in upstart job?
<hallyn> (being dense, not on purpose)
<jdstrand> this has the benefit of loading whatever is in /etc/apparmor.d/lxc (like now), and you can make sure in the job that it gets started before something that uses lxc-start
<hallyn> oh, cause there's no guarantee when /etc/init.d/apparmor runs?
<jdstrand> hallyn: yes
<hallyn> got it, thanks
<jdstrand> it runs in rc 2
<jdstrand> hallyn: anyhoo, food for thought. I'll let you decide what you want to do with all this info :)
<hallyn> jdstrand: thanks.  I'll do that.  And like I say I do want to add attempts to laod policy if transition fails, but only after getcon issues are fixed.
<hallyn> jdstrand: thanks, ttyl
<jdstrand> hallyn: oh, one last thing: I suggest adding a clear comment in /etc/apparmor.d/lxc-containers as to what it is doing and why, so people know what is happening and aren't tempted to edit it
<hallyn> good point.  will do
<newbchessplayer> i installed ubuntu server but cant get a gui working
<newbchessplayer> i apt-get'ed gnome-shell
<JanC> newbchessplayer: you probably also want a DM etc.
<JanC> and Xorg, of course
<JanC> newbchessplayer: but I suppose it's easier to install a regular desktop if you are new to this
<newbchessplayer> dm?
<JanC> something like XDM, GDM, LightDM, KDM, ...
<newbchessplayer> what are they
<JanC> they provide the graphical login screen etc.
<newbchessplayer> yes that's what i need
<JanC> but like I said: better install a desktop
<newbchessplayer> ok
<JanC> then you get all that out of the box
<JanC> alternatively, there are several *-desktop metapackages that will install all you need for that particular desktop
<newbchessplayer> what is fd0 read error?
<newbchessplayer> floppy error
<kamal> Hi cloud people ...   I've been getting experimenting with EC2 for a week or so, and I have a couple of technical questions about the "guest" AMI's that Canonical provides.  Are the folks who construct those AMI's here perchance?
<utlemming> kamal: yup...how can I lead you astray?
<kamal> quite easily, I'm sure ....
<kamal> first question:   why is grub-pc even installed on the EC2 images?   it looks to me like the only grub package EC2 actually needs/uses is grub-legacy-ec2
<utlemming> kamal: correct. Even though the images in EC2 don't use the grub packages, the images that are generated can be downloaded from http://cloud-images.ubuntu.com and used in KVM, OpenStack and other virtual solutions. We try to produce generic images that are suitable for use on as many clouds as possiable.
<kamal> utlemming: ok, got it
<kamal> second question (maybe the same answer) ...   why do the EC2 images run getty's on tty[1-6]?
<utlemming> kamal: same reason...for general use else where
<kamal> utlemming: ok, makes sense.   last one (maybe ;-)....    Do we provide a "super-minimal" cloud image?   (I've constructed my own, but I'm curious).
<utlemming> kamal: what do you mean by super-minimial? The images are built from the ubuntu-minimial and server patterns with the cloud-init packages put on to make them useable.
<kamal> utlemming: I guess I mean an image which includes the very smallest set of packages that can be useful on a cloud-hosted VM.   (I don't know anything about "ubuntu-minimal" or "patterns").   Even cloud-init isn't really *necessary* to construct a VM...
<kamal> I.e. I have constructed a working (key-preinstalled) ubuntu EC2 AMI with just "debootstrap --variant=minbase" plus {linux-image-virtual, grub-legacy-ec2, isc-dhcp-client, openssh-server}
<kamal> utlemming: so I guess I mean:  do we (should we?) provide something like ^^^ that as a "minimal AMI"
<utlemming> kamal: the reason we don't, is because there are problem with super-minimial images like that, in the respect that we need to provide enough tools to get the image workable. Cloud-init is a python package that handles on-boot customization, injects the keys, etc.
<utlemming> kamal: what is the impitious for asking?
<cwillu_at_work> kamal, if you need something stripped down, you're best of doing the stripping yourself
<cwillu_at_work> there will always be something vital for you that somebody else doesn't ever use, and something they consider vital that you'd never touch
<cwillu_at_work> alternatively:  "Yes: the super minimal package is 'linux-image-3.3.0'"
<cwillu_at_work> anything else you'd want, you can get from an initramfs you pull in over tftp
<kamal> utlemming: ok, I understand that such an image wouldn't be interesting as a "cloud guest" image.   my goal is to construct a lean-mean image to use as a compute-slave, and I want to avoid wasting precious microseconds or megabytes with unneeded pkgs or processes.
<cwillu_at_work> kamal, did you read what I just wrote? :p
<utlemming> kamal: smoser has a project called cirros that is stripped down cloud images (https://code.launchpad.net/~smoser/cirros/trunk)
<kamal> cwillu_at_work: yup, but wanted to answer utlemming's question :-).    I understand your advice also, thanks.   Note that I'm not trying to construct an image which contains *any* packages that are "vital to me" though ...   I'm interested in the set of packages that are "vital to boot".
<cwillu_at_work> and what I said still applies
<kamal> ah, smoser's project does appear to be about what I'm talking about
<smoser> its not ubuntu.
<smoser> its buildroot (uclibc)
<kamal> smoser: well, I guess its at least the concept of what I'm talking about :-)
<smoser> i'm curious why you're so interested in lean
<kamal> smoser: because: why waste RAM and time with e.g. getty's?
<smoser> you can probably stop them
<smoser> for i in 1 2 3 4 5 6; do sudo stop $i; done
<kamal> smoser: sure, but why start them at all?
<smoser> in the end, anything that is wasting memory should be able to be turned off.
<smoser> so then you're just wasting disk spae
<smoser> space
<smoser> i just find it a lot of effort for a little gain.
<smoser> and if you really wanted to, you could supply cloud-init data that would not start those ttys
<smoser> yes... then you'd pay the cost of code running to disbable them.
<kamal> smoser: yup, *now* you're getting on my wavelength ;-)   If I'm constructing an image for a dedicated compute-slave, which I'll run many many instances of,  I think it makes much more sense to just leave unwanted stuff out of the image, as opposed to wasting the time/space to turn it off at boot.
<kamal> the effort will be a one-time operation, but the gain will be multiplied by the N times the instance will be run.   So I see lots of potential gain to optimizing there.
<smoser> kamal, you're just simply going to spend a lot of time optimizing something and fixing bugs and pulling hair.
<smoser> nothing is a one time operation.
<kamal> smoser: well I guess I still have a bit of hair left to pull, so that sounds about right ;-)
<kamal> anyway, utlemming, cwillu_at_work, smoser ...  thanks for the answers and advice.  I'll know where to come for further questions!  :-)
<smoser> well, if your systems spend most of their life starting and stopping, then you probably have some optimizations you can make.
<smoser> if, however, you like to do other things than boot
<smoser> then your % of time spent booting goes down quickly.
<smoser> yes, 10 second boot on a laptop is nice, but if uptime is measured in days, 20 seconds wasn't so bad.
<smoser> but anyway.
<kamal> smoser: I imagine that for my application, the uptime of each system will be exactly 59 minutes (one EC2 time-chunk)
<kamal> I haven't clocked anything, but I even wondered if maybe t1.micro CPU throttling might kick in *during* the boot process, such that it would actually be even more useful to strip down useless CPU-intensive stuff at boot.
<smoser> well, then, you've given yourself a fairly good target for optimization:
<kamal> (again, my only experience with cloud stuff *at all* is about 1 week playing with EC2)
<smoser>  (60 * 59 - 20) / (60 * 59) = .9943
<smoser> so if you save 20 seconds in boot, you'll gain .005% cpu utilization
<smoser> and i surely hope you can't save 20 seconds at goot
<smoser> err... sorry . bad math. that is .5%
<blendedbychris> which vnc server do i use if i want to allow windows users to use something like tightvnc to see the login screen?
<blendedbychris> and login as their respective user
<kamal> smoser: .5% is not entirely insignificant, I think, but its good to quantify it.   maybe I'll run an actual boot speed test and really see if it makes even that much difference.  again, thanks very much for the advice, this was a very useful discussion for me.
<smoser> kamal, if you're interested in maximizing usefulness of time/$
<smoser> then you will want tofind out the answer to something i have never figured out
<smoser> (or never bothered to)
<smoser> when does the clock start for your 60*60 on amazon
<smoser> i suspect it starts when your request comes in, and they start doing IO on your part on their nodes.
<smoser> you start booting at some point later
<smoser> so that provisioning time is cost
<kamal> smoser: I imagined that the clock started at moment that the instance goes from "pending" to "running" ...  it wouldn't be fair for them to charge you for provisioning time, imho.   I'll find out.
<smoser> its easy to thikn that is no fair
<kamal> yup
<smoser> but in another sense it is
<smoser> you're using their IO
<smoser> or, rather, they're doing IO on your request
<kamal> no, *they* are using their IO
<kamal> yup.
<smoser> why should you get free IO ?
<kamal> imho, they charge me to "run the image".   if their systems are slow and it takes them a long time to get my image to the "running" state, thats their problem, not mine (I can't do anything about it).   As opposed to:  if my system *boots* slow, then its my problem.   Again, this is just *my* thinking.  :-)
<uvirtbot> New bug: #960500 in net-snmp (main) "net-snmp-config shift error" [Undecided,New] https://launchpad.net/bugs/960500
<kamal> http://aws.amazon.com/ec2/faqs/#What_defines_billable_EC2_instance_hours   ::   Instance-hours are billed for any time your instances are in a ârunningâ state.
<kamal> smoser: ^^
<smoser> ah.
<smoser> well thats interesting.
<smoser> but i dont know how you can get that.
<blendedbychris> no one?
<blendedbychris> is there not a vnc server app that works more like remote desktop?
<smoser> kamal, http://paste.ubuntu.com/892613/
<kamal> smoser: ec2-describe-instances shows a timestamp which I bet is the start time
<kamal> hahaha
<smoser> it is not
<smoser> it is the request time
<smoser> (as shown in that paste)
<kamal> smoser: hmmm... curious.  why do I care what my request time was?   :-/
<smoser> because its the billing start time :)
<kamal> smoser: not per that FAQ though
<smoser> yeah. i dont know.
<cloakable> Anyone know how to combine fail2ban with remote logging?
<Pici> cloakable: fail2ban appears to support logging to syslog, so you should be able to work with it from there.
<cloakable> Yeah, but it wants to watch a logfile. Which presumably means running on the server accepting the logs.
<cloakable> Which as far as I can tell with default configuration, means that someone trying to bruteforce my gateway will get banned on the logging server. Not useful.
<cloakable> I suppose mounting the remote directory via nfs might work
<maxagaz> hi
<maxagaz> md5sum returns the md5 following by the file name, why not only the md5 ?
<maxagaz> md5sum, is there some option to get only the md5, or only awk, cut... ?
<bluefrog> md5sum without the name of the file in a list is pretty useless
<marcoceppi> maxagaz: there isn't, in the ch_get_file method, when it calculates md5 sum it does md5sum <file> | awk '{ print $1}'
<zul> SpamapS: ping what do you think about https://bugs.launchpad.net/bugs/959426 (note we dont use mysql by default)
<uvirtbot> Launchpad bug 959426 in nova "nova services start before mysql on boot" [Undecided,Confirmed]
<SpamapS> zul: the age old problem. ;)
<SpamapS> zul: these services should probably be more resilient to the database being unavailable and retry a few times.
<zul> SpamapS: right but the upstart scripts for nova doesnt assumed that mysql is installed
<SpamapS> zul: the upstart jobs are doing the right thing. Ignore the "on the same machine" bit. What if your data center goes down all at once? When you come back up.. you shouldn't have to remember what order to boot machines.
<zul> right
<SpamapS> we likely start mysqld and glance and nova all at the same time, on runlevel 2
<zul> ok i can accept that
<maxagaz> marcoceppi, ok, thanks
<maxagaz> how to echo a tab ?
<maxagaz> echo -e "a\tb"
<guampa> someone knows if postfix *_queue_lifetime can be tuned for specific smtp errors? I would want to set 2 days max for smtp 450 (mailbox unavailable)
<gary_poster> hallyn, will lxc cause top to be confused about active processes in the container?  I didn't expect so, but I'm seeing unexpected behavior (which may well be from other sources) that reports that only one process is active and the rest are idle.  I have one active process in the host, but should have ~16 from 8 containers.  my cpu usage info is also very low, according to top (>99% idle).  Is any of this explainable
<gary_poster>  with lxc, or should I look elsewhere?
<gary_poster> note that the container's processes are listed in top, it's just that are not shown as doing much
<soren> Daviey: Expect a keystoneconfig-common to appear out of nowhere soon. Should make integrating packages with Keystone a breeze.
<Daviey> soren: that is awesome!!
<Daviey> soren: Likely before Thurs?
<soren> Daviey: It's almost done. I expect to finish testing it tomorrow.
<soren> Daviey: There's probably half a million things I haven't thought about, but the other 27 things I did think about should be covered.
#ubuntu-server 2012-03-21
<hallyn> gary_poster: that shouldn't be lxc...
<uvirtbot> New bug: #960761 in bacula (main) "Typo in template files for mysql & pgsql director packages" [Undecided,New] https://launchpad.net/bugs/960761
<hallyn> gary_poster: to top running int he container, there's no difference between tasks in or not ina  continer
<hallyn> gary_poster: now if you set the cgroups to throttle the container, you can do that, but then the container would act slow...
<hallyn> and actually, you could pin it to one cpu and limit memory, but you can't make it slow (only give it fewer cpus shares if there are other active competing tasks)
<hallyn> smoser: you've got impressive bash-fu.  Do you mind proofreading my bash replacement for lxc-wait?
<hallyn> (it seems to work...)
<smoser> sure
<hallyn> smoser: http://people.canonical.com/~serge/lxc-wait
<hallyn> thanks
<smoser> hallyn, how real a critique do you want
<smoser> ?
<smoser> :)
<hallyn> smoser: particularly things that look dangerous (that a c programmer would mistakenly do in a bash script)
<smoser>  * container_exists does not check the return code of lxc-ls
<hallyn> smoser: hopefully it won't have to live long...
<hallyn> (only until i re-write all of lxc in go)
<smoser>  * verify_state() does not use local variables
<smoser> and
<smoser>   for((i=0;i<${#valid_states[@]};i++)); do ... ; done
<smoser> would be bash specific, but does not fork for 'seq'
<hallyn> smoser: to spare others, do you mind pastebining?  :)
<smoser> you could also do that with a local 'i' counter variable and increment it with i=$(($i+1))
<hallyn> smoser: i don't mind bash specific, this is definately bash.  will use that thanks
<smoser> verify_states: use local variables
<smoser> hm...
<smoser> can i do this tomorrow, hallyn ?
<smoser> can you just ping me when you get in ?
<smoser> i'm way past should-be-working time
<hallyn> smoser: sure - thanks
<smoser> you know, that in general, stuff like this:
<smoser>  s=`lxc-info -s -n $lxc_name | awk '{ print $2 }'`
<smoser> just doesn't check for failure
<smoser> right?
<smoser> even with set -e (which i generally dislike) that will not fail
<smoser> because the return code used for checking is that of 'awk' which most likely didn't fial
<hallyn> yeah...  is therea  better idiom?
<hallyn> use variable for each step?
<smoser> that is safer. then you can catch the failure of one.
<smoser> or, direct to a file
<hallyn> (it's tough to resist my love of pipelines :)
<smoser> and then read from file
<hallyn> i'll split it into steps.  thanks.  good night.
<smoser> in bash, you can actually do it
<smoser> see BASH_PIPESTATUS (man page)
<smoser> might be PIPE_STATUS
<smoser> good night
<lifeless> smoser: pipefail isn't it?
<lifeless> smoser: or do you mean manually implementing it via $PIPESTATUS ?
<hallyn> pipefail sounds nice
<twb> I use pipefail all the time
<twb> Otherwise false | true will not cause an abort in set -e
<twb> http://paste.debian.net/160476/
<hallyn> twb: i've learned something today
<hallyn> gary_poster: around?
<twb> I strongly recommend having all sh code peer reviewed by #bash
<hallyn> freenode?
<twb> Yes
<hallyn> are they going to bikeshed?
<twb> twkm, greycat et al may be acerbic, but they will help you avoid the most common fuckups
<twb> hallyn: yes, but feel free to ignore that
<hallyn> :)
<hallyn> cool, i think i'll start doing that. thanks!
<twb> It is a lot like #netfilter, if you read and understand the FAQ then you have 90% of the problems solved
<twb> Even just lurking there helps
<linocisco> hi pfsense vs Ubuntu server , which is stronger and reliable ?
<qman__> linocisco, both are strong and reliable
<qman__> pfsense is a tailored firewall distribution, while ubuntu server is general purpose
<qman__> both can run most of the same software, and perform most of the same tasks
<twb> In lucid, why are there both ipset and xtables-addons-common packages
<hallyn> jjohansen: any news on aa_getcon?  does it help if i file a bug?  i can't really push new lxc without it fixed
<hallyn> (bc user wouldn't e able to disable apparmor)
<twb> I have a lucid server.  I want to use ipset on it.  As at lucid, xtables-addons is implemented via module-assistant, but I want the dkms version.  I can cherry-pick xtables-addons-dkms from natty, but this needs a newer libxtables.so (from the iptables package).  Should I keep cherry picking from natty, or is it time to say "this is silly" and do something different?
<twb> Hmm, and natty's iptables package needs a newer nfnetlink
<jjohansen> hallyn: aa_getcon should be working in current, as long as you make sure the profile has access.  Adding the following rule to the profile will do it
<jjohansen>   /proc/*/attr/current r,
<jjohansen> The bug is in the failure path
<hallyn> jjohansen: but even just running a test case unconfined i get the weird result
<jjohansen> or at least that is how it is working for me.  I have a patch for that, and am working on change_profile on exec, which isn't setting the perm in the profile correctly
<hallyn> jjohansen: i just (20 mins ago) switched to a hand-rolled read from /proc/%d/attr/current...
<hallyn> i can try switching back tomorrow though with that policy added
<jjohansen> hallyn: hrmm, it has been working fine for me, but I haven't checked inside a container yet
<hallyn> jjohansen: i'm not doing it in a container
<uvirtbot> New bug: #960860 in lxc (universe) "fstab doesn't work for lvm based containers" [High,Confirmed] https://launchpad.net/bugs/960860
<jjohansen> hallyn: hrmm strange.  can you send me your code so I can use that exactly
<hallyn> jjohansen: and even the code in lxc i was using, that was in the usr.bin.lxc-start profile which doesn't restrict /proc
<hallyn> ok
<jjohansen> hallyn: I will get it sorted out tonight, so you can play with it in the morning
<hallyn> jjohansen: http://paste.ubuntu.com/893227/
<hallyn> jjohansen: right now it's giving me the right profile, but 128 return value
<hallyn> jjohansen: yesterday i swear it was giving me NULL or something else for profile
<hallyn> jjohansen: i'm heading off - good night
<jjohansen> hallyn: okay I will audit through again, and test. I can believe it failed especially if you did it in a profile, the failure path returned garbage
<hallyn> jjohansen: oh and i did figure out the lvm problem, fwiw.  apparmor just aggravated a weirdness
<jjohansen> hallyn: oh! Thanks, thats one less thing to look at tonight
<hallyn> jjohansen: ok so i guess failure path needs to get cleaned up no matter what :)  otherwise i was going to say since workaround works, if you have other things to work on, i can get by...
<hallyn> thanks again - good night
<jjohansen> good night hallyn
<linocisco> hi all
<lynxman> morning o/
<bluefrog> is this channel ok for 12.04 problems?
<soren> bluefrog: Probably.
<soren> bluefrog: Depends on the problem, really. The fact that it's on 12.04 isn't a problem.
<soren> I mean... er... the fact that it's on 12.04 doesn't disqualify it from this channel.
<soren> Quite the contrary, IMO. 12.04 is much more interesting.
<bluefrog> upgraded yesterday to 12.04. (was 10.04 before). Have dns and dhcp server on the machine. before the search domain was ok i could host computer and have an answer. since the upgrade the search domain doesn't work. I have to enter an FQDN to do a host query
<soren> What's in /etc/resolv.conf?
<bluefrog> added dns-search domain.local to /etc/network/interfaces, restarted networking service but with no luck
<soren> bluefrog: Is resolvconf installed?
<bluefrog> soren,  basic stuff from resolvconf. hang on
<bluefrog> nameserver 127.0.0.1
<soren> Ah.
<bluefrog> host computer.domain.local is ok host computer is not
<soren> If that used to work, we should be looking at your DNS config.
<soren> Can you pastebin the output of "ls -l /etc/named" (or is it /etc/bind9? I always forget)
 * soren has a hunch
 * soren recommends pastebinit
<bluefrog> named.conf.local amongst other. the db are located in /var/lib/bind
<bluefrog> soren http://pastebin.com/Tyfmzmrz
<soren> Hm. No .dpkg-old files.
<bluefrog> no
<greppy> bluefrog: is "nameserver 127.0.0.1" all that is in your /etc/resolv.conf?
<bluefrog> yes
<bluefrog> the rest is in /etc/resolvconf.resolv.conf.d/original
<greppy> bluefrog: try adding "search $domain" and "domain $domain" where $domain is what domain you expect it to find
<bluefrog> greppy, this I don't need I know it works. I am fighting with the resovlconf package
<bluefrog> it gets the domain ok as a fqdn host search works
<bluefrog> http://pastebin.com/HNR3vR0J
<bluefrog> I suppose it get the domain form this file. I added search domain.local to that file, restarted networking and resolvconf but it still doesn't get the search part
<bluefrog> and yes of course it works when adding the search part to resolv.conf directly
<soren> bluefrog: Can you pastebin your /etc/network/interfaces?
<soren> bluefrog: Does the search bit in /etc/resolv.conf get overwritten once you restart networking? (Just making sure that resolvconf actually does run)
<bluefrog> http://pastebin.com/minAwPdq
<bluefrog> testing the rest
<bluefrog> soren, right on. resolv.conf is not rewritten after a service networking restart
<bluefrog> but ifdown eth0 ifup eth0 does the trick
<bluefrog> and it works now
<bluefrog> thx soren
<bluefrog> and greppy
<bluefrog> a bit weird though that I had to bring down/up eth0. thought networking service restart would d o that
<ivoks> soren: i'm running for a motu again :) i would appriciate your input on https://wiki.ubuntu.com/AnteKaramatic/DeveloperApplicationMOTU :D thank you
<bluefrog> well iresolv.conf is not rewritten at every ifdown ifup
<soren> ivoks: Whuh?
<soren> ivoks: Oh, you expired?
<ivoks> yeah :/
<soren> tsk, tsk :)(
<soren> :)
<ivoks> hehe
<uvirtbot> New bug: #961008 in rabbitmq-server (main) "rabbitmq-server starting rabbitmq-server failed post-installtion script error status 10" [Undecided,New] https://launchpad.net/bugs/961008
<soren> ivoks: done
<ivoks> soren: thanks
<uvirtbot> New bug: #925609 in glance "install throws errors about SADeprecationWarning" [Medium,In progress] https://launchpad.net/bugs/925609
<Daviey> jamespage: please upload rabbitmq, FFe Ack'd
<jamespage> Daviey, ack
<Daviey> soren: if you can touch memberships, i also expired from MOTU.. (gah).. i'd like to re-be an explicit member please.
<Daviey> jamespage: did you see bug 961008 ?
<uvirtbot> Launchpad bug 961008 in rabbitmq-server "rabbitmq-server starting rabbitmq-server failed post-installtion script error status 10" [Undecided,New] https://launchpad.net/bugs/961008
<Daviey> jamespage: I think this upload solves that?
<jamespage> Daviey, I don't think so - that looks like something local to the reporter
<jamespage> I'll take a look tho
<Daviey> win
<jamespage> Daviey, no idea what 'airtime-easy-setup' is doing...
<Daviey> jamespage: no, i don't know either.
<Daviey> jamespage: don't worry about that one
<jamespage> I won't
<jamespage> :-)
<jamespage> lynxman, Daviey: rabbitmq-server uploaded
<lynxman> jamespage: \o/
<zul> hallyn: ping
<hallyn> zul: .
<zul> hallyn: have you ever came across the virtio-console stuff from qemu-kvm
<hallyn> no
<hallyn> zul: is it something supposedly in teh code, or proposed and never pulled in?
<zul> hallyn: ah ok...we are running into a problem in openstack that if you send junk to the console then the console.log will just fill up and dos the machine
<zul> the code is there already but the patch isnt
<hallyn> patch fixing the dos?
<zul> hallyn: it just throttles the console basically when the chardev cant handle any more info: https://build.opensuse.org/package/view_file?file=0008-virtio-console-Enable-port-throttling-when-chardev-i.patch&package=qemu&project=home%3Aftr3g%3AVirtualisation-test&rev=1cecc426586196cfc468312adca8583a
<zul> hallyn: what do you think?
<zul> totally untested of course but thats my theory anyways
<hallyn> zul: I can't find mailing list discussion of it.  Amit is still active, so it might be worth asking him.
<hallyn> since it sounds like you have a testcase, should take 3 mins to test right?
<zul> hallyn: right
<zul> hallyn: lemme see if i can find the thread
<zul> hallyn: starts here: http://lists.gnu.org/archive/html/qemu-devel/2010-04/msg01048.html
<Cryp71c> Working with an ubuntu-server, it restarted and the openssh didn't seem to start (or at least I couldn't access it externally via ssh), one of our on-site guys had to fix it...want to make sure this doesn't happen again so I'm looking at the services that run at startup via "service --status-all" and ssh is listed as having a + next to it...
<hallyn> zul: so it was quite simply nacked
<hallyn> and the async api never showed up
<hallyn> (which i don't think wouldve helped with your problem)
<zul> hallyn: k
<hallyn> zul: what does the client do to dos the machine exactly?
<zul> hallyn: im thinking this more what i need though: http://git.kernel.org/?p=virt/kvm/qemu-kvm.git;a=commit;h=f1925dff7e6c4799f5951cf167a437c0737a266c
<hallyn> looking
<zul> hallyn: im not sure, if you just send malicious data it would be possible to keep filling up the log files
<hallyn> define malicious
<hallyn> the patch you cite is there...
<zul> yeah
<zul> spamming /dev/ttyS0 with dd or some such from within the instance
<hallyn> and this is only for serial?
<zul> correct afaik
<hallyn> I recommend you write the m-l, or if you prefer open a bug (and i'll lookat it after i clear lxc)
<hallyn> (one more look at the patch)
<zul> hallyn: heh bug already open https://bugs.launchpad.net/nova/+bug/832507 ;)
<uvirtbot> Launchpad bug 832507 in nova "console.log grows indefinitely" [Medium,In progress]
<hallyn> crap been around awhile
<hallyn> i'll mark it affecting qemu-kvm.
<zul> yeah we had a work around for a while now which is causing other problems now as well
<zul> ill try going down the rabbit hole with the virtio-serial throttling as well
<hallyn> thanks.
<uvirtbot> New bug: #961142 in cloud-init (main) "chef 0.10: package installation: returned 100, expected 0" [Undecided,New] https://launchpad.net/bugs/961142
<hallyn> stgraber: are you around, do you have 1.5 minutes?
<twb> That's a very specific interval...
<hallyn> i didn't say 1.50 :)
<hallyn> buys me a half-moment more if i need it
<twb> <steve> I'm after somebody who's got five minutes.  <twb> Five minutes... in a row?
<twb> Ah, the benefits of having an in-office fortune file.
<hallyn> twb: you use containers right?  I'm trying to decide whether to risk slice-n-dicing containers on upgrade, or ask the few people usign lvm-backed containers to update themselves
<twb> I'm using lxc but only on lucid, and it's about 50:50 whether I will even bother with precise or just wait til 2014
<hallyn> yup i knew you were on lucid :)  ok thanks
<twb> I am using lxc on lvm tho
<stgraber> hallyn: yep
<hallyn> i *suppose* i could just force-mount proc if i need to
<hallyn> stgraber: for bug https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/960860
<uvirtbot> Launchpad bug 960860 in lxc "fstab doesn't work for lvm based containers" [High,Confirmed]
<hallyn> the problem is: to change apparmor profile in lxc-start, you need to write to /proc/slef/attr/exec
<twb> It's too late to for me to think about that tonight
<stgraber> hallyn: right, yeah, I noticed that and that's also what's forcing us to allow procfs and sysfs in the container as lxc won't mount them itself
<hallyn> stgraber: but the way lxc works, it refuses to mount a file listed in /var/lib/lxc/container/fstab if the target pth is absolute and doesn't start with the contaienrs rootfs
<twb> Also my brother and his friend both just busted in blind drunk
<hallyn> stgraber: i'm trying to figure out the best course of action...
<hallyn> twb: good luck wwith that :)
<stgraber> hallyn: could we allow entries like "/usr/lib/lxc/root/..." in the fstab?
<hallyn> stgraber: i was going to upgrade containers, but maybe it's better to figu
<hallyn> right
<hallyn> no
<hallyn> that still requires a change to the containers
<hallyn> i'm wondering if i should update lxc to guess /var/lib/lxc/<containe/rootfs and allow that
<hallyn> i think that's best
<hallyn> so then even though rootfs.path = /dev/sda1, it'll allow /var/lib/lxc/container/rootfs...
<hallyn> i'll do that.  thanks  :)
<stgraber> np :)
<hallyn> stgraber: no reason not to use relative paths in new containers right?
<hallyn> (i.e. 'proc proc proc defaults 0 0' in place of 'proc /var/lib/lxc/c1/rootfs/proc proc defaults 0')
<hallyn> ok with that fixed i think i'm going to push the next version
<hallyn> (then do one more update after aa_getcon is fixed)
<stgraber> hallyn: relative sounds like a nice default
<hallyn> yeah looks prettier too.  ok i'll do that, thanks
<stgraber> hallyn: that way people can rename/move their container without having to update the fstab
<hggdh> roaksoax: I am using fence_cdu to reboot 4 machines in four individual processes; the output from fence_cdu (on all processes) show *all* machines, not only the one affected by each process. Is this a bug?
<hggdh> roaksoax: the processes are started at the same time, BTW
<hggdh> hallyn: what could cause http://pastebin.ubuntu.com/893637/ ? It happens every so often
<hggdh> hallyn: this is Oneiric, BTW
<hallyn> hggdh: what are the lines pefixed with + ?
<hggdh> hallyn: this is the output of a shell script, run with '-x'. The '+' lines are expansion from the '-x'
<hallyn> hggdh: no idea, never seen it..
<hallyn> heavy load?  precise?
<hggdh> hallyn: OK. I will open a bug. What would you like for libvirt debugging?
<hggdh> hallyn: at the time this happens, there are four different processes trying to start a domain, at the same time
<hggdh> hallyn: oneiric
<hallyn> xml dump, ps -ef, result of repro wit libvirt_debug=1...
<hallyn> oh.
<hallyn> oneiric is known unstable under load :(
<hallyn> i haven't found the patch to cherrypick to fix it
<hggdh> gawddammit..
<hallyn> i'm considering asking if i can backport the precise version
<hggdh> so no need for a bug?
<hallyn> lemme find the existing bug
<hallyn> well a new bug may provide new input...
<hggdh> heh
<hggdh> ok. libvirt_debug=1, bounce libvirt, and try again, correct?
<hggdh> hallyn: if you find the original bug, please tell me
<koolhead11> hey all
<hallyn> hggdh: i think it was #903212
<hallyn> bug #903212
<uvirtbot> Launchpad bug 903212 in libvirt "libvirtd stops responding" [Undecided,Confirmed] https://launchpad.net/bugs/903212
<hallyn> hggdh: yeah, and hope debug doesn't hide the bug :)
<hallyn> thanks
<hallyn> frankly i don't know tha ti believe the git lots - localtime_r specifically *shoudl* be thread-safe
<hggdh> OK. I will request some time to test
<hallyn> stgraber: I'm going to push lp:~serge-hallyn/ubuntu/precise/lxc/lxc-shutdownv2 .  I'd rather push it now and have time to push fixes to it tonight if i need to before freeze.  (and everything appears to now be working)
<hallyn> stgraber: if you have *time* for a review, i'll wait, but i'm assuming you don't
<roaksoax> hggdh: maybe it is
<roaksoax> hggdh: haven't touched in a while
<hggdh> roaksoax: the feeling I have is this is the CDU jumbling it all together. Anyway, want a bug?
<roaksoax> hggdh: sure!
<hallyn> jjohansen: the lxc i'm pushing today uses my hand-rolled aa_getcon.  i'll update to getcon when it's fixed.
<hggdh> roaksoax: er. Againt which package? cobbler itself?
<roaksoax> hggdh: fence-agents
<hggdh> roaksoax: roj
<stgraber> hallyn: yeah, I'm quite busy at the moment, so just upload :)
<hallyn> stgraber: will do, see you on the other side :)
<uvirtbot> New bug: #959749 in multipath-tools (main) "disk-detect/multipath/enable=true fails at loading dm-multipath module" [Medium,Fix released] https://launchpad.net/bugs/959749
<uvirtbot> New bug: #961226 in cloud-init (main) "cloud-init should run resize2fs in the background" [Undecided,New] https://launchpad.net/bugs/961226
<sktd> Iâm profiling Firefox11. I can never get it to work, in enforce mode, without problems. I keep running it, then running aa-logprof to make corrections to the profile. Then I go into Edit A Profile (in YaST) to look at the changes and I see some weird entries at the beginning of the profile. They are as follows:
<sktd> [+] ^null-15
<sktd> [+] ^null-1e
<sktd> [+] ^null-27
<sktd> [+] ^null-32
<sktd> [+] ^null-d
<sktd> And it keeps making these things. I think this is why I keep having problems. Each time it creates one of the entries, it has a new name. I thought Iâd try highlighting the first entry ([+] ^null-15) and doing an edit of the entry and set it to [+] ^null-*, but when I highlighted the entry and clicked the Edit Entry button, it was like it took me into another file that was full of
<sktd> entries of its own.
<sktd> Any idea on what I can do to resolve this?
<hallyn> gary_poster: so at least the aufs path corruption is a kernel issue.  I can only assume the overlayfs one is too then
<sktd> Are there any AppArmor experts out there?
<uvirtbot> New bug: #961240 in cloud-init (main) "cloud-init does not run grub on PV Xen and KVM has issues" [Undecided,New] https://launchpad.net/bugs/961240
<hggdh> sktd: you will probably get all experts you need in the #ubuntu-hardened channel
<sktd> Ok, thanks
<hallyn> jjohansen: I hate to disturb you, but i have a feeling pathname changes to do with apparmor attach_disconnected stuff may be related to bug 959352 ? (/proc/self/maps shows paths not relative to task's pivot_root'd root)
<uvirtbot> Launchpad bug 959352 in lxc "Ephemeral containers have "/rootfs" prefix in /proc/self/maps entries" [High,Confirmed] https://launchpad.net/bugs/959352
<gary_poster> hallyn, ack.  thank you for looking at it
<hallyn> all though
<hallyn> i notice lxc is doing pivot_root without a chroot
<hallyn> that should also hit non-ephemeral containers, but...  lemme try
<esuave> question, so if i have a static IP defined in /etc/network/interfaces.. than how come the server still pulls a new IP automatically from time to time?
<soren> Daviey: You were interested in getting keystoneconfig-common into Ubuntu, is that right?
<Daviey> soren: yes, very much so.
<Daviey> BUT, need to go afk right now.
<soren> Daviey: It only really makes sense if the other openstack packages will be consuming it.
<soren> Daviey: Ok.
<soren> Daviey: I've got it ready now. Let's discuss later.
<Daviey> cool
<hallyn> nope.  doesn't help
<soren> esuave: 999 out of 1000 cases, it's because you didn't reboot after setting the interface to use static addresses.
<esuave> you have to reboot the machine?!
<soren> esuave: Not really.
<soren> esuave: But it's easier to explain.
<soren> esuave: You need to get rid of the dhcp client that's still running.
<soren> esuave: You started the machien with dchp configuration.
<soren> esuave: Then you changed the network config
<soren> esuave: ...and maybe did and ifdown && ifup.
<esuave> right but cant i just restart the service?
<esuave> ahh
<esuave> cool
<esuave> ok
<soren> esuave: By the time you did ifdown, /etc/network/interfaces claimed the interface was statically configured. I.e. ifdown didn't know that there was a dhcp client that needed killing.
<soren> Hence, it didn't.
<soren> Rebooting solves it.
<soren> So does killing the dhcp client manually.
<esuave> so how can i do it without rebooting the server?
<soren> But telling people to reboot is orders of magnitude easier than explaining how to kill a stray dhcp client.
<soren> Monkeys can reboot.
<soren> I've heard of cats doing it, too.
<soren> Unintentionally, but still.
<koolhead11>  soren monkeys/cats
<soren> I've never heard of a cat hunting down and killing a dhcp client.
<soren> esuave: Kill the dhcp client.
<esuave> soren: how can i do that? :) without rebooting
<soren> esuave: See? Orders of magnitude more complicated to explain.
<esuave> soren: haha
<soren> it's a process.
<soren> Kill it like  you would any other.
<esuave> dhclient3
<esuave> would that be the process?
<soren> I'm rather busy. My solution: Reboot. If that's a problem, see if you can work it out yourself or find someone to explain it.
<soren> Sounds like a decent guess.
<esuave> soren: ok thank you for your help..
<soren> Depending on your hardware, you could have rebooted anywhere between 3 and 50 times in the time it took to have this conversation.
<soren> Just saying
<esuave> soren: :P your absolutely correct. sorry
<uvirtbot> New bug: #961277 in keystone (universe) "Cannot uninstall keystone" [Undecided,New] https://launchpad.net/bugs/961277
<JesseC> Anybody have experience with PBIS / Likewise Open?
<JesseC> I did a fresh install with thier script on Ubuntu 10.04 Server and it installs it, but Ubuntu doesn't recognize it.
<JesseC> So if I do a domainjoin-cli, Ubuntu just says that it isn't installed.
<cwillu_at_work> JesseC, (I don't know anything about likewise, but) specific and exact errors messages will be more helpful than paraphrasings
<qhartman> I'm running into a problem where a large number of tiny log files are consuming all available inodes on a system. Does anyone know of a logratotion tool that handles this? They all seem to be geared towards rotating a few large files instead.
<JesseC> cwillu: Sorry, I got it though. Seems the new PBIS isn't in the Ubuntu repos yet, so you have to specify the path with the commands for them to work correctly.
<JesseC> qhartman: you could just write a shell script and put it in a cron job to clear the files at set intervals.
<qhartman> JesseC, Yeah, I'm about to dive into that. Was just hoping to use something off the shelf if possible.
<Daviey> esuave: I switched a server from dhcp to static just last night.. rebooting is thoroughly recommended..
<Daviey> if you made a goof, and the old lease is still valid.. you won't knwo you made a goof until next time you reboot/power cut
<esuave> Daviey: thanks! i just killed dhcp service though.. i think that should be sufficient
<Daviey> Therefore, something like that.. i really think you should reboot.
<esuave> Daviey: ok ill get a reboot in there
<Daviey> esuave: Okay, but soren and myself have recommended otherwise.. but, hey, it's your party :)
<Daviey> Oh, good.
<esuave> Daviey: nah your right.. ill reboot! its a good idea to see what it does
<esuave> Daviey: thank you!
<Daviey> esuave: BTW, when i did it yeserday.. i DID make a goof.. and a reboot outlined it.. :)
<esuave> nice!
<stgraber> hallyn: /var/lib/dpkg/info/lxc.postinst: 43: /var/lib/dpkg/info/lxc.postinst: apparmor_parser: not found
<stgraber> hallyn: that's with LXC in an LXC container where apparmor isn't installed (as it wouldn't work anyway)
<hallyn> stgraber: hrmph - should make apparmor a depend
<hallyn> stgraber: well, do you think it's worth making it work without apparmor?  i prefer not to...
<zul> hallyn: how can you find what belongs to what in devices.list for cgroups?
<hallyn> zul: i don't understand?
<hallyn> stgraber: it's far too late to merge 0.8.0 right?
<zul> hallyn: i have http://paste.ubuntu.com/893850/ in my devices.list how do i find out which major/minor it belongs to
<stgraber> hallyn: it should work without apparmor
<stgraber> hallyn: I tried installing apparmor in that container and it'd then fail because it doesn't have mac_admin
<hallyn> well that's bad
<hallyn> but ok, i'll fix the postinst to check for that
<hallyn> instead of adding apparmor to Depends
<hallyn> zul: which major/minor *what* belongs to?  aparticular device you want to add?
<zul> hallyn: actually i think i just answered my own question
<hallyn> ok
<hallyn> stgraber: does http://paste.ubuntu.com/893863/ look sufficient?
<smoser> hallyn, you should redirect output to /dev/null
<smoser> o rotherwise make it go away
<smoser> no one really cares to see "apparmor_parser is /usr/bin/apparmor_parser"
<hallyn> i make it go away with my gruff demeaner
<hallyn> thanks will do
<hallyn> (i did it when i did it on the cmdline...  :)
<stgraber> hallyn: it works but you probably should >/dev/null 2>&1 it too otherwise I get "apparmor_parser: not found"
<hallyn> yup, done and pushed, thanks
<micahg> hallyn: what would you like to backport?
<hallyn> micahg: i'm nto sure what you're referring to
<micahg> hallyn: [09:07] <hallyn> i'm considering asking if i can backport the precise version
<hallyn> micahg: oh!  libvirt
<hallyn> the oneiric version is just an unstable piece of junk
<micahg> well, it works for some use cases
<hallyn> micahg: you mean libvirt works for some use cases?
<micahg> yeah, worked fine for me for my VMs on oneiric AFAICR
<hallyn> yeah it works ok if you're using it casually, one thing at a time
<hallyn> but these openstack ppl like to push it
<micahg> hallyn: the problem is that there are quite a few reverse dependencies (mostly openstack) and it gets frequent security updates
<hallyn> hggdh: zul: I trust there's heavy testing of openstack on precise going on too, so the instabilities are fixed in precise, not just not-yet-discovered?
<hallyn> micahg: why is that a problem?  because some APIs might ahve changed o->p in libvirt and break users ,you mean?
<hggdh> hallyn: zul is the one to answer on openstack
<hallyn> hggdh: sure, but what about your jenkins stuff?
<micahg> hallyn: yeah, or just general quirk interactions between the different versions, if you're willing to test the reverse dependencies (install/run), I'll throw up test packages, but I'd also need a commitment to test if there's a security update so we can make sure the -backports users aren't exposed
<micahg> oneiric only has 13 more months of life, so it's not such a long commitment
<hggdh> hallyn: on jenkins we have not reached openstack yet; there it is purely domains being started for other tests
<hallyn> micahg: oh, wait, we're taking different things anyway.  i didn't mean in -backports
<hallyn> i meant one ginormous sru
<micahg> hallyn: oh :), I doubt you'll get a full SRU :)
<micahg> but you can ask, anyways, my offer stands if you want it
<hallyn> hggdh: yes 'im just trying to figure out whether you've done heavy use of libvirt on preicse
<hallyn> micahg: thanks, i appreciate it
<hallyn> anyway i'll try to reproduce on a reintalled laptop
<hggdh> hallyn: no, our test environment runs Oneiric
<zul> hallyn: yeah we do lots of testing :)
<hallyn> zul: with lots of vms start/stopping simultaneously?
<hallyn> zul: I just want to make sure that bugs 961217 and 903212 don't show back up later in precise
<uvirtbot> Launchpad bug 961217 in libvirt "virsh start domain sometime fail" [Undecided,New] https://launchpad.net/bugs/961217
<uvirtbot> Launchpad bug 903212 in libvirt "libvirtd stops responding" [Undecided,Confirmed] https://launchpad.net/bugs/903212
<zul> hallyn: not that far yet, still need to do more functional testing
<hallyn> all right then i need to find a testcase that works in oneiric and test in precise
<hallyn> like asap
<jjohansen> hallyn: makes sense, my updates to getcon, etc. are just waiting for review and we will try to get them into an upload today
<hallyn> thx
<adam_g> SpamapS: ping
<SpamapS> adam_g: pong, sup?
<adam_g> SpamapS: https://launchpad.net/ubuntu/precise/+queue  , the nova upload has a new binary package and is blocked.   is there anything i can do to help  nudge that along?
<SpamapS> adam_g: yes, an archive admin can review it.. there should be somebody who can do it in #ubuntu-devel
<SpamapS> adam_g: technically I could do it but I'm not an "official" archive admin :-P
<adam_g> SpamapS: ah, i see, thanks
<SpamapS> adam_g: its a very fast process, I'm sure theyll just +1 it
<smoser> SpamapS, speaking of +1...
<smoser>  https://launchpad.net/ubuntu/oneiric/+queue?queue_state=1&queue_text=cloud-init
<SpamapS> smoser: I will be doing SRU stuff later today
<smoser> k. thank you. there are 4 of those.
<zul> adam_g: i dont think truncate will do it
<uvirtbot> New bug: #961450 in samba (main) "package samba 2:3.6.3-2ubuntu1 failed to install/upgrade: il sottoprocesso vecchio script di post-installation ha restituito lo stato di errore 1" [Undecided,New] https://launchpad.net/bugs/961450
<zul> adam_g:http://paste.ubuntu.com/893983/
<zul> adam_g: nm i suck
<koolhead17> hi all
 * koolhead17 is happy today ^^
<Dr4g> Trying to install mongo
<Dr4g> This was successfull: apt-get install mongodb-stable
<Dr4g> nevermind, i got it working.
<Dr4g> sorry :)
<adam_g> zul: did you have a fix for Bug #948719  ?
<uvirtbot> Launchpad bug 948719 in keystone "uninstall  keystone error" [High,Confirmed] https://launchpad.net/bugs/948719
<zul> adam_g: not yet
<zul> lemme finish what im doing here and ill see what i can do
<adam_g> zul: im working on keystone packaging right now, is it an obvious error?
<zul> adam_g: yeah i think you need || true in the postrm
<adam_g> zul: looks like its prerm, tho
<zul> adam_g: try in the || prem as well
<zul> bah one of the two
<smoser> hallyn, around ?
<smoser> hm.. maybe this is more smb
<smoser> but...
<smoser> wget https://cloud-images.ubuntu.com/server/precise/20120321/precise-server-cloudimg-amd64-disk1.img
<smoser> from inside canonistack
<smoser> lucid instance: 37.6 MB/s
<smoser> precise instance: 10.4 MB/s
<hallyn> smoser: all right all right.  once i reproduce (or fail) libvirt wonkiness on oneiric, i'll do an io perftest
<hallyn> do you know offhand if it uses virtio+raw?
<smoser> just changed to wget https://cloud-images.ubuntu.com/server/precise/20120321/precise-server-cloudimg-amd64-disk1.img -O /dev/null
<koolhead17> noaXess, hey there
<smoser> and the precise instances (tried 2) then get a bit of a boost (12M/S and 19M/S)
<smoser> but the lucid improves to 47.4 MB
<smoser> what is '+raw' ? hallyn
<hallyn> smoser: as in 'qemu-img create x.img 10G'.  not qcow2/qed
<smoser> not raw.
<smoser> wait.
<smoser> yes.
<smoser> they're raw, almost cetain.
<smoser> oh.
<smoser> but wait.
<smoser> they're backed by raw
<smoser> they're delta images
<smoser> but that concern was partially invalidated by the write to/dev/null
<smoser> as i saw in a youtube video about mysql that writing to devnull is super fast
<hallyn> so you're saying it's network
<smoser> well, i actually think a bit of both.
<smoser> because i *did* see an increase
<hallyn> virtio network?
<smoser> and even out of the 2, one was almost doubled.
<smoser> yeah, virtio. is there a way i can tell in the guest for sure though?
<hallyn> lspci -v?
<hallyn> not sure.  but there should be an indication due to the driver
<smoser> $ ethtool -i eth0
<smoser> driver: virtio_net
<smoser> adam_g, around ?
<hallyn> smb: zul: ^ ring any bells?
<smoser> on canonistack, i just did euca-allocate-ip, and assigned that to an instance
<smoser> i can then ssh to the instance by its new ip address
<adam_g> smoser: here
<smoser> but only the 10. addresses show up in euca-describe-instances *or* nova show.
<adam_g> smoser: try this
<adam_g> smoser: re-associate the IP
<adam_g> smoser: that is, run the associate command again and get an error
<adam_g> then check
<zul> hallyn: missing context (kid is sick)
<smoser> ok. prior to that error.
<smoser> $ euca-describe-addresses
<smoser> ADDRESS 91.189.93.84    i-00001ba7      standard
<smoser> that showed correct
<smoser> and now, either human error, or weirdness, adam_g your suggested kick fixed things.
<adam_g> smoser: theres some weirdness or crappiness in the way floating IPs are associated. when they're initially associated, the instance's cache is not properly updated with its new IP (which is where describe/show is getting its info)  re-assocaiting somehow refreshes somewhere in its error path
<smoser> adam_g, is there a bug open ?
<adam_g> smoser: theres now a periodic task that runs on compute that refreshes that nw info cache, but im not sure canonistack is running a new enough version for that
<smoser> ah.
<smoser> ok.
<adam_g> smoser: but even that is kind of crappy, because it takes a min or so for that to be updated
<smoser> well, it was well more than a minute or so.
<adam_g> smoser: i agree its annoying and something that should be looked and hopefully improved, but i probably wont be getting to it this week and not sure upstream would consider it release critical
<smoser> right. well if it is eventually consistent (even at 60 seconds) thats better than nothing.
<hallyn> hggdh: you say one of the vms almost always fails to start?
<hggdh> hallyn: one of them, not necessarily the same
<hallyn> (haven't reproduced yet, but i don't have the i/o overhead of creating new images)
<hallyn> ok i'll leave an image clonging while starting...
<hggdh> hallyn: I am booting already-created images
<hallyn> hm
<hallyn> can you post your virsh dumpxml output?  cause i'm not reproducing.  and this is on a crappy laptop
<hggdh> I have some 14 images, one for every kernel flavour
<hallyn> hggdh: but you just boot 4 at a time and get one failing right?
<hggdh> hallyn: correct
<hggdh> 4 our five at a time
<hggdh> s/our/or/
<hallyn> hggdh: any xml for any one which has failed is fine
<hallyn> just want to see your net and disk setups
<hggdh> hallyn: will attach to the bug
<hallyn> thx
<hallyn> hggdh: ah - i did reproduce
<hggdh> cool!
<hggdh> and the XML in in the bug
<uvirtbot> New bug: #961536 in lxc (universe) "lxc failing to initialize after update of Precise" [Undecided,New] https://launchpad.net/bugs/961536
<hallyn> so now i'm going to do-release-upgrade and see if it gets fixed in precise
<hallyn> jjohansen: the usr.bin.lxc-start policy does 'umount /mnt/**'.  But lxc-start then does pivot_root and then umounts/mounts dev/pts.
<hallyn> jjohansen: do i have to allow all umounts, or is there a way to tell apparmor to use the pathname relative to original root?
<hallyn> it's not so bad, i don't mis-trust lxc-start, it's the container i want to confine
<hallyn> but if possible would be nice to keep it stricter
<hallyn> (see bug 961536)
<uvirtbot> Launchpad bug 961536 in lxc "lxc failing to initialize after update of Precise" [High,Confirmed] https://launchpad.net/bugs/961536
<jjohansen> hallyn: maybe, pivot_root can transition the profile (do a change_profile), but it only works against the task doing the pivot_root atm, and it may be broken since the updates, as I don't have a regression test finished for it yet, and I haven't manually tested
<hallyn> i missed something - whawt only works against the task doing pivot_root?  name resolution against origianl root?  that's all i want in that case
<jjohansen> hallyn: name resolution against the original root isn't possible atm, sorry
<hallyn> ok then i'll have to open it up.  thanks
<jjohansen> it will come but is not available yet
<bencer_> jamespage: any update on the zentyal packages stuck on the new queue?
<bencer_> from the docs team want us to hit the archive before merging, so kind of presure from there too
<adam_g> zul: ping
<nancy--> * urthmover has quit (Ping timeout: 250 seconds)
<nancy--> * Leseb has quit (Ping timeout: 244 seconds)
<nancy--> * Leseb_ is now known as Leseb
<nancy--> * Leseb_ (~Leseb@45873hpv102119.ikoula.com) has joined #ubuntu-server
<nancy--> * Leseb has quit (Ping timeout: 246 seconds)
<nancy--> * Leseb_ is now known as Leseb
<nancy--> <nancy--> wonderman,  http://pastebin.com/EfFLn92z any help?
<nancy--> * dob_ (~dob@dslb-094-217-102-019.pools.arcor-ip.net) has joined #ubuntu-server
<nancy--> * dob_ has quit (Remote host closed the connection)
<nancy--> <nancy--> http://pastebin.com/EfFLn92z any help with permission for apache ?
<nancy--> * jiboumans_ (~jib@99-9-208-230.lightspeed.sntcca.sbcglobal.net) has joined #ubuntu-server
<nancy--> <oCean> nancy--: STOP posting in 2 channels
<nancy--> <koolhead17> nancy--, have you tried installing apache before?
<nancy--> <nancy--> yes but never configured bind
<nancy--> <koolhead17> nancy--, what exactly y
<nancy--> sory
<guntbert> !paste | nancy--
<ubottu> nancy--: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<nancy--> does anybody knows whats the  meaning of the amazaons bandwidth means ? 15 GB of bandwidth out aggregated across all AWS services ,   1 GB of Regional Data Transfer
<patdk-lap> I thought regional data transfer was free
<nancy--> guys.. any good sites for php work? elance.com ? etc ?
<soren> Daviey: Areound?
 * soren is typing like it's 11 PM
<Daviey> soren: always for ypu.
<Daviey> you*
<soren> Daviey: Cool.
<soren> Daviey: So, you're interested in the keystone config thing. It's only useful if you'll be changing at least one package to use it.. Will you be doing tht post betafreeze?
<adam_g> soren: im curious, what keystone config thing?
<soren> adam_g: I wrote a keystoneconfig-common (think dbconfig-common, but for hooking things into keystone)
<adam_g> soren: oh, nice
<fidothe> hello. stoopid network question. I have a machine with a static IP, and a block of other IPs, like this http://www.bytemark.co.uk/support/technical_documents/vmh_public_internal_bridge (i have a bytemark-hosted box). I've completely forgotten the magic route invocation to make this work with a libvirt-generated virbr0â¦ Can someone point me?
<adam_g> soren: is the code somewhere, an example of how to use maybe?
<soren> adam_g: Code is at lp:~soren/+junk/keystoneconfig-common
<soren> adam_g: My glance packaging uses it. Hang on, I'll post the link.
<fidothe> I have tried route add -net 1.0.0.0/24 dev virbr0 equivalent, FWIW
<soren> adam_g: lp:~cisco-openstack/glance/ubuntu
<Daviey> soren: I think this makes much sense.. if it's regression free, i'd love to include it in precise.
<Daviey> adam_g: thoughts?
<soren> Daviey: Well, it'll suddenly hook things into keystone.
<soren> Daviey: Which is different from what you've done so far.
<Daviey> adam_g: Do you have capacity to look at hooking it in pre b2?
<Daviey> soren: it's a new bin, not new src, right?
<soren> When's b2 again?
<soren> Daviey: New src.
<Daviey> soren: we freeze tomorrow :)
<adam_g> Daviey: heh definitely not
<Daviey> adam_g: A day for you, is like 10 days for a normal person.
<soren> Daviey: Whether I add an extra bin to an existing src or I add a new src doesn't matter.
<Daviey> soren: a binNEW is much cheaper on review time. :)
<soren> meh
<soren> When is b2?
 * soren <- Too lazy to check
<Daviey> soren: I'll check with the techboard.
<Daviey> soren: beta2 freeze is tomorrow at ~9:00 PM UTC
<soren> Oh. Heh.
<soren> Right.
<soren> Too many projects with freezes right around now.
<soren> It's confusing!
<adam_g> soren: that looks really cool, im not sure if ill be able to get to play with it any point soon though
<soren> I have no problem with that. Daviey just sounded really interested.
<soren> It's there. Take it if you want it.
<soren> Or rather: Let me know if you want it, and I'll upload it.
<soren> It's going to be quite a bit of rowk still to get everything integrated with keystone.
<soren> rowk == work
<adam_g> there was a chat in #openstack-packaging  yesterday about the same problem
<soren> I'm solving all of this, though.
<soren> I just won't be done for another two weeks, probably.
<Daviey> hallyn: numactl is showing as a libvirt candidate for main promotion, is it required?
<soren> I'll be doing all of glance, nova, swift, horizon, and quantum.
<Daviey> adam_g: This makes it much easier to install openstack from apt-get.. so it's quite exciting really.
<adam_g> speaking of keystone, ive been working on getting unit tests going okay at package build. its going to require some tweaks to a config override file in the $src/tests/ directory to setup the environment properly. is it kosher to scribble on that file during override_dh_auto_test (and possibly revert changes) or should it be patched with quilt?
<hallyn> Daviey: define required....  it's wanted by people
<hallyn> it got MIR
<hallyn> (biab)
<adam_g> Daviey: yeah, definitely
<Daviey> hallyn: i'm not seeing a MIR?
<Daviey> adam_g: depends on the size of the change TBH... both are valid, but quilt allows easier inspection of our diff
<adam_g> Daviey: its minimal stuff, but im not sure the changes applied via a quilt would be useful to anyone after the package is installed (ie, creating a temporary db a build time, in debian/tmp/ or some such)
<Daviey> adam_g: Yeah, either are valid.. do the path that is easier.
<adam_g> Daviey: thanks
<jMCg> How do I get this string 'lib/x86_64-linux-gnu' from debian build tools?
#ubuntu-server 2012-03-22
<adam_g> hallyn: http://paste.ubuntu.com/894479
<adam_g> hallyn: any ideas?
<adam_g> Daviey: http://paste.ubuntu.com/894473/ that testing override look reasonable?
<hallyn> adam_g: no, that shouldn't be happening...
<hallyn> Daviey: bug 891232
<uvirtbot> Launchpad bug 891232 in numactl "[MIR] numactl" [Undecided,Fix released] https://launchpad.net/bugs/891232
<hallyn> adam_g: is your system uptodate?  i'll try a fresh instance...
<hallyn> adam_g: unless you have other files under /etc/apparmor.d/lxc that you created...
<adam_g> hallyn: strange, this happened on one of the CI nodes, the same version installed fine across all of the other nodes, though.
<hallyn> adam_g: disconcerting
<hallyn> are they all using hte same mirror?
<adam_g> i know juju is the one installing lxc, wonder if its doing anything strange
<Daviey> hallyn: ok, thanks.. i bumped the status back, which makes it show on the tracking page
<Daviey> adam_g: looks good, not tested it.. It's a shame there isn't a helper in the upstream src
<hallyn> adam_g: is that instance still up?
<hallyn> adam_g: if so, can you pastebin /etc/apparmor.d/lxc-container and /etc/apparmor.d/* ?
<adam_g> hallyn: sure one sec
<adam_g> Daviey: cool. seems to work just fine with jenkins builds
<hallyn> i've gotta run out actually, backin awhile
<Daviey> hallyn: o/
<adam_g> hallyn: gonna tear down and redeploy, see if its a fluke. here is /etc/apparmor.d/ for you if interested, http://people.canonical.com/~agandelman/apparmor.tar
<hallyn> adam_g: thx
<hallyn> adam_g: really if it happens again, probably best to file a bug against lxc and mark it as also affecting apparmor (bc the files look fine, so it sounds like a transient error in the apparmor_parser)
<adam_g> hallyn: ill keep an eye out for it, so far so good
<stgraber> hallyn: http://people.canonical.com/~ubuntu-archive/livefs-build-logs/precise/edubuntu-dvd/20120322/livecd-20120322-i386.out
<stgraber> hallyn: Edubuntu DVD build failed because of the new lxc's postinst
<stgraber> hallyn: http://paste.ubuntu.com/894524/ is the important part
<hallyn> stgraber: so apparmor is installed but not active?  why couldn't it find the fs?
<hallyn> maybe i'm supposed to use /lib/init/apparmor-profile-load
<hallyn> jdstrand: in a postinst, should i be using /lib/init/apparmor-profile-load in place of apparmor_parser?
<hallyn> jjohansen: ^
<stgraber> hallyn: well, that's in a live-build environment so a chroot in a chroot on an older kernel :)
<stgraber> hallyn: apparmor is indeed insalled in that chroot but certainly doesn't match the version in the kernel (probably 2.6.24) and no services are running as it's a chroot using policy-rc.d to prevent anything from starting
<stgraber> so not your everyday use case except it's what we have on the CD builders and so it needs fixing before we can get dailies again :)
<hallyn> stgraber: using apparmor-profile-load would check for the fs, but not kernel compatibility.  so not sure that'd be 100% fix
<hallyn> will push a fix as soon as i get guidance :)
<hallyn> stgraber: open a bug?
<hallyn> note i won't be in tomorrow
<hallyn> ah
<hallyn> maybe i can check /sys/kernel/security/apparmor/features/mount/
<hallyn> stgraber: is it possible for you to walk into such a chroot and see if /sys/kernel/security/apparmor/features/mount/ exists ?
<stgraber> hallyn: no, these builds run on a livefs builder in the DC and are flushed immediately when they fail
<hallyn> stgraber: will they try to build+run a container?
<stgraber> hallyn: I'll have a quick look through the log to see if I can find some information on /sys/kernel/security/apparmor/features/mount/
<stgraber> hallyn: my guess is that nothing in /proc or /sys is mounted
<hallyn> stgraber: ok i'll do the checks by hand.  i also will update lxc-start bc i suspect it'll break you as well.
<stgraber> hallyn: hmm, actually based on the logs /proc and /sys are mounted, no mention of securityfs though, so probably not mounted (unless some packages do it)
<hallyn> stgraber: http://paste.ubuntu.com/894544/ is for the postinst part
<hallyn> I'm going to add a patch to start.c before pushing
<hallyn> stgraber: opinion q
<hallyn> stgraber: if a transition to container polciy fails, should we just ignore it?
<uvirtbot> New bug: #961824 in lxc (universe) "Edubuntu DVD livefs builds failed because of lxc failing to install" [Undecided,New] https://launchpad.net/bugs/961824
<hallyn> ah
<stgraber> hallyn: the problem isn't "on livecd" it's "on the livecd builder"
<stgraber> hallyn: I think running lxc on the livecd will probably work fine
<hallyn> stgraber: the reason i'm worried is that it *looks* as though apparmor policies don'et get loaded on livecd
<hallyn> (look at /lib/init/apparmor-profile-load)
<hallyn> soi want to quickly check, before we start loading the container, if apparmor module is loaded and we're in lxc-start profile, and skip the transition if not
<stgraber> hallyn: ah, indeed, I guess no apparmor in the live environment was to make things faster
<hallyn> well ok maybe i should push this fix, so you can get it built, and then we can fix lxc-on-livecd next (and try to do it properly)
<stgraber> hallyn: running /lib/init/apparmor-profile-load would make sense as we'd avoid some code duplication in the process, unless it's bad to do that for some reason
<hallyn> it still doesn't check for mount support, so it's not really enough
<hallyn> inf act i guess the upstart job should be fixed to check for that too
<hallyn> oh, but we can't
<hallyn> can't be sure securityfs is mounted
<hallyn> stgraber: heh i was being dense.  so yes switching to that, as per http://paste.ubuntu.com/894559/
<stgraber> hallyn: looks good
<jjohansen> hallyn: hrmm I honestly don't know, I will have to defer to jdstrand, I still haven't dug into the debian packaging end of things. Its one of those perpetual I look at it this cycle ... things
<hallyn> jjohansen: I'm feeling pretty good about the patch i'm whipping up :)
<hallyn> jjohansen: will you be around in a few mins to proofread?
<jjohansen> hallyn, stgraber: apparmor was pulled from the livecd environment ages ago because of unionfs issues actutally, and it was never reinstated because it wasn't considered to be important there
<jjohansen> hallyn: yeah I'll be around, I just got back from dinner
<hallyn> jjohansen: that's funny, bc i thought it was a regression when overlayfs didn't work with it.  But now I see why it was never found :)  good good
<jjohansen> hallyn: actually it is a regression, it works with aufs, and unionfs.  I know why its not working with overlayfs but get a proper fix (not attach_disconnected) just isn't going to happen this cycle.
<jjohansen> the unionfs bug is back when I was at Novell and Ubuntu tried switching to unionfs 2.1 instead of 1.4, it was buggy and crashed and they endup pull AA to try fixing it and then reverting to unionfs 1.4 in the end but not restoring AA
<hallyn> jjohansen: oh noes.  what the heck do the contents of /sys/modules/apparmor/enabled mean?
<hallyn> why is it 10 instead of 1
<jjohansen> hallyn: 10? It should be Y
<hallyn> hmm, when i read it as %c it's 'm'
<hallyn> gah
<hallyn> sorry.  my bad
<hallyn> runlevel 2 is entered AFTER rc-sysinit right?
<hallyn> jjohansen: http://paste.ubuntu.com/894576/  is what I'm looking at...
<hallyn> jjohansen: pls critique :)
<twb> SYSF sounds like its missing an -S
<hallyn> oh is that why it looked funny :)
<twb> Why are you binding it to a variable if you only evaluate the variable once?
<hallyn> <shrug> to keep the condition easy to read?
<hallyn> and under 80 cols
<hallyn> over-conditioned
<twb> I have a coworker who does things like
<twb> PATH_TO_ETC_EXPORTS=/etc/exports
<hallyn> :)
<twb> FWIW, type is not SUS portable, nor is which.  But Debian is (AFAIK) guaranteed to have both.  I would generally use which on Debian because that seems to be the convention.
<hallyn> i suppose if it's going to be dereference tons of times...
<twb> (I'm assuming the postinst is #!/bin/sh and not #!/bin/bash
<hallyn> twb: oh, i always used which in the past,
<twb> It's merely a style issue
<hallyn> then saw type, and thought "huh, must be som ereason they're using that"
<twb> If the existing code is already using type you might as well keep to that convention
<twb> Typo:  94 ++              INFO("apparmor not emabled");
<hallyn> d'oh, landed my var decl inside a long #else
<hallyn> thanks
<twb> Does this affect both lxc-start and lxc-exec?  And if so, does it DTRT for both cases?
<twb> (I'm looking at the patch part but it's beyond my expertise.)
<hallyn> twb: they both use lxc_start() from start.c.  so it should, and seems to be here
<jjohansen> hallyn: twb has caught more things than I did
<hallyn> twb: ah, but, it doesn't
<hallyn> the lxc-init wants to mount /proc and /sys.  it's not allowed to
<jjohansen> hallyn: there is an  aa_is_enabled fn if you want, but your rolling your own is fine
<twb> I WIN
<hallyn> jjohansen: d'oh!  i looked for a manpage but couldn't find anything like that
<twb> paranoia strikes again
<hallyn> guess i only tried aa_enabled
<hallyn> jjohansen: i trust aa_is_enabled would be more robust?
<jjohansen> hallyn: hrmm, sorry they really should be bread crumbs between the different man pages but that one seems to be missing
<hallyn> right i looked for 'see also' in the others :)
<jjohansen> hallyn: heh, it does much the same thing but includes a search of mount points in case things get mounted else where
<hallyn> how often do they get mounted elsewhere?
<hallyn> my inclination is, if they're mounted elsewhere, we want to disable aa for containers... but not sure
<jjohansen> but I think most of the scripts would break if things weren't mounted at /sys
<jjohansen> hallyn: call it a hold over from by gone times before securityfs
<jjohansen> hallyn: like I said rolling your own is fine
<jjohansen> I really don't see a need to change it
<jjohansen> hallyn: I guess it does let you detect a little more about how/why apparmor is disabled
<jjohansen> eg. available but disabled at boot
<hallyn> stgraber: I really think we'll want to allow containers to mount proc ->/proc and sys -> /sys just to reduce # of complaints
<stgraber> hallyn: yeah, I didn't do it because it worked without it
<stgraber> hallyn: but it's safe to allow so no problem with that
<hallyn> stgraber: the only reason i'm hesitating is they'll just want to mount devpts next (and that they cant)
<stgraber> hallyn: you could add a generic "deny mount fstype=devpts," with a comment explaining why we never want it
<hallyn> all right i'm adding it
<hallyn> good idea (long as it doesn't confuse apparmor)
<stgraber> it'll silence anything trying to do it and if they look at the profile they'll see why
<jjohansen> stgraber, hallyn: so I working through the fixes for change_onexec, and the deny mount bug.  They should be in tomorrows up load
<uvirtbot> New bug: #961839 in postfix (main) "FFe - Sync latest postfix release (2.9) from Debian" [Wishlist,Triaged] https://launchpad.net/bugs/961839
<stgraber> jjohansen: great, thanks!
<jjohansen> hallyn: as well as the getcon fixes I have
<jjohansen> stgraber: there is a small syntactic change to the mount rules
<stgraber> jjohansen: ah?
<jjohansen> the options bit is picking up another keyword
<hallyn> wait - what is the deny mount bug?
<hallyn> will i hit it if i'm adding 'deny mount fstype=devpts" ?
<stgraber> hallyn: "deny mount..." won't match with the current apparmor
<jjohansen> hallyn: it doesn't always result in the correct denial at the moment, depending on the options being set
<hallyn> will it deny a different mount potentially, or just not deny it?
<hallyn> the latter's ok, the former is bad :)
<stgraber> not that I could see
<jjohansen> hallyn: no that should not cause a problem
<hallyn> cool
<hallyn> ok, testing http://people.canonical.com/~serge/debdiff
<jjohansen> stgraber: so you can do option=(X, Y) that means this rule requires those options be set to match
<jjohansen> and you can do
<jjohansen>   options in (X, Y)
<jjohansen> meaning any of the options can be set
<hallyn> i dn't envy the person who's going to document that :)
<jjohansen> heh, no. Its ugly, we kicked around a lot of different ways to express it, and decided that with the current time frame ...
<stgraber> jjohansen: oh, that's nice, the "options in (a, b)" will definitely be useful for stuff like devpts
<jjohansen> stgraber: yeah, it has its uses
<jjohansen> especially around writing deny mount options in (X, Y, Z)
<jjohansen> hallyn, stgraber: we will be looking at revising the syntax for the next release, so any improvements you can think of are more than welcome
<hallyn> pls keep me posted if it's going to require lxc chagnes to keep up :)
<hallyn> d'oh.  stgraber: another thing occurred to me- would be good to get apport info into lxc
<jjohansen> hallyn: we plan to keep it backwards compatible, so changes should not be required but if you have something you would like I would like to hear about it
<jjohansen> the current syntax is an uncomfortable compromise
<hallyn> will think about it, thanks
<hallyn> (long drive tomororw, time to think :)
<hallyn> ok i think i'm pushing
<stgraber> debdiff looked good, didn't look the C change too closely though but I'm sure you tested it so it probably won't be any worse at least ;)
<hallyn> and *that* should be my last upload before this freeze :)
<hallyn> now i can go back to fretting over how brittle libvirt and qemu feel
<stgraber> I'll do some LXC tests tomorrow now that the installer sprint is over, if I find something broken I'll fix it
<hallyn> great, thanks
<hallyn> hm, so server guide string freeze is tomorrow
<hallyn> so i have tonight to get in an update to the lxc section about apparmor
<stgraber> lxc is only affected by beta2 freeze because it's part of Edubuntu but as I'm the product manager for Edubuntu I should be able to get something trough even post-freeze time if needed (as long as I have time to test the new images)
<stgraber> I believe someone asked for a later freeze time of the server guide, hold on a sec I'll dig a link
<hallyn> that'd be great
<hallyn> (i suppose we can always just put that documentation on the wiki and integrate into server guide later)
<stgraber> hallyn: https://lists.ubuntu.com/archives/ubuntu-release/2012-March/000991.html
<hallyn> for middle-of-the-night driving, it helps staying awake to think through a paper or docs to write
<hallyn> cool, thanks.  that also gives me time to review the libvirt part
<hallyn> good night, see you all friday
<uvirtbot> New bug: #961115 in update-inetd (main) "update-inetd failed due missing File/Temp.pm during samba upgrade" [Undecided,New] https://launchpad.net/bugs/961115
<smb> smoser, No, smb usually has no ideas after sensible working hours and even more on Wednesdays. ;)
<koolhead11> hi all
<Znow> Ive followed the guide on ubuntu, for setting up Samba fileshare - so I can map a drive on my windows machine to the ubuntu virtual machine. I can ping the ubuntu machine, but cant map the drive, it says network error. does the ubuntu virtual machine need a static ip address for this?
<uksysadmin> hey guys
<uksysadmin> great work on openstack btw - I've got Ubuntu 12.04 running Essex: Nova, Glance, Keystone, Horizon and Swift
<uksysadmin> wanted to make sure that your efforts are not going unnoticed
<koolhead11> uksysadmin:  :D
<ejv> openstack?
<ejv> interesting
<koolhead11> ejv: i was execting "O WAO" reaction TBH :)
<koolhead11> *expecting
<Znow> my top bar with menues wont show on 11.10???
<Znow> how can I get it to show?
 * koolhead11 points Znow to #ubuntu
<thevinci> how do i install third party drivers from the command line in ubuntu server?
<thevinci> I need my broadcom wireless driver to work
<jamespage> morning all
<ejv> sorry i haven't drank the cloud koolaid just yet koolhead11 ;)
<koolhead11> ejv: :P
<blizzkid> Hi all. might not be the most appropriate chan to ask in, but has the UCP programme been cancelled? I still find some info about it, but seems outdated...
<jamespage> bencer_, binary packages just got accepted - should appear in the archive in the next couple of hours
<rbasak> thevinci: the jockey-common package will give you a jockey-text command which I think is the equivalent of the GUI tool for proprietary drivers on the desktop, but I've never used it (I avoid that kind of hardware). That might be a starting point. Or you could do whatever jockey does manually - perhaps there's a package in the archive for your hardware?
<lynxman> morning o/
<jamespage> jodh, whats the recommended way to disable an upstart configuration these days?
<jodh> jamespage: http://upstart.ubuntu.com/cookbook/#disabling-a-job-from-automatically-starting
<jodh> jamespage: specifically, http://upstart.ubuntu.com/cookbook/#override-files
<jamespage> jodh, was just reading that - thanks for the confirmation
<uvirtbot> New bug: #962001 in autofs5 (main) "Nfs mount hangs while automounting home" [Undecided,New] https://launchpad.net/bugs/962001
<jamespage> jodh, are you around for a question about wait-for-state?
<jodh> jamespage: that's one of SpamapSs, but you can try :)
<jamespage> jodh, OK - just let me frame my question
<jamespage> jodh, actually I think I just answered by own question - I;m looking at a bug in the autofs startup
<jodh> jamespage: ok. I've raised bug 962047 as wait-for-state needs to be documented both in a man page and the cookbook IMHO.
<uvirtbot> Launchpad bug 962047 in upstart "document wait-for-state" [Undecided,New] https://launchpad.net/bugs/962047
<jamespage> jodh, I think by default wait-for-state waits for the 'started' event - which stops autofs restart if ypbind is installed and already running
<jamespage> I think that if I target WAIT_STATE=running that should do the trick
<freaky_> hi, i'm upgrading 8.04 lts to 10.04 lts (do-release-upgrade). It's near the end I think, it just restarted PowerDNS and now nothing is happening... haven't seen output in 10 mins or something any ideas?
<uksysadmin> hello all
<uksysadmin> I've just been in a meeting with some of our folks over RabbitMQ HA options... what is the best resource, person to have a chat to pick the brains on what we want to achieve?
 * koolhead11 points uksysadmin to lynxman :P
 * lynxman feels pointed at
 * uksysadmin will get one of our guys to ping lynxman if he doesn't mind...
<lynxman> uksysadmin: it's fine :)
<uksysadmin> lynxman: best coming from them on what they want to set up, what they have setup and what challenges they came up against.
<uksysadmin> they're not on irc atm, but I'll send them you're way when they are.
<koolhead11> uksysadmin: BTW lynxman is in UK too.
 * koolhead11 hides
<uksysadmin> lol
<uksysadmin> helps with timezones :)
<lynxman> uksysadmin: it does ;)
 * koolhead11 needs extra beer from lynxman when he meets 4 that
<aljosa> anybody knows if there is a deb package for java 1.5 sdk available somewhere that can be used on ubuntu 12.04?
<freaky_> is there any way to prevent apparmor from returning? Just ran a apt-get dist-upgrade and in reinstalled (and started) apparmor
<freaky_> apparmor screws plesk over badly unfortunately
<thevinci> I HATE BROADCOM DRIVERS!
<thevinci> Can anyone help me figure out hoe to get my ubuntu server laptop connected to the wireless internet?
<ikonia> thevinci: checkout the desktop guide, the process is the same
<thevinci> from command line?
<thevinci> I installed b43-fwcutter from the desktop cd
<thevinci> but it's saying i need other firmware drivers that i can't find anywhere...
<Daviey> uksysadmin: Glad to hear things are working out for you :)
<Daviey> uksysadmin: I think some of the frustrations you have been feeling has been lack of doc's, meaning that often the wrong this has been done by the end user.
<Daviey> Hopefully, by release - this will be easier.
<ednolivers> hey all. does anyone know the recommended approach to upgrading apache in 10.04 LTS? i thought there'd be a backport but i can't find one
<uksysadmin> Daviey: I think so too
<uksysadmin> keystone -> redux didn't help
<Daviey> uksysadmin: no.. that was more painful than we hoped.
<Daviey> uksysadmin: It's so easy to go down ratholes with this :/
<uksysadmin> Daviey: indeed!
<uksysadmin> BUT - the upshot - OpenStack is alive and kicking on 12.04 - that's some achievement.
<Daviey> uksysadmin: Great job!
<Daviey> uksysadmin: What is your install method?
<uksysadmin> closing eyes and praying
<uksysadmin> ;-)
<uksysadmin> at the mo - scripted apt-get installation
<uksysadmin> hoping to get some Canonical love though for when we do this for real though
<Daviey> uksysadmin: sounds great :)
<Daviey> uksysadmin: Have you documented your workflow?
<uksysadmin> if I was a developer, I'd say yes ;-) ... its work in progress
 * uksysadmin goes to get free pizza
<Daviey> uksysadmin: Can i have free pizza?
<zul> Daviey: i saw the keystone ftbfs this morning once of the requirements is to have a working MIR however in order to test the keystone that failed you need to have swift installed and there is a fix for it proposed but it uses a git checkout to get swift
<Daviey> zul: linky?
<Daviey> to the MP
<zul> just a sec
<zul> https://review.openstack.org/#change,5595
<smoser> kirkland, around ?
<smoser> lynxman, ?
<uvirtbot> New bug: #962150 in openvswitch (universe) "openvswitch-datapath-dkms neads linux-headers" [Undecided,New] https://launchpad.net/bugs/962150
<smoser> lynxman, well, when you see this..
<smoser> http://bazaar.launchpad.net/~orchestra/orchestra/trunk/revision/61
<smoser> that seems like you added the rsyslog stuff.
<smoser> and i'm trying to move it to maas
<zul> Daviey: so you dont like the polling?
<Daviey> zul: if poll doesn't scale to the regularity of the baud of the serial console being reasonabnle to fill up the disk :)
<Daviey> OTP btw
<zul> Daviey: k so daemon then?
<Daviey> smoser: http://bazaar.launchpad.net/~orchestra/orchestra/trunk/revision/61/monitoring-server/etc/rsyslog.d/99-orchestra.conf <-- dump to disk
<smoser> Daviey, yes, i just had some questoins about that.
<smoser> i'm thinking i'm not going to bother with gnutls at the moment.
<smoser> its boot logging only
<Daviey> smoser: agreed
<smoser> so, mark this place in your irc history
<smoser> so you can come back and blame me
<smoser> :)
<Daviey> :D
<smoser> the thing htat sucks here.
<smoser> i think we're baically going to open up a udb listening rsyslog server
<smoser> udp
<smoser> that will log whatever traffic anyone wants
<smoser> and fill /var/log appropriately
<Daviey> smoser: notice the paths?
<Daviey> different files for each node
<smoser> so?
<smoser> different files for each attacker?
<smoser> well thats convieneint
<Daviey> smoser: make sure it's not dependant on hostname.. as it can chane easily.
<Daviey> change*
<Daviey> smoser: just pointing it out
<smoser> not dependant on hostname ?
<smoser> why?
<smoser> its useful
<smoser> i was just putting everything into
<smoser>  /var/log/maas/rsyslog/OSTNAME%/%$YEAR%/%$MONTH%/%$DAY%/messages
<smoser> (no need to separate, i dont think)
<smoser> so this is what i've got right now
<smoser>  http://paste.ubuntu.com/895081/
<Daviey> smoser: HOSTNAME isn't stable
<zul> i dont like the hostname/$year/$month/$day/meesages
<Daviey> there needs to be another metric
<smoser> why?
<Daviey> smoser: it can change too easily..
<smoser> so?
<smoser> are you trying to be safe against an attack ?
<Daviey> smoser: i'd rather it used the UUID :)
<Daviey> smoser: no, just consistent logging locations for each node
<Daviey> sorry for being sparse, OTP
<smoser> http://www.rsyslog.com/doc/property_replacer.html
<smoser> thats what we can use
<smoser> without modifying the syslog support in the installer to read a kernel parameter that is passed (UUID)
<smoser> maybe fromhost-ip ?
<Daviey> smoser: UUID is certainly more interesting.. but right.. do what you think is best :)
<smoser> uuid is also a helluva lot more difficult to find
<smoser> oh look, host 972035b7-f428-4127-8f0c-582d948c6a79 logged a message
<smoser> let me go to that host
<lynxman> smoser: around!
<smoser> well, see my pastebin above.
<smoser> do you think that is a sane rsyslog config ?
<lynxman> smoser: yeah, rsyslog according to the MaaS design (let me know if somehting has changed) should only be installer logs
<lynxman> Daviey: we're still set on that right?
<Daviey> yes please, for now.
<smoser> lynxman, that is correct.
<lynxman> smoser: it looks like a sane rsyslog conf
<lynxman> smoser: although messages will filter, you still need something else
<smoser> k.
<smoser> curious
<lynxman> smoser: *looks around*
<smoser> why are there 2 ?
<smoser> why did orchesta logging server have 2 configs
<Daviey> install time, and long term.
<Daviey> ?
<lynxman> smoser: it has one per client and one to the server, we didn't fully cover install time
<lynxman> smoser, Daviey: We just need to know the install time channel and divide that into local and not local, then filter it from the rest, should do
<lynxman> smoser: otherwise any message to let's say user.* will go both to local and remote file locatios, the filter is not exclusive and needs to be explicitly filtered out
<lynxman> smoser: I'll be around in case I can be of help :)
<smoser> lynxman, right now, boot logs go both places
<smoser> in orchestra
<smoser> they go to syslog and to the remote
<smoser> were you saying that was not intended ?
<smoser> anyone want to test something for me and maybe open a bug ?
<lynxman> smoser: that was not intended indeed :)
<smoser> i am under the impression that virtio net and possibly virtio disk are considerably slower in the guest
<smoser> in precise compared to lucid
<lynxman> smoser: can do later today, right now I'm heads down doing a juju openstack install
<smoser> i would like someone to (with precise host) boot kvm guests of both and prove me wrong or right.
<lynxman> smoser: could do :)
<lynxman> smoser: as soon as I got this hammered I'll be glad to
<smoser> (on canonistack, it seems to me that i can hit almost 50M/s writing to /dev/null in lucid, but only half that or worse  in precise)
<smoser> lynxman, http://paste.ubuntu.com/895099/
<smoser> that is how you stop messages from going to the default location
<smb> hallyn, So it seems bug 929626 which I thought was virt-manager might actually be a libvirt issue. mdeslaur found a rh bugilla with a good lead: https://bugzilla.redhat.com/show_bug.cgi?id=746007
<uvirtbot> Launchpad bug 929626 in libvirt "virt-manager misses xen guests shutting down" [Undecided,Confirmed] https://launchpad.net/bugs/929626
<uvirtbot> bugzilla.redhat.com bug 746007 in libvirt "After using 'shutdown' on a xen guest, virt-manager still reports guest is running" [Unspecified,Assigned]
<smb> hallyn, Would you know better which area needs inspection when an acquired object seems not to get certain updates?
<lynxman> smoser: I know, the difference is that you have messages coming from the same syslog channels, so you need to define both remote and local and then filter out :)
<smoser> lynxman, so you're syaing that the same does not work ?
<smoser> i just assumed i could put the & ~ after the last matching condition
<smoser> and it would drop it
<smoser> basically i though "& ~" meant "drop this message if the last condition was true"
<smoser> so...
<smoser>  http://paste.ubuntu.com/895109/
<lynxman> smoser: as far as I know you're dropping the channel, although that is a filtering rule...
<lynxman> smoser: let's try that and see how it goes :)
<uvirtbot> New bug: #962189 in openvswitch (universe) "dkms module is not automatically rebuild when installing new linux-image package" [Undecided,New] https://launchpad.net/bugs/962189
<jamespage> ttx: around - have a question about milestone-proposed branches for https://github.com/openstack/*
<ttx> jamespage: yes
<jamespage> ttx: coolio
<jamespage> ttx: so we have had a few issues in the Ubuntu OpenStack CI lab with FOLSOM opening for dev - most of which we have resolved by switching to the milestone-proposed branch
<jamespage> I just wanted to understand what the Openstack approach to master/milestone-proposed branches was between now and release so I can update the test configurations correctly
<ttx> So the RCs will be generated in the milestone-proposed branches
<ttx> at release time we'll cut stable/essex branches
<ttx> and hand them to stable maintenance team
<jamespage> ttx: OK - that was what I expect to happen.
<ttx> the trick is everyone is not using mliestone-proposed branches yet
<ttx> since keystone is not RC1 yet
<jamespage> ttx: so I noticed
<ttx> so you should actually use "milestone-proposed and master if not"
<jamespage> ttx: OK - thats what we have been doing
<ttx> I hope keystone will be RC1 today
<jamespage> ttx: https://github.com/openstack/python-novaclient/branches is giving us a few issues as folsom has opened but no milestone-proposed?
<jamespage> does this apply to core projects only or all projects?
<ttx> hmmm
<ttx> there should be one
<ttx> https://github.com/openstack/python-novaclient/tree/milestone-proposed
<ttx> and there is ^
<ttx> it wasn't committed to, though
<ttx> since novaclient didn't need Final=True pushed to it
<ttx> so maybe it didn't trigger on your side
<jamespage> ttx: hmm - showing my lack of git knowledge now - thanks for pointing that out
<jamespage> ttx: OK - think I'm all set now -thanks for the advice (see you in a couple of weeks!)
<ttx> np, see ya
<MRCracker2> hi all, my ssh speed is too low how i can speed it up?
<MRCracker2> not any idea?
<Matrix3000> need help, this nfs mount in my fstab is causing boot to hang
<Matrix3000> how can i make it timeout the nfs mount and continue booting in like 20 seconds
<Matrix3000> or something instead of it just perm hanging
<ikonia> why not make it an auto mount map
<ikonia> why is it hanging ? why can't it mount at boot time ?
<Matrix3000> cause, its offline right now
<Matrix3000> lol
<Matrix3000> it's an nfs mount that is under maintenance at the moment and it's not an essential mount
<Matrix3000> just gives us some extra files
<ikonia> stick an automount map in
<Matrix3000> let me look that up
<Matrix3000> cause i don't know where automap is
<ikonia> have a dig on "NFS automount map"
<ikonia> you'll get some idea of how to do it,
<ikonia> if you get stuck ask
<Matrix3000> but you are saying using autofs will prevent a boot hang when the system cant connect to the nfs mount?
<Matrix3000> nfs share I mean
<ikonia> Matrix3000: yes, as it doesn't mount it untilt it's called eg: something needs/wants it
<Matrix3000> ok
<Kiall> ikonia, cant you just add the "nobootwait" flag to the fstab line?
<Kiall> ikonia / Matrix3000: http://askubuntu.com/questions/120/how-do-i-avoid-the-s-to-skip-message-on-boot
<Matrix3000> that actually looks like an easier sollution as apache does use files on that mount
<Matrix3000> for one of the sites
<Matrix3000> but that site is down right now as expected
<ikonia> Kiall: that would work too, good call
<Kiall> ikonia, Yea, when you use EC2, you learn about that option pretty quick ;)
<Kiall> There's no console to press the 'S' for Skip etc
<ikonia> it's a good suggestion, didn't think of it at all
<Matrix3000> lol
<Matrix3000> that would be terrible
<Matrix3000> that's why i am not fan of ec2
<Matrix3000> but, EC2 is affordable and works for the most part
<Matrix3000> wish it was like vCloud
<uvirtbot> New bug: #962262 in openssh (main) "package openssh-server 1:5.3p1-3ubuntu7 failed to install/upgrade: il sottoprocesso nuovo script pre-installation ha restituito lo stato di errore 1" [Undecided,New] https://launchpad.net/bugs/962262
<uvirtbot> New bug: #957682 in juju (universe) "juju crashed with IOError in write_sample(): [Errno 13] Permission denied: '/home/username/.juju/environments.yaml'" [Low,New] https://launchpad.net/bugs/957682
<tolland> any idea why this request to httpd is waiting 20 secs to return;
<tolland> http://pastebin.com/N3xq8SWg
<tolland> (cross posted sorry, ignore the other one)
<Decepticon> hi people
<Decepticon> good day
<Decepticon> I have ubuntu serve of 10.04 but i have problem with my sqladmin
<Decepticon> this is error: #2003 Cannot log in to the MySQL server
<Decepticon> but i have user and password fine!
<Decepticon> please help me please!!!...
<Decepticon> hi people!
<tolland> Decepticon: i would start by resetting the user/pass http://is.gd/7kL2vj
<Decepticon> tolland: ok! iÂ´m check this
<Decepticon> thanks
<tolland> you can use the show grants command once you have either reset the admin user, or dropped grants
<tolland> to see what the server thinks of your user/pass
<Decepticon> tolland:  you are the maximun
<Decepticon> thanks thanks
<Decepticon> wueeeeeeeeeeeeeeeeeeeeeeeeeeeeee
<Decepticon> thank you brother
<Decepticon> jejejee ,)
<Decepticon> iÂ´m configure a server ubuntu 10.04 for my job
<Decepticon> thanks
<tolland> Decepticon: there is also a pretty good #mysql channel which might be more appropriate for service specific questions... there is a lot of mysql server admin types there
<brendand> are there any known issues with running apport-collect on ubuntu-server?
<Decepticon> tuxbin:  thanks of, only mysql
<tjaalton> hallyn: hey, there's a new xserver-xorg-video-qxl on debian, do you think it would make sense to have in precise?
<tjaalton> 0.0.17
<adam_g> zul: jamespage Daviey so keystone's test suite is not going to pass unless we patch swift and carry additional patches to test suites that use it, AFAICS
<jamespage> adam_g, grrr
<zul> the swift /dev/log stuff?
<adam_g> or, alternatively, we can try to disable the swift related keystone tests, which look more like integration tests than unit tests
<adam_g> zul: yeah
<zul> adam_g:  im in favor of disabling those tests
<adam_g> we probably would have come across this a while ago if swift's tests were enabled
<adam_g> zul: im sure we all are, but what about the requirements of the MIR?
<zul> adam_g: well we can add it to the ubuntu-qa testsuite probably
<zul> jdstrand: ^^^
<uvirtbot> New bug: #960690 in quantum (universe) "bug in the debian/control file" [Medium,Fix released] https://launchpad.net/bugs/960690
<adam_g> zul: well, we are running the entire test suite (swift stuff included) already when we package
<adam_g> i was able to get those to actually pass on our builds yesterday
<zul> adam_g: right i mean disabling the tests in the build and add the tests to the ubuntu-qa testsuite
<zul> adam_g: getting swift and keystone working in a buildd is not pratical imho
<hallyn> tjaalton: that might fix an open bug, sounds good.  i'm out today though
<jdstrand> zul: which mir are you referring to?
<zul> jdstrand: keystone
<jdstrand> zul: what about it?
<jdstrand> I did the mir and it has a conditional ack
<jdstrand> see 'Requirements for main inclusion' in https://bugs.launchpad.net/ubuntu/+source/keystone/+bug/881464/comments/15
<uvirtbot> Launchpad bug 881464 in keystone "[MIR] keystone" [High,In progress]
<zul> jdstrand: the testsuite does alot of integration tests for keystone, which is good, however the testsuite uses git to fetch swift and sets it up for you, however running testsuite in keystone during the buildd to make it past is not pratical
<zul> s/past/pass/g
<jdstrand> zul: can you comment on that in the bug?
<zul> jdstrand: of course
<jdstrand> zul: so the 139 of the 266 test cases are all a result of swift?
<jdstrand> that is more than half
<uvirtbot> New bug: #962348 in autofs5 (main) "Automount segfaults if it can't parse an LDAP entry." [Undecided,New] https://launchpad.net/bugs/962348
<zul> jdstrand: no the keystoneclient tests have been disabled as well becuase of the git usage as well
<jdstrand> zul: what is it pulling in? why can't the tests be updated to point at packages that are in ubuntu rather than fetching via git?
<jdstrand> zul: the testsuite is basically invalid otherwise because git will move to bigger and better things but the keystone testsuite will stay static in the archive
<zul> jdstrand: we tried patching it upstream but they have rejected it
<zul> jdstrand: agreed
<jdstrand> zul: right, but can we carry an ubuntu delta? we only really care that the testsuite for a specific version in ubuntu works with a specific version of other packages in ubuntu
<zul> jdstrand: yeah we can carry the delta
<tjaalton> hallyn: ok, maybe I'll skip the sync and wait for you to test it first :)
<jdstrand> zul: if the tests are worthless, then we can drop it. however, they seem to be worthwhile
<jdstrand> zul: please comment in the bug and I will respond with alternatives
<zul> jdstrand: ack
<jdstrand> zul: thanks for bringing it up
<zul> jdstrand: thanks for discussing it
<hallyn> tjaalton: sounds good.  pls email or ping me tomorrow?
<tjaalton> hallyn: sure
<uvirtbot> New bug: #962373 in juju (universe) "unhelpful error message when .ssh/known_hosts doesn't match" [Undecided,New] https://launchpad.net/bugs/962373
<zul> lovely..
<zul> Daviey/adam_g: looks like swift likes to use eventlet-0.9.15
<uvirtbot> New bug: #962383 in juju (universe) "ec2-key-pair went away, but juju doesn't say it is unsupported" [Undecided,New] https://launchpad.net/bugs/962383
<Daviey> zul: Golly.. can you investigate ?
<zul> Daviey: looking
<uvirtbot> New bug: #962389 in juju (universe) "juju Recommends on lxc installs libvirt-bin which causes problems when testing in virtualized environments" [Undecided,New] https://launchpad.net/bugs/962389
<smoser> lynxman, so i think i know why logging goes to syslog
<smoser> it already goes there before your ocnfig can stop it
<smoser> as your config runs after 50
<smoser> (50-default.conf)
<zul> Daviey: i just run the swift excercises from devstack i dont see anything wrong from the tests, im waiting for more info about that bug
<adam_g> zul: on precise?
<zul> adam_g: yes
<adam_g> zul: what about the swift-bench utility that was run to produce the bug?
<zul> adam_g: they havent provided any more info on how to reproduce it
<Daviey> zul: ugreat!
<adam_g> zul: i think you should have everything you need to run swift-bench in openrc
<zul> adam_g: you sure?
<adam_g> zul: not certain, but swift-bench -h shows a config file that needs only the keystone endpoint and credentials
<adam_g> er, s/keystone/swift
<zul> adam_g: got it working havent been able to reproduce it so it might be smething with the guy's config
<uvirtbot> New bug: #962426 in keystone (universe) "keystone package install doesn't create logrotate.d entry" [Undecided,New] https://launchpad.net/bugs/962426
<uvirtbot> New bug: #956578 in asterisk (universe) "Remote crash vulnerability in SIP channel driver" [Undecided,Confirmed] https://launchpad.net/bugs/956578
<uvirtbot> New bug: #956580 in asterisk (universe) "Remote Crash Vulnerability in Milliwatt Application" [Undecided,Confirmed] https://launchpad.net/bugs/956580
<uvirtbot> New bug: #956581 in asterisk (universe) "Stack Buffer Overflow in HTTP Manager " [Undecided,Confirmed] https://launchpad.net/bugs/956581
<uvirtbot> New bug: #962503 in mysql-5.1 (universe) "mysql fails to start due to error in /etc/apparmor.d/usr.sbin.mysqld" [Undecided,New] https://launchpad.net/bugs/962503
<uvirtbot> New bug: #962507 in juju (universe) "[FFE] Latest juju snapshot enables maas provider" [Undecided,New] https://launchpad.net/bugs/962507
<uvirtbot> New bug: #962560 in libpam-ldap (main) "pam-auth-update Account-Type should be "Additional"" [Undecided,New] https://launchpad.net/bugs/962560
<eb_> I'm trying Orchestra and Juju but with juju bootsrap
<eb_> I'm trying Orchestra and Juju but juju bootstrap return an error
<eb_> The error is "error: Environments configuration error: /home/localadmin/.juju/environments.yaml: environments.orchestra.acquired-mgmt-class: required value not found"
<uvirtbot> New bug: #962393 in phpmyadmin (main) "Installation loops in db-config-common when ran from software-center" [Undecided,New] https://launchpad.net/bugs/962393
<Daviey> SpamapS: Plans to backport apache 2.4.1 to precise-backports?
<SpamapS> Daviey: would love to!
<Daviey> SpamapS: gonna happen? :)
<Daviey> SpamapS: Didn't you have one knocking around in a PPA?
<SpamapS> No
<SpamapS> I'm not sure its worth it
<SpamapS> 2.2 .. 2.4 .. its still just apache
<meerkats> where did the offtopic room go?
<Daviey> SpamapS: How is PHP looking?
<SpamapS> Daviey: about to start driving nails into 5.4's coffin
<ajmitch> still no suhosin patch on the horizon?
<SpamapS> nope
<adam_g> Daviey: IN: glance, quantum, swift (assuming 1.4.7), horizon. NOT IN: keystone (rc not released yet), nova (in queue), melange
<Daviey> adam_g: okay!  thanks for the update.. do we have an ETA on keystone upstream RC?
<adam_g> Daviey: i think theres just one bug still in progress with a review in gerrit
<Daviey> adam_g: great!
<arosales> adam_g: for the blueprint Implementation status for https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-openstack-testing seems it should at least be marked at least with "Good Progress" your thoughts?
<adam_g> arosales: oh, ya.  the only TODO will hopefully be DONE after ODS.
<adam_g> arosales: the INPROGRESS regarding the stress tests is  misleading now, i guess. ive been working with the upstream on getting a new stress test suite working nicely and implementing it on our openstack CI
<arosales> adam_g: "deployment" might also be fitting then.
<adam_g> arosales: not so much a porting effort anymore. should i postpone/defer or just change the wording?
<arosales> adam_g: If you still will get to it this cycle you can leave the remaining to do as is, perhaps just update the "Implementation" status to something other than "Unknown"
<adam_g> arosales: will do, for sure
<arosales> adam_g: thanks
<adam_g> arosales: https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-openstack-charms  this one needs a bit more TLC, but honestly im not sure how much of those TODOs will be done this cycle.  note that none are really tied to the release schedule
<arosales> adam_g: tough to work on the charms with the packages being in such flux
<arosales> we'll revisit all the "postponed" work items for the next cycle too, so those items don't get forgotten
<arosales> adam_g: If your pretty sure they are not going to happen this cycle then might as well postpone, kind of odd since they are not tied to the release
<arosales> we can pick them up next cycle, at least for work item tracking ;-)
<fluvvell> are people generally more in favour of virtual machines using vmware, or kvm. ( it will be a windows vm)
<adam_g> arosales: ok cool. yeah, they're really wishlist features for current juju charms, which can be added anytime really
<arosales> adam_g: thank for the updates
<_johnny> hi, i'm trying to upgrade from 10.04 to 10.10. network and cd (alternate) both give me the following halt: The package 'update-manager-core' is marked for removal but it is in the removal blacklist.
<_johnny> any ideas as to what i'm doing wrong?
<tarvid> !iptables
<ubottu> Ubuntu, like any other Linux distribution, has firewall capabilities built-in. The firewall is managed using the 'ufw' command - see https://help.ubuntu.com/community/UFW | An alternative to ufw is the 'iptables' command - See https://help.ubuntu.com/community/IptablesHowTo | GUI frontends such as Gufw (GNOME) and Guarddog (KDE from Lucid onwards) also exist.
<pukeko> howdy
<tarvid> https://help.ubuntu.com/community/IptablesHowTo#Logging is short about logging explicitly dropped packets
<tarvid> can I add a "log" option to a rule?
<pukeko> tarvid: setup a new rule and if the packets met certain requirments jump to that rule and log
<tarvid> thanks pukeko , I've been under attack for weeks
<tarvid> finally came with a firewall that works
<tarvid> just curious who the culprits are
<pukeko> hey.. i need to "sync" two samba servers one is offline but needs to be available if the other one dies..
<pukeko> what else do i need to sync apart from /etc/group /etc/passwd /etc/samba /var/lib/samba ?
<pukeko> * and the data of course
<pukeko> tarvid: i used to do it via the interfaces.. if it came in / or out of and matched - then jump to a ruleset
<tarvid> basically I just want to drop the sh*t
<pukeko> but that could get a bit hard on the brain - when monitoring both out going and incomming over 3 or more interfaces
<tarvid> only two
<tarvid> someone or someones were sucking me dry
#ubuntu-server 2012-03-23
<pukeko> how ?
<tarvid> a mixture of www, ftp and ssh
<pukeko> from internal network or ext ?
<tarvid> external
<tarvid> ssh I suspect was password cracking]
<pukeko> what do you mean by that ?
<tarvid> constantly trying to log in?
<pukeko> where you limiting the attempts etc ?
<tarvid> iptables
<pukeko> sshd_config
<pukeko> and iptables
<tarvid> no I don't want to bother with auth, I just want to dsrop the packets
<tarvid> I don't want them to even know whawt doesn't work
<tarvid> this box does dns for my domains to the world and nat for the boxes behind it
<pukeko> are you writing the iptables script yourself ?
<tarvid> I need administrative access from other locations
<tarvid> yes
<tarvid> hard enough to understand when you write your own
<pukeko> good whay to learn though..
<tarvid> old dog new tricks
<tarvid> hotel california
<tarvid> i've been in networking 101 25 years
<pukeko> makes "learning" something like Pfsense a walk in the park
<tarvid> what does that do
<pukeko> http://pfsense.org/
<tarvid> ah, i have been ubuntu monogamous
<tarvid> did try one of those distros about 5 years ago
<pukeko> its easy peasy - only gets abit weird if yr installing onto a softraid
<pukeko> "they" use different naming convensions
<tarvid> doing a softraid install of 12.04 as we chat
<pukeko> server ?
<tarvid> run into that on my pbx box
<tarvid> yes
<pukeko> what pbx dist you use ?
<tarvid> erasing the md at the moment should finish by morning
<pukeko> ..you can set it up in "disabled" mode load the data and "fix' the md later of course ..
<pukeko> : )
<tarvid> mdadm create failed so I am building the md first
<pukeko> what sort of machine is it ?
<tarvid> I suspect replacing a failed rive would go better
<tarvid> pentium 4 socket LGA 775 sata drives 2GB
<tarvid> a gift
<tarvid> all I have to do is replace the stock colling fan
<tarvid> cooling
<tarvid> i thanked them for the machine and they said free like in free cats
<pukeko> btw anyone here have any thoughts regarding my samba sync query above ?
<pukeko> hehe
<tarvid> wish I did, I have a samba based nas at home
<tarvid> ubuntu windows at home
<tarvid> ubuntu mac osx at the condo
<pukeko> only one and a quarter hours to go before beer oclock
<pukeko> barbeque and beers at 3 !!!!
 * pukeko pretends to get back to work
 * pukeko rolls up sleeves and frowns a lot
<pukeko> but seriously ... better get back to it .. catch you later tarvid
<micahg> Daviey: SpamapS: I don't see a backport of apache being possible it just breaks too much
<adam_g> Daviey: fyi, i think those swift bugs from earlier may be specific to the diagnostic tools and not swift itself. ive just xfered ~25GB on  precise swift cluster w/o issue
<pukeko> i have 2 samba servers i want to keep in sync - which other files/dirs do i need apart from /etc/samba/* /etc/group /etc/passwd /var/lib/samba/* ?
<pukeko> *one of the servers has the smbd service disabled so no clash
<jtran> hey all.  i have 4 ubuntu natty servers all installed the same method.   3 of them automatically load 'bonding' module, verified via lsmod bonding.    however, 1 of them does not.   i've verified it has ifenslave pkg installed.   insmod bonding:    insmod: can't read 'bonding': No such file or directory
<jtran> any idea why this is happening?
<axisys> is it possible to get 3Gbps write with disks ? may be with raid10
<twb> Probably not on whitebox hardware
<qman__> dependent on a lot of factors, but if you get some SSDs and raid, you can probably do it
<axisys> qman__: how do I benefit from ssd with ext4 or ext3 may be? I know how, with ZFS
<qman__> the current gen SSDs simply have faster data rates than hard disks
<axisys> twb: how about with sun hardware or some other.. company is looking to purchase it
<qman__> and would be possible to achieve that level of speed, with the right controller, and the right configuration
<axisys> qman__: can you do hybrid (disk + ssd)
<qman__> that's a whole mess I want none of, personally
<axisys> qman__: with linux's available fs ?
<qman__> but some people do it
<twb> axisys: I was thinking more like non-persistent RAM
<qman__> simple fact is, though
<axisys> qman__: with zfs you can setup hybrid .. where write log part of raid can be ssd.. never done anything like this in linux
<qman__> a hybrid system doesn't give you anything that more RAM wouldn't do better, cheaper, with less potential for problems
<twb> hear hear
<twb> Even better would be /dev/null -- that's only slightly less recoverable
<axisys> twb: lol
<axisys> twb: what is non-persistent RAM ?
<axisys> should google it, I guess
<axisys> no luck yet
<twb> axisys: normal ram
<twb> i.e. volatile RAM, data is lost when you lose power
<axisys> qman__: what is a good raid controller? i thought sftware raid is pretty good with lots of cpu and mem ?!
<axisys> twb: ok
<twb> whereas SSDs are non-volatile but still basically RAM
<qman__> it is, but it's not as fast as a good dedicated controller under certain circumstances
<qman__> also, I said disk controller, not raid controller
<axisys> qman__: oh
<qman__> you need a disk controller that can sustain your disks' data rates
<twb> hw raid makes sense when bandwidth is more important than flexibility, reliability, and ease of management
<twb> i.e. almost never
<axisys> :-)
<twb> I'm with qman__ -- work out where the bottlenecks are and fix those
<qman__> for example, my file server has an LSI non-RAID SAS controller for 8 of the disks
<twb> Or better, fix your app to not need 3gbps sustained
<qman__> which I selected specifically because it can handle SATA 3's full data rate
<qman__> my disks aren't that fast yet, but I'm future proofing
<axisys> qman__: dell or hp or supermicro ?
<qman__> none
<axisys> qman__: or sun ?
<qman__> it's a Gigabyte AM3+ board
<qman__> with a phenom II x4
<qman__> you'd want something better if you're needing that level of performance though
<axisys> and for raid .. i suppose dont look at anything but raid10 ?
<qman__> depending on your application
<qman__> you can make up for a slower disk subsystem by throwing more RAM at it
<qman__> put 32, 64GB of RAM in, and that's all disk cache
<axisys> do I have to do anything special except just put more rams in the system for that?
<qman__> nothing special, linux does this by default
<axisys> ok
<qman__> all unused memory is automatically used as disk cache
<qman__> of course cache is cache, and doesn't apply in all situations
<qman__> raid 10 will be fastest
<TylerW> whats the deal with webmin vs. Zentyal; everyone claims webmin can mess up an Ubuntu system but nobody brings proof or facts, and those of us that love it find no issues...
<qman__> webmin violates the debian package management system, and mucks up config files in a nonstandard way
<axisys> qman__: now I need some hardware for enterprise..
<axisys> qman__: really dont want SUN hardware
<qman__> so, in practice, it can work okay, but if it breaks it, we can't help you
<TylerW> qman: thanks for a straight answer! I prefer cli for most practices, there are a couple things i find much easier/less time consuming on webmin <-- and for some of my staff that NEED it because they can't even understand the "ls" command
<TylerW> But seeing as though I don't use webmin for many configs... maybe setting up some apache virtual hosts from time to time... but once established I usually go in and manually write out a lotof the configs I know by heart
<TylerW> one last thing if you don't mind; any absolute no no for running zentyal AND webmin on the same system? By the looks of it they wouldn't compete/interact with eachother so long as I wasn't trying to edit the same config in both
<qman__> sounds like a really bad idea
<qman__> especially because of the way webmin does it
<qman__> you can try it, but make sure you do it non-production, and spend plenty of time on it
<TylerW> yeah, definitely good points
<qman__> axisys, I've worked on a few supermicro systems, they're alright, but I don't have enough to say if any one is better than any other
<qman__> I buy based on reviews, and the last time I priced one out (didn't end up getting it) I actually picked an ASUS board for dual opterons
<qman__> most of the hardware I work on isn't enterprise grade
<TylerW> I find enterprise grade hardware to be more expensive and not last any longer or offer any other additional benefits (for the most part) than consumer hardware most of the time
<qman__> lots of entry level server boards, single socket, just glorified desktops, and lots of actual desktop hardware
<qman__> couldn't justify the cost for my server, just don't need that much RAM or dual chips
<qman__> 16GB and a quad core is overkill enough for what it does
<micahg> Daviey: SpamapS: I take that back, the way Debian has the current 2.4 packaging, a backport should be fine as nothing is allowed to be coinstallable, but to make it useful, you'll need to backport other stuff with it as any of the current apache modules in precise won't work
<TylerW> oh gee, Zentyal vm image for quick testing... excellent
<twb> qman__: personally, I *do* just buy desktop/workstation ATX boards
<uvirtbot> New bug: #962779 in samba (main) "package samba 2:3.6.3-2ubuntu1 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/962779
<Error404NotFound> Is there a way i can override the path of where a certain scripts looks for libs from /lib or /usr/lib to some other directory in runtime without sudo access?
<uvirtbot> New bug: #962826 in samba (main) "package samba-common 2:3.6.3-2ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 128" [Undecided,New] https://launchpad.net/bugs/962826
<uvirtbot> New bug: #943000 in cobbler (main) "update to system fails with  Exception value: 'NoneType' object has no attribute 'os_version'" [Critical,Fix committed] https://launchpad.net/bugs/943000
<Daviey> morning all!
<koolhead17> good morning Daviey
<Daviey> morning koolhead17
 * koolhead17 wants to go back sleep again.
<jamespage> morning all
<Qten> lo, 12.04, anyone have any guesses as to why i get a kernel panic when using the bonding driver on bootup but works ok if i do a networking restart?
<Qten> and one some servers it works fine every reboot but on others never works at all
<Qten> one some = one
<Qten> found the issue /facepalm i need bridge-utils and ifenslave for bonding why isnt it a depend of ifenslave
<dforthman> Good morning. Does anyone know where I can download Groundwork 6.5? I'm running 32-bit Ubuntu Server and the latest version (6.6) only supports 64-bit.
<ikonia> dforthman: is that in the repos or a comercial product
<dforthman> not sure if it's in the repos or not. that's why i'm asking
<ikonia> I don't see it
<ikonia> is it a comercial product or open source ?
<dforthman> it's supposedly open source, http://www.gwos.com - but they don't have a link to previous versions
<ikonia> I don't see it as open source
<ikonia> I see licenses
<dforthman> there's support contracts per device, but the software itself is free
<ikonia> their website has terrible layout for information
<ikonia> I'd contact them direct
<dforthman> yeah, i'll do that. thanks for your help
<ikonia> thank you, I'm having a look at groundworks, never heard of it
<dforthman> it's pretty much a pretty front-end for nagios
<dforthman> it also lets you make changes, test it, and store it in mysql, then commit them all at once
<_ruben> bah .. groundwork seemed nice, until i noticed that the free edition is limited to 50 hosts
<koolhead17> _ruben: i saw it too :D
<koolhead17> http://www.gwos.com/downloads/core/ :P
<_ruben> which makes it useless for us
<_ruben> grep -c host_name /etc/nagios/hosts.cfg
<_ruben> 242
 * koolhead17 wants to learn nagios as well
<_ruben> $10000 per year aint fun :P
<_ruben> and that'd be only level1 :)
<uvirtbot> New bug: #963034 in openssh (main) "package openssh-server (not installed) failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/963034
<zul> morning
<husien> hye..
