#ubuntu-server 2006-01-31
<ubijtsa> grrrrr
<ubijtsa> came in this morning to an almost dead box...
<ubijtsa> gam_server had eaten 2.6GB of RAM
<ubijtsa> of which nearly 900M was resident...
<ubijtsa> what on earth in Kubuntu requires that $%*@)# piece of code??
<maswan> what's gam_server?
<maswan> "File and directory monitoring system". hmm.
<maswan> ah
<maswan> one of those evil depends to almost everything. :/
<maswan> kind of like pmount, which we have no interest at all in having on our servers, but is required if you want any gnomey packages installed
<ubijtsa> yeah
<ubijtsa> pmount is useful on a desktop
<ubijtsa> on a server, not so
* ubijtsa requires coffee before attacking a) presentation creation, b) mod_perl apache2 config and c) test automation
<maswan> I just found a neat "solution" to a), latex-beamer. thanks goes to debian-science. :)
<maswan> We noticed pmount due to the recent usa
<maswan> ehm. USN
<ubijtsa> :)
* ajmitch had a fun 4-hour selinux tutorial today, that would be preferable to have on a server than pmount :)
<E0x> hello
<E0x> squidguarn o dansguard ?
<allee> Hi, a Sun X4100 server (and laptop) 'hang' for serveral minutes in * Hardware detection and activation' in the early boot sequence.  Any hint to get a bit more information than just [failed] 
<allee> ... and who set /dev/null to mode 660?  Pretty new problem ;)
<allee> this is with uptodate dapper
<fabbione> allee: try to be sure that udev is updated and that your initramfs is updated
<allee> fabbione: udev is uptodate: 079-0ubuntu3,  and initrd.img-2.6.15-14-amd64-k8 has date of installation
<fabbione> allee: run an update-initramfs with proper parameters
<allee> fabbione: fyi: installation went without problem. But reboot failed: I had to add disk and ethernet drivers to /etc/initramfs/modules and rebuild from th
<fabbione> yes there is something broken with the latest udev
<allee> fabbione: okay ...
<allee> fabbione: installation was last thursday.  Today the first upgrade.  The delay during boot is not new, at least a week old.  Only /dev/null 660 is new
<allee> fabbione: same with updated initramfs. I installed kubuntu-desktop (hide) which explains the diff http://rafb.net/paste/results/LG9w2589.html
#ubuntu-server 2006-02-01
<Xoritor> wow
<Xoritor> thats all i have to say
<Xoritor> wow
<ubijtsa> Xoritor: about what...
<E0x> morning
<spike> 'morning E0x
<E0x> squid or dansguard what is better choose ?
<E0x> err squidguard*
<spike> how is packages inclusion regulated?
<spike> I was wondering why we should get alsa stuff by default, doesnt sound really useful on a server
<E0x> true
<spike> ehehe /me realizes know the "fun" of alsa-packages not 'sounding' useful
<spike> :P
<spike> also, I do understand you could use dapper-server to install a wifi hotspot, but what's the point of wireless-tools too?
<spike> we should either include more stuff, and that's not possible, or just including wireless-tools pkg isnt that useful imho
<spike> and uhm, pcmciautils too, what's the point?
<spike> then, since the installation process offers a lvm partitioning options, and lvm2 tools are included, why also including evms ones?
<spike> if you prefer evms you can install it afterwards and redo ur config
* spike yet hasnt got the point is this stuff should be directed to -devel ML or not
<spike> last for now: why do we get mdadm up and running even if no raid has been created?
<spike> I see the dependences makes it impossible to remove the pkg, and that's ok, but at least, if at install time no raid has been created, mdadm should be run @ boot
<lamont-away> spike: anything with a PCI bus can have PCMCIA.  not necessarily common on a server, but I expect that it does exist.
<spike> lamont-away: I c. what about wireless, alsa and evms packages?
<lamont-away> one reason I might add pcmcia to a server would be to plug in a wireless card, generally just for connectivity, or to act as the AP
<lamont-away> ISTR alsa gets involved in some winmodem support, which might be useful (I can think of one machine that, if it had a winmodem, I'd want that on..)
<lamont-away> as for default install, it might not hurt to not have it there.
<spike> keep in mind here I'm talking of default install here
<spike> ok, that's what I meant
<spike> all of them of course can make sense on a server too, but not as default imho
<lamont-away> ubuntu-standard is driven more by "if you show up at a random machine, what do you expect to be there" than it is by just ubuntu-server...  not sure which meta package is sucking in these parts, but if it's ubuntu-standard, then it probably wants to stay
<morrow> pcmcia could also be usefull fuer some smartcard readers...
<morrow> but i think this is already to specialized on a default install
<spike> exactly
<spike> *default* is the key here
<spike> have you seen this? http://hands.com/d-i/
<spike> any chance to get it into ubuntu? also,it sounds nice for the NetworkBoot project too
<troy> good evening folks
#ubuntu-server 2006-02-02
* netjoined: irc.freenode.net -> brown.freenode.net
<ubijtsa2> fabbione: you are in denmark? :)
<fabbione> ubijtsa: i live in denmakr yes
<fabbione> denmark even
* ubijtsa2 thought fabbione lived in italy...
<ubijtsa2> dunno why I had that impression... :)
<fabbione> common misconceptio, but i am italian
<ubijtsa2> do they have problems pronouncing your name in .dk ?
<fabbione> usually no
* ubijtsa2 finds that even after ten years, people still can't get my name right here in .uk
<fabbione> i am in London as we speak
<ubijtsa2> fabbione: not far from here then..
<fabbione> dunno where "here" is :)
<ubijtsa2> I live in Farnborough, so less than 50 miles away from you.
<ubijtsa2> wsw out of London on the M3 motorway :)
<Xoritor> anyone here setup dovecot?
<ubijtsa2> Xoritor: to do what?
<Xoritor> imap and imaps
* ubijtsa2 might have but won't fully admit it until he knows more about the question
<Xoritor> auth from pam
<Xoritor> heh
<ubijtsa2> yes, I think that is the default, is it not? :)
<Xoritor> im having issues authenticating with the default config
<Xoritor> i have not really changed anything
<ubijtsa2> well, the user has to exist... :)
<ubijtsa2> then it is just username/passwd, same as for console login, to get to your imap account
<Xoritor> yep
<Xoritor> my user does exist
<Xoritor> and i am using the same info
<ubijtsa2> then it should work.
<ubijtsa2> hmm
<Xoritor> protocols = imap imaps
<ubijtsa2> yep
<Xoritor> i only changed that to be the default
<Xoritor> it was empty
<ubijtsa2> ssl_disable = no
<ubijtsa2> ssl_cert_file = /etc/ssl/certs/dovecot.pem
<ubijtsa2> ssl_key_file = /etc/ssl/private/dovecot.pem
<ubijtsa2> ssl_parameters_file = /var/run/dovecot/ssl-parameters.dat
<ubijtsa2> ssl_parameters_regenerate = 24
<Xoritor> those are all commented out
<ubijtsa2> if you want imaps you'll need to enable them, and create the cert
<ubijtsa2> selfsigned is good
<Xoritor> yea i did that on my other machines
<Xoritor> they were not ubuntu though
<ubijtsa2> maildir_copy_with_hardlinks = yes
<ubijtsa2> (not strictly needed, but faster)
<ubijtsa2> auth = default
<ubijtsa2> auth_mechanisms = plain
<ubijtsa2> auth_userdb = passwd
<ubijtsa2> auth_passdb = pam
<ubijtsa2> that should be it
<ubijtsa2> it's what I use and it works (well, I use the dotfile pam module as well, but that makes no difference)
<Xoritor> i dont have auth_passdb
<Xoritor> or auth_userdb
<Xoritor> auth default {
<Xoritor> just saw a link to a wiki
<Xoritor> http://wiki.dovecot.org/Authentication
<ubijtsa2> what version of dovecot do you have?
<ubijtsa2> I have 0.99.14-1ubuntu1
<Xoritor> odd it says my version is <none>
<ubijtsa2> dpkg -l | grep dovecot
<ubijtsa2> :)
<Xoritor> ii  dovecot-imapd                                    1.0.alpha5-1
<Xoritor> aah i upped to dapper
<Xoritor> i forgot
<Xoritor> dang
<Xoritor> thats prolly why
<Xoritor> its a home "test" server
<Xoritor> ok, never mind ill hack on it a bit
<Xoritor> thx
<ubijtsa2> np
<Xoritor> im not saying i dont want your help, just that i dont want to bother you for me running dapper
<ubijtsa2> well, an alpha package might well be unstable
<ubijtsa2> I'll bite the bullet on dapper in late april
<ubijtsa2> this box will get upgraded then
<Xoritor> yea
<Xoritor> heh
<Xoritor> i wanted to play with prelude .9x
<ubijtsa2> no idea what that is
<Xoritor> intrusion detection framework
<ubijtsa2> like AIDE and tripwire then
<Xoritor> uses other things like snort, samhain, etc... as "plugins"
<Xoritor> and has ssl etc... so integrate lots of systems together
<Xoritor> and a central place to monitor all of them
<ubijtsa2> okay.. sounds useful
<Xoritor> pretty freakin cool actually
<ubijtsa2> I installed ntop
<ubijtsa2> useful tool as well
<Xoritor> ntop is ok, good to dissect whats going where
<Xoritor> so is ettercap ;-)
<Xoritor> heh
<ubijtsa2> *grin*
<Xoritor> one of the things i like about prelude is that pretty much anything could be a "plugin"
<Xoritor> and its all distributed
<Xoritor> then i get to monitor from one place
<ubijtsa2> that's handy
<Xoritor> that to me is awesome... now top it all off that all comms between nodes are ssl enc
<Xoritor> and only "authorized" nodes are allowed
<ubijtsa2> nessus does that as well iirc
* ubijtsa2 goes to grab a tea and check gmail
<Xoritor> for nessus yes, but not for logs ;-)
<Xoritor> no more sending logs to a remote machine over un encrypted udp
<Xoritor> prelude-lml runs on the node and sends the logs encrypted to the monitor
<Xoritor> i am hoping to intgrate "alerts" into nagios
<Xoritor> and setup some response scripts maybe to auto firewall malicious ssh attempts
<Xoritor> ie... same ip logging in with users that dont exist
<Xoritor> over and over
<Xoritor> you can do stuff like that... since it uses snort, log monitoring, etc... all in one framework
<Xoritor> and you can do it distributed... so if someones trying to break into one system by brute force you can have all of the other systems auto-firewall them out
<Xoritor> and after a time clear that iptables entry
<ubijtsa2> sounds very good, this will be in nubuntu I gather
<Xoritor> yea
<Xoritor> no
<Xoritor> no
<Xoritor> im doing it in regular ubuntu
<Xoritor> thats why i installed dapper
<Xoritor> heh
<Xoritor> has the needed version of prelude
<ubijtsa2> I ment that this tool will be part of nUbuntu default install :)
<Xoritor> not that i am aware of
<Xoritor> i looked there, but didnt see it
<chillywilly> ello
<Xoritor> hello
<chillywilly> prelude sounds interesting
<chillywilly> heh, seems like everyone is using trac
<Xoritor> heh
<Xoritor> true
* spike is using trac ;)
<spike> Xoritor: ever played with sguil?
<Xoritor> no i have not
<Xoritor> looks like my issue with dovecot is a missing pam lib
<Xoritor> can someone tell me what package provides this file?   /lib/security/pam_foreground.so
<ubijtsa2> dpkg -S (or -s) will tell you
<Xoritor> its not installed
<Xoritor> i need to install it
<ubijtsa2> or apt-cache search perhaps?
<ubijtsa2> i don't think I have that file
<Xoritor> nope
<spike> packages.ubuntu.com?
<spike> or apt-file
<Xoritor> good idea
<spike> anyway, away to fetch a drink, brb
<Xoritor> got it
<MarioMeyer> :P
<Kuyaedz> anyone want to take a shot at my 'vhcs migration killed smtp' issue?
#ubuntu-server 2006-02-03
<bwana> that's odd
<bwana> i can't get to http://www.ubuntu.com/
<bwana> anyone else having problems
<spike> can anybody help me with a serial connection to a cisco pix?
<spike> Ive tried with minicom, using /dev/ttyS0, got permissions on it for my user, baudrate set to 9600, 8N1, blanked init and reset strings
<ivoks> ok
<spike> I get this /dev/ttyS0, UART: 16550A, Port: 0x03f8, IRQ: 4 from setserial -g /dev/ttyS0
<spike> I've checked the bios and serial support is on (had it on Disabled before)
<spike> using the standard light blue cisco cable
<ivoks> i don't know about cisco pix
<ivoks> i tought you need help with ubuntu :)
<spike> well, I'm connecting from an ubuntu box :P
<spike> #cisco definitely has prob with attitude the few times someone speaks in there :/
<ivoks> well, what did you expect from company that puts Cisco/Cisco as default username and password :)
<ivoks> egotrip :)
<spike> there's nothing wrong at all with that
<ivoks> it's not cisco/cisco :)
<ivoks> but with capital C :)
#ubuntu-server 2006-02-04
<ubijtsa> *yawn*
<lapo> hi there
<lapo> I tryed installing dapper on amd64 using the iso at http://tinyurl.com/cllfu, my installation is on raid1+lvm, with the same setup hoary actually booted, with dapper grub gave me an unrecognized partition error for /dev/mapper/vg0-root
<lapo> that volume is actually reiserfs formatted, isn't reiserfs in the dapper initrd?
#ubuntu-server 2006-02-05
<gpd> is there a way to specify 'server' to an already installed system?
<MarioMeyer> hummm.. remove all packages under ubuntu-desktop ?
<gpd> that is what I figured - just wondered if there was a more stable way ---
<gpd> aptitude gets a little over excited sometimes!
<MarioMeyer> i know.. :P
<gpd> also - is there a bootstrap for ubuntu-server or a UML image anywhere?
<MarioMeyer> that i dunno
<gpd> so the ubuntu-server-5.10.isos differ from the desktop cousins only in the package selection - correct?
<gpd> http://ubuntuforums.org/archive/index.php/t-16345.html <-- will try this instead
<hunger> Keybuk: I think my USB HD has one... shall I test something?
<lapo> the initramfs after install dapper doesn't contains mpt* (fusion mpt chipset) scsi drivers (quite common on dell server hw), is it a known bug?
<tepsipakki> lapo: yes it is, don't know why it's still unfixed
<lapo> tepsipakki, I checked upstream and seems that this bug is fixed in newer version of initramfs-tools (0.41 *should* work)
<tepsipakki> ok, that's good to hear
<lapo> I'm using an lvm on (sw)raid1 setup and everything works fine (well, almost see missing mpt drivers in initramfs), but I get an error installing lilo during the install (I think it is related to liloconfig which doesn't handle raid1 setup)
<lapo> since there's a patch for grub to make it read its stage2 from lvm, any chance to have it in?
<Nafallo> those are probably better asked in #ubuntu-boot :-)
<spike> #ubuntu-boot? O_o
<spike> guess the number of registered chans on freenode doubled since ubuntu project started :P
<lapo> uhm? there's even an #ubuntu-boot channel?! :-)
<Nafallo> :-)
<morrow> is there a good howto for ubuntu and preseeding?
<tepsipakki> morrow: the installation-guide has some info
<morrow> tepsipakki: thx
<ubijtsa> hmmm.. nmap 4.00 released...
<spike> yup :)
<spike> the new features list is endless :P
<spike> I couldnt read it all, eheh
<spike> ubijtsa: btw, hello dude :)
<ubijtsa> lo spike  :)
* ubijtsa spotted the QA Engineer role that came available at Canonical as well
<spike> ubijtsa: check this out ;) http://edge.channel4.com/theitcrowd/episode1_c4web.wmv
<spike> ubijtsa: starting next friday apparently ehehe
<ubijtsa> heh
* ubijtsa is offski to bedski nowski
<spike> too much UF? ;)
<ubijtsa> nn .+
<ubijtsa> nah, 1 yo kid with faaar to much energy
<morrow> hmm is there a meta package for U.S.?
<lionelp> morrow: in Dapper ?
<morrow> yep
<lionelp> nope
#ubuntu-server 2007-01-29
<poningru> for the installer is there a feature to not attempt to install a certain module?
<okaratas> i writing ubuntu server guide for turkish translations
<okaratas> http://www.ozgurkaratas.com/doc/Ubuntu_Sunucu_Rehberi.pdf
<J_P> hi all
<[miles] > afternoon J_P 
<J_P> I install ubuntu, but I would like change the locales, how i do ? For I see locale setup I press "locale" and I see the I don't wnat that locales...
<J_P> I don't have grafica interface, how I do for change that ?
<[miles] > keys etc?
<J_P> [miles] : not, supported lnaguage...
<J_P> I would like UTF-8, but are setup PT_BR
<J_P> I try locale-gen but taht not change nothing
<[miles] > portuges / brazil
<[miles] > ?
<J_P> yes
<[miles] > mmmm
<[miles] > shite, can't remember how you do it
<J_P> :-(
<[miles] > /etc/locale ?
<[miles] > locale.alias
<[miles] > ?
<J_P> humm
<J_P> nothing :-(
<[miles] > wiki?
<J_P> what 
<J_P> ?
<J_P> waht wiki ?
<[miles] > J_P, sorry, I mean the Ubuntu wiki
<[miles] > https://help.ubuntu.com/community/LocaleConf
<[miles] > sudo dpkg-reconfigure localeconf
<J_P> ok :-)
<[miles] > hope that helps
<trandism> does anyone here manage to setup a distributed file-system using Ubuntu servers & clients other than the openAFS - Kerberos combo? Any pointing to directions (links, experiences etc.) would be greatly appreciated, thanks in advance
<mdke> hi there. I'm not sure how many of you guys moderate/follow/read the ubuntu-server mailing list, so I wanted to ask you about https://bugs.launchpad.net/ubuntu/+source/ubuntu-docs/+bug/45944
<mdke> if interested, perhaps the best thing is to reply to the bug report
<mdke> thanks for reading :)
#ubuntu-server 2007-01-30
<gubluntu> how do i get tcpdump to produce less output
<gubluntu> like hiding duplicates
<gubluntu> or rather... whats the best way to watch incoming and outgoing connections
<[miles] > gubluntu, thats not really a ubuntu-server specific question is it?
<[miles] > and I recommend you man tcpdump
<gubluntu> i have
<gubluntu> figured i might ask someones opinion for what they use
<gubluntu> is that not an appropriate question?
<gubluntu> i.e. iptraf, snort etc..
<[miles] > ok well if you've hit the manual..
<[miles] > when you say less output
<[miles] > what exactly do you want to filter out?
<[miles] > also, have you created a specific filter etc yet... look also at WireShark if you have'nt yet
<gubluntu> does wireshark have console only?
<gubluntu> ive seen it for windows with a gui... 
* gubluntu grimaces
<gubluntu> ooh! manpages
<gubluntu> tcpdump 'tcp[tcpflags]  & (tcp-syn|tcp-fin) != 0 and not src and dst net localnet'
<gubluntu> sry..
<[miles] > lol
<[miles] > you can load your tcpdump file into WireShark
<[miles] > the GUI (And it's not just windows either)
<gubluntu> nonono gui!
<gubluntu> :-P
<gubluntu> brb
<[miles] > it was previously known as Ethereal
<[miles] > and it's a shit hot product
<mralphabet> shit hot? . . . is that good or bad
<[miles] > thats good
<[miles] > like, doggies bollocks
<mralphabet> are you british?
<mralphabet> scottish?
<[miles] > no, soy espaol
* mralphabet thinks of others that use the word bollocks
<[miles] > nah, I'm British, but lived in spain for years
<gubluntu> merda claiente?
<gubluntu> caliente (sp?)
<[miles] > mierda
<[miles] > not merda
<gubluntu> ah.
<[miles] > gubluntu, which country are you from?
<gubluntu> us
<gubluntu> in nyc
<[miles] > ah ok
<[miles] > a doddle dandy eh
<[miles] > ;)
<gubluntu> lol
<[miles] > joder
<[miles] > it's a complete shite writing LDAP schema's
* gubluntu is a noob
<[miles] > I'll be glad when I eventually get it finished :-|
<gubluntu> what do i use for localnet?
<gubluntu> in tcpdump 'tcp[tcpflags]  & (tcp-syn|tcp-fin) != 0 and not src and dst net localnet'
<[miles] > having to order a OID from IANA
<[miles] > localnet?
<[miles] > you mean localhost?
<gubluntu> man pages say: tcpdump 'tcp[tcpflags]  & (tcp-syn|tcp-fin) != 0 and not src and dst net _localnet_'
<mralphabet> local net as in local subnet
<mralphabet> perhaps
<gubluntu> how do i calc local subnet?
<[miles] > ah ok
<[miles] > from your IP and mask
<coNP> I guess Ubuntu default install creates an entry in /etc/networks
<coNP> as localnet
<[miles] > whats your IP and network mask
<[miles] > ifconfig
<[miles] > then you can work out the CID
<[miles] > like 192.168.1.0/24
<gubluntu> http://www.subnetonline.com/subcalc/subnet1.html
<gubluntu> destination address?
<[miles] > sorry?
<gubluntu> im trying to use the subnet calculator
<gubluntu> but its asking for destination address
<[miles] > bah
<[miles] > why?
<[miles] > just work it out
<[miles] > you know binary?
<gubluntu> goodpoint
<[miles] > like the /24 means 255.255.255.0
<[miles] > aka
<gubluntu> mask here is 255.255.255.224
<[miles] > 11111111 11111111 11111111 00000000
<[miles] > 24 bits set
<[miles] > from left to right
<[miles] > it's easy peasy
<[miles] > lemon squeezy
<gubluntu> so if my ip was 1.2.3.4 with a mask of 255.255.255.224
<gubluntu> my subnet is 1.2.3.0/24?
<[miles] > no
<[miles] > I just explained it to you
* gubluntu frowns
<[miles] > look:
<[miles] > like the /24 means 255.255.255.0
<[miles] > so
<[miles] > 192.168.1.0/24 has a netmask of 255.255.255.0
<[miles] > thats CIDR format
<[miles] > 192.168.1.0/25 = 255.255.255.128
<[miles] > netmask
<[miles] > 11111111 11111111 11111111 00000000 = 255.255.255.0
<[miles] > 11111111 11111111 11111111 10000000 = 255.255.255.128
<gubluntu> ah
<gubluntu> 255.255.255.224 = 27  11111111.11111111.11111111.111 00000
<[miles] > 11111111 11111111 11111111 11000000 = 255.255.255.192
<[miles] > the /nn = number of bits set to 1 from left to right
<[miles] > so /32 = 11111111 11111111 11111111 11111111
<[miles] > aka, every bit
<[miles] > and /1 = 10000000 00000000 00000000 00000000
<[miles] > now you understand?
<gubluntu> yup
<gubluntu> thank you
<gubluntu> 192.168.1.0/27 did it right
<[miles] > you tell me :P
<[miles] > right, I'm bored of binary now
<[miles] > time to fuck off home
<[miles] > ciao tio
<[miles] > good luck!
<gubluntu> anyone have an idea for the hardware specs for a ubuntu mail server running Postfix/Courier/MySQL/Amavisd-new/SpamAssassin/ClamAV/SASL/TLS/Horde for about 25-30 users
<gubluntu> like min proc speed ram etc...
<coNP> gubluntu: what availabiltiy is needed?
<coNP> :)
<gubluntu> how so?
<coNP> I think 25-30 users are not very much, so you can use an "ordinary desktop machine" to provide these services.
<gubluntu> yea?
<gubluntu> like a 2.8 dual core pent D with 2gb ram and crap load of space?
<coNP> how many emails / user (a day, or an hour)?
<gubluntu> hrmmm
<gubluntu> 100 emails an hour?
<gubluntu> including a lot of spam which i hope to reduce drastically being that i have NO spam protection right now on ym netbsd sun board running eixm
<mralphabet> uhhh . . . a 486 would work
<coNP> okay, I guess spam filtering is the most processor intensitve
<coNP> I guess a PII-PIII is okay
<coNP> but sure, a 486 should also do it
<mralphabet> anything built in the last 5 years would be fabulous
<coNP> sure
<gubluntu> is it safe to put webamil (horde) on the same server?
<coNP> I think yes
<gubluntu> what do you guys use for mailservers?
<gubluntu> ubuntu?
<mralphabet> gmail
<mralphabet> ;)
<gubluntu> lol
<mralphabet> gmail for domains!
<coNP> ubuntu
<coNP> exim4
<coNP> dovecot
<coNP> there are some answers :)
<coNP> these are my choices by now
<gubluntu> exim is where it at isnt it
<gubluntu> very configurable
<coNP> sorry, gubluntu ?
<gubluntu> but too much for me to learn right now i think
<gubluntu> what server dist should i use?
<gubluntu> version rather?
<coNP> gubluntu: depends on... :)
<gubluntu> ...
<gubluntu> out of all the ppl around me.. im gonna go ahead with the opinion of the person sitting in the ubuntu-server channel
<gubluntu> what r my choices?
<coNP> dapper
<coNP> edgy
<gubluntu> dapper or edgy
<coNP> I guess, if Ubuntu
<coNP> I would say Dapper for now
<gubluntu> so dapper has longer support?
<gubluntu> is that the deal?
<coNP> that is
<gubluntu> exit
#ubuntu-server 2007-02-01
<bazodee> hello
<genii> Anyone doing netboot installs?
<genii> Anyone using preseed files for anything?
* genii sips a coffee and contemplates his headless netbooting cluster of machines which can't seem to be passed something simple like a default username to add in a preseed file
<genii> Anyone using preseed files for anything?
#ubuntu-server 2007-02-02
<erchache> hi
<erchache> i see employment offer for server product manager
<erchache> i think i have all requirements
<[miles] > where?
<erchache> http://www.ubuntu.com/employment#head-7dcfab057486dd96ffe2c34442ff11f2d0253e95
<ryanakca> where can I get a .img (or some other form of image) for a boot floppy to boot the server install cd?
* ryanakca 's CD drive is too old to take CD-RW I guess.... it doesn't boot from it... (and yes, I have the BIOS set up properly, and yes, I have MD5SUM'ed the ISO and the burned CD, they match... it was burned at 2x... and it boots on this comp...)
#ubuntu-server 2007-02-03
<Tido`> ugh, when installing ubuntu-server, I got to the point where it said 'pick which software to install' giving me the options of a DNS server and a LAMP server.  I selected LAMP and pressed enter.  Only afterwards did I realize it probably wanted me to select them using a different button and then press enter
<Tido`> I didn't have an option to go back, and sure enough lamp isn't installed
<Tido`> do I need to reinstall or is there a simple package that will install lamp?
<Triumph|TK> hello, anyone here?
<Triumph|TK> can anyone help me with a pretty simple problem im having, i cant figure out how to add users and set their home directories
<coNP> Triumph|TK: you can add users with the 'adduser'  command
<Triumph|TK> yes i know that much but can't figure out how to set their home directory
<coNP> if you add a --home <homedir> parameter, then the home directory is set to <homedir>
<coNP> sorry I start to type slowly :)
<Triumph|TK> ooh see at that part in the help it said
<Triumph|TK> like
<Triumph|TK> -d, --home <homedir>
<coNP> yes
<Triumph|TK> so i was putting -d
<Triumph|TK> hmm ok im gunna try it now
<Triumph|TK> conp i have to ask u another noob question
<coNP> just ask :)
<Triumph|TK> i created a folder in my f2p and i cant find it :(
<Triumph|TK> hwo do i like list the files on my system thru ssh
<Triumph|TK> omg i typed f2p i meant ftp
<coNP> login and find the folder
<coNP> do you know its name?
<Triumph|TK> yes its called ftp
<Triumph|TK> but i don't know the path to it
<Triumph|TK> i made it in the home directory of my main user but im not sure where that is
<Triumph|TK> ooh i found it
<coNP> actually you can find files with the "find" command
<Triumph|TK> ya i try that, comes up with nothin
<Triumph|TK> i found the folder tho it was /home/user/
<Triumph|TK> how do u backup in directories i thot it was cd.
<Triumph|TK> cd..
<Triumph|TK> nvm its cd ..
<Triumph|TK> answering alot of my own questions lol
<Triumph|TK> last question do i need to restart ftp server after creating users?
<coNP> I don't really know
<coNP> probably not
<Triumph|TK> by any chance do u know how to restrict a user from ssh but only allow ftp access?
<coNP> I guess you should set its shell to /bin/false
<Triumph|TK> sigh, ok so ive set up a home directory for the user but the user doesn't have any permissions in it
<Triumph|TK> and i can't find anywhere where to change permissions for write / read
<Triumph|TK> conp ur my only hope
<coNP> sorry, a bit later
<coNP> you can use "chmod"
<coNP> or "chown", it is not even owned by the user
<Triumph|TK> tytytyty
<coNP> :)
<Triumph|TK> god damnit
<Triumph|TK> lol
<Triumph|TK> i cannot figure out how to give another user permissions to a directory
<Triumph|TK> even with chmod
<coNP> chown
<coNP> and chgrp
<Triumph|TK> but only 1 user can have ownership to a directory at a time i guess
<coNP> sure
<coNP> and a group
<Triumph|TK> ooh so the idea is
<Triumph|TK> add a bunch of users toa group
<Triumph|TK> and give the group ownership
#ubuntu-server 2007-02-04
<Triumph|TK> dude
<Triumph|TK> i cannot figure this shit out for the life of me
<Triumph|TK> wow
<Triumph|TK> its been like 4 hours
<mralphabet> Triumph|TK: try #ubuntu, this isn't really the "help" channel
<Triumph|TK> i treid there, they said come here
<Triumph|TK> but its all good i figured my shit out
#ubuntu-server 2008-01-28
<MatBoy> faulkes-, but the project is great :)
<pteague> anybody know which package i need for the jeos kernel headers?
<ScottK> Your odds of getting a good answer go way up after the European business day has started.
<Enty|work> Hello
<Enty|work> Why is it that JFS is considerably slower when I'm entering a directory than ReiserFS?
<antdedyet> pteague: "apt-get install linux-headers-`uname -r`" doesn't get what's needed?
<AnRkey> where are the runlevel scripts for ubuntu?
<AnRkey> i want to run a command just before the server halts
<AnRkey> and another for when it's fully booted
<_ruben> AnRkey: /etc/event.d/
<AnRkey> thanks
<AnRkey> will this work for bootup? ln -s /root/scripts/beepstartup /etc/rc2.d/S98beepstartup
<_ruben> guess so
<AnRkey> gonna play with it 2night when i can reboot the server
<AnRkey> thanks _ruben, much appreciated
<kraut> moin
<_ruben> moan
<nocturn> Hi guys
<nocturn> I have an ldap server on Ubuntu
<nocturn> I user libnss-ldap, but it fails to resolve users unless I'm root
<nocturn> can anyone help me?
<soren> mok0: Hi. Could you send me the exact commands you use to invoke kvm?
<Gargoyle> Greetings freenoders
<faulkes-> yes, I suppose for some of us it is morning
<faulkes-> personally, I blame the universe
<fishor> question for everyone: smb.conf with defaul settings allow  guest users, is it security issue or option. If it should be, why we do not redirect wrong user to guest by default? Just with  "map to gust = Bad User"
<faulkes-> it depends on the environment in which you intend to integrate samba
<fishor> desktop
<fishor> do ubuntu have different smb.confs for desktop and server ?
<faulkes-> while this is not ubuntu or samba policy that I know of, I generally take the typical firewall stance
<faulkes-> deny everything, allow by exception
<fishor> so defaul settings is buggy in both situations
<faulkes-> no, the above is only my opinion
<fishor> ok.
<fishor> this is realy secure openion ;)
<faulkes-> but there are situations where it may be better suited to have guest access allowed by default
<faulkes-> such as say, a small business without full-time it support
<faulkes-> package configuration will not replace active administration
<fishor> this question is actualy more about samba <> win xp issue. Defaul ubuntu share will allow guest and deny wron user.  Gnome Nautilus-smbbrowser will try to sign in with $user and this will fail, so after this it will take second try and login with guest. WinXp will try only login with $user
<fishor> so lot of users have truble to share some thing with win xp users
<fishor> and at the same time there is gust actually open. so why we do not provide "map to gust" by default ?
<fishor> s/gust/guest/
<ivoks> omg
<ivoks> that's it. sophos sucks big time :(
<soren> ivoks: sophos?
<ivoks> right, anti-virus software
<ivoks> acctually, anti-virus wannabe software :)
<soren> Ah.
<ivoks> bat. low
<ivoks> time to go off
<spiekey> hello!
<spiekey> i am using vmware 1.0.4 server on my ubuntu box.
<spiekey> as soon as i add ldap to /etc/nsswitch.conf my vmware behaves strange.
<spiekey> i need to click "start virtual machine", wait until i get an error, and then start it again. Then it works.
<spiekey> any idea where i could start debugging? the syslog show no errors
<fishor> spiekey: probybly this can be vm-host issue
<fishor> try qemu or kvm
<fishor> at first if it guest problem you need enable virtal tty to debug it online
<AnRkey> when i boot my server I get a message about my root file system having errors, a check runs and then it fails to pass the check
<AnRkey> how do i run fsck manually
<AnRkey> how do i boot into single user mode?
<spiekey> where can i get a hardy iso image? Can you download it yet?
<AnRkey> spiekey, #ubuntu+1
<spiekey> huh?
<AnRkey> spiekey, /join #ubuntu+1
<AnRkey> thats the chat room for ubuntu hardy or 8.04
<AnRkey> also try cdimages.ubuntu.com
<AnRkey> http://cdimages.ubuntu.com/daily/current/
<spiekey> thx!!
<AnRkey> np
<_ruben> AnRkey: when it fails, doesnt it offer you a single user prompt right away?
<faulkes-> when you reboot, boot into recovery mode
<AnRkey> _ruben, no
<AnRkey> faulkes-, tried that
<AnRkey> it hangs after
<AnRkey> after the scan that it runs
<AnRkey> regardless of single user mode or not
<AnRkey> it's a software raid setup
<AnRkey> i gotta run
<AnRkey> bbl
<AnRkey> thanks anyhoo
<soren> mok0: Around?
<mok0> soren: yep
<mok0> wassup?
<soren> 12:31:29 < soren> mok0: Hi. Could you send me the exact commands you use to invoke kvm?
<nxvl_work> soren: did you are/go on/to the sprint?
<mok0> soren: hang on...
<soren> nxvl_work: Yes, all of last week.
<nxvl_work> soren: oh, so it's over, how was it?
<nxvl_work> soren: tons of work?
<mok0> soren, kvm -k da -m 1024 -net nic -net tap -smp 4 -daemonize -nographic /home/octo1_jeos.raw
<soren> nxvl_work: Pretty much :)
<nxvl_work> did you have some photos?
<soren> mok0: Hehe..
<soren> mok0: I know why you're having problems.
<mok0> soren: :-)
 * mok0 awaits with suspense the explanation
<soren> mok0: kvm -k da -m 1024 -net nic,macaddr=08:12:34:56:78:01  -net tap -smp 4 -daemonize -nographic /home/octo1_jeos.raw
<soren> mok0: And on the next one:
<soren> mok0: kvm -k da -m 1024 -net nic,macaddr=08:12:34:56:78:02  -net tap -smp 4 -daemonize -nographic /home/octo1_jeos.raw
<soren> etc..
<soren> They both had the same mac.
<mok0> Ah!
<mok0> soren: so, this is just some bogus mac you choose?
<soren> mok0: Yes.
<mok0> Cool, thanks!
<mok0> soren: I guess all VMs need their own .raw file, yes?
<soren> They don't have that now?
<mok0> Yes, but your example above uses the same
<soren> Oh, you should use 02:xx:xx:xx:xx:xx, by the way.
<soren> mok0: Right, my mistake.
<mok0> soren: literally 02:xx ... etc?
<mok0> soren: or just 02 as the first number
<soren> Just 02 as the first.
<mok0> soren, cool I'll try it out right away
 * mok0 waits for the VMs to halt...
<mok0> Hm they are in Sl mode
<soren> I can't believe I didn't realise this the other day.
<mok0> soren: Hmm, I don't have properly configured VMs ATM :-(
<mok0> soren: I will test it tomorrow and report back! I am sure it will work now :-)
<soren> mok0: So am I. :)
<ivoks> zul: here?
<zul> ivoks: yep
<ivoks> i see drbd is pulled
<zul> yep did it this morning
<ivoks> so, no need for testing? it builds on 386
<ivoks> and on amd64
<zul> ivoks: i would wait for the new linux-ubuntu-modules to come out then do some testing
<ivoks> ok
<coffeedude> dendrobates: ping
<methods> kernel-patch-grsecurity2  why is this not in the list ?
<kraut> because it's to difficult to maintain
<kraut> and it has to many cons to put it in a mainstream repositority
<methods> so is there an offstream repo ?
<methods> and why is it refered to be anothe rpackage if its not a ubuntu package
<kraut> you could build it with the vanilla-sources
<methods> you mean patch the kernel and build it ?
<kraut> yep
<kraut> you need to be really lucke to patch grsec into an non-vanilla kernel
<kraut> s/lucke/lucky
<methods> why ?
<kraut> because grsec-patch won't be adaptive to an allready-patched kernel
<kraut> there are to many differences
<methods> so what kinda patches does ubuntu put in ?
<methods> could i take the patches and apply them after that one ?
<kraut> have a look into the changelog
<kraut> i don't think so
<methods> which package is the source for the standard kernel ?
<kraut> www.kernel.org
<methods> no i mean the ubuntu one
<methods> just linux-source ?
<kraut> apt-cache search linux-image source
<methods> thanks
<Goosemoose> hi guys
<Goosemoose> any news on the active directory connection program that is supposed to come built into hardy, is it done yet?
<coffeedude> dendrobates: Fyi... have found one bug in the Windows 2008 join support in the tarball I sent you.  Will have tyo be fixed before  I can send yo the final 4.0.4 release.
<dendrobates> coffeedude: I haven't received anything so far today.  is that what si holding it up?
<coffeedude> dendrobates:  I sent out a tarball earlier today....You never got it ?
<coffeedude> dendrobates: let me make sure it didn't bounce.
<dendrobates> coffeedude: nope
<schnuerpel_> Any plans to update mysql to 5.0.51 in hardy?
<mathiaz> schnuerpel_: it's in the pipeline
<nxvl_work>  can someone point me to any howto on how to make that some accounts of my postfix can only deliver mails to the local domain an no any external one?
<Goosemoose> coffeedude, is the script setup to join a machine to a win domain?
<Goosemoose> coffeedude, i've been doing it the long manual way, but stopped to wait for what was being added into hardy
<lamont> nxvl_work: while others can?
<nxvl_work> lamont: yep
<nxvl_work> lamont: some users can send mail to internet but some other not
<lamont> well, for starters, the user is who he claims to be, unless you push SASL on him
<nxvl_work> !?
<lamont> it might be easier to do it as recipient restrictions... local users all go to the 'permit' bucket, and then (by definition) anything left is internet, and you check the sender to see if he has access to send the email (by being on the whitelist)
<lamont> nxvl_work: can you connect to port 25 on the machine and send data? then you are who you say you are, regardless of MTA
<nxvl_work> ah, ok ok
<nxvl_work> it's behind a virus and spam server
<nxvl_work> so itsn't easy to make that
<lamont> so you're looking for sender/recipient restrictions
<nxvl_work> yep
<lamont> see /usr/share/doc/postfix/RESTRICTION_CLASS_README.gz and  SMTPD_ACCESS_README.gz
<lamont> you may quite possibly find it easier to implement it in a policy daemon: SMTPD_POLICY_README.gz
<lamont> I think those are all actually in the postfix-doc package
<lamont> ScottK: still no 2.4.7
<ScottK> They are.
<ScottK> Yeah.
<ScottK> Any signs of it?
<lamont> well, it's not on my mirror
<lamont> OTOH, it'll check again in about 26 minutes. ...
<lamont> +       Cleanup: the post-install script now requires that it is
<lamont> I wonder if I should start using that...
<coffeedude> Goosemoose: yeah.  Specifically for AD domains.
<Goosemoose> coffeedude, can it use it now? i'm setting up my system to deploy 500 computers using the current version of edubuntu
<coffeedude> Goosemoose: You can.  We're still fixing the packaging and documentation is scarce.  latest stable releases are at http://archives.likewisesoftware.com/likewise-open/src/.  4.0.3 is the latest posted but 4.0.4 should be out in 24 hours.
<Goosemoose> any big changes in 4.0.4?
<nxvl_work> lamont: i found the solution -> http://www.postfix.org/FILTER_README.html
<nxvl_work> lamont: thanx for your help
 * nxvl_work HUGS lamont
<lamont> np.  glad it was easier. :-)
<lamont> that's also delivered in postfix-doc, btw
<coffeedude> Yeah.  More upstream merges from Samba and better adherence to Debian packaging policy.
<coffeedude> Functionally (from the end user perspective) will be very similar.
<coffeedude> Goosemoose: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
<Goosemoose> ok
<Goosemoose> looking at the site now
<Goosemoose> i just want an easy way to authenticate all users and map their folders since half the school computers are still running xp
<coffeedude> Goosemoose: And 4.0.5 will be out within the week hopefully which will have better error reporting if there is a problem with the join.
<Goosemoose> ok
<Goosemoose> so is this basically gui or can i easily script this to run during the presed image deployment?
<coffeedude> Goosemoose: This is client logins.  You need Samba 3.2.0 when it is released to really plug likewise-winbindd (as a replace for upstream winbindd) with Samba.
<coffeedude> Goosemoose: both domainjoin-cli and domainjoin-gui (GTK)
<Goosemoose> ok
<coffeedude> Goosemoose: Just run "domainjoin-cli join ad.example.com Administrator"
<coffeedude> Goosemoose: back later.  Have to debug some code right now/.
<Goosemoose> ok
<Goosemoose> thanks, ill try it out
#ubuntu-server 2008-01-29
<sommer> anyone know if it's possible to use virt-manager with qemu from the cli?
<nijaba> sommer: hello.  In hardy this will indeed be very possible
<kraut> moin
<milestone> hi all
<milestone> i have to be able to boot from san with my qlogic adapter
<milestone> that adapter needs to read its firmware from /lib/qla...firmware file
<milestone> now i need to modify the initrd image
<milestone> but i cannot mount it
<milestone> can anyone telle how to mount it?
<kraut> milestone: install centos
<milestone> kraut: ???
<kraut> milestone: ubuntu sucks hell when you using a san-mount
<milestone> kraut: why should i install redhat?
<kraut> they aren't able to build a kernel for this
<milestone> kraut: aha
<kraut> because ubuntu won't fit for that
<milestone> kraut: but that is the only thing i have left though
<milestone> the module is loaded at boot time
<milestone> it just cannot read the firmware
<kraut> believe me or not, but qlogic-hba and ubuntu is a major pain into the ass
<milestone> and i am pretty sure that when i put it in the initrd everything will be fine
<kraut> that's exactly the point
<milestone> kraut: i do believe you
<kraut> you need to install the firmware with the driver-pacakge from the qlogic page
<milestone> it is only that re-installing is not an option
<kraut> and there isn't any install-package for ubuntu
<milestone> i am sitting sort of uncomfortable already ;)
<kraut> we gave it up to support ubuntu with qlogic
<milestone> the ubuntu server team?
<milestone> http://ubuntuforums.org/showthread.php?t=24022
<avatar_> we use qla on ubuntu feisty without any troubles
<milestone> the howto worked for me
<zul> morning
<nocturn> Hi all
<nocturn> I'm using libnss-ldap to get users from a local ldap server (Ubuntu 6.06.2 LTS)
<nocturn> The problem is that only root can get user information, users have 'i have no name' as username after logging in.
<nocturn> What's wrong?Âµ
<nocturn> libnss-ldap.conf is world readable
<sommer> soren: apologies if you've already answered this somewhere, but how do I use virt-manager with qemu from cli?
<sommer> soren: or is the ability not ready yet?
<soren> sommer: virt-manager is a gui.
<soren> sommer: What do you want to do?
<sommer> right, maybe virsh was what I was looking for
<soren> sommer: Possibly. :)
<sommer> use the new virt* to install a qemu instance
<sommer> from cli
<soren> virtinst does that, yes.
<soren> It has a cli.
<sommer> ah... gotcha
<sommer> cool, I'll take a look at it
<sommer> thanks soren
<soren> no worries:)
<nocturn> nobody here using libnss?
<soren> I'd be quite surprised if not everyone here used libnss.
<nocturn> soren: I've been working on this 'i have no name' problem for 3 days now... no luck whatsoever
<nocturn> I do not understand what could cause this to happen
<nocturn> soren: sorry
<nocturn> i typed libnss, should have been libnss-ldap
<nocturn> :-(
<soren> "getent passwd yourusername" ddoesn't work?
<nocturn> only as root
<nocturn> and my own username when nscd is running, otherwise not
<soren> nocturn: Which version of ubuntu?
<soren> nocturn: ...and what's in you libnss-ldap.conf?
<nocturn> 6.06.2 LTS
<nocturn> libnss-ldap lists the host, URI, binddn and bindpw
<nocturn> which seem correct as root can resolve the users
<nocturn> I also have an Ubuntu desktop client running 7.10, which does not show this problem with the same libnss-ldap.conf
<soren> Completely identical?
<nocturn> yep
<nocturn> copied them over
<nocturn> I did not used to have this on the same machine...
<nocturn> I guess it started after the last ldap update, though I'm not sure (discovered it by accident)
<nocturn> I have to go for today...
<nocturn> I'll crack my head over this again tomorrow
<nocturn> thanks soren
<kriel> strange question. I'm trying to connect to a cisco router via the serial console port. I've come across most of the proper hardware, and I've gotten it to work using PuTTY on another (windows) system and the same rollover cable. However, there's also an added obstacle. I'm working on a laptop, and it dosen't have a native serial port, so I'm trying to use a serial-to-usb adapter.
<kriel> does anyone know of a way to test and see if my serial-to-usb adapter is working? I have read online that other setups use a /dev/ttyUSB*, however I do not have that in my /dev.
<juliux> does someody know if there are nagios2 packages for dapper?
<avatar_> juliux: we have packaged it at 'deb http://debit.bit.nl/ubuntu dapper main'
<juliux> avatar_, thanks
<juliux> avatar_, thanks a lot
<nxvl_work> mathiaz: around?
<mathiaz> nxvl_work: yop
<nxvl_work> mathiaz: a little OT
<nxvl_work> mathiaz: here in latin america we have an event called flisol, this year we want to have business persons in there, so i was wondering is someone of the canonical server-team can have a talk, about ubuntu server
<nxvl_work> mathiaz: a video conference
<nxvl_work> mathiaz: did you know with who need to talk for that, an if there is a Spanish speaker in there?
<mathiaz> nxvl_work: I'd contact dendrobates. OTOH I don't any of the canonical-server team speaks spanish
<mathiaz> nxvl_work: I don't think anyone on the canonical-server team speaks spanish
<nxvl_work> ok, i will ping him
<nxvl_work> maybe one of the community members can talk for canonical with a training on the products offered
<nxvl_work> or maybe we can have a translator in there
<nxvl_work> :D
<nxvl_work> all it's possible talking :D
<nxvl_work> mathiaz: thnx
 * nxvl_work HUGS mathiaz
<mathiaz> nxvl_work: np
<TheShadow> How do I make it so that ssh-agent is started for my shell automatically?
<mathiaz> what is the command line to figure out whether you can run KVM on your cpu ?
<ivoks> cat /proc/cpuinfo
<ivoks> :)
<ivoks> if it's intel and there's vmx flag, then it should be possible
<mathiaz> ivoks: ok - vmx flag for intel
<mathiaz> ivoks: and for amd ?
<ivoks> i'm not sure... :/
<zul> hold on
<ivoks> svm?
<zul> egrep â(vmx|svm)â /proc/cpuinfo
<mathiaz> zul: great ! thanks
<zul> no worries
<ivoks> sometimes supported CPU isn't enough
<mathiaz> zul: chicken curry
<zul> mathiaz: i hope thats a misfire :)
<ivoks> i have cpu that should be able to do it, but it doesn't work
<ajmitch> hello
<mathiaz> ivoks: right - you also need to make sure that it's enabled in the BIOS
<zul> hey ajmitch
<ivoks> hi ajmitch
<mathiaz> hi ajmitch !
<ivoks> mathiaz: it is, but... long story :(
<mathiaz> zul: I've heard too many times the expression "no worries, chicken curry!" while I was in India
<zul> ah..
<mathiaz> zul: so it's just instinct now
<ivoks> see you tomorrow
<nxvl_work> jdstrand: i have tested trunk version of ufw and i have an error running sudo ./run_tests.sh -s root, does it is usefull if i send you the outputs?
<jdstrand> nxvl_work: the error has been fixed in bzr
<nxvl_work> jdstrand: i have just donwloaded it
<jdstrand> nxvl_work: sorry I didn't catch it before the email ;)
<nxvl_work> jdstrand: it seems to have you home directory hardcoded
<nxvl_work> < IPT_SYSCTL=/home/jamie/ubuntu/software/ufw/ufw-current/tests/testarea/etc/ufw/sysctl.conf
<nxvl_work> ---
<nxvl_work> > IPT_SYSCTL=/home/nxvl/dev/ufw/trunk/tests/testarea/etc/ufw/sysctl.conf
<nxvl_work> 122c122
<jdstrand> nxvl_work: interesting
<jdstrand> nxvl_work: ah-- I'll fix it
<jdstrand> nxvl_work: thanks
<jdstrand> nxvl_work: that one doesn't get run in the buildd's (obviously)
<nxvl_work> yep, but for testing is a PITA
<nxvl_work> :P
<jdstrand> oh yes
<jdstrand> I run that here, just mentioning why I didn't catch it
<jdstrand> run_tests.sh -s should work anywhere though
<nxvl_work> yep
<nxvl_work> it works
<nxvl_work> what is not working is sudo ./run_tests.sh -s roo
<jdstrand> nxvl_work: pushed
<jdstrand> nxvl_work: Committed revision 83
<nxvl_work> ok let's wait until lp catches them
<nxvl_work> merging
<nxvl_work> jdstrand: yep, it works now
<jdstrand> nxvl_work: great, thanks!
<nxvl_work> thank you for fixing :D
<jdstrand> np
<gargeh> good evening freenoders
<nxvl_work> can you please take a look at Bug #182086
<ubotu> Launchpad bug 182086 in dovecot "dovecot-common postinst fails for multiple ssl certs" [Medium,In progress] https://launchpad.net/bugs/182086
<nxvl_work> im not fully sure about it
<nxvl_work> mathiaz: that's what you meant?
<mathiaz> nxvl_work: yes - did you test it ?
<nxvl_work> mathiaz: not on the package, but in other shell script
<nxvl_work> mathiaz: i create 2 ordered lists and try it
<mathiaz> nxvl_work: could you create a test installation and make sure that package works as expected ?
<nxvl_work> i will wait until matt posts his dovecot.conf to see how the multiple ssl thing works, cause i'm not so sure about it
<mathiaz> nxvl_work: good idea.
<nxvl_work> mathiaz: about the solution, you can try this -> http://pastebin.com/m6423d02
<nxvl_work> is the same structure
<mathiaz> nxvl_work: I'm not sure how the code will deal with a different order in the cert list and the key list.
<nxvl_work> http://pastebin.com/m2c402fb0 <- here you can see it clearly
<nxvl_work> mathiaz: it won't
<nxvl_work> mathiaz: but as i have read for configuring multiple certs they must be some way ordered
<nxvl_work> mathiaz: if the certs pairs are unordered it will be a mess
<nxvl_work> but there is no way to check which certs goes with which key
<nxvl_work> is they are unordered
<nxvl_work> and as i have seen on the dovecot list archive they must be grouped by ip or something -> http://www.dovecot.org/list/dovecot/2006-October/017165.html
<nxvl_work> mathiaz: did you think better to discuss it on the list?
<mathiaz> nxvl_work: most of the code doesn't rely on a link between the cert and the key
<nxvl_work> but this line does -> openssl req -new -x509 -days 365 -nodes -out $SSL_CERT -keyout $1 > /dev/null
<mathiaz> nxvl_work: only the part that generates the cert/key needs to have the correct combination of the cert file and the key file
<nxvl_work> mathiaz: yes, and can you imagine what could happen if that line runs with an incorrect cert/key pair?
<mathiaz> nxvl_work: I think that the order needs to be respected in the dovecot.conf file.
<mathiaz> nxvl_work: if you define multiple server/protocol, you need to specify ssl_cert_file and ssl_key_file one after the other
<nxvl_work> mathiaz: yes, thats what i have understood too, but i was not fully sure
<mathiaz> nxvl_work: What happens if you define two ssl_cert_file and then two ssl_key_file ?
<mathiaz> nxvl_work: it may be worth testing this scenario.
<nxvl_work> you mean to define "ssl_cert1, ssl_cert2, ssl_key1 and ssl_key2" in that order?
<mathiaz> nxvl_work: yes
<nxvl_work> it will work fine
<nxvl_work> since it parses the file and it greps for them
<nxvl_work> it doesn't see the certs/key pairs
<mathiaz> nxvl_work: I mean if dovecot would work correctly
<nxvl_work> it only know the order of the certs and on the other hand the order of the keys
<nxvl_work> those 2 must match
<nxvl_work> oh ok ok
<mathiaz> nxvl_work: I'm actually thinking about ssl_cert1, ssl_cert2, ssl_key2, ssl_key1
<nxvl_work> that won't work for the script, but i'm not sure on dovecot
<mathiaz> nxvl_work: yes - that's what I'd test.
<mathiaz> nxvl_work: if it works for dovecot, then the script has to been refactored
<nxvl_work> but in that scenario it will be imposible to make the correct cert/keys pairs since we are only greping them
<mathiaz> nxvl_work: the script has take care of this scenario I man.
<nxvl_work> yes, of course
<mathiaz> nxvl_work: correct. So we may have to change things then. And implement the suggested solution by the bug reporter (even if it's not optimal).
<nxvl_work> but it need to be refactored not only my diff, but the whole ssl part
<mathiaz> nxvl_work: correct
<nxvl_work> or make some kind of dovecot.conf debugger to check the syntax of it
#ubuntu-server 2008-01-30
<ScottK> lamont: Is there a particular reason why your postfix 2.5.0-1 package has a versioned depends on libdb4.6 and your 2.4.6-5 version doesn't?
<lamont> because a newer libdb4.6 hit that added the versioned-dep, I expect...
<lamont> that is, /me blames dpkg-shlibs
<ScottK> lamont: It'd be highly convenient for backporting if it weren't there.
<lamont> is it a build-dep, or a dep?
<lamont> the build-dep is on libdb-dev, and needs to be versioned
<lamont>       gutsy*)           BP="gutsy1"
<lamont>                         sed -i '/^Build-Dep/s/libdb-dev (>=4.6.19-1)/libdb4.5-dev/g' debian/control
<lamont>                         ;;
<lamont> it's automatic, after all... :-)
<ScottK> Does it need to be 4.6 or 4.6.19?
<ScottK> I understand 4.6
<ScottK> Dear launchpad, not serving web pages right now is not convenient for me.  Please get back to work.
<jackfusion> Hi all
<jackfusion> how is every one doing in here?
<jackfusion> When install ubuntu server at the end when it ejects the cd and you hit back then select additional packages to install and it asks for the cd.  I have the seerver disk in and hit enter but it keeps asking me for the cd why?  I have tried changing the cd with the desktop install cd as well.
<jackfusion> Is any one here to help
<jackfusion> /exit
<kraut> moin
<coNP[uni]> moin kraut
<kraut> moin coNP[uni]
<mok0> Hm. Why can't I send mail to myself via smart server?
<_ruben> mok0: what is 'myself' in this case? your own username? your own (internet) email adres? user@localhost?
<mok0> Heh
<mok0> I just want to relay all mail to a smart host
<mok0> so, if I send to "mok" on the local machine, it get's relayed to our domains central mailserver
<_ruben> mok0: im guessing your local mta (which delivers it to the smarthost) adds a 'bogus' domain to the username to create an email address (bogus being none, localhost, etc) .. does the mail get lost? bounced?
<mok0> It gets lost. I am using the default postfix setup. I just added "relayhost" to main.cf
<mok0> From the log I can see that the mail is delivered to procmail -a "$EXTENSION"
<_ruben> do you have access to the logs of the smarthost?
<mok0> yes
<_ruben> does it show anything odd?
<mok0> The log on my machine shows something odd. It looks like the postfix master crashes and gets started again
<_ruben> my postfix experience is rather limited .. i do use it on some of our suse boxes but those are configured with yast .. our main mailservers run qmail
<mok0> Same here. Main mail server runs sendmail. I just want to configure all workstations to forward local mail to the main mailserver. For scripts etc.
<_ruben> sendmail?! gross
<mok0> I thought it would be quick and easy to configure postfix to do that
<_ruben> it should be rather trivial indeed
<mok0> I think I am just missing a setting in the config file
<Kigh> mok0: you may take a look on "esmtp", a small replacement for sendmail, forwarding mail to a smarthost. (with smtp auth)
<Kigh> configuring postfix for that job is horrible
<mok0> Kigh: you mean, instead of postfix?
<Kigh> yes. replacement
<mok0> Kigh: thanks, I will
<_ruben> our postfix configs look rather trivial, then again, like i said, those were generated by yast, not by hand
<mok0> I found a recipe for doing what I want. Now I can see that my box forwards the mail to the mail-server, which looks at it, and tries to send it back to my box :-)
<mok0> So I have to get my box to not put it's own hostname in the forwarding mail address
<_ruben> mok0: appears to be myhostname and/or mydestination directives, just a guess tho
<mok0> It works now!
<mok0> I just needed a very simple main.cf file
<_ruben> ;)
<mok0>    Thanks for your help, guys
<spiekey> hi
<spiekey> i would like to use ubuntu as a pdc (samba) and i am looking for the offline/online profile feature.
<spiekey> any idea what this is called?
<ScottK> soren: libtree-perl is currently sitting with one advocate (me) in REVU.  It might be useful to get it uploaded and into the NEW queue so it'll be built if/when ebox is ready to go.
<soren> I can take a look, I guess.
<ScottK> Just a thought.  Ebox is your baby, so ...
<soren> Hm... I wonder what happens if I just generate the .changes and leave Javi's signature on the .dsc. It should work, I've just never done that.
<ScottK> soren: Yes.  It should work. lamont did that one one of my uploads.
<lamont> soren: the changes file has to be signed by someone in the right keyring, and the hashes of the rest of the files have to match reality.
<lamont> (IOW, who cares who signed the .dsc??)
<lamont> and the answer, of course is: whoever signed the .changes.
<soren> lamont: Right. I've just never sponsored stuff this way. It's always been debdiffs or something.
<lamont> soren: depending on the person, I either rebuild it completely from source after diffing, or just smack it through.
<lamont> and in the middle there is "unpack, compare, testbuild, resign their .changes, upload"
<lamont> I'm pretty sure that slangasek is the only one I've ever done the "just smack it through" for.
<soren> lamont: Heh :)
<lamont> not sure how changes==you, dsc==him affects karma though.
<soren> soyuz doesn't give karma anyway.
<soren> I doubt that's any different if dsc and changes are signed by different people :)
<soren> Ah, of course there's the lp-fix-bugs magic..
<lamont> ah, ok
<soren> Oh, but that's assigned to the janitor.
<soren> So, no dice.
<soren> er.. karma.
<mathiaz> For those interested, server team meeting in #ubuntu-meeting in 10 minutes
<faulkes-> already waiting for it
<zul> mathiaz: im there baby!
<ScottK2> mathiaz: Action complete https://wiki.ubuntu.com/ServerTeam/Roadmap?action=show#head-a23aaa04392811132acde356dbc37c5d64a0b85d
<faulkes-> well, that was an interesting introduction to the server team meeting
<faulkes-> seems I have much more reading to do to acquaint myself with more of the details and then ask some appropriate questions
<faulkes-> thanks for letting me sit in on it
<ScottK> faulkes-: You're welcome to ask questions any time here too.
<faulkes-> yes, that is what I meant
<nxvl_work> ScottK: i'm already working on jabberd2
<nxvl_work> ScottK: i only need to check it builds or do i need to test the package?
#ubuntu-server 2008-01-31
<hypnus9> !samba
<ubotu> Samba is the way to cooperate with Windows environments. Links with more info: https://wiki.ubuntu.com/MountWindowsSharesPermanently and http://help.ubuntu.com/ubuntu/serverguide/C/windows-networking.html - Samba can be administered via the web with SWAT.
<nxvl_work> ScottK: around?
<somerville32> Is there a gui that allows for easy management of ip aliases?
<zul> like how?
<zul> ie what do you want to manage
<faulkes-> you mean managing ifcfg-eth0:X based interfaces, say for ip based web servers under apache
<somerville32> right
<somerville32> faulkes-: ^^
<lightbook> hi, I'm trying to get a root login on ubuntu server, but it's giving me hell.
<lightbook> I can't sudo anything and I can't modify the etc/sudoers file
<qman> lightbook, root has no password by default on ubuntu
<qman> lightbook, and the user you create during install is in the admin group, which gives that user full sudo privileges
<lightbook> qman: it's giving me the "not an authorized user" bull.
<qman> did you create the user after installing, or is it the user that was created during install?
<lightbook> during the install.
<qman> ok
<qman> if you reboot the system, press escape to enter the Grub menu during boot, and boot with the (recovery mode) line
<qman> it will drop you to a root prompt in single user mode
<lightbook> alright.
<lightbook> sweet, thanks
<qman> from there, you should check if your user is in the admin group
<qman> and if the admin group is in the sudoers file
<faulkes-> somerville32: afaik there is no current gui for such management
<zylstra555> Hello. A friend of mine would like to have a sub-directory type site on my server, and I am wondering, what is the best way to do this?
<__bb> someone can help me make a router using firehol?
<__bb> someone can help me make a router using firehol?
<CrummyGummy> Hi all, fsck is failing when checking my ext3 raid1 partition on boot. It says that the fs is either mounted or opened exclusively by another program. It is trying to check /dev/mapper/sda7 and not /dev/md4. Any ideas what could be causing this?
<_ruben> CrummyGummy: a faulty setup of /etc/fstab .. it probably lists sda7 instead of md4 .. or your bootloader has been told to use sda7 as root instead of md4
<CrummyGummy> U'm using UUID to mount the fs, Lemme just double check its right.
<CrummyGummy>  /U'm/I'm/
<CrummyGummy> and its not mu root partition its /var
<CrummyGummy>  /mu/my/
<CrummyGummy> _ruben: Nope, its definitly pointing to /dev/md4.
<CrummyGummy> well the UUID of anyway.
<_ruben> hmm .. cant say i have much experience with using uuids so dunno if there could be going something wrong there
<_ruben> afaik, fstab is the one and only place to define which disks get fsck'ed
<CrummyGummy> I found a pointer towards blkid on the net. Still looking.
<CrummyGummy> Well thats what you get for not reading up before doing, I ran blkid>/etc/blkid.tab and rebooted. Now its stuck.
 * CrummyGummy is holding thumbs it'll unstick...
<CrummyGummy> woops, now /dev/md1 doesn't exist. eish,,,
<kraut> moin
<CrummyGummy> hi
<CrummyGummy> Anybody got any idea what I missed? This is very obsure.
 * CrummyGummy is going to change /dev/md1 to the UUID ( in grub) and see if it fixes it.
<soren> Do you use evms?
<CrummyGummy> No, raid1
<CrummyGummy> plain mdadm
<CrummyGummy> soren: Do you think I need to refresh my initrd?
<soren> Do you have evms installed?
<CrummyGummy> No, I removed it.
<soren> Recently?
<CrummyGummy> before refreshing the blkid.tab
<CrummyGummy> So, yes.
<soren> Did you try rebooting just after removing evms and doing nothing else?
<CrummyGummy> well I removed evms refreshed the blkid.tab and rebooted. Now I am stuck.
<soren> CrummyGummy: I don't think I've ever had a blkid.tab, and I'm happy.. :)
<CrummyGummy> Well I didn't plan it.,,, Maybe removing it will work.
<soren> That was what I was trying to say :)
<CrummyGummy> lemme look
 * CrummyGummy is holding thumbs
<CrummyGummy> bbl
<CrummyGummy> soren: Thanks, I was looking in the wrong direction. I had messed up my mdadm.conf. After re-generating my initrd file it worked.
<soren> \o/
<spiekey> hi
<spiekey> soren: you there? ::)
<soren> I am.
<soren> I live here.
<_ruben> hehe
<spiekey> hehe
<spiekey> i need some help or ideas about nss and ldap
<spiekey> i use this script to install a samba pdc with nss and ldap : majen.net/smbldap/
<spiekey> my problem is that my virtual machines of my vmware server then dont start properly anymore
<spiekey> if i comment out "ldap" in nsswitch.conf it works fine.
<soren> Er.. Ok.
<spiekey> in the syslog i get something like: slapd: bdb_equality_candidates: (uniqueMember) index_param failed (18)
<spiekey> but i dont know if this is a serious error or just a message
<soren> Have you checked the vmware forums?
<spiekey> on my way :)
<soren> spiekey: Is there a vmware system user?
<soren> Are you running vmware server on an amd64 machine, perhaps?
<spiekey> no, its a normal 386 box
<spiekey> id: vmware: No such user
<_ruben> soren: not sure if you're the one to ask, but any pointers what would be the 'best' virtualization method to run windows guests on an ubuntu host (the host being amd64)
<soren> _ruben: I'd guess kvm, but I haven't done much testing of windows inside of it. It should work, thouhg.
<spiekey> soren: the thing is that can click on "play" in my vmware server and nothing happens for about 2minutes. Then i get an gui error saying it could not start the machine. If i click play again it works.
<spiekey> it always works after the 2nd time.
<spiekey> quite weird, isnt it?
<soren> Sort of.
<soren> vmware has an annoying tendency to ship various libraries with their stuff.
<soren> try "locate libnss_ldap.so"
<_ruben> soren: i'll look into kvm when i have some time, tho hardy's version is quite superior to the gutsy one right?
<soren> _ruben: *very* much so.
<spiekey> .  /lib/libnss_ldap.so.2 -> libnss_ldap-2.3.6.so
<spiekey> .  /usr/lib/libnss_ldap.so -> /lib/libnss_ldap.so.2
<spiekey> i am using ubuntu 6.06 by the way
<_ruben> soren: by the time i get a chance to play with it, hardy might be aproaching its final state anyways, so might not be such a big problem ;)
<_ruben> we're currently using vmware 1.0.4 on suse boxes, which seems to do the trick fairly well, tho performance isnt all that great
<soren> spiekey: Well, my best guess is that vmware is using a different set of libnss libraries and borks because it can't look up users in ldap (probably because it's looking for a configuration file in the wrong place).
<soren> spiekey: It's quite hard for me to tell whether that's anywhere near the truth or not, though.
<spiekey> soren: i would have expected vmware to not work at all, but not the bahaviour like this :)
<spiekey> i might try to strace the problem then
 * soren goes to lunch
 * _ruben just got back from "lunch"
<_ruben> i eat during work, and lunchbreak is used to play tablesoccer in the basement
<spiekey> i play pocket snooker all day long ;)
<Gargoyle> Greetings
<sommer> soren: morning, I've started a cli qemu install using virt-install and I can see a qemu process in ps -ef output
<soren> sommer: Ok.
<sommer> soren: but I can't connect to the console using virsh -c qemu:///system console
<sommer> am I missing something
<sommer> ?
<soren> Do you have virt-viewer installed?
<sommer> the message says no console for domain
<sommer> yep
<soren> Use that instead.
<sommer> ah
<soren> virt-viewer -c qemu:///system name-of-domain
<sommer> getting a new error: (virt-viewer:8180): Gtk-WARNING **: cannot open display:
<sommer> I'm trying through ssh at the moment
<sommer> the virsh list command works fine :-)
<soren> Ah, have you set up X forwarding?
<sommer> not that I know of
<sommer> will do, though
<sommer> so does qemu requre X?
<sommer> and vnc?
<sommer> x is being forwarded, but now the virt-viewer is wanting vnc
<sommer> I did use the --nographics option, so that's probably expected
<soren> Well, you're supposed to run virt-viewer from your *local* machine.
<soren> However, that's blocking on netcat-openbsd landing in the archive. It will be a few days.
<sommer> soren: gotcha, I'll try again this evening
<soren> "a few days" :)
<sommer> er... that too
<sommer> thanks for the info, I wasn't finding much on qemu + virsh + console
<foo> hm, cron-apt is cool.
<ivoks> lamont: any toughts on postfix+dovecot?
<sommer> I think they should be combined into a super server named postcot... but who knows where thoughts come from
<ivoks> :)
<foo> hehe
<zul> why not fixdove?
<faulkes-> trademark/copyright issues with dove soap
<sommer> I think you have to stay with the "post" roots
<nxvl_work> did anyone know something about Ubuntu Home Server?
<sedega> hello
<sedega> I installed ubuntu server version and chose LAMP setup, but it seems like LAMP wasnt installed
<sedega> is this normal?
<leonel> why  seems like lamp wasn't installed ?
<sedega> because there is no sign of apache, mysql, php or python
<sedega> i had to apt-get them
<sedega> im just wondering
<sedega> if i did something wrong
<sedega> also can you help me disable system beeper for ubuntu server, i still need the beeper connected for a program, i just dont want any system beeps...
<sedega> oh nm, figured out the beeper.. Still LAMP issue, is it normal?
<lamont> hrm... ivoks got a way
<_Drax> Ive just recently joined the ubuntu community by installing the server edition on my standalone computer, first reason I did was I needed a webserver and the LAMP solution was perfect. Im now interested in suggestions on what more I can use it for. I will join the NTP pool project and if you know more things like those please let me know.
<Jester45> is it possible to make a ftp group? so that adding a user to the group gives them access?
<Ahmuck> what is the command to get the menu to come up about installing different servers?
<Ahmuck> LAMP, DNS, etc.
<sommer> Ahmuck: tasksel
<Ahmuck> thx
<Nafallo> aptitude? ;-)
<Gargoyle> greetings
<owh> Greetings all. Booting off the Gutsy Server CD, how do I setup a RAID 1 for a new server? Is there a magic boot option to make that happen or am I expected to do this manually?
<Nafallo> owh: manually
<Nafallo> owh: or rather, via the menu options in the installer.
<owh> Which menu options?
<Nafallo> the ones that lets you setup harddisks ;-)
<owh> All I see is Partition Disks, which gives me manual - no raid options seem apparent, or LVM, which I really don't want.
<Nafallo> hmm
<Nafallo> weird.
<owh> Ooooh. I am going through the installation a second time. I booted with a LiveCD to see if the partitioner would help. It didn't but cfdisk allowed me to mark the types as raid autodetect. Now I see a raid option in the manual partitioning.
<owh> Very nice. Not obvious to find, but very nice none-the-less. I'll do another trial to see if I can mark the types from within the installer, but so far I seem to have a method to build what I want.
<owh> To have a "Guided Partition - RAID" there are a few steps, do a guided partition on disk#1, write changes, do another guided partition on disk#2, write changes, change partition types to raid for all partitions, then setup software raid, then set partition types for the raid partitions, then set mount points.
<owh> Is there any reason why there isn't an installer option to create a guided raid?
<owh> Or is there an assumption that if you know what RAID is and why it might be of benefit to you, you also know how to set it up?
#ubuntu-server 2008-02-01
<owh> In  case anyone is watching, it all worked as expected after the hoop-jumping, boots up, happy, all good.
<foo> Hm, what log files do you guys believe  needs to be checked? syslog and messages?
<owh> foo, checked, for what?
<foo> for the sake of maintenance and making sure everything is running good
<owh> foo: Well, the answer, as usual, is: "It depends." - If you're running samba, then the logs for mysql will be of little use to you. Similarly, an ftp server maintains different logs from a print server. So really, depending on the services you're running, the logs differ.
<foo> owh: hm, actually, fair enough - now I see how that question I asked isn't necessarily the greatest question I've asked :) Thanks.
<owh> foo, It happens to all of us at some time or other :)
<foo> :)
<jackfusion> hi all
<jackfusion> how is every one tonight?
<jackfusion> Is there any one in here at all?
<faulkes-> yes, there are people in here ;) some of us just got home though
<qman> I was wondering if anyone here had suggestions for setting up an extremely minimal X environment on ubuntu server
<qman> I tried just installing xorg and icewm with a few deps, and it runs
<qman> but it won't shut down
<faulkes-> what wont shutdown?
<qman> X
<qman> if I try to stop X by any method at all
<faulkes-> not that I recommend using X on a server at all, however
<qman> I can't go back to a terminal, and the system won't shut down
<qman> well, this isn't for a server
<qman> I'm just using server because it's stripped down
<faulkes-> ctrl-alt-backspace doesn't kill X for you?
<qman> it does
<qman> but X never comes back up
<qman> and my terminal never shows up
<qman> it just goes blank
<qman> my goal in this
<qman> is to create the smallest install footprint I can
<qman> to run vmware server and the console on the same box
<faulkes-> X will switch itself over to usually tty6 or 7, did you try going back to tty1 or whatever where you launched X?
<qman> yes
<qman> with X running, if I try to switch terminals
<qman> my screen just goes blank
<qman> and I'm stuck again
<qman> I installed xinit to start X, and installed xfonts-base
<qman> other than that, just dependencies
<faulkes-> how are you starting X?
<qman> startx
<faulkes-> anything being logged to dmesg or /var/log/Xorg.0.log?
<qman> nothing helpful
<qman> the last things in Xorg.0.log
<qman> are initializing the mouse
<faulkes-> type of video card and driver?
<qman> video card is an nvidia GeForce 8600GTS, I didn't install any proprietary drivers
<qman> driver is "vesa"
<qman> aha
<qman> I changed it to "nv"
<qman> and it all works
<qman> thanks for the hint
 * faulkes- nods
<faulkes-> yw
<foo> Hm, is there a way to save a file in vim when I piped something to it? from the man page:  s filename seems to do it... but I can't seem to get that to work. It just says "log file in use"
<faulkes-> could you give a cli example
<faulkes-> like vi | cat /tmp/file or somesuch?
<foo> doh! I mean, less
<faulkes-> again, can you show me a cli example?
<kraut> moin
<ivoks> i'm from doing changes in dovecot and installing full stack trough tasksel (including maildir)
<Gargoyle> Morning all
<CrummyGummy> Hiya
<faulkes-> I am less than amused with the hour at which I am still awake and others considering "morning"
<faulkes-> I must be getting old
<faulkes-> good morning folks
<_ruben> faulkes-: that's what "gug" is for: Generic UTC Greeting
<_ruben> so, gug ;)
<faulkes-> see what I mean about old? I can barely manage a LOL
<Gargoyle> lol
<Gargoyle> however, if it is a UTC greeting, then Morning would be accurate!
<faulkes-> just past 6am here, I went to bed at like midnight, havent slept a wink so I've been trolling the support forums for unanswered posts to help with
<tjaalton> huh, I sent an email to u-s@, but I got a bounce saying that I'm not subscribed which is not true
<Gargoyle> faulkes-: You got a bit of insomnia or are you just a night owl?
<faulkes-> Gargoyle: something like insomnia but not quite
<faulkes-> I suppose if I really wanted to sleep I could just go read the opening chapter of the PMBOK which is enough to put even the most hardcore insomniac to sleep
<Gargoyle> lol
<faulkes-> (project management body of knowledge) for those not familiar with the term
<Gargoyle> but project management is funnnnnnnnnnn                            Zzzzzzzzzzzzzzzzzzzzzz
<faulkes-> actually, I rather enjoy project management, the actual application thereof
<faulkes-> having to read about it, well, that's an entirely different story
<faulkes-> I swear I've cut myself on sharper spoons the authors are so dull
<Gargoyle> ha ha ha
<faulkes-> I should write a PM book so cutting edge and thrilling it would be the spork of the PM world
<Gargoyle> get some sleep first...
<faulkes-> probably not a bad idea, I'm getting punchy
<Gargoyle> Anyone know of any good webmail installs that work well with postfix+dovecott using both pop/imap email types?
<Znuff> Hello. My Asus Mainboard has 2 Marvell SATA controllers but my fresh ubuntu install only sees the disk on the 1st one, not the second one. These is what lspci returns:
<Znuff> 02:00.0 RAID bus controller: Marvell Technology Group Ltd. 88SE6121 SATA II Controller (rev b1)
<Znuff> 04:00.0 RAID bus controller: Marvell Technology Group Ltd. 88SE6121 SATA II Controller (rev b2)
<Znuff> Anyone knows what's wrong? :-/
<ivoks> which ubuntu is that?
<Znuff> ivoks, 7.10
<ivoks> http://linuxmafia.com/faq/Hardware/sata.html#marvell
<Znuff> found that, but it doesn't say anything on how to fix it
<ivoks> try disabling raid functions in bios
<ivoks> let them be, what they are - just sata controllers
<Znuff> uhm :-|
<Znuff> ok, I'll try that too
<ivoks> linux software raid is better than those fakeraids
<Znuff> ivoks, that's what I'm trying to do
<Znuff> ivoks, got 5 hdds and an optical drive on the sata controllers
<Znuff> 1 hdd for the OS, 4 for RAID5
<lamont> ScottK: 2.4.7
<ScottK> Cool.
<ScottK> lamont: Then I'd say let's go with the original plan, get that in and then backport it.
<Znuff> any ideas if there's a 2.6.23 or 2.6.24 kernel backported to 7.10? :-/
<zul> no there isnt
<Znuff> :-/
<zul> 2.6.24 is for hardy you will have to compile the kernel yourself if you want to run 2.6.23 or 2.6.24
<Gargoyle> woo hoo snow.... rain... hail the size of marbles!
<Gargoyle> Damit... I need to go out - letters to post, banking to do, blah blah blah... I am going to get drowned, blown away and frozen.
<Gargoyle> And that means I'll miss hollyoaks! ;)
<Gargoyle> back later...
<Gargoyle> maybe!
<coolbhavi> Can we use drivers of desktop edition in server edition
<coolbhavi> ?
<ScottK> coolbhavi: Please ask a more specific question.
<ScottK> What exactly is it you are trying to do?
<coolbhavi> My wireless driver failed on server edition
<coolbhavi> so i am thinking to use desktop drivers..
<coolbhavi> Is it possible?
<pepperjack> worst case you apt-get the generic desktop kernel
<ScottK> coolbhavi: I suspect they are the same.
<ScottK> As pepperjack says, you could install the generic kernel and try that, but I'd be suprised if it made a difference.
<coolbhavi> OK.. I ll get the desktop kernel.. and try.....
<faulkes-> I would have to agree, I would first look at what wireless card you are using and why those drivers are failing, if it is a driver issue at all
<coolbhavi> OK
<coolbhavi> thanks for the info..
<ikonia> you can't use the restricted device manager package onthe server package
<ikonia> if your intalling the ubuntu desktop and the ubuntu-generic kernel, you may as well install the desktop CD
<coolbhavi> OK
 * soren hugs nealmcb for raising the sanity level in that pointless Samba bug thread
<sommer> heh... that one was going into crazy land
<nealmcb> soren: :-)
<nealmcb> soren: thanks for working hard to keep the tone of that conversation civil.  not easy!
<nealmcb> especially when that isn't even the place for a conversation....
<_Drax> Ive just recently joined the ubuntu community by installing the server edition on my standalone computer, first reason I did was I needed a webserver and the LAMP solution was perfect. Im now interested in suggestions on what more I can use it for. I will join the NTP pool project and if you know more things like those please let me know.
<telexicon> I am running ubuntu server on a dell poweredge 2650.. I have 4GB of ram but it is recognizing only 256MB. Is there a way to fix this?
<ivoks> install mode?
<ivoks> some servers have bios option 'OS install mode'
<telexicon> oh, let me check that
<telexicon> yes it was
<telexicon> :S ... thanks
<ivoks> np
<mathiaz> bug #179905
<ubotu> Launchpad bug 179905 in mysql-dfsg-5.0 "Bus Error when attempting to access MySQL Server using host name" [Undecided,New] https://launchpad.net/bugs/179905
<mathiaz> zul: did you find a reference in mysql upstream bug database ?
<zul> not yet..
<mathiaz> zul: it seems that it's a problem in libnss
<mathiaz> zul: it may be better to get gethostbyname_r fixed in there rather than adding a workaround in mysql-dfsg
<zul> ill get more information from the user
<electrofreak> I need help with apache on ubuntu 7.10
<leonel> electrofreak: and the error or help you need is ??
<electrofreak> leonel, Well... It's kind of a problem on most distros by default... permissions. How can I make it so that scripts and what not get executed by the owning user?
<electrofreak> php, for instance. If it wants to write a while.... it isn't actually able to unless the directory gives write permissions to apache
<electrofreak> *write a file
<electrofreak> this can certainly be done by vhosts, correct?
<sherl0k> anyone have a good grasp on mysql configs?
<leonel> electrofreak: you can use apache-prefork  and configure  so the  apache fork runs  as the user you want
<leonel> sherl0k: sorry  PostgreSQL here ;-)
#ubuntu-server 2008-02-02
<electrofreak> sherl0k, I might be able to help...
<sherl0k> I'm trying to figure out why mysql won't spawn multiple processes
<sherl0k> I have a debian server that does it
<sherl0k> I checked both confs and compared, I didn't see anything on the debian server that would do it
<electrofreak> sorry. I have no experience with that unfortunately
<electrofreak> did you restart the deamon, though?
<sherl0k> Yeah, every time I make changes to the conf I restart the daemon
<electrofreak> ok. Is there an extra package that needs to be installed, or is that functionality built into mysql?
<sherl0k> I'm not really sure, honestly
<electrofreak> Wish I could help. Sorry.
<sherl0k> S'alright
<Cha0tix> Hello All
<Cha0tix> I really need your help because I become mad due to samba
<zul> what does the log files say?
<zul> electrofreak: what does the log files say?
<Cha0tix> anyone can help me, i can't see my samba shares from my windows xp pc
<Cha0tix> i have tested all that i can but that still don't work
<sherl0k> Did you restart the samba daemon after making changes?
<Cha0tix> yeah I did
<Cha0tix> when i launch smbclient -L localhost from ubuntu-server
<Cha0tix> that works
<Cha0tix> but if launch "net view \\ipadress" or net view \\servername
<Cha0tix> it says that it doesn't find anything
<sherl0k> can you do a net view \\ipaddress
<sherl0k> and use the PC's ip instead of the server name?
<Cha0tix> no
<Cha0tix> that doesn't work too
<zul> can you ping the other machines
<Cha0tix> yeah I can
<Cha0tix> I use it by SSH
<Cha0tix> so the connection between these two is good
<sherl0k> is your windows firewall on?
<zul> anything in the log files?
<sherl0k> that bugger likes to cause problems :P
<Cha0tix> yeah i shut down the firewall but that doesn't work too
<sherl0k> and on the Linux side? any firewall?
<Cha0tix> nop
<Cha0tix> any
<Cha0tix> maybe the problem come from my switch
<Cha0tix> because
<Cha0tix> my windows pc has an ip like 71.120.79.152
<Cha0tix> and the other
<Cha0tix> 70.123.45.32
<Cha0tix> not the same at all
<Cha0tix> eth0      Link encap:Ethernet  HWaddr 00:50:DA:06:7B:71
<Cha0tix>           inet addr:81.220.79.152  Bcast:81.220.79.255  Mask:255.255.255.0
<Cha0tix>           inet6 addr: fe80::250:daff:fe06:7b71/64 Scope:Link
<Cha0tix>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
<Cha0tix>           RX packets:134111 errors:0 dropped:0 overruns:66 frame:0
<Cha0tix>           TX packets:937 errors:0 dropped:0 overruns:0 carrier:0
<Cha0tix>           collisions:0 txqueuelen:1000
<Cha0tix>           RX bytes:8286662 (7.9 MB)  TX bytes:140525 (137.2 KB)
<Cha0tix>           Interrupt:10 Base address:0xa000
<Cha0tix> this is my eth0 configuration under ubuntu-server
<sherl0k> I think samba shares have to be done on the same network
<Cha0tix> yeh but
<Cha0tix> i can access to my windows shares from my ubuntu-server pc with smbclient
<Cha0tix> that's why it's really strange!
<sherl0k> open a terminal
<sherl0k> run testparm
<sherl0k> that will tell you if there are any errors in your samba config
<Cha0tix> [global]
<Cha0tix>         workgroup = MSHOME
<Cha0tix>         server string = %h server (Samba, Ubuntu)
<Cha0tix>         interfaces = eth0
<Cha0tix>         security = SHARE
<Cha0tix>         passwd program = /usr/bin/passwd %u
<Cha0tix>         passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spa$
<Cha0tix>         syslog = 0
<Cha0tix>         log file = /var/log/samba/log.%m
<Cha0tix>         max log size = 50
<Cha0tix>         dns proxy = No
<Cha0tix>         panic action = /usr/share/samba/panic-action %d
<Cha0tix>         invalid users = root
<Cha0tix> yeah i now testparm
<Cha0tix> this my smb.conf [global]
<Cha0tix> maybe it's my interfaces line that is not good
<Cha0tix> and my share test :
<Cha0tix> [ftp]
<Cha0tix>         comment = Test
<Cha0tix>         path = /tmp
<Cha0tix>         guest ok = Yes
<Cha0tix> what do you think about?
<sherl0k> hm
<sherl0k> are there multiple interfaces on the server?
<Cha0tix> no
<Cha0tix> just lo
<Cha0tix> and eth0
<Cha0tix> how can i modify the broadcast?
<Cha0tix> because it appears that it's not the same between windows and linux
<Gargoyle> Greetings
<incorrect> hello, i am configuring bonding, and i don't know where i can put the module config options
<dendrobates> incorrect: look at /etc/modprobe.d
<incorrect> i can't find the .local file :S
<incorrect> i am sure a few revisions ago i used to put my custom options in their own file
<soren> incorrect: Just create it?
<incorrect> soren, yes i was being stupid, its a .d :) so all files would be loaded :) doh took me 30 mins to notice that
<soren> *g*
<incorrect> somedays you can't see the wood from the trees
<incorrect> i am looking for X where is X i am not happy until i find it,  there is no spoon
<soren> incorrect: :)
<faulkes-> not specific to u-s however, anyone dealt with MPM under apache vs. pre-fork
<incorrect> isn't that a case of, do you want to run php or not
<soren> No.
<incorrect> have they fixed that
<soren> It's a case of whether you want to use mod_php5.
<soren> There are other ways to run php, though.
<incorrect> ok
<soren> fastcgi being the interesting choice.
<incorrect> that is more what i meant
<soren> Well, there might be other reasons, but that's the usual reason for resorting to prefork.
<incorrect> i am going to try out one of those php accelerators soon
 * soren goes to dinner
<faulkes-> unfortunately I'm tackling a multi-layered issue of 'suck' involving apache-mpm, ensim (yes, not my choice), php
<faulkes-> all of which resounds to sites taking about 2-3 minutes to load
<faulkes-> issue that it is't is cpu/mem (dual core, load 0.12 5min avg.), 200mb free (+buffers, etc), 0 swap in use
<faulkes-> anyways, it's not u-s specific so I'll leave it out of here
<faulkes-> feel free to /msg me if you ideas though
<incorrect> faulkes-, why don't you try out, one sec
<incorrect> i am going to have similar issues,
<faulkes-> well, I guess he incorrect had a bigger issue ;)
 * faulkes- whistles innocently
<faulkes-> wow, my english and spelling are terrible this afternoon
<hypnus9> What is the best way to add my Vista laptop to samba so that I might access my desktop?
<Alpha0606> hi - installed 7.10 server - nic 8029 says unclaimed - can anyone advise plz?
<ivoks> more words would explain your situation much better :)
<Alpha0606> thnx
<Alpha0606> fresh install of 7.10 server
<Alpha0606> network card seems to be noticed
<Alpha0606> but eth0 is not there from ifconfig
<ivoks> ifconfig show only configured interfaces, not all interfaces
<ivoks> s/show/shows
<Alpha0606> how do i configure the network card?
<ivoks> so, dhclient eth0 should connect to your dhcp server
<Alpha0606> static ip address
<ivoks> if you don't have one, set it up manually
<ivoks> ifconfig eth0 192.168.0.1 netmask 255.255.255.0 up
<Alpha0606> static ip address is entered in interfaces
<ivoks> that would be a good start
<Alpha0606> ill try that
<Alpha0606> thnx
<Alpha0606> errors
<Alpha0606> says no such device
<ivoks> try eth1
<Alpha0606> yet lshw -C network lists the card
<Alpha0606> k
<Alpha0606> no such device again
<ivoks> if eth1 works, problem is most probably in udev rules
<Alpha0606> eth1 gives same error
<ivoks> ok
<ivoks> how many nics do you have?
<Alpha0606> 1
<ivoks> all right
<ivoks> go to /etc/udev/rules.d
<Alpha0606> k
<ivoks> there is a file 70-persistent-net.rules
<ivoks> is there anything in it?
<Alpha0606> i see it
<Alpha0606> mom
<ivoks> mom?
<Alpha0606> empty
<Alpha0606> moment
<ivoks> empty...
<ivoks> hm...
<ivoks> dmesg | grep eth
<ivoks> any strange info in output?
<Alpha0606> no output
<ivoks> that's not nice
<ivoks> which network card is that?
<ivoks> lspci | grep Network
<Alpha0606> rtl 8029 AS
<Alpha0606> capital N in Network?
<ivoks> yes
<Alpha0606> no output
<Alpha0606> im in su mode
<ivoks> lspci | grep Ethernet
<Alpha0606> showing usage info
<Alpha0606> ill try again
<Alpha0606> ok
<ivoks> hm
<ivoks> that's 10mbit card?
<ivoks> like, very old card? :)
<Alpha0606> shows 00:0B.0 Ethernet controller: Realtel Semiconductor Co., Ltd. RTL-8029(AS0
<Alpha0606> its an old card yes
<ivoks> try this:
<ivoks> sudo modprobe 8390
<Alpha0606> on athlon 1000 system
<ivoks> sudo modprobe ne2k-pci
<Alpha0606> do i type sudo when im in su?
<ivoks> no need
<Alpha0606> done
<Alpha0606> 9 I TRIED THAT BEFORE TOO )
<Alpha0606> opps
<Alpha0606> caps
<ivoks> run dmesg
<ivoks> and check if card is recognized
<Alpha0606> ran straight off screen :D
<alefteris> any control panel that is available in the repos for managing a lamp ubuntu server? I was looking for webmin, seems i am a bit behind on the news about server staff :) thanks
<Alpha0606> pause function? switch?
<ivoks> Alpha0606: you need only last couple of lines
<ivoks> if there's something about nic, then you are on a good track
<Alpha0606> NET: registered protocol familt 10
<ivoks> alefteris: iirc, nothing :)
<ivoks> that's not it :/
<Alpha0606> lo: disabled privacy extensions
<Alpha0606> nothing else related on screen
<ivoks> no...
<Alpha0606> i looked in boot log earlier.......
<ivoks> that's everything i know about rtl8029
<ivoks> i know it's was problematic when it was released
<Alpha0606> found..... ne2k-pci probe 000:00:08.0 failed with error -16
<Alpha0606> does that help?
<Alpha0606> ive got an 8139B and 8139D here too
<ivoks> yeah... well, it doesn't help, but we might found where the problem is
<Alpha0606> k
<ivoks> well, those cards are 100mbit, iirc
<ivoks> you should use those
<Alpha0606> but they wont detect during install
<ivoks> do you have any other PCI slots in computer?
<Alpha0606> is it possible to shut down , change card, then install nic only ?
<Alpha0606> yes i do
<ivoks> of course it's possible
<Alpha0606> well yeah - sorry - daft question ur right
<Alpha0606> :)
<Alpha0606> but is it fairly eaasy? :)
<ivoks_> you shouldn't do a thing
<Alpha0606> i googled but all i could find was references to network manager :/
<Alpha0606> will auto detect on startup?
<ivoks_> are we talking about server or desktop?
<Alpha0606> server
<ivoks_> it will auto detect on startup
<ivoks_> there's no network manager on server
<Alpha0606> machine restarting now with 8139B in it
<Alpha0606> wow
<Alpha0606> screen full of segmentation fault?
<Alpha0606> whats that mean?
<ivoks_> http://en.wikipedia.org/wiki/Segmentation_fault
<Alpha0606> k - ive restarted with the 8139D in anyway
<Alpha0606> i dont tend to panic ;)
<Alpha0606> :D
<ivoks_> segfaults aren't caused by nic
<Alpha0606> im looking to replnld oblrver
<Alpha0606> replace an old       cobalt server     that was :)
<Alpha0606> ok
<Alpha0606> machine restarted
<Alpha0606> if i do /etc/init.d/networking restart i get no such device still on eth0
<ivoks_> dmesg | grep eth
<Alpha0606> no output
<ivoks_> dmesg | grep 8139
<ivoks_> sudo modprobe 8139too
<alefteris> ivoks, it sucks not having an easy to install web interface for admin by default, is it a todo thing for future versions?
<ivoks_> alefteris: yes
<alefteris> blueprint?
<ivoks_> search for ebox
<alefteris> ok thanks
<Alpha0606> done the modprobe 8139too
<ivoks_> !ebox
<ubotu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See the plans for Hardy at https://wiki.ubuntu.com/EboxSpec
<alefteris> ok cheers
<ivoks_> Alpha0606: now run dmesg
<Alpha0606> still cant see any reference to nic
<ivoks_> try with other PCI slots
<Alpha0606> lp:      ?
<ivoks_> i'll be back later
<Alpha0606> lp: driver loaded but no devices found
<Alpha0606> :/
<Alpha0606> i think i try to get a different nic
<Alpha0606> this is a brand new belkin on an 8139D and it wont see it
<ivoks> change PCI slot
<Alpha0606> done
<ivoks> those cards work perfectly under ubuntu
<Alpha0606> yeah?
<Alpha0606> hum
<Alpha0606> ill go for slot 1 this time
<Alpha0606> just says no such device
<ivoks> try with 8139cp
<Alpha0606> k
<ivoks> modprobe 8139cp
<Alpha0606> no such device
<Alpha0606> any other 8139 drivers?
<ivoks> nope
<Alpha0606> reinstall tomorrow then looks like :)
<ivoks> it won't help
<Alpha0606> damn :/
<ivoks> check out bios
<Alpha0606> ur sure 8139D are ok?
<ivoks> look for IRQ settings
<Alpha0606> what in BIOS?
<Alpha0606> k
<Alpha0606> oaed ll defaults
<Alpha0606> loaded
<Alpha0606> slot 5 ethernet irq10
<Alpha0606> 8139cp tried on startup - it suggests try 8139too
<Alpha0606> no good
<Alpha0606> still no such device
<Alpha0606> probe of ..... failed with error -16   again
<Alpha0606> i wonder what error -16 is
<Alpha0606> ivoks - thnx for all ur time - i think its time to rest the brain ;)
<Alpha0606> i appreciate ur help
<ivoks> np
<TrickFinlay2> hey guys is there a command to show all mounted volumes?
<TrickFinlay2> hmm nevermind lol
#ubuntu-server 2008-02-03
<gorlak> i have a question, i have a ubuntu 7.10 server setup, headless and i vnc into gnome desktop, is there any way to force a higher resolution? with a monitor installed i get a reasonable 1440x900 (monitor resolution) so i know the card can handle something larger than 800x600
<gorlak> i have also attempted to edit the xorg.conf file too w/o any success, anyone have any ideas?
<davidof> Hi all
<davidof> Anybody knows if it's possible to configure cupsd.conf to allow petitions only at the eth1 or eth0, but not both?
<davidof> I have a computer with two ethx. If both are up, cups doesn't works, but if I ifdown eth1 everything works perfectly
<davidof> I mean, I'm trying to remote administration from another computer :)
<davidof> it seems to be a bug
<kraut> moin
<bardyr> hey, how can i install gnome on the server without openoffice, games, pidgin, etc. just a clean gnome
<ikonia> bardyr: the gnome-desktop package will install pretty much the minimum you can get away with
<fujin> anyone got a tutorial for configuring gfs/gnbd on Ubuntu?
#ubuntu-server 2009-01-26
<vz07mk> Havng trouble with dell poweredge 1400sc install of ubuntu 810
<vz07mk> giving incomptible chip error
<vz07mk> dell server is an older one with scsi aic 7899 controller
<vz07mk> wondering if anyone has senn this b4
<vz07mk> error is somethng like 8139c+ is not a compatible chip
<vz07mk> then says to try the 8139t00 driver instead
<altf2o> NIS + NFS appear to be working just fine, i CAN login as an NIS 'exported' user, however i get: Your home directory /home/<user> doesn't appear to exist, do you want to use / (root) as your home dir? (You likely won't have access to much) , or similar. I haven't found a tutorial that mentions how to make sure the users are using their home dir on a central server? And NOT on the local computer.
<vz07mk> alert shows something like /dev/disk/by-uuid/b728fabt...does not exist
<vz07mk> dropping to shell
<vz07mk> anyone out there?
<vz07mk> Is this a server help chat
<Bizzeh> hi, i am just about to reinstall my home server, and looking at replacing my hacked together system built on win2k3 (running apache rather than iis).. does ubuntu server force that POS shoshin (sp?) patch on me or does it allow me to run a vanilla php ?
<rdw200169> Bizzeh, you mean suhosin?
<Bizzeh> thats the one
<rdw200169> Bizzeh, yeah, ubuntu's got it, this should help you though: http://ambitonline.com/nextrelease/archives/113-How-to-Ubuntu-PHP-Remove-Suhosin.html
<Bizzeh> why isnt it an optional extra?
<rdw200169> who knows...
<Bizzeh> seems a bit of a dictatorship there.. "your going to use this patch because we say so"
<hads> hah
<rdw200169> i think it would be a little two difficult to offer both options
<rdw200169> i don't know though; all i *do* know is that it can't be an 'option' because of how significant the php patch is
<Bizzeh> what? php5.2.x-vanilla and php5.2.x-suhosin as 2 conflicting packages isnt doable?
<Bizzeh> does it add features, or significantly change features where that if i was to transplant the app written in php to a non suhosin server, it would break?
<altf2o> hmm, update to my question. I have a user on my server (scubasteve) and if i'm on my client and create an empty: /home/scubasteve , then manually: sudo mount <server_ip>:/home/scubasteve /home/scubasteve , i can log in without question! So it appears NIS + NFS is working correctly, it's simply a matter of how to tell the clients to automount /home/<user> from the server?
 * altf2o looking @ autofs , but not finding many /decently coherent/ tutorials explaining the process. I'm gonna keep going in the mean time.
<altf2o> alright incase anyone is interested, i got it simply by adding: /home /etc/auto.home -rw , in /etc/auto.master , then in /etc/auto.home itself: * <serverIP>:/home/&  , restarted autofs\nis, works exactly as expected! :). This is actually a really neat way of doing things. Now to try and secure\lock it down as much as possible.
<Aug> Hi2All
<Aug> Iam use Ubuntu Server 8.04. it work all ok. i changed motherboard from ASUS P5B-VM to ASUS P5K-VM... Problem: it is long loading on load modprobe modules... very long on: [    6.221367] ACPI: Power Button (CM) [PWRB] [  185.761627] loop: module loaded    How it tune?
<Aug> 3 minutes it freeze on load
<PC_Nerd> Hi,  is there any program/daemon etc  that allows me to monitor CPU, memory and network usage of selected || all proccesses running on the machine?
<PC_Nerd> ultimately im looking at creating a small web based panel (CGI script) that will display graphs of recent activity, logs of network usage etc.
<jtaji> PC_Nerd: nagios, munin
<jtaji> they are web based with graphs
<PC_Nerd> Thanks, Ill look into them
<kraut> moin
<quizme> on ubuntu should prefix=/usr instead of prefix=/usr/local  ?
<andol> quizme: In which situations?
<jpds> quizme: I think all packages install their stuff to /usr.
<jpds> Hey andol.
<quizme> like for example
<andol> jpds: good morning
<quizme> i just installed ruby, rubygems, openssl, from source
<quizme> and it seems they are going in /usr/local/bin
<hads> Why?
<quizme> instead of /usr/bin
<andol> quizme: If you install yourself from source I'd put them in /usr/local, or somewhere completly else.
<_ruben> to avoid conflicts with packaged stuff, i'd put such stuff in /usr/local
<quizme> oh
<quizme> so it's good that i kept it in /usr/local ?
<andol> quizme: Actually, putting them in /usr/local works pretty well with existings paths, library inclussions, etc
<_ruben> building from source is highly discouraged though
<hads> If you really have to install something by hand then, yeah, use local
<quizme> it's just that, it seems like there is a dependency tree, where the packages i install in /usr/local look for dependents in /usr/local as well, so i have to double install all the dependents in /usr/local even if they were previously installed in /usr (thanks to apt-get)
<quizme> ok
<_ruben> if you need newer versions/specific features .. rebuild an existing package with a newer source tarball .. or create a new package from scratch
<quizme> so i guess i'm doing the right thing
<_ruben> building from source is bound to cuase a dependency hell later on
<quizme> just by accident
<quizme> yeah
<quizme> i'm experiencing it
<quizme> it's just that
<quizme> i want to use the latest version of ruby
<hads> The easy way to fix it is to not install from source :)
<_ruben> the properly buid a .deb for the latest version of ruby
<quizme> and i'm on 8.04 and it installs only ruby 1.8.6
<_ruben> if you start building from source directly, you might as well install slackware or gentoo
<quizme> i don't know how to get the latest .deb
<hads> Slack isn't a source distro :)
<quizme> how do i get the latest .deb file ?
<_ruben> http://www.debian.org/doc/maint-guide/ch-update.en.html
<_ruben> either find one on the net, backport the package from intrepid/jaunty, or roll your own .deb as described in the url i pasted
<quizme> i'm using 8.04
<quizme> should i be using 8.10 if i want to be current like that ?
<_ruben> depends on your definition of "current"
<hads> Does ruby change that much?
<_ruben> 9.04a3 probably has even newer packages
<quizme> mainly i want to use Ruby 1.8.7
<quizme> hads: not really, but i'm OC like that
<hads> Oh, then just don't be.
<quizme> hads: they recommend using 1.8.7 on the ruby on rails main page
<quizme> that's the main reason
<barduck> Hey...can anyone recommend good bittorrent client that can run as daemon without a gui and and has built-in web interfance for remote controlling ?
<lukehasnoname> rtorrent might?
<barduck> it doesn't seem to have a web interface though
<hads> transmission+clutch
<barduck> hads: I'll check, thanks
<quizme> got disconnected :(
<quizme> how do u install from a deb file if apt-get is not giving you what you want?
<quizme> you just need to download a .deb file?
<quizme> who is smarter? the guys who built RoR or the people who use RoR ?
<domas> quizme: neither?
<quizme> domas: you are correct, you win $10,000
<domas> transfer them to paypal account donate@wikimedia.org
<quizme> hehe
<quizme> ok
<quizme> ummm later
<_ruben> if only we could properly integrate mediawiki into our sharepoint environment .. damn windows network :p
 * [gnubie] waves
<[gnubie]> for production setup, do you use LVM on the database partition? if yes, does it have a big impact with its disk i/o or tolerable? please share your ideas. thanks in advance.. ;)
<gate_keeper_> any recommends for ssl jabber server and good tutorial too?
<quizme> [gnubie] i heard that an xfs freeze stops database activity for around 10-15 seconds.
<domas> [gnubie]: LVM snapshot is 5x slowdown
<domas> quizme: no need to do xfs freeze
<andol> gate_keeper_: I like jabberd2. Its main documentation is pretty good.
<domas> at least with new kernels
<domas> [gnubie]: I run special LVM-based replication slaves I do snapshots on, not on main machines
<[gnubie]> gate_keeper_: look for the ejabberd
<domas> [gnubie]: and... if you go for high performance/high concurrency environment, LVM can add 20% overhead in normal operation
<[gnubie]> quizme and domas: does it mean that i will not use LVM for database storage?
<domas> um, maybe 10%, not 20%, I'd have to rerun my benchmarks
<domas> depends on your load
<quizme> [gnubie] i don't know about this stuff.  ask domas
<domas> is your machine doing 10000 queries a second?
<domas> 10000 write transactions a second, that is
<domas> :)
<gate_keeper_> ok, thx guys
<[gnubie]> quizme: i'm still about to setup a database server
<domas> LVM gives you quite some freedom
<quizme> [gnubie] i run on ec2, do you use that
<domas> but snapshots cost
<[gnubie]> domas: sms targetting (hopefully) a million sms a day
<domas> [gnubie]: it all depends on your application :)
<domas> anyway, if you can tolerate 5x lower i/o performance, you can use LVM snapshots
<domas> if you can tolerate 5% lower i/o performance in general cases, LVM is all good
<[gnubie]> domas: if let's say, i will not use lvm.. i will have raid-1.. if in case the hard disks are almost used up, how do you extend or migrate to a bigger drives without or limited downtime?
<domas> you grow your RAID array :)
<domas> quite a few RAID controllers support online growing
<[gnubie]> domas: oh, there will be a downtime for adding 2 hard drives and removing the old ones afterwards
<[gnubie]> domas: you mean, just add another 2 hd drives
<[gnubie]> ?
<domas> yes
<domas> hehe, some or our db boxes: http://commons.wikimedia.org/wiki/File:Wmf_sdtpa_servers_2009-01-20_42.jpg ;-)
<[gnubie]> domas: does it mean that there will be 4 HDDs configured as RAID-1?
<domas> raid 10
<domas> or raid 0+1
<domas> depends how you call it
<domas> :)
<[gnubie]> domas: currently, i will be planning to set the 2 HDDs as RAID-1.. does it mean that later if i add 2 additional HDDs, i can easily add these 2 HDDs to the RAID 1 setup?
<domas> depends on your controller
<domas> I wonder how kernel would detect a volume size increase
<domas> might need a reboot :)
<domas> of course, you can use LVM
<domas> hehehe, we do manage servers in a bit different way
<domas> any hardware change = immediate reinstall
<domas> with full data wipe
<[gnubie]> domas: btw, do you prefer hardware raid 1 over software raid 1?
<domas> yes, I prefer hardware raid
<domas> software raid for databases is shooting into one's foot
<[gnubie]> domas: i wonder red hat prefers software raid and lvm for their setup.. any idea?
<domas> do they?
<domas> LVM makes managing easier
<[gnubie]> domas: not sure.. but to think that they are actively promoting software raid and lvm even on their docs
<domas> [gnubie]: software raid is probably better than no raid
<domas> could be a reason for promotion
<domas> hardware raid is much much much better
<domas> there's one very simple reason
<[gnubie]> domas: i agree..  ;)
<domas> write-behind caching with battery
<domas> you can't beat that with software ;-D
<[gnubie]> domas: what raid controller can you recommend if the server is just a clone amd64 based server?
<domas> *shrug*, any expensive one ;-)
<[gnubie]> domas: what are those?  ;)
<domas> adaptec,lsi,etc :)
<[gnubie]> domas: 3ware?
<domas> didn't have good experiences with 3ware :)
<domas> oh, and had some bad :)
<[gnubie]> i see..
<domas> didn't have too many 3ware based boxes
<domas> but random corruption isn't something I like to keep in-house :-)))
<[gnubie]> going back, i wonder if adaptec or lsi raid controllers supports online extending of raid 1 arrays
<[gnubie]> too bad..
<domas> ghm, ones I have I guess do
<[gnubie]> domas: what do you have in there?
<domas> we got a batch of Sun X4240s shipped with 'sunraid' raid controller, which is Sun branded Intel-manufactured stuff with Adaptec software ;-D
<[gnubie]> domas: how sweet.. ;)
<[gnubie]> domas: if i can just go back from the past..  ;)
<[gnubie]> domas: maybe i will try to check their websites and see..
<[gnubie]> domas: another question.. in the early 200x, i used ReiserFS for Maildir partitions and XFS for database.. nowadays, what can you recommend?
<domas> hhahahaha, I remember very nice reiserfs corruption on some maildir hosts ;-)
<domas> I prefer XFS
<[gnubie]> domas: i heard that xfs has been discontinued
<domas> by whom?
<[gnubie]> domas: is that true?
<domas> join #xfs and you'll find most lively filesystem development channel ;-)
<[gnubie]> ok
<domas> anyway, XFS is the only linux filesystem that supports concurrent DIO ;-)
<domas> if you have hardware raid, make sure you turn off write barriers though :)
<[gnubie]> domas: write barriers? where can i turn it off?
<domas> 'nobarrier' mount option
<domas> you may want to use it if you have direct disk access, and have write-behind caching at _disk_ level
<[gnubie]> domas: ok.. thanks for the advice..
<andol> domas: next time I have to do disk optimization I'll have to remember to ask for your advice :)
<domas> andol: just read my blog
<domas> most of my 'wisdom' is there ;-)
<andol> domas: nice, url?
<domas> dammit.lt, or google for 'domas'
<domas> ;-)
<andol> thanks
 * andol takes a closer look at the article on ZFS and MySQL...
<domas> hahaha, caused some internal noise with this :)
<palt> I have a ubuntu server which corrupts big files. I have some dvd isos that doesn't get the right md5sum. Small files say 200MB however works just fine.
<palt> I have 2 discs in a software raid 1.
<palt> I have tried several dvd's and both wget them and scp from another box, but they still gets corrupt
<geekboxjockey> good morning
<geekboxjockey> I was wondering if anyone here who runs Xen could answer a quick question for me,
<ScottK> !ask > geekboxjockey
<ubottu> geekboxjockey, please see my private message
<geekboxjockey> I am using disk images for Xen, not LVM and was wondering what others may recommend for VM backups with this setup. (I am fine with full machine image backups, not sure about snapshots)
<jdstrand> didrocks: re around?> I am now :)
<jtaji> geekboxjockey: I do a mysqldump then rdiff-backup the whole system from my home machine
<jtaji> daily
<geekboxjockey> jtaji: so rdiff-backup is incremental and works with a .img right?
<geekboxjockey> so if i have 20-50  gig images, and run rdiff-backup for say 3-4 machines, would that cripple operations for the duration of the backup?
<jtaji> geekboxjockey: it's incremental in that it stores diffs to go back in time
<jtaji> it doesn't deal with the image, it runs on the running filesystem
<jtaji> geekboxjockey: example: http://www.linode.com/wiki/index.php/AutomatedRdiffBackup
<geekboxjockey> so if i need to restore, i just drop files in a fresh image?
<geekboxjockey> thank you for the link :)
<jtaji> geekboxjockey: I guess if you have access to dom0 you can just backup the images... I have never done it from that end
<jtaji> I think Linode is working on implementing that type of backup solution for their customers
<geekboxjockey> the only issue with image backup is that the images are the full size of the disk, regardless of the actual usage size
<geekboxjockey> ive seen some documentation for LVM but was advised to stay away from LVM
<padhu> Dear Xperts
<robertj> I installed 8.04.1 Server x64 on a R200 and it all works fine but I don't have video if I leave it unplugged and plug it back in a while later
<robertj> (like a month)
<Faust-C> anyone tried out samba4 yet
<palt> Isn't it in alpha version still?
<Faust-C> yeah but ive read of ppl actually using it (idk how much truth is to it being used in production)
<palt> Cool, well I guess samba alpha is quite stable, but I haven't tried it yet :/
<Faust-C> theyve had success w/ it being a DC for windows systems
<Faust-C> like a 2003 DC not 2000 mixed mode
<isaac> uhm, I am converting LDAP schema files to LDIF as explained in https://help.ubuntu.com/8.10/serverguide/C/openldap-server.html
<isaac> and it's splitting the lines in a weird way
<isaac> is that normal?
<isaac> example: http://paste.ubuntu.com/109874/
<sommer> isaac: yes, it should be fine
<isaac> sommer: ok, thanks :)
<sommer> isaac: I believe as long as there's a space at the start of a new line it's valid LDIF
<isaac> great :)
<Blah78> anyone knows how to make fb work with ubuntu-server in a vmware? Can't find /dev/fb0
<phreestyle-work> hello all. I'm having a very strange problem with postgresql: everytime I reboot the server, all data in the tables is gone. All the sequences are still intact but none of the data is...any thoughts?
<incorrect> how much disk space do i need to build my own repository?
<andol> incorrect: A complete mirror, or just a repo for a few packages you've built yourself?
<incorrect> complete mirror
<incorrect> i am going to have a server farm of ~500 systems,  thought it would be easier for me to mirror
<andol> incorrect: http://www.ubuntu.com/getubuntu/mirror/2
<incorrect> that is nothing,  i had 4TB reserved for it
<uvirtbot> New bug: #321526 in mysql-dfsg-5.1 (universe) "package mysql-server-5.1 5.1.30-2ubuntu4 failed to install/upgrade: Unterprozess post-installation script gab den Fehlerwert 1 zur?ck" [Undecided,New] https://launchpad.net/bugs/321526
<crackintosh> can I run a cron job as www-data? do I just change the user in /etc/crontab or do I have change www-data's cron
<incorrect> crackintosh, sure, give it a shell then su - www-data
<Deeps> crackintosh: you can do it eitherway. using /etc/crontab or /etc/cron.d/ is easier to maintain later, than having separate per-user crontabs though, especially for services
<crackintosh> Deeps: I have some php software that requires me to run a cron script: *  *    * * *   www-data    cd /var/www/sugarcrm; php -f cron.php > /dev/null 2>&1
<crackintosh> I have never seen a cron with all asterisks
<Deeps> means it runs every minute
<Deeps> of every hour
<crackintosh> perhaps I should change it to: 1-59  *    * * *   www-data    cd /var/www/sugarcrm; php -f cron.php > /dev/null 2>&1
<Deeps> of every day of the month
<incorrect> you can set */1 just to make it easier to read
<Deeps> or just *
<crackintosh> the script keeps failing.
<Deeps> failure isnt due to the asterisks
<Deeps> redirect output to a file
<Deeps> stdout and stderr into a /tmp file
<Deeps> *  *    * * *   www-data    cd /var/www/sugarcrm; php -f cron.php > /tmp/sugarcron 2>&1
<Deeps> and see why it's failing
<Deeps> your asterisks are not the problem
<incorrect> run it manually
<incorrect> when you are happy set up the cronjob
<incorrect> also are you sure your script runs in less than 1 minute?
<incorrect> you aren't running hundreds of them ?
<Deeps> if that does occur, file a bug with sugarcrm as they should account for that in their cron.php
<incorrect> i once saw this guy who had an rsync job on cron, one day it look longer than 5 minutes,, that was fairly amusing
<incorrect> food
<incorrect> bye
<crackintosh> Apparently cron was setup correctly, something within the application was not
<Deeps> crackintosh: i believe i said that ;)
<DawnLight> hello. i'm trying to set up exim4 as an MTA for an "internet site". i'm not sure why, though blindly following the simple instructions, exim doesn't ask for smtp authentication.  how do i change this and why is this default behaviour?
<Deeps> !serverguide | DawnLight
<ubottu> DawnLight: The Ubuntu server guide may be found at http://help.ubuntu.com/8.04/serverguide/C/
<Deeps> covers how to enable smtp auth
<Deeps> including over ssl/tls
<Deeps> as to why it's the default, good question, seems a bit silly really, there may be some info in /usr/share/doc/exim*
<Deeps> then again, it may not relay mail for domains: * by default
<Deeps> which would explain why
<DawnLight> Deeps: i'm sorry. i've followed https://help.ubuntu.com/8.04/serverguide/C/exim4.html only. i don't see anything else and in this document i don't see anything about requiring passwords, which is what exim isn't currently doing
<Deeps> SMTP Authentication
<Deeps> This section covers configuring Exim4 to use SMTP-AUTH with TLS and SASL.
<Deeps> mind, you may need to change that url to reflect the version of ubuntu you're using, heh
<Deeps> ie if you're using intrepid, change the 8.04 to 8.10
<DawnLight> heh - my bad. the gnome thingo was keeping my password for that account even though i've deleted that account from evolution... it does ask for a password. smart exim! love exim!
<DawnLight> thanks Deeps
<Deeps> no problem
<DawnLight> :)
<DawnLight> ciao
<melter> is there an alpha 3 server release of jaunty?
<martin___> hi all
<martin___> hope someone can help me
<martin___> i try to make a linux software raid
<martin___> raid 5 to be exact
<ivoks> ok
<martin___> something strange happens
<martin___> when i create the raid 5 with my three disks all seems fine but when i reboot the 3rd drive is kicked out "failed"
<ivoks> did you check dmesg?
<martin___> it is not the disk (tried 2 brand new ones and moved between slots
<knoppix> did you tryed remounting redecting somehow ?
<martin___> what is interesting is that 2 of the disks are on the motherboard; standard sata II
<martin___> the other disk is on a sil 3124 RAID PCI controller
<martin___> that is the disk that gets kicked out at reboot
<martin___> I see with lsmod also that dmraid is active (although i don't want and use it)
<martin___> could that somehow conflict with mdraid?
<martin___> ivoks: yes but i could only see it being recognized as failed
<martin___> knoppix: Yes added, repartitioned and tried again several times
<martin___> it is a long proces rebuilding; almost 8 hours per try
<ivoks> martin___: right, purge dmraid
<ivoks> you don't have to wait for it to rebuild
<martin___> ivoks: I wish I would know how.
<ivoks> apt-get purge dmraid
<martin___> I entered in grub nodmraid
<martin___> ivoks: I removed that dmraid package but the modules are still loaded by ubuntu server
<knoppix> when power gets late they are ignored by linx
<knoppix> i see this problem commonly
<knoppix> but im not sure if its some as your pblem
<ivoks> martin___: add /etc/modprobe.d/my-custom-config
<ivoks> martin___: and put in it 'blacklist dmraid'
<ivoks> martin___: run depmod
<ivoks> martin___: and update-initramfs -u
<knoppix> anyway what im talking about is not linux spesific
<knoppix> its just about bioss detect time..
<martin___> ok
<martin___> going to write that down
<martin___> what should i put in my-custom-config file?
<ivoks> blacklist dmraid
<martin___> btw: the modules i talk about are called dm_mirror dm_log and other two i forgot
<ivoks> you need those
<martin___> so I should enter lines like:
<martin___> blacklist dm_mirror
<ivoks> silly me
<martin___> ?
<ivoks> dmraid module doesn't exist at all
<ivoks> martin___: you need dm_* modules
<ivoks> martin___: that's software raid
<martin___> can you use that wildcard or specify them one by one?
<ivoks> martin___: don't blacklist them
<ivoks> martin___: i was wrong, dmraid module doesn't exist
<kaje> I changed the permissions of /etc/sudoers to 640 in an attempt to edit it and now I can't sudo to anything because it complains the permissions are wrong. I can't even sudo chmod 440 to fix it... How do I fix this?
<ivoks> kaje: add init=/bin/bash argument in grub
<ivoks> fix it and reboot
<ivoks> martin___: everything is fine with your modules
<kaje> ugh, there is no way to fix it without rebooting? this is a server I'd rather not take down...
<maxb> Or, acquire root by another means, e.g., ssh, su
<martin___> ivoks: but aren't those modules i mention like dm_mirror for fakeraid (so raid on a software raid card) instead for linux software raid?
<ivoks> martin___: put output of dmesg on paster.ubuntu.com
<ivoks> martin___: no, that's linux software raid
<ivoks> dm is from device mapper
<martin___> ah ok
<martin___> then i am going to reboot my newly created raid 5 with 4 disks now
<ivoks> ok
<martin___> before i do, any other interesting logs i should safe after creating the raid before rebooting?
<ivoks> no, just reboot
<martin___> going down :)
<martin___> while booting another complete different question: during boot i get a message like about something: CPU does not support KVM extensions
<martin___> any idea what that is?
<martin___> i have an atom processor in it
<ivoks> atom doesn't support kvm
<ivoks> so, that message is normal :)
<martin___> so no problem, just a message, thx
<ivoks> kvm is for virtualisation
<martin___> 64bit ubuntu didn't work also while the specs says 64bit capable
<martin___> ok it has rebooted
<martin___> going to pastebin
<ivoks> martin___: which atom is that?
<ivoks> not every atom supports 64bit
<martin___> it is a different one as in my eeepc
<martin___> becuase it shows 4 CPUs in system monitor
<ivoks> that's doesn't mean anything
<ivoks> 64bit atoms are atom 230 and atom 330
<martin___> model name	: Intel(R) Atom(TM) CPU  330   @ 1.60GHz
<martin___> so a 330
<martin___> but after grub loaded initrd with the setup ubuntu server crashed
<martin___> so I had to install 32bit
<ivoks> did you try live cd?
<martin___> nice device but I run into some issues with it and ubuntu :( (no 64bit, raid issue). It is a BBS2 from tranquilPC
<ivoks> raid issues have nothing to do with processor
<martin___> Yes, I booted from USB stick (only option, no CDROM avaialbe)
<martin___> btw paster.ubuntu.com gives address not found
<ivoks> paste.ubuntu.com
<martin___> that's better :)
<martin___> ok it's pasted
<martin___> under Martin
<martin___> For completeness I also now pasting the dmesg from before the reboot where you can see the creation of the raid array is complete
<ivoks> could you paste the link?
<ivoks> martin___: link?
<martin___> aft reboot: http://paste.ubuntu.com/110019/
<martin___> ivoks: before reboot: http://paste.ubuntu.com/110020/
<ivoks> raid5: raid level 5 set md0 active with 4 out of 4 devices, algorithm 2
<ivoks> ?
<ivoks> looks ok to me
<martin___> yeah: just did a cat /proc/mdstat
<martin___> this is strange, very strange
<martin___> itried for days
<martin___> it seems using 4 instead of 3 disks helped
<ivoks> 'before reboot' paste was... what?
<ivoks> these are different configurations
<martin___> the dmesg just after creating the array with 4 disks instead of 3
<ivoks> you mean before?
<ivoks> couse, i can see here two raids
<ivoks> one mirror and one raid5
<ivoks> i'm talking about http://paste.ubuntu.com/110020/
<martin___> that's right: that's another try i did
<ivoks> there's mirror of sdb1 and sdc1
<martin___> after trying to build raid 5 with 3 disks several times (that failed) I made a RAID0 on the sil3124 controller disks
<ivoks> and raid 5 of 3 disks, but only two are found; sde1 and sdf1
<martin___> i did that to expiriment (out of sensefull options)
<martin___> another thing i did was assigned as partition type linux raid to all disks instead of linux
<martin___> so compareds to the failing config with 3 disk (where one was marked failed) it either helped i changed partition types or using 4 instead of 3 disks in the array
<martin___> What do you think?
<martin___> oh yes, i also made a chunk size of 128KB instead of 64K now
<ivoks> err...
<ivoks> noting failed in these logs
<martin___> yes, as i said
<martin___> it did in the situation with 3 disks but i don't have the log
<ivoks> oh
<martin___> going to create ext3 on the array now
<ivoks> it's hard to say why it failed, if there aren't any logs
<martin___> that is mkfs.ext3 /dev/md0 right?
<martin___> ivoks: i understand, till now i am just happy it seems to work now after reboot. But I am very sorry that i asked for help of you while it works now. I assumed too much my last fiddling didn't help after having fiddled for days now :)
<martin___> ivoks: but your help is very much appreciated anyway
<ivoks> anyway, a friend of mine does have 64bit ubuntu on atom 330
<martin___> that is strange huh? I really got a dump message. Well it is not that big of an issue cause it is just a home server
<martin___> i think performance wise it won't make a real big difference
<ivoks> probably, yes
<martin___> is mkfs.ext3 /dev/md0 the right command?
<mathiaz> kirkland: are you looking into the iscsi SRU for hardy? https://bugs.launchpad.net/ubuntu/hardy/+source/open-iscsi/+bug/236640
<uvirtbot> Launchpad bug 236640 in open-iscsi "iSCSI install fails under hardy" [Undecided,Won't fix]
<kirkland> mathiaz: not particularly
<ivoks> martin___: yes
<ivoks> mathiaz kirkland ;) hi
<kirkland> ivoks: howdy
<mathiaz> ivoks: bonjour!
<ivoks> mathiaz: ca va?
<martin___> ivoks: thx again m8
<mathiaz> kirkland: well - you're assigned to the bug
<mathiaz> ivoks: oui - et toi?
<ivoks> mathiaz: bien, merci
<mathiaz> kirkland: and slangasek assigned another iscsi SRU for hardy to me.
<mathiaz> kirkland: so it seems one of us should look into doing one SRU for hardy
<kirkland> mathiaz: i won't stand in your way, if you're volunteering ;-)
<binspace> How do you do a non-interactive install of postfix? I already tried export DEBIAN_FRONTEND=noninteractive.
<lamont> binspace: mostly it's with a crowbar
<lamont> used as a bludgeoning instrument
<binspace> lamont: Aah, so expect?
<lamont> it _can_ be preseeded, but it's not pretty
<lamont> binspace: nah - you have to tell it answers
<lamont> so you _could_ use expect, but preseeding is easier
<lamont> it just kinda doesn't make it trivial
<binspace> lamont: What do you mean by preseeding?
<lamont> binspace: providing the debconf answers to debconf in a file is generally done through the process called 'preseeding'
<lamont> wherein you hand debian-installer a preseedfile
<lamont> learning how to do that is on my todo list. :=(
<binspace> cool. we're already doing this for mysql-server, but what are the debconf options for postfix?
<lamont> that's the part that postfix is not exactly friendly about
<binspace> bummer.
<lamont> I had my reasons for making it unfriendly, but it's still unfriendly in that way
<binspace> So how can I automate the install?
<lamont> maybe bugs.debian.org/436294 has ideas?  dunno
<binspace> ok. For now, I'm thinking apt-get install postfix <<< '\n\n\n'
<binspace> lamont: Thanks. I'll give it a shot.
<Baptiste_Manson> hi there
<Baptiste_Manson> i'm trying to find a good dedicated hoster in USA
<Baptiste_Manson> with ubuntu server
<Baptiste_Manson> any tips ?
<Baptiste_Manson> To sum up I'm trying to find a hoster in USA, with dedicated servers under ubuntu servers for app. 10 servers
<_Cid> Baptiste_Manson:  no idea here - I thought several of the providers out there allowed you to determine your own OS?
<_Cid> I run a "hobby" server myself (of a dynamic IP now, eeew)   you could do the same to :P
<Baptiste_Manson> _Cid: not really, the US server market seems mainly centered around centos and redhat
<_Cid> Baptiste_Manson:  I am sure you researched, but top google hit: http://www.m5hosting.com/ubuntu-dedicated-server.php :)
<_Cid> oh, dyndns offers ubuntu as an option - those guys rock:  http://www.dyndns.com/services/springserver/
<Baptiste_Manson> _Cid: right, it was somehow to see if one of the american hoster was far better than others from your experience
<_Cid> Baptiste_Manson:  never used dyndns for hosting, but using a few different other services of theirs, I like them .... shooting in the dark, I might go with them ;-)
<Baptiste_Manson> _Cid: thx
<ScottK> Baptiste_Manson: I use http://softlayer.com/ and have been happy with them.
<Baptiste_Manson> ScottK: thx
<kaje> Does anyone know how to make module-assist pass a -y option to apt-get so I don't have to accept the packages it wants to install every time?
<Baptiste_Manson> Thx for the testimonials about hosters providing dedicated servers under ubuntu server in USA (I got 3 names now : m5hosting, softlayer and dyndns)
<kaje> cari.net also does, but they have $75 setup fee if you choose ubuntu (which I think is dumb)
<kaje> I use cari.net for a server and they have been very professional and reliable...
<maxb> ubuntu, as opposed to?
<kaje> as opposed to fedora, suse, and one other I can't remember
<maxb> how peculiar
<maxb> What's to stop you just reimaging as soon as you're set up?
<kaje> yeah, I agree... it is probably just that they don't have a lot of experience with it...
<erichammond> Baptiste_Manson: You might consider Amazon EC2.  I maintain Ubuntu images for EC2 listed on http://alestic.com and there is a support group at http://ec2ubuntu-group.notlong.com
<kaje> well, nothing I guess... except how would you reinstall ubuntu through an SSH connection?
<kaje> hmm, maxb... that's an interesting idea...
<kaje> do you know of someone that has been able to remotely image a system and blogged about it?
<maxb> The systems guys where I work have done ~10 remote slackware->debian overwrites.
<maxb> I think via the magic of "borrowing" the swap partition to be a minimal temporary OS
<kaje> that's a pretty cool hack =)
<Baptiste_Manson> erichammond: amazon ec2 can be a good technical solution though, sadly it is really hard to say to a client that their data will be hosted by amazon
<binspace> ec2?
<Baptiste_Manson> binspace: Elastic Compute, this is cloud computing as far as I know
<binspace> sorry. Yes, I recommend ec2 :-)
<binspace> or I've used it and have been happy
<binspace> lamont: Do you know which config file the postfix system mail name is stored in?
<binspace> Actually, I'm trying to set the postfix debconf, and run into the System mail name prompt
<lamont> binspace: /etc/mailname, per policy
<binspace> And I'm using the template from bugs.debian.org/436294
<binspace> thanks
<uvirtbot> New bug: #321689 in openldap (main) "openldap (slapd) installation fails" [Undecided,New] https://launchpad.net/bugs/321689
<martin___> HI all, anyone who can help me with a RAID issue
<martin___> I create a linux software RAID5 with 4 1TB disks, chunk size 128K and ext3 filesystem on it
<martin___> Now the issue is I have really reasonalbe read speeds but unacceptable slow write speeds: Writing is only done at 2,8MB/s
<martin___> none who can tell me why I have such slow write speeds on my RAID5?
<thehook_> Hello :) I am making some simple scripts to setup and configure a mailserver, and was wondering if it's possible to "supress" the big blue screen asking for input during a scripted apt-get installation of mysql-server for example? And maybe have them as variables in the script or something..
<thehook_> I have also made such script for installing a nginx web server with php support and mysql. And would really appreciate some feedback :) You can find it on http://insecure.no/2009/01/easy-nginx-php-and-mysql-installer-script/
#ubuntu-server 2009-01-27
<donspaulding> server 8.10 gives me an error while trying to use the createuser script to add a user to postgres, but I'm  able to sudo su - postgres and connect via psql, any ideas?
<donspaulding> the error is:   createuser: could not connect to database postgres: could not connect to server: No such file or directory
<donspaulding> 	Is the server running locally and accepting
<donspaulding> 	connections on Unix domain socket "/var/run/postgresql/.s.PGSQL.0"?
<ScottK> Do you sudo the createuser script?
<ScottK> Also sudo -i is better than sudo su for reasons that make sense, but I've forgotten.
<donspaulding> ScottK: yes, I sudo the createuser script
<ScottK> No further suggestions then.
<twb> Does Ubuntu ever issue USNs for packages in universe?
<svenwiesner> hej there
<svenwiesner> good morning everyone
<sommer> yo
<svenwiesner> I was wondering if someone could help me with setting up smtp-auth with dovecot / postifx
<svenwiesner> i have to admit i'm trying since several days
<sommer> !serverguide
<ubottu> The Ubuntu server guide may be found at http://help.ubuntu.com/8.04/serverguide/C/
<sommer> there's a section on setting up smtpauth for postfix in the serverguide
<svenwiesner> did not work
<sommer> svenwiesner: do you have a specific error?
<svenwiesner> relay access denied
<svenwiesner> I have dovecot / postfix
<sommer> svenwiesner: you'll probably want to check the networks configured in postfix
<sommer> svenwiesner: relay access error is different than smtpauth
<svenwiesner> is it?
<sommer> usually
<svenwiesner> what IS smtp-auth then?
<svenwiesner> i thought it is used to send mails over another authentication method then mynetworks
<sommer> smtp auth is a way for user's to authenticate to smtp, which by default doesn't have authentication, but relay rules can block messages even with a valid auth
<jmarsden|work> permit_sasl_authenticated fixes that
<svenwiesner> smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
<svenwiesner> that's what i have
<svenwiesner> no relay_whatsoever given
<sommer> svenwiesner: are you using tls?
<svenwiesner> may mynetworks or mydestination be the problem?
<sommer> I'd double check mynetworks
<svenwiesner> I tried to.. I have to admit I completely failed postfix. I wasn*t able to configure tls, nor ssl nor smtp-auth
<svenwiesner> pretty depressing
<sommer> the serverguide instructions have worked for me
<svenwiesner> the problem may be that I have a virtual server running
<svenwiesner> which is not covered by the serverguides
<svenwiesner> mhm
<sommer> svenwiesner: can you telnet to port 25 of the vm?
<sommer> virtual server's would complicate things, but should still be the same basic steps
<svenwiesner> yes
<sommer> which ubuntu version are you running?
<svenwiesner> 250-PIPELINING
<svenwiesner> 250-SIZE 10240000
<svenwiesner> 250-VRFY
<svenwiesner> 250-ETRN
<svenwiesner> 250-STARTTLS
<svenwiesner> 250-AUTH LOGIN CRAM-MD5 DIGEST-MD5 PLAIN NTLM
<svenwiesner> 250-AUTH=LOGIN CRAM-MD5 DIGEST-MD5 PLAIN NTLM
<svenwiesner> 250-ENHANCEDSTATUSCODES
<svenwiesner> 250-8BITMIME
<svenwiesner> 250 DSN
<svenwiesner> 8.04 tls
<sommer> should work with the serverguide instructions... can you pastebin the relay error?
<svenwiesner> ah i see. it says: reject_unauth_destination
<svenwiesner> the problem is, if I delete this entry it says: parameter "smtpd_recipient_restrictions": specify at least one working instance of: check_relay_domains, reject_unauth_destination, reject, defer or defer_if_permit
<sommer> mmm... what's your mynetworks look like?
<svenwiesner> mynetworks = 127.0.0.0/8
<sommer> svenwiesner: what happens if you add your outside nework ie 192.168.100.0/24
<svenwiesner> same error
<svenwiesner> (relay access denied)
<sommer> is the network you just added the same as the vm's host?  is the vm on an internal network?
<svenwiesner> I meant vhost when saying virtual
<svenwiesner> sorry for this misunderstanding
<jmedina> svenwiesner: still with relay problem?
<svenwiesner> ja
<svenwiesner> i am trying for days now
<svenwiesner> arghl
<jmedina> ok
<jmedina> could you pastebin the output from "postconf -n"
<svenwiesner> right, one sec
<jmedina> that will dump the changed you did to main.cf
<sommer> jmedina: good call
<sommer> I haven't used vhosts, but my thought is you need to tweak smtpd_recipient_restrictions
<svenwiesner> ahm
<svenwiesner> what is pastebin
<svenwiesner> just paste the whole ocnfig here?
<sommer> !pastebin
<ubottu> pastebin is a service to post multiple-lined texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu.com (make sure you give us the URL for your paste - see also the channel topic)
<svenwiesner> http://paste.ubuntu.com/110103/plain/
<svenwiesner> good feature
<jmedina> svenwiesner: well you have mixed configs
<jmedina> you are using TLS
<svenwiesner> neither one works
<svenwiesner> or are they supposed not to work at the same time?
<jmedina> I would disable TLS and start with plain smtp-auth
<jmedina> svenwiesner: how are you testing smtp auth?
<svenwiesner> i add a mailaccount in thunderbird and try to send mail to someone else
<svenwiesner> mailaccount configured on server. reveiving works, sending doesn't
<jmedina> svenwiesner: and did you enable the autentication options in thunderbird?
<svenwiesner> no, does not wirk
<svenwiesner> work
<svenwiesner> i can not even login if enabled
<jmedina> and what is the message you get from the server?
<thorsten11> ls
<svenwiesner> using secure authentication or secure connection?
<jmedina> o_O
<jmedina> ok lets start from the begining
<jmedina> is your dovecot service running?
<svenwiesner> yes, as I said, the chost runs fine according to receiving messages
<svenwiesner> * the vhost
<svenwiesner> so, dovecot is running, postfix is running
<jmedina> and did you change the lines in dovecot.conf about socket listen?
<jmedina> plase show the output from:
<jmedina> ls -l /var/spool/postfix/private/auth-client
<svenwiesner> srw-rw---- 1 postfix postfix 0 2009-01-27 01:08 /var/spool/postfix/private/auth-client
<svenwiesner> my dovecot.conf, if helpful: http://paste.ubuntu.com/110106/plain/
<svenwiesner> btw. thanks for your support
<jmedina> ok
<jmedina> dovecot looks fine
<jmedina> now in the howto says
<jmedina> sudo postconf -e 'smtpd_sasl_local_domain ='
<jmedina> but you have smtpd_sasl_local_domain = $myhostname
<jmedina> that means your smtp server only accept autentications for the users with that domain
<jmedina> if you are using more than one domain leav it empty
<svenwiesner> right!
<svenwiesner> let me check
<jmedina> smtpd_sasl_security_options = noanonymous
<jmedina> add that to your config
<jmedina> so you dont want anonimous access
<svenwiesner> did all that
<svenwiesner> doas not work .. shit
<jmedina> wait
<jmedina> :D
<svenwiesner> ok :)
<jmedina> change smtpd_use_tls = yes to no
<jmedina> then
<jmedina> run
<jmedina> postfix check
<jmedina> restart postfix
<jmedina> and show me the output of telnet localhost 25
<svenwiesner> http://paste.ubuntu.com/110110/plain/
<svenwiesner> i hope there's something there for you
<jmedina> ok
<jmedina> now try to send a mail from thunderbird
<jmedina> but be sure you enable autenticatio in the smtp server
<svenwiesner> ahm, which port is it? 143? "the mailserver sent an invorrect greeting * OK Dovecot ready
<jmedina> that is IMAP server
<jmedina> go to
<jmedina> Edit=>Account Settings
<jmedina> in the left panel at the end ther is "Outgoing Server (SMTP)"
<svenwiesner> yes, i am there...
<svenwiesner> username is checked and typed in
<svenwiesner> and use secure connection is checked as well
<svenwiesner> secure authentication, sorry
<jmedina> use
<svenwiesner> secure connection: none
<jmedina> TLS, if available
<jmedina> you just disabled TLD
<svenwiesner> which port should i choose?
<jmedina> but that will help when you enable again
<jmedina> 25
<svenwiesner> oO
<svenwiesner> it says a lot of aout sasl2 errors
<svenwiesner> wait, i give you the file one moment
<jmedina> where?
<svenwiesner> http://paste.ubuntu.com/110112/plain/
<svenwiesner> syslog
<svenwiesner> buhuuuu! i do not even want cyrus-sasl .. buhuhuu!
<jmedina> svenwiesner: the same in mail.log?
<svenwiesner> yes
<jmedina> ok I found the problem
<jmedina> :D
<svenwiesner> tell me :)
<svenwiesner> pleeeease?
<jmedina> I have to go
<jmedina> :D
<jmedina> ok
<jmedina> plase read this docto
<jmedina> https://help.ubuntu.com/8.04/serverguide/C/postfix.html
<jmedina> and go to "Configure Postfix for SMTP-AUTH using SASL (Dovecot SASL): " in the SMTP Autentication section
<jmedina> you need to confgure
<jmedina> smtpd_sasl_type = dovecot
<jmedina> but I think you typed "smtp_sasl_type = dovecot"
<jmedina> without "d"
<svenwiesner> i typed: smtp_sasl_type = dovecot
<jmedina> please check your configs are exacltly the same as in the example
<jmedina> yeap
<jmedina> it is smtpd_sasl_type = dovecot
<svenwiesner> oh fuck
<svenwiesner> holly shit
<hads> Language
<svenwiesner> german
<erichammond> !ohmy
<ubottu> Please watch your language, attitude, and topic to help keep this channel friendly and helpful. Remember, there are kids here!
<svenwiesner> mhm
<svenwiesner> does not work
<svenwiesner> dommage
<jmedina> please pastebin again "postconf -n"
<svenwiesner> kk
<jmedina> svenwiesner: did you restart postfix after the change?
<svenwiesner> yes
<svenwiesner> the output is quite different though
<svenwiesner> thunderbird: "unable to authenticate to smtp server. the server doesn not support any compatible secure auth mechanism"
<svenwiesner> wait, i give you postconf
<svenwiesner> http://paste.ubuntu.com/110117/plain/
<jmedina> so, restart postfix
<jmedina> try again from thunderbird
<jmedina> what about logs/
<svenwiesner> http://paste.ubuntu.com/110120/plain/
<jmedina> svenwiesner: and thunderbird?
<svenwiesner> "you can not login because you have anabled secure authentication and this server does not support it"
<jmedina> mm
<jmedina> ok
<jmedina> and thunderbir
<jmedina> is TLS disabled?
<svenwiesner> yes, only secure authentication is checked
<jmedina> I dont have that option here?
<jmedina> I have
<jmedina> Security and Authentication
<jmedina> Use name and password )checked)
<jmedina> and Use secure connection: "TLS, if available"
<svenwiesner> yes, ic tried both: never and TLS, if available
<jmedina> mm
<jmedina> close thunderbird and try again
<jmedina> :D
<jmedina> an watch your logs
<jmedina> tial -f /var/log/mail.log
<jmedina> tail
<svenwiesner> ok, interesting enough, tls now works
<svenwiesner> but only without secure auth
<svenwiesner> wait, i restart thunderbird
<svenwiesner> and give you tail
<jmedina> tls works?
<jmedina> but is disabled...
<svenwiesner> tls receiving works... sending doesn't
<svenwiesner> i enabled it for a sec to see if it works :)
<jmedina> ok forgeat about receiving
<jmedina> receiving is managed by dovecot
<svenwiesner> i see
<svenwiesner> mail.log gives no output when i try to connect via thunderbird and "secure authentication" checked
<jmedina> again, where is that "secure authtentication" option?
<jmedina> svenwiesner: in the :"Outgoing Server SMTP"
<jmedina> do you have more than one smtp server listed?
<svenwiesner> its a checkbox: "use secure authentication" in thunderbird
<svenwiesner> at accounts -> account -> server settings
<jmedina> where?
<svenwiesner> and outgoing server -> server
<svenwiesner> i suck
<svenwiesner> you don't
<svenwiesner> i have no idea
<svenwiesner> you have
<svenwiesner> i love you
<svenwiesner> it works
<jmedina> !ohmy
<ubottu> Please watch your language, attitude, and topic to help keep this channel friendly and helpful. Remember, there are kids here!
<jmedina> so what was the problem?
<svenwiesner> i am sorry.. here in my country it is 3:44 am and no kids around... this late time really nags on the attitude :)
<jmedina> I really dont care
<jmedina> I mean, how you speak
<svenwiesner> the problem was, that, in the end, I checked: "use secure authentication" because i thought, this has to be done when using smtp-auth
<jmedina> but we are in a public channel
<svenwiesner> so, ahh... what a relieve! now I can go on configuring tls
<jmedina> yes
<jmedina> yous enable tls
<jmedina> restart postfix
<jmedina> and try with TLS in thunderbird
 * [gnubie] waves
<[gnubie]> wondering why there is no /etc/pam.d/system-auth on ubuntu-server-8.04.2 lts.. any idea?
<jmedina> [gnubie]: because that is redhat style
<jmedina> :D
<rdw200169> [gnubie], do you need one?  we have just common-auth
<jmedina> but system-auth uses more than auth options
<[gnubie]> jmedina: ah, i see..  ;)
<rdw200169> [gnubie], may be the same thing, just in different terms, i dunno
<jmedina> [gnubie]: what are you trying to do with PAM?
<[gnubie]> rdw200169: checking common-auth
<[gnubie]> jmedina: i used to set the following:
<[gnubie]> minlen=8 ; lcredit=-1 ; ucredit=-1 ; dcredit=-1 ; ocredit=-1
<jmedina> that are settings for cracklib
<[gnubie]> jmedina: yes
<[gnubie]> is there an ubuntu specific documentation on pam?
<jmedina> that must be in /etc/pam.d/common-password
<rdw200169> there's documentation for ea. of the security plugins in the man pages
<jmedina> just add something like this ath the top of common-password
<jmedina> password        required        pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3
<jmedina> of course with your options
<jmedina> and install libpam-cracklib
<rdw200169> you can see all the pam options as far as libraries is concerned by searching for libpam; i.e. apt-cache search libpam
<[gnubie]> jmedina: with the default ubuntu lts server, does it mean in order to have a similar config (minlen=8 ; lcredit=-1 ; ucredit=-1 ; dcredit=-1 ; ocredit=-1) i need to setup the libpam-cracklib?
<jmedina> [gnubie]: well, I guess you want to setup a password policy, right?
<[gnubie]> jmedina: yes
<[gnubie]> jmedina: more mandatory characters in creating a password
<jmedina> then you need to have a module that checks that in the password stage
<jmedina> you need to install libpam-cracklib
<jmedina> and then add that settins to common-password
<jmedina> for example
<[gnubie]> jmedina: ok, thanks.. ;)
<[gnubie]> go ahead please..
<jmedina> password        required        pam_cracklib.so minlen=8 lcredit=-1 ucredit=-1 dcredit=-1 ocredit=-1
<jmedina> it goes before the pam_unix.so
<rdw200169> also, if you use apparmor (ultra-crazy security) look into libpam-apparmor
<[gnubie]> i still don't know about apparmor
<[gnubie]> rdw200169: i may consider it later..
<rdw200169> [gnubie], you can also look into selinux
<[gnubie]> rdw200169: yeah..
<[gnubie]> thanks guys.. ;)
<irvingpop> hi, I have a silly deb/apt question
<p_quarles> we only answer srs questions, sorry
<irvingpop> Let's call it a newbie question, then :)
<p_quarles> oh, okay - go ahead
<irvingpop> I installed a package  (dekiwiki) which depends on libapache2-mod-php5,  which depends on apache2-mpm-prefork
<irvingpop> Unfortunately I run my webserver in apache2-mpm-worker and FastCGI, for performance reasons,  so I had to force the package install of dekiwiki with no deps
<irvingpop> Now, every time I run anything in apt it complains that I need to run "apt-get -f install"
<irvingpop> Which then tries to remove my apache2-mpm-worker package and reinstall apache2-mpm-prefork and mod_php5
<irvingpop> Can I break that dependency?
<p_quarles> well, if dekiwiki is what it sounds like (a webapp) I'd actually recommend against using apt to install it
<irvingpop> I did,  I used dpkg
<p_quarles> dpkg == apt
<irvingpop> cause apt-get wouldn't let me at all
<p_quarles> same thing
<irvingpop> hm
<p_quarles> if it has a web based installer, that's what you should use
<p_quarles> I love dpkg/apt, but it's not so good at installing webapps
<irvingpop> it didn't.      So, I'm familiar with rpm and I know there's a way to just get it to ignore dependencies and stop complaining
<p_quarles> irvingpop: dekiwiki sounds like something that runs within Apache; is that not correct?
<irvingpop> It's weird.   It has a PHP frontend and a Mono/.Net backend
<irvingpop> other than that, it's a really fantastic wiki
<[gnubie]> is the maintainer for the syslog-ng binary package in this channel? care to create a backport for the ubuntu-server 8.04.2 lts on the latest syslog-ng 3.0.1?
<p_quarles> irvingpop: does the project have a debian/ubuntu repository?
<irvingpop> yep, that's where I got it from. http://repo.mindtouch.com
<irvingpop> I intend to complain to the Mindtouch folks.   but I just want to get on with my life for now and get my server done :)
<p_quarles> irvingpop: well, in that case, use aptitude; it tries harder than apt-get to find a workable solution to dependency issues
<irvingpop> wow, aptitude is a lot smarter
<p_quarles> yep; but that's also it's downfall; it can sometimes be smarter than you want it to be :)
<irvingpop> I do see that
<mib_ju0c79> @irvingpop mindtouch is really responsive on twitter. ceo is @roebot. everytime i grumble about or praise deki, he responds
<irvingpop> hmmm,  it's offering me a lot more options,  but still nothing workable.        I may have to resort to more drastic measures unless I can get dpkg to start ignoring this dependency
<irvingpop> Thanks, I appreciate that.
<irvingpop> Seriously, people should just make Apache mpm-worker and FastCGI the default anyway
<rdw200169> [gnubie], you may be able to find one in the Launchpad PPA's
<rdw200169> [gnubie], nevermind, i looked and there's nothing there.
<rdw200169> [gnubie], i don't know if you're gonna find what you're looking for; hardy has 2.0.9-1ubuntu1 and intrepid has 2.0.9-3ubuntu1; here's the very minor changelog: http://changelogs.ubuntu.com/changelogs/pool/universe/s/syslog-ng/syslog-ng_2.0.9-3ubuntu1/changelog
<rdw200169> [gnubie], and i have no clue about jaunty: http://changelogs.ubuntu.com/changelogs/pool/universe/s/syslog-ng/syslog-ng_2.0.9-4.1/changelog
<rdw200169> [gnubie], so 3.0.1 isn't even in intrepid, or jaunty (yet)
<thorsten11> Wow that was alot of sign offs lol
<[gnubie]> rdw200169: sorry, i was out for a phone call..
<[gnubie]> rdw200169: kindly check this out => http://www.balabit.com/downloads/files/syslog-ng/sources/3.0.1/
<rdw200169> [gnubie], what do you want me to suggest?
<rdw200169> [gnubie], i've never used the package, i just know how to check for you whether or not something is available
<rdw200169> [gnubie], but if its any consolation, installation from source shouldn't be a big deal
<rdw200169> [gnubie], in order to make things simplest for you, download the source of the ubuntu version, the hardy version is fine.
<rdw200169> [gnubie], i.e. apt-get source syslog-ng
<rdw200169> [gnubie], that get's three files. the one you want is the 'diff' one.
<rdw200169> [gnubie], in that tar file, you should find the debian folder.  use the rules file in that debian folder to see how it is built for ubuntu; then you know what ubuntu uses as far as options for the compilation, etc...
<rdw200169> [gnubie], also, sudo apt-get build-dep syslog-ng should get you all the stuff you need to compile it
<rdw200169> [gnubie], then you just put 2 and 2 together for the 3.0.1 version; they shouldn't be *so* different that this doesn't work excellently for you.  I don't know for sure though
<[gnubie]> rdw200169: thanks..
<rdw200169> [gnubie], make sense?
<rdw200169> [gnubie], you *could* try to use that diff against the 3.0.1 source to make a true-blue .deb package, but i doubt it will work, b/c there is also some patching done.
<[gnubie]> rdw200169: yeah
<rdw200169> [gnubie], you could try though and contribute to the next ubuntu version... then someone else won't wonder the same thing...
<uvirtbot> New bug: #321760 in mysql-dfsg-5.1 (universe) "mysqld wan't start after upgrade" [Undecided,New] https://launchpad.net/bugs/321760
 * delcoyote buenos dias
<tewmten> morning =)
<tewmten> quick question, how do I set apt to download the 64bit packages? I installed php5-common and it seems to have installed the 32-bit version instead :/
<tewmten> server is ubuntu server 7.10 gutsy
<tewmten> thanks
<tewmten> oh wait it checks that automaticly on the kernel perhaps..?
<tewmten> Holmen: hey there =)
<soren> tewmten: It downloads packages matching the installed system. If it's downloading the i386 packages, it's because you installed the i386 version of Ubuntu rather than the amd64 version.
<soren> "dpkg --print-architecture" will tell you which version you've installed.
<tewmten> cool thanks
<soren> np
<tewmten> yep, I saw it when looking at uname..
<tewmten> damn, been trying to figure this problem out for days and the answer was right in front of me =)
<kraut> moin
<remix_tj> anyone with experience with DRBD? I need to create an HA system with DRBD and the partition which i need to replicate contains data which i cannot move away from there... does drbd allows to sync this data without being lost?
<uvirtbot> New bug: #321787 in openldap (main) "slapindex fails to re-index properly" [Undecided,New] https://launchpad.net/bugs/321787
<fw1> can i edit the server documentation, i spotted a mistake
<_ruben> dont think you can, but you most likely can file a bug though
<fw1> never filed a bug before,  would that be on launchpad?
<_ruben> yes
<fw1> i made some openldap 2.4.13 packages,  replication works a lot better in it now, so they claim
<fw1> i was just using the server document to validate the package i made
<__^^stefan^^___> hello
<__^^stefan^^___> did any of experience a fail of the grub install to MBR step in ubuntu server amd x64 ?
<__^^stefan^^___> as it drives me crazy
<__^^stefan^^___> no one ? even stranger for me
<PecisDarbs> hi people, Xen vs. KDM - why Ubuntu went KDM way? Is there any indication that it will be better?
<Deeps> KVM, and because mainline kernel integrates KVM
<palt> I have some trouble with a RAID 1. It corrupt big files say 4GB. The size is correct but the checksum fails. This doesn't happen with small files (700MB) and fsck says the the filesystem is ok. Any ideas?
<_ruben> palt: you sure it's due to the raid1? tried breaking the array and test it on a degraded array?
<palt> No, haven't tried that. But I guess it's the file system itself. If I can't find a solution I will first try to take backup and rebuild the filesystem.
<palt> But yeah, I will test it on a degraded array if that doesn't work :)
<palt> And run spinrite on the discs.
<_ruben> run memtest86+ as well .. could be faulty mem
<palt> Have run memtest and it passed :)
<palt> So it's not the memory :)
<PecisDarbs> Deeps: ok, I understood it also as main reason. How KVM performs under regular server type load?
<_ruben> there's not really such a thing as "regular server type load"
<Deeps> PecisDarbs: efficiently if your cpu supports virtualisation extentions
<PecisDarbs> Deeps: it supports
<_ruben> kvm without virt extensions doesnt even work afaik
<PecisDarbs> I know
<PecisDarbs> :)
<Deeps> it falls back to qemu i believe
<_ruben> yeah .. and qemu is dirt slow
<Deeps> yp
<PecisDarbs> _ruben: I mean, is there any issues I should take into account. Xen fans have plastered KVM as unstable and unsecure :)
<_ruben> its emulation, not virtualization .. the difference between those depends on who you ask :p
<_ruben> PecisDarbs: im not the right person to ask really .. never tried kvm .. and never got xen to work .. :P
 * _ruben is a vmware kinda guy
<PecisDarbs> ahhh :)
<_ruben> but im not suprised that xen fans dont like kvm .. im rather certain its the same the other way around as well ;)
<_ruben> sure .. xen is around longer than kvm .. but that doesnt have to mean all that much either
<_ruben> the fact kvm is slated for mainline kernel inclusion could be a very decent argument in favor of kvm's qualities
<refnumzx> i am running ubuntu 8.10 and would like to upgrade to the latest kvm from the sourceforge site. as the latest version has  ubuntu related bug fixes. how can i do this with out breaking the kvm?
<PecisDarbs> refnumzx: what related bug fixes? can you give launchpad bug numbers? :)
<_ruben> apt-get source kvm .. then use http://www.debian.org/doc/maint-guide/ch-update.en.html to roll your own updated package :)
<refnumzx> they are not ubuntu bugs but details are on the kvm changelog page
<PecisDarbs> refnumzx: I am just about to use kvm on intrepid, so I would like to know is there any issues :)
<refnumzx> http://kvm.qumranet.com/kvmwiki/ChangeLog
<PecisDarbs> thaaanks
<refnumzx> issues. no i am about to start and development on the kvm front is fast anfurious. and it is important to be ale to keep up.
<refnumzx> the other thing that makes me want to upgrade is the qcow2 fixes in the latest version this is as of jan 13
<refnumzx> i have never built a custom package before  the apt-get source kvm does that get the source that ships with ubuntu?
<zul> compared to xen kvm is easier to maintain and better supported in ubuntu
<refnumzx> ~~better supported?
<refnumzx> if i have to build a custom package because its not being done. i dunno
<refnumzx> patched, that is
<refnumzx> looks like the last time this was updated was 24 sept
<refnumzx> quite a bit behind
<PecisDarbs> can I specify logical volumes as targets in vmbuilder?
<PecisDarbs> refnumzx: agreed
<PecisDarbs> refnumzx: when you do apt-get source, you get original sources plus debian patches
<PecisDarbs> debian/ubuntu/s
<refnumzx> not sure what you mean by targets but if  installing a vm, you can put that anywhere
<PecisDarbs> refnumzx: when doing kvm virtualization, you use standard kernel, right?
<refnumzx> right
<refnumzx> as long as its greater then 2.6.20
<PecisDarbs> refnumzx: using virt-install with seemingly proper syntax, it gives me libvirtError: virDomainCreateLinux() failed internal error Failed to add tap interface 'vnet%d' to bridge 'vnet0' : No such device
<PecisDarbs> there is vnet0 interface
<refnumzx> did you add it to /etc/network/interfaces?
<PecisDarbs> refnumzx: no, but it seems to be already configured
<PecisDarbs> inet addr:192.168.122.1  Bcast:192.168.122.255  Mask:255.255.255.0
<refnumzx> as far as i know in order to support virtual interfaces you need to configure a bridge interface
<refnumzx> is that also in the interfaces file?
<PecisDarbs> no
<refnumzx> something like
<PecisDarbs> refnumzx: can you pastbin.ca your part of /etc/network/interfaces vnet0?
<refnumzx> i have not built mine yet.
<refnumzx> working on patching and stuff
<refnumzx> https://help.ubuntu.com/community/JeOSVMBuilder
<refnumzx> wha tyou want is br0 according to that howto
<PecisDarbs> refnumzx: I am using virt-install
<refnumzx> any particular reason?
<PecisDarbs> refnumzx: vmbuilder doesn't allow to specify block devices
<MianoSM> du -x --block-size=1024K | sort -nr | head -10
<refnumzx> ~~can you explain that a little?  i am only storage my images on a standard raid array. and any storage for the virtual  images is on an e-sata enclosure that can hold multiple disks. what would be the advantages of using a block device?
<PecisDarbs> refnumzx: virtual file images has loop device limit
<PecisDarbs> and lvm gives better consistency
<PecisDarbs> I create lvm volumes
<PecisDarbs> anyway
<PecisDarbs> I still get that vnet0 error :(
<PecisDarbs> damn
<PecisDarbs> I should read manuals more carefully
<PecisDarbs> found it
<PecisDarbs> :)
<refnumzx> ~cool
<aljosa> which package contains easy_install for python?
<Blice> Hi all; I just set up pure-ftpd and a user and other things; It listens on 21 fine, and when I connect it says Logging in as blice... good etc., requires password, and then... Receive-Error: Connection broke down. And all ftp clients disconnect right then. I don't know why. How should I go about debugging this?
<sommer> Blice: check for any pure-ftpd logging options, then check the log file... probably /var/log/syslog
<sommer> Blice: you might also check /var/log/auth.log for any authentication issues
<refnumzx> i am tryig to compile the latest kvm using the sources from apt-get source and the download from the kvm pages. i am reading an updating the package page handed to me by somebody else here. something i do not understand is, according to this document i can use the Debian directory copied into the new source. do i copy this directory and then do a standard make?
<refnumzx> the page i am using is http://www.debian.org/doc/maint-guide/ch-update.en.html
<soren> You're better of grabbing the newest kvm from jaunty and building that.
<soren> s/ of / off /
<soren> I doubt that page says that it's cool to just copy the debian/ directory, by the way.
<Blice> sommer: Nothing about the ftp in auth.log, the only pure-ftpd log I could find is the transfer log, which is empty.
<refnumzx> soren: i am very new to building packages so forgive any crazy missiterpretations. the docs are complex
<refnumzx> the latest version as of  kvm-83 [13 jan 2009]  contains ubuntu specific fixes which are not in jaunty?
<soren> refnumzx: No, kvm 83 is in Jaunty.
<ivoks> hi
<soren> Hey, ivoks.
<ivoks> tim has some plans on removing 32bit server kenel from jaunty+1
<ivoks> maybe that isn't such a bad idea
 * sommer still has quite a few 32bit servers 
<soren> ivoks: Whuh? Where do you see this?
<soren> ivoks: I hope you mean that the -generic kernel will grow PAE, rendering the -server flavour mostly useless on i386?
<nijaba> soren: sure, let's do car without wheels as well ;)
<ivoks> soren: nope... c/p
<soren> ivoks: "c/p"?
<soren> cut/paste?
<ivoks> My goal is to actually reduce the i386 flavours for Jaunty+1 to just generic. Hardy should be the last LTS that supports a 32 bit server.
<ivoks> that's on kernel team list
<soren> That's fine.
<ivoks> i asked him to discuss this with server team
<binspace> Hey. I have a postfix install question. I noticed that there is a non-interactive flag http://42.pl/postfix/postfix-2.1.5/postfix-install
<binspace> Is there a way to activate it?
<soren> ...as long as it means that the -generic kernel gets PAE.
<ivoks> soren: i'm not sure that's the plan
<ivoks> anyway, i don't know :)
<ivoks> but if server flavour is droped, generic must support PAE then
<soren> Indeed.
<soren> And I'm sure Tim knows this.
<soren> Anyhow, I'm hugely behind on e-mail. I'll get to the kernel-team list in due time and shout at him then :)
<ivoks> :)
<refnumzx> the latest version as of  kvm-83 [13 jan 2009]  contains ubuntu specific fixes which are not in soren: thank you for the advice on the kvm binary, i found the deb file and will now try to install it in 8.10
<refnumzx> ack yea for cp issues
<refnumzx> anyway thank you soren for the advice. i will try instaling that from the deb file now.
<soren> That is probably not going to work.
<soren> You need to build it.
<soren> "sudo apt-get -b source kvm", I think.
<soren> ivoks: What fs do you have on top of drdb?
<soren> drbd, I mean.
<ivoks> xfs, ext3 and gfs :)
<soren> gfs in an active/active setup?
<ivoks> yes
<soren> How's that working out for you?
<ivoks> i don't have any problems
<soren> Cool.
<soren> How many nodes are sharing the drbd?
<ivoks> nodes?
<ivoks> two nodes, in primary
<soren> Ok.
<ivoks> and 2 other nodes over NFS
<soren> Ok.
<ivoks> i didn't export them over GNBD
<soren> Any reason they're not all using it via drbd?
<ivoks> that's not possible
<soren> Does it only support two? I forget.
<soren> I've only used it with two.
<ivoks> 8.3.0 enables more than two
<zul> soren: that reminds me i was looking at the linux-ha stuff that we have now in universe its the most current stable version so its just a matter of writing the MIR if we want it in main
<ivoks> so, that's one more test i need to do
<soren> zul: Cool.
<heath|work> for apache; do you use the sites-enabled dir for virtual hosting.  I found an article, but it's from 2006 and I want to make sure I am doing everything right
<jtaji> heath|work: yep, config files go in site-available, and you can use a2ensite and a2dissite to create/remove the symbolic links in sites-enabled
<heath|work> jtaji, that is exactly what the article says. Thanks!!
<soren> heath|work: I do that, too. That's the recommended way.
<jdstrand> Koon: keep in mind, I haven't looked at this since UDS, but maybe adding these hooks via plugins would be an easy way to a) test what it is that you really need and b) backport. Perhaps once your hooks are working right and you can demonstrate to the bzr folks how useful they are, they will be more accepting of your proposed changes to bzr core. please correct me if I am way off here...
<Koon> jdstrand: those hooks would get added by replacing the regular classes, that's brittle but for backports / technology previews that can make sense
<jdstrand> Koon: oh-- so it would fundamentally change bzr?
<MikyMouse> Hi
<MikyMouse> I installed a Apache server to my Ubuntu, everything is working pretty good, however I wonder what should I do in order to access the computer using a human name like "webserver" thatn writing 192.168.1.x ??
<Koon> well, you would replace the class without the hook call by a similar one that would have it. Dynamic patching if you prefer
<jdstrand> Koon: hmmm, and so it would be system wide, when you really only want the plugin at etckeeper runtime
<Koon> you can still trigger the class replacement only if acting on etckeeper repo
<ScottK> Koon: Please don't consider fragility particularly OK for backports.
<Koon> that's how the current bzr etckeeper works
<jdstrand> ScottK: I think he didn't mean -backports, but rather for someone like me to backport and run on hardy :)
<ScottK> OK.
<binspace> Hey. I just found out the debconf-show is very helpful in figuring out how to do unattended installs. Does anybody know of a tutorial out there that expresses this?
<binspace> I couldn't find any. I'll probably write a blog post.
<nealmcb> !screen
<ubottu> screen is a terminal multiplexer. See http://www.kuro5hin.org/story/2004/3/9/16838/14935 and http://en.wikipedia.org/wiki/GNU_Screen
<nealmcb> !servergui
<ubottu> Ubuntu server does not install a desktop environment or X11 by default in order to enhance security, efficiency and performance.  !eBox provides a GUI system management option via a web interface.  See https://help.ubuntu.com/community/ServerGUI for more background and options.
<heath|work> with adduser, what does the --system option do?
<Deeps> creates the user from the system uid range
<Deeps> urr, creates a user using a uid from the system uid range, even
<Deeps> man adduser, read the section about Add a system user
<heath|work> Deeps, thanks.
 * sommer dear wireshark, why don't you have an option to "never ask again" when asking if I'd like to continue without saving?
 * sommer sigh
<refnumzx> i am trying to find the amd64 version of kvm 83 i am on the page https://launchpad.net/ubuntu/jaunty/amd64/kvm-source/1:83+dfsg-0ubuntu1
<refnumzx> but there does not seem to be a deb file for that release. i tried to install the i386 version but if failed
<refnumzx> sorry to be clear, binary version.
<MikyMouse> ebox or wbemin? (and dont tell me that webmin is not longer supported), I am asking about featrues and ussability
<MikyMouse> ok, in other words, what software do you suggest to manage remotly via web our Ubuntu server?
<_Cid> ssh, bash and vi ? ;-)
<_Cid> oh..via web ..sorry - dunno
<MikyMouse> Catalyst=
<MikyMouse> Â¿
<refnumzx> trying to run kvm 83 on intrepid, got the jaunty deb. i get a message that it would break udev. i really would like to run 83 as the version in intrepid is quite old. ideas?
<yann2> you should ask on #ubuntu-virt refnumzx , you may get better support
<dexem_> MikyMouse, ebox over all things :)
<MikyMouse> dexem_, and Webmin?
<dexem_> well, I helped with ebox development, maybe that's the reason I choose it :)
<dexem_> I see webmin as KDE 1.x full of options and old
<MikyMouse> dexem_, mmm, ok
<dexem_> and ebox as gnome 2.24
<dexem_> clean for the sysadmin
<dexem_> and new
<dexem_> :P
<dexem_> maybe it's not the best review of both
<MikyMouse> dexem_, and what about Catalyst?
<dexem_> don't know it
<dexem_> I have to go
<dexem_> sorry
<dexem_> good luck!
<kirkland> mathiaz: ping
<kirkland> mathiaz: could i trouble you to take a quick look at a patch?  sanity check?
<MikyMouse> I am in LOVE WITH MY UBUNTU SERVER and I want you ALL TO KNOW
<kirkland> mathiaz: http://pastebin.ubuntu.com/110426/
<kirkland> too bad ivoks left ...
<MikyMouse> is it possible to mount a newtork drive that is actually in another Win2003 server?
<MikyMouse> I want to make a bakup to my Ubuntu server's files into tapes. But these tapes are used by another server we have under Win 2003. So I thought that I can make the Ubuntu server to send by cron the files to a win2003 mounted unit, that later will be recorded in the tapes
<MikyMouse> Any idea?
<sommer> !serverguide
<ubottu> The Ubuntu server guide may be found at http://help.ubuntu.com/8.04/serverguide/C/
<sommer> MikyMouse: there's a section on Samba and AD, should be what you're looking for
<MikyMouse> sommer, let's see
<sommer> MikyMouse: err http://help.ubuntu.com/8.10/serverguide/C/
<MikyMouse> ok
<sommer> that bot needs updated ;)
<MikyMouse> XD
<MikyMouse> so samba needs to be installed in the Ubuntu side?
<sommer> MikyMouse: yeppers
<MikyMouse> I don't have samba in my Laptopo Ubuntu computer, and I can access the network drives that are under Win2300
<sommer> MikyMouse: you probably have smbclient or smbfs
<MikyMouse> sommer, mmm, may be
<sommer> MikyMouse: for a server you want samba
<MikyMouse> well I have to read all this stuff XD
<MikyMouse> gone for a coffe
<MikyMouse> XD
<MikyMouse> so I just need to setup the Ubuntu server as SAMBA CLIENT
<sommer> basically
<MikyMouse> ok
<MikyMouse> ok ok
<MikyMouse> if my ubuntu computers were a little bit more..."human" I woudl have aan affair with them XD
<sommer> MikyMouse: whoa, whoa... I can't condone human computer relations of that intimacy :-)
<MikyMouse> XD
<mathiaz> kirkland: reading your patch - which pkg ships /usr/bin/select-screen-profile?
<mathiaz> kirkland: screen-profiles?
<mathiaz> kirkland: IIUC it's a recommends rather than a dependency
<mathiaz> kirkland: if select-screen-profile in the screen wrapper file you should make sure it's there.
<Nafallo> mathiaz: screen-profiles, yes.
<mathiaz> kirkland: hm - nm. you mentionned it in the changelog
<mathiaz> kirkland: but you haven't posted the full debdiff
<Nafallo> looks like select-s-p only do funky stuff with symlinks for the .screenrc :-)
<Nafallo> fwiw
<kirkland> mathiaz: actually, i'm going a different route based on feedback from kees, to use dpkg-divert
<mathiaz> kirkland: hm - ok.
<kirkland> mathiaz: something more like http://pastebin.ubuntu.com/110449/
<mathiaz> kirkland: looks good to me.
<kirkland> mathiaz: cool, thanks for the review ;-)
<kirkland> mathiaz: i think it's more correct, as well.
 * kirkland tips his hat toward kees 
<Nafallo> kirkland: hmm. not sure it should be verbose about not finding the keybindings at startup... plan to fix that?
<kirkland> Nafallo: can you figure out a way to make the "source" line in screen a soft dependency?
<kirkland> Nafallo: it's easily "fixed" by re-running select-screen-profile
<Nafallo> kirkland: would if [ -e suffice?
<Nafallo> or -f rather :-)
<kirkland> Nafallo: i don't think that's syntax understood by screen ....
 * Nafallo looks
<kirkland> Nafallo: we could patch screen itself, i suppose
<kirkland> http://manpages.ubuntu.com/manpages/jaunty/en/man1/screen.1.html
<Nafallo> kirkland: yea. it hates if :-P
<kirkland> Nafallo: :-)
 * Nafallo wonders how evil it would be to check for the file and create it before sourcing it...
<Nafallo> s/create/touch/
<kirkland> Nafallo: that's what select-screen-profile will do
<uvirtbot> New bug: #322046 in mysql-dfsg-5.1 (universe) "package mysql-server-5.1 5.1.30-2ubuntu4 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/322046
<Nafallo> so a bit duplicated effort :-)
<kirkland> Nafallo: really, this should only affect "early adopters", users of a Jaunty alpha pacakge
<Nafallo> kirkland: i.e. me :-)
<Nafallo> not worth the time :-)
<kirkland> Nafallo: well, you and a few other good friends of mine :-)
<kirkland> Nafallo: yes, it was a concern, i promise
<Nafallo> also... there are a -dark to select now... WIN!
<kirkland> Nafallo: you like?
 * Nafallo nods
 * kirkland too
<Nafallo> fits better with the rest of the darkroom theme ;-)
<kirkland> Nafallo: there's also F12
<Nafallo> yea. I'm going to stay away of that one ;-)
<Nafallo> I never get out of locked screens :-P
 * kirkland waits for someone to patch cmatrix to prompt for a password to unlock :-0
 * andol makes another antempt to see if someone would like to take a look at his suggested solution to bug #296952...
<uvirtbot> Launchpad bug 296952 in mysql-dfsg-5.0 "mysqlhotcopy failed on table with hyphen in name" [Undecided,Confirmed] https://launchpad.net/bugs/296952
<heath|work> what's the easiest way to find out what version a package is that is in aptitude without installing it
<andol> heath|work: I'd use apt-cache policy packagename
<jimcooncat> want to set up a new host to do kvm. Can I go with hardy, or would intrepid be easier?
<heath|work> wow that's old... thanks andol
<mathiaz> sommer: it seems that the ebox packages for the intrepid SRU have already been uploaded
<mathiaz> sommer: why should new debdiff be prepared then?
<sommer> mathiaz: really?  sweet :)
<heath|work> how is ebox? I was looking at that the other day
<sommer> mathiaz: there were a few questions raised by cody-sommerville, but I guess they were addressed in the new packages
<sommer> mathiaz: most of the issues were with my changelog, which foolano probably used his own
<mathiaz> sommer: ah.. ok - this is why new debdiff have to be prepared then.
<sommer> heath|work: ebox is super :)
<heath|work> says only 0.11.99 is in apt
<heath|work> nevermind, they have there own repo
<heath|work> ebox sounds pretty awesome...
<redspire> Hey, is gnump3d in a repo normally accessible from a default ubuntu server install?
<redspire> 8.10, that is
<rdw200169> yes.
<rdw200169> gnump3d is very old and not a lot of work has gone into upgrading
<rdw200169> but it works very well for what it is
<redspire> I've used it before and think it's great, but I must be using the wrong name in apt -- 'gnump3d' doesn't match any packages.  Is there a way I can make an expanded search against the repos, via web or apt?
<redspire> Oh, you know, this server is running the PPC install, if that changes things.  I assumed the repos were the same, though.
<soren> redspire: They mostly are.
<soren> redspire: The only stuff that would differ is the very arch specific stuff (kernels, boot loaders, toolchain, etc.)
<rdw200169> redspire, they may have taken it out, lemme check
<soren> redspire: gnump3d, however, was removed in Intrepid.
<rdw200169> thanks soren
<rdw200169> redspire, it's kinda fallen into disrepair because no development has taken place in quite a while
<soren> redspire: So the PPC machine likely just had it installed when it was running hardy.
<redspire> soren: Ahh, thanks for that.
<rdw200169> redspire, i took a shot at the alternative (i can't remember the name) but i didn'
<rdw200169> redspire, t like it b/c it insisted on usernames/passwords
<redspire> rdw200169: That makes sense.  I appreciate your effort.
<soren> I've used the musicindex module for apache in a previous life. I was quite happy with that.
<redspire> I'll probably just install it from the latest tarball, but since you two are here and paying attention, do you know of a better maintained alt?
<redspire> soren: thanks for preempting my question.  :)
<soren> I don't actually know gnump3d, but looking at the description, they seem to solve similar problems.
<rdw200169> redspire, there's ampache, also
<rdw200169> redspire, that's the one i was referring to
<soren> rdw200169: Oh, right.
<rdw200169> http://ampache.org/
<rdw200169> it's pretty much the same as gnump3d with album covers and all that; i just didn't like the user/pass thing
<rdw200169> see the demo: http://ampache.org/demo/index.php
<redspire> Cool, thanks for the tip.  I'm checking it out.  I appreciate both of your help -- I didn't realize there was a separate channel for ubuntu-server, so I'll probably stick around.  ;)
<soren> redspire: It's clearly where all the cool kids hang out :)
<redspire> soren: haha, obviously.  :)
<uvirtbot> New bug: #311277 in amavisd-new (universe) "amavisd-new broken user (again) Intrepid" [Undecided,Triaged] https://launchpad.net/bugs/311277
#ubuntu-server 2009-01-28
<altf2o> when working w/ NIS + NFS + autofs , anyone ever seen it take a /local/ (to the client) user account and do weird stuff with it? My admin account was just 'user' but today when booting back up the owner was 1004 and group 1005. I could not log in nor do i have ANY account named 'user' being exported in NIS i wanted that admin account local only?
<altf2o> i'm also getting 'permission denied' errors when trying to install software on my clients. Permissions for /home/<user> on the server are: 750 , didn't have issues yesterday either.
<kansan> question:  how do i a command so that on every startup it gets executed?
<maxb> kansan: Given the channel we're on, I assume you mean in the context of a server. But, do you mean a "command" that does something and then quits, or "command" as in starting a long-lived server process?
<kansan> specifically i want to add a command to /etc/rc.local ... "wget http://169.254.169.254/latest/meta-data/user-data; chef-client -J user-data;' .... how can i do that from the command line?
<kansan> i want that to be run on every startup
<kansan> so the latter
 * altf2o_ things his server is going kaput?!
<sommer> kansan: I'd place the command into a shell script in /etc/init.d/ then do sudo update-rc.d script_name default
<sommer> kansan: least I think that should work
<kansan> sommer, is it not enough to add it in /etc/rc.local ?
<kansan> and if not, why not?
<maxb> kansan: Wait... if you know you want to put it into /etc/rc.local, why are you asking what to do?
<sommer> kansan: that should work too
<kansan> maxb, cuz i worry that because its launching a daemon of sorts
<kansan> that /etc/rc.local might not be the right place?
<sommer> rc.local will only launch a deamon if the contents are deamon applications... so your wget command will run then stop, and the system will continue with the boot process
<kansan> sommer, but if i put semilcolons in between;  it will still run chef-client -J part
<kansan> right?
<sommer> it should... you can also to && which will only run if the first command is successful
<kansan> is it good/bad idea to put pre authorized public keys of machines we want to be loggin in from into a server image?
<sommer> should be fine... I mean they're "public" keys :)
<kansan> hah ;p
<sommer> I actually load my ssh key into cloned vms without any issue, it's a nice convenience
<kansan> yes
<kansan> i'm trying to figure out how to do it from command line
<kansan> i.e. echo 'ing and >> to authorized_keys
<kansan> i'm not sure how that command looks like
<sommer> you could just create a standard authorized_keys file and copy it where needed
<kansan> yes thats much easier
<kansan> sommer, what should permissions me
<kansan> be
<sommer> for /etc/rc.local?
<kansan> no for authorized_keys
<kansan> 600?
<sommer> kansan: something like that, mine are 644
<zoopster> !pastebin
<ubottu> pastebin is a service to post multiple-lined texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu.com (make sure you give us the URL for your paste - see also the channel topic)
<kansan> chroot '/mnt/build/ubuntu' apt-get install -y ruby ==> chroot: cannot run command `apt-get': No such file or directory .... ideas on how to fix?
<owh> kansan: I suspect that you might need to specify a path to apt-get.
<altf2o_> quick question: anyone know why i'd be getting a: Error reading /home/altf2o/.nano_history: Permission denied , when simply launching: nano foo.c , ? I do launch 'nano' while 'sudo'ing for editing files, could that have messed with me?
<erichammond> altf2o_: quick answer: yes
<erichammond> altf2o_: See also: http://ubuntuforums.org/showpost.php?p=1185470&postcount=4
<JanC> altf2o_: the first time you launch nano, it should be as your own user, then you'd prevent this from happening
<JanC> + the ubuntuforums post
<kansan> owh, is there a place i can specify the path so it'll work with ch_root?
<maxb> kansan: What are you trying to do with this chroot?
<maxb> Beware that chroots, whilst not *hugely* complicated, aren't as simple as they may seem, either
<kansan> maxb, build an ec2 image
<kansan> in /mnt/build/ubuntu
<kansan> i'm really getting frustrated with it :(
<maxb> I don't know anything about ec2. Can I assume that it's roughly like building an image on a second hard drive to later boot it directly in other hardware?
<kansan> eeys
<kansan> yes
<maxb> How did you create the basic stuff in the chroot?
<maxb> debootstrap?
<kansan> ah thats the issue
<kansan> i'm trying to run a scirpt that was meant to be used at the end
<kansan> once stuff in the new chroot was installed
<kansan> and it cant find it
<kansan> i was trying to test the script if it worked on its own
<kansan> cuz dloading all the packages takes time
<kansan> ok i'm using eric hammonds script:  wget http://ec2ubuntu-build-ami.notlong.com  to build an buntu server image.  how can i ensure that the resulting /etc/rc.local has:   wget http://169.254.169.254/latest/meta-data/user-data; chef-client -J user-data;   inside it?
<kansan> it uses debootstrap i believe
<kansan> maxb, ?
<maxb> kansan: so, it looks like you're supposed to hook into it by writing a customization script for the --script option
<kansan> well i did
<kansan> we'll see if it works ;p
<jef_buntu> hi
<jef_buntu> I have configured a server that is supposed to boot diskless clients but the client i have to boot now doesnt have a screen and its not booting with it
<jef_buntu> I have configured a server that is supposed to boot diskless clients but the client i have to boot now doesnt have a screen and its not booting
<jef_buntu> hi
<jef_buntu> can someone help me?
<kaushal> hi
<kaushal> is there a step by step guide to install Oracle9i Release 2 Database Server on Ubuntu 8.10 server ?
<domas> the best method is: apt-get install mysql-server
<domas> \o/
<hads> I think you mis-spelled postgresql
<domas> no, no, indeed, it is mysql :)
<hads> Oh, sorry, I thought you were talking about an Oracle substitute :)
<domas> I'm talking about next generation database! :)
<domas> not about substitutes
<hads> So I was right.
<domas> in a way :)
<frippz> kaushal: I'm guessing that you've already tried Google?
<genii> postgres has it all over mysql
<kaushal> frippz, yes
<genii> kaushal: You could try https://help.ubuntu.com/community/Oracle10g   The author asserts he has tested it with LTS (8.04)
<simplexio> :) mysql vs postgresql is allways fun. but you can ( ithink) convert oracle pgsql and tables easily to postgresql compatible form
<simplexio> not so long ago i found page where someone used same dataset in oracle and pg8.3, without any optimizations pg was 5-10x faster per query (both db didnt have load there).. too bad that i dont have that link
<AnRkey> what is the correct way to set /proc/sys/net/ipv4/ip_forward to 1?
<hads> echo 1 > /proc/sys/net/ipv4/ip_forward
<AnRkey> i have logged in to a client's server a couple times now to find it off and the box has not rebooted. Is there a reason why this would be?
<_ruben> edit /etc/sysctl.conf
<AnRkey> ta
<hads> If you want it done on reboot, what he said.
<_ruben> nothing will prevent it from being changed by whatever service/script/etc though
<_ruben> there's several ways to get the same result .. investigate what changes the value remains an issue i'd say
<AnRkey> thanks _ruben that seems to be the elegant way to do it
<AnRkey> i had echo 1 > ... in the rc.local file
<AnRkey> then i added my own cron
<AnRkey> and now /etc/sysctl.conf
<hads> Use a hammer too? :)
<AnRkey> naa :) i think i got it now thanks
<AnRkey> i need this client, still it would be damn funny to see his face when i cruise in there with a 4 pounder :)
<milestone> hi all
<milestone> i think it might be good to keep my server configurations inside a subversion repository. is there a tool which provides the management of such a task? Most importnant that hooks in with apt-get to merge configuration changes by that back into the repository? something like etckeeper
<milestone> http://kitenet.net/~joey/code/etckeeper/
<henkjan> milestone: its being worked on https://wiki.ubuntu.com/EtcUnderRevisionControlSpec
<milestone> henkjan: great thanks. Although i want to use my subversion repository and etckeeper does not support svn
<milestone> will the stuff being worked on support svn as well?
<Deeeps> having read the page
<Deeeps> i'd say no, given that it's build on etckeeper and using bzr
<Deeeps> given that there's absolutely no mention of svn anywhere on the page either, i'd highly doubt it
<milestone> Deeeps: i think its in the nature of the VCS internal structure
<milestone> bzr and git are distributed repositories
<milestone> subversion is a central repository
<milestone> which has control of what is being out there, while git allows for managing the repository locally
<milestone> anyone aware of http://lists.debian.org/debian-devel/2005/02/msg00495.html
<milestone> ?
<domas> milestone: I use bzr :)
<spc> hi anibody uses ESMTP ? i have problems settin it up.
<spc> on one location work ok on other no
<davmor2> Guys I've been using webmin to configure my ubuntu hardy server.  However being that I'm an Ubuntu tester I thought it would be more prudent to use the ebox platform instead.  To that end I have set up a test box so I can play about with ebox and get the server the way I'd like it.  In the doc for 8.04 is says if you want to install all the packages use ebox-all meta package this doesn't seem to exist or am I doing s
<Deeeps> davmor2: try apt-get install ^ebox-.*
<Deeeps> to install all modules
<davmor2> Deeeps: Thanks I was going to do that after, I found a howto but wanted to check if the docs were correct or not first.
<Deeeps> looks like the docs may be wrong if the ebox-all package doesn't exist
<Deeeps> recommend filing a bug report!
<davmor2> Deeeps: Thanks anyway :)
<frippz> I'm not really sure if I understand the concept of ebox. is it possible to administer several server from one ebox installation?
<frippz> *servers
<_ruben> iirc you'd install ebox on each server you'd want to manage
<frippz> hmm, ok. a little unfortunate for some servers that would otherwise be very lean (i.e. a pure DNS-server) if Apache and other stuff has to go there as well
<_ruben> you'd use solutions like cfengine for that .. we use own script for it actually .. bash+cvs
<_ruben> which is kinda like etckeeper i think
<dayo__> awesome
<dayo__> i'm trying to set up a server. i've installed openldap and, now i need to install powerdns and dhcp3-server. which of these two do i install first?
<_ruben> no apparent order .. you could install em all at once if you want
<dayo__> ruben: ok, thanks! i was wondering, because the instructions i'm following talked about setting dns servers in /etc/resolv.conf, which made me think maybe the order of installation mattered.
<dayo__> that is the dhcp installation instructions
<cjwatson> dayo__: worst case you get to restart both of the servers after you've configured everything *shrug*
 * _ruben takes a stroll down to the serverroom .. server isnt coming after a (what appeared to be a successful) remote install .. sigh
<_ruben> coming up that is
<dayo__> cjwatson: well, i've installed and configured dhcp3-server. now on to install pdns-server and pdns-ldap-backend
<dayo__> that's pdns-backend-ldap ...... maybe that's why tutorials have been hard to google. hmmm
<AnRkey> I have a backup of /var/spool/mail and I want to know how I can get the restored files to be processed and delivered to the maildirs?
<dayo__> AnRkey: this is what i use: http://www.howtoforge.com/linux_backuppc
<dayo__> does anyone know any good tutorials for installing powerdns with LDAP as backend?
<cedeel> Hi. Does somebody have experience in getting MPD to work on the server edition?
<soren> cedeel: What's the problem?
<cedeel> seems to have resolved itself... was a permission problem with the default user not being in the audio group
<rdw200169> dayo__, you're talking about the same thing bind does; it *can* (though few do) store records in ldap; is this what you're talking about?  like the A records, etc...?
<rdw200169> dayo__, there's are examples in /usr/share/doc/pdns-backend-ldap
<rdw200169> dayo__, and there's a manpage that's installed: zone2ldap
<rdw200169> dayo__, and you have to add the schema dnsdomain2 to openldap; i can't remember how to do this, because ubuntu uses the dn=config configuration storage method
<rdw200169> dayo__, but it did install that for you, so that step is done... in /etc/ldap/schema
<MatBoy> are people using here seperate MySQL servers to authenticate ProFTP or is running it locally a wiser idea ?
<rdw200169> MatBoy, security-wise you mean?
<looseparts> Hello, I'm trying to set up samba on my Ubuntu server, so I can map a drive from my windows boxes and store files on the server. I've a problem in the smb.conf (?) where the username in the windows logon box automatically adds the windows macnine name to the login name - like this. I type <bobby> <passwd> and click OK, it immediately pops back up with <MACHINE-NAME\bobby> <blank> and of course won't let me succeed in logging in
<rdw200169> looseparts, you don't need samba for that; you can just mount a samba share using mount; i.e. cifs
<looseparts> from the windows side?
<rdw200169> looseparts, ah, i got it the other way around
<looseparts> i want to store windows files on the linux server
<AnRkey> dayo__, that does not help much i'm afraid
<AnRkey> i have the files restored, but the mails are not being delivered
<rdw200169> looseparts, so you're talking about windows -> linux, right?
<looseparts> rdw200169, yes
<rdw200169> looseparts, yah, just mount the windows share on the linux server
<Deeeps> i think he wants to store the files on the server
<Deeeps> and thus, mount a share from his linux server on his windows clients
<looseparts> uh. shouldn't i be mounting the linux share on my windows boxes?
<Deeeps> looseparts: what version of ubuntu are you using>
<rdw200169> looseparts, that's what i'm been asking; trying to figure it out
<looseparts> see, i want to run Robocopy and incremenatlly backup my wife (unending) work on my linux server for safekeepping.
<Deeeps> rdw200169: 1514.37 < looseparts> i want to store windows files on the linux server
<looseparts> it's 8.04 lts
<looseparts> and xp
<Deeeps> looseparts: see https://help.ubuntu.com/8.04/serverguide/C/configuring-samba.html, scroll down to the section headed 'user accounts'
<looseparts> (sorry - I meant my wife's unending work - she's doing a lot of writing...
<looseparts> Deeeps, i'll look there - thanks
<looseparts> Deeeps, et al. I'm off the work - I'll (re)read the configuing-samba.html and touch back in an hour or two. thanks for your help.
<refnumzx> I am trying to get the version of kvm available in jaunty to run on intrepid.  The  amd64 version available on the packages pages makes dpkg produce an error that udev will break and fails to install.  I do not know how to build debian packages from source, i did try exploring that yesterday.  Does anyone have any suggestions?
<Deeeps> refnumzx: https://wiki.ubuntu.com/Prevu may be relevant to your interests
<refnumzx> 0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0~0
<Deeeps> kirkland: loving the new dark theme
<kaje> I have a script I want to run whenever someone logs in (via ssh, gdm, whatever)... I though I could just put it in /etc/profile.d/, but that didn't seem to work. Any suggestions?
<pmatulis> shell-dependent i would say
<andol> kaje: The content in /etc/profile.d/ is sourced not run.
<thehook> Hello everyone :) I have made a script that updates the system and installs Nginx with PHP support and MySQL with minimal user-interaction (only asks for mysql root password pretty early). If anyone could please check it out and give me some feedback it would be great! http://insecure.no/2009/01/easy-nginx-php-and-mysql-installer-script/
<thehook> And if anyone knows how to suppress the big blue screen asking for MySQL root password so i can set it manually later? Hope anyone has a tips or two for me :)
<kaje> andol: Where should I put a script that I want to run whenever someone logs in?
<jmarsden|work> kaje: I'd say that /etc/profile.d/ is the right idea; just do it as a shell script fragment that will be sourced (executed in the current login shell) not executed in a separate process.
<domas> hi!
<jmarsden|work> kaje: So you can do   echo 'echo Hello shell user' |sudo tee /etc/profile.d/hello.sh   and then log in and it should display that little message to everyone who logs in.
<maxb> kaje: Define "logs in" - console? ssh? X? What about the difference between interactive and non-interactive ssh?
 * domas points to 'sudo bash' ;-)
<domas> thehook: you can specify dpkg 'noninteractive mode'
<domas> thehook: the easiest way is just sending to background :)
<thehook> domas: will the script continue then?
<domas> thehook: you can also put in < /dev/null
<domas> so dpkg notices it doesn't own terminal
<domas> dunno :)
<domas> I wouldn't use mysql package from ubuntu
<domas> I'd use one from mysql.com :)
<thehook> hehe, i dont think it will work with > /dev/null at leaast but maybe the noninteractive mode
<domas> thehook: < /dev/null
<domas> thehook: not > /dev/null
<domas> anyway, there's a way to set batch behavior somehow
<thehook> and that's the way im looking for :P hehe, but i cant find it though :s
<domas> I told you, try redirecting input
<thehook> some guy said something about search google for "dpkg default priority" but all i find is dpkg-reconfigure --priority="low"
<domas> or running with & :)
<thehook> i am trying :) but i think the script will hang if it isn't getting any input
<domas> hehehe
<domas> you have limited thinking then!
<jmarsden|work> thehook: Read the debconf(7) man page, look at the non-interactive front end option...
<domas> anyway, I'll reiterate, I wouldn't use ubuntu package myself
<domas> or at least I'd do considerable changes to it
<domas> after I install it
<domas> it has at least 3 major mistakes
<thehook> domas: like what then? the only reason i'm using apt-get is because it will get updates automatically later :)
<thehook> jmarsden: thanks, i will :)
<thehook> jmarsden|work: thanks, i will :)
<jmarsden|work> :)  I should have /away'ed before I left for work... I forgot to do that today!
<thehook> hehe
<thehook> jmarsden|work: how do i get the debconf(7) i just seem to get debconf(1).. im not to familiar with the man :P
<jmarsden|work> man 7 debconf
<jmarsden|work> BTW, you should also do man man and read that :)
<thehook> hehehe, i tried man debconf 7 actually :P
<thehook> domas: would you please tell me what the 3 mistakes with ubuntu package of mysql? :)
<thehook> im trying to make the script as secure as possible so i would love to hear what.
<domas> thehook: 1. CHECK TABLE on every restart 2. ~mysql permissions
<domas> 3. old mysql version
<thehook> mysql permission?
<thehook> and is it bad that it does CHECK TABLE on every restart?
<domas> thehook: if you had any 300GB innodb tables, you wouldn't like that ;-)
<domas> well, even 10G is noticeable
<thehook> is there any way to fix this with configuration after install?
<domas> yes
<domas> you have to edit the file installed by package
<thehook> the config files right? what about the permissions? i will try to add this in my scripts :)
<domas> just change mysql userdir to /nonexisting
<domas> ~mysql should never be writable by mysqld
<thehook> i'm not that into mysql configuration and would love if you maybe could help me a little bit to make a secure configuration :)
<domas> come to my talk at mysql conference!
<thehook> where?
<domas> http://en.oreilly.com/mysql2009/public/schedule/detail/6753
<domas> :-D
<thehook> nice :) but too bad im living in norway :s
<thehook> but i would love to if it was possible
<domas> it is a good conference
<thehook> im sure it is, i want to go already
<thehook> but brb, i think i need some food :P
<jef_buntu_> hi
<jef_buntu_> i was able to makeup a NIC by sending an handmake frame but now my dhcp tftp servers dont boot the wakeup client...
<jef_buntu_> makeup=wakeup
<toehio> Can someone please give me some guidance for installing sound on my server?
<kaje> I'm trying to get ssl working with apache on my ubuntu server. I've followed the instructions in the documentation on the ubuntu site. Now I'm getting this error when I try to look at the page in my web browser: ssl_error_rx_record_too_long
<kaje> Any thoughts? I'm not seeing any message in the apache error log
<genii> kaje: Perhaps see http://kainotes.blogspot.com/2008/08/creating-ssl-certificate-for-apache-on.html
<kaje> The way I fixed it was to add NameVirtualHost *:80 \n NameVirtualHost *:443 to the top of my defaul vhost
<kaje> Then every vhost had to be <VirtualHost *:80> or <VirtualHost *:443>
<kaje> not sure why that was necessary, but it worked...
<kansan> is this a valid /etc/rc.local file?  : http://pastie.org/373672
<erichammond> kansan: You may wish to be explicit in where you expect the user-data to be downloaded (what directory) and perhaps even remove the file afterwards.
<kansan> erichammond, where would you recommend?
<kansan> to put it that is/
<erichammond> kansan: /tmp is always convenient for temporary files :)
<kansan> erichammond, once i invoke with user-data;  is it safe to delete at that point?
<erichammond> kansan: I don't know how chef-client operates.
<kansan> will wget overwrite the file if it already exists?  if not how can i make sure to?
<erichammond> kansan: If you are starting with the Ubuntu AMIs I list on http://alestic.com then you can simply pass in a script to user-data and it will automatically be run on first boot.  That script could save the data file and run chef-client.
<erichammond> kansan: I don't know how much other custom configuration you are doing, but it might even be possible to not have to build your own AMIs.
<kansan> erichammond, i'm close to not having to build one
<erichammond> kansan: Do you want to run chef-client on every reboot of the server? or just on the first boot?
<kansan> erichammond, i'm now usuing chef which automates things
<kansan> erichammond, every reboot
<erichammond> user-data cannot be changed after the EC2 instance starts, so why does it need to be run on reboots?
<kansan> erichammond, chef-client needs to start up
<kansan> upon boot
<kansan> and if it cant be changed
<kansan> i dont need to rm it
<kansan> problem solved
<erichammond> right
<erichammond> so /tmp is not the best place for that
<kansan> ah you're right
<kansan> i think it gets auto cleaned
<kansan> where should i put instead?
<kansan> i'm thinking /etc/ ?
<erichammond> kansan: I would expect the chef documentation to have example locations under /etc or the like.
<kansan> wait better
<kansan> /etc/chef
<kansan> along with chef config
<kansan> perfect
<kansan> erichammond, it doesnt really document how to start it up with ec2
<kansan> folks in #chef are helping
<erichammond> kansan: If you choose to use the user-data script hooks in the public Ubuntu AMIs, you will want to have that script install a chef-client startup program under /etc/init.d and symlink from /etc/rc4.d so that it gets started on reboots.
<kansan> erichammond, isnt it enough to put this cd /etc/chef; wget http://169.254.169.254/latest/meta-data/user-data; chef-client -J user-data;
<kansan> inside /etc/rc.local ?
<kansan> i thought rc.local gets run on every boot
<kansan> oh you're saying if i choose not to bundle an ami?
<erichammond> kansan: right on the last q.  (out to lunch, be back later)
<uvirtbot> New bug: #322503 in samba (main) "smbd crashes  __kernel_vsyscall ()" [Undecided,New] https://launchpad.net/bugs/322503
<fevel_> hi
<fevel_> hello
<uvirtbot> New bug: #322337 in samba (main) "package samba-tools None [modified: /var/lib/dpkg/info/samba-tools.list] failed to install/upgrade: trying to overwrite `/usr/bin/nsstest', which is also in package samba4" [Undecided,New] https://launchpad.net/bugs/322337
<RediXe> What is the terminal command to remove a user from a group? Specifically to remove a user from being able to use sudo. (admin group I think)
<dayo__> RediXe: check the man pages for usermod
<dayo__> RediXe: personally, i just edit the /etc/group file in vim
 * altf2o_ wonders why his first 'sudo' command takes /forever/ to run. Subsequent ones are fast.
<RediXe> dayo__, okay that just seems like the best way i guess. I thought there would be a more "accepted" solution using something like usermod.
<dayo__> RediXe: imo "accepted" is whatever works and  u're most comfortable with
<Deeeps> for auditing purposes, using sudo usermod is probably better
<Kamping_Kaiser> RediXe, also look at gpasswd
<JanC> altf2o_: probably because the second time all the files it needs are cached in memory?  ;)
<RediXe> dayo__, okay :D I have used that method before I am just writing a wiki entry for setting up new machines for new employees (small office) I'll looking into usermod and gpasswd thanks :)
<Kamping_Kaiser> :)
<altf2o_> that's my guess, it's just annoying, i have no idea why it's starting to do this out of nowhere. One day it took 3 seconds for the first one, now it takes 30
<Kamping_Kaiser> iirc the command would be `gpasswd -R $username $groupname`
<JanC> altf2o_: oh, that sounds like something else is wrong
<Deeeps> RediXe: probably better off having them use one of those tools for your office environment then, rather than vi, as the change can be logged then
<altf2o_> JanC: yeah and i've been messing with so many things i have no idea where i could've jacked something up.
<RediXe> Deeeps, okay.
<MatBoy> I have some weird issues with proftpd and mysql... my quota is not updated in the DB...
#ubuntu-server 2009-01-29
<amelie> hi
<amelie> [18:53] <amelie> I made a RAID 1 with 2 500gb hard drives
<amelie> [18:54] <amelie> i mean (2)  500 gb hard drives
<amelie> [18:54] <-- Dragonmaster_Dan has left this server (Remote closed the connection).
<amelie> [18:54] <amelie> formatted the partitions with ubuntu server 8.10
<amelie> [18:54] <amelie> then, downloaded the kubuntu-desktop
<amelie> [18:54] <amelie> my system was working right during a month
<amelie> [18:54] <amelie> and suddenly, I've got this error:
<amelie> [18:55] <amelie> /dev/md6: clean, 37/24096 files, 34600/96256 blocks
<amelie> [18:55] <amelie> /dev/md9 contains a file system with errors, check forced.
<Kamping_Kaiser> fsck did a check. so what?
<cjwatson> dayo__: I see RediXe's gone, but for the record I believe our standard documented method is 'sudo deluser <user> admin', just as adduser is our standard documented method for adding users
<amelie> /dev/md9: File ... (inode #14246082, mod time Tue Jan 27 18:53:46 2009)
<amelie>   has 1 multiply-claimed block(s), shared with 1 file(s):
<amelie> /dev/md9: 	/amelie/.mozilla/firefox/2d4jsiml.default/Cache/41628DC2d01 (inode #14246794, mod time Tue Jan 27 23:01:42 2009)
<amelie> /dev/md9:
<amelie> /dev/md9: UNEXPECTED INCONSISTENCY; RUN fsck MANUALLY.
<amelie> 	(i.e., without -a or -p options)
<amelie> fsck died with exit status 4
<amelie> what does it mean?
<jmarsden|work> amelie: It means that filesystem has an issue that fsck cannot fix automatically... umount it and then do what the error msg says... run fsck manually :)
<twb> Where can I read about the differences between the linux-image-server and linux-image-generic packages?
<twb> "server" is rather more nebulous than the -march variations I'm used to under Debian.
<maxb> twb: -server vs. -generic is more about the selection of kernel config options, than the cpu architecture
<maxb> Things like is the scheduler tuned for desktop responsiveness, or server throughput
<twb> maxb: indeed; so where can I read about who decides what things to tweak, and how?
<maxb> who? The kernel team, I suppose. What exactly? Not sure, though you could always resort to diffing the relevant files in the source package
<twb> I was hoping there'd be a policy document (say, in the wiki) about it.
<amelie> thanks jmarsden|work, but the thing is i don't know how to use the fsck or mount a partition; i'm pretty newbie on this
<jmarsden|work> amelie: Are you the administrator of a machine running Ubuntu Server?
<maxb> twb: Well, you could hop on #ubuntu-kernel, ask, and hang around for a while.
<amelie> yes
<jmarsden|work> OK.  Is the filesystem on /dev/md9 mounted now, or not (can you get at the files on it)?
<amelie> i don't know
<amelie> i just hit control D to boot up normally
<jmarsden|work> OK, open up a Terminal and in it do      mount | grep md9    and tell me what it displays
<twb> maxb: thanks.
<amelie> "/dev/md9 on /home type ext3 (rw,relatime)"
<amelie> i suppose it means is mounted right?
<jmarsden|work> OK, so it is mounted.  We need to undo that so we can fix it... but it is your /home partition, which could make life fun... are there other users currently logged into or accessing this server right now.
<jmarsden|work> Or just you?
<jmarsden|work> (Basically, it may be simplest to reboot it to the point where it shows the error and drops you into a recovery shell... but that will affect any other users!
<jmarsden|work> amelie: I only have about 15 minutes before I have to leave here... is it OK with you if we reboot your server as part of fixing this issue??
<amelie> well, you mean restart the computer completely?
<amelie> i don't know to use the fsck command
<jmarsden|work> Yes; once we restart and you get to where you did ctrl-D last time, I can help with the fsck part...
<amelie> how do i do that?
<amelie> log as another user?
<jmarsden|work> ?  You don't know how to restart your server??  Something feels odd here.
<amelie> i told you
<amelie> i'm a newbie....
<jmarsden|work> Then who configured the server with software RAID...?
<amelie> me
<jmarsden|work> OK... if you are sure you are the only user using the server, do     sudo shutdown -r now
<amelie> i just format 4 partitions on each disk as "raid" and later tied each one with the menu
<amelie> and asign the mount points and system type
<jmarsden|work> Oh... she was IRCing from the server itself?!  OOPS.
<amelie> jmarsden|work: I made the fsck
<amelie> and hit the default options
<amelie> the /dev/md9, ended with errors I think
<amelie> whe the system restarted, it says the same thing about unclean shutdown, but with partition md7
<amelie> then, the automated fsck, worked
<amelie> and reboot normally
<amelie> i don't know if is working good now...
<amelie> still there?
<amelie> well, i supposed you are busy
<amelie> i'll come tomorrow is late for me now
<amelie> thanks for the help
<amelie> bye
<kansan> anything after exit 0;  in /etc/rc.local will NOT get executed... correct?
<looseparts> Hello. Probably more of a windows question, but deals with Ubuntu and samba, so. I have finally setup my smb.conf to allow me to map a drive to a share on my server from my windows box. I want it to reconnect at boot up but it is requiring a password where i want it to connect automatically. thanks.
<SudoKing> hi guys, my server (on LAN) is trying to initiate a connection to the gateway.  This computer I'm using is attached to the same LAN and can connect successfully.. the eth0 device doesn't recieve a DHCPOFFER, how can I identify the problem? :\
<jtmoney> hey guys, i have software raid and updated my kernel... now my machine won't boot back up... how can i go about fixing this?
 * soren realises that in order for the opennebula driver to get into the libvirt package, OpenNebula needs to be in main.
<Scix> Is this the place for solving  gpgv problems?