<lynxman> zul: morgen
<smb> lynxman, ist Samstag
<lynxman> smb: jetzt? Ich denke auf Freitag war
<smb> lynxman, Heute ist Freitag, "morgen" ist Samstag ;-P
<lynxman> smb: heh :)
 * smb blames the increasing silliness on the weather...
<lynxman> smb: yeah, not miserable = fun ;)
<smb> At least while not required to be working ... home office at 26Â° = not so much fun, at least until one is used to it
<lynxman> smb: ouch, that's slightly too hot for my taste
<Daviey> soren: How is your keystone-common looking
<Daviey> ?
<soren> Daviey: Lovelier and lovelier by the day.
<soren> Daviey: *Just* finished adding the ability to add the service and endpoints to keystone as well.
<soren> Daviey: Literally two minutes ago.
<Daviey> soren: this is great news.. what branch are you using?
<soren> It's at lp:~soren/+junk/keystoneconfig-common/
<soren> I don't want to create a project for it. I expect to maintain it as a native package.
<soren> ...so until Q opens and I can upload it properly, it'll just be under +junk
<ogra_> you plan to upload junk to Q ?
<ogra_> tsk
<soren> ogra_: That's all I have.
<soren> ogra_: Gotta put it somewhere.
<ogra_> server guys ...
<soren> :)
<ogra_> :)
<Daviey> I really wish there was a "misc" project, rather than +junk for catchall
<soren> Daviey: I got the impression it was too late for you guys to make use of it in Precise anyway, so didn't bother uploading it.
<soren> Daviey: Create one?
<Daviey> soren: I'd rather get it in, if adam_g thinks we can.
<soren> Daviey: Would be fun to see what sort of stuff turns up there.
<soren> Daviey: I'm surprised the config project on LP hasn't been abused more.
<Daviey> soren: /me starts a homeless project.
<soren> Daviey: Well, let me know if you want me to push it.
<soren> Daviey: I'd just rather not waste time on it if it won't be used anyway.
<Daviey> soren: lets see what adam_g thinks when he arrives.
<soren> Cool beans.
<Daviey> soren: We've abused jdstrand enough this cycle, reviewing NEW's. :)
<zul> Daviey: i dont think jdstrand should pay for his drinks at uds when a server team member is around ;)
<Nafallo> what's the favourite way to combat spam on a postfix/dovecot setup? :-)
<Nafallo> in particular spam that comes from a forwarder, such as @ubuntu.com ;-)
<zul> Nafallo: /dev/null? :)
<Nafallo> that's sounds like the end goal. there must be a good path to get there ;-)
<Nafallo> i.e. I need a classifier.
<patdk-wk> nafallo, the only way to get spamass to better classify forwarder email, is to add the forwarder to your trustednetworks
<patdk-wk> but then, that can also bit you, for emails that originate from there
<Nafallo> hmm. yeah. I'd like to avoid any kind of host-based checks. I'd rather spend the CPU cycles to check each message.
<Nafallo> how about dspam?
<rbasak> Can anyone suggest why "d-i netcfg/choose_interface select auto" might not work? I've tried eth0 as well. It keeps asking me!
 * rbasak is using priority=critical
<tjaalton> rbasak: it won't work in a preseed file, you need to give it on the kernel cmdline
<rbasak> tjaalton: oh yeah of course, it won't be able to read the preseed yet
<tjaalton> yeah, unless you build your own boot image, can put the preseed file there but it's simpler to feed the kernel directly..
<rbasak> tjaalton: doing it on the cmdline worked - thanks!
<jdstrand> heh
<gabebug> I have a server running Natty that's got a vulnerability report for https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/837991 - but that but report only lists patches for oneric. shouldn't natty and maverick get back ported patches for this too?
<uvirtbot> Launchpad bug 837991 in apache2 "Please merge apache2 2.2.20-1 to fix CVE-2011-3192+regressions" [High,Fix released]
<SpamapS> gabebug: that bug is for a regression in the CVE update, not the actual CVE
<gabebug> ah
<SpamapS> gabebug: http://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3192.html
<uvirtbot> SpamapS: The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192)
<gabebug> i have controlscan complaining that my natty install is vulnerable, but i'm running apache2-2.2.17-1ubuntu1.5. suppose that's just a false positive from controlscan?
<mdeslaur> SpamapS: new mysql versions apparently
<SpamapS> mdeslaur: been waiting for 5.5.22 actually.. 5.5.21 had some kind of regression IIRC
<mdeslaur> SpamapS: they mention security stuff in the 5.1.x release notes, but not 5.5 and 5.0
<mdeslaur> SpamapS: although they have updated yassl in 5.5 and 5.0 also, and I suspect that's security realted
<SpamapS> Oh joy, 5.5.22 has "yaSSL was upgraded from version 1.7.2 to 2.2.0."
<mdeslaur> SpamapS: do we use yassl?
<SpamapS> yes we enable SSL
<mdeslaur> or do we build with openssl or something else
<SpamapS> mdeslaur: yassl is their only solution
<jdstrand> mdeslaur: I saw some yassl stuff recently-- that is probably CVE-2012-0882
<uvirtbot> jdstrand: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0882)
<mdeslaur> jdstrand, SpamapS: yeah, probably that one
<SpamapS> Yeah, mysql has always embedded yassl
<SpamapS> There's an open bug against the Debian mysql packages to package yassl separately and use that
<SpamapS> I think that may end in disaster though ... mysql hates playing nice with others.
<mdeslaur> SpamapS: ok, thanks for the clarification...I'm probably thinking of something else that bundles yassl that we disable
<zul> there swift down to one failing test
 * smb wonders whether hallyn is to be expected today...
<_ruben> ugh, nice challenge for next week: fresh install of 10.04.4 on software, at boot time it complains /boot is not ready yet or unavail, enter recovery shell, issue mount /boot, ctrl-d, boot continues without issue
<_ruben> s/software/software raid/
<henkjan> _ruben: i see that happen a lot with lucid
<henkjan> randomly droppen to initramfs while booting from mdadm
<henkjan> after a powercycle booting mostly works correct
<_ruben> henkjan: tried 3 reboots just now, keeps failing
<_ruben> and i don't really end up in the initramfs i think
<_ruben> as / is already mounted and after exiting that shell, it just continues starting some services and be done
<_ruben> guess should've requested hw raid after all :P
<henkjan> mwah, mdadm raid is fine most of the time
<_ruben> this shouldn't be a disk intensive box anyways: border router :)
<_ruben> tho reliable booting would be nice :)
 * jamespage is killing qemu quite convincingly this afternoon trying to automate iscsi root testing
<henkjan> _ruben: routing on ubuntu + ?
<_ruben> henkjan: bird
<henkjan> quagga? bird?
<_ruben> working like a charm
<_ruben> replacing my current dell pe860 boxes with pe r210 ones
<_ruben> if they'd boot....
<_ruben> properly that is :)
<henkjan> ...
<_ruben> but that's for next week to tackle, time to head home now
<pabelanger> nice to see bug 935585 is fixed.  The only real issue I have had with 12.04
<uvirtbot> Launchpad bug 935585 in upstart "[kernel panic] init: log.c:786: Assertion failed in log_clear_unflushed: log->remote_closed" [High,Fix released] https://launchpad.net/bugs/935585
<KM0201> why is NFS so hard to setup?
<smb> hallyn, Morning, I got two little libvirt presents you may want to have a look at (bug 929626 and bug 963006). I would also try to get them upstream but if they pass you review and we could get that uploaded it would be great.
<uvirtbot> Launchpad bug 929626 in libvirt "virt-manager misses xen guests shutting down" [Medium,In progress] https://launchpad.net/bugs/929626
<uvirtbot> Launchpad bug 963006 in libvirt "libvirt: xen: hypervisor driver fills log with internal errors after shutdown" [Low,In progress] https://launchpad.net/bugs/963006
<iclebyte> does any one know how to specify the pppX interface from within the /etc/ppp/peers/provider files?
<adam_g> zul: have tried uploading that swift patch against the current ubuntu pkg to a buildd and see if the other tests pass? if that works, i think the keystone tests should as well
<zul> adam_g: not yet im going to build it locally before i upload it to a ppa
<zul> adam_g: btw that patch is specifically for 1.4.7 though
<uvirtbot> New bug: #963280 in zookeeper (universe) "Memory leak on any async python call" [Undecided,New] https://launchpad.net/bugs/963280
<apw> hallyn, i presume the memory cgroup is enabled so we can use it with lxc?  do we recommend a base OS for lxc use (for x86)
<stgraber> hallyn: arkose is broken with new lxc ;)
<stgraber> hallyn: I'll look at it after my current meeting
<l3dx> I have a 3-disk array that previously was setup with lvm2 and raid5. These disks are now inserted into a different server. Is it possible to "recover" the setup? How do I do that without losing the data?
<tarvid> new RAID 1 installation, how do I check synchronization
<stgraber> hallyn: right, I'm out of my meeting
<stgraber> hallyn: I had to downgrade lxc in a hurry to make arkose work again :)
<stgraber> hallyn: so arkose calls lxc-init using a shell script as init script, so far so good
<stgraber> hallyn: but starting with the new LXC, it complains it can't find the apparmor profile and just fails to start at all
<l3dx> nvm, I found out (mdadm -A)
<tarvid> any way to monitor RAID 1 remotely?
<Nafallo> cat /proc/mdstat
<tarvid> Nafallo, I would like to monitor from an external host or get machine eo email a message if status changes
<Nafallo> munin, nagios, mdadm... choose your poison :-)
<tarvid> I'd have to poll with mdadm
<tarvid> munin looks interesting
<Nafallo> mdadm does include a monitor that can e-mail stuff, you know... :-)
<foo> hmm, just to confirm: if someone has an e-mail client, and they get e-mail via pop3, and all of a sudden we change the pop3 server (eg. migrate their e-mail system to a new one), then they start getting e-mail from the new server and all of their old e-mail still stays in their e-mail client, right?
<uvirtbot> New bug: #963301 in php5 (main) "php5 crashed with SIGSEGV when i was compiling XDebug using pear" [Medium,New] https://launchpad.net/bugs/963301
<zul> adam_g: it built locally fine here just threw it in a ppa
<instabin> Would it be better to run a web server on ubuntu or freebsd?
<instabin> and why
<SpamapS> instabin: better implies that there is a measurement that can be applied
<instabin> They both can use apache? So is one more secure than the other?
<SpamapS> instabin: I'd guess that there are quite a few measurements that would be used to measure the success or failure of running a web server... but they are likely specific to each web site/server :)
<SpamapS> instabin: security is a process, and not a single thing that can be measured
<instabin> I been running on 10.4 lts for the last 2 years
<SpamapS> instabin: then you'll find apache in 'apt-cache search apache' ;)
<instabin> I have been running apache on it for the last 2 years with php
<instabin> Friend of mine is trying to convince me to switch to freebsd
<instabin> Says it more secure.. because its designed to be a server only
<mdeslaur> uhm, "more secure because it's designed to be a server only" sounds fishy to me
<instabin> I think its just cuz hes a freebsd fanboy
<instabin> But i figured I would evaluate since I was planning on upgrading to 12.04 when its released
<instabin> I think that since they run the same web server it would depend on your firewall for how secure the system is.
<hallyn> hggdh: Daviey: boy!  i'm wondering whether bug 961217 turns out to be due to libnl3!
<uvirtbot> Launchpad bug 961217 in libvirt "virsh start domain sometimes fail in oneiric" [High,Confirmed] https://launchpad.net/bugs/961217
<hggdh> hallyn: if so, how to check?
 * hggdh is glad there is some light at the end of the tunnel
 * hggdh is not sure it is not a train comming in
<hallyn> hggdh: im' not sure :)  so far i've just got that i can reproduce it with upstream git with our patches on top, but not without our patches
<hggdh> ah
<hallyn> so now i'll try all our patches except libnl3...
<hggdh> and we patched for using libnl3?
<hggdh> yes, of course, already answered
<hallyn> mind you i'm not 100% clear on why we do that.  it introduces delta over debian for libvirt and netcf.  but i assume we had to do it for something so now do ti for everything
<pdtpatr1ck> Question - does anyone know of a similar service like Moonwalk (http://www.moonwalkinc.com/products/moonwalk-for-linux) for Ubuntu  ?
<Daviey> koolhead17|away: around? (i note your nick suggests a no)
<koolhead17|away> Daviey, am very much here sir
<koolhead17> i log in with default away nice :P
<stgraber> hallyn: ping
<Daviey> koolhead17: hah, did you ever get a solution for bug 807038?
<uvirtbot> Launchpad bug 807038 in dbconfig-common "dbconfig-common fails to preseed phpmyadmin on natty/lucid" [Medium,Triaged] https://launchpad.net/bugs/807038
<instabin> what web gui is recommeded for managing a ubuntu server
<koolhead17> instabin, landscape :)
<koolhead17> Daviey, i moved to oneiric and then never looked at it. i can check it again
<koolhead17> Daviey, or you have some other suggestion?
<instabin> How do you get landscape
<instabin> Do you have to buy Ubuntu Advantage?
<Daviey> koolhead17: no, just wondered
<koolhead17> instabin, i think 5 machine its free for more yes you have to buy support which comes with many other services i suppose
<koolhead17> Daviey, i will look at it again and get back to you.
<uvirtbot> New bug: #963368 in bind9 (main) "dnssec-keygen takes forever to generate a keyfile" [Undecided,New] https://launchpad.net/bugs/963368
<koolhead17> Daviey, i saw some openssh-server bug reported today for 10.04
<stgraber> hallyn: tracked my lxc bug down to the fact that I'm running a container without a /proc mounted by lxc
<stgraber> hallyn: if /proc isn't mounted by lxc (through a fstab entry), then you get "lxc-start: No such file or directory - failed to change apparmor profile to lxc-container-default"
<stgraber> hallyn: I'll file a bug about it, would be great if it could be fixed very soon as it'd need to be included for beta2 (arkose is broken because of that)
<instabin> koolhead17: how do i get it
<koolhead17> instabin, http://www.canonical.com/enterprise-services/ubuntu-advantage/landscape
<koolhead17> it has everything you need
<stgraber> hallyn: bug 963388
<uvirtbot> Launchpad bug 963388 in lxc "Unable to start containers without proc entry in fstab" [High,Triaged] https://launchpad.net/bugs/963388
<uvirtbot> New bug: #963388 in lxc (universe) "Unable to start containers without proc entry in fstab" [High,Triaged] https://launchpad.net/bugs/963388
<mgw> are the certificates signed by two intermediate CAs of the same root CA interchangeable?
<kklimonda> stgraber: how secure is lxc nowadays?
<Steve[MBA]> anyone happen to know why I keep getting the following error when running virt-install with kvm? "ERROR    Unable to resolve address 'system' service '16514': Name or service not known"
<Steve[MBA]> seems that libvirt isnt running, but dunno why
<Steve[MBA]> actually libvirt is running, just not listening on that port
<Steve[MBA]> im trying to connect locally as well
<stgraber> kklimonda: pretty secure when you have the apparmor profile turned on. We won't guarantee it to be root-safe until we have the user namespace though, but we're definitely interested in any feedback on how to escape a container and will update our profiles accordingly.
<hallyn> stgraber: dangit, sorry, my forwarded didnt' fwd your pings.
<hallyn> i did see the bug;  guess we'll end up seeing whether aa_change_onexec is fixed :)
<smoser> hallyn, https://bugs.launchpad.net/ubuntu/+source/linux/+bug/963420
<uvirtbot> Launchpad bug 963420 in linux "https download performance significantly worse in precise than lucid" [Undecided,New]
<smoser> thats what i came  up with for network performance in precise
<smoser> guests.
<smoser> good news is that if i do http rather than https, I can probably saturate the link
<smoser> precise http: 88.1 MB/s
<hallyn> smoser: interesting :)
<hallyn> hggdh: well, fooi - today i can't reproduce the bug at all
<hallyn> even with stock
<smoser> precise https: 11.5 MB/s
<hallyn> maybe...
<smoser> lucid http: 78.8 MB/s
<hallyn> i wonder if there's any chance that i didn't reboot after do-dist-upgrade, and oneiric kernel is the problem
<hggdh> hallyn: welcome to my hell :-)
<smoser> lucid https: 46.7 MB/s
<hallyn> cozy
<smoser> hallyn, the good news is my attempt to show precise virtio disk regression has so far failed.
<smoser> (ie, seeing similar write speeds of /dev/zero to /dev/vdb)
<smoser> i realize thats very non-scientific, but it was my first test
<hallyn> smoser: jinkeys i sure hope that can get fixed
<hallyn> wtf - there's no kernels in /boot?
<hallyn> well, i'm going to have to reinstall oneiric again for this.  bbl.
<hallyn> oh wait.  stgraber: do you need that lxc fix this weekend?
<stgraber> hallyn: no, if it lands on Monday that'll be fine
<hallyn> when is freeze over?
<hallyn> stgraber: you want me to ask in #ubuntu-release for an exception for that?
<mgw> Any PKI or openvpn pros here? I'm having a problem where a cert issued by one intermediate seems to be recognized/validated by another intermediateâ¦ both intermediates have the same root.
<stgraber> hallyn: no, it's a bugfix, just upload and they'll poke me as it only affects Edubuntu
<stgraber> hallyn: the freeze is over on Thursday but I want that fix for beta2 as it's completely breaking arkose
<hallyn> ok, thx
<stgraber> hallyn: so whenever you have a fix, just upload it
<hallyn> will do.
<hallyn> ttyl
<primeras> hi all. Good evening. Where is the Ubuntu Server bug list
<axisys> why would pulling a preseed file fail? https://imgur.com/pKNs9
<axisys> that url is valid and reachabled
<axisys> network setup through is successful
#ubuntu-server 2012-03-24
<axisys> I appended this end of the `quiet -- ' priority=critical locale=en_US url=http://bit.ly/uinstall. using standard 10.04 lts 64bit image
<axisys> how do I check if it got an IP from busybox?
<axisys> dmesg shows eth0 is ready 100 full
<axisys> cat /var/log/syslog gave lots of info
<axisys> nm
<axisys> that bit.ly was redirected to https.. no wonder why it was failing
<Smaug> hey all, to allow the webserver to write a directory, what should I chnage the permissions/ownership/group?  (ie which user is my webserver user - I am using apache2, but it is not obivous from the list of users
<bob921> Is there a canonical way to manage wireless connections on ubuntu-server, or should I just write a wpa_supplicant.conf and run that on startup?
<bob921> Ah, looks like I should use /etc/network/interfaces. Reading manpage now.
<tyler> i've got a home server w/wireless using wpasupplicant, but sometimes my network connection goes down
<tyler> is there some way i can get it automatically reconnected?
<tyler> the router itself goes down, i mean
<ehnde> nvm, i'll use a bash script with crontab
<mumixam> anyone know of a way to get the serial #/ID for a harddrive that has failed and the system does not see it anymore?
<lifeless> should be on a label on it
<mumixam> on the disk itself?
<mumixam> ive got disk that has failed, but id like to know which one
<mumixam> im looking for something to link the /dev name to a serial #
<mumixam> and i cant check udev becasue the disk is 'desynced'
<mumixam> i guess my best bet it check the neighboring drives serials and compile a list next time at boot
<blendedbychris> I halted my do-package-upgrade â¦ can i resume it somehow >.<
<blendedbychris> ?
<blendedbychris> or just run the upgrade process from natty ro oneric again
<blendedbychris> to
<taipres> does lighttpd really have bad memory leaks?
<taipres> that they apparently haven't fixed all this time?
<uvirtbot> New bug: #963696 in lxc (universe) "ubuntu template should enable security pocket" [Undecided,New] https://launchpad.net/bugs/963696
<hallyn> jjohansen: aa_change_onexec() still giving me EPERM when aa_change_profile works...
<hallyn> (just fyi - going to bed.  may file bug later)
<hallyn> eh, what the heck, will file bug now
<emptiness> I am trying to follow the guide on installing openLDAP on ubuntu server, but when I try and ldapadd the frontend.ldif, I get an error stating "no global superior knowledge" when adding the group entry at the end of the example. anybody experienced this?
<emptiness> nvm, figured it out
<uvirtbot> New bug: #962046 in python-boto "EC2 metadata retrieval fails with spaces in a resource name" [Undecided,New] https://launchpad.net/bugs/962046
<uvirtbot> New bug: #962401 in quantum (universe) "quantum-server package description-en typo" [Undecided,Fix released] https://launchpad.net/bugs/962401
<Sam23947> Hi, I have some questions regarding mailserver and SMTP replay. Is this the right place to ask?
<ikonia> if you're running it on ubuntu, sure
<Sam23947> I do. 10.10
<JanC> 10.10 only has 18 months of support, so you can ask questions for one more month...  ;)
<Sam23947> I'm following this tutorial: http://flurdy.com/docs/postfix/
<JanC> but please go on (your question probably isn't version-dependent)
<Sam23947> He states: Next you need to decide whether to send all outgoing mail via another SMTP server,
<Sam23947> # or put it an accessible smtp server relayhost = smtp.yourisp.com
<remix_tj> ok what's the problem?
<remix_tj> :-)
<Sam23947> so I came cross this: http://darrynvt.wordpress.com/2012/01/04/setup-sendmail-notifications-for-gmail-smtp/#comment-28
<Sam23947> and im wondering if i can just put googles SMTP server there and it will work
<Sam23947> or if there is a better solution
<Sam23947> caus eim worried about spamfilters since the mailserver is for a onlinestore
<JanC> Sam23947: is this a server at home or a server/VPS hosted somewhere?
<Sam23947> VPS
<remix_tj> do you really need a relayhost?
<JanC> then you can send mail yourself
<JanC> the relayhost is often needed when you are on DSL or cable because ISPs tend to block outgoing SMTP traffic...
<Sam23947> idk, i have no experince with mail servers. I basicaly need an mailadress with my domain name from which i can send and receive mails and they should not get caught uop by spamfilters
<Sam23947> mails send via sendmail all land in smpamfolder atm
<JanC> Sam23947: I have a VPS and use no relayhost and (except for, very exceptionally, some stupid mailmasters that don't know the SMTP specs) my mail never gets blocked
<JanC> Sam23947: land in who's spamfolder?
<Sam23947> receipient
<Sam23947> hotmail, gmail, yahoomail, etc
<JanC> Sam23947: all recipients using 1 mail provider, or using multiple?
<JanC> heh
<JanC> Sam23947: does the "from:"-domain have any restrictions about what mailserver mails can originate?
<Sam23947> not that im aware of
<Sam23947> as he writes: "Sending email directly from the MTA (mail transfer agent) on oneâs server is now considered to be faux pas. Unless youâve got that machine configured within DNS (MX record, reverse lookup, etc), itâd likely fail most basic spam checks at the destination mail server. "
<seekwill> Sam23947: You should outsource that
<JanC> eh
<JanC> seekwill: why?
<Sam23947> crossed my mind
<seekwill> Because email is serious business these days, with the amount of spam and abuse out there
<seekwill> It's not the same as any other service
<seekwill> (http, etc)
<JanC> Sam23947: configuring MX records is a good idea, of course, otherwise you won't be able to receive mail back...
<Sam23947> how much would u estimate for setting it up if i use one of those freelancer sites?
<emptiness> someone familiar with scrambled samba SID in phpldapadmin?
<seekwill> "Sending email directly from the MTA (mail transfer agent) on oneâs server is now considered to be faux pas" <-- doesn't make sense
<JanC> seekwill: I admin a couple of servers in my free time, and even without a fancy config mail still works the same as 10 years ago...
<emptiness> (not scrambled, but showing code instead of the SID digits)
<seekwill> JanC: ok :)
<JanC> seekwill: of course if you want to do fancy things, you need to configure it correctly (but that was true in 2000 too)
<Sam23947> only want to send and receive mails without getting caught in spam, ont know if thats fancy but its certainly all rather confusing for a noob like me, so idk if i should continue frustrating myself another few days with this or outsource it
<seekwill> Managing a mail server is difficult, and for most people, better to be outsourced. Google Apps does it for free/cheap
<JanC> something that is true: if you send mail from your own server, make sure random people can't send mail that way
<seekwill> Sam23947: Managing a mailserver is not a "setup and forget" service
<JanC> e.g.: don't allow forum memebers to contact each other via mail  :P
<Sam23947> so what do you recon?
<JanC> (via a mail form)
<JanC> Sam23947: if you only want to send mail for specific purposes, I would just use local postfix
<JanC> site-specific
<seekwill> Sam23947: Google Apps hosts mail for free. Rackspace charges $2/month or something. That's usually a better solution :)
<Sam23947> its for a webstore, order confirmations and support emails are the primary reason
<seekwill> Sam23947: I would highly recommend outsourcing email then, since it is obviously important in your use case. If you don't outsource, you'll want to read up and study about how email works.
<JanC> Sam23947: I won't expect too much problems with handling it yourself then, but if you don't want to learn/handle mail-specific issues, outsourcing is an option, of course
<jjohansen> hallyn: yeah sorry, there was a build failure (sorted out post freeze) on the beta2 upload and a revert and some patches didn't make it in.  There will be another upload as soon as the freeze lifts
<JanC> I won't recommend Google though (seen too much stupidity over there already :P )
<seekwill> If this is for a business, something like sendgrid is probably what you want
<Sam23947> ok thank you guys, been very helpful. I'll chk out sendgrid
<JanC> it's possible that the VPS hosting company has its own mail solutions too
<Sam23947> they dont
<helpme555> hello all
<helpme555> how I can chnage folder permission (exp: chwon command) and that permission should be also for the new files add in the future
<blendedbychris> can one go from release to lts?
<blendedbychris> i just need some new packages real quick and was going to upgrade my current lts to "normal" for until lts is released
<pmatulis> blendedbychris: you mean upgrade from a non-lts to an lts?
<blendedbychris> yea say i was on ocelot or something
<blendedbychris> oneric
<blendedbychris> hangin out there until lts 12 is released
<pmatulis> blendedbychris: not quite sure what you're saying.  you want to upgrade from 11.10 to 12.04 (under development)?
<blendedbychris> yea but upgraded 11.10 to 12.04 once it's stable
<blendedbychris> upgrade*
<blendedbychris> any reason why i couldn't do that?
<pmatulis> blendedbychris: just wait until 12.04 is released, then upgrade
<blendedbychris> i need a package in 11.10 heh
<blendedbychris> is going from 11.10 to 12.04 lts a supported upgrade path
<blendedbychris> ?
<pmatulis> blendedbychris: what do you mean by 'supported'?
<pmatulis> blendedbychris: whether it is supposed to work properly?
<blendedbychris> yes?
<pmatulis> blendedbychris: sure
<hggdh> yes, it is: Lucid -> Precise and Oneiric -> Precise are supported
<blendedbychris> okie doke thanks
<blendedbychris> if i'm upgraded from lucid to maverick and get "While scanning your repository information no mirror entry for the upgrade was found. This can happen if you run a internal mirror or if the mirror information is out of date."
<blendedbychris> i'm using a mirrorâ¦ but should i just put the ubuntu repos in my sources.list?
<blendedbychris> official*
<hggdh> you can. Or you can update your mirrors ;-)
<hallyn> jjohansen: stgraber: the re-push of apparmor upload is a prereq (well, sort of, there *is* a workaround, but...) for fixing the edubuntu builds
<hallyn> jjohansen: stgraber: so should the apparmor upload happen now (before freeze lifts)?
<socializer> hello
<hallyn> if need be, i guess i can just mount proc myself in the code and do the proper fix after freeze...
<socializer> can someone get me a link to the install instructions for jircii install instructions
<hallyn> jircii?  sorry not heard of it
<stgraber> hallyn: if jjohansen can get a fixed apparmor uploaded on Monday, we should be fine for beta2. If later then it'll become a problem as it affects all images and requires re-testing of all of them
<stgraber> (we're currently frozen but we don't have a beta2-candidate yet, so bugfixes uploaded until then should be allowed through pretty easily as long as they look sane)
<hallyn> stgraber: if I manually mount /proc, should I then umount it, or do your containers not care?
<stgraber> hallyn: the current code should work either way. I think it'd be best not to have people expect /proc to be mounted for them though
<hallyn> ok i'll umount it if i mounted it, thanks
<uvirtbot> New bug: #964164 in txaws (universe) "Need manpages for installed binaries" [Medium,In progress] https://launchpad.net/bugs/964164
<nancy--> how to know how much bandwidth is used in amazons ec2 cloud. i cant find any docs help or on google  ?
<Martyn> nancy-- : ??
<Martyn> nancy-- : Your usage report is in your AWS user section
<Martyn> nancy-- : Although if you want to gather other statistics, you're going to need to manage MRTG or Cactus yourself, and monitor each host
<nancy--> Martyn,  are they free?
<nancy-->  how to get them?
<Martyn> nancy--: Ah, you don't have much experience with this I take it then...
<Martyn> nancy--: The tools you need are free (both beer and speech)
<Martyn> but installing and setting them up isn't purely trivial ...
<Martyn> what kind of information are you looking for?
<Martyn> Because your -total- aggregate used bandwidth is trivially found in the Amazon Web Services console, under your account
#ubuntu-server 2012-03-25
<nancy--> i have 15g bandwidth in free tier. i just needed to know how much i have consumed
<nancy--> Martyn,
<Martyn> Nancy, you didn't even --try-- Google, did you?
<Martyn> http://aws-portal.amazon.com/gp/aws/developer/account/usage-report.html
<Martyn> It's like .. seriously .. the first hit
<Martyn> Not meaning to insult you or anything...
<nancy--> what service should i select
<Martyn> Also, if you want to look at individual statistics per server .. try munin
<Martyn> In ubuntu, I believe munin is installable as :
<Martyn> aptitude install -y apache2 munin munin-node
<nancy--> ok
<Martyn> which will install a web server, and the munin application
<nancy--> what service should i select in that link you gave?
<nancy--> marass,
<nancy--> Martyn,
<Martyn> Think it through ..
<Martyn> What does EC2 stand for?
<Martyn> EC2=ECC=Elastic Compute....
<Martyn> nancy-- : I don't like spoon feeding answers.   All this information is easily available online, from Google (and other sources)
<Martyn> nancy-- : I'm in the  "teach a person to fish" category of teachers.. not "give a person a fish"
<nancy--> hmm. iam new. ill be familier soon
<nancy--> thx!
<Martyn> and if you're using the Amazon Compute Cloud -- they have gone out of the way to produce tons of excellent documentation .. not to mention that even YouTube is riddled with great tutorials, screencasts, videos
<Martyn> You're welcome.
<nancy--> marass, <UsageValue>54334315944</UsageValue>           how much gig is it?
<nancy--> 54334315944/1024/1024/1024=50,602775i have used 50 gigs?but i had 15gig  limit in free tier.
<seekwill> Time to open up the wallet!
<nancy--> oops
<nancy--> i didnt see the bandwidth change in the activity or my bills. (just a charge for elastic ip)
<nancy--> for march
<nancy-->                 rx      |     tx      |    total    |   avg. rate
<nancy-->      ------------------------+-------------+-------------+---------------
<nancy-->        Mar '12     52.33 GiB |    5.90 GiB |   58.23 GiB |  235.40 kbit/s
<nancy-->      ------------------------+-------------+-------------+---------------
<nancy-->      estimated     67.54 GiB |    7.62 GiB |   75.16 GiB |
<nancy--> Martyn,  i think iam not being charged for incoming trafic. its 15g for outgoing only. right?
<Martyn> I dunno .. what does "http://aws.amazon.com/ec2/pricing/" this say?
<socializer> http://www.smuxi.org/page/ServerHowTo     what does this say???
<socializer> i need this knowledge bad to break free and say good by to trolls
<nancy--> 0 for incoming
<nancy--> thx.
<Ronald_Reagan> the install (11.11) is stopping when it tries to detects disk drives. It is asking me to select the correct driver. How would I know which one to use?
<ehnde> ask the secret service guy watching over you
<ehnde> maybe he knows something about ubuntu
<Ronald_Reagan> He told me he only knows stuff pertaining to windows. Figures.
<ehnde> more seriously, i'm not sure how to solve your problem
<ehnde> if it's a hard drive, you could look at the sticker on it, google the model of the drive
<seekwill> Ronald_Reagan: What kind of hardware are you running on?
<ehnde> + linux
<ehnde> is it the drive, or the controller?
<seekwill> It's more likely the controller that is not supported, not the actual disk
<Ronald_Reagan> seekwill: The controller would be something like RAID?
<seekwill> Yeah
<seekwill> Are you using your motherboard's onboard RAID controller?
<Ronald_Reagan> That or something the server came with.
<seekwill> Find out
<Ronald_Reagan> I got the server second hand to see if I could make it work
<seekwill> What you want to do is boot of a live distro (take your pick) and find out what's installed with lspci
<seekwill> Or open it up :)
<qman__> how do I mark a "failed" drive as not failed with mdadm?
<qman__> my controller freaked and marked 8 drives bad, even though they're fine
<Ronald_Reagan> Ok, Adaptec ServeRAID Controller is what lspci is giving me
<Ronald_Reagan> From my googling, it seems like the driver I might want is 'ips'
<Ronald_Reagan> however that one didn't work when I tried it
<Ronald_Reagan> I'll have to figure this out when I have more time :\
<socializer> i need linux pm buddy
<seekwill> socializer: It's usually better to use the whole channel as your "buddy"
<socializer> not in my case friend
<seekwill> Why is your case different?
<socializer> i dont want to talk about it
<seekwill> ok :)
<socializer> im here to find linux person to pm about my linux related issues
<uvirtbot> New bug: #964304 in rrdtool (main) "Please merge new upstream rrdtool version 1.4.7-1 from Debian Unstable into Precise" [Undecided,New] https://launchpad.net/bugs/964304
<Ronald_Reagan> The install (11.11) is stopping when it tries to detects disk drives. It is asking me to select the correct driver. lspci gave me Adaptec ServeRAID Controller as the controller. With some googling I think the driver is named ips, however when selecting that in the search menu it doesn't work. How would I go about getting ubuntu to find my hdd?
<jjohansen> hallyn, stgraber: okay we are going to upload tomorrow
<hallyn> jjohansen: cool, thanks
<socializer> who wil be my linux buddy???
<EvilResistance> does the server install image require a video driver of some form?
<EvilResistance> or  a video card of some form
<smw> EvilResistance, you need a video card to hook up a monitor to do the install.
<EvilResistance> ah, that explains it, someone in #ubuntu was using a serial console thing to try and install Ubuntu to a server
<EvilResistance> not even alternate worked
<EvilResistance> (neither did the server iso)
<smw> alternative still needs a monitor.
<EvilResistance> i know
<smw> alternative and server iso are the same (different packages, but the same installer)
<EvilResistance> hmm
<EvilResistance> then i cant help that user in #ubuntu :p
<DLobanov> Hi All
<DLobanov> is this possible: over one server connect to more than 1 machine in local network
<DLobanov> all ports
<DLobanov> is this possible: over one server connect to more than 1 machine in local network
<blendedbychris> i have a hyper-v and i increased the hard drive space of my primary hard driveâ¦ can i grow this somehow?
<blendedbychris> why would fdisk -l still show a drive that was removed?
<blendedbychris> here's fdisk -l â¦ oddly the same partition scheme different drive sizes ugh stupid textmate fail :( http://pastie.textmate.org/private/bwww8slzmzoe7gfasfteia
<a5m0> if i got one of the 12.04 beta downloads would it update itself to the final release at a later date?
<alazare619> hows everyone doing?
<RoyK>  
<uvirtbot> New bug: #963363 in dhcp3 (main) "12.04 getting ip from wrong dhcp server" [Undecided,New] https://launchpad.net/bugs/963363
<uvirtbot> New bug: #953565 in nagios3 (main) "package nagios3 3.2.0-4ubuntu2.2 failed to install/upgrade: problemas de dependencias - se deja sin configurar" [Undecided,New] https://launchpad.net/bugs/953565
<uvirtbot> New bug: #951656 in nmap (main) "package nmap 5.21-1.1ubuntu1 failed to install/upgrade: ErrorMessage: unable to open file '/var/lib/dpkg/tmp.ci//.svn': Is a directory" [Undecided,New] https://launchpad.net/bugs/951656
<uvirtbot> New bug: #954620 in openssh (main) "SSH StrictModes does not work correctly" [Undecided,New] https://launchpad.net/bugs/954620
<andre27> ciao
<oApocalypse> hello
<oApocalypse> im tryin to add a hd to my server
<oApocalypse> through terminal of course
<oApocalypse> i did it through a tutorial and for some reason once completed upon restart it tells me i have a bad mount
<oApocalypse> oh wow thx guys
<EvilResistance> within iptables is there a way to set a cap on the maximum number of connections outbound to a set of addresses?
<qman__> EvilResistance, I don't know about total connections, but you can limit the rate of connections, a number over time, using -m recent
<EvilResistance> yeah, i've done rate-limiting, i need to actually restrict the max. connections to a set of addresses, though.
<seekwill> EvilResistance: What is your use case?
<EvilResistance> seekwill:  i run a ZNC service, but want to set a max conn limit on efnet globally to 3 connections (so that we dont run into glines)
<EvilResistance> i know how to block outbound data, but not how to restrict it to a max connections limit
<EvilResistance> i'm not even sure iptables can do that
<EvilResistance> (if i need additional softwrae, lemme know :P)
<seekwill> EvilResistance: Ah, ok. Just curious :)
<seekwill> EvilResistance: I've never done it, but does this help? http://www.cyberciti.biz/faq/iptables-connection-limits-howto/
<EvilResistance> seekwill:  i think there's an example on that page that'll work, if i dns-lock the efnet domain to a single server address
<hallyn> jjohansen: did you mean apparmor is being uploaded today (sunday) or monday?
<hallyn> wondering whether to keep checking for it tonight :)
#ubuntu-server 2013-03-18
<MraAlbertina> hi. any bad experience with ISPConfig 3? recommended/not?i have a headless system and i'm planning in installing it.
<MraAlbertina> latest 12.10,, btw
<jacobw> Mornin
<seicherlbob> hi there! I'm getting daily mails, telling me, that "/bin/sh: hwclock: not found" - but hwclock is installed and working. I dont even know, which script encounters this error. Any suggestions on how to fix that?
<seicherlbob> (btw., its ubuntu server 10.4 LTS)
<seicherlbob> I further see in the logs, that it must be some cron-task: "Mar 18 00:05:01 imladris CRON[30560]: (root) CMD (hwclock --systohc)" - but still I can't find which one to debug it.
<seicherlbob> ok, got it. it was the crontab of root... never mind.
<ataxlab> u
<koolhead17> hi all
<alex88> hi guys
<alex88> does ufw logging works on ipv6? I don't see any logs of it
<alex88> oh sure, IPV6=yess will not be processed
<BaNzounet> Hey guys, I'm trying to change my server's kernel but I don't know why everytime It still start on the other one
<BaNzounet> Can someone help me?
<jacobw> BaNzounet: you need to new entry in GRUB to be the preferred entry
<jacobw> BaNzounet: can you boot on the new kernel by manually seleting it in the GRUB menu?
<BaNzounet> I did update-grub, but still It doesn't change anything
<jacobw> BaNzounet: test that first, then set it to preferred in GRUB
<jacobw> BaNzounet: update-grub adds new entries to grub, it doesn't change which entry is the default
<BaNzounet> jacobw: It's a server in a data center I can't manualy chose the entry
<jacobw> BaNzounet: then you have two choices, set it as the default, reboot and hope it comes up OK .. or use IPMI or an IP KVM or something similar with the datacentre staff
<BaNzounet> What I don't get is, we're already booting on the right one(according to grub) but It still load the older one :/
<jamespage> hallyn, /dev/kvm fix in raring lgtm
<zorgs> hi
<jacobw> BaNzounet: is it a container?
<zorgs> question about a server process with a console (running in a screen session), it accepts commands like "save" entered into the console, can I somehow send "save\n" to that process and have a crontabbed script doing that on set intervals?
<zorgs> I guess my question could be reworded as "how can I send a small string of text, like a server command, to a process running in a screen session"
<zorgs> or byobu
<zorgs> (using tmux)
<BaNzounet> jacobw: mhum? A container? what do you mean?
<jacobw> BaNzounet: a container is an instance of an OS running under the kernel of a host OS
<jacobw> BaNzounet: it's not a virtual machine, it doesn't have virtual cpus or it's own kernel, it's an instance of init running on the host with access to a restricted set of resources (devices, filesystems, memory, cpu)
<jacobw> BaNzounet: the kernel is shared over many containers, it's an effective way to run VPS services and lots of datacentres do it now
<jacobw> BaNzounet: i.e. it's not your kernel to upgrade
<zorgs> how can one tell from the inside of the guest system?
<jacobw> zorgs: you don't have many devices, any kernel operation will fail, etc.
<zorgs> right, makes sense
<jacobw> zorgs: regarding your question, you want to send the string the STDIN file descriptor of the process
<jacobw> zorgs: http://serverfault.com/questions/178457/can-i-send-some-text-to-the-stdin-of-an-active-process-running-in-a-screen-sessi
<zorgs> ah awesome
<zorgs> couldn't find anything on stackxchange
<zorgs> /proc/*pid... how easy. I love this shit
<zorgs> thanks
<jacobw> zorgs: see the comment where the guy warns about sending EOF to STDIN
<zorgs> saw it thanks, yeah I don't like that solution
<zorgs> the first answer I like a lot more, echoing something to the fd/0 of that PID
<zorgs> one question though
<zorgs> say I'm in the same boat as that guy that I want to restart that process and to gracefully stop it and restart... but it requires sending that command etc...
<zorgs> when it restarts how can I find out its new PID
<zorgs> I mean... the script.
<zorgs> and use the new PID next time when it sends the stop command before next restart (after 24hrs)
<jacobw> zorgs: i'm not sure if it what he's saying applies to all processes, i would test to find out
<jacobw> zorgs: upstart can probably tell you the PID of a service, if your using upstart
<zorgs> 12.04 LTS
<zorgs> ok cool that helps, I will do some testing
<zorgs> jacobw, appreciated your input but sad to report that trick doesn't work :/
<zorgs> jacobw, the command appears on the console of the process but it just don't werk :/ the response is unknown/illegal command like the text was something other than "save", I was testing with "help" pretty straighfoward
<jacobw> How are you sending it STDIN?
<zorgs> echoing to /proc/1/fd/0
<zorgs> 1 = the actual pid
<zorgs> it does show up when I change to that window...
<zorgs> how can I echo the enter character sequence right after the string?
<zorgs> "string\n" didn't cut it
<jacobw> I'd test by using python to open('/proc/1/fd/0') so I could control exactly what I was sending
<zorgs> ah that's a good idea
<zorgs> bash might modify it a bit
<zorgs> thanks
<jacobw> echo doesn't interpret backslashes by default, `echo -e "foo\n" > bar`
<zorgs> ahh
<zorgs> it sends the text and a new line but nothing happens until I actually switch and press enter at the console hmm
<zorgs> i'll play with this some more, thanks for all your help so far
<tdotr6>  Hi Good Morning, I have a question hopefully I can make this not very confusing. I did just finish a night shift..
<tdotr6> I just got in from work and I found my server unreachable..Running Ubuntu server 12.10... So I went over to physically check it this time since it's the second time in 24 hours this has happened. There was nothing when I turned the screen and I couldn't get the screen to wake up...I have checked logs and found nothing other then crazy amounts of DHCP Requests from all 3 nic cards.  The
<tdotr6> only thing I could find that I am able to duplicate is if I unplug 1 of the 3 NIC cards, they all become unreachable. So If eth0 gets unplugged and I am pinging eth2 say, It will die. but the moment eht0 is back in, eth2 will reply.... I work at a data center for a living but I am a networking guy , not a server guy. This is blowing my mind why I am having this issue with no logs..or am
<tdotr6> I not looking at the right logs..
<tdotr6> Sorry I know thats a lot to read
<rajumoh> zorgs, jacobw : will not the use of echo -e help as it enables backslash interpretation
<ogra_> if -e is supported totally depends on the shell you use ... its really a matter of luck
<rajumoh> yeah, just thought that being on ubuntu-server and bash being the default ..
<ogra_> bash isnt the default in ubuntu since 6.06
<ogra_> dash is :)
<tdotr6> Does anyone have any networking exp?
<ogra_> (bash is still the default user shell, but not used for any system scripts)
<ogra_> https://wiki.ubuntu.com/DashAsBinSh
<ogra_> https://wiki.ubuntu.com/DashAsBinSh#echo specifically ...
<rajumoh> please kill me ;-( . the day seems to be getting worse.
<pmatulis> rajumoh: where do you live?
<tdotr6> Hey guys, quick question
<tdotr6> I just wrote a big blob but maybe it was 2 much to take in
<tdotr6> Basicly the problem is, 3 NIC Card setup, You unplug 1 NIC Card, All 3 become unreachable.
<rajumoh> he he .. very funny!!
<rightshift> Hi, Ubuntu 10.04 - can DNS be added in /etc/network/interfaces or is it only in /etc/resolv.conf?
<tdotr6> Interfaces I belive
<tdotr6> resolv.conf is a auto gen file I belive
<rightshift> I'm trying to standardize my servers and my new 12.* boxes are /etc/network/interfaces whereas my old 10.* are /etc/resolv.conf - i'd like to have them all in one place, hence moving 10.04 to /etc/network/interfaces
<rightshift> just want to make sure it works there and that it wasnt adopter in 11 or 12?...
<tdotr6> :/ dont know about adopter , then again i only use 12
<tdotr6> havent used 10 in very long time so i cant tell you sorry.
<rightshift> same...
<tdotr6> I am having networking issues of my own right now
<tdotr6> maybe you can help me? LOL
<tdotr6> Basicly the problem is, 3 NIC Card setup, You unplug 1 NIC Card, All 3 become unreachable.
<tdotr6> and this only started to happen yesterday and I cant find anything in the logs for it other then a tonn of DHCP Requests from all 3 nics. But after a cpl hours of the server being on, it just becomes unreachable.
<jacobw> rightshift: man resolvconf
<tdotr6> nice thx jacobw
<rajumoh> tdotr6: my 2 cents . did u check ur routing table on the server ? are the other 2 nic's by anyway dependent on the eth0 nic ?
<tdotr6> Good call I don't know why or how that would of changed ( Since this is a new issue ) But fuck i should of checked that
<tdotr6> thx raj def look at that now
<tdotr6> I was just going to check my syslog file
<tdotr6> and I did yesterday......Infact I still had it open. I went to reopen it now.. And It made scp hang..
<tdotr6> the file is 400MB !
<tdotr6> :
<tdotr6> Hmmm that can't be normal ... ?? 400Mb syslog file??\
<tdotr6> wow it just crashed my server
<tdotr6> trying to open that
<tdotr6> all 3 nics unreachable..
<tdotr6> What the heck?
<tdotr6> ya server is dead.. Man I dont want to go all the way.. Any tips for anything I should try other then the good old reboot first?
<tdotr6> ? nothing ?
<ogra_> rightshift, http://www.stgraber.org/2012/02/24/dns-in-ubuntu-12-04/
<tdotr6> lol I guess my problems 2 complicated?
<jacobw> tdotr6: you need to describe your problem better, which ports are connected to which physical devices? which addresses are associated with which ports? what routes and firewall rules do you have? etc
<tdotr6> There are 3 NIC Cards in the machine, All 3 are on the same subnet , 192.168.1.40,50,60. There are no firewall rules on the machine other then logs. The logs show nothing other then DHCP Requets during the time of drop.
<tdotr6> Just now it happened again where I tried to download a large file and the machine just became unreacahble from all 3 ip's
<tdotr6> I went to the machine and took a photo, just a sec for that.. But When I logged in I was unable to ping say, google.com or my router , I shut eth0 down and the moment I did that it was reachable. I had a constant ping going to eth2 IP
<tdotr6> eth0 is the same nic also that If I pull that cable , Then eth1 and eth2 are unreachable but the moment it gets plugged in , boom its all good again.
<tdotr6> so clearly the issue lies with eth0
<tdotr6> yet all interfaces are error free
<tdotr6>           RX packets:3397 errors:0 dropped:0 overruns:0 frame:0
<tdotr6>           TX packets:1604 errors:0 dropped:0 overruns:0 carrier:0
<tdotr6>           collisions:0 txqueuelen:1000
<tdotr6> OK
<tdotr6> found my issue
<tdotr6> Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
<tdotr6> default         pfr1.network    0.0.0.0         UG    0      0        0 eth0
<tdotr6> Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
<tdotr6> default         pfr1.network    0.0.0.0         UG    0      0        0 eth0
<tdotr6> 192.168.1.0     *               255.255.255.0   U     0      0        0 eth1
<tdotr6> 192.168.1.0     *               255.255.255.0   U     0      0        0 eth2
<tdotr6> 192.168.1.0     *               255.255.255.0   U     0      0        0 eth0
<tdotr6> how I do make that default route go out the loopback
<tdotr6> nvm
<tdotr6> i just solved all my issues
<tdotr6> thanks for letting me think out loud
<tdotr6> :)
<Reemo> Hey guys, i just ran into a few issues with mdadm: I have a raid5 /dev/md3 consisting of sde, sdf, md2. Everytime i boot up the server, mdadm doesnt find /dev/md2, forces me to readd and resync it. Quite annoying. How can i tell mdadm to wait for md2 to be created?
<Reemo> Oh btw: 12.10, 3.5.0-25-generic x86_64
<simplexio> Reemo: re-add ? i have to do mdadm --assemble --scan
<Reemo> simplexio: re-add didnt work (cant add /dev/md2 to /dev/md3)
<Reemo> had to run --add
<Reemo> Im fairly new to mdadm, whats with bitmaps, could those speed up the process?
<Reemo> i dont like the idea of writing everything to the discs after booting...
<simplexio> Reemo: ahh. i do  -manage --stop /dev/md1_1
<simplexio> because it dosent fire up whole raid package
<simplexio> Reemo: i have seen some startup script wich will fix it but idont use it
<Reemo> simplexio: can you give me a link? googling is kind of pointless here, as its just way to generic
<simplexio> Reemo: like i said , i dont use it. But this seems to be good answer http://superuser.com/questions/287462/how-can-i-make-mdadm-auto-assemble-raid-after-each-boot
<Reemo> simplexio: thanks, will try it
<simplexio> Reemo: i addes autostart=true to my config too
<hallyn> jamespage: \o/ thanks
<jamespage> hallyn, no - thankyou!
<Fieldy> when I do "start mysql", I am told "start: Job failed to start". There's no logs from any startup attempt in /var/log/msyql/... any ideas?
<Fieldy> if I do mysqld -u mysql , it does start up
<resno> you use the command "start mysql"?
<resno> does "sudo service mysql start"  work?
<Fieldy> i had initially done /etc/init.d/mysql start however it told me to use start, let me try that
<Fieldy> same error, no logs
<resno> is /etc/init.d/mysql start not working?
<Fieldy> same error, no logs, and also "Since the script you are attempting to invoke has been converted to an Upstart job, you may also use the start(8) utility, e.g. start mysql"
<resno> you are running it with "sudo" right?
<Fieldy> mysqld -u mysql starts up just fine
<Fieldy> both using sudo yes
<zul> hallyn:  i have sometime do you think we should update libvirt in raring?
<hallyn> zul: i haven't tracked to see what would be more stable...i think starting the lxc api driver for libvirt would be better use of the time :)
<hallyn> zul: is there any feature you need from it?
<zul> hallyn: meh :)
<zul> well it has the fix for the python libvirt stuff that we tracked down so less patches that we have to carry
<Fieldy> how can i remove mysql-server including all configuration and databases and tables, so that I can have a clean slate and start over?
<hallyn> zul: more and more lxc-based projects are cropping up (like http://www.roboearth.org/archives/1869 and http://dotcloud.github.com/docker) so having everyting on common codebase seems a priority
<hallyn> zul: but it's up to you :)
<zul> interesting
<Fieldy> when I do apt-get remove mysql-server  it hangs at "Setting up mysql-server-5.5 (5.5.29-0ubuntu0.12.10.1) ..." for about ten seconds and then tells me various errors and the remove doesn't finish.
<Fieldy> just trying to get a clean slate as above
<Fieldy> meh.
<resno> Fieldy: purge would be the right command
<Fieldy> ok i will man page it up
<Fieldy> resno: i'm still getting the same issues: http://fpaste.org/B0rI/raw/
<resno> it says its no tinstalled
<resno> have messed with the init scripts?
<Fieldy> yep, and if I do install, i get the same errors at the end. all i'm trying to do is wipe it out, configs and everything
<Fieldy> nope, i know better hehe
<resno> you got some kinda issue though..
<resno> something beyond the "run of the mills" stuff
<Fieldy> yeah. i'm trying to track it down without success. it still does start (once installed) manually with mysqld -u mysql   so i'm really not sure what the problem is
<resno> Fieldy: try dpkg --configure -a
<resno> and have altered the my.cnf? file
<Fieldy> resno: http://fpaste.org/MBVq/raw/
<Fieldy> resno: i did but it wouldn't start at that point, so I put the original my.cnf back (i copied it out), from then on there's the issues. but the original my.cnf is back in place
<resno> Fieldy: try apt-get purge mysql-server-.. what ever server version you are using
<Fieldy> ok, it's "purge" and not "--purge"?
<resno> correct..
<Fieldy> will do
<Fieldy> resno: no complaints anymore, it looks like it's gone
<resno> cool
<resno> i only had a few more ideas beyond that.. so good something workd
<Fieldy> is that supposed to wipe out all files that were originally installed, aiming at the goal of a fresh start with mysql-server?
<Fieldy> looks like it removed anything that i did not modify, all i have to do is clean up my stuff... on the right path ehre
<Fieldy> s/ehre/here/
<Fieldy> and i just figured out the my.cnf issues; I had several different versions laying around, things like my.cnf-ORIG my.cnf-TEST and i was just symlinking my.cnf to those to switch around -- the init scripts hated the symlink. when I copied them instead, it worked.
<Fieldy> heavy rain goofing up my internet connection, bbl
<luminous> for log_output in sudo, or any other "option flag" - what is considered "enabled"
<hallyn> jamespage: https://blueprints.launchpad.net/ubuntu/+spec/servercloud-r-seeded-qa-workflow  write dep-8 tests for lxc - is inclusion of lxc tests in utah server testcases sufficient?
<jamespage> hallyn, I think its a good start
<jamespage> hallyn, and enough for now
<jamespage> we need to revisit the dep-8 approach
<jamespage> I made it work nicely for openvswitch dkms modules
<hallyn> floodlight?
<jamespage> hallyn, I wrote three tests
<jamespage> one for dkms package
<hallyn> where?
<jamespage> one for using module-assistant
<jamespage> and then I used mininet to test openvswitch itself
<jamespage> hallyn, its in the source tree in raring
<jamespage> (which is the other nice thing about dep-8 tests :-))
<hallyn> i don't knwo what "the source tree" is
<hallyn> oh
<hallyn> ok
<jamespage> hallyn, as in the package source tree
<jamespage> pull-lp-source openvswitch/bzr branch ubuntu:openvswitch
<hallyn> jamespage: for qemu tests, i'm considering having the utah test case (at lest for starters) bzr co qa-regression-tests and run that testsuite
<jamespage> hallyn, OK - but consider that DEP-8 gets run when the package is in proposed as well
<jamespage> so it gets a pre-acceptance test
<hallyn> jamespage: sigh, then maybe i'll jut mark that postponed.  hang on
<hallyn> jamespage: for uds.2013.06 i've put down an item to put all the lxc testcases into upstream lxc under tests/ubuntu .
<hallyn> stgraber: ^
<jamespage> hallyn, lovely
<hallyn> that should help maintainability of utah testcases quite ab it
<hallyn> jamespage: so i'll mark the current open WI done.  for qemu one, i'm thinkingo f markign it postponed
<hallyn> jdstrand: says nuclearbob may have thoughts on it, so would like to chat with him when i find him
<hallyn> Daviey: ^ any objections to postponing the dep-8 tests for kvm item?
<Daviey> hallyn: partial coverage cannot be started?
<hallyn> Daviey: we've got a shitload of coverage
<hallyn> in the qa-regression-tests
<Daviey> Ah, of course we have
<Daviey> yeah, good point. :)
<Daviey> defer away!
<hallyn> Daviey: thx.  (check recent log of #ubuntu-hardened  - someone else may be looking at hwo to best sync testcases between qrt and utah)
<hallyn> i was going to write a test script to check out the qrt and run them in utah, but i fear i'd make the situation worse that way
<Daviey> hallyn: yeah, thanks
<hallyn> woohoo, ppa claims to have compiled a sparc crossc- with no problems.  (I don't believe it, waiting till it gets published to really celebrate :)
<hallyn> Daviey: so, there are action items from uds 2013.03.  any decisions about where we should track thsoe?
<Daviey> hallyn: do they not fit on existing blueprints for 13.04?
<Daviey> hallyn: if there is no intention of getting them into 13.04, still add them to the BP - but mark them postponed.. then we can pick it up next cycle?
<hallyn> that's a bit of a shoe-horning :)  which is fine if it's a one-time thing while we wait for updates to support 3-month and 12-month blueprints,
<fabiofranco> why do I need the rule accepting connections RELATED, ESTABLISHED on iptables? What are their purpose?
<fabiofranco> What is their purpose?
<yolanda> hi, any suggestions for converting an svg file to pdf? i tried with reportlab and the result isn't very good, and wkhtmltopdf python module doesn't seem to be working, it's buggy
<sarnold> fabiofranco: that's what turns your firewall into a stateful firewall
<fabiofranco> sarnold thanks... gonna have a look at some reading material regarding the subject. suggestions would be appreciated if any
<sarnold> fabiofranco: I've linked to the wikipedia article before, it must have been okay once
<fabiofranco> sarnold ok... thanks a lot!
<RoyK> fabiofranco: "established" is for return ports of established TCP connections. "related" is for related return ports as with TCP and other ugly protocols exchanging ip addresses or port numbers up in layer 7
<RoyK> erm - "as with FTP" - not TCP
<RoyK> TCP in for "established"
<sarnold> RoyK: thanks :)
<fabiofranco> RoyK thanks a lot!
<irv> how do i add my user to sudoers without being in sudoers already?
<irv> it's the only account on the box
<irv> i can't elevate to add myself D:
<RoyK> it should be in sudoers if you installed the box given that account
<sarnold> irv: reboot with init=/bin/sh
<irv> it says i'm not :[
<irv> k sec
<RoyK> irv: reboot into single user mode
<RoyK> aka "recovery"
<irv> any easy way to reboot without being root
<irv> i don't want to just hard power it off in hyperv
<irv> or is there a way to find what the other account could be?
<irv> i'm almost positive i set that one up as the 'account' during setup
<irv> but, who knows at this point..
<irv> i only see my directory in /home
<irv> but i suppose that could be permissions hiding the others
<irv> k sent it a shutdown from hyperv
<irv> so just e on the main entry then add 'init=/bin/sh' to the last line?
<irv> in grub
<sarnold> well, whichever boot entry would otherwise be correct :)
<irv> ya i used the main one
<irv> there are only 2 ubuntu ones (one is recovery mode)
<RoyK> irv: it rather obvious you can't get sudo access without having sudo access ;)
<irv> still gave me the same error
<irv> ya but someone on the box has to have it, right?
<irv> as far as i can tell, it's only this one account (that i created)
<sarnold> irv: you're root. edit /etc/sudoers to fix it.
<irv> but when i try to sudo something it says that account is not on the sudoers list
<RoyK> irv: but rebooting the vm the hard wary from hyper-v should be trivial - ext4 and most other filesystems will handle this easily
<irv> sarnold: i get permission denied when nano /etc/sudoers
<RoyK> irv: did you install this system?
<irv> RoyK: ya, the shutdown did it cleanly
<sarnold> irv: try EDITOR=nano visudo
<irv> RoyK: yep, stood it up from a fresh ISO like 2 weeks ago
<sarnold> .. the file is'nt writable for root to remind you to use visudo
<RoyK> sarnold: everything is writable for root
<irv> i got 2 permission denied with that command
<irv> sarnold*
<RoyK> irv: reboot into single - if you don't have sudo access, you don't
<sarnold> RoyK: well, uh, yess and no...
<sarnold> RoyK: root is treated as a user when root owns the files, so if root has removed write permissions, nano ought to complain at startup
<RoyK> irv: really - if you don't have sudo access, something is messed up - reboot into single - it's the only way
<irv> k doing that now
<RoyK> sarnold: no, root always has write access to everything unless you're running with enforced security like hardened selinux
<irv> yay root@linux
<irv> :D
<irv> now just to add my user to the /etc/sudoers ?
<RoyK> irv: then visudo
<RoyK> or "EDITOR=nano visudo" if you don't know vi too well
<irv> can i just copy the root line and change to my username underneath
<RoyK> normally, nano should be the default editor, so it shouldn't matter much
<RoyK> yes
<irv> okay it's written
<irv> reboot now?
<RoyK> yep
<sarnold> RoyK: try this: sudo -s ; echo hi > /tmp/foo ; chmod 000 /tmp/foo ; vim /tmp/foo -- note the [readonly] in the bottom line. change the file. note the [Changing a read only file] warning.
<sarnold> RoyK: Now, granted, you hit :w! and vim _will_ write it. but the _interface_ the human sees gives the impression that root can't write it.
<RoyK> sarnold: and then change it, and :w!
<RoyK> sarnold: yes, that's what I'm saying - root has write access, even if vim tells you otherwise
<irv> yay, worked.
<irv> thanks all
<sarnold> RoyK: and _that_ is why sudoers is 440 and not 640 -- so that root sees the "read-only file" warning from their editor and then thinks "oh yeah! I need to use visudo otherwise I'll screw up my sudo config!" :)
<RoyK> sarnold: visudo checks the syntax, which is fine
<sarnold> RoyK: s/fine/damn near mandatory/ :)
<irv> hmm although my DNS isn't in there
<RoyK> irv: resolv.conf? set those values in /etc/network/interfaces
<irv> ya i have it in there
<RoyK> as in 'dns-nameservers x.x.x.x y.y.y.y' and 'dns-search asdf.com'
<irv> 'nameserver x.x.x.x'
<irv> ohh
<irv> it's in there now
<irv> thx
<RoyK> irv: now su - youraccount and try sudo -i
<irv> will do, just updating a few packages right now
<irv> what sort of speeds are these repos generally putting out
<RoyK> no idea about numbers - sufficies for me
<irv> only reason i ask is it seems to only be downloading at like 10% of my connection speed
<sarnold> I think I tended to get 1-2 MBps .. but I put up a caching proxy for my VMs and so forth, so once in a while 60MBps, entirely local...
<irv> ahh ya
<RoyK> irv: where are you located? what mirrors are you using?
<irv> i only have a couple linux VMs at the moment
<irv> canada and i thought i was using the uwaterloo one
<irv> but how can i check
<irv> also, is there another tool for looking at per-connection bandwidth usage on the machine
<irv> nethogs seems to be off or something
<irv> there's an apache server and ftp, i'd like to see how much bandwidth various users are pushing at any given moment in time
<irv> perhaps i'm reading it wrong.. what is the 'sent' column measured in units wise?
<irv> nm, it seems to be working
<luminous> anyone familiar with enabling logging for sudo? I  see the log_output and log_input booleans, but am getting "sudo: >>> /etc/sudoers.d/logging: syntax error near line 0 <<<"
<sarnold> cat: /etc/sudoers.d/logging: No such file or directory
<histo> luminous: auth.log
<luminous> sarnold: I created it :)
<sarnold> luminous: then fix your errors? :)
<sarnold> luminous: can you pastebin the file?
<histo> luminous: Doesn't sudo log to auth.log by default
<luminous> what is the correct syntax for "enabling" the sudoers booleans? the sudoers manpage is not clear on this point
<luminous> histo: I am trying to enable log_output, I don't think this is on by default
<luminous> no one fiddles with sudo? :(
<island219> Wellâ¦ Hellooo
<RoyK> daginn
<zul> adam_g: https://code.launchpad.net/~zulcss/keystone/keystone-upstart/+merge/153927
<wastl> thefox: indeed it does :(
<wastl> thefox: maybe this helps: http://askubuntu.com/questions/32298/prefer-a-ipv4-dns-lookups-before-aaaaipv6-lookups
<JanC> luminous: see the EXAMPLES section in the manpage...?
<Koheleth> anyone updated apache2 2.2.22 today?
<Koheleth> did all go tickety boo?
<patdk-lap> heh?
<brian_petersen> I am installing ubuntu server onto a desktop computer but need some help with the partitioning. I've done this three times but it never works. I create a boot partition
<brian_petersen> Ignore my last thing,
<brian_petersen> When I use the manual partition for the ubuntu installation and when I make the /boot partition, should I mark it as bootable?
<fluvvell> hey guys, can you  mount an ext4 drive in read only mode on an 8.04 server that wont support ext4?  ie mount it as ext2 or 3
<patdk-lap> not really
<patdk-lap> it only works if it doesn't use the ext4 extents feature
<fluvvell> like journalling?
<patdk-lap> no
<fluvvell> can i easily add ext4 support without major upgrade to the server?
<histo> fluvvell: it should have ext4 support
<histo> ugghh oh just read 8.04
<histo> I thought it was backwards compatible for mounting as ext3
<sarnold> fluvvell: please note 8.04 leaves support in a few weeks.
<fluvvell> histo, yeah.
<fluvvell> sarnold, thanks I only have a couple of machines using it. urr make that 3, one is a virtual machine
<sarnold> fluvvell: it'd be worth figuring out a migration path away from that server's install before the updates stop..
<fluvvell> sarnold, worked out, just planning when to implement. Your reminder is timely  - ill have to get it put on priority
<fluvvell> histo, so did I but it wont, complains bad superblock etc. (attempted ro mount)
<fluvvell> oh well, thanks all.
<sarnold> have fun :)
<histo> fluvvell: upgrade
<fluvvell> histo, its ok I've setup a virtual machine to mount it on.
<fluvvell> but yes I'll upgrade
<histo> ahh
#ubuntu-server 2013-03-19
<qman__> is there a PPA or some other low-hassle method to get kernel 3.2 on 10.04?
<qman__> I need it for driver reasons
<three18ti> any way I can move /lib to its own partition post-install?
<three18ti>  /tmp /usr /boot /var and /home are all on their own partitions..
<three18ti> I just forgot /var
<three18ti> derr.. I mean /lib
<tdotr6> hey guys
<tdotr6> im trying to setup multi nic cards on my box
<tdotr6> and my issue is , I cant get the default route to stay added
<tdotr6> I understand you can not have 2 default routes on the same gateway
<tdotr6> sorry subnet *
<tdotr6> and to me It doesnt make sense , you cant have 2 default gateways, But When the 1 NIC fails, how can I have the second nic take over like it should..
<tdotr6> ?
<tdotr6> anyone?
<tdotr6> home?
<qman__> you have to do one of a number of things to make it work
<qman__> you either have to set metrics so one route is always preferred
<qman__> or configure the kernel to recognize which interface traffic is coming from, and send it back out that way
<qman__> or configure load balancing
<qman__> I don't have time to go into the details of how to do those things, but hopefully that will set you in the right direction
<qman__> without doing one of the above, having more than one default gateway will not work correctly
<qman__> tdotr6, ^
<mistigi> Hello, I am having problem with updates: linux-image-server depends on linux-image-3.2.0-37-generic; however:  Package linux-image-3.2.0-37-generic is not installed. Would appreciate if anybody could help, here is my session dump: http://pastebin.com/dFpvBVFb
<ScottK> mistigi: Do sudo apt-get dist-upgrade
<mistigi> k, let me try that
<mistigi> same issue: root@system:/boot# sudo apt-get dist-upgrade
<mistigi> Reading package lists... Done
<mistigi> Building dependency tree
<mistigi> Reading state information... Done
<mistigi> You might want to run 'apt-get -f install' to correct these.
<mistigi> The following packages have unmet dependencies:
<mistigi>  linux-image-server : Depends: linux-image-3.2.0-37-generic but it is not installed
<mistigi>  linux-server : Depends: linux-headers-server (= 3.2.0.37.44) but 3.2.0.39.47 is installed
<mistigi> E: Unmet dependencies. Try using -f.
<mistigi> oh, let me try that with -f, one moment
<mistigi> its pretty much the same, it forced some packages to upgrade and kernel too, from .38 to .39, after reboot kernel is on .39. But still any apt operation complains " linux-server depends on linux-image-server (= 3.2.0.37.44); however:  Package linux-image-server is not configured yet."
<mistigi> "linux-image-server depends on linux-image-3.2.0-37-generic; however: Package linux-image-3.2.0-37-generic is not installed."
<ScottK> The correct version is published: linux-image-server | 3.2.0.39.47 | precise-updates | amd64, i386
<ScottK> Next I'd try, sudo apt-get -f install  linux-image-server
<mistigi> k, one sec
<mistigi> sudo  apt-get -f install linux-image-server ... "The following packages have unmet dependencies: linux-server : Depends: linux-image-server (= 3.2.0.37.44) but 3.2.0.39.47 is to be installed Depends: linux-headers-server (= 3.2.0.37.44) but 3.2.0.39.47 is to be installed"
<ScottK> Try sudo apt-get -f install  linux-image-server linux-headers-server
<ScottK> Actually, run sudo apt-get update first.
<mistigi> k
<ScottK> I just installed this kernel off the US mirror and it's there.
<ScottK> (at least for i386)
<mistigi> still same error, like apt is stuck on .37 though I am running .39 "The following packages have unmet dependencies: linux-server : Depends: linux-image-server (= 3.2.0.37.44) but 3.2.0.39.47 is to be installed Depends: linux-headers-server (= 3.2.0.37.44) but 3.2.0.39.47 is to be installed"
<mistigi> would it make sense to copy /etc/apt/sources.list from another machine running .39 ?
<ScottK> No.  It does appear that you've got the right entries.
<ScottK> mistigi: Try this and pastebin what you get: grep linux-server /var/lib/apt/lists/*
<mistigi> k
<mistigi> http://pastebin.com/PiQhfwut
<ScottK> Try taking the i386 entries out of your sources.list, apt-get update, and try again.
<mistigi> k
<ScottK> You can see you've got the correct version in your Packages files, so I am wondering if things are somehow confused due to multi-arch.
<ScottK> (it's a guess)
<mistigi> hmm, all 386 are commented out already in sources.list
<ScottK> They were being checked in your first pastebin.
<ScottK> Check isn sources.list.d too.
<mistigi> k
<ScottK> By comparison to your output, here's what mine (for an i386 server) shows: http://paste.ubuntu.com/5627289/
<mistigi> I see what you mean about 386 being check out, but I do not see them anywhere under /etc/apt
<ScottK> OK.
<ScottK> Here's what I'd do then ...
<ScottK> wget https://launchpad.net/~canonical-kernel-team/+archive/ppa/+build/4332112/+files/linux-server_3.2.0.39.47_amd64.deb
<ScottK> sudo dpkg -i linux-server_3.2.0.39.47_amd64.deb
<ScottK> sudo apt-get -f install
<mistigi> k, let me try that
<ScottK> It's kind of doing it the hard way, but I don't see why you aren't gettting the new one.
<mistigi> same error: http://pastebin.com/7n2btqpL
<ScottK> Progress.  Not quite the same error.
<ScottK> Do the same thing with https://launchpad.net/~canonical-kernel-team/+archive/ppa/+build/4332112/+files/linux-image-server_3.2.0.39.47_amd64.deb
<mistigi> right, that did not display any errors, one sec
<mistigi> wow, it looks like it worked :-) Really appreciate your help :-)
<ScottK> Except I was giving you the wrong version.  Crap.
<ScottK> Somehow I ended up on the kernel team PPA.
<mistigi> its a VM, i have a snapshot I can rollback to
<ScottK> Acutally, it's fine.
<mistigi> k
<ScottK> I forgot the kernel updates are all built in a special PPA for testing.
<ScottK> So those are actually the right ones.
<mistigi> sweet, thanks for your time, really apreciate it :-) Saves me a lot of effort so I do not have to rebuild this box from scratch
<Keith_Pawson> What is the best option for quickly building new test servers for either home setup or a test env, have been looking at Cobbler or considering fog for images?
<Keith_Pawson> I would also like to build both Ubuntu servers and CentOS
<Sargun> How has your guys' luck with Ubuntu MaaS been?
<ttx> jamespage: swift milestone-proposed branch cut
<jamespage> ttx, marvellous - thanks!
<ttx> jamespage: in the process of tagging 1.8.0-rc1
<sonne> hey there
<phretor> I followed ubuntu's practice of putting the images under /var/lib/libvirt/images/<vm name>/ubuntu-kvm/*.qcow2 - is there any suggested practice about snapshots (i.e., where to place them on the host filesystem)?
 * RoyK wonders what sort of genius that came up with moving to a new kernel release at 12.04.2
<ogra_> the policy of supporting new HW with newer point releases
<ogra_> (complain in #ubuntu-kernel instead of -server though)
<alex88> koolhead17: o/
<koolhead17> alex88: my friend. howdy/
<alex88> just configured some new servers for mysql and storage, finally with hw raid, it flies :) you?
<alex88> btw, why I need to install a package to set as manually installed?
<alex88> is there a way to set a package as installed from source in apt-get?
<mardraum> hi, anyone here using qemu-kvm with libvirt on raring who is still able to live migrate with virsh? I can't do so after upgrading two hosts for testing, trying to work out if it is a bug or me
<ikonia> alex88: no
<alex88> ikonia: just found https://help.ubuntu.com/community/CheckInstall
<ikonia> alex88: I very strongly advise against that
<ikonia> but of course it's up to you
<alex88> ikonia: usually generated problems?
<ikonia> no, I just feel the whole process is bad
<ikonia> but it's a personal opinion
<ikonia> it's a sloppy package basically
<Daviey> smb: Do you have that xen dsc/debdiff?
<Daviey> mardraum: Hmm, yeah it should still work.. What are you seeing?
<smb> Daviey, if that means the one between 4.2.0 and 4.2.1... maybe not yet but simple to create
<Daviey> smb: raring current, to what you are proposing :)
<Daviey> alex88: what source is it?
<smb> Daviey, its now where the src pkg is
<Daviey> smb: thaks
<mardraum> Daviey: I get "error: operation failed: migration job: unexpectedly failed" from something like "virsh migrate --live --verbose somevm qemu+ssh://somehost/system" - nfs shared storage, openvswitch networking
<mardraum> dns is still ok, same as it was before upgrade, forward and reverse ok for both hosts
<Daviey> mardraum: Ah, i haven't played with shared storage migration as much.. In a few hours, hallyn will be around.. he will be a much better person to help work this out.
<mardraum> Daviey: cheers
<alex88> Daviey: vips (package is libvips-tools)
<alex88> I should do the same also for libtiff since I need 4.0.3 on ubuntu 12.04
<alex88> and that version is just on ubuntu 12.10
<alex88> maybe I'll just install its dev
<alex88> maybe I'll just install its deb
<Daviey> alex88: if that doesn't work (quite likely), grabbing the source package from a newer release.. and rebuilding it for 12.04 is better
<Daviey> alex88: out of interest, what is it you need a later version for?
<alex88> Daviey: bigtiff support
<alex88> files more then 4gb
<Daviey> ah
<alex88> btw, I need the dev package
<alex88> Daviey: http://packages.ubuntu.com/quantal/libtiff5-dev this is what I need to install, can you advice me how to do that?
<Jeeves_> 'apt-get install libtiff5-dev'
<alex88> Jeeves_: I'm not on 12.10
<alex88> I'm on 12.04
<Daviey> alex88: I'm sorry, but this is going to take longer than I have time to spare right now.
<alex88> Daviey: oh sure, no worries
<Jeeves_> w
<Jeeves_> oops
<alex88> the problem is that installing from source installs both libtiff4 and libtiff4-dev pacakges
<alex88> I mean, the same contents of both
<patdk-lap> exactly what do you mean, installing from source?
<alex88> patdk-lap: downloading source package from authors site, ./configure, make, make install
<patdk-lap> well, that wasn't the right way to do it
<alex88> mmhh no?
<patdk-lap> not if you ever planned to uninstall it or needed to fix your system
<alex88> patdk-lap: well, I'm using checkinstall
<alex88> instead of make isntall
<alex88> *install
<patdk-lap> you should have downloaded the source from 12.10
<patdk-lap> done a dpkg-buildpackage
<patdk-lap> then installed the .deb
<alex88> patdk-lap: from where? http://packages.ubuntu.com/quantal/libtiff5-dev -> [tiff_4.0.2-1ubuntu2.1.debian.tar.gz] ?
<patdk-lap> yes. atleast 3 files are needed
<patdk-lap> the debian.tar.gz, the source(.tar.gz?) and the .dsc
<alex88> ok so all o fhtem
<alex88> *of them
<patdk-lap> but if you did a make *install*
<patdk-lap> not sure what it did to your system
<patdk-lap> and how hard it will be to put it back to normal
<alex88> patdk-lap: I didn't, just checkinstall, then dpkg -r
<alex88> and it's now clean
<alex88> since no traces of libtiff in /usr/lib
<patdk-lap> you shouldn't ever :)
<alex88> patdk-lap: btw, it's still clean now, also, what should I do with those 3 files?
<patdk-lap> even when it is installed, there will be no traces of it there (except maybe if you use i386?)
<patdk-lap> dpkg-source -x
<alex88> patdk-lap: it's not installed, no files, no packages installed
<patdk-lap> find /usr -name 'libtiff*'
<alex88> just in /usr/local/src that's where I'm working on
<patdk-lap> ok
<alex88> btw, did dpkg-source -x tiff_4.0.2-1ubuntu2.1.dsc
<alex88> extracted, unpacked, applied patches and so on
<patdk-lap> go into that folder
<alex88> done
<patdk-lap> apt-get build-dep libtiff4
<alex88> patdk-lap: version 4.0.2 from quantal is libtiff5, should I apt-get build-dep libtiff5?
<patdk-lap> is there a libtiff5 in your os version?
<alex88> libtiff4 is version 3.9.2 from precise, libtiff5 is this one 4.0.2 from quantal
<alex88> nope
<patdk-lap> then it won't work
<patdk-lap> use libtiff4
<alex88> as build-dep right?
<patdk-lap> yes
<patdk-lap> your just installing what it needs to build
<patdk-lap> the differences between libtiff4 and libtiff5 are normally nothing
<alex88> btw
<alex88> Picking 'tiff' as source package instead of 'libtiff4'
<alex88> E: Unable to find a source package for tiff
<alex88> btw, ./configure already works
<alex88> since I've already installed packages
<patdk-lap> who said to use ./configure?
<alex88> (i think it works, it does for the 4.0.3 I manually downloaded)
<patdk-lap> now it's probably messed up and need to delete that folder and do dpkg-source again
<patdk-lap> ok
<alex88> nope, haven't run it here
<alex88> just said that it worked for the other source I downloaded by hand
<patdk-lap> dpkg-buildpackage -us -uc
<alex88> k, trying
<alex88> dpkg-checkbuilddeps: Unmet build dependencies: cdbs (>= 0.4.106~) libxmu-dev libglu1-mesa-dev freeglut3-dev libxi-dev libjbig-dev
<alex88> ok, trying to install those
<alex88> damn, libjbig-dev is not there on 12.04, just libjbig2dec0-dev
<patdk-lap> same thing
<patdk-lap> or maybe
<patdk-lap> just give it a try
<alex88> try? I get http://pastie.org/pastes/6625376/text
<alex88> btw, I've installed all the other packages
<patdk-lap> heh?
<alex88> patdk-lap: I get that running dpkg-buildpackage -us -uc
<alex88> it says that libjbig-dev is missing
<alex88> maybe I need to do the same thing for libjbig-dev?
<alex88> build from source?
<alex88> as it just depends on libjbig0 which just needs libc6 so not that many dependencies to go trough
<patdk-lap> ya, looks like you need that
<patdk-lap> the one in precise is 0.11 vs 2.0
<patdk-lap> though it seems to compile with it, it's probably going have bugs
<alex88> what? libc6?
<patdk-lap> and you will need to edit cdbs to say 0.4.100
<patdk-lap> libjbig-dev
<patdk-lap> edit debian/control
<alex88> ok, let me try to build libjbig first
<alex88> I've already downloaded source
<alex88> doing dpkg-source -x jbigkit_2.0-2ubuntu1.dsc
<alex88> now dpkg-buildpackage -us -uc
<patdk-lap> ya
<alex88> good, I've the debs (party)
<alex88> now install jbigkit debs
<patdk-lap> yes
<NaGeL_Work> I have a question about munin can it be used that the munin and munin-node is installed on the same server? and what is munin-node anyway?
<patdk-lap> dpkg -i *.deb
<alex88> done, now back to tiff
<alex88> ok, just dpkg-checkbuilddeps: Unmet build dependencies: cdbs (>= 0.4.106~)
<patdk-lap> I said you needed to edit that
<alex88> sure, going to do that now (was just to do step by step)
<alex88> k, I'll set 0.4.100~ as version
<alex88> since precise has that
<alex88> ok building
<alex88> there we go.. I've the deb :)
<alex88> all debs installed, great!
<alex88> thanks patdk-lap!
<alex88> thanks alot!
<patdk-lap> now to see if things will, just use it
<patdk-lap> or if they need to be recompiled based on that new version
<alex88> patdk-lap: well, vips now says tiff is installed correctly
<alex88> the problem is that libmagick++-dev installs libtiff4..
<alex88> I think it will replace mine
<alex88> isn't possible to say that libtiff5 is the same and just "use that"?
<patdk-lap> oh, probably uninstall the deb, make another change and rebuild
<alex88> say that it provides libtiff4?
<alex88> btw, quantal has both packages, so maybe they can work together?
<alex88> btw, sorry patdk-lap, have to go to lunch, I'll talk to you later if you still have time.. thanks alot anyway for now!!
<patdk-lap> they can *work together*, but everything in precise will default to the old package :)
<patdk-lap> what you can do is edit the control file again, and change tiff5 to tiff4
<patdk-lap> that should do it
<patdk-lap> forget how to say, also provides
<zul> jamespage/yolanda: https://code.launchpad.net/~zulcss/python-keystoneclient/0.2.3/+merge/154076
<yolanda> ok
<zul> Daviey:  ping...can you review python-ceilometerclient its still stuck in binary-new
<Daviey> zul: src new?
<jamespage> zul, swift rc'ed btw
<zul> Daviey:  yeah
<zul> jamespage:  ill get to it next
<alex88> patdk-lap: "forget how to say, also provides"?
<zul> jamespage:  tarball was cut?
<jamespage> zul, no idea - I switch to the milestone-proposed branch for ci
<jamespage> zul, I think 1.8.0-rc1 was being prepared
<zul> jamespage: oh ok
<zul> yeah they actually havent caught a tarball for it yet though :)
<zul> jamespage:  http://people.canonical.com/~chucks/ca/
<mardraum> jamespage: I think you helped me once before with a libvirt regression, do you have any vm hosts running raring you can try some live migrations?
<mardraum> mine are failing since I started testing beyond 12.10
<jamespage> mardraum, give me 20 mins and I can switch my testing from precise->raring for grizzly
<mardraum> thanks. if you scrollback you'll see what I am getting using virsh migrate
<jamespage> zul, typo in changelog btw
<jamespage> zul, 'releaes'
<zul> jamespage:  frigging
<jamespage> mardraum, I don't have a rig with shared storage; but I should be able to test it with live-block migration I think
<mardraum> ok, thanks. if that works for you I'll try that too
<hallyn> mardraum: I don't have a rig with shared storage either, but usually reproduce with some cloud instances with nfs when I need to.  But for something like this with so many variables, a launchpad bug where we can track info is usually best
<hallyn> mardraum: do you mind opening one, with xml files for your vms and storage, and your exact commands?
<mardraum> sure. also I just finished testing using --copy-storage-all after creating the img on the receiving end and got the same error.
<mardraum> heh, the attempt also makes the vm mount ro, sigh
<mardraum> and a bsd vm panic as a filesystem disappears
<mardraum> I'm going to rule out openvswitch too first
<mardraum> I'll go back to the old bridging and see if that works
<f4c3p4lm> can anyone help me with postfix+courier-imap ? i just need a correct mysql database structure
<f4c3p4lm> :<
<histo> f4c3p4lm: Are you following a guide in particular? flurdy.com has one
<alex88> patdk-lap: btw, got everything to work.. it seems..thanks man!
<f4c3p4lm> histo, i followed a guide cant recall which one
<f4c3p4lm> i just need the database
<f4c3p4lm> all the rest is OK
<f4c3p4lm> my db is incorrect
<f4c3p4lm> i know that there are missing tables
<f4c3p4lm> dont know the names and fields
<histo> f4c3p4lm: i would look to flurdy.com for examples. How are we going to guess what sort of tables your configs use etc...
<f4c3p4lm> ill look for the guide but
<histo> f4c3p4lm: each guide is different they could have used any format/table name they wanted
<f4c3p4lm> isnt there a generic one?
<f4c3p4lm> http://flurdy.com/docs/postfix/edition8.html
<f4c3p4lm> would this be the one?
<histo> f4c3p4lm: http://flurdy.com/docs/postfix/index.html
<histo> f4c3p4lm: specifically http://flurdy.com/docs/postfix/index.html#config-simple-database section
<f4c3p4lm> hum
<f4c3p4lm> thanks
<f4c3p4lm> my database looks exactly like that one :D
<eagles0513875> hey guys i have dvecot setup using sieve which conf file do i need to look at to ensure its enabled
<eagles0513875> !sieve
<jamespage> zul, http://people.canonical.com/~jamespage/ca-updates/
<jamespage> quantum and cinder
<zul> jamespage:  +1
<histo> I'm setting up a mail server for a small client. SHould I use virtual mailbox maps? Or just linux accounts with nologin
<histo> So far I've installed the mail-stack-delivery package and my self generated certs
<histo> Just looking for someone's opinions
<vila> hallyn: ping, I got a weird error while trying to create a kvm since I upgraded to raring, can you help me refining the diagnosis ? virt-install (which was working fine with quantal and even on raring on my laptop) is now failing with: error: ERROR    An error occurred, but the cause is unknown
<hallyn> vila: do you mind opening a bug?  add teh full command line you're using, and /var/log/libvirt/libvirtd.log and /var/lib/libvirt/qemu/<vm>.log if it exists.
<hallyn> i don't actually use virt-install, so not sure offhand if it'd be a bug in that, or libvirt, or qemu
<vila> hallyn: ~/.virtinst/virt-install.log is slightly more helpful: http://paste.ubuntu.com/5628501/
<hallyn> oh, ok, usually it isn't :)  checking
<hallyn> oh you're using virtualbox
<vila> hehe, at least there is a stacktrace
<vila> hallyn: no, not anymore, but it's still installed
<vila> hallyn: but I too found it weird that vbox appeared there
<hallyn> vila: Tue, 19 Mar 2013 16:48:26 virt-install 15392] DEBUG (cli:333) Received libvirt URI vbox:///system
<hallyn> vila: waht command line are you using for virt-install?
<vila> hallyn: it's in the paste, second line
<hallyn> vila: oh, or you might look through /etc/libvirt/libvirtd.conf for any defaults set to vbox
<vila> hallyn: only comments there (so only default values ?) and I didn't touch it. The only thing I can remember changing are:  /etc/libvirt/storage/default.xml to use /caviar3/libvirt/images and using br0 (though I can't remember whre exactly), but I made these changes while running precise I think
<hallyn> vila: allr ight, please open a bug aginst lbivirt.  lbivirt is telling virtinst that vbox is the default uri.  i dont' know why offhand
 * hallyn must move to server meeting
<vila> hallyn: ack
<hallyn> thx
<vila> hallyn: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1157272
<uvirtbot> Launchpad bug 1157272 in libvirt "fail to create vm since upgrade to raring" [Undecided,New]
<vila> hallyn: uninstalling vbox worked around the issue, comment added to the bug
<hallyn> vila: thanks much
<hallyn> note, i don't t hink you canrun kvm and vbox at the same time
<vila> hallyn: my pleasure. It may still be worth fixing this bug, my team has use cases where kvm is not appropriate yet
<vila> hallyn: yup, fully understood
<vila> hallyn: but in the past, I could at least run one or the other
<vila> hallyn: which was crucial to allow me to migrate to kvm...
<hallyn> vila: but if you install vbox, but don't have any vobx instances running,
<hallyn> oh wait, lemme go check the code...
<vila> hallyn: that was the case, I tried uninstalling vbox by supersitition and because you mentioned you didn't expect to see vbox there
<vila> hallyn: but I haven't started a vbox vm for.. months and certainly not since I rebooted ;)
<sarnold> I've had success in the past unloading the vbox module, modprobing the kvm module, and continuing on...
<hallyn> vila: oh, sorry, i thought you said somewhere you had two vbox instances up and running,
<vila> sarnold: would have been  delicate in my case, most of them were started by jenkins
<hallyn> sarnold: you're *supposed* to no longer need to do that
<hallyn> sarnold: but my guess is libvirt simply checks for vbox before kvm
<hallyn> so that vbox becomes teh default if availab.e  zul^ do you know if that's true?
<vila> hallyn: no, two vbox related processes (the services.. can't remember the names)
<sarnold> hallyn: no kidding! :) There's no end to the wonders in the world... :)
<sarnold> vila: heh, delicate indeed :) it's not the same as just driving your laptop.. heh.
<hallyn> vila: oh, got it, thx.  never used vbox, didn't realize it left taskshaning :)
<vila> sarnold: hehe
<vila> hallyn: yeah, something may have changed, I thought those services were only started when the first vbox vm was...
<vila> hallyn: but now that you mention it, that may have been libvirt starting them...
<vila> hallyn: like: libvirt: hmm, what do we have here ? Do we have vbox ? vbox: Me ? Let me start !
<vila> hallyn: AFAIR, those processes were supposed to shut down themselves when inactive and uninstall complained that they were still running and failed, I had to kill-9 them
<hallyn> vila: right.  if you specify '-c qemu:///' it'll use kvm, but if you don't it uses a default
<hallyn> we would want the default to be kvm though
<hallyn> heh, perahps a vbox bug is in order
<vila> as in --connect qemu://system ? I tried that but got another obscure error
<vila> oh wait 3 /  not 2 ?
<hallyn> yeah
<hallyn> it's 'qemu://host/{system,session}'
 * vila reinstalls vbox to try ;)
<hallyn> vila: can you check /etc/libvirt/libvirt.conf for a uri_default setting?
<hallyn> and env | grep URI
<hallyn> libvirt honors those if set
<vila> hallyn: I did, nothing there, ha, well, commented out that is
<vila> #uri_default = "qemu:///system"
<vila> urgh, 3 / there, I hate my tyops :-(
<hallyn> vila: yeah, that's commented out in the distro file.  not sure if we want to uncomment that
<vila> hallyn: virt-install -c qemu:///system will take precedence right ?
<vila> hallyn: I have a script that encapsulates the calls to virt-install so I can fix it there
<vila> hallyn: and yeah, given the comment in libvirt.conf, it's a fallback
<vila> # This can be used to prevent probing of the hypervisor
<vila> # driver when no URI is supplied by the application.
<TristamWrk> I've got a Dell Power Edge R515 with an Opteron 4334 6 core processor with 12.04 server installed on it.  I'm only seeing 1 core.  Anybody have any ideas what I should look at?  Uname -a to follow:
<TristamWrk> Linux XXXXXXX 3.5.0-26-generic #42~precise1-Ubuntu SMP Mon Mar 11 22:17:58 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux
<mistigi> Not sure how you "seeing 1 core", but you can check:  cat /proc/cpuinfo    or start top and press "1"
<TristamWrk> cpuinfo is only showing 1 core.
<TristamWrk> as is htop
<sarnold> TristamWrk: is the system bios configured to only run one core?
<TristamWrk> sarnold, it better not be or I'm going to smack Dell.  I will have to run downstairs and check.
<TristamWrk> I will have to do so after this person calls me back.
<mistigi> How about: cat /var/log/dmesg | grep SMP           also:  lshw -class cpu
<hallyn> plars: hey, what is the protocol for filing a bug against packages in linaro ppas?
<hallyn> just email whoever is in the changelog, i assume? :)
<plars> hallyn: what's the project?
<hallyn> plars: qemu-linaro
<plars> hallyn: https://bugs.launchpad.net/qemu-linaro
<hallyn> plars: that pkg doesn't exist in raring though...  only in ppa...  stillu se it?
<hallyn> ok, i'll mark it affecting that, thanks :)
<plars> hallyn: probably - it wouldn't hurt to email the package maintainer also though
<plars> hallyn: if nothing else, ping fabo on #linaro - I'm sure he can get you to the right place
<hallyn> plars: ok, thanks
<TristamWrk> alright, I checked the bios and all the cores are enabled.
<mistigi> Tris: can you check your dmesg log like I posted above
<TristamWrk> mistigi, I didn't scroll up when I got back to my desk..sorry
<sarnold> TristamWrk: < mistigi> How about: cat /var/log/dmesg | grep SMP           also:  lshw -class cpu
<TristamWrk> Thanks
<TristamWrk> Weird...
<TristamWrk> [    0.000000] SMP: Allowing 6 CPUs, 0 hotplug CPUs
<TristamWrk> [    0.018996] SMP disabled
<mistigi> are you passing strange parameters to kernel in grub ?
<TristamWrk> mistigi, I didn't change grub from what the installer setup
<mistigi> ok, but SMP should not be disabled afaik, one sec
<sarnold> TristamWrk: what does /proc/cmdline look like?
<TristamWrk> Grub has this:  GRUB_CMDLINE_LINUX="acpi=off noapic nolapic nodmraid"
<TristamWrk> BOOT_IMAGE=/vmlinuz-3.5.0-26-generic root=/dev/mapper/fs1-root ro acpi=off noapic nolapic nodmraid
<mistigi> yeah, remove acpi=off and reboot
<sarnold> hunh. I think ACPI is required to do SMP.
<TristamWrk> I didn't even think about that.  I had to turn stuff off to get the install CD to boot.  Didn't even think about that carrying through.
<TristamWrk> Still no joy
<TristamWrk> Still has "noapic nolapic nodmraid" on the kernel line.
<mistigi> yeah, they may be problem too
<mistigi> remove them and give it a try, especially nolapic
<TristamWrk> Yeah, just found a line near the "SMP Disabled" line that mentioned lapoc
<TristamWrk> lapic
<histo> TristamWrk: after you remove the stuff you have to update-grub
<histo> TristamWrk: or add things
<sarnold> I'd just fiddle with the command line in grub at boot time until you get sometihng that works reliably
<TristamWrk> histo, I did, thanks
<TristamWrk> Yay!  6 cores!
<TristamWrk> Thanks folks
<sarnold> mistigi: nice work :)
<mistigi> gratz :-)
<TristamWrk> Sorry I didn't look close enough at dmesg and pestered y'all
<TristamWrk> NOW rsync is maxing out my 100Mbit link...haha
<sarnold> haha :)
<stgraber> sarnold: hey, so /etc/dnsmasq.d-available/lxc is a symlink on your system?
<sarnold> stgraber: yes lrwxrwxrwx 1 root root 28 Feb 28 16:19 /etc/dnsmasq.d-available/lxc -> /etc/dnsmasq.d-available/lxc
<stgraber> sarnold: wow, that's clearly very wrong... have you been only using the packages from the archive or were you on some of the PPA builds for a while?
<sarnold> stgraber: I had the juju ppa enabled previously, but no lxc-specific ppas
<stgraber> sarnold: it sounds like the migration script we pushed a couple of releases ago, moving /etc/dnsmasq.d/lxc to /etc/dnsmasq.d-available/lxc backfired for you and created that mess
<stgraber> sarnold: did you have lxc on that machine pre-raring?
<stgraber> sarnold: btw, if you just want to fix it, remove /etc/dnsmasq.d-available/lxc and make it a regular file containing http://paste.ubuntu.com/5628886/
<sarnold> stgraber: yes, precise, quantal, and now raring..
<sarnold> stgraber: oh, hey, dpkg left behind the lxc.dpkg-new with those contents :)
<stgraber> ok, I tested the new package on precise and didn't see that problem, so I'll just run a quantal => raring upgrade test to make sure that's not the trigger
<stgraber> I've re-checked the logic in the current maintainer scripts and can't find anything wrong, but it's possible that an earlier upload triggered this
<sarnold> hehe :/
<zul> stgraber:  ping
<stgraber> zul: pong
<hallyn> stgraber: i asked zul to ping you on a name for the libvirt liblxc driver :)
<hallyn> he's going with liblxc i think
<hallyn> i would've probably done lxc2 or lxcext, but liblxc actually makes sense i think
<stgraber> liblxc sounds good, because, well, that's what it's ;)
<stgraber> yeah, lxc2 may sound like some kind of new release of libvirt-lxc which it clearly wouldn't be
<Catbuntu> Hi
<mikehale> smoser: Hi, I was wondering if you had any thoughts on an implementation strategy for https://bugs.launchpad.net/cloud-init/+bug/1153626/.
<uvirtbot> Launchpad bug 1153626 in cloud-init "Multiple Interfaces and IPs not detected in AWS VPC" [Medium,Triaged]
<mikehale> I had some thoughts, but I'm not sure if I'm headed in the right direction or not.
<smoser> mikehale, oh. hey, sorry for not having seen that. :-(
<smoser> (please feel free to ping me like this)
<mikehale> cool, yeah @flacoste said I should :)
<smoser> i'm not actually sure what i think about updating /etc/network/interfaces.
<smoser> that does make sense, as that is where people would expect to go making changes.
<smoser> but then you have to deal with removing those entries on interface removal.
<smoser> (and also, cloud-init can be a bit of a PITA here...
<smoser> it blocks boot waiting for any interface listed in /etc/network/interfaces to come up)
<mikehale> does cloud-init handle the initial creation of /etc/network/interfaces?
<smoser> no.
<smoser> there is a hard coded minimal one in the images.
<mikehale> ah
<smoser> actually, adding entries to /etc/network/interfaces would be OK as long as they're set to 'manual'
<smoser> i think i like that.
<smoser> on interface add, have a rule that fires.
<smoser>  that rule then tries to figure out if its in ec2, and if it is, gets the data necessary, modifies /etc/network/interfaces and ifup
<mikehale> cool
<smoser> we can even make the code quickly exit doing nothing if a /etc/cloud/do-nothing-your-not-in-ec2 file exists or something
<smoser> and cloud-init would on first boot set that setting.
<mikehale> makes sense
<smoser> mikehale, so for 'manual' all you do is put whatever ocnfig you *would* put there (see man interfaces) except for rather than 'auto eth0' you put 'manual eth0'
<smoser> and that will be perfectly fine to be manual, as it actually be automatic on plug/remove of the interface.
<mikehale> oh I see that is auto/manual are classes and /etc/init/network-interface.conf only attempts to ifup interfaces defined as auto
<lg188> Good day, I was plugging in my Hard drive (with usb) in my server and it doesn't mount.
<lg188> this is my dmesg output
<lg188> http://paste.ubuntu.com/5629262/
<lg188> What am I doing wrong?
<RoyK> lg188: an ubuntu server install won't auto-mount an usb disk
<RoyK> s/an usb/a usb/
<RoyK> :P
<RoyK> lg188: it says sda for the usb device - what does 'cat /proc/partitions' tell you?
<shauno> it does enumerate sda1 on line 17 too
<lg188> RoyK: Ah it's alreight I had to manually mount it because there was something wrong with being shutdown with windows
<lg188> And the server uses scisi as root dir if that matters
<RoyK> scisi? what is that? scsi? iscsi?
<lg188> scsi*
<RoyK> well, if it works, \o/
<lg188> Yeah, Thanks for the effort though :)
<ttx> jamespage: Glance milestone-proposed branch was cut
<ttx> jamespage: same for heat
<mimizone> imi2000
<mimizone> Hi in there, general question on the upgrades for 12.04. with the LTS, do I get all the updates that are included in 12.10, 13.x etcâ¦ until 2017? are they backported quickly? my main interest is the upgrades for juju, maas and openstack packages.
<sarnold> mimizone: there is a Stable Release Process that is used to backport specific fixes when desired. (There is also the "hardware enablement stack" which will backport the kernel, X, and maybe related packages, but it's a much smaller subset of the distribution than everything...)
<sarnold> mimizone: you may wish to use the juju, maas, and openstack ppas -- at least, I'm pretty sure juju's ppa is intended to also work on 12.04 LTS
<sarnold> (it is my assumption that the other projects have PPAs..)
<mimizone> thanks sarnold. you mean I should use the ppas instead of the ubuntu apt packages right? ppas being the most up to date packages from the developers typically?
<sarnold> mimizone: yes; if you want to follow what is _new_ in the packages, you'd use their PPAs.
<mimizone> sarnold: great. thanks
<island219> Finally got Ubuntu Server to install on my machine, although I'm still getting "Input Out Of Range" errors on my monitor. Any known fixes? I'm runnin 12.10.
<island219> Anyone?
<jackads> hello guys, someone can help me in a DNS/mail server configuration? I get a VPS in digitalocean, ubuntu server 12.04 64bits... I installed iRedMail, but I think I had configured wrong the dns or maybe some other configuration, because I can't send or receive e-mail, always returns. Someone would help me?
<sarnold> island219: back in the day, that meant you set your X modelines to a resolution that the monitor couldn't support
<sarnold> island219: these days of course the edid from the monitor is supposed to prevent out-of-range inputs, but perhaps your monitor doesn't report them properly
<island219> Hmmmâ¦ I reckon it's the graphics in the server.
#ubuntu-server 2013-03-20
<_donvito> root@dreambox:/var_init/script> chmod -R 777 inadyn_script.sh
<_donvito> chmod: inadyn_script.sh: Read-only file system
<_donvito> how is it posible_
<_donvito> how can i change rights
<Sprocks> Can someone help me with "...error attempting to write lower page..."?
<nxvl> /n
<nxvl> ugh
<justin222> I have a Ubuntu 12.04 server, configured in /etc/network/interfaces to use a static IP, that seems to at random decide to get a DHCP ip, and as such finds itself offline.
<justin222> anyone seen something like it or have any ideas? I see dhclient is installed, but when trying to remove it, was also told I had to remove a ton of other stuff
<jamespage> ttx, thanks
<jamespage> ttx, glance now using milestone-proposed for CI builds; heat not in the lab or the archive for raring
<jamespage> probably need to fix that before we release
<ttx> jamespage: heat is still inincubation, so you don't really need to "fix" that before O
<ttx> err. S
<rbasak> kirkland: have you seen http://askubuntu.com/questions/244103/byobu-open-different-tabs-in-different-windows-of-the-same-session ?
<jamespage> ttx, yeah - the PTL did request that it be enabled in CI and we agreed to defer until it landed in debian experimental
<jamespage> but that never actually happened
<rbasak> Evidently it's a popular question
<jamespage> ....
<ttx> jamespage: horizon milestone-proposed just cut
<jamespage> ttx:ack
<jamespage> rbasak, looking at your mongodb arm stuff now
<rbasak> Thanks
<rbasak> I do want to get more review, but I'm confident that this is an improvement over what's in the archive at the moment
<mardraum> hallyn: I opened #1157626 re my raring virsh migrate issues after removing openvswitch from the equation
<jamespage> rbasak, jon's original patch had some fixes in src/mongo/bson/util/atomic_int.h as well - any reason those where dropped?
<rbasak> jamespage: I'm not sure what jon's original patch was against. But in our version, atomic_int.h contains everything we need for arm using gcc builtins if they are defined, which they are for us. So the arm specific bits aren't needed.
<jamespage> rbasak, hmm - #elif defined(__GNUC__)  && (defined(__i386__) || defined(__x86_64__))
<jamespage> #else
<jamespage> #error unspported arch
<jamespage> that said - I'm not sure that code is actually used anywhere...
<jamespage> it uses mfence and xadd
<ttx> jamespage: only Nova, Keystone left (+ Ceilometer)
<jamespage> ttx, **\o/**
<rbasak> jamespage: I'm generally not happy with the conditionals in atomic_intrinsics.h - there are paths that will lead to really broken behaviour and corruption if neither __i386__ nor __arm__ are defined for example - it's not robust
<rbasak> But I haven't reworked the whole thing so I left it mostly as-is for now
<jamespage> rbasak, tbh its a hack to add arm support right now
<rbasak> Yes
<rbasak> So for now I just did the minimal changes that will fix the issue so that I'm confident that I'm not introducing any new problems
<jamespage> rbasak, +1 for that approach
<jamespage> rbasak, I think atomic_intrinsics.h could be reworked to use gcc builtins pretty much everywhere
<rbasak> jamespage: indeed
<rbasak> jamespage: the risk there is that I break Intel, of course :)
<rbasak> And so I really didn't want to go there right now - certainly not without upstream approval
<jamespage> rbasak, actually I see what you mean in atomic_int.h
<koolhead17> jamespage: is it good idea to wait 4 few more days if i need to test grizzly with cloud archive?
<jamespage> it looks fine as arm will have __GCC_HAVE_SYNC_COMPARE_AND_SWAP_4
<rbasak> Yes, exactly
<jamespage> koolhead17, actually if you want to test right now the grizzly-trunk-testing PPA is pretty stable
<jamespage> I've been using it for the last week and fixing up and issue I found
<rbasak> So effectively atomic_int.h has arm support upstream already
<rbasak> It's just atomic_intrinsics.h that needed fixing up
<jamespage> its tracking the milestone-proposed branches so its pretty much grizzly rc
<rbasak> So for that I fixed up jon's patch minimally
<jamespage> rbasak, +1
<koolhead17> jamespage: thinking of updating doc for grizzly :)
<jamespage> koolhead17, sounds like a plan!
<rbasak> Anywhere I did need to touch though, rather than writing new arm-specific low level stuff (kuser or arm assembly) I used gcc builtins. I'm more confident using them
<rbasak> The bits I needed to touch were where the return value semantics of jon's patch didn't exactly match the intel assembly
<jamespage> rbasak, excitingly mongodb 2.4.0 just got released
<rbasak> jamespage: yeah. Bit annoyed about that :)
<rbasak> jamespage: I take it we're going to be stuck on 2.2 for raring due to FF/
<jamespage> just considering whether we go for a FFe
<rbasak> ?
<jamespage> well
<rbasak> I think it might be worth an FFe
<jamespage> I actually might push for it
<rbasak> Most mongo users will want 2.4 I think
<rbasak> I think they might consider 2.2 too old to be worth using
<jamespage> the default JS engine is now v8 rather than the obsolete embedded spidermonkey engine
<rbasak> And we're only a few days late
<jamespage> rbasak, ack
<koolhead17> jamespage: so let me work on it with this repo and once grizzly releases i will change the repo and try it on stable main cloud archive
<jamespage> adam_g, zul: something is wonky with the glance package build in the lab
<jamespage> it takes neally 2 hours
<jamespage> something dies at the end of the build and it hits a timeout in sbuild
<jamespage> ttx, hows grizzly looking generally?
<ttx> jamespage: everything looks under control. not so many showstoppers
<ttx> I have a harder time following all the projects to get a more precise idea, so i have to rely on the PTLs reports
<ttx> buit they look on top of incoming bugs and on the right track to fix all RC ones
<jamespage> rbasak, OK - I uploaded your arm fixes + a couple of minor tweaks of my own
<jamespage> looking at 2.4 now
<jamespage> Daviey, hmm
<jamespage> http://paste.ubuntu.com/5630788/
<rbasak> Thanks jamespage!
<jamespage> http://paste.ubuntu.com/5630789/
<jamespage> the code that references openssl in the mongodb codebase is actually apache-2.0 licensed
<jamespage> but that code is used by AGPL licensed code
<jamespage> ttx, great - I've been recycling my trunk testing environment 3-4 times a day and I've only found a few minor niggles
<jamespage> (that cover all of openstack aside from ceilometer - working on getting that incorporated as well)
 * jamespage melts his laptop building mongodb 2.4
<jamespage> zul, yolanda: https://code.launchpad.net/~james-page/horizon/grizzly-rc1/+merge/154340
<zul> jamespage:  how do you re-compress the static js?
<jamespage> zul, see the README in debian/
<zul> jamespage:  ack
<jamespage> zul, its a dumb MP as its so large
<jamespage> due to the asset regeneration
<zul> jamespage:  yeah anywyas +1
<yolanda> oh, i was just approving it also :)
<jamespage> zul, are you OK to pickup glance and swift rc's?
<zul> jamespage:  always
<jamespage> zul, ta
<jamespage> zul, I'd already done the work for horizon last week so thought I would help out with that one
<zul> jamespage:  no worries thanks
<scalability-junk> hey I'm trying to copy/move some data and with dd if=/dev/zero of=/dump.dd I get 350M/s write, but with cp, mv or dd from /input.dd to /output.dd I always get 99% io and only 5-10 M/s read and write
<scalability-junk> any idea how to optimize it?
<sw> hi what's the best way to keep SSH sessions to an Ubuntu server alive?
<sw> TCPKeepAlive yes is set on the server
<patdk-wk> sw, heh?
<patdk-wk> by default, sessions are always alive
<patdk-wk> sounds more like a nat issue
<sw> patdk-wk: SSH connections just stop responding if left idle for a couple of minutes
<patdk-wk> are you behind nat?
<sw> patdk-wk: no
<patdk-wk> then a tcp connection, even without any keepalives, will last forever
<patdk-wk> keepalives are only useful for two things, detecting dead connections, or keeping nat from timing out
<sw> that'd odd, have a handful of SSH connections that we leave open, no issues with any of our Debian or Fedora boxes
<patdk-wk> and since, ClientAliveInterval defaults to 0, tcpkeepalive=yes won't do anything
<sw> we have 6 Ubuntu servers, it happens on them all
<sw> at the same location as the others, same connection etc.
<patdk-wk> sw, you have a firewall on the ubuntu server?
<sw> patdk-wk: no
<patdk-wk> this doesn't happen on any of my ubuntu servers
<mardraum> sw: on the client in ~/.ssh/config insert "ServerAliveInterval 60"
<patdk-wk> in fact, I can hibernate my laptop, disconnect it
<patdk-wk> and then turn it on the next day, and all my ssh sessions resume without issue, no drops
<patdk-wk> keepalive would have killed those
<rbasak> sw: the best thing to do is to run tcpdump to capture all relevant network traffic and then have someone who understands TCP to interpret it. That will pin down the cause.
<sw> mardraum: I'll give that a shot, thanks
<patdk-wk> normally you will need a tcpdump from both sides
<mardraum> sw: I usually need it behind certain cisco stateful "firewalls" (eg CBAC)
<rbasak> patdk-wk: sure, but a tcpdump on the server side will be able to either eliminate the server or implicate it.
<zul> jamespage/yolanda: https://code.launchpad.net/~zulcss/glance/rc1/+merge/154355
<yolanda> easy one
<jamespage> zul, +1
<zul> jamespage: thanks
<zul> jamespage/yolanda: im just doing a local build before uploading it to  raring
<jamespage> zul, ack
<smb> zul, Daviey, Any news on the review/sponsoring frontier?
<zul> smb: xen?
<smb> zul, yup
<zul> smb:  will do so tonight just almost caught up
<zul> s/tonight/this morningg
<smb> zul, Ok, just asking since Daviey has been asking for a debdiff yesterday. Not sure *exactly* why
<Vee_> what state are maas nodes supposed to be in, when available but offline ?
<jamespage> yolanda, I'm testing a potential upgrade to mongodb 2.4.0 for raring - if I stick it in a ppa can you check it out with ceilometer for me?
<zul> jamespage/yolanda: https://code.launchpad.net/~zulcss/swift/rc1/+merge/154366
<yolanda> jamespage, sure
<jamespage> yolanda, thanks
<jamespage> yolanda, ppa:james-page/mongodb2.2
<jamespage> just uploading - may take a few to build
<yolanda> ok, let me try it
<jamespage> yolanda, that will be on raring btw
<yolanda> my openstack is running precise :(
<yolanda> can it be possible to test that on precise?
<zul> smb: looking now
<smb> zul, ack
<Vee_> i am stuck, can someone please help me ? I need to get past juju bootstrap: 229 INFO Bootstrapping environment 'maas' (origin: distro type: maas) 2013-03-20 ,880 ERROR No matching node is available.
<Vee_> i have 7 nodes in state: commissoning, but juju refuses to bootstrap properly
<jcastro> Daviey: omg, that SRU of maas into precise has been sitting there since January?
<zul> jcastro:  welcome to the dark side
<olivier_bK> hi
<ttx> jamespage: nova MP cut
<tgm4883> There once was a man named Daviey
<tgm4883> who needed to do me a favey
<tgm4883> he should fix the DNS
<tgm4883> because it's a mess
<tgm4883> and then our website would be savey
<histo> who's dns?
<histo> ahh yours
<tgm4883> yea
<histo> tgm4883: what's the url?
<tgm4883> histo, basically, http://mythbuntu.org doesn't redirect to http://www.mythbuntu.org
<tgm4883> it's a google site, so it's a DNS fix
<histo> tgm4883: ahh need a @
<tgm4883> yea
<tgm4883> If that doesn't work, I also have a haiku
<jamespage> ttx, ack
<sw> 3
<kirkland> rbasak: hadn't seen it, just answered
<rbasak> kirkland: thanks!
<kirkland> rbasak: np
<kirkland> rbasak: thanks for the heads up
<rbasak> kirkland: you can subscribe to tags apparently. Maybe helpful for you?
<DavidScherer> After the installer asks if I want to activate the "ATA RAID Controller" it takes me to the partition manager. There I only have 3 options, one for iSCSI, one to undo changes, and one to write the changes to disk, as well as a blank line which can be selected but does nothing.
<DavidScherer> I've tried the "Undo Changes" option but I go to a purple screen and nothing seems to be happening.
<xnox> DavidScherer: a fakeraid controller probably got activated, have you setup raid in your bios ?
<xnox> DavidScherer: if not, you probably want to reboot again and choose to not activate ata raid controller, and just use the disks directly (or like setup linux software raid - mdadm)
<DavidScherer> xnox: I used the Lenovo Thinkserver easy setup to setup the RAID
<xnox> DavidScherer: no idea what that is. I generally find mdadm software raid most reliable, alternatively with hardware raid the drives should appear correctly. If this Lenovo thing is "fakeraid" e.g. chipsets on the motherboard, I'd advice against using it.
<DavidScherer> xnox: I'm pretty sure this is hardware raid.
<xnox> ok. Sorry, I don't have any knowledge of Thinkservers, maybe somebody else on here does.
<xnox> Otherwise http://askubuntu.com is a good place to ask a question about Thinkservers support status / experience of other people.
<zul> adam_g/jamespage: https://code.launchpad.net/~zulcss/nova/rc1/+merge/154453
<histo> Is there any difference on the server cd vs the regular cd other than a text based installer?
<lwizardl> no gui installed also
<lwizardl> server is more designed to be used without a monitor attached and any changes that need to be done are done with putty
<zul> adam_g:  ping https://code.launchpad.net/~zulcss/nova/rc1/+merge/154453
<Newbee> hai i am installing apache 2.4.4 on linux and got the following error any help?? "checking for APR... configure: WARNING: APR version 1.4.0 or later is required, found 1.3.8"
<Newbee> any help??
<Newbee> hai all i am installing apache 2.4.4 on linux and got the following error any help?? "checking for APR... configure: WARNING: APR version 1.4.0 or later is required, found 1.3.8"
<sarnold> Newbee: 'apr' is 'apache runtime'. if you're rolling your own apache, you'll probably also need to roll your own apr too.
<Newbee> how to upgrade apr from command line
<kirkland> smoser: ping
<smoser> hey
<smoser> kirkland, ^
<lwizardl> so what would be needed to setup a server to use smarthost if it was originally set to not be smarthost enabled ?
<adam_g> jamespage,  zul http://people.canonical.com/~agandelman/folsom/nova-2012.2.1+stable-20121212-a99a802e-0ubuntu1.4~cloud0/
<jamespage> adam_g, +1
<jamespage> adam_g, upload it now and I'll swish it through first thing tomorrow :-)
<jamespage> adam_g, whats happening with 2012.2.3?
<adam_g> jamespage, k
<adam_g> jamespage, NFI what was uploaded ~1 month ago is now totally obsolete.
<adam_g> jamespage, i'm happy to put together another batch of uploads, but i worry they'll just sit in queue for another month until they've been trumped by a bunch of security updates
<jamespage> adam_g, so I see they got accepted 20/02
<jamespage> right?
<jamespage> into proposed that is
<adam_g> jamespage, one sec. doing to many things at once  ((just pushed that nova update to the grizzly-staging ppa :\ )
<jamespage> adam_g, oppps
<adam_g> jamespage, so: originally pushed 2012.2.3 (all projects) into queue. ~2 weeks later they got accepted to proposed. around same day they were accepted, a bunch of security updates were released together, which got released as patches onto 2012.2.1
<adam_g> jamespage, i began rebasing packages as new uploads into the queue to include the security fixes.. those are still pending
<adam_g> jamespage, and have been for some time, since then more security updates come. those in queue (and in proposed) lack some of the security updates, i think.
<jamespage> adam_g, looks like cinder is pretty much the only thing not superceded by security updates
 * jamespage sighs
<adam_g> jamespage, yeah.. :|   i'd much prefer updates to get rolled out coordinated across all projects.
<jamespage> adam_g, +1
<jamespage> it gets tested upstream like that after all
<jamespage> adam_g, I think we need to agree some sort of cadence cycle with the SRU team so we don't keep getting bumped like this
<jamespage> adam_g, lemme talk to Daviey about it tommorow and see what we might cook up
<adam_g> jamespage, the bottleneck currently is getting things approved into -proposed, whereas last cycle it was getting things into queue. i guess we've made some progress :)
<jamespage> adam_g, OK - leave it with me
<jdstrand> I'm not sure the cinder in -proposed has the patch that is in -security. please verify
<adam_g> jdstrand, correct
<IgorNym> hello!
<IgorNym> I've just setup a VM with ubuntu-server 12.10
<IgorNym> Does anyone know how to install php5.3.3 instead of the current version?
<IgorNym> I'm trying to replicate a production system
<IgorNym> apt-cache showpkg php5 only shows 5.4.6-1ubuntu1.2 and 5.4.6-1ubuntu1
<sarnold> IgorNym: there's a pile of other versions in the repository: http://us.archive.ubuntu.com/ubuntu/pool/main/p/php5/
<sarnold> .. though I don't see a 5.3.3
<IgorNym> Cool! 5.3.x would be fine.
<IgorNym> Noob question - how to install from there, once I've chosen my .deb?
<sarnold> IgorNym: you can wget the package and dpkg -i to install -- it will leave all the dependency resolution to you, that way, which will be .. painful.
<sarnold> well, I guess there are worse things than life without apt. but still. :)
<sarnold> IgorNym: this page will give you a feeling of which version to pick for the version you're trying to replicate: https://launchpad.net/ubuntu/+source/php5
<IgorNym> Cool I'll give that a go
<adam_g> zul, jamespage this too http://people.canonical.com/~agandelman/folsom/keystone-2012.2.1-0ubuntu1.3~cloud0/
<zul> adam_g:  +1
<IgorNym> success!
<IgorNym> just needed the right php5-common package from that page.
<IgorNym> Thank sarnold
<IgorNym> *Thanks
<sarnold> IgorNym: woot :)
<kirkland> utlemming: ping
<kirkland> utlemming: what is http://cloud-images.ubuntu.com/quantal/current/tool-version-info.txt ?
<utlemming> kirkland: it just shows the changes made in the build system. Its legacy and honestly should just die
<kirkland> utlemming: okay, cool
<kirkland> utlemming: next question ... so I'm downloading quantal-server-cloudimg-amd64-disk1.img
<kirkland> utlemming: I'm going to mount it, edit /etc/overlayroot.conf, unmount, and register my own ami
<kirkland> utlemming: the best way to do this is ec2-bundle-image?
<utlemming> kirkland: if you want instance store, yes, that is how I'd do it
<kirkland> utlemming: for the root disk?
<utlemming> kirkland: yes
<kirkland> utlemming: okay -- and if I just want ebs?
<kirkland> utlemming: i don't want to actually boot the system, which is why I can't use the AWS web interface
<utlemming> kirkland: install qemu-util, mount the qcow2 image, dd it over, snapshot and register
<kirkland> utlemming: booting it peturbs the image
<kirkland> utlemming: "dd it over" meaning, dd it to an ebs volume?
<utlemming> kirkland: i.e. modprobe nbd; qemu-nbd -c /dev/nbd0 <image>; dd if=/dev/nbd0 of=<disk> bs=1M
<utlemming> kirkland: right, the ebs volume
<kirkland> utlemming: oh, interesting
<utlemming> kirkland: the qcow2 is a complete system with grub2
<kirkland> utlemming: k, lemme give that a shot
<kirkland> utlemming: okay, so is /dev/nbd0 mountable?
<utlemming> kirkland: /dev/nbd0p1 is
<kirkland> utlemming: aha
<kirkland> utlemming: when I create the volume in the AWS ebs interface, what's the right "size"?
<kirkland> utlemming: I tried 8GiB and it came out a little short, like 7-something
<kirkland> utlemming: hmm, okay, did all of that, created snapshot, created image, tried launching... doesn't appear bootable
<kirkland> utlemming: did I need to do anything after the dd, and before the snapshot?
<kirkland> utlemming: I selected Kernel ID: aki-825ea7eb
<kirkland> utlemming: ah, hang on, I think I know what's wrong
<kirkland> utlemming: I forgot to add an ephemeral disk, which I need for the overlay to work
<kirkland> utlemming: hmm, that's not working either
<kirkland> utlemming: this is strange
<kirkland> utlemming: http://paste.ubuntu.com/5632736/
<Extreme> Hello
<Extreme> When I try install something on my VPS, I get the following errors:
<Extreme> locale: Cannot set LC_CTYPE to default locale: No such file or directory
<Extreme> locale: Cannot set LC_MESSAGES to default locale: No such file or directory
<Extreme> locale: Cannot set LC_ALL to default locale: No such file or directory
<kirkland> utlemming: yeah, I'm at a loss at this point
<Extreme> I did: `sudo locale-gen en_US en_US.UTF-8` and `dpkg-reconfigure locales` but that didn't fix it
<sarnold> Extreme: if you run 'locale' do you see that your locale settings are only en_US or en_US.UTF-8 ?
<Extreme> one sec
<Extreme> This is the output for "locale", http://pastie.org/private/j8xbyltkcoqa57l0wmwsrw
<kirkland> utlemming: yeah, for some reason, the image created from that snapshot is just not bootable
<sarnold> Extreme: do you have the en_IN and en_IN.utf8 locales generated? (in the output of locale -a)
<Extreme> sarnold: I think no, http://pastie.org/private/binvqjdm7z4t0u4x0fl8sw
<sarnold> Extreme: you'll either have to set your locale to en_US or build the en_IN locales..
<Extreme> sarnold: how to do that? Can you point me to an article or something?
<kerframil> Extreme: edit /etc/default/locale and/or execute "locale-gen en_IN en_IN.UTF-8", respectively
<Extreme> kerframil: I couldn't find anything in /etc/default/locale file. (I opened with `nano /etc/default/locale)
<kerframil> Extreme: in older releases, it's /etc/environment. more info: https://help.ubuntu.com/community/Locale
<lone_mule> hello
<Extreme> I am having 12.04
<kerframil> Extreme: I don't know then. perhaps LANG was defined by some other means in your current environment. on my 12.04 system, it's sourced from /etc/default/locale.
<kerframil> Extreme: in any case, LANG is what needs to be set to make a locale effective, and locale-gen can be used to generate missing locales that you may wish to use.
<Extreme> I just want to turn off the error messages while installing stuff. Is that possible?
#ubuntu-server 2013-03-21
<kerframil> yes. you need to select act upon either of those two options. a rapid workaround is to generate the en_IN locale because that will immediately 'fix' things in your current session
<Extreme> kerframil: I did "update-locale LANG=en_US.UTF-8 LC_MESSAGES=POSIX" and  I think it worked
<Extreme> I can see this in the file now:
<Extreme> LANG=en_US.UTF-8
<Extreme> LC_MESSAGES=POSIX
<kerframil> Extreme: you can "echo $LANG" and run "locale" to check whether these settings are in effect
<Extreme> kerframil: this is the output: http://pastie.org/6644736
<kerframil> Extreme: log in anew and run locale once again
<kerframil> Extreme: it should change
<Extreme> login as a different user?
<kerframil> Extreme: same user, but it shouldn't matter
<Extreme> okay, that worked. I can now see "en_US.UTF-8" instead of the other one.
<kerframil> Extreme: as the locale is actually installed, that should be fine then
<Extreme> great. Is there any way I can test?
<kerframil> Extreme: um. well, you could run "perl -v". it will warn in no uncertain terms if the locale settings are messed up.
<kerframil> first line would be "perl: warning: Setting locale failed." in that case
<Extreme> the first line is This is perl 5, version 14, subversion 2 (v5.14.2) built for... So I guess that worked!
<kerframil> correct
<Extreme> kerframil: Thank you very much! :)
<histo> If I sudo ufw enable while connected via ssh with the default setup block me instantly?
<histo> or if I sudo ufw enable && sudo ufw enable ssh   will I be good?  I'm not familiar with ufw's default setup for what it blocks just wondering if someone knows
<histo> Server is remote so I don't want to get hosed
<sarnold> histo: I just tested on a VM; ufw enable gives a nice warning that it _might_ disrupt active ssh connections, but mine stayed alive...
<sarnold> histo: all the same, you might not want to do it until you've got a serial console or local access...
<histo> sarnold: hrm.. wonder if I should use nohup then on the sudo ufw enable ssh part then
<histo> Something like sudo ufw enable && sudo nohup ufw enable ssh
<histo> err
<histo> ahh piss let's try it and see what happens
<sarnold> histo: another test, "ufw allow ssh ; ufw enable" also worked..
<histo> sarnold: not familiar with ;
<sarnold> histo: ; is a command separator. try "touch /tmp/foo ; ls -l /tmp/foo"
<histo> similiar to && ?
<sarnold> histo: yes
<sarnold> ; doesn't care about the success or failure of previous commands
<sarnold> && and || do care
<histo> ahh
<histo> anyhoot in your test ufw allow ssh  prior to ufw enable  worked?
<sarnold> yeah, I wondered if having the rules might trip some funny established rules or something. It just seemed better to test both directions -- ufw allow ssh ; ufw enable  and ufw enable ; ufw allow ssh  -- before saying it was fine. :)
<histo> thank you  for you help by the way sarnold
<jdstrand> histo: you can safely add rules before doing 'ufw enable'. so 'sudo ufw allow ssh && sudo ufw enable' should be safe. the other way works too of course, but then the connection might block
<histo> Gotcha turns out the server is down anyway.  Not sure what the hell the other guy did putting it at the location.  Have to wait till tomorrow now.
<histo> I set it up at offsite while it was at his house. He just had to mvoe it to it's final destination then tells me there's no hw firewall there. So I told him i'd use ufw after he put it in place.  He botched that some how lol.
<nabblet> hi. where can i find information on best practice about volumen / hard disc management. I am about to set up a data server for me and ~5 other users and was wondering which way would fit me best since I have no practical experience with setting up und maintaining a server (I used to ubuntu, have no problem with commadn line though. usually I know what i am doing )
<nabblet> so my question evolves around keywords like RAID, LVM, ZFS
<AgMo> -j ubuntu-id
<noaXess> hey server geaks
<variant> hi all.. ubuntu 12.04 minimal virtual machine here, apt / dpkg completely hangs when installing / removing sssd
<variant> dpkg says it's "in a very bad state"
<variant> tried a lot of stuff to fix it, any help would be appreciated
<noaXess> on a customer server they made a /boot with 228mb.. yes.. now.. /boot is full.. and a new kernel installation is hanging, but can't be installed, cause /boot is full
<noaXess> i wanted to purge old kernels but until new kernel is installed i can't.. i need to do apt-get -f install.. but this breaks, cause.. /boot is full
<noaXess> so.. how can i reset the actuall update of the kernel.. so i can remove first old kernels?
<variant> noaXess: just rm the older kernel from /boot
<noaXess> variant: what about /boot/grub/grub.cfg?
<variant> noaXess: once you fixed everything just run update-grub
<variant> noaXess: rm a couple of older kernels and install the new one, then run update-grub
<noaXess> variant: aha.. so.. remove manually from /boot, run update-grub.. and then finisch update of newest kernel
<variant> yes
<noaXess> variant: remove all files with same verision number, also System.map..., abi-..., config-..., initrd-img-... and so on?
<variant> noaXess: you just need to free up a little space, you can then use apt to purge the rest of the old files
<noaXess> moved all of the old kernel files i don't need.. update-grub and apt-get -f install is done..
<variant> noaXess: cool
<noaXess> now purge old kernels.. so also dpkg is clean
<variant> noaXess: yes, nice
<variant> if anyone cares, i fixed my dpkg problem by booting to single user mode
<variant> from where the dpkg command no longer hung when removing sssd.
<noaXess> variant: your also done ;)
<variant> jupp
<noaXess> what if you have a problem such ours and have a m$ win server?.. get fast support in... wait... 5 minutes?
<noaXess> hehe
<variant> noaXess: yeah no chance hehe
<variant> noaXess: you just have to be a bit carefull with who you listen to
<noaXess> other question, about kernels.. is there a way, that.. if a new kernel s installed, that apt-get just keep last eg. two kernels and not all?
<variant> noaXess: some people will give advice without understanding possible quesntions
<variant> noaXess: yeah i think you can do that.. don't remmeber how of the top of my head though
<variant> noaXess: looks like 2 kernels being saved is default
<variant> noaXess: look at the comment at the top of /etc/kernel/postinst.d/apt-auto-removal
<variant> noaXess: i would just leave it as it is if i were you. you could look at expanding the /boot partition which you can do wihtout rebooting
<variant> assuming you have space
<noaXess> variant: ok.. thanks..
<noaXess> the server will be reinstalled in the future.. so in the moment manually removing kernels is good enough
<variant> afk..
<jamespage> rbasak, mongodb working on arm in raring now  thanks for your work on that!
<rbasak> jamespage: great! I've since got the smoke tests to pass with another patch I need to send you. It's another SIGBUS failure case.
<jamespage> rbasak, so we can enable the testing for arm during package build?
<rbasak> jamespage: also the smoke test is producing some warnings that I think might actually be errors that are arm-specific and should fail the test
<jamespage> if so fantastic!
<jamespage> rbasak, oh - its very verbose
<rbasak> so I'm running an amd64 build to compare
<jamespage> stacktraces and all
<rbasak> There are stack traces
<rbasak> Ah OK
<jamespage> but it does fail tests when they are unexpected
<jamespage> rbasak, I have a 2.4.0 update in testing
<jamespage> rbasak, just trying to get some test coverage with ceilometer
<rbasak> jamespage: you're confident in their error handling? In that case I have one final patch.
<jamespage> rbasak, send it to me - I'll tie up a PPA build for ~6 hours again!
<one> how do I find out why I was banned?
<ikonia> one: you're in #ubuntu-ops asking, so I suspect you know
<one> oh
<one> well why was I banned?
<one> I wish youse no harm.
<one> Why am I shunned?
<one> There is no other way to life and eternal.
<rbasak> jamespage: build of mongodb 2.4 on armhf fails. It's a pretty common x86 assumption about signed/unsigned chars. I can fix but there may be others - I'll keep working on it
<jamespage> rbasak, great - thanks
<jamespage> rbasak, I uploaded your extra arm fixes and testing enablement btw
<rbasak> Great - thanks!
<jamespage> rbasak, please timebox this - if its looking like to alot of work then we can stick with 2.2.3
<jamespage> and push 2.4.0 out to S
<rbasak> jamespage: ack
<wiehan> Question: I want my ubuntu server box to be happy. Mounted in a 6u swing frame wall mounted cabinet, with only 2 fans at the top of the 6u wall box, should they blow in or suck out?
<wiehan> this is the box http://goo.gl/68stC
<jamespage> zul, just re-reading the pep8 thread on openstack-dev
<jamespage> zul, we should not do PEP-8 checking in the package builds
<jamespage> zul, code formatting is an upstream concern IMHO
<jamespage> (and yes I know pep8 does more that just check formats)
<jamespage> zul, what do you think? something for next cycle anyways
<jamespage> zul, when you start can you take a look at https://bugs.launchpad.net/ubuntu/+source/glance/+bug/1158247
<uvirtbot> Launchpad bug 1158247 in glance "test_server_monkey_patch leaves orphaned process" [Medium,Triaged]
<jamespage> its whats breaking the glance build - I had to get webops to poke it in the right way inthe distro after 21 hours to make the build go through
<jamespage> zul, havana ppa etc.. - please hold off - I want to automate the branch creation and ppa seeding
<jamespage> otherwise we forget how todo it each cycle
<zul> jamespage:  i was double checking last night and there are some packages that do pep8 and some that dont so turn if off in h
<zul> jamespage:  ill take a look at glance
<jamespage> zul, ta
<jamespage> zul, I'm re-syncing any mismatched deps in the ca for grizzly
<zul> ack
<zul> jamespage:  can you check to see if we carry this python-netaddr patch please?
<jamespage> zul, http://people.canonical.com/~jamespage/ca-updates/ last load of dep updates
<zul> jamespage:  who updated python-django-openstack-auth ?
<jamespage> zul, me
<zul> jamespage:  okies
<jamespage> zul, bug with multple project in horizon
<zul> ack
<zul> jamespage:  +1
<jamespage> zul, ack
<jamespage> ta
<LargePrime> HEYO1 /sbin/modprobe tun gives FATAL: Could not load /lib/modules/3.2.13-grsec-xxxx-grs-ipv6-64/modules.dep: No such file or directory     THOUGHTS?
<vila> hallyn: ping
<hallyn> vila: .
<vila> hallyn: argh, brought the bug page to copy it here, found your comments, let me read ;)
<zul> jamespage:  glance fixed locally ;)
<jamespage> zul, how?
<zul> changed self.config(workers=1) to self.config(workers=0)
<vila> hallyn: bug #1157589 updated, sorry, I missed your comments and that delayed my answer, no pressure on you ;)
<uvirtbot> Launchpad bug 1157589 in kvm "kvm hangs for freebsd guests since raring upgrade" [Medium,Incomplete] https://launchpad.net/bugs/1157589
<hallyn> vila: checking
<hallyn> vila: first, could you just edit the xml to set the emulator to kvm instead of kvm-spice?
<hallyn> that shouldn't do it, but...
<vila> hallyn: indeed, no change (sorry for the delay had some vms I shut down before doing 'service restart libvirt-bin')
<mardraum> oh, I know about that one :D
<mardraum> freebsd guests with serial console configured do fail to boot in raring
<mardraum> that was my next bug report heh
<hallyn> hm, serial console eh
<mardraum> vila: I bet you have console="comconsole" in loader.conf ?
<hallyn> no i've got serial and it works...
<hallyn> ah
<vila> mardraum: loader.conf rings no bell... where should I look for that ?
<mardraum> vila: /boot/loader.conf
<vila> mardraum: hmpf, can't look into that without booting first :-}
<mardraum> heh yeah
<jamespage> zul, just keystone and ceilometer pendings rc's right?
<hallyn> but i can try adding that to my working one :)
<mardraum> I'm only assuming it's the same bug since you don't know about it - but all my freebsd guests die on the kernel load using that
<vila> mardraum: ha ha ! Sound workflow to the rescue ! I happen to have a copy of /boot/loader.conf, no console there
<mardraum> hm
<mardraum> guess I'm opening another one...
<vila> mardraum: only kern.hz=100 and debug.witness.watch="-1" the last time I took a copy (which should the last time I modified it)
<mardraum> lemme try it again now
<vila> hallyn: should I try removing mine ? Would that be the <console> section only or something else ?
<hallyn> vila: i don't think that would work,
<LargePrime> Ubuntu Server 12.10;  /sbin/modprobe tun gives FATAL: Could not load /lib/modules/3.2.13-grsec-xxxx-grs-ipv6-64/modules.dep: No such file or directory     THOUGHTS?
<mardraum> vila: I didn't have to edit the guest config to work around it
<hallyn> i have a console entry in the xml
<hallyn> i don't seem to have a /boot/loader.conf though
<mardraum> it's not created by default in freebsd
<mardraum> if it doesn't exist, you simply don't have one
<vila> hallyn: not required AFAIK but I'm a freebsd noob, only use it for regression testing
<vila> mardraum: note that the vm pause very early in the boot process, it stopped after displaying: 'ACPI APIC Table: <BOCHS BXPCAPIC>'
<hallyn> apparently i did it wrong :)  now it just hangs after loading loader.conf
<vila> hallyn: how far in the boot process ?
<hallyn> vila: I think you'll do better if you (1) download git://git.qemu.org/qemu.git and build it, (2) run with 'kvm -hda freebsd.img -serial stdio, and then report failures upstream
<hallyn> I think adding libvirt to the mix obscures it, and I don't know enough abou freebsd OR seabios to probably help you anyway
<hallyn> once you can reproduce from cmdline, you can check exactly where it's dying and see if it's a freebsd bug or a qemu one
<mardraum> ok, console="comconsole" works fine on 12.10 and will not load the guest on 13.10. I remove that single line from loader.conf and it loads
<mardraum> er. 13.04
<hallyn> and by 'won't load' - how does it die?
<hallyn> you're I assume connecting to the serial console to see it die?
<vila> hallyn: 'kvm -hda freebsd-8.0-64bits.qcow2 -serial stdio' works !
<mardraum> it doesn't get to load the kernel
<mardraum> the process running is tiny
<hallyn> vila: interesting, so it might be libvirt's serial console that's the problem?   huh
<mardraum> let me add a vnc console
<vila> hallyn: yeah or something else but not kvm itself which gives me some target and a way to isolate
<mardraum> openbsd serial console still works fine btw 12.10 -> 13.04
<mardraum> different implementation to freebsd
<hallyn> vila: actually, could you try with libvirt again, do virsh dumpxml <vmname>, check the /dev/pts/N assigned to serial, and connect to it with minicom?
<hallyn> I'm wondering whether freebsd is hanging until you connect before continuing
<plars> sbeattie: can you look at http://paste.ubuntu.com/5634101/ - it was from a run I did for an oneiric kernel SRU, but I had to run by hand
<vila> hallyn: argh, not that *kind* again ;)
<mardraum> use screen or cu, not bloody minicom :P
<hallyn> (look for 'console type='pty' and /dev/pts entry there)
<plars> sbeattie: unfortunately the preinstalled images from oneiric don't lend themselves well to automation
<hallyn> mardraum: screen can do that?
<mardraum> yep
<plars> sbeattie: that was the only failure I've seen, but it's my first time running it in that environment
<mardraum> screen does serial
<hallyn> cool
<vila> mardraum: tell me more so I don't have to install minicom ;)
<hallyn> i've already got screen -e^Aa inside screen -e^Yy, what's one more
<mardraum> man screen? :p
<plars> example: screen /dev/ttyUSB0 115200
<hallyn> plars++
<vila> plars: thx
<plars> then normal screen commands to manage the session (such as ^A-k) to end it
<plars> and mardraum: *big* +1 to not using minicom
<mardraum> minicom is a sickness, it must be eradicated
<plars> cu was my go-to tool for that for a long time, but I've gotten to kinda like screen
<hallyn> h4t3rz :)
<hallyn> but if i can use screen all the better.  (haven't used anything but telnet to qemu serial tcp port in prolly 5 years)
<plars> hallyn: nostalgic for your bbs days?
<plars> hallyn: minicom reminds me too much of that, and downloading linux floppy install images over 1200 baud modem with xmodem
 * plars shudders a bit
<mardraum> plars: haha yeah, I think that's part of it
<zul> jamespage:  yep
<hallyn> heh, 2008 was not bbs days, at least for me :)
<zul> jamespage: ill bug ttx and nijaba about it
<mardraum> pPP WHY YOU NO WORK!?
<jamespage> zul, lol
<hallyn> but yes, i do get nostalgic for my vt100 over acoustically cooupled 300bad modem :)
<zul> hallyn:  eee eeeeern!
<hallyn> *that* was when I learned about screen, btw :)
<vila> hallyn: nope, nothing happened. Note that the vm is paused as in 'virsh list' says '3     freebsd9                       paused'
<hallyn> 9 vts on vt100, i couldn't understand why ppl wanted the whole windows thing :)
<hallyn> vila: while attached to the serial, can you resumem it with virsh?
<hallyn> and/or do another virsh dumpxml and pastebin the output
<mardraum> hallyn: so with that single line in loader.conf in a freebsd 9.1 guest, it hangs after the "Loading /boot/defaults/loader.conf" line with a single line showing "-", which is the beginning onf the kernel load spinner
<mardraum> I remove that line, it boots fine, and I can still use virsh console vm
<hallyn> mardraum: ok - i wonder why i didn't get the error msgs vila got on the terminal where i started kvm though
<hallyn> mardraum: and you would insist that with quantal's qemu it would proceed?
<hallyn> i can build an older qemu and try it
<vila> hallyn: attempt to resume from the window thingy receives an error: Error unpausing domain: internal error unable to execute QEMU command 'cont': Restting the Virtual Machine is required
<mardraum> hallyn: yep same image on shared storage, just tested it with a 12.10 host ok
<hallyn> mardraum: bleh.  thx
<hallyn> mardraum: i still suspect seabios over qemu, but let's see...
<mardraum> hallyn: this is the other issue I noticed when I started testing 13.04 besides the migration one, but I had a workaround for this so it wasn't an issue so far
<mardraum> hallyn: do you want me to open a bug for it?
<mardraum> I'll do a fresh freebsd 9.1 amd64 install on 12.10 if so and replicate it again first if you like
<hallyn> mardraum: we're working from bug 1157589 so no need for new one
<mardraum> though probably tomorrow night since it's after midnight here now
<uvirtbot> Launchpad bug 1157589 in kvm "kvm hangs for freebsd guests since raring upgrade" [Medium,Incomplete] https://launchpad.net/bugs/1157589
<hallyn> thx
<mardraum> ok
<mardraum> I'm using virtio ok in the freebsd guest still in 13.04. I suspected that at first
<hallyn> yeah that didn't work for me
<hallyn> livecd installer refused to recognize it
<mardraum> yeah it's in ports in freebsd 9, so you need a working system, then install the port (requires full src, ugh)
<mardraum> freebsd 10 finally has it in tree though
<mardraum> I can upload a 9.1 amd64 build of the virtio port though, it has no depends AFAIK and pkg_add will install it
<mardraum> otherwise you'll need to build a machine to build the port which has the full src tree
<hallyn> wait.  it didn't crash with lastest git head.  maybe i was too impatient with rarings' qemu, one more try
<zul> jamespage:  patch sent upstream for glance
<jamespage> zul, so I see
<jamespage> thanks muchly for picking that up
<jamespage> zul, I'm concerned we have not updated libvirt inthe cloud archive
<jamespage> zul, its going to make it more difficult to track security updates etc...
<zul> jamespage:  im wasnt...but you are right
<jamespage> zul, I might stick it in the trunk testing ppa and see how it gies
<zul> jamespage:  please
<jamespage> zul, ack
<zul> jamespage:  im going to get the folsom stuff passing again on jenkins
<hallyn> vila: mardraum: for me it crashes with -enable-kvm, and not without.
<jamespage> zul, +1 - we really need to push the 2.3 release through
<hallyn> both upstream and in raring pkg.  now lemme try 1.2 - to see if it's the kernel or qemu
<jamespage> we keep getting jumped by security updates three weeks into the process.
<jamespage> Daviey, around? I'd like to discuss openstack SRU's if you have a moment
 * jdstrand would love for the updates to stop rolling in ;)
<Daviey> jamespage: o/
<jamespage> jdstrand, you and me both :-)
<jamespage> Daviey, ola - one second
 * Daviey ponders.
<jamespage> Daviey, right - back
<jamespage> Daviey, adam_g and I where discussing whether we could approach the first part of the SRU process a bit better
<jamespage> Daviey, we agreed after the 2012.2.1 release how we would verify bugs
<vila> hallyn: not sure I follow your experiments :-) Do you mean you have a way to reproduce ?
<jamespage> Daviey, but its taking 2+ weeks to actually get into proposed and the rate of security bugs means we generally get superceded between initial preparation and verification
<jamespage> Daviey, any thoughts?
<hallyn> vila: yes, with the loader.conf line, kvm -hda freebsd.img -m 512 -serial stdio -vnc :1 -enable-kvm does it for me
<hallyn> vila: without -enable-kvm does not
<hallyn> sigh, but older qemu isn't compiling.
<Daviey> jamespage: well, there has been a general backlog in SRU handling.
<jamespage> Daviey, so this is not *normal*?
<jamespage> Daviey, I just don't want to ask adam_g to recut the packages if we are going to be in the same place again in 3 weeks
<Daviey> Whilst i got started with SRU processing, i wanted to try and avoid larger ones...  However, once i am up to speed.. I can probably prioritise these based on priority of them blocking other work.
<Daviey> I've been trying to help reduce the queue to free up others to review it.
<Daviey> In addition, slangasek was chewing his fair share with MAAS SRU.
<Daviey> So it's a backlog caused by the point release IMO.
<Daviey> jamespage: I think it makes sense to check with jdstrand that there is nothing likely to trump an SRU shortly, before crafting an upload..Once that is signed off, we should try and get it accepted same day.
<jamespage> Daviey, okies
<jdstrand> I'm fine with that
<Daviey> Yeah, really crappy situation on the essex uploads we had
<jdstrand> note that most of these are embargoed first, so I can't necessarily be very specific
<jamespage> jdstrand, its would be enough to know that you have a security update in process for package XX
<jdstrand> yeah
<jdstrand> (though, not publicly)
<jdstrand> we don't want to jeopardize our access to advanced notice
<Daviey> for sure.
<jamespage> jdstrand, agreed
<jdstrand> anyway, just ask and I'll give you what you need to make a decision
<rbasak> jamespage: build success for 2.4, with one extra patch needed: http://paste.ubuntu.com/5634220/
<rbasak> I'm a bit suspicious of what I saw around there though. I wouldn't be surprised to find a runtime problem.
<rbasak> (alignment SIGBUS again)
<jamespage> rbasak, lol - I don't think upstream have much interest in arm right now
<rbasak> sorry, had an xpra/xchat hang
<hallyn> vila: mardraum: it's the kernel
<hallyn> i did the same tests in a precise container on raring host, same results
<hallyn> with kvm hangs, without kvm works
<Extreme> Hi, can anyone link me to a good article/Ubuntu help page that describes how to set up VPN on an Ubuntu server?
<LargePrime> lol i was just doing that
<LargePrime> https://help.ubuntu.com/11.10/serverguide/openvpn.html
<holstein> !vpn
<ubottu> For more information on vpn please refer to https://wiki.ubuntu.com/VPN
<LargePrime> but i hit fail
<LargePrime> because my provider had removed the kernal info
<LargePrime> so i cannot /sbin/modprobe tun
<holstein> LargePrime: are you using ubuntu? or something custom from your provider?
<Extreme> LargePrime: aha
<LargePrime> ubuntu, from my provider
<jamespage> xnox, rbasak has the mongodb test suite running on ARM
<LargePrime> I guess I could hack around it
<LargePrime> but not that ubuntu savy
<xnox> jamespage: noticed the upload. very nice =)
<jamespage> xnox, yeah - its looking better on arm now
<jamespage> rbasak, did you mean to pastebin the patch for 2.4.0?
<rbasak> jamespage: I meant to show you the stacktraces in the test run :)
<rbasak> I'll pastebin the patch for you
<jamespage> rbasak, ta
<jamespage> rbasak, I've been thinking about it and I'm not sure we should do this upgrade
<jamespage> we really need to bump pymongo as well for compat
<jamespage> feels a little risky
<rbasak> Any other rdepends?
 * jamespage looks
<rbasak> jamespage: http://paste.ubuntu.com/5634304/ - against your PPA 2.4 so re-adds the newest changes; arm-signed-char.patch is the new one
<rbasak> I want to send this upstream if I can figure out where they want it
<jamespage> kirkland, I see hockeypuck depends on mongodb - have you guys tested with 2.4?
<rbasak> jamespage: I'm worried that staying with 2.2 will make the mongodb packing irrelevant.
<rbasak> packaging
<jamespage> rbasak, probably only for 9 months
<jamespage> :-)
<rbasak> Which will increase the number of people who find the packaging not useful and not come back
<jamespage> rbasak, so the python driver release is due tomorrow - https://jira.mongodb.org/browse/PYTHON/fixforversion/11981
<jamespage> this all feels very .0
<LargePrime> is this not off topic chater?
<LargePrime> holstein:
<LargePrime> what are the risks of adding back the kernal libraries to the repository on my server
<ttx> jamespage: keystone MP branch up
<patdk-wk> largeprime, your oviously inside an openvz type thing, there isn't any hope unless you ask your provider to do something about it
<holstein> LargePrime: yeah.. you want to make sure the provider supports what you are wanting to do
<jamespage> ttx, great - thanks
<Extreme> I'm getting this error when I do ./build-rsa http://pastie.org/6930703
<jamespage> zul: want me todo the CA backports for swift, glance, nova and keystoneclient?
<jamespage> zul, also note keystone just cut a milestone-proposed
<zul> jamespage:  if you are so inclined ;)
<jamespage> I've switch the lab
<zul> jamespage:  i saw
<jamespage> zul, its like four commands
<zul> jamespage:  im still working on folsom
<jamespage> zul, actually lets hold off glance until that fix lands
<zul> jamespage:  sure im just getting the red balls blue
<jamespage> zul, great!
<zul> jamespage:  my ocd is kicking in
<jamespage> lol
<zul> jamespage:  ill take care of keystone
<jamespage> zul, lovely
<jamespage> zul, any idea why python-keystoneclient builds in distro but not in sbuild locally?
<jamespage> looks like its trying to use $HOME
<RoyK> how can I see why ubuntu tells me the system needs a restart_
<RoyK> ?
<jpds> RoyK: I think it's something in /var/lib/update-notifier/ .
<jamespage> zul, http://people.canonical.com/~jamespage/ca-updates/
<eagles0513875> hey guys im workign on enabling mod_status on apache and for some blessed reason when i use my domain it pulls up my site saying the page doesnt exist can anyone tell me what im doign wrong
<eagles0513875> i have everythign setup according to the documentation i have read on the apache site
<histo> eagles0513875: have you tried in #apache ?
<RoyK> jpds: hm.. can't find anything relevant there
<histo> eagles0513875:nvm not on freenode
<eagles0513875> histo: there is httpd here for that and i have asked htere
<ikonia> eagles0513875: what does the logs say
<zul> jamespage:  +1
<jamespage> zul,  ta
<kirkland> jamespage: not yet, but it's on our to-do list
<kirkland> utlemming: okay, so I never quite got a bootable AMI
<kirkland> utlemming: hoping you have some advice there
<jamespage> kirkland, no rush - I was considering going for a FFe for raring but no-one has done any real testing yet
<jamespage> so deferring until S
<kirkland> jamespage: cool
<rbasak> jamespage: so is the decision made? We're definitely sticking with 2.2 then, regardless?
<jamespage> rbasak, I think so yes; I spoke with some of the ceilometer guys and they have done 0 testing as well
<rbasak> OK
<jamespage> rbasak, can you try one more 2.2.3 build on ARM for me?  just add libssl-dev to the BD's
<rbasak> Sure
<jamespage> it will enable SSL support - I've not checked it on ARM
<kirkland> jamespage: that would be nice :-)
<kirkland> (ssl support)
<jamespage> zul, yolanda: ceilometer branch needed a patch unfuzz - I've just refreshed and pushed
<jamespage> kirkland, yeah
<zul> jamespage:  whoops...i was doing that too
<jamespage> kirkland, it would - just this minor niggle of GPL + OpenSSL licensing to resolve
<eagles0513875> hey ikonia ended up figuring it out the issue was caused with mod rewrite rules intercepting the server-status address and redirecting it to wordpress page not found
<eagles0513875> on my site
<yolanda> jamespage, great, i'm just testing the ceilometer charms, something is not working in the ceilometer-agent one
<jamespage> zul, yolanda: I think that for a simple unfuzz no peer review should be required - I make the commit with [trivial]
<jamespage> make/mark
<zul> jamespage: ack
<kirkland> jamespage: ah, yeah, that
<jamespage> :-)
<jamespage> yeah - that
 * jamespage head in hands
<kirkland> jamespage: has 10gen not written an ssl exception into their license header?
<kirkland> jamespage: we did that for ecryptfs
<kirkland> jamespage: well, IBM did
<jamespage> kirkland, no - I've asked for one but not yet happened
<kirkland> jamespage: interesting
<kirkland> jamespage: does it not compile against gnutls or libnss or libgcrypt?
<zul> jamespage:  did you kick off a new ceilometer as well?
<jamespage> kirkland, no explicit support in the codebase other than openssl; that next path to investigate
<jamespage> zul, yep
<zul> jamespage:  coolio
<kirkland> jamespage: yeah, then in that case and in my non-lawyer opinion, compilation against ssl is implied as allowed
<kirkland> jamespage: if the (GPLed) code is written specifically against openssl.h, then, um yeah, I reckon the authors intended on allowing you to actually run that code
<kirkland> jamespage: but that's just me :-)
<jamespage> kirkland, lol - indeed
<kirkland> jamespage: ie, when upstream distributed the code in that manner
<kirkland> jamespage: on the other hand, if you, jamespage, wrote a big fat patch to mongodb that added ssl support inline in the code, but required compiling against ssl
<kirkland> jamespage: for that, I'd say you'd need to acquire an exception from the copyright holders
<kirkland> jamespage: but if they're distributing the code as such
<jamespage> kirkland, I tend to agree - but this appears to be a legal grey area
<kirkland> jamespage: and it doesn't actually compile against any of the gnu tls libraries...then what option do you really have?
 * kirkland just watched Lincoln...  most of what Lincoln did was legal grey area -- but it worked itself out :-)
<kirkland> jamespage: do you have any expertise creating AMIs?
<kirkland> jamespage: I'm looking for smoser or utlemming to help me finish something I started yesterday, but I'm blocked on now
<jamespage> kirkland, zip I'm afraid - that's smoser/utlemming territory
<kirkland> jamespage: dang
<jamespage> sorry
<smoser> kirkland, i'm here. whats up?
 * utlemming is here now
<utlemming> kirkland: what's up?
<kirkland> smoser: oh, hey
<kirkland> utlemming: okay, so my AMI is currently not bootable
<utlemming> kirkland: did you dd from /dev/nbd0 to the volume?
<kirkland> utlemming: yep
 * utlemming tries to do this
<kirkland> utlemming: did I need to do any resize2fs or tune2fs or fsck on that?
<utlemming> kirkland: nope
<kirkland> utlemming: and what aki- should I be using?
<kirkland> utlemming: I've tried Kernel ID: aki-b4aa75dd
<kirkland> utlemming: I *think* maybe smoser helped me with something like this before, and pointed me to that aki
<smoser> console output ?
<utlemming> kirkland: that is the wrong one...you need the hd0 variant
<kirkland> smoser: http://paste.ubuntu.com/5632736/
<kirkland> utlemming: k -- is that the -825 one?
<utlemming> kirkland: you have the wrong AKI for sure.
<kirkland> utlemming: cool-- which one should I be using?
<kirkland> utlemming: and the root device -- is that /dev/sda or /dev/sda1?
<utlemming> kirkland: aki-88aa75e1 and whatever you used for your device mapping when you registered it
<utlemming> kirkland: for the device mapping, it doesn't matter
<kirkland> utlemming: okay, created and launching
 * kirkland whistles the jeopardy tune
<kirkland> utlemming: smoser: okay, so I'm curious on both of your takes on this...  what do you reckon is the best way to flag that I want to run an instance with an overlayroot (either tmpfs or encrypted), WITHOUT first launching/editing/rebooting
<kirkland> utlemming: smoser: right now, I'm creating an AMI that has a one-line change in /etc/overlayroot.conf
<kirkland> utlemming: smoser: I can add support into the initramfs hooks for overlayroot that sets up networking and fetches the metadata
<utlemming> smoser: correct me if I am wrong, but does cloud-init look for OVERLAY_ROOT or something like that and just do it?
<kirkland> utlemming: that's too late
<kirkland> utlemming: it has to be setup in initramfs, not userspace
<kirkland> utlemming: cloud-init runs in userspace
<kirkland> utlemming: by that point, we've already written stuff to the root disk
<smoser> kirkland, its not acceptabale to change the default amis. so your one off with the one line change is not unreasonable.
<kirkland> utlemming: still not booting, http://paste.ubuntu.com/5634659/
<smoser> the other option is to use the original image bit for bit and boot with a --block-device-mapping
<smoser> and that disk that is attached can probably manage to do what you want.
<kirkland> cmagina: how so?
<kirkland> smoser: ^
<kirkland> cmagina: sorry...  and howdy, btw :-)
<cmagina> kirkland: np :)
<smoser> well, the overlayroot config disk executes (it is sourced) in the initramfs.
<smoser> so you can actually do anything you want.
<kirkland> utlemming: i did dd from /dev/nb0, and not from the .img -- that's correct, right?
<utlemming> kirkland: yup. I'm going through the exercise now. Give me a few minutes...
<kirkland> utlemming: thanks!
<kirkland> utlemming: I can share this ami with you too, if it helps
<kirkland> utlemming: the *only* change is that /etc/overlayroot.conf has:  "crypt:dev=/dev/xvdb"
<kirkland> utlemming: make sure you add one ephemeral disk at xvdb when you register the ami
<sbeattie> plars: sorry, I just noticed your ping. Odd that af_bluetooth is being reported as unsupported
<plars> sbeattie: any chance it's just because of age? This is oneiric we're talking about..
<plars> and on panda
<sbeattie> well oneiric/omap4 ; it's possible I guess, though I'm not sure why that would show up just now.
<smoser> kirkland, does it make sense to you how you'd do that ?
<plars> sbeattie: it'll take some time, but I could go back and reinstall and see if it failed before the update.. I have no idea what it looked like before
<sbeattie> plars: any chance you can run [path to qa-r-t]/scripts/apparmor/test-net.py --domain bluetooth
<plars> sbeattie: as soon as it finishes what it's doing now, I can
<plars> board is tied up at the moment
<sbeattie> plars: that'd be great. if that fails, then it's not an apparmor issue, but an issue with that kernel's bluetooth support.
<utlemming> kirkland: launching...
<kirkland> smoser: without modifying Ubuntu's stock, default overlayroot.conf?
<kirkland> smoser: I know that if I modify overlayroot.conf myself in my own AMI, then yeah, sure, I can do whatever I want
<kirkland> smoser: I'm trying though to find a way where I can continue to use the stock Ubuntu AMI, and instead just launch with some additional option or configuration or something
<kirkland> smoser: heck, even just configuring a "security group" would work for me -- though that would still involve reading the security-group from metadata
<smoser> kirkland, yes. you can do that.
<smoser> you just have to use your imagination a bit :)
<plars> sbeattie: I don't remember for certain, but that was my suspicion - that we didn't get bluetooth working properly there until later
<smoser> kirkland,  bzr+ssh://bazaar.launchpad.net/~smoser/+junk/ovroot-snapshot-create/ is the branch i pointed you at once showing how i could create a partitioned disk.
<smoser> inside that (lines 24) is a '_find_dev' that goes looking for a disk that it should tell the initramfs is the overlay root disk.
<smoser> you can do the same thing, but instead of looking for disks, look at the metadata service.
<sbeattie> plars: looking at http://kernel.ubuntu.com/git?p=ubuntu/ubuntu-oneiric.git;a=blob;f=debian.master/config/config.common.ubuntu vs http://kernel.ubuntu.com/git?p=ubuntu/ubuntu-oneiric.git;a=blob;f=debian.ti-omap4/config/config.common.ubuntu;h=f0724990db3a6b4c44ca0fa8ddc49462a1b5ff96;hb=7bf8c235abf0058e8a7a4d6fc927656c74cfbf93 I see differences in some of the CONFIG_BT sub options.
<smoser> the "real root" is mounted read-only at this point. so you can do just about anything actually.
<smoser> (including mounting rw and chroot to it!)
<smoser> you can use it to bring up networking, look at user-data and act appropriately.
<kirkland> smoser: cool, thanks
<smoser> kirkland, you'll probably want to put a flag on the root disk in some sense so you dont do that every boot if it wasn't desired. (or you more confidently do it if it *was*)
<kirkland> utlemming: did yours launch successfully?
<kirkland> smoser: right -- so currently, I'm just looking to do this at every reboot (for my current project)
<kirkland> smoser: but eventually, yes
<smoser> thats fine. you might as well mark somewhere that you've decided "do it"
<kirkland> smoser: also, I'd like to in the next cycle MIR molly-guard and have the overlayroot binary package recommend it, and install a mollyguard script
<utlemming> mkirkland: no...looking why
<kirkland> utlemming: awesome, thanks
<kirkland> smoser: I'd like overlayroot to install something like http://paste.ubuntu.com/5634755/ in /etc/molly-guard/run.d/02-overlayroot
<kirkland> smoser: basically, to prevent inadvertent reboots that lose or destroy data (in tmpfs or encrypted filesystems)
<kirkland> smoser: are you familiar with molly-guard?
<xerxas> Hi all
<xerxas> can I preseed my install with protocol mirror and http://mirrors.ubuntu.com/mirrors.txt , for the apt configuration ?
<yolanda> jamespage, pushed a working version - finally - of ceilometer agent charm
<smoser> answer=$(head -n1) is done without a fork like:
<smoser>  read answer
<smoser> i dont have a conceptual issue with that. as long as the implementation doesn't require hijacking /sbin/reboot
<jamespage> yolanda, great!
<jamespage> zul, adam_g: libvirt 1.0.2 in the trunk testing PPA - working OK for me
<jamespage> I can boot instances, live migrate them etc...
<zul> jamespage:  push it
<zul> jamespage:  just a note from that libvirt release python-libvirt was broken with a patch that was backported ;)
<jamespage> zul, live migration dropped 3 packets - that sound reasonable to me
<zul> jamespage:  tolearable
<jamespage> zul, from with libvirt release? confused
<zul> 1.0.2
<zul> so thats why i was a bit leary about it its fixed in 1.0.3 but we backported the patch
<zul> just an fyi
<rbasak> jamespage: mongodb 2.2.3 build with libssl-dev succeeded on armhf. Build log: mongodb_2.2.3-0ubuntu4~basak1_armhf.build - looks like it picked it up OK.
<rbasak> EOD
<xerxas> ajmitch: I saw you wrote several time about using mirror uri scheme in sources.list, can I preseed this for installation ?
<kantlivelong> hey all.. im trying to install 12.04.2 and the installer doesnt see any disks.. but when going to the installer shell i see /dev/sda /dev/sdb and also see in dmesg.. any idea whats going on?
<lamawithonel> Is it possible to encrypt a single partition with preseeding?  I'd like to encrypt swap, but nothing else.
<scalability-junk> hey I have a problem when I try to run lvdisplay I only get "read_urandom: /dev/urandom: open failed: No such file or directory" returned
<scalability-junk> additionally all mv vms under /dev/vg0/* are gone ... (but they are still working(
<scalability-junk> any idea please
<scalability-junk> no idea at all?
<scalability-junk> when trying to run virt-install with /dev/vg0/something I get an apparmor error: internal error cannot load AppArmor profile 'libvirt-XXX'
<scalability-junk> any idea?
<fabiofranco> how to add an existing user to an existing group?
<sw> fabiofranco: $ sudo useradd -G <group> <user>
<fabiofranco> sw the command returns an error msg - useradd: user 'thiago' already exists
<sw> fabiofranco: did the user get added to the group though? ($ groups <user>)
<fabiofranco> sw sadly no
<sw> fabiofranco: erm, -a -G maybe, sorry been a while since I've done it, if all else fails see $ man useradd :b
<Underbyte> how do you convert /etc/init.d scripts to upstart jobs?
<fabiofranco> sw: the -a parameter doesnt exist... i'll have a look at the manual, thanks
<sarnold> scalability-junk: some of the protections for virtual machines / lxc containers via libvirt is handled via apparmor profiles; see /etc/apparmor.d/{libvirt,lxc,lxc-containers} ... (not great information there, but .. information.)
<Trudko> guys i run  netstat -tulpn | grep :80 and i got tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      - how to stop this service ?
<sarnold> Trudko: re-run as root and find the process
<Trudko> ok thx
<scalability-junk> sarnold: yeah but it doesn't find the profile for some libvirt-uuid and then fails
<scalability-junk> using aa-complain didn't help
<scalability-junk> and disabling apparmor seems like bad...
<sarnold> scalability-junk: do you have DENIED messages in your dmesg or /var/log/audit/audit.log ?
<scalability-junk> nothing in the log
<scalability-junk> nope no DENIED
<scalability-junk> sarnold: retried and got a denied [178696.696032] init: /tmp/tmpYLM9OL/etc/init: Configuration directory deleted
<scalability-junk> [179194.781900] type=1400 audit(1363904669.177:199): apparmor="DENIED" operation="open" parent=18775 profile="/usr/lib/libvirt/virt-aa-helper" name="/dev/dm-29" pid=18174 comm="virt-aa-helper" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
<sarnold> scalability-junk: ha, I've got an explicit deny for those files in my version of that profile:   deny /dev/dm-* r,
<scalability-junk> sarnold: any workaround? haven't worked with apparmor at all
<sarnold> hallyn: scalability-junk here has had some problems with virt-install, it's beyond me :) care to look at it? ^^^
<sarnold> scalability-junk: you could put that profile into complain mode, but you'd lose the confinment. someone put that 'deny' rule in place for a good reason...
<sarnold> scalability-junk: you could add a rule to grant read access to that device (and, maybe, soon it'd need write as well....) -- if you're fine with containers being able to modify that device.
<scalability-junk> sarnold: yeah but I don't see any issues with my virt-install command, or isn't is allowed to use /dev/vg0/something as image for example
 * scalability-junk is a bit frustrated tried vmbuilder first -> failed, then it worked after some patches then the vm got stuck in booting from disk and then tried virt-install and apparmor doesn't like me :D
<scalability-junk> srsly it complained about the directory of the .iso file not the block device yeah I love errors :D
<scalability-junk> anyone using virt-install? I'm stuck how to configure sshd to be present after startup?
<scalability-junk> virt-install -r 1024 --accelerate -n demo.oc -f /dev/vg0/demo.oc --graphics vnc --network bridge=virbr1 --cdrom /var/ubuntu-12.04.2-server-amd64.iso
<scalability-junk> was my try, but first graphics vnc needs virt-viewer o0 what was used by the vmbuilder?
<tgm4883> Mythbuntu site broke
<tgm4883> Daviey needs to fix DNS records
<tgm4883> Then I will be glad
<Trudko> Guys i need to copy something to local/bin but my user does not have persmissions. ls -l /bin | grep bin i get lrwxrwxrwx 1 root root what to do to have rights to write?
<Trudko> i found that i should do usermod -G www-data user which should put user to www data group does have to data group exists already? is user param user litterallly or it is name of user
<shauno> that's a fun handful.  "ls -l /bin | grep bin" is giving you a red herring; it's returning a result within /bin that happens to be symlinked somewhere (the leading 'l' on the permissions)
<shauno> ls -ld /usr/local/bin will show you what the perms are there, which seems  a lot more relevant; default will be read-all, write-root
<Trudko> shauno i see so what should i do so user X can have write permissions too?
<shauno> you very rarely would; usually that's left alone and sudo is used to escalate where needed
<Trudko> shauno where I am copying using winscp
<scalability-junk> YESSSSSSSS!!!!! finally it worked
<scalability-junk> now I know why some people like the cloud :D virtual machines do just work :D
<shauno> personally, I'd scp the files into the user's home folder, and then move them into place with sudo afterwards.  it just works out a whole lot easier than fighting the design, which usually causes loose threads to unravel
<sarnold> scalability-junk: woo :)
<histo> scalability-junk: I wish I had a cpu that supported vmx or svm myself
<scalability-junk> histo: get a server ;)
<histo> scalability-junk: I will just want a tablet right now to stuff ubuntu on.
<scalability-junk> histo: servers are so much better :)
#ubuntu-server 2013-03-22
<histo> scalability-junk: I know I have servers now
<scalability-junk> histo: cool
<histo> just none with vmx
<histo> Anyone know if the mail server taskel pulls the mail-stack-delivery meta package?
<histo> interesting samba4 is failing to install from repo
<histo> !info samba4
<ubottu> samba4 (source: samba4): SMB/CIFS file, NT domain and active directory server (version 4). In component universe, is optional. Version 4.0.0~beta2+dfsg1-3 (quantal), package size 1670 kB, installed size 10842 kB
<histo> anyone mind confirming a bug on 12.04?
 * Patrickdk is looking
<Patrickdk> don't see any
<histo> Patrickdk: if you install samba4 it bombs
<histo> Patrickdk: package won't install errors about smb.conf
<Patrickdk> I don't have a system I'm willing to pollute with samba4 right now
<histo> ahh
<histo> I just built a vm and installed 12.04.2 server updated and trying to install samba4 errors
<histo> ERROR: Invalid smb.conf
<histo> How has no one filed a bug against the package.
<mardraum> http://www.abc.net.au/news/2013-03-22/cyprus-becoming-cash-only-economy/4588214
<mardraum> er sorry, paste error
<hallyn> sarnold: scalability-junk: iiuc you want to be able to preseed a virt-install install?  if so the key there is to manipulate the iso ahead of time to add the preseed file
<hallyn> you can look at lp:ubuntu-qa-tools vm-tools/vm-new for an example
<scalability-junk> hallyn: yeah I wanted to do something like with the vmbuilder -> no setup -> boot.sh sort of thing
<scalability-junk> I dislike the preseed file so (worked with it and it's just bad) :D
<hallyn> heh
<hallyn> yeah it doesn't usually treat me too well
<scalability-junk> syntax is nothing to like
<scalability-junk> but back to virt-install is there a way to not go through the install, but have a ready vm ? like with vmbuilder?
<scalability-junk> or is that only possible with a premade .img which is used then?
<hallyn> no the install is how it works
<hallyn> would cloud images be useful to you?
<hallyn> you can wget them, qemu-nbd+mount to modify them as needed, then clone themwhen you need...
<scalability-junk> yeah but working on implementing openstack on a few boxes anyway, but being able to do it with other tools should be great
<scalability-junk> hallyn: mh kk for now it works and "never change a running system" :D
<hallyn> mh kk?
<scalability-junk> ok
<hallyn> no - what is mh kk?
<scalability-junk> hayllin: mhh = thinking. kk = ok
<hallyn> ok thx :)
<histo> !info samba4 precise
<ubottu> samba4 (source: samba4): SMB/CIFS file, NT domain and active directory server (version 4). In component universe, is optional. Version 4.0.0~alpha18.dfsg1-4ubuntu2 (precise), package size 1610 kB, installed size 10938 kB
<histo> !info samba4 raring
<ubottu> samba4 (source: samba4): SMB/CIFS file, NT domain and active directory server (version 4). In component universe, is optional. Version 4.0.0+dfsg1-1 (raring), package size 1672 kB, installed size 10849 kB
<histo> hrm...
<histo> Going to try quantal next then see if bug is still present there.
<blkperl> !info collectd raring
<ubottu> collectd (source: collectd): statistics collection and monitoring daemon. In component universe, is optional. Version 5.1.0-3ubuntu1 (raring), package size 14 kB, installed size 140 kB
<blkperl> oow this bot is cool
<blkperl> !info ganeti raring
<ubottu> Package ganeti does not exist in raring
<blkperl> !info ganeti precise
<ubottu> Package ganeti does not exist in precise
<blkperl> !info ganeti2 precise
<ubottu> ganeti2 (source: ganeti): Cluster-based virtualization management software. In component universe, is extra. Version 2.4.5-1 (precise), package size 1117 kB, installed size 4362 kB
<blkperl> !info ganeti2 raring
<ubottu> ganeti2 (source: ganeti): Cluster-based virtualization management software. In component universe, is extra. Version 2.5.2-1 (raring), package size 1293 kB, installed size 5078 kB
<histo> blkperl: yes it does all sorts of neat things
<histo> !find ganeti
<ubottu> Found: ganeti-htools, ganeti-instance-debootstrap, ganeti2
<histo> !search botabuse | blkperl
<ubottu> Found:
<histo> !botsnack
<ubottu> Yum! Err, I mean, APT!
<Alysum> hi - how does canonical landscape manage conflicts with configs during an apt-get upgrade ?
<histo> I would assume it would leave the modified config present. You would probably have to ask canonical though
<sarnold> heh, he left four minutes ago..
<NaGeL> Sup
<Daviey> Mornin'
<soren> Daviey: Indeed.
<zetheroo> I am getting "X11 connection rejected because of wrong authentication."
<zetheroo> when trying to run virt-manager
<zetheroo> how can I fix this?
<caribou> people, I'm back at investigating Bug #1066845
<uvirtbot> Launchpad bug 1066845 in nova "nova-novncproxy is not running; Suggest: novnc should be Depends" [Low,Fix released] https://launchpad.net/bugs/1066845
<caribou> it's marked as fixed in Raring, but I still see novnc being a Suggest: rather than a Depends: on Raring. Am I missing something ?
<jamespage> rbasak, thanks for testing that
<jamespage> caribou, lemme take a look
<rbasak> morning jamespage!
<rbasak> No problem
<rbasak> jamespage: could you please mark bug 1156223 as release critical? I don't want to forget about it. Getting some dupes.
<uvirtbot> Launchpad bug 1156223 in postfix "postinst fails due to missing main.cf" [High,Fix committed] https://launchpad.net/bugs/1156223
<jamespage> rbasak, I raised a raring task - it will appear on the bug tracking report now
<rbasak> thanks!
<jamespage> caribou, hmm- no I see it as suggests still as well
<caribou> jamespage: ok, then I'm not crazy.
<jamespage> caribou, the problem is that neither websockify or novnc are in main
<jamespage> caribou, so if we switch to recommends they have to be promoted
<caribou> jamespage: oh, I see I didn't think about that
<caribou> jamespage: one workaround is to use --install-suggests
<jamespage> caribou, yeah
<caribou> jamespage: ok, I'll see what I can do, thanks for checking
<jamespage> its less than ideal - the package should just work when installed
<jamespage> caribou, I don't think we can fix this for released versions of ubuntu
<caribou> jamespage: and I guess it's a bit too late to MIR novnc now
<jamespage> caribou, I was just looking at that
<jamespage> yolanda, I'm looking that that raring/openstack/juju bootstrap issue again
<jamespage> it would appear that none of the runcmd section of the cloud-config actually gets run.
<jamespage> yolanda, hmm - but if I delete all of the instance data in /var/lib/cloud/instances/* and reboot, it does the right things
<jamespage> how odd
<jpds> jamespage: I thought bits of the cloud-archive depended on universe packages?
<caribou> jamespage: are all the openstack dependancies need to be in main ?
<jamespage> jpds, not that I am aware of
<sanderj_> Do anyone know what's the benefit of having raid 60 compeard to raid 55 ?
<jamespage> caribou, for any of the current core openstack projects, yes
<jamespage> caribou, actually ignore me
<yolanda> jamespage, quite strange
<yolanda> does it happen with all raring images?
<jamespage> caribou, nova-novncproxy is in universe so there is no reason those suggests can be promoted to depends
<caribou> jamespage: How could I ever ;-)
<jamespage> lemme do that now
<caribou> jamespage: good, that'll fix Bug #1076442 as well
<uvirtbot> Launchpad bug 1076442 in nova "nova-novncproxy has a missing dep on websockify" [Undecided,Fix released] https://launchpad.net/bugs/1076442
<thyrant> Hey, I need a solution where my server handles user files. The students have laptops available which they use to login and they recive files and folders related to the user. When they logout it is saved to the server. What is this called?
<jamespage> yolanda, if you would be so kind - https://code.launchpad.net/~james-page/nova/fixup-novncproxy-depends/+merge/154894
<jamespage> jpds, I stand corrected
<jamespage> jpds, some universe packages are in the cloud-archive
<jamespage> but we maintain the same rules about main->universe depends
<jamespage> i.e. anything from universe in the CA won't get the same level of security support as stuff in main for example
<caribou> jamespage: thanks for that. Do you want me to do the SRU for Precise ?
<jamespage> caribou, that would be helpful - yes please
<jamespage> hey pcarrier!
<caribou> jamespage: ok, will do
<caribou> jamespage: my only question is how SRU to the U.C.A are handled ? same as for regular packages ?
<jamespage> caribou, just do the one in quantal - we have a process that detects updates for the uca and lets us know
<jamespage> its largely automated
<caribou> jamespage: ok
<caribou> jamespage: pls, can you add a Quantal task on the bug, I don't have the rights for that
<jamespage> caribou, already has one!
<caribou> jamespage: ah, sorry didn't check
<caribou> jamespage: I'm puzzled; which branch should I use for the Quantal SRU ?
<caribou> jamespage: lp:~openstack-ubuntu-testing/nova/quantal-folsom-proposed ?
<jamespage> caribou, oh-gods - there is an out-of-date SRU inflight
<jamespage> caribou, we need to get that rejected
<jamespage> it got superceeded by an security sru
<jamespage> caribou, lemme think
<caribou> jamespage: k
<jamespage> (we might be trying to get the 2012.2.3 release in again)
<Daviey> jamespage: which one?
<jamespage> Daviey, which one is out-of-date?
<Daviey> yes
<Daviey> ie, what needs to be removed?
<jamespage> nova 2012.2.3
<Daviey> from precise?
<jamespage> lemme check then all - I think we will re-cut across the board with the security patches included
<Daviey> err, quantal
<jamespage> Daviey, yes - quantal
<Daviey> ta
<Daviey> jamespage: good catch, it is > security version
<jamespage> Daviey, lemme check what else is impacted
<jamespage> Daviey, nova glance keystone definately - just checking cinder
<jamespage> Daviey, yeah - cinder as well
<Daviey> ugh
<jamespage> Daviey, if they could all be rejected/removed much appreciated
<jamespage> Daviey, that said I can probably re-cut them with the security fixes added quite quickly
<Daviey> jamespage: horizon and quantum are OK?
<jamespage> Daviey, yeah - they have not been security fixed
<Daviey> done
<jamespage> Daviey, do you know who did the ubuntu theme for the dashboard? it has a couple of bugs with grizzly
<jamespage> bug 1157918
<uvirtbot> Launchpad bug 1157918 in horizon "Network selection tab when starting instance renders incorrectly" [High,Confirmed] https://launchpad.net/bugs/1157918
<Daviey> jamespage: yes, it was Hugh
<Daviey> jamespage: Huw Wilkins, rather
<jamespage> Daviey, what's his nick?
 * jamespage looks it up
<Daviey> jamespage: Aussie, so i would be surprised if he answers now.
<airtonix> it's only 8pm here Daviey
<Daviey> ah, i thought it was later.  Thanks airtonix
<airtonix> actually 9.3pm
<Daviey> airtonix: hmm, i am seeing it as 10:07 PM (+1100) ?
<airtonix> Daviey: there are three timezones in australia, i'm in +10.30
<Daviey> oh
<Daviey> *.30 time zones scare me.
<jamespage> Daviey, meh -he's not on irc so emailed him instead
<Daviey> super
<mardraum> airtonix: more than 3
<mardraum> actually I guess it's what you call the ones not observing daylight savings
<jamespage> smoser, bug 1158724 I seem to be able to reproduce pretty successfully
<uvirtbot> Launchpad bug 1158724 in cloud-init "cloud-init generates runcmd and fails to execute it on first boot" [Undecided,New] https://launchpad.net/bugs/1158724
<jamespage> thats on raring only
<jamespage> (and it might be the image - its the most recent raring image I could find of yours on canonistack)
<jamespage> yolanda, ^^
<jamespage> for reference
<Techdude1011> Is it possible to disable broadcasts for heartbeat and use only unicast?
<jamespage> Daviey, I'm going to update the 2012.2.3 branches with the security fixes and re-upload them to proposed for review
<Daviey> jamespage: splendid
<jamespage> Daviey, hmm - although I see adam already did something in the ci branches
<jamespage> Daviey, but I think for security updates when we have an inflight proposed branch we should keep going with the existing proposed
<jamespage> rather than cut a new 2012.2.3+stableXXX release
<Daviey> jamespage: hmm, it's just as easy to cut a new release?
<Daviey> jamespage: why not go for the latest ?
<jamespage> Daviey, well we are either tracking point releases or not
<jamespage> I'd rather stick with the point release and include security fixes
<jamespage> rather than suck up anything extra; I think this should expedite the SRU process as everything has been seen before
<Daviey> jamespage: i've always said that i don't like upstream point releases
<Daviey> i much prefer us working to our own scheudle
<jamespage> Daviey, well I don't think this actually makes that much difference
<jamespage> Daviey, we should just rebase what's already in-flight with security fixes, not start afresh
<Daviey> jamespage: yeah, do what you think is best
<Daviey> personally, i prefer getting the latest we can, always
<jamespage> Daviey, whats inflight might actually be a +stable
<Daviey> yeah, so we an drop distro patches earlier
<jamespage> Daviey, OK - lemme work this out and we can move forwards
<Daviey> jamespage: but do what you think to be best.
<zul> morning
<smoser> jamespage, duped
<smoser> and i'll get a newer image up there that will fix that.
<smoser> jodh, ^ any love you could give to bug 1103881 would be greatly appreciated.
<uvirtbot> Launchpad bug 1103881 in upstart "cloud-final is never executed if upstart is upgraded during initialization of the image " [High,Confirmed] https://launchpad.net/bugs/1103881
<jamespage> smoser, ah-ha!
<jamespage> good - at least its something we are aware of
<smoser> jamespage, so 2 things, i disabled cloud-init invoking initctl-reload
<smoser> (bug 1124384)
<uvirtbot> Launchpad bug 1124384 in cloud-init "reload-configuration can confuse upstart" [High,Confirmed] https://launchpad.net/bugs/1124384
<smoser> you would have hit that if you were adding upstart jobs.
<smoser> but you cant avoid the upstart upgrade (without blocking it)
<zul> yolanda/jamespage: https://code.launchpad.net/~zulcss/cinder/cinder-rtslib-remove/+merge/154937
<jamespage> zul, oh great
<jamespage> licensing right?
<zul> jamespage:  yeah it got removed uptsream
<zul> jamespage:  before i start this you didnt upload keystone rc1 this morning did you?
<jamespage> zul, nope - leaving it for you :-)
<zul> jamespage:  thats what I thought
<zul> jamespage:  you are so kind ;)
<jamespage> zul, adam_g: do you guys ever look at the branches that get created from the lab - nova/raring-grizzly for example?
<zul> ....like a swarm of bees
<jamespage> just wondering whether we should dump them
<zul> jamespage:  i do when there is conflicts in the debian/changelog
<jamespage> zul, yeah - they are just a pita imho
<zul> jamespage:  i wont tear up if they go away
<zul> it would make things easier to navigate
<remote> morning
<zul> yolanda/adam_g: https://code.launchpad.net/~zulcss/keystone/rc1/+merge/154951
<yolanda> jamespage, what's best branch for rabbit charm? i'm having problems of timeouts with rabbitmq and nova-compute
<jamespage> zul, do those re-syncs makes sense to you? I'm really just fixing up the version history in the lab branches with what I'm about to upload to quantal-proposed
<zul> jamespage:  it does
<jamespage> yolanda, ~openstack-charmers/charms/precise/rabbitmq-server/ha-support
<jamespage> timeouts probably don't have much todo with the charm tbh
<yolanda> they happen only for nova-rabbit relationships
<yolanda> maybe incorrect password?
<jamespage> Daviey, I've uploaded re-based keystone, glance, cinder and nova to quantal-proposed
<jamespage> zul, pls could you ack the other 3 as well - ta
<zul> which other three?
<jamespage> zul, https://code.launchpad.net/~openstack-ubuntu-testing/+activereviews
<yolanda> i think i'll bootstrap again
<jamespage> the 3 resync MP's at the bottom of the list
<zul> jamespage:  done
<jamespage> zul, ta
<zul> jamespage: http://people.canonical.com/~chucks/ca/
<jamespage> zul, +1
<zul> jamespage: thx
<zul> jamespage:  do you want the CA to bake over the weekend and then we can push it out on monday?
<jamespage> zul, sounds good
<jamespage> I'll run some testing against staging this afternoon
<jamespage> zul, actually that reminds me I need to upload libvirt
<zul> jamespage: heh
<jamespage> zul, its testing just fine in the trunk testing PPA
<jamespage> zul, so I think we should go for it
<jamespage> zul, any chance that glance fix will land today? I'd like to have all RC's in for testing
<zul> jamespage:  sounds good to me
<kantlivelong> anyonek now why 12.04.2 doesnt have raid config?
<jamespage> zul, http://people.canonical.com/~jamespage/ca-updates/ libvirt update
<holstein> !raid
<ubottu> Tips and tricks for RAID and LVM can be found on https://help.ubuntu.com/community/Installation/SoftwareRAID and http://www.tldp.org/HOWTO/LVM-HOWTO - For software RAID, see https://help.ubuntu.com/community/FakeRaidHowto
<holstein> kantlivelong: ^
<holstein> kantlivelong: it should be possible
<zul> jamespage: +1
<jamespage> zul, any chance you could sign and upload that one for me - 22MB orig.tar.gz really chokes my connection
<zul> sure
<jamespage> zul, ta
<kantlivelong> holstein: ive done it before.. it just doesnt list it..
<zul> jamespage:  time to move....done
<yolanda> jamespage, i'm deploying again with latest version of charms, and i receive that error on nova-cloud-controller: 2013-03-22 16:05:01,805 unit:nova-cloud-controller/0: hook.output INFO: /var/lib/juju/units/nova-cloud-controller-0/charm/hooks/lib/nova/nova-common: line 16: .: /var/lib/juju/units/nova-cloud-controller-0/charm/hooks/lib/nova/: is a directory
<yolanda> i'm using that branch: lp:~openstack-charmers/charms/precise/nova-cloud-controller/ha-support
<rsthelord> guys i downloaded the ubuntu server 12.04 lts version and used the universal usb installer to boot from pendrive but now i am getting "load error from cd-rom"
<rsthelord> what to do ?/
<holstein> http://askubuntu.com/questions/203052/installing-ubuntu-server-in-a-usb
<holstein> http://askubuntu.com/questions/127398/usb-drive-install-of-ubuntu-12-04-server-fails-cant-find-components-from-cd-r
<jamespage> yolanda, deployer configuration please
<yolanda>         "nova-cloud-controller": {
<yolanda>             "branch": "lp:~openstack-charmers/charms/precise/nova-cloud-controller/ha-support",
<yolanda>             "options": {
<yolanda>                 "instance-type": "m1.small",
<yolanda>                 "openstack-origin": "ppa:ubuntu-cloud-archive/grizzly-staging"
<yolanda>             }
<yolanda>         },
<RoyK> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<roaksoax> !pastebin | yolanda
<ubottu> yolanda: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<yolanda> ok, it was an small bit so i did it fast, sorry
<rsthelord> holstein: i am still unable to install it
<holstein> rsthelord: and you cant use a CD?
<holstein> !mininal
<holstein> !minimal | rsthelord this is another option
<ubottu> rsthelord this is another option: The Minimal CD image is very small in size, and it downloads most packages from the Internet during installation, allowing you to select only those you want (the installer is like the one on the !Alternate CD). See https://help.ubuntu.com/community/Installation/MinimalCD
<jamespage> yolanda, I'm trying a grizzly staging deploy now
<jamespage> yolanda, "openstack-origin": "cloud:precise-grizzly/staging"
<jamespage> should work as well I think
<rsthelord> this minimal option is ubuntu server ?
<rsthelord> i just want to kill myself
<holstein> rsthelord: ?
<holstein> rsthelord: its just an install.. can you not use a CD?
<holstein> rsthelord: what are you using to make the stick?
<holstein> rsthelord: you can install *any* ubuntu version that you can, and convert to ubuntu server
<jamespage> zul, can you fixup glance in raring for the time being so we can drop it into the CA?
<zul> with that patch?
<jamespage> zul, I'd go with the test removal patch thats being proposed for master
<zul> jamespage:  ack
<yolanda> jamespage, that origin i set is not good?
<rsthelord> holstein: i just used the cd to burn the iso but it didnt work out. and i am using universal usb installer
<jamespage> yolanda, no - that should work as well as it has the keyword grizzly in it
<rsthelord> wait holstein: i am going to burn another one
<yolanda> jamespage, but problem seemsd to be in the charm anyway
<yolanda> i'll change that origins, but i think that this is not the problem
<holstein> rsthelord: try unetbootin.. or dd copy... or eleborate about your issues with the CD.. or take the hard drive to another machine aind install
<jamespage> yolanda, no - the charm uses the source to determine which version of openstack is being used
<yolanda> oh
<yolanda> ok, i'll change it
<george1> hello
<george1> addi?
<rsthelord> holstein: i think i found my mistake in cd burning, i was burning it on a 700 mb disk where i should have used a DVD
<zul> jamespage: https://code.launchpad.net/~zulcss/glance/glance-testsuite/+merge/154998
<george1> anybody?
<holstein> !ask | george1
<ubottu> george1: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<george1> !patience
<ubottu> Don't feel ignored and repeat your question quickly; if nobody knows your answer, nobody will answer you. While you wait, try searching https://help.ubuntu.com/ or http://ubuntuforums.org/ or http://askubuntu.com/
<jamespage> yolanda, can you make sure that you have up-to-date charm
<george1> how do i as a question?
<jamespage> yolanda, the code looks ok to me - it does a grep for the codename in the ppa uri
<george1> did i print that !ask | george! ?
<jamespage> zul, +1
<jamespage> george1, just ask it
<george1> what is the meaning of the "!" mark in front of ask and of patience?
<jamespage> george1, it instructs ubottu to do something
<george1> where do i learn about ubottu?
<zul> jamespage:  http://people.canonical.com/~chucks/ca/
<jamespage> zul, type in changelog and you need a bit more change history than that as 0ubuntu1 has not been uploaded
<jamespage> type/typo
<jamespage> lol
<george1> apparently, from its source ... :-)
<zul> jamespage:  k just a sec
<Guest66849> hello.  I would like to ass a few SSH users to my ubuntu server.  best practice advice please?
<zul> jamespage:  how about now
<LargePrime> hello.  I would like to add a few SSH users to my ubuntu server.  best practice advice please?
<LargePrime> sorry for typo
<jamespage> zul, can I be a real PITA - its actuall a new upstream release for the CA
<george1> LargePrime: check /home/* permissions
<zul> jamespage:  grr
<zul> jamespage:  annnnnnd now
<jamespage> zul, +1
<jamespage> I'm assuming it has built OK in raring right?
<jamespage> zul ^^
<zul> jamespage:  yep
<LargePrime> george1:  I am looking for a way to generate the /home .ssh dir and set permissions or several users at a time
<LargePrime> george1:  I am looking for a way to generate the /home .ssh dir and set permissions for several users at a time
<LargePrime> sorry
<LargePrime> also adding the SSH keys to the authorized keys would be cool too
<george1> that comes from the client
<zul> jamespage: yep
<jamespage> LargePrime, check out ssh-import-id
<jamespage> might help
<RoyK> LargePrime: make it in /etc/skel ?
<jamespage> (well so long as SSH public keys are stored in launchpad - but I think you can make it use an arbitary host)
<LargePrime> george1: I assume a admin can generate keys an send to clients
<LargePrime> RoyK:  jamespage  checking that out.  i am a noob at this
<jamespage> LargePrime, users should generate their own keys
<RoyK> LargePrime: everyone starts out as noobs ;)
<george1> jamespage: probably you can send users a script doing that, but I'm a beginner, too
<RoyK> george1: better tell the users how to do it - that way they may even learn something ;)
<LargePrime> james, why should users generate thier own keys?
<RoyK> LargePrime: because you normally want to set a password on that key
<LargePrime> besides altruistic learning?
<RoyK> (or some might want to do that)
<george1> LargePrime: sorry, last message was for you not for jamespage. because it is a security issue. private key should be private, and how can you keep it private if you generate it on other systems and then you send it to the user over some network?
<LargePrime> i imagine we should assume other secured networks/systems can exist.
<george1> LargePrime: come on, they should generate their keys just as they should choose their passords
<LargePrime> ok, i defer to you.  Also it seems no good tool to do it my way.
<george1> !factoid
<ubottu> Hi! I'm #ubuntu-server's favorite infobot, you can search my brain yourself at http://ubottu.com/factoids.cgi | Usage info: http://ubottu.com/devel/wiki/Plugins | Bot channels and general info: https://wiki.ubuntu.com/IRC/Bots
<LargePrime> What groups, if any does the user need to be
<gdeeble> Hey, anyone familiar with Ser2net?
<george1> !ubottu
<ubottu> Hi! I'm #ubuntu-server's favorite infobot, you can search my brain yourself at http://ubottu.com/factoids.cgi | Usage info: http://ubottu.com/devel/wiki/Plugins | Bot channels and general info: https://wiki.ubuntu.com/IRC/Bots
<george1> LargePrime: as I said, I'm a beginner, but I would useradd a user and then i would check itd default groups, and if they need more then i would add them
<jamespage> zul, 24 mins to build glance - thats better than 25 hours
<george1> !ubottu help
<LargePrime> One of my desires was to eliminate assword logins
<LargePrime> password* sorry
<LargePrime> and just bulk create keys and set them up
<LargePrime> but that seems rather diicult
<LargePrime> difficult*
<george1> LargePrime: for that you let them login with a password, then they generate the key and copy its public part to the server, and then you modify the sshd_config to block password usage
<george1> LargePrime: if you create a large number of keys you need to put them into those systems somehow, so either a connection or going there physically. connection is already done with password from client to server
<george1> !ubottu help commands
<ubottu> george1: I am only a bot, please don't think I'm intelligent :)
<LargePrime> george1: yes.  understood.  but that seems rather manual and I would need to turn it of and on as i add users and as they get around to doing the taks
<yolanda> jamespage, i have up-to-date charms, i pulled them today
<george1> LargePrime: it should be possible to turn off passwd login for each user as they generate their keys
<LargePrime> george1:  with some sort o script?
<yolanda> i'm testing with the origin you told me
<george1> LargePrime: maybe from that script ..., using local configs
<jamespage> yolanda, hmm - I just deployed using that origin and it worked fine
<jamespage> odd
<george1> !help
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<LargePrime> george1: like (on logout) if authorized keys exists (re config ssh config)
<sarnold> george1: http://ubottu.com/devel/wiki/Plugins
<george1> !es
<ubottu> En la mayorÃ­a de los canales de Ubuntu, se habla sÃ³lo en inglÃ©s. Si busca ayuda en espaÃ±ol entre al canal #ubuntu-es; escriba "/join #ubuntu-es" (sin comillas) y presione intro.
<george1> LargePrime: or even from the client, in the same script, modify its user .ssh settings, if that is possible. could be less secure? :-?
<yolanda> i'm trying again
<george1> very well, i found out alone how does ubottu work. now, the big question, maybe i don't have to answer it alone, too: can i contribute to some ubuntu server utility, provided that i know C++ and i am running another linux distribution but i may also run ubuntu server text mode only on a 500MHz 225MB RAM system? can you please suggest such an application or at least tell me where to look?
<LargePrime> I dont have a good handle on the security model.  I assume local configs might not be user configable?  But either way there exists no tool for doing this i guess
<george1> LargePrime: i can't find any way to config passwd usage per user
<george1> LargePrime: this is bad
<LargePrime> george1: maybe there is an irc channel for ubuntu server questions like this.
<LargePrime> </irony>
<gdeeble> Anyone know if using Serial 2 Network is it possible to push the host serial port to the client via telnet using Ser2net?
<LargePrime> george1: did you look at this http://www.chrisjohnston.org/ubuntu/ssh-import-id-saves-time-and-hastle
<george1> LargePrime: man ssh_config speask about ~/.ssh/config and there you can set this. however, it is not clear if the file lives on the client or on the server
<LargePrime> that older and those files DNE by default
<george1> LargePrime: yes, it looks great
<LargePrime> george1: those DNE by default.  they are generated by any of the SSH tools
<LargePrime> sorry my fingers have been drinking
<george1> LargePrime: of course, all users still need to generate their keys and post them (the public part) on launchpad
<george1> LargePrime: ha?
<sarnold> george1: ~/.ssh/config is a client-side configuration file
<LargePrime> also in the sever home dir
<LargePrime> it cant be client side.  it controls how the server responds?  sarnold ?
<yolanda> jamespage, i'm testing, same problem
<sarnold> LargePrime: eh? how?
<yolanda> let me check if i have latest revisions, maybe there is some cache?
<george1> sarnold: yes, it is absurd to deny passwd login with a config on the server side. so, LargePrime, write a script that works on the client side and blocks passwd login there. of course, clients can change that if they want. otherwise, you can only block them all from using passwords
<george1> !es | george
<ubottu> george: En la mayorÃ­a de los canales de Ubuntu, se habla sÃ³lo en inglÃ©s. Si busca ayuda en espaÃ±ol entre al canal #ubuntu-es; escriba "/join #ubuntu-es" (sin comillas) y presione intro.
<sarnold> george1: what? that's the whole point of the PasswordAuthentication sshd configuration variable.
<george1> everybody: so, can you help me with any suggestion about any program that i could help develop in text mode on a weak system for ubuntu server?
<yolanda> jamespage, in deployer directory i have revision 240, but it tries to publish revision 240
<yolanda> how can i remove that caching?
<yolanda> it tries to publish revision 212, sorry
<george1> sarnold: that one block all users from using passwd's, i believe. am i wrong?
<LargePrime> sarnold: george1  why is it absurd to control who can and cannot have password login server side?
<LargePrime> it seems we have at least one use case?
<george1> LargePrime: because when ssh reads that file it is already connected
<sarnold> george1: if you use a "Match" block you can apply it to certain groups or users or whatever.
<george1> sarnold: yes, thank you for that! LargePrime you can block individual users from logging in with a root script that verifies that a user has generated his key and then it ads it to sshd_config
<jamespage> yolanda, hmm
<LargePrime> george1:  can this be an application you wish to create?
<yolanda> i see a -u option in deployer
<jamespage> yolanda, deployer -S scrubs zookeeper of charms
<george1> everybody: very well, it appears that i have no chance for an advice here for a program in C++ to which I could contribute
<jamespage> I always do a -S -D -T when tearing down
<george1> LargePrime: that would be a script in bash
<jamespage> george1, sorry - other than c++ do you have any specific areas of interest
<sarnold> george1: there's just not that many C++ programs with a non-graphical but graphical interface....
<sarnold> george1: iirc, apt is done in C++...
<jamespage> and ceph, mongodb
<george1> jamespage: i know many, but nothing special. please tell me what is in demand right now, first two or three choices
<george1> sarnold: so there are C++ programs WITH graphical interfaces? i may upgrade my system for Ubuntu, if that is the case
<jamespage> george1, well; specifically in Ubuntu not much tbh - if you want to do something C++ related I would recommend getting involved in a specific project thats written in C++
<gazoombo> utlemming: Hi, I'm trying to track down info about the tools used to build the Vagrant boxes released with the cloud images.
<gazoombo> utlemming: I tried first in #ubuntu-virt and soren directed me here.
<george1> jamespage: so I should go upstream, right? what language are you using now to program?
<koolhead17> hi all
<sarnold> george1: iirc, nearly the entirety of the KDE stack is programmed in C++
<utlemming> gazoombo: tools?
<jamespage> george1, as a distro developer not just one
<gazoombo> utlemming: yes, what does the release process look like for those boxes?
<george1> sarnold: so there is demand in programming graphic support in C++? it makes sense, for efficiency
<jamespage> george1, I touch Java, C, C++, Python, Go but only really from a bugfixing perspective
<jamespage> (actually Go is streching that a bit)
<george1> jamespage: but you need ALL of them, is that the problem?
<gazoombo> utlemming: I found vmbuilder, but it looks like that only targets xen kvm vmw6 and vmserver as hypervisors
<sarnold> george1: yeah, C++ feels like a reasonable sweet spot there, C-levels of efficiency are _possible_ but some nice high-level abstractions can come for free.
<utlemming> gazoombo: well, they are still in beta, so those are dailies only.
<utlemming> gazoombo: I'm OTP at the moment...can I pick this up in a bit?
<gazoombo> utlemming: whereas the Vagrant boxes run on virtualbox
<gazoombo> utlemming: no problem
<george1> jamespage: Python i only browsed, but it looks friendly. java i read, it looks like c++, only i hated the class library documentation. maybe now i understand it better
<george1> jamespage: never head of Go
<jamespage> newish language
<LargePrime> any suggestions o a server load measuring tool?
<LargePrime> load management really
<sarnold> LargePrime: like 'vmstat 1' and 'top'? or .. like collectd or mrtg or nagios or .. ?
<LargePrime> sarnold:  pretend I am a noob
<sarnold> LargePrime: hehe, okay, go run 'vmstat 1' in a terminal and look at the block input and output, swap input and output, rates.. those are pretty useful :)
<LargePrime> the server told me it is at load 4.  never seen it over 1.5
<LargePrime> it still at 4
<LargePrime> sarnold:  how can i tell what is using the server?
<sarnold> LargePrime: that might not mean much. 'top' or 'htop' will make it easy to see the processes running and which ones have the CPU occupied
<LargePrime> how can i tell if i am getting ddosed?
<sarnold> LargePrime: depends on the type of dos, stpuid packet floods would show up in ifconfig as huge packet rates
<sarnold> LargePrime: some dos attacks induce huge computing problems in servers, those are harder to spot..
<LargePrime> assuming stupid.  how i ifconfig?  with ifconfig?
<zul> jamespage:  yay!
<sarnold> LargePrime: just type 'ifconfig' at a prompt, wait a little bit, run 'ifconfig' again, and check the difference in packet counts
<LargePrime> ok
<LargePrime> I think i found with top
<LargePrime> it was a jaa pocess running crazy
<LargePrime> java*
<LargePrime> thanks sarnold
<sarnold> LargePrime: hehe, yeah, that sounds like java. *sigh* :)
<george1> well, thank you all for the info
<sw> hi is there a command to list all apache VirtualHosts running on a server?
<sarnold> sw: "running" might be hard, if you have parts of your configuration disabled.. but grep -ri virtualhost /etc/apache* might get you close
<sw> sarnold: $ apache2ctl -S seemed to do it
<sarnold> sw: nice :) thanks!
<sauce> what are packages that begin with "unity" i.e. unity-webapps-newsblur
<Pici> sauce: unity is the default desktop environment
<sauce> oh i get it.. that's what they call it
<sauce> so unity-* packages integrate with the desktop, got it
<Pici> Yeah, not really relevant for server stuff.
<Darkstar1> Hello people. I need to persist DNS servers on my machine. editing the resolv.conf doesn't work as it's wiped after restart. How can I persist the search and DNS details?
<genii-around> Darkstar1: Use a post-up command in /etc/network/interfaces file to echo the dns info to the resolv.conf, or else keep a copy in another file and cp it to resolv.conf from rc.local
<Darkstar1> genii-around: cheers
<Darkstar1> genii-around: post-up is a part of a set of tools?
<sauce> Darkstar1: http://manpages.ubuntu.com/manpages/lucid/man5/interfaces.5.html
<genii-around> Darkstar1: man interfaces   gives you some examples.
 * genii-around slides sauce a coffee and cookie
 * sauce wink
<ispivey> Anyone know how to invoke cloud-init with a userdata file after boot, from the shell?  Or is that not possible?
#ubuntu-server 2013-03-23
<MraAlbertina> Hi. Is it possible to VNC a headless server? If so, does it need X server?
<MraAlbertina> let me rephrase my doubts... do i need a desktop environment to VNC a headless server?
<sarnold> MraAlbertina: you may be able to get away with 'ssh -X user@server programname' if you just want to run one specific GUI program..
<MraAlbertina> sarnold: for instance, i'm trying to run synergy (which i never had problems) and i believe now (saddly) i might need their gui
<MraAlbertina> this pc really doens't have display (broken)
<MraAlbertina> i mean the graphics card (not fixable, not replaceable)
<sarnold> MraAlbertina: here's a guy's blog post about using Xvfb with tightvnc without a display: http://codehunk.wordpress.com/2009/08/23/headless-x-setup-with-debianlenny/
<sarnold> MraAlbertina: the important part is probably Xvfb
<MraAlbertina> great, sarnold. thank you so much
<MraAlbertina> probably this way i might also get rid of webmin and ips3
<MraAlbertina> so... less services running
<ewook> aaaaaah. brainfreeze. Why do I get awesome ideas so darn late?
<BaNzounet> Hey, It look like php is not working "every where" on my server phpmyadmin works fine but script in my personal directory are not render (I see the php code in my browser) Any idea why?
<sarnold> BaNzounet: you'll need to configure your server to execute .php files via modcgi and suexec or something similar. (No server administrator will ever allow executing user-owned php files directly via mod_cgi or fastcgi)
<BaNzounet> sarnold: may you tell me what I should do/install please?
<BaNzounet> Mhum, I found was I was doing wrong Since I reinstaller php I forgot to comment the line in mids-available/php5.conf for userdir
<Logos01> Howdy folks. I have a physical box whose GRUB seems to be borked -- I can't boot successfully and there's no difference in behavior between the "Recovery Mode" boot option and regular. What kernel parameters do I need to feed to get into the 'recovery' mode? It's not "1"/"single" like I'm used to -- those aren't working.
<the_hydra> hi all
<Guest24038> ls
<the_hydra> is there any customized ubuntu server that includes all the OpenStack softwares, so I don't need to download more, just the ISO?
<Guest24038> sorry, wrong place :/ haha
<holstein> the_hydra: i have use these before http://www.turnkeylinux.org/blog/announcing-openstack-builds
<the_hydra> holstein: hm, so it's part of turnkeylinux
<holstein> the_hydra: not that im aware of. turnkey make linux appliances based on ubuntu, and they seem to have an openstack one
<the_hydra> holstein: i see...i'll check that ASAP...IIRC too, once I see similar solution in suse studio build
<holstein> the_hydra: should be an easy installation in any distro
<the_hydra> holstein: problem is, I still has 32 bit machines, whereas I check most OpenStack based solutions are x86-64
<holstein> https://help.ubuntu.com/community/UbuntuCloudInfrastructure is what i would use
<gdeeble> Anyone know if using Serial 2 Network is it possible to push the host serial port to the client via telnet using Ser2net?
<one> Whats going on here aptitute install postfix is not working
<one> Just says 0 newly installed
<the_hydra> one: that means you already have one installed
<the_hydra> one: and you have the latest version
<one> hey
<one> postfix requires python nevermind
<andol> one: s/requires/recommends/
<one> oh?
<one> lemme look again
<one> andol: its autoselecting python for some reason
<andol> one: Well, the default nowdays is to install Recommends by default
<andol> one: Tried running (or configuring) apt with --no-install-recommends?
<one> andol: I was using aptitude.
<andol> one: Aptitude appear to have -R, --without-recommends instead, but otherwise relying on the same configuration.
<one> andol: does the configuration file have to be modified by hand?
<one> phretor are you off kiltor?
<andol> one: Well, if you invoke aptitude with --without-recommends it ought to do the trick at least that once. Otherwise you will want to put the following configuring option either in /etc/apt/apt.conf alt in some file under /etc/apt.conf.d/
<andol> APT::Install-Recommends "false";
<one> What about aptitude
<andol> one: What about it? It reads the same configuration
<one> but the syntax is Aptitude::
<andol> one: ?
<andol> one: If you take a look in the aptitude man page you will see that it even expliclty mentions Apt::Install-Recommends
<one> Ok I was just looking at what the file currently has and it spells out Aptitude::
<andol> My *guess* is that that would be aptitude specific configuration.
<one> andol: but you are right Apt::
<one> I am in the internet and there is a virus I am hunting
<one> andol: thanks
<one> andol: my appreciation
<one> well
<Guest45348> G morning all Greetz from Pittsburgh  :)-  .. Gonna toss a big Q out n hope someone can intercept it ... I know from the past yrs that in order 2 "jail" users into thier home dir of ssh was done with patches , etc.. Now I hear setting up chmod 4 users to /home/dir became simple..please enlighten ;)  ty
<Guest45348> and why cant i change my nick ..lol
<Guest45348> hmmm intresting same responce i got off 30,00 sites offering info on the matter , lmao ;)
<Guest45348> even with the later ssh supporting chmod of users,,its still a pain in the ass to setup, the only reasonable solution to achieving this is via vsftpd by creating the chmod list to lock users in home dir..is this really the easiest way? cause its not as easy at it appears 2 be.. the permissions are a double standard ??? Grrr time 2 smoke n break
<Superdesk_Doruk> tÃ¼rkÃ§e
<Superdesk_Doruk> konusabilcegim kimse varmÃ½
<turkce> hellp
<turkce> i have problem
<turkce> dovecot
<turkce> not running
<turkce> wheil?
<RoyK> !ask | turkce
<ubottu> turkce: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<turkce> !ask imap ve pop3 calÃ½sÃ½tÃ½ramÃ½yorum
<ubottu> turkce: I am only a bot, please don't think I'm intelligent :)
<turkce> !ask |turkce imap ve pop3 calÃ½sÃ½tÃ½ramÃ½yorum
<ubottu> turkce imap ve pop3 calÃ½sÃ½tÃ½ramÃ½yorum: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<Gregor3000> hello,
<Gregor3000> something that puzzles me. i am using mod_rewrite  along with wordpress plugin that adds .html to each site. now it all works well and i can access the site via menu. but as soon as i use this as http://link/page.html i get the 404?
<Gregor3000> so on the one hand i can access the link via menu, but if i copy that link into the browsers line i get 404
<Fieldy> yep. it's appending .html to page.html, making it page.html.html. you'll want to write your rewrite rule to not apply to URLs ending in ".html" (don't ask me, I don't know how)
<Fieldy> i bet if you look i your error_log you'll see requests for html.html
<mardraum> why would you ever want to randomly add .html
<Gregor3000> aha ok i see it now.
<Gregor3000> it's not just randomly. i am trying to move a static website to wordpress
<Gregor3000> and i don't want to lose the links
<RoyK> I built the 3.9.0rc2 kernel and tested it, removed it, but still 'update-initramfs -u' tries to build its initrd - any idea where its traces may be? this is on ubuntu raring devel
<ikonia> RoyK: doesn't raring ship with 3.8 ?
<RoyK> ikonia: as I said, I built 3.9 myself
<ikonia> RoyK: yes, but I didn't know if it was from a package update or if you just grabbed it from kernel.org
<RoyK> just got it from kernel.org
<RoyK> I just don't understand why update-initramfs will keep on trying to build that initrd and not the running kernel
<ikonia> hang on, it's which version is it trying ot build init-ramfs for ?
<ikonia> the 3.9 kernel, or the 3.8
<RoyK> http://paste.ubuntu.com/5640452/
<RoyK> no 3.9 kernel around as far as I can see
<RoyK> nothing in /boot
<ikonia> RoyK: now that is a surprise, I'd expect it to either a.) build for kernel installed by a package (which yours isn't) or b.) the running kernel
<ikonia> RoyK: yours is doing neither
<RoyK> http://paste.ubuntu.com/5640459/
<RoyK> that's stracing it
<ikonia> interesting it does have a quick look for dpkg
<ikonia> I don't see why it jumps to this
<ikonia> faccessat(AT_FDCWD, "/boot/initrd.img-3.9.0-rc2", R_OK) = 0
<ikonia> what made it select 3.9
<RoyK> erm - I just removed that and it still builds for 3.9
<RoyK> http://paste.ubuntu.com/5640466/
<RoyK> ikonia: any ideas?
<ikonia> RoyK: no, I'm very surprised
<RoyK> so am I...
<ikonia> RoyK: I don't see any logic in the earlier strace to suggest why it's picking up the 3.9 kernel
<RoyK> neither do I
<RoyK> line 224: read(3, "3.9.0-rc2\n", 128)
<RoyK> but from where?
<RoyK> got it
<RoyK> in /var/lib/initramfs-tools, there's a file for each kernel's initrd
<RoyK> seems it relies on that instead of checking what's really installed
<LargePrime_> HEYO!
<LargePrime_> I have a weird set of questions
<ikonia> RoyK: agreed
<ikonia> RoyK: "from where", I see it selecting it, but no reason why
<RoyK> ikonia: removing the hash files for the kernels no longer present solved this
<ikonia> RoyK: explain
<RoyK> ikonia: seems ubuntu creates a hash file for each initrd in /var/lib/initramfs-tools and update-initramfs uses these files to determine which initrd to build. doesn't make sense
<ikonia> RoyK: very poor
<RoyK> so, after removing the new kernel, I just removed the hash files for those, and bingo, update-initramfs creates a valid initrd
<ogra_> RoyK, you want -k ...
<RoyK> argh - where is that bug report site? https://help.ubuntu.com/community/ReportingBugs contains a small book of stuff, but the link to the real site is there somewhere
<ogra_> use ubuntu-bug
<ogra_> on the machine having the issue
<RoyK> ogra_: no, I don't want -k, I want ubuntu to sort this out correctly, and not use hash files left under /var somewhere to determine which kernels are really installed
<ogra_> it cant if you dont name your kernel version properly
<ogra_> thats what -k solves since you can force a new version (including the hash)
<RoyK> ogra_: It should generate the initrd of the running kernel
<ogra_> not if you created a hash for a newer one
<ogra_> -u will update the latest
<RoyK> I didn't create anything
<ogra_> you said above you installed you home brewed -rc2
<RoyK> I didn't create a hash
<RoyK> like you said
<RoyK> Using the hash files instead of the actual kernels for guideline doesn't make sense
<ogra_> tell that to debian :)
<ogra_> they added the hash "feature"
<ogra_> while ubuntu invented initramfs-tools, debian took over maintenance for it about 6 years ago ... we mostly just sync
<LargePrime_> I am trying to add a IP tunnel to my server for a few users.  I tried to add OpenVPN, but that failed when i /sbin/modprobe tun resulting in FATAL: Could not load /lib/modules/3.2.13-grsec-xxxx-grs-ipv6-64/modules.dep: No such file or directory
<patdk-lap> do you have a *real* server?
<patdk-lap> cause that sounds like you have an openvz thing
<patdk-lap> and you will need to ask your provider
<LargePrime_> patdk-lap: is that to me?
<patdk-lap> yes
<LargePrime> patdk-lap:
<LargePrime> it is a reals dedicated server
<LargePrime> hosted by ovh
<LargePrime> what would i say to my profider?
<patdk-lap> well, as ubuntu doesn't supply a 3.2.13-grsec kernel
<RoyK> LargePrime: can you pastebin the output of lshw?
<LargePrime> RoyK:  i can pipe that to a file right?  care to help me do that?
<RoyK> lshw | pastebinit
<LargePrime> sorry , my Noob is showing
<RoyK> everyone starts out as noobs ;)
<RoyK> !pastebinit | LargePrime
 * patdk-lap is still a noob
<ubottu> LargePrime: pastebinit is the command-line equivalent of !pastebin - Command output, or other text can be redirected to pastebinit, which then reports an URL containing the output - To use pastebinit, install the Â« pastebinit Â» package from a package manager - Simple usage: command | pastebinit -b http://paste.ubuntu.com
<RoyK> patdk-lap: aren't we all? :)
<LargePrime> http://paste.ubuntu.com/5640589/
<LargePrime> RoyK: sorry for delay
<patdk-lap> think it's a real server
<patdk-lap> guess they just compiled the kernel without tun support
<RoyK> looks like a physical machine to me
<LargePrime> it is
<RoyK> (but why they chose to put the swap partition on the slowest part of the drive, must be up to them)
<LargePrime> ?
<patdk-lap> 40MB/sec is more than enough for swap :)
<RoyK> spinning rust is about 2x faster on the outer rim, meaning the first sectors
<patdk-lap> expecially when you don' tuse it :)
<RoyK> well, swap is good, but it should be fast. no reason to use the inner sectors for swap
<LargePrime> can i fix that?
<RoyK> never mind about that
<patdk-lap> I hate swap :)
<patdk-lap> no matter how fast it is, my server always grinds to a halt when it's used
<RoyK> then you're doing things wrong ;)
<LargePrime> ok boys
<patdk-lap> ya, like giving it swap in the first place :)
<RoyK> but if this server is sold to you as an ubuntu server, you should complain
<LargePrime> complain how?
<LargePrime> I want to sound less Noobish
<LargePrime> http://www.sysadminworld.com/2012/how-to-switch-to-the-standard-ubuntu-kernel-on-ovh/
<LargePrime> so my options are what?  complain?
<Patrickdk> complain you have a non-standard kernel, and it currently, lacks tun support
<Patrickdk> could be fixed by adding tun support
<Patrickdk> or using a *normal* kernel
<jpds> LargePrime: There's not really much you can complain about.
<LargePrime> canit i complain about not being able to add openVPN? jpds
<LargePrime> or that ssh tunneling is broken
<jpds> LargePrime: Well, clearly they want their customers to use their provided kernels.
<LargePrime> and?
<LargePrime> jpds
<jpds> LargePrime: But then it's crippled in the sense that it lacks a modules.dep file.
<jpds> And thus can't load any new modules.
<LargePrime> jpds: I am confused, are you saying "There's not really much you can complain about." or "it's crippled in the sense that it lacks a modules.dep file."?  Or are those not exact opposites?
<LargePrime> or near opposites...
<jpds> LargePrime: Well, it might be their intention that you can't use other modules.
<LargePrime> but that is still 'complainable' right?
<jpds> LargePrime: I mean, Googling 'ovh openvpn' brings a lot of hits.
<jpds> LargePrime: http://forum.ovh.co.uk/showpost.php?s=e846d7415c4d87e8a89a8a9a53d7f315&p=14277&postcount=2
<jpds> LargePrime: What I'm saying is: you can't complain, if it's by design. :)
<LargePrime> I dont understand.  whatever thier designs are, if they sell a ubuntu server that is not a ubuntu server then one may complain, no?
<edd_> Guys
<edd_> 4
<edd_> $20 with your name on it if ya fix something for me :D
<edd_> well help me fix it
<edd_> No space left on device   <------------------------------------------------ WTF
<edd_> as a result i cant login via phpmyadmin or any type of php session
<edd_> Local disk space	9.86 GB total, 6.25 GB used
 * edd_ shoots self
<IdleOne> delete some logs?
<IdleOne> and stop using enter like it gives candy :)
<edd_> It doesnt give candy wtf :S
<edd_> Sorry, now delete some logs#?
<edd_> Where are these logs you speak of
<IdleOne> /var/log
<edd_> Am a noob
<edd_> Let me puty in
<edd_> Root@unbuntu #
<edd_> IdleOne: now what i do :D
<edd_> or can this be done via webmin :S if i dont have buttons i just dont know
<IdleOne> I don't know webmin but if you can get to /var/log delete some of the logs
<edd_> Is it possible to do this via console?
<edd_> Fuck the game
<edd_> am just gona click shit :D
<edd_> the players cant login anyway haha
<IdleOne> Please don't swear
<IdleOne> Are you even running ubuntu?
<edd_> Yeah
<edd_> fixed it
<edd_> for now
<edd_> this is 5th time ive fixed it
<edd_> sudo apt-get autoclean
#ubuntu-server 2013-03-24
<onereadingman> Will someone give me a hint as to what man page will tell me how to set an init script to start at boot?
<sw> !boot
<ubottu> Boot options: https://help.ubuntu.com/community/BootOptions - To add/remove startup services, you can use the package 'bum', or update-rc.d - To add your own startup scripts, use /etc/rc.local - See also !grub and !dualboot - Making a boot floppy: https://help.ubuntu.com/community/GrubHowto/BootFloppy - Also see https://help.ubuntu.com/community/SmartBootManagerHowto
<onereadingman> Will someone give me a hint as to what man page will tell me how to set an init script to start at boot?
<onereadingman> hey hey boo boo
<sw> !boot
 * sw pokes ubottu 
<sw> onereadingman:
<sw> 00:13 < onereadingman> Will someone give me a hint as to what man page will tell me how to set an init script to start at
<sw>                        boot?
<sw> 00:14 < sw> !boot
<sw> 00:14 < ubottu> Boot options: https://help.ubuntu.com/community/BootOptions - To add/remove startup services, you can use
<sw>                 the package 'bum', or update-rc.d - To add your own startup scripts, use /etc/rc.local - See also !grub and
<sw>                 !dualboot - Making a boot floppy: https://help.ubuntu.com/community/GrubHowto/BootFloppy - Also see
<ubottu> sw: I am only a bot, please don't think I'm intelligent :)
<sw>                 https://help.ubuntu.com/community/SmartBootManagerHowto
<LargePrime> HEYO!
<LargePrime> ok so my host says i can change kernals all i want!
<LargePrime> so I has to do that.
<LargePrime> roy
<LargePrime> RoyK:
<LargePrime> does anyone have any good thoughts on what kernel One should install?
<remote> LargePrime: linux
<LargePrime> remote:  Linux???  not a windows kernal on my ubuntu server?
<LargePrime> are you sure?
<LargePrime> </sarcasm>
<remote> how would you feel if I said "yes"?
<LargePrime> relived
<LargePrime> remote: have you looked at http://grsecurity.net
<LargePrime> remote: also i see a linux-image-3.5.0-25-lowlatency kernel
<LargePrime> and I not know if i want, o why?
<LargePrime> and I not know if i want, or why?
<patdk-lap> heh, you unlikely want lowlatency kernel
<patdk-lap> it causes more kernel overhead processing
<LargePrime> great
<patdk-lap> it's kind of like disks, doing many small operations, are a few larger ones
<patdk-lap> you can go one way or the other
<LargePrime> so low latency i i want low latency and will pay with higher cpu load for net tasks
<patdk-lap> for net tasks?
<patdk-lap> for everything
<LargePrime> oh
<patdk-lap> all the programs will run slower, cause it's optimized to switch more often, and do things *quicker* instead of waiting
<LargePrime> ok so DO NOT WANT!
<patdk-lap> that means lots of context switching
<patdk-lap> and context switching is a huge overhead
<LargePrime> ok, so latest and greatest?  3.5.0-26?  or stick with an earlier?
<LargePrime> who would use a low latency kernel?
<LargePrime> patdk-lap:
<patdk-lap> time sensitive stuff
<patdk-lap> signal analysis, some audio people
<patdk-lap> audio people are always alittle nuts
<LargePrime> REAL time sensitive stuff?  This is just a minecraft server
<LargePrime> lol
<LargePrime> so any reason not to use .26? patdk-lap
<LargePrime> and what about grsecurity kernels?
<patdk-lap> it's some extra security package
<patdk-lap> been years since I looked into it
<patdk-lap> but opted not to use it, just too painful for the gain it would give me
<patdk-lap> but you had ovh doing that, so would be nice to use, unless like you had, it gets in the way
<LargePrime> patdk-lap:  , ima be back to ask you more questions
<one> Id python required by nmap?
<one> Is python required by nmap?
<andol> one: Yes, and why so hung up on not installing Python? Setting up some embedded system?
<one> andol: eventually but trying to get a clean build environment first
<one> I need nmap to check the lines and get an idea of what im downloading
<one> I guess I could try and rewrite nmap to use perl
<one> What version of nmap doesnt require python?
<one> Someone keeps changing my internet connection
<one> So I need nmap to see whats going on
<qman__> you're going to have a really hard time trying to build ubuntu without python
<qman__> and why is perl somehow ok but python isn't?
<one> I only see .cc and .h files in the nmap source
<one> Where is the python?
<Quebert> Question, when I first create the server and it asks for the hostname e.g. server.example.com can I use that name or should that only be used to name the server?