<tarimari> hi guys
<tarimari> i want to setup hosts so that *.loc go to localhost. is it possible?  then from apache2 configuration, i ll direct to different website-folder
<domas> ... can do with dns not with hosts
<domas> but as he quite
<domas> quit, he won't find that out
<Chipzz> are the base differences between a debian and ubuntu install documented somewhere?
<Chipzz> read: if I install debian, with no tasks selected in tasksel, and ubuntu server alternate with no tasks selected in tasksel, what are the differences I should expect?
<Chipzz> I'm aware of init vs upstart, and different kernel packages
<Chipzz> but any other issues where ubuntu deviates from debian?
<kaushal> hi
<kaushal> is there a step by step guide to install Oracle 9i Release 2(9.2.0.4) on Ubuntu Server 8.10 ?
<domas> we already told you!
<kaushal> domas, you said it for MySQL DB :)
<domas> yes yes, but that solves your issue!
<Scix> How can i get something like "server:/home/* /home/*/Server nfs noauto,user" to work in fstab?
<Scix> Or it here an other way to mount a NFS dir, without beeing root
<SmokeyD> hey people. Does anyone have tips for software I can use to monitor the amount of bandwidth consumed by postfix,dovecot and apache2 all running on the same machine, split up per domain name?
<SmokeyD> I am thinking of doing it with iptables, but I don't know if iptables can distinguish between the virtual domainnames of smtp and pop3/imap traffic
<soren> It can't.
<SmokeyD> soren: ok, you have any other recommendations?
<soren> No.
<SmokeyD> or maybe monitor web traffic through iptables and other data through other means
<soren> The web traffic case is clearly the simplest. Apache logs the size of each request and can be told to log to separate files for each domain.
<soren> No need to get iptables involved.
<SmokeyD> soren: :)
<SmokeyD> good one
<soren> The others are much more difficult.
<soren> Neither postfix nor dovecot log sizes of requests.
<soren> For dovecot you also might have very, very long-lived connections, which makes it quite difficult.
<lamont> soren: postfix does log sizes
<soren> lamont: Of SMTP sessions?
<soren> lamont: ...or message sizes?
<lamont> though you also get long-lived connections with connection caching now...
<lamont> message sizes
<soren> Ok.
<SmokeyD> ok
<lamont> OTOH, message size should roughly correlate to session size.  with a fudgefactor for turning DATA into $SESSION
<soren> Also, what if a message is addressed for foo@example.com, but is delivered to foo@example2.com? Who should this count against?
<SmokeyD> lamont: yes indeed, I can assume that since pop3 is mainly used, twice DATA=$SESSION (once arriving through postfix, once downloading through dovecot pop3)
<soren> Logging of e-mail traffic like this is much less clear-cut.
<soren> SmokeyD: Unless they decide to keep mail on the server.
<SmokeyD> soren: indeed
<SmokeyD> but I can assume they don't I think. I am not talking about a major commercial hoster, just a few domainnames of people I know well and trust
<soren> If that's the case, why are you monitoring this?
<chimp> When connecting to a webserver via its ip address, is it possible to pass it the host name you intend to use externally so that it sends you to the correct apache virtual webserver?
<sommer_> chimp: sure, just add the hostname to your /etc/hosts file
<chimp> I am a massive fool
<chimp> cheers
<chimp> must be too much revising of physics, ruins ones brain
<sommer> I wouldn't say "massive" :-) ... it's one of those things that until you need to do it there's not much reason to know how
<chimp> yeah but ive done it plenty of times before
<chimp> my hosts file is full of stuff :S
<DogWater> Does anyone know of any single command way to remove all partitions in Ubuntu?
<domas> that sure must be single command
<DogWater> hmm?
<frippz> DogWater: I think you'll have to use fdisk for that (no single command as far as I know, unless you get someone to write a script for you :P)
<soren> DogWater: Just nuke the partition table?
<domas> random dd could work, yes :)
<soren> DogWater: "dd if=/dev/zero of=/dev/nameofthedevice bs=512 count=1"
<soren> Sounds like a horrible idea, though.
<domas> mkswap /dev/nameofthedevice %)
<domas> back when I was evil kid, I used to suggest 'mkswap' instead of usual 'rm -rf'
<domas> would work quite well
<lionel> soren: could you have a look at bug #223024 please. MOTU-SRU is interested by a ~ubuntu-server member POV on the patch before hacking
<uvirtbot`> Launchpad bug 223024 in apt-cacher "apt-cacher / Use of uninitialized value in concatenation / line 169" [Medium,Confirmed] https://launchpad.net/bugs/223024
<alexrussell> Hi folks. I've recently installed a new (64 bit) Ubuntu Hardy Server and did the LAMP option. Thsi has installed PHP as an apache module (as far as I can tell), but I want to install PEAR. If I do a 'sudo apt-get install php-pear' it talks about wanting to install php5-cli. While I'm happy to do so, will this ruin the default LAMP set-up (or even not give my non-cli php5 installation no access to PEAR which was my original intention in
<alexrussell> the first place)? Also, I hear if one uses the cli version of php with apache, files need execute permission. Is this true and if so I'd like to avoid this situation as chmodding all php files to +x is a pain when the server's being used on a samba network...
<alexrussell> ...sorry for the big lump of text there
<_ruben> php-cli is just an addition to the apache modules .. you can have apache use the php modules and also have the php commandline tool installed at the same time
<_ruben> iow: installing pear wont break your php+apache config
<_ruben> unless something freaky happens
<alexrussell> excellent, thanks
<axisys> can I install ubuntu 64bit server on T1000 (sun4v) ?
<jrwren> yes.
<axisys> can I install the 8.10? it shows 7.10 certified
<jrwren> if you can find a version for the ultrasparc T1 processor.
<axisys> jrwren: partners/sun shows 7.10 as the latest certified for t1000
<axisys> i wonder if i can install 8.10
<axisys> ofcourse i can give it a try.. but wondering if anyone did it
<jrwren> 7.10 looks like the last sparc release
<jrwren> i'm just browsing here: http://osmirrors.cerias.purdue.edu/pub/ubuntu-releases/
<ScottK> 7.10 was the last release that had official Canonical support for Sparc.  I know people who use the later releases.
<jrwren> notice how in teh 7.10 directory there is a "sparc" iso image.
<jrwren> but 8.04 there is not.
<ScottK> It was moved to ports.
<ScottK> There's a different URL.
<ScottK> They aren't (I don't think) mirrored so look at ports.ubuntu.com (IIRC).
<binspace> Is there an ubuntu universe/multiverse repository on ec2?
<Deeeps> umm, i've not used ec2 before, but surely you just add them to your sources.list like anywhere else?
<binspace> Yeah, I was just wondering if there was a public mirror. The reason is to make installs/updates faster.
<axisys>  ScottK: i dont see the iso in ports.ubuntu.com
<ScottK> I'm not sure then.
<axisys> i see mini.iso, netboot, cdrom
<axisys> they are as recent as jan 24 2009
<ScottK> I except the mini.iso would be enough to get a booting system, but i don't know.
<ScottK> Those will be for Jaunty then.
<axisys> i saw an article on how to install using mini.iso and netboot..
<ScottK> There was a period where CD builds for ports weren't happening, so that may be why you don't see them.
<axisys> can't find it now.. the how to
<lionel> axisys: you should find what you want on http://cdimage.ubuntu.com/ports/releases/
<axisys> lionel: sweet! that's exactly what I was looking for
<axisys> lionel: thanks a lot
<lionel> you're welcome
<mathiaz> soren: dendrobates- told me there was a need to come up with a PKI infrastructure for your cloud work
<mathiaz> soren: is there a specific document that outlines the requirements?
<dendrobates-> ha, soren document that goes against his religion.
<mathiaz> soren: how does it work from the client side?
<dendrobates-> right now certificates are ssh'd around by a shell script
<dendrobates-> mathiaz: ^^^
<mathiaz> dendrobates-: well - I've looked into openldap and all of the bits to support an X509 PKI are there
<dendrobates-> mathiaz: I'm not sure how far we will get into this this release, but be prepared to talk to the euacalyptus team next week,
<mathiaz> dendrobates-: support for rfc 4523 is there
<mathiaz> dendrobates-: which means we should be able to store all of the certificates in an ldap tree directly
<mathiaz> dendrobates-: ok- is there at least somewhere I can look at to understand how certificates are used in the overall architecture?
<dendrobates-> mathiaz: now all they have to do is be able to get them out.
<dendrobates-> mathiaz: I can give you an email addess to send a request to.
<mathiaz> dendrobates-: I guess that would already be better than digging in the code
<dendrobates-> mathiaz: I'm sure they have docs.
<soren> mathiaz: I'm not familiar with the intimate details of it, I'm afraid.
<ivoks_> https://wiki.ubuntu.com/Testing/Cases/UbuntuServer-drbd
<ivoks_> i hope everyone can follow this one
<mathiaz> ivoks_: seems like a good page! Thanks for putting it together
<ivoks_> np
<ivoks_> mathiaz: testing primary-primary would require setting up cluster, so i decided to leave that out
<ivoks_> it's too complicated for testing
<ivoks_> if someone doesn't understand how it works
<ivoks_> it's complicated to explain, not to test :)
<mathiaz> ivoks_: right. That's a good start.
<ScottK> Step 1: Go learn all about brbd.  Step 2: The rest is obvious.
<ScottK> ;-)
<ivoks_> drbd :)
<jmedina> good, here another infor about brdb and lvm resize
<jmedina> p://www.asplund.nu/xencluster/xen-extend-domu-disk.html
<ivoks_> drbd! :D
<ivoks_> resizing...
<ivoks_> i could add that to a test
<jmedina> :D, they have to change their products name :D, looks like brdb is easier
<ivoks_> first d is from disk
<ivoks_> so... :D
<axisys> ok i downloaded the iso from cdimages.. now how do I jump it? never jump installed ubuntu.. only solaris
<ivoks> jump install?
 * ivoks googles
<ivoks> google shares my feelings :D
<ivoks> could you explain what's jump install?
<axisys> ivoks: hehe.. i meant jumpstart .. (solaris term)
<axisys> ivoks: how do I network install
<axisys> ivoks: the server has no CDROM or USB
<axisys> ivoks: t1000
<ivoks> oh
<ivoks> https://wiki.koeln.ccc.de/index.php/Ubuntu_PXE_Install
<ivoks> i find this tutorial perfect
<ivoks> just watch out when downloading image
<ivoks> 'Get and install the files'
<orudie2> how can i find out which version of php and mysql server is currently installed ?
<ivoks> apt-cache show php5
<ivoks> apt-cache show mysql-server
<ivoks> axisys: sparc?
<axisys> ivoks: yes
<yann2> axisys > hi
<yann2> axisys > could you write an article once you get it to work? i got some t1000 too
<axisys> yann2: sure
<yann2> you plan to install which version?
<ivoks> axisys: http://ports.ubuntu.com/dists/hardy/main/installer-sparc/current/images/sparc64/netboot/
<yann2> hey I didnt know there still were some isos for sparc for hardy
<ivoks> ports.ubuntu.com has it all
<ivoks> :D
<axisys> yann2: for isos you go to cdimages.ubuntu.com/ports
<axisys> ivoks: i was not looking for images
<ivoks> axisys: those aren't images
<ivoks> axisys: that's kernel and initrd for netboot
<axisys> ivoks: true
<axisys> ivoks: this looks a good starting point for how to for me
<axisys> ivoks: https://help.ubuntu.com/community/Installation#Server and network installations
<ivoks> i've never netbooted sparc
<ivoks> i don't know how that works...
<axisys> ivoks: boot net - install at ok prompt.. it looks for the tftp
<ivoks> great
<ivoks> i would just follow the link i gaved you
<ivoks> and instead of serving i386 initrd and kernel, serve sparc kernel and initrd
<ivoks> from the other link i pasted
<genii> Another great link is https://wiki.koeln.ccc.de/index.php/Ubuntu_PXE_Install for netboot installs
<ivoks> :)
<ivoks> genii: i agree :D
<genii> ivoks: Ah, when I check backscroll I see it was posted already, apologies for my redundancy :)
<ivoks> redumdacy is good
<ivoks> we are on #ubuntu-server
<genii> Hehe, yes
<ivoks> we like redundacy :D
<ivoks> bah...
<ivoks> too many typos today
<grindking> if i wanted to change the desktop machine i've been using with 8.10 intrepid to more of a server setup, would it be a bad idea to just install the packages i need, and remove the ones i don't rather that installing the actual ubuntu server iso? i'm trying to save a step if i can :D
<asterisk_user2> Hello
<asterisk_user2> we want to replace our Windows 2000 server (active directory)
<asterisk_user2> and we would like to use UBuntu server
<asterisk_user2> Is that possible with Ubuntu ? (to use as a file server with AD features)
<ivoks> mathiaz: i've added test D, primary-primary
<jmedina> asterisk_user2: depends what AD features you want
<jmedina> with samba3 you can implement a NT4 Domain Controller
<asterisk_user2> NT4 domain controller ? OK
<asterisk_user2> will have a look at that
<ivoks> AD will be possible with samba4
<asterisk_user2> I would like to block internet settings
<asterisk_user2> and other configuration options
<asterisk_user2> for security reasons
<asterisk_user2> OK nice to hear
<ivoks> it is not possible to replace windows AD with non-windows AD
<ivoks> at the momment
<ivoks> samba4 will be able to do that, but it's not stable yet
<asterisk_user2> ok thank you ivoks
<asterisk_user2> do you know when samba4 is stable enough for production use ?
<asterisk_user2> maybe 2010 ??
<ivoks> maybe even this year
<asterisk_user2> i just found http://wiki.samba.org/index.php/Samba4
<asterisk_user2> sounds very cool !!
<ScottK> We have alpha grade Samba4 packages in Intrepid and Jaunty.
<asterisk_user2> who tried SAMBA4 ?
<asterisk_user2> SAMBA 4 seems to become much better than 3
<ivoks> it's a rewrite
<jmedina> asterisk_user2: but samba4 is not yet complete
<asterisk_user2> yes i know...
<asterisk_user2> looking forward to samba4
<jmedina> asterisk_user2: you can make your donations to the samba fundation to speed up development XD
<asterisk_user2> ok
<asterisk_user2> i think i will !
<kansan> do things in /etc/rc.local get run as root?
<kansan> i.e. if i want to do:  "sudo start runsvdir"  how do i make sure that happens on every startup?
<jmedina> kansan: yeap
<kansan> jmedina, so i dont need the sudo there huh
<jmedina> dont think so, try it with a simple echo
<ivoks> it runs as roon
<ivoks> root
<ivoks> brb
<axisys> i am reading the mailing list ... i get the impression ubuntu will drop the ball on sparc very soon.. is that general belief here?
<ivoks> axisys: i have couple of sparc servers
<ivoks> axisys: it's not supported by canonical
<ivoks> axisys: but it still gets builded and isos are created
<axisys> ivoks: is the support dropped or was never there ?
<ivoks> it was there for couple of releases
<ivoks> axisys: but, for example, bug in openssh is fixed in source, and all binaries are builded, including those for sparc
<axisys> ivoks: my work wont let me install it unless there is some support available.. i guess i rather go with solaris then :-(
<axisys> hmm. what a predicament
<ivoks> i've choosed ubuntu for my sparcs
<ScottK> ivoks: Offer him a support contract.
<ivoks> :)
<axisys> heh
<ivoks> i just love drbd :)
<kees> ivoks: I really want to play with it again.  I tried to set it up back around 2003 or 2004 or so.
<ivoks> kees: it's way cooler these days :D
<ivoks> it even supports three nodes
<kees> !!
<kees> nice
<kees> ivoks: yeah, it had Issues(tm) back then.
<kees> I wanted it for making our mailman server into a hot-spare cluster.
<kees> mailman really didn't like the idea of being on 2 filesystems.  :)
<ivoks> :)
<ivoks> i'm looking how to integrate it better with cluster-suite
<ivoks> now it's just too much manual work
<ivoks> it should start from rcS.d not rc2.d, before cluster-suite
<ivoks> so that one can have gfs on top of drbd
<ivoks> and still be able to boot :D
<kees> cool
<ivoks> i just fixed it :D
<ivoks> yay!!! :D :D
<ivoks> i'll upload the change
<ivoks> oh, i can't do that :D
<ivoks> i think sshd should be the first service that starts after network is up
<ivoks> not mounting filesystems
<Jeeves_> hi all
<ivoks> zul: good catch
<ivoks> zul: on bacula
<zul> dendrobates caught it
<genii> ivoks: How can it know where sshd is until it mounts the dir containing it?
<ivoks> genii: you are talking about the case when /usr is different partition?
<ivoks> anyway
<ivoks> network is up after local filesystems are mounted
<ivoks> so, there is no problem
<ivoks> problem is that GFS/GFS2/NFS are mounted and some services are started before SSH is up, before you have access to remote system
<Deeeps> ivoks: unless sshd is on a network file system
<ivoks> this is great when everything works
<ivoks> but when you have faulty drbd/gfs or some service
<ivoks> you are in big trouble
<ivoks> Deeeps: well, that's a corner case... in that case, everything is possible
<ivoks> i had a case when my system didn't come up
<jrwren> ssh in initrd!
<jrwren> :)
<Deeeps> likewise recently, if you rememeber ;)
<ivoks> it was thousands of kms away, and it just had IP
<jrwren> maybe dropbear sshd would fit :)
<Deeeps> with sendmail and bind9-host hehe
<kees> ivoks: dropbear, d'oh jrwren beat me
<ivoks> hm... no, maybe someone doesn't want ssh?
<Deeeps> thats when you kick yourself for not having an IPKVM / real servers with iLO and the like
<ivoks> desktops, for example
<ivoks> Deeeps: luckly, i had IPMI :D
 * jmedina loves IPMI
<Deeeps> atta boy
<ivoks> i would just move ssh from rc2.d to rcS.d
<ivoks> before portmap
<ivoks> and other network stuff
<ivoks> what's with upstart anyway?
<ivoks> upstart would solve this problem
<uvirtbot`> New bug: #319850 in mysql-dfsg-5.1 (universe) "mysql-*-5.1 still depends on mysql-common-5.1." [Undecided,Fix released] https://launchpad.net/bugs/319850
<jrwren>   What would you like to do about it ?  Your options are:
<jrwren>       D     : show the differences between the versions
<jrwren> would be cool if dpkg would invoke a 3way diff tool.
<sektor1952> evening
<sektor1952> what's the best way to installing gnome without the extra fluff like kernels, bluetooth etc
<Kamping_Kaiser> pardon?
<sektor1952> I would like to install gnome to make it easier build some stuff out but aptitude install ubuntu-desktop installs way too much
<Kamping_Kaiser> try gnome-desktop-environment or gnome-desktop. (however, i feel your question is somewhat OT for here)
<sektor1952> well I installed ubuntu server from iso
<ScottK> As soon as you say Gnome, it's OT here.  Doesn't matter what you installed.
<sektor1952> my apologies
<sektor1952> thx
<binspace> Hello, I need some help with debconf with mysql-5.0. It doesn't seem to work.
<binspace> I've tried echo "mysql-server mysql-server/root_password select" | sudo debconf-set-selections
<binspace> and echo "mysql-server-5.0 mysql-server/root_password password password" | sudo debconf-set-selections
<binspace> and I still get prompted
<binspace> erichammond: Hey Eric, can I pick your brain for a bit?
<erichammond> binspace: If you ask questions I might be one of the people who answers :)
<erichammond> binspace: If it relates to EC2 you might find a wider variety of experts on #ubuntu-ec2 and ##aws
<binspace> ok, thanks
<erichammond> (including me)
<uvirtbot`> New bug: #322952 in nagios3 (main) "several reports will not allow submitting parameters" [Undecided,New] https://launchpad.net/bugs/322952
<binspace> *sigh* Ubuntu is driving me crazy
<binspace> Ok. I found the solution. I was doing apt-get install mysql-server
<binspace> I needed to do apt-get install mysql-server-5.0
<binspace> sheesh
<rgotten> has anybody good experience with software raid
 * ogra points binspace to man debconf and the fset command (with seen = true) to avoind questions after preseeding
<binspace> ogra: Honestly I was staring at man debconf, and its pretty anemic. I don't understand what you mean by fset and seen = true. I know that the default answer is to RTFM, but TMFS (the manual fucking sucks).
<binspace> And relevant examples go much further than mountains of configuration documentation. Simply put the signal to noise ratio of man pages tends to be tiny.
<ogra> binspace, echo -e "set mysql-server/root_password select\nfset mysql-server/root_password seen true" | debconf-communicate mysql-server
<ogra> that line would tell debconf to never ask that question again
<ogra> i agree that man debconf isnt actually of much help if you want to do preseeding ... man 7 debconf is though
<binspace> ogra: Dude. You are a force of nature :-) Thanks alot.
<binspace> I noticed that man debconf-devel has the fset info
<ogra> oh, its actually debconf-devel :)
<ogra> not debconf
<binspace> yeah. Its a weird naming convention. I figured it was for people hacking on debconf. I guess the rule is follow the see also links.
#ubuntu-server 2009-01-30
<Rafael> error 25 anybody know what it is?
<maxb> without more context, no, no way at all
<orudie> hi, how can i change timezone ?
<rdw200169> /etc/timezone
<rdw200169> run the command tzselect
<Bangers1> I have a cron job that puts all output into a file .. how can I then after that cron job runs, email that file to myself?
<Bangers1> * * * *  /foo/script.log > /tmp/file.log 2>&1
<Bangers1> can I do:   * * * *  /foo/script.log > /tmp/file.log 2>&1 ; cat /tmp/file.log | mailx -s "email" email@email.com ?
<rdw200169> Bangers1, some metioned here the other day that there's a way to do it with postfix, but i can't remember what he said
<rdw200169> Bangers1, i've always done it with the program sendemail though
<Bangers1> i dont care what program I use, mailx or whatever...
<Bangers1> My question might be cron syntax related?
<jmedina> Bangers1: well that cat is extra
<jmedina> pipe the output from script.log directrly to email :D
<maxb> Bangers1: Doesn't cron email all output from jobs to the invoking user anyway?
<Bangers1> That's true, but I still want that file written to the system for keeping in the future (output file is /tmp/file.log.$(date)
<jmedina> then use tee
<maxb> Well, how about foo 2>&1 | tee -a mylog.log
<Kamping_Kaiser> why not set the MAIL= flag in your crontab ?
<Kamping_Kaiser> ah, we've established that *finishes reading up*
<Bangers1> if I foo 2>&1 | tee -a mylog.log -- wont i be in the same position I was before?  cron wont have any output to email me...
<Bangers1> Oh, ignore me.  tee copied output to the FD, and to stdout still
<Bangers1> ok last question, why does this work?  But adding the $(date) stops it from working?
<Bangers1> WORKS 25 1 * * 5 /usr/bin/ssh user@server "ls -l" 2>&1 | tee /tmp/file.log | mailx -s "test" email@email.com
<Bangers1> DOESNT WORK 25 1 * * 5 /usr/bin/ssh user@server "ls -l" 2>&1 | tee /tmp/file.log.$(date +'%F') | mailx -s "test" email@email.com
<thehook> Bangers1: shot in the dark here, but are you 199% sure the syntax is correct?
<Bangers1> Yep.  it works in bash, but as a cron job it doesnt work
<Deeeps> use the absolute path to date
<Bangers1> hrm, the problem is cron uses 'sh' not bash for the input command, and my command isnt valid for sh
<Deeeps> ah, yes, that too, heh
<orudie> how can i check free desk space ?
<orudie> disk
<Deeeps> df
<Nat_RH> df -h is a little easier to read
<orudie> ok, when i do rm -r dir/ , does the space free up ? i just deleted like 3 gb directory
<orudie> and i think the disk space didnt change
<jmarsden|work> orudie: Yes, it frees up, unless some other process has the files open.
<jmarsden|work> In that case it will free up once that process closes the files concerned.
<pirroh> hi, are you able to set parameters with setenv.sh for tomcat6? (8.10 server obviously)
<pirroh> no one around with tomcat6 and 8.10?
<StuckMojo> hi
<StuckMojo> anyone know the trick to getting the dual LSI Logic / Symbios Logic SAS1068 PCI-X Fusion-MPT SAS controllers to work with the MD3000 in 8.04 ?
<Wicked> hmm...just updated...trying to reboot to the new kernel.....shutdown -r now is doing nothing....says its going down to reboot..but 5 mins later and im still in the same session and it never rebooted
<Wicked> reboot and halt do the same thing....says its going down..but never does
<StuckMojo> nevermind, got it. it was multipath IO, needed to install and configure multipath-tools
<uvirtbot`> New bug: #313249 in samba4 (universe) "samba problems (dup-of: 278864)" [Undecided,New] https://launchpad.net/bugs/313249
<genii> Flannel: My thinking is an Ubuntu-based software port forward howto would be more apt than one for hardware routers. But maybe that's just me :)
<genii> Sorry, wrong channel :)
<ivoks> did anyone notice that unix time 1234567890 is on friday, 13. of february? :)
<Kamping_Kaiser> rofl. no i didnt
<domas> ivoks: nice
<_ruben> sweet :p
<Koon> ivoks: let's call it "Happy 1234567890" day
<_ruben> ;)
<Kamping_Kaiser> wonder if unix time will end early ;)
<henkjan> in 2038 we'll have a problem
<Koon> Yeah, about around by 65 years birthday.
<Koon> my 65-year birthday I mean
<Kamping_Kaiser> mmm. near my 53rd iirc
<Koon> Jan 19, 2038, and I'm born Jan 18 ;)
<Koon> Just about the right time to retire.
<ivoks> :)
<dayo__> i don't have the directory /root/bin. can i just create it manually, or would this usually be autocreated by something else?
<cjwatson> nothing would autocreate that
<cjwatson> you can create it manually if you want
<domas> you can create a package that autocreates it
<domas> \o/
<dayo__> thanks, guys.
 * MenZa creates domas.
<ariphone2G3G> hi
<domas> I'm already here/there/somewhere!
<ariphone2G3G> someone could help me plz with pptp server ; ?
<domas> shiiiit, /me kicks forcedeth multiple times, more and more and more
<ariphone2G3G> domas ...
<domas> what
<domas> pptp server? just run it!
<ariphone2G3G> after connecting to it i get disconnected after exactly one min ;...
<Kartagis> hello
<Kartagis> i've read and applied https://help.ubuntu.com/8.04/serverguide/C/postfix.html and yet i get the error Jan 30 14:20:59 ozses postfix/smtpd[29010]: warning: cannot get private key from file /etc/ssl/private/smtpd.key / Jan 30 14:20:59 ozses postfix/smtpd[29010]: warning: TLS library problem: 29010:error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch:x509_cmp.c:399: / Jan 30 14:20:59 ozses postfix/smtpd[29010]: can
<Kartagis> not load RSA certificate and key data. how come?
<uvirtbot`> New bug: #323158 in dhcp3 (main) "alt installer looping, dhcp request every second" [Undecided,New] https://launchpad.net/bugs/323158
<refnumzx> I have been trying for a bit now to get kvm 83 from jaunty into intrepid.  Someone here suggested prevu to try and build an intrepid deb from jaunty.  I read the documentation and followed the instructions.  I am getting a problem satisfying deps.  . Selecting previously deselected package pbuilder-satisfydepends-dummy.
<refnumzx> pbuilder-satisfydepends-dummy depends on debhelper (>= 7.0.17ubuntu2);
<refnumzx> I have tried prevu debhelper.  Then prevu-update as directed in the docs.  The error does not change.  Any suggestions?
<PecisDarbs> refnumzx: usually you have to modify control file or rules file in debian/ subdirectory of the source
<PecisDarbs> refnumzx: they contain depencies and intrepid and jaunty depencies of course will be different...a little bit, but still
<domas> meh, more forcedeth crashes
<PecisDarbs> domas: it still crashes? :)
 * PecisDarbs remebers when it was introduced first....crashed as hell
<domas> PecisDarbs: "soft lockup"
<PecisDarbs> domas: oohhh dear
<domas> meh, will just use vanilla 2.6.28.2 kernels
<domas> though... I did all workarounds mentioned in server manual
<domas> server was both receiving and pushing out a gigabit of traffic + 100MB/s i/o activity
<domas> and it locked up
<refnumzx> PecisDarbs: i thought that is whatprevuwas ment to handle? i do not know how do modify those files as you describe
<PecisDarbs> refnumzx: it is very important to have packages today or you can wait for a day or two?
<soren> refnumzx: It's really rather simple..
<PecisDarbs> refnumzx: I could try to build them, because I will play with KVM next few months anyway
<soren> refnumzx: Add a deb-src line to your sources.list for Jaunty
<soren> And run:
<soren> sudo apt-get build-dep kvm
<soren> apt-get source kvm
<soren> cd kvm-83+dfsg
<soren> sudo apt-get install fakeroot
<soren> dpkg-buildpackage -rfakeroot -b -uc -us
<soren> Done.
<refnumzx> soren: there are a number of deb-src lines in the sources.list file. which do i need to add from the jaunty archive?
<soren> One with main in it
<soren> Something like
<soren> deb-src http://se.archive.ubuntu.com/ubuntu jaunty main
<refnumzx> thanks.
<Doonz> hey guys. i was using screen in my shell i was brosing the net using elinks. it crashed on me so i killed the window it was in. now when i lauch screen it starts up and then when it asks you to hit enter and returns you to the shell it gives me a whole bunch of errors and doesnt work. any ideas?
<Kartagis> i've read and applied https://help.ubuntu.com/8.04/serverguide/C/postfix.html and yet i get the error Jan 30 14:20:59 ozses postfix/smtpd[29010]: warning: cannot get private key from file /etc/ssl/private/smtpd.key / Jan 30 14:20:59 ozses postfix/smtpd[29010]: warning: TLS library problem: 29010:error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch:x509_cmp.c:399: / Jan 30 14:20:59 ozses postfix/smtpd[29010]: can
<Kartagis> not load RSA certificate and key data. how come?
<ScottK> Kartagis: Is it you who is posting to the postfix-users list about this same question.
<Kartagis> ScottK, yes
<ScottK> Kartagis: Did you get your question answered then?
<Kartagis> ScottK, I posted a reply to Wietse's post
<eolo999> hi, is it allowed to log apache errors to multiple locations?
<ScottK> If you gave a password when you made the cert, that's definitely a problem.
<cjwatson> if somebody could look into bug 323158, I'd appreciate it; I'm very unfamiliar with the internals of dhclient
<uvirtbot`> Launchpad bug 323158 in dhcp3 "alt installer looping, dhcp request every second" [Undecided,New] https://launchpad.net/bugs/323158
<eolo999> in other words to have two ErrorLog directives
<domas> oooooh, I have a question! what are pros/cons of irqbalance?
<domas> as in, why would anyone not run it?
<domas> (or why it wouldn't be on by default on ubuntu server)
<Kartagis> ScottK, it asked me a password, so i gave one
<ScottK> that's your problem.
<ScottK> Redo the cert and just leave it blank.
<Kartagis> okay thanks
<ScottK> Kartagis: Please take a look at those docs and see what they lack that led you astray.  Then file a bug against ubuntu-doc explaining what went wrong and what it needs to say that it didnt'
<ScottK> Kartagis: That way the next person to come along doesn't have the same problem.
<ScottK> sommer: ^^^
<Kartagis> ScottK, it gave me You must type in 4 to 8191 characters when i left the password blank
<ScottK> Odd.
<ScottK> Then there's something else about what you are asking it.
<ScottK> Did you see the posted link in that thread to the community docs page?
<ScottK> See if that invokes openssl any different.
<ScottK> I'm in a meeting right now, so I can't focus on it.
<Kartagis> https://help.ubuntu.com/community/Postfix?action=recall&rev=43 ?
<ScottK> In about an hour I can probably help you get it sorted.
<ScottK> I think so.
<Kartagis> i'll be back  on Monday
<Kartagis> or maybe this weekend
<Kartagis> bbl ScottK, thanks
<MadChopr> so, i'm trying to configure Amanda Backup client on Ubuntu 8.10... should I install xinetd?  or should I be doing something else?
<MadChopr> (well amanda server and client on the same machine)
<barduck> how can I make ubuntu server automount my external USB drive like ubuntu desktop does? I tried usbmount but it doesn't automount the disk (its NTFS)
<jmedina> barduck: I think there is not the same support for ntfs as in the desktop
<jmedina> Im not sure, in the desktop is supported by fuse, never tried to mount ntfs in a desktop :D
<barduck> jmedina: I can mount it manually without a problem. but I want it to automount it each time I plug the USB drive
<jmedina> probably with autofs
<jmedina> like in the old times :D
<Deeeps> or using a udev script
<barduck> hmmm...never used autofs, I will go google it. I read that usbmount is a light and easy sctipt that can do this
<barduck> but I am not sure if it is supposed to work for ntfs
<barduck> usbmount uses udev
<Deeeps> i'd recommend that approach personally
<barduck> I am not sure what to put in the usbmount.conf, fdisk says the filesystem is HPFS/NTFS but when I mount it df -T says is is fuseblk
<jmedina> Deeeps: yeap, udev is the new way
<barduck> so if usbmount uses udev, it is supposed to work somehow ?
<Deeeps> indeed, it's mounted using ntfs-3g, which is built around fuse
<jmedina> then you have fuse support :D much better
<Deeeps> so fileststem would be ntfs or ntfs-3g
<Deeeps> filesystem*
<barduck> should try to put ntfs or ntfs-3g in usbmount.conf ?
<Deeeps> yep
<barduck> ok, will try. If that doesn't work, next thing is to write udev script for that particular drive ?
<Deeeps> that would be my approach, yep
<barduck> ok, I will try. gona be tough battle for me but I will give it a shot
<barduck> thanks
<barduck> udev just calls whatever in /etc/udev/rules.d/ for each change, right ?
<Deeeps> i believe so
<dou213> hey guys, how can i fetch my external ip from shell?
<Deeeps> if ifconfig doesn't display it, `wget -q -O - http://whatismyip.org` should
<dou213> ifconfig only displays my internal ip
<dou213> i'm behind a router
<Deeeps> same way you do on windows then, query a page for your ip, or query your router
<Deeeps> i gave an example above
<Deeeps> one way to store the IP somewhere for a script to use, would be:
<dou213> Deeeps, y thx it worked ;) which would be the cmd to query the router?
<Deeeps> MYIP=`wget -q -O - http://whatismyip.org`
<Deeeps> dunno, depends on your router, read your router's manual to see if it provides any interfaces, otherwise you'd have to write a script to scrape the information out of it from http/telnet
<MadChopr> anyone have experience running Amanda server and client on Ubuntu 8.10?  I'm, wondering if I should install xinetd like this tutorial for Ubuntu 6.06 says: http://ubuntuforums.org/showthread.php?p=2470030  (it's the closest thing I can find to a tutorial on how to configure Amanda on Ubuntu.
<ivoks> i use bacula for backup
<mathiaz> hi ivoks !
<ivoks> mathiaz: hi
<ivoks> mathiaz: have you played with python-ldap in intrepid?
<ivoks> i think that's really broken
<MadChopr> ivoks: yea, that's what i noticed was the native backup in Ubuntu... for some reason i'd rather wrestle with amanda.. maybe because i'm an idiot
<mathiaz> MadChopr: FYI bacula is the supported backup solution in Ubuntu (it's in main) while amanda is in universe.
<mathiaz> ivoks: I haven't.
<MadChopr> mathiaz: thank for stating that... again, i don't know why i'm trying to use amanda, maybe because i'm an idiot :P
<ivoks> i get really strane errors with it
<ivoks> strange
<MadChopr> mathiaz: i'm afraid that bacula isn't as scalable as amanda for one thing.
<ivoks> simple import ldap, sys
<ivoks> and 'for arg in sys.argv: print arg'
<ivoks> spits out total nonsene
<ivoks> nonsense
<ivoks> but it doesn't if i start python shell
<mathiaz> MadChopr: how come it's not scalable? where would be the shortcomings?
<ivoks> MadChopr: that's really strange conclusion
<ivoks> MadChopr: bacula is far more flexibile :)
<MadChopr> mathiaz, ivoks: from reading about the comparisons people have made between the two packages.
<MadChopr> one of the arguments was that bacula uses mysql, and amanda uses postgres;
<ivoks> lol
<ivoks> bacula uses sqlite|sqlite3|mysql|postgre
<ivoks> whatever you want
<MadChopr> ah didn't realize
<ivoks> amanda doesn't do backups over two tapes
<ivoks> it can't continue backup on another tape, when one is finished
<ivoks> only that makes it pale comparing to bacula
<MadChopr> can bacula do many backups to one tape?
<ivoks> yes
<mathiaz> ivoks: your python script example works well here
<ivoks> mathiaz: which version is that?
<MadChopr> thanks ivoks, maybe i'm convinced...
<mathiaz> ivoks: http://paste.ubuntu.com/111760/
<mathiaz> ivoks: on intrepid
<ivoks> odd
<MadChopr> does bacula support windows98?
<MadChopr> as a client?
<MadChopr> i should join #bacula
 * jmedina uses bacula with a tape library with 16 tapes
<ivoks> mathiaz: http://paste.ubuntu.com/111761/
<ivoks> mathiaz: :)
<ivoks> MadChopr: it suppports windows
<MadChopr> ivoks, thank you
<mathiaz> ivoks: /home/ivoks/ldap.py <- ??
<mathiaz> ivoks: File "/home/ivoks/ldap.py", line 8, in <module>
<MadChopr> ivoks: is there a irc channel (looked on efnet and freenode and find nothing)
<MadChopr> atleast in #bacula
<ivoks> mathiaz: right... and there's no 8 lines in the file :)
<mathiaz> MadChopr: http://bacula.org/en/
<MadChopr> nevermind, i'm an idiot
<jmedina> :)
<jmedina> is there anything similar to redhats chkconfig?
<mathiaz> ivoks: what's the content of /home/ivoks/ldap.py ?
<jmedina> I like to use chkconfig --list servicename to get a list about runleves this services is configured
<ivoks> aaaaaaaaaaaarrrrrrrrrrrr /me stupid
<ivoks> mathiaz: right.. it imported ldap from current directory :)
<ivoks> instead from library :)
<mathiaz> jmedina: there is a chkconfig package in intrepid
<MadChopr> do you guys have bacula configured with MySQL or Postgre ?
<ivoks> i have with mysql and sqlite
<ivoks> but i've tested with postgre
<MadChopr> okay
<jmedina> I always used with mysql  under slackware, gentoo, centos but in ubuntu I use sqlite
<MadChopr> thanks ivoks and jmedina
<jmedina> I have a howto (in spanish) about bacula, it is the implementation for a customer
<jmedina> but there is no better documentation than the official
<MadChopr> nice, i'll read through the ubuntu docs and the official... apt-get remove amanda'ing right now
<ivoks> bacula in ubuntu is works-out-of-the-box :)
<jmedina> ivoks: yeap I like that, and with dvd support integrated :D
<ivoks> jmedina: you use bacula in ubuntu?
<jmedina> ivoks: yeap, in dapper and hardy
<ivoks> so, how do you like it in hardy?
<ivoks> there was an update recently
<jmedina> ivoks: ti works fine, here is backing up only 4 servers, but with a customer is backing up 1 centos, 1 gentoo, 1 ubuntu, 2 windows (sap dbs) and about 50 linux desktops
<jmedina> I only remember a bug about the catalog
<jmedina> with another customer backing up 30 xen vm machines
<ivoks> which bug?
<jmedina> there was a but about the script that generates the catalog, I think it was something about permisions to the database
<ivoks> oh, right
<jmedina> im not sure, it was probably a year about
<jmedina> ago
<ivoks> that was fixed
<ivoks> path was wrong
<ivoks> but that was only with our new catalog-backup script
<jmedina> I only use hardy as server
<jmedina> yeap, that one
<ivoks> which catalog backup script do you use? ubuntu's awk or bacula's default?
<jmedina> ivoks: you are ubuntu developer?
<ivoks> we ship ubuntu script by default
<jmedina> ivoks: afaik awk
<ivoks> jmedina: i'm watching over bacula in ubuntu
<jmedina> good I still remember a but that created a 644 file in / in edgy or something
<ivoks> so, i'm interested in how people use it or do they use it at all
<jmedina> s/but/bug/
<ivoks> since we don't get lots of feedback
<ivoks> 644?
<ivoks> i think edgy didn't have bacula supported
<jmedina> a file or dir named 644 or 755 in /
<ivoks> iirc, we support bacula since 7.10 or something like that?
<jmedina> well not sure if was edgy, I was backporting bacula from edgy or feisty to dapper
<jmedina> I think 1.39 was introduced in edgy
<jmedina> not sure
<ivoks> right... real bacula clean up was in 8.04
<ivoks> that was first release with supported bacula, iirc
<jmedina> ivoks: what you mean with "supported" in main?
<ivoks> yes
<jmedina> ok
<jmedina> ivoks: I hope you can help me with this doubt
<jmedina> can I get a list of the packages I have installed from universe repository?
<ivoks> with some scripting, yes
<jmedina> :S
<ivoks> i'm not aware of any program that can do that for you
<jmedina> I want to get a list because I need to know which packages are not "supported" and probably work with them to introduce it to main or something
<dayo__> MadChopr: u should also look at BackupPC: http://www.howtoforge.com/linux_backuppc
<MadChopr> dayo__: thanks will look into it... why did you mention it?
<dayo__> MacChopr: u thought u were talking about bacula for creating backups?
<jmedina> ivoks: where can I suscribe to see bacula changes?
<ivoks> in ubuntu?
<ivoks> there's /usr/share/doc/bacula-*/changelog.gz :)
<jmedina> :D, mm I was thinking about pending bugs, new proposed changes and like that
<maxb> jmedina: grep-status -sPackage -FSection universe
<ivoks> on launchpad
<jmedina> maxb: ?
<ivoks> https://edge.launchpad.net/ubuntu/+source/bacula
<maxb> 17:02 < jmedina> can I get a list of the packages I have installed from universe repository?
<jmedina> but what you mean with that sentence?
<dou213> hey guys, i want to restrict on my ssh-server the connection-attempts to 3... how can i do it? in /etc/ssh/sshd_config maybe "MaxAuthTries 3" ?
<dou213> i know about fail2ban, just wandering if it is possible this way too
<jmedina> dou213: that wont stop attackers
<jmedina> or robots
<jmedina> they can retry auth
<dou213> jmedina, u mean "MaxAuthTries 3"?
<dou213> or fail2ban?
<jmedina> maxaut..
<dou213> hmm... damn, so fail2ban is better yes?
<jmedina> well I better change the port and only allow key based auth
<jmedina> with that I forget about brute force attacks
<ScottK> dou213: You can do it in iptables.
<dou213> ScottK, how?
<jmedina> that is another option with the LIMIT target
<dou213> thx jmedina
<jmedina> match
<ScottK> yeah.  that
<dou213> dunno what u guys are talking, maybe some insight? :)
<dou213> or preferable documentation links
<jmedina> dou213: http://www.cyberciti.biz/tips/howto-limit-linux-syn-attacks.html
<jmedina> that is using iptables using recent match and limit
<jmedina> and here another http://www.debian-administration.org/articles/187
<jmedina> there is also the port knocking option using iptables :D
<jmedina> I implement it using shorewall
<dou213> jmedina, thx for ur trouble
 * dou213 is reading..
<jmedina> maxb: where do I have to grep for those fields?
<maxb> I gave you an exact command line to run
<dou213> if i may ask, a good tutorial (one which you already checked out) to install a web server (apache) and database server (mysql) ? but pls make sure u checked it (followed it urself)
<_ruben> dou213: sudo apt-get install lamp-server^ ... done .. apache2+mysql+php all ready to go
<dou213> _ruben, nice tutorial :D:D
<dou213> ok thx
<jmedina> taskselect and select LAMP
<_ruben> which is the same
<dou213> thx, i was kinda looking for something like this: http://www.howtoforge.com/perfect-server-ubuntu-8.10
<dou213> was interested if anyone has followed such a tutorial and can recommend one
<domas> perfect ubuntu server runs just mysql!!!!
 * ScottK is fairly certain anything perfect doesn't have mysql in it.
<dou213> i've unleashed pandora's box :P
<domas> :(
<domas> usually people who have never properly used mysql say so! :)
<domas> \o/ found some fedora box, deadlocked immediately: http://p.defau.lt/?N82mJbAJ31bLoJBb5lbNmA
<Deeeps> jmedina: tasksel*
<jmedina> maxb: thanks, I thought grep-status was mispelled
<ScottK> domas: I am not a SQL/RDBMS heavy weight, but I've work on projects with people that were.  Pretty universally they prefer Postgresql.
<dou213> guys, would it be safe to remove apparmor?
<domas> dou213: yes. no.
<dou213> in the tutorial i sent u, they advice to do that
<domas> ScottK: :) my major field is web database heavyweights
<domas> ScottK: there PG is nonexisting, and MySQL is everywhere
<jmedina> one of my customers have a 800GB DB and they use postgresql
<dou213> domas, so it depends...
<domas> dou213: nothing will break, though security will become a bit worse :)
<jmedina> they said they tested everthing even running psql under aix, but it performed better under linux
<ScottK> dou213: Why do you want to do that?
<domas> well, some our customers have thousands of mysql servers :)
<dou213> ScottK, it's an advice i've read on this tutorial : they say if not removed, ISPconfig won't work
<domas> dou213: doesn't make sense...
<domas> dou213: by default there're nearly no apparmor profiles
<domas> only few packages come with those
<dou213> kinda thought that too ... that's why i asked
<domas> damn, I was forced to deploy vanilla kernels, now don't have apparmor :(
<domas> on database boxes
<domas> no need, of course %)
<dou213> http://www.howtoforge.com/perfect-server-ubuntu-8.10-p3 ---> at the end
<domas> dou213: I can certify that guide author is an idiot!
 * domas ducks
<domas> a) it is very easy to find out when apparmor blocks anything, because thats what audit logs are for
<dou213> shit :(
<domas> b) apparmor is one of best security practices out there for net-facing systems
<dou213> hmm... domas, if i wanna reinstall apparmor as it was before: sudo apt-get install apparmor apparmor-utils ?
<domas> I understand managing selinux is way more complicated
 * kees loves apparmor
<domas> kees: you're security engineer, you have to.
<kees> domas: hah, no, plenty of people hate AA.  :)
<domas> kees: I'm working now on a project to wrap whole codebase into proper AA profiles, with proper hats, etc
<jdstrand> not me!
<maxb> Urgh. The guide author is doubly silly for recommending manual use of update-rc.d
<kees> domas: nice!
<jdstrand> I <3 AA
<domas> kees: well, 'our codebase' in my hobby project
<kees> dou213: your apt-get will re-install the AA tools, yes, but you need the kernel support compiledin
<domas> but it is huge codebase
<dou213> kees, that means?
<dou213> i already did : "/etc/init.d/apparmor stop
<dou213> update-rc.d -f apparmor remove"
<domas> anyway, apparmor makes sense when you use it
<domas> it will not do anything by itself
<domas> (except for few packages that put in profiles)
<dou213> oh so i get it i can remove it, since i won't use it
<domas> *shrug*
<dou213> without making the webserver and ssh-server insecure
<dou213> ?
<domas> let me show you an example of an apparmor profile
<domas> I'm not entirely happy with it yet, but..
<domas> http://p.defau.lt/?xovyedW457Rpz94srZHShg
<domas> you can see that for quite complex codebase I can narrow execution a lot
<domas> there're few other projects in mind to make this way more secure (like not use sh for PHP sub-process invocation, etc)
<kees> dou213: why did you disable it?
<dou213> to be honest, i don't understand very much about it, but it was interesting to see what u're working on...  :)
<dou213> want to install that ispconfig
<dou213> kees, maybe i can reverse it?
<kees> dou213: I highly recommend reinstalling it and leave it on.  if a profile gets in the way, you can turn off that profile with aa-complain
<kees> dou213: sudo apt-get install apparmor apparmor-utils; sudo /etc/init.d/apparmor start   (if it hasn't already)
<dou213> kees, that's it?
<kees> dou213: then "sudo aa-status" will show you want it's up to
<kees> dou213: yeah, if you have a normal Ubuntu kernel
<dou213> "update-rc.d -f apparmor remove" what did this cmd do and how can i reverse it?
<kees> dou213: though, since you did a "stop" you'll either need to restart the services it protects or reboot.
<maxb> dou213: It wiped out the initscript symlinks
<kees> dou213: that ripped apparmor's init logic out
<kees> dou213: "sudo update-rc.d apparmor defaults"
 * domas hugs 'px'
<dou213> ok very many 10x kees
<domas> kees: may I ask few private distro sec engineering questions ?
<domas> kees: how app vendors should do communication, etc
<dou213> sudo /etc/init.d/apparmor start ---> "Loading aa profiles - aa already loaded with profiles.: skipped." guess already loaded
<maxb> kees: Is defaults appropriate here? Don't you need to look up the actual params used from the postinst?
<dou213> kees, "sudo update-rc.d apparmor defaults" ---> System startup links for /etc/init.d/apparmor already exist.
<kees> dou213: use "sudo aa-status" to check on AA
<kees> domas: I'm not sure what you  mean
<kees> maxb: hm, good point.
<kees> dou213: "sudo update-rc.d -f apparmor start 37 S ."
<kees> er, no "-f", sorry
<dou213> "sudo update-rc.d apparmor start 37 S ."?
<maxb> But re-run "sudo update-rc.d -f apparmor remove" first, then run the command to put them back
<dou213> so ... first "sudo update-rc.d -f apparmor remove", then "sudo update-rc.d apparmor start 37 S ." ... syntax correct?
<domas> kees: I'm 'paying users' security officer at mysql, so it isn't entirely in my domain, but... what is the best way to approach all linux vendors with security problems, apart from logging into each of their bugs systems?
<maxb> dou213: yes
<dou213> thx u guys
<domas> kees: I'm sure distribution maintainers read our changelogs, but sometimes 'security improvement' may mean 'remote code execution avoided'
<kees> dou213: don't do the remove
<kees> dou213: ah!
<maxb> kees: But without the remove first, the second command will decide you have an existing config that it should not modify
<kees> dou213: if you have a security vulnerability issue, report it to vendor-sec@lst.de.  That's a private list of most (if not all) the distros
<dou213> kees, already did sry, what did i do wrong?
<domas> kees: ah, oki, writing down
<kees> maxb: true.  I'm not clear what problem is being solved :P
<dou213> ok thx
<dou213> i'm clear now
<dou213> :)
<kees> dou213: does "sudo aa-status" report that apparmor is loaded?
<kees> dou213: cool
<dou213> 'sudo aa-status' ---> aa is loaded
<dou213> u really helped me out ;)
<domas> kees: oh, I guess I'm even eligible for membership on the list :)
<dou213> which repositories i gotta activate to install lamp-server?
<ScottK> No extra ones
<dou213> E: couldn't find package lamp-server
<ScottK> It's not a package, it's a task.  Run tasksel
<MadChopr> gah.. i'm having a hard time with bacula  nonetheless
<MadChopr> i need a break
<yann2> bacula is really tough to setup :/
<MadChopr> thanks for the support :)
<yann2> well ask your question ;)
<yann2> I'm at the "i got my home backed up to the same pc" with bacula so not that far :)
<uvirtbot`> New bug: #323324 in mysql-dfsg-5.1 (universe) "package mysql-server-5.1 5.1.30-2ubuntu5 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/323324
<MadChopr> yann2: i have no clue really what's going on right now... but... i poked holes in ufw on 9101, 9102, and 9103... when i type 'bconsole' to 'label' my tape... it tries to connect to the 'storage daemon' on 9103, and fails... i've restarted both /etc/init.d/bacula-sd and bacula-dir and still no solution.
<yann2> check the passwords?
<MadChopr> i didn't really check the passwords, lemme check that out.. i just figured ubuntu automatically filled all that stuff in during the config
<yann2> my tests with bacula on hardy show that the packages are a mess, that the documentation is missing and that it is generally very complex
<yann2> yes ok
<yann2> if I get it to work I'll write something down I promise ;)
<MadChopr> yann2: good :)
<axisys> failed to install the ubuntu server on t1000 .. this is how far I came .. http://pastebin.com/d6718eeb4
<MadChopr> yann2: well, it looks like the passwords are in the right spots
<MadChopr> yann2: i just opened up the postgresql port (5432) still no movement forward.
<davertron> hi, anyone here can help out with a postfix install on intrepid?
<Bryan> is there a way I can get the original sources.list? I was an idiot and replaced my personal computer's sources.
<jmedina> Bryan: which version?
<Bryan> server 8.04 I do believe
<Bryan> eah
<Bryan> yeah*
<Bryan> 8.04
<Bryan> kernel 2.6.24-19-server
<jmedina> http://verde.e-compugraf.com/jm-confs/apt/hardy-server/
<jmedina> there is mine
<Bryan> Thanks :D
<Bryan> Okay, I have one more question. Is there an easy way to change the server in the sources (other than doing a replace in the file)?
<Bryan> Because there is a mirror here on campus, and I wanted to change it to that
<lamont> davertron: having said that, what is the issue?
<lamont> ScottK: doncha love content-free questions?
<lamont> hrm... was that my out-loud voice?
<davertron> i seem to be having issues setting up postfix
<davertron> i apt-get installed postfix, but then when i execute "netcat localhost 25", i see that i'm running Sendmail; if i then type "apt-get remove sendmail", it says it isn't installed
<davertron> i'm a bit confused :)
<lamont> it probably isn't configured
<lamont> dpkg-reconfigure -pmedium postfix
<lamont> wait.
<lamont> what tells you you're running sendmail?
<lamont> and what does 'ps aux | grep sendmail' say?
<ivoks> apt-get purge sendmail.*
<redvamp128> I was asked a question that I didn't know the answer-- Can ubuntu-server run putty?
<lamont> redvamp128: normally, we just run openssh-{server,client} rather than trying to run the windows implementation of the same....
<ivoks> putty is a client for ssh servers
<lamont> so if you're trying to use putty to get into an ubuntu-server install, you need to apt-get install openssh-server
<redvamp128> ahh ok
<ivoks> redvamp128: and, on questions starting with 'Can Ubuntu...', the answer is always 'Yes'.
<ivoks> :)
<redvamp128> What they want to do is get a system up cheap-- to replace what is in the motel
<ogra> Can Ubuntu send me ivoks to do my dishes ?
<lamont> ivoks: although sometimes a not-insignificant amount of coding is yet to be done...
<ivoks> Yes, it can
<ogra> lol
<ivoks> :D
<lamont> ogra: that's part of the fee-based program
<redvamp128> All it needs to do is the following-- Assign Ip addresses - over wireless- to dish out a web page a "E-host" page
<ivoks> ogra: for a small amount of $$$$$, you can get even ivoks doing your dishes
<redvamp128> I knew that ubuntu-server could do it-
<lamont> dhcp3-server
<ogra> lol
<ogra> ivoks, my GF loves you she says
<redvamp128> just when they asked -- will it have putty? I didn't know the answer
<ivoks> ogra: i wonder what would my gf respond to that...
<ogra> giggle
<lamont> and no, it won't have putty.  it'll have mother-of-putty :-D
<redvamp128> I had actually never heard of putty-- last server for dhcp I set up years ago-- running slackware
<ivoks> it's like asking if it would have volkswagen, while it's running porsche
<redvamp128> It is still running today-- for a network with 10 computers and 3 servers-
<ivoks> dhcp is quite stupid protocol
<ivoks> there isn't much to brake
<ivoks> that could be the reason why it's still running :)
<redvamp128> To laugh though it runs great on a PII slot
<redvamp128> 300mhz cpu and 128mb of memory and a 10 gig hard drive
<redvamp128> The current server has just had a bad memory lapse of what IP addresses it can assing and it is windows based.
<redvamp128> and also forgets it needs to give out the "e-host" page-
<redvamp128> Though I think on monday I will just tell them to go with the 3,000$ package which comes with a years worth of support. (instead of dealing with it myself) I am a maintenance man- at a Holiday Inn Express.
<redvamp128> I don't make enough to deal with all the hassles
<redvamp128> Thanks for the answers though..
<ivoks> i'll sell you support for 2000$ :)
<ivoks> oh, he left, darn...
<dou213> can somebody help me with mysqld ?? Error: http://pastebin.com/d2c1b4524
<ivoks> what did you do with mysql?
<ivoks> any special custom config?
<dou213> trying to install lamp
<dou213> so that everything works smooth
<ivoks> so, this is default install?
<dou213> *smoothly
<dou213> ivoks, yes
<dou213> http://www.zeroathome.de/wordpress/lamp-linux-apache-mysql-php/
<dou213> something like that
<dou213> tried it with lamp-server from taskel first, same error
<ivoks> so, you are on the first step for mysql?
<dou213> y
<ivoks> try this:
<ivoks> debconf_DEBUG=developer dpkg --configure -a
<ivoks> bah
<ivoks> DEBCONF_DEBUG=developer dpkg --configure -a
<ivoks> and paste output on pastebin
<dou213> http://pastebin.com/dd06ce46
<dou213> ivoks, or maybe if u have a working lamp tutorial (already tested by urself) i would really appreciate it
<ivoks> i just install apache2 and mysql-server
<ivoks> and that works
<ivoks> so, this tutorial isn't wrong
<ivoks> and it should work
<ivoks> check /var/log/syslog
<rene-> hello
<ivoks> it should have some info why it didn't start
<dou213> ivoks, can i send u in prv msg?
<rene-> i am using the asterisk provided package and i am seeing some issues with it, first, it tries to record to /usr/share/.... and there seems no way to change where is it record except with absolute paths, second, it wont play lots of gsm audios that other asterisk systems play just fine
<ivoks> ok
<rene-> appreciate all the help i can get on this one, i have ubuntu server 8.10
<ivoks> rene-: asterisk isn't quite supported yet, but you are welcome to report bugs
<ivoks> rene-: that would help us make it better
<ivoks> dou213: ps ax | grep mysql
<ivoks> dou213: and ls -dl /var/run/mysqld/*
<rene-> sure
<dou213> ls: cannot access /var/run/mysqld/*: No such file or directory
<hads> Use FreeSWITCH :)
<ivoks> dou213: how about ls -dl /var/run/mysql*
<dou213> ok returned something
<ivoks> what? :)
<dou213> *** 2 mysql *** 40 Sep 19 15:23 /var/run/mysqld
<dou213> the '*' are added by myself as substitution for sensitive data
<ivoks> disclose first ***
<ivoks> it should be drwxr-xr-x
<dou213> drwxr-xr-x
<ivoks> and the second is root
<dou213> lol :) yes
<ivoks> those aren't sensitive data
<ivoks> hm
<ivoks> open a terminal
<ivoks> run in it 'tail -f /var/log/syslog'
<ivoks> hit enter couple of time, so you would know when you started tracking logs
<ivoks> in other terminal run 'dpkg --configure -a'
<ivoks> and then paste all the logs somewhere
<ivoks> and, if you worry about sensitive data, send me a link over PM
<dou213> if u tell me there is no sensitive data, then i trust u
<ivoks> well, i can't tell that
<ivoks> just give me the link over PM :)
<dou213> paste it in pastebin y?
<ivoks> y
<dou213> could it be that some kind of socket is not existing?
<ivoks> socket is generated on start
<dou213> sent it 2 u
<ivoks> i asked if you have custom configuration
<ivoks> like, changed mysql variables
<ivoks> you changed mysql config and this isn't default install
<ivoks> then you should know that ubuntu comes with apparmor security framework
<dou213> oh ... sry, thought u mean something else with custom configuration
<ivoks> which doesn't allow mysql to write outside of designated places
<ivoks> easiest fix would be to put apparmor to complain mode
<ivoks> aa-complain /etc/apparmor.d/usr.sbin.mysqld
<ivoks> after that dpkg --configure -a will work
<dou213> aham, so either i keep the custom config or put aa to complain mode ?
<ivoks> or modify apparmor profile
<ivoks> it's easy to do it
<dou213> can u teach me how?
<ivoks> open /etc/apparmor.d/usr.sbin.mysqld in your favourite editor and dig in
<dou213> ok ivoks, thx v. much
<ivoks> dou213: once you put apparmor profile in complain, it stays that way untill you enforce it again
<ivoks> so, on reboots, everything is like you want it to be
<ivoks> good night
<dou213> ok it worked now, if i want to put apparmor profile in normal again (as it was before), will it interfere with mysqldaemon?
<dou213> oh
<dou213> ok
<dou213> thx very much
<ivoks> yes, it will
<ivoks> it will kill it
<dou213> :( hate it when it does that
<dou213> :D
<dou213> good night
<ivoks> then fix config for your custom settings
<ivoks> i told you how
<ivoks> and even where and what in private
<dou213> yeap
<ivoks> i don't know what else one can expect
<dou213> nothing more, my expectations were were surmatched
<ivoks> take care, bye
<dou213> u2 mate
<Omar87> How do I activate Mod_Python?
<jmedina> a2enmod?
<kansan> anyone know how to adjust /etc/ssh/sshd_config so that when a SSH connection is made on port 5000 (assuming you're already listening on port 5000), it gets forwarded to port 4000?
<jmedina> kansan: I think you need to create a ssh tunnel, which has noting to do with sshd_config
<rdw200169> kansan, yah, i think you
<rdw200169> kansan, are thinking of 'reverse tunneling'
<rdw200169> kansan, here's what i got first on a google search: http://lericson.se/docs/reverse-port-forwarding-openssh/
<kansan> ah
#ubuntu-server 2009-01-31
<Bryan_Sierra> so I accidently removed a program in /usr/bin and now I can't remove it from apt-get because it's saying that the dependencies aren' tmet :o is there a way to just remove it manually? (Other than going directory by directory)
<Bryan_Sierra> using apt-get*
<Bryan_Sierra> Anyone know?
<mdeslaur> Bryan_Sierra: try "apt-get --reinstall install PACKAGE"
<kansan> how do i make this command happen if my ssh connection ever goes down?  ssh chef-client@chef-server
<mdeslaur> kansan: you could use the "autossh" program
<kansan> hwo do i set an enviormental variable
<kansan> anyone familair with autossh program?  why doesnt it work when i do :  autossh -M 20000 ?
<uvirtbot`> New bug: #323409 in cyrus-sasl2 (main) "sasl2-bin broken, segfaulting during install" [Undecided,Confirmed] https://launchpad.net/bugs/323409
<kansan> how do i make:  autossh chef-client@chef-server ... run as a background process?  (i'm invoking it from /etc/rc.local)
<andol> kansan: autossh -f will put it in the background
<kansan> andol, whne i do that it eemse to 2009/01/31 02:10:06 autossh[2639]: ssh exited with status 0; autossh exiting
<kansan> its like it doesnt create a persistent background ssh connection
<kansan> like i asked it to
<kansan> however when i do :  audossh -M 20000 foo@server
<kansan> it works fine
<kansan> but i dont want to actually go there
<kansan> it doesnt work either when i do autossh -M 20000 foo@server &
<andol> kansan: when you do it manually, do you do it as the root user?
<kansan> yes
<kansan> i'm root when i invoke autossh
<andol> kansan: Well, then I don't know
<andol> kansan: This is the solution I used when I had to run autossh at system startup: http://www.andreasolsson.se/2008/08/27/etcinitdautossh_tunnelfoo/
<andol> (init-script)
<andol> Hmm, must be second of third time I mention it in this channel :)
<kansan> where do i put it
<andol> /etc/init.d/autossh.nameyouchoose
<kansan> and to invoke it?
<andol> kansan: To invoke it manualy: /etc/init.d/autossh.thename start
<kansan> why do you need autossh.thename
<kansan> why not just /etc/init.d/autossh
<andol> kansan: Because then you would only be able to have one autossh run from /etc/init.d
<kansan> isnt that what i awnt?
<andol> kansan: In your case /etc/init.d/autossh would probably do fine. I was thinking more on a general level.
<kansan> does all stuff in /etc/init.d get auto booted at startup?
<andol> kansan: No, you have active it first
<kansan> andol, how do i do that
<andol> kansan: An easy way to manage those scripts on a server is to install the package sysvconfig
<kansan> this doesnt work
<kansan> i cant enable/disable anything in this way :(
<kansan> hitting ok doesnt do anything
<andol> kansan: 1) start sysvconfig, 2) Move to Enable/Disable, presss enter, 3) Move to the services you want to change, toggle using <space>, 4) When you done, tab to <OK> and press enter, 5)Select Finnished <enter>, 6) Quit <enter>
<kansan> yes space works
<kansan> i thought i should hit ok
<kansan> i'm getting sleepy
<kansan> and making mistakes ;p
<andol> kansan: Go to bed then :) Actually that's direction I'm head towards. Feel free to ask follow-up questins tomorrow.
<arrrghhh> how can i ensure my ubuntu server isn't trying to steal my printer from my virtual machine?  suddenly the printer isn't available in the VM... i stopped the cupsd service but that didn't help.  should i stop samba too?
<arrrghhh> i can't umount a printer...
<kansan> when i try:   autossh -i /root/.ssh/chef_tunnel -p 24000 -nNT -R 6400:localhost:4000 chef-client@foo.dyndns.org ... then: telnet localhost 6400; i get Connection Refused
<cowmix> installing server off a USB key.. and its complaining about CDROM drivers after the keyboard setup.. is there a way around this?
<rdw200169> cowmix, you can try setting the debconf level higher and skipping the detect cd rom step
<guybrush> Greetings! I've compiled a custom kernel (2.6.28.2) on U8.10, applied the apparmor patches in order, but Apparmor is not loading. Can anybody give me some advice?
<orogor> hi , i did just enabled ipv6, but it seems that any site which allow to test if i am in ipv6 dont reconise me as connected via ipv6, could this be dues to the fact that ia m running iptables?
<Nafallo> orogor: no. ipv6 uses ip6tables
<orogor> Nafallo, i can t fiond such package
<Nafallo> orogor: it's not a package. it's a binary.
<orogor> huh ?
<Nafallo> which ip6tables
<orogor> returns nothing
<Nafallo> not all binaries have their own packages.
<Nafallo> have you got the package iptables installed?
<orogor> yes
<Nafallo> then you should have /sbin/ip6tables
<orogor> haa, sorry
<orogor> i typed which ip6table
<orogor> forgot thes
<orogor> forgot the s
<orogor> inet6 addr: fe80::20c:76ff:fe4f:13e6/64
<orogor> got an ipv6 adress with an fai with ipv6 support and no test site see me as a v6 host
<orogor> hoo, the ruleset for ip6table is different than iptables
<Tumie> Hi guys, i've got an problemm with my SSH connection with my server, i connect with the command "ssh <ip>" is this right ?
<andol> Tumie: That sounds about right. You might also have to specify username if that differs from the host your connection from.
<Tumie> andol: it is the same
<Tumie> i'm not logged in on the server, is that a problem maybe ?
<andol> Tumie: What is happening, and what do you expect to happen?
<Tumie> I want to connect with my Server (that has Ubuntu Server 8.10 on  it),, from my desktop (Ubuntu Desktop 8.10) in the terminal..
<Tumie> i only started the server up,, so i'm not logged in at the server itself..
<andol> Yes, but what is the respons you get when you run the command: "ssh ip-number" from your desktop computer?
<Tumie> WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!
<Tumie> and some other text
<Tumie> IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
<andol> Tumie: Reinstalled it rescently? Have you using ssh to connect to it before the reinstall?
<Tumie> I reinstalled the whole server yesterday
<andol> Tumie: That explains it :)
<Tumie> what to do about it ? (and reinstalling doesn't get rid of all the old files :O )
<andol> Tumie: When the server got reinstalled it also got new sshd-crypto-keys. That is why your desktop computer warns you, since it's a "new" computer on the old ip adress.
<andol> Tumie: It should be ok to remove the offending line from your ~/.ssh/known_hosts
<Tumie> their are 3 lines at that file..
<Tumie> all highly coded
<Tumie> i deleted all lines
<Tumie> it is working now :D
<Tumie> thanks :D
<andol> you'r welcome
<Tumie> hmmm.. webmin doesn't work,, yesterday it worked..
<hads> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<m4dm4n> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<Tumie> so, how do i delete webmin ?
<Tumie> BRB
<Tumie> How do i Fully delete Webmin ?
<Nafallo> Tumie: by not installing it in the first place.
<Tumie> I already installed it.... :|
<Nafallo> sorry if that's a bit unhelpful, but that's probably the best way of doing it...
<Tumie> and it is very annoying
<Nafallo> yes. webmin have a tendancy to be just that...
<Tumie> you are annoying..
<jpds> !webmin | Tumie
<ubottu> Tumie: webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<Tumie> jpds, i already know, that is the reason i want to delete it :)
<Nafallo> ehrm. I'm annoying cause I'm saying that I'm not aware of a way to completely revert what failmin have done... oh well. sometimes the truth can be annoying, that shouldn't kill the messenger.
<m4dm4n> Nafallo, your answer was anything but helpful.
<m4dm4n> if we go back in time, it would've been a great suggestion, but unfortunately.. we can't
<Nafallo> oh well. I'm stepping down from this discussion. I've already made my opinion clear, and that is that you can't revert webmin in any sane way.
<Nafallo> sorry if that isn't considered helpful enough.
<m4dm4n> "by not installing it in the first place" is what i can see... nothing about simply saying it cannot be done in a sane way.
<m4dm4n> but.. your welcome.
<Nafallo> logically that relates to the point I was trying to make :-)
<m4dm4n> yes, in a sarcastic way.. it wasn't really needed.
<Nafallo> wasn't mean in such a way, but text on IRC gets easily missinterpreted.
<m4dm4n> nevermind now though.
<Nafallo> agreed :-)
<mc68040> hi all, i need to setup a 8.04 lts server. how can i ensure to install/use only packages with support until 2013?
<ivoks> use only main repository
<mc68040> ivoks: i think in main are the desktop packages too. they are only supported until 2011
<ivoks> mc68040: don't use X librariers and you are fine
<ivoks> mc68040: basicaly, packages in main which don't require desktop, are supported for 5 years
<ivoks> does anyone know is it possible to mirror ports.ubuntu.com over rsync?
<mc68040> ivoks: ok, i assume thats true for hardy-security and hardy-updates too?
<ivoks> mc68040: well, only hardy-security and hardy-updates get changes
<ivoks> mc68040: no new packages are released in 'default' repository
<mc68040> ivoks: ups, you are right, i should think a bit before
<Nafallo> ivoks: tried rsync ports.ubuntu.com:: ?
<ivoks> Nafallo: i figured it out :)
<ivoks> 14:04 < ivoks> bah, just ignore me :)
<Nafallo> :-)
<ivoks> on #ubuntu-mirrors
<Nafallo> oh.
<Nafallo> damn cross-talker :-P
<ivoks> :)
<mc68040> ivoks: i would prefer a better way to ensure to use only packages with support until 2013, but thx for your help
<ivoks> mc68040: afaik, there's no better way
<ivoks> i guess adding aditional filed to debian/control could help
<mc68040> lol, had just the same idea :-)
<mc68040> or to split hardy into hardy-server and hardy-desktop...
<ivoks> and where would you put bash?
<ivoks> or udev, upstart, or... :)
<mc68040> in both of course
<ivoks> so, bash, supported for 5 years would be in hardy-desktop
<ivoks> but hardy-desktop is supported for 3 years
<ivoks> er...? :)
<mc68040> why not, nobody says that support on desktop must end 2011
<ivoks> well, it won't be that bad..
<ivoks> it ends in 2011
<ivoks> but in 2011 hardy-desktop could be removed
<ivoks> and that's it
<ivoks> but hardy-desktop-updates doesn't sound quite good
<mc68040> hmmm, so dont split but setup an additional hardy-server, hardy-server-updates and hardy-server-security?
<ivoks> that's not that easy as it sounds
<orogor> Nafallo, got ipv6 fully working , only issue seems to be that ip6tables on ubuntu doesn t like ulog
<mc68040> ivoks: why not? building Pacckage files from special package lists shouldnt be so difficult
<ivoks> mc68040: you are talking with a wrong person
<ivoks> mc68040: you should raise this quetions on ubuntu-server mailing list
<ivoks> i don't decide how archives are going to be organized; i just mirror them :D
<mc68040> i think ill do :-)
<ivoks> mc68040: for political point of view
<ivoks> canonical isn't the only company providing support for ubuntu
<ivoks> so, enforcing one companys 'rules' on ubuntu's archives doesn't sound quite fair
<ivoks> having additional filed in debian/control sounds much better
<ivoks> X-Supported by: Canonical 5 years, XYZ 10 years
<ivoks> or something like that
<ivoks> not that i have something against canonical :D
<Nafallo> orogor: kewl
<mc68040> hmmm, i think we want the same - even other companys will have an advantage if they could distinct the packages
<ivoks> for example, i watch over hylafax, since lots of my clients use it
<ivoks> it isn't supported by canonical
<ivoks> but my clients get regullar fixes, since that's software they really care about
<mc68040> you are right, there will always be packages that wont be supported by canonical
<ivoks> if we could achive that interested groups maintain package, a not core-dev and motus, then, i think, we could achive better quality of packages and even could set up 'supported' queues
<ivoks> s/ a / and /
<ivoks> whith core-dev having fully access to everything
<mc68040> i just dont want to minimize work, why should i watch a package if its still supported by someone else?
<ivoks> and motu to all stuf universe
<mc68040> lol -"dont"
<ivoks> you may have interest in pushing some changes
<mc68040> yes, thats what i want
<ivoks> common good is mixed of all individual interest
<ivoks> if that's correct word in english :)
<mc68040> but i need a solid, well supported base which i dont want to take care of
<ivoks> mc68040: 14:28 < ivoks> whith core-dev having fully access to everything
<ivoks> with
<ivoks> launch time... take care
<mc68040> ok, bye
<nomingzi> i have install a software (.pl) from terminal, and this software has it own services running. I would like to know how to check if the services are running fine.
<shally87> hi
<shally87> I need help on how to make my LAMP server run a live website
<shally87> IÂ´m noob here.. I just installed LAMP server with Samba and webmin to run on my pc
<Deeeps> !webmin | shally87
<ubottu> shally87: webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<shally87> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<shally87> then i have to uninstalled webmin right..
<shally87> I look around for the ebox..
<Deeeps> uh huh
<shally87> thanks deeps
<Deeeps> np
<shally87> i met with this
<shally87> WARNING: the eBox package released with Ubuntu 8.10 (Intrepid Ibex) is broken and cannot be installed. See bug #255368 for information and unsupported workarounds.
<uvirtbot`> Launchpad bug 255368 in ebox "ebox: Depends: libapache-authcookie-perl but it is not installable " [Undecided,Fix released] https://launchpad.net/bugs/255368
<shally87> so what am i going to do?
<shally87> do i need to install the 8.04 hardy?
<Deeeps> either use one of the unsupported workarounds as described in the bug report, or switch to hardy, or wait for jaunty, or use webmin
<shally87> hmm..
<shally87> i guess i use webmin for now..
<shally87> any manual for webmin on how to get started?
<Deeeps> no idea i'm afraid
<Nafallo> shally87: webmin is not really supported in this channel no. rather strongly discouraged.
<shally87> ok
<shally87> like that, then I have to change to hardy
<shally87> thanks for the help deeeps, nafallo
<barisha> i need help with exim4!
<dayo__> barisha: if they can't help u here, also check #exim
<dayo__> oops
<uvirtbot`> New bug: #323601 in likewise-open (main) "Upgrade to likewise-open 5 for Jaunty" [Undecided,New] https://launchpad.net/bugs/323601
<axisys> anyone here installed ubuntu on niagra chip ?
<axisys> for me it bombs out during disk detect phase http://pastebin.com/d2f76a5fd
<orudie> hi! how can install this ? lenny version of libc6 (2.7.18)
<orudie> hi, really need help on this, I need to make sure that i have lenny version of libc6 (2.7.18)
<uvirtbot`> New bug: #323627 in apache2 (main) "apache2 has ugly icons" [Undecided,In progress] https://launchpad.net/bugs/323627
<orudie> anyone ?
<orudie> please....
<orudie> hi, really need help on this, I need to make sure that i have lenny version of libc6 (2.7.18)
<orudie> hi, really need help on this, I need to make sure that i have lenny version of libc6 (2.7.18)
<syncrondi> sry, I'm not sure how
<ScottK> orudie: If you want the lenny version of libc6, you pretty well need to run lenny.
<ScottK> Swapping arbitrary versions of libc6 out from under the rest of the system is not a recipe for happiness.
<uvirtbot`> New bug: #323681 in openldap (main) "package libldap-2.4-2 2.4.11-0ubuntu6.1 failed to install/upgrade: package libldap-2.4-2 is already installed and configured" [Undecided,New] https://launchpad.net/bugs/323681
<shadowhywind> hay all I am running an ubuntu server, and trying to connect a 1.3TB ext3 partition (USB) everytime i try to mount, It freezes the console. is there any issues with the size of the partition?
<oomkiller> anyone familiar with the ufw syntax in before.rules to tell me how to forward a port?
<oomkiller> i have masquerading setup, but i can't figure out how to forward a port
<rdw200169> oomkiller, using ufw, right?
<oomkiller> yes
<rdw200169> hmm... i know how to do it with iptables
<oomkiller> well its essentially the same thing
<rdw200169> ufw is an abstraction layer on top of iptables
<rdw200169> ah, so you know
<oomkiller> yeah, i've read the wiki pages, just can't get a straightforward example for a port forward
<oomkiller> basically i think i need to -A ufw-before-forward ...
<oomkiller> but i don't know what goes after that
<rdw200169> well, good luck; i'm not gonna learn ufw b/c i already know iptables ;)
<oomkiller> rdw200169: can you tell me how to forward it in iptables?  i can translate it easily
<oomkiller> the real difference is a terser syntax, 99% of the rules are the same
<rdw200169> -A PREROUTING -i wlan0 -p udp -m udp --dport 20:21 -j DNAT --to-destination 192.168.0.201:20-21
<rdw200169> there's an example of how i forward udp ftp traffic through my desktop
<oomkiller> hmm ok
<oomkiller> what is -j DNAT?
<oomkiller> or more exactly, what is DNAT
<oomkiller> is that something built into netfilter/iptables, or is it something you have to write
<rdw200169> it's a NAT related target
<Deeeps> you'd also need to specify '-t nat' if operating from the command line, rather than in the :nat context already from the iptables-save output
<rdw200169> ah yes, right Deeeps i just used the iptables-save output
<Deeeps> DNAT - Destination NAT, port forwarding essentially
<Deeeps> redirects packets that match the previously given rules to the new target
<oomkiller> Deeeps: but thats not a another chain, its builtin, right?
<Deeeps> yep
<rdw200169> PREROUTING? yes
<oomkiller> ok lets see
<Deeeps> (DNAT too)
<oomkiller> the wiki page says that i should add the rules for forwarding to ufw-before-forward
<oomkiller> i guess thats it's version of PREROUTING
<rdw200169> ah, you need an explaination of how this whole mess works
<rdw200169> gimme a sec.
<oomkiller> btw, anyone know how to scroll up with irssi, without a mouse?
<Deeeps> page up key
<oomkiller> thanks
<Deeeps> alt+p and alt+n also if you haven't changed the default keybinds iirc
<rdw200169> ftp://greamin.com/Documents/Linux%20Networking/Firewalling/ipTables%20and%20EbTables%20Packet%20Flow%20in%20Linux.png
<oomkiller> Deeeps: do you know of a way to "check" the rules before loading them with ufw?
<Deeeps> no idea i'm afraid
<hads> Something like firehol's try would be cool though
<oomkiller> well i'm about to try it
<oomkiller> lets see if my rule works
<oomkiller> hmm, says problem with init script, how descriptive
<arooni-mobile> how do i make:  wget -r http://169.254.169.254/latest/user-data ..... safe to ./user-data instead of ./169.254.169.254/latest/user-data ?
<hads> -O or something, check the man page.
<arooni-mobile> -O is what i  used
<arooni-mobile> it seems to just write the log
<oomkiller> ahh, i think i see my error
<dou213> hey guys, although k1 is on tv, i'm sitting in front of my ubuntu-box :( ... trying to configure lamp to work properly, installed php -> now when i http://localhost/info.php it says to download the file ... i googled it, common error: the php-module isn't corresponding with apache, did do: 'sudo a2enmod php5'
<dou213> and nothing changed, still only option is to d/w the file
<dou213> any suggestions?
<hads> Restart apache
<dou213> hads, still only dw
<rdw200169> dou213, well, i have a LAMP server, but no info.php
<rdw200169> dou213, and it works fine w/PHP
<Deeeps> do you have libapache2-mod-php5 installed?
<rdw200169> me?
<Deeeps> whoever's having the problem
<rdw200169> ah, that's dou213
<rdw200169> dou213, did you use tasksel to install the lamp server?
<dou213> rdw200169, y
<dou213> rdw200169, initially, but because of problems i have encountered, i installed some additional packages on the way, couldn't say now which one
<dou213> Deeeps, dunno, w8 i check pls
<dou213> Deeeps, libapache2-mod-php5 already installed
<rdw200169> i dunno then; for me it has always 'just worked'....
<dou213> tryind to reinstall php, maybe prob will solve itself this way
<P4C0> hello, when someone logs in via ssh where can I see the ip? I mean in which log file?
<rdw200169> /var/log/auth.log
<P4C0> thanks rdw200169
<rdw200169> no prob
<dou213> rdw200169, you can see the ip there? r u sure?
<rdw200169> dou213, i can on my computer
<rdw200169> dou213, to make it easier to read, do 'cat /var/log/auth.log | grep ssh'
<dou213> rdw200169, yes you're right :)
<dou213> cool, didn't know that
<hads> grep ssh /var/log/auth.log
<rdw200169> hads, yeah, that'll do it too... i'm used to the old reliable cat | grep combo ;)
<hads> Yeah, when there's only one file involved cat isn't needed :)
<rdw200169> i may have to break out of my stubborn ways and use that...
#ubuntu-server 2009-02-01
<jtmoney> hey guys, for some reason i cannot log in to my box... either from ssh or from the console... when i type my login/password (which are correct), it doesn't log me in or give me an error message... it just displays the "Ubunutu 8.10 tty1" login screen again... i cannot log in from root because this is disabled
<jtmoney> (for root, it says "Login incorrect")
<jtmoney> ahh, here we are
<jtmoney> segault at 0 ... error 4 in pam_smbpass.so[7fe9b2219000+149000]
<hads> I recall seeing a bug for that.
<dou213> to completely uninstall apache+php+mysql(lamp-server)? 'sudo apt-get remove --purge apache2 php5 libapache2-mod-php5 php5-mysql php5-cgi php5-gd php5-mcrypt mysql-server phpmyadmin' ? how does it sound?
<jtmoney> https://bugs.launchpad.net/ubuntu/+source/samba/+bug/278617
<jtmoney> that's what i had
<uvirtbot`> Launchpad bug 278617 in samba "login crashed with SIGSEGV in dump_core() (dup-of: 260687)" [Undecided,New]
<uvirtbot`> Launchpad bug 260687 in samba "Purging samba breaks login (pam_smbpass.so segfaults)" [High,Fix released]
<jtmoney> dou213: that sounds about right
<jtmoney> is there no metapackage that you could remove --purge and then autoremove --purge?
<dou213> jtmoney, sry i don't understand ur question... metapackage is apache2 php5 and mysql-server i think, or not?
<arooni-mobile> i'm getting connetion refused on port 24000 (when i try to ssh) even though i've opened up the port on my router, and enabled port forwarding...... what gives?
<dou213> arooni-mobile, on port 24000 is running med-ltp
<dou213> define another port and try it again
<dou213> like port 24007
<dou213> be sure to port-forward the right port in ur router's cfg
<Nat_RH> Using an openvz VPS, anyone help me with a UFW issue?
<Nat_RH> "Problem running init script"
<Nat_RH> looks like maybe a IPv6 module issue or something
<faith> I have a ubuntu box with virtualbox(2.1.2) installed and I have a ubuntu-server image that running on virtualbox Is there a way to reach virtual machine's apache test page from the host machine
<captbaritone> ls
<faith> how?
<iverson0881> hello
<iverson0881> anyone talking here?
<ropetin> Nope
<Samma3l> im here, but I dont think ill be much use
<iverson0881> oh wanted to get some help with something server related
<Samma3l> I can try maybe, some help is better than no help
<ropetin> :)
<ScottK> iverson0881: You are more likely to get actual help if you ask an actual question.
<iverson0881> are there any good guides related to setting up openLDAP on ubuntu 8.04
<ScottK> Did you look at the Ubuntu Server Guide?
<ropetin> HowToForge usually has something you can work from
<ropetin> Although it's always a good idea to take it with a pinch of salt, and try on a test system first :)
<iverson0881> hmm I checked it out, but it would be very helpful if there was a way to manage all this throug some web gui
<ropetin> Webmin doesn't help?
<iverson0881> Is webmin compatible with Ubuntu's configuration files?
<Samma3l> when I run apt-get update, does that just update the package list or does it also check for updates for installed packages
<ropetin> Good question, no idea :)
<ropetin> Samma3l: aren't they they same thing?
<iverson0881> Samma3l: apt-get update would download the package list while apt-get upgrade will try to figure out what needs to be upgraded.
<ropetin> It doesn't tell you updates are available from the CLI, if that's what you mean
<Samma3l> ah thanks
<stiv2k> hello what packages are these in?
<stiv2k> You will need to ensure that Pear (http://pear.php.net) is installed on the machine that you are developing on, and that you have installed the MDB2 (http://pear.php.net/package/MDB2) Pear package.
<ScottK> iverson0881: ebox is the web gui for servers that Ubuntu supports.
<ScottK> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<Samma3l> I thought ebox was broken for 8.10?
<iverson0881> I'm using ubuntu 8.04 right now. As for ebox I'll check it out, i'm assuming it's modular, correct? I don't need a lot of the features it has.
<ScottK> It is modular.  I don't recall which ones got into 8.04.
 * ScottK finds vim is all the gui he needs for server admin.
<iverson0881> anyone here ever use YUI Compressor?
<stiv2k> what
<iverson0881> the Yahoo javascript,css compressor
<iverson0881> I noticed that jquery project just started using it for minifying and I have js files that need to be minified.
 * delcoyote hola
<Zerqent> I am having problem setting up libapache2-mod-auth-kerb in Hardy, the module works for authentication but causes apache2 to crash - tried it with basic auth and this does not happen) - (running a djangosite with mod_python, and apache2-mpm-worker if that mathers).
<Zerqent> apache2 doesnt crash, but it's children segfaults in what seems a random behavior
<simplexio> fun fun.. is it normal that rsync over nfsss4 mount causes huge load
<simplexio> load average: 22.39, 24.00, 23.57
<simplexio> not that i complain.. desktop is still responsive.. moust of time
<Zerqent> aha, not to recomend using libapach2-mod-auth-kerb with the mpm-worker
<Dark_Fire> Hello. Im trying to set up a PC that will share internet. I want a cache server. be able to block certain addresses, give limited Band Width to every account. Suspend accounts etc
<Dark_Fire> I was wondering if there is a program that I could use to monitor all internet activity etc.
<Dark_Fire> I want to set up a wireless network to cover quite a big distance. So I need it to be secure. Everyone in that area would buy internet from me with a certain bw. When that bw is exceeded the internet should be cut off until the next month.
<Deeeps> !router
<ubottu> Sorry, I don't know anything about router
<Deeeps> !nat
<ubottu> Sorry, I don't know anything about nat
<Deeeps> Dark_Fire: https://help.ubuntu.com/community/Router
<Dark_Fire> o ok, thanks :)
<Deeeps> Dark_Fire: https://help.ubuntu.com/community/SquidGuard
<Deeeps> iftop, iptraf may also be of interest
<Deeeps> secure your wireless using WPA(2) with an additional layer of clients needing to VPN
<Deeeps> additoinally, canonical provide commercial support
<Dark_Fire> thanks
<Dark_Fire> Should I use Ubuntu Server for this small task or is there another operating system that would be better?
<Dark_Fire> hwhats iftop and iptraf?
<Deeeps> apt-cache show <package> gives you information about a package
<Deeeps> as does packages.ubuntu.com
<Deeeps> as does www.google.com
<Deeeps> (in the event that a given application isn't in a package with it's same name, google's very useful!)
<Dark_Fire> hehe thanks
<Dark_Fire> Should I use Ubuntu Server for this small task or is there another operating system that would be better?
<Dark_Fire> Like normal Ubuntu or something?
<Deeeps> if you're only using a single server for all of this, ubuntu's a good option as most of the applicaitons you need are already compiled and packaged for the system
<Dark_Fire> ubuntu or ubuntu server
<Dark_Fire> ?
<Deeeps> same thing, essentially
<Deeeps> ubuntu desktop installs a gui that you shouldn't need, and a slightly different kernel
<Deeeps> ubuntu server doesnt install a gui, opting for more command line tools instead, and a slightly different kernel
<Deeeps> the rest of the packages are all the same
<Dark_Fire> o ok
<Dark_Fire> If I would have about 20-50 accounts what sort of computer would be sufficient?
<Dark_Fire> sorry for all the stupid questions :/
<Deeeps> try and see with what you've got
<Deeeps> see how it performs
<Dark_Fire> ok thanks :)
<uvirtbot`> New bug: #323918 in php5 (main) "php5 crashed with SIGSEGV in curl_global_cleanup()" [Undecided,Incomplete] https://launchpad.net/bugs/323918
<jdbrowne> Hello, reading various documentation, it seems that the way to create virtual machine under intrepid is to use vmbuilder from the package ubuntu-vm-buildeR
<jdbrowne> vmbuilder has an option '-c' for a config file and I am trying to guess the format of the file. Is there examples of such configuration file on the web?
<barduck> I need to create a user to run a daemon (doesn't need to have shell or login). Is there any special setting that I need to do or I just add the user with adduser and that's all ?
<aruetten> if you want that the user has no shell, can specify as shell with useradd /bin/false. this will prevent anybody to login and get a shell with this user
<barduck> thanks
<shally87> Hi...
<shally87> need help in installing LAMP server in ubuntu 8.10
<shally87> i use this command ; sudo apt-get install lamp-server^
<shally87> and i get this error
<shally87> dpkg: ../../src/packages.c:221: process_queue: Assertion `dependtry <= 4' failed.
<shally87> E: Sub-process /usr/bin/dpkg exited unexpectedly
<dayo__> shally87: sudo dpkg --configure -a
<shally87> i get this for that
<shally87> dpkg: ../../src/packages.c:221: process_queue: Assertion `dependtry <= 4' failed.
<shally87> E: Sub-process /usr/bin/dpkg exited unexpectedly
<shally87> sorry
<shally87> this one
<shally87> dpkg: ../../src/packages.c:221: process_queue: Assertion `dependtry <= 4' failed.
<shally87> Aborted
<dayo__> shally87: try this: sudo tasksel
<dayo__> and then choose LAMP
<shally87> ok
<shally87> tasksel: aptitude failed (100)
<shally87> do i need to reinstall my linux
<dayo__> shally87: damn that sounds bad. hang on.
<shally87> ok
<dayo__> shally87: can you paste the full error message to http://paste.ubuntu.com
<dayo__> and then post the link in here
<shally87> ok
<shally87> http://paste.ubuntu.com/112454/
<dayo__> just a minute
<shally87> ok
<dayo__> ok try this: sudo dpkg -r mysql-common libnet-daemon-perl libplrpc-perl libdbi-perl libmysqlclient15off libdbd-mysql-perl mysql-client-5.0 mysql-common mysql-server-5.0 libapr1 apache2-utils apache2.2-common apache2-mpm-prefork apache2 php5-common libapache2-mod-php5 mysql-server php5-mysql
<shally87> ok
<dayo__> shally87: and after that do this: sudo aptitude reinstall
<shally87> ok
<shally87> i get thi
<shally87> this*
<shally87> http://paste.ubuntu.com/112458/
<shally87> i guess i have to reformat to hardy 8.04 and install lamp again
<shally87> does this thing occur again?
<shally87> I'll be afk now..
<shally87> thanks
<dayo__> shally87: sorry about that. i was called away
<dayo__> try this again: sudo tasksel
<dayo__> shally87: and then choose LAMP
<shally87> ok
<shally87> all functioning now..
<shally87> thanks dayo_
<shally87> i'll continue tomorro
<shally87> need to sleep
<shally87> thanks a lot
<uvirtbot`> New bug: #324029 in openldap (main) "package libldap-2.4-2 2.4.11-0ubuntu6.1 failed to install/upgrade: package libldap-2.4-2 is already installed and configured" [Undecided,New] https://launchpad.net/bugs/324029
<redLAW> hello to all
<uvirtbot`> New bug: #319553 in network-manager (main) "No Wired Internet Connection in 8.10 (dup-of: 274069)" [Undecided,Incomplete] https://launchpad.net/bugs/319553
<Victor_Petrescu> hello
<Victor_Petrescu> I was forwarded here from an Ubuntu Doc.
<andol> Victor_Petrescu: I assume you have a question then? :)
<Victor_Petrescu> yes, I was waiting for you to say something ..
<Victor_Petrescu> basically I want to use the mail() function on PHP
<Victor_Petrescu> but I installed the server and ... ooops .. it doesn't work
<Victor_Petrescu> I've installed Postfix
<Victor_Petrescu> but .. nothing
<andol> Victor_Petrescu: I was just about to point out that you need a MTA like Postfix :)
<andol> Have you tried using Postfix directly?
<Victor_Petrescu> not sure how to do that
<andol> Victor_Petrescu: An easy method is to install the package mailx
<Victor_Petrescu> basically I need to read more
<Victor_Petrescu> mailx
<andol> Victor_Petrescu: That will provide the command "mail" which enables you to send an email directly from the cli on the server. Perfect when it comes to testing
<Victor_Petrescu> so basically from my shell I cannot send mail right now?
<Victor_Petrescu> it says now : No mail for victor.
<andol> That means that you dodn't have any incoming mail in your mbox.
<Victor_Petrescu> and I need to install mailx now
<Victor_Petrescu> yeah
<andol> When you have mailx install, try this command
<Victor_Petrescu> I tried sending email from my Yahoo
<Victor_Petrescu> still no email.
<andol> echo "Hello world" | mail -s "testing" you@yourdomain.tld
<andol> Victor_Petrescu: incoming mail is a slightly diffrent matter :)
<Victor_Petrescu> geez
<Victor_Petrescu> pop3 or something?
<andol> Victor_Petrescu: Actually postfix takes care of the recieving part. Just that it might need to be configured a bit diffrently, to listen on external ports.
<andol> Victor_Petrescu: but let us take this one step at the time :) The first step should be to get postfix sending mail, right?
<Victor_Petrescu> yes
<Victor_Petrescu> mailx emal@yahoo.com
<Victor_Petrescu> Subject ..
<Victor_Petrescu> how to change from subject to body?
<andol> by pressing return :)
<Victor_Petrescu> oh..
<andol> when you'r done writing, you finnish it of by pressing ctrl+D
<Victor_Petrescu> Null message body; hope that's ok
<andol> Now take a look in /var/log/mail.log
<andol> Victor_Petrescu: I would do something like: tail -fn 40 /var/log/mail.log
<Victor_Petrescu> I didn't receive the email
<andol> Then what does /var/log/mail.log say?
<Victor_Petrescu> Feb  1 16:55:55 ubuntu postfix/smtpd[5544]: fatal: parameter "smtpd_recipient_restrictions": specify at least one working instance of: check_relay_domains, reject_unauth_destination, reject, defer or defer_if_permit
<andol> Victor_Petrescu: How did you install postfix? Been modifying /etc/postfix/main.cf anything?
<Victor_Petrescu> well..
<Victor_Petrescu> can I uninstall it? I think it will uninstall mysql also
<andol> Just uninstall postfix shouldn't remove mysql.
<andol> Anyhow, you can always try and apt-get remove --purge postfix. Before it actually does the remove it will ask you if you really waaant to remove the packages it lists
<andol> Victor_Petrescu: Yes, if you want to reinstall clean you want to use the --purge, to get rid of the old configuration files.
<Victor_Petrescu> yeah, only I have more than 1 websites running mysql on it
<andol> Victor_Petrescu: Then do your experiments on another, less critical, computer.
<andol> Victor_Petrescu: If you want something to play around with I guess you could always set up a virtual server on your desktop computer?
<Victor_Petrescu> well .. can't really emulate the conditions
<Victor_Petrescu> I need to emulate the UBUNTU server, the DNS forwarding, everything
<Deeps> you can, there are p2v tools you can use to copy a physical machine into a vm container
<Victor_Petrescu> wow
<Victor_Petrescu> ok, hold on
<Victor_Petrescu> this server is hosted in another country
<Victor_Petrescu> I cannot copy everything in a decent amount of time
<Victor_Petrescu> and redirect the email dns etc
 * Deeeps reads up
<Deeeps> ah, if you're scared, do apt-get -s remove postfix
<Deeeps> -s means simulation
<Deeps> it'll tell you what packages will be removed, postfix should have absolutely no connection to mysql
<Deeps> ..but not actually do anything
<Deeps> remove never actually removes anything by default, always prompts you first with a list of all packages that will be removed
<Victor_Petrescu> what is postfix-mysql
<Deeps> apt-cache show postfix-mysql
<Deeps> will give you a package description
<Deeps> at a guess, it's mysql support for postfix
<Victor_Petrescu> yes, it is
<Victor_Petrescu> done
<Victor_Petrescu> no harm done
<Victor_Petrescu> websites running smooth
<Victor_Petrescu> still no mail function
<Victor_Petrescu> now ..
<Victor_Petrescu> install the default postfix?
<Victor_Petrescu> I mean .. done with remove --purge
<Deeps> if you didnt use --purge, the config files and such will still remain
<Deeps> ok
<Deeps> apt-get install postfix
<Victor_Petrescu> ok ..
<Victor_Petrescu> done
<Victor_Petrescu> now?
<Deeps> you also need php-mail i think
<hads> And probably some minimal configuration of postfix.
<garu> hi everyone
<Victor_Petrescu> hi
<Victor_Petrescu> installed
<Deeps> try calling mail() now, and then check your mail.log
<Victor_Petrescu> ok
<Victor_Petrescu> the tutorial said something
<Victor_Petrescu> about ..
<Victor_Petrescu> sudo dpkg-reconfigure postfix
<Victor_Petrescu> did the mail, not sending
<garu> can someone help me out here.I'm trying to setup a dhcp server on a virtual machine, and I have another server with ldap/kerberos servers on another virtual machine. I'm trying to install the dhcp server so that I can have the ldap/kerberos use it.
<Deeeps> Victor_Petrescu: sudo dpkg-reconfigure postfix; you want cofiguration type: internet site
<garu> would appreciate any insitghts on the matter or a good how to/tutorial!
<Victor_Petrescu> Feb  1 17:25:12 ubuntu postfix/smtp[6389]: 1907A22A48: to=<myemail@yahoo.com>,                                                                               relay=f.mx.mail.yahoo.com[209.191.88.247]:25, delay=0.68, delays=0.27/0.01/0.15/                                                                              0.26, dsn=2.0.0, status=sent (250 ok dirdel)
<Victor_Petrescu> but didn't receive it
<hads> It's all up to Yahoo
<hads> (who are terrible with mail)
<Victor_Petrescu> you mean it's working now?
<Deeps> on your server, yep
<hads> Yes, "status=sent (250 ok" shows you it's working
<Victor_Petrescu> yes..
<Victor_Petrescu> also shows something else ..
<Victor_Petrescu> :(
<Deeps> Victor_Petrescu: looks like it was sent from your box, so no problem there then. either yahoo's being slow, or it's in your junk because you've failed to do the mail headers correctly
<Victor_Petrescu> Feb  1 17:26:14 ubuntu postfix/smtp[6389]: 2869A22A4C: host a.mx.mail.yahoo.com[                                                                              67.195.168.31] refused to talk to me: 421 Message from (70.85.31.156) temporaril                                                                              y deferred - 4.16.50. Please refer to http://help.yahoo.com/help/us/mail/defer/d
<Victor_Petrescu>                                                                           efer-06.html
<Deeps> http://se.php.net/manual/en/function.mail.php
<Deeps> ah, there you go then
<Victor_Petrescu> I didn't do the headers
<Victor_Petrescu> I used a Wordpress plugin ..
<Deeps> read the url
<Deeps> explains the issue
<hads> Yahoo isn't fun to deal wuth.
<Victor_Petrescu>    1. the message you attempted to send exhibited characteristics indicative of spam,and/or
<Victor_Petrescu>    2. emails from your network have been generating complaints from Yahoo! Mail users.
<hads> No need to paste it here.
<Victor_Petrescu> I've sent 1 phrase.
<Victor_Petrescu> new domain..
<Victor_Petrescu> what spam?
<Deeps> ask yahoo
<Deeps> it's their mailserver policy you're battling against now
<Victor_Petrescu> gmail works fine
<Deeps> good luck!
<Victor_Petrescu> I guess drinks are in order
<Victor_Petrescu> thank you, I believe you'll be seeing a lot of me around here
<Victor_Petrescu> 1st day, 1st problem, 1st solution :)
<Victor_Petrescu> security question
<Victor_Petrescu> I only have postfix installed
<Victor_Petrescu> nobody but localhost should be able to use my server, right?
<Deeeps> yep
<Victor_Petrescu> ok..
<Victor_Petrescu> now
<Deeeps> except for mail thats being delivered to your box's domain
<Victor_Petrescu> any simple way to forward all incoming email to my gmail?
<Deeeps> dunno
<Victor_Petrescu> ok, how do I read my email than?
<Victor_Petrescu> all email on anything@domain.com
<Deeeps> it'll end up in /var/mail for valid users on the defined domain
<garu> I didnt even know I needed a dhcp server and a dns server.then I saw on a guide that I needed one. I wanted to have 1 debian server with everything on it.(1 ldap server, 1 kerberos kdc, 1 dhcp server and 1 dns server), and I'd have 2 other virtual machines, 1 with windows and another with linux
<Victor_Petrescu> ok, and anyone else?
<Deeeps> Victor_Petrescu: there are guides and howtos on the internet for how to setup and configure a mailserver, including on the ubuntu server guide
<Deeeps> !serverguide | Victor_Petrescu
<ubottu> Victor_Petrescu: The Ubuntu server guide may be found at http://help.ubuntu.com/8.04/serverguide/C/
<Victor_Petrescu> great, thank you
<Victor_Petrescu> the thing is, I've been reading from more than 1 source
<Deeeps> where possible, stick to the ubuntu documentation
<Victor_Petrescu> and expected it to work but I guess I didn't need all the bling bling
<Victor_Petrescu> will do
#ubuntu-server 2010-02-01
<tgraham> I have a fresh 8.10 server install on ESX4. I created an account during install, but I get Login incorrect every time I try to log in. Any clue?
<animeloe> anyone help get sudo+ldap working for me (ubuntu 9.10 server 64-bit)
<animeloe> got sudo-ldap and setup the proper ldap entries
<animeloe> it's still saying "sudo: no valid sudoers sources found, quitting
<animeloe> "
<Roxyhart0> hola amigos! I need to install openldap in ubuntu 9.10 and i can do using slapd.conf or the new kind of configuration (without slapd). I would like to know which do you recomend, I mean easy and no to much problems or bugs
<animeloe> use the new config
<Roxyhart0> thanks
<internalkernel> I'd like to receive logcheck emails from a workstation - I'm thinking Exim using a smarthost?
<internalkernel> Any opinions on this, as far as ease of configuration...
<TimReichhart> hey guys I am getting this error message: Can't locate IPC/Run.pm  what do I to fix that problem
<twb> apt-file search IPC/Run.pm
<twb> internalkernel: IMO you'd be better off telling all your workstations to send their logs to a central loghost, and running logcheck once, there.
<Roxyhart0> hi i am getting the problem Available database(s) do not allow slapcat
<Roxyhart0> someone know what is that...i has been tryed to configurate openldap and nothing work with the new version
<internalkernel> twb: these are remote locations... and may have sporadic connections...
<TimReichhart> twb when I did that I get apt-file command not found
<twb> TimReichhart: so install it.
<twb> internalkernel: OK, but FWIW rsyslog can send logs over untrusted networks.
<TimReichhart> twb how do I install it
<internalkernel> twb: I did not know that, I'll look into thanks...
<twb> internalkernel: that wouldn't address the sporadicity.
<twb> !grounding
<internalkernel> twb: hmmm, still it's an option I may consider...
<internalkernel> I am familiar with logcheck so went there first...
<twb> internalkernel: well, you'd still be running logcheck, just in a single place
<TimReichhart> twb any Ideas how to install it?
<twb> The other issue that will bite you is if the workstations run e.g. gdm, then only the workstations will get the gdm package's .ignore.d entries -- you'd have to manually import them into the server.
<internalkernel> twb: oh lord... cause the server would process the log files as it's own...
<internalkernel> fun
<twb> I still prefer it to getting hundreds of logs
<internalkernel> twb: It would also be best for me to be able to single out a machine that is having an issue...
<twb> YMMV, etc.
<twb> internalkernel: you get the IP or hostname (if the IP resolves) in each entry
<internalkernel> twb: ok, haven't used remote logging before... thanks again... I'll check it out...
<Roxyhart0> hi, somebody have a document to install openldap with ubuntu 9,10 .the how to in ubuntu doesn work
<twb> Roxyhart0: which howto?
<Roxyhart0> http://doc.ubuntu.com/ubuntu/serverguide/C/openldap-server.html
<TimReichhart> hey twb did you get my last 2 messages?
<twb> TimReichhart: yes.
<TimReichhart> twb any ideas how can I get this installed
<twb> Roxyhart0: I believe that's the right document.  What didn't work?
<Roxyhart0> i got a lot error messages, the last one is invalid credential (49) and the password is correct
<twb> Roxyhart0: the first error is usually the most important.
<Roxyhart08> that is the fist error (now)
<twb> Roxyhart0: I presume by "install LDAP" you really mean that you want to use LDAP to store Unix user accounts.
<Roxyhart08> unix and windows clients
<twb> I can't help you with Windows clients.  I think you set up Samba to authenticate to LDAP, and the Windows hosts to authenticate to Samba.
<Roxyhart08> yes, that is the second step, but i cant even install ldap
<Roxyhart08> i did before with old confgurations but with 9.10 i cant
<twb> Roxyhart08: you did "apt-get install slapd"?
<Roxyhart08> that is the first step...
<twb> Roxyhart08: and that failed?
<twb> Roxyhart08: your problem report is far from ideal.
<Roxyhart08> i followed the document how to and when i did 3rd step to add the back end.ldif i got invalid credentials error
<wizzy__> how do i restart networking interfaces in 9.10
<wizzy__> sudo /etc/init.d/networking restart doesnt work
<twb> wizzy__: might be an upstart job now.  They're in /etc/event.d or /etc/init
<wizzy__> i am getting error "SIOCADDRT : no such process failed to bring eth0
<twb> Roxyhart08: did you change dc=example,dc=com and olcRootPW?
<wizzy__> sudo apt-get update "failed to fetch...
<Roxyhart08> yes ...and also i did slappasswd
<Roxyhart08> i got a question...there are another how to: http://ubuntuforums.org/showthread.php?t=1313472
<Roxyhart08> which how to i should follow?
<twb> Roxyhart08: sorry, I don't have any more time
<animeloe> any ideas about sudo+ldap
<twb> animeloe: what about it?
<animeloe> s/about/regarding/
<twb> sudo just backs onto pam, like everything else.
<animeloe> ok
<twb> It doesn't care if the user is in shadow or ldap
<animeloe> hold on I'll give you the error I get
<animeloe> root@netbook:~# sudo
<animeloe> sudo: no valid sudoers sources found, quitting
<animeloe> that's what it gives
<animeloe> my nsswitch.conf is sudoers: ldap
<animeloe> my ldap.conf entry is: sudoers_base            ou=sudoers,dc=animeloe,dc=net
<wizzy__> i got questions with routers
<wizzy__> i cannot connect to the internet with my US
<wizzy__> i got server dd-wrt connected to modem and then di-604 which is connected to ddwrt
<wizzy__> server is connected to di-604
<wizzy__> i opened port 80 for di-604 in ddwrt
<wizzy__> and ports in di-604 for ubuntu server
<twb> animeloe: you're doing sudo differently to me.
<animeloe> how are you doing it?
<animeloe> I don't want an sudoers file
<twb> Default /etc/sudoers from 8.04
<animeloe> I've done it using ldap before
<animeloe> but for some reason it's not liking it on this particular version
<twb> Possibly with %sudoers or something in /etc/sudoers, and the "sudoers" group in ldap.  I don't remember.
<twb> I'm afraid I can't help with a /etc/sudoers-less setup
<wizzy__> even i opened all ports server is still not connecting to internet
<twb> wizzy__: talk to your dd-wrt provider.
<animeloe> well I was using 1.7.3 on the other
<animeloe> so I think I'll just upgrade it
<wizzy__> i know i am asking you people if its the right way i did it
<twb> wizzy__: I guess you're using NAT and need to add a DNAT rule to your firewall.
<animeloe> that's the easiest way
<animeloe> since I know it worked using the newer version
<wizzy__> well as long as i had dhcp address on server i could connect to internet
<wizzy__> while i changet static ip in /etc/network/interfaces it all stops
<twb> wizzy__: then you did it wrong.
<qman__> you need to have the correct default gateway and DNS entries, and the router in the front needs to allow you through
<qman__> some setups won't let you through if you don't get a lease from the router
<qman__> though that's an advanced configuration
<wizzy__> yea gateway and dns are from di server
<wizzy__> dd server is connected to modem , di router to dd and server to di
<qman__> the server should have an address in the di's subnet, and the di should be its default gateway
<wizzy__> yes it is
<wizzy__> di server adress is 192.168.0.1
<wizzy__> and dd adress is 192.168.1.1
<wizzy__> server interfaces are address 192.168.0.106 netmask 255.255.255.0 gateway 192.168.0.`
<qman__> if you are going to set a static address on the server, ensure you choose one that is not in the router's DHCP range
<qman__> 106 is in most routers' default DHCP ranges
<wizzy__> i had it on dd-wrt and was no problem
<wizzy__> i just added router btw dd-wrt and server
<wizzy__> and now its problem
<twb> qman__: since he's running dd-wrt, he can just ssh in and poke at it
<twb> But how to do so should be discussed on the dd-wrt channel, not here.
<wizzy__> ok ill ask them
<wizzy__> i jusst though nayone of you are using 2 routers
<wizzy__> *someone
<twb> wizzy__: unless those routers are running Ubuntu, configuring them is better discussed elsewhere.  We can still help you configuring networking on your Ubuntu host, of course.
<wizzy__> ok lets try maybe check my etwork interfaces
<wizzy__> maybe i did wrong somewhere
<wizzy__> cause it did work while on dhcp
<twb> wizzy__: did you statically assign the same address that you were allocated via DHCP?
<wizzy__> no
<twb> Try that
<animeloe> twb: nvm
<animeloe> I got it
 * animeloe mutters about not READING THE FUCKEN -V output properly
<twb> animeloe: what was the resolution?
<animeloe> sudo-ldap.conf
<twb> Heh.
<animeloe> I shoudl of known... but no.... I was being an idiot
<animeloe> well it's fixed now
<animeloe> lol
<twb> *should have
<wizzy__> ok here my scheme
<wizzy__> http://lh6.ggpht.com/_cXxRH_xn2yM/S2ZMrPCf8sI/AAAAAAAAArI/AzfeZ4GoJIs/s576/sceme.JPG
<wizzy__> ip of router 3 has open ports on router 2
<wizzy__> sever 4 has open ports on router 3
<wizzy_> anyone is here
<wizzy_> i didnt
<patdk-lap> wizzy_, how the hell is any of that support to even attempt to work?
<wizzy_> ??
<MTecknology> !info libpurple-facebookchat lucid
<ubottu> Package libpurple-facebookchat does not exist in lucid
<MTecknology> :(
<ruben23> hi what rae the types of load balancing a web server..? round robin and the other type i forgot..
<twb> ruben23: I imagine there's a wikipedia article covering load balancing theory in great detail
<MTecknology> how does $~a match unidentified?
<MTecknology> wrong chan*
<animeloe> any ideas why I get could not connect to any LDAP server as (null) - Can't contact LDAP server
<animeloe> could not connect to any LDAP server as (null) - Can't contact LDAP server
<animeloe> whenever I use sudo
<twb> Can that host's ldapsearch bind to the LDAP server?
<animeloe> yes
<animeloe> no problems
<animeloe> ldapsearch -x
<animeloe> works well (it's ssl mode though)
<twb> Then I dunno
<twb> You could try turning on debugging in some pam modules, and libnss (if nsswitch.conf supports debugging, I forget)
<twb> I'm also assuming you've already logged in correctly using an LDAP user account, and from that shell are running "sudo -l"
<ruben23> hi anyways how do i chek my ubuntu server for malware, adware and viruses..?
<animeloe> ldap_is_socket_ready: error on socket 4: errno: 111 (Connection refused)
<animeloe> wtf....
<twb> ruben23: is it a CIFS server?
<ruben23>  twb:i have one server using CIFS..
<twb> If it's not a CIFS server, then it has no malware, adware or viruses.
<twb> Unless you count stuff like Firefox as malware
<ruben23> twb:i have one ubuntu server, using CIFs
<twb> http://linuxmafia.com/~rick/faq/index.php?page=virus
<ruben23> im getting warning from opendns where my dns is pintede that--->  Malware/Botnet Activity Detected
<animeloe> your dns might be poisoned
<twb> Unless you've opened a gaping hole, like exposing sshd or php to the internet, that's more likely to be the Windows workstations sitting on your network.
<animeloe> found the solution twb
<ruben23>  animeloe:what you mean by that..?
<animeloe> just a bit of google :)
<animeloe> ruben23: someone took some poison and gave your dns cache a nice dose :)
<animeloe> ie. Look for the windows user who screwed up :P
<animeloe> :)
<NTFS> !OPS
<NTFS> !ops
<mrp> whenever i reboot my machine ufw doesn't start?
<TimReichhart> can somebody tell me how to update : DBI_DRIVER
<TimReichhart> anybody?
<TimReichhart> any body got any answers how I would get my DBI_DRIVER to work correctly
<kevinprince> Hi
<twb> If someone has a 9.10 or newer *desktop* handy, can you please tell me the output of this?
<twb> grep -i 1002954F /usr/share/xserver-xorg/pci/*.ids
<twb> I'd ask #ubuntu, but I think they're too dumb to know how to open an xterm.
<twb> Hm, maybe I can get the info out of a pbuilder chroot...
<incorrect> ipsec is so frustrating
<incorrect> i might just give up and use openvpn
<_ruben> ipsec can be quite annoying indeed ;)
<incorrect> shame the docs aren't exactly helpful
<incorrect> i am sure they are great if you don't actually need to read them because you know everything
<_ruben> incorrect: what are you trying to complish / which problems do you run into?
<kevinprince> Hello
<mrp> how do i install JeOS?
<mrp> option seems to be missing from 9.10?
<mrp> nevermind found it
<Kagarman> hello
<Kagarman> all
<Kagarman> helpme pliz&
<Kagarman> ?
<kevinprince> Hello
<Kagarman> The people what free file a server good for beginners? The file a server on ubuntu for users windows with access rights is necessary???
<Kagarman> kevinprince hi
<kevinprince> sorry looking for help myseld
<Kagarman> ??
<Kagarman> fak you Ð¿Ð¸Ð´Ð°ÑÐ°Ð·Ñ
<Kagarman> http://howtoforge.com/setting-up-proftpd-tls-on-ubuntu-9.10-karmic-koala
<Kagarman> 20:30	Kagarman	filezila server Ð¼Ð¾Ð¶Ð½Ð¾ Ð² Ð»ÑÐ½Ð¸ÐºÑÐµ ÑÐ±ÑÐ½ÑÐ¸ Ð¿Ð¾ÑÑÐ°Ð²Ð¸Ñ?
<Kagarman> filezila server it is possible in ubuntu  will put?
<Kagarman> http://filezilla-project.org/
<nano-> I have ubuntu server with libvirt, and it creates a virbr0, on a phony network, I want virbr0 to be my main network to give guests proper network. How do I accomplish this?
<nano-> I tried creating br0 in the interfaces file, and pointing the libvirt xml-files to that br0-device, but this resulted in no network (it seems like libvirt overwrote the initial settings and removed eth0 from the br ports)
<TimReichhart> can anybody tell me from this pastbin http://pastebin.com/m48b1fb44    how to fix that problem?
<Kagarman> Ð¸Ð´Ð¸ Ð½Ð° ÑÑÐ¹
<TimReichhart> anybody in this chat room or is it dead
<Reepicheep> TimReichhart: you didn't give us much info.. like for instance what app you are using..
<Reepicheep> but by the looks of it it looks like it is a perl app of some sort and you need to install a dbi
<Reepicheep> like maybe libdbi-perl or something
<TimReichhart> the app I am trying to install is freeside (billing software)
<TimReichhart> well I already got that libdbi-perl installed
<ball> I'm agonizing over 8.04 LTS Vs. 9.10
<ball> ...suppose I'll try 9.10 for now.
<ball> I can't seem to find .torrent files on the server download page though.
<patdk-wk> did you look under alternate?
 * ball can't even see an option for that on here.
<ball> Ugh.  This is frustrating.
<ball> Is there an alternate version of the server iso?
<RoyK> ball: the alternate cd_
<RoyK> ?
<ball> RoyK: ?
<RoyK> I just came in, what's the problem?
<patdk-wk> he was looking for the torrent files
<patdk-wk> now I dunno
<patdk-wk> there are 4 iso's now I guess, desktop, server, netbook, alt
<RoyK> ball: there is an alternate version of ubuntu, yes
<RoyK> patdk-wk: and alternate
<RoyK> erm
<RoyK> yes
<ball> RoyK: so there aren't separate alternates for desktop and server editions?
<patdk-wk> nope
 * ball ponders
<patdk-wk> there really isn't much difference between desktop and server
<patdk-wk> besides th edefault kernel, and desktop loads the gui
<patdk-wk> but you can always turn server into desktop, and desktop into server
<RoyK> yeah. desktop is mostly kernel with preempt and X running
<ball> Where should I look for .torrent files?  I can't see them on the server edition download page.
<Jeniczek> hi
<Jeniczek> hi bogeyd6 and jmarsden
<ball> Can Ubuntu Server install on a machine with just 128M of RAM?
<bogeyd6> hi Jeniczek
<Jeniczek> so guyz
<Jeniczek> latest news
<Jeniczek> Linux twinstar 2.6.26-2-amd64 #1 SMP Tue Jan 12 22:12:20 UTC 2010 x86_64 GNU/Linux
<Jeniczek> switched to debian
<Jeniczek> 6h of pain is over now ;)
<Jeniczek> but the results are not as expected :(
<jmarsden> ball: According to https://help.ubuntu.com/community/Installation/SystemRequirements  yes, but I'm not sure how old the info is.
<jmarsden> Jeniczek: It's more or less the same as on Ubuntu, right?  I thought that's what you would find.  As we discussed before the two kernels etc are very similar.
<Jeniczek> Actually the diff went down almost 2times, but its till high
<jmarsden> OK.  Better than nothing, then.   I need to go to work... probably back here in 11 hours or so...
<Jeniczek> jmarsden well, those diff changes are still very noticeable, so, it was worth it... the question is, what is the factor that helped and how to play with it more
<Jeniczek> hehe
<Jeniczek> have a nice workin day then
<Jeniczek> its almost night here
<jmarsden> Thanks...
<Jeniczek> bye
<bogeyd6> Jeniczek, sorry you are having so many issues
<Jeniczek> bogeyd6 well the question just is, where the problem is ;)
<bogeyd6> Jeniczek, i have a couple of problems on how you are approaching the issue and the reluctance to use known stable operating systems
<bogeyd6> ubuntu 8.04.4 with regular kernel or 9.10 with the rt smp (multi processor) kernel
<bogeyd6> you say you have a problem but you are aloof when it comes to nailing down a standard and sticking to it
<Jeniczek> well I tried the rt on 8.04 and it was a no go.... I have heard the the project has some issues on 9.10 and that it runs smoothly on debian, so my decision was logical and teoretically shoul have provide better results
<Jeniczek> well, g2g, later
<Jeniczek> bb
<spackest1> I am trying to use the uec store and need to specify a proxy and am not sure where to do it
<ball> I'll be back later.
<leonel-vaio> on your dns you can add an A record to point to your host on your lan
<leonel-vaio>  
<leonel-vaio> I guess we won't have PostgreSQL 9 on Lucid right ??
<ruben23> leonel-vaio:hi
<leonel-vaio> ruben23: ea
<ruben23> whats that..
<leonel-vaio> ruben23:  What ? PostgreSQL 9 ??
<ruben23>  leonel-vaio: wheres your place..?
<leonel-vaio> any thing to do with  PostgreSQL 9 ?
<wizzy_> hello
<wizzy_> its weird i am trying to install ubuntu-server and it just freezes
<spackest1> anyone using uec?
<wizzy_> its always halts on kernel_thread_helper ?
<wizzy_> \
<smoser> jkakar, one thing i wanted to alk to you about since you're here, and i'm thinking about it.  it seems that the landscape script that runs in sysvinit on lucid has high timeout... it makes my jobs that are installed by the boothooks at rc.local run very long after the rest of the system is up.
<uvirtbot> New bug: #515639 in cyrus-sasl2 (main) "won't compile in lucid - due to gcc 4.4" [Undecided,New] https://launchpad.net/bugs/515639
<guntbert> !md5sum | wizzy_ did you check?
<ubottu> wizzy_ did you check?: To verify your Ubuntu ISO image (or other files for which an MD5 checksum is provided), see http://help.ubuntu.com/community/HowToMD5SUM or http://www.linuxquestions.org/linux/answers/LQ_ISO/Checking_the_md5sum_in_Windows
<uvirtbot> New bug: #511335 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu5 failed to install/upgrade: " [Low,Incomplete] https://launchpad.net/bugs/511335
<wizzy_> i installed from same cd yesterday without problems
<wizzy_> i changed 3rd cdrom already , got 2nd clean install cd (burned with 16x)
<wizzy_> and still nothing
<mcas> hi why is my crontab in hardy not working probably? every line with test -x anacron doesn't work
<mcas> can anyone help me out
<uvirtbot> New bug: #515661 in mysql-dfsg-5.1 (main) "Mysql asked new root password when installing and chrashed" [Undecided,New] https://launchpad.net/bugs/515661
<uvirtbot> New bug: #480579 in mysql-dfsg-5.1 (main) "not able to install mysql on ubuntu" [Low,Invalid] https://launchpad.net/bugs/480579
<micahg> does anyone know if there's a PHP internals IRC channel?
<guntbert> micahg: try /msg alis list *php*
<micahg> guntbert: thanks, but no luck...
<guntbert> micahg: try /msg alis list *php* -min 10 (or skip 30)
<magic_1> still dont understand why ubuntu server doesnt come with proxy server
<uvirtbot> New bug: #386533 in samba (main) "samba config menu too big" [Undecided,New] https://launchpad.net/bugs/386533
<Disconnect> smoser: finally had to pull the plug on UEC. they should be embarrassed to tag it "ubuntu" and they should be viciously punished for trying to say "enterprise". thats gonna set ubuntu adoption back in a lot of shops (in favor of centos/rhel/etc)..
<smoser> ouch :(
<Disconnect> i'll happily adapt my writeup for a metabug report if you want it, but the last straw was when a clean reboot of the controller destroyed the cluster (sure, networking came back in a few mins, once it was running again. but thats bad too.
<Disconnect> we run >15Gbit total data at peak on the CAREFULLY SWITCHED gig-e backbone. there's no way nat/iptables/bridging/etc will get beyond 750mbit, no matter what the hardware or how creative the ruleset
<Disconnect> and now i need to go to the compute nodes and kill off all the kvm procs to get the vms stopped so i can start them again (with the corresponding reboot-loses-data bug, they all need to be reprovisioned as well)
<mdeslaur> mathiaz: https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures
<Disconnect> i'd have gone a lot farther with it if "no HA" meant "no single point of failure, but resources on a failed node are dead" (controller down? no administration till it comes back. had to make a new one? it can get its state from the compute nodes. maybe that takes a long time or has some other major flaw, but the important bit - the instances - keep working.)
<Disconnect> but anyway, i'm done ranting :) i'm just really frustrated and annoyed that i have to go to the datacenter this week (almost 100 miles away) to rebuild those boxes with our standard vm host config.
<nick__> hi !
<nick__> I've been reading documentation that says that installing gnome-desktop on my server is not a good idea, which seems fairly logical.
<nick__> My problem is that my server is too far from the access point to be able to use wired, and I was hoping that there was some way of getting it to automatically detect the network settings like it does when I use the desktop client.
<nick__> Or, if that isn't possible, is it possible to get it to use the network from a cross cable attached to my laptop? (they are both v. 9.10)
<nick__> Currently, it seems that my only option is to install the desktop or try to figure out how to configure the onboard wireless.
<nick__> was hoping that someone might have a pointer to give me... (just asking like it says in the title!)
<nick__> ...can I save network settings discovered by the live-cd desktop version and apply them to the server version?
<smoser> jjohansen, ping
<jjohansen> pong
<cleary> hi
<jjohansen> smoser: ?
<smoser> jjohansen, soryy.. dont need you for the moment.
<jjohansen> okay
<smoser> jjohansen, ok, now i would like to chat
<smoser> if you can find some time
<jjohansen> do you want me to come down?
<jjohansen> smoser: on my way
#ubuntu-server 2010-02-02
<mrp> ~is man installed by default in ubuntu serve edt?
<Pici> Yes
<mrp> hrmm seems to be missing on my install
<mrp> i did use minimal virtual install
<Pici> mrp: minimal is not the same as the normal server install.
<mrp> so it is missing man!?
<mrp> nathan@synapse:~$ man sudo_root
<mrp> -bash: man: command not found
<Pici> minimal is really minimal,
<mrp> so apt-get install man
<mrp> :D
<mrp> can't live without man :)
<mrp> is it easy to replace apache2 from a "lamp" install with lighttpd?
<mrp> without making a mess :D
<TimReichhart> could anybody tell me how I can create a simlink or cp from /usr/share/freeside/www  to var/www
<genii> mrp: This site describes an 8.10 LLMP install on ubuntu.. a post further in has some changes for 9.04 which may also be applicable to 9.10
<genii> mrp: http://chrisjohnston.org/2009/setting-up-a-llmp-stack-linux-lighttpd-mysql-php5-on-ubuntu-810
<mrp> genii: thanks, i did a lamp install on the installation so this looks good. :)
<ivoks> do we need to write MIRs for each perl module that we need? :)
<wweasel> Question guys: I'm running Ubuntu server on an old laptop. Periodically, it goes into some sort of suspend state, where it stops responding to ping/ssh, etc.. Touching a keyboard key instantly reawakens it. I can't seem to figure out how to disable this.
<jasonb> wweasel: Is it a Dell?
<wweasel> nope, eMachines.
<wweasel> I checked for any power management in the BIOS, and found nothing.
<jasonb> wweasel: You may be able to prevent it from falling asleep by starting it with the kernel argument "noacpi".
<wweasel> Also weird: while in this state, it doesn't keep the clock moving forward.
<wweasel> like, the system clock when I wake it starts keeping time from whenever it stopped
<wweasel> jasonb, noacpi sounds like a good idea. Is that to be placed in my GRUB config?
<jasonb> wweasel: Yes.  Probably exactly like you think it goes in there.. just another kernel argument.
<wweasel> jasonb, perfect, I got it. I'll wait and see if it works. Thanks for your help!
<jasonb> wweasel: You're welcome.  Now maybe your emachine won't be so tired.  :)
<mrp> should i use 64 or 32 bit for a virtual machine?
<twb> mrp: yes
<twb> Support for 36-bit words is limited.
<Xpistos> I have an NTFS drive that I want to convert to ext4, but I am not sure of the command. I think it should be something like "mkfs -c -t ext4 /dev/sdbX" as it is not the primary drive. I am not sure how to also give the drive a label as "data: Can some give me a hand?
<CrummyGummy> Hiya, is landscape server available to download somewhere or is it closed source?
<twb> CrummyGummy: AFAIK it's proprietary software.
<twb> Any pro-ufw weenies around?  I want a sales pitch.  In the near future I will be deploying an LTS router (hopefully 10.04, possibly 8.04), and it WILL require complicated rules (QoS, hashlimit/recent, xtables' port knocking, -j TARPIT).
<twb> I will either be using a hand-written iptables-restore file (via the iptables-persistent package), or ufw.
<twb> Why is ufw worth the extra complication?
<twb> !ops - tinyurl in /topic appears to have expired
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<twb> Xpistos: mkfs will lose any data currently on the drive.  Is that what you want?
<Xpistos> I cleaned it off first
<Xpistos> twb: thanks for the heads up though
<twb> Xpistos: the command you specified looks OK to me (I usually use mke2fs -j, but that gives ext3, not ext4).
<twb> Xpistos: /dev/sdb3 would be the third partition (3) on the second SCSI disk (sdb).
<CrummyGummy> twb: afaik its mosly for simple configurations. Personally I use shorewall but thats just me...
<Xpistos> twb: that was just a placeholder really I am not sure but I will fdisk -l before hand
<twb> CrummyGummy: I don't like abstraction layers -- I'm only considering ufw because it's the official ubuntu endorsed one
<CrummyGummy> from the man page
<CrummyGummy> "       ufw is not intended to provide complete firewall functionality  via  its  command
<CrummyGummy>        interface,  but instead provides an easy way to add or remove simple rules. It is
<CrummyGummy>        currently mainly used for host-based firewalls.
<CrummyGummy> "
<twb> Obviously I would not be using ufw's CLI
<twb> I would be editing the iptables-restore fragments in /etc/ufw/
<twb> Sorry, I should've made that clear.
<CrummyGummy> sounds like a mess waiting to happen. Just use you own iptables scripts.
<twb> Nod.
<Bergcube> I am trying to install Drupal6 following the hints at https://help.ubuntu.com/community/Drupal and http://ubuntuguide.org/wiki/Drupal6_tips. It /SEEMS/ to install as it should, but when I get to the step of opening the Drupal config in a browser I get nothing.  Any advice?
<twb> Bergcube: is drupal backed onto apache?
<twb> Bergcube: is it bound to port 80?
<twb> Bergcube: does nc 127.0.0.1 80 DTRT?
<Bergcube> twb~  Apache yes.  I assume it uses port 80 as I did a completely default install.  I use the real IP address of the server as I havent install any GUI...
<twb> 127.0.0.1 is a real address, and it belongs to your server.
<Bergcube> I know.  But I don't think Lynx is any use configuring Drupal so I want to use Firefox from ANOTHER machine.
<twb> As you said, you're ASSUMING that apache is working correctly.  Don't do that.  Check.
<twb> Where correctly = the way you want
<Bergcube> twb~  That is why I asked for help.  If I knew a good way to check I would have done so.  That is what needing help is about.  I will come back later when the snotty-factor is smaller.
<shocm> Bergcube: are you assuming it installed as the root web site or are you trying a URL with /drupal? What URL are you using and feel free to hide your real IP address
<shocm> Oops looks like I missed him
<twb> Apparently when holding newbies hands, I also need to offer candy
<shocm> LOL
<twb> Bergcube should lurk in #emacs, where I *don't* pull my punches.
<shocm> Looking at the article he was following, he probably just needed to restart apache. Doesn't seem to say that anywhere but he was changing config files
<shocm> Either that or he was hitting the wrong URL
<twb> shocm: can't you just SIGHUP apache2d or something?
<shocm> needs to be /drupal6
<RoyK> SIGMURDER
<twb> RoyK: you're thinking of RSHOCK and EOU
<twb> Er, rshock(8)
<shocm> I just throw it a sudo apache2ctl restart
<twb> You know your daemon is bloated when it needs a dedicated control program to talk to its socket
<nano-> I have ubuntu server with libvirt, and it creates a virbr0, on a phony network, I want virbr0 to be my main network to give guests proper network. How do I accomplish this?
<nano-> I tried creating br0 in the interfaces file, and pointing the libvirt xml-files to that br0-device, but this resulted in no network (it seems like libvirt overwrote the initial settings and removed eth0 from the br ports)
<nano-> What is the recommended way of making libvirts bridge device the main network connection of the server?
<Jeeves_> nano-: You can select a network interface on creation of the vm
<Jeeves_> if you created br0 with eth0 (if that's your default)
<Jeeves_> You should select that as bridge interface
<nano-> But libvirt will still setup an extra bridge device.
<Jeeves_> Yes
<Jeeves_> That doesn't matter
<Jeeves_> it has a default network
<nano-> Wouldn't it be better if libvirt, if it always sets up a bridge device, sets up the proper bridge device?
<Jeeves_> No
<nano-> ok :)
<Jeeves_> Because it creates a default closed lan for vm's to share
<nano-> So I just remove the default network from autostart then.
<Jeeves_> on which it can NAT all connections
<Jeeves_> nano-: You could do that, although it has little use, imho
<nano-> Well, I don't like unused stuff.
<Jeeves_> It's free :0
<beniwtv> Hi all... I have a server with KVM on Hardy (all updated) which got some network problems. In detail, the Cisco switch gets confused by the KVM setup. After much searching, I think it could have to do something with the bridge setup, but I'm not sure. I have two bridges in /etc/network/interfaces, all with stp disabled. Should I enable it? (they go to the same switch but different vlans)
<panter> hi all .. i have problem with configuration VSFTPd with enabled SSL .. when i set ssl_enable=YES server don't start ... without SSL there is no problem ... any sugestions?
<Jeeves_> beniwtv: What does 'show log' on the Cisco say?
<Jeeves_> panter: No error messages whatsoever?
<panter> Jeeves_: no error in any log file ...
<Jeeves_> panter: Is it a vm?
<beniwtv> Jeeves_: None, I just can't ping to any of the bridges from the office (the office is connected by vpn (pix)
<panter> Jeeves_: no .. normal server
<beniwtv> Jeeves_: But I can ping from other machines in the same network
<Jeeves_> beniwtv: A bridge is an ethernet thing, and doens't ping
<Jeeves_> beniwtv: Do you have your routes configured?
<Jeeves_> panter: Hmm, sorry. No clue.
<panter> Jeeves_: ok .. thanx
<beniwtv> Jeeves_: Well, you got me an idea there...
<beniwtv> (with routes)
<Jeeves_> ;)
<beniwtv> Jeeves_: Yeah it's a route problem. Stupid me for not looking into that first :-/ Thanks anyway ,)
<Jeeves_> np
<uvirtbot> New bug: #515949 in dhcp3 (main) "9.10 Karmic dhcp server could not be removed " [Undecided,New] https://launchpad.net/bugs/515949
<acalvo> ehlo
<Jeeves_> 220 Hi []
<beniwtv> Jeeves_: You have no capabilities! lmao :P
<Jeeves_> beniwtv: You're right
<Jeeves_> 250-SIZE 52428800
<Jeeves_> 250-PIPELINING
<Jeeves_> 250 HELP
<Jeeves_> Tadaa!
<beniwtv> better ;)
<freaky[t]> hi all. is there any good tutorial on how to secure an sshd ?
<beniwtv> freaky[t]: probably change port, use key based authentication and use iptables to restrict logins/sec
<freaky[t]> i mean stuff like restrict login to specific group etc.
<Jeeves_> beniwtv: Change port?
<Jeeves_> That saves you 2 seconds, and causes a lot of hassle
<mealstrom> freaky[t]: http://www.fail2ban.org/wiki/index.php/Main_Page
<beniwtv> Jeeves_: Maybe. But it does hold off the quick people just trying port 22 on random IP addresses. Anyway, I never open ssh to the world.
<freaky[t]> i know fail2ban thanks
<freaky[t]> thanks for the help
<RoyK> freaky[t]: http://www.cyberciti.biz/tips/openssh-deny-or-restrict-access-to-users-and-groups.html
<RoyK> or should I point to this? http://www.google.com/search?client=opera&rls=en&q=ssh+restrict+group&sourceid=opera&ie=utf-8&oe=utf-8
<freaky[t]> i googled too thanks ;D
<Roxyhart0> hi someone know how install heimdal/kerberos?
<alex_joni> https://help.ubuntu.com/community/NFSv4Howto
<alex_joni> http://packages.ubuntu.com/hardy/net/heimdal-kdc
<Schmidt> The doc and resources link does not seem to work...
<Roxyhart0> thanks alex_joni, the last one i didnt see before
<Schmidt> Here is a new one
<Schmidt> http://tinyurl.com/ubuntudoc
<Schmidt> should work
<uvirtbot> New bug: #516016 in openvpn (main) "[karmic] openvpn service starts before dhclient" [Undecided,New] https://launchpad.net/bugs/516016
<mealstrom> does anyone know how to enable/disable some gnome applets (keyboard layout indicator) from console or puppet or preseed file for specific user ?
<ivoks> ok
<bogeyd6> !desktop | mealstrom
<ubottu> mealstrom: A desktop environment is what "puts the pieces of a !GUI together". The available desktop environments in Ubuntu are !GNOME (ubuntu-desktop), !KDE (kubuntu-desktop), !Xfce (xubuntu-desktop), IceWM, !Fluxbox, WindowMaker (wmaker), FVWM and others - See also !Flavors
<bogeyd6> also, #ubuntu for gnome support
<mealstrom> nah, they don't know. anyway I've found the solution using gconftool-2
<mealstrom> now preparing puppet for this /
<mrp> does ubuntu server support virtio ?
<ivoks> as guest?
<mrp> yes
<ivoks> yes
<ivoks> modingo virt[tab][tab]
<mrp> coooool :)
<ivoks> modinfo
<mrp> i don't have vm running yet
<ivoks> filename:       /lib/modules/2.6.31-17-generic/kernel/drivers/virtio/virtio.ko
<ivoks> or LTS: filename:       /lib/modules/2.6.24-26-server/kernel/drivers/virtio/virtio.ko
<Schmidt> Any tips on where I can find a guide for network interface failover configuration ?
<Schmidt> As in, I have eth0 and eth1. I eth0 fails I want eth1 to take over the configuration.
<ivoks> ifenslave-2.6
<ivoks> or
<ivoks> ifenslave
<Schmidt> ivoks: Oh alright, I just instaleld ifenslave-2.6 :)
<panter> hi all .. is there anybody who has working VSFTPd with SSL on ubuntu server?
<uvirtbot> New bug: #516061 in php5 (main) "configure command line missing from phpinfo" [Undecided,New] https://launchpad.net/bugs/516061
<bogeyd6> panter, i am
<bogeyd6> panter, i followed this guide http://wiki.vpslink.com/Configuring_vsftpd_for_secure_connections_%28TLS/SSL/SFTP%29
<bogeyd6> this would also work
<bogeyd6> http://ubuntuforums.org/showthread.php?t=518293
<panter> bogeyd6, i don't have self-signed certificate ... i have certificate from StartSSL CA .. then i try use default certificate from config .. /etc/ssl/certs/ssl-cert-snakeoil.pem ... both with the same error ... 500 OOPS: SSL: cannot load RSA private key
<vraa> howdy folks, i have a ubuntu machine writing to a smb share on osol131, i get this error when rsync encounters a file which exists "rsync: failed to set permissions on "/home/vraa/Desktop/zfsshare/.": Permission denied (13)"
<vraa> however, if file does not exist, copy goes through perfectly
<vraa> from a windows7 machine i can do all file tasks fine, i can write, delete, and rewrite existing files
<bogeyd6> panter, check permissions on the key
<Omahn> ivoks: ping
<ivoks> Omahn: pong
<Omahn> ivoks: Hey. I just wanted to talk to you about your ha ppa.
<Omahn> ivoks: Everything has been working perfectly except ldirectord from the ppa.
<panter> bogeyd6, nop ... even when i set 777 it doesn't work .. i'll try different FTP server .... i'm trying few hours ...
<Omahn> ivoks: When I use ldirectord from the ppa and I try to add an ldirectord ocf resource in the crm, it fails. It works fine with 2.99.2+sles11r9-5ubuntu3 from the standard repo.
<ivoks> Omahn: i haven't tested ldirectord at all, keepalived is the tool we will use
<bogeyd6> panter, the gist of it is you can specify your own or by default it can use the one that ubuntu made
<ivoks> Omahn: ok, i'll check it out
<Omahn> ivoks: Cool, thanks.
<Omahn> ivoks: Everything else works perfectly.
<ivoks> Omahn: have you tried clustered file system on top of drbd with pacemaker?
<ivoks> Omahn: that's the use case we have to test (both ocfs2 and gfs2)
<ivoks> Omahn: i'll write guidelines
<Omahn> ivoks: Nope, although I can happily give it a go either tomorrow or Thursday, once the test case is ready :-)
<panter> bogeyd6, which one from ubuntu?
<bogeyd6> the snake-oil cert
<panter> bogeyd6, i got the same error with snake-oil ... thats strange ..
<bogeyd6> panter i suggest you start all over and go to http://ubuntuforums.org/showthread.php?t=518293
<ivoks> Omahn: hopefully, i'll have something tomorrow
<bogeyd6> dont try to fix it, just start from the beginning with a known working guide
<Omahn> ivoks: Cool. I'll run through the test case on Thursday then given our timezones.
<ivoks> ok
<panter> bogeyd6, it is working without SSL ... IMHO i have server configured corectly .. but when i set ssl_enable=YES server don't start ....
<ivoks> take care, see you tomorrow
<ivoks> it's time for snowboarding :D
<Omahn> ivoks: Enjoy!
<ivoks> thanks
<bogeyd6> panter, can you pastebin your config?
<panter> bogeyd6, http://pastebin.com/m71a3cf19
<bogeyd6> panter http://pastebin.com/m6b44e800
<bogeyd6> that should work with the snake oil right there
<panter> bogeyd6, the same error
<bogeyd6> impossible!
<bogeyd6> panter, ls -l /etc/ssl/certs/ssl-cert-snakeoil.pem
<panter> bogeyd6,  -rw-r--r-- 1 root root 607 2010-01-28 13:08 /etc/ssl/certs/ssl-cert-snakeoil.pem
<bogeyd6> panter, can you pastebin the full log?
<panter> bogeyd6, which one?
<bogeyd6> vsftpd.log
<bogeyd6> and then any relevant entires in /var/log/messages
<panter> bogeyd6, vsftpd.log is empty .. there is no error in any log ... this is crazy ...
<bogeyd6> where do you get the 500 message?
<panter> bogeyd6, when i run it in console .. with command ... when i try run vsftpd as service everything looks good ... it prints [OK] .. but server don't start ..
<bogeyd6> panter, on the ssl_ lines keep changing one to yes and rerunning the command
<bogeyd6> so like all no, start it, then 1 yes, start it, then 1 no, 2 yes then start it
<panter> bogeyd6, i set everything to NO ... server started .. i set only ssl_enable=YES .. server don't start .. what the hell is going on?
<bogeyd6> panter change force_local_logins_ssl=YES to =NO
<panter> bogeyd6, i set everything to NO ... server started .. i set only ssl_enable=YES .. server don't start
<bogeyd6> hm
<bogeyd6> panter, comment out the rsa_cert_file line
<panter> bogeyd6, it is crazy .. i'm not linux newbie .. and this is little curious ..
<panter> bogeyd6, when i commented out the line i get different error ... 500 OOPS: SSL: cannot load RSA certificate
<bogeyd6> k
<bogeyd6> thats the same error
<panter> bogeyd6, different text
<bogeyd6> go back to this http://pastebin.com/m6b44e800 and comment out the rsa_cert_file line and change the force_local_logins_ssl=YES to =NO
<bogeyd6> if it dont work you got yourself a bonafide bug
<panter> bogeyd6, http://pastebin.com/m60012761 ... actual config .. same error ..
<bogeyd6> panter, yah k, im stumped as well
<panter> bogeyd6, ok .. i'll try another FTP server ... if there will be the same problem there must be some bad waves :) .. and i'll try tomorrow
<bogeyd6> panter, out of curiosity what does this tell you "ldd /usr/sbin/vsftpd | grep libssl"
<panter> bogeyd6, i tried before 2 hours ... vsftpd is compiled with SSL support ...
<bogeyd6> kk
<neopsyche> hi.. i know its not necessarily the right channel.. but on a server running cpanel.. how can i create a password protected directory for my site.. so that it asks for 'username/login' on browsing to the site ?
<jjohansen> smoser, the ftrace kernel buffer is 128MB that would be why we can't boot on small images
<neopsyche> gotit thanks
<uvirtbot> New bug: #516150 in vm-builder (universe) "Can't create more than 4 partitions on one virtual disk" [Undecided,New] https://launchpad.net/bugs/516150
<jiboumans> ivoks, ping?
<magic_1> hey guys, just want to find out, i installed squid proxy, but i only see a user called proxy and not squid
<magic_1> would ubuntu change it
<jpds> magic_1: Maybe discuss it on the ubuntu-server mailing list?
<jpds> magic_1: It makes sense to me as it is right now.
<jpds> (why renamed www-data to apache? etc)
<zooko> Folks: I'm trying to spin up a new Amazon EC2 instance with Karmic. Is this the right channel?
<zooko> Is there a Karmic AMI hosted and vetted by Amazon?
<jpds> zooko: Yes.
<jpds> zooko: https://help.ubuntu.com/community/EC2StartersGuide#Getting the images
<zooko> Thanks!
<zooko> Oh, and in a related story, we just released Tahoe-LAFS v1.6 -- the Freedom-compatible cloud storage system.
<zooko> http://allmydata.org/pipermail/tahoe-dev/2010-February/003759.html
<zooko> Join #tahoe-lafs if interested.
<uvirtbot> New bug: #515740 in php5 (main) "Crash on using unitialized vals and __get/__set" [Low,Incomplete] https://launchpad.net/bugs/515740
<ruben23> hi, i have user on ubuntu-server name rubz, where i can find its .ssh directory..?
<osmosis> is there a guide for setting up SSL on apache?
<Elad> osmosis: are you trying to do https?
<osmosis> Elad, yes
<osmosis> dont see any howtos
<Elad> I think this is the guide I recently used : https://help.ubuntu.com/6.06/ubuntu/serverguide/C/httpd.html
<Elad> osmosis: I am assuming apache is already installed?
<osmosis> yes
<Elad> if you look in /etc/apache2/sites-available/ do you have a default-ssl?
<osmosis> i found the guide for 8.04 there
<osmosis> https://help.ubuntu.com/8.04/serverguide/C/httpd.html
<osmosis> Elad, no, dont see default-ssl there
<osmosis> i see 'default'  and i have some other sites configured
<Elad> if you run the 'sudo a2enmod ssl' I think that is what creates it there
<Elad> then you can use that as a template, for the domain, but you will still need to follow the guide to generate your certs
<osmosis> Elad, so there is a ssl package installed by default? i couldnt find a libapache-mod-ssl
<osmosis> "Module ssl installed; run /etc/init.d/apache2 force-reload to enable.
<osmosis> apache2-common
<Elad> looks like mod_ssl is in the apache2-common
<Elad> yes
<osmosis> Elad, i think i can do it from here with the guide. thx for the good lead
<Elad> good luck
<Elad> I just installed postfix+dovecot, how do I know what settings to set my mail server to in order to connect to it?
<ahasenack> I have a puppet question, I hope someone can help
<ahasenack> basically, I have a case statement
<ahasenack> and define a package in each of the possible outcomes of the case
<ahasenack> and further down, I reference that package
<ahasenack> let me paste
<ahasenack> http://paste.ubuntu.com/367785/
<ahasenack> the problem is that the last file bit is trying to set the ownership before the package is installed
<ahasenack> it's the package that creates the user
<ahasenack> the error I get on the client is "user foo does not exist"
<ahasenack> oh, fsck
<ahasenack> found it
<ahasenack> nothing like explaining it to someone else :)
<ahasenack> still a nasty ordering problem, though
<holic> hi i need to know how to get a program to auto start the program relies on mysql being already running
<Disconnect> ahasenack: also, #puppet might help :)
<ahasenack> Disconnect: yep, I'm there,thanks
<techsupport> how can i find out which java version I have installed
<Disconnect> java -version didn't work?
<Jeeves_> dpkg -l | grep java
<techsupport> well java -version doesn't really tell me if its version 5 or 6, look http://pastebin.com/m74b25b8b
<Disconnect> yes it does. java versioning is dumb. isn't 1.6 java6?
<ruben23> hi uncommenting any config means  removing the ";"   right..>?
<bogeyd6> Disconnect, yes
<Disconnect> ruben23: most of them yes. some use ; some use # etc. should be evident tho
<Disconnect> but its time for me to go home. everyone is afraid of the snow that might hit tonight so the office is getting deserted. i'll happily take advantage of that theme :)
<Bullterd> Hi All.
<Bullterd> Ive made a major boob and installed plesk 9.0.1 on a grsec kernel
<Bullterd> I need to change my kernel to a non grsec version ASAP
<Bullterd> can anyone point me in the right direction?
<techsupport> hi, is anyone familiar with OpenEMM ?
<uvirtbot> New bug: #512430 in geronimo-jta-1.0.1b-spec (main) "Sync geronimo-jta-1.0.1b-spec 1.1-1 (main) from Debian testing (main)" [Wishlist,Confirmed] https://launchpad.net/bugs/512430
<Knoxville> does anyone know what does the law state about using companies logos on a website?
<jim_ec2> error: internal error No device with bus 'ide' and target 'hdc'
<jim_ec2> when I try to attach an iso as a cdrom to a vm image
<jim_ec2> virsh -c qemu:///system attach-disk mydomain install-amd64-minimal-20100121.iso hdc --type cdrom
<jim_ec2> error: internal error No device with bus 'ide' and target 'hdc'
<jim_ec2> anyone know why i would get this error when attaching an iso as a cdrom?
<zooko> jpds: thanks for the help earlier. I'm now following this howto: https://help.ubuntu.com/community/EC2StartersGuide
<jpds> zooko: No problem.
<uvirtbot> New bug: #513842 in eucalyptus (main) "block-device-mapping in metadata has 'ephemeral' not 'ephemeral0'" [Low,Confirmed] https://launchpad.net/bugs/513842
<osmosis_> what is the purpose of  /etc/ssl/private/ssl-cert-snakeoil.key ?
<soren> osmosis_: It's the private half of a snakeoil cert.
<osmosis_> hey soren, are you heavily involved in the kvm virt for ubuntu?
<soren> osmosis_: Not as heavily as I used to be. At all :)
<soren> osmosis_: What's up?
<osmosis_> soren, I use it a lot. Would love to follow the changes and status more. Who is leading it up now?
<soren> osmosis_: kirkland
<osmosis_> soren, ok. is there a project site or something too I can check for info? where is the main place to follow along? irc meetings?
 * soren nods towards kirkland :)
 * kirkland waves at osmosis_ 
<osmosis_> kirkland: hi. an rss feed or wiki page for the ubuntu virt server project is basically what I am looking for.
<kirkland> osmosis_: a) #ubuntu-virt IRC
<kirkland> osmosis_: b) ubuntu-server@ mailing list
<kirkland> osmosis_: c) qemu-kvm package in Launchpad (subscribe to bugs/changes)
<osmosis_> kirkland: okay, good to know. i do hang out in ubuntu-virt, but i will load up those other sources too
<kirkland> osmosis_: d) my kvm blog posts ... http://blog.dustinkirkland.com/search/label/KVM
<osmosis_> great
<kirkland> osmosis_: i try to announce interesting stuff in that blog and tag them kvm
<kirkland> osmosis_: which shows up on planet ubuntu, the ubuntu-server aggregator, and the Canonical aggregator
#ubuntu-server 2010-02-03
<osmosis_> kirkland: works for me. ive been using kvm in production on ubuntu since hardy was released. Im currently running hardy with the latest kvm backports. Will be rebuilding my server farm with lucid later this year. But im doing a lot more work to improve my setup now, mostly through python scripting and stats tracking in mysql.
<kirkland> osmosis_: cool; it would be great if you could get some test cycles and give some feedback on lucid's qemu-kvm-0.12.2 package
<osmosis_> kirkland: might be able to do that. would be easier if recursive VMX cpu extension support in guests was available.
<osmosis_> nested
<osmosis_> Avi's blog says it might be available sometime this year.
<kirkland> osmosis_: for intel, yeah, it's in the works
<kirkland> osmosis_: works pretty well on amd for me
<soren> Nested VMX will be awesome.
<soren> Whoever manages to implements it deservers fortune and glory.
 * soren types quite poorly right now
<osmosis_> soren, an IBM team is on it
<soren> osmosis_: Oh, ok. I would have expected Intel to do it. Seems fitting that they'd do it themselves. It's their fault it's so complicated to do :)
<smoser> ttx, https://wiki.ubuntu.com/ServerLucidXc2#preview
<twb> VMX?
<twb> Oh, the x86-64 extension to for hardware virtualization.
<twb> How would "nested vmx" work?  It doesn't make sense to me.
<soren> twb: You would be able to run kvm inside a kvm.
<twb> How does that work architecturally?
<twb> i.e. wikipedia url plskthxbyegibberish
<eric_1982> I was wondering if some one could help point me in the right direction. I have not messed with managing Linux computers in a corporate environment. I am however, very familiar with windows administration tools such as WSUS, Group Policy, Active Dir..etc. Are there similar tools available to help manage several Linux computers, basically tools used to help administrate a linux enviroment? I would like to be able to define what updates
<eric_1982>   can be pushed out, lock down specific things, example apply a business background, map network drives..etc. Can any one supply me some names of some of these tools ect. Any information you can provide would be greatly appreciated! Thanks!!
<smoser> eric_1982, https://landscape.canonical.com/ is one.
<osmosis_> https://help.ubuntu.com/8.04/serverguide/C/httpd.html   is incomplete. If a user follows the instructions, it wont work.
<nijaba> kirkland: https://wiki.ubuntu.com/SquidDebProxy
<twb> osmosis_: file a bug against the server guide package
<twb> eric_1982: the term you want to search for is probably "change management".  Free implementations include puppet, chef and cfengine.  Landscape is canonical's solution, but it's server side is proprietary.
<eric_1982> Has any one used https://landscape.canonical.com/ ?
<eric_1982> Any thoughts on it
<eric_1982> It looks like it gives you heads up on updates
<twb> Puppet (or whatever) is useful if you have hundreds of workstations or dozens of servers, but if you only have a small office network it is NOT worth the hassle of setting it up and babysitting it.
<eric_1982> It doesn't appear to allow me to manage users and setting though
<twb> Where "small office" means one serevr and a dozen workstations.
<twb> eric_1982: for managing user accounts, you want OpenLDAP.  There's no useful, portable graphical UI for it.
<eric_1982> I will need to look into Puppet. Looks promising
<eric_1982> any one try gosa
<GuruSingh> hi
<Roxyhart0> Hi i im configurating openldap for ubuntu according th how to: http://doc.ubuntu.com/ubuntu/serverguide/C/kerberos-ldap.html. When i try to run the line: ldapadd -x -D cn=admin,cn=config -W -f /tmp/cn\=kerberos.ldif
<Roxyhart0> i got the error. ldap_bind: Invalid credentials (49)
<Roxyhart0> the password is ok. Any idea?
<GuruSingh> can anyone tell me how to copy all file from a another dir like /home/mint/desktop/ab to root at once time
<GuruSingh> can anyone tell me how to copy all file from a another dir like /home/mint/desktop/ab to root at once time
<GuruSingh> can anyone tell me how to copy all file from a another dir like /home/mint/desktop/ab to root at once time exampl: cp ./  /home/ubuntu/desktop/ab(folder)/*
<qman__> GuruSingh, -r
<Roxyhart0> Hi when I run the command : ldapadd -x -D cn=Directory Administrator,cn=config -W -f /tmp/cn\=kerberos.ldif
<Roxyhart0> i am getting error. should i write different this way? the error is ldap_bind: Invalid credentials (49)
<uvirtbot> New bug: #516430 in libapache2-mod-perl2 (main) "Please merge libapache2-mod-perl2 (2.0.4-6)(main) from debian squeeze(main)" [Undecided,Confirmed] https://launchpad.net/bugs/516430
<Roxyhart0> Hi i am installinf openldap on buntu and im getting this error: structuralObjectClass: no user modification allowed. any idea?
<uvirtbot> New bug: #516437 in mysql-dfsg-5.1 (main) "Try to install mysql-server and get hundreds of blocking 'logger: [-x] [-p log_facility] [-t tag] message' messages." [Undecided,New] https://launchpad.net/bugs/516437
<ivoks> ne treba na screenwideu
<ivoks> ups
<_ruben> gesundheit
<phretor> I am having some trouble setting up syslog. My application logs to local0, i.e., openlog("firelog", LOG_PID, LOG_LOCAL0); /*...*/ syslog(LOG_INFO, "foo");. In /etc/syslog.conf I put, on top of the other entries, local0.* /var/log/firelog.log
<phretor> however, all the messages get caught by another rule and I find them into /var/log/syslog - ideas?
<bthoraway> hello, stupid question. i am a little confused, need to put ubuntu-server on core i5 system,   proposed download contains  "amd64.iso"     is that referring to the chipset (x86 by amd)  because in kernel they make difference i386, i686 and amd64 ?
<Roxyhart0> hi im trying to use slapcat and i got the error that can't find the file slapd.conf (which is not any more) is is a bug in slapacl?
<Roxyhart0> sorry. im trying to do a ldapadd comand to add data form a ldif file and i am getting permision error. I would like to use slapacl but i dont know what is the exact command with the new slapd
<ivoks> sorry, can't help you' i still haven't dig into whole config in tree issue
<nimrod10> is there a way to redirect input from pts1 for example to the output of pts2 ?
<mealstrom> yes there is , ls > /dev/pts/2 smthing like this
<mealstrom> stdout
<alex_joni> cat < /dev/pts/1 > /dev/pts/2 ?
<alex_joni> that kinda works here.. I get one char on pts/1 one on pts/2
<mrp> what is the svn package?
<mrp> client
<_ruben> !info subversion
<ubottu> subversion (source: subversion): Advanced version control system. In component main, is optional. Version 1.6.5dfsg-1ubuntu1 (karmic), package size 364 kB, installed size 4188 kB
<Roxyhart0> hi, i am trying to follow the how to install openldap. After configure tha data base and start SASL/EXTERNAL authentication started
<Roxyhart0> i got the error: ldap_add: Insufficient access (50). any diea which could be the problem, i did exclatly that said the how to http://doc.ubuntu.com/ubuntu/serverguide/C/openldap-server.html
<sommer> Roxyhart0: are you using sudo?
<Roxyhart0> yes
<Roxyhart0> and also is when i do this kind of command using "EXTERNAL" i dont undertand what it means, i something with SASL
<Roxyhart0> when i do this command i get the error: No such object (32)
<sommer> Roxyhart0: what's the exact command you are using?
<Roxyhart0> yes
<Roxyhart0> sorry is this command: ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b cn=config dn
<sommer> Roxyhart0: what happens if you add a sudo in front of the ldapsearch?
<Roxyhart0> im working as root
<sommer> which release are you on?
<Roxyhart0> 9.10
<sommer> Roxyhart0: which step of the guide are you on?
<sommer> Roxyhart0: I'd also recomment using sudo instead of running as root, but either way :)
<Roxyhart0> it is : Further Configuration
<sommer> Roxyhart0: works for me... can you try using sudo with a non-root user?  just as a test
<Roxyhart0> ok
<Roxyhart0> same error
<Roxyhart0> maybe are the acl? or maybe i need to start slapd wih ldapii?
<sommer> you don't have it running with ldapi?  ps -ef | grep slap should show the slapd startup command
<sommer> if it doesn't have ldapi you can add it in /etc/default/slapd
<Roxyhart0> it shows me /usr/sbin/slapd -h ldap:/// ldap
<sommer> ya, take a look at /etc/default/slapd
<sommer> just add ldapi:/// to the SLAPD_SERVICES line... then the command should work
<Roxyhart0> it is already there SLAPD_SERVICES="ldap:/// ldapi:///"
<Roxyhart0> do you know what means EXTERNAL and when I use LDAPI for ldapsearch,ldapadd or ldapmodify?
<sommer> Roxyhart0: the EXTERNAL tells the ldap command to use the system authentication
<sommer> this is the entry I believe: olcAuthzRegexp: {0}gidNumber=[[:digit:]]+\+uidNumber=0,cn=peercred,cn=external ,cn=auth cn=localroot,cn=config
<sommer> Roxyhart0: if you don't have any data in the directory, and I assume you don't, you might try starting over with sudo dpkg-reconfigure slapd... then retry the commands
<Roxyhart0> doesn't work dpkg-reconfigure :S
<Roxyhart0> where i need to write this line?
<Roxyhart0> i need to add when i am creating the database ?
<Roxyhart0> on db.ldif file?
<sommer> I'm not sure what you mean?
<Roxyhart0> to add this line just you told me
<sommer> sudo dpkg-reconfigure slapd should remove all the old configurations allowing you to start over... not sure what you have in db.ldif
<Roxyhart0> i just follow the how to, in there you do the first configuration on a ldif file
<Roxyhart0> my question is if i add this line shold work
<Roxyhart0> my question how I add that line?
<sommer> "sudo dpkg-reconfigure slapd" is a command not a line to add to an ldif file
<Roxyhart0> i mean the line avobe
<Roxyhart0> olcAuthzRegexp: {0}gidNumber=[[:digit:]]+\+uidNumber=0,cn=peercred,cn=external ,cn=auth cn=localroot,cn=config
<sommer> did the schema files load without error?  those are the first command?
<Roxyhart0> yes
<sommer> sorry, you don't need to add that line it's already in the config... I was just trying to explain the EXTERNAL auth method
<Roxyhart0> but i did it before
<sommer> did what before?
<Roxyhart0> and still doesn't work
<sommer> what's the command and error again?  I think I'm confused
<Roxyhart0> well i need to configurate again
<Roxyhart0> because i just did dpkg-reconfigure
<Roxyhart0> hahah
<sommer> ah, well maybe it'll work better :-)... you might try as non-root just so the commands line up exactly
<Roxyhart0> ok
<Oli``> If I take a degraded mdadm array offline, will it speed up its recovery or stop it?
<ivoks> meetings was an hour ago?
<ivoks> meeting
<sommer> ivoks: I think it was pushed to the 11th
<ivoks> oh, ok
<bogeyd6> Can someone point me to a guide on installing hpasm or something similiar in ubuntu?
<Oli``> bogeyd6: have you tried just installing the debian package?
<bogeyd6> Oli``, didnt know it existed, because under the server support page at HP debian isnt listed
<bogeyd6> Oli``, where can i find libstdc++2.10-glibc2.2 for 9.10
<uvirtbot> New bug: #516297 in euca2ools "euca-register calls register_image with too few parameters" [Undecided,Invalid] https://launchpad.net/bugs/516297
<zul> ivoks: ping
<ivoks> zul: pong
<zul> ivoks: if possible can we merge the redhat-cluster stuff since it has binaries that you need
<ivoks> zul: not yet
<zul> ivoks: k
<ivoks> zul: rhcs needs to be pacemaerd :)
<zul> ivoks: ah ok
<ivoks> zul: https://edge.launchpad.net/~ivoks/+archive/ppa/+packages
<ivoks> zul: i'm already building merged and pacemakered rhcs
<zul> sounds good lemme know if you need help
<ivoks> zul: i need big support on pushing some sources to main
<ivoks> zul: https://wiki.ubuntu.com/ClusterStack/MIR
<ivoks> i guess there will be some strugling cause atm cluster stack depends on some old (2005) tools
<ivoks> like libesmtp
<zul> ick..
<ivoks> i guess perl modules won't be problem, but libesmtp could be pain
<zul> do you need updates for them or soemthing?
<ivoks> only for one package
<ivoks> which is in main
<ivoks> libtest-script-perl
<ivoks> if you could do that, that would be awesome
<zul> ivoks: ill try to find some time to help you out
<ivoks> we will have awesome cluster stack if this all goes trough
<zul> heh
<ivoks> i plan on having clustered lvm, but that will require changes in lvm
<ivoks> but nothing of this will happen if all those MIRs don't succed :D
<zul> ivoks: upstream says 1.0.4 is the stable version
<zul> which we have
<ivoks> libtest-script-perl?
<ivoks> we have 1.0.3
<zul> libesmtp5
<ivoks> yeah, libesmtp didn't have new version for years
<ivoks> it's libtest-script-perl that we need newer
<zul> k
<zul> ill have a look later today then
<ivoks> thanks
<ivoks> i might be wrong, cause it builded in PPA
<ivoks> bah, too much cluster for one day :)
<ivoks> i'll give you correct info tomorrow
<ivoks> do, don't wory about it for now
<ivoks> s/do,/so,/
<zul> heh ok
<zul> ill still trying to wake up as well
<ivoks> hehe
<ivoks> take care
<pmatulis> what are the basic steps in setting up a gobby server?
<ajavid> hello
<ajavid> hello, I am using ubuntu 8.04lts and I have errors in command line.perl: warning: Falling back to the standard locale ("C"). locale: Cannot set LC_CTYPE to default locale: No such file or directory locale: Cannot set LC_ALL to default locale: No such file or directory.  I have aptitude install locales and sudo dpkg-reconfigure locales but nothing fixed
<ajavid> I don't know how to fix
<ajavid> I have also tried to export LC_ALL=en_us-utf8
<ajavid> and other variables to that language
<ajavid> but i still get this error if I try to run aptitude install anything
<_ruben> when i get those errors i export them as "C"
<ajavid> ok
<ajavid> i try
<ajavid> nope
<ajavid> why can't I regenerate the locales with sudo dpkg-reconfigure locales?
<ajavid> am I doing something wrong
<fullstop> Hi all.. I have a pretty beefy server running several KVM guests.
<SpaceGhostC2C> congrats.
<SpaceGhostC2C> Need any help?
<fullstop> They are all using a bridged ethernet connection.
<fullstop> Yes.
<fullstop> Anyway, the server has 3 gigabit ethernet ports.  Would it be better to set up a few ethernet bridges and split them among the hardware?
<SpaceGhostC2C> fullstop, I'd think so, yes.
<fullstop> SpaceGhostC2C: http://pastie.org/808086
<fullstop> SpaceGhostC2C: kind of fun.  :)
<fullstop> Unrelated, but when my wife blinks her eyes, and the room is quiet, it sounds like Zorak from SGC2C
<SpaceGhostC2C> that was disturbing...
<smoser> nurmi, sudo losetup --show --find --offset=$((190*512)) sdb.img
<kirkland> ttx: https://bugs.edge.launchpad.net/ubuntu/+source/eucalyptus/+bugs?field.searchtext=&orderby=-importance&assignee_option=any&field.assignee=&field.bug_reporter=&field.bug_supervisor=&field.bug_commenter=&field.subscriber=&field.milestone%3Alist=21445&field.status_upstream-empty-marker=1&field.omit_dupes.used=&field.omit_dupes=on&field.has_patch.used=&field.has_cve.used=&field.affects_me.used=&f
<kirkland> ield.tag=&field.tags_combinator=ANY&search=Search
<kirkland> ttx: hmm, let me tinyurl that
<kirkland> ttx: http://tinyurl.com/y9u2sjo
<kirkland> ttx: that's the bugs nurmi and i are about to work on
<kirkland> nurmi: http://tinyurl.com/y9u2sjo
<uvirtbot> New bug: #516726 in bind9 (main) "bind9 failed to upgrade - /var/run/bind/run permission denied" [Undecided,New] https://launchpad.net/bugs/516726
<soren> Good news for all you poor sods subscribed to the build failures from the ubuntu-server-qa ppa: As of tomorrow, the mysql failures should be fixed.
<smoser> kirkland, http://paste.ubuntu.com/368447/
<Shump> Hi, folks. Quick question, I haven't found a clear answer for elsewhere. In an Ubuntu Enterprise Cloud environment, must all physical servers running as part of the cloud have virtualization technology, such as Intel VT or AMD-V, or can you have servers as part of your cloud without that?
<uvirtbot> New bug: #516738 in image-store-proxy (main) "image store broken on Lucid" [High,Triaged] https://launchpad.net/bugs/516738
<Elad__> if I have my server set to use ssh keys, is it possible to generate multiple keys so that 5 users don't all have the same key?
<_ruben> Elad__: keys are supposed to be private and thus not be shared
<Elad__> that is what I was thinking
<_ruben> so sure, each user can and shold have it own keypair
<Shump> Hi, folks. Forgive the repetition, but alot of folks have come and gone since I asked my question. Hoping someone knows. In an Ubuntu Enterprise Cloud environment, must all physical servers running as part of the cloud have virtualization technology, such as Intel VT or AMD-V, or can you have servers as part of your cloud without that?
<_ruben> Shump: no personal experience with it .. but i assume it's based on kvm, which in turns depends on intel vt / amd-v
<Elad__> _ruben: So how do I go about creating keys for each user?
<Elad__> I added the user, and I tried "su new_user_name ssh-keygen -t dsa" and a couple other variations but get invalid options
<_ruben> Elad__: have each user create their own keypair, get them to send the pub key to you, so you can upload it to each user's homedir (.ssh/authorized_keys2)
<Shump> _ruben: Yes, it mentions that it's based on KVM. So that would mean, then, that any hardware it was running with would need either Intel VT or AMD-V?
<Elad__> is there a way I can create the keys for them?
<Elad__> ah, I think I get it - I would create the public/private keys, stick the key.pub in their .ssh/authorized_keys2/ directory and then send them the private key?
<_ruben> Shump: basically yes .. there's also kvm-qemu i think, but qemu gives *very* poor performance
<_ruben> Elad__: you can, but i prefer to do it the other way around .. then again, they can alter their passphrase anyway
<Elad__> _ruben: What if the new user doesn't have a .ssh directory? Can I just create it and put the public key there? Or is there a better way to do it?
<_ruben> Elad__: the .ssh dir doesnt exist by default indeed, its safe to create it
<Elad__> _ruben: thanks for your help, I appreciate it
<_ruben> and the authorized_keys2 filename is "old" i think, the manpage of ssh/sshd will probably tell you which filename one should use these days
<Shump> _ruben: Thanks so much!
<Elad__> The file ~/.ssh/authorized_keys lists the public keys that are permitted
<Elad__>      for logging in.
<Elad__> right on the man page. Thanks for the heads up
<_ruben> the 2 might be related to ssh2 (like only allow for ssh2 usage or so) ... wouldnt know the details, it's what im used to work with :)
<uvirtbot> New bug: #492724 in bind9 (main) "upcoming process - bind9 - host crashed with signal 7 in dns_rdatatype_fromtext()" [Medium,Confirmed] https://launchpad.net/bugs/492724
<smoser> nurmi, when you get a chance, look at https://bugs.launchpad.net/ubuntu/lucid/+source/euca2ools/+bug/516738
<uvirtbot> Launchpad bug 516738 in image-store-proxy "image store broken on Lucid" [High,Triaged]
#ubuntu-server 2010-02-04
<Roxyhart0> HI, i am creating a ldap server and i want mac desktop can login to my server. where i can find a apple.schem?
<twb> Apple don't use RFC 2307?
<twb> Christ.  Why does EVERY LDAP auth deployment want to NIHG their own schema?
<twb> *NIH
<uvirtbot> New bug: #516862 in ntp (main) "/usr/bin/timeadj doesn't appear to have stack protection" [Undecided,New] https://launchpad.net/bugs/516862
<kirkland> nurmi: ping
<bogeyd6> s/join 3opensuse
<animeloe[net]> hey I'm having issues connecting a printer on a samba server to a windows 7 client
<animeloe[net]> I'm using ubuntu-server 9.10 (latest security updates)
<twb> What's the KVM name for the dom0/HN?
<animeloe[net]> windows 7  (64-biit) release
<animeloe[net]> the error message I get is "Windows can't connect to the printer"
<animeloe[net]> error 0x0000000d
<twb> animeloe[net]: can normal machines use the printer via samba?
<animeloe[net]> (a not very helpful error message from windows)
<animeloe[net]> yes
<animeloe[net]> my XP box can connect
<animeloe[net]> and print
<Roxyhart0> Hi i am following this how to and when i do this command :root@palm:/var/lib/ldap# sudo ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b cn=config dn
<Roxyhart0> SASL/EXTERNAL authentication started
<Roxyhart0> SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
<Roxyhart0> SASL SSF: 0
<Roxyhart0> No such object (32)
<animeloe[net]> and the Vista box can as well
<Roxyhart0> why this error?
<animeloe[net]> Roxyhart0, PASTEBIN!!!!!!!!!!!!!!!!!!!!!!!!!!!!!1
<Roxyhart0> ups sorry
<twb> animeloe[net]: then we can start by assuming it's Windows 7's fault.  I suggest you try ##windows
<animeloe[net]> lol
<twb> s/assuming/hypothesizing/
<animeloe[net]> I kinda figured
<animeloe[net]> go figure
<twb> Roxyhart0: I normally need an -x in there, but I've no idea what that actually means.
<animeloe[net]> why are you using ldapi?
<twb> animeloe[net]: oh, yeah, ldapi never worked for me, either
 * animeloe[net] uses ldaps
<twb> IIRC ldapi means "use sockets" or so
<twb> I used ldap://127.0.0.1
<twb> IIRC we ran out of budget before getting LDAP/SSL working, sigh.
<Roxyhart0> Hi again, i am following this how http://doc.ubuntu.com/ubuntu/serverguide/C/openldap-server.html to and when I execute a command I got the error on http://pastebin.com/d4a509bf6. any idea?
<animeloe[net]> lol
<animeloe> http://ubuntuforums.org/showthread.php?t=1313472
<animeloe> look here Roxyhart0
<animeloe> they didn't complete the guide
 * animeloe blames the Pres for that
<twb> animeloe: what does Mbeki have to do with it?
<Roxyhart0> yes i follow this one, but when i want to continue with the next process such as that i shows before i got this error
<animeloe> budget cuts :P
<Roxyhart0> other weir thing is when i try to see the acls that i did just shows me the first line but not the acls. It means for some reason the acls are not configured?  or the command is not working properly? http://pastebin.com/d378dae74
<Roxyhart0> wherelse can I see my acls?
<twb> Roxyhart0: acls in what?
<twb> Oh, LDAP.
<twb> I don't know anything about slapd's config after they moved it INTO slapd's database (yuck)
<twb> (Self-hosting is all well and good, but for auth infrastructure it makes me nervous.)
<gwynddyllyd> hello everyone. i'm having an issue where i can login with my password but sudo is not working.
<gwynddyllyd> i have just installed ubuntu server
<gwynddyllyd> and i haven't brought the network up yet
<gwynddyllyd> this is for a home server and i'll be using wifi.
<gwynddyllyd> furthermore, sudo sometimes ignores my first return keypress. this does not happen with login.
<gwynddyllyd> any clues?
<twb> Try "sudo -l"
<gwynddyllyd> no luck. it dropped me straight to asking me my password and once again nothing works.
<twb> Your password is wrong, then.
<gwynddyllyd> i had to hit return twice for it to register
<gwynddyllyd> this doesn't happen neither at bash or at login.
<twb> You cannot reset it without root access, so you will need to break into your host to fix it.  Do you have physical access?
<twb> I suppose it's also possible that your keyboard is playing up or something, but for now I'll assume you're just fat-fingered.
<gwynddyllyd> i'm standing next to it. this is a home server. i'm typing from another computer.
<twb> "typing from another computer" how?
<twb> Or do you just mean you're IRCing from another host?
<gwynddyllyd> at irc i mean, not at the server lol
<gwynddyllyd> yes
<twb> OK, bounce the server and pick the second option, which should be "... (rescue)"
<gwynddyllyd> doing it...
<twb> It will then give you full root access, from which you can run "passwd gwynddyllyd" to reset your password.
<jehovah_> Hello im looking for some help with setting up my first mail server using postfix
<jehovah_> i have it installed and all that
<jehovah_> its using mail.bizkitsplace.co.cc, I never set up the subdomain mail, so do i need to do that? and do i need to make a dns forward for that subdomain?
<gwynddyllyd> twb: actually i took the keyboard off the server and replugged it (the horror!) and it started working again.
<twb> gwynddyllyd: ok
<gwynddyllyd> twb: but thanks!
<Elad> when setting up a postfix+dovecot mail server, do I need to specify that the domain is mail.my_domain.com somewhere? From what I am seeing it looks like I just do my_domain.com
<Elad> how does the server know if you are attempting tosetup your mail client for imap, pop3, etc?
<jehovah_> hey how about that! im tryign to setup postfix too, and not i cant figure out how to set up a subdomain :D
<jehovah_> im tired
<jehovah_> been thinking about this way to long
<Elad> have you been able to succesfully connect a mail client to your server?
<jehovah_> no
<jehovah_> i cant even get it to send an email from the webmin
<Elad> I'm sure there is an easier way, but do you have php+apache installed on your server?
<jehovah_> yea
<jehovah_> its currently hosting www.bizkitsplace.co.cc
<Elad> I tested my mail server by writing a quick php script <?php mail(params); ?>
<Elad> to see if the thing was able to send mail
<jehovah_> i think the only thing setting me back is my inablity to set up a sub-domain
<oh_noes> Anyone seen this before?:  http://ubuntuforums.org/showthread.php?p=8771621#post8771621
<oh_noes> I have a 2nd disk that gets deecting in PIO mode when its on the second IDE channel
<Guest24250> lawls
<oh_noes> if it shares the same IDE channel as the first disk (IDE0) it works fine
<Elad> when I try to telnet into mail.my_domain.com it says "Trying ip_address" but the ip_address it shows isn't mine; When I do telnet my_domain.com is says the it is trying my ip address - why would this be?
<Roxyhart0> hi, somebody have a really good doc to install openldap it is getting me crazy, i has been 1 week trying and is error over error
<jmarsden> Roxyhart0: Just use the Ubuntu Server Guide: https://help.ubuntu.com/9.10/serverguide/C/openldap-server.html
<Roxyhart0> nah, just error...doesn't work
<jmarsden> Then (if you are 100% sure of this) file a bug against it.  It works here.
<Roxyhart0> includying phpldap?
<jmarsden> is that mentioned in the guide? :)  Either the guide works, or it doesn't.  Try it.  Once you have openldap itself working, you can add whatever extra stuff around it you need.
<Roxyhart0> i did many times
<Roxyhart0> for exmpale id follow that how to but when i try to do it, i got the last error:
<Roxyhart0> root@palm:~# sudo ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b cn=config dn
<Roxyhart0> SASL/EXTERNAL authentication started
<Roxyhart0> SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
<Roxyhart0> SASL SSF: 0
<Roxyhart0> No such object (32)
<Roxyhart0> can be all that error because i just upgrade ubuntu to 9.10 instead install from zero?
<jmarsden> Roxyhart0: I do not see that sudo command in the guide.  if you work through the guide and get to    ldapsearch -xLLL -b "dc=example,dc=com" uid=john sn givenName cn    then you have a working LDAP server.
<jmarsden> Did you get that far?
<Roxyhart0> that is not the problem, it work doind search but when i try to do something else like i put before i got problems
<jmarsden> Then most likely you have a working LDAP server, but you are using invalid or incorrect commands against it.
<Roxyhart0> wich ubuntu version do you have?
<Roxyhart0> but i am following the doc
<jmarsden> Many :)  The machine I am typing on runs Ubuntu 9.10 Desktop amd64.
<jmarsden> Roxyhart0: Which doc??
<Roxyhart0> i am installing in a upgraded ubuntu 9.10 server
<Roxyhart0> the guide
<jmarsden> OK.  and where in the guide does it say that the command     sudo ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b cn=config dn     should work ?
<Roxyhart0> in Further configuration
<Roxyhart0> is just to know about my configuration...
<Roxyhart0> but form there any command that i run shown in the guide doesn work as should be
<jmarsden> I still can't find that command in the Guide... can you give me a URL to the guide you are using?
<Roxyhart0> http://doc.ubuntu.com/ubuntu/serverguide/C/openldap-server.html
<jmarsden> That one says DRAFT all over it.  The official Guide is at https://help.ubuntu.com/9.10/serverguide/C/openldap-server.html
<Roxyhart0> ok, i will try one more time with this wide doind exactly everything
<Roxyhart0> thanks
<Roxyhart0> are you sure this is the last one?
<Roxyhart0> weel, first dpkg-reconfigure doesn't shows me the dialog to write nothing
<jmarsden> Notice that it does not have the DRAFT DRAFT background :)   As far as I know it is the official one.  You can also install it (sudo apt-get install ubuntu-serverguide ) and use that if you want.
<jmarsden> Roxyhart0: Perhaps you need to apt-get purge the packages you already added from your earlier attempts?
<Roxyhart0> yes, but dpkd-reconfugure doesnt work
<Roxyhart0> it is so stressing to be honest
<jmarsden> Roxyhart0: You are saying that you followed the (official) guide, after removing all the stuff you did earlier, and it's instructions do not work?  That's... unhelpful, if true.  I'll srat up a Karmic Server VM and see what happens when I try to follow the Guide...
<Roxyhart08> thanks a lot jmarsden
<jmarsden> OK, so I did sudo apt-get install slapd ldap-utils    and installed the packages.  Then I did    sudo dpkg-reconfigure slapd  and I'm in debconf menus asking me about configuring it.  Where's the issue?
<Roxyhart08> yes, but just ask you one time...close that ...can you try again?
<Roxyhart08> i dont know why i cant do that anymore
<jmarsden> Works for me.  It doesn't ask me about modifying the olcSuffix in those questions, but it let;s me go through the debconf questions it *does* ask as many times as I want.
<Roxyhart08> so you are lucky ..what do you recomend to me?
<jmarsden> You've tried   sudo apt-get purge slapd      and then sudo apt-get install slapd    again?
<jmarsden> BTW, I'm not sure I'm lucky... I'm just running a fairly normal test Karmic server.  Apparently you have got yours into some strange state.
<jmarsden> Well, or you didn't do what I suggested 20 minutes ago when I said: <jmarsden> Roxyhart0: Perhaps you need to apt-get purge the packages you already added from your earlier attempts?
<Roxyhart08> so, i will format the server (is new) and install from zero
<jmarsden> Seems like overkill, but if you want, sure.
<Roxyhart08> i got another new server as well but i upgraded from 9.04 to 9.10. could be it a problem?
<Roxyhart08> i mean doesn't work the same way when i install from zero v/s upgrade?
<jmarsden> Was there a 9.04 openldap installation on it?  That might be different, if you need to keep that data...
<Roxyhart08> no 9.10
<Roxyhart08> no problems there is no nata
<jmarsden> Then I don't see a problem :)
<error404notfound> i have http://pastebin.com/m683431e6 , i can telnet to 25 on localhost but not from the remote ip address, why?
<Roxyhart08> thanks a lot for your help
<Roxyhart08> also i am following now this doc and is going a little bit better. http://www.howtoforge.com/install-and-configure-openldap-on-ubuntu-karmic-koala
<jmarsden> Roxyhart08: It's up to you.  I generally don't reocmmend those howto's "out there".  It is safer to stick to the official documentation and the man pages.
<jmarsden> *recommend
<jmarsden> error404notfound: Maybe you are missing a line something like ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
<jmarsden> Wow, he disappeared already?
<Roxyhart08> maybe we found the error
<jmarsden> Roxyhart08: We did -- the error was that you used a document with DRAFT all over it instead of the real Server Guide :)
<Roxyhart08> hahaha...is not victory yet...but, is a mix of document to be honest
<jmarsden> Don't do that.  You will confuse yourself.  Use *one* guide, the Ubuntu Server Guide, and man pages.
<Roxyhart08> i will try with the new server and will see
<mealstrom> how to change default gnome language pack in preseed file? say from "en" to "fr" or "ru" ?
<mealstrom> d-i preseed/late_command string wget -O /target/var/lib/gconf/debian.defaults http://192.168.1.1/preseed/%25gconf-tree.xml
<mealstrom> can you help me with this command?  how to wget in preseed %gconf-tree.xml with % <-- this char ?
<mealstrom> %25 doesn't work
<mealstrom> solved    "http://xxx/%25so"
<mealstrom> from where this file is copied? or some template ?  ~/home/.dmrc
<hydester> hi.  i'm trying to install Xen on Karmic.  from what i read online, it looks like Ubuntu is supporting KVM and not Xen.  outside of compiling from source, is there any simpler package-based way to get Xen running?  i got xen-create-image working, just the failure on xm create /etc/xen/myserver.cfg
<ezra-s> Any knows a good guide to configure slapd in Ubuntu from scratch?
<ivoks> have you checked ubuntu server guide?
<ezra-s> you mean the url in the topic?
<Roxyhart0> hey...if you find one let me know i has been one week crazy whit it
<ivoks> https://help.ubuntu.com/9.10/serverguide/C/openldap-server.html
<ezra-s> Roxyhart0, I found this http://www.grennan.com/ldap-HOWTO.html but it mentions a slapd.conf file I don't find in ubuntu install, and it is based on redhat so I dont really know how to translate things
<ezra-s> ivoks, thank you, will take a look now
<ivoks> new versions of openldap keep config in tree, not in files
<Roxyhart0> yes, new ubuntus version doesn't come with sladp.conf
<ezra-s> I'm sorry If I sound clueless it is my first attempt at playing with ldap by myself
<ivoks> ezra-s: get apache directory studio as interface to your slapd
<Roxyhart0> i check this pages:http://ubuntuforums.org/showthread.php?p=8154148 and http://ubuntuforums.org/showthread.php?t=1313472 and http://www.howtoforge.com/install-and-configure-openldap-on-ubuntu-karmic-koala. If the Offitial Guie doesn't work for you ..have a look those pages can help to understand a little bit more the new configuration
<ivoks> Roxyhart0: have you looked at official documentation?
<ivoks> there is a reason why it's official
<mealstrom> use slaptest command to convert slapd.conf to spad.d/
<mealstrom> and find working slapd.conf
<ezra-s> ivoks, apache directory studio, have any url I can check right there I dont find coincidences in ubuntu package listing
<Roxyhart0> yes, was the first but doesn't work for me properly but because was my first time doing it. I will try again from zero
<ivoks> ezra-s: it's not packaged, but you could use it once you set up slapd
<ezra-s> alright, googling for download  ;)
<ivoks> http://directory.apache.org/studio/
<ezra-s> got it!
<ezra-s> ivoks, you're most helpful I apreciate
<Roxyhart0> ivock do you know how set phpadminldap? s is not working.
<ivoks> i never used phpadminldap
<Roxyhart0> it is a good tool to visualize
<ezra-s> Roxyhart0, if you want to visualize I can help you --> ldapbrowser :P
<ezra-s> lightweight and easy to use
<Roxyhart0> better tahn phpldapadmin?
<ivoks> ezra-s: start it with GDK_NATIVE_WINDOWS=1
<ivoks> GDK_NATIVE_WINDOWS=1 ./ApacheDirectoryStudio
<gzur> Hi guys. I just bought a machine (Dell Poweredge M610 Blade Server) that I wanted to setup with Ubuntu server 9.10
<gzur> but for some reason the guy who's setting it up for me (a technician at the hosting provider where my machine is kept) says he's tried setting 9.10 up, but it doesn't seem to be workingÃ¾
<gzur> He suggests using Ubuntu 8.04 LTS server instead
<gzur> (which is supposedly supported until 2013)
<ezra-s> I noticed that
<ezra-s> thank you very much
<ivoks> gzur: ok, and?
<gzur> I'm wondering whether I should ask him to try setting up 9.03 jaunty instead perhaps?
<ezra-s> ivoks, the ldap guide is missing some basic point, I havent be able to set up my root password for the ldap at any poing in time, not even the name of the root branch in the ldap.. and dpkg-reconfigure does not ask me for any of that
<gzur> or is the LTS a better deal?
<ezra-s> any ideas on how to set the admin password?
<ivoks> LTS is better deal
<gzur> I've been preparing the deployment(on a dev machine) using 9.10 so far
<ivoks> ezra-s: dpkg-reconfigure slapd
<ivoks> ezra-s: that doesn't work?
<ezra-s> ivoks, that won't do
<ezra-s> nope :(
<gzur> is that work down the drain?
<Roxyhart0> i had the same problem before, doesn't work
<ezra-s> it just asks if I want to remove database when the package is purged, about ldapv2 support and if I want to omit ldapd config
<Roxyhart0> gzur i had the same question than you but no body asnser me something clear and different opinios about that, even some guys told me better use 10.04 LTS
<ezra-s> I choose I don't want to omit sand continues to the next two questions but nothing else
<Roxyhart0> i suppose we can always upgrade versions
<gzur> awrighthy
<gzur> 8.04 LTS it is then.
<ivoks> there's no password, if i read this line correct
<ivoks> olcAuthzRegexp: {0}gidNumber=[[:digit:]]+\+uidNumber=0,cn=peercred,cn=external ,cn=auth cn=localroot,cn=config
<Roxyhart0> ezra-z sis you check this one: http://doc.ubuntu.com/ubuntu/serverguide/C/openldap-server.html
<Roxyhart0> did sorry
<ezra-s> ivoks, It won't let you use no passwrd either, you have to enter something
<ezra-s> will check right now
<ivoks> # Allow unlimited access to cn=localroot,cn=config which is the dn to wich a
<ivoks> # local connection from the local root user is mapped to
<Roxyhart0> gzur i am installin 9.10 and i am having problems but others people thinks is very good. maybe you can try with 8.04 and when 10.04LTS come you can upgrade...i think it is like the new windows versions...at the first time always problems and after a time improve (sorry for the comparation)
<ezra-s> ivoks, doing this fails ldapsearch -xLLL -b cn=config -D cn=admin,cn=config -W olcDatabase={1}hdb
<ezra-s> it asks for a password, i use the root pw and fails :P
<ezra-s> cn=localroot should be?
<mealstrom> set olcRootPW
<mealstrom> maybe
<ivoks> i know
<ezra-s> in any case, Im checking Roxy's guide now see if I have more success there
<ivoks> there's /usr/share/slapd/slapd.init.ldif
<mealstrom> I've got trouble with something similar and fix it with slapd.conf conversion
<Roxyhart0> ezra-s i think you should try with the link that i told you last time. If that link doesn't work totally this link worked for me in th first part http://www.howtoforge.com/install-and-configure-openldap-on-ubuntu-karmic-koala. Pleas let me know which work for you
<ezra-s> Roxyhart0, I'm on it
<ivoks> i got it working
<ivoks> so
<ivoks> go to /usr/share/slapd
<ivoks> there's slapd.init.ldif
<ivoks> before you edit it, run slappasswd
<ivoks> that will generate a password for you
<ivoks> then open slapd.init.ldif
<ivoks> find olcRootDN
<ivoks> and bellow it, add olcRootPW: <generated password>
<ivoks> dpkg-reconfigure slapd and answer to all questions as proposed
<ivoks> that's it
<ezra-s> Roxyhart0, in that guide it says "Change olcRootPW: secret to a password of your choosing" maybe it should also comment, "use slappasswd" to make an encrypted one
<ezra-s> ivoks, you're a machine!
<Roxyhart0> yes you can use sldappassw and copy the result there
<ivoks> lol
<ivoks> there's even easier way
<ivoks> ldapsearch -Y EXTERNAL -H ldapi:///
<ivoks> :)
<ivoks> ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=config
<ivoks> i knew it can read users uid :)
<ivoks> that howtoforge link is correct one
<ezra-s> so the best guide is the howtoforge link then?
<ivoks> depends on what you want
<ivoks> if you really want to set up a password for admin account
<ivoks> then you need to do that i told you
<ivoks> howtoforge explains how to create new directory, dc=example,dc=com
<ivoks> and creates new admin user for it
<ezra-s> I just want to set one up to learn how the thing works for once and for all, ldap is a pain and a scratch in my resume
<ivoks> there's no 'once and for all' in IT industry
<ezra-s> lol
<ezra-s> ivoks, well as long as I get a good "basement" knowledge about it then it is easier later on to build on it
<ezra-s> ldap is unique and bizarre :P
<ivoks> https://help.ubuntu.com/9.10/serverguide/C/openldap-server.html
<ivoks> ^^^ this is correct
<uvirtbot> ivoks: Error: "^^" is not a valid command.
<ivoks> except one thing
<ivoks> instead of:
<ivoks> ldapsearch -xLLL -b cn=config -D cn=admin,cn=config -W olcDatabase={1}hdb
<ivoks> there should be:
<Roxyhart0> which is the error
<ivoks> ldapsearch -Y EXTERNAL -b cn=config olcDatabase={1}hdb
<ivoks> and later on... instead of 'ldapsearch -xLLL -b cn=config -D cn=admin,cn=config -W', you need only 'ldapsearch -Y EXTERNAL -b cn=config'
<ezra-s> ohh I see
<ivoks> -x = simple auth
<ezra-s> I was wondering now why that line even if accepted the password was not "puking" anything
<ivoks> -Y EXTERNAL = external auth
<ivoks> whole documment needs 's/-x -D cn=admin,cn=config -W/-Y EXTERNAL/'
<ivoks> sommer: ^^
<alvin> The openldap serverguide is out of date (bug 463684). I think there was a draft for lucid documentation that might be useful.
<uvirtbot> Launchpad bug 463684 in ubuntu-docs "openldap sections in ubuntu server guide not updated for packages in karmic" [Medium,Fix released] https://launchpad.net/bugs/463684
<alvin> Aha: https://help.ubuntu.com/9.10/serverguide/C/openldap-server.html
<ezra-s> Im going to make my own plain text guide just in case
<alvin> ok, that was the link that was posted earlier...
<alvin> Is that documentation now working for you? (I'd like to try too. First time ldap, so I was waiting for documentation too.)
<Roxyhart0> alvin, so what is the best link to follow?
<alvin> There are 2 in the bug report. A draft: http://doc.ubuntu.com/ubuntu/serverguide/C/openldap-server.html, and the one that was posted here: https://help.ubuntu.com/9.10/serverguide/C/openldap-server.html I didn't try them yet.
<alvin> The draft is probably the one you want.
<Roxyhart08> a
<ezra-s> ivoks, after I set the root password I am doing a ldapsearch -Y EXTERNAL -b cn=config olcDatabase={1}hdb and Im getting: ldap_sasl_interactive_bind_s: Unknown authentication method (-6)
<ezra-s> do I have to add the mentioned schemas in the other link first?
<Roxyhart08> i got in one server 9.04 is ok upgrade to 9.10 or 9.04 have less problems?
<alvin> I guess he upgraded :-)
<Roxyhart08> which version do you have?
<ezra-s> who what?
<Roxyhart08> ubuntu version
<Roxyhart08> everyone is working with the last one?
<ezra-s> Im in 9.10
<alvin> Roxyhart08: What problems are you expecting? Are you concerned about ldap or other things?
<Roxyhart08> i need to install ldap, samba, kerberos, posfix
<Roxyhart08> and i have one week trying just with ldap
<ezra-s> hehehe
<ezra-s> my condolences
<ivoks> postfix is easy
<ivoks> just install postfix-dovecot and you'll functional smtp/pop3/imap
<Roxyhart08> well at least one is easy :)
<ivoks> er... dovecot-postfix
<ivoks> in 10.04, there should be amavis-postfix, that should install antispam and antivirus stuff
<alvin> I have no experience with kerberos, postfix and ldap on karmic. Samba works, except for mounting shares at boot. Also, install the latest updates for samba, or nmbd will not start at boot. Postfix is probably working just fine
<alvin> ivoks: will there also be a dovecot-amavis-postfix?
<kwork> or maybe do-everything-for-me meta package
<ivoks> alvin: nope, but you could install dovecot-postfix and amavis-postfix at the same time
<ivoks> yeah, package names aren't quite good
<alvin> ivoks: ok, makes more sense
<ivoks> but we'd like to have everything in place before calling it ubuntu-mail or something
<alvin> For everything-in-one solution, I use kolab. It's hell to install, but works quite good. If Ubuntu would package it, you'd have the same (and more, maybe make it modular)
<Roxyhart08> which version is harder to work 9.04 or 9.10?
<kwork> alvin,  actualy i have heard that the provided ubuntu packages are worse then the ones in openpkg
<kwork> alvin,  the guy making the openpkgs is doing it @ some goverment
<kwork> alvin,  so they are thruely tested and stuff
<alvin> kwork: The ubuntu/debian packages should be removed from the repositories. They are impossible to install
<alvin> kwork: openpkg is the only option
<kwork> nodnod
<Roxyhart08> which packages are you talking about...even ldap?
<alvin> All of them. Don't even try to install kolab through apt-get
<Roxyhart08> in ldap group they told me is better work with my own openldap
<alvin> I don't know about that. The Ubuntu openldap package should be well maintained. It's only the documentation that is lacking and that is fixed for 10.04
<alvin> The kolab ldap is another matter. I'm running that in a JeOS, so it doesn't touch other packages
<Roxyhart0> alvin so which version do you recomend work with?
<alvin> Roxyhart0: which version of what?
<alvin> ah, Ubuntu. Well... hard to say. Hardy actually, unless you want the newer stuff like ext4 or stable kvm
<Roxyhart0> ups, there any way to downgrade ubuntu?
<ezra-s> crap
<ezra-s> a crash in the last step, the acl of the doc in howtoforge
<Roxyhart0> which is the error
<ezra-s>  ldapmodify -x -D cn=admin,cn=config -W -f acl.ldif
<ezra-s> Enter LDAP Password:
<ezra-s> *** glibc detected *** ldapmodify: malloc(): memory corruption: 0x014e9d70 ***
<acalvo> hi
<acalvo> is there any utility to view and manage a pool of dhcp addresses for dhcp3-server?
<Roxyhart0> ups
<Roxyhart0> i didnt have this error before
<acalvo> ezra-s: I've been having something like that, and it was related to indexes
<ezra-s> acalvo, to manage in the config file, to view currently given addresses I would be it should be somewhere in /var :P
<Roxyhart0> before you try with any guie, did you clean tha database?
<ezra-s> Roxyhart0, how
<ezra-s> I did several reinstalls
<ezra-s> purging everything in between
<Roxyhart0> i mean do pk..-reconfigre slapd and delte the files i2x.dbd and d2x.dbd from /var/lib/dap/
<Roxyhart0> did you do that?
<Roxyhart0> also maybe try doing apt-get purge slapd ldap-utils and then install again
<acalvo> ezra-s: try to index everything you'll need
<acalvo> I've had so many crashes until I've found out that was mainly the cause
<ezra-s> acalvo, Im a complete newbie, I dont even know how to index
<acalvo> ezra-s: http://www.openldap.org/doc/admin24/tuning.html#Indexes
<ezra-s> checking, thank you
 * ezra-s shoots himself
<acalvo> ezra-s: don't worry, I've been looking for this error for 6 months, even using a cron job to restart the ldap server if the PID was not found (or zombie)
<Roxyhart0> did you try with a small data first, i mean exactly like in the example?
<ezra-s> yes
<ezra-s> it crashes with the alc.ldif
<ezra-s> ldapmodify -x -D cn=admin,cn=config -W -f acl.ldif
<ivoks> try with -Y EXTERNAL
<ivoks> :)
<ezra-s> SASL/EXTERNAL authentication started
<ezra-s> ldap_sasl_interactive_bind_s: Unknown authentication method (-6)
<Roxyhart0> try to restart slapd /etc/init.d/slapd restart sometimes worked for me
<ivoks> ldapmodify -Y EXTERNAL -H ldapi:/// -f acl.ldif
<Roxyhart0> when you do slapcat shows you something, i mean to know there are something in the tree
<ezra-s> same stack trace after restart
<Roxyhart0> can you do slapcat
<ezra-s> ivoks, im going to try it
<ezra-s> ASL/EXTERNAL authentication started
<ezra-s> SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
<ezra-s> SASL SSF: 0
<ezra-s> *** glibc detected *** ldapmodify: malloc(): memory corruption: 0x00551070 ***
<ezra-s> wow
<ezra-s> I basically copy pasted :P
<Roxyhart0> just to know if the step before was ok
<ezra-s> Roxyhart0, the only thing that changes from the guide to what I did is the password is incrypted in SSHA
<ezra-s> Roxyhart0, slapcat shows stuff
<ezra-s> let me paste it in pastebin
<ezra-s> http://pastebin.com/d306b3568 <-- here we go
<Roxyhart0> weird it works for me, but we never know. maye you should try to purge slapd and try again
<ezra-s> thats what I will do
<ezra-s> after committing suicide once more :P
<mmerlone> I am trying 'apt-get install apt-show-versions' on a 8.04.4 and get the error 'Weak references are not implemented in the version of perl at /usr/lib/perl5/AptPkg/hash.pm line 8' after '** initializing cache. This may take a while **'
<mmerlone> Google could not help me..
<Roxyhart0> haha i did many times...and finally works..
<Roxyhart0> apt-get purge slapd ldap-utils
<ezra-s> purge like that works?
<ezra-s> I thought it was apt-get remove --purge
<Roxyhart0> no, i try before but doesn't work properly, i was suggested to use purge intead remove
<ezra-s> purging
<ezra-s> you always learn something new
<Roxyhart0> after one week ...
<Roxyhart0> doing the same think many times...
<ezra-s> its funny how i followed the guide and I dont understand most of it, ldap syntax reminds me of sendmail :P
<Roxyhart0> if you read all the link that i told you (calm) you can undestand something, still i am very new in it
<_ruben> following tutorials blindly without knowing what you're doing isn't among my list best practices ....
<_ruben> "list of best practices" even
<ezra-s> _ruben, you got to start somewhere
<_ruben> ezra-s: yes, by trying to understand what you're doing
<ezra-s> once you do it a second or third time things start looking familiar
<ezra-s> _ruben, I could go to RFC's and go equally crazy
<Roxyhart0> ruben_ do you knoe what mean EXTERNAL and when you use that with ldapadd?
<ezra-s> I can understand some of the ldap basics, but the syntax, the commands behind it are just very complicated
<ezra-s> what is ldapi:///
<ezra-s> for example
<ezra-s> oh wait.. there is no man for ldapadd
<ivoks> ldapi is socket interface
<ivoks> ldap and ldaps are tcp interfaces
 * ezra-s blushes, no man because I had it purged
<ezra-s> lol
<ezra-s> I mean I have dealt with other daemons and ldap is a pain :P
<Roxyhart0> thanks ivoks
<_ruben> Roxyhart0: i never played with ldap (yet) .. well, apart from messing with our AD, which i tend to avoid whenever possible :)
<ezra-s> ivoks, and why ldapi:/// and not -s ldapi or something like that?
<Roxyhart0> you are lucky guy
<ivoks> ezra-s: ldapi:/// is URL and is universal; -s ldapi is not universal
<ezra-s> ivoks, 3 /'s ?
<ivoks> and for strange reason why is it slapd and not sldap, ask openldap.org :)
<ezra-s> hehehe
<ivoks> ezra-s: URLs. ldapi://localhost/ = ldapi:///
<ezra-s> I think I read about it some other time in the past when I was trying to learn something from it
<ezra-s> ivoks, I know I know.. Im a complete ignorant, hehehe ;) thx for the explanation
<ivoks> soren: ;...( bon voyage ;...(
<ezra-s> hehee, im not leaving
<ezra-s> i will stay and bug or try helping others for a while  :)
<J_P> hi all
<mrp> how do i get man working a server install?
<pmatulis> mrp: don't understand the question
<mrp> pmatulis: there is no man on my server install
<pmatulis> mrp: jeos install?
<mrp> pmatulis: yeah
<pmatulis> mrp: just install it:
<pmatulis> sudo aptitude install man
<mrp> ta
<mrp> it said some pkgs weren't authitincated?
<mrp> WARNING: The following packages cannot be authenticated! bsdmainutils groff-base man-db
<pmatulis> you shoul be good
<mrp> kk
<ezra-s> nah, tried again, memory corruption
<ezra-s> I think ill give sun one directory server a try
<mrp> can i disable/enable scgi with lighty-enable-mod?
<ezra-s> directory studio doesn't add the ldap either, i fill the hostname and name for the connection, click next and nothing happens...
<ivoks> ezra-s: did you add that GD..thing?
<ezra-s> oh right, i did but in .bashrc
<ezra-s> forgot to call it before launching
<ivoks> GDK_NATIVE_WINDOWS=1 ./ApacheDirectoryStudio
 * ezra-s slaps himself
<Italian_Plumber> Good morning.  I have a remote machine running on the Ubuntu live CD.  I've installed openssh-server, but I didn't create any users/passwords.  Can I still login as either "root" or "ubuntu"?
<alex_joni> root is usually disabled for ssh
<ivoks> try ubuntu ubuntu
<alex_joni> and you can't ssh for users without passwd, so only ubuntu/ubuntu should work
<pmatulis> Italian_Plumber: root is enabled but it doesn't have a p/w.  ssh default however does not allow blank passwords
<Italian_Plumber> ubuntu ubuntu does not work :(
<ezra-s> can't auth to the ldap
<ezra-s> user should be cn=admin or something like that?
<ivoks> cn=admin,dc=example,dc=com
<Roxyhart0> yes
<ivoks> replace example com with what you set up
<ezra-s> I did example
<ezra-s> still failing :(
<hggdh> additionally, spaces after the equal sign (and before the coma), and the ordering are important
<hggdh> and case...
<ivoks> ezra-s: is your ldap listening on IP other than 127.0.0.1? :)
<ezra-s> yes
<ezra-s> listening in 0.0.0.0
<ivoks> try:
<ezra-s> im connecting to 127.0.0.1
<Roxyhart0> ivoks where you rote GDK_NATIVE_WINDOWS=1 ./ApacheDirectoryStudio?
<ivoks> ldapsearch -x -d dc=example,dc=com -D cn=admin,dc=example,dc=com -W
<ivoks> er
<ivoks> ldapsearch -x -d dc=example,dc=com -D cn=admin,dc=example,dc=com -W -H ldap://IP/
<ivoks> Roxyhart0: nowhere
<ivoks> Roxyhart0: enter ADS directory and start it like that
<ezra-s> ldapsearch -x -d dc=example,dc=com -D cn=admin,dc=example,dc=com -W -H ldap://127.0.0.1
<ezra-s> ldapsearch: unable to parse debug value "dc=example,dc=com"
<ezra-s> slapcat pukes this -> http://pastebin.com/d3e3fee9b
<ivoks> my bad
<ivoks> ldapsearch -x -b dc=example,dc=com -D cn=admin,dc=example,dc=com -W -H ldap://IP/
<ivoks> ldapsearch -x -b dc=example,dc=com -D cn=admin,dc=example,dc=com -W -H ldap://IP/ "(objectclass=*)"
<ezra-s> that works without the objectclass specification
<ivoks> slapcat reads files, doesn't connect to ldap
<ezra-s> the first example asks me for a password I type it and voilÃ¡
<J_P> I would like as a ramdisk file system and real filesystem will be read only. What is better choice/solution for this?
<ivoks> then cn=admin,dc=example,dc=com is username
<ivoks> and password is...
<ezra-s> password is the same I tried in the console
<ivoks> ezra-s: don't use TLS/SSL while connecting
<ezra-s> should I use other than simple auth?
<ezra-s> ivoks, lol, you got me there
<ivoks> you didn't set up certificates
<ezra-s> that's right then, no SSL and simple auth works
<ezra-s> :)
<ezra-s> now I jump right into the issue on how to restrict certain branch from view from normal users, muahahahaha
<ezra-s> I guess that's the acl
<ezra-s> or something similar to what the acl.ldif was trying to do in the guide
<uvirtbot> New bug: #517067 in libvirt (main) "Using virtio for block devices makes disks and partitions disappear in KVM/QEMU (using vmbuilder and libvirt)" [Undecided,New] https://launchpad.net/bugs/517067
<ezra-s> ivoks, whats the difference between an entry and a context entry?
<ivoks> no idea
<ezra-s> seems they both lead to the same thing
<Italian_Plumber> join #ubuntu+1
<ezra-s> well, im off, thx for the help people! (you specially ivoks)
<ivoks> np
<Disconnect> why is it so hard for the maintainers to understand that any answer of "the images should.." means that UEC's EC2 compatibility is -broken-?
<mrp> whats the latest kernel in karmic
<genii> mrp: They'll probably have a fast answer for you in #ubuntu-devel
<pmatulis> mrp: 2.6.31.17, but .18 is in -proposed
<Italian_Plumber> http://www.apache.org/dist/httpd/Announcement1.3.html <--- last version of apache 1.3 released
<mrp> just updated i think
<mrp> hw can i see last install packages?
<mrp> its crashing my vm
<genii> mrp: /var/log/dpkg.log might hold some clues
<mrp> genii: yup .31-17 installed
<mrp> killing it ;)
<mrp> how can i find out when -17 came in
<pmatulis> mrp: came in?  available in the archives?  installed on your system?
<mrp> came into the archive
<pmatulis> mrp: check packages.ubuntu.com
<mrp> bah doesn't say :8
<mrp> http://packages.ubuntu.com/karmic-updates/linux-image-2.6.31-17-generic-pae
<kwork> can i specify what arches apt-mirror fetches ?
<kirkland> jiboumans: ttx: http://www.itworld.com/operating-systems/94984/ubuntu-advances-why-ubuntu-server-installations-will-surge-2010?source=ITWNLE_nlt_today_2010-02-03
<kirkland> smoser: http://women.debian.org/wiki/English/MaintainerScripts
<mugwort13> Hi all, quick opinion/experience based question ... is there any real advantage to running 64bit on a server as opposed to 32bit? (services used will be samba,apache2,mysql, php,rdiff-backup,etc.)
<techsupport> is anyone familiar with sendmail? I installed it on ubuntu and can't find /etc/mail/sendmail.mc
<soren> techsupport: Wow, sendmail? Really? I didn't think anyone voluntarily ran sendmail anymore.
<soren> techsupport: Anyhow, sendmail.mc is in /usr/share/sendmail/cf/debian/sendmail.mc
<Italian_Plumber> iirc, qmail is preferred now
<techsupport> soren, thats a good question, I already have dovecot and postfix running, its just that i'm setting up OpenEMM and it says it to use sendmail http://www.openemm.org/wiki/Installation:InstallGuideDebian
<techsupport> soren, if you can help me run through this guide really quickly I would apreciate it
<soren> Italian_Plumber: Uh, no.
<soren> Italian_Plumber: postfix is where it's at these days.
<soren> techsupport: Feel free to ask questions if you run into problems. I can't guarantee answers.
<techsupport> well its telling me to isntall sendmail
<techsupport> and configure it
<techsupport> i don't know if I should really do it
<techsupport> the installation guide is way outdated
<soren> No clue. I don't know openemm.
<soren> I don't even know what it is.
<Italian_Plumber> heh... we do qmail with toaster (freeBSD) here.  FUN! :)
<alexcabrera> Hi, I'm trying to get my site running with Cherokee running on Ubuntu atop EC2. I've set up a subdomain to point to my EC2 Public DNS name, and I've tied an ElasticIP to a running instance. I can't seem, however, to get the host to respond to lookups on the subdomain.
<zul> ivoks: ping
<zoopster> alexcabrera: need to ask the obvious...you did setup the security policy to allow access to port 80?
<mathiaz> ttx: http://paste.ubuntu.com/369050/
<gholms> Anyone know who manages Ubuntu's EC2 images?
<jiboumans> smoser: ^
<smoser> indeed i do
<smoser> whats up gholms
<orudie> can someone recommend a nice program for email campaigns
<gholms> smoser: We're working on getting EC2 images set up for Fedora.  Would you mind if we called on you to help answer any questions about the processes behind that?  Getting kernels approved and whatnot?
<smoser> i'd just use ubuntu :)
<smoser> but seriously, if you need some help, yeah, i can help out.
<gholms> Awesome!  Thanks.
<smoser> there is really no "getting kernels approved". you have to get a account that has the proper acls
<smoser> and to be honest, i'm not exactly sure how that negotiation with amazon went. that was before my time.
<smoser> once you get that, there is no review, they just trust.
<gholms> Oh, all right.
<gholms> smoser: We'll be meeting in #fedora-cloud in 18 minutes if you want to sit in on it.  Otherwise I could always ping you if there are any questions for you.
<mathiaz> kirkland: lp:~mathiaz/+junk/uec-testing-scripts
<as1965> help list
<guntbert> !list | as1965
<ubottu> as1965: This is not a file sharing channel (or network); be sure to read the channel topic. If you're looking for information about me, type Â« /msg ubottu !bot Â»
<Xpistos|work> Can anyone direct me to a tutorial of a list of applications such as rkhunter that will help me keep my Ubuntu Server secure since I am a newb? Thanks in Advance?
<Xpistos|work> If it helps, my server is basically just a file server and a torrent server
<thebwt> Xpistos|work: not sure it's that simple.
<thebwt> Xpistos|work: I assume you've looked at https://help.ubuntu.com/9.10/serverguide/C/index.html
<Xpistos|work> thebwt: i started too, I have been looking over source forge's Perfect ubuntu server, but I don't need an email server
<Xpistos|work> thebwt: I guess it is going to be a lot of trial and error
<quizme> I keep getting "Connection closed by 74.208.11.211" when I try to ssh in from my Linux box, but I can get in from windows.  Anybody know why that's happening?
<Xpistos|work> quizme: did an upgrade lately did ya
<miranda_82> hello
<quizme> xpistos|work: yeah maybe
<miranda_82> i am trying to get irexec run in daemon mode at boot via /etc/rc.local
<miranda_82> but it does not work, anybody has any idea why that miught be?
<quizme> Xpistos|work did something break in a recent upgrade ?
<quizme> xpistos|work do you mean an upgrade on the server side or client side ?
<quizme> i'm using ubuntu for both client and server
<Xpistos|work> I did an apt-get dist-upgrade earlier this week and when I ssh it said the same
<Xpistos|work> I looked at the server
<quizme> it's weird, cuz I can't login from any of my unix boxes, but I can log into the server from windows...
<Xpistos|work> and it said that /Folder/ME was not present and I couldn't login
<Xpistos|work> Well samba works under a different username right?
<miranda_82> is anybody aware of a bug preventing /etc/rc.local to be run at boot?
<as1965> miranda_82: Did you check the logs carefully and see if there's an irexec error? e.g. logs : /var/log/syslog
<Xpistos|work> quizme: I am willing to bet that if you looked at the server it would say your user account was gone
<quizme> xpistos|work ok.  I'll check.  thanks for the tip
<Xpistos|work> quizme: the upgrade was on the server, i don't think I said that
<Xpistos|work> quizme: I am just going to reinstall tomorrow
<quizme> xpistos|work that makes sense.  thanks.
<miranda_82> as1965, yes, and no errors there
<quizme> rebooting to windows....
<Xpistos|work> why would you boot into windows?
<as1965> Is rc.local executable?
<miranda_82> yes it is
<miranda_82> -rwxr-xr-x 1 root root 324 2010-02-04 21:44 /etc/rc.local
<miranda_82> -rwxr-xr-x 1 root root 801 2009-09-07 19:58 /etc/init.d/rc.local
<as1965> To check it runs - perhaps add a "logger" message bfore and after - see : man logger
<as1965> i.e. before and after the irexec cmd
<miranda_82> ok
<miranda_82> give me one sec
<as1965> Also - make sure it runs OK interactively i.e. not as a daemon - run from a shell
<miranda_82> oh yes
<as1965> Perhaps then try running it from a shell as a daemon
<miranda_82> it runs
<miranda_82> and as a daemon as well
<miranda_82> ok
<miranda_82> rebooting
<miranda_82> interesting
<miranda_82> logger works
<miranda_82> seems to be irexec that refuses to run
<miranda_82> if i type /usr/bin/irexec -d manually it works
<miranda_82> if it is inside rc.local it wont
<miranda_82> bizarre
<as1965> Odd - nothing in syslog, daemon.log etc.?
<miranda_82> nothing
<as1965> I'd be afraid of messing your boot, but perhaps do some error checking/logging e.g. <cmd> 2>&1 > /tmp/irexec.log ...
<as1965> Or ask on the irexec forum
<miranda_82> yeah they are quite.. relaxed there
<miranda_82> it is very stupid
<miranda_82> i managed to get it running
<miranda_82> i created a script in /etc/init.d/
<miranda_82> and linked it
<miranda_82> so it starts
<miranda_82> however
<miranda_82> any program run from irexec, does not know where ~/ path is
<miranda_82> would HOME=/home/user/ work?
<miranda_82> it does work indeed
<as1965> No idea, sorry. I'd be temptempted to look at the source, but that might just be a waste of time
<as1965> Ask on the irexec forum (or ubuntuforum search) and see if anyone is running it on ubuntu (and what version)
<as1965> What about installing lirc from a repository (should have asked)?
<as1965> Else - grab the repo source and see how they do the init script ...
<mdeslaur> soren: dude, don,t disable the mysql ssl tests...I gave zul a patch to update the certs to 2015
<soren> mdeslaur: Where?
<soren> mdeslaur: I spent most of a day pulling hair out wondering why the heck it failed before I spotted the SSL expiry thing... and now you're telling me you knew all along and didn't fix it?
<soren> mdeslaur: You are now officially off my christmas card list.
<mdeslaur> soren: dude! zul told me he was preparing an upload, and I gave him the patch
<soren> mdeslaur: So EVERYONE knew?!?
<mdeslaur> soren: remove _him_ from your christmas card list
<soren> You're ALL off my christmas card list!
<mdeslaur> soren: I though you were on the QA team?? :)
<mdeslaur> soren: let me locate the patch for you
<soren> mdeslaur: pft. That was last month. Get with the programme. Quit living in the past.
<dosage> hi
<garymc> Hey my webserver is on the net I know the IP but I need to tunnel somehow to a polycom phone on the subnet of my server. Anyone know how I can do this?
<simmerz> Hi, any reason why a debootstrapped ubuntu install wouldn't look in /etc/apt/sources.list.d/ ?
<sarthor> Hi, How can i redirect all the my users traffice comming from 192.168.0.1/24 to 192.168.0.1:80 using iptables,(my thtpd running here) browsers traffice only.,,=
<sarthor> Hi, How can i redirect all the my users traffice comming from 192.168.0.1/24 to 192.168.0.1:80 using iptables,(my thtpd running here) browsers traffice only.,,=
#ubuntu-server 2010-02-05
<kirkland> mathiaz: http://mirror/ubuntu/iso/preseed/preseed-00-26-b9-15-86-88
<kirkland> mathiaz: why isn't this preseed yielding a CC+SC?
<kirkland> mathiaz: it keeps installing an NC
<Roxyhart0> hi phpadmin doesn't work i can log in but doesn't show me the data form my ldap, any idea?
<Darksurf> I need help with a bison webcam, M5602-s4k5aa .
<Darksurf> hello?
<uvirtbot> New bug: #517389 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/517389
<Roxyhart0> hi this bug is with ubuntu 9.10 or any version?
<Roxyhart0> Hi, i am trying to add schema in openldap and i got this error: ldap_add: Server is unwilling to perform (53)
<Roxyhart0>         additional info: no global superior knowledge
<Roxyhart0> any idea?
<jmarsden> Roxyhart0: check your syntax really carefully, both of the command and the schema data.  I think that means you are trying to add stuff outside the chunk of LDAP space your sevrer is configured to use, and it does not know how to contact LDAP servers higher up the LDAP namespace hierarchy to add it there.
<jmarsden> Most likely you just made a mistake in your command or your schema data file, but that's a guess.
<Roxyhart0> my command is:  ldapadd -x -D cn=admin,cn=config -W -f /tmp/ldif_output/cn\=config/cn\=schema/cn\=\{8\}misc.ldif
<Roxyhart0> well i think i got the error...thanks a lot!
<Roxyhart0> is my schema
<jmarsden> Roxyhart0: You're welcome :)
<Roxyhart08> wow..unfortunatelly the same error...ldap_add: Server is unwilling to perform (53)
<Roxyhart08>         additional info: no global superior knowledge. what it means
<stanley__> hello
<jussi01> Could anyone give me some help with creating a shared calendar solution on an ubuntu server? we already have mailserver, fileserver and svn setup, but I need to implement a shared calendar, accessable from thunderbird, (windows and linux), evolution and kmail.
<stanley__> hi, I'm a noob, Is it possible to run apache as <user> instead of www?
<jussi01> stanley__: may I ask why you are trying to do that? what is it you are trying to acheive?
<stanley__> i wanna run a joomla! for testing and template modifications before i put it online and if all my files are owned by <user> then there is a permissions issue when php/apache tries to access and modify files
<stanley__> i got around it for a while by using midnight commander as root and copying all my files to /var/www/ with mc
<stanley__> and then set everything to 777
<stanley__> ?
<as1965> If all apache needs is to read/display html, only read access is needed.
<as1965> If apache needs to *write* files (modify) make sure the files have write access for the user apache runs as i.e.
<as1965> Apaches runs as user/group www-data/www-data
<as1965> So, to let apache read and write a file, make sure :
<as1965> perms : 664 (say) i.e. rw-rw-r--
<as1965> ownership : <user>.www-data (say, for whatever user)
<as1965> Make sure you understand ramifications of file write access like this - check security docs. Lots of web sites are being hacked.
<PeoplesAdvocate> Hello all, I need help updating the intltool for Ubuntu Server 8.04.4, im having trouble building a application because it is not a newer version, any ideas?
<uvirtbot> New bug: #517463 in ntp (main) "ntp crashes after installing it out of "Time & Date" in System-Menu" [Undecided,New] https://launchpad.net/bugs/517463
<pts_> when setting up DRBD, should I look at heartbeat or openais with pacemaker? Got the impression that heartbeat is better implemented in Ubuntu, but that it's "legacy"...?
<_ruben> heartbeat's still maintained, but it's no longer a complete stack, but only a messaging layer
<_ruben> legacy heartbeat is an all in one product for ha
<pts_> ok, I see. Guess pacemaker/corosync would be the way to go. Corosync is the openais implementation that is used if I got it right. Quite a jigsaw puzzle this :)
<_ruben> i still need do the migration myself .. still using legacy heartbeat ;)
<pts_> Me and my collegue is setting up a storage-ssytem at the school we're working at, and after some research DRBD seems the obvious choice, but there quite alot to read up on since this totally new to both of us. You think the usage of Ubuntu as the platform will be a wise choice?
<_ruben> i have experience with slackware/redhat/suse/ubuntu, of those ubuntu appeals to me the most
<_ruben> especially with the given choice of bleeding edge and lts
<ivoks> main volounteer?
<pts_> that's what we concluded with too, but I've got the impression that drbd/high availabilty is quite new in Ubuntu?
<stimble> anybody happen to know when networking comes up in the initi process
<stimble> i only see it in runlevels 0 and 6
<stimble> which doesn't make sense to me
<Italian_Plumber> update servers appear to be slammed
<bogeyd6> 8.04.4 needs landscape-common
<bogeyd6> Italian_Plumber, lots of goodies out there to update
<Italian_Plumber> appparently. :)
<Italian_Plumber> good thing I run my own apt-cachers
<bogeyd6> cool story bro
<c0dem4gnetic> http://pastebin.com/m22a69e01 is how im now running vmbuilder... with that definition i should be able to ping the guest, from the host, on 192.168.0.101?
<c0dem4gnetic> trying to avoid bridging
<bogeyd6> dunno c0dem4gnetic i differ from the ubuntu team because i prefer vmware
<bogeyd6> !vmware
<ubottu> VMWare is not available in the Ubuntu repositories. Consider using !QEmu or !VirtualBox as alternatives. Instructions for installing VMWare manually are at https://help.ubuntu.com/community/VMware
<Italian_Plumber> vmware used to be available in the repositories.  Ah, memories. :)
<c0dem4gnetic> tried vmware but needs some hackish patching for 9.10
<bogeyd6> naw
<c0dem4gnetic> and i couldnt get host-only networking running :)
<bogeyd6> but
<bogeyd6> !virtualization
<ubottu> There are several solutions for running other operating systems (or their programs) inside Ubuntu, while using the native CPU as much as possible: !kvm is the preferred approach in Ubuntu.  See also !QEmu (with !KQemu), !VirtualBox, !VMWare, as well as !WINE and !Cedega for Windows applications
<bogeyd6> wowzer, even the anl mirror is slow
<Italian_Plumber> Fetched 8902kB in 8min38s (17.2kB/s)
<Italian_Plumber> that's on an apt-get update
<bogeyd6> anl.gov is like literally out my isp's routers backdoor
<_ruben> local repositories ftw :)
<stickystyle> Never come across this before, is it valid to have a zone file that has a contact email that has a dot in it before the '@'?  i.e. some.user.example.com
<ivoks> that's the general rule
<ivoks> username.domain.com
<stickystyle> yeah, I know that's how you do it. but can you have the extra dot in username?
<ivoks> why not?
 * stickystyle shrug
<stickystyle> not sure.  searched around to see if that was a valid thing to do but didn't find anything
<ivoks> i do see what could be an issue, but don't know exactly if that's not allowed
<stickystyle> just never done it before
<cyphermox> stickystyle, you should try it to see. usually though, it's just hostmaster.domain.com or something similar, which is handled as an alias for another account at the mail server level
<cyphermox> i'd expect it works though, and just considers domain.com as the domain, since it's already defined as the zone is loaded... keeping it an alias has an advantage though: it's easier to change what it points to than to change the email in the zone SOA record if somebody else should receive that mail
<stickystyle> Hum, passes with named-checkconf.  Just wanted to see if anyone else had done this as it's a production server, let's see what happens....
<cyphermox> stickystyle, maybe run a dns check on it... say http://www.checkdns.net/quickcheckdomainf.aspx
<stickystyle> And....no named errors, server still returns queries for that zone (private zone so no web based checking tools).   I guess that's a little bit named trivia that everyone gained today :)
<cyphermox> stickystyle, indeed. right now, I certainly can't think of an use for this field anyway... except maybe for the registrar?
<stickystyle> yeah, not really sure why it would be used registrar wouldn't even come into play as it's not public. but if I get a ticket to change it, then I do.
<_ruben> the contact email field in soa records are pretty bogus
<ezra-s> Offtopic. Any one with weblogic experience?
<diago> I would like to setup an IM server for our office. What app will allow me to do this?
<jpds> diago: Do you want IRC/Jabber? Sounds like Bonjour will do what you want.
<mealstrom> jabber / irc server ?
<diago> I'm not sure what the diffs are but I would like to be able to send files
<jpds> Are all the machines running Ubuntu?
<diago> yes
<diago> the ones I care about anyway
<jpds> diago: Then try adding Bonjour accounts on Pidgin on the machines.
<diago> ok cool, I just read about that. All you have to do is add it and it works?
<jpds> Yep.
<diago> Damn, I wish everything was that simple
<diago> Do you know if there is a way to password protect it?
<jpds> Not that I know of, it runs on Avahi.
<diago> Is there a windows client?
<stickystyle> also note that bonjour based IM will only work within the subnet all the clients are in.
<jpds> It runs as a plugin in Pidgin.
<stickystyle> pidgin has a windows client
<diago> Ok cool. Thanks everyone. I will check it out. I just don't want anyone pickup the conversations.
<diago> s/pickup/picking up/
<pts_> I'm reading the documentation for DRBD and pacemaker. I've installed the pacemaker-openais version, but the documentation on DRBD is pointing to /etc/init.d/openais and openais.conf, but the closest I have is corosync (which looks right though). Is it ok to assume that they are the same?
<ZirdKust> Hi there... Anyone from Bournemouth or Lowestoft?
<resno> whats logs should i check to make sure the server is "secure"
<Temptest> hi
<Temptest> need help . ... hheeeelp
<Temptest> *g*
<Temptest> i have to fill my hdd with random data
<MagicFab> Temptest, so..?
<Temptest> but it is my systemdrive ... so i dont want to overwrite any
<Temptest> only fill of
<Temptest>  dd if=/dev/zero of=/some/mount/point bs=4k
<Temptest> overwrites that my data ?
<Temptest> hmmm, any idea for fill up my drive ?!?
<stickystyle> resno: the correct answer should be all of them, but that's very fun with a lot of servers.  Install logcheck and have it monitor your logs for any anomalies.
<stickystyle> *but that's NOT very fun
<resno> stickystyle: ive never done any log monitoring, which is why i am interested
<resno> ive been very security lax up till now
<stickystyle> auth.log and syslog are a good place to start
<resno> is logcheck better then munit and moncheck, i think its called
<stickystyle> but do look into logcheck as it will help filter out things that are not really important
<stickystyle> not familiar with either of those.
<resno> oh ok
<Temptest> fills up or overwrites dd ?
<resno> stickystyle: does logcheck require email to be setup?
<stickystyle> yes it does send the results via email.  however that doesn't mean it requires a full blown MTA like on the box, you can get away with (as i do) something like nullmailer on the server which then sends via another mail server.
<_ruben> Temptest: why would you want to fill up your hdd anyways? either way, dd can do both (overwriting and filling up)
<Temptest> because i have offline uncorrectable failures
<Temptest> raid rebuild stops always @_ruben
<Temptest> so i did this how to's > http://smartmontools.sourceforge.net/badblockhowto.html
<Temptest> but the bad sector is empty so i have to fill up the disk, that all sectors become relocated
<Temptest> point : Unassigned sectors on the page link gave some lines ago
<_ruben> Temptest: so you want to rebuild your raid, but the "good" (source) disk is also bad ?
<Temptest> yes
<Temptest> big failure isn't it, its a firm-pc
<Temptest> they took two hdds with nearly the same SN ... epicfail!
<_ruben> had the same on my fileserver at home (raid5 over 4 disks) .. i used dd_rescue to clone the bad disk to a fresh disk .. raid rebuild (using yet another fresh drive) went flawlessly
<Temptest> now i bought two hdds with 2month difference and want to make a rebuild, but it stops at block 12163
<Temptest> fill up the hdd may help that the disk make her own fail-check smart-internal magic .. what ever .. i did a lot, need help .. ahhhh
<_ruben> after that i used the disk's vendor tools to do a full scan/wipe
<_ruben> might use that disk to expand the raid :p
<wizzy_> hello people
<wizzy_> i am planning on hosting 3 web sites on my server
<wizzy_> where in apache should i write it so apache will read it?
<wizzy_> .../etc/apache2/sites-enables/defaults?
<stickystyle> wizzy_: create a conf file for each site in apache2/sites-available, then use #sudo a2ensite %conf_file_name% and it will create a symlink from sites-available to sites-enabled
<wizzy_> thank you
<wizzy_> that will work for forum/blog based sites as well right?
<stickystyle> for sure
<wizzy_> then for each site folder in /var/www right
<thefish> hey guys, anyone seen this wierdness: i have a dell M600 blade with 804 server installed
<thefish> it will boot fine, but no network
<thefish> if i then console log in, restart networking, its fine again
<thefish> broadcom netextreme II nic
<stickystyle> wizzy_: doesn't have to be, each sites folder can exist wherever (pretty much) you want it to per the sites DocumentRoot setting in its config file
<wizzy_> ok thank you
<thefish> BCM5708S ^
<stickystyle> wizzy_: in fact if you still have (and intend to leave) the default config enable I would not put the sites in /var/www as their contents could be accessed by the default site
<stickystyle> because the default site uses /var/www as its DocumentRoot
<wizzy_> so i should just stick my sites into other folder
<stickystyle> if you don't use the default site, then just do $sudo a2dissite default and you could put things in that dir just fine (thats what I do)
<wizzy_> thats command for dissabling default
<stickystyle> thats the opposite command of a2ensite.
<stickystyle> https://help.ubuntu.com/8.04/serverguide/C/httpd.html
<ivoks> !!!!
<wizzy_> i got lost in that file
<wizzy_> can you point me to some example file
<wizzy_> i didnt do this loong time already
<wizzy_> wait
<stickystyle>  /etc/apache2/sites-available/default <- sample
<wizzy_> yea i see but where should i write name of website
<stickystyle> ServerName
<stickystyle> I guess that's not in the default conf file
<wizzy_> its not
<wizzy_> :(
<ivoks> Omahn: here?
<wizzy_> stickystyle
<wizzy_> i changed default and made it myweb.com int here i added Servername myweb.com and i am getting error
<wizzy_> "could not reliably determite the servers fully qualified domain name , using 127.0.1.1 for servername
<stickystyle> wizzy_: thats fine, just a notice, not an error.
<wizzy_> oh ok
<stimble_> anybody know how to insert an init script to run before networking comes up?
<kirkland> jdstrand: hi
<kirkland> jdstrand: the latest libvirt upload breaks eucalyptus instances, something apparmor related
<kirkland> jdstrand: nurmi has details
<kirkland> ttx: http://mirror/ubuntu/iso/pxe/
<tomaszf> hello all ... jiboumans: you around ?
<jiboumans> tomaszf, hi
<jiboumans> tomaszf: heading to the airport in an hour, what's up?
<tomaszf> give me an email address to use for you. want to put you in touch with some wikimedia ops guys
 * tomaszf is excited to get that ball rolling
<jiboumans> likewise :) who're you sending my way?
<tomaszf> rob and others. want to hear more about ubuntu virt offerings
<jiboumans> tomaszf: absolutely, happy to do so
<jiboumans> meeting time &
<alex88> hi, i've installed zend packages, restarted apache, but still it can't find in path
 * ninjah is fixing a broken mail server...
<orudie> when I restart apache2 , here is what I see http://pastebin.com/m184cf240
<uvirtbot> New bug: #517714 in libvirt (main) "[Lucid] Error starting domain: could not remove profile" [High,Incomplete] https://launchpad.net/bugs/517714
<Pici> orudie: Thats just a warning, it can be safely ignored.  If you want, you can set ServerName to something in one of your config files to make it go away.
<orudie> Pici, well i actually plain to use a domain with this marticular box, so what is the proper way of configuring it
<orudie> shouldn't the hostname say www.domain.com ?
<sub> generally I add the server's hostname to /etc/hosts with it's forward-facing IP
<sub> whether you want it to be www.domain.com or just domain.com is up to you (or both)
<Pici> You should be able to add ServerName yoursite.com   to your site's config file.
<qman__> orudie, servername should be (literally) the server's name
<qman__> so if your hostname is server, and you're in domain.com, servername should be server.domain.com
<qman__> it has nothing to do with the names of the sites you're hosting
<qman__> for example, my internal name is home.local, and a server running apache is called tank. That server's name is tank.home.local, and that's what goes in ServerName, even though the website it's hosting is using qman.strangled.net
<mathiaz> kirkland: https://wiki.ubuntu.com/AWSClientLibraries
<orudie> what is the log file for php mail ?
<mindworx> what is the command to open up mail?
<mindworx> besides mail?
<uvirtbot> New bug: #516373 in eucalyptus "Support for using a separate file for the NODES list" [High,In progress] https://launchpad.net/bugs/516373
<mindworx> anyone on the mail command?
<soren> bug 464646
<soren> uvirtbot: You suck.
<uvirtbot> soren: Error: "You" is not a valid command.
<soren> bug 455555
<smoser> kirkland, https://bugs.launchpad.net/ubuntu/+source/ec2-init/+bug/517239
<smoser> jdstrand, can you flip cloud-init from universe to main ?
<jdstrand_> smoser: done
<smoser> danke
<hackeron> hey, anyknow of any opensource central syslog/logcheck solutions?
<kirkland> ttx: https://edge.launchpad.net/ubuntu/+source/eucalyptus/1.6.2~bzr1176-0ubuntu1
<mindworx> any reason why mail wouldnt be sending on my ubuntu server
<as1965> mindworx: how are you sending mail?
<mindworx> i installed mutt
<mindworx> i send one to an account that has a domin on the server
<mindworx> and it works
<mindworx> i send one to a gmail account and no bueno
<as1965> What mail server are you using? Postfix or something else?
<mindworx> sendmail
<as1965> OK - I don't know sendmail (and don't want to). Postfix is standard on Ubuntu - why use Sendmail?
<mindworx> idk
<mindworx> but is it possible gmail is rejecting my emails
<as1965> idk?
<as1965> Check you mail log e.g. /var/log/mail.log? Maybe a rejection, maybe a delay?
<zorzar> hi is there a way to exclude dependencies from packages? i run a hadles ubuntu server without X an a packege depends on X but i don't want to install it
<stimble_> anybody know how to insert an init script to run before networking comes up?
<stimble_> networkig seems to only be in runlevel 0 and 6, which seems odd to me
<stimble_> im stumped
<stickystyle> stimble_: I'm pretty sure it would be done in the upstart scripts now, but I don't have a machine newer than 6.06 handy ATM.
<stimble_> yeah, are those somewhere different than /etc/rc?.d/* ?
<stimble_> i havnt really grokked the whole upstart switch yet
<stickystyle> yep.  upstart is supposed to replace SysV scripts, so it wouldn't be in rc.d
<stimble_> ok, do by chance know where to look?
<stickystyle> not off the top of my head sorry, all my servers are 6.06.  just trying to send you in a different google search path so perhaps you can find your answer.
<stimble_> ok, thanks
<stimble_> i will search down the upstart path then
<as1965> stimble: if you want to run a script before an interface is brought up, perhaps look at the if-pre-up scripts in /etc/network - also : man interfaces
<uvirtbot> New bug: #479955 in samba "[SRU] winbind authentication fails after karmic upgrade" [High,In progress] https://launchpad.net/bugs/479955
<smoser> ttx, https://bugs.launchpad.net/ubuntu/+bug/517696
<uvirtbot> Launchpad bug 517696 in ubuntu "add package cloud-utils" [Medium,In progress]
<erichammond> One of our Ubuntu 8.04 Hardy servers recently had a large jump in "system cpu" usage (apache2 processes).  Is there a way to see what kernel level services are being actively used?
<tbc> erichammond: does top(1) help?
<erichammond> tbc: top, atop, munin, etc. let us know that system CPU is being used and that the apache2 processes are the ones using it, but I'd like to know what is being done in tye system/kernel level.  E.g., system calls, general areas of the kernel.
<tbc> *nod*
<tbc> Hmm.
<tbc> erichammond: stab in the dark. How about collectl?
<tbc> I've heard Mark Seger talk about that. Seems to be uber analytical and thus uber useful.
<erichammond> tbc: Do you mean collectd?
<tbc> nope
<tbc> http://collectl.sourceforge.net/
<tbc> erichammond: I'd very much like to hear if collectl helps you. I haven't had a need for it but am always looking for testimonials. Mark is a friend of mine.
<erichammond> tbc: Thanks.  I'm studying the documentation now.
#ubuntu-server 2010-02-06
<tbc> I figured you were quietly reading. :)
<tbc> erichammond: I'm reminded now of sar, too.
<erichammond> tbc: I've used sar casually but I think it only reports at the same level as the rest of the tools (i.e., user, system, iowait, nice, steal, ...)
<tbc> erichammond: that's what I read in the collectl docs just now. Thus collectl may help you more than other tools you've tried.
<erichammond> Based on my speed reading so far, collectl seems to be similar, unless there is a plugin which does something more.
<tbc> ah
<tbc> You might at least write to the list of post on the forum to see what that crowd has to say.
<erichammond> As it turns out, we may have identified the cause through other means.  I just noticed that the fork rate increased at the same time on the munin charts.
<ja660k> is there an x86 version of ubuntu server?
<ja660k> !x86
<erichammond> tbc: We think we've tracked the cause down to the invocation of an external process to calculate MD5 signatures instead of using the CPAN MD5 package.  Testing the fix soon.
<tbc> glad to hear that
<wweasel> I have a frustrating problem with my Ubuntu server install. It periodically goes into some sort of suspend state, where it doesn't respond to ping/ssh, etc. and, more strangely, doesn't keep the system time advancing.  If I touch a keyboard key it immediately wakes. Could anyone help me figure it out?
<erichammond> tbc: Thanks for your ideas.  We track average page generation time with munin graphs.  After our last release, that jumped up a bit (200ms) which we correlated with a jump in system CPU and then to a jump in forks.  Then, examining the deltas in the revision control we identified the culprit.
<tbc> Excellent!
<erichammond> I love web development with fast release cycles.
<tbc> heh
<tbc> ja660k: re. !x86 architectures. Yes. See https://help.ubuntu.com/8.04/installation-guide/i386/hardware-supported.html
<tbc> People should hang around a little longer for answers. J
<tbc> wweasel: Did you install only server packages, or is X also running?
<wweasel> tbc, server packages only.
<tbc> erichammond: yeah, no problem w/fast releases as long as troubleshooting velocity keeps up. IRC rocks IMO.
<wweasel> It's on a laptop, but obviously AC connected.
<tbc> wweasel: sounds like some random laptop package is trying to save on power. But I haven't encountered that before. Sorry.
<wweasel> tbc, Yeah :/ It would be nice if I could even know what exactly is happening. Would you know which log file I ought to look through? It's not clear to me.
<tbc> wweasel: /var/log/messages
 * tbc is guessing now
<tbc> wweasel: Send 'ps -fe' to http://ubuntu.pastebin.com/ and I'll have a look.
<tbc> wweasel: make that 'ps aux'
<wweasel> http://ubuntu.pastebin.com/m7c27bf38
 * tbc reads
<wweasel> wait wait, that was ps -fe
<tbc> np
 * tbc has old habits
<wweasel> shall I pastebin ps aux as well, or no worries?
<tbc> Yes, let me see that, too.
<wweasel> http://ubuntu.pastebin.com/m58a456a4
<zorzar> hi is there a way to exclude dependencies from packages? i run a hadles ubuntu server without X an a packege depends on X but i don't want to install it
<tbc> wweasel: you're running some KDE processes. Those are desktop packages.
 * tbc didn't expect server edition to install KDE
<wweasel> hrm. That's really odd, I don't think I've installed any KDE packages at all.
<tbc> I've seen KDE get sucked in when I've installed an app that uses a GUI. zorzar: you're asking something similar. I'm new to the server edition and may be wrong, but I can say that if one is running a server one should be able to get along w/o X.
<tbc> We need a tool that shows all installed packages and what they depend on. I'm sure it exists, but I'm rusty.
<wweasel> yeah, I mean no X applications
<tbc> *nod*
<wweasel> I just pastebin'd my dpkg --get-selections
<wweasel> that's all my installed packages
<tbc> *chuckle* wweasel - URL, please?
<wweasel> http://ubuntu.pastebin.com/m1845464c
<tbc> reading...
<wweasel> Like, I'm not all that advanced a linux user, but I've also been using linux for a while. The closest thing I've installed to a desktop app is Deluge.
<wweasel> but I installed the backend and run a gtk client on my desktop
<tbc> Sounds reasonable.
<wweasel> and even then, that wouldn't have any kde dependencies - it's gtk
<tbc> yup
<wweasel> I wish I could get you the list of installed packages on a clean install and just show the diff with my install.
<tbc> np
<tbc> We can get that. Still thinking...
 * tbc thinks his KDE suspicion was wrongheaded
<wweasel> I'm pretty sure there's no desktop components installed
<wweasel> it's a recent install (1 month)
<wweasel> so all the packages i've installed are in my recent memory :)
<tbc> wweasel: sorry, I have to go soon, but have a look at this list: http://ubuntu.pastebin.com/d580449e0
<tbc> Those are the obviously-named kernel daemons
<tbc> I think instead of a package you have some ACPI event putting your system in a less-than-fully-conscious state.
<tbc> But that's only a hypothesis. I could be wrong.
<wweasel> what about them?
<wweasel> It's plausible
<wweasel> The last time I was troubleshooting, the guy I was working with suspected it might be ACPI-related
<wweasel> And suggested I start the server with the kernel parameter acpi=off
<wweasel> In fact, that's how it's running right now, and no luck...it still suspends.
<tbc> ah
<tbc> For instance, why would kgameportd be running on a server? I don't think that daemon needs to run.
<wweasel> Not sure. Do you have a server install? Check if it's running.
 * tbc only has a notebook running Linux atm
<wweasel> hrm
<wweasel> Well, it's something power-saving related
<wweasel> It wouldn't seem to be suspend, because it wakes *instantly* on a keyboard press
<wweasel> so it's more likely "standby" state.
<tbc> Yeah. Waiting for user IO.
<wweasel> yeah
<tbc> I've never seen anything so crude it shut off so much, though. That's what intrigues me.
<wweasel> It's an old eMachines laptop from 1994...
<wweasel> sorry, 2004
<wweasel> not 1994.
<wweasel> big difference :P
<wweasel> it also has corrupted video ram, making odd distortions on the screen. but that's irrelevant as well.
<tbc> Heh.
<tbc> I have an old Compaq with a broken display. Boots fine. Nice server admin'd via ssh. But I haven't turned it on in years.
<wweasel> yeah, that's the idea with my eMachines. less power hungry than a tower, completely unusable as a desktop (even the VGA-out is corrupted by the video ram)
<wweasel> i'm presently wondering if I should try booting with acpi=off, apm=off
<tbc> That sounds like something to try. After all, you can easily reproduce this problem, right? How long does it take?
<tbc> For it to go semi-conscious?
<wweasel> I haven't timed it. I don't think it's consistent either.
<wweasel> But generally in about 15 min - an hour.
<wweasel> so easily reproducible
<wweasel> although it's very weird: "By default, hibernate/standby is disabled on the server edition", according to the internets
<tbc> But it's neither suspending nor hibernating.
<wweasel> no, but it's standby-ing.
<wweasel> I think
<tbc> My first guess was a screensaver. But that's too obvious.
<wweasel> I had a ubuntu wiki page describing the difference between the three
<wweasel> Well, it does know to turn off the laptop's screen after a certain period of IO inactivity.
<wweasel> and does so even though I have acpi disabled
<tbc> But screen blank shouldn't be causing the other brain damage.
<tbc> So I'm intrigued.
<tbc> Could be a bug.
<wweasel> Indeed. Apparently it's not just a screen blank
 * tbc likes bugs
<tbc> bugs are a chance to improve the system
<tbc> for everyone
<wweasel> could be. would probably have to be reproducible on another system though
<tbc> Finding them, that is.
<tbc> Yeah. But if you can reproduce, it could enough to find & fix.
<wweasel> Yep
<wweasel> Alright, well, I'm trying acpi=off apm=off.
<wweasel> And going to go have dinner.
<wweasel> Much as it's kind of curious, it's also REALLY frustrating.
<tbc> I can imagine. I'll be online for a while yet.
<wweasel> Alright, I'll be back later! Thanks for all of your help
<tbc> Glad to be here.
<jolaren> Hello. I'm trying to install ubuntu server form usb.. but it keeps saying Could not find kernel image: Linux boot:
<jolaren> What could be the error?
<stimble_> do you get past the grub menu to select the image?
<jolaren> stimble_;
<jolaren> No it's just at the start
<jolaren> SYSLINUX 3.63 Debia-2008....
<stimble_> so you don't even see the grub menu?
<jolaren> No
<stimble_> have you installed grub to the usb device?
<stimble_> grub-install /dev/sdb
<stimble_> or similar
<jolaren> I'm using unetbootin
<jolaren> I'm trying to boot of the usb device
<jolaren> and install ubuntu server
<stimble_> i dont know anything about unetbootin
<jolaren> simple well used linux boot usb
<stimble_> your machine does not support direct netowrk booting?
<stimble_> that might be a better bet
<jolaren> I'm burning a new usb now
<jolaren> Is it easy to install a server with pxe btw?
<stimble_> unetbootin looks pretty cool tho
<jolaren> yer its great
<stimble_> i'd never heard of it
<jolaren> been usin it for years
<stimble_> pxe works, yeah
<jolaren> i have no experience of it
<jolaren> my dell poweredge 750 searches for pxe at boot
<jolaren> if set to it i.e
<jolaren> I've tried hookin up a cd rom reader etc to it but dun work
<jolaren> last option is to move the hdd to a friends house
<jolaren> and install it over there
<jolaren> but, how easy is it with pxe?
<stimble_> its not too tough
<stimble_> u just need a tftp server, and dhcp setup
<stimble_> and grap the netbooot images
<stimble_> confiugre tftp to server em up
<jolaren> bah
<stimble_> and dhcpd to tell the requester to request the netboot image
<jolaren> settin that up on me netbook is gay
<stimble_> not easy peasy, but doable
<stimble_> ha
<jolaren> tried to hook up the s-ata disc to my ion
<jolaren> ion asrock 330
<jolaren> but apparently they have their own hyped s-ata cables
<jolaren> kinda bugs me
<jolaren> i have to setup mythbackend on a crap computer now
<jolaren> cuz my srv wont boot
<bogeyd6> what does 'wont boot' mean/
<jolaren> well
<jolaren> it boots to a concurrent old installation of fedora
<jolaren> but I can't manage to insatll anythin to it
<jolaren> or
<jolaren> how can i put it
<jolaren> I can't reinstall.. like wipe it all out
<jolaren> and
<bogeyd6> this is ubuntu server channel
<jolaren> yer I knw
<jolaren> know
<jolaren> I want to install ubuntu server
<bogeyd6> ok then when you boot the server cd, then it comes times to setup partitions go manual and set mount points and set format = no on them
<bogeyd6> it will install over what is there with the things from the server cd
<bogeyd6> anything else will be left alone
<jolaren> yer but ya not followin bogeyd6
<bogeyd6> also, make sure you setup a different user
<jolaren> well
<jolaren> this old comp
<jolaren> will probarly boot just fine
<jolaren> from ubuntu server from a usb
<jolaren> but my poweredge 750
<jolaren> I just cant get it to boot
<jolaren> dno how ima solve it
<bogeyd6> i dont know how to solve a fedora booting problem, try 3fedora
<bogeyd6> hmm this is a new keyboard and the keys still dont work, yet a usb keyboard will
<jolaren> a fedora booting problem?
<jolaren> uhm
<jolaren> an installation problem
<jolaren> that it currently concures fedora is just a side-note
<jolaren> not installed by me
<jolaren> I want to wipe it clean
<jolaren> as i said earlier
<bogeyd6> hmm, my control keys dont work either so no copying pasting
<jolaren> dat blows
<bogeyd6> so you want to wipe the server clean
<jolaren> yer
<jolaren> i've tried almost all versions there is of it
<jolaren> but i mean
<jolaren> next step is either to bring the hdd to a friend
<jolaren> or borrow and external cd reader
<bogeyd6> dariks boot and nuke
<bogeyd6> wipes the hdd completely clean of anything and you can start all over
<jolaren> well
<jolaren> i cant boot of anything
<jolaren> ive tried usb
<bogeyd6> but im confused because the ubuntu server cd install will re-do the partitions
<jolaren> cd
<bogeyd6> ok, so its a hardware problem/
<jolaren> well
<jolaren> not really a problem
<jolaren> or not really a hardware problem
<jolaren> more lackthereof
<bogeyd6> you are making absolutely no sense at all
<bogeyd6> the server wont boot a cd, yet its not a cd probme
<bogeyd6> did you check the bios to change the boot order to cd, usb, then hdd
<jolaren> ofcourse, but it's all fuzzy
<jolaren> the fudge
<bogeyd6> ok, im done, good luck
<jolaren> this is like the fifth usb i've burnt
<jolaren> that says
<jolaren> could not find kernel image: linux
<bogeyd6> how do you burn a usb
<jolaren> unetbootin
<stimble_> jolaren: can you boot another machine from the usb
<bogeyd6> it is possible the server wont boot usb
<stimble_> does it only fail on the poweredge
<bogeyd6> lots of computers wont install from an external usb dvd drive
<stimble_> yeah, lots of older hardware dont support usb boot
<jolaren> well
<jolaren> well now im not trying to boot the server
<jolaren> i'm trying to boot annother computer
<jolaren> a old one
<bogeyd6> a brand new at the time dl 380 wouldnt install windows from external dvd drive either
<jolaren> stimble_;
<jolaren> ye
<jolaren> stimble_; Other machines boots good
<jolaren> strange
<jolaren> probarbly bios settings
<stimble_> well, then that machine just dont support usb boot
<stimble_> so use cd or pxe
<jolaren> well
<jolaren> isnt it strange
<jolaren> that I get up the loader?
<jolaren> The
<bogeyd6> not strange at all
<jolaren> SYSLINUX 3.63 Debian-2008...
<jolaren> Okay..
<stimble_> jolaren:  the answer is CD or PXE
<stimble_> stop fighitng it i say
<stimble_> or take the drive out and install to it from another computer
<jolaren> stimble_; well i guess ill have to get a cd tomorrow then
<jolaren> but then i might aswell try to run over to a friend
<stimble_> or pxe
<jolaren> just wonder who has sata discs
<jolaren> pxe seems complicated
<jolaren> allthought
<stimble_> a chance to learn:-)
<stimble_> its not that bad
<stimble_> not cake, but not terrible
<jolaren> well but still lad
<jolaren> reckon if i lay 3 hours of my time doin that
<jolaren> and it wont work
<jolaren> reckon my rage
<jolaren> tho stimble_
<jolaren> would an external cd drive work or should I just go hunt a friend
<stimble_> no pain, no gain
<stimble_> usb is your prob im thinking
<stimble_> so would not count on usb cd
<stimble_> i would at least try pxe
<stimble_> there are lots of docs and howtos on it
<jolaren> yer ive seen plenty
<jolaren> but their pretty intense
<jolaren> and in some cases you need floppies?
<stimble_> picka good one
<stimble_> and u dont need floopies
<stimble_> so dont pick one of those
<jolaren> will be easier to just hope some of my friends
<jolaren> has a computer with a s-ata drive
<Roxyhart0> Hi there iam tring to install a new schema and i am getting this error : ldap_add: Server is unwilling to perform (53)
<Roxyhart0>         additional info: no global superior knowledge
<Roxyhart0> any idea?
<jMyles> I'm trying to stream ffmpeg using ffserver, but when a client tries to connect, I get an error message: "Error writing output header."  Not much in the way of help from our or other forums.  Anybody seen this?
<tbc> Roxyhart0: I googled and found this. Does it help? http://www.openldap.org/faq/data/cache/1322.html
<Roxyhart0> thanks tbc.i read that but still i can't see where is the problem in my cnfiguration as i follow the configuration guide exatly that it say
<bizkit> how do i generate a text file of all the installed packages on my ubuntu server?
<jmarsden> bizkit:  dpkg --get-selections | cut -f1
<jmarsden> ah, wait...
<jmarsden> dpkg --get-selections | grep -v deinstall$ |cut -f1
<tbc> Roxyhart0: you'll have better luck connecting with LDAP community. I'm not an LDAP expert.
<Roxyhart0> if i declare dc=mydomain, cd=edu,dc=au. Ahould I declare also dc=edu adfter that?
 * tbc wonders if someone else on this channel can help Roxyhart0
<jmarsden> tbc: Without (more or less) doing all his LDAP schema creation work for him, probably not.  I think at this point Roxyhart0 needs to better understand LDAP and openldap, and then create a working ldif file to add the new schema.  See http://www.openldap.org/doc/admin24/guide.html and (for adding/extending schemas) especially Chapter 13 of that guide.
 * tbc didn't think Roxyhart0 had picked the best channel for his question
<jmarsden> That's probably true too.  I spent some time yesterday (or the day before?) helping him get openldap installed and working, BTW.
<tbc> jmarsden: on this channel?
<Roxyhart0> who is him?
<Roxyhart0> i am her
<tbc> Roxyhart0: I'm sorry, Rosa. I should have checked your info.
<tbc> d'oh
<tbc> That was jmarsden's error. :)
<jmarsden> tbc: Yes.  Roxyhart0: My bad.  Anyway, do read the guide and see if it helps you understand what is going on.
<Roxyhart0> thanks :D
<tbc> So Roxyhart0 do you need help connecting with the OpenLDAP folks?
<tbc> I've been meaning to look up a friend who's an LDAP expert. I'm wondering if he's active in the OpenLDAP community.
<Roxyhart0> really? if he is still in the comunity could be great talk with him
<tbc> Roxyhart0: start here: http://ostatic.org/openldap
<Roxyhart0> do i need to configurate or add to the tree manually cn=schema?
<tbc> Roxyhart0: I don't know. Your best course of action is to visit http://ostatic.org/openldap and join their community. It's late and I need to reboot. I'm https://launchpad.net/~tbc0 - I'll be online tomorrow if you still need help connecting with them.
<Roxyhart0> thanks very much
<tbc> yw
<achew22> Does anyone know if eucalyptus has support for amazon style elastic map reduce?
<astevens> ls
<astevens> oops, sorry :)
<macrocosm> anyone ever recovered data from a mdadm raid who's superblocks were screwed n chewed?  Ive read a gazillion things googling but nothing seems to work.  Im running xfs_repair /dev/md0 right now but nothing yet, it keeps saying "found candidate  secondary superblock ... unable to verify superblock, continuing"  Is there another way to replace the superblocks?
<macrocosm> Whats the expected amount of time to let this run?  There is barely any data on the raid, just a couple hundred megs.
<macrocosm> trying TestDisk now... normally my obsessive backups would save my ass right now but they silently failed 6 important working days ago .. isnt that nice!
<uvirtbot> New bug: #516083 in eucalyptus (main) "Missing jar file when Walrus/S3 runs on different host than CLC" [Medium,Fix released] https://launchpad.net/bugs/516083
<chilicuil> what files does ubuntu change to share folders while setting them up in the X system?, coz I've shared some of them in that way and I don't see them in the /etc/samba/smb.conf file
<Roxyhart0> somebody know a guide to instal postfix, ouried idmap with ldap?
<macrocosm> strange Testdisk found Ext2 superblocks in my XFS drive.  That doesnt seem proper ... and may be why xfs_repair wouldnt work.
<Roxyhart0> somebody had a doc how to instal postfix with ldap support?
<jmarsden> macrocosm: Sounds like maybe it was really ext2 or ext3?  In which case, go back to the images of the raw partitions from before you ran xfs_repair, and try again using e2fsck and friends?
<macrocosm> im certain its an XFS drive though, strange
<macrocosm> maybe thats how ive screwed this up ... I must have done something that overwrote the superblocks as ext2
<jmarsden> macrocosm: Only the superblocks?  How would you do that?
<macrocosm> I have no clue.. my apache stoped working and I restarted ... upon return md0 was no longer mounted .. when I tried to mount I got all these errors about the superblock
<jmarsden> I don't think I could write over all XFS superblocks in a filesystem with ext2 ones if I really really tried, except by hand with a sector editor and a LOT of time and patience... that just doesn't sound plausible.
<macrocosm> I cant explain why testDisk would state that the superblocks were ext2, perhaps its confused
<jmarsden> Hmmm... are you confusing RAID superblocks with filesystem superblocks?
<macrocosm> well .. It is a raid0 .. but the drives are formated XFS
<macrocosm> and the testdisk im running is only on that raid .. which has no system files on it
<jmarsden> So there should be RAID superblocks which tell the system that this is a RAID0, parameters of the RAID are X, Y Z.... *and* once you treat the thing as a RAID device, there will then be XFS superblocks on top of that.
<jmarsden> But until you have a RAID device, you can't even begin to see or check for a filesystem... unless I'm VERY confused?
<macrocosm> yea ... the drives are together in the raid... I just cant mount it because of the superblock error
<jmarsden> Does cat /proc/mdstat show that the RAID device md0 is fine and happy?
<macrocosm> yeah
<macrocosm> Personalities : [raid0]
<macrocosm> md0 : active raid0 sdf[0] sdi[3] sdh[2] sdg[1]
<macrocosm>       314572544 blocks 64k chunks
<macrocosm> unused devices: <none>
<jmarsden> OK.  So, what does    file /dev/md0      output?
<macrocosm> hmm irc doesnt like the output .. do I need to put it inside some special brackets or someasmuch?
<macrocosm> just one line
<macrocosm> dev/md0: block special
<macrocosm> ahh that worked
<Roxyhart0> any experience with courier-idmap and ldap?
<macrocosm> sorry roxyhart0 ive not used that
<jmarsden> Roxyhart0: You should probably try the courier folks of the ldap folks for that.
<jmarsden> s/of/or/
<Roxyhart0> i did, but with ubuntu is a little bit different everything
<jmarsden> Yes, but it you understand what courier and what ldap are doing, that knowledge should apply just fine to Ubuntu, even if the defaults are slightly different.
<jmarsden> It's not like the courier config file format is different or anything like that.
<macrocosm> jmarsden .. is /dev/md0: block special  ....  a normal output from cmd ...  file /dev/md0 ?
<as1965> Roxyhart: Sorry - don't use Courier or LDAP. However, Howtoforge often has useful steps for install/setup of this sort of thing.
<as1965> Try google : site:www.howtoforge.com +postfix +ldap +courier
<macrocosm> yes howtoforge is awesome
<jmarsden> macrocosm: Yes.   It's a valid block device.  That's fine.   I'm not familiar with XFS enough to know how to proceed in detail; I'd tend to try and find out how to identify an XFS filesystem at a low level (is there a signature in the first block of the disk, or whatever) and make sure the raw data on /dev/md0 "looks like" an XFS filesystem
<jmarsden> If it does, you need to try to repair or rewrite that bad XFS superblock.
<macrocosm> well .. I have been using it for about a month with no problems .. however their was a bug with the latest ubuntu and XFS which caused it to not mount on reboot sometimes... apparently the last time was the last time lol.  Ill be good as long as I can get my data off of it... hopefully testdisk will help
<jmarsden> If you know what you are doing with filesystems, see what xfs_db can do for you...
<jmarsden> BTW, next time, don't use RAID0 for data you care about :)
<jmarsden> RAID1 for important data would be a lot more robust.
<as1965> macrocosm: there's an xfs_check as well I think. Plus an XFS mailing list - might be worth checking that.
<macrocosm> well .. I would normally not have done that but amazon EBS drives are fully redundant
<macrocosm> supposedly
<macrocosm> and I have obsessive snapshots .. but they silently failed 6 days ago .. when all this transpired I was so happy to pop over and grab a snapshot to restore from but there were no recent ones lol
<macrocosm> gotta love a perfect storm
<jmarsden> macrocosm: So now you get to write a cron job that emails you if there are no snapshots less than 24 hours old... but that doesn't help with the data currently on this array.
<macrocosm> True .. I really wish I had done that to begin with... would have saved me some headach.. but the upside is I have learned much more in the process so thats always good
<macrocosm> I really appreciate your help and tips .. hopefully testdisk will help me get my files off ... ive backed up these dead turd drives so I may try banging them around some first though..
<jmarsden> Yes.  One more idea... try dd if=/dev/md0 bs=1M count=10 >testmd0 ; file testmd0     # this should let file say what kind of fs it saw
<macrocosm> 10+0 records in
<macrocosm> 10+0 records out
<macrocosm> 10485760 bytes (10 MB) copied, 0.205319 s, 51.1 MB/s
<macrocosm> testmd0: x86 boot sector; partition 1: ID=0x83, active, starthead 0, startsector 256, 629143552 sectors
<jmarsden> Ah, that was not a partition that was a "drive" complete with partition table.
<jmarsden> So what does   fdisk -l /dev/md0     say?
<macrocosm> Disk /dev/md0: 322.1 GB, 322122285056 bytes
<macrocosm> 2 heads, 4 sectors/track, 78643136 cylinders
<macrocosm> Units = cylinders of 8 * 512 = 4096 bytes
<macrocosm> Disk identifier: 0x00000000
<macrocosm>     Device Boot      Start         End      Blocks   Id  System
<macrocosm> dev/md0p1   *          33    78642976   314571776   83  Linux
<jmarsden> OK.  83 is the normal ext2/ext3 type byte... but I don't know whether XFS uses it too.
<jmarsden> Hmmm, so what does   dd if=/dev/md0p1 bs=1M count=10 >testmd0p1 ; file testmd0p1     say (the last line is the interesting one)
<macrocosm> yes its 83
<macrocosm> dd: opening `/dev/md0p1': No such file or directory
<macrocosm> testmd0p1: empty
<jmarsden> Oh, hm.  So that's not a real device name at all. OK, never mind.  It's too late at night for me to figure out the right way to do it... I need to sleep :)
<jmarsden> Oh... maybe dd if=/dev/md0 bs=4K skip=32 count=100 >testmd0p1 ; file testmd0p1
<macrocosm> 100+0 records in
<macrocosm> 100+0 records out
<macrocosm> 409600 bytes (410 kB) copied, 0.001396 s, 293 MB/s
<macrocosm> testmd0p1: SGI XFS filesystem data (blksz 4096, inosz 256, v2 dirs)
<macrocosm> what is that? a test?
<jmarsden> OK!  Got it!
<jmarsden> Yes, it means there really is an XFS filesystem out there at 33 cylinders into your md0 disk.
<jmarsden> So some kind of XFS filesystem recovery tool has a decent chance of getting your data back.
<jmarsden> You can delete the test* files now, by the way :)
<macrocosm> I will look around .. from what Ive read so far testdisk ... seemed the most promising
<jmarsden> OK.  You might also be able to dd the entire filesystem out and into an image file and they try working with that, loopback mounting it etc.
<macrocosm> hmm ... looking at the dd docs now .. didnt see that one in my searches
<macrocosm> sweet .. I really appreciate your help!
<jmarsden> You're welcome.  But now I need to sleep... goodnight, and I hope you get your data back!
<macrocosm> I figured I should be able to get the stuff out .. looks like the data is still in place just the superblock is screwed n chewed
<macrocosm> thanks man .. get some zzzz's have a nice one
<jmarsden> Thanks.
<guest555> can I upgrade my 7.xx server to 9.xx without a freash install?
<as1965>  guest: I think LTS->LTS is supported directly, else one version to the next.
<as1965> So, I would expect a fresh install to be best for you probably. Hopefully yur /home folder is on a separate partition, which helps with things
<uvirtbot> New bug: #413449 in apache2 "mod_proxy_http violates RFC and common sense" [Unknown,Confirmed] https://launchpad.net/bugs/413449
<Zider> I have an issue with cryptdisks.. all the disks I unlock gets both foo and foo_unformatted in /dev/mapper
<Zider> as I understand it, the _unformatted are temps or something, but shouldn't they go away then?
<Zider> oh yeah, and the unlocking goes parallell with everything else so fstab tries to mount them before it's done..
<uvirtbot> New bug: #517609 in dhcp3 (main) "dhclient reports an incorrect URL" [Undecided,New] https://launchpad.net/bugs/517609
<uvirtbot> New bug: #518077 in whois (main) ".gl domains return: This TLD has no whois server." [Undecided,New] https://launchpad.net/bugs/518077
<stimble_> anybody happen to know where upstart jobs are defined?
<jpds> stimble_: /etc/init/
<stimble_> awesome
<stimble_> thanks
<stimble_> i've just started reading up on upstart, it looks pretty slick
<petsounds> good evening. we plan to migrate all our campus server on monday from windows to ubuntu. can you guys give me link to a tutorial or maybe a book to learn more about migrating from windows server to ubuntu? thanks :)
<resno> are these the best insutrction for setting up raid1? https://help.ubuntu.com/community/Installation/SoftwareRAID?action=fullsearch&context=180&value=Convert+to+software+raid&titlesearch=Titles
<stimble__> resno: do u need to boot from the raid drive, or just for data volume?
<stimble__> does anyone know a way to list all the registered upstart events?
<sherringham> stimble: man upstart -> see also -> man initctl - maybe of use
<stimble__> i looked thru those
<stimble__> and the website
<stimble__> but not seeing a way to list the registered events
<stimble__> myabe just missing it
<resno> stimble__: i want to boot from the raid drive
<stimble__> that howto is probably pretty good then
<resno> ok thanks stimble__
<wizzy_> hello people
<wizzy_> when i go to my website i am gettin only "index of..."
<wizzy_> so noones is here
<wizzy_> !apache2 virtual hosts
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<wizzy_> anyone is here?
<guntbert> wizzy_: you could ask in #httpd too
<wizzy_> i prefer here
<wizzy_> thank you tho
<Callum__> on my Ubuntu 9.10 Server, doing a kernel update results in update-grub SIGSEGVing out and stopping the update, anyone have any ideas what the problem might be? Its using an LVM set up spread across three hardware RAID 1 setups...
<Callum__> here is the Pastebin of apt-get -f install: http://pastebin.com/m5268f3f5
<guntbert> Callum__: did you search for error 139 already?
<Callum__> guntbert: its the error code for SIGSEGV... something is happening to make update-grub fail
<Callum__> I think I know what the problem is, I had a similar problem while trying to install Ubuntu 9.10 Server onto an existing LVM2 made by an RPM installation
<guntbert> Callum__: no real help from me: you could boot with a live CD and check your LVM from there though
<Callum__> guntbert: it seems to have trouble with LVMs created or modified by an RPM system like Fedora...
<Callum__> I caved in and nuked all my drives completely and let Ubuntu's installer create fresh LVM2 system, but I had to modify it later with a Fedora Live CD to get all of the drives used by the system
<guntbert> Callum__: I use lvm but no raid beneath - try to test you lvm setup with some live CD
<Callum__> guntbert: I'm removing grub2 and installing and configuring classic grub to see if that will help
<Callum__> yeah, update is finished, fingers crossed
<guntbert> Callum__: if you think that will help ...
<Callum__> guntbert: yeah, had no kinds of problems like this with ordinary GRUB
<guntbert> Callum__: good to know for the future...
<Callum__> hmm, yeah, it boots fine...
<wizzy_> anyones here?
<wizzy_> i need some help
<wizzy_> when i use wget where is file downloaded?
<guntbert> wizzy_: in the current directory
<wizzy_> thank you
<wizzy_> ok i unzipped file in same directory
<wizzy_> cd /directory and it says no such file or directory
<guntbert> wizzy_: omit the /
<wizzy_> thank you
<wizzy_> i am going to try install and setup email server
<wizzy_> i tried 3 times in past and never couldn't do it
<guntbert> wizzy_: please keep your mail server in a closed/secure environment - don't go "public" if you are not really knowing what you are doing
<wizzy_> i never couldnt make it work anyways :(
<guntbert> wizzy_: take my advice: play with one in a VM without external network access ....
<wizzy_> ok i will
<wizzy_> how do i test it in vm ?
<wizzy_> i get always problems with receiving
<wizzy_> i can send message out but never back
<guntbert> wizzy_: no tutorial from me - but be very careful not to create an "open mail relay" - that could get you into real troubles
<wizzy_> i am curious ., what troubles?
<guntbert> wizzy_: google for "open mail relay" - your ISP might shut you off, ...
<wizzy_> ouuu thank you for warning
<guntbert> wizzy_: you're welcome :-) and be careful
<wizzy_> anyone is using ispconfig3??
<wizzy_> i am trying to install it with "php -q install.php" and i am getting error
<osmosis> kirkland, i just finished reading through your kvm classroom talk. very good, learned a bunch.
<wizzy_> where did you read it?
#ubuntu-server 2010-02-07
<jmarsden> wizzy_: To set up a basic mail server on Ubuntu Karmic, do not "wget" and "unzip" anything!  Just sudo apt-get install dovecot-postfix    # and answer the debconf questions.  It's very very simple.
<osmosis> im not really understanding the point of Eucalyptus. Maybe im not finding a good tutorial on it.
<owen1> sudo /etc/init.d/sysklogd restart     is this is the command to restart syslog? i deleted /var/log/syslog and I want it back...
<wizzy__> i am trying to install  "install.php"  with "php -q install.php" command and i am getting error "php : command not found
<wizzy__> hello
<jmarsden> wizzy__: Do you have php5-cli installed?
<wizzy__> i am trying to install it but i cant
<wizzy__> always till "segmentation faulty tree .. 50% and then back to terminal
<wizzy__> and php5 not installed
<jmarsden> So what happens when you do    sudo apt-get install php5-cli ?   Can you pastebin the full output somewhere I can see it?
<wizzy__> "reading package lists ... done   Segmentation faulty tree ... 50%   "
<wizzy__> and then nothing , root@ubuntuserver:
<jmarsden> wizzy__: OK, so your apt database is unhappy.   Try apt-get -f install    # with nothing after the install.
<wizzy__> same thing
<jmarsden> wizzy__: Wow, it's *really* unhappy.  Do you know when this started, or what you might have done to cause it?
<wizzy_> ok i am back
<jmarsden> <jmarsden> wizzy__: Wow, it's *really* unhappy.  Do you know when this started, or what you might have done to cause it?
<wizzy_> nothing eventualy
<wizzy_> its fresh install ,
<wizzy_> only think i did was to setup apache2
<jmarsden> wizzy_: Then the simple thing to do could be to do another fresh install... something is *wrong* with that apt database.
<jmarsden> I
<jmarsden> I'm not enough of an expert to know exactly how to go about fixing it.
<wizzy_> ok thank you
<jmarsden> You're welcome.
<wizzy_> http://ubuntuforums.org/showthread.php?t=1010569
<jmarsden> OK, well, I suppose you can try   sudo rm /var/cache/apt/*.bin   and see if it works for you.
<wizzy_> WORKS
<wizzy_> ;)
<jmarsden> Cool :)
<wizzy_> hihi
<wizzy_> hih
<wizzy_> did you ever use ispconfig?
<uvirtbot> New bug: #518281 in postfix (main) "package postfix 2.6.5-3 failed to install/upgrade: " [Undecided,New] https://launchpad.net/bugs/518281
<Determinist> i'm trying to install sun-java6-jdk using a bash script on several remote machines but i keep running into the same problem: certain packages bring up a manual confirmation dialog during installation and i can't seem to find a way to override this behavior (aptitude -y doesn't help, obviously). any ideas?
<Determinist> nada?
<jmarsden> Determinist: if the dialog is from debconf you can preseed the question concerned.  if not... you'd have to look at exactly what the installer script is doing.
<Determinist> jmarsden: preseed = ? and how would i know this?
<jmarsden> Determinist: Read the Ubuntu Installation Guide.  See https://help.ubuntu.com/9.10/installation-guide/i386/preseed-using.html for example
<Determinist> jmarsden: ty
<jmarsden> You're welcome.
<Determinist> jmarsden: may seem silly, but i actually figured out what i need to pass (parameters), but i have no idea how (after reading that guide above). how do i actually pass 'preseed --owner sun-java6-jdk shared/accepted-sun-dlj-v1-1 boolean true' to aptitude (or am i being silly) ?
<jmarsden> I'm not sure you pass it to aptitude.  You set it in the debconf database.  I'm no expert on preseeding, I just know it exists for things like this...
<jmarsden> See if man 7 debconf     # sheds any light on how all this works.
<Determinist> ok, thanks
<Determinist> this isn't going to be simple. is it?
<Roxyhart0> hi, how i can know which kind of array i got?
<Roxyhart0> array disk
<Roxyhart0> how i can create disk array from line command
<jmarsden> Determinist: Probably not.
<Determinist> jmarsden: getting somewhere with dpkg --set-selections
<jmarsden> Roxyhart0: cat /proc/mdstat will show you what Software RAID arrays you currently have running.  Is that what you mean?
<Roxyhart0> no doesn't show me nothing and is weird
<Roxyhart0> beacuse when i install (start with cd ) i installed the array disks
<Roxyhart0> I mean the array that i did when i installed, i am usind a HP server
<Roxyhart0> i got just it: Personalities :
<Roxyhart0> unused devices: <none>
<jmarsden> "Installed the array disks"?  What do you mean?  Does your server have a hardware RAID controller you are using?
<Roxyhart0> yes
<jmarsden> Then /proc/mdstat does not show those, it shows Software RAID (not Hardware RAID).
<Roxyhart0> no :(
<jmarsden> To see the status of hardware RAID arrays you must use whatever utility is for that controller.
<Roxyhart0> i used the HP tool before install ubuntu, and when i was installing ubuntu, it shows me the array
<Roxyhart0> but now i cant see
<sub> can't see what?
<jmarsden> See if you can find your RAID controller listed on http://wiki.debian.org/LinuxRaidForAdmins  and use whatever utility works with it.
<sub> HPs SmartArrays usually end up like /dev/cciss/c0d0 or something
<Determinist> jmarsden: got it :D
<Determinist> jmarsden: debconf-utils
<jmarsden> Determinist: Cool :)
<Determinist> jmarsden: thanks for the guidance. didn't even know where to begin :)
<jmarsden> You're welcome.
 * jmarsden installs debconf-utils ... :)
<sub> Roxyhart0: Are you trying to mount the array or are you trying to see the configuration?
<Roxyhart0> see the configuration an then create LVM
<sub> if it's an HP server you can reboot and configure the RAID arrays via the ROM-based utility at boot
<Roxyhart0> but i think jmarsen is right..because i am using smart array. Do you know doc about this kind of tips using HP server with ubuntu?. PD. tahns very much jmarsen, you are always very kind
<Roxyhart0> and thanks as well sub
<jmarsden> Roxyhart0: You're welcome.
<sub> Roxyhart0: Do you see anything when you do: ls -al /dev/cciss/
<Roxyhart0> yes, i just see that
<Roxyhart0> i didnt know this is the "name" using HP
<Roxyhart0> question which kind of format is better for data? xfs or ext?
<qman__> ext3 is historically more reliable, xfs can suffer total data loss if your system crashes or loses power suddenly
<Roxyhart0> thanks for that, i will use ext3
<qman__> if you use xfs, make sure you use a stable configuration with a UPS
<Roxyhart0> what could be the benefit using xfs?
<qman__> xfs offers some performance benefits, particularly with larger files
<Roxyhart0> i think i prefare something reliable, even if is could be slower
<qman__> for important data, I agree
<qman__> ext3 has been very reliable for me in the past, and even when I've had some corruption, generally the errors are recoverable with minimal data loss
<Roxyhart0> yes, i had also a experience before i could reocver just ext3 but the partition which was xfs i couldnt. I thought was just casuality
<Roxyhart0> hi any experience with ext4? is better than ext3 and realiable?
<uvirtbot> New bug: #518346 in kvm (main) "Emulated serial port does not work with FreeBSD 8.0 guest" [Undecided,New] https://launchpad.net/bugs/518346
<Roxyhart0> alo
<Roxyhart0> hi someone have doc how to install samba domain member on ubuntu?
<Roxyhart08> hi when i do net rpc join i got an error:  NT_STATUS_CONNECTION_REFUSED
<Roxyhart08> any idea?
<uvirtbot> New bug: #518400 in clamav (main) "package clamav 0.95.3+dfsg-1ubuntu0.09.10 failed to install/upgrade: " [Undecided,New] https://launchpad.net/bugs/518400
<\sh> dear vmbuilder pros, which action is executed first after OS installation: --exec or --copy?
<uvirtbot> New bug: #518211 in lm-sensors (main) "IT8720F chip not recognized by lm-sensors" [Undecided,New] https://launchpad.net/bugs/518211
<a1fa> yellow
<a1fa> i am trying to boot the iso from a usb drive
<a1fa> i get to the point where it is supposed to map a cdrom and scan it, but it says no cdrom exist
<a1fa> my grub settings are
<a1fa> find --set-root /ubuntu.iso
<a1fa> map /ubuntu.iso
<a1fa> root
<a1fa> kernel /install/vmlinuz file=/cdrom/preseed/ubuntu-server.seed ..
<a1fa> not to bore you
<mboehm> i want to change /dev/ttyS0 group with udev rules to "nut" but it does not work
<mboehm> created a rule file in /etc/udev/rules.d with KERNEL=="ttyS0", GROUP="nut"
<mboehm> what can be wrong?
<mdeslaur> kirkland: I'm getting a FTBFS with libvirt as the new uuid-dev package doesn't contain libuuid.la anymore. Have you looked at this yet?
<\sh> hmm...something's wrong with kvm not starting up when using --part
<wizzy_> hello people
<Callum__> hi =P
<wizzy_> i want to host website and phpbb forum on one server
<wizzy_> website is working
<wizzy_> now how to configure server to show phpbb forum site?
<bageera> if you have php working then all you have to is extract the phpbb files in your webdir
<bageera> and configure phpbb
<wizzy_> yes but example1.com is website and example2.com is forum site
<bageera> then extract phpbb files into example2.com and the forum site will load up by default once its configured properly
<wizzy_> i got phpbb with apt-get
<bageera> ah
<wizzy_> i am removing it
<bageera> run a search and see what directory the files were put into
<wizzy_> can i open bz2 in ubuntu?
<bageera> yup
<bageera> use the j switch when running tar
<bageera> instead of z
<wizzy_> ok
<wizzy_> ok so i got it into its own folder
<wizzy_> now how to start installation?
<wizzy_> ....php -g install.php
<bageera> go to that page from the browser
<wizzy_> i forgot to do vhosts
<bageera> if I'm not mistaken there may be one or two things that need to be changed on the system but everything else can be done through the browser
<wizzy_> How is it ServerAlias or ServerAllias?
<bageera> the first one
<wizzy_> with single L
<bageera> yes single l
<tzabar> sÃ¶ker php kodare, ngn intresserad...? korta uppdrag...
<guntbert> tzabar: wrong channel ? :)
<tzabar> hum... vilken r den rÃ¤tta...
<guntbert> !english | tzabar
<ubottu> tzabar: The #ubuntu, #kubuntu and #xubuntu channels are English only. For a complete list of channels in other languages, please visit http://help.ubuntu.com/community/InternetRelayChat
<tzabar> sorry
<guntbert> tzabar: np - what was that lanuguage? swedish?
<tzabar> yes
<guntbert> !se | tzabar might help :)
<ubottu> tzabar might help :): Svensk Ubuntu- och Kubuntusupport hittar du i #ubuntu-se resp. #kubuntu-se
<tzabar> ok tack
<monk> evening
<monk> anyone help me configure a network to be a gateway?
<wizzy_> how do i change permissions of chae/:??
<wizzy_> cache:/
<Zider> I have an issue with cryptdisks.. all the disks I unlock gets both foo and foo_unformatted in /dev/mapper. as I understand it, the _unformatted are temps or something, but shouldn't they go away then?
<wizzy_> i am trying to install phpbb3
<wizzy_> and i need to change permissions  of cache/: files/: store/:
<wizzy_> but there are none in my server
<wizzy_> how to change permissions on /var/www/website?
<guntbert> wizzy_: you might want to read some of the next links
<guntbert> !cli
<ubottu> The linux terminal or command-line interface is very powerful. Open a terminal via Applications -> Accessories -> Terminal (Gnome) or K-menu -> System -> Konsole (KDE).  Guide: https://help.ubuntu.com/community/UsingTheTerminal or type in it: man intro
<guntbert> https://help.ubuntu.com/9.10/serverguide/C/
<guntbert> !tldp
<ubottu> documentation is to be found at http://help.ubuntu.com and http://wiki.ubuntu.com - General linux documentation: http://www.tldp.org - http://rute.2038bug.com
<uvirtbot> New bug: #517701 in ntp (main) "ntpd apparmor rule does not allow reading dhcp based config" [Low,Incomplete] https://launchpad.net/bugs/517701
<MTecknology> Any ideas how to display a heartbeat page?
<MTecknology> I want to make one server show uptime for all other servers..
<MTecknology> publicly..
<KurtKraut> MTecknology, are you sure this is a valuable data to publice? Usually you have to hire/rent another company to make the mesurements and publicize it for you.
<KurtKraut> MTecknology, because they'd be neutral and wouldn't hide downtimes
<sub> I understand the point you are trying to make, but I disagree with the statement that they would be neutral -- You are paying them after all
<sub> :-)
<MTecknology> KurtKraut: I just thought it would be something fun to show.
<KurtKraut> sub, but their business depends on the reliability they can provide. A single 'scandal' would put them out of business.
<sub> In monitoring you have all sorts of thresholds and ways of weeding out "false positives" that would make it really easy to say "Due to technical limitations, we weren't able to report the downtime until N minutes after the incident"
<sub> However, usually, these hired/outsourced monitoring companies report the outages directly to the company paying them and not their customers
<sub> MTecknology: If you're just doing it for giggles or for fun, I'd recommend you look into an interpretted language that can be used easily for web development
<sub> Whether that's Python, Ruby, PHP, Perl, or some other thing is up to you
<sub> I'm sure there are already freely-downloadable solutions for all of the languages I listed above
<sub> Otherwise you can set up a full monitoring package using Zabbix, Nagios, or some other software
<sherringham> www.pingdom.com :-)
<MTecknology> sub: my idea was a little php page and a cron task @reboot
<Roxyhart0> hi somebody knows about any doc about how to join my domain member serber to the PDC, includyng any configuration for that?
<jmarsden> Roxyhart0: Please, *please* read the Ubuntu Server Guide.  For this, see https://help.ubuntu.com/9.10/serverguide/C/likewise-open.html
<peepsalot> i had a software raid 5 setup on a box where I just upgraded the motherboard.  since swapping out the motherboar it does not recognize my raid array.  i think this is due to the drive numbers changing.  does someone know what I must do to correct this?
<peepsalot> i am reading the mdadm manual, but confused on what exactly needs to be done.  I think i need to --assemble? using mdadm --assemble --scan doesn't seem to do anything
<ujjain> is this a never-ever offtopic channel?
<peepsalot> likewise, mdadm --manage doesn't seem to do anything either
<ujjain> "Not only am I in a meat market, I'm the chopped liver." << what does this mean? Sorry, I am not English.
<peepsalot> they both just give another command prompt with no output
<myjimmyweb> hello, completely new to ubuntu server, trying to get a LAMP server going, followed the perfect server guide from howtoforge
<myjimmyweb> only problem is that now my dns isn't working
<ujjain> mijimmyweb: did you check the logs? can you telnet to udp 53?
<ujjain> what port is dns?
<myjimmyweb> oofta, i ssh into it with putty, hmm, trying to set up a dyndns setup
<myjimmyweb> idk, basically it all works if i access it with my local ip, but not with the myjimmyweb.homeftp.net
<ujjain> So you are not running our own dns server.
<ujjain> What happens if you ping to the homeftp?
<ujjain> correct ip?
<ujjain> Maybe your router forwarding settings are incorrect.
<myjimmyweb> that's what i'm thinking
<myjimmyweb> do i have to open a port on my router?
<myjimmyweb> for the server's ip address?
<ujjain> What is your server's ip? please give me the first 3 digits, e.g. 192.168.1.
<ujjain> I mean, that's an internal ip and would explain the problem.
<myjimmyweb> 192.168.1
<ujjain> Ok, that's it.
<ujjain> You go to http://192.168.1.1
<myjimmyweb> yeah, that's my router
<ujjain> type the login details, maybe admin/password, user/user.
<myjimmyweb> yeah yeah
<myjimmyweb> i'm in my router
<ujjain> go to forwarding settings or dmz
<myjimmyweb> but i'm not sure what port to forward
<ujjain> and make sure all requests, or port 80 (web), is sent to that ip, e.g. 192.168.1.13
<myjimmyweb> cool
<myjimmyweb> let's try that
<ujjain> and make sure the homeftp DNS is sent to your real external ip, and not internal.
<ujjain> www.whatsmyip.com might give your ip.
<ujjain> no, that's spam
<myjimmyweb> yeah, dyndns has it set up
<ujjain> http://whatismyipaddress.com/
<ujjain> the ip at that location?
<ujjain> or your 192.168 ip?
<myjimmyweb> yeah
<myjimmyweb> no it's my external
<myjimmyweb> in ISPConfig, myDNS-Server is "oFfline"
<ujjain> http://external ip should work
<ujjain> if http://internal ip works.
<ujjain> you don't need dns-server if you use homeftp.net's dns service.
<myjimmyweb> ok
<myjimmyweb> plugging my external in works
<myjimmyweb> i get the It Works! site
<ujjain> Great! Well done!
<myjimmyweb> just not when i plug in my name
<myjimmyweb> myjimmyweb.homeftp.net
<ujjain> does your ip start with 24?
<myjimmyweb> hah, yeah
<ujjain> I dont think it's correctly redirecting the port 80 traffic.
<myjimmyweb> hah, yo utry going to my external?
<ujjain> I did.
<ujjain> It does not work.
<myjimmyweb> hmm
<myjimmyweb> try once more, i disable and renable the port 80
<myjimmyweb> plugging my external in works for me
<myjimmyweb> http://24.196.89.253/
<Roxyhart0> somebody has a doc how to install a domain member and join to the PDC, i am getting error: NT_STATUS_CONNECTION_REFUSED
<Roxyhart0> any idea?
<ujjain> myjimmyweb: it does not work here.
<ujjain> http://www.rexswain.com/httpview.html
<ujjain> See for yourself
<ujjain> Do you have any other firewalls? Or routers?
<ujjain> You should set your DMZ, which forwards all ports, that's easier.
<ujjain> And less secure, but hopefully nobody's reading.
<myjimmyweb> i have no other firewalls or routers
<sub> http://www.ntcompatible.com/thread24048-1.html
<ujjain> I am not sure how to help you.
<ujjain> Try to disable your firewall at home for a few minutes.
<myjimmyweb> once i disable port forwarding on port 80, i wasn't able to access the site from my external IP, but once enabled i was again
<sarthor> Hi, I configured PPPoE-server with the help of http://ubuntuforums.org/showthread.php?t=291926 , as this url says that you have to add each user as a regular users to your linux, Like , "adduser xyz" it create the home directory also each time. I dont want to add users like this , just wanna add users to pap or chat file in /etc/ppp/ directory, How can i? Need help please
<ujjain> myjimmyweb: maybe it's a firewall like zonealarm
<myjimmyweb> don't use that junk
<ujjain> or even iptables ^^
<sub> your ISP could be blocking the port
<ujjain> I beleive there is a firewall by default.
<ujjain> Could be ISP too yes.
<sub> Trying moving it to a higher-numbered port, update your port forwards, and see if it works
<ujjain> Check out iptables --list.
<ujjain> You can use multiple ports right? e.g. Port 80 8008
<myjimmyweb> hmm, yes
<myjimmyweb> well ujjain, i'll try this again some other time
<myjimmyweb> might post something, but thanx for your help
<sarthor> Hi, I configured PPPoE-server with the help of http://ubuntuforums.org/showthread.php?t=291926 , as this url says that you have to add each user as a regular users to your linux, Like , "adduser xyz" it create the home directory also each time. I dont want to add users like this , just wanna add users to pap or chat file in /etc/ppp/ directory, How can i? Need help please
<Roxyhart0> hi, how i can know if i have my firewall running?
#ubuntu-server 2011-01-31
<ignarps> quizme, newer versions of applications.  that is one
<thesheff17> quizme: unless you need a specific feature in 10.10 I wouldn't upgrade because 10.04 is the long term support version and to me longer support is needed.  I don't want to be upgrading my servers to the next version in 6 months time unless I need something specific from that newer version.
<twb> You shouldn't *ever* upgrade unless the new version provides something you need
<twb> Admittedly, that might be upstream security support, because the current version is EOLd :-)
<uvirtbot> New bug: #710426 in mysql-5.1 (main) "package mysql-client-5.1 5.1.49-1ubuntu9 failed to install/upgrade: trying to overwrite '/usr/bin/my_print_defaults', which is also in package mysql-server-core-5.1 5.1.49-1ubuntu9" [Undecided,New] https://launchpad.net/bugs/710426
<uvirtbot> New bug: #710439 in mysql-5.1 (main) "package mysql-client-5.1 5.1.49-1ubuntu9 failed to install/upgrade: trying to overwrite '/usr/share/man/man1/my_print_defaults.1.gz', which is also in package mysql-server-core-5.1 5.1.49-1ubuntu9" [Undecided,New] https://launchpad.net/bugs/710439
<a|3x> hi
<a|3x> my ubuntu server was hacked with some "floodsend" rootkit, it connected to some irc server
<a|3x> what can i do to hit back?
<Datz> buy a copy of justin beibers new album
<a|3x> how is that going to help?
<Datz> he'll serenade you to sleep, where you can dream about irc?
<Datz> it's always worked for me..
<Datz> but sorry, I know you're serious, and I'm clearly drunk. :(
<Datz> (almost)
<a|3x> anybody want to poke around, here is the irc server: 80.68.95.83
<twb> a|3x: in many countries it is a civil or criminal offense to "hit back"
<twb> You may, however, wish to secure your system better in future, and to help educate others about doing so.
<a|3x> i meant to take them down
<twb> 15:03 <twb> a|3x: in many countries it is a civil or criminal offense to "hit back"
<a|3x> if their security sucks in this kit i could issue a command to remove the kit from all the infected servers connected to the server, right?
<a|3x> could be illegal but it would help a lot of people
<twb> I will not help you in such an activity.
<a|3x> never did ask
<Orfeous> trying to get postfix work with TLS encryption but it seems that there are some problems anywhere :D
<Orfeous> using dovecot-pop3 as pop-server and postfix as smtpd..
<gobbe> Orfeous: what kind of problems?
<Orfeous> my client computer seems not to allow me to send or recieve mail now.
<Orfeous> relay access denied...
<Orfeous> im trying to debug the problem with increasing tls debuglevel
<twb> Orfeous: that's for your protection!
<Orfeous> if i try to send a mail i got a mail back telling me that its not relying the domain i sent to
<gobbe> Orfeous: did you follow the guide from ubuntu.com?
<Orfeous> is it helping a little if i show the postfix main.cf?
<gobbe> Orfeous: there is really good howto
<Orfeous> yes, i have read many guides and tutorials..
<Orfeous> the mailserver works if i disable all tls stuff
<Orfeous> and not use tls encryption on my client
<Dragonshadow> is the ubuntu pureftpd package compiled with --virtualchroot ?
<twb> http://mywiki.wooledge.org/FtpMustDie
<Dragonshadow> Because that /really/ helps
<mattalexx> I'm trying to globally deny all requests to my server from any IP except for 192.168.0.3. Which file in /etc/apache should be changed to make this happen?
<uvirtbot> New bug: #710505 in mysql-5.1 (main) "package mysql-client-5.1 5.1.49-1ubuntu9 failed to install/upgrade: trying to overwrite '/usr/share/man/man1/my_print_defaults.1.gz', which is also in package mysql-server-core-5.1 5.1.49-1ubuntu9" [Undecided,New] https://launchpad.net/bugs/710505
<jmarsden> mattalexx: Since some requests might not be for web services but for other things, you might do better to use iptables to add packet filtering?
<mattalexx> jmarsden, There are exception (public requests allowed)  for some of my virtualhosts
<mattalexx> So that's a no-can-do.
<jmarsden> mattalexx: Then your request should probably have said "web requests" :)  Anyway, maybe /etc/apache2/conf.d/security is a sane place to add a global security restriction.
<palhmbs> hi - anybody familiar with setting up a cronjob that will use X to display what it's doing in the terminal whilst it runs?
<palhmbs> ubuntu 10.10
<qman__> palhmbs, not really server territory, but you could simply prefix the job with gnome-terminal
<palhmbs> thanks
<palhmbs> does this look right? -- 54 20 * * * gnome-terminal /home/palhmbs/myscript.sh
<qman__> if it's in a user's crontab, yes
<qman__> if it's a job in /etc/cron.d, you also need the user to run as
<palhmbs> so cron.d runs system level stuffs?
<palhmbs> as root....
<qman__> no, cron.d takes an additional argument
<qman__> * * * * * username job
<qman__> it can run jobs as root if you specify that
<palhmbs> ok - so if I create my own file /etc/cron.d/myscript
<palhmbs> where do the crontab -e file go? - is that embedded into a binary somewhere like visudo does?
<palhmbs> I've been using crontab -e mainly
<jpds> palhmbs: /var/spool/cron/crontabs/
<greppy> crontab -e calls your $EDITOR environment variable, which defaults to nano I think.
<greppy> visudo edits /etc/sudoers
<greppy> it also does some sanity checking to help keep you from breaking your sudo config.
<palhmbs> jpds, thank you - I was looking for those :D
<palhmbs> and using env variables in my script like DISPLAY=:0.0 will run a GUI from cron?
<palhmbs> basically I want to be able to show the user what crontab is doing...
<palhmbs> s/crontab/cron/
<jpds> palhmbs: apt-cache show beep ?
<palhmbs> jpds, lol - I think my PC-speaker must be unplugged :D
<palhmbs> I can use quotes in cron can't I? -- root "/usr/local/sbin/myscript.sh"  ??
<qman__> yep
<Roxyhart08> hi there i got the bad idea to install kde4 in my server, somebody know how to unistall in a safe way it?
<TeTeT> Roxyhart08: take a look at /var/log/dpkg.log and try to extract all the package names that came with kde4 and purge them
<Roxyhart08> thanks i couldnt find any things with kde in this file
<iclebyte-work> anyone good with mod_perl?
<adpaolucci> anyone here?
<adpaolucci> I am looking for help with setting up a private cloud
<kerozene> is this a job ad?
<TeTeT> adpaolucci: best you start with https://help.ubuntu.com/community/UEC
<adpaolucci> Already did
<adpaolucci> still reading over it
<TeTeT> adpaolucci: and probably you want to join #ubuntu-cloud
<adpaolucci> Thank you TeTeT
<TeTeT> adpaolucci: if you need a training, Canonical offers one: http://www.ubuntu.com/sites/default/files/active/Training%20-%20Deploying%20Ubuntu%20Enterprise%20Cloud%20overview.pdf
<TeTeT> adpaolucci: np
<adpaolucci> I would do the training course but its not offered anywhere in the Toronto area up in Canada
<adpaolucci> Actually it looks like there is
<adpaolucci> Thanks TeTeT
<TeTeT> adpaolucci: it's held virtually over spreed in April again, last class was last week
<iclebyte-work> no matter what I do I cannot seem to get cgi scripts to execute
<iclebyte-work> the browser just says 'the connection was reset' and there is nothing in the logs!
<uvirtbot> New bug: #710604 in mysql-5.1 (main) "package mysql-client-5.1 5.1.49-1ubuntu9 failed to install/upgrade: trying to overwrite '/usr/bin/my_print_defaults', which is also in package mysql-server-core-5.1 5.1.49-1ubuntu9" [Undecided,New] https://launchpad.net/bugs/710604
<uvirtbot> New bug: #710610 in libpam-ldap (main) "Can't change password" [Undecided,New] https://launchpad.net/bugs/710610
<uvirtbot> New bug: #710611 in mysql-5.1 (main) "package mysql-client-5.1 5.1.49-1ubuntu9 failed to install/upgrade: trying to overwrite '/usr/share/man/man1/my_print_defaults.1.gz', which is also in package mysql-server-core-5.1 5.1.49-1ubuntu9" [Undecided,New] https://launchpad.net/bugs/710611
<nimrod10> iclebyte-work, which webserver are you using ?
<iclebyte-work> Apache2
<iclebyte-work> I've got it partially working but only via placing the cgi-scripts into /usr/lib/cgi-bin
<iclebyte-work> which is an okay work around for the moment.
<iclebyte-work> i'm struggling to install the DBI perl module now
<nimrod10> iclebyte-work, it works in that dir because somewhere in the apache config , most likely in sites-available you have a line that says
<nimrod10> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<nimrod10>  17         <Directory "/usr/lib/cgi-bin">
<nimrod10>  18                 AllowOverride None
<nimrod10>  19                 Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
<nimrod10>  20                 Order allow,deny
<nimrod10>  21                 Allow from all
<nimrod10>  22         </Directory>
<nimrod10> the Options +ExecCGI is what you where looking for
<iclebyte-work> i've spotted that it's in the default vhost file
<iclebyte-work> i am however desperatley struggling to install the perl DBI module via cpan
<nimrod10> where did the certified hardware link go ?   This doesn't work anymore : http://webapps.ubuntu.com/certification/list/?category=Server
<nimrod10> it should work with cpan easily , not that I 'm a huge perl fan
<iclebyte-work> nimrod10, could you take a look at this vhost entry for me? http://scsys.co.uk:8002/85950
<nimrod10> is the  /   path mirrored to a path in your filesystem ?
<iclebyte-work> i don't understand you?
<iclebyte-work> i assumed it would mean the / of the DocumentRoot ?
<nimrod10> is / supposed to map to a location on your harddrive ?  like maybe  /var/www ?
<nimrod10> if so try to use the Directory directive instead of Location
<uvirtbot> New bug: #710672 in mysql-5.1 (main) "package mysql-client-5.1 5.1.49-1ubuntu9 failed to install/upgrade: trying to overwrite '/usr/bin/my_print_defaults', which is also in package mysql-server-core-5.1 5.1.49-1ubuntu9" [Undecided,New] https://launchpad.net/bugs/710672
<RoAkSoAx> morning all
<SnApO> Hi all, i want to build a very easy own cloud with 3 vservers
<SnApO> is this possible
<SnApO> 1 load balancer, 2 servers with apache/php and mysql
<SnApO> i have seen that ubuntu-server is offering private cloud
<SnApO> but i didnt found some prices
<patdk-wk> prices for what?
<patdk-wk> ubuntu doesn't sell anything, other than support
<\sh> ubuntu doesn't sell even support...canonical does that
<\sh> SnApO: what you mean is "Ubuntu UEC" which is on the server cd...
<\sh> that's meant with "private cloud" you can setup your own eucalyptus cluster for your private cloud
<ogra> \sh, i think he means the ubuntu one offers
<ogra> which has not much to do with running a OS in a cloud, its just personal cloud space for your data
<\sh> could be....anyways my hp tech arrived *grmpf*
<SnApO> i mean the landscape thing
<SnApO> to manage my private cloud
<ogra> ah
<SnApO> also if ubuntu enterprise cloud is free (its just for myself to test some things in the cloud)
<ogra> UEC is free
<soren> SnApO: The software is free, yes. You run it on your own servers.
<soren> SnApO: so it's not like you're getting free resources or anything.
<SnApO> does it mater if its already a virtual machine?
<SnApO> because i have 3 vservers for testing
<SnApO> the vservers are running ubuntu server
<SnApO> (openvz)
<ogra> http://www.canonical.com/enterprise-services/ubuntu-advantage/landscape/cloud-management
<ogra> at the bottom you have some contact links
<ogra> it shouldnt matter where or how you run your UEC instance as long as it is network connected
<_UsUrPeR_> gooood morning everyone
<uvirtbot> New bug: #710679 in mysql-5.1 (main) "packaged failed to install due to conflict with mysql-server-core" [Undecided,New] https://launchpad.net/bugs/710679
<_UsUrPeR_> I have a question pertaining to "screen". I am using the following to start a half-life server in ubuntu 10.04 -- "screen -A -m -d -S tf2 /~/orangebox/srcds_run -game tf -autoupdate -ip <IP> -port <port> + map <map>, and I cannot seem to get my screens back by default.
<SnApO> ogra, i just want to setup a small private cloud, with a management interface (all should be free because its only for testing and i need it more then 30 days). do i need landscape?
<ogra> you can indeed manage everything by hand
<ogra> using puppet or some such
<_UsUrPeR_> When I attempt to run "screen -r tf2", I am getting the following error: "Cannot open your terminal '/dev/pts0' - please check. This is because the screen session opened /dev/pts/0 as another user, even though I started screen with the user I am trying to retrieve the screen with
<elb0w> How do I resolve this? I dont care about installing the JDK. http://pastie.org/1514818
<Roasted_> Has anybody ever utilized Zentyal on Ubuntu to configure a FreeRadius server?
<iclebyte-work> i have an interface connected to a replicated port from a cisco switch, the interface has no IP however I can see the traffic coming in on eth1 (currently 25gb) - I'm trying to monitor it with softflowd so we can generate netflow data, this worked using a bridge but doesnt seem to work using 1 interface in promiscuous mode, any ideas?
<iclebyte-work> previously i used 2 interfaces bridged and place the monitoring box 'inline'
<iclebyte-work> and that worked
<patdk-wk> well, what is it mirroring?
<gobbe> sounds like mirror-port
<gobbe> :)
<Roasted_> Has anybody ever utilized Zentyal on Ubuntu to configure a FreeRadius server?
<iclebyte-work> yes it's a mirror port
<patdk-wk> I'm just wondering if it's mirroring both tx and rx on the source port
<patdk-wk> if it doesn't mirror both, then you are only monitoring half the traffic
<iclebyte-work> it's mirroring both, i can see the TX and RX levels rising on my interface stats
<patdk-wk> heh?
<patdk-wk> the tx on the mirror port should be equal to tx+rx on the source port, then
<patdk-wk> or maybe your talking of interface statis in software, dunno about that
<Dragonshadow> anyone here an ace with SQL and regex?
<patdk-wk> must everyone ask a question before asking a question?
<Fidelix> Please help, my server is taking 18 seconds to start the download with wget, it keeps "Resolving server..."
<patdk-wk> fix your dns :)
<patdk-wk> or their dns server
<Fidelix> patdk-wk, what could be wrong with my dns?
<patdk-wk> I dunno, but why else would wget talk so long to do a dns lookup?
<patdk-wk> what is in your /etc/resolv.conf file?
<patdk-wk> and what are you attempting to resolve?
<Fidelix> nameserver 127.0.0.1
<Fidelix> nameserver 213.186.33.99
<Fidelix> nameserver 208.67.222.222
<Fidelix> nameserver 208.67.220.220
<Fidelix> search ovh.net
<gobbe> do you have caching nameserver running?
<Fidelix> patdk-wk, wget http://google.com or ANY server takes really long to resolve.
<Fidelix> gobbe, I use bind9
<patdk-wk> nslookup google.com 127.0.0.1
<Fidelix> ;; connection timed out; no servers could be reached
<patdk-wk> then you don't use bind9 for recursive on your box
<Fidelix> Yeah. my bind is wrong....
<patdk-wk> and should fix bind, or remove that line
<Fidelix> patdk-wk, how can i change that?
<patdk-wk> change what?
<Fidelix> "use bind9 for recursive"
<patdk-wk> man bind? :)
<patdk-wk> I dunno
 * patdk-wk wouldn't touch bind with a 10' pole
<Fidelix> patdk-wk, what do you use?
<patdk-wk> it's not about what I use
<patdk-wk> it's about what you understand, and what works best for the job you put it in
<gobbe> Fidelix: where do you use bind?
<jpds> Fidelix: http://zytrax.com/books/dns/ch7/queries.html#recursion
<Fidelix> gobbe, what do you mean with "where" ?
<gobbe> Fidelix: well, what is purpose of your bind?
<Fidelix> gobbe, to serve my nameservers (ns1.mysite.com, ns2.mysite.com, etc...)
<gobbe> Fidelix: ok
<patdk-wk> so you might not want to even use localhost as recursive then
<patdk-wk> unless you don't trust your other dns servers
<patdk-wk> or you really need to use memory on your box for caching dns badly
<Fidelix> patdk-wk, these servers are opendns
<Fidelix> patdk-wk, isn't dns caching good?
<patdk-wk> like all things, caching is good and bad
<patdk-wk> yes, caching is normally good
<patdk-wk> every single server having it's own cache, bad
<patdk-wk> expecially when they don't use forwarders
<patdk-wk> and the second ns entry is ovh, not opendns
<iclebyte-work> is there any way to convert PPP to IP ?
<patdk-wk> iclebyte-work, that is like saying, can  I convert a freezer into an oven
<patdk-wk> well, I guess, mor like, convert a box into an oven
<patdk-wk> since ppp wraps other things
<jpds> A box oven sounds like it would be most effective.
 * patdk-wk was thinking cardboard box :)
<iclebyte-work> well.. i just want to decapsulate the PPP
<iclebyte-work> IP is inside it
<jpds> patdk-wk: Quite.
<patdk-wk> iclebyte-work, wireshark should do it nicely
<iclebyte-work> I'm trying to monitor a PPP network (adsl clients) using softflowd
<patdk-wk> no clue
<axisys> how do I mount a file system with ownership to a user.. ?
<axisys> mount /path/to/mount ; ls -ld /path/to/mount shows owend by root
<axisys> i like it to be owened by a user
<axisys> i added uid=1001 in fstab and that did not help
<axisys> I get this
<axisys> Unrecognized mount option "uid=1001" or missing value
<compdoc> cant you just change ownership of the /path/to/mount?
<compdoc> its an existing directory, no?
<baggar11> axisys: "uid=axisys,gid=axisys" works for me
<axisys> compdoc: yes
<axisys> compdoc: i changed the ownership to myself and then mounted and root took over
<axisys> baggar11: let me try with name
<Dragonshadow> '!\[color=(#[0-9a-f]{3}|#[0-9a-f]{6}|[a-z\-]+):$uid\](.*?)\[/color:$uid\]!is' matches [color=#FF8000][/color] , how can I make it *also* match [color="#FF8000"][/color] ?
<axisys> baggar11: this one did not work for me
<axisys> UUID=63333fb5-8457-45dc-9007-90638b8b4ca1 /opt/splunk  ext4    uid=splunk 0       1
<axisys> http://pastebin.com/MAQ0pB5J
<axisys> so the dir ownership changes after the mount
<axisys> baggar11: is your one ext4 fs ?
<hallyn> does anyone have a box, not in production, on which they could test lucid kvm with 1.5Tb virtio drive?
<Dragonshadow> I tried using a ("?) but that didn't work
<Dragonshadow> neither did (\"?)
<baggar11> axisys: yeah
<axisys> baggar11: mount -o uid=splunk /dev/sdc1 /opt/splunk did not work
<axisys> baggar11: can you try unmount it and try it mount like this?
<axisys> mount -v -t ext4 -o uid=splunk /dev/sdc1 /opt/splunk
<axisys> ^ did not work
<uvirtbot> axisys: Error: "did" is not a valid command.
<baggar11> axisys: actually, mine is on a remote cifs share. so I'm throwing username and password along with it
<baggar11> but gid/uid are standard mount options
<baggar11> did you try it with gid too?
<axisys> mount -v -t ext4 -o uid=splunk,gid=splunk /dev/sdc1 /opt/splunk
<axisys> no go ^
<axisys> mount -v -t ext4 -o gid=splunk /dev/sdc1 /opt/splunk
<axisys> no go either ^
<compdoc> whats the error?
<axisys> EXT4-fs (sdc1): Unrecognized mount option "uid=1001" or missing value
<axisys> EXT4-fs (sdc1): Unrecognized mount option "gid=1002" or missing value
<baggar11> axisys: running with sudo?
<axisys> baggar11: running as root
<RoAkSoAx> SpamapS: ping?
<SpamapS> RoAkSoAx: pong, just logged in.. wassup
 * SpamapS is seeing wobbly windows whenever he alt-tabs ... gah
<axisys> baggar11: I tried with my own account and still failing
<SpamapS> RoAkSoAx: the baby finallly let me sleep
<RoAkSoAx> SpamapS: hehe yeah i was wondering why u weren't online early this time lol!!
<RoAkSoAx> SpamapS: anyuways, where's the cobbler branch with the ubuntu packaging?
<SpamapS> lp:~ubuntu-virt/cobbler/ubuntu
<RoAkSoAx> SpamapS: thanks!
<uvirtbot> New bug: #710757 in cobbler (universe) "Reposync dependency and permissions" [Undecided,New] https://launchpad.net/bugs/710757
<RoAkSoAx> SpamapS: is that were you guys do active development or is it lp:cobbler?
<SpamapS> RoAkSoAx: thats us. lp:cobbler is an auto import of cobbler's git tree
<RoAkSoAx> SpamapS: k cool  thanks!
<SpamapS> hrm.. you know.. I think its time to figure out how to get irrsi to stop telling me which windows have had joins/quits ... w/ 50 windows.. its not actually useful
<RoAkSoAx> lol
<RoAkSoAx> SpamapS: -> /ignore -channels #chan1,#chan2,#chan3 * JOINS PARTS QUITS NICKS
<RoAkSoAx> SpamapS: or something like /ignore -channels #chan1,#chan2,#chan3 -regexp -pattern (away|gone|back|playin|weg|wech|returned) * ACTIONS
<SpamapS> I don't want to not see them in the window
<SpamapS> I like seeing them in the window, I don't want to see them in the status bar
<hallyn> SpamapS: you mean the channel number changing color?  or do you see actual notifications?
<SpamapS> the channel number
<SpamapS> hallyn: ^^
<hallyn> SpamapS: yeah then lemme know when you figure it out :)
<uvirtbot> New bug: #710774 in mysql-5.1 (main) "package mysql-client-5.1 5.1.49-1ubuntu9 failed to install/upgrade: trying to overwrite '/usr/bin/my_print_defaults', which is also in package mysql-server-core-5.1 5.1.49-1ubuntu9" [Undecided,New] https://launchpad.net/bugs/710774
<tdn> How do I make a cron-job that runs every 20 minutes, but only between 10 am and 23 pm?
<patdk-wk> easily :)
<patdk-wk> did you do a man crontab
<gobbe> yep, crontab has really good man-page and tons of websites
<SpamapS> tdn: */20 10-23 * * *
<SpamapS> I think thats the right # of stars
<patdk-wk> yep
<patdk-wk> unless you shove it into a /etc/cron.* folder
 * SpamapS knows that he just ruined the fishing lesson patdk as giving ;)
<tdn> SpamapS, thanks.
<sockPants> hi
<sockPants> i'm trying to set up dnsmasq as a dhcp server
<sockPants> what do i need to put in /etc/networks/interfaces?
<patdk-wk> nothing?
<sockPants> well then it's not working
<patdk-wk> well what are you attempting to do?
<sockPants> serve an ip address to another system
<pmatulis> patdk-wk: "set up dnsmasq as a dhcp server"
<sockPants> but the system itself doesnt even have an ip address on that interface
<patdk-wk> cause /etc/network/interfaces normally should have a static ip, if your running dnsmasq on it
<sockPants> i see. i figured, but none of the tutorials mention it
<patdk-wk> pmatulis, ya, confused what computers he was talking about, or only talking about one
<Lichte> I've setup pptp on server 10.04 and I'm able to connect from home just fine, but I can't access any of the windows shared drives...any ideas ???
<AdamDV> Where can I find the .ttf or .otf of the font used in the terminal window?
<consumerism> i need functions in php gd that are not in php5-gd on lucid. does anyone know of a compiled standalone gd library with all (or most) functions built-in, so i don't have to recompile php with gd support on my server?
<bjaanes> Hi, Im trying to use tar for my backup right now, but the performance seems to be quite bad. Im trying to tar a quite huge directory (my entire file server), but after a while, things are really slowing down, takes like an hour for 4 gig files. Any ideas?
<bjaanes> disk to disk, not over network btw
<thesheff17> bjaanes: are you using compression?
<Angryfurby> hey guys i have ubuntu 10.10 trying to use postfix to send email's anyone delt with the address verification issue
<consumerism> i'm trying to install a .deb from http://security.ubuntu.com/ubuntu/pool/main/p/php5/ - the latest php5-gd. i want to install it regardless of the fact that it depends on a later version of php5. but dpkg -i downloaded.deb --ignore-depends=php5-common doesn't work
<consumerism> dpkg: error processing --ignore-depends=php5-common (--install):
<consumerism>  cannot access archive: No such file or directory
<consumerism> dpkg: dependency problems prevent configuration of php5-gd:
<consumerism>  php5-gd depends on php5-common (= 5.3.3-7ubuntu1); however:
<consumerism>   Version of php5-common on system is 5.3.2-1ubuntu4.7.
<consumerism> what can i do about this?
<consumerism> same thing if i --ignore-depends=php5-gd
<consumerism> got it, i have to pass the --ignore-depends option BEFORE the package. dug.
<consumerism> sigh, still no ImageAntiAlias() in the latest php5-gd. anybody know how i can get that function without compiling my own php?
<sockPants> hi
<sockPants> i have dnsmasq running as dhcp server on eth0 using 192.168.0.1/24 and the same machine is connected to a network where it gets an ip address in 192.168.2.x/24 which has an internet connection. how do i allow clients to connect to the internet throught eth0
<smoser> bug 486128
<uvirtbot> Launchpad bug 486128 in ec2-init "euca2ools on Ubuntu AMIs should default to using API URLs for EC2/S3" [Wishlist,Won't fix] https://launchpad.net/bugs/486128
<RoyK> sockPants: out of interest, why don't you just use ISC DHCP? it's very well tested and used by thousands or  perhaps millions
<sockPants> RoyK: well it's only a temporary setup for booting and installing xubuntu to an old machine through pxe, so nothing matters as long as it works. the netboot installer wants to download the installation files from the internet
<RoyK> sockPants: still, setting up ISC DHCP daemon is done in something like 2-10 minutes
<RoyK> and it works
<sockPants> i've never heard of ic
<sockPants> *it
<RoyK> apt-get install dhcp3-server
<sockPants> that
<sockPants> how does that help me get internet on the client on eth0 through the internet connection on eth1
<sockPants> right now i'm just using the built in dhcp server in dnsmasq because it's there
<sockPants> the two interfaces are on different subnets
<RoyK> something like '-A POSTROUTING -s 10.0.0.0/22 -o eth0 -j MASQUERADE
<RoyK> something like 'iptables -A POSTROUTING -s 10.0.0.0/22 -o eth0 -j MASQUERADE'
<RoyK> -o being the output interface
<RoyK> and add net.ipv4.ip_forward = 1
<RoyK> to /etc/sysctl.conf and run sysctl -p
<RoyK> done
<RoyK> perhaps install bind9 if you need a local (caching) dns server - if not, use one on the internet
<Roasted_> Has anybody ever utilized Zentyal on Ubuntu to configure a FreeRadius server?
<RoyK> !zentyal
<Roasted_> zentyal was formerly known as ebox...
<Roasted_> they changed the name 2 months ago
<RoyK> ah
<RoyK> ok
<RoyK> no, I just use the commandline
<Roasted_> you've set up freeradius?
<RoyK> yeah
<Roasted_> Is it painful to set up, or am I just over complicating it?
<Roasted_> I am finding that all freeradius guides... suck. I've seen so little documentation that is relevant. Every guide I find is so different to the next, it just confuses me more on what to do.
<RoyK> any integration with ldap? or just static users/passwords?
<Roasted_> LDAP integration eventually. Right now I'm trying to keep it simple in a small test environment with using local users/passwords.
<Roasted_> I'm using a netgear access point that has radius support, along with Ubuntu 10.04.1 in a VM on VMWare.
<RoyK> Roasted_: ok
<Roasted_> I have Zentyal (ebox) installed with the RADIUS module. It attempts to validate, but it just loops with validating identity and eventually times out at disconnected.
<Roasted_> RoyK, is there a guide you used that you've had success with, or perhaps some sort of documentation you could point me to? While Zentyal looks promising, I feel lost otherwise.
<RoyK> Roasted_: to be honest, I didn't setup the system myself, only migrate it to ubuntu, which was rather easy. AFAICS it mostly comes down to the files clients.conf and users
<Roasted_> well, Zentyal directly edits those files when I add users and whatnot.
<Roasted_> I know that because it prompts me, saying these following files will be changed if you submit these changes, etc.
<RoyK> Roasted_: no offence, but mostly, asking for GUI-based tools in here is rarely much help. Also, radius isn't very much used these days, except those of us with equipment needing it... If you can pastebin some configs, that will help a lot, even though I can't promise I can help
<Roasted_> RoyK, radius isn't used much anymore????
<Roasted_> I thought radius was the authenticated future of secure wireless?
<Roasted_> for businesses at least.
<RoyK> Roasted_: for current and past and possibly the near future, but I doubt radius will survive very long
<Roasted_> RoyK, what do you think will be the standard? Regular WPA2-Personal passkeys?
<RoyK> possibly AD
<Roasted_> active directory?
<RoyK> seems AD is taking over a lot
<RoyK> yeah
<Roasted_> as in, microsoft active directory?
<RoyK> yes
<Roasted_> why am I suddenly in disbelief
<RoyK> well, I'm not a microsoft fan, just saying what I think
<RoyK> still, LDAP/kerberos might be better
<RoyK> that'll be compatible (or at least somewhat) to both unices and AD
<Roasted_> well it's nothing against microsoft in particular, I just find that to be a stretch.
<RoyK> to rephrase that comment a little, I think perhaps ldap/kerberos might be better than radius
<Roasted_> well
<Roasted_> for right now, this is the project on the table I need to figure out. If it changes in the future, I'm certainly open to adapt accordingly.
<RoyK> radius is 20 years old, and lacks a few things
<Roasted_> to me radius doesn't seem antiquated, when I consider the type of authentication and hardware authentication it handles.
<Roasted_> If anything it seems very advanced, compared to WPA2 Personal alone.
<RoyK> especially X.500 compliance
<RoyK> well, it's way better than WPA personal
<RoyK> indeed
<Roasted_> if it's way better than WPA Personal, then what's the harm in using it? I'm getting the vibe that I'm trying to implement amish technology into our network, but if radius (despite being old) is still the "best" I'm failing to see the issue with integrating it.
<RoyK> and I personally try to setup an openwrt-based WIFI network at work based on radius, but it seems a PITA, since the RAIUS servers are win2k8r2-based, and the win2k8r2-implementation of radius is behaving rather badly
<Roasted_> yeah
<Roasted_> that's why I'm setting it up on linux, becasue of windows issues with it.
<sparc> good afternoon, i'm mirroring dists/lucid, but the installer seems to pull only Packages files from it
<sparc> and not the debs from pool/mail ..
<sparc> after i preseeded the mirror'd archive
<sparc> is this a common problem?
<RoyK> sparc: pastebin /etc/apt/sources.list or relevant files (/etc/apt/sources.list.d/*)
<sparc> hmm ok
<RoyK> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<sparc> thank you, don't let me interrupt the discussion though :)
<RoyK> np :)
<RoyK> sparc: can you pastebin your RADIUS config and potential error messages?
<Roasted_> RoyK, nonetheless, can you offer any insight on what I should look for is my test environment is failing at validating identity?
<RoyK> Roasted_: that last one was for you, not sparc - sorry
<Roasted_> do you know the path of where that file resides RoyK ?
<RoyK> which file?
<Roasted_> the RADIUS config
<RoyK> //etc/radius
<RoyK> s/\///
<RoyK> erm
<RoyK> no
<RoyK> /etc/freeradius
<Roasted_> which file within freeradius would you like to see? freeradius is a directory and I don't see a "config"
<RoyK> radiusd.conf is the main config file
<Roasted_> gotcha. working on it now.
<Roasted_> our outbound connectin is slow today, pastebin is taking its dear old time
<RoyK> that one has includes to other files
<RoyK> Roasted_: oh - where are you located, btw?
<Roasted_> pennsylvania
<RoyK> ok
 * RoyK is in Oslo
<Roasted_> we're just working on our filter server at the moment, so all connections are kind of bottlenecked right now.
<Roasted_> externally at least.
<Roasted_> my gosh I feel like I'm on dial up all over again
<Roasted_> "AOL 4.0 Optimized!"
<RoyK> dialup?
<RoyK> like we did in the ninetees?
<Roasted_> yep. back in "the day"
<RoyK> IRC is nice for slow links - no bothering graphics etc :P
<Roasted_> yep. love it!
<Roasted_> this is ridiculous...
<Roasted_> really. it's just one web site.
<Spice-boy> somebody can help me?
<Roasted_> the students are gone, there should be anything throttling us back this badly
 * RoyK was about to complain about his 3,5Mbps link only sustains 2Mbps on a good day, but will rest his case
<RoyK> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<Roasted_> wow
<Roasted_> just wow.
<RoyK> ?
<Roasted_> I'm still waiting for pastebin to show up.
<RoyK> :)
<gobbe> :)
<Roasted_> no :). stab me.
<Roasted_> quick.
<RoyK> good link
<Spice-boy> i have a usb wirreles adapter... Belkin f7d2101 ... and i don`t have driver for ubuntu 8.10. how i cand install ther usb wirreles adapter on unbuntu 8.10?
<Roasted_> why are you on 8.10?
<Roasted_> their support is long gone for 8.10.
<Spice-boy> pfuu
<Roasted_> official support anyway
<Spice-boy> i need to instal another version for ubuntu?
<RoyK> that's > 2 years old - try a newer version
<Roasted_> Spice-boy, well there's bee several releases since then
<RoyK> sparc: no idea - google it
<Roasted_> 9.04, 9.10, 10.04 LTS, and 10.10 is the latest
<Roasted_> I'd go for 10.04 LTS. LTS's are always <3
<Spice-boy> aha i understand....
<RoyK> and 11.04 if you're eager/brave
<Roasted_> Spice-boy, with newer kernels often comes more support for hardware. Newer kernels would be what you would see with newer versions of Ubuntu. In particular, 10.04 because it's an LTS, and 10.10 because it's the most current.
<Roasted_> Spice-boy, so you might fire up 10.04 and find your Belkin works perfectly fine with zero configuration needed.
<Roasted_> I'm not saying you WILL. But you'd have better chances than tinkering with an unsupported version of Ubuntu, such as 8.10.
<RoyK> I'd recommend using 10.10 for a desktop system
<RoyK> mostly no reason for LTS for those
<Roasted_> I agree, depending on the application.
<gobbe> yep
<Roasted_> I have 10.04 on my "desktop" here, but it also acts as a server.
<gobbe> i run 10.04 on servers
<gobbe> and 11.04 on desktop ;)
<Spice-boy> RoyK thx... i`m gonna download de newer version...
<Roasted_> Spice-boy, good luck!
<Spice-boy> the*
<Spice-boy> thanks
<RoyK> Spice-boy: just try 10.10 - 11.04 isn't ready yet
<Roasted_> RoyK, pastebin is still trying to show up. This might be a losing battle.
<Roasted_> RoyK, is there something in particular I can look for that you're curious about?
<Roasted_> in the radiusd config file at least.
<Spice-boy> yes 10.10 thx RoyK
<jpiche> anyone here know of a ppa for mysql 5.5? I prefer debs over manual tar installs
<pmatulis> jpiche: first step is to search launchpad
<pmatulis> https://launchpad.net/ubuntu/+ppas?name_filter=mysql
<jpiche> pmatulis, oh thanks. I didn't know you could search by ppa... i feel dumb now
<JanC> jpiche: not knowing something is not the same as being dumb...  ;)
<jpiche> JanC,  hence the word "feel", and also why I asked here. I figured I'd get an answer pointing me in the right direction. I love IRC ;-)
<JanC> it's not like there is a link to that search page on every PPA
<uvirtbot> New bug: #710894 in openssh (main) "package ssh-askpass-gnome 1:5.3p1-3ubuntu4 failed to install/upgrade: sistema de ficheros del archivo tar daÃ±ado - archivo de paquete daÃ±ado" [Undecided,New] https://launchpad.net/bugs/710894
<jpiche> unfortunately I'm not finding anything though
<RoyK> jpiche: just apt-get source the mysql package, copy the debian/ directory into the mysql 5.5 directoroy, cd into the source directory and dpkg-buildpackage
<JanC> and hope it works well  ;)
<RoyK> yeah :)
<jpiche> well, that's what VMs are for
<JanC> I mean, hope the build works well (I'm not sure if MySQL changed much in the way it gets built)
<jpiche> RoyK, do you know if there are changes to 5.5 directory structure though?
<RoyK> no ifrs
<RoyK> no idea
<uvirtbot> New bug: #710904 in mysql-5.1 (main) "package mysql-client-5.1 5.1.49-1ubuntu9 failed to install/upgrade: Versuch, Â»/usr/share/man/man1/my_print_defaults.1.gzÂ« zu Ã¼berschreiben, welches auch in Paket mysql-server-core-5.1 5.1.49-1ubuntu9 ist" [Undecided,New] https://launchpad.net/bugs/710904
<Roasted_> RoyK, well I got a slew of the same error in my radius error log.
<Roasted_> Error: Ignoring request to authentication address * port 1812 from unknown client.
<Roasted_> with the listed IP that I gave my access point following after unknown client.
<RoyK> sorry - no idea
 * RoyK pats his two 100TB boxes and hope Bacula will learn to behave soon
<geekbri> is there a testing repository for 10.04 LTS ?
<RoAkSoAx> win 10
<highvoltage> esc 0 :)
<RoAkSoAx> it finally had to happen >P
<RoyK> RoAkSoAx: s/^\//
<sockPants> hi all, maybe something you can help me with
<sockPants> i'm trying to boot over pxe but now i have the error 'No init found. Try passing init= bootarg.
<sockPants> what would I put? right now this is what i'm booting: http://pastie.org/1516202
<geekbri> if i want a kernel module to be loaded at boot time so i don't have to modprobe, where would that go?
<RoyK> http://www.gnu.org/fun/jokes/helloworld.html
<RoyK> geekbri: it should be in the initrd/initramfs - all modules should be there
<geekbri> RoyK: thank you very much
<RoyK> and initrd/initramfs should autodetect those loadable
<geekbri> i wanted to add fuse, so i actually adedd it to /etc/modules
<slicslak> i'm on a RS Cloud ubuntu server, ls -l doesn't show the groups.  anyone know if/how i can change that?  sudo ls -l does, but I would rather not have to sudo to run ls  :)
<uvirtbot> New bug: #710946 in mysql-5.1 (main) "package mysql-client-5.1 5.1.49-1ubuntu9 failed to install/upgrade: intentando sobreescribir `/usr/bin/my_print_defaults', que estÃ¡ tambiÃ©n en el paquete mysql-server-core-5.1 5.1.49-1ubuntu9" [Undecided,New] https://launchpad.net/bugs/710946
<MikeChelen> is there a log of system load over time?
<patdk-lap> uptime
<RoyK> patdk-lap:  23:54:57 up 1 day, 23:43,  1 user,  load average: 20.86, 21.46, 21.73
<patdk-lap> :)
<MikeChelen> over longer periods such as days and weeks
<MikeChelen> to monitor for spikes in load
<MikeChelen> and see when they occurred
<thesheff17> MikeChelen: there are number of monitoring tools...I really like zabbix.org but people have used nagios which is a well known monitoring tool.
<thesheff17> MikeChelen: if you want something really simple just schedule uptime on cron
<thesheff17> to a text file
<uvirtbot> New bug: #710976 in mysql-5.1 (main) "package mysql-client-5.1 5.1.54-1ubuntu2 failed to install/upgrade: trying to overwrite '/usr/share/man/man1/my_print_defaults.1.gz', which is also in package mysql-server-core-5.1 5.1.49-1ubuntu9" [Undecided,New] https://launchpad.net/bugs/710976
<MikeChelen> thesheff17: something simple would be good because this is the only measurement needed for now
<MikeChelen> logging system load with cron would be ok, it would be nice to have a basic chart display though
<uvirtbot> New bug: #710980 in samba (main) "package samba 2:3.5.6~dfsg-4ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1 (dup-of: 709000)" [Undecided,New] https://launchpad.net/bugs/710980
<thesheff17> MikeChelen: you could easily dump that text file into excel or another charting tool and do a graph...I'm sure there are even graphing tools in python if you really wanted something automated.
<uvirtbot> New bug: #710985 in php5 (main) "php5-fpm does not allow concurrent requests" [Undecided,New] https://launchpad.net/bugs/710985
<MikeChelen> thesheff17: yeah there are, just have a pick a library, and format the data
#ubuntu-server 2011-02-01
<_Techie_> is there an automated way to install a PXE server?
<toddnine_> Hi guys.  Just installed this mb and trying to install server 10.10 http://www.gigabyte.com/products/product-page.aspx?pid=3434&dl=1#fq
<toddnine_> It doesn't recognize any of the drives.  Any ideas where I can get them?
<patdk-lap> odd, it's just a ich10r, should be fine
<patdk-lap> did you plug them into the 3g or 6g ports?
 * twb blinks
<twb> Aren't we only just up to 4G?
<patdk-lap> hehe
<clusty> hey
<clusty> was wondering if any of you had any suggestion on some usable c++ IDE. no emacs or eclipse :D. one feature i would love to have is communication with gdb
<clusty> loading/saving/updating breakpoints, etc
<twb> clusty: you just said "I need a usable C++ IDE, except it can't be one of the usable ones"
<clusty> :D
<twb> I guess there's jEdit?  It aims to be Emacs NIH'd in Java.
<clusty> i hate emacs with a vengeance, and eclipse is a pain to setup, maintain
<twb> What you feel now is mere dislike.
<twb> When you've used Emacs for twenty years, THEN you will begin to hate it
<clusty> still have not found an easy way to use gdb from vim
<clusty> now i am using vim to edit, and emacs to run gdb so i get source with code in a nicer mode
<twb> Shrug.
<clusty> tell me about it
<twb> If you have specific problems with Emacs, you can ask #emacs about them
<clusty> i find the whole environment very backwards
<clusty> shortcuts that involve 3 combos just feel WRONG
<clusty> twb: jedit looks very promising
<clusty> plugin autoinstall is a great start :D
<twb> I've never used it, because it doesn't work on a tty
<JanC> clusty: geany is another option, if you want a GUI
<JanC> much more basic than jEdit though
<twb> I think the core requirement is that it has gud
<twb> And isn't emacs
<JanC> geany seems to fit his/her requirements (maybe with some of the plugins installed)
<JanC> and so do several other IDEs
<clusty> twb: taking it back. fugly and does not work out of the box for c++
<clusty> JanC: thanks. giving it a go now
<clusty> another thing i was struggling with was having ctag files autoupdated
<JanC> clusty: there are 20 or more geany plugins, so make sure you check what's available and looks useful for your purposes  âº
<clusty> JanC: will do thanks
<JanC> plugins in Ubuntu I mean, maybe even more upstream
<clusty> it's a bit unfair that mac makes it much easier to debug proggies compared to linux
<clusty> then again mac has it's own quirks...
<JanC> well, there is Nemiver if you need a GUI debugger  ;)
<patdk-lap> valgrind :)
<JanC> but some IDE's hav support for debugging too
<patdk-lap> debugging is boring, must profile :)
<clusty> patdk-lap: try valgrinding a 300MB app
<clusty> and see if you can even move the mouse
<JanC> valgrind isn't a general debugging tool...
<clusty> guys at work run insure++ every now and then
<clusty> i personally never used anything else apart from valgrind
<clusty> i really like the mac instruments thingy for profiling
<clusty> has extremely low overheaad and is almost as good as cachegrind
<uvirtbot> New bug: #711043 in mysql-5.1 (main) "package mysql-client-5.1 5.1.49-1ubuntu9 failed to install/upgrade: trying to overwrite '/usr/share/man/man1/my_print_defaults.1.gz', which is also in package mysql-server-core-5.1 5.1.49-1ubuntu9" [Undecided,New] https://launchpad.net/bugs/711043
<_Neytiri_> i am haveing a issue setting up RFC 2136 updates with bind9
<Darknetix> Anyone here up for some private wow?
<Darknetix> Anyone here up for some private WoW? You are more than welcome to join at darknetix.dyndns.org
<no--name> is using update-manager the same as using apt-get upgrade?
<carmony> We have an Ubuntu 10.04 server with mysql-server installed from aptitude. Now, here is the issue, there is a bug with MySQL 5.1.41 that is fixed in MySQL 5.1.51. Are there any other options than installing from Source?
<patdk-lap> installing from maverick?
<patdk-lap> downloading the maverick source and recompile and install?
<carmony> how can I install from maverick?
<twb> I can tell you from personal experience that you are better off giving up RIGHT NOW
<patdk-lap> :)
<twb> mysql is extraordinarily Not Fun to cherry-pick
<patdk-lap> twb, never had an issue myself
<patdk-lap> but I normally compile from source
<twb> patdk-lap: then you miss out in whatever packaging/integration debian provides
<twb> for upgrades and such
<patdk-lap> yep
<twb> I guess if you just slap it in /opt and leave it alone forever, like a slackware system...
<patdk-lap> it's more cause I had issues compiling in the sphinx module
<patdk-lap> I haven't upgraded to 5.1 yet, where it's a plugin
<twb> sphinx as in the python documentation framework?
<jmarsden> carmony: You asked for "any other options", so I'll mention: If you *really* need to do it, you could 'upgrade' the entire server to Maverick, but then you're losing LTS benefits.
<patdk-lap> twb, I should hope not
<carmony> hrm, seems maverick has 5.1.49, not 5.1.51
<patdk-lap> sphinx the search engine
<jmarsden> carmony: Indeed... sources from Natty, if you are brave? :)
<carmony> lol, Natty?
<patdk-lap> sources from natty+1?
<jmarsden> carmony: One more option:  apt-get source mysql in Lucid, backport the patch for the specific bug, debuild yourself a custom package of 5.1.41+yourfix .
<jmarsden> rmadison -s natty mysql-server shows: mysql-server | 5.1.54-1ubuntu2 |         natty | all        so that should be recent enough :)
<nroach44> how would i got about installing 10.10 server via usb msd?
<carmony> well, its compiled with yassl, think it mike be easier to compile it with openssl?
<jmarsden> If you start from the packaged sources, it should be easiest to compile it with whatever the package currently does, because that means less changes you have to make.
<carmony> sorry if I'm a newb, lol :P I'm more of a developer than sys admin :)
<carmony> can I see the options the aptitude version of mysql was compiled with?
<jmarsden> carmony: Read the packaging scripts, or install it and run it with whatever option displays the compiletime options, I'd think.
<carmony> jmarsden: ok, so we downloaded the source and are trying to build it. We changed the debian/rules file to use open ssl instead of yassl, but it is throwing an error saying "checking for SSL... configure: error: The flag --with-yassl is deprecated, use --with-ssl"
<carmony> am I missing something where I should configure it elsewhere?
<jmarsden>  carmony: Sounds like it.  Are you aware of the licencing issues with compiling GPLed software with openssl, by the way?
<lifeless> jmarsden: there aren't any... its distributing that has issues
<carmony> yes, and we won't be distributing it
<jmarsden> lifeless: Hmmm... probably true.  I just think like a packager, and packages are usually intended for distribution.
 * carmony pats jmarsden 
<jmarsden> carmony: Do you *need* openssl?  As I said earlier, compiling it from source the way the package comes out of the source package will be easier.
<carmony> the bug is with yassl
<carmony> it was fixed in 5.0
<carmony> but they used a broken version of yassl in 5.1
<carmony> and didn't fix it until 5.1.51 of mysql
<carmony> its a pain in the butt bug that is kinda rare, but a deal breaker for our software system
<jmarsden> So... which source did you download, the fixed one?  In that case you can use yassl, right?  Or am I confused?
<carmony> we downloaded the 10.04 version of the sources from Ubuntu's packaging website
<jmarsden> Ah... I thought we had discussed downloading the Natty sources so you'd get something new enough to already include the fix. OK.
<carmony> we were hopping to just compile with different options
<carmony> hoping*
<jmarsden> It should be doable... I'll grab the 10.04 sources and see what I can see...
<jmarsden> carmony: Looks like we're using cmake, so you may want to check CMakelists.txt for any yassl-oriented config info?
<carmony> ok, looking..
<carmony> I see it adding the dependancy and sub directories, but I don't see anything that shows it requiring it I don't think..
<uvirtbot> New bug: #711089 in mysql-5.1 (main) "package mysql-client-5.1 5.1.49-1ubuntu9 failed to install/upgrade: trying to overwrite '/usr/share/man/man1/my_print_defaults.1.gz', which is also in package mysql-server-core-5.1 5.1.49-1ubuntu9" [Undecided,New] https://launchpad.net/bugs/711089
<carmony> ADD_DEFINITIONS(-DHAVE_YASSL) <-- would that cause the problem?
<jmarsden> carmony: I'm not sure either, but does ADD_DEFINITIONS(-DHAVE_YASSL) ... right... it might.
<carmony> http://paste2.org/p/1222171
<carmony> that is the error we get
<jmarsden> OK, that's a configure error, from autotools... but who or what added the --with-yassl option?
<carmony> thats what I can't figure out, we changed it from the debian/rules
<jmarsden> Can you pastebin the diff of your debian/rules?
<carmony> hrm, I found this with grep: ./BUILD/compile-pentium-icc-yassl:extra_configs="$pentium_configs $static_link --with-yassl"
<carmony> sure
<jmarsden> I don't think you are building with icc though, so that shouldn't apply :)
<carmony> hrm, trying to diff... it was just line 108 and 109, changed --without-openssl to --with-openssl and --with-yassl to --without-yassl
<jmarsden> That's odd, my debian.rules line 108 says --with-ssl, not anything about openssl or yassl specifically...
<jmarsden> We're talking about  mysql-dfsg-5.1_5.1.41-3ubuntu12.9  right?
<carmony> jmarsden: yes, actually, talking with the other dev, he added the --without-yassl and changed --with-ssl to --with-openssl
<carmony> jmarsden: he was following this tutorial for mysql 5.0: http://geektank.net/2007/10/re-compiling-mysql-5-0-openssl-support-under-debian/
<jmarsden> I suspect the deprecation may be of anything related to yassl or openssl specifically, they now (in 5.1) want you to just say with-ssl or without-ssl and specifcy which SSL library in some other way... but that's a guess at this point.
<jmarsden> Following a 5.0 tutorial for a 5.1 build is probably not a great idea.
<carmony> lol, yeah, so I'm figuring out
<twb> jmarsden: gods, I wish people would get that
<twb> jmarsden: like <coworker> who follows blog posts about installing <foo> on 6.04
<carmony> lol twb
<twb> 6.06, rather
<carmony> jmarsden: ok, it shows: --with-ssl=DIR Include SSL support   5.1.11
 * jmarsden thinks... nothing wrong with that as long as he is still running dapper :)
<carmony> in INSTALL-SOURCE
<jmarsden> carmony: I'd guess you want to leave --with-ssl in there and hack Cmakelists.txt to say you don't have yassl please use openssl instead...?
<twb> jmarsden: he wasn't
<jmarsden> But again, I'm guessing
<jmarsden> Or does CMakelists.txt not even get used in this build process... seems odd to have it there and then use autotools, to me...
<twb> Eh, mysql is pretty dumb about everything
<carmony> agreed, twb
<carmony> ok, where would the OpenSSL header files and libraries located in ubuntu 10.04?
<twb> carmony: libssl-dev
<jmarsden> carmony: See http://dev.mysql.com/doc/refman/5.1/en/secure-using-ssl.html
<jmarsden> for how to configure the build for openssl... sounds like you may already have found that.
<jmarsden> It says in part: "To use OpenSSL instead, specify the --with-ssl option with the path to the directory where the OpenSSL header files and libraries are located: ..."
<carmony> ok, I installed libssl-dev, looking for where it put them
<jmarsden> carmony: dpkg -L libssl-dev
<carmony> and thank you both for being patient with me, I'm learning a lot
<twb> carmony: you still haven't learnt not to roll your own stuff in /opt
<twb> 15:32 <twb> I can tell you from personal experience that you are better off giving up RIGHT NOW
<carmony> lol
<jmarsden> twb: at least he is now trying to create a package rather than compiling from a tarball ... this is significant progress :)
<twb> OK
<carmony> ok, got a new error: http://paste2.org/p/1222218 -- but I think I'm getting close... I think
<jmarsden> carmony: That looks like you left out a \ at the end of a line in debian/rules or some other makefile??
<jmarsden> diff your debian/rules with the original and make sure you only changed what you intended to change.
<carmony> ah, found it
<kaushal> hi
<kaushal> is there a way to build Ubuntu OS from a specific ISO ?
<kaushal> I mean using Netboot/PXE/TFTP ?
<twb> uh, you can netboot the installer
<carmony> wow... I... I think it worked.
<jmarsden> Congratulations :)
<jmarsden> You must have a pretty fast build machine, BTW, a full mysql build from source including running all the tests takes a while...
<twb> jmarsden: maybe whatever random blog post he's copying from set DEBUILD_OPTIONS=nocheck
<jmarsden> Maybe... but I hope not :)
<kaushal> twb: ok
<kaushal> twb: you said installer ?
<kaushal> are you talking about the ISO ?
<carmony> man, its running tests, and its taking -forever-
<twb> kaushal: no, I'm talking about d-i
<jmarsden> carmony: Then you don't really know whether it worked yet :)
<carmony> lol, I assumed
<rallias> How do I set sendmail to foreward all my outgoing mail to a different mail host?
<goddard> I am going to be setting up an ubuntu web server and during the install it asks for a hostname lots of tutorials suggest giving it a domain at this time
<goddard> if I plan on having virtual servers what should I do then?
<rallias> Just call it some random thing.
<rallias> I call my server the-a-bomg
<goddard> does this have any effect on mail or anything
<goddard> cause postfix uses your hostname most the time
<rallias> nah.
<rallias> You can tell postfix to accept mail for multiple domains
<rallias> webmin makes it a beautiful job... to set up that part.
<goddard> rallias thats what id plan on using :D
<goddard> rallias isp config worth using?
<rallias> meh, if your behind a router, not really.
<goddard> what does that have to do with it?
<rallias> well if you're directly connecting it to the net your isp see's who you claim to be.
<rallias> calling yourself the-a-bomg isn't the best thing to show your isp
<kaushal> twb: ok
<goddard> I see
<goddard> rallias if I was connecting to my ISP then I should use a FQDN ?
<rallias> no, won't let you.
<rallias> It chops off a bit after the dots
<rallias> Just call it something like goddard
<rallias> or the username part of what you connect to your isp's email with.
<jmarsden> rallias: Be very careful with webmin on Ubuntu... it tends to break things.
<jmarsden> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<twb> !augeas
<twb> !puppet
<twb> Bah
<rallias> so thats why I never got postfix to work...
<goddard> isn't it only not supported because of a depreciated md5 library?
<twb> goddard: no
<twb> goddard: run lintian on webmin's deb sometime
<twb> I think they build it using alien or tar+ar
<goddard> twb so what do you suggest?
<twb> goddard: I suggest you learn to administer the damn system properly, i.e. from a shell
<rallias> they built it with checkinstall if I remember the wiki right.
<twb> rallias: that'd be about right
<goddard> twb you have to admint virtual min is really nice
<twb> goddard: no, I don't
<goddard> you can setup a virtual server in like 2 seconds
<rallias> tru dat
<twb> You mean the dom0 or the domU?
<rallias> nah the google.com and the images.google.com
<twb> I kinda doubt google are running *min
<rallias> eh I'll send you my bind9 hints file sometime
<goddard> rallias ill take that aswell
<rallias> goddard: I'm going to warn you, its 1.2 gb
<goddard> ...
<goddard> nvm
<goddard> thats way to many hints
<rallias> lol
<twb> goddard: he doesn't mean hints for humans
<carmony> hrm, ok, it failed four tests.
<carmony> Failing test(s): main.partition_innodb main.information_schema_chmod main.trigger rpl.rpl_rotate_logs
<carmony> think I should be concerned?
<twb> I'm guessing that's not Reverse Polish Lisp
<goddard> so does ISPConfig suck as well?
<rallias> goddard: no clue
<twb> goddard: anything that tries to baby sysadmins along with a web UI sucks
<goddard> That leaves Cpanel which costs like couple grand
<twb> BTW, I tried to pastebin the lintian output for webmin's deb, but it exceeds the maximum paste size
<rallias> twb: What 'bout one I make myself?
<goddard> twb haha
<twb> Here we go: http://pastebin.com/vxfGjwGr
<rallias> its complaining because of perl and .gif's?
<twb> rallias: the reason Debian packages are so good is because the Debian Policy forbids packages from making retarded packages
<rallias> *belch*
<twb> If you think RHEL does a better job, you can go use it
<rallias> Why should I pay some bozo 50 bucks for some piece of crud that is hyper controled?
<rallias> its why I said no to windows.
<rallias> quite frankly, i'm not against debian, i'm just against its definition of "retarded"
<carmony> super newb question... you can tail a file, but is there a version of tail that you can use to read just the beginning of a file?
<twb> Shrug.  When you use Ubuntu, you're benefitting from it.  Almost all Ubuntu packaging is pinched straight from Debian.
<air^> head
<air^> @carmony
<carmony> lol, thanks air^
<air^> :)
<carmony> um, hrm...
<carmony> jmarsden: I can't find any deb files to use to install my newly made packages?
<jmarsden> If the build succeeded, they should be above the source tree, so cd ..   and look there.
<carmony> there aren't any there
<carmony> hr
<jmarsden> carmony: What were the last few lines of text output by debuild ?
<blahdeblah> Hi.  I'm setting up a new Ubuntu mail server, and i'm looking to hit it hard & fast with spam.  Can anyone suggest the quickest way to get my server on the nefarious spammers' lists?
<carmony> jmarsden: crap, http://paste2.org/p/1222297
<jmarsden> OK, so you need to figure out those tests and why they failed... apparently they are supposed to succeed :)
<carmony> well, those tests are for master/slave replication and you need to do special things for those tests I guess
<spartan07> Cannot get an ip on a server ubuntu 8.04.
<spartan07> I switched /etc/network/interface to dhcp no good
<jmarsden> Then the package would never build on a PPA or on the official build servers... so that doesn't seem likely.
<jmarsden> Also... my own mysql build with that --with-ssl=/usr/include/openssl/ change just completed, and mine worked :)
<spartan07> ran ethtool and there is a link on eth0 but I dont even see inet addr for eth0 can someone please help
<jmarsden> spartan07: I'm not an expert on DHCP, but running   dhclient -d eth0    might get you more information on the issue
<spartan07> dhclient not installed. can I install from cd?
<jmarsden> sudo apt-get install dhcp3-client
<jmarsden> Oh, it is in /sbin.  So try   /sbin/dhclient -d eth0 perhaps?
<spartan07> jmarsden, dont have internet
<spartan07> 1 sec
<spartan07> no file or directory. not installed.
<jmarsden> Hmmm.  That seems unusual to me.  I thought it was installed by default... will check.
<twb> jmarsden: not in -minimal, at least
<spartan07> running 8.04.3
<spartan07> dont think its minimal. installed regular. how can i install from cd?
<jmarsden> mount the cd, sudo dpkg -i /path/to/cd/.../dhcp3-client*.deb ... but that's a little vague.  I'm too used to having the Internet around... :)
<spartan07> jmarsden, yea mee too thats why im stumped lol
<jmarsden> spartan07: OK, it is on the CD under pool/main/d/dhcp3/ so mount the CD and then cd in there and sudo dpkg -i dhcp3-client_*deb
<spartan07> mounting
<spartan07> I restarted . this is a poweredge 6650 and it takes forever
<jmarsden> Why did you feel the need to restart?  This is not Windows :)
<spartan07> with other servers sometimes the settings dont take. Had this happen with 8.04 test server
<carmony> jmarsden: woohoo, its working
<jmarsden> carmony: Good :)  What did you have to do to get the tests to pass?
<goddard> what is the hit on performance by virtualizing?
<twb> goddard: depends on hardware and what you're doing
<twb> goddard: and the virtualization technology, of course
<goddard> is there a estimated percentage?
<jmarsden> goddard: It all depends on what and how you are virtualizing :)  Just a few percent if you are lucky...
<twb> I can pull a number out of my arse if you think it'll help
<goddard> jmarsden i dont have anything in mind at the moment just kinda curious seems like a good option
<goddard> twb haha
<jmarsden> Then try it and see :)  For an article about virtualization performance (months old), maybe http://www.phoronix.com/scan.php?page=article&item=ubuntu_kvm_history&num=1 woudl be of interest?
<twb> Dhrystones per Second:                        25163562 (dom0)
<twb> Dhrystones per Second:                        25163562 (domU)
<twb> So, unsurprisingly, with LXC, CPU performance is reduced by approximately 0%
<jmarsden> spartan07: Were you able to install dhclient ?
<spartan07> no getting it to mount cd. working on it
<jmarsden> ?  if your install CD won't mount, you have real issues :)
<twb> he might simply not know how
<jmarsden> spartan07: What command are you using to try to mount the CD?  And what happens when you use that command?
<spartan07> think cd is scratched
<spartan07> old cd
<spartan07> looking for another.I know I have here
<spartan07> jmarsden, dependency problems
<jmarsden> spartan07: what else does it need?
<spartan07> with dhcp3-common on system is 3.0.6.dfsg-1ubuntu9.1 and it needs 1ubuntu9
<spartan07> probably got updated during a system update since im runing 8.04.1
<spartan07> should I install dhcp3-common and then install dhcp3-client again?
<jmarsden> Wait.... your machine has dhcp-common but not dhcp-client?  What does   dpkg -l 'dhcp*'  |grep ^ii     output?
<spartan07> has dhcp3-common but its 3.0.6.dfsg-1ubuntu9.1 not dhcp3-common but its 3.0.6.dfsg-1ubuntu9
<jmarsden> But it doesn't have any dhcp*client package installed?
<spartan07> nope
<jmarsden> I wonder why you installed the -common without the -client or -server?  Seems very odd.  OK.  Sure, try    sudo dpkg -i dhcp3-client_*deb dhcp3-common*deb    and see what it does.
<spartan07> output shows dhcp3-common 3.0.6dfsg-1ubuntu9.1
<spartan07> installed
<spartan07> jmarsden, installed
<jmarsden> OK, so now (at last) we can try  dhclient -d eth0
<twb> jmarsden: aptitude why dhcp3-commont
<twb> It'll tell you exactly why
<twb> ...except that d-i sets all packages to "manually installed", which might bork it
<spartan07> well one thing I see wrong is DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 5  - my subnet mask is 255.255.255.0
<spartan07> jmarsden, says no working leases in persistent database
<jmarsden> No, that's not necessarily wrong.  Did you see a reply from the DHCP server, is what matters?
<spartan07> No DHCPOFFERS received
<twb> Is the machine cabled?
<spartan07> yea
<jmarsden> Can you check that your DHCP server is working OK?  are other machines getting DHCP addresses fine?
<twb> Does "ip l" mention any interfaces other than eth0 and lo?
<spartan07> yea. im chatting on this one
<jmarsden> spartan07: Do you have an eth1 or anything similar in your    ip l     output?
<spartan07> yea eth1
<spartan07> lo , eth0, eth1
<jmarsden> OK, so how sure are you the wire you have connected is really on eth0 ?  Maybe it is on eth1 :)
<spartan07> did ethtool eth0 and has link yes
<spartan07> oh wait wait that wAS LAST TIME
<spartan07> it was on eth1
<spartan07> moved to eth0
<jmarsden> :)  all this because you had a wire in the wrong ethernet jack :)
<spartan07> sorry frustrated and overlooked that
<spartan07> ran dhclient output: bound to 192.168.XX.XX
<jmarsden> You're good to go :)
<spartan07> jmarsden, man thank you sooo much
<jmarsden> spartan07: You're welcome.
<spartan07> had been hours trying to figure this out. thanks again for taking the time to help me. I would have never figured that out. I also learned something new
<bravvve> i have local network with machinesand a server under windows 2003 server and machines under windows xp,one of them is my workstation connected to the internet,i wan tu configure it like a update server for antivirus,how can i configure this on latest ubuntu server
<mkulke> hello, how come that /usr/lib64/update-notifier/apt-check mentions updates, while apt-get update does not?
<mike_miller> Anyone here familiar with the AMI images?
<mkulke> how can i tell whether there are updates available or not?
<mkulke> in machine readable form
<mkulke> jeez, that seems to be a simple thing, but i've been trying to achieve this for ages
<xampart> our isp changed and had to do little configuration. now kern.log shows a lot of "kernel: Neighbour table overflow" messages (/proc/sys/net/ipv4/neigh/default/gc_thresh{1,2,3} are 4096,8192,8192 respectively). any experiences?
<uvirtbot> New bug: #711173 in mysql-5.1 (main) "package mysql-client-5.1 5.1.54-1ubuntu2 failed to install/upgrade: Ð¿Ð¾Ð¿ÑÑÐºÐ° Ð¿ÐµÑÐµÐ·Ð°Ð¿Ð¸ÑÐ°ÑÑ Â«/usr/bin/my_print_defaultsÂ», ÐºÐ¾ÑÐ¾ÑÑÐ¹ ÑÐ¶Ðµ Ð¸Ð¼ÐµÐµÑÑÑ Ð² Ð¿Ð°ÐºÐµÑÐµ mysql-server-core-5.1 5.1.49-1ubuntu9" [Undecided,New] https://launchpad.net/bugs/711173
<awanti> hi i have implemented samba server. Now i am facing bit problem.  I want to give the permission like 'in perticular shared folder users can create the files but they can't delete it
<NetShadow> is there is a software that can boost my bittorrent upload ratio like greeytorrent for linux?
<mpathy> Hi there.. I am looking for a ticketing system for my server.. Where clients can send support requests etc. - I know the most people would say OTRS, but its too big and bloated in my opinion.. Something like those nice ticket systems for software bugs, with a ergonomic and well-thought web interface (if possible Web 2.0/ajaxified) but more client support specific..
<mpathy> Any thoughts? :)
<remix_tj> mpathy: i use horde+whups at work
<remix_tj> mpathy: works well
<binBASH> horde? He didn't want to get bloated ;)
<mpathy> Horde is some extra topic..
<Error404NotFound> Can't mount nfs shares: http://pastebin.com/VQ4R2YYU Server is Lucid Lynx, Client is Karmic Koala
<mpathy> I always liked the modularity and the extra modules available but nowadays it lacks so much at documentation..
<mpathy> But whups is also a software bug ticket system
<mpathy> I need something more "client support request" - specific
<binBASH> :-) currently coding such a thing for my company
<binBASH> webhosting company...
<mpathy> like "my login in my groupware doesnt work" etc.
<mpathy> binBASH: I also think about coding myself but I cannot understand something like that isnt available in a simple manner
<binBASH> you don't need to reinvent the wheel ;)
<mpathy> So why are you coding sth. like that? :P
<binBASH> mpathy: Because I can't use that open source stuff for it
<binBASH> and I don't want to pay thousands of $ ;)
<binBASH> mpathy: http://osticket.com/tour/
<binBASH> this one looks neat btw.
<mpathy> yes but already too much in my opinion
<mpathy> altough its more modern than otrs.. i had it installed for testing
<binBASH> yeah it also has ajax iface
<x-ip> hi all :)
<Error404NotFound> Unable to mount NFS shares: http://pastebin.com/YfdfHm6t
<Error404NotFound> on client i see: rpcbind: server <IP> not responding, timed out
<Error404NotFound> anyone alive here?
<mpathy> thx for the inspiration, I looked trough my mp3's.. I will listen to Comfortably Numb :P its no ubuntu-server specific question why not ask in #ubuntu
<pmatulis> Error404NotFound: yes, there are 293 people in here
<Error404NotFound> ok, confirmed one alive :P
<Error404NotFound> what ports does nfs server need to open on client and server? I know that we should have 111 and 2049 open on client but anything else?
<patdk-wk> Error404NotFound, it's random, check portmap
<Error404NotFound> patdk-wk: the port that needs access is random?
<Error404NotFound> what about that pastebin? it contains rpcinfo -p
<patdk-wk> yep, it's an rpc service
<patdk-wk> each time you restart nfs, or reboot, it could use a different port
<patdk-wk> normally it will use the same one, but nothing says it will, unless you set it
<Daviey> smoser, Bug #709542 ....  Have any ideas?
<uvirtbot> Launchpad bug 709542 in cloud-init "100% cpu console-kit" [Undecided,New] https://launchpad.net/bugs/709542
<Error404NotFound> patdk-wk: can you please have a look at pastebin, and tell me what other ports should i allow?
<patdk-wk> Error404NotFound, why? it would be useless, cause it will change
<patdk-wk> http://ubuntuforums.org/showthread.php?t=352486
<Error404NotFound> patdk-wk: but i can't leave the firewall on nfs server wide open
<patdk-wk> why you need to specify what ports nfs should use, instead of leaving it random
<patdk-wk> man, why is this so hard?
<Error404NotFound> NFS uses random ports, but the firewall on nfs server can't be wide open allowing connections on all ports.
<patdk-wk> so?
<20QAAN25C> Hi, I try to install a dns server with bind9, I configure the forwarders in /etc/bind/named.conf.options and the zone  in /etc/bind/named.conf.local but the clients can't resolve the URL... have you any ideas? Thank you
<pmatulis> Error404NotFound: NFS over the internet?
<Error404NotFound> pmatulis: nfs on cloud
<Error404NotFound> patdk-wk: thanks, that link really helped :)
<RoAkSoAx> morning all
<hggdh> Daviey, good morning. I just uploaded a new ubuntu-server-iso-testing package to the PPA. Can you (when it is built) update your hudson slave with it?
<Daviey> hggdh, wilco!
<david506> I wrote my templates for for debconf, my script asks for the user to enter the requested information. But when I run the script a second time, it doesn't ask, it takes the same answer from the first run. How do I get it to ask each time ?
<Daviey> zul, have you seen https://bugs.launchpad.net/ubuntu/+source/mysql-5.1/+bug/710976 ?
<uvirtbot> Launchpad bug 710976 in mysql-5.1 "package mysql-client-5.1 5.1.54-1ubuntu2 failed to install/upgrade: trying to overwrite '/usr/share/man/man1/my_print_defaults.1.gz', which is also in package mysql-server-core-5.1 5.1.49-1ubuntu9" [Undecided,New]
<zul> Daviey: yeah
<zul> Daviey: multiple times ;)
<Daviey> awesome :)
<Daviey> SpamapS, Where you looking at issues with php5-fpm recently?
<Daviey> Were*
<Daviey> ugh, w.u.c seems to be timing out lots today
<RoAkSoAx> bug #710976 is duplicate of bug #710505
<uvirtbot> Launchpad bug 710976 in mysql-5.1 "package mysql-client-5.1 5.1.54-1ubuntu2 failed to install/upgrade: trying to overwrite '/usr/share/man/man1/my_print_defaults.1.gz', which is also in package mysql-server-core-5.1 5.1.49-1ubuntu9" [Undecided,New] https://launchpad.net/bugs/710976
<uvirtbot> Launchpad bug 710505 in mysql-5.1 "package mysql-client-5.1 5.1.49-1ubuntu9 failed to install/upgrade: trying to overwrite '/usr/share/man/man1/my_print_defaults.1.gz', which is also in package mysql-server-core-5.1 5.1.49-1ubuntu9" [High,Triaged] https://launchpad.net/bugs/710505
<zul> Daviey: ok its fixed now
<zul> Daviey: php5-fpm was removed in natty i think when we merged it from debian again
<Daviey> zul, Hmm
<Daviey> was the binary package removed from the archive and this package is legacy on the users machine?
<zul> Daviey: yeah it was removed from the archive afaik
<Daviey> awesome.
<jdstrand> zul: hey, couple of questions for you regarding alpha 2: apache2 is ftbfs on amd64 and axis2c for all releases. would you mind looking at these or finding someone who will?
<zul> jdstrand: sure
<zul> jdstrand: axis2c is well known though i think
<jdstrand> zul: is a fix planned or a bug filed already?
<zul> jdstrand: yeah i think there is a bug filed about it already
<x-ip> Hi, i followed this steps https://help.ubuntu.com/community/KVM/CreateGuests using ubuntu-vm-build, the node is up http://pastebin.com/gzYiZUve but it isnt recheable from the network, in fact i dont see the ip address from the 'prod.local' vm in the interfaces list
<zul> jdstrand: lemme see if i can find it
<jdstrand> zul: possibly 600174?
<Daviey> ahhhhhhhhhhhhhhhhhhhhhhhh
<x-ip> i tryed the virsh console to get 'inside' the VM but didnt have success (using the console command)
<zul> jdstrand: yeah
 * Daviey hates axis2c with vengeance.
<zul> jdstrand: the plan was to update to 1.7 i think but that kind of pettered out
<x-ip> what am i doing wrong ? maybe am i missing something ? any help is appreciated
<jdstrand> Daviey: I see that is milestoned for beta-- I guess we can assume not fixed for alpha2?
<Daviey> jdstrand, I think it really needs doko's input tbh.
<Daviey> I spent a few hours trying to fix the axis2c ftbfs, and it's a PIG.
<jdstrand> ok, well he is on vacation, so I'll jot down the bug and move on
<Daviey> jdstrand, it is on the release teams agenda btw.
<jdstrand> Daviey: yes, I am helping them :)
<zul> Daviey: doko already gave hsi input
<Daviey> zul, Hmm, he added something to the bug
<Daviey> But iirc it wasn't quite enough.
<Daviey> https://bugs.launchpad.net/ubuntu/maverick/+source/axis2c/+bug/600174/comments/13
<Daviey> zul, ^^
<uvirtbot> Launchpad bug 600174 in axis2c "axis2c fails to build from source on maverick/i386" [High,Confirmed]
<Daviey> clearly doko hasn't looked at the upstream tree :P
<Daviey> i should take another look.
<zul> Daviey: yeah i had a poke at it but my brain exploded
<jdstrand> zul: do you mind if I file a bug re apache@
<jdstrand> apache2?
<zul> jdstrand: sure be my guest
<jdstrand> zul: that way it'll make it easier on your upload (soft freeze and all)
 * Daviey imagines zul slamming his fist down, and denying jdstrand opening a bug.
<zul> jdstrand: ack
<jdstrand> hehe
<zul> jdstrand: apache doesnt like -fno-strict-aliasing ;)
<Daviey> zul, When jdstrand opens that bug, are you working on it?
<zul> Daviey: yeah im going to revert the fix i was using for a bug
<Daviey> zul, dandy!
<jdstrand> zul: fyi bug #711293. tentatively assigned to you. feel free to reassign as necessary
<uvirtbot> Launchpad bug 711293 in apache2 "[natty] apache2 FTBFS on amd64" [High,New] https://launchpad.net/bugs/711293
<zul> jdstrand: thanks
<jdstrand> zul: thank you for looking into ti
<jdstrand> it
<zul> jdstrand: np thanks for reporting it, ;)
<zul> jdstrand: fix uploaded
<jdstrand> dude, that was fast
<zul> jdstrand: hehe :)
<uvirtbot> New bug: #711293 in apache2 (main) "[natty] apache2 FTBFS on amd64" [High,Fix released] https://launchpad.net/bugs/711293
<zul> Daviey: so what do you want to do with axis2c?
<Daviey> zul, pah, i just commented :)
<RoyK> hi all. which image type should I use with kvm? qcow2?
<compdoc> qcow2 is not bad. I think you need qcow2 to migrate between servers
<compdoc> its not as fast as using a block device
<compdoc> raw might be faster too
<RoyK> I just chose raw and allocated it all
<RoyK> moving my Zimbra install to a dedicated virtual disk to ease backup...
<compdoc> Ive been running my email server that way for a while. Asterisk too
<RoyK> compdoc: is asterisk stable by now?
<compdoc> works <shrug>
<RoyK> I used to run it in a rather large setup with some 5k users some years back, and it sucked hard
<compdoc> I use it at home - only about 5 phones
<compdoc> I dont use any analog cards - its strictly sip and iax
<RoyK> k
<patdk-wk> ya, I used it years ago, with about 60 users, only for sip/iax, used a cisco router for fxo/fxs and sip phones
<patdk-wk> worked fine
<RoyK> in the early days of asterisk, Digium didn't even want to admit a jitterbuffer was needed, so we had to hire someone to write it
<compdoc> seems to have grown a lot since then
<patdk-wk> yep, I totally don't know why digim did that :(
<compdoc> like most active distros
<RoyK> patdk-wk: the code was submitted and eventually accepted into 1.4
<patdk-wk> that is why I used cisco vic's, they have their own buffers
<RoyK> vic?
<patdk-wk> voice modules
<patdk-wk> as opposed to wic's
<RoyK> you need jb at both sides, though
<patdk-wk> running over a 2 hope, 2gigabit network, wouldn't cause much jitter
<patdk-wk> it was mainly echo cancelling that annoyed me
<patdk-wk> 2 hop :)
<RoyK> we had customers leaving because although they could hear well, the ones they talked to just heard gibberish
<compdoc> getting the hardware and softare just right can be a bear - Ive seen lots of ppl talk about their failed projects
<compdoc> takes a lot of testing
<uvirtbot> New bug: #711321 in multipath-tools (main) "multipathd expecting wrong paths in uevents" [High,Fix released] https://launchpad.net/bugs/711321
<RoyK> compdoc: getting faulty software to work well can be a real bitch
<compdoc> heh
<RoyK> I did a fair amount of debugging on asterisk, and I beleive the theory is true, set 100,000 monkeys in front of a computer each, and they'll end up writing asterisk in a few weeks
<RoyK> compdoc: http://karlsbakk.net/fun/asterisk-installation.wav
<compdoc> lots of nix software requires a bit of tweaking
<RoyK> sure, but this wasn't tweaking, it was digging into the source to remove nasty memleaks, locking problems, scalability issues and whatnot
<zul> SpamapS: http://www.osrg.net/sheepdog/
<compdoc> asterisk-installation.wav is funny
<compdoc> sounds just like the asterisk woman
<RoyK> it is
<RoyK> some guy paid her to read that
<compdoc> I wonder how much money she makes
<RoyK> she does (part  of?) her living for reading stuff like that
<RoyK> iirc this wav came just before the callweaver fork, which eventually died
<compdoc> never even heard of callweaver
<compdoc> my version of asterisk is working, so I dont keep up with developments
<RoyK> compdoc: it's a few years since that fork, and although it included more interesting stuff, in the nature of not being dual-licensed, it eventually died
<RoyK> compdoc: good :)
<RoyK> never fix a winning team :P
<RoyK> asterisk suffers from the usual dual-license issue - they want to sell the software, so they can't use GPL in it
<RoyK> so even though there are good and scalable RTP/SRTP stacks out there, digium has to rely on their own
<RoyK> zul: interesting - getting zfs into that picture would be rather cool :)
<uvirtbot> New bug: #711354 in mysql-5.1 (main) "package mysql-client-5.1 5.1.49-1ubuntu9 failed to install/upgrade: trying to overwrite '/usr/bin/my_print_defaults', which is also in package mysql-server-core-5.1 5.1.49-1ubuntu9" [Undecided,New] https://launchpad.net/bugs/711354
<RoyK> any idea how to have virt-manager make the vnc server listen to 0.0.0.0 instead of localhost?
<RoAkSoAx> kirkland: o/
<compdoc> I have to go out and shovel snow...
<RoAkSoAx> kirkland: quick update on powernap. I enabled by default InputMonitor's (keyboard/mouse) in the config, and if there's no device available, it won't launch any Monitor. I also found a bug that when disconnecting the mouse/keyboard from the USB, it sent a signal to powernapd and it stopped completely. Apparently the InputMonitor sends a SIGIO when disconnecting the device making powernapd to stop. So what I'm just testing is to ignore if the SIGI
<kirkland> RoAkSoAx: okay
<kirkland> RoAkSoAx: yeah, we'll need to get that fixed
<RoAkSoAx> kirkland: so, if there's keyboard/mouse InputMonitor running and for whatever reason we disconnect it, the SIGIO will be ignored and powernapd continues to monitor (but won't detect any activity). Then, when the devices is  reconnect, the InputMonitor successfully resumes monitoring.
<kirkland> RoAkSoAx: hmm, looks like the InputMonitor needs to understand the concept of connected/disconnected devices
<kirkland> RoAkSoAx: oh, another thing;  i think when you 'sudo stop powernap', it should wake the system up
<kirkland> RoAkSoAx: in the upstart job
<kirkland> RoAkSoAx: pre-stop
<kirkland> RoAkSoAx: i think i'm going to add that
<RoAkSoAx> kirkland: in that case, we'll need to check if powernapd has entered to powersave mode
<smoser> hggdh, RoAkSoAx around ?
<smoser> lets go ahead and try to start testing images
<RoAkSoAx> smoser: i'm here
<smoser> hggdh, ?
<smoser> he was here. he wanted to watch also.
<smoser> lets join #ubuntu-ec2-test
<zul> hallyn: ping
<hggdh> smoser, here
<smoser> join #ubuntu-ec2-test,  hggdh
<xperia> hello to all. i have a simple question about ubuntu web server. what is best solution for running two or more webservers behind a router ?
<xperia> i tryed to install Pound on one of the Webservers and redirect with Pound all the raffic that is not realted to the one server to the Other Webservers. But thing is the Pound Reverse Proxy Server is somehow not transparent and i am not sure if reall this is best solution for this Problem / Situation. What is normally used to run several Web Servers behind one Router with one Fix IP ?
<xperia> the router itself run linux too. maybe it exist some possibility with iptables on the router side to redirect the traffic easy to the Webservers in the LAN
<patdk-wk> pound, apache, lighttpd, nginx, squid, varnish, ...
<patdk-wk> I doubt you will ever make a transparent reverse proxy though
<patdk-wk> you just need to fix up your application to work correctly
<patdk-wk> the only thing that changes is the ip address, so use the correct location for the ip
<Matt28> hey all, i am rather new to linux, and i need some help.  i installed ubuntu server 64 bit and when i rebooted after install it came up to the cmd line only, is there not an x window environment?
<hallyn> zul: hey
<zul> hallyn: im just sniff testing lxc right now
<hallyn> roses and fine scotch?
<Matt28> hello??
<MagicFab> Matt28, no, there isn't
<Matt28> well that would make a lot of things make since then, the whole reason i used server was because i need raid support, and could not see where to set that up with a fresh install of the desktop version of ubuntu
<zul> hallyn: yes :)
<xperia> patdk-wk: thanks a lot for answer. varnish looks promising.
<xperia> still dont know what is most prefered for such a situation. maybe somebody here with experience about such stuff what run best
<patdk-wk> that depends on what your attempting to do
<patdk-wk> varnish is a caching server, so it's cache could get you into trouble
<patdk-wk> so you need to know what your doing
<tm> xperia: I have just read the discussion in #ubuntu-de. you look at this link: http://www.apachetutor.org/admin/reverseproxies or http://buecher.lingoworld.de/apache2/mod_proxy.html
<uvirtbot> New bug: #711465 in apache2 (main) "mod_rewrite directives in <Location> section confusingly disable rewrites in .htaccess" [Undecided,New] https://launchpad.net/bugs/711465
<uvirtbot> New bug: #711480 in cloud-init (main) "user-data scripts do not run" [Undecided,New] https://launchpad.net/bugs/711480
<xperia> tm: thanks a lot for your reply ! will look into it
<hggdh> what should be the minimum size of a server install? Of old it was 575,000. Current minimum seems to be 589,552
<hggdh> Daviey, there?
<zul> hggdh: sounds about right
<hggdh> zul, the new value, right?
<zul> i think so
<hggdh> zul, thank you, I will update the test
<Woutje123> Mr. Kirkland
<Woutje123> You got time for pm-utils <-> powernap
<Woutje123> issue/ small bug
<RoAkSoAx> Woutje123: you can address your concerns to me in that matter, what's up?
<hggdh> zul, can I go and destroy the test rig?
<zul> hggdh: with a baseball bat
<Woutje123> I was having issues with my ubuntu server not respecting my wake on lan settings after pm-suspend
<RoAkSoAx> Woutje123: how so?
<hggdh> zul, consider it done :-)
<zul> hggdh: i will
<Woutje123> I'd set wake to :"ug" (unicast and magic packet)
<Woutje123> then after pm-suspend (manual of issued by powernap) it would only wake from magic packet
<Woutje123> I just found the cause
<Woutje123> it's in: /usr/lib/pm-utils/power.d/disable_wol
<Woutje123> It has a line "ethtool -s "${d##*/}" wol g>/dev/null 2>&1;;" in it
<Woutje123> when i changed the g to ug my problems were solved
<Woutje123> I think it's a bad idea that all systems using ethtool in the background use direct commandlines
<RoAkSoAx>  Woutje123: so that wouldn't be an issue with powernap but with pm-utils :). I'd ssuggest you file a bug against it saying something like "After manually suspending with pm-suspend, settings get changed"or something like that
<Woutje123> there's no settings file anywhere that enables a system admin to set default behaveour
<Woutje123> I was allready browsing pm-utils for simular bugs
<RoAkSoAx> Woutje123: what version of powernap are you running btw?
<Woutje123> I just thought this could relate to powernap
<Woutje123> the ppa version 2.something
<Woutje123> btw thanks for powernap, it was the only thing missing in my home server setup...
<Woutje123> Now when my gf powers on the mediacenter my server comes on.... when it's turned of it suspends....
<Woutje123> great stuf
<RoAkSoAx> Woutje123: hehe no probs it's a fun project to work with.. and a lot has changed in the past month, so we'll soon release 2.3)
<RoAkSoAx> Woutje123: have you checked the powersave mode yet?
<Woutje123> no
<Woutje123> What does that do?
<RoAkSoAx> Woutje123: instead of suspending it will just try to reduce power consumption
<Woutje123> Can it be used in stages? stage 1, powersave after 5 minutes, stage 2 suspend after 40 minutes?
<RoAkSoAx> Woutje123: nope... but that seems a cool idea that I'd like to discuss with kirkland
<Woutje123> RoAkSoAx: I can have good ideas to bad I can't code for s***
<Woutje123> :-)
<RoAkSoAx> Woutje123: could you please file a bug agains launchpad.net/powernap and I'll discuss this further with kirkland
<Woutje123> regarding the stage stuff?
<RoAkSoAx> Woutje123: yeah!!
<Woutje123> RoAkSoAx: sure, can't could but I can sure as ...... type....
<RoAkSoAx> Woutje123: by doing so we can keep track of it, as a feature request
<Woutje123> RoAkSoAx: sure thing.. I'm filing a bug against pm-utils now.
<Woutje123> RoAkSoAx: I'll create one against powernap after that
<Woutje123> RoAkSoAx: https://bugs.launchpad.net/ubuntu/+source/pm-utils/+bug/711517
<uvirtbot> Launchpad bug 711517 in pm-utils "pm-suspend doesn't respect wol settings of network interface" [Undecided,New]
<Woutje123> nice feature that uvirtbot
<Woutje123> RoAkSoAx: powernap only has one bug....
<Woutje123> :-)
<RoAkSoAx> Woutje123: the powernap bug file it against the upstream project www.launchpad.net/powernap please
<Woutje123> RoAkSoAx: I'm filing it on: https://bugs.launchpad.net/powernap
<Woutje123> RoAkSoAx: is that correct?
<stgraber> Woutje123: yes, that's the upstream project
<RoAkSoAx> Woutje123: yes >) thank you!
<RoAkSoAx> stgraber: it is a feature request :)
<Woutje123> Should I add a "feature request" tag?
<RoAkSoAx> Woutje123: not really necessary
<Woutje123> ok
<Woutje123> RoAkSoAx: https://bugs.launchpad.net/powernap/+bug/711521
<uvirtbot> Launchpad bug 711521 in powernap "using stages for powernap" [Undecided,New]
<RoAkSoAx> Woutje123: awesome! I'll point it out to kirkland and once he's around we'll discuss it and if he also likes the idea, it can be implemented soon enough
<Woutje123> RoAkSoAx: If you need testing (bug related or not) you can contact me
<RoAkSoAx> Woutje123: sure thing!
<RoAkSoAx> thank you!
<Woutje123> RoAkSoAx: Can you use my launchpad ID for that?
<RoAkSoAx> Woutje123: I can post a comment in the bug report, and you'll receive email from it
<Woutje123> RoAkSoAx: Ok, thanks very much
<RoAkSoAx> Woutje123: no probs ;)
<Woutje123> another question
<Woutje123> I would like to display some server variables on the default tty without having to login
<Woutje123> think conky for cli
<Woutje123> Is there a tool to achieve this?
<Woutje123> I want it to be live
<qman__> well, I disabled tty1, and added things to rc.local
<qman__> but that's just static text
<Woutje123> things like system load, ip address software raid
<qman__> I assume you could have it run something other than login somehow, though
<Woutje123> Yeah I thought about that
<Woutje123> qman__: not about that though
<RoAkSoAx> Woutje123: have you tried byobu?
<Woutje123> RoAkSoAx: Isn't that more like screen?
<RoAkSoAx> Woutje123: yeah, but it shows you varios variables, such as uptime, load, CPUS, available disk space, and so on, you should give it a try
<RoAkSoAx> it also displays IP
<Woutje123> RoAkSoAx: I guess I could make a config that issues a couple of commands....
<Woutje123> RoAkSoAx: How would I go about making it show up after system boot without login
<RoAkSoAx> Woutje123: that I don't know. but when logged in, byobu is an excelent screen wrapper that you'll love ;)
<Woutje123> RoAkSoAx: I know (now): sudo apt-get install byobu
<Woutje123> Thanks...
<Woutje123> it's a great start
<Woutje123> I've got to go now
<Woutje123> thanks for all the help
<RoAkSoAx> welcome ;)
<iarp> Has php4 been removed from apt-get sources?
<hggdh> Daviey, awake still?
#ubuntu-server 2011-02-02
<uvirtbot> New bug: #711587 in eucalyptus (main) "powernap and Eucalyptus seem unable to reach an understanding" [High,New] https://launchpad.net/bugs/711587
<RoAkSoAx> hggdh:
<RoAkSoAx> hggdh: bug #711587
<uvirtbot> Launchpad bug 711587 in eucalyptus "powernap and Eucalyptus seem unable to reach an understanding" [High,New] https://launchpad.net/bugs/711587
<RoAkSoAx> what's the problem with powernap?
<hggdh> RoAkSoAx, not really powernap, I guess, but the interaction with euca
<twb> I think the "problem" is the user not using the tools correctly
<twb> "I cut my thumb off using the bandsaw.  Obviously there is a problem with bandsaws and wood"
<hggdh> RoAkSoAx, powernap puts the system on a nap, and euca does not seem to recover, or not recover fast enough
<hggdh> twb, that's for me?
<twb> hggdh: powernap runs an arbitrary command
<RoAkSoAx> hggdh: are you sure powernap is putting the machine to nap?? (The method by default is not to suspend a machine)
<hggdh> twb, whatever it does -- the default install should be sane.
<RoAkSoAx> but to put it to powersave mode, which doesn't put them to sleep, but save power by running pm-powersave
<twb> From the additional input you just provided, it sounds like the problem is eucalyptus vs. pm-utils
<hggdh> RoAkSoAx, IDK. All I know is it tells me it is going into powersave, and suddenly it takes a long time to get a response on the terminal
<twb> or vs. kernel
<RoAkSoAx> hggdh: edit vim /etc/powernap/config and change ACTION_METHOD from 0 to 4.
<RoAkSoAx> 0 is powersave, and 4 is best-effort
<RoAkSoAx> which is the default in previous ubuntu releases
<RoAkSoAx> that will pm-suspend the node
<twb> How would ANYTHING wake it up from a suspend state, anyway?
<hggdh> I will try. For the alpha2 tests, it will not really matter anymore, there is yet another issue that fails all instances
<twb> That requires external stimuli, like a HID or WOL
<hggdh> twb, perhaps WOL?
<twb> In *that* case I'd say your problem is kvm not implementing WOL over the bridged interface or so :-)
<twb> I'm not sure it wouldn't be better to leave the power-saving work to the VM rather than implementing it internally with ACPI states
<twb> After all, the VM's whole ACPI stack is a virtual one in any case
<RoAkSoAx> twb: hggdh WoL
<hggdh> anyway, so far the end result seems catastrophic to euca.
<RoAkSoAx> hggdh: first check if the nodes that are being put to "sleep" by euca with powernap are really aspleep
<RoAkSoAx> that might be the issue
<hggdh> RoAkSoAx, indeed. I am searching for possible causes. Also, please note that I opened the bug on euca, *not* on powernap. I tend more to euca as root
<RoAkSoAx> hggdh: indeed!! i just wanted to discard that powernap was the cause of the issue, because in natty, there'sbeen quite a few changes to it
<RoAkSoAx> well not just a few, a lot
<RoAkSoAx> and one of those is to not suspend, or hibernate, or poweroff the machine, but to maintain it running in powersave mode
<RoAkSoAx> by default
<hggdh> I will try it
<hggdh> now, just to add sugar on top gnome-panel decided I cannot really select, or move to another window in a workspace (but I can change workspaces)
<axisys> how to copy the vtoc of one disk and apply to another disk?
<axisys> is it a combination of fdisk and sfdisk ?
<axisys> in solaris i do it like this, prtvtoc /dev/rdsk/c0t0d0s2 | fmthard -s - /dev/rdsk/c0t1d0s2
<axisys> c0t1d0s2 is new disk
<axisys> not sure how to do similar operation on linux
<axisys> my orig disk /dev/sda and new disk is /dev/sdb
<hggdh> RoAkSoAx, I will keep on tomorrow. Probably I will find something obvious. I hope :-(
<yann2> hello... I want to use a file as an encrypted loop device... what would you recommend, dmcrypt, ecryptfs?
<RoAkSoAx> hggdh: just let me know if you need any help ;)
<RoAkSoAx> SpamapS: yay!! just broke my X
<SpamapS> RoAkSoAx: lucky you :)
<SpamapS> RoAkSoAx: I'm refraining until nvidia puts out new drivers
<RoAkSoAx> SpamapS: yeah im with 640x860 as we speak and drivers dont work
<RoAkSoAx> lol
<RoAkSoAx> SpamapS: any ideas on how to repair this?
<hallyn> RoAkSoAx: my desktop is broken too.  back into wmii for a bit
<dschuett> I have just set up my first EVER bind server (bind9 on ubutnu 10.04) and everything works great execpt one thing: when i ping a hostname that i have set up in bind, the pings return very slow, like one every 5-6 seconds. Any ideas?
<dschuett> I tried disabling ipv6 through sysctl.conf, but still the same results (even after reboot)
<RoAkSoAx> hallyn: oh jeez!1 I wonder how long we'll have to wait for a fix
<mdeslaur> dschuett: I don't believe bind is your problem there if it's taking 5-6 seconds after the initial lookup
<dschuett> mdeslaur: but it JUST started doing it when i set up bind
<dschuett> it worked fine with dnsmasq... i have read that this is because ipv6 is enabled, but i have disabled it and still get the same results
<mdeslaur> dschuett: what if you ping the ip address instead of the name?
<mdeslaur> dschuett: and/or do a ping -n
<dschuett> FAST as normal
<mdeslaur> what do you have in /etc/resolv.conf?
<dschuett> domain scs.local search scs.local nameserver 192.168.0.150 <--- all on their own line
<mdeslaur> and 192.168.0.150 is your new bind server?
<dschuett> yes
<mdeslaur> hmm...I'm not quite sure what the issue is than
<mdeslaur> s/than/then/
<dschuett> yeah, kind of strange...
<dschuett> I am going to ask around in #ubuntu
<hallyn> RoAkSoAx: lemme know if you find it's been fixed :)  not sure when i'll try again
<RoAkSoAx> hallyn: i will ;)
<dschuett> anyone running bind9 on ubuntu 10.04?
<twb> Yes
<dschuett> twb: everything works great execpt one thing: when i ping a hostname that i have set up in bind, the pings return very slow, like one every 5-6 seconds. Any ideas?
<twb> No, I don't run bind9
<dschuett> twb, oh :P
<twb> You asked if ANYONE ran bind9 in lucid -- this is almost certainly true.
<twb> e.g. you do, proof by instantiation
<twb> ping will only resolve the hostname once, so if ongoing ping responses are slow, that's unrelated to bind.
<twb> You should be diagnosing DNS issues with dig, not ping
<ubuser> whats this room for?
<ubuser> i cant get a flash player working in my firefox
<dschuett> twb: ok, i see what you mean... BUT if i ping by the ip instead of the hostname it pings just fine
<twb> dschuett: NFI, sorry
<twb> "35 packages can be updated.  3 updates are security updates.
<twb> ...in aptitude or apt-get, how can one say "list only security updates"?
<twb> Futher, how can one say "apply only security updates"?
<opengeard> On aws at least, 10.04.2 LTS is available apparently.
<dschuett> I have been troubleshooting this for ever now... I just set up my first bind9 dns server on ubuntu 10.04, everything works fine, but when i ping by the host name it takes like 5 to 6 seconds between getting each echo response... if i ping by ip the response time is normal
<dschuett> I know people say this isn't a DNS problem, but i dont' get why it just started doing this when i installed bind and it worked fine when i was using dnsmasq...and also for the fact that it works fine wihen pingin the ip
<mrroth> hi
<mrroth> I rebooted my ubuntu server and I got general error mounting file system
<mrroth> so it just brings me to the root shell
<mrroth> in read only shell (maintnace )
<mrroth> what did I do wrong
<mrroth> bbl
<RoAkSoAx> hallyn: ping?
<uvirtbot> New bug: #711635 in mysql-dfsg-5.1 (main) "mysql update fails waiting for input" [Undecided,New] https://launchpad.net/bugs/711635
<dschuett> why does ubuntu do a reverse lookup on EVERY ping request?
<sparc> hah, that's funny
<sparc> maybe you can turn it off with -n
<sparc> if that helps
<dschuett> sparc: well, i know you can do that... but i don't get why it does this....? shouldn't it cache the first one?
<sparc> maybe some people want it to be aware of dns changes, maybe
<sparc> although, i guess the resolver should cache as well
<dschuett> sparc: i have bind running and if i ping a host by hostname it takes like 5 seconds between each ping response because it does a reverse lookup on every ping
<dschuett> but this is weird because if i ping google.com from my ubuntu machine it does the same thing
<dschuett> but not with yahoo.com
<dschuett> sparc: Kind of odd..
<jmarsden> dschuett: ping -n yahoo.com should take care of that, unless I am misunderstanding the issue?
<sparc> i think he's curious about why that's the default behavior
<sparc> although, if my copy is doing that too, it's quick about it
<sparc> and doesn't result in the 5 second window between responses
<dschuett> sparc: oh, i forgot to mention that i notice that it only does this on ubuntu DESKTOP
<sparc> dschuett: could be your resolver isn't caching and does a recursive query each time?
<dschuett> sparc: why would google.com take a long time between responses but NOT yahoo.com
<sparc> there might be a lot going on there that affects the behavior
<sparc> most of which is outside the ping utility
<dschuett> sparc: so you're saying that i should be able to configure bind to cache?
<twb> 16:07 <dschuett> sparc: well, i know you can do that... but i don't get why it does this....? shouldn't it cache the first one?
<twb> That would depend on the app, and on nscd (if installed)
<twb> And of course your recursive resolver could cache it, too.
<twb> Personally I would recommend using dnsmasq as your recursive resolver, and reserve bind for hosting your zonefiles.
<dschuett> twb, how do you run both?
<twb> Separate hosts
<twb> Or bind one to the internal interface and the other to the external interface
<dschuett> ahhh gotcha
<geekbri> ugh, i can't get nginx to serve websites on an ec2 instance through its elastic ip on 10.04.  It serves it on the public dns without an issue.  any ideas?
<twb> I heard that nginx ignores /etc/hosts and only refers to DNS
<twb> Is that relevant?
<geekbri> well i didn't make an entry in /etc/hosts but its probably relevant.  I think the issue is that an EC2 instance isn't aware of its elastic IP just its public DNS... i could add its ip to /etc/hosts i guess but if nginx ignores that it wont help anyway (that didn't seem like a proper solution anyhow)
<geekbri> honestly im a bit stumped all together because i thought if you did listen 80; nginx would just listne to all incoming connections on port 80, but it seems to serve it some random "welcome to nginx" page
<twb> geekbri: whu aren't you binding to *:80
<geekbri> i thought that listen 80 and listen *:80 where equivalent
<twb> Dunno
<twb> ask netstat
<geekbri> well , i tried * anyway and it didn't work :(.  This has got me puzzled and frustrated :)
<jhaddad> are there reliability issues when using bridging with DHCP?  sometimes my vms  just seem to disappear
<twb> You can't bridge DHCP; that doesn't make sense
<jhaddad>  if I have a bridge set up on a network that uses DHCP, my vms are connected to it.
<jhaddad> s/if//
<jhaddad> http://pastebin.com/emBkQyY8
<geekbri> well i give up. goodnight
<jhaddad> well, if anyone has any ideas i'll be on for a bit... i'm not sure why my VM can no longer hit the network, but it's pretty annoying :/
<tohuw> I've been reading about some key differences between Postfix and Exim; does anyone have any input on general usability and maintenance of either/both on an Ubuntu 10.10 server? I've only used Exim before...
<jmarsden> tohuw: Use whichever you are more comfortable with, both work fine in Ubuntu.  I think Exim has two different ways to configure it (one big file or many smaller one) which can be odd if you are not used to that and come from running exim on another distribution or IS.
<tohuw> jmarsden: I used Exim's "many smaller files" setup. Do you have any strong opinions on MDAs?
<jmarsden> tohuw: Not really.  I tend to use postfix myself, but that's just habit/preference.  Along time ago I used sendmail :)
<tohuw> (I realize that "whichever I am comfortable with" is a good answer here as well, but given that my previous environments sort of auto-managed my mail system (WHM/cPanel), I'm open to opinions/biases/religion)
<jmarsden> I think more Ubuntu people use postfix than exim, but I'm not sure of that... so you might get better support from the Ubuntu community using postfix...?
<tohuw> jmarsden: Sorry, I was asking about M*D*As, as in Courier, Dovecot, Cyrus, etc.
<tohuw> jmarsden: Yeah I was sort of thinking that (about Postfix)
<jmarsden> Ah... again I use what the distro uses, so I use dovecot.  That means for really simple installs you can use the dovecot-postfix package and it autoconfigures them to work together.
<tohuw> jmarsden: do you find it simple to quickly add "virtual users" using dovecot? That is, just a mailbox address that is not attached to any real user on the system. Bonus points for experience setting up virtual users with multiple forwarders to mimic "Distribution Lists"
<tohuw> I'll RTFM, of course, but I like to hear how many orders of magnitude the FUBAR is before diving in sometimes. :)
<greppy> tohuw: you can do that with postfix & dovecot, but you need some other glue, I personally use mysql as my user store.
<greppy> tohuw: http://www200.pair.com/mecham/spam/
<greppy> that is setup for debian, but with minor tweaking it can be done with ubuntu.
<jmarsden> For that kind of thing I tend to pick the tool that does all the "virtual user" management, has a web UI or whatever is needed, and then use whatever it asks for underneath. Which often includes a database.
<greppy> O
<jmarsden> tohuw: If you are coming from a WHM/cpanel background maybe you want to look at free alternatives to that and then use what they ask you to use?
<tohuw> jmarsden: any tool of that nature you particularly recommend?
<greppy> bleh, fingers not on home keys sucks... anyway... I've used the above link + http://froxlor.org panel software
<jmarsden> It depends what exactly you need.  ispconfig maybe.
<tohuw> jmarsden: I don't like systems that comandeer such a significant portion of my stack... I'm perfectly happy managing my own LAMP stack, though I freely admit my woeful ignorance of all things mail-sy
<tohuw> but things like DNS, Apache, MySQL/Postgres, etc., I prefer to self-manage, because cPanel likes to do silly things.
<greppy> tohuw: then you may want to take a look at the link I tossed out there, that leaves most of your LAMP alone.
<tohuw> greppy: ooh neat. I'm ogling it now.
<greppy> but gives you a web based control panel for managing mail domains & users.
<tohuw> hrm, I wish it could run on postgres
<MTecknology> !kvm
<ubottu> kvm is the preferred virtualization approach in Ubuntu. For more information see https://help.ubuntu.com/community/KVM
<greppy> tohuw: it probably could, but that's a little more tweaking :)
<tohuw> greppy: there's only so much tweaking I'm willing to do in a given environment before I give up/go stark raving mad. I love toying around, but I don't like creating unstable environments that I can't get wide support on because they've been tweaked to death
<tohuw> at least, not when paying clients come into the picture
<greppy> *nod*
<tohuw> my own toys are another matter >.>
<greppy> I totally understand :)
<alvin> There is a new version of Upstart that fixes bug 672177, but it is kept back because it would break libc6. I see this on all Maverick machines. Any news on the issue?
<uvirtbot> Launchpad bug 672177 in upstart "libc6 upgrade causes umount to fail on shutdown because init cannot be restarted" [Critical,In progress] https://launchpad.net/bugs/672177
<sk-ruby> Hi, Getting errors while connecting remote MS SQL server from my Ubuntu 10.10...check http://pastie.org/1520778
<sk-ruby> any help would be appreciated...
<twb> sk-ruby: there's no "isql" program in Ubuntu.  Is it third-party?  If so, you should be asking whichever vendor provided it.
<sk-ruby> twb: thanks for the reply....I even tried using sqsh...got following out put....http://pastie.org/1520803
<twb> sqsh isn't in Ubuntu either AFAICT
<twb> uggggggh
<twb> if-down.d  if-post-down.d  if-pre-up.d  if-up.d  interfaces
<twb> Why is it "post-down" but only "up"?
<sk-ruby>  hi, How to connect mssql from ruby on rails application in ubuntu system ? i am unable to connect the database....any help would be appreciated...
<uvirtbot> New bug: #711730 in mysql-5.1 (main) "package mysql-client-5.1 5.1.49-1ubuntu9 failed to install/upgrade: trying to overwrite '/usr/bin/perror', which is also in package mysql-server-5.1 5.1.49-1ubuntu9" [Undecided,New] https://launchpad.net/bugs/711730
<Frenk> Hello, I get an error: http://paste.ubuntu.com/561327/ Can anyone tell me what it means with EUID etc? Thx
<RoyK> effective user id
<totof> hi all, i've one question about netboot installation
<totof> at my office we're using UCS Cisco and the driver for M81KR ethernet card is not included into the debian-installer kernel
<totof> but this driver is included into the squeeze one
<totof> is there a plan for adding the driver enic into the kernel for ubuntu-installer ?
<totof> with the squeeze debian-installer the blade B200M2 from Cisco UCS are working like a charm
<Frenk> RoyK: okay and can you tell me how to  fix that error? I reinstalled amavis and the user got deleted, now I reinstalled that and new user with new id was created.
<Frenk> RoyK: change the writing permissions on the file and add the new amavis userid?
<RoyK> Frenk: chmod
<RoyK> erm
<RoyK> chown
<Frenk> Hello, I get an error: http://paste.ubuntu.com/561327/ Can anyone tell me how to fix it? I already tried to change chmod to 777 and chown to nobody:nogroup but it doesnt help - still the same error.
<mrmist> The error seems to be complaining that it *is* writable, not that it isn't.  Maybe you need to restrict it?
<qqqqqq> hi there !
<qqqqqq> is anyone here configured an ubuntu server cluster ?
<qqqqqq> what did you use in configuring the cluster ( e.g. drbd, pacemaker, etc)?
<tlir__> are there compact versions of the 10.04 server edition? (something extremely lighter than 700mb)
<tlir__> ahh, found the minimal cds
<tlir__> seems to be what I need
<Error404NotFound> tlir__: what about JeOS
<Error404NotFound> ?
<tlir__> what is that?
<kobrien> guys, major problem. Mysql won't start for me under 10.04
<kobrien> appreciate any help
<dschuett> kobrien: any errors?
<kobrien> in syslog: kernel: [1899017.029000] type=1505 audit(1296651360.578:68):  operation="profile_replace" pid=20591 name="/usr/sbin/mysqld"
<kobrien> ^
<kobrien> I'm thinking it's apparmour, but I'm not familiar with it
<kobrien> just that syslog error there
<kobrien> any idea?
<dschuett> i usually remove apparmor
<pmatulis> kobrien: is it a fresh install of 10.04?
<kobrien> yes
<dschuett> korbrien: /etc/init.d/apparmor stop
<dschuett>   update-rc.d -f apparmor remove
<dschuett> aptitude remove apparmor apparmor-utils
<kobrien> but using a my.cnf from an older release
<kobrien> any tool to check my.cnf syntax?
<pmatulis> kobrien: hmm, maybe try the original?  or a simpler one?
<pmatulis> kobrien: and mysql never started or was there a change?
<kobrien> it was working. I just changed a variable in my.cnf...restarted, it wouldn't come up. I removed my change and now it won't start
<pmatulis> kobrien: well, maybe reboot
<pmatulis> kobrien: i believe you need to reboot with apparmor problems
<kobrien> solved! thanks guys..IRC wins once again
<pmatulis> kobrien: and the answer is...?
<kobrien> 2 secs
<kobrien> was chatting to bossman. Turns out I had taken one of two backup my.cnf's. The one I took was from a 5.0 mysql version.
<kobrien> that was all.
<jdstrand> kobrien: that is not an apparmor error
<jdstrand> kobrien: that is purely informational
<jdstrand> dschuett: why do you usually remove apparmor? if there are issues with the profiles, please file bugs
<jdstrand> dschuett: it provides an important protection if/when there is a security vulnerability found in the application being protected
<jdstrand> dschuett: at a minimum you can disable the problematic profile, not all of apparmor
<jdstrand> dschuett: err, at most, you can disable the problematic profile, not all of apparmor
<RoAkSoAx> morning all
<zul> hey RoAkSoAx
<zul> smoser: around?
<Daviey> ho ho
<smoser> zul, here now
 * RoAkSoAx trying to repair his screen
<RoAkSoAx> zul: heya !
<RoAkSoAx> anyone ideas on how to get it to automaqtically detect resolutions
<RoAkSoAx> ?
<uvirtbot> New bug: #711866 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade: Unterprozess installiertes post-installation-Skript gab den Fehlerwert 1 zurÃ¼ck" [Undecided,New] https://launchpad.net/bugs/711866
<zul> smoser: is this ok? https://wiki.ubuntu.com/NattyNarwhal/TechnicalOverview#Ubuntu%20Server%20Cloud%20images
 * RoAkSoAx brbb
<smoser> zul, i would mention, that since alpha1 we also started booting on i386
<smoser> (other than t1.micro)
<zul> smoser: eh?
<smoser> "EC2 images now run on m1.small and c1.medium sizes, and t1.micro in arch amd64"
<uvirtbot> New bug: #711867 in bacula (main) "Waits forever on storage file" [Undecided,New] https://launchpad.net/bugs/711867
<manas> anyone help me on this error kvm: /build/buildd/qemu-kvm-0.12.5+noroms/hw/lsi53c895a.c:596: lsi_reselect: Assertion `s->current == ((void *)0)' failed in UEC in ubuntu 10.10
<manas> please help me
<zul> smoser: thanks
<manas> please anyone help me on this error kvm: /build/buildd/qemu-kvm-0.12.5+noroms/hw/lsi53c895a.c:596: lsi_reselect: Assertion `s->current == ((void *)0)' failed in ubuntu 10.10
 * RoAkSoAx gonna reboot real quick
<manas> anyone help me
<manas> ubuntu-cloud
<zul> smoser: is 711480 still an issue?
<smoser> manas, don't ask to ask, just ask :)
<smoser> zul, it is not an issue in 20110202 which is what we'll release.
<zul> sweet
<manas> smoser: i am getting this error kvm: /build/buildd/qemu-kvm-0.12.5+noroms/hw/lsi53c895a.c:596: lsi_reselect: Assertion `s->current == ((void *)0)' failed can you help me
<manas> smoser: have you got error
<totof> hy all, I see that enic driver is present in 10.04 kernel and 10.10 kernel but I'am disapointed cause this driver enic is not present into kernel used by ubuntu-installer
<smoser> manas, i've never seen that error, no, but i would getting more information would be helpful.  kvm generally does work, it appears you might be using a local build, and we don't knwo what or when it failed.  I can't promise to help you, but those sorts of things are important bits of info for someone to try to help.
<totof> and this driver is present into squeeze
<totof> so is there a plan for integration of this driver ?
<totof> I'm using Cisco UCS blade B200M2 with M81KR card
<manas> when i am installing OS in  the VM using kvm hypervisor i am getting this error.
<manas> smoser: when i am installing OS in  the VM using kvm hypervisor i am getting this error.
<smoser> manas, from http://www.mail-archive.com/kvm@vger.kernel.org/msg41646.html it appears to be a known issue, which may or may not be fixed in 0.13 of kvm.
<manas> smoser: ok thanks
<hallyn> RoAkSoAx: were you pinging me?
 * hallyn is a bit chilly, power keeps going out
<RoAkSoAx> hallyn: yeah... got my X fixed... what are your issues?
<hallyn> RoAkSoAx: oh, i'm still (happily) in wmii right now.  my issues?  well i guess off topic here :)  but screen was split.  ping me on #ubuntu-desktop if you actually wanted to know, otherwise thanks for the heads-up :)
<Daviey> hggdh, Around?
<Daviey> hggdh, if so, are you able to apt-get install isc-dhcp-server, and sudo mv /usr/sbin/dhcpd3 /usr/sbin/dhcpd3  , and try again?
<Daviey> I'm prepping an upload
<hggdh> Daviey: hum. Have to check with zul. ^
<hggdh> zul: actually, which machines are you using on the test rig?
<zul> just cemepdak
<zul> was right in the middle of rebooting it
<hggdh> zul, cool. I will use mabolo, marula, and santol
<zul> hggdh: okies
<hggdh> Daviey: I will have to reinstall, so give me 30 min (or more, I just applied the latest updates to natty, and lost most of the windows controls
<zul> Daviey: can you fix that torrent bug with eucaylptus while you are at it
<zul> 697753
<cmagina> hallyn: ping
<hallyn> cmagina: hey
<hallyn> cmagina: can you ship me a generator?
<cmagina> hallyn: two things, are you done with my server and i have some info on the multipath run
<cmagina> hallyn: the weather really bad down there?
<hallyn> cmagina: yes, done with your server, should be all shut down.  thanks, it was perfect
<cmagina> hallyn: awesome, thanks :)
<hallyn> cmagina: it's bad for down here, yes.  17 degrees.  but power has been out all morning.  they turn it back on every 30-60 minutes for about 5 mins
<cmagina> hallyn: on the multipath front, it looks like the new package isn't chatting with the SCMs properly
<hallyn> so what info on mp?
<hallyn> hm
<hallyn> it has the alua-specific patches we had in the old package....
<cmagina> i have the logs from both sides, the console on the server and the SCM debugging logs as well
<hallyn> this is with the one merged from debian experimental right?
<cmagina> yeah
<cmagina> it appears when it goes to configure the ports, something isn
<cmagina> wasn't done and the ports are put into standby
<cmagina> the SCMs are showing a command they don't recognize on their side, but i don't have a good baseline to know if that has anything to do with it
<cmagina> that is awful (the power outage), hopefully when the icy rain truly freezes up here we don't lose power lines
<hallyn> i'm gonna have to start coding in a winter coat
<cmagina> ouch
<hallyn> it might be worth checking whether debian/experimental has any updates since i grabbed the tree
<cmagina> all of the logs from the run are in my home directory
<hallyn> i'll take a look when i can, but tbh i don't know that i'll be able to figure it out.
<hallyn> note there have been some bugs floating around the dm-devel m-l,
<hallyn> making me wonder whether i should've gone with debian/unstable after all :)
<cmagina> yeah, if i get some more time today, i'll try and get a run with the 0.4.8 package and SCM debugging turned on for a baseline to compare against
<hallyn> cool, that'll be helpful
<hallyn> i ned to reproduce some other things today, i will hopefully lookat the logs tomorrow
<cmagina> yeah, i don't know low level scsi very well, i know the kernel interfaces, but not the specification down to the hardware level
<cmagina> hopefully the power situation improves for you
<cmagina> might need to go out and melt some ice off those lines ;)
<compdoc> -13Â°F here
<hggdh> 10F here
<zul> -23C
<RoAkSoAx> 25C here xD
<hggdh> Daviey: new CLC/CC/SC/Walrus installed, and I updated wrappers.conf; installing NCs now
<hggdh> RoAkSoAx: I envy you
<RoAkSoAx> xD
<hallyn> ooh, power's back on for a few minutes.  i'm not optimistic though
<\sh> guys, when you want to laugh about something: http://www.shermann.name/2011/02/serious-joke-of-day-drying-your-smoked.html <- this I saw when I entered our local DC room .. sad but true
<hallyn> yup, there it goes again
<SpamapS> hallyn: got a generator?
<SpamapS> hallyn: or just making do with 3G+laptop ?
<hallyn> SpamapS: the latter
<hallyn> SpamapS: i was on 3G anyway so that's no bother.  it's just the cold.  (and down to 65% batt)
<SpamapS> hallyn: saw the news reports this morning saying 2' or more coming to Chicago.. ouch.
<RoAkSoAx> severe weather indeed
<hallyn> SpamapS: yeah, they're having trouble too :)  i'm in austin atm though
<hallyn> here they just aren'tr used to it
<SpamapS> hallyn: why do I keep screwing up where you are?
<SpamapS> hallyn: you just messing w/ me?
<SpamapS> ;)
<DrPoO>  Hi, Could somebody point me to a resource where I can learn how to make a RAID 0 array??
<giovani> DrPoO: you want to use Linux md (software) RAID to do so?
<DrPoO> giovani, yes
<giovani> just look on the help.ubuntu.com site
<DrPoO> giovani, mdadm
<giovani> https://help.ubuntu.com/community/Installation/SoftwareRAID
<giovani> md is common to all linux distros
<giovani> so any md howto will work
<hallyn> SpamapS: our family moves from place to place based on where you think we are not, yes :)
<SpamapS> hallyn: diabolical
<SpamapS> zul: ping?
<zul> SpamapS: whats up
<SpamapS> zul: so for the second time in a week, I have a plugin for mysql that needs the full mysql source tree to build...
<SpamapS> zul: wondering if the mysql packages could spit out their source as a binary package.
<zul> nooooooooo
<SpamapS> zul: its mysql's fault, not the plugins' fault ;)
<zul> SpamapS: riight
<zul> SpamapS: so how are you thinking on doing it?
<SpamapS> zul: a bin package that drops mysql-$version.tar.gz in /usr/src/mysql
<SpamapS> zul: *or* .. producing a package with just the bits of the source tree that they need
<zul> SpamapS: ok well show me a debdiff and ill crucify it...i mean review it ;)
<SpamapS> and put those in /usr/share/mysql/include
<SpamapS> zul: this is specifically for handlersocket and xtrabackup
<zul> SpamapS: i figured ;)
<zul> SpamapS: do they need a specific version of mysql?
<zul> SpamapS: i need lunch so ill bbiab
<soren> hallyn: Hey. That nbd patch... Do I need to do anything else or do I just wait now?
<SpamapS> zul: sorry to answer your q, 5.1 or later for hsocket I think. xtrabackup seems to work with any version 5.0 or later
<hallyn> soren: did you mail it to lkml and cc: arnd?
<soren> I didn't CC arnd, but he responded anyways.
<soren> hallyn: ^
<soren> hallyn: Hm, or at least I thought I did.
<soren> hallyn: https://lkml.org/lkml/2011/1/28/306
<soren> hallyn: Hm... That web archive thing is odd to me.
<hallyn> soren: looks good.  the thing now is to just ping and bug people until it gets picked up
<soren> hallyn: When I look at patches in git, they have a crapload of acked-by's and tested-by's and whatnots..