<one> Is there a version of nmap without python?
<one> If I download a package or a source is there a way to automatically download the deps of the package and source?
<one> aldo talk to me
<one> andol: are you there?
<one> If I download a package or a source is there a way to automatically download the deps of the package and source?
<histo> one: apt-get source packagename
<one> histo: but that doesnt also get the dependencies of that package
<histo> one: you want source for nmap and source for all the dependancies
<histo> one: Are you sure python isn't jsut a recomended package?
<one> histo: let me check again
<one> histo: First please help me with this I want to download the packages for build-essential so after I get the sources I can build them.
<one> so I try apt-get download build-essential and it only downloads the metapackage
<histo> one: Is there a reason you want to build all of this from source?
<one> of course
<histo> And that is?
<one> I am going to make changes for one and that is sufficient reason.
<one> Reasons matter not anyway.
<one> It is the causes that matter. And the effects.
<histo> Okay but yet you don't understand how to install packages or download their source code?
<histo> sudo apt-get install build-essential
<histo> apt-get source nmap
<one> histo: yes it resolves dependencies automatically when installing
<one> I want to download only
<histo> Download only what?
<one> the packages needed to build the sources I will download
<one> so either or apt-get download and apt-get source I want to also get the dependencies
<histo> one: apt-get buil-dep packagename
 * histo has a feeling this is going to end badly
<one> histo: I dont want to build them at the moment I want to download them
<one> whats the point of building them if there are no changes made?
<histo> one: that will download the dependancies to build "them"
<one> the sources?
<histo> one: You are really confusing.  Perhaps you can try again and state what you want to do concisely in one line.
<one> ok
<histo> one: again sources for what?
<one> I want to download ONLY the packages for build-essential (so I can build the latter) and I also want to download a source pagage INCLUDING sources for dependencies.
<histo> one: build-essential is a meta package you realize that right?
<one> Right so how do i tell both commands to alse get DEPENDENCIES
<histo> one: So you want source code for all the packages in build-essentail??? or do you just want to download the packages only and not install them?
<one> Both.
<histo> one: what are you going to recompile gcc with btw?
<one> Thats not what I am going to do at the moment.
<histo> Then what do you need the source for it for?
<histo> You have an XY problem
<one> But if you would answer the question I can get sources for other packages the answe ris the same either way.
<histo> one: http://www.perlmonks.org/?node_id=542341
<one> The question is how do I get apt-get source and apt-get download to also get dependencies.
<one> SIMPEL
<one> Dont worry about why
<one> Let me do the thinking here.
<one> You just help me issue the commands.
<one> OK
<histo> The only way I can think of doing the insane thing you want to do is to install the package an get the debs from the /var/cache/apt/archives/
<histo> then you could apt-get source packagename and get all the source also
<histo> Since you don't want to apt-get build-dep packagename
<one> So I have to remake a list for apt-get source?
<one> let me try build dep
<histo> one: I guess but again sounds like an XY problem to me
<one> What do you mean XY problem I am sick of flawed logic being thrown at me as some sort of rules to ask questions by.
<jpds> one: apt-get build-deps <package>
<jpds> build-dep, that is.
<jpds> ...will download the build dependencies of a package.
<histo> one: You want to do X, and you think Y is the best way of doing so. Instead of asking about X, you ask about Y.
<histo> one: or...  You're trying to do X, and you thought of solution Y. So you're asking about solution Y, without even mentioning X. The problem is, there might be a better solution, but we can't know that unless you describe what X is.
<one> I don't think like most people.
<one> Ok I dont think linear.
<histo> one: And that's the problem
<one> Why does everything I ask turn into a logic argument.\
<one> histo: it is not a problem the problem is that folks dont want to help unless they think they can approve of an outcome that they are unable to see
<histo> one: I'm not arguing only trying to help. I've explained numerous ways to do what you want although I don't agree with it and don't believe you understand.
<one> hold on let me look at build dep
<one> its trying to install packages i dont want them installed i just want to download binaries and source
<histo> one: then you would apt-get download packagename   To download the binary and apt-get source packagename to download the soruce
<histo> one: build-dep satisfies the build dependancies for a particular package
<histo> !source | one
<ubottu> one: You can easily fetch a package's source with apt-get. See: http://www.debian.org/doc/manuals/apt-howto/ch-sourcehandling.en.html
<histo> !build | one
<ubottu> one: Compiling software from source? Read the tips at https://help.ubuntu.com/community/CompilingSoftware (But remember to search for pre-built !packages first)
<one> histo: ok I see but in binary form
<histo> one: you would have to extract it from the debs
<one> I want the deps in source form
<histo> one: then apt-get source packagename  for them
<one> ok so I have to make my own list theres no way to have the command resolve the dependencies
<one> right, that is the answer to my question
<histo> There is no way to do what you want witht he apt-get source command it's not used that way
<one> oh thanks for finally answering
<one> appreciate the help histo if I may give some feedback next time just try to answer the questions asked
<histo> one: I did
<one> histo: yeah 42 minutes later
<ikonia> one: drop the attitude, you're banned from #ubuntu for this attitude - be nice here
<one> im just giing feedback
<ikonia> one: yeah, so stop he's trying to help you
<one> i dont buy that
<one> i think its trolling
<one> i think he is smarter than that
<one> and i also think he knows i am smarter than that
<Hasoth> hello, how much space will take to install ubuntu server with php and mysql server?
<Hasoth> I have old comp with 40 GB disc and I don't know how much will be to use after instalation
<ikonia> Hasoth: couple of gig
<ikonia> can probably get it down to around 800mb
<Hasoth> ikonia: thanks
<Hasoth> will that Ubuntu Server 12.04.2 LTS work on old machine ?
<ikonia> Hasoth: read the minimum spec and see if your hardware meets it
<Hasoth> is that very difficult to install php and mysql server on ubuntu server?
<ikonia> have you considered reading any of the documentation ?
<ikonia> Hasoth: but in short, "no"
<Hasoth> ok, just in short, I will read everything today later ;)
<Hasoth> I just use sometimes ubuntu - normal not server
<Hasoth> and it's very easy to do anything there
<ikonia> the desktop is the same as the server
<Hasoth> ahh, I thought I will need to do anything with command lines
<Hasoth> everything not anything ;)
<ikonia> Hasoth: well that is the default setup,
<ikonia> but the command line is the same as the ubuntu desktop command line
<Hasoth> I bet there's a lot of tutorials for ubuntu server
<Hasoth> I just hope I won't get any anusual problem ;)
<Hasoth> in other case I will come here and ask specific question
<Hasoth> thanks for help ;)
<ikonia> Hasoth: https://help.ubuntu.com - there is an excellent server section
<ikonia> Hasoth: please be aware you can also use a desktop install as an excellent server
<Hasoth> ikonia: I thought server version is like light version of system, without not needed things + with installed some stuff for server
<ikonia> Hasoth: it's not got things like a desktop installed by default
<Hasoth> and I will use that server just for showing sites for clients
<Hasoth> good, that would be waste of space
<Hasoth> is that possible to use free domain on my own server?
<Hasoth> or rather, is that anything like free domain without server that gives free domain?
<Hasoth> because they mostly want track-back link or something
<Hasoth> I probably need to make domain controller or server
<Trudko_> guys I got newly installed ubuntu server on virtual machine where i deployed apache and my application. I am not familiar with ubuntu server at all , is there something which I should do in order to procted it or something?
<Trudko_> I found this http://askubuntu.com/questions/151440/important-things-to-do-after-installing-ubuntu-server
<Extreme> !apache
<ubottu> LAMP is an acronym for Linux-Apache-MySQL-PHP. However, the term is often used for setups using alternative but different software, such as Perl or Python instead of PHP, and Postgres instead of MySQL. For help with setting up LAMP on Ubuntu, see  https://help.ubuntu.com/community/ApacheMySQLPHP - See also the Server CD installation process.
<luminous> hi! I'm trying to install a package but another package is erroring out in it's --configure.. there should be no dependency between the two, so I don't know why this would happen. any insights into how I can just install salt-minion and work around puppet sucking? http://dpaste.de/xOZy7/
<qman__> dpkg won't work until errors are resolved
<qman__> so you can't install any packages until that's fixed
<luminous> what part of dpkg is broken?
<qman__> not dpkg, the package that's generating the errors
<luminous> how should I find out more information so I can fix the problem with puppet?
<qman__> well, it looks like it won't start
<qman__> so check syslog or messages to see why
<qman__> if you don't care about puppet and just want to remove/manually fix later, you can manually set it to installed
<luminous> I like that last option as a fallback
<luminous> how would I tell dpkg that?
<qman__> Edit /var/lib/dpkg/status and search for âPackage: puppetmasterâ³
<qman__> Replace âhalf-configuredâ with âinstalledâ
<maxb> ugh
<luminous> another thing is I could drop the version back to known working and lock it somehow?
<qman__> be careful because trashing this file will break everything
<maxb> Editing the dpkg status file manually is REALLY dubious
<maxb> Why can't you just remove the problem package instead?
<luminous> maxb: touching apt in anyway is often dubios
<luminous> maxb: I would prefer to drop back a versoin at this point
<maxb> Hardly
<qman__> you can pin/hold a package
<luminous> I'm just speaking from my experience, not trying to argue reality for others
<qman__> did it break after an upgrade?
<maxb> Theres a vast difference between using the package manager's published interfaces and fiddling with its internal database manually
<luminous> qman__: likely, I did not do an upgrade, but I think another admin did, and was not looking at puppet working
<maxb> Do you actually want a running puppetmaster on this system?
<luminous> maxb: agreed
<luminous> maxb: yes, I do want puppet running
<luminous> as I said, I would prefer to drop back to 3.0, which was known working for my setup
<luminous> and i can then debug what is breaking elsewhere
<luminous> but I need salt on there regardless.. so I'm mostly just trying to get puppet out of my way
<maxb> Do you run the built in ruby server version of the puppetmaster or do you use passenger/apache?
<maxb> Because, somewhat counterintuitively, if you use the passenger/apache form, you *don't* want the puppetmaster package installed
<luminous> builtin, I'm hardly using puppet anymore, I'm in the process of converting the last vestigages >>> salt stack, and I have never been happier :)
<luminous> i need to have puppet running to ensure I'm covered if any of the last few bits break while I have not got them converted to salt
<maxb> I'm not 100% sure that this will work, but the simplest option might be to disable the puppetmaster init script by chmod -x
<maxb> I *think* that will allow the package configuration to complete
<maxb> So, can you try 'chmod -x /etc/init.d/puppetmaster; dpkg --configure -a'
<luminous> ok, that would get me through a bit. how would I ask apt to drop puppet back a version?
<maxb> Of course, if it's important to you that the puppetmaster run, you should probably work out why it is failing to start
<luminous> that's the third step
<maxb> Dropping back a version largelly depends on whether the puppetlabs repositories still publish the old version, or if you're going to have to locate the packages manually
<luminous> hrm, ok
<maxb> You could try 'apt-cache policy puppet' to see a list of versions that apt knows about
<luminous> if you are not using salt stack, I _highly_ recommend checking it out
<maxb> If the one you want isn't in the apt indexes any more
<luminous> yea, I might just need to fix the broken puppet definition :)
<maxb> * If the one you want isn't in the apt indexes any more, then you will need to find the .deb files manually
<maxb> I will have a look at salt. I currently use puppet, but I'm not all that fond of it
<luminous> working with salt breathes some life into sys admin again
<maxb> Ooh, salt is Python?
 * maxb would rather like an escape hatch from RUby
<luminous> it's easy to work with, super fast, built on zmq, and _just friggin works_
<luminous> yea, there's ancel too, also in python
<luminous> it's really easy to learn
<luminous> much simpler/shorter learning curve than puppet
<luminous> and in the end, you get a clean description of what your infrastructure looks like, way more so than I could in 2 years with puppet
<luminous> apt tells me there is a 3.0.2-1puppetlabs1 package? but how do you reference this correctly with apt? tr
<luminous> maxb: checkout libvirt integration here: http://docs.saltstack.com/topics/releases/0.14.0.html :D
<maxb> luminous: Do a dpkg -l '*puppet*' and figure out all of the puppet related package names ( e.g. puppet, puppetmaster, maybe a puppet-common IIRC? )
<maxb> Then apt-get install {puppet,puppetmaster,puppet-common}=3.0.2-1puppetlabs1
<maxb> Where the {} is bash syntax
<luminous> I see the name=version in doc
<luminous> oh yea, I did not think of the other pkg
<luminous> thanks so much maxb :)
<luminous> you have made my working with ubuntu a wee bit less painful :)
<maxb> The packages are likely to become unhappy if you mix versions :-)
<luminous> yea, totally understandable!
<maxb> And thank you, it's promising to have an alternative to Puppet to look into next time I end up in a configuration management argument at work
<luminous> :)
<luminous> you may want to put it on a vbox image just to fiddle with a little.. you may find yourself using it right away :P
<luminous> want to find that file you can't remember which server it is on? salt '*' cmd.run 'find / -type f -name "*that_file*"'
<maxb> My instinct would be to just use pssh for that
<luminous> sure, except that pssh isn't really the same framework that salt provides.. so you use one integrated tool to do a whole lot
<luminous> I have networks defined as maps of vms with specific profiles, and then states to control evyerthing from services to users and the specifics of files.. and can then use salt-cloud to wave a wand and have an instance of that network created in the cloud for me, all according to spec..
<luminous> but yea, I know.. it's just something you experience as your life gets easier with salt, and then you don't want to use anything else. you even start to solve your admin problems differently
<qman__> how do the systems connect?
<qman__> is it possible to do this over the internet or no?
<qman__> at my job we have a bunch of NASes that need to be more or less identically configured, and right now I have them wget a tar.gz to update a set of scripts
<maxb> I suspect it might be a bit of a hard sell to move off Puppet at my place, unfortunately.  We're still splitbrained between Debian and CentOS after a merger of two companies
<Trudko_> guys I got newly installed ubuntu server on virtual machine where i deployed apache and my application. I am not familiar with ubuntu server at all , is there something which I should do in order to procted it or something?
<Trudko_> I found this http://askubuntu.com/questions/151440/important-things-to-do-after-installing-ubuntu-server
<ikonia> Trudko_: just apply common sense and lock it down without locking your application
<Trudko_> ikonia: I dont have enough experience with setting ubuntu server to have common sense about this
<ikonia> basically sort your file permissions out
<qman__> Trudko_, ubuntu, like most linux distributions, is secure by default
<qman__> if there are any gaping holes, it would be something you have done
<Trudko_> what about the  link i sent ? there are bunch of things which people set...
<qman__> make sure you use good passwords, don't install more than you need, etc
<qman__> those are all a matter of preference and are application-specific
<qman__> for example, shared memory is only an issue if you allow users to execute arbitrary code on your server, i.e. user shell accounts
<qman__> spoofing is only an issue if your system is directly connected to an untrusted network, and even then is not typically a huge issue, and hardening PHP reduces some application functionality
<qman__> of course hardening PHP is kind of a misnomer, when you use PHP you accept the risk that PHP is generally troublesome in regard to security, and you have to make sure your application has good code
<patdk-lap> man, that harden php thing is so much less secure than the default
<qman__> oh?
<patdk-lap> I will say, the disable_functions is nice, but with exec disabled, you won't be able to use wordpress/jombla/....
<patdk-lap> register_globals=off has been default since 5.2? or was it 5.1
<patdk-lap> expose_php, ok, doesn't matter
<qman__> just googled the magic quotes
<patdk-lap> magic_quotes_gpc, this is just evil, I would never use it, it causes all kinds of \'s all over your stuff and sql columns
<patdk-lap> if your program is made for php 3.x, sure use it
<patdk-lap> but seriously
<patdk-lap> it's an attempt at, we know php programmers won't validate user input, so this could help
<qman__> yeah
<patdk-lap> but now you don't know what the real user input was, was that \ them, or php
<patdk-lap> had a database with that all over it :)
<patdk-lap> between that, and magic_sql_quots, and stuff
<patdk-lap> and years of server upgrades and changes
<patdk-lap> there are upto 8 \'s in sql
<patdk-lap> had to scrub the database
<patdk-lap> as far as, disable_functions, the php.ini I installed like 2 weeks ago, had like 20+ things listed on it
<Trudko_> qman__: well I deployed simple ruby on rails application where people just add some data - sport data is for sport league so it should be safe. Passwords are good(randomly generated)
<qman__> Trudko_, with the exception of the php magic quotes of course, it's not to say that doing those things is a bad idea, but that you have to weigh whether it will be beneficial to you in your application
<qman__> it will break some applications
<qman__> fail2ban is generally a good idea but if you make a lot of SSH connections you need to tone it down or you'll have problems
<Trudko_> qman__: well personally i happy that application is working
<Trudko_> i just want to make sure that client wont call that something f*ked up with server it self
<qman__> Trudko_, if this is going to be a set and forget server, I recommend using fail2ban
<qman__> the other stuff is really not necessary
<useless-eater> can anyone point me to a netinstall.img that I can dd to a usb stick for installing ubuntu-server? cannot find it on webpage
<RoyK> useless-eater: https://help.ubuntu.com/community/Installation/MinimalCD
<useless-eater> RoyK: thanks
<ruben231> hi guys any application that will email for any downtime for server..? when the serer is unreachable
<RoyK> !icinga
<ruben231>  RoyK: whats that..?
<RoyK> it's a nagios fork
<RoyK> works well
<RoyK> !nagios
<ruben231> RoyK: how install it should it be on the same server or different
<RoyK> the server can't know if it's dead
<ruben231> RoyK: so it should be on seaparate
<RoyK> must be
<RoyK> if you have an alarm set to alert you if you're dead, how can you press the alarm button?
<aandy> hey, sorry if this is off topic, i couldn't find a better place to ask about dnsmasq :) anyone have experience using ptr-records in dnsmasq? specific names works, but i'm looking for a "wildcard" solution, is it impossible in dnsmasq?
<RoyK> not sure about dnsmasq - should work with bind
<aandy> RoyK: ok, that's fine, i can use bind. something like 1 IN PTR one.example.com => *.*.*.1 -> one.example.com?
<RoyK> aandy: that'll be spoofing a bit too much
<aandy> that was just an example. what i'm looking for is only LAN addresses - 192.168.0.1/24 for instance
<RoyK> just register those rfc1918 addresses
<aandy> right, sorry i wasn't clear. i meant if the syntax was right ;) as in, i specify the surfix, so 0.168.192.in-addr.arp. IN PTR lan.company. would match 192.168.0.1-192.168.0.255
<RoyK> try #bind
<RoyK> I don't now
<RoyK> know
<aandy> ah, thanks
<cronus> hello everyone. does anyone know how to start upstart session jobs without login. the documentation says to run init --user, but from where and how? thanks
<codepython777> for a given process id, how do i find its memory/cpu consumption (for it and its child processes)?
<codepython777> I'd prefer to keep an eye on its network usage as well
<Nicolas_Leonidas> hi
<Nicolas_Leonidas> how do I stop this Enter passphrase for key '/home/foo/id_rsa' from showing up when I try to ssh?
#ubuntu-server 2014-03-17
<raub> can anyone explain me how update-ca-certificates works?
<raub> Does it grab all the files that are not commented out in /etc/ca-certificates.conf?
<Joe_knock> Hello. What is the smallest server OS available?
<mwhudson> that supposes a precise answer to a vague question i think
<Joe_knock> smallest in MB size, mwhudson
<mwhudson> Joe_knock: but what is a 'server os' ?
<mwhudson> i don't really have the time to talk about this anyway, so ignore my trolling :-)
<Joe_knock> mwhudson: The equivalent of ubuntu server
<raub> Joe_knock: a server provides services. If you build a bare host and then only add the serivices you need you should be able to get it rather small
<raub> What is the hardware?
<raub> and define small
<raub> you see, I have a ubuntu 12.04 vm that takes 2GB
<Joe_knock> raub: This is what I am trying to do. I want to install owncloud on a 4GB USB flashdrive. it requires the AMP stack and I only have linux desktops. so I want a very thin LAMP stack installed to run owncloud. The reason why (if you ask why) is that I want to learn about building portable web apps.
<raub> Joe_knock: have you seen what people have done to run ubuntu in the raspberry pi or the (lesser known) cubox?
<Joe_knock> raub: that is the problem I am seeing. They're all Pi-related scenarios. I don't want to use a Pi. I just want the USB device to act as the way I communicate with owncloud.
<raub> You are thinking I am recommending the pi. I am not. My point is see what they did to make it fit
<raub> How much memory do you have?
<Joe_knock> 4GB on the flash disk. raub: I actually think I understand what you're saying now. Hacking their solutions to my scenario
<raub> Yes
<raub> And actually I was meaning how much RAM do you have
<Joe_knock> on my PCs, it is generally 1GB or higher
<raub> You see, you need to figure out how much hacking you are willing to do
<raub> The question regarding ram is you want to forget about swap and put /tmp in ram
<raub> This is not even hacking yet since you are still with a standard ubuntu server
<Joe_knock> raub that is why I want the thinnest server possible. Perhaps I need to think of a way of building a USB server
<raub> I have not finished yet
<raub> then you need to remove drivers for all the devices you do not use
<raub> But that can be fun since next kernel upgrade they might be back
<raub> But, you can go over all the packages
<raub> find out which ones you need
<raub> and of the ones you think you can get rid of, the ones that are not needed by something you do
<raub> I think you can get down to a few hundred packages if you take the time
<Joe_knock> raub: Wouldn't it be easier to go the other way? I determine the packages I need, let the system pickup dependencies and install only what I need (which is basically LAMP)
<raub> Now, if and only if you had loads of RAM, you could upload your webserver (the stuff in /var) to a ramdisk upon boot
<raub> Joe_knock: in principle yes, but even the default is a bit bloated
<raub> Joe_knock: How about this: https://help.ubuntu.com/community/Installation/MinimalCD
<raub> http://www.maketecheasier.com/install-a-minimal-ubuntu-on-old-laptop/
<raub> i.e. do the manual package selection
<Joe_knock> 30MB or less. damn that is small. This could actually work! thanks for that raub!
<raub> Joe_knock: you might want to use nginx instead of apache though
<Joe_knock> good point again. If I'm going minimal, I might as well play with nginx too (been meaning too).
<raub> And, for the love of all that is evil and putrid, do not install network manager
<raub> neither it or gdm have any business in a server
<raub> ok, maybe gdm in very specific conditions ;)
<Joe_knock> would network manager apply to a LAN server?
<raub> you can do static and dynamic crap without needing it
<raub> and vlans and vpns and all that exciting stuff
<Joe_knock> so basically it is bloatware :P
<raub> For a laptop I can see its use
<raub> for a server, you can do better editing a couple of files while making hot dogs
<Joe_knock> raub: 1 last question. Is the core of ubuntu desktop and ubuntu server based on the same thing? Or are these 2 different uses of linux vastly different?
<sajan> Joe_knock: pretty much the same thing.  To demonstrate this, you could install Ubuntu Server on a machine, and turn it into a desktop with like 3 commands and a reboot.
<Joe_knock> sajan: That makes a lot of sense, considering how easy it is to setup a local server environment on desktop.
<sajan> Joe_knock: yeah.  The only real difference is the packages included in each .iso; The server version excludes unnecessary desktop packages, and the installer.  Desktop you get a graphical, GUI installer, on the server version, it's more of a ncruses like installer.
<sajan> Joe_knock: In the past, I believe they were two different kernels.  However, I'm positive even that is not that case anymore.
<Joe_knock> sajan I think they may possibly have abandoned by original desktop kernel and simply built the GUI features on top of the server one (my theory).
<lordievader> Good morning.
<rbasak> jamespage: please could you subscribe ~ubuntu-server to bugs in python-jujuclient, urwid and websocket-client?
<jamespage> rbasak, yes
<rbasak> Thank you!
 * rbasak carries on with the MIR
<jamespage> rbasak, done
<jamespage> rbasak, thanks for picking this up btw - appreciated :-)
<rbasak> jamespage: np. I've almost done as much as I can I think. MIR reports next.
<jamespage> rbasak, good-oh
<sander^work> What's the easiest console only bootable rescue cd?
<omps`> b
<omps`> ls
<jamespage> zul, special treat for you when you start
<jamespage> figure out the failing test in libvirt in the CA :-)
<zul> jamespage:  that all? :)
<jamespage> zul, well ceilometer needs a few bits fixing but aside from that :-)
<zul> jamespage:  good to be back :P
<jamespage> zul, most things are working; I've not exercised the cloud-archive that much - mainly focussed on 14.04
<jamespage> zul, nice to have you back - how was the beach?
<zul> ok ill take a look today
<zul> it was good...im starting to peel
<zul> jamespage:  no problem getting home either..although its -20C outside today :(
<jamespage> zul, lol
<jamespage> it was nearly 19C here yesterday
<jamespage> almost like spring!
<ogra_> same here
<ogra_> like the whole winter
<ogra_> (about 10-15Â°C to warm since Nov in germany)
<jamespage> zul, I flushed everything through in the CA - http://reqorts.qa.ubuntu.com/reports/ubuntu-server/cloud-archive/icehouse_versions.html
<jamespage> (and fixed that report)
<zul> whats up with openvswitch?
<zul> biab i need to take liam to school
<zul> jamespage:  sorry -27C with the windchill
<jamespage> zul, ignore ovs - it ftbfs in virtual ppa
<zul> jamespage:  ack
<jamespage> zul, oh also - for stable/havana
<jamespage> https://review.openstack.org/#/c/80687/
<jamespage> and https://review.openstack.org/#/c/70750/
<jamespage> zul, adam_g pinged me last week about that and whether it would foobar us for the SRU
<jamespage> thoughts?
<zul> jamespage:  it shouldnt since we have oauthlib in the archive
<jamespage> zul, yeah - and its in main - that was my thinking
<jamespage> but wanted your opinion on it as well
<zul> jamespage: yeah i was the one who asked them to use oauthlib originally ;)
<jamespage> zul, I remember!
<zul> jamespage:  we should just add the build-depends when we are doing stable/havana though
<zul> otherwise the tests will fail
<jamespage> yes - agreed
<jamespage> adam_g, OK - so we don't think the oauthlib change in stable/havana will cause issues; we'll focus specifcally on that during testing
<zul> jamespage:  i dont think anyone is using oauth on havana in Ubuntu
<jamespage> coreycb, https://bugs.launchpad.net/ubuntu/+source/python-neutronclient/+bug/1292661 if you fancy it
<coreycb> jamespage, sure thing, I'll work on it
<jamespage> coreycb, ta
<raj__>  how to override global .bashrc over user .bashrc  ?
<ikonia> raj__: just told you in #ubuntu - please don't cross-post
<sleepee> whats up guys.
<sleepee> i feel like an idiot, but i was wondering if someone knew how to make ubuntu boot into the xen kernel..
<smb> sleepee, Activate grub menu and select the "with Xen entry" or change the grub default to the string of that submenu
<sleepee> i edit the GRUB_DEFAULT line in /etc/default/grub but ubuntu still boots into the regular kernel.
<sleepee> well, i really want to change the default so i don' t have to choose the xen kernel manually every time i boot
<rbasak> sleepee: did you run "sudo update-grub" after editing /etc/default/grub?
<sleepee> yes.
<sleepee> GRUB_DEFAULT="Xen 4.3-amd64"
<sleepee> that's what i have in my /etc/default/grub.
<sleepee> but i must be missing something else.
<smb> sleepee, Make sure that is what is in /boot/grub/grub.cfg and then re-run update-grup
<smb> update-grub
<sleepee> not exactly sure what i'm looking for in /boot/grub/grub.cfg but i do see this line:
<sleepee> set default="Xen 4.3-amd64"
<smb> sleepee, Sorry I meant later in that file where the submenu is defined
<smb> So 'submenu "Xen...' or so
<sleepee> i see: menuentry 'Ubuntu GNU/Linux, with Xen 4.3-amd64 and Linux 3.11.0-12-generic'
<sleepee> and:  submenu 'Xen hypervisor, version 4.3-amd64'
<smb> So you need that string in default
<sleepee> ahhhhh... ok.  i've been following other guides and how-to's and they just give me the string to put in /etc/default/grub.  i guess it would've been more helpful to know where that string actually came from.  thanks smb!
<sleepee> i'm going to edit it and reboot and then come back and let you know.
<smb> sleepee, Yes, unfortunately it changed between releases. Which guide (maybe something I can change) were you looking at?
<sleepee> here's one i looked at
<sleepee> https://help.ubuntu.com/community/Xen
<sleepee> so that means any time a new xen kernel comes out, i'd have to manually change that line in /etc/default/grub right?
<smb> sleepee, No, only if there would be a new version of Xen
<smb> The setup now always picks the kernel with the highest version from that submenu
<sleepee> right.  got it.  thanks smb.
<sleepee> i see.
<sleepee> well, i'm going to restart and see if this works.  be right back
<zul> jamespage:  i think i have libvirt fixed
<jamespage> zul, what was it? I suspected hardening flags in 12.04 but was not 100% sure
<zul> jamespage:  the failing test doesnt like Bsymblic-function
<jamespage> ah
<jamespage> yeah - that's what I though
<sleepee> smb, i guess it didn't work.  :(
<zul> jamespage:  anyways doing a test build and then ill upload
<sleepee> i'm still running the regular kernel
<jamespage> zul, good-oh
<sleepee> but i'm not sure if it's something i'm doing wrong as far as xen goes.
<smb> sleepee, It would be the same kernel actually but just as a dom0 under the Xen hypervisor. But just to make sure, where did you change the string and did you run update-grub after (if it was in /etc/default/grub)?
<sleepee> i changed  GRUB_DEFAULT="Xen hypervisor, version 4.3-amd64" in /etc/default/grub and then sudo update-grub
<sleepee> and then i rebooted.
<sleepee> so there's not supposed to be a different kernel when i run 'uname -r'?
<smb> sleepee, And something like "sudo xen info" still does not work?
<smb> sleepee, No, its the exact same kernel version as without
<sleepee> i get ERROR:  Can't find hypervisor information in sysfs!
<sleepee> ahhh.. ok.
<sleepee> but still. the xen utilities don't work so i must be doing something wrong.
<smb> sleepee, probably. maybe you can pastebin your /boot/grub/grub.cfg for me
<sleepee> http://pastebin.com/NCqhtLQX
<sleepee> am i supposed to put the string that comes after "submenu" or "menuentry"?
<smb> sleepee, Oh drat, fooled myself... Yeah it should be "Ubuntu GNU/Linux, with Xen hypervisor" from the menuentry
<sleepee> ahh.. ok.  so basically, in this case, it should be 'Ubuntu GNU/Linux, with Xen 4.3-amd64 and Linux 3.11.0-18-generic'
<sleepee> right?
<sleepee> ok.  so i edited the /etc/default/grub file and ran update-grub.  i'll restart again and come back in a minute.
<smb> sleepee, No, I think just the string I wrote. Basically the top level menu of the Xen hypervisor entries
<sleepee> i must not be seeing where that comes from.  what line is that from the pastebin?
<smb> sleepee, 220
<sleepee> ok.  i'm going to change right now.
<sleepee> ok.  reboot time.  i'll let you know if it works.
<smb> ok
<Sentynel> anybody using the ec2 package mirror getting signature errors on precise-updates at the moment? I don't *think* it's at my end (have run apt-get clean, cleared /var/lib/apt/lists, etc, with no changes)
<sleepee> smb, it worked!!!
<smb> cool. And I added a note to the guide (hopefully correct and understandable)
<sleepee> you just edited the xen documentation?
<smb> Well the community doc, yes
<sleepee> ok.  i see the change.  it makes sense now.  thanks for your help smb!
<smb> sleepee, your welcome :)
<sleepee> i've got to go now, but you were awesome!
<coreycb> jamespage, zul: can one of you review this when you have a chance?  https://code.launchpad.net/~corey.bryant/ubuntu/trusty/python-neutronclient/1292661/+merge/211333
<smb> zul, Just to check, you are not uploading any libvirt for Saucy any soon?
<zul> smb: nope
<zul> smb:  unless hallyn  has something
<smb> zul, Well I got something we waited for the previous upload to go to updates and I just recently modified the proposed fix for that
<coreycb> jamespage, zul: ps: do I need to ping you for reviews or is submitting a merge review enough?
<jamespage> coreycb, done
<jamespage> coreycb, ping is good at this point in cycle
<coreycb> jamespage, thanks!  Ok
<jamespage> coreycb, I think zul and I both acked you - merged!
<zul> jamespage:  yep
<smb> zul, hallyn kind of has it on his todo. Just wanted to avoid doing too many small uploads if you were about to do one for S, too
<hallyn> smb: zul: nless i have something for what?
<zul> hallyn:  libvirt saucy
<hallyn> there's an existing upload,
<smb> hallyn, I just saw zul upload a version for T
<hallyn> other than taht i only had smb's right now
<zul> jamespage:  huzzah https://launchpadlibrarian.net/169822752/buildlog_ubuntu-precise-amd64.libvirt_1.2.2-0ubuntu3~cloud0_UPLOADING.txt.gz
<coreycb> jamespage, zul: thanks!  you guys are quick. :)
<smb> hallyn, And note that I just updated the fix for S in bug 1248025
<hallyn> smb: yup, saw that, thanks.  when the other fix clears, i'll look at that bug for the latest diff :)
<smb> hallyn, Ok, cool. Yeah, just tried to avoid multiple uploads as the previous upload seems to be in updates right now and zul was doing something for T which may have been something to go into S, too
<zul> smb:  its not going into S
<smb> zul, /me is always trying to play safe. :)
<zul> smb:  i know :)
<hallyn> zul plays by a more freewheeling set of rules :)
<zul> hallyn:  the cloud awaits you :)
<jamespage> zul, what was the fix?
<zul> jamespage:  LDFLAGS = $(shell dpkg-buildflags --get LDFLAGS|sed -e 's/-Wl,-Bsymbolic-functions//g') in the debian/rules
<jamespage> zul, smb: is it possible to get whatever fix we need for Xen in the CA into trusty as well?
<zul> jamespage:  im working on xen now as well
<smb> jamespage, That is already there
<jamespage> smb, urh - that was for libvirt
<zul> smb:  its gone in Xen
<jamespage> smb, zul has other magic for xen
<smb> jamespage, Just minus a little update to avoid an unnecessary error in libvirts log
<smb> zul, The LDFLAGS magic was gone in S (Debian made some fix to which flags are pulled when)
<zul> smb: hmm...ok
<zul> suck
<shellox> id anyone got a copy of The Official Ubuntu Server Book,  3nd Edition, July 2013
<shellox> bought it a while ago, but I'm travelling now and would like to have a PDF of it
<dylanl> Can someone point me to the maintainer of the precise-updates apt repo that is hosted on Amazon S3?  I am getting a signing issue running apt-get update and think there may be an issue with the repository
<sander^work> Why is lynx/curl not working to outside internet when I am logged in with su - username .. but it's working when I use sudo -u username -s
<sander^work> seems it's working when I have proper root enviroment only.
<Sentynel> dylanl: I've been trying to find out too, but no luck yet
<dylanl> Sentynel: thanks.  I asked a question on the Ubuntu forums (https://answers.launchpad.net/ubuntu/+question/245627) and AWS forums (https://forums.aws.amazon.com/thread.jspa?threadID=148233&tstart=0).  Do you mind commenting so people realize it isn't an isolated issue?
<RoyK> Am I right in guessing that 14.04 will use a strange mix of sysv+upstart+systemd?
<Sentynel> dylanl: commented
<RoyK> http://paste.ubuntu.com/7108777/ <-- "System information disabled due to load higher than 1.0
<RoyK> but the load is <1
<dylanl> Sentynel: thanks.  I figured an apt repository used by AWS customers would be a carefully watched thing but I guess not...
<dylanl> Sentynel: it looks like this might be isolated to us-east-1.  If I create a brand new instance in us-west-2 I can run 'sudo apt-get update' successfully.  Not sure if that helps you at all
<Sentynel> dylanl: yeah, there's separate mirrors for each ec2 region
<Sentynel> it's not causing me any problems just yet; it's just it's refusing updates on my established ec2 server
<dylanl> Sentynel: Yeah, wasn't sure if this was impacting all mirrors or just us-east-1.  We provision a new box each time we deploy so this is blocking us from deploying at the moment.
<rbasak> Sentynel: dylanl: are the other references you found current, or are they historical?
<Sentynel> rbasak: somebody else asked in #ubuntu a couple of hours back
<Sentynel> when I first noticed it
<rbasak> There's a race condition which can get apt stuck into that situation I think (it'll cache the bad or old file).
<rbasak> OTOH, it could be a problem with the mirror.
<rbasak> utlemming: ^^ including backscroll going back ~90 minutes.
<utlemming> rbasak: ugh
<dylanl> rbasak: Pretty sure this is an issue with the us-east-1 repository mirror.  us-west-2 works fine.  And sudo rm /var/lib/apt/lists/* -vf followed by a sudo apt-get update doesn't fix the issue
<rbasak> dylanl: thank you for the confirmation. I think utlemming is looking into it.
<utlemming> rbasak, dylanl: yes, indeed we are on it :)
<utlemming> rbasak, dylanl: sorry, and thank you for your patience
<dylanl> utlemming: Great, thank you!
<dylanl> Sentynel: fyi - utlemming is looking at this
<Sentynel> dylanl: yup, I saw, thanks
<dylanl> Sentynel: np
<utlemming> dylanl, Sentynel: DNS has been updated. As soon as the DNS cache times out things should start working
<dylanl> utlemming: Fantastic, thanks.  Also, for my info, are you with Amazon/AWS or Ubuntu?  It would be helpful for me to know where to report issues like this in the future
<utlemming> dylanl: I work for Canonical/Ubuntu.
<dylanl> utlemming: thanks.
<utlemming> dylanl: generally AWS lets us know pretty fast about mirror issues, but in the future #ubuntu-mirrors is a great place. Our IS team watches that IRC sub.
<Sentynel> utlemming: I asked in there
<utlemming> Sentynel: hrm, well normally that works.
<dylanl> #utlemming: got it, thanks.  I opened a question on Launchpad as well (https://answers.launchpad.net/ubuntu/+question/245627).  I didn't see a way that I could close that.  Not sure if you can.
<toyotapie> I added a startup script to /etc/rc2.d It has the executable bit but isn't executed when the server boots. Where can I see a log of why it wasn't executed ?
<toyotapie> ubuntu 12.04 LTS
<sarnold> toyotapie: did you add the corresponding S??name symlinks too?
<toyotapie> yeppers
<toyotapie> S99myscript
<toyotapie> I added the script to /etc/init.d/ and the symlinks in rc2.d
<toyotapie> runlevel says I am in 2
<toyotapie> if I call it myself, /etc/init.d/myscript start, it stats immediately
<toyotapie> README says I might need the LSB style header
<toyotapie> So the question is where is init logging too ?
<toyotapie> to*
<sarnold> toyotapie: there's a /var/log/boot.log -- I suspect it isn't as useful as you'd like though
<toyotapie> Just my luck, I don't have boot.log
<sarnold> toyotapie: and the 'upstart jobs' are logged din /var/lor/upstart/* -- but that doesn't appear to have the sysv compat jobs
<toyotapie> yea, for some reason my ubuntu 12.04 doesn't seem to have upstart
<toyotapie> I am looking at syslog right now. fingers crossed...
<RoyK> toyotapie: 12.04 uses upstart
<toyotapie> something is horribly wrong with this machine. All my other 12.04 machines have upstart. THis one doesn't...
<toyotapie> lol
<toyotapie> it's not ubuntu
<RoyK> hehehe
<toyotapie> All my servers except 2 run ubuntu
<toyotapie> one runs centos and the other debian
<toyotapie> this one is debian
<toyotapie> I feel like a complete idiot
<toyotapie> sorry to have wasted your time.
<RoyK> debian just uses sysv
<RoyK> so does centos
<toyotapie> I only use centos because of proprietairy software
<toyotapie> and debian for t38modem
<RoyK> oh
<RoyK> t.38
<sarnold> toyotapie: well now, that just raises new questions :) whyu isn't that machine's sysv-init working? :)
<RoyK> I've had nightmares about that
<toyotapie> sarnold I wish I knew. I am checking now.
<raj__>  when I logged out of a ssh connection on remote server, I got message : Received SIGHUP or SIGTERM, what does this mean ?
<toyotapie> I deleted all the /etc/rc?.d/S99myscript files. I did this instead "update-rc.d t38 start 2 3 4". Now when I reboot, the t38 service starts fine. thanks for your help even though it wasn't debian
<toyotapie> ubuntu*
<toyotapie> I created a new motd script and distributed it to all my servers, now it says which O/S is on the machine when I log in :)
<RoyK> hehe
<sarnold> toyotapie: haha, nice :)
<RoyK> I usually know, or I can run a uname -a or lsb_release -a or something to find out if I'm curious ;)
<toyotapie> In my case, it's easy. It's always Ubuntu unless the ssh takes more than 10 seconds to connect, at which point it's CentOs.
<sarnold> raj__: SIGHUP is sent to processes when their controlling terminal is disconnected -- e.g., closing an ssh connection. you might have had a background task running or suspended or similar.
<toyotapie> I always forget that I have a machine running on debian
<RoyK> toyotapie: if so, it's probably a dns reverse issue, or there's ipv6 in dns and the server isn't configure correctly
<toyotapie> http://pastebin.com/MvfPjEJn
<toyotapie> I know why centos is slow, it activates GSSAPIAuthentication by default. Once I disable it and 'UseDNS no', it's as fast as ubuntu
<raj__> sarnold: so  that should be normal when i exit an ssh conn to remote server .. right ?
<RoyK> toyotapie: then fix your dns
<sarnold> raj__: I wouldn't say 'normal' but 'not unexpected' anyway
<RoyK> toyotapie: I have rather a few rhel/centos machines running at work, and it takes a fraction of a second to login
<raj__> okay..
<toyotapie> once GSSAPIAuthentication is off, it takes less than 1 second to login.
<RoyK> toyotapie: never disabled that on any of my machines
<toyotapie> do you have a dns resolver on each machine or do you have one for all of your servers or do you use ISP provided DNS servers ?
<RoyK> we have our own dns servers
<toyotapie> I am looking for a command that will handle a line of input similar to PHP's preg_match. I want to give a regular expression, and the values that are in brackets are each assigned to a bash variable.
<toyotapie> Is there any command that can do this ?
<toyotapie> I think I may have found my answer
<toyotapie> n/m
<toyotapie> http://stackoverflow.com/questions/2624300/save-part-of-matching-pattern-to-variable
<thumper> hallyn: ping
<hallyn> .
<thumper> hallyn: I have an intersting lxc issue
<thumper> I'm following bug 1293549
<thumper> trying to skip past the unknowns
<thumper> I have an lxc container
<thumper> cloned from a precise ubuntu cloud
<thumper> I have done the following:
<thumper> sudo chown ubuntu:ubuntu /etc/ssl/private
<thumper> $ ll /etc/ssl  # output snipped
<thumper> drwx------ 2 ubuntu ubuntu 4096 Jun 4 2013 private/
<thumper> $ ll /etc/ssl/private
<thumper> ls: cannot open directory /etc/ssl/private: Permission denied
<thumper> any idea why?
<raj__> for a service although a pid file exists but still on attempt to start service, it fails saying "* could not access pidfile for Cassandra"... checked folder permissions under /var/run(owner: root) , the subfolder cassandra is owned by cassandra user but still serivice cannot access pid file.. & the file exists as well..(as pid is shown in cat)..so why says it can't service access pid file?
<hallyn> if you can put a short set of lxc commands to reproduce it in the bug, that'd be useful
<thumper> logged in as ubuntu user
<raj__> & running the service as a standalone process just works.. but not  using "service <service-name> start"..!
<thumper> hallyn: ok, let me see
<hallyn> thumper: it could be apparmor messing up (has happened before), overlayfs (has happened before esp with apparmor),
<thumper> hallyn: my gut tells me it is aufs
<hallyn> d'oh
<thumper> I just have a call now
<thumper> but will try to get a short list of commands after that
<hallyn> thx
<sander__> Some how the enviroment variable $http_proxy is set for normal users(not root).. I've checked with bash -lx and figured out bash didnt set it.. How do I figure out where it's set? (I want to remove it).
<qman__> sander__: grep -R http_proxy /etc
<qman__> should point you in the right direction
<sander__> qman__, thanks alot.. It was /etc/environment
<ilhami> Hey
<ilhami> anybody here?
<ilhami> I have a question. We have a school project where we have to setup servers and all that so I thought about using Ubuntu Server.
<ilhami> And I want to use my old laptop or desktop as my server
<ilhami> how fine will that work?
<ilhami> and is it easy to stress test? does Ubuntu Server have those tools?
<sarnold> ilhami: there are many ways to stress a machine; if you run a full compile cycle for something huge, like the linux kernel, you'll have some amount of faith in the hardware, kernel, and toolchain
<sarnold> ilhami: one machine that I thought was rock-solid for a few years showed trouble when I started asking it to run hour-long compile and package tasks (that was qt4-x11) -- after some way into the process, the machine would either log a non-fatal machine check exception or it would instantly reboot, having suffered from a fatal machine check exception
<ilhami> dude sarnold: I just have a database and a web service I am going to host
<sarnold> ilhami: if you want to stress-test a web service, probably the 'ab' tool can be made to help you out
<ilhami> I think it will be a hard enough to setup the server hehe :D
<RoyK> sarnold: if the server can't handle the load, just use varnish
<mekon> ilhami: its very easy
<ilhami> yeah we will use varnish I think
<sarnold> RoyK: I think he wants to stress test the machine a bit to make sure it's sane before relying on it
<ilhami> we would like it to be able to handle 50 requests per second? Is that fine?
<Sprocks> has anyone here used byobu?
<sarnold> ilhami: depends upon what those requests do...
<ilhami> like buying some products and also entering website
<ilhami> buying products from the website that is
<sarnold> ah, okay, nothing too fancy, it feels like the kind of thing that should work fine
<ilhami> i hope so.
<ilhami> Can I write the ISO to my USB?
<ilhami> .iso file
<ilhami> in FAT format?
<ilhami> and I should go for the LTS version right?
<RoyK> ilhami: 50 requests per second would be easy for most static work. if it's active pages, use caching like varnish
<sarnold> ilhami: depends upon what you're trying to do; if you want the USB stick to install ubuntu, you should use dd to -overwrite- the filesystem on the USB stick with the iso
<ilhami> I am on Windows now sarnold. :)
<sarnold> ilhami: oh..
<ilhami> I can't use Unetbooting now?
<ilhami> oops I mean for this
<sarnold> ilhami: maybe you can? I've not looked into it. a pal wrote this, it may also be able to help http://sourceforge.net/projects/win32diskimager/
<ilhami> yeah I have that tool actually :D
<ilhami> We are yet to find the hardware we want the server to be installed
<ilhami> we are thinking about an old laptop or desktop.
<ilhami> is there a huge difference between the LTS and the new 13.04 version?
<bekks> 13.04 isnt new, it is EOL. 14.04 will be released in April.
<sarnold> ilhami: 13.04 has already reached end-of-life; 13.10 release is still supported.  The newer release is using apache 2.4
<ilhami> oh yeah I meant 13.10 sorry
<sarnold> ilhami: sticking with 12.04 LTS would be a fine choice, it'll give you the opportunity to upgrade to 14.04 whenever you'd find it convenient, rather than being forced into upgrading soon
<ilhami> sarnold but I guess I can just update to 2.4 from the LTS version?
<sarnold> ilhami: if you choose to compile your own apache, yes, but that's an annoying hassle :)
<bekks> ilhami: No. There are no version bumps within a release of Ubuntu.
<ilhami> sarnold: when upgrading do I have to do a fresh install or is it now possible to upgrade without breaking packages?
 * hallyn tears out his hear and throw half of it at libdbus and half at pthreads
<thumper> hallyn: oh?
 * sarnold throws rocks at libdbus
 * thumper gets popcorn
<sarnold> ilhami: we expect that you can upgrade from release to release with a minimum of fuss; I understand some apache 2.2 configuration options have changed and are no longer available in apache 2.4; this is of course a possibility with most programs, but in general it works quite well
<sarnold> ilhami: (I've upgraded machines through seven or eight ubuntu releases, and upgraded through a decade of debian releases before switching to ubuntu; the history of safe upgrades is strong :)
<ilhami> sarnold I am really excited about this. :)
<ilhami> if it will work as we expect.
<ilhami> and if we can manage to set it all up
<ilhami> I just chose the LTS version merely because it is supported for much longer
<sarnold> hehe, reminds me of the first linux servers I deployed ages ago, on discarded hardware that was no longer useful for windows.. and got a clever little webserver for free out of dicsarded machine :)
<ilhami> hehe we can just use Xampp for what?
 * hallyn appreciates the backup :)
<ilhami> that*
<ilhami> sarnold did you use xampp as well?
<sarnold> thumper: I'm not sure popcorn is going to hurt, no matter how hard your throw it..
<sarnold> ilhami: no, I just installed apache by hand
<hallyn> it might be that stuff that smells bad enough to maek it feel nautious
<ilhami> sarnold hehe yeah that is possible too.
<ilhami> this server world is really new to me. :)
<ilhami> I hope I can come here to ask questions daily.
<sarnold> ilhami: sure can :) we also have a helpful guide that I refer to often: https://help.ubuntu.com/12.04/serverguide/
<ilhami> bookmarked!
<ilhami> thanks for the answers guys. I will maybe be back tomorrow. Have a good night
<sarnold> have fun ilhami :)
<thumper> hallyn: http://pastebin.ubuntu.com/7110917/
<thumper> hallyn: want a bug for that?
<hallyn> it's not good when _dbus_cmutex_lock itself can segv
<hallyn> thumper: pls just add that info to th eexisting bug and mark as affecting lxc
<hallyn> after all that's the root cause right?
<thumper> kk
<hallyn> and then i'll mark as affecting the kernel and apw will drop aufs from trusty
<hallyn> (hopefully not :)
<thumper> hallyn: https://bugs.launchpad.net/lxc/+bug/1293549
<hallyn> thx!
<thumper> np
#ubuntu-server 2014-03-18
<vrexus>  hey guys any idea how to diagnose a site hosted on vps becoming inaccessible within a minute after rebooting vps?
<raj__> is it safe to remove a process folder from /var/run/ if I think it has got wrong permissions, will it be recreated by process as before ?
<raj__> don't I lose any information by deleting /var/run/<process folder> when the process is not running??
<apw> hallyn, a naieve test of aufs shows that copy up correctly occurs for both chmod and chown on directories both privelledged and non ...
<apw> hallyn, i need to know what those commands actually do
<lordievader> Good afternoon.
<pmatulis3> morning
<lordievader> Hey pmatulis3, how are you doing?
<jamespage> zul, https://code.launchpad.net/~james-page/neutron/mlnx-plugin-split/+merge/211515
<zul> jamespage:  +1
<jamespage> zul, ta
<zul> jamespage:  the neutron ftbfs is starting to confuse me
<jamespage> zul, against trunk?
<zul> jamespage:  yeah
<jamespage> zul, hey - I'm going to rename the vpn and metering agent packages to drop the '-plugin-' bit
<jamespage> they are not plugins
<zul> jamespage:  ack
<zul> jamespage:  i need to rename oslo.sphinx as well
<zul> the binary package at least
<zul> jamespage:  nevermind about neutron i guess i fixed it last night :)
<zul> jamespage:  did you see this? http://pastebin.ubuntu.com/7114028/
<jamespage> zul, no - I've mainly been focused on bug fixing in b3
<jamespage> what does that do?
<zul> jamespage:  i have no idea yet..im almost catch up from last week ;)
<jamespage> zul, oh great - http://www.oneconvergence.com/
<jamespage> a new plugin! whoopie!
<zul> jamespage:  seriously?
<jamespage> zul, https://github.com/openstack/neutron/tree/master/neutron/plugins/oneconvergence
<NaGeL> Hello i just installed ircd-hibryd on my ubuntu 12.04 LTS, and ihavea couple of problems: i can't log in to /oper at localhost with Epic5, yet  from any other location i can easily oper. Alsoi installed hybserv and it can connect itself on localhost(aka when iam in Epic5) but when i am on my local machine(where i can oper) i get an eror about unathurized server acces.
<hallyn> apw: http://paste.ubuntu.com/7114149/
<hallyn> apw: so yes, the copyup does happen, but future permissions checks ignore the copyup
<zul> jamespage:  when you get a sec https://code.launchpad.net/~zulcss/neutron/one-convergence/+merge/211532
<NaGeL> helol anyone?
<apw> hi
<mardraum> NaGeL, I don't think anyone here will care enough to help you configure an irc daemon. Try a different channel or online help, forums, documentation.
<fish_> hi everyone
<fish_> how can I prevent the installer from installing resolvconf? I already using 'ubuntu- minimal' for "tasksel/first"
<patdk-wk> you dont?
<patdk-wk> just uninstall it
<patdk-wk> or make your own pkg select file
<patdk-wk> there is always deleting the /etc/resolv.conf symlink, and making the file yourself
<vrexus> is there any way to diagnose as to why my site runs somewhat slow after i boot vps and then comes to a complete grinding halt?
<Pupeno> Do you need a new CSR to generate a new certificate? I generate a new CSR for my private key to get an updated cert and they seem to be the same, the new and the old one.
<zul> jamespage:  does this make sense to you? http://pastebin.ubuntu.com/7114440/
<jamespage> zul, dropping the . ?
<zul> jamespage:  yes...the namespace changed
<jamespage> hallyn, re bug 1254872
<jamespage> https://bugs.launchpad.net/nova/+bug/1254872
<jamespage> upstream don't have a good reproducer other than failures in the gate
<hallyn> jamespage: i know, i put in a vague description
<hallyn> jamespage: i'm hoping the SRU team will be ok with it
<jamespage> hallyn, I think so - it will have to bake for the full 7 days tho
<hallyn> stgraber: bmullan: ^ that bug can be reproduced with an openstack setup, but not very well with a script
<stgraber> hallyn: so long as you have someone who can confirm the fix once it's in -proposed, I don't mind.
<hallyn> yup, we do - thanks
<semiosis> anyone know what is the status of the glusterfs MIR?  sarnold was going to do a security review last time I heard anything.  jdstrand, jamespage, marcoceppi, any updates?
<semiosis> thx in advance
<jamespage> semiosis, I expect its still in sarnolds' queue of work
<jdstrand> semiosis: it is on his list still (mentioned in standup meeting this week)
<semiosis> ok thx for the update
<semiosis> people are bugging me about this :)
<semiosis> i put up a PPA with qemu built with glusterfs support for the impatient
<jamespage> zul, ok - give me a hint - how do I rename and package and its upstart configuration at the same time?
<jamespage> zul, I'm ending up with multiple metering and vpn configs post upgrade
<zul> <package name>.<upstart daemon>.upstart doesnt work? and you might have to remove the old upstart job in a postinst
<j0lz> hi - i want to run a ruby script on my server where do i put the script
<jamespage> ubottu, bug 1234567
<tomixxx5> how can i see dns resolve path?
<tomixxx5> for example, if i do "ping http://www.google.at"
<jamespage> soren, reping re uvirtbot - appears to have gone awol
<jamespage> zul, commented on that MP - I don't think its an ml2 driver
<qman__> tomixxx5: dig www.google.at
<zul> jamespage:  thanks
<tomixxx5> qman__: thx
<jamespage> zul, https://code.launchpad.net/~james-page/neutron/agent-renames/+merge/211567
<jamespage> that was fiddly
<zul> jamespage:  +1
<jamespage> zul, thanks
<zul> i have keystone building locally....its slow as malasses
<jamespage> zul, yes
<zul> Daviey: #1294206 and #1294204 please drop python-savannaclient and savanna from the archive please.
<tomixxx5> do i have to restart network services if i change iptable rules?
<Daviey> zul, in a meeting.. will look later today.
<ilhami> can anyone help me?
<RoyK> !ask | ilhami
<ubottu> ilhami: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<ilhami> RoyK I have a problem with resolution on WIndows
<ilhami> I have a Ubuntu Server on VM
<ilhami> but I have to scroll to see "full" window
<zul> Daviey:  thanks
<ilhami> I am using Hyper-V
<RoyK> ilhami: http://askubuntu.com/questions/299975/proper-way-to-change-terminal-resolution-in-ubuntu-server-13-04 ?
<ilhami> ok let me try
<ilhami> RoyK my problem is not this
<ilhami> but this: http://nramkumar.org/tech/blog/2013/05/04/ubuntu-under-hyper-v-how-to-overcome-screen-resolution-issue/
<zul> jamespage/gaughen: I filed #1294204 and #1294206 to drop savanna
<jamespage> zul, did you mean to paste the same bug there?
<zul> jamespage:  probably not :)
<RoyK> ilhami: did't you mean console resolution was too high?
<ilhami> no GUI
<ilhami> :)
<RoyK> then ask on #ubuntu - GUI isn't a server thing
<ilhami> I asked in Windows. :D they helped me
<RoyK> ilhami: then what's the problem?
<ilhami> dunno. It says in the link I gave you
<ilhami> Why can't I connect to my SSH server?
<rostam> Hi I on my system I have a 120G ssd and 2G usb stick. I like to install the ubuntu server in efi mode, such that /boot/efi to be mounted off the usb stick, and the root filesystem mounted off the ssd disk. How could I accomplish this? thx
<RoyK> rostam: just curious, but why not /boot on the ssd?
<j0lz> rostam, go for manual partitioning and enter partitions manually ... usb /boot/efi and then partitions with mount / and another for swap
<j0lz> on the ssd
<j0lz> rostam, remember to put grub on the /boot/efi partition
<specialkevin> I have noticed in syslog that ufw is showing some blocked connections for a rule that is setup to allow those connections. It doesn't happened all the time. Every few hours I will see a batch of them. I know the rule works in general because it is allowing connections now.
<j0lz> rostam, so you have to make that partition bootable flag when partitioning
<j0lz> specialkevin, do you have fail2ban running?
<specialkevin> j0lz: yes, but not for watching this
<specialkevin> The connection is a database connection on an internal network
<j0lz> it sounds like ufw just doing it's job like blocking a flood or something like that
<Daviey> a
<ilhami> It's booting up without full network config
<ilhami> the problem is dhcp
<specialkevin> j0lz: well if that was the case I would expect 100s of blocked connections. The number varies from 5 to 10 in the period that they refuse connections
<rostam> jolz: thanks for your feedback, I got some errors and I started the reinstallation again. Is there a link or site that has references to what you just recommanded? thx
<j0lz> specialkevin, true it must be something else - my own mysql servers sometimes disappear for a moment or 2 ..
<rostam> j0lz, how can I make the grub partition bootable, this is for efi mode? thx
<j0lz> rostam, not that i know of because that is a highly customised partitioning scheme - I mess around a bit with partitions and had to boot from a usb because of having 2 raids on an old machine which i couldnt boot from so had to put the /boot on the usbn
<specialkevin> j0lz: anything thoughts on how I could debug this further or get more logging output from ufw when it blocks something
<j0lz> rostam, i dont use efi mode but that is just selected from your bios .. to make the partition bootable you select the option for the partition when you are manually partitioning it juring install
<j0lz> during*
<rostam> j0lz, thx
<RoyK> bug 1171945 is an old one
<RoyK> it'd be rather nice to get that fixed
<RoyK> wasn't there a bot here that took keywords like "bug"?
<sarnold> https://bugs.launchpad.net/ubuntu/+source/mdadm/+bug/1171945
<sarnold> hunh looks like an unhappy bot
<sarnold> doubtless when it revives we'll get a few hundred urls
<j0lz> specialkevin, I think just check yours ufw status and iptables -L to make sure you have correctly configured the firewall and I am not sure if you might find this useful --> http://ubuntuforums.org/archive/index.php/t-2020102.html
<SJr> I have an EXT4 file system and a directory on it, has a massive amount of files. How can I see even the name of one file if ls hangs for hours
<SJr> before printing the first line
<sarnold> SJr: ls -U will help; ls sorts its output first, and that can take forever
<RoyK> sarnold: thanks - was looking in the manual for that :P
<SJr> sarnold, still no luck. ls just starts taking 100%
<j0lz> HDIO_DRIVE_CMD(identify) failed: Inappropriate ioctl for device ......... device /dev/sde1 is not a drive that is known-safe for trimming ?
<SJr> ah
<j0lz> why am I getting this error - ^^
<SJr> ls -U -1
<sarnold> SJr: ah! yeah, that probably will help too :) heh
<xibalba> can you disable any network management type of thing in ubuntu?
<xibalba> ah i found the wiki on how to do it
<xibalba> who needs a NM in the server?
<zul> hallyn:  https://bugs.launchpad.net/ubuntu/+source/kvm/+bug/1294248
<patdk-wk> hmm, I wonder how many millions of files are in that folder
<hallyn> zul: and what are havana and icehose based on?
<specialkevin> j0lz: thanks, I checked out both ufw status and iptables -L. Everything is correctly configured. However, I didn't notice that all the blocked connections are SYN. Not sure if that helps add any info.
<sarnold> specialkevin: any chance the connections had been idle long enough for the state of the session to be expired?
<specialkevin> sarnold: is there a way I can check that with the ufw logs?
<hallyn> iiuc (based on https://wiki.ubuntu.com/ServerTeam/CloudArchive) that's a saucy->trusty upgrade that failed?
<sarnold> specialkevin: sorry, I don't know iptables well enough to know how to go look it up
 * hallyn tries it
<zul> hallyn:  saucy/trusty
<hallyn> yeah i'm doing a release upgrade test
<hallyn> zul: upgrade went fine here.  (it's at the removing packages stage so i don't expect it to fail now)
<hallyn> this was plain saucy->trusty, not cloud-archive
<hallyn> zul: are you sure that the icehouse-proposed archive isn't messed up (like a few packages are not there)?
<zul> hallyn:  im not sure...ill double check
<hallyn> thanks.
<jamespage> hallyn, I'm not sure https://bugs.launchpad.net/ubuntu/+source/kvm/+bug/1294248 is a bug
<jamespage> I upgraded havana->icehouse just fine - kvm does get bumped off but I don't think that actually matters
<hallyn> jamespage:  right it doesn't matter that it gest uninstalled, but it might matter that it is not installable
<jamespage> hmm - maybe
<hallyn> though rdepends shows nothing
<jamespage> hallyn, agreed
<jamespage> I think its a red-herring
<hallyn> so why is it no tinstallable?  is there something it conflicts with which didn't show up in the archive?
<zul> Daviey:  thanks
<zul> jamespage/gaughen: python-savannaclient and savanna is gone
<jamespage> zul, nice
<jamespage> hallyn, I see a Conflicts on qemu-kvm which would stop it being installable
<jamespage> (commented on the bug to that effect)
<hallyn> jamespage: qemu << 0.11?
<hallyn> how would that conflict?  surely qemu-kvm is at 1.7 in icehouse?
<Daviey> zul: please make sure you transition to the new name properly. :)
<jamespage> hallyn, not that bit
<jamespage> infact I'm not sure tbg
<specialkevin> Anyone know if there is a way to increase the ufw limit-burst with ufw? If not would I just increase it in /lib/ufw/user.rules
<jamespage> hallyn, yes " qemu-kvm : Conflicts: kvm but 1:84+dfsg-0ubuntu16+1.0+noroms+0ubuntu14.13 is to be installed.
<jamespage> "
<jamespage> aptitude explains things better
<jdstrand> specialkevin: there isn't. it is a feature request
<hallyn> jamespage: bah, i was thinking it was being created by qemu package;  apparently it just doesn't exist now?
<specialkevin> jdstrand: would I just modify the user.rules file to increase it?
<jdstrand> specialkevin: yeah, you can do that and then do 'sudo ufw reload'
<jdstrand> specialkevin: problem is, it will get overwritten
<jdstrand> specialkevin: another idea is to add the rules to /etc/ufw/before.rules
<jdstrand> those aren't overwritten
<specialkevin> jdstrand: would I just copy the limit-burst lines from user.rules into before.rules with the increased value?
<jdstrand> specialkevin: you would want to change ufw-user-input to ufw-before-input
<specialkevin> jdstrand: I don't have a ufw-user-input with a limit line. The only limits are in user.rules under the #Logging section like this one. -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
<Overand> How 'sane' are the snapshots / betas looking now?  Like, for personal use for spinning up a fairly not-busy, not-critical VM, make more sense to use 14.04 beta, or 13.10 and upgrade?  (Obviously there's no "right" answer)
<Overand> (that is, 13.10, wait 1+month, upgrade)
<ilhami> hey
<ilhami> how can I add a custom resolution to Ubuntu?
<guntbert> ilhami: it isn't worth the hassle - just ssh into the box
<ilhami> I have GUI on my Ubuntu Server
<ilhami> I have downloaded xming but I can't get it to work
<hallyn> utlemming: you seem like a vmware guy :)  would you want to ask for an FFE for --with-esx in libvirt?
<hallyn> zul: ^  your opinion?
<guntbert> ilhami: what are you trying to do? But anyway: GUI problems are not really on topic here
<zul> hallyn:  why?
<hallyn> zul: cause there are ppl who want to use vmware?
<hallyn> zul: if i could give a *good* rason for why, then i could open an FFE bug :)
<ilhami> I am trying to fix this resolution problem. Right now I can only choose one resolution in Displays
<zul> hallyn:  seems overkill to me
<zul> hallyn:  since vmware has their own api thing to manage vms
 * hallyn considers qemu command line an api as well
<zul> hallyn:  i dont have a good enough excuse
<Daviey> hallyn: I heard about you.  I heard there was one person that is able to use qemu command line.
<hallyn> zul: ok.  let's see if utlemming does
<hallyn> Daviey: they are making it harder and harder though :)
<hallyn> -device ab,48,sdfk,fwq=23, ...
<zul> Daviey:  hallyn is old school
<utlemming> hallyn: are you doing the work?
<hallyn> utlemming: lazy git :)  i'd be making the change ind ebian/rules, yes
<utlemming> hallyn: well, you know, public clouds consume all my time
<utlemming> hallyn: my opinion is that it would be a nice to have, but I would have a real hard time defending that FFE
<hallyn> utlemming: thanks, that's what i wanted to know :)
<hallyn> then we'll wait for 14.10.
<Daviey> hallyn: it's a http based API right?  Does it support SSL/TLS, securely?
<zul> alright im out of here
<hallyn> Daviey: uh, one would hope so, but i was only checkign for deps
<hallyn> yeah it does
<jocke92> Anybody know if postfix is able to store emails when my configured relayhost is down?
<Patrickdk> jocke92, only if you didn't scew it up
<ilhami> MORONS :D
<specialkevin> If I wanted to increase the default limit-burst in ufw how would I do it. It looks like the default limit-burst is set in /lib/ufw/users.rules however any changes there just get overwritten. I know there is a /etc/ufw/before.rules but I am not sure what ip-tables syntax I should use in there to increase the limit-burst.
#ubuntu-server 2014-03-19
<lordievader> Good morning.
<rostam> hi i am trying to install two instances of ubuntu on a same disk. Is this possible? thx
<lordievader> rostam: Dualboot of Ubuntu, sure it's possible :)
<rostam> lordievader,  is this possible using preseed file (automated) ?
<lordievader> rostam: Hmm, never done that. Perhaps someone else here can answer that?
<Tazmain> hi all what would be better unity or xubuntu to install on a ubuntu server ?
<haridas> Hi,
<haridas> I'm checking whether the Ubuntu server 12.04 will be compatible with the old HP HP-UX p018cg1 B.11.11 U 9000/800 machine ?
<Tazmain> Hi all, I have a ubuntu-raring-minimal install, on a server ( dont ask, didnt install it) how do i configure xorg or startx to launch xubuntu ?
<caribou> Tazmain: you may want to try tasksel, there is a Xubundu desktop task defined
<Tazmain> caribou, xubuntu is defined there
<jamespage> hallyn, turns out devstack still installs 'kvm' not 'qemu-kvm' - dosaboy is going to propose a change for that
<caribou> Tazmain: at least I can see a "Xubuntu desktop" task when I run tasksel
<Tazmain> caribou, well I can see that as well. it is selected.
<caribou> jamespage: I have a few requests to implement modification of sysctl kernel parameters in charms
<caribou> jamespage: what would be the best approach to implementing this :  modify each openstack charm or provide some kind of subordinate charm ?
<jamespage> caribou, context?
<caribou> Tazmain: then it looks like the xubuntu packages have been installed
<jamespage> i.e. which charm - might make a difference
<jamespage> infact this is the neutron-gateway charm right?
<Tazmain> caribou, but I cant start it
<caribou> jamespage: yeah, one of them is for the quantum^c^c^c^c^c^c^c neutron charm
<caribou> Tazmain: then the problem might be somewhere else
<jamespage> caribou, and are the changes specific to that charm?
<jamespage> if so then I don't see a problem with having that charm set them - it could be done optionally via confi
<jamespage> g
<Tazmain> caribou, how can I specify what session to start , I think lightdm is installed.
<caribou> jamespage: well, for this one the change is net.ipv4.neigh.default.gc_thresh* but I can imagine that down the road some other parameters might need tweaking
<jamespage> caribou, OK - but as we learn about those we should be updating the charm
<jamespage> caribou, I'd recommend making the change direct in neutron-gateway - would the same thing be recommended on compute nodes?
<caribou> Tazmain: you may want to try 'start lightdm', indeed
<Tazmain> caribou, have that running,but when I go to it, with vnc or intel remote managed console i get failed to start session "gnome"
<caribou> jamespage: so you would not go for some *generic* way of changing any of the sysctl parameters ?
<caribou> Tazmain: then it's a GUI issue, it's out of my area of expertise
<caribou> Tazmain: you may want to ask in #ubuntu-desktop or some similar room
<Tazmain> caribou, I will do that thank you
<jamespage> caribou, I think I would probably write some sort of helper to twiddle sysctl knobs
<jamespage> so other charms can re-use it
<jamespage> rather than use a subordinate
<caribou> jamespage: yeah, that's what I had in mind : make it generic enough so anyone can use it
<Tazmain> caribou, regarding users and groups, the ubuntu server guide is really limited on that, is there another guide somewhere ?
<hxm> hi
<hxm> how to run a cron every few seconds?
<hxm> */<seconds>?
<shwaiil> Hi
<shwaiil> Q: I'm running 12.04 as a virtual server on virtualbox. There was a power surge, now it doesn't boot can't find the Fs. I'd like to run the liveCD, but the liveCD I've got is the desktop 12.04 and it's not running in low graphics mode.
<shwaiil> That's the only version of liveCD available ? or for server version there's a different one ?
<shwaiil> Thanks
<jamespage> hallyn, stgraber: could we get the libvirt pending acceptance for precise-proposed into proposed? this issue is causing quite a bit of headache upstream in openstack
<cfhowlett> shwaiil, desktop, server, and mini iso's are available
<jamespage> hallyn, stgraber: please :-)
<shwaiil> cfhowlett: thanks for lookINg! I'm not really finding the server livecd version though if there's such a thing
<cfhowlett> shwaiil, I don't think server has a LIVE option ...
<shwaiil> oh ok
<_ruben> ah bugger, that'll teach me .. upgraded one of my vms from precise to trusty without creating a snapshot, result: a non-booting vm :)
<_ruben> seems to fail at grub already
<cfhowlett> !trusty|_ruben,
<ubottu> _ruben,: Ubuntu 14.04 (Trusty Tahr) will be the 20th release of Ubuntu.  See the announcement at http://www.markshuttleworth.com/archives/1295 for more info. support in #ubuntu+1
<jamespage> bug 123456
<uvirtbot> Launchpad bug 123456 in xine-lib "podcast crashes amarok" [Undecided,Fix released] https://launchpad.net/bugs/123456
<jamespage> oh - hello uvirtbot!
<jamespage> thanks soren
<shwaiil> Q: Any tips or advice on how to solve ? VFS: cannot open root device "mapper/ubuntu--server-root" or unknown-block(0,0): error -6
<shwaiil> I can successfully mount /dev/mapper/ubuntu--server-root /foo
<jamespage> hallyn, re bug 1291321 - do you think we should have an expectable to be able to live migrate instances from 12.04 to 14.04?
<uvirtbot> Launchpad bug 1291321 in qemu "migration fails between 12.04 Precise and 14.04 Trusty" [High,Confirmed] https://launchpad.net/bugs/1291321
<codepython777> has anyone setup an imap server here?
<codepython777> I had a few questions about postfix+imap
<dwarder> are there repos with the latest stable LAMP for ubuntu 13.10
<dwarder> i.e. latest stable mysql php apache2
<rbasak> tych0: for bug 1284652, does DEBIAN_FRONTEND=noninteractive not work? Or are you unable to do this in your case?
<uvirtbot> Launchpad bug 1284652 in maas "maas/installation-note could (should?) be echoed to the CLI, not a debconf note" [High,Confirmed] https://launchpad.net/bugs/1284652
<shwaiil> I've got a boot problem and I don't know how to fix it
<shwaiil> http://paste.ubuntu.com/7119904/
<shwaiil> Mounting failed:   mount: unknown filesystem type ''
<shwaiil> Boot sector type:  Unknown
<shwaiil> is there a way to fix this ?
<shwaiil> my server is running as a virtual server through virtual box
<shwaiil> I'm currently running the liveCD
<shwaiil> Any help would be appreciated, as I don't know what to do
<cfhowlett> shwaiil, are you installed?
<shwaiil> cfhowlett: thanks for looking! my server was running fine till today, last night there was a power surge
<shwaiil> this morning I opened virtual box and tried to load my ubuntu image and it gets stuck
<shwaiil> it's a long error but this is what I got "VFS: cannot open root device "mapper/ubuntu--server-root" or unknown-block(0,0): error -6"
<shwaiil> I can do mount /dev/mapper/ubuntu--server-root /foo'
<shwaiil> and ls /dev/mapper
<shwaiil> returns ubuntu--server-root and ubuntu--server-swap_1
<cfhowlett> and your suppressor was - out to lunch?  sorry, had to poke you.  anyway, your actual hardware could be damaged or your host or guest OS could be scrambled.  reinstallation time, perhaps?
<shwaiil> cfhowlett: so there's no way to fix this ?
<cfhowlett> shwaiil, I don't run server enough to claim expertise.  I HAVE experienced a surge.  complete OS reinstall was the only fix but YMMV.
<rbasak> lamont: any news on bug 1288823 please?
<uvirtbot> Launchpad bug 1288823 in bind9 "Trusty bind9 RRL " [High,Triaged] https://launchpad.net/bugs/1288823
<hallyn> jamespage: nothing i can do about acceptance into libvirt-proposed
<jamespage> hallyn, yeah - that's why i was pinging stgraber
<jamespage> (kinda CC'ing you)
<hallyn> jamespage: migration is never guaranteed between versions, but the goal is usually for it to work when moving forward (and never backward)
<hallyn> I'm juggling a few balls, still thinking about that one.  It seems to me since we can detect this in qemu, we should be able to fix it
<stgraber> jamespage: let me see what I can do
<jamespage> stgraber, ta
<stgraber> accepted into proposed
<smoser> hallyn, i'm sure i'm just being stupid
<smoser> what am i doing wrong: http://paste.ubuntu.com/7120099/
<hallyn> smoser: you need some subuids bc you're not doing it as root
<hallyn> did you mean to sudo?
<hallyn> if not, then 'usermod -v 100000-200000 -w 100000-200000 smoser'
<hallyn> oh, maybe you do have them but you just need a lxc config file
<hallyn> check /etc/subuid for a smoser entry
<smoser> you're right. i dont have them.
<hallyn> then add 'lxc.id_map = u 0 150000 10000' and 'lxc.id_map = g 0 150000 10000' to
<smoser> i actually *meant* to sudo, but didn't. then realized i hadn't and thought ... shouldnt this work ?
<smoser> maybe it'd be nice to inform me of that when i'm dumb :)
<hallyn> ok, you'll still need a config file at ~/.config/lxc/default.conf
<hallyn> but no cirrus probaby wont work,
<hallyn> as it will probably try to create devices.  not sure
<Obsdark> hey oh
<Obsdark> i have some problems, i download the 12.04 version from the official site and also manage to fix the internet connection for a static ip (i think)
<Obsdark> my problem is i can't make it download the install components
<Obsdark> i'm trying to install it through USB stick in a notebook (ver 32x)
<Obsdark> thanks in advance
<Obsdark> hey oh i have some problems, i download the 12.04 version from the official site and also manage to fix the internet connection for a static ip (i think) my problem is i can't make it download the install components i'm trying to install it through USB stick in a notebook (ver 32x) thanks in advance
<Obsdark> anyone?
<Obsdark> i'm a noob ubuntu (and linux) user but i manage to make a CentOS work, if that's help at all
<groggster> Hi! I am thinking about applying for a job as a sysadm at Canonical... I am looking for another sysadm working there to explain a few things to me before I do so. Is this the right channel?
<cfhowlett> groggster, nope
<cfhowlett> !canonical
<ubottu> Canonical Ltd. is committed to the development, distribution and promotion of open source software products, and to providing tools and support to the open source community. It is the driving force behind the Ubuntu, Kubuntu, Xubuntu, and Edubuntu Operating Systems. Canonical's website is at http://www.canonical.com/
<groggster> cfhowlett: Okay, thanks!
<shwaiil> Q: how to expand the /boot partition I've got at 100% on ubuntu 12.04 lts ?
<cfhowlett> !gparted|shwaiil,
<ubottu> shwaiil,: gparted is a !GTK/!Gnome !GUI partitioning program. Type Â« sudo apt-get install gparted Â» in a console to install it - A GParted "live" CD is available at http://gparted.sourceforge.net/livecd.php
<cfhowlett> shwaiil, run gparted and resize the partitions is one option OR you could clear out your old kernels which are probably clogging your /boot
<shwaiil> cfhowlett:  clear old kernels, ok I'll do that
<pmatulis3> in an lxc container i do not have cli tab completion for when using sudo (sudo apt-ge<TAB>).  how do i rectify?
<pmatulis3> default shell is /bin/bash for default user 'ubuntu'
<rbasak> pmatulis3: do you have bash-completion installed in there?
<pmatulis3> rbasak: yes, it works for non-sudo
<RoyK> pmatulis3: sudo -i :P
<pmatulis3> RoyK: bzzt
<RoyK> :)
<shredding> I'm learning init.d, many of the preinstalled scripts have "set -e"
<shredding> what is it meaning?
<shredding> Does it mean, whenever an error occurs in the scripts, it terminated?
<lazyPower> shredding: yep. on first error, terminate output
<lazyPower> er, terminate execution
<shredding> okay
<shredding> I'm investigating why a service (solr) is not started.
<shredding> ATM it's not starting.
<shredding> What are my debug options?
<shredding> The script is running if i run /etc/init.d/solr start
<shredding> I run sudo update-rc.d solr defaults
<shredding> it's not working and i now do not know how to investigate.
<raj__> if my domain name is "www.mydomain.com", what could likely be my unqualified hostname & FQDN ?
<shwaiil> Q: My Ubuntu 12.04 LTS is running under virtual box. After a system crash, I've noticed that the adapter name turned eth0 to en0, not sure why! So, for this reason, my virtualmachine is not available on the network. I know about the interfaces file but not sure what to do. Any hints ? Thank you!
<rbasak> shwaiil: look up biosdevname to understand why you get en0. You could either just change eth0->en0 in /etc/network/interfaces, or disable biosdevname and stick to eth0.
<shwaiil> rbasak: thanks for looking! biosdevname
<shwaiil> humm ok
<RoyK> with iostat, does tps show actual iops? the numbers I get seem rather high for those 5900rpm drives I'm using in this box
<ilhami5> Anybody here?
<ilhami5> I am reinstalling Ubuntu Server and I get this...
<ilhami5> Network configuration failed..
<ilhami5> Your network is probably not using DHCP
<ilhami5> and some more.
<rbasak> jamespage: http://metadata.ftp-master.debian.org/changelogs/main/g/golang/unstable_changelog - looks like we want to merge or cherry-pick golang (2:1.2.1-2). The bug suggests that docker is impacted.
<jamespage> rbasak, +1 yes
<jamespage> rbasak, and we should look at syncing docker.io again
<jamespage> rbasak, I poked at the lxc/networking stuff in 1.17.5 of juju-core with trusty; its broken on the bootstrap node but not on other nodes
<jamespage> bug 1271144
<uvirtbot> Launchpad bug 1271144 in juju-core "br0 not brought up by cloud-init script with MAAS provider" [Critical,Triaged] https://launchpad.net/bugs/1271144
<jamespage> roge is working on it
<rbasak> jamespage: maybe he could stop calling "networking restart" while he's at it?
<rbasak> It sounds like a very related issue to me.
<jamespage> rbasak, well for the bootstrap node its an ordering thing
<jamespage> rbasak, if you drop in a do ifdown && ifup it gets fixed
<jamespage> rbasak, what was the other bug reference?
<rbasak> jamespage: https://bugs.launchpad.net/juju-core/+bug/1248283
<uvirtbot> Launchpad bug 1248283 in juju-core "juju userdata should not restart networking" [High,Triaged]
<jamespage> rbasak, ta
<ilhami6> I need some serious help. I have installed Ubuntu VM on Hyper-V but can't get it connected to the internet
<pmatulis> ilhami6: check the guest's network card, does it exist?  does it have an IP address?
<ilhami6> I only see: lo and virbr0
<ilhami6> where is eth0?
<ilhami6> it's not there?
<pmatulis> ilhami6: so *get* it there
<ilhami6> how?
<pmatulis> ilhami6: see what card windows is emulating
<ilhami6> hey wait.
<pmatulis> ilhami6: you may need to change it so linux can deal with it
<ilhami6> 2 sec
<Havenstance> so if im setting up a server with 4 nics, I want one to be internet facing and share with the other 3 on different subnets. Is there a tutorial that covers this somewhere?
<Havenstance> I had one im following but its only for a 2 nic setup. refers to eth_safe & Eth bad with safe being  eth0 and bad being eth1
<Havenstance> could i just assume i follow the setup for the 1st eth_bad being eth 1 and then duplicate the config for eth 2 and 3 being the same as eth 1?
<Havenstance> cuz tbh i'd like to config this as eth0 being internet facing and eth 1, 2, and 3 being intranet facing and have the server be DHCP
<Havenstance> for all 3
<rbasak> smoser: please can you subscribe ~ubuntu-server to docker.io?
<ilhami6> THERE IS A PROBLEM. I cannot set my Wireless NIC as my external switch?
<ilhami6> it gives me an error
<smoser> rbasak, done
<rbasak> Thanks!
<balloons> jcastro, ping
<balloons> perhaps someone else then :) I'm curious why,  nmcli con add is missing from nmcli. Specifically, how would you recommend configuring a network connection on a server? Not use networkmanager?
<Havenstance> im trying to figure out how to do that as well. 4 nics one internet facing 3 internal facing ints assign others dhcp
<sarnold> Havenstance: do you want to LACP those nics together into 'one' interface? or do you want that machine to have three different internal IPs?
<Havenstance> sarnold, whatever I have to do to make it work at this point
<sarnold> Havenstance: LACP would require a smartish switch -- so it's beyond my experience :) -- but it would give the ability to treat it as 'one' IP and different traffic from different hosts would be routed to which port based on some hashing function. it sounds slick.
<rbasak> balloons: the usual way to configure networking on a server is via /etc/network/interfaces. No Network Manager.
<parallel21> I second LACP. I don't generally see an advantage to having two separate ip's for one machine
<jrwren> if you don't have fancy switches, you can bridge two nics
<jrwren> then assign 1 ip to the bridge. then connect the two nics to two different switches in teh data center.
<jrwren> now you can suffer a switch outage and your services on that IP stays up
<balloons> rbasak, thank you..
<RoyK> parallel21: LACP is fine, but severa interfaces with different IPs can be good for iscsi multipath if that's what he's doing
<RoyK> s/severa/several/
<RoyK> jrwren: if you're in a datacentre, the switches will probably support LACP
<RoyK> a datacentre with dumb switches seem like a rather dumb idea to me
<ilhami6> RoyK I still havent solved the issue
<ilhami6> can you not help?
<RoyK> ilhami6: what was the issue?
<ilhami6> no internet connection on guest OS
<ilhami6> Ubuntu VM
<RoyK> bridge or nat? and what hypervisor?
<ilhami6> I don't know how to configure this. I have tried everything.
<ilhami6> I am using Hyper-V
<ilhami6> bridge
<RoyK> I haven't used hyper-v in a while
<ilhami6> I even asked in Windows. Worst channel ever.
<RoyK> but guess they'll say "ubuntu isn't supported"
<ilhami6> I think it's a Windows issue though
<ilhami6> :D
<RoyK> I had a few vm's on ubuntu on hyper-v in my last job
<ilhami6> but I think you can handle it
<RoyK> networking worked well until it was stressed, then it just cut off
<ilhami6> yeah but this isn't even stressed :D
<RoyK> I ended up setting up a kvm cluster for linux vm's
<RoyK> less hazzle
<ilhami6> I am going to stress my server later if I ever set it up
<ilhami6> so you have some tricks? :D
<ilhami6> I am not talking about magic btw hehe
<RoyK> yeah, the trick was not to use hyper-v :P
<ilhami6> yeah indeed I will not do that in the future.
<ilhami6> but I want to solve this.
<RoyK> using ESXi in this job
<RoyK> 200ish VMs, mostly linux, all distros work well
<ilhami6> :D
<ilhami6> But RoyK do you think we can solve this?
<ilhami6> I set up a bridge
<ilhami6> it says it's connected
<RoyK> a bridge on linux?
<ilhami6> no no on the host(Windows)
<ilhami6> WIth the internal and external virtual switch
<RoyK> does it work with linux VMs?
<RoyK> guess it's a hyper-v config issue
<ilhami6> it sucks
<ilhami6> so much
<RoyK> ilhami6: imho hyper-v works well if configured correctly, apart from the network issues :P
<RoyK> most systems need to configured well to work
<ilhami6> dude I have been trying all day
<ilhami6> :S
<ilhami6> :(
<ilhami6> I am dying
<RoyK> can't help you with hyper-v, man
<ilhami6> nobody can :D
<ilhami6> I am on my own.
<RoyK> again, does it work with windows VMs?
<ilhami6> haven't tried with Windows VMs
<ilhami6> and I can't. :) I dont have any Windows CD?
<ilhami6> but RoyK I can tell you it has worked before.
<ilhami6> with Ubuntu
<ilhami6> then something got messed up
<raub> So, from what I read in the update-ca-certificates man page, if I add/delete a cert to   /usr/share/ca-certificates. How can I verify if it has been added/deleted once I run update-ca-certificates.
<raub> s/s. H/s, h/
<RoyK> ilhami6: try a new vm
<ilhami6> RoyK can two VMs conflict with each other?
<ilhami6> like Hyper-V with Virtual Box?
<RoyK> hardly
<RoyK> but why run both?
<ilhami6> I have both installed
<ilhami6> just asking if they could conflict
<RoyK> ilhami6: anyway - these questions aren't really related to ubuntu server if that's only the guest os
<pmatulis> ilhami6: i've used hyper-v no problem, but like i said before, i had to change what network adapter it offered to its guests
<pmatulis> ilhami6: there was also some BIOS setting, i can't remember what that was, just google 'hyper-v bios'
<Martyn> Afternoon all :)
<cyphermox> balloons: indeed, don't use NetworkManager on server.
<balloons> our redhat brethren seem to support / enable this, so this is from where the question arose. I appreciate the clarification. seems like debian never implemented the same bits
<bekks> balloons: To answer your initial question: on a server, I'd manually configure the network using /etc/network/interfaces
<Overand> Awe, libvirt doesnt' seem to have hot-resize support for disks?
<Overand> maybe i'm misreading - curious if anyone has experience with it
#ubuntu-server 2014-03-20
<Hornet> having massive issues installing on an n54l server - currently, unable to boot normally after grub, but recovery mode boot works
<Hornet> need assistance to un-screw it if possible
<Hornet> I should add that live mode booting is fine
<thumper> hallyn: what would cause this? error executing "lxc-start": command get_init_pid failed to receive response
<hallyn> thumper: uh, not sure.  best to get 'lxc-start -l trace -o debug.out' output to get more info
<hallyn> ok, rebooting my server so will be off irc for the night.
<lordievader> Good morning
<cfhowlett> lordievader, greetings
<lordievader> Hey cfhowlett, how are you?
<cfhowlett> lordievader, hey.  what's your ubuntu problem?
<lordievader> cfhowlett: Err, none. I just hang around. Learn a bit here and there.
<cfhowlett> lordievader, excellent.
<lordievader> :)
<jamespage> rbasak, looking at the golang merge now
<ilhami> can ONE server be scalable?
<Tazmain> hi all, how do i get different cnames for my server to resolve to different sites or services, do I use the hostname file or site-available in apache ?
<shwaiil> hi
<shwaiil> I've changed the hostname how to see the changes without restarting ?
<shwaiil> when I type hostname I get the last hostname I've changed too. But, I still get user@oldhostname:
<pmatulis> morning
<liquid-silence> exit?
<rbasak> zul, hallyn (absent?): thoughts on bug 1295072
<rbasak> ?
<uvirtbot> Launchpad bug 1295072 in qemu "qemu 1.7 should build-depend on libfdt-dev higher than 1.4.0" [Medium,New] https://launchpad.net/bugs/1295072
<zul> rbasak:  i dont have an opinon but ill leave it up for hallyn
<rbasak> jamespage: could you sync leveldb for me please? http://anonscm.debian.org/gitweb/?p=collab-maint/leveldb.git;a=commitdiff;h=27d5b1f1894d86025549b6eae9163771ae40abc3 is the only change - to enable failing builds on test failures.
<rbasak> I don't see any existing failures on any of our archs
<rbasak> Might be useful for future SRUs etc.
<jamespage> rbasak, is that really worth the build time?
<jamespage> it disabled tests on mips which we don't ship on
<rbasak> jamespage: tests are currently effectively disabled for *all* archs
<rbasak> This change restricts that to mips
<jamespage> oh - I see!
<jamespage> sorry - yes indeed it is then
<jamespage> rbasak, have you build tested?
<rbasak> jamespage: on i386 and amd64, yes
<rbasak> Other archs are maybe more suspicious for this case, so I visually checked the build logs
<rbasak> AFAICT it should succeed on all our archs
<jamespage> rbasak, done
<rbasak> Thanks!
<rbasak> leveldb built OK. Thanks!
<coreycb> jamespage: hello, can you review this?  https://code.launchpad.net/~corey.bryant/charms/precise/nova-compute/1294140/+merge/211933
<jamespage> coreycb, see my comment - I've proposed the icehouse charm-helpers for merge with trunk (I don't think they will change much from now on)
<coreycb> jamespage, thanks for taking a look
<jamespage> coreycb, that's ok
<jamespage> coreycb, do you understand the process under which stuff gets into hooks/charmhelpers?
<coreycb> jamespage, sort of but not really
<coreycb> :)
<coreycb> jamespage, I don't see the merge request for charm-helpers -> trunk
<coreycb> jamespage, but I see what you mean about wiping out my fix
<jamespage> coreycb,
<jamespage> coreyhttps://code.launchpad.net/~openstack-charmers/charm-helpers/icehouse/+merge/21193
<jamespage> https://code.launchpad.net/~openstack-charmers/charm-helpers/icehouse/+merge/21193
<jamespage> coreycb, so we general work with a topic branch for charm-helpers, from which all of the topic branches for the charms sync from; when its baked we land the charm-helpers branch into lp:charm-helpers
<jamespage> and then sync all of the charm topic branches from lp:charm-helpers
<jamespage> and then land those
<coreycb> jamespage, ahh.. charm-helpers is shared among charms
<coreycb> jamespage, ok got it.. so there's an icehouse branch and a stable branch at the moment similar to the various openstack charms
<jamespage> coreycb, yes
<jamespage> coreycb, the charm-helpers.yaml in the root of the charm defines the charm-helpers branch to sync from
<jamespage> 'make sync' syncs it
<jamespage> coreycb, this is a little tricky as the tool that does the sync is not actually packaged and is in charm-helpers itself
<jamespage> coreycb, I have
<jamespage> /home/jamespage/bin/charm-helper-sync -> /home/jamespage/src/charms/charm-helpers/charm-helpers/tools/charm_helpers_sync/charm_helpers_sync.py
<coreycb> jamespage, ok and then the commits to each charm are somewhat automated by that (?)
<jamespage> coreycb, not automated
<coreycb> jamespage, I'll run an upgrade test after syncing with the latest charm-helpers
<jamespage> coreycb, OK
<zul> jamespage:  when you get a chance https://code.launchpad.net/~zulcss/neutron/oneworld/+merge/211973
<jamespage> zul, need plugin/agent package split still
<jamespage> agent runs on compute nodes, plugin runs on nova-controller
<zul> jamespage:  arrgh
<gema> hazmat: got a minute?
<zul> jamespage:  fixed
<ruben231> guys any idea on this error logs when i try to update - apt-get update i have this ------> http://pastebin.com/Fa14pqqK  ... how to correct this error.thanks
<ruben231> gusy any idea..?
<phaidros> what could be wrong if the ubuntu-server lts installer does not get a dhcp address, tho the network is plugged and works?
<phaidros> assigning a static address doesnt work either
<phaidros> eth0 is there, and it is the only nw device
<phaidros> never seen such a thing before ..
<phaidros> checked cables and switche, tho problem persists (the desktop live image which was running for a test just before got a nice and shiny ip on the same box ..)
<phaidros> what could possibly be borked with the server installer ? o.O
<phaidros> it seemts I cannot get the device properly up in the installer: ip set dev eth0 up => it still shows as DOWN .. o.O
<phaidros> and says NO-CARRIER .. with different cables and switches :/
<phaidros> well, forget it
<phaidros> M(
<phaidros> one should't work with identical machines to install close to each other ... arrrgh
<jamespage> zul, http://people.canonical.com/~ubuntu-archive/component-mismatches-proposed.svg
<jamespage> specifically ceilometer - I thought you pushed that out to suggests?
<zul> jamespage:  i thought i did...illl fix it up
<zul> jamespage:  its pydist being pydist
<Hornet> http://paste.ubuntu.com/7125985/ am I missing something here - grub just sits there awaiting manual selection rather than automatically booting the first entry?  seems not to be a recordfail issue, and yes I've run update-grub2
<zul> jamespage:  fixed it
<jamespage> zul, ok
<zul> jamespage:  we have a missmatch in whats available in the archive and whats in bzr for ceilometer btw
<jamespage> zul, do we?
<zul> yep
<zul> fixing it now
<jamespage> zul, what's in bzr?
<zul> ububuntu1 only...ubuntu2 is in the archive
<zul> and i cant spell
<jamespage> zul, evidently that was my fault
<jamespage> sorry
<jamespage> zul, merged your oneconvergence change btw
<zul> jamespage:  i saw thanks :)
<zul> jamespage:  no worries about ceilometer
<Lunar_Lamp> How can I find out if/when apache 2.2.26 will land in the 12.04 repos? (it brings support for perfect forward secrecy, which I would like if possible)
<sarnold> Lunar_Lamp: there are no plans to change the version of apache in 12.04 LTS: https://wiki.ubuntu.com/SecurityTeam/FAQ#Versions
<sarnold> Lunar_Lamp: ubuntu 14.04 LTS will release in ~month with Apache 2.4 which supports FS ciphersuites
<Lunar_Lamp> sarnold: that's probably my better bet then I guess :-)
<sarnold> Lunar_Lamp: definitely easier than rolling your own apache :)
<Lunar_Lamp> Yes. I've not built apache myself for many years, but that has been an active choice, and I have no desire to ever do so again :-D
<sarnold> :D
<danjenkins> hi, im trying to install g++ on an aws ubuntu image
<danjenkins> but I'm getting a forbidden from the apt repos
<danjenkins> Err http://us-east-1.ec2.archive.ubuntu.com/ubuntu/ saucy-updates/main linux-libc-dev amd64 3.11.0-14.21
<danjenkins>   403  Forbidden
<danjenkins> im not quite sure whats going wrong tho
<danjenkins> is the repo not available? is it something I've done?
<sarnold> danjenkins: S3 unhelpfully returns a "403" even when "404" would have been more appropriate
<sarnold> danjenkins: have you run "apt-get update" recently?
<danjenkins> hmmmm, no!
<danjenkins> one sec
<danjenkins> that was it
<danjenkins> thanks sarnold
<danjenkins> how very unhelpful of s3
<sarnold> danjenkins: ah! good. :)
<danjenkins> it was the 403 that threw me! thanks a lot
<sarnold> indeed, it threw me the first time it happened to me. i've held a grudge since :) hehe
<Hornet> somehow, updating grub has caused my server to stop showing anything on its screen
<Hornet> no obvious (or indeed nonobvious) reasons as to why
<Hornet> on the verge of reinstalling the OS
<gQuigs> is the 12.04 + icehouse cloud archive open for business?  just found that it is active... is it meant to be used now? (I wasn't expecting it to be released until it got backported from 14.04)
<lvmer> I'm attempting to install 32 bit libs on ubuntu server x63 13.10 to allow a steam server to run. Does apt-get install lib32z1 sound right or am I missing other libraries too?  The original tutorial shows ia32-libs.
<lvmer> x64*
<gQuigs> lvmer: steam should depend on the right libs...
<lvmer> gquigs, yah that would make sense. perhaps I already have the right libs. I guess I'm just trying to trouble shoot invalid platform error I receive.
<gQuigs> lvmer: what are the errors exactly?
<gQuigs> lvmer: see here for correct list: https://developer.valvesoftware.com/wiki/SteamCMD#Debian_based_Distros_.28Ubuntu.2C_Mint.2C_etc..29
<rostam> HI using ubuntu 12.04 LTS.  Is there a way we can instruct the logging system not to save the older log files which are compressed? ths
<gQuigs> rostam: see logrotate conf files, /etc/logrotate.d/* and /etc/logrotate.conf, remove compress line wherever it annoys you :)
<alaing> Hi i need some help trying to cd into a directory
<alaing> the directory name is "albums (another copy)"
<alaing> it doesn't seem to like the (
<alaing> -bash: syntax error near unexpected token `('
<rostam> gQuigs, thanks
<gQuigs> alaing: "  " don't work?
<alaing> dam, is there anyway to make it work
<alaing> like a special escape key
<gQuigs> alaing: $ cd "/home/bryan/Templates (copy)"
<gQuigs> bryan@dell-laptop:~/Templates (copy)$
<alaing> double quotes, great thanks
<raj__> my database prefers oracle java, so I already have it on my system, but tomcat installs openjdk ignoring the jre i installed by downloading tar from oracle site, would it actually matter in terms of resources & performance to have single or separate JVMs for them on single server ?
<boldfield> I'm having some problems with the preseed installer on a machine with 8x 4TB drives.  each drive has three partitions (gpt), 1st is a bios_grub partition, 2nd for a raid 1 across three of the disks for boot partition, and 3rd is for a raid 10 across all disks which is carved up with lvm2
<boldfield> preseed successfully completes, but on reboot I'm dumped into the grub rescue console
<boldfield> if I instead mount /boot directly to /dev/sda2, the machine boots fine post install...
<boldfield> this is the ubuntu 12.04 TLS netboot installer
<lvmer> gquigs, thanks for the libraries. good research
<soren> alaing: filename completion is usually helpful, too. Type "cd albums" and hit TAB a couple of times.
<alaing> soren: I tried that initially and was confused when it didin't work but once i put the quopte in it worked
<soren> alaing: Ok. Your options are basically: Quotes (single or double will both do fine), escaping: albums\ \(another\ copy\) or wildcards: albums*another*
<soren> alaing: There's probably a few more inventive ways to do it, but those should get you through most things.
<stgraber> sarnold: hey, so what's the state of cgmanager? We currently have both lxc and systemd blocked on this and we're getting ridiculously close to release to add those new features...
<sarnold> stgraber: reviewing it now :)
<stgraber> good :)
<sarnold> stgraber: apparmor is riding the citrain to fame and fortune and I'm finally free (for now, anyway, don't spread it around :)
<jdstrand> sarnold: oh, about that...
<jdstrand> sarnold: it just got pushed to trusty-proposed :)
 * sarnold hides behind stgraber 
<sarnold> YAY! :)
<jdstrand> sarnold: I couldn't resist the comment and dramatic pause :)
<jdstrand>  5
<jdstrand> o/
<stgraber> :)
<sarnold> jdstrand: well played :)
<jdstrand> hehe
<stgraber> jdstrand: did you get a FFe for that apparmor upload?
<stgraber> not seeing one in the listed bugs
<jjohansen> stgraber: this is just the rebase to the new upstream release, not the new feature set
<jdstrand> stgraber: yes, verbal via infinity
<stgraber> jdstrand: ok
<jdstrand> stgraber: this upload was to clean up the packaging to make the real FFe easier
<jjohansen> ah, yeah there was the whole infinity conversation around it
<stgraber> jdstrand: yeah, I was mostly wondering for the new profiles and abstractions which would qualify as features and are changes done in that upload
<stgraber> jjohansen: ^
<jdstrand> hmm, I didn't really consider those features
<jjohansen> stgraber: it wasn't my call so I'll stay out of it :)
<jdstrand> (profiles should only be in apparmor-profiles, which is universe)
<stgraber> jdstrand: feature freeze also applies to universe FYI :)
<jdstrand> others are just bug fixes except the unity7 abstractions, which nothing uses
<stgraber> anyway, I don't have any particular problem with those changes and would have granted a FFe, was just surprised not to see a FFe bug as the first line in the changelog, but yeah, verbal FFe from infinity would explain that :)
<jdstrand> actually, there are no new profiles according to my deb compare
<jdstrand> (I remember that now)
<jdstrand> abstraction updates I consider bug fixes, except again, the unity7 ones
<jdstrand> I should've mentioned them
<jdstrand> sorry
#ubuntu-server 2014-03-21
<phaidros> how to start the grub shell when running the system?
<phaidros> ages ago there was a command called "grub"
<phaidros> this seems gone :)
<phaidros> since the days of grub-legacy have passed
<gmachine_24> greetings, earthlings. my server with 13.xx installed on the main 60GB ssd drive is all of a sudden full - as in registering 100% occupado. I did  $sudo df / and it came back 100% used . . . I have done daily back ups using tar and they have taken up only 2GB of space on a separate back up drive
<davecore82> gmachine_24, do you have a question? what do you want to know?
<gmachine_24> davecore82, yes, well, I suppose my question is whether this is normal and if not what can I do about it.......?
<cfhowlett> gmachine_24, , df doesn't require sudo ...
<gmachine_24> davecore82, the tar back ups still only take up 2GB of space
<davecore82> you could start by finding what's using the most space with a command like    ( du -xSk || du -kod || du -ax ) | sort -nr | head -30
<davecore82>    ran from your / dir
<cfhowlett> gmachine_24, clear out your logs???
<gmachine_24> davecore82, well ok but I get almost the exact same output when I just do df /
<sarnold> gmachine_24: probably first things first, go look for huge logs in /var/log ; use apt-get clean and apt-get autoclean and apt-get autoremove to free up some more space
<davecore82> this will work too:    du -xSk / | sort -nr | head -10
<sarnold> gmachine_24: once you've gotten yourself some headroom you can start looking for your data that's big :)
<gmachine_24> hi - thanks for the help. I had run apt-get clean and apt-get autoremove already. I just ran apt-get autoclean. I deleted a bunch of podcasts that were downloaded when I first set up the server; I forgot they were there.
<gmachine_24> however, after removing the podcasts I get the same 100% used
<gmachine_24> when running df /
<davecore82> are they currently opened in some application on your server?
<gmachine_24> I really think there is a problem that I cannot recall exactly having to do with ssds .... this will again teach me to keep all notes
<gmachine_24> davecore82, what 'they' are you referring to?
<davecore82> the podcasts
<gmachine_24> I deleted them
<gmachine_24> and no
<gmachine_24> not opened in some application
<davecore82> but where they already opened somewhere? sometimes when your df doesn't show any change it's because the files are still opened somewhere
<davecore82> you could check what lsof returns and see if you see anything weird
<gmachine_24> davecore82, I'm not familiar with lsof .. but, as I said, this is a new situation . . . I'm going to reboot the server and see if deleting the podcasts makes a difference;
<gmachine_24> ok, the server is back up and things are the same; the thing that is different, which I should have realized and said before, is that I've installed and am configuring KVM so I can run virtual machines........
<davecore82> did you run this?  du -xSk / | sort -nr | head -10
<gmachine_24> I just installed KVM last night but did not create any vms as it got late and I don't want to do that when I am tired
<davecore82> that command will find the top 10 directories using the most disk space
<gmachine_24> davecore82, yes, I had run it before; here is the out put: http://pastebin.ubuntu.com/7128838/
<davecore82> you should run it with root
<gmachine_24> ha, ok, brb
<gmachine_24> http://pastebin.ubuntu.com/7128843/ run with sudo
<davecore82> can you show the output of df -h ?
<davecore82> I don't see how your 60 GB disk be full with just that showing up
<gmachine_24> davecore82, unless the squeezebox server cache is some how out of control; and, yes, that's what I meant - it makes no sense to me, either
<davecore82> can I see your df -h ?
<gmachine_24> http://pastebin.ubuntu.com/7128861/          from sudo df -h
<davecore82> do you use things like file system snapshots, ...?
<gmachine_24> davecore82, well, having no idea what that is I'm going to say no
<davecore82> :)
<gmachine_24> is it like an image?
<davecore82> I can't help you sorry. Some forum suggests you run fsck from single user mode
<davecore82> http://askubuntu.com/questions/256619/df-shows-all-space-taken-but-du-doesnt-add-up
<davecore82> does this show anything interesting ?   lsof | grep '(deleted)'
<gmachine_24> just like that with the deleted and everything?
<davecore82> lsof | grep '(deleted)'
<gmachine_24> the lsof command before led to a huge output
<davecore82> this one will be shorter
<gmachine_24> uhm... well, running with sudo and without sudo I got the same output: nothing
<davecore82> so that means its not deleted files locking your space
<davecore82> If you can, follow the instructions from that link
<davecore82> maybe your fs is corrupted
<gmachine_24> davecore82, yes, could be. so I guess it's good that I have a > a month of back ups
<gmachine_24> davecore82, thanks again for your time
<davecore82> where are the backups exactly? on a different drive?
<gmachine_24> davecore82, yes, different drive
<davecore82> try that fsck thing
<davecore82> good luck
<sarnold> anything in /root ? it looked mos likely out of those locations to possibly have some data stashed away
<gmachine_24> sarnold how do I tell what is taking up all that space in /?
<sarnold> gmachine_24: normally davecore82's little recipe does the job
<sarnold> (I never use -S myself but it shouldn't matter much one way or another)
<gmachine_24> sarnold, ok, well, the output didn't add up.......... I am logged in from a remote terminal using ssh -X ..... is there some way I can run the graphical disk usage analyzer remotely? I'm not even sure it's installed on the server
<sarnold> gmachine_24: you could try, the only one I know of is 'kdf', but that will bring i nthe whole kde runtime, unless it's already installed you won't be able to make it fit :)
<gmachine_24> sarnold, it's ok - I ran the disk analyzer using the command line baobab ..... and nothing accounts for the full disk........
<sarnold> gmachine_24: it could be that some of your other mounts _might_ be mouted on top of directories full of data...
<sarnold> gmachine_24: I'd umount all your external drives and look again
<gmachine_24> I mean it shows the disk is using up something like 48GB of 51GB total..... but then there's nothing in the file system details which comes close to using that amount of space
<gmachine_24> you know what, I wonder . . . . I'll be right back; I might have the answer
<gmachine_24> sarnold, oh well. I thought maybe it had something to do with my backing up my music collection to an external 1TB usb drive; but, I removed that, rebooted the computer and get the same information. So I don't know. Thanks for your help. I'm beat - going to turn in.
<raj__> how do I prevent tomcat installation(sudo apt-get install tomcat7) from installing openjdk when I already have oracle java installed ?
<sarnold> raj__: take a look at the 'equivs' package, I think it could help you
<raj__> sarnold: thanks going to look at that..!
<ilhami> Anybody here?
<cfhowlett> ilhami, yes
<ilhami> cfhowlett, I got a free DNS host from noip.com.
<ilhami> How can I configure this with Ubuntu server?
<cfhowlett> ilhami, can't help with that - sorry
<cfhowlett> !dns
<ubottu> To set up a Domain Name Service see the !serverguide - https://help.ubuntu.com/12.04/serverguide/C/dns.html
<cfhowlett> best I can do ^^^
<DamienRed> Hello
<cfhowlett> DamienRed, greetigns
<cfhowlett> greetings
<DamienRed> ty, Im thinking of starting a ubuntu server at home
<DamienRed> It
<lordievader> Good morning
<DamienRed> Just looking over it on the site
<DamienRed> CAn you connect windows and mac to a ubuntu servecr?
<cfhowlett> DamienRed, certainly a windows with samba - don't know about mac
<cfhowlett> !samba
<ubottu> Samba is the way to cooperate with Windows environments. Links with more info: https://wiki.ubuntu.com/MountWindowsSharesPermanently and https://help.ubuntu.com/12.04/serverguide/C/windows-networking.html
<DamienRed> aha yeah, samba looks like what i was looking for .
<DamienRed> Does ubuntu server have features similar to active directory?
<Gr1> Hi everyone
<caribou> rbasak: I have a uvtool question :
<caribou> rbasak: if you run 'uvt-kvm create onetest", who does uvt-kvm selects the image to use ?
<caribou> rbasak: on my test system, I have 5 images starting with Oneiric & this command picked up precise which was the second in the list
<rbasak> caribou: let me check the exact logic
<caribou> rbasak: I'm working on the doc & just want to provide a few simple examples
<RoBoT_38> guys
<RoBoT_38> I want to ask
<rbasak> caribou: it defaults to release=`distro-info --lts`
<rbasak> caribou: I think there's an error in the manpage there, where I said it also defaults to the host arch. I don't think it does.
<RoBoT_38> what is the command for movilng all files that begin with a, b, c, to a folder.
 * rbasak needs to fix that
<caribou> rbasak: no it doesn't, my test system is trusty & it installed precise
<rbasak> caribou: what does "distro-info --lts" on your trusty system say?
<caribou> rbasak: precise, so it is coherent
<rbasak> I think it'll change to trusty once distro-info-data is updated in Trusty, which I guess happens on release or something.
<rbasak> Users who care should specify.
<rbasak> Do you think that's a problem?
<caribou> rbasak: no, as long as it is clearly outlined in the doc
<caribou> rbasak: I wanted to show that it was so simple to use that just doing 'uvt-kvm create onetest' was enough to get toing
<caribou> s/toing/going
<caribou> rbasak: with your explanation, I'll explain how it gets picked up
<zul> jamespage/hallyn: so I was thinking we should apply for an MRE for libvirt for trusty+1, what do you think?
<gQuigs> s the 12.04 + icehouse cloud archive open for business?  just found that it is active... is it meant to be used now? (I wasn't expecting it to be released until it got backported from 14.04)
<zul> gQuigs: yes pre-releases are available
<hallyn> zul: mre, why?
<zul> hallyn:  so we can do a "stable" branch and get in updates faster
<jamespage> zul, +1
<zul> hallyn:  seabios as well it was just pointed out to me
<hallyn> zul: sounds good.
<hallyn> man my laptop is being weird
<hallyn> well we don't want seabios updated without qemu
<zul> smb:  did xen 4.4. get uploaded?
<smb> zul, yup
<zul> smb:  sweet
<smb> zul, now we just need to weed out some issues
<zul> jamespage:  ill fix the python-pbr failing for the CA this afternoon
<zul> smb: ill try to test xen-4.4 with libvirt/openstack next week
<smb> zul, Ok, that would be awesome. And let me know all the bugs you find.
<zul> smb:  ack
<gQuigs> zul: is it going to eventually provide nodejs as well?  (they have a specific version dependency between it and libv8 that is provided)
<jamespage> zul, ack
<zul> gQuigs: uh...probably not...whats the specific dependency you are talking about?