<hallyn> hm though i don't see it in myinbox
<soren> hallyn: Do I need to add those or does whoeever merges it do that?
<hallyn> when someone else sends you an Acked-by, you add it into your patch
<soren> And resend it?
<hallyn> can you resend your patch, and add 'Acked-by: Serge Hallyn <serge.hallyn@canonical.com>' ?  (bc i can't reply since i don't have it)
<hallyn> yes
<soren> Man. git people sure like their e-mail.
<hallyn> you don't always have to resend it, but after the first posting or so, it can help make your patch look more legit
<soren> hallyn: Ok, so I got this: https://lkml.org/lkml/2011/1/30/47
<hallyn> and yes, some maintainers will just add any acked-by's which they see in the thread if youhaven't.  at least i think i've seen akpm do that
<hggdh> Daviey: there?
<hallyn> soren: yeah but he didn't explicitly ack it that i can see
<soren> hallyn: Exactly.
<hallyn> soren: ah, ask him if you can add 'tested-by: <hisname>'
<soren> hallyn: I'll ask Paul for guidance. He's the maintainer of hte nbd module, after all.
<hallyn> soren: that's fine.  i personally would respond and ask if he's ok with you adding his Tested-by, but nothing wrong with that either
<hallyn> soren: but if you *do* resend, pls do add my acked-by
<Daviey> hggdh, o/
<soren> hallyn: Will do, thanks.
<hallyn> it's tough to type when violently shivering
<hallyn> maybe it's time to go work from the car
<soren> hallyn: Google shows a hit for my patch on patchwork.kernel.org. Do you know what that is?
<hggdh> C/msg Daviey no luck
<hallyn> soren: i think all patches end up on there
<soren> hallyn: Ah, automagically?
<Daviey> C/msg hggdh, :(
<hallyn> think so
<soren> C/msg Daviey You and hggdh suck at /msg'ing.
<hggdh> c/msg soren heh. I say 'thank you' to the latest X & companions on natty :-)
<Daviey> :)
<hggdh> I am moving back to my old laptop, works good on Maverick
<soren> hggdh: Which e-mail to use for the acked-by?
<soren> err..
<soren> heh
<soren> hallyn: Which e-mail to use for the acked-by?
<soren> hallyn: Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
<soren> ?
<hallyn> yeah that's fine.  (I've been waffling the last few months)
<RoAkSoAx> hggdh: btw... any more news on the eucalyptus/powernap bug?
<hggdh> RoAkSoAx: not yet, trying to zero in the other issue with dhcpd, disabled powernap for a while
<hggdh> RoAkSoAx: I will get back to it ASAP
<RoAkSoAx> hggdh: ok ;)
<RoAkSoAx> let me know
<RoAkSoAx> hggdh: but when you do, change ACTION_METHOD to 4 in /etc/powernap/config ... as I really suspect that's the case
<hggdh> RoAkSoAx: thanks for this, I had already forgotten (reinstalled from scratch)
<RoAkSoAx> hggdh: no probs, just let me know your results
<hggdh> RoAkSoAx: will do, no doubt ;-)
<iceflatline> Hi all, a quick question on time synchronization in server v10.10...
<patdk-wk> use ntp :)
<iceflatline> I noticed there is no daily cron for ntpdate and the ntp packaged is not istalled by default so I'm unclear on how it synchronizes it's time, or does it?
<patdk-wk> it does each time a network interface comes up
<patdk-wk> using ntpdate in cron is evil
<iceflatline> lol why evil?
<patdk-wk> your blindly syncing your time to who knows what and no idea how good it is
<iceflatline> Well, sure, IF you don't, but if you did you would not object?
<patdk-wk> heh?
<patdk-wk> I have no idea what you said
<iceflatline> my point is I know where and what it is syncing to if I were to set it up that way.
<patdk-wk> then I couldn't care less :)
<patdk-wk> as long as it's not someone elses public time server :)
<iceflatline> right. Anyhoo... if it is syncing only at if-up then it essentially syncing only once?
<patdk-wk> for a server, yep
<iceflatline> thanks much!
<Daviey> iceflatline, The primary reason for not using ntpdate in cron, is that it changes the time very rapidly...
<Daviey> Some applications panic if the time jumps too far, especially backwards !
<Daviey> Therefore, ntp does adjustments gradually taking the pain away
<Daviey> ^^ better for servers :)
<uvirtbot> Daviey: Error: "^" is not a valid command.
<Daviey> uvirtbot, pah
<uvirtbot> Daviey: Error: "pah" is not a valid command.
<hggdh> for example, dovecot
<iceflatline> Daviey: Understood, that's why I was wondering why NTP was not used.
<patdk-wk> ntp opens a port though
<patdk-wk> I believe that is why it's not included by default
<hggdh> and this brings us back to same old Q: why don't we use ntpd as a standard?
<hggdh> (and ntpdate is being deprecated upstream)
<zul> hggdh: dunno
<iceflatline> Just curious how the server keeps accurate time on an ongoing basis; and it appears it can't unless you add a package.
<hggdh> unless you have ntpd, it does not. It will start drifting, and the rate is pretty much relative to the hardware
<iceflatline> hggdh: yes, I've arrived at the same conclusion.
<patdk-wk> and location :)
<patdk-wk> I had a server that kept accurate time at my house
<patdk-wk> but in the datacenter drifted at the max ntp would adjust
<patdk-wk> 500pps per hour?
<iceflatline> Then the solution is simple - swap machines :)
<patdk-wk> na, I swapped the internal timing method
<patdk-wk> I think it was using tsc
<iceflatline> tsc?
<patdk-wk> yep
<Daviey> So.... which lucky bunny wants to work on a FTBFS?
<patdk-wk> iceflatline: http://the-b.org/Linux_timers
<\sh> I wonder if it's possible to give grub-pc on ubuntu-server flavour a 5 sec timeout to hit <ESC> somehow...
<\sh> (by default I mean)
<patdk-wk> sure, edit /etc/default/grub
<\sh> patdk-wk: I mean after the default install...
<patdk-wk> sure, edit /etc/default/grub
<\sh> patdk-wk: that's after after the default install...I mean by default...giving the admin a chance ;) hey, we are not desktop we don't worry about the 5 seconds boot time promise ;)
<patdk-wk> you just said, I mean after the default install
<patdk-wk> editing that file would be *after the install*
<genii-around> If you have some automated install with a preseed file going, can use a post install directive in there to alter it before first boot
<patdk-wk> you mean, you want to add a script to the installer to edit that for you
<SpamapS> I think what he's saying is he wants the delay on first boot
<SpamapS> genii-around: +1
<SpamapS> :)
<halvors1> I have some problems configure Samba server.
<halvors1> ...
<halvors1> Can someone help me with it.
<RoyK> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<halvors1> Will pastebin the config file
<halvors1> My problem is that i can't get access to the home folders i have been set up.
<halvors1> Here is my /etc/samba/smb.conf file: http://pastebin.com/ANR6m2Gg
<RoyK> halvors1: you haven't said what the problem is...
<RoyK> http://pastebin.com/hN790Zat
<RoyK> without comments - easier to read
<halvors1> RoyK: The problem is that i cen't access the server (home directroys)...
<RoyK> halvors1: not at all?
<RoyK> or just no writes?
<RoyK> you have write permissions turned off, btw
<RoyK> halvors1: also, have you created samba users? smbpasswd ...
<halvors1> I get no login box when try to login using Ubuntu Desktop
<iceflatline> patdk-wk: Thanks!  very helpful.
<elasticdog> so I just did a handful of updates on a 10.04 server, and now networking is completely dead: https://dl.dropbox.com/u/9757362/2011-02-02%2010.36.17.jpg
<elasticdog> the proper module is loaded and lshw seems to see the Ethernet adapter, but it won't come up
<halvors1> RoyK: ?
<patdk-wk> lspci -v for the network card?
<elasticdog> hmmm...actually, it looks like it replaced the tg3.ko module with the older version, and copying the new one to /lib/modules/2.blah###/kernel/drivers/net/tg3.ko doesn't replace it anymore
<elasticdog> loading the module by hand with insmod works
<patdk-wk> get blacklisted or something?
<patdk-wk> my friend had an issue like that with his raidcard (not a blacklist issue)
<patdk-wk> we just added it into /etc/initramfs-tools/modules, and all good again :)
<elasticdog> patdk-wk: do you have to regenerate the initramfs after doing so?
<patdk-wk> yep
<elasticdog> makes sense, I'll give that a shot...thanks!
<patdk-wk> update-initramfs -u -k all
<patdk-wk> I'm not 100% sure if that is going to matter for a network card
<patdk-wk> but well, not having the raid card in initram makes the system not boot :)
<donvito> wich is better ebox or webmin for ubuntu server?
<patdk-wk> neither :)
<donvito> then what to use?
<patdk-wk> ssh?
<donvito> ssh?
<patdk-wk> well, as webmin doesn't even exist
<patdk-wk> but ebox is in universe
<patdk-wk> out of those two, ebox
<donvito> ebox sux
<donvito> i cant even install it
<donvito> it does problems with apache
<donvito> and /var/www
<patdk-wk> why bother asking then?
<donvito> i cant even get to work
<donvito> i also ask is there any other
<donvito> like webmin and ebox
<donvito> for ubuntu
<elasticdog> patdk-wk: looks like my update went from 2.6.32-27 to 2.6.32-28 and I didn't notice...is there a way my updated module can be included by default in all version bumps?
<patdk-wk> updated module?
<patdk-wk> did you compile and install that network driver youself?
<elasticdog> patdk-wk: yes, I had to
<patdk-wk> hmm, ugly then
<elasticdog> indeed
<patdk-wk> the only auto way I know is dkms
<patdk-wk> you would have to make a dkms thing for it
<patdk-wk> or make a nice script to compile and install it
<patdk-wk> and add it into /etc/kernel-img.conf (postinst_hook)
<donvito> so nothing about my question
 * patdk-wk says use ssh+vi
<donvito> patdk
<donvito> i need webinterface
<donvito> for my server
<donvito> so ill use webmin
<donvito> ebox looks good but is pain for me
<donvito> and really thanks
<donvito> you didnt helped me
<patdk-wk> I never said  I could help you
<donvito> than shut ur mouth up
<donvito> im here for help
<donvito> if u cant help just read
<patdk-wk> you the one bitching no one is helping you
<baggar11> trying to dabble with MPD, doesn't seem to be binding to port 8000 for HTTPD streaming. log is no help...
<baggar11> is there something I'm missing?
<elasticdog> patdk-wk: thanks for the help...I'll probably just write a quick script since these are just test systems and won't be around forever
<RoyK> erm ... there was an alternative to lshw, but I don't remember its name
<patdk-wk> hwinfo?
<RoyK> patdk-wk: no, it was something else
<geekbri> in order to fully remove mysql-server and reinstall it, is there anything i need to do other than apt-get remove mysql-server ?
<geekbri> because when i installed it after that, it didn't ask me to configure the root password like it did the first time
<patdk-wk> it won't, remove doesn't remove configs
<patdk-wk> purge removes configs
<geekbri> excellent.  I actually figured that out and did that, but now for some reaosn when i reinstall it, its not generating some of the normal config files... for example /etc/mysql/my.cnf is missing
<patdk-wk> odd
<geekbri> patdk-wk: yeah thats what i thought!
<geekbri> patdk-wk: it might not be a huge deal as i have another ubunutu-server with a default my.cnf, but it makes me wonder what else might be missing
<zul> robbiew: i expect to have the new openstack release uploaded first thing tomorrow morning
<ignarps> does anyone know a way to tell apt I use an external mysql server.  I hate how it always installs mysql as a dependance to some applications.  I just manually remove mysql each time.   Anyone know of a more elegant solution ?
<patdk-wk> ignarps, it's not apt, it's dbconfig
<ignarps> if I remove dbconfig will it not do that ?
<patdk-wk> reconfigure it
<ignarps> thanks
<ignarps> patdk-wk, I just tried this on a vm.  I answered no to save passwords.  Then yes to prompt for remote database info
<ignarps> I then did an apt-get install bacula-director-mysql for a test.  apt does put mysql-server-5.1 to be installed
<ignarps> This is why I assumed it was an apt thing
<lifeless> SpamapS: hi
<lifeless> SpamapS: who is the current server team lead now?
<SpamapS> lifeless: we dont' have one
<lifeless> ah
<lifeless> so, I can whinge at you then :)
<SpamapS> lifeless: its part of robbie's plan to eventually become The Ubuntu Christ
<lifeless> there is an opportunity for you to make Launchpad faster.
<SpamapS> oooo lets do it!
<lifeless> we have two Apache front end servers doing SSL unwrapping and next-step routing.
<lifeless> as a result, we have two SSL session caches
<SpamapS> ooh I remember this one
<SpamapS> didn't the mod_ssl guys solve that long ago w/ mcache?
<lifeless> see
<lifeless> if its not in the package
<lifeless> it doesn't exist.
<lifeless> Know what I mean?
<SpamapS> yes I do
<KB1JWQ> Sounds like a memcached use case, depending.
<lifeless> SpamapS: what should I do to help get this some cycles ?
<SpamapS> distcache was the one I was thinking of actually
<SpamapS> last mailing list post... 10/2008 :(
<lifeless> http://www.mail-archive.com/dev@httpd.apache.org/msg29896.html seems rather old. 'solved problem' I guess :P
<Blegh> KB1JWQ: Thanks for the help thus far, should I repost my question here?
<SpamapS> looks like apache 2.3 has memcached session capabilities
<KB1JWQ> Blegh: Yeah, your issue is likely going to get less drowned out here. :-)
<Blegh> ah, yeah, thanks :)
<SpamapS> lifeless: I think you could just bug me to get it on my "webscale" blueprint as a work item..
<lifeless> SpamapS: do it
<lifeless> SpamapS: do it
<lifeless> SpamapS: do it
<lifeless> SpamapS: do it
<lifeless> SpamapS: do it
<lifeless> SpamapS: do it
<SpamapS> lifeless: http://journal.paul.querna.org/articles/2010/07/10/overclocking-mod_ssl/ .. this is a great summary of the velocity talk from June that the google guys gave..
 * KB1JWQ reflexively reaches for the banhammer
<KB1JWQ> Sorry, sorry. :-P
<lifeless> SpamapS: yes, I know :)
<SpamapS> subject=/O=launchpad.net/OU=Domain Control Validated/CN=launchpad.net
<SpamapS> issuer=/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certificates.godaddy.com/repository/CN=Go Daddy Secure Certification Authority/serialNumber=07969287
<SpamapS> Don't we get like.. a special deal on thawte certs? ;)
<zul> mmmmmmmmmm crack
<lifeless> SpamapS: no; it got sold.
<lifeless> SpamapS: its how we exist man!
<SpamapS> lifeless: still.. should have written that into the bill of sale ;)
<lifeless> SpamapS: they probably would have asked for a discount :P
<SpamapS> lifeless: so.. we have a nasty cert chain..
<zul> lifeless: im all for it unless it causes headaches
<SpamapS> lifeless: as far as I can see.. we just need to build distcache as a package
<lifeless> zul: so, the patch is pretty clean, the API is already modular.
<lifeless> zul: its a new enum value for 'use memcache', and then the glue logic to insert and read back values
<zul> lifeless: http://www.mail-archive.com/dev@httpd.apache.org/msg29897.html
<lifeless> zul: minor stuff :)
<Blegh> I cannot login or sudo on my ubuntu server box, get given errors and segfault error when using the correct password, details and errors: http://paste.ubuntu.com/561554/ I could do with being pointed in the right direction as my googling only seems to turn unrelated problems. Pastebin the output of "strace sudo bash" http://paste.ubuntu.com/561558/
<lifeless> zul: someone was saying 2.3 has it builtin ?
<SpamapS> yes, its in 2.3
<SpamapS> but there's already a distributed cache daemon that works w/ 2.2
<zul> then why not use the distributed cache daemon?
<lifeless> AFAIK its not packaged
<lifeless> it has a sourceforge project untouched since something like 2004
<lifeless> its possibly Just Fine.
<zul> have you guys done any testing with the caching daemon or any testing with the patch above?
<lifeless> no, chicken and egg thing
<lifeless> IS have very limited cycles
<SpamapS> Its LGPL 2.1..
<SpamapS> looks pretty basic.. which is good
<zul> lifeless: right i would say open up a bug in launchpad
<SpamapS> lifeless: another reason this hasn't received much attention is that for a while, its been standard practice to just buy an appliance to do all your SSL
<elb0w> If people are connecting to our server in the U.S. from Russia. Could there be a setting in ubuntu that is timing them out if there is a long enough delay?
<zul> and we can bring the discussion there
<lifeless> SpamapS: we call those 'Ubuntu servers'
<lifeless> zul: what specifically should I ask for?
<spiekey> Hello!
<lifeless> zul: memcache ssl support in 2.2 ? or distcache packaging?
<lifeless> zul: functionally, I don't have a preference.
<zul> lifeless: both i would use to take a closer look before doing anything though
<spiekey> i cant read /etc/shadow as root  if i export it with nfs, any idea why?
<spiekey> is this an export or mount problem?
<spiekey> my export options are: rw,no_root_squash,no_all_squash
<lifeless> zul: SpamapS: bug 712108
<uvirtbot> Launchpad bug 712108 in apache2 "shared ssl session cache support not possible out of the box" [Undecided,New] https://launchpad.net/bugs/712108
<zul> lifeless: cool thanks
<zul> SpamapS: damn now i remember where I heard it from...i had to build this for an isp i used to work at
<ahasenack> distcache seems unmaintained
<ahasenack> at least in the sourceforce project area
<zul> ahasenack: thats what im leaning towards right now
<ahasenack> what about (glup) mod_gnutls?
<ahasenack> it does support memcache (so they say)
<ahasenack> http://www.outoforder.cc/projects/apache/mod_gnutls/
<ahasenack> libapache2-mod-gnutls is packaged (if it's the same thing)
<zul> ahasenack: right but you have to patch apr
<ahasenack> oh
<sidnei_> seems like centos has distcache packaged *wink*
<ahasenack> "To use apr_memcache with older versions of APR-Util a patch is required. This patch is not required for APR-Util after 0.9.7. To apply the patch:"
<ahasenack> zul: seems we are in the clear regarding the patch?
<uvirtbot> New bug: #712108 in apache2 (main) "shared ssl session cache support not possible out of the box" [Undecided,New] https://launchpad.net/bugs/712108
<zul> anyways i need to disapear for a bit
<orudie> greetings. is there a way for me to find out what the password is for a user ?
<highvoltage> you could brute-force it if you have a hash. usually that's very bad form though and it's better to just change their password if they have forgotten.
<RoyK> orudie: it's stored encrypted in /etc/shadow - apt-get install john if you want to try to crack it by brute-force
<RoyK> it'll probably take a while
<GatorAlli> How come my python script (http://paste.pocoo.org/show/331280/) takes a fraction of a second to execute on my computer, but it takes over 45 seconds on my ubuntu server?
<jdstrand> hallyn: hey, moved a couple VMs out of ecryptfs and am trying to reproduce bug #694029
<uvirtbot> Launchpad bug 694029 in qemu-kvm "[natty] kvm guests become unstable after a while" [Medium,Confirmed] https://launchpad.net/bugs/694029
<RoyK> jdstrand: isn't natty in alpha?
<jdstrand> RoyK: yes... ?
<jdstrand> I was just letting him know I didn't forget about his question
<RoyK> hm.. no idea how to debug that, though
<jdstrand> yeah
<jdstrand> it is a real head scratcher
<RoyK> jdstrand: perhaps you could try a stock kernel?
<jdstrand> I could, and probably will
<jdstrand> I can say maverick works perfectly
<jdstrand> 2.6.37 and 2.6.38 Ubuntu kernels, not so much
<RoyK> I just use lucid for servers, so I wouldn't know
<jdstrand> I hit this all the time when testing updates (which I do primarily in virtualization)
<RoyK> do you get any suspicious kernel logs from the host?
<KB1JWQ> Is it possible to use debootstrap on a Lenny box to bootstrap a Ubuntu chroot?
<Patrickdk> KB1JWQ, sure
<slicslak> sudo isnt doing tab completion, where would i enable that?  i have tab completion for regular commands, but if i start typeing a command after sudo, no tab
<hggdh> what is the minimum size for a JEOS install of server? Of old it was 500M, a just installed Alpha2 is 519M
<hggdh> in other words is this -- the new size -- correct, or is it creep?
<Patrickdk> probably just cause it's an alpha
<hggdh> maybe. But even alphas are expected to be mostly in conformance
<SpamapS> zul: lp:~clint-fewbar/ubuntu/natty/mysql-5.1/export-source and lp:~clint-fewbar/+junk/handlersocket
<zul> whats handlersocket?
<SpamapS> zul: the plugin that needs mysql-source-5.1 ;)
<SpamapS> zul: opens a new port on a mysql server that does high speed non-SQL reads and writes
<mrothhh> how do I fsck lvm disk
<SpamapS> https://github.com/ahiguti/HandlerSocket-Plugin-for-MySQL
<SpamapS> its badass
<mrothhh> doI need to use a live cd and run a different command to do fsck on a lvm dis
<zul> SpamapS: ok ill have a look at them second thing tomorrow
<SpamapS> zul: anyway, I have to disappear for a bit too. Thanks for looking. :)
<SpamapS> zul: the handlersocket packaging is admittedly only 90% .. need to split it up a bit and ship the docs
<soren> SpamapS: Ah, that thing. I've read about it lots of times, but the name never sticks. It's a horrible name, but yeah, it's wicked cool.
<zul> SpamapS: send me an email to remind me
<SpamapS> zul: will remind you tomorrow for sure. :)
<hggdh> zul: did you run the openstack tests?
<zul> hggdh: not yet but ill do it tomorrow
<hallyn> jdstrand: still no reproduction without ecryptfs?
<kinygos> hi...this may be the wrong channel...i have a server running ubuntu 10.04lts, with postfix/dovecot installed.  is it possible/feasible to reconfigure the domain name for the mailboxes?
<KB1JWQ> kinygos: Sure.
<KB1JWQ> kinygos: postconf -n to a pastebin please, for starters.
<KB1JWQ> doveconf -n to a pastebin may follow. :-)
<kinygos> http://dpaste.com/379382/
<kinygos> doveconf?
<torrancew> hi all, does anyone know if the output of the sudo command (specifically sudo -l) is configurable without recompiling?
<torrancew> we're slowly migrating from RHEL to Ubuntu in our environment (hundreds of servers, a big task), and I'm finding that sudo -l under ubuntu, does not print the names of which LDAP sudo roles are used, only the effects of them
<KB1JWQ> kinygos: Change /etc/mailname and the mydestination variable in main.cf
<KB1JWQ> Adjust your dovecot pathing appropriately as well.
<KB1JWQ> Test after a service restart.
<kinygos> KB1JWQ: thank you very much :)
<KB1JWQ> torrancew: man sudo :-)
<torrancew> doh
 * torrancew was just that guy...
<kinygos> KB1JWQ: if i change myhostname too, do i need to generate a new certificate and key?
<torrancew> thanks, KB1JWQ
<KB1JWQ> Not to worry.
<KB1JWQ> kinygos: Most likely. :-)
<Blegh> 1 AM, 1 problem, 7 hours, and still no idea what to do :S Kinda wish it was win 98 randomly bsodding rather
<kinygos> KB1JWQ: it worked a treat, without adjusting anything in dovecot...does that show a sign of misconfiguration on my part?
<KB1JWQ> kinygos: No, it's only a concern if the domain is a part of the path to the mailbox.
<kinygos> KB1JWQ: thank you once again for your time and help...awesome :)
<KB1JWQ> No worries.
<KB1JWQ> Running with apt-proxy, http://pastebin.com/2qKbHWeZ is apparently not the proper sources.list syntax.  A little help? :-D
#ubuntu-server 2011-02-03
<wotwot> hi
<KB1JWQ> !hi
<slicslak> so, what do you guys say, is `nohup /bin/foo_daemon &` an appropriate replacement for a real init script?  :)
<twb> That all depends
<twb> You would probably do better to make an upstart job
<twb> http://paste.debian.net/106373/ <-- example
<slicslak> thx twb, i had been looking at start-stop-daemon earlier and just hadn't had the chance to write the init script yet.  i'll check your paste
<wotwot> is there a currently working upgrade path from dapper to lucid ?
<twb> slicslak: you have upstart; don't bother
<twb> slicslak: if you REALLY want to use s-s-d and sysvinit, look into the metainit(8) package, which will turn something like that upstart.conf into a sysvinit script.
<slicslak> twb, oh interesting
<slicslak> ya, upstart looks be good enough
<twb> Note that metainit is currently dead in the water, because init developers are insular, NIH-happy bozos
<slicslak> lol
<fluvvell> any tips on how to boot 8.04 server cd under virtualbox without a kernel panic?
<jmarsden> fluvvell: I think it needs the PAE extensions visible to it.
<fluvvell> jmarsden, yeah thought I'd just turned them on - still panic
<fluvvell> pae/nx extended features enabled.
<jmarsden> Hmm, I have a Hardy server virtualbox VM here that works... I rememebr there was something I had to add to make it work, but it was created a while ago...
<fluvvell> yes, I have another that works, created a while ago too. Its just I need a new one for a transfer task. :(
<fluvvell> is there a vga=   something setting to set in boot options ?
<jmarsden> OK, let's see if I can create a new one here :)
<jmarsden> I'm pretty sure I didn't have to do that...
<jmarsden> fluvvell: Enable IO APIC :)
<jmarsden> (I created one which crashed and read the traceback... which was about the APIC...)
<fluvvell> Ah
<fluvvell> wow, thats it.
<fluvvell> Yes there was that in the traceback - of course! Thanks jmarsden!
<jmarsden> fluvvell: You're welcome.
<fluvvell> Well thats an 8.04 bare bones server install completed and logged in, 34Gb virtual hard disk space!
<fluvvell> Was that 5Min???
<EvilPhoenix> 6.34 mins.
<EvilPhoenix> since your last post.
<fluvvell> Astounding.
<twb> LP570805
<twb> LP #570805
<uvirtbot> Launchpad bug 570805 in dpkg "[regression] dpkg's fsync causes massive regression in Ubuntu Server and Alternate installation times" [High,Fix released] https://launchpad.net/bugs/570805
<uvirtbot> New bug: #712291 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/712291
<chaunch> hey guys
<chaunch> im trying to setup openvpn to tunnel all traffic to my VPS, but I need to setup a bridge interface to do it
<chaunch> im having problems doing it though
<soren> twb: You asked yesterday (or the day before) why su forks instead of just execing.
<twb> soren: yes
<soren> twb: It's because it needs to know when the process finishes so that it can close the pam session.
<soren> twb: If you compile su with out pam support, it just execs.
<twb> Hum, OK.
<twb> But why is there a session when I'm not using "su -" ?
<chaunch> https://help.ubuntu.com/10.10/serverguide/C/network-configuration.html#bridging
<soren> twb: Million dollar question.
<chaunch> am i suppsoed to replace the original /etc/network/interfaces file with the one there?
<soren> twb: For security, I suppose. If I configure some sort of auditing in pam's session stack, I don't want people to be able to evade that by not passing - to su.
<soren> twb: It's a half-baked argument, though. At best.
<twb> Oh well; I'm fighting lucid-security's sync()-happy dpkg right now, which is way more important
<soren> twb: Oh. It's the session handling that does stuff like mount the user's home directory and such. That sounds pretty useful :)
<KB1JWQ> soren: Is that automount stuff?
<soren> KB1JWQ: Depends on your PAM configuration. For me, for instance, it's ecryptfs.
<KB1JWQ> Ahhh.
<KB1JWQ> Interesting, I haven't played with encrypted home directories on servers yet.
<soren> KB1JWQ: Well, this isn't really server specific.
<KB1JWQ> soren: Right, but this channel somewhat is. :-)  I tend to want servers available to serve data from various homedirs regardless of who's connected at any given point.
<twb> Is ecryptfs as shitty as pam_mount?
<twb> In terms of mounting, I mean -- irrespective of crypto-y-ness
<goddard> I need some help pxe isnt working
<goddard> trying to netboot lucid server from windows 7 using tftp and this http://www.liberiangeek.net/2010/05/how-to-install-ubuntu-10-04-lucid-lynx-without-cd-usb-via-the-internet/
<goddard> but it doesnt work
<goddard> any ideas?
<goddard> no more address or address previously allocated by another server [02/02 23:31:02.324]
<goddard> Rcvd DHCP Discover Msg for IP 0.0.0.0, Mac
<goddard> it connects to dhcp i think just says no boot file name received
<twb> Windows 6.1 ships with a TFTP server?
<twb> goddard: the DHCPACK needs to pass the filename option, setting it to a string denoting the path to pxelinux.0 within the TFTP tree
<goddard> ahh ha
<goddard> got it
<goddard> im trying to install ubuntu to compact flash and it isnt auto detecting what driver do i need any ideas?
<twb> goddard: last time I did it, it just used the generic scsi driver -- the same as a SATA disk
<DigitalFlux> Hi Guys
<DigitalFlux> Anybody aware of a method to do a non-interactive execution of do-release-upgrade ?
<twb> pass DEBIAN_FRONTEND=noninteractive to it?
<goddard> twb that seems like it almost works but complains about some size problem
<goddard> im using the scsi_debug driver
<twb> DigitalFlux: note that if you're doing an actual upgrade from one release to another, you really really should read those messages.
<DigitalFlux> twb: did that, didn't work
<DigitalFlux> twb: I understand, i am just stuck with an old image template and need to automate it's upgrades
<twb> Nod
<twb> I don't support d-r-u because I don't like it, but if I tell you not to use it I'll get yelled at
<twb> *I don't like or use it
<goddard> ive never manually configured my drive before
<goddard> I guess 8.4 gb is to small to auto partition
<twb> goddard: I dunno.
<twb> goddard: just allocate a single huge root filesystem, and no swap
<twb> goddard: (I'm assuming this is a router or so, and you have more than enough ram.)
<halvors> RoyK: I don't got that Samba server work last day, can you help me a bit more?
<pit32> wont dance ?
<goddard> twb i would although there isnt really an option for it i see raid lvm and iscsi
<goddard> this isnt right
<twb> goddard: choose "manual partitioning", silly
<goddard> twb i go detect disks and it only shows me an 8.4mb thing and not my 12gb compact flash
<goddard> and since i picked a driver it wont let me go back
<goddard> twb this is pointless
<twb> Oh 8.4 MEGAbytes
<goddard> yeah but that isnt right
<twb> I thought it was successfully detecting an 8GiB CF card
<twb> Is the CF reader on the motherboard?
<goddard> me to till i read mb haha
<goddard> this is a little thin client
<twb> If I were you I'd roll an image using live-build and/or LTSP
<twb> Then just dd it on
<goddard> twb well it was interesting more trouble than it is worth though
<goddard> atleast i learned how to setup pxe haha
<RoyK> halvors: sure, but I didn't quite understand _what_ that was that didn't work, and then you left
<rtyuio> hello there
<rtyuio> how to install complete java package ?
<shadow42085> hey I am running a Ubuntu Server 10.04 with LAMP+Sendmail+Webmin I need to config sendmail woth webmin any ideas
<uvirtbot> New bug: #712392 in qemu-kvm (main) "qemu-img convert blocks other tasks" [Undecided,New] https://launchpad.net/bugs/712392
<airtonix> shadow42085: pretty sure webmin is not supported on ubuntu anymore
<shadow42085> well what is recommened free Control Panel to use with LAMP+Sendmail or LAMP+Postfix
<Daviey> shadow42085, The nearest to being recommend is ebox (now called Zentyal)... but it's still NOT recommended.
<Daviey> This is an area of the server that isn't actively worked on as much as some would hope.
<shadow42085> sheesh I am setting up a complete personal site except for domain with I use no-ip.com with DDNS
<shadow42085> all I need is a control panel and a mail server
<shadow42085> and the control panel sets it up I hate using command line and donlt want to use a GUI on the server
<shadow42085> I could always use win server 03 but it's to old
<Daviey> shadow42085, why not try the command line?
<shadow42085> well if I try to config something in command I might mess up a config with
<shadow42085> file with it**
<Daviey> shadow42085, oh sure... but could you not do the same thing in a GUI?
<Daviey> shadow42085, sudo cp /etc/some-config /etc/some-config.bak ... then you have a backup.
<Daviey> if all else fails, purge the package and reinstall that package... :)
<shadow42085> thats true but I want to be able to have access to all my server programs not other junk
<TeTeT> I'd recommend etckeeper if you want to keep a trace of your chanegs
<ttx> Daviey: looks like we won' tmeet i nBrussels
<ttx> I need to go home, feeling worse
<Daviey> ttx, Oh no!
<ttx> Tell James
<Daviey> ttx, Will do.. really sad to hear that...
<ttx> I just shouldn't have come
<ttx> That was a bad bad idea
<Daviey> ttx, I didn't know you were poorly.
<ttx> well, soren is staying, so you'll be able to ask him about how I was in details
<Daviey> ttx, Hmm.. my main concern is who is going to buy the beer?
<shadow42085> I have been looking at ehcp any ideas
<Daviey> ttx, Ah great.. Well yes, don't overdo it and feel better for next $event.
<ttx> ack
<Sheepherd> hey guys i want to set up my own private server with ubuntu. does it matter what hardware i get? the plan is a "HP ProLiant N36L"
<Sheepherd> are there any ubuntu-recommended servers?
<Daviey> Sheepherd, you will probably be fine with anything... HP is pretty well supported... for more info on certified hardware: http://www.ubuntu.com/certification/
<shadow42085> Sheepherd linux in general is fine with almost anything
<shadow42085> what about webcp?
<shadow42085> I have to use free ones other wise I would get either zpanel for cpanel
<shadow42085> or**
<shadow42085> I have also found virtualmin
<halvors> I am trying to setup Samba
<halvors> My goal is to login using unix users
<halvors> And get access to users /home directory.
<halvors> But i can't get it, so can anyone her look at my conf file?
<shadow42085> ok u can sftp most of the time
<halvors> Here is my /etc/samba/smb.conf file: http://pastebin.com/jF7j4UxE
<halvors> Can anyone help me?
 * \sh swears at upstart
<\sh> anyone awake who is running lucid with some portchannel bonds?
<Pici> yes. no.
<\sh> Pici: yes, you are awake and no you don't have portchannel bonds? ;)
<Pici> \sh: Correct ;)
<\sh> Pici: hehe...that's bad for me...I need some testers
<patdk-wk> portchannel bonds?
<patdk-wk> I have many types of bonds, but never heard of portchannel
<patdk-wk> mainly use active-backup, 802.3ad, etherchannel
<gobbe> i think this means just basic etherchannel/port-channel
<patdk-wk> so in linux, balance-xor :)
<\sh> patdk-wk: etherchannel...(in cisco speak, on linux it's normally named portchannel, but anyways)
<\sh> patdk-wk: the problem is described here: http://www.shermann.name/2011/02/ubuntu-1004-lts-portchannel-bonds.html
<\sh> patdk-wk: on linux I'm running bond mode 4 (lacp + xmit_hash_policy layer3+4, to be cisco compatible)
<patdk-wk> you do know that mode 4 != etherchannel
<patdk-wk> mode 2 = etherchannel
<Daviey> \sh, I assume you have "start on (local-filesystems and net-device-up IFACE=eth0)" in your upstart job?
 * patdk-wk gets annoyed with etherchannel though, normally use lacp or nothing at all
<\sh> patdk-wk: mode 4 == lacp
<\sh> patdk-wk: btw...I upadted the post with a picture of a bond setup which worked out of the box on Jaunty
<Daviey> \sh, If so, and that still doesn't work.. you might need to add some sleep magic... :(.... perhaps James Hunt knows..
<\sh> Daviey: that's not possible actually, because when you have more then one interface you need to wait for all of them, then it's much better to tweak networking.conf to serve your needs, but there needs to be a default solution, because it worked in the past (without upstart), why not now (with upstart)
<Daviey> \sh, I imagine it's an ordering issue :-)
<Daviey> \sh, If you restart the upstart job; does it work?
<\sh> Daviey: yes..it's just not working after boot
<Daviey> \sh, You might need a loop, sleep, check stanza :(
<patdk-wk> hmm, I haven't layered any bonds yet on lucid
<patdk-wk> looks like that is the real issue
<\sh> patdk-wk: jaunty => perfect / lucid => fail...and it's not the bonding driver which fails
<Daviey> \sh, Something we do on Eucalyptus to stop something happening too fast is, http://pb.daviey.com/nkiN/ ... Not Ideal!
<patdk-wk> what if you do a postup to bond bond0/1 to bond2?
<\sh> patdk-wk: as said, after boot, bringing down all bond interfaces and bringing them up properly, the setup works
<patdk-wk> ya
<patdk-wk> I mean, kill the bond-slaves in bond2
<patdk-wk> and have bond0 and bond1 add themselfs to bond2
<\sh> patdk-wk: I tried, and the boot just stops
<halvors> (kl. 13.21 +0100) halvors: I am trying to setup Samba
<halvors> (kl. 13.22 +0100) halvors: My goal is to login using unix users
<halvors> (kl. 13.22 +0100) halvors: And get access to users /home directory.
<halvors> (kl. 13.22 +0100) halvors: But i can't get it, so can anyone her look at my conf file?
<halvors> (kl. 13.24 +0100) halvors: Here is my /etc/samba/smb.conf file: http://pastebin.com/jF7j4UxE
<gobbe> halvors: afaik samba needs separate passwords for users, you cannot use linux-users directly
<patdk-wk> \sh I'll play with it sometime :) just don't have time till nextweek probably
<halvors> gobbe: But i can't access homes
<halvors> Does not samba ot libpam-smbpass
<halvors> syncronize it?
<RoAkSoAx> morning all
<Daviey> RoAkSoAx, !
<Daviey> How is it going?
<RoAkSoAx> Daviey: pretty good, how about yourself
<jpds> Daviey: You're not Cisco.
<uvirtbot> New bug: #712479 in mysql-5.1 (main) "package mysql-client-5.1 5.1.54-1ubuntu3 failed to install/upgrade: trying to overwrite '/usr/bin/my_print_defaults', which is also in package mysql-server-core-5.1 5.1.49-1ubuntu9" [Undecided,New] https://launchpad.net/bugs/712479
<Daviey> jpds, am i not? :o
<Daviey> RoAkSoAx, Good thanks.
<panfist> my server has some nfs shares that are failing to mount on boot, is there any way to proceed booting anyway? it seems like it's just stuck
<thomas_s> panfist: use _netdev in the mount options (after "default" in /etc/fstab). That will make sure they're ignored until the netfs service runs
<thomas_s> s/default/defaults/ - sigh
<panfist> thomas_s: i'm having trouble just getting a terminal prompt. it goes straight from the bios screen to the mount.nfs errors. i thought there was a key to press to go to the grub menu or something, but nothing is working
<thomas_s> panfist: oic. you've got the grub timeout set to 0 probably.
<thomas_s> But the failure to mount the fs' (unless it's the root you're nfs mounting?) should drop you to single user mode
<thomas_s> You may need to bring out the ol' bootable cd
<alvin> thomas_s, panfist: While the man page will tell you otherwise, _netdev will not help you. See bug 384347
<uvirtbot> Launchpad bug 384347 in util-linux "_netdev not working" [Undecided,Confirmed] https://launchpad.net/bugs/384347
<panfist> sorry, i just crashed, i tried to send ctrl-alt-f3 to the server, it's running in a virtual machine, but the command was sent to the host machine instead and unfortunately trying to switch back to ctrl-alt-f7 causes my host's kernel to freeze
<alvin> I have a few clients that don't mount their NFS shares automatically and I mount them after boot with mount -a -t nfs (or nfs4)
<zul> some upstreams should be dead
<panfist> is there any way to configure my server so that it starts listening for ssh connections before it tries mounting nfs shares?
<\sh> patdk-wk: it's became more complicated ... I can see in syslog that the active bond slave changed from bond0 to bond1 but the mac address of bond1 is not taken by bond2 ;)...strange
<zul> SpamapS: ping did you test the mysql stuff first?
<Roasted> hola
<Roasted> anybody have experience with setting up freeradius on linux?
<zul> SpamapS: never mind i suck
<sushi_> I accidentally removed one files from nginx. I reinstalled it but I don't see that file even after reinstallation. Any idea why?
<SpamapS> zul: I will have to disagree with you there. You stink a bit, but you don't suck. :)
<SpamapS> sushi_: is it in /etc ?
<sushi_> SpamapS: I think I might need to apt-get purge.
<sushi_> Yeah the file was in /etc/nginx/sites-available/default
<SpamapS> sushi_: no
<SpamapS> well you can --purge..
<SpamapS> or dpkg -i file.deb --force-confmiss
<sushi_> Yeah I can see the file after clean reinstall. THis django deployment is just killing me.
<SpamapS> sushi_: removing a conffile is considered the same as editting it.. dpkg preserves it
<SpamapS> sushi_: so --force-confmiss will restore it
<azertyu> hello, why java not available on repository ?
<sushi_> SpamapS: Thanks. TIL moment.
<azertyu> i need to need to remote control 2 bladesystem
<azertyu> i got a serious problem with java
<SpamapS> !confmiss
<SpamapS> that might be a good thing to have in the bot
<azertyu> lo
<azertyu> any one there ?
<sushi_> plenty people here
<azertyu> do you see my question ?
<uvirtbot> New bug: #712585 in mysql-5.1 (main) "package mysql-client-5.1 5.1.49-1ubuntu9 failed to install/upgrade: trying to overwrite '/usr/bin/perror', which is also in package mysql-server-5.1 5.1.49-1ubuntu9" [Undecided,New] https://launchpad.net/bugs/712585
<Tophat> ive got an opsview server setup to send email alerts, but now my sending SMTP acct is getting flooded with delivery failure messages -- ive uninstalled exim4 and still getting email failures, any way to stop the emails?
<RoAkSoAx> zul: have a sec? I'm trying to package fence-agents, and I keep getting this error, in both the debian package, and compiling the source... any ideaS? http://pastebin.ubuntu.com/562065/
<zul> looking
<zul> RoAkSoAx: bad xml tag maybe?
<RoAkSoAx> zul: that's the thing, the file is empty
<RoAkSoAx> zul: i can't seem to figure it out, gonna have to try to compile it in maverick and see what happens
<zul> fence2man.xsl is empty?
<RoAkSoAx> zul: "python fence_alom" -> fence_alom is
<RoAkSoAx> zul: this command ends up with empty output "python fence_alom ../../../fence/agents/lib/fence2man.xsl -o metadata"
<RoAkSoAx> where fence_alom is created during build
<RoAkSoAx> but is also empty
<RoAkSoAx> maybe it is a bug in the makefile itself
<zul> probably
<zul> SpamapS: so the mysql source stuff
<SpamapS> zul: yes?
<zul> SpamapS: so i dont like it but is a necessary evil so i uploaded it
<zul> SpamapS: so finish up the plugin and ill upload it as well
<zul> and review it
<SpamapS> zul: COOL.. ok n/m you don't stink. ;)
<zul> SpamapS: heh
<RoAkSoAx> zul: seems to be something wrong with python case all other that are not python based, they build ok
<geekbri> if i only want to send outgoing mail from a server running ubuntu 10.04 what would be the best to install, exim ?
<uvirtbot> New bug: #326849 in linux (main) "KVM Kernel bugs in intrepid guests under jaunty host" [Low,New] https://launchpad.net/bugs/326849
<zul> SpamapS: can you look at https://bugs.launchpad.net/ubuntu/+source/nis/+bug/569757 its upstartish :)
<uvirtbot> Launchpad bug 569757 in nis "NIS upstart dependancy broken for lucid" [Wishlist,Confirmed]
<SpamapS> zul: no sorry we fixed all the bugs in upstart that is user error ;)
<zul> SpamapS: heh you just dont want to touch nis
<SpamapS> DING DING DING
<SpamapS> bingo
<SpamapS> I used NIS successfully to deploy a roaming /home solution for a middle school computer lab once.
<SpamapS> *never again*
<zul> SpamapS: yes those were the days
<RoAkSoAx> lol
<airtonix> 4 yorkshiremen go!
<gurkan_> hi all
<gurkan_>  how to set the smtp server of my provider in my home's mailrc file i use mailutils 2.1
<gurkan_> i saw the manual but not enough clear
<gurkan_> someone have a mailrc sample
<gnuyoga> gurkan_: what are u trying to do ?
<gnuyoga> more details please
<gurkan_> i try to set the smtp server of my provider in my home's mailrc file , it's for sending mail
<gurkan_> i try to send mail myself
<Roasted> anybody here familiar with freeradius? I keep going in loops with the authentication process.
<gurkan_> i want to implement the line smtp://mysmtp.server.stuff in mailrc , i messed up the config
<Sorinan> I jsut installed ubuntu server, but I'm getting an error when starting the system: modprobe: FATAL: Could not local /lib/modules/2.6.35-22-server/modules.dep
<Sorinan> Altought the modules.dep exists, I already tried running depmod and regenerationg initramfs. Any ideas?
<Sorinan> *Could not load /lib...
<uvirtbot> New bug: #712707 in bind9 (main) "everything owned by bind" [Undecided,New] https://launchpad.net/bugs/712707
<LaRockus> Has anyone here experienced an Ubuntu 9.4 Apache web server freezing up when the sendmail minute cron runs? I've looked all over but haven't been able to find any other instances of the same thing happening on the forums.
<fluvvell> LaRockus, being a server, any reason it hasn't been upgraded to 10.04 LTS?
<LaRockus> compatibility issues with our latest software release hasn't been through the QA process completely on a 10.4. I wish it had though, would love to get it upgraded.
<LaRockus> I have 15 servers with the exact same configuration, only this one is giving me issue.
<smoser> SpamapS, what woudl you do with: https://bugs.launchpad.net/ubuntu/+source/mysql-dfsg-5.1/+bug/711635
<uvirtbot> Launchpad bug 711635 in mysql-dfsg-5.1 "mysql update fails waiting for input" [Low,Confirmed]
<SpamapS> smoser: reading
<thesheff17> LaRockus: anything in the logs...are the server patches up to date?
<LaRockus> patches are up to date. Which logs specifically?
<SpamapS> smoser: interesting.. I'd look at daemon.log .. is upstart trying to respawn mysqld?
<smoser> well, the config probably tried to restart it
<smoser> but its never going to start
<thesheff17> LaRockus: usually freezes are kernel panics....have you been updating the kernels?
<smoser> because it can't read /var/lib/mysql
<smoser> :)
<SpamapS> smoser: it shouldn't "never start" tho.. it should just error out
<smoser> well, it is just hanging there.
<SpamapS> Right, start mysql is waiting for something...
<glycoknob> I have a question regarding ufw - I block outgoing connections but there are connections from port 80 to random higher ports (and random ips) that are blocked. apache should not doing this or?
<SpamapS> smoser:     /lib/init/apparmor-profile-load usr.sbin.mysqld
<SpamapS> smoser: is that running?
<Roasted> anybody set up freeradius before? I'm having uathentication issues that I can't seem to track down
<LaRockus> thesheff17, the install is less than a week old, unless there has been a huge kernel update in the last week should be good. the site actually stays up, and sendmail still sends when manually ran, its just extremely slow though, and does not run on through the cron
<SpamapS> LaRockus: can you manually run the same command as the cron job runs?
<smoser> SpamapS, http://paste.ubuntu.com/562208/
<LaRockus> yeah, it takes about 10 minutes for each message to process.
<thesheff17> LaRockus: maybe a hardware issue or a networking issues....how long does it take on the other servers? is it instant?
<SpamapS> smoser: ahh!
<SpamapS> smoser: its spinning forever in the post-start
<SpamapS> smoser: or rather, it should only be spinning for 30 seconds
<smoser> SpamapS, i wouldnt think its in post-start
<SpamapS> smoser: status mysql
<smoser> as there is no mysql process (in that pastebin)
<SpamapS> smoser: right, because it exitted
<smoser> mysql respawn/post-start, (post-start) process 24511
<SpamapS> but post-start spins trying to ping the server
<SpamapS> yep
<SpamapS> should fail after 30 seconds
<LaRockus> the transmission itself is almost instant, in and out through the mail queue in almost no time.
<SpamapS> smoser: it should actually report the failure.. just that it will take 30 seconds :-P
<thesheff17> LaRockus: sounds like a routing issue...I would check dns, network config, ping times, tracepath maybe even a different nic on the server.
 * RoAkSoAx spent hours and hours trying to figure out what was wrong with the packaging/compilation of fence-agents to end up discovring that the cause of the failure was becuase of dash
<LaRockus> with a routing issue would i experience any issues with the page displaying.
<thesheff17> LaRockus: with apache?  not sure I understand the question ...displaying
<smoser> SpamapS, yeah, its not failing after 30 seconds.
<SpamapS> smoser: hmm.. logic error maybe
<SpamapS> smoser: can you strace that sh process?
<SpamapS> You actually might not be able to.. not sure if upstart ptrace's its post-start shells
<uvirtbot> New bug: #712746 in mysql-5.1 (main) "package mysql-client-5.1 5.1.49-1ubuntu9 failed to install/upgrade: trying to overwrite '/usr/bin/perror', which is also in package mysql-server-5.1 5.1.49-1ubuntu9" [Undecided,New] https://launchpad.net/bugs/712746
<SpamapS> I think not tho
<LaRockus> I would expect to see issues with the web page displaying if there were physical issues with my nic, or with the DNS routing, or is my thinking wrong.
<thesheff17> LaRockus: I admit I haven't used 9.04 much but when I did I saw it terribly slow on ssh for some reason even though apache worked fine....another thing you can do is just try 10.04 and see if you see the same problem and then you know it is software based.
<smoser> SpamapS, upstart is re-execing that
<LaRockus> I might have to try 10.04, I'm just reluctant with it being on a live customer. Thanks for the tips, im looking into those now.
<smoser> i added a sh -x and redirected the post-start output to a file and i can watch it get called again after counting to 30
<SpamapS> smoser: HMM
<SpamapS> smoser: I wonder if that has to do with the respawning
<smoser> respawn
<smoser> yeah
<smoser> it makes sense.
<smoser> the job failed
<smoser> upstarts trying to restart it
<SpamapS> smoser: so maybe we need a respawn limit
<thesheff17> LaRockus: there is just allot of factors from hardware, to networking config, to software...and only slowing eliminating them will help you find the problem.
<SpamapS> I think the normal limit is like, 3 times in 5 seconds
<SpamapS> But if we're delaying it by 30 seconds....
<smoser> hm... can you exit from a pre-start in a way that says "don't bother"
<SpamapS> actually we should probably change the goal back to stop
<SpamapS> yes,   stop ; exit 0
<smoser> why not stop exit 1
<SpamapS> oh either is ok
<SpamapS> 1 will report the problem to the user so yeah thats better
<SpamapS> 0 is for if its been disabled
<SpamapS> smoser: ultimately, we don't want to keep respawning over and over.
<SpamapS> smoser: so I think the fix is  respawn limit 3 95 .. which would mean it respawns 3 times in a row waiting 30 seconds between (and give it 5 seconds for churn)
<SpamapS> smoser: will post in the bug..
<smoser> i dont know.
<smoser> you migh tconsistently miss the 3 restarts in 95 seconds
<smoser> due to load
<smoser> and still hang there
<SpamapS> I don't see a way to know before starting mysqld, that mysqld is going to fail.. but we can probably confirm that its not starting correctly if it fails 3 times in a row.
<SpamapS> the exec is instantaneous..
<smoser> i think if the post-start doesn't ever ping after 30 seconds, i think 'stop; exit 1;' is proper
<SpamapS> the mysqladmin is a unix socket only..
<smoser> nothing is instantaneous
<SpamapS> so the thing would have to be *destroyed* with load
<smoser> its also running http://pastebin.com/ZgPrG9AQ
<SpamapS> on a respawn, the exec will wait for almost nothing
<SpamapS> the binary is already cached..
<smoser> http://pastebin.com/PSCz4HpN is /usr/share/mysql/debian-start.inc.sh
<smoser> forks left and right in that script.
 * SpamapS just loves waiting 30 seconds for pastebin's ads
<smoser> all sorts of things could make this take longer than 1.033 seconds to run a full post-start
<smoser> anyway...
<smoser> if the thing never pings inside 30 seconds, the idea is its dead.
<smoser> respawning is pointless.
<SpamapS> smoser: debian-start is after everything is ok
<smoser> true.
<SpamapS> 120 may be in order though.
<smoser> so, i dont know. but why would you bother.
<SpamapS> just .. because why not?
<smoser> it is seriously not going to come up
<smoser> the whole point of the pre-start is to do this delay and wait for you
<SpamapS> I'm more worried that we're only waiting 30 seconds
<smoser> what value is there in doing it 4 times.
<SpamapS> Have had mysql servers wait *hours*
<SpamapS> innodb recovery is a bitch
<smoser> hm..
<smoser> i dlon t knwo.
<smoser> if post-start exits false, then upstart respawns ?
<SpamapS> so you're thinking only try and respawn once?
<SpamapS> no
<smoser> does it ?
<SpamapS> upstart respawns if the main process exits != 0
<smoser> so the loop is caused by mysql actually dying
<smoser> yeah.
<SpamapS> if the process is up, but the post-start exits 1 .. I think its just going to fail the start event
<SpamapS> but the state won't be changed
 * SpamapS tests this thory
<SpamapS> theory too
<SpamapS> actually exit 1 in post-start does nothing
<SpamapS> Feb  3 13:16:07 lucid init: test-pstart post-start process (1279) terminated with status 1
<SpamapS> thats about all you get
<SpamapS> So really all you're doing is delaying or cancelling the started event
<SpamapS> (running stop in post-start will kill the main process and there won't be a started event)
<azertyu> hi there
<azertyu> is there anyone here
<SpamapS> azertyu: yes!
<azertyu> well i got a vps server
<azertyu> i forgot to backup data
<azertyu> now someone hack my server
<azertyu> root password gone
<markpof> uh oh
<azertyu> my question is : is it possible to sync vps data to my home pc ?
<SpamapS> azertyu: I'm sure you can get a massage and some tylenol...
<SpamapS> azertyu: sure. just rsync the data.
<azertyu> i got2T Ã of HDD at home
<smoser> azertyu, you can certainly sync anything your user can get to, assuming you can get to the vps system.
<azertyu> rsync is it a virtual raid ?
<SpamapS> azertyu: no it just copies things very quickly
<SpamapS> azertyu: if you want the data copied in real time that will be much harder
<azertyu> what do you mean by quickly copies ?
<azertyu> is that copies just the data
<azertyu> ?
<azertyu> first i want to know virtual raid is that existing ?
<SpamapS> smoser: fyi the default is not to stop respawning unless it tries *10 times* in 5 seconds
<SpamapS> smoser: doh
<smoser> i suspect that someone just added exim4 to the list of packages supervised by ubuntu-server
<smoser> http://ubuntu-server-new-bugs.notlong.com/
<azertyu> well, what i want to kow is :  i want to synceverything on my home pc  from the vps in case if i change my vps  i need every to reconstruct
<azertyu> is it possible ?
<azertyu> rebuild
<SpamapS> azertyu: you should look into etckeeper too..
<smoser> azertyu, you could very likely do something like a 'ssh root@VPS dd /dev/sda > my.disk.img'
<smoser> but that is going to take quite a while
<SpamapS> hah.. and may not be usable on a different disk.
<smoser> you're would be much better off just getting the filesystem contents, and posibly the partition table and MBR or something.
<smoser> rsync -avz root@VPS:/ ./my-vps-backup
<SpamapS> yeah,   ssh root@VPS tar -czf - > backup.tar.gz also works
<SpamapS> or you could do what I do.. tar my boxes up and push the tarball into S3
<smoser> the rsync would be interupptable would be the big reason to use that.
<smoser> if you connection died it would resume well.
<markpof> is the dd output conform to the .img format (if there even is one?)
<smoser> there is no ".img" format really.
<markpof> ah
<smoser> but basically, it would work with kvm as a "raw" disk file
<smoser> (qemu-img create -f raw my-disk.img)
<markpof> raw
<markpof> i see
<azertyu> there is no result for etchkeeper
<azertyu> !
<SpamapS> azertyu: etckeeper
<azertyu> yes
<azertyu> ok
<azertyu> find it
<azertyu> cfengine is for what ?
<azertyu> anyone know that package ?
<SpamapS> cfengine is  more for managing multiple machines
<azertyu> be explicit
<SpamapS> cfengine more for managing multiple machines, $#@!
<azertyu> what kind of tasks ?
<azertyu> managing what kind of tasks ?
<SpamapS> smoser: the plot thickens .. I think the default respawn policy may cause something weird. *ANY* respawn limit clause seems to fix this problem.
<SpamapS> smoser: including 'respawn limit unlimited'
<SpamapS> heh.. which is an undocumented feature.. fun
<smoser> really.
<smoser> thats interesting.
<SpamapS> yeah I'm trying some crazy limits and it works as I'd expect.. failed to start job
<smoser> so the pre-start isn't counted in the respawn i guess ?
<SpamapS> post-start..
<SpamapS> not sure
<SpamapS> smoser: so there's something that gets inexplicably changed just by having a limit mentioned..
<SpamapS> smoser: the code defines the defaults as a limit of 10, interval 5 seconds
<SpamapS> smoser: but if I say   respawn limit 10 5 ... the job fails as I'd expect
<SpamapS> smoser: likewise a limit of 1 100 .. or 100000 10000000
<SpamapS> I think this one has to go upstream
<mrothhh> were is the link to the hypervisor for zen bearmetal
<SpamapS> smoser: commented. The workaround/fix for mysql seems simple.. I'm betting the fix in upstart is not.
<uvirtbot> New bug: #712787 in samba (main) "DBus error when connecting to shared folders in Nautilus" [Undecided,New] https://launchpad.net/bugs/712787
<SpamapS> zul: when can we kick nis out of main? ;)
<MsBetty> What do I need to have a file and print server?
<MsBetty> Apache and CUPS?
<MsBetty> samba and cups?
<qman__> MsBetty, that depends on your clients
<MsBetty> qman__, two laptops on a home network
<qman__> CUPS is needed if the printers are directly attached to the server regardless
<qman__> if you have windows clients, you need samba
<qman__> if you have linux clients, you have options
<MsBetty> qman__, 1 laptop dual boots windows 7/#! and one is Linux Mint 10. An old desktop is getting reused for ubuntu server.
<qman__> linux clients can connect directly to CUPS
<qman__> but that's only for the printers
<qman__> you'd still need a file server
<qman__> linux clients can connect to samba file servers, so in a mixed network, samba is the most convenient
<MsBetty> so I really just need to configure samba and cups properly. and make sure the clients have the appropriate packages?
<qman__> that would work
<MsBetty> qman__, thank you for the input. I'll go read the manuals and hopefully everything will go well.
<qman__> no problem, good luck
<airtonix> yo, i see that bug too when i connect to samba shares in nautilus
<airtonix> !bug 712787
<uvirtbot> Launchpad bug 712787 in samba "DBus error when connecting to shared folders in Nautilus" [Undecided,New] https://launchpad.net/bugs/712787
#ubuntu-server 2011-02-04
<defn> is there a better way to get a newer version of apache in lucid than building from source?  im being exploited by a proxy problem that exists in the ubuntu package
<Pici> defn: You may be able to find a ppa that has lucid builds for newer versions.
<Pici> !ppa
<ubottu> A Personal Package Archive (PPA) can provide alternate software not normally available in the offical Ubuntu repositories - Looking for a PPA? See https://launchpad.net/ubuntu/+ppas - WARNING: PPAs are unsupported third-party packages, and should be used at your own risk.
<wizardslovak> hello people
<wizardslovak> i have phpbb instlled on server , it worked but now its not
<defn> Pici:
<defn> thank you
<wizardslovak> anyone?
<wotwot> wizardslovak, you might find an answer in your logs
<wizardslovak> yea well dont know which ones
<piercedwater> Can anyone here help me with large storage options? (8+ TB)
<uvirtbot> New bug: #712840 in multipath-tools (main) "local-top should pass -p part, not -p p" [Medium,In progress] https://launchpad.net/bugs/712840
<benedikt> If I have one machine that I want to "duplicate", what do i have to copy to the new machine - roughly speaking
<SpamapS> benedikt: back in the day, before I used config management systems.. I'd just boot to single user mode and rsync from the old box to the new one
<quentusrex> Anyone else aware of a new issue with kvm and guests hanging on 'Booting from Hard Disk' ?
<quentusrex> the server is unchagned and not updated, the guest is the latest packages.
<benedikt> SpamapS: thats what im going to do., what should I do about /dev and /proc?
<SpamapS> benedikt: skip them
<SpamapS> benedikt: skip /sys too
<quentusrex> SpamapS, what config management system are you using?
<SpamapS> quentusrex: right now, none, because I'm not caring for any clusters. But I used to have my own, and then I did some fiddling w/ puppet. :)
<quentusrex> aah
<quentusrex> I've used git for the configs, and hooks to deploy
<benedikt> SpamapS: and when i boot the new computer?
<benedikt> nevermind, ill google and fiond out
<SpamapS> benedikt: well you'll need to rename the new one and change the IP probably
<qman__> benedikt, dd if=/dev/sda of=/dev/sdb
<qman__> literally, that's it
<qman__> obviously if you're running on the same network you'll want to change the hostname and IP
<qman__> but there are no special tricks needed
<qman__> ubuntu will 'just work' no matter what hardware you pop your install into
<twb> qman__: you'd want to blow away /etc/udev/rules.d/*persistent*net*
<twb> qman__: otherwise the new host would try to raise eth0 and eth1, but only have interfaces eth2 and eth3
<qman__> yeah
<twb> If the new disk is smaller, you'd also have to wrestle that.  And of course the dd should be done while sda is offline (e.g. boot a live cd).
<twb> Other than that, it should be fine
<AdamDV> What openssl command can I use to generate a public and private key?
<twb> SSL doesn't have public keys, it has certificates.
<twb> (Technically the public key is included in the private key and cert files.)
<jmarsden> ahem... openssh genrsa   may be what AdamDV was looking for?
<jmarsden> Make that openssl genrsa
<twb> I use gnuTLS's certtool(1) command, because it tends not to implement esoteric commands that confuse me.
<AdamDV> thanks jmarsden
<twb> e.g. it defaults to RSA, so you don't need to pick the algorithm
<jmarsden> AdamDV: You can do man openssl to see all the commands, or  openssl list-standard-commands to just get a straight list of them without explanations.
<zul> SpamapS: tomorrow
<RudyValencia> How do I set up a PPTP server on Ubuntu 10.04 LTS server version?
<highvoltage> RudyValencia: this might help: https://wiki.ubuntu.com/VPN
<RudyValencia> ty
<jmarsden> RudyValencia: Try http://www.ubuntugeek.com/howto-pptp-vpn-server-with-ubuntu-10-04-lucid-lynx.html for one idea :)
<RudyValencia> I think that was what I did
<RudyValencia> https://wiki.ubuntu.com/VPN is for VPN clients
<RudyValencia> I'm trying to serve VPN
<RudyValencia> and that's not working
<twb> Don't use PPtP unless you absolutely have to; it uses insecure crypto algorithms (or is is handshaking?)
<RudyValencia> L2TP would require generating a security key
<twb> If you have a choice you should be looking at openvpn or ipsec+l2tp
<RudyValencia> I don't have IPSec set up on this network
<RudyValencia> I don't know if Windows supports OpenVPN connections
<RudyValencia> (this is so I can access my Windows shares remotely, actually)
<jmarsden> RudyValencia: See http://openvpn.se/
<jmarsden> But if this is just for one remote PC, ssh to it and set up to tunnel SMB: http://pigtail.net/LRP/printsrv/tunnel-smb.html
<RudyValencia> The remote PC won't have SSH tunneling as it runs Windows
<greppy> RudyValencia: openvpn works with windows clients.
<RudyValencia> I figured out the problem
<RudyValencia> no ms-dns entry in pptpd-options
<twb> ppp openvpn you can do with just a shared secret
<RudyValencia> hey
<RudyValencia> oops
<RudyValencia> got it
<RudyValencia> I tested my VPN using my android phone
<RudyValencia> it connects fine
<jmarsden> RudyValencia: I have some Windows machines that have SSH, Cygwin has openssh and it works fine.
<RudyValencia> ah
<jmarsden> But if you have a working VPN setup now, cool, use it :)
<RudyValencia> I've already got the PPTP setup working. Just realized I didn't declare a DNS server.
<piercedwater> What is the status on USB 3.0 support?
<piercedwater> As far as pci-e cards, etc
<piercedwater> Hey guys, did you know the forums are a great place to search before asking a question
<lifeless> yes, yes we do.
<j0nr> hello...I have ubuntu 8,04 LTS server installed. I installed Roundcube with an apt-get... I don't think it is the latest version, based on having seen it run on ubuntu 10,04. I guess this is due to being on 8,04. Is it possible to force the newer version to install?
<\sh> nijaba: I replied on your comment :)
<nijaba> \sh: looking :)
<nijaba> \sh: it's a fairly simple resseler agreement.  Don't see how this could be called sponsoring...
<\sh> nijaba: as said, I think the words in the serverwatch article is not clear enough....I read about the reselling agreement, but the first sentence gave me a wrong feeling...:)
<\sh> patdk-lap: some news on the bonding problem from yesterday, I think it's not upstart which is bugging me, but something which looks like a regression regarding the bonding drivers and/or the way how the bonding driver is loaded in if-pre-up.d/ifenslave , investigating more now
<chrismat> How do you grep for non ascii characters in a text file?
<chrismat> Ie I'm looking for high ascii values like swedish character Ã¥Ã¤Ã¶
<nijaba> \sh: agreed that the introductory statement from serverwatch can be misread "involves some money"...  bleh.
<\sh> nijaba: you could ask them to remove this sentence ;)
<nijaba> \sh: and make a journalist angry at us...  not sure I want to do that :P
<\sh> nijaba: well, if this article gives a bad taste because of some wrongly chosen wording, I would ask for a change or clarification
<nijaba> \sh: truth is, I trust our PR department to know better than I
<\sh> nijaba: sometimes ;)
<novitololo> I've a question: apache2 I suppose means apache 2.0 right?
<iclebyte-work> novitololo, correct
<novitololo> ok thanks ;)
<novitololo> Is it from the apache2 that the httpd.conf is empty?
<sergevn> novitololo: yes, it resides in apache2.conf or /etc/apache2/sites-enabled/ what you are looking for
<novitololo> sergevn: nothing thanks, I was just surprised when I opened this computer
<novitololo> :)
<sergevn> novitololo: iirc httpd.conf isnt used anymore
<novitololo> I see, thank you :)
<sergevn> novitololo: np
<DiagonalArg> Hey folks!  Installed Ubuntu over a previous install, which was on a RAID1. Only option on Alternate Installer was "Erase Drive".  Took 30 hours for 168G???  WTF??
<DiagonalArg> If it's zeroing out the drive, that's 3.2MB/s (counting writing to each drive, separately).  Any thoughts?
<DiagonalArg> I would have hoped there would be a way to do this by just deleting the files, but not zeroing the drive (assuming that's what it was doing).
<patdk-lap> guess he wants an out of sync raid1
<jpds> patdk-lap: Potentially.
<DiagonalArg> Got lost there for a minute.  Anyway, I'm back if someone has any thoughts
<patdk-lap> guess giagonalarg wants an out of sync raid1
<patdk-lap> it has to copy everything on drive 1 to drive 2, for raid1
<patdk-lap> why it took your system 30hours for 160gigs, dunno, mine is much quicker
<DiagonalArg> I don't think it was a sync issue.  The machine ran fine, I shut down, and ran the installer again (this time with 64 bit, the previous had been 32)(
<DiagonalArg> When I ran the installer, the only option it gave me, if I wanted to install to the same place as the previous system, was "erase drive"
<DiagonalArg> I'll add that after that 30 hours, the install went fine and now I've got 64-bit Ubuntu running fine.
<DiagonalArg> Also, I've benched both disks.  They're SATA-I
<azizLIGHTS> hi, should i make pptp vpn server or l2tp vpn server?
<azizLIGHTS> any good guide for this to use on amazon ec2
<_ruben> depends on your needs/wishes/etc
<azizLIGHTS> i wish to use vpn for browsing in a firewalled scenario
<azizLIGHTS> client is windows computers
<azizLIGHTS> (no ports open)
<azizLIGHTS> what is best for me? l2tp or openvpn or pptp
<azizLIGHTS> what are these certificates adn why u need them for l2tp vpn
<azizLIGHTS> can someone explain me what is "certificate authority" and why u need for set up of l2tp vpn server. im tyrying to understand concepts inside a tutorial but it doesnt explain
<pmatulis> never heard of 12tp, sorry
<pmatulis> use openvpn maybe, it's well known
<azizLIGHTS> L2tp over ipsec
<nimrod10> azizLIGHTS, will you be able to use l2tp if there are no ports open ? best case that I can think of , if the people administering the firewall allow port 443 outbound you could use openvpn
<azizLIGHTS> the client is firewalled, the server wont be (i dont think.... im going to put latest ubuntu server on amazon ec2)
<RoAkSoAx> morning all
<failover> Hi, it's a normal behavior, quotacheck run after every reboot ?
<failover> the tool starts at the end of boot process and take about 5 minutes before gimme the prompt
<raubvogel> Who should own the cert and key used by postfix and dovecot in ubuntu? Which group should I also use?
<aliverius>  am running a vm qith qemu at startup. where should it reside? somehwere in /var?
<noobster> good mourning all. I am having an error I have never seen before. I woke up today to a..  init: ureadahead-other main process (912) terminated with status 4
<noobster> I get about 4 of those, and the srv will not boot
<noobster> !!
<jmarsden> You *woke up* to that?  That'll teach you to sleep on the server, instead of on a bed :)
<noobster> lmao
<noobster> yea
<noobster> kinda freeked out, has this ever happened to anyone?
<jmarsden> I think I've seen that kind of message during boot after a power loss on a workstation (no UPS), but it didn't prevent boot.  But that's just from (old and not always reliable) memory.
<jmarsden> Was that the last thing on screen before the server hung?
<noobster> ctrl + alt + delete reboot the machine as expected, so its not frozen
<noobster> I was on it @ about 3AM last night moving smb.conf and bind9 files and it seed to just crash
<jmarsden> It may be doing a filesystem check that takes time, are you just being impatient with it?
<noobster> I tried to ssh in and got an error denied
<noobster> well it was still offline when I got up @ 9
<noobster> or online w/ connection refused
<jmarsden> OK... so I'd guess there really was some sort of crash or issue last night, but... after you rebooted it at 9, how far did it get through the boot sequence and how long did you leave it along before hitting ctrl-alt-del ?
<noobster> jmarsden, about an hour
<jmarsden> Unless you have a multi-terabyte filesystem somewhere, that should be plenty.  Hmmm.
<jmarsden> If you are local to the server, can you boot it into single user mode?
<noobster> i do have a multi-terabyte /home
<jmarsden> Ah... well then maybe you need to wait several hours after a crash.
<jmarsden> See if you can boot single user and manually check the filesystems.
<noobster> jmarsden, onsite now, tried to hit esc but did not bring up grub
<RoAkSoAx> zul: have you tested sheepdog yet?
<zul> RoAkSoAx: not yet
<noobster> is grub trap another key other than esc in 10+
<zul> RoAkSoAx: problems?
<jmarsden> noobster: I think I usually hold down left-shift, rather than pressing esc, to get grub boot prompt?
<RoAkSoAx> zul: nah!! just was going through the documentation and seems pretty interesting
<zul> RoAkSoAx: i dont have the hardware for it but its needed for a feature in openstack
<noobster> single user mode == "recover mode"
<noobster> ?
<jmarsden> noobster: Yes.
<jmarsden> recovery mode, with a y, I think it is called?
<RoAkSoAx> zul: yeah but I'm presumming that it could be tested in VM's
<noobster> same error
<noobster> mountall: Event failed      init: ureadahead-other terminated with status 4
<jmarsden> noobster: Doesn't sound good.  Can you boot from CD and check the filesystems that way?
<noobster> mounted-tmp terminated with status 127
<noobster> yea I am downloading ubuntu 10.04 desktop 64 now
<noobster> 40 mins left
<jmarsden> noobster: Gut instinct is that you might have some sort of disk-related hardware issue.  40 mins?  You;re downloading it via your cellphone? :)
<noobster> lol eveyone in pounding out T1 since the server is down
<noobster> is there a trap to see if fsck is running?
<jmarsden> Ugh.  I have 10Mbit/sec here at home and 35Mbit/sec at work, so ... ISOs download pretty fast :)
<jmarsden> If you can get to a second console window (alt-F2 or whatever) you can see if you can log in there and poke around?
<noobster> i have 20 @ home, 1.5 @ this office
<compdoc> my comcast can d/l an OS DVD pretty fast, but only if I use bittorent
<noobster> nope, just a flashing _
<noobster> ok so I will stop chattering the board until I have the cd booted
<jmarsden> noobster: So... why aren't you carrying your collection of .ISOs on a usb key or on a pile of CD-Rs?  OK... so it hasn't got to the point where it runs all the gettys...
<jmarsden> noobster: OK.  I'll probably be AFK (breakfast and then on my way to work) by then, but others here can probably help you out if you need further assistance.
<noobster> ty 4 the help !
<jmarsden> You're welcome.
<RoAkSoAx> zul: have you been through the documentation yet?
<zul> RoAkSoAx: nope i just packaged it
<RoAkSoAx> ok
<RoAkSoAx> zul: btw... the archives and PPA's do not accept tar.xz tarballs right?
<zul> RoAkSoAx: doubt it...but i have never tried it
<RoAkSoAx> zul: yeah at least PPA's dont'. Who do you think knows?
<zul> RoAkSoAx: umm...an archive admin maybe :)
<RoAkSoAx> loldumb me :P
<bigjools> they don't
<jmarsden> They (archive admins) don't know?  Or they (tar.xz files) don't work? :)  I'm guessing the latter, but either interpretation is possible.
<bigjools> heh, the latter
<jmarsden> :)
<RoAkSoAx> bigjools: do you know if there are any plans to support them?
<bigjools> no plans
<RoAkSoAx> bigjools: what if requested? Would that be considered?
<bigjools> of course, it would need to go via the right channel to get any weight though
<bigjools> unless someone sends me a patch :)
<RoAkSoAx> bigjools: any branch in specific that I should be looking at?
<jpds> RoAkSoAx: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=556407
<uvirtbot> Debian bug 556407 in ftp.debian.org "data.tar.xz" [Wishlist,Open]
<bigjools> RoAkSoAx: https://code.launchpad.net/~launchpad-pqm/launchpad/devel
<bigjools> lib/lp/archiveuploader/ contains all the upload processing
<RoAkSoAx> jpds: cool ;)
<RoAkSoAx> bigjools: awesome! thanks
<bigjools> np
<zul> SpamapS: ping when you are around?
<uvirtbot> New bug: #713204 in backuppc (main) "package backuppc 3.1.0-9ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/713204
<SpamapS> zul: pong , now I'm found!
<zul> SpamapS: so handreak, you are good with me reviewing it now?
<zul> handbreak even
<SpamapS> handlersocket
<SpamapS> zul: yes
<zul> SpamapS: k ill have a firstpass this afternoon
<SpamapS> zul: sweeeeeet
<Lars_G> Hi alll
<Lars_G> This is more a general question about ubuntu but if someone must know it's the server guys
<Lars_G> I'm trying to install ubuntu over the network into a xen virtual machine
<Lars_G> I downloaded the xen netboot image and made it accessible to the xen server over the web, and it boots
<Lars_G> but I have an 10.04 LTS DVD I would like to use as my install source to avoid the veeeery slow internet connection ussage
<compdoc> reasonable
<Lars_G> I've mounted the dvd in a machine and made it available thorough http (at my address: http://<ip>/ubu3
<Lars_G> But the installer wont recognize it as a valid mirror
<Lars_G> wether I enter the url as http://<ip> and the diretory as either /ubu3/ or /ubu3/ubuntu
<compdoc> cant just place the dvd into a drive on the xen machine?
<Lars_G> what can I do to have it recognized as a "valid" mirror?
<Lars_G> compdoc: nope, no dvd in the machine, and the installer offers no dvd option
<compdoc> I think its best to mount the iso file
<Lars_G> So is there no way to have the dvd shared over http to be recognized as a repo?
<compdoc> xen, xenserver, kvm, and the others have the ability to install from an iso thats stored on the lan
<compdoc> it mounts it as if it was in the dvd drive
<Lars_G> So I'd rather rip the iso and do so over nfs or cifs (xenserver btw)
<Lars_G> sigh
<Lars_G> only detail last time I tried a dvd install the template didn't locate the right vmlinuz file in the dvd
<Lars_G> so it couldn't install
<Lars_G> is there NO way to make it work with the dvd shared over http? the process is halfway there
<compdoc> OS template for the VM?
<compdoc> you mean selecting the OS type?
<Lars_G> XenServer installs PV machines only from templates they provide
<compdoc> or what do you mean by template?
<compdoc> yes
<Lars_G> I could use "other OS" but it'll install in HVM and I want this machine to be PV
<compdoc> you want a tip? no matter what OS youre installing, select Windows 2003 as the OS template, and it'll run
<Lars_G> Because it's HVM same as the Other OS option....
<compdoc> I still use xenserver for one customer, but I'm all kvm otherwise
<Lars_G> And installs from a DVD instead of booting a kernel directly
<compdoc> I like xenserver, but I need more control over networking, etc
<Lars_G> I agree
<Lars_G> I chose it for a very specific reason
<piercedwater> What is the name of the ubuntu server usb probe tools used to monitor usb speed?
<piercedwater> ok so i found hwinfo
<piercedwater> but it only gives me the port speed while not in use..im trying to find what the actual speed is?
<compdoc> I think sometimes the speed is listed in dmesg
<compdoc> oh, usb - not sure
<noobster> ok, got ubuntu desktop cd booted up on server, and can see all the drives. Still getting the mountall: Event failed      init: ureadahead-other terminated with status 4 error when booting off drives. what is my next step? I hope I dont have to reinstall.
<noobster> jmarsden,
<uvirtbot> New bug: #713237 in multipath-tools (main) "shutdown segv due to race w/ free_waiter threads" [Undecided,New] https://launchpad.net/bugs/713237
<noobster> mount -t ext3 /sda1 /mntsda1
<noobster> & 2
<noobster> no probles & can see the content of sda /etc
<smoser> what package would be the proper place to put a ttyS0.conf ?
<smoser> basically to run a getty on ttyS0
<smoser> upstart owns the other ttyN.conf files.
<soren> smoser: I think I have a bug open about that somewhere.
<soren> smoser: Way, way old. Like two years or something.
<soren> smoser: Well, it was for hvc0, but the idea is the same.
<soren> smoser: https://bugs.launchpad.net/ubuntu/+source/upstart/+bug/372864 but apparantly the talk about where to put the file was on IRC :(
<uvirtbot> Launchpad bug 372864 in upstart "conf: Put a getty on hvc0" [Wishlist,Fix released]
<smoser> soren, youdont have irc logs ?
<soren> smoser: I'd say it belongs in whatever package the other ones are in (upstart currently).
<soren> smoser: I do.
<soren> Gigabytes worth.
<soren> I don't feel like wading through them, though. The gist of it is that Scott didn't want it in the upstart package.
<soren> I'm not sure I ever got a good reason out of him.
<soren> Anyways, ttyS0 is harder than hvc0.
<soren> Let me see if I can find the bug..
<smoser> why would ttyS0 be  more difficult ?
<soren> I'm looking for the bug reference.
<soren> The short version is that hvc0 is specifically for a console.
<soren> ttyS0 is a general purpose serial port.
<soren> Some people got really upset that network-manager tried to probe for modems on all serial ports, because they had stuff connected to said serial ports that got into a rather unfortunate state if random stuff was sent to them.
<smoser> i dont know... your suggestion that "hvc0 is specifically for a console" is not really true.
<soren> Same will happen if we stick a getty on ttyS0.
<soren> How do you figure that?
<soren> You know what vc stands for, right?
<smoser> maybe you use hvc0 for other things. and having the guest write random data to it will break those things.
<smoser> its a general two way communication mechanism.
<smoser> but, yes, i'm mostly just arguing. i see the point.
<smoser> the bug says that both kvm and xen have /dev/hvc0
<smoser> but i do not see such a think in kvm
<soren> Maybe you need to specify it explicitly these days.
<soren> $ kvm --help | grep vc
<soren> -chardev vc,id=id[[,width=width][,height=height]][[,cols=cols][,rows=rows]]
<RoAkSoAx> hggdh: did you end up testing powernap again?
<soren> smoser: I really do wish we could stick a getty on ttyS0 by default.
<hggdh> RoAkSoAx: no, not yet -- got busy with other tests. Will check on it now
<RoAkSoAx> hggdh: ok cool ;)
<soren> smoser: My google-fu is failing me.
<smoser> try bing
<smoser> :)
<soren> hah
<soren> smoser: Someone complained. I'm not sure what the outcome was.
<zul> lol
<noobster> hi all
<smoser> anyone have a suggestion... I'm trying to look for media in cdrom devices.
<smoser> my initial try just tried 'mount /dev/cdrom' to test and see if there was a mountable cd there.
<noobster> I am having trouble with a server. last night @ 3am, I was scp files from it and it crashed. I looked like it tried to reboot, but gave me a ssh error connection refused.
<noobster> smoser, mount /dev/cdrom /mnt/cdrom
<smoser> that takes like 18 seconds in this kvm vm.
<smoser> if there is no cdrom there.
<noobster> ?
<noobster> got in today and the server has stopped @ init: ureadahead-other main process (912) terminated with status 4
<smoser> ie, i have a /dev/sr0 and /dev/cdrom device in /dev. but there is no disk in it.  If i try "mount /dev/cdrom" it will take 18 seconds to return.
<noobster> I did ctrl + alt + delete, and the system reboots
<noobster> i am kinda freeked out
<smoser> 'dd if=/dev/sr0 bs=1024 count=1024' (or hte like) will return immediately, saying "no medium found"
<noobster> my boss is fixing to skin me lol
<smoser> is there a better way that i can test if there is media ?
<noobster> i downloaded, burned and booted from the cd rom
<smoser> noobster, lucid ?
<noobster> yes
<noobster> 10.04.1lts
<smoser> i suspect that a disk that you have in /etc/fstab is not there
<smoser> and init is sitting around waiting for that disk
<noobster> funny thing I was able to rebuild the entire md array no proble, except for /home thats an md/lvm
<smoser> if you booted off live cd, try mounting the device, and removing /home form /etc/fstab
<noobster> I got the md up, and it found vg VGHOME1
<noobster> 2 things, how do i rescan/add LVHOME1 out of LGHOME1 w/out data lose, 2ed if there is nothing wrong w/ these drives, why will my server not start
<noobster> I have tried recovery on the 2 kerns there nether boot
<noobster> smoser, you want me to comment out /home lvm in /dev/md1/etc/fstab?
<smoser> or you can add 'nobootwait'
<smoser> to the options
<smoser> but if that device isn't there, but is listed in /etc/fstab, init will wait for it
<smoser> forever
<noobster> /dev/mapper/VGHOME1-LVHOME1 /home           ext3    user_xattr        0       2
<noobster> how should I adjust?
<noobster> /dev/mapper/VGHOME1-LVHOME1 /home           ext3    user_xattr,nobootwait        0       2
<noobster> like that smoser
<smoser> yes.
 * RoAkSoAx lunch
<smoser> but you could just comment it out.
<smoser> you can put it back later.
<noobster> if /home is not there it gets stuck and I cant login
<zul> smoser: you use can use to use the eject command to detect their was  cdrom or soemthing
<noobster> can someone inform me of what 0 2 mean at the end, I forgot
<smoser> i dont see how i would check to see if there was something there now.
<smoser> noobster, man fstab
<piercedwater> Does anyone know where I can find 64-bit Dell DSET or OMSA for Ubuntu?
<piercedwater> Or something similiar...Im trying to get a diagnoses on my PE 1850
<noobster> ok, the server came up, but with no /home directory
<noobster> i can ssh in now though
 * genii-around makes a note to remove "coffee" from his alert list
<EvilPhoenix> heh
<noobster> ok managed to get the server back up, thank you smoser for the nowaitboot option.
<smoser> no problem.
<noobster> one strange error I didn't get b4.. disconnected from plymouth
<noobster> mountall: Disconnected from plymouth
<noobster> has anyone seen this b4?
<cohonen> okey guys,, i restart /etc/init.d/networking, and /etc/network/interfaces GETs ignored
<cohonen> what the fu** BEEP is going on here
<cohonen> how am i supposed to make semi static conf on my interfaces
<cohonen> okey sorry,, i was in crack mode
 * RoAkSoAx ... to hot outside today..
<yoanis> hi there
<yoanis> i just installed ubuntu-server 10.04 on a ppc machine
<yoanis> the installer went fine
<yoanis> but now i get this
<yoanis> after reboot
<guntbert> !enter | yoanis
<ubottu> yoanis: Please try to keep your questions/responses on one line - don't use the "Enter" key as punctuation!
<yoanis> "/disk00:3,boot/vmlinux: unable to open file, Invalid device"
<yoanis> guntbert: sorry about that
<guntbert> yoanis: no problem, its easier to read that way - no experience with ppc here - sorry
<yoanis> it's ok. thanks ;)
<RoAkSoAx> zul: to build a package from ubuntu-cobbler bzr branch, should I just do bzr bd -- -sa and it will create the tarball?
<zul> RoAkSoAx: it should
<RoAkSoAx> zul: ok thanks ;)
<RoyK> I see the binaries don't have symbols - is there a way to get a good coredump from a package without rebuilding it from source?
<hggdh> install the needed dbgsym (or dbg)
<jdstrand> hallyn: I hope you don't mind, but I recommended you for libvirt upload right in addition to what you asked for at the top of your application
<jdstrand> hallyn: tip, you may want to subscribe to your applications page
<jdstrand> s/applications/application/
<RoAkSoAx> zul: ok so for example, when we have a .orig.tar.gz and in the source, we just debuild -S -sa, and it creates the .dsc and etc etc. So, if I the source is a bzr branch, what should I be doing to create the .orig.tar.gz and debuild -S -sa without actually having to have the dependencies installed?
<zul> RoAkSoAx: what if you bzr bd -S
<zul> and use something like pbuilder to build it
<RoAkSoAx> let me try ;)
<zul> right have a good weekend
<RoAkSoAx> zul: you too!!
<piercedw_> Can someone please suggest a diagnostics tool for a Dell PowerEdge 1850? I have tried Dell DSET and OMSA, neither of which are made for Ubuntu (64-bit).
<guntbert> piercedw_: if I remember correctly they come as bootable iso files - just burn them...
<piercedw_> DSET comes as a bin
<piercedw_> Im just doing this for a home server...I dont have any experience with professional networks..just looking for something to tell my why my light ist orange
<guntbert> piercedw_: yes, I see your problem now
<piercedw_> yeah, its not exactly made for what im using it for, but i think i can get it to work
<piercedw_> The amber light worrys me though
<guntbert> piercedw_: did you see http://en.community.dell.com/dell-blogs/enterprise/b/tech-center/archive/2010/07/27/dell-openmanage-6-3-for-ubuntu.aspx  ?
<piercedw_> awesome
<piercedw_> ty so much
<piercedw_> hope it works
<piercedw_> :)
<guntbert> piercedw_: Good luck :-)
<piercedw_> thanks again
<piercedw_> \o/
<hallyn> jdstrand: thx, will do.  (in case someone comes by and badmouths me behind my back :)
<jdstrand> hallyn: exactly ;)
<piercedwater> I checked my system out via Dell OMSA, but I still have an amber light flashing. Any suggestions?
<piercedwater> the only thing I can find is an alert from when I opened to chasis
<piercedwater> chassis*
<piercedwater> Its weird I have green checkmarks next to power supply, but I have a critical warning message under alerts
<compdoc> critical doesnt sound good
<compdoc> a chassis alert just means you opened the case. and the feds have been alerted
<compdoc> jk :)
<njbair> how long do files remain in /tmp?
<guntbert> njbair: until reboot normally
<bluefrog> njbair,  until reboot except if you change things in /etc/default/rcS
<njbair> so files are only deleted on reboot?
<njbair> I suppose I could write a cron script to delete periodically between reboots
<erichammond> njbair: How will you know if a file in /tmp is no longer needed for some process?
<RoyK> njbair: or just use tmpfs for /tmp
<njbair> erichammond: lsof ?
<RoyK> njbair: if some process stores files on /tmp or some tmpfs volume, you can't just remove the file, you need to restart the process as well
<RoyK> removing a file is just an unlink
<RoyK> removing its filename
<RoyK> the data won't be reclaimed until the file is closed
<erichammond> njbair: Just because it isn't open, doesn't mean some process isn't going to reopen it.  For example, some shell scripts use mktemp to create the file, then after a while open it for further processing.  By "process" I mean "software system".  Some applications store temporary files and use them later.
<njbair> That's true
<njbair> I'm mainly concerned with making sure that more recent files persist between reboots
<njbair> so TMPTIME=10 should do the trick
<erichammond> If you're having a problem with /tmp filling up, perhaps track down what processes are leaving them around and fix them.
<njbair> It's not that...
<RoyK> njbair: /tmp is temporary - store the files elsewhere if you want them to persist
<erichammond> If it's humans, then have them use a different directory and automate cleaning that up based on age.
<RoyK> erichammond++
<njbair> I have a headless server, which has a weekly cron job that creates a .tgz backup of all the important files in /tmp. Then I run my backup script on my desktop which uses scp to grab the most recent backup from the server.
<erichammond> argh.  Just glanced at my /tmp and it has a lot of files which look like they were put there by a browser download.
<njbair> but those backups start to add up between reboots
<erichammond> njbair: "important files in /tmp" ? :)
<njbair> backups of important files...
<njbair> I chose /tmp because I figured it would save me the trouble of writing a script to delete the old ones
<RoyK> njbair: get real
<RoyK> using /tmp isn't a good excuse for writing bad software
<njbair> In Red Hat, /tmp files persist for 10 days. I assumed the same was true in Ubuntu.
<erichammond> RoyK: get nice
<njbair> really
<RoyK> erichammond: sorry, mate, but not removing temporary files you've created isn't very good programming
<njbair> there's nothing bad about leveraging OS facilities rather than duplicating them
<njbair> RoyK: so you're telling me you employ the full gamut of best practices every time you write a shell script?
<RoyK> njbair: If I use temporary files, I remove them, because when that software may be ported to another OS or distro, it might not work
<RoyK> njbair: I'm just saying _remove the temp files_
<RoyK> relying on one distro's functionality, like redhat's, isn't very wise
<erichammond> anyway... we're now understanding how things work and helping each other figure out the best options
<njbair> RoyK: point taken. but chill dude
<RoyK> :)
<erichammond> Sounds like the recommended approach is use a directory other than /tmp and implement your own backup and cleanup cron jobs.
<njbair> what are your thoughts on using /var/backups
<njbair> actually, that might be in the rsync tree... that won't work
<patdk-wk> heh, simple to clean it, find /tmp/ -type f -mtime +10 -delete
<RoyK> patdk-wk: that's the quick-and-dirty fix :)
<patdk-wk> royk it works well :)
<patdk-wk> I wouldn't use it on a *desktop* machine
<RoyK> I know - I have a few of those cronjobs at work
<patdk-wk> I'm just happy find supports -delete
<erichammond> patdk-wk: That picks up orbit and pulse things on my system, which I'd be hesitant to delete outright.
<patdk-wk> for years I was stuck on a system that it didn't, had to use xargs and rm :(
<patdk-wk> erichammond, ya, like I said, don't use it on a desktop :)
<patdk-wk> but pulse, x11, orbit, ... don't exist on a server, so normally ok
<patdk-wk> but ya, he should use a backup dir, then run something like that on the backup dir
<erichammond> until somebody releases a server package that makes assumptions about how Ubuntu treats /tmp
 * patdk-wk puts /tmp on tmpfs
<patdk-wk> even on my desktop machines
<alex88> hi guys..has everyone tried installing greensql?
<RoyK> erichammond: not really necessary - if people use /tmp for large storage without cleaning up, well, there is only one part to blame
<erichammond> RoyK: It doesn't have to be large to be important.
<erichammond> "important" while a process is running
<erichammond> (not important between reboots on Ubuntu)
<erichammond> I suppose any time you have shared space used by thousands of people, there's going to be some conflicts about what it can be used for and how to clean it up :)
<RoyK> erichammond: how long would you think it'll take to fill up, say, 1GB of /tmp if an applications wasn't severely badly written?
<erichammond> RoyK: I don't understand the question, but I'm pretty sure the answer is: 7
<patdk-wk> royk, one second :)
<patdk-wk> cat big file | grep something | somethingelse
<patdk-wk> any piped command uses /tmp like nuts
<patdk-wk> that is how I normally fillup my 2gb /tmp tmpfs
<erichammond> been fun, gotta run
<patdk-wk> not realizing that sql.gz is >2gigs when I pipe it to mysql
<RoyK> patdk-wk: I'm quite sure that was grep's fault - piping doesn't use /tmp
<patdk-wk> hmm
<AlexMax> Help!  I accidentally 'purged' nginx instead of uninstalling it and my config files are gone.  I have backups, but I can't reinstall it because it can't find /etc/nginx/sites-enabled/default
<patdk-wk> maybe, I know I hit that issue often with pipes
<AlexMax> how do i get it to install it fresh
<patdk-wk> haven't hit it in the last year though
<AlexMax> I'm using the ppa version of nginx
<RoyK> patdk-wk: no chance of undelete on linux
<AlexMax> I already tried aptitude -o DPkg::Options::="--force-confmiss" reinstall nginx-full
<AlexMax> that didn't do anything
<patdk-wk> undelete?
<RoyK> patdk-wk: that was for AlexMax, sorry
<RoyK> AlexMax: are your config files still there?
<AlexMax> RoyK: Nope, they'r egone
<AlexMax> I don't care about getting my old configs back
<AlexMax> But how the heck do I reinstall nginx
<AlexMax> Setting up nginx-full (0.8.54-4ppa4~maverick) ...
<AlexMax> ln: creating symbolic link `/etc/nginx/sites-enabled/default': No such file or directory
<ahe_> is there a way to create a completely virtual lan that runs on a single linux host for testing purposes? what i want to do is to create interfaces like veth0 ... vethn all with different ip addresses that behave like they were connected to one physical switch so you can also send arp packages on those devices
<NativeAngels> Hello
<RoyK> AlexMax: then they're gone
<szpuni> how can i chage startup of rsyslogd deamon? i have edited /etc/default/rsyslog file to add startup options and i have changed -c4 to -c0 -r but when i restarted deamon old configuration was keept any body have any ideas why this is happening?
#ubuntu-server 2011-02-05
<AlexMax> RoyK: again, i don't care about the config files that were there
<AlexMax> my problem WAS  that I couldn't reinstall nginx
<AlexMax> because it couldn't find the (missing) config files
<AlexMax> the solution was to also purge nginx-common and reinstall it
<AlexMax> purging nginx-light removed the config files, but only reinstalling nginx-common put them back
<AlexMax> so there you god
<AlexMax> erm
<AlexMax> go
<AlexMax> I'm not stuck in the 90's
<AlexMax> I know that files are gone if i delete them
<uvirtbot> New bug: #706917 in clamav (main) "ClamAV misses "SafeBrowsing" option in freshclam.conf" [Undecided,New] https://launchpad.net/bugs/706917
<RoyK> http://i.imgur.com/a19Nw.jpg
<szpuni> AlexMax: why do you use package? compiled from source, package is really out dated
<szpuni> compiling from source will give you only problem with pcre libary kind of weird
<AlexMax> why on earth would i compile from source when the nginx ppa exists
<AlexMax> always the latest 0.8.54 or 0.9.3
<AlexMax> update through apt
<AlexMax> i know ubuntu maverick ppa is out of date so I don't use that ;)
<Thirtysixway> I realize this is ubuntu-server, but anyone know of some good backup software for windows?
<Thirtysixway> or should I just do a vm of ubuntu
<Thirtysixway> I want to use something like backupPC, but I have to keep windows on my only 'server' machine because i have to use it for my printer/scanner...
<uvirtbot> New bug: #713002 in openssh (main) "Impossible to disable IPv4" [Undecided,New] https://launchpad.net/bugs/713002
<RoyK>  
<Nertil> why i cant fix ipv6 tuneling via HE on ubuntu server
<Nertil> ?
<Nertil> i get weird error
<Nertil> sudo ifup he-ipv6
<Nertil> ioctl: No buffer space available
<Nertil> Failed to bring up he-ipv6.
<jmarsden> Thirtysixway: I think bacula is ported to Windows as well as Linux, will that work for you?
<pmatulis> jmarsden, Thirtysixway: i believe there is a Bacula *agent/client* for windows
<jmarsden> pmatulis: http://www.bacula.org/en/dev-manual/main/main/Supported_Operating_Systems.html says it has the daemons also
<jmarsden> In "reported to work but not directluy supported" status, but they exist.
<Thirtysixway> jmarsden: I would need the server to be running on windows I think. I'll look into something else
<jmarsden> OK.  For linux and Windows file sync style redudancy you can use unison ?
<Thirtysixway> hmm. possibly
<Nertil> does anyone here have ipv6 on his ubuntu server ?
<RoyK> 123
<Nertil>  local 77.28.232.222,192.168.2.111
<patdk-lap> only about 30 here
<Nertil> i want this command local
<Nertil> to listen 2 addresses
<Nertil> how can i make it ?
<patdk-lap> what the hell is that?
<Nertil> im runing he-v6
<Nertil> in interfaces
<Nertil> iface he-ipv6 inet6 v4tunnel
<Nertil>         endpoint 216.66.80.90
<Nertil>         address 2001:470:27:5d6::2
<Nertil>         local 77.28.232.222,192.168.2.111
<Nertil> something like this
<Nertil> i want local to read 2 addresses
<patdk-lap> I have no idea what that local line says
<patdk-lap> cause ipv4 only has 4 numbers
<jmarsden> Nertil: I have no idea if will work, but does the definition of the syntax for this file allow two local lines in one iface stanza ?
<patdk-lap> it can't have two ip's
<Nertil> well
<Nertil> the point is
<Nertil> that my ipv6 works with local ip
<Nertil> 192.168.2.111
<Nertil> but it need the external too
<Nertil> so were should i put the external one
<Nertil> in what line
<patdk-lap> it shouldn't need the external one at all
<Nertil> http://pastebin.com/qHJpSWsi
<Nertil> this is how my interfaces for v6 looks
<Nertil> i have dynamic ip so i update it often via script
<Nertil> but everytime the dynamic ip changes
<Nertil> the v6 tunel goes down for a while
<Nertil> something like he get stuck
<patdk-lap> that is cause when your ip changes, HE doesn't know where to send the data
<patdk-lap> it's not like it's tcp
<Nertil> yes but when ip changes my script update it imidiatly the ip
<Nertil> in HE
<Nertil> i dont know why ipv6 stucks somewere
<Nertil> maybe i can get some help from someone that runs HE in ubuntu server
<Nertil> no help?
<noobster> tgif
<noobster> v6?
<Nertil> yes
<noobster> no idea
<noobster> anyone here can help me with lvm? #lvm is asleep & I wish I were :)
<noobster> I have followed a tutorial I found on google about reducing a logic vol, but not my df shows "/dev/mapper/VGHOME1-LVHOME1 Size 168 / Used 160 / Avail 0 / Used 100%  /mnt/lvmhome1. I do need to fix this before doing lvreduce right?
<noobster> used resize2fs on /dev/VGHOME1/LVHOME1 after umount /home & e2fsck on same lvm
<RoyK> noobster: you can't reduce it
<noobster> ?
<RoyK> backup/restore is the only way
<noobster> why
<noobster> what
<noobster> dd the lvm?
<RoyK> erm - sorry - it's possible -  first hit on google http://tldp.org/HOWTO/LVM-HOWTO/reducelv.html
<noobster> i did that
<noobster> but my vol group says 100% full? I can still write to it
<noobster> have not rebooted yet out of fear of data loss
<noobster> /dev/mapper/VGHOME1-LVHOME1 Size 168 / Used 160 / Avail 0 / Used 100%  /mnt/lvmhome1
<RoyK> the volgroup can be full, but if the filesystems on it aren't you ma bea able to shrink it
<RoyK> if the filesystems are full, well, then it's all full
<noobster> ok thanks. what I am trying to do is remove a 2TB drive that I added yesterday. From what I have read, it seems I need to resize2fs down the 250GB /home partition and then shrink the LV to below the 250GB mark. then I can remove the 2TB drive
<noobster> what I want to do is dd the 250 onto the 2TB
 * RoyK uses zfs for big storage, not micky mouse filesystems like ext[234]
<noobster> I know, but i have to get this up, so I can not have a oracle/solaris converses now, we will leave that to after I get this fileserver off failing drives
<noobster> http://www.bryanpopham.com/tutorials/Oracle_Solaris_11_Express_NAS-NTP_Server_&_Quick_Start_Guide.html
<noobster> already started dev on true zfs
<RoyK> noobster: openindiana is open - s11ex is closed
<noobster> btree fs?
<RoyK> btrfs isn't stable by far
<noobster> freenas
<RoyK> freenas iirc uses fbsd and zfss
<noobster> if the would update their zfv and run it in the kern
<RoyK> s/.$//
<RoyK> linux zfs will arrive, but it's not here yet
<noobster> true
<RoyK> lacks a posix layer and tons of testing
<RoyK> openindiana just works
<noobster> really?
<RoyK> I have a couple of 100TB boxes on openindiana
<RoyK> it's stable
<Ender> hello
<noobster> I need this smb serv up by AM, I have 8 hours.
<Ender> i just installed ubuntu server but when i did the install i skipped the internet configuration because i wasn't connected
<Ender> now it doesn't automaically start up the eth0 interface
<Ender> how do i go back through that initial internet configuration?
<noobster> should I lvreduce with errors?
<RoyK> !guide
<ubottu> The Ubuntu server guide may be found at http://help.ubuntu.com/10.04/serverguide/C/
<RoyK> Ender: look in there for /etc/network/interfaces
<RoyK> noobster: get a new drive, make a backup, then try to tix it
<noobster> did rsync -a on 500MB
<Ender> RoyK, i've configured the interfaces file
<RoyK> noobster: trying to reduce a filsystem without a backup is lottery - you might win.....
<Ender> RoyK, i've got it set up on a static ip
<noobster> should i dd
<Ender> RoyK, it just doesn't bring up eth0 on boot
<RoyK> Ender: pastebin the file
<RoyK> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<noobster> update.rc
 * patdk-lap wonders if he changed the nic, and now it's eth1 instead or eth2 :)
<noobster> update.rc /etc/init.d network
<noobster> update.rc default /etc/init.d network
<noobster> update.rc default /etc/init.d/network
<noobster> something like that
<noobster> I had that once, it was hard
<RoyK> edit  the file, don't use silly tools
<ball> Is it difficult to configure layer 2 bridging between WiFi and 100baseTX?
<ball> (in Ubuntu Server on i386) ?
<patdk-lap> it's called bridging
<RoyK> ball: I've never done that, but for linux, it's just two interfaces, regardless of medium
<patdk-lap> do it the same way every wifi router does it :)
<noobster> RoyK, whats the best way to abandon the lvm setup on /hpme and dd if=/dev/sda of=/dev/sdb? That how I usually move data
<patdk-lap> brctl :)
<RoyK> noobster: take a backup, reinstall
<ball> patdk-lap: routers generally perform NAT
<ball> (at least, the consumer ones do)
<patdk-lap> ball heh?
<patdk-lap> firewalls do nat, routers normally don't
<RoyK> noobster: that's the easy way, and possibly the fastest
<patdk-lap> and they normally only nat ipv4 on the INTERNET work, not wifi/lan
 * patdk-lap wonders why noobster is stuck on dd, why not just rsync the data over
<noobster> thats way more involved then you think, I have a samba4 ad ldap bind9 crazy install
<patdk-lap> it will save you from coping empty space
<RoyK> noobster: those are just config files
<RoyK> except perhaps ldap, with its database, but those, too, are only files
<noobster> so reinstall & then rsync over the partitions?
<RoyK> I'd say rsync it all somewhere, reinstall, and copy the needed configs/databases back in after installing the needed software
<RoyK> bind is just plaintext
<RoyK> samba is one file
<RoyK> ldap has a database
<noobster> not in samba4
<noobster> true
<RoyK> samba4 isn't really very well supported :P
<patdk-lap> ldap based on sleepycat? :(
<RoyK> well, that's not ubuntu
<noobster> but if I could just properly remove the 2
<noobster> 2TB, I would format in 2sec
<noobster> :)
<noobster> brb lvreduce
 * RoyK taps his 100TB boxes
<noobster> sigh
<RoyK> :D
<noobster> it puts its feelings in a box
<noobster> and will beg to play another day
<RoyK> we've only lost five drives so far
<noobster> Now must fix srv
 * patdk-lap watchs royk put a big hole in the box
<RoyK> out of 160 that's not that bad
<patdk-lap> what kind of drives?
<RoyK> WD Black
<RoyK> enterprise drives are overprised
<patdk-lap> I haven't had any issue with enterprise wd
<patdk-lap> but the blacks I keep having bad sectors
<patdk-lap> and the drive won't remap them
<patdk-lap> because pretty useless then, have to swap
<RoyK> I've had issues with any kinds of drives
<patdk-lap> only notice it, cause the drive gets slow as hell
<RoyK> and I just read this study where they compared drives and replacement frequency
<patdk-lap> yep
<RoyK> 100k drives over 3 years
<patdk-lap> these sas 3g 10k 300g hp ones been failing 2-3 a week :( out of 80 drives
<RoyK> the so-called 'desktop' drives were just as good as the so-called 'enterprise' drives
<patdk-lap> the performance of the enterprise drives rips apart a desktop drive though
<RoyK> not really
<RoyK> 2TB enterprise drives are still at  7k2
<RoyK> same as desktop drives
<noobster> debends on the filesystem
<patdk-lap> my application runs almost twice as fast on the enterprise over blacks
<patdk-lap> well, these are 1tb 7200rpm
<RoyK> patdk-lap: get real - 7k2 drives are 7k2 drives - wheather they're enterprise or desktop
<patdk-lap> yep
<RoyK> 10k or 15k drives are neat, but they don't come in 2TB
<RoyK> since the drive platters aren't 3,5"
<patdk-lap> must be how it's using it's cache, or ncq
<patdk-lap> heh? they make lots of 10k and 15k 3.5"
<RoyK> no, SATA uses NCQ, SAS uses TCQ, but more or less the same thing
<RoyK> patdk-lap: have you ever opened one of those?
<RoyK> I have
<patdk-lap> we are talking sata
<RoyK> the platter size of the 15k disks is closer to 2,5"
<RoyK> 10k is somewhat 3"
 * RoyK has a 4" stack of disk platters in a drawer :)
<patdk-lap> are you confusing the term enterprise with sas drive?
<RoyK> patdk-lap: no
<RoyK> SAS is an interface
<RoyK> so is SATA
<patdk-lap> I have no idea why you would tell me not ncq but tcq
<patdk-lap> when we are talking 1/2tb 7200rpm sata drives
<RoyK> SAS, by protocol, uses TCQ
<RoyK> SATA and ATAPI uses NCQ
<RoyK> which is a subset of TCQ
<patdk-lap> I still dunno why you told me no
<RoyK> no to what?
<patdk-lap> I dunno, that is what I'm attempting to figure out
<patdk-lap> "<RoyK> no, SATA uses NCQ, SAS uses TCQ, but more or less the same thing"
<patdk-lap> I assume to, "<patdk-lap> must be how it's using it's cache, or ncq"
<patdk-lap> where I was talking about my 1tb enterprise 7200rpm sata drives
<patdk-lap> vs my 1tb black 7200rpm sata
<RoyK> still, the difference between SAS and SATA is highly theoretical for most setups
<RoyK> for large setups, multipath is good for SATA
<RoyK> but then, that goes with controller, not the drive
<RoyK> SATA drives have WWNs just as SAS drives
 * patdk-lap is confused by all this useless info I already know, or why your talking about it
<RoyK> and the interface speed is the same
<patdk-lap> we are talking about sata not sas
<patdk-lap> the interface is completely different speeds
<patdk-lap> sata is uni-directional
<patdk-lap> sas is bi-directional, read and write at same time
<patdk-lap> sas can channel bond it's interfaces
 * RoyK checks
<patdk-lap> if you put a single drive on sas, ya, not a difference
<patdk-lap> but if you do many drives per sas cable, it makes a difference
<Ender> if i wanted to create a network share that several windows computers would be able to access, what's the best way to do that? samba?
<patdk-lap> yep
<noobster> yes
<noobster> smb3
<Ender> is it stable?
<noobster> very
<patdk-lap> nope so, been using it for >10years
<patdk-lap> hope
<noobster> want a working smb3  smb.conf
<Ender> erm, i don't know. i guess so?
<patdk-lap> isn't that relative, noobster?
<Ender> lol "working"
<noobster> ok ok
<noobster> lol
<patdk-lap> I have a *working* config, but doubt anyone else could make much use out of it
<Ender> !samba
<ubottu> Samba is the way to cooperate with Windows environments. Links with more info: https://wiki.ubuntu.com/MountWindowsSharesPermanently and https://help.ubuntu.com/10.04/serverguide/C/windows-networking.html - Samba can be administered via the web with SWAT.
<noobster> still samba3 for nt style fileshare/PDC type work, samba4 for 2008R2 AD type
<Ender> what'd pdc and ad
<RoyK> ;a
<Ender> !pdc
<RoyK> ops
<noobster> domain controles
<RoyK> patdk-lap: what about a truckload of SATA drives on a SAS expander?
<patdk-lap> as long as the sas expander *converts* it to sata, it would be fine
<noobster> smb3 is what yo uwant
<noobster> or just samba
<patdk-lap> or if they use those, interverter things
<Ender> i'm thinking about making a reliable, mappable network share hosted on a linux server for windows xp, vista, and 7 computers to access. would i go for smb3 or smb4
<patdk-lap> interposer boards :)
<noobster> what OS
<patdk-lap> if you just shove a sata drive on sas channel, the sas channel gets downgraded
<noobster> do you want to join a domain, or just make a nas?
<Ender> noobster, on the server or the clients
<Ender> noobster, no domain
<noobster> then smb3
<Ender> !nas
<RoyK> obvioualy, there'll be a bottleneck if you attach more drives than the bandwidth can handle, but with, say, 4 6Gbps links, the chances of the links being a bottleneck will take a few drives, given seek times and latency
<Ender> oic network attached storage
<patdk-lap> royk, ya, and bottlenecks for that all depends on what your doing
<patdk-lap> raw transfer speeds, or iops
 * RoyK just ordered 2,5TB worth of SSDs for ZFS caching :P
<Ender> is there an open-source equivalent/replacement for windows active directory?
<RoyK> Ender: samba4 is the only one I know, except LDAP
<patdk-lap> I have noticed most of the big storage venders overload the bandwidth by a crapload
<RoyK> ldap works well
<patdk-lap> I always thought it odd, till I started to actually do storage for work
<patdk-lap> overloading the bandwidth isn't bad, if you need lots of random iops
<RoyK> Ender: if you're in a windows environment, stick to AD
<Ender> isn't ldap a part of active directory?
<patdk-lap> a small part
<RoyK> Ender: AD has an LDAP interface
<RoyK> but it's not part of it
<Ender> oic
 * patdk-lap just runs windows dc's, and samba fileservers
<noobster> Ender, yes and kerberos
<RoyK> AD is a X.500-based catalog service
<noobster> Ender, if you want s simple OS appliance for all your residential grade storage needs, I recommend FreeNAS
<RoyK> sucks hard if you compare it to what Novell inveted in the late ninetees, but still
<patdk-lap> and openldap moved away from x.500 awhile ago
<noobster> need 1GB or ram and drives
<nandemonai> Ender: http://en.wikipedia.org/wiki/OpenLDAP
<patdk-lap> dunno how compatble it still is, but never cared, I hate x.500
<RoyK> patdk-lap: afaik, ldap is still _based_ on x.500
<patdk-lap> I know :)
<patdk-lap> but they removed most of the x.500 annoyances
<noobster> theres an appliance for that  Irun in vmware
<noobster> zeroshell
<Ender> is FreeNAS different from OpenLDAP
<noobster> yes
<noobster> freenas is freebsd web gui
<RoyK> Ender: hu...
<Ender> well he linked me to openldap after metnioning freenas
<noobster> it has openldap in it
<Ender> i thought they mighta been connected
<RoyK> Ender: freenas is a distro, openldap is a software package
<Ender> oic
<noobster> openbsd
<nandemonai> You asked for open-source version of AD.
<RoyK> freenas probably uses openldap
<nandemonai> You guys are talking about completely different things ;)
<RoyK> noobster: just try openindiana - it works......
<noobster> no nandemonai he asked for a none domain free srorage server
<Ender> well i'm really getting exactly what i want, which is a general discussion and outpouring of information about this kinda stuff
<nandemonai> my bad
<RoyK> something like zfs-fuse with a rocket in its arse
<noobster> I have windows7 machines & have replace my 2008r2 box with a samba4 ad tree
<Ender> 2008r2 is server 08?
<patdk-lap> ah there it is. openldap is a subset of x.500
<patdk-lap> it doesn't fully impletent x.500
<RoyK> noobster: don't do that!
<noobster> lol why
<noobster> it is awesome
<RoyK> noobster: just leave the windows folk to what they like
<RoyK> use windows with windows
<noobster> if I didn't touch lvm I would still be rocken
<Ender> well that' dbe nice if we all had windows server oSes hanging around
<RoyK> don't try to reinvent the wheel
<noobster> f that
<noobster> samba4 is great
<patdk-lap> why replace win2008r2 with samba4?
<RoyK> perhaps putting storage on zfs is nice, but AD is very good
<patdk-lap> but then, my win7 machines are very happy talking to samba3
<Ender> so is samba4 just an upgraded samba3 or is it a whole different enchilada
<Ender> it sounds like samba4 has a lot more functionality...?
<patdk-lap> alittle of both
<patdk-lap> mainly an upgrade
<noobster> if you can bind9.7.2, samba4alpha15, follow a tutorial & install windows remote admin tools.. total replacement
<noobster> whole diff game
<noobster> my global is 7 lines
<RoyK> Ender: just keep it simple
<noobster> 3 line for each share
<noobster> everything is controled with win remote admin tootls
<noobster> ad
<noobster> all gui
<noobster> just like 2008r2
<noobster> groups policy controler
<RoyK> Ender: out of interest, why would    you replace win2k8 with samba?
<noobster> beastly.
<noobster> why not?
<Ender> i haven't a clue. noobster said he did.
<Ender> i don't have a windows server os handy
<noobster> I did
<Ender> i've never used windows server myself
<Ender> but i want to set up a nas at my lab
<noobster> freenas
<noobster> everything you will ever want less AD
<noobster> zfs
<RoyK> no, forget about freenas
<noobster> iscsi
<noobster> nfs
<RoyK> openindiana is good
<noobster> afp
<noobster> torrent server
<noobster> upnp
<noobster> all gui
<RoyK> freenas uses a quite old zfs version
<RoyK>   
<Ender> why not use ubuntu server
<RoyK> heh - if you're a server guy, why would you want a gui?
<Ender> well
<RoyK> Ender: it doesn't have zfs
<noobster> he is no srv guy
<Ender> so?
<Ender> yeah, i'm not
<noobster> he has never touched 2008r2
<Ender> and the researchers are even less
<Ender> once i leave for a termin the peace corps in may they're on their own
<Ender> lol
<noobster> point click add drives zfs very easy
<Ender> i'm comfortable at the command line, i just don't have a great deal of experience with it
<RoyK> Ender: can you please scan through this before you type some more? http://hub.opensolaris.org/bin/download/Community+Group+zfs/docs/zfslast.pdf
<patdk-lap> just to contribute :) openfiler?
<noobster> no
<RoyK> last I checked, openfiler was close to dead
<noobster> openfiler hell no
<patdk-lap> ya, I think it died
<RoyK> and btrfs is crawling to the step it can support mirroring and an fsck program
<noobster> freenas is almost dead, but is good for noobs wanting to play with fileshare up to vmware
 * patdk-lap cant stand centos based things anyways
<noobster> patdk-lap, you have to be open for fedora flavors, they are .deb other half
<patdk-lap> I don't mind rhel
<noobster> rhel least fav, but fedora then centos
<Ender> why hasn't ubuntu adopted zfs
<patdk-lap> cause there isn't any?
<noobster> all *unix systems must run zfs in userland
<RoyK> Ender: incompatible licenses
<noobster> licensing
<noobster> true
<Ender> effin politics? forreal?
<RoyK> Ender: there is zfs-fuse in ubuntu
<vraa__> if you want zfs use freebsd
<vraa__> i am using zfs v28 pools on freebsd 9.0
<patdk-lap> everyone I know using the zfs on linux has had issues
<noobster> well btrfs is now turned to oracle, so they own %100 of awsome storage
<RoyK> vraa__: no way - use openindiana :)
<noobster> do no evil
<Ender> openindiana, huh
<Ender> i hate indiana
<Ender> lol
<vraa__> lol i got tired of openindiana, i ended up using a member on hardforums freebsd scripts -- called zfsguru
<RoyK> vraa__: I have several boxes on that - works like a dream
<noobster> should we call it openJones
<noobster> ?
<RoyK> some 320TB net storage
<noobster> wow
<Ender> openjones would be cooler
<Ender> <nods> wow
<RoyK> well, not my choice
<Ender> so, wait...because of the licensing issues, we'll never see zfs on ubuntu?
<noobster> brb fsck just finished and I have to shit myself while runninf lvreduce
<RoyK> but I propose using openindiana for storage and using ubuntu for most other stuff
<noobster> Ender, u can run it but not @ kern level
<RoyK> Ender: there is a port on the way, but it won't be included in distros
<Ender> is there anything being developed that integrates a lot of/most of zfs functionality that will ?
<noobster> I will install openindiana in a vmware guest next week just because on how confident you are in it
<noobster> real solaris
<noobster> free for edu
<noobster> home
<RoyK> Ender: btrfs is the closeset, but it's far away
<Ender> RoyK, so, like have a nas on an openindiana box but run ubuntu server on a separate box that handles other stuff like web server testing
<Ender> RoyK,  right?
<noobster> esxi box
<noobster> openindian as a nas
<Ender> yeah i read an article recently about how awesome btrfs is going to be
<RoyK> Ender: that's what I do
<Ender> RoyK, oic. and if i wanted to use just one box...?
<Ender> could i do some sort of virual situation
<Ender> virtual*
<noobster> vmware server 2 on ubuntu
<RoyK> Ender: just use virtualbox on top
<Ender> really, and run the openindiana nas on the vm?
<noobster> to test.. yes
<noobster> openfiles
<Ender> and in production, i'd just basically have to bite the bullet and use two servers
<noobster> any os u can name == yes
<RoyK> xvm aka xen doesn't work too well with OI atm
<RoyK> Sun abandonded it
<noobster> 1 nas & 1 virt box == heaven
<RoyK> Oracle took it in again, but after they closed the source
<noobster> esxi is awesome/free
<Ender> what is esxi
<Ender> !esxi
<RoyK> Ender: vmware
<noobster> hypervisor
<Ender> oic. how does it stack up to vbox
<noobster> more used in corp enviroment
<patdk-lap> you mean, how does vbox stack up to esxi
<RoyK> Ender: ueah, but that works well
<Ender> vbox works well but esxi is superior
<Ender> correct?
<RoyK> yes
<noobster> yes
<Ender> is esxi also free
<Ender> as in beer
<RoyK> but esxi won't run on solaris
<noobster> and the 4pay has so much awesome
<noobster> vmotion
<noobster> vmotion storage
<patdk-lap> esxi won't run on anything :)
<Ender> lol
<noobster> what
<patdk-lap> you run stuff on it :)
<RoyK> Ender: If I were you, I'd setup an openindiana box with vbox
<noobster> yes you can get a i& and beast a esxi box
<patdk-lap> esxi takes over the whole computer
<noobster> i7
<patdk-lap> vbox runs on your existing workstation
<noobster> but I run 9 computers and 2 servers in my ESXi box
<RoyK> vmotion is fancy,but it costs a bit
<Ender> i can't afford to buy anything
<noobster> do u have a core2 anything?
<noobster> i3
<noobster> i5
<noobster> i7
 * patdk-lap just got storage vmotion and drs, it's nice
<RoyK> Ender: then just follow my advice :P
<Ender> duo
<Ender> i have a duo on my laptop
<noobster> how much ram?
<noobster> laptop
<noobster> no
<Ender> 3g
<Ender> lol
<Ender> i know, i know
<RoyK> a core2duo with a bunch of RAM and you can easily run 5-10 BMs
<patdk-lap> vmware workstation runs good on my laptop, t8400 with 8gigs ram :)
<Ender> well my server hardware is considerably more arthritic
<noobster> workstation zzZZzzZZ
<Ender> it's a p4 system with 2g of ram
<noobster> nope
<noobster> 64 only
 * RoyK has an i7 and 4GB in his laptop
<Ender> what's 64 only
<noobster> unless you want vmserver2
<Ender> esxi?
<noobster> 4+ yes
<Ender> well w/e i'm familiar with vbox, i think i'll start with that
<noobster> :)
<Ender> it runs on 32
 * RoyK pats his macbook pro
<noobster> lol
<Ender> i don't run 64bit stuff on my duo either because it seems to get way hotter when running 64bit software
<noobster> pats his mac mini
<noobster> hp 1000
<noobster> i7 is sweet 4 esxi
 * patdk-lap pats the pretty dual e5650's with 192gigs ram
<Ender> heh
<noobster> 1
<noobster> !
<patdk-lap> na, 6 of them, blades
<RoyK> 0
<Ender> pats thinkpad 200mhz w/96mb ram
<Ender> suckers
<Ender> has anybody ever used openerp
<Ender> OpenERP
<RoyK> 0xbed
 * patdk-lap wants openEMP :)
<noobster> hey can I lvreduce by drive, like 100%FREE /dev/md7
<patdk-lap> hmm, no
<noobster> still tryoing to take out that 2TB md8
<patdk-lap> lv has nothing to do with that
<patdk-lap> that would be on the vg level
<Ender> *downloads
<Ender> * as
<noobster> have to shrink the lv b4 group though right?
<Ender> how do you do that "Royk does blah blah" thing
<Ender> <slap>
<Ender> \slap
<patdk-lap> noobster, personally I dunno
<patdk-lap> but if it is possible
<noobster>   like /me does something
 * noobster slaps
<patdk-lap> you have to have enough vg free space to remove the pv
 * Ender word
 * Ender downloads oi
 * RoyK slaps Ender 
 * Ender goes to bed
 * RoyK slaps Ender 
<RoyK>  /me slaps Ender
 * patdk-lap has been in bed for hours now
 * Ender SLAPS ROY BACK
 * noobster add a bitch slap
<Ender> lol
<RoyK> nite, guys
<Ender> goodnight
<Ender> hey it
<Ender> 's been fun
<Ender> i love this channel
<noobster> nite
<Ender> here's a quick question
<Ender> how the eff did you guys amass your knowledge
<patdk-lap> reading rfc's :)
<noobster> play
<noobster> get a nas, then look a virtualization
<Ender> rfc's
<patdk-lap> it helps I started 25 years ago
<Ender> i see.
<noobster> freenas
<Ender> nas nas nasnas anasasnasssss
<noobster> on an old box
<Ender> ok
<patdk-lap> I always take it as
<Ender> wel....i have a p3, is that too old?
<patdk-lap> if you know how everything under it works, you will understand it much better
<noobster> mucho storage
<noobster> in your closet
<noobster> with only a network cable
<patdk-lap> nooster, heh, connect your nas using wifi
<noobster> not!
<Ender> ohh yeahhh
<noobster> iscsi wifi
<noobster> wooooow
<patdk-lap> and closets get way too hot
<noobster> lmao
<Ender> and radio-electric energy transfers
<Ender> full wireless
<Ender> muahaha
<noobster> crazy
<noobster> i like it
<noobster> your data doesn't
<patdk-lap> oh screw radio electric
<Ender> yeah just microwave-beam it in there
<Ender> screw wifi
<noobster> i think 3g
<noobster> a 3g nas
<noobster> nice
<Ender> 4g.
<noobster> nope to fast
<Ender> definitely 4g, c'mon man
<noobster> thibk slowski's here
<Ender> i'm going to use infared for my wireless connectivity
<noobster> andevry other packet must be lost
<Ender> well the server closet is in the other room so i'll have to set up some mirrors in the hall....
<Ender> will that work OK?
<Ender> sure it will
<noobster> setup a router to turn off and on every 5 sec just to scramble my word document saves too
<noobster> on the same channel
<Ender> the only way to make a router turn off and on every 5 seconds is to use an apple basestation
<Ender> that's their default functionality
<noobster> lmfao
<noobster> no i cant have undependable document scramblers here!
<Ender> yeah, you're right
<noobster> must be a base station an a timer
<Ender> probably couldn't even rely on it to consistently malfunction like it was designed to
<Ender> oh! i have a box of light timers
<noobster> how else sell a wireless repeater for 120$
<Ender> we could plug them all into one another, and THEN plug the BaseStation EXTREME 14 into that
<noobster> we have to make them redundant
<noobster> nice
<noobster> omg i have to install the server in 6 hours
<Ender> omg
<noobster> fuck lvm
<Ender> ok
<Ender> well i need to get up in 4ish hours
<Ender> so i'mma crash
<noobster> why did I click that box??
<noobster> cool
<noobster> nite
<noobster> check out freenas
<Ender> i'mma crash like XP SP1
<noobster> it has everything
<noobster> with fake antivirus 2008?
<Ender> ok i'll d/l that too
<noobster> wow
<Ender> i'mma crash like zfs-fuse
<Ender> i'mma crash like it's 12/31/1999
<Ender> ok bye
 * Ender crashes
<incorrect> is there a janitor script to clean up all the old kernels that aren't needed?
<oCean> It seems that I fail to connect to a (courier) mailserver running imapd-ssl (http://paste.ubuntu.com/563042/) while trying to sync several mailboxes using imapsync. Any suggestions?
<__Pepr> I would like to have a single apache 2.2 web server be able to serve up cold-fusion files, php  and Ruby on Rails. How easy is this done. I have seen alot of tutorials, and help guides but most of the are "all or nothing"... Help please
<awb> hello
<nimrod10> __Pepr, check help.ubuntu.com and make a search there
<awb> I am installing a mail server on Ubuntu 10.10 and have followed the Ubuntu server guide. When I get to the testing it says I should have the following lines: 250-STARTTLS 250-AUTH LOGIN PLAIN 250-AUTH=LOGIN PLAIN 250 8BITMIME, but I do not get 250-AUTH LOGIN PLAIN 250-AUTH=LOGIN when I used telnet
<uvirtbot> New bug: #713646 in munin "IPv6 functionality in ip_ plugin assumse #!/bin/sh being bash" [Low,Triaged] https://launchpad.net/bugs/713646
<ZacLnxNewb> hi
<ZacLnxNewb> I'm having trouble setting up mysql on my server
<ZacLnxNewb> guiless ubuntu the newest version
<ZacLnxNewb> hello, I have questions.
<remix_tj> ZacLnxNewb: explain your troubles
<ZacLnxNewb> remix_tj:  I'm trying to get mysql running
<ZacLnxNewb> remix_tj:  and I can install it, and set a password, but I'm unable to connect to it with workbench remotely
<remix_tj> ZacLnxNewb: very easy
<ZacLnxNewb> remix_tj:   I set the config file to use the bind address "0.0.0.0" as to bind to the ports on multiple interfaces.
<remix_tj> edit /etc/mysql/my.cnf
<ZacLnxNewb> already did.
<remix_tj> but not 0.0.0.0
<remix_tj> i set *
<remix_tj> and got working
<ZacLnxNewb> ah.
<ZacLnxNewb> also
<ZacLnxNewb> whenever I try "mysql restart"
<ZacLnxNewb> I'm told I don't have privleges
<ZacLnxNewb> sudo mysql restart
<ZacLnxNewb> doesn't either
<ZacLnxNewb> I've been having to restart the entire computer in order to restart mysql
<ZacLnxNewb> remix_tj:  sorry read >.>
<remix_tj> ZacLnxNewb: sudo service mysql restart
<ZacLnxNewb> remix_tj: Aw, seems to be working
<ZacLnxNewb> remix_tj: waiting a minute or two to see
<remix_tj> ZacLnxNewb: check with sudo netstat -alptn | grep mysqld
<ZacLnxNewb> it's still waiting
<ZacLnxNewb> mid command
<ZacLnxNewb> in black space to get to the commadn
<remix_tj> ?
<ZacLnxNewb> it's... processing?
<ZacLnxNewb> remix_tj:  I'm going to try completely reinstalling.
<remix_tj> ZacLnxNewb: why?
<ZacLnxNewb> remix_tj: I'm not sure of all the settings I've altered.
<remix_tj> ZacLnxNewb: try this
<remix_tj> ps aux | grep mysqld
<remix_tj> to check if mysql is running
<ZacLnxNewb> an entry shows
<ZacLnxNewb> I'm not sure what info to describe to tell you
<ZacLnxNewb> remix_tj:  an entry shows
<remix_tj> paste the output to paste.ubuntu.com
<ZacLnxNewb> remix_tj:  I apologize for the long wait
<ZacLnxNewb> remix_tj:  http://paste.ubuntu.com/563104/
<remix_tj> ZacLnxNewb: so mysqld is not running
<remix_tj> try with
<remix_tj> sudo service mysql start
<ZacLnxNewb> remix_tj:  I entered the command
<ZacLnxNewb> remix_tj:  I'm now waiting for the cursor to return to waiting position
<ZacLnxNewb> remix_tj:  "start/running" I think it worked
<remix_tj> ok
<remix_tj> now try with
<remix_tj> netstat -alptn | grep mysqld
<ZacLnxNewb> zachary@ZACSERVER:~$ netstat -alptn | grep mysqld (No info could be read for "-p": geteuid()=1000 but you should be root.)
<remix_tj> ZacLnxNewb: sorry
<remix_tj> sudo netstat -alptn | grep mysqld
<ZacLnxNewb> just tried it
<ZacLnxNewb> didn't show any info
<remix_tj> uhm
<ZacLnxNewb> zachary@ZACSERVER:~$ sudo netstat -alptn | grep mysqld zachary@ZACSERVER:~$
<remix_tj> wayt
<ZacLnxNewb> zachary@ZACSERVER:~$ sudo netstat -alptn | grep mysqld
<ZacLnxNewb> zachary@ZACSERVER:~$
<remix_tj> sudo netstat -alptn | grep 3306
<ZacLnxNewb> zachary@ZACSERVER:~$ sudo netstat -alptn | grep 3306 zachary@ZACSERVER:~$
<remix_tj> uhm
<remix_tj> ps aux | grep mysqld
<remix_tj> ?
<ZacLnxNewb> zachary   7005  0.0  0.0   4008   752 pts/0    S+   10:23   0:00 grep --color=auto mysqld
<remix_tj> ZacLnxNewb: only?
<ZacLnxNewb> remix_tj: Only
<remix_tj> so try this command
<remix_tj> sudo mysqld --verbose
<ZacLnxNewb> 110205 10:25:44 [ERROR] Can't start server: cannot resolve hostname!: Success 110205 10:25:44 [ERROR] Aborting
<ZacLnxNewb> host name would be
<ZacLnxNewb> beyond-sight.com
<ZacLnxNewb> for the internet
<ZacLnxNewb> and of course 192.168.1.1 for the local network
<ZacLnxNewb> or 192.168.1.250
<remix_tj> wait a bit
<uvirtbot> New bug: #713704 in etckeeper (main) "etckeeper is not run on apt-get remove or apt-get purge" [Undecided,New] https://launchpad.net/bugs/713704
<remix_tj> ZacLnxNewb: can you paste you my.cnf on http://paste.ubuntu.com =
<remix_tj> ?
<ZacLnxNewb> sure thing
<ZacLnxNewb> remix_tj:  http://paste.ubuntu.com/563116/
<remix_tj> ehm... ZacLnxNewb
<remix_tj> cat /etc/mysql/my.cnf
<remix_tj> then paste
<remix_tj> :-)
<ZacLnxNewb> remix_tj: It's at the bottom of that >.> but sure
<ZacLnxNewb> remix_tj:  http://paste.ubuntu.com/563120/
<remix_tj> ZacLnxNewb: cat /etc/hosts
<ZacLnxNewb> remix_tj:  http://paste.ubuntu.com/563121/
<remix_tj> uhm...
<remix_tj> you may try with bind-address = 0.0.0.0
<remix_tj> on my.cnf
<remix_tj> then
<remix_tj> service mysql restart
<remix_tj> better
<remix_tj> service mysql start
<ZacLnxNewb> remix_tj: ?
<ZacLnxNewb> remix_tj: oh, sorry
<ZacLnxNewb> remix_tj:  mysql running process 7466
<remix_tj> ok
<remix_tj> now try
<remix_tj> sudo netstat -altn | grep 3306
<ZacLnxNewb>  tcp        0      0 0.0.0.0:3306            0.0.0.0:*               LISTEN
<ZacLnxNewb> mwaha
<ZacLnxNewb> remix_tj:  listening on the correct port. :p
<remix_tj> k now working :-)
<ZacLnxNewb> remix_tj:  awesome sauce
<ZacLnxNewb> remix_tj:  Now I should be able to connect with MySQL work bench?
<ZacLnxNewb> firewall is currently down
<ZacLnxNewb> working inside the network, so port forwarding for the router is not yet needed
<ZacLnxNewb> logging in with user root
<ZacLnxNewb> with mysql's password
<ZacLnxNewb> on port 3306
<ZacLnxNewb> trying
<ZacLnxNewb> remix_tj:  "open database connection " failed
<ZacLnxNewb> remix_tj:  Connecting to MySQL server 192.168.1.250...  Host 'ZACNETBOOK.home' is not allowed to connect to this MySQL server
<ZacLnxNewb> remix_tj: so yeah, not seeming to be working. >.>
<ZacLnxNewb> remix_tj: I do appreciate the help so far
<ZacLnxNewb> but are you still there?
<nimrod10> ZacLnxNewb, is the user from ZACNETBOOK.home allowed to connect to the mysql server ?
<ZacLnxNewb> nimrod10: I don't know how to tell
<ZacLnxNewb> nimrod10:  also, I specified user and password
<ZacLnxNewb> it should've worked
<nimrod10> I presume you have access to the mysql server , right ?
<ZacLnxNewb> nimrod10:  I just installed it
<ZacLnxNewb> nimrod10: I installed it, configured it, it's running as a daemon
<ZacLnxNewb> but I can't connect remotely
<nimrod10> select * from mysql.user ; and see if a user has access from ZACNETBOOK.home
<ZacLnxNewb> with workbench
<nimrod10> that select you'll have to do it incommand line on the mysql server
<ZacLnxNewb> where's that located?
<nimrod10> :) where did you install mysql ?
<ZacLnxNewb> default directory
<nimrod10> on your laptop / desktop or on another computer ?
<ZacLnxNewb> server
<nimrod10> do you have access to the server ?
<ZacLnxNewb> I'm using putty with my netbook to admin it remotely
<ZacLnxNewb> yes
<nimrod10> cool
<ZacLnxNewb> I have physical access and I use putty
<nimrod10> first of all let's make sure mysql is running  :    ps auxw | grep mysql     and paste the result
<ZacLnxNewb> root      7466  0.0  2.3 155608 17864 ?        Ssl  11:09   0:01 /usr/sbin/mysq d zachary   7817  0.0  0.0   4008   752 pts/0    S+   11:40   0:00 grep --color=auto mysql
<ZacLnxNewb> two lines there
<ZacLnxNewb> root      7466  0.0  2.3 155608 17864 ?        Ssl  11:09   0:01 /usr/sbin/mysq d
<ZacLnxNewb> zachary   7817  0.0  0.0   4008   752 pts/0    S+   11:40   0:00 grep --color=auto mysql
<nimrod10> ok looks ok
<nimrod10> lets make sure it is listening on the port
<nimrod10> do this as root  on the server :    netstat -nlp --inet --inet6 | grep mysql
<nimrod10> paste the output
<ZacLnxNewb> tcp        0      0 0.0.0.0:3306            0.0.0.0:*               LISTEN      7466/mysqld
<nimrod10> good
<ZacLnxNewb> listening on port 3306
<nimrod10> so mysql is up and it is listening on port 3306
<nimrod10> on your desktop open a terminal
<nimrod10> or command prompt
<ZacLnxNewb> I'm running windows 7 on my netbook
<ZacLnxNewb> running cmd
<nimrod10> good
<nimrod10> do this in  cmd  :    telnet    ip_of_server  3306             paste the output
<ZacLnxNewb> and? ah
<ZacLnxNewb> tcp        0      0 0.0.0.0:3306            0.0.0.0:*               LISTEN      7466/mysqld
<ZacLnxNewb> wait..
<ZacLnxNewb> Hâ¦Host 'ZACNETBOOK.home' is not allowed to connect to this MySQL server  Connection to host lost.
<ZacLnxNewb> I used
<ZacLnxNewb> "telnet 192.168.1.250 3306"
<nimrod10> oik
<nimrod10> do you know the mysql root password ?
<ZacLnxNewb> yes, I set it
<nimrod10> good
<nimrod10> on the server :    mysql -uroot -p      put in your password and press Enter
<ZacLnxNewb> I get
<ZacLnxNewb> "mysql> "
<ZacLnxNewb> waiting for further input
<nimrod10> good you've logged in the mysql command line
<nimrod10> have you created any db ?
<ZacLnxNewb> no
<ZacLnxNewb> I thought I could do that with MySQL workbench
<ZacLnxNewb> there's an option for "server administration"
<nimrod10> ok for that you need to setup a user in mysql server to be able to connect from  your laptop
<ZacLnxNewb> "configure your database server, setup user accounts, browse status variables, and server logs"
<ZacLnxNewb> I don't know how to do that
<nimrod10> in the previous select where can the user root connect from ?
<ZacLnxNewb> select?
<ZacLnxNewb> I can connect as zachary through putty
<ZacLnxNewb> and use sudo to do something as root
<nimrod10> yes in the select it must of shown a user root
<ZacLnxNewb> where do I see that?
<nimrod10> I mean the root user for the mysql database , not the root user for linux
<nimrod10> ok
<nimrod10> I see
<nimrod10> in putty   : select * from mysql.user;
<nimrod10> look out for user root
<ZacLnxNewb> no command select?
<nimrod10> are you still in the   mysql>  prompt  in putty ?
<ZacLnxNewb> oh lol
<ZacLnxNewb> yes. >.>
<nimrod10> that is a SQL select statement that only mysql understands
<ZacLnxNewb> mysql> select     ->     -> lol     ->     ->
<ZacLnxNewb> select
<ZacLnxNewb> ->
<ZacLnxNewb> ->
<ZacLnxNewb> ->
<ZacLnxNewb> ->
<nimrod10> what is that ?
<ZacLnxNewb> I wrote select by itself in the mysql field. >.>
<ZacLnxNewb> how do I exit that?
<nimrod10> \c
<nimrod10> Enter
<ZacLnxNewb> back to "mysql> "
<nimrod10> cool    do the select for users
<ZacLnxNewb> in mysql?
<nimrod10> yes the select I previously pasted to you
<ZacLnxNewb> mysql> select * from mysql.user     ->
<ZacLnxNewb> I just got an arrow by itself?
<RoyK> ;
<nimrod10> any SQL command in the mysql cli must end with  ;
<ZacLnxNewb> oh
<nimrod10> then press Enter
<RoyK> ZacLnxNewb: SQL isn't terminated before the ;
<RoyK> you can write several lines and then ;
<RoyK> <enter>
<ZacLnxNewb> localhost
<ZacLnxNewb> ZACSERVER
<ZacLnxNewb> 127.0.0.1
<RoyK> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<ZacLnxNewb> localhost
<ZacLnxNewb> All showing "root"
<nimrod10> that means that you need to define another user that will connect to the server from Zackhome
<ZacLnxNewb> next to them
<ZacLnxNewb> except for the last one
<ZacLnxNewb> which is
<ZacLnxNewb> ah, I don't know how
<RoyK> ZacLnxNewb: grant all on somedatabase.* to someuser@somehost identified by 'somepassword';
<ZacLnxNewb> RoyK:  is that exact syntax?
<RoyK> yes
<ZacLnxNewb> RoyK: I have not yet created a database?
<RoyK> just replace the some's with real data
<RoyK> ZacLnxNewb: create database somedatabase;
<ZacLnxNewb> "mysql> create database drawing"
<ZacLnxNewb> ;
<ZacLnxNewb> "Query OK, 1 row affected (0.00sec)
<ZacLnxNewb>  
<ZacLnxNewb> mysql>
<ZacLnxNewb> that's the result
<RoyK> again
<RoyK> !pastebin
<ZacLnxNewb> ah, sorry
<RoyK> but that only shows you have created the database
<nimrod10> ZacLnxNewb,  now do the grant command
<RoyK> use the IP, not the hostname after the @
<ZacLnxNewb> beyond-sight.com for the internet?
<ZacLnxNewb> and 192.168.1.250 for the local network?
<RoyK> you don't want to allow access to mysql from the net
<RoyK> just local
<ZacLnxNewb> for user@somehost
<ZacLnxNewb> somehost would be my netbook's ip?
<ZacLnxNewb> or host name?
<ZacLnxNewb> RoyK:
<ZacLnxNewb> nimrod10:
<nimrod10> yes
<RoyK> ZacLnxNewb: do you need to connect directly to mysql from your netbook?
<ZacLnxNewb> RoyK: preferably
<RoyK> what are you going to use the database for?
<RoyK> php?
<ZacLnxNewb> python, php, and flash intergration
<RoyK> I'd recommend just allowing access from localhost, then
<ZacLnxNewb> RoyK: specifically for some python server code to use a database, of possibly over 4000 users. >.>
<RoyK> since I guess that's where the scripts will be running
<ZacLnxNewb> the scripts will be running on the server, course
<RoyK> then you won't need to allow access from anywhere else
<ZacLnxNewb> but I was hoping I could administer the database and server settings through MySQL workbench on my netbook
<RoyK> ah
<RoyK> ic
<RoyK> then something like
<ZacLnxNewb> I'm usually traveling
<ZacLnxNewb> and I'm not sure what host name/ip to put for my netbook, it changes often
<RoyK> then you'll need a VPN connection
<ZacLnxNewb> VPN?
<RoyK> allowing access into mysql from the internet is _not_ safe
<RoyK> !vpn
<ubottu> For more information on vpn please refer to https://wiki.ubuntu.com/VPN
<ZacLnxNewb> I can figure that out later
<ZacLnxNewb> for now, what should I put as the host to allow for my netbook on the local network?
<ZacLnxNewb> user@netbookname?
<RoyK> GRANT ALL ON *.* TO user@ip WITH GRANT OPTION;
<RoyK> that'll give you admin access from that user/ip
<RoyK> erm
<RoyK> GRANT ALL ON *.* TO user@ip IDENTIFIED BY 'password' WITH GRANT OPTION;
<ZacLnxNewb> GRANT ALL ON *.* to zachary@ZACNETBOOK IDENTIFIED BY 'password' WITH GRANT OPTION;
<ZacLnxNewb> ?
<nimrod10> ZacLnxNewb,  yuo might want to use ZACNETBOOK.home
<nimrod10> or put the ip address  of the netbook
<ZacLnxNewb> nimrod10: oh yes, thanks
<ZacLnxNewb> nimrod10: ip address changes regularly
<ZacLnxNewb> okay
<ZacLnxNewb> I haven't done any grants yet
<ZacLnxNewb> which one do I need to do?
<nimrod10> you have done grant all  :)
<ZacLnxNewb> I haven't entered it at all
<nimrod10> grant all means all grants
<ZacLnxNewb> I haven't entered the command, nimrod10
<ZacLnxNewb> grant all on somedatabase.* to someuser@somehost identified by 'somepassword';
<ZacLnxNewb> GRANT ALL ON *.* TO user@ip IDENTIFIED BY 'password' WITH GRANT OPTION;
<nimrod10> second one
<ZacLnxNewb> nimrod10:  RoyK  http://paste.ubuntu.com/563143/
<RoyK> identified by, not just by
<nimrod10> where did this come from ? BY <mysqlpassword>
<RoyK> mianosm1: he's just missing the word 'indentified'
<RoyK> :P
<ZacLnxNewb> lol >.>
<RoyK> or 'identified'
<RoyK> even
<ZacLnxNewb> GRANT ALL ON *.* TO zachary@ZACNETBOOK.home IDENTIFIED BY, mysqlpassword WITH GRANT OPTION;
<ZacLnxNewb> not working. >.>
<ZacLnxNewb> RoyK: nimrod10  Same error as the pastebin I gave you
<jmarsden> ZacLnxNewb: The comma after BY seems incorrect in your GRANT ALL ON statement, was that a typo ?
<RoyK> ZacLnxNewb: GRANT ALL ON *.* TO zachary@192.168.1.250 IDENTIFIED BY 'jalla' WITH GRANT OPTION;
<RoyK> remember quotes around the password
<ZacLnxNewb> ah
<RoyK> and no comma after BY
<ZacLnxNewb> "Query OK, 0 rows affected (0.00 sec)
<ZacLnxNewb> "
<RoyK> ZacLnxNewb: bingo
<ZacLnxNewb> RoyK:  nimrod10  I appreciate the help guys. >.<  I've been trying to do all this to no avail for 3 days
<RoyK> never mind the 0 rows affected
<ZacLnxNewb> what else?
<RoyK> well, try to connect from your laptop
<ZacLnxNewb> RoyK:  nimrod10 :  Connecting to MySQL server 192.168.1.250...  Host 'ZACNETBOOK.home' is not allowed to connect to this MySQL server
<nimrod10> ZacLnxNewb,  one more command in the mysql prompt        flush privileges;
<nimrod10> after that it should work
<ZacLnxNewb> MWAHAHAHAHAHAHAHAHAHAHAHAHA
<ZacLnxNewb> CHECK MARKS INSTEAD OF Xes BITCHES
<ZacLnxNewb> nimrod10: RoyK   Success guys. :D
<nimrod10> keep smoking that weed ZacLnxNewb  it is good for you !
<ZacLnxNewb> nimrod10: I get a natural high from staying up days at a time. >.>  I don't need no weed.
<RoyK> nimrod10: :)
 * RoyK hands nimrod10 a beer
<nimrod10> \me cheers
 * ZacLnxNewb gives both RoyK  and nimrod10  each their own cookies of their favorite types, and milk
<ZacLnxNewb> mwah
<ZacLnxNewb> nimrod10:  fails the / me. :D
<nimrod10> good , cookies , beer , and milk     watchout  toilet here I come !
<nimrod10> ZacLnxNewb, sometimes the hands don't want to do what I tell them to type
<ZacLnxNewb> nimrod10:  I'm a piano player as well.  I know what you mean. ;)
<ZacLnxNewb> nimrod10: RoyK  So I'm  experimenting what I can do with this database. >.>
 * RoyK would prefer a lassi bhang
<RoyK> ZacLnxNewb: btw, where're you from?
<ZacLnxNewb> RoyK:  I'm from Fort Worth, Texas
<ZacLnxNewb> RoyK:  yourself?
<ZacLnxNewb> RoyK:  You've helped me before.
<RoyK> oslo, norway
<ZacLnxNewb> RoyK:  I appreciate your support.  You helped me get started with linux in the first place. :D
<RoyK> the land of the freezing your balls off
<ZacLnxNewb> RoyK:  lol, Right now it's fucking 25 degrees outside
<ZacLnxNewb> itwas 18 last night
<RoyK> it's not bad now - just -5 or so, celcius
<ZacLnxNewb> RoyK: pussy. ;)
<ZacLnxNewb> RoyK: I wish it got that cold here in texas
<ZacLnxNewb> RoyK:  Currently, 49 of our 50 states have snow.
<ZacLnxNewb> the only exception is florida
<RoyK> lol
<RoyK> pretty strong La NiÃ±a this year
<RoyK> strongest in 100 years, they say
<RoyK> that tends to affect the temperatures a little
<ZacLnxNewb> What check_admin_commands  Operation failed: /etc/init.d/mysqld start is invalid  What check_admin_commands  Operation failed: /etc/init.d/mysqld start is invalid
<ZacLnxNewb> in workbench.
<RoyK> no idea - google for it
<RoyK> this is cool http://pastebin.com/4Z4Ktu6Z
<RoyK> check the total compared to the backup file size :)
<RoyK> http://pastebin.com/a4HYcy10
<ZacLnxNewb> RoyK: it's working
<ZacLnxNewb> RoyK:  I love you, my linux friend. :D <3
<ZacLnxNewb> RoyK:  I also recently discovered Google Chrome
<airtonix> what is this new server thing you speak of
<RoyK> new server thing?
 * RoyK is lost
<ZacLnxNewb> airtonix: it's this magical box
<ZacLnxNewb> airtonix:  it serves
<ZacLnxNewb> airtonix:  like a butler in the virtual world that we call the "internet"
<airtonix> and google chrome is important to this
<airtonix> T_T
<ZacLnxNewb> also known as the interwebs, the virtual tubes, the virtual spahgetti
<airtonix> ok
<ZacLnxNewb> airtonix:  What about google chrome?
<airtonix> 05:22 <ZacLnxNewb> RoyK:  I also recently discovered Google Chrome
<RoyK> ZacLnxNewb: haha
 * RoyK listens to Rage Against The Machine, LOUD
<ZacLnxNewb> RoyK:  "I'M DEEPLY DISTURBED, I'M DEEPLY, UNHAPPY.  DEEPLY DISTURBED, and I'M DEEPLY UNHAPPY"
 * ZacLnxNewb loves infected mushroom
<ZacLnxNewb> and DAFT PUNK!
<airtonix> ...
<RoyK> ZacLnxNewb: http://www.youtube.com/watch?v=OlVbEclPj4c :)
<ZacLnxNewb> airtonix:  You have a problem with daft punk or infected mushroom?
<airtonix> is it todo with ubuntu-server ?
<airtonix> !topic
<ubottu> Please read the channel topic whenever you enter, as it contains important information. To view it at any time after joining, simply type /topic
<ZacLnxNewb> RoyK: http://www.youtube.com/watch?v=EQy62TyvcuI
<Pici> !ot
<ubottu> #ubuntu is the Ubuntu support channel, for all Ubuntu-related support questions. Please use #ubuntu-offtopic for other topics (though our !guidelines apply there too). Thanks!
<RoyK> :)
<ZacLnxNewb> RoyK:  my video is so much cooler. >..
<RoyK> not really :)
<RoyK> Pici: there must be some room to be a little OT on a saturday :)
<airtonix> no
<Pici> A little
<Pici> But theres an -offtopic channel so that you can 'channel' all that randomness somewhere.
<RoyK> hey, calm down, it was just a few lines
<ZacLnxNewb> RoyK: I shall lead our Revolt! >.>
<EvilPhoenix> uh...
<RoyK> lol
<EvilPhoenix> yeah... i think you guys would prefer #ubuntu-offtopic more :P
<RoyK> Pici: I've helped quite a lot of people in here over the years. Off-topicing a little doesn't harm
<ZacLnxNewb> I will personally vouch for RoyK  's long record of helping people.
<ZacLnxNewb> He helped me get into linux in the first place, set up SSH, remote printing, mysql, and more
<ZacLnxNewb> so he's paid his dues. ;) at the very least.
<Pici> RoyK: Theres no denying that you're an appreciated helper here.
<ZacLnxNewb> RoyK:  I'm sorry. ;_; I'm getting you in trouble
<RoyK> no, you're not
<ZacLnxNewb> Pici:  are you a mod?
<Pici> I just ask that you try to keep some of the offtopicness in our offtopic channel.
<Pici> ZacLnxNewb: one of them, yes.
<RoyK> it'd be nice if we could have native zfs on ubuntu one day....
<ZacLnxNewb> Pici: Provided we are going a bit off topic, that's more in celebration of the awesome help we're achieving.  I don't feel we're interfering with anyone else, and if someone else were to enter the room asking for help, I'm sure he'd stop being off topic and immediately help them as he has repeatedly helped me...
<ZacLnxNewb> so I don't really see the problem.
<ZacLnxNewb> RoyK:  zfs ?
<air^> RoyK: I'd love that too. fuck the license issues. :/
<ZacLnxNewb> something similar to DRM?
<gpc> folks please keep the language clean
<gpc> it hurts my eyes
<gpc> all the red all over my window
<RoyK> !zfs
<ubottu> For information concerning ZFS and Ubuntu, see: https://wiki.ubuntu.com/ZFS
<lenios> ZacLnxNewb, some people idle and read back, they better have nothing than a lot of offtopic
<RoyK> ZacLnxNewb: http://hub.opensolaris.org/bin/download/Community+Group+zfs/docs/zfslast.pdf <-- read that
<RoyK> air^: there's a port in the works. When it's stable, it should be installable without issues. The only thing is that you have to install it yourself - it can't be distributed because of CDDL/GPL issues
<Koheleth> hi is there a problem with the postgresql fix, my sites have gone down???
<ZacLnxNewb> RoyK:  I hate it just looking at it.
<RoyK> ZacLnxNewb: heh - I have about 300TB on ZFS now - it's the best thing I've seen yet
<ZacLnxNewb> RoyK:  >.> What does ZFS do in summary?
<air^> RoyK: yeah. it's still sad. I wonder if betterfs will ever make it.
<air^> sorry, btrfs
<RoyK> ZacLnxNewb: just read that presentation - it says the most
<air^> afk, gonna go put the kid to sleep. bbl.
<lenios> btr stands for b-tree
<Koheleth>  [USN-1058-1] PostgreSQL vulnerability (Steve Beattie)
<air^> lenios: "Btrfs (B-tree file system, variously pronounced "Butter F S", "Better F S",[1] or "B-tree F S"[2])"
<ZacLnxNewb> RoyK:  I lightly skimmed over it :p  I gathered that it maintains parallel memory as to fight data degradation ?
<RoyK> air^: btrfs will probably make it soon, in a year or two, but yet they haven't a way to attach a mirror to an existing drive, they can't do RAID[56] stuff, no compression, no dedup, etc etc
<Koheleth> Steve on here
<RoyK> ZacLnxNewb: read it again
<RoyK> ZacLnxNewb: it only takes 10-15 minutes
<Koheleth> Steve Beaty on here?
<Koheleth> Beattie sry
<jmarsden> Koheleth: yes, he is logged into this channel as sbeattie but probably not active right now.
<Koheleth> jmarsden: ty
<Koheleth> my szites gone down, crap
<jmarsden> Koheleth: You're welcome.  Steve is in Australia... figure out the time zone and you will understand why he is inactive :)
<Koheleth> jmarsden: he sleeps too much :)
<jmarsden> Koheleth: :)  if you need specific help with something on your server, tell the channel what error msg is in your logs, etc etc and hopefully someone here will know how to help you with it.
<Koheleth> jmarsden:  kk, not admin fluent here tho
<Koheleth> hope they fix it soon, seems a database thing but I dont use postgresql?
<Koheleth> should I purge the darn thing?
<jmarsden> Koheleth: Be as clear and specific as you can, and hope someone kind helps you out.  How do you know that pg vulnerability is what has taken your site down?
<jmarsden> if you don't use it, it shou;dn't be the cause of a problem with your site, by definition.
<jmarsden> WHat is the actual issue you are seeing?
<Koheleth> jmarsden:  my server wants to upgrade it but does not complete, hangs a bit, it might not be it but all my sites that use databases are down?
<jmarsden> Koheleth: Ah, so you tried to upgrade PG and the upgrade failed, yes, that would explain why your sites are unhappy.
<Koheleth> jmarsden: what should I do
<jmarsden> Pastebin the output from the upgrade attempt so we can read that.
<ZacLnxNewb> hello
<Koheleth> jmarsden: kk
<ZacLnxNewb> RoyK: so what about adminning over the database across the internet? >.>
<jmarsden> ZacLnxNewb: That is what ssh is for :)  Worst case, tunnel your database server port over ssh and run a GUI db admin tool locally pointing to it.
<Koheleth> jmarsden: http://pastebin.com/zZiAwKfB
<Koheleth> perfect timing, just put a social network project on line, bloody marvolous
<jmarsden> Koheleth: OK, so I was right, the updated package did not install itself/configure itself happily.
<jmarsden> Koheleth: Do you have recent database backups, just in case?
<Koheleth> jmarsden: yep
<Koheleth> jmarsden: yeah safe but only ssh access
<Koheleth> jmarsden:  no access to my Plesk gui
<jmarsden> Good.  OK.  I'd (a) read the logs, as the message suggests (line 8 of your pastebin) and then (b) look at reconfiguring postgresql-8.3
<jmarsden> Real server admins don't need a GUI to manage their servers :)
<Koheleth> jmarsden:  not a real admin yet, new to this marlarky :)
<ZacLnxNewb> Koheleth:   GUI less is awsome. :D
<Koheleth> I like alcohol in my beer :)
<jmarsden> OK. well, time to learn fast, since you have a real database issue to solve.  Read the logs and pastebin anything relevant, as a next step.
<Koheleth> what log in partic?
<jmarsden> Look under /var/log/postgresql :)
<jmarsden> I'm running postgresql 8.4, but I expect the 8.3 logs are in the same place.
<Koheleth> jmarsden: http://pastebin.com/iwQfz4hq seems a partition is full?  Impossible.
<Koheleth> used 20g max of 140gb
<jmarsden> Koheleth: if df says it is full, then it is full.
<jmarsden> What does du -smxc /var    output?
<Koheleth> not me bro
<Koheleth> hang on
<Koheleth> error
<Koheleth> no such?
<Koheleth> geez running a server is fun eh :)
<guntbert> Koheleth: take it easy on <enter> please
<Koheleth> sry
<jmarsden> Koheleth: What did you type in as a command, exactly, and what exact message (error or otherwise) did you get back.  Be clear and specific.
<Koheleth> panicing here as I have people signing up to new project
<Koheleth> going to try apt-get clean see if it clears up anything
<jmarsden> Panic won't get your database back up.  STay calm, work with us and we can get there...
<jmarsden> DOn't try random things!
<jmarsden> If you have no space then trying to change a database may do more harm than good... and apt-get uses a database...
<Koheleth> kk
<jmarsden> So.  What happens when you do    du -smxc /var   ?
<Koheleth> hangon
<Koheleth> 134010  /var
<Koheleth> 134010  total
<Koheleth> sry
<Koheleth> brb, need to get a smoke, cracking here under the stress
<jmarsden> OK. So that is ... wait, that is about 134 GB right there.
<jmarsden> So that is where the extra files are.
<Koheleth> kk, where di that come from
<Koheleth> solution?
<jmarsden> Koheleth: we need to look further for where the extra files are, and then we will know whtehr it is safe to just delete them or what else we need to do.
<Koheleth> jmarsden:  kk ty
<Koheleth> Have be hacked or is it a misconfiguration of some kind
<jmarsden> pastebin me the output of   du -mxc /var | sort -n | tail
<jmarsden> Might be just log files that have grown really big, or something like that.
<jmarsden> BTw that command will list the ten biggest files or directories in /var ...
<guntbert> jmarsden: in such cases I'd use du -s /var/*| sort .......
<jmarsden> guntbert: And if there is a /var/.whatever you will not see it.
<guntbert> jmarsden: point taken
<jmarsden> Koheleth: OK, so what is /var/lib/psa/dumps/clients/holyfear.net/domains/holyfear.net/phosting exactly?  Do you need it?
<Koheleth> I need the site, but its backed up
<jmarsden> "dumps" ?  Is that a backup of some sort?
<Koheleth> no idea what it is
<jmarsden> Do you want or expect that phosting file or dir to be 60GB ?
<Koheleth> nope
<jmarsden> Then you need to find out, it is on your server :)
<jmarsden> what does   file /var/lib/psa/dumps/clients/holyfear.net/domains/holyfear.net/phosting    say ?
<Koheleth> kk
<jmarsden> Koheleth: Do you know what psa is?  Some sort of web hosting application ???
<Koheleth> Directory
<Koheleth> psa is Plesk
<genii-around> public service announcement? ... ;)
<Koheleth> its bound up with Plesk
<jmarsden> Ah!  OK.   cd /var/lib/psa/dumps/clients/holyfear.net/domains/holyfear.net/phosting and then pastebin the output of  ls -loh   for me, please.
<Koheleth> when you say me do yoy mean here on main channel :)
<jmarsden> Sure.  pastebin it and put the URL for that page here
<Koheleth> http://pastebin.com/Yzh5FBYy  www.hoilyfear.net
<Koheleth> www.holyfear.net
<jmarsden> For "us" on the channel, but since I'm the one currently helping you, primarily for me.  OK.
<Koheleth> geez, feel like I just dropped my trousers
<Koheleth> really thanks for the help
<Koheleth> would like to know what caused this when its solved
<jmarsden> Looks to me like you have a ton of old daily backups in there that can probably be deleted safely.
<jmarsden> How far back do you think you need to keep backups of that site?
<Koheleth> I did alter that the other week, that lost net connection for a week or so as I bought a new house
<jmarsden> OK, so if we delete everything older than 01 Jan 2011, that would be OK with you?
<Koheleth> but just told the server to keep a week or so of backups, maybe I messed up there
<jmarsden> Looks like it :)
<Koheleth> I think your a genius, thats it I reckon, comand please :)
<Koheleth> if it fixes I will send you a case of good French wine
<Koheleth> as a ty
<Koheleth> my server people want to charge 35 euros per 15 minutes :(
<jmarsden> :) OK.  So in that directory,  do      find . -older bkp_httpdocs_1012301709.tgz -type f | xargs rm
<jmarsden> Koheleth: That's very slightly more than my time is billed out to paying clients for at work, but not by much :)
<Koheleth> get missing operand
<jmarsden> Hmmm.  pastebin me both the command you typed and the full error message please?
<Koheleth> I could really get into this server admin stuff, facinating
<Koheleth> http://pastebin.com/t4xPjvCk
<guntbert> Koheleth: you missed the     find .      part
<Koheleth> kk
<jmarsden> OK, I made a minor mistake and so did you... Try      find . ! -newer bkp_httpdocs_1012301709.tgz -type f | xargs rm
<jmarsden> (My mistake was that there is no -older there is only -newer, so you need to say "not newer" instead of "older" :)
<Koheleth> putty gone tits up, hangon
 * jmarsden hopes it is Putty, and not the server, having the issue :)
<Koheleth> will see
<Koheleth> hangs a bit then comes back to the dir with no output
<jmarsden> That's fine.  Now do du -h  and see if you have some free space :)
<jmarsden> Ah, make that   df -h
<Koheleth> as in homer simpson DUH lol
<jmarsden> Koheleth: In general, Unix commands donot generate output when they succeed, the generate error messages when they fail.
<Koheleth> http://pastebin.com/7BJKmCxH
<jmarsden> Unix was designed when terminals were 110 bits/second printing terminals like the ASR33, so minimising output was important.  It is still helpful once you understand the principle.
<jmarsden> Koheleth: OK, we gained back 4GB or so which is enough for the moment.
<jmarsden> So now retry your apt-get update command and we will see if postgres can fix itself.
<Koheleth> sites still down
<Koheleth> kk
<jmarsden> Don't panic, we are not finished yet :)
<jmarsden> If apt get update   and then    apt-get upgrade     work error free, we are almost there.
<Koheleth> yeah, went well
<jmarsden> OK.  apt-get upgrade   also ?
<Koheleth> sites down tho
<Koheleth> did update and upgrade
<jmarsden> OK.  After the apt-get upgrade  you can do     /etc/init.d/postgresql-8.3 start
<jmarsden> and tell me what that does.
<Koheleth> Starting PostgreSQL 8.3 database server  ... no errors
<jmarsden> Nice.  Now see if your sites are working :)
<Koheleth> should I boot?
<jmarsden> No need.  CHeck your web apps.
<jmarsden> Linux itself was still running, so there should be no need to reboot.
<Koheleth> nope sites the same
<jmarsden> rebooting is for kernel updates, and for Windows users :)
<jmarsden> Hmmm.  Can you use Plesk now?
<Koheleth> I use win7 a bit
<Koheleth> let me see
<Koheleth> nope, cache?
<jmarsden> You can exit your browser and start it again if you want.... but more likely the lack of space broke something else as well as postgresql...
<Koheleth> geez
<jmarsden> So now we have to find what else needs to be restarted on your server.
<jmarsden> Do any of your sites/apps use MySQL?
<Koheleth> its why I like a gui
<Koheleth> all is mysql
<jmarsden> ? How does that help?  Just adds complexity!
<jmarsden> Ah, OK.  So   what does    /etc/init.d/mysql status     output  ?
<jmarsden> I am guessing that the lack of space caused mysql to die too...
<Koheleth> its stopped
<Koheleth> think we are there :)
<jmarsden> OK, so  do   /etc/init.d/mysql start    and let's see if that works :)
<Koheleth> Guess what :)
<Koheleth> sites back up
<Koheleth> lovely jubbly
<Koheleth> Got plesk too
<jmarsden> OK.  Good.   Now... you still have a LOT of disk space being used somewhere that you need to deal with... but you can do that on your own, right, from the comfort of the GUI if you want.
<Koheleth> so I need to look at the back up settings
<jmarsden> You have 4Gb free when you should have maybe 100Gb free... so yes.
<Koheleth> brilliant
<Koheleth> ty so much, pm me an address and you will have some great wine on your way, ty very very much
<jmarsden> :) OK, and you are welcome.
<Koheleth> btw, anyone from Wales please signup to welshweb.net and bring it home folks lol
<Koheleth> who needs facebook eh lol
<Koheleth> Well all is fixed and my problem seems to be my site backup settings, on it now.  I need a bigger HD on my server it seems or a bit more attention to my server imput and command :)
<guntbert> Koheleth: please have a look at the current used disk space  - 4 GB free is nearly nothing, there will be more log files/backups/...
<Koheleth> I have 50 backups of a domain that should be 5, typo error
<Koheleth> getting rid of em now
<Koheleth> not a big site but 50 of em mounts up, ate my disk, funny I got no warning tho
<RoyK> guntbert: I have this 5 1/4" drive in my office, full-size, 1,2GB - now _that_ is a big drive
<RoyK> full-height, I meant
<RoyK> some 4" or so
<jmarsden> RoyK: I remember buying Seagate 40MB drives which were that size :)
<guntbert> RoyK: geometrically, yes, but on a server with logging and "backups"?
<RoyK> jmarsden: iirc those were only half-height ;)
<jmarsden> RoyK: I think the 2MB was half height and the 40MB was full, but it was a while ago :)
<RoyK> some time back in the mid eightees :p
<RoyK> I just dropped in - what's it about? root fs size?
 * RoyK can't be botherd reading 1000 lines of scrollback
<Koheleth> actually looks like I left number of backups blank so it just kept backing up
<jmarsden> RoyK: Koheleth had a remote server fill up its root partition and so mysql stopped, etc.  We found some old backups and deleted them and got him back up and running again.
<RoyK> that sort of thing fills up...
<RoyK> jmarsden: ah
<RoyK> separating backup target storage is sometimes a good idea
<patdk-lap> heh, I just noticed my rootfs on my home workstation was at 96% full
<Koheleth> only a 3gb personal site but it ate the disk
<patdk-lap> just finished cleaning it a few min ago
<RoyK> though, for most setups, I just use one large root drive
<Koheleth> got no email admin warning tho?
<RoyK> Koheleth: there is no automatic warning
<Koheleth> will check all
<RoyK> Koheleth: use Icinga (or nagios) or something to monitor it
<RoyK> have it send you an SMS if something goes badly wrong :P
<Koheleth> had it back up daily too
<RoyK> backup's for cowards
<patdk-lap> hehe :)
<patdk-lap> real people mirror the whole server, live to another server? :)
<Koheleth> I need to backup this chat too
<RoyK> patdk-lap: heh - that's nice when someone accidentially removes a subtree :P
<Koheleth> priceless
<Koheleth> like my new site at welshweb.net lol be a millionaire one day :)
<RoyK> welshweb in English? now that's the oxymoron of the day :)
<Koheleth> I need a translation pack, have someone working on it
<Koheleth> Cardiff uni students
<RoyK> I somewhat doubt it'll make you millions
<Koheleth> its not easy when you dont have resources lol
<Koheleth> actually I dont want millions just take the wELSH FROM fb LOL
<Koheleth> oops
<RoyK> reinventing facebook isn't really a good idea - see http://www.27bslash6.com/p2p2.html for more info :)
<guntbert> lets keep this channel for support - there is #ubuntu-offtopic ....
<Koheleth> hackers and spammers are a prob at the mo, someone put a shell.php script on there the other week and cleared the site lol
<Koheleth> just trying to bring it home a bit even though I live in France lol
<RoyK> Koheleth: hackers aren't the problem. writing sane php scripts and using good security is the issue
<RoyK> http://cache.gawkerassets.com/assets/images/4/2010/03/for_traffic_cameras.jpg
<Koheleth> thought I had it locked down but some used a music modul I had on there to hack it so I got rid of it
<Koheleth> yeah sry for the banta
<RoyK> or http://xkcd.com/327/
<Koheleth> great support btw, tyvery much
<nimrod10> what's the best tool to encrypt a partition after install ?
<RoyK> reinstall :P
<Koheleth> used to be able to do it on install if I remember
<jmarsden> nimrod10: Check out https://help.ubuntu.com/community/EncryptedFilesystemsViaUbiquity
<jmarsden> It's not quite what you are seeking, but could get you close.
<nimrod10> thanks jmarsden , I can't believe I can't find a good howto for this kind of job :|
<jmarsden> I have seen someone else ask this before and could not find one then either... when you are done, please write it :)
<nimrod10> might as well do it as it would help to have encrypted hdd in this day and age , with all these airport control routines
<Patrickdk> heh, I encrypt all mine after install
<lenios> why do you do it after?
<Patrickdk> my home system is fully encrypted, all 9gigs of it
<binBASH> do you have something to hide? ^^
<Patrickdk> yes :)
<Patrickdk> that is the whole point of encryption
<Patrickdk> if you hide everything
<binBASH> I don't have :D
<Patrickdk> they will never find the hidden stuff with all the fluf
<Patrickdk> I have medical records from medical companys on my computer
<Patrickdk> so by law I must have my system encrypted
<binBASH> does encrypting hdd slow down general performance?
<Patrickdk> sometimes
<Patrickdk> I don't notice it often
<Patrickdk> transfers aren't an issue, but lots of random iops can be hell on it
<shadow66142000> I'm having some issues getting an internet connection on a fresh 10.10 server installation. I can ping my router but not outside. I can provide more info, does anyone mind giving me a little help?
<nandemonai> shadow66142000: Got your gateway setup?
<nandemonai> And DNS I guess would be another to check.
<jmarsden> shadow66142000: pastebin your /etc/network/interfaces file so we can see how you set that up, please?
<shadow66142000> no I don't think it's correct. It failed to auto configure during the installation
<shadow66142000> k
<nandemonai> DHCP or static setup?
<nandemonai> So many variables :P
<lenios> must be static if it failed autoconfiguration
<shadow66142000> it's going to take a moment to type that out. I can't ssh at the moment so I guess I have to hand type that out
<nandemonai> Not necessarily, might be getting DHCP from something other than the router (I use my server for example).
<shadow66142000> and yes static. I have FIOS if that matters at all
<jmarsden> You can't ssh to the server from another workstation on the same LAN?
<jmarsden> That is not " issues getting an internet connection", that is issues with basic network setup :)
<nandemonai> shadow66142000:  Might want to follow something like this: http://www.ubuntugeek.com/ubuntu-networking-configuration-using-command-line.html
<shadow66142000> I can ping it but not ssh
<shadow66142000> connection refused
<nandemonai> Hmm ssh is not blocked by ufw by default is it these days guys?
<nandemonai> I'm still on 10.04.
<shadow66142000> and yes that is probably so. I'm not really a linux guy but have doing a lot more of it in past 6months
<genii-around> I don't think openssh-server is a default tasksel choice with lamp
<nandemonai> Oh yeah.. shadow66142000, you did install sshd right? :P
<jmarsden> too many cooks... who is going to help shadow66142000 work through this?
<nandemonai> When you get the option to install services with tasksel during install?
 * genii-around makes a pot of coffee instead
 * jmarsden backs off and will let nandemonai help out.
<nandemonai> shadow66142000: run 'sudo tasksel' on the server mate, make sure openssh server is install ;)
<shadow66142000> I installed open ssh with the installation
<nandemonai> Hmm
 * RoyK just found an old CD with The Disposable Heroes of Hiphoprisy :)
<nandemonai> Can you ping the box you're trying to remote in from the server?
<nandemonai> Totally can't type today. *grabs coffee*
<shadow66142000> http://pastebin.com/HzBQiRQk
<shadow66142000> yes I can ping it
<nandemonai> aha
<nandemonai> That looks ok.
<nandemonai> Wait no.
<nandemonai> GAteway
<nandemonai> Same as broadcast.
<jmarsden> gateway needs to the the address of the router, not .255
<nandemonai> Thats your problem.
<nandemonai> Yup.
<nandemonai> Doesn't explain ssh being refused though.
<nandemonai> Might want to check ufw but I'm pretty sure it's allowed by default.
<jmarsden> shadow66142000: True.  One issue at once.  Edit that file to correct the gateway address (probably .1, maybe .254, you know your network) and restart networking
<shadow66142000> k
<shadow66142000> done
<genii-around> I wonder if ssh message said specifically refused or just timed out because endpoint can't get anywhere
<jmarsden> OK, now can the server do   ping 8.8.8.8  successfuly?
<nandemonai> genii-around: Good point actually. Never set gateway as broadcast, I'm sure it would have some odd results.
<shadow66142000> destination unreachable
<nandemonai> Ok next up is /etc/resolve.conf
<jmarsden> shadow66142000: OK... pastebin the output of    ip route
<jmarsden> nandemonai: No, it is not, ping 8.8.8.8 does not use DNS :)
<shadow66142000> blank
<nandemonai> Actually yeah don't mind me lol
<nandemonai> *slaps himself*
<jmarsden> shadow66142000: You have no routing table?  Wow.  You did /etc/init.d/network restart    after the edit of gateway, right?
<shadow66142000> yep
<jmarsden> Something feels wrong here... is rebooting the server simple and practical; I don't like doing that, but maybe it will help?
<shadow66142000> it return no file
<nandemonai> Yeah that is rather odd.
<shadow66142000> returned no file
<jmarsden> shadow66142000: You typed in the command      ip route      and the response was exactly    "no file"?
<shadow66142000> no I got that response with a restart
<shadow66142000> I'll put the response of 'ip route' into pastebin
<shadow66142000> http://pastebin.com/rGQkRV8B
<nandemonai> Did you typo that second . ?
<nandemonai> 192.168.1..0/24
<shadow66142000> yes
<nandemonai> Ok
<jmarsden> That looks OK apart from that.  And now ping 192.168.1.1 works, but ping 8.8.8.8 does not?
<shadow66142000> actually I'm not pinging the router now either
<jmarsden> Is the network cable plugged in? :)
<shadow66142000> double checking for lights
<shadow66142000> yep
<nandemonai> You mentioned a no file error when restarting the netowrking service?
<shadow66142000> yes
<nandemonai> Something like: * Reconfiguring network interfaces... RTNETLINK answers: No such process
<nandemonai> Or similar?
<shadow66142000> -bash: /etc/init.d/network: No such file or directory
<nandemonai> oh lol
<shadow66142000> uh oh
<jmarsden> networking, rather than network, I think??
<jmarsden> That might have been my thinko earlier.
<nandemonai> sudo /etc/init.d/network/interfaces restart
<nandemonai> hold up one sec
<jmarsden> nandemonai: No.... sudo /etc/init.d/networking restart
<shadow66142000> done
<nandemonai> Oh of course.
<jmarsden> OK, any change?  What can you ping now, if anything?
<nandemonai> Man I gotta get back into Ubuntu.
<shadow66142000> router ping still failed
<nandemonai> Been stuck on RHEL builds at work.
<genii-around> Hm. Doesn't that bypass upstart's  /etc/init/rc-sysinit.conf
<jmarsden> So you think we now are forced to do    sudo service networking restart   ??  OK, shadow66142000 you can try that.
<shadow66142000> during installation I gave it the address 192.168.1.9
<jmarsden> That should be fine.
<shadow66142000> k
<nandemonai> Assuming it's not taken already ;)
<jmarsden> Just in case the old way is no longer usable and you need to use the new upstart-oriented way, try   sudo service networking restart    and then retest
<shadow66142000> no don't see it used
<shadow66142000> that returns 'restart: Unkown instance:'
<jmarsden> shadow66142000: Something feels weird here... can you try just rebooting the server and retesting?
<shadow66142000> yep
<nandemonai> Speaking of which, any major changes from 10.04 - 10.10?
<nandemonai> I generally stick to LTS myself if I can. Thinking about building a new backup box over the next week or so.
<shadow66142000> I know I was pinging it earlier
<shadow66142000> I don't mind trying that version. I always end up on CentOS because I run into networking issues with Ubuntu. It very well may be me.
<jmarsden> I use 10.04 for servers, too.
<nandemonai> I wasn't really implying you downgrade, just curious really.
<shadow66142000> yeah I know just sayin
<jmarsden> nandemonai: Since he doesn't have it running yet, it's unlikely he can provide much by way of advice on the differences yet :)
<nandemonai> Was a general question for the room :)
<uvirtbot> New bug: #289311 in exim4 (main) "Not clear what delimiter to use when configuring exim4 listen interfaces" [Wishlist,Triaged] https://launchpad.net/bugs/289311
<shadow66142000> the last time I did this I had a problem with the driver it installed on my network card. After reading forums turns out that particular version commonly got confused for one close to it
<shadow66142000> I got a new network card this time
<nandemonai> I was actually starting to suspect a dodgy driver.
<nandemonai> What card?
<jmarsden> On a wired NIC?  Seems very unusual.
<nandemonai> 99% work fine you do get a few annoying ones though, mostly internal chipset ones I've found.
<nandemonai> It's pretty rare.
<nandemonai> Especially post version 9+
<_Techie_> im having a problem with my bridge interface (br0 using eth0 and eth2) , i can ping across both interfaces from the server, but clients can only ping the server and inside their assigned interface
<jmarsden> _Techie_: Are you expecting the server to act as a router?
<_Techie_> jmarsden, yes, i have it set up as a router
<jmarsden> OK, so all the packet forwarding stuff is on, etc.
<shadow66142000> it's a netgear
<jmarsden> Huh?  The sevrer is a netgear?
<nandemonai> Out of interest shadow66142000, run ifconfig -a make sure that the details look right for your interface. Especially that HWaddr section.
<nandemonai> IE is the MAC address shown.
<jmarsden> _Techie_: I don't think netgear makes PC server hardware... can you be clarify?
<shadow66142000> no it is not shown
<_Techie_> jmarsden, it should matter about packet forwarding, its a bridged interface, not two seperate interfaces with different ip's
<nandemonai> Think he means the network card jmarsden ;)
<nandemonai> shadow66142000: That is a problem then.
<uvirtbot> New bug: #307403 in exim4 (main) "Installing postfix therefore deleting exim4 didn't work" [Undecided,Incomplete] https://launchpad.net/bugs/307403
<shadow66142000> lenandemonai, let me copy that to pastebin
<uvirtbot> New bug: #443227 in exim4 (main) "cman" [Undecided,Invalid] https://launchpad.net/bugs/443227
<_Techie_> jmarsden, if your going to help 2 people at the same time, please not who says what, shadow66142000 said netgear
<jmarsden> _Techie_: If you want the server to accept incoming packets from a client on one interface and send them back out on aother interface, then you need to enable packet forwarding.
<jmarsden> _Techie_: You are correct, my mistake.
<jmarsden> The bridging will work for the server, but it will not route things from one subnet to another, as far as I know, on its own.
<_Techie_> jmarsden, their not two subnets
<_Techie_> do you even understand whats bridging does
<nandemonai> _Techie_: Been a long time since I tried this but don't you need to setup routes?
<_Techie_> dont worry, i sorted it out anyway
<nandemonai> _Techie_:  Or does bridging handle that?
 * nandemonai curious now
<shadow66142000> 'ifconfig -a' returned http://pastebin.com/gZ68hywE
<nandemonai> shadow66142000: That actually looks ok.
<nandemonai> It's picked up the mac address and come up ok so usually that means the interface driver is fine.
<nandemonai> So now you're basically not able to ping anything from the server?
<shadow66142000> correct
<nandemonai> Frustrating.
<shadow66142000> yes it is. I do want to say thanks for the help
<_Techie_> shadow66142000, i arrived late, can you give me a few details, is the server meant to be a routing packets to an external interface?
<nandemonai> I'm guessing you've tested another cable etc?
<nandemonai> _Techie_:  He's just trying to get his network interface working on 10.04 server.
<shadow66142000> _Techie_, no
<shadow66142000> 10.10
<nandemonai> Sorry yeah 10.10 hehe
<_Techie_> nandemonai, what have you tried so far?
<nandemonai> we've checked interfaces / ip route and ifconfig. All looks ok now.
<nandemonai> Did have gateway address set as broadcast but that's corrected now.
<_Techie_> nandemonai, have you checked for a default gateway and DNS server?
<nandemonai> Weird thing is that he could ping before that change.
<nandemonai> Not DNS yet but he can't ping anything at the moment so it's gotta be something else.
<shadow66142000> yeah nothing is resolving
<_Techie_> hrmm
<nandemonai> shadow66142000: it wont until you can atleast hit your router and then dns
<nandemonai> We need to get it talking to the rest of the network first.
<shadow66142000> have no idea if this matters but I have FIOS and use the router they provided Westell
<_Techie_> shadow66142000, can you please describe your network in a pastebin, eg ip of your router, etc etc
<shadow66142000> yep
<_Techie_> shadow66142000, thanks
<nandemonai> shadow66142000: Shouldn't make a difference, you can't even ping your router at the moment. Little steps ;)
<shadow66142000> no
<nandemonai> I have to head off for a while guys. Hope you get it sorted shadow ;)
<_Techie_> nandemonai, okay, have a good time/sleep/day at work
<shadow66142000> thx appreciate it
<shadow66142000> http://pastebin.com/RpzbKngg
<_Techie_> cool, and also the outpur of the route command please
<uvirtbot> New bug: #708023 in exim4 (main) "exim 4.74 released fixes CVE-2011-0017" [Medium,Confirmed] https://launchpad.net/bugs/708023
<uvirtbot> New bug: #713855 in exim4 (main) "Merge exim4 4.74-1 (main) from Debian experimental (main)" [Undecided,New] https://launchpad.net/bugs/713855
<shadow66142000> http://pastebin.com/rGQkRV8B
<_Techie_> shadow66142000, can i please get you to make your /etc/network/interfaces to look like this http://pastebin.com/ktYSbNX8
<_Techie_> is anybody here able to help me figure out why /etc/init.d/dhcp3-server isnt starting @ boot
<_Techie_> shadow66142000, once your /etc/network/interfaces file looks liek that, issue a sudo /etc/init.d/networking restart
<shadow66142000> k one sec
<nandemonai> _Techie_:  it's in the default run level?
<_Techie_> nandemonai, yes /etc/rc2.d/S40dhcp3-server
<nandemonai> _Techie_:  Throwing you any errors or just not invoking?
<_Techie_> not invoking, will start absolutely fine if started manually via /etc/init.d/dhcp3-server
<nandemonai> Hmm
<_Techie_> items in that runlevel bother before and after it work perfectly fine
<_Techie_> both*
<nandemonai> You used default-rc.d to add it?
<nandemonai> Sorry update
<nandemonai> update-rc.d
<_Techie_> nandemonai, it added it when it installed via apt-get
<nandemonai> Shouldn't need to but try re-adding it.
<nandemonai> It's weird that it just skips it.
<_Techie_> nandemonai, is there a log file for runlevels?
<shadow66142000> _Techie_ sry about the delay
<shadow66142000> those files match now
<shadow66142000> and it's restarted
<shadow66142000> but I can not ping my router
<_Techie_> hrmm
<_Techie_> very peculiar
<nandemonai> Not sure _Techie_ actually.
<shadow66142000> yeah driving me nuts
<nandemonai> _Techie_:  could try boot.log.
<nandemonai> It's not very verbose tho.
<_Techie_> shadow66142000, one last time, output of ifconfig please
<shadow66142000> take a sec cause I'm typing these out
<nandemonai> _Techie_:  also try daemon.log
<nandemonai> _Techie_:  If it's just skipping it for some reason though I'll wager it's not in those logs.
<_Techie_> one sec, got a better
<_Techie_> better idea*
<_Techie_> sudo grep dhcp3-server -R /var/log/*
<nandemonai> lol true
<_Techie_> http://sprunge.us/SIOJ
<_Techie_> hrmm
<_Techie_> i created a cronjob to try start it, it appears to be running but it still isnt starting
<nandemonai> Yeah not too helpful
<_Techie_> hrmm, maybe if i move it to the end of that runlevel? maybe its somehow trying to start before something it depends on
<nandemonai> Hang on that's a good thought.
<nandemonai> Is the networking coming up first?
<nandemonai> It wont start without a static IP.
<_Techie_> it should be, but it is starting on a bridge interface
<_Techie_> which has a 30 second grace time
<_Techie_> hrmm
<nandemonai> I think you've hit the nail on the head.
<_Techie_> this is going to be tricky
<nandemonai> Sounds like what's going on.
<nandemonai> You could put a sleep in the init but that's pretty dirty.
<_Techie_> the runlevel scripts will be long done before the end of the grace time
<nandemonai> There must be a better way
<_Techie_> hrmm
<_Techie_> ya, there must be
#ubuntu-server 2011-02-06
<_Techie_> nandemonai, i can think of another way, but its still very dirty
<nandemonai> Your server buddy ;)
<nandemonai> I've done some dodgy stuff myself, when all else fails n all.
<_Techie_> okay, lemme re word that... dirtier and more complicated than sleeping
<nandemonai> lol
<nandemonai> What ya thinking?
<_Techie_> i was thinking about creating a virtual interface, and bonding it with br0 and putting dhcp on that
<nandemonai> Heh that would probably do it.
<_Techie_> would be bloody messy though
<nandemonai> Bit of a pain and yea messy.
<_Techie_> i think i may just sleep the init script for 30 seconds
<_Techie_> its the cleanest way i can see atm
<nandemonai> Worth a shot at least.
<nandemonai> They you can eliminate other issues.
<_Techie_> it will do it, i know it will
<nandemonai> *then
<_Techie_> although, ideally i only want to add it to start
<_Techie_> not restart
<_Techie_> although, restart uses start
<_Techie_> maybe thats why my ZNC isnt coming up either
<_Techie_> anyway, brb
<_Techie_> nandemonai, okay, it works now
<_Techie_> however im not sure whether it started using the init or the cron job
<RoyK> !vnc
<ubottu> VNC is a protocol for remote desktop. https://help.ubuntu.com/community/VNCOverSSH describes how to use it securely.  It works best over fast connections, otherwise look at !FreeNX
<RoyK> !freenx
<ubottu> FreeNX is advanced remote desktop technology. For more information and install instructions, see https://help.ubuntu.com/community/FreeNX
<_Techie_> IM GONNA GO PLAY SOME FALLOUT NEW VEGAS
<_Techie_> whoops caps lock
 * RoyK has had some bad issues with x11vnc - anyone that knows a good remote solution for ubuntu? I need X login and it'll have to work from windoze and macs
<_Techie_> also, wrong channel... sorry
 * RoyK slaps _Techie_ 
<_Techie_> also does anyone in here mind if i use an away nick, or should i just leave before the ops get pissy at me?
<RoyK> _Techie_: I don't think that's against the rules :P
<_Techie_> RoyK, it actually is
<RoyK> seems we've even been able to use the full of the English language in here lately
<RoyK> some months ago, I was picked at for using words like shit or fuck, but I haven't seen that lately
<_Techie_> RoyK, https://wiki.ubuntu.com/IRC/Guidelines - under public away messages
<_Techie_> RoyK, ive been done for it before, thats why i no longer idle and help out in here
<RoyK> some of those rules are bullshit
<tsimpson> if you disagree with the rules, choose another channel
<_Techie_> RoyK, it all starts out with someone pointing it out and askign me not to, then with me pointing out that it creates no more spam lines than if i parted then joined when back, then an op comes along (usually hours later) and i end up with a ban
<RoyK> tsimpson: nope - I help people in here quite a lot, and I get good help sometimes as well
<tsimpson> the rules in the channel are in the topic, if you want to use the channel you should respect the rules they choose to implement
<RoyK> tsimpson: seems the regime creating these rules are somewhat likely to Egypt
<RoyK> s/likely/similar/
<RoyK> tsimpson: I prefer to express myself in English, as with (some of) the words listed in the Oxford Dictionary
<zatricky> For the life of me, I'm battling to figure out a) if Ubuntu is going to start ntpd on bootup and b) if it isn't, how to tell Ubuntu to do so
<_Techie_> well if some prick decides they dont like me using an away nick, i would like to point out at a further reading of the guidelines, that it is frowned upon, but not actually against the guidelines
<zatricky> my google results want to teach me how to write upstart scripts - I want something much simpler ;)
<tsimpson> the guidelines are the rules in this channel, if you don't want to follow the rules then don't use the channel. simple
<_Techie_> zatricky, easiest way is to add a script to /etc/rc2.d/
<RoyK> zatricky: there are tools like icinga/nagios/(google it) that can tell you if a process is running or not
<RoyK> tsimpson: who wrote those ?
<tsimpson> RoyK: the Ubuntu IRC Council
<RoyK> who are they?
<_Techie_> RoyK, as i like to call them, the "gods"
<RoyK> last I checked, ubuntu was an open project
<tsimpson> the council responsible for Ubuntu on freenode
<tsimpson> a delegate of the community council
<zatricky> srsly? Seems arbitrarily strange - I don't recall this complication before upstart joined the party. I thought the purpose was to simplify/robustify (is that a word?) the process :-/
<RoyK> tsimpson: where can I find them?
<nandemonai> update-rc.d ntpd defaults should do it zatricky
<tsimpson> RoyK: #ubuntu-irc-council or irc-council at lists.ubuntu.com
<zatricky> now *that* sounds much better. Thanks, Nandemonai, will concentrate on reading more on update-rc.d :)
<_Techie_> well, im going to go play some falluout NV, i shall see everyone later
<nandemonai> Take it easy _Techie_
<_Techie_> nandemonai, i will, you have a good time while im gone, okay?
<nandemonai> 2 weeks of leave, I sure will :P
<zatricky> much simpler final result: remove ntp, remove ntp-simple, install openntpd, installation ends with "Starting openntpd" ^_^
<zatricky> But thank you nonetheless, I've learned some more today :)
<uvirtbot> New bug: #713869 in samba (main) "wrong permissions in samba shares are not properly reported" [Undecided,New] https://launchpad.net/bugs/713869
<elkingrey> I've set up a directory that I would like a guest to have access to, but not to anything else on my server. I see pages where it tells me how to create a new user, but I don't see where that user has a password with which to log in. Can somebody help me?
<RoyK> seems mr tsimpson didn't like some input on the channel rules :P
 * nandemonai pokes airtonix 
 * pennyless_ is away: Gone away for now
<YankeesFan> !ops
<ubottu> Help! Channel emergency! soren, lamont, mathiaz or tom
<YankeesFan> !ops
<ubottu> Help! Channel emergency! soren, lamont, mathiaz or tom
<ball> What's involved in connecting Ubuntu Server to a wireless LAN?
<airtonix> ball: not much
<airtonix> ball: since i've been using a headless version of the desktop isoi like to create network-manager profiles that do the connecting for me
<ball> airtonix: If I install Ubuntu Server, would you be willing to walk me through it, or at least give me some pointers?  I'm really struggling here.
<airtonix> ball: i'd only be able to point you in the right place for network-manager, i've not used static definitions for wireless connections yet
<ball> I don't know what network-manager is.
<airtonix> it's a two part thing for managing various kinds of network connections
<airtonix> the part most people recognise is the panel applet called nm-applet
<airtonix> but that's isn't required for it to work
<ball> Does Ubuntu Server have the back end for that?
<airtonix> i'm not sure
<airtonix> i would say no
<airtonix> but don't quote me on that
<avis> if you google that file name you should be able to find a md5sum characters a long set
<avis> sorry
<airtonix> i think there are really two main reasons i use it, 1) if i freenx/vnc into the server, i can control the network connections from the gui, 2) network-manager provides an easy facility for running scripts pre and post connection
<airtonix> oh and the other sweet feature is that if you are using a server as a router, and your servers WAN is wifi... then you can have it setup multiple access points, and take the one that is active
<airtonix> i mean you might be able to do that with the traditional method of controlling network connections
<airtonix> but im not sure if it auto connects to an access point if the connection is dropped for some reason
<ball> For now I'm just looking for something that works.  My wife's Windows XP machine won't connect to our new wireless LAN and my usual OS is insanely difficult to configure
<ball> ...I've heard good things about Ubuntu and it's time I learned it, so this project is an opportunity to a) pacify the missus and b) learn some Ubuntu
<airtonix> you plan on using desktop ubuntu as well then ?
<ball> I use it occasionally.  I'm actually typing this on a laptop that's running Xubuntu
<ball> I would like to roll out some ltsp stuff eventually, but I have to do this one step at a time.
<airtonix> drbl is also a good alternative to ltsp
<airtonix> depends on what the enviroment is like though
<airtonix> firs i would obviously check that a standard 10.04 ubuntu liveusb can do all the things you want it to on your wifes desktop
<ball> The ltsp stuff is for the office, not on her machine.
<qman__> network-manager has on many occasions become the bane of my existence
<qman__> so I'd avoid using it if at all possible
<qman__> however, as noted, wireless isn't exactly suited to the traditional setup
<ball> qman__: Is it painful to configure wireless (with WPA2-PSK) on Ubuntu Server?
<qman__> then again, wireless is evil and should not be used unless absolutely necessary
<ball> qman__: Sadly it's necessary at home
<airtonix> yeah wireless is not really a reliable connection for a server
<qman__> for a single network you always connect to, it's not too hard
<qman__> the problem arises when you have multiple networks
<ball> qman__: That
<ball> 's what I'm trying to achieve: just join a single network
<qman__> which you then have to manage in some way
<airtonix> i've never had a problem with network-manager
<qman__> I haven't done it myself but it basically amounts to filling out a configuration file with your network information
<airtonix> except when things try to override it with static network definitions
<airtonix> like ebox did
<qman__> I think it's outlined in the server guide, I'll check
<nandemonai> ball: https://help.ubuntu.com/community/WifiDocs/WiFiHowTo <- Good place to start
<qman__> that guide is horribly out of date
<nandemonai> Also as qman__ said, pretty sure it's in the server guide.
<nandemonai> As are a lot of the guides these days unfortunately.
<nandemonai> Most of it should hold true.
 * ball nods  ...it's sometimes difficult to know where to look for Ubuntu documentation
<airtonix> ball: for now i think your learning curvve can be reduced by simply using a desktop iso with  the gdm init script removed...
<airtonix> configuring the wifi will be alot easier then
<nandemonai> Was simple in 8.10.
<ball> I was hoping I could do it from within Ubuntu Server
<nandemonai> Last time I used wifi on server
<airtonix> ball: there isn't much difference between ubuntu-server and ubuntu-desktop
<airtonix> presence of gnome really
<airtonix> and openoffice
<airtonix> oh and network manager
<qman__> I avoid doing that personally
<airtonix> why is that ?
<ball> I could try Xubuntu I suppose.
<qman__> my problems with network manager are similar to other problems I've had with GUI applications
<airtonix> what are those ?
<qman__> they try to do things differently than the 'manual' way
<ball> ...does Xubuntu have this network manager thing?
<qman__> and therefore interfere with each other
<nandemonai> It's a server right?
<qman__> often breaking stuff in unexpected ways
<airtonix> ball: i dont think so
<nandemonai> Run a LAN cable to the wifi router.
<nandemonai> Fixed :P
<airtonix> qman__: so what are those problems ?
<qman__> things not working
<airtonix> which is ?
<qman__> whatever that GUI application is fighting the config files over
<ball> nandemonai: That would involve going into the crawlspace under the house, something I avoid at the best of times and -20C is not the best of times.
<qman__> in the case of network manager, the network
<dschuett> anyone in here running bind9 on ubuntu server 10.04?
<airtonix> qman__: so you don't actually remember ?
<airtonix> dschuett: yes
<airtonix> well not server
<qman__> the network not working is pretty clear
 * nandemonai <3 airtonix 
<airtonix> so you don't know and just want to spread doubt ?
<qman__> the biggest problem is not that they disagree, but that it's nearly impossible to fix
<ball> Perhaps I can run the full version of Ubuntu, if that's what's required to get this working.
<qman__> without simply removing the GUI application
<nandemonai> It's really not ball.
<airtonix> hoho
<nandemonai> Look into iwconfig.
<nandemonai> I doubt they've just up and dropped it.
<airtonix> it's still there
<nandemonai> As I said though it's been a while since I've dabbled with wifi on server.
<dschuett> airtonix: ok, so if i MANUALLY set my windows OR linux client within my network to use 8.8.8.8 as it's DNS server AND i flush dns - then do an nslookup on one of my internal hostnames it STILL resolves them? how is it resolving my internal dns through googles public DNS?
<qman__> dschuett, it isn't
<qman__> there are more name resolvers than DNS
<qman__> most of them automagic
<airtonix> wut?
<airtonix> isn't nslookup a windows thing ?
<qman__> no
<qman__> nslookup is 'deprecated' but it gets results differently than dig
<qman__> and is therefore still useful
<dschuett> qman: so even if i do a nslookkup...server 8.8.8.8 dschuett.scs.local it should still resolve?
<airtonix> .locals are resolved from avahi
<airtonix> on the linux side
<dschuett> well even if i leave the .local off it still resolves
<qman__> nslookup uses the system's normal name lookup bits
<qman__> if you want a DNS-only lookup, use dig
<airtonix> dschuett: so you have samba running on all machines ?
<qman__> and yeah, .local is a special name
<qman__> that you're really not supposed to use for anything outside of the local machine
<dschuett> airtonix... ok so .local should still resolve even if i use an external DNS server? - just did "dig @8.8.8.8 dschuett-lmtl.scs.local and it DOES resolve
<qman__> calling your network .local is dandy in an active directory environment but can cause unexpected issues in a linux environment
<airtonix> ?
<qman__> dschuett, pastebin the full response please
<airtonix> any machine with avahi or bonjour running is always going to have a secondary domain called .local
<Thirtysixway> any reason https://10.cloud.ubuntu.com/ says 10.10 hasn't been released yet?
<dschuett> qman_:http://pastebin.com/4pUHtAJA
<qman__> gateway.scs.local. gave you that answer
<qman__> not google
<qman__> as to why it bothered asking that server, I couldn't tell you
<dschuett> qman__: gotcha, dig DOES work better, a lot more informational
<qman__> but that is where the answer came from
<dschuett> qman__: yeah, i guess that is what i'm confused about as well
<qman__> according to the man page it shouldn't have
<qman__> but I don't know enough about dig and how it resolves to answer that mystery
<dschuett> qman__: i just did the same dig command on the DNS server itself and it doesn't resolve
<dschuett> weird
<dschuett> the BIND9 ubuntu server that is
<dschuett> kind of weird that it resolves on clients, but not on the bind server itself... hmmm
<qman__> yeah, it's grabbing it through some other resolving method apparently
<qman__> I thought dig wasn't supposed to do that but apparently I was mistaken
<airtonix> did you post your resolv.conf yet ?
<airtonix> just so there is no assumption
<airtonix> s*
<dschuett> airtonix: resolv.conf just contains these two lines: search scs.local    nameserver 192.168.0.1
<airtonix> is your bind zone actually called scs.local ?
<airtonix> because that's going to conflict with the avahi clients you have running
<dschuett> airtonix: yes that is my zone name
<dschuett> well scs.local.db
<airtonix> i would think about using .home instead of .local for the dns configurations
<airtonix> and let avahi/bonjour have .local for their little mutlicast auto dns party
<airtonix> dschuett: yes my zone file also ends with .db but that's mostly irrelevant to how the hostnames resolve
<airtonix> dschuett: i'll post you my resolve.conf from a client and the zone file from my server so you can examine
<dschuett> airtonix: that would be awesome
<dschuett> so is .local "reserved"?
<airtonix> yes, if you have ubuntu desktop clients (then you have avahi clients broadcasting across port 5353 making CNAME queries on the .local domain )
<airtonix> same with macosx and windows if you have bonjour printing services installed
<airtonix> http://pastie.org/1533253
<dschuett> THANKS!
<airtonix> sorry i missed out named.conf.local
<airtonix> http://pastie.org/1533253
<airtonix> gah
<airtonix> actually
<airtonix> revised, just reload
<airtonix> i'm still working out how to get dhcpd3-server to auto update bind dns records under certian cirumstances
<dschuett> airtonix: ironic...that is my next project
<Tohuw> if I've added an ldif like so: ldapadd -Y EXTERNAL -H ldapi:/// -f name_of_file, how would I back out every change that file made?
<airtonix> good question
<airtonix> not one that would be explained by documentation i suspect
<Tohuw> I assume there's some documentation somewhere detailing how this might be done, but I've yet to find it. I freely admit to not having read EFM (every * manual) on LDAP, but I've been hunting.
<jmarsden> Tohuw: I think you need to look at what name_of_file does and write the opposite set of LDAP changes and then apply those... of course there is no "undelete" command, or "unupdate", so in reality if your file deleted or updated entries in LDAP, the only way to undo that (as far as I know) is to restore from backup.
<jmarsden> It's like saying  What is the opposite of the SQL command "DROP TABLE foo;" ?     -- the answer is to restore foo from backups.
<Tohuw> jmarsden: that makes sense. I'll see if I can write an opposite to it... if I pastebin the ldif (it's not very long, and essentially the same backend configuration ldif found in the Ubuntu Server Guide), do you care to take a gander at it?
<Tohuw> If I have to restore ldap, it won't be difficult... I just installed it :D
<jmarsden> No, I was already marking myself away and about to go to bed... it is 00:26 here...
<jmarsden> Bad timing :)
<Tohuw> ah, 03:26 here. Night!
<jmarsden> Goodnight.
<Tuxist> hi
<Tuxist> i have problem with tls
<Tuxist> and proftpd
<Tuxist> module conf http://pastebin.com/54vWz6W4 tls conf http://pastebin.com/qPjAtdzk
<Tuxist> i have also created new packages with proftpd 1.3.3 from debian unstable without success
<Tuxist> i got auth not found
<acidflash> hello all
<acidflash> i have a program, which one startup cannot get assigned to it more then 1024 file descriptors, but when i do service whatever restart after the startup, it gets assigned the 1M that its supposed to, how can i make it so that it gets assigned the 1M at startup, using ubuntu 10.04 or 10.10, same on both
<acidflash> one/on/spl
<uvirtbot> New bug: #714033 in whois (main) "Please merge whois 5.0.11 (main) from Debian unstable (main)" [Wishlist,Confirmed] https://launchpad.net/bugs/714033
<nimrod10> !init scripts
<RoyK> !initscripts
<RoyK> mianosm1: what about them?
<RoyK> ubottu: init scripts are https://help.ubuntu.com/community/UbuntuBootupHowto
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<RoyK> ubottu: initscripts are https://help.ubuntu.com/community/UbuntuBootupHowto
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<RoyK> idiobot
<RoyK> ubottu: initscripts is https://help.ubuntu.com/community/UbuntuBootupHowto
<RoyK> ubottu: init scripts is https://help.ubuntu.com/community/UbuntuBootupHowto
<charas> Can anyone help me with this problem? http://stackoverflow.com/questions/4913561/how-to-reset-virtualenv-and-pep
<resno> quick question about setting up a ubuntu server as a router. for a small network, can we out end up pushing to much through it?
<patdk-lap> sure
<patdk-lap> what are the specs of the router?
<resno> P4
<resno> i dont remember exactly
<compdoc> youre worried about making the server too busy? what else does it do?
<patdk-lap> it's everything a p4 these days?
<compdoc> p4 is old
<resno> well, pushing to much through the nic or making it process to much
<lenios> p4 should handle a small network without issues
<patdk-lap> everything was a p4, till the i3/5/7/9
<resno> its doing a bit more then just networking stuff
<resno> and the loads can get highish at times
<patdk-lap> my p3 1.2ghz handles 1200mbit, routing
<resno> patdk-lap: does yours only do routing or other services?
<patdk-lap> only routing
<resno> its possible it could slow down the internet if its under high load right?
<patdk-lap> well, it does do full bgp tables
<patdk-lap> that does use up a crapload of cpu time
<compdoc> its prolly a bad idea to use an important server as a router, if youre doing it yourself. could be a security risk if you dont configure it right
<patdk-lap> resno, using nat/masq/conntrack?
<resno> compdoc: yea, ive thought about
<resno> patdk-lap: yes
<patdk-lap> could be an issue there
<patdk-lap> without any type if firewalling, I don't see it being much of an issue, load wise
<resno> but the firewalling and associated things could be bad news?
<patdk-lap> not sure
<patdk-lap> it will need to use memory, and track things
<patdk-lap> and I'm sure that isn't done in the interrupt
<patdk-lap> so would be scheduled
<resno> hmm, its already pushed to its limit on ram
<patdk-lap> as it needs to alloc memory and stuff
<resno> could i potentially open up samba to the world?
<resno> if configured wrong?
<patdk-lap> always :)
<patdk-lap> most isp's drop samba stuff tough
<nandemonai> Think about the hardware on a router.
<patdk-lap> but that is what a firewall is for
<nandemonai> You're way exceeding that on a semi modern PC.
<nandemonai> It'll manage just fine.
<nandemonai> Heck a P2 would probably handle it fine.
<resno> well, i mainly want the experince of doing it and mananging it. to get experince of managing a server better
<patdk-lap> nandemonai, not really
<patdk-lap> but he hasn't said what his internet connection is
<patdk-lap> a p2 would never handle my internet connection
<resno> patdk-lap: how many machines do you have?
<patdk-lap> 20
<resno> at home?
<resno> or at work?
<patdk-lap> both :)
<resno> heh, nice
<patdk-lap> but it's nice to have multible gigabit fiber connections
<resno> heh, youve got quite a setup then
<RoyK> http://www.youtube.com/watch?v=MhsSxCIrQTI <-- Gaiman FTW :)
<resno> patdk-lap: so, ill take your advice. should i do it, or just play with vps instead. if i want to be a sys admin?
<patdk-lap> play with vps?
 * patdk-lap is lost
<resno> virtual private server, like an almost dedicated server
<patdk-lap> ya, but how did that fit any of what was being discussed?
<patdk-lap> you can't just say random crap and expect people to understand
<resno> oh, i am trying to setup an enviroment to gain experince. a vps would be less crucial install i can play with and not expose my network, and files.
<patdk-lap> normally vps's don't seperate network and files
<patdk-lap> they are half joined atleast to the host system
<patdk-lap> you could try a vm
<patdk-lap> but both of these options, if done on that same computer would put an even higher load on it
<resno> you can configure a vm to mangage the network?
<resno> i actually run a vm lol
 * resno breathes
<resno> well, i think i just want to gain mangaging experince, how ever i can get real experince. ill do that
<resno> patdk-lap: howd you start admining?
<patdk-lap> by watching Hackers :)
<resno> heh, did you make a honeypot?
<patdk-lap> and sneakers :)
 * resno throws honey in the street
<uvirtbot> New bug: #714121 in setserial (main) "Please merge setserial 2.17-45.3 (main) from Debian unstable (main)" [Wishlist,Confirmed] https://launchpad.net/bugs/714121
<ball> Ugh. I try not to hate Linux, but I can't install Ubuntu Server because of the stupid graphical splash screen.
<ball> :-(
<RoyK> ball: just press F4 in the grub menu
<RoyK> or perhaps use the alternate install
<gobbe> ball: eh? what does splash screen prevent?
<gobbe> and why?
<RoyK> the splash screen comes after grub boot
<RoyK> press F4 and then you can change the boot args
<RoyK> one of them is quiet, one is splash, remove those
<RoyK> IIRC pressing F6 will give you the commandline
<ball> RoyK: I don't get a grub menu.
<ball> gobbe: Doesn't work with my hardware.
<gobbe> ball: not even grub?
<RoyK> ball: can you try the alternate install CD?
<ball> RoyK: I'll try downloading that now.
<ball> Shouldn't be necu
<ball> oops
<airtonix> there's a graphical splash screen with ubuntu server iso now ?
<airtonix> last time i used the server iso, it was ascii all the way down
<ball> airtonix: Appears that way.
<ball> Makes it fail on my hardware.
<RoyK> airtonix: the grub menu on the installer has been graphic for a while
<airtonix> not for me
<RoyK> ball: did you test the alternate installer?
<airtonix> you must be doing somethiing to piss it off
<RoyK> airtonix: not really - I've installed quite a few dozens of ubuntu lucid - it's graphic - beleive me
<airtonix> i only have a plymouth splash screen on desktop isos
<airtonix> well i don't because so have i
<airtonix> apologies in advanced for not believing you
<avis> i installed a web server, very basic and minimal, with apache2, last might and for some odd reason it caused my computer to lock up.  it would render my monitor one color, and have to be forced switched off.  all memory passes memtest86 with no sweat.
<avis> is there perhaps a very light web server that may not give as much issues ?  and all the relevant (and hopefully few) packages need it for it to be a real web server ?
<avis> if you could lend a hand in this capacity i would like to give it another shot.
<greppy> avis: define a "real" webserver :)
<greppy> lighthttpd is used by quite a few folks.
<avis> light and functions for most basic web applications should i wish to deploy them.  low on resources, not taxing on the computer, and hopefully wont cause my screen/system state to go fubar :)
<avis> i'll try that one.  can i use sqllite3 with that ?
<avis> granted, my computer, its not low powered either.  i'm not sure why it would lock up.
<greppy> not sure, do you mean to use sqlite3 or use php that uses sqlite3?
<avis> well i assume i need SQL and i assume i need PHP
<avis> so basic package names or a url referencing a how to would be of great assistance
<avis> and i prefer to keep things "light" for webserver i'd got gnome running overhead.
<greppy> I'd just be googling it.
<avis> cool.  thank you
<greppy> lighthttpd + php I think is doable, might have to load it as a cgi instead of a module, not sure though, haven't used it much.
<greppy> I normally use lighhttpd for static content.
<RoyK> avis: apache is dead stable
<RoyK> avis: if your computer locked up, I guess it's either something that ate a truckload of memory, or a hardware failure
<RoyK> the latter is most likely
<RoyK> avis: that is - apache is as stable as the web apps are. you aren't using CGI, are you?
<avis> i am not
<RoyK> good
<avis> for some reason it caused a graphics lockup or single color screen
<avis> i have 8 gb of memory
<avis> radeon 5670 using propietary drivers
<RoyK> avis: do you have mcelog running?
<avis> never heard of it
<RoyK> apt-get install ...
<avis> ok
<RoyK> mce == machine check exception
<RoyK> if a detectable hardware failure occurs, it will be logged
<avis> very good
<avis> and a quick way to install apache2 with necessary components ?  or should i goggle a how-to ?
<RoyK> setup that to use syslog and if possible, configure syslog to log to another host over IP as well, in case syslog can't write to the disks
<RoyK> avis: which components?
<RoyK> the apache2 package has most of what would be needed
<genii-around> Does mce tell you anything about ecc ram if it starts to quietly fail?
<RoyK> genii-around: yes
<genii-around> RoyK: Cool, thanks
<RoyK> avis: perhaps libapache2-mod-php5 might be needed on top of that if you plan to use PHP
<avis> i'm giving this a shot sudo apt-get install apache2 php5-mysql libapache2-mod-php5 mysql-server
<RoyK> looks reasonable
<avis> thank you RoyK
<RoyK> :)
<avis> may i ask one question.  how do i redirect apache2 to use port 8080 ?  is that frowned upon ?  it works here on dsl, thats all i can say.  not frowned by isp but to others going to sites
<avis> googling,t hanks
<genii-around> avis: In /etc/apache2/ports.conf            usually
<RoyK> avis: redirect or reconfigure?
<RoyK> redirection is usually done with HTTP headers, <head><meta redirect... or javascript
<shadow42085> I need a Control Panel to setup and magange a server
<greppy> shadow42085: what services?
<RoyK> !guide
<avis> what would be the name of a virtual host in the /etc/apache2/ports.conf ?  or is * sufficient if i plan on using a dyndns.org service, assuming, that its too much for a novice to get real domains to point at a computer using dyndns.org (dynamic ip) and still point to 8080
<ubottu> The Ubuntu server guide may be found at http://help.ubuntu.com/10.04/serverguide/C/
<avis> RoyK, i don't believe i can redirect from 80 to 8080 since 80 is block by at&t
<greppy> !ebox | shadow42085 or if you just want webhosting type stuff take a look at http://www.froxlor.org
<RoyK> avis: then you need to redirect from somewhere else
<shadow42085> Mail/MySQL/Apache and other services I may addon
<RoyK> avis: there is no chance to redirect to 8080 if 80 is blocked
<shadow42085> avis port fort ward it works
<avis> thats what i said, paraphrased, yes.
<avis> shadow42085, hmm.  i dont understand port forwarding.
<RoyK> shadow42085: when port 80 is blocked into his IP, a port forward won't help much
<shadow42085> are you running behind a NA router
<shadow42085> are you running behind a NAT router**
<RoyK> shadow42085: see above - his ISP blocks 80/tcp
<Nafallo> RoyK: well... you could make the re-direct on an external host... ;-)
<shadow42085> need to ask to unblock 80/tcp
<avis> i am behind a router yes
<avis> they wont do it.  its AT&T
<shadow42085> I have them as well
<shadow42085> and I can run my own server
<avis> redirect on external host sounds wonderful if it will allow my to use www.mydomain.com
<avis> oh wow
<avis> might you be able to pass along that contact information to me ?
<shadow42085> you need to get into your gateway settings
<avis> at&t dsl modem device ?
<shadow42085> correct
<avis> what would i change there ?
<shadow42085> look in the firewall settings
<avis> i'm using a standlone modem not a 2wire gateway
<avis> mine is simply a dsl modem not a gateway i don't think
<avis> i could conceiveably use the 2wire modem though if i can unblock port 80
<shadow42085> does it have a  modem/router/firewall setup
<avis> the one i took down does
<shadow42085> send me a snapshot of the modems internal setup
<avis> i'm now using a tp-link running dd-wrt and a small black dsl modem powering my connection
<avis> you got it
<shadow42085> which is at 192.168.1.254 normal
<shadow42085> if you need to find out if on windows machine run ipconfig /all linux not sure
<shadow42085> gateways are easier to work with
<shadow42085> the firewall is in the way turn it off on the server or port forward 80/8080 and other ports u will need
<avis> if you see my PM you'll see you may be referring to a device i'm not using
<avis> i'm dying to get off at&t
<avis> its my maltese diamond
<avis> comcast wont take me as a refugee.  i'd have to pay full installation price
<shadow42085> heres a link http://www.dslreports.com/forum/r19305061-Port-Forwarding-using-the-Speedstream-4100
<avis> oh, thanks
<shadow42085> basically using a 3rd party router or getting a gateway s you only options
<shadow42085> but 3rd party routers are only good as the name
<avis> so have pppoe set on the computer, and auth on the router, than 80 might not be blocked ?  the url was vague to me
<shadow42085> Linksys by Cisco is best
<avis> i've got a great tp-link running dd-wrt
<avis> i've also got a asus rt-n16 and a rt-n12
<avis> running dd-wrt
<avis> i'll try
<shadow42085> dd-wrt?
<fluvvell> avis, which tp-link ?
<mr> would it be easier for me to install apache, mysql, ftp, etc during the base install or do it manualy afterwards? I'm new to ubuntu
<guntbert> mr: doesn't make any difference
<guntbert> !lamp | mr
<ubottu> mr: LAMP is an acronym for Linux-Apache-MySQL-PHP. However, the term is often used for setups using alternative but different software, such as Perl or Python instead of PHP, and Postgres instead of MySQL. For help with setting up LAMP on Ubuntu, see  https://help.ubuntu.com/community/ApacheMySQLPHP - See also the Server CD installation process (different in Edgy+)
<mr> ok, my problem  is once everything is installed, I can't ftp the default apache folder for my web site
<shadow42085> sudo chmod 777 /var/www
<genii-around> mr: If you're already running a standard Ubuntu install ( which i think you are because of your earlier activity in #ubuntu ) you can just issue: sudo tasksel                 and it gives you a checklist. lamp and ssh server and so on.
<jmarsden> shadow42085: That is horrible security practice, and not the right way to do it :)
<mr> ok thanks
<shadow42085> so use 766?
<jmarsden> shadow42085: Leave it alone, add a new site directory (under there or wherever you want it) and make the new dir owned by the user who will ftp into it.
<fluvvell> anyone ever used centrify? care to comment on?
<mr> ok, will i have to change the conf file in apache2 to look there instead of it's default location?
<jmarsden> mr: Add a new site file that has the info in it, rather than changing the default, I would suggest.
<jmarsden> mr: In Ubuntu there is no one "conf file" for apache, there is a whole tree of such files.
<mr> ok, thanks everyone. I think i will need a good tutorial or a good ebook on how to configutre this stuff.
<jmarsden> mr: Try   man a2ensite     for some info on adding a site to your Apache configuration.
<mr> any suggestions for any?
<mr> where can i find good information for people that's new to ubuntu on configuring apache, etc
<jmarsden> mr: Did you read through the Server Guide? https://help.ubuntu.com/10.04/serverguide/C/
<jmarsden> It is in the /topic for this channel.
<mr> will that work for 10.10 as well
<mr> i'll check it out. thanks jmarsden
<Pici> Yes, but if you want to be sure, change the 10.04 to 10.10 in the url.
<jmarsden> mr: Most people installing Ubuntu Server still use the LTS edition, 10.04, which is why that is what the topic says.
<mr> thanks Pici.
<mr> ok
<Pici> Yep :)
<mr> thanks everyone. Going to read the server guide and try it again. I WON'T give up. Have to leave windows, tired of crashes and slow speed.
<shadow42085> I have a domain name with no-ip.com
<shadow42085> since I am behind a NAT router
<shadow42085> couldn't get a DNS server setip
<ffrt> hi all - anyone that can help with returning errors in burned boot cdroms on ubuntu server 10.04?
<jmarsden> shadow42085: Is there a question waiting to be typed? 3 statements but no question from you... seems odd...?
<jmarsden> ffrt: After you burn them can you read the image back from the CD-R and compare it with the original ISO?  Any differences?
<shadow42085> sorry about that I was trying to ask is there a way to setup a DNS server behind a NAT router
<ffrt> jmarsden: didn't try that yet, 1 sec
<jmarsden> shadow42085: if port forward TCP and UDP port 53 to your server, it should work.
<jmarsden> But DNS servers need to be at a static IP address, usually people at home using no-ip.com have dynamic IP addresses...
<shadow42085> I need to configure my NAT router to use static
<shadow42085> just for the server and use dhcp for the others
<jmarsden> shadow42085: .... no... wait, you want a DNS server just for a local private zone?  or a real Internet-facing DNS server?
<shadow42085> internet face
<jmarsden> Then your *public* IP needs to be static, so you can tell your registrar where the DNS servers for your zone are in terms of a non-changing IP address.
<jmarsden> Do not confuse LAN internal addresses and public Internet ones :)
<genii-around> shadow42085: So outside boxes can resolve something like sub.sub.no-ip.com ?
<shadow42085> my current setup is ahdowschat.no-ip.org
<shadow42085> shadowchat.no-ip.org**
<jmarsden> shadow42085: More statements instead of questions? :)
<jmarsden> shadow42085: Do you have a static public IP address, or not?
<shadow42085> not at the moment
<shadow42085> how would I do that with my NAT Router
<jmarsden> Then you cannot sensibly run an internet facing DNS server.
<jmarsden> It is not about the NAT router!  It is about the public Ip your ISp gives you.
<shadow42085> I have a public address I use
<shadow42085> my isp address
<jmarsden> And... is it static?  or not?
<shadow42085> currently dhcp
<jmarsden> Then you cannot sanely run an Internet facing DNS server behind it.
<jmarsden> Upgrade to a static address, and then try setting up a DNS server if you really want to run one.
<jmarsden> Probably easier to let no-ip.org or some other place run the DNS server on your behalf.
<jmarsden> I think no-ip.org wants $6/month to run DNS for a few domains, and your ISP will probably want more than that to give you a static IP.
<azlon> is there a way to lock down a user to only allow them to access the SFTP or SCP protocols and not give them shell access to the command line?
<azlon> i didn't phrase that very well... but you probably get what i mean
<shadow42085> ok I want to setup a mail server using either sendmail or postfix and rend/send mail using squrrialmail
<shadow42085> I have a MX record already made
<shadow42085> mail.shadowchat.no-ip.org
<jmarsden> azlon: Yes.  man authorized_keys   and look for the  command= part, you can specify what commands someone coming in over ssh can execute
<azlon> jmarsden: thanks
<jmarsden> shadow42085: Your ISP allows inbound connections to port 25, on a home dynamic DSL line? Most do not.
<ffrt> jmarsden: created new image, checksummed cd and 2 images, all are identical
<shadow42085> I can port forward it on my router
<ffrt> jmarsden: any other ideas?
<jmarsden> shadow42085: You can, but if the ISP blocks inbound traffic, that traffic will not even reach your router to be port forwarded.
<ffrt> jmarsden: fyi, when in the server install, and i run a verify cd-rom, i get errors on the MD5 checksum
<jmarsden> ffrt: It generally "just works" if the hardware (CD burner and CD-R disk) is good.
<jmarsden> ffrt: Ah... So the drive is not reading the CD properly, maybe?  How did you create that server CD?
<ffrt> on my mac
<ffrt> jmarsden: on my mac
<jmarsden> Then I have no idea if it is any good or not... try creating one using the server itself, if you have Ubuntu installed, and see if that works any better?  I can't help with testing Mac CD burning software, I just don't know about that.
<ffrt> jmarsden:  ok thx anyway
<jmarsden> You're welcome.  A correctly burned Ubuntu CD should test out fine using that verify CD menu item, that much I know.
<guntbert> he is gone :)
<airtonix> driveby questioneer
<shadow42085> could I change the mail server fom 25 to another?
<shadow42085> from**
<jmarsden> shadow42085: Yes, but then no email will ever reach it from other mail servers :)
<shadow42085> hmm
<jmarsden> shadow42085: What exactly are you doing that needs a full blown DNS and mail server at home???
<shadow42085> full chat server NOT plugged a simple link or other BS
<shadow42085> an MSN/Yahoo chat server
<jmarsden> OK... And why does a "chat server" need DNS and email servers to run on the same machine??
<shadow42085> mail server for registration
<jmarsden> shadow42085: outbound email only?  No email coming in?
<shadow42085> the DNS was an option to use a .co.cc domain instead of an no-ip.com sub-domain
<shadow42085> inbound and ooutbound
<jmarsden> Then I think you are stuck; consider getting a little virtual private server and doing this "up in the cloud" instead, maybe?  Such as at linode.com ?
<shadow42085> don;t have the funds for something like that
<jmarsden> $20/mo for the smallest one is pretty cheap.  But OK.  Can you get your home DSL upgraded to have a static IP and no port blocking for incoming traffic?
<shadow42085> possible but if 25 is not blocked then no roblems right
<shadow42085> problems**
<jmarsden> Right.
<jmarsden> Do you have something listening on port 25 right now?
<jmarsden> I can test for you...
<shadow42085> well I need to get postfix or send mail setup I was getting confused on setting it uo
<jmarsden> OK, maybe later.  I need to go out for a while.
<qman__> if it's just for registration, you can get around residential ISPs blocking mail by configuring postfix to use a gmail account
<qman__> but all mail will be 'from' that gmail account
<tohuw> Can someone point me to an example of a zone file for a local server? I just have this DNS server using a private IP on an internal private subnet, and want to make an entry so hostname-of-machine resolves to the machine, like it would if I made an entry in /etc/hosts client-side. I am used to making zone files for public websites, so I'm uncertain about how to handle the FQDN of the machine, the SOA, etc.
#ubuntu-server 2012-01-30
<gmr-> Hey there, having a hard time trying to clean up an old ldap install on a box and perform a new, clean one. I've done the apt-get remove slapd (and related things) did an rm -rf /etc/ldap & /var/lib/ldap.  Now when I install slapd none of the schema files get created in /etc/ldap/schema.
<gmr-> Any suggestions?
<pmatulis> gmr-: may require 'purge' with apt
<gmr-> pmatulis: thanks, will try
<itguru> I'm getting an unable to write to temporary file error 13 on a linux box, and I googled around, and it suppose to be permssions issue, but other mysql databases on the same instance are running fine - this seems like a red herring error, any ideas?
<itguru> http://pastebin.com/ZjgBFxwX - Usually, when I've faced this error in the past it's been permissions, but other databases are running okay, and it's got me confused. This is being thown up by a php based website
<ilovemesomeubunt> If I set up 2 factor Auth on SSHd should I also still set up something like fail2ban?
<qman__> brute force attempts will happen regardless of the authentication you use
<qman__> so, setting up some method of limiting it (fail2ban or -m recent) is a good idea
<qman__> if nothing else, to stop log cluttert
<ilovemesomeubunt> qman__, Oh, ok.  Figured it might.  I will setup fial2band
<qman__> in my case, my shell server was disk thrashing from all the hits and it was annoying, so I set up iptables -m recent
<_godhelpme> from a shell how do i see what user accounts are on my system
<twb> getent passwd
<_godhelpme>  thanks
<pehden> Whats up
<pehden> is there ever going to be a time where ubuntu would have repos for ispconfig?
<qman__> that's more a question for the ispconfig people
<qman__> whether or not they're going to package and maintain it, and submit it
<twb> Packaging is not normally done by upstream (because upstream is usually incompetent)
<twb> However, it's apparently a "hosting control panel", so the same caveats as webmin probably apply
<pehden> i would have considered it something like webmin
<pehden> or packed like phpmyadmin really
<twb> We encourage sysadmins to learn how to manage the system properly, via the CLI
<pehden> i know that but it would have been of interest
<pehden>  know webmin was left behind and no longer supported
<twb> ispconfig is not currently packaged for ubuntu or debian.  You could file a Request for Package (RFP) to Debian's bug tracker, where it will probably be ignored for years because no one likes it.
<pehden> but ispconfig has been very well maintained.
<twb> pehden: that is your opinion.
<pehden> its a php based install system
<twb> IMO PHP is an automatic fail.
<twb> http://wiki.debian.org/HostingControlPanels is a summary of FOSS WHCPs.
<pehden> the top ones on there are non-freware
<pehden> *freeware
<qman__> it's alphabetical
<twb> qman__: I think he's referring to the opening paragraph which mentions cpanel and plesk
<qman__> ah
<qman__> I use plesk at work, it's meh
<twb> pehden: as I said, I do not endose any WHCP -- I discourage their use.
<qman__> a bunch of random software precariously stitched together
<twb> <stupid customer> I started babysitting today, is running cpanel
<twb> And they refuse to give out ssh access, but they want kerberized SSO in their apache, which is not using TLS *at all*
<qman__> of course we do run it on a windows VPS, so maybe it's better on linux, but I honestly don't think it would be
<twb> Stupid bloody monkeys
<herald> I've got a question about Iptables and routing, could someone give me a hand?
<twb> Don't ask to ask unless you're prepared to ask to ask to ask.
<herald> I am so prepared
<herald> OK so I'm using comcast and they don't allow you to bridge their cable modem.  Essentially, I have to use one of the IPs in my static IP block to give to my router, and then the public DMZ has the rest of the IPs.  My question is, how to I handle routing and set gateways for that?  I'd have like 4 different gateways or something
<herald> The cable modem and the public DMZ are the same logical network, but are split between two different NICs
<herald> Do I set up a static route for the single IP on the one NIC and let the routing tables take care of the rest?
<twb> herald: replace the cable modem with one you control
<Daviey> jamespage: around?
<jamespage> Daviey, yep
<Daviey> jamespage: Great :)
<Daviey> jamespage: One adam_g has polished being able to run preicse and oneiric on the ci lab, fast... Are you ready to be able to suck in stable/diablo on oneiric proposed branches?
<Daviey> That should read "Once adam_g"
 * Daviey wonders if jamespage is still there?
<jamespage> Daviey: yes - sorry - just helping someone with something else
<jamespage> give me 5 mins
<Daviey> jamespage: ok, sure
<koolhead11> hi all
<jamespage> Daviey: I've not tested it for a while but it should not be to much effort.
<Daviey> jamespage: yeah, there seems to be a jenkins plugin for gerrit proposed changes.
 * jamespage re-reads
<Daviey> jamespage: was it you that setup the reprepro part?
<jamespage> can you clarify "suck in stable/diablo on oneiric proposed branches"?
<jamespage> Daviey: I did setup reprepro
<Daviey> jamespage: sorry, someone proposes an 'upstream SRU' if you like, i'd like to pre-validate it before review via jenkins
<Daviey> so, a pre-commit test
<Daviey> or pre-merge test
<jamespage> merge in bzr or git upstream?
<Daviey> jamespage: git upstream
<jamespage> Daviey: well in that case I change "I've not tested it for a while but it should not be to much effort."
<Daviey> heh, thanks
<jamespage> to "I need to catchup with mtaylor as they do some of this alread"
<jamespage> to "I need to catchup with mtaylor as they do some of this already"
<jamespage> I expect that will need some infrastructure changes as well
<jamespage> as I suspect we ONLY have access to github.com
<Daviey> jamespage: no, we have ssh
<Daviey> jamespage: we'll talk iab about it
<jamespage> Daviey: OK
<Daviey> jamespage: sorry, i was supposed to have a call starting now, but cannot find the other person..
<Daviey> so, $ ssh davewalker@review.openstack.org -p29418  gerrit query --format=JSON status:open status:open project:openstack/nova branch:stable/diablo
<Daviey> {"type":"stats","rowCount":0,"runTimeMilliseconds":6}
<Daviey> It seems to be handled already with, https://wiki.jenkins-ci.org/display/JENKINS/Gerrit+Plugin
<Womkes> I use Jenkins + Gerrit
<Womkes> works well
<jamespage> Daviey: OK so you want to pickup proposed merges from gerrit; pull them into the lab with the current packaging for stable?
<jamespage> build; deploy and test?
<lynxman> morning o/
<jamespage> morning lynxman
<Mez> Ok, I'm in a bit of a pickle here.  Ubuntu Lucid.  It supports sslv2.  However, I need to disable this for PCI.  However, doing so means that external servers that are attempting to use an ssl23 socket to open a connection to us fail...
<greppy> How many external servers are you talking about?
<greppy> Mez: are they using sslv2 because that's all they can use, or because it is available.
<Daviey> jamespage: yep
<Mez> greppy - I'm not sure.  I basically changed the code to use SSlv3 instead of sslv23 ..
<Mez> this caused wget to fail aswell.
<Daviey> Mez: this is on pound?
<greppy> Mez: what if you specify for wget to use v3?
<Mez> Daviey: yes.
<Daviey> Mez: do you have the patch you used handy?
<Mez> greppy: I don't know (didn't know I could do that).
<Mez> Daviey ... er... yes.
<greppy> http://blog.zenone.org/2009/03/pci-compliance-disable-sslv2-and-weak.html
<greppy> that may help
<Mez> greppy: not really.
<Daviey> greppy: he's using a whizzy load balancer, not apache
<Mez> I tried connecting via openssl s_client and that wouldnt connect unless I specified -ssl3
<Daviey> I hear the debian maintainer for pound is a real ass BTW :)
<Mez> however, the problem is that Paypal IPN notifications were failing.
<Daviey> Mez: whee is the patch?
<Mez> wheee!
<greppy> Daviey: yeah, but it has commands for testing what is going on.
<Mez> just finding it.
<Mez> (as it's hiding in LP)
<Mez> https://launchpad.net/~mez/+archive/mez-mf/+files/pound_2.5-1.1~lucid2.debian.tar.gz
<Daviey> greppy: right, i think i threw them to mez last week.
<Mez> Daviey: yeah.
<greppy> ah
<Mez> Daviey: see debian/patches/disable_sslv2_server.patch
<Mez> or I can pastebin it if need be.
<greppy> I do good to remember what I read in here from day to day, much less a week ago :)  I mean, hopefully, I have slept since then, which means /tmp got cleared :)
<Mez> It was somewhere else.
<uvirtbot> New bug: #923676 in dovecot (main) "/usr/lib/dovecot/deliver: invalid option -- 'n'" [Undecided,Triaged] https://launchpad.net/bugs/923676
<Daviey> Mez: crikey, https://launchpadlibrarian.net/91198061/pound_2.5-1~lucid1_2.5-1.1~lucid1.diff.gz ?
<Daviey> greppy: yes, sorry - it was even on a different irc network :)
<greppy> ha!
<Mez> Daviey:  ?? ?
<Mez> that's also a patch from debian.
<Daviey> ah
 * Mez sighs
<Daviey> Mez: found it?
<Mez> nope.
<Mez> (found what?)
<Daviey> Mez: right, what is happening?
<Daviey> what is openssl reporting, with the patch applied?
<Mez> handshake failed.
<Mez> (I don't have a specific test environment for that at the moment, as I had to roll back the change)
<Daviey> Mez: I haven't grokked the code, but what does http://pb.daviey.com/napC/ do ?
<Mez> That was never actually applied.
<Daviey> ug?
<Daviey> uh?
<Mez> ~lucid1 - I forgot to add it to series XD
<Mez> but that code *would* if it had been applied, change from using anb SSLv23 (version 2 and 3) socket to just use a v3 socket
<Daviey> Mez: neat, but there are two other references to SSLv23 config.c .. which the pastebin i just pushed includes
<Mez> Daviey: ok.  the 2 _client_method() are for outgoing connections (when it connects to the backend) Not for incoming.
<therve> Mez, iirc, v23 also supports TLSv1, but v3 only support SSL3
<therve> Mez, you should use SSL options instead to disable SSLv2
<Mez> therve: yeah, am starting to think that myself.
<therve> and http://www.openssl.org/docs/ssl/SSL_CTX_new.html agrees
<therve> SSL_CTX_set_options(res->ctx, SSL_OP_NO_SSLv2) should do the trick
 * Mez puts new version of pound to ftp-master
<Daviey> Mez: erm, why not test it first? :)
<smb> Daviey, stgraber fyi, I thought I file bug 923685 to document this. Maybe more of an observation but probably this is not so uncommon as a setup.
<uvirtbot> Launchpad bug 923685 in resolvconf "New resolver package overwrites manually created resolv.conf on server" [Undecided,New] https://launchpad.net/bugs/923685
<Mez> Daviey: simultaneous development.
<Mez> The new version of pound is without the SSL changes.
<Mez> the ssl changes are for a local copy.
<Daviey> Mez: You've just uploaded something, to Debian?
<Mez> yes.
<Daviey> Mez: Was this something, pound?
<Mez> while we've been talking, I've been doing a build of a point update for debian.
<Mez> yes.
<Daviey> smb: Stop finding problems, find solutions :P
<Daviey> oh
<smb> Daviey, Hey I need to find the problems first. :)
<Mez> Daviey: why'd you ask?
<Daviey> smb: You are looking at this wrong, lets find the solutions - then the problems. :)
<Daviey> Mez: Just wondered.
<Mez> Daviey: there's a new point release of pound, thought I'd update unstable while I'm there fiddling wtih pound anyways (and yes, I tested it!)
<Daviey> smb: confirming you are using static ip, not dhcp?
<Daviey> smb: and the nameservers where just /dropped/ not replaced?
<smb> Daviey, I do use a static IP, yes
<Daviey> Mez: heh
<smb> Daviey, And not, resolv.conf was _empty_
<Mez> Now the question is...
<Daviey> smb: That is less than ideal
<Mez> Do I make this change regarding sslv2 into a config option ... or do I just keep it in our local copy ?
<Daviey> Mez: speak with upstream?
<smb> Daviey, Could be a tat annoying. Though ssh connections probably still work. Just nothing looking for a dns name from withing the server.
<smb> *tad
<Mez> Daviey: upstream are very... weird...
<Mez> Sometimes they'll be happy to do anything and everything to help
<Mez> sometimes they just ... go silent... and you never get a response.
<Daviey> smb: Hmm, ssh fails if it couldn't resolve itself... but i guess it can through /etc/hosts
<smb> Right, there is the hostname defined mapped to loopback
<Daviey> Mez: .. and you choose to use this software? :)
<Mez> Daviey: I sorta got forced into it.
<Mez> $random_manager stuck a pin in the internet and chose to use pound.
<Mez> Therefore I became debian maintainer.
<Daviey> ahh
<Mez> (had to fix a couple of bugs we needed fixing, so I MIA'd the old maintainer, and hijacked.
<Mez> Oh, by the way... I noticed a bit of a problem the other day regarding the TCP stack in Linux with use of reverse proxies.
<Mez> What's the HZ of the kernel set to for Ubuntu server?
<andol> Mez: Well, not sure if there are different values for different version, but "grep CONFIG_HZ /boot/config-*" should tell you.
<sattu94> Hi, does the 64-bit server cd load a 32bit kernel or a 64 bit one to carry out the installation?
<henkjan_> sattu94: 64bit
<sattu94> Okay, thank you.
<uvirtbot> New bug: #923699 in php5 (main) "Compiling PHP 5 fails due to missing suhosin_patch.c" [Undecided,New] https://launchpad.net/bugs/923699
<Mez> Daviey: thoughts?
<Mez> http://pb.daviey.com/v8So/
<Mez> ffs, somehow some of it's got caught in the anti_beast patch
<Mez> http://pb.daviey.com/MRJt/
<Daviey> Mez: if it compiles, ship it/.
<Mez> lol.
<Mez> Daviey: unfortunately, it doesn't compile for Lucid (due to another patch)
<Mez> quilt pop -a
<Mez> So I'm just poking that into the old pound manually
<Daviey> oh
<Vivek> Hi
<Vivek> I am getting Dropbox LAN sync Discovery  Protocol messages in my tcpdump output.
<Vivek> Is there Dropbox inbuilt into Orchestra/
<Vivek> ?
<Vivek> Also In the directory /var/log/orchestra/ryslog I am getting dhcp requests from my eth0 when during orchestra configuration, I had configured it to only serve dhcp I.P Addresses via eth1
<Daviey> therve: Hey, can i ask what testing you have done against your proposed fix for bug 913464?
<uvirtbot> Launchpad bug 913464 in rabbitmq-server "rabbit creates new PAM session" [Medium,New] https://launchpad.net/bugs/913464
<therve> Daviey, I used the changed init on my oneiric and precise machines
<Mez> btw, thanks for the info earlier therve
<therve> Mez, you're welcome
<therve> Daviey, rabbit is not reported in the list of connected users anymore, and my machines shutdown properly
<Daviey> therve: nice, but do we lose the ability to log? shutdown_log ?
<therve> Daviey, yeah I don't know about those
<Daviey> therve: /me ponders.
<therve> Daviey, shutdown_log seems to be filled as usual
<therve> after some local testing
<Daviey> therve: cool
<roaksoax> Daviey: some peer review please>? https://launchpad.net/~andreserl/+archive/ppa
<Daviey> roaksoax: looking
<Daviey> therve: uploaded
<therve> sweet! thanks
<Daviey> therve: no, thanks to you!
<Daviey> bigjools: Are you in a psotion to test oops-*, txaws packages?
<Daviey> position*
<stgraber> smb: thanks for the bug report. So that was a regular d-i install and you didn't get the dns- fields in /etc/network/interfaces? that'd be the actual bug as netcfg is supposed to add them and we confirmed last week that it did
<smb> stgraber, Well some d-i install for oneiric and then the install does succeed in dhcp usage. which I change later
<smb> Then upgraded
<smb> (so completely "normal" usecase :-P)
<smoser> hallyn, 2 things
<smoser> a.) -root.tar.gz now available at https://cloud-images.ubuntu.com/server/precise/current/
<Daviey> roaksoax: We normally try to put the debian/* under the same licence as upstream right?
<Daviey> here we have LGPL-3 and GPL-2+
<stgraber> smb: ah right, so that was a dhcp install that you then turned into static when we didn't have resolvconf
<smoser> b.) i use lxc-is-container at http://bazaar.launchpad.net/~cloud-init-dev/cloud-init/trunk/view/head:/cloudinit/util.py (islxc method)
<Daviey> roaksoax: Also, isn't * under Canonical Ltd copyright?
<hallyn> smoser: ok, so if i rename that, how hard is that for you to handle?
<smb> stgraber, Right. As I updated the report, I am not sure I ignored some warning in the file. But it used to work that way.
<stgraber> smb: not exactly sure what we can do in that case. We might be able to show a debconf prompt if we detect that case and ask the user to configured /etc/network/interfaces with the DNS based on /etc/resolvconf/resolv.conf.d/original
<stgraber> smb: not converting to a symlink based on /etc/network/interfaces and /etc/resolv.conf content is a bit tricky as we also have to deal with Network Manager and some other ways of configuring networking (like thin clients/netboot system doing dhcp from the initrd)
<stgraber> smb: I'll update the bug with these thoughts
<hallyn> smoser: great, i'll hopefully work on the ubucloud template today  (though nuking lxcguest takes precedence)
<smb> stgraber, Hm yeah. Yes, best have things in there.
<smoser> hallyn, i can easily re-name, why, i wonder?
<hallyn> smoser: anyway, https://code.launchpad.net/~serge-hallyn/ubuntu/precise/upstart/upstart-containers is where i was renaming lxc-is-container
<hallyn> bc "running-in-container" sounded nicer than "lxc-is-container"
<hallyn> esp if it ships in upstart
<Daviey> roaksoax: I thought we were supposed to be using Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ , in debian/copyright now ?
<uvirtbot> New bug: #923744 in samba (main) "smbclient messaging not responding to control-D" [Undecided,New] https://launchpad.net/bugs/923744
<hallyn> stgraber: so for lxccontainer.conf in upstart, you were suggesting making it "start on container and stopped rc RUNLEVEL=[2345]" ?
<stgraber> hallyn: yep
<hallyn> ok, refreshing my tree and will test a bit
<stgraber> hallyn: so we don't end up copy/pasting the pre-start bit that checks the environment
<stgraber> hallyn: did you have a chance to talk about these changes with jodh?
<hallyn> right.  thanks.
<hallyn> no, i mentioned them at the rally,
<roaksoax> Daviey: looking
<hallyn> but he hasn't really taken a look yet that i know of
<hallyn> i'll ping him once i've tested extensively (esp on non-container0
<roaksoax> Daviey: webside does not exist
<stgraber> hallyn: ok. I'm guessing getting the console job and container job in the package should be fine, I'm mostly interested in his opinion about the is-container command (mostly whether we should have it in debian/, as part of the upstream code (which you did last I checked the branch) or in some other package)
<Daviey> roaksoax: right, and currently the one in there doesn't... http://pb.daviey.com/Vb72/
<Daviey> roaksoax: http://lists.debian.org/debian-mentors/2012/01/msg00191.html
<roaksoax> Daviey: E: python-oops-datedir-repo: copyright-contains-dh_make-todo-boilerplate
<roaksoax> Daviey: that one is because I didn't uplad the last version fixing that
<roaksoax> :P
<Daviey> roaksoax: it does
<hallyn> stgraber: yeah, if it all works i'll send him a merge request, so he can comment there for posterity and i'll update to whatever he prefers :)
<Daviey> roaksoax: dave@voodoo:/tmp/review/oops-datedir-repo-0.0.15$ tail -n2 debian/copyright
<Daviey> # Please also look if there are files or directories which have a
<Daviey> # different copyright/license attached and list them here.
<Daviey> ahh
<hallyn> (i like the public record showing what a dumbass i am :)
<hallyn> (that's why i'm on lkml)
<roaksoax> Daviey: yeah didn't strip that part in the PPA but its stripped on the actual package to upload to the archives
<Daviey> hallyn: lol
<roaksoax> lynxman: you mean using something likie githubredir?
<roaksoax> lynxman: http://githubredir.debian.net/
<lynxman> roaksoax: yeah, but it's a repo not in github :)
<lynxman> roaksoax: that's why
<roaksoax> lynxman: ah well if you can't get it then nevermind... is not that we *have* to have it, but it's rather desirable
<lynxman> roaksoax: just wanted to make sure I didn't miss anything :)
<roaksoax> lynxman: ;)
<tgardner> so, my precise orchestra server is borken this morning after weekend updates. none of the clients can parse the mirror bits correctly. anyone seen something like this yet ?
<hallyn> stgraber: mountall has the support we need for containers, right?
<roaksoax> tgardner: could you please pastebinit?
<tgardner> roaksoax, this is a real bare metal machine, so I don't think I'll be able to get a log. lemme mess with it.
<tgardner> roaksoax, this was in the server log: http://pastebin.com/CiT6naSK
<stgraber> hallyn: yes
<tgardner> roaksoax, I've gotta bolt. appt cross town in 30 minutes.
<tgardner> roaksoax, p.s. - I've verified that the mirror is behaving correctly.
<roaksoax> tgardner: so make sure squid is running correctly on the orchestra server
<tgardner> roaksoax, how does one do that? This orchestra server was updated and rebooted just this morning.
<roaksoax> tgardner: your orchestra server is in oneiric or in precise?
<tgardner> roaksoax, precise
<tgardner> dogfooding, you know
<roaksoax> tgardner: to my knowledge there haswn
<roaksoax> t been any updates to orchestra itseellf
<roaksoax> tgardner: but maybe something got broken in the squid cache due to being using precise as the problems we were experiencing with it
<tgardner> roaksoax, ok, I'll deal with it when I get back from my appt.
<roaksoax> tgardner: just check if squid is running in the orchestra server and if not, start it manually
<smb> roaksoax, actually I see similar things after upgrading the mini-isos on a oneiric cobbler and after removing the orchestra proxy line
<roaksoax> smb: do you have any accesible machine I can get my hands on?
<roaksoax> ls
<smb> roaksoax, Err accessible for me but that is not open to public as its in my home office. :)
<smb> roaksoax, Just from the the history of things, installations used to work but had a message coming up telling be modules could not be loaded because kernel and module versions were out of sync. Then smoser pointed me at the tip for cobbler-ubuntu-import and after fixing the problem of having an import of ubuntu-alternates (possibly pointlessly because a different seedfile would have helped) the latest version worked. And since then installatio
<smb> ns of precise fail
<smb> Even when disabling the proxy line in the snippet
<smoser> hm...
<smoser> why do installations fail now?
<smb> My guess was that something in the mini-iso is wrong. Basically as for tgardner-afk it told me archive.ubuntu.com does not support precise
<zul> any objections for me to merge the new squid3 from debian?
<mtaylor> jamespage: what's up?
<jamespage> hey mtaylor
<jamespage> so....
<jamespage> mtaylor: now that we have regular testing of OpenStack trunk on Ubuntu precise on hardware....
<mtaylor> (these are things that make me happy)
<jamespage> Daviey wants us to start looking at testing proposed merges for stable/diablo from gerrit on the same infrastructure
<mtaylor> jamespage: SO... there's two different ways we can go about this
<mtaylor> jamespage: one is that we could move your jenkins jobs to the openstack jenkins (giving you access to edit them of course) and trigger them when we trigger everything else
<mtaylor> jamespage: the other is that you could work how smokestack is working right now - in that anyone is free to read the gerrit event stream, do things and to vote on code reviews
<mtaylor> jamespage: so you could just install the gerrit trigger plugin (you'll want our version for now until our changes get upstreamed)
<mtaylor> on your jenkins, and configure your jobs to trigger on gerrit events from the openstack gerrit
<Daviey> jamespage: isn't that what i said? :)
<mtaylor> jamespage: https://github.com/jeblair/gerrit-trigger-plugin/tree/trigger-on-comment-added
<jamespage> Daviey: maybe :-)
<mtaylor> jamespage: if you go the gerrit trigger plugin route, you want to grab that branch of that repo and use it
<jamespage> mtaylor: so that adds feature to trigger on certain comments being added to gerrit
<Daviey> mtaylor: Does that plugin support - NOT commenting on the upstream gerrit, just sending a mail for now..
<mtaylor> jamespage: yeah- those changes are going to be upstreamed, we've just been working on getting approval to submit them
<jamespage> mtaylor, ack
<Daviey> mtaylor: don't want to add whitenoise until it's stable
<mtaylor> Daviey: yes
<mtaylor> Daviey: there's a flag in the job config to run in "silent mode"
<jamespage> mtaylor, so are you triggering smokestack for proposals against stable as well?
<Daviey> mtaylor: nice.
<mtaylor> jamespage: I actually don't do anything with smokestack - smokestack simply reads the ssh events stream from gerrit and runs jobs when it sees patchset uploaded events
<Daviey> jamespage: does the openstack lp bot user have an ssh key on lp?
<Daviey> which seems to be what the gettit plugin wraps
<jamespage> Daviey: yes its does
<mtaylor> yup
<Daviey> jamespage: $ ssh davewalker@review.openstack.org -p29418  gerrit query --format=JSON status:open status:open project:openstack/openstack-manuals branch:stable/diablo
<Daviey> {"project":"openstack/openstack-manuals","branch":"stable/diablo","topic":"bug/904792","id":"Ied4d4507dff95ec076e4d358b3751b70cf7713dc","number":"3139","subject":"Fix bug #904792","owner":{"name":"Razique Mahroua","email":"razique.mahroua@gmail.com","username":"razique"},"url":"https://review.openstack.org/3139","lastUpdated":1327759482,"sortKey":"001ab00c00000c43","open":true,"status":"NEW"}
<uvirtbot> Launchpad bug 904792 in openstack-manuals "Cleanup on nova-manage commands" [Medium,In progress] https://launchpad.net/bugs/904792
<Daviey> {"type":"stats","rowCount":1,"runTimeMilliseconds":9}
<Daviey> oops
<jamespage> Daviey: nice
<mtaylor> https://review.openstack.org/Documentation/cmd-stream-events.html
<mtaylor> is actually the interface that gerrit-trigger-plugin and smokestack consume
 * Daviey winders why review.openstack.org http(s) always sucks for me
<mtaylor> hrm - does it?
<mtaylor> I'd love to know more about that
<zul> jamespage: the only problem with smokestack is we can get it to use the packaging
<zul> rather than pip
<Daviey> mtaylor: constantly times out for me, i often have to refresh
<mtaylor> Daviey: weird! that's no good
<Daviey> Browser reported, Error 15 (net::ERR_SOCKET_NOT_CONNECTED): Unknown error.
<Daviey> mtaylor: I assume we can request permisson to mark 'Verified' field in the future?
<mtaylor> Daviey: we'll have to figure out what that looks like - certainly voting is an easy thing
<mtaylor> Daviey: the implications of having a second jenkins involved directly in gating rather than consolidating gating-level jobs into the openstack jenkins is something I think we'll have to discuss more
<Daviey> mtaylor: it's just words i suppose, but i see the Verify field as 'Does not break', 'voting' as the branch has been looked at and 'Approved' as the final push"
<Daviey> mtaylor: Is Verified used as gating currently?
<mtaylor> Daviey: yes. kind of
<mtaylor> Daviey: the gating jobs are the ones that respond back with Verified, and then they also send the submit signal to tell gerrit to do the merge
<Daviey> ahhhh
<Daviey> i see
<Daviey> in which case +-1 does make more sense.
<mtaylor> Daviey: I'm not sure what having a second system vote Verified or not Verified would do from a UI perspective (in terms of it being clear what state something should be in)
<Daviey> thanks
<mtaylor> sure thing!
<mtaylor> it's certainly an interested question to think about though - I hadn't really thought about having a potential second jenkins involved before now
<mtaylor> since we'd mainly been thinking in terms of vendor-supplied testing infrastructure being done via the openstack jenkins
<mtaylor> so it's something I'm enjoying thinking about  :)
<Daviey> mtaylor: I'm not comfortable at gating on our development focus, but for stable/ on a stable Ubuntu release - is a concept i'd like to explore.
<Daviey> But first, we need to just comment i think - to see how we are doing, Infra stability wise.
<mtaylor> Daviey: ++
<jamespage> Daviey: sounds sensible to me
<lynxman> hallyn: ping
<hallyn> lynxman: .
<lynxman> hallyn: hey, I'm building a new ipxe package, but there's a small issue with the roms that we separate for qemu, we're now building "most" roms instead of all so some of the ones you chose don't build
<lynxman> hallyn: before I go into a crusade to manually build them in an override, wanted to know which ones did you really need :)
<lynxman> hallyn: missing ones ne2k_isa.rom and virtio-net.rom
<hallyn> lynxman: certainly virtio-net is needed
<lynxman> hallyn: kinda imagined so *darn*
<lynxman> hallyn: alright then :)
<hallyn> lynxman: is it broken upstream?
<lynxman> hallyn: doing allbaseroms was neither desired nor recommended by upstream
<lynxman> hallyn: I'll find a way, no worries
<hallyn> lynxman: great, thanks
<uvirtbot> New bug: #923817 in nova (main) "nova-network fails due to absence of policy.json" [Undecided,New] https://launchpad.net/bugs/923817
<endzYme> Hi all, is there a specific channel for orchestra/juju?
<SpamapS> endzYme: #juju
<JanC> anybody here ever heard about CUBRID: http://www.cubrid.org/ ?
<onre> nope
<onre> apparently it's quite popular in south korea
<onre> interesting!
<JanC> seems like they have Ubuntu PPAs & such
<JanC> and a GUI DBMS manager
<endzYme> SpamapS: Thanks!
<onre> JanC, yes, and apparently it's not yet another mysql fork
<Daviey> zul: + changelog_detail='No change rebuild.'
<Daviey> + mv dist/horizon-2012.1.tar.gz ../tarball/horizon_2012.1+git201201301257.orig.tar.gz
<Daviey> mv: cannot stat `dist/horizon-2012.1.tar.gz': No such file or directory
<Daviey> Sending e-mails to: james.page@ubuntu.com
<zul> Daviey: errrgh
<smoser> adam_g, ping
<JanC> onre: http://www.cubrid.org/cubrid_click_counter --> quite interesting feature (although I prefer the alternative "WITH INCREMENT FOR" syntax)
<adam_g> smoser: pong
<smoser> https://code.launchpad.net/~smoser/+junk/juju-deployer-concurrent/
<smoser> adam_g, ^ for merge to juju-deployer
<adam_g> smoser: oh, nice.
<onre> JanC, indeed. also, looking at "architecture" section of docs, looks like cubrid actually HAS an architecture. someone DESIGNED it. :)
<onre> JanC, thank you once again, this is probably the most interesting software news in a year or so :p
<JanC> the funny thing is that I rather accidentally ended up on that project
<JanC> wow: http://www.cubrid.org/concat_different_row_columns
<smoser> adam_g, i was poking at 'jstack' again, and thought i'd get over to your code as much as possible, just to reduce my own invention and or bugs
<adam_g> smoser: cool, thanks. id like to rewrite that deployer at some point.. actually, i want to add more concurrency when deploying services.. which is what i thought you were proposing, by that name :)
<ilovemesomeubunt> I'm setting up a game server and wanted to know if I should add the user that is gonna run the game to admin group or use a seperate user for that?
<ilovemesomeubunt> Should I add the account to the admin group or visudo them?
<smoser> adam_g, more concurrency?
<JanC> onre: apparently the company behind this DBMS operates the most popular search engine, most popular internet portal & most popular gaming portal in South Korea -- I guess they know how to stress test a database  ;)
<adam_g> smoser: using threads during the 'juju deploy' stage. juju commands against ec2 take a loong time
<onre> JanC, yes, i already installed it... now testing whether my hobby project agrees to run on top of it
<smoser> adam_g, ah.
<onre> JanC, because this pretty much addresses the problem i'm having, especially if join performance with indexes is better than mysql 5.5
<JanC> onre: I don't really have performance issues right now, but still good to know alternatives exist
<ilovemesomeubunt> Anyone good with security questions?
<onre> JanC, indeed. it's been "mysql or postgres" for so long :p
<JanC> onre: there are several other DBMS actually  ;)
<JanC> even open source
<smoser> adam_g, yeah, this gets me to being able to use your code without just destroying the local provider
<smoser> (or at least doing so more definitively)
<onre> JanC, indeed, but i haven't really seen many that would have made it even so far that i actually bothered to install and see whether they work. also i have some sort of problem with mysql forks
<adam_g> smoser: so have you gotten any further than all services reaching started?
<onre> JanC, whereas looking at cubrid, the way they've handled things like HA and backups looks very appealing if it manages to do even half of the stuff it promises. :p
<JanC> ilovemesomeubunt: you can create a special group and change sudoers to let users in that group run only the exact commands to start the game servers
<JanC> onre: I'm not sure drizzle is really a MySQL fork, and there is also FirebirdSQL
<JanC> and there are some SQL servers written in Java, Python, etc.  ;)
<onre> JanC, drizzle was forked in 2008
<SpamapS> Drizzle is *absolutely* a mysql fork
<SpamapS> <-- drizzle dev
<ilovemesomeubunt> JanC, so it is a bad idea to add that user to admin group?
<JanC> SpamapS: but it doesn't look like mysql right now?  ;)
<SpamapS> It speaks the mysql protocol
<SpamapS> and uses InnoDB as its core storage engine
<SpamapS> its SQL dialect is 99.9% compatible.. except where MySQL's SQL was broken headed
<JanC> and it's split up into something more modular?
<SpamapS> JanC: the ones that aren't forks, that people call forks, are percona and mariadb. Those are derivative branches.. they share code back and forth... so the're not really forks.
<SpamapS> JanC: the only real reason to use drizzle is its very powerful plugin system.. feels more like Apache that way
<JanC> well, they are much more close forks indeed
<ilovemesomeubunt> JanC, should that user be able to SSH in?
<SpamapS> JanC: with Oracle not maintaining the community version as closely, they're probably going to become true forks soon.
<ilovemesomeubunt> or run sudo?
<SpamapS> My only problem with CUBRID is it sounds like its more efficient than MYSQL.. but since it works differently, you won't be able to tap the massive amount of wisdom and knowledge available around running large mysql installations.
<JanC> SpamapS: this CUBRID DBMS promises to have a MySQL compatibility interface too, might be interesting  âº
<JanC> true
<JanC> SpamapS: unless you know Korean  ;)
<JanC> seems like it is very popular there
<onre> SpamapS, and additionally, no irc channel :(
<JanC> onre: yeah, guess that isn't so popular over there or something
<onre> most likely.
<onre> i think i'll try it out anyway. looks like it has quite comprehensive documentation.
<JanC> seems like their migration toolkit has lots of tools to move from MySQL
<freifahrt> hi, i'm trying to set up a virtual machine on 11.10 and it seems to have problems to find cacert.pem. any suggestions?#
<JanC> I also wonder how they compare to Postgres (which they don't really mention)
<stgraber> hallyn: wow, I think I just spent 5 minutes looking at containers shutting down and rebooting properly (the utmp stuff was broken for me somehow) ;)
<hallyn> stgraber: meaning 5 mins of debugging, or 5 mins of it working?
<hallyn> (i dont' seem to have the new kernel yet)
<stgraber> hallyn: just 5 minutes of enjoying it working ;)
<stgraber> hallyn: the -meta was uploaded over the weekend, so if you do your updates + reboot you should have it now
<hallyn> yay
<koolhead17> hi all
<alket> Hi, i just installed Ubuntu Server 11.10 but when I rebooted after install it doesnt start, just a black screen ? I reinstalled twice
<kirkland> alket: try hitting ctrl-alt-f2
<kirkland> alket: when you're at that black screen
<alket> wow, thank you kirkland
<alket> what was wrong though, technicaly ?
<hallyn> kirkland: say, why is my lucid server always wanting to update for byobu?  i haven't been checking the changelogs - security fixes, or features?
<kirkland> alket: hmm, not sure;  something wrong with your tty or switching
<alket> ok, thank you
<kirkland> hallyn: you're probably following the ppa:byobu/ppa
<kirkland> hallyn: which is trunk, and it's a combination of bug fixes and features
<hallyn> yeah i think that was the only way to get byobu-tmux.  i guess i need a byobu-stable/ppa  :-)
<kirkland> hallyn: you're essentially tracking head, which is nice of you :-)
<hallyn> i forgot i was doing that actually :)
<kirkland> hallyn: there haven't been any major or security fixes in a long time
<kirkland> hallyn: is it more or less stable for you?
<hallyn> oh yeah
<kirkland> hallyn: if so, keep following trunk and keep getting the goodnesses :-)
<hallyn> i have long-running byobu-tmux session for irc
<kirkland> hallyn: and tell me as soon as I do something wrong
<hallyn> will do :)
<hallyn> hey, you should wait for the light before crossing the street
<hallyn> (big brother, just trying to help)
<smoser> adam_g, ping
<smoser> http://paste.ubuntu.com/822936/ <--- thats a keystone charm fail
<SpamapS> smoser: http://i22.photobucket.com/albums/b317/bwftex/keystone-cops-prop-hupmobile.jpg <-- thats a keystone cops fail
<smoser> thanks, SpamapS http://youtu.be/5atPYaxX0lM
<adam_g> smoser: on a call atm
<bobweaver> Has anyone installed magneto on there servers ? I can not seem to get it to install It will not connect to the database
<Faint> How can I prevent DDoS attacks against my Ubuntu server?
<Pici> Nothing.
<Pici> er, You can't.
<Faint> How can I slow them down? I've seen people do it before
<Pici> What sort of 'attacks' do you mean exactly? Just requesting pages? or login attempts?
<Faint> Requesting pages
<Faint> Pinging port 80 mainly.
<Pici> Snort might help you to protect yourself against that.
<patdk-wk> a real ddos? or just a dos from a few ip's?
<Faint> patdk-wk: Anything, I want to be prepared.
<patdk-wk> it's impossible to prepare for anything
<Faint> patdk-wk: Fine, then from a few IPs
<patdk-wk> except to have more resources than the other
<patdk-wk> http://pastebin.com/D6urZggy
<patdk-wk> something like that
<adam_g> smoser: update the keystone charm to the latest rev and you should be good
<adam_g> smoser: that should have gotten updated when e3 went out, my bad.
<smoser> yeeah. i just was seeing tha tnow.
<smoser> adam_g, so, isn't the jenkins testing using this/
<smoser> ?
<smoser> and i dont think you pushed your changes
<adam_g> smoser: its using forked charms in https://code.launchpad.net/~openstack-ubuntu-testing that are customized to the lab, and also kept up to date with changes in trunk that affect deployment
<adam_g> sec
<adam_g> smoser: lp:~charmers/charms/precise/keystone/trunk
<adam_g> smoser: ill give you a new deployments.cfg, one sec
<smoser> yeah.
<adam_g> smoser: http://paste.ubuntu.com/822988/
<adam_g> smoser: those have the correct charm branches now. dashboard + volume are still in my branch pending merge into the charm store. the openstack-precise-ec2 deploymen is what i use to get it going on ec2 using whats in the ubuntu archive.  openstack-ubuntu-testing will deploy the same with packages from the CI PPA, which lag behind trunk by some hours depending on how backed up the builders are
<smoser> adam_g, k. so you want to commit that example cfg to your junk branch?
<jhobbs> How closely will current precise package versions match what ends up in the precise release?
<smoser> jhobbs, it depends on the package
<smoser> over the entire archive "probably pretty close"
<smoser> but...
<jhobbs> ok
<jhobbs> i guess you could always bump a package to pick up a high priority bug fix, even late in the release schedule
<adam_g> smoser: done
<mp_> hello all. what's the thing with client/server keys. i'm trying to install a virtual machine on 11.10 and it asks for a cacert.pem. can't find anything about it in the serverguide for libvirtd. help appreciated.
<ChmEarl> apt-get install ca-certificates
<mgw> I'm working with puppet (puppet apply) and need to read files relative to $confdir â e.g., something like puppet:////files/foo/bar to read /etc/puppet/files/foo/bar
<mp_> >"can't access client key in /etc/pki/CA/cacert.pem.... file not found"
<mp_> ca-certificates has been installed
<mp_> *was installed
<mp_> i made my own cert now and put it in /usr/share/ca-certificates, didn't work. made that pki directory and put my cert in there, now he wants a client certificate
<mp_> which ubuntu documentation explains setting up a vm?
<mgw> mp_: this might get you started â http://linux.die.net/man/1/virsh
<mp_> mgw: thanks a lot
<mgw> mp_: np
<mp_> that's the manpage
<mgw> mp_: this too
<mgw> http://libvirt.org/
<elfurbe> Anyone have any experience debugging dkms builds? I'm having an issue building a module, it's telling me that it failed to build, but when I issue the make command myself, the .ko is definitely right where I told it to look in the dkms.conf
<mp_> mgw: are you kidding me?
<mgw> mp_: what do you mean?
<mp_> the ubuntu documentation does not work as is
<mgw> https://help.ubuntu.com/8.04/serverguide/C/virtualization.html doesn't work? What in particular?
<mp_> it's a 11.10 server
<mp_> let me look into that
<mgw> https://help.ubuntu.com/11.10/serverguide/C/libvirt.html
<mp_> that's the one
<mgw> it doesn't work?
<mp_> where are certificates mentioned?
<mgw> Are you wanting to set up certs on the host machine or on a vm you already have running?
<elfurbe> Ha, comedy overlook-the-obvious update, I used "BUILD_MODULE_LOCATION" instead of BUILT_MODULE_LOCATION in the dkms,conf
<mp_> i have the server as a host and tried to set up vms
<elfurbe> Clever lad, me
<mp_> which did not work out as expected
<hallyn> smoser: so checkign one more time, are you ok with switching from 'lxc-is-container' to 'running-in-container'?
<hallyn> stgraber: ^ have an opinion/preference?
<smoser> i can adjust, hallyn, but i don't relaly understand why
<smoser> and i think nomrally when people did somethign like that they'd use a symlink for comnpatibility
<smoser> but i leave it up to you
<hallyn> maybe i should leave it
<hallyn> ok i'll leave it :)
<stgraber> hallyn: I'd love to see something a bit generic like running-in-container that'd return the container type (lxc, libvirt-lxc, openvz-ve, vserver) and return 0 if it's a container or 1 if it's not
<stgraber> (I can contribute the logic for the other container types as I already have it in some configuration management probes here)
<hallyn> stgraber: instead of lxc-is-container, or in addition?
<stgraber> hallyn: I'd prefer to have one is-container that'd return 0 or 1 depending if it's a container or not and return the name of the technology if it's a container
<hallyn> stgraber: https://code.launchpad.net/~serge-hallyn/ubuntu/precise/upstart/upstart-containers/ is what i have now.  it works both on hosts and containers.  do you want to update (and rename if you like) lxc-is-container, then propose merge?
<stgraber> hallyn: so that'd be instead of lxc-is-container
<hallyn> stgraber: btw, container with lxcguest removed booted with that upstart :)
<stgraber> hallyn: ok, I'm rushing some LTSP changes now that I want in for alpha2. I'll have a look at the branch once I'm done and propose something that'd work for me (then we can check that I won't break some other use cases in the process ;))
<hallyn> stgraber: great
<smoser> stgraber, if you're testing general boot of lxc without lxcguest
<smoser> try removing it from cloud-images and testin
<smoser> (also may want dpkg-reconfigure cloud-init)
<smoser> i guess i can test easily enough, thogh.
<smoser> SpamapS, ping
<smoser> never mind.
<SpamapS> smoser: pong, never matter
<smoser> SpamapS, the query was regarding archive.buntu.com entry in /etc/hosts
<smoser> which at first i thought would not affect 'apt-get install' from inside a juju container
<smoser> but now i'm thinking it will becaues those apt-gets will reference an outside-the-container apt-cacher-ng
<SpamapS> smoser: yep
<hallyn> stgraber: (oops, i mungled the rename of running-in-container, so just re-renamed it and pushed so it will build)
<hallyn> biab
<smoser> adam_g, ping
<adam_g> smoser: pong
<SpamapS> LISA '12 CFP is open.. San Diego is nice in December.... :)
<SpamapS> jcastro: **
<SpamapS> robbiew: ^^
<robbiew> yep...got the email
<nOStahl> hey guys, I left home without my ubuntu server cd
<nOStahl> and the tower cant boot off usb-zip or usb-fdd hrmm
<nOStahl> the tower has ubuntu 10.10 on it right now desktop
<nOStahl> what options do I have to re-install ubuntu 11.10 server over it
<JanC> nOStahl: upgrade and remove all desktop packages?  ;)
<JanC> nOStahl: also, does it support USB-MS ?
<nOStahl> no option for usb-ms
<nOStahl> if it has usb-zip or fdd It may be a flag problem on the flash drive?
<JanC> nOStahl: you can also use debootstrap to bootstrap any Debian/Ubuntu distro
<nOStahl> whats that?
<nOStahl> got a link
<adam_g> Daviey: https://bugs.launchpad.net/nova/+bug/900925, so that kind of validation must have gotten lost since diablo
<uvirtbot> Launchpad bug 900925 in nova "create key pair gets a name which is longer than 256" [Medium,Fix committed]
<Daviey> adam_g: ffs, is just on ec2 api aswell?
<adam_g> Daviey: no, i believe it was in the common key pair controller, but its fixed now..
<nOStahl> heh figured out easy way.
<nOStahl> make small 1 gig partition on the hd
<nOStahl> from recovery mode
<nOStahl> and then boot into ubuntu on the machine and use unetbootin to setup that partition with the installer iso :)
<nOStahl> then when all done merge the partition back into the main partition etc.
<Daviey> adam_g: yeah, i had an ec2 unit test against that...
<Daviey> but just tested the api functions.
<Daviey> adam_g: is https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-openstack-charms accurate?
<adam_g> Daviey: in terms of my WI? yeah, just submitted nova-volume to the charm store today.  it seems the ceph+glance WI needs to be postponed
<adam_g> Daviey: "nova-cloud-controller - Split into charms after Juju supports multiple units on a machine (or colocation)" maybe BLOCKED until that support lands in juju
<uvirtbot> New bug: #924002 in autofs5 (main) "[Lucid] dbg package symbols are not provided for latest autofs packages" [Undecided,New] https://launchpad.net/bugs/924002
<Daviey> adam_g: can you update that please?
<Daviey> (thanks)
<starscream> hi! people
<starscream> I need to help
#ubuntu-server 2012-01-31
<starscream> i have ubuntu server 10.04  but IÂ´m very new in this
<starscream> but I need to learn this for the copany
<starscream> company
<twb> Quitting was probably not a good start
<zambaboo> hey guys does anyone know if it is possible to enable dynamic_debug in lucid 10.04?
<twb> Never heard of it
<zambaboo> its in the kernel docs
<twb> So grep for CONFIG_DYNAMIC_DEBUG in /boot/config-NNN.gz
<zambaboo> not set
<zambaboo> oh man.
<twb> There you are then
<zambaboo> a recompile eh
<twb> You could reroll the kernel package but it's probably not worth the effort
<sethras> Hello
<sethras> i have installed an ubuntu server and made it to a router
<zambaboo> it is for me, last resort. im having intermittent issues with bonding over ixgbe interfaces.
<sethras> and what i need to know is where i save iptalbes NAT Forward rules ?
<sethras> so a reboot wont purge my settings
<sethras> in centOS it's the file /etc/sysconfig/iptables-config
<sethras> but in ubuntu ?
<twb> http://bugs.debian.org/657113
<twb> Sorry, wrong channel
<ChmEarl> sethras, use `iptables-save > myrules.out` , then in /etc/network/interfaces: under eth0 `post-up /sbin/iptables-restore < /etc/iptables/myrules.out
<ChmEarl> sethras, so rules are restored every time eth0 starts up
<twb> Wrong.
<SpamapS> also if its simple enough, ucf might be a simpler choice
<twb> The ruleset SHOULD be loaded BEFORE any interfaces are up
<twb> The exception is if you need DNS to resolve hostnames in the ruleset.
<SpamapS> Wrong? or "sub-optimal" ?
<twb> SpamapS: well it leaves a nonzero hole where you can be connected to and you have no fw
<twb> http://paste.debian.net/154122/ is what I do on ubuntu systems; on Debian I use iptables-persistent (which performs poorly on ubuntu due to ubuntu using a non-portable init).
<twb> Also ref http://cyber.com.au/~twb/doc/iptab and #networking channel
<twb> Er, sorry, #netfilter channel.  #networking is full of idiots.
<zambaboo> hhaha
<Aengus> Anyone have a pointer as to what determines the urgency of security updates to packages?
<twb> They count how many hairs on kees' neck are standing up
<kees> twb: heh.
<SpamapS> Aengus: perhaps ask in #ubuntu-hardened
<Aengus> SpamapS: cheers
<zul> mtaylor: still around?
<stgraber> hallyn: only starting to look at your branch now, will try to spend some time on it tonight so I have something for tomorrow morning
<hallyn> stgraber: cool
<nOStahl> so guys, I fixed my problem of having forgotten my server cd and the new prospective server could not boot from my usb installer
<nOStahl> luckily I had grub2 already on the tower via an old ubuntu desktop installation
<nOStahl> unetbootin the server iso to the hard drive heh
<nOStahl> rebooted and it loaded the install into ram and took off
<nOStahl> very nice
<SolarNRT> Help, does anyone know how to bridge eth1 to wlan0,,, what command do I need?
<ChmEarl> SolarNRT, auto br0;iface br0 inet dhcp;bridge_ports wlan0 eth1
<adam_g> zul: pushed some mix fixes to lp:~openstack-ubuntu-testing/+junk/keystonelight
<dravekx> if I want to make a global bash command, where do I save it? /bin ? /usr/bin ? /etc/init.d ?
<dravekx> or does it matter?
<uvirtbot> New bug: #924105 in puppet (main) "integer out of range errors for fact_values" [Undecided,New] https://launchpad.net/bugs/924105
<driiper> Hello, i am currently trying to set up a router via my secondary NIC on my UBUNTU server, basicly this router is supposed to serve internet to users. Primary NIC is connect straight to the NET while as i said earlier the Secondary NIC goes to the wireless router. I Have managed to establish connection to the server via wireless, but does not seem to get past it or out to the internet. is there anyone which can assist me in thi
<SpamapS> driiper: so on your internal NIC, you have a non-routable address (192.168.x.x, 10.x.x.x, or something around 172.16-32.x.x ?
<driiper> The NIC going to the internet have my external IP (going through a bridge) while i currently configured ETH1 (secondary ) to 192.168.0.1,
<driiper> if that makes any sense
<driiper> Internet --> eth0 (external ip) ---> eth1 (Internal ip) ---> Wireless router ---> Clients,         |   this is what i am trying to achieve. i have managed to connect to the server via a wireless client using the gateway i used in the router (eth1 Ip)
<driiper> hmmm
<SpamapS> driiper: so have you done anything to setup NAT?
<SpamapS> driiper: https://help.ubuntu.com/11.10/serverguide/C/firewall.html
<SpamapS> driiper: look at 'IP Masquerading'
<driiper> Not that i know of. i made the eth1 static and used that on the router. obviously i have to make some kinda bridge or routing from eth1 to eth0 inorder to get onto internet, but i guess thats what i have to do?  By the way, do i have to set up a DNS server, or can i still use the one provided by my isp ?
<SpamapS> driiper: its a good idea to run something like dnsmasq on your firewall to cache DNS responses locally...
<driiper> ok, ill try this out. but so i am clear, this is supposed to route the incoming connection from eth1 to eth0  right?
<driiper> so it would be like a routing basicly
<SpamapS> driiper: the given example doesn't mention eth1, but it takes packets from 192.168.0.x and gives them the address of eth0.. and sends them out on eth0.. and translates replies back to the appropriate 192.168.0.x address.. this is known as "NAT" or "Masquerading"
<SpamapS> driiper: this is what every $40 router+wifi thing you can buy does.
<SpamapS> (which is why I don't do this anymore.. ;)
<SpamapS> I just let the WRT54G get 'er done. :)
<driiper> yeh well i called my ISP yesterday about having slow speed on my internet connection (Supposed to have 40/40) but only got like 10/10. and yeh , they told me that i had to set my router (ISP central) into bridge mode becuase it couldnt handle more than 2-3 port forwardinggs ( i had like 30). so now im stuck with a old B standard wireless router to my clients
<driiper> toh the budget
<driiper> oh*
<SpamapS> well yeah, 802.11b is 11Mbit, and half-duplex..
<driiper> mhm :( not really the ting i would want for myself :P
<SpamapS> driiper: honestly.. what more do you need? ;)
<driiper> you know
<driiper> be seedin these torrentz!!
<driiper> nah it be working fine i guess.
 * SpamapS will never understand why that is so universally acceptible. :-(
<driiper> the torrent community will be gone in some few years, just wait and see :)
<driiper> or
<driiper> big parts of it anyways
<driiper> trackers shutting down like crazy these days, i guess the days of payment is near
<driiper> but yeh. thank you for your help! ill get back to fixin this thingy!
<SpamapS> driiper: they'd have arrived sooner if torrenters had just stopped buying crappy DVD sets of stuff they already torrented. :-/
 * SpamapS puts the soap box back in the closet
<driiper> haha true :D
<uvirtbot> New bug: #924187 in passlib (universe) "todo's for passlib packaging" [Undecided,Confirmed] https://launchpad.net/bugs/924187
<uvirtbot> New bug: #924189 in python-memcache (universe) "python-memcache todo's" [Undecided,New] https://launchpad.net/bugs/924189
<uvirtbot> New bug: #924197 in sysstat (main) "Unable to get the next Data source after 24 hours" [Undecided,New] https://launchpad.net/bugs/924197
<uvirtbot> New bug: #924195 in sysstat (main) "cannot report ubuntu-bug -w on isag window" [Undecided,New] https://launchpad.net/bugs/924195
<NeoNetNinja> anyone up?
<NeoNetNinja> I
<_ruben> we're all down
<NeoNetNinja> lol
<NeoNetNinja> I have a questions, basically:
<NeoNetNinja> I'm looking for a used server that does SATA not SCSI that will run Ubuntu Server well
<NeoNetNinja> all the ones on Amazon that are cheap only do SCSI
<derknecht> i work with dmcrypt/luks container files to keep data save. i search for a solution to avoid to have fixed container size, is there a solution for self growing container files?
<derknecht> maybe something like ecryptfs, but i found no documentation about that
<patdk-lap> heh? ecryptfs isn't a container
<patdk-lap> why can't you grow dmcrypt/luks?
<derknecht> can container files be enlarged? the only way i see is to create a new one, and copy the data. And you are right, ecryptfs is a crypt filesystem, not a container file.
<patdk-lap> I always luks the whole drive
<patdk-lap> then used lvm to join the drives together
<patdk-lap> mainly did that so I could thread luks over multible cpu's
<patdk-lap> as dmcrypt is single threaded per instance
<derknecht> good idea, that would work well. but in my situation i have to use a bunch of container files on an unencrypted partition (or i have to create a lot of partitions which will be even more unflexible)
<derknecht> btw: the multithreading reason is a good advice!
<jamespage> Daviey: do you want to drive off of approved gerrit reviews? or on upload of any patchset?
<Daviey> jamespage: any patchset i think
<Daviey> it's a pre-validator before a human review IMO.
<jamespage> Daviey: OK so that is different to the gating in upstream - they wait for an approval before testing.
<Daviey> jamespage: Hmm, have you seen SmokeStack ?
<jamespage> Daviey: no
<Sander^work> Anyone know about a opensource mature virtualisation platform with clustering?
<Daviey> jamespage: we shouldn't ignore, https://github.com/dprince/openstack_vpc either
<Daviey> jamespage: BTW, have you seen that you have started reviewing? https://review.openstack.org/#change,3309
<jamespage> Daviey: oops
<Daviey> jamespage: but anyway, with that example, smokestack did a smoketest before it was Approved
<Daviey> it tests when a new patch set is pushed
<jamespage> Daviey: thats a feature of the plugin - as soon as I pull and review I get marked as reviewing
<Daviey> jamespage: right, i checked with monty about that.. he said there was a config option to make it quiet.
<Daviey> 15:39 < mtaylor> Daviey: there's a flag in the job config to run in "silent mode"
<Daviey> Hmm, regarding smokestack - unless it has a huge queue... the timestamps cause some doubt for me, https://review.openstack.org/#change,3558
<jamespage> Daviey: and this one - https://review.openstack.org/#change,3273
<jamespage> doh
<Daviey> jamespage: long term, it would be good if it only posted results, not a Started and Finished IMO
<Daviey> but at the moment, i think it should be silent.
<Daviey> jamespage: note, the current target seems to be trunk proposals.. we want stable/diablo right?
<jamespage> Daviey: lets assume for a minute that I'm just testing this...
<jamespage> stable/diablo don't get many
<Daviey> jamespage: right..
<jamespage> its not running in the lab either FYI
<Daviey> jamespage: yeah, i guessed that with hendrix :)
<jamespage> Daviey: OK - figured out how to disable that for the time being
<jamespage> its a little more than a toggle...
<Daviey> oh
<jamespage> yeah - I had to remove the actual commands that the plugin runs at certain points during testing
<jamespage> but I saved them!
<jamespage> Daviey: reckon I should comment on those two review to apologize?
<Daviey> jamespage: it's in your name, i'd just hold fire and await a comment
<Daviey> if it has an offical sounding title.. then yeah.. but i thinmk you are ok
<Daviey> ue, "Ubuntu Openstack Validation Bot"
<Daviey> ie*
<Daviey> irssi just segfaulted on me.. gah.
<jamespage> Daviey, ack
<jamespage> lynxman, trying to look at your MP but bzr just broke on me
<GyrosGeier> hi
<GyrosGeier> I'm looking for the switch that says "this server is in a 19" rack, do not under any circumstances stop the boot process before starting sshd, even if an iSCSI target is missing"
<GyrosGeier> that is, it is okay if any filesystem except root fails to mount
<jdstrand> Aengus: re security update priority> it is a combination of a lot of things: http://people.canonical.com/~ubuntu-security/cve/priority.html
<jdstrand> Aengus: did you have a question about a specific issue?
<rbasak> GyrosGeier: are you looking for the noauto flag in /etc/fstab?
<lynxman> jamespage: no worries :)
<GyrosGeier> rbasak, in principle I want automount if possible
<GyrosGeier> the important bit is that it should never drop into a console
<GyrosGeier> (because there isn't one=
<rbasak> I don't know if such a mechanism exists, but it doesn't seem practical in the general case to me. What happens if subsequent services fail because mounts are missing? If you have complicated needs, set noauto and manage it manually - say in rc.local or something. And then take care of any services that depend on the mounts.
<GyrosGeier> the most important bit is that ssh works
<GyrosGeier> waiting for someone to drive to the colo facility, plug in a keyboard and press "S" is even less practical than having random services fail, IMO :)
<ogra_> you could hack an initramfs-tools hook and script in place that switches on networking in the initrd and fires up sshd by default
<rbasak> you might change /etc/init/ssh.conf to start on local-filesystems instead of filesystem or something, but my upstart fu is weak and I don't know what other implications that might have.
<GyrosGeier> I think that is already the case
<rbasak> that's a point - will networking even be up at that stage?
<GyrosGeier> but the fs is ext3 on SCSI
<rbasak> I think the general solution is that if the mounts aren't critical to the system booting and you want the system to boot regardless of them, then set them noauto and mount them in rc.local. That's the least hacky answer.
<rbasak> OTOH, if you break something that the system's boot depends on, don't expect the system to be able to boot :-)
<rbasak> OR, perhaps you're asking for a new feature - ssh capability in the event of  boot failure. If that doesn't exist it sounds like a good idea.
<smb> Not sure this is helpful, but there seems to be a nofail for fstab...
<rbasak> smb: that sounds perfect :)
<smb> If it works as one expects. Have never tried, just looked at man fstab
<Caribou> I have a question for the kernel people : any reason why Ubuntu kernel is less agressive in caching FS writes than the RHEL kernels ?
<Caribou> kernels would be Lucid (2.6.35) .vs. RHEL 5.5 (2.6.18)
<Caribou> on a DL380/G7 writing a 11Gb file with dd (to cache) takes 120s on Ubuntu and 9s on CentOS!
<henkjan_> Caribou: same server?
<Caribou> when bypassing the cache (using oflag=direct) I get 221s for Ubuntu and 190s for CentOS
<Caribou> henkjan_: yes, identical H/W same disks/ctrls
<henkjan_> looks like the centos one has write back cache enable on the raidcontroller?
<Caribou> henkjan_: AFAIK, smart array don't have WB cache and if so, it would be enabled on both
<Caribou> I'd get the same behavior with oflag=direct but the values are much closer
<Caribou> henkjan: here is an example : http://paste.ubuntu.com/823880/
<jamespage> lynxman, sorry more comments on ipxe
<lynxman> jamespage: no worries :)
<jamespage> Daviey: w00t - I got a gerrit trigger build on trunk!
<Daviey> jamespage: about that... do you think it's a good idea?
<Daviey> perhaps we should do it by hand?
<jamespage> lol
<Daviey> jamespage: Sorry, i am blowing smoke.. :)
<jamespage> so long as you are willing to be the button pressing monkey
<Daviey> soren: that is great to hear, so are you using gerrit as the trigger or github commit?
<Daviey> err, jamespage ^^
<jamespage> gerrit
<jamespage> you have never got me mixed up with soren before...
<Caribou> /3
<Daviey> jamespage: Yes, sorry - a real insult that was :)
<Daviey> jamespage: Seriously, that is topnosh!
<Daviey> Really pleased it's going well.
<gary_poster> hallyn, hey.  lxc on precise is hanging for me, with lucid containers. I'm up-to-date, and I tried a brand new lucid container.  Details: http://pastebin.ubuntu.com/823882/ .  OTOH, a new precise container works fine, and is much faster to start than it used to be.  We kinda need both lucid and precise though.
<lynxman> jamespage: saw your comments, I don't really know what else to do tbh, this has been very time consuming
<lynxman> jamespage: feel free to take over if you want, can't justify more time on this cleaning the upstream lintian errors I'm afraid
<smoser> hallyn, ping.
<gary_poster> Oneiric is also fine.  It is only lucid (that I care about; N and M are not important to me).
<smoser> hallyn, ping again (different topic)
<smoser> zul, did you push to lp:ubuntu/libvirt ?
<zul> smoser: no
<gary_poster> hallyn, I filed https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/924337 so I could track
<uvirtbot> Launchpad bug 924337 in lxc "lxc on precise is not working with lucid containers" [Undecided,New]
<Decepticon> buenas
<Decepticon> como configuro un server ubuntu 10.04  para crear una unidad compartida
<Decepticon> se puede usar los tutoriales de ubuntu server 11 para losde ubuntu 10.04
<smoser> zul, i just ased because it is up to date with your upload, but not the most recent one.
<smoser> and its failing
<smoser> http://package-import.ubuntu.com/status/libvirt.html#2011-05-26%2020:07:23.558315
<Decepticon> hi people sorry I think that this canal in spanish
<smoser> and i wondered if hallyn was manually pushing
<Pici> Decepticon: Try #ubuntu-es :)
<Decepticon> i have ubuntu server but i need to share a folder or unity
<Decepticon> Pici: thanks but I can speak englsih, dont problems
<Pici> Okay :)
<Decepticon> Pici:  do you do of ubuntu server Â¿_
<Pici> Decepticon: I do.
<Decepticon> Pici:  thanks a God
<Decepticon> jejej
<Decepticon> Pici:  i have ubuntu server wit ubuntu 10.04 server
<Decepticon> but i have manual of ubuntu server 11.04
<Decepticon> this manual is compatible
<Decepticon> manual of ubuntu server 11.04 but i use ubuntu server 10.04
<Decepticon> Pici:  please help me with this
<Pici> Decepticon: It should be.  You can use https://help.ubuntu.com/10.04/serverguide/C/ instead if you want though.
<hallyn> smoser: package importer always fails for libvirt (and qemu)
<hallyn> smoser: yes i've been manually doing import-dsc and push
<Decepticon> Pici:  ok! thanks
<Decepticon> hallyn:  so i can use for this =?
<smoser> hallyn, have you ever asked in #bzr to maybe get it sorted out ?
<hallyn> of course
<hallyn> pls feel free to take your turn
<smoser> :)
<smoser> funny
<smoser> yeah. i've done it, and just asked.
<smoser> anyway.
<smoser> second question for mr. hallyn.
<Decepticon> hallyn:  thanks
<hallyn> Decepticon: sorry iw asn't talking to you
<hallyn> Decepticon: pls re-ask your question, i don't follow
<Decepticon> hallyn:  ok!, dont problems
<Decepticon> hallyn: cheeck.  i have a manual of ubuntu server 11.04 but I use to ubuntu server 10.04
<smoser> bug 924281, hallyn was the second question.
<uvirtbot> Launchpad bug 924281 in cgroup-lite "cgroup-lite not installable inside 'lxc create -t ubuntu' container" [Undecided,New] https://launchpad.net/bugs/924281
<Decepticon> this manual is compatible with my server
<hallyn> Decepticon: I've not paid as much attention to the manuals as I should.  I'd look at the 10.04 one like Pici suggested.
<smoser> Decepticon, probably somewhat. but it wont be 100% compatible.
<uvirtbot> New bug: #924337 in lxc (main) "lxc on precise is not working with lucid containers" [Undecided,New] https://launchpad.net/bugs/924337
<Decepticon> hallyn:  ok perfect thanks
<Decepticon> smoser:  thanks
<Decepticon> smoser:  this is new for me
<Decepticon> hallyn:  thanks
<Decepticon> anything in the afthernoon to entrance to canal
<Decepticon> thanks a lot
<hallyn> smoser: i'll have to look into it.
<Decepticon> bye bye
<Decepticon> good day
<hallyn> gary_poster: ditto (i'll have to look into it - it's been working for me perfectly)
<smoser> hallyn, from inside the container, i can't even make paths in /sys/fs/cgroup.
<smoser> which i'm guessing is by design
<gary_poster> hallyn, ack thanks
<hallyn> smoser: is anything mounted there now?  df -h /sys/fs/cgroup?
<smoser> not in the container
<hallyn> d'oh
<smoser> only outside
<hallyn> smoser: haha, nm, i get it
<hallyn> smoser: workaround, edit your /etc/apparmor.d/usr.bin.lxc-start and remove the /sys denial
<smoser> hm..
<smoser> i wasn't getting app armor errors in dmesg though.
<hallyn> smoser: i think the 'deny' shuts up errors in dmesg actually
<hallyn> gary_poster: jsut as an aside, if you're using the config you said you're using, on precise, you don't have to use a config at all
<hallyn> (that's the default)
<gary_poster> hallyn, I wondered if that were the case.  Cool, thanks
<smoser> hallyn, other fun quesiton...
<hallyn> smoser: despite my being an ass earlier, i really would like the bzr issue resolved
<smoser> what likely hood of getting acccess to loop devices inside a container
<smoser> are the loop devices name-spaced ? i suspect not.
<hallyn> smoser: yeah they're not.  you can coordinatei t from the host of course
<smoser> yeah, but for this that is probably not enough.
<hallyn> what exactly do you want?
<hallyn> by coordinate, i meant pick loop3 and let a container have it
<smoser> ie, nova-volume and nova-compute are going to want to use losetup and the like.
<smoser> and go looking for a free device and such.
<hallyn> they can do that, the host just has to tell them which to use, and let them use it through the devices whitelist
<hallyn> or, the host can just let it access all of them...
<smoser> well it clearly can't safely let them access all of them.
<hallyn> it's not like containers are *secure* now, so don't let fake security get in the way of getting someting done
<hallyn> smoser: well, hw about this,
<smoser> and coordinating from the host would seem complex to me at the moment.
<hallyn> when the host creates the container, it picks two unassigned loops and lets the container have them;
<hallyn> then make sure that when nove gets -EPERM it just tries the next index
<hallyn> whatever creates the container will need to keep track of the loops, yes
<smoser> it might be sufficient
<smoser> but that limits you to N/2 total containers if you do that by default
<hallyn> anyway, that's all we got right now, but namespacing loops might not be so bad.  only problem would be that the response might be "you must do all devices"
<hallyn> yup
<smoser> where 'N' is the number of loop devices...
<smoser> i think we set it to 64?
<hallyn> maybe you can get fancy with udev
<hallyn> it can catch a loop creation (i think),
<smoser> well, module load is when its set
<hallyn> then deny all other containers access to that loop
<hallyn> (and if the host creates the loop, then all contaiens are denied)
<smoser> hallyn, hm..
<smoser> that'd be pretty neat.
<smoser> how would udev know which container created the loop device ?
<hallyn> very racy of course
<smoser> yeah
<hallyn> not sure if the uevent carries the pid which created it
<smoser> hm..
<hallyn> it really seems to me that, unless nova likes to run around and dd if=/dev/zero into all existing loop devices,
<hallyn> you should jsut allow all your containers access
<smoser> well... the thing i'm concerned about is something assuming that it is in full control of loop devices
<smoser> and saying "is /dev/loop0 used? well, not by me!, i'll use it"
<derknecht> has someone used encfs so far? i think about using it as replacement for dmcrypt with crypted container files to get around the fixed size containers problem.  Any advice if encfs is stable enough fpr production usage? Thanks
<hallyn> that would be insane
<smoser> it snot a completely unrasonable assumption
<hallyn> smoser: sure it is.  otherwise you're telling me i can't run anything else on that machine
<hallyn> smoser: or even loop mjount a cdrom iso
<smoser> you typically would only run one hypervisor management solution on a machine
<smoser> :)
<smoser> but even if it *were* unreasonable
<smoser> then likely the well intentioned user is going to do something like:
<smoser>  * check if /dev/loop0 is used
<smoser>  * if yes, try /dev/loopN
<smoser>  * if not, take it
<smoser> which is racy anyway
<smoser> but for now i'll try with all having access to /dev/loop*
<hallyn> smoser: the good news here is that we ahve a very reasonable user for devices namespace
<hallyn> which means we might be able to start discussing a design and implementation
<gary_poster> hallyn, another question.  sudo in a precise container complains of no tty.  I found http://www.mail-archive.com/lxc-users@lists.sourceforge.net/msg03138.html .  the tty config that writer suggests is not in the config generated for my container (it is commented: "#lxc.cgroup.devices.allow = c 5:0 rwm").  I have to step away, but...is that a bad idea? intentional?
<gary_poster> I will try when I return unless you advise against it
<hallyn> gary_poster: it's intentional.  5:0 is not namespaced
<hallyn> if it really breaks things, then maybe we'll have to undo it and live with it
<hallyn> (inameeting)
<gary_poster> hallyn, gotcha.  is there another reasonable way to get sudo to work with that setting?  ack on meeting.  will head off, and check back in when i return
<hallyn> oh, hm.  5:0 is tty.  that's not right
<hallyn> that implies i should re-enable it, and lxc-start didn't do a setsid() somewhere
<stgraber> hallyn: hmm, upstart is too limited for what I wanted to do (detect the container type in container.conf and set an environment variable that other jobs using "start on container" can check)
<stgraber> hallyn: instead it looks like the easiest would be to move the logic into is-container and have container.conf call is-container the emit an upstart event with a CONTAINER=type variable that other jobs can check
<hallyn> stgraber: whatever works, i'm not tied to anything
<hallyn> stgraber: so i was thinking that 5:0 was console, but it's tty.  that's what i refused lxc access to, and doing so fixes both soundcard and xmodmap twiddling by container
<hallyn> stgraber: i guess ihave to undo it, but it leaves me wondering why it lets the container do what it does
<GyrosGeier> smb, will try that
<stgraber> hallyn: would read-only make sudo happy and still give us the other benefits?
<hallyn> stgraber: i dunno, but shouldn't /dev/tty just connect to current's tty magically?
<hallyn> i.e. it's inherently namesapced?
<hallyn> i'll play with it i guess (but again, in a mtg)
<stgraber> hallyn: indeed, it should. Though it looks like it's pointing to something that isn't namespaced at some point
<hallyn> stgraber: AIUI (and apparently i'm wrong) setsid should be setting that
<hallyn> i'm *sure (cough) lxc-start is doing setsid :)
<stgraber> hallyn: grep tells me lxc-console does but that's the only direct call to setsid
<hallyn> hm
<stgraber> I'd have expected to find it in start.c or namespace.c
<stgraber> (but I don't pretend to understand exactly what's going on in the C code ;))
<stgraber> hallyn: just checking, container=lxc-libvirt is what we'll get in the new libvirt right? (not libvirt-lxc)
<hallyn> stgraber: yes, but the LIBVIRT_LXC_UUID or whatever will still be there too, so we don't *have* to change anything
<stgraber> hallyn: right, I just want to make sure is-container returns something consistent
<stgraber> hallyn: if container is set in init's environment it'll always return it as-is and ignore all the other potential ways of detecting a container
<hallyn> stgraber: i don't know when that patch will go in, and i wasn't planning on backporting into 12.04 libvirt (though i can if you like)
<stgraber> no, backporting won't change anything (unless they choose to change the value of container at the last minute to something else than lxc-libvirt)
<hallyn> pls shout (or opena  bug :) if you want that cherrypicked then
<hallyn> i've asked dlezcano in email about the setsid
<stgraber> hallyn: do you have an opinion on the right way to extract "container" from init's environment? "ps -p 1 e" is fairly clean but extracting a single variable is a pain, parsing /proc/1/environ isn't much pretier
<hallyn> stgraber:hm
<hallyn> Let's say we wanted container.conf, when it starts, to set the container type in a file.  like /etc/containertype.  What would be the right place for that.  /run ?
<stgraber> hallyn: yeah, /run would be the right place
<hallyn> and since /run is tmpfs, it doesn't have to do anything on non-container,
<hallyn> stgraber: so that would be my suggestion...
<stgraber> hallyn: ok, I'll move everything back into the upstart job and have it write to /run
<SpamapS> koolhead17: around?
<uvirtbot> New bug: #924375 in cloud-init (main) "cloud-init should allow pre-seeding of ec2 datasource:Ec2:metadata_urls" [Undecided,New] https://launchpad.net/bugs/924375
<hallyn> stgraber: maybe we should run that by cjwatson and/or jodh...  i don't know if it's deemed kosher.  but i like it.
<smoser> hallyn, it looks like you can now race-free get a loop device
<smoser> https://lkml.org/lkml/2011/7/30/110
<hallyn> smoser: but does nova use it
<smoser> almost certainly not
<smoser> :)
<smoser> but it could.
<smoser> and i *think* that is exposed via 'losetup' utility
<stgraber> hallyn: ok, I have an updated upstart branch, testing it here now
<hallyn> smoser: so you'd use that and allow all containers access to loop*?
<hallyn> stgraber: cool.  i need to do an updated lxc to fix the two bugs i introduced
<smoser> hallyn, well, it seems likely that nova should use it generally.
<hallyn> yes
<smoser> and for this speicifc purpose, i would need to allow /dev/loop*
<smoser> (jstack purpose)
<hallyn> smoser: well udev still might be doable
<smoser> but that does not to me seem acceptable across the board for lxc-create
<hallyn> no , it would be only for you
<smoser> i dont think that adding a complex and racey solution makes much sense.
<hallyn> well it might not be racy now
<hallyn> i.e. you can refuse all access,
<Danny_Joris> hi, I'm trying to install ubuntu server as a vm with virtualbox. During the 'select and install software' process I got an error, and I'm not sure what to do...
<smoser> maybe i'm missing something.
<Danny_Joris> I'm trying to select another install process step, but it won't let me
<smoser> hallyn, but i thought you were proposing:
<hallyn> the /dev/loop-control or whatever creates the new loop dev, udev on host provides the container access, container keeps trying to open until it doesn't get -EPERM
<smoser> well, /dev/loop-control access would probably be dangerous
<hallyn> can you only create new loops with it?
<smoser> as i can also remove
<hallyn> oh
<smoser> no worries.
<smoser> hack for now, let /dev/loop* access
<hallyn> ok
<smoser> so
<smoser> so how could i do this cleeanly?
<smoser> ie, for my created containers instances give them /dev/cloop0
<smoser> lxc-create -t ... then just append before start for the block devices i guess
<Danny_Joris> any advice?
<hallyn> smoser: (if this is what you're asking) you can just add the lxc.cgroup.devices.allow line to the config that you pass to lxc-create with '-f'
<smoser> right.
<smoser> oh. i can pass my own config to lxc-create ?
<smoser> i didn't know that.
<smoser> interesting...
<Danny_Joris> the enitre install is screwed... :(
 * Daviey buys, http://www.spreadshirt.co.uk/create-your-own-t-shirt-C59/product/102559172/view/1
<lynxman> Daviey: can I get one too?
<hallyn> Danny_Joris: I fear your info was lost in the noise - can you please repeat?
<hallyn> Daviey: it must have been an imposter.  Clearly smoser must be out having lunch, and the maid sat down at the kbd
<Danny_Joris> hallyn: I'm having an error in the select and install software - process
<lynxman> hallyn: Consuela style? (http://www.youtube.com/watch?v=2IaheLG-05U)
<Danny_Joris> hallyn: I just started from scratch and I have it again
<koolhead17> SpamapS: back :)
<koolhead17> hey Daviey
<Danny_Joris> I selected - openssh, LAMP, postgreSQL and mailserver
<hallyn> Danny_Joris: is this with Precise (12.04)?
<Danny_Joris> 11.10
<hallyn> lynxman: my laptop won't play sound from the flash plugin
<Danny_Joris> not very helpful: https://skitch.com/dannyjoris/g7cyu/ubuntu-server-11.10-64-running
<lynxman> hallyn: aww
<SpamapS> koolhead17: was going to suggest that you attend our meeting, but it is over
<hallyn> (sure i could youtube-dl it...)
<koolhead17> SpamapS: we must be having our meeting log somewhere :)
<hallyn> Danny_Joris: I've had that too, though only with Precise.  I assume this was an uptodate iso you used?
<hallyn> Daviey: https://skitch.com/dannyjoris/g7cyu/ubuntu-server-11.10-64-running
<SpamapS> koolhead17: irclogs.ubuntu.com
<SpamapS> koolhead17: you came up, as the PHP5 bug fix (and merge of 5.3.9) need to be done soon
<Danny_Joris> hallyn: yeah, just downloaded it from the ubuntu site
<koolhead17> SpamapS: yes. will be doing it in 1-2 days
<uvirtbot> New bug: #924387 in samba (main) "BUG: Bad page map in process smbd" [Undecided,New] https://launchpad.net/bugs/924387
<smoser> hallyn, does the config given stick across a clone ?
<smoser> i think it does
<hallyn> smoser: yeah, i'm pretty sure i copy the config verbatim
<smoser> well, and then you change the hostname
<smoser> and something like that.
<Danny_Joris> OMG now it jammed on apt preparation...
<Danny_Joris> it got stuck on this: https://skitch.com/dannyjoris/g7cea/ubuntu-server-11.10-64-running
<Danny_Joris> twice
<hallyn> Danny_Joris: gah.  exactly which iso are you using?
<Danny_Joris> hallyn: http://www.ubuntu.com/download/server/download latest (11.10) 64 bit
<hallyn> Danny_Joris: thanks, i'll see what i get here.
<hallyn> Danny_Joris: 64bit?
<Danny_Joris> virtualbox 4.1.8 on Snow leopard
<Danny_Joris> hallyn: yes
<hallyn> d'oh
<hallyn> all right it'll take me awhile to d/l, but i'll see what i get.  you're not preseeding right?
<Danny_Joris> hallyn: not sure what preseeding is, so probably not
<hallyn> ok :)
<Danny_Joris> hallyn: I'm going to try the LTS
<hallyn> Danny_Joris: you mean 10.04 or the 12.04 LTS candidate?
<Danny_Joris> 10.04
<Danny_Joris> hallyn: would the 12.04 lts candidate be more or less stable than 11.10?
<hallyn> far less, at the moment
<hallyn> jjohansen: around?
<jjohansen> hallyn: yes
<hallyn> if my policy says "allow /sys/fs/cgroup rwx; \ndeny /sys/fs/ rwx;"
<hallyn> will that do what i expect, applying in order?
<hallyn> to be more precise, i mean "allow /sys/fs/cgroup/** wklx; deny /sys/** wklx,"
<jjohansen> hallyn: no, AA rules don't have ordering (ie they are declarative)
<hallyn> this is for bug 924281
<hallyn> drat
<uvirtbot> Launchpad bug 924281 in cgroup-lite "cgroup-lite not installable inside 'lxc create -t ubuntu' container" [High,Confirmed] https://launchpad.net/bugs/924281
<jjohansen> its one of those things Crispin was adamant about
<hallyn> jjohansen: whats the most concise way to say "deny write under /sys except to /sys/fs/cgroup/**" ?
<stgraber> jhelwig: lp:~stgraber/ubuntu/precise/upstart/upstart-containers
<stgraber> oops, wrong target. Sorry jhelwig
<stgraber> hallyn: lp:~stgraber/ubuntu/precise/upstart/upstart-containers
<jhelwig> stgraber: No worries.
<stgraber> hallyn: I had to drop the "and stopped runlevel" bit as otherwise the console would sometimes take 3 minutes to show up (or not show up at all).
<hallyn> stgraber: i'll take a look
<stgraber> hallyn: I poked jodh about that bit. AFAICS we don't actually need to wait on runlevel for LXC, it's usually best to just show the login prompt whenever we can
<hallyn> stgraber: yes, but that was because your network wasn't up?  or not?  maybe that actually is the root of gary_poster's bug then!
<hallyn> ok
<hallyn> good with me
<jjohansen> hallyn: err. just have a single allow rule, and don't have any other rules allowing /sys access
<jjohansen> /sys/fs/cgroup/** rw,
<jjohansen> hallyn: of course that doesn't help if you have a broad rule like /** rw,
<hallyn> feh, maybe i should drop the whole /sys rule for now.  it's going to have to change again when the mount perms come anyway
 * gary_poster is here.  :-)  Doing other things, and will be back to this soonish, but can also drop everything and try something if it helps
<jjohansen> hallyn: otherwise it gets hard atm
<hallyn> jjohansen: what is 'at the moment'?  what will make it easier?
<hallyn> jjohansen: i suppose i can just do something like "deny /sys/[^fs]/[^cgroup]/** rw" ?  in that spirit anyway?
<jjohansen> hallyn: well, the syntax is supposed to get an extension that will make selective set operations easy.  It possible in the matching engine its just not exposed yet
<hallyn> jjohansen: in this cycle?
<jjohansen> hallyn: except that isn't what you want.  [ ] is a character class
<hallyn> i figured i had a 50/50 chance :)
<jjohansen> hallyn: I wish, but with the FF deadline coming I doubt it
<hallyn> FFE :)
<jjohansen> hallyn: I am willing to consider it :), now just to convince jdstrand
<hallyn> jjohansen: i'd really like in 12.04 some way of being pretty specific about what under /sys and /proc a container can access, while using a big stick to say "and ntohing else"
<jjohansen> hallyn: yeah, completely understand that
<hallyn> i guess i can just add a ton of /sys rules, one for each other dir other than fs
<jjohansen> hallyn: do you know why lxc uses pivot root instead of chroot?
<hallyn> how much will that slow things down (let's say 15 rules per container)?
<jjohansen> not at all
<hallyn> jjohansen: the reason was to prevent chroot escape
<hallyn> i think everyone is somewhat open to switching back
<hallyn> especially if apparmor will be able to help (right now it can't)
<jjohansen> hallyn: okay.  I currently have some problem with the pivot root stuff, where I can only switch the profile of the current task.  Doing more is turning out to be problematic
<stgraber> hallyn: btw, just noticed I have quite a bit of apparmor DENIED messages in my kernel.log: http://paste.ubuntu.com/824140/
<hallyn> gah
<jjohansen> this limitation shouldn't affect lxc
<hallyn> jjohansen: ok.  (note that libvirt-lxc also uses pivot_root.)
<jjohansen> hallyn: its doable, but its a pain because of creds, where tasks have to update their owne state
<hallyn> pivot_root has other problems, so switching back has been discussed
<hallyn> but it's so nice and clean
<adam_g> smoser: cobbler devenv / libvirt+pxe working okay for you on precise?
<hallyn> ok ok, i need to do a reboot test, biab
<Danny_Joris> hallyn: just did a flawless install with 10.04 lts
<hallyn> Danny_Joris: worth filing a bug IMO, but i'm not sure against what
<hallyn> biab
<smoser> adam_g, i think so, yeah. its 'odev' now.
<smoser> https://code.launchpad.net/~orchestra/orchestra/odev/
<adam_g> ah
<hallyn> jjohansen: does http://people.canonical.com/~serge/lxc.apparmor look ok?  (really rebooting now)
<hallyn> no that's not right
<hallyn> jjohansen: http://people.canonical.com/~serge/lxc.apparmor  ugly and won't scale as more exceptiosn come up, but might work for now
<smoser> hallyn, random information, precise util-linux does not have the race-free losetup
<smoser> that will be in utli-linux 2.21
<smoser> we have 2.20
<smoser> hallyn, do i have to do anything after updating the app armour profile to make it take ?
<smoser> jjohansen?
<hallyn> smoser: 'apparmor_parser /etc/apparmor.d/usr.bin/lxc-start'
<hallyn> uh, add --reload
<hallyn> gah, replace
<jjohansen> smoser: you need to reload the profile
<smoser> with sudo service apparmor reload
<jjohansen> smoser: yeah that will work, if the profile is in the profile directory
<hallyn> smoser: i just installed cgroup-lite in a container with the lxc.apparmor i mentioned above
<hallyn> stgraber: so lxcconsole.cofn effectively can start when /run is mounted.  Is there any other fs which lxcconsole.conf might ought to wait on?
<uvirtbot> New bug: #912861 in txzookeeper (universe) "[MIR] juju, txaws, txzookeeper" [High,New] https://launchpad.net/bugs/912861
<hallyn> container-detect.conf looks nice.  scary but nice :)
<hallyn> stgraber: secondly, I'm considering pushing lp:~serge-hallyn/ubuntu/precise/lxc/lxc-allowtty (works here).  look ok?
<jjohansen> hallyn: re profile: it looks okay I guess, except the ugly attach_disconnected.  I realize you need it, atm but I would like to fix that before FF.
<jjohansen> re the DENIED messages, I think that one is actually a bug in the attach_disconnected, I'll have to look into it more
<hallyn> jjohanson: me too!  :)  (attach_disconnect)
<stgraber> hallyn: AFAIK getty only depends on / being mounted and / should always be there, so no, I think the only condition really is "are we in an LXC container"
<stgraber> hallyn: (looking at the branch now)
<hallyn> well it does need /dev/console to exist :)
<stgraber> hallyn: right, which AFAIK is there in the regular MAKDEV created /dev and by default in devtmpfs/udev?
<hallyn> trying setsid in start() real quick...
<stgraber> hallyn: anyway, mounted won't be emitted until udev/mounall have run, so we know /dev should be pretty much ready by the time lxcconsole is called
<hallyn> stgraber: console is put there by lxc-start anyway before init starts, so never mind :)  i was being silly
<hallyn> so, should i change the start on in console.conf in lxcguest for now?
<hallyn> or is that not worth it?
<stgraber> hallyn: I don't think that's worth it at the moment, just want to get it right when we push that to upstart
<hallyn> sounds good
<stgraber> hallyn: branch looks good, that's some interesting apparmor path matching you have there ;)
<hallyn> :(  yeah
<adam_g> zul: that looks pretty straight forward, why did we wait so long to do it after glance? wasn't there something blocking that made it less trivial than that? i dont remember
<hallyn> jjohansen: stgraber: maybe it's ugly enough to make jdstrand consider FFE for the pattern matchign extensions :)
<zul> adam_g: i think i was waiting for the root wrapper stuff to finish
<jdstrand_> jeez my nick is just on fire
<jjohansen> hallyn: err yes it is ugly enough we where discussing the possibility of a FFE
<hallyn> stgraber: ok pushing
<zul> adam_g: im going to throw it up in the testrig
<adam_g> zul: what? no
<stgraber> hallyn: oh, just thought of it, please avoid uploading lxc until post-freeze. LXC is seeded by Edubuntu so it's affected by the freeze
<hallyn> stgraber: sorry, i just did
<adam_g> zul: er
<adam_g> zul: you mean the changes at http://paste.ubuntu.com/824199/ ?
<hallyn> #ubuntu-release did say they were re-spinning, is that separate from edubuntu respins?
<stgraber> hallyn: yeah, just saw that. It's not really an issue at this point because we expect rebuilds for kernel + some gnome stuff anyway.
<zul> adam_g: yes
<hallyn> stgraber: i'll not push any more, sorry
<hallyn> stgraber: are openvz consoles in upstart actually going to work?
<stgraber> hallyn: np. I should have thought of it earlier ;)
<hallyn> You're making console-detect.conf do a bit more work before exiting on non-containers, so i want to make sure it's worth it
<adam_g> zul: give it a minute for current test to run.
<hallyn> stgraber: especially the actual filesystem reading, which can really slow things down
<zul> adam_g: ack...lemme know
<stgraber> hallyn: no, they usually fail and use 100% CPU on OpenVZ
<adam_g> zul: you're going to merge them into the ~openstack-ubuntu-testing branch or ~ubuntu-server-dev?
<hallyn> lol
<zul> openstack-ubuntu-testing
<adam_g> zul: not sure what the easiest would be
<zul> adam_g: well if i merge it into the ubuntu-server-dev then we can test your merge as well
<stgraber> hallyn: yeah, /dev/tty* is usually not something you want to touch in a VZ. Most people just rm the tty* jobs. I'd have to do some tests and see if we can deal with that without breaking the world.
<hallyn> stgraber: not sure i follow - you're saying you'll edit debian/conf/tty* to not run on container CONTAINER=openvz?
<adam_g> zul: i propose we merge to ubuntu-server-dev, they automatically trickle down to the test rig and we can just revert them in ~ubuntu-server-dev  without much work
<zul> adam_g: good enough for me
<stgraber> hallyn: yes, that'd be a way of doing it, if upstart lets me do that (don't think you can have something depend on an event not being emitted)
<adam_g> zul: but please test build *and install* before doing that. if jenkins jobs fail because packages fail to install due to typos in postinst and stuff, im gonna f'in kill you! :)
<hallyn> i bet SpamapS can think of a cool way
<stgraber> hallyn: the other way would be to have them stop on container CONTAINER=openvz which isn't really ideal either but would avoid the 100% cpu part of the problem :)
<hallyn> yeah that sounds worthwhile
<zul> adam_g: just doing a test run here
<stgraber> hallyn: another way would be to emit "not-a-container" and have the ttys depend on that or container CONTAINER=lxc or container CONTAINER=lxc-libvirt
<adam_g> hallyn: have you seen any problems with pxe+kvm on precise? im running into an issue after a recent upgrade where dhcp requests make it thru to dnsmasq only %25 of the time, if that
<adam_g> smoser: ^
<hallyn> adam_g: no, i 've not noticed, though we have noticed dhcp problems in containers.
<hallyn> adam_g is your virbr0 stp on?
<stgraber> stp is completely broken in libvirt. I made sure I have my config explicitly saying "stp=off" and it's still setting it on at boot time
<hallyn> feh
<hallyn> stgraber: pls open a bug?  that needs to get fixed.
<adam_g> STP is enabled. if thats broken, that'd make sense
<stgraber> hallyn: will do next time I reboot and confirm that doing it the clean way like I just did (net-edit) solves it (instead of messing directly with the .xml like I did last time)
<hallyn> adam_g: well that means that the dhcp request (iiuc) will go on the wider net
<hallyn> adam_g: at any rate turn it off and see if that fixes it :)
<adam_g> hallyn: yes, disabling it fixed
<hallyn> stgraber: so one last time, on your upstart-containers tree, is it a concern that non-containers will always process /proc/self/status and look for /proc/{vz,bc}, during early boot?
<hallyn> adam_g: drat.  uh, i mean, good.
<hallyn> adam_g: thanks
<smoser> adam_g, i did see this.
<adam_g> hallyn: shall i raise a bug?
<hallyn> adam_g: go ahead.  stgraber: adam_g is opening it  ^
<smoser> in odev i was timing out on boots sometimes.
<hallyn> odev?  wth...
<stgraber> adam_g: thanks
<hallyn> of course it could be a bridge-utils regression
<stgraber> hallyn: it'll make boot slower, yes, now looking through a single file in /proc should be so fast we don't really care
<adam_g> what determines the stp + dhcp timeouts on a libvirt network? IIRC, if stp timeout is greather than the dhcp timeout, it will fail to pxeboot unless you drop to ipxe prompt, wait a bit, and retry dhcp
<hallyn> stgraber: ok, then i'm happy - pls feel free to push :)
<hallyn> stp timeout?  i don't understand those words together
<stgraber> real	0m0.003s
<stgraber> user	0m0.000s
<stgraber> sys	0m0.000s
<hallyn> i thought stp was just on or off
<stgraber> hallyn: ^ that's running the check ;)
<hallyn> adam_g: but since virbr0 by default is nat, stp doesn't make sense anyway i don't think.
<smoser> roaksoax,
<hallyn> huh.  brctl manpage now is implying that brctl off is a bad thing.
<smoser> in early_command, we could 'echo force-unsafe-io > /target/etc/dpkg/dpkg.cfg.d/force-unsafe-io'
<Daviey> smoser: we used to do that with uec-deployment-testing thing, didn't we?
<Daviey> We did discuss doing it by default for installs.
<smoser> hm..
<smoser> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605384
<uvirtbot> Debian bug 605384 in base-installer "d-i should use dpkg --force-unsafe-io to optimize installation time" [Wishlist,Fixed]
<smoser> but i sweare things are slower than they should be
<adam_g> hallyn: by timeout i mean the time it takes for the port to initialize before the interface has link
<Daviey> smoser: look at that, we discussed it and it was done :)
<hallyn> i see.  upstream libvirt commit 1ae8eed1b4740f1977f05235b47c820c7397e0f9 appears to be the cause
<smoser> you must have said "so be it", Daviey
<hallyn> adam_g: i don't understand how, but maybe upping the delay would help you...
<hallyn> note i have stp on on virbr0 and haven't noticed any dhcp issues
<hallyn> but i'm sure i'm not as heavy as user
<koolhead17> SpamapS: Can you suggest me some example/doc i should follow for the merge process
<koolhead17> i got one https://wiki.ubuntu.com/MeetingLogs/devweek1107/MergingFromDebian
<TimR_> hey guys I cant upgrade my 9.04 to 10.04 and I do not want to do clean install so how do I fix this?
<adam_g> hallyn: its only an issue during pxe boot, when the interface has just come online and STP is probably still initializing/discovering/whatever. waiting till normal dhcp discovery later in boot gives it enough time, i assume
<hallyn> but then delay in the bridge won't help, right?  that'll just squash traffic from the device during the timeout
<adam_g> i suppose not
<adam_g> was stp enabled by default on libvirt created bridges previosly?
<hallyn> adam_g: i didn't think so
<hallyn> adam_g: the commit that mentions their being on by default is from nov 2011
<hallyn> lemme put on my dunce hat and go ask upstream on irc why they think on is best.
<SpamapS> koolhead17: php5 is *not* an easy merge. ;)
<TimR_> anybody?
<koolhead17> SpamapS: planning to spend my night with it :D
<gary_poster> hallyn, you asked on bug 924337 "Can you show what 'brctl show' on the host gives? Do your host logs show any problems with dnsmasq on lxcbr0?"  The first one is easy. virbr0 does have STP enabled (lxcbr0 does not).  For the second, I looked at /var/log/syslog and saw some dnsmasq chatter but nothing that was obviously an error.  I'll report this in the bug, but I'm mentioning it here so you can quickly give me a be
<gary_poster> tter idea if I should look elsewhere.
<uvirtbot> Launchpad bug 924337 in lxc "lxc on precise is not working with lucid containers" [High,Incomplete] https://launchpad.net/bugs/924337
<SpamapS> TimR_: you can still upgrade 9.04 to 9.10, you just need the old releases..
<TimR_> where do I find it?
<hallyn> gary_poster: as a workaround, you should be able to just change the 'start on' in /etc/init/console.conf in your container to 'start on mounted MOUNTPOINT=/run'
<hallyn> gary_poster: when stgraber's new upstart hits archive (not sure how soon that can happen) it'll be fixed there.
<gary_poster> hallyn, ok awesome thank you.
<hallyn> stgraber: which reminds me, we'll need to do a Breaks: lxc  on current version and below, and fix the ubuntu tempalte to ditch lxcguest on setup.
<user10000> i need help to config QoS on my ubuntu server/router for gaming..anybody?
<TimR_> SpamapS?
<SpamapS> TimR_: google? not sure
<gary_poster> hallyn, for the TTY problem (5:0 not allowed) from earlier, I have a workaround (uncomment that line).  Is there a fix coming as well?
<hallyn> gary_poster: yes, i'm re-enabling that access.  fix should be in archive already
<gary_poster> awesome thanks hallyn
<hallyn> np, i think i messed up with that altogether.
<smoser> hallyn, i like your /sys/fs/cgroup/* change.
<hallyn> smoser: pretty eh?
<smoser> but now i can't access /sys/fs/cgrope
<smoser> oh well. it was probably just going to get me into trouble anyway
<hallyn> especially on the internet
<hallyn> boy, trying out having the unity bar not autohide.  it's very distracting while reading a full-screened term :)
<Daviey> hallyn: I had to switch to not hide.. i found that /more/ annoying
<hallyn> Daviey: not hide?
<hallyn> Daviey: i just switched to always hidden.  I tried always present, and it phsyically hurts
<Daviey> heh
<stgraber> hallyn: oops, just read the comment in lxcconsole.conf saying that libvirt uses tty1.conf, so that means my current start condition is wrong (starts on both lxc and lxc-libvirt)?
<zul> adam_g: the ubuntu-server-dev branch has the /bin/false now
<hallyn> stgraber: oops, yes.  i forgot about that.
<stgraber> hallyn: any luck with setsid()
<hallyn> stgraber: well, thsi is where i think i really messed up - it looks like apparmor is preventing the sound+kbd messups now anyway
<hallyn> stgraber: so I'm leaving it be for now
<hallyn> so right now, with new container creatd with newest lxc, it's not corrupting things for me
<adam_g> zul: k, ill kick off a test
<zul> adam_g: tested and launched an instance ok
<roaksoax> smoser: i guess w ecould do that, but doesn't d-i provide anything to set that already?
<smoser> see above, apparently it does it already.
<hallyn> Danny_Joris: 11.10 server install went flawlessly for me in kvm.  I assume it's some virtual box issue?  Might be worth looking through the logs after the install fails.
<adam_g> roaksoax: ping
<roaksoax> adam_g: pong
<adam_g> roaksoax: thoughts on Bug #918796 ?
<uvirtbot> Launchpad bug 918796 in orchestra "Imported ISO's end up with wrong names" [Medium,Confirmed] https://launchpad.net/bugs/918796
<adam_g> roaksoax: im wondering if cobbler might have changed behavior when importing + creating /var/www/ks_mirror/ directories
<roaksoax> adam_g: that's something I'm about to start looking into
<roaksoax> adam_g: i'm guessing it is because renaming a profile ends up not renaming /var/www/ks_mirror
<roaksoax> adam_g: and when adding a new one, it cant use something that was previously used
<roaksoax> or the other option is that if the name uses -<arch> and --arch is specified as swell, then there's some validation error somewhere
<adam_g> roaksoax: yeah.. its not renaming the ks_mirror directory, because its looking for it ref.name, but apparently when its imported, its created as ref.name + ref.arch or some such.
<adam_g> roaksoax: our input to cobbler from o-import-isos + c-ubuntu-import hasn't changed much AFAICS between oneiric  and precise
<roaksoax> adam_g: yeah I'm guessing it is a bug within cobbler's validation
<roaksoax> adam_g: cause either way, if the arch is not specified in the --name then, once the arch is detected
<roaksoax> (or specified) it is automatically added to the name
<adam_g> ah
<roaksoax> so somewhere in the process something doesn't work the way it should
<adam_g> well, either way.. the precise version of cobbler-ubuntu-import has been working fine on the oneiric cobbler server in terms of keeping distros up to date and named properly. the double-arch-in-name bug causes issues for that update process on precise, because renaming fails
<roaksoax> adam_ TBH I wasn't the one who found the bug, but rather, it came up in a discussion i was having so I filed it
<roaksoax> and I haven't seen it yet
<adam_g> roaksoax: just checked again on a fresh daily:  apt-get -y install cobbler && cobbler-ubuntu-import precise-x86_64
<roaksoax> adam_g: did the double arch thing happened again?
<adam_g> http://paste.ubuntu.com/824379/
<adam_g> yeah
<smoser> SpamapS, what tool was it hta tyou were usin gthat showed io?
<roaksoax> adam_g: ok I think I have an idea of what might be going wrong
<smoser> what double arch thing ? adam_g ?
<SpamapS> smoser: iostat and vmstat
<smoser> oh.
<smoser> i see it.
<smoser> hm..
<roaksoax> adam_g: where you using a server in the lab?
<roaksoax> adam_g: is there any free machinein the lab that I can mess with? one that already has precise on it
<adam_g> roaksoax: im in cloud instance
<roaksoax> adam_g: ok
<adam_g> roaksoax: try canonistack precise
<roaksoax> adam_g: about to do that ;)
<SpamapS> smoser: are you looking at making jstack more efficient again?
<smoser> no. i was just working on it.
<smoser> it uses btrfs clone now!
<smoser> :)
<smoser> well, all of lxc uses btrfs clone if /var/lib/lxc/ is btrfs
<smoser> hallyn, i hvae a question
<smoser> lxc-ls starts to not work properly as non-root, possibly after you've done some bad things to it.
<smoser> is it a bug by the user to try to use it as non-root, or in lxc-ls
<hallyn> smoser: there's no particular reason why we'd want to stop lxc-ls  for non-root.  Do you know what you've done to it to top it working?
<hallyn> smoser: before it wasn't working bc *I* broke lxc-start...  (well, src/lxc/cgroup.c)
<smoser> not really. but i see it often. when using juju.
<smoser> stuff like:
<smoser> /usr/bin/lxc-ls: line 35: cd: /sys/fs/cgroup/cpuset///lxc: Permission denied
<smoser> ls: cannot access ubuntu-jstack-nova-cloud-controller-0: No such file or directory
<smoser> ls: cannot access ubuntu-jstack-keystone-0: No such file or directory
<roaksoax> adam_g: ah yes, I think I had fixed that.. maybe a patch got dropped or something changed in the newest upstream release
<adam_g> roaksoax: cobbler/api.py ln. 768
<hallyn> smoser: can you file a bug?  (it soudns like a rehash of two earlier issues, nother of which you *should* be having)
<adam_g> roaksoax: api.import_tree() is completely changed since oneiric. among other things,  path += ("-%s" % arch)
<roaksoax> adam_g: i think there was a patch for that
<roaksoax> adam_g: are you providing a fix?
<roaksoax> adam_g: or should I
<roaksoax> ?
<adam_g> roaksoax: im going afk for lunch. i only traced it to there, didn't look any further at a fix or why it changed to begin with
<roaksoax> adam_g: ok I'll work on it then :). thanks
<stgraber> hallyn: https://launchpad.net/~stgraber/+archive/experimental has a test upstart with my changes
<raj> how reliable is 11.10 as a server?
<raj> just as reliable as 11.04?
<stgraber> hallyn: I basically rebased lxcconsole.conf on the other tty jobs and renamed it to console.conf (in case we one day find something else than lxc needing that). I also added the new conditions to the other jobs and the not-container event,
<stgraber> hallyn: would be nice if you could test than in lxc, lxc-libvirt and some standard system (non container). I tested lxc and standard system here (VM).
<stgraber> hallyn: as running-in-container depends on stuff that are in the packaging, I'll move it to debian/ and will propose the branch for merging (probably after a quick chat with slangasek)
<hallyn> stgraber: ok
<hallyn> stgraber: (trying to get two bug reproduce tests going right now, having some trouble... but will try to get to those soon)
<adam_g> zul: all tests passed with those packaging changes, btw
<hallyn> stgraber: d'oh.  seems i did something wrong.  'mountall : event failed'
<uvirtbot> New bug: #917851 in openstack-ci "replace m2crypto with shelling to openssl" [High,In progress] https://launchpad.net/bugs/917851
<TimR> sudo mount -o loop /media/cdrom0/alternate-cd.iso /mnt/alternate
<stgraber> hallyn: do you sill get a console after that?
<TimR> I cant get the alternative cd to work correctly via command line
<hallyn> just took an existing workign container, cloned it, added your ppa, purged lxcguest, updated (including upstart).  no, no console, and lxc-ps shows nothing
<hallyn> stgraber: btw I'm not 100% sure about your tty{5,6].conf - why do you have them starting in lxc and lxc-libvirt contianers?
<stgraber> hallyn: ok, that's odd. I'm seeing some problems in VM now (looking at it) but it works fine in the container
<stgraber> hallyn: yeah, I only just noticed that, we indeed only need tty1-tty4
<hallyn> dont' know if that hurts anything...
<stgraber> hallyn: when you say lxc-ps shows nothing, is that nothing as in just init or just nothing weird?
<hallyn> stgraber: that time it showed nothing at all, now i get http://paste.ubuntu.com/824480/
<hallyn> how can emit hang?
<hallyn> do i need dbus maybe...
<stgraber> hallyn: it can. I actually just fixed that one here.
<hallyn> (installing dbus didn't help)
<stgraber> hallyn: I also just noticed my package version being stupid (should have been ~ppa1 so I can do some tests). I'll upload a new version now but with a lower version number so you'll need to manually install it (sorry ...)
<hallyn> stgraber: np, i'll just use a new container
<hallyn> stgraber: i assume it'll be an hour before ppa builds?
<stgraber> hallyn: more like 10-15min. I skip the build queue ;)
<hallyn> stgraber: please satisfy my curiosity - wtf is making it hang?  :)
<hallyn> ok, set a timer - i'll retry in 20 mins
<stgraber> hallyn: don't know to be honnest, I just went with my usual fix for cases where it hangs "initctl emit --no-wait"
<hallyn> oh.  duh.
<stgraber> it usually happens when a job is "start on starting some-other" and you get into weird circular dependencies, but it's not the case here, so not really sure ;)
<hallyn> here's hoping i'm not over-taxing my laptop (with a set of nested kvms) and it doesn't overhead+shutdown again...
<stgraber> you need water cooling ;)
<TimR> can anybody help me I cant get the alternative cd update to work via command line
<kirkland> smoser: fyi, i just launched a precise t1.micro, it's up and running, but 30 minutes later, no console output
<smoser> it does hapen.
<smoser> kirkland, could you follow up in bug 588725
<uvirtbot> Launchpad bug 588725 in linux-ec2 "instance had no console output" [Medium,Confirmed] https://launchpad.net/bugs/588725
<smoser> hm...
<smoser> i guess that i should probvably open a thread and then ask you to append your instance-id and ami and such to it.
<Patrickdk> hmm, I should file an annoyance against debian-install
<Patrickdk> that is the correct package for the installer these days right?
<TimR> am I doing something wrong here?
<zul> adam_g: swweeeet!
<RoyK> ?
<roaksoax> adam_g: http://pastebin.ubuntu.com/824494/
<kirkland> smoser: another strange thing ....
<kirkland> smoser: 0% [Connecting to us-east-1.ec2.archive.ubuntu.com (10.210.205.172)]
<kirkland> smoser: i launched another instance
<kirkland> smoser: and that archive just isn't responding
<kirkland> smoser: I ctrl-c and retry
<kirkland> smoser: get a different mirror, and then I'm off and running
<kirkland> smoser: i wonder if the two issues are related?
<adam_g> roaksoax: ive done something similar locally, will run with that for today while i do some cobbler work. might be worth checking with upstream source for context around that change
<TimR> ok I guess im not being heard here
<smoser> utlemming, can you dig on archive issue above please ?
<smoser> kirkland, says that 10.210.205.172 is dead
<smoser> kirkland, two issues not related.
<smoser> kirkland, please append instance-id and other information to https://forums.aws.amazon.com/thread.jspa?threadID=86174
<smoser> or if you dont want to bother with an id there, i will copy from the bug.
<roaksoax> adam_g: IIRC, I saw similar bug long time ago and was fixed in a similar way
<smoser> as it says in the bug, i very much suspect that there is a hypervisor loss of data on this stuff.
<kirkland> smoser: okay
<adam_g> roaksoax: strange
<kirkland> smoser: I opt for pasting into bug, eff the forum :-)
<roaksoax> adam_g: indeed! I will review upstream branches and our dropped patches later
<kirkland> smoser: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/588725/comments/12
<uvirtbot> Launchpad bug 588725 in linux-ec2 "instance had no console output" [Medium,Confirmed]
<stgraber> hallyn: packages built, just waiting for them to publish now
<smoser> gracias, kirkland
<smoser> later all.
<kirkland> smoser: de nada
<utlemming> smoser: digging
<TimR> so can anybody help me?
<greppy> TimR: If someone can, they will.  It may help if you give specific error messages, if they take up more than one line, you should probably use !pastebin
<greppy> bah
<TimR> i have
<TimR> and everytime I get muted out
<greppy> TimR: *shrug* if no one can help you, then they can't help you, sorry.
<TimR> then if they cant help why be in there?
<greppy> because they can't help you, they shouldn't be here?
<TimR> right....
<greppy> You don't think that is a little arrogant on your part?
<TimR> no
<TimR> you think its arrogant beging muted when asking a question?
<greppy> none of us are paid to help people in here.  When you ask a question, if someone can help you, they will.
<TimR> ya four hours later?
<greppy> If that is when someone can help you, then yes, 4 hours later, or 5 or 6 or whatever.
<hallyn> stgraber: not seeing it yet
<greppy> and on that note, it's time for me to go become unconscious.
 * greppy &
<stgraber> hallyn: yeah, it's taking long to publish ...
<TimR> nvm I got main issue fix without have to upgrade the whole system
<stgraber> hallyn: actually according to LP it just finished
<hallyn> ah there it is
<hallyn> it didn't auto-remove lxcguest
<hallyn> wtf - exact same problem.
<hallyn> 1.4-0ubuntu5~ppa1
<hallyn> stgraber: bad debuild/dput?
<stgraber> hallyn: looks like it. the job is wrong
<hallyn> stgraber: was adding --nowait the only difference?
<hallyn> i'll just test that by hand if so
<hallyn> note i still get 'mountall: event failed" but i now get a console
<stgraber> hallyn: that, disabling tty5 and tty6 and adding some || true at some risky places (as pre-start scripts are running with -e)
<hallyn> stgraber: do you get the mountall error msg?
<hallyn> oh noes!  and reboot didn't work
<stgraber> hallyn: yeah, the mountall error seems to come from mounted-debugs
<stgraber> *debugfs
<stgraber> hallyn: chmod: changing permissions of `/sys/kernel/debug': Permission denied
<stgraber> hallyn: got that testing with: lxc-start -n container -- /sbin/init --log
<hallyn> not sure what we should do about that
<hallyn> stgraber: but, does 'reboot' work for you?
<hallyn> ok, added '|| true' to that and it shut up the error
<stgraber> hallyn: yep, reboot works. Boot time varies though, probably because of dhclient
<hallyn> i wonder if the newest kernel dropped the reboot patch
<hallyn> i bet so
<stgraber> hallyn: pushed ppa2 (adding --no-wait and actually basing console on tty1 instead of tty2, will make boot a bit slower but consistent with a regular ubuntu system)
<hallyn> stgraber: with ppa1, libvirt-lxc container gets a console just fine
<hallyn> stgraber: /etc/init.d/ondemand is biting at my ankles.
<hallyn> but no that's not the only problem
<stgraber> I think I'll start doing all my tests with static networking, dhclient timing randomness doesn't help for testing
<hallyn> stgraber: I dunno, exact some container, with ppa1 upstart and no lxcguest, pid 1 will just not go away.  reboot+shutoff just hang
<stgraber> hallyn: weird, reboot definitely works here (ppa1)
<hallyn> what could i have done...
<hallyn> ok i'll just start over i guess
<stgraber> anything in dmesg?
<stgraber> oh, btw, I just noticed you can flush the kernel log from a container (dmesg -c). Not sure if there's an apparmor way of blocking that though.
<hallyn> just the similar stuff to what you have
<hallyn> yeah it woudl've been nice to have dmesg separation for lts
<hallyn> should be added to LxcSecurity wiki page
<stgraber> hallyn: https://launchpad.net/~stgraber/+archive/experimental/+build/3137750/+files/upstart_1.4-0ubuntu5%7Eppa2_amd64.deb (haven't tested yet)
<hallyn> i hate typing out python-software-properties
<hallyn> ok thx
<hallyn> can't resolve launchpad.net.  weird
<stgraber> hallyn: if you switched to static and assume /etc/resolv.conf will be kept across reboot, you're wrong (you need to use dns-nameservers in /etc/network/interfaces) ;)
<hallyn> i can't believe this.  can't resolve launchpad.net even on my laptop
<hallyn> stgraber: that sounds bad
<hallyn> stgraber: you purge lxcguest too?
<stgraber> hallyn: yep
<hallyn> i don't get it
<hallyn> hm.  i just have no name service
<hallyn> stgraber: i don't have resolvconf installed, but resolv.conf is pointing to 127.0.0.1.  expected?
<stgraber> hallyn: yes, Network Manager starts dnsmasq since the sprint
<stgraber> ps aux | grep nm-dns-dnsmasq
<stgraber> if that doesn't give you a dnsmasq server, you have a problem :)
 * hallyn doesn't like all this newfangled redirection and automation
<hallyn> but especially not when it breaks his dns :)
<hallyn> (obviously, existing connections are fine.)
<hallyn> well hmm, what's going on here
<hallyn> maybe i'ts not dnsmasq's fault
<hallyn> but it is
<hallyn> server=192.168.254.254
<hallyn> but when i but 'nameserver 192.168.254.254' into /etc/resolv.conf, then i can resolv just fine
<hallyn> stgraber: ^
<stgraber> hallyn: hmm, that's weird, could it be multiple dnsmasqs fihghting for 127.0.0.1?
<hallyn> stgraber: conceivable, though i don't see another
<stgraber> hallyn: you can also try asking NM to restart the connection, see if that helps (NM kills and respawns dnsmasq everytime something changes)
<hallyn> i've tried disconnecting and reconnecting several times
<hallyn> btw, this is a separate issue, but yes i think this will completely screw up my setup for making this laptop a wireless bridge for my other one over eth0 (which runs another dnsmasq listening to eth0 for pxe-boot and dhcp)
<hallyn> but i'm not trying to do that right now, and that dnsmasq is not runnign
<hallyn> i think maybe i need to stop for the day (and just let my test installs run).  nothing is working or making sense
<stgraber> hallyn: ok, lets try a few ideas: do you have nscd running? anything suspicious in /var/log/syslog (both NM and dnsmasq should log there)? any firewalling going on?
<hallyn> no nscd
<hallyn> three dnsmasqs - libvirt, lxc, and nm
<hallyn> only suspiciosu thing i see - which should alarm us just a bit - is udev on the host complaining about the contaienr's veth (i assume) not existing, during the udev storm
<hallyn> nothing for nm
<hallyn> hm, qemu died while a nested qemu was installing
<stgraber> hallyn: rebased on a clean upstart, re-commited everything in small chunks and updated changelog: lp:~stgraber/ubuntu/precise/upstart/upstart-containers/ (new branch, so bzr pull won't work unless used with --overwrite)
<hallyn> thx, will look
#ubuntu-server 2012-02-01
<hallyn> stgraber: hang on, did you mean to keep 'start on stopped rc runlevel=[2345]" in console.conf?
<stgraber> hallyn: mine has an extra "and container CONTAINER=lxc" but yes, I actually got that working reliably and that gives us the same behavior as a regular Ubuntu system
<stgraber> hallyn: so in some cases you may have to wait up to 60s before you get a shell if your network is broken
<hallyn> drat.  seems like for container console we may as well skip that
<stgraber> well, that only happens if you screwed up your /etc/network/interfaces and in that case lxc-console should still work :)
<hallyn> stgraber: or if you use virbr0 with stp on...
<stgraber> I noticed that not having the "stopped rc RUNLEVEL=[2345]" part also hides services startup messages
<stgraber> like apache and other services providing a sysvinit job
<stgraber> hallyn: well, stp on should cause a "delay", not make it wait a full minute (hopefully) ;)
<hallyn> i'll defer to your judgement
<stgraber> hallyn: https://code.launchpad.net/~stgraber/ubuntu/precise/upstart/upstart-containers/+merge/90986
<hallyn> cool
<hallyn> thanks
<Danny_Joris> I created this ubuntu server earlier today at the office. Pretty straightforward: ubuntu server 10.04 lts and enabled bridged networking. Now, at home, I can still open the vm and work on it, but I can't use the ip, ping it, or ssh in through the osx terminal
<Danny_Joris> did i make it dependent to my work's network?
<Danny_Joris> I'm even vpn'ed into the office's network
<Danny_Joris> weird stuff
<Danny_Joris> ah it changed ip address...
<Danny_Joris> not sure why
<hallyn> anyone here have an eeepc running precise and would care to try and use testdrive-gtk to run a vm (for bonus points, the kde mobile choice, last option on second tab)
<Guest32380> I just got proftpd up an running, and I can only read from /var/www/ even though proftpd.conf is set up for AllowAll for me. The permission error went away when I used chown -R to make myself owner of the directory. My question is this: would it be bad to set permissions to 777 for the folder?? It's open to the internet, but it seems to be the only way I'll be able to have multiple ftp accounts.
<Guest32380> Sorry, I'm a bit of a newb.
<qman__> Guest32380, yes, it would be very bad to do that
<Guest32380> dammit -___-
<qman__> www-data (the web server) and any other daemons (like proFTPd's daemon user) should not have write permission to that directory unless absolutely necessary
<qman__> and if they do, said directories should be secured against allowing files within them to be executed
<qman__> in addition, using FTP at all is a bad idea
<Guest32380> qman__: How do I upload to my web host then? Sorry for ignorance
<qman__> SFTP
<Guest32380> ahh
<qman__> secure, sanely designed, and easy to set up
<Guest32380> I have to get my cert set up -__- So how should I manage uploading to /var/www/ after I enable SFTP?
<qman__> create a user and group for that purpose, and make that user and group the owner
<qman__> don't use that user and group for anything else
<qman__> then, add users who you want to give permission to that group
<qman__> and then, if you need it, change permission to 775
<Guest32380> qman__: Thanks! So can groups be owners?
<Guest32380> Of files/directories?
<qman__> every file has an owner and a group-owner
<qman__> permissions are set for the user-owner, group-owner, and world
<qman__> that's what the three numbers are
<Guest32380> Ohh! Okay, thanks a load!
<Danny_Joris> is there an irc channel for lamp stacks/apache or can i ask these questions here?
<twb> #httpd concerns apache.
<twb> ##php concerns PHP.
<Danny_Joris> twb: tnx
<twb> #mysql, I suppose, for MySQL.
<twb> The "linux" part usually means a full GNU/Linux OS; for actual kernel issues there is #kernelnewbies on OFTC, for general Ubuntu server questions, you can ask here.
<twb> apache httpd and mysql are certainly on-topic here, but you will get better advice on their intricacies on their dedicated channels.  We are more concerned with Ubuntu best practices for installing them and so on -- note that upstreams often disagree with us on the "right" way to do things :-)
<SpamapS> Heh, I think the A in LAMP is becoming "An HTTPD server"
<SpamapS> I'd bet money that nginx or another more lightweight httpd will be in main by 14.04
<twb> nginx isn't lightweight.  It includes a POP3 daemon FFS
<twb> thttpd or a 10-line bash-based httpd are lightweight
<SpamapS> heavy in code maybe, but its the lightest httpd I've used
<SpamapS> root       557  0.0  0.2  73676  1380 ?        Ss    2011   0:00 nginx: master process /usr/sbin/nginx
<SpamapS> www-data   559  0.0  0.4  74612  2948 ?        S     2011   3:25 nginx: worker process
<SpamapS> root       557  0.0  0.2  73676  1380 ?        Ss    2011   0:00 nginx: master process /usr/sbin/nginx
<SpamapS> www-data   559  0.0  0.4  74612  2948 ?        S     2011   3:25 nginx: worker process
<SpamapS> oops
<SpamapS> stupid lag
<twb> USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
<twb> www-data    56  0.0  0.0   8708   836 ?        Ss    2011   1:30 thttpd -D -r -d /srv/apt
<SpamapS> twb: how does thttpd handle concurrency and fastcgi?
<twb> I win
<twb> No, that's the whole point
<twb> thttpd is for doing what HTTP is for -- stateless serving of static content
<SpamapS> twb: right.. all these silly dynamic sites are just abusing HTTP. ;-)
<twb> If you want to serve some stupid "web app" then you can have your nginx and tomcat and all that shite
<SpamapS> What a waste of billions of dollars these blogs and social networking and video sites are.
<twb> thttpd does support plain CGI, unfortunately, but I usually turn that off
<twb> SpamapS: yes!
<SpamapS> We could go back to 1997 and have static HTML!
<twb> SpamapS: I'm glad someone understands me
<SpamapS> twb: I'm always here for you
 * SpamapS wanders off
<twb> Having said that, when I investigated reverse proxies, I was more impressed by varnish than nginx
<SpamapS> varnish is really awesome
<twb> The main disadvantage of varnish is you have to install a compiler toolchain on a production host, which makes it a little easier to escalate once compromised
<SpamapS> twb: you can get away with compiling all the stuff on a staging box and pushing it out
<twb> That or fiddle-fart around getting the configuration .o from a sta- right
<SpamapS> twb: nginx is still easier to configure. And they even have a public source code repo now
 * SpamapS sighs
<SpamapS> Not sure if the comments are all still in Russian
<twb> SpamapS: incidentally, I'm emphatically Not A FanTM of fcgi in any case.  IMO it's far better to just have the app and the reverse proxy speak to one another using HTTP -- much easier to debug, and not hard to bolt a "dumb" http into your typical python/whatever app
<SpamapS> twb: fcgi is just an optimization for the times where every ms of latency and wire traffic matter
<twb> You speak fcgi over IP, and not just between machines on the same host?  That made me kinda nervouse, because it involves actually TRUSTING the LAN
<twb> Granted I don't care at all about performance
<Guest32380> So I'm a newb, and I have a new server >:) I'm trying to broaden my horizons, so if I want something like a *simple* chat box with AJAX, what should I use on the server end?
<Guest32380> Python maybe?
<twb> If you're a js weenie you could use nodejs on the server side, which is basically the v8 (chrome) js VM hacked to be an httpd instead of a browser module.
<Guest32380> eww
<twb> The advantage being that you write both sides in js instead of half js and half python/php/whatever
<twb> And js is certainly a better language than PHP -- hell, it's halfway to scheme (the easy half)
<Guest32380> twb: thanks!
<twb> Guest32380: the biggest question is: are you doing this for pedagogy (i.e. to learn), or professionally (i.e. just get it done as quickly as possible)?
<Guest32380> pedagogy, which might I say is ironic(?) since I didn't know that word
<Guest32380> twb: I've always wanted to try Python, but I'm not sure how to start interfacing it with an xmlhttprequest
<twb> You may wish to talk to the twisted people
<twb> I don't know if that's suitable for learning purposes; it felt more heavyweight to me
<twb> I haven't looked at it closely tho
<Guest32380> okay then
<SpamapS> twb: re trusting the LAN .. do you encrypt/sign all your traffic between your database and its clients?
<SpamapS> at some point you have to accept some risks, though its important to identify them and accept them, not just be victim to them.
<twb> SpamapS: I don't run SQL over the network at all
<SpamapS> right, static HTML.. ;)
<twb> SpamapS: the one stupid "app" that I am forced to deploy, that needs a "database" (which it really just uses as a dumping area for data), I said it had to run PHP and apache and mysql all in the same locked-down jail
<twb> But you're right, e.g. I have zero protection against ethernet-layer attacks within my LANs, because hard-coding the neighbours table wasn't worth it :-(
<SpamapS> twb: most switches can be configured fairly easily to disable gratuitous arp attacks.. and arpwatch is usually enough to flag any weirdness if you can't do that.
<twb> Well, I'm doing that much
<Guest32380> did yall go to college?
<imperalix> What is college?
<twb> imperalix: depending on your locale, it is either secondary or tertiary education.
<twb> It can also mean a housing unit or campus *of* a larger tertiary institution
<LeMAC> ÐÐ¾Ð±ÑÑÐ¹ Ð´ÐµÐ½Ñ ÑÐ²Ð°Ð¶Ð°ÐµÐ¼ÑÐµ Ð³ÑÑÑ ÐÐ¢ ÑÐµÑÐ½Ð¾Ð»Ð¾Ð³Ð¸Ð¹ )
<twb> !ru
<ubottu> ÐÐ¾Ð¶Ð°Ð»ÑÐ¹ÑÑÐ° Ð½Ð°Ð±ÐµÑÐ¸ÑÐµ /join #ubuntu-ru Ð´Ð»Ñ Ð¿Ð¾Ð»ÑÑÐµÐ½Ð¸Ñ Ð¿Ð¾Ð¼Ð¾ÑÐ¸ Ð½Ð° ÑÑÑÑÐºÐ¾Ð¼ ÑÐ·ÑÐºÐµ. | Pozhalujsta naberite /join #ubuntu-ru dlya polucheniya pomoshi na russkom yazyke.
<uvirtbot> New bug: #924739 in squid3 (main) "after upgrade from oneiric to precise squid only returns 403" [High,New] https://launchpad.net/bugs/924739
<tero> what is the best/recomended virtualisation sw for ubuntu server?
<Tm_T> I would imagine that depends on your needs
<smb> jibel, I see the first people with pitchforks arrive... (re: re: bug 923685) ;)
<uvirtbot> Launchpad bug 923685 in resolvconf "New resolver package overwrites manually created resolv.conf on server" [Critical,Confirmed] https://launchpad.net/bugs/923685
<Daviey> oh dear
<lynxman> morning o/
<smb> lynxman, \o morning
<eutheria> i was thinking about using rdiff-backup to create backups of some machines, postgresql dumps etc
<eutheria> to do a backup using rdiff-backup pushing files to a remote machine would mean it needs to be reasonably secure, so a shell account with a lot of space wouldn't be a smart move
<greppy> eutheria: take a look at duplicity and duply
<greppy> eutheria: http://duplicity.nongnu.org/
<eutheria> oh new stuff
<eutheria> i like!
<eutheria> thanks
<eutheria> does deja-dup use duplicity?
<th0mz> did grub2 came to stable or default please ?
<th0mz> (i have several server messaging about grub2 this morning)
<eutheria> th0mz, grub2 (1.99999) i think has been the default for a long time
<th0mz> mmh
<eutheria> can't remember when it came in
<th0mz> for 10 LTS ?
<eutheria> i don't have an LTS to hand
<eutheria> i am pretty sure it was there
<th0mz> ii  grub-pc                          1.98-1ubuntu12                         GRand Unified Bootloader, version 2 (PC/BIOS
<th0mz> oki
<th0mz> i'm wrong, something i need to check on this server then
<th0mz> thankls
<th0mz> thans eutheria
<th0mz> k
<eutheria> no problem
<eagles0513875> ikonia: the rootkit stuff that is available in the repos do you recommend installing one of them just to be on the safe side
<ikonia> what ?
<eagles0513875> there are some rootkit scanner packages available in the repos do you think its good to have one installed to be on the safe side?
<ikonia> what are you talking about ?
<eagles0513875> there is a package rkhunter which will scan ones system for rootkits. do you think that is a good thing to have installed on ones system?
<eagles0513875> as a preventative measure against rootkits
<ikonia> what are you talking about ?
<eagles0513875> rootkit scanners im wondering if its good to have installed on my system as a preventative measuer against rootkits
<ikonia> why are you talking to me about rootkit scanners
<ikonia> what are you talking about ??
<eagles0513875> im just asking if they are worth having is all
<ikonia> up to you
<ikonia> seems a pointless tool to use as a "real time scanner"
<ikonia> more a tool to use after you've been compromised
<eagles0513875> ok thank you :)
<eagles0513875> ikonia: sry saw a mention of directory listings i found on google what i need to remove in regards to the indexes. if my vhosts have index mentioned in them do i remove them at the vhost level or removing the index from the httpd.conf be sufficient
<ikonia> depends on your setup, normally vhost
<eagles0513875> the site i found says in httpd.conf
<eagles0513875> http://www.felipecruz.com/blog_disable-directory-listing-browsing-apache.php
<ikonia> yes, httpd.conf is where the virtual sites are defined
<eagles0513875> i dont have any of my vhosts defined there im using the ubuntu way of using sites-available then using a2ensite to setup the symlinks appropriatly etc
<ikonia> ok - so you need to either a.) do it at the virtual host config in ubuntu b.) stop reading generic documents and find one specific to ubuntu
<eagles0513875> not much different then what i found :D but thanks none the less for your advise :)
<ikonia> what's not much different than what you have found ?
<eagles0513875> the blog and what i found which is more ubuntu specific
<ikonia> each virtual site will have it's own file, just disable it in each file
<eagles0513875> :) got it
<diplo> Afternoon all, is there a way to list how many updates security/critical etc on the cli
<diplo> http://superuser.com/questions/199869/check-number-of-pending-security-updates-in-ubuntu
<adac> guys, i have a nagios plugin (check_apt) which should determine the critical packages to upgrade, if they are available. But unfortunately on ubuntu server It doesn't work. the critical package count is always on zero
<adac> how can i determine how many and which upgrades are critical?
<eutheria> not enough random bytes, oh so i have to type some more, maybe i should run a benchmark too to help
<jamespage> Daviey: please can you do the relevant magic to make bug 913883 appear on the MIR list for server team.
<uvirtbot> Launchpad bug 913883 in zookeeper "[MIR] zookeeper, netty, log4cxx" [High,New] https://launchpad.net/bugs/913883
<uvirtbot> New bug: #913883 in zookeeper (universe) "[MIR] zookeeper, netty, log4cxx" [High,New] https://launchpad.net/bugs/913883
<Daviey> jamespage: what is it worth? :)
<jamespage> Daviey: hrm - whats your price?
<jamespage> beer/cash/alternatives?
<Daviey> jamespage: is server team expected to monitor inbound bug traffic of all 3 packages?
<jamespage> Daviey: yes I would think so
<Daviey> jamespage: 'payment in kind'
<Daviey> jamespage: log4cxx is server?
<jamespage> Daviey: its just a C++ logging framework is my understanding
<jamespage> its used in the C client (which is used by the python client etc. etc. etc)
<Daviey> looks cheap enough, it does have a delta
<Daviey> we should review if we still need a delta
<Daviey> jamespage: I assume you've tried to push bug 913878 back to Debian?
<uvirtbot> Launchpad bug 913878 in netty "should run test suite on package build" [Medium,Fix released] https://launchpad.net/bugs/913878
<Daviey> and has anyone looked at removing the delta for log4cxx going forwards?
<adac> how can i see if there are any "security" updates?
<zul> morning
<jamespage> Daviey: I will push that back to debian - its team maintained (I am a member)
<jamespage> Daviey: thanks for poking on that - I had forgotten to submit back - done now
<Daviey> cool
<Daviey> jamespage: just working out the 'cost' before adding it.
<smoser> adam_g, ping when you arrive.
<smoser> i have a nova-volume charm merge
<roaksoax> Daviey: bug #918350
<uvirtbot> Launchpad bug 918350 in cobbler ""cobbler check" should be cleared about not needing network boot drivers" [Low,In progress] https://launchpad.net/bugs/918350
<roaksoax> Daviey: do you think we should just disabe the cobbler get-loaders command and make sure that syslinux is installed only?
<Daviey> roaksoax: i think tou need to work with rbasak so arm works
<Daviey> syslink doesn't work on arm, right?
<roaksoax> Daviey: you mean syslinux?
<Daviey> roaksoax: right, sorry
<roaksoax> Daviey: on the bug, my point being is that cobbler checks for boot drivers thta are downloaded from someones fedora website, and that it our case are not really needed. SO, myquestion was wether to remove that capability (of checking and downloading those boot loaders as we only need syslinux package installed)
<Daviey> Ah
<Daviey> i see
<Daviey> yes, that would make sense
<roaksoax> Daviey: ok then ;)
<smoser> wake up adam_g
<smoser> hallyn, how do you think you set a lower default value on stp ?
<hallyn> smoser: "brctl setfd virbr0 N" ?
<smoser> via libvirt ?
<smoser> libvirt currently shows (net-dumpxml default): <bridge name='virbr0' stp='on' delay='0' />
<hallyn> smoser: then libvirt is broken
<hallyn> biab
<hallyn> smoser: looking at the code, maybe i see why
<hallyn> i'll have to poke more to confirm, but i think it tries to set the delay by writing to "/sys/devices/virtual/net/virbr0/forward_delay"
<hallyn> it should be /sys/devices/virtual/net/virbr0/bridge/forward_delay
<hallyn> what's that bug # again...
<smoser> did that maybe move in a kernel upgrade?
<smoser> bug 924446
<uvirtbot> Launchpad bug 924446 in libvirt "STP enabled on bridge results in unreliable PXE boot of guests" [High,Confirmed] https://launchpad.net/bugs/924446
<hallyn> smoser: that would make sense, but not sure yet.  Well, it would *not* make sens in that it's an ABI breakage...  they don't usually do that
<roaksoax> smoser: have you ever tried using several late_commands on a single preseed?
<smoser> roaksoax, i have not. but i would suspect it wouldnt work.
<smoser> but no try.
<smoser> hallyn, /sys is not an abi, is it?
<hallyn> <shrug>  tell that to people relying on it
<smoser> yeah.
<hallyn> but, i don't see where it would have moved, offhand.  (it's spaghetti code though)
<smoser> i just dont knwo what is considered an abi.
<hallyn> well lemme run a test to confirm.
<gary_poster> hallyn, hi. I was going to try and get you diagnostic information for the apparmor issue I emailed you about, and so first tried to make a new lucid instance.  Bug 924337 is still biting me even after I change the 'start on' in /etc/init/console.conf in my container to 'start on mounted MOUNTPOINT=/run' .  I'll be heading out in a few minutes for lunch, but I can try things now and when I return
<uvirtbot> Launchpad bug 924337 in lxc "lxc on precise is not working with lucid containers" [High,Incomplete] https://launchpad.net/bugs/924337
<hallyn> gary_poster: Drat.  Please make a note in the bug - I didn't expect that, but can't look right now.
<gary_poster> hallyn, will do.  Understood, ttyl
<cr3> hi folks, I vaguely recall someone, possibly dustin, writing some script(s) to preseed installation of images. can someone refresh my memory?
<hallyn> cr3: google for 'kirkland preseed'
<cr3> hallyn: testdrive, that's it! thanks
<hallyn> cr3: ah, not what i was expecting :)  cool
<cr3> hallyn: short of running the script, do you happen to know off hand whether it also supports desktop images?
<hallyn> cr3: yes it does
<cr3> hallyn: sweet, I just reinvented that wheel then :)
<hallyn> cr3: use testdrive-gtk, it gives you options in menu
<cr3> hallyn: I was hoping non-interactive but I'll give it a try to see
<hallyn> <nod>
 * kirkland waves at cr3
<kirkland> cr3: I think what you want is this:
<kirkland> http://blog.dustinkirkland.com/2012/01/ubuntu-quick-installation-preseed-link.html
<kirkland> cr3: ^
<kirkland> cr3: hallyn: testdrive is more of a way to rsync the latest ubuntu desktop images and launch them in a vm, trivially
<cr3> kirkland: I was close: http://blog.dustinkirkland.com/2011/03/ubuntu-server-quick-install-no.html :)
<kirkland> cr3: yeah, that's the older version
<kirkland> cr3: but that one links to some people.canonical.com/~kirkland pages that don't exist anymore
<kirkland> cr3: i've since updated those and continue to maintain them
<kirkland> cr3: use them all the time, in fact
<cr3> kirkland: thanks for the updated link, very cool!
<kirkland> cr3: np
<hallyn> smoser: uh, huh.  I think the problem is simpler.  Simple typo, fixed upstream.
<hallyn> commit 2d5046d31f4f5c961fc4aa6b415a00bb9eadae2b.  d'oh.
<hallyn> zul: got any libvirt fixes to queue up right now?
<zul> hallyn: nope
<roaksoax> smoser: http://paste.ubuntu.com/825342/
<uvirtbot> New bug: #924990 in mysql-5.1 (universe) "package mysql-server-5.1 5.1.54-1ubuntu4 failed to install/upgrade: el subproceso instalado el script post-installation devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/924990
<uvirtbot> New bug: #924281 in lxc (main) "cgroup-lite not installable inside 'lxc create -t ubuntu' container" [High,Fix released] https://launchpad.net/bugs/924281
<roaksoax> smoser: http://paste.ubuntu.com/825390/
<roaksoax> smoser: http://paste.ubuntu.com/825342/
<smoser> roaksoax, sorry.. .what am i seeing ?
<roaksoax> smoser: do you feel confortable with those two fixes?
<roaksoax> smoser: http://paste.ubuntu.com/825390/ bug #912476
<uvirtbot> Launchpad bug 912476 in cobbler "Batch Actions -> Power On does not work unless power_address is manually populated" [Low,Confirmed] https://launchpad.net/bugs/912476
<adam_g> smoser: hey
<roaksoax> smoser: http://paste.ubuntu.com/825342/ bug #914017
<uvirtbot> Launchpad bug 914017 in cobbler "cobbler does not have a disable_pxe snippet (it is in orchestra)" [Medium,Confirmed] https://launchpad.net/bugs/914017
<smoser> http://paste.ubuntu.com/825390/ looks good to me if it works.
<adam_g> smoser: i used your modified deployer last night to bootstrap a 2core, 8GB box into a standalone lxc+openstack. well, everything but compute
<smoser> ah.. roaksoax yeah, that makes more sense now.
<smoser> adam_g, i can get compute functional.
<roaksoax> smoser: ok then. will upload
<smoser> (it works here... need some hacks though, i'll show you adam_g )
<smoser> roaksoax, i was confused by the '#'
<smoser> forgot that it was template
<smoser> is pxe_just_once set to default yes ?
<smoser> roaksoax,
<roaksoax> smoser: yes it is, in Ubuntu it is
<smoser> good.
<smoser> that looks great then.
<roaksoax> smoser: btw.. did you get a maas server running?
<adam_g> smoser: oh i didnt screw with volume yet, i noticed you've added something to the nova-volume charm to get that working?
<smoser> roaksoax, i've not tried maas at all.
<smoser> adam_g, yeah.
<adam_g> smoser: sweet
<roaksoax> smoser: oh ok nevermind then :)
<smoser> adam_g, https://code.launchpad.net/~smoser/charms/precise/nova-volume/trunk.lxc/
<smoser> you need that branch to get nova-volume
<smoser> and, adam_g i have some hacks in http://paste.ubuntu.com/825398/
<smoser> thats how i setup my instance before using deployre
<smoser> some of them un-nessesary speedups
<smoser> some necessary
<adam_g> smoser: does libvirt work okay nested in a container now, outta-the-box?
<smoser> adam_g, i've not gotten that far.
<smoser> but we were at least able to start a qemu last time
<smoser> manually
<hallyn> smoser: adam_g: Daviey: the pxe boot libvirt bug - how high prio is that?  Ok to put that off for next alpha?
<hallyn> (you can of course fix it by hand on each install)
<smoser> beta is next i think
<hallyn> oh yeah, we ditched a3 didn't we
<smoser> but i would not personally block alpha on it
<hallyn> wel lit's not a block.  the fix is ready.
<adam_g> hallyn: yeah, not high prio. wondering if changing defaults+carrying a delta is worth it vs release notes or docs
<hallyn> adam_g: changing defaults?
<hallyn> adam_g: no delta, the fix is upstream
<adam_g> hallyn: sorry, misread your comment then
<hallyn> anyway, decision's made.  now i just need to figure out where to stash the change so we don't lose it during soft freeze
<adam_g> hallyn: so with that fix, it'll go back to previous behavior of STP enabled with FD of 0?
<hallyn> yes
<adam_g> great
<hallyn> oh, heh, i know.  i *can* stash it in bzr.  an accidental dput won't nuke the change since the importer is broken.  MUHAHAHAHA
<smoser> hallyn, http://paste.ubuntu.com/825424/
<hallyn> smoser: you've tested that with btrfs-tools not installed?
<hallyn> if so, no objection from me.
<smoser> no. and its not working :)
<arrrghhh> hey guys, what perms do i need to set on a file in order for it to be downloadable by 'users' hitting my apache webserver?  i figured 644 was good, www-data user should only need read-only to download, yes?
<arrrghhh> basically i have one apache server, 644 allows me to download just fine with the file chown'd to somewhere else other than www-data.
<arrrghhh> another apache server, we have to put xx7 (doesn't matter what the first two are set to, obviously)
<arrrghhh> otherwise users cannot download.
<arrrghhh> is there some apache setting/module/some such thing that would cause this?
<gary_poster> hallyn, for the apparmor issues I filed https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/925024 and https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/925028 .  They both have repro instructions.  I plan to do the diagnostic step you requested for the first bug later today.
<uvirtbot> Launchpad bug 925024 in lxc "apparmor makes it impossible to install postgresql-common on Precise" [Undecided,New]
<hallyn> gary_poster: thanks!
<uvirtbot> New bug: #925024 in lxc (main) "apparmor makes it impossible to install postgresql-common on Precise" [Undecided,New] https://launchpad.net/bugs/925024
<gary_poster> welcome
<uvirtbot> New bug: #925028 in lxc (main) "apparmor breaks lxc-start-ephemeral" [Undecided,New] https://launchpad.net/bugs/925028
<mtaylor> Daviey: you have lots of power and influence...
<mtaylor> Daviey: any way you can get someone to merge soren's patch: https://bugs.launchpad.net/openstack-ci/+bug/722323
<uvirtbot> Launchpad bug 722323 in pastebinit "Add lodgeit style pastebins" [Wishlist,Triaged]
<mtaylor> Daviey: https://code.launchpad.net/~soren/pastebinit/paste.openstack.org/+merge/46906
<mtaylor> it's been outstanding for over a year now, which is just rude
<mtaylor> Daviey: and for some reason pb.daviey.com is in :)
<mtaylor> adam_g, smoser, SpamapS: ^^^ (I'm just pinging people now)
<ninjai> anyone have experience with mutt/sendmail? My XML file that is attached with mutt appears inline and I don't know how to keep it as an attachment
<smoser> hallyn, http://paste.ubuntu.com/825455/
<smoser> that i think is pretty close... to functional
<smoser> for lxc-create
<smoser> and it does save rsync of 400M
<adam_g> mtaylor: https://launchpad.net/~pastebinit-developers ?
<adam_g> mtaylor: ping them? i cant help you, thats for sure
<hallyn> smoser: if you want to queue that up in lp:ubuntu/precise/lxc, no objections from me
<mtaylor> adam_g: k. I have pinged them
<smoser> mtaylor, we can't just have any fly-by-night pastebins
<smoser> only hardened,proven ones like daviey.com
<mtaylor> smoser: that's fair
<mtaylor> smoser: I'm mainly just hoping that you'll let mine squeak through if I complain enough
<mtaylor> :)
<Daviey> mtaylor: uh?
<smoser> ah...
<smoser> mtaylor, soren just proposed it to upstream pstebinit
<Daviey> ahh
<smoser> so yeah, that is stgraber primarily
<Daviey> yup!
<Daviey> stgraber: ^^
<smoser> but i'd take it as a patch to ubuntu and carry it
<Daviey> wait
<Daviey> pb.daviey.com had to wait for a upstream release!
<stgraber> yeah yeah yeah ... I know ... I need to make a new upstream release
<stgraber> it's just that "it works" so I don't really spend much time working on it
<stgraber> I'll add that to my todo
<smoser> hallyn, the one thing i dont like about the btrfs stuff...
<smoser> if you get btrfs subvolumes created, then 'rm -Rf <dir>' doesnt work anymore.
<mtaylor> stgraber: if you get a chance, will you merge in soren's patch before you release?
<stgraber> (the Debian maintainer also poked me a few times about it ... I'm not sure he understood that I usually spend 5 minutes of upstream work per year on that stuff)
<stgraber> mtaylor: yeah, releasing for me nowadays is usually "merge everything", review all the bugs, merge all the translations, run the test script, release
<smoser> ah. the 5 minute quota was hit adding pb.daviey.com for 2011.
<smoser> luckily, NEW YEAR!
 * mtaylor punches Daviey 
<smoser> :)
<mtaylor> actually - lemme submit a branch real quick...
<adam_g> zul: when do you upload the openstack snapshot?
<zul> adam_g: friday
<adam_g> zul: k, thinking we might carry that volume patch until it makes it thru gerrit, so we can enable the volume tests on CI. ill send a proposal your way today
<zul> adam_g: the tgt one?
<hallyn> zul: f'ing p11-kit: bug 914642
<uvirtbot> Launchpad bug 914642 in libvirt "libvirtd crashed with SIGSEGV in lookup_or_create_bucket()" [Medium,New] https://launchpad.net/bugs/914642
<adam_g> zul: yeah
<zul> hallyn: hehe
<zul> adam_g: yeah
<adam_g> zul: i spammed #openstack-dev for gerrit +1's, we'll see..
<zul> adam_g: cool...keystone needs to setup a database now right?
<adam_g> zul: huh?
<zul> adam_g: i think you mentioned a couple of weeks agao you need to create a /var/lib/keystone/keystone.db
<hallyn> jjohansen: if you get a chance, could you take a look at the apparmor denial msg in comment in bug 925024 ?
<uvirtbot> Launchpad bug 925024 in lxc "apparmor makes it impossible to install postgresql-common on Precise" [Undecided,New] https://launchpad.net/bugs/925024
<jjohansen> looking
<uvirtbot> New bug: #925043 in lxc (main) "lxc-start-ephemeral does not support lvm" [Medium,Confirmed] https://launchpad.net/bugs/925043
<adam_g> zul: oh, i believe it should be using the same logic as the nova packaging and calling a database sync, probably only if sql_connection points to an sqlite db
<zul> adam_g: ack
<smoser> roaksoax, ping
<jjohansen> hallyn: I don't have a quick answer will continue to poke.  if this is blocking lmk, I can do a temp solution quick but I am not sure what is wrong
<hallyn> (i dont' knkwo what lmk is).  if you can do a temp solution quick, that implies you know what's going on?
<hallyn> i have this bad feeling this has to do with errors in reconnecting pathnames?
<hallyn> [16888.879429] audit_printk_skb: 21 callbacks suppressed      GAAAAAAAAAAAARRHH
<SpamapS> hallyn: GAAAARH is in the message?!
<SpamapS> cause if it is, thats t3h awesome
<hallyn> SpamapS: syslog has an angry
<hallyn> jjohansen: I'm afraid this means overlayfs is still broken wrt overlayfs?
<hallyn> yes, it is.  i can verify with a dummy /bin/bash2 policy
<hallyn> apw: ^
<m_tadeu> hi...I'm trying to use mysqldbexport, but I'm getting the following error "ImportError: No module named mysql.utilities". How can I solve this?
<m_tadeu> hi...I'm trying to use mysqldbexport, but I'm getting the following error "ImportError: No module named mysql.utilities". How can I solve this?
<SpamapS> m_tadeu: never heard of that tool.. perhaps ask the authors?
<RoyK> m_tadeu: you may want to try mysqldump
<SpamapS> heh, he may want to claw out his eyes and have something that is nearly impossible to restore from too. ;)
<RoyK> SpamapS: ????
<SpamapS> RoyK: ever recovered using mysqldump ?
<SpamapS> *nightmare*
<RoyK> SpamapS: mysqldump -> backup, mysql somedb < dumpfile -> restore
<RoyK> SpamapS: works well
<SpamapS> Either you want Percona's Xtrabackup tool (Free), or you need to backup a slave server with snapshots.
<SpamapS> RoyK: thats fine if you are in catastrophic db recovery mode and you have 10 hours ;)
 * RoyK really doesn't have large, critical databases on mysql
<RoyK> and if it takes 10 hours to restore, well, you have a problem with your infrastructure
<alex-> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<alex-> Erm, who says it's not compatible with the way that Ubuntu packages handle configuration files?
<alex-> This was a bug 5 years ago
<alex-> This is like saying: No I don't want to use Ubuntu 6.04 because there is a bug somewhere...
<jmarsden|work> alex-: Feel free to retest it and report your results
<alex-> Dunno how to report
<henkjan> alex-: and people have moved away from webmin for ages
<SpamapS> RoyK: with mysqldump and many millions of rows, its going to take hours and hours. You have to use other methods.
<alex-> True, that's why they should come back
<henkjan> i try to ignore panels as much as possible
<alex-> It's a very easy tool when you want to do something quick
<SpamapS> RoyK: to contrast it, Xtrabackup restores are as easy as restoring a file.
<henkjan> xtrabackup++
<henkjan> realy the way to go if you need to backup large mysql instances
<alex-> What is large?
<henkjan> no tablelocks
<henkjan> i've got a few witch 200G+ tables
<alex-> Ye that's big then :P
<alex-> I belive phpmyadmin can still handle my database
<SpamapS> henkjan: the big thing is that at the end of the backup, you have an exact copy of the table as it was *at the end of the backup*. With lvm snapshots, you have a copy of the table as it was at the beginning of the backup, which is less useful.
<SpamapS> anyway, mysqldump is not a solution for any database over a couple GB
<alex-> jmarsden|work: how can I report then?
<RoyK> using mysql for anything large is madness imho
<henkjan> RoyK: so, why does facebook use mysql?
<henkjan> RoyK: and wy does google use mysql?
<jmarsden|work> alex-: If you have done a thorough evaluation of how it updates config files and whether the current approach is consistent with Debian policy, you can add that info to the bug report, or open a new bug requesting webmin be added to Debian.  I do not think you will succeed, though.
<SpamapS> RoyK: you're misinformed. Its really a very good database. Do not believe the hype. :)
 * RoyK *really* likes postgresql better
<alex-> jmarsden|work: why don't you think so?
<jmarsden|work> Because I do not see any evidence they changed the way they deal with config files... do you?
<alex-> jmarsden|work: there was some bug some time ago, but that's fixed
<jmarsden|work> alex-: OK, test and open an approproate debian bug requesting webmin be included in Debian once more :)
<SpamapS> RoyK: I think postgresql is probably better for most OLTP applications than MySQL.
<alex-> How to test it?
<jmarsden|work> If you don't know, then you don't know enough to do this work.
<SpamapS> RoyK: does pgsql still fork for every connection though?
<RoyK> AFAIK that was 10 years ago
<alex-> jmarsden|work: ye I think so, but I want it back
<RoyK> SpamapS: and then, how many connections do you really need?
<RoyK> using stuff like php keeps the line open anyway
<SpamapS> RoyK: thats precisely the problem. MySQL (5.1+ or 4.1, not 5.0) handles 10k+ concurrent queries on 10000 connections very well..
<hallyn> jjohansen: audit logs confirm apparmor failed to reconnect the path...  now, really odd that it always fails for the dpkg diversions file, and nothing else!
<hallyn> should i mark that as also affecting 'linux'?
<jjohansen> hallyn: yeah
<RoyK> SpamapS: 10k concurrent connections sounds like a design blunder
<hallyn> k
<SpamapS> RoyK: not really. If you are doing readonly scaling across 5 servers and want to support 50,000 concurrent users, thats a pretty modest number.
<henkjan> RoyK: or a system with slightly larger workload as you are used to
<SpamapS> RoyK: oh and pgsql does still do 1 process per user according to their manual:
<SpamapS> "PostgreSQL is implemented using a simple "process per user" client/server model. In this model there is one client process connected to exactly one server process. As we do not know ahead of time how many connections will be made, we have to use a master process that spawns a new server process every time a connection is requested."
<SpamapS> http://www.postgresql.org/docs/9.0/static/connect-estab.html
<RoyK> SpamapS: again, on what sort of system would you expect 10k database connections?
<SpamapS> RoyK: have been at that level with my previous two companies.
<SpamapS> RoyK: I believe pg users solve it with pgpool
<hallyn> stgraber: do'h, there you go, just got another container which resets my kbd.  Odd that only some do it
<hallyn> so now i can test out the setsid idea i guess
<RoyK> SpamapS: what did you do? open a new TCP connection per HTTP request?
<RoyK> as in, new TCP connection to the database for every http request?
<SpamapS> RoyK: No, we'd have 10,000 concurrent users running web requests with multiple queries on each page.
<SpamapS> actually sometimes more than that
<SpamapS> but caching would help
<SpamapS> RoyK: there were definitely at least 10,000 concurrent httpd's running (with mod_php)
<RoyK> that's a lot...
<SpamapS> RoyK: in the older example, it was perl.. but .. same problem really.
<SpamapS> Yes, it was a big place. :)
<SpamapS> And a badly designed app truth be told.. stupid ORMs.
<hallyn> stgraber: all right setsid doesn't help.
<uvirtbot> New bug: #925110 in lxc (main) "lxc-ls fails as non-root sometimes (second bug)" [Undecided,New] https://launchpad.net/bugs/925110
<adam_g> smoser: is there any way to keep the IP addresses persistent (outside of editting /etc/network/interfaces per container) after local provider has deployed?
<smoser> i dont know. i dont htink so, adam_g .
<SpamapS> adam_g: you can force it in dnsmasq's configuration
<hallyn> stgraber: FEH!  it's the udevadm trigger --add that does it.  presumably the host resets the kbd in response to an event
<hallyn> stgraber: i have a suggestion.  maybe a stupid one
<hallyn> stgraber: is 'udevadm trigger --add' only used to catch events missed during initramfs?
<roaksoax> smoser: pong
<hallyn> if so we shouldn't do that in a container right?
<roaksoax> smoser: sorry was concentrated in some other thing
<stgraber> hallyn: that sounds good. Will be easy to fix once the upstart changes are merged.
<adam_g> SpamapS: does that operate independently of the juju environment? i'd like to bootstrap something locally with juju then remove juju from the picture
<hallyn> stgraber: unless we need it for lo....
<smoser> roaksoax, i think ihad a question on cpu scaling
<hallyn> no, network comes up fine without it
<roaksoax> smoser: shoot if you remember :)
<smoser> well, roaksoax a systm was showing load of like 4...5...6..7.8
<smoser> and my cpu was still sitting at 1GHZ
<smoser> i turned it up via specifying 'performance' governor
<smoser> but i had thoguht maybe something you did had caused it ;-)
<smoser> (ie, the powernap/savings stuff)
<roaksoax> smoser: heh, you are using powernap then. Have you enabled the LoadMonitor? can you pastebin the /var/log/powernap.log and /var/log/powernap.err
<SpamapS> adam_g: dnsmasq is part of the libvirt-bin stuff
<stgraber> hallyn: lo should be caught by /etc/init/networking.conf if it's not started by udev
<smoser> roaksoax, those files are empty
<hallyn> stgraber: i filed a bug to track it
<roaksoax> smoser: can you enable debug loggin in /etc/powernap/config
<hallyn> it used to be the case that lo was not caught correctly by networking.conf, but i recon that was fixed long ago
<roaksoax> smoser: is there anything in /var/run/powernap or /var/lock/powernap or in (/var/run/powernap/cpu_governor.default
<smoser> $ cat /var/run/powernap/cpu_governor.default
<smoser> ondemand
<smoser> it said 'ondemand' before i changed it
<smoser> so i thought that mean tht kernel was in charge
<smoser> its likely  most of the load was IO based
<smoser> and not cpu
<roaksoax> smoser: when that file says it's ondeman means that when powernap detects load, it sets the governor back to whatever is in that file
<roaksoax> smoser: as powernap sets it to powersave governor
<Aison> hello, after an update of my ubuntu server, the mysql service is no longer working :( no idea what's going on, but it's a big problem
<Aison> when I do myqsl service start, it hangs forever
<roaksoax> smoser: i'm guessing that powernap didn't detect "load" as 1. LoadMonitor is not enabled, or 2. No monitor meets your needs or 3. Bug in powernap
<Aison> dmesg says: init: mysql post-start process (7708) terminated with status 1
<smoser> roaksoax, the speed did occasional change.
<smoser> but just not as much as i thoguht it should have
<uvirtbot> New bug: #925122 in udev (main) "container's udevadm trigger --add affects the host" [Medium,Confirmed] https://launchpad.net/bugs/925122
<soren> smoser: I didn't exactly "just" propose it upstream.
<roaksoax> smoser: so /etc/powernap/config is LoadMonitor enabled?
<roaksoax> smoser: if it is, what's the value, n?
<soren> smoser: 2011 is soooo last year. Literally.
<Aison> type=1400 audit(1328132559.952:135): apparmor="DENIED" operation="mknod" parent=8155 profile="/usr/sbin/mysqld" name="/run/mysqld/mysqld.sock" pid=9456 comm="mysqld" requested_mask="c" denied_mask="c" fsuid=102 ouid=102
<smoser> roaksoax, default
<smoser> [LoadMonitor]
<smoser> threshold = n
<roaksoax> smoser: how many cores do you have, 4?
<roaksoax> smoser: try changing it to 2 or so, and see what happens
<smoser> this is 1 core :)
<smoser> which almost seems wrong
<smoser> i'd have thought at least to have hyperthreading
<smoser> http://paste.ubuntu.com/825692/
<roaksoax> uhmmm that's interesting then. I guess there's a bug oin the monitor then
<roaksoax> smoser: AMD Athlon(tm) 64 X2 Dual Core Processor 5600+ it's a 2 core
<roaksoax> smoser: maybe, powernap is also turning off 1 of the cores
<smoser> hallyn, i dont know if this is valid or not
<smoser> but i just saw 'ureadahead' in a to list
<smoser> as containers were booting (i think)
<smoser> if ureadahead gets run in a container, it probably should not
<smoser> cloud-images disable it
<hallyn> smoser: yes, it should not.  and yes it does
<hallyn> in fact it frequently hangs your container for a bit if you immediately shutdown
<smoser> cloud-init dpkg-diverts it
<smoser> you can look there for how to do it
<hallyn> smoser: i think we want to patch ureadahead directly
<smoser> reasonable.
<hallyn> stgraber: ^ another :)
<hallyn> smoser: in fact I can reuse an existing bug i think
<smoser> adam_g, so can you look at pulling in my nova-volume fix ?
<stgraber> hallyn: yeah, I'd also add plymouth to the list ;)
<smoser> i walked that pastebin i showed earlier on an hp cloud instance
<smoser> no issues at all
<hallyn> stgraber: it's useless, but does it harm in any case?
<smoser>  - Deployment complete in 621 seconds.
<hallyn> stgraber: ureadahead occasionaly does harm...
<hallyn> stgraber: but i won't object to fixing it at any rate.  SPEED
<stgraber> hallyn: it writes some error messages to /var/log/upstart (when you have logging) and sometimes to the console
<hallyn> stgraber: oh, ok.  i dunno, do you want to open (yet another) bug for that?
<hallyn> gotta run, bbl
<kirkland> roaksoax: i think it's time to disable the cpu offlining by powernap in the default install
<adam_g> smoser: yeah, it should work fine in a regular, non-container setup, right?
<adam_g> /wi/win 30
<Daviey> adam_g: Arre you doing work on the CI lab?
<adam_g> Daviey: ATM no
<Daviey> adam_g: thanks
<Daviey> zul: What is the status of precise-openstack-essex-python-quantumclient-trunk ?
<zul> Daviey: tarball.sh needs to be updated will get to it tonight
<Daviey> zul: ah, cool
<adam_g> smoser: launching an instance on that lxc setup: http://paste.ubuntu.com/825782/  still some module dependencies that need to be resolved it seems
<adam_g> smoser: ive not seen those nova-rootwrap errors before, tho
<adam_g> smoser: also, looks like containerized LVM has some gotchas too
#ubuntu-server 2012-02-02
<renagadex> I'm trying to start a *simple* webchat, but I'm stuck at implementation.... I don't know how exactly to move past polling.
<renagadex> Any suggestions?
<cloakable> Look at a php jabber client?
<renagadex> will do
<Vivek> Any developers around at these times ?
<Vivek> I am facing a situation where dnsmaq is serving dhcp requests on eth0 when it is not supposed to do that, in /var/log/orchestra I have directories created with the I.P Address range of eth0
<Vivek> I am running virtual box with eth0 in bridged mode and eth1 in internal networking mode.
<Vivek> Orchestra configuration should only permit dhcp requests via eth1 and not eth0
<Vivek> in /etc/dnsmasq.conf I have made the change interface=eth1.
<hallyn> Vivek: check with ps -ef if that file is beign used.  last i tried i had to edit /etc/default/dnsmasq instead.
<Vivek> hallyn: What changes did you make there ?
<Vivek> Any howto or doc pointing to this would be most welcome.
<hallyn> Vivek: this is just something I found earlier today.  adam_g should have a better idea of whether it's supposed to be like that.  (I'm guessing it's a bug)
<hallyn> Vivek: but, you can check /etc/init/dnsmasq.conf to see how /etc/default/dnsmasq is used.  (i'd be more helpful, but right now can't)
<hallyn> Vivek: use DNSMASQ_OPTS="--interface=eth0" or whatever
 * hallyn out
<nOStahl> hey guys, fresh install of 11.10 server here
<nOStahl> I cant seem to set public/static ip on it though
<nOStahl> been all over google nothings working
<nOStahl> dhcp works fine
<nOStahl> someone help me figure out what im missing ?
<cloakable> What are you putting in /etc/network/interfaces?
<nOStahl> one of the static ips    for address
<nOStahl> 255.255.255.0 for submask
<cloakable> Uh-uh. Can you pastebin it for me?
<nOStahl> gateway  is public ip of the router
<twb> cloakable: oh noes then you might get his public IP!!1!
<cloakable> twb: apparently so! Given he's put the public ip for gateway
<cloakable> nOStahl: You need to put the LAN ip of the gateway for IP, for one.
<cloakable> nOStahl: for gateway address, that is
<nOStahl> k
<nOStahl> what is the broadcast line anyways?
<cloakable> Not usually needed to be set, defaults to 255.255.255.255
<cloakable> Which is fine
<cloakable> nOStahl: pastebin yet?
<twb> cloakable: I believe interfaces(5) needs the address and at least the netmask or the broadcast line
<cloakable> twb: address minimum
<nOStahl> im running back and forth from the terminal heh
<twb> That must be new
<twb> It used to crack the shits around debian 6
<cloakable> it also needs iface <interface> inet static
<cloakable> But I can't see nOStahl's interfaces file due to not being psychic.
<twb> cloakable: are you looking at a 0.7 ifupdown package?
<cloakable> twb: yup
<cloakable> 11.10
<nOStahl> http://pastebin.com/0q9XdRrT
<cloakable> Okay, that network line isn't needed
<nOStahl> and my public ip's start with 99 so its not a 192 ip
<cloakable> http://pastebin.com/27ujEJVH
<cloakable> Is it behind a NAT?
<cloakable> Also in that case, keep the broadcast line
<nOStahl> how about the resolv.conf
<nOStahl> can it just have nameserver 208.67.222.222 in it?
<nOStahl> or does it need the search line?
<cloakable> It can just have the nameserver
<cloakable> Doesn't your gateway run dns?
<nOStahl> aye
<nOStahl> but its att
<nOStahl> heh
<nOStahl> the dsl at my office some times pops up dns errors cant find www.google.com heh
<cloakable> Aha
<cloakable> You can also put google dns
<nOStahl> so i'll try it with the router nameserver
<nOStahl> see if i can do sudo /etc/init.d/networking restart after that
<cloakable> I only run static interfaces on my router personally. Everything else is either dynamic or static dhcp leases
<nOStahl> I dont like the interface of the att modem
<nOStahl> lets see if it blows up
<nOStahl> one sec
<nOStahl> rtnetlink error
<nOStahl> file exists
<nOStahl> any ideas
<cloakable> Hrm, not really.
<cloakable> I've used static dhcp leases for ages >.>
<Vivek> hallyn: ok
<nOStahl> hrmm
<nOStahl> i dont even see any place in my att modem to set static
<roaksoax> kirkland it is already but probably in upgrades is not being done
<twb> Sanity check: in /etc/ppp/peers/foo if it says usepeerdns, that should overwrite resolv.conf, right?
<twb> resolvconf (the package) isn't installed, but resolv.conf isn't being overwritten when the PPPoE handshake finishes.
<twb> Never mind, it was being overwritten
<twb> So the *actual* problem is this: pppoe is writing a correct resolv.conf.  Something *else* is repeatedly blowing it away and putting in broken entries.
<maxb> Is NetworkManager installed/running? That's the only thing other than resolvconf that I know of, which rewrites resolv.conf
<twb> Good question; it isn't.
<twb> I *think* the problem was actually, ironically, /etc/init.d/pppd-dns, which moved resolv.conf.pppd-backup over the top of resolv.conf
<twb> I don't know yet why that would have triggered but it's the only explanation I can find
<_dinsdale> thinking about starting a linux softwareraid with a seagate caviar black and barracuda green. Would anyone recommend against this choice or will the probably slower green drive be a bottleneck for the main drive?
<twb> _dinsdale: don't use green drives in a server
<twb> EVER
<twb> And yes it would be a bottleneck if the green is not configured as a write-behind / read-mostly node in the array
<twb> Still be a write bottleneck if you flooded the I/O
<_dinsdale> twb: just seeing it now - it's only 5900 RPM .... brrr
<twb> Give it to your kisd to take apart
<_dinsdale> :-)
<chelz> everyone hates on greens but they're inexpensive dangit
<chelz> just make sure you have a solid and good raid and/or backup system
 * starlocke|soho appears.
<starlocke|soho> there's this ubuntu 11.10 server guide that suggests to doing "sudo apt-get install mail-stack-deliver" to get a bunch of email systems installed... i get an "E: unable to locate package"... is it in a particularly special repository?
<chelz> hmm
<chelz> starlocke|soho: http://packages.ubuntu.com/search?keywords=mail-stack-delivery
<starlocke|soho> i'm also wishing that /etc/issue would list the ubuntu codenames... XD
<starlocke|soho> yeah, it exists... it's just not getting into my particular server. =\
<starlocke|soho> ah... naturally...
<chelz> starlocke|soho: that's not so good. if an apt-get update doesn't fix it
<starlocke|soho> my copy-paste-fu needed some work.
<starlocke|soho> nothing to see here, nothing at all. :)
<chelz> starlocke|soho: working?
<starlocke|soho> perfectly.
<chelz> good :)
<starlocke|soho> yeah... i've had this question for ages now... what does "smarthost" mean? the term comes up in the postfix config.
<qman__> starlocke|soho, smarthost configuration means pointing your server to your 'internet site' mail server to send mail
<qman__> something I typically do, set up the main mail server, then set all the other servers in a smarthost configuration pointing at it, so I can get email alerts for SMART data and such
<starlocke|soho> mmm... as in hard drive SMART...? i'd like to clarify whether the smart in smarthost has anything to do w/ that capitalized SMART...
<qman__> nothing whatsoever
<qman__> smartd can send email alerts when drives have SMART events
<qman__> I configure my severs in that email configuration so I can get said email alerts
<qman__> among others
<starlocke|soho> smartd = smarthost? it's such a weird term... "smarthost" XD
<qman__> no
<qman__> smartd is the hard drive monitoring service
<starlocke|soho> k.
<qman__> a smarthost configuration is very simple
<starlocke|soho> so what exactly makes a smarthost a smarthost? lol
<qman__> server A is your internet site mail server
<qman__> server B is not an internet mail server, but you want to be able to send mail from it to the internet
<qman__> so you configure server B in a smarthost configuration, where the specified smarthost is server A, which is already capable of sending mail
<starlocke|soho> ah.
<qman__> then server B just relays its mail through the smarthost, server A
<starlocke|soho> that's a great clarification.
<starlocke|soho> thanks.
<starlocke|soho> i was suspecting something along those lines... it's just weird that they decided to use the word smarthost XD
<qman__> that's the commonly accepted term
<qman__> it's not postfix or even linux specific
<starlocke|soho> hehe. all right then. memorize new term.
<starlocke|soho> :D
<starlocke|soho> qman__: by the way... where's a good read about that stuff on the web?
<chelz> starlocke|soho: probably the documentation for your mailserver of choice
<starlocke|soho> okay... let's see if grep can find "smarthost" in man pages... :3
<twb> Urgh, just for yuks I tested precise's current d-i
<twb> EVEN IN priority=low, it only has a single "autoconfigure network" -- you can't pick between DHCP, IPv6 RA, &
<twb> I appear to have picked one of the NICs that isn't cabled, because currently it's just hung for ten minutes trying to do rdnssd
<twb> If I kill rdnssd, it carries on assuming the network is fully configured, when clearly (from ip a) none of the NICs even have an IP
<twb> What a crock
<_ruben> nice
<_ruben> or "nice" actually
<twb> Strangely, picking the second (of four) nics, it first does a test for no carrier, that passes, and it proceeds to try dhclient, which fails
<SpamapS> twb: There's a lot of work going on to make IPv6 solid in precise..
<twb> Now I have two of the four NICs cabled, both to a network that hands out DHCP addresses
<SpamapS> twb: stgraber would be very interested to hear about the problems you're seeing
<twb> SpamapS: it looks like that work isn't finished yet :P
<SpamapS> twb: I know that a new ifupdown just landed last week
<SpamapS> not sure about netcfg tho
<twb> SpamapS: ifupdown isn't even used in d-i
<twb> (right?)
<SpamapS> right
<twb> OK interesting, on the *third* nic, it gives me actual output while rdnssd runs, and it fails quickly, and appears to fall back to dhcp, which succeeds.  2 rdnssd and 1 dhclient process are still running
<twb> so the first nic, which had the strange results, was one that was physically cabled.  I can tell because it has the same chipset as the third one (it's a two-port pcie nic)
<twb> It has hung again
<twb> Ah, OK, it seems the first time was hanging in the same place as well -- AFTER giving hostname and domain.
<twb> Last times in log are writing DHCP stanza for eth2 / Success!
<SpamapS> twb: would you perhaps have time to file these as bugs in d-i ? I will make sure they're looked at ASAP
<twb> On tty1 all you see is the bogl black background with a black-on-white last line where stuff you type (e.g. ^[[A) appears
<twb> Well, you can dump my irc log... I need to get back to actually doing the lucid install about now
<twb> If I kill either rdnssd proc, then I get back to the menu and I can actually continue on with picking the mirror and the udebs to install
<twb> Hm, it doesn't prompt me to use sha256 passwords -- is that just implied now?
<twb> It also ignores the DHCP-supplied NTP servers and defaults to ntp.ubuntu.com
<twb> Which I guess doesn't matter too much, since post-install the DHCP client will override that
<twb> Doing mkfs.ext4 /dev/sda (via partman) seems to have hung at 33%, here sda is a 60GB OCZ Vertex.  Note: sda, not sda1
<twb> Ah, running it by hand, I can see it chugging away doing a TRIM first, which seems to be O(n)
<twb> But that did finish after the TRIM in O(1), so I guess it defaults to lazy allocation these days?
<twb> WTF, after "mkfs.ext4 /dev/sda" by hand finishes, partman thinks it's an *ext2* filesystem, and won't offer the "don't reformat" option
<twb> That is, it won't offer it when picking "Use as: ext4"; it does when picking "Use as: ext2"
<twb> blkid says /dev/sda is ext4
<twb> Telling it to treat it was ext2 and not format it works, until it tries to mount it (which, unsurprisingly, fails)
<twb> OK, I give up, doing the proper lucid install now
<twb> Re ntp, *lucid's* d-i *does* prefer the DHCP-supplied one, so that is a clear regression
<twb> Also lucid successfully recognizes /dev/sda as being ext4 (not 2) formatted
<iToast> hey
<iToast> Can someone help me
<iToast> Im stuck and i caznt continue unless someone helps :/
<SpamapS> iToast: best to just ask the question.. it may be a while until somebody can answer
<iToast> Im installing ubuntu server 10.4.3
<iToast> Its acting for my cdrom driver to continue, im installing from a usb
<iToast> what would I put?
<starlocke|soho> ... have you tried turning it off and on again?
<iToast> starlocke|soho, why -_-"
<iToast> It changes NOTHING
<starlocke|soho> standard knee-jerk IT response? sorry XD
<iToast> starlocke|soho, BOO!
<iToast> Your a IT not the sys admin ;)
<starlocke|soho> lol
<iToast> sysadmin <3
<iToast> http://xkcd.com/705/
<starlocke|soho> lol
<iToast> sysadmin in a nutshell:
<iToast> Servers got hit with atom bomb?
<SpamapS> iToast: perhaps your usb key is corrupted...
<iToast> 10 seconds of downtime?!
<iToast> UNACCEPTABLE!
<iToast> SpamapS, yes, thats why it boots...
<iToast> Im using unetbootin
<iToast> does anyone have any idea
 * smb wonders whether iToast has the usb key in the blue or black usb socket...
<iToast> smb, that made no sense...
<twb> smb: good question
<iToast> This machine has no usb 3.0 ports, it was released WAY before usb 3.0 really went out there..
<smb> iToast, It does when knowing one is usb2 and the other usb3 (usually)
<iToast> smb, Also, usb3 ports are compatible with usb2 devices...
<iToast> The extra pins are in the back of the port, they dont interfear
<smb> iToast, But in fact when in an usb3 port a usb3 driver module is requested and that is not in the installer. We just had a case like that
<iToast> O.o
<smb> Hence the question
<iToast> Thats, insane..
<iToast> Anyways, what do i type?
<smb> iToast, If you say you got no usb3 then this does not matter
<iToast> :P
<twb> The blue ports include high-speed failure
<iToast> :P
<iToast> Usb 3.0 sounds good, but its slow crap compared to thunderbolt :/
<iToast> It doesn't do the same things thunderbolt does
 * iToast is waiting for the pci-e thunderbolt card for pcs
<twb> Thunderbolt is crap, it still uses electrons
<smb> I'd check (alt-f2 or so) whether the usb stick seems to be visible (/proc/partitions)
<iToast> Thunterbolt is better then usb3.0
<iToast> Its not cheap or as widly supported, or universal...
<SpamapS> thunderbolt is better than twinkies
<twb> Is thunderbolt peer to peer or master/slave?
<iToast> I think both
<twb> Does thunderbolt require stupid polling protocols like USB?
<iToast> it lets you daisychain everything
<twb> Firewire got both of those correct
<iToast> usb has one fatal flaw.
<iToast> If the usb controller is busy, well, it wont be responsive..
<iToast> Usb transfers will be slow / stop suddently.. mice and keyboards will lag / stop working
<twb> iToast: guess what, that happens when any controller is busy
<iToast> twb, get that flaw on a ps/2 port ;)
<twb> ps/2 can't be flooded; it has fixed data rate guarantees
<iToast> :p
<iToast> Doesnt thunderbolt fix that thaw?
<iToast> flaw*
<twb> You could get the same effect on USB by simply banning all full-speed and higher devices and limiting the controller to a single device
<iToast> Does the thunderbolt controller ever get that problem?
<twb> Who cares
<iToast> Seriosly, its daisy channed so that would be a problem..
<twb> It's still using electrons
<iToast> So?
<iToast> its cheaper that way
<iToast> It has a big advantage too, the devices can be powered over thunderbolt...
<twb> electrons are fundamentally slower than c
<iToast> I thought of something, fiber optics are flaw'd in a  way
 * SpamapS ponders why they'd be slower than c ...
<iToast> Turning on and off fast won't be good eneugh. switch colors for different packets?
<twb> SpamapS: because they have mass?
<iToast> So lets say we have 4 users downloading 8 tb of data over 1 line.
<SpamapS> I suppose just being attracted by all the conductors, sucked into those "holes" ... makes them take a non-direct route
 * NeoNetNinja lmfao!
<iToast> ITs basicly computer to computer, it would be limited by a computer taking to long, thats fixable by skipping that pc until its ready
<iToast> But why not transmit with different colors per machine
<SpamapS> twb: photons have mass
<iToast> SpamapS, twb Lets not get into physics...
<Japje> iToast: http://bit.ly/wKux1a
<twb> Pfft, that is only a recent theory, it will prove to be a fad in time :P
<iToast> Japje, Basically lights turning on and off fast..
<iToast> Thicker wires transmit with different spectrums of light..?
<iToast> Allowing more comunication per line
<iToast> You guys, if you wan't to talk about physics, i got something for you.
<SpamapS> iToast: full spectrum fiber optics is already the norm
<iToast> Lets take a coper wire, a thicker one would have lower resistance correct?
<iToast> SpamapS, correct?
<Japje> no
<iToast> Assuming its free of impurities
<SpamapS> iToast: no, I don't believe thats true. The thickness is not as important as the number of copper atoms between the two points of differential that make up a voltage.
<iToast> SpamapS, I was simplyfying it cuz its late here.
<iToast> Assuming theres more room for a electrom to move from end to end, theres lest resistance right?
<iToast> electron*
<Japje> if you do that on these subjects you create wrong information
<SpamapS> yes but its a complicated formula to figure out how much less resistance. :p
<iToast> Lets just assume its lowered resistance...
<SpamapS> lets just assume its cats instead of copper wire
<iToast> A thinner wire would have higher resistance..
<Japje> assume makes an ASS of U and ME
<iToast> ...
<iToast> Ok lets think of it like this
<iToast> A thicker wire has more paths for electrons to move and a tinner one doesn't
<SpamapS> Its true, yes. :)
<twb> !u
<ubottu> U is the 21st letter of the modern latin alphabet. Neither 'U' nor 'Ur' are words in the English language. Neither are 'R', 'Y', 'l8', 'ryt',  'Ne1' nor 'Bcuz'. Mangled English is hard for non-native English speakers. Please see http://geekosophical.net/random/abbreviations/ for more information.
<iToast> By making things like cpu's smaller and thinning hte paths for electrons to go across, wouldn't that negate efficiency?
<twb> Flippancy is not an excuse
<iToast> the*
<iToast> By making it smaller there is a shorter path to go across and it allows for higher speeds easyer, but comes with highered resistance and less surface to dissipate heat.
<SpamapS> iToast: the resistance has most certainly gone up, but the amount of heat dissapation has gone down.
<twb> SpamapS: btw have you noticed IP over Avian Carriers latest RFC shows a substantially higher increase in throughput compared to conventional carriers?
<iToast> So by design a cpu is flawed
<SpamapS> twb: I think its due to global warming
<iToast> Cpu's by design are f*cked.
<iToast> Smaller = Higher heat lower efficieny.
<SpamapS> iToast: thats completely backwards
<SpamapS> you're assuming the voltage and current required to activate the transistors is constant
<Japje> iToast: "The larger the cross-sectional area of the conductor, the more electrons are available to carry the current, so the lower the resistance. "
<iToast> Ok
<iToast> We have the problem though of how thin we can go before electrons wont pass through.
<SpamapS> Probably a few atoms.
<iToast> Sure, we have nano tubes being tested by ibm...
<Japje> SpamapS: id say 2
<iToast> SpamapS, By design a cpu is flawed basically
<iToast> You have a smaller area every generation to dissipate heat
<SpamapS> flaw/flÃ´/
<SpamapS> Noun:	
<SpamapS> A mark, fault, or other imperfection that mars a substance or object.
<iToast> Im not sure if im correct on this, but in things like silicon and copper, heat = highered resistance?
<SpamapS> Nothing is perfect
<iToast> SpamapS, never said anything is
<twb> SpamapS: math is
<Japje> are you sure? :P
<iToast> Can't we bypass the flaws in cpu's today easly?
<iToast> Just lock the size of a cpu for high thermal transfer and lower resistance
<iToast> Instead of getting smaller and smaller every revision, get a tiny bit bigger, by nm allowing more thermal transfer area
<SpamapS> twb: can you please put math in an envelope and mail it to me? I want to gaze upon its wonder ;)
<twb> Yes
<SpamapS> iToast: bzzt, sorry, you've reached your crazy idea quota for the day. ;)
<iToast> How is it crazy?
<twb> The nice thing about math is you can express it in meatspace but it stays, itself, unsullied
<Japje> i like meatspace
<iToast> Im curios if this is a good idea, its already implemented in macs
<iToast> Keep all ram constantly reserved by the system so its always ready for a application to launch
<SpamapS> macs use intel CPU's
<iToast> Im using a amd...
<iToast> I still use intel, but for performance and price, amd just seems better
<iToast> Ok, so no one hates on me
<iToast> Lets say core i3 and athlon II are on level grounds, or should i choose a diff amd.
<Japje> diff architecture
<iToast> Lets compare ghz/dollar
<iToast> http://www.newegg.com/Product/Product.aspx?Item=N82E16819115077
<Japje> couldnt we compare ghz/pound
<Japje> dollar isnt worth anything
<iToast> 39.390 ghz/dollar for a i3.
<iToast> Now lets choose a amd cpu
<Japje> lets not
<iToast> Ok off topic to this
<iToast> http://www.newegg.com/Product/Product.aspx?Item=N82E16819103961
<iToast> WHO NEEDS 8 CORES?!
<twb> Japje: itym /watt
<iToast> MY GOD! WHY?!
<iToast> WHY 8 CORES?!
<Japje> i do
<iToast> why?
<iToast> You better be rendering 3d hd video in blender...
<Japje> how about virtualisation
<iToast> What os
<iToast> (guest and host)
<Japje> esxi
<Japje> or kvm
<Japje> or any other hypervisor
<SpamapS> iToast: I've made use of a box w/ 40 cores before.. :)
<iToast> SpamapS, Thats a server mobo.
<SpamapS> hadoop ftw. :)
<iToast> That doesn't count!
<iToast> Servers do not count, they need the cores.
<Japje> ofcourse it does
<iToast> My webserver is 1core... at 1.5ghz...
<Japje> lets assume we want a server
<iToast> Japje, you want 80 cores :D
<iToast> 128tb of ram
<Japje> only 80?
<iToast> yea why?
<iToast> were trying not to make it burst into flames...
<Japje> i currently use more
<iToast> 800tb of storage
<Japje> also not enough
<iToast> and 10 1k /watt psus for redundancy
<iToast> Japje, ?!
<iToast> Are you rendering uncompresed video from a red epic?!
<Japje> i currently have about 2.2 Pb worth of data
<Japje> about 400 cores
<iToast> cluster?
<Japje> you could call it that
<Japje> lets call it... cloud
<Japje> that way i can use buzzwords
<iToast> I wan't to cluster my ubuntu machine to work for my windows machine...
<iToast> So when vegas is rendering hd video, instead of up to 2 hours for 30mins of video, 1 / half a hour...
<iToast> (has about 14 computers)
<Japje> i want to cluster my cat and my dog
<SpamapS> Japje: give the cat catnip and the dog an ubuntu CD... they'll cluster all day
<Japje> thats a good idea
<Japje> but its a Dog Air
<Japje> it doesnt have a cd slot
<iToast> Plug a external dvd rom into the usb port under the tail
<twb> The more space you give users, the more content you have to check for badthinks and steganography
<iToast> twb, Easy idea...
<iToast> Don't let them make it public
<Japje> tell that to the megaupload users
<iToast> :D!
<iToast> vim e_e
<iToast> Nano <3
<SpamapS> pipemeter!
<Japje> sed!
<iToast> How to secure you're server:
<iToast> Step 1: Turn it off
<iToast> Step 2: lock it away in a closet
<iToast> Step 3: tell no one it exists
<iToast> Step 4: hope no one finds it...
<twb> Japje: I babysit prison servers, what I said is an actual issue there
 * RoyK slaps iToast 
 * iToast slaps RoyK with a smelly fish
<Japje> i know :)
<Japje> wasnt doubting it
<twb> iToast reminds me of the electronic toaster from Red Dwarf
<iToast> twb, what do you mean?
<Japje> my users use space for database storage
<Japje> most anyway
 * RoyK sends iToast to http://www.youtube.com/watch?v=IhJQp-q1Y1s
<iToast> No, i ment babysiting prison servers
<Japje> how can you not understand that?
<iToast> What's put on those servers
<twb> 128MiB is enough for anyone
<Japje> i kindly refuse
<_ruben> hrm .. apparently ubuntu(-server)/linux/whatever doesn't like traffic originating from the network address .. bugger that
<iToast> I agressivly refuse.
<Japje> _ruben: ubuntu is not a network aware operating system
<twb> _ruben: which address?
<iToast> Japje, Letme get this straight
<twb> _ruben: maybe you forgot to purge NM with extreme prejudice
<iToast> By a network aware os, does that mean computers discover eachother and their open services
<_ruben> twb: .0 in a /24
<Japje> no, its an OS that has given network access by chuck norris
<twb> ha
<Japje> .0 is not chuck norris approved
<iToast> Japje, out of all seriousness was that right?