<gQuigs> nodejs (precise) depends specifically on libv8-3.7.12.22
<gQuigs> they specifically want to install npm and find that can be impossible
<jamespage> gQuigs, there is no intent to provide nodejs in the cloud-archive
<gQuigs> hmm..  I think it might be due to the libv8-dev not having the version number in the package name
<gQuigs> libv8-3.14 and libv8-3.7 are installable side by side, but there is only one libv8-dev package
<gQuigs> why is libv8 included in the cloud archive?
<jamespage> gQuigs, mongodb
<gQuigs> thanks both, bug is precise not the cloud archive...
<gQuigs> or actually.. do you need to provide the libv8-dev package?  you have the libv8-3.14-dev package..
<gQuigs> having that package breaks letting them both be installed
<gQuigs> you don't have a package for libv8-dbg
<jamespage> gQuigs, we try to make the cloud-archive delta as small as possible; I'd like to understand why you have the cloud-archive enabled on a server where you are doing other nodejs stuff?
<gQuigs> jamespage: I don't; it's a customer
<gQuigs> they say it's a dependency for their Razor setup, through npm...
<gQuigs> ah... puppet-razor
<gQuigs> it's a test node for them where they track the latest changes to see if anything will break in their setup in the future
<gQuigs> I'll make a detailed bug report to the cloud archive and we can figure out next steps there
<Obsdark> hey oh
<cfhowlett> Obsdark, greetings
<Obsdark> i'm trying to connect to internet with ubuntu server, through terminal to upgrade/update but i can't, when i ping any site in the outside internet it appears "ping: unknown host www.google.cl" and if i try to ping my router apparead "PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data." and then start to spam this "From 190.160.17.126 icmp_seq=1 Destination Host Unrecheable", i'm trying to connect to internet
<Obsdark>  through wifi, to a static ip router(modem who gave wifi to several comps)
<Obsdark> any suggestions?
<Obsdark> how to fix this problem?
<Obsdark> thanks in advance
<Obsdark> PS: i'm kinda noob in linux & specialy in ubuntu
<Obsdark> PS2: i'll try asking in stack overflow (ask ubuntu) but i stop receive responds after like 8 hours ago
<Obsdark> and what i print here is as far as we arrive with the guy who help me (before stop)
<Dj_FlyBy> any reason why my Ubuntu Server 12.04 keeps changing it's IP address? I set it manually via this guide --> https://help.ubuntu.com/12.04/serverguide/network-configuration.html    but it doesn't seem to stay permanent and changes even when the server ISN'T restarted....
<gQuigs> Dj_FlyBy: see if dhclient is still running
<drums> hey guys
<cfhowlett> drums, greetings
<drums> nice to meet you, im pretty new to linux since a damm long break like 10? years :=
<drums> last time i was running linux, suse 9 was the shit everyone was running trough
<Obsdark> - AndroidLoverInSF ha entrado
<Obsdark> <Obsdark>PS2: i'll try asking in stack overflow (ask ubuntu) but i stop receive responds after like 8 hours ago
<cfhowlett> drums, language - keep it clean
<drums> users from germany here?
<drums> i got some rly hard nut for you guys
<Obsdark> i'm trying to connect to internet with ubuntu server, through terminal to upgrade/update but i can't, when i ping any site in the outside internet it appears "ping: unknown host www.google.cl" and if i try to ping my router apparead "PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data." and then start to spam this "From 190.160.17.126 icmp_seq=1 Destination Host Unrecheable", i'm trying to connect to internet
<Obsdark>  through wifi, to a static ip router(modem who gave wifi to several comps) any suggestions? how to fix this problem? thanks in advance PS: i'm kinda noob in linux & specialy in ubuntu
<cfhowlett> !de|drums,
<ubottu> drums,: In den meisten Ubuntu-KanÃ¤len wird nur Englisch gesprochen. FÃ¼r deutschsprachige Hilfe besuche bitte #ubuntu-de, #kubuntu-de, #edubuntu-de oder #ubuntu-at. Einfach "/join #ubuntu-de" eingeben. Danke fÃ¼r Dein VerstÃ¤ndnis!
<jamespage> coreycb, zul: we need to fixup https://bugs.launchpad.net/cloud-archive/+bug/1267307
<uvirtbot> Launchpad bug 1267307 in ceilometer "upstart services aren't created for ceilometer-alarm-evaluator ceilometer-alarm-notifier" [Undecided,New]
<drums> i was previously able to set my display within a script wich loads by booting gnome/unity to set my customized screen resolution by the command "xrandr 1199 x 904" (for example)
<drums> but then i played around with all this funny compiz stuff and so on until everything crashed
<drums> like EVERYTHINK
<drums> i made it to work again, even witout a new instalation
<drums> and ye, i got my workspacecube, i got my cairo, i got all the fancy nice looking transperancy stuff again BUT
 * ogra_ wonders how this is related to ubuntu-server
<drums> xrandr command doesnt work anymore, it now just takes resolutions wich are PREdefined (like all the standart resolutions)
<ogra_> sounds like you would rather want #ubuntu or #ubuntu-de
<zul> jamespage:  ack ill put it on my todo list
<drums> but i cant set it anymore to a specific resolution by myself, what happend?did i kinda bugged out X server by itself?
<drums> ogra_ ye sry, maybe its the wrong channel, i excuse myself for that
<Obsdark> ogra_ it would be the right channel for my case?
<ogra_> np, it is just the the guys in here will likely not be able to help much with desktop stuff
<ogra_> since this is the server specific channel
<drums> but maybe u got some idea?cause even friends of mine, wich are realy expirienced in linux, got no idea how this could happen
<drums> ye its a problem with x, administrators are not involved into x serv
<drums> but maybe one of u had this problem by himself before
<drums> and the solution is quit simple
<drums> :)
<Dj_FlyBy> gQuigs: dhclient is in fact running
<gQuigs> zul: jamespage, reported the libv8 issue, https://bugs.launchpad.net/cloud-archive/+bug/1295723
<uvirtbot> Launchpad bug 1295723 in cloud-archive "libv8-dev backport breaks some dependencies" [Undecided,New]
<gQuigs> Dj_FlyBy: that's your issue..  our docs need desperate updating
<gQuigs> ifdown the interface first, should stop the dhclient, I think... then you can make the change
<gQuigs> and ifup it back
<gQuigs> (assuming you don't just have one interface, if you do, I suggest rebooting
<Dj_FlyBy> change is already made... and are permanently added to the interfaces file whichis why I am so confused
<Dj_FlyBy> I can't reboot the server every times this happens.... I need to solve the problem :) multiple websites ad such are hosted on this server... rebooting it constantly i s bad business
<gQuigs> Dj_FlyBy:  post your interface conf file (w/ ips removed) somewhere
<Dj_FlyBy> ok
<rbasak> gQuigs: as a workaround, can you pin libv8-dev in precise to score higher than the cloud archive?
<jamespage> rbasak, gQuigs: that was going to be my suggestion
<novochar> I'm reading http://www.danscourses.com/Linux-Fundamentals/install-a-configure-the-bind-dns-server.html and it tells me to edit /etc/sysconfig/network-script/ifcfg-eth0 ubuntu-server doesn't have this file, it does have /etc/sysctl.conf though
<novochar> Is it the same?
<novochar> Where would I insert DNS1=127.0.0.1?
<novochar> And is that even relevant?
<patdk-wk> novochar, you have lots of issues
<rbasak> novochar: I suggest you look for a guide that accomodates Debian and Ubuntu. It sounds like you're looking at a RHEL/Fedora/CentOS -specific guide.
<rbasak> novochar: eg. the official Ubuntu server guide for 12.04: https://help.ubuntu.com/12.04/serverguide/dns.html
<gQuigs> rbasak: jamespage, yes that appears to be a valid workaround
<rbasak> Great! I can't think of any other way to solve this problem. It's a fundmental property of the cloud archive that it won't necessarily work with arbitrary packages from the release.
<novochar> Thanks for the link rbasak
<novochar> patdk-wk: noted
<gQuigs> rbasak: I'm not suggesting removing libv8-3.14-dev, just libv8-dev..
<Dj_FlyBy> ack.... I forget how to list the contents of a file
<Dj_FlyBy> gQuigs: trying to sprunge that interfaces file for you
<novochar> Dj_FlyBy: cat?..
<Dj_FlyBy> novochar: hahah thanks...... can't believe I forgot that
<novochar> I don't see anywhere in /etc/bind/ where this example could be inserted: https://en.wikipedia.org/wiki/Wildcard_DNS_record#Definitions_of_DNS_wildcards
<Obsdark> hey oh i'm trying to connect to internet with ubuntu server, through terminal to upgrade/update but i can't, when i ping any site in the outside internet it appears "ping: unknown host www.google.cl" and if i try to ping my router apparead "PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data." and then start to spam this "From 190.160.17.126 icmp_seq=1 Destination Host Unrecheable", i'm trying to connect to
<Obsdark>  internet through wifi, to a static ip router(modem who gave wifi to several comps) any suggestions? how to fix this problem? thanks in advance PS: i'm kinda noob in linux & specialy in ubuntu but i have a CentOs one working if that is usefull for something, any ideas?
<novochar> None of the db files would fit and the named.conf.* files have a different syntax
<Dj_FlyBy> gQuigs:  http://sprunge.us/ZbGF
<jamespage> gQuigs, see my note on your bug report as to why we can't do that
<Obsdark> any chance somebody tells me at least if my problem make sence or where i can find a answer?
<gQuigs> jamespage: still don't understand why it can't depend on libv8-3.14-dev directly
<novochar> This could be useful if it was for 13.10: http://www.leaseweblabs.com/2013/08/wildcard-dns-ubuntu-hosts-file-using-dnsmasq/
<gQuigs> Dj_FlyBy: don't see anythng wrongg.... are the $ just an artifact?
<novochar> If I just apt-get install dnsmasq, will ubuntu use it for dns forwarding?
<Dj_FlyBy> gQuigs: i'm guessing the $ are part of the cat -A command as they don't actually existin the file itself
<tcollins> Im trying to setup MAAS on a set of physical machines.  I'm having an issue with the DHCP setup, the docs say everything can be done from the WebUI but nothing changes.  Do I have to manually edit my interfaces files as well?
<novochar> This looks relvant: http://therailworld.com/posts/36-Wildcard-Subdomains-with-Dnsmasq
<novochar> The problem here is I don't want `blah`, I'd like *
<novochar> Is it possible to use * with dnsmasq?
<Mez> Quick Question: I've setup LDAP -and it reports administrators:*:10001:mez
<Mez> for getent group
<Mez> but if I run "groups" as myself, I only see my primary group.
<Mez> Any idea why this would be the case?
<bekks> Mez: Did you re-login?
<Mez> bekks: yup
<Mez> even rebooted it :)
<jrwren> the groups command doesn't use libnss to do its lookups. I'd recommend not using it.
<jrwren> or... i'm reading strace output incorrectly
<Mez> jrwren: it shows me in the LDAP groups on another system...
<jrwren> nevermind me then.
 * Mez has managed to somehow get locked out of sudo via this
<Mez> Ah, it's nscd
<raj__> tomcat7 by default installs openjdk, however I would run tomcat using already installed Oracle JRE, should I leave the  openjdk that will come along with tomcat as it is (I have seen that trying to uninstall openjdk also uninstalls tomcat7) Is there any harm in leaving it incase I dont wish to use it? (avoiding uninstall just because it is leading to complexities )
<patdk-wk> if it explicitly depends on openjdk, that is a bug
<raj__> patdk-wk: dont no why but when I tried uninstalling openjdk it uninstalled tomcat7  as well.. actually may be becuase I did not installed oracle jre via apt-get so it see only openjdk installed via apt-get ..
<zul> jamespage:  have you had a chance to look at python-psutil yet?
<zul> jamespage:  http://pastebin.ubuntu.com/7131876/
<jamespage> zul, hmm
<jamespage> is that in the lab?
<zul> jamespage:  ppa
<zul> ci ppa sorry
<jamespage> zul, under openstack-ubuntu-testing?
<zul> yep on precise
<jamespage> zul, oh foobar
<jamespage> I expect that it got built with old dh-python
<zul> jamespage:  ack
<jamespage> zul, oh - psutil is out-of-date on i386 - it failed to build
 * jamespage hits rebuilkd
<zul> jamespage:  merci buckets
<Valduare> hi guys I got a headless ubuntu server running on wifi as a cups print server
<Valduare> I got it connecting great with dhcp and wpa_supplicant
<Valduare> i understand there are problems with trying to specify a static ip? with wpa_supplicant
<sarnold> I thought wpa_supplicant worked on the wifi layer rather than the IP layer?
<lordievader> That was my impression too.
<Valduare> I was just reading about it not completing if you had network/interfaces setup for static
<sarnold> admittedly I've not tried it, but it doesn't sound right to me.
<Valduare> guess i'll just try it heh
<Valduare> luckily i can just take the sd card out and redo the network interfaces file if it does not work heh
<sarnold> woo :)
<Valduare> i got ubuntu 12.04 lts running on a mk802iiis to use as a cups print server
<lordievader> Last time I did a static wifi address I used a very nasty work around, I wrote an /etc/init.d script. I couldn't get /etc/network/interfaces to work properly.
<adam_g> smb, were you planning on upload someting to saucy proposed /w debdiff in 1248025? or should i?
<adam_g> or hallyn
<adam_g> https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1248025
<uvirtbot> Launchpad bug 1248025 in libvirt "[SRU] libvirt-bin fails to start inside Xen" [High,In progress]
<tcollins> im trying to debug PXE under MAAS, where are the pxelinux.cfg files for MAAS?
<hallyn> adam_g: it is on my list,
<tcollins> the pxelinux.cfg seems not to exists under MAAS
<hallyn> adam_g: if you do, pls also include bugs 1287232 and /1264465
<uvirtbot> Launchpad bug 1287232 in libvirt "/usr/lib/libvirt-lxc.so missing from libvirt-dev" [High,Confirmed] https://launchpad.net/bugs/1287232
<sarnold> tcollins: look for /usr/share/pyshared/provisioningserver/pxe/config ?
<adam_g> hallyn, hmm. those look less like low hanging fruit.
<adam_g> IOW over my head :)
<hallyn> in any case there is a pkg in -proposed still
<hallyn> unless it cleared whil i wasn't looking
<adam_g> ohh damn, right
<adam_g> that exterely difficult bug to verify
<hallyn> i think we shoudl take the verifications we have and go with it, but then i'm not on the sru team :)
<tcollins> sarnold: is that the config.py file?
<zul> jamespage:  https://code.launchpad.net/~zulcss/nova/2013.1.5
<zul> coreycb: ^^^
<sarnold> tcollins: I think it's used to make the pxe config.. it's been ages since I've done anything with it, but I've got that in my notes :) heh
<tcollins> sarnold: I'm just trying to understand how maas controls pxe.  Since there is no pxelinx.cfg for the nodes to pull
<zul> jamespage/coreycb: https://code.launchpad.net/~zulcss/neutron/2013.1.5/+merge/212226
<tcollins> sarnold: it seems as though maas is not creating the config files
<sarnold> tcollins: check out the maas-import-pxe-files script, it might have the details you need
<tcollins> sarnold: maas-import-pxe-files just downloads the images.  Nothing helpful in there
<jamespage> zul,  neutron +1; nova - do we really need to release?
<zul> jamespage:  yes "Known Issues and Limitations" https://wiki.openstack.org/wiki/ReleaseNotes/2013.1.5
<zul> jamespage:  keystone is still buidling for me
<jamespage> zul, that nova commit list is incomplete then
<zul> jamespage:  ok ill have a look
<zul> jamespage:  that CVE got fixed in october according to the changelog
<zul> jamespage:  im happy to skip it
<zul> jamespage:  https://code.launchpad.net/~zulcss/keystone/2013.1.5/+merge/212232
<Obsdark> good day, i have a issue with the static ip configuration
<Obsdark> you see: when i try to use the instructions on the oficial documentation, it just doesn't work, the dhcp-client process is dead but apt-get don't let me unninstall it, also i can't connect to the internet through cable modem
<Obsdark> or better say, "wired" any suggestion or help would be greatly apreciated
<pmatulis> Obsdark: you've mentioned 'static' and 'dhcp'.  what are you up to?
<Obsdark> ok, wellwell, i'm making a "test" with a notebook
<Obsdark> the idea is connect it to internet and stup a server
<Obsdark> setup*
<pmatulis> Obsdark: can you get an IP or not?
<Obsdark> i first try to make work a wifi net, but now i'm thiknking than it's better use cable connection and clone it
<Obsdark> with that pc, i can't even ping google
<Obsdark> it must been said than i'm through a modem than brings wifi to some other pc's too
<Obsdark> and that one have a static ip
<Obsdark> i'm just thinking on clone this machine entirely on another pc after end the test here, but before of that i need set it up internet to it, cable internet, any suggestion? :S
<Obsdark> pmatulis: please just do any question about it
<pmatulis> Obsdark: use dhcp
<Obsdark> Â¿? but that's for dinamic ip aren't it? otherwise, how i can do it?
<Obsdark> man
<Obsdark> you fucking rocks!
<Obsdark> damn man... i'm a very noobish ubuntu user but thanks a lot!
<Obsdark> pmatulis: Â¡You Rocks!!
<Obsdark> Thanks!
<Obsdark> just a last question
<Obsdark> how i just setup to autoconnect when started?
<Obsdark> (the comp)
<Dj_FlyBy> any reason why my Ubuntu Server 12.04 keeps changing it's IP address? I set it manually via this guide --> https://help.ubuntu.com/12.04/serverguide/network-configuration.html    but it doesn't seem to stay permanent and changes randomly even when the server ISN'T restarted....
<bekks> Dj_FlyBy: It changes to what? Can you give us an example?
<Dj_FlyBy> it changes fromthe static 10.x.x.3 to 10.x.x.10
<bekks> In a vbox environment?
<Dj_FlyBy> I'd have to say no since I'm not entirely certain what that is
<Dj_FlyBy> I'm guessing VirtualBoxin which case, no
<pmatulis> Dj_FlyBy: heh heh
<pmatulis> Dj_FlyBy: see whether a dhclient process is running
<pmatulis> (ps ax | grep dhclient)
<Dj_FlyBy> pmatulis: no it is not running
<Dj_FlyBy> ok this is weird.
<Dj_FlyBy> I search for a running process and I getnothing
<Dj_FlyBy> but your command shows something
<Dj_FlyBy> pmatulis: -->  http://sprunge.us/ZAWa
<Dj_FlyBy> OOOoooOo  I found a VERY useful guide....  for anyone else to note in case of others with my issue....  -->  http://lani78.com/2012/07/19/change-to-static-ip-on-the-ubuntu-precise-pangolin-server/
<pmatulis> Dj_FlyBy: so you'll want to do 'kill $(pgrep dhclient)'
<pmatulis> Dj_FlyBy: or similar, 'kill $(pgrep dhclient3)'
<Dj_FlyBy> pmatulis: but that kill it permanently, or wil it start again if so some od reason the server gets rebooted?
<Dj_FlyBy> what about stopping it and then sudo apt-get remove isc-dhcp-client
<qman__> Dj_FlyBy: you don't need to uninstall it, just configure /etc/network/interfaces as static ip and it won't activate after a reboot
<Dj_FlyBy> butI've had the interfaces file configured for some time and the server has been rebooted since then
<qman__> you can also use dhclient -r to release your lease and it will stop trying to reconfigure it
<qman__> sounds like something else is interfering then, maybe network-manager?
<Dj_FlyBy> headless
<qman__> that doesn't mean network-manager isn't installed
<Dj_FlyBy> I didn't personally so unless by default
<Dj_FlyBy> doesn't hurt to check :)
<qman__> i know there were some bugs about this years ago, but i haven't run into it since 2012
<qman__> and i install a lot of 12.04 servers
<Dj_FlyBy> andso t is
<Dj_FlyBy> grrrrr
<qman__> it isn't on a default install but can easily get pulled in as a recommend
<Dj_FlyBy> how do Isee what is using it so I know if I can close it
<qman__> network-manager is the daemon running in the background
<qman__> you probably don't have the gui app installed
<Dj_FlyBy> could use it if I did, lol
<Dj_FlyBy> couldn't*
<qman__> provided your normal config works, you can just apt-get remove it
<qman__> though if it's remote you might want to take some precautions
<Dj_FlyBy> I did edit the interfaces file a while agi
#ubuntu-server 2014-03-22
<raj__> is it a good strategy to set JAVA_HOME & default java to "/usr/lib/jvm/default-java"  symlink & point that symlink to any java installation like oracle java/ opnjdk that was switching between jre versions & upgrading to newer versions would be very easier, no ?  changing "default-java " symlink to upgrade to newly downloaded oracle java version,  without needing to change the acutal java path everywhere..
<lordievader> Good morning.
<i5150pc> Hello, How can I fix "Read Error" after installing Ubuntu Server?
<bekks> Where do you get that error?
<i5150pc> when booting
<bekks> where?
<bekks> !details | i5150pc
<ubottu> i5150pc: Please elaborate; your question or issue may not seem clear or detailed enough for people to help you. Please give more detailed information, errors, steps, and possibly configuration files (use the !pastebin to avoid flooding the channel)
<i5150pc> I tried to load Ubuntu Server 12.04 on a P4 machine (Yes I have such  a machine), after the restart, all I get is "Read Error" nothing else because the system isn't booting
<cfhowlett> i5150pc, 1.  md5sum your ISO and 2. try a different USB
<cfhowlett> i5150pc, assuming that SERVER usb/cdrom is what's failing
<i5150pc> It didn't give me a hash to check against
<cfhowlett> i5150pc, that's pretty much a sign of serious fail ...
<i5150pc> cfhowlett: the website didn't give me a hash to check against
<cfhowlett> !md5sum
<ubottu> To verify your Ubuntu ISO image (or other files for which an MD5 checksum is provided), see http://help.ubuntu.com/community/HowToMD5SUM or http://www.linuxquestions.org/linux/answers/LQ_ISO/Checking_the_md5sum_in_Windows
<cfhowlett> i5150pc, wait 12
<cfhowlett> cdimage.ubuntu.com is the starting place = for 12.04.4  http://cdimage.ubuntu.com/precise/daily/20140322/
<i5150pc> I verified the sum myself - it matches
<cfhowlett> i5150pc, great.  then it could be your boot media is funky
<i5150pc> I verified that the disc is OK, and It was OK
<cfhowlett> i5150pc, if the boot media is good then perhaps you're system is trying to boot from a different source. ...
<i5150pc> cfhowlett: I only have one HDD on that box
<cfhowlett> i5150pc, check your bios ...
<cfhowlett> wiat
<cfhowlett> it should NOT be booting from your hdd if you haven't installed yet!
<i5150pc> i told the bios "CD" then "HDD" then Network then floppy
<cfhowlett> i5150pc, disable everything except the cd.  reboot.  if the CD still won't read, there's your problem ...
<i5150pc> ok one  moment
<i5150pc> it boots of the CD
<i5150pc> cfhowlett: it reads the CD and boots off the CD, so, what is my issue here?
<cfhowlett> i5150pc, didn't this start with "no media found"?
<cfhowlett> read error - sorry
<cfhowlett> anyway, now you're booted.  proceed to install
<i5150pc> with the disabled HDD?
<cfhowlett> i5150pc, it's only disabled as a boot device ...
<i5150pc> one sec
<i5150pc> running the install
<i5150pc> Install finished, and I get this: "disk boot failure, insert system disk and press enter"
<i5150pc> huh, I'm getting the same error as before "Read Error"
<i5150pc> nope, Ubuntu Server isn't booting after Install, once again, what am I doing wrong here?
<cfhowlett> i5150pc, now you have to reset your bios so the HDD boots
<JanC> might also be a BIOS/(U)EFI thing?
<JanC> i5150pc: is it the firmware (BIOS) giving the Read Error message or GRUB?
<i5150pc> it's booting alright, "Input Signal Out of Range"
<i5150pc> also, How long does it take  to boot?
<cfhowlett> i5150pc, input signal?  it's choking on your video settings
<i5150pc> cfhowlett: that box has a SiS651 chipset
<cfhowlett> i5150pc, the error you cited refers to display settings
<i5150pc> yep, I ssh'd to the box, and it's online
<cfhowlett> i5150pc, little things like that matter.  sadly, ssh is outside my area, so ask again in channel and mention that detail
<i5150pc> Thanks for all the help
<JanC> SiS GPUs often don't work with VESA even...
<lordievader> Good afternoon.
<gooses89> Hey guys,  im trying to get some java to run on server start. I have a .sh in the folder with the jar. And the init.d script. Both are fairly basic scripts. The problem I am running into is if I dont bash the .sh from within the folder, the jar tries to run in the current folder and it can't find it's configs.
<gooses89> :(
<Hunt_e107> gooses89: whats your issue?
<atpa8a> hello
<gooses89> im trying to get some java to run on server start. I have a .sh in the folder with the jar. And the init.d script. Both are fairly basic scripts. The problem I am running into is if I dont bash the .sh from within the folder, the jar tries to run in the current folder and it can't find it's configs.
<gooses89> Can't find a fix for it
<atpa8a> having a problem... need to make sure an initscript starts before an upstart job... any clues?
<Hunt_e107> goose89: did you try to source the profile before running it?
<Hunt_e107> goose89: even if it's set in the path but for the first run I think you have to source the profile for the new path to invoke it.
<gooses89> Fairly new to linux
<gooses89> Never used source?
<Hunt_e107> gooses89: its not the code source.
<gooses89> It's a command I know.
<Hunt_e107> gooses89: do . /<new java path>
<Hunt_e107> make sure there is space after the dot
<Hunt_e107> atpa8a: make sure initscript is the parent process of the upstart job that's when it will start before upstart job
<gooses89> Hunt.
<gooses89> Not quite sure what you mean.
<gooses89> . Is simply a shortcut to bash is it not?
<Hunt_e107> .  /<new java path>
<Hunt_e107> yes
<JanC> not really
<Hunt_e107> but before you run your program you have to call it
<JanC> it's an internal command in bash
<Hunt_e107> correct
<JanC> and in (some) other shells
<gooses89> . /java
<gooses89> Like
<Hunt_e107> yeah
<gooses89> If i were to do . /thisfoler/This.jar
<gooses89> I would get an error.
<Hunt_e107> no it wont work
<gooses89> I realize that.
<Hunt_e107> jar is executed like this java -jar This.jar
<gooses89> Yeah
<JanC> depends, if /thisfoler/This.jar is a shell script, it would work  :)
<Hunt_e107> This.jar.sh hehehe
<gooses89> can I use quotes? . /thisfolder/"java -jar this.jar"
<JanC> eh
<gooses89> If not it stops at the space.
<Hunt_e107> it will
<gooses89> and tries to run java
<Hunt_e107> in this case you have to do
<Hunt_e107>  /thisfolder/java   -jar  this.jar
<Hunt_e107> ok tell me what you have done so far to solve your issue?
<atpa8a> Hunt_e107: parent process?.. looking... thanks
<gooses89> this is my .sh http://pastebin.com/RZNRxVHW
<gooses89> If I were to run it from the DayZLogger folder it runs fine
<gooses89> if I run that script outside the folder like from root if i # bash /var/www/RoadW/DayZLogger/loggerstart.sh
<gooses89> then It will not find its files.
<Hunt_e107> ok looking
<gooses89> It runs the DayZLogger.jar in root from the looks of things instead of in it's native folder.
<Hunt_e107> ok I see the problem
<Hunt_e107> whats the path to you java?
<Hunt_e107> do env
<Hunt_e107> and give me the output
<gooses89> http://pastebin.com/8sVgrcc2
<Hunt_e107> gooses89: can you give me the path to you java bin directory?
<gooses89> java: /usr/bin/java /usr/bin/X11/java /usr/share/java /usr/share/man/man1/java.1.gz
<Hunt_e107> use this
<Hunt_e107> http://pastebin.com/yLTAucaV
<Hunt_e107> gooses89: use this link http://pastebin.com/yLTAucaV
<Hunt_e107> let me know.
<gooses89> trying it now.
<gooses89> Bash in the folder works, outside of it doesnt.
<Hunt_e107> execute it from outside folder and give me the output
<gooses89> It starts
<gooses89> but it cant find it's stuff
<gooses89> http://pastebin.com/ZkqZt3Hz
<Hunt_e107> are you trying to play DayZ? :)
<gooses89> No.
<gooses89> I'm trying Administer DayZ
<Hunt_e107> ok
<gooses89> I need it to run in the folder it exists in not the one root is running it out of.
<jrwren> you could try update-binfmts --install JAR /usr/bin/java --extension jar
<jrwren> then you migt be able to ./some.jar
<gooses89> nope./
<Hunt_e107> gooses89: just run /var/www/RoadW/DayZLogger/loggerstart.sh
<Hunt_e107> dont do .  /var/www/RoadW/DayZLogger/loggerstart.sh
<gooses89> "bash /var...."?
<gooses89> or just type it in.
<Hunt_e107> no just type it in
<gooses89> Same issue.
<Hunt_e107> this is more of Bash question
<Hunt_e107> get on #bash
<Hunt_e107> I know it's the path problem but im not sure what else is missing
<Hunt_e107> #bash channel people might be able to give you better answer than me
<gooses89> got it to work.
<gooses89> http://pastebin.com/xnzeTNzk
<Hunt_e107> lol its funny code but it works
<gooses89> just has to navigate to the folder
<gooses89> so it doesnt run in /
<Hunt_e107> looks like that jar is hardcoded to use the java from DayZlogger folder and not system java
<gooses89> It's hardcoded to access files in that folder.
<Hunt_e107> is there a java directory inside that folder?
<gooses89> Nothing to do with java imo based of of what i know.
<Hunt_e107> i disagree
<gooses89> its just a .jar and a .cfg
<Hunt_e107> yes and problem was with .cfg file
<gooses89> The program most liekly has code that just states /config.cfg
<gooses89> so
<gooses89> if the program is run outside of that folder
<gooses89> it cant find it
<gooses89> If the script doesn't have the cd command it tries to run it out of root.
<Hunt_e107> I see nothing wrong in what you have done.
<jrwren> that is not uncommon - a bash script which changes curdir and then invokes java
<atpa8a> hmm
<atpa8a> if an initscript emits an event, how can i reference it in an upstart job?..
<atpa8a> not freaking working...
<atpa8a> how can i debug upstart order without rebooting the box?..
<jrwren> atpa8a: if you find out, please let me know
<atpa8a> can i just change runlevels?..
<RaptorJesus> why for there no #ubuntu chat?
<bekks> Of course there is #ubuntu
<RaptorJesus> ohhh that's right I got banned
#ubuntu-server 2014-03-23
<lordievader> Good morning.
<clyfe> my apache does not serve any requests, I can't seem to debug it ..
<clyfe> trying to set a local development env
<clyfe> Error code: ERR_CONNECTION_REFUSED
<|usefedora> Hi, I changed my wlan0 to use a static IP by editing /etc/network/interfaces
<|usefedora> And now it's refusing to connect.
<|usefedora> Anyone have ideas on how to troubleshoot?
<ogra_> |usefedora, https://wiki.debian.org/WiFi/HowToUse#WPA-PSK_and_WPA2-PSK
<ogra_> see point 3
<ogra_> that should suffice
<|usefedora> ogra_: thanks, i'll have a look.
<|usefedora> ogra_: i'd been using http://www.thefanclub.co.za/how-to/how-add-wireless-lan-adaptor-static-ip-ubuntu-auto-connects-startup
<|usefedora> should i not use the hex encoded psk value that it says to?
<|usefedora> ogra_: any more ideas?
<ac500> help. my ubuntu server is churning file IO.
<ac500> i think i have malware
<ac500> iotop shows a process running "sendmail"
<ac500> "sendmail: MTA: ./somehexstring from queue
<ac500> and it just goes on like that indefinitely
<ac500> i killed it
<ac500> it came back in a few minutes
<ac500> im pretty new to linux servers but i cant figure out what i must have done wrong to get malware
<ac500> assuming this is malware
<ac500> i dont know what to do though to remove it
<ac500> i installed clamav and am going to try that
<ac500> mostly though im wondering if this is a known problem (sendmail spinning all day long churning file IO)
<ac500> because im new to linux and servers and it could be legitimate, but i cant figure out any legitmate reason to churn io and have "sendmail" running on a box i dont use mail on
<ac500> nobody?
<ac500> im seriously thinking of just reinstalling the os
<ac500> though i hope i can learn something form this
<ac500> from*
<bekks> tl;dr
<ac500> tldr: i think i have malware sending mail
<ac500> tldr ubuntu security sucks if you want to get quippey :P
<ac500> jk
<bekks> Can you please form a full support question on one line, and watch your language please?
<ac500> what language?
<bekks> Impolite language.
<ac500> like "tldr"?
<bekks> Like your opinion about ubuntu security.
<ac500> question: is theres something wrong when iptop shows a "sendmail" process running perpetually, when I have none of my own mail use on this box?
<bekks> No, there is nothing wrong. If your server is idleing so much that even sendmail makes it up to the top ten, then every is alright.
<ac500> the HD is churning heavily
<ac500> when i kill it the audible churn stops
<ac500> IO >90% from iotop
<ac500> iirc (ill check again when it starts up again)
<bekks> The check the sendmail logs whats going on.
<ac500> cat /var/log/mail.log | wc -l
<ac500> 594075
<ac500> is that normal?
<ac500> filled with stuff like:
<ac500> Mar 23 08:21:19 computebox sm-mta[10463]: s2K6l55T009136: Warning: program /usr/sbin/sensible-mda unsafe: No such file or directory Mar 23 08:21:19 computebox sm-mta[10463]: s2K6l55T009136: SYSERR(root): Cannot exec /usr/sbin/sensible-mda: No such file or directory Mar 23 08:21:19 computebox sm-mta[5310]: s2K6l55T009136: to=root, delay=3+08:28:41, xdelay=00:00:00, mailer=local, pri=43500000, dsn=4.0.0, stat=Operating system error
<ac500> .... and the disk noises have started up again
<bekks> Then check your sendmail installation. Note the "no suche file..." messages.
<ac500> hmm well its not 90% like i thought at least
<ac500> you might be right, its jsut 0.27% IO but still making ht disk churn audibly until i kill it
<ac500> i never installed sendmail myself unless i assume it comes with ubuntu server
<bekks> You'd better worry about the other 99.73% I/O.
<ac500> oh yeah
<ac500> it was some archive manager
<ac500> or something about dfile system archiving i think
<ac500> but yeah now that i killed it
<ac500> the 99% io is gone
<ac500> now that i killed the sendmail thing, that is
<ac500> it'll come back in a few minutes like it always does
<bekks> Can you please NOT use enter as a punctuation sign?
<bekks> Thank you.
<ac500> are there rules for chat for this channel i can read somewhere?
<bekks> https://wiki.ubuntu.com/IRC/Guidelines
<ac500> i see no mention of punctuation.
<bekks> And not using enter is just nettiquette, not a guideline.
<ac500> depends on who you're talking to.
<bekks> To make it pretty easy for you: if you want to continue talking with me, dont use enter as a punctuation sign. Thank you.
<ac500> i'd rather get my tech advise from someone who is mentally stable
<ac500> you may want to see your doctor about OCD or something of that sort
<bekks> ac500: Ignore set. Good luck.
<ac500> thanks you.
<ac500> :P
<ac500> wow i hope all of the ubuntu community isnt as abrasive and demanding (whining about punctuation, reacting with 'tldr' when nobody else is in the room, etc) as bekks
<ac500> im going to go try the centos forums even though thats a different distro, and maybe move over if they're more friendly
<ac500> i mean irc)
<shredding> I'm learning system administration and http://wiki.ubuntuusers.de/IP-Adresse_wechseln says that I can edit my ip address in  /etc/network/interfaces
<bekks> shredding: Yes, it does.
<ac500> i was able to do that
<ac500> its only on a local level though
<shredding> Did I misunderstood something fundamentally on the internet or can everyone just say: This is my ip address?
<ac500> (of course) so you cant change your public ip
<shredding> How do I know if it's already in use.
<ac500> no you cant do that
<ac500> thats up to your ISP
<bekks> shredding: you did misunderstand something fundamentally. :)
<ac500> the IP address you assign is just local to your home router / network
<shredding> That's what i thought ac500
<ac500> but this helps though
<ac500> so for example i set up a script that updates my DNS every 5 minutes to whatever my public IP is
<bekks> shredding: you have to use the IP adress(es) assigned to you by your internet provider.
<shredding> so, if i have a server, which network is meant there?
<ac500> then my router forwards the traffic to the static local IP i set for my linux box
<sheptard> shredding: there's also reserved ranges that are used for internal networks
<bekks> shredding: Ask your server provider.
<sheptard> shredding: You can use any of those to your hearts content
<shredding> Okay, so it's a private network on behalf of my server provider.
<bekks> No.
<sheptard> bekks: he might be nat'd you never know
<bekks> It is a public network which is devided into subnets which are administered by different providers.
<shredding> bekks: What is a public network?
<shredding> I'm referring to that network that hosts the ip in my  /etc/network/interfaces
<bekks> shredding: the opposite of the "private" network you mentioned seconds ago.
<bekks> shredding: You have to know which IP was assigned to you by your provider. This IP is to be setup in /etc/network/interfaces
<shredding> Okay, but the ip in  /etc/network/interfaces belongs to a private network.
<bekks> shredding: Where is that server located?
<shredding> it's not a specific server, I want to understand how it works.
<shredding> but for the sake of this discussion, say it's digitalocean
<shredding>  /etc/network/interfaces comes preconfigured there.
<bekks> Then ask digitalocean which IP they assigned to you.
<shredding> And that's the one in  /etc/network/interfaces?
<bekks> If it is located in your home LAN, then assign an IP from the network you are using.
<shredding> Okay, i come to understand: The ip in  /etc/network/interfaces is not the ip that connects to "the internet" (e.g. is publicly available) but to the network of my server provider.
<shredding> And that network is connected to an isp.
<shredding> Is that close to the truth?
<bekks> shredding: No.
<shredding> damn
<bekks> Far away actually.
<bekks> shredding: Since this is far beyond ubuntu support, and since you are reading german actually, you're better of in #ubuntu-de-offtopic
<shredding> k
<shredding> thanks
#ubuntu-server 2015-03-16
<umarzuki> hi, how do I make o2cb starts before /etc/fstab ?
<umarzuki> o2cb from ocfs2-tools
<umarzuki> in which file do I need to put mount command so ocfs partition mounted at the very last during boot after all services are up, especially ocfs and o2cb? /etc/fstab does not help
<lordievader> Good morning.
<rozzer> hi
<rozzer> my home dir indie user name not open automatically help of tab press
<rozzer> 	my home dir inside user name not open automatically help of tab press
<rozzer> like cd /home/rozzer this is not get the user name
<jamespage> squisher, rbasak: if you have a repo in the right format in github.com then I can just bare clone it over and drop the current one.
<dholbach> hiya
<dholbach> can somebody please review https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1395098? it's been sitting there for a while
<uvirtbot> Launchpad bug 1395098 in openldap "Please merge openldap 2.4.40-4 (main) from Debian unstable (main)" [Undecided,Confirmed]
<stemid> how do I refresh a partition size in ubuntu 14.04 when I have resized a virtual disk for a vm? without rebooting. I've tried partprobe /dev/sdc, partx -a /dev/sdc, for host in /sys/class/scsi_host/host?; do echo '- - - ' | sudo tee $host/scan; done but fdisk -l /dev/sdc still shows the old size. so far the only thing that refreshes the volume size is a reboot.
<stemid> huh I think I figured it out myself, since I haven't created a partition on the disk I just fdisk /dev/sdc and executed the write command. and then re-scanned the scsi_hosts.
<stemid> then it showed me the new size
<stemid> if I had a partition on the disk I would have had to delete the partition in fdisk and re-create it with the same starting offset.
<stemid> also TIL for host in /sys/class/scsi_disk/?\:*; do echo '1' | sudo tee $host/device/rescan; done. apparently my old way of echo '- - -' into /sys/class/scsi_host is obsolete.
<dholbach> smoser, can you take a look at https://code.launchpad.net/~niedbalski/ubuntu/vivid/curtin/fix-1263181/+merge/250163?
<ifjGery> hello, can someone help me with icmp redirect problem?
<ifjGery> i have a server, thet has two network connected to it, one is a local (A) that connects to the internet the other (B) is a subnet that in some point also connects to the internet
<ifjGery> A accepts any packet, B excludes packets that connects to the 443 port
<ifjGery> so sometimes the server will sends an icmp redirection to the B networks gateway
<ifjGery> the iptables is configured correctly
<ifjGery> and i allready disabled redirect accepting and sending
<ifjGery> but the server still sends those packets
<ifjGery> i tried this http://askubuntu.com/questions/118273/what-are-icmp-redirects-and-should-they-be-blocked
<ifjGery> also this sysctl -w net.ipv.conf.all.send_redirects=0 (and the accept one too)
<umarzuki> ifjGery: sysctl?
<ifjGery> yes, it worked for like an our or so (maybe i was lucky)
<umarzuki> ifjGery: not sure settings her ewould help -> http://blog.mattbrock.co.uk/hardening-the-security-on-ubuntu-server-14-04/
<ifjGery> seems like it may work, but now i get   procps stop/waiting
<ifjGery> is this normal?
<ifjGery> sorry for my noobish questions but i usually dont work with ubuntu servers
<umarzuki> ifjGery: me too lol. I just got myself in trouble with ocfs2 on ubuntu
<DzAirmaX> hi all
<DzAirmaX> can someone explain me what is the interest of upgrading manually the server kernel? for example, why upgrading to 3.19.1 ?
<OpenTokix> DzAirmaX: You want something that is in that kernel, a driver, a feature or so
<OpenTokix> DzAirmaX: if you do not need something specific to a newer kernel, dont bother.
<DzAirmaX> ok thank you
<ogra_> but you should care that you alsways have the latest version of your kernel regardless if you use the release kernel or the backported one
<ogra_> (... security fixes)
<Whitor> Hi All,   Having a Kernel panic during boot on a headless (cli only) Ubuntu server 10.04 ....  From a grub prompt I can see the HD's and an ls (ubuntu-root)/   shows vmlinuz.old and an initrd.img  (as well as an initrd.img.old...)   ls (hd0,1)/  shows a WHOLE BUNCH of vmcoreinfo-2.6......-server files as well as System.map-2.6....-server files.... Anyway, system won't boot... Help! what do I do???
<Whitor> System was hung but I could ssh into it... restarted, and Kernal Panic!
<Whitor> I suspect a borked up grub
<Whitor> but How can I fix / get this thing to boot in the meantime ?
<Whitor> from a grub CLI I can see my root fs in (ubuntu-root)
<Whitor> grub>  ls (ubuntu-root)/             shows the root files and folders of my system
<lordievader> Whitor: If you can see it loading the kernel and initramfs it ain't grub. Doesn't the stack trace give some clue?
<Whitor> lordievader, I don't see it loading the kernel... It panics right off the bat
<rberg_> you could try to edit the grub like to boot vmlinuz.old and initrd.img.old.. then repair grub or install a kernel
<rberg_> make that grub command line
<Whitor> lordievader,  If I boot a recovery instance... I can see a boot trace... it stops at VFS: cannnot open root device "mapper/ubuntu-root" or unknown block 0,0
<Whitor> rberg_, I'm at a grub cli right now
<Whitor> It says please append a correct "root="   boot option...
<Whitor> Anyone have a grub command to do so? I'm sure I could google... but this is a production machine and I'd like to get it up asap
<Whitor> I didn't think it was grub... just thought I could fix it in the Grub cli
<Whitor> or work around it.
<Whitor> rberg_,  how can I boot the vmlinuz.old ?
<rberg_> if grub2; then hit 'e' on a menu option edit the linux and initrd line then 'ctrl-x' to boot
<Whitor> er,   how can I boot the   (ubuntu-root)/vmlinuz.old ?      I do see vmlinuz and initrd.img  files present
<Whitor> rberg_, same eventual error unable to mount root fs on unknown-block(0,0)
<rberg_> if I were you I would boot up a rescue iso and mount everything up and have look
<Whitor> mmm... was hoping to point it to an older image and hopefully work around it that way...
<Whitor> but I've never used grub's cli before today
<Whitor> never had too :)
<Whitor> to
<jamespage> coreycb, I've dropped the pysaml2 dep for keystone for now
<jamespage> if it makes it for release MIR then all good - but we need to test...
<coreycb> jamespage, ok
<LeMike> damnit. vgdisplay shows me a volume group with 4TB but df says that only 2GB are there. how can that be?
<rberg_> df will be showing you the size of the filesystem on the LV
<LeMike> so I can extend to 4GB if I want, rberg_ ?
<rberg_> if there are "Free  PE" in the VG
<LeMike> yee. ~2 TB
<LeMike> thought it runs in some RAID or so and I can't extend it ^^
<LeMike> never did this. is it `vgextend`, rberg_ ?
<collizion> LeMike: What exactly are you trying to do?
<rberg_> hmm, I dont really feel comfortable helping with that!
 * koolhead17 waves
<rberg_> but if you have space in you VG you can use lvextend to expand the LV
<rberg_> then you need to also expand the filesystem ones the LV is expanded
<rberg_> once
<jrwren> LeMike: vgdisplay, pvdisplay and lvdisplay will give you a bigger picture.
<jrwren> LeMike: vgs, pvs, lvs for shorthand
<LeMike> sorry rberg_ . collizion I saw there are two 2TB hard disks in the server. so I started vgdisplay and it showed that those are listed in one volume group. I like to use this 2TB Free PE.
<collizion> LeMike: What does 'vgs' display for VFree?
<LeMike> 1,82 collizion
<collizion> LeMike: And you're wanting to use that free space to expand existing filesystems?
<collizion> LeMike: I'm restating this stuff to make sure I don't help you off a cliff. :P
<LeMike> thanks for that collizion :) yee. there are 2GB (in the LV?) and they are full. so I want to use the remaining 1,82t
<collizion> LeMike: Which LV is currently full?
<LeMike> the one using the VG "backup" with 1,82t free PE (saw this using `lvdisplay`)
<collizion> LeMike: That LV has a name, though. I need it. :)
<LeMike> oh. "/dev/backups/backups" collizion
<collizion> LeMike: The VG is already plenty large enough. It's the LV that's our problem.
<collizion> LeMike: So you've got a line that displays like so:   backups backups -wi-ao---   2.00g
<LeMike> yee collizion http://i.imgur.com/P5bI4X2.png
<collizion> LeMike: Okay, I think I get it. You want backups to be 3.64TB, instead of 1.82TB.
<LeMike> that's it collizion .
<collizion> LeMike: And what filesystem is /dev/backup/backups currently?
<LeMike> it is "xfs (rw,noatime)" collizion
<collizion> LeMike: lvextend -l +100%FREE backup/backups && xfs_growfs /dev/backup/backups
<collizion> LeMike: That will expand backups to take all free space remaining in its VG, and then expand the filesystem to make that space available.
<LeMike> yayyy collizion . 3,7T and 1,9T available. thank you very much for that! enough to let customers place more crap in their dirs ^^
<collizion> LeMike: Glad to help!
<coreycb> jamespage, there's a fix in nova icehouse using oslo.utils, and we don't carry utils in trusty. it's the first use of it in icehouse afaict.
<jamespage> coreycb, introduces a new dependency?
<LeMike> I always like to learn more about maintaining servers :) that helped. thanks
<coreycb> jamespage, yeah
<jamespage> coreycb, urgh - I'm surprised that got through the stable team
<coreycb> jamespage, yeah me too, was thinking about opening a bug
<jamespage> coreycb, +1
<collizion> My turn for a question. I've got an account on a server at a client that's showing up via 'getent passwd', but it's not in /etc/passwd. How can I determine where this account is defined, because there's obviously some remote account source in use.
<coreycb> jamespage, https://bugs.launchpad.net/nova/+bug/1432685
<uvirtbot> Launchpad bug 1432685 in nova "2014.1.4 introduces new dependency for oslo.utils" [Undecided,New]
<Pici> collizion: look at /etc/nsswitch.conf to see where else passwd can look
<coreycb> I'm going to revert the commit that introduced the dep
<collizion> Pici: only files and ldap, but nothing is configured for ldap on this system.
<coreycb> jamespage, it's commit 4b46a86f8a2af096e399df8518f8269f825684e0
<Pici> collizion: Are you sure?
<collizion> Pici: I want to say yes, but obviously I'm not sure, because the account is coming from somewhere. ldap is also defined in PAM.
<collizion> Pici: Found it.
<collizion> Pici: Thanks.
<Pici> collizion: np
<jamespage> coreycb, hmm - odd
<jamespage> coreycb, I'd probably hack out a patch to switch that to not using oslo.utils for units.Gi
<jamespage> its just a literal
<jamespage> coreycb, but that is a mistake - oslo.utils is not in the requirements list so must be pulled in by accident
<coreycb> jamespage, ok I'll look into the switch
<jamespage> coreycb, looks failry trivial s/units.Gi/XXX/g
<coreycb> jamespage, k
<lordievader> Whitor: Are you using lvm?
<Whitor> lordievader, I'm not sure. I'm taking over administration of this machine... I did not do the initial install
<Whitor> I'm pretty sure extX was used for a fs
<Whitor> not sure 3 or 4
<patdk-wk> tune2fs :)
<patdk-wk> blkid
<Whitor> it is virtualized.... making this a bit more difficult
<rbasak> niedbalski: around? I'm looking at https://code.launchpad.net/~niedbalski/uvtool/fixes-lp-1428674/+merge/251969
<Whitor> Should I use a 10.04 install CD (livecd) to fix this? or should I use a 14.04?     (the system running is a 10.04
<patdk-wk> define, virtual
<patdk-wk> exactly WHAT virtualization is being used?
<Whitor> virtual in my case refers to VMware  esxi.5.5
<patdk-wk> so virtual has nothing to do with it, moving on
<Whitor> it's been virtualized in this regard for years
<patdk-wk> sounds like you just selected the wrong partition for your root
<Whitor> yup... just makes it harder to get into the grub menu.... gotta have fast mouse and fingers
<patdk-wk> how does that have to do with anything?
<Whitor> patdk-wk, I didn't select anything... this happend after a reboot
<patdk-wk> it's just as *hard* *easy* on a real physical system
<patdk-wk> did I say you selected something?
<patdk-wk> oh, I didn't mean you exactly
<patdk-wk> but someone on that machine
<patdk-wk> something made a change and it's using the wrong filesystem for root
<lordievader> Whitor: Before an update things worked fine?
<patdk-wk> or it's just failing initrd
<Whitor> lordievader, I did not perform an update...
<Whitor> unless one occured automatically...
<Whitor> but, as stated, it's been running fine for years... literally. (you can see it's v 10.04 ..
<patdk-wk> not sur ewhat running fine for years has to do with anything
<patdk-wk> running fine for years != reboot
<patdk-wk> I have seen countless systems fail to reboot
<patdk-wk> cause admins keep changing things
<Whitor> mmm
<patdk-wk> and since no one ever reboots, those changes are never *tested*
<patdk-wk> against if reboots work or not
<lordievader> Guess I'm reading wrong.
<Whitor> patdk-wk, we agree here
<patdk-wk> I bet a screenshot is probably needed
<patdk-wk> you keep talking about grub and kernel and stuff
<patdk-wk> not sure what exactly is failing
<patdk-wk> it sounds like it is mounting /boot instead of / though
<Whitor> sounds about right.... if I boot with one of the recovery options so I can see the startup messages... one of the last ones reads Please append a correct "root=" boot option ; Here are the available partitions:                                           <=- nothing here !!!
<Whitor> grub>  ls (ubuntu-root)/             shows the root files and folders of my system
<Whitor> so I'm hopefull that all is not lost yet
<Whitor> :)
<patdk-wk> use the normal grub item
<patdk-wk> but edit it to delete the quiet and hmm options
<Whitor> patdk-wk, ok trying now
<patdk-wk> whatever normally comes after quiet
<patdk-wk> can't remember, I always remove it :)
<Whitor> Wow... took a bit to get the shift recognized.... this system boots very fast
<Whitor> I don't have anything after quiet ....   shall I proceed to boot?
<Whitor> ctrl-x
<Whitor> and quiet has been removed...
<Whitor> GRUB  also has         set root='(hd0,1)'    Should I adjust this?
<patdk-wk> what does the whole boot line say?
<patdk-wk> ah, splash
<patdk-wk> that is the other one I kill
<patdk-wk> that *should* be fine
<Whitor> there are 5 lines in the  edit boot options screen... you want them all?   or just the linux /vmlinuz-2.6.....    ?
<patdk-wk> na
<patdk-wk> just kill quiet and splash and boot it
<Whitor> ok, done... same message as before...  Please append a correct "root=" boot option
<patdk-wk> I can't see the screen
<Whitor> um,, ok ?
<Whitor> thats the error I get  ^^
<patdk-wk> that is the only line on the screen?
<Whitor> thast sthe last line before the kernel panic
<Whitor> VFS: Cannot open Root device "mapper/ubuntu-root" or unknown-block(0,0)       immedialy preceeds it
<patdk-wk> that is getting closer
<patdk-wk> I never said I cared about the last line, all the other lines tell you WHY the last line was printed
<patdk-wk> those are more important
<Whitor> there are 100's of messages that scroll by on startup (at least dozens)
<patdk-wk> yes, but it's a vm
<patdk-wk> it's simple to make a screen shot or video of it
<patdk-wk> that is why I asked for a screen shot
<patdk-wk> and not for you to type each one
<patdk-wk> unless you want to
<Whitor> ahh.... Missed the screenshot request
<Whitor> hold a sec, that makes more sense
<Whitor> patdk-wk, http://i.imgur.com/IJ2RuHU.png
<Whitor> yeah... thats a heck of a lot easier than re-keying :)
<patdk-wk> ok, so not too useful but the md info is interesting
<patdk-wk> hmm, two harddrives on that vm
<patdk-wk> that is odd
<Whitor> I agree
<patdk-wk> ok, so now we just need to boot into something that works
<patdk-wk> and figure out what they did :)
<patdk-wk> did they set it up as a raid? lvm? ...?
<patdk-wk> and figure out why inird can't find it
<patdk-wk> configured a mdraid, but forgot to add it, so it's not found at reboot?
<patdk-wk> mdraid on vm is odd, but seen lots of people do it
<rberg> can you get to the regular grub menu or just the recovery shell? I wonder because I am wondering if grub can find its additional stages..
<patdk-wk> it can
<patdk-wk> but recovery shell fails
<Whitor> I can get to a grub menu with a list of kernel options... I can also get into edit or cli from there
<Whitor> and yes... recovery fails the sanme
<rberg> ok cool, that eliminates a bunch of stuff
<patdk-wk> ya, it's purely a initrd issue
<rberg> can you boot init=/bin/bash ?
<patdk-wk> it can't find root
<patdk-wk> how could it run bash?
<rberg> ahh sure..
<Whitor> VM hardware at version 9 .... if that comes into play
<patdk-wk> nope
<rberg> can you boot from anythings else? like a iso and verify mapper/ubuntu-root still exists..
<Whitor> rberg, Yeah... I'm setting that up now... Is there a certain version that will work better than another in this case?    ...Should I use a 10.04 live CD or 12 or 14 ?
<Whitor> considering that the os is 10.04...
<patdk-wk> 10.04
<rberg> not sure if it really matters..
<patdk-wk> it will, if we have to fix something
<patdk-wk> don't want mixed repo's
<patdk-wk> to figure out what is wrong, it won't matter
<rberg> I would do the whole mount root / bind mount proc sys dev / chroot in and update-grub
<patdk-wk> ya, but we have to get that far
<patdk-wk> and hope the newer kernel is compat with that libc version
<patdk-wk> not stuff I want to play with :)
<rberg> and hope the mess up scripts that generate grub.cfg can sort it out!
<patdk-wk> grub.cfg isn't the problem
<rberg> I dont think any of that will matter for a chroot will it?
<patdk-wk> hopefully update-initrd
<patdk-wk> will fix it
<patdk-wk> heh? chroot? libc?
<patdk-wk> yes
<rberg> ohh right, I gotta get that out of my head
<Whitor> ~/cry
<Whitor> dling a 10.04 image   while looking for one on my internal Fileserver
<Whitor> Server vs desktop iso matter?    do we want a gui here?
<patdk-wk> well, server would boot faster
<patdk-wk> but no difference
<Whitor> this thing boots fully in like 7 seconds
<Whitor> It won't matter much
<Whitor> not a lot of seeds for 10.04 :)    should be down soon though
<Whitor> Booting 10.04   - used TRy ...
<Whitor> At desktop ....
<Whitor> What can I do ??
<Whitor> I see both of my HDD's ... one 255MB (boot?) partition ... and a 74GB data partition
<Whitor> patdk-wk,  ^^
<Whitor> also lordievader
<patdk-wk> get to command line
<patdk-wk> and run blkid
<Whitor> doing ...     Blkid returns nothing
<Whitor> blkid
<patdk-wk> heh?
<Whitor> yeah
<patdk-wk> are you root?
<Whitor> let me sudo it... I'm in the live cd
<Whitor> yeah...
<Whitor> now we've got stuff
<Whitor> sda = ext2    sdb = LVM2_member
<Whitor> both have unique UUID's
<Whitor> and would be a pita to re-key :)
<Whitor> /dev/loop0: Type=Squashfs               then          /dev/sda1:   UUID="long unique ID" TYPE="ext2"          then /dev/sdb1: UUID="another long unique ID" Type="LVM2_member"
<Whitor> then returned to a shell prompt
<Whitor> So, what can I do with this blkid stuff ?
<patdk-wk> what about pvs and vgs?
<patdk-wk> well, it's saying your root is on sdb or sdb1
<patdk-wk> strange it shows both of them
<Whitor> I don't see those other things
<patdk-wk> did you type them in?
<Whitor> oh, let me try
<Whitor> are those commands?   they arn't recognized if they are
<Whitor> sudo blkid gives me what I keyed in ^^
<patdk-wk> so you need to install the lvm package
<Whitor> I'm running the live image
<Whitor> is that ok here?
<patdk-wk> apt-get install lvm2
<patdk-wk> yes
<Whitor> sure... one sec
<Whitor> ok...  let me post a screen cap.   I've got output on those cmds now
<Whitor> http://i.imgur.com/M4bBraz.png
<Whitor> patdk-wk, ^
<RoyK> Whitor: lvs, then
<Whitor> ok..  so any suggestion on what I can do?
<patdk-wk> hmm
<patdk-wk> that makes sense
<patdk-wk> now we need to set it all up I guess
<patdk-wk> fun fun fun
<patdk-wk> mount /dev/mapper/ubuntu-root /mnt
<patdk-wk> mount /dev/sda1 /mnt/boot
<Whitor> ok... the first one didn't take ... Mount: Special device /dev/mapper/ubuntu-root does not exist
<Whitor> Am doing these with sudo btw
<RoyK> Whitor: what does 'lvs' have to say?
<Whitor> Under LV I've got Root and Swap_1 on separeate lines
<RoyK> mount /dev/ubuntu/Root /mnt
<RoyK> or /dev/mapper/ubuntu-Root if you like - it's the same thing
<patdk-wk> oh? it's uppercase?
<Whitor> no ... sry
<Whitor> lowercase
<RoyK> Whitor: ls /dev/ubuntu
<Whitor> In /dev/mapper I only have one dir...   control
<patdk-wk> someone offlined it?
<Whitor> shrug
<patdk-wk> lvs -a y ubuntu/root
<patdk-wk> lvchange -a y
<patdk-wk> heh
<RoyK> patdk-wk: I've seen LVs come up offline with live boot of ubuntu
<Whitor> sudo lvchange -a y     returns: Please give logical volume paths
<lordievader> Whitor: sudo lvchange -ay ubuntu
<patdk-wk> lvchange -a y ubuntu/root
<Whitor> that took!
<patdk-wk> unmount /dev/sda1
<patdk-wk> mount /dev/mapper/ubuntu-root /mnt
<patdk-wk> mount /dev/sda1 /mnt/boot
<Whitor> umount ?
<patdk-wk> well, you said the second one worked
<patdk-wk> or well, only the first one errored
<patdk-wk> though both should have
<Whitor> got it... doing ...
<Whitor> ok... all of them took
<Whitor> Making progress?!!
<Whitor> good lord, I'm going to owe each of you a pizza or something
<RoyK> :)
<patdk-wk> mount -o bind /dev /mnt/dev
<patdk-wk> mount -o bind /sys /mnt/sys
<patdk-wk> mount -o bind /proc /mnt/proc
<Whitor> all three of those commans worked... I just change unmount to umount ...
<patdk-wk> mount -o bind /dev/pts /mnt/dev/pts
<Whitor> doing the mount -o now
<patdk-wk> oh ya, my typoe :)
<patdk-wk> think that is all we need
<patdk-wk> chroot /mnt
<RoyK> patdk-wk: you could probably have just chrooted after the initial mounts and then just ran a mount -a
<patdk-wk> dunno :)
<Whitor> on the last one ... pts ... I got Mount: special device /pts does not exist
<patdk-wk> probably won't matter
<Whitor> ok... so chroot /mnt now ?
<RoyK> Whitor: not /pts, /mnt/dev/pts
<lordievader> Is /dev (r)bind mounted?
<patdk-wk> mount -o bind /dev/pts /mnt/dev/pts
<Whitor> oh shiznit ... my turn for the typo
<patdk-wk> royk, no, wouldn't work, might if you atleast do /dev though
<Whitor> patdk-wk, yeah when I typed it properly ... it took :)
<RoyK> patdk-wk: worked last I tried
<patdk-wk> heh
<patdk-wk> might be fixed up, it didn't used to
<patdk-wk> but then, that was probably as far back as 7.04
<RoyK> some time ago ;)
<patdk-wk> if the old way isn't broken? why bother learning? :)
<Whitor> ok.... so just did sudo chroot /mnt    ..... It took... What next?
<patdk-wk> hmm
<patdk-wk> cat /etc/fstab
<patdk-wk> maybe also cat /etc/defaults/grub, too
<RoyK> !pastebin
<Whitor> my prompt changed to root@ubuntu:/#
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<RoyK> Whitor: that's correct
<patdk-wk> likeky, I'm thinking, update-initramfs -u -k all, and update-grub, will fix it up
<patdk-wk> but jus twant to check a few things first
<patdk-wk> oh, and df -h
<patdk-wk> hopefully not out of diskspace on /boot
<Whitor> btw, it looks like /dev/sda1 is FULL!    Doing a pastebin of my current terminal .... hold a sec
<patdk-wk> oh, you are :)
<rberg> I bet that was your problem all along.. the initrd was truncated
<Whitor2> http://i.imgur.com/h8Vyz1O.jpg
<Whitor> Thats me from my other box .... cant cut and paste into a pastebin as I am in a vm
<patdk-wk> ok, so looks like we are probably just fine
<Whitor> but you'll see the text in question there
<patdk-wk> can you do a ls /boot/
<Whitor2> here is /default/grub   :http://imgur.com/3ejn2Bq
<Whitor> ls /boot/  gives a whole bunch of initrd and vmlinuz files
<patdk-wk> yep
<Whitor> I suppose this is good ?
<patdk-wk> well, I want to know exactly what ones
<patdk-wk> so I can tell you want ones to *delete* :)
<Whitor2> http://imgur.com/D3hAll6
<Whitor> Thats most of them...     I can take two screen caps if we need to see them all
<patdk-wk> apt-get remove linux.*2.6.32-[45].*
<RoyK> 19 kernels installed :D
<patdk-wk> that is what auto-updates are for :)
<Whitor2> http://imgur.com/qsKF0tS
<Whitor> a whole bunch of stuff scrolled by finishing with ^^
<patdk-wk> heh, your just kindof screwed
<patdk-wk> hmm
<Whitor> what!
<patdk-wk> rm /boot/initrd.img-2.6.32-4*
<patdk-wk> rm /boot/initrd.img-2.6.32-5*
<patdk-wk> actually
<patdk-wk> rm /boot/*-2.6.32-4*
<patdk-wk> should do a nicer job
<patdk-wk> apt is failing
<patdk-wk> cause the previous auto-updates failed
<patdk-wk> cause you are out of diskspace
<patdk-wk> so we can't just cleanly uninstall
<patdk-wk> till we make room
<patdk-wk> for that install to finish
<patdk-wk> after those files are killed
<teward> patdk-wk: stupid observation: enter is not punctuation?
<patdk-wk> no, it is formatting :)
<teward> you know what i meant :P
<RoyK> patdk-wk: it'd probably be better to truncate those instead of removing them
<RoyK> patdk-wk: apt-get remove usually fails if those files aren't there
<patdk-wk> doesn't really make any difference I have found
<patdk-wk> then you can do, apt-get -f install
<patdk-wk> and let that update finish up
<Whitor> ok.... /dev/sda1      (mounted on \boot)   is now at 30%
<Whitor> er /boot ^^
<RoyK> Whitor: /boot, not \boot ;)
<Whitor> :)
<Whitor> so now that I've got some free space ...  what can I do?
<patdk-wk> then you can do, apt-get -f install
<Whitor> ok... getting....
<Whitor> ok... it's running through lots of stuff...
<patdk-wk> yep
<RoyK> whee
<Whitor> done!
<Whitor> posting screen cap ... one sec!
<patdk-wk> no point
<patdk-wk> update-initrd -u -k all
<patdk-wk> update-grub
<patdk-wk> just to clean up the mess
<Whitor2> http://imgur.com/ftQeccx
<Whitor> just wanted you to see the fruits of your labor
<sarnold> haha :)
<sarnold> a plain # never looked so good..
<patdk-wk> but it is *still* untested :)
<Whitor> update-initrd: command not found
<patdk-wk> we are what? 3 side-issues down now? :)
<patdk-wk> or well, the *main* issue was 3 sideeffects from the real issue
<patdk-wk> update-initramfs -u -k all
<Whitor> ok... that took ... doing
<Whitor> Generating  /boot/lots of initrd.img's
<patdk-wk> yep
<Whitor> starting at 73 and moving back .... at 43 now
<Whitor> damn it !
<patdk-wk> oh? it recreates those too< no problem
<Whitor> no space !
<Whitor> it filled!
<patdk-wk> ya, doesn't matter now though
<patdk-wk> rm /boot/*-2.6.32-4*
<patdk-wk> it fixed the *recent* ones though first
<patdk-wk> so you should be fine for a reboot in a moment
<patdk-wk> update-grub
<Whitor> ok...    updating grub
<Whitor> done
<patdk-wk> now time to reboot
<Whitor> and pray
<Whitor> really?   shall I shutdown -r ?
<patdk-wk> probably
<patdk-wk> exit
<patdk-wk> then shutdonw the vm
<patdk-wk> remove that ubuntu iso image
<patdk-wk> then boot it up
 * patdk-wk notes the massive use of the enterkey
<Whitor> yup... doing
<patdk-wk> run this, after it comes back up, apt-get remove linux.*2.6.32-[45].*
<Whitor> cry.   I am a grateful man.   This was trying to work through. I am indebted
<Whitor> however can I re-pay ?
<ObrienDave> you pay back by helping others
<Whitor> tearing through lots of files after that apt-get remove
<Whitor> ObrienDave, I do that over in #cisco    I hope it all comes around for that which goes around
<Whitor> Seriously. I am extremely happy.   I will pour over what we did (thank you IRC logs)  and study
<patdk-wk> well, most of what we did, was just to setup the system so we could figure out what was going on
<RoyK> Whitor: then just apt-get remove those old kernels
<patdk-wk> what went on was, lack of notification of disk full, and auto-updates contining to run
<patdk-wk> it would be more interesting to file a bug, or see if one already exists for this
<lordievader> And bad luck, don't forget the bad luck ;)
<RoyK> lordievader: no such thing
<patdk-wk> as partial installed kernels failing on diskspace should hopefully not be added to grub
<lordievader> RoyK: All problems have to do with badluck and where the moon is at that point in time :P
<RoyK> lordievader: and how much beer you drank that night :P
<Whitor> patdk-wk, yeah... the hardest part is figuring out precisely what is wrong...   'What is happening' is just the effect. It's the cause that holds the real value
<Whitor> RoyK, yup!
<Whitor> good lord! who set a 255 MB drive as the boot drive?
<Whitor> that will fill quickly
<Whitor> I like lordievader last response
<lordievader> Or coffee you haven't had :P
<patdk-wk> it's *generally* enough :)
 * genii 's ears perk up at the mention of coffee, then he goes back to work
<RoyK> Whitor: just monitor your filesystems
<Whitor> Yeah... I've been neglecting my coffee...
<Whitor> RoyK, you bet!
<Whitor> I'm hardwired... going to fall off when I move to wireless...
<Whitor> ok... think I'm back
<Whitor> whitor2 signing off
<delinquentme> So with multiple applications running on a server... what is the easiest way I can totally AVOID having to configure CORS ?
<delinquentme> right now I've got a number of applications GETing and POSTing across each other on this EC2 instance ... and I see no reason the APIs , internal to THAT machine, need to be opened up w CORS .
<Pwnna> so i have two upstart jobs that `start on starting runsvdir`, but when i put `status runsvdir` in the pre-start script of the two jobs, it shows that runsvdir is already running.
<delinquentme> Since they are running on different ports, they are different domains. It doesn't matter that they are on the same machine/hostname.
<delinquentme>  ??? This is the case??
<Whitor> Thanks a LOT again lordievader patdk-wk  RoyK  ... et al!
#ubuntu-server 2015-03-17
<orion> Hi. My ubuntu server is currently experiencing extremely high load. ksoftirqd/0 is using a lot of CPU time. I am running nginx + php-fpm on 14.04.
<orion> What things can I do to better diagnose the issue?
<lordievader> Good morning.
<tmontney> I'm having trouble booting ubuntu 14.04 server.
<tmontney> It is using a resolution none of my monitors can display.
<tmontney> I just did an install, rebooted, and gets stuck immediately after POST.
<lordievader> tmontney: Does it actually get stuck, or does it continue but you cannot see it continue?
<tmontney> I see HDD activity, so I assume it's loading.
<tmontney> However I cannot see anything due to incorrect/out of range resolution.
<lordievader> tmontney: Do you set a resolution in grub?
<tmontney> I didn't set any resolution. I cannot see anything past POST.
<tmontney> I pretty much did a standard installation, rebooted, and got the out of range display error from my monitor.
<tmontney> I tried a few monitors capable of 1024x768 to 1920x1080.
<lordievader> Hmm, what resolutions does your monitor support?
<tmontney> None of them could display.
<lordievader> That is odd...
<lordievader> How are they connected?
<tmontney> VGA
<tmontney> integrated graphics
<tmontney> pc is from 2003
<lordievader> Very odd indeed. The live-cd/install-cd/usb worked without trouble?
<tmontney> Yeah, no problem there.
<tmontney> did it from usb, used the latest 14.04 LTS server install
<tmontney> Is there a config file I can edit?
<tmontney> I can pull the HDD out, connect it via an IDE NAS I have.
<tmontney> connect it to another PC I mean*
<tmontney> unless the problem runs deeper than simply trying the wrong resolution
<lordievader> You'd think that if it fails detecting the resolution it would take a resolution ~any monitor can display.
<tmontney> Yeah, that's what I was expecting.
<tmontney> I was hoping there was a key combination that would force a resolution safe mode.
<tmontney> A common resolution almost any monitor can support, like 640x480 or 800x600.
<lordievader> Can you ssh into the box?
<tmontney> Sadly I didn't add anything to the install.
<tmontney> It's going to be for diskless workstations.
<tmontney> All I needed was DHCP and TFTP according to a howto.
<lordievader> tmontney: So you have an image somewhere?
<tmontney> Perhaps I should install a lower server version considering the age of the pc?
<tmontney> an image of what
<tmontney> the server install?
<lordievader> chroot into there, set up ssh, reboot client.
<tmontney> How do I chroot?
<lordievader> You are doing a netboot right?
<tmontney> Yeah, diskless workstations will get the image from my server.
<lordievader> Ah wait, this is going to be the server providing the image? *is not awake*
<tmontney> Correct.
<tmontney> Perhaps the best thing would be to reinstall but with ssh?
<lordievader> And it doesn't do ssh?
<lordievader> It probably does ssh, have you tried?
<tmontney> Only because I didn't add anything to the install. I was going to do it later.
<tmontney> But it seems now ssh is always a good idea in case of local access issues.
<tmontney> Oh
<tmontney> I haven't actually tried it.
<tmontney> I assumed you had to specify it on install.
<lordievader> Perhaps you have to, but I wouldn't be surprised if it is there by default.
<tmontney> Odd, it's not even showing up on the network.
<lordievader> Hmm, the installation did complete sucessfuly?
<tmontney> Never mind, it's there but says connection refused.
<lordievader> Hmm, too bad...
<tmontney> I'll reinstall.
<lordievader> tmontney: You'd want to read this: http://askubuntu.com/questions/299975/proper-way-to-change-terminal-resolution-in-ubuntu-server-13-04
<tmontney> So I could connect the HDD to another PC, edit the file, and we're good?
<lordievader> tmontney: If you then also chroot and run 'sudo update-grub2', yes.
<tmontney> still nothing
<tmontney> edited /etc/default/grub to GRUB_CMDLINE_LINUX_DEFAULT="splash vga=768"
<tmontney> originally it was set to "quiet splash" no vga tag presnet
<tmontney> present*
<tmontney> I'm tired. I'm just gonna reinstall with SSH.
<tmontney> Thanks for your help anyway.
<tmontney> I appreciate it.
<zermanno> Hi, i am trying to build a router with ubuntu server. Do you know where can i buy a pci express adsl modem that is supported by ubuntu?
<RoyK> zermanno: I guess I'd rather use a standard DSL modem in bridge mode
<RoyK> less hassle when you need to upgrade
<rbasak> Yeah. Also the first thing you'll want to do when you have ADSL issues is to try a different modem. Much pain with PCI.
<zermanno> Ok thanks all
<zermanno> Do you know of any resources for this kind of job apart from lartc.org?
<zermanno> I mean docs, guides ecc
<RoyK> zermanno: imho lartc.org is for the rather advanced stuff - what do you need?
<zermanno> RoyK, Yes its more a hobby project for home, i'd like to try stuff, i have a phd in tlc eng i can handle advanced stuff. I am looking for hints of what people to in real life to take ideas.
<RoyK> well, start out at http://www.kintona.com/ip-forwarding-and-masquerading-in-linux/ and add the fun stuff later ;)
<zermanno> RoyK, thanks!
<rbasak> melmoth: thank you!
<melmoth> no problemo :)
<samba35> is it possible to use cpu passthrouth with kvm like pci ethernet card passthrougth using 14.04.2
<lordievader> Cpu passthrough sounds like a bad idea, even if it was possible.
<patdk-wk> hmm, if your using kvm, is it basically cpu passthough
<patdk-wk> if you need something like a dedicated cpu per kvm
<patdk-wk> then you use cpu pinning
<lordievader> It is still shared with the host, I'd say.
<patdk-wk> heh?
<patdk-wk> if it's pinned? no
<patdk-wk> if it is still shared, you didn't pin the host
<lordievader> So it is not really passthrough.
<patdk-wk> heh?
<patdk-wk> kvm always runs in passthough cpu mode
<lordievader> Am I seeing things wrong?
<patdk-wk> it's just not sticky
<patdk-wk> pinning makes it sticky
<patdk-wk> if you mean, you want to use a raw un-initialized cpu, no that won't work
<lordievader> I see passthrough as the vm has exclusive rights to the device. The host cannot use it anymore.
<patdk-wk> but the way kvm has always, and only works, is by using the virtualization features of the cpu, to do it's form of passthough mode
<lordievader> Ah, in that sense.
<patdk-wk> that is true
<patdk-wk> till but even in passthough mode, the host can interrupt it
<patdk-wk> and reassign it
<patdk-wk> or evne use it if it wants
<patdk-wk> it just has to *interrupt* the current user
<lordievader> Ah, check.
<patdk-wk> for cpu, that means the vm sleeps
<patdk-wk> for pci, that normally means the vm is shutdown
<patdk-wk> unless your using sr-iov
<patdk-wk> since then pci passthough using sr-iov is *virtualization* friendly
<patdk-wk> more like cpu's
<patdk-wk> if pci devices supported a saved state, like cpu, it would be much more clean
<patdk-wk> and you could even support live migration
<lordievader> Whoo, fancy.
<samba35> ok thanks , i will be right back make some chanes
<Sling> how does iptables-persistent and fail2ban cooperate? should I stop fail2ban before I save my iptables-persistent rules?
<Sling> to avoid getting multiple fail2ban chains
<jpds> Do you even need fail2ban?
<samba35> sorry , i just rebooted to check wheter it work but ot seems still i see vcpu /qemu
<samba35> i tryed to used pinning form vrt-manger
<Sling> jpds: well, need, I like to have it on all public facing ssh boxes
<Sling> even though they don't allow password auth etc
<jpds> Sling: I just enabled SSH keys, and have iptables rate-limit new connections.
<Sling> saves some log pollution and annoyances
<Sling> well this is effectively also a rate-limit :)
<lordievader> samba35: What is the output of 'virsh vcpuinfo <domain>'?
<samba35> pls wait
<jpds> Sling: Built-into iptables itself. :)
<samba35> vcpu 0 1 and running
<samba35> cpu affinity  is yyyy
<lordievader> samba35: Could you pastebin the full output?
<lordievader> samba35: You are not pinning them.
<samba35> sorry i have internt on guest that is centos7
<samba35> host is 14.04.2
<lordievader> samba35: 'virsh vcpupin <domain>' shows the pinning in more detail.
<samba35> ok pls wait let me see i can use ssh
<samba35> 0 is 0-3 and 1 is 0-3
<lordievader> Yeah, that means the vcpu's can run anywhere.
<samba35> can you pls telll me what  i should use to configure cpu /virt-manger ?
<samba35> while makeing changes do i have to turn off guest ?
<samba35> or i can reboot guest after makeing changes
<lordievader> samba35: Issue 'virsh vcpupin --help' ;)
<lordievader> samba35: You can make changes live, but they will not be saved in the config.
<lordievader> So next shutdown -> boot they will be gone.
<samba35> ic then what i suppose to do
<samba35> in face i make changes with virsh edit domain
<samba35> can you pls tel me persistent solution
<lordievader> samba35: I have a '<vcpu placement='static' cpuset='1,3' current='1'>2</vcpu>' in my xml definitions. This specifies that there may be a max of 2 vcpu's, at boot 1 is enabled. And the vcpu threads may run on cpu 1 and 3.
<samba35> so you mean to say i have to edit with virsh and add cpuset=1,3
<samba35> did you configure it by hand or by any tool
<lordievader> samba35: Depends on my mood, usually by hand.
<samba35> ok
<samba35> let me try
<samba35> if you dont mind can you pls post some line from you xml file for the guest
<lordievader> samba35: http://paste.ubuntu.com/10615859/
<samba35> this command from redhat will this work virsh vcpupin rhel6u4 1 2
<samba35> ok
<samba35> thanks
<samba35> i will be back after reboot
<samba35> thanks
<samba35> lordievader: thanks
<samba35> lordievader: that worked
<samba35> thanks ,but i think i should use the how it was becase it was constantly using 2 cpu and it might matter to other guest
<samba35> lordievader: btw how many phyiscal core cpu youi are using and which cpu you are using ,this is just to understand my knowlege ,i am using core 2 quard cpu
<lordievader> An AMD Opteron something, something.
<samba35> ok
<samba35> cat /proc/cpuinfo
<caribou> hallyn_: looks like you are chairing the meeting today : I will not be able to attend
<lordievader> samba35: I know, but I was being lazy.
<samba35> :)
<lordievader> samba35: I also run KVM on an i7 but without pinning as it doesn't have multiple NUMA cells (it's a laptop ;) )
<samba35> ok
<RoyK> A laptop with NUMA would have been cool :)
<lordievader> Jup :)
<patdk-wk> cool?
<patdk-wk> that sounds like a royal pain
<JediMaster> hi all, is it possible to get logrotate to only delete files older than a certain age? I know it can be done easily with find, but I have a lot of requirements for rotating logs so would like to keep it all together
<jpds> JediMaster: Don't you just change the 'rotate' integer?
<JediMaster> jpds, I don't want to rotate the files, the logs in this directory are one-off logs each time a program is run
<JediMaster> so I just want to delete the old ones
<jpds> JediMaster: Then just use find with -mtime.
<JediMaster> so I've got a really simple config: /path/to/files/* { daily maxage 7 }
<JediMaster> jpds, read the above =)
<JediMaster> I want to keep all log management within logrotate config files so they're not splintered into cron scripts etc.
<jpds> For one off logs, I don't bother with logrotate personally.
<jpds> Well, not quite, I use the 'savelog' command.
<JediMaster> sure, but there just so many different requirements for different logs I've been given it'll be a headache putting it in different places
<JediMaster> when I run logrotate with the above config file (split over several lines) it just returns back to the command line with no output and no effect
<JediMaster> ahhh
<JediMaster> in the man page for maxage "The age is only checked if the logfile is to be rotated"
<rostam> hi how would i know my ubuntu 14.04 box is at which update release, i.e. 1 or 2? thx
<RoyK> lsb_release -a
<rostam> RoyK, thanks it says 14.04 there is no update 1 or 2 beside it, I thought apt-get -u upgrade will upgrade it to the latest 14.04 update 2 ?
<sarnold> rostam: the only difference is which kernel and x11 is installed, see https://wiki.ubuntu.com/TrustyTahr/ReleaseNotes#LTS_Hardware_Enablement_Stack
<RoyK> rostam: http://paste.ubuntu.com/10616821/
<rostam> sarnold,  where do I get security upgrade, there has been some changes to bash. Thanks
<RoyK> gues you get those from a normal apt-get upgrade
<RoyK> s/gues/guess/
<sarnold> rostam: apt-get update && apt-get -u dist-upgrade
<RoyK> I usually just do a dist-upgrade
<rostam> sarnold, RoyK  I do not want to  upgrade the kernel. would dist-upgrade upgrade the kernel ? thx
<RoyK> rostam: IIRC the kernel won't be upgraded by dist-upgrade, and that shouldn't be needed either unless you need some bleeding edge drivers or new stuff
<sarnold> rostam: you won't get the new kernel unless you go to some effort to install it
<RoyK> 'some effort' being an apt-get install :P
<RoyK> but if you don't know which part of the new stuff you need, well, you don't need a new kernel
<rostam> sarnold, RoyK it seems it tries to install the kernel: http://paste.ubuntu.com/10616853/
<RoyK> ok
<RoyK> go on
<rostam> RoyK I do not want to install new kernel, since it will break some of the kernel modules we have developed. The kernel modules have kernel version stamped in them and that will break with new kernel.
<patdk-wk> rostam, heh?
<patdk-wk> how did you deploy them?
<patdk-wk> you didn't use dkms?
<rostam> patdk-wk,  we use insmod command.
<sarnold> rostam: those are standard security updates. you want those. note the version 3.13.0-46.79 here: https://launchpad.net/ubuntu/+source/linux
<RoyK> what sort of modules?
<patdk-wk> insmod doesn't make kernel modules
<patdk-wk> it loads them
<sarnold> rostam: whatever mechanism you have in place really needs to be able to handle security updates.
<rostam> patdk-wk,  we create .ko files and install them during system boot. They are image capture and audio devices.
<patdk-wk> yes, how do you make the .ko files?
<patdk-wk> you should be using dkms to create your .ko files
<rostam> patch-wk in our build infrastrucrure we have a custom build, it points to a kernel and header version installed on the host system.
<rostam> sarnold, thanks I will see how to include those security patches.
<RoyK> that's what dkms is for
<patdk-wk> dkms does all of that for you
<rostam> patdk-wk, RoyK  my understanding from dkms is the kernel gets compiled on installed system, not sure, if there are any references I greatly appreciate. thanks
<patdk-wk> yes it will
<patdk-wk> it will build against the kernel installed on that system
<patdk-wk> the only other way you could do it, it would be kindof evil
<patdk-wk> build a binary package for it
<rostam> patdk-wk, does this means I have to have the kernel source on that system also?
<patdk-wk> and *depend* on specific kernel versions
<patdk-wk> then update it as new security patched kernels come out
<patdk-wk> no, kernel headers only
<rostam> patdk-wk,  are there any document please, I just did some googling did not find much on dkms Thanks
<patdk-wk> https://help.ubuntu.com/community/Kernel/DkmsDriverPackage
<rostam> patdk-wk,  thank you so much.
<RoyK> https://en.wikipedia.org/wiki/Dynamic_Kernel_Module_Support
<patdk-wk> I know it works, done several
<rostam> patdk-wk, RoyK thanks I start reading about it. My only concern is we can not have the source code on the system, and it would be interested to find out how dmks will compile the kernel module without source code.
<RoyK> rostam: obviously, it can't
<RoyK> rostam: out of interest, why can't you have the source code on the system?
<RoyK> rostam: ?
<rostam> RoyK, sorry took a while I have to be in the lab. Well we do not want anyone to access the source code it reveal some of our internal intellectual property.
<RoyK> rostam: what sort of servers do you use this on?
<rostam> RoyK the servers are PCIe off the self product. We buy them from various vendors.
<RoyK> rostam: just wondering - if they're for use inhouse, why are you scared about the code?
<patdk-wk> well, you have to rethink how you do it
<patdk-wk> have to make a lib that has your code in it
<patdk-wk> then *compile* the kernel wrapper around it
<rostam> RoyK, They are sold to Enterprise customers. We can update the images but we do not want the customer access our source code.
<RoyK> rostam: that's a breach of GPLv2
<rostam> patdk-wk, I agree we need to rethink on this, kernel wrapper ??
<RoyK> rostam: if you sell a system with custom kernel code to a customer, that customer must have access to the code
<rostam> RoyK, our legal department has advise as long as we are not GPLv3 we do not have to release the source code.
<sarnold> nvidia has something similar but since they derived their linux drivers from their windows drivers they are (begrgudguingly?) allowed to not be a derivative work of the kernel..
<RoyK> rostam: they are wrong. Cisco lost a case to FSF about the exact same thing
<RoyK> rostam: and Linux is GPLv2, so you won't get around that
<rostam> RoyK I will defintely recheck this.
<RoyK> do that
<rostam> sarnold, RoyK, patdk-wk  thank you so much for all your advise.
<RoyK> cisco isn't a small company, but they lost this https://en.wikipedia.org/wiki/Free_Software_Foundation,_Inc._v._Cisco_Systems,_Inc.
<rostam> RoyK thanks for link I will forward it to our legal department
<RoyK> rostam: do that - I don't like people breaking GPL
<rostam> RoyK sure
<patdk-wk> I forget where the legal bouneries lie, and won't go there
<RoyK> patdk-wk: well, in GPLv2 it's quite simple, if you distribute a compiled driver or something else that links to GPL, you have to distribute the code
<patdk-wk> ah, then you just need to use userspace callbacks to get around the issue
<RoyK> patdk-wk: indeed, if you can do that
<RoyK> patdk-wk: or do as graphics cards makers do - create a blob and distribute it with the source doing the linking
<RoyK> patdk-wk: but most normal drivers are just easy things that should be open
<RoyK> patdk-wk: do you remember the Intel driver by Becker? It sucked at some things and Intel did the only right thing - they opensourced their drivers
<patdk-wk> don't remember
<RoyK> well, Intel was one of the first to write drivers for Linux directly, in OSS
<RoyK> and to start talking to the kernel guys
<RoyK> instead of keeping the cards close at hand and refusing access to any docs without a mile long NDA
<patdk-wk> video? or other?
<patdk-wk> my experience with intel linux drivers hasn't been good
<RoyK> not sure about video - think they're open on that too
<patdk-wk> from endless intel graphics and wifi problems
<RoyK> but it all started with that e100 card
<patdk-wk> issues too with network, but those are more rare atleast
<RoyK> broadcom didn't learn from that :P
<patdk-wk> broadcom is horrible
<RoyK> AFAIK their hardware is ok
<RoyK> but reverse-engineered drivers aren't
<patdk-wk> not so sure of that :)
<zkvvoob> Hi all. I'm getting some strange ERROR 500 when I activate a Wordpress plugin called BuddyPress. However, the error does not appear in Apache's error.log. Could anyone help me troubleshoot this issue?
<thumpba_> im getting an error when rebooting an instance in openstack "error: unknown filesystem entering rescue mode, grub rescue" im using a uefi image
#ubuntu-server 2015-03-18
<lordievader> Good morning.
<Blinkiz> Hello. in file /etc/rsyslog.conf we have $ActionFileDefaultTemplate variable that should be commented out if wanting high precision timestamps. I do not want to touch /etc/rsyslog.conf file but instead add my own file /etc/rsyslog.d/timestamp.conf with "$ActionFileDefaultTemplate RSYSLOG_FileFormat". Problem is that this does not work, why?
<hariom> Hi, I have enabled password for default aws user by modifing /etc/sudoers.d/90-cloudimg-ubuntu file. Problem is that I missed setting the password and edit this file. Now if I use sudo, it is asking me password. How to fix this?
<hariom> How can I set password for ubuntu user?
<Blinkiz> hariom, you use the nopasswd parameter.. like "username ALL=NOPASSWD: ALL"
<hariom> Blinkiz: But now I am not able to modify that file
<Blinkiz> hariom, which file? 90-cloudimg-ubuntu?
<hariom> Blinkiz: It asks me password if I use sudo
<hariom> yea
<Blinkiz> hariom, alright.. Am guessing you do not have a root password.. yeah
<hariom> Blinkiz: yea, I never set root password
<Blinkiz> hariom, and you do not have another username that can do sudo?
<hariom> Blinkiz: yea
<hariom> Don't have another user to do sudo. Its default aws setup
<Blinkiz> hariom, Hmm.. am guessing you need to boot in failsave mode and reset password then
<hariom> Blinkiz: Is that possible on aws? How would I get access to fail safe remotely?
<Blinkiz> hariom, something like this https://www.youtube.com/watch?v=33zxgEl6eTo
<Blinkiz> hariom, do a search in google for "ubuntu reset password" and you get lots of results
<hariom> Blinkiz: I am on Amazon cloud.
<Blinkiz> hariom, You do not need to reset the password really. When you get to the point in the guides for reset root password, you just edit your file instead.
<Blinkiz> hariom, I do not see any problem that you are on Amazon, you still have console access, right?
<hariom> Blinkiz: How do I have ssh access when system is booting? How can I see the grub menu?
<Blinkiz> hariom, I have not used amazon so I do not know... but am guessing you have a control panel that has html5 or java app so you can get console access. No ssh here
<hariom> Blinkiz: aws is amazon's cloud where you have remote server and access to it via SSH. Nothing more
<hariom>  No physical access to terminal
<Blinkiz> hariom, okay.
<Blinkiz> hariom, I can not see another solution. If you have only one username that you now have locked out from sudo:ing, terminal is the only way
<hallyn_> stgraber: so bug 1432683, lxc uses /lib/init/apparmor-profile-load at startup to load policies.  /lib/init/apparmor-profile-load comes from upstart-bin.  presumably in case apparmor is not installed and upstart needs it.
<hallyn_> should systemd depend on upstart-bin, should lxc switch to another tool, or should /lib/init/apparmor-profile-load be moved to antoher package?
<hallyn_> jodh would probably have an opinion too ^
<jodh> hallyn_: I'd vote for moving /lib/init/apparmor-profile-load to another pkg (maybe init-system-helpers?)
<hallyn_> jodh: is that something you could do, being one of our init heroes? :)
<jodh> hallyn_: I don't have privs on that pkg I'm afraid.
<hallyn_> drat, i meant to bring this up on #ubuntu-devel, not here :)
<Pwnna> for upstart, there is start on started, is there also start on pre-start?
<Pwnna> or something like that?
<Pwnna> i have a job that only has a prestart script
<PaulePanter> Hi. What is the way to get https://github.com/Canonical-kernel/Ubuntu-kernel/blob/master/drivers/edac/ie31200_edac.c into Ubuntu 14.04 LTS and 12.04 LTS?
<Pwnna> i want something like: start on (starting service-a and started service-b), where service-b is: start on starting service-a
<Pwnna> but for some reason, the service that depends on both a and b is starting after service-a is started
<squisher> rbasak, hey can you check that https://github.com/squisher/bcache-tools.debian looks fine and then pass it off to jamespage to do the bare clone?
<rbasak> squisher: OK, looking.
<rbasak> squisher: you seem to have lost debian/.gitignore, but I'm not bothered about that (in fact I prefer to not have .gitignores, as I use sbuild and want dirty trees flagged)
<Odd_Bloke> rbasak: Is there an easy way to use uvtool's userdata/metadata stuff with an arbitrary image file on disk?
<rbasak> Odd_Bloke: --backing-image-file. Needs qcow I think.
<rbasak> Odd_Bloke: bug 1317266
<rbasak> (sorry!)
<rbasak> https://bugs.launchpad.net/ubuntu/+source/uvtool/+bug/1317266
<rbasak> "The --backing-image-file option is not documented"
<Odd_Bloke> :D
<Odd_Bloke> I did see it in the code, but wasn't sure if it was what I wanted. :)
<rbasak> It does exactly what it normally does except that it sources the backing file from you instead of its pool (synced through simplestreams when you run uvt-simplestreams-libvirt)
<rbasak> squisher: looks good enough to me. pristine-tar matches, and the debian/ tree is close enough.
<rbasak> jamespage: please could you go ahead and replace collab-maint bcache-tools with https://github.com/squisher/bcache-tools.debian?
<zotta> thunar, the xfce file manager displays free disk space in the current folder.
<zotta> But how to do that from command line: I want to know how much data I am allowed to write to a directory.
<Odd_Bloke> zotta: `df`
<genii> df -h for human readable results
<zotta> the results don't make any sense
<zotta> I stored more than 50GB of data on a file server
<zotta> and it's showing me 5G are used
<zotta> wtf
<elliotd123> is there a way to get iftop to do a batch output to stdout instead of its ncurses display or whatever?
<elliotd123> Or is there another utility that can do basically that
<jamespage> rbasak, squisher: cloned lemme know if that looks ok
<zotta> df -h gives used 4.9G du -h gives 45G for one dir alone. WTF
<rbasak> jamespage, squisher: looks right to me. Thanks!
<Odd_Bloke> zotta: Could you pastebin the output of the two commands?
<zotta> Odd_Bloke: I'd rather not post the directory names here.
<zotta> Odd_Bloke: but df gave '20G  4.9G   15G  25%' and `du -h english |tail` gave '45G     english'
<zotta> Odd_Bloke: the directory is on a file server
<Odd_Bloke> zotta: How is the directory mounted?
<Odd_Bloke> zotta: (Difficult to help much without context)
<zotta> Odd_Bloke: I don't know exactly, but they are using kerberos and filesrv2:/somedir          20G  4.9G   15G  25% /somedir
<zotta> was the output of df
<Odd_Bloke> zotta: And du -h /somedir gave 45G?
<zotta> Odd_Bloke: more like /somedir/projects/myprojects/english , but jeah
<Odd_Bloke> zotta: What does mount look like?
<zotta> Odd_Bloke: well the df output is clearly wrong, so I will just copy the rest of the data there and see what happens. Thx for help anyway.
<patdk-wk> zotta, did you expect?
<patdk-wk> why do you believe df and du should report the same values?
<zotta> patdk-wk: I did expect that du gives any value less than the free disk space listed in df.
<zotta> * overall disk space i mean , not free disk space
<zotta> otherwise it's a tardis.
<PaulePanter> Hi. What is the way to get https://github.com/Canonical-kernel/Ubuntu-kernel/blob/master/drivers/edac/ie31200_edac.c into Ubuntu 14.04 LTS and 12.04 LTS?
<squisher> rbasak, jamespage, thanks guys, I'll commit some updates soon :)
<hanlon2> Hi.  I installed Utopic in a VPS.  Changed to Vivid sources and dist-upgraded.  After reboot, the system's up and accessible.  IIUC, systemd is default in vivid.  But, any exec of `systemctl ...` FAILs, returning an error "Failed to get D-Bus connection: Operation not permitted".  Need something else to enable the switchover?
<sarnold> hanlon2: make sur eyou're actually using systemd as your init..
<hanlon2> sarnold: so the dist-upgrade doesn't force that change?
<sarnold> hanlon2: it may, it may not, I'm not sure of the details of the transition.
<hanlon2> sarnold: ok.  i'm digging online right now to figure out how to check & switch ....
<hanlon2> sarnold: /sbin/init still points at upstart.  so the dist-upgrade doesn't switch that, atm.
<sarnold> hanlon2: check grub menu?
<keithzg> hanlon2: Do you have systemd-sysv installed? I believe that's the package that brings systemd into being your init system.
<hanlon2> keithzg: that did the trick.  it also rm'd upstart.  systemctl no longer reports the error.  thx!
<keithzg> hanlon2: No problem :)
<Valduare> hows it going guys
<ObrienDave> peachy
<Valduare> I need to talk to someone about server rack rails
<admin123> hello
<admin123> i need some help
<admin123> how to configure a server like a bridge
<sarnold> admin123: some of this looks old, but in a quick skim nothing seemed really wrong.. https://help.ubuntu.com/community/NetworkConnectionBridge
<admin123> nice, tnx
<admin123> another question plz
<admin123> when i connect my server to
<admin123> router
<admin123> i can't connect server to internet
<admin123> using dhcp or static ip
#ubuntu-server 2015-03-19
<hanlon2> I'm installing ubuntu-server in a Xen PV DomU.  Need to use grub1.  after 'update-grub' , the generated entries have "kernel  /vmlinuz-3.16.0-31-generic ...", instead of what it should be "kernel   /boot/vmlinuz-3.16.0-31-generic".  Where in the grub config do I specify that "/boot/" should be used in the generated kernel line?
<jamespage> coreycb, most of 2014.1.4 is now in the queue - nova ftbfs - commented on MP
<lordievader> Good morning.
<Infrabyte> ++
<eagles0513875A> !aptfix
<ubottu> If an APT front-end crashed and your database is locked, try this in a !terminal: Â« sudo fuser -vki /var/lib/dpkg/lock;sudo dpkg --configure -a Â»
<coreycb> jamespage, ok thanks.  I'll take a look at nova.
<jamespage> coreycb, ta
<jamespage> coreycb, everything else is merged and uploaded for SRU team review
<jamespage> coreycb, might get a bit of pushback on that cherry pick for horizon but probably not
<jamespage> as its landed upstream now
<coreycb> ok thanks, yeah that's upstream now
<jamespage> coreycb, up next - kilo-3!
<jamespage> working through the general mess of oslo deps atm
<coreycb> omg I know, I just realized it
<jamespage> coreycb, our neutron dep-8 tests where a load of poo
<coreycb> jamespage, ok thanks.  oh?
<jamespage> coreycb, I had to trim them right back - they where racey as heck and some of them needed out of archive deps
<jamespage> coreycb, switching to systemd flushed quite a few of those out - if fails faster
<coreycb> jamespage, yuck. I think I saw you resubmitted a patch upstream?
<jamespage> coreycb, erm maybe - which project?
<coreycb> jamespage, do you have a log for the failing nova build?  seems to build ok locally for me.
<jamespage> coreycb, yes - its in the merge proposal
<coreycb> jamespage, k
<hallyn> jamespage: hey, so before i dig much deeper or email the pkg-java-maintainer, is the cause of https://bugs.launchpad.net/ubuntu/+source/tomcat7/+bug/1432715 obvious to you at first glance?
<jamespage> hallyn, I see an error but can't see the detail, so no
<hallyn> ok thanks
<dw1> oh noes https://openssl.org/news/secadv_20150319.txt
<dmsimard> Hi guys - I can't find anything on http://www.ubuntu.com/usn/ or Launchpad relative to the 14 CVEs addressed by today's OpenSSL patches. Is there an effort in progress that I can track somewhere ?
<rbasak> dmsimard: ask in #ubuntu-hardened
<dmsimard> rbasak: Thanks, checking.
<dmsimard> For the benefit of others, the packages are built here and will be published to stable later today: https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa/+packages
<coreycb> jamespage, nova is read for review again.  I set the test concurrency back to the default.   https://code.launchpad.net/~corey.bryant/nova/2014.1.4/+merge/253242
<jamespage> coreycb, the description on that patch does not appear to match the value 1 != 4 ?
<gchristensen> Hi, is there an expected timeline for the openssl patches to be available?
<teward> gchristensen: when they're done and the USN is made?
<teward> the security team is already on it
<coreycb> jamespage, should be better now
<gchristensen> teward: excellent, thank you - I appreciate your help.
<RoyK> teward: AFAIK they're in debian already
<teward> RoyK: mdeslaur says they'll be available today
<teward> that's all i know
<teward> and by 'available' i mean published
<mdeslaur> in 30-45 minutes, once the regression tests have finished running
<teward> RoyK: ^ from the person who knows
<elringo70> hello... i'm having an usual problem with my server, every day after rebooting, dhcp server stops by no reason... anyone knows why?
<pmatulis> elringo70: check the logs
<RoyK> elringo70: is it set to start at bootup?
<elringo70> i dont remember, but it starts after booting...
<elringo70> and gives ip's to all clients... but after a couple of minutes it stops
<elringo70> actually i'm using webmin
<RoyK> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<elringo70> mmm, probably thats the problem...
<elringo70> it works for a long time but after an update on the server I start with this issue
<RoyK> anyway - check the logs
<mdeslaur> http://www.ubuntu.com/usn/usn-2537-1/
<pmatulis> mdeslaur: thanks
<elringo70> which log file should I look at it?
<pmatulis> elringo70: /var/log/syslog
<Guest14775> Issues related with QTWebkit in Ubuntu an xvfb
<pmatulis> wha?
<irssi_> Does ubuntu offer custom kernels?
#ubuntu-server 2015-03-20
<sveinse> I have installed 14.10 server and I have this USB3 SATA adapter. I don't get anything (in the kernel log) when connecting it. It did work on 14.04. What service or driver might I be missing?
<sarnold> hey sveinse :)
<sveinse> sarnold: Hey :)
<sveinse> I got my issue fixed. PEBKAC :) sorry guys
<sarnold> \o/
<_apocalypse_> hello
<_apocalypse_> Is anybody aware of the lucid server rerelease .4?
<_apocalypse_> Is it still supported?
<_apocalypse_> !lucid
<_apocalypse_> !help
<_apocalypse_> !list
<ubottu> Ubuntu 10.04 LTS (Lucid Lynx) was the twelfth release of Ubuntu. Desktop support ended May 9 2013. Server support ends on April 30 2015. See http://ubottu.com/y/lucid for more details.
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<ubottu> _apocalypse_: No warez here! This is not a file sharing channel (or network); read the channel topic. If you're looking for information about me, type Â« /msg ubottu !bot Â». If you're looking for a channel, see Â« /msg ubottu !alis Â».
<_apocalypse_> In the lucid server rerelease 10.04.4 it comes with aptitude that crashes when minesweeper is run from it.
<_apocalypse_> This is long term support after years of being released and finally rereleased minesweeper is broke?
<_apocalypse_> I want to know how something like that occours where is the debugging priority?
<_apocalypse_> That the main package manager has critical bugs years into debugging. Any explanation?
<_apocalypse_> Is it the 4th release of a 5 year old codebase?
<shauno> minesweeper?
<_apocalypse_> Why is there a bug in the main package manager on the 4th release of lucid server?
<_apocalypse_> Why is there a bug in the main package manager on the 4th release of lucid server?
<lordievader> Good morning.
<ws2k3> Hello, when i try to do a apt-get upgrade i get  unable to open files list file for package `passwd': No such device or address
<YamakasY> hi guys, my unattended upgrade are on 1 but packages are not upgraded
<PaulePanter> Hi. When only accessing a server over SSH `console-data` is not needed, right?
<bekks> Of course it is needed.
<PaulePanter> bekks: For what?
<bekks> For setting the keymap.
<PaulePanter> bekks: Why do I need that when logging in over SSH?
<bekks> Because otherwise your shell doesnt knpw which keymap should be used.
<Notwang> hi
<Notwang> I'm trying to install ubuntu server 14.04 on a server with gpt
<Notwang> is there a guide on how to do that?
<Notwang> do I need separate fat partition?
<Notwang> why the installer doesn't support it?
<gabrielm_za> hi guys.. i did a fresh install today of ubuntu 14.14 x64 and kvm. I am having an issue connecting to the hypervisor...
<gabrielm_za> root@zero:/etc# virsh -c qemu:///system list
<gabrielm_za> error: failed to connect to the hypervisor
<gabrielm_za> error: Failed to connect socket to '/var/run/libvirt/libvirt-sock': No such file or directory
<gabrielm_za> syslogs shows
<gabrielm_za> Mar 20 07:14:58 zero kernel: [   12.010116] init: libvirt-bin main process ended, respawning
<gabrielm_za> Mar 20 07:14:58 zero kernel: [   12.086729] init: libvirt-bin main process ended, respawning
<gabrielm_za> Mar 20 07:14:58 zero kernel: [   12.154322] init: libvirt-bin main process ended, respawning
<gabrielm_za> Mar 20 07:14:58 zero kernel: [   12.222302] init: libvirt-bin respawning too fast, stopped
<gabrielm_za> any ideas ??
<OpenTokix> gabrielm_za: Is your kvm module in kernel? Is VT-x or amd-eq enabled in bios?
<gabrielm_za> VT-x is enabled
<lordievader> gabrielm_za: Looks like libvirt is crashing.
<jpds> gabrielm_za: Check /var/log/upstart for a libvirt failure?
<gabrielm_za> root@zero:~# cat /var/log/upstart/ureadahead.log |grep libvirt
<gabrielm_za> ureadahead:libvirt: Ignored relative path
<gabrielm_za> northing else in /var/log/upstart/*
<gabrielm_za> lsmod gives me: kvm_intel             143187  0
<gabrielm_za> kvm                   455835  1 kvm_intel
<jamespage> coreycb, zul: https://bugs.launchpad.net/ubuntu/+bug/1434526
<jpds> gabrielm_za: Try running libvirtd by hand.
<gabrielm_za> root@zero:/etc# libvirtd
<gabrielm_za> 2015-03-20 11:56:41.265+0000: 2062: info : libvirt version: 1.2.2
<gabrielm_za> 2015-03-20 11:56:41.265+0000: 2062: error : virConfParseString:426 : configuration file syntax error: /etc/libvirt/qemu.conf:12: unterminated string
<gabrielm_za> 2015-03-20 11:56:41.265+0000: 2062: error : virStateInitialize:749 : Initialization of QEMU state driver failed: configuration file syntax error: /etc/libvirt/qemu.conf:12: unterminated string
<gabrielm_za> 2015-03-20 11:56:41.265+0000: 2062: error : daemonRunStateInit:920 : Driver state initialization failed
<gabrielm_za> argh
<gabrielm_za> dammit
<gabrielm_za> thanks jpds....
<gabrielm_za> i had altered the vnc line in that file and was missing a " at the end of ..0.0.0.0"
<gabrielm_za> :-)
<gabrielm_za> many thanks for the help..!
<jpds> No worries.
<gabrielm_za> going to reboot... let's see if it comes up now...
<gabrielm_za> lol
<gabrielm_za> simple mistake
<jpds> Happens.
<gabrielm_za> root@zero:~# virsh -c qemu:///system list
<gabrielm_za>  Id    Name                           State
<gabrielm_za> ----------------------------------------------------
<gabrielm_za> :)
<coreycb> jamespage, thanks for handling that
<jamespage> coreycb, its not to bad afaict
<jamespage> two of those are refactorings - the other is a simple package
<coreycb> jamespage, good to hear
<jamespage> coreycb, keystone wants python-cryptography for a new token format
<jamespage> need to MIR that
<jamespage> might be tricky
<coreycb> jamespage, hmm
<coreycb> jamespage, for the icehouse pep8 cert changes, should I bump the release to 0ubuntu2?
<jamespage> yeah that's fine
<jamespage> 1.1 is also ok actually
<coreycb> jamespage, here's cinder - https://code.launchpad.net/~corey.bryant/cinder/2014.1.4/+merge/253665
<skinsky> Hi, when I run dpkg --list | grep linux-image to see what old kernels I can get rid of, it shows old kernels that are not even on the system?  Any idea how to get rid of them?  Or what the problem is?
<skinsky> Is it because I have used apt-get remove when I should have used apt-get purge?  Thing is I just used apt-get remove as usual on some kernels that are there and they are gone so maybe not that!
<pmatulis> skinsky: consider using a pastebin to show the output you see
<skinsky> ok, actually its still showing the ones I recently removed...
<skinsky> pmatulis:  http://paste.ubuntu.com/10635009/
<skinsky> only 76 & 77 on the system at the moment
<skinsky> they don't show wi ls in /boot just with the show image command?
<skinsky> dont show in
<pmatulis> skinsky: 'r' means it has been removed
<skinsky> cetainly has, not on my system, is it a cache error
<skinsky> you mean 'rc'
<pmatulis> skinsky: yep
<skinsky> ok, so I learn something new today, why
<skinsky> not on the system thats for sure
<skinsky> Googled but Google not been my friend for a while...
<pmatulis> skinsky: 'r' for removed and 'c' for configuration remaining.  to rid your system of configuration files use 'apt-get purge' instead of 'apt-get remove'
<YamakasY> is it still needed to grab the svn packages from WNADISCO ?
<skinsky> ok, hence my previous ...
<skinsky> pmatulis: perfect, ty
<skinsky> note made :)
<pmatulis> skinsky: keep on truckin'
<skinsky> on the to the next problem ;)
<skinsky> onto
<skinsky> I keep my boot dir to 500gb and it can fill up
<skinsky> never a truer word said that you learn something everyday
<skinsky> 500gb?
<skinsky> :)
<OpenTokix> I have /boot at 256M
<skinsky> yeah I meant 500mb sry
<skinsky> the kernels come quite frequently :) these days
<skinsky> btw guys you still need to sort the -1 problem in grub.cfg
<skinsky> servers hang on reboot if not changed after kernel upgrade
<skinsky> waits for a keystroke and on a headless that just aint possible
<skinsky> needs to be set to 5 or 10
<OpenTokix> skinsky: -1 problem?
<skinsky> OpenTokix:  https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/797544
<skinsky> I just like servers to come backup after reboot
<skinsky> which is quite frequently these days
<OpenTokix> skinsky: intresting
<OpenTokix> skinsky: have to adjust /etc/default/grub to avoid it
<skinsky> OpenTokix: its been there for ages
<YamakasY> anyone /
<skinsky> its a pain
<OpenTokix> skinsky: but from what I see you can fix it by having a proper /etc/default/grub
<skinsky> hetzner sort it some how but just my main server provider has yet to get up to speed
<skinsky> just should not happen tho should it
<OpenTokix> Just another configuration, nut a bug per say - just a weird default
<skinsky> never a problem on debian
<skinsky> yeah
<skinsky> major pain tho if you forget to edit grub, you have to boot to rescue, edit and boot back to normal
<OpenTokix> skinsky: Not a problem really, since the configuration managment system handles that.
<skinsky> most of my servers are Ubuntu
<YamakasY> is us.archive.ubuntu.com lacking ?
<OpenTokix> skinsky: get config managmenet
<skinsky> OpenTokix:  will check it out, ty
<OpenTokix> skinsky: ie. dont expect ubuntu to have a configuration policy that suits your needs. - They only provide a platform to run on, you should make sure it runs as you intend it to run.
<skinsky> well its not good for business, all servers I install these days are debian for this very reason
<OpenTokix> skinsky: I prefer debian over ubuntu, but I dont really care
<skinsky> never heard of a remote server not coming up because of something very basic like that
<skinsky> love 12.04 :)
<skinsky> and ubuntus eol
<andreyst> Hi all, I am trying to install zabbix agent on two different server and the problem is - two different versions get installed.
<andreyst> first one install 1:2.2.2+dfsg-1ubuntu1, second one - 1:2.4.4-1+trusty
<andreyst> repos in /etc/apt/sources.list.d/zabbix.list are the same
<andreyst> installing 2.4.4 manually specifying it for apt-get install doesn't work - cannot find it
<andreyst> what am I doing wrong?
<pmatulis> skinsky: why did you call it the -1 problem?