<twb> This channel has turned into a clown house
<_ruben> i can use /31s just fine for ptp, but arp fails when it's sourced from .0/24
<Japje> iToast: as for the last hour, your wrong
<twb> It's not even september
<iToast> Japje, Explain network aware os ;)
<twb> _ruben: "doesn't like" as in it drops it on the floor?
<Japje> its the time difference that makes me aggitated
<Japje> that or the snow here in bucharest
<_ruben> twb: seems to ignore it yes, and arping to .0 gets permission denied ?!
<iToast> Oh, ugm, this is the stupidiest question you will hear.
<iToast> Was the reason my samba install not working because i forgot to set the domain to WORKGROUP
<iToast> Out of all honesty, i've used windows network shares and freenas, freenas automated samba for me...
<iToast> Il stop being stupid...
<iToast> e_e
<iToast> ...
<iToast> Now for my original question
<iToast> What do i do for cdrom
<twb> _ruben: are you root?
<iToast> ...
<iToast> Does anyone know?
<uvirtbot> New bug: #925315 in bacula (main) "[Patch][Precise]Enable LZO support" [Undecided,New] https://launchpad.net/bugs/925315
<_ruben> twb: yes
<_ruben> for now i just bumped the firewall from .0 to .1
<_ruben> will postpone in-depth research to later date
<twb> You know .0 is not a normal address right?
<twb> It's not a host address it's a network address
<_ruben> yes, but most network stacks are "liberal" enough to treat it as a "normal" address, with cidr involved and all
<onre> twb, it can be a normal address in any network with "wider" than 24-bit netmask.
<twb> onre: granted
<twb> _ruben: that sounds like a dirty hack
<twb> the same way NAT is a dirty hack :P
<_ruben> the network address should be "less special" than for instance the broadcast address, which atleast has *some* functionality :)
<twb> _ruben: HTFU princess
<RoyK> twb: 192.168.1.0 is a host address on our 192.168.0.0/21 network...
<_Techie_> is there any downside to using 32bit ubuntu server with 8gigs of RAM and an i3-2100?
<linocisco> hello
<linocisco> where to find apt.conf in android?
<_Techie_> linocisco: i dont believe android uses apt
<linocisco> _Techie_: it is a big problem for me as I could not authenticate to use office network
<linocisco> which rooting software is best for all android tablets and phones
<linocisco> ?
<_Techie_> linocisco: have you tried asking in #android
<linocisco> i can't connect or join it
<_Techie_> linocisco: i have a feeling that its restricted to registered users, you will need to register with nickserv
<SpamapS> _Techie_: yes, memory addressing will incurr a performance penalty
<linocisco> yes. I keep trying
<_Techie_> SpamapS: how much of a performance penalty?, i will be using it mainly as a personal game server. team fortress 2, garry's mod, some teamspeak... and yes... minecraft
<SpamapS> _Techie_: varies by CPU
<SpamapS> _Techie_: http://www.phoronix.com/scan.php?page=article&item=ubuntu_32_pae&num=1
<_Techie_> SpamapS: thankyou, i was just abotu to ask if you had any links showing the performace difference in different situations
<SpamapS> _Techie_: notice how much the 64-bit system kills the 32-bit systems... if you have 8GB of RAM and a capable system.. there's very little reason not to do it.
<_Techie_> SpamapS: looks like my choice is clear, ill start prepping a hard drive image to implement this weekend
<_Techie_> SpamapS: thanks alot for your help
<lambda_x> does anyone know how to remove faulty paths from multipath?
<SpamapS> jamespage: you wouldn't happen to be around would you?
<iToast> ...
 * SpamapS fights the urge to go run across the street to 7-11 and buy a redbull + twinkie and keep working through till sun-up
<jamespage> SpamapS, I am now
<iToast> ops >_>
<Tm_T> hi iToast, welcome to the Ubuntu Server discussion and support channel #ubuntu-server
<SpamapS> jamespage: trying to discern how the documents in couchdb are populated from the server-tests-precise thing..
<jamespage> SpamapS, well run-test.py puts most stuff into couchdb
<jamespage> thats in the ubuntu-server-iso-testing codebase
<SpamapS> right I think I lost that bit :-P
<SpamapS> somewhere in the hangover/jet lag induced haze
<jamespage> I drew a picture once lemme see if I can find it
<SpamapS> jamespage: I've got run_tests in a state where I can make it reboot and run post-reboot tests..
<iToast> Tm_T, hi
<jamespage> SpamapS, nice; want me to review and test as well?
<SpamapS> jamespage: I thinK I understand how it works, but I don't understand how to make sure it will work... I can make a manually booted kvm vm reboot and run tests and stuff.
<SpamapS> jamespage: right now the way I'm doing it is storing the service state of before/after reboot in couchdb, which works quite nicely, but means that run_test itself has to push the result of that into the "results" ...
<SpamapS> jamespage: I think I should probably change that to have it serialize those results back onto disk and let a post-reboot test pick it up
<SpamapS> jamespage: will perhaps ask for a review late today or early tomorrow.
<Daviey> jamespage: for the ec2 tests, do we save the euca-get-console-ouput log ?
<jamespage> Daviey, yes
<m_tadeu> hi...I'm trying to use mysqldbexport, but I'm getting the following error "ImportError: No module named mysql.utilities". How can I solve this?
<Daviey> jamespage: i think i am being daft, where is it stored?
<Daviey> jamespage: looking into https://jenkins.qa.ubuntu.com/view/Precise/job/precise-server-ec2/ARCH=i386,REGION=eu-west-1,STORAGE=ebs,TEST=cloud-config,label=ubuntu-server-ec2-testing/2/
<jamespage> Daviey: well it tried to get a console output - but was not able to
<jamespage> the instance never actually booted
<jamespage> ec2 error
<Daviey> jamespage: Did the reservation go awol?
<jamespage> Daviey: nope it just crapped out
<Daviey> jamespage: Hmm, the console-log suggests it couldn't be terminated..
<Daviey> Does thta mean it went directly to terminated by AWS?
<jamespage> Daviey: yes - I'm just going to see if its still running
<Daviey> cool
<jamespage> Daviey: possible - it not present in the instances listing for that region on that account
<Daviey> ok, thanks
<Daviey> jamespage: Do you know why cloud-config is unstable?
<jamespage> Daviey: yes
<jamespage> the test needs updating - its nothing to worry about for the a1 images
<jamespage> someone did half a job just after alpha1
<Daviey> jamespage: great, thanks
<Daviey> heh
<Daviey> jamespage: Does the account need to be able to run more concurrent instances?
<Daviey> >InstanceLimitExceeded</Code><Message>Your quota allows for 8 more running instance(s). You requested at least 10</Message>
<jamespage> Daviey: yes - I thought that had been done but its possible I got confused about which region
<jamespage> you will notice that we are not running tests in the new sa region
<jamespage> that def has been done
<uvirtbot> New bug: #925278 in openstack-ppa "nova-api will not run (some change in trunk PPA over past 48hrs)" [Critical,Confirmed] https://launchpad.net/bugs/925278
<Daviey> groovy
<jamespage> Daviey: I just requested that increase and asked them to validate its good in all regions.
<jamespage> do you want me to fix the test; add the new sa region and run again once they confirm?
<Daviey> jamespage: that would seem like a dandy idea.
<jamespage> Daviey: OK - just waiting on amazon to confirm the instance limit increases....
<Daviey> rocking
<uvirtbot> New bug: #925231 in samba (main) "smbd crashed with SIGABRT in file_ntimes() (dup-of: 911449)" [Undecided,New] https://launchpad.net/bugs/925231
<rbasak> jamespage: I have one test for a precise panda netinst on armhf itself, and another to test juju in a local environment. This is still in progress somewhat but ready to start getting integrated now I think
<jamespage> rbasak, whats your central point of control?
<rbasak> what I'd like to do is run a jenkins slave for these, so we can start automatically detecting breakages for these
<rbasak> I have a "server" here that runs cobbler and my scripts, and I imagine will be running a jenkins slave
<jamespage> rbasak, you will need to run jenkins itself; until this is in the QA lab and it can actually access a master instance you can just run everything from jenkins locally
<rbasak> In time we'll be adding more tests to this mechanism. There's also talk of testing in qemu
<jamespage> rbasak, so sudo apt-get install jenkins is a good start :-)
<rbasak> I see - so we can't really hook it up to the existing master instance without it being in the QA lab?
<jamespage> assume you are running oneiric or precise on this install
<rbasak> I was hoping to give QA visibility of this
<rbasak> I'm running oneiric but could run precise
<jamespage> rbasak, we can still push results to jenkins.qa.ubuntu.com
<rbasak> Cool
<jamespage> thats just a read only copy of stuff from another 3 jenkins instances
<jamespage> NOT slaves
<rbasak> I see, OK
<jamespage> rbasak, of course we need to get the nod from QA before starting to push results
<rbasak> sure
<jamespage> oneiric is fine
<jamespage> its a slightly older version but is compatible with that in the lab
<jamespage> I will be backporting the latest LTS to oneiric next week
<rbasak> I've never touched jenkins before. Is there anything I need to know? Any particular way I should be setting it up?
<jamespage> so if you need a particular feature
<jamespage> ...
<jamespage> so a couple of things you need to know
<jamespage> 1) everything runs under the jenkins account by default; this is a good place to install tools (we normally user ${HOME}/tools/XXX-tool
<jamespage> which jenkins jobs are going to use
<jamespage> 2) get the naming right; if you look at jenkins.qa.ubuntu.com for guidance
<jamespage> e.g. precise-arm-XXX-test of something similar
<jamespage> precise-server-armel-XXX maybe
<jamespage> anyway have a think
<jamespage> its worth getting right - makes setting up dashboards using regex easier
<jamespage> OH - and jenkins starts on port 8080 by default BTW and is not secured in any way to start with
<rbasak> OK, thanks!
<jamespage> I try to limit whats actually in a Jenkins job definition to a bare minimum - that way the tools can be run by anyone without jenkins
<jamespage> just enough to execute the test and determine the results
<jamespage> non zero exit code = job failure = RED ball
<jamespage> rbasak, how are you running tests?
<rbasak> Right now, just a script with an exit status
<jamespage> i.e. can the test results be parsed easily into something Jenkins can understand?
<rbasak> I presume I'll be needing to change script output to be more useful to jenkins
<jamespage> it is possible to search for specific strings in the log
<jamespage> but outputting something into JUnit  xml format means Jenkins can do more...
<rbasak> OK, so to start with I can just use what I have, and then change the format later?
<jamespage> rbasak, yes
<rbasak> great!
<roaksoax> smoser: howdy! So I was checking youtr homeserver and really don;t see any issues
<roaksoax> smoser: as according to /proc/cpuinfo you have only 1 core, with 1.0Ghz
<mdeslaur> SpamapS: FYI, please don't merge php5 from debian
<jamespage> Daviey: I just kicked off the precise-server-ec2 testing again - limits should now be OK on all regions.
<jamespage> utlemming ^^ sa-east-1 also being tested now on all test types for ec2
<roaksoax> jamespage: btw.. are you still using the lab with automatic power managent on the sentry switch?
<Daviey> jamespage: Is it difficult to do selective tests?
<Daviey> ie, test those that failed due to that error?
<smoser> roaksoax, well, its definitely not just 1.0Ghz
<smoser> it does scale
<autif> I have used xubuntu desktop for a long while and for the first time set up an ubuntu server machine for long term use - my question is how do I apply updates - just apt-get update && apt-get upgrade? If yes, then I have never seen the kernel change on the server - is that intentional or there is an apt command that I am missing - I am on 11.10
<smw> autif, you need to install them manually
<smw> it tells you that the kernel packages are "held back"?
<uvirtbot> New bug: #925511 in lxc (main) "lxc init script should fail when it ... failed" [High,Confirmed] https://launchpad.net/bugs/925511
<eikke> did anyone ever use ubuntu orchestra/cobbler/koan to provision virtual machines on a server other than the cobbler host?
<mtaylor> eikke: if you want to do that, wouldn't something like nova make more sense?
<uvirtbot> New bug: #925513 in plymouth (main) "plymouth should not run in container" [Medium,Confirmed] https://launchpad.net/bugs/925513
<eikke> mtaylor: not sure, feels heavyweight for a jenkins/ci environment using VMs as work horses
<mtaylor> eikke: ah. yeah
<jamespage> eikke, I've not done it myself but its definitely possible - I think jibel may be  looking at this for further automation of Ubunt
<jamespage> testing
<eikke> I got orchestra/cobbler running for physical machine provisioning, yet running koan on another mahcine does find the cobbler install and can retrieve info about the VM I want to create (it's a System in orchestra/cobbler)
<jamespage> Daviey: well it is possible - there is an adhoc job we can use for that
<eikke> but then starts to retrieve some files from the cobbler host, and gets 404, and the files it attempts to retrieve look like RedHat-bases systems to me
<Daviey> jamespage: just wondering if it's worth doing a full retest on things we know work?
<jamespage> eikke: have you seen this - https://help.ubuntu.com/community/Cobbler/Deployment
<jamespage> ?
<jamespage> Daviey: if there was a nice easy way todo that yes I agree
<jamespage> its a bit of a hack at the moment which makes it hard to gain a full set of results in one place
<eikke> jamespage: that's what I'm attempting to do, but fails (the last command)
<jamespage> I did toy with seperating all of the jobs into individual jobs which would mean you could just re-run one of them more easily
<Daviey> jamespage: hehe
<Daviey> jamespage: makes sense.
<jamespage> Daviey - there might be a plugin - I will take a look
<jamespage> eikke: please can you pastebin the error code/stack trace you are getting
<Daviey> jamespage: meh, just retrigger it right now - but useful for the future i think
<jamespage> Daviey: ack - I already did
<jamespage> results should publish in the next few minutes
<Daviey> heh
<eikke> jamespage: https://gist.github.com/215475eba8817899212b
<eikke> (thats using --profile, using --system I get the same result)
<uvirtbot> New bug: #925520 in lxc (main) "lxc script non-root errors can be confusing" [Undecided,New] https://launchpad.net/bugs/925520
<dax_roc> Afternoon all
<dkn> howdy
<dax_roc> Is the correct way to remount a fs rw after an error "mount -o remount,rw / " ?
<dkn> google says mount -remount,rw /mnt
<dkn> the -oremount looks like read only
<eikke> mount -o remount,rw / should do the job
<dax_roc> no doesn't seem to, Fails with "mount: cannot remount block device /dev/mapper/ubuntu--base-root read-write, is write-protected"
<eikke> jamespage: any clue? the repo_mirror folder was empty initially, so I enabled it to reposync, ran reposync (and pulled in several GB of data), yet no reveal
<autif> smw - thanks for the info, can you please also point me to how to go about installing the latest kernel manually? (apologies for the late reply, had to run to a meeting)
<jamespage> eikke, just trying it out :-)
<smw> autif, I just install manually
<smw> autif, sudo apt-get install
<smw> autif, there is also aptitude safe-upgrade
<autif> ah
<eikke> jamespage: ah, thanks!
<autif> in that case, I will need to search for the latest kernel - presumable using apt-cache search
<autif> right?
<dkn> dax_roc, did you try specifying the paths? mount -o remount,rw /dev/foo /dir ?
<dax_roc> dkn: just the mount point not the device
<autif> smw - also - how are you notified when a new kernel is available? short of running apt-cache search linux-image.+server everyday
<smw> autif, I don't know
<dkn> the man page for mount remount shows both, you might try /dev/ and /dir if just /dir isn't working.... not an expert on it though
<autif> thanks for the help!
<autif> will research
<patdk-wk> autif, personally, I just subscribe to the security alerts mail list
<dax_roc> dkn: it should work with the mount point, I'll try force
<eikke> jamespage: I never ran 'cobbler import' though...
<jamespage> eikke: ah - well you need to get some basic information into cobbler otherwise it won't do much
<jamespage> I did get a little further - appeared to try and create a kvm instance - however not sure it worked.
<eikke> jamespage: well... I installed the ubuntu-orchestrator-server package, configured according to my needs
<eikke> then created an 'oneiric-x86_64' system using cobbler_web providing a mac address, and was able to provision a physical server through pxe this way
<eikke> there's other distros available in the (default) list as well, I didnt change anything over there
<jamespage> hmm - well it should be OK then
<jamespage> eikke, I think its your system - can you do sudo cobbler system dumpvars --name oneiric-x86_64
<jamespage> pastebinit
<eikke> https://gist.github.com/0b8a68f11fe6e70614b0
<jamespage> eikke: sorry not being much help am I :-(
<eikke> jamespage: all help is welcome ;-)
<jamespage> eikke: using the standard oneiric-x86_64 profile I get a Cannot find install source in kickstart file, aborting. message
<jamespage> using a profile I use on hardware everyday I get http://paste.ubuntu.com/826540/
<jamespage> domains are running
<uvirtbot> New bug: #514379 in lxc (main) "Lack of documentation" [Medium,Triaged] https://launchpad.net/bugs/514379
<roaksoax> jamespage: could ytou also pastebin your "cannot find install source in kickstart file"
<jamespage> roaksoax: I think its the standard one from oneiric - I'll check
<roaksoax> jamespage: jamespage ah your running cobbler/koan in oneiric?
<jamespage> roaksoax, ah - my bad - neither server or profile as and associated kickstart!
<roaksoax> jamespage: cause in precise this should have been fixed
<jamespage> confusingly I'm using koan on precise and cobbler on oneiric
<roaksoax> jamespage: ah :)! but yeah, there were koan/virtinst issues in precise related to not being able to detect an ubuntu mirror, which are already fixed
<jamespage> gah eikke has gone - I suspect thats his issue.
<roaksoax> jamespage: most likely
<roaksoax> jamespage: btw.. are you still using the fence_cdu script for the lab?
<jamespage> yep
<roaksoax> jamespage: i'm gonna integrate it later today in cobbler/fence-agents so if you see any breakeage you know why it might be xD
<eikke> jamespage: sorry, laptop died on me, hope I didnt miss any useful info :)
<jamespage> eikke: roaksoax said that there where know koan/virtinstall issues detecting ubuntu mirrors
<eikke> right
<eikke> the problem I have is I don't know whether koan is looking for files it shouldnt look for, *or* cobbler isnt serving files it should
<roaksoax> eikke: could you pastebin your koan output
<roaksoax> please?
<eikke> roaksoax: https://gist.github.com/215475eba8817899212b
<roaksoax> eikke: is this in precise or oneiric?
<eikke> both master and slave are oneiric x86_64
<roaksoax> eikke: is it possible you could try installing virtinst for precise?
<roaksoax> err precise's virtinst into oneiric?
<eikke> on the slave? sure
<eikke> if I can figure out how to mix'n'match those things :$
<roaksoax> eikke: yeah on the machine you are running koan
 * roaksoax bbl
<eikke> roaksoax: should I do so using download + dpkg?
<eikke> roaksoax: using 0.600.0-1ubuntu4, same error
<roaksoax> eikke: uhmm interesting
<eikke> didnt update koan, only virtinst
<roaksoax> eikke: you shouldn't really need to update koan
<eikke> I'll try to "cobbler import" an oneiric server ISO
<roaksoax> eikke: maybe becuaes installing with dpkg didn't really upgrade the python modules
<eikke> it should though, they're part of the package (http://packages.ubuntu.com/precise/all/virtinst/filelist)
<koolhead17> hi all
<roaksoax> eikke: ok found the issue. you need to update koan from precise too
<eikke> will do
<roaksoax> eikke: or
<roaksoax> eikke: or
<eikke> ? about to install python-koan and koan from precise :)
<roaksoax> eikke: or sudo cobbler profile edit --name precise-x86_64 --ksmeta tree=http://@@http_server@@/cblr/ks_mirror/precise-x86_64
<roaksoax> bug #807324
<uvirtbot> Launchpad bug 807324 in bind9 "BIND 9.7.0 (ie., lucid) is overly strict on authoritative responses missing the "aa" flag" [High,Fix released] https://launchpad.net/bugs/807324
<jamespage> Daviey: https://jenkins.qa.ubuntu.com/view/Precise/job/precise-server-ec2/
<eikke> roaksoax: changing the oneiric ksmeta like that works, w00t
<roaksoax> eikke: cool then
<roaksoax> eikke: in the precise's koan that change is done automatically
<eikke> interesting
<eikke> thanks for the help, really!
<roaksoax> eikke: no worries ;)
<Daviey> jamespage: \o/
<smoser> jamespage, we really need tomake console.txt wait before collecting
<smoser> its pointless to collect an almost guaranteteeed empty file
<mjt> smoser: you around?  Do you remember why ipxe package were split into kvm-ipxe and ipxe?  And maybe, do you know how the roms in ipxe package are being actually used, besides by qemu and the like?
<mjt> heh
<jamespage> Daviey: https://wiki.jenkins-ci.org/display/JENKINS/Matrix+Reloaded+Plugin
<jamespage> I'll get it installed
<smoser> hallyn, would know. mjt
<mjt> smoser: he sent me to you :)
<Daviey> jamespage: ooo, that is nice
<mjt> i'm trying to decide what to do with ipxe in debian.  To me it looks like we should drop all the boot roms except of very few ones which we actually use - by qemu, by virtualbox maybe, etc, and compile them without boot delay.  The rest - IMHO - has no use at all, since if someone wants to embed it into their actual NIC they'll compile their own anyway.
<jamespage> smoser: if so I really need to re-implement the test framework todo more multithreading
<smoser> jamespage, yeah. i looked at it, and decided that too
<mjt> hallyn: do you not agree ^^ ?
<jamespage> hmm
<hallyn> mjt: I wouldn't object.
<jamespage> maybe use twisted :-)
<smoser> mjt, i would agree.
<smoser> that boot-delay is annoying.
<smoser> and i'm not aware of any use for this other than kvm (or as you say, compiling their own).
<mjt> and in that case, just one package "ipxe" should be enough (which provide ipxe-grub too)
<smoser> jamespage, https://jenkins.qa.ubuntu.com/view/Precise/job/precise-server-ec2/ARCH=i386,REGION=us-west-2,STORAGE=instance-store,TEST=cloud-config,label=ubuntu-server-ec2-testing/lastBuild/artifact/None/i386/m1.small/instance-store/i-e688ccd6/uec2-20120202-1453-d28473559d2145-terminated.console.txt
<hallyn> lynxman: was it by chance you who was interested in ipxe roms for non-kvm?
<hallyn> or is that person a figment of my imagination?
<hallyn> zul: can xen use any ipxe roms?
<jamespage> smoser: looking now
<zul> hallyn: no idea i havent been able to try
<jamespage> smoser: we have seen that before....
<lynxman> hallyn: I was indeed, and I solved the issue concerning that on my new build, I now have to kill some more packaging issues before the package is life :)
<smoser> jamespage, that failure (from https://jenkins.qa.ubuntu.com/view/Precise/job/precise-server-ec2/ARCH=i386,REGION=us-west-2,STORAGE=instance-store,TEST=cloud-config,label=ubuntu-server-ec2-testing/lastBuild/)
<smoser> i suspect is related to https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/898373
<smb> hallyn, I do boot xen guests with pxe if that is what you want to know
<uvirtbot> Launchpad bug 898373 in cloud-init "fsck.ext3: Device or resource busy while trying to open /dev/xvda2" [High,Confirmed]
<smoser> maybe not.
<smoser> where else had you thought we'd seen it?
<hallyn> smb: what i want to know is whether any of the roms in ipxe but not in ipxe-qemu are needed
<jamespage> smoser: I think that was the bug I was thinking about
<hallyn> lynxman: ^
<smb> hallyn, Oh ok... more detail I used to care about then
<lynxman> hallyn: that should be trivial to add now, so no worries about it
<jamespage> smoser: yes - its the same thing
<lynxman> hallyn: lp:~lynxman/ubuntu/precise/ipxe/newsnapshot
<smoser> why do you think its the same, jamespage ?
<smoser> ah.
<smoser> it is.
<smoser> duh
<utlemming> smoser: is that a launch blocker or just a release note?
<smoser> i was looking too far down.
<jamespage> so looking at https://jenkins.qa.ubuntu.com/job/precise-server-ec2/ARCH=i386,REGION=us-west-1,STORAGE=instance-store,TEST=cloud-config,label=ubuntu-server-ec2-testing/1/artifact/None/i386/m1.small/instance-store/i-835a3dc4/uec2-20111130-1920-5d6ee3bc489541-terminated.console.txt
<jamespage> which is linked from the bug
<jamespage> the instance fails to reboot with the same errors as in todays test
<stgraber> hallyn: working on some changes to lxc-ubuntu to default to armhf and deal with building for a non-native arch
<hallyn> lyxman: you did an update, but i can't tell from that - do you need any of the roms which are in ipxe but not in kvm-ipxe?
<eikke> roaksoax: virt-manager etc now work beautifully as well, thank you, really. spent all day on this :P
<hallyn> smb: so the answer is you don't need those?
<lynxman> hallyn: nope, it's fine as it is in the update, got all the roms you copied over to kvm-ipxe as well
<hallyn> stgraber: ok, pls remember there are staged changes in ubuntu:lxc bzr tree
<smb> hallyn, No, the answer is I don't know whether I need those
<lynxman> hallyn: so your choice of roms doesn't affect me :)
<smoser> thats freaking annoying
<jamespage> smoser: yes
<smoser> i click on "#3", and the link i get is https://jenkins.qa.ubuntu.com/view/Precise/job/precise-server-ec2/ARCH=i386,REGION=us-west-2,STORAGE=instance-store,TEST=cloud-config,label=ubuntu-server-ec2-testing/lastBuild/
<hallyn> mjt: ^ so i think the answer is JFDI and we'll hear about it if any deleted roms are needed :)
<smoser> "latestBuild"
<smoser> i want a perminent link
<mjt> JFDI? Just F.. Do It? :)
<mjt> yes that's probably the best way to know
<stgraber> hallyn: hmm, latest entry I see in the branch is 0.7.5-3ubuntu16, can't see any staged changes. Did you push?
<smoser> its sad, mjt, but sometimes that is the best way.
 * smoser is happy for ditching 3 seconds of boot!
<smoser> so jamespage utlemming ...
<smoser> if, for some reason the filesystem is dirty on /mnt (or some other filesystem), we just dont boot.
<smoser> is that the case?
<smoser> cause that sucks
<utlemming> smoser: yuck
<utlemming> smoser: can you document that in the bug and we'll put it on the release notes
<hallyn> stgraber: feh lemme check
<stgraber> hallyn: my changes are fairly minimal, so I can easily rebase on whatever you have staged
<hallyn> stgraber: this wasn't major either, it was just there so i wouldn't forget.  now i forgot.
<hallyn> stgraber: nm, that was libvirt :)
<hallyn> fire away
<stgraber> hallyn: good. I'll also make a separate commit cleaning up all the tabs and using 4 spaces consistently in the file :)
<hallyn> stgraber: that'd be great.  but be careful!  :)
<hallyn> stgraber: btw do you have an idea about why the net-device-up for lo is not being fired in lucid containers?
<stgraber> hallyn: not really, is udev working properly (udevd, the --add and udevtrigger)?
<hallyn> stgraber: pretty sure it is, though remember we were going to drop those anyway
<hallyn> ok, then i guess i'll look into it more - just thought you might know offhand what changed.  (I'm sure it was working until very recnetly)
<jamespage> smoser: it would appear that that is the case
<stgraber> root@castiana:/# cat /etc/apt/sources.list
<stgraber> deb http://ports.ubuntu.com/ubuntu-ports precise-updates main universe
<stgraber> deb http://ports.ubuntu.com/ubuntu-ports precise-security main universe
<stgraber> hallyn: ^ that looks wrong ;)
<mjt> anyone know what NICs virtualbox emulates?
<stgraber> hallyn: where's the regular source? :)
<hallyn> stgraber: is that on arm?
<stgraber> hallyn: armhf, yes, well armhf running on x86, but code path should be the same
<hallyn> rbasak: ^
<smoser> jamespage, discussion in -devel with slangasek is that it is working as designed and he in all his knowledge does'nt have a solution for me other than "nobootwait"
<hallyn> stgraber: what do you mean by 'the regular source'?  you mean without -updates?  or you mean not ports.ubuntu.com?
<stgraber> hallyn: "deb http://ports.ubuntu.com/ubuntu-ports precise main universe" is missing
<hallyn> stgraber: oh.  that sounds like a thinko
<stgraber> hallyn: in my case, I'll also need some i386 sources in there but that's specific to my hack and I know I need to implement that bit
<allenap> bigjools: You were saying it's a pi... going to be very easy.
<Daviey> stgraber / smb: Is resolveconf behaving now?
<bigjools> allenap: cake
<hallyn> oh.  so no containers are getting regular 'source'?  d'oh.
<stgraber> Daviey: no, we have one more change staged in the branch to be pushed post-freeze
<allenap> bigjools: How does maas tell other components of the whereabouts of this blob service?
<hallyn> no, mine has it
<stgraber> Daviey: and then will need to deal with potential bugs that may appear because of that change
<smb> Daviey, I have not re-tested (which needs a install of oneiric and upgrade after manual reconfig) but I have not noticed a note saying it should work now
<stgraber> hallyn: my amd64 ones seem to be fine
<bigjools> allenap: it's only for juju
<Daviey> stgraber: do you have concerns?
<mrevell> allenap, Do you have a moment to talk hosting the MaaS docs?
<jamespage> smoser: so I see
<Daviey> smb: thanks
<hallyn> stgraber: but is that a debootstrap bug then?
<stgraber> Daviey: well, our current trick to make resolvconf work in chroots was a bad idea (creating the symlink at boot time), so we'll revert that and replace by a relative symlink which should work for chroots but it's hard to think of all possible use cases
<Daviey> stgraber: This seems to be a good candidate for a QA upgrade test?
<allenap> mrevell: Sure.
<Daviey> stgraber: right!
<allenap> mrevell: Hangout.
<stgraber> Daviey: so we didn't want to risk a rebuild for it and will upload today. I don't expect issues on upgrade (possibly less issues actually), but I have daily upgrade testing running here for all the flavours so that's easy enough to check
<mrevell> allenap, Yo betcha, as they say.
<mrevell> allenap, invite sent
<stgraber> hallyn: could be, seems like qemu-debootstrap might be missing the initial sources.list line
<stgraber> hallyn: I'll just update the template to wipe sources.list and write it from scratch instead
<Daviey> stgraber: Something centralised would be good :).. and gema and jibel would love you.
<hallyn> stgraber: ok
<stgraber> hallyn: and add restricted and multiverse in the process, not sure why we don't have them at the moment
<hallyn> stgraber: speed?
<hallyn> adding those makes apt-get update forever on my laptop anyway
<stgraber> Daviey: right, I have my own setup here because "Canonical no longer wants to spend resources on doing QA for flavours" ...
<stgraber> hallyn: hmm, restricted and multiverse are pretty small compared to universe
<hallyn> oh.
<hallyn> yeah i was thinking universe.  i would admit not knowing what multiverse is, but i'm too manly
<hallyn> so why would you want restricted and multiverse in a container?
<Daviey> stgraber: Been drinking lemon juice? :)
<stgraber> hallyn: main => 7.5M, multiverse => 592K, restricted => 129K and universe => 25M
<stgraber> Daviey: ;)
<hallyn> :)  ok.  so no problem, but still not sure what we'd want from there
<hallyn> zul: smb: is "apt-get install openvswitch-switch" supposed to just work?
<stgraber> hallyn: well, it'd be consistent with desktop and maybe someone may need some codecs or similar stuff for some weird setup :)
<zul> hallyn: reputadely
<hallyn> stgraber: oh, right and with arkose esp ppl might want codecs.  ok.
<hallyn> zul: "FATAL: Module oepnvswitch_mod not found"
<Daviey> hallyn: where are you seeing that?
<zul> hallyn: try installing the openvswitch-dkms
<hallyn> zul: it tried dkms automatically.  oh, there, very neatly hidden away, i guess the dkms build failed.  why not show me those erors, dingbat?
<zul> but but :)
<hallyn> yeah, errrors in brcompat.c
<smb> zul, maybe we need sound support for dkms, doing the red alert thing when build fails
<stgraber> hallyn: I'm assuming the typo in the module name is just a manual copy/paste typo and not a typo in a script right? (oepnvswitch_mod vs openvswitch_mod)
<stgraber> oh, ok, yeah, if the module failed to build, that probably was just an IRC typo then ;)
<zul> smb: red alert thing?
<hallyn> stgraber: yeah.  this was in a vm on another laptop.  no cut/paste
<smb> zul, like in star trek
<zul> smb: ah right
 * zul loves majel barret :)
<hallyn> maybe it needs to #include <linux/module.h>?  it says expected declaration specificers or '...' before string constant on the MODULE_DESCRIPTION("..."); line
<ahs3> mmmm....majel barret.....
<smb> hallyn, sounds reasonable and probably is quick to test...
<hallyn> smb: what's the quickest way?  if i change the src under /var/lib/dkms and do dkms build -m openvswitch -v 1.2.2, it reextracts the src :)
<hallyn> do i have to rebuild the whole package and install it?
<Daviey> hallyn: the build.log should show you how to reproduce the build out of band.
<smb> hallyn, oh crap. somehow I expected it not to extrat every time. You could rebuild the tarball I guess
 * hallyn gets cranky typing on this tiny keyboard with jacked-up capslock key
<hallyn> (resituating)
<hallyn> lol!
<hallyn> well just a 'make' worked.  and yes that #include fixed that error.  which brings upthe next one:
<hallyn> kernels after 3.0 are not supported by this version of openvswitch
<hallyn> glad to see this is so heavily used :)
 * smb wonders who tested that one before... :)
<hallyn> well, all i'm saying is, if noone has noticed, then maybe we don't care all that much
 * hallyn checks open bugs
<smb> I am not sure I remember that one right, but wsn't that the package that first was discussed to move into main and then (a while ago) decided its not really required or so...?
<hallyn> there is an open MIR for it.  i don't know about it being decided it wasn't needed.  zul?
<zul> reading the backlog
<zul> yeah i care about it, ill make sure it doesnt fail can you open up a bug about it
<hallyn> well, sid has 1.3.0-1.  perhaps we should sync
<hallyn> zul: sure
<hallyn> zul: or do you just want to sync
<zul> i was going to find some time to sync it up
<hallyn> zul: filed bug 925611, thanks.  (let me know if you want me to do it, but happy to leave it to you as you've obviously done the last few).  I was just trying it out to see about making recommendations in documetnation for use with qemu+libvirt...
<uvirtbot> Launchpad bug 925611 in openvswitch "Please merge 1.3.0-1 from debian unstable" [High,Confirmed] https://launchpad.net/bugs/925611
<zul> hallyn: gotcha
<mrevell> bigjools, Hey, do we have a "Bad" state for a node that's got some kind of problem?
<uvirtbot> New bug: #925611 in openvswitch (universe) "Please merge 1.3.0-1 from debian unstable" [High,Confirmed] https://launchpad.net/bugs/925611
<bigjools> mrevell: no - we should though
<mrevell> I've added one to the new glossary, which I'll share shortly
<bigjools> mrevell: see src/maasserver/models.py
<mrevell> thanks bigjools
<adam_g> zul: that iscsi patch got merged, no need to carry patch
<zul> yep i saw
<stgraber> hallyn: any reason why we don't have a proper locale installed in the template?
<hallyn> stgraber: i think we didn't know how to decide which locale is proper
<stgraber> hallyn: well, having "a" locale would be nice, I'd just go with language-pack-en and en_US.UTF-8 by default. Using C is likely to break quite a few things ...
<hallyn> i like locale C :)
<hallyn> i suppose if there's a clean way to get the host's locale we could copy that into container at setup
<stgraber> C.UTF-8 would be reasonable I guess if that works now
<hallyn> stgraber: I'm just being an old man.  locales are new to me :)  Pls do what you think best.
<hallyn> plus i don't run things like ff in my containers (yet)
<hallyn> btw i'm working on a patch to have lxc-start bail early if insufficient privs
<stgraber> hallyn: well, the biggest annoyance to me with our current lack of locales is all these warnings from perl that you get in APT and some other tools. I also remember having some pretty serious issues with PostgreSQL and other DB where they would store everything as ASCII unless the locale supported utf-8 at install time.
<stgraber> if C.UTF-8 works, that should take care of all of these issues and not require any extra package
<hallyn> ascii ftw :)
<hallyn> ok
<RoyK> EBCDIC FTW!
<stgraber> ;)
<tgardner> SpamapS, once you've created a cobbler repo by importing an ISO, is there a way to update it?
<hallyn> stgraber: lp:~serge-hallyn/ubuntu/precise/lxc/lxc-start-checkperms  if you wanted to pull that patch (0032) into your tree
<smoser> tgardner, what do you want to update?
<tgardner> smoser, well, I imported a precise desktop ISO and I'd like to update to the most recent daily (which has a newer kernel)
<smoser> would remove and re-add be not the same?
<smoser> we have a tool that kidn of does this, but it really is hard-coded to do mini-iso stuff (cobbler-ubuntu-import).
<tgardner> smoser, yes, but thats a bit of a pain in the ass, what with having to choose the right pre-seed and all.
<smoser> it basically imports a new one, then renames it.
<tgardner> been using that
<smoser> so yeah...  we dont really have anything.
<tgardner> ok
<smoser> but you could take the logic from cobbler-ubuntu-import
<tgardner> I'll have a look
<adam_g> smoser: i took a look at that nova-volume charm patch yesterday. it requires the loopback device is first created on the host and allowed into the container by someone before charm deploy?
<smoser> adam_g, yeah.
<smoser> i do that in one of the pastebins.
<zul> hallyn: around?
<smoser> it assumes you have access to the loopback. whihc is not unreasonable.
<hallyn> zul: yes, though lunching soon.  what's up?
<adam_g> smoser: why not just look for /dev/loopN like any other block device while making the same assumption?
<zul> hallyn: this use to work on oneiric: http://pastebin.ubuntu.com/826733/
<smoser> adam_g, and assume that something else has alrady set up the block device?
<smoser> because thats not generally helpful.
<zul> hallyn: basically it would give you acccess to look at the console for libvirt-lxc and now it doesnt
<smoser> (and that would already besupported if you just gave it 'loop0' as the config)
<hallyn> zul: not sure, but offhand that could be due to getty change
<smoser> note, the patch would work on ec2 also.
<zul> hallyn: http://paste.ubuntu.com/826731/
<adam_g> smoser: thats up the provider to decide before granting the container access to the device, no? the same thing could potentially happen with an EBS volume on amazon or openstack.
<zul> hallyn: also there is some changes to /dev/ptmx and /dev/pts in libvirt i think as well
<zul> hallyn: where would i start looking
<smoser> adam_g, the charm has no notion of container.
<smoser> and it should not.
<hallyn> does this happen also with an oneiric container on precise libvirt?
<smoser> maybe somewhere down the road, juju has some concept of "this charm requires access to these devices and these kernel modules"
<smoser> but thats just not reasonable right now.
<zul> hallyn: i havent checked yet
<zul> hallyn: ill let you know
<hallyn> ok
<adam_g> smoser: sec, taking another look at the charm with fresh eyes..
<adam_g> smoser: which is the pastebin that prepares the loop device on the host?
<smoser> holdon
<smoser> adam_g, http://paste.ubuntu.com/826756/
<smoser> all that does is  make juju grant all containers access to all /dev/loop*
<zul> hallyn:  same with oneiric its probably a libvirt issue i think
<hallyn> zul: hm
<zul> hallyn: http://libvirt.org/git/?p=libvirt.git;a=commit;h=c30a78c398135577c3038199cb81bfaa19708cc5
<hallyn> zul: i don't think that's it
<zul> well that patch isnt in libvirt yet
<hallyn> zul: that just changes the underlying file from chardev to empty file (which we mount /dev/pts/ptmx onto)
<zul> i have a strace if you want one
<hallyn> zul: I'm guessing it has to do with the new routine for opening the ptys at container init.
<zul> hmm
<hallyn> i.e. virFileOpenTty
<hallyn> what the heck is set_nonblocking_flag()
<hallyn> zul: if you drop 'iflag=nonblock', does it work?
<zul> in the dd?
<zul> just sits there
<hallyn> zul: that strace was not '-f' ?
<zul> it wasnt
<hallyn> can you give me -f output?
<adam_g> smoser: ah, nevermind. charm looks good and works elsewhere. basically, i had no idea that 'losetup --find --show "$fpath"' actually sets up the device
<zul> hallyn: http://paste.ubuntu.com/826777/
<adam_g> smoser: ill probably steal get_block_device() in the next iteration of the swift charms
<smoser> adam_g, sure. so you're merging from mine?
<adam_g> smoser: yeah, my branch is still pending a MP into the main lp:charms, but your change will go with it.
<Daviey> adam_g: you could merge into yours, and the MP will refresh
<hallyn> zul: kernel change i'm thinking
<zul> hallyn: damn
<zul> thats unfortunate
<hallyn> zul: got an oneiric box up?
<zul> hallyn: i can do it in a vm...ill let you know
<hallyn> zul: well open up a terminal, do 'tty', and try the dd on that pty
<hallyn> that fails the same way here on my precise laptop
<stgraber> hallyn: http://paste.ubuntu.com/826789/ is basically what we need to support armel/armhf/powerpc/... on x86
<adam_g> Daviey: thats what i meant
<zul> hallyn: yeah it fails here
<stgraber> hallyn: I just uploaded mountall and sysvinit with the multi-arch changes, so hopefully in an hour or so, the template will work with these changes
<hallyn> stgraber: what about soft freeze?
<stgraber> hallyn: we've been out of soft freeze for 40min now
<hallyn> doh!
<hallyn> stgraber: being pedantic, but could you add comments at top of that new fn documenting expected $1..$3?  :)
<zul> hallyn: ditto on my oneiric box
<stgraber> hallyn: probably a good idea indeed ;)
<Daviey> adam_g: ah
<hallyn> zul: so how did that ever work...  ok, it must be something libvirt used to do to the ptys it creates for consoles, but no longer does
<zul> hallyn: im not sure it just did is there a way where we can grab a console output under precise?
<Unode|Work> hi everyone
<Unode|Work> Can someone tell me how can I disable daily fetches of packages?
<Unode|Work> I only want to update package lists when I want to upgrade things and not on a regular basis.
<Unode|Work> Thanks
<hallyn> zul: haven't found one yet
<zul> hallyn: this is how everything is mounted in the container: http://pastebin.ubuntu.com/826803/
<hallyn> zul: oneiric gives me the same behavior
<zul> hallyn: yeah so i dont remember how that could have worked
<hallyn> zul: use socat?
<mjt> ok, thank you everyone (re ipxe)
<zul> hallyn: how do you use socat?
<hallyn> zul: 'socat - /dev/pts/1' for instance.  (http://ubuntuforums.org/showthread.php?t=1159220)
<hallyn> do you expect this to work nicely while someone does 'virsh console <container>' too?
<zul> not really i just want to get like a "picture" of the console
<hallyn> zul: you know, oneiric got a version of the big pty update backported, so it's possible dd was broken by that after all
<zul> hallyn: probably, although im not upset about it, just have to figure out something
<hallyn> can socat work for you?
<zul> hallyn: i think so
<zul> hallyn: thanks
<hallyn> cool, np
<stgraber> hallyn: ok, so I got an armhf to install and boot, well, boot until mountall explodes when tryin to talk to udev ;)
<hallyn> why does that explode?
<stgraber> mountall:mountall.c:3700: Assertion failed in main: udev_monitor = udev_monitor_new_from_netlink (udev, "udev")
<_Neytiri_>  i have bind9 set to do recursion but when i attempt to look up a domain i dont host it refuses the request how do i fix this
<cr3> zul: a while ago, I asked for a way for a kvm guest to access the host filesystem. I found a very simple solution: nc
<smoser> cr3, lame.
<smoser> you should have found a kvm exploit.
<smoser> that would be more general purpose.
<jjohansen> hallyn: would you have time to test a kernel, and if so would you like -generic, -server, i386/x86-64?
<cr3> smoser: if only you had suggested that when I first asked in the channel, you could've saved me so much time
<hallyn> jjohansen: -generic would be great
<jjohansen> hallyn: 64bit?
<smoser> cr3, and you'd be rich and famous
<hallyn> jjohansen: yes pls
<jjohansen> hallyn: okay, I'll kick it off and let it build while I have some lunch
<hallyn> jjohansen: cool.  this is for the detach problem?
<hallyn> i'll try it out later tonight then
<jjohansen> hallyn: yeah, see your mail
<hallyn> (fwiw i try to check mail 3-4x/day :)
<hallyn> stgraber: i wonder if it'd be safe to make /etc/init.d/lxc set -e
<stgraber> hallyn: sounds dangerous, why would you do that?
<hallyn> stgraber: bc it should fail if the network isn't set up right
<stgraber> hallyn: well, it should fail, not just stop there. So it should handle return codes where relevant and undo whatever it did, indeed, set -e would just leave the system half configured
<hallyn> stgraber: well, set -e + trap EXIT
<hallyn> i wouldn't be un-tidy
<stgraber> right, trap EXIT with a proper handler would be good
<hallyn> stgraber: actually i'm just going to do trap and set -e only for the net setup, then undo them
<hallyn> (it's just that adding 'if [ $? -ne 0 ]' after each stmt is ugly
<stgraber> hallyn: looks like if I multi-arch makedev and iproute, then I can get a container to boot (with upstart, mountall, plymouth and iproute being amd64 in the armhf container)
<lifeless> stgraber: that sounds unholy
<stgraber> hallyn: testing armel now as I'm getting weird qemu output that may be related to armhf support, maybe armel will complain a bit less
<_Neytiri_> how do i enable recursion in bind?
<stgraber> lifeless: well, if qemu-user-static was doing a better job it'd just work ;) sadly anything using ptrace() fails under it (that's why I need an amd64 upstart) and apparently netlink is a bit broken too (breaking most of the network stuff and udev)
<lifeless> hallyn: you can do statement || thingwhenfail
<lifeless> hallyn: as an alternative to if [ $? -ne 0 ]
<hallyn> lifeless: yeah, but then i want to cleanly unroll
<lifeless> ah, well thats different :)
<hallyn> lifeless: I'm thinking something like undo_network in http://paste.ubuntu.com/826916/
<smoser> hallyn, the thing i've done for your trap on exit, which stacks better
<smoser> is to set a global in that block of code
<smoser> and then always trap exit and just check it.
<smoser> note, that sh doesn't handle EXIT as well as bash
<smoser> if user ctrl-c's it
<hallyn> smoser: thing is i'd like to keep changes against debian's version as simple as possible.  and they don't have the whole network bit.
<hallyn> now, maybe i should switch to upstart...
<smoser> ah.
<hallyn> smoser: i like the trick though.  will keep it in mind.
<hallyn> stgraber: so i added an updated lxc.init to lp:~serge-hallyn/ubuntu/precise/lxc/lxc-start-checkperms
<stgraber> hallyn: ok. I'm finishing to deal with some multi-arch issues to at least upload something that kind of boot instead of crashing and dumping you in a root shell
<hallyn> hurray for root shell
<stgraber> my fallback plan is to put a job as "start on startup" explaining that qemu-user-static is a bit limited and that the rest wouldn't boot ;)
<stgraber> then start getty and that's it
<rremer> I don't have the /desktop directory key in my gconf schema.  What package do I have to install to get that?  (specifically, I'm looking to be able to edit menu shortcuts: /desktop/gnome/interface:can_change_accels)
<rremer> I've installed GNOME, but the key is not there still.
<melter> has there been a change in how networking is configured in pangolin?
<melter> anyone know why dns resolution isn't working in a new pangolin alpha 2 install?
<RoyK> melter: does "host google.com" work?
<stgraber> hallyn: yeah! got the container to boot "cleanly", I just need "upstart:amd64 mountall:amd64 iproute:amd64 isc-dhcp-client:amd64", so that's pretty much all of what's using netlink
<stgraber> melter: did you run "sudo start resolvconf && reboot" as per the release notes
 * hallyn isn't quite sure whether th cheer or not :)
<stgraber> hallyn: well, it's better than nothing (I guess), but having ptrace() and netlink support in qemu-user-static would be magic ;)
<hallyn> :)
<melter> stgraber: "start: Job is already running: resolvconf"
<melter> RoyK: no
<stgraber> melter: ok, is that the first or second boot of the machine?
<melter> stgraber: i've already rebooted several times
<melter> so it wasn't the first
<stgraber> melter: ok, so that's probably not the resolvconf race condition then. Can you confirm /etc/resolv.conf is a symlink to /run/resolvconf/resolv.conf?
<melter> stgraber: yes
<stgraber> melter: can you post your /etc/network/interfaces to a pastebin?
<melter> stgraber: http://pastebin.com/hsjQbwgb
<melter> it's the same as a 11.10 production machine, except the static ip is different
<stgraber> melter: I'm hoping you didn't get that as a result of the installer?
<melter> stgraber: no
<stgraber> good, because it's wrong (on 12.04)
<stgraber> well, not really wrong, rather incomplete
<melter> stgraber: ah, ok
<stgraber>  /etc/resolv.conf is managed by resolvconf now
<stgraber> so anything you write to /etc/resolv.conf will be lost after a reboot
<stgraber> you need to use:
<stgraber> dns-nameserver 8.8.8.8 8.8.4.4
<stgraber> *dns-nameservers
<stgraber> and dns-search my.domain.com
<stgraber> in /etc/network/interfaces
<melter> so it isn't done automatically anymore?
<stgraber> well, we weren't doing anything automatically before, /etc/resolv.conf was a static file
<stgraber> now it's a dynamic file, so your DNS configuration needs to be in /etc/network/interfaces for resolvconf to configure resolv.conf properly
<melter> stgraber: thanks, that worked
<melter> is there a better way to set a hostname and static ip than editing that file?
<stgraber> melter: well, the hostname should be in /etc/hostname and /etc/hosts but all the network configuration should indeed be in /etc/network/interfaces
<stgraber> melter: you can get that file generated for you if you install using the static configuration
<melter> ok, thanks
<stgraber> hallyn: uploaded the remaining bits, hopefully in an hour or so I can test, then upload LXC
<jjohansen> hallyn: I hit a snag with the test kernel I'll get you a build tomorrow
<melter> in pangolin alpha2, "apt-get autoremove --purge -y g++" fails with "g++ is already the newest version."
<SpamapS> Hmm, I'm trying to get a VM to pxe boot.. never seeing the DHCP requests on virbr#
<adam_g> SpamapS: bug #924446
<uvirtbot> Launchpad bug 924446 in libvirt "STP enabled on bridge results in unreliable PXE boot of guests" [High,Fix released] https://launchpad.net/bugs/924446
<adam_g> SpamapS: apparently a bug in libvirt thats been fixed upstream and will be cherrypicked back thanks mr. hallyn
<SpamapS> adam_g: good to know!
<SpamapS> so if I had dist-upgraded today, I wouldn't have this problem
<adam_g> SpamapS: only one way to find out?
<SpamapS> adam_g: a Mutha****in MONTAGE!
 * twb quietly remove's SpamapS' caffeine drip bag
<SpamapS> twb: I switched to guarana and horny goat weed 2 hours ago
 * SpamapS goes off to find some Yerba Mate
<hallyn> SpamapS: I only pushed the change a few hours ago
<SpamapS> hallyn: oh ok cool, well glad that the fix won't bite anyone else... cost me about an hour and two small patches of hair on the top of my head ;)
<_godhelpme> hi could i get some help setting up permissions
<hallyn> SpamapS: it's been broken for awhile, odd that everyone notices at once :)
<SpamapS> hallyn: I think only recently we've wanted to pxe boot our vms
<_godhelpme> how do i make it so that if a user makes a file it will by default create it so that the owner would be user and the group would be newgroup
<starlocke> there's that PGP key server concept... is there anything similarly centralized for SSH keys...?
<SpamapS> DEBUG:root:Test b4d2d6e6-af86-4772-b645-9d835382130c failed to execute within 20 minutes
<SpamapS> durn it.. my poor machine couldn't finish the install in time. :-P
#ubuntu-server 2012-02-03
<caution> how can I measure disk activity?
<Zal> caution, iostat
<stgraber> hallyn: lxc uploaded
<twb> i pxe boot everything
<twb> I'm even going to be PXE booting the PXE servers soon
<twb> Because there's scalability issues serving more than one or two /24's from a single PXE server, so I'm gonna put in one per /24 and have it boot itself off the master server, then cache all the desktop's PXE rootfs's in RAM.
<twb> Cool, huh?
<starlocke> so... any ultrabooks worth getting excited over...?
<twb> My Asus TF101 meets my key requirements of running Ubuntu, having a decent keyboard and screen, and a long (20 hour) battery life, even if most of the other components are not working yet
<XevolX> hello
<josedb> hello, may i ask a simple question?
<chelz> josedb: go ahead. on irc you don't have to ask to ask.
<josedb> ok, this is: I have a server , and a dynamic ip (actually using dyndns service to connect throught internet). i want to send system emails (php, or any other daemon),. so whats the best option?
<josedb> i want to use and external email account (using SSL for auth), is there any posibility?
<chelz> yes, there is a good package for that
<chelz> josedb: sSMTP
<josedb> ive tried postfix, but i found it very dificult to configure it, and very extensive for thiis use
<chelz> google for guides
<josedb> thank you so much, iam looking google right now
<twb> FWIW I have had much better experience with msmtp than with ssmtp
<chelz> twb: what was bad about ssmtp?
<twb> TBH I can't remember it was years ago
<twb> http://cyber.com.au/~twb/.msmtprc (although that's going down in a moment for scheduled outage)
<josedb> if i have problems witg ssmtp, ill try msmtp
<josedb> what about qmail, webmin has no module for ssmtp
<twb> Don't use webmin or qmail EVER
<josedb> no luck with ssmtp:   Cannot open mail.dulkre.com.ar:465
<chelz> twb: webmin okay, but not qmail? why?
<josedb> ok, fixed. Is it possible to send attachments?
<twb> chelz: because it's djb
<chelz> twb: haha :P
<twb> It's not free software, and there are strong alternatives (postfix/exim4)
<chelz> josedb: sure, just craft the message properly and cat base64'd (i think) version(s) the attachment(s)
<chelz> twb: ah right, that license does leave quite a bit to be desired
<twb> hallyn: I just upgraded my LXC server from 2.6.32-32 to 2.6.32-38 and *it works*!  Thanks to you and whoever else got that vsftpd "fix" dealt with
<hallyn> twb: glad to hear it.  Fraid I can't take any credit, kernel patch by Tetsuo Handa made the difference.
<twb> btw do you remember the sysctl setting to limit the number of containers or something?
 * twb digs out the bug ticket mail
<hallyn> netns_max ?
<twb> Ah, it's set to 1024 by default in -38 anyway, so I am safe
<mattwj2002> hi guys
<mattwj2002> ufw sucks (or at least my ability to get it to block stuff does)
<mattwj2002> I am wondering if I need to use iptables
<mattwj2002> anyone here?
<erichammond> mattwj2002: You might get more responses if you asked a question with specific information about your situation.
<mattwj2002> okay
<mattwj2002> I am trying to get ufw to block access to the ntp to all but certain subnets
<mattwj2002> it isn't working
<mattwj2002> it doesn't stop the packets according to port scan
<mattwj2002> can anyone tell me how do the incoming and outgoing blocking?
<mattwj2002> I thought I had it figured out but maybe that is my problem
<twb> mattwj2002: is ntp served from the host running ufw, or is it behind it (i.e. the ufw host is the router) ?
<twb> -A FORWARD -p udp --dport ntp -s 1.2.3/24 -j ACCEPT; -A FORWARD -p udp --dport ntp -s 1.2.3/24 -j REJECT
<mattwj2002> ntp is serverd from the box running ufw
<twb> Ah, then INPUT, not FORWARD.
<twb> I don't know how those rules will translate into ufw idioms.
<twb> Obviously any useful ruleset is going to be default-deny, so the latter of those two rules is not strictly necessary
<starlocke> ububu.
<starlocke> it's symetrical.
<starlocke> sort of.
<osmosis> how do I fix  ureadahead-other  error on boot?
<saji89> I have been trying to set up a name based virtual host in pache on ubuntu 11.10, to a folder /var/www/test. But it keeps on pointing to /var/www only. How can I solve it?
<saji89> Hi all.
<saji89> Anyone?
<saji89> My virtualhost configuration file looks like this-http://paste.ubuntu.com/827328/
<SpamapS> saji89: you probably need to a2dissite default
<SpamapS> saji89: also do you have somewhere 'NameVirtualHost *:80' ?
<saji89> SpamapS: Ya its there in ports.conf
<saji89> SpamapS: My ports.conf looks like this-http://paste.ubuntu.com/827332/
<SpamapS> saji89: and you're putting in http://test.local/  to look at it?
<saji89> Yes-
<saji89> http://test.local/
<saji89> SpamapS: Am i missing something here?
<saji89> SpamapS: I just disabled the default virtualhost now.
<saji89> and something interesting is happening.
<saji89> SpamapS: test.local is pointing to /var/www
<saji89> SpamapS: But http://localhost shos the contens of /var/www/test folder
<saji89> shows*
<SpamapS> saji89: weird indeed.
<saji89> SpamapS: Yep.
<saji89> WIll the contents of /etc/hosts do any good?
<saji89> It might  be the cul[prit i feel.
<SpamapS> saji89: to test you can always just telnet in and manually do your request
<saji89> SpamapS: SOrry.
<saji89> SpamapS: How can I do that?
<saji89> SpamapS: My hosts file looks like this-
<saji89> http://paste.ubuntu.com/827338/
<RoyK> -18ËC
<saji89> SpamapS: I use likewise-open to connect my system to a windows server domian based network.
<saji89> SpamapS: It has added an entry in hosts file, maybe that is causing this trouble.
<SpamapS> saji89: possible.. hard to say. Unfortunately, I'm running out of energy.. so I'll have to leave you. :-/
 * SpamapS passes out
<saji89> SpamapS: Please man..
<nemo_nihil> anyone here that can help me set up and ec2 instance
<saji89> SpamapS: Atleast a hint ot where i should move next or check next.
<saji89> to*
 * saji89 hopes that SpamapS  resurrects
 * saji89 lost the hope.
<saji89> Anyone else , any idea?
<saji89> SpamapS: Thanks for your time ma.
<saji89> SpamapS: man*.. Bye.
<soren> saji89: First of all, you should make sure you're not seeing cached responses. What are you using to test?
<saji89> soren: You mean web browser? Firefox 9.0.1, it it.
<soren> saji89: You should use something like curl or wget to make sure.
<saji89> soren: How can i use it?
<soren> curl http://test.local/
<soren> That's it :)
<soren> saji89: Anyway, have you touched httpd.conf or apache.conf at all?
<saji89> soren: Nope.
<soren> Greatk.
<soren> saji89: Can you pastebin the output of "grep . /etc/apache2/sites-enabled/*", please?
<saji89> soren: SUre..
<soren> (If there are multiple files, using grep this way will show me their filenames and they'll also be listed in the order in which they're read)
<soren> ...and please don't remove anything from without telling me.
<saji89> soren: Ok.
<saji89> soren: interstungly output of only one file show up-
<saji89> soren: http://paste.ubuntu.com/827362/
<soren> saji89: Is that surprising? Is there more than one file in there?
<saji89> soren: Yes.
<saji89> soren: http://paste.ubuntu.com/827365/
<soren> saji89: That's sites-available.
<soren> saji89: Not sites-enabled.
<saji89> soren: Oh sorry..
<soren> Anyway, pastebin "ls -l /var/www/test"
<linocisco> what is GNU linux? I dont know about it well. I know only Debian based and Redhat based. what is GNU based?
<saji89> soren: http://paste.ubuntu.com/827366/
<soren> saji89: Ok. What does "curl http://test.local/check.php" say?
<saji89> linocisco: Everything is GNU Linux. Linux is the kernel we use in all linux distributions, which is actually GNU linux. GNU stands for "GNU is Not Unix".
<linocisco> so what is the android based? Redhat or Debian ?
<saji89> linocisco: Redhat, DEbian is based on GNU Linux Kernel.
<soren> saji89: What does "curl http://test.local/check.php" say?
<saji89> linocisco: And even Android uses a modified version of GNU Linux Kernel.
<saji89> soren: Am installing curl now.
<soren> saji89: Oh, ok :)
<linocisco> soren: what GNU linux ? there are only two . Redhat or Debian , Am I right?
<soren> linocisco: There are probably hundreds of linux distributions.
<soren> linocisco: And you're in an Ubuntu channel. Clearly, there's more than RedHat and Debian.
<saji89> soren: http://paste.ubuntu.com/827372/
<saji89> soren: Its output of phpinfo() function, as i had put in that test file.  :)
<linocisco> soren: yes, soren. we can only install with .deb or .rpm apart from tarball. .so only redhat based or debian based. right ?
<soren> linocisco: N.
<soren> No.
<soren> saji89: Great, so everything works?
<saji89> soren: Ya now it works fne.
<saji89> soren: DOn't know what happened?
<saji89> soren, WOuld it be browser cache?
<saji89> soren: I had even posted a detailed question in askubuntu.com http://askubuntu.com/questions/101030/apche-virtualhost-keeps-pointing-to-default-directory   :)
<chelz> linocisco: linux kernel + gnu tools = gnu/linux or gnu+linux. if it doesn't have gnu then it isn't. android uses other tools, some custom. check wikipedia for more.
<saji89> linocisco: Check this out for a simple answer-http://searchenterpriselinux.techtarget.com/definition/GNU-Linux
<soren> saji89: Maybe. Don't know.
<saji89> soren: Anyways thanks man...
<linocisco> soren: tango yankee
<linocisco> saji89:  Tango Yankee
<saji89> soren: Thansk for the curl tip
<saji89> soren: Thanks, for the curl tip.
<saji89> soren: Still one issue exists though.
<chelz> saji89: if for some reason you can't use curl, wget works also with    wget -O - http://example.com
<saji89> soren: http://localhost also points to /var/www/test
<linocisco> what is the difference between ubuntforums.org and askubuntu.com?
<chelz> linocisco: different format but generally for the same purpose. different accounts too i think
<linocisco> chelz: so different registration required?
<chelz> linocisco: i think so. sharing accounts would be pretty difficult for them
<saji89> chelz: Thanks..
<linocisco> chelz: what about openID?
<chelz> linocisco: ubuntuforums is pretty backwards, i'd really be surprised if they started supporting openid
<saji89> soren: I enabled 'default ' again..
<saji89> soren: Now everything is fine
<linocisco> chelz: ok thanks. only IRC is interactive
<saji89> Thanks guys...
<osmosis> how do I stop services from starting at boot
<osmosis> anyone know how to troubleshoot courier-imap saying  Error in IMAP command received by server.
<osmosis> this postfix mysql setup isnt working. maybe im going about this wrong. for virtual domains, should I just be using Maildir?
<HermanDE> Anybody have a working TProxy system with 11.10?
<lynxman> morning o/
<greppy> osmosis: I prefer maildir, but I also prefer dovecot to courier.
<osmosis> greppy, I was looking at  https://help.ubuntu.com/community/PostfixVirtualMailBoxClamSmtpHowto
<osmosis> greppy, any reason why you like dovecot?
<osmosis> does it have a web admin interface?
<greppy> I use froxlor as a web/mail hosting frontend control panel.
<greppy> froxlor.org has packages you can download.
<greppy> once you install froxlor, there are step by step, copy&paste configurations to make to get postfix & dovecot working.
<osmosis> hmm. tempting
<osmosis> can it do billing too?
<greppy> nope
<greppy> not yet.
<greppy> it's on the todo list :)
<greppy> another option is http://www200.pair.com/mecham/spam/
<greppy> I've used that on it's own before, and also tweaked it to work with ubuntu & froxlor
<osmosis> i spent the whole day on postfix /courier-imap.  i just get failed logins, and there is no error log trail
<osmosis> froxlor looks strong
<osmosis> has debian packages, but not ubuntu
<greppy> they work fine on ubuntu :)
<greppy> I have it in production for customers right now.
<taipres> sudo /etc/init.d/apache2 stop
<taipres> says it stopped it but it's still running
<taipres> any ideas?
<dns53> is it a zombie process?
<taipres> yeah
<taipres> top shows it
<taipres> 2 of them running
<taipres> finally got it, thanks
<taipres> don't know how tried kill -9 million times, but whatever works
<dns53> apache can do that occasionally, it is worse with things like oracle ebusiness suite
<Myrtti> I'd try "sudo service apache2 stop" first tho
<soren> taipres: zombie processes are already dead. Can't be killed.
<soren> taipres: To get rid of them, you need to kill their parent process.
<soren> They're left around as zombies because their parent hasn't called wait() on them.
<soren> ...and when you kill the parent, init adopts it.
<soren> ...and init knows how to deal with it.
<dns53> talking about zombie processes i caused one with bash auto complete
<kj> hi
<dns53> hey
<kj> hi room
<kj> hows everyone here
<bastidrazor>  breaking a sweat.. its alright
<kj> lol
<gary_poster> hallyn (I hope this is before the start of your day, so reply when you get a chance :-) ), hi.  Would it be worth seeing if I can escalate kernel bugs 925028 and 925024?
<uvirtbot> Launchpad bug 925028 in lxc "apparmor breaks lxc-start-ephemeral (apparmor+overlayfs returns -EINVAL)" [High,Confirmed] https://launchpad.net/bugs/925028
<uvirtbot> Launchpad bug 925024 in lxc "apparmor makes it impossible to install postgresql-common on Precise" [High,Confirmed] https://launchpad.net/bugs/925024
<zul> morning
<bigjools> fwereade_: around?
<fwereade_> bigjools, heyhey
<bigjools> fwereade_: hi there.  I want to pull python-testtools into juju - can you think of any reason why I should not?
<fwereade_> bigjools, not offhand, what do you need them for?
<bigjools> fwereade_: makes testing a *lot* nicer
<bigjools> the matchers are much better than trial's standard test cases
<bigjools> this would only be a development dependency though
<fwereade_> bigjools, it might be slightly irritating to have two styles of TestCase... it would probably be best to check with niemeyer
<bigjools> fwereade_: it's not a different style of test case, I only want the matchers.
<bigjools> I'll see what he says
<Psi-Jack> Curious.. Is Canonical still supporting AppArmor, and contributing to it's future? I ask because I noticed SELinux stuff starting to creep into Ubuntu.
<jdstrand> Psi-Jack: absolutely. take a look at wiki.ubuntu.com/AppArmor
<andol> Psi-Jack: Well, this might not be a full answer to your question, but Debian are doing a bit of work on SELinux, of some which also end up in Ubuntu.
<jdstrand> Psi-Jack: Canonical has several AppArmor upstream developers in its employ and is doing significant work on AppArmor in general. It was under Canonical that AppArmor made it into the upstream kernel
<Psi-Jack> andol: Ahhh
<Psi-Jack> Nice. :)
<jdstrand> Psi-Jack: it is healthier than ever. Like andol said, we inherit thinsg from Debian, and we do want SElinux to work, but AppArmor is the officially supported and maintained MAC in Ubuntu
<Psi-Jack> Nice. Good to know, because I absolutely despise the over complexity that SELinux is.
<Psi-Jack> AppArmor, though, it isn't /quite/ as secure as SElinux itself is, it's not nearly as intrusive to the system by design, and is more neutral in setup, actually allowing you to work with any filesystem, even nfs, which SELinux can't do.
<Psi-Jack> I'm going to be working together basics to advanced documentation on AppArmor on my own site.
<SpamapS> jamespage: around?
<jdstrand> Psi-Jack: apparmor and selinux have had different requirements. apparmor behaves much like selinux's targeted policy, but without the complexity
<jdstrand> Psi-Jack: selinux is better in certain environments, such as MLS. it also has a concept of dbus mediation and Xace. apparmor can do a sort of mls, but it is more difficult to setup. work is ongoing for dbus and X security
<Psi-Jack> Heh nice.,
<jdstrand> for general use, apparmor works very well
<jdstrand> Psi-Jack: if you are documenting things for yourself, I suggest perusing http://wiki.apparmor.net/index.php/Documentation
 * SpamapS is hoping AppArmor + LXC becomes the new stanard for chroot jails. :)
<jdstrand> yes, that is actually an area that apparmor is leading
<jdstrand> (aiui)
<hallyn> gary_poster: jjohansen is working on bug 925024.  Not sure it needs to be escalated.  He was going to have a test kernel for me today.
<uvirtbot> Launchpad bug 925024 in lxc "apparmor makes it impossible to install postgresql-common on Precise" [High,Confirmed] https://launchpad.net/bugs/925024
<hallyn> gary_poster: as for bug 925028, yeah, i suspect it will need to be escalated
<uvirtbot> Launchpad bug 925028 in lxc "apparmor breaks lxc-start-ephemeral (apparmor+overlayfs returns -EINVAL)" [High,Confirmed] https://launchpad.net/bugs/925028
<hallyn> that is, if you feel that lxc-start-ephemeral+apparmor is important
<hallyn> gary_poster: that is, we could set the policy so that lxc-start-ephemeral skips the apparmor policy.
<hallyn> (as a workaround)
<hallyn> mind you, the features are there, so the feb 16 FF deadline is not a problem here - we just need to shake out the bugs before rlease
<hallyn> in contrast, the apparmor mount restrictions are a new feature, so they need to hit (in some form) before feb 16
<gary_poster> hallyn, hm.  you are introducing apparmor not only as a nice way to tighten things down but because of real problems you've encountered with your sound card and so on, right?  If so, it seems like I'd prefer to have 925028 actually fixed, rather than apparmor disabled in that case.
<hallyn> gary_poster: the q would be, what workloads are you going to run in ephemeral containers
<hallyn> if it's all stuff you mainly trust and own, on secure networks, then it's not as important
<hallyn> you're right of course, our goal is all containers to be secure :)  but that isn't going to happen for *real* until 14.04 LTS
<hallyn> there *will* be ways to escape a container.  If only bc i haven't thought of them yet :)
<hallyn> (i do try to track them at wiki.ubuntu.com/LxcSecurity, and think all cases so far are covered by our planned features.  but...)
<gary_poster> 14.04: heh, ok.  what workloads: yeah, we mostly trust and do own. :-)
<hallyn> gary_poster: right, so while i'd like it fixed, we ahve to realize that fixing it will take time away from other kernel team efforts
<hallyn> gary_poster: so whether or not to escalate it i think depends on your needs.  It at least doesnt' sabotage the whole lxc apparmor plans, like the other bug does
<Psi-Jack> jdstrand: I'm writing a Basics 101 over now, but the overal purpose of my site is to educate others, from newbies to professional experts and what-not.
<Psi-Jack> Basically, I plan to have a more useful wiki than any other wiki out there. :)
<hallyn> (if bug 925024 doesn't get solved, we're in trouble)
<uvirtbot> Launchpad bug 925024 in lxc "apparmor makes it impossible to install postgresql-common on Precise" [High,Confirmed] https://launchpad.net/bugs/925024
<Psi-Jack> (One Ring to rule them all! heh)
<jdstrand> :)
<gary_poster> hallyn, fair enough.  So, I'm ok with disabling the apparmor profile for ephemeral, if you are willing to set that up.  I'm hopeful the bug won't be lost though--I'd prefer not to have to keep replying to the "is this fixed by the new kernel" bot.
<hallyn> gary_poster: there is a tag we can set on the bug to make that bot shut up
<gary_poster> yeah I saw that
<gary_poster> I'll do that
<hallyn> thanks :)
<hallyn> gary_poster: i'll go ask apw in #kernel whether he has time to look at it.
<gary_poster> ok thanks hallyn
<hallyn> does it help you to have the workaround right now?  or can we wait and hope for a real fix?
<gary_poster> hallyn, we have automation disabling the apparmor entirely for us right now.  So we are not blocked; OTOH, we are also not testing further possible issues with apparmor integration
<hallyn> gary_poster: ok.  it's probably not worthwhile anyway given the more fundamental re-attach issue.  so i'll wait at least on that.  thanks.
<gary_poster> cool
<gary_poster> thank you
<SpamapS> "Telling someone that he looks very stupid, because he did something stupid is not a personal attack. It is a stating of the facts." -- Stefan Esser     LOL
<stgraber> hallyn: can you import my patch from yesterday's upload into your git tree?
<hallyn> stgraber: will do
<stgraber> hallyn: I also noticed another bug in lxc-create yesterday but haven't look exactly where it's coming from. If you run lxc-create -f with an invalid filename, it'll obviously fail but /var/lib/lxc/container will have been created (empty) and so will make the next lxc-create tell you it already exists
<hallyn> stgraber: i need to work on syncing some lxc-clone changes from upstream too (as we've diverted)
<hallyn> stgraber: sounds like bad cleanup on my part
<hallyn> boy, terrible lag here
<hallyn> stgraber: can i add your signed-off-by?
<stgraber> hallyn: yep
<hallyn> stgraber: patch pushed
<stgraber> thanks
<stgraber> hallyn: I'm going to try and blog a bit about LXC again, posting something on the foreign arch containers today and hopefully something on the upstart changes next week (hoping they get merged by then). The at some point after feature freeze (likely close to release), another post on everything that changed since Oneiric (I've been doing these since karmic/lucid, kind of useful to get an idea of what was done).
<hallyn> stgraber: sounds good.  i was thinking i should blog on the backing store changes.  i guess i better hold off on the apparmor ones.
<hallyn> stgraber: i do intend to write a server guide section on lxc.  if you're interested in working on that (proofreading/rewriting) lemme know :)
<stgraber> hallyn: yep, blogging on the backing store changes would be nice, and on apparmor/security for containers once we know exactly what we'll have for precise
<stgraber> hallyn: I'm happy to at least proofread, potentially contribute if I find the time (and have something useful to contribute ;))
<mrevell> bigjools, We don't really need a generic BAD state, do we? MISSING and FAILED_TESTS should cover pretty much everything. I'm struggling to come up with another BAD state that MaaS would be aware of.
<bigjools> mrevell: I don't think so
<bigjools> mrevell: I should have suggested AWOL instead of MISSING :)
<mrevell> Even if it is in a some other bad state, I'm not sure we'd have a way to distinguish it for 12.04.
<mrevell> bigjools, I suggested MIA :)
<smoser> woot. fun bug.
<smoser> https://bugs.launchpad.net/ubuntu/+bug/926160
<uvirtbot> Launchpad bug 926160 in ubuntu "precise cloud-images significantly larger than oneiric" [Medium,Confirmed]
<Vivek> I am getting some directories in /var/log/orchestra with the I.P Addresses of newly commissioned nodes.
<Vivek> I am interested in finding out which part of the orchestra or rsyslog source code creates those directories.
<uvirtbot> New bug: #926160 in ubuntu "precise cloud-images significantly larger than oneiric" [Medium,Confirmed] https://launchpad.net/bugs/926160
<RoyK> http://paste.ubuntu.com/827766/
<SpamapS> Vivek: I believe the default pre-seed just points installed machines' rsyslogd at the orchestra-logging-server, and then the configs that orchestra adds to the orchestra-logging-server's rsyslogd sorts them out by ip
<Vivek> So my issue is this
<Vivek> I have an 2 ethernet interfaces
<Vivek> eth0 in bridged more and eth1 in internal mode
<Vivek> I am running this on a virtualbox setup
<Vivek> I have configured dnsmasq to only server dhcp requests via eth1
<Vivek> I am seeing directories in /var/log/orchestra/rsyslog in with I.P Adresses also in the eth0 range.
<Vivek> /var/log/orchestra/rsyslog/10.x.x.x/2012/01/30/messages says
<Vivek> sorry its /var/log/orchestra/rsyslog/2012/01/30/10.x.x.x
<Vivek> The log messages say
<Vivek> Jan 30 18:22 10.x.x.x #015#012##015
<Vivek> Also /var/log/orchestra/rsyslog/2012/01/30/orchestra/messages says
<Vivek> Jan 30 18:22:30 orchestra sshd[6165]: Did not receive identification string
<Vivek> from 10.x.x.x
<Vivek> My eth0 is in the 10.x.x.x series and eth1 in 192.168.1.x series.
<Vivek> SpamapS: Any idea
<Vivek> ?
<Vivek> :)
<Vivek> I am following kirkland's blog to deploy orchestra fleets.
<kirkland> Vivek: check with roaksoax, who has more current info than me
<kirkland> Vivek: I rolled off of the Orchestra project and left Canonical a few months back
<Vivek> kirkland: Nice meeting you here.
<Vivek> kirkland: ok
<kirkland> Vivek: likewise :-)
<Vivek> I am Vivek Varghese Cherian
<kirkland> Vivek: roaksoax is your huckleberry now :-)
<Vivek> http://www.vivekcherian.com
<Vivek> I am with CSSCorp and we can Canonical's Channel Partners.
<Vivek> Sure, I'll get in touch with roaksoax.
<Vivek> What times are roaksoax available ?
<Vivek> I am in the Indian Standard Time ( + 5.30 GMT).
<Vivek> This is the first time I am getting a response in the channel and it's 10.20 PM here in India :)
<Vivek> I'll be leaving work in another 10 mins or so.
<Vivek> kirkland: Do you suggest that I send a mail to the list ?
<Vivek> s/can/are
<Vivek> Typo a few lines back :)
<kirkland> Vivek: yeah, mailing the list would be the best bet
<kirkland> Vivek: ah, right, I remember you from CSSCorp now :-)
<kirkland> Vivek: roaksoax was on holiday this week, I think he's back next week
<kirkland> Vivek: he's typically either in Peru or Miami
<Vivek> kirkland: ok
<kirkland> Vivek: I can point you to a few documents on Orchestra
<kirkland> Vivek: one second ...
<Vivek> Please do.
<kirkland> Vivek: https://help.ubuntu.com/community/Orchestra
<kirkland> Vivek: https://wiki.ubuntu.com/Kernel/Reference/Orchestra
<kirkland> Vivek: and if you've found by blog posts on orchestra, then that'll give you some background
<Vivek> kirkland: Thanks.
<kirkland> Vivek: you bet, good luck
<Vivek> kirkland: I need to say bye for now. Happy Weekend :)
<Vivek> Thanks SpamapS for your inputs as well.
<kirkland> Vivek: one more contact would be Daviey
<kirkland> Vivek: he's usually in a UK timezone
<kirkland> Vivek: if that timing helps you any better
<Vivek> ok
<Vivek> Bye for now
<lool> hey all!
<lool> ogra suggested that I ask here
<lool> The web indices for e.g. http://uec-images.ubuntu.com/precise/20120203/ which I think are generated from cdimage code say "For ARMv5t processors and above"; it's because for "armel" images we say "For ARMv5t processors and above." -- which was true in jaunty; since we don't really have any official ARM images for anything older than lucid which is ARMv7t2, I propose that we change it to ARMv7; is that ok?  would you rather have a different wording?
<lool> (gosh 309 people in this chan)
<ogra_> lool, also note that we dont have *any* plain armel (without subarch) images at all, i wonder how that got there
<lool> ogra_: they might have plain armel images with separate aki?  no idea
<ogra_> Daviey, ^^^ an idea ?
<lool> I can see the case statement in the cdimage code though, so it's easy for me to fix an obviously incorrect string  ;-)
<ogra_> feel free :)
<ogra_> i'm still confused why they are built though
<koolhead17> hi all
<lool> ogra_: Ok; so I'm taking your ack for it and doing the change to "ARMv7" and changing armel to armel|armhf; if it's an issue, ping me and I will revert it
<ogra_> no issue :)
<lool> oddly, that was already fixed in one of the two branches
<lool> looks like there's a fork of the code somewhere or on an out of date copy
<lool> well, I'll see; I've pushed the public branch updates
<ogra_> lool, oh, i think the cloud guys work off a fork, yeah
<ogra_> completely separate and not merged back yet iirc
<robbiew> lool: utlemming is the one to talk to
<utlemming> lool: I'll get that fixed
<utlemming> lool: I've update the string to "ARMv7"
<lool> utlemming: Could you add a case statement for armhf too?  (see public cdimage branch)
<lool> robbiew: thanks
<robbiew> lool: ;)
<lool> utlemming: In fact, our current implementation for cdimages.ubuntu.com has case statements by platform to distinguish OMAP, i.MX51 etc. which you might want to consider if your image is platform specific
<utlemming> lool: yup. We aren't quite ready to pulish the armhf images yet, but when we do, they will be identified properly.
<lool> Ok; thanks!
<utlemming> lool: for the armel images, we have a generic one, and then we have an OMAP one (which has the bootloader, etc) on it. But you're right, we could make it a bit clearer
<aljosa> in oneiric is it enough to change data_directory in postgres conf or is PG_DATA configured somewhere for init/startup scripts?
<kraut> hi
<kraut> is there any ppa for a newer openssl version? i'm looking for 1.0.1 which includes the padlock engine.
<bjf> roaksoax: http://pastebin.ubuntu.com/827959/    http://pastebin.ubuntu.com/827962/
<roaksoax> bjf: indeed weird. traffic gets denied apparently
<roaksoax> bjf: can you pastebin the squid config too please?
<bjf> roaksoax: i assume squid3 (i still have /etc/squid/squid.conf after the upgrade
<roaksoax> bjf: bug #924739
<uvirtbot> Launchpad bug 924739 in squid3 "after upgrade from oneiric to precise, previous squid config unused, cannot be used when relocated" [Critical,Triaged] https://launchpad.net/bugs/924739
<bjf> roaksoax: i'm emailing it to you since it's so large
<roaksoax> bjf: yeah seems to be an issue with squid rather than withorchestra as per the above bug report
<bjf> roaksoax: i copied the /etc/squid/squid.conf over the /etc/squid3/squid.conf and restarted squid. unfortunately i get the same error (i'm going to double check what i did)
<adam_g> bjf: try /etc/init.d/squid3 stop, squid3 -N
<adam_g> and paste output
<bjf> roaksoax: i wonder if part of the problem is that /etc/squid/squid.conf is a symlink to /usr/share/orchestra/conf/squid.conf
<bjf> adam_g: no output from the command. the cache.log is: http://pastebin.ubuntu.com/827990/
<bjf> adam_g: also squid3 is upstart now so: "stop squid3"
<adam_g> bjf: hehe yeah, init.d is an old habbit
<bjf> adam_g: i ran "squid3 -z" and "squid3 -N" and it seems to be running now, will give it  a try
<adam_g> bjf: (reads backlog) i was just working on bug 924739.. is there a bug for issue to get some context?
<uvirtbot> Launchpad bug 924739 in squid3 "after upgrade from oneiric to precise, previous squid config unused, cannot be used when relocated" [Critical,Triaged] https://launchpad.net/bugs/924739
<bjf> adam_g: no, i just upgraded and looks like i hit that bug
<bjf> adam_g: * it's alive *  on to the next issue but I think this one is fixed
<bjf> adam_g, roaksoax: thanks for the assist
<adam_g> bjf: np
<adam_g> roaksoax: we really need to make sure squid is transitioning smoothly for users, not just in context of orchestra but for ubuntu as a whole. issues like 924739  are going to bite *lots* of users
<adam_g> smoser: ^
<adam_g> are there any other packages that went through similar transitions in times past?
<smoser> bug 924739
<uvirtbot> Launchpad bug 924739 in squid3 "after upgrade from oneiric to precise, previous squid config unused, cannot be used when relocated" [Critical,Triaged] https://launchpad.net/bugs/924739
<smoser> adam_g, definitely some packages have gone through such
<smoser> zul, so...
<zul> libvirt-lxc console
<smoser> what i'm doing that was testing this was using: http://smoser.brickies.net/git/?p=tildabin.git;a=blob_plain;f=lxc-libvirt-root;hb=HEAD
<smoser> and removing the '--console' at the end.
<smoser> so it didn't connect to that console
<smoser> then...
<smoser> i was just booting cirros root with it
<smoser> and then doing whatever was supposed to "flush console"
<zul> smoser: right but the xml is different from what i use in openstack
<smoser> zul, you have an example of what you have for lxc domain?
<zul> smoser: yeah gimme a sec
<smoser> well, you have:
<smoser>         <console type='pty' tty='/dev/pts/2'>
<smoser>             <source path='/dev/pts/2'/>
<smoser>             <target port='0'/>
<smoser>         </console>
<smoser> but that is almost certainly wrong
<smoser> right?
<zul> smoser: http://paste.ubuntu.com/828010/
<smoser> zul, is that different than trunk ?
<roaksoax> bjf: anytime
<roaksoax> adam_g: indeed
 * roaksoax is experiencing wifi issues
<zul> smoser: that is from trunk
<smoser> strange.
<smoser> because http://paste.ubuntu.com/828015/ is what nova/virt/libvirt.xml.template looks like.
<smoser> so maybe libvirt just ignores the tty= stuff ?
<smoser> so anywahy...
<smoser> hm..
<smoser> zul, with your xml it doesn't change my experience
<smoser> so you can test that locally.
<smoser> it seems more direct path to me
<zul> interesting
<zul> ok ill play around
<ninjai> how can I completely reconfigure sendmail? I messed up my cfgs and I want to completely re-install it including configs
<ninjai> this is the line right here I see in the email header that I think is giving me problems: "Received: from mydomain.com (localhost [127.0.0.1])"
<ninjai> mydomain.com isn't my domain
<ninjai> well
<ninjai> it is in my windows network
<ninjai> but it used to say this: "Received: by atari (Postfix, from userid 1005)
<ninjai> "
<ninjai> makes no sense >:(
<ninjai> I've already completely reconfigured sendmail/postfix to no avail
<ninjai> Head is about to explode
<ninjai> I suspect the above reason is why we are being rejected by clients
<ninjai> clients' mail servers
<jjohansen> hallyn: http://people.canonical.com/~jj/linux-image-3.2.0-12-generic_3.2.0-12.21~aadentry_amd64.deb
<jjohansen> this is for bug#925028 but it should work for your other problems as well, consider it a fall back if I the simple labeling doesn't work out.  The patch for this will go in either way
<jjohansen> I haven't gotten back to fixing the labeling between USNs and the above, but I am going to get back to it now will have it for you monday morning
<hallyn> jjohansen: thanks.  tbh i dont' completely understand the labeling you're talking about
<hallyn> piloting this afternoon, will test tonight or tomorrow
<hallyn> gary_poster: ^ i suppose you could test that one as well if you have time
<gary_poster> hallyn, not this second, but can on Monday if you want
<gary_poster> hallyn, or in evening if necessary
<hallyn> gary_poster: no worries, i'll get to it then.  thanks.
<gary_poster> ok thank you hallyn
<hallyn> jjohansen: i'll reread your email and maybe the src to clue myself in better about the labeling.
<jjohansen> hallyn: I'll dig out the doc I have been working on, its far from finished, and I am sure has more than a few errors in it
<hallyn> thx
<adam_g> SpamapS: ping
<tdelam> hello, does anyone know of a good snooping/watch program to watch SSH users? I need to configure some stuff remotely on a server but I want to teach some juniors by allowing them to snoop while I set up.
<guntbert> tdelam: look at http://ubuntuforums.org/showthread.php?t=299286
<tdelam> thanks
<guntbert> tdelam: you're welcome :-) (and please don't cross-post in the future :-))
<tdelam> guntbert: I didn't mean to, I realized afterwards that my question has nothing to do with Ubuntu but Ubuntu server.
<guntbert> tdelam: its ok :)  no harm done
<tdelam> :) thanks, my apologies.
<tdelam> wow, that is pretty sweet.
<guntbert> tdelam: is it ok for you? btw thank you for giving me that idea :)
<Potatoe_> I am trying to do rate limiting with iptables but I can't go past about 20 in the hit count field. "iptables -I INPUT -p udp --dport 5060 -m recent --update --seconds 1 --hitcount 16 -j DROP" Any suggestion on how I could do this with 30 seconds and 5000 as the --hitcount ?
<tdelam> guntbert: welcome :) and yea it works flawlessly
<tdelam> I just tested it out, I'll make good use of this for training some guys on Monday
<guntbert> tdelam: so will I on the next occasion :)
<tdelam> I never knew I could do that with screen, it's very easy
<Chrysippus> Hello.  I'm in the process of evaluating servers.  Has Ubuntu-Server adopted the proposed move to systemd init and logging?
<kerframil> no
<kerframil> to put that it into perspective: https://undacuvabrutha.wordpress.com/2011/04/29/why-ubuntu-should-continue-with-upstart-for-11-10/
<Chrysippus> kerframil: Thanks for the link.  That's the answer I was hoping for.  I'm very new to Ubuntu -- is that an authroitative position?  It sound so, from content and tone.   I'm seeking a distribution with a server-centric community that'll server as a stable core on which to keep up to date with modern kernels and latest Xen.   The collection of L.P.-tech - from Pulse Audio, to Systemd, libcanberra, avahi, the list goes on - that's being blindly
<Chrysippus> adopted by some distributions has had me concerned.
<kerframil> Chrysippus: likewise
<kerframil> Chrysippus: I don't even like upstart particularly. in any case, jumping on to a bandwagon at that juncture would have been madness.
<Chrysippus> I'm not particularly well-versed in 'upstart' either.  My own requirements with regards to init & syslogging are -- let *me* sensibly manage server daemons, stop breaking things, and stop messing with rsyslogd.
<kerframil> Chrysippus: amen!
<kerframil> Chrysippus: things such as these are bothersome also: https://bugs.launchpad.net/ubuntu/+source/plymouth/+bug/531331/comments/18
<uvirtbot> Launchpad bug 531331 in plymouth "Remove plymouth destroying system" [Undecided,Invalid]
<Chrysippus> Is Ubuntu-Server targeted more as server distro to be used as provided, or one on which more modern packaging & backports are readily available, &/or source builds from upstream projects don't require endless patching?  I'm specfically looking to Xen.  I've found binaries in Ubuntue packaging for 4.1.1 so far, which lags behind upstream.
<hallyn> rbasak: I'm confused on bug 879666.  Is there any reason not to JFDI?
<uvirtbot> Launchpad bug 879666 in nova "chown error for console.fifo when launching vm" [Medium,New] https://launchpad.net/bugs/879666
<kerframil> Chrysippus: I can't give a neutral answer, as I am someone who administers Ubuntu simply because I have to. I don't think it's targetted at all; rather, I think it prevails on branding. obviously, you should draw your conclusions based on your particular needs.
<hallyn> jtaylor: tbh i was hoping stgraber or slangasek would look at that one.  but maybe i should man up...
<hallyn> (oops, wrong chan)
<Chrysippus> kerframil: I'm in the process of gathering data, so that I might draw those conclusions.  I don't particularly trust neutral answers.   I'm more a fan of opinions based on expertise and opinion.  But noted.
<kerframil> Chrysippus: well, let's just say I wouldn't want to irk anyone in the course of expressing my views ;)
<Chrysippus> kerframil: Shame that that's the way of things these days, but understood.
<kerframil> Chrysippus: you mentioned building a custom kernel. that's a requirement in these quarters for several reasons, one of which is that the stock kernel crashed on us from time to time. packaging and distributing a kernel isn't so hard, but I had issues with userland hanging (plymouth related and where I knew the kernel itself wasn't to blame). now, I see to have a solution though gutting out various upstart scripts entirely.
<kerframil> Chrysippus: this process is now enshrined in a puppet manifest
<kerframil> seem*
<Chrysippus> Are 'modern' kernels (e.g., 3.2.x + pvops) available in Ubu-Server packaging?
<kerframil> Chrysippus: you could try looking through the personal package archives collection I suppose. if you know how to build a kernel, I really wouldn't bother. the more distros I experience, the more I find the downstream process to be a hindrance rather than a help to getting things done. building a kernel isn't hard and, to be fair, the make-pkg utility does package it up into a deb without undue fuss.
<Chrysippus> kerframil: On Solaris, I never bothered with kernel builds.  On FreeBSD, kernel builds were trivial.  I assume there's not too great of a difference for Ubu-Server, or Linux in general.  Adding Xen into consideration complicates the details a bit.
<kerframil> make-kpkg, sorry
<cwillu_at_work> Chrysippus, ubuntu has vanilla kernel debs available of everything including rc's and nightlies
<cwillu_at_work> no security updates on them beyond what kernel.org releases though
<kerframil> Chrysippus: if you have that kind of experience, you can adapt to Linux easily enough. at the end of the day, you can unpack sources, configure and make without faffing around with distro idioms. as I say, debian/ubuntu's make-kpkg tool does work fairly well if you want to distribute. I'll give it that.
<cwillu_at_work> http://kernel.ubuntu.com/~kernel-ppa/mainline/
<kerframil> cwillu_at_work: not that I'd use these (need certain patches) but good to know, thanks
<Chrysippus> cwillu_at_work: And the rest of UbuServer runs relatively happily on top of these vanilla kernels?  From my reading, that's not the case with all Linux distros.
<cwillu_at_work> Chrysippus, it's the case with most
<cwillu_at_work> I actually run pretty much all my machines off those kernels
<kerframil> Chrysippus: I found it to be awkward for the reasons noted above. if you want the details, feel free to drop me an email. been a long day and don't really want to go through the particulars. there are a few things you have to be careful about, for instance devtmpfs support is a requirement.
<kerframil> Chrysippus: I can boot reliably now - and without an initramfs
<Chrysippus> cwillu_at_work: Any of them running modern Xen, if I may ask?
<cwillu_at_work> Chrysippus, I use kvm
<Chrysippus> kerframil: I'll keep the offer in mind, thanks.  May revisit, but need to do my homework first.
<Chrysippus> At the very least, it sounds like "here" there's a community interested in and focussed on server issues.  A lot less chatter re: desktop apps.
<kerframil> Chrysippus: the endless desktop churn is a veritable yawn fest to me also
<Chrysippus> For use cases such as we've been chatting about, what about the "UbuServer vs Debian" choice? I have zero interest in the religious wars between communities, and am only interested in the functional advantages of one versus the other.  Much of what I've read about Canonical/Ubuntu contributions has been focussed on the desktop user.  I simply do not yet know what, if any, are the substantive differentiators on the server-side.
<Chrysippus> Sorry kerframil ^^
#ubuntu-server 2012-02-04
<kerframil> Chrysippus: I'm tuning out; perhaps another time
<Chrysippus> Thanks for the time.
<Lazerath> Hello, I have ubuntu server on a 7 disk scsi raid stack. I recently moved and when i turn the server on i get a grub shell.
<Lazerath> grub is on the hd0,1 disk,part
<Lazerath> well boot is actually /
<Lazerath> and it is there
<SpamapS> adam_g: pong, sup?
<Danny_Joris> hi, I have an ubuntu vm. My vbox is set up to use eth1 (airport) but when I do ifconfig it seems like it's trying to use eth2, which isn't defined. When I modify /etc/network/interfaces all eth1 to eth2 , I can use the ip address. But only at work, and not at home. Any idea why?
<Danny_Joris> I'm home now and want to use my vm, but I can't access it through the host browser
<Lazerath> hmm well??
<adam_g> SpamapS: was wondering about the ceph charm, does it currently configure ceph do be capable of serving RBD?
<SpamapS> adam_g: in theory, yes
<SpamapS> adam_g: but it does not do any security
<SpamapS> adam_g: the only thing I've tested is the RADOS S3 frontend, which works fine
<SpamapS> adam_g: also the latest release has a much simpler way to configure the 'mon' servers, so the charm needs updating for that
<adam_g> SpamapS: hmm. okay. was just wondering wrt nicks comments on bug #923986, it looks like that might be a wishlist for the time being
<uvirtbot> Launchpad bug 923986 in charms "Charm needed: nova-volume" [Undecided,New] https://launchpad.net/bugs/923986
<SpamapS> adam_g: it may need to be higher than that, as ceph actually has a better chance of working in lxc than lvm
<adam_g> SpamapS: the object-store interface probably, but configuring and using RBDs in a container is probably no easier than LVM
<adam_g> SpamapS: AFAIK, when configured for ceph backend, nova-volume uses RBD pools instead of volume groups
<SpamapS> adam_g: right, which at least would just be a network resource. LVM is not namespaced by LXC, so the vg's have to be globally unique.
<SpamapS> adam_g: I have time allocated later in the cycle to improve the ceph charms.. I think this would be a good goal.. to make it work.
<adam_g> SpamapS: sure
<adam_g> SpamapS: in terms of merging the charm, is it reasonable to block on that?
<SpamapS> adam_g: no way
<draikx> How can I set the default site for my Ubuntu server when I get to it with an IP address?
<pmatulis> draikx: default site?
<draikx> I have 2 sites enabled. /var/www/{domainA,domainB}.com/
<draikx> I want domainA.com to be the default, not domainB.com
<SpamapS> adam_g: I'll take a look at the charm on Monday... the only thing that should block it is if it is totally broken or lacking proper documentation of copyright/license.
<adam_g> SpamapS: no rush, we're using regarldess :) was just curious about the ceph stuff
<pmatulis> draikx: sounds like you're talking about web sites, and probably apache
<draikx> pmatulis: Yes, that is correct.
<Lazerath>  +-966-
<SpamapS> adam_g: it will happen.. should be fairly straight forward actually
<ome> I managed to lose all /etc/apache2
<ome> and reinstalling/purge apache2 didn't help.
<ome> How would I get them back ?
<ome> !help
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<ome> Ah solved.
<shauno> ome, you found apache2.2-common?
<ome> shauno: yup that was the solution. I was only purging the apache2 and not apache2.2-common. /faceplam.
<Psi-Jack> Hmm
<Psi-Jack> Anyone here savvy with AppArmor?
<Psi-Jack> I'm trying to figure out how I'd even begin to start coming up with apparmor profiles for pacemaker, which actually runs multiple server processes along with it, starting with /usr/sbin/corosync, and /usr/lib/heartbeat/stonithd|cib|lrmd|attrd|pegine|crmd
<ome> I mod php5 enabled, but still my php pages gets downloaded, I have AddHandler and AddType set as well.
<ome> s\I\I have
<hallyn> jjohansen: thanks!  both lxc+apparmor bugs are fixed by your new kernel
<hallyn> gary_poster: ^
<hallyn> stgraber: ^ *and* i'm no longer seeing those mysterious errors in syslog
<Psi-Jack> hallyn: Hmmm,
<hallyn> Psi-Jack: (i'm closing down for the day - ttyl)
<draikx> I installed python-rsvg, but I can't find the binary to run it. What am I overlooking?
<electroon> hello everyone
<linocisco> hi
<linocisco> hello
<linocisco> as I have no desktop to install server, I am now trying to install 10.04 LTS on my Lenovo B450 laptop. During the installation, it said no network driver found. what to do ? where to download ?
<Lcawte> Grrr, I've tried like a hundred and one tutorials, and still nothing, does anyone have a link to a guide that lets me have local & virtual mailboxes?
<RoyK> Lcawte: life begins at 102
<RoyK> !mailserver
<ubottu> Ubuntu supports the Simple Mail Transfer Protocol (SMTP) and provides mail server software of many kinds. You can install a basic email handling configuration with the "Mail server" task during installation, or with the "tasksel" command. See also https://help.ubuntu.com/community/MailServer and https://help.ubuntu.com/10.04/serverguide/C/email-services.html
<RoyK> Lcawte: what mailserver? dovecot? cyrus? courier?
<Lcawte> RoyK: I don't really care, as long as I can have virtual mailboxes/users...
<RoyK> ok, so you haven't chosen one?
<RoyK> AFAIK all of them support virtual users...
<Lcawte> No... I've read a dozen and one guides (including a bunch off the Ubuntu wiki, got close, but they never completely work)
<RoyK> so have you tried dovecot and virtual users?
<RoyK> http://bit.ly/yNkuhC
<Lcawte> Yes, atleast two different guides..
<RoyK> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<RoyK> well, if you can ask a question about an issue instead of just whining, maybe someone can help...
 * Daviey says hello
<Lcawte> RoyK: ok, so I've just followed a guide with Courier + postfix, I go to add it with my mail client etc, I get past thunderbird's first attempt at checking the account, then when I click the inbox, theres a popup asking for my password, I've tried teh password I set it to in mysql & the encrypted version, but it doesn't like it..
<Lcawte> Feb  4 14:20:34 lcserv imapd: LOGIN FAILED, user=lewis, ip=[::ffff:81.111.40.66]
<koolhead17> hi all
<RoyK> Lcawte: still, the way of asking for help in here, is to be specific, as in problems with courier + postfix, and then the exact error message and pastbinning the config etc, but NOT whining about having tried a million HOWTOs and how bad the weather might be
<njbair> I want to create a startup/shutdown job specific to my application on a particular server. should I make an init.d script or is upstart something different?
<dravekx> njbair http://upstart.ubuntu.com/
<virusuy> howdy
<KristianDK> I'm having troubles setting up a bridged environment for KVM. I successfully have br0 running, but without "bridge_ports eth0", when i set that and run ifup br0, the entire network crashes and i have to manually edit the file by mounting the disk from another OS and changing /etc/network/interfaces
<KristianDK> Any idea how to debug this?
<SpamapS> KristianDK: what release of Ubuntu is this?
<KristianDK> SpamapS, 11.10 ;)
<SpamapS> KristianDK: when you say crashes, what do you mean?
<KristianDK> SpamapS, well, good question. Its a hosted dedicated server, and i loose connectivity
<KristianDK> tried to reboot it, but with bridge_ports eth0, there is no way that I can access the host via its normal IP
<SpamapS> KristianDK: well no wonder. :)
<KristianDK> SpamapS, what do you mean :) ?
<SpamapS> KristianDK: you probably want NAT mode for that. If I were your provider, I'd cut off a network port that is sending packets from unknown MAC's too. :)
<SpamapS> KristianDK: if your provider gave you enough IPs, you don't even need NAT, you can just go routed. How many IPs do you have?
<KristianDK> SpamapS, I have a /26 subnet, so around 62 free Ips, so I do have enough - what I am trying to do is indeed a routed setup, I thought that was what I was doing
<SpamapS> KristianDK: you don't use a real bridge for routed setups
<SpamapS> KristianDK: you want a virtual bridge with no real ports.
<Patrickdk> you can always go proxy-arp mode also :)
<SpamapS> KristianDK: since I doubt you'll need to run 62 VMs on one server, you can just segment to a /30 and put one of those IPs on the virtual bridge, then point all the vms at it as their default gateway, and route normally.
<Patrickdk> then you don't need to loose any ip's
<KristianDK> SpamapS, ok, I follow you, so how do I make a virtual port instead of a physical port? virtual_bridge_ports eth0? :D
<SpamapS> Patrickdk: yeah I'd suggest that if he needed all 62 inside the bridge
<SpamapS> KristianDK: I'd just let libvirt do this for you
<KristianDK> Patrickdk, I already set sysctl -w net.ipv4.conf.br0.proxy_arp=1 if thats what you mean?
<KristianDK> SpamapS, how would libvirt do this for me?
<KristianDK> that would indeed be optimal
<SpamapS> KristianDK: http://libvirt.org/formatnetwork.html  ... see the 'Example Routed network config'
<SpamapS> KristianDK: you'd create that xml, with your values instead of theirs, and then 'virsh net-create yourfile.xml'
<SpamapS> KristianDK: libvirt seriously makes this a bazillion times easier. :)
<KristianDK> SpmapS, if i then create a host on this virtual network, then I just set network settings as it was connected directly to the router, except gateway is the KVM host?
<KristianDK> SpamapS *
<SpamapS> KristianDK: right. If you're going to be creating a lot of hosts, its probably easier to just setup DHCP in the libvirt network definition
<KristianDK> SpamapS, Its no problem if I can set it up like that, I will anyway use puppet to configure the hosts, once i get some network to them :D
<SpamapS> KristianDK: automation is your friend. :)
<KristianDK> yeah :)
<KristianDK> anyway, got connection to the thing again, will just try the link you sent right away :(
<KristianDK> :) *
<KristianDK> SpamapS, I can safely remove <dhcp>â¦â¦</dhcp> right?
<SpamapS> lol
<stgraber> hallyn: cool!
<KristianDK> SpamapS, i still cannot connect from the VM to the KVM host - however, the KVM host at least does not crash right now :)
<SpamapS> KristianDK: did you segment the network appropriately?
<KristianDK> SpamapS, you mean set the right gateway/subnet settings for both host and VM?
<SpamapS> KristianDK: right
<SpamapS> KristianDK: as I suggested, its probably best to put the vms into a smaller segment.. unless you do actually plan to create more than 30 vms. ;)
<KristianDK> SpamapS, I do actually plan to do so :)
<KristianDK> But why would that be easier:
<SpamapS> KristianDK: because then you don't have to deal with proxy arp
<SpamapS> KristianDK: how big is this dedicated server??
<KristianDK> SpamapS, well, it is pretty big, but the VMs are gonna be really small instances, like 256 mb ram/each
<KristianDK> SpamapS, I will just try to make a paste bin with the network config
<SpamapS> KristianDK: I am dubious at the usefulness of such a limited machine.. but sounds interesting anyway. :)
<SpamapS> KristianDK: I will be signing off soon, but good luck. :)
<uvirtbot> New bug: #680248 in vlan (main) "Random VLAN subinterfacess fail to come up " [Undecided,Fix released] https://launchpad.net/bugs/680248
<uvirtbot> New bug: #802950 in txaws "no gui visible in unity" [High,Confirmed] https://launchpad.net/bugs/802950
<uvirtbot> New bug: #810600 in juju "Ambiguous endpoints error in ensemble add-relation or remove-relation is confusing" [Undecided,Fix released] https://launchpad.net/bugs/810600
<uvirtbot> New bug: #812343 in juju "formula exec env should include DEBIAN_FRONTEND=noninteractive" [Low,Fix released] https://launchpad.net/bugs/812343
<uvirtbot> New bug: #814987 in juju "resolved always executes hooks" [High,Fix released] https://launchpad.net/bugs/814987
<uvirtbot> New bug: #831058 in juju "orchestra FileStorage assumes no authentication required" [High,Fix released] https://launchpad.net/bugs/831058
<uvirtbot> New bug: #869945 in juju "upgrade broken for local provider" [Medium,Fix released] https://launchpad.net/bugs/869945
<uvirtbot> New bug: #872378 in juju "Provisioning agent stops watching machine changes in ZK" [High,Fix released] https://launchpad.net/bugs/872378
<uvirtbot> New bug: #873335 in juju ""network is already active" error when bootstraping with the local provider" [Medium,Fix released] https://launchpad.net/bugs/873335
<uvirtbot> New bug: #873540 in juju (universe) "Package needs to recommend all components necessary for operation of the local provider." [Undecided,Fix released] https://launchpad.net/bugs/873540
<uvirtbot> New bug: #873643 in juju "config values are re-set to their default values when only one is changed" [High,Fix released] https://launchpad.net/bugs/873643
<uvirtbot> New bug: #892548 in juju "missing "us-west-2" in schema definition" [High,Fix released] https://launchpad.net/bugs/892548
<uvirtbot> New bug: #926550 in juju "No way to test proposed updates to juju" [High,Triaged] https://launchpad.net/bugs/926550
<uvirtbot> New bug: #926772 in spamassassin (main) "no icon visual in unity and unity 2d" [Undecided,New] https://launchpad.net/bugs/926772
<KristianDK> SpamapS, yeah, its supposed to be used for product demos ;)
<KristianDK> but thanks a lot for your help
<uvirtbot> New bug: #905872 in juju (universe) "Cannot connect to EC2 instance after bootstrap" [Undecided,Incomplete] https://launchpad.net/bugs/905872
<SpamapS> uvirtbot: welcome back to earth... thanks for the flood
<uvirtbot> SpamapS: Error: "welcome" is not a valid command.
<KristianDK> SpamapS, in case you are still here, this would be the ifconfig of the KVM host: http://pastebin.com/yJLtr1ae
<SpamapS> oh wow.. cache='unsafe' is *awesome* for building a test VM
<SpamapS> KristianDK: ifconfig is a deprecated command. You would be well served by learning the 'ip' command
<KristianDK> SpamapS, what does cache=unsafe do?
<KristianDK> and ill check that one out then :)
<KristianDK> SpamapS, hmm, ip adds gives me the following for the virtual bridge i created: virbr1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN
<SpamapS> KristianDK: cache=unsafe allows the VM to just use the host's buffer cache for writes
<SpamapS> Which is great when you're testing the Ubuntu installer 12 times a day ;)
<Skaag> I have a directory I can't list, it stalls when I ls within that directory
<Skaag> any ideas what tool can help me look in that directory in a way that won't make the shell stall?
<KristianDK> SpamapS, i see LD
<KristianDK> :D
<Zal> Skaag, perl/python?
<Zal> Skaag, the find command will also probably work
<Skaag> doesn't work, an strace shows: lstat("cookie7IkFny", {st_mode=S_IFREG|0600, st_size=0, ...}) = 0
<KristianDK> SpamapS, ok, now i have some progress - i can actually ping and SSH into the vm from the host with the public IP, however, the VM cannot access the internet, and my local computer can't access the public IP of the VM either
<Skaag> there's millions of such cookie files in the directory :-(
<Zal> Skaag, what doesn't work?
<Skaag> find stalls as well
<Zal> Skaag, what find command are you using, and what error does it produce?
<Skaag> I use /usr/bin/find
<Zal> Skaag, with what parameters
<Skaag> no parameters
<Zal> Skaag, find requires that you specify a path, at the very least
<Skaag> find var/ of course
<Zal> Skaag, and what is the error?
<Zal> (and surely you don't want to list ALL of var/?)
<Skaag> there's no error, it just takes forever to list files
<Skaag> this is not the system's var
<Zal> Skaag, well sure, what do you expect?
<Skaag> it's the var/ directory if a web app
<Zal> ok
<Skaag> well, I am looking for a way to list files that will not wait to sort all files in the directory, and just show me what it fines one by one, even if the directory contains billions of files
<Zal> find doesn't sort
<Skaag> I don't understand then why it waits forever before starting to display the first file
<Zal> Skaag, I don't either, I've never seen that behavior with "find". Is there a specific file you're looking for?
<Skaag> i want to make a list of all the files beginning with cookie* so I can erase them
<Zal> Skaag, does 'find var/ -name "cookie*"' also fail to display anything immediately?
<KristianDK> yay, it works :D
<KristianDK> is there any way that i can tell vmbuilder what virtual network to use? --bridge doesn't seem to work
<OldManMagnus> hi. i'm trying to write some simple php extenstions using this guide... http://devzone.zend.com/303/extension-writing-part-i-introduction-to-php-and-zend/#Heading6 I've got everything set up and compiled and the guide tells me to copy it to /usr/local/lib/php/extensions/ which just doesn't exist on ubuntu. i'm not having much luck finding it either. anyone here know where to put my .so files?
<qt-dsa> which ubuntu server uses little memory ?
<bencer> anybody from -server team at fosdem?
<Skaag> zal: yah, with -name it works, because the expansion doesn't go through bash (which chokes on it)
<jcastro> smoser: your bug is invalid because the AMI browser went away and we just direct link to cloud-images.u.c
<jcastro> and it's obvious in that interface that 12.04 is alpha
<uvirtbot> New bug: #912589 in txaws "pytz should be dropped for dateutil as soon as epsilon is dropped for dateutil" [Low,Fix committed] https://launchpad.net/bugs/912589
#ubuntu-server 2012-02-05
<Duvrazh> Can anyone recommend a good log analyzer, with or with-out web viewing
<smoser> jcastro, well that sucks.
<smoser> why? the other was much nicer.
<jjmil03> hellp, anyone out there?
<jjmil03> hello, anyone out there?
<jjmil03> hello, anyone out there?
<jjmil03> hello, anyone out there?
<jjmil03> hello, anyone out there?
<Psi-Jack> jjmil03: Repeating the same question over, and over, won't get very good responses. :p
<jjmil03> i was trying to check if my firewall was stopping my connection
<jjmil03> thanks for the response
<patdk-lap> hell, actually asking a question *thats ontopic* would help
<patdk-lap> jjmil03, no idea, what firewall?
<jjmil03> I wasn't getting any responses on any channels I have tried so far...I didn't know if my computer's firewall was blocking this program or not so I was just trying a test message to see if I'd get something back or not
<jjmil03> i guess the other channel is just not responding to my question
<jjmil03> its on openldap...
<jjmil03> if anyone has messed with it, I'd appreciate some help
<patdk-lap> not in years
<KeyGruin> hi I want to move a domain name from a shared webhosting account to my ubuntu 11.10 server on an AWS EC2 instance. When I change the nameserver, do I use the Public DNS address given for my instance? or do I have to use BIND?
<dns53> so when you buy a domain you specify the domain server that manages that domain, you could either run your own bind instance or pay for someone to run a dns server on your behalf
<osmosis> what happens if I end up with two volume groups in LVM of the same name?
<dns53> osmosis how did you do this? taken a hard disk with an existing lvm setup and put it in a new machine?
<osmosis> dns53, correct
<osmosis> vgscan only shows one
<osmosis> not sure how to find the other one
<osmosis> dmesg shows the disk is available
<dns53> osmosis i'm not sure, it might be a good idea to remove the hard disk, rename the lvm and plug it back in
<dns53> you might be able to use vgrename but it might be safer to do it without the new disk
<KeyGruin> ok I was wondering because the public amazon address given for my instance is referred to as a Public DNS, and if I could just use that address to point my domain to
<KeyGruin> http://i.imgur.com/RHP4p.png
<osmosis> dns53, okay, so i havent it on a different server without a vgname conflict, but its still not showing in vgscan
<dns53> but who is hosting your dns? do you have your own domain?
<KeyGruin> oh the domain is with namecheap registrar
<dns53>  KeyGruin but you can create your own records?  i believe you should be able to set up a cname instead of an A record and have that cname record point to xxx.amazonws.com
<KeyGruin> well I have a complete new ubuntu server instance, just like a VPS, on Amazon Web Services - it's a free 12 month trial
<KeyGruin> I'm just new to this game, of setting up a public LAMMP server, never delved into the domain stuff
<dns53> KeyGruin well you can run your own bind instance on EC2, personally i pay someone else to run my dns but nothing is stopping you from doing it yourself
<KeyGruin> ok I am confused by one thing, why is the amazon address given to my instance referred to as a DNS? is that not a domain name server?
<dns53> yes amazon has a domain server and has assigned your vm a domain, you can use this but it is long and hard to remember
<dns53> i do not believe it is currently up (i have tried pinging the domain in the image) but you should be able to see it from the internet
<KeyGruin> yes that is why I want to assign another domain name to it, one I own but is currently attached to a free shared hostin plan I do not wish to continue with
<KeyGruin> it is up
<KeyGruin> but I don't have Apache configured yet
<dns53> the fact that amazon gives you an obscure entry for the server does not stop you from giving a better domain for the server
<KeyGruin> yes I am aware of that
<KeyGruin> I just don't know how to go about it
<dns53> can you login to namecheap and see if you can set up your own dns records? or can you only say what dns server holds the records?
<KeyGruin> I can yes
<KeyGruin> I don't know about setting up my own records but I can log in and change the dns addresses
<dns53> so you can create an A record?   point it to 23.20.29.213 (i believe this is your current ip address of your vm)
<KeyGruin> no clue
<KeyGruin> I am not at that level of understanding this
<dns53> ok so you will need to run bind on your server and set up the records there
<KeyGruin> ok
<KeyGruin> I'm looking at the ubuntu-server docs with that info
<dns53> so namecheap will point to you, you say with an A record that your ip is the domain
<dns53> so dns is flexible, it allows you to have multiple dns servers, pointing to multiple servers and different servers for sub domains for example
<dns53> when you buy a domain you specify the dns server that has the authority for your domain
<KeyGruin> which either has to be one created by myself on my own server or an external one that generally charges for the service, correct?
<dns53> yes
<KeyGruin> ok I think I have enough to go on without stumbling too blindly, thanks for the help
<dns53> dig is your friend,    dig domain.com     to see the records and see if it is working as expected
<KeyGruin> cool, ty
<jjmil03> when i do a list command, or help, the screen is small and scrolls through too fast to read anything
<jjmil03> is there a command to tell the terminal to only print so many lines to the screen?
<jjmil03> im using virtualbox too...it would be nice to increase the screen size too...if there is a command line way of doing this
<hex20dec> Can anyone help me setup my BIND DNS server?
<hex20dec> Please?
<ome> I have a weired problem that I assume it's somewho related to Apache-Ubuntu rather then Apache
<ome> Rewrite is loaded, .htaccess is read. but still none of my RewriteRules is applied.
<hex20dec> ome: try httpd.conf
<qman___> httpd.conf is not normally used in debian/ubuntu
<qman___> it's only there for support reasons
<hex20dec> Can anyone help me setup my BIND DNS server please?
<qman___> hex20dec, you'll have to be more specific
<hex20dec> qman___:Well, I'm having a lot of problems with my DNS stuff, I'm very new to the whole server management thing. I tired reading a lot of articles but it's really complicated and I just need to get it to work for basic things, so I just need to set it up in a simplified way.
<hex20dec> If you can help me that would be great.
<qman___> the server guide is about as straight forward as it gets
<qman___> if you're still having problems after following it, ask away
<hex20dec> Can you link me to the guide you're referring to?
<qman___> in the topic, the ubuntu server guide
<qman___> https://help.ubuntu.com/10.04/serverguide/C/index.html
<hex20dec> qman___: Any video? Lol, I'm a bit lazy on the reading.
<qman___> sorry, no
<hex20dec> Jk, there probably isn't. I'll just read.
<qman___> if you're too lazy to read, I'm too lazy to help
<hex20dec> Thank, though.
<hex20dec> No, it's fine.
<osmosis> is libguestfs and guestfish available on 10.04 LTS ?
<osmosis> are there any kernel parameters to automatically zero out any blocks after a file is deleted from it?
<qman___> osmosis, you could alias rm to shred
<osmosis> shred -z would probably be good for now, thx
<Zac_o_O> anyone have a good recommendation for a How-to for setting up SMB on ubuntu server?
<qman___> Zac_o_O, the server guide covers that pretty well
<qman___> if by SMB you mean samba
<Zac_o_O> oops, just found that right after I asked :S
<Zac_o_O> also is it possible to share a drive with both NFS and SMB at the same time?
<Zac_o_O> and yes SMB=Samba
<qman___> yes
<qman___> they do not interfere with each other
<Zac_o_O> really? great! even sharing the same folders?
<qman___> yes, the protocols are unrelated and there are no conflicts when sharing the same files
<Zac_o_O> cool.  thanks!
<qman___> the only thing you may run into are character encoding issues, special characters don't show up right on windows or may get garbled when used over one or the other
<qman___> nothing show stopping, a minor annoyance at worst
<Zac_o_O> hm.  but NFS is much faster correct?  especially for streaming movies over the network from the server....
<qman___> not necessarily, each has its own advantages
<qman___> SMB can generally achieve higher data rates, but NFS generally has better response times and is better for streaming and small files
<Zac_o_O> doesn't higher data rates = better streaming?
<qman___> NFSv3 is not secure
<qman___> but workgroup SMB isn't all that secure either
<qman___> no, streaming only needs enough data rate for the stream, lag spikes and disconnections are worse on it
<Zac_o_O> so generally NFS works better for streaming?
<Zac_o_O> like big .mkv's and such
<qman___> both work well enough over a gigabit LAN
<qman___> I've noticed over wifi that, for me, NFS works better
<Zac_o_O> hm.  guess if I can use both on the same files I can try them both huh? :)
<Zac_o_O> NFS and SMB i mean
<qman___> yes
<Zac_o_O> k thanks!  be back tomorrow
<Zac_o_O> have a good night
<TheNewMe> Hey, I need some advice on a server OS.
<qman___> !ask | TheNewMe
<ubottu> TheNewMe: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<TheNewMe> Hey, I was typing it.  I just thought I'd fire off a warning shot.
<TheNewMe> My friends and I want to make an FTTP fileserver so we can do web design on da cloudz.
<TheNewMe> How is wine with linux servers?
<qman___> wine is, generally speaking, a desktop application
<qman___> needs a GUI, etc
<TheNewMe> Yeah, we are going to have a GUI also.  It wont be a server only.
<TheNewMe> Is ubuntu-server GUI less?
<qman___> yes
<qman___> you can install one, but then it's not really a server anymore
<TheNewMe> Okay, I know my way around normal Ubuntu enough to do what I want.
<TheNewMe> Oh!  A purist!
<TheNewMe> Thanks.  Pointed me in the right direction.
<RoyK> qman___: erm... a server doesn't stop being a server if you install X on it...
<qman___> not strictly speaking, but that is one of only a handful of differences between desktop and server
<qman___> and since X is not supported in this channel
<qman___> well, you get the idea
<RoyK> qman___: I know, just wanted to underline that server functions don't die out at the time a GUI is installed
<dst_> Hiya.
<dst_> Could someone help me track down a problem with Postfix that I strongly suppose is PEBKAC?
<dst_> I've set up a mail forwarding domain and the according aliases, but Postfix keeps telling me that the user I'm trying to forward to is unknown.
<dst_> postmap -q virtual@addrees /etc/postfix/virtual returns the apppropriate forwarding address
<dst_> but still mail.log is all full of status=bounced unknown user
<lamont> and the map is in virtual_maps or such?
<lamont> postconf| grep virtual
<dst_> it's in virtual_alias_domains, as per http://www.postfix.org/VIRTUAL_README.html#in_virtual_other
<dst_> postfix 2 (2.7.0-1ubuntu0.2)
<dst_> oh, and virtual_alias_maps too
<lamont> and you reloaded (or restarted) postfix after making the changes, yes?
<dst_> yeah, restarting the service and rebuilding the virtual db files.
<dst_> like I said, this is going to be something very stupid.
<lamont> yeah, known to work and all that.
<lamont> nothing immediately springs to mind to check further though
<lamont> entries are user@full.domain.name   target@other.domain.name
<lamont> ?
<dst_> yes.
<dst_> Feb  5 19:17:28 samizdat postfix/error[1535]: 37A0960EF9: to=<ollie@kuvasuhde.fi>, relay=none, delay=0.24, delays=0.06/0.01/0/0.17, dsn=5.0.0, status=bounced (User unknown in virtual alias table)
<dst_> this is what I get when trying to email an user at the virtual domain that _isn't_ mapped
<dst_> and here's the should-be-working-one:
<dst_> Feb  5 19:18:31 samizdat postfix/virtual[1537]: 202E26107B: to=<olli@nonfiktio.fi>, orig_to=<olli@kuvasuhde.fi>, relay=virtual, delay=0.06, delays=0.05/0/0/0.02, dsn=5.1.1, status=bounced (unknown user: "olli@nonfiktio.fi")
<lamont> clearly a different code path, at least
<lamont> is nonfiktio.fi involved in the config at all?
<dst_> grep returns nothing.
<dst_> wait.
<dst_> you might be on to something.
<dst_> goddamn stupid, like I said.
<dst_> argh.
<dst_> somebody please give me a hammer with which to smack my forehead.
<lamont> happy to help. :D
<lamont> well, bored of watching dist-upgrade now, I'm going to wander back off
<dst_> thanks
<bobweaver> has anyone ever installed magento on ubuntu ? I can not get it to install when it asks for sql it will not connect to make a DB. Installed fine on deb and cent but not ubuntu. Any ideas ?
<bobweaver> I have been trying <- keyword to intergrate with openpanel/openapp http://www.openpanel.com/openapp/ but ... one day. Or do you or Any one know of any installer things like Fantastico for Webmin or Something that can "hold water" with cpanel ?
<acidflash> hello
<acidflash> i am seeing a     inet 172.13.1.1/32 scope global eth1
<acidflash>  on eth1 and I did not put this ip on eth1
<acidflash> how can i remove it ?
<pmatulis> acidflash: ?
<Psi-Jack> Okay, Why .... AppArmor's documentation is so minimal at best, it's not even funny! And now that Canonical staffs the AppArmor devs, this has seriously got to change.
<pmatulis> Psi-Jack: what's the problem?
<Psi-Jack> pmatulis: I'm trying to grasp a better understanding of AppArmor so I can make properly secure and effective AppArmor profiles, especially for Pacemaker which lrmd is the resource-agent manager that calls all sorts of external programs.
<JoeCoder> Hello, I'm using vsftp, but when a client uses the dir command, it gets back this:  https://gist.github.com/1748129
<JoeCoder> only some of the files show the modified time; others just show the date.
<JoeCoder> ideally I'd like to show the date and year for all files
<JoeCoder> so my comparrison tool can use the modified time to know when a file should be updated.
<JoeCoder> this happens whether I set use_localtime to yes or no.
<hex20dec> Please help anyone.... When going to "mywebsite.com" it downloads the php source code and when going to "mywebsite.com/index.php" everything is fine. I have already restarted apache. what now???
<_Techie_> when installing linux-igd via apt i get the following message when running upnpd without daemonizing  'upnpd: symbol lookup error: /usr/lib/libupnp.so.4: undefined symbol: TPAttrSetMaxJobsTotal'
<_Techie_> is anybody able to help me resolve this issue
<antnash> Hi guys. I'm having issues getting windows to access the samba shares on my ubuntu box. All it says is access denied if I try allowing specified users (and giving the correct unames/passes), or allow everybody. Can anyone shed any light on why?
<_Techie_> antnash: at a guess i would say its due to the file/folder permissions of your shares
<antnash> _Techie_: for the one share I have..... drwxrwxrwx
<antnash> I'm trying to access from windows 7
<_Techie_> antnash: then i cant really shed any further light on the situation, i have samba shares up that i access from win7, but i set mine up using webmin because im lazy
<antnash> webmin?
<_Techie_> antnash: web admin software, frowned upon by alot of people
<_Techie_> antnash: http://webmin.com/
<Psi-Jack> Curious, anyone here ever used Tomoyo, instead of AppArmor for application hardening in Ubuntu servers?>
<Psi-Jack> Heh.
<Psi-Jack> Flaming crazy stupifying.
<Psi-Jack> That fricken Tomoyo 1.7 patch provided in the tomoyo packages is just bleh!
<Psi-Jack> ubuntu 11.10 comes with linux 3.0.0, but the patch is for 2.6.x
<JanC> Psi-Jack: does there exist a Tomoyo patch linux 3.x ?
<Psi-Jack> JanC: Yeah, 2.3.x and 2.4.x
<Psi-Jack> And the AKARI stuff provides more Tomoyo support than mainline support.
<JanC> 3.x != 2.x
<Psi-Jack> That was AppArmor versions, not kernel versions.
<Psi-Jack> Err, Tomoyo versions
<Psi-Jack>  :)
<Psi-Jack> Tomoyo 2.3.x and 2.4.x supports 2.6.36 to 3.0 and 3.1 backported to 2.6.33 - 3.0
<Psi-Jack> Looks like Akari is it's future. heh
<Psi-Jack> Yeah, Akari seems to make use of Tomoyo 1.8 as a LKM, maybe via DLKM
<Psi-Jack> Err, dkms
#ubuntu-server 2013-01-28
<Vasa> escott: what filesystem type should i specify for the following command: mount -o remount,rw /dev/xvda1 /
<escott> Vasa, whatever is output as the fs type by "mount"
<Vasa> escott: /dev/xvda1 on / type ext3 (rw,errors=remount-ro,barrier=0)
<Vasa> does that mean its ext3?
<escott> Vasa, yes
<escott> Vasa, i know what it is
<escott> duhhh
<escott> mount -o remount,rw /
<escott> you dont put the device in a remount
<Vasa> i tried the command 	mount -o remount,rw /
<Vasa> escott: mount: cannot remount block device /dev/xvda1 read-write, is write-protected
<escott> so you have something strange with that device whatever it is
<escott> Vasa, if you put mount -t ext3 -o remount,rw /dev/xvda1 / its just going to end up back at the xvda1 is write-protected
<Vasa> yes i see
<Vasa> ok i will try something else
<Vasa> one second
<Vasa> escott: ok I will ask the administrator of the vps to look into the problem, thanks for your help
<dingo311> PeterGriffin: http://paste.ubuntu.com/1578462/
<PeterGriffin> dingo311: I'm think you shouldn't use dhclient
<PeterGriffin> it gets the ip from dhcp server which is the router
<PeterGriffin> how did you disconnected wlan?
<dingo311> PeterGriffin: the router should be setting ip's. apparently i have something thats not allowing that to happen. i dunno what tho
<MraAlbertina> Hi. on a i686 (x86), while compiling php-5.3 and getting the error "Cannot find libmysqlclient under /usr" from ./config line "--with-libdir=/lib/x86_64-linux-gnu" should i change it to "--with-libdir=/lib/i386-linux-gnu/"?
<MraAlbertina> psst psst... wake up, smell the trophy :p
<MraAlbertina> i went ahead and did it the way i wrote... and no smoke from the system
<MraAlbertina> yet
<keithclark_> How do I enable cups administration over the local network.  When I try to access it via xxx.xxx.xxx.xxx:631/admin I get 'Forbidden'
<escott> keithclark_, /etc/cups/* enable remote administration
<damrock> no mainline kernel adaption with ubuntu patches?
<keithclark_> escott, I'm not sure what you are telling me here
<escott> keithclark_, remote administration is disabled by default presumably in /etc/cups/cupsd.conf
<escott> keithclark_, localhost:631 will work but not 192.168.1.1:631
<keithclark_> escott, I'm trying to access cups via a another computer on the network.  It is running on a headless server
<escott> yes
<escott> keithclark_, and i would repeat that remote administration is disabled by default
<escott> you must enable it first
<keithclark_> >Yes but >I'm not
<keithclark_> Yes, but I'm not sure how to turn it on
<escott> keithclark_, yes but you are "to access cups via a another computer"
<escott> keithclark_, im telling you to look in /etc/cups/cupsd.conf
<escott> keithclark_, grep -C5 local /etc/cups/cupsd.conf
<keithclark_> escott, you are losing me here
<escott> keithclark_, have you looked at the file /etc/cups/cupsd.conf
<keithclark_> yes
<escott> keithclark_, and did you see this bit
<escott> # Only listen for connections from the local machine.
<escott> Listen localhost:631
<keithclark_> There is no line like that
<escott> keithclark_, you need to read "man cupsd.conf" that much is clear
<keithclark_> I did\
<keithclark_> And this https://help.ubuntu.com/11.10/serverguide/cups.html
<keithclark_> Maybe a bug in Ubuntu 12.0?
<keithclark_> 12.0?
<keithclark_> 12.04?
<escott> keithclark_, which is probably not going to mention remote administration but the Listen directive in the configuration is what you need to be looking at
<keithclark_> Listen /var/run/cups/cups.sock
<keithclark_> That is the only 'Listen' line in the file
<pmp6nl> Hello, is 775 good for public_html?  Thanks
<escott> keithclark_, then it is only listening to that file. and you can't access that file from a remote machine so...
<keithclark_> So what?  Add Listen ip:631?
<escott> sure
<keithclark_> didn't work
<escott> you havent notified the server you changed its config files
<keithclark_> I restarted the cups service
<escott> then the ip address you put in is incorrect or you have a firewall blocking
<keithclark_> No firewall
<keithclark_> IP is confirmed
<escott> keithclark_, netstat -lt
<keithclark_> http://pastebin.ca/2307976
<escott> tcp        0      0 billy.local:ipp         *:*                     LISTEN
<keithclark_> I don't know what you are getting at
<escott> billy.local is listening for connections from all addresses on all ports to the ipp port (631)
<keithclark_> Well that is good, no?
<escott> well billy.local is probably defined as 127.0.1.1 which is on the loopback device
<escott> so its the same as localhost
<keithclark_> Ok, so I could connect on the physical machine, but I cannot connect from a remote machine
<keithclark_> I must be missing something here
<keithclark_> Anything else I should try?
<escott> its not something ive ever done but its all going to be in that config file
<escott> its very unclear what you have done... you said you had read the man page on the config file but you seemed confused when i said to look at it
<keithclark_> Yeah, I did this correctly before in an earlier version of ubuntu.  I'm thinking this is a bug
<codepython777> anyone using powerdns here?
<codepython777> powedns vs bind? I mainly need to control dns dynamically (load balancing as well fault tolerance control). Any other suggestions?
<keithclark_> hmm, it does seem like a new bug http://ubuntuforums.org/showthread.php?t=2084459
<keithclark_> Maybe fixed in the next release
<pak> Hi All,Can anyone please suggest me at application for spped test of PCIe
<patdk-lap> pak, no such thing
<psivaa> Daviey: jamespage: hallyn: It would help if bug 1103982 is looked at, this is causing smoke test failures
<uvirtbot> Launchpad bug 1103982 in ubuntu-meta "cpu-checker is not included in virtual host server installations from 20130120 onwards" [Undecided,New] https://launchpad.net/bugs/1103982
<dolf> hey everyone. I just updated my ubuntu server from 10.04LTS to 12.04LTS. Grub2 refuses to install though, since the core.img is too large. I have the server installed with mdadm and lvm, and indeed this causes the core.img to not fit in the first 62 sectors of the disk
<dolf> so I guess my option is to realign the partitions of /dev/sda1 and /dev/sdb1
<xnox> currently yes. Grub upstream is trying to bring back the size of core.img back down, since raid+lvm is very common.
<dolf> xnox: ok. But how do I resize the lvm, then the mdadm raid paritions, and subsequently the physical disk parition to accomodate a larger core.img
<dolf> I know how to resize the filesystem, I can also resize the lvm logical volume
<dolf> but after that I am stumped
<xnox> the problem is that XXDDDDD needs to become XXXDDDDD..... which means that you cannot do if with one disk & DD.
<xnox> (cause you will be overwritting stuff you didn't move yet)
<xnox> one option dd one disk with offset to another.
<xnox> move first partition on the first disk.
<xnox> boot degrated & resync.
<xnox> but it's scary & potentially dangerous. Another option is to use a third disk as a temp one.
<jamespage> psivaa, ack
<Noriandir> hi. i'm having problems accessing apache2 server and my ssh server through my external ip. i had no problems with it until today...
<Noriandir> ports 22, 80 and 8080 are open
<zul> jamespage: ping 2 two things (1) can you give a +1 for http://people.canonical.com/~chucks/ca/
<zul> (2) i was thinking of backporting dnsmasq to the cloud archive because of this bug https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1006898 its too risky to backport the patch to precise because i dont know the consequences
<uvirtbot> Launchpad bug 1006898 in dnsmasq "[SRU] dnsmasq fails at leasing issues when using vlan mode" [Medium,Fix released]
<jamespage> zul, re 1) please build the source package using -v otherwise the version history is incomplete
<jamespage> 2) hmm - lemme think for a minute
<yolanda> hi, anyone with experience in zookeeper? i'm having problems with juju
<zul> (2a) i think there might be a bug in nova because of the kvm rename in the cloud archive version
<zul> jamespage:  http://pastebin.ubuntu.com/1581641/ ergh?
<jamespage> zul: -vXX.YY
<zul> ah thanks
<jamespage> you need to provide the previous version either in the cloud archive or in precise
<zul> (1) fixed
<jamespage> zul, 1) I don't see the fix
<zul> jamespage:  i did debuild -v3.6-0ubuntu1 -S -sa --changes-option=-DDistribution=precise
<jamespage> 3.6-0ubuntu1 is newer that ~cloud0
<zul> so i want 3.6-0ubuntu1~cloud0 right?
<jamespage> zul, you should use -v3.4-1ubuntu1 as that is the version in precise
<zul> ack
<jamespage> that way the CA changes file has all updates between precise and ~cloud0
<jamespage> 2a) kvm -> qemu-kvm right?
<jamespage> zul, I see "qemu-system (>= 1.3.0) | kvm" is that not enough?
<zul> jamespage: actually it should be, i think i need more caffine
<zul> jamespage: should be fine now
<jamespage> zul, still reading 2)
<jamespage> zul, I still think that needs the full SRU
<zul> jamespage: ack ill put it on my todo list
<jamespage> zul, coming up with a regression plan should not be that hard - maybe work with stgraber to identify some good desktop use cases to verify its limited impact
<koolhead17> hello jamespage / zul
<jamespage> hey koolhead17
<zul> hey
<koolhead17> how are things?
<koolhead17> when are we getting Grizzly goodness in plate :)
<zul> koolhead17: soon
<koolhead17> zul: let me know when would you like me to test it. Will do it and file bugs if i find any
<zul> koolhead17: sure
<jamespage> zul, +1 on that python-coverage upload
<zul> jamespage: thanks
<zerick> Hi guys, Has anybody had problems with googlebot  flooding your sites?
<resno> im running ubuntu on vmware esxi, whats the most minimal install i could possible use. in terms of reducing ram usage?
<resno> i feel like the base installs i have are using a bit to much ram
<RoyK> resno: I don't know with esxi, but I guess it'll be about the same as running on kvm. I have VMs down to 128MB
<patdk-lap> the smallest amount of ram I got ubuntu to use was 24megs
<patdk-lap> well, on real hardware
<RoyK> patdk-lap: heh - a recent version? ;)
<patdk-lap> that was 10.04
<resno> RoyK: do you have suggetsions on how to obtain that mythical number?
<RoyK> not relaly
<RoyK> not really
<resno> i used the minimal install but its installed weird stuff i'd never need
<RoyK> I just tried to boot 12.04.1 i386 (32bit) off kvm with 64MB RAM, and it doesn't seem to like that at all
<RoyK> installer comes up with 96MB, though
<RoyK> that's after f4 - install minimal virtual machine
<RoyK> the times I've built *really* small systems, I've normally done it from scratch with a tiny kernel and busybox for the most part
<rbasak> resno: to minimize RAM usage? Start by looking at RAM usage of existing processes.
<zul> jamespage: can you have a look at https://code.launchpad.net/~zulcss/cinder/cinder-ca-g2 it says its not mergable
<RoyK> rbasak: not much to look at for a "minimal virtual system"
<rbasak> Oh I see. Minimize maximum RAM during boot? That's a bit tougher I suppose.
<patdk-lap> well, for me, I started with minimal, then uninstalled a bunch of crap, then lowered ram
<jamespage> zul, hrm - not sure I ever got to the cinder branch for the cloud-archive - it was groken in g1 due to the package importer failing in the distro
<rbasak> Ubuntu isn't really designed for that. Especially with concurrent things at system startup which was done to improve boot time
<RoyK> the installer doesn't seem to like 96MB either
<rbasak> You're probably best going with Debian with a non-parallel init system
<zul> jamespage: do you want one like i did with python-coverage?
<RoyK> perhaps create a vm or template with a bit more memory and then strip down later
<jamespage> zul, sure
<zul> jamespage: k
<RoyK> rbasak: or gentoo ;)
<zul> RoyK: yeah people love to wait around forever for things to build
<rbasak> Things might take a while to build on a system with 64MB RAM.
<RoyK> rbasak: heh - what I meant, was to use a real system for the building and then just create tiny VMs with that build...
<zul> jamespage: http://people.canonical.com/~chucks/ca/
<jamespage> zul: +1
<zul> thanks
<zul> yolanda: ping https://code.launchpad.net/~zulcss/swift/swift-1.7.6/+merge/145201
<yolanda> let me see
<yolanda> zul, easy one, that's boring :)
<zul> yolanda: trying to ease you into the week ;)
<yolanda> done
<Omen_> Hello
<RoyK> resno: ping
<resno> RoyK: ya, i was sitting here trynig to figure out why no one had responded lol
<RoyK> heh - just got home - testing a small debian i686 install in a vm to see how slim I can get it ;)
<resno> i'm looking at esxi and i hate seeing a few vms sucking down all this ram.. when they are basically resting
<RoyK> which version of esxi?
<resno> 5.0
<patdk-lap> I never cared, just let esxi manage the memory between them
<RoyK> resno: that should support ballooning
<resno> RoyK: ballonning? ill need to learn about that
<patdk-lap> ballooning, compression, shared, swap
<patdk-lap> as long as you install vmware tools into the guests
<RoyK> well, VMs without vmware tools are no good...
<resno> i use the open tools, should i use the vmware specifically?
<RoyK> yes
<patdk-lap> opentools are just as good
<RoyK> rightclick the vm, guest, install vmware tools
<RoyK> patdk-lap: really?
<patdk-lap> well depends what you want
<patdk-lap> but for server, opentools are good enough
<RoyK> vmotion, storage vmotion, lots of things
<patdk-lap> none of that stuff uses tools
<RoyK> not running a single server, though
<RoyK> you sure about storage vmotion?
<patdk-lap> yes
<RoyK> ok
<patdk-lap> storage vmotion uses snapshots
<resno> ive got 3 vms taking up 3587 mb of ram...
<patdk-lap> doesn't matter if the snapshot is consistant
<RoyK> patdk-lap: you can't be sure of that without vmware tools, though
<patdk-lap> no need to be sure about it with svmotion
<patdk-lap> if you wanted to do a *backup* yes, but not svmotion
<patdk-lap> cause the svmotion would just fail, if it didn't work
<RoyK> well, it won't hurt to install vmware tools, will it?
<patdk-lap> ya, you want tools for the simple things like, guest shutdown/reboot, ballooning, timesync, backups
<patdk-lap> need it for FT I believe, and it helps HA
<resno> ft?
<patdk-lap> fault tolerance
<resno> oh
<resno> most of my installs are a single server, so the bells and whistles dont quite apply
<resno> :(
<resno> and from what ive read, its the coolest parts of it
<patdk-lap> ha is simple, esxi server dies, it restarts the vm on other host
<patdk-lap> FT is a live mirror of the vm, so if a esxi host dies, it is already running on a standby machine
<resno> does ha have issues with data missing?
<patdk-lap> well it will be as consistant as the disk was
<patdk-lap> I mean, what happens with missing data when you yank the power cable
<resno> so consistency isnt an issue with either?
<RoyK> well, for some databases, it can
<patdk-lap> FT mirrors the memory/cpustate/... live, it actually runs the vm on two hosts at the same time, EVERYTHING the same
<hallyn> ahs3: hey, do you expect netcf 0.2.3 into experimental soon, or is there a roadblock?  just wondering wehther i should wait to push to raring, or whether i'd risk missing FF
<RoyK> mysql tends to be corrupted somehow and a 'repair table' may be needed
<patdk-lap> for HA, it's like, power cable got pulled, and turned it back on
<RoyK> you'll need pretty good networking for FT to work properly, though
<resno> thats pretty cool
<RoyK> preferably 10G between the nodes
<patdk-lap> yep, and not loose a network connection between failover
<RoyK> resno: for a minimal install, seems debian can live with 56MB
<RoyK> at 48MB, it panics on boot
<RoyK> panic happens during kernel boot, btw
<resno> ah
<resno> RoyK: did you make a reduced size build or can do it myself?
<RoyK> so making a smaller initrd will probably help
<RoyK> this was basic debian server i686
<RoyK> with a custom kernel, I guess you can get it down to at least 32GB
<resno> mb?
<resno> 32GB doesnt seem very small ;)
<RoyK> since it doesn't seem to be using much
<RoyK> http://paste.ubuntu.com/1582934/
<RoyK> heh
<RoyK> yeah - 32MB
<RoyK> resno: http://paste.ubuntu.com/1582938/
<resno> hmm
<resno> heh, i just realized why this one vm is running so rampid
<resno> mysql
<RoyK> ah
<resno> its silly but didnt even occur to me
<resno> and apache too
<RoyK> apache with php?
<resno> yes
<RoyK> apache alone doesn't use much, but php might
<resno> il try installing php-fm, i think its called to optimize a bit
<RoyK> resno: how much memory did you give the vm?
<resno> RoyK: just about a gig
<RoyK> remember that linux will use all available memory for caching
<resno> ha, how could i remember something i didnt know
<RoyK> well, now you do ;)
<RoyK> most (or all?) OSes will do that
<resno> seems likely enough
<resno>  /understandable
<RoyK> perhaps with the exception of some specialized kernels like the Xen kernel, using only a small part for the dom0 bit
<RoyK> resno: but conclusion for mini-vms so far: debian works well with 64MB without custom stuff
<RoyK> can't be bothered to go through the kernel config to make a smaller initrd, though
<resno> RoyK: it doesnt require any fancy configing? just i686 and good to go?
<resno> for the 64mb
<RoyK> yes
<RoyK> resno: I installed it with 256MB, though
<RoyK> but it runs well with 56
<resno> ya, i dont want mind giving it a good amount of ram. i just dont like it being sucked away
<RoyK> it will, unless you use ballooning or similar ways to limit it
<patdk-lap> I keep increasing my vm ram amounts, till the swap/disk usage goes down to a reasonable level
<patdk-lap> but I do have ram to burn
<resno> ive just about burned all my ram..
<RoyK> adding a new vm host to a cluster with less than 128GB would be rather unthinkable IMHO
<resno> all 4 gigs worth
 * resno waits for response
<RoyK> 4 gigs! even my old core2duo machine running kvm has 6 gigs ;)
<RoyK> with new cellphones arriving with quadcore and 2 gigs of ram, well ;)
<RoyK> it'll be interesting when those cellphones come with working kvm...
<resno> haha
<jamespage> hallyn, around?
<RoyK> Cortex-A15 has virtualisation support...
<RoyK> dunno if kvm supports it yet, though
<hallyn> jamespage: yup
<RoyK> resno: http://www.youtube.com/watch?v=uD5Nu-VrHKI
<jamespage> hallyn, bug 1103982
<uvirtbot> Launchpad bug 1103982 in ubuntu-meta "cpu-checker is not included in virtual host server installations from 20130120 onwards" [Undecided,New] https://launchpad.net/bugs/1103982
<jamespage> hallyn, I'm guessing that cpu-checker has been dropped as a dep during the kvm re-org this cycle?
<resno> RoyK: hmm, the possiblies with android
<jamespage> hallyn, it was a dep for qemu-common
<jamespage> hallyn, can we re-instate that? we could stick it in the seed so it gets on the iso but thats a bit more complicated; and does not help non-iso people
<hallyn> jamespage: i dunno, it seems bogus -in quantal i see
<hallyn> Replaces: qemu-kvm (<< 0.12.3-0ubuntu13)
<hallyn> oh, nm, i see << :)
<jamespage> hallyn, :-)
<jamespage> hallyn, its breaking smoke testing ATM as one of the checks is to run kvm-ok
<hallyn> jamespage: but no, its' not the recent reorg, bc it's not installed in quantal either
<hallyn> oh i see
<jamespage> hallyn, quantal has "Recommends: cpu-checker, kvm-ipxe"
<jamespage> and its not transitional
<hallyn> <big sigh>
<jamespage> I guess it needs a new home (the dep that is)
<hallyn> jamespage: do you think qemu-system suffices?
<hallyn> it's got both kvm and qemu-user, so it should be fine
<jamespage> hallyn, I agree +!
<jamespage> +1
<hallyn> jamespage: on it, thanks!
<ahs3> hallyn: sorry, was afk for a bit...no roadblock.  should be RSN -- no later than end of week
<hallyn> jamespage: fix pushed.  thanks, ttyl
<hallyn> ahs3: cool, thanks.  will wait for that then
<zul> hallyn: so i got 1.0.2-rc1 to build this weekend and now -rc2 is out :(
<zul> ahs3: traitor
<hallyn> minor changes i assume
<ahs3> zul: :P
<RoyK> anyone here with a linux raid tried to smartctl -l scterc /dev/asdf ? seems hitachi desktop drives support it well, wd doesn't (or perhaps the wd red drives do)
<patdk-lap> asd?
<RoyK> well, it's like WD's TLER
<RoyK> pretty nice for a raid setup
<RoyK> patdk-lap: asd?
<RoyK> patdk-lap: /dev/asdf was just an imposer for the device name :P
<patdk-lap> ah
<patdk-lap> I figured that out
<adam_g> zul: not sure how to handle those 12.04 rebuilds of requests + oauthlib short of stripping out the py3 stuff from d/control + d/rules and maintaning a patch+merge moving forward.
<adam_g> Daviey: ^ any suggestion? am i missing something in the python3 packaging docs?
<zul> adam_g: thats what we might have to do
<zul> adam_g: for requests it looks like we are going to have a delta (fine for crypto and authlib)
<_Andrei_> such a huge activity on that chan' :)
<RoyK>  
<genii-around> Hello. Is there some convention for dot-files in /etc/skel where you can specify the username ? eg: I'd like a ~/public_html/private/.htaccess file which has a line of: require <username>
<RoyK> genii-around: don't think that's possible with normal skel stuff
<RoyK> better script it
<genii-around> RoyK: OK, thanks. Perhaps I can do something like wrap adduser then run sed immediately after for REPLACETHISSTRING or similar then in the generic .htaccess file
<RoyK> genii-around: or create your own add-user-for-this-server script
<RoyK> probably easier
<RoyK> as in 'useradd -m $1; mkdir /home/$i/public_html; echo asdf > /home/$i/public_html/.htaccess'
<RoyK> s/\\$i/$1/
<genii-around> Hm, interesting.
<RoyK> genii-around: it's easily scriptable in bash
<genii-around> RoyK: I have already a slightly modified adduser script without the call for the gecos fields, perhaps I'll poke around in there. I'm not all that familiar with Perl although I can probably muddle through.
 * RoyK knows perl rather well
<zastern> Anybody built nagios 12.10 sources for 12.04? Any good luck with that?
<zastern> nagios version from 12.10 i mean
<RoyK> zastern: dunno - I left nagios some years ago for icinga - nagios hasn't been actively developed for years
<zastern> RoyK: The latest nagios release came out just this month dude.
<zastern> I'm pretty sure you're not correct.
<RoyK> zastern: another patch, yes
<RoyK> zastern: but active development is halted
<RoyK> zastern: it's patchd, but nothing is improved
<zastern> RoyK: uh the last major release was may 2012
<zastern> do you have any documentation of this major developement being halted?
<RoyK> zastern: nagios v3 was released almost 10 years ago. it still contain the same hardcoded html-in-c for the web gui
<RoyK> I've been using nagios/icinga for >10Y
<zastern> oh wow
<zastern> hmm
<zastern> RoyK: sir, nagiox 3 was released in 2008.
<zastern> http://www.nagios.org/projects/nagioscore/history/core-3x
<RoyK> well, it's the same old thing as nagios v1
<RoyK> it's the same codebase
<RoyK> hardcoded html in c for the web ui
<RoyK> some better scheduling here and there, but nothing new
<RoyK> I use icinga - it's a good fork
<zastern> hmm. I wonder if i can use icinga with the puppet nagios providers
<RoyK> yes
<RoyK> it's compatible
<zastern> That's one of the advatages of nagios, the built in providers
<zastern> RoyK: hmm, another advantage is that ubuntu 12.04 has icinga 1.7.2
<zastern> which is fairly current
<RoyK> the only advantage of nagios is the name - the rest is old history. Ethan Galstad left the open Nagios development years ago
<RoyK> Ethan now only works for the commercial nagios part
<zastern> RoyK: that's so odd. I mean from what i'm reading there are still nagios conferences every year, for example
<zastern> RoyK: Commercial nagaios features are never handed down to OSS?
<RoyK> well, of course
<RoyK> I don't know
<Pici> icinga is still open?
<RoyK> icinga is open
<zastern> I'm also interested in sensu
<Pici> I have nagios on a test box here that I've been asking to be replaced with a real server, maybe I'll switch to icinga when that happens.
<tonyyarusso> zastern: Icinga also has an Ubuntu PPA maintained by formorer (sp?)
<zastern> tonyyarusso: mm. I'm also checking out Sensu.
<tonyyarusso> zastern: The Nagios conferences are actually brand new, not "still held".  They've had two so far.
<zastern> But sensu wants you to use rabbitmq, and I'm already using ActiveMQ
 * tonyyarusso knows a smidge about this stuff :P
<tonyyarusso> zastern: As for the development issue, you're both basically correct.  Yes, Nagios has had releases, and they've even bumped up the version numbers in more significant places, but if you look at the actual changelogs not a whole lot has happened.  In contrast, Icinga has been much more aggressive in pursuing actual new feature development.  For most people the most obvious part is the new themable, AJAXy, dynamic web interface.  ...
<tonyyarusso> ... There are also other things that were in the Nagios feature request queue for ages, but never accepted, like supporting more database backends for NDOUtils.
<zastern> Hmm. I don't know what I'll use, but it won't be nagios.
<phillw> Hi guys, instead of using the mini-iso, do you think that installing ubuntu-server with no 'additional' packages via tasksel would be preferable for people to install a minimal system that they could then use tasksel to install their preferred GUI system (lubuntu / kubutnu / ubuntu etc.) ?
<ndngvr> otisa-G-mVva5VcFY6HD_HgAVHwAyXRGLLb
<sarnold> ndngvr: do you need to reset a password somewhere? :)
<quietone> any idea why samba opens/closes a connection for 1 user several times a second? result is they can't access the share.
<sarnold> quietone: open/close like that makes me wonder if access is not being allowed by tcpwrappers -- do you have those configured for samba? (I don't know for certain that samba supports tcp wrappers..)
<quietone> hi sarnold, I'll have to learn about tcpwrappers b4 I answer ;-)
<sarnold> quietone: well, if you didn't set them up, it is unlikely to be the case :) hehe
<sarnold> quietone: check /etc/hosts* files -- somethin like hosts.allow, hosts.deny, or hosts_options, (though I could have punctuation all wrong..)
<quietone> sarnold, yea but we copied configs from CentOS to Ubuntu. We could have missed something.
<quietone> sarnold, ok. but it was working fine yesterday and nothing has changed
<sarnold> quietone: oh :) nice ot know it was working fine :) hehe, I missed that.
<sarnold> quietone: check your logs?
<quietone> sarnold, the log for that machine just has the 'connect to service' then 'closed connection'
<sarnold> quietone: darn :/
<quietone> sarnold, I agree!
<ndngvr> sarnold: Yes, I do now!  Stupid keepassX autotype
<ndngvr> sarnold: thanks for saying something
<sarnold> ndngvr: I figured it'd be easy to overlook :/
<quietone> sarnold, http://pastebin.com/tKTiwbaK
<sarnold> quietone: do other users work okay? or is it just fred?
<quietone> sarnold, just fred today -- tomorrow, who knows!
<sarnold> heh
<quietone> sarnold, fred had this yesterday "create_connection_session_info failed: NT_STATUS_ACCESS_DENIED"
<quietone> i thought i had that one fixed
<quietone> is there a simple explanation of  the above error msg. Is that access to the share or some other file?
<sarnold> quietone: does the 'smbclient' cmmand line client connect to the shares fine? as different users? to different shares? from multiple client machines?
<quietone> sarnold, using smbclient fred can see the share
#ubuntu-server 2013-01-29
<quiet1> sarnold, fred just rebooted and logged in and it's working
<sarnold> quiet1: sheesh. I hate that as an answer...
<sarnold> quiet1: but at least it's not an immediate problem any longer :)
<quiet1> sarnold, me too.
<quiet1> sarnold, yea now back to 'can't pin to start menu ...'
<Bilge-> How do I get a package out of stuck state?
<Bilge-> apt-get always shows "1 not fully installed or removed."
<Bilge-> I don't want to remove it but the post-install script always fails
<Bilge-> It always throws "FATAL: Could not load /lib/modules/3.2.13-grsec-xxxx-grs-ipv6-64/modules.dep: No such file or directory"
<sarnold> Bilge-: iirc, something like "sudo depmod -a 3.2.13-grsec-xxxx-grs-ipv6-64"
<sarnold> (whatever uname -r will report for the kernel version for that kernel, once it boots)
<Bilge-> It just gives the same errors
<Bilge-> WARNING: Couldn't open directory /lib/modules/3.2.13-grsec-xxxx-grs-ipv6-64: No such file or directory
<Bilge-> Am I supposed to create this directory by hand?
<sarnold> whatever package contains that kernel is supposed to create the directory
<Bilge-> No package, it was installed by the provider
<Bilge-> It's still erroring, just with a different error now :/
<Bilge-> dpkg: error processing iptables-persistent (--configure):
<Bilge-> This is a really buggy package
<sarnold> it probably assumes a functioning kernel install.
<Bilge-> No other package on the system has had any issues
<Bilge-> And I've installed half of apt
<sarnold> Bilge-: you may wish to install the kernel-package package and use the make-kpkg utility to build kernel packages if you're going to run your own kernels -- it helps smooth over a lot of the mistakes people may make when installing their own kernels
<Bilge-> I'd rather just install a fixed version of iptables-persistent
<Bilge-> https://bugs.launchpad.net/ubuntu/+source/iptables-persistent/+bug/1002078
<uvirtbot> Launchpad bug 1002078 in iptables-persistent "iptables-persistent fails to install if module iptable_filter is not available" [Undecided,Fix released]
<Bilge-> According to this it was fixed in 0.5.6ubuntu1
<Bilge-> But I have 0.5.3ubuntu2
<Bilge-> How do I get the fixed one?
<sarnold> 0.5.6ubuntu1 is in 12.10; 0.5.3ubuntu2 is in 12.04 LTS. If you want to remain on 12.04 LTS and still have that fix, it might be worth asking in the bug report if an SRU is appropriate https://wiki.ubuntu.com/StableReleaseUpdates
<Bilge-> I will do that
<Bilge-> How can you see which version of Ubuntu has which package version?
<sarnold> Bilge-: perhaps the easiest is e.g. http://packages.ubuntu.com/search?keywords=iptables-persistent
<sarnold> bleck. that's not the URL I typed.
<sarnold> Bilge-: http://packages.ubuntu.com/package-name
<Bilge-> Thanks ;)
<kimsia> i am having some problems running pecl install perl. the details of my attempts are documented at http://askubuntu.com/q/245996/10591
<Bilge-> What I really can't understand is that I have this exact same installation on another box but it didn't have these problems or errors
<Bilge-> Same hardware, same distro, same packages
<Bilge-> Same kernel too
<aldo_raine> hi guys.. is it possible to put ubuntu-server on raspberry micro-computers?
<sarnold> aldo_raine: I think not; iirc, raspberry pi is an armv5 instruction set, and ubuntu compiles to armv7 instructions. I think Debian has armv5 builds though...
<aldo_raine> sarnold: thank you.. so i need a debian distro
<codepython777> is this reliable: deb http://cmeerw.org/files/debian lucid pdns - or any suggestions where i can get pdns from ?
<kantlivelong> anyone use lcdproc on their servers for raid health status? i cant seem to find anything
<codepython777> anyone using pdns?
<sarnold> codepython777: powerdns is in universe, you can install pdns-server or pdns-recursor, as you need
<codepython777> sarnold: seems like its lagging behind the source version
<codepython777> sarnold: do you use it?
<codepython777> sarnold: http://cmeerw.org/debian/ -- isnt he the maintaner for pdns on deb/ubuntu?
<sarnold> codepython777: that is common, the version released with a distro is typically held steady and updated primarily for security problems
<sarnold> codepython777: that way updates are less likely to break deployed systems
<sarnold> codepython777: I don't see 'meer' in 'apt-get changelog pdns-server' -- that doesn't show that he isn't involved, but it isn't conclusive proof...
<sarnold> codepython777: I've only used the recursor, and that not for a while..
<codepython777> sarnold: thanks
<codepython777> sarnold: are you bind user?
<codepython777> is there a room to get help on pdns?
<sarnold> codepython777: #powerdns on irc.oftc.net
<codepython777> sarnold: thanks
<ragz> Hi
<ragz> I need to configure apache on one ubuntu machine to access a domain on another machine on the network
<ragz> and I need some help
<ragz> so far I have created the domain on the other machine accessible locally but i cant access it remotely
<ragz> anyone?
<adamlis> Hey. I have a Ubuntu Server that I really like. I want to setup a PXE-boot for windows 7 for a few computers here at work without cd-rom.. does anyone know of a good guide? i've tried googling and using the man commando
<koolhead17> Is it coming in Ubuntu as well http://www.linux-kvm.com/content/first-look-virtual-machine-online-disk-snapshots-coming-fedora-18
<adamlis> pxe booting?
<cfhowlett> !ubuntu > nitesh
<cfhowlett> !ubuntu>nitesh
<koolhead17> adamlis: much more than that
<adamlis> what should I google for to get the results I which? seems no1 is netbooting windows 7 off ubuntu server
<cfhowlett> adamlis, why that is just ... shocking!
<adamlis> agreed!
<adamlis> netboot and pxe installs should be way more widely used
<adamlis> There's so many guides on how to PXE-Boot Linux Distros but none on how to boot Windows from PXE
<adamlis> I don't know where to turn and Google won't help me because I don't know what to search for. I get 1000 results of linux installations
<cfhowlett> adamlis, ask in ##windows or #windows
<cfhowlett> adamlis, it really is not an ubuntu issue, is it?
<adamlis> I thought so .. the ubuntu-server needs to be configured to handle windows dists.. but thanks for pointing me to the right channel, I missunderstood the topic here
<jinx__> Hi, I am new to the linux community. I have 7 computer systems out of which I intent to use one as a server and the rest as client (they will be connected to the internet via the server). what I wanted to do was that whenever I get any package or updates on a client I want the server to keep a copy so that when any other client later requests the same update or client it can provide the copy instead of using my internet bandwidth.
<Daviey> jamespage: Hey, did you notice raring iso is oversized?
<chaz68> jinx - Look into Squid.   Think its built into pfSense and/or Untangle... You'll need a good proxy cache hard drive...
<RoyK> chaz68: most drives will do - depending on how much memory you allow squid to use, though. of course, an SSD would be nice...
<chaz68> Anybody know what this in the "runTests.php" diagnostic in AjaxPlorerr?  http://pastebin.com/xzWghdn5
<chaz68> Can't seem to figure out what I'd need to disable / configure to make that warning disappear...
<chaz68> http://ajaxplorer.info/
<chaz68> Doesn't seem critical or nothing.  Just bothering me what it is...
<jamespage> ivoks, around? wanted to check something corosync/pacemaker related with you re network issues
<Akendo> Hello, just some simple question. Will be there a  release for 2012.2.1? Current Version is 2012.2. (https://wiki.ubuntu.com/ServerTeam/CloudArchive)
<jamespage> Akendo, yes there will be - its stuck in -proposed for both the CA and for quantal at the moment
<jamespage> Akendo, trying to get it nudged along this week
<jamespage> Akendo, you might find this report useful - http://reqorts.qa.ubuntu.com/reports/ubuntu-server/cloud-archive/folsom_versions.html
<Akendo> Hi jamespage, Thank you very much. Is there any resource I consider for such kind of information?
<jamespage> Akendo, for the cloud archive that report :-)
<Akendo> Great, that makes me happy. jamespage you think this will be release end of this week?
<Akendo> or later on?
<jamespage> Akendo, poking now
<jamespage> Akendo, as in poking to find out why its blocked
<jamespage> Akendo, all the bits a pieces for verification have been done :-)
<Akendo> <3
<Akendo> Can I help you :D ?
<jamespage> Akendo, well running the packages from the -proposed pocket of the cloud-archive and commenting on that bug that it all looks OK would support the case to releasing 2012.2.1 to -updates
<jamespage> Akendo, we don't release to the CA -updates pocket until it gets released into the quantal -updates pocket if that makes sense
<jamespage> Akendo, sorry for the lag - we'll try to get the next set of updates through quicker
<Akendo> Thank you
<MraAlbertina> Hi. I would like to be clarified on 2 matters and if you please help me understand it; 1- when doing a fresh installation from mini.iso is it really necessary to install(/select on tasksel) "Basic Ubuntu Sever"  -  or the system will download and install any needed files/packages when something is installed, like LAMP, for instance? (the 2nd doubt is in standby : )
<andol> MraAlbertina: Whenever you have apt alt tasksel install something for you it will always make sure that all dependencies are satisfied.
<MraAlbertina> andol: thank you. i asked because i see a couple packages in it i will never use, like vim, for example, i prefer nano.
<MraAlbertina> (i know i know, we always could remove it later... but... just in case
<MraAlbertina> The second doubt. If i recall right, abourt v 11.10, webmin were not recommended anymore. Now i see a lot of users ... using it. Is there any system danger in installing LAMP trough a script Usermin has, that installs it - for the sake of some gui to manage virtual hosts?
<jamespage> Akendo, just got accepted into quantal-updates; I'll nudge the CA admin todo the same for the cloud archive
<Akendo> Nice!
<jamespage> Daviey, ^^ :-) pretty please
<jamespage> Daviey, unless you would like to use this as an education session of course....
<Daviey> jamespage: happy to..
<Daviey> I can share the pain of the poor tooling
<Daviey> jamespage: what would you rather?
<jamespage> Daviey, lets do it!
<zul> Daviey: g2 as well please :)
<zul> ah frig
<ffeldhaus> Anyone here can help me with dracut? I'm struggling to get it installed on Ubuntu 12.10 for days now and can't find a working way to do so. I summed up the problems I have in this question at askUbuntu http://askubuntu.com/questions/248970/how-to-install-dracut-on-ubuntu-12-10
<zul> jamespage:  mirs done for websockify and python-extras
<ironm> Hello. Please allow me one question. Is there a free available ClearCase package for ubuntu? Thank you in advance for any hints.
<resno> ironm: clearcase package?
<ironm> yes
<ironm> like http://en.wikipedia.org/wiki/IBM_Rational_ClearCase
<resno> ironm: oh, interesting. never heard of that before. i can google but beyond that i have no personal knowledge.
<ironm> thank you resno :)
<ivoks> jamespage: on vacation till thu :)
<jamespage> ivoks, hey - no worries - roaksoax and I did some triage and figured out it was not corosycn
<jamespage> ivoks, have a good break
<ivoks> jamespage: it's possible it was hardware; never had opportunity to explore it
<zul> yolanda: ping https://code.launchpad.net/~zulcss/python-cinderclient/testr/+merge/145419
<yolanda> ok
<yolanda> approved
<zul> thanks
<Akendo> Hey jamespage any changes?
<jamespage> Akendo, updates on their way to the CA as well
<jamespage> report still not showing... but should be there by now
<Akendo> Just for me as information what is the CA ?
<Akendo> I have something in my mind, but better asking ;-)
<jamespage> CA = cloud-archive
<jamespage> Akendo, ^^
<Akendo> Good :D
<Akendo> xD
<Akendo> How long will it take?
<jamespage> Akendo, they are in the archive; the report lags a bit
<Akendo> do you have any link for me ;-) ?
<Akendo> Hups
<Akendo> Not you ;-)
<Akendo> Hey jamespage,The following packages have been kept back:
<Akendo>   libvirt-bin libvirt0 nova-common nova-compute nova-compute-kvm python-glance python-libvirt python-nova python-novaclient
<Akendo> Great, that help me a lot. Good Stuff jamespage
<jamespage> Akendo, did you get that sorted?
<Akendo> Yes
<Akendo> I just about to role out our updates to hosts
<Akendo> Just started with compute systems
<codepython7771> how do i find what is the network load on my network card?
<codepython7771> like cpu load on cpu
<Akendo> codepython7771: Do you mean the bandwidth ?
<codepython7771> Akendo: I want to know in the last 10 minutes, how many bytes were transmitted and received ?
<codepython7771> or some such time span
<Akendo> For example you can use vnsta
<Akendo> codepython7771: vnstat*
<thankless> hello
<thankless> I am trying to install ubuntu on an old laptop through a PXE server (tftp) on Windows 7. I have followed the instructions on https://help.ubuntu.com/community/Installation/WindowsServerNetboot - the target laptop boots but returns no boot filename received
<jamespage> Akendo, no problemo
<jamespage> hope the rollout goes OK
<Akendo> jamespage: For now there was no problem
<jkbbwr> ufw is being a prat, can I have some help?
<jkbbwr> this is like the 9th time of wiping my iptables
<jkbbwr> http://paste.ubuntu.com/1586439/
<sikado> Hello, I have a problem with a HP Blade system. I have Proliant BL 35p blade with SAN Storage and I'm unable to install Ubuntu Server 12.10 on it because the installer doesn't configure the multipath. Any idea ?
<autojack> anyone here have experience with tinydns? I'm trying to configure reverse lookups, but they're not working.
<jdstrand> jkbbwr: what are you trying to achieve?
<jdstrand> jkbbwr: I'm assuming to allow ssh. you need to 'sudo ufw enable' at the end (also, the only allow rule needed is 'sudo ufw allow OpenSSH')
<hallyn> zul: i'm about to push a trivial change to libvirt.  got any changes queued that i can add this to?
<jkbbwr> jdstrand: okay yea I fixed it
<jkbbwr> now ssh is taking years to login
<RoyK> jkbbwr: using ipv6?
<jkbbwr> all sssh connections seem really fucking slow to connect
<jkbbwr> RoyK: no
<jkbbwr> took about a minute to go give the password prompt
<jkbbwr> once im in its dead fast
<jkbbwr> RoyK: I just setup the ufw firewall
<RoyK> jkbbwr: that usually happens if there's a dns lookup failure, or if it attempt to (unsuccessfully) try with ipv6 first
<RoyK> jkbbwr: try ssh -4
<sarnold> jkbbwr: that can sometimes happen if your system is configured to log hostnames and you don't have reverse DNS entries on your client IP...
<RoyK> yeah
<jkbbwr> can i stop it doing that?
<hallyn> zul: well, if you're goint o push soon, please append http://people.canonical.com/~serge/libvirt-ovmf.debdiff .  else lemme know and i'll push this
<hallyn> thank
<hallyn> s
<RoyK> jkbbwr: iirc UseDNS no in the config
<RoyK> jkbbwr: reload sshd after that
<jkbbwr> RoyK: thanks :)
<jkbbwr> Genius
<jkbbwr> now I just gotta fix the tunnel
<hallyn> zul: nm, i'm afraid i'll lose track of this, i'll just push.
<Cortez> hey guys, i need some help with ufw. You see when i do a ufw status i get 5 ports allowed, but when i do a nmap -sS 127.0.0.1 i only get 2 open ports?
<Cortez> i need to get all 5 ports open.
<Cortez> can some one help me or at least point me into a direction?
<Cortez> direction not beein google :D
<sarnold> Cortez: iirc, nmap by default only scans a few thousand common ports. try something like -PS1-65535 ...
<Cortez> yea, i thought of that and did it but no good.  :(
<sarnold> Cortez: does netstat -anp show five open ports with listening programs?
<sarnold> (oh, hey, a simple -p1-65535 ought to do the job. man I hate the nmap interface..)
<tom_ilsinszki> I'm trying to let some users on my server run tomcat without entering a root password. I tried putting this in my /etc/sudoers file, but it does not seem to run as root: myuser1,myuser2 ALL=(root)NOPASSWD: /etc/init.d/tomcat start. How can I make this command run as root without making the users enter the root password?
<Cortez> hm..this is worrying... i got other ports open, all in the non registered range. But not the five i want...  -_-
<Cortez> hmm..things turned into the worse... hehe
<hallyn> rbasak: hey - do you happen to have an arm box handy that i could have you test something on?
<rbasak> hallyn: I can grab one. What do you need?
<hallyn> rbasak: i'd like to see whether you can run kvm in precise or quantal :)
<hallyn> (either one)
<hallyn> sudo apt-get install qemu-kvm, kvm -vnc :1 -monitor stdio, just check whether it dies a horrible syscall death, or gives you a monitor
<rbasak> hallyn: OK, I'll fire up a machine on precise
<hallyn> rbasak: thanks!
<hallyn> rbasak: all i know is it fails horribly under a armel-on-amd64 container, but that's to be expected :)
<capt-rogers>  I would like to SFTP upload files to /var/www and have them upload asowner=www.data group=www.data.   I made an SFTP account and can upload files, but they upload as "upload".
<capt-rogers>  I would like to SFTP upload files to /var/www and have them upload as owner=www.data group=www.data.   I made an SFTP account and can upload files, but they upload as "upload".
<Cortez> why do netstat and nmap always show diffirent ports open?
<rbasak> hallyn: http://paste.ubuntu.com/1586766/
<sarnold> Cortez: netstat shows what the machine knows -- all ports open on all IPs. nmap can only find what is visible on external interfaces, and firewalls between hosts can block or redirect as they see fit.
<RoyK> Cortez: what's the diff?
<Cortez> sarnold: thnx.
<Cortez> RoyK: netstat show connections to a bunch of strange IPs
<RoyK> Cortez: netstat -ln ?
<sarnold> Cortez: those are established connections -- nmap cannot discover those :)
<Cortez> i did a who is on one of the IPs and it said Novalogic, the classic game maker....on my new installed server...
<RoyK> Cortez: netstat -an (or similar) will also show active connections - you'll want -ln to show what's listening
<Cortez> how can i just close/deny everything...is that possible?
<RoyK> Cortez: netstat -ln --tcp # etc
<Cortez> RoyK: netstat -ln looks a bit better :)
<RoyK> Cortez: netstat -ln --inet
<Cortez> netstat -ln --tcp makes is look exactly as nmap :D
<RoyK> Cortez: netstat without arguments also show active connections, which will be a lot
<RoyK> (on an active server)
<Cortez> yes, it does, and thats whats freaking me out...hehe
<RoyK> -l == listen, -n == don't try to resolve
<RoyK> man netstat for more :P
<Cortez> --inet showed: 0.0.0.0:(5ports) 0.0.0.0:*
<Cortez> hehe
<Cortez> as you can notice im completly new into this stuff.
<Cortez> im trying to get the right ports open, but they dont seem to want to get open. And then netstat showed me a bunch of other ports open which is freaking annonying....hehe
<patdk-wk> well, netstat shows all open connections, by default, not open ports
<Cortez> ok, thnx
<jcastro> Daviey: heya ping
<hallyn> rbasak: interesting.  and what if you run kvm -disable-kvm -vnc :1 -monitor stdio?
<rbasak> hallyn: same problem (-no-kvm)
<hallyn> rbasak: interesting.  i'm actually guessing it'll do better under quantal, but that's enough info - thanks!
<rbasak> hallyn: I can try quantal easily enough. One command and twenty minutes :)
<hallyn> rbasak: cool, let's try
<sarnold> rbasak,hallyn, I can test quantal way faster..
<Cortez> guys, one last question :D   if i disable ufw it will allow all ports? Im trying to connect to a service and what ever i do they cant reach each other
<hallyn> sarnold: on arm?
<sarnold> hallyn: yes
<RoyK> hm... lsof shows port 40126/tcp open, but fuser can't find it - any idea?
<hallyn> sarnold: please do :)  just wondering whether kvm on arm (which was qemu-system-x86_64) every worked
<sarnold> hallyn: http://pastebin.ubuntu.com/1586820/
<RoyK> sarnold: what arm platform?
<Cortez> becouse even when i disable ufw they can still not communicate... so I can assume the block is some where not on my server?
<sarnold> RoyK: pandaboard
<hallyn> sarnold: so kvm worked!
<hallyn> sarnold: thanks
<RoyK> sarnold: iirc that uses a cortex9, which doesn't support virtualisation in the cpu
<sarnold> hallyn: yw :)
<RoyK> sarnold: so you'll have to do it in the os, which is no fun
<sarnold> RoyK: heh, yeah, I was surprised hallyn had asked :) it didn't seem like it'd be fun on a panda. cute and small and low power, yes, but fast enough for virtualizing? dunno.. :)
<RoyK> sarnold: I tried briefly on my panda, but it wasn't too good
<RoyK> better wait for the next generation with a15
<sarnold> RoyK: haha :)
<RoyK> new phones come with a15, which is fun, if we can get kvm into cyanogenmod ;)
<zul> hallyn/smb: i get a kernel oops when trying to mount a nbd http://pastebin.ubuntu.com/1586843/
<rbasak> hallyn: I get the same as sarnold. No errors on quantal.
<hallyn> zul: cool, looking
<hallyn> zul: you didn't mention the nbd file is on btrfs
<zul> hallyn: its ext4
<hallyn> oh weird line formatting on my screen, thought i saw btrfs in the stack.
<hallyn> zul: was that as soon as you did qemu-nbd -c /dev/nbd0 $file ?
<zul> trying to reproduce it without openstack
<hallyn> Jan 29 13:43:13 homer kernel: [ 1577.224050] lost page write due to I/O error on nbd3
<marshall> hey ubuntu-server
<marshall> how do I know if port 443 is open to my remote server? I've tried telnet-ing and it gives me connection refused, but might that be because there are no processes listening on that port?
<Akendo> Hi marshall
<Akendo> are you running SSL on this port?
<marshall> I'd like to use HTTPS on this port, but I don't believe I am, yet
<Akendo> A connection refuse indicates that there is no opend port
<Akendo> When you're connected on the Server, check with netstat -tplan |"\:443"
<sarnold> .. missing a 'grep' :)
<Akendo> Thanks :D
<marshall> when i telnet a random port, it just hangs forever
<Akendo> I want to tab so hard here ~.~
<sarnold> marshall: that's a firewall that's been configured to DROP packets rather than REJECT packets. it's a bit rude but quite common.
<marshall> mmhmm
<adam_g> zul: Daviey this look okay to go into folsom-staging? http://people.canonical.com/~agandelman/folsom/libvirt-0.9.13-0ubuntu12.2~cloud0/
<marshall> yeah, pretty sure amazon does the same thing with it's ec2
<marshall> just drops packets on unopened ports
<marshall> so do you think the firewall might be set to reject packets on 443?
<sarnold> marshall: or, the firewall is configured to allow it, but there is no program listening on that port
<marshall> sarnold: ok
<kevinmthomas> hi everyone, I am running ubuntu-server and I installed cups
<kevinmthomas> and i cant seem to print
<kevinmthomas> i can telnet to the printer
<kevinmthomas> but i cant set it up on the server
<_Andrei_> hey
<kevinmthomas> hi
<_Andrei_> sorry kevinmthomas i'm quite new to server admin
<kevinmthomas> oh ok
<kevinmthomas> do you know how to make it so my network printer
<kevinmthomas> will print with ubuntu?
<kevinmthomas> hi nantou i wasasking andrei about getting my network printer working
<_Andrei_> if you're looking for good docs, have a look at the ArchLinux wiki (i know, i'ts not ubuntu)
<kevinmthomas> well
<_Andrei_> but all linux distros are using the same services
<kevinmthomas> oh
<_Andrei_> your ubuntu server is for personal use, or a hosting server ?
<kevinmthomas> so you cant walk me through how to do it here
<kevinmthomas> well its hosting server
<_Andrei_> ok
<kevinmthomas> so i installed cups
<_Andrei_> and what you whant to print
<kevinmthomas> for example
<kevinmthomas> when i type lp ttxt.txt
<kevinmthomas> id like it to print to the printer
<kevinmthomas> from a command line
<kevinmthomas> my network printer is at 192.168.1.50
<kevinmthomas> i have been trying for hours
<kevinmthomas> no luck
<usr13> kevinmthomas: Point your browser to localhost:631
<usr13> kevinmthomas: Set as server default
<kevinmthomas> ok
<kevinmthomas> how do i do that exactly
<kevinmthomas> i have another shell open
<sarnold> kevinmthomas: perhaps this will help? https://help.ubuntu.com/community/NetworkPrintingWithUbuntu
<usr13> lynx
<kevinmthomas> that help.ubuntu doesnt work for server
<nantou> kevinmthomas, i cannot help you, im too much wrapped into other things
<kevinmthomas> its graphical for the desktp version
<nantou> sporry
<kevinmthomas> usr13 - how do i set as server default
<kevinmthomas> its ok nantou
<usr13> under Administration
<kevinmthomas> ok in the cupsd.conf?
<kevinmthomas> i dont see an administration i see a #only listen for connections from teh local machine
<kevinmthomas> Listen localhost:631
<usr13> http://paste.ubuntu.com/1587253/  #Example
<kevinmthomas> ok
<kevinmthomas> should i copy that and past that to my cups directory?
<kevinmthomas> ok i did the cups restart
<kevinmthomas> with the new file
<kevinmthomas> how do i test?
<usr13> lpq
<kevinmthomas> lpstat -p shows no destinations added
<kevinmthomas> lpq - no default destination available
<kevinmthomas> both give errors
<kevinmthomas> when i go into the web i can go into the printer
<kevinmthomas> http://192.168.1.50
<kevinmthomas> loads it
<kevinmthomas> however when i go to http://192.168.1.122:631 pages doesnt connect
<kevinmthomas> .122 is the ubuntu server
<kevinmthomas> .50 is the printer
<kevinmthomas> however when i telnet to 192.168.1.50
<kevinmthomas> i get a menu to edit the printer
<kevinmthomas> shows hostname
<kevinmthomas> DHCP is disabed
<usr13> kevinmthomas: Like I said before, you can just go to localhost:631 with a browser, (lynx will do).  Go to Printers --> MyPrinter --> Administration (below Maintenance) [Enter] down to "Set As Server Default" [Enter]   done.
<kevinmthomas> ok one min
<kevinmthomas> ok i am in teh site
<kevinmthomas> i clicked on printers
<kevinmthomas> and it says search in printers
<kevinmthomas> no printers
<sarnold> man this used to be easier when you could just add one line to an /etc/printcap file :(
<kevinmthomas> im in the localhost:631
<kevinmthomas> but it cant find any printers
<kevinmthomas> there is no MyPrinter
<kevinmthomas> i also tried to add printer but it denies me acccess
<kevinmthomas> and im logged in as root
<kevinmthomas> oh wait!
<kevinmthomas> i was able to get to add printers
<kevinmthomas> my dell is checked with an asteris
<kevinmthomas> it wsa found under discovered network printers
<kevinmthomas> hmmm
<kevinmthomas> there are other options
<kevinmthomas> but it has an asteris under discovered network printers
<kevinmthomas> ok!!
<kevinmthomas> when i type lpstat -p
<kevinmthomas> it shows printer
<kevinmthomas> but when i type lp -d test.txt
<kevinmthomas> it says printer or class does not exist
<kevinmthomas> it worked!!!!!
<kevinmthomas> i was able to get it working
<kevinmthomas> thank you!!!!!
<kevinmthomas> have a great day
<kevinmthomas> ty
<Chriys> Hi guys. My ISP is blocking the port 25 do you know if there is a way to verify if the port 465 is open and then how to config postfix to send email throught that port
<TheLordOfTime> Chriys, are you on a residential ISP?
<Chriys> yes
<TheLordOfTime> they'll probably block 465 too
<TheLordOfTime> and most mail-sending ports, unless you use a horridly oddball one
<Chriys> -_-' crap
<qman__> and you'll be on mail blacklists by default, since you're on a residential DHCP range
<qman__> you need to relay through a real mail host
<Chriys> what about if i have my own domain let say example.com
<qman__> whether that's setting up a gmail account for that purpose, or renting a VPS is up to you
<TheLordOfTime> yup
<TheLordOfTime> Chriys, irrelevant
<TheLordOfTime> Chriys, the DNSBLs check the IP
<qman__> or getting a business internet with a static IP, or a dedicated server, or a shared web host, or any of the many other ways to get online
<TheLordOfTime> not the hostname
<TheLordOfTime> if you get business class with static IP it'll probably work
<TheLordOfTime> otherwise use an SMTP relay somewhere else through a real mail host
<TheLordOfTime> something that can actually rpocess your email (like google via a google apps account)
<Chriys> yeah your are right.
<TheLordOfTime> i use google apps for my domains' stuff
<TheLordOfTime> one google apps account, multiple domains.
<TheLordOfTime> </epicstatus>
<TheLordOfTime> but i digress - that's because I CBA to go configure a mailserver
<Chriys> ok but do you know a ways to send from the my online store located on my server ?
<qman__> I run my own but the spam is terrible
<TheLordOfTime> Chriys, use a backend for your store that can use SMTP?
<TheLordOfTime> and by backend i should probably say site/store framework'
<TheLordOfTime> rather than backend
<qman__> you can tell your server to relay the mail through a real mail host
<qman__> you can provide mail for your LAN that way, too
<qman__> but you need a mail host
<TheLordOfTime> indeed
<Chriys> oohh this one can be great. Do you have a link on how to do that ?
<qman__> before I had a job, I set it up using a gmail account
<qman__> the downside to that is it all comes from that gmail account
<Chriys> ok i see but do you have a step by step tutorial on how to relay my messages to my gmail account when somebody send email to info@mydomain.com and also how to tell to my apps on my server to use my gmail account instead
<Chriys> thanks again for your help guys
<qman__> you can set up your server to send messages using a gmail account, but not to retrieve them, they get delivered into the gmail account
<qman__> you can then retrieve them with any pop or imap client
<qman__> or just use the gmail interface
<qman__> and that does not apply to using your own domain
<qman__> when you set up the gmail account, that's where the mail is sent from, so you@gmail.com
<qman__> if you want to send mail from your actual domain you need to pay for a server or service
<tonyyarusso> Chriys: I'm heading home now, but if you remind me later I can give you some configs to start from.
<qman__> there are hundreds of options, so I can't really tell you what's best for you
<tonyyarusso> I have a server that sends mail through my gmail account.
<tonyyarusso> As for *incoming* mail to info@mydomain.com, that's a bit trickier - first check whether your domain registrar offers a free mail alias option.
#ubuntu-server 2013-01-30
<Chriys> Ok thanks for your help guys
<Chriys> tonyyarusso i will be back in 10min and i will mp you to get that
<adam_g> zul: Daviey jamespage http://people.canonical.com/~agandelman/folsom/glance/ + http://people.canonical.com/~agandelman/nova/ . need a +1 so we can get to staging and fast tracked out to -updates. both security updates
<jdstrand> adam_g: do those correspond to: http://www.ubuntu.com/usn/usn-1710-1/ and http://www.ubuntu.com/usn/usn-1709-1/ ?
<jdstrand> adam_g: well, I'm eod, but I did updates for those already
<adam_g> jdstrand: yes this are precise rebuilds of your updates for the ubuntu cloud archive
<Chriys> tonyarusso you still there ?
<Chriys> tonyyarusso you still there ?
<TheLordOfTime> he shows up as away
<Chriys> ok because he said that he got some config about the postfix
<TheLordOfTime> doesn't mean he's here though :p
<Chriys> TheLordOfTime can you help me with.
<Chriys> you seem to be very good with postfix
<zul> adam_g: looks good
<sarnold> Chriys: irc tends to work best if you ask specific questions rather than asking people if they will help you :)
<sarnold> .. afterall, there are ~360 others here, someone's liable ot be awake..
<Chriys> ok thanks sarnold. basically i want to tell to my server to user my gmail account to send email. on web application hosted on my server
<Chriys> and i also want gmail to receive email from info@ahidjodesign.com
<sarnold> Chriys: you may wish to look at 'msmtp', I use it to have a /usr/bin/sendmail program that sends From my address
<sarnold> Chriys: setting up receiving is slightly differen,t you'll need to look into google services for domains or something..
<Chriys> it will gona work if i use mail() on a php page on my server.
<sarnold> Chriys: it should, if the mail() routine uses /usr/sbin/sendmail. if it connects to smtp servers itself, no. (I seem to recall that both behaviors are available with various php modules..)
<Chriys> ok. so i use what will be the sender address in the email
<sarnold> your gmail address
<Chriys> and about redirecting info@mydomain.com to gmail.com
<sarnold> Chriys: http://www.google.com/enterprise/apps/business/pricing.html
<Chriys> i think it will be better to have my own fix ip address
<Chriys> thanks again for your help
<sarnold> Chriys: another option is to pick another smtp host, e.g. sendgrid
<Chriys> ok. sarnold do you think that if i use different port like 1234 it work ?
<sarnold> Chriys: probably; or you could set up a vpn between your host and your smtp host..
<Chriys> sarnold what do you mean ?
<sarnold> Chriys: from what I vaguely recall of your problem, you've got a web host and you've got an smtp host, and your web host can't contact your smtp host, right?
<Chriys> because the most important for me is to being able to send email from my domain with web app on my server
<Chriys> sarnold if i send an email to info@mydomain.com it doesn't work. and if i send an email from my server it still doesn't work except if i send it to another user on my server.
<Chriys> i tried to use mail() on phpscript same issue. and i cant connect to the server using a mail client. but all of my website hosted on the server work
<Chriys> i tried telnet gmail 465 and telnet gmail.com 25 it says unable to connect to remote host: Network is unreacable
<zul> hallyn: yeah i need to understand whats going on first
<jdstrand> adam_g: ah, I thought you were wanting to provide those updates for the archive :)
<dragoonis> Can someone help me? "sudo apt-get update" -- every line returns 404
<dragoonis> Err http://archive.ubuntu.com maverick-updates/universe amd64 Packages  404  Not Found [IP: 91.189.92.200 80]
<dragoonis> or
<dragoonis> W: Failed to fetch http://security.ubuntu.com/ubuntu/dists/maverick-security/restricted/source/Sources.gz  404  Not Found [IP: 91.189.92.200 80]
<patdk-lap> well, what did you expect?
<patdk-lap> something besides 404?
<patdk-lap> support for maverick ended a long time ago
<dragoonis> patdk-lap: i see
<dragoonis> are you saying my distro version is no longer supported? :)
<patdk-lap> I'm saying your using something that is only supported for 18months
<patdk-lap> and it came out in 10.10
<patdk-lap> well, october 2010
<patdk-lap> switch to using the old repo's archive
<sarnold> dragoonis: probably best to run a do-release-upgrade to upgrade to a supported distribution
<dragoonis> sarnold: thanks for the suggestion. this is a production box so I can't do anything drastic right now
<dragoonis> is there a workaround to let me run apt-get update against my distro version ?
<bradm> dragoonis: use old-releases.ubuntu.com
<bradm> dragoonis: but, really, you need to upgrade to a LTS - maverick isn't supported anymore
<dragoonis> bradm: i understand i actually just need to use apt-get to install "tcl8.5" package
<bradm> dragoonis: right
<dragoonis> it's stopping my redis-server's "make test" from being successful
<bradm> dragoonis: well, its been answered twice now
<dragoonis> ok thanks.
<dragoonis> bradm: did you mean to update my apt-get sources.list file with "old-releases.ubuntu.com"
<bradm> you'll have to remove the security deb lines too
<bradm> dragoonis: yes
<dragoonis> bradm: it seems to be doing something :)
<dragoonis> yay \o/
<bradm> excellent
<dragoonis> 'make test' on redis passed.
<Chriys> sarnold i'm going to reinstall postfix what config do i need to send email throught my isp smtp server
<dragoonis> I have a binary at "/home/paul/redis-stable/src/redis-cli"
<dragoonis> i'd like this to just execute by running 'redis-cli'
<dragoonis> i tried the 'alias' command, but when i run my shell script it says 'command not found'
<SpamapS> dragoonis: mkdir /home/paul/bin ; ln -s /home/paul/redis-stable/src/redis-cli /home/paul/bin/redis-cli
<Chriys> i'm going to reinstall postfix what config do i need to send email throught my isp smtp server
<SpamapS> dragoonis: when you have a ~/bin , it will be added to the path (you have to logout and back in, or re-source your bashrc)
<SpamapS> Chriys: postfix will ask you for those settings on installation
<SpamapS> Chriys: or just 'dpkg-reconfigure postfix'
<Chriys> oh good thanks :p
<dragoonis> SpamapS: i didn't know ~/bin was magic
<dragoonis> SpamapS: apache is going to execute this shell script so that might be problematic
<azbyin> hi all..
<SpamapS> dragoonis: indeed it will be problematic
<SpamapS> dragoonis: why don't you install it in a system location like /usr/local/bin ?
<azbyin> do you guys know how i can identify the processes that are eating up my memory?
<patdk-lap> ps axl
<patdk-lap> smem?
<dragoonis> SpamapS: that sounds better
<dragoonis> usr/local/bin/redis-cli ?
<azbyin> i allocated 1GB to a virtual machine and installed spamd+postfix+courier+mysql and have gitlab running
<patdk-lap> well, spamd is going eat 100-500megs
<SpamapS> I use 'ps auxw O r' to see the biggest process at the bottom
<azbyin> so it ended up eating almost all of that 1GB. So I thought this is not very good and decided to allocate an additional 1GB
<patdk-lap> smem is nicer cause it takes shared ram into account
<patdk-lap> azbyin, how do you define, EATING RAM?
<azbyin> everything was peachy for a while, now everything has been eaten up again.. 17BM free memory
<patdk-lap> ah, so you have no idea
<azbyin>              total       used       free     shared    buffers     cached
<azbyin> Mem:       2041028    2022876      18152          0      58896    1010272
<patdk-lap> and the next line?
<azbyin> -/+ buffers/cache:     953708    1087320
<patdk-lap> 1087MB free
<patdk-lap> nice
<patdk-lap> how did you figure 17MB?
<azbyin> first line.. col 3 (free)
<patdk-lap> ya, that is how much WASTED RAM you have
<patdk-lap> it is only use for interrupt processing and stuff in the kernel
<patdk-lap> that is not how much FREE PROGRAM ram you have
<patdk-lap> please read the free program manual next time
<azbyin> SpamapS, ps auxw O r   shows gitlab    3180  0.1  6.3 2959144 129304 ?  ... right at the bottom
<azbyin> is this VSZ being reported in KB ?
<patdk-lap> vsz is how much the program asked for, not how much it's using
<dragoonis> SpamapS: that helped a lot :)
<dragoonis> good night
<patdk-lap> it's actually only using 129MB
<azbyin> but it actually asked for 2GB ?
<patdk-lap> 3GB
<patdk-lap> that is normal
<patdk-lap> lots of programs do that
<azbyin> ok
<patdk-lap> happens a lot with memmap files
<red82> I am trying to optimize the performance of a magento installation on an ubuntu server.  can anyone suggest a good link for me to read?
<red82> there's tons of stuff online, but I don't knwo whats good advice and what isn't
<qman__> red82, the important question to ask is, why?
<qman__> are you experiencing slowness? are you hitting a hardware bottleneck, or is the software not utilizing your hardware to keep up with requests?
<red82> oh, I see
<red82> I am hosting with a vert. on media temple, and was running out of memory with just a couple of test users.  this seemed bad
<qman__> if you used built in packages, it's already set up for the way most people will use it
<qman__> ok
<red82> http://mediatemple.net/webhosting/ve/pricing.php <- the lowest priced one there.  seems to me that 1GB should be fine
<red82> I upgraded to the 2GB one, and that helped my memory problems (at various points I couldn't even ssh into the box because it couldn't get mem )
<Corey> red82: There are magento specific hosting places.
<Corey> They earn their money. :-)
<qman__> red82, while I'm not experienced with magento, from what I'm reading, it's a resource heavy application, and that doesn't surprise me
<Corey> red82: It's worth mentioning that Mediatemple runs Virtuozzo, which is a chroot on steroids; it tends not to play well with Magento.
<red82> Corey: thats very interesting
<red82> do you have a recommended host for future reference ?
<red82> qman__: it does seem heavy and slow, but you'd think it could handle one user.
<qman__> red82, from one article, it's recommended that in order to run magento, PHP's maximum memory per-process should be adjusted to 512MB
<qman__> common defaults are 8MB or 16MB
<qman__> just to give you an idea
<red82> thats astounding
<qman__> not that it will use that much on every process, but because of that, it doesn't surprise me that 1GB was not enough for more than a couple users
<red82> that seems crazy high
<qman__> there's probably a big initial investment, with better scaling
<qman__> as in, 4GB would serve a lot more than 4 users, probably more like 50
<qman__> that's just a guess though
<adam_g> hi, is there an alternative to 'ctrl-middle click'  to select the 'Operate Controller now' option on a fader or button, to select midi control?
<linocisco>  I want network monitoring tool like PRTG but should be free of charge and full version
<greppy> linocisco: you are certainly welcome to build one.
<yolanda> hi, i'm receiving that error trying to boot a nova instance: ProcessExecutionError_Remote
<yolanda> any idea?
<linocisco> greppy, what do you mean to build one?
<RoyK> linocisco: have you tried munin?
<RoyK> there are several monitoring tools around, and some are highly configurable, or you can script up something yourself with rrdtool or similar
<linocisco> RoyK, not yet
<linocisco> RoyK, is it good?
<RoyK> linocisco: http://munin.karlsbakk.net/munin/
<greppy> linocisco: I mean that someone built/wrote PRTG, you are welcome to build/write your own.
<JonEdney> I created a user on Ubuntu Server 12.10, and added that user to the sudoers file as username ALL=(ALL) NOPASSWD: ALL
<JonEdney> I'm still prompted for a password when I sudo with the username, in addition to I can't run apt-get upgrade, as it says I dont have permission.
<RoyK> JonEdney: perhaps that user is part of a group with sudo access, parsed before the line you added
<linocisco> greppy, if I knew programming, I would not ask here and started writing code
<JonEdney> RoyK, thanks for the tip, still learning the ropes.
<RoyK> linocisco: did you check out munin?
<linocisco> RoyK, still checking
<freakynl> hi, i'm trying to install ubuntu 12.10 server on a pre-existing hardware
<freakynl> it has several md raid sets, 12 disks in total, I only want to recreate the OS partitions on the first 2 disks
<freakynl> I can see it on the cli, but since that has no fdisk/cfdisk/gdisk/parted I can't do much there either
<freakynl> <insert above last line> The problem is, it doesn't show sda in the partition toolie
<freakynl> any ideas?
<xnox> advanced partitioning -> activate raid volumes should tell you which md devices you have made up of which disks
<xnox> as well as to [dis]assemble them.
<freakynl> hmm can I see what /dev/sda is?
<freakynl> booted ubuntu from cd mounted through impi (like drac/ilo), there's no less on the console :(
<freakynl> nvm it has more there's a virtual disk presented by the ipmi, besides a cdrom, dunno why it does that
<freakynl> can the installer use/recognize gpt? It says sdc has no partitions, but it has 4 - all 4 part of md sets which it did start (well kernel auto detect probably did (.9 superblock))
<RoyK> freakynl: unplug all non-root drives :P
<RoyK> freakynl: that's pretty safe
<freakynl> sdc is a root drive
<freakynl> and it has partitions ... the partitioning tool however says it wants to create a new one (now I only care about the last partition not dying :))
<RoyK> freakynl: with 12.04 (which I would *really* recommend for servers, since it's the latest LTS), the installer screen turns up in b&w if gpt is detected
<freakynl> oddly enough it seems to recognize the partitions made by windows on one of the raid sets just fine (which are gpt (8TB vol))
<RoyK> freakynl: if you want that thing stable over time, use lts
<RoyK> if it's a toy, well, do as you please ;)
<freakynl> RoyK: It'll only do iSCSI and LIO with 3.5 is much much MUCH better than 3.2 with iet ever will be :)
<RoyK> ah
<RoyK> ic
<freakynl> can I partition myself on the cli, mount them somewhere and continue with the installer?
<RoyK> you can partition manually from the installer
<freakynl> the installer doesn't recognize the current partitions on sdc
<RoyK> can you nuke it?
<freakynl> no the last partition needs to be safe only want to repartition cuz ubuntu hogs /boot like crazy and doesn't clean it up
<RoyK> oh, why? don't you have a raid for your data?
<freakynl> my gentoo install has a 50M /boot with 12 kernels on it, and free space, this install has a 66M /boot partition with 2 kernels and craps out on regenerating initramfs every time
<freakynl> RoyK: Yea I do, since they're 2 TB disks however and the OS is quite small the majority of the disk is still exported through iscsi
<freakynl> in ubuntu's defense btw - I don't use initramfs on gentoo so that saves quite a bit
<freakynl> I just want to make /boot and / 1 partition now and save me the hassle of having to clean up /boot all the time :)
 * RoyK usually uses a 1GB /boot
<freakynl> I'll see if I can create the partitions / raid with parted magic and see if the installer picks those up - it sees the existing raid sets just fine (which is funny since several of them use partitions from sdc which it doesn't see but are part of the raid)
<freakynl> it's a replacement disk too - probably just used sfdisk -d /dev/sda | sfdisk /dev/sdb
<xnox> freakynl: have you read ubuntu server - advanced installation - raid setup documentation?
<xnox> https://help.ubuntu.com/12.04/serverguide/advanced-installation.html#software-raid
<freakynl> Nope, don't quite see how that'll make the installer recognize the partitions either :)
<freakynl> whilst on the subject of raid, would you recommend swap on raid 1 or just add 2 swap partitions?
<freakynl> The latter is often advised, but they don't seem to take into consideration if 1 disk dies, so does 1 swap part (and thus potentially you loose a piece of memory and that's pretty bad)
<freakynl> then again, usually it doesn't use swap :D
<xiaoy> Which is the ubuntu equivalent for  perl-Net-SSLeay.i686 perl-IO-Socket-SSL pkgs?
<xiaoy> Which is the ubuntu equivalent for  perl-Net-SSLeay.i686 perl-IO-Socket-SSL pkgs?
<xiaoy> those should be perl SSL auth modules... i guess it's possible to use cpan, but i don't know which modules to install
<jamespage> xiaoy, libnet-ssleay-perl and libio-socket-ssl-perl
<freakynl> xnox: gparted complains on the disk too - kernel sees the partitions fine, fdisk lists them (but claims there's gpt on it - normally it doesn't list anything then)
<jamespage> xiaoy: you can probably see a pattern :-)
<freakynl> gparted says a fake msdos partition doesn't exist, but there's no backup gpt header either
<freakynl> now the big q will be, is that gpt partition it thinks it sees data from one of the raid sets? :D
<xiaoy> jamespage, tahnk you. I'm tring to use my gmail account with sendEmail... but gives me some errors
<jamespage> xiaoy, np
<xiaoy> auth with gmail smtp srv it's a bit tricky :)
<zul> jamespage/yolanda: https://code.launchpad.net/~zulcss/cinder/cinder-failed-tests/+merge/145614
<zul> adam_g: +1
<yolanda> let me take a look
<Linuks83> good morning all. i've got a rosewill SATA card with a Silicon Image chip model of Sil3114CTU. the 64bit server installer sees it and all the drives on it, but the 32 bit installer does not. any ideas?
<Linuks83> the system is a 32 bit machine, otherwise i'd just roll with 64.
<patdk-wk> Linuks83, why bother with 32bit installs?
<dragonious> good morning everyone
<dragonious> I have a few questions if anyone has time
<Linuks83> patdk-wk, the machine i have on hand is a 32 bit machine. further, why would the 64 bit install detect the card and not the 32 bit install of the same release??
<patdk-wk> well, the driver might not be pae compatable, and since the non-pae kernel was dropped
<patdk-wk> only thing I can think of
<dragonious> I have Ubuntu server 12.04 /w kubuntu desktop installed onit, what I want to know is how to create a user and give him only access to 3 folders on the server , his home folder nad 2 folders in www?
<dragonious> I have sufed the firums but I can only find help on giving user full control of server and that wont work in this case
<Linuks83> patdk-wk, when was the non-pae kernel dropped, becuase it doesnt get detected with either of the 12.04.1 disks either
<patdk-wk> 11.10 I believe, maybe 11.04
<Linuks83> patdk-wk, ok. going out on a limb here...  do you know if it is still supported by Debian proper?
<patdk-wk> actually, I don't think that should make a difference
<patdk-wk> the sill3114 should be using the normal AHCI driver
<patdk-wk> not a special driver, and that is supported fine
<Linuks83> so is there a boot string i can add to the 32 bit installer to get it detected?
<patdk-wk> it's already added if 64bit sees it
<Linuks83> i checked the ubuntuforums, but dont see anything on this particular issue.
<Linuks83> the boot string should be the same between the 32 and 64 right?
<dragonious> can anyone assist me with giving user only access to specified folders on the server ?
<freakynl> dragonious: the specified folders being?
<patdk-wk> lunuks, it's suppost to use the sata_sil module
<dragonious> frakyni: his Home, and 2 folders in www
<dragonious> freakyni: sorry his home and 2 folders in www
<dragonious> I can not type today im sorry
<freakynl> dragonious: hmm that's scattered over the file system... I don't use ubuntu much, but you might want to look into mounting (-o bind) the folders on his home folder and chroot'ing it
<freakynl> dragonious: fr<tab> if you have a descent client :)
<dragonious> freakynl: Im very new to ubuntu still getting used to the commands
<Linuks83> patdk-wk, is there a way i can specify to load that at boot to be sure?
<patdk-wk> modprobe
<freakynl> dragonious: I'm not used to the ubuntu 'way' of things. Root jail is probably the easiest (chroot) in combination with mount -o bind
<dragonious> freakynl: do you know of any walkthroughs available for this procedure
<dragonious> freakynl: thanks for the tab tip ;0
<freakynl> mount -o bind being for the www folders. Don't know what your permissions are though, you might need extended acl's (beyond user/group/other)
<freakynl> dragonious: https://help.ubuntu.com/community/BasicChroot
<dragonious> freakynl:  ty very much
<freakynl> np
<dragonious> freakynl: im going to check that out on my pc thanks again, I may be back ;)
<zul> jamespage/yolanda: one more https://code.launchpad.net/~zulcss/nova/nova-fixes/+merge/145624
<yolanda> zul, i'll take a look
<freakynl> I get a blank screen after grub, editing (e) in grub and adding nomodeset doesn't help
<Linuks83> patdk-wk, how do you pass modprobe to text mode the installer?
<freakynl> it doesn't have the splash nor quiet options, any ideas?
<patdk-wk> run it in the shell
<Linuks83> i understand running it from the shell 'modprobe sata_sil' but how do i get shell during the actual installation. i'm trying to use a drive which is on that controller to install to.
<Linuks83> patdk-wk, i understand running it from the shell 'modprobe sata_sil' but how do i get shell during the actual installation. i'm trying to use a drive which is on that controller to install to.
<patdk-wk> select shell from the install menu
<Linuks83> patdk-wk, oh! ok, so when i use the 'go back' option and am presented with the menu, it will be there? gotcha.
<patdk-wk> ya
<Linuks83> patdk-wk, thanks!! i will try that!
<freakynl> Hmm oddly enough ubuntu desktop boots just fine (also 12.10) from live cd (parted magic cd's have same issues - nomodeset doesn't help there either)
<zul> hallyn: pinger
<hallyn> zul: hey
<hallyn> sorry had rackspace host issues last night, got disconnected :)
<zul> hallyn: just getting libvirt 1.0.2 ready...still need to look at the qemu stuff fyi
<hallyn> (didn't feel like xferring to local)
<hallyn> which qemu stuff?
<zul> the qemu-nbd stuff i am having problems with
<hallyn> oh right
<hallyn> (thought you menat something related to libvirt version)
<zul> hallyn: nope :)
<hallyn> zul: cool.  do note i pushed a libvirt to raring yesterday, trivial but please don't lose that debdiff :)
<hallyn> zul: shall i try to reproduce the nbd bug?
<hallyn> i've got to change locales, but will try when i'm settled
<zul> hallyn: not yet i think openstack might something stupid so ill let you know when i get stuck
<hallyn> ok
<hallyn> i've gotta follow up on some tests about /dev/kvm+udev
<hallyn> but, if you want me to run a qa-regression-test today lemme know.  (i'll be out tomorrow)
<hallyn> biab
<zul> hallyn:  ack
<Demosthenex> so i'm relocating my root filesystem to a new drive. I've already got the copy in place, but each time i reboot it goes to the old one. I've manually updated /etc/fstab and /boot/grub/grub.cfg, and the grub menu at boot uses root=new so... where am i missing the reference to the old?
<freakynl> Just installed ubuntu 12.10 server. The installer is fine, 12.10 desktop live (running from cd is fine), the just installed 12.10 server however goes black after grub
<freakynl> adding nomodeset in grub doesn't make a difference, it's a matrox vga card. Any ideas?
<freakynl> hmm it's initramfs
<jamespage> adam_g, nova and glance copied to proposed for the folsom CA
<jamespage> adam_g, do you want todo a test run prior to -updates?
<dragonious>  ok guys I was in here earlier and I think I was asking the wrong questions
<dragonious> I want to host websites from my ubuntu server but I want to make sure that as I add users that they can not get into root or modify other usres data. How would I go about doing that is there an app or software that would do this ? I also have Kubuntu desktop installed . thank you in advance for any assistance
<qhartman> dragonious, there are a lot of different ways to do this
<dragonious> qhartman: Im looking for the eisiest way to do this as I am very new to linux/ubuntu
<dragonious> qhartman: although im not afraid to learn ;)
<qhartman> dragonious, one of the simplest ways is to set the user's home directory to be the webroot of their site, and then make it so that all the user's home directories are set so only the user has access
<qhartman> dragonious, something like mode 0700 on them would do the trick
<dragonious> qhartman: could you explain further pls
<qhartman> dragonious, what web server are you using?
<dragonious> qhartman: ubuntu server 12.04 ls
<dragonious> qhartman: I have Kubuntu desktop installed as well
<qhartman> dragonious, That's the distro on the server itself, but what web server program? Apache2? nginx?
<dragonious> qhartman: sorry it is a Lamp environment
<qhartman> dragonious, ok, then you are using apache2
<qhartman> That's the "a" in lamp
<dragonious> qhartman: I will be using ssh to give users sftp access
<qhartman> good
<qhartman> I don't have time to give you more direct help right now, but googling around for "multi user apache web hosting config" and similar things will probably get you what you need.
<dragonious> qhartman: I think you may have helpped me more then you realize thank you ! :)
<qhartman> sure thing, I was hoping I could just point you down the right road
<qhartman> also, this will be useful: http://httpd.apache.org/docs/2.2/howto/public_html.html
<dragonious> qhartman: thanks again will look that stuff up. Might be back :)
<qhartman> You may end up not wanting to use that setup, but it's a good starting point, and it will be conceptually important to understand what's going on there for what you are doing.
<freakynl> qhartman: didn't read the whole thing, but 700 on your web directory will make apache unable to access it, unless you run mod_ruid2 or mpm-itk so the vhost runs as the user (or some really fancy reverse proxy thing with a shitload of of webservers on different ports (at least 1 for every vhost)
<qhartman> freakynl, true
 * qhartman didn't account for that
<Demosthenex> so i've got a system with encrypted lvm for root, and an unencrypted /boot. i've run update-grub2 and update-initramfs and now booting just hangs
<Demosthenex> wow, it appears my crypttab is not in the initramfs (i'm at busybox)
<Demosthenex> wtf.
<paco1> hello masters!
<paco1> i have a warning message in my log > snmpd: error on subcontainer 'ia_addr' insert (-1)
<paco1> what does it mean?
<paco1> thanks!
<chriys> paco1 give more info on your system
<paco1> ubuntu-server 12.04 | 3.2.0-35-generic | 8Go ram | it's the host for VM by kvm
<chriys> paco1: i'm not expert on KVM but this what i found on google hope it might http://www.novell.com/support/kb/doc.php?id=7005030   help http://sourceforge.net/p/net-snmp/bugs/1807/
<paco1> chriys: ok, thanks. The second one already i read. But the first one not yet.
<chriys> your are welcone :)
<chriys> welcome*
<chriys> how to verify opened port on my network and the one that my ISP blocked ?
<Demosthenex> so after running update-initramfs i am no longer prompted for password (cryptsetup), and manually setting up raid, crypto, then lvm, it stays hung when i exit busybox.
<sweettea> Hi guys, long time centos user here. Pondering migration to ubuntu server. Can anyone advise on 12.04 vs 12.10?
<sweettea> The primary use will be as a virtd host on amd abu dhabi procs
<mysteriousdarren> sweettea: i'm running 12.10, I also run 12.04 LTS on a server that needs that stability. What are you looking for?
<sweettea> mysteriousdarren: I really want to do live archive of running virtd guests
<sweettea> dont know if thats even possible
<sweettea> 12.10 is unstable? I was leaning towards using it
<Demosthenex> sweettea: i think he means the long term patchign support
<sweettea> ah
<mysteriousdarren> yes I mean that, thanks Demosthenex
<sweettea> I feel like I am picking blind, and would like to educate myself more :)
<mysteriousdarren> chriys: https://www.grc.com/x/ne.dll?bh0bkyd2
<sweettea> ive used ubuntu on my laptop for years but never really administered much on it
<mysteriousdarren> just install webmin or something similar and it will work well. Or without a gui works too
<chriys> mysteriousdarren: i didn't well understood
<Demosthenex> so the initramfs isn't even trying to decrypt. i've unpacked the initramfs cpio archive and crypttab isn't even copied onto it, though several of the crypt scripts are
<chriys> CTCP: mysteriousdarren: you lost me
<mysteriousdarren> chriys: were you not trying to test a port?
<chriys> i was try to
<chriys> mysteriousdarren: but i didn't understood the link you provided me, i just need little explanation
<dragonious> ok guys I could use a lil input here
<mysteriousdarren> oh shields up scans ports and does other things on checking for security
<mysteriousdarren> dragonious: with what? explain your problem please
<dragonious> I have added a user via kuser, I then set his home directory to his main sie folder inside /var/www/"hisfolder"
<chriys> ok thanks mysteriousdarren
<dragonious> but when I log in through sftp to see if he can get at any other folders it apears as if the whole server is open to him ?
<dragonious> the new user is only a member of his group which was created upon creating the user
<dragonious> I want to "lock" him into his own site folder so he can not get at any other folders
<sarnold> dragonious: if your directory permissions are world read and execute, he can traverse them.
<dragonious> but can he "break" my server by doing so ?
<sarnold> dragonious: if you want to further confine your user, you'll need to use a tool such as apparmor
<dragonious> sarnold: can you elaborate for me?
<sarnold> dragonious: depends; if you've granted more read access than you should have, he might read secrets that allow him to do more dangerous things. if you've granted write accesses more than you should have, he might be able to do things more directly...
<sarnold> the standard unix permissions are a bit difficult to have widely-different levels of trusted usrs on a machine...
<dragonious> sarnold: Im very new to this server , and ubuntu so bear with me please
<sarnold> dragonious: apparmor allows you to apply permissions on a per-program basis. you could either give this user a unique login shell and confine that shell, or you could use the full-blown apparmor PAM support: http://wiki.apparmor.net/index.php/Pam_apparmor_example
<dragonious> sarnold: I want the user to be able to work in just one folder, so say hes building a joomla site it works but he can get out side of the folder I assign him to , also I gave the user no shell abilities
<dragonious> sarnold: apparmor sounds like it will lock down the progams he will need for say Joomla! builds
<sarnold> dragonious: you can either allow those to execute unconfined (alright, if you trust this guy), confine them themselves (good if you don't trust the joomla programs to execute "sanely" in the face of adversity), or allow him to run them while still confined ("inherit" his permissions -- probably the best fit for what it sounds like you want)
<chriys> mysteriousdarren: the port 993 doesn't even appear in the test but the 143 is closed even if i opened it on my router
<chriys> and what does mean stealth in the result test from grc.com
<escott> http://serverfault.com/questions/18324/stealthed-vs-closed-port
<dragonious> sarnold: sorry I step away for a sec inherit sounds like what I want
<dragonious> sarnold: I know the guy ,and know him to be a tinkerer, he will get into it and break it lol :)
<sarnold> hehe
<jrib> dragonious: you can just use the chroot feature in sshd_config
<dragonious> sarnold: also as this is a "server" tower and not just a old bow runing a server os I may try to offer small scale hosting to some of my cutomers if I can figure out how to keep them out of things they dont need to see ;)
<dragonious> jrib: I printed out some info on chroot, but didnt fully understand it, not realy good with all the sytax as I am a newb to ubuntu server
<sarnold> dragonious: indeed :) one apparmor contributor has a few thousand customers, with their separation enforced by apparmor :)
<dragonious> sarnold: is apparmor used via a gui or through shell
<sarnold> dragonious: shell
<dragonious> sarnold: terminal may be the right word sorry my newbness is shining through
<jrib> dragonious: you just specify the directory with ChrootDirectory and you can restrict the line to affect only one user
<sarnold> dragonious: hehe :) there's not much point quibbling over the little bits like shell vs terminal in this case -- the tools aren't gui. :) (SUSE ships a GUI front-end to the tools, but I'm not confident (a) that it works :) (b) that it actually improves the tools. :( )
<dragonious> jrib: so if the directory is /var/www/dr I would use what string of text chroot it correctly?
<jrib> dragonious: something like: Match user USERNAME_HERE; ChrootDirectory /var/www/dr    (where USERNAME_HERE is replaced by the actual username and ';' denotes a newline)
<jrib> dragonious: you can add ForceCommand  internal-ftp too.
<dragonious> jrib:  ty I will try that and get back to you in a sec
<dragonious> jrib: im using sftp through ssh
<jrib> dragonious: yeah, it should read "internal-sftp"; this keyboard sucks
<escott> dragonious, sftp chroot is easy. see the minstrel.org isntructions
<escott> dragonious, http://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&ved=0CDUQFjAA&url=http%3A%2F%2Fwww.minstrel.org.uk%2Fpapers%2Fsftp%2F&ei=fH0JUeK-FuqDyAHyhYDADg&usg=AFQjCNHxH7TmMoSAcc0RUb5kb0PBfK9pVw&sig2=aOpCLO9NLKFjG-8SVu_wOQ&bvm=bv.41642243,d.aWc
<jrib> dragonious: there is one caveat though.  The chroot directory needs to be owned by root
<dragonious> escott: ty for that link I will look it over jrib ty for all your help as well, you to sarnold. It is appreciated. You may see back again in a bit lol
<Demosthenex> ok, just because i ended up frothing at the mouth, perhaps this irc channel has a history, here it is for posterity.
<Demosthenex> if you boot to repair your ENCRYPTED root, and you end up manually running cryptsetup, whatever crypt device name you specify to luksOpen MUST match the encrypted device name in /etc/crypttab, or else when update-initramfs runs it will omit crypto support because it couldn't isolate that the boot device requires it.
<dragonious> escott: I followed that walkthrough you linked and now I cannot connect through ssh at all :(
<dragonious> escott: I followed all the steps, all my settings apear correct to me, Im not sure what to do at this point
<hallyn> jdstrand: does http://paste.ubuntu.com/1590858/ as a qa-regression-testing/scripts/test-libvirt.py l ook at all familiar to you?
<hallyn> my guess would be virtinst needs to be linked against a new library...
<hallyn> was hoping you'd recognize it offhand :)
<jdstrand> hallyn: eek, no. I wonder if virstinst needs to be updated to work with the new libvirt? (wild guess)
<jdstrand> hallyn: it possible mdeslaur has seen something like this ^
<mdeslaur> nope, haven,t seen that before
<hallyn> jdstrand: mdeslaur: ok, thanks.  I"ll look deeper into it.
<mdeslaur> and I just ran test-libvirt yesterday
<hallyn> mdeslaur: this is happening with zul's proposed libvirt 1.0.2
<hallyn> which does move virGetLastError to a new source file
<mdeslaur> hrm, not sure what needs to be done without investigating
<hallyn> mdeslaur: yup, np, i'll look int oit
<dragonious> ok guys im back lol
<dragonious> I found my problem with Chroot and now am able to login to the server via sftp and have the user "locked" into the folder I want them in . Now I have a different problem, I need the user to be able to write and modify any files or folders within  his  Chrooted folder.
<dragonious> How are host companies able to do this ? does anyone know
<Linuks83> dragonious, ?? chmod -R #### /path ??
<Linuks83> peace
#ubuntu-server 2013-01-31
<zul> hallyn: i think im hitting that lxc oops bug again bug 861656
<uvirtbot> Launchpad bug 861656 in nova "Kernel oops when nbd device is removed before it is unmounted" [High,Confirmed] https://launchpad.net/bugs/861656
<hallyn> zul: this is with libvirt-lxc?
<zul> hallyn: yep
<hallyn> zul: that's one that i don't think is on any blueprint but i did at some poin twant want to revisit
<zul> hallyn: this is the cause of it
<zul> https://bugs.launchpad.net/nova/+bug/1091639 (why it is doing private containers)
<uvirtbot> Launchpad bug 1091639 in nova "LXC with LVM image backend: fail to delete instance" [Undecided,Fix released]
<dragonious> anyone on that can give me a hand. I have managed to chroot a user to a specified folder but he cant upload or make file changes or add directories/folders. I have also gone in and made changes for pam_umask but they aernt working.
<hallyn> zul: can't libvirt-lxc let you specify unmounted blockdev rootfs for container?
<zul> hallyn: i think im not sure
<hallyn> k
<zul> hallyn:  libvirt-lxc does support bind mounts so maybe we should look at that again
<dragonious> I followed a blog post I found at blog.swiftbyte.com/linux/allowing-sftp-access-while-chrooting-the-user-and-denying-shell-access
<dragonious> the only changes I made to his post was to add " -u 0002" after" subsystem sftp internal-sftp" in the sshd_config file
<dragonious> can anyone please help me figure this out I been at it all day and I can feel that im close lol
<dragonious> anyone on that can help me with this?
<dragonious> jrib: Im here
<jrib> dragonious: pastebin your sshd_config and ls -ld of the path for the chroot as well as all of its parent directories
<dragonious> jrib: ok one sec pls
<dragonious> jrib: here is the sshd_config http://pastebin.com/9ntC5wVE
<dragonious> jrib: unfortunatly im realy new to the terminal and I'm not positive how to run the ls -ld cammand do I need to sudo that ?
<jrib> dragonious: sudo shouldn't be required
<hallyn> zul: you know the linux bug doesn't make sense to me.  looking at the qemu-nbd source, it keeps an open fd on the file the whole time - so the rm of the backing file should do exactly nothing - inode sticks around.  weird.
<hallyn> yeah i'll need to revisit that one one day soon
<dragonious> jrib: so "ls -ld /var/www/dr/" ?
<jrib> dragonious: if that's the user's home directory, sure
<dragonious> dragonious@SNAPPERSERVER:~$ ls -ld
<dragonious> drwxr-xr-x 19 dragonious www-data 4096 Jan 30 19:22 .
<dragonious> dragonious@SNAPPERSERVER:~$ ls -ld /var/www/dr/
<dragonious> drwxr-xr-x 3 root root 4096 Jan 30 16:29 /var/www/dr/
<dragonious> dragonious@SNAPPERSERVER:~$
<dragonious> sorry to spam shoud have used the link
<jrib> dragonious: now the same with /var/www /var and /
<dragonious> http://pastebin.com/AWSjztv0
<jrib> dragonious: so what happens now when you try to use sftp?
<dragonious> jrib: when logging in via WinSCP I can view all the files in the home dir but can not add to or delet any files nor can I add folders
<dragonious> jrib: I havent tried from my personal login yet to see if it is affected
<jrib> dragonious: try on ubuntu with sftp
<jrib> dragonious: scp won't work if that's how winscp transfers file by default
<dragonious> jrib: the only ubuntu I have is the server itself
<jrib> dragonious: that will do :)
<dragonious> kk thats where I am ;)
<jrib> dragonious: alternatively, you can check winscp options but I'm not familiar with it
<jrib> dragonious: http://winscp.net/eng/docs/protocols apparently you can select at the login prompt which protocol to use
<dragonious> jrib: one sec pls
<dragonious> jrib: I will go check
<dragonious> jrib: it is currently set for sftp
<jrib> dragonious: I'd still suggest checking with sftp on ubuntu to make sure winscp isn't behaving strangely
<dragonious> jrib: ok will do looking for the sftp client now, my server here has Kubuntu desktop on it.
<jrib> dragonious: it's a command line program
<jrib> dragonious: sftp user@host
<dragonious> jrib: ahh I see
<dragonious> I appologize again Im very new to terminal as I said before
<dragonious> ok Im logged into sftp with the user account I set up to be chrooted
<dragonious> jrib: I am now logged in to the sftp
<jrib> dragonious: alright, you can do "ls" and make sure it looks like you're in the right place.  Then try to make a directory with "mkdir sftpisfun" (or whatever)
<dragonious> jrib: ok one sec
<dragonious> couldn't create directory: Permission denied
<jrib> dragonious: well that rules that out :)
<dragonious> jrib: im in the right place but couldn't create directory
<dragonious> jrib: sorry realy new linux in general just sucking it all in
<dragonious> jrib: does my sshd_config look right?
<chriys> hi guys i have an issue. I pointed my domain to the no-ip on my ubuntu-server. It works but i can only access the web server from home. But if i go outside of my local network i cannot access to my website even if i use the no-ip address or the ip address of my computer
<jrib> dragonious: it looks ok to me, but to troubleshoot, let's comment some lines and see if we can narrow down the issue.  If you commend both lines with "internal-sftp" in them, restart the ssh server, and then connect again, are you able to make a directory?
<jrib> s/commend/comment
<chriys> this kind of weird because 2 days ago i was able to access to my ssh using mydomain.com
<jrib> chriys: do you want to share the domain (pm if you don't want the whole internet to know)
<sarnold> dragonious: your user account cannot modify your directory because it is root owned and permissions are 755 -- you can either change the owner of the directory to whatever your user account is, or you can grant the user account write access -- either via a new group, or by giving _everybody_ write permission to the directory, or by use setfacl to give that specific user write access to the directory.
<jrib> sarnold: he's using ChrootDirectory in sshd_config
<sarnold> chriys: your provider may block incoming port 80 and allow inoming port 22
<sarnold> jrib: yes, he wants to try to limit the user to the one directory, and has chosen this method to do it.
<dragonious> like this http://pastebin.com/seatp4FQ
<jrib> sarnold: yes, isn't it correct to have the ChrootDirectory be root owned and only writable by root?  That is what the man page suggests
<sarnold> jrib: so it does; I assumed they were allowed to own their home directory though...
<chriys> sarnold i ran a test from grc.com to see which of my port are open but i don't very well understand the result of the test
<sarnold> chriys: heh, I'm not too shocked...
<dragonious> sarnold: I followed this blog post : blog.swiftbyte.com/linux/allowing-sftp-access-while-chrooting-the-user-and-denying-shell-access
<jrib> chriys: firewall issue perhaps?
<chriys> the ports are open on my router
<sarnold> dragonious: did you follow this step? sudo chown sally:sftponly -R /var/www/vhosts/domain.com/
<jrib> chriys: and you're forwarding port 80 to the server in your network?
<sarnold> ahhhhh, he undoes it a second later.
<jrib> heh
<sarnold> how is that supposed to be useful?
<dragonious> sarnold: the only change I made was to add "-u 0002" after the internal-sftp part of sshd_config
<chriys> jrid: yes i forward it to my network
<dragonious> sarnold: and yes I followed it exactly
<chriys> sarnold: how to see if the port is open.
<sarnold> dragonious: then create the user a directory under that, 'edit', change its ownership...
<sarnold> chriys: netstat -lp | grep :80
<chriys> oh crap i'm not home right now
<dragonious> sarnold: so make a folder inside of that directory and change its ownership to the user and not root
<arbittt> can some body help me solve juju and MAAS problem : I have also posted on ask ubuntu  http://askubuntu.com/questions/249350/juju-cannot-deploy-services-with-maas
<sarnold> arbittt: dang, edited by jcas tro and he didn't have an answer.. that's a good one. :) have you tried asking in #maas?
<sarnold> dragonious: yeah, then the user can upload and modify files in that directory.
<sarnold> ... I'm still upset about the home directory needing to be owned by root. seems silly.
<arbittt> sarnold: ok!! I'll go ask one
<sarnold> seems pointless. seems wrong.
<sarnold> chriys: ssh in? :)
<dragonious> sarnold: ok let me test that one sec
<chriys> no it doesn't work from here. even if it was 2 day ago.
<chriys> i also change the port of the ssh and it was working
<jrib> ah, I notice that ChrootDirectory will also change to the user's home relative to the ChrootDirectory.  So you can probably work around this by making /chroots, chroot to there, then move this dr directory in /chroots and make /chroots/dr the user's home.  Then  you can symlink to this from /var/www
<dragonious> OK that works! thank you so much
<dragonious> sarnold: Thank you so much
<sarnold> jrib: oh!
<sarnold> jrib: that makes me much less angry :D
<dragonious> jrib: and you as well thank you so much for your time
<sarnold> dragonious: don't go yet, jrib's got a good solution :)
<jrib> yeah, I had always assumed that the user got ownership of the chroot but obviously that was not correct :)
<dragonious> jrib: Thank you esspecially for coming over to this cannel and helpping me I appreciate it guys
<dragonious> jrib: sarnold: ok im here
<sarnold> jrib: the downside ot the symlink idea is that the webserver probably won't traverse symlinks.
<dragonious> jrib: let us also not forget that I have a very low knowledge lvl of this OS
<sarnold> dragonious: try this: chrootdirectory /var/www/%h  --- and chown -R user:group /var/www/dr/ (or whatever it was..)
<dragonious> sarnold: ok one sec
<dragonious> do i put " chrootdirectory /var/www/%h  --- and chown -R user:group /var/www/dr/ "  or do I split that at the ---   ?
<sarnold> dragonious: hrm. maybe just "chrootdirectory %h" ... (the sshd_config manpage has details on %u and %u..)
<sarnold> dragonious: the "chroot -R user:group /var/www/dr" is a command to run at the shell
<dragonious> sarnold: yes I understand it to be a command for shell is that part of the whole command or a seperate commend
<dragonious> sarnold: sorry im getting confused
<sarnold> dragonious: it's a separate command
<sarnold> dragonious: the "ChrootDirectory %h" goes in your sshd_config file
<dragonious> sarnold: ok that part is in the file
<dragonious> sarnold: I will now run the command
<dragonious> sarnold: ok and I should put my users name in instead of user and his group instead of group
<sarnold> dragonious: yes
<dragonious> sarnold: dragonious@SNAPPERSERVER:~$ chroot -R glen:sftponly /var/www/dr
<dragonious> chroot: invalid option -- 'R'
<sarnold> dragonious: "chown", not "chroot" :)
<sarnold> my mitsake there :(
<dragonious> sarnold: its all good
<dragonious> sarnold: http://pastebin.com/GjMwDckg
<sarnold> dragonious: prepend a 'sudo' to that :)
<dragonious> sarnold: I should have known that lol
<dragonious> ok that returned no output
<sarnold> good :)
<sarnold> dragonious: now try your sftp again
<dragonious> sarnold: ok one sec
<dragonious> sarnold: authentication failed
<dragonious> sarnold: one sec pls I need to bio break ;p
<dragonious> sarnold: ok im back
<dragonious> sarnold: fast like ninja ...
<sarnold> haha
<sarnold> dragonious: check "sudo tail /var/log/auth.log" to see if sshd logged anything about the authentication rejection
<dragonious> sarnold: I dont want to waste your valuable time
<sarnold> dragonious: oh, heh, try restarting sshd and try again :)
<dragonious> sarnold: http://pastebin.com/aSq9LYkc
<sarnold> at least sshd is nice and explicit, "fatal: bad ownership or modes for chroot directory"
<dragonious> sarnold: ok so I need to restart ssh what would be the correct terminal command for that
<dragonious> sarnold:  I will write it down
<sarnold> dragonious: sudo restart ssh
<dragonious> dragonious@SNAPPERSERVER:~$ sudo restart ssh
<dragonious> ssh start/running, process 8242
<sarnold> dragonious: now try sftp again
<dragonious> sarnold: ok one sec
<dragonious> sarnold: failed
<sarnold> dragonious: okay, check 'sudo tail /var/log/auth.log' to see if it said 'bad ownership or modes' again :(
<dragonious> sarnold: Jan 30 20:30:50 SNAPPERSERVER sshd[9459]: fatal: bad ownership or modes for chroot directory component "/var/www/dr/"
<sarnold> dragonious: damn. then I was wrong.
<sarnold> dragonious: okay, lets put it back the way you had it earlier, with the directory that you could create files in...
<dragonious> sarnold: its ok it was worth a try . can we go back to where it was working easily
<dragonious> sarnold: nice
<sarnold> dragonious: edit the sshd_config file again, and put back "ChrootDirectory /var/www/dr"
<dragonious> sarnold: and again thank you
<sarnold> dragonious: then run sudo chown -R root:root /var/www/dr
<sarnold> dragonious: then sudo restart sshd
<sarnold> .. then test again :)
<dragonious> sarnold: ok the directory in the sshd_config is already set to %h so now Im going to input the chown
<sarnold> dragonious: oh, yeah, %h ought to work :) hehe
<dragonious> sarnold: ok going to check if I can get in
<red82> any script (asssuming its correctly written, perms, etc.) placed into /etc/cron.daily will get executed daily no?
<hallyn> zul: jdstrand: mdeslaur: ok, libvirt/python/generator.py no longer puts a virGetLastError(): wrapper in /usr/share/pyshared/libvirt.py, that's the cause of the error I"m getting with libvirt 1.0.2.  (I'm out thursday, back friday)
 * hallyn out
<dragonious> sarnold: ok im in give me one quik sec here
<hallyn> muhaha.  i think i see why
<hatake> how to fix this  chroot . /bin/bash = groups : cannot find name for group ID 19
<hatake> my kernel panic and i use chroot, but can't every body can help my
<dragonious> sarnold: ok so far so good one more quik thing
<dragonious> sarnold: ok all looks good I can add and remove files and folders from his new folder
<dragonious> sarnold: I have one more quik question maybe you can help me with, everytime I reboot my server I have to goin and rewrite my resolv.conf file as all my nameservers get wiped how can I fix that
<sarnold> dragonious: woo
<sarnold> dragonious: add them to /etc/resolvconf/resolv.conf.d/tail
<dragonious> sarnold: not a quik question?
<dragonious> so "sudo vi /ect/resolvconf/resolv.conf.d/tail
<dragonious> sarnold:  would that be correct
<sarnold> dragonious: yes
<dragonious> sarnold: must not be as that command creates a new file ;p
<sarnold> dragonious: hunh.
<sarnold> dragonious: oh :) "etc", not "ect" :)
<dragonious> sarnold: sudo vi /etc/resolvconf/resolv.conf.d/tail   is what I input
<sarnold> do you get "[New DIRECTORY]" or "/etc/resolvconf/resolv.conf.d/tail" in vi's status line?
<dragonious> sarnold: I get new file
<dragonious>  sarnoldyup it says New File
<sarnold> dragonious: hrm, what's ls -l /etc/resolvconf/resolv.conf.d/ report?
<dragonious> sarnold: dragonious@SNAPPERSERVER:~$ ls -l /etc/resolvconf/resolv.conf.d/
<dragonious> total 8
<dragonious> -rw-r--r-- 1 root root   0 Jul 18  2012 base
<dragonious> -rw-r--r-- 1 root root 151 Jul 18  2012 head
<dragonious> -rw-r--r-- 1 root root  48 Jan 28 19:00 original
<sarnold> dragonious: well, you can add it to 'head' or 'base' then :)
<dragonious> sarnold: so Ill try base:)
<hallyn> zul: jdstrand: mdeslaur: woohoo!  nm, found the bug
<red82> TIL, filenames in cron.daily can't have periods in them.
<zul> hallyn: are you not suppose to be here :)
<hallyn> zul: the bug was bothering me
<red82> hence the failure of mydomain.com.backup
<hallyn> zul: yo'ure not supposed to be here :)
<zul> hallyn: lxc is bothering me
<hallyn> lol
<hallyn> zul: please qualify that
<hallyn> libvirt-lxc
<dragonious> sarnold: ok base is a valid file but is blank so just add it in here or try the other file
<sarnold> dragonious: sure, add it there
<hallyn> zul: so i'm going to send this patch upstream, push the patch onto the package, and drop your new libcurl3-dev from build-depends
<zul> hallyn: if you have time can you make me a debdiff?
<dragonious> sarnold: Ok i added it to base file :)
<hallyn> zul: yup
<zul> hallyn: merci buckets
<dragonious> sarnold: ok so now when I add my next user it should be all setup I just have to go in and make them a folder inside of thier "jail" that they have rights to correct?
<sarnold> dragonious: should be :)
<dragonious> sarnold:  jrib: I cant thank you guys enough I have this all writen down or printed out thank you so much once again.
<dragonious> sarnold:  jrib: you guys saved my evening!
<sarnold> dragonious: woot. have fun :)
<dragonious> sarnold: Thanks again and may the blue birds of happiness bring you songs of riches and joy!!
<hallyn> zul: d'oh, i just overwrote your .dsc
<dragonious> jrib: you as well thank you again
<zul> hallyn: or you could just send me the patch
<dragonious> night guys hopefully you wont see me again at least for a few days ;p
<hallyn> gimme a few more mins :)
<hallyn> zul: patch is at :
<hallyn> http://people.canonical.com/~serge/0001-complete-virterror-virerror-name-change.patch
<hallyn> zul: but dont' forget to also drop curl from build-deps
<zul> hallyn: and you just drop the libcurl stuff right?
<hallyn> right
<hallyn> you wanna just take it from there?
<zul> cool have a good night then :)
<zul> yeah
<hallyn> awesome - gnight
<hallyn> zul: ok (last ping i promise) - http://people.canonical.com/~serge/libvirt-1.0.2.debdiff is the full debdiff
<hallyn> but the patch i linked above has a better description i guess
<hallyn> oh well, i'm out
<dragonious> sarnold: you still around?
<sarnold> dragonious: yeah
<axisys> how to realize larger raid5 lun?
<axisys> megacli shows the virtual disk is bigger now
<dragonious> sarnold: I gave my user his login info and he is gettin a denial from outside my home network
<sarnold> dragonious: anything in /var/log/auth.log ?
<dragonious> sarnold: one sec user maybe inputting his info wrong
<dragonious> sarnold: lol yeah it seams to have been a case of operator error :)
<sarnold> dragonious: woo :)
<dragonious> sarnold: he is in and all is good for now, he is uploading a joomla! install for me now to makesure it works
<dragonious> sarnold: thank you again
<dragonious> sarnold:  i think im gonna hang out in here for a bit just in case ;p
<sarnold> dragonious: good idea, there's lots to learn :)
<dragonious> sarnold: and then some :) :)
<Linuks83> i think i figured out what my issue was earlier with the install disk not detecting the drives on my sil3114ctu. it is put out by rosewill and so is a usb wireless adapter i have. if i do not configure the usb wireless adapter then the system sees the drives on that controller.
<Linuks83> bizarre, but that's what happened
<sarnold> Linuks83: o_O odd.
<Linuks83> very
<Linuks83> just thought i'd post a follow up in case anyone cared, or was perusing the chat logs at some point in time for some tiny nugget of gold.
<Linuks83> lol!
<sarnold> Linuks83: file a bug? :)
<Linuks83> i want to go through the process a couple of more times before i settle on it being an actual bug, but if it happens again under the same circumstances, i will definitely file a bug.
<Linuks83> i hate it when people flood the devs for simple stuff that was actually user error, so i want to make positively sure. ;-)
<Linuks83> well... g'night all.
<axisys> so do I need to reboot to relaize the larger raid5 lun made by lsi megaraid ?
<jerry_l> hello room.
<chriys> -_-' hi guys i have no idea but my server won't work even in local. The server is running and error.log shows this caught SIGTERM, shutting down
<chriys> and also child process 24148 still did not exit, sending a SIGTERM
<alimj> Hello everyone. Anybody here who has experience with Zpanel (Web hosting Panel)?
<chriys> solution found the ethernet cable was unplugged -_-'
<TheLordOfTime> is there a substitute for landscape for managing a large group of systems?  because Landscape isn't free, afaict
<sarnold> TheLordOfTime: unattended-upgrade ?
<TheLordOfTime> sarnold:  unattended-upgrades + nagios (for nagging and status monitoring)
<TheLordOfTime> ?
<ScottK> TheLordOfTime: The usual suspects are puppet and chef and additionally Debian/Ubuntu has FAI.
<greppy> TheLordOfTime: I am currently looking into http://saltstack.org for managing systems.
<blkperl> TheLordOfTime: puppet, chef, salt are all good choices
<chriys> i set apache to listen on port 8080 and forward my domain to my computer i'm using virtualhost. How to automatically redirect user who want to access to my website without needing him to specify a port ?
<greppy> chriys: you can't.  Web browsers use the default port, which is 80.
<jotterbot1234> Has anyone tried setting up an Adobe Update Server on an ubuntu server instance?
<kevinmthomas> hi everyone.  I am running Ubuntu Server and I have DNS and mail set up and I am trying to access my mail in Thunderbird however it is giving me a configuration could not be verified error
<kevinmthomas> does the server use imap or pop3
<kevinmthomas> ?
<AgMo> kevinmthomas: can you be more specific about the error msg?
<AgMo> kevinmthomas: what daemon did you install?
<kevinmthomas> sure.  When I try to configure and i click test, it passes me to the Done button, i am using THunderbird mail to check my mail
<kevinmthomas> on the server i can send and receive fine
<kevinmthomas> its just the 3rd party clint
<kevinmthomas> client
<kevinmthomas> im not sure if the server uses pop3 or smpt
<kevinmthomas> smtp
<kevinmthomas> when im checking remotely
<kevinmthomas> it says username or password invalid
<kevinmthomas> however it is the right ones
<kevinmthomas> the ssl is set to STARTTLS
<kevinmthomas> i tryto autodetect however when i test
<kevinmthomas> it takes me back to STARTTLS
<kevinmthomas> my first question should i be checking for imap
<kevinmthomas> or pop3?
<AgMo> if you just install postfix for example, then you cannot use imap or pop3
<kevinmthomas> oh
<AgMo> postfix is mta
<kevinmthomas> oh
<kevinmthomas> so how might i check email on a blackberry
<AgMo> ony use for sending email (smtp)
<kevinmthomas> or client
<AgMo> not for receiving
<kevinmthomas> is there a way to check for mail on a 3rd party client then?
<kevinmthomas> or am i forced to use the console
<AgMo> if you want to using mail client, you have to setup either pop3 or imap daemon first
<AgMo> you can refer to: https://help.ubuntu.com/community/PostfixCompleteVirtualMailSystemHowto
<AgMo> there is a pop3 and imap section
<AgMo> this one is more simple: https://help.ubuntu.com/community/PostfixBasicSetupHowto
<kevinmthomas> its quite confusing
<kevinmthomas> it refers to a virtual mailbox and setting up mysql
<AgMo> kevinmthomas: sorry, you could try using the 2nd link
<kevinmthomas> the 2nd link?
<AgMo> this link: https://help.ubuntu.com/community/PostfixBasicSetupHowto
<AgMo> i mean URL: https://help.ubuntu.com/community/PostfixBasicSetupHowto
<kevinmthomas> ok there are 45 options
<kevinmthomas> which one do I want?
<AgMo> kevinmthomas: 45 options?
<kevinmthomas> oh sorry
<kevinmthomas> i mityped
<kevinmthomas> mistyped my apoligies
<kevinmthomas> let me see now
<kevinmthomas> do i want to install pop3 or imap?
<kevinmthomas> which is better
<AgMo> which one do you want to use? :)
<kevinmthomas> im sorry im not sure
<kevinmthomas> does the blackberry device
<kevinmthomas> or mobile devices have a preference
<AgMo> blackberry device support both protocol (imap and pop3)
<kevinmthomas> thank you so uch
<AgMo> sure, and good luck :)
<kevinmthomas> thank you AgMo
<kevinmthomas> see you soon
<zul> jdstrand: new libvirt on its way today
<jdstrand> nice, for hallyn's fix I presume
<kevinmthomas> Hi I have tried everything and thunderbird now says, Thunderbird has failed to find the settings for your email account
<kevinmthomas> i tried both pop3 and imap
<kevinmthomas> when i netcat mail.kevintown.net 110
<kevinmthomas> the console just hangs
<kevinmthomas> netcat mail.kevintown.net 25
<kevinmthomas> does work
<kevinmthomas> but 110 and 143 do not
<Akendo> kevinmthomas: Was does the error mess of nc say?
<kevinmthomas> nc?  You mean thunderbird?  It says Thunderbird failed to find the settings for your email account
<kevinmthomas> oh netcat
<kevinmthomas> it literally hangs
<kevinmthomas> 110 and 143 hang
<kevinmthomas> the console hangs and i hvae to ctrl z out
<kevinmthomas> any idea?
<Akendo> hm..
<Akendo> You not getting any reponse fromt he port?
<kevinmthomas> no
<Akendo> Nothing like; +OK Dovecot ready.
<kevinmthomas> nope
<kevinmthomas> only 25 works
<Akendo> What is with 993 ?
<Akendo> It could be that the IMAP/POP-3 Server on this server has crashed
<kevinmthomas> oh
<kevinmthomas> how can i reset them>
<Akendo> Try this first
<Akendo> openssl s_client -connect $MAILSERVER:993
<kevinmthomas> ok
<kevinmthomas> that just gave me a long menu
<kevinmthomas> gethostbyname failure
<kevinmthomas> connect:errno=110
<Akendo> hm..
<Akendo> The same for 995?
<kevinmthomas> yes
<kevinmthomas> now when i specificed my network it was 192.168.1.0/24
<kevinmthomas> but the server machine is 192.168.1.147
<kevinmthomas> does that matter
<Akendo> Can you access to the Host?
<kevinmthomas> how do i do that?
<Akendo> SSH ?
<kevinmthomas> i am in a console now
<kevinmthomas> what do i do
<Akendo> O.o
<Akendo> nc localhost 110
<Akendo> btw: is this a public mailserver?
<kevinmthomas> it hangs
<kevinmthomas> i beleive it is public
<kevinmthomas> nc localhost 110  cases the term to hang
<Akendo> netstat -tplan |grep "\:110"
<kevinmthomas> i have to CTRLz
<Akendo> It would be better to open another session
<Akendo> But
<Akendo> Do as you like
<kevinmthomas> i di open another session
<kevinmthomas> ok
<kevinmthomas> it gave me data
<kevinmthomas> some ports are listen
<kevinmthomas> that :grep
<kevinmthomas> its the colon right?
<Akendo> ps auxfw|grep Z
<Akendo> Check for a Zombie
<kevinmthomas> what is that character before the grep
<kevinmthomas> is it a colon?
<Akendo> |
<kevinmthomas> what is i
<Akendo> Vertical bar
<Akendo> Or a pipe
<kevinmthomas> ok
<kevinmthomas> now
<kevinmthomas> what am i lookign for
<kevinmthomas> shows USER
<kevinmthomas> ok now when i do the -tplan
<kevinmthomas> tcp 0 0.0.0.0:110   0.0.0.0:*  LISTEN
<kevinmthomas> 1060/dovecot
<kevinmthomas> tcp6 0   0 :::110   :::*  LISTEN
<kevinmthomas> 1060/covecot
<kevinmthomas> any idea?
<Akendo> What is this for a server Ubuntu?
<kevinmthomas> yes server
<Akendo> It looks like that the IMAP Server has a problem. You may like to check the logs for any error messages
<Akendo> tail -n 200 /var/log/dovecot.log
<Akendo> Or something like this
<Akendo> Never did run a doveco on ubuntu
<kevinmthomas> there is n o dovecot log
<kevinmthomas> just mail
<Akendo> log into the mail.log
<Akendo> I guess there is no real syslog on your system
<kevinmthomas> i am looking at the mail.err fiel now
<kevinmthomas> mail.err
<kevinmthomas> ahh!
<kevinmthomas> kevintown dovecot:  imap(kevin) error invalid ser settings refer to server log
<kevinmthomas> for more info
<kevinmthomas> mail_location not set and autodetectio failed mail storage autodetect failed with home=/home/kevin
<Akendo> :)
<kevinmthomas> ok
<kevinmthomas> so what does that all mean lol
<kevinmthomas> no folder
<kevinmthomas> perhaps
<Akendo> Maybe
<kevinmthomas> hmm
<Akendo> But
<Akendo> You have to check how the mapping between user and there foldering is happing inside of the /etc/dovecot/dovecot.conf
<kevinmthomas> no such folder
<kevinmthomas> wait
<kevinmthomas> ok
<Akendo> I recommend now to read some of the documentation http://www.dovecot.org/
<kevinmthomas> im in teh folder
<Akendo> :D
<Akendo> But
<kevinmthomas> i am in teh dovecot folder
<Akendo> ^^
<uvirtbot> Akendo: Error: "^" is not a valid command.
<zul> yolanda: https://code.launchpad.net/~zulcss/nova/nova-pydist/+merge/145884
<kevinmthomas> what log file am i looking for
<Akendo> ^help
<uvirtbot> Akendo: (help [<plugin>] [<command>]) -- This command gives a useful description of what <command> does. <plugin> is only necessary if the command is in more than one plugin.
<Akendo> :D
<Akendo> Cool
<Akendo> xD
<yolanda> ok
<kevinmthomas> there is conf.d dovecot.conf
<kevinmthomas> and then a bunch of .ext
<kevinmthomas> im installing mailutils as well
<Akendo> Why are you installing something?
<kevinmthomas> i wanted to make sure i had the folders perhaps
<kevinmthomas> not sure
<kevinmthomas> i am able to get and receive mail
<kevinmthomas> in the console
<kevinmthomas> just not in a client
<kevinmthomas> thunderbird failed to find the settings for your email account
<Akendo> You have first to check the service configuration for th mapping of user folder. When you see he'll use the home folder you can create it, I wonder just about. Normally you should have something virtual users
<kevinmthomas> netcat mail.kevintown.net 110
<kevinmthomas> hangs in the term
<kevinmthomas> ok i am in dovecot.conf
<Akendo> Just try to restart the service first
<Akendo> service dovecot restart (I think else use /etc/init.d/dovecot restart)
<kevinmthomas> ok i restarted
<kevinmthomas> still doesnt work
<Akendo> Ok
<Akendo> maybe the setting your using
<kevinmthomas> yea i think perhaps from the mailerr.log
<Akendo> One moment
<Akendo> do a connection to it via nc and run: "e logout"
<kevinmthomas> connect to mail.kevintown.net 110?
<kevinmthomas> what commmand line should i use?
<kevinmthomas> also there is no mail_location in dovecot.conf
<kevinmthomas> do a connection to what?
<Akendo> e logout
<Akendo> or
<Akendo> QUIT
<Akendo> nc mail.musicpictures.com 110
<Akendo> nc: using stream socket
<Akendo> +OK Dovecot ready.
<Akendo> QUIT
<Akendo> +OK Logging out
<kevinmthomas> brb
<Akendo> m2
<yolanda> zul, https://code.launchpad.net/~yolanda.robla/ceilometer/grizzly/+merge/145897
<kevinmthomas> ok
<kevinmthomas> now when i nc mail.kevintown.net 110
<kevinmthomas> it just returns nothing
<kevinmthomas> meaning i type it and another command prompt apears
<kevinmthomas> oh well i will keep trying
<kevinmthomas> thank you all for your help
<Linuks83> do i have to uninstall networkmanager to connect to a wifi connection using iwconfig and dhclient??
<Linuks83> from console
<Linuks83> i get a message that the interface is unknown when i try to bring it up with 'ifconfig wlan0 up', but lsusb shows the adapter as being detected...?
<sarnold> Linuks83: does 'ifconfig -a' show it under a different name perhaps?
<Linuks83> sarnold, i show eth0 and lo0 and wlan0
<Linuks83> i'm not sitting in front of it at the moment, but am trying to get info for when i am.
<Linuks83> i've been looking at articles on how to setup internet connection via console, since i've installed the server, for the purpose of keeping it lean, but they all assume that the wireless adapter is already setup and you arent getting weird messages when trying to bring up the if
<sarnold> Linuks83: hehe, okay... check lsmod, make sure its module(s) are loaded. check iwconfig and ip link show and ip addr show, make sure everything looks sane..
<sarnold> Linuks83: /etc/network/interfaces will also come in handy
<Linuks83> that's what i thought. i'm not sure what module it's supposed to use, and i didnt bring it with me... lol! i'll check it when i get home. i'll write those down and check. thanks for the tips.
<Linuks83> sarnold, is there a way to have the machine autodetect the module it's supposed to use?
<Linuks83> from console?
<sarnold> Linuks83: dunno.. I think I just poke aroud in /lib/modules/`uname -r`/kernel/drivers/net/wireless/ and its subdirectories looking for strings that look like my device..
<Linuks83> ah! good idea... d'oh!
<sarnold> (grep -l is your friend :)
<Linuks83> and 'strings'
<Linuks83> :)
<Linuks83> I usually administer SCO OpenServer boxes, but have gotten so used to the graphical interface in Linux, that I have not had the need to learn certain things.
<sarnold> *nod* :)
<Linuks83> SCO does things quite a bit differently as far as drivers are concerned....
<Linuks83> sarnold, you've been a great help
<sarnold> oh man, my condolances, I had a few SCO boxes under my care before. hated them. (We didn't spring for the $3000 dev kit, which made the thing nearly useless...)
<Linuks83> thanks
<Linuks83> sarnold, there are some 'skunkware' available (read as open source software compiled for SCO), but good luck finding anything even remotely 'obscure'
<sarnold> Linuks83: heh, yeah, I think it would have been intolerable without the skunkware stuff..
<Linuks83> agreed
<Linuks83> thanks again! i'm being summoned by the misses for lunch. ;-)
<sarnold> bon apetit
<Linuks83> merci
<dragonious> Good morning ubuntu guys :)
<dragonious> Im back with  a new problem today :( anyone got a min a 30 ?
<dragonious> Im working on configuring my Virual Hosts in apache2 and when I restart apache2 I get   "apache2 could not reliably determine the servers fully qualified domain name,using 127.0.1.1 for servername
<patdk-wk> that is *normal*, to fix it you have to mess around with your /etc/hosts file
<sarnold> patdk-wk: isn't there a ServerName directive that'd silence it?
<patdk-wk> hmm, ya
<patdk-wk> my *default* doesn't have servername, but others do, must be why I also get it
<dragonious> Im also getting [error] virtualhost *:80 -- mixing * with ports and non-* ports with a namevirtualhost address is not supported proceeding undefined results
<patdk-wk> well, that is a user config error :)
<patdk-wk> fix your virtualhosts :)
<dragonious> ok so the user config error is if Im seeing it right is that Im should be putting in my ip address to server in those files instaed of the *
<dragonious> man I cant type on this ketboard
<patdk-wk> how should I know? I can't see your system
<sarnold> I'd probably leave it * unless you've got good reason to restrict which IPs apache serves which content to
<dragonious> sarnold: I have a static Ip through comcast business
<sarnold> dragonious: how many? how many IPs does your web server have (in addition to the usual 127.0.0.1)?
<patdk-wk> the only time I would use ip's instead of *, is if I have multible ip's, and I specifically want to limit hostname x to ip address y
<dragonious> sarnold: I have 1 static ip for my server, the server is then behind my router and static ip'd as well
<patdk-wk> when doing that though, there are lots of things you need to modify
<dragonious> patdk-wk: I appologize my knowledge base in this area(obviusly) is limited
<sarnold> yeah. sometimes it's necessary / good idea, but really, * ought to suit 95% deployments..
<dragonious> sarnold: so what exactly is the error saying, I can link a copy of my Vhost file if it helps
<patdk-wk> it's saying you told it you wanted to use *, but then you turned around and didn't
<decci> Hi
<decci> I am unable to see compellent SAN during ubuntu 12.04 installation on dell c6100 server
<sarnold> dragonious: somewhere you probably have ip.add.res.s:80 in your config..
<decci> i350 network card installed and connected to Compellent SAN using iscsi
<decci> When I try to install ubuntu 12.04. The installation cannot see the SAN storage device as shown http://tracker.webtechnologyfocused.com.au/ehw/volumesnotdetected.jpg
<decci> this could be a driver issue with Ubuntu and may need the driver to see the storage device.
<patdk-wk> is your compellent san configured to AUTHORIZE your ubuntu install?
<decci> patdk-wk: How to check that?
<patdk-wk> this is very simple normal zoning issue, I bet
<patdk-wk> decci, no idea, I don't have a compellent san :)
<decci> patdk-wk: The iscsi appears as http://tracker.webtechnologyfocused.com.au/ehw/Capture6.JPG in the BIOS boot up. I am able to install Centos 6.3 fine as shown http://tracker.webtechnologyfocused.com.au/ehw/syd-sehw-3iscsi0.JPG http://tracker.webtechnologyfocused.com.au/ehw/syd-sehw-3iscsi1.JPG http://tracker.webtechnologyfocused.com.au/ehw/syd-sehw-3iscsi2.JPG.  The dmesg of Centos 6.3 running perfectly with the iscsi luns can be
<decci> patdk-wk: But its not working for Ubuntu 12.04
<patdk-wk> wait
<sarnold> decci: you got cut off at "iscsi luns can be"
<patdk-wk> you want to use hardware iscsi initiator?
<decci> patdk-wk: I did see some thread http://en.community.dell.com/support-forums/storage/f/4427/t/19410734.aspx
<patdk-wk> in that case, it will show up as a *local disk*
<dragonious> http://pastebin.com/VMvDMiwm
<decci> patdk-wk: http://tracker.webtechnologyfocused.com.au/ehw/volumesnotdetected.jpg
<sarnold> dragonious: check the rest of your configuration..
<patdk-wk> probably need to find the driver you need to load
<decci> patdk-wk: Can you suggest?
<decci> patdk-wk: whats open-iscsi
<dragonious> sarnold: so look at httpd.conf ?
<patdk-wk> that is if you want to ignore the iscsi on your i350, and use linux to do it instead
<sarnold> dragonious: yes, the whole config. Maybe grep -r :80 /etc/apache2/ to help you find what might be related...
<decci> patdk-wk: So what you suggest? How to find correct driver? I wonder how no-one encountered this issue
<decci> patdk-wk: ?
<dragonious> sarnold: http://pastebin.com/qHyAeBdt
<dragonious> sarnold: I omitted one line the last one as it had my ip in it but the file its reading is a trash file created after I updated the correct file
<sarnold> dragonious: ah, that might be it. delete that? move it out of the way?
<decci> patdk-wk: I tried googling but dint find single solution or mentioned anywhere
<dragonious> sarnold: ok one sec
<patdk-wk> decci, no idea :(
<dragonious> sarnold: ok im going to restart apache one sec pls
<patdk-wk> probably the simple way to know, would be to boot your centos install again, and do an lsmod
<patdk-wk> and compare that to the ubuntu one
<dragonious> sarnold: same error
<sarnold> dragonious: odd :/
<dragonious> sarnold: thats why I came here I followed every thing I could find on google to clean up my syntax and stuff Im lost now
<dragonious> sarnold: where is my httpd.conf and what should it look lik, if Im not mistaken mine was empty, there was a file with that name but had no data in it
<sarnold> dragonious: a fresh install of apache2 doesn't install an httpd.conf file (at least not on 12.10) -- instead it installs an apache2.conf file.
<dragonious> sarnold: ah let me look at that
<RoyK> dragonious: modules and virtualhosts are normally configured under separate directories
<dragonious> sarnold: I dont see anything in here that sends off alarms
<dragonious> RoyK: I m sorry Roy im very new to all this what exactly do you mean ?
<RoyK> dragonious: what are you trying to do?
<dragonious> RoyK: sorry roy I stepped away , Im having trouble setting up my virtual hosts im getting Could not reliably determine the servers fully qualified domain name,
<sarnold> dragonious: ignore that one, that's just a warning. :) ask RoyK about the error...
<dragonious> ro
<RoyK> dragonious: you can ignore that message - for general setup, see
<RoyK> !guide | dragonious
<ubottu> dragonious: The Ubuntu server guide may be found at http://help.ubuntu.com/12.04/serverguide/C/
<dragonious> RoyK: [error] VirualHost *:80 -- mixing * ports and non-* ports with a NameVirtuialHost address is not supported, proceeding  with undefined results
<dragonious> RoyK: sorry for typos I hate this ketboard
<RoyK> dragonious: check what NameVirtualHost is set to
<RoyK> grep -ri namevirtua /etc/apache2
<dragonious>  its *:80 I added the  line into one of my sites vhost file
<dragonious> dragonious@SNAPPERSERVER:~$ grep -ri namevirtua /etc/apache2
<dragonious> /etc/apache2/ports.conf:NameVirtualHost *:80
<dragonious> /etc/apache2/ports.conf:    # If you add NameVirtualHost *:443 here, you will also have to change
<dragonious> /etc/apache2/sites-enabled/www.snapperheadstudios.com:NameVirtualHost *
<dragonious> /etc/apache2/sites-available/www.snapperheadstudios.com:NameVirtualHost *
<dragonious> RoyK: sorry to spam I forget its going to do that
<RoyK> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<RoyK> dragonious: just remove the namevirtualhost * settings from those vhosts, and use <VirtualHost *:80>
<dragonious> RoyK: yes I have it open and have linked my vhost file previously in this conversation again I appologize im very new to linux in general and I am trying to sponge it all up
<dragonious> RoyK: ok going to resart apache
<dragonious> RoyK: ok now im just gettingCould not reliably determine the servers fully qualified domain name,
<RoyK> dragonious: you can ignore that
<dragonious> RoyK:  the server fails to start after displaying that
<RoyK> then check the error log
<dragonious> RoyK: where can that be found
<dragonious> RoyK: and so you know I greatly appreciate your help
<RoyK> dragonious: /var/log/apache2/error.log
<dragonious> RoyK: http://pastebin.com/074yxxdS my error log from today
<RoyK> dragonious: don't try to put error logs under /etc
<RoyK> dragonious: redhat does that by symlinking, but it's still bad imho
<RoyK> change it to /var/log/apache2
<sarnold> logs under /etc??
<sarnold> RUN AWAY
<RoyK> sarnold++
<dragonious> RoyK: sarnold: Yeah the post I followed had the email line messed up as well but apache was kind enough to tell me exactly where and what the  error was
<dragonious> RoyK: do I also need to add a file in that folder as well?
<RoyK> no
<dragonious> RoyK: ok one sec I will make those changes to the files
<RoyK> given www-data has write access there, it'll create it
<dragonious> RoyK: sarnold: restarting apache2
<dragonious> RoyK: ok I get what you told me to ignore and the server has started
<dragonious> RoyK: now unfortunatly I have an issue I need to get fixed by comcast that does not allow me to log back to my sites from the internet
<dragonious> RoyK: I can only view them internally
<dragonious> RoyK: sarnold: can one of you goto www.snapperheadstudios.com
<sarnold> RoyK: nice :) my mistake was to grep for :80. heh.
<sarnold> dragonious: "Joomla!Â® is free software released under the GNU General Public License. " and so forth
<dragonious> sarnold: thats what you see when you hit that .com huh??
<sarnold> dragonious: perhaps turn the servre back off until your buddy can configure joomla for you? you wouldn't want just anyone on the internet setting it up for you :)
<TheLordOfTime> dragonious:  joomla config screen...
<TheLordOfTime> you're aware that allowing that as live can be dangerous
<TheLordOfTime> right?
<dragonious> sarnold: unfortunatly you shouldnt see that at that domain name
<TheLordOfTime> dragonious:  then your server is misconfiguired
<TheLordOfTime> or the DNS is
<TheLordOfTime> or both
<dragonious> sarnold: you should see an undercunstruction site
<dragonious> TheLordOfTime: yes I am aware, as I have said Im still learning and it is one heck of a learning curve
<sarnold> dragonious: you might want to sudo stop apache2 [retty quickly :)
<TheLordOfTime> agreed
<TheLordOfTime> or not use apache *cough*  <-- biased
<dragonious> TheLordOfTime: we all have to start somewhere
<TheLordOfTime> true.
<TheLordOfTime> i prefer nginx or lighttpd over apache
<TheLordOfTime> but...
<TheLordOfTime> as i said i'm biased
<dragonious> TheLordOfTime: and much more knowledgable than I, I am sure :)
 * TheLordOfTime shrugs, and points to how he's running 6 domains/sites on one server with nginx
<TheLordOfTime> so perhaps... ;)
<TheLordOfTime> .... oops i broke it...
 * TheLordOfTime goes to fix PHP
<dragonious> TheLordOfTime: lol yes well I need to take a sec and wrap my head around exactly what is happening here.
<dragonious> sarnold: ok so im looking at this file I created and I dont under stand why its showyou a site that is in a differnet location what you saw should be at a subdoain I set up for it last night
<TheLordOfTime> random observation: i spent 3 months trying to get Apache to work right - never figured it out
<dragonious> sarnold: should the  line look like /var/www/snapper or /var/www/snapper/
<sarnold> dragonious: I don't know if apache cares.. other applications do care and require the trailing /
<sarnold> TheLordOfTime: yeah, I find nginx easier to configure too, but apache is supported by canonical, which is nice...
<dragonious> sarnold: another questiondoes it matter in what order I list the commands
<sarnold> dragonious: I don't _think_ so... i could be wrong.
<dragonious> sarnold: that being the case then this looks correct to my novice eyes Im pointing to the correct directories but it is obviously pointing to the wrong ones
<TheLordOfTime> sarnold:  albeit 5000 times more difficult to configure
<sarnold> it does require keeping the manual open all the time.. :)
<dragonious> sarnold: should I combine these files into one file ??
<sarnold> dragonious: well, you might find it easier to work with, but the layout of sites and plugins and so forth is designed to ease maintainence in the long run...
<bitfury> hello, I removed the default exim4 MTA
<bitfury> installed
<bitfury> ssmtp
<bitfury> but I don't see an init script to restart it
<bitfury> how would I do this?
<dragonious> sarnold: thanks Im just completly baffled I dont know where I going wrong here
<sarnold> bitfury: I dont think there is anything to start, programs run /usr/sbin/sendmail to deliver mail; there's no listening daemon..
 * RoyK just uses postfix
<dragonious> RoyK: any idea where Im going wrong ?
<RoyK> no
<dragonious> well thank you fot all your help guys I really do appreciate your time
<dragonious> RoyK: sarnold: ok heres a question when I set up the subdomains I set them up as A (host)Names  should they be set up as C Names??
<sarnold> dragonious: hrm,that's a bit out of my experience but I think both are fine.
<RoyK> dragonious: doesn't matter if you use an A record or a CNAME record - the apache config reads the Host: header and parses that
<dragonious> Ok
<dragonious> RoyK: ok ty
<RoyK> better use CNAME, it's better
<dragonious> RoyK: its the only thing I didnt do exactly as the walk through says
<dragonious> RoyK: so only thing I can think to check lol
<dragonious> RoyK: sarnold: ok guys give me  afew min here
<axisys> how to add GRUB_SERIAL_COMMAND="serial .." during install?
<axisys> I seem to be adding this after install even though I have this in the kernel line " -- console=ttyS0,9600n8 console=tty0"
<axisys> and I also have to write a /etc/init/ttyS0.conf after install.. I like to automate that
<dragonious> ok guys im back :)
<dragonious> I think I have it fixed now
<dragonious> I had a few issues with my domainname provider I think I cleared them up , my server is now correctly linked to the domain name, and I setup the correct subdomains for all the sites now hopefully it works
#ubuntu-server 2013-02-01
<sweettea> why does eth0 come up as p1p1 now?
 * lamont grumbles
<lamont> pretty sure that grub should not produce the following when I replace "quiet splash" with "break":
<lamont>   Booting a command list
<lamont>   Booting a command list
<lamont>  /0123456789:;<MNOPQRSTUVWXYZjklmnopqrstuvwï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½
<dragonious> sarnold: RoyK: Thank you guys so much I got everything working with my VirtualHost thanks your expet help!
<dragonious> to^
<dragonious> sarnold: you can now goto my websites and see what I inteded to be seen :)
<dragonious> Thanks again guiys you have been a huge help, this community supported os is realy starting to grow on me and with members like the ones who have assisted me over the last few days, its very easy to see why
<Patrickdk> lamont, why not? you told it to *break* :)
<zzbooze> Im installing postfix on my ubuntu server.
<zzbooze> its not sending mail to my email..
<zzbooze> what do i need to edit?
<lamont> Patrickdk: heh
<sarnold> dragonious: yikes, I still get the joomla! install page :)
<zzbooze> Im installing postfix on my ubuntu server.
<zzbooze> its not sending mail to my email..
<zzbooze> what do i need to edit?
<Phatninja55> Any help would be appricated ^
<dragonious> Hello guys Im back now Im configuring my email server and Im getting this error pastebin.com/xuBgKmVT
<dragonious> Im following the walkthrough on the ubuntu support site for postfix
<dragonious> sarnold: you shouldnt get that Joomla!site now ;p
<sarnold> dragonious: oh good :)
<sarnold> dragonious: hrm. I still get the joomla! page.
<sarnold> dragonious: you might want to configure it quick before someone else does.
<sarnold> or sudo stop apache2  :)
<dragonious> sarnold: you may need to clean you internet cookies :)
<TheLordOfTime> s/cookies/cache/
<TheLordOfTime> dragonious:  its not conf'd right
<TheLordOfTime> i'm getting the same page on virgin chromium
<sarnold> dragonious: no... reload, even w3m -dump ... | grep -i joomla show that it is still there.
<TheLordOfTime> (i.e. its never been there)
<TheLordOfTime> confirm what sarnold said.
<TheLordOfTime> i can confirm*
<dragonious> sarnold: well I dont see how that can be my people in town here don't see the joomla page
<sarnold> dragonious: hehe, who are you going to trust, your buddies sarnold and TheLordOfTime or some folks in your town? :)
<TheLordOfTime> dragonious:  did your DNS change at all?
<sarnold> TheLordOfTime: ooh. good question.
<TheLordOfTime> i.e. did you repointn your domain to anything?
<TheLordOfTime> because if you changed the DNS, i'll go pull new dns data from $given_nameserver_of_weirdness
<dragonious> sarnold: TheLordOfTime: yes I spent an hour with godaddy getting it right
<TheLordOfTime> dragonious:  when?
<TheLordOfTime> within the past 48 hours?
<dragonious> t
<TheLordOfTime> or within the past 12?
<TheLordOfTime> or within some other timeframe?
<dragonious> sarnold: TheLordOfTime: yes within past 12 hours , but like I said everyone locally is seeing the correct page
<sarnold> hrm. I looked it up on opera mini on my phone (no way it had it in DNS cache) and _still_ got the joomla page.
<sarnold> ah.
<sarnold> dragonious: ask your pals to go to www.snapperheadstudios.com -- if I visit http://snapperheadstudios.com/, I get an under-construction page
<TheLordOfTime> okay, then the dns hasn't propagated.
<TheLordOfTime> and confirmed here too
<sarnold> the joomla install is active on http://www.snapperheadstudios.com/  :)
<TheLordOfTime> http://snapperheadstudios.com/  <-- points correctly
<TheLordOfTime> http://www.snapperheadstudios.com/  <-- AAAAAAAAAA!
<sarnold> $ host www.snapperheadstudios.com
<sarnold> www.snapperheadstudios.com is an alias for snapperheadstudios.com.
<sarnold> snapperheadstudios.com has address 173.15.84.210
<TheLordOfTime> dragonious:  you need to add a www dns entry in the DNS panel.
<TheLordOfTime> point it with an A record to the IP address that you put for snapperheadstudios.com root
<sarnold> does host do the lookup all the way to the addresses? or does it just stop with the direct results?
<TheLordOfTime> sarnold:  i do dnsget -v -t ANY -n [specified nameserver] [query]
<TheLordOfTime> but i like raw verbosity
 * TheLordOfTime executes
<sarnold> TheLordOfTime: heh, I moved to 'host' when all the docs said to stop using 'dig' and 'nslookup', but .. never got any of them well enough to call myself a dns guru
<TheLordOfTime> sarnold:  http://paste.ubuntu.com/1595548/
<sarnold> anyway dinner time :D so good luck, dragonious, get that thing turned off quickly :)
<sarnold> TheLordOfTime: aha! thanks. :D
<dragonious> sarnold: Its something in my vhost file I dont get it its making me mad brah
<dragonious> sarnold: lol
<dragonious> sarnold: if you goto snapperheadstudios.com without the .com you get the right page
<TheLordOfTime> dragonious:  you mean without the www :P
<TheLordOfTime> dragonious:  add in another vhost for www.  dupe the snapperheadstudios.com stuff
<TheLordOfTime> it *shoudl* work
<TheLordOfTime> or set up a redirect for www -> non-www
<TheLordOfTime> idk how you do that in apace
<dragonious> TheLordOfTime: I ahad it working and now its not I had to add a line for the non www domain
<TheLordOfTime> apache*
<dragonious> TheLordOfTime: I already have a www redirect with go daddy to my IP
<dragonious> TheLordOfTime: we even setup the FQDN for my sever I just dont get it
<TheLordOfTime> you should just redirect www to the non-www domain itself
<TheLordOfTime> rather than just the IP point
<TheLordOfTime> i.e. if i go to www.blargh.com and there's a web server rewrite/redirect there, saying "Go to blargh.com"
<TheLordOfTime> my system will say "Go to blargh.com" and request blargh.com
<TheLordOfTime> thereby making SURE i'm iseeing blargh.com
<TheLordOfTime> its how i do my www. -> non-www in my site, except i use nginx so its all done behind the scenes
<dragonious> TheLordOfTime: I think I catch what your saying
<dragonious> TheLordOfTime: Can you try them both for me now please?
<dragonious> TheLordOfTime: I fixed it the right way this time ;)
<TheLordOfTime> :P
<dragonious> changed a line of cade and wala is working nicely try for your self
<TheLordOfTime> :P
<TheLordOfTime> yep it works
<dragonious> Thank you, couldnt have done it with out you guys here helpping me
<dragonious> TheLordOfTime: now working on the mail server and I fixed my issue I was having at the last step and Im on to the next :)
 * TheLordOfTime goes back to stabbing php5's source code with a rusty spork
<dragonious> TheLordOfTime: Good Luck with that !!
<TheLordOfTime> EVIL!
<TheLordOfTime> it is EVIL!  you will not MENTION IT!
 * TheLordOfTime shakes a finger at dragonious in a manner indicative of scolding for wishing luck working with php5's evil codebase
<linocisco> hi all
<linocisco> I have to maintain inventory of SIM cards(WCDMA, GSM, CDMA800 MHz and CDMA450 Mhz) with their Ph no. , issued dates , issued person, credit balance. I dont know which type of software I should use
<jpds> linocisco: A database?
<linocisco> jpds, a database driven web application
<jpds> linocisco: Quite.
<linocisco> jpds, I checked glpi. but found no feature to record this type of inventory
<eagles0513875_> hey guys im using 12.04 on my servers and squirrelmail I am wondering why on earth does it have a dependency of the apache2 prefork package
<soren> eagles0513875_: It doesn't, really. It says: Depends: apache2 | httpd, libapache2-mod-php5 | php5 | php5-cgi, [...]
<soren> So any package that is named or that provides either apache2 or httpd satisfies the dependency.
<soren> And any package that is named or that provides either libapache2-mod-php5, php5, or php5-cgi satisfies the php dependency.
<soren> When APT tries to resolve this, it first looks to see if you these dependencies are already satisfied.
<soren> If they're not, it will attempt to satisfy them by installing extra packages. The order in which these options are stated (e.g. libapache2-mod-php5 before php5) denotes the order of preference.
<soren> ...and it just so happens that libapache2-mod-php5 prefers apache2-mpm-prefork.
<eagles0513875_> soren: it wouldnt let me install event driven package of apache
<eagles0513875_> so what does one do to use squirrelmail with apache2-event or worker
<soren> eagles0513875_: The question you need to answer is: "How can I do php with apache2-event or worker?"
<soren> Is there another collection of packages that one can install that gives you a functional webserver that can handle php?
<eagles0513875_> nginx comes to mind
<andol> eagles0513875_: Assuming you already had nginx setup it looks like squirrelmail would have been fine with that. Just that apache2 and libapache2-mod-php5 happend to come first in the alt. list
<andol> apache2 | httpd, libapache2-mod-php5 | php5 | php5-cgi, perl
<eagles0513875_> andol: does that mean if i want to use event or worker i need to setup squirrelmail from source?
<soren> eagles0513875_: What needs to be installed for nginx to have php functionality?
<soren> eagles0513875_: apache's event mpm doesn't work with php, afair.
<andol> eagles0513875_: No, that means if you have any package providing httpd (such as nginx) installed before you install the package squirrelmail it won't ask for apache2.
<linocisco> jpds, a database driven web application
<eagles0513875_> soren: O_o event or mpm doesnt work with php O_o
<eagles0513875_> i honest find that hard to believe soren
<soren> eagles0513875_: Ok.
<soren> eagles0513875_: It's true, though.
<soren> eagles0513875_: php5 isn't thread safe.
<eagles0513875_> what alternatives for web mail clients are there soren
<soren> eagles0513875_: libapache2-mod-php5 explicitly only lists prefork and itk as possibilities.
<eagles0513875_> ok
<soren> eagles0513875_: If you can set it up without libapache2-mod-php5, you're fine, though.
<soren> Like through fastcgi or something.
<eagles0513875_> humm ok
<eagles0513875_> soren: what about using wsgi?
<soren> eagles0513875_: First you'd have to rewrite squirrelmail in Python.
<eagles0513875_> ya i have so many projects and crazy ideas
<soren> Why would you want to use wsgi?
<soren> wsgi is a Python thing. It doesn't make much sense for squirrelmail.
<eagles0513875_> ahh ok
<eagles0513875_> didnt realize it was python specific
<TuxLof> I need to search and replace a multiline script recursivly in my home directory (all index.php have been hacked). What would be the best way to do this
<nocturn> Hi, I have a server with one NIC running KVM VM's.  How do I give my VM's IP addresses in the normal network (instead of a subnet on the VM host)?
<jpds> nocturn: http://wiki.libvirt.org/page/Networking#Bridged_networking_.28aka_.22shared_physical_device.22.29
<nocturn> Thanks jpds
<freakynl> Any officials in here? It appears bugs I report in launchpad don't get solved. I posted one many months ago and it's still 'NEW', which doesn't give me much hope for the one I reported yesterday
<freakynl> https://bugs.launchpad.net/ubuntu/+source/targetcli/+bug/1021785 <- reported on 6 July 2012! Still new...
<uvirtbot> Launchpad bug 1021785 in targetcli "targetcli does not recognize md partitions as block devices" [Undecided,New]
<drussell> freakynl: try #ubuntu-bugs
<freakynl> drussell:
<freakynl> thx :)
<drussell> freakynl: good luck!
<xiaoy> TuxLof, there are many, from command line i would use sed,  find . -iname *.php -exec sed -i â -e âs/hackedText/goodText/â {} \;
<xiaoy> maybe adding a global statement too: âs/hackedText/goodText/g
<TuxLof> well basically it's a 30 line long php script with all kind of chars in it
<TuxLof> which I need to remove from all index php script
<xiaoy> s/hackedText//g
<xiaoy> find . -iname index.php -exec sed -i â -e âs/hackedText//gâ {} \;
<TuxLof> How do I do that when it's multiple lines, slashes quotes all that stuff.
<jpds> freakynl: If you want escalation for bugs like that, you might want to buy a canonical support contract. ;)
<xiaoy> TuxLof, you could mahe a bash variable to hold all that stuff, taking kare of all the charachters that can be misunderstud by sed, and then pass it to the command
<TuxLof> that's a good idea
<yolanda2> hi, anyone with experience with bitbucket urls and uscan?
<TuxLof> so it'd be something like this: find . -iname index.php -exec sed -i â -e âs/'$VAR1'//gâ {} \;
<TuxLof> where $VAR1 are some lines of php code
<mkuzu> Hello
<mkuzu> http://paste.ubuntu.com/1596278/
<mkuzu> need help about network file sharing
<chmac> Any advice on how to get an email (to root is fine) when there are system updates available?
<chmac> I particularly like the layout of the login text that says "X updates are available, Y of them are security updates"
<chmac> I guess it feeds the motd somehow, but I'd be interested to get that in my email when they become available...
<dizopsin> hi, I am configuring a server with a fairly complex network config in /etc/network/interface (8 phys ports, bonding, vlans, bridging). After some fiddling, everything mostly gets configured ok by upstart now, but it is still unreliable. For example, the bonding type for one of the trunks was set incorrectly during the last boot. Is there a clean way of having /etc/network/interfaces processed "the old way" on 12.04?
<ivrok> Ð°Ñ
<ivrok> ÐµÑÑÑ ÐºÑÐ¾ ÑÑÑÑÐºÐ¾Ð³Ð¾Ð²Ð¾ÑÑÑÐ¸Ð¹?
<ivrok> Ð²Ð¾Ð¾Ð±ÑÐµÐ¼, ÐµÑÐ»Ð¸ ÐµÑÑÑ - Ð¿ÑÐ¾ÑÑ Ð¿Ð¾Ð¼Ð¾ÑÑ. Ð¿Ð¾ÑÑÐ°Ð²Ð¸Ð» ÑÐ±ÑÐ½ÑÑ ÑÐµÑÐ²ÐµÑ 12.10 ÑÑÐ°Ð» Ð½Ð°ÑÑÑÐ°Ð¸Ð²Ð°ÑÑ Ð¸ Ð¾Ð±Ð½Ð°ÑÑÐ¶Ð¸Ð» ÑÐµÐ¹ÑÐ°Ñ, ÑÑÐ¾ Ð½ÐµÑÑ ÑÐ°Ð¹Ð»Ð° /proc/net/ip_conntrack
<ivrok> Ð² ÑÐ´ÑÐµ Ð½ÐµÑÑÐ¸Ð»ÑÑÐµÑ ÑÑÑÐ°Ð½Ð¾Ð²Ð»ÐµÐ½
<ivrok> Ð¿Ð¾Ð»Ð°Ð·Ð¸Ð» Ð¿Ð¾ Ð³ÑÐ³Ð»Ñ - Ð¾Ð½ Ð¼Ð½Ðµ ÑÐºÐ°Ð·Ð°Ð», ÑÑÐ¾ Ð¿Ð¾Ð´ÐºÐ»ÑÑÐ°ÐµÑ ÐºÐ¾Ð¼Ð°Ð½Ð´Ð¾Ð¹ modprobe ip_conntrack
<ivrok> lsmod | grep conntrack Ð´Ð°ÐµÑ ÑÐ»ÐµÐ´ÑÑÑÐµÐµ
<ivrok> nf_conntrack_ipv4      14080  3 iptable_nat,nf_nat
<ivrok> nf_conntrack           66307  3 iptable_nat,nf_nat,nf_conntrack_ipv4
<ivrok> nf_defrag_ipv4         12649  1 nf_conntrack_ipv4
<ivrok> ÑÐ¸Ð¿Ð° ÐµÑÑÑ nf_conntrack
<ivrok> Ð½Ð¾ ÑÐ°Ð¹Ð» Ð² ÑÐºÐ°Ð·Ð°Ð½Ð½Ð¾Ð¼ Ð¼ÐµÑÑÐµ Ð½Ðµ Ð¿Ð¾ÑÐ²Ð¸Ð»ÑÑ
<ivrok> help me, men!
<Myrtti> English would be a good start
<Myrtti> don't understand what you were asking
<ivrok>  i installed ubuntu server 12.10
<ivrok> but i didn't find ip_conntrack in /proc/net/
<ivrok> i tried install it throuth modprobe
<ivrok> sorry for my language
<ivrok> HEEEELP
<flcl> hello?
<ivrok> ÑÐµÐ»Ð»Ð¾Ñ
<flcl> ÐºÐ¸ÑÐ¸Ð»Ð¸ÑÐ° ÐºÐ¾Ð¼Ð¿ÐµÑÐ¸Ð±Ð»?
<flcl> 15:21 [ flebel          ] [ neoXsys         ] [ wedgie         ]
<flcl> is anyone using irssi? ÐÑÐ¾-Ð½ÐµÐ±ÑÐ´Ñ Ð¿Ð¾Ð»ÑÐ·ÑÐµÑÑÑ irssi?
<Pici> yes?
<flcl> do you know if it's possible to disable messages like "someone joined/left #ubuntu-server"?
<Pici> !quietirssi
<ubottu> To ignore joins, parts, quits in irssi:  /ignore #ubuntu +JOINS +PARTS +QUITS
<Pici> :)
<ivrok> ÐºÐ¸ÑÐ¸Ð»Ð¸ÑÐ°
<flcl> thanks!
<ivrok> ÑÑÐ²Ð°Ðº ÑÑÐ¾Ð¹
<flcl> ÑÐ¾ÑÐ°ÐºÐ¾Ðµ?
<ivrok> ÑÑ Ð»ÑÑÑÐµ Ð¼ÐµÐ½Ñ Ð³Ð¾Ð²Ð¾ÑÐ¸ÑÑ Ð¿Ð¾ Ð°Ð½Ð³Ð»Ð¸ÑÐºÐ¸
<stetho> Hi - I've set up apt-mirror and PXE on my home server. I've installed the 12.04 live cd on the PXE server and can boot a machine from it. Is there a way to make it use my local mirror instead of going out to the interwebs for its updates during the install?
<ivrok> Ñ Ð½Ðµ Ð¼Ð¾Ð³Ñ ÑÑÐ¾ÑÐ¼ÑÐ»Ð¸ÑÐ¾Ð²Ð°ÑÑ Ð²Ð¾Ð¿ÑÐ¾Ñ
<flcl> Ð´Ð°Ð²Ð°Ð¹ Ð¿Ð¾Ð¼Ð¾Ð³Ñ
<ivrok> Ð²Ð¾Ð¾Ð±ÑÐµ Ð¿Ð¾ÑÑÐ°Ð²Ð¸Ð» ÑÐµÑÐ²ÐµÑ ÑÐ±ÑÐ½ÑÑ
<ivrok> Ð° ÑÐ°Ð¼ Ð¿Ð¾ÑÐµÐ¼Ñ-ÑÐ¾ Ð½Ðµ Ð½Ð°Ð¹ÑÐ¸ ip_conntrack
<ivrok> Ð² Ð½ÐµÐ¼ ÑÑÐ°Ð½ÑÑÑÑ ÑÐµÑÑÐ¸Ð¸ ÑÑÑÐ°Ð½Ð¾Ð²Ð»ÐµÐ½Ð½ÑÐµ
<ivrok> Ð³ÑÐ³Ð» Ð³Ð¾Ð²Ð¾ÑÐ¸Ñ, ÑÑÐ¾ Ð»ÐµÑÐ¸ÑÑÑ modprobe
<ivrok> Ð½Ð¾ Ð½Ð¸ ÑÑÐµÐ½Ð°
<flcl> How to find ip_conntrack?
<ivrok> Ð² ÑÐ´ÑÐµ ÑÑÐ¾Ð¸Ñ Ð¿Ð¾Ð´Ð´ÐµÑÐ¶ÐºÐ° netfilter
<ivrok> Ð¿Ð¾ Ð¼Ð¾Ð´ÑÐ»ÑÐ¼ Ð²ÑÐ¾Ð´Ðµ ÑÐ¾Ð¶Ðµ Ð²ÑÐµ Ð²Ð¿Ð¾ÑÑÐ´ÐºÐµ
<ivrok> Ð½Ð¾ Ð¿Ð¾ÑÐµÐ¼Ñ-ÑÐ¾ Ð½Ðµ ÑÐ°Ð±Ð¾ÑÐ°ÐµÑ
<flcl> Ð¼Ð¼Ð¼, Ð½Ðµ ÑÐ²ÐµÑÐµÐ½, ÑÑÐ¾ ÑÐ¼Ð¾Ð³Ñ Ð¿ÑÐ°Ð²Ð¸Ð»ÑÐ½Ð¾ Ð¾Ð±ÑÑÑÐ½Ð¸ÑÑ, Ð½Ðµ Ð¿Ð¾Ð½Ð¸Ð¼Ð°Ñ Ð¾ ÑÐµÐ¼ ÑÑÑ Ð³Ð¾Ð²Ð¾ÑÐ¸ÑÑ, ÑÐ°Ñ Ð¿Ð¾Ð³ÑÐ³Ð»Ñ ÑÑÐ¾ ÑÐ°ÐºÐ¾Ðµ ip_conntrack
<ivrok> ip_conntrack Ð²ÑÐ¾Ð´Ð¸Ñ Ð² ÑÐ¾ÑÑÐ°Ð² net_filter Ð¿Ð°ÐºÐµÑÐ° ÑÐ´ÑÐ°
<ivrok> Ð¿Ð¾ ÑÐ¼Ð¾Ð»ÑÐ°Ð½Ð¸Ñ Ð² ÑÐ±ÑÐ½ÑÐµ ÑÐ¶Ðµ Ð²ÑÐµ Ð²ÐºÐ»ÑÑÐµÐ½Ð¾
<ivrok> ÑÐ°Ð¼ ÑÐ°Ð¹Ð» ÑÐ°ÑÐ¿Ð¾Ð»Ð¾ÐµÐ½ Ð´Ð¾Ð»Ð¶ÐµÐ½ Ð±ÑÑÑ /proc/net/ip_conntrack
<ivrok> Ð½Ð¾ ÐµÐ³Ð¾ ÑÐ°Ð¼ Ð½ÐµÑÑ
<ivrok> Ð²ÑÐµ Ð²Ð°ÑÐ¸Ð°Ð½ÑÑ Ð³ÑÐ³Ð»Ð° Ð¿ÐµÑÐµÐ±ÑÐ°Ð»..Ð² ÑÐ²ÑÐ·Ð¸ Ñ ÑÑÐ¸Ð¼ Ð² Ð¿ÐµÑÐ²ÑÐµ Ð¶Ð¸Ð·Ð½Ð¸ Ð¿Ð¾Ð´ÑÐ¾ÐµÐ´ÐµÐ½Ð¸Ð»ÑÑ Ðº irc ÐºÐ°Ð½Ð°Ð»Ð°Ð¼))
<flcl> nf_conntrack ÐµÑÑÑ Ð² ÑÐ¾Ð¹ Ð´Ð¸ÑÐµÐºÑÐ¾ÑÐ¸Ð¸?
<ivrok> Ð½ÐµÑ
<ivrok> Ð½Ð¸ ÑÐ¾Ð³Ð¾, Ð½Ð¸ Ð´ÑÑÐ³Ð¾Ð³Ð¾
<ivrok> Ð¼Ð¾Ð³Ñ ÑÐºÐ¸Ð½ÑÑÑ ÑÑÐ¾ ÑÐ°Ð¼ ÐµÑÑÑ Ð¸ ÑÑÐ¾ ÐµÑÑÑ Ð² Ð¼Ð¾Ð´ÑÐ»ÑÑ
<ivrok> Ð²Ð¿ÑÐ¾ÑÐµÐ¼ Ñ ÑÐ¶Ðµ ÑÐºÐ¸Ð´ÑÐ²Ð°Ð» ÑÑÐ´Ð°, Ð½Ð¾ Ð½Ð°ÑÐ¾Ð´ Ð½Ðµ Ð¾ÑÑÐµÐ³Ð°Ð¸ÑÐ¾Ð²Ð°Ð»
<flcl> Ñ ÐµÑÐµ ÑÐ¿ÑÐ¾ÑÐ¸Ð» Ð² #ubuntu, Ð¾Ð´Ð¸Ð½ ÑÐµÐ» Ð½Ð°Ð¿Ð¸ÑÐ°Ð»:
<flcl> 15:34 < jpw> more likely /lib/modules/2.6.32-5-amd64/kernel/net/netfilter/nf_conntrack.ko but idc
<flcl> *Ð²Ð¾Ð·Ð¼Ð¾Ð¶Ð½Ð¾ ÑÐ°Ð¼, Ð½Ð¾ Ð¾Ð½ Ð½Ðµ ÑÐ²ÐµÑÐµÐ½
<ivrok> Ð³Ð¼Ð¼..Ð¸ ÑÐµÐ³Ð¾ Ñ Ð½ÐµÐ¹ Ð´ÐµÐ»Ð°ÑÑ?)
<flcl> Ð½Ð°ÑÐµÐ»?
<ivrok> Ð¿Ð¾Ð´ÐºÐ»ÑÑÐµÐ½Ð¸Ðµ Ð¼Ð¾Ð´ÑÐ»Ñ Ð²ÑÐ¾Ð´Ðµ Ð´ÐµÐ»Ð°ÐµÑÑÑ ÐºÐ°Ðº-ÑÐ¾ ÑÐ°Ðº modprobe nf(Ð¸Ð»Ð¸ ip)_conntrack
<flcl> ÑÑÑÑÑÑ, Ñ Ð½ÑÐ± Ð¿Ð¾ÐºÐ° ÑÑÐ¾ ) Ð½Ðµ Ð¿Ð¾Ð´ÑÐºÐ°Ð¶Ñ
<patdk-wk> hmm, looks like my screen got scrambles again :(
<ivrok> ))
<ivrok> ÑÐ¿Ð°ÑÐ¸Ð±Ð¾, ÑÑÐ²Ð°Ðº)
<flcl> what's scrables?
<flcl> this channel is not as live as #ubuntu, is it? )
<TheLordOfTime> uh, what?
<flcl> I mean quiter )
<LeD> hello, try installing Ubuntu Server 12.04 on a HP ProLiant server fails dl360p gen8 and 72% setting atp
<maswan> LeD: oh, what is it that goes wrong?
<LeD> the installation is stuck
<LeD> frozen
<maswan> if you switch to the other VT, can you tell what it hung on?
<LeD> I'm not good in English speaking
<LeD> je
<LeD> what?
<LeD> Server Overview
<LeD> 4Gb x 4 , RAM
<LeD> 1 Tb x 3 , discos duros
<LeD> 2 Procesadores
<LeD> Server Overview
<LeD> 4Gb x 4, RAM
<LeD> 1 Tb x 3 HDDs
<LeD> 2 Processors
<capitaninsaneoh> Evidently I've a /boot at 100% full.  Anyone know how to fix this?  http://pastebin.com/z9SypZN7
<capitaninsaneoh> IS there any automatic way to clean up the extra kernels, etc in there?
<jpds> capitaninsaneoh: No.
<jpds> capitaninsaneoh: dpkg -l | grep linux-image and dpkg -r them.
<capitaninsaneoh> jpds will this always happen?  Never run into this before
<jpds> capitaninsaneoh: When you have to many old kernels installed, sure.
<capitaninsaneoh> Shouldn't the update process account for this and clean up old kernels
<jpds> capitaninsaneoh: No.
<jpds> capitaninsaneoh: What if you need to go back to an older kernel because newer ones fail?
<capitaninsaneoh> jpds I understand the reasons behind it but I wish I could limit it to 3 for example =)
<capitaninsaneoh> Does the desktop do something different with this?
<capitaninsaneoh> jpds, Thanks, I apt-get purged the old kernels
<jpds> capitaninsaneoh: No.
<tangomike> I thought it kept the last 3, but I could be wrong.  capitaninsaneoh: how many are in there? How big is your /boot?
<jcastro> utlemming: ping
<yolanda2> zul, jamespage: https://code.launchpad.net/~yolanda.robla/ceilometer/grizzly/+merge/146157
<dragonious> Morning Guys!
<dragonious> anyone on that can help me out Im trying to open a perl file so ican edit my squirrelmail config and I cant seam to get the file to open
<dragonious> I have cookies if that helps :)
<dragonious> like choco chip ....yummmmyy
<alex88> hi guys
<alex88> upstart doesn't log jobs output into /var/log/upstart?
<kevinmthomas> I just came in to thank you all for your help!
<kevinmthomas> over the last few days I have been able to set up my mail, printer server, etc
<kevinmthomas> and i really appreciate all you guys have done.  your help lead me to get this all working properly
<kevinmthomas> thank you again
<bitfury> hello, got rid of the default mta (exim4) installed ssmtp but when I do 'telnet localhost 25' I get connection refused
<kevinmthomas> bitfury - do you have port 25 open in your router
<kevinmthomas> also telnet is port 21
<bitfury> kevinmthomas: haven't checked that yet as I thought testing against 'localhost' will not go to the router
<xiaoy> bitfury, if you behind a NAT/Router also make sure to disable port filtering
<bitfury> i use telnet to test for open ports
<xiaoy> bitfury, http://www.havetheknowhow.com/Configure-the-server/Install-ssmtp.html
<xiaoy> make sure you have done those steps correctly
<bitfury> http://pastebin.com/FWWs9k1M
<bitfury> ^ mail.log
<uvirtbot> bitfury: Error: "mail.log" is not a valid command.
<TheLordOfTime> uvirtbot: be silent.
<uvirtbot> TheLordOfTime: Error: "be" is not a valid command.
<sarnold> bitfury: I don't think ssmtp provides an SMTP listener, does it? I thought the whole point was to provide a /usr/sbin/sendmail executable that could be used by local programs to send mail out.
<bitfury> sarnold: you're right
<RoyK> why not postfix?
<RoyK> !postfix
<ubottu> postfix is the default !MTA and !MDA on Ubuntu. For help, read https://help.ubuntu.com/community/Postfix and https://help.ubuntu.com/community/PostfixBasicSetupHowto - See also !MailServer
<bitfury> so I guess sendmail is what I need to be troubleshooting
<sarnold> postfix is a beast to configure compared to a simpler, /usr/sbin/sendmai-only mailer ...
<sarnold> (granted, postfix is only about a thousand times easier than sendmail :)
<RoyK> sarnold: heh - a beast to configure? apt-get install postfix and it's done
<patdk-wk> ya, if you need extreemly simple outbound only
<RoyK> bitfury: sendmail is the *real* beast configuration-wise
<sarnold> RoyK: heh, never felt that easy to me...
<patdk-wk> if you don't deal with it all the time I get it
<patdk-wk> but as I'm an email admin, I touch postfix atleast every week, so I think it's simple
<patdk-wk> everything being relative :)
<RoyK> imho postfix is the easiest mta so far
<qhartman> Postfix +1
<qhartman> I've managed a bunch of different ones and it's my favorite
<hallyn> stgraber: I think I've asked you thsi before.  But do you know of a way, either on bugs.launchpad.net, or (better) using python-launchpadlib, to get a list of bugs for package $p which are fix released in raring but nominated and not yet fix released in a supported stable release?
<stgraber> hallyn: should be fairly easy to do with the API
<stgraber> hallyn: essentially iterate all the bugs that are fix-released, look for the list of tasks and select any that doesn't have all of them fix-released too
<hallyn> stgraber: ok, i gave it a shot a few days ago and couldn't find good search params - had ot just walk every bug known to lp.  Is that the norm?
<hallyn> (sorry, back in a few mins)
<stgraber> hallyn: in this case, yes, you'll have to iterate through all the fix-released bugs I think
<stgraber> hallyn: I think the fastest way is to iter through the API equivalent of https://launchpad.net/ubuntu/<series>/+source/lxc/+bugs and for each bug found there, check if it's fixed in either raring (if that task exists) or the current dev release (no task)
<hallyn> stgraber: but you're suggesting i can look just over lxc fix-released bugs - didn't look like that to me
<stgraber> hallyn: .searchTasks(status="Fix released") should give you that
<stgraber> *Released (it's case sensitive)
<hallyn> stgraber: is it the lxc project then?
 * hallyn tries
<stgraber> hallyn: lp.load("https://api.launcpad.net/1.0/ubuntu/+source/lxc").searchTasks(status="Fix Released")
<hallyn> stgraber: ah, thanks.  that lp.load was what i didn't get.  i was trying lp.load_project("qemu-kvm") and that gave me obviously wrong results
<stgraber> >>> len(lp.load("https://api.launchpad.net/1.0/ubuntu/+source/lxc").searchTasks(status="Fix Released"))
<stgraber> 199
<stgraber> hallyn: yeah, that lp.load is the lazy way of doing lp.distributions['ubuntu'].getSourcePackage(name="lxc") :)
<stgraber> (gives you the same object back)
<hallyn> funky, 'load' doesn't exist here
<yolanda2> adam_g, ping
<hallyn> having to do get_source_package()
<zul> hallyn: i think there is a regression with libvirt
<hallyn> zul: passed all qa tests!  what is it doing?
<zul> hallyn: gimme a sec and ill show you
<zul> hallyn: http://pastebin.ubuntu.com/1598170/
<zul> hallyn:  i had to add the virterror back and include the virerror
<hallyn> zul: but you've got it fixed?
<zul> hallyn: yep
<zul> patched locally here
<hallyn> zul: cool
<zul> i wanted to talk to you before i upload it
<hallyn> stgraber: great, got a nice short script that should let me see everything that needs sru.  this lets me cull my local todolists some more
<hallyn> zul: you wanted me to look at debdiff?
<zul> hallyn: sure lemme finish what im doing here
<hallyn> zul: np.  biam
<adam_g> jamespage: if you're around.. was just rereading the #ubuntu-release discussion re openstack SRUs. the conclusion, AFAIUI, was to only add parseable bug references to changelogs if there is an existing ubuntu task?
<wendar> I'm getting install failures in the OMAP4 daily images raring-server-armhf+omap4.img
<wendar> expected? unexpected?
<wendar> worth reporting?
<hatake> !echo hy
<iamsvkris> Hi all, i am interested in contributing to the python-vm-builder. could any one please point me some tutorials in understanding the code
<patdk-wk> tutorials to understand the code?
<iamsvkris> yes patdk-wk. tutorials to understand the code
<hallyn> kirkland: hey, are you around?  would I be able to cajole you into sponsoring a small change to spice (https://bugs.launchpad.net/ubuntu/+source/spice/+bug/1101978) ?
<uvirtbot> Launchpad bug 1101978 in spice "[MIR] spice" [Undecided,In progress]
<hallyn> wait.  that's the bug, not the change
<hallyn> kirkland: https://code.launchpad.net/~serge-hallyn/ubuntu/raring/spice/spice-compiler-warnings/+merge/146220   that
<kirkland> hallyn: howdy
<kirkland> hallyn: wow -- you don't have upload rights yet?
<kirkland> hallyn: reading ubuntu-devel@, I thought we were just giving those away these days :-P  j/k
<sarnold> hallyn: is that .pc/ file intentional?
<kirkland> hallyn: yeah, I was just going to ask ... what's with .pc/?
<hallyn> kirkland: lol
<hallyn> sarnold: hm, lemme check
<hallyn> usually those do get included,
<hallyn> sarnold: kirkland: yeah, the .pc gunk gets kept in the bzr tree now, as patches are kept applied in the tree
<sarnold> hallyn: eww :)
<hallyn> which, frankly, makes debdiffs nicer ot review;  agreed on that
 * sarnold watches abstractions leaking all over the floor
<sarnold> at first I wondered, "is 700+ line diffs really hallyn's idea of "small change"? :D
<hallyn> sarnold: you should see
<kirkland> sarnold: you should hallyn's "big change"
<hallyn> my big changes
<kirkland> lol
<hallyn> :)
<sarnold> lol
<hallyn> kirkland: so the cool part about this is, so long as my excuse for not being able to enable tests is accepted, we coudl end up with qemu with spice in main in raring
<kirkland> hallyn: sure ... this will be a nice break from some RH stuff I'm currently working on
<sarnold> hallyn: thanks for the explanation :)
<hallyn> (which was why i picked you to look at this :)
<kirkland> hallyn: :-) nice
<hallyn> kirkland: :)  ecryptfs-systemd?
<kirkland> hallyn: heh
<kirkland> hallyn: nah, building an AMI of RHEL with zNcrypt enabled and talking to our keyserver, zTrustee
<kirkland> hallyn: okay, merged and pushed to lp:ubuntu/spice ... do I still need to build and upload a source package, or did they ever get that happening automagically?
<hallyn> kirkland: tragically, that is not yet automatic
<hallyn> kirkland: thanks!
<david_> How do I get wget to assume that the URL I give it is valid  and doesn't do a url encode on the url ?
<david_> nevermind, I am using nc instead
<hallyn> kirkland: say, have you pushed the spice to the archive yet?  (I'm wondering whether the code wants to actually ignore the seteuid failure)
<kirkland> hallyn: I pushed to lp:ubuntu/spice, but I haven't uploaded a source package
<kirkland> hallyn: I had a question for you above
<kirkland> <kirkland> hallyn: okay, merged and pushed to lp:ubuntu/spice ... do I still need to build and upload a source package, or did they ever get that happening automagically?
<hallyn> kirkland: oh i answered that above - it's not yet done automatically
<kirkland> hallyn: ah, okay
<hallyn> kirkland: then old on a sec,
<hallyn> i dunno.  i'm not happy with this.  I guess they really just meant "oh hey, if we can seteuid(0), taht'd be great.  if not, well we just want it for fun"
<hallyn> jdstrand: do you have 90 seconds?
<kirkland> hallyn: okay, I'll hold off on upload
<hallyn> kirkland: thanks, i'll just do an updated merge proposal if it needs a tweak
<jdstrand> hallyn: I have a feeling it will take longer, but ok
<kirkland> hallyn: ack
<hallyn> jdstrand: well, spice took some backtrace code from xserver, which calls gstack (which i've never heard of before) but first calls seteuid(0), which you flagged.
<jdstrand> yep
<hallyn> jdstrand: i was going to error out if seteuid(0) fails, but it occurs to me taht'll never succeed in libvirt-qemu-spice
<hallyn> so i think i'll just do (void)seteuid(0);  is that ok with you?
 * jdstrand nods
<hallyn> thanks.  i don't like it...
<hallyn> have a good weekend :)
<jdstrand> oh for the compiler error?
<jdstrand> warning
<jdstrand> my nods was for the statement prior to (void)
<hallyn> jdstrand: d'oh
<jdstrand> hallyn: ^
<jdstrand> hallyn: I actually don't care about that call cause we don't have gstack even in the archive
<hallyn> i noticed that :)
<hallyn> ok i'm fine leaving it as is in the archive, but i figured upstream will presumably nix that
<jdstrand> that apparmor profile should block it too
<jdstrand> hallyn: I'm confused. what will upstream nix?
<hallyn> jdstrand: i i think upstream will nix a patch to fail if seteuid(0) fails
<jdstrand> ah, right
<hallyn> i assume gstack will succeed on a task which you own
<jdstrand> nah, don't bother
<hallyn> don't bother which?
<jdstrand> with fixing that warning
<jdstrand> ie, leave that seteuid call alone
<hallyn> jdstrand: oh, ok.
<hallyn> jdstrand: the other warnings, which you didn't log, i assume you don't care bc they're in the client code which isn't going into main?
<jdstrand> let me look at the bug
<jdstrand> hmm, didn't mean to paste that seteuid(0)-- just meant to mention it
<hallyn> ok
<jdstrand> let me pull all the warnings, hold on
<jdstrand> ok, I missed one:
<jdstrand> basic_event_loop.c:118:5: warning: format '%ld' expects argument of type 'long int', but argument 3 has type 'int' [-Wformat]
<jdstrand> I mipasted
<jdstrand> mispasted
<jdstrand> well, mis-highlighted. off-by-one :)
<jdstrand> let me see where that one is
<jdstrand> ./server/tests/basic_event_loop.c
<jdstrand> ok, so who cares
<jdstrand> (testsuite)
<hallyn> right, we can't build them :(
<jdstrand> ./spice-common/common/lz_compress_tmpl.c is in spice-common btw
<hallyn> yeah i addressed that one
<jdstrand> hallyn: oh, the testsuite is not buildable, bummer :\
<jdstrand> ok, cool
<hallyn> so that would be the only one i address, once i change the setuid call back
<jdstrand> (I said 'who cares' cause not awesome coding in a test suite isn't really a concern)
<jdstrand> hallyn: feel free to say in the bug that after talking with me on irc that the seteuid(0) call doesn't have to be fixed
<hallyn> jdstrand: ok, thanks
<hallyn> now to get a new tree for kirkland
<jdstrand> np
<jdstrand> hallyn: "snappy - Powerful media player with a minimalistic interface". I wonder if we could just enable the server tests?
<hallyn> jdstrand: i assumed the server tests needed snappy to attach to the server, but i can try and hand-build and hand-run and see hwo far i get
<jdstrand> hallyn: yeah, I have no idea. I saw media player and thought client and then, well, made a half-thought-out suggestion :)
<hallyn> kirkland: re-submitted https://code.launchpad.net/~serge-hallyn/ubuntu/raring/spice/spice-compiler-warnings/+merge/146239 .  could you take and push that?
<jdstrand> once build depends aren't required for main, this will all go away. one day...
<hallyn> jdstrand: I'll spend some time and either push what tests i get working or, if that's the empty set, i'll comment in the bug
<jdstrand> hallyn: I appreciate it :)
<jdstrand> k, heading out. have a nice weekend :)
<hallyn> jdstrand: thanks - you too
#ubuntu-server 2013-02-02
<dougb> is there a way to copy a complete directory? i tried cp -r dir1 dir2 but I get the error "target 'dir2' is not a directory"
<dougb> nvm, got it working!
<kirkland> hallyn: done!
<kirkland> hallyn: pushed to lp:ubuntu/spice and uploaded to raring!  enjoy ;-)
<hallyn> kirkland: thanks!  good night.
<reiligha> Hi. I was trying to change my ssh settings to not permit root login, but I did not find the line PermitRootLogin yes in my ssh_config file. I'm using 12.04 LTS
<qman__> reiligha, the file is /etc/ssh/sshd_config
<cfhowlett> !cookie|qman__,
<ubottu> qman__,: Wow! You're such a great helper, you deserve a cookie!
<ae86-drifter_> could somebody please help me troubleshoot my internet connection? here's my ifconfig output here: http://pastebin.com/6FmcVxyn  I cannot ping any public IPs or hosts... I am running ubuntu server 12.10, the machine has two physical nics, i've followed all guides on the ubuntu website and still not working. I have set static addresses and other machines on the same subnet are working fine, just not this ubuntu-server...a
<reiligha> qman__ I didn't find that under etc/ssh, is it somewhere else?
<cfhowlett> qman__, now THAT is some impressive cli-fu!
<qman__> reiligha, no, that's where it is
<qman__> ssh_config contains client settings, sshd_config contains server settings
<ae86-drifter_> #networking
<reiligha> qman__ I definately do not see it there. I only have two items in etc/ssh
<qman__> reiligha, if you installed the ubuntu openssh-server package you would have many more than two, it stores the host keys there as well
<qman__> more than likely it's not installed, or the config was removed somehow
<qman__> ssh server is not installed by default
<reiligha> qman__ Thank you. I thought it was installed by default.
<qman__> ae86-drifter_, your networking configuration is incredibly complex, but please check to make sure you have one and only one default gateway, and have DNS servers configured
<qman__> as of 12.04 ubuntu uses resolvconf out of the box
<qman__> so you have to configure your DNS servers in /etc/network/interfaces
<ae86-drifter_> qman__: I cannot even ping DNS servers by IP address
<qman__> ae86-drifter_, I've never seen a macvtap interface, what are you running it on?
<qman__> also, what is vibr0 bridging to?
<ae86-drifter_> qman__: it's for VMs running on KVM, it's weird because they work fine
<qman__> sounds like your default gateway is missing then, what's the output of route -n?
<qman__> sorry, "route -n"
<ae86-drifter_> i am actually connected to wifi through a virtualized firewall which is the gateway for all my machines, however the KVM host has no internet, lol, everything else does..
<qman__> the behavior is as though the KVM host does not have a default gateway configured, or its default gateway is otherwise incorrec
<qman__> t
<qman__> which makes sense, since the guests need only be bridged to the LAN
<qman__> and that doesn't require the host to be able to contact anything but the LAN
<ae86-drifter_> the PPPoE connection is bridged on my modem, through to the kvm host, through to a VM running pfSense which has the public IP
<ae86-drifter_> my default gateway reported by route is correct
<ae86-drifter_> the VM on itself is the default gateway
<qman__> well, that probably won't work
<ae86-drifter_> qman__: it does
<qman__> the KVM host is going to need a default gateway not dependent on its guests
<ae86-drifter_> qman__: once the VM is up, it will be fine
<ae86-drifter_> and it's set to auto-start
<qman__> that that it isn't theoretically possible, but I can see lots of trouble with packets going both ways across the same bridges
<qman__> could be one of the many layers of virtual networking going wrong
<ae86-drifter_> qman__: i don't understand what you mean
<ae86-drifter_> qman__: the gateway is functioning correctly
<qman__> not if you can't ping hosts on the internet, it isn't
<qman__> that's what the gateway does, and if the gateway routes traffic fine for other hosts, it's not the gateway's fault
<ae86-drifter_> qman__: I am using it now on my laptop.
<qman__> it's that this host can't use it
<ae86-drifter_> for my internet
<ae86-drifter_> yeah, it's just this one ubuntu server host that i need help with that's all
<qman__> another question, what sort of wifi are you connected to?
<qman__> some kinds of firewalls that universities and corporations use can cause this to not work right
<ae86-drifter_> that's totally irrelevant, but the VM is providing an access point (PCI redirection in AP mode)
<ae86-drifter_> (the gateway)
<qman__> what?
<ae86-drifter_> qman__: it's quite complex
<qman__> clearly
<ae86-drifter_> but the wifi works fine okay, liek i said, i'm using it on my laptop
<qman__> that's not what I mean
<qman__> do you own/control the access point/the whole network?
<qman__> no weird firewalls?
<ae86-drifter_> yes.. it's in my home, it's mine lol
<qman__> ok
<ae86-drifter_> qman__: the "gateway" is a virtualized firewall, "pfSense"
<ae86-drifter_> which is running on the physical KVM host (ubuntu server) with 3 NICs (2x wired & 1x Wifi)
<qman__> well, there are a couple things pfsense can do that could break this but I'm guessing you don't have those configured
<ae86-drifter_> one NIC connected to my modem and one connected to a switch and the wifi acting as an AP (by having the PCI slot redirected to the pfSense firewall and being controlled by that)
<qman__> ok
<qman__> so, new question, your internet connection, does the KVM host have an IP on that interface, or is it also PCI redirected?
<ae86-drifter_> qman__: please imagine that the gateway is doing it's job correctly
<ae86-drifter_> qman__: it's bridged
<qman__> I can't do that because the problem being described is that the gateway is not working
<qman__> ok
<ae86-drifter_> but no IP configured on the KVM host, i am letting pfSense have the public IP
<qman__> I understand the configuration now, but unfortunately all the problems I can think of as the cause are not the case
<qman__> the only way I could continue is with a packet capture
<ae86-drifter_> qman__: how would you go about the packet capture?
<qman__> I would run a capture on pfsense, and then try to ping an internet host from the kvm host
<qman__> and see what happens on both sides of pfsense
<qman__> see if traffic makes it to, through, and gets translated correctly
<ae86-drifter_> tcpdump | grep 10.13.37.2  ?
<qman__> mm, might be easier if you did a ping specific filter so you can see the whole picture
<qman__> I can't remember how to do that off the top of my head
<qman__> but I'd capture icmp on all interfaces
<qman__> or at least the two relevant ones
<ae86-drifter_> qman__: I'm not sure what you mean, i'm pretty noob
<qman__> ping traffic is icmp protocol, and no real traffic is
<ae86-drifter_> oh i see what you mean now
<qman__> so you'd want to capture all icmp on the interface KVM connects to, and the WAN interface
<qman__> then do a ping and watch how the flow happens
<ae86-drifter_> ok i'll try
<qman__> where it stops
<ae86-drifter_> it's not capturing any packets from that address
<ae86-drifter_> i dont think it's even getting there
<qman__> ok
<ae86-drifter_> i'm getting random packets from other hosts on the same network, just not this one
<qman__> maybe the IP is assigned to the wrong interface then, or not bridged correctly?
<ae86-drifter_> i'm gonna disable ipv6
<qman__> on the KVM host
<ae86-drifter_> qman__: if that were the case, then my other machines wouldn't get an IP and my firewall would get a public IP either
<qman__> not exactly
<qman__> if the right interface is bridged correctly, they could still work, even if the host has no IP on that interface
<qman__> though with all those interfaces it's quite a bear to try and figure out
<ae86-drifter_> wouldn't get a public IP either*
<qman__> if the right interfaces are bridged correctly*
<qman__> the guests only care about the bridge being done and the interfaces being up, not the host's IP config
<ae86-drifter_> okay.. just not sure how i would confirm that / fix it
<qman__> well, it's a bit complicated
<qman__> you could run packet captures on the KVM host, on each interface, until you see the traffic in the network you expect
<qman__> but the bridging may throw that off
<qman__> unfortunately with all the virtual bridging and the wireless, the config isn't all in /etc/network/interfaces, so it's harder to see the whole picture
<ae86-drifter_> the bridges definately work to all VMs (whether they work properly or not, i don't know..), just the internet on the VM host doesn't.. it's really strange because i can plug a physical machine into it's physical interface, get an IP and internet works fine (static or DHCP)
<ae86-drifter_> qman__: but the KVM host only really has one IP on the LAN on interface p4p1
<ae86-drifter_> so where else would it go?
<ae86-drifter_> i'm a little confused
<qman__> what all is p4p1 bridged to?
<qman__> also, out of the box
<qman__> an interface will not accept traffic that originated from it
<qman__> and likewise it will not forward traffic it received back out the same interface
<nmgsc> Hello ppl noob here
<ae86-drifter_> the routing table is very simple - only three lines: http://pastebin.com/ny823BCS
<ae86-drifter_> qman__: okay..
<nmgsc> need help I just install ubuntu 12.10 and I get the shell instead of the graphis asking me for a log in ?Â¿?
<qman__> so, if your traffic goes out p4p1, does it have to come back in the same interface to get to pfsense?
<qman__> it may depending on how the bridges are set up
<ae86-drifter_> nmgsc: did you install the server version?
<ae86-drifter_> qman__: i need to thin kabout that
<nmgsc> hmmmm yep yep
<qman__> nmgsc, ubuntu server does not have a GUI
<nmgsc> yes i did
<qman__> it's command-line only
<ae86-drifter_> ae86-drifter_: no, it goes to a virtual nic
<nmgsc> looks like Im learning the right way He He He
<ae86-drifter_> pfsense's BOTH wired NIC's are virtual.
<nmgsc> can you give me a link to the one that is not a server plz
<ae86-drifter_> i really think i just need a small config tweak on the ubuntu server/kvm host
<qman__> that's likely, it may need an adjustment to the firewall or routing settings, or it may need to be set on a different interface
<qman__> trouble is pinpointing it, due to the complexity
<nmgsc> thanks ae86-drifter_ :}
<ae86-drifter_> qman: maybe i should create a "management" virtual network...
<qman__> just one thing to consider
<ae86-drifter_> nmgsc: http://www.ubuntu.com/download/desktop
<qman__> you said the VMs bridge to p4p1 in order to hit pfsense?
<qman__> or do they bridge to virbr0?
<nmgsc> ae86-drifter_ tk bud
<ae86-drifter_> yep
<qman__> or rather
<qman__> that you plug into p4p1 on the LAN and get internet?
<ae86-drifter_> p4p1
<ae86-drifter_> yep, correct
<qman__> and that's on the same IP range as you're using on the KVM host?
 * nmgsc hands ae86-drifter_ a Pepsi .PEPSI.
<ae86-drifter_> well, it's a switch but yeah, hosts on the switch seem fine
<ae86-drifter_> yeah
<qman__> yes, but they use the same 10.13.37.x?
<ae86-drifter_> well, i can ssh to the kvm host fine from my lan using it's LAN ip on that network
<qman__> ok
<qman__> I have one thing to try, but I need to put the rules together
<qman__> hmm, maybe these rules won't work
<qman__> here's what I think is happening
<qman__> kvm host sends ping out, it goes out p4p1 to the switch
<ae86-drifter_> i cant ping the gateway from the kvm host
<qman__> switch points it back to pfsense, which sends it back to p4p1, which then gets dropped
<ae86-drifter_> but every other machine can..
<ae86-drifter_> okay
<qman__> the vms can because the vms are bridged on the same virtual switch as pfsense, but the kvm host is using the physical interface
<qman__> this is just a guess, but a packet capture on p4p1 during a ping may reveal the answer
<ae86-drifter_> oaky i'll try, i see what you mean
<qman__> if this is the case, I'm not sure how to correct it
<qman__> I know how to fix the opposite problem, but not this one
<qman__> even if that's wrong I still think that for some reason kvm host's packets are not getting to the virtual switch
<nn0101> hi
<nn0101> setup=> encrypted lvm 12.10 (fresh install). booting now just hangs. it looks like it's trying to boot off my encrypted lvm but unable to do so.
<nn0101> any help?
<nn0101> thanks
<nn0101> not encrypted => /boot is 250mb
<nn0101> leme livecd it and mount the encrypted lvm
<nn0101> but this is 12.10! i don't understand why the option exists on the installation if its not supposed to work!
<nn0101> why the option exists in the debian install process if its not supposed to work straight off
<decci> How can I build Ubuntu 12.04.1 inserting a new Intel driver igb version
<zatricky> Hey all. Headless server (currently has a monitor attached) not booting but also not giving any error message other than the standard message regarding sparse files not being supported with btrfs.
<zatricky> How can I get more output about what's really going on?
<Diegonat> hi guys
<Diegonat> guys I created a script for udev that seems to work but RUM+="" which does not execute the command, why? RUN+="/bin/echo a > /opt/nearline.pid"
<Diegonat> what can it be???
<zatricky> RUM/RUN ?
<zatricky> typo?
<Diegonat> zatricky
<Diegonat> what do you mean?
<Diegonat> RUN sorry I meant
<zatricky> (14:04:02) Diegonat: guys I ... but RUM+="" which ... why? RUN+="/...
<Diegonat> I paste the command
<Diegonat> it does not execute anything
<Diegonat> why?
<Diegonat> it should work
<Diegonat> zatricky
<Diegonat> any idea?
<zatricky> not really - hopefully someone else has more experience with udev
<Diegonat> can it be apparmor that stops udev form executing commands?
<Diegonat> no its not
<Diegonat> ghghghhg so annoyed
<Diegonat> I need help with udev
<RoyK> with /proc/sys/... there's /etc/sysctl.conf etc - is there a similar thing for things like /sys/block/sdh/device/timeout ?
<koolhead17> Daviey, who else is at FOSDEM :)
<Shogoot> Hi. Ive been foollowing this guide for settting up a ubuntu server with webmin.. Guide from ---> ://woodel.com/ Ive tried to connect to ftp but its not letting me, and i have followed the guide to the letter. Any of you that can help me out find why my ftp is not working as intended?
<RoyK> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<Shogoot> argh...
<Shogoot> so waht do you people recomend as interface?
<RoyK> well, the commandline?
<RoyK> it's not too hard
<Shogoot> it is for a linux newbie ;)
<RoyK> you'll probably learn quickly
<Shogoot> probably..... not :P      Anyways you have some minutes to spare to help me understand why i cant acess my server from another computer on the same network?
<RoyK> can you ping it?
<Shogoot> yes
<Shogoot> i can access the website from the apachebit
<Shogoot> cmd pong successfull
<Shogoot> typos all over the place
<Shogoot> im on  awin7 machine
<Shogoot> and when i use explorer and ftp://myserverip i get the dialog box asking for user and pass, but it dont recognize eighter the suer or the password.
<Shogoot> and im 100% sure on the user and the password
<Shogoot> If you have a good guide for setting up a ubuntu server i would apreciate the help :)
<Shogoot> Ebox. is recomended....
<RoyK> !ebox
<ubottu> zentyal is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/Zentyal (Project formally known as eBox - including in Lucid/10.04).
<RoyK> Shogoot: really, what I would recommend is learning linux - it doesn't take too long to learn the basics, and doing it manually, gives you full control
<RoyK> not just asking a fancy gui to please do this or that
<Shogoot> thanks for your help
<bcbrown19> Anyone know a good guide for setting up ubuntu server with a static ip? note: i am running it on a virtual machine.
<RoyK> !guide | bcbrown19
<ubottu> bcbrown19: The Ubuntu server guide may be found at http://help.ubuntu.com/12.04/serverguide/C/
<bcbrown19> RoyK: Thanks. I'll check it out.
<mcdaniels> hi folks
<mcdaniels> is ubuntu server in the factory setting (after install) capable of using Smtp auth + Tls?
<patdk-lap> heh?
<patdk-lap> no, cause no smtp client/server would be installed
<patdk-lap> maybe you should define, capable
<patdk-lap> capable of server smtp auth? client smtp auth? php smtp auth? perl smtp auth?
<mcdaniels> ok my mistake sorry ;)
<mcdaniels> i am trying to set up a postfix server + dovecot + smtp auth (TLS)
<mcdaniels> I am talking server smtp auth
<patdk-lap> you will need to configure dovecot and then postfix to do that
<mcdaniels> ok so I ll try this again ... it is not that easy to find a suitable how to for this cause every how to (also the help.ubuntu.com how tos) are different from what happens in ubuntu server 12.04 ;)
<patdk-lap> heh?
<patdk-lap> I dunno about that
<patdk-lap> cause how you do that in dovecot/postfix hasn't changed in 8years?
<patdk-lap> so every howto, including both dovecot and postfix MANUALS will be correct
<mcdaniels> the dovecot configs for example are split in many conffiles
<patdk-lap> so?
<patdk-lap> that doesn't change the way it works, only the file you edit, if you even bother with that
<mcdaniels> no problem for a pro, but for a postfixbeginner ... ;)
<patdk-lap> there is no beginner email admin though
<patdk-lap> email is a pretty complex and can be very evil if not done right
<mcdaniels> beginner in "the postfix linux" case
<mcdaniels> especially postfix
<mcdaniels> coming from evil windowsservers ... ;)
<patdk-lap> that is your issue then :)
<patdk-lap> stuff in unix land isn't build solutions like windows
<patdk-lap> you have to layer
<mcdaniels> btw the postfix is in vm for testing (not in the wild)
<patdk-lap> makes for annoying setup
<patdk-lap> but easy diagnostics
<mcdaniels> yesterday I made it that smtp auth + tls for imap login worked
<mcdaniels> not smtp auth
<mcdaniels> tls for imap i ment
<mcdaniels> but no chance to get smtp out + tls working
<mcdaniels> auth sorry
<patdk-lap> http://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL
<patdk-lap> dunno why not read the manual, it's very very simple
<mcdaniels> The SASL is  for auth as far as i  understood
<mcdaniels> and TLS is for encrypting the connection
<mcdaniels> so sasl can send plain text passwords
<patdk-lap> the whole point of sasl, is it can send ANYTHING
<patdk-lap> encrypted, plain, hashed, challenge, ....
<mcdaniels> ok
<patdk-lap> normally, doing anything more complex than plain is not recommended
<patdk-lap> cause then it's required you store the password plain on the server
<patdk-lap> if you want to not use plain text passwords on the server, then you have to use plain text passwords for logins (sasl)
<patdk-lap> that is why TLS is needed
<mcdaniels> ok so far I understood it
<patdk-lap> to protect those plain passwords, so you can save the passwords encrypted on the server
<patdk-lap> well, encrypted/hashed
<mcdaniels> btw. if installing ubuntu server you may tag "Mailserver"
<patdk-lap> no idea what it does, I never tag anything other than ssh
<mcdaniels> ok
<mcdaniels> so I ll try to do it from scratch
<mcdaniels> just did a fresh install of postfix... there are TLS Parameters already with smtpd_tls_cert_file and key file
<mcdaniels> :q!
<patdk-lap> ya, but those tls are generic and untrusted
<patdk-lap> they are enough to make a secure connection
<patdk-lap> but not enough for you to know you are connecting to *your* mailserver
<mcdaniels> for testing its ok
<mcdaniels> but what is postfix encrypting at this part of the install...?
<patdk-lap> whatever the client asks for it to do
<patdk-lap> nothing is encrypted till the client asks for it, then everything after that is encrypted
<mcdaniels> ok i see so smtp connectons MAY be encrypted if the mailclient asks for
<mcdaniels> in this standardconfiguration
<SpinningWheels1> I have recently set up a ubuntu server box with a mdadm raid 5. For whatever reason the raid is degraded. It boots up and says the raid is degraded and asks if i want to continue to boot anyways and it wont let me type yes or no even though i can type before and after that in the rescue shell it provides.
<mcdaniels> the service auth  says  unix_listener  auth-userdb in 10-master.conf
<mcdaniels> so i have to change it  in unix_listener /var/spool/postfix/private auth ?
<mcdaniels> talking of dovecot
<xiaoy> ÃÃ»
<SpinningWheels> I have recently set up a ubuntu server box with a mdadm raid 5. For whatever reason the raid is degraded. It boots up and says the raid is degraded and asks if i want to continue to boot anyways and it wont let me type yes or no even though i can type before and after that in the rescue shell it provides.
<xiaoy> ÃÃ»
<luminous> hi! i am trying to see if i can get opensmtpd running on ubuntu. my cuurent stumbling block is that it seems ubuntu does mail aliasing differently / i can't quite figure out how ubuntu does this
#ubuntu-server 2013-02-03
<xk_id> is this a good place to seek AWS related help?
<TheLordOfTime> xk_id:  depends the extent of it
<TheLordOfTime> xk_id:  i run two Ubuntu 12.04 Amazon AWS EC2 instances, does that count? :P
<xk_id> TheLordOfTime: probably :)
<TheLordOfTime> s/2/3/
<xk_id> oh. that's more interesting, I suppose.
<TheLordOfTime> forgot about the instance i brought up for a colleague's campaign :P
<TheLordOfTime> s/two/three/
<TheLordOfTime> bleh
<TheLordOfTime> tired.
<xk_id> ah, you mean 3. not EC3. which not sure if exists :)
<xk_id> gotacha
<TheLordOfTime> ec2, but three instances
 * TheLordOfTime yawns
 * xk_id nods.
<TheLordOfTime> seriously, coffeetime.
<xk_id> I need to run a distributed crawler, and I've finished all the coding. Now I need to set it up in the cloud, tho.
<xk_id> I'm struggling to decide what to go for.
<zanzacar> I am trying to install some ppa repository, and for some reason this isn't working for me https://help.ubuntu.com/community/Repositories/CommandLine#Adding_Launchpad_PPA_Repositories
<zanzacar> I install the python-software-properties but I keep getting sudo: add-apt-repository: command not found
<qman__> zanzacar, you need to install python-software-properties
<zanzacar> qman__: I did install the python-software-properties
<zanzacar> python-software-properties is already the newest version.
<qman__> what version of ubuntu, and does `which add-apt-repository` return anything?
<qman__> also, I often dyslexically type apt-add-repository, which is wrong and won't work
<zanzacar> qman__: I am using 12.10 ubuntu server
 * lvx is back -( + away )- gone ??
<zanzacar> qman__: I figured it out here http://www.stylesen.org/addaptrepository_command_ubuntu_1210_quantal
<fego> ntopic
<samba35> i am using nfs client  from anoter ubuntu server where i am able to use nfs but while shutdown system hang and it seems to be known issuse so post suggest to network stop before shutdown so is there any way to run a /etc/init.d/networking stop script or command before shutdown
<Ernie1976> Hi all
<Ernie1976> Very quiet in here
<RoyK>  
<hatake> What version are good for server
<RoyK> 42
<RoyK> or - latest LTS
<RoyK> which is 12.04
<hatake> RoyK, this you mean http://releases.ubuntu.com/12.04.1/ubuntu-12.04.1-server-amd64.iso
<RoyK> yes
<RoyK> hatake: generally, most LTS releases are good for servers
<RoyK> non-lts doesn't have sufficient support
<hatake> ok RoyK thank you for information
<jonah> hi I hope someone can help. I'm trying to get my opencart site working on my ubuntu localhost with lamp but having connection issues: [Sun Feb 03 23:16:05 2013] [error] [client 127.0.0.1] PHP Fatal error:  require_once(): Failed opening required 'localhost/system/startup.php' (include_path='.:/usr/share/php:/usr/share/pear') in /home/jonah/yc_testserver/index.php on line 19
<jonah> I'm new to using lamp locally and i would really appreciate if anyone can help me. I've installed phpmyadmin and changed the virtual dirs etc so I've got my own local host domain in my home folder. copied all my files in there and then edited the config file. Also imported the database but it won't connect, not sure I've changed the config file correctly. I just chnaged referecnes to the domain name to localhost...
#ubuntu-server 2014-01-27
<QnD> hey all
<QnD> can anyone tell me how to detect if ptmx has been exploited
<CappyT> jrwren_, and how can i add samba-dc users to a samba share?
<jrwren_> CappyT: add users to the system.
<CappyT> jrwren_, so users logged in the domain access correctly the share?
<jrwren_> yes
<jrwren_> maybe use winbind if that is still a thing
<MavKen> If I have 1 cpu and 1 g ram, is there a reason to use 64 or 32 bit?
<MavKen> on vps
<foo> Having some serious issues with e-mail marked as spam. Nothing is blacklisted, SPF records are validating properly (via show original), everything looks fine. I am absolutely stumped - have spent several hours on this today. I have set up drupal sites on the same server which never go to spam. Anyone have any two cents?
<mardraum> who is marking your email as spam?
<foo> mardraum: whoops, good point - gmail is. So weird.
<foo> I guess, I'm stuck because I'm not sure what else I can possibly test.
<mardraum> foo: if it's just gmail, I wouldn't worry too much, I have seen it misbehave recently too and claim emails have popular malware phrases in them
<mardraum> just make sure your drupal and php are up to date
<foo> mardraum: they are, and I have tested this across half a dozen accounts - everything is going to spam. Not ok.
<foo> mardraum: err, just tested on yahoo, hit spam too. what. the. heck.
<leblaaanc> Hey guys, can someone help me configure my smbd.conf to properly force ugo+rw access and ugo+rwx on the dirs (basically publicly accessible files and dirs)?
<leblaaanc> http://pastie.org/private/gma85tckxib00rh0tdzzra
<leblaaanc> i've tried every combination of all those things it seems like
<leblaaanc> weird â¦ mkdir -m 777 foo doesn't work
<leblaaanc> but mkdir -m 7777 foo does?
<leblaaanc> wtf?
<Zorky> Seeking help regarding ubuntu server 12.04 wont update boot kernel, the following errors occur update-initramfs: Generating /boot/initrd.img-3.2.0-58-virtual
<Zorky> cryptsetup: WARNING: failed to detect canonical device of /dev/sda1
<Zorky> Warning: Not updating LILO; /etc/lilo.conf not found!
<sarthor> I am using ubuntu 12.04, with no GUI, there is not resolving on my machine, here is the conf files, can not dig anywebsite.com, can not ping yahoo or googel.com, no browsing, http://pastebin.com/GqC63Veg
<jrwren_> sarthor: home user? is 192.168.1.1 a home gateway/router?
<sarthor> jrwren_: yea that is my modem
<jrwren_> sarthor: try running this: echo nameserver 192.168.1.1 | sudo resolvconf -a eth0
<jrwren_> or 192.168.1.101 since you have that lited in your interfaces file
<vlad_starkov> Guys, recommend me please a tiny Linux distributive that will let me boot from USB flash and to make some recovery procedures in bash (I'll need dm-crypt, mdadm and mc). Thanks.
<patdk-wk> sysrescd :)
<jrwren_> vlad_starkov: ubuntu rescue cd :p
<vlad_starkov> jrwren_: it doesn't boot with it on my server
<vlad_starkov> jrwren_: I need to make some debug iterations to blacklist some of modules until I find the buggy module
<vlad_starkov> jrwren_: Someone else recommended me grml
<jrwren_> i don't know. i stick to what I know in rescue situations.
<vlad_starkov> jrwren_: Yep. Thanks anyways!
<patdk-wk> I just find the ubuntu rescue doesn't have enough stuff on it
<patdk-wk> sysrescd has always had what I needed on it
<zul> jamespage:  your cinderclient issue got fixed upstream ill backport the patch
<jamespage> zul, +1
<jamespage> that should go into trusty asap
<zul> jamespage:  its in the back of my mind
<sarthor> jrwren_: echo nameserver 192.168.1.1 | sudo resolvconf -a eth0 applied. still no resolving.
<yolanda_> jamespage, mp for rabbitmq using unison charmhelper: https://code.launchpad.net/~yolanda.robla/charms/precise/rabbitmq-server/ha/+merge/203062
<fellayaboy> is it possible for ubuntu server to also deploy windows 7 images
<fellayaboy> using pxe
<jrwren_> sarthor: that should add a nameserver line to your /etc/resolv.conf, but maybe lack of something on 127.0.0.1 is causing the problem?
<jrwren_> sarthor: do you have bind or dnsmasq installed and running?
<sarthor> jrwren_: If I manually wirte nameserver 192.168.1.101 in /etc/resolv.conf, so it work fine, and after some time or with restart the entry disapear.
<vlad_starkov> Question: Could anyone point me, why Ubuntu Server can't boot without 'noudev' boot option?
<sarthor> on the client i do not have bind or dnsmasq running, I did installed dnsmasq and removed
<zul> jamespage:  taskflow should be unblocked soon
<jamespage> zul, good-oh - thanks!
<jamespage> will that unblock the others?
<zul> cinder and glance is the only ones using it so far
<jrwren_> sarthor: i wonder if there is left over dnsmasq config. try apt-get purge to remove it.
<sarthor> jrwren_: already purged.
<zul> jamespage:  others are depending on python-oslo.rootwrap
<jamespage> zul, ah - yes
<jamespage> MIR'ed?
<zul> needs a team subscriber
<jrwren_> sarthor: can you paste output of grep 127.0.0.1 /etc/resolvconf/*/*
<sarthor> jrwren_: there was my fault, techers are far away otherwise I think I deserve box on the nose. in /etc/network/interfaces dnsnameserver 192.168.1.101 was like dns-server 192.168.1.101. there was problem.
<jrwren_> sarthor: ha! I didn't notice. gg wp
<sarthor> Thank you all. really you guys help a lot, Thanks again. and I will be back with next problem, because I am learner.
<WACOMalt> Hey folks. I just tried to visit my website, and it's currently down. How can I check that apache is running?
<WACOMalt> I tried sudo /etc/init.d/apache2 start, and it just says fail
<rostam> Hi I have a quesion on debminor. I have used this tool to locally mirror ubuntu 12.04.  However,  one particular package, python-pip, is not in the local mirror and I am not sure why? thx
<vlad_starkov> Question: How to disable udev upstart script in Ubuntu Server 12.04?
<sarnold> vlad_starkov: are you sure you want to do that? it might break a ton of things.. and it might be difficult to undo..
<vlad_starkov> sarnold
<sarnold> vlad_starkov: if you're sure you want to do it, you can use an override file as described here: http://upstart.ubuntu.com/cookbook/#override-files
<sarnold> (i'm disinclined to write the actual command, some things shouldn't be copy-and-pasteable by accident :)
<vlad_starkov> sarnold: I spent almost 6 days to deal with my Supermicro server which doesn't boot at all with Ubuntu Server 12.04 installed. It throws CPU soft lockup errors and hangs...
<vlad_starkov> sarnold: I tried grml with 'grml noudev' boot option and the system booted successfully. Then on booted system I tried 'sudo /etc/init.d/udev start' and it performed successfully. So I'd like to try such thing with Ubuntu that is installed on my server.
<sarnold> vlad_starkov: well, okay, worth a shot I guess. but udev probably wouldn't be the buggy thing itself, just triggering the bug elsewhere..
<vlad_starkov> sarnold: I know. I just need to figure out what module is buggy here. Just want to try to boot Ubuntu.
<vlad_starkov> sarnold: Any thoughts on how to figure out what module is bad ass there?
<sarnold> vlad_starkov: serial console or similar to capture the soft lockup message, hopefully it'll provide some guidence
<conroe> Anyone using btrfs?
<vlad_starkov> sarnold: I'm in datacenter now with monitor and keyboard connected to that server. Don't have serial cable.
<sarnold> vlad_starkov: ILO or similar?
<vlad_starkov> sarnold: nope
<sarnold> vlad_starkov: cell phone photo of the message may also work
<vlad_starkov> sarnold: you ask me to show you the screen?
<sarnold> vlad_starkov: sure, I might be able to guess on something to try next
<vlad_starkov> sarnold: sure just a minute...
<vlad_starkov> sarnold: This is the screen http://cl.ly/image/1Q0Z3s25120p
<vlad_starkov> sarnold: after that it have to throw lockup errors
<sarnold> vlad_starkov: wow, that's surprisingly readable :)
<sarnold> vlad_starkov: do you have any with the lockup errors?
<vlad_starkov> sarnold: It is because I connected to the server by KVM on my laptop
<vlad_starkov> sarnold: Hmm, there is no lockups on a screen for the moment.
<sarnold> vlad_starkov: hmm indeed :)
<vlad_starkov> sarnold: it is just staying at this state and the cursor blinking
<sarnold> :(
<vlad_starkov> sarnold: Take a look on this one http://cl.ly/image/221D100o3W3S/o
<vlad_starkov> sarnold: I made this screenshot a month ago
<vlad_starkov> sarnold: I reboot the server now. I could add some debug boot options if you point me, to make the output more verbose.
<sarnold> vlad_starkov: sorry, I don't know what else to suggest to make it more verbose..
<sarnold> vlad_starkov: I used modprobe -bvn on that PCI id and got the following module path: /lib/modules/3.11.0-15-generic/kernel/drivers/pci/hotplug/shpchp.ko
<vlad_starkov> sarnold: Yay! Caught one http://cl.ly/image/1T3J170R3A23
<sarnold> vlad_starkov: modinfo says you can ask it for debugging info with parameter shpchp_debug -- probably adding shpchp.shpchp_debug=1 to the kernel command line would help..
<vlad_starkov> sarnold: there are more http://cl.ly/image/0E0Y0Z3g2Z0X
<vlad_starkov> sarnold: I don't see this option in the list https://www.kernel.org/doc/Documentation/kernel-parameters.txt
<sarnold> vlad_starkov: ugh. :/ no wonder this has given you trouble, this looks really annoying.
<sarnold> vlad_starkov: no, I don't think module parameters are documented there
<vlad_starkov> sarnold: and one more before I reboot http://cl.ly/image/3i2V031x0b2y
<sarnold> vlad_starkov: grml loaded without trouble?
<sarnold> I mean, waiting nearly five minutes to finish enumerating hard drives feels really broken
<vlad_starkov> sarnold: It doesn't load too. But when I adding its native option "grml noudev" it boots successfully.
<sarnold> vlad_starkov: ah, right. okay. do your arrays come up?
<vlad_starkov> sarnold: tried to add shpchp.shpchp_debug=1. No changes.
<sarnold> vlad_starkov: nuts.
<vlad_starkov> sarnold: do the hdds come up in grml?
<sarnold> vlad_starkov: yeah
<vlad_starkov> sarnold: not sure, will check them now. a few minutes...
<conroe> Any way to install lightdm and xorg on -server without the bloat? I really dont need account* and stuff like that?
<zul> jamespage:  libvirt is fixed in icehouse-proposed
<vlad_starkov> sarnold: almost booted grml http://cl.ly/image/1J0G2L3a1F0b
<sarnold> vlad_starkov: are your arrays mdadm?
<vlad_starkov> sarnold: htop http://cl.ly/image/1N0w073J0V2Z
<vlad_starkov> sarnold: no. I just installed test Ubuntu Server on sda. Other disks are not formatted and mounted.
<vlad_starkov> sarnold: what should I check now?
<sarnold> vlad_starkov: oh interesting. I wonder if you format the others if it'll behave better?
<sarnold> I mean, it -should- behave, but the filesystem probing code might be broken..
<vlad_starkov> sarnold: disks http://cl.ly/image/1a053G2X1u2j
<vlad_starkov> sarnold: I can mount /dev/sda to /media/sda and edit /etc/modprobe.d/ to add buggy module(s) to blacklist. But I don't know which  one of them is buggy
<sarnold> no, me neither
<vlad_starkov> sarnold: I can run /etc/init.d/udev start on grml and after a minute it will complete successfully and no CPU lockups will appear.
<sarnold> vlad_starkov: perhaps try partitioning and formatting those other drives; I wouldn't like it if that is the answer, but it feels like it is worth trying
<vlad_starkov> sarnold: it is strange, as if udev is being lounched during startup, the system fails with CPU lockups
<vlad_starkov> sarnold: actually I did it before, that is actually what I was starting from :)
<sarnold> vlad_starkov: oh okay :) pity though, that was my last idea.
<vlad_starkov> sarnold: I'm absolutely sure that it is some buggy module over there. As grml boots fine with noudev, and Ubuntu Server installer runs fine and fast (as it doesn't load too much modules during installation).
<vlad_starkov> sarnold: I think I'm ready to call Ubuntu paid support to deal with this issue.
<sarnold> vlad_starkov: worth a try!
<sarnold> sorry I didn't have anything better :/
<vlad_starkov> sarnold: anyways thanks for your thought on subject!
<sarnold> vlad_starkov: good luck :)
<vlad_starkov> Thanks :)
<jamespage> zul, great
<vlad_starkov> sarnold: Hey! I just mount the sda and checked out ./var/log/syslog and found out CPU soft lockups errors there. I can paste it somewhere, there is shown a list of modules involved during lockup
<vlad_starkov> sarnold: http://paste.ubuntu.com/6828163/
<zul> Daviey:  ping can you promote python-networkx (#1271609), python-taskflow (#1271617), python-oslo.rootwrap (#1259985) so we can get openstack built in the archive plese
 * genii sips
<jcrza> What exactly does the "Mail Server" option do when installing Ubuntu server?
<jcrza> I want to get my mail server set up but I'm not sure what it's installed
<sarnold> jcrza: you could just skip it and install the mail server of your choice once the system is installed
<jcrza> I already did it :( now I don't know where to start from
<jcrza> Do you know what it installs so I can just find a guide for that stack?
<jpds> jcrza: postfix.
<jcrza> Awesome. Thanks!
<jcrza> no gmail
<jcrza> I do not fucking want to sign up for G+
<jcrza> I'm in the process of completely replacing you you awful slut
<IdleOne> jcrza: Please keep the language clean
<patdk-wk> why all the cursing?
<IdleOne> there is no need for that
<jcrza> aw thought I was in #reddit
<jcrza> wouldn't have been such a jerk.
<jcrza> Do you guys think horde mail is secure?
<jcrza> it looks a lot more recent than SquirrelMail... considering switching
<jrwren> jcrza: /usr/share/tasksel/ubuntu-tasks.desc is the file which shows which package are installed for a task
<jcrza> horde install soooooo much php stuff
<jcrza> kinda scary.
#ubuntu-server 2014-01-28
<rostam> HI how could I preseed two nic interface one configured with dhcp (i.e. eth0) and one with static ip address (i.e. eth1)? thx
<JayF> What package creates the "netdev" group in ubuntu server?
<sarnold> JayF: looks like it might be avahi: http://codesearch.debian.net/search?q=netdev
<JayF> Ugh. I do not want to install avahi, or network manager, on a cloud server image
<JayF> but I'm getting knocked by this bug https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1054035
<sarnold> JayF: ooh, ifupdown also appears to: http://codesearch.debian.net/search?prev=0.206.264&q=netdev&skip=345
<JayF> I guess I could just manually create the group in the kick.
<JayF> hmm
<JayF> ifupdown is installed
<JayF> but no such group
<JayF> let me try a reinstall.
<JayF> yeah ifupdown does not create a netdev group on saucy
<JayF> although TIL about codesearch.debian.net
<JayF> that's pretty sweet
<sarnold> it's wonderful :)
<JayF> hah! Powered by Rackspace.
<JayF> How did I not know aobut this
<Wilkim_> Hello
<Wilkim_> I have a unused laptop with ubuntu-server on it
<MavKen> same here
<Wilkim_> When I close the laptop it goes to sleep and turns off in some capcity, and turns on instantly when i reopen it
<MavKen> i run my company's crm off of a laptop server
<Wilkim_> any idea how to prevent it from going to sleep when it closes as i store it under my entertainment center
<Wilkim_> nice lol!
<Wilkim_> I plan on using it for a developmentp-server
<MavKen> goodluck with that, I have to keep screen up and turn off all the power related settings so it doesnt go to sleep
<Wilkim_> so you have the same issue?
<MavKen> yep
<MavKen> im going to pick up one of those small dell desktop boxes on craigslist for 100 and install ubuntu server
<Wilkim_> http://askubuntu.com/questions/360615/ubuntu-server-13-10-now-goes-to-sleep-when-closing-laptop-lid
<Wilkim_> that fixes it :)
<MavKen> no way...wow
<Wilkim_> lol, if it wasnt for the internet i would have given up on linux :P
<MavKen> also, you may want to check out digitalocean.com - I am in the process of moving a lot of my sites over to there
<MavKen> its a pretty sweet setup
<MavKen> haha
<MavKen> yeah
<MavKen> they have ubuntu images
<Wilkim_> that sounds nice ty, but im looking for just make use of my 4 unused laptops lol
<Wilkim_> dual cores to quad cores
<Wilkim_> decent hardware not being utilizedd
<Wilkim_> ones now a development server
<Wilkim_> 3 laptops *
<Wilkim_> n im giving one to my brother n father lol
<MavKen> nice
<Wilkim_> btw I dont know what you do MavKen but I work for an advertisment company, if you would like to advertise at all let me know
<Wilkim_> I dont deal with selling the services at all, but if I could help out a fellow friend then why not recommend it to them? :)
<Wilkim_> http://www.yashi.com
<MavKen> i provide consulting services to small businesses, but have a hobby business for web design/hosting
<Wilkim_> Well if you would like to advertise let me know :) or goto that site, then the contact page and send a message
<MavKen> ok
<Wilkim_> we also provide advertisments to people at well if your looking to host ads too
<rostam> Hi is it possible to disable network manager? thx
<hitsujiTMO> rostam: uninstall it
<rostam> hitsujiTMO, would that have any side effect, I guess I want to know is it good to have or not to have network manager? thx
<hitsujiTMO> rostam: nothing relies on network manager and its safe to remove. just means you need to have an alternative way of configuring your network interfaces
<MavKen> any recommendations on building a login system?
<hitsujiTMO> MavKen: what exactly do you mean?
<MavKen> im creating a lightweight crm from scratch, needing a login system...ive hacked together login systems in the past but wanting to find a different way
<MavKen> im using php/mysql
<MavKen> i wish the major frameworks had something built in... i just dont like spending time on the login side of things
<hitsujiTMO> MavKen: such a question would be more appropriate for #php then
<MavKen> ok
<hitsujiTMO> MavKen: one thing tho, use bcrypt/blowfish
<MavKen> ok thanks, will check it out
<crass> anyone know how/where/when local-premount initrd script get run from init?
<Sling> having some weird issues with my apache httpd package all of a sudden, nothing out of the ordinary is appearing in logs but this is what happens: http://apaste.info/knE6
<Sling> ah forgot to include in the paste that before the start command there are no apache processes running
<Sling> this is ubuntu 13.10 with Apache/2.4.6
<Sling> also, when I create a config file in /etc/apache2/sites-available/ it should be enable-able by a2ensite right?
<Sling> or hmm does it need the .conf extension..
<Sling> so it does, anyway previous issue not yet fixed, any input would be appreciated
<hitsujiTMO> Sling: looks like apache2 is being called started impropperly at another point
<hitsujiTMO> Sling: that or its majorly misconfigured.
<hitsujiTMO> Sling: have you looked at the error logs?
<Sling> hitsujiTMO: yup as stated there is nothing out of the ordinary in the apache errorlog
<Sling> also it actually is started and working fine, but not controllable by service apache2 <action> properly
<hitsujiTMO> Sling: if you disable all the sites in /etc/apache2/sites-enabled/ does it still occor?
<Sling> the httpd starts
<Sling> its just the interaction between the upstart script and the actual httpd that is borked it seems
<hitsujiTMO> Sling: apache2 is configured by sysv not upstart atm
<Sling> okay that then :)
<hitsujiTMO> have you tried disabling all sites, killing all apache processes and then starting again to see if you get the same hehaviour?
<Sling> hitsujiTMO: yup, same behaviour
<hitsujiTMO> Sling: has someone modified the apache sysv init script at some point?
<Sling> very unlikely, not me at least
<hitsujiTMO> Sling: if they haven't then the culprit would be the apache config. But don't think that can spawn new processes.
<Sling> if the apache config would be broken, it wouldn't start
<hitsujiTMO> Sling: not broken, just misconfigured
<hitsujiTMO> you can have a misconfigured config that still works but doesn't do what its supposed to do
<Sling> the httpd does what its supposed to do though..
<Sling> it works perfectly fine
<Sling> but for some reason, the processes that are launched, are not matching some pid file
<Sling> /etc/apache2/envvars:export APACHE_PID_FILE=/var/run/apache2/apache2$SUFFIX.pid
<Sling> that file doesn't exist, but /var/run/apache2.pid does
<hitsujiTMO> $SUFFIX is a var. if its empty then the APACHE_PID_FILE produced is /var/run/apache2.pid
<Sling> why not /var/run/apache2/apache2.pid ?
<hitsujiTMO> ahh i see what you mean. you'd have to route thru the init script to see whats going on
<hitsujiTMO> goes back to the question on if the init script has been modified or not
<Sling> this fixes it; ln -s /var/run/apache2.pid /var/run/apache2/apache2.pid
<Sling> but yeah, not proper solution
<Sling> im guessing that some other package has fiddled with the init script
<hitsujiTMO> that should not happen. are you using a ppa?
<Sling> nope
<Sling> although, there is a dl.google.com_linux_mod-spdy_deb_dists_stable_ in /var/lib/apt/lists/
<Sling> hmm
<hitsujiTMO> Sling: check the init script. maybe the server has been compromised
<Sling> hitsujiTMO: last modified date was >6 months ago, and dpkg -S shows that only the apache2 package is doing something with that file
<Sling> anyway, ill investigate further, some time :)
<hitsujiTMO> tis a wee bit odd of an error
<hallyn> smb: are you looking at bugs 1180281 and 915954 ?
<smb> hallyn, Hm, since the bot is on holiday, give me a sec to look what they are
<smb> hallyn, Ok, replied there but I would think those should be good in Trusty after libvirt 1.2.1 at least
<hallyn> smb: i haven't actually look in detail;  was just wondering if you wer ehandling them.
<hallyn> smb: yo're saying there are patches attached to the bug reports and those should go into our package?
<hallyn> smb: if so, I'm currently getting ready to push libvirt to trusty with a new aarch64 patch pushed anyway...
<rostam> HI how could I configure static IP address with nmcli ? thx
<smb> hallyn, Now I am not sure you commented before I talked to you. Current code for libvirt1.2.1 should be working
<hallyn> smb: i commented?
<hallyn> oh, here you mean :)  thought you meant in the bug
<hallyn> smb: yeah that was before we talked
<hallyn> thx
<smb> hallyn, Yeah, sorry for the confusion. :)
<hallyn> adam_g: hi, for bug 1244694, could you test one more time, and report whether the new package works for you (no regressions)
<hallyn> adam_g: it woudl be great if you could still reproduce it with the old version, but at least if the new package doesn't regress that's a good data point
<shwaiil> Hi
<shwaiil> wondering when is the next LTS version coming up ?
<cfhowlett> !lts|shwaiil,
<ubottu> shwaiil,: LTS means Long Term Support. LTS versions of Ubuntu will be supported for 3 years on the desktop, and 5 years on the server; with the exception of 12.04 (Precise Pangolin), which will be supported for 5 years on the desktop. The current LTS version of Ubuntu is !Precise (Precise Pangolin 12.04)
<cfhowlett> !trusty
<ubottu> Ubuntu 14.04 (Trusty Tahr) will be the 20th release of Ubuntu.  See the announcement at http://www.markshuttleworth.com/archives/1295 for more info. support in #ubuntu+1
<shwaiil> cfhowlett: thanks for looking. looks like a long read
<shwaiil> just wondering if I should stick with 12.04 for a new server I'm assembling here
<shwaiil> when I did research someone mentioned to maybe just wait for 14.04, so I wasn't sure if is around or not: )
<cfhowlett> shwaiil, new LTS in 3 months - direct uprgrade from current lts to 14.04
<shwaiil> cfhowlett: 3 months, cool :)
<shwaiil> Thank you
<cfhowlett> shwaiil, no problem
<DenBeiren> Hey all,.. i'm having some issues with cron not running as it should,.. anyone here to help out?
<ltlbeaver> DenBeiren, what problem does your cron have?
<DenBeiren> i addes a line to shutdown at a certain time
<DenBeiren> it doesn't shutdown at the asked time :-)
<DenBeiren> i used shutdown -h now
<DenBeiren> sudo shutdown -h now
<DenBeiren> tried as user, tried as root
<ikonia> errr how are you doing that as cron
<ikonia> sudo requires user access unless you've changes the sudo rules
<ikonia> and the root account should be locked
<DenBeiren> i made a cron using crontab -e as my default user, and added the line shutdown -h now
<DenBeiren> since that didn't work, i tried using sudo
<ikonia> ok - so thats not going to work
<ikonia> sudo isn't going to work as it needs user input
<DenBeiren> since that didn't work i tried the same two things logged in as root
<ikonia> so again the root account should be locked so you shouldn't be logging as root
<ikonia> and I suggest you show the EXACT cron line you are using
<DenBeiren> uhu
<DenBeiren> what would be the way to go then? :-)
<ikonia> you could look at a specific sudo no password line for you
<ikonia> but lets see the exact line you're using
<DenBeiren> after searching on google i added this line now
<DenBeiren> 00 07 * * * /sbin/shutdown -p now
<ikonia> -p is an invalid flag
<DenBeiren> ok
<ikonia> it appears you are just copying things blind rather than actually thinking about things/checking them
<ikonia> I suggest you stop that
<ikonia> actually research the things you need, eg: man shutdown
<DenBeiren> i try to do so, but even the manpages are not always that easy for novice users i'm afraid
<ikonia> ok - but looking if -p is a flag should be basic for if you want to use -p
<ikonia> it varies from distro/provider
<ikonia> also try the command manually to get better output, once you know it works you can look at setting it up in cron
<DenBeiren> shutdown -h works normally as default user
<ikonia> "default user" ?
<DenBeiren> i looked at this: http://www.ipaste.eu/view.php?id=1186
<DenBeiren> well,.. denbeiren is the normal user i always use
<DenBeiren> so default user = denbeiren
<ikonia> ok, so that shouldn't work
<ikonia> unless you use sudo or have setuid set
<DenBeiren> it asks for a sudo password when i enter that command
<ikonia> right, so cron can't do that as it's not interactive
<ikonia> apply some thought
<DenBeiren> figure out how to make user a sudouser?
<ikonia> no, your user is already a sudo user
<DenBeiren> then i'm afraid i don't know
<ikonia> ok, so first of all test the sudo command you want to use, make sure it works
<ikonia> then understand the limitations, eg: sudo
<ikonia> then update your sudo rules to make the command "shutdown" not require a sudo password
<zul> jamespage:  the dependencies got promoted im just un depwaiting things today
<DenBeiren> the commands that i would like to run all work
<ikonia> DenBeiren: ok, so go to the next step
<DenBeiren> so i need to be checking out changing sudo rules probably?
<mardraum> how about edit root's crontab? :p
<DenBeiren> mardraum: seems like that would be a big nono :-)
<ikonia> depends how you look at it
<mardraum> there is nothing wrong with using root
<mardraum> for administration and elevated privs
<makara> hi. How do I restart sshd on 13.04?
<makara> remotely
<makara> `sudo restart sshd` gives `restart: Unknown job: sshd`
<mardraum> service ssh restart, or old way /etc/init.d/ssh restart
<mardraum> makara if you are used to BSDs, note that ubuntu tends to drop the "d"
<DenBeiren> ikonia: thanks for the help so far,.. have to go to work, i will look into it
<mardraum> eg services like "ssh" "ntp" etc
<mardraum> though I note that the BSDs don't have a "restart" command I am aware with, so perhaps some other linux distro instead.
<makara> mardraum, thx
<ttx> zul, jamespage: was the 12.04 kernel namespace bug brought to your attention ? The one that blocks neutron gating ?
<ttx> https://bugs.launchpad.net/neutron/+bug/1273386
<ttx> probably the same as https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1252508/
<jamespage> ttx, yes it has - mark pinged me last night about it
<ttx> ok, cool
<jamespage> sarnold, smb: could bug 1273386 have a bit of kernel team attention please
<jamespage> https://bugs.launchpad.net/neutron/+bug/1273386
<smb> jamespage, we will have a look
<jamespage> smb, ta
<jamespage> smb, also pinged arges
<smb> jamespage, So he told me (sitting two seats down the table)
<jamespage> smb, \o/
<jamespage> smb, any chance you could join openstack-dev?
<jamespage> smb,  probably a regression - "so far we've isolated that happens with 3.2.0-58 and did not happen with 3.2.0-57"
<smb> jamespage, I can join. That info is good to have
<jamespage> smb, thanks - it was really just to open up the channel between the neutron dev looking at this and your team
<shwaiil> Q: I was questioning about user management for my samba file shares, if I can inherit the system users and groups, etc. Someone mentioned that I should use an intermediate access protocol like LDAP. I never did something like that, is that too complicated ? Thanks
<atpa8a> hello
<huttan> shwaiil: that is correct. If you setup a ldap server and add the samba schema, you can manage it centrally
<shwaiil> huttan: Thanks so much for looking! I've got no experience with it but I'm ok about reading and trying. I just wonder if it's too complicated to setup ?
<huttan> shwaiil: it depends on your experience with servers I guess. I personally found it pretty easy the first time i tried
<olsonea> Hi #ubuntu-server! I've got a noobish question that I've tried to resolve on my own. I am working with a Wordpress site installed at /var/www. My user is in the www-data group, and everything under /var/www is owned by www-data:www-data. The problem is to modify anything, create a new dir, etc, I still have to sudo foocmd. What am  I missing?
<huttan> shwaiil: and now Ubuntu also provides you with some great documentation
<huttan> shwaiil: https://help.ubuntu.com/12.04/serverguide/samba-ldap.html
<shwaiil> huttan: thanks, I'll try it then. have you ever found problems with mac osx clients ?
<shwaiil> most people here use mac books :T a bit worried
<huttan> shwaiil: https://help.ubuntu.com/12.04/serverguide/openldap-server.html
<atpa8a> should update-grub work for efi boot?..
<atpa8a> cause mine doesn't
<huttan> shwaiil: it works great with them too
<atpa8a> expert mode installation
<shwaiil> huttan: ok cool :)
<huttan> shwaiil: if u want to centralize all, might also wanna look into kerberos
<huttan> shwaiil: just a tip
<shwaiil> huttan: so, for example, let's say I've got a developer group and I invite a developer here, I connect to LDAP and I can create a new user and he's going to have his own home directory and all that stuff ?!
<shwaiil> kerberos... oh ok
<huttan> shwaiil: yepp, as long as the server he logs on is configured to pull login info from ldap
<huttan> shwaiil: u can also manage sudo rights etc. from ldap
<shwaiil> huttan: not sure if I'm understanding everything.
<shwaiil> so my project under /var/www/myProject owned by group "developers" at 192.168.0.77
<shwaiil> the developers would authenticate to a LDAP server and
<shwaiil> ehh...
<huttan> shwaiil: sure, u can setup apache to auth through ldap
<shwaiil> hum, so what's kerberos ?
<huttan> shwaiil: centralized passwords
<huttan> shwaiil: in a secure way
<shwaiil> but I can just work with LDAP without kerberos right ?
<huttan> shwaiil: yeah
<shwaiil> otherwise it's too much stuff for me to handle, to start with
<huttan> shwaiil: its not requirement
<shwaiil> huttan: just one thing, I usually provide a user and password to access a file share
<shwaiil> with LDAP, it's exactly the same ?
<huttan> shwaiil: yepp
<olsonea> huttan: did shwaiil ask the same question I did before I entered?
<huttan> olsonea: sorry i did not see your question
<olsonea> about users with group permissions on /var/www?
<olsonea> Hi #ubuntu! I've got a noobish question that I've tried to resolve on my own. I am working with a Wordpress site installed at /var/www. My user is in the www-data group, and everything under /var/www is owned by www-data:www-data. The problem is to modify anything, create a new dir, etc, I still have to sudo foocmd. What am  I missing?
<olsonea> s/#ubuntu/#ubuntu-server/g
<huttan> olsonea: i assume ur trying to create it as the www-data user and not ur regular home user?
<olsonea> ah, let's call my home user olsonea. that's who i am authenticates as, yes.
<huttan> olsonea: ok then
<huttan> olsonea: So heres your problem, its owned by www-data so that has to be the one making dirs
<huttan> olsonea: however, u can add urself to the group and give group write permission on /var/www
<huttan> olsonea: then u could also make it w/o sudo
<olsonea> ok, so when i issue the groups command, i am in the www-data group
<olsonea> oh
<olsonea> but it looks like the group only has read perms
<olsonea> so i probably need to chmod 755 /var/www?
<olsonea> err, less open, 751?
<huttan> olsonea: no
<huttan> olsonea: just do chmod g+w /var/www
<huttan> olsonea: im not gonna specify recursive, if u need that do it
<olsonea> gotcha
<olsonea> huttan: superb, thanks for educating me
<huttan> olsonea: sure, no problem
<shwaiil> huttan: you still around ? I'm wondering, if LDAP have a GUI or a Web interface to allow any one to easily manage the user control access, etc ?
<shwaiil> I'm trying to avoid creating any dependences
<shwaiil> I don't want to be asked to manage new users or current users all the time by the command line
<shwaiil> so just wondering if openLDAP provides that
<shwaiil> I'm also doing research, maybe I'll find something about it meanwhile
<pmatulis> shwaiil: openldap does not provide that, no
<shwaiil> pmatulis: thanks for looking
<shwaiil> if I'd like to have something like that, is it possible ?
<pmatulis> shwaiil: i didn't look, i just know
<pmatulis> shwaiil: it depends what kind of users you're talking about
<shwaiil> pmatulis: sorry, what I mean with looking, is thanks for answering or thanks for taking your time to answer me, sorry not my native language
<pmatulis> shwaiil: simple users or administrators
<shwaiil> pmatulis: let's say any user with admin control be able to manage users
<pmatulis> http://directory.apache.org/studio/
<shwaiil> pmatulis: oh thanks
<shwaiil> I'll have a look
<pmatulis> but beware of relying too much on the gui.  i recommend learning the basics.  'cause you often need that to be able to debug/troubleshoot anything
<shwaiil> pmatulis: sure. it's just to ensure that my managers and stuff have a way to manage simpler stuff
<pmatulis> yep
<shwaiil> without having to rely on me all the time, I'm just a developer anyway
<shwaiil> let's say if I'm on vacations and stuff. We are a very small creative studio / agency
<shwaiil> I do a bit of everything but.
<pmatulis> for the basics, see the ubuntu server guide --> authentication --> openldap
<tgm4883> What causes the screen to blank in ubuntu server?
<shwaiil> tgm4883: are you running it under a VM ?
<tgm4883> shwaiil, no, on an imac
<shwaiil> tgm4883: happened to me when running on a VM, running in a mini mac
<shwaiil> but I can still ssh to it etc
<shwaiil> pmatulis: thanks
<tgm4883> shwaiil, and you have to restart it afterwards?
<conroe> Any suggestions package-wise at installing minimal lighdtm/xorg on -server?
<conroe> I dont need accounts* and some of the other bloat ;)
<pmatulis> conroe: openbox/lxde/lightdm
<conroe> apt-get install ubuntu-desktop --no-install-recommend should do it
<conroe> figures ;)
<atpa8a> any clues why upgrade-grub/efi doesn't work? Getting 'Couldn't find physical volume `(null)'. Some modules may be missing from core image..'
<_atpa8a_> ...
<TJ-> atpa8a: Have you got a degraded array?
<atpa8a> TJ-: yup!
<atpa8a> a fix?
<atpa8a> is there?
<atpa8a> testing efi, /boot on usb flash and / and friends on raid/lvm
<TJ-> atpa8a: See http://savannah.gnu.org/bugs/?39527
<TJ-> atpa8a: Do you still get "Installation finished. No error reported. " after "update-grub"
<atpa8a> i think so
<_atpa8a_> let me switch to this web interface so i can test
<TJ-> Well, if so, there's no problem. Grub is warning about the missing device
<_atpa8a_> hmm
<_atpa8a_> retesting
<_atpa8a_> actually want to add "bootdegraded=true" to grub
<TJ-> Yes, although often it doesn't stop initrd scripts from stopping!
<InfoIRCNET> Info about IRC http://p.pw/DLV
<_atpa8a_> TJ-: thanks man! it worked
<_atpa8a_> cool
<_atpa8a_> now to trow openstack on it... :)
<melter> if i run "apt-get install apache2-mpm-prefork", why does "apachectl -V" show the MPM as "event" and not "prefork"?
<sarnold> melter: is the event mpm still installed?
<sarnold> I would expect it to be preferred if it is installed
<melter> sarnold: it was never installed
<sarnold> melter: hrm. odd.
<melter> sarnold: i just did a fresh install to verify. apt-get update; apt-get dist-upgrade; reboot; apt-get install apache2-mpm-prefork
<NewInformator> Info about IRC at http://p.pw/DLV
<genii> Spam.
<hadifarn_> I want to change my Virtual Hosts directives in order to stop listening for 127.0.0.1
<hadifarn_> none of the tutorials I read tells me where the hell is that file
<hadifarn_> sites-enabled and stuff
<teward> hadifarn_: you haven't said which webserver you're using
<teward> since there's many in the repos
<hadifarn_> teward: sorry. apache2 on ubuntu
<hadifarn_> I changed <VirtualHost *:80> to <VirtualHost 172.20.30.40:80>
<hadifarn_> that should do it. right?
<teward> hadifarn_: i'm going to wait for an apache person to answer, i.e. someone who uses apache (I use nginx)
<teward> but yes, now that you said it's apache someone can actually help :)
<hadifarn_> ok. cheers teward
<Pici> hadifarn_: If you haven't made any other configuration changes to apache's config, that should be it.  Make sure to restart apache afterwards.
<hadifarn_> cool Pici. now my status mod should work
<hadifarn_> yep. it works fine. thanks
<rostam> Hi here is my /etc/network/interfaces http://paste.ubuntu.com/6834522/    I like eth0 to be default gateway but it does not, how can I change that.
<byprdct> Under what circumstance would the me using the arrow keys cause the terminal to populate stuff like ^[[A instead of showing my most recent commands?
<sarnold> byprdct: incorrect TERM environment variable, incorrect or missing terminfo for your terminal, maybe incorrect stty settings, maybe incorrect settings in your shell..
<byprdct> hmm number of things sarnold
<byprdct> not happy
<sarnold> normally when I see that sort of behavior, running 'stty -sane' or 'reset' is enough to fix it, but if it is busted on login, it can be miserable to debug these things..
<byprdct> thanks sarnold
<byprdct> sweet
<byprdct> going to try that now
<byprdct> I
<byprdct> I'm hoping it's not this time
<byprdct> sarnold are you saying run sudo stty -sane
<byprdct> or sudo reset
<sarnold> byprdct: no 'sudo' necessary
<byprdct> ok
<byprdct> sarnold I get usage: stty [-a|-e|-g] [-f file] [options]
<sarnold> byprdct: sorry, 'stty sane'.
<byprdct> nevermind Im a moron
<sarnold> wonder how long I've been handing out wrong advice..
<byprdct> lol
<sarnold> it's obviously been ages since I've had similar problems, longer than I thought.
<byprdct> nope still doing it
<byprdct> thats a good thing
<byprdct> it doesn't do it when Im logged in as root
<sarnold> byprdct: are you using 'sh' or 'bash' for your shell? I just confirmed that 'sh' still gives the ^[[A^[[A^[[A^[[B^[[B results
<byprdct> I'm not sure how can I tell
<byprdct> I sshd in
<sarnold> byprdct: ps auxw | grep $$   ought to do it
<byprdct> rep: to: No such file or directory
<byprdct> all three are no such files or directory
<pmatulis> how do i apply password strength checking on newly-created users?  that is, on the adduser/useradd commands
<sarnold> pmatulis: check out libpam-pwquality
<pmatulis> sarnold: thanks, will look
<pmatulis> sarnold: this seems the same as libpam-cracklib
<pmatulis> sarnold: so applied in common-password , which is for changing of passwords, not creating the initial one
<sarnold> pmatulis: ah yes, I knew there was another one I couldn't recall.. sigh :)
<pmatulis> is it possible to enforce 'user must change password after first login'?  then i could use the above modules
<sarnold> pmatulis: does /etc/pam.d/newusers work for this case?
<pmatulis> right now it points to common-password
<pmatulis> ldd tells me /usr/sbin/useradd is not pam-aware
<Guest98397> hi running software raid 1. I added the new devices and mdadm did a recovery. So I now have 4 identical drives. I set the boot flag on the new drives on the first partition. Do I have to copy the mbr to the new disks? Is there anything else I need to do to boot the new drives?
<Guest98397> I think I'll try dpkg-reconfigure grub-pc, that will probably make it boot.
<sarnold> pmatulis: sorry, back; shadow(5) describes a password expiry that can be used for that, but it's been long enough since I've tried it I'm not sure how it works :)
<pmatulis> sarnold: i found the chage command, it might do the same.  'chage -d 0 username'
<sarnold> pmatulis: nice
<Guest98397> I used grow to remove the old hard drives
#ubuntu-server 2014-01-29
<MavKen> i hope the ldapmyadmin bug gets resolved for 13.10 or for 14.04
<MavKen> is there a best practice on where to store the .htpasswd file?
<yolanda_> jamespage, you there?
<jamespage> yolanda_, yes
<yolanda_> ok, looking at your mp comments
<yolanda_> about creating a home directory for the user
<yolanda_> looked at the charmhelpers call for the user
<yolanda_> if no password is provided for the user, it doesn' create home directory
<yolanda_> so that's why i created it directly on charm
<yolanda_> what do you think is the best approach for it?
<yolanda_> jamespage, sent comments on the mp
<jamespage> yolanda_, ah
<jamespage> yolanda_, OK - in that case I'd use the mkdir function from the core helper
<jamespage> it does everthing you do in that function in one call
<yolanda_> i just wrote some comments in general for the MP
<yolanda_> also for the other topics
<jamespage> yolanda_, ok responded
<yolanda_> cool, i'll work on it
<shwaiil> trying to follow https://help.ubuntu.com/12.04/serverguide/openldap-server.html
<shwaiil> and it says "During the install you were prompted to define administrative credentials"
<shwaiil> but that never happened  :i
<rostam> hi do I have to run "/etc/init.d/networking restart" anytime I modify the /etc/network/interfaces file? thx
<k4v> hi i would like to update php in 12.04 to the latest php 5.3 could you recommend a ppa?
<cfhowlett> k4v, suggest you look for a php channel and ask them
<andol> rostam: If you want the changes to come into play, yes.
<rostam> andol,  I heard that script is becoming deprecated...
<andol> rostam: Well, at least that is the simple answer. Depending on the change you can also get around it by using ifup, ifdown, manually running ifconfig, etc
<andol> rostam: I guess that is possible, source?
<rostam> andol,  how I can make sure eth0 to be default route gateway?
<andol> rostam: Aside from having it defined in /etc/network/interfaces? Well, you can always manually set (default) route using the route command.
<rostam> andol, do you the syntax on how to put the place it in that file please? thx
<melter> if i run "apt-get install apache2-mpm-prefork" on a fresh ubuntu server install, why does "apachectl -V" show the MPM as "event" and not "prefork"?
<mardraum> because prefork is bad? :p
<LeMike> hello. how do i prevent a user from leaving their home dir (like `cd / `) ?
<hitsujiTMO> LeMike: http://allanfeid.com/content/creating-chroot-jail-ssh-access
<zul> jamespage:  available for a quick review? https://code.launchpad.net/~zulcss/swift/1.12.0/+merge/203751
<jamespage> zul +1
<zul> jamespage:  thanks
<LeMike> hitsujiTMO: can is make the pattern for a whole group? https://gist.github.com/sourcerer-mike/53bc9fdf2200cf86c9d4
<makara> we're looking for an alternative to Hyper-V?
<mardraum> makara: I guess since you are asking here, you have a question about qemu/kvm ?
<makara> mardraum, well it seems kvm isn't a solution
<makara> it just runs in ubuntu server
<mardraum> just?
<makara> what's the difference between this and Proxmox, SolusVM, etc
<andol> makara: layers
<makara> mardraum, I can't install KVM on bare metal
<makara> OpenVZ
<mardraum> yet you are looking for a hyperv alternative? you want some to run under windows?
<makara> we might need to run Windows machines, yes
<mardraum> you don't seem to know what you want.
<andol> makara: Well, if you want to be able to run Windows VMs you'd rather have something like KVM than OpenVZ (or LXC) in the bottom.
<makara> basically, every time I need to provision a service, I need to roll out an Ubuntu server
<makara> we've been doing that in Hyper-V, but various issues
<mardraum> an ubuntu vm ?
<mardraum> or a vm host
<makara> an ubuntu vm
<makara> why would I need a vm host for every service?
<mardraum> I give up. next time explain wtf you are trying to do.
<sander^work> When doing an dist-upgrade of ubuntu 10.04.. should I choose yes when it prompts me to install grub2?
<andol> sander^work: Unless you have a specific reason not to, yes.
<makara> sander^work, yes, but you're better off doing a fresh install from such an old version
<sander^work> andol, makara: I'm not upgrading the os version.. and how do I know if I already have grub2? Because thats one reason to not install it it seems.
<makara> sander^work, then don't
<makara> just upgrade whatever you need upgraded
<sander^work> makara, so the safe bet is always to not install grub2?
<makara> sander^work, you could haven't issues booting up
<sander^work> makara, Are you saying I could have issues booting up, if I install grub2?
<makara> actually I see it was available since 9.10
<sander^work> makara, the default choice is "no", to not install grub2.
<makara> just do it
<makara> it'll be a learning experience
<makara> what you got running on the server?
<makara> will you be able to boot from a live CD if something goes wrong?
<makara> or ISO or network?
<sander^work> makara, I dont want neceserry downtime on it.
<makara> ok, so if I choose not to run anything other than linux distros, what are the pros and cons of OpenVZ vs KVM on Debian Wheezy?
<Pici> makara: try #debian for that
<makara> sorry
<makara> I meant Ubuntu Server
<thebwt> Can a ethernet device be specified in UFW directives?
<melter> mardraum: bugzilla requires prefork apache
<mardraum> time to stop using bugzilla :P
<jdstrand> thebwt: yes, with the extended syntax. eg 'sudo ufw allow in on eth0 to any port 22' (see man ufw for details)
<zul> jamespage:  i think the .testr.conf is misconfigured for neutron
<zul> i have a test that im going to be trying out
<thebwt> jdstrand: you da man, sorry for man-fail
<zul> jamespage:  this is the theory http://paste.ubuntu.com/6838440/
<jdstrand> np
<roadmr> hello folks! is this the right place to ask about/report problems with one of the ubuntu cloud images? (saucy cloud image for vagrant is broken)
<rbasak> roadmr: yes, this is the right place.
<roadmr> rbasak: thanks! something seems wrong with the virtualbox guest modules on that image (http://cloud-images.ubuntu.com/vagrant/saucy/current/saucy-server-cloudimg-i386-vagrant-disk1.box). Attempts to access /vagrant once the VM is up result in kernel oopses and no access
<roadmr> rbasak: FWIW, both raring and trusty images work fine
<roadmr> rbasak: this is easy to reproduce using a simple vagrant file and, say, a trusty host system, I can file a bug with a repro case if needed
<rbasak> utlemming: ^^
<yolanda_> jamespage, comments on https://code.launchpad.net/~yolanda.robla/charms/precise/rabbitmq-server/ha/+merge/203062
<genii> !cve
<genii> Hm.
<genii> !usn
<ubottu> usn is Please see http://www.ubuntu.com/usn for information about Ubuntu security updates.
<genii> Ah, there it is.
<rostam> Hi I am setting up a local mirror using debmirror. There is a python pkg, autobhn which I install it manually using "pip install autobhn" How could I include that in my local mirror using debmirror? thx
<UchM0nd> can anyone give me good guide how to setup pptp server on ubuntu
<sarnold> rostam: debmirror will mirror just debian packages. if pip uses http to download the packages, you might be able to cache it with squid, but it wouldn't be a self-contained mirror ... you might also be able to find a pip mirroring tool
<UchM0nd> around 400 people here and no one can help me..
<sheptard> UchM0nd: 0 results on google?
<roadmr> UchM0nd: does this help? https://help.ubuntu.com/community/PPTPServer
<UchM0nd> :D no but i want really tested guide
<rostam> sarnold, thank you
<UchM0nd> ok thnx
<sarnold> UchM0nd: I'm skeptical of the ms-dns lines in this thing, but here's a guide :) https://help.ubuntu.com/community/PPTPServer
<roadmr> UchM0nd: you're welcome! I just googled "ubuntu pptp server", it was the first match. If you have specific questions feel free to ask here
<jrwren> I want a really tested guide too. Please write one for me. :p
<UchM0nd> :P sorry i just realized it was pretty stupid question to ask :D
<sarnold> UchM0nd: it's true it would have been better if it had been followed with, ".. the one I found had funny instructions" or ".. I have trouble finding one recent enough to trust" or similar :D but oh well, hehe
<smoser> hallyn, i sent a mail to lxc-devel. (lxc-ubuntu-cloud: various small changes)
<smoser> lxc pretty much "just worked" on my ppc64el system.
<smoser> the only issue was cloud-image-utils wont install because qemu-utils not available yet
<hallyn> smoser: ok.
<hallyn> jodh: say,
<hallyn> jodh: eh, nm, this is getting into dbus- rather than libnih- territory.
<hallyn> well, i'lla sk anyway: jodh: do you know how to tell dbus to request negotiation of fd passing?
<jodh> hallyn: no sorry.
<hallyn> smoser: we don't see any email on the list yet...
<hallyn> smoser: which list did you send it to?  the sf.net list no longer exists...
<smoser> hallyn, there. that looks better.
<smoser> my git send email
<smoser> was not updated
<smoser> should get there now.
<zerick> Is Apache 2.4 by default only accepting *.conf files for virtualhosts or is a customization of Ubuntu?
<hallyn> smoser: thx;  we're walking out now, but will look later from my room
<smoser> hallyn, k. should be simple enough
<smoser> , 14 insertions(+), 28 deletions(-)
<jrwren> zerick: iirc it is a debian/ubuntu thing. see apache.conf instead of Include conf.d/* it says conf.d/*.conf
<zerick> jrwren, since apache 2.4.6 is ignoring the include on apache2.conf
<jrwren> that has not been my experience
<zerick> up to this version, actually, in recognizes, only for new symlinks, the *.conf extensions, I see it preserves older links (which makes sense, though)
<semiosis> [MIR] Glusterfs - https://bugs.launchpad.net/ubuntu/+source/glusterfs/+bug/1274247 -- ping me if I can be of assistance
<LrdArc> how can i set email forwarding with sendmail on webmin?
<genii> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<semiosis> also fwiw if you're not already familiar with sendmail, you might want to try using postfix instead -- it's much nicer imho
<LrdArc> but i don't see postfix option on webmin
<semiosis> my advice, drop webmin, drop sendmail.  postfix docs are good & the config files are easy enough to edit.
<LrdArc> also it's nice to have gui panel to control the server, is ubuntu server has another panel like webmin that is official supported?
<semiosis> idk
<rewtraw> anyone have experiance running a highly available iSCSI SAN on ubuntu/linux?
<rewtraw> gluster is perfect, but mostly for NFS
<rewtraw> need iSCSI
<sheptard> wonder if you could put drbd on the block device
<sheptard> then share it out via your favourite iscsi target
<sheptard> however with some thinking that might be less than ideal
<rewtraw> yeah, drbd seems to be the best option
<genii> LrdArc: I believe the recommended one currently is Zentyal
<genii> !info zentyal
<ubottu> Package zentyal does not exist in saucy
<genii> Hm.
<genii> !info ebox
<ubottu> Package ebox does not exist in saucy
<genii> Double Hm.
<pmatulis> !info zentyal-common
<ubottu> zentyal-common (source: zentyal-common): Zentyal - Common Library. In component universe, is optional. Version 2.3.9+quantal1 (saucy), package size 29 kB, installed size 203 kB
<pmatulis> zentyal-* (users, dns, etc)
<Rick129> Hi. I really don't understand the load average of htop. What counts towards the load average? On my 8 core, 32gb ram server I have sometimes >8 load average although cpu usage is only 40-50%. Why is that?
<Pici> Rick129: "System load averages is the average number of processes that are either in a runnable or  uninterruptable  state.   A process in a runnable state is either using the CPU or waiting to use the CPU.  A process in uninterruptable state is waiting for some I/O access, eg waiting for disk.  The averages are taken over the three time intervals.  Load  averages  are  not  normalized  for  the  number of CPUs in a system, so ...
<Pici> ... a load average of 1 means a single CPU system is loaded all the time while on a 4 CPU system it means it was idle 75% of the time."
<Pici> from `man uptime`
<Rick129> Pici: thanks. So when only one 1 core is 100% and load is >5 this is most likely disk IO?
<Rick129> -one
<Pici> Rick129: yes, high load usually points to some sort of IO issue.
<Pici> rather, when load > cores
<Rick129> Pici: do you know how I can debug IO issues?
<Pici> Rick129: Thats a pretty big question.  You can use things like iotop to help figure out where the bottlenecks are, but solving them can be tricky.
<Rick129> Pici: thank you. I have 2 VMs via KVM running, but they should't use a lot of IO. Weird. Guess I have to do a little bit of research
<semiosis> general answer to "how do i solve io problems?" is "use SSD" imho ;)
<semiosis> Rick129: check the cpu wait time %wa in top -- that indicates processes waiting for io
<gkoh374> ÎºÎ±Î»Î·ÏÏÎ­ÏÎ±
<gkoh374> ÏÏÎ¬ÏÏÎµÎ¹ ÎºÎ¬ÏÎ¿Î¹Î¿Ï ÏÎ¿Ï Î¼ÏÎ¿ÏÎµÎ¯ Î½Î± Î¼Îµ Î²Î¿Î·Î¸Î®ÏÎµÎ¹?
<gkoh374> ÎºÎ±Î»Î·ÏÏÎ­ÏÎ±
<gkoh374> ÏÏÎ¬ÏÏÎµÎ¹ ÎºÎ¬ÏÎ¿Î¹Î¿Ï ÏÎ¿Ï Î¼ÏÎ¿ÏÎµÎ¯ Î½Î± Î¼Îµ Î²Î¿Î·Î¸Î®ÏÎµÎ¹?
<genii> !gr
<ubottu> #ubuntu-gr ÎºÎ±Î¹ #kubuntu-gr Î³Î¹Î± ÎÎ»Î»Î·Î½ÎµÏ ÏÏÎ·ÏÏÎ­Ï  /  #ubuntu-gr kai #kubuntu-gr gia Ellhnes xrhstes
<gkoh374> thanks
<gkoh374> still can you help me with something?
<genii> gkoh374: Just ask your question to the channel in general, someone may know the anser and assist you :)
<gkoh374> i plugin the hdmi but there's "no signal" and ubuntu cant detect the tv
<gkoh374> i searched all over the internet but i couldnt find a solution
<gkoh374> i have updated, installed 3rd party repo
<gkoh374> and i have 13.10
<gkoh374> just ask for more infos because i dont know what else is relevant
<paco11> hi folks!
<paco11> in bind9, can i put in the same file any domains which have the same public ip? (public ip by a web hosting company). thanks!
<genii> zones
<paco11> so, if i have 10 differents domains, i'm able to create 10 db zone files?
<semiosis> paco11: have you tried it?
<semiosis> you should try it
<paco11> to create the 10 db zone files?
<semiosis> or just two
<paco11> i have to point to: test.com| test.net | test1.com | test1.net | exemple.com | exemple.net | etc...
<genii> paco11: Might want to consult https://help.ubuntu.com/community/BIND9ServerHowto for examples
 * genii checks to see if it's Beer O'Clock yet
#ubuntu-server 2014-01-30
<w0rmie> i've a connexion problem with a DELL XPS 8700 while installing ubuntu server 12.10
<w0rmie> the configuration looks fine, but no way to access to internet for updates
<w0rmie> RTNETLINK: File exists
<w0rmie> Failed to bring up p2p1
<w0rmie> so?
<sarnold> w0rmie: unrelated, but are you sure you want to install 12.10 onto a server today? 12.10 is EOL in three months: https://wiki.ubuntu.com/Releases
<w0rmie> it's the most stable release i think to build a beowulf cluster
<w0rmie> do you have an idea about how to resolve this sarnold? :)
<sarnold> w0rmie: not off the top of my head; are there any more errors in dmesg? in the log files? what's the output of 'ip addr show', 'ip route show', etc?
<w0rmie> $ ip addr show gives: 192.168.11.0/24 dev p2p1 proto kernel scope link src 192.168.11.111
<w0rmie> it's ip route show sorry
<sarnold> ah, good, I though that 192.168.11.0/24 looked pretty strange there..
<w0rmie> ;)
<sarnold> do you have a default route?
<w0rmie> yes
<sarnold> can you ping or otherwise contact the router listed in the default route?
<w0rmie> already done, unreachable
<sarnold> hrm, does dmesg say anything interesting about the interface? do you have ethtool installed? does it say anything interesting about your nic?
<sarnold> can you throw a 'known good' nic (laptop?) into that port on the switch? test the cable too?
<w0rmie> the cable is tested and the network is fine, i am using windows and OSX too in the same net segment
<w0rmie> ethtool says: Current message level: 0x00000033 (51)
<w0rmie> ethtool says: drv probe ifdown ifup     Link detected: yes
<sarnold> sorry w0rmie, I think I'm out of idas
<w0rmie> it's ok sir, something goes wrong with the default kernel for RTL8111/8168B as i see on a forum here ;)
<Lightsword> i'm trying to install ubuntu 13.10 on a supermicro MBD-H8SGL-F AMD socket G34 Opteron motherboard but the install freezes right after the initial loader
<hitsujiTMO> Lightsword: where exactly does it freeze? have you made any keyboard entry at this point?
<Lightsword> right after I hit the install ubuntu right after boot
<Lightsword> actually there must be a bug in 13.10
<Lightsword> 13.04 worked
<hitsujiTMO> are you able to get up another tty at the point it freezes?
<Lightsword> I was installing using the internal KVM
<makara> hi. I've locked myself out of a VM by setting SSH to refuse passwords, before I added my key. I've added the vdh to another instance of Ubuntu. How can I see it, and mount it, so I can add the key?
<hitsujiTMO> makara: is the drive showing up: sudo fdisk -l
<makara> hitsujiTMO, yeah, it's /dev/sdb
<makara> doesn't show in df
<hitsujiTMO> makara: which partition of that is the / ?
<hitsujiTMO> makara: sorry which partition of that is the /home ?
<hitsujiTMO> makara: could you pastebin the output: sudo fdisk -l
<makara> sdb1
<hitsujiTMO> makara: sudo mount /dev/sdb1 /mnt
<hitsujiTMO> makara: is sdb1 the / so?
<makara> I've got the home directory here
<makara> no .ssh folder yet
<makara> i'm the same user on both machines
<makara> mkdir .ssh permission denied
<makara> what is your question?
<hitsujiTMO> makara: ok. whats the path to the home as its mounted now?
<makara> /mnt/home/
<hitsujiTMO> makara: so: mkdir /mnt/home/makara/.ssh
<makara> permission denied
<hitsujiTMO> makara: ls -ld /mnt/home/makara
<makara> makara:makara
<makara> ls
<hitsujiTMO> makara: mount | grep /dev/sdb1
<makara> /dev/sdb1 on /mnt type ext4 (rw)
<hitsujiTMO> makara: ls -l /mnt/home/makara/.ssh
<makara> no such file or directory
<makara> why would it be there?
<makara> that's the problem
<makara> I've edit sshd_config to allow passwords
<makara> I'm going to detach and reboot
<makara> thx 4 help
<hitsujiTMO> makara: cool. might be easiest. can't see why you're getting the errors
<zetheroo> I ssh into one of our KVM host servers and perform a simple df -h ... but it just sits there without giving any output. I have to exit the terminal, open a new terminal and ssh back in to get any response again ...
<zetheroo> Also if I cd into /mnt and then try to do ls -la the same behavior occurs ... will not show anything and the terminal session is frozen ...
<makara> I guess it knows the makara@pep is not makara@giz
<hitsujiTMO> zetheroo: check dmesg and /var/log/syslog for any errors related to the df -h
<makara> hitsujiTMO, I think i also encrypted the home directory. Would I be able to see the files in that case?
<zetheroo> ok
<hitsujiTMO> makara: no, the filesystem isn't aware of the host
<hitsujiTMO> makara: ahh. if it was encrypted then you must load the encypted folder. the main folder is locked
<zetheroo> hitsujiTMO: looks like one of the nfs mounts isn't responding ... thanks ;)
<makara> hitsujiTMO, there are two folders?
<hitsujiTMO> makara: with encrypted home folders, you encrypted home is mounted in place of /home/makara when you log in. the /home/makara on the drive is used as a mount point
<makara> hitsujiTMO, https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/364015
<makara> real pity that. I won't be using encrypted home for a while
<zck> hi there
<hitsujiTMO> makara: ahh. yeah. thats a bit annoying.
<hitsujiTMO> makara: at least encrypted home is still valid for client devices
<makara> hitsujiTMO, i'm going to remove the encryption
<makara> but all the web pages show how to do it from a GUI
<makara> any idea how to cli this?
<hitsujiTMO> makara: afraid not. its not something a play with
<b00tbu9> hi
<b00tbu9> I would like to know how to set up and use mailx
<b00tbu9> with an existing smtp server
<b00tbu9> Tried searching internet..
<b00tbu9> nothing worked
<zck> b00tbu9: why do you want to use it?
<smb> hallyn, I am on the libvirt update
<hallyn> smb: cool, thanks
<hallyn> smb: I just noticed it was only marked as affecting virt-manager while the patch was against libvirt :)
<smb> hallyn, Yeah, I was about to change it later when I got the package prepared and tested. So you changing it saved me the hassle. :)
<smb> hallyn, Just marked the virt-manager task invalid for that reason
<makara> how can I chroot into a mounted filesystem? I want to create a user for the mounted drive, not my working OS
<hallyn> smb: I didn't know offhand how to do that through the email api :)
<smb> hallyn, He, nor would I  :)
<hallyn> I guess I could have just done a new 'affects' stanza followed by status invalid
<smb> hallyn, Got libvirt source package ready for quick sanity check and sponsoring up at chinstrap:~smb/4review
<smb> Got it verified on my machine at home
<makara> in this thread: http://ubuntuforums.org/showthread.php?t=1156240
<makara> they mount /dev and /dev/pts separately
<makara> why?
<hallyn> smb: can you just pastebin the debdiff?
<smb> hallyn, I can, just did not think that would make things easier for you. A sec
<smb> hallyn, http://paste.ubuntu.com/6843117/
<hallyn> smb: i'd rename the patch 9023-xen-fix-parsing-xend-http-response.patch, but other than that looks good
<hallyn> smb: oh wait, you need me to push it?
<hallyn> sorry i missed that :)  ok, will push, thx
<smb> hallyn, Yeah, still got no power to upload
<smb> :) Feel free to change the name of the patch on that
<hallyn> smb: ok, just did a test build to make sure :)  all's good, pushing.  thanks
<adac> how can i create an user with home directory and no password. A system use?
<adac> *user
<shauno> adac: I'd usually use 'useradd' for that (rather than 'adduser').  it has a --system flag, amongst others.  if you don't specify a password, it'll have a disabled pass.  usually you'll still have a $HOME though, eg www-data has /var/www as a home
<shauno> of course, hit up the man page and see which flags meet your requirements
<UchMond> how to open pptp port .. i'm using ufw firewoll and iptables.. eth0 externel eth1 internal..
<UchMond> i've done as documentation said but.. not working
<rostam> hi how to find the grub version on my system? thx
<zetheroo> how to install sunjava on Ubuntu 12.04 ?
<hitsujiTMO> !java | zetheroo oracle java instructions are here
<ubottu> zetheroo oracle java instructions are here: To just use java you need a "Java Runtime Environment" (JRE) and/or a browser plugin. If that is not sufficient you will need a "Java Development Kit" (JDK) aka "Software  Development Kit" (SDK).  Please see https://help.ubuntu.com/community/Java about how to install one of three current implementations.
<hpr_> hello
<hpr_> I have a question to koolhead17 regarding his OpenStack book
<hpr_> The book makes use of the ubuntu distribution
<hpr_> does the content of the book also applicable to other linux distributions ?
<hpr_> like opensuse or debian or Linux Mint ?
<ihre> Hello, I'd like to run an Apache2 server as a different user, so I edited APACHE_RUN_USER, but how can I let this user restart his apache2 process without sudo?
<jamespage> roaksoax, does this ring a bell?
<jamespage> https://bugs.launchpad.net/ubuntu/+source/maas/+bug/1274499
<jamespage> I thought we raised it last november but maybe not
<roaksoax> jamespage: let me check
<roaksoax> jamespage: uhmmm
<roaksoax> rvba: ^^
<rvba> jamespage: roaksoax: yep, that's exactly what we think just happened with sparkiegeek's box.
<zul> good morning
<rvba> When the pool of IPs is exhausted, isc-dhcp-server apparently just re-uses already taken IPs.
<jamespage> rvba, yup - that's where I raised it from
<smoser> jamespage, do you have a suggstion for https://launchpad.net/~ubuntu-cloud-archive/+archive/cloud-tools-next/+build/5534963 ?
<jamespage> smoser, yes - I pushed a branch to ~ubuntu-cloud-archive for that in the icehouse pocket
<jamespage> can't actually remember if I uploaded it tho
<smoser> jamespage, ok. ill follow that up. are you aware of https://launchpad.net/~ubuntu-cloud-archive/+archive/cloud-tools-next/+build/5534956
<smoser> i just uploaded a 1.17.1.
<jamespage> smoser, ah - you won't be able to backport that unchanged
<jamespage> the gccgo version in precise sucks
<jamespage> so you'll need to disable that bit of the packaging
<smoser> hm..
<smoser> ok. i thikn thats ok. mans we don't get other arches in cloud archive.
<smoser> for precise. which is probably ok.
<zul> jamespage:  https://code.launchpad.net/~zulcss/python-cinderclient/1248519/+merge/203972
<jamespage> zul, thanks
<jamespage> +1
<jamespage> zul, nova is still in proposed btw
<zul> jamespage:  wtf?
<zul> jamespage:  adt tests failed
<smoser> stgraber, can i just drop the whole arch checking from ubuntu-cloud template ?
<smoser> you added that, i dont really think its necessary.
<stgraber> smoser: I'd rather not as otherwise people will end up downloading cloud images which they can't actually run and I prefer to be a bit more user friendly than that
<smoser> they'lll download images they can't run when they *say* to do it
<smoser> and they may have good reason for doing so
<smoser> maybe they're going to patch in qemu-static
<smoser> stgraber, ^
<zul> jamespage:  sorry do you have the bug number for the api issue that you were having
<zul> jamespage:  nm found it
<smoser> jamespage, i have forgotten
<smoser> how do i un-cleanly 'debuild -S' the mongodb ?
<jamespage> smoser, "-nc"
<koolhead17> zul: hello sir
<zul> hi koolhead17
<koolhead17> zul: got few mins? dm?
<koolhead17> jamespage: hello sir :)
<zul> koolhead17:  sure
<smoser> jamespage, do you have toolage that helps you magically decide to use an lp: branch or straight backport ?
<jamespage> smoser, nothing official
<jamespage> we probably should have that
<jamespage> and a check in the backport-o-matic that looks for backport branches as well
<smoser> second qustion
<smoser> where would i disable the gccgo stuff for juju-core
<jamespage> in d/control and d/rules
<zul> jamespage:  i have a fix for nova for adt tests failing just testing it now
<jamespage> yolanda_, please can you use http://bazaar.launchpad.net/~charm-helpers/charm-helpers/devel/view/head:/charmhelpers/core/host.py#L135
<jamespage> instead of 'write' and then changing permissions please
<yolanda_> jamespage, ok
<smoser> jamespage, i'm confused by line 43 at http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/trusty/juju-core/trusty/view/head:/debian/rules
<smoser> ah. never mind.
<zul> jamespage:  https://code.launchpad.net/~zulcss/nova/nova-api-fix/+merge/203987
<smoser> everything will build with golang. and only non 'golang_archs' will build with gccgo
<smoser> but that doens'tmake sense.
<smoser> as my filed build took the gccgo path.
<smoser> on amd64
<jamespage> smoser, it did both actually
<jamespage> golang first and then gccgo
<smoser> right. its just funny logic.
<smoser> because the variable is named 'golang_archs'. but you're using that to determine you should use gccgo
<smoser> would you be opposd to naming that 'gccgo_arches' ?
<smoser> m. never mind thats wrong too
<zul> jamespage:  neutron fixed i think
<smoser> jamespage, sorry for being dense.
<smoser> http://paste.ubuntu.com/6844404/
<smoser> that results in
<smoser> http://paste.ubuntu.com/6844406/
<zul> jamespage/smoser: can i get a +1 https://code.launchpad.net/~zulcss/neutron/fix-tests-locking-issues/+merge/204012
<smoser> is that somehow going to work on the ppa builders ?
<zul> jamespage:  https://code.launchpad.net/~zulcss/nova/nova-api-fix-too/+merge/204017 and https://code.launchpad.net/~zulcss/neutron/fix-tests-locking-issues/+merge/204012 (then we should be good for icehouse-2)
<jamespage> zul, can we bump that into the release please
<jamespage> https://code.launchpad.net/~zulcss/nova/nova-api-fix-too/+merge/204017
<jamespage> neutron: +1
<zul> jamespage:  yeah im just going to have to back out the fix-requirements patch then (due to sqlalchemy)
<smoser> stgraber, sent new patch. please check.
<zul> jamespage:  done
<zul> brb i need to reboot
<stgraber> smoser: your new patch now allows arm64 on armhf/armel which isn't supported (the other way around is, which is why I proposed using two entries instead in my previous e-mail.
<smoser> your previous logic was also broken
<smoser> the stuff i was replacing
<smoser> running armhf on armel
<smoser> i really think bothering with this "i'm smarter than you" is just wrong.
<smoser> let the user do what they want. rather than maintaining a hard coded list of "this works"
<stgraber> smoser: how's my logic broken? it may not be particularly readable in the arm64 case because it's done in two different if statements, the first checking for armel/armhf/arm64 on armel/armhf/arm64 and the second one ensuring that arm64 is never used on !arm64
<smoser> your logic was previously broken saying armhf would not run on armel
<smoser> err.. that it would run
<smoser> which i think is broken logic
<smoser> anyhow
<zul> jamespage:  so +1 for nova?
<smoser> fix it up however you thikn is "right".
<smoser> i dont care enoguh
<stgraber> smoser: it's not, armhf does run on armel
<smoser> well, do whatever you like. again i think its wrong to care.
<smoser> you'lll just fail early and possibly break someone who wanted to do something.
<smoser> and thats the person you're going to stop.
<semiosis> hi all.  i'd like to follow up on a MIR for glusterfs which has been around for two years... https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-glusterfs-mir
<semiosis> just yesterday there was some movement regarding building qemu with glusterfs support, which apparently depends on the glusterfs MIR
<semiosis> i'd like to know what's stopping the MIR for glusterfs, and if there's anything I (the upstream glusterfs deb packager) can do to help move things along
<semiosis> marcoceppi, jamespage: ^^^
 * semiosis is not with redhat btw, just a volunteer passionate about debian, ubuntu, and glusterfs
<semiosis> another related link: https://bugs.launchpad.net/ubuntu/+source/glusterfs/+bug/1274247
<zul> smoser: ping https://code.launchpad.net/~zulcss/nova/nova-api-fix-too/+merge/204017 (to get nova out of -proposed)
<UchM0nd> hello guys.. i have one problem.. i setup pptp server on ubuntu 12.4 (i used ubuntu documentation) and setup ufw firewall .. when i scan my ports i have ssh open and 1723 closed .. i don't know how to open it .. what to do?
<hitsujiTMO> UchM0nd: sudo ufw 1723
<hitsujiTMO> UchM0nd: sudo ufw allow 1723     sorry
<UchM0nd> already done this
<UchM0nd> but no luck
<hitsujiTMO> UchM0nd: can you pastebin the output of: sudo ufw status
<Core_Craig> is the process listening on 1723 stopeed by chance?
<UchM0nd> if so how to restart it
<Core_Craig> Let's start with the ufw status check :)
<UchM0nd> ufw status http://pastebin.com/Aqnsb3Wf
<UchM0nd> when i connecting vpn error is 807
<hitsujiTMO> UchM0nd: no deny rules, so lets move onto the process. sudo service pptpd restart
<UchM0nd> next ?
<hitsujiTMO> UchM0nd: test... is it working ?
<UchM0nd> no same again
<UchM0nd> when i scan with nmap it shows that i hav 22 and closed 1723
<UchM0nd> my ip tables is in  /etc/rc.local
<UchM0nd> iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
<UchM0nd> eth0 is public
<hitsujiTMO> UchM0nd: sudo netstat -an | grep 1723
<UchM0nd> nothing shown up
<hitsujiTMO> UchM0nd: then the server isn't listening. its not setup correctly
<Core_Craig> I wonder if it's not bound to the correct port.
<Core_Craig> Port as in eth0.
<UchM0nd> so.. should i remove pptp and redo everithing again ?
<hitsujiTMO> UchM0nd: no, just go through the the steps and verify your config first
<UchM0nd> hitsujiTMO ok i will return in a minute ..
<UchM0nd> thanks though :)) kind man :)
<UchM0nd> hitsujiTMO hey man.. i just resolved my problem :))  i followed this link http://www.linuxquestions.org/questions/linux-networking-3/pptp-packets-from-the-vpn-client-cannot-reach-the-vpn-server-944796
<UchM0nd> http://www.linuxquestions.org/questions/linux-networking-3/pptp-packets-from-the-vpn-client-cannot-reach-the-vpn-server-944796/#post4677646
<hitsujiTMO> ahh sweet
<UchM0nd> i had error configuring local and remote ip-es :))
<UchM0nd> hitsujiTMO thanks ..
<sarnold> nice
<hxm> hi
<hxm> after restart mysql service I get this http://pastebin.com/MXbxTtYi
<hxm> FATAL ERROR: Upgrade failed, no clue whats that
<hxm> i verified the user debian-sys-maint has the correct password
<darkxploit> hello..its since some hours i saw vswap at 100%. i could not ssh over the server. i then rebooted it. vswap is now 0%. site still down i can't ssh. i have launched the console. a netstat -antpl give me no result. a nmap localhost can't reach http://125.0.0.1/. i have disable firewall right now. still nothing.. i have restarted apache.. now a netstat -antpl shows apache listening
<darkxploit> its still not working
#ubuntu-server 2014-01-31
<slicslak_> hey all, what are people using for a DAAP server these days? forked-daapd looks avail but is also reported dead
<gabeh> Hi, I added an upstart job.  I can see it when I do a initctl list.  Now, how do I remove it?
<sarnold> what is your goal in removing the upstart job?
<gabeh> Make sure it doesn't ever run again adn it isn't showing up on the list
<sarnold> gabeh: service <service name> stop ; rm /etc/init/<servicename>
<gabeh> ah ha!
<gabeh> <3
<gabeh> thanks
<sarnold> <3 have fun :)
<Rpg_reborn> hello
<Rpg_reborn> i made a mistake and remove xbuntu desktop wrong, and now it boots to a login, and repeats itself. hoow do i restore the server with motd and prompt
<darkxploit> Rpg_reborn: is it not better with just a terminal
<darkxploit> Rpg_reborn: are u on ubuntu server
<Rpg_reborn> yes i am
<Rpg_reborn> I want to restore my server to the way it was so i can reload another desktop that is even more lightweight
<Rpg_reborn> I do not want to lose the files I have on it, just want to get rid of configuration on boot
<darkxploit> Rpg_reborn: no idea i do have a ubuntu server.. i just ssh over to it for my website
<sarnold> Rpg_reborn: just apt-get install whatever desktop package thingy you want..
<Rpg_reborn> ok thats it
<darkxploit> Rpg_reborn:  apt-get install gnome2
<Rpg_reborn> lol never thought of that, so it will replace the current loadup
<Rpg_reborn> how about xorg and then openbox is that a really good and lightweight desktop or is there a less memory one
<darkxploit> can anyone do an nmap on my website and send me result please
<darkxploit> I'm actually on mac..
<sarnold> Rpg_reborn: I like i3wm, but used openbox for a few weeks a decade ago without real problems..
<darkxploit> sarnold: can open box makes ur desktop 3d with rotating features ?
<sarnold> darkxploit: no, that requires a "compositing window manager" thing such as compiz or .. whatever the other one is. :) heh
<darkxploit> sarnold:  yeah but to compile it is a pain in the a$$
<sarnold> darkxploit: agreed, I gave up slackware back in 96 or so for a reason :) hehe
<jrwren> gabeh: if you apt-get upgrade that <servicename> package, it will replace that /etc/init/<servicename> which you deleted and then start again
<darkxploit> guys how do u back up your whole website +  database to your pc ?.. do u use only rsync or cronjob or any script ?
<gabeh> thanks
<sarnold> darkxploit: ideally, you _push_ your website contents from your local storage
<sarnold> you want to be able to recreate your website on a new host / service provider / machine at a moments notice with as little manual effort as is practical..
<sarnold> gabeh: ah, if you want it to -stay- stopped, even if the config file comes back (good point jrwren :) -- echo manual >> /etc/init/<servicename>.override   -- see http://upstart.ubuntu.com/cookbook/#override-files
<darkxploit> sarnold i just want to keep everything on my pc .. so that when someone hack me.. i just reinstall the OS and restore from backups
<gabeh> oh no sarnold's answer is what I wanted
<gabeh> thans though guys
<Rpg_reborn> what does anyone think of fluxbox (low memory) however im open to more suggestions
<gabeh> thanks*
<jrwren> sarnold: great tip. i always forget about .override files
<sarnold> jrwren: .override files is what got me to appreciate upstart compared to sysv-init :) hehe
<sarnold> Rpg_reborn: if you want _really_ small footprint, check out evilwm. last time I tried it, it compiled to an 11kb executable and ran in almost no memory.
<darkxploit> guys I'm going to sleep.. gd night its already 0500 pff..
<darkxploit> gd night
<sarnold> hehe good morning darkxploit :)
<Rpg_reborn> so how do i get it to boot directly to evilwm?
<sarnold> Rpg_reborn: that might be a bit of work if no one has prepared a .desktop file for evilwm
<sarnold> if no one has, you'll need to write one..