<skinsky> because you nedd to change the time out from -1 to 5 or 10
<skinsky> in grub.cfg to illiminate the problem
<skinsky> need
<skinsky> when you upgrade you get the warning that less than 0 is no longer supported in grub
<skinsky> but ubuntu still sets it to -1
<pmatulis> skinsky: oh, '-1' is the default for GRUB_RECORDFAIL_TIMEOUT
<skinsky> yeah, sry
<skinsky> hangon
<pmatulis> alright, yeah that's not a great default
<pmatulis> mabye for a desktop, but not a server
<skinsky> http://paste.ubuntu.com/10635274/ ubuntu sets it to -1
<rbasak> There's a bug that I intend to reopen to fix that.
<skinsky> as I said for a headless machine its a pain ;)
<rbasak> We basically agreed to change the default to something positive - 30 or something - at least on Vivid.
<skinsky> its a majore pain
<skinsky> major
<skinsky> simple to fix I expect
<rbasak> Fixing anything, however simple, is not trivial in Ubuntu. You have to be careful not to accidentally regress every user.
<skinsky> rbasak:  needs to be 5 or 10
<rbasak> skinsky: not enough for desktop.
<skinsky> rbasak:  yeah it must be difficult
<rbasak> It's a rare case anyway to get a boot failure that needs reverting
<rbasak> Or a power cut doing a boot that makes it think it was a boot failure
<rbasak> But I agree we need to eliminate even that small chance.
<skinsky> yes the power cut can really throw a spanner in the works but with the -1 it happens on a soft boot, not all the time which I cannot get my head around tho
<skinsky> hetzner show change it to 5 but my main server provide just leaves it at -1
<skinsky> be nice if Ubuntu would get it sorted once and for all :)
<skinsky> off topic, anyone get a good look at the eclipse today, not me totally clouded in the pyrenees :(
<skinsky> I suppose when of the sings that your a good sysadmin is that you did not even know there was a major eclipse today
<skinsky> signs
<skinsky> and better spelling
<skinsky> anyway, thanks for all your help, ty pmatulis :)
<jamespage> sarnold, re the pysaml2 MIR - I've commented on the bug that due to the state of repoze.who, and the fact that plugin is not used by keystone, i'd like to patchup pysaml2 to push that back to a suggests requirement
<jamespage> sarnold, thoughts?
<BrianBlaze420> hello everyone I have ubuntu 14.04 LTS and I am trying to figure out where the ssh login messages are. I know that the banner is in /etc/issue.net but where can I find the rest of the login, like all the info after I actually log in?
<Walex> BrianBlaze420: that ought to be not SSH specific, but for any login
<BrianBlaze420> yeah well I am just curious where the default stuff is located
<BrianBlaze420> like where it says  system info and all that
<bearface> BrianBlaze420: look into motd and/or update-motd
<BrianBlaze420> motd!
<BrianBlaze420> i bet thats it XD
<BrianBlaze420> thanks
<BrianBlaze420> my brain is failing me this morning haha
<Walex> BrianBlaze420: it could also be system news, or some PAM plugin
<BrianBlaze420> thanks for sending me in a good direction
<BrianBlaze420> really appreciate it
<smoser> hallyn, so i got addicted to using 'lxc-attach'
<smoser> any ideas on how i can get an equivalent for kvm
<smoser> or , for bonus points, any remote system
<smoser> key feature being that it takes arguments
<gabrielm_za> ok, so I added additional space on my logical volume, it shows correctly when I do a lvscan
<gabrielm_za>  ACTIVE            '/dev/vmstuff/vm_iso_images' [50,00 GiB] inherit
<gabrielm_za> how do I resize the file system as that is still showing the original 10Gigs
<gabrielm_za> it is a ext4 file system
<gabrielm_za> root@zero:/mnt/vm_iso_images# resize2fs /dev/vmstuff/vm_iso_images
<gabrielm_za> resize2fs 1.42.9 (4-Feb-2014)
<gabrielm_za> resize2fs: Device or resource busy while trying to open /dev/vmstuff/vm_iso_images
<gabrielm_za> Couldn't find valid filesystem superblock.
<gabrielm_za> i am not sure if resize2fs only works on ext2/3 file systems ?
<hallyn> smoser: ...  ssh ? :)
<lordievader> gabrielm_za: Resize2fs works fine with ext4 filesystems too.
<lordievader> gabrielm_za: You can even call resize2fs from lvextend :D
<smoser> ssh is annoying in that it takes areguments.
<smoser> errr. doesn't take arguments. forces through your shell
<OpenTokix> smoser: What do you mean?
<gabrielm_za> lordievader: the fiel system is unmounted, but i keep on getting device or resouce busy when i run the resize2fs command
<gabrielm_za> *file
<smoser> OpenTokix, lxc-attach -n my-container -- my command "$&$$(" "and" "my arguments"
<lordievader> gabrielm_za: Is it?
<smoser> try that with ssh
<smoser> ssh host my command "**  " 'asdf "'
<OpenTokix> smoser: ssh user@hosts "command --blhadiba > log.log"
<smoser> i dont want shell interpretation on the other end.
<gabrielm_za> pffft, i'll come scratch around a little later again..
<OpenTokix> smoser: ok, since ssh is... secure shell, it is kind of hard to avoid
<lordievader> gabrielm_za: lsof /dev/vmstuff/vm_iso_images
<hallyn> smoser: sorry i don't have any ideas :)  just use p9 to mount the kvm's rootfs and then do it locally :)
<OpenTokix> smoser: I dont see the problem
<StathisA> ok, i've set up a localhost ssmtp and apticron and i can receive its notifications in gmail so it is working. now is it possible for apticron to use another smtp server in the same lan for the notification? - i dont want to nd up having ssmtp installations in all the servers ><
<hanlon2> Hi.  I'm not sure if this is a Xen or Ubuntu question ... I've installed an Ubuntu Vivid DomU.  I notice that the kernel no longer provides a "/proc/sys/xen" dir.  That's mentioned, similarly, for Debian @ https://wiki.debian.org/Xen.  Does that now mean we need to run ntpd in each DomU?
<OpenTokix> hanlon2: you have never had to run ntpd i a xen domu, since the dom0 handles the time of the guest. - very unreliably to  =)
<hanlon2> OpenTokix: I was just informed by the Linode ops that you MUST run ntpd in the DomU with pv_ops.
<OpenTokix> hanlon2: ok
<squisher> rbasak, ok, pushed some changes for bcache-tools. I'd appreciate a check if I'm actually using gbp correctly.
<squisher> rbasak, also I don't really like the --git-ignore-new option. Maybe a debian/.gitignore is a good idea?
<rbasak> squisher: your changes look fine to me.
<rbasak> squisher: though, try and push the Makefile change to upstream if you can (wherever that is - I appreciate it's unclear)
<rbasak> squisher: saves us accidentally forking
<rbasak> squisher: what don't you like about --git-ignore-new?
<rbasak> squisher: you might be able to put something in .git/gbp.conf or ~/.gbp.conf to always --git-ignore-new if it's just a personal preference
<rbasak> squisher: though you're pushing changes right now, so if you want a debian/.gitignore for now I'm fine for you to go ahead and add it. I'll only push to take it out if it actually (rather than hypothetically) causes me pain.
<hanlon2> I've installed gpgv2 in Vivid.  I've no need/want for gpgv1 -- but an apt remove of gnupg looks 'serious'.  Is it intended that gpgv1 is still tigthly wired in?
<hanlon2> tightly, even
<bitfury> hey guys, is there an easy way to install the same packages (same versions) installed on one to another ?
<henkjan> bitfury: dpkg --get-selections
<henkjan> bitfury: https://kura.io/2010/07/02/using-dpkg-selections-to-backup-and-install-packages/
<bitfury> henkjan: hmm ok, but that just gives me a list of names which I can use on the new system to install, but how do I keep it from installing candidate versions which might be newer?
<henkjan> bitfury: i suppose you are running the same ubuntu release on both servers?
<henkjan> and keep them up2date
<henkjan> then you won't have any differences in versions
<bitfury> henkjan: they're running the same ubuntu release with just the latest security updates.
<henkjan> bitfury: in that case you should end up with 2 servers with the same package
<bitfury> henkjan: oh ok, so the iso's from releases do not include the latest updates?
<bekks> bitfury: correct.
<bitfury> oh, now I remember there's a prompt during installation to do it if you like.
<bitfury> thanks guys
<blackyboy> I cant upgrade the packages getting this error http://paste.ubuntu.com/10637487/
<luifer> hello
<luifer> I need to configure ubuntu server like a proxy, any one?
#ubuntu-server 2015-03-21
<josten> i'm running ubuntu server as a guest in a host. When I try to modprobe the virtio drivers they're not being loaded. Any idea why?
<lordievader> Good morning.
<gregor_> hello, i am having major issues installing nvidia driver for the GT 730 GPU, as i understand i need to install 340 driver. i found that the xorg edgers PPA provides it. i can get to desktop using nouveou and adding nomodeset. howerver resolution is wrong, and when trying to install proprietary driver all i get is black screen on reboot.
<gregor_> 14.04 - do i need ot use HWE_
<gregor_> lblinking cursor is all i get
<gregor_> this is retarded
<gregor_> i can only get console
<gregor_> hello anyone out there?
<gregor_> hello is anyone on the channel?
 * zburns_away is now away - Reason : Auto-Away (Away from Keyboard for 30 minutes)
<SchrodingersScat> !away | zburns_away
<ubottu> zburns_away: Please do not use noisy away messages and nicks in Ubuntu channels. It is annoying and unnecessary. Use the command "/away <reason>" to set your client away silently. See also Â«/msg ubottu GuidelinesÂ»
<pmatulis> yeah, that was a bit much
 * zburns_away is now away - Reason : Auto-Away (Away from Keyboard for 30 minutes)
<winfr34k> Hello =)
<winfr34k> Is anybody around who is an expert with Apache2? It has been some time that I actually admined a webserver... I currently have a virtual-server running Ubuntu Server 14.04 with apache2 set up. I have a couple of domains set up on this server, both can reach the server, through my configs I've configured both domains to be used with Apache, but I have this problem: When I go to a subdomain that doesn't
<winfr34k>  exist with my browser, it uses a "random" docroot from a configured domain.
<locutus111> hey guys.  I am trying to configure privoxy.  everything is working well, except when I try to play movies stored on my server on my phone they don't play.  telling my phone to stop using privoxy, the videos play.  I have tried adding a filter for mp4 files, but that doesn't seem to have worked (yes, the files are mp4s :)).  any suggestions?
 * zburns_away is now away - Reason : Auto-Away (Away from Keyboard for 30 minutes)
 * zburns_away is now away - Reason : Auto-Away (Away from Keyboard for 30 minutes)
 * zburns is no longer away - Gone for 2 mins 10 secs
<hanlon2> questions re: ubu-server v15/vivd go in here?  or in #ubuntu+1 ?
#ubuntu-server 2015-03-22
<codenomics> howdy
<codenomics> been trying to install 14.04.2 on my machine and all is well until the base install... says that it is getting packages and sits at 6% for an hour and then errors out on everything
<codenomics> right now I am trying to install 14.10 to see how that works out for me... that actually started by giving me an error at boot about an invalid parameter
<codenomics> not sure if any one has had that issue with it erroring out on install and has a "yeah do this" quick fix but figured I would pop in and ask
<pmatulis> codenomics: nope.  sounds like you may have a hardware or network problem
<codenomics> pmatulis: it is actually working great with 14.10
<pmatulis> codenomics: you just said you got an error
<codenomics> pmatulis: there is an error when loading the installation media saying invalid parameter
<codenomics> I just typed "install" and all was well
<codenomics> the main issue was that it would completely fail when downloading packages
<codenomics> might have been the install media I guess
<pmatulis> codenomics: yeah, try to redownload the ISO
<codenomics> 14.10 just finished installing and is good to go
<pmatulis> cheers
<codenomics> no reason that I HAVE to have 14.04, it was just the media that I had
<codenomics> rebooting now and seeing if it explodes or not lol
<pmatulis> ok, no reason for LTS then
<codenomics> thanks though
<codenomics> pmatulis: this is just a media server for my house
<pmatulis> codenomics: gotcha
<codenomics> a very large, expensive media server lol
<codenomics> going to strap it to the supports in my basement and use it to hold the house down if we ever have a tornado
<codenomics> yay errors!
<codenomics> well... I got errors but it seems to be a well known and fixable bug so that is good lol
<Esteban__> Hello today I applied some security patches on Ubuntu12.04 LTS and PHP is taking 30 secs per request
<Esteban__> Not sure if it is Apache, PHP or MPM prefork
<dtscode> i installed iredmail successfully, and setup mx records, and was able to recieve mails successfully, but then it just stopped working. any help?
<blackyboy> Hi Everyone, I have installed and configured my wordpress site in Ubuntu 14.04 vps using LEMP stack (Nginx), And installed with vsftpd and ftp configured. Now my developer need the ftp access for that i have created a ftp user as below. sudo useradd -d /var/www/html/mydomain.com devloper, Then provided a password. this User chroot to his home directory mydomain.com. Now i want to put files in /var/www/html/mydomain.com while that time it should come 
<lordievader> Good morning.
<devster31> hi, wonder if anyone can help me, I want to install these 2 packages on my small server: libcurl4-gnutls-dev:i386 and libkrb5-dev but whenever I try to install one it removes the other, is there a way to keep them both?
#ubuntu-server 2016-03-21
<tarpman> lunaphyte: ah right! I found the place debconf priority is documented. https://www.debian.org/releases/jessie/amd64/ch05s03.html.en#installer-args :P
<cooldharma06> hi all
<cooldharma06> i am trying to access pudb from my remote machine via ssh
<cooldharma06> keys are not working
<trimas> is SHA1 used in Ubuntu's default FDE setup less secure than using SHA256/512? SHA1 has been deemed insecure since 2005, or am I misinformed?
<jamespage> morning all
<RoyK> morning
<jamespage> coreycb, ddellav: SRU's mainly caught up with - Kilo is all in proposed and tested OK
<jamespage> nova and keystone point releases in the sru team queue for wily
<Slashman> hello, I'm trying out lxd on ubuntu 15.10 and it works great but I have an issue when I start a container with debian jessie, I can't stop it: "lxc stop" get stuck and running "poweroff" inside the container get me "Failed to talk to init daemon.", with ubuntu container, there is no issue so my question is: how do you stop a debian container?
<Slashman> btw the container is unprivileged
<coreycb> jamespage, awesome, thanks
<jamespage> coreycb, np
<httperr418> hi folks, I have an automount question
<httperr418> I'm actually running ubuntu desktop but I wanted to do this via CLI so they suggested asking here
<httperr418> I want to ensure that automounting is disabled for any device by default
<httperr418> er, any external device
<httperr418> I know it's possible because I've done it before, but I can't find the guide I located last time
<ddellav> jamespage cool, ty
<mojtaba> I can create proxy server using ssh -D locally and configure network manager manually to use it. Is there a way to select which addresses use this proxy? (By specifying something special in the URL, like http_proxy instead of http?) What is configuration URL for?
<jamespage> coreycb, added some bug management features to the tools that push stuff between uca pockets this morning as well:
<jamespage> https://bugs.launchpad.net/cloud-archive/+bug/1546445
<ubottu> Launchpad bug 1546445 in Ubuntu Cloud Archive kilo "support vhost user without specifying vhostforce" [Undecided,Fix committed]
<jamespage> for an example...
<coreycb> jamespage, oh I like that, that last comment is automated then?
<jamespage> coreycb, yes
<jamespage> coreycb, also adopting the tag based verification approach that the sru team uses...
<coreycb> jamespage, that's nice.  and does it auto-mark status as fix released?
<jamespage> coreycb, it should do - not tried that bit yet
<coreycb> jamespage, ok.  thanks for all that!
<coreycb> jamespage, I'm still debating if it makes sense to have a barbican-api init script or if directly using the apache2 init script makes more sense
<jamespage> coreycb, if you're running it under apache2, no init script required
<coreycb> jamespage, ok, that is the case.  it's a change for users though since it used to run under uwsgi and had barbican-api init scripts. but we had to drop uwsgi to try and get it into main.
<jamespage> coreycb, can you take a read through this please - https://wiki.debian.org/Apache/PackagingFor24
<coreycb> jamespage, yep
<jamespage> coreycb, you're doing alot of work in maintainer scripts you don't need to right now
<jamespage> coreycb, infact if you install the conf files directly to /etc/apache2/conf-avaliable and us dh_apache2 it will generate most of the required bits for you
<coreycb> jamespage, ah that's nice. I'll revisit that after reading.
<jamespage> coreycb, actually its even nicer that that
<jamespage> you just have to have a .apache2 file in debian/ listing the conf files you want to enable...
<coreycb> jamespage, very nice
<Slashman> to answer my own question from this morning, to stop a container that do not want to stop with "lxc stop", you must use the command "lxc stop <container> --force" which is undocumented
<jjrabbit543> hello
<jjrabbit543> ICMP protocol doesn't use a port?
<jjrabbit543> how is that possible
<rbasak> IP doesn't define ports. TCP and UDP do. ICMP is not TCP and UDP. It layers directly on IP.
 * patdk-wk kindof wishes we had 32bit ports
<jjrabbit543> found the cisco guy
<jjrabbit543> just joking. thanks man that makes more sense
<jjrabbit543> can anyone tell me why  Your nick is owned by user [~user@104.131.1.159]
<jjrabbit543> it says that?
<jjrabbit543> woops sorry meant to send to different channel
<cyphermox> rharper: how is multipath-tools?
<rharper> cyphermox: xnox was going to look at the FFE/merge and upload on Friday IIRC; I haven't looked yet
<rharper> cyphermox: https://bugs.launchpad.net/ubuntu/+source/multipath-tools/+bug/1551952
<ubottu> Launchpad bug 1551952 in multipath-tools (Ubuntu) "FFE: Please merge multipath-tools 0.5.0+git1.656f8865 from Debian unstable " [Undecided,Triaged]
<rharper> cyphermox: stgraber said it was OK to upload, so it just needs a sponser
<cyphermox> yeah, stgraber acked it
<cyphermox> xnox: ?
<rharper> cyphermox: I also pushed a fix upstream to debian re systemd.service file (the disable systemd for udeb broke linking against libsystemd for the non-udev, which broke notification via sd_notify);  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=817940
<ubottu> Debian bug 817940 in multipath-tools "multipath-tools: multipathd is not linked to libsystemd, fails to notify systemd when ready" [Normal,Fixed]
<rharper> need to pull that fix in (instead of disabling systemd) in our package
<ndee> I'm looking for following tool: a user can create a payload in the browser and adds it to a queue. The queue payload gets executed by the root user, since some special privileges are needed. Does anyone know of some sort of queue tool?
<Sling> sounds like a horrible idea
<Sling> what problem are you trying to solve with this? or are you trying to create malware?
<ndee> Sling: haha, no. What I'm trying to do is sync a staging environment of a CMS to a live environment. At the moment, I have an extension for that CMS which creates a file and a cronjob checks if that file exists and if it does, executes a task. That's the workflow I created 8 years ago and I'm wondering if there might be something "smarter" around the way.
<patdk-wk> there are hundreds of queue tools to use, pick one and use it
<patdk-wk> the issue is, the whole idea is flawed from the start
<ndee> patdk-wk: it is some sort of deployment and I'm not sure what a better way would be.
<patdk-wk> something that doesn't use a webserver :)
<patdk-wk> it sounds like you already solved it
<patdk-wk> cms creates a backup file, and cron job that checks if file exists and deploys it
<patdk-wk> so sounds like the only thing you have to do is create another cron job
<patdk-wk> if new backup file exists, copy it to the production server
<ndee> patdk-wk: so that's not a bad way to deploy something?
<patdk-wk> only if, anyone is allowed to make that file
<ndee> I sometimes get insecure with all those new flash tools and think that I also have to use it :D
<patdk-wk> if a webuser can upload that file, and let it audodeploy, whatever they want :)
<patdk-wk> make sure that file location is well outside of what the webserver is allowed to touch
<patdk-wk> and permissions are tight
<ndee> patdk-wk: the location of the file has to be writeable by the webserver, otherwise, the file can't be generated.
<patdk-wk> no
<patdk-wk> from your dev enviroment, sure
<ndee> ah
<patdk-wk> that dev enviroment shouldn't be accessable to the outside
<patdk-wk> but on the live/production one, you should take care that file is protected
<ndee> of course
<patdk-wk> or rather, firewall rules should be protecting the dev one
<patdk-wk> so file level access, isn't strictly required, nice, but
<jamespage> rbasak, kickinz1: hey - just reviewing the pacemaker merge from debian - I've tested the upgrade as I wanted to ensure that the package splits upgraded ok - works fine
<jamespage> are you both happy we want todo that this cycle?
<kickinz1> jamespage, rbasak thanks jamespage for having taken the time to look after it, I think that we want it this cycle yes.
<jamespage> kickinz1, rbasak: ok uploaded
<kickinz1> jamespage: thanks!
<daften_> hi, i have a problem on a server with sudo, it won't use the users password
<daften_> the users password is correct, i've checked this by issuing passwd and entering the current password, which is accepted
<daften_> the sudo config is also correct. i've changed the file in /etc/sudoers.d/ that gives sudo rights to the group so it gives sudo rights without password entry, and then i can issue sudo commands
<daften_> so there's something very strange going on, and i have no clue. can somebody help me?
<jeeves_moss> what is the best cliserable VPN server that uses an HTTP client that is free?  We have a bunch of IoT devices that we would like to connect to the network (to a NATed system), and not to have to worry about a bunch of open devices floating around
<patdk-wk> none?
<patdk-wk> http is not secure, so don't use it for a vpn
<jeeves_moss> patdk-wk: I meant https.  missed a letter.  we're looking for something that will punch through a NAT router
<patdk-wk> sounds like openvpn
<patdk-wk> unless you need to be http proxy aware
<jjrabbit543> hello
<jjrabbit543> anyone know if there is a more recent project of this tool?
<jjrabbit543> https://sourceforge.net/projects/ldaptool/
<sarnold> jjrabbit543: that sounds kind of like https://directory.apache.org/studio/
<sarnold> jjrabbit543: i'm normally hesistant to recommend anything from the apache project but .. i'm not sure where else you'll find this sort of thing.
<teward> rbasak: ping - who do i bother when i see something that prevents testcases from being completed in the server dailies?
<teward> is that matsubara still, or someone else?
<matsubara> teward, Hi, I can take a look. What's up?
<teward> matsubara: refer to today's server testcase, i filed a failed testcase, can't select keyboard layout per the testcase, possibly bug 1559507
<ubottu> bug 1559507 in debian-installer (Ubuntu) "Keyboard selection is missed" [Undecided,Confirmed] https://launchpad.net/bugs/1559507
<teward> (initially observed 20160318 Lubuntu alt, then 20160319 Server, by phillw, poked to me in another channel to test/confirm)
<teward> confirmed today by myself, both Lubuntu alt and Server
<teward> matsubara: i'd poke the release team, but i'd like more eyes on it first :)
<teward> note this is on the iso tracker
<teward> not on our autotests (if we do them)
<teward> matsubara: i'd set the bug as "high" because we may have cases where people have foreign keyboard layouts that need selected (or can't be autodetected), but again, i wanted some extra opinions
<teward> matsubara: note that installation progresses as it should, apparently, but that means that either we're deprecating and removing keyboard layout selection, or our testcase is bugged, or the bug is actually something missing
<teward> i'm not qualified, I think, to make that determination
<matsubara> teward, thanks for raising that. I think you're right. It should be high or if this is an intentional change the testcase needs update
<teward> matsubara: thank phillw (the one who brought up the 'no 32bit qa iso manual test cases' problem a while ago) for pinging me randomly on it
 * teward usually avoids testing unless he has to
<teward> matsubara: I'll set it to High for now, but can you poke around to see if this is an intentional change?
<matsubara> teward, yep, I'll check it out. In any case I'll add a topic for discussion in tomorrow's meeitng
<teward> matsubara: thanks!  i'm making a comment that i'm setting high after discussing with you :)
<matsubara> thanks teward
<teward> you're welcome
<teward> matsubara: and thanks for replying promptly :)
<teward> matsubara: confirmed that the install is otherwise unaffected, though, with regards to the test case - the testcase in its current form just can't be completed, but installations apparently can
<teward> though i wouldn't put faith in that
<j^2> Hi!
<j^2> I was just convinced to come here per dobey from #ubuntu-quality
<j^2> I work for Chef software, (what used to be opscode) and I wanted to talk about the version of chef that comes in when you do an apt-get install -y chef
<j^2> it seem in 16.04 chef_12.3.1-1_i386.deb comes in, which is great
<j^2> but thatâs not the must up-to-date
<j^2> we are at chef_12.8.1-1_i386.deb now
<j^2> not to mention we have another SDK called the chefdk that we would like to add as an option
<j^2> who can i talk to about who owns these, and work with them?
<teward> j^2: we're past feature-freeze, so any updates and feature additions would need individual exceptions.
<sarnold> j^2: https://wiki.ubuntu.com/FreezeExceptionProcess#FeatureFreeze_Exceptions
<teward> and testing
<teward> and review by the release team for inclusion
<teward> the link sarnold provided gives details
<j^2> awesome, thanks! Iâll start reading through this :D
<teward> j^2: obvious question: is this in Debian yet
<teward> aaaand rmadison answered my question
<teward> it is not
<j^2> so thatâs the problem, iâm not sure because i donât know how itâs getting there. No one seems to know
<teward> i assume we're talking about the 'chef' package
<j^2> somebody has to own this
<j^2> yep
<sarnold> it seems like there's a reasonable chance, chef is in universe and it looks like a 'leaf' package
<teward> sarnold: no Debian updates, though, so it'd need more testing
<j^2> ok
<sarnold> bummer though, logan did a merge just five days ago..
<j^2> yeah it seems that isnât the official chef package either from debian
<j^2> itâs not ours, it was created by someone else
<j^2> we have our packages posted: https://downloads.chef.io/chef-client/ubuntu/
<j^2> so does that mean i should go to debian to get this fixed or through yâall?
<sarnold> probably both
<j^2> lovely
<sarnold> a month ago maybe justdebian would have sufficed
<sarnold> but, feature freeze and all
<j^2> grrrr
<j^2> ok, well this is my task, iâll make it happen
<j^2> lets start with yâall, iâm assuming i should go through the exception docs to get myself informed here?
<sarnold> yeah, that's a good starting point
<j^2> start that process, then who/where should i go for the debian group?
<sarnold> I -think- this is the most recent chef changelog from debian http://metadata.ftp-master.debian.org/changelogs/main/c/chef/chef_11.12.8-2_changelog
<jcastro> https://qa.debian.org/developer.php?email=pkg-ruby-extras-maintainers%40lists.alioth.debian.org
<sarnold> I -think- you won't go too far wrong if you email the three or four most recent uploaders; maybe filing a bug?
<jcastro> that's what the PTS lists as the chef maintainers
<jcastro> https://tracker.debian.org/pkg/chef
<sarnold> ah, go with jcastro's link instead :)
<j^2> woah, thatâs not great, thatâs not us at all
<sarnold> that's usual
<j^2> :-/
<jcastro> most packaged software is not done by the people who write it
<teward> ^ that
<j^2> jcastro: i guess that makes sense
<teward> (nginx as a prime example)
<jcastro> though IME most packagers prefer to have a good relationship with their respective upstream and just teamwork it all
<teward> ^
<j^2> but we have packages that are packaged by usâ¦ itâs odd yâall donât just take them right?
<teward> j^2: we inherit our packages for the most part from Debian, I believe.  Nginx is in your type of case as well - they provide official packages on their own "official" repository, but many people use what's just in Ubuntu
<jcastro> ideally, the upstream and the distro would share the same source packaging
<teward> ^ that
<j^2> ah interesting
<teward> and yes i'm referring to nginx a lot because I work in that package :)
<jcastro> but not, we need to be able to rebuild the entire archive from source so we don't just copy binaries into the archive
<j^2> ;)
<j^2> hmm, ok so there are a handful of things/conversations i need to have no it seems
<j^2> now*
<jcastro> yeah, but there's no reason it can't happen all at once
<j^2> jcastro: sorry iâm not following
<jcastro> if you fix it in debian then for us it's just a sync
<j^2> ah!
<jcastro> it's not "debian fix problem A, ubuntu fix problem A" It's "Debian let's fix problem A, ubuntu grab that."
<jcastro> though, one thing worth investigating right off
<sarnold> .. but at this point in the 16.04 LTS release cycle, you'll still need the paperwork finsihed even if it is just a sync from debian :)
<jcastro> is find the difference between your packages and the debian packages
<jcastro> like, are they carrying patches?
<j^2> yeah there are a ton of updates iirc
<jcastro> https://sources.debian.net/src/chef/12.3.0-3/debian/patches/
<jcastro> for example
<j^2> Iâll have to figure it out
<sarnold> .. and figure out what to do with ubuntu's difference from debian, too https://patches.ubuntu.com/c/chef/
<jcastro> ideally someone says "ok let's just take all these changes and fix them in one place"
<jcastro> that one place probably being upstream
<jcastro> j^2: well, you haven't quit the channel yet so I guess that's a good sign, heh.
<j^2> heh
<j^2> yeah iâm trying to figure out the diff
<j^2> ;)
<sarnold> hehehe
<j^2> maaayybeee this is it?
<j^2> https://github.com/chef/chef/compare/master...12.3-stable
<j^2> wait
<j^2> shit
<j^2> there we go
<j^2> https://github.com/chef/chef/compare/12.3-stable...master
<j^2> 4k commits
<j^2> between the version on debian and our newest
<j^2> stable
<j^2> so for that, iâm betting yall want me to go to debian eh?
<j^2> let them build the pkg from us, then sync down (after the paperwork)
 * jcastro nods
<j^2> yeah i have a feeling iâm going to have to keep an eye on this for a while to make sure everyone is getting the correct software :-/
<jcastro> j^2: also, there are ways to get newer versions into the LTS down the road
<j^2> this type of oversight is probably due to everyone was assuming someone else was watching this stuff
<jcastro> via backports and whatnot, so I wouldn't sweat about the deadline. I would of course try to get everything in as quick as you can but I wouldn't panic.
<j^2> jcastro: awesome, thanks for that. Iâll start the conversation with debian, and iâll be around here to ask questions? cool?
<jcastro> I'm always around
<j^2> \o/
<jcastro> or you can mail me at jorge@ubuntu.com
<j^2> rock on thanks!
<jcastro> I owe you guys since we broke the maas<->chef integration, heh
<j^2> ha!
<j^2> yeah that was going to be the next task after me getting this done ;)
<j^2> hey it worked i tested maas 1.8? it worked swimmingly
<jcastro> though, posting to the debian list quickly will get eyeballs on it quick
<j^2> is there a package ml?
<j^2> <â the guy that wrote the maas integration :D
<jcastro> I can't speak for those maintainers but most packagers I know love to work with their upstream
<j^2> awesome
<jcastro> https://qa.debian.org/developer.php?email=pkg-ruby-extras-maintainers%40lists.alioth.debian.org
<jcastro> looks to be the list
<j^2> awesome
<j^2> already making progress :D
<jcastro> ubuntu-devel-discuss@lists.ubuntu.com is listed as the maintainer list for the ubuntu version of the package
<j^2> awesome
<nacc> hallyn: stgraber: there is some discusion on #ubuntu-devel about this just now, but having lxc-dns's dnsmasq installed by default (in cloud/server, as lxc is installed by default) means that many (all?) dns-server packages will fail to install
<mahmoh> j^2: so you're pretty good then?  need to also ask about a firefox-like package that pulls the latest chef for the LTS releases and beyond
<j^2> mahmoh: awesome yeah that would be perfect
<j^2> but i need to get debian updated first
<j^2> which is the next step if i understand everything
<mahmoh> j^2: start an exception for that too then, might be too late though but maybe not
<j^2> per the email earlier ;)
<mahmoh> gr8
<j^2> mahmoh: hey man you know you love me ;)
<mahmoh> j^2: let me know if you need anything
<j^2> :D
<stgraber> nacc: that won't be a problem by the time we release 16.04
<nacc> stgraber: thanks, and thanks hallyn for clarifying
<unomie> One of my sites is now pointing to my Docroot directory. The .conf file looks fine. Enabled/Disabled & restarted apache to make sure it wasn't using an outdated .conf - https://bpaste.net/show/caf1b10096f6 -  Any ideas?
<unomie> other sites are working fine & so was this one up until a few days ago,
<unomie> can't find anything in the logs other than it loading the favicon. No errors...
<sarnold> try removing the trailing / on DocumentRoot /var/www/html/pagenation.co.uk/
<sarnold> apache is quite picky about that trailing / and it always feels like it gets it exactly wrong
<unomie> sarnold: Same result
<sarnold> unomie: dang. how about the logs? anything in the site-specific error or access logs, or the generic error or access logs?
<unomie> checked the syslog in /var/log, and other_vhosts_access.log error.log in /var/log/apache2
<unomie> site-specific error log hasnt been updated in a month. Trying to the site-specific error log now but that hasn't been updated in an hour and I've been refreshing the site
<unomie> *access.log for the second one
<unomie> just spiders crawling the site....
<shauno> is there any sign that file's being loaded at all?  I noticed at some point apache started including sites-enabled/*conf instead of sites-enabled/*
<shauno> (eg, 'a2query -s')
<unomie> shauno: Not sure - where would I check? Yeah I switched over all my sites to .conf a year or so ago (whenever the switch happened)
<unomie> shauno: Ta, yeah it's there - pagenation.co.uk (enabled by site administrator)
<shauno> fair enough.  just thought I'd ask since that one made things mysteriously disappear for me
<unomie> Think it might have something to do with the FQDN. I was messing about with that a month ago as it's set to pagenation.pagenation.co.uk (duplication - I was never able to sort it but the site that wasn't sending out mail started working so I abandoned it)
<Pinkamena_D> Has anyone ever tried to join ubuntu to windows active directory with PBIS? I have had success with it, but now I am trying to add a network printer as well. How can I let users use their active directory credentials for the network printer?
<bekks> Whats "PBIS"?
<tarpman> bekks: http://www.powerbrokeropen.org/
<bekks> Never heard of it.
#ubuntu-server 2016-03-22
<sarnold> "formerly known as Likewise Open"
<sarnold> hah, the download page doesn't load for me with noscript and privacybadger .. not sure which one is to blame, but it sure looks like it needs a contact form filled out first. that's not a good sign.
<bekks> Doesnt exactly sound like something I want to use :)
<sarnold> the first page sounded good then the second page took it all away again :) hehe
<Pinkamena_D> here it is easier download: http://download1.beyondtrust.com/Technical-Support/Downloads/PowerBroker-Identity-Services-Open-Edition/?Pass=True
<sarnold> heh, windows people do things differently; there's a thosand links to binary downloads but not a single singature to be found anywhere; and they do appear to have a source link, but they put the non-hyperlinked-text in grey on grey at the very bottom of the page.
<samy1028> sarnold: you mean we're not supposed to arbitrarily click on a program without checking it out first? :)
<sarnold> samy1028: honestly i find the _executing_ of programs so boring -- all the real fun is in reading the source :)
<samy1028> It's only fun and games until some non-technical appointed domain admin installs a crypto-locker on the network. :)
<samy1028> but, yes, reading source can be fun.  Though sometimes you find new things for thedailywtf and such.
<sarnold> .. and then you have fun new stories about moving all your patients to another hospital while you clean up the mess :)
<sarnold> hehe
<devster31> what's my best option, besides editing the hosts file, to make a domain name refer to a LAN IP instead of the public IP?
<sarnold> you could investigate using dns split horizon, I think it's supposed to handle this
<sarnold> or have two dns servers, one outisde the network for everyone else and one inside the network for local queries
<sarnold> or add the external IP directly to the machine and add corresponding routes on all the machines that want to query it (that's more of a smartass solution than a good solution, but it's a solution...)
<devster31> first or second one seem fine, don't know much about dns though, need to read documentations
<devster31> thanks
<hallyn> pmatulis: hey, just fyi, lxd docs somewhat taking shape at https://code.launchpad.net/~serge-hallyn/+git/lxdserverguide .  I'll flesh out the rest tomorow (barring serious bugs elsewhere),
<hallyn> pmatulis: am out the rest of the week, will then convert to xml (assuming that's what we still want at ths point, which i think is a safe bet)
<lordievader> Good morning.
<pmatulis> hallyn: looks great
<patdk-wk> hmm, there has to be something wrong with apparmor on 16.04 :(
<patdk-wk> wrong profile is applied, and odd thing blocked that is allowed
<jdstrand> tyhicks: when you come online, can you followup with patdk-wk?
<patdk-wk> it's either 16.04, or lxc, I don't get it :( been looking at it for days
<jdstrand> patdk-wk: oh, days? tyhicks: nm
<patdk-wk> well, just myself
<patdk-wk> I thought it was just *me*
<patdk-wk> but I have pretty much ruled out me doing something stupid
<jdstrand> patdk-wk: yesterday there was a new kernel with a big apparmor change
<patdk-wk> I am not running that yet
<patdk-wk> guess I should test it?
<jdstrand> patdk-wk: so I was worried that was it, but if you have the old kernel, then it of course isn't :)
<jdstrand> patdk-wk: wouldn't hurt :)
<patdk-wk>  4.4.0-13-generic #29-Ubuntu SMP Fri Mar 11 19:31:18 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
<jdstrand> tyhicks: I thought patdk-wk saw something in the new kernel, but he is running the old kernel
<jdstrand> patdk-wk: note, there are a lot of fixes in that kernel, so it might actually have fixed it. I don't have the details at hand
<patdk-wk> no problem, I don't mind testing :)
<patdk-wk> I just hate digging myself a hole I can't find a way out
<patdk-wk> a profile for a binary, that doesn't exist on that system, gets applied, somehow :)
<patdk-wk> but since it's almost identical to the profile that should be applied, it doesn't cause any real harm, but well, that is just my usecase, and probably not a good thing
<patdk-wk> jdstrand, I think the issue has gone away
<patdk-wk> I'll keep watching it though
<patdk-wk> :(
<patdk-wk> qla24xx driver is causing panics on boot on the newer kernel :(
<patdk-wk> qla2xxx that is
<patdk-wk> 4.4.0-15
<patdk-wk> http://maneshi.com/gallery/v/Users2/sysadm/Screenshot+from+2016-03-22+10_20_21.png.html?g2_imageViewsIndex=1
<patdk-wk> yep, blacklist=qla2xxx got it booted almost :(
<LaserAllan> <LaserAllan> hey there I am pretty sure this might be the best place to askbut I have had Fail2ban running on a Ubuntu server working very good for 5-6months straight and today i found out that either it is not bannig as it should or something else is up becuase I am not getting the emials that I should from it, acording to the mail logs they are beeing sent but not received. I am using GMAIL but I haven't had any issues at all for 5-6 months.
<ikonia> LaserAllan: so look at the bounce logs
<ikonia> try using a trusted relay
<ikonia> look at the iptables rules, are the rules being added
<ikonia> work it through
<LaserAllan> I'll have a look and return here.
<patdk-wk> heh, the mail log files will tell you exactly what happened
<ikonia> you'll probably find you're getting bounces from google because you're sending from a non-trusted/blacklisted IP
<LaserAllan> But why had it worked for like 6 months and suddenly stopped
<LaserAllan> I'll get back once I've looked ;)
<ikonia> blacklisted ?
<ikonia> relay host dead ?
<ikonia> relay host black listed ?
<ikonia> change in googles policy
<teward> server team still meeting today?
<matsubara> I believe so, in 10 min
<teward> cool
<teward> matsubara: i was going to ping you too to make sure you were around, given the QA item i brought up yesterday heh
<matsubara> teward, I just confirmed the bug we spoke about yesterday
<teward> matsubara: cool, so it's definitely an issue then?
<matsubara> teward, and it seems someone also reported a similar issue in the desktop
<teward> ah, so it's a BIG issue, then
<matsubara> teward, I never get a keyboard layout screen, no matter what I choose
<teward> matsubara: is there a bug for the desktop observation as well/
<teward> out of curiosity
<matsubara> teward, OP says it's a similar issue https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1549529 but not exactly the same
<ubottu> Launchpad bug 1549529 in ubiquity (Ubuntu) "The keyboard is still installed as US-English even if another language is selected during the installation" [Undecided,Confirmed]
<teward> interesting.  thanks!
<teward> i'll test Lubuntu then and see if I can replicate there, but it sounds like it's global
<jgrimm> IRC meeting happening now
<m1dnight_> Hey guys. I have seem to deleted my gpg encrypted file with my passwords for my backup server. Is there any way I can get root access now and change all the passes?
<m1dnight_> Only thing I have left are the ssh keys to ssh into the machine and the gpg keys to decrypted the backups.
<m1dnight_> I guess im dead in the water, right?
<m1dnight_> Oh, recovery mode will fix it so it seems.
<m1dnight_> Carry on.
<LaserAllan> ikonia: That might be the case but what makes this even mroe confusing is that my friend who is using the same service doesn't have the problem I am having
<LaserAllan> ikonia: I don't have a huge amount of experience with Ubuntu Server yet but I am slowly getting there.
<LaserAllan> The logs doesn't seem to show more than that it is sending emails
<LaserAllan> and it also seems to empty the qeue but I am not sure if there is anything specific i am going to look for
<teward> jgrimm: ping
<jgrimm> teward, hi there
<teward> jgrimm: grab a copy of your irc scrollback if possible, #ubuntu-irc was able to remove the meeting state in #ubuntu-meeting, but the fear is the meeting logs were torpedoed
<teward> for the server team meeting
<teward> we may wish to include that somewhere for the meeting logs/notes
<teward> im' going to pull a copy myself too
<jgrimm> teward, indeed
<jgrimm> i'm hoping there is an auto #endmeeting that kicks in
<teward> jgrimm: i don't think there is, but I know that I poked and asked if they could force-end because the chair went away
<matsubara> teward, I updated the bug 1559507 with what I just found. Please take a look and see if it makes sense
<ubottu> bug 1559507 in debian-installer (Ubuntu) "Keyboard selection is missed" [High,Confirmed] https://launchpad.net/bugs/1559507
<teward> there was such a force-command, jgrimm, but the fear is we lost the logs, so for minutes, etc. we should probably back up our own copies and make it available
<teward> matsubara: looking
<matsubara> I need to find someone that actually knows that stuff to confirm that hypothesis
<jgrimm> teward, saved. thanks
<teward> jgrimm: you're welcome
<teward> matsubara: indeed, I'm not sure who to prod on that though, maybe the desktop team will have further insights?  GIven that the issue is happening everywhere, I wonder if it's the same missing mechanisms...
<teward> matsubara: odd though that this only very recently happened, because prior to the first observation by phillw it was apparently fine
<teward> though I don't regularly test
<matsubara> teward, I just asked on -devel
<teward> ok
 * teward tracks there
<matsubara> teward, yeah, maybe it was there for some time but it wasn't noticed.
<matsubara> I'd say it's easy to miss if you always install with the regular US keyboard and don't care about setting up a different layout
<teward> matsubara: possibly.  I know that phill pings whenever any of the Server stuff needs attention, I think it's his way of 'triaging' things in such a way that it gets additional eyes before it's filed as an issue.
<teward> and yeah, since I use regular US keyboard it's usually never an issue for me
<jjrabbit543> anybody here use yum?
<nacc> why would anyone use yum in ubuntu? :)
<Pici> !yum
<ubottu> Uh, don't you mean !apt ?
<Pici> !botsnack
<ubottu> Yum! Err, I mean, APT!
<jjrabbit543> lol
<Pici> jjrabbit543: so why do you need yum?
<jjrabbit543> cause it's in the repos and was wondering if it's worth using?
<jjrabbit543> i guess i should stick with the package manger that comes with the OS though right?
<Pici> I'm sure you can install it, but it isn't going to be useful.
<jjrabbit543> Pici: would it only show me packages for other distros?
<jjrabbit543> because that wouldn't be useful at all
<jjrabbit543> i was just interested in the usability of it
<nacc> jjrabbit543: yum can only be used to install rpms, afaik. So I have no idea what it'd be used, except maybe for hosting mock or smilar on ubuntu
<Pici> jjrabbit543: rpm is also in the repos, and while you can install packages with it, I wouldn't recommend it.
<jjrabbit543> Pici: ok good point
<jjrabbit543> just curious, thanks
<jjrabbit543> i'll stick with aptitude
<Pici> good ;)
<jjrabbit543> anybody know how i can get to the Search menu at the top of aptitude?
<tarpman> jjrabbit543: ctrl-T
<tarpman> jjrabbit543: it says "C-T: Menu" right there in the top left
<jjrabbit543> tarpman: so it does. Thanks!
<jjrabbit543> wow you can lose on the first move in the minesweeper game
<jjrabbit543> ubuntu minesweeper is merciless
<sarnold> the only winning move is not to play the game
<jjrabbit543> anybody know why midnight commander isn't listed in aptitude?
<Pici> !info mc
<ubottu> mc (source: mc): Midnight Commander - a powerful file manager. In component universe, is optional. Version 3:4.8.13-3 (wily), package size 501 kB, installed size 1586 kB
<sarnold> dunno, my tools show that it should be in everything frmo precise to xenial
<sarnold> it is in universe though, if you've only got main enabled, it won't show up
<nacc> jjrabbit543: and if you didn't know how to find it via the name, you could do `apt-cache search ' midnight commander'`
<jjrabbit543> what is component universe?
<jjrabbit543> is that a category in aptitude?
<nacc> jjrabbit543: https://help.ubuntu.com/community/Repositories
<sarnold> jjrabbit543: the archive is split into main and universe; packages in universe are supported only via community members, packages in main are supported by canonical and the community
<jjrabbit543> does anybody here user file managers or are they a waste of time
<jjrabbit543> does ubuntu come with one?
<sarnold> if you mean "explorer.exe workalike" then yeah ubuntu has a bunch
<sarnold> mc of course is a clone of nc which used to be popular in windows land 25 years ago or something
<jjrabbit543> not explorer.exe workalike
<jjrabbit543> midnight commander workalike
<jjrabbit543> for ubuntu server
<Seveas> !info mc
<ubottu> mc (source: mc): Midnight Commander - a powerful file manager. In component universe, is optional. Version 3:4.8.13-3 (wily), package size 501 kB, installed size 1586 kB
<nacc> jjrabbit543: why would you need a mc workalike if you have mc?
<jjrabbit543> nacc: because it's in the universe component repository and which apparently is not a default package list
<jjrabbit543> i prefer to use native tools that "come with" the OS
<nacc> jjrabbit543: did you read the above link about the repositories?
<jjrabbit543> nacc: yes, it says main and restricted are the defaults
<nacc> jjrabbit543: "comes with" and "defaults" are different things, IMO
<nacc> jjrabbit543: universe is part of Ubuntu, too
<nacc> jjrabbit543: it's just a matter of who supports what
<jjrabbit543> then how come i can't find packages that are in the universe component
<jjrabbit543> component universe
<jjrabbit543> *
<nacc> jjrabbit543: you have to enable the component, in /etc/apt/sources.list
<jjrabbit543> nacc: I ran this command instead: "sudo add-apt-repository "deb http://archive.ubuntu.com/ubuntu $(lsb_release -sc) universe""
<jjrabbit543> found it here http://askubuntu.com/questions/148638/how-do-i-enable-the-universe-repository
<jjrabbit543> and still isn't working. did I mess something up by doing that
<jjrabbit543> ?
<sarnold> apt-get update && apt-cache show mc
<nacc> also, i think you can just run `add-apt-repository universe` ?
<patdk-wk> so, what instructions do I use to properly file a bug report on 4.4.0-15 kernel module (qla2xxx) panic on boot? :)
<patdk-wk> it was working upto 4.3.0-5 that I know, I didn't test any kernels inbetween
<sarnold> TJ-: try redirecting stdin on the -first- ncat from /dev/null or similar: ncat -m 1 -6kl 10006 < /dev/null | ncat -kl 10007
<TJ-> sarnold: it looks like #1 is stopped because #2 is stopped. I'm suspecting its a buffer-full issue because there are no clients connected to empty the pipe
<TJ-> sarnold: I'm running testing right now to try to catch it, but it can take up to 12 hours!
<sarnold> TJ-: hmmm. I'd expect its write()s to block in that case..
<sarnold> patdk-wk: https://bugs.launchpad.net/ubuntu/+source/linux/+filebug  :) and be prepared for the kernel team demotivational bot to ask a pile of questions..
<patdk-wk> I know, and panic on boot during initrd before filesystems are mounted, is kindof annoying as hell to report :)
<TJ-> sarnold: well, on the broadcaster node that sends to the proxy it can send almost all the kernel's "make bindeb-pkg" build messages before stalling
<sarnold> TJ-: heh can you feed it with /dev/zero to test something faster? :)
<jjrabbit543> turns out running apt-get is 100 times easier than dicking around with aptitude
<TJ-> sarnold: I was going to pipe it via 'pv' to see how large the buffer is
<sarnold> jjrabbit543: indeed, I never understood the appeal of aptitutude
<sarnold> TJ-: you've got a few buffers in play simultaneously which is going to be confusing as sin -- the tcp recv buffer on the first one, the unix pipe buffer between the two, and the tcp send buffer on the second one
<TJ-> sarnold: indeed ... good, ain't it? :d
<patdk-wk> aptitude is annoying :)
<TJ-> sarnold: 'ncat ... | pv ncat ...' tells me the buffer is 43.2Kb
<designbybeck> If I'm trying to learn server stuff, and I'm going through a tutorial, shouldn't this command work? : cat /etc/hosts /tmp/appendit
<designbybeck> Shouldn't that take the contents of hosts and put a copy in appendit?
<TJ-> designbybeck: you're writing both files to stdout
<patdk-wk> no
<designbybeck> HMmm TJ-
<nacc> designbybeck: you're missing redirection (>) operator
<nacc> designbybeck: also, why would you use cat, when you have cp ?
<TJ-> designbybeck: cat /etc/hosts >>/tmp/appendit
<patdk-wk> well depends
<patdk-wk> he might be missing >>
<TJ-> designbybeck: use >> if you want to 'append' to an existing file
<nacc> patdk-wk: true, depends
<designbybeck> so just >> would do it TJ-
<patdk-wk> or > to basically copy/overwrite
<designbybeck> ah ok, I've never ran across that, but I'll try that out
<TJ-> designbybeck: yes, see "man bash" REDIRECTION section for the details
<designbybeck> thank you TJ-  and nacc
<designbybeck> wow TJ- that's a heck of a man page!
<designbybeck> but yes: cat this >> that worked
<jjrabbit543> anybody know the shortcut to close a linux screen window?
<jjrabbit543> i accidently created a bunch and need to close them
<TJ-> designbybeck: if you ever use sudo it won't though, because the >> will bind to the *output* of sudo (which is in the current user's context) not the command being called. In that case you either do "sudo sh -c "cat /etc/hosts >> /tmp/appendit" OR "cat /etc/hosts | sudo tee -a /tmp/appendit" (if you can stand seeing the output. Another alternative is "cat /etc/hosts | sudo dd of=/tmp/appendit
<TJ-> oflags=append"
<sarnold> jjrabbit543: ^D on a line all by itself will close bash
<sarnold> jjrabbit543: no idea if your terminal emulator you're using will then close or not.. but most do.
<sarnold> jjrabbit543: ^D tells teh terminal emulator to send the end-of-file signal, so it's also used to end HERE documents and similar things
<jjrabbit543> im confused
<ChibaPet> sarnold: There may also be a bug wherein an overridden value is honored but the default is printed to screen anyway. I'm seeing messages talking about a 1:30 timeout that sure looks like it completes after the 15 seconds I specify.
<jjrabbit543> you can have several windows open inside a single screen session and on top of that you can have multiple screen sessions running as well?
<sarnold> ChibaPet: ugh
<ChibaPet> jjrabbit543: Sure, why not? You can nest screens readily.
<sarnold> jjrabbit543: sure, nest as deep as you want..
<jjrabbit543> dang
<jjrabbit543> #screenception
<sarnold> jjrabbit543: multiple vim tabs in tmux in screen in tabbed terminals in multi-desktop X sessions..
<sarnold> .. managing multiple jobs in a job-control shell..
<ChibaPet> jjrabbit543: Just remember, control-a a command to send a command to a screen one level deep. Control-a a a command to go two levels deep. Etc.
<ChibaPet> Also, remember to just open multiple windows if that's all you need.
<jjrabbit543> is there a shortcut to kill one of the windows inside a screen session?
<jjrabbit543> that's what i am trying to do
<ChibaPet> control-a \
<ChibaPet> sorry, that's all windows
<ChibaPet> control-a k
<sarnold> heh we'll see if he saw the "sorry" in time.. :)
<jjrabbit543> ChibaPet: ty!!
<ChibaPet> Mm, unfortunate timing on my part.
<ChibaPet> jjrabbit543: screen is amazing stuff.
<jjrabbit543> sarnold: i did ;)
<sarnold> pfew :)
<sarnold> hehe
<ChibaPet> sarnold: It prompts by default, so he'd have seen the fishy query before nuking everything.
<sarnold> ChibaPet: ah, nice ;) I've never killed windows in screen directly before, I've always just terminated the shells..
<jjrabbit543> hm lets see
<jjrabbit543> ya
<ddellav> coreycb barbican is ready for review: lp:~ddellav/ubuntu/+source/barbican
<coreycb> ddellav, ok thanks, I might need to look in the morning
<ddellav> coreycb ack
<LaserAllan> Hey guys
<LaserAllan> Anyone in here knows how SPF works?
<ddellav> LaserAllan i know a bit, yea
<Sling> LaserAllan: what is your actual question?
<ddellav> higher spf = more time the sunscreen lasts
<ddellav> :P
<ChibaPet> LaserAllan: https://en.wikipedia.org/wiki/Sender_Policy_Framework
<bekks> Or Shortest Path First.
<LaserAllan> Sling:  ddellav I currently have issues with my mailing service, I have configured fail2ban and Xymon to send emails when needed but for some reason they are sent according to the logs but they aren't reaching my gmail
<LaserAllan> Could it be that it has been blacklisted? becuase the "domain" that is used to send the emials doesnt really exists
<LaserAllan> "exist
<LaserAllan> I am just wondering if I might have to setup SPF if i want Google to not blacklist my IP?
<ChibaPet> LaserAllan: Check your mail logs to see if they're being delivered. Check your gmail spam to see if they're being misclassified.
<Sling> LaserAllan: hard to say, can you deliver mails to a domain where you can better see what is actually happening?
<ChibaPet> LaserAllan: Google can require complete correctness. Make sure your PTRs match, etc.
<Sling> i have seen gmail accepting mails but still not pushing them to user mailboxes
<ddellav> LaserAllan ok if its being sent from a non-existant domain it will likely get blocked. beyond spf google wants to see a legit domain with properly setup reverse dns.
<Sling> and they aren't very open in what checks they do exactly
<ddellav> if you find a mail in your spam box you can view the original to see the spf headers to see if it passed, failed, or softfaied
<ddellav> *failed
<Sling> I don't think he has spf at the moment
<LaserAllan> Sling: Currently No i dont
<LaserAllan> I will m,ake a apstebin of the logs and show you
<ddellav> if you dont have a proper domain name setup with reverse dns it's likely guaranteed to get blocked from gmail
<ddellav> regardless of spf
<LaserAllan> ddellav: Nah i dont have that currently
<LaserAllan> but it has worked flawlessly for nearly a year
<ddellav> i would probably setup fail2ban and all those to use your gmail smtp settings to send mail to yourself
<ddellav> thats a bit weird, sounds like blacklisted
<ddellav> but hard to tell for sure
<LaserAllan> ddellav: I am going to take a piss and get a beer and I'll get to this, I haven't used Linux for more than maybe 7-8 months so I am fairly new to it so excuse me if my knowledge isn't as vast as I'd wanted iot to be
<LaserAllan> But yeah sending mails to myself could work but if it's possible to configure a reverse DNS since I do have a domain that wouldn't be bad :)
<LaserAllan> I guess it's easier to filter the emails than
<ddellav> just be sure to google first :)
<LaserAllan> ddellav: I have very little experience when it comes to setup a reverse DNS but does that I mean I'll have to setup SFB or is this something else?
<ddellav> im not sure what SFB is but reverse dns is something setup by the person that owns the ip address associated with your server
<ddellav>  your "ISP"
<ddellav> so if someone does a reverse lookup on your ip, they'll see your domain
<ddellav> i.e. dig -x ip.add.ress
<LaserAllan> Hmm, well I have my domain at a hosting ocmpany here in scandinavia but the IP of the server which is gopig to send the emials is in the US
<LaserAllan> not sure if that makes any difference but
<ddellav> most hosting companies have control panels where you can set PTR records yourself, otherwise you'll have to contact them
<ddellav> assuming you have a dedicated ip and not shared hosting
<ChibaPet> LaserAllan: https://en.wikipedia.org/wiki/List_of_DNS_record_types#PTR
<LaserAllan> ChibaPet: Thanks :)
<LaserAllan> I have allot to learn but what better to do it with my owns tuff, not that much can break though:P
<ddellav> it's always great to experiment and learn new stuff. I'm excited for you.
<LaserAllan> I feel ashamed that it took me so amny eyars to really start using Linux
<LaserAllan> for servers I think its extremely powerful, secure and lightweight
<ddellav> every day is someones first day, nothing to be ashamed about
<LaserAllan> ddellav: Some people jsut seem to be unfriendly/arrogant towards people who doesn't know as much as them :), but I am amazed what Linux can do, I am still learning the CLI step by step though.
<LaserAllan> But but, I am not gonna clutter the chat with offtopic stuff, I'llg og et a beer and get back to the reverse DNS, hopefully I can sovle it together with a little help :)
<ddellav> im sure you'll get it figured out. good luck :)
<sarnold> hallyn: "zfs_poo_name" https://git.launchpad.net/~serge-hallyn/+git/lxdserverguide/tree/lxd.md#n201
<hallyn> lol
<hallyn> thx
#ubuntu-server 2016-03-23
<rsully> Is there a way to run a ipsec/l2tp vpn on a dynamic IP? All of the guides I find require you to specify the server IP in various parts of the setup and config
<bekks> you would need to adjust that upon every IP change.
<rsully> That defeats the whole purpose. It looks like the problem isn't with xl2tpd, but with openswan. But I don't know if maybe openswan can run with 0.0.0.0 or other dynamic IP mode, and just the guides I'm using don't offer that as an option
<bekks> why does it defeat the whole purpose?
<rsully> Because when it changes I'm likely not going to be on site or even notified
<bekks> So create a cron job.
<rsully> It looks like ipsec.secrets can handle %any, and ipsec.conf can use %defaultroute instead of IPs
<rsully> but the guide I was using also required the IP in iptables for SNAT, so it isn't a full solution
<devster31> sarnold: I almost solved it with dns masquerading
<sarnold> devster31: 'almost'? :)
<devster31> I have no idea how it works, I'm experimenting, but it seems the easiest solution, local resolution with forwarding to google or opendns servers
<jjrabbit543> hello
<jjrabbit543> anybody know if there's a simply way to run a speed test from command line?
<sarnold> what sort of speed are you interested in measuring?
<jjrabbit543> bandwidth
<sarnold> bandwidth in use or bandwidth available?
<jjrabbit543> download/upload speeds
<jjrabbit543> similar to the website speedtest.net or whatever it's called
<sarnold> iperf or iperf3 perhaps; sometimes I grab something big from kernel.org
<jjrabbit543> cool i'll have to read up on how to use that lol
 * tarpman sometimes grabs something big from releases.ubuntu.com ;)
<sarnold> heh, i've never tried that approach.. normally the ubuntu servers are glacial, is that one better?
<tarpman> ok, if i'm being honest, i probably wouldn't use that one specifically, but a nearby mirror
<patdk-lap> https://github.com/sivel/speedtest-cli
<sarnold> ha, cool
<patdk-lap> iperf3 is so much better though
<sarnold> wow, a few seconds reading iperf3 sources looks promising
<sarnold> clean cppcheck
<sarnold> i thought one of the iperfs looked insane
<RoyK> jjrabbit543: http://bfy.tw/4tIK
<pezet91> hello, how to make a mirror copy of the system on Ubuntu Server?
<pezet91> is it possible?
<nocontrol> hi all, I have installed ubuntu server 14.04 with vagrant and I've included Redis. So I am trying to start the server and I get a permission error
<nocontrol> Error says: failed to open .rdb for saving: Permission error
<nocontrol> I've checked the redis.conf and the dir is /var/redis which is chowned by redis:redis and 777
<havenstance> xrandr --output DVI-0 --primary --mode 1440x900
<havenstance> <havenstance> just to clarify the --primary in this command will make that DVI display the primary display correct?
<lordievader> Good morning.
<jamespage> smoser, raised https://bugs.launchpad.net/simplestreams/+bug/1560903 to cover the hypervisor_type -> virt switch in stream data and updated the MP.
<ubottu> Launchpad bug 1560903 in simplestreams "switch hypervisor_type -> virt in stream data" [Undecided,New]
<jamespage> smoser, oh and happy birthday :-)
<jamespage> utlemming, Odd_Bloke: hey - any know issues with locales being installed on the latest cloud images for xenial?
<jamespage> having trouble atm: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1560939
<ubottu> Launchpad bug 1560939 in libvirt (Ubuntu) "libvirt-bin fails to install on a fresh xenial server" [Undecided,New]
<jamespage> coreycb, fyi ^^
<Odd_Bloke> jamespage: No _known_ issues, but it's not something that we particularly check.
<jamespage> Odd_Bloke, only locale installed is C
<jamespage> no language-pack-en
<Odd_Bloke> Clearly we've decided to reject anglocentrism.
<Odd_Bloke> jamespage: I'll have a quick dig. :)
<Odd_Bloke> jamespage: So I don't think we've ever shipped language-pack-en.
<Odd_Bloke> jamespage: (Does doing either of the things suggested in the cloud image MOTD fix the problem?)
<jamespage> Odd_Bloke, I installed the langpack - that does resolve the problem
<jamespage> I suspect the second one will as well
<pmatulis> morning
<Odd_Bloke> jamespage: "Mar 23 11:17:14 username systemd[1]: Failed to start Load Kernel Modules." <-- that looks like a more likely culprit
<Odd_Bloke> (I would expect that all of those open calls come after the actual failure when the error message is trying to be localised.)
<smoser> jamespage, thanks.
<smoser> jamespage, do you think 'kvm' is the right name?
<jamespage> smoser, I'm not sure tbh - I put that up as a straw man
<smoser> well, at least on server stack, lenart agrees with you
<smoser> [    6.854315] systemd[1]: Detected virtualization kvm.
<smoser> wll, i'm good with the rest of it, and i would ilke to have sane values. to me 'qemu' seems more correct, i dont have strong feeling against lxd
<smoser> what does juju call these things?
<arie_sw> hi all
<smoser> jamespage, ^ does juju expose 'lxc' or 'lxd' or 'kvm' or 'qemu' ?
<jamespage> smoser, that's still up for discussion - right how its lxd and qemu
<jamespage> but that's changeable
<smoser> so is there any reason that i should pull this now then ?
<jamespage> smoser, this branch is part of the work to enable multi-hypervisor openstack clouds with juju
<smoser> jamespage, well, juju uses the words 'kvm' and 'lxc'  elsewhere.
<smoser> https://jujucharms.com/docs/1.25/config-LXC
<jamespage> smoser, in 1.25 it does
<jamespage> in 2.0 lxd is used as well
<jamespage> smoser, so I feel lxd and kvm is more aligned to existing virt terms in juju
<smoser> well, you can tell me what to do . i'd rather not pull it and upload it to ubuntu and then change it.
<jamespage> smoser, agreed
<smoser> well, tell me what to do . i'm fine to upload or to wait.
<teward> matsubara: ping - did anyone help hunt down the issue with the keyboard layout selection issue, or is that still an unknown?  (It may be a show-stopper, at some point...)
<matsubara> teward, not yet. I asked cyphermox yesterday but got no reply yet. I'll ask around again
<jamespage> smoser, ok - so after some discussion - 'lxd' and 'kvm' is the plan
<matsubara> teward, I have some other stuff to take care this morning but will keep poking
<jamespage> smoser, so I think my merge-proposal is good for that....
<teward> ok, was merely curious.  was also tempted to put it up on one of the mailing lists given the extreme size of problems I can anticipate happening with that issue, both here and in the Desktop side, was merely curious if you ever got a reply on -devel :)
<cyphermox> matsubara: what about?
<teward> cyphermox: the debian-installer issue where the keyboard layout selection is nonexistent
 * teward hunts down the bug
<teward> https://bugs.launchpad.net/ubuntu/+source/debian-installer/+bug/1559507
<ubottu> Launchpad bug 1559507 in debian-installer (Ubuntu) "Keyboard selection is missed" [High,Confirmed]
<smoser> jamespage, ack. will upload
<teward> cyphermox: there's reports Ubiquity has a similar issue on the GUIs, but not sure if it's related - (https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1549529)
<ubottu> Launchpad bug 1549529 in ubiquity (Ubuntu) "The keyboard is still installed as US-English even if another language is selected during the installation" [Undecided,Confirmed]
<teward> though i'm more interested in the server installer issue :P
<cyphermox> ok, I will look into it just after I'm done with netcfg
<teward> cyphermox: thank you kindly.  matsubara did some initial hunting into the issue, and commented on the first bug (debian-installer) with a possible issue cause, but I think we were both waiting for someone more aware of how debian-installer operates to peek at it?
 * teward shrugs
<teward> in any case, thanks for looking at it (when you get to it)
 * teward goes and pokes nginx some more
<matsubara> thanks cyphermox
<matsubara> and teward as well
<teward> pfft.  i just don't like it when the Lubuntu team tries to bother me into nagging people about bug states heh
<jamespage> smoser, ta thankyou very much!
<teward> ultimately doesn't affect me, given i'm using US-English, but for others, I can see why it'd be evil
<devster31> with resolvconf and dnsmasq what's the correct file to edit to set google DNS servers? resolv.conf is manged by resolvconf, so that's not an option
<jamespage> cpaelzer, dpdk uploaded - I feel I'm only really reviewing technically the packaging now as your dpdk jitsu is far ahead of mine now...
<TJ-> devster31: is the system using ifupdown or network-manager?
<rbasak> devster31: try https://www.stgraber.org/2012/02/24/dns-in-ubuntu-12-04/. A little old but I think some of it is still relevant.
<rbasak> Using dnsmasq on a server seems a little odd though
<devster31> TJ-: how do I check, it's 15.04 with systemd, nothing fancy installed
<devster31> rbasak: it's for SOHO use, I have some machines that I want to access with their domain name but their local IPs
<TJ-> devster31: is it configured via /etc/network/interfaces (ifupdown)
<devster31> and I don't know enough about DNS to set up a full dns server
<devster31> TJ-: doesn't that add the dns server to the interfaces though? if I use it for other machines it won't work right?
<reveal> What would cause %post and %packages to not actually install or work as intended for Ubuntu 14.04 LTS Server inside a kickstart file
<allquixotic_> Hi, I want to install a package (parted) from the shell in the Ubuntu Server installer booted from the CD. But dpkg and apt-get are not available in the environment. Is there any way to do this?
<TJ-> devster31: if it uses ifupdown with a dns-nameservers entry in /etc/network/interfaces, then resolvconf will set the name-servers in /run/resolvconf/resolv.conf, which is sym-linked from /etc/resolv.conf
<cpaelzer> jamespage: thank you - I'll let my jitso wreak havok on update excuses then if it shows up there
<jamespage> cpaelzer, now I just need to figure out how to make this all work with openstack...
<cpaelzer> jamespage: not that I assume I would be a big help compared to your openstack-jitsu but let me know if I can
<jamespage> cpaelzer, I've added the 'userspace-networking' flag to the ovs charm
<jamespage> just need to muddle through allocating pci devices and injecting them into ovs now...
<jamespage> cpaelzer, ok so how to I tell ovs/dpdk to slurp up a virtio device?
<jamespage> cpaelzer, oh wait I see - it does that automatically
 * jamespage just lost connectivity to a compute host
<devster31> TJ-: ok, what's the difference if I add it to resolvconf.conf with something like name_servers_append ? also, should I add nohook resolv.conf to the dhcpcd.conf file?
<jamespage> cpaelzer, do I need your latest update to get virtio-net devices working directly with dpdk?
<jamespage> blacklisting does not appear to be working atmmm
<Jajce> Hey everyone! I have one small silly question. Is it possible to enforce apparmor to log to a separate file instead of logging everything to /var/log/audit/audit.log ?
<tyhicks> Jajce: hello - there's nothing in the AppArmor project that allows for that
<tyhicks> Jajce: however, you may be able to configure auditd to log AppArmor messages to another file
<tyhicks> Jajce: I wouldn't know how to do that off the top of my head but the auditd.conf man page is usually pretty easy to read through
<Jajce> hm, thanks for suggestion, going into auditd.conf then :)
<RoyK> tyhicks: if it logs to syslog, there should be filtering possibilities there, in rsyslog
<tyhicks> Jajce: ^ RoyK's suggestion only works if you uninstall (or stop) auditd
<Jajce> tyhicks: Royk: ok, thanks, I actually tried that one and failed. Now I know why :D
<reveal> in kickstart does %post represent installing applications after the install
<jamespage> beisner, the daily xenial images lack locale data and libvirt-bin won't install as a result...
<cpaelzer> jamespage: you need the latest update to work with openstack-dpdk
<cpaelzer> jamespage: without the update you will run into bug 1559912
<ubottu> bug 1559912 in dpdk (Ubuntu) "Openvswitch 2.5 + dpdk 2.2 totally failing for virtio PMD" [Critical,Triaged] https://launchpad.net/bugs/1559912
<cpaelzer> tl;dr - segfault of openvswitch when calling into dpdk lib
<cpaelzer> jamespage: you said blacklisting doesn't work how does it look like atm?
<cpaelzer> jamespage: I consolidated some of my logs so you can compare http://paste.ubuntu.com/15480059/
<jjrabbit543> hello
<jjrabbit543> anybody know what df stands for?
<Pici> disk free/file
<jjrabbit543> Pici: ty that will help me remember better
<beisner> jamespage, ack understood, just added to the bug to confirm from the test automation vantage point.
<mahmoh> j^2: you may be interested in this too in case: https://wiki.ubuntu.com/StableReleaseUpdates#New_upstream_microreleases and here's an example I think: https://lists.ubuntu.com/archives/ubuntu-hardened/2014-February/000735.html
<cyphermox> rharper: I'm reviewing/sponsoring your multipath-tools merge
<cyphermox> caribou: ^
<cyphermox> caribou: jgrimm: sorry for the trouble / miscommunication
<jgrimm> cyphermox, oh cool! i got crickets yesterday, and knew you were swamped
<cyphermox> yeah sorry
<caribou> jgrimm: cool, that's one less on my plate :)
<jgrimm> looking for ways to spread the work, totally appreciate your time
<cyphermox> it was escalated to me an hour ago by slangasek
<jgrimm> thanks you both!
<caribou> jgrimm: np
<codewaffle> can someone point me to where to start with building OpenLDAP against OpenSSL (instead of GnuTLS) into a .deb that can then be installed on multiple servers via dpkg?
<codewaffle> actually I think I nailed my search right after asking, sorry :/
<tarpman> codewaffle: apt-get source, change debian/control to build-depend on libssl-dev instead of libgnutls-dev, change debian/configure.options to build --with-tls=openssl instead of gnutls, dpkg-buildpackage -us -uc
<tarpman> codewaffle: er, and a dch -l in there somewhere.
<tarpman> codewaffle: if you're having specific issues with gnutls, bug reports would be appreciated
<jjrabbit543> redhat costs money right?
<sarnold> yes but if you want a variant without support there's centos
<jjrabbit543> so is ubuntu-server geared more towards home users then?
<sarnold> ubuntu has far more things packaged, and there's more support available for free users, but if you want to buy support contracts from canonical that's certainly an option :)
<ChibaPet> jjrabbit543: http://blogs.wsj.com/cio/2016/01/13/att-adopts-canonicals-ubuntu-in-push-to-replace-proprietary-systems-with-open-source-tech/
<ChibaPet> Some users and vast enterprise operations, yeah.
<ChibaPet> s/Some/Home/
<TJ-> Has anyone seen problems with 16.04 mariadb, default install, not being able to log-in to the database over TCP, or over socket as any user other than root?
<jjrabbit543> who is canonical?
<jjrabbit543> tech support company for ubuntu?
<sarnold> jjrabbit543: canonical employs many of the people who work on the ubuntu distribution -- including e.g. me ;)
<jjrabbit543> no way
<jjrabbit543> that's pretty cool
<jjrabbit543> so that's how you know all this stuff
<sarnold> well, many of the ubuntu-specific details anyway; i've been using linux for 22 or 23 years now, ubuntu only eight or nine years, and been a canonical employee for less than four years
<ChibaPet> sarnold has been using Linux longer than me. I clung onto BSD for a long time.
<sarnold> :)
<sarnold> there's a lot I liked about the various BSDs
<sarnold> maybe if i'd started there first it would have 'stuck' better
<jamespage> cpaelzer, I can't get pci-blacklist to work
<jamespage> if I use that, ovs-vswitchd fails to start....
 * jamespage scratches his head
<jamespage> and if I don't, I lose the node...
<jjrabbit543> bsd isn't linux?
<sarnold> bsd predates linux by 15 years or so :)
<jjrabbit543> ah ok nvm
<sarnold> there's some shared code, and there's many applications that run on both bsds and linuxes well, but they're mostly independant systems
<PresidentTrump> hi, which folder should I be putting user installed php libraries in?
<PresidentTrump> offcially which folder? I know I can do whatever I want...
<j^2> mahmoh: thanks :D
<mahmoh> np
<j^2> mahmoh: iâm still straighting things out over here. but iâm making progress :)
<mahmoh> j^2: scream if you need to
<j^2> you know i will buddy you know i will ;)
<cpaelzer> jamespage: what I've seen with the blacklist when passing as parms is that it rally cares about being two arguments
<cpaelzer> jamespage: so "--pci-blacklist 000:00:03.0" won't work it has to be "--pci-blacklist 000:00:03.0"
<nacc> PresidentTrump: what do you mean by php libraries? extensions (.so files) or php packages (a la composer ror whatever)?
<cpaelzer> jamespage: what way does it fail to start btw - do you have a log and a commandline that I could debug on tomorrow morning?
<jamespage> cpaelzer, its weird - I could not get ovs to start under systemd start
<jamespage> but I can run the same command from the command line ok
<jamespage> weird...
<nacc> cpaelzer: aren't those identical strings? (was one suppoesed to contain =)?
<cpaelzer> jamespage: I had no = sign
<cpaelzer> jamespage: there are also shortopts -b and -w if that might help
<cpaelzer> jamespage: http://dpdk.org/doc/guides-1.8/testpmd_app_ug/run_app.html
<cpaelzer> jamespage: it might be important where before/after the -- you sort that in
<cpaelzer> jamespage: you might refer to that git repo I had posted before, it has a script which does that
<cpaelzer> jamespage: it echoes to /etc/default/op... and restarts the service - was working yesterday
<cpaelzer> jamespage: I'm leaving now, if you are still stuck when you hit EOD please drop me a mail if I can help
<jvwjgames> I have a question
<jvwjgames> Me and my brother are building an earthquake early warning system and was wondering if there is a way to convert a high-pitch signal into an alert
<jvwjgames> Basically here is how are earthquake early warning system
<jvwjgames> Will work
<teward> jvwjgames: not sure how this is on topic here?
<jvwjgames> We are using amateur radios so that we can detect the earthquake on the fault line and we then have a master amateur radio that links to my house and then from there over to Bluetooth to my server and then for my server out to all phones that are connected over the Internet to the service and then when the earthquake gets detected a high pitched sound gets transmitted over the amateur radio network and then the high pitch
<teward> sounds like you need an engineer, not a support chat room
<jvwjgames> Don't reason I asked in this room is because I have a Ubuntu server and I was wondering if there's a program that can convert high pitched signal tune alert
<jvwjgames> The only reason*
<jvwjgames> To an alert*
<sarnold> jvwjgames: investigate packet radio, ax25
<TJ-> jvwjgames: if the pitch of the warning tone is at a predictable, and is fed into the server via,say, audio line-in, it should be pretty easy to arrange to perform real-time spectral analysis (using Fast Fourier Transform libraries/tools) that trigger the alert
<jvwjgames> And I have fail safes in place
<jvwjgames> So if the internet goes out during the earthquake it will reroute to cell towers for internet
<jvwjgames> internet-based if my power gets knocked out battery backup
<jvwjgames> And if my*
<TJ-> jvwjgames: may be worth investigating puredata with the pd-fftease plug-in
<jvwjgames> What is puredata
<TJ-> !info puredata | jvwjgames
<ubottu> jvwjgames: puredata (source: puredata): realtime computer music and graphics system. In component universe, is optional. Version 0.46.6-2 (wily), package size 4 kB, installed size 44 kB
<Chaos_Zero> after logging in with likewise-open, how can I have a network printer automatically added with the same login credentials? Is this what PAM is for? I am not familiar with it.
<nacc> Chaos_Zero: what is likewise-open? I don't see it in the repository?
<spammy> ok, so the ubuntu openstack instructions suddenly changed...http://www.ubuntu.com/cloud/openstack under "Install OpenStack yourself"
<spammy> shrugged and decided to give it a try....sadly juju bootstrap fails with openstack-install :(
<spammy> error is that "ubuntu/trusty" must be set for juju
<spammy> tried setting it via openstack-install....same results
<spammy> guess these new instructions aren't quite ready
<spammy> where can I find the old instructions?
<Deeps> web.archive.org
<patdk-lap> how do I get a nfs system to mount at boot on xenial
<patdk-lap> seems no matter what I try, it just won't mount it
<spammy> Deeps:  of course.  thx
<nacc> patdk-lap: what did you try?
<nacc> patdk-lap: also, what do yuo mean "nfs system" ?
<patdk-lap> nfs server?
<patdk-lap> nfs is a protocol that provides a network file system
<nacc> patdk-lap: yes, i know
<Chaos_Zero> nacc: I don't know if it is a package actually, it is just a method to 'integrate' ubuntu to allow you to log into active directory.
<nacc> patdk-lap: do you mean you can't get a client to mount nfs at boot? or you can't get an NFS server to serve NFS properly?
<patdk-lap> well, in fstab I have: nfs.example.com:/nfs /mnt/nfs bg,noacl,nfsvers=3,nosuid,nolock,nodev,_netdev,nordirplus 0 0
<patdk-lap> well, I have 30 other systems with this nfs mounted on them
<patdk-lap> for the last 12 years
<nacc> Chaos_Zero: is it part of Ubuntu?
<patdk-lap> so I doubt that is the problem with the server
<nacc> patdk-lap: i'm just trying to understand what you're trying to do, what you wrote wasn't clear to me
<patdk-lap> I think it might just be an issue with bonding/bridging
<nacc> patdk-lap: what happens when you attempt to mount /mnt/nfs ?
<patdk-lap> seems sometimes network stack comes up without default gateway
<patdk-lap> it just works
<nacc> patdk-lap: so it's only failing to mount during bootup?
<patdk-lap> yes
<nacc> if your network stack is able to (does) come up without a gateway, then it seems like that would easily keep nfs from working
<patdk-lap> nfs is on another network, not affected or needing the gateway
<patdk-lap> including dns
<nacc> patdk-lap: would probably need to see logs or something, it's hard to know -- are you uptodate in 16.04?
<patdk-lap> as of 30min ago
<Chaos_Zero> nacc: No, it is not in the repositories, I think. https://www.powerbrokeropen.org/
<nacc> Chaos_Zero: i would contact them :)
<nacc> Chaos_Zero: can't really help you with something not in ubuntu
<Chaos_Zero> nacc: often IRC channels can be fairly specific without being exact. For example, for this software, I would expect that some ubuntu administrators would have the greatest chance of having user it before.
<Chaos_Zero> used*
<Chaos_Zero> For example, I see a question about NFS above. Clearly not ubuntu specific.
<nacc> Chaos_Zero: it was about nfs configuration in 16.04, pretty ubuntu specific and using ubuntu tooling
<nacc> Chaos_Zero: you're right, you might get an answer here
<nacc> Chaos_Zero: i simply suggested you contact the people that make the software you're using
<Chaos_Zero> very well, I apoligize if I came off strangely. I am not the best at explaining my reaconing, I guess.
<Chaos_Zero> reasoning
<nacc> Chaos_Zero: no, you're fine, and i wasn't trying to dismiss you either; i just don't know anything about that setup, sorry
<Chaos_Zero> Ok, this may be more related: Suppose I add the printer without authentication details using the lpadmin command. If I then try to print using it, I will not be prompted for authentication, It will just sit in the queue as 'held for authentication' until I go there to release it. (14.04)
<Chaos_Zero> How can I enable the prompt?
#ubuntu-server 2016-03-24
<nacc> Chaos_Zero: does this apply? http://ubuntuforums.org/showthread.php?t=1378562
<Chaos_Zero> nacc: I have visited this post already, but perhaps you could clarify. In the second post they state that they 'added printer via LPD'. When I saw this I assumed to use lpadmin, but perhaps I means something else. Do you know what they mean by 'add with LDP' ?
<Chaos_Zero> it*
<nacc> Chaos_Zero: i think lpd is part of lpr; while lpadmin is for cups, no?
<Chaos_Zero> perhaps I have become confused, let me take a look at that binary, and I will get back to you later. :)
<nacc> Chaos_Zero: there's some info here too: http://davidmburke.com/2012/04/26/ubuntu-12-04-deployment-with-active-directory/
<guideX> with ubuntu server, how do I check my local ip, ifconfig says "command not found" .. with windows, I'd usually do something like "ping <computername> -4"
<NegativeFlare> guideX: ipconfig on windows
<NegativeFlare> :P
<tarpman> guideX: try /sbin/ifconfig -- /sbin may not be in your PATH by default
<tarpman> guideX: or /sbin/ip addr
<JanC> âip addrâ is the right way to do it
<showaz> JanC: ip addr | grep -E "inet|^[0-9]+\:"
<showaz> interface + addr inet/inet6
<lordievader> Good morning.
<Razva> guys I'm lost here. I have a E5-2640V3 (8 cores, 16 threads). supposing I want to allocate 100% of the CPU to a VM (which I know it's stupid, but I'm just asking!) should I go with 16 socets with 1 core, or 1 socket with 16 cores?
<rtyuio> hi there
<rtyuio> no machine not working with ubuntu ?
<cpaelzer> jamespage: did you have some luck getting openvswitch-dpdk to work for you yesterday after I left?
<jamespage> cpaelzer, yes stepping forwards slowly
<jamespage> cpaelzer, working on the design for how we configure this in the charms atm...
<havenstance> how hard is it to install the open source xenserver over Ubuntu Server 14.04?
<m1dnight_> What is the consencus on mounting a drive in /var/lib?
<m1dnight_> (My owncloud data folder)
<l1meon> hello, can someone tell me how I can run a shell script with a speciffic Ipv6 ? Something like ruby myscript.rb --with ip 2aex::xxx:xxx Is there a way like that?
<sarnold> m1dnight_: it will probably work; maybe some programs expect to be able to rename() files across directories that may break, but that's usually pretty rare
<sarnold> l1meon: read it and find out?
<dasjoe> sarnold: what should I do now that SHA-1 got disabled for apt?
<sarnold> dasjoe: they'll eventually fix up all the ppas in a bulk batch; if you can't wait you can publish a new package or new series to your ppa that will cause the new sha512 signatures to be generated
<l1meon> sarnold: where can I read? I found a way but dont know how to test it, its like this /sbin/ip -6 route del default then /sbin/ip -6 route add default via gate_way src ip, but with this I always need to use sudo
<dasjoe> sarnold: thank you :) So the issues I'm seeing will disappear on their own
<sarnold> dasjoe: they should, yes :)
<sarnold> l1meon: your system does need the ipv6 address assigned somehow first; but then the script using it or not is entirely up to hwo the script author wrote the program.
<l1meon> sarnold: I'm using Ubuntu 14.04LTS, and I'm writing the script. Its a web-scrapper, its working, but I'm not sure what ip is used, after I execute the /sbin/ip -6 command
<l1meon> sarnold: now its working like this, first I delete default route, then I add default route with the Ip I want.
<dasjoe> sarnold: bugs.launchpad.net just told me "Server error, please contact an administrator. OOPS ID:OOPS-baedfea74fe22392c52ef6deca8083c1"
<sarnold> dasjoe: hmm, I don't see any chatter in the usual channels that would indicate an on-going issue.. retry, and if it's still busted, head to #launchpad
<sarnold> l1meon: hm. maybe you'd better explain what you're trying to do..
<l1meon> sarnold: I'm using Ruby and selenium-webdriver for making a web-scrapper, browsing sites, collecting data, then after a while I need to change the Ip  and browse again same sites
<sarnold> l1meon: aha. and you'd like the script to be in control of the whole thing but not have to run with root privileges because processing things off the internet is best done as non-root..
<l1meon> sarnold: well, it can run and with root, but the main thing is that I dont really know if the ip is changing or not.
<sarnold> l1meon: you could either add all thousand-odd IPs once, before running your program, and then try to bind() the socket to specific IPs before making outgoing connections.. (at least I think that works..)
<l1meon> sarnold: I'm sorry, but what socket to bind and how? Can you give me just an example on how I could do this? Please :)
<sarnold> l1meon: this looks sane, ignore the __inet_hash_connect() and SO_REUSEPORT sections: https://idea.popcount.org/2014-04-03-bind-before-connect/
<l1meon> sarnold: Thank you. I'll try. So I'll need to use AF_INET6 for ipv6, right?
<sarnold> l1meon: yeah
<karstensrage> so there was a security update a couple days ago that just installed a new tzdataâ¦ but i dont see that in the ubuntu security notifications page?
<karstensrage> just the git stuff?
<karstensrage> at the time frame of the updates
<sdeziel> karstensrage: I _believe_ that tzdata is shipped from -security to be sure it reaches everyone, including those running without -update in their sources.list
<urthmover> how do I make 'modprobe zfs' occur upon boot?  What is best practices for this?
<urthmover> I'm running 16.04 after a do-release-upgrade from 14.04
<ogra_> add it to /etc/modules
<urthmover> ok ...will do...thanks ogra_
<genii> Don't forget to sudo update-initramfs -u   afterwards
<genii> urthmover: Also, just put the module name there, not the modprobe command
<ogra_> genii, thats only needed if you have your rootfs on zfs
<urthmover> I added zfs to /etc/modules and reboot...now zfs commands are there
<ogra_> else you dont need zfs inside the initrd
<urthmover> my zpool is requiring me to zpool import <poolname> every time I reboot though..so I'm trying to figure out how to make that persistent
<spammy> Anyone using openstack-install for multi server and know how to avoid having to manually enter the API key since the console won't allow copy/paste?
<urthmover> I think my issue is kinda like this https://github.com/zfsonlinux/zfs/issues/703
<sarnold> spammy: if you've got a mouse you can install the gpm program to get a copy-and-paste. I haven't tried it in twenty years but it's still packaged...
<sarnold> spammy: you could also run in screen or tmux and use their select/paste mechanism
<sarnold> spammy: or perhaps redirect output, if the program is setup to allow you to redirect..
<spammy> well, those don't seem to work either....the field itself in openstack-installer doesn't seem to accept input this way
<spammy> kind've like it is blocking paste operations
<spammy> it is a unique looking tui
<sarnold> aww :(
<spammy> there's a config file that can be passed to it, but literally no docs out there (yet)
<spammy> may have to look at source and try to get a feel for what it expects...
<spammy> nothing like entering a screen-wide randomly generated key
<spammy> by hand
#ubuntu-server 2016-03-25
<autofsckk> hi, i have and old 12.04 server running, how safe it is to trying to get that to 14.04 without breaking it? im really new to ubuntu, but i had done things with other distros
<autofsckk> i mean, is it possible to do that?
<bekks> autofsckk: take backup, and do it.
<autofsckk> ill have to do like a sandbox to test before because they are production and need to be the least time downtime
<bekks> Then you need to take a backup :)
<bekks> What is that box used for?
<autofsckk> another question, i tried to install freeswitch in the latest tls? is it 14.04 right? but i couldnt compile it because a lot of debian dependencies
<bekks> What is freeswitch?
<autofsckk> voip like gateway, the son of asterisk :D
<bekks> Never heard of it.
<patdk-lap> it is asterisk
<patdk-lap> though, last I saw, freeswitch was a product, that included hardware/software/...
<autofsckk> not really, it is from asterisk maybe, but not asterisk
<autofsckk> the use of that box is very complex, so im trying to make a plan to update/upgrade it, because we have to use some stuff in the boxes but now we can install anything because of the very old version
<bekks> So what is the use of that box, besides being "complex"?
<autofsckk> telephony
<bekks> Thats a very simple usage :)
<autofsckk> well yes you are right, but maybe is not very important to know exactly what it is used for, when i just asked if it is safe to upgrade because i thought ubuntu has like a policy to reinstall every X monts, or in Lts versions like 3 years? so i just wanted to know ideas/comments about it
<bekks> Maybe it is important to know the usage of that box to determine the way of upgrading it with the least outage.
<bekks> LTS versions are supported for 5 years.
<bekks> And without knowing your exact configuration no one can tell wether it is "safe" or not. Take a backup, or assume your data is not worth to be kept.
<shotoflove> Hello, is anyone familiar with SRS and postfix on Ubuntu with amavis-new?
<shotoflove> If I have the following in, /etc/postfix/main.cf :
<shotoflove> # PostSRSd settings.
<shotoflove> sender_canonical_maps = tcp:localhost:10001
<shotoflove> sender_canonical_classes = envelope_sender
<shotoflove> recipient_canonical_maps = tcp:localhost:10002
<shotoflove> recipient_canonical_classes= envelope_recipient,header_recipient
<shotoflove> and I'm running PostSRSd to re-envelope my forwarded email
<shotoflove> Will it have conflicts with amavis-new?
<DirtyCajun> i have 2 ethernet ports bonded together. do i have to stop doing that to create a bridge?
<atralheaven> hello, im writing a post install script for making new server works faster, I need some help, what things do you think should be installed on a fresh vps? and what other things you usually do? this is what I wrote for now: http://hastebin.com/onocazehox.vala , its just starting, help me make it better :) thanks
<Sling> atralheaven: you should probably look into ansible :)
<Sling> there you can build playbooks that do exactly these things
<Sling> but in a much more manageable form
<Sling> and people have shared their playbooks so you can see what everybody else does
<antonispgs> guys i have webmin on my ubuntu server and i see a list of all isntalled package
<antonispgs> two of them have newer versions available
<antonispgs> but sudo apt-get updata and sudo apt-get upgrade do not show those newer packages why?
<muaddibb> try with apt-get dist-upgrade
<antonispgs> no they don't appear to be upgraded
<antonispgs> one is screen
<muaddibb> I don't remember why exactly, but there are packages which do not upgrade unless apt-get dist-upgrade is used
<antonispgs> the other is libcgmanager0
<antonispgs> hmmm tried updating via webmin but for both it says they are already the newest version
<antonispgs> i guess there is a bug in webmin after all
<teward> i don't suggest using webmin for these tasks
<teward> never have, never will ever - it's known to not work 100%
<antonispgs> by the way, webmin is sweet, especially as a file manage
<antonispgs> yea, it just confused me that it showed me to upgradable packages while there are none in rality
<teward> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<teward> antonispgs: ^
<teward> this is one of the 'unexpected issues'
<antonispgs> i see teward
<antonispgs> i didn't know that...
<antonispgs> is there anything anything similar and supported?
<antonispgs> ajenti?
<antonispgs> !ajenti
<spammy> looks like ubuntu MAAS 1.9 has a little trouble with housekeeping after a node is released and redeployed...fails about half the time bc it has fits removing and creating the lvm partitions in one pass....
<roaksoax> spammy: on a release, maas doesn't remove any bits on the disk, unless you enable disk-erasing
<roaksoax> spammy: on a new deploy, curtin, not maas, does the partitioning and such
<roaksoax> spammy: it is curtin to wipes the disk and re-create partitions
<spammy> problem with disk-erasing is that it is too long, does more than just remove partitions
<spammy> especially on large volumes
<roaksoax> spammy: yes, it wipes the disk
<roaksoax> spammy: but that's what disk-erasing is
<spammy> so should curtin be having trouble?
<spammy> works every time on second deploy
<roaksoax> spammy: it looks that way
<roaksoax> spammy: i'd file a bug, get the curtin config for the node from maas, and the install log
<spammy> will do
<jancoow> Hi. When i try to connect with a sftp client, it said connection reset by peer. In the log i see : fatal: bad ownership or modes for chroot directory component
<jancoow> and then the home dir
<jancoow> which permissions should the home dir be?
<antonispgs> 755?
<theGoat> hello?
<spammy> hi
<devster31> hi, I'm looking for something like octoprint but for regular printers, I want to use it on a small server to get a network printer
<keithzg> Hmm, I have two VMs (running via KVM) that now hang forever at "Booting from Hard Disk . . .". Weirdly, other VMs on the same host run fine still, and each VM boots fine if I choose recovery mode, so I'm having a hell of a time figuring out what the problem is.
#ubuntu-server 2016-03-26
<elh9> hello
<elh9>  i just enabled VT-d on my motherboard, (was only enabled on cpu before), and ubuntu server won't boot - has trouble identifying the ata devices that are mounted during boot, when i disabled it, ubuntu starts normally, anyone familair with this?
<elh9> ata qc timeout
<elh9> and failed to IDENTIFY (I/O error, err_mask=0x4)
<elh9> https://bugzilla.kernel.org/show_bug.cgi?id=42679
<ubottu> bugzilla.kernel.org bug 42679 in Serial ATA "DMA Read on Marvell 88SE9128 fails when Intel's IOMMU is on" [Normal,New]
<elh9> apparently i can't use the marvel 9128 controller aswell as vt-d at the same time
<elh9> they are not friends
<lordievader> Good morning.
<bananapie> Linux says one of my ethernet cards is currently down, despite it being physically connected. I unloaded and reloaded the driver and rebooted the server. Ran ifconfig em2 up. It still says it's down. ( "UP BROADCAST MULTICAST" but no "RUNNING" or "SLAVE" keywords ). What commands can I use to eliminate software issues?
<bananapie> dmesg : IPv6: ADDRCONF(NETDEV_UP): em2: link is not ready
<bananapie> driver: bnx2
<bananapie> version: 2.2.4
<bananapie> firmware-version: bc 5.2.2 NCSI 2.0.6
<madivad> Hey guys, I
<madivad> I've installed ubuntu server +1 :) several times on a machine and it comes up habitually with a screen at the end of first boot that initially looks like a hanged screen
<madivad> it displays:
<madivad>   /dev/sda1: recovering journal
<madivad>  /dev/sda1 clean, xx/xxxx files, xxx/xxxxx blocks
<madivad> it took several reinstalls (and several usb keys and drives) for me to realise that it can't be the hdd (and in this case right now, a brand new ssd)
<madivad> 1) I'
<madivad> 1) I've worked out it's tty7 and I can tty1 to login and carry on (the screen I'm on gives no indication it's a tty and for all intensive purposes looks hung)... should there be some indicator for idiots like me? lol
<madivad> 2) is it something to be concerned about?
<madivad> it IS 16.04 server (no gui) and I don't believe it's drive (brand new ssd) or ram (extensively tested 20gb ecc ram) related
<madivad> don't know where to look. cursory search of dmesg looks good
<madivad> #ubuntu+1 suggested asking you guys since it's a server install
<jayjo> what is the program that allows me to give an ssh alias and identify my pemfile so I can just type ssh <host> to connect?
<Deeps> your ~/.ssh/config file?
<jayjo> Deeps: I'm ashamed
<Net-Centric> Is it normally this quiet in here ?
<Net-Centric> Looking for some advice on mdadm - 14.04 server. Right place ?
#ubuntu-server 2016-03-27
<urthmover> I did an in-place upgrade from 14.04LTS server to 16.04LTS server.  I previously had a zfs mount.  Now after the successful upgrade, I need to manually force import zfs after each reboot.  What is the best practices method to resolving this?  I'd like the zfs volume to mount automatically after each reboot
<bekks> How did you do that in 14.04?
<bekks> And why did you upgrade to a development release?
<FastZ> Scenario: I have an Ubuntu server here with one 1TB hdd. I want to increase my ability to recover from a failed disk by setting up RAID on this machine. How difficult is it to configure software RAID in Ubuntu Server 14.04 by installing another hdd and configuring RAID 1?
<FastZ> Without having to rebuild the entire system.
<urthmover> bekks: do-release-upgrade -d  because it's almost finished
<urthmover> FastZ: you can read up and implement zfs  or you can choose mdadm....I think zfs is probably the better option
<urthmover> FastZ: I thinik in both cases...you'll need to offload your data....configure the mirroring then copy the data back though
<FastZ> I was concerned about that, urthmover. Should not be too much of an issue though as there is only a few GBs of data on the server at the moment.
<FastZ> I'll read up on zfs and mdadm.
<jrwren> FastZ: if you had checked the "yes install on LVM" checkbox when you installed, it might be as simple as adding a mirror to the logical volume.
<FastZ> jrwren, I did install with the LVM option on this server.
<FastZ> so I will research that option as well.
 * patdk-lap is really loving these thin lvm's
<jrwren> +1 I just started using thing LVM and WOW, why was I not sooner?
<urthmover> fixed my zfs woes.   So after the release upgrade I negelected to remove the PPA for zfs.  So I removed those, uninstalled zfsutils-linux, removed /etc/modules zfs entry (that I added) and rebooted.  Then installed zfsutils-linux and now everything imports and mounts automagically  thanks linux :)
<urthmover> and my lxd containers that have bind mounts also start without intervention ...yay
<lordievader> Good morning.
<unimatrixoverlod> Good morning to you too :)
<adamkavala> anyone here to help me with setting IPTABLE ? server running, putty ready but some ports is blocked.
<adamkavala> i am running server ubuntu, putty ready, IPTABLES blocked me communication of dedicate server for counter strike global offensive ports 27015-30 could someone help me with this?
<lordievader> adamkavala: What is your problem exactly?
<Crote> Is this the right place to ask questions when I'm having an issue with the Ubuntu Vagrant cloud image?
<devster31> hi, this might seem a stupid question, but how do I make bashrc load this alias? https://gist.github.com/nl5887/a511f172d3fb3cd0e42d#file-transfer-sh
<devster31> it's a sh executable file
<devster31> do I source it?
<Blueking> how to identify problem with net connection ?  not sure if router (ubuntu) are problem  or if it's on ISP hardware that causes mine LOT of disconnections...   I'm logged on router with a shell  and it seems there are problem with router box (ubuntu) <-> fiber modem/ISP
<jrwren> devster31: 'source filename' added to your bashrc
<devster31> what's a tool I can use to monitor disk I/O?
<patdk-lap> iostat?
<patdk-lap> cacti? munin?
<devster31> iostat should be enough, I want to know which process is using the disk the most
<jrwren> dstat
<jrwren> do you want long term or short term monitoring?
#ubuntu-server 2017-03-20
<genii-netbook> For Samsung ARTIK7, use the ARTIK10 install? https://developer.ubuntu.com/core/get-started/artik-5-10#alternative-install:-ubuntu-server-16.04-lts
<lordievader> Good morning.
<bitfawkes> hello
<bitfawkes> can I ask for a question?
<andol> bitfawkes: Yes
<bitfawkes> andol: thanks
<bitfawkes> I m trying to get vmware gui from remote server to localhost using ssh -X
<bitfawkes> and I get the follow error message
<bitfawkes> (vmware-modconfig:3286): Gtk-WARNING **: cannot open display: localhost:11.0
<bitfawkes> I use ubuntu 14.04 server on both system and just on local is installed gnome
<andol> bitfawkes: Might https://superuser.com/a/310201 be the answer? Is the remote sshd configured to allow X-forwardign?
<bitfawkes> yes
<bitfawkes> is configured to allow
<lordievader> What command are you using to set up the X forwarding?
<bitfawkes> ssh -X user@ip
<bitfawkes> I did edit sshd_config
<lordievader> You might have better luck with the -Y flag, that usually works better for me.
<sarnold> try ssh -v to dump debug messages. sometimes you can spot it there. check logs on the host, you may get lucky
<sarnold> lordievader: iirc debian patches ssh client to make -X automatically include -Y
<sarnold> well now that I go looking for it I'm not finding it. try -Y. :)
<b3h3m0th> Is it insescure to run ubuntu server without changing default root password?
<sarnold> ubuntu does not set a root password
<b3h3m0th> sarnold: that's what
<b3h3m0th> that's why I mentioned "default" password
<b3h3m0th> What are the security implications of not doing a "sudo passwd root" post installation ?
<b3h3m0th> and deploying the server in production publicly
<b3h3m0th> Without changing the built in root password
<lordievader> sarnold: Ah, I did not know that, nice.
<lordievader> b3h3m0th: In theory running that command is worse than not running the command.
<lordievader> b3h3m0th: As sarnold said, root doesn't have a password. Thus anything you'd try as a password fails.
<b3h3m0th> lordievader: then what is the hash stored in shadow against root ?
<b3h3m0th> hash(salt+something) must evaluate to that right? lordievader sarnold
<b3h3m0th> it's a valid $6 hash (sha512)
<lordievader> Did you set a password?
<_ruben> if there's a hash for root in /etc/shadow, someone ran passwd for that user
<_ruben> by default the "hash" is *
<b3h3m0th> lordievader: _ruben nope, no one did
<b3h3m0th> wait, let me verify
<b3h3m0th> with my old snapshot
<_ruben> it's simple, ubuntu doesn't set a password for root by default. if there is a password set, it was done so "manually"
<_ruben> (wouldn't be the first time someone did 'sudo passwd' instead of 'passwd'. been there, done that ;))
<b3h3m0th> sorry guys, my bad
<b3h3m0th> I was checking the wrong instance
<_ruben> hehe
<_ruben> now if only i could get idmapd to work for my nfs4 exports/shares
<jamespage> cpaelzer: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1665698 is a little confusing right?
<ubottu> Launchpad bug 1665698 in libvirt (Ubuntu Yakkety) "/etc/qemu-ifup not allowed by apparmor" [Medium,Triaged]
<cpaelzer> "a little" is a little underrated
<cpaelzer> it is VERY confusing
<cpaelzer> I tried to cover and add the bits I found, but by that it accumulated quite some text now
<cpaelzer> If you are looking at/into that now please let me know if you have any need of clarification for the few posts I added
<cpaelzer> I often come back to my post summarizing the timeline
<cpaelzer> jamespage: that is the comment one should memorize
<cpaelzer> jamespage: I'm really interested if you think Openstack in general or UCA would have to do something on top
<jamespage> cpaelzer: I have updates in  proposed for newton which contain the fix that caused the problem, yet I see no problems (see last posting)
<jamespage> cpaelzer: we're not going to put yakkety libvirt into the UCA for newton; its closed to a bump like that
<cpaelzer> jamespage: I never wanted to suggest to put yakkety libvirt into UCA-Newton
<cpaelzer> jamespage: all the references were only parts of my analysis on the timeline
<jamespage> cpaelzer: no worries - I realised that
<zul> jamespage/coreycb: there is a newer version of horizon for ocata btw
<cpaelzer> jamespage: your latest update is good
<cpaelzer> jamespage: IMHO it is only showing the issue when running openstack ocata on anything prior to UCA-Ocata
<cpaelzer> jamespage: I still fix the yakkety/zesty libvirt, but just for the sake of fixing a real issue in general, not the one of the bug reporter in particular
<cpaelzer> jamespage: I see the last comment of the reporter that this is lined up for newton - is this what you referred to the updates in proposed ?
<cpaelzer> jamespage: can you read the answer to your vif type question out of http://cdn.pasteraw.com/b3tw4cjefomfi3e9k09hvodrfun85z ?
<jamespage> cpaelzer: I groked the code and that path is used for a few vif types
<jamespage> cpaelzer: I'm concerned that upstream gate say's all good, but we're being told differently
<jamespage> cpaelzer: openstack has baselines for libvirt compat, and the xenial version is in range
<cpaelzer> jamespage: does the upstream gate run on systems with apparmor enabled?
<cpaelzer> jamespage: because with the older libvirt it is qemu now calling the default path and that is blocked by apparmor - if they run apparmor disabled it would look normal
<jamespage> cpaelzer: I'd hope they don't
<cpaelzer> jamespage: on an old libvirt the change in Openstack is a change in "what you ask for" - while "" was nop, not setting anything is "please run default path"
<cpaelzer> jamespage: not sure you want to push in that to Newton
<cpaelzer> jamespage: I can only fix newer libvirt to understand "" as being a nop, but as I outlined in the bug - I think the Openstack change is faulty
<jamespage> cpaelzer: I'll put the SRU on hold for the xenial-newton uca until we get this resolved
<jamespage> cpaelzer: tend to agree with you btw
<cpaelzer> jamespage: there was an update by Neil Jerram - he seems to be the author of that change
<cpaelzer> jamespage: is that somebody you know and could contact to revisit that - see comment #30
<jamespage> mbbe
<adityaduggal> Hi can any one let me know a good alternative to jumpcloud using ubuntu server
<adityaduggal> I want to have common login ids for all my ubuntu desktops
<adityaduggal> using ubuntu server
<jamespage> cpaelzer: more comments on https://bugs.launchpad.net/nova/+bug/1665698
<ubottu> Launchpad bug 1665698 in libvirt (Ubuntu Yakkety) "/etc/qemu-ifup not allowed by apparmor" [Medium,Triaged]
<jamespage> cpaelzer: basically nova broke its compatibility with the libvirt 1.2.1 baseline (at least)
<frickler> zul: are you still working on networking-bgpvpn packaging? the first version seems to be lacking a systemd service definition and a couple of files in /etc
<zul> frickler: i been out for a week and just got back today so can you open up a bug for it? thanks
<cpaelzer> jamespage: thanks, I made a summar on the related versions to avoid everybody missing the updates before
<cpaelzer> new compat wuold be >=1.3.3
<kklimonda> what's responsible for ubuntu not resolving non RFC1034-compliant hostnames (for example you can't ping _http._tcp.nova.clouds.archive.ubuntu.com)
<nacc> kklimonda: works fine in 17.04
<kklimonda> interesting, for me in 16.04 host [hostname] works fine, returning a bunch of IPs, but ping [hostname] fails
<nacc> kklimonda: reproduce here in a 16.04 container
<nacc> kklimonda: in 17.04 both work
<kklimonda> thanks, I guess it's been changed since 16.04
<nacc> kklimonda: both work in 16.10 as well
<nacc> kklimonda: there's a pretty big jump in the version between 16.04 and 16.10, might need a bug filed
<DammitJim> where is the proper place to put keystores?
<nacc> kklimonda: going off version strings, relevant commits might be
<nacc> kklimonda: https://github.com/iputils/iputils/commit/0f483ade4ca96c4fdb5c10ec4bd02fce5eed5847
<sarnold> bonus, the patch is easy to test :)
<nacc> kklimonda: debian bug was https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=305062
<ubottu> Debian bug 305062 in iputils-ping "iputils-ping: stops working with "option inet6" in /etc/resolv.conf" [Normal,Fixed]
<nacc> kklimonda: or possibly this one: https://github.com/iputils/iputils/commit/37953bfbe4bd1b4c2be26d837dcfa2934d5a4e16
<nacc> kklimonda: 16.10 and 17.04 are aftre that commit, so it's probably that, where they dropped the older API calls altogether
<nacc> kklimonda: and no longer even print the "unknown host" message :)
<nacc> kklimonda: that one might be harder to backport, though
<nacc> kklimonda: but an easy test would be to use the older and newer API calls in a test program and see if they respond differently on 16.04
<kklimonda> nacc: well, ping was just an example anyway - I actually hit this deep in a larger codebase, something calling boost library to resolve hostname. That being said, I've stolen some online example of getaddrinfo, and it's failing just the same on 16.04
<nacc> kklimonda: sure, but ping is a small codebase, easy to iterate and test on :)
<nacc> kklimonda: in any case, i'd file a bug
<kklimonda> I've tried, and Launchpad said "nope, not today" ;)
<kklimonda> does this build and work on 16.10: http://pastebin.com/RSUrVfv0 ?
<nacc> kklimonda: let me get a build env setup
<nacc> kklimonda: it built, it works and spits out the same hostname
<kklimonda> thanks
#ubuntu-server 2017-03-21
<Choups> hi guys
<Choups> i need help installing this: https://github.com/AppStateESS/phpwebsite
<Choups> im getting this: http://pastebin.com/MtsBZ48u
<Choups> any clue?
<sarnold> Choups: does the file /var/www/html/phpwebsite-master/vendor/autoload.php act7ually exist?
<Choups> the directory vendor doesnt exist..
<Choups> but it comes like this from the download page
<Choups> i just unzip the thing
<Choups> any ideia?
<sarnold> it's hard to find anything with details there :/ no clue, sorry
<Choups> sarnold, how it be too much to ask you to try download the thing and get it to work on your machine
<Choups> or you can even use one of my vps if you prefer
<Choups> i just really need to install this
<sarnold> Choups: heh, it'd be a waste of time; i know next to nothing of php. I just look for failures in logs, then look in docs to see if tehre's anything mentioned that looks like the log entries. Then sources.
<snypz> hello all
<snypz> anyone out there using remote desktop ubuntu server 16.04?
<Sebastien> so, if i get a 10$ vps from digitalocean or linode, with 16.04 for servers, can i connect to it and see the desktop?
<Sebastien> probably a stupid question.
<cncr04s> if you install the desktop
<cncr04s> it may not work well though
<Sebastien> oh ok.ty
<lordievader> Good morning.
<cpaelzer> good morning to you as well lordievader
<cpaelzer> and everybody else
<lordievader> Hey cpaelzer, how are you doing?
<cpaelzer> lordievader: good, I hope you as well
<cpaelzer> lordievader: usually If I find time to greet it is either one of the better days or I haven't read mails/bug-updates yet :-)
<lordievader> Hehehe, doing good here :)
<lordievader> Making my server ready for some ipython notebook stuff.
<jge> hey all, good morning. What are some of the recommended way of doing an offline installation of Ubuntu?
<jge> it's a private network with no internet, the network where the host sits has a site to stie VPN to my desktop (running ubuntu as well)
<jge> I was thinking of setting up a network share and somehow put an offline repo there and grab it across the VPN?
<jge> but that could be slower, maybe copy a complete online repo to a USB drive and virtual mount it through idrac?
<Guest64063> hi, ich hatte heute morgen vormittag schon mal im ubuntu-de channel geschrieben, aber nach diversen RatschlÃ¤gen wurde mir gesagt ich soll hier mal nach meinem Problem nachfragen
<Guest64063> muss ich hier auf englisch oder kann ich acuh auf deutsch tippen?
<nacc> englisch bitte, Guest64063  :)
<zul> coreycb/jamespage: last minute gnocchi update
<huggybear404> some progress today , after testing 4 identical boards failing and another asus strix that didnt cooperate. I ordered an asus prime and it seems to work, now I can install server 16.10 without errors. I installed xubuntu desktop , but I can not find any disk manager ? I loved the layout of old xubuntu 9.1 or ubuntu 10-12 series, is it possible to get similar layout on 16.10 or customize
<huggybear404> it to show the items I use a lot like disk manager and root terminal ?
<huggybear404> Is remote desktop and disk utility removed ??? Why can I not find these in server 16.10 ?
<nacc> huggybear404: do you know the names of the actual programs or packages?
<huggybear404> https://www.howtoforge.com/configure-remote-access-to-your-ubuntu-desktop  this says its called remote desktop
<huggybear404> when I search it says not found
<nacc> lol, '7.10' ?
<huggybear404> hm seems theres a desktop sharing, why was it removed
<huggybear404> yes I miss the old versions where thing I need are included
<nacc> that appears to just be a VNC server
<huggybear404> like samba, disk utils, and remote desktop
<huggybear404> now I just get office and lots of stuff I never used
<compdoc> does anyone have vnc or x2go working with Unity?
<nacc> huggybear404: you're also asking in the server channel about a bunch of desktop stuff, it seems
<huggybear404> well I use remote desktop on my server, that way I can work on it no matter where in the world I am
<huggybear404> can I suspend a task and resume after reboot ?
<nacc> huggybear404: strange to even run a desktop on a server, IMO :)
<huggybear404> is it ?
<nacc> huggybear404: no, not trivially
<nacc> huggybear404: well, i mean at that point, it's not really about the server side, you're running a full-fledged desktop, afaict
<nacc> *the ubuntu server side
<huggybear404> I often use web browser to admin f.ex usenet downloads
 * nacc doesn't understand why having a browser on your local desktop matters to your server
<huggybear404> browser is on the server as an admin tool
<nacc> huggybear404: clearly your configure is more involved than you have said, but regardless, things get renamed periodically, sure
<nacc> huggybear404: so you rdesktop to use a browser?
<huggybear404> yes
<huggybear404> since the browser controls the server
<nacc> you must mean controls some application
<huggybear404> yes it controls what the app does on the server
<huggybear404> so I can logoff and enjoy my holiday while the server keeps on working
<nacc> huggybear404: and you can't access that remotely?
<huggybear404> I can if vnc works
<nacc> no, i mean you can't just browse in your desktop to 'http://ip_of_server/application/url' ?
<nacc> huggybear404: i have no idea why you would use vnc to do this, i guess if you didn't have a public ip ?
<nacc> huggybear404: but setting up vnc is pretty easy, regardless (afaik)
<ybaumy> how do i change the cpu overcommitment values in nova.conf .. it says that its maintained by juju
<ybaumy> wrong channel
<sarnold> ybaumy: if it's actually managed by juju then there's probably a juju set ... thing that can do it. check the nova charm docs?
#ubuntu-server 2017-03-22
<lordievader> Good morning.
<cpaelzer> hi lordievader
<lordievader> Hey cpaelzer, doing good?
<cpaelzer> yeah so far so good :-)
<cpaelzer> lordievader: is your day already crazy?
<lordievader> Nah, still quiet.
<lordievader> Though Google has decided to only show the header bar -.-
<cpaelzer>  /msg chanserv info #ubuntu-server
<cpaelzer> bad space :-)
<cpaelzer> Today is Ubuntu Server Bug Squashing Day #1: Announcement goo.gl/B98ER and a pad to track current activities at http://pad.ubuntu.com/U5GLIMwc2u
<cpaelzer> Current chairs: cpaelzer
<cpaelzer> rbasak: ping me when you are around as well, so that I can add you
<cpaelzer> I thought to post that e.g. hourly, giving up on title edit as according to my checks many measures are in Place to keep that as-is
<rt_ctx> Hi all, I have a problem at my work. I have more than 200 ubuntu virtual machine on production. Some of them are using a lot of memory (98% usage). I want to decrease this value. I know that I can decrease the usage of cache RAM but I don't know how ? Somebody can help me ? Thx
<cpaelzer> rt_ctx: before I start, how hard do you want to go on these machines?
<cpaelzer> rt_ctx: just try a bit, or really force them - potentially even trying critical things
<cpaelzer> rt_ctx: and finally do you want something to tweak them now or a regular self regulating system?
<rt_ctx> I have some test VMs. So I can test the harder without any problem. But for the production I must not broke any services (We are a Cloud company.)
<rt_ctx> And regular regulating system if it's possible
<cpaelzer> rt_ctx: ok, lets start so simple manual "throw away some cache" is: echo 3 > tee /proc/sys/vm/drop_caches
<cpaelzer> rt_ctx: but eventually that will grow again and there are certain structures which can't be dropped, but they could be shrinked if the system would know about memory pressure
<cpaelzer> rt_ctx: experiment wise you can just "eat" memory in there e.g. with stress-ng, the system will then try to shrink to survive and once you stop the memory eater you will ahve more free than before
<cpaelzer> rt_ctx: I know people that add temp swap, eat mem so until it slightly swaps, then stop the eater and disable the swap
<cpaelzer> rt_ctx: but then this is for experiments as I said
<cpaelzer> rt_ctx: If you are looking for a sustainable setup you should look into ballooning IMHO
<rt_ctx> Ok I tried "echo 3 > tee /proc/sys/vm/drop_caches". And I'll see about ballooning IMHO.
<rt_ctx> Nothing special about RAM usage when I execute echo 3 > tee /proc/sys/vm/drop_caches
<cpaelzer> that "just" drops caches, dentries and a few others
<cpaelzer> let me pull the link
<cpaelzer> https://www.kernel.org/doc/Documentation/sysctl/vm.txt
<rt_ctx> Ok thank you fot the link.
<cpaelzer> Ballooning should work these days, you just have to configure it, but I haven#t touched it in a while
<rt_ctx> But can I decrease the purcentage (%) of cache used by the system on the RAM ?
<cpaelzer> This will give the guest the "impression" of pressure to stay small
<rt_ctx> Ok look great
<cpaelzer> rt_ctx: on your last question "But can I decrease the purcentage (%) of cache used by the system on the RAM ?" I can only recommend not to go down that route as the primary target
<cpaelzer> rt_ctx: there are plenty of discussions and all I know end with people understanding that this is not the problem
<cpaelzer> Linux uses all ram it has, and that is smart
<cpaelzer> if it is virtual ram you might want to make more complex thoughts, but that is where ballooning and such kick in
<cpaelzer> not a straight "do not cache"
<rt_ctx> Ok. So i'll try ballooning
<cpaelzer> vice versa of you have an operation where you know that caching is stupid then you can work on that
<cpaelzer> but the kernel has learned some tricks to avoid wrong cacheing (like read once being the first evicted and such)
<rt_ctx> I'll check the kernel side.
<rt_ctx> Thank you for your help cpaelzer !
 * cpaelzer can't hide his performance past
<TafThorne1> Good morning.  When I follow the link http://pad.ubuntu.com/U5GLIMwc2u I see "Either you have not been granted access to this resource or your entitlement has timed out. Please try again."
<TafThorne1> In the mean time I will skim over http://packaging.ubuntu.com/html/ again.
<cpaelzer> TafThorne1: hi
<cpaelzer> TafThorne1: nacc has created that pad, I don't know how he had set it up and it worked for me after login
<cpaelzer> TafThorne1: let me check
<TafThorne1> bbs need to restart this machine after an update.
<cpaelzer> TafThorne: welcome back
<cpaelzer> TafThorne: I can't find why the pad isn't "open enough" - I'll let nacc sort that out later
<cpaelzer> nacc: ^^
<cpaelzer> TafThorne: for now lets just work here together
<cpaelzer> TafThorne: if needed I can sync some of what we do there so others can see it at real time
<cpaelzer> TafThorne: IIRC you were working on bug 1630516 right?
<ubottu> bug 1630516 in logrotate (Ubuntu Zesty) "Logrotate doesn't clean old system logs, allowing them to fill the disk" [Critical,Triaged] https://launchpad.net/bugs/1630516
<cpaelzer> TafThorne: do you want me to guide you learning on this bug for the Ubuntu Server Bug Squashing Day?
<cpaelzer> TafThorne: or do you have other preferences
<cpaelzer> Since I have a report on the pad not being very accessible I don't know how useful it is atm, but lets repeat the banner still
<cpaelzer> Today is Ubuntu Server Bug Squashing Day #1: Announcement goo.gl/B98ER and a pad to track current activities at http://pad.ubuntu.com/U5GLIMwc2u
<cpaelzer> Current chairs: cpaelzer
<TafThorne> I have not really been working on any bug but that was the bug that brought me here.  If that is a suitable one to start out on I am happy to look at it.  If there is something easier you would recommend for a new guy I am happy to look at that.
<cpaelzer> rbasak: if you are around as well let me know
<cpaelzer> TafThorne: there might be easier ones, let me check one for you
<cpaelzer> TafThorne: it always depends on the rating of the one doing the tagging - but this is the list that is considered "easy"
<cpaelzer> TafThorne: https://bugs.launchpad.net/ubuntu/?field.searchtext=&orderby=-importance&search=Search&field.status%3Alist=NEW&field.status%3Alist=CONFIRMED&field.status%3Alist=TRIAGED&field.status%3Alist=INPROGRESS&field.status%3Alist=FIXCOMMITTED&field.status%3Alist=INCOMPLETE_WITH_RESPONSE&field.status%3Alist=INCOMPLETE_WITHOUT_RESPONSE&field.subscriber=ubuntu-server&field.tag=bitesize+
<cpaelzer> TafThorne: is there an issue on that list that would be interesting to you?
<rbasak> cpaelzer: o/
<cpaelzer> hi rbasak
<cpaelzer> That makes it
<cpaelzer> Today is Ubuntu Server Bug Squashing Day #1: Announcement goo.gl/B98ER and a pad to track current activities at http://pad.ubuntu.com/U5GLIMwc2u
<cpaelzer> Current chairs: cpaelzer, rbasak
<cpaelzer> rbasak: if you happen to know how/if we could "open up" the pad more - I've got reports people can't access it
<rbasak> The pad had problems with abuse in the past
<rbasak> People need to join https://launchpad.net/~ubuntu-etherpad
<cpaelzer> TafThorne: if there is none on the list which sounds like "yeah" we can as well work slowly on the logrotate issue
<cpaelzer> TafThorne: are you fine with C coding - which seems it needed in that case
<cpaelzer> well not coding but making sure patches apply well and such
<cpaelzer> TafThorne: there is also much that can be done outside of packaging/coding - e.g. verifying fixes and such
<TafThorne> I do C/C++ in my day job and have done Ruby and a few other languages in the past.
<cpaelzer> Ok, that should be good then
<TafThorne> cpaelzer: I am at least vaguely familiar with the problem I reported.  I was just looking over the rsyslogd, postfix and systemd: spamassassin bugs on that list you sent.  I think I have messed with the configration of most of those systems in the past.
<TafThorne> In 2.5 hours I will be on lunch and can focus more on this.  Until then I will be a bit in and out as I do other tasks.  Sorry if I go quite for a while now and then.
<cpaelzer> TafThorne: this is for you and others - I'm fine that you spend time here and not to force you do more :-)
<cpaelzer> TafThorne: good cases for help that works at coming in-and-out would IMHO be the three cases titled "unmatched entries ..."
<cpaelzer> TafThorne: those are essentially waiting to be reported upstream
<cpaelzer> TafThorne: hopefully not hard to do, but helpful for Ubuntu overall as it will make it better eventually
<cpaelzer> TafThorne: read the bugs and if you want to tackle those upstream reports let me know
<cpaelzer> TafThorne: I'd add you to the pad that you can't access (sorry) to consider those, and I can help with any question arising
<cpaelzer> TafThorne: and if you later today want to also tackle the logrotate one let me know
<cpaelzer> TafThorne: I actually might go for the logrotate one now if you don't mind - as I read into that in the past that looks tempting to me
<cpaelzer> TafThorne: I I'm successful you can help testing later on after you are over the three upstream reports I mentioned above
<cpaelzer> TafThorne: FYI - those would be bug 1578004 bug 1583705 bug 1583706 - I'd be really happy if you'd take the effort or reporting them upstream and linking the upstream bugs in the Ubuntu bugs
<ubottu> bug 1578004 in logwatch (Ubuntu) "unmatched entries for courier" [Medium,New] https://launchpad.net/bugs/1578004
<ubottu> bug 1583705 in logwatch (Ubuntu) "unmatched entries for postfix" [Undecided,New] https://launchpad.net/bugs/1583705
<ubottu> bug 1583706 in logwatch (Ubuntu) "unmatched entries for rsyslogd" [Undecided,New] https://launchpad.net/bugs/1583706
<cpaelzer> TafThorne: give me an ack if you take them
<TafThorne> cpaelzer: please feel free to work on the logrotate one if it interests you.  I will look over the other areas that you have suggested.
<cpaelzer> rbasak: I ran into tricky versioning if you look at $ rmadison logrotate
<cpaelzer> rbasak: X/Y/Z have the same
<cpaelzer> rbasak: zesty (still prior to release) will get 3.8.7-2ubuntu2->3.8.7-2ubuntu3
<cpaelzer> rbasak: but on X/Y I'm unsure - they would get 3.8.7-2ubuntu2.1 IMO
<cpaelzer> rbasak: but then they would be fully the same version
<cpaelzer> rbasak: if I make one with yakkety and one with xenial in the changelog the will e.g. overwrite the changes file
<cpaelzer> rbasak: could I mark one upload for "both" or what would be the right approach here?
<Trefex> hi all. we have a openstack with 3 ctrl, 6 compute, and we have a nice issue with dhcp_agent. the problem is that when a VM is deleted, the /leases file entry does not get removed. This means when a new VM gets the same IP it doesn't receive an OFFER from DHCP
<cpaelzer> rbasak: never mind
<Trefex> Does anybody know what I can do to fix this? restarting dhcp_agent refreshes the leases file and then it works fine, until VM delete / spawn again
<cpaelzer> rbasak: In think that was the "insert release version" trick
<cpaelzer> rbasak: so it would be 3.8.7-2ubuntu2.16.04.1 and 3.8.7-2ubuntu2.16.10.1 then - could you confirm?
<rbasak> cpaelzer: yeah that sounds right
<Trefex> I for the life can't figure out what is going on :(
<rbasak> Trefex: I'd guess that your problem isn't the leases file.
<rbasak> Trefex: it's that renewals don't work but discovers do.
<Trefex> rbasak: how so? both the /host /addn_hosts get updated on removal
<rbasak> Trefex: try reducing your lease time massively. I'd guess that you'll find that renewals don't work either.
<Trefex> rbasak: and on new creation
<rbasak> Trefex: I could be wrong of course.
<rbasak> My hunch is that it's something to do with addressing and routing. Renewals look different at protocol level wrt. arps etc.
<Trefex> rbasak: now you lost me
<Trefex> rbasak: is there somebody from Canonical that can help me in this? We have support for 10 server nodes and basically I'm sure we could pinpoint the issue fast as we're trying out things since 7 days now
<Trefex> rbasak: i changed lease time and restart agent, when i reboot a VM you see this in the log http://paste.openstack.org/show/603740/
<Trefex> rbasak: so i guess renewal works ?
<ivyyy> Trefex, i'm with Canonical, i'm PMing you
<cpaelzer> TafThorne: I'm going for lunch now, I have builds for all affected releases and updated bug 1630516
<ubottu> bug 1630516 in logrotate (Ubuntu Zesty) "Logrotate doesn't clean old system logs, allowing them to fill the disk" [Critical,Triaged] https://launchpad.net/bugs/1630516
<cpaelzer> TafThorne: it would be great if later today you could verify those in your environment
<cpaelzer> TafThorne: I posted all you'll need in the last bug update
<cpaelzer> TafThorne: please let me know if you need any help doing so
<cpaelzer> rbasak: since I go to lunch I update with only you for now
<cpaelzer> Today is Ubuntu Server Bug Squashing Day #1: Announcement goo.gl/B98ER and a pad to track current activities at http://pad.ubuntu.com/U5GLIMwc2u
<cpaelzer> Current chairs: rbasak
<cpaelzer> Today is Ubuntu Server Bug Squashing Day #1: Announcement goo.gl/B98ER and a pad to track current activities at http://pad.ubuntu.com/U5GLIMwc2u
<cpaelzer> Current chairs: cpaelzer, rbasak
<rbasak> cpaelzer: I was going to look at bug 1503611 as you flagged it Critical, but given that you already understand the issue well would it be easier for you to continue driving it?
<ubottu> bug 1503611 in spamassassin (Ubuntu) "systemd: spamassassin not starting after upgrading to 15.04" [Critical,Triaged] https://launchpad.net/bugs/1503611
<cpaelzer> rbasak: please feel free to look at it, I'm open to a quick HO to sync on the actual final todo (which is way less than the whole bug text)
<cpaelzer> rbasak: I don't think I'd have a huge advantage over you handling that bug
<cpaelzer> rbasak: quite the opposite, while I debugged the reasons the solution might be more in your experience than mine
<rbasak> OK I'll take a look thanks
<rbasak> cpaelzer: I think I follow. Let me check. In the past, the user was supposed to set ENABLED=1 in /etc/default/spamassassin. Now, the user is supposed to run "systemctl enable spamassassin.service" instead. So, on upgrade, the state goes to enabled to disabled as there is no upgrade path. Correct?
<cpaelzer> rbasak: exactly
<rbasak> cpaelzer: no need for a Hangout I think?
<rbasak> OK. Thanks!
<cpaelzer> rbasak: no you got it
<oneil> hi, one persone know openwrt ?
<rbasak> cpaelzer: when you tested that spamassassin bug, did you also see the conffile prompt on upgrade?
<cpaelzer> Not that I remember
<cpaelzer> rbasak: ^^
<cpaelzer> should I test anything to confirm?
<rbasak> No need if you don't recall.
<bgardner> Hey all, I have a t1.micro AWS instance running 16.04.2 LTS that had unattended-upgrades turned on.  It emailed me asking for a reboot which I did and now it just kernel panics.  Final log message is:  "VFS: Cannot open root device "LABEL=cloudimg-rootfs" or unknown-block(0,0): error -6"
<bgardner> This is not a mission-critical server and I can just blow it away and start over, but I'd like to learn what happened and fix it if I can...
<cpaelzer> bgardner: do you think this is bug 1661292?
<ubottu> bug 1661292 in OpenStack Compute (nova) "VFS: Cannot open root device "LABEL=cloudimg-rootfs" or unknown-block(0,0): error -6" [Undecided,New] https://launchpad.net/bugs/1661292
<bgardner> cpaelzer: Reading...
<cpaelzer> From the bug it seemed to be a racy case - here not an aws, but local KVM it seems
<cpaelzer> It seems like populating the LABELs vs using it could race to me
<cpaelzer> The message itself doesn't help that much as it just mean "can't find this", why it can't is the bigger question
<cpaelzer> yet as races are hard to debug one would need at least a dump of the case, or even better some test that gets it to show up reliably
<cpaelzer> bgardner: thanks for getting me to think on that bug, should be filed against the kernel if-any IMHO
<bgardner> cpaelzer: Interesting, let me bounce a few times and see if it is intermittent for me.  I'll comment on the bug if it seems relevant to this case.
<bgardner> cpaelzer: And thank you\
<cpaelzer> bgardner: thank you, no matter how weird that sounds - I hope it fails all the time for you
<cpaelzer> (just this instacne reboot)
<bgardner> cpaelzer: Agreed, easier to debug
<nacc> cpaelzer: TafThorne: looking into the pad issues
<nacc> cpaelzer: yes, that's the right versioning, documented ont he security wiki
<TafThorne> nacc: thank you
<cpaelzer> nacc: welcome
<bgardner> cpaelzer: Nine reboots later, still exactly the same error.  I'll head to the ticket.
<TafThorne> cplaelzer: I will try and test out the updates at the end of the day.
<cpaelzer> Thanks
<TafThorne> cplaelzer: which is ~2 hours away for me.
<cpaelzer> TafThorne: if until then you also find the time to do the upstream reports on the three minor issues you are my #1 today
<cpaelzer> not that being my #1 is worth anything but a thankful cpaelzer
<cpaelzer> nacc: your appearance makes me update my regular post
<cpaelzer> Today is Ubuntu Server Bug Squashing Day #1: Announcement goo.gl/B98ER and a pad to track current activities at http://pad.ubuntu.com/U5GLIMwc2u
<cpaelzer> Current chairs: cpaelzer, rbasak, nacc
<nacc> cpaelzer: thanks :)
<nacc> TafThorne: it sounds like (based upon rbasak's comment), you need to join a specific team on launchpad (~ubuntu-etherpad)?
<TafThorne> > "if until then you also find the time to do the upstream reports on the three minor issues you are my #1 today" eh?
<jge> hey all, can someone shed some light.. my fresh ubuntu server install is showing it allocated 63.9G to SWAP, that seems excessive to me leaving my root partition to be 25G.. why did it pick so much?
<cpaelzer> TafThorne: the three bugs you picked this morning with the "unmatched ..." on logwatch IIRC
<TafThorne> cpaelzer: Oh I see.  Well I will see what I can do.
<cpaelzer> jge: I think there were some changes recently, but in the past I think it had 50% of memory or even 100% for suspend
<cpaelzer> jge: so you might have a lot of memory, which means you should tweak the default
<cpaelzer> jge: might I ask what ubuntu release you installed?
<jge> cpaelzer: I do, 64G
<cpaelzer> IIRC xnox was working on those things in the installer, but he is away this week
<nacc> iirc, default is 300% of system memory, maybe?
<jge> cpaelzer: im running 16.04 LTS
<TafThorne> nacc: So I got to https://launchpad.net/~ubuntu-etherpad and click "Join the team" and wait?
<nacc> i know i've seen some preseed docs that say to alter that by default, for example
<nacc> TafThorne: yes (and I might be able to approve it, not sure)
<nacc> TafThorne: or ask someone to :)
<jge> cpaelzer: is there a way to resize without reinstalling again?
<nacc> jge: reformatting swap shouldn't be a big deal, but resizing the other partitions to grow them (presuming you want to) might be hareder
<nacc> *harder
<jge> yep, resizing my root partition to grow them .. I'll just reinstall no big deal.
<jge> since I have to tweak my swap partition on install, any pointers as to what my swap should be with this much memory?
<cpaelzer> jge: I knew I remembered something https://lists.ubuntu.com/archives/ubuntu-devel/2016-November/039538.html
<cpaelzer> jge: but the thread didn't come to a conclusion, not sure if anything was changed on the defaults
<cpaelzer> jge: in the thread are also suggestions on a proper 2017 server swap size
<jge> aha
<jge> perfect, will read through it.. thanks cpaelzer
<nacc> yeah, swap files are probably the better choice for that much memory (tbh)
<nacc> jge: do you actually overcommit your systems?
<nacc> jge: it really depends on workload what we'd recommend, i'd think
<jge> not really, 64G is way more than we will ever need
<nacc> jge: yeah, then just don't have swap :)
<nacc> jge: you don't technically need it
<nacc> jge: and you can always use swapfiles (presuming you have lots of disk) later if you find that you could use it
<cpaelzer> nacc: a bit to just not die can't hurt, it gives you the chance to realize slow before dead :-)
<cpaelzer> just monitor swapping which should never occur
<jge> good points
<cpaelzer> jge: and I see xnox completed it in 17.04 - see http://blog.surgut.co.uk/2016/12/swapfiles-by-default-in-ubuntu.html
<nacc> cpaelzer: yeah, it really depends on if they never get close to 64G
<jge> I just did 8 servers last night, so used to just hitting enter on those prompts failed to see it allocated that much to swap
<jge> have to redo them again , pita
<cpaelzer> preseed and/or maas to the rescue
<nacc> yeah if they are duplicate servers, i would automate it
<nacc> cpaelzer: fyi, LP: #1654011, they appear to be on trusty
<ubottu> Launchpad bug 1654011 in linux (Ubuntu) "iscsi target not DKMS compiling for kernel 4.4.0-57" [Undecided,Incomplete] https://launchpad.net/bugs/1654011
<nacc> cpaelzer: using the HWE stack. I just duped it to the bug i just fixed in the package
<cpaelzer> thanks nacc
<nacc> cpaelzer: np, also, if we do see future bugs against it, let's see if we can't get peopel to stop using it (on 16.04 and on) and use in-kernel iscsi_target_mod and tgt
<nacc> cpaelzer: i will try and write something up for that
<cpaelzer> yeah, fixing dkms in old packages for newer kernels is always a pain
<cpaelzer> lets get rid of at least that
<cpaelzer> Today is Ubuntu Server Bug Squashing Day #1: Announcement goo.gl/B98ER and a pad to track current activities at http://pad.ubuntu.com/U5GLIMwc2u
<cpaelzer> Current chairs: rbasak, nacc
<jge> hey guys, forgot to ask.. I'm thinking of doing software raid (raid1) with two disks as my root directory and do my /boot parition on a separate SSD drive.. is this a wise design? how easy would it be to recover if my boot (ssd drive) fails?
<jge> just get a new drive, format, put my /boot partition there again and then mount the others on the raid array?
<powersj> nacc: rbasak: could either of you read my comment to LP: #1625043? I'm hoping I fully grasp what is going on there.
<ubottu> Launchpad bug 1625043 in tomcat7 (Ubuntu) "tomcat7 package not compliant with tomcat specification" [High,Confirmed] https://launchpad.net/bugs/1625043
<nacc> powersj: looking
<nacc> Today is Ubuntu Server Bug Squashing Day #1: Announcement goo.gl/B98ER and a pad to track current activities at http://pad.ubuntu.com/U5GLIMwc2u
<nacc> Current chairs: rbasak, nacc
<nacc> powersj: there are a number of bugs about this, actually, we should dupe them all together once we have a fix (still reading)
<powersj> (I think I got both of the dups I saw)
<nacc> powersj: cool
<nacc> powersj: we may also want to loop jamespage in
 * jamespage hides
<powersj> nacc: so 2 concerns, 1) dropping support for other older JRE seems wrong, but it is broken so I feel slightly justified, especially since Debian did and 2) haven't thought through an SRU and possible impact. Yes it is broken, but what else might I break?
<nacc> powersj: right, it's probably not suitable for SRU in and of itself
<nacc> powersj: was tomcat7 also changed liek that in debian?
<powersj> nacc: I don't believe so because it was dropped from unstable a while back I believe
<nacc> powersj: ah right
<powersj> I'm kind of on the page of, get tomcat8 synced with Debian for 17.10 to get the fix there, note the problem and how using Java 8 or later is better, and move on.
<TafThorne> I was approved for the team list by jorge.  That has allowed me to follow the link through to the Public Pad.
<nacc> TafThorne: ah great!
<nacc> TafThorne: sorry, meant to ping you back after jcastro approved that
<TafThorne> nacc: not a problem and saw an email notification and knew what it related to.
<nacc> powersj: i'm starting to think (for your own sanity) to have two bugs, one for tomcat7 (with tasks as appropriate, given that zesty no longer ships a tomcat7 binary package)
<nacc> powersj: and one for tomcat8
<nacc> powersj: normally, i'd say those could be in the same bug, but i think the fixes will be different and i think most users are ocmplaining about tomcat7 not being b-c to java7, not tomcat8 to java7 (unless i misundersatnd)?
<powersj> nacc: you are correct the focus is on tomcat7, but since I was looking at 7 figured looked at 8 while I was at it.
<powersj> however, if I am not going to SRU, is there even a need for the tomcat 8 one?
<powersj> or would that be useful for documentation purposes?
<nacc> powersj: understood, i just thinking it's less of an issue for tomcat8 (i think)
<nacc> *was just
<jge> trying to do a manual partition of my drive and set up LVM, I would like to use 80% and leave the rest as available space for LVM use.. I created 2 partitions so far. 1 primary with 80% of my disk mounted as /. Second 2G for swap and the remaining 22G of free space, how would I set LVM with all of this?
<jge> did I do it right?
<nacc> powersj: so does tomcat7 work with java8? if you were to fix it to be java7 compatbile, it would then not work with java8, right?
<powersj> tomcat7 will work with java 8 as it stands today. The fix proposed is to just drop support for java 7. However, if we were to compile with java 7 it should still be compatible with java 8 afaict.
<nacc> powersj: also consider LTS -> LTS upgraders -- and mabye look at what tomcat6 -> tomcat7 did (precise -> trusty)
<nacc> powersj: in that i think if you were on 14.04 and using tomcat7, it should continue to work on 16.04 (although tomcat7 went from main -> universe)
<nacc> powersj: it was not intentional that it would be broken, at least
<powersj> nacc: by continue to work, does that also include working with the same version of java?
<nacc> powersj: that's what i'd like to know for 12.04 -> 14.04 :)
<nacc> powersj: that transition was both tomcat6 (main) -> tomcat7 (main) and openjdk-6-jre (main) -> openjdk-7-jre (main)
<powersj> I can only go off of what the Tomcat compatibility guide says, which claims tomcat 7 should support java 6 and later. However, if Tomcat 7 is the default JRE in 14.04, then there will of course be this exact same situation if someone tries to use Tomcat 7 with Java 6
<powersj> ugh if java 7 is the default jre in 14.04 is what I meant
<nacc> powersj: right, but i wonder if some twiddling was done to the package :)
<nacc> powersj: agreed on the upstream, i'd like to know what happens in practice
<nacc> powersj: it might be that this just needed to be better documented in the release notes
<powersj> Right, however based on the debian bug I don't believe this is just a doc issue
<powersj> I will see if anything changed between precise and trusty though
<nacc> powersj: right, it might not be -- and if this broke between precise and trusty in a similar way, then I'm happy to not fix anything :)
<nacc> powersj: are you ok with confirming that 12.04 -> 14.04? you can also throw it back to me if not :)
<powersj> nacc: confirming the issue can occur there as well? sure. I can check the init file for previous support and give an example of something found in Java 7 but not Java 6
<nacc> powersj: yeah
<jge> anyone? trying to manually partition a disk and use LVM with it, I would like to end up with 80% of the disk being used for OS and the rest as free space so I can resize VG later on.. anyone can point me in the right direction
<jge> I've always done it using the guided partitioning but have no idea how that works in a manual install
<nacc> jge: you already created/mounted a primary partition for /
<nacc> jge: ?
<jge> nacc: yep, so far I have allocated 80% of disk to / , then i have another as swap and the remainder free space as LVM
<nacc> jge: but you don't want / on lvm?
<jge> looks like this: primary (96G) ext 4 / , logical (2G) swap, logical (22G) lvm
<jge> nacc: Yes i do, that would allow me to take snapshots, expand and resize it later if i need
<nacc> jge: then your partitioning is incorrect
<nacc> jge: lvm is below filesystems not above them
<nacc> jge: https://wiki.ubuntu.com/Lvm
<jge> hmm ok, so i need to get rid of that primary partition and set it to be used for LVM
<jge> and then mount my paritions on them
<nacc> jge: a) LVM partition -> b) LVM PV -> c) LVM VG -> d) multiple (potentially) LVM LVs
<nacc> jge: you don't mount partitions on an LVM
<nacc> jge: i suggest you read the above wiki page
<nacc> Today is Ubuntu Server Bug Squashing Day #1: Announcement goo.gl/B98ER and a pad to track current activities at http://pad.ubuntu.com/U5GLIMwc2u
<nacc> Current chairs: nacc
<jge> nacc: hmm ok, thanks for the link .. think I got it now. Selected Logical Volume Manager from the manual menu, created a volume group with my disk, then two logical volumes (root with about 80% of my disk space, and swap of about 2G)
<jge> nacc: probably not needed to have swap be a logical volume right?
<nacc> jge: probably not; like i said you might not need swap at alla nd you can always use swapfiles :)
<jge> that's true, thank you nacc
<nacc> jge: but yes, i'm not sure you need swap in a lvm, beyond consistency
<jge> nacc: I put it in there, because I remember when using the guided partitioning swap showed up in lvm.
<nacc> jge: right, because guided partitioning is trying to cver all use case (if i had to guess)
<nacc> jge: i mean, yes you can have it, it may never get used
<jge> i guess so
<nacc> jge: i don't think it really matters if it's on lvm or not
<jge> feel like I learned something new today even if it took this long to figure out ;)
<jge> now I gotta figure out how to do software raid and lvm
<powersj> nacc: if I am preparing a second SRU for a package, and the first has not already been accepted, what should I put as the version in the change log?
<nacc> powersj: not accepted or not verified?
<powersj> nacc: rbasak still needs to accept the changes, so not even in verification yet
<nacc> powersj: if not accepted, you can ask the sru team to reject your existing upload
<nacc> powersj: and then you can upload the same version up with more changes
<nacc> i think technically two people can even uplaod the same version into the queue, but i'm not 100% on that
<nacc> but only one would get accepted
<powersj> nacc: when I run dch my email shows up as username@hostname, however in my .bashrc I set DEBEMAIL, is there something else I'm suppose to set?
<drab> https://bugs.launchpad.net/ubuntu/+source/biosdevname/+bug/1284043
<ubottu> Launchpad bug 1284043 in biosdevname (Ubuntu) "udev renaming the same hardware network i/f to different name, breaks networking and firewall" [High,Confirmed]
<drab> any idea what to do about that?
<drab> it's pretty darn annoying and problematic :(
<drab> screwing up all my bridges and bonds and forcing me to do installation manually/do quite a few hacks around it
<sarnold> drab: that bug is three years old and has enough comments that it's probably accumulated a lot of unrelated cruft. Probably it'd be best to file a new bug.
<powersj> nacc: when I did a usd clone of mongodb and switched to the yakkety/devel branch it shows up as version 2.6.12-2ubuntu2, however the latest version in yakkety is 2.6.11-1ubuntu1. Am I missing something?
<drab> sarnold: I found this which actually is very recent and exactly the same as mine: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1578141
<ubottu> Launchpad bug 1578141 in linux (Ubuntu) "Predictable interface names partially broken with igb driver" [Medium,Confirmed]
<drab> same igb driver
<drab> he's even got basically the same mobo...
<drab> for a second I thought I filed it and forgot about it :P
<sarnold> heh
<sarnold> drab: nice that bug hasn't been polluted yet. I suggest reporting it to systemd upstream, add a link to it in a comment here, and try to get some traction again
<drab> sarnold: last few comments on that bug seems to suggest it's a hw problem tho :/
<drab> bios to be precise
<drab> and systemd not handling that misinformation well
<drab> altho there's also the mention of an ubuntu patch
<drab> those guys have done quite in depth debugging
<sarnold> drab: yeah, it's a good bug.
<drab> minus the almost one year with no resolution :P
<sarnold> drab: but bioses have bugs and it's unrealistic for systemd to say "go get a fix from your vendor" to every one of them. most bioses are thrown over a wall and you never have a chance to even complain to the vendor..
<drab> fair enough
<jge> anyone ever configured software raid-1, I have three disks in total: 1 SSD, 2 HD (part of the array) and 3 HD (part of the array). When I get to the last step on Ubuntu's installation where it asks to install GRUB boot loader, it gives me an option to select which drive to install it to.. I select my second disk but it fails to boot up. Any clues?
<jge> the SSD drive is not being used for anything
<drab> jge: I run quite a few raid1s and install the boot loader on all disks part of the mirror (so taht I can boot from any)
<drab> it's failing to boot up probably because it's not trying the second disk for some reason
<sarnold> is that in itself cause for concern? e.g. maybe the raid for booting isn't as useful as it could be or should be?
<jge> drab: yeah the plan is to install it on the second disk once I boot up into my system, but wouln't this be redundant since it's probably mirrored there anyway?
<sarnold> or is it expected that manual effort to boot from the right media in the case of drive1 failing is necessary?
<jge> sarnold: I take it you're not a fan of software raid? :)
<drab> sarnold: booting from a failed mirror isn't the most common thing if that's what you mean
<sarnold> jge: my new computer uses both mdraid and zfs. I use zfs on the data, mdraid on the OS drives, and I have -no idea- how the mdraid works. none. I pray I never need to figure it out..
<drab> unless the disk leads the system to freeze
<drab> normally you'd put in a new drive without the need to shutdown, assuming you have hot swap, which pretty much any modern system does
<drab> that'd be the other case and maybe the more frequent one
<drab> needing to shut down the machine to add the drive or the box locking up when you try to hot swap
<drab> it used to happen back in the days, not sure about now, been out of the loop for a while
<drab> sarnold: I do the same thing for my NAS, 2 m2 SSDs + 6 HDs in zfs and a SLOG nvme
<jge> drab: hmm yeah so what I'm doing is right then? selecting one of the disks of the array when it asks where to install the GRUB boot loader and then making sure my BIOS settings are set to boot from that drive?
<drab> jge: you should be able to select them all
<sarnold> drab: hehe yeah very similar setup: 2 ssds + 9 hdds + nvme slog/l2arc (slog appears unused, I keep thinking I should take it back out and re-partition that nvme to just be l2arc)
<jge> drab: tested on another identical machine I was working on and it booted fine! something must be up with that other
<drab> sarnold: are you finding l2arc useful? I've been mostly just reading and it didn't seem that it made a lot of sense if you had enough RAM and didn't read a lot of new things all the time, but maybe you do
<drab> jge: maybe, maybe disk order
<drab> some bios settings
<jge> yep, that must be it.. thanks drab
<drab> mmmh bridging over bonding... this is getting a tad complicated to automate...
<jge> drab: should I just do a grub-install /dev/sdc (other disk on the array) once I boot up?
<drab> jge: the mirror should take care of it, but honestly I have never directly tested that part, like I said I install it on all drives part of the mirror
<drab> but it should work I guess
<drab> does it even let you choose the md device at all? or is it just offering raw devices?
<jge> drab: just raw devices
<sarnold> drab: l2arc is insanely useful for me; I have to admit the nvme storage isn't anywhere near as fast as I had hoped it would be when I bought it, but it's a drastic assistance for my workload
<drab> jge: k, well, up to you, I'd just select them all and sleep better, but if you're just testing I guess give it a try
<drab> jge: also fyi in case you haven't seen it, there's a bug affecting mdadm/initrd and degraded boot
<jge> drab: it wont allow you to pick multiple, only one
<drab> as it stands xenial won't boot from degraded raid
<drab> it'll just sit there and eventually time out adn drop you in a initrd shell
<drab> (you can resume from there tho)
<jge> ohh wow, no I was not aware of it
<jge> so if the array is degraded and reboot the machine it wont come back uup?
<drab> correct
<jge> I've never done software raid with ubuntu, in case a drive goes bad does it allow you to swap it out for a new one and rebuild it without rebooting? cause that would be bad.
<jge> drab^
<drab> jge: yeah that's no prob
<jge> ok got it, will not it thanks from bringing it up
<jge> note*
<drab> http://askubuntu.com/questions/789953/how-to-enable-degraded-raid1-boot-in-16-04lts
<jge> thank you drab
<nacc> powersj: sorry, was afk for a bit, let me look
#ubuntu-server 2017-03-23
<drab> anybody familiar with bonding/lacp and iperf testing?
<drab> I think my setup is correct, but the numbers disagree
<vexati0n> does anyone have any idea how (or whether it's possible) to move an intact Snap app from one server to another one, including its data?
<cpaelzer> good morning
<lordievader> Good morning
<jamespage> zul: when you start can you read me comments on https://bugs.launchpad.net/cloud-archive/+bug/1675088 please
<ubottu> Launchpad bug 1675088 in Ubuntu Cloud Archive "Restrict permissions on Openstack installation" [Medium,Fix committed]
<Giane> Hi all I have a problem to configure my apache2 for redirect to 3 different webapps someone can help me?
<zul> jamespage: doh i didnt see your comment
<jamespage> zul: no worries
<cpaelzer> jamespage - could you verify the rbd issue in bug 1672367 against yakkety proposed?
<ubottu> bug 1672367 in qemu (Ubuntu Yakkety) "libvirt uses password-secret on old style drive_add syntax" [Undecided,In progress] https://launchpad.net/bugs/1672367
<cpaelzer> jamespage: due to a stall in SRUs I merged this with the follow on, so it got no auto-update to the bug
<cpaelzer> Last time you checked for your issue and ran a Tempest on it IIRC - repeating that on y-p would be great
<cpaelzer> I'll do generic regressions tests on my side as well
<hateball> Giane: did you try #httpd ?
<Filystyn> is xinetd question ok here?
<cpaelzer> Filystyn: just ask, there might be the chance that nobody knows but other than that feel free
<Filystyn> ok i have xinetd service
<Filystyn> but the bianry iopen server on same port udp and tcp
<Filystyn> what protocol i pass in xinetd config
<Filystyn> hm?
<Filystyn> the bianry runs server udp and tcp on same port
<Filystyn> so what service?
<cpaelzer> Filystyn: there can be equally named service config statements in its config - in your case one for tcp and one for udp
<cpaelzer> Filystyn: so copy&paste and change the prorocol
<jamespage> cpaelzer: kicked the yakkety proposed tests off am today
<jamespage> need to review
<ronator> hi, I have an issue with ubuntu16 after release-upgrade and system-networking: the second network card always fails when trying to bring it up. the first one has no problems. "failed to bring up ens192" - how can I fix this? Do I have to use /etc/udev/rules.d/70-persistent-net.rules (it is emtpy but works for eth0/ens160)
<ronator> feels verys much like this issue: http://askubuntu.com/questions/795592/failed-to-start-raise-network-interfaces
<Filystyn> cpaelzer ok thx
<ronator> Yes, I do have ens192 (confirmed)
<jamespage> zul:  amd64 build of python-oslo.cache 1.19.0-0ubuntu1 in ubuntu zesty RELEASE
<jamespage> is that you?
<cpaelzer> jamespage: thanks, let me know once you had time to look at their results
<zul> jamespage: yeah wrong ppa
<zul> jamespage: ermm....yeah i created a pike-staging ppa so i can build deps going under openstack-ubuntu-testing group
<jamespage> zul: good - we can stage everything in that and then sync out to the real pike-staging ppa and the pike ppa when things look good
<zul> jamespage: yeah im building for zesty right now though
<jamespage> zul: yeah I was just thinking about that
<jamespage> zul: oh right yes I remember - this is the 'fake zesty' thing we chatted about yesterday right?
<zul> jamespage: ill use backportpackage when im done is what im thinking
<zul> jamespage: yeah i prefer 'in-between zesty'
<ronator> systemd-networking drop-in replacement seems broken for more than one NIC - is this a known issue for ubuntu 16.04.2?
<Giane> hateball, yes ty solved
<hateball> :)
<ronator> systemd-networking fixed
<Filystyn> one more question
<muser> So I am thinking about building a home file server using an older desktop. Does this sound like a waste of time? I plan to use a 1TB internal drive. My other laptops and desktops in the house will backup designated folders to this machine (just user files not system files).  We will also have Samba shares so we can transfer music and other things between our win/linux machines.  This server will then use an external usb drive to b
<muser> ackup the internal drive weekly or so.
<compdoc> sounds great, but 1TB isnt much space
<nacc> muser: and what are you going to do to backup the file server?
<nacc> muser: ah nm, i see the trailing line now
<muser> It may be a 2 TB drive I Don't remember. I bought it about 6 months to a year ago. I just never could decide how I wanted to do it.
<muser> I originally thought to RAID1 the share drive but read more about it and it was suggested to just to a straight scheduled backup instead.
<muser> I have ubuntu server on the hardware already. Runs great no real power consumption. I haven't really looked into what it takes to schedule my backups on the other machines. They are a mix of Win8.1, Win7, and Mint of various versions.
<blackrabbit> hello
<blackrabbit> can you help me with step 6 on ubuntu server? I don't know what I should do http://doc.otrs.com/doc/manual/admin/5.0/en/html/manual-installation-of-otrs.html
<rbasak> blackrabbit: you're more likely to get help on an OTRS support channel. Ubuntu doesn't ship OTRS and didn't write those instructions, so we don't know much about it here.
<blackrabbit> rbasak, more ubuntu relate thing is that according to the manual, there should be folder "/etc/apache2/conf.d" but it seems that on ubuntu it's "etc/apache2/conf-enabled"
<rbasak> Sounds like their instructions were written against a really old version of Ubuntu.
<faekjarz> Hey there! I have one of those fancy i350-T4 NICs, out of China (not the power consumption optimized V2 though). It's got a plastic heat sink, yes plastic. Although there is thermally conductive plastic, of which heat sinks are made, I don't trust it. Until a proper metal heat sink is delivered next week, i'd like to keep an eye on the temperatures. Please give me a gentle nudge in the right direction, to monitoring i350 temps on 16.04. T
<jge> hey all, trying to disable IPv6 on ubuntu (following directions here: https://paste.ee/p/Y8apy) but where do I put this "long-life config file?"
<faekjarz> jge: you don't need to manually put it somewhere. The "...| sudo tee..." already does it.
<sarnold> faekjarz: you were cut off at "temps on 16.04. T"
<sarnold> faekjarz: plastic heat sink eh? sounds crazy
<jge> faekjarz: oh wow, failed to see those commands are enclosed within the echo command.. thought they were separate :P
<faekjarz> jge: tee works like a plumbers T-coupling, it writes to stdout, and to the specified file
<jge> thanks
<faekjarz> my cut-off remnants: Tools? Links? Maybe even howto guides? Anyone?
<sarnold> faekjarz: in the past I've used lmsensors; I suspect these days there may be easier mechanisms, but I don't know any off-hand
<sarnold> faekjarz: before going with lmsensors I'd probably try to find the relevant directory in /sys/devices/ for the NIC and see if there's any files that look useful.
<sarnold> faekjarz: and it's wild speculation but maybe NRPE or collectd or similar has stats for your nic?
<faekjarz> sarnold: i haven't installed my new puppy yet. Ah, yes, the mighty sysfs :)
<sarnold> (which might be useful to steal from, if not use)
<sarnold> faekjarz: hehe, that makes sense.
<faekjarz> haha, AYE! But i want to play with it, so so bad. xD
<faekjarz> well, i mean, i don't intend to load it to its max. capability (32, i.e. 4x8 VFs <3) â shouldn't become too hot. The >1k pages controller IC datasheet states Tcase Max. of >100Â°C. I doubt that i'll reach that high.
<sarnold> maybe plastic is fine then? :) heh
<faekjarz> *sigh* almost every other i350 on ebay seems to have a ~proper* metal heat sink â¦i chose the cheapest from China :\ That's why i'm concerned
<sarnold> how about the rest of the thing? may be a "fourth shift" or similar knock off entirely :/
<faekjarz> oh, it's got a "China Export" symbol, i.e. a CE (Conformite Europeanne, don't quote my spelling) - the C is supposed to be half a circle, of which the invisible half overlays the E up to the origin of the Es' center line
<faekjarz> this is how the CE sign works https://upload.wikimedia.org/wikipedia/de/f/fd/CE-Norm.svg â¦the one on my NIC is way to narrow, hence it's a "China Export" sign :\
<faekjarz> â¦however, thanks sarnold, i'll look into what you mentioned
<DirtyCajun> Does anyone have any experience with the TACACS package?
<DirtyCajun> tac_plus
<bekks> !ask | DirtyCajun
<ubottu> DirtyCajun: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<DirtyCajun> Fine haha. I manage a large environment using TACACs and would like to break the tac_plus.conf file down in to sub sections similar to how Apache does. It does not like source /folderlocation. Has anyone tried or been successful in this endeavor and how?
<sarnold> DirtyCajun: you could always generate it yourself, like cat /etc/cajun/tacos/*.conf > /etc/tacacswhatever.conf  in a systemd pre-exec line or init script or something similar
#ubuntu-server 2017-03-24
<DirtyCajun> sarnold, that is an interesting way to go about it... ill look into it in the morning. Basically regenerating the conf file every edit... Very out of the box! i like it
<Henster> Morning, I'm copying over allot of files and i want the system to email me when the job is done ? i do have emails set up ,can some one please point me in th ecorrecti direction?
<Henster> the correct*
<sarnold> if the 'mail' command actually works correctly you can try cp a* b/ ; echo done | mail -s done username@example.com    (at least I think that's how mail works, it's been a while)
<Henster> ok cool tx , will try
<blind_techie> Hi All, looking for some help getting wi-fi setup on my little portable server.
<blind_techie> I'm looking to have it create a wi-fi access point if it is not connected to the network so that I can then connect it to the network by inputing credentials into its web interface.
<blind_techie> Any pointers on where to start.
<sarnold> blind_techie: I've never tried it myself but I think hostapd is a reasonable starting point for making a standard linux machine pretend to be an access point http://w1.fi/hostapd/
<lordievader> Good morning.
<lordievader> blind_techie: Hostapd is a very nice way of creating an access point, granted your wifi nic supports master mode.
<blind_techie> Thanks. I'll check it out. What about using NMCLI?
<lordievader> NetworkManager has AP support?
<lordievader> Wait, why am I surprised?
<lordievader> blind_techie: https://wiki.archlinux.org/index.php/software_access_point
<lordievader> Arch also goes the hostapd route.
<blind_techie> I'm not sure how easy it would be to get the server to become a network client with this setup. IE. I'm not sure hostapd will allow the server to stop broadcasting, connect to the website and then return to hosting if it fails.
<sarnold> I'd expect it to be difficult to get the details right
<blind_techie> I'll try the method in the second link.
<sarnold> but it should be possible to write a little program that manages hostapd and iwconfig and wpa2_supplicant and a simple webservice, say sinatra or flask or a little go server, and manage state transitions among all the inputs.
<blind_techie> node.js perhaps. Hmm!
<blind_techie> I found this package https://www.npmjs.com/package/wireless-tools
<sarnold> wow, that looks like it knows how to drive everything.
<sarnold> alright, bedtime here. have fun. :)
<blind_techie> Thanks.
<blind_techie> Night night!
<sarnold> thanks :)
<blind_techie> No problem.
<lordievader> blind_techie: It is easier to make a dedicated access point.
<lordievader> The management of your requirement sounds like a pita.
<blind_techie> It is for installation on a single board computer where we have one card for wireless. The point is to allow the device to be configured by a smartphone or tablet and then connect to the internet by itself.
<snypz> hello all
<lordievader> o/
<Pinkamena_D> kind of out there request but anyway: I have a development server where I have many (python) web apps running on different ports and I have other people test things on this machine. From my local workstation I have a bash script that pushes new updated to these servers. The web apps are run in a screen session with console output so that if some error happens I can quickly look at it and debug it. However after the
<Pinkamena_D>  updates are pushed I have to ssh and restart the process manually to see the updates. Is there any way to restart the process in the screen session automatically? (equiviliant to attaching to screen, pressing ctrl c, up, enter)
<rbasak> Start with a post-receive hook
<rbasak> (in git)
<rbasak> Making the thing restart inside the screen session is a little trickier
<rbasak> You might need to wrap it with something that'll interact with the post-receive hook.
<rbasak> I can't think of anything similar while still keeping it inside a screen.
<rbasak> Some web frameworks have an auto-restart function, like cherrypy. So an alternative might be to integrate that into your code.
<admcleod> xibalba: jemurray (or anyone else) - any idea if the IO load is particularly high right now?
<admcleod> er... ^ ignore
<drab> hi, anybody running bonding? I'm seeing what look like a problem with the ifup scripts
<drab> if I ifdown the bond, it takes all the slaves down, which is fair enough I guess
<drab> however if I ifup the bond, the slaves aren't brought up even tho they are specified as slaves for the bond in /etc/network/interfaces
<drab> as a result network is broken on the box
<drab> I have to manually bring the slaves up and then it works
<drab> shouldn't that happen automatically as part of ifup?
<patdk-wk> how did you configure it?
<drab> is there any irc channel or ml/forum to ask hard server questions? having some problems and not quite sure where to turn to
<drab> stuff like spiceworks seems rather generic and ubuntu-server seems dead silent/only server dev oriented which is fair enough
<patdk-lap> haven't seen you ask anything
<patdk-lap> you ignored my question to help you earlier
<nacc> drab: --^
<nacc> drab: there's #linux (iirc -- maybe ##linux)
<drab_> patdk-wk: hi, got disconnected again, didn't mean to ignore you, been a very flacky internet day
<drab_> I never saw your msgs
<drab_> I think I always responded in the past whenever you asked questions and I'm grateful for all the help
<patdk-lap> <patdk-wk> how did you configure it?
<patdk-lap> there are so many ways to setup bonding in /etc/network/interfaces
<drab_> patdk-wk: sec, pasteb'ing, thanks
<drab_> patdk-wk: http://paste.debian.net/924212/
<drab_> this actually works (it was the last attempt I made)
<drab_> it's a bridge for lxd on top of a bonded quadnic
<drab_> and since I added the bridge with the up ifconfig eth* up things have improved
<drab_> before I only had the bond with the lxdbr0 attached to it
<drab_> maybe I should have had the "up" statements in there too?
<drab_> I thought that since I had the auto and the master/slave statements the slaves should have been brought up and joined automatically
<drab_> but if I do ifdown bond0 and ifup bond0 it says waiting for slaves to join, but they never do
<patdk-lap> I don't use the bond-slaves line at all
<drab_> patdk-wk: ok, I can try to take it out and see if it makes a difference, I got that from the ifenslave readme, I was actually hoping to use only that one without bond-master since it simplified the gen of interfaces file, but it didn't work without
<patdk-lap> up ifconfig bond0.4 up
<patdk-lap> that I do have to do on my bridges though
<drab_> ok, I have that too, up ifconfig bond0 up
<patdk-lap> no, cause it won't setup the other interfaces
<drab_> the bridge on top of the bond seems to work fine, the problem seems to be the slaves of the bond not coming up
<patdk-lap> I do not have any of the other ifconfigs at all
<patdk-lap> ya, I blames your bond-slaves line
<drab_> but I'm trying without the slave statement to see what happens
<drab_> k
<drab_> testing, thank you
<drab_> btw I got that idea from /usr/share/doc/ifenslave/README.Debian.gz
<patdk-lap> actually
<patdk-lap> I have bond-salves none
<drab_> but maybe I misread it
<drab_> ah, uhm, oikj
<drab_> patdk-wk: so you don't have any up ifconfig $slave_iface up at all in the bond stanza or elsewhere?
<drab_> they just come up?
<patdk-lap> http://paste.debian.net/924213/
<drab_> thank you, great example
<snypz> hello all
<drab_> hello snypz
<drab> patdk-wk: got kicked out again. same behavior with slaves none
<drab> everything comes up and works at boot
<drab> but if I do ifdown bond0 it dowsn the slaves too
<drab> but ifup bond0 doesn't see any slaves joining
<drab> I have to manually bring them up
<drab> so same situation as before with the slaves statement referencing all the slaves
<patdk-lap> oh, that won't work
<patdk-lap> cause they are set to manual
<patdk-lap> you have to manually up and down them
<patdk-lap> the auto just works on boot to ifup them
<drab> ok, fair enough, that's what I suspected, but I wondered if there was automagic I was missing since they are brought up "magically"
<patdk-lap> only way I know if you care about that is to setup a bunch of pre-up and post-down commands or somethign like that
<drab> yeah, that's what I was trying last
<patdk-lap> they are not really brought up automatically
<patdk-lap> the auto means, when the os sees the new nic, it ifup it
<drab> to have a bunch of up ifconfig eth* up in the bond stanza, similarly to what you also have in the bridge
<patdk-lap> you would have to add a down one there
<patdk-lap> then probably add some up and downs to the bond
<patdk-lap> personally I never do that stuff
<patdk-lap> cause I need it up, and only up
<drab> heh
<drab> patdk-wk: how's the jumbo frame stuff working out for you btw? have not set that up because I don't have 100% quipment supporting it and I can't figure out from the interwebs if mixing is a bad thing or not
<drab> so for some server-to-server stuff that'd be fully supported, but from clients/desktops some switches in the path won't
<patdk-lap> never use anything else
<patdk-lap> heh?
<patdk-lap> the whole network has to be jumbo or not
<drab> ok, fair enough
<patdk-lap> you can't mix up mtu's on the same network
<drab> I have some leaf switches that aren't, close to ppl's workstations
<patdk-lap> everything at amazon switched to jumbo a few years ago
<drab> good stuff
<patdk-lap> only if your switch can handle it
<drab> I consider myself lucky we finally have servers and not old desktops running all our services :)
<patdk-lap> it plays hell on microbursts with switches limited buffers for gigabit
<drab> is there any way in udev rules to match physical interfacels only?
<drab> in /etc/udev/rules.d/70-my-net-names.rules
<drab> SUBSYSTEM=="net", KERNEL=="e*" ACTION=="add", ATTR{address}=="xxxxxxx", NAME="eth0"
<drab> initially I had no KERNEL=="e*"
<drab> and that caused troubles with the bridge which was going to take the mac of eth0
<drab> I added KERNEL=="e*" and that fixed the issue and works on a few servers which would normally come up with enp* and em* interfaces
<drab> however on another machine there's some network devices named p*
<drab> it'd be useful to be able to just refer to "physical" interfaces vs sw ones like bonds or bridges
<drab> but I don't see how to do that
<nacc> drab: if you can programmatically determine that, you can use PROGRAM
<patdk-lap> why do you want to name all of them manually?
<patdk-lap> if you want to do that, why not just uninstall the naming package?
<patdk-lap> did that thing get renamed or something?
<patdk-lap> used to be called something like biosdevname or something
<drab> patdk-wk: it happens without biosdevname installed
<patdk-lap> ya, systemd does it
<drab> the naming becomes odl style again if I pass net.ifnames=0 and biosdevname=0
<drab> but that creates a different set of problems
<drab> so renaming with udev is still the "best", altho that is now also creating issues..
<drab> if I don't rename them there is a bug in netcfg and I can't do pxe installs
<patdk-lap> I would recommened, not hitting bugs
#ubuntu-server 2017-03-25
<drab> speaking of bugs...
<drab> patdk-wk: you're not hitting this one? https://github.com/systemd/systemd/issues/3374
<drab> for some reasons it's not happening on one server class but it's happening on the other
<drab> same i350 cards with igb module
<drab> same /etc/network/interfaces
<keithzg> Is there some sort of SSL caching mechanism? I've *definitely* configured a Dovecot instance to use a real certificate, but it keeps spitting out an older self-signed one that isn't configured to be used anywhere in the dovecot configs, and it's utterly baffling me!
<drab> mmmh, I think I have renaming problems... it seems it tries to bring up the bond before the interfaces are renamed
<drab> and the above systemd bug is just a red herring
<drab> so it doesn't find any eth0
<drab> uhm, kinda dodgy, but it seems if I move the bond stanza first, before the interfaces, then it works at boot too
<sarnold> keithzg: are you sure you're working with the correct machine? the correct paths? try breaking something very badly in the config and make sure dovecot refuses to start with the bad config, and that your client testing it also reports failure to connect, etc..
<drab> otherwise I'm seeing messages complaining that bond0 isn't ready and somehow it's not retrying/working out
<patdk-lap> nope, don't believe I have
<faekjarz> Hey there! Do i need a special kernel boot parameter to use SR-IOV?
<patdk-lap> no
<patdk-lap> but your nic and bios and driver all need to support it, and have it enabled
<faekjarz> my nic is an i350 (check) bios? VT-d is enabled. should suffice (?)
<patdk-lap> heh?
<patdk-lap> vt-d has nothing at all to do with sr-iov
<faekjarz> ok
<patdk-lap> kvm, yes, sr-iov, no
<lordievader> Good morning
<lordievader> Didnt ethtool list support for that feature?
<faekjarz> lordievader: talking to me? i didn't come across any iov related output of ethtool.
<lordievader> No, more in general... thinking out load.
<lordievader> loud even.
<faekjarz> btw: i put my i350 in the wrong PCIe slot. The mobo manual doesn't have a block diagram, but i think it's connected to the PCH now. echoing 1-7 to 'find /sys -name "*numvfs"' now spawns a lot of VFs *happy*
<adrian_1908> Not sure if this is the right place to ask, but does anyone know if 16.04 will eventually have PHP 7.1 through the regular streams?
<blackflow> adrian_1908: regular streams? you mean the main, updates and security repositories? Probably not
<adrian_1908> Yeah I meant those repos you mentioned. Ok.
<adrian_1908> There looks to be a PPA, so if that's well done I imagine that would work too if I feel I want to upgrade.
<blackflow> is there any significant benefit of 7.1 over 7.0? (asking as an admin of 7.0 systems)
<blackflow> I mean, unless you're a dev and want to take advantage of the new language features.
<adrian_1908> Beats me. I'm setting up a PHP server for the first time myself, and I noticed that several options have been deprecated in 7.1 (but not 7.0) so if there are saner design choices, one may wish to upgrade before 18.04 LTS comes out.
<blackflow> usually deprecated options linger around for long time before they're completely dropped, in php. from what I see in the changelog, it's nothing significant
<blackflow> in other words if you're on LTS and favor stability, no reason to rush over to 7.1
<adrian_1908> ok!
<daincredibleholg> good morning together
<daincredibleholg> I was wondering if any of you uses Ansible to install graphite-web on your server? I am looking for a way to automate the step `graphite-manage syncdb` which requires super user details and the only way of doing this without interaction is to have a fixture file which would mean having the super user details in plain text in my version control. Nothing I necessarily fancy...
<daincredibleholg> Ok, found a way. Will use fixture and use template vars to inject the fields.
<blackflow> Need some help understanding the bugfix cycle. I reported a bug, and the fix was found, the bug is in "Fix released" status (#1673357), also tagged "server-next", with a note that the problem is fixed in Zesty. Will the fix be applied to Xenial? How/where can I track the progress of such fixes trickling down to LTS?
<blackflow> Or, better question: What happens next to #1673357?
<jancoow> Hi. I don't know what happends, but I was trying to restart docker
<jancoow> docker.service, and now Nothing response anymore
<jancoow> I can't even reboot: -bash: /sbin/reboot: Too many open files in system
<jancoow> how could I reboot now?
<chuck66> have you tried  $ sudo shutdown -r now?
<jancoow> yup
<jancoow> can't execute any command
<blackflow> jancoow: systemctl -f reboot  ?
<jancoow> in the mean time I walked downstairs to my server &^
<chuck66> jancoow: were you able to reboot?
<jancoow> with the reset button, yeah
<drab> urm, anybody knows why zpool list and df -h would disagree so far as 3TBs?
<drab> zpool list shows my pool to be 10.9TB, which is what I'd expect it to be with 6 disks in raidz2, so 4x3TB, with about 1TB lost, which is crazy, but fair enough
<drab> however df -h says 7.1T
<drab> oh, nm, sort of, at the very least zfs list and df agree
<drab> nm, pebkac
<Haris> hello all
<Haris> I have mysql on 14.04. I stop it. It gets instantly restarted. Is that apparmor or watchdog or what watching/re-running it ?
<bekks> Haris: How do you stop it?
<Haris> by running /etc/init.d/mysql stop
<compdoc> lies
<compdoc> ooops
<tomreyn> Haris: this suggests you have non standard behavior on this system.
<tomreyn> check your process list for any watchdogs running there.
<OerHeks> Haris, -d /etc/init.d/mysqld <start stop restart>  but normally one would use service to handle mysqld
<Haris> hmm
<Haris> I see
<Haris> will check it in lab env
<Haris> thanks all
#ubuntu-server 2017-03-26
<jge> â8
<TurBoss> Hello
<TurBoss> I'm using virt-manager to add a nfs pool
<TurBoss> is posible to specify the nfs version 3 in this case (old nas)
<TurBoss> ?
<TurBoss> bye
<DocMAX> help! i accidently deleted the "mods-enabled" folder... how can i reastore at least the defaults? (ubuntu 16.04 running)
<drab> sarnold: https://bugs.launchpad.net/ubuntu/+source/isc-dhcp/+bug/1654624
<ubottu> Launchpad bug 1654624 in isc-dhcp (Ubuntu) "dhcp apparmor profile complains about lxd client" [High,Confirmed]
<drab> sarnold: that says you'd be inclined to give an advice on irc... ;)
<drab> what I don't get is why I don't see these problems on xenial on my test host
<drab> but I'm seeing them on the host I just set up for prod...
<drab> same xenial instance generated by ansible so diffs should be 0, but something obviouslty is different
<drab> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1660836
<ubottu> Launchpad bug 1660836 in linux (Ubuntu Zesty) "apparmor auditing denied access of special apparmor .null fi\ le" [Undecided,Fix released]
<drab> also this seems related, it says fixed, but I have the right kernel adn still seeing the issue
#ubuntu-server 2018-03-19
<Saad> Hey, there's anyone running 17+?
<Saad> There's no /etc/rc.local anymore?
<leftyfb> How can I block all broadcast traffic from a particular vlan? My setup is an interface with 2 tagged vlans but only 1 configured for use. I'd like to block all the ARP and UDP traffic on the unused vlan
<netham46> Any way to run a headless XDMCP server in a VM?
<netham46> End goal is to have 3 or 4 crappy PCs act as thin clients on the same network as the VM.
<netham46> End-end goal is to get a PXE boot going where they boot and just connect over XDMCP to it.
<cpaelzer> good morning
<OpenTokix> Saad: There is none, but if you make it - it will get run
<cfnc> Hello guys. Sorry for the question, I made a big mistake. I disabled sudo group to use sudo command from /etc/sudoers but I've never setted a root password.... How can I recover the system without reinstalling the whole os? Could I chroot into the system and change root password?
<cpaelzer> cfnc: yes if you can boot from something else (usb/cd) then you can chroot in
<cfnc> cpaelzer: I'm going to try...
<cpaelzer> cfnc: if you have no other setup that prevents you to mount your disk (encryption, complex multipath/raid/...) then you can also boot  into bash directly
<cpaelzer> cfnc: see https://askubuntu.com/questions/24006/how-do-i-reset-a-lost-administrative-password
<cfnc> cpaelzer: okay I chrooted into system and I changed the password for root user. Thank you ;)
<ccha> hello I have an OUT OF DISK SPACE when I run apt update. But there are more than 7Gb free for /var and 3% inode use
<ccha> I don't understand why I got the OUT OF DISK SPACE
<cpaelzer> ccha: you can be out of space or out of blocks, also you might be out of space on other than /var
<cpaelzer> https://serverfault.com/questions/275206/disk-full-du-tells-different-how-to-further-investigate is a common issue
<leftyfb> ccha: check /boot
<cpaelzer> ccha: but you might just strace the call and see which actually gives you the ENOSPACE
<ccha> ok it wasn't out of space on my server but on the proxy and it was a http message
<MitchT> when is the next azure image due to 'go out'
<MitchT> for ubuntuserver
<MitchT> the last daily is from the 15th
<vimes> hello! I am running a small ubuntu webserver hosting now 5 websites, I was told by ...some dude, that the way I do things now. SSHing inn and doing manual config is a horribly bad idea and that I should look into ansible instead. So I'll ask you guys, does me learning ansible to manage one webserver make sense? I usually don't get crashes as I just test things localhost first
<leftyfb> ansible would be helpful to rebuild from scratch
<leftyfb> other than that, not really
<rbasak> vimes: I think so. Having a codified deployment is useful when upgrading to a new release too, which you have to do every so often to maintain security support.
<rbasak> You can do a do-release-upgrade, but that just leads to your server getting messier over time with less visibility of what's on it and how to rebuild it.
<rbasak> And that typically leads to a bunch of legacy most people could do without.
<vimes> mmm is ansible the "recomended by you" way to go? I've never used automation tools beyond home cooked bash scripts and cron before
<rbasak> I'm not familiar with ansible specifically. It seems pretty popular, but so do all the alternatives.
<rbasak> IMHO, for a small deployment, it doesn't really matter as long as it's flexible enough for you, and the simpler the better.
<rbasak> For a tiny deployment, a shell script is fine.
<rbasak> (or even some handwritten instructions for that matter)
<Ussat> TBH, one server, 5 sites, home cooked scripts are fine
<Odd_Bloke> smoser: So regarding https://bugs.launchpad.net/cloud-images/+bug/1756420, I'm wondering if we need to defer this to next cycle.
<ubottu> Launchpad bug 1756420 in pv-grub-menu (Ubuntu) "replace grub-legacy-ec2 with pv-grub-menu" [Undecided,New]
<Odd_Bloke> This seems more complex than a drop-in replacement, and I don't think our team has the cycles to do anything about this before then.
<MitchT> Odd_Bloke.. do you / your team control the release of versions to azure
<MitchT> .. timing.. release timing
<Odd_Bloke> MitchT: Yep, we're responsible for the automation that does the releases.
<Odd_Bloke> MitchT: On your issue from last week, I believe it was a cloud-init bug that has been resolved; the latest/next image should work.
<MitchT> Ok. I was noticing that the images don't really line up with a specific pattern. Sometimes its one day, others its more than two
<MitchT> just trying to learn more about the process since its integral to how our systems deploy.   They are rebuilt completely during each deployment.
<smoser> Odd_Bloke: I kind of have to agree.
<smoser> the other option is to just rip it out of cloud-init source at least
<Odd_Bloke> MitchT: I'm in a meeting ATM, but I'd be happy to chat about it a bit once I'm done.
<Odd_Bloke> smoser: You're thinking a separate source package, or a large Ubuntu delta in pv-grub-menu?
<smoser> separate source package.
<smoser> named grub-legacy-ec2 just not provided by cloud-init.
<smoser> mainly i'd really like to get that out of my ownership
<Odd_Bloke> smoser: I'd be +1 on that.
<smoser> Odd_Bloke: i might try to do that then.
<smoser> and then assign ownership to foundations in some way.
<adac> I'm following this howto:  https://unix.stackexchange.com/questions/198003/set-default-kernel-in-grub/224708#224708 but there is always just the newest kernel booted still
<adac> any ideas?
<adac> I'm on 16.04 btew
<adac> *btw
<MitchT> Odd_Bloke i'll be out from 12-1 EST (its 15 till 12 now here) can you meet up later with me on here? i'm interested to know how the images are created that we consume.
<MitchT> just DM me a time
<dpb1> adac: any ideas on what? :)
<nacc> dpb1: 08:40 < adac> I'm following this howto:
<nacc> https://unix.stackexchange.com/questions/198003/set-default-kernel-in-grub/224708#224708 but there is always just the newest kernel booted still
<dpb1> ah
<dpb1> I missed the bit after the link
<adac> :)
<adac> Still happy if anyone has an idea ;)
<nacc> adac: have you checked the result of the sed, etc?
<nacc> adac: that is, the count matches what you want it to ?
<adac> nacc, actually I tried with sed but also with hand
<adac> just adding number with vim
<adac> but both did not work actually
<nacc> adac: can you pastebin your /etc/default/grub, and your /boot/grub/grub.cfg ?
<adac> nacc, ok gimme a sec
<ndac> needs more confustion.
<MitchT> hahaha
 * MitchT nice use of the me command
<MitchT> OH!
<MitchT> what the.
<adac> nacc, https://gist.github.com/anonymous/d331b098ab22acd9212bd083099ffa88
<MitchT> ok. confused myself.
<adac> nacc, https://gist.github.com/anonymous/79aa39d649180b468b5601b5f95425f0
<dpb1> adac: I'd actually look at the top upvoted answer.  it looks like 'GRUB_DEFAULT' can be used to point to a specific menuentry-id
<dpb1> adac: in /etc/default/grub
<nacc> adac: and, to be sure, you're running `update-grub` after, right?
<adac> nacc, yes i did
<adac> dpb1, yes I set it to 3
<dpb1> adac: no, somethign like this:
<dpb1> GRUB_DEFAULT="gnulinux-advanced-65c9af03-3d9b-411c-99b2-a9ada0961a40>gnulinux-4.7.0-1-amd64-advanced-65c9af03-3d9b-411c-99b2-a9ada0961a40"
<nacc> adac: i don't believey you have a 3rd menu entry
<dpb1> adac: thus making the simple index you are using "3" as not valid
<nacc> adac: i'm not 100% on how grub does it, but you have a top menu then a submenu after it
<nacc> i'm not sure it linearly indexes those
<dpb1> basically, you see the '>' character?  that is traversing the menu
<nacc> yeah, i think referring by name is better
<nacc> i believe you can actually do it with just the id, dpb1
<adac> nacc, this was the ouptutof this awk
<dpb1> nacc: yes, I think so
<nacc> the $menuentry_id_option thing
<dpb1> nacc: like 2>4 or something
<adac> https://gist.github.com/anonymous/3b01096d9a2f28e4594657ac6834914d
<nacc> dpb1: even less than that, you can just use teh unique global id of 4 (iirc)
<adac> so that is why I used #3
<dpb1> nacc: maybe, have not tried
<dpb1> nacc: but I hope you are right
<nacc> dpb1: it should be possible, if it's not :)
<dpb1> +1
<nacc> adac: yeah, i'm not 100% convinced that awk is right
<nacc> it's assumign a flat grub.cfg and flat parsing of the indices
<adac> nacc, would you say it is 2 then :)
<nacc> adac: no
<nacc> adac: read the answer right after that linnk
<dpb1> adac: I would not trust the answer you linked to.  I would use the top upvoted one
<nacc> "the indices you can set with grub-set-default only correspond to the main menu entries"
<adac> dpb1, but this a server i access only via ssh I cannot  slect this manually on boot
<dpb1> manually?
<dpb1> adac: the top upvoted answer describes how to modify /etc/default/grub
<dpb1> https://unix.stackexchange.com/a/327686/9160
<adac> sorry was in the wrong tab
<adac> you are right
<dpb1> np
<dpb1> I mean, I haven't tried it, but it looks like a sane general approach to fixing this problem.
<adac> which number has it then^^
<sdeziel> adac: if it's a one off test, you can directly editing grub.cfg to reorder the kernels, quick and dirty but should work
<adac> https://gist.github.com/anonymous/7bfbeedca71672e6411b5a8404a5d283
<adac> sdeziel, kk thanks
<adac> i tried now: 0,1,2,3
<sdeziel> adac: that said, at one point I was able to pick a submenu item by editing /etc/default/grub so it should work (sometimes ;))
<Odd_Bloke> MitchT: Instead of having a time, I think we can just do this asynchronously here.
<adac> nothing of thsoe works it always the newest kernel booted
<Odd_Bloke> MitchT: Briefly, we produce a new daily whenever there are changes to packages in the image; for the development series this is generally every day, but for released series this can be further apart.
<dpb1> adac: are you running update-grub after?
<dpb1> or are you leaving it alone
<Odd_Bloke> MitchT: Once that daily has been built, we then consider whether it's a candidate for release; if the packages changed affect first boot (e.g. the kernel, cloud-init), then we also register the image as a release.
<adac> dpb1, jepp
<Odd_Bloke> MitchT: We will also manually trigger releases for specific reasons; this most commonly happens for security fixes to packages which aren't in our regular promotion set.
<dpb1> adac: which
<Odd_Bloke> MitchT: That's a high-level overview; please do ask me any questions that you have. :)
<adac> dpb1,
<adac> which update-grub
<adac>  /usr/sbin/update-grub
<dpb1> adac: update-grub is reverting your changes, unless I'm misunderstanding you?
<adac> dpb1, I edit the /etc/default/grub file and add the number there. then run update-grub
<adac> then reboot
<adac> and it is always the newest kernel booted
<adac> vmlinuz-4.13.0-36-generic
<dpb1> adac: and when you run update-grub, do you notice that grub.cfg reverts the file??
<dpb1> err, *that grub.cfg is reverted?
<dpb1> update-grub rewrites grub.cfg.  That's its job.
<TJ-> adac: which entry do you want to boot from?
<adac> dpb1, hmm I see. actually when I run update-grub the grub.cfg is reqritten according to the date
<dpb1> adac: yes
<TJ-> adac: I find it better to use menuentry names e.g. I have for an entry 2 sub-menus in: GRUB_DEFAULT="Advanced options for Ubuntu 16.04.4 LTS>Linux Mainline-RC for Ubuntu 16.04.4 LTS>Ubuntu 16.04.4 LTS, with Linux 4.16-rc3-pci_bridge"
<adac> TJ-, yes and this stopped my server from booting
<adac> I only had time now today again to test this out
<dpb1> adac: if you are modifying /etc/default/grub, you then need to run 'update-grub', if you are modifying /boot/grub/grub.cfg, you should not
<adac> dpb1, yes that is what i did
<dpb1> (modifying /boot/grub/grub.cfg is not a long term fix for just that reason)
<dpb1> it's for testing out
<adac> Can i remove the current kernel I'm logged in with?
<adac> just for testing
<dpb1> and it's why I have suggested that you not follow the path you are proceeding with. :)
<adac> since I have only two then the old one must be booted :D
<dpb1> adac: yup, you can also do that for testing
<dpb1> sure
<adac> sudo dpkg --purge linux-image-4.13.0-36-generic
<adac> would that do the trick?
<dpb1> I don't know what kernels you have installed, but that is a way to remove one kernel
<dpb1> and then follow up with apt-get autoremove
<adac> dpb1, these two https://gist.github.com/anonymous/15cd1ee35967a363e068a07df65333cf
<adac> ok thanks
<adac> lets see what is happening now :D
<TJ-> adac: You either use the menuentry titles as I showed "Advanced options for Ubuntu>Ubuntu, with Linux 4.4.0-116-generic or use numbers "0>2"
<adac> rebooting
<adac> TJ-, yeah maybe I made  a copy paste error
<adac> TJ-, "0>2" means?
<adac> ok removing the kernel fixed it
<TJ-> adac: 0 == first sub-menu, 2 == 3rd entry in that sub-menu
<adac> i'm now in the old kernel!
<MitchT> Odd_Bloke: Thanks, that goes a long way towards explaining the cycle. I'm trying to learn what to look for before I release so i'm not ending up being that guy going "whens it happening? Whens the next one" etc.
<MitchT> before *a* release.. not I release.
<Odd_Bloke> MitchT: The kernel is most often what causes an automated release; new kernels are released on a three week cadence.
<MitchT> Odd_Bloke: any chance you could kick off a release with the fix to cloud init
<Odd_Bloke> MitchT: Well, we don't do releases for bionic, because it hasn't released yet.
<Odd_Bloke> But I have unblocked the daily, which was hung up on an unrelated issue.
<nacc> Odd_Bloke: can you make a note to yourself to sync ruby-delayed-job as soon as b+1 opens?
<nacc> Odd_Bloke: i'm syncing the other two i sponsored that are no-feature changes that took the same fixes as your uploads
<Odd_Bloke> nacc: Sure thing.
<nacc> Odd_Bloke: thanks!
<nacc> Odd_Bloke: debian went to a different upstream version, and it'
<nacc> *it's not trivial to me if we'd need a FFe and that's probably not worth it :)
<MitchT> Odd_Bloke I appreciate all the help.
<Odd_Bloke> Agreed.
<Odd_Bloke> MitchT: :)
<MitchT> Do you think images will be created by April 10th
<MitchT> ones that work :P
<Odd_Bloke> MitchT: The most I'm going to commit to is that we'll have images by release (i.e. April 26th per https://wiki.ubuntu.com/BionicBeaver/ReleaseSchedule).
<Odd_Bloke> (But we will certainly have working images before that. :p)
<MitchT> :)
<Goop> Are there Oauth server packages for Ubuntu, or is Oauth just a concept, and you have to make your own application?
<dpb1> Goop: OAuth is a protocol, there are most likely a lot of packages that implement that protocol for various purposes.  like, php, python, etc.
<dpb1> not to mention many packages that need user login would make use of an OAuth provider to handle user auth, probably making use of those language-specific implementations.
<Goop> dpb1, may I ask for help on implementing an authentication setup for my situation?
<dpb1> probably beyond the scope of the expertise in this channel.
<dpb1> but, you could certainly ask
<Odd_Bloke> MitchT: The latest Azure image booted for me and was able to SSH in to it, FYI.
<rud0lf> hello. is there an (un)official guide for newbie server admins? i know ubuntu itself as a desktop client, i know some about computers, i can script
<rud0lf> all i need to know is how to secure and audit
<nacc> lol
<nacc> rud0lf: "all" :)
<rud0lf> too wide?
<nacc> rud0lf: that is a full-time position at most companies
<rud0lf> lol
<rud0lf> i mean basics
<rud0lf> like, giving someone shell account, restrict some binaries
<rud0lf> executables, i mean
<rud0lf> or how to parse auth.log and make it more verbose
<rud0lf> nacc: consider me as a server toddler
<nacc> rud0lf: https://help.ubuntu.com/lts/serverguide/
<sarnold> rud0lf: I seem to recall thinking this was reasonable guidelines https://www.ncsc.gov.uk/guidance/eud-security-guidance-ubuntu-1604-lts
<nacc> but if you're security-focused, i was going to ask sarnold :)
<rud0lf> thank you, hop to my favorites (links, not you guys)
<Wolf_Y> Hey guys
<Wolf_Y> is anyone up i have some noob-ish questions about samba and ubuntu 17.10 networking
<dpb1> ask away
<Wolf_Y> dpb1:  alright so i am using ubuntu server 17.10 on hyper-v manager
<Wolf_Y> dpb1:  i strugled with networking for a bit before i figured out that making a bridgeg connection between my host pc and hyper-v can help me set up a static ip on ubuntu server
<Wolf_Y> dpb1:  so i did that and everything seemed to woek fine
<Wolf_Y> dpb1: then i installed samba and added some folders with right permissions and when i try to access them from my host machine they work fine
<Wolf_Y> dpb1:  when i try to transfer small files it works
<Wolf_Y> but when i try and transfer larger files the connection breaks
<Wolf_Y> i think it has to do somethin with my net config
<dpb1> yuck
<Wolf_Y> do you maybe have an idea
<dpb1> anything showing up in `dmesg` or /var/log/syslog?
<dpb1> (when the connection breaks)
<Wolf_Y> im still quite new to linux
<Wolf_Y> so would you like me to share the outputs
<dpb1> well
<dpb1> you can, but make sure you pastebin
<dpb1> !pastebin
<ubottu> For posting multi-line texts into the channel, please use https://paste.ubuntu.com | To post !screenshots use https://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<dpb1> !pastebinit
<ubottu> pastebinit is the command-line equivalent of !pastebin - Command output, or other text can be redirected to pastebinit, which then reports an URL containing the output - To use pastebinit, install the Â« pastebinit Â» package from a package manager - Simple usage: command | pastebinit
<dpb1> Wolf_Y: ^
<Wolf_Y> alright ill use pastebin dpb1  what should i send
<dpb1> `dmesg` and `cat /var/log/syslog`
<dpb1> but first make sure you don't mind sharing the content
<dpb1> it's likely fine if they are vms you are just testing with
<Wolf_Y> dpb1:  im trying to make a media server
<Wolf_Y> dpb1:  i supose i can share
<Wolf_Y> dpb1: not quite sure how to coppy the output to clipboard
<Wolf_Y> looking into it right now, sorry for making it long
<dpb1> Wolf_Y: use pastebinit
<dpb1> dmesg | pastebinit
<Wolf_Y> oh okay ill try
<Wolf_Y> http://paste.ubuntu.com/p/2yjPPFYzTS/
<dpb1> did you type that right?
<dpb1> does not exist
<Wolf_Y> let me check
<Wolf_Y> http://paste.ubuntu.com/p/ZyjPPFYzTS/
<Wolf_Y> got it
<Wolf_Y> now ill try it with the next one as well
<Wolf_Y> http://paste.ubuntu.com/p/ZptqG7tkWs
<Wolf_Y> dpb1: should i try causing the break and then do the error output again
<Wolf_Y> clear
<dpb1> Wolf_Y: ya, do.  and then just do     <command> | tail -100 | pastebinit    .... to only get the last 100 lines.
<Wolf_Y> alright
<Wolf_Y> tranfering the file
<Wolf_Y> http://paste.ubuntu.com/p/vcv5fbrhnK//
<Wolf_Y> http://paste.ubuntu.com/p/vcv5fbrhnK/
<Wolf_Y> ill do the other one now
<dpb1> Wolf_Y: interesting
<dpb1> Wolf_Y: what time did you initiate the transfer
<Wolf_Y> a minute ago or so
<Wolf_Y> what do you see
<Wolf_Y> should i do the dmesg as well
<dpb1> run `date` on your server
<dpb1> no
<Wolf_Y> alright
<dpb1> what does date say right no
<Wolf_Y> one sec
<dpb1> now
<Wolf_Y> the date says
<Wolf_Y> correct date
<dpb1> I want the whole thing
<dpb1> :)
<Wolf_Y> so the whole cat
<Wolf_Y> ?
<dpb1> date
<Wolf_Y> alright
<Wolf_Y> http://paste.ubuntu.com/p/c4JqtFjzTV
<Wolf_Y> thats date
<dpb1> huh
<dpb1> ok
<dpb1> so nothing
<Wolf_Y> so what do you say
<Wolf_Y> would you like the dmesg
<dpb1> no
<Wolf_Y> ok
<Wolf_Y> once again, the smaller files and accessing the folder works just fine
<Wolf_Y> the permissions are 755 and 777
<dpb1> unfortunately, the next thing I would do is a bit harder.  I'd switch samba into debug mode and do the same thing you just did.
<dpb1> basically, start going through this
<dpb1> https://www.samba.org/samba/docs/using_samba/ch12.html
<dpb1> reproduce the problem, see if any interesting logs pop out
<dpb1> if they do, I would probably take them to: samba@samba.org
<Wolf_Y> i think ill just remove and once again try a fresh install
<dpb1> that user list is very active
<Wolf_Y> i now know how the server works
<Wolf_Y> i just need to figure out the samba
<Wolf_Y> thanks very much for your help, ill get back here tomorrow if fresh install does not help and try to debug samba
<dpb1> k
<Wolf_Y> see ya then
<dpb1> o/
#ubuntu-server 2018-03-20
<jair> Hello all
<jair> it's me again with that memory leak issue in Ubuntu 17.10 but now removed it and installed the latest update of ubuntu 16.04, however, the memory leak is still present
<jair> Is there any command I can try other than reboot to make the OS to release the memory?
<sarnold> jair: what problem are you *really* seeing?
<jair> see paste > https://ibb.co/cfCOpc
<jair> sarnold: the server start consuming memory and after 22 hours it keeps consuming it without releaseing it
<jair> until it crashes
<jair> Here is the ouput of the console I took after the crash
<jair> see this other paste > https://ibb.co/gw5hhx
<jair> the first paste is the current status, the memory does not goes down, it keeps going until it crashes
<jair> the only thing running on this server is BIRD 1.6.3 we are using the server as a BGP router
<sarnold> wow, OOM killing things that take one megabyte of ram ..
<jair> hahaha yep
<sarnold> jair: what else does this system do?
<jair> sarnold: nothing else really, we have LXD installed and snapd but I believe those were there just because installed and thought about the usage of LXCs but with this issue I doubt it
<jair> sarnold: there is nothing we can do to force this system to release memory?
<jair> it is going to crash in a few minutes from now :(
<sarnold> jair: if you're desparate maybe kill or purge lxd / snapd
<jair> sarnold: https://paste.ubuntu.com/p/YGw6njmzrf/
<sarnold> jair: what's slabtop say?
<sarnold> jair: you might be able to buy some time by adding in a swapfile
<jair> interesting
<sarnold> jair: do you have any apparmor profiles in complain mode?
<sarnold> jair: what's dmesg output look like?
<jair> here > https://paste.ubuntu.com/p/XTHg28hRky/
<jair> apparmor not that I know of, we are using for sure ip tables
<jair> and to be honest I don't think lxd or snapd are the issues
<jair> sarnold: let me paste the dmesg
<sarnold> jair: sync; echo 3 > /proc/sys/vm/drop_caches   .. that ough to take a big bite out the dentry slab
<sarnold> man that's only going to free up something like 100 megs, I think. Hrm.
<jair> sarnold: here dmesg > https://paste.ubuntu.com/p/bVFBVhNcWp/
<sarnold> ohho conntrack
<sarnold> I have a very vague memory of seeing systems fall over due to too many conntrack entries
<jair> sarnold: I ran the command > sync; echo 3 > /proc/sys/vm/drop_caches but didn't seem to do much
<sarnold> jair: you could check the results with slabtop again, but .. it probably only bought you a hundred megs or so :(
<jair> sarnold: OK
<jair> sarnold: this is really bad :(
<jair> I honestly being keeping myself away from pure ubuntu releases because of this type of issues
<jair> I stick to debian for servers and so far other than weird stuff or delays with systemd when restarting the services or the server buyt no something like this with memory
<sarnold> jair: how about a ps auxw  pastebin?
<jair> ok checking
<jair> sarnold: sorry for the delay > https://paste.ubuntu.com/p/bF7x7pD7mk/
<sarnold> wow, there's so little there. hrm.
<jair> right, this is really worrying
<jair> I am not feeling confortable to use ubuntu as a server... I will still prefer Debian
<jair> I believe
<jair> but I will need to find the drivers for the RAID controller
<jair> sarnold: https://paste.ubuntu.com/p/56GXBtbF9r/
<jair> I need to make sure debian supports that raid controller
<sarnold> jair: seems likely, megaraid_sas appears to have been around foreever https://cateee.net/lkddb/web-lkddb/MEGARAID_SAS.html
<sarnold> jair: before you tear this machine down, can you run 'ubuntu-bug linux'? I hope this won't be the allocation that pushes the machine beyond it's limits, but it would be nice to capture this
<sarnold> the only real advice I've got is to add a swap file or swap partition so the kernel has some place to shove data it doesn't need. But with 16 gigs ram and the machine doing so little, that feels like it wouldn't really help, just buy some more time.
<jair> sarnold:
<jair> sure
<jair> sarnold: done > https://bugs.launchpad.net/ubuntu/+source/linux-hwe/+bug/1757037
<ubottu> Launchpad bug 1757037 in linux-hwe (Ubuntu) "Ubuntu crashes after running out of memory 16G total" [Undecided,New]
<sarnold> jair: *thanks* :D can you paste in the slabtop, ps auxw, and meminfo files?
<jair> sure
<sarnold> jair: I've got to run.. good luck :)
<jair> sarnold: soiunds good, thank you for the help
<Wolf_Y> Hi, is anyone online ?
<Wolf_Y> i have some noob-ish questions to ask
<MitchT> Odd_Bloke: I see it! 18.04.201803180
<MitchT> building now
<MitchT> err deploying
<MitchT> Odd_Bloke: it works again. Thanks so much.
<MitchT> commented on the bug report.
<aoam> hello guys, doesnt anybody of you know, how to automate command "lxd init", it setup networks etc
<Odd_Bloke> MitchT: \o/
<Odd_Bloke> aoam: `lxd init --auto`?
<aoam> Odd_Bloke: i has it this way as you say in my script, lxdbr0 does not have ipv4 so containers have no internet
<Odd_Bloke> aoam: Have you looked at `lxd --help`?  There are options to modify network setup.
<aoam> perfect, iâll try, thanks
<cpaelzer> rbasak: your mongo MP has no diff on the LP view
<cpaelzer> rbasak: I don't care and will check the changes one by one, but wanted to let you know
<cpaelzer> rbasak: also is that in your experimental ppa again?
<aoam> just for record, if anyone looking for solution, this could be right one: https://github.com/lxc/lxd/blob/master/doc/preseed.md
<cpaelzer> rbasak: I see a (different) 1:3.4.7-1ubuntu3~ppa2 in there
<rbasak> cpaelzer: yeah ppa:racb/experimental
<rbasak> cpaelzer: it is identical to the MP except changelog wording and versions, but feel free to verify that
<cpaelzer> rbasak: I did already
<cpaelzer> fine
<cpaelzer> rbasak: while I test you can explain the deps you chose for breaks/replaces - see MP comment
<rbasak> cpaelzer: thanks for reviewing! Replied.
<cpaelzer> rbasak: mongodb-server (<= 1:3.4.7-1ubuntu3~)
<cpaelzer> rbasak: that should be the correct thing, don#t you tihnk
<rbasak> cpaelzer: no, because ubuntu3~ would be derived from ubuntu3, which is after the change.
<cpaelzer> rbasak: no, because "3~..." is everything sorted before "3"
<rbasak> Yes, 3~ would sort before 3
<cpaelzer> so if one had an experimental 3~changeindocs
<rbasak> But we want the breaks/replaces to match against neither 3 nor 3~
<rbasak> We do want it to match against 2 and 2~
<cpaelzer> we want it to match 3~ for my example above
<cpaelzer> I agree you do not want it to match against 3, but it would not with my suggestion above
<rbasak> Why would you have a 3~changeindocs?
<cpaelzer> was an example for any change that might exist having a 3 but not being yours
<rbasak> Any published (not development) version of 3~ that might exist would be derived from 3.
<rbasak> The 3 that I will publish
<rbasak> And in this case, it shouldn't match against the breaks/replaces
<rbasak> Since both 3 and the derived-from-3 3~ will be after the rearrangement.
<cpaelzer> rbasak: no it won't be derived of 3, ~ versions are created as pre-next
<maddawg2> so i'm FINALLY sitting down to learn about all this hype of containers lol
<cpaelzer> if you have 2 today, and one tests something he will create 3~ppa1 or such
<cpaelzer> and eventually this or some other change will become the real "3"
<rbasak> cpaelzer: the use of the ~ in published versions is for backports etc.
<cpaelzer> rbasak: so 3~ is derived from something before 3
<rbasak> A backport derived from 2 will be 2~something
<rbasak> A backport derived from 3 will be 3~something
<maddawg2> i'm thinking of experimenting with it on a virtual machine, but I'm curious if anyone has any recommendations on where i should start... should i start with docker?
<maddawg2> or this LXD thing in Ubuntu
<cpaelzer> rbasak: yeah I didn't talk about backports in this case, but only usual devel versions
<rbasak> cpaelzer: the fact that 3~ orders before 3 is separate.
<cpaelzer> maddawg2: start here https://stgraber.org/2016/03/11/lxd-2-0-blog-post-series-012/
<rbasak> cpaelzer: once 3 is published, nobody will make a 3~ devel version anyway. In any case, we don't usually consider those when choosing version strings.
<cpaelzer> rbasak: hrm, I hate letting go habits
<cpaelzer> rbasak: at least I can blame you for setting me up that way to begin with
<cpaelzer> :-)
<rbasak> Sorry :)
<maddawg2> thanks cpaelzer... i'm also interested in learning chef and/or puppet type stuff as well... would LXD still be a good option for that
<rbasak> The only reason ~ ends up in these things in the archive is to accomodate existing or future backports.
<maddawg2> or should i use something like docker
<rbasak> (published, official backports)
<rbasak> I suppose it also does help with local unpublished backports.
<rbasak> Using 2 here will break none of these cases, since backports derive from a published version and append ~
<cpaelzer> maddawg2: you are getting to the land of opinions here, for me docker sucks and LXD gives me all that I ever need
<cpaelzer> maddawg2: but for others it might be just vice versa
<rbasak> maddawg2: docker and lxd have very different use cases.
<cpaelzer> exactly
<cpaelzer> maddawg2: never the less I think to experiment with chef and similar a system level container (LXD) is more appropriate
<rbasak> maddawg2: lxd is easier conceptually. lxd gives you nested standard distribution installations.
<rbasak> maddawg2: an Ubuntu inside an Ubuntu.
<rbasak> maddawg2: Docker is a much larger paradigm shift.
<rbasak> maddawg2: there's really very little to learn with lxd if you consider it that way.
<rbasak> maddawg2: most things are exactly the same. You only need to know how to launch instances. And understand that the guest is mostly isolated by default, so if you don't have permission on the host, you won't have permission in the guest, etc.
<cpaelzer> maddawg2: if you are up for a read start with any of http://lmgtfy.com/?q=system+vs+application+level+container
<cpaelzer> rbasak: review complete, I've added a testing suggestion
<rbasak> Thanks!
<maddawg2> cpaelzer, i'm looking to get make a career shift from IT management and system engineering over into a devops type position, but i'm not sure which product is most used in the enterprise that would be most beneficial to learn
<aoam> in this command `lxc image copy some_remote:some_container local: --alias local_copy --auto-update` im wondering if auto update really updates my local image
<sdeziel> maddawg2: try both, lxd can run docker in a container (https://stgraber.org/2016/04/13/lxd-2-0-docker-in-lxd-712/) :)
<rbasak> cpaelzer: is that pastebin test in a dep8 test anywhere?
<rbasak> Sounds like it should be in pymongo?
<cpaelzer> rbasak: it is in the qa tests that we use before bigger uploads but not fit dep8
<cpaelzer> rbasak: git+ssh://git.launchpad.net/qa-regression-testing
<adac> hmm the newest kernel I get when i dis-upgrade my xenial server installation is 4.4.0-89-generic
<adac> locally I have also 16.04 and there I have 4.13.0-37-generic
<patdk-lap> yesand?
<patdk-lap> and?
<patdk-lap> that sounds right
<patdk-lap> !hwe
<ubottu> The Ubuntu LTS enablement stacks provide newer kernel and X support for existing LTS releases, see https://wiki.ubuntu.com/Kernel/LTSEnablementStack
<adac> patdk-lap, ok do I understand it correctly: if i install LTS point release (currently 16.04.4) I do immediately get HWE but if I dist-upgrade from a lower point release then I have to add it manually with:
<adac>  sudo apt-get install --install-recommends linux-generic-hwe-16.04
<patdk-lap> I have no idea how it works on upgrades
<adac> patdk-lap, when I provisioned a server from my hoster with ubunut 16.04 minimal I got the 4.13.0-37-generic kernel as well
<adac> with my "old" virtual hosts I constantly upgraded I only get  4.4.0-89-generic
<dpb1> adac: 4.13 is the "HWE" kernel
<dpb1> https://wiki.ubuntu.com/Kernel/LTSEnablementStack
<dpb1> adac: new installs (depending on cloud, etc) often will have that enabled by default
<dpb1> but for upgrades, you have to opt-in to it
<adac> dpb1, yes looks like that. Ok i will install it on all my machine
<adac> ansible comes into the game :D
<adac> thanks for your help guys!
<maddawg2> strange... i just installed ubuntu server 16.04 and ran a sudo apt-get update but it's failing....
<maddawg2> it thinks the stuff is on a CD-Rom :-\
<maddawg2> lesson here is not to use vmware's quick install
<maddawg2> lol
<maddawg2> that was stupid
<MitchT> cpaelzer: i think docker is .. overhyped - it probably has its place but in my line of work, setting up and maintaining our magento store, for something that acts more like a service and less like an "app" that can spool up and shut down... well idk.  Maybe i'm too old.
<adac> dpb1, patdk-lap the kernel version i got from my hoster was: 4.13.0-36-generic
<adac> there was no hwe mentioned there
<MitchT> couple that with the 'always online' windows service that couples the site to our crm / inventory system and you have yourself a need for a regular old server.
<dpb1> adac: do `dpkg -l |grep hwe`, does it show anything?
<adac> dpb1, i downgraded there to a 4.4.x kernel since I had a problem with this kernel.
<adac> dpkg -l |grep hwe
<adac> ii  linux-headers-generic-hwe-16.04     4.13.0.36.55                             amd64        Generic Linux kernel headers
<adac> so i guess i forgot to remove the headers and it was indeed a hwe kernel then
<adac> or?
<adac> dpb1, this was froma  grep when I had the 4.13.x still installed: https://gist.github.com/anonymous/1cae9e709dd448164e5f37b00acaac99
<adac> ok generic is also shown for my local installation with this grep/awk
<dpb1> adac: basically, there are two separate "tracks".  normal and HWE, but you could certainly have both kernels installed on your system at the same time.
<adac> dpb1, but I need always have this hwe package from your link installed to have kernel bigger then 4.4.x right?
<dpb1> basically, this package: linux-generic-hwe-16.04 is a meta package that will get you on the hwe track.  It will then get updated to point to newer and newer 4.13 kernels as they are released.
<ahasenack> hm, in my package I'm renaming a couple of files in /etc/update-motd.d from 99-<something> to 80-<something>
<ahasenack> turns out dpkg doesn't take care of removing 99-<something>
<ahasenack> so I end up with both versions after an upgrade
<ahasenack> how is this solved? I suspect some maintainer script in pre/post
<nacc> ahasenack: those are conffiles?
<nacc> ahasenack: dpkg-maintscript-helper mv_conffie
<nacc> *mv_conffile
<ahasenack> nacc: they are conf files because they live in /etc. Other than that, the user has no incentive to touch them
<nacc> ahasenack: sure, but i meant form the package's perspective
<ahasenack> just because they live in /etc
<nacc> ahasenack: no, that'snot the definition
<nacc> one sec
<nacc> https://www.debian.org/doc/manuals/maint-guide/dother.en.html#conffiles
<nacc> e.g.
<nacc> oh maybe it's all files under /etc nm
<nacc> so then you can use the above helper to move it
<nacc> *should* use
<ahasenack> let me check its docs
<CarComp> oops. forgot what the /quit command oes
<CarComp> does
<ahasenack> nacc: yay, it worked
<ahasenack> with no drama :)
<ahasenack> $ cat ubuntu-advantage-script/debian/ubuntu-advantage-tools.maintscript
<ahasenack> mv_conffile /etc/update-motd.d/99-livepatch /etc/update-motd.d/80-livepatch 15~
<ahasenack> mv_conffile /etc/update-motd.d/99-esm /etc/update-motd.d/80-esm 15~
<nacc> ahasenack: nice
<nacc> ahasenack: yeah that's the best way to do it, as it is supposed to handle the corner cases
<ahasenack> good
<MACscr> this seems to be the way apache2.4 and php-fpm are configured by default when installing using apt. Is this really the right way to be enabling php-fpm for php files? http://paste.debian.net/1015758/
<nacc> teward: jinx (re: ubuntu-devel-discuss)
<sarnold> MACscr: if you're using Ondrej's packages it might be worth asking him, or if he's got a community around his packages, then someone from that specifically
<MACscr> sarnold ugh, ok. I figured he was just providing updated versions, not really config changes
<tomreyn> MACscr: FilesMatch evaluates regular expressions,t his seems more complicated than necessary. i'd assume AddType would be a better way.
#ubuntu-server 2018-03-21
<lordievader> Good morning
<march__> Hello, I'm having a bug on UbuntuServer 16.04-DAILY-LTS on Azure. Looks like Cloud-init broken. does it ring a bell ?
<march__> somehow the provisioning is not going well between waagent and cloud-init
<adac> Guys my server suddenly halted in the night, but there is nothing that indicates what happened in my /var/log/syslog
<adac> is there a nother place I can check
<lordievader> adac: dmesg?
<adac> lordievader, hmm there is no date on dmesg output
<lordievader> adac: There is if you run `dmesg -T`.
<adac> lordievader, that did the trick! :D
<lordievader> Does it give some hints?
<adac> lordievader, but there is only data showing since the last boot this morning it seems
<lordievader> There might be more in `/var/log/dmesg*`
<adac> lordievader, hmm acutally there is only one file namely /var/log/dmesg itself there and that one is empty
<lordievader> What version of Ubuntu are you running?
<adac> lordievader, https://pastebin.com/FxKqXdfE
<lordievader> adac: Ah, `sudo journalctl -b -1` might help you.
<adac> lordievader, hmm it says: Specifying boot ID has no effect, no persistent journal was found
<lordievader> Hmm. Stupid default.
<adac> I think I need to tweak then some things
<lordievader> Yes, you want to configure systemd-journald and logrotate.
<adac> lordievader, kk thanks
<ducasse> adac: if you create the directory /var/log/journal you will get persistent journalling, so you can look up messages from the previous boot with 'journalctl -b 1'
<adac> ducasse, thanks for the hint!
<march__> so ftr, cloud init doesn't execute custom script if there is a script stuck in same/previous runlevel https://serverfault.com/questions/852946/aws-userdata-script-in-cloud-init-not-running
<gunix> can anybody here helm me with maas cause nobody there is answering
<gunix> ?
<Ubuntu_admin> <gunix> whats maas
<hateball> !maas
<ubottu> Metal as a Service is a dynamic server provisioning service for scalability. See more about it at https://maas.ubuntu.com.
<rbasak> gunix: try #maas
<Neo4> :)
<Neo4> good afternoon
<ahasenack> cpaelzer: I saw how autopkgtest created the console on ttyS1, or tried to
<ahasenack> cpaelzer: there should be a more modern way to do it :)
<ahasenack> cpaelzer: reading the bug you pointed me at, now
<ahasenack> cpaelzer: the other two issues I had were:
<ahasenack> a) on ppc64el, for some reason it booted off vdb, not vda. So I had to change autopkgtest's assumption that the iso with the test setup script was in vdb and change that to vda
<ahasenack> b) I had to pass -m ports.ubuntu.com/blabla, otherwise it would try to find ppc packages in archive.u.c
<cpaelzer> ahasenack: TL;DR non-x86 could need some improvement in autopkgtest buildvm (IMHO)
<ahasenack> so true
<ahasenack> I wonder how britney does it
<ahasenack> cpaelzer: so, are you able to run ppc autopackagetests? I seem to recall you saying so in one or two old MPs. Or was that using biletto?
<cpaelzer> ahasenack: the CI infra uses openstack and custom images for it
<cpaelzer> ahasenack: most of the time you get around by (locally) just using lxd
<cpaelzer> ahasenack: I sometimes fixed up my VM images, but I'm not as experienced in it to have a great howto or gist about it
<cpaelzer> ahasenack: would lxd on ppc be an option for your case, I think no as you are mounting
<ahasenack> I have to check
<cpaelzer> ahasenack: we can either try to fix up your image to work correctly
<ahasenack> I'm trying to reproduce a bug that happens only during migration so far
<ahasenack> the closest I have is a vm, since they use openstack as you said
<cpaelzer> ahasenack: or you run what the test would run in a normal bionic ppc vm spawned via uvtool
<cpaelzer> ahasenack: I can try to make a working bionic image (again) if it is needed (a.k.a if reproducing in a uvt VM fails)
<ahasenack> I thought that autopkgtest would just work, given that we use it in migrations
<cpaelzer> ahasenack: it does just work if pre-setup is done :-)
<ahasenack> that's how I started down this road, but it's definitely not as simple
<cpaelzer> nothing ever is
<ahasenack> at this point it sounds more like a weekend project
<ahasenack> I have a question regarding purge and remove behavior (deb package)
<ahasenack> there is an motd cache in /var/cache/<pkg>/bla.cache
<ahasenack> it is removed in purge, but not with a simple "remove"
<ahasenack> I think it should be removed with "apt remove" as well, becaues otherwise the motd will keep being displayed
<ahasenack> even though the script that generated it no longer exists
<ahasenack> thoughts?
<ahasenack> postrm is this:
<ahasenack> if [ "$1" = purge -a -f "$CACHE_FILE" ]; then
<ahasenack>     rm "$CACHE_FILE"
<ahasenack> fi
<ahasenack> that particular cache/motd is showing the state of the system regarding livepatch status
<cpaelzer> ahasenack: yes I'd agree to remove it on remove as well
<cpaelzer> ahasenack: but I'd also retrigger a creation of the cache on that
<cpaelzer> ahasenack: is that possible?
<cpaelzer> ahasenack: because IIRC otherwise the next login might have no content at all
<ahasenack> the next login would not have *this* content
<cpaelzer> if that cache is the main content that would be displayed
<ahasenack> it's just one motd, of many
<ahasenack> that being said, I just checked the code again and saw that we already won't display the cache if the script that generated it is no longer installed
<cpaelzer> ok, so leaving the file on remove is not an issue then?
<ahasenack> not user-visible issue
<ahasenack> the remaining issue would be if the user reinstalled it days later
<ahasenack> for a while it would then display the old cache (while == 1 day at most)
<ahasenack> versus displaying nothing until the cache is regenerated
<cpaelzer> ahasenack: is there a trivial way to retrigger creating all those bits that make up motd?
<cpaelzer> ahasenack: because if so IMHO any package dropping (or removing) something there should re-generate that cache
<cpaelzer> if it is a complex mess, then it might be not feasible to do so
<ahasenack> cpaelzer: there is no global cache
<ahasenack> cpaelzer: each script handles it in its own way
<cpaelzer> would there be a global trigger?
<ahasenack> not that I know of
<cpaelzer> ok
<ahasenack> I just login again
<ahasenack> for the ua-tools bit, though
<ahasenack> it's a daily cron job
<ahasenack> so what I do it edit /etc/cronttab and change the daily timer to be in the next minute
<cpaelzer> but that cron job (and that login) has to call something
<cpaelzer> can't we call this "something" from the postinst/postrm ?
<ahasenack> we could, yes, but that also calls apt-cache policy to check the status of some ua features
<ahasenack> and I was fearful of calling that in the middle of a dpkg transaction without more careful testing
<ahasenack> I think it might also call dpkg itself
<ahasenack> to query things
<cpaelzer> yeah all of this was the reason to do it async in the background
<cpaelzer> and not sync on login
<cpaelzer> could we just "fire and forget" it from the maintainer script
<cpaelzer> just as the login does?
<cpaelzer> I'm not trying to convince you - I ask "do you tihnk it would be better to do so"
<ahasenack> the login doesn't call that anymore, it's just the cronjob
<ahasenack> the login just parses the cache file, if it exists
<ahasenack> calling the script that the cron job calls at postinst just has that issue I mentioned of dpkg and apt-cache being used
<ahasenack> which I don't know how serious is
<ahasenack> I would fear stumbling upon lock files and whatnot from dpkg and apt
<cpaelzer> yep
<cpaelzer> keep it as is
<cpaelzer> thanks for the discussion
<ahasenack> np
<cpaelzer> ahasenack: ppa for the motd change?
<pgaxatte> coreycb: hi again :) as i said on #openstack-infra, there's a small issue for mistral's packages on cloud archive
<ahasenack> cpaelzer: oh, hm
<ahasenack> cpaelzer: I didn't create one this time, sorry. I can do that quickly
<pgaxatte> coreycb: on pike version (5.0.0 which is quite behind the latest pike version on github) it is not possible to install mistral-event-engine and mistral-engine together since the mistral-event-engine provides the mistral-engine role instead of mistral-event-engine
<ahasenack> since builddeps is so tiny I was just building the deb on my host
<cpaelzer> ahasenack: I'm fine building locally as well
<cpaelzer> I can push into my test container from here
<ahasenack> cpaelzer: ok, thanks and sorry
<coreycb> pgaxatte: ok is that fixed in a pike point release?
<coreycb> pgaxatte: let's get a bug opened at https://bugs.launchpad.net/cloud-archive and I can dig further
<pgaxatte> coreycb: what do you mean by point release?
<pgaxatte> coreycb: fair enough i'll file a bug ;)
<coreycb> pgaxatte: like a 5.0.1 version
<coreycb> pgaxatte: thanks
<pgaxatte> coreycb: i only see 5.0.0, no superior version
<pgaxatte> coreycb: well there is 6.0 but it is queens and i'm interested in pike
<coreycb> pgaxatte: i see a tag for 5.2.2
<ahasenack> cpaelzer: the other day you mentioned something about cpu throttling in qemu
<ahasenack> cpaelzer: what is the trick? I would like to slow things down a bit
<pgaxatte> coreycb: yes on github but my problem is related to the debianization
<coreycb> pgaxatte: oh, so yes we only have 5.0.0 atm for pike but we can do a stable release for 5.2.2
<pgaxatte> coreycb: yes that would be good but the debian/mistral-event-engine.init.in needs fixing too
<coreycb> pgaxatte: ok i can fix that up too. please add details to the bug and then i'll work on it soon.
<pgaxatte> coreycb: thanks i'm preparing the bug
<cpaelzer> ahasenack: let me write a txt with a few rough steps to slow it down
<ahasenack> thanks
<cpaelzer> finishing your MP review first :-)
<ahasenack> of course
<cpaelzer> ahasenack: what is the corn job I might want to trigger
<cpaelzer> I'm in the "now the line is gone" state
<ahasenack> cpaelzer: daily in /etc/cronttab
<ahasenack> I prefer to have cron do it instead of calling the script manually, because
<ahasenack> in the past calling the script directly hid a bug (/snap/bin wasn't in cron's PATH)
<ahasenack> cpaelzer: so I edit /etc/cronttab, the daily line, and have it run in the next minute. Then save and wait, tailing /var/log/syslog to see when it ran
<pgaxatte> coreycb: https://bugs.launchpad.net/cloud-archive/+bug/1757433
<ubottu> Launchpad bug 1757433 in Ubuntu Cloud Archive "mistral-event-engine conflicts mistral-event" [Undecided,New]
<cpaelzer> all good, done already andol
<coreycb> pgaxatte: thanks, will take a look shortly
<cpaelzer> sorry ahasenack I meant
<pgaxatte> coreycb: thanks ;)
<trippeh_> hm. the systemd update that was just pushed to artful fails in chroot for me.
<adac> Guys why is it saying that it keeps back these packages
<adac> https://pastebin.com/9eR8sAgh
<adac> shouldn't dit-upgrade update them anyways?
<adac> *dist-upgrade
<lordievader> adac: Dist-upgrade should. Upgrade probably doesn't because the dependencies changed.
<adac> lordievader, but I'm actually using dist-upgrade
<JanC> there might be missing dependencies
<adac> hmm
<adac> how can I resolve this?
<JanC> maybe just wait until the missing packages are available
<JanC> these are meta-packages which depend on the latest kernel version
<JanC> sometimes these packages are available before the new kernel version is available
<lordievader> adac: `apt-cache show linux-image-generic` shows the depencies of the package.
<JanC> maybe do an apt update and try again
<JanC> (if it doesn't work now, try again in a couple hours)
<sdeziel> adac: do you see them when running "apt-mark showhold" ?
<adac> lordievader, JanC I now found out what  did wrong
<adac> With ansible I had set this:
<adac> command: apt-mark hold {{ ubuntu_kernel_version }}
<sdeziel> there you go
<JanC> eh
<JanC> right
<adac> linux-image-4.4.0-116-generic
<adac> was the value
<adac> yes but It didn't show up in the list of the packages that are hold
<JanC> if you block upgrades, upgrades will be blocked  :)
<adac> so therefore I tought it was not on hold
<adac> JanC, yes that sounds about right^^
<adac> I think I cannot lock a  certain version
<adac> I can only lock the pakacge name or?
<adac> I can only lock the package name or?
<adac> linux-image-extra-virtual linux-image-generic
<lordievader> If you want to lock to a certain version, you could manually install that version and remove the meta package. But you loose the automatic updates.
<adac> lordievader, is this still valid:
<adac> https://askubuntu.com/a/678633
<lordievader> adac: I have never frozen a kernel, so I don't really know.
<adac> lordievader, kk :)
<tobasco> coreycb: cool so i think i got understand the packaging process, just two questions now; when specifying the package dependencies we go by the requirements.txt for the project right? how is the testing for packages should i just spin up a vm and test the package? (openstack related btw)
<coreycb> tobasco: yes generally test-requirements.txt and requirements.txt would go in Build-Depends-Indep and requirements.txt would go in Depends.
<coreycb> tobasco: do you know how to create a PPA? you could upload to a PPA and install from that in your vm.
<tobasco> cool, have never created a ppa only used them, i'll test it out thanks
<coreycb> tobasco: assuming you have a launchpad account you can model a bionic ppa after this https://launchpad.net/~corey.bryant/+archive/ubuntu/bionic-queens
<coreycb> tobasco: this script comes in useful to avoid any version conflicts in a ppa when uploading the same version multiple times: https://paste.ubuntu.com/p/P4SCnF5wTq/
<tobasco> coreycb: thanks
<tobasco> i'll see what i can come up with
<sansay> Hey guys whats the proper way to change logrotation for nginx? Ive been editing the file in /etc/logrotation/nginx is this the correct way?
<nacc> teward: --^ maybe you know?
<zioproto> hello all
<zioproto> I noticed that in the Ubuntu Kernel packages there are many kernels that are cloud specific
<zioproto> looking at apt-cache search linux-image | egrep "gce|azure|aws"
<nacc> zioproto: yes.
<zioproto> what is special about these kernels ? Is there some special kernel to use also in case of Openstack qemu+kmv hypervisors ?
<tobasco> coreycb: when uploading to launchpad ppa with dput does it take a while before i can see it?
<zioproto> nacc: ?
<coreycb> tobasco: it shouldn't take too long, probably 5 minutes. if it gets rejected you'll get an email.
<nacc> zioproto: well, you hadn't yet asekd a question, so I was agreeing they exist.
<tobasco> coreycb: ok thanks
<zioproto> nacc: what is special about these kernels ? Is there some special kernel to use also in case of Openstack qemu+kmv hypervisors ?
<zioproto> nacc: those kernels are meant for virtual instances, right ??
<nacc> Odd_Bloke: --^ ?
<sdeziel> zioproto: there is also the linux-kvm flavor
<sdeziel> zioproto: they use a different config set so they don't come with all the generic stuff required for a given kernel to be able to run on bare metal servers, laptops, KVM guest, Xen guest, etc
<sdeziel> zioproto: you can compare their /boot/config-$version files to see how much they differ
<zioproto> thanks !
<sdeziel> np
<balloons> rbasak, so I noticed ppc64el failed to build for mongodb-server-core still
<rbasak> balloons: yeah I'm looking in to it
<balloons> rbasak, no worries. Thanks
<gunix> can i install ubuntu to a device, when i already have a running ubuntu ?
<gunix> I have an ubuntu with cli and i want to install to /dev/sda
<sarnold> the debootstrap tool may be able to help you
<sarnold> you'll probably have to handle booting yourself
<gunix> does it work for ubuntu ?
<gunix> i wouldn't be in this situation if MAAS would detect /dev/sda
<gunix> but it does not ...
<sarnold> does it detect it udner a different name?
<gunix> no, it doesn't detect any storage ...
<gunix> previously there was no /dev/sda even in bash, but i change the array controller from the del gen9 to get the disks into HBA
<gunix> raid not needed since there is only one disk on the smartarray
<gunix> now i see /dev/sda in bash, but in MAAS still not :D
<ahasenack> gunix: did you recommission?
<gunix> ahasenack:
<gunix> no
<gunix> will that fix it ?
<gunix> i just shut it down and click on commission again "?
<ahasenack> it will only refresh the hardware data if you recommission
<ahasenack> and if it's an old maas, you will have to re-enlist, but recent versions should be fine
<ahasenack> gunix: yeah, pretty much. It will erase what you have installed there, though
<gunix> "old maas"
<ahasenack> like 1.7
<ahasenack> that's old
<gunix> i did "apt install maas" on ubuntu 16.04
<gunix> if that got me an old maas i am dissapointed :D
<ahasenack> no, that should have given you a pretty recent one
<ahasenack> 2.3 I think
<ahasenack> so you should be good on that front
<gunix> 2.3.0-6434-gd354690-0ubuntu1~16.04.1
<ahasenack> yep
<gunix> ok i did commission again
<gunix> that worked lol
<gunix> ahasenack: i want to kiss you
<sarnold> ahasenack: nice :D
<ahasenack> haha
<gunix> i hope you are a dude cause my wife doesn't allow me to touch other girls
<gunix> awkward silence ... :))
<ahasenack> I have this source tarball that installs a bash completion file in /etc/bash_completion.d
<ahasenack> but that's an "old" location, it should be in /usr/share/bash-completion/completions nowadays
<ahasenack> the new location is a bit stricted regarding filenames, though. The filename that is being installed is something.sh
<ahasenack> that is not read anymore. It needs to be just "something", or "something.bash", as far as I understood
<ahasenack> so, simple question: how to install it with the new name without patching the source tarball?
<ahasenack> dh_install can't rename
<ahasenack> dh-exec?
<ahasenack> or an override in d/rules?
<nacc> ahasenack: yeah, you want dh-exec and a debian/<package>.install
<nacc> although i would think completions going to a specific directroy are handled by a helper, but i might be wrong
<ahasenack> there is a helper
<nacc> ahasenack: cf. man dh_install
<ahasenack> dh-bash-completion
<ahasenack> dh_, rather
<ahasenack> hm, it seems to suport renames
<ahasenack> let me try that
<gunix> ahasenack: do you know why i can't recommission other nodes ?
<ahasenack> gnuoy: no, what fails?
<gunix> 1 node cannot be commissioned. To proceed, update your selection.
<gunix> i actually can't start the commission process
<ahasenack> gunix: that can happen when you select multiple
<ahasenack> gunix: and one or more is in a state that doesn't allow commissioning
<ahasenack> gunix: for example, it's deployed
<ahasenack> it needs to be ready, or new, iirc
<gunix> ahasenack: oh, i have to override failed testing
<gunix> it's working now
<ahasenack> nacc: hm, the bash-completion package installs dh_bash-completion, but the latter is not mentioned in the debhelper manpage. I created the <package>.bash-completion file, added build-depends for bash-completion, but dh_bash-completion was not called
<ahasenack> d/rules has the usual "dh $@" line
<ahasenack> debian/compat is 9
<ahasenack> any ideas?
<ahasenack> build log shows no attempt at calling dh_bash-completion
 * ahasenack maybe needs a --with in the dh line
<ahasenack> yep
<ahasenack> --with it is
<ahasenack> thanks :)
<cliluw> If I'm making my own apt repositories, what should I specify for the component? main, universe, multiverse, or something else?
<_KaszpiR_> cliluw it really depends on what packages you have
<_KaszpiR_> try with main, and if fails then expand
<cliluw> _KaszpiR_: Isn't main only for "Canonical-supported free and open-source software"? It seems like if it's in my own repository, that would almost be definition not be Canonical-supported.
<_KaszpiR_> oh your own repo
<_KaszpiR_> sorry, misunderstood as mirror
<_KaszpiR_> well, actually do whatevfer you like and use apt-pin
<arooni> i've got 4.1 gb of storage on /src/ for various linux headers on ubuntu 14.04
<arooni> anwyay to clean some of those out?
<arooni> this is safe? sudo apt-get autoremove
<_KaszpiR_> it will be re-downloaded
<TJ-> arooni: if the related linux-image-<VERSION> has been removed the headers should autoremove
<Wolf_Y_> Hey, anyone active, i would like to talk about some samba/ip Ubuntu server issues im experiencing !
<sarnold> irc works best with specific questions
<compdoc> Wolf_Y_, whats the issue?
<compdoc> does anyone know how snaps works?
<TJ-> compdoc: basically a wrapper around an LXd container
<Wolf_Y_> compdoc: alright, so i installed a fresh ubuntu server 17.10
<Wolf_Y_> ran ifconfig -a and my ip was something like 172.x.x.x
<Wolf_Y_> installed plex,samba and the good stuff
<Wolf_Y_> everything works like a charm, but plex on tv can not find the server
<Wolf_Y_> so i bridged the connection between my host adapter and hyper-v one (im using hyper v manager,virtual ubuntu server)
<Wolf_Y_> my ip on ubuntu is 192.x.x.x.
<Wolf_Y_> same as host, so netplan again and i made it static
<Wolf_Y_> now tv can see plex
<Wolf_Y_> but plex cant see folder
<Wolf_Y_> and i can not samba share anything
<Wolf_Y_> what do you think is the issues
<Wolf_Y_> if you are not clear with the set-up shoot ill give my best to explain more in depth
<sarnold> so .. you've got a hyper-v hypervisor, and are doing bridged networking to your LAN?
<sarnold> you said you assigned the ubuntu VM a static address -- do you have a DHCP server on the lan? perhaps your internet router / firewall?
<arooni> anyway to find out where php-fpm7 logs to ? (using nginx if that matters)
<sarnold> arooni: lsof probably shows an open filedescriptor
<arooni> weird; that process is totally running but lsof shows "status error on php-fpm no such file or directory"
<nacc> ahasenack: sorry, was afk
<nacc> cliluw: seems like an odd question -- do whatever you want?
<cliluw> nacc: I'm just worried if I use component "main" instead of component "universe", maybe it could break something down the road.
<nacc> cliluw: those are for the purposes of the archives themselves, really -- apt just follows the files in the archives it's told to
<sarnold> I think you can even set up your own sources without having the main / universe / etc level at all
<nacc> yes, it's based upon the Packages file contents, I'm pretty sure
<nacc> which for the Ubuntu archives refer to the components in the file paths
<cliluw> sarnold: Is it possible to get rid of the distribution level too, like "xenial" or "zesty"? I'm pretty sure my packages will work across distributions so I don't see why I need that level.
<nacc> cliluw: ... you don't usually do that
<nacc> cliluw: as your dependencies come from those distributions too
<nacc> cliluw: i mean, very few things 'just work' across releases like that :)
<cliluw> nacc: My package is a Go binary so it's statically linked.
<nacc> cliluw: oh
<nacc> cliluw: why is it a deb at all then?
<sarnold> heh :)
<nacc> cliluw: i mean if it's a statically linked binary, why do you need a package?
<sarnold> the pre/post inst/rm scripts might be nice
<cliluw> nacc: We prefer to deploy everything through Debian packages. It gives you other niceties like systemd service registration, etc.
<nacc> cliluw: so it's not *just* a static go binary? it's also a systemd unit?
<nacc> cliluw: that's all you needed to say :)
<Wolf_Y_> arooni:  sorry was afk, is there a way in which we can connect so i can show you my set-up, i can try and explain more in depth if needed but my eng is non-native so im affraid ill get lost or confuse you, the thing i had in mind for connecting is skype!
<nacc> cliluw: tbh, sounds like it should be a snap, but what do i know :)
<nacc> cliluw: in any case, you might be right that it doesn't need the release in the path
<arooni> Wolf_Y_: i appreciate it!  but i think i have it figured out now :)
<nacc> cliluw: but i'm not sure how apt handles those URLs in those cases (given the <release-pocket> is part of the specification in the sources.list
<nacc> cliluw: it seems easiest to just leave it, and worst-case, symlink the file around
<Wolf_Y_> arooni: i though we where talking about the issues im experiencing
<Wolf_Y_> compdoc: still there ?
<arooni> ah i'm a noob-ish sysadmin at best :P  still learning the ropes
<compdoc> Wolf_Y
<Wolf_Y_> compdoc: im here, are you here ?
<compdoc> Im in and out. Im configuring a new server
<Wolf_Y_> compdoc:  is there a way in which we can talk or something, dis, skype anything....
<Wolf_Y_> compdoc:  i have some questions and issues i would like to share, and maybe we could figure them out together if you have time afcorse
<compdoc> best to jusy list your problems here, then others can help
<Wolf_Y_> compdoc: i did, and im also on #ubuntu at the same time
<nacc> Wolf_Y_: it's preferred not to crosspost as well
<Wolf_Y_> compdoc:  but the thing i would like the most is to show it to someone
<Wolf_Y_> nacc:  oh did not know...sorry
<Wolf_Y_> compdoc:  would you be interested to talk ?
<compdoc> cant, busy
<Wolf_Y_> compdoc:  alright, maybe some other time then
<Wolf_Y_> if anyone else is interested in listening to my strange problems, ill be here
<mojtaba> Hello, I am using this command to sync directories when a particular computer turns on. Do you know how can I re-run this command automatically, after it ends, due to disappearance of that computer or network error?
<mojtaba> until nmap -sn 192.168.2.0/24 | grep 2.17; do sleep 300; done; rsync --progress --partial -avz -e "ssh -i /home/.ssh/ns" ns@192.168.2.17:"/Users/nafis/Masters/2016/" .
<sarnold> mojtaba: probably just move the '; done' to the end of the command
<mojtaba> sarnold: thanks
<nacc> mojtaba: i think you want to rethink it more than that, even
<nacc> mojtaba: since if it's gone away, you need to redo the until as well, afaict
<mojtaba> nacc: hmm, how?
<mojtaba> nacc: yes
<nacc> mojtaba: so it's insufficient to just move the done
<sarnold> oh :(
<mojtaba> nacc: should I add another until?
<nacc> mojtaba: you really want to put a second until in the loop
<nacc> maybe, at least
<nacc> don't start the loop until the server is available
<nacc> wait 300s in that case
<nacc> try to rsync
<nacc> if rsync fails (use error checking)
<nacc> retry the whole shebang
<nacc> if rsync succeeds, then exit
<mojtaba> nacc: can it be a one liner, like the one that I had?
<sarnold> maybe it'd be easier to just cronjob the thing with 'run-one' every half hour or something? skip the connectivity checks..
<nacc> mojtaba: anyting *can* be a one liner
<nacc> mojtaba: but it's not sensible to make long one-liners and i have no idea why you would except to make your own maintenance harder
<nacc> mojtaba: are you competing in some competition?
<mojtaba> nacc: It is just one time use.
<nacc> mojtaba: nothing is every just one time use
<nacc> you've already used it at least twice, once when it worked, and now debugging it when it didn't
<nacc> so do it correctly :)
<mojtaba> nacc: thanks, for the advice.
<nacc> mojtaba: in any case, you probably want ##bash, as this has little to nothing to do with ubuntu server :)
<mojtaba> nacc: I see. Thanks a lot
#ubuntu-server 2018-03-22
<guillaume___> hi
<guillaume___> I have set a pptp server on my vps, it works fine except for certain websites which works well only if i enable routing to 10.0.0.0/8 on my client. I'd like not to be obliged to do this on the client side, how does it come it happens to only certain websites ?
<sarnold> guillaume___: do you have to use pptp? it's pretty rubbish protocol
<sarthor>  HI, I am copying data from SATA1 to SATA2 hard disk, connected both to same PC, it is something around 2 TB of data, says 37 HRs, to make it faster, copying on 7.1MB/sec in the start it was 29MB/sec... HELP please.
<cncr04s> can't help you with bad hardware
<lordievader> Good morning
<OpenTokix> sarthor: What command are you using to copy?
<OpenTokix> sarthor: You also should make sure they are on different sata-channels, not only different ports. when I copy large amounts of data I generally use rsync -a --whole-file, to not do checksum on each file.  but cp -R tend to be the fastest.
<lordievader> If you copy data with`dd` the block size makes a huge difference too.
<OpenTokix> lordievader: yes, but I don't think this is dd. - but then bs=8M or bs=16M is my goto-options.
<josNZ> Hi, after configuring my wireless card during the server installer it autostarts at boot and after installing cinnamon the wireless it connected but the network manager applet says wireless unavailable.
<josNZ> How can I let the applet control the wireless
<OpenTokix> josNZ: Does not sound server-related at all.
<josNZ> I figured this channel was for people running ubuntu server
<OpenTokix> Very few servers running applets and gui's
<Cheez> except oracle ones. because oracle's installer (at least, last i had to deal with it) required a UI
<josNZ> So I guess I should join another channel then. Can you help with how the network is connecting at boot? /etc/network/interfaces is blank and I can't find any config files for it
<gunix> i installed a server with MAAS and ssh ain't working. what is the password for tty login?
<gunix> ubuntu/ubuntu doesn't work
<hallyn> cpaelzer: smoser: is it expected that /sys/module/kvm_intel/parameters/nested in a xenial system be N these days?  I thought we always defaulted to it being Y
<cpaelzer> hallyn: it should be Y still
<cpaelzer> we docuemented that this is for comforts, but not to rely all of your production on it
<cpaelzer> but didn't change it
<cpaelzer> hallyn: do you still have /etc/modprobe.d/qemu-system-x86.conf?
<smoser> hallyn: i have Y in bionic there.
<smoser> yeah, and as cpaelzer said
<smoser> $ cat /etc/modprobe.d/qemu-system-x86.conf
<smoser> options kvm_intel nested=1
<smoser> i had forgotton that was how that was turned on.
<cpaelzer> there are more complex means to turn on vmx/svm in the guest, but that is how the module is controlled IIRC
<hallyn> smoser: cpaelzer: no i have no /etc/modprobe.d/qemu-system-x86.conf.  but shouldn't the qemu-kvm package install that for me?
<smoser> $ dpkg -S /etc/modprobe.d/qemu-system-x86.conf
<smoser> qemu-system-x86: /etc/modprobe.d/qemu-system-x86.conf
<smoser> hallyn: ^
<smoser> it did for me
<cpaelzer> same for me as smoser
<hallyn> but is that a new install?
<hallyn> I'm wondering whether newer pkgs dropped it, and you just have it still sitting around after upgrades
<hallyn> can you dpkg -L qemu-system-x86 | grep modprobe.d ?
<cpaelzer> $ dpkg -L qemu-system-x86 | grep modprobe.d
<hallyn> uh. nm.
<cpaelzer> /etc/modprobe.d
<cpaelzer> /etc/modprobe.d/qemu-system-x86.conf
<rbasak> cpaelzer: some advice/pre-review please. https://jira.mongodb.org/browse/SERVER-33395 is the ppc64el mongodb FTBFS. A compiler bug is discussed there but I believe (not completely confirmed yet) that it's unrelated. The general cause is that mongodb upstream have optimised ppc64el using gcc intrinsics, and they've stopped working (presumably newer gcc). Would you be happy for me to drop that ppc64el
<hallyn> apparently i did not, or no longer, have the pkg installed after all.  on the host.  my bad :(
<rbasak> optimisation completely and have it use the general code instead?
<hallyn> let's see if after a reboot it works now.
<cpaelzer> rbasak: in a call, just a few minutes
<hallyn> allr ight well this is weird.  I still can't run kvm from inside a container
<rbasak> cpaelzer: ack. The code is here: https://github.com/mongodb/mongo/blob/master/src/mongo/db/fts/unicode/byte_vector_altivec.h; I can just undef MONGO_HAVE_FAST_BYTE_VECTOR in byte_vector.h and the build succeeds (with all tests passed)
<rbasak> cpaelzer: https://gcc.gnu.org/onlinedocs/gcc/PowerPC-AltiVec_002fVSX-Built-in-Functions.html defines vec_vbpermq but I think it needs ppc assembly knowledge to understand what the parameters mean
<coreycb> jamespage: any idea if we still need to carry the aarch64-libvirt-compat.patch in nova for pike+?
<jamespage> coreycb: probably not
<coreycb> jamespage: would love to drop it if possible. it started failing in the new point release.
#ubuntu-server 2018-03-23
<gunix> guys, any idea how i can change boot order from maas ?
<gunix> i just rebooted the servers and they all defaulted to pxe boot
<gunix> i just want them to boot the OS
<bradm> well, the boot order is a computer thing
<bradm> if you boot them and it pxe boots, maas should have nothing for it, so it should then boot from disk
<gunix> bradm: well booting from disk is failing which is strange
<gunix> and no idea why maas set the boot order for pxe first
<bradm> gunix: if its failing to boot from disk I'd say that has nothing to do with maas, but more with whats on the disk
<RoyK> gunix: trying to dual-boot?
<sarnold> RoyK: I think gunix is just trying to deploy a machine with maas, nothing fancy
<lordievader> Good morning
<adac> Hmm I created /var/log/journal directory and my servera gain crashed tonight. There is a file in it now that I wanted to check on what has happened
<adac> but the file seems be pretty much binary
<adac> ah i need to read it with journalctl -b
<adac> 1
<adac> hmm but still again there are no old messages in there
<adac> only from the last boot If I do:
<adac> journalctl -b 1
<adac>  /var/log/journal/35a754864d1e47469f9af2c0262f700e/system.journal
<blackflow> adac: did you check the standard syslog? journald is forwarding to it by default.
<adac> blackflow, yes in syslog I see the time before the machine stopped/was not reachable
<adac> but I cannot see what happened
<adac> only when the machine is rebooted there are entries again
<adac> before there is no error indicating what is happening
<blackflow> adac: sounds like a hard crash reboot, and when those happens it's usually due to faulty hardware like memory
<gunix> bradm: RoyK: sarnold: The first deployment was ok but something happened after that. Now all deployments are failing. I noticed there was an issue when I tryed to reboot the servers and all failed to boot.
<gunix> this is highly confusing
<mojtaba> Hello, If I want to keep a process running on the remote machine, even after exiting ssh, should I run screen on my local machine and ssh in screen to the remote machine and run my command? Is there any other way?
<ahasenack> mojtaba: nohup
<ahasenack> ssh machine
<ahasenack> nohup <start-your-process>
<ahasenack> logout
<mojtaba> ahasenack: Is it like screen?
<ahasenack> no, it will just prevent the process from getting the HUP signal when you logout
<ahasenack> if it's something interactive, or something that prints stuff to the console that you want to see later,
<ahasenack> then I recommend to use screen/byobu on the remote machine
<ahasenack> ssh machine
<ahasenack> byobu
<ahasenack> start process
<ahasenack> ctrl-a d
<ahasenack> logout
<mojtaba> ahasenack: thanks
<gunix> ahasenack: do you have any idea why machines that got previously deployed by MAAS are now failing deployment ?
<ahasenack> gunix: not without more data, no
<gunix> ahasenack: what data would you need?
<ahasenack> start by clicking on such a machine in the maas gui, inspect the data you get there. Notably installation logs
<gunix> there are not installation logs.
<ahasenack> if that's empty, try watching the machine's console while it deploys until it fails
<ahasenack> and the events tab in maas
<ahasenack> you might also want to hangout in the #maas irc channel, that's more specific than ubuntu server
<ahasenack> I idle there as well
<gunix> ahasenack: events: https://bpaste.net/show/811673766cfc
<gunix> nobody on #maas is answering
<gunix> i think they have no idea how the software works cause when i ask a more complex questions it's silence
<gunix> but they are answering questions to easy questions :D
<ahasenack> watch the console then
<ahasenack> it's usually what I do when debugging such a problem with my nodes
<gunix> ahasenack: this si the console: https://ibb.co/nc9q9n
<gunix> it's stuck there .
<ahasenack> it doesn't tell me if that's the first boot or second boot
<ahasenack> during deployment there is a first boot, where the installer comes up and installs the ubuntu release on the disk
<ahasenack> then it reboots into the newly installed system
<ahasenack> do you see evidence in the console, as messages scroll by, that it was able to reach the network to install packages and download stuff?
<gunix> https://bpaste.net/show/00edf81fcd8b
<gunix> aaand it faield.
<TJ-> middle of that photo is a line that reads 'object XXXX from LD_PRELOAD cannot be preloaded (cannot open shared object file). ignored'
<adac> blackflow, thanks for the hint, I will contact my hosting provider!
<gunix> TJ-: i saw that line but i have no idea how to interpret that
<ahasenack> rbasak: if I could pick your brain for a minute wrt a packaging question
<TJ-> gunix: nor me, but it was the only anomaly visible
<gunix> TJ-: yea and it doesn't tell me anything
<gunix> ahasenack: from my point of view it seems like it is getting the image since that is the only way cloudinit could be obtained .
<ahasenack> rbasak: package contents: https://pastebin.ubuntu.com/p/vnKrkqNczH/
<ahasenack> rbasak: the files under nvml_dbg are triggering an ldconfig call, flagged by the lintian as undesirable
<ahasenack> rbasak: upstream told me this about those files:
<ahasenack> "Files under nvml_dbg are builds with debugging symbols, logging, asserts
<ahasenack> and expensive checks that we normally don't want users to run with."
<ahasenack> rbasak: I'm wondering if they should be shipped in another package then, and what its name could be
<ahasenack> libfoo-extra-debugging? Is there a precedence for this?
<ahasenack> gunix: hm, no, cloudinit data is passed down via another way
<ahasenack> gunix: do you see it reboot once, after doing a bunch of stuff?
<ahasenack> gnuoy: anyway, in general, the debugging of such failures is either around the actual image installation on disk (that's the first boot), or networking problems
<ahasenack> it does run apt-get at some point, so it needs to be able to reach the internet or a mirror
<gunix> ahasenack: no, i don't see it reboot
<ahasenack> try to ssh to the node while it's stuck in that powered-on state
<gnuoy> ahasenack, I think gunix and I are different people
<ahasenack> if you added your key to maas, you should be able to ssh in as ubuntu
<ahasenack> gnuoy: hah
<gnuoy> :)
<gunix> ahasenack: i will recheck network config but that is ok afaik
<ahasenack> try ssh in and poking around
<ahasenack> also make sure you selected the right disk for your root partition in the node in maas
<ahasenack> if there is more than one
<ahasenack> it also pays to check the partitioning in general, and network config, in the node's page
<gunix> ahasenack: network is ok
<rbasak> ahasenack: looking
<gunix> ahasenack: this is the exact config that was working a few days ago
<gunix> that's why this is highly confusing
<gunix> the server is still stuck there btw ... at deleting temporary files
<ahasenack> gunix: if it was commissioned, then the hardware view maas has of the node changed to reflect the current state
<ahasenack> did you ssh in?
<rbasak> ahasenack: for a first iteration I'd remove them from the build. I think it's incorrect to ship them in the -dev package.
<ahasenack> was your maas installed as a snap?
<ahasenack> rbasak: they are more than just debugging symbols
<rbasak> ahasenack: the package can be fully functional without them, right?
<rbasak> You don't have to provide every development feature upstream provides in a package build.
<ahasenack> rbasak: yes, but supposedly upstream would want them somewhere when debugging sometihng. They are installed by "make install"
<rbasak> Upstream wouldn't use the distribution package build to debug though, would they?
<gunix> ahasenack: i installed using "apt instal maas" on ubuntu 16.04
<ahasenack> rbasak: it's a new package, they might ask users to do stuff
<ahasenack> I'll propose we remove those files, but wanted to get another opinion
<ahasenack> specially if there was precedence for this in ubuntu, an extra-debugging package
<rbasak> I imagine the right way to package both, if you really want to package both, would be to provide an alternate libfooX binary package with some other name that conflicts and provides it, so they could ask users to switch to that one instead.
<ahasenack> there is no need to conflict
<ahasenack> and those extra libs are not used since they are not in the linker's path. I suppose upstream would ask users to set LD_LIBRARY_PATH before some debugging task
<rbasak> I don't think that's appropriate for a distribution package.
<ahasenack> but, their placement is enough to trigger debhelper's automatic ldconfig call
<rbasak> But this is perhaps a discussion from #ubuntu-devel.
<rbasak> ahasenack: I think my issue with weird things like this is that the package isn't a special snowflake and users shouldn't have to know about special per-package snowflakes before being able to do things like this. The (reasonable) desire to have a debugging version with extra assertions but lower performance is a generic one. The distribution should provide a generic solution. And the mechanism we
<rbasak> have for that is drop in replacement packages via conflicts/provides. Not weird stuff to do with getting the user to override paths.
<rbasak> The point of a distribution is to unify these things.
<ahasenack> so there is a precedence with special builds that are drop-in replacements and have more logging/debugging/checks?
<rbasak> I'm not sure about specifically for libraries.
<rbasak> But there are plenty of packages that provide varying functionality depending on the user's package selection.
<rbasak> exim for example.
<rbasak> People in #ubuntu-devel may know more
<rbasak> I'm also unsure about simultaneously providing a concrete package and a virtual package that conflicts with it.
<rbasak> I'd want to read and/or test a bit more before committing to that.
<rbasak> In the meantime, IMHO it's not worth blocking to figure this out.
<ahasenack> I asked them how they would expect end users to use these files, and if we can drop them
<ahasenack> in the meantime, a test build confirmed the lintian ldconfig warning is gone when I remove them
<rbasak> This kind of thing is very common.
<rbasak> Upstreams need to understand that the point of a distribution is to unify things, and they shouldn't expect to be able to do every weird thing that they do in a distribution package.
<ahasenack> also that nvml_dbg dir mixes devel and runtime builds of the library
<ahasenack> I assume you could link to a debugging version of the library and get more info in your app
<ahasenack> so that means two extra packages per library: dev and runtime
<ahasenack> if we go down that route
<rbasak> dev, normal runtime, normal runtime with debugging symbols, debugging runtime, debugging runtime with debugging symbols.
<rbasak> It might be possible to collapse the last two down, as debugging runtime without debugging symbols makes no sense.
<ahasenack> it might if it's just about exrta logging
<rbasak> If you want to do any of this, I would speak to an archive admin now on how you plan to arrange everything to save any wasted effort.
<ahasenack> I also asked to confirm if this extra logging cannot be enabled via env vars
<ahasenack> I'm hoping I can just drop that dir
<pgaxatte> hello
<pgaxatte> coreycb: I tested the changes you submitted on mistral (https://bugs.launchpad.net/cloud-archive/+bug/1757433) and it works for me on Xenial for both pike and queens version
<ubottu> Launchpad bug 1757433 in mistral (Ubuntu Artful) "[SRU] mistral-event-engine conflicts mistral-event" [High,Fix committed]
<pgaxatte> coreycb: however I'm not familiar with launchpad and I don't get how I am supposed to "change the tag from verification-pike-needed to verification-pike-done"
<TJ-> pgaxatte: edit the tags (below the description box)
<pgaxatte> TJ-: ah yes on the original comment :)
<pgaxatte> TJ-:  i mean the first one which is the description :)
<pgaxatte> TJ-, coreycb: done!
<ahasenack> hm, I have this lintian warning that I'm trying to override:
<ahasenack> W: libpmemlog-dev: manpage-has-errors-from-man usr/share/man/man3/libpmemlog.3.gz 235: warning: macro `..,' not defined
<ahasenack> I created debian/source/lintian-overrides
<ahasenack> with
<ahasenack> libpmemlog-dev binary: manpage-has-errors-from-man
<ahasenack> reubilt
<ahasenack> but the warning is still there
<ahasenack> when I run "lintian" from the build directory
<ahasenack> do I need to install the package?
<lolek> hello
<lolek> maybe you guy will have some idea.  I've got two machines, ubuntu 12.04 and ubuntu 16.04 both have exact same sudoers config file, on both machines the users have almost identical groups (with one eception of one group the one for the virtualmachine), now when I try to run this command: /usr/bin/sudo -k -u lolek /bin/true   on U16.04 I don't get pw prompt while on U12.04 the prompt is there
<lolek> *guys
<rbasak> lolek: have you looked in /etc/sudoers.d/?
<rbasak> lolek: also, remember that sudo caches the fact that you entered the password. There's some default expiry time set.
<lolek> rbasak: yes, but in both cases the sudoers file has got commented out that include for sudoers.d
<lolek> rbasak: also for the cache is not a problem here as I'm using the -k switch
<rbasak> I don't know then, sorry.
<TJ-> lolek: how about /etc/pam.d/sudo  ?
<lolek> TJ-: checked, the same :/
<TJ-> lolek: check /var/log/auth.log on both machines for differences/clues
<lolek> right ... hmm let me find it
<lolek> I should also mention that u12.04 has got sudo 1.8.3p1 while 16.04 has got version 1.8.16
<TJ-> lolek: I cannot reproduce your issue here on 12.04 and 16.04 I see password prompt
<lolek> TJ-: you've used your current user right?
<TJ-> lolek: I've tried several user accounts
<lolek> :/
<lolek> you've got original sudoers file?
<lolek> TJ-: ok that's interesting .. in auth.log somehow on 12.04 the user is represented in the auth.log having id 1000 but on u16.04 the id is 0
<lolek> o.O
<TJ-> lolek: well that'd do it!
<lolek> TJ-: well yeah but why..
<TJ-> lolek: well start off with 'getent passwd lolek'
<lolek> when I do id lolek on 16.04 and 12.04 the id is not 0
<TJ-> lolek: is sudo or /bin/true setuid root ?
<lolek> nope
<lolek> both machines same rights
<lolek> TJ-: do you have 18.04 at hand?
<TJ-> lolek: yes
<lolek> as I checked clean 18.04 installation and it's the same, it doesn't ask for pw
<lolek> and also in the auth.log the user id is...0
<TJ-> lolek: as i said earlier, it's /etc/pam.d/sudo -- on 12.04 it's 'auth' but on 16.04+ it's 'session'
<lolek> oh
<lolek> missed this one
<lolek> hmm
<lolek> TJ-: well I've changed it to auth on 18.04 and it still doesn't ask for pw :/
<lolek> I'm wondering where it's taking that uid = 0
<TJ-> lolek: what does the 16.04  /etc/sudoers look like, can you pastebin it?
<lolek> TJ-: sure, a sec
<lolek> TJ-: http://pasteall.org/889746
<lolek> here it's the default one
<lolek> tbh it's logical that it won't ask for pw if I want to switch to current user
<lolek> but the question is why on 12.04 it asks for it
<lolek> a bug?
<TJ-> I wonder if it's been added since. I checked the Debian changelog and didn't see mention but there were several upstream releases in between so they may have brought it in
<lolek> mhm
<TJ-> lolek: is sudo-ldap installed on any of them?
<lolek> I don't see any sudo-ldap package so no
<mojtaba> Hello, I am going to write a script to make a backup when a specific computer joins the network. I want to repeat the process, until the directory is fully backed up. Could you please let me know how can I improve this code? http://paste.ubuntu.com/p/TbwKWcT5rz/
<blackflow> mojtaba: why don't you just ping 192.168.2.17 ?
<blackflow> you don't even have to sleep you can set, say, 30 seconds between two pings
<mojtaba> blackflow: ping -i 300 ?
<blackflow> that's a bit too long
<blackflow> one icmp packet every 30 seconds should be more than enough.
<mojtaba> blackflow: ping -i 30 ?
<mojtaba> blackflow: Do you know how should I check if rsync has been successful?
<mojtaba> blackflow: should it be rsync && exit or rsync && break?
<blackflow> mojtaba: yes, but actually I think you'll have to put that into a loop and send one packet only, to have ping exit with success or failure
<blackflow> so something like ping -c1 -i 30    in a loop and when it exits with success, the host has replied
<mojtaba> blackflow: Can I grep the exit of ping?
<blackflow> exit code? no, it's available in something like $?  depending on your shell
<mojtaba> blackflow: it is bash
<blackflow> you can also do things like     while true; do ping -c1 192.168.2.17 > /dev/null && break; done
<blackflow> that will wait until ping exits with success.  oh and I forgot -i
<mojtaba> So I have to replace this with until statement in my code?
<blackflow> yup
<mojtaba> blackflow: what about the rsync part? should it be rsync && break?
<blackflow> rsync should also return success or failure, so you can test its output
<mojtaba> blackflow: How can I test its output?
<blackflow> however, note that rsync can report error on things like files changed during transfer, but otherwise having successful transfer
<blackflow> mojtaba: $? contains last set exit code
<mojtaba> blackflow: Thanks. I will check it.
<blackflow> mojtaba: also consider using ~/.ssh/config instead of ssh options on the command line
<mojtaba> blackflow: sure, thanks.
<boxrick> I am after a minimal ISO installer without needing internet access. Is there any way to achieve that similar to CentOS?
<ChmEarl> boxrick, thats what the ubuntu-server ISO is. Its a CD with about 300 packages, enough to do a minimal install
<boxrick> I always thought it had a fit when it didn't get any network
<boxrick> Perhaps I am wron
<boxrick> wrong* then
<ChmEarl> boxrick, I admit , I never used it when competely disconnected from internet
<ChmEarl> boxrick, perhaps use this ISO as a debootstrap source
#ubuntu-server 2018-03-24
<xodiac133> I have to do a project in school and I have questions for a Linux Administrator
<patdk-lap> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<tomreyn> <ou were 58 minutes late ;)
<patdk-lap> oh well, might help someone else
<RoyK> !tell
<RoyK> hm - ask and don't tell? ;)
<mojtaba> Hello, Do you know how can I terminate a command, if the size of the directory is a specific amount?
<mojtaba> I am backing up a system on a HDD, and I want to exit rsync when the directory size is e.g. 100G.
<mojtaba> no one?
<mojtaba> Hello, Do you know how can I terminate a command, if the size of the directory is a specific amount? I am backing up a system on a HDD, and I want to exit rsync when the directory size is e.g. 100G.
#ubuntu-server 2018-03-25
<soshiant> i want link download repository for ubuntu trusty
<uplime> correct me if I'm wrong, but I remember a repo that needs to be installed to get all of the typical man pages. does anyone remember which repo that is?
<uplime> ah nevermind, manpages-posix is what I needed
#ubuntu-server 2019-03-18
<lystra> Fizzik: What's under /etc/systemd/resolved.conf.d?
<whislock> What is your current netplan configuration, first off.
<tomreyn> Fizzik left 24 minuntes after posting
<tomreyn> ...which is now almost 8 hours ago ;)
<whislock> Oh. This is why I should look at timestamps.
<lordievader> Good morning
<kstenerud> cpaelzer: re: the failed amd64 build of php7.2: I just made a new PPA release where the only thing I did is modify the changelog, and suddenly it builds without error: https://launchpad.net/~kstenerud/+archive/ubuntu/disco-php7.2-testing/+packages
<kstenerud> So there's something external that caused the 2 build failures.
<kstenerud> Maybe I'll try kicking off another build on the old ppa to see what it does...
<cpaelzer> yep
<jamespage> coreycb, sahid : fwiw I'm working on unblocking the backport-o-matic issues for stein
<coreycb> jamespage: thank you!
<azidhaka> anyone using sysadmin logbook software? something to type into all activities, have it sync-ed across devices, with search and everything?
<Pici> no, but that sounds like a good idea
<mwhahaha> coreycb, jamespage: so it looks like cinder doesn't properly have grep (?) as a dependency, http://logs.openstack.org/49/638149/5/check/puppet-openstack-integration-5-scenario001-tempest-ubuntu-bionic-mimic/ff03be3/logs/puppet.txt.gz#_2019-03-17_08_46_17
<mwhahaha> coreycb, jamespage: hmm nevermind must be a path issue as it's installed
<jamespage> mwhahaha: I think grep comes from the minimal base image so I'd hope it was :-)
<mwhahaha> yea it's there, but cinder isn't finding it. odd.  it's only affecting ubuntu at the moment
<mwhahaha> ah we're running the cinder-manage with only /usr/bin added. there must not be grep in /usr/bin anymore
<teward> well AFAICT `grep` is in `/bin/grep` according to `which grep` on my 18.04 machine...
<teward> mwhahaha: so the issue there is grep is in /bin/ not /usr/bin :P
<mwhahaha> yea
<mwhahaha> this is really old code so it must be a difference in 18.04
<azidhaka> some general guidelines on restoring ubuntu-server BIOS image on UEFI system?
<azidhaka> i've got a new system that doesn't have BIOS or CSM
<frickler> mwhahaha: seems like an issue with os-brick, catching only a subset of the possible exeptions here: https://opendev.org/openstack/os-brick/src/branch/master/os_brick/initiator/utils.py#L27-L31
<frickler> mwhahaha: but maybe it's also an error to call cinder-manage with a broken PATH
<lordcirth> azidhaka, are you sure you need to restore the image? Why not a fresh install?
<mwhahaha> frickler: i think it's the way we're invoking cinder-manage. that would likely inherit the path. https://review.openstack.org/#/c/643941/ might be the fix (testing)
<teward> [2019-03-18 09:39:00] <mwhahaha> this is really old code so it must be a difference in 18.04  <--
<teward> um
<teward> mwhahaha: 16.04, grep is in /bin/grep
<teward> let me test 14.04
<mwhahaha> ok so then the addition of the grep call is new then
<teward> but if that's /bin/grep too then the issue is the 'grep' call/dep is new
<teward> and you'll need newer paths :P
<mwhahaha> assumptions were made, things are being fixed :D
<mwhahaha> ah centos has grep in /usr/bin which is why we didn't hit it there
<teward> yep confirmed /bin/grep in 14.04 too
<teward> mwhahaha: yeah so that's a CentOS vs. Debian/Ubuntu :P
<frickler> mwhahaha: the code in os-brick is 4 months old, your trigger has probably been jamespage releasing a new pkg for it https://launchpad.net/ubuntu/+source/python-os-brick , that's 6 days old only
<mwhahaha> frickler: yes it's the new packages and we didn't hit this 4 months ago because on centos grep is available in /usr/bin. so my patch to fix the cinder-maange path should address it
<azidhaka> lordcirth: i am doing just that, but i was wondering can i use my existing clonezilla image
<azidhaka> lordcirth: i guess i will keep 2 images, one bios and one uefi
<lordcirth> azidhaka, are you quite sure you need images? I generally don't like using images like that - they are slow to modify and update. I prefer ISO + preseed file.
<azidhaka> lordcirth: some of the changes i do are interactive
<lordcirth> azidhaka, mind giving an example?
<azidhaka> lordcirth: can i do complicated things with preseed files?
<lordcirth> azidhaka, depends; if you can do it from the command line, you can generally do it in a preseed
<azidhaka> lordcirth: things that do dialog-style configuring
<lordcirth> Of course, if you don't change it really often, it may not be worth the effort to modify
<lordcirth> Most things that have TUI dialog configs have option flags as well. But not all.
<azidhaka> lordcirth: the machines are kiosks and after image restore only 2-3 commands are ran
<azidhaka> lordcirth: for example dpkg-reconfigure grub-pc to pickup the new drive UID
<azidhaka> that's interactive
<lordcirth> It is? Is there more than one drive to pick from?
<azidhaka> yes
<lordcirth> And there's no way to reliably decide which with a human? That's unfortunate.
<lordcirth> without*
<azidhaka> lordcirth: different hardware almost every time
<lordcirth> Yeah, I guess that's somewhere you need a human, then. Too bad.
<azidhaka> How about converting BIOS system to UEFI boot, can i do that? I can image it afterwards
<azidhaka> i don't think so, but asking does not hurt
<lordcirth> I don't know how to reliably do that. It's probably possible.
<lordcirth> azidhaka, by the way, why does a kiosk have multiple drives? kiosks generally don't need a lot of storage.
<azidhaka> lordcirth: those are multimedia kiosks, they play videos 24/7
<lordcirth> Ah, I see.
<azidhaka> main storage is on the 2nd drive
<azidhaka> 1st is read-only
<azidhaka> hm, there is no minimal iso with UEFi, i have to cleanup the server install
<lordcirth> Really? I'd expect there to be one
<tobias-urdin> coreycb: we are seeing ubuntu failures regarding to qemu version
<tobias-urdin> http://logs.openstack.org/41/643941/1/check/puppet-openstack-integration-5-scenario001-tempest-ubuntu-bionic-mimic/ffd7ab5/logs/nova/nova-compute.txt.gz#_2019-03-18_14_00_22_120
<tobias-urdin> nova.exception.InternalError: Nova requires QEMU version 2.5.0 or greater.
<tobias-urdin> here is all logs to check versions http://logs.openstack.org/41/643941/1/check/puppet-openstack-integration-5-scenario001-tempest-ubuntu-bionic-mimic/ffd7ab5/logs/
<tobias-urdin> the change https://review.openstack.org/#/c/643941/
<coreycb> tobias-urdin: is that on stein?
<tobias-urdin> yeah, should be
<tobias-urdin> nova-compute                          2:19.0.0~b1~git2019013113.33aad0fe41-0ubuntu2~cloud0
<tobias-urdin>  500 http://mirror.mtl01.inap.openstack.org/ubuntu-cloud-archive bionic-updates/stein/main amd64 Packages
<coreycb> tobias-urdin: i'm confused by the change you pasted at the end. is that related?
<tobias-urdin> that was the change that the logs comes from
<coreycb> i see
<tobias-urdin> maybe it's not packaging, not sure
<tobias-urdin> qemu                                  1:3.1+dfsg-2ubuntu2~cloud1
<coreycb> we have qemu 3.1 in the stein UCA so something must be getting confused there
<tobias-urdin> iirc there was some talk on ML about bumping qemu version, i think kashyap proposed some patches to nova about that
<coreycb> jamespage: does that ring any bells to you? ^ nova failing on stein with "Nova requires QEMU version 2.5.0 or greater"
<jamespage> coreycb: we did have an issue with the qemu backport to bionic but it was not version related
<tobias-urdin> was it released recently? qemu 3.1
<tobias-urdin> maybe it report the version differently or the libvirt python bindings changed smth
<jamespage> last week - its in 1:3.1+dfsg-2ubuntu2~cloud1	
<jamespage> the fix was rather
<jamespage>  /dev/kvm had the wrong permissions on bionic
<jamespage> compared to disco
<tobias-urdin> tracing https://github.com/openstack/nova/blob/master/nova/virt/libvirt/driver.py#L508
<tobias-urdin> calls https://github.com/openstack/nova/blob/337b24ca41d2297cf5315d31cd57458526e1e449/nova/virt/libvirt/host.py#L528
<tobias-urdin> calls https://github.com/openstack/nova/blob/337b24ca41d2297cf5315d31cd57458526e1e449/nova/virt/libvirt/host.py#L499
<tobias-urdin> so maybe something returns false or wrong version there
<tobias-urdin> i dont have a bionic machine up so can't test right now
<jamespage> so qemu only reported qemu support rather than qemu+kvm support
<coreycb> jamespage: tobias-urdin: i wonder if the hypervisor check in _version_check is failing due to that ^
<coreycb> well it seems you are running with 1:3.1+dfsg-2ubuntu2~cloud1 which i think is the latest
<jamespage> https://github.com/openstack/nova/blob/337b24ca41d2297cf5315d31cd57458526e1e449/nova/virt/libvirt/host.py#L519
<jamespage> but that should not be called as hv_type is not passed
<coreycb> jamespage: tobias-urdin: good point so it's either the hv_ver check that fails or an exception occurs
<kstenerud> OK this is just bizarre. When I submit this to a PPA with only amd64 and i386, it works. When I submit it to a PPA with all archs, amd64 hangs here: https://launchpad.net/~kstenerud/+archive/ubuntu/disco-php7.2-support-new-libicu/+build/16508933
<kstenerud> TEST 3442/14261 [ext/curl/tests/bug48203.phpt]
<kstenerud> PASS Bug #48203 (Crash when CURLOPT_STDERR is set to regular file) [ext/curl/tests/bug48203.phpt]
<ubottu> bug 48203 in EasyUbuntu "Installed packages not deselected" [Wishlist,Fix committed] https://launchpad.net/bugs/48203
<kstenerud> It sits there for a couple of hours and then the test rig terminates
<kstenerud> ahasenack cpaelzer rbasak any ideas?
<ahasenack> nope
<ahasenack> I gave you some suggestions the other day
<rbasak> kstenerud: have you tried diffing success and failure logs on amd64 in the two cases?
<jamespage> coreycb: https://github.com/openstack/octavia-lib neede by networking-ovn (working through snapshots etc..._
<jamespage> coreycb: we need a better way of doing snapshots automatically
 * jamespage gives that a think
<coreycb> jamespage: is networking-ovn missing the dependency?
<jamespage> it will be for the newest snapshot/milestone
<kendoori> How draconian is it to delete MySQL databases at the file system level? I can't start MySQL because /var/lib/mysql is full. I don't have a proper sysadmin available
<lordcirth> kendoori, is there production data in those databases?
<lordcirth> kendoori, also, is /var/lib/mysql part of the root partition? Possibly you could clear space elsewhere, eg with 'apt clean'
<kendoori> yes on the databases in general, but NO on the database I want to delete.
<lordcirth> kendoori, I'm no mysql expert, but I would free a little bit of space, start mysql, then delete the DB in sql
<kendoori> the databases are on their own partition
<lordcirth> Ah ok, that could be a problem
<lordcirth> kendoori, if this is a production DB then you need someone who knows mysql for this
<kendoori> the issue is that I can't delete anything on that partition in mysql, because I can't start it
<lordcirth> kendoori, this implies that mysql will start when full: https://dba.stackexchange.com/questions/106895/how-to-fix-a-mysql-server-with-a-full-hard-drive
<lordcirth> Start and then freeze until space is freed, that is, but allowing you to delete things cleanly
<lordcirth> Ah, but that's MyISAM, you are probably using InnoDB?
<kendoori> it's percona
<kendoori> join #mysql
<lordcirth> Doesn't percona still use the usual InnoDB under the hood?
<kendoori> lordcirth I think it acts completely like the real thing
<lordcirth> kendoori, ah, #mysql is probably a good idea
<lordcirth> kendoori, did you get any help there?
<tomreyn> percona supports the same engines oracles community mysqld does, plus more.
<kendoori> that was a mistaken entry here... (re #MySQL). Good news is I went ahead and delete the actual underlying database files and I survived
<kendoori> I freed up space and was able to restart MySQL
<kendoori> then did some additional cleanup
<kendoori> Panic is over :-)
<lordcirth> kendoori, good to hear. Do you know why you ran out? was it a sudden burst?
<lordcirth> Either it was a manual mistake (importing something huge), a software bug, or you need more space
<tomreyn> the panic should continue untilyou have ensured that mysql's data directory is (a) not on a partition that will likely run full (b) not on the root (/) file system.
<lordcirth> tomreyn, he said it's not on /
<tomreyn> okay, i didn't read all your chat, mea culpa.
<kendoori> romreyn it's on a dedicated partition
<lordcirth> But yes, this is something you need to debug fast or it will happen again
<sarnold> heh, good thinking :)
<kendoori> not an ideal situation.. one of those cases where we need to migrate but just didn't get to it yet
<tomreyn> also you'll probably want some form of mirror raid below the mysql data directory.
<lordcirth> kendoori, also, set up alerts for low space
<gislaved> oh man preseed can be a bitch on partitioning
#ubuntu-server 2019-03-19
<tinoco> .
<cpaelzer> kstenerud: ping me for your build issues when you are arund
<cpaelzer> kstenerud: they are odd to be sure, but we need to get them unblocked so give me a ping to talk about them
<lordievader> Good morning
<kstenerud> cpaelzer: ok. This build got stuck. I left it overnight and now it's a repeat of the other build
<kstenerud> successful build yesterday with only i386 and amd64 enabled: https://launchpad.net/~kstenerud/+archive/ubuntu/disco-php7.2-testing/+build/16508098
<kstenerud> later build of the same thing (different version in changelog but no other changes), with all archs enabled: https://launchpad.net/~kstenerud/+archive/ubuntu/disco-php7.2-support-new-libicu/+build/16508933
<kstenerud> I don't know how the lp build system works internally, but from the log comparison, they're doing what looks like the same thing right up until that one test hangs
<kstenerud> so something is interfering between parallell running tests?
<cpaelzer> kstenerud: there is nothing interefering between the different arches
<cpaelzer> kstenerud: they are on different VMs which are on different hosts - they only get together again when their results are collected
<cpaelzer> kstenerud: I'd think it was a red herring that it worked when not having the other architectures enabled
<kstenerud> OK, I've queued up exactly the same .changes file that failed yesterday, to a new ppa: https://launchpad.net/~kstenerud/+archive/ubuntu/support-new-icu-amdonly
<cpaelzer> kstenerud: not for now but please do note that even in the "good" case there are 301 failed unexpectedly
<cpaelzer> it seems not to gate on those tests (probably because they failed all the time)
<cpaelzer> but then it is even more painful that a failing test now kills your build
<cpaelzer> at some point those should be cleared to either work or be masked out from testing - and then those tests should be made gating IMHO
<cpaelzer> maybe nacc has looked at that in the past and can share some thoughts on that with you kstenerud
<cpaelzer> kstenerud: I see no tests at all in https://buildd.debian.org/status/fetch.php?pkg=php7.3&arch=all&ver=7.3.3-1&stamp=1551993939&raw=0 - do you happyn to know why?
<kstenerud> no
<cpaelzer> ah that was arch all
<cpaelzer> kstenerud: it is failing there "to the same amount" https://buildd.debian.org/status/fetch.php?pkg=php7.3&arch=amd64&ver=7.3.3-1&stamp=1551996189&raw=0
<cpaelzer> ok that aside, I don't know enough about it to discuss why it is that way
<cpaelzer> kstenerud: but back to your case
<cpaelzer> kstenerud: do you have a second failing build log please?
<kstenerud> https://launchpad.net/~kstenerud/+archive/ubuntu/disco-php7.2-fix-0050
<kstenerud> With what I'm building now, it fails at test 3443. That other log gets well past that
<cpaelzer> kstenerud: yep I've seen it
<cpaelzer> kstenerud: the test is an intentional crash "Crash when file pointers passed to curl are closed before calling curl_multi_exec"
<cpaelzer> kstenerud: my assumption is that there is a race that this kills the test runner instead of the epected test binary or so
<cpaelzer> kstenerud: I'm reading through d/rules and the source how the tests work in general
<cpaelzer> if you have 2.4k skipped tests and ignore 310 really failing ones we can as well eliminate this problematic single case and be good with it
<kstenerud> yeah. Also that test isn't intentionally crashing. It's testing that PHP handles it by falling back to stdout
<kstenerud> A test from 2009: https://bugs.php.net/bug.php?id=48203
<kstenerud> The test itself looks pretty benign. Unless maybe the broken pipe is stalling the entire process?
<cpaelzer> kstenerud: it would be nice to resolve this for real, but that might be better with your php7.3 work next cycle
<cpaelzer> kstenerud: for now lets cut that test out and see if it makes the build reliable - as it works "sometimes" we at least know it is not generally failing
 * cpaelzer sigh
<cpaelzer> kstenerud: in d/rules they skip whole modules, but I'd not want to skip all other 227 tests of curl (even though sicne the build ignores failures the worth is to debate)
<cpaelzer> kstenerud: instead you could just patch our the ext/curl/tests/bug48203_multi.phpt file
<kstenerud> yeah, looks like it just blindly runs whatever's in the dir
<kstenerud> so we'd have to patch it out
<cpaelzer> exactly
<cpaelzer> kstenerud: once you have done that throw it in three PPAs at once, if 3/3 build fine lets review and upload that before freezes hit us
<kstenerud> ok
<cpaelzer> kstenerud: for 7.3 I'd ask you to NOT retain this change on the Merge and have a look again there
<kstenerud> It'll be a separate patch file that we can just drop
<cpaelzer> yes
<cpaelzer> kstenerud: mention that it is supposed to be dropped int he dep3 header please
<kstenerud> ok
<cpaelzer> nice, I filed a Debian bug and someone subscribed to the package has a https://bitbounce.com/?ref=bitbounce blocker set up
<cpaelzer> 0.90$ to deliver the email, no thanks
<kstenerud> Yup, the test hung again: https://launchpad.net/~kstenerud/+archive/ubuntu/support-new-icu-amdonly/+build/16511712
<kstenerud> OK, starting 3 new builds with the test disabled...
<rbasak> cpaelzer: I'm not sure if I pinged you about this previously. I'm just clearing out an old card left over from an old triage session. Bug 1817027 needs a response I think, because the reporter did what you said and changed the bug status back to New.
<ubottu> bug 1817027 in samba (Ubuntu) "samba crashes when uploading files" [Undecided,New] https://launchpad.net/bugs/1817027
<rbasak> But I'm not sure quite how to respond.
<cpaelzer> rbasak: reading ...
<rbasak> Sorry I should have followed up on this earlier
<rbasak> No rush now though
<cpaelzer> rbasak: I need a brain break from MIRs anyway I'll take a look
<cpaelzer> also doko was so kind to suggest others might take over some MIRs, so I'm living in hope for ~3h that I don't have to do them all
<cpaelzer> hi lagarcia, are you around enough that I might ask you some ppc kvm questions?
<cpaelzer> rbasak: bug 1817027 is answered, it was straight forward debugging but ended up in too special samba-foo
<ubottu> bug 1817027 in samba (Ubuntu) "samba crashes when uploading files" [Undecided,New] https://launchpad.net/bugs/1817027
<cpaelzer> rbasak: but I think I got the case one step further and we can wait if the reporter is willing to move it to an upstream bug discussion
<cpaelzer> ahasenack: ^^ if you want to take a look as well if it is a known case to you
<ahasenack> doesn't ring a bell
<ahasenack> samba 4.10.0 final was released today, btw
<ahasenack> I need to update disco
<ahasenack> strlen on a null pointer?
<ahasenack> which happens to be a password
<rbasak> cpaelzer: thank you for taking care of it!
<rbasak> I closed my Trello card. If he responds it should come up in triage again
<ahasenack> cpaelzer: I reopened the zeromq ftbfs mp, and with some questions at the end
<cpaelzer> ahasenack: reading the zmq MP after I completed some tests on a qemu case I'm on
<ahasenack> ok
<kstenerud> woohoo! php7.2 works!!! MP submitted
<cpaelzer> kstenerud: could you abandon the old MP pelase
<kstenerud> sure
<ahasenack> rbasak: samba 4.10.0 final is out, what should I call our version/tarball: 4.10.0+dfsg (what debian would call it), 4.10.0~dfsg (so we can "upgrade" to 4.10.0+dfsg when debian releases it?), or something else?
<cpaelzer> ahasenack: last time you had a dfsk-ubuntu something version (I remember because I complained about it being so long)
<cpaelzer> ahasenack: what became of that string for the tarball?
<ahasenack> cpaelzer: yeah, I dropped that, it became 4.10.0~rc4+dfsg
<ahasenack> I thought the risk of conflicting with debian was minimal at that stage, and I new a final release would still come
<ahasenack> so I postponed that question to now :)
<ahasenack> what will happen in LP when we create a 4.10.0+dfsg orig tarball, and debian creates one slightly different (diff md5), and launchpad tries to ingest it?
<ahasenack> would it reject it, like it does when we upload a tarball with same name but different content?
<cpaelzer> interesting thought, I don't want to find out as that smells like trouble
<ahasenack> with 4.7.6, the last time we went ahead of debian, I used samba_4.7.6+dfsg~ubuntu.orig.tar.gz
<cpaelzer> yeah why not that again
<ahasenack> I assumed you wouldn't like the long name :)
<cpaelzer> as I said, I dislike that it has ubuntu in the version twice then eventually
<cpaelzer> but not knowing a better solution I'd at least stay consistent to last time then
<ahasenack> what about ~dfsg? I haven't seen that before, I just made that up
<ahasenack> or +dfsg~1
<ahasenack> no ubuntu
<cpaelzer> and shorter
<cpaelzer> I don't know, we need people to chime in that did such things more often
<ahasenack> hm
<ahasenack> ii  ghostscript                                9.26~dfsg+0-0ubuntu0.18.04.7                 amd64        interpreter for the PostScript language and for PDF
 * ahasenack checks that one
<ahasenack> nah, came from debian already (the ~dfsg)
<frickler> jamespage: coreycb: I'm still seeing messages in syslog like in this bug, not only for designate but also other services. the reason seems to be that the dh_systemd helper actually generates pretty messed up service definitions https://bugs.launchpad.net/charm-designate/+bug/1782644 http://paste.openstack.org/show/748022/
<ubottu> Launchpad bug 1782644 in OpenStack Designate Charm "Charm blocked on designate services with Runtime directory is not valid reported in syslog" [Medium,Fix released]
<coreycb> frickler: is the package in need of permissions changes?
<frickler> coreycb: no, this has nothing to do with permission IIUC, the "*Directory" stanzas in the systemd .service file are just bogus, see the paste
<coreycb> frickler: ok yeah RuntimeDirectory doesn't look valid. it's possible that's an issue with openstack-pkg-tools.
<frickler> coreycb: actually this is valid, but I had to look up the docs, too. arguments is "a whitespace-separated list of directory names" https://www.freedesktop.org/software/systemd/man/systemd.exec.html
<frickler> also the service manager should create these dirs if they don't exist
<frickler> so actually I'm back to not being sure yet what's wrong with it
<coreycb> frickler: ok i'll target that at the designate package for now as well
<frickler> coreycb: hmm, I'm now assuming that systemd on xenial is too old and doesn't support these features
<lordcirth> frickler, coreycb Added RuntimeDirectory was added in systemd 211 https://github.com/systemd/systemd/blob/master/NEWS#L6157
<lordcirth> My xenial container here is 229
<lordcirth> However, more features were added to it later
<frickler> lordcirth: thanks, I've been trying to find that. the version in xenial seems to support RuntimeDirectory, but only a single one, and also no CacheDirectory
<frickler> the latter comes in with 235
<lordcirth> frickler, indeed. What do you need cachedirectory for?
<frickler> lordcirth: I don't necessarily need it, the systemd helper writes it into the service definition, causing errors in syslog on daemon-reload. this is for openstack packages, but probably others
<jamespage> coreycb: flooding stein-proposed from stein-staging
<lordcirth> frickler, ah, I see. This is a new system just for openstack? Why not run 18.04?
<jamespage> coreycb: last few snapshots are working their way through - octavia and networking-ovn will block until we get octavia-lib
<jamespage> I might wedge that into stein-staging for now
<frickler> lordcirth: we are migrating to that, but UCA packages are intended to run fine on 16.04, too
<frickler> jamespage: coreycb: actually the tool in question is pkgos-gen-systemd-unit from openstack-pkg-tools , so that's a pure openstack-internal problem probably
<jamespage> frickler: so that issue is from xenial-queens?
 * jamespage reads backscroll to catchup
<frickler> jamespage: yes, the tools generates service definitions that would need systemd >=235, but xenial has 229
<jamespage> coreycb: have you seen a tempest failure on tempest.api.identity.v3.test_domains.DefaultDomainTestJSON.test_default_domain_exists ?
<jamespage> permission denied - I think its a change in tempest which requires a cloud level admin permission
<coreycb> jamespage: yes but have not dug into it yet. i think admcleod may have.
<coreycb> jamespage: i'll look today. i'm going to test rocky sru's.
<jamespage> coreycb: okies
<jamespage> coreycb: was doing some bionic/queens catchup for ceph
<jamespage> coreycb: documented the failure here - https://bugs.launchpad.net/ubuntu/+source/ceph/+bug/1813807 but detailed it was unrelated to ceph
<coreycb> jamespage: ok great
<ubottu> Launchpad bug 1813807 in Ubuntu Cloud Archive pike "[SRU] ceph 12.2.11" [Medium,Triaged]
<rbasak> ahasenack: I would just call it what Debian would call it.
<ahasenack> rbasak: ok
<rbasak> ahasenack: but probably should check with #ubuntu-devel or the security team if there's something else special done for that case
<ahasenack> rbasak: emailed
<rbasak> cpaelzer: did you get any guidance on your custom maintscript handling in https://code.launchpad.net/~paelzer/ubuntu/+source/qemu/+git/qemu/+merge/364760 from anywhere?
<rbasak> Or should I just review from the perspective of it having been written from scratch?
<ahasenack> rbasak: I got this ping from him earlier: <cpaelzer> andreas-lunch: check /usr/bin/dpkg-maintscript-helper sa it is copy and modified from there
<rbasak> ahasenack: cpaelzer: https://code.launchpad.net/~paelzer/ubuntu/+source/qemu/+git/qemu/+merge/364760 reviewed but it looks like I ended up grabbing the ~canonical-server review slot and can't create it again.
<rbasak> (as I'm not a member of ~ubuntu-virt)
<ahasenack> thanks for reviewing it
<jamespage> coreycb: ok stein proposed is baking - I'll test first thing tomorrow
<jamespage> I've shimmed in octavia-lib for now pending aa acceptance
<coreycb> jamespage: great, sounds good
<jerichowasahoax> Why am I getting "Fatal: Can't create directory /var/run/dovecot/login: Permission denied" even after running chmod -R 777 /var/run
<jerichowasahoax> 18.04
<sarnold> first things first, double-check that's a symlink to /run
<jerichowasahoax> sarnold: yes
<sarnold> next, set /run back to 755.
<jerichowasahoax> sarnold: done. dovecot still does not start.
<sarnold> alright, cool. what's /run/dovecot's owner:group and permissions?
<jerichowasahoax> sarnold: dovecot:dovecot
<sarnold> sigh. why don't more programs give instructions about the owner, group, and permissions?
<sarnold> jerichowasahoax: what permissions does that have? I think it's supposed to be 755
<jerichowasahoax> 755
<sarnold> hmm. alright .. how about /run/dovecot/login ?
<jerichowasahoax> sarnold: doesn't exist
<sarnold> does ls -ln on these directories show the same numeric userid as ps auxwn ?
<sarnold> .. or the numeric number that *would* be used if they started? heh
<jerichowasahoax> sarnold: i'm *assuming* if a dovecot user exists then dovecot would be started as that user, given that this kind of work is generally handled by apt, yes?
<jerichowasahoax> or, rather, by the package maintainer
<jerichowasahoax> because i didn't compile this package by hand or anything
<sarnold> jerichowasahoax: yeah, that's my hope too. but if there's two users with the same name and different numbers, you'll get errors that are nearly impossible to track down without ls -ln :)
<jerichowasahoax> sarnold: grep dovecot /etc/passwd returns only one user
<jerichowasahoax> sarnold: who's UID matches that listed by ls -ln
<sarnold> jerichowasahoax: alright hmm
<sarnold> jerichowasahoax: how about any DENIED messages in dmesg or auditd logs?
<jerichowasahoax> sarnold: https://paste.ubuntu.com/p/RNZwRsNnSm/
<sarnold> cuuuuuuuute
<jerichowasahoax> sarnold: is this some new-to-bionic thing? this all happened after a dist-upgrade from xenial
<sarnold> jerichowasahoax: do you have any /etc/apparmor.d/usr.sbin.dovecot*dpkg* files?
<jerichowasahoax> sarnold: i have /etc/apparmor.d/usr.sbin.dovecot
<sarnold> jerichowasahoax: here's the usr.sbin.dovecot profile that I grabbed from the bionic apparmor-profiles package: http://paste.ubuntu.com/p/mn82zMsMGg/
<sarnold> it's got both the attach_disconnected flag that should handle the "Failed name lookup - disconnected path" messages
<sarnold> and the /{,var/}run/dovecot/** rw,  that should have allowed the mkdir
<jerichowasahoax> sarnold: existing file looks like nothing like the one you provided me, doing a complete replacement
<jerichowasahoax> sarnold: dovecot still does not start, same error
<sarnold> jerichowasahoax: be sure to copy over any local changes to /etc/apparmor.d/local/usr.sbin.dovecot
<sarnold> jerichowasahoax: did you reload the profile?
<jerichowasahoax> sarnold: why does it have to be in local
<sarnold> jerichowasahoax: be sure to run apparmor_parser --replace /etc/apparmor.d/usr.sbin.dovecot
<jerichowasahoax> i don't like apparmor
<jerichowasahoax> can i disable it
<sarnold> jerichowasahoax: if you edit this file in place, then it probably won't be upgraded in the future
<sarnold> would you mind a half-way step of just apt-get  purge apparmor-profiles? those profiles are less well-tested than the others
<jerichowasahoax> sarnold: apparmor-profiles was not installed
<sarnold> jerichowasahoax: oh curious. that means the profile came from somewhere else, perhaps someone else on site?
<jerichowasahoax> sarnold: only me on site, seems like a remnant from something else
<jerichowasahoax> sarnold: apparmor stopped and disabled in systemd. dovecot still does not start.
<jerichowasahoax> should i reformat
<sarnold> no
<jerichowasahoax> i think the dist-upgrade broke my bo\x
<sarnold> apparmor_parser --remove /etc/apparmor.d/usr.sbin.dovecot may help
<sarnold> it's possible but most of the rough edges on the upgrades should have been fixed by now
<jerichowasahoax> sarnold: apparmor_parser [...] ran. dovecot starts.
<jerichowasahoax> i'm kind of distrustful that apparmor profiles are enforced even after stopping apparmor in systemd, but maybe the "start/stop" verbs aren't being used in the way i expect them to be.
<sarnold> indeed, 'stop' doesn't unload profiles, because 'start' can't confine already running processes
#ubuntu-server 2019-03-20
<coreycb> jamespage: looks like tempest commit 8d94885df02ea0a4826a1f271f011dfefd2c2ca9 is where the get_domain failure started
<jonfatin-> Ubuntu 16.04 netinstalls are broken with archive mirror. here is my kickstart (hasn't changed in a year or so)  https://pastebin.com/raw/3k7STH8M
<jonfatin-> https://imgur.com/a/azXDjn9
<jonfatin-> Confirmed existing bug yay... https://bugs.launchpad.net/ubuntu/+source/linux-base/+bug/1820755
<ubottu> Launchpad bug 1820755 in linux-base (Ubuntu) "Netboot install fails due to linux-image-4.4.0-143-generic.postinst linux-update-symlinks not found" [Undecided,Confirmed]
<jamespage> coreycb: bah - UCA qemu does not have the patch I thought it had - that's my bad
<jamespage> it was in ca-patches but that had not refreshed when I ran the backport I think
<lordievader> Good morning
<blackflow> any suggestions on how to shut up the php-fpm warnings about "server reached max_children setting"? google isn't helpful. Yes, I know what the error means, no I'm not gonna raise the number of PHP procs. The requests should queue up, as is expected, by nginx. Yes, I'm monitoring it and will decide when to upgrade based on too many accepts waiting in the queue. So... there apparently isn't a
<blackflow> config to shut that warning up, or I'm missing it from docs, google.
<blackflow> other than completely dropping warnings for the pool, with ~E_WARN in error_reporting, which I don't really want to
<blackflow> nvm, asking in ##php, thanks.
<kstenerud> @cpaelzer if you have time, I'd like your comments on whether I'm on the right track wrt https://bugs.launchpad.net/ubuntu/+source/keepalived/+bug/1810583
<ubottu> Launchpad bug 1810583 in keepalived (Ubuntu) "Daily cron restarts network on unattended updates but keepalived .service is not restarted as a dependency" [High,Triaged]
<cpaelzer> kstenerud: the bug has no recent updates, where would an update be to think about it?
<kstenerud> I'm trying to tackle it, since I'm doing ha stuff now. There's a post here https://chr4.org/blog/2019/01/21/make-keepalived-play-nicely-with-netplan-slash-systemd-network/ which talks about an upstream fix, which is talked about https://github.com/acassen/keepalived/issues/836#issuecomment-382011552
<kstenerud> but it's a huge merge: https://github.com/acassen/keepalived/commit/8ecbb591994a567375d78239d075ed032d9f9b07
<kstenerud> I can tease out the individual commits, but it will take awhile, so I'm wondering if this is the best way to deal with this issue? The problem is that keepalived doesn't play nice with systemd-networkd. It drops virtual IPs, which renders the entire HA stack useless
<cpaelzer> kstenerud: a lot to read ... still reading
<kstenerud> yeah, sorry.
<kstenerud> From what I've read, the fixes were put in place a year ago, but it's a huge merge, so there's a ton of little commits, most not directly related to the problem. I'm thinking that maybe I can find one or two commits that deal specifically with this problem, or at the least get a list of anyhing that touches vrrp_whatever.c
<kstenerud> The only other mitigations people have found so far were to force reload of multiple daemons on a trigger, which can cause other problems...
<cpaelzer> kstenerud: lets sort out what these things do please
<cpaelzer> kstenerud:  the referenced git entry does a lot of things as it is a whole fixes branch
<kstenerud> yes, that's what I'm saying. I'm in the process of sifting through all the little commits to find the ones that are actually relevant
<cpaelzer> kstenerud: and eventually all it provides in regard to the issue is that keepalived will realize that it "lost" its VIP to then action on it
<kstenerud> I just want to make sure I'm going about this the right way
<cpaelzer>  can't promise to know the right way, but I can try to help :-)
<cpaelzer> kstenerud: that feature we will get with keepalived 2.0
<kstenerud> Yeah that's cool. I just wanted your gut reaction to this, as in "oh god no you're doing this all wrong" :P
<cpaelzer> but since we care on this issue on >=Bionic we need a solution for pre keepalived-2.0 anyway
<cpaelzer> my gut reaction seems to make what we found in the blog a best practise - if it is seconded by a bunch of people to apply to all their problems
<kstenerud> ok, then I'm going to dive deeper into the PR and find the commits that touch the vrrp stuff
<cpaelzer> then I'd put it into the Readme file and maybe even a hint to the issue (bug) and recommended solution (ref to the Readme) in a NEWS update
<cpaelzer> kstenerud: consider this from the blog (if that is true) "I came to the conclusion that this actually wouldnât fit the actual problem, as keepalived would just note the removed VIP and failover to another machine. But I wanted to fix the underlying problem itself, instead of just coping with the symptoms"
<cpaelzer> considering that, would identifying and backporting the changes (if even possible) help a lot?
<kstenerud> It's still not a complete solution, but it does prevent the vrrp from going down and never coming back
<cpaelzer> instead - if confirmed really good - we should make the config approach that the blog had best practise
<kstenerud> true
<kstenerud> we'll probably need both
<cpaelzer> kstenerud: I think the two things are not mutually exclusive
<cpaelzer> yeah
<cpaelzer> identify the changes and evaluate if they are backportable at all
<cpaelzer> get in touch with people reporting the bugs if the proposed configuration would work for them
<cpaelzer> if backportable it seems a win to do so
<kstenerud> yeah
<cpaelzer> If not then it is to some extend your call - if keepalived without the fixes it totally broken then we might consider backporting keepalived-2.0 at some point
<cpaelzer> but that is a despareate measure that has to be considered only later if needed
<cpaelzer> as e.g. upgraders still have ifupdown and are probably happy
<cpaelzer> kstenerud: if the config style mentioned in the blog really turns out to be superior that is mostly communication - as I said readme/news also whatever docs that we ahve on the net about it, maybe a blog post on your own
<cpaelzer> kstenerud: TL;DR to me it seem the right way is going both ways and decide then
<kstenerud> ok sounds good
<cpaelzer> and there semes to be a lot of communication involved, so make sure you are in touch with people affected by the issue and also others running keepalived but not being affected
<cpaelzer> we don't want to break one of these groups in favor for the other
<cpaelzer> kstenerud: there is the sad truth that sometimes a fix has so much regression risk that even thou it would be nice to have we are not doing it and instead have to kindly ask to move to a newer version
<cpaelzer> I love to fix issues for our users, but not breaking all other users sometimes wins - so consider "making 19.10/20.04 a great working solution" and then recommending an upgrade an alternative fallback
<cpaelzer> and the new recommended config style that avoids the issue could be the documented and recommended solution for 18.04-19.04 then
<cpaelzer> kstenerud: ^^
<kstenerud> ok
<coreycb> jamespage: ohh do you think that explains tobias-urdin's issue?
<ahasenack> good morning
<rbasak> cpaelzer: in https://code.launchpad.net/~paelzer/ubuntu/+source/qemu/+git/qemu/+merge/364760
<rbasak> rmdir "$NEWCONFFILE" || echo "failed to remove $NEWCONFFILE"
<rbasak> If that fails, the preinst will succeed. Is that intentional?
<cpaelzer> rbasak: yes
<cpaelzer> intentional
<cpaelzer> I listed the output in the testcase
<cpaelzer> that is when people have made customizations to the extend that we can't cover them all (e.g. placed other things in that dir)
<cpaelzer> the intention is there to have the errors shown but NOT fail the package upgrade itself
<cpaelzer> rbasak: feel free to convince me otherwise, we could as well make it a "please clean DIR foo to make this upgrade smoothly" + exit 1
<cpaelzer> I'd be fine with that as well
<rbasak> Ah, I missed your bug comment, sorry. I see it now.
<rbasak> There doesn't seem to be an obviously correct answer to what the behaviour should be.
<cpaelzer> yeah but are imperfect, but we could come up with "more edgy cases" of something already being a very rare use case all day
<cpaelzer> therefore this was the line I decided to draw
<rbasak> Yeah
<rbasak> I think what you've done is fine.
<rbasak> I just wanted to check that the || echo failed was intentional. From your bug comment that I missed it's clear that it was and that you've thought this through.
<rbasak> I think what you've done is fine> in intended behaviour I mean. I still need to check again that the code does as intended :)
<rbasak> cpaelzer: so is that the last time you'll accidentally put a filename in to the target of a dh_install file? :-)
<brektyme> Hi, I'm getting a segfault when pxebooting the installer on 16.04, at the dectect disks step, I'm not really sure what the issue is and I've not seen it before it started yesterday. Does anyone have an idea of what I sould look at or what the issue could be?
<cpaelzer> rbasak: no promises
<cpaelzer> but it certainly reduces the chances that I'll do so
<brektyme> I found a workaround on https://bugs.launchpad.net/ubuntu/+source/debian-installer/+bug/1817358, that got me past the segfault but the installer is failing while installing the kernel, looks like a dependancy problem with linux-modules-extra
<ubottu> Launchpad bug 1816846 in glibc (Ubuntu) "duplicate for #1817358 segfault in libc-2.23.so netinstall installation pxe" [Undecided,Confirmed]
<jamespage> coreycb: might do
<jamespage> coreycb: I need to finish off some ceph SRU Testing and I'll take another test run at stein/proposed
<coreycb> jamespage: ok. i'm still trying to figure out that tempest domains issue. i narrowed down on the commit. it seems we need to account for the switch of the test class inheritance from base.BaseIdentityV3AdminTest to base.BaseIdentityV3Test.
<coreycb> not sure how yet though
<jamespage> coreycb: oh I think I know what that is
<jamespage> coreycb: obs if you revert the commit its all good
<jamespage> I think the problem is the test uses on of the pre-created users todo the get domain call
<jamespage> the users are in admin_domain, but the get domain call is for the default domain
<coreycb> jamespage: ok, that's along the lines I was thinking as well. switching default_domain_id to admin_domain didn't seem to fix it.
<jamespage> coreycb: hmm
<kstenerud> cpaelzer: All dependent packages of php7.2 now succeed, except rss-bridge, which failed due to being unable to connect to the deb archive: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-disco/disco/armhf/r/rss-bridge/20190320_112057_9cf57@/log.gz
<kstenerud> I tried restarting the build but I don't have permission
<jamespage> coreycb: its working ok for me - using the ID of the admin_domain
<coreycb> jamespage: oh great! maybe i've got something residual hanging around in my deployment.
<cpaelzer> kstenerud: rsyslog was built just this morning
<cpaelzer> kstenerud: maybe there was a problem publishign it in time for armhf
<cpaelzer> kstenerud: give it an hour and then run it again
<cpaelzer> kstenerud: I'm almost sure it will resolve then
<kstenerud> I don't have permission to run it
<cpaelzer> ok I can do that for you
<kstenerud> ok thanks!
<cpaelzer> kstenerud: to me it looks like the metadata in the repo was updated but the ftp not yet fully synced (or something like ti)
<cpaelzer> kstenerud: running again http://autopkgtest.ubuntu.com/running#pkg-rss-bridge
<cpaelzer> lets see in ~1h
<cpaelzer> kstenerud: it passed that step already
<jamespage> coreycb: it does indeed work
<kstenerud> cool!
<jamespage> coreycb: https://github.com/openstack-charmers/openstack-charm-testing/pulls/javacruft if you have cycles
<coreycb> jamespage: merged, thanks
<coreycb> jamespage: are you ok with releasing keystone LDAP backend fixes early to rocky-updates? they've only been there since last night but testing successful and it's critical.
<coreycb> jamespage: fyi bug 1798184 bug 1820333
<ubottu> bug 1798184 in python-ldappool (Ubuntu Cosmic) "[SRU] PY3: python3-ldap does not allow bytes for DN/RDN/field names" [High,Fix committed] https://launchpad.net/bugs/1798184
<ubottu> bug 1820333 in keystone (Ubuntu Cosmic) "[SRU] ldap search should not encode attributes" [Critical,Fix committed] https://launchpad.net/bugs/1820333
<jamespage> coreycb: +1
<jamespage> its basically completely broken right now so a fast-track is appropriate
<coreycb> jamespage: alright, i'll go ahead and release that then
<jamespage> coreycb: stein-proposed passes our tempest tests!
<jamespage> promoting all the things...
<coreycb> jamespage: \o/
<genewitch> is there any reason to use --user with "pip" command, i'm having issues with certain libraries (libgpuarray specifically) where if the main application is pip installed with --user it can't see a hand compiled libgpuarray
<tomreyn> maybe you need to change PATH or LD_LIBRARY_PATH
<bin_bash> hello, I want to change the values in /etc/apt/apt.conf.d/20auto-upgrades to be "0" using "echo" how is this possible?
<sarnold> it depends what's in that file. best is to just change whatever writes it to write whatever settings you need
<bin_bash> well usually i just manually change it, but i'm trying to put it in a quick bash script
<sarnold> sed -i is probably the better tool for the job
<bin_bash> APT::Periodic::Update-Package-Lists "1";
<bin_bash> APT::Periodic::Unattended-Upgrade "1";
<bin_bash> this is what the file has by default
<bin_bash> i want 1 to become 0
<bin_bash> hm sed is a good idea, i didnt consider that
<bin_bash> sarnold: im looking at the manpage, not sure i'm seeing how to do this
<tomreyn> here's a simple example: sed -i 's/^APT::Periodic::Update-Package-Lists "1";$/APT::Periodic::Update-Package-Lists "0";/'
<tomreyn> here's a simple example: sed -i 's/^APT::Periodic::Update-Package-Lists "1";$/APT::Periodic::Update-Package-Lists "0";/' /etc/apt/apt.conf.d/20auto-upgrades
<tomreyn> ^ I forgot the file to edit initially
<tomreyn> but you'll really need to understand regular expressions, or you won't know what you need to escape.
<tomreyn> try #bash
<bin_bash> thanks
<bin_bash> ideally i'd just replace 1 with 0 in that file
<bin_bash> rather than the whole line
<tomreyn> if you just want to replace any 1 by one character, that's also possible, but i think that's most likel ynot what you actually want.
<tomreyn> *any 1 character by a 0 character
<sarnold> you definitely want to make sure you know which exact config settings you're changing
<bin_bash> it'd be weird if there was another 1 in the file
<sarnold> apt has something like nine thousand config choices
<bin_bash> not in this one file
<sarnold> and there's no saying what other admins or tools have put in which files
<tomreyn> or removed from them, or whether edited to be in a different format, or commented in or out
<tomreyn> even regular expressions mey be unsuitable to help you there.
<bin_bash> there shouldn't be anything else in this file except these two lines...
<sarnold> yeah if the settings are set via the APT { Periodic { Update-Package-Lists } } } style, it'll be harder to edit
<sarnold> bin_bash: maybe today .. who knows what'll be there in six months
<tomreyn> people like you probably wrote software for boeing 737 max 8
<bin_bash> ...
<bin_bash> wow
<tomreyn> i'm not meaning to blame you there, just pointing out such things can really matter
<bin_bash> that's gotta be one of the worst false equivalency attempts i've ever had lobbed against me.
<bin_bash> I can't imagine how a single personal-use script is even comparable in your thought process
<sarnold> man if you're upgrading your planes in flight .. something is way wrong :)
<lordcirth> bin_bash, that was excessive. But if a thing is worth doing, it's worth doing right.
<bin_bash> if you're running ubuntu on a plane, there's some serious fucked up shit going on
<lordcirth> bin_bash, point is, don't hack something together poorly, do it right the first time
<bin_bash> lordcirth: i'm really just trying to reduce having to manually change this in a deployment script for dev usage. i never suggested hacking it together, i'm  simply looking for the easiest implementation for the specific use-case
<tomreyn> yes, that was excessive, sorry bin_bash. but you should try to get into this kind of thinking - how risky is it if i do it wrong, and can i actually measure that reliably, or should i just try to make it reliable no matter what.
<bin_bash> i'm only ever modifying THIS file. i'm only changing the values from 1 to 0, and was therefore askined the best way to implement this. even if more lines were added i would /still/ want them to change from 1 to 0 because i want to disable any automatic upgrades
<sarnold> bin_bash: I still think you'd be better served by figuring out what's putting that file in place and using the correct values from the start
<tomreyn> bin_bash: you mention deployment. many deployment frameworks provide a way to edit configuration files in a better way.
<sarnold> if it's copying /usr/share/unattended-upgrades/20auto-upgrades into place, it might as easy as asking those scripts to copy /usr/share/unattended-upgrades/20auto-upgrades-disabled instead
<bin_bash> sarnold: what?
<sarnold> bin_bash: I don't have /etc/apt/apt.conf.d/20auto-upgrades on my systems; there *is* a /usr/share/unattended-upgrades/20auto-upgrades though
<sarnold> bin_bash: so I'm curious if your deployment script is copying that file over..
<sarnold> bin_bash: in which case it'd be as easy as asking it to copy a *different* file ..
<bin_bash> sarnold: which version?
<sarnold> bin_bash: which would be way more reliable than copying the wrong file, and then editing it :)
<sarnold> ii  unattended-upgrades 1.1ubuntu1.18.04.9 all          automatic installation of security upgrades
<bin_bash> sarnold: your setup sounds weird...
<tomreyn> i see /etc/apt/apt.conf.d/20auto-upgrades on 14.04, not on anything newer
<bin_bash> the unattended upgrades file has always been in etc
<bin_bash> this is 18.04
<bin_bash> and i found this stack overflow for 16.04, which has a similar sed command to what was suggested above: https://askubuntu.com/questions/1059971/disable-updates-from-command-line-in-ubuntu-16-04
<tomreyn> dpkg -S /etc/apt/apt.conf.d/20auto-upgrades
<tomreyn> ok, ignore this, that's maybe misleading
<bin_bash> this even says the same file too:
<bin_bash> https://linuxconfig.org/disable-automatic-updates-on-ubuntu-18-04-bionic-beaver-linux
<tomreyn> yes the file is created via postconf apparently
<bin_bash> hm interesting
<tomreyn> s/postconf/postinstall/ oops
#ubuntu-server 2019-03-21
<genewitch>  /wc
<lordievader> Good morning
<sinhue> Hi, I'm trying to install Ubuntu Server 18.04 on Virtual Machine But all I'm getting is= "Error setting up gfx boot." I'm getting desperate. Even tried older releases. What could be the problem?
<blackflow> sinhue: did you try with google, there are some suggestions in first few results, for "Error setting up gfx boot"
<sinhue> I did but nothing helped me.
<sinhue> What helped me was noticing that VM does in fact have 8 mb ram, instead of 8gb :D :D
<sinhue> Sorry for bothering
<blackflow> sinhue: which hypervisor is this? Did you see this, and try as suggested to reach the menu? https://askubuntu.com/questions/895148/error-setting-up-gfxboot/920907
<sinhue> blackflow, I solved it already bro. But this was ESXI 6.5 hypervisor.
<blackflow> this is ubuntu server support, you're not bothering, but it is expected you try to help yourself first as much as possible :)
<blackflow> solved how?
<blackflow> I'm suspecting missing or invalid graphics device?
<blackflow> (and please don't call me bro)
<kstenerud> cpaelzer: I'm beginning to think that a keepalived backport isn't in the cards. The commits are all merges containing other merges containing yet more merges, which completely obscures what's actually happening. I've found vrrp and IP deletion code strewn through the logs, but it spans years, fixing various problems when using ipv4, ipv6, static ro
<kstenerud> utes, physical vs virtual devices, etc. I'm not confident that I'd be able to find it all :/
<kstenerud> All references to fixing keepalived + systemd-networkd only refers back to the "beta branch", with no commit refs
<kstenerud> The workaround I posted does work. Perhaps we're better off waiting to see if this solves the issue for enough people? The issue should be fixed in keepalived 2.0 in disco, which I'm testing now
<kstenerud> It's actually quite a complicated problem, as keepalived must rely on heuristics to determine if a device or ip being removed was intentional or not...
<cpaelzer> ok, sounds right
<cpaelzer> do we have a time limit when we check if "this solves the issue for enough people"  is true or not?
<cpaelzer> and if so  planned action (e.g. as discussed yesterday docs/blogs/...)
<kstenerud> The bug report has the workaround, but we should definitely update any docs we maintain that deal with keepalived. I don't see much other than https://www.ubuntu.com/kubernetes/docs/keepalived which uses juju
<kstenerud> I suppose it comes down to which approach we would bless? apt? snaps? charms?
 * blackflow bets 5â¬ on the snap.
<lotuspsychje> lol
<blackflow> makes sense, if there's a lot of issues to shoehorn it into specific base env.
<blackflow> Is the ZFS in Bionic patched to support latest 0.7.x featureset?
<lordcirth> blackflow, bionic has 0.7.5
<blackflow> as baseline version yes, but a megaton of patches to make it work with 4.15+ kernels
<blackflow> so I'm asking what else is there featureset wise, or most importantly, can it fully use pools created with 0.7.12 (which I'm preparing to test in a few)
<ahasenack> wrt pools, most likely, We are settling on a very baseline set of features to remain compatible with other pools out there
<ahasenack> but you could ask in the kernel mailing list perhaps: https://lists.ubuntu.com/mailman/listinfo/kernel-team
<blackflow> if so that's awesome. I don't enable any non-default features, I only need it to rw to pools created with 0.7.12 defaults
<blackflow> but... about to test all that now
<blackflow> and make that 0.7.13, being latest actually :)
<ahasenack> I have 0.8 elsewhere, and the story there is different
<ahasenack> as one might expect given the version bump
<blackflow> oh yeah, that's a whole new bag of goodies in that :)Ä
<blackflow> s/Ä//
<lordcirth> We are very glad for the faster scrubs in 0.8. Our current production storage takes 6 days to do the weekly scrubs, and it's less than half full. We need the speed to keep up.
<ahasenack> lordcirth: and with 0.8, how long does it take?
<lordcirth> Haven't tested yet
<lordcirth> We are still putting together the new system
<blackflow> lordcirth: why weekly tho? esp. if that sized. scrub is just "let's find problems now before regular block access does anyway"
<lordcirth> blackflow, best to be safe.
<ahasenack> that much activity could also reduce the lifetime of the drives, no?
<lordcirth> Then we RMA them.
<blackflow> lordcirth: but if you have properly set up pools (redundancy, hot swappable drives) then you gain very little from frequent scrubs
<lordcirth> 3-year evergreen due to warranty anyway
<blackflow> from *too frequenty I mean
<ahasenack> lordcirth: have these scrubs ever found problems?
<blackflow> statistically, there should be one bit corrupt for every 10TB accessed, according to (now old) google research
<ahasenack> well, "ever" is a long time :)
<ahasenack> let's change that to "frequently" :)
<lordcirth> We've had two drive failures. IIRC at least one of them was found during a scrub?
<ahasenack> or provoked by one ;)
<ahasenack> by several, that is
<lordcirth> Better to have 2 known failures than 1 unknown one, I guess
<blackflow> I second what ahasenack said. at that scale, too frequent scrubbing is just adding to the wear
<lordcirth> Weekly scrubs are the default in Ubuntu's packages, presumably for a reason.
<blackflow> no, monthly are
<blackflow> first sunday in the month
<ahasenack> # Scrub the second Sunday of every month.
<ahasenack> 24 0 8-14 * * root [ $(date +\%w) -eq 0 ] && [ -x /usr/lib/zfs-linux/scrub ] && /usr/lib/zfs-linux/scrub
<ahasenack> in my disco system
<lordcirth> Really? hmm I thought it was every sunday
<blackflow> *Second, okay.
<ahasenack> I didn't do the date +\%w math, just going by the comment in there
<blackflow> (yeah I change that to first in the month)
<blackflow> ahasenack: 8-14 'th day in the month, then date +%w checks if it's sunday
<sdeziel> scrub should be read only unless there is anything to correct so presumably this is lighter on the disks, no?
<lordcirth> Scrubs are still a lot of seeks, at least until 0.8 when it's sequential
<sdeziel> I agree that scrubbing 6 days per week is very excessive though
<sdeziel> ah
<lordcirth> Not 6 days per week, once per week
<lordcirth> Ah, you mean total time
<sdeziel> yeah :)
<lordcirth> Well, hopefully 0.8 will be much less load
<sdeziel> must absolutely kill the normal performance, except on Sundays where nobody's there to enjoy the real speed ;)
<lordcirth> Actually, part of why the scrubs take so long is that they are quite low priority compared to normal usage
<zetheroo> blackflow: you here?
<blackflow> yup
<zetheroo> why ewww ... cloudflare? I am being told that it's "the best" etc ...
<blackflow> zetheroo: personal observation, nothing more.   btw, that "search mt.local" if you're using .local for domains, resolved might have problems with that. .local should be reserved for mDNS
<zetheroo> blackflow: Ok, was just wondering if there was anything about cloudflare specifically ... since I never heard about it until the other IT guy said "We are switching to it because its the best" :D
<zetheroo> ... and "google sucks" ... because we had been using 8.8.8.8 etc
<blackflow> zetheroo: "best hyped" more likely. nothing special about it tho'.  technically, some networks erroneously treat 1.0.0.0/8 as a test range so it might not work everywhere, but that's probably very edge case
<lordcirth> cloudflare got 1.1.1.1 in exchange for being able to handle and study the huge amounts of random traffic it gets
<lordcirth> Not many companies can handle that much traffic.
<blackflow> which only puts them in the position to abuse that power
<blackflow> personally, been running own Bind authoritative and resolvers for many years.
<blackflow> ahasenack: lordcirth: fwiw, tests have shown Bionic having normal rw access to 0.7.12 generated zpool with default features. thanks for your feedback.
<lordcirth> blackflow, cool
<ahasenack> nice
<sdeziel> cloudflare's anycast network is pretty cool on paper though
<lordcirth> Cloudflare has a lot of cool articles on HA
<zetheroo> blackflow: about systemd-resolved ... you said that it tries the first two nameservers but no more than that ... or did I misunderstand you?
<blackflow> zetheroo: you misunderstood.
<blackflow> zetheroo: glibc is the one that doesn't take more than 3 "nameserver" entries in resolv.conf
<blackflow> zetheroo: systemd does something else. tries one nameserver, and if that fails, tries another and then keeps on using that other, ignoring the order defined by resolv.conf
<blackflow> there's been huge issue/debate upstream about that unexpected behavior
<zetheroo> sorry, that's what I meant - so if you have three nameservers ( A, B and C) systemd tries A, then B and then keeps trying B?
<zetheroo> or does it just randomly try A, B or C ?
<blackflow> keeps trying B
<blackflow> I mean, keeps _using_ B until it fails, then tries C
<blackflow> or in other words, it sticks to using the nameserver last known to work
<zetheroo> how long does it take to fail on B?
<blackflow> zetheroo: note that NXDOMAIN isn't a failure, and your B is cloudflare, and if you're asking for mt.local, you'll get NXDOMAIN
<zetheroo> Just was odd to hit a brick wall like that
<zetheroo> blackflow: oh, darn ... that config was what was changed to after the issue ...
<zetheroo> originally the cloudflare IP was the third or forth
<zetheroo> It was: Win server primary DNS, Win server secondary DNS, Gateway IP, Cloudflare Primary, CF secondary
<blackflow> too much. more than 3 isn't effective for glibc anyway
<zetheroo> is that a recent limit in glibc?
<blackflow> no, it's from ay one. bug in LP shows 2007 at least
<blackflow> bug #118930
<ubottu> bug 118930 in glibc (Ubuntu) "Resolver: MAXNS should be increased" [Wishlist,Confirmed] https://launchpad.net/bugs/118930
<blackflow> it's like that in pretty much all the distros, a glibc default nobody thinks is important to raise
<zetheroo> whoa
<blackflow> (and they be right. if 3 NS fails, you've got more serious issues :) )
<rbasak> Seems to me that the bug is requesting much more complex DNS handling - more than what glibc does.
<rbasak> In the VPN use cases for example, and where different non-Internet domains are being added by some subset of configured servers.
<rbasak> In these cases, surely something like systemd-resolved would be more appropriate, rather than asking for implemnetation in the glibc resolver?
<blackflow> would, if resolved behaved properly.
<lordcirth> blackflow, what does it do wrong?
<blackflow> lordcirth: for starters, breaks the decades old expectation of nameserver priorities. then it has issues with DNSSEC. then it has issues with VPNs.
<blackflow> the NS order is very much important, it's not round robin. you have primary and then failover resolvers. resolved breaks that entirely with round-robin only resolving.
<blackflow> you get round robin if you explicitely set options rotate in resolv.conf
<rbasak> blackflow: if resolved has issues then they need to be resolved in resolved, sure. I don't think we can expect glibc to implement more complex behaviour than it already does though. resolv.conf is overloaded enough as it is.
<rbasak> (and it's got to do everything in process, can't realistically keep state, etc)
<rbasak> So I think the answer to that bug really needs to be "Won't Fix; use resolved, or implement and use some other proxy".
<rbasak> However I don't consider myself expert enough in the area to decide that for the project without the opinion of some other Ubuntu devs who are more expert.
<blackflow> rbasak: I agree. I just mentioned it because zetheroo had more than 3 nameserver entries so I pointed at that being useles
<rbasak> Ah, sorry.
<blackflow> rbasak: btw the issues all exist upstream. unfortunately some of them are being WONTFIX'd, like theh round robin thingy
<supaman> what is the unit name for the nfs daemon?
<supaman> nfs-server?
<Ool> nfs-kernel-server is the service name
<supaman> ok, thanks
<blackflow> some like to call it nfs<tab> :)
#ubuntu-server 2019-03-22
<jamespage> coreycb: https://etherpad.openstack.org/p/stein-rc1-ubuntu-packaging
<coreycb> jamespage: ohh etherpad, good idea
<coreycb> jamespage: i'll take a scan through and pick up on anything new
<coreycb> jamespage: i'm going to order those alphabetically
<jamespage> coreycb: +1 - my list was a dump from my inbox so mainly in arrival order!
<jamespage> coreycb: does your upstream vs distro version report still run somewhere?
<ahasenack> rbasak: I think cpaelzer__ is EOD, could you please review this small mp? I would like to upload it before the monday freeze: https://code.launchpad.net/~ahasenack/ubuntu/+source/nfs-utils/+git/nfs-utils/+merge/364923
<ahasenack> the description is large because it includes test instructions
<rbasak> ack
<ahasenack> thx!
<rbasak> Lunch is beeping
<rbasak> I'll come back to it.
<rbasak> What's this /run thing? Seems odd.
 * rbasak will look later
<jamespage> coreycb: I'm going to ping an email to ubuntu-release with current status - we have a few MIR's blocking proposed migration and at least one package in the NEW queue.
<jamespage> coreycb: is masakari-monitors in disco yet?
<coreycb> jamespage: no that's also still in the NEW queue
<coreycb> jamespage: thank you
<jamespage> coreycb: if masakari does not make it to main this cycle I'm not worried tbh
<jamespage> based on converstations with gnuoy I think we can describe that feature as 'preview' for general consumption
<coreycb> jamespage: agreed
<coreycb> jamespage: i believe i have them both seeded correctly but i'm going to double check that it's all in tact
<jamespage> coreycb: I think they are on the component mismatches report - we might want to drop them from the seed for now
<coreycb> jamespage: ok i can do that and add a note to re-add them early next release
<coreycb> well note to self
<coreycb> jamespage: looks like we're all caught up on RC1s etc
<jamespage> coreycb: yep!
<runelind_q_> hrm, I have Landscape On Prem installed on in an 18.04 container, and now all of a sudden it says it is unsupported.
<runelind_q_> LDS 19.01, that is.
<coreycb> jamespage: masakari seeds dropped
<cpaelzer__> ahasenack: I'm back did you get all the MP reviews you need?
<ahasenack> cpaelzer: I pinged rbasak about libnfsidmap
<ahasenack> cpaelzer: I mean, the other one
<ahasenack> nfs-utils
<ahasenack> and pushed libnfsidmap again to the right place, if you want to take another look, but I was going to upload
<cpaelzer> ahasenack: I already re-reviewed libnfsidmap
<cpaelzer> abotu 15 minutes ago
<cpaelzer> it is good to go
<ahasenack> k
<rbasak> ahasenack: SRU template? This is for DIsco right?
<ahasenack> rbasak: disco first, yes
<ahasenack> no sru template yet
<ahasenack> rbasak: have to find an easy way to test this
<ahasenack> for people to test it, I mean
<ahasenack> ah, wait
<ahasenack> I'm mixing both bugs
<ahasenack> rbasak: so yes, this one will get the sru template once it is in disco, and the testing instructions will be the same
<ahasenack> the other one (libnfsidmap) is more complicated to test with just one vm, and it won't work in containers, that's the one I have to think a bit more about testing instructions
<ahasenack> but cpaelzer approved that one already
<ahasenack> rbasak: ^
<rbasak> I'm only looking at nfs-utils I think?
<ahasenack> yes
<ahasenack> please, only that one :)
<rbasak> And only for Disco currently?
<rbasak> I'm not sure about breaking existing uses in an SRU
<rbasak> For Disco it's fine in this case IMHO
<rbasak> users
<ahasenack> it's for disco, but there should be an sru
<ahasenack> there is no way for people to pass options to rpc-svcgssd without this, the content from /etc/default/nfs-kernel-server won't be seen by the systemd service file
<rbasak> For an SRU I'm thinking perhaps accept either variable name but fail hrad if both are set and are different.
<ahasenack> both cannot be set, that's done in the wrapper script
<rbasak> The wrapper script could examine both and make a decision couldn't it?
<ahasenack> even if users change the var name in the default file, that won't be seen by the nfs-utils_env.sh script and will be ignored
<ahasenack> I mean that users who have fixed this locally, that fix was not about changing the var name in the default file
<ahasenack> it would have most likely been in the service file
<ahasenack> systemd service file
<ahasenack> that's what all the bugs were pointing out: "variable name in service file is wrong"
<rbasak> Let's talk about the SRU later
<ahasenack> did you see my update with cases (a), (b) and (c)?
<rbasak> As I'm not sure we're on the same page right now about the appropriate fix, but we can defer that conversation
<rbasak> Yes
<ahasenack> ok
<ahasenack> that var gets mangled twice :/
<ahasenack> RPCSVCGSSDOPTS -> RPCSVCGSSDARGS -> SVCGSSDARGS
<ahasenack> (default file -> wrapper -> systemd service file)
<rbasak> Do you know why the wrapper is even necessary?
<rbasak> The whole system seems insane to me.
<rbasak> And this bug demonstrates why
<rbasak> Not that this should preclude your fix of course.
<rbasak> But perhaps a Debian bug asking for an end to this might be appropriate
<ahasenack> rbasak: I don't know why the wrapper was introduced
<ahasenack>   * Add debian/nfs-utils_env.sh: Translate our /etc/default files into runtime
<ahasenack>     configuration for nfs-config.service.
<ahasenack> by pitti
<ahasenack> in 2016
<ahasenack> 2015, actually
<ahasenack> debian adopted it in 2016
<ahasenack> via pitti as well :)
 * rbasak is still looking at it
<rbasak> ahasenack: I don't follow why you're choosing to alter the wrapper and not the service definition
<rbasak> If you alter the service, then surely users who have local overrides are in the same position anyway?
<ahasenack> rbasak: the systemd service file comes from upstream, and the wrapper is ours
<rbasak> Oh, I see.
<ahasenack> I could have made that comment right after I said "the wrapper is the best place for the fix", sorry
<rbasak> I was trying to think of the possibilities in case Debian end up fixing the problem in a different way, combined with us taking on a delta, later dropping it, combined with the different way existing users might have worked around.
<rbasak> Too many possibilities; I gave up :-/
<ahasenack> yeah, this is the second time I try to fix this bug
<ahasenack> the first time I had also given up
<rbasak> I think I'd prefer an NMU to Debian to fix this bug there.
<rbasak> That would eliminate one set of possibilities caused by Debian implementing a different fix.
<rbasak> But we'd miss Disco then.
<rbasak> However, is that a big deal? We'd have to SRU Bionic; on top of that Disco doesn't seem so bad; it'd be the same patch and test case, right?
<ahasenack> I'm fine with waiting and seeing if debian will take it
<rbasak> Debian seems to be inactive on this package.
<ahasenack> want me to make a pr in salsa?
<rbasak> Multiple NMUs in so far.
<ahasenack> yeah
<ahasenack> oh, I see
<rbasak> I think it'll have to be another one.
<ahasenack> I hadn't checked that
<ahasenack> let me see if it's in salsa
<ahasenack> in ubuntu nfs isn't that much better
<ahasenack> lots of bugs filed, with no resposes
<ahasenack> responses*
<ahasenack> I see https://salsa.debian.org/debian/nfs-utils (last commit 3 months ago)
<ahasenack> and https://salsa.debian.org/kernel-team/nfs-utils (2 years ago for the last commit)
<rbasak> I suspect this fix won't qualify under the current buster freeze, but I'd have to check the rules.
<ahasenack> how about I add a NEWS bit, so apt listchanges will show it?
<ahasenack> that being said, normally you wouldn't need to add options to this service in particular
<ahasenack> what I wanted to add was -v, when debugging why it wasn't working
<rbasak> NEWS is a pain - it'll vanish on next sync!
<rbasak> There really is no good answer.
<ahasenack> hah
<rbasak> I'm proposing to await Debian (and/or drive in Debian with an NMU) to avoid extra complications
<ahasenack> waiting I think won't work
<rbasak> That is also a bad answer in that it delays a fix, including to Bionic.
<ahasenack> bug is old
<rbasak> Yeah
<rbasak> That was my thought.
<rbasak> Also a workaround is readily available.
<rbasak> I suggest a systemd override file in /etc, but perhaps that needs thinking about.
<ahasenack> and the changelog entry points at the bug, people can see what changed
<ahasenack> your suggestion for users without the fix?
<rbasak> Perhaps we could publish (in the bug) our recommended workaround, and make sure that a future fix won't break _that_ workaround.
<rbasak> (which means we should think about the workaround we choose to suggest)
<ahasenack> I can do option (b)
<ahasenack> export both varis
<ahasenack> vars*
<ahasenack> so people with overrides will also have it still work
<rbasak> But will that encourage more users to use a name that we will eventually break?
<ahasenack> the name in /etc/default/<file> isn't the issue
<ahasenack> the issue is that our wrapper exported the wrong name, it's like an internal ipc
<rbasak> Ah
<rbasak> Sorry. This is confusing :-/
<ahasenack> our wrapper, which connects /etc/default to the systemd service file, made a typo
<ahasenack> option (b) is to have the wrapper keep exporting the wrong name, to cope with users who have changed the systemd service file
<ahasenack> and export the correct name, for users who haven't done a thing
<rbasak> AFAICT that would work.
<rbasak> If Debian adopts that fix then great.
<ahasenack> and I can add a comment to the wrapper right where this is being done, explaining why
<rbasak> If Debian doesn't retain the old name export in the wrapper, then that breakage would have to happen on a future sync for us anyway.
<ahasenack> ok, so try (b), submit to salsa, wait a bit?
<rbasak> I think I'm also OK with an Ubuntu upload for (b)
<ahasenack> ok, let me prep that
<ahasenack> thanks for the review, you did great for your first time with this bub :)
<ahasenack> bug*
<ahasenack> ugh
<rbasak> As well as Salsa, please post the patch to the existing Debian bug, so it will have followed the long standing advance notice exactly for a future NMU
<rbasak> Thanks :)
<ahasenack> ok
<rbasak> https://release.debian.org/buster/freeze_policy.html
<rbasak> My reading of that is that a fix in Debian for this would be inappropriate for buster.
<ahasenack> it's full freeze now, right?
<ahasenack> rbasak: how about this: https://pastebin.ubuntu.com/p/2nf4gjr9y5/
<ahasenack> not committed yet, just looking for feedback on the message/text
<rbasak> ahasenack: the wording looks good.
<ahasenack> ok
<rbasak> ahasenack: I might amend s/changing/overriding/ and s/systemd service file/systemd service/ but that's up to you.
<ahasenack> sure
<rbasak> (to cover both changing /lib/systemd/system/... and the two override mechanisms in /etc)
<ahasenack> the former wouldn't break
<ahasenack> it's not a config file, we would just write the good one over it
<rbasak> Good point
<rbasak> I need to run, but consider this to be my +1
<ahasenack> rbasak: for ubuntu upload? AFter I file a salsa mp
<rbasak> Yes
<ahasenack> ok, thanks
<rbasak> But yeah, please do file the salsa MP and attach the patch to Debian BTS.
<ahasenack> yep
<rbasak> Sorry for being reluctant before. It's complicated :-/
<rbasak> But you convinced me it's OK.
<ahasenack> what? No
<ahasenack> it's great
<ahasenack> really
<ahasenack> I had that in place, in fact, in the first iteration of this MP :)
<ahasenack> I abandoned the idea because the systemd file in /lib would be overwritten, I hadn't thought about actual overrides in /etc
<ahasenack> so review++
<rbasak> The outcome is good. Peer review is good. I just felt like I was dragging my heels there. Turns out because I didn't fully understand the consequences.
#ubuntu-server 2019-03-23
<neyder> Hello, sobbing because of netplan on 18.04
<neyder> Re configuring all machines one by one
<blackflow> neyder: don't use it if you don't want to?
<blackflow> netplan is configuration _abstraction_ that uses a backend like systemd-networkd on servers. You can totally use networkd directly, or revert to ifupdown, and ignore netplan if that's what you want.
<aditya> hi how can I make my ubuntu-server to suspend automatically after being idle
<blackflow> you'll have to define "idle" first
<OerHeks> and your solution to wake up again.. https://help.ubuntu.com/community/WakeOnLan
<aditya> blackflow: I have changed the logind.conf and IdleAction=suspend and IdleActionSec=10min but still the server does not seem to be going into suspend mode automatically
<blackflow> aditya: you'll have to define "idle" first
<blackflow> logind concept of "idle" is no user interaction
<blackflow> not really a server role
<aditya> blackflow: where do I define "Idle"
<blackflow> in your use case. what exactly do you want to achieve, what's the set of circumstances that should put the server to sleep.
<blackflow> is it "no key pressed for 10 minutes", or "no mouse moved for 10 minutes" or "no http request for 10 minutes" or what
<aditya> well I have plex, deluge and file server running so when all are not getting used it means its idle
<aditya> and since its a headless server there is no keyboard or mouse attached to the server
<aditya> so basically it would be like no http request or any no ssh session active would mean its idle
<OerHeks> those 2 settings work, only when there is NO opened user session.
<blackflow> you'll have to script something manually that monitors and detects 10+ minutes passed since last http request or session and then triggers sleep mode.
<blackflow> OerHeks: I thought it was the other way around, logind really being effective for (login) user sessions
<blackflow> I mean, the sessions need to report "idle" and that's all about local user interactivity.
<aditya> Ok so my settings in logind would only work if no user is logged in to the system
<OerHeks> i think you need to tweak plex to hibernate
<aditya> and then I have to write a bash script to check if there is no requests for plex or deluge and also check if there is no file server sessions
<OerHeks> DNLA service enabled?
<neyder> Aditya why in this world you would like to suspend a headless media server? Just wanna know
<neyder> Oh Aditya is gone
<neyder> That will replace the whale in my nightmares
<neyder> blackflow yeah, I completely forgotten netplan implementation, so edited /etc/network/interfaces and all campus' PC went off network, I take all day to get remote control again, one by one
 * neyder What a happy Saturday