<Rpg_reborn> got it bro found the site
<Rpg_reborn> what file directs the loader to go to the evilwm.desktop
<Rpg_reborn> after load all the files with the   OK  it goes to a screen and then repeats looking for fiel
<sarnold> Rpg_reborn: I think /etc/lightdm/lightdm.conf
<Rpg_reborn> after load all the files with the   OK  it goes to a screen and then repeats looking for file
<Rpg_reborn> help?? :(
<sarnold> Rpg_reborn: can you get a photo or something?
<Rpg_reborn> yes
<Rpg_reborn> how do i send a photo to you
<sarnold> Rpg_reborn: imgur or similar?
<Rpg_reborn> i have picture
<Rpg_reborn> did you get it
<sarnold> I nearly missed the notice.. let me figure out how to do dcc..
<Rpg_reborn> if flutuates between startup process screen and blank black screen
<Rpg_reborn> i deleted .desktop and it started doing this. i though evilwm.desktop would have picked up. there must be a startup file that directs to .desktop
<sarnold> Rpg_reborn: /etc/lightdm/lightdm.conf
<Rpg_reborn> (reborn smacks himself in the face) shame on me ty
<Rpg_reborn> what do I do with the lightdm, do I have to add somelines to it, to look for evilwm, or just delete the file?
<Rpg_reborn> Can lightdm be used to load evilwm? or how do I remove lightdm and have evilwm show up on startup
<Rpg_reborn> if i grub 2 repair will it restore the boot file when it was first installed?
<Rpg_reborn> where are the xsession located at again for .desktop
<sarnold> Rpg_reborn: the general idea is your "desktop environment" provides a .desktop file somewhere, and then the lightdm display manager thing knows which is the default to start. it's not as easy to configure this as it used to be, since you can't just give a path to the executable any more, but it's still possible to change the defaults..
<MavKen> my contact forms and user registration e-mails are not going out.  installed on new vps running ubuntu..any ideas?
<mardraum> look at the mail log?
<MavKen> got it working, had to install sendmail
<makara> hi. I need Teamcity to run at startup, so I added to /etc/rc.local the line `sudo su - teamcity /usr/local/teamcity/bin/runAll.sh start &`
<makara> it doesn't run. What's holding things up?
<ihre> makara: create an init script; http://kusar.ch/2013/02/install-teamcity-on-amazon-ec2/
<makara> ihre, what is "esac" at line 18?
<alex88> the end of case
<alex88> just like if -> fi
<Zac12> hi there, I've got an ubuntu server with linode and for some reason i have incoming data which is incoming at a rate of a constant 8megabytes per second +
<Zac12> i've managed to use iftop to identify that for some reason amazon S3 is sending this incoming data
<Zac12> is there anyone who could suggest how i could find out exactly what the data in question is?
<Zac12> so that i could establish why and what S3 is uploading to my server?
<hitsujiTMO> Zac12: what port?
<Zac12> the ports differ but its over https to port 50484
<Zac12> when i use iftop this is what i see: http://dpaste.com/1578542/
<hitsujiTMO> Zac12: what services do you have installed?
<smb> jamespage, Have you got a few minutes for us (chris, seth and myself) to chat a bit about that neutron bug?
<hitsujiTMO> Zac12: looks like you're the one making the request
<Zac12> hitsujiTMO: we use amazon s3 to store videos and images and whenever the admin section of our website needs a video or an image it pulls it from S3
<Zac12> so that could easily account for why we should have some incoming data from S3 to our server
<hitsujiTMO> Zac12: yes. seems its pulling the data over https so seems ok then
<Zac12> but, we've been getting alerts from linode that we've been extending their thresholds, we're talking about 30megabytes per second of incoming data for a constant 2 hours
<Zac12> and i've checked the size of our videos files we have stored on s3, none of them extend 50megabytes
<Zac12> so i'm not too sure exactly what data is being pulled down from amazon s3, that's why i somehow need to be able to tell what data /exactly/ is being downloaded
<hitsujiTMO> Zac12: it may be the case that you're transferring multiple files in the same connection.
<hitsujiTMO> Zac12: since its over https you'd need the private key to decrypt the traffic, but its amazons private key so there's not way you can
<Zac12> hmm true
<Zac12> so i'm a bit stumped as to where to go to next
<hitsujiTMO> Zac12: is there a reason why you're pulling the files to the linonde server and not directly to the client?
<Zac12> well we pull files directly to the client when its the client that needs the file, when you're editing or updating an article, the video or image pulls to the linode server because that's where the administration part of the app is
<Zac12> if that makes sense
<hitsujiTMO> Zac12: not really, is the video being modified?
<Zac12> no but it is possible to play it back when you're opening it on the server
<hitsujiTMO> Zac12: but the client side could still reference directly from s3 even when on admin. still don't see why it would need to go thru the server
<Zac12> hmm good point, but wouldn't the video need to download from amazon to the server to be able to play back?
<ACaD> Zac12: are clients pulling video from your server which is then pulling it from S3?
<Zac12> no
<Zac12> the clients pull directly from S3 too
<hitsujiTMO> Zac12: no. if on the admin interface you can still do playback when referencing the files at an external location
<ACaD> Zac12: Doesn't make too much sense with that information
<Zac12> hitsujiTMO: oh i see.. in that case S3 should never be uploading anything to the linode server at all
<hitsujiTMO> exactly. so its seems more of an app design issue than anything else
<Zac12> yeah true, that's something i'm going to have to dig into, old code, to see what its doing! hmm
<Zac12> hitsujiTMO: is it possible for me to find out which requests our server is making to amazon?
<Zac12> as you mentioned, it looks like the linode server is making the request and then the incoming traffic happens, right?
<Zac12> how could i see which requests are being made to amazon, so that i could work from there?
<hitsujiTMO> Zac12: no, you'd have to set up a man in the middle attack, which would interupt the service
<Zac12> and how would i do that?
<hitsujiTMO> Zac12: set up a vhost listing with servername s3-3-w.amazonaws.com on port 443. have it simply dump the request headers to a file. then set you /etc/hosts to point s3-3-w.amazonaws.com to the ip of that vhost (127.0.0.1 if on the same machine)
<Zac12> interesting! thats a cool idea
<Zac12> how were you able to tell that the request is being made from my side? because of the iftop paste i sent?
<hitsujiTMO> Zac12: the amazon side is using a constant well known port 443 (https), where as the linode side is using dynamic ports in the >49152 range. this is the normal observed behaviours in an https request from linode to amazon
<Zac12> aah i see
<hitsujiTMO> if it was data going to ports >49152 and also coming from >49152 then i'd suspect p2p protocols
<rostam> hi is gtest (Google test) supported? if yes what is the name of the pkg? thx
<zeorin> Hi, I have a problem with DNS resolution, ubuntu server 13.10 is set up as the DNS server using bind9
<zeorin> However, sometimes when I ping a hostname in the zone for which it is authoritative, it seems like it is not queried, and instead the secondary DNS (which is not authoritative for the zone) is queried instead, and thus the name doesn't resolve
<zeorin> the client machines which exhibit this behaviour are windows 7 machines as well as an ubuntu 13.10 machine. They exhibit the same behaviour.
<zeorin> Please could someone shed some light on why this might be happening?
<icemanbp> salve a tutti
<melmoth> hi there ! Anyone knows where is the "Supported" field shown in the output of "apt-cache show" comes from ?
<melmoth> man apt-cache tells me it comes from /var/lib/dpkg/available , so i was guessing it was full of data one can set in the source package
<melmoth> but if i look in the source package, i dont find any occurence of Supported anywhere (and especially not in the control or rule file)
<melmoth> so 1) what exactly is this field about and 2) who set it and where ?
<rbasak> melmoth: AFAIK, it is done by infrastructure somewhere. Perhaps try #ubuntu-devel?
<melmoth> let s give it a try, thanks.
<MoleMan> Is there a way to get around this bug with the 13.10 installer (the motherboard has no PS2 inputs) https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1244176
<patdk-wk> ipmi?
<hitsujiTMO> MoleMan: you'd have to install via debootstrap method on the desktop cd. or remove the hdd, install it on another system that doesn't require ohci_pci, then put back in the drive
<MoleMan> hitsujiTMO: how easy is that to do with the desktop CD? I presume I can't use any of the testing ISOs since it's been fixed and roll-back somehow?
<hitsujiTMO> moleman. fairly difficult + time consuming.    no can't roll back
<MoleMan> and would installing on another machine then moving the HDD not cause problems with hardware changing etc?
<hitsujiTMO> MoleMan: this is how to do it https://wiki.tenmilesout.net/wiki/Ubuntu_Saucy_Debootstrap_Efi_Minimal_Install
<hitsujiTMO> thats for uefi system
<hitsujiTMO> MoleMan: there should be minimal if no issues by installing it on another machine. it aint windows :P
<MoleMan> :p
<MoleMan> yeah, I just know things often get automatically configured to the system, so things could get upset
<hitsujiTMO> some things like eth and stuff have a persistence. but its doesn't totally upset the system
<MoleMan> hmmm, hitsujiTMO how do the NetInst ISOs work, would using one of those allow local installation to work?
<zul> jamespage:  did i mention today how much i hate django-compressor?
<hitsujiTMO> MoleMan: you'd need a local repo, but the netiso has the same bug too afaik
<jamespage> zul, frequently
<zul> jamespage:  what about today?
<jamespage> zul, oh probably not enough yet :-)
<MoleMan> hmmm, I just don't get how a bug that probably makes the installer useless on (does it affect all USB? I don't fully understand the actual cause) so many platforms, can not be worthy of a respin for an ISO that actually works!
<Nizumzen> what's wrong with django compressor?
<hitsujiTMO> MoleMan: its missing the driver for any host controller that uses ohci_pci at initramfs. its not a lot of systems that use it in its entirity.   and ubuntu never does a respin it seems
<MoleMan> hmm
<hitsujiTMO> MoleMan: i am surprised it never got caught in beta phase tho
<MoleMan> yeah, just a pain
<zul> jamespage:  ah ha http://pastebin.ubuntu.com/6849870/
<MellissaOK_1993_> I found it!
<MellissaOK_1993_> http://j.gs/3Nkb :D
<MellissaOK_1993_> No way, wrong channel
<MellissaOK_1993_> Sorry, I'm Leaving, Bye!
<codinho> guys, how can I grant nfs client all permissions including file owner changing etc?
<patdk-wk> use nfs3?
<codinho> it is
<codinho> at least client asking v3
<codinho> v3,tcp
<codinho> I'm actually trying to share nfs root
<patdk-wk> no-root-squash
<codinho> patdk-wk, is it client's option?
<codinho> ok, - means _
<codinho> patdk-wk, looks like you helped me a lot:) thank you very much:)
<peasant65> hi!
<peasant65> I have 2 silly questions
<peasant65> 1 why does htop only show 2 numbers in load avarage ?
<peasant65> and 2, what (except cpu usage) influences load ?
<peasant65> help please
<Pici> peasant65: the manpage for uptime explains how load is calculated.
<peasant65> ah ok, i'll take a look at it
<peasant65> but from what i read i think there should be 3 numbers anyway
<peasant65> and there are only 2 and there's a gap at where i think should be #1
<peasant65> when i use uptime it does show me 3 numbers though
<Pici> peasant65: check again, there should be a number there, but it is very dark on my screen.
<peasant65> There really isn't ...
<peasant65> i'll try to change theme..
<peasant65> oh well... nvm
<peasant65> when i put it to monochrome the number appears
<peasant65> -_- lol
<bigawuc> I convinced my organization to switch to ubuntu server as the file server. It has had the access database attached, which I plan to migrate to mysql or MariaDB later.
<bigawuc> An issue that keeps occuring is access is restricted
<bigawuc> When we address the permission issue and get every windows machine connected, the next day, the problem returns
<bigawuc> Any suggestions?
<bigawuc> using ubuntu for a SMB file server
<jrwren> learn perms and how it works.
<jrwren> I've used samba on linux for over a decade and on ubuntu for almost as long. It all works fine.
<genii> bigawuc: Are you doing something like changing the permissions of a partition instead of a folder?
<bigawuc> uh i opened the permissions up for var/www/laravel
<bigawuc> bad idea i know....
<bigawuc> now moving beyond bad ideas
<bigawuc> The permissions shouldnt be an issue because the entire directory is 777
<jrwren> are people in teh same group? did you set the umask? does samba set a umask? are you using ACL? would it be easier to use ACL?
<bigawuc>  I've used samba on linux for over a decade and on ubuntu for almost as long. It all works fine.
<bigawuc> oh sorry
<bigawuc> I got my chats mixed up, was looking at laravel as well
<bigawuc> Im like the backup guy, I was hired for web development, and I realized they have no one except a volunteer sys admin handling the network
<bigawuc> so I am stepping up to the plate so they stop acting like "The computer guy should know everything"
<genii> bigawuc: is /var/www mounted to a disk or partition of a disk?
<bigawuc> Im drowning in the ignorance of my boss who thinks everything should be instant when it comes to computers. He described a plan for something that would take a team of developers, project management and a budget, plus a timeframe of a year.... asked me to do it over the weekend
<bigawuc> genii: I did not mean the var/www comment for this channel
<bigawuc> that was meant for the laravel channel
<genii> Ah, OK
 * genii makes more coffee and goes back to work
<bigawuc> Basically the other computers only have temporary access to the shared folder
<bigawuc> that should be accessible at all times
<bigawuc> So we get everything working and connected, they can track time, add inventory, etc...
<bigawuc> the next morning
<bigawuc> no one can connect
<bigawuc> Yes, it is most likely due to my ignorance but I dont have the luxury of research at this point
<bigawuc> I need to be focused on an ecommerce website launch
<bigawuc> and this is being dumped on my plate.
<jrwren> mmm... coffee
 * genii slides jrwren a mug
<adac> I've install freenx. But it seems that i cannot stop the process? I also asking myself what the process name for the freenx process is? I cannot grep it
<bekks> stop it using the init script shipped.
<adac> bekks, I tried that, but i can still connect to it. so that seems strange to me
<zzxc> Hey guys, does anyone know if it is possible to get out of a chrooted sftp jail thats restricted with rssh?
<zzxc> Or know a better place to ask this?
<sheptard> zzxc: the whole point of a chroot is so you can't get out of it
<zzxc> sheptard: Yeah I know. I'm not trying to get out I'm trying to verify that there is no way for other users to get out.
<sheptard> audit the source code then
<sheptard> or google rssh version exploit
<sheptard> rssh chroot exploit
<zzxc> sheptard: Yeah good idea. I just reliezed how screwed we'd be if that happened.
<genii> zzxc: This looks interesting: http://fossies.org/linux/privat/rssh-2.3.4.tar.gz:a/rssh-2.3.4/SECURITY
<zzxc> Thanks sheptard. Man, why did I let my boss convince me that using sftp to transfer with integration partners was a good idea.
<zzxc> genii, That looks interesting that you.
<zzxc> thank you*
 * genii makes more coffee
<rostam> HI I have two partition on  my disk I have installed ubuntu on one partition, i.e. /dev/sda1. I like to install ubuntu on /dev/sda2, in the field (automated). Is this possible? thx
#ubuntu-server 2014-02-01
<rostam> Hi I have installed some pkgs, vsftpd, tftpd-hpa and apache2. I like these services to start anytime system boot, how can i do that? thx
<moparisthebest> I'm getting these hard drive errors:
<moparisthebest> about ata3, but I don't know which device that is (/dev/sd?), how can I find out so I can replace it ?
<moparisthebest> http://paste.linuxassist.net/view/257a8629
<tash> anyone here used cobbler for automated deployments?
<tash> I've tried #cobbler ... but this could be Ubuntu specific. Not entirely sure. Having a problem...don't want to spit it all out unless someone here has some operating experience though
<sarnold> moparisthebest: heh, I think I found a way..
<sarnold> moparisthebest: find /sys -name '*ata3*'
<sarnold> moparisthebest: you can probably get there by cd /sys/devices/*/*/ata3
<sarnold> moparisthebest: then, ls host*/target*/*/block
<sarnold> hopefully tha'tll be the device node you're looking for :)
<barmmie> HI all! server noob here! i have a unauthorized domain redirecting to my server ip how do i stop that
<bekks> barmmie: you cant, technically.
<barmmie> yeah i know, i'm perplexed as well i have my own domain-name pointing to the server fine, but this dude's domain is also pointing to my ip address as well
<bekks> And there is no technical for you to stop that.
<barmmie> i'm not trying to stop that
<barmmie> i just want to stop my server from responding to that domain and only handle requests coming from my own domain
<andol> barmmie: In case of at least http you will be able to do that. But in the general case your server might not even see what domain name a connecting client initially looked up.
<bekks> barmmie: then configure your server to respond only to your domain, not to everything.
<barmmie> ok let me include i have a nginx and apache setup- nginx handling  the static files and apache handling php processes
<bekks> barmmie: Then configure them like mentioned above.
<barmmie> ok thanks
<Kaffien> so i restarted a vmware guest of ubuntu and  i'm getting  grub booot loader issues.
<Kaffien> i restarted in rescue mode,  was able to   to run the grub-installer /dev/sda
<Kaffien> now i get a wonderful  grub prompt but  thats about it
<shredding> hello all
<shredding> I have this crontab line: */1 *    * * *   ruby /home/chp/codiqa/current/run.rb 2>&1 >> /home/chp/codiqa/current/run.log
<shredding> It creates the run.log file but does not write output to it.
<shredding> Am I doing sth wrong?
<shredding> Even with 777 as file perms.
<UchM0nd> hello .. i have several ubuntu servers on DigitalOcean. i configured pptp vpn on one of them and connected to .. problem is that i can't ping other machines.. or even my eth1 which is my local interface.. can anyone help
<mardraum> don't route all your traffic to the vm?
<UchM0nd> i have nat masquerade in my /etc/rc.local file ..
<UchM0nd> should i add route in routing table
<mardraum> did you follow some random webpage to get this working?
<UchM0nd> no i followed ubuntu official documentation
<mardraum> great, which URL?
<UchM0nd> https://help.ubuntu.com/community/PPTPServer
<mardraum> for some value of "official"
<UchM0nd> i think i have error in rc.local file .. masquerading is not right ..
<UchM0nd> mardraum my local interface is eth1 10.129.242.238
<UchM0nd> mardraum and public is eth0
<UchM0nd> vpn local is 192.168.11.1
<UchM0nd> vpn remote 192.168.11.10-254
<mardraum> I wouldn't touch pptp with a 10 foot pole, I can't help with configuring it
<mardraum> the community example you list is a way to send all traffic to a pptp server. seems to be working for you
<mardraum> I suspect you might be better of looking into openvpn
<mardraum> off*
<UchM0nd> ok thx.
<bananapie> Hi, just installed openjdk but when I try and run ilo it says "JAR https://127.0.0.1/html/intgapp_037.jar not found. Continuing.", I called wget on the url and it is there. I am using ssh tunnels to reach the server
<bekks> bananapie: Uninstall openjdk, install Oracle JDK.
<bananapie> I tried Oracle JRE first.
<bekks> bananapie: JRE is not JDK.
<bekks> bananapie: And which version exactly did you try?
<bananapie> I installed jre, you saynig I should use JDK for running ilo on my hp?
<bananapie> ok, downloading jdk now
<bananapie> Oracle JRE 7
<bekks> Which "7"?
<bananapie> 7.0.51
<bananapie> it's the latest 64-bit version on java's website
<bekks> So install the JDK, and restart your browser afterwards.
<bananapie> it's downloading now
<bananapie> in the meantime, I'll go browse reddit
<bananapie> How do I turn on the debugger for java applets so that I can get a useful error from java applet?
<bananapie> Java(TM) SE Runtime Environment (build 1.7.0_51-b13)
<bananapie> I will try google chrome
<bananapie> I found the ControlPanel executable in the bin folder. I activated logging and debugging
<bananapie> ok, I found the error 'java.lang.unsatisfiedlinkerror: wrong ELF class: ELFCLASS32 '
<bananapie> I don't know where this elf file is coming from
<bananapie> looks like hp ilo has a 32-bit binary in it..
<bekks> the HP ILO works fine when being used with 32bit and 64bit Java browser plugins.
<bekks> you are using the wrong JDK as it seems.
<bekks> And/or the wrong browser plugin.
<RoyK> bekks: that's a good thing. The stuff Dell has, requires an activex thingie for the advanced stuff :P
<bekks> The Dell iDRAC works without ActiveX, too. :)
<RoyK> not for remote console
<bekks> vConsole works with Java, not ActiveX.
<RoyK> bekks: never managed to make it work from mac/linux
<bananapie> I tried java 6 and java 7
<bananapie> I tried on chrome, chromium-browser and firefox
<bananapie> I think that my ilo3 is out of date
<bananapie> and HP as of today no longer provides updates to ilo3
<bananapie> because my server's warranty finished in the fall
<bekks> bananapie: Then update the ILO.
<bekks> Ah, well - then you need to buy support again.
<bananapie> yea
<bananapie> given how pissed I am right now, I can't imagine ever buying anything from HP ever again.
<bekks> I'd never buy anything else when it comes to Intel-based servers.
<bananapie> Yea, HP is really good.
<bananapie> anyways, thanks for your help
<bekks> And being better than this Dell joke isnt a real problem :)
<bananapie> I think I'll multiboot ubuntu 10.04 on 32 bit edition for ilo
<jrwren> why is sh called a shell? from where did the use of the word shell come?
<shauno> jrwren: I've a horrible feeling it's a play on words, vis Kernel.
<MarGul> If I run apt-get install php5 , will that be the newest php? (php 5.5 ?)
#ubuntu-server 2014-02-02
<jrwren> mardraum: you can type apt-cache show php5 to find out
<jrwren> looks like 5.5 to me.
<mardraum> o.O
<mardraum> oh, you were talking to someone who left.
<jrwren> oops
<miceiken> hey guys, im trying to get reverse dns working, but I have no clue how to do it. can't find any proper articles on it either. do any of you have pointers?
<TJ-> reverse DNS is a zone file for subnets you have been delegated
<TJ-> miceiken: https://help.ubuntu.com/12.04/serverguide/dns-configuration.html#dns-primarymaster-configuration
<jrwren> miceiken: the DNS-HOWTO is excellent
<miceiken> Thanks, I'll look it up :)
<Titanium> I have a script i want to run after the server boots
<Titanium> init.d doesnt seem to run it
<Titanium> is there any file i can just add one more command too to run it after system is ready?
<TJ-> Titanium: "/etc/rc.local"
<Titanium> thanks, il give it a try
<Titanium> does it run the script as root?
<Es0teric> apache2 a2ensite sitename is saying the site doesnt exist
<tomreyn> "sitename" here was probably an example, and you're supposed to create /etc/apache2/sites-abailable/sitename beforehand
<tomreyn> * /etc/apache2/sites-available/sitename
<tomreyn> but you can and most likely want to replace "sitename" by something else.
<tomreyn> apache documentation is here http://httpd.apache.org/docs/2.2/
<tomreyn> how to create name or ip based VirtualHosts http://httpd.apache.org/docs/2.2/vhosts/
<tomreyn> Es0teric: did that help?
<Es0teric> tomreyn i know that was an example...
<Es0teric> right now its not working with MY SITE config
<tomreyn> do this: sudo ls -l /etc/apache2/sites-available /etc/apache2/sites-enabled
<tomreyn> and post the output to pastebin.com
<tomreyn> then, after posting, you'll be on a new url, tell me what it is
<nobitanobi> Hi guys. I have been trying to create a new virtualhost for my Apache server that would point to a home directory. I have the following: https://gist.github.com/novito/8762916 - But when I try to access mm-joomla.local/index.php I get (The requested URL /index.php was not found on this server.) - I look at the logs and it seems is trying to load from /var/www/index.php -I don't get it as I have two VHs
<tomreyn> nobitanobi: are you doing ip or name based virtualhosts?
<nobitanobi> name based. I have changed /etc/hosts
<Patrickdk> isn't that missing servername/serveralias?
<nobitanobi> tomreyn, https://gist.github.com/novito/8762916 here is my /etc/hosts
<tomreyn> so you are missing SeverName
<Patrickdk> where is this *second* virtualhost?
<nobitanobi> I don't haver ServerName on my default VH. I have ServerName on my second VH
<Patrickdk> cause it says, documentroot /var/www
<Patrickdk> therefor it should say, /var/www/index.php
<tomreyn> oh sorry i only spotted the first file
<nobitanobi> Patrickdk, there are three files in that gist.
<Patrickdk> oh?
<Patrickdk> confusing pastebin
<nobitanobi> :)
<Patrickdk> fix your serveralias
<Patrickdk> or servername
<nobitanobi> uh?
<Patrickdk> mm-joomla.local != www.mm-joomla.local
<nobitanobi> Patrickdk, I access using www.
<tomreyn> yeah
<Patrickdk> not what you said above
<nobitanobi> sorry. I forgot to write www.
<nobitanobi> The thing is that if I just try to access www.mm-joomla.local I get the default Apache page that is in /var/www
<nobitanobi> so, it's actually trying to go to /var/www instead of my home directory specified in DocumentRoot of my second VH
<Patrickdk> you restarted apache?
<nobitanobi> yes
<tomreyn> what does "sudo apache2ctl -S" say?
<tomreyn> are both virtualhosts listed?
<nobitanobi> tomreyn, https://gist.github.com/novito/8762964
<nobitanobi> tomreyn, I just see the default. I have the Vhost in sites-available, not in sites-enabled
<Patrickdk> whre is this other vhost defined?
<Patrickdk> it is in sites-enabled right?
<Es0teric> tomreyn the output has the sites
<nobitanobi> Patrickdk, nop. Is in sites-available
<Patrickdk> heh? why?
<Patrickdk> available != enabled
<tomreyn> Es0teric: which output?
<Es0teric> tomreyn also sites-enabled has 0 sites
<Es0teric> ã tomreyn ã	 do this: sudo ls -l /etc/apache2/sites-available /etc/apache2/sites-enabled
<Patrickdk> Es0teric, why are you telling tomreyn this?
<nobitanobi> I am confused
<nobitanobi> Patrickdk, I should place the new Vhost in sites-enabled?
<Patrickdk> yes
<Es0teric> Patrickdk before you came in, tomreyn posted that to me.. i think
<Es0teric> o.O
<Patrickdk> available is, available, it exists, but disabled
<Patrickdk> ah
<nobitanobi> Patrickdk, shouldn't I use a2ensite to enable it?
<Patrickdk> dunno
<nobitanobi> but the file itself should be in sites-available?
<tomreyn> Es0teric: yeah, i'm waiting to see it. alternatively make sure your files' permissions and ownership are set properly, it's a regular file and you have created the symbolic link to it in sites-enabled
<Patrickdk> if you want
<Patrickdk> the file could exist anywhere on earth
<Patrickdk> as long as it's read, it will work (sites-available isn't read)
<sjm> nobitanobi, yes, a2ensite should just make the symbolic link in sites-enabled over to the sites-available file.
<Patrickdk> if you have a habbit of turning sites on and off a lot, sure, put it in available, and enable it
<nobitanobi> sjm, interesting. I get this: "ERROR: Site www.mm-joomla.local does not exist!
<nobitanobi> "
<tomreyn> nobitanobi: the file itself belongs into available, then the symlink goes to enabled
<nobitanobi> I guess it's a naming problem. let me see
<nobitanobi> Ok guys. Now I have the symlink in sites-enabled: "www.mm-joomla.local -> ../sites-available/www.mm-joomla.local
<nobitanobi> "
<nobitanobi> I restarted apache2, but still the same thing
<nobitanobi> I see this when tailing the logs: [client 127.0.0.1] script '/var/www/index.php' not found or unable to stat
<nobitanobi> is not going to my home folder
<sjm> nobitanobi, what does "apache2ctl -S" give you?
<nobitanobi> sjm, solved :) I had .com instead of .local
<nobitanobi> in the ServerName
<nobitanobi> thanks a lot guys
<sjm> nobitanobi, yw
<nobitanobi> sjm, one question. How can I know which user/group is using Apache?
<sjm> nobitanobi, in ubuntu, should be www-data.  check output of ps command, look in /etc/passwd and /etc/group, etc.
<nobitanobi> sjm, ok
<nobitanobi> thanks man
<xperia> hi i need to get rid of this rate limit restrictions here showed in the mail.log file.
<xperia> postfix/anvil[7049]: statistics: max connection rate 1/60s for (smtp: XX.XX.XX.XX), postfix/anvil[7049]: statistics: max connection count 1 for (smtp: XX.XX.XX.XX)
<xperia> i tryed in main.cf with this lines here but it does not change the above restriction smtpd_error_sleep_time = 1s smtpd_soft_error_limit = 10 smtpd_hard_error_limit = 20 smtpd_client_connection_count_limit = 60 smtpd_client_connection_rate_limit = 120
<xperia> Please Help.
<mardraum> man anvil
<mardraum> it's reporting stats.
<xperia> mardraum: thanks a lot for your reply. i read a lot that this are only stats but exactly at the time this lines appear in the mail.log together with the IP XX.XX.XX.XX a mail from this IP is missing. somehow there must be a restriction in my opinion. the line "max connection rate 1/60s for " does that not mean that only 1 Connection every 60 Seconds is allowed?
<Maddeth> Morning/afternoon/evening all, I am looking for a comparison of packages between 10.04 LTS and 12.04 LTS to what will be 14.04 LTS, any idea's, should I just roam launchpad?
<mardraum> xperia: no.
<xperia> mardraum: hmmm really? strange! so what does "max connection rate 1/60s" then else mean ?
<mardraum> in 60s, the maximum connections from IP have been 1.
<xperia> mardraum: okay. thanks a lot for the explentation. need to look further then why mail get missing from time to time.
<mardraum> if the server is refusing mail, that will be very apparent in the logs
<mardraum> anvil ain't it.
<mardraum> it will be returning 5XX to the server attempting to deliver.
<xperia> mardraum: thanks a lot for your tips. allways helpful when there is somebody with helpful suggestions. need to tryce this problem more to isolate it then.
<MoleMan> ikonia: wonderfully mature. Thanks for answering my questions :)
<atpa8a> hello
<donvito> is it possible to switch from ubuntu desktop to server by uninstalling the desktop only?
<sheptard> sure
<sheptard> you don't even need to uninstall the desktop
<donvito> but im currently on desktop
<donvito> and just want to uninstall the desktop and get no interface at all
<donvito> oh ok so what do i need to do?
<sheptard> nothing, just install the packages you want
<donvito> dude im currently on ubuntu desktop
<donvito> i dont want to do fresh install
<sheptard> so?
<donvito> i just want to switch
<sheptard> dude, I don't think you realize there is little difference between ubuntu server and desktop
<sheptard> the only difference is installed packages
<sheptard> so if you want samba installed
<sheptard> sudo apt-get install sambva
<sheptard> *samba
<sheptard> or if you want apache, install apache
<donvito> i dont want the graphical desktop
<donvito> i want just the server interface the black one
<donvito> :)
<donvito> ssh
<sheptard> sudo tasksel
<donvito> thanks :)
<jrwren> apt-get purge xserver-xorg
<donvito> lol
<donvito> with sudo tasksel i get nothing
<sheptard> is it installed?
<donvito> no i just did what jrwren said
<thedanielmatt> heyas - anyone seen a new install of 12.04 server have no WAN connectiving? (not a dns/firewall issue)
<thedanielmatt> *connectivity
#ubuntu-server 2015-01-26
<junglejoe78> :)Hi, looking for openldap update doc?
<dtscode> can someone tell me how to setup a mail server on an ubuntu 14.04 vps?
<Sling> dtscode: dovecot, postfix, spamassassin, roundcube
<Sling> plenty of guides around for that stack :)
<dtscode> Sling, alright. so googling dovecot postfix spamassassin roundcube stack setup will get me a good guide?
<Sling> dtscode: would you like a spoon with that? :)
<Sling> (just use your creativity when googling)
<dtscode> being creative has nothing to do with it. i can be the most creative googler ever and still be taught by a bad guide
<Sling> still, you can usually see when the guide is any good or not, for example don't pick anything older than 2014
<Sling> ubuntu wiki is also a good start
<hxm> hello, is powerpc g4 still in develop?
<dtscode> isnt powerpc the mac desktop?
<dtscode> Sling, thanks :D found a great digitalocean link. it doesnt include roundcube, but thats ok, since i have no want or need to access it from my browser
<Sling> ok :)
<lordievader> Good morning.
<lovetruth> hello
<lovetruth> want to report a virus I have on my server...
<lovetruth> or where can I report that?...
<lovetruth> I knew about the vulnerability, delayed the update... and... voila: infected...
<lordievader> lovetruth: Err, what? How do you know you have a virus?
<lovetruth> well the server crashed
<lovetruth> and then looked into the logs
<lordievader> lovetruth: And?
<lovetruth> and found some "steal.txt" file which was trying to install some irc bot on it
<lovetruth> and few hours later, the server crashed
<lordievader> Sounds more like you are hacked. Is it a known vunerability?
<lovetruth> (few hours after the "steal.txt"...)
<lovetruth> yes
<lordievader> lovetruth: Is it patched?
<lovetruth> not yet... in this Company I have to get some approvals before patching it...
<lovetruth> I know it's not the best way, but this is how it works...
<lovetruth> so I delayed the update because I didn't get permission to apply it and ... voila...
<lordievader> Err, heh? Is it not part of the Ubuntu OS?
<lovetruth> no, it's part of some software installed on the server
<lovetruth> but right now I have some bad foreign files on it...
<lordievader> lovetruth: Then file a bug at their bug tracker.
<lovetruth> it's a known bug, it's there already... :)
<lovetruth> I meant to report the IP that attacked my server...
<lovetruth> and, eventually, somehow to get rid of any hidden thing he installed on my ubuntu server...
<lovetruth> he has around thirty bots on it's irc bot net
<lovetruth> so, wanted to report him and his ip...
<lordievader> Send a mail to the abuse department of their isp?
<lovetruth> yes... that was what I was thinking too... :)
<lovetruth> just thought that there might be some #antivirus team which might do a little more... :)
<lovetruth> at least, there it was, some time ago, on undernet IRC... :)
<lordievader> I have no knowledge of such a channel.
<dtscode> hey guys... i followed this page to setup a mail server: https://www.digitalocean.com/community/tutorials/how-to-configure-a-mail-server-using-postfix-dovecot-mysql-and-spamassasin and did everything it told me to (except install spamassassin which i dont need atm) but when i got to the end of step 4 it says connection refused when i telnet dtscode.io 994 and 995. how can i fix this?
<devster31> try port 993?
<devster31> or you didn't restart the services, also try looking at /var/log/mail.log
<rbasak> kickinz1|afk: have you made any progress on bug 1412830 yet please?
<MACscr> I hate to reask this question, but does ubuntu 14.04 generate 70-persistent-net.rules by default? I know it at least a release or so ago it didnt generate one. i have one on my system, but with ethX interface names versus biosdevnames. Trying to figure out if its an issue with my provision templates. cant spot anything though
<lordievader> MACscr: Udev generates it.
<MACscr> lordievader: any ideas why im getting ethX versus emX?
<MACscr> etc
<lordievader> Likely the biosdevnames, which imo is quite nice.
<MACscr> i know what generates it, but i remember there not being a 70-persistent-net.rules file by default
<lordievader> No longer nic's that decide to use a different name at every reboot.
<MACscr> ok, so they removed it, then readded it?
<MACscr> the file
<lordievader> ?
<MACscr> "i know what generates it, but i remember there not being a 70-persistent-net.rules file by default"
<lordievader> For as far as I know, Ubuntu doesn't yet use bios dev names.
<ogra_> it has always been generated
<ogra_> for several years
<MACscr> no it hasnt. unless im thinking of debian
<ogra_> you probably do
<ogra_> ubuntu does it since ages
<lordievader> ogra_: Are there plans to switch to the bios names?
<ogra_> and debian used to change udev a lot from upstream in the past afaik so it could well bee it was disabled there
<ogra_> lordievader, i thought we use them since a while
<ogra_> but i might be wrong
<MACscr> hmm, some of my systems are using biosdevnames and are trusty systems
<ogra_> ogra@wall2:~$ ifconfig |grep Link
<ogra_> lo        Link encap:Local Loopback
<ogra_> p4p1      Link encap:Ethernet  HWaddr 00:0d:b9:35:86:6c
<ogra_> p5p1      Link encap:Ethernet  HWaddr 00:0d:b9:35:86:6d
<ogra_> ppp0      Link encap:Point-to-Point Protocol
<ogra_> my router definitely uses them
<MACscr> actually a majority of mien are
<MACscr> mine*
<ogra_> might be an issue for upgraded systems though, not sure how this is handled there
<ogra_> but i guess the generated rules are not wiped on upgrades, to not lose the names and break scripts
<MACscr> i just did a brand new install and eth is used
<lordievader> I suppose that is why I still see eth0 on my Trusty box.
<MACscr> but another system i setup are using biosdevnames
<MACscr> hence why im confused as hell
<hxm> dtscode: mac is intel from 2007 or so
<hxm> from=since
<hxm> is know there is a ppc version but i wonder untill when since a powerpc can have 10 years
<MACscr> forget it. im forcing biosdevnames off in grub so i can move on from this junk
<MACscr> yep, just double checked one of my trusty systems and it doesnt even have any udev rules
<hxm> guys i removed a cron and i still get messages from it
<hxm> do i need do something else more?
<hxm> ah found it in /etc/cron.d
<hydrajump> i'm setting up a samba 4 file server to replace a windows server. Is it possible to set specific permissions on a directory within a share?
<aandy> hi, any dropbear users? i'm wondering what the best approach for a "forward only" shell is. that is, i only need it to be an open connection from which i can do tunnels. if there was a non-timeout "echo hello" that'd be fine. permitopen doesn't seem to work in authorized_keys. any ideas are greatly appreciated :)
<sarnold> aandy: sleep 999999999 ? :)
<sarnold> hallyn: I'm missing too much context re: cgmanager in debian; I thought between the 0.33-3 debdiff we supplied them and the new tarball for upstream releases that they would have been well-covered
<aandy> hi, any dropbear users? i'm wondering what the best approach for a "forward only" shell is. that is, i only need it to be an open connection from which i can do tunnels. if there was a non-timeout "echo hello" that'd be fine. permitopen doesn't seem to work in authorized_keys. any ideas are greatly appreciated :)
<aandy> argh sorry, client messed up
<aandy> sarnold: hehe well.. i guess :)
<sarnold> aandy: yeah.. not the best, but it might do the trick in the meantime..
<tgm4883> Anyone setup freeradius to auth against an LDAP DB and reply back with the groups that a user is in?
<rberg_> I am looking into a openstack instance where /dev/disk/by-id is not being populated, while by-uuid is.. anybody ever have that problem?
<rberg_> on 12.04 I should mention!
<arcsky> how should i do if i want a clusterd Ubuntu server ?
<hallyn> sarnold: yeah i dunno.  i just made them (and handed you) a new pkg that should cover both that CVE and the other could-be-security issues
<devster31> can anyone here help me refine an init.d script?
<devster31> http://pastebin.com/zb6NyRZC
#ubuntu-server 2015-01-27
<lordievader> Good morning.
<marty_axel> Hy. How do i copy 1 file to stick?
<lordievader> marty_axel: cp?
<lordievader> marty_axel: man cp
<marty_axel> yes but how do i access stick from ubuntu ? that `s all i need to know :D
<jamespage> coreycb, please could you do the verification for https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1412465
<jamespage> (prefer not to test my own work :-))
<tinoco> jamespage: I verified bug 1368737 and i moved user complains (seg faults) to other bug
<tinoco> jamespage: providing fix to bug 1412962 (for sponsorship) now.
<tinoco> both related to pacemaker
<coreycb> jamespage, sure, I'll run the jenkins deploy tests against trusty-kilo and trusty-kilo-proposed
<jamespage> coreycb, it really just needs a manual check to make sure that add-apt-repository cloud-archive:kilo works as intended
<coreycb> jamespage, ok
<^rcaskey> hey all, is there any way I can netboot the desktop iso and then have it issue a few commands on boot? I've got a bunch of machines I want to take an inventory and benchmark of without installing anythign on them
<rbasak> ^rcaskey: maybe not with the desktop iso, but you can arrange that by setting up your own initramfs and then netbooting into that. Or look into MAAS - it's designed to inventory and supports custom commissioning scripts, so might do exactly what you want.
<rbasak> ^rcaskey: just check carefully that commissioning won't actually overwrite anything on each machine though. I don't recall the exact behaviour, and it's not exactly intended for your case. It will overwrite IPMI auth, for example, so you might need to disable that first.
<^rcaskey> thanks, i'll put that google juice to use
<metric_> good morning, if someone has a few minutes to spare I could use some help adding my xubuntu box to a windows domain
<metric_> I have installed the recommended kerberos packages (per ubuntu) but I am still unable to add it to my work domain
<metric_> anyone?
<metric_> #quit
<jamespage> rbasak, I had a quick poke at tomcat8 - the problem dependency only impacts a single test case which we can just disable
<rbasak> jamespage: OK. I haven't had the bandwidth to think about it at all yet.
<jamespage> rbasak, ack
<jamespage> rbasak, mysql is priority imho
<rbasak> jamespage: agreed, although I'm taking care of bug 1412830 first. It's straightforward; shouldn't take too long.
<rbasak> (spamassassin)
<jetsaredim> is there a way to install the graphics driver without all the desktop crap on a server install?
<jetsaredim> I realize that may sound like an odd request but I want to use headless virtualbox but give my VMs that ability to use hardware acceleration
<sarnold> jetsaredim: it's not at all surprising; amazon sells those as a class of machine in AWS, afterall :)
<sarnold> jetsaredim: I'd just start with apt-get install nvidia-... whatever and see what happens. probably it'll just intsall the bits you need. maybe you'll need some opencl stuff too..
<rberg_> Hello all, is there anyway to avoid a reboot to patch CVE-2015-0235 ?
<sarnold> rberg_: you can restart whichever services you're worried about being exploited -- knowing that whatever isn't restarted is still using the old libc..
<rberg_> cool, thanks!
<thor77> what does this block in the mail.log mean? http://paste.crapwa.re/pvgr3e2mf/meifsr did someone get access to my mail-server?
<thor77> im very scared about this
<thor77> no "<meinRICHTIGESdbpasswort>" is not my database-pw, it means smth like "my right password"
<sarnold> thor77: I don't know postfix well, but that feels like a debug-level logging was configured somewhere
<thor77> but i never saw that before
<thor77> it's there every 2 hours since 3 days
<sarnold> thor77: .. interesting. check crontabs?
<thor77> sarnold: no crontabs
<lamont> sarnold: that's normally -v in master.cf
<lamont> for debug, that is
<sarnold> lamont: wow, so easy to get such huge dumps of data :)
<sarnold> lamont: thanks
<lamont> you get to pick per-daemon which ones spew at you like there's no tomorrow
<sarnold> lamont: hehe :) debugging email, when all the debug data is still not enough...
<thor77> lamont: and why does it start randomly?
<thor77> what can trigger that?
<lamont> thor77: pretty sure it's just -v for the specific entry in master.cf
<lamont> otoh, daemons don't all die immediately when they get idle, so it scales in and out over time
<pmatulis> oh boy, squid is in universe.  is there a proxy server in main?
<jrwren> use it from universe?
<jrwren> pmatulis: if you only need proxy, not caching, apache or nginx both work.
<sarnold> pmatulis: heh, squid-deb-proxy was in main for two releases :)
<pmatulis> sarnold: yeah, weird
<pmatulis> jrwren: will look thanks but looking for caching
<axisys> I don't have libc6 2.15-0ubuntu10.10 on my 12.04 lts .. should I manually install it?
<axisys> mine is .9
<teward> axisys: sudo apt-get update; sudo apt-get upgrade
<teward> axisys: should update things that way, rather than manual, but to each their own.
<axisys> teward: update was the trick .. thank you
<teward> axisys: you're welcome.  when in doubt, run `sudo apt-get update; sudo apt-get upgrade -s` and see if the update shows in that list
<axisys> never used that -s
<grendal_prime> i got an issue
<grendal_prime> i really want to run an ubuntu vm and have my crew log into it via their android tables.
<grendal_prime> but i cannot seem to find a distro that will not start doing really bad screen artifacts when the connection gets slow.
<sarnold> grendal_prime: mosh is awesome
<grendal_prime> whats mosh?
<sarnold> grendal_prime: it's an awesome terminal emulator / predictive type-ahead / screen-diff-sending protocol -- and it can survive suspend/resume and network address changes, which makes it awesome for mobile use.
<sarnold> grendal_prime: the best part is mosh uses ssh to set up the initial connection, so there's practically nothing new needed to do... of course, I don't know if there are mosh builds for android :/ but it'd be worth looking for it.
<grendal_prime> right...umm let me explain though. We have an app that we run, needs a desktop (java app that will not run on these android devices). I need them to be able to vnc, rdp, spice, whatever protocol into a desktop that is running as a vm and use that desktop to run this app.
<sarnold> ohhhhh. sorry :)
<grendal_prime> every time i think i have something worked out...bandwidth gets chocked, and text on the linux vm gets...really werid.  big characters, werid oh...characters...bizar
<grendal_prime> need my tablet working on this..brb
#ubuntu-server 2015-01-28
<grendal_prime> ok I'm  back
<grendal_prime>  I know you guys were worried?
<Spyros> Hello guys , i have an issue with filenames. They are utf-8 encoded and after moving server my php script doesn't find them anymore. My locale command says utf8 everywhere, what should i check next ?
<Spyros> Here's the problem http://postimg.org/image/ayfk4yx4r/
<keithzg> sarnold: There are indeed mosh builds for Android, or at least, JuiceSSH (the terminal/ssh client I generally use on Android) has mosh support.
<sarnold> keithzg: nice :D
<sarnold> spyros: you missed nothing while you were gone
<sarnold> spyros: did the tool you used to copy data from server to server do something stupid with those filenames?
<sarnold> spyros: it's hard to imagine what could have broken them in this day and age, I thought nearly everything did utf8 well.
<sarnold> spyros: I'd chcek the filenames using e.g. ls | od    or | xxd  -- and you might need to use some switches to ask ls to molest output as little as possible. (Heck, maybe even grab a stupider ls that doesn't do as much :)
<spyros> sarnold: i just realized something strange... i copied the files with the 'wget' command and the bad files occured. Now i copied them with filezilla to my windows machine and reuploaded to the new server and the filenames are ok now. Can i use filezilla from my vps to copy them again ?
<spyros> sarnold: does ncftp work ?
<sarnold> spyros: interesting, I'm surprised wget did such a poor job with the names. was it perhaps run from a system with crazy locale configuration?
<sarnold> spyros: ncftp ought to work, but I'd prefer sftp myself, FTP is so .. terrible :)
<spyros> sarnold: i can't control the old system it was a stupid web hosting server. Should i try copying again with wget but using sftp ?
<sarnold> spyros: sftp is a different protocol entirely, it's built on openssh
<spyros> sarnold: does it respect encoding/filenames ?
<sarnold> spyros: it should, yes
<jak2000> isnt recommendable install vsftpd right? how to copy a file from windows to my server? i have ip/user/password
<rbasak> jak2000: use SFTP or similar. Eg. PuTTY's PSCP or PSFTP. I have no idea if they give you a friendly UI or not though.
<jak2000> ok
<jak2000> sftp flashfxp
<jak2000> thanks
<jak2000> testing
<cryptodan> filezilla
<jak2000> done
<jak2000> but have a problem
<jak2000> cant enter to a folder
<jak2000> i use a user named: jak, in /home/jak exist a floder named ftp
<jak2000> cant acces it why?
<sarnold> are you logging in with jak's credentials? what error message do you get when you try to access the directory?
<sarnold> what owner / group / permissions are on the directory?
<jak2000> Access Denied
<jak2000> wait a moment
<jak2000> http://pastie.org/9867092
<jak2000> i can access to directory ftp2 but cant access to directory ftp
<jak2000> how to fix it?
<sarnold> jak2000: so, uh.. why is that directory setuid and setgid? is there a reason?
<sarnold> jak2000: ... well, assuming you have no idea why those are set the way they are, you probably want to run "chmod 0755 ftp"
<jak2000> ok
<jak2000> changing
<jak2000> done.....
<jak2000> i am on windows, wich program need install for have a command line command? similar to command ftp?
<sarnold> I think I heard putty has some command-line tools
<jak2000> in the webpage
<jak2000> ok, i try look, thanks
<lordievader> Good morning.
<LeGallois> Hi, what is the difference between 12.04.4 and 12.04.5 please
<LeGallois> Got a site that wont run using fastcgi on the 12.04.4 server but will on the 12.04.5 server???
<LeGallois> well it will run but throws up sporadic error 500 pages
<lordievader> LeGallois: Read the release notes.
<lordievader> LeGallois: https://wiki.ubuntu.com/PrecisePangolin/ReleaseNotes
<LeGallois> ty
<LeGallois> https://wiki.ubuntu.com/PrecisePangolin/ReleaseNotes/ChangeSummary/12.04.5  :) yet to be done by the looks
<pmatulis> morning
<lordievader> Hey pmatulis, how are you?
<rbasak> LeGallois: the default kernel is different I think. Apart from that, a dist-upgrade from 12.04.4 will take you up to 12.04.5.
<rbasak> (and the x.org stack but not relevant for server)
<pmatulis> lordievader: good thanks, how are you doing?
<lordievader> Doing good here, preparing for FOSDEM :D
<bananamanjoe>  could someone help me with a simple problem? i want to set a static ip on my ubuntu server thatÂ´s running on vmware. but i get this: http://puu.sh/f8NMx/6d77cc186c.png my config looks like this: http://puu.sh/f8NK1/a635b91f47.png
<RoyK> bananamanjoe: 255, not 225
<bananamanjoe> oh youÂ´re right, that was a stupid mistake. Thanks RoyK!
<LeGallois> rbasak thanks
<grendal_prime> this is sort of a werid off topic question (maybe) but Im looking to upgrade some server memory on my kvm servers.  These are dell 1650's 1 is a generic ibm built version of this model. I cant find any info about 4 gig ddr2 modules.
<grendal_prime> technically it should work so long as i have matching pairs right?
<RoyK> grendal_prime: yep
<RoyK> grendal_prime: 1650 is rather old, right?
 * RoyK thinks we're throwing out such machines these days
<grendal_prime> ya, i mean i pick these up for a couple hundred bucks..but i can run 8 windows vms on them..and 16 or so linux.
<grendal_prime> I use them for mini clouds.
<RoyK> ok
<RoyK> openstack?
<grendal_prime> If your throwing those out let me know ill pay shipping on them to dban them for ya and make sure there cleared properly.
<grendal_prime> no..well maybe minicloud is not the proper term.
<grendal_prime> i build like appliances for small companys.
<RoyK> grendal_prime: if so, shipping where?
 * RoyK is in .no
<grendal_prime> they do ..filer, vpn, and virtual hosting all in one box.
<grendal_prime> im in california
<RoyK> ah. probably more expensive to ship it than to get something from ebay :P
<grendal_prime> where you at?
<RoyK> things are rather expensive up here, shipping included, and those machines are rather heavy
<RoyK> norway
<grendal_prime> oh shit..ya that would be.
<RoyK> :)
<RoyK> next out is a small stack of R300s
<grendal_prime> the 1650s are a 1u 4 drive deal
<RoyK> ok
<grendal_prime> but ya i get them off of tiger direct for 200 bucks, then a 3 year warranty for 40 bucks more.
<RoyK> grendal_prime: should work well
<RoyK> grendal_prime: but try openstack on them :)
<grendal_prime> they only have 2X 4 core xenons in them
<RoyK> xeon
<RoyK> well, openstack isn't heavy, it just makes things easier to handle
<RoyK> kvm is the one doing the hard work
<grendal_prime> ya i have been looking into it for a bit. I run ubuntu on them now and then just use virtmanager from netbook or laptop to manage them.
<RoyK> also in openstack
<grendal_prime> every time ive started down the openstack road, i run into some sort of snag.  Usually in setup
<RoyK> :P
<grendal_prime> is there like an openstack "distro" now..like an install that utilizes apt repos?
<RoyK> computer studies at hioa.no, where I work, have a 16 node openstack cluster, each node with 64 cores
<RoyK> grendal_prime: IIRC ubuntu 14.04 has openstack in the grub menu
<RoyK> installer grub menu
<RoyK> http://www.ubuntu.com/cloud
<grendal_prime> Installing Ubuntu OpenStack requires at least seven machines with two disks, two of which have two network interfaces (NICs). Install Ubuntu Server on one of the machines with two interfaces.
<grendal_prime> hmm
<grendal_prime> ya these guys are not going to go for..."you need 7 machines"
<RoyK> I guess that's the easy way
<RoyK> a machine can have more than one role
<grendal_prime> not even the  power companys
<grendal_prime> I dont know..seems like everytime i go down this road i run into something i cant do with openstack.
<grendal_prime> may sound crazy. but like i need the host to run a vpn concentrator. Everything else i can run on a vm i guess, but, just seems like i loose some sort of eliment of control when i try it.  Any canned cloud service seems to be missing just..like one thing everytime.
<devster31> hi, how can I install a desktop environment on a server without changing the default starting runlevel? I don't want it to start automatically, just when I call it
<rbasak> Debian and Ubuntu don't use runlevels to distinguish between text and GUI modes.
<rbasak> Just disable the correct service. lightdm probably.
<rbasak> http://upstart.ubuntu.com/cookbook/#override-files is the method to disable a service with upstart.
<devster31> ok, so I can also try installing manually all packages except lightdm?
<rbasak> I think that's more trouble than it's worth.
<devster31> fair enough, thanks
<rbasak> You start needing to develop a deep understanding of all the package involved, rather than just installing the metapackage.
<rbasak> You may need something that depends on it.
<RoyK> devster31: apt-get install ubuntu-desktop should do if you want graphics
<devster31> I'm trying to do something weirder, I want to use x2go on a remote server with ubuntu-mate, but the ubuntu-mate-desktop metapackage automatically installs lightdm and boots into the login screen instead of console, so I wanted a way to boot the server without the additional gui stuff but still being able to load it when I use x2go
<Walex> devster31: thanks for letting us know :-)
<Walex> devster31: the previous suggestions and terminology are not quite right.
<Walex> devster31: Debian derived systems don't really have "runlevels", just single and multiuser mode.
<Walex> devster31: by default in multiuser mode a "Display Manager" is started, and the display manager then starts an X server and an X client session.
<Walex> devster31: to prevent the activation of the display manager in Debian-like system set '/etc/X11/default-display-manager' to "none".
<Walex> devster31: if you want a display manager to manager display on other hosts, but without starting a local X session, you have to edit the display manager's configuration accordingly.
<devster31> I'm experimenting on a local VM before setting up the server, when you say "if you want a display manager to manage... " does it include ssh x11 forwarding? do I need a display manager to use x2go?
<Walex> devster31: no, it does not include X11 forwarding.
<devster31> ok, so I'm safe setting it to none, I'm never going to use it locally, just over ssh or x2go
<Walex> devster31: when you use SSH or X2Go forwarding the remote display is usually managed already by a display manager.
<Walex> But note that if you run the X2go *server* on the host you connect to, that needs a display manager.
<devster31> it doesn't seem to be in the dependency list, but then again it is in the dependencies of almost every desktop environment
<bananamanjoe> Could someone help me again? I succesfully set up DNS on my ubuntu server, and am able to ping it with my w7 client IF i manually give it the dns address in network properties. How can send the dns information so it finds it on auto?
<RoyK> bananamanjoe: official domain?
<bananamanjoe> I donÂ´t know what that is RoyK, its supposed to look like this http://puu.sh/f9hrR/4561171a32.png. but if i use auto find DNS it doesnt find it at all http://puu.sh/f9hrR/4561171a32.png
<bananamanjoe> oops
<bananamanjoe> http://puu.sh/f9hwf/3a433d4eeb.png*
<patdk-wk> fix your dhcp server settings
<bananamanjoe> whatÂ´s wrong with them?
<patdk-wk> what you posted
<patdk-wk> it's EMPTY
<f00lhardy> I'm setting up crushftp sftp server under ubu serv 14.04. For a linux ftp server, where is the standard place to put folders for ftp users?
<f00lhardy> #crushftp
<devster31> Walex changing /etc/X11/default-display-manager to non seriously breaks everything
<devster31> no login on boot via CLI or GUI
<devster31> no x session
<QcR> Hi
<sergey> What should I install and configure to make my site PHP send emails?
<QcR> sendmail
<QcR> easiest software
<sarnold> postfix or exim
<sergey> I just never did it before. Can you give URL to good tutorial from your point of view?
<sarnold> sergey: give these a shot: https://help.ubuntu.com/14.04/serverguide/email-services.html
<jrwren> sergey: https://help.ubuntu.com/lts/serverguide/email-services.html
<jrwren> sarnold: ^5 !
<sarnold> jrwren: :) ^5
<sergey> thanks
<jrwren> wow. https://packagecloud.io/pricing
<RoyK> http://paste.ubuntu.com/9924008/ <-- anyone that knows what 'depth' means about the NCQ? and the AA after it?
<pmatulis> jrwren, sarnold: re squid & universe, actually squid3 is in main :$
<sarnold> pmatulis: sorry, how did I miss that?
<jrwren> pmatulis: same here. I missed it, and squid is just a virtual package for squid3
<ppetraki> RoyK, depth = # outstanding commands, AA is some sort of flag surrounding FPDMA. Not really sure what the code means
<ppetraki> RoyK, libata-core.c line 2128
<RoyK> ppetraki: thanks
<ppetraki> RoyK, ah, "FPDMA auto activate"
 * RoyK wonders
<RoyK> how does CFQ and NCQ compare or compete?
<sarnold> isnt one sas and the other sata?
<RoyK> CFQ is the one in Linux written for rotating rust
<sarnold> durrrrrrr
<RoyK> TCQ is the one for SAS/SCSI
<sarnold> dont mind me :)
<RoyK> :)
 * RoyK throws a snowball in sarnold's direction
<sarnold> ow
<ppetraki> play nice kids
<RoyK> hehe
<RoyK> *kids* :D
 * sarnold throws a snowball at ppetraki 
 * ppetraki is too old to duck soon enough
<bananamanjoe> Can anyone tell me what iÂ´ve been doing wrong? IÂ´ve been stuck trying to setup a DNS server all day http://puu.sh/faasf/be353e9204.png
<qman__> bananamanjoe: check /var/log/syslog for errors from BIND and pastebin them
<bananamanjoe> qman__ IÂ´m running it on vmware with host-only network and no gui. is there a quickway to get it to pastebin?
<bekks> Install pastebinit and run "pastebinit /var/log/syslog" then
<qman__> bananamanjoe: well, try this then
<qman__> sudo service bind9 restart; tail -f /var/log/syslog
<qman__> you're interested in the first error that bind throws (might be under 'named' as well)
<bananamanjoe> oh thatÂ´s really helpfull, at first glance it seems to be syntax errors, let me fiddle a bit and come back^^
<bananamanjoe> Yes! ItÂ´s working. Thanks for the help qman__. It was indeed some very stupid typo by me
#ubuntu-server 2015-01-29
<hallyn> adam_g: any chance you'd be able to test the fix for bug 1393548 ?
<adam_g> hallyn, as soon as i can, sure
<adam_g> sorry i missed the bugmail
<hallyn> adam_g: cool, thanks
<adam_g> hallyn, verification-done
<lordievader> Good morning.
<hallyn> adam_g: thanks!
<cocoa117> for ubuntu server 14.04, is there a way to allow official CD to get its preseeding file on a server (web or TFTP), so i can customise it
<cocoa117> or in other word, to do unattended CD installation without customise the CD
<designbybeck__> Upstart? is that still around? or did systemd replace that?
<rbasak> We're hoping to switch to systemd this cycle. 14.04 was released in April last year. It uses Upstart.
<designbybeck__> gotcha
<designbybeck__> had a coworker taking a class...and they were using Upstart
<designbybeck__> or learning about it
<rbasak> Might as well. It's in the LTS which will be around for over four years from now.
<designbybeck__> good poing rbasak
<designbybeck__> point
<ifohancroft> Hello guys. I have an HP Workstation I think it is Z600. It has Ubuntu Server 14.04.1 LTS Installed and if I leave it in the office overnight I thought it shuts itself down. Only recently I've found out that is sort of goes to sleep or something. The servers in the other room are also running Ubuntu Server the same version but this doesn't seem to happen to them. I checked the logs in /var/log/
<ifohancroft> and nothing seems unusual. How can I prevent it from going to sleep?
<ifohancroft> What might be causing it to go to sleep?
<RoyK> ifohancroft: check the logs
<RoyK> ifohancroft: AFAIK that shouldn't happen
<RoyK> ifohancroft: unless there's a thermal shutdown or something
<ifohancroft> I guess it could be. It is warmer in the room it is.
<ifohancroft> Are there any logs besides those in /var/log that I should check? I've checked those in /var/log and nothing seems unusual
<RoyK> ifohancroft: do you have mcelog installed?
<ifohancroft> let me check
<ifohancroft> No. Should I install it?
<RoyK> mce is machine check exception
<RoyK> mcelog helps you log that to syslog
<RoyK> which is a jolly good thing
<RoyK> well, syslog or some file
<RoyK> iirc default is to log to a file
<hadifarn_> can I use munin nginx plugin to monitor vhost bandwidth usage? did anyone use it for that matter?
<hadifarn_> should I install it on the same server?
<ifohancroft> So now I just wait and if it happens again I check the mcelog file?
<RoyK> hadifarn_: you can run munin on the same machine, yes
<RoyK> hadifarn_: but I don't remember if the munin plugin for nginx monitors bandwidth use
<hadifarn_> RoyK: apparently it does. not sure how I can use it on my app (which is built with php)
<hadifarn_> I'm not sure munin has an API for that RoyK
<RoyK> if the traffic travels through nginx, it shouldn't be a problem
<RoyK> meaning, unless the php thing opens connections on its own, it should work fine
<rbasak> jamespage: are you planning to merge dovecot?
<jamespage> rbasak, its not on my list
<jamespage> rbasak, oh I see there's been a load of minor delta since
<jamespage> I last merged...
<zoraj> hi all
<zoraj> does ubuntu-vm-builder is still advisable for installing kvm guest ?
<zoraj> still ubuntu server as guess running on ubuntu server
<rbasak> zoraj: we use uvtool now - it uses cloud images so is much quicker. Or look into Vagrant.
<RoyK> zoraj: one VM or 100?
<zoraj> rbasak, ok I'm gonna google it, I have no idea of both
<RoyK> if it's just one, I use virt-manager
<zoraj> RoyK, 3
<RoyK> virt-manager is userfriendly, but not the most efficient if you want to roll out a lot
<zoraj> 3 ubuntu server guest running on top of an ubuntu server host
<RoyK> start off with virt-manager
<RoyK> if it doesn't do what you want, go further
<zoraj> ok , let me look in detail of virt-manager now
<RoyK> zoraj: virt-manager is X-based, so start it from a client
<zoraj> thanks
<zoraj> X-based ! well my ubuntu server is only in terminal mode :/
<RoyK> easiest way is "apt-get install virt-manager" on the server, and then just start it as a normal user in the libvirt-group
<zoraj> and I don't want to install X on it
<RoyK> zoraj: x-forward!
<RoyK> zoraj: no need for xorg - just the libs
<RoyK> zoraj: then just ssh -x my.server.somewhere and start whatever x app you like
<RoyK> ssh -X, that is
<zoraj> RoyK, ok, I have already heard about x forward but I have not yet the opportunity to use it, it's time to see it then
<RoyK> or just enable x11 forward in the client config
<RoyK> zoraj: it just works ;)
<zoraj> what I've done so far before I asked my question is
<zoraj> sudo apt-get install qemu-kvm libvirt-bin ubuntu-vm-builder bridge-utils
<zoraj> and it's just finished
<zoraj> let's install X then virt-manager
<zoraj> my ubuntu.iso in /home/whatever just only wait to be mounted then booted :p
<RoyK> not X
<RoyK> just virt-manager
<RoyK> it'll pull the needed libs
<RoyK> are you using a linux client?
<zoraj> I'm ssh-ing the host server (ubuntu server) from a MS based OS
<RoyK> then install xming and setup putty to use that
<zoraj> am doing right ? I have physical access of the server but the room is too noisy ^^
<RoyK> zoraj: x11 forward with xming and putty is rather simple
<RoyK> and no use for X on a server, as you said
<zoraj> but I install virt-manager first of all right ?
<RoyK> yeah, just install that
<RoyK> and on the local windows machine, install xming
<RoyK> start it
<RoyK> and configure putty to use it
<RoyK> you will probably have to login to the linux box again
<zoraj> ok, that's really helpful, thanks very much
<zoraj> I'm installing it
<RoyK> I'll be back in an hour or so
<zoraj> damn !
<zoraj> :p
<zoraj> you have to go now ?
<zoraj> the installation seems to take a bit while, I don't have a fast connection
<zoraj> I'd really want to see the iso file to boot before you go, but it's up to you
<zoraj> after that I can manage myself like a boss ^^
<zoraj> everything is installed now, how do I use virt-manager from xming
<RoyK> zoraj: ping
<zoraj> RoyK, I'm back too
<zoraj> RoyK, I've finally installed virt-manager and xming, but how do I install/create my guest from my putty session
<zoraj> also, do I have to configure a bridged based network before I install the guest
<zoraj> RoyK, lack of some basic search ^^ my bad, I am now running virt-manager
<RoyK> zoraj: goodie
<zoraj> but my last question is still valid, do I have to configure a bridged setting before I start to create a guest ?
<spicypixel> hey guys I'm trying to install ubuntu server 14.10 but it fails when looking up the package mirror, but if I go to the terminal in the installer I can ping gb.archive.ubuntu.com fine
<RoyK> zoraj: no, you don't need a bridge before setting up a guest, but it'll be tricky to contact that from outside kvm/libvirt's NAT
<spicypixel> dns resolves and such
<RoyK> zoraj: better setup a bridge first
<jpds> spicypixel: Check TTY4.
<spicypixel> just asks me to retry or change mirror, tried a bunch of different countries with no success
<zoraj> RoyK, ok
<RoyK> spicypixel: first of all - why 14.10? it's not LTS
<spicypixel> why not?
<spicypixel> it's not system critical
<jpds> spicypixel: It's only supported for 9 months.
<jpds> spicypixel: Instead of 5 years.
<spicypixel> not really worried given I will update to 15.04 on release
<spicypixel> anyhows regardless of all of that, the setup is failing on network connectivity yet seems to be fine
<jpds> spicypixel: Check TTY4.
<spicypixel> I can't :(
<jpds> That's where the debug messages ater.
<jpds> are*
<spicypixel> two key rollover on the keyboard :<
<spicypixel> and need Fn for F4
<spicypixel> mhmm
<jpds> Alt-arrow key?
<spicypixel> gotcha
<spicypixel> says bad signature
<jpds> Corrupt ISO?
<spicypixel> more accurately, bad signature on /tmp/net-retriever-3389-release
<spicypixel> I'll md5 it
<jpds> Something's corrupted, somewhere.
<spicypixel> md5 matches the mirror, guess I'll change install media
<spicypixel> yeah
<spicypixel> just to rule it out, changing to a new usb stick and trying again
<zoraj> RoyK, I haven't yet configure the bridge setting but when I fire up ifconfig command I got this "virbr0" within my list,
<zoraj> I'm now wondering if the fact I install kvm, it was automatically added
<zoraj> so do I still need to setup a bridge configuration
<zoraj> "brctl show" command gives me as bridge name "virb0" STP = "yes" but it's not enabled and no interface assigned
<RoyK> zoraj: that's the virbridge made to allow kvm to NAT
<RoyK> zoraj: http://paste.debian.net/142924/
<zoraj> RoyK, so do I still need to setting up by modifying /etc/network/interfaces
<RoyK> that's my interfaces file
<RoyK> yes, you do
<RoyK> eth0 or whatever it's called will only be for transport
<RoyK> br0 will be the new nic
<RoyK> make sure you have console access to the thing before restarting it
<RoyK> I've done some bad things with bridges in my time :P
<RoyK> but the config I gave you (used on debian wheezy and ubuntu precise) should work
<RoyK> just fix the addresses
<zoraj> RoyK, ok, let me change it then I will install the guest
<RoyK> give it a reboot after the change
<RoyK> if no console access, well, risky business :)
<zoraj> if my host ip address is 192.168.1.xx, and my guest should be 192.168.1.yy right ?
<RoyK> you set the guest address on the guest
<RoyK> just something not in use
<zoraj> the three guests I'd want to setup, I would like to be accessed within my LAN
<RoyK> on the same subnet
<RoyK> right
<RoyK> it's the same with VMs as with everything else
<RoyK> all addresses must be unique within the subnet
<zoraj> ok, let me change the network config then install it
<zoraj> what is the dns-search ?
<RoyK> just the domain names to search for if you do something like "ping www"
<zoraj> okey
<RoyK> say, you have sadfasdfasdf.com as your domain name, add that to "dns-search" and you won't have to add the domain name for linux to find the host
<zoraj> ok I got it, thx for the explanation
<zoraj> RoyK, are you sure I need to reboot the server to enable the bridge config ?
<RoyK> nah
<RoyK> restarting networking should do it
<zoraj> ok
<zoraj> xD my guest is booting
<zoraj> RoyK, thanks guy (bow)
 * zoraj is bowing
<zoraj> hmm let me see if this guess has Internet connection first
<zoraj> guest*
<RoyK> zoraj: what does ifconfig -a on the host say?
<zoraj> RoyK, http://paste.debian.net/142926/
<RoyK> zoraj: no br0 there
<RoyK> zoraj: did you install bridge-utils?
<zoraj> yes
<RoyK> zoraj: also, pastebin /etc/network/interfaces
<RoyK> zoraj: eth0 shouldn't have an address in bridge setup
<zoraj> RoyK, http://paste.debian.net/142928/
<RoyK> zoraj: see http://paste.debian.net/142924/ again - it lists eth0, but without an address. I don't know if restarting networking will release that. that's why I suggested a reboot
<zoraj> ok I am gonna reboot the server
<zoraj> I see the difference,
<zoraj> the first and second lines on your file are not the same as I did
<RoyK> you need to up eth0 before br0 can connect to it
<RoyK> but eth0 shouldn't have an address
<zoraj> I think it's now good http://paste.debian.net/142929/
<RoyK> looks good
<zoraj> I'm gonna install the first guest
<RoyK> zoraj: which ubuntu version?
<RoyK> on the host
<zoraj> 14.04 LTS
<zoraj> the guest will be the same
<RoyK> should be pretty straight forward, then
<RoyK> without regard to the guest version
<zoraj> RoyK, I really didn't know it's that simple to do X-forward,
<RoyK> it is - that's what's so fun about it ;)
<zoraj> so I guess, if I want to install a Windows Server as a guest, I still use it ?
<RoyK> x  forward is the same
<RoyK> it just displays whatever x application on the other side of the link
<RoyK> then, later, just access it with rdp
<RoyK> the windows vm, that is
<zoraj> hm.. ok
<RoyK> just try it - a win7 vm or something
<zoraj> RoyK, ok, will do it maybe next week, I have to setup three guest for now :)
<RoyK> just make sure if you add new drives, choose virtio, not IDE or something
<RoyK> what sort of machine is the host running on?
<zoraj> it's a Dell PowerEdge 2950,
<RoyK> sort of things we're kicking out these days :P
<RoyK> how much memory?
<zoraj> 4GB for now :)
<RoyK> heh
<RoyK> add another 16
<jrwren> 2950 is ancient isn't it?
<RoyK> it is
<zoraj> I guess so
<RoyK> 5+YO
<jrwren> i was thinking closer to 10yo
<zoraj> not that old :p
<RoyK> jrwren: with three linux VMs on that, I just hope you're not giving them too much memory, or the system will be swapping badly
<RoyK> jrwren: no, not that old
<RoyK> 5-6Y perhaps
<RoyK> nothing wrong with the hardware, though
<zoraj> RoyK, 1GB for each guest, is not that fair ?
<RoyK> just give it enough RAM
<RoyK> zoraj: depends what you want the VM to do
<RoyK> if it's just a tiny webserver, 256MB should do
<RoyK> with 4GB in total, don't give it all away at once
<zoraj> not heavy stuff, web serving, database hosting and git repository
<RoyK> if a guest is given 1GB, it'll use it for caching if not for apps
<RoyK> and for databases, use a separate VM for that, or run the database server on the host
<zoraj> really !
<RoyK> really
<RoyK> create a vm per use
<RoyK> say, you need a mysql server
<RoyK> that doesn't need much
<RoyK> then create a small "mydbserver" and install mysql on it, tune it well, and allow connections from the other VMs that need mysql
<RoyK> it's not a big issue if you can give each VM 4GB each
<RoyK> but that's losing money
<zoraj> ok I see
<RoyK> zoraj: also, setup monitoring. using munin is ok, easy to setup and to manage
<RoyK> so you can see nice graphs of how much memory/cpu/swap/io/etc is really in use
<zoraj> like top command ?
<zoraj> but for network
<RoyK> yeah, but far more precise and with a web interface showing historic graphs
<RoyK> http://malinkb.dyndns.org/munin/
<zoraj> that sounds great
<RoyK> as an example
<zoraj> lot of things to learn today :) ok I will get a look at it later
<RoyK> zoraj: setting up a few VMs with such finite amount of memory will be a bit hard if you don't monitor it well
<RoyK> zoraj: it should be possible, but don't overdo things. Don't give a VM 2GB just because someone says (s)he needs it
<zoraj> I agree, but as I said, it's for internal need, I think it's gonna fit our need, we have a hosting for production use. but I will still look at your monitoring, we need it as lightweight as possible and secure
<RoyK> zoraj: we have some 450 servers at work, most of them virtual - we've done one or two things about monitoring those ;)
<zoraj> that's why I told you that setting up X on the server side would is not an option
<zoraj> 450 !
<RoyK> something like that
<RoyK> perhaps only 400 active
<zoraj> anyway that's huge
<RoyK> most of them are VMs on 11 blade servers
<zoraj> what did you mean by tiny server with 256MB of memory ?  does that mean, only serving static html page ? or can it still handle let's say ~1000 request/minute
<zoraj> I ask that question because, I'm wondering if setting my first guest with 1Gb would be a mistake
<zoraj> in any case, I could still change this setting right
<RoyK> just start with 512
<RoyK> if it has a ton of php, it'll use some memory
<RoyK> apache+php can be a memory hog on high traffic
<RoyK> if you use nginx+php, it's far lighter
<RoyK> for only static, 128MB may do
<RoyK> 200-300MB would definetely be sufficient for static stuf
<RoyK> f
<zoraj> okey
<RoyK> and try not to use apache if you don't need it. nginx is lighter and more efficient if you don't need the more advanced stuff apache has
<zoraj> we still have to have the same setting as our prod server though, and it's apache
<RoyK> what do you run on that prod server?
<RoyK> static pages or some cms?
<zoraj> dynamic pages built on top of a in-house framework, but with heavy workload
<RoyK> php? mysql or postgresql? java? something else?
<zoraj> still LAMP stack
<RoyK> zoraj: if this is meant to be a devsite for them, use the same software
<RoyK> same versions, same everything
<RoyK> and ask for more memory on that box :P
<RoyK> you can probably get it cheap from ebay
<zoraj> I will probably ask the boss to purchase more memory, for now, I have to get it up and running, we'll see
<zoraj> we will gonna do some Jenkins setup within the other guests
<zoraj> it will probably need at least 1Gb of RAM
<zoraj> time to sleep, once again, thanks RoyK, if you were my neighbor, I'd have offered you a beer
<RoyK> zoraj: thanks ;)
<axisys> need help installing latest libc6 .. failing bad .. here is the output http://dpaste.com/1S7J8G9
<TJ-> axisys: "No space left on device"
<TJ-> axisys: if there seem to be enough free blocks, check the free inode count for the /usr/ file-system
<axisys> TJ-: yep, df -i shows /usr is 100%
<axisys> /dev/mapper/volg0-usr       366480 364992    1488  100% /usr
<axisys> TJ-: how do I find out the inode usage under sub dirs?
<axisys> hmm not too many inode use..
<axisys>    1450 ./share/man/man1
<axisys>    2844 ./share/man/man3
<axisys> that were the highest two
<axisys> I guess /usr was built with no too many inodes?
<TJ-> axisys: Probably lots of small files, but on a small file-system the inode count is low
<axisys> TJ-: it is part of volg0
<axisys>   volg0   1   7   0 wz--n-  55.36g  27.89g
<axisys> should i just increase the size?
#ubuntu-server 2015-01-30
<TJ-> axisys: Well, if there are still free blocks (I think I recall seeing the usage was 53%) then it would need just the inode count increasing
<axisys> this says still lot of inodes left.. or am I reading it wrong?
<axisys> yeah 58%
<axisys>  tune2fs -l /dev/mapper/volg0-usr | grep -i inode
<axisys> Inode count:              366480
<axisys> Free inodes:              103803
<TJ-> axisys: Huh? I thought that was the free blocks.
<TJ-> axisys: earlier you wrote: " df -i shows /usr is 100%"
<axisys> ok let me re-report
<axisys> df -i /usr/
<axisys> /dev/mapper/volg0-usr 366480 364992  1488  100% /usr
<axisys> df -h /usr
<axisys> /dev/mapper/volg0-usr  5.5G  3.0G  2.3G  58% /usr
<TJ-> axisys: OK. You'll need to create a new LV with suitable size and inode count (mke2fs -i ...) and copy the existing /usr/ file-system into it, then switch them
<axisys> ok
<TJ-> axisys: It's not possible to dynamically increase the inode count with tune2fs, etc.
<axisys> or I could remove all linux header files from /usr/src?
<axisys> aparently that is hurting others too
<axisys> /dev/mapper/volg0-usr  5.5G  3.0G  2.3G  58% /usr
<axisys> oops
<axisys> http://askubuntu.com/questions/361529/usr-src-is-eating-up-all-inodes
<TJ-> axisys: /usr/src/ is lots of small files
<TJ-> axisys: maybe simply create a LV for /usr/src/ ?
<axisys> I am no 3.2.0-60 .. I could purge all the older linux header files in this dir
<axisys> TJ-: probably better idea.
<TJ-> axisys: It keeps things simpler, and allows you more fine-grained control without disruption
<axisys> right
<axisys> what is the best way move /usr/src from /usr partition to /usr/src partition on live system? I already rsync -av /usr/src/ /mnt/. now ready to umount /mnt and mount the /dev/mapper/volg0-usrsrc /usr/src
<axisys> should i just move /usr/src to /usr/oldsrc and then create /usr/src and mount it?
<axisys> or there is a better way?
<axisys> fuser /usr/src shows nothing using /usr/src right now
<axisys> done
<morenoh149> I"m pinging my desktop from my laptop through the lan. what command do I use on the server to see incoming pings?
<lordievader> Good morning.
<lordievader> morenoh149: tcpdump?
<spicypixel> is ubuntu server meant to show a terminal on HDMI on first boot? I had to install openssh to access the box since I couldn't see anything on screen
<RoyK> spicypixel: should work
<morenoh149> lordievader: yes tcpdump did the trick :)
<lordievader> morenoh149: Of course, tcpdump is awesome :D
<morenoh149> anyone here manage a home server with ubuntu?
<morenoh149> you just use ssh for that right?
<lordievader> morenoh149: I run a home server. And ssh is not the only thing that manages it. Most is automated through Puppet.
<lordievader> And various other scripts.
<morenoh149> lordievader: I was eyeing ansible for that
<morenoh149> I want to expose a postgres and mongo db for my webapps from my home server. Good/bad idea?
<lordievader> morenoh149: As long as only your webserver has access and not the ~world.
<morenoh149> lordievader: ah so you're suggesting running a webapp and api on my server? because things like heroku postgres and mongolab expose the db to the world
<lordievader> That is one interpretation. Anyhow there usually is no need to expose a SQL sever to the ~world.
<Sling> im getting really fed up with the ubuntu installer when trying to do a mdadm raid 1 while installing
<Sling> is there a way to properly do this?
<Sling> partitioning is a hell, it creates random 1MB free space partitions before my own created partition, causing me later on to not being able to install grub
<Sling> im sure this is related to legacy vs uefi but its not even telling me about this
<BukoLay> please help me to irc special setup?
<LeMike> hello. I need some help with a RAID. the `cat /proc/mdstat` says nothing so I tried `lspci | grep -i raid` and found a controller. but how do I determine which kind of RAID it is?
<Sling> LeMike: mdstat is for software raid
<Sling> LeMike: which controller did you find?
<henkjan> LeMike: what is the output of the lspci command?
<Sling> each controller has its own binary interface
<Sling> usually with vendor tools to communicate with it
<Sling> also - does anybody know what selecting 'expert mode' in the ubuntu installer actually does, does it add a grub parameter to the booting of the installer?
<henkjan> http://hwraid.le-vert.net/ has lots of info
<henkjan> and .debs for most of the vendor provided tools
<LeMike> it is "ATI Technologies Inc SB700/SB800 SATA Controller [Non-RAID5 mode]" . I find it in `lshw` but dunno where to read the raid
<LeMike> if it is raid 5, then the 4 time 500 GB drives should end up in 1,5 GB but they actually make 2 GB.
<LeMike> forget it. sorry. it is linear NRAID. I should get some coffee ...
<devster31> Hi, I'd like some information updating nginx, I originally installed it from the ubuntu packages, but it's 1.4.6 and it's quite an old version, now I'd like to update it without losing my configuration, installing the 1.6.2 stable from the ppa, how can I do that?
<patdk-wk> !ppa
<ubottu> A Personal Package Archive (PPA) can provide alternate software not normally available in the offical Ubuntu repositories - Looking for a PPA? See https://launchpad.net/ubuntu/+ppas - WARNING: PPAs are unsupported third-party packages, and you use them at your own risk. See also !addppa and !ppa-purge
<patdk-wk> it's that simple
<patdk-wk> your success depends on the *quality* of the person making the ppa though
<hackeron> hey, anyone know a way to get a list of all listening ips? - e.g. like ifconfig shows but just the ips?
<patdk-wk> ip addr show
<hackeron> patdk-wk: thanks, but that shows everything in a very difficult to parse format - how would I get say just the interface and ip?
<patdk-wk> how is it difficult?
<patdk-wk> ip addr show | awk '/inet / { print $2; }'
<hackeron> patdk-wk: oh, actually, it isn't - much easier than ifconfig :D - thank you!
<lordievader> hackeron: ip link?
<patdk-wk> ip addr show | awk '/inet6? / { print $2; }'
<lordievader> Oh wait, that doesn't show ip.
<patdk-wk> ya, ip's aren't links :)
<hackeron> this does what I want :D <  ip addr show | awk '/inet / { print $NF" "$2 }'
<hackeron> thank you!!
<gtrmtx> hey guys. so im working inside my apache2.conf file and i have several password protected directories...i have it working requiring user A but i want to add a master pw that works in all sections...how do i iterate require user A or user B?
<jpds_> gtrmtx: You're using auth basic?
<gtrmtx> yeah
<jpds_> gtrmtx: Just add another user to htpasswd.
<gtrmtx> i have all the usernames set up already
<gtrmtx> directory A needs user A pw to get in. a user of directory B doesnt need to be able to get into directory A.
<gtrmtx> im trying to add a master pw for all directories so i dont have to constantly be typing in different pw's
<gtrmtx> and i have a username/pw already set up for that purpose
<gtrmtx> jpds_: http://hastebin.com/zurajesapo.apache
<jpds_> gtrmtx: (On a side-note: why are you putting that in apache2.conf directly?)
<gtrmtx> i was having issues getting .htaccess files working
<gtrmtx> this at least works
<gtrmtx> and if its not broke dont fix it know what i mean?
<jpds_> gtrmtx: It's not really where that config is suppose to go, it's suppose to go with the site configuration.
<gtrmtx> which is where by default?
<jpds_>  /etc/apache2/sites-available and -enabled
<spicypixel> to enable dvb usb sticks on ubuntu server do I need to install any packages?
<jpds_> dvb?
<spicypixel> tv tuner
<spicypixel> works fine on regular ubuntu so wondering what's missing on ubuntu server by default
<spicypixel> but the stick has had drivers in the kernel since 3.0
<spicypixel> Bus 003 Device 006: ID 2013:024f PCTV Systems nanoStick T2 290e < lsusb output
<jpds_> spicypixel: Do you have the linux-image-extra packages installed?
<jpds_> spicypixel: dpkg -l | grep linux-image-extra
<spicypixel> ii  linux-image-extra-3.16.0-29-generic   3.16.0-29.39                             amd64        Linux kernel extra modules for version 3.16.0 on 64 bit x86 SMP
<jpds_> What do you do to make it work on regular ubuntu?
<spicypixel> absolutely nothing, plug it in and it's working
<spicypixel> weird
<spicypixel> tried hotplugging the usb stick to see if it helped, didn't
<jpds_> And dmesg sees it?
<spicypixel> mhmmm
<spicypixel> interesting
<rbasak> spicypixel: you might need linux-firmware installed if you don't have it already. Depends on the exact hardware.
<spicypixel> http://paste.debian.net/plain/143106
<spicypixel> not encouraging
<spicypixel> brb changing usb hub it's plugged into
<spicypixel> same errors even on the usb3 host ports
<spicypixel> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1313279/comments/6 seems related
<RoyK> spicypixel: does it work without the usb hub?
<spicypixel> nope
<spicypixel> tried native ports, powered hub, usb2 and 3
<spicypixel> pretty interesting though, was running fine on the 3.13.x branch with linux mint as the host OS, switched over to ubuntu server 14.10 for tvheadend headless operation and run into this with 3.16.x
<spicypixel> does seem to be related to xHCI though
<spicypixel> same dmesg error in any ports
<spicypixel> just to rule it put, plugged it into my win8 laptop and the stick loads fine and displays a tv picture
<spicypixel> jpds_: dist-upgrade and pulling the latest kernel and rebooting seems to have fixed it
#ubuntu-server 2015-01-31
<delinquentme> hey all. I'm designing some analytical chemistry instruments on a linux system and I'm trying to sort out the best way to handle persisting / storage of 50 milisecond events -- each event is a really tiny numpy float16
<delinquentme> a friend suggested syslog ... but  I cant help but think that buffering in memory ( not sure if syslog does this ) and then writing to a file
<delinquentme> would be a better solution
<Thorn> hello
<Thorn> I've got a new 14.04 server where SSL doesn't work at all (server vert verification fails). can't git clone from github, pip install doesn't work, etc.
<Thorn> update-ca-certificates --fresh didn't help
<Thorn> any idea how it can be fixed?
<spicypixel> Thorn: is it because openssl hasn't been updated?
<Thorn> I ran aptitude update; aptitude upgrade, it didn't update openssl
<Thorn> (this is a dedicated server from leaseweb so I didn't install ubuntu myself. apparently it was updated from a previous version, and there were other weird things that I fixed. maybe I should reinstall the OS using ILO)
<devster31> hi, can I avoid restarting the server after updating openssl package? this command cat /var/run/reboot-required.pkgs tells me it's the only package that's requesting a reboot but I'd avoid that if possible
<devster31> the package is libssl1.0.0
<Meerkat> restart apache. and anything else using openssl.
<devster31> and the warning goes away?
<devster31> I have nginx, i suppose it's the same
<ikonia> devster31: if you want server security - restart the server
<ikonia> devster31: if you don't take it seriously, try to work around it
<ikonia> so many things are linked against ssl - even if they are not using them
<devster31> I don't take it very seriously, I run a very small server for 2 or 3 people without any kind of sensitive data, I'm making myself more comfortable with the admin tasks
<OliPicard> Greetings everyone, I'm having problems with my Nginx instance. I have setup the correct SSL information however if the config is setup to listen to port 443 nginx refuses to bind to the port. Nothing else is binding to the same port and ive tried killing all nginx proceses to no avail.
<TJ-> OliPicard: what error message do you get? to bind to a privileged port (port number < 1024) the process needs netadmin capabilities, or run as root
<OliPicard> one second, i'll paste the error
<OliPicard> https://www.digitalocean.com/community/questions/nginx-is-unable-to-bind-to-443
<RoyK> TJ-: nginx does that by default :P
<OliPicard> id be happy to provide my nginx config as well.
<OliPicard> https://gist.github.com/anonymous/cda414038cb8de41b86f <thats my config at the moment
<TJ-> RoyK: Indeed... but if it is being launched under a non-privileged user ID, it won't be able to
<RoyK> TJ-: well, if it can bind to port 80, it certainly can bind to port 443
<OliPicard> the master process is being run by root.
<TJ-> OliPicard: What does it report in the log ?
<OliPicard> root has full access perms
<OliPicard> nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
<OliPicard> yet when i run a netstat it only shows nginx as running.
<OliPicard> tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      3494/nginx
<TJ-> OliPicard: The way I read the docs, if you want to bind for IPv4 and IPv6, you just need a single "listen [::]:443" without "ipv6only=on" and no separate "listen 443 ssl" for IPv4
<OliPicard> TJ-: tried it but still wont bind
<OliPicard> im thinking of just using http, too much fuss for https.
<TJ-> OliPicard: Any other nginx config files being read that might be conflicting? It sounds to me that it has already bound to the port. With the single "listen [::]:443" do you get the same error report?
<OliPicard> Yup
<OliPicard> and it's only 1 nginx instance running according to netstat.
<OliPicard> which is the IPV6 version we just added.
<TJ-> OliPicard: then I'm going to point at there being multiple configs being read
<OliPicard> the default config has been deleted
<OliPicard> the only config running is the current one i've been using.
<TJ-> OliPicard: comment out that "listen" line so there are none you know of, and then try starting it, see what happens, whether something is bound to 443 in that case
<OliPicard> TJ-: Nothing else running 443 after uncommenting that config.
<OliPicard> when i comment it back and restart the only instance is the correct 443 one however nginx is saying it wont bind.
<OliPicard> even thought i can see in inside ubuntu that it's binding.
<OliPicard> decided to rebuild the instance on a different host to see if it improves.
<TJ-> OliPicard: is it possible 2 instances of nginx are being started and the 2nd therefore fails? Any clues as to which PIDs generate the warning message?
<teward> TJ-: was going to say he only needs a `Listen 443` and it should autobind to everything, but I see a bigger problem in his config
<teward> TJ-: https://gist.github.com/anonymous/cda414038cb8de41b86f#file-gistfile1-txt-L9  Line 9 is ***BAD***
<teward> (POODLE)
<teward> and i'm wrong, that'd be v4 only.  he needs at least the two listens, the one with ipv6only would bind to v6
<teward> but the bigger issue I see is POODLE
<TJ-> teward: According to the docs, a single "listen" can bind to both IPv4 and IPv6 of the form "listen [::]:443""
<teward> TJ-: which docs?  If you say the nginx wiki i'mma smack you that's old
<teward> (not really, but i'm going to reiterate that wiki hasn't been updated in eons)
<teward> if ipv6only=off is specified, then probably
<teward> but it's default-on apparently
<teward> http://nginx.org/en/docs/http/ngx_http_core_module.html#listen
<teward> TJ-: whether that's the case or not, he's got a POODLE exploit path with that config there with SSLv3
<teward> so he needs to update that if he shows up again
<OliPicard> Ive just tested my node.js https stack on a new host. The nginx problem still persists across platforms.
<teward> OliPicard: you have a bigger problem first
<teward> OliPicard: your setup and config open you up to POODLE - the vulnerability that effectively killed SSLv3
<teward> OliPicard: paste *all* your configs for the site, you can sanitize auth and IP addresses, but put something in place as placeholders.  I mean all the configs.
<teward> nginx.conf
<teward> site config
<teward> default.conf
<OliPicard> Roger that, I'm all years.
<teward> everything listed in /etc/nginx/sites-enabled
<OliPicard> ops ears*
<teward> OliPicard: and while we're at it, change line 9 in your site configs to this: `ssl_protocols TLSv1 TLSv1.1 TLSv1.2;`
<teward> remove the backticks in your conf too
<teward> I apologize if i'm sounding bossy, but debugging nginx loadtime problems?  Configs all help :)
 * teward yawns
<OliPicard> no it's aboslutely fine :)
<OliPicard> https://gist.github.com/anonymous/9523914622e2a574b3db
<teward> staring at code all day didn't help either :)
<teward> OliPicard: that's your site configuration - i also need the other site(s) in /etc/nginx/sites-enabled (if any exist), and your nginx.conf
<teward> because i think you have a conflict in the one instance with something else listening
<teward> also this will only listen on v4 with `listen 443 ssl` or similar
<OliPicard> under sites-enabled theres a default vhost (the default nginx config)
<OliPicard> posting the nginx.conf shoftly :)
<teward> OliPicard: remove that if you don't need it
<teward> BTW, lets strive to use indentation for ease of reading - https://gist.github.com/teward/09313a3c16f29ea1cf4a
<OliPicard> teward: https://gist.github.com/anonymous/d6fa7025fc9ffa9a1688 < thats the conf
<teward> OliPicard: remove the default config from sites-enabled (it's just a symlink, the original default config is in sites-available).  i assume your config is in sites-available and symlinked into sites-enabled?
<OliPicard> teward: yup have gone ahead and done that. Yes the config is symlinked
<teward> OliPicard: okay, `sudo service nginx stop; sudo service nginx configtest`
<teward> see whether there's any errors triggered
<teward> (the reason i want you to stop is so it can forget the default config)
<OliPicard> Have gone ahead and run both commands checking the logs now
<teward> it'd output any config errors
<teward> said "Config test passed" or "Failed" or something
<OliPicard> hmm binding is still failing
<teward> worst case test: sudo nginx -t
<OliPicard> config test passed
<teward> OliPicard: sudo netstat -tulpn | grep 443
<teward> pastebin the output
<teward> (if its one line you can probably paste it here, if its more than one... well, pastebin)
<OliPicard> roger that doing that now :)
<teward> OliPicard: was the binding error on 80 or 443?
<OliPicard> https://gist.github.com/anonymous/5478aac9e10223936988
<OliPicard> port 443
<OliPicard> teward: sorry port 443 and the paste has been included above.
<teward> OliPicard: okay, it looks like nginx is running somewhere else as well... hmm...
<teward> OliPicard: did you stop the nginx service?
<OliPicard> i did indeed :)
<teward> OliPicard: okay then you have a rogue nginx process
<teward> OliPicard: killall -15 nginx
<OliPicard> i did a ps aux | grep nginx
<teward> OliPicard: it might be stale - still run the nuke to kill the processes
<OliPicard> ok then use the service again to boot up?
<teward> yes
<teward> see if that solves the binding problem
<OliPicard> teward: unfortunately it hasn't the strange part was that the default nginx page displayed for 5 seconds, upon refreshing the server had terminated the connect.
<OliPicard> *connection
<TJ-> :q
<teward> OliPicard: I'm not sure what you just said?  Are you saying that it was the default page and not your app instead of what you expected?
<teward> blah gotta run to take the girlfriend on the date i promised >.<
<OliPicard> teward: the default nginx html page, refreshed and the server error still persists unfortunately
<teward> OliPicard: okay, i have to run, but if you don't get a resolution here, try in #nginx here on IRC, that's the main nginx support
<OliPicard> Thanks Teward!
<teward> gotta take the girlfriend out :)
<TJ-> OliPicard: if it is any consolation I can reproduce your issue here
<OliPicard> TJ-: Phew glad i'm not the only one!
<TJ-> Makes it easier to diaagnose, for sure
<OliPicard> Yup, im wondering if it's a dependcy
<TJ-> $ sudo netstat -tnlp | grep 443
<TJ-> tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      15282/nginx
<TJ-> tcp6       0      0 :::443                  :::*                    LISTEN      15282/nginx
 * TJ- laughs ... I think I know what you've *not* done!
<TJ-> OliPicard: The config file you're editing - what is the exact path to it?
<OliPicard> TJ-: the path is /etc/nginx/sites-available/host
<OliPicard> did an ls no other files in the same area
<TJ-> OliPicard: That's it bingo!
<TJ-> OliPicard: Did you forget to create the *symlink* to it in "/etc/nginx/sites-enabled/" ?
<OliPicard> TJ-; Did create a syslink at that location :)
<TJ-> OliPicard: I got your exact issue with no symlink... soon as it was created, nginx started correctly
<OliPicard> sudo ln -s /etc/nginx/sites-available/hostconf /etc/nginx/sites-enabled/
<OliPicard> thats what i used :)
<OliPicard> TJ-: Not sure if that was the same as the link you did?
<TJ-> OliPicard: Weird. I deleted the link again, and now the failure doesn't occur
<OliPicard> how did you delete the link?
<OliPicard> i'll try again to create a link and see if that works
<OliPicard> TJ-: Nope sadly the link didn't work for me
<TJ-> OliPicard: Now, without the link nginx starts but doesn't bind to any sockets. With the link it starts and listens correctly.
<TJ-> OliPicard: This is the config file: http://paste.ubuntu.com/9984494/
<OliPicard> 1 sec ill grab my current config :)
<TJ-> OliPicard: Have you checked the SSL key and certs are reachable by nginx process?
<OliPicard> TJ-: How do i check that?
<OliPicard> TJ-: current config - http://paste.ubuntu.com/9984542/
<TJ-> It probably won't cause that error - I tested it here, it gives a different specific missing file warning
<TJ-> OliPicard: Has nginx ever started since installation?
<OliPicard> TJ-: Yup it has just for some reason it struggles to bind on port 443. if i set it to port 80 its fine.
<TJ-> I'm wondering if it might be caused by a default installation config issue, such as something not created/written under /var/lib/nginx/ for example. I'm purging and reinstalling it here, to test that, since I know I was able to reproduce the issue
<spicypixel> so, bit weird, using winbind and 2012 AD, I've got to the point where I can log into any user on the AD list, and it shows the groups it's in, but brings up "groups: cannot find name for group ID 5001" on login, and groups confirms it's in the right group + 5001 which has no name, has no local entry not AD entry I can see
<OliPicard> TJ-: Ok, i shall await to see if you can recreate the bug :)
<TJ-> OliPicard: Grrr, no, I can't
<OliPicard> TJ-: did you use a pass phrase on the certificate?
<TJ-> OliPicard: No
<TJ-> OliPicard: Hmmm, that's a good point! Did you?
<OliPicard> I did!
<OliPicard> let me see if that's the problem
<TJ-> OliPicard: It isn't - I added a passphrase to my private key and tested it. It prompts for the passphrase, and gives "[emerg] 17145#0: SSL_CTX_use_PrivateKey_file("/etc/ssl/private/iam.tj.key") failed (SSL: error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt error:0906A065:PEM routines:PEM_do_header:bad decrypt error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib)"
<OliPicard> hmm mine never prompts me for a passphrase
<TJ-> OliPicard: Then it doesn't have one :)
<OliPicard> TJ-; But during the CSR request i input a unique certificate passphrase.
<TJ-> OliPicard: Use openssl to check it
<TJ-> OliPicard: "openssl rsa -noout -text -in /srv/ssl/domain.io.key"
<OliPicard> TJ-: Nope still not working. did decrypt the passphrase.
<TJ-> OliPicard: Let's go back to basics. Ensure no nginx processes are running (use ps to confirm) then start it under strace: "strace -o /tmp/nginx.log -f nginx -c /etc/nginx/nginx.conf" then "pastebinit /tmp/nginx.log"
<OliPicard> TJ-: https://gist.github.com/anonymous/25350d2b06007aaa01ee
<TJ-> OliPicard: line 487 shows it worked
<OliPicard> Yup yet if i type sudo nginx the log shows it's not binding
<OliPicard> i know it's binding from what i can see, just nginx doesn't think it is.
<TJ-> OliPicard: how do you mean "if i type sudo nginx" ?
<TJ-> OliPicard: If the service/process is already started that command would be expected to report the socket is already in use
<OliPicard> TJ-: I'm seeing the msgs coming up also in my nginx logs.
<OliPicard> sudo nginx nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use) nginx: [emerg] still could not bind()
<TJ-> OliPicard: If it is already running that's what you'd expect. The strace log you showed, proves it is bound and listening correctly
<TJ-> exit
<OliPicard> TJ-: I'm seeing the same msg showing on /var/log/nginx/error.log
<TJ-> OliPicard: But you'd expect to! the process is running until you kill it
<OliPicard> I have!
<OliPicard> Using the killall command serval times
<TJ-> OliPicard: When you run "nginx" it forks into the background. If you use "service nginx start" then you can "service nginx stop" to stop it, otherwise you have to "killall nginx"
<OliPicard> every time i boot up it gives the same error message about being unable to bind.
<TJ-> OliPicard: You mean when the init system starts nginx automatically?
<OliPicard> i'll try another start
<OliPicard> Yes TJ-:
<TJ-> OliPicard: Is the network 'up' at that point?
<OliPicard> I believe it is
<OliPicard> I'm running the box off of a linode.
<TJ-> OliPicard: OK, I'd expect it to be active then
<TJ-> The thing is we've just proved, with strace, that it does start correctly, so there's something else going on
<OliPicard> i also tried using a KVM based server to just to rule out it being an Xen issue.
<TJ-> OliPicard: Is apache also installed/starting on that host?
<OliPicard> i had to the exact same problems on the KVM box as i did on the Xen box
<OliPicard> Nope i checked :)
<OliPicard> if i try to visit the site it's still down
<TJ-> it's got to be something you are (not) doing :)
<TJ-> OliPicard: OK, let's separate the site-down from whether the process is listening - DNS misconfiguration could cause site-down issues
<OliPicard> ok
<TJ-> OliPicard: Silly question, but, the "already in use" messages in the log file - they *are* repeating, with new current timestamps?
<OliPicard> TJ-: Not that i can see, the last timestamped bind error was 23:24pm
<TJ-> OliPicard: If in a 2nd ssh shell you run "sudo tail -f /var/log/nginx/error.log", and then on the 1st ssh shell so "sudo service nginx restart" ... does the log tail show those errors
<OliPicard> ill check 1 second :)
<TJ-> OliPicard: OK! So, those are *old* reports and do not represent what is happening *now*. My point being, it has likely been working correctly for a while now but your testing - via trying to access the site - may fail due to other reasons
<OliPicard> TJ-: Ok, so normally you would see a gateway error at the least?
<TJ-> OliPicard: That depends on a lot of variables! No.1 is to ensure after the process has started, it continues to run, and is listening on the port. USe "sudo netstat -tnlp | grep 443" for that
<TJ-> OliPicard: If that shows it is listening... then proceed to figure out why a user agent can't access it. Likely to do with the proxy config, or firewall, or routing, or any number of other things
<OliPicard> The firewall is open to all on port 443
<OliPicard> The DNS has an A record pointing to the server.
<TJ-> OliPicard: OK, but the config is to proxy to localhost:9001
<TJ-> OliPicard: the error could be coming from that
<TJ-> OliPicard: Sorry, port 9000 now I see. It was 9001 earlier though, could that be an issue?
<TJ-> OliPicard: Is it proxying for a Tomcat instance, or similar?
<OliPicard> nope just a single nginx server running :)
<OliPicard> its preoxying node .js
<OliPicard> brb gotta reconnect
<OliPicard_> Im back sorry about that.
<OliPicard_> Yeah my server app is running but nginx isn't processing the request
<TJ-> OliPicard: test a connection locally using 'openssl s_client'
#ubuntu-server 2015-02-01
<OliPicard_> https://gist.github.com/anonymous/af3c945918c5d3e20d76
<OliPicard_> bad news
<OliPicard_> unable to verify cert
<OliPicard_> verify error:num=27:certificate not trusted
<TJ-> OliPicard: maybe you need to tell s_client to use -CAdir /etc/ssl/certs or whatever the switch is
<TJ-> OliPicard: "-CApath /etc/ssl/certs/"
<OliPicard_> TJ- would you mind posting up how to form the correct syntax?
<OliPicard_> just want to make sure i get it right :)
<OliPicard_> foudn it
<OliPicard_> depth=0 OU = Domain Control Validated, OU = PositiveSSL, CN = editfly.io
<OliPicard_> verify error:num=20:unable to get local issuer certificate
<OliPicard_> the second one says it's not trusted.
<OliPicard_> and the final error is unable to verify first certificate.
<OliPicard_> however i ran a  external tool
<OliPicard_> the ssl cert has been installed correctly
<tony3> Hello all... trying to install Ubuntu Server on a machine with no CD Drive (booting for external HDD)... but after detecting my keyboard layout.. the next step it tries to detect a CD drive and says, "Your installation drive could not be mounted, This probably means the installation mediea was not in the drive"
<tony3> but.. I don't have a Disk drive... any thoughts?
<tony3> exit
<tony_> Hey there.. anyone around
<tony_> ?
<lenios> yes
<tony_> sweet, sorry, I asked a question before and then left... Basically.. I'm trying to install Ubuntu server on a PC
<tony_> using an external HDD
<lenios> what's on your external hdd?
<tony_> I tried to follow these instructions
<tony_> https://help.ubuntu.com/community/Installation/FromUSBStick#Install_and_run_Startup_Disk_Creator_alias_usb-creator
<tony_> I used Startup Disk Creator option
<tony_> and had the Ubuntu-server .iso as the image (14.10), and my external as the 'Disk to use'
<tony_> but when I try to install.. after detecting my keyboard layout.. it tries to 'detect my 'cd rom drive' (the computer doesn't have one) and then fails and says "Your installation drive could not be mounted, This probably means the installation media was no in the drive"
<lenios> there's a known bug on the server media, it cannot find  the media when trying to install packages
<tony_> at which point the only option is to quit the installation
<tony_> hmm
<lenios> you can open a tty (ctrl+alt+f1) and mount manually
<lenios> that's not really user friendly, but that's your best option
<tony_> ok, so we feel pretty confident this is a bug of some sort... is it just based on a small sample of parts etc?  Seems like it must not affect many users
<lenios> it does affect all users trying to install ubuntu server from usb
<tony_> interesting, seems that would be pretty common
<lenios> that's a known bug on launchpad, but i'm too tired to search the bug number, sorry
<tony_> no thats fine
<tony_> now that I know its ubuntu sever related... my searches are getting better and I'm finding others with similar errors
<lenios> http://www.mattkowalczyk.com/blog/?p=169
<77CAAI59I> hello
<77CAAI59I> i have a prob with postfix
<77CAAI59I> temporary lookup failure
<77CAAI59I> here is my main.cf : http://paste.ubuntu.com/9987217/
<teward> 77CAAI59I: 'temporary lookup failure' when?
<teward> what conditions
<teward> what's the actual error you see
<teward> because 'temporary lookup failure' sounds like DNS problems
<77CAAI59I> Feb  1 02:44:30 ns383313 postfix/smtpd[3211]: warning: non-null host address bits in "127.0.0.1/8", perhaps you should use "127.0.0.0/8" instead
<77CAAI59I> Feb  1 02:44:30 ns383313 postfix/smtpd[3211]: NOQUEUE: reject: RCPT from localhost.localdomain[127.0.0.1]: 451 4.3.0 <localhost.localdomain[127.0.0.1]>: Temporary lookup failure; from=<test@test.com> to=<contact@serenia.ovh> proto=ESMTP helo=<serenia.ovh>
<teward> 77CAAI59I: does serenia.ovh resolve?
<teward> does test.com resolve?
<77CAAI59I> i have changed 127.0.0.1 by 127.0.0.0
<77CAAI59I> i have tested telnet and no error
<77CAAI59I> maybe the prob is resolved
<77CAAI59I> http://paste.ubuntu.com/9987756/
<77CAAI59I> i have a sql syntax problem
<77CAAI59I> it's ok
<77CAAI59I> i have resolved my prob
<77CAAI59I> hell
<77CAAI59I> whan i try this command : "a2ensite roundcube"
<77CAAI59I> it say me  : "site roundcube does not exist"
<77CAAI59I> help me please
<PryMar56>  cd /etc/apache2/sites-available/ <-- first
<77CAAI59I> ok
<77CAAI59I> i have created roundcube virtual host
<77CAAI59I> but i don't have .conf with this file
<77CAAI59I> the youtuber that i follow does not say if i have to add this extension .conf
<77CAAI59I> he say me a2ensite roundcube and i have the prob said above
<77CAAI59I> how update .conf for apache
<77CAAI59I> because i changed my .conf but after service apache2 reload, i have the same error
<77CAAI59I> help me
<77CAAI59I> http://paste.ubuntu.com/9988782/
<Patrickdk> well, do what it says
<77CAAI59I> it's good
<77CAAI59I> i have resolved the rpob
<77CAAI59I> prob
<77CAAI59I> roundcube isn't accessible via /home/roundcube/www
<77CAAI59I> how do i do
<77CAAI59I> it's possible to move directory in /var/www without break roundcube ?
<77CAAI59I> do i need to restart all config of roundcube
<77CAAI59I> is there anyone for help me
<teward> 77CAAI59I: as daftykins said in #ubuntu we aren't the Apache support channel
<teward> if you are having unending issues with Apache and permissions, you might want to read up on the Apache documentation and such
<77CAAI59I> mdr
<clayk> hello
<clayk> Quick oddity with useradd I wanted to pass along to see if this is a bug or me misreading the manpage.
<clayk> useradd -D -s /bin/bash or useradd -Ds /bin/bash does not appear to update the shell when running useradd -D after either of the previous command
<tony2> Anyone run into this?
<tony2> http://cirrus.ucsd.edu/~pierce/fix_ubuntu_usb/
<morenoh150> hey anyone on?
<morenoh150> my server crashed over night. When I now try to restart it I only get a blinking cursor. What can I do?
<Walex> morenoh150: your seem to require a psychic advisor :-)
<Walex> morenoh150: guessing wildly you have a hw problem.
<OliPicard> Hello everyone, I have been having problems with my Nginx proxy instance and ubuntu over SSL.
<OliPicard> been doing some troubleshooting and the server just won't bind to port 443.
<OliPicard> i fixed it!
<OliPicard> nginx needed a upstream proxy :)
<TJ-> OliPicard: :)
<bananacow> I just used this command "ethtool -s em2 speed 10 duplex full" which set the 'Advertised link modes' to '10baset/full'. How do I return the ethernet card to advertise all supported modes ?
<RoyK> bananacow: 10Mbps? ;)
<bananacow> ethtool -s em2 advertise 0x03f
<bananacow> I need to identify the port on my switch remotely, so I set it to 10mbps so that on the switch status the only port at 10mbps is the port I'm looking for :)
<RoyK> bananacow: look for the mac address on the switch
<bananacow> Oh. That would be a better solution :P
<RoyK> we use NAV, see https://metanav.uninett.no/, to track mac addresses, and for a lot more
<bananacow> I am reasonably certain that this switch ( HP 2810-48G - J9022A ) can tell me which mac is on which port. I'll look in the manual. Thanks RoyK
<RoyK> it can - beleive me ;)
<RoyK> iirc something like "show mac"
<bananacow> :|
<RoyK> bananacow: NAV doesn't do anything magical - it just monitors switches and whatever with snmp, collecting those data and showing statistics on them, such as "when was port 12 last in use" etc
<bananacow> Ok, so I wasted about 2 hours of my life yesterday. Show mac gives me all the information I want
<bananacow> thanks.
<RoyK> :)
<77CAAI59I> hello
<RoyK> bananacow: those hours weren't wasterd - you've learned to look for other solutions now ;)
<RoyK> s/wasterd/wasted/
<77CAAI59I> i almost success the install of roundcube but i have this message : IMAP connect:  NOT OK
<bananacow> I'm not a network guy, I'm supposed to be a programmer analyst, but the network guy left and I got stuck with servers an stuff because programmer analyst "know IT" :(
<bananacow> 77CAAi59I,anything else in syslog?
<77CAAI59I> i see and share to you
<RoyK> bananacow: then become a network guy - the more you learn, the more you know etc ;)
<bananacow> hey 77CAAI59I, if you want I can log into your roundcube server and fix it for you
 * RoyK would be rather sceptical about letting someone else have root access to his servers
<bananacow> that's a good point
<bananacow> so post your syslog to pastebin.com
<77CAAI59I> for the moment i have to activate again roundcube's installer
<77CAAI59I> To enable it again, set $config['enable_installer'] = true; in RCUBE_CONFIG_DIR/config.inc.php
<bananacow> what is the address to the webpage of your roundcube ?
<77CAAI59I> http://serenia.ovh/roundcube/www/installer/?_step=1
<bananacow> ok
<bananacow> run 'grep default_host [roundcube file path/name here]'
<bananacow> and post the results
<bananacow> if you used roundcube from the repository, you would do 'grep default_host /etc/roundcube/*'
<bananacow> You'll need to run the command from bash on your server 77CAAI59I
<77CAAI59I> i have activate the intaller again
<bananacow> I don't want to see the installer :P
<bananacow> I now want to see the output of the grep command I posted a few lines up
<77CAAI59I> ok but what is "roundcube file path
<77CAAI59I> the roundcube directory ?
<bananacow> How did you install roundcube? Did you download it from the website and extract it or did you install it using apt-get install ?
<77CAAI59I> wget
<bananacow> ok
<bananacow> What is the path to your web root, is it /var/www ?
<77CAAI59I> yes
<bananacow> ok
<77CAAI59I> ah wait
<bananacow> grep default_host /var/www/config/*
<77CAAI59I> var/www/html
<bananacow> grep default_host /var/www/html/config/*
<77CAAI59I> my website and roundcube directory are here
<bananacow> ok, what is roundcube's exact path?
<77CAAI59I> ok wait a moment
<bananacow> ls /var/www/html should help
<77CAAI59I> /var/www/html/roundcube
<77CAAI59I> grep default_host /var/www/html/config/* does not work
<bananacow> grep default_host /var/www/html/roundcube/config/*
<77CAAI59I> its more logic
<77CAAI59I> nothing found
<bananacow> what does ls /var/www/html/roundcube/config/ show ?
<77CAAI59I> impossible to access...
<77CAAI59I> nothing directory or file...bla bla bla
<bananacow> what does ls /var/www/html/ show ?
<77CAAI59I> the content of my website
<77CAAI59I> including roundcube directory
<bananacow> what does 'find / -name config.inc.php' show ( might take a minute to run )?
<77CAAI59I> http://paste.ubuntu.com/9997402/
<bananacow> grep default_host /var/www/html/roundcube/www/config/config.inc.php
<bananacow> what does that return ?
<77CAAI59I> $config['default_host'] = 'localhost';
<bananacow> is your imap server running on the same server ?
<bananacow> what is the address of your imap server ?
<77CAAI59I> same server
<77CAAI59I> 94.23.251.83
<77CAAI59I> or serenia.ovh
<77CAAI59I> it's my domain
<bananacow> ok, what is the output of netstat -antup | grep 143 ?
<bananacow> this one needs to be run as root
<bananacow> sudo netstat -antup | grep 143
<77CAAI59I> i look
<77CAAI59I> http://paste.ubuntu.com/9997499/
<77CAAI59I> i'm in root, no need sudo
<bananacow> ok
<bananacow> and what happens if you run 'nc 127.0.0.1 143' ?
<77CAAI59I> http://paste.ubuntu.com/9997522/
<bananacow> if you try and log into via the web interface with a valid username/password, what happens ?
<77CAAI59I> i try
<77CAAI59I> IMAP connect:  NOT OK
<77CAAI59I> ah i don't understand
<77CAAI59I> what do you mean
<77CAAI59I> log into web interface
<77CAAI59I> i can't
<77CAAI59I> i need to finish to install
<77CAAI59I> if imap isn't finished, i can't use roundcube
<77CAAI59I> thanks for your help but it's very to understand this complexe installation
<77CAAI59I> i stop here
<bananacow> ok
<bananacow> Sorry i couldn't be more helpful :(
<77CAAI59I> i need to be an expert
<77CAAI59I> so i'm just a simple user
<77CAAI59I> i can't
<bananacow> 77CAAI59I, I private messaged you
<bananacow> ok
<bananacow> so it turns out that 77CAAI59I had a syntax error in his courrier-imap config and his roundcube was working perfectly
<MDTech-us_MAN_> I want it to function as a NFS host for Xen. I want it to function as a NFS host for Xen.
<MDTech-us_MAN_> I followed all the steps described here (https://help.ubuntu.com/community/SettingUpNFSHowTo), but Xen doesn't connect to NFS.
<MDTech-us_MAN_> It shows "Scanning for NFS SRs.."for a sec and then says "There was an error trying to mount the NFS share. Check your settings"
<grendal_prime> hey guys.
<grendal_prime> looking more into vnc type apps
<grendal_prime> i cant believe what a pain this has become
<grendal_prime> everything seems to work fine for a bit then ..like letters get lost, fonts are werid. what causes this?
<grendal_prime> doesnt mater what type of server i use..xrdp, vnc, nomachine. Its all the same.
#ubuntu-server 2016-02-01
<tjbiddle> Hi all. Trying to setup NAT. Every guide I come across seems like all directions are being run on the machine that's running NAT; but what do I configure on the client to make sure it points at that machine? Running through: https://help.ubuntu.com/community/Router currently.
<patdk-lap> nothing
<tjbiddle> patdk-lap: What do you mean nothing? How is ClientA, ClientB, ClientC supposed to know that ServerA is it's NAT if I don't specify some sort of configuration?
<teward> downstream you specify the gateway
<teward> if you configure DHCP on the router point that does NAT right, it'll automatically configure downstream clients from the ssytem to know to go through that gateway
<teward> (that's the case for all systems connected to routers, even the local VMs on my computers or my hypervisor)
<teward> and where it doesn't, you configure the gateway on the clients yourself (for static connections and such)
<lordievader> Good morning.
<pitastrudl> hi, im trying to setup smokeping on ubuntu 14.04 vps, im getting a "/etc/init.d/smokeping: 117: /etc/init.d/smokeping: logger: not found
<pitastrudl> " error
<kettlecooked>  Our office server (Ubuntu Server 14.04) with software RAID (2 mirrored disks) will not boot anymore, safe mode says the raid array is degraded. Where do I start to fix this problem? I want to un-degrade it :)
<lordievader> Start with checking the disks I'd say.
<kettlecooked> lordievader, do you have a suggestion on how? Physically they seem OK, and they show up properly in BIOS/boot
<kettlecooked> (I have very little disk managing experience sorry :( )
<kettlecooked> lordievader, did you mean fsck?
<lordievader> Among, things. Yes.
<kettlecooked> will try to do that
<dholbach> hiya
<dholbach> could somebody from the server and cloud teams please take a look at http://reqorts.qa.ubuntu.com/reports/sponsoring/
<dholbach> and help review and resolve some of these requests?
<teward> is there an ubuntu server image already prepared, maybe on the cloud images, for VMware based systems?
<poohbear82> port 8080 is listening and ufw is disabled, yet connection is refused in the browser. what could it be
<poohbear82> anyone?
<poohbear82> port 8080 is listening and ufw is disabled, yet connection is refused in the browser. what could it be?
<teward> poohbear82: is this behind a router, or on an EC2 instance?
<poohbear82> teward, virtual machines
<teward> poohbear82: are they on a NAT'd connection, or connected right to a network, or what/
<teward> if they're NAT'd you need to portforward on wherever that NAT is handled
<teward> (so in VBox, edit the NAT network's port forwarding rules)
<poohbear82> teward, I'm not really sure, doesn't port 8080 go to port 8080 of the vbox if no forwarding is set up by default?
<teward> poohbear82: are you using the NAT VBox item?
<poohbear82> teward, i just looked, it is NAT
<poohbear82> don't know what you mean by item
<teward> "item" means the connection type in the VM
<teward> poohbear82: the way NAT works is like a router
<teward> so depending on where you're trying to get to the VM from depends on the settings in the NAT you have to set up (port forwarding)
<teward> if it's from the host system that's running VBox, then you enter the IP the VM has directly with port 8080; if it's from your local network outside the host system running VBox you have to have NAT port forwarding done in VBox to make sure it port forwards, and have to make sure the host system knows to send inbound traffic to that VM for that port
<poohbear82> teward, sorry, they are connected to internal network
<teward> poohbear82: through a "Bridged Network" or a "NAT" type virtual network interface on the VM itself?
<poohbear82> ok here is the setup: i have 2 clients, and one server. They are running plone. Plone server is running on the server. Client1 is able to connect to server on port 8100. it should also serve on 8080.WHen i try to connect to 8080 in the browser it says connection refused.
<poohbear82> in can ping each box from another
<poohbear82> telnet says connection refused however
<poohbear82> nmap says port 8080 is open
<poohbear82> netstat says it is listening on 8080
<teward> then it sounds like Plone isn't listening on 8080 as well
<poohbear82> it is listening though and ready to accept requests
<smoser> cyphermox, have you looked at bug 1539329
<ubottu> bug 1539329 in tasksel (Ubuntu Xenial) "server install does not have 'standard' task installed" [High,Confirmed] https://launchpad.net/bugs/1539329
<smoser> do you have any more info on that ?
<cyphermox> smoser: I looked a little, but I didn't figure it out yet. I'm busy on other things for now
<cyphermox> in the meantime you can add standard to your preseed
<smoser> well, yes. i'm just very hesitant to do that. as the reason that i care here is that a test is failing because (indirectly) standard is not installed.
<smoser> so , modifying that test case to insist that it *is* installed is kind of explicitly fixing the test case to test true = true
<cyphermox> smoser: fwiw, when I run installs here, I do get standard installed
<cyphermox> or at least, as far as I saw on ppc64el, and I think on amd64 too
<cyphermox> lemme check this install again, I can't remember
<cyphermox> ok, so that was the server iso from 2016-01-11
<cyphermox> smoser: yeah, the ubuntu-standard package is installed
<cyphermox> smoser: could you check if on wily 'tasksel --list-tasks' lists standard? I'm not sure if it should, but it doesn't on xenial. maybe that's relevant
<cyphermox> when I ran d-i though, at the point where I reached the tasksel step it showed me the list of tasks I could install and standard was already selected
<patdk-wk> I only have ubuntu-minimal installed on all my machines
 * patdk-wk did select minimal install though
<LifeLibertyHappi> how do i ping the short name of a host instead of the FQDN.  without manually adding to host file
<teward> !crosspost | LifeLibertyHappi
<ubottu> LifeLibertyHappi: Please don't ask the same question in multiple Ubuntu channels at the same time. Many helpers are in more than one channel and it's not fair to them or the other people seeking support.
<YamakasY> he guys anyone compiled varnish vmods on ubuntu ? my source folder is wrong every time
<sarnold> LifeLibertyHappi: see the 'search' and 'domain' entries in resolv.conf(5)
<LifeLibertyHappi> thanks sarnold
<YamakasY> I did before but I know I had difficulties
<gQuigs> trying to track down a package that's supposed to be in libery-proposed
<teward> 'libery-proposed' - sounds like it's not Ubuntu, gQuigs?
<gQuigs> neutron 2:7.0.1-0ubuntu1~cloud0,  with a fresh instance installing the cloud archive -proposed only get's 2:7.0.0-0ubuntu1~cloud0
<gQuigs> teward: sorry, Ubuntu Cloud Archive Liberty-proposed
<teward> ah :)
<gQuigs> this says it should be there - http://reqorts.qa.ubuntu.com/reports/ubuntu-server/cloud-archive/liberty_versions.html,  but my install and this - http://ubuntu-cloud.archive.canonical.com/ubuntu/dists/trusty-proposed/liberty/main/binary-amd64/Packages says it isn't
<gQuigs> I see the hold up might be https://bugs.launchpad.net/ubuntu/+source/cinder/+bug/1530913
<ubottu> Launchpad bug 1530913 in nova (Ubuntu Wily) "[SRU] liberty point releases" [Undecided,Fix committed]
<gQuigs> still doesn't explain the differing version numbers though
<gQuigs> jamespage:  cinder, glance, neutron, and keystone have all been in wily-proposed since the 8th per bug 1530913..  did tests fail on them?
<ubottu> bug 1530913 in nova (Ubuntu Wily) "[SRU] liberty point releases" [Undecided,Fix committed] https://launchpad.net/bugs/1530913
<alreece45> Anyone have any odd tempermental issues with TCP and ubuntu servers?
<teward> alreece45: that's a fairly vauge question, i have never seen any issues with TCP and any of my Ubuntu servers
<teward> unless there's an issue at the datacenters with the data routing or something
<gQuigs> alreece45: there was a fairly weird bug that just came though with a certain amount of TCP traffic, servers would be unresponsive
<gQuigs> don't rememebr where I read that... but it's fixed now
<alreece45> teward: well... it seems to be a very vague problem. it ignores packets from both of debian workstations... while other systems work fine (UDP/ICMP also work fine)
<alreece45> and there's not that much traffic on the server, and this is the second server it has occured on...
<alreece45> would there be a better place/way to ask about that?
<alreece45> Looks to be some issue with tcp_fastopen being enabled...
<alreece45> or not...
<theslow1_> hey everyone, I'm having some trouble with an upstrart script
<theslow1_> running init-checkconfig, everything is fine, but when trying to start using: service unicorn-app start
<theslow1_> status: Unknown job: unicorn-app
<sarnold> ls -l /etc/init/unicorn-app.conf
<sarnold> theslow1_: I think that can also happen if you're using a GUI environment with upstart-managed session configuration; in which case maybe try initctl --system start unicorn-app
<theslow1_> https://dpaste.de/gg5u
<theslow1_> vandorjw@DEV1:/etc/init$ ls -l /etc/init/unicorn-app.conf
<theslow1_> lrwxrwxrwx 1 root root 63 Feb  1 23:01 /etc/init/unicorn-app.conf -> /app/configuration/app1/appserver/unicorn.conf
<theslow1_> its a headless server
<theslow1_> there is no GUI
<sarnold> how about ls -l on the target?
<theslow1_> vandorjw@DEV1:/app/configuration/app1/appserver$ ls -l
<theslow1_> total 4
<theslow1_> -rwxrwxr-x 1 vandorjw vandorjw 910 Feb  1 23:14 unicorn.conf
<sarnold> theslow1_: okay, two theories, and I'll be honest that I don't like either one very much. (a) maybe the symlink -target- has to be named unicorn-app.conf rather than just unicorn.conf. (b) maybe the file has to owned root:root with 644 or similarly resitrctive permissions.
<theslow1_> I'll try both
<theslow1_> I killed the symlink and copied the file over
<theslow1_> not it tesll me, job failed to start
<theslow1_> at least I can debug now
#ubuntu-server 2016-02-02
<freezer_> hi
<freezer_> https://bugs.launchpad.net/ubuntu/+source/mdadm/+bug/1320402 is this bug still being worked on?
<ubottu> Launchpad bug 1320402 in mdadm (Ubuntu) " mdadm resyncs imsm raid in "Normal" state" [Undecided,Confirmed]
<freezer_> had a resync after, and it looks like already during installation of Ubuntu 15.10 Server with RAID1 Softraid
<freezer_> installation was being very slow
<freezer_> first boot also, then checked mdstat and dmesg, showing it was marked unclean
<freezer_> and resync in progress
<freezer_> r8169 seems to prevent C6
<freezer_> package state
<cyphermox> utlemming: around?
<lordievader> Good morning.
<coreycb> arges, when you get a chance can you promote packages for bug 1318721 and bug 1530913?
<ubottu> bug 1318721 in Ubuntu Cloud Archive juno "RPC timeout in all neutron agents" [High,In progress] https://launchpad.net/bugs/1318721
<ubottu> bug 1530913 in nova (Ubuntu Wily) "[SRU] liberty point releases" [Undecided,Fix committed] https://launchpad.net/bugs/1530913
<rharper> rbasak: I've updated Bug 1539634 with SRU text and a new debdiff which added DEP3 headers to the patches.  I've also tested out upgrading NM first to the new version in the debdiff, then upgrading libnl (proposed) and that path allows updating libnl without breaking networking
<ubottu> bug 1539634 in network-manager (Ubuntu Trusty) "network-manager crashes when using libnl-3-200-3.21.1-1ubuntu1" [Undecided,Triaged] https://launchpad.net/bugs/1539634
<yossarianuk> hi - I have a few internal (non PROD) servers that have unattended upgrades enabled, it works fine except that boot gets full due to kernel updates
<yossarianuk> its there a sensible way of removing older kernels and ensuring the present + newest kernels are NEVER removed ?
<yossarianuk> and automating old kernel removals.
<robb_nl> here is an explanation to remove _all_ old kernels... with some tampering you should be able to leave 2 kernels....
<robb_nl> http://markmcb.com/2013/02/04/cleanup-unused-linux-kernels-in-ubuntu/
<henkjan> purgekernels is good to cleanup old kernels http://apt.ring.nlnog.net/deb/pool/main/p/purgekernels/
<henkjan> hooks in apt to do cleanup at every apt-get dist-upgrade
<yossarianuk> robb_nl: henkjan: cheers
<yossarianuk> my fear was that you had installed a new kernel, not rebooted - ran a script which deleted the present kernel..
<henkjan> the purgekernel packages detects your running kernel and won't remove that one
<pesari> yossarianuk: which ubuntu version? kernels are marked as auto-removable (which unattended-upgrades can be configured to do) after ubuntu 13.xx I think
<punkoivan> Hi.
<punkoivan> I have some trouble with ubuntu 14.04.3
<punkoivan> I trying to install this one with preseed file. So, for this be done I need to edit preseed file and txt.cfg in isolinux dir.
<punkoivan> When I try to create usb-boot via unetbootin or UsbDiskCreator i can't boot from this flash (syslinux boot error)
<punkoivan> when I use dd - it's ok bootable, but flash mounting only readonly, so I can't edit any file on it.
<yossarianuk> pesari: its 14.04
<yossarianuk> it doesn't seem to mark them removable (they show as 'ii' in dpkg -l )
<pesari> what does apt-get autoremove say?
<punkoivan> Can anyone help?
<Jeeves_Moss> what would cause APT not to pull new pacages from a new repo, even after an update?
<OerHeks> Jeeves_Moss, what new repo? a ppa?
<rww> run apt-cache policy packagename for some packagename in the new repository that's an upgrade from the current repository set
<rww> then put in pastebin
<Jeeves_Moss> OerHeks, I'm trying to install Elasticsearch2.x  -  https://www.elastic.co/guide/en/elasticsearch/reference/current/setup-repositories.html
<Jeeves_Moss> rww,  run apt-cache policy
<Jeeves_Moss> rww, N: unable to locate package elasticsearch
<jrwren> Jeeves_Moss: did you run apt-get update?
<sarnold> gah I hate archives hosted on s3, they break directory listings :(
<jrwren> Jeeves_Moss: see also: http://jrwren.wrenfam.com/blog/2014/09/29/elasticsearch-on-ubuntu/
<Jeeves_Moss> jrwren, yes, I ran the update.
<NetCode> hey there
<NetCode> could anyone help me with an issue i have with ubuntu 14.04? iâve setup a user to SSh in with a key but their PW is still allowing them inâ¦ any help out there please?
<Pici> NetCode: that doesn't disable password authentication.
<Pici> You'd need to modify /etc/ssh/sshd_config, although I'm not sure off the top of my head if you can do that on a per-user basis.
<rww> http://security.stackexchange.com/questions/18036/creating-user-specific-authentication-methods-in-ssh
<rww> tl;dr: yes
<NetCode> i later went into the ssh_config and saw the line Password Authentication yes
<Pici> ssh_config is for outgoing ssh, sshd_config is for incoming.
<NetCode> i erased the # and changed it to no, then restarted the server and still not working
<NetCode> ohhhh
<NetCode> thatâs where i went wrong.. hmm let me try
<Pici> also the answer to the question rww posted has some more info on setting it per user/group/whatever
<NetCode> also (very new to all this) i didnât make a backup of the ssh_config but just copied it to my computer then reuploaded and replaced the originalâ¦ would all the persmissions and what not still be okay?
<NetCode> whoops sorry
<NetCode> did my last question make sense?
<NetCode> (and i closed the channel and lost the linkâ¦ anyway to repost? - new irc client..)
<NetCode> they are currently set to rw-r--r-- (644) for the ssh_config
<NetCode> that look correct?
<NetCode> (just creatd the server)
<sarnold> NetCode: and the owner, too?
<NetCode> this is create
<NetCode> *correct
<NetCode> iâm sshâd in right now
<NetCode> i was editing ssh_config thinking i was securing it when i was supposed to be doing the sshd_config lol
<NetCode> dang this irc client lol
<NetCode> (user error)
<NetCode> so yes i am the owner of the server
<NetCode> rw-r--r-- (644) that look correct for ssh_config?
<sarnold> if it's also root:root, yes
<NetCode> yeah iâd assume itâs still root
<NetCode> root and one other user has been created
<sarnold> check :) ssh can be insanely picky about file ownership and permissions
<NetCode> sarnold: how would i check? iâm using cyberducky and have basically been using cmd i
<sarnold> NetCode: ls -l /etc/ssh/ssh_config
<NetCode> *cyberduck
<NetCode> sarnold: -rw-r--r-- 1 root root 1690
<NetCode> thatâs what it returned
<sarnold> good good :)
<NetCode> *close one
<NetCode> if i deleted it and restarted the service would iti create a new one?
<sarnold> the ssh_config file is used by the ssh client on the computer
<sarnold> there isn't a service to restart
<sarnold> and most users on the system wouldn't have permissions to write into /etc/ssh/ anyway
<sarnold> the ssh client would use compiled-in default values, which might be reasonable enough, but the file wouldn't be recreated
<NetCode> sarnold: ahh so since this is a remote server i really donât have to worry about it right?
<sarnold> maybe
<NetCode> sarnold: i feel like i messed it up by copying it to my computer > editing a line > then sending it back and replacing the original
<NetCode> sarnold: maybe iâm just crazy
<NetCode> sarnold: way too new and getting overly concerned likely
<sarnold> NetCode: it's certainly more likely to go wrong than just editing the file on the system itself
<NetCode> sarnold: yeah i didnât know how to edit the file remotely (until now), before i was just copying it locally then sending it > replacing remote file
<NetCode> howdy all, anyone familiar with serverpilot?
<haidar_> I have error CPU does not support kvm extension in ubuntu server the virtualization in enable and the vt-x also the processer is intel core i7 any idea??
<sarnold> are virtualbox modules loaded? I wonder if that'd give wrong results
<haidar_> yes it is
<lordievader> haidar_: What does 'egrep -c '(vmx|svm)' /proc/cpuinfo' return?
<haidar_> get 0
<lordievader> Pretty much, follow the pre-instalation check-list: https://help.ubuntu.com/community/KVM/Installation
<lordievader> Sound like virtualization is not enabled, the i7 does support virtualization ;)
<haidar_> I don't know I enable the virtualization in bois and check it in windows and get yes
<haidar_> I did that check list already
<sarnold> if the virtualbox modules are loaded, unload them and try again
<sarnold> odd about the /proc/cpuinfo output though.
<haidar_> how can I unload it please
<sarnold> rmmod <modulename>
<sarnold> modprobe -r may go faster if it recursively removes unused modules..
<haidar_> ok i try that
<haidar_> sir how can I know the modulename
<sarnold> haidar_: iirc they have 'vbox' in their name, lookthrough lsmod | grep vbox output
<haidar_> i run this command i get vbox video and vbox guest and drm
#ubuntu-server 2016-02-03
<lordievader> Good morning.
<Ergo> hello, my ubuntu 14.04 has kernel version 4.2.0.27.21 from "linux-image-generic-lts-wily" is this the one with vulnerability fixed?
<jelly> Ergo: which particular vulnerability?
<jelly> Ergo: if you know the CVE ID, http://people.canonical.com/~ubuntu-security/cve/
<jelly> sadly not all kernel issues with security consequences get CVE assigned (says spender)
<Ergo> jelly: thanks, I've actually found the CVE and confirmed the version, all is good
<Kim^J> Anyone know anything about cloud-init here? I have this cloud-init file: https://gist.github.com/hagbarddenstore/bd68e0ebd8944c99b147 I use Ubuntu 14.04.3 (ami-f95ef58a). The error I get is that /tmp/my-key can't be found (By the ssh command in the runcmd), so my guess is that either I have wrong permissions or that write_files is executed after runcmd. Is this the case? This post ...
<Kim^J> ... http://blog.scottlowe.org/2015/12/17/cloud-init-register-instance-into-consul/ suggests that I can do what I'm trying to do, but I simply can't get it to work.
<Kim^J> Also, write_files with owner: ubuntu:ubuntu or path: /home/ubuntu/file will make cloud-init crash and burn, resulting in a server that you cannot access,
<sb_9> hi folks
<sb_9> http://pastebin.com/M46a5i60
<jml> Do the official vagrant images at http://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-amd64-vagrant.box not support shared directories?
<jml> also, wow, the topic hasn't been changed in almost 2 years
<sarnold> I've seen older :)
<jml> should I use the ones at https://atlas.hashicorp.com/ubuntu
<jml> https://atlas.hashicorp.com/ubuntu says "Official Ubuntu Server Wily Werewolf (development) builds"
<jml> I guess wily isn't in development any more
<sarnold> fwiw I'd only use those images if they match the published signatures
<sarnold> but that's me
<jml> thanks for the tip
<jml> I guess the conclusion is that the official Ubuntu Xenial images for Vagrant don't actually work with the Vagrant
<sarnold> no idea, what's a shared directory?
<jml> sarnold: have you used vagrant before/
<sarnold> jml: no
<jml> ok
<sarnold> jml: I've always heard it's some scriptng around virtual box, and i'm .. not inclined to use oracle code when there's good alternatives like kvm / qemu available :)
<jml> Vagrant fires up a VM (generally using VirtualBox) and does a bunch of automatic configuration on that VM to make it work nicely, optimized for development environments
<jml> a key step is mounting a directory from the host (the one where `Vagrantfile` is) onto the guest at `/vagrant`
<jml> that way, you can edit files directly from the editor on your guest without having to manually sync
<sarnold> aha
<sarnold> how do they do that? p9fs? nfs?
<sarnold> some virtio thing?
<jml> https://gist.github.com/jml/220163e18f88edb87976
<jml> a custom kernel module
<jml> well, custom filesystem, I should say
<sarnold> wow that seems surprising compared to the alternatives
<sarnold> thanks jml :)
<jml> yeah, you'll have to ask them.
<jml> anyway, I'm falling back to the "development" wily image that was released on 201601
<hggdh> Daviey: hi, you opened RT 16371 a looong time ago. Can it be closed?
<celly> good afternoon.  is anyone here using ubuntu server to manage their Clonezilla/DRBL instance?
<ikonia> celly: how is your failing clonezilla image anything to do with ubuntu
<ikonia> I asked you just a few minutes ago to not spread this across the ubuntu channels
<celly> i never said it was an ubuntu issue, but with so many people using ubuntu server, i thought maybe, just maybe, someone that might be using ubuntu server for Clonezilla and DRBL might actually be willing to help.
<celly> also, you "suggested" that i didn't ask it in the ubuntu-server channel, you didn't ask me not to do so.  if no one helps, then i'll obviously leave it alone.
<ikonia> celly: and as I told you - just because the clonezilla channel is dead, it's not up to the ubuntu channels to pickup the slack
<celly> how is me asking one question affecting you?  If someone has some insight, i'm sure they'll respond.  if all you're going to do is continue to say, "it's not an ubuntu issue", then what help is that.  as i stated, i obviously know its not an ubuntu issue, but considering ubuntu is one of the most used linux distro's and one of the primary supported OS's for clonezilla, what harm does asking a question do?
<celly> and FYI, the ONLY reason i asked the question in the ubuntu channel to begin with is because someone stated that the people in there would possibly help.  had someone not said that, i wouldn't have asked
<ikonia> ok, well please take it back to the clonezilla channel, thanks
#ubuntu-server 2016-02-04
<mike2020> Hello some freelance online?
<mike2020> #join #canonical
<zzxc> I just installed new motherboard, ram, and psu, and tried plugging in my existing ubuntu-server ssd to boot from. Everything aside from Ethernet is working. Is there anyways to tell if the ethernet is tell if the ethernet is broken or just missing a driver?
<tarpman> zzxc: might be udev rules expecting the old MAC address. check /etc/udev/rules.d/70-persistent-net.rules
<zzxc> tarpman: That might be it. Any clue has to how to reset this value?
<tarpman> zzxc: I usually delete the file and reboot the machine. it gets recreated, but your eth0, eth1, etc have a chance of moving #s around, so check everything carefully
<zzxc> tarpman: Hmmm looks like the same issue. Though it didn't recreate the 70-persistent-net.rules file it looks like
<zzxc> running sudo /lib/udev/write_net_rules all_interfaces returns missing $INTERFACE
<zzxc> Ah ethernet contoller is unclaimed. This makes it a bit tricker.
<lordievader> Good morning.
<jamespage> rbasak, jgrimm: hey - I've taken care of pacemaker and crmsh merges - we're back in sync with debian for crmsh now
<jgrimm> jamespage, w00t. thank you
<haidar> Hello,, How can I create a virtual router on ubuntu server any Idea??
<pmatulis> haidar: what do you mean by "virtual router"?
<haidar> mean a router on a virtual machine installed on ubuntu server
<haidar> just I need to create a network on ubuntu server and I need to create a router and switches and perform a network between them
<sarnold> haidar: hopefully useful http://resume.booksnmore.com/videos.php
<haidar> thanks
<haidar> sarnold, exactly I would like to cearte a virtual router with cisco certification on ubuntu server
<bekks> haidar: You'd need the old packet tracer software fromCisco, which is unsupported on Linux for a decade now.
<bekks> Eventually you could manage to use GNS3, along witha cisco router firmware, for creating a virtual network between two vms.
<OerHeks> haidar, i would go with the answer you already got from genii
<haidar> bekks, just i would like to create a virtual router cisco on ubuntu server
<haidar> DerHeks, ok thanks alot I will search about that
<sarnold> "cisco certification?" doesn't that mean you ought to be calling your cisco sales rep? :)
<OerHeks> !info dynagen
<ubottu> dynagen (source: dynagen): Cisco 7200 Router Emulator Command Line Interface. In component multiverse, is optional. Version 0.11.0-6 (wily), package size 816 kB, installed size 1688 kB
<OerHeks> !info  dynamips
<ubottu> dynamips (source: dynamips): Cisco 7200/3600/3725/3745/2600/1700 Router Emulator. In component multiverse, is optional. Version 0.2.14-1 (wily), package size 325 kB, installed size 1092 kB
<sarnold> OerHeks: crazy
<OerHeks> yeah, it is fun
<bekks> 1hAnd you got your answers.
<OerHeks> not sure what you will get in openstack though
<bekks> haidar: And you got your answers.
<genii> Alternately, go to your local electronics junk dealer and buy an actual old Cisco like a 5350 or such for about $40
<bekks> haidar: GNS3 uses dynamips, too.
<haidar> bekks, exactly sir i want to use GNS3 but how can I install it on ubuntu server
<bekks> haidar: Follow the installation instructions on the GNS3 website.
<haidar> genii, Exactly sir i would like to do that virually on ubuntu server because my master degree on that
<bekks> I dont think you'd need to ask such questions in case you really going for the Cisco Master Specialization ;)
<haidar> hello
<haidar> when I try to install a ubuntu desktop on virtual machine manager I get this error((Unable to complete install: 'internal error: process exited while connecting to monitor: Cannot set up guest memory 'pc.ram': Cannot allocate memory))
<bekks> haidar: Whats the "virtual machine manager"? And how much RAM do you have in your host, and how much did you dedicate to your vm?
<haidar> ok I solve the problem the virual machine manager is a program installed on ubuntu desktop to create a virtual machine and the mistake I should reduce the ram choosed
<bekks> does not sound like you are trying to use GNS3 :)
<haidar> yes I will try to install it on ubuntu desktop
#ubuntu-server 2016-02-05
<jayjo> is there a way to ssh tunnel a connection from my local machine (pgadmin3) to a server that I have that has access to a database?
<jayjo> Im not really understanding the ssh tunnel, is it everything on my port is forwarded to that remote port (through an ssh connection on port 22) and then I appear to be on the server?
<sarnold> jayjo: there's -R and -L variants, which describe which system should have the open listening port: -L for the local side, -R for the remote side
<sarnold> jayjo: you probably want the -L variant here; set a local port for ssh to listen on, and use the remote port to describe which port onthe server it should connect to
<sarnold> gotta run, probably someone else can help further i fyou still need it
<jayjo> ok thank you
<lordievader> Good morning.
<nocontrol> is anyone using foreman with upstart for rails projects ? I am exporting to services but I get a message "No such file or directory" when trying to start it
<nocontrol> I have an issue with foreman/upstart and rails, any help is appreciated http://stackoverflow.com/questions/35221886/export-foreman-workers-from-rails-app-to-upstart
<Daviey> hggdh: Yes, that urgent ticket from 5 years ago can be closed :)
<nocontrol> I have an issue with foreman/upstart and rails, any help is appreciated http://stackoverflow.com/questions/35221886/export-foreman-workers-from-rails-app-to-upstart
<rbasak> nacc: http://people.canonical.com/~ubuntu-archive/transitions/
<VelusUniverseSys> hello is there anyone able to help me set up a virtual user mail server
<sarnold> this guide looks tasteful https://help.ubuntu.com/community/PostfixVirtualMailBoxClamSmtpHowto
<VelusUniverseSys> yeah i followed that last time and was getting errors when it came to the clam part
<sarnold> do you need clam? maybe ignore those bits? :)
<VelusUniverseSys> yeah i might just ignore that bit i guess i dont need it
<sarnold> it might be worth it, since giving windows usres -some- protection from viruses might be nice. but if it's not working and not a requirement, maybe just skip it for now.
<VelusUniverseSys> it wont work full stop im still having problems when i try to log in grrr, can someone not do the setup for me please?
#ubuntu-server 2016-02-06
<VelusUniverseSys> sarnold, are you about?>
<sarnold> VelusUniverseSys: yeah
<VelusUniverseSys> would you be bale to set up the mail server for me please?
<sarnold> VelusUniverseSys: sorry, no, the best I can do is suggest reading material..
<VelusUniverseSys> shame i cant seem to get it to work
<lordievader> Good morning
<Tzunamii> Morning
<bananapie> I accidentally deleted /etc/networks/interface on a ubuntu 14.04 lts server that had a rather complex config ( bonded cards bridged to other cards ). Is there a way to regenrate interfaces file from active config ?
<Sling> bananapie: and there is no /etc/networks/interfaces~ or .swap or something? :) if there hasn't been much activity on that partition the data might still be there, just the inode is marked deleted
<Sling> I'm not aware of a way to save the current network configuration to a file like that
<bananapie> unfortunately, the file was deleted 453 days ago, two days after the last reboot. And it,s a vm host, with 30 vms, so the disk has definitely had a lot of activity
<bananapie> I'm pretty sure I have to rewrite the config, I'm gasping at straws
<bananapie> I already checked for a .swap file or interfaces~ file or a interfaces.cfsaved file
<bananapie> but no luck
<bananapie> Anyone ever see this ? (0) root@vm-1:~# ifenslave --detach bond0 em2
<bananapie> em2: is not enslaved to bond0
<bananapie> (0) root@vm-1:~# ifenslave bond0 em2
<bananapie> sh: echo: I/O error
<bananapie> em2: could not add interface
<bananapie> according to /sys/, em2 is part of bond0
<lordievader> bekks: The file ain't in a backup?
<lordievader> Err, that was for bananaapie, sorry bekks.
<shakes808> Hello all,  I am installing Ubuntu Server 15.10 and in the list of software that can be installed there is one named Publishing applications,  what is this?
<OerHeks> i cannot find "Publishing applications"
<shakes808> OerHeks: It is after "Pro audio core tools"
<shakes808> I am installing server 15.10
<shakes808> maybe it is new?
<shakes808> I don't remember seeing it before.  or maybe just never paid attention
<OerHeks> Then it should be available for desktop too > http://imgur.com/JiSfG6d
<OerHeks> not as app/metapackage nor software group
<JanC> if you don't know what it is, most likely you also don't need it  :)
<shakes808> OerHeks: working on getting you a picture
<OerHeks> yes please, i am curious
<shakes808> http://imgur.com/s9arV4a
<OerHeks> ahhh got ya, it is ubuntustudio-publishing >> https://launchpad.net/ubuntu/wily/+package/ubuntustudio-publishing
<shakes808> Thank you, will check out the link
<OerHeks> http://packages.ubuntu.com/wily/ubuntustudio-publishing
<OerHeks> gimp fontmanager, agave and such ..
<OerHeks> i like the ubuntustudio-photograpy with darktable.
<OerHeks> ( for desktop )
<OerHeks> didn't know those metapackages are in tasksel too.
<shakes808> Cool, thank you OerHeks for the information
<shakes808> JanC: you are correct for the most part, if I don't know what it is, then I most likely don't need it; in this case that was true :)
<DaMastah> Hi guys :) Performance-wise, is it better to setup an iSCSI target with 4096 max send segment bytes or 262144 (default is 4096) ?
 * FiredBall-0x71 http://www.pearltrees.com/pvpeliter/laptop-disini-bought-governor/id15409744#item167481741, , xWindow 10 ENTERPRISE , FREE CLASSIFIED OS FROM THE MOST HIGH HAS BEEN RELEASED , CLICK ON THE LINK THAT POP UP AND CLICK DOWNLOAD ... . DON'T FORGET TO JOIN ##Astara ... .
<FiredBall-0x71> join ##astara prince
<FiredBall-0x71> http://www.pearltrees.com/pvpeliter/laptop-disini-bought-governor/id15409744#item167481741, , xWindow 10 ENTERPRISE , FREE CLASSIFIED OS FROM THE MOST HIGH HAS BEEN RELEASED , CLICK ON THE LINK THAT POP UP AND CLICK DOWNLOAD ... . DON'T FORGET TO JOIN ##Astara ... .
#ubuntu-server 2016-02-07
<patdk-lap> anyone have a clue with grub + uefi + luks :)
<patdk-lap> works great on non-uefi boot, but I get a blank grub config when booting uefi :(
<sruli> has anyone uses ssl from letsencrypt? trying to get it working on my impad
<PryMar56> recent do-release-upgrade of Vivid to Wily 15.10. If I set busybox=n in /etc/initramfs-tools/initramfs.conf, then remake ramfs, reboot, it fails saying that no init candidate is found
<PryMar56> adding init=/lib/systemd/systemd to cmdline is no help
<PryMar56> its a known problem, so I left busybox=y
<lordievader> Good morning.
<irreleph4nt> Hi all. Have you ever tried setting up OpenChange + SOGo on server 15.10?
<Kimse> Anybody here ever tried to use automount inside a NAT'd LXC container to mount home directories shared via NFS?
<maza|2> can i redirect www.yahoo.com to www.yahoo.com/one/two/three.php over my own dns server + apache?
<bekks> Whats the actual goal behind that?
<maza|2> referal link
<maza|2> ad
<bekks> Ah, user annoyance :P
<maza|2> thx))
<lordievader> Perhaps you can do something like that with the squid proxy?
<bekks> squid doesnt rewrite.
<lordievader> Ah...
<bekks> you could point yahoo.com to your own webserver, make it listen to yahoo.com, and just use modrewrite
<maza|2> bekks: dns server forward yahoo.com to 3.3.3.3 (my apache+bind host), then "Redirect / www.yahoo.com/one/two/three.php" by apache. But this link never open, because yahoo.com is still 3.3.3.3, and there is no other pages
<bekks> dns servers do not forward.
<bekks> you need to configure YOUR dns server for pointing to YOUR apache server when accessing yahoo.com
<bekks> Then, you need to create the rewrite rule, and obviously you need to configure your clients to use your dns server instead of another one.
<bekks> maza|2: KEep it in the channel please, not in an unasked query.
<bekks> maza|2: Keep it in here.
<bekks> maza|2: Three time and you are out. *plonk*
<bekks> *times
<maza|2> ok
<patdk-lap> heh? squid rewrites
<patdk-lap> do it consistantly
<lordievader> patdk-lap: Can it solve the aforementioned problem?
<irreleph4nt> Hi all. Any idea why RSAT does not pick up my DHCP server? Runs just fine, though.
<fgjuutpfg> Hello, I was hoping someone could help me out with a networking issue
<fgjuutpfg> I'm using ubuntu 14.04 LTS on two machines, one of which (machine 1) is connected to the internet via wifi. The other machine (machine 2) is connected to the internet through machine 1's wifi connection, using ethernet. My issue is that when I log into my router, machine 2 does not show up under "connected devices", so I am unable to access its LAN ip
<guntbert> fgjuutpfg: does 2 get its IP-address via DHCP from the wifi router?
<fgjuutpfg> guntbert, no, it seems to be getting it from 1
<fgjuutpfg> it's like 10.34.... whereas the others on the lan are 192.168.0.*
<fgjuutpfg> but 2 seems to be getting some resolving from the router
<fgjuutpfg> because i can address other machines in the LAN from 2 via their LAN address
#ubuntu-server 2017-01-30
<cp5> repost from #ubuntu:  hi, can someone help me figure out why i can't connect two machines together via a cross over on ubuntu 16.04 server
<JanC> not sure why you need a crossover (almost every hardware that's not over 15 years old should do auto-sensing?)
<JanC> anyway: most likely they are configured to be in different networks or something like that
<Stry> hi, what could be causing mysqld to stop working intermittently due to AppArmor - http://paste.ubuntu.com/23893144/
<Stry> changed mysqld to complain mode in apparmor
<rbasak> Stry: that's odd.
<rbasak> Stry: I wonder if that started from the most recent security update. Any chance you could check please?
<rbasak> Stry: it may be a regression due to some upstream change which requires a widening of the AppArmor profile.
<rbasak> Stry: also, what does your MySQL error log say when it fails please, so I can keep an eye out for that in bug reports?
<SandeepB> Hello all. I am trying to build deb packages for openstack components. Can someone point me to the process on how Ubuntu builds deb packages for openstack ? For example how a deb package for Openstack-Swift is built ?
<SandeepB> If anyone can point me to the ubuntu openstack builds documentation would be great help.
<Stry> rbasak: gimme a few to review the mysql logs
<metachr0n> hello ... i am dealing with a previously setup LDAP implementation ... and there be duplicates for groups in the create home directory thing ... anyone know how to deal with home directory group mappings?
<metachr0n> basically what they've done here is to set low numbers for the GIDs and now there are collisions
<metachr0n> should have started somewhere like 5000
<metachr0n> so now i have to clean up their mess
<zul> coreycb: just have trove left and then ill start uploading what in universe
<coreycb> zul, ok thanks
<coreycb> zul, moving static assets for openstack-dashboard to /var/lib/openstack-dashboard/static should make the other project dashboards compatible
<zul> coreycb: coolio
<coreycb> zul, so i'm working on that.  problem i'm hitting now is upgrades no likey so trying to figure that out.
<zul> coreycb: gotcha...im just trying to pump out uploads and then we can fix stuff if they are broken
<coreycb> zul, sounds good
<anonymous_mx> Good morning
<anonymous_mx> does anyone can help about interpretation of comand result netstat -n -p|grep SYN_REC ?
<anonymous_mx> tcp        0      0 <my IP server>:22        116.31.116.11:50073     SYN_RECV    -
<anonymous_mx> I have my server in linode and IP 116.31.116.11 is from China
<anonymous_mx> in my file /var/log/auth.log    Jan 30 08:37:54 localhost sshd[29031]: refused connect from 116.31.116.11 (116.31.116.11)
<tomreyn> anonymous_mx: you have one connection from 116.31.116.11 in state SYN_RECV
<tomreyn> is this sufficient interpretation, yet? if not, what is unclear?
<patdk-wk> shouldn't a packages .orig.tar.xxx file be the actual version from the software itself? not modified?
<joelio> patdk-wk: on the whole it will be an upstream tarball, yes (assuming you talk of packaging(
<patdk-wk> gpg: Signature made Mon 23 Jan 2017 12:54:16 PM EST using RSA key ID C1A4AEA6
<patdk-wk> gpg: BAD signature from "Quagga Release Signing Key"
<patdk-wk> for quagga_1.1.1.orig.tar.gz
<patdk-wk> verifing this cause I can't upload my package cause of this
<patdk-wk> File quagga_1.1.1.orig.tar.gz already exists in Primary Archive for Ubuntu, but uploaded version has different contents.
<patdk-wk> where mine matches http://download.savannah.gnu.org/releases/quagga/quagga-1.1.1.tar.gz.asc
<patdk-wk> diff shows a lot of changes
<zul> coreycb: can we add a column uca reports for ubuntu-proposed please?
<anonymous_mx> tomreyn: You are right, maybe my doubt is how that IP was connect in my server if in hosts.deny ALL:ALL and hosts.allow only my IP, how they could to connect in my server
<joelio> that's only for accepting sessions, not TCP
<joelio> you need to firewall for that
<coreycb> zul, yeah i have a todo to do that.  not sure how soon i'll get it done though.
<zul> ack
<SandeepB> Hello all. I am trying to build deb packages for openstack components. Can someone point me to the process on how Ubuntu builds deb packages for openstack ? For example how a deb package for Openstack-Swift is built ?
<jayjo> I recieved a notification that a certain ip address is requesting too many connections form a server. How can I go about finding something out about this IP address?
<jayjo> Trying to just get some broad details
<sarnold> jayjo: netstat or ss on the server in question should give you a good starting point
<Tahvok> krb5-user : Depends: libkrb5-3 (= 1.12+dfsg-2ubuntu4) but 1.12+dfsg-2ubuntu4.2 is to be installed
<Tahvok> How can I know what is the other package that is trying to install the wrong libkrb5-3 ?
<smoser> soren, could you approve hallyn's request to be member of vmbuilder ?
<smoser> https://launchpad.net/~vmbuilder-dev
<sarnold> Tahvok: have you run apt-get update recently?
<Tahvok> sarnold: yes
<smoser> and while you're at it, isupposed make me a admin if you're not opposed to that
<Tahvok> sarnold: it's a very old system, I'm just trying to understand how to find that 'other' package
<sarnold> Tahvok: is your mirror recently updated? 1.12+dfsg-2ubuntu4.2 is way out of date
<Tahvok> sarnold: as I said, it's a very old system. I'm just working with what I have. The main repo is actually a local mirror from 2014
<sarnold> Tahvok: it feels like the sort of thing that would be fixed by resyncing your local repository.
<Tahvok> That's what fixed in on 2 servers that I fixed a similar error on them already. But doesn't fix it on the other 2 I'm working right now
<Tahvok> Anyway, it appears that for some reason apt doesn't pick up the newer (and available) ubuntu4.2 package from the local repo..
<sarnold> so I -think- the approach then is to start from the dists/trusty-{updates,security}/InRelease and *Release* files and make sure that the signatures validate, make sure that the hashes validate the main/binary-amd64/Packages* files, and make sure the Packages* files have the newer -2ubuntu4.2 packages (or better yet, the 1.12+dfsg-2ubuntu5.3 packages), and all -those- hashes validate..
<sarnold> normally you can trust apt to report errors on these things
<sarnold> but it's odd that different binary packages built from the same source package appear to be available
<hallyn> smoser: thx :)
<sarnold> and because it feels like something is out of sync you might as well cover all the bases manually by hand to track it down :(
<Tahvok> So, found the problem and fixed it. I was wrong regarding the package in the repo. It was *not* present there. Perhaps I missread some other package. Anyway, I copied the package from a cache from one of the other 2 server that are working, and install it with dpkg -i, then fixed dependencies with apt-get install -f
<Tahvok> sarnold: thanks for your help anyway
<sarnold> Tahvok: man :/ sounds like a frustrating expierience. good luck bringing these machines up to date, kicking and screaming one package at a time :)
<zul> coreycb: neutron is going to need a  new dep in rc1
<coreycb> zul, alright
<coreycb> zul, why not, it's rc1 after all :)
<jgrimm> nacc, thanks, will mark that done
<nacc> jgrimm: np, sorry for the delay, hard to context swtich from iscsi to anything else
<jgrimm> no worries at all
<nacc> jgrimm: i'll try and get nspr done too
<jgrimm> nacc, cool
<nacc> jgrimm: fyi, you can see (after `git fetch lpusip`) that your at merge has been integrated into the history for ubuntu/devel
<jgrimm> nacc, cool
#ubuntu-server 2017-01-31
<cpaelzer> rbasak: could you look into tagging and merging, as well as uploading https://code.launchpad.net/~paelzer/ubuntu/+source/multipath-tools/+git/multipath-tools/+merge/311921 today ?
<cpaelzer> rbasak: I updated the merge request accordingly, but had to realize today this is not ubuntu-server-dev upload permission yet
<cpaelzer> rbasak: have you seen my request to tag, merge and upload multipath?
<cpaelzer> rbasak: or is the change to the upload permissions we discussed in the other chan close enough that I should upload then?
<rbasak> cpaelzer: yes. I'm running an update of the server packageset now. It involves running germinate which takes a while. I just started it. Separately I have a note to gather all upload tags, which is a bit lower priority. I've added multipath-tools to that list.
<cpaelzer> rbasak: ok thank you
<cpaelzer> rbasak: can you ping me once the packageset update is complete so I can copy this one from bileto?
<rbasak> cpaelzer: will do!
<vamadir> hello
<vamadir> i have a question, about ubuntu server`s. How to correct create users and groups for services? Like httpd, ftp, postfix...etc. Or its beter start them from root?
<hateball> vamadir: usually service-users are created for you when you install the packages
<hateball> vamadir: for instance installing apache will create www-data
<vamadir> hateball: have some rules or tips on ubuntu about creating service-users?
<ogra_> vamadir, normally you do not create them yopurself, the packages do this from the install scripts
<vamadir> ogra_: i understand, but if i create my own service, i need to create user for this?
<ogra_> if you dont want to run it as root, yes ...
<ogra_> i'd look at the source of a package with a similar service in such a case
<ogra_> specificaloly at the postinst script in the debian dir
<vamadir> ogra_: thanks
<Stry> rbasak: ubuntu-mysql apparmor logs: http://paste.ubuntu.com/23898693/
<rbasak> Hmm, he's gone.
<rbasak> For the logs: /var/log/mysql/error.log being empty isn't good. A conffile modification predating Precise (maybe Trusty?) can cause that IIRC. I wonder if he also has a tweaked AppArmor configuration?
<panicstr> Hello All.
<panicstr> I'm doing a release upgrade on ubuntu server. It currently shows "Restarting services possibly affected by the upgrade:" for over half an hour... has something gone wrong?
<fredrin> I have a server with two NICs, one for uplink (eno1) and one for internal network (eno2). eno2 has been used to create a bridge interface, br0, that I uses for virtual-guests. When I enable ufw, the virtual guest are unable to send arp requests to the dhcp-server that runs on the host, but other clients that is connected to the bridge by eno2 physical and a switch are able to get IPs. When I
<fredrin> disable ufw things work.
<fredrin> I've added the lines that is under the NOTE section of ufw-framwork manual
<fredrin> this is on 16.04
<fredrin> any pointers how to debug further?
<fredrin> ok, ufw allow bootps helped
<fredrin> ...
 * fredrin pats himself on the back 
<zioproto> coreycb, jamespage when we run the Openstack network node on ubuntu, it would be nice to have the Kernel compiled with CONFIG_NET_DROP_MONITOR=y
<zioproto> how does it work to give feedback about the Ubuntu Kernel ?
<coreycb> zioproto, hi, that might make sense. the folks in #ubuntu-kernel would know better.
<zioproto> thanks
<coreycb> zioproto, thank you :)
<zioproto> done, looks like this change will go in zesty
<zioproto> openstack folks, might want to read this : http://www.9bitwizard.eu/packets-drop-by-drop
<zioproto> looks like a noisy network can cause packet loss on your network node
<zioproto> hard to debug at the moment on a ubuntu server
<zioproto> ;)
<zul> coreycb: where do you fiddle with the cloud archive patches again?
<coreycb> zul, https://git.launchpad.net/~ubuntu-cloud-archive/ubuntu/+source/ca-patches/
<zul> coreycb: thanks
<panicstr> do-release-upgrade failed resulting in broken packages, apt not working etc... can i reboot?
<zioproto> panicstr, why reboot ? It does not sound like a good plan
<zioproto> panicstr, what you mean by apt not working ?
<zul> jamespage/coreycb: nova b3 is still in dep-wait because of python-os-xenapi is still in source new
<panicstr> zioproto Errors were encountered while processing: -list some 30 packages-
<zioproto> panicstr, did you try to 'apt-get -f install'
<zioproto> to finish the installation if those packages ?
<zioproto> s/if/of
<panicstr> E: Error, pkgProblemResolver::Resolve generated breaks, this may be caused by held packages.
<panicstr> E: Unable to correct dependencies
<zioproto> did you pin some packages ?
<panicstr> pin packages?
<zioproto> did you force some package to be in a specific version ?
<panicstr> not that i recall
<zioproto> what is the name of the package that fails to upgrade ?
<panicstr> there's some 30 of them
<zioproto> what upgrade are you doing ? trusty to xenial ?
<panicstr> yes
<zioproto> panicstr, read this: https://blog.bramp.net/post/2012/04/29/failed-ubuntu-update/ is this helpful ?
<panicstr> this log is empty in my system
<zioproto> /var/log/dist-upgrade/apt.log or /var/log/apt/term.log ?
<panicstr> zioproto don't bother, got to go, thanks for your help
<zioproto> no problem
<coreycb> zioproto, cool thanks for pushing on that and thanks for sharing that post
<jarad_> problem booting new install of daily build on lpar - where to find help ?
<jarad_> "/vdevice/v-scsi@30000009/disk@8100000000000000:-1,/etc/yaboot.conf: Unknown or corrupt filesystem" - which is not true
<coreycb> zul, i'm backporting python-wsgi-intercept python-xmltodict
<zul> coreycb: k
<zul> coreycb: im fixing libvirt in the CA
<coreycb> zul, thanks
<coreycb> zul, i think the other backport issues may be fixed by updating d/control
<jarad__> i have a yaboot problem - tying to install powerpc64 on lpar - when booting i get
<jarad__> "/vdevice/v-scsi@30000009/disk@8100000000000000:-1,/etc/yaboot.conf: Unknown or corrupt filesystem" - which is not true
<jarad__> daily build that is ...
<jarad__> any suggestions
<zul> coreycb: the libvirt patch we carry for the ocata UCA is no longer needed. fyi
<powersj> jarad__: take a look at LP: #1606089
<ubottu> Launchpad bug 1606089 in yaboot (Ubuntu) "unable to boot after 'entire disk' install (16.10, ppc)" [Undecided,Confirmed] https://launchpad.net/bugs/1606089
<jarad__> sorry what does LP: #160689 mean ?
<ubottu> Launchpad bug 160689 in Moblin Multimedia "Suggest to add a column to display media path" [Low,Won't fix] https://launchpad.net/bugs/160689
<coreycb> zul, ok good
<powersj> jarad__: that issue and workaround are described in the launchpad bug here: https://launchpad.net/bugs/1606089
<ubottu> Launchpad bug 1606089 in yaboot (Ubuntu) "unable to boot after 'entire disk' install (16.10, ppc)" [Undecided,Confirmed]
<jarad__> thx :)
<jamespage> zioproto, coreycb: that sounds like a useful kernel feature - thanks for getting that enabled for the zesty kernel!
<zioproto> jamespage, it will come also in Xenial
<jamespage> zioproto, great
<zioproto> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1660634
<ubottu> Launchpad bug 1660634 in linux (Ubuntu Yakkety) "Enable CONFIG_NET_DROP_MONITOR=m in Ubuntu Kernel" [Undecided,In progress]
<dasjoe> Ugh, "Root privileges are required for running gparted." - I'm a member of disk, so I should be able to run gparted as my user
<jarad__> powersj, ubottu: confirmed was able to boot after choosing ext2 as /boot and / - thx agin
<jarad__> powersj, ubottu: confirmed was able to boot after choosing ext2 as /boot and / - thx again
<powersj> jarad__: good to hear!
<nacc> dasjoe: is that perhaps hardcoded in gparted?
<rbasak> cpaelzer: PEBKAC. I got the exception for multipath-tools working. Not quite active yet.
<rbasak> cpaelzer: OK, you should be able to upload multipath-tools now.
<hrw> hi guys
<dasjoe> nacc: it seems to be, parted just sent a generic warning but let me edit the GPT
<nacc> dasjoe: interesting, probably worth asking upstream, but it might be a safety check in their code :/
<hrw> who I should speak with to make ubuntu-lts/arm64 image for docker.io?
<hrw> I work on adding arm64 support to openstack-kolla and need some kind of official ubuntu/arm64 image for containers
<blizzow> I'm having difficulty installing python-boto.  apt keeps complaining that it python-boto needs python-requests and that relies on python-urllib3 1.13. Then it complains that 1.18 is set to be installed. Anyone seen this?
<rbasak> blizzow: can you pastebin your output?
<blizzow> The way I got around the problem was to use aptitude and it proposed downgrading, but that doesn't really work with ansible.  Hold on a minute and I'll fire up a VM to get the output.
<nacc> blizzow: which version of ubuntu?
<blizzow> 16.04
<nacc> blizzow: fresh lxd 16.04 container, python-boto 2.38.0-1ubuntu1 installed fine
<nacc> along with python-requests 2.9.1-3, ptyhon-urllib3 1.13.1-2ubuntu0.16.04.1
<nacc> blizzow: python-urllib3 1.18 is not published in any ubuntu
<nacc> blizzow: currently, so perhaps a PPA in use?
<blizzow> http://pastebin.ca/3762394
<blizzow> Ah, elasticsearch PPA.
<blizzow> How do I pin the python-urllib3 back to the ubuntu version?
<nacc> blizzow: i think instead you would say only to install certain packages from the elasticsearch PPA? although perhaps that would break their software then
<zul> coreycb: lovely....just lovely
<blizzow> nacc, that's a fine solution, I guess how would I whitelist only certain packages from their PPA?
<nacc> blizzow: iirc, `man apt_preferences`, with something like specific Package entries from that PPA
<nacc> blizzow: but i'm not sure if that will let elatsicsearch work, if it in turn needs the 1.18 version
<blizzow> yeah, urgh. This machine won't even be using elasticsearch. I guess I can't use a monolithic apt sources anymore :/
<hallyn> soren: hey
<blueking> is it possibly to ask firewall rules here ?
<sarnold> sure
<blueking> what I am unsure about are what ports one should open  lan -> wan and lan -> local.. how to know ?
<blueking> wan -> anything usually blocked
<blueking> sarnold   u forgot me ? ;)
<dasjoe> nacc: apparently Gnome doesn't think of the hard requirement to be root as a bug, see https://bugzilla.gnome.org/show_bug.cgi?id=641758 and https://bugzilla.gnome.org/show_bug.cgi?id=693275
<ubottu> Gnome bug 641758 in application "Cannot run as non-root" [Major,Resolved: duplicate]
<ubottu> Gnome bug 693275 in application "gparted fails to start because it says it needs to be root" [Major,Resolved: notabug]
<nacc> blueking: well, to be fair, sarnold only said 'sure', didn't say they would answer your question
<dasjoe> They argue a user can't inform the kernel about partition table changes, so running as root is required
<nacc> dasjoe: interesting
<dasjoe> nacc: actually re-reading the tables as a user results in "BLKRRPART failed: Permission denied" for me, so they may have a point there :)
<blueking> nacc  I know, just  wanted to highlight his nick
<nacc> dasjoe: :)
<sarnold> blueking: it depends entirely on what you want your system to -do- :)
<blueking> sarnold sarnold  4 or 5 subnets  lan-main (free access to net)  lan-kids (time limited when kids can have access to net)  lan-fileserver (less secure subnet, fileserver has its own firewall, 4 nics on fileserver one for wan (through router), and 1-3 nics LAG lacp   vlan-trunking (vlan tagged for lan-main and lan-kids), not decided yet how to configure this.  and guest zone
<sarnold> blueking: wow, nice
<dasjoe> Is "sarnold sarnold" like the B1s' "roger roger"?
<sarnold> yes yes :)
#ubuntu-server 2017-02-01
<cpaelzer> rbasak: thanks, upload worked
<panicstr> I need help. My release upgrade went a bit wrong. Now when I do apt-get -f install it wants to install a ppp and upgrade the x11-common packages. However while "Preparing to unpack .../x11-common-1%3a7.7+13ubuntu3_all.deb ..." it seems to want to stop/start the x11-common via /etc/init.d/x11-common start/stop which does not work.
<panicstr> I can't remove it either;
<panicstr> dpkg: error processing package x11-common (--remove):
<panicstr>  package is in a very bad inconsistent state; you should
<panicstr>  reinstall it before attempting a removal
<sarnold> why doesn't the x11-common start / stop work?
<panicstr> no idea
<sarnold> wild guess, maybe apt-get install --reinstall x11-common ?
<alkisg> panicstr: what is the exact output? can you put it to pastebin?
<panicstr> http://pastebin.com/Tz9UT6Yg
<alkisg> preparing to unpack, and then?
<alkisg> You missed the error there
<panicstr> it's stuck trying to do the /etc/init.d/x11-common stop, which doesn't work
<alkisg> And it's not possible to put that to pastebin?
<sarnold> WARNING: The following packages cannot be authenticated!  --- that's odd
<sarnold> why not?
<alkisg> It's possible that your apt sources are not up to date
<alkisg> Can you put the *whole* output of `apt-get update; apt-get --yes dist-upgrade; apt-get install -f` to pastebin?
<panicstr> no problem, hold on.
<panicstr> first, this is what it returns after i manually kill the x11-common stop request
<panicstr> http://pastebin.com/4Ek8D1sP
<panicstr> apt-get update: http://pastebin.com/3TH4pTaF
<sarnold> woaaaah
<panicstr> apt-get --yes dist-upgrade: http://pastebin.com/pWVM5Ewg
<sarnold> okay two ideas come to mind: take a look at dmesg output, maybe there's some hardware or filesystem errors -- or check df and df -u output, maybe your filesystems are full
<panicstr> apt-get install -f: http://pastebin.com/ri4qN5EN
<panicstr> and it's now trying to stop the x11-common again...
<alkisg> panicstr: if even apt-get update has issues, something's more wrong than just x11-common
<alkisg> Try with the main server instead
<sarnold> I still think he's got a trashed filesystem
<panicstr> what does this mean
<panicstr> [77193.869996] cron[11310]: segfault at 504 ip 00481bcf sp bfbd4d10 error 4 in libpthread-2.23.so[47d000+19000]
<sarnold> drive errors or ram errors
<sarnold> it could also be a bug in the software
<alkisg> You can test with a live cd
<alkisg> If you see segfaults there, suspect hardware issues
<alkisg> If you don't, suspect corrupted installation
<sarnold> but with the symptoms here it sure feels like hardware ..
<alkisg> There's also `debsums -s`
<sarnold> memtest86 also a good idea
<alkisg> ...but you might not be able to install it, hm...
<alkisg> Yeah memtest too, from the boot manager
<panicstr> I did a memtest couple days ago, there were no errors. HDs seem ok too, did plenty of relocation of big vm files recently...
<alkisg> a corrupted file system doesn't necessarily imply hardware errors
<alkisg> Boot from a live cd first
<alkisg> You'll be able to fix things from there using "chroot", if the hardware is ok
<panicstr> Well that's a bit of a problem as this server is about 200km away
<sarnold> does the ipmi interface perhaps allow mounting a local iso as a boot media? it might be the worlds slowest boot..
<sarnold> or maybe pxe boot off a machine in the same rack?
<sarnold> this one wouldn't even be fun to debug if the machine were in the same room... 200km away, ugh.
<alkisg> It's possible to write an .iso to the local disk and boot from it using the existing grub, but it's kinda hard to instruct someone to do it over irc
<sarnold> and on compromised or potentially compromised filesystem, even less fun
<panicstr> Let's just assume it's not a hardware problem for now.
<sarnold> alright, in that case the debsums idea is pretty good; apt-get download debsums, use 'ar x' to extract the tarball, 'tar x' to unpack the tarball, and try running debsums that way
<sarnold> most packages include md5sums of their files, and debsums can report mismatches
<alkisg> dpkg -i might also work, even if apt fails
<alkisg> I would start by trying the main server though, instead of the si one
<alkisg> I've seen such issues with the .gr servers some times, and also recently with the change to the hashed repositories
<sarnold> if dpkg -i works it'd certainly be easier :)
<panicstr> can't use apt because of the ppp package not installed, dpkg -i however works ok
<panicstr> how do i change .si to main?
<sarnold> I bet apt-get download works fine
<panicstr> right
<alkisg> panicstr: you either run software-properties-gtk, if you have gui, or manually edit /etc/apt/sources.list
<rizonz> I have some weird issue, when I provision a server the install goes well, after the install it keeps rebooting when it wants to boot from disk
<panicstr> please have a look at this http://pastebin.com/pCAfi0JV
<panicstr> How could i get this x11 in order by hand first
<alkisg> Couldn't create tempfiles for splitting up  /var/lib/apt/lists/partial/main.archive.ubuntu.com_ubuntu_dists_xenial-updates_InRelease
<alkisg> If it can't create temp files to do its tasks... it's a serious issue
<alkisg> You need to be able to access the file system properly before doing package management jobs
<alkisg> Now, you have file system issues
<alkisg> panicstr: boot from a live cd before you start losing existing data...
<lordievader> panicstr: Is the ram full?
<panicstr> i don't think so
<lordievader> panicstr: Can you check?
<panicstr> How do you check that?
<panicstr> free -m ?
<lordievader> panicstr: For example.
<panicstr> it's not full
<panicstr> 4258 available
<lordievader> panicstr: Can you create files using 'touch'?
<panicstr> i can
<alkisg> What's the output of `df -h` ?
<lordievader> Also in /var/lib/apt/lists/partial/?
<panicstr> lordievader yes
<panicstr> alkisg http://pastebin.com/cCiVpndU
<alkisg> No space issue, then
<lordievader> panicstr: What is the output of 'sudo apt-key finger'?
<panicstr> http://pastebin.com/D79C7W5T
<lordievader> Hmm, so apt-key does work...
<lordievader> I take it that gnupg is installed too?
<panicstr> How do you check that
<lordievader> dpkg -l|grep gnupg
<panicstr> http://pastebin.com/f9QdE6Ss
<panicstr> is this ok?
<lordievader> Yes, it makes the output of the 'apt-get update' just a bit more strange.
<lordievader> What happens if you make it 'sudo apt-get update'?
<panicstr> https://paste.ee/p/7rH0S
<lordievader> panicstr: What are the permissions for /tmp?
<panicstr> drwxr-xr-x  50 root root  8192 Feb  1 10:25 tmp
<lordievader> panicstr: As I figured ;), 'sudo chmod 0777 /tmp && sudo apt-get upgrade'
<panicstr> cool, that solved the Couldn't create tempfiles problem
<panicstr> however, there's another problem we discussed earlier;
<lordievader> Which is?
<lordievader> Why had /tmp 755 anyways?
<panicstr> don't know, could be i changed it although i don't remember
<panicstr> have a look at this
<panicstr> apt-get update: https://paste.ee/p/vk4vi
<panicstr> apt-get upgrade: https://paste.ee/p/6JMfj
<lordievader> Sounds like gnome...
<lordievader> Never seen that error, to be honest.
<panicstr> apt-get -f install: https://paste.ee/p/xSh0d
<panicstr> ps aux: https://paste.ee/p/8TTW1
<panicstr> root@vmhost:~# /etc/init.d/x11-common start/stop/status does nothing
<panicstr> i can't remove x11-common either
<panicstr> https://paste.ee/p/Be2Gl
<panicstr> what if i just rm the file from /etc/init.d/ ?
<lordievader> Is that a service???
<lordievader> panicstr: What happens when you let apt purge it for you?
<panicstr> Unmet dependencies
<panicstr> https://paste.ee/p/uG9fu
<lordievader> Did the paste of 'apt-get install -f' continue after unpacking?
<panicstr> no, it just tries to stop the x11-common
<panicstr> which does nothing
<panicstr> doesn't even return the prompt
<lordievader> Let it run for a bit.
<panicstr> How long should i leave it?
<lordievader> Sometime... guess if the promt doesn't return after, say, 15 minutes we can establish it is not doing much.
<panicstr> nothing so far...
<alkisg> panicstr: you can put an "exit 0" at the beginning of the x11-common init script, if you want to bypass it during installation
<alkisg> panicstr: how are you connecting to the server, via ssh from a linux box?
<panicstr> via putty from w7
<alkisg> sudo nano /etc/init.d/x11-common, and put "exit 0" before "set -e"
<alkisg> Remember where you put it, so that you remove it after apt finishes
<lordievader> He wants to remove x11-common, that should take that script with it ;)
<alkisg> No, he wants to remove it only because he can't properly upgrade it
<alkisg> So if he puts "exit 0" there and ugprade finishes, he will no longer want to remove it, I imagine
<lordievader> Ah, that I didn't know.
<alkisg> Although I'm not sure if that's the only issue he's still facing ... I wonder if he just copied the whole installation with `cp` and the permissions are bad
<panicstr> https://paste.ee/p/mMBkT
<alkisg> That's the main error: Error: GDBus.Error:org.freedesktop.DBus.Error.Spawn.ExecFailed: Cannot launch daemon, file not found or permissions invalid
<alkisg> panicstr: I think this will take hours that way, do you want help via teamviewer?
<lordievader> I'd force purge that package at this point...
<alkisg> The problem is that dbus isn't running
<alkisg> maybe due to permission  issues?
<alkisg> The package installation should succeed once the other system issues are fixed
<lordievader> Or because x11-common is installed it tries to do X stuff...
<panicstr> teamviewer 332 582 407 / 4633
<alkisg> Eh wait I need to update teamviewer 11 to 12
<alkisg> ...it turns out the dbus package is not configured properly, and thus breaks a whole lot of postinsts
<lordievader> Ouch
<Genk1> Hello  all
<Genk1> What do you think about  mounting a clustering  system in cloud environement ?
<Genk1> I want to mount a galera cluster system with 3 VM hosted at a remote hoster
<Genk1> I don't how stable it could be, and what do I need to cope with clustering requirements ?
<rbasak> nacc: when you have time (no rush), could you review https://code.launchpad.net/~racb/usd-importer/+git/usd-importer/+merge/315120 please? I want to slowly filter my patchsets into master, to eventually get queue support landed in there.
<coreycb> jamespage, beisner: hi when you get a chance can you promote neutron 2:9.1.1-0ubuntu1~cloud0 from neutron-staging -> neutron-proposed and python-oslo.messaging 4.6.1-2ubuntu2~cloud0 from mitaka-staging -> mitaka-proposed?
<coreycb> s/neutron-/newton-/
<coreycb> jamespage, beisner: actually might as well just promote everything in mitaka-staging -> proposed
<beisner> coreycb, on it
<rbasak> smoser: is the cloud-init SRU exception documented anywhere?
<smoser> rbasak, it does not exist.
<smoser> we do intend to get one..
<smoser> powersj is looking at doing that, first for curtin, and then for cloud-init
<rbasak> Who handled the SRUs in the past?
<rbasak> Have full upstream releases been backported before?
<smoser> probably
<smoser> its not really a "full upstream release"
<smoser> if you look at the diff, its fairly small other than the license change.
<smoser> i do agree that we need to get the exception into place
<smoser> and better integration test also
<smoser> as we intend to keep pulling back new things
<jgrimm> smoser, we should try to knock out the SRU documentation for both curtin/cloud-init next week's sprint
<jgrimm> smoser: powersj has started it for curtin here -> https://wiki.ubuntu.com/CurtinUpdates
<jgrimm> but really shouldn't take long to knock both of those out if ya'll feed him the important bits to emphasize
<smoser> rbasak, http://paste.ubuntu.com/23905579/
<smoser> filters that pretty well
<rbasak> smoser: what are you expecting to do for SRU verification on this?
<rbasak> smoser: you don't currently have any sort of TB exception for cloud-init, correct?
<smoser> rbasak, well, i'll verify each of the bugs as the bug sru template describes. for entries in the changelog that do not have a bug, i'd not do anything.
<smoser> all bug changes other than 1647910 1582323 1655934 1379080
<smoser> have been previously successfully SRU'd to yakkety
<coreycb> beisner, thanks
<smoser> rbasak, changelog entries are taken from upstream git commits. you're welcome to walk through those for yourself, but the entries i consider even remotely interesting for an sru that have not already been sru'd to yakkety are
<smoser> http://paste.ubuntu.com/23905655/
<smoser> there are admittedly three changes there that do not have bugs with them.
<smoser> (i'm ignorning cloudinit/config/cc_rh_subscription.py for ubuntu)
<smoser> rbasak, i agree on the need for changes to get exception in place.
<smoser> how can i help you?
<rbasak> smoser: I'm still trying to figure out how to approach this.
<smoser> rbasak, thats fair.
<smoser> i think if you look at it from commit by commit on the ubuntu/xenial branch, it doens't look that bad.
<rbasak> smoser: I think I need to review against https://wiki.ubuntu.com/StableReleaseUpdates#When and https://wiki.ubuntu.com/StableReleaseUpdates#New_upstream_microreleases, so need to identify which bits of diff correspond to which criteria.
<smoser> git log ubuntu/0.7.8-49-g9e904bb-0ubuntu1_16.04.4..ubuntu/0.7.9-0ubuntu1.16.04.1
<rbasak> smoser: have you pushed your xenial branch? In https://code.launchpad.net/~cloud-init-dev/cloud-init/+git/cloud-init/+ref/ubuntu/xenial I see only up to 16.04.1.
<smoser> and realize that dropping the cpicks in debian/patches represent some of those commits.
<smoser> i'll push
<smoser> wait... it should be there.
<smoser> thats right
<smoser> that has everything
<smoser> what did you miss ?
<rbasak> smoser: https://git.launchpad.net/cloud-init/log/?h=ubuntu/xenial
<rbasak> 0.7.9-0ubuntu1~16.04.1
<rbasak> What about 2, 3 and 4?
<rbasak> Oh, sorry.
<rbasak> My mistake. It's all there.
<rbasak> Upstream version bump :)
<NDBoosty> hey folks so given the recent gitlab issues with their outage it got me thinking at work on how to force a bash prompt on prod servers... is there a way to do this and override any users bash prompt no matter what
<Raboo> i'm having problems with Predictable Network Interface Names in trusty
<Raboo> virtio drivers are named eth0
<Raboo> but should be named ens3 for instance
<Raboo> is ubuntu affected by something similar?
<Raboo> https://bugzilla.redhat.com/show_bug.cgi?id=1259015
<ubottu> bugzilla.redhat.com bug 1259015 in systemd "persistent interface names for virtio interfaces" [Urgent,Closed: errata]
<Raboo> on physical machines I get predictable names like em1
<Raboo> but not on my virtual machines (virtio)
<Raboo> i'm having a hard time handling this fact and are starting to break down in tears
<compdoc> Predictable? isnt eth0 predictable?
<maswan> Raboo: kvm renumbers pci buses when adding stuff, like another disk. iirc.
<compdoc> I cant use virtio nic drivers because of the problems. I use e1000, and see em0 or igb0 or eth0, depending on the distro
<Raboo> maswan compdoc in xenial i can decide if I want eth0 or ens3
<Raboo> but in trusty whatever I do the interface is called eth0 when using virtio
<Raboo> compdoc it isn't predictable when I discover a interface name with the name ens3 and I install OS and it is called eth0
<Raboo> and I want that feature because of the physical machines.
<Raboo> and turing it off leads to have all machines name their interfaces eth*
<Raboo> but when having multiple NICs it's useful, leads to less guesswork
<genii> Raboo: Have you tried setting in kernel load line: biosdevname=1 net.ifnames=1
<compdoc> that disables naming and goes back to eth0, etc
<Raboo> genii i have tried net.ifnames=1
<Raboo> genii biosdevname should default 1 if package biosdevname is installed.
<Raboo> genii those stuff works for interfaces that aren't virtio
<Raboo> but not for virtio interfaces.
<compdoc> oops, biosdevname=0 turns off Consistent Network Device Naming. nm
<joelio> yea, net.ifnames=0 and biosdevname=0 to disable, although the installation kernel may not be booted with those params, so ymmv.. you can make the install kernel revert to old school ethN though
<joelio> and it will work for virtio devices, they're no different to standard nics in the naming sense
<Raboo> joelio i want to enable the new naming policy, except it doesn't work in trusty for virtio drives, do not want to disable it.
<Raboo> it works for other drivers like intel.
<DammitJim> how do I ensure a service doesn't get started automatically?
<DammitJim> or check that it is set to do so?
<Raboo> DammitJim depens on what init system you use
<Raboo> systemv, systemd, upstart?
<DammitJim> Ubuntu 14.04 defauot
<Raboo> 14.04 got a mix of systemv and upstart
<Raboo> DammitJim you can use the update-rc.d tool
<DammitJim> it's defined /etc/init.d
<DammitJim> yeah, update-rc.d probably
<DammitJim> thanks
<DammitJim> it's tomcat
<DammitJim> and whenever I update it, it resets that setting for some reason
<joelio> Raboo: Trusty only had biosdevname on it's kernel, not net.ifnames
<joelio> they're different beasts, just to make matters more interesting :)
<joelio> also, it's linked to kernel - so perhaps you need to get the linux-lts-generic-xenial kernel on
<joelio> if you have already created interfaces too, then they'll be locked in udev
<joelio> and it won't rename them unless you decouple that
<joelio> ooi, any reason you're not using Xenial (16.04)?
<joelio> Raboo: do you mean interfaces created on the host or in guests too? virto wise?
<Raboo> joelio ok so that is why physical machines get em1/em2 and virtual get eth0 in trusty
<Raboo> joelio guests
<joelio> because physical != virtual.. the naming is based upon bus
<Raboo> well joelio i'm testing both xenial and trusty and get different results.
<Raboo> the reason i wanted ens3 instead of eth0 is that on xenial it was named ens3
<joelio> yea, as xenial comes with net.ifnames
<joelio> em == biosdevname
<Raboo> I wanted it consistent so i didn't have to build exceptions in the install script.
<joelio> yea, unfortunately you'll always get these edge cases
<Raboo> but i did a exception now, trying the install now.
<joelio> https://major.io/2015/08/21/understanding-systemds-predictable-network-device-names/
<joelio> ^^ that's systemd (net.ifnames) cdn
<joelio> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Networking_Guide/sec-Consistent_Network_Device_Naming_Using_biosdevname.html
<joelio> is biosdevname
<joelio> just to make things more fun, let's make 2 standards of naming scheme
<joelio> well, 3 if you include the original
<Raboo> ok, is there a way to enable net.ifnames on the original trusty kernel?
<joelio> some relies on systemd
<joelio> you could try on an lts xenial kernel
<joelio> but ymmv
<Raboo> true, we do run xenial kernel on some nodes, but that is just cause the application would benefit from the newer kernel
<joelio> you can also rename devices in udev, if you wanted to patch it in a hacky way ;)
<joelio> but still edge case considerations, have to do some work to get consistent
<joelio> whether it's managing kernels, grub lines or udev etc
<joelio> sucks, but afiak no simple way around it
<Raboo> i ended up using eth0 names in virtual nodes
<joelio> yea, path of least resistance :D
<Raboo> was only two lines
<joelio> I disabled it on all our rollouts for a while
<Raboo> # check if virtio
<Raboo> [[ -e /sys/class/net/${i}/device ]] && ls -l /sys/class/net/${i}/device | grep -q virtio
<Raboo> # also if it is systemd, then disable predictable network interface names.
<joelio> but the realised was probably like Canute, trying to hold back the ever impending waves of 'progress' :)
<Raboo> [[ $? -eq 0 ]] && [[ -d /etc/systemd/network ]] && ln -s /dev/null /etc/systemd/network/99-default.link
<Raboo> so this way our physical machines gets em1 or p1p2
<Raboo> and virtual eth0
<Raboo> these stuff feels a bit retarded..
<Raboo> @everyone I got a ticket to cfgmgmtcamp.eu
<Raboo> tomorrow I will speak with the boss about sponsoring my flight and hotel if possible.
<joelio> Raboo: nice
<Raboo> where should one stay?
 * joelio may be going to kubecon later this year too fwiw (maybe see some of you?)
<Raboo> joelio you know the rule, when you sit in seminars you have to be hung over.
<joelio> Raboo: always :D
<rbasak> smoser: are you planning on only pulling new upstream releases from here on in, rather than cherry-picking? Or a combination of both?
<smoser> probably a combination based on urgency of fixes and such.
<rbasak> OK
<nacc> rbasak: ack
<nacc> rbasak: i'll probably push a commit on top that adds messages, as per smoser's review
<rbasak> nacc: sure, thanks.
<coreycb> zul, hey just starting some b3 testing here
<coreycb> zul, looking at neutron-openvswitch-agent not starting
<zul> coreycb: ryu
<coreycb> zul, ah. ok
<zul> coreycb: fixed is in zesty-proposed
<coreycb> zul, alright i'll backport that to the uca
<zul> coreycb: python-tinyrpc needs to backport if it isnt already backported
<coreycb> zul, ok
<_MoBeats_> Afternoon. I'd like to know what are the hardware requirements for MAAS and Autopilot servers. Had a good look on ubuntu.com but can't see the info anywhere. Can someone point me in the right direction please?
<nacc> rbasak: done, fyi
<rbasak> Thanks!
<zul> coreycb: MIR filed #1661060 (python-tinyrpc) #1660163 (python-os-xenapi)
<coreycb> zul, ok thanks
<zul> coreycb: got magnum
<coreycb> zul, sorry i started on that and ironic. hold up if you haven't started.
<zul> coreycb: oh...sorry...4.0.0 for magnum right?
<coreycb> zul, yeah
<zul> coreycb: ok cool
<zul> coreycb:  ill take a look at aodh
<coreycb> zul, ok.  did they release anything yet for ocata?
<zul> coreycb: of course  not
<coreycb> zul, ok. i guess we could do another git snapshot.
<zul> coreycb: yeah...the packaging is in a bad shape atm
<coreycb> zul, oh?
<coreycb> zul, the last snapshot we released should be ok
<zul> coreycb: this is the commit that broke things https://github.com/openstack/aodh/commit/7b0435a706095bfb6c5bac28bd25d1bdd91e1fe1
<zul> coreycb: i was looking at it this morning
<coreycb> zul, do you have to run aodh-config-generator now?
<coreycb> zul, oh that may be a part of moving paste defaults to the code base
<zul> coreycb: yeah it is
<zul> coreycb: right now its ftbfs because it cant find stuff in /usr/etc ?
<coreycb> zul, we'll have to do something similar to what tox.ini does to run aodh-config-generator and generate aodh.conf
<zul> coreycb: yeah i got that already :)
<coreycb> zul, ok
<nacc> anyone know, given a /dev/ path to a disk, how to verify/determine it's connected via iscsi? `lsscsi` does not seem to indicate the transport correclty (at least in xenial)
<genii> I think iscsiadm has something for this
<nacc> genii: yeah, the problem is that iscsiadm doesn't know (afaict) about the local disks (so you can't ask iscsiadm what, if any, iscsi disk /dev/sdb corresponds to)
<jgrimm> jamespage, I thought I'd do a merge for python-boto if you have no objections (checking with previous you as last touched, or any openstack concerns). I figure I owe you more than a few from last cycle yet. :)
#ubuntu-server 2017-02-02
<nacc> jgrimm: fyi, moin just finished too
<jgrimm> nacc, :) thank you
<lordievader> Good morning.
<alkisg> 'morning :)
<lordievader> Hey alkisg
<JemalMoha> hello
<alkisg> Hello
<JemalMoha> Help : Disable ETRN and VRFY commands.
<coreycb> zul, i'm seeing some issues listing instances in b3.  looks like something to do with cells.
<zul> erm...
<zul> like what?
<JemalMoha> Help!! how to Disable ETRN and VRFY commands.
<joelio> JemalMoha: I assume you mean SMTP, but you've not given any information about what server you're running
<joelio> also, why do you need to disable them ooi
<mike_carles> Hi people, I tried to customise ubuntu-server ISOs like I did for ubuntu-desktops. But It fails to install (no fail on boot, but on copying stage). Any Ideas?
<mike_carles> Is there any docs, hints for customizing ubuntu-server default squashfs-filesystem. Why is it different than -desktop?
<mike_carles> Thanks in advance ;)
<cpaelzer> zul: coreycb: I'm currently sniffin the qemu triggered dep8 tests via Bileto/Britney, I've seen a nova one fail on ppc now that did not a few days ago
<cpaelzer> zul: coreycb: it only fails on ppc64el (at least in my case now)
<coreycb> cpaelzer, ok thanks we'll take a look
<cpaelzer> zul: coreycb: when checking the log it comes down to "ERROR: NOVA-COMPUTE FOR nova-compute-kvm IS NOT RUNNING"
<zul> cpaelzer: url?
<cpaelzer> zul: coreycb: good case https://bileto.ubuntu.com/excuses/2432/zesty.html
<cpaelzer> ah that was bad case
<cpaelzer> zul: coreycb: really good case https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_39a8dbb93caf4ec889f8a1b7f69885db/bileto-2379-excuses/2017-01-30_07:30:02/2379_zesty_excuses.html
<cpaelzer> zul: coreycb: let me know if anything rings a bell
<cpaelzer> I haven't just rerun it as that is not working as non-core-dev on bileto triggered tests
<zul> cpaelzer/coreycb: http://pastebin.ubuntu.com/23911244/
<zul> coreycb: thats interesting...^^^
<cpaelzer> about 100 lines before "Setting up qemu-kvm (1:2.8+dfsg-2ubuntu1) ...^M"
<cpaelzer> and as you see other archs and almost same test last week worked
<cpaelzer> I couldn't check if it transient since I can't juts restart the test and new-ticket+full-set would be a bit of a hammer without discussing with you before
<zul> cpaelzer: yeah thanks...im not sure why its thinking its 1.5.3
<coreycb> zul, there were a few updates in libvirt/driver.py in b3
<zul> coreycb: yeah lemme poke
<zul> coreycb: https://github.com/openstack/nova/commit/4485aaf1c9bc6167eb316a9a092e52f1241234b8
<zul> cpaelzer: for whats it worth i havent been able to reproduce it
<cpaelzer> zul: ok, thanks for checking
<cpaelzer> zul: then I might as well upload as it might just have been transient
<zul> coreycb: ^^^ what do you think?
<coreycb> zul, cpaelzer, go ahead. we still have to upload nova a few more times so we'll keep an eye on it's tests.
<zul> coreycb: murano-pkg-check is in the archive ill upload murano this afternoon
<Popzi> I have a problem with mysql blocking me from doing just about anything with apt... im trying to install some things to fix our website which all my colleauges use to do work, and I cant until mysql stops hanging on Setting up mysql-server-5.5 (5.5.54-0+deb8u1) ...  I've tried turning the service off and upgrading it, but it wont bloody budge, any ideas?
<Popzi> annnnnd as I say this, it's just done upgrading.............
<rbasak> 5.5.54-0+deb8u1? That's a Debian package, not an Ubuntu one.
<rbasak> You should not have that installed unless you're running Debian.
<rbasak> If you're running Ubuntu, start by dropping Debian apt repositories from your sources.list and sources.list.d/
<rbasak> Popzi: ^
<rbasak> (or, probably safer: reinstall)
<Popzi> rbasak: I dont have any debain sources, I installed mysql with the default apt-get mysql
<nacc> Popzi: are you sure you're on ubuntu?
<rbasak> Ubuntu has never published mysql-server-5.5 (5.5.54-0+deb8u1).
<Popzi> nacc 100% lol
<nacc> Popzi: pastebin sources.list (or `apt update` output) and `lsb_release -a`
<compdoc> mine are all updated to 5.7 through apt, but Im on 16.04
<cpaelzer> rbasak: you had a link in the past - I think it was on LP, but fail to find it - where you could see the upload histroy of a LP user - can you share that link again (wherever it really pointed to)?
<rbasak> cpaelzer: https://launchpad.net/~/+uploaded-packages
<fuzzywuzzy> hi
<fuzzywuzzy> I was doing updates on one of my servers and see the package ntfs-3g installed and don't recall installing it.  Is there a comannd I can use to trace when it was installed and what it relates to?
<saju_m> i am trying to upgrade 'libpam-modules_1.1.8-1ubuntu2' to 'libpam-modules_1.1.8-1ubuntu2.2' in ubuntu 14.04 LTS server. But its not installing.
<saju_m> I have seen following lines in http://packages.ubuntu.com/trusty/libpam-modules
<saju_m> ibpam-modules-bin (= 1.1.8-1ubuntu2) [not amd64, i386]
<saju_m> and
<saju_m> libpam-modules-bin (= 1.1.8-1ubuntu2.2) [amd64, i386]
<saju_m> What is the meaning of these lines ?
<tarpman> saju_m: look at the table of the bottom of the page: different architectures have different versions of the package. I guess the security repo only built i386 and amd64, or something like that
<alkisg> What's the error message?
<tarpman> saju_m: but if you look at the trusty-updates page instead of trusty, it has 2.2 for all arches. so that shouldn't be your problem, assuming you have trusty-updates enabled
<alkisg> What is your architecture?
<alkisg> Those lines mean "if it's x86, depend on 2.2, otherwise depend on the previous 2 version"
<alkisg> So e.g. a raspberry would get ubuntu2, and an intel pc would get 2.2
<saju_m> http://dpaste.com/03NXCN3
<alkisg> sudo apt-get update; sudo apt-cache policy libpam-modules
<saju_m> http://dpaste.com/0PK01ZJ
<tarpman> o.O
<alkisg> saju_m: any reason that you don't want to update all your packages?
<alkisg> Why this selective update?
<alkisg> (also, nice repositories... :D)
<saju_m> yes, we are doing selective upgrade
<alkisg> You're trying to update one package, and hold back others that need to be updated too
<alkisg> Hence the message "3 not upgraded"
<saju_m> i have notices that, we dont have libpam-modules-bin (= 1.1.8-1ubuntu2.2)
<tarpman> saju_m: basically, libpam-modules and libpam-modules-bin must be at exactly the same version
<alkisg> If you try with aptitude, I guess you'll see more extensive messages
<saju_m> http://dpaste.com/0CSMN0H
<alkisg> I.e. the name of the other 2 packages that need to be upgraded along with libpam-modules
<alkisg> Then your repository isn't synced with the ubuntu one, it has partial upgrades there
<alkisg> That's why you can't upgrade, you have bad repositories
<saju_m> ok, i got it
<saju_m> how do i know the required packages
<saju_m> it it mentioned here http://packages.ubuntu.com/trusty/libpam-modules
<saju_m> That is why I asked the meaning of line libpam-modules-bin (= 1.1.8-1ubuntu2) [not amd64, i386]
<alkisg> I think that aptitude will tell you the names without you having to manually check the dependencies
<alkisg> You need 2.2 since you have amd64
<saju_m> ok
<saju_m> can i do dry run with aptitude
<saju_m> like apt-get install --dry-run foo
<alkisg> I think it's "-s", check the man page
<alkisg> I don't use aptitude, but it does have more extensive information in such broken cases :)
<saju_m> yes, thanks
<saju_m> aptitude is showing that dependencies
<coreycb> beisner, hello, can you promote python-rfc3986 - 0.2.2-0ubuntu0.16.10.1~cloud0 to newton-proposed?
<beisner> coreycb, ooo a new pkg
<coreycb> beisner, ya!
<coreycb> beisner, bug 1653967
<ubottu> bug 1653967 in OpenStack Global Requirements "nova raises ConfigFileValueError for URLs with dashes" [Undecided,New] https://launchpad.net/bugs/1653967
<teward> anyone know where the snapcraft people lurk?
<teward> I have complaints :P
<teward> nevermind, I have to read better
<sarnold> probably someone would be in #snappy
<saju_m> apt-get install mysql-server-5.5, removes mysql-server and packages depend of mysql-server (eg:omd,omd-1.30)
<saju_m> please check this http://dpaste.com/36TMJFX
<beisner> coreycb, python-rfc3986 -> newton-proposed, check.
<saju_m> in control file of omd, i can see depends mysql-server
<saju_m> How can i avoid the deletion of omd package
<rbasak> There is no omd package in Ubuntu.
<rbasak> You should probably speak with the people who provide that.
<teward> sarnold: they were less than helpful, the snapcraft rocket chat room helped.
<teward> :P
<saju_m> location of omd
<saju_m> https://labs.consol.de/repo/stable/ubuntu/dists/trusty/main/binary-amd64/omd-1.30.trusty.amd64.deb
<nacc> saju_m: some non-ubuntu repo.
<rbasak> Ask them to fix their packages.
<nacc> saju_m: generically, one could try `apt install mysql-server-5.5 omd`, but dunno if that will work if omd depends on mysql-server and mysql-server is about to be removed.
<sarnold> what package did mysql-server drag in?
<rbasak> In Trusty, mysql-server depends on mysql-server-5.5
<rbasak> However mysql-server-5.6 is available in universe.
<nacc> rbasak: ah right
<nacc> rbasak: well then i don't know why saju_m said that installing mysql-server-5.5 removes mysql-server
<rbasak> If omd depends on mysql-server-5.6
<saju_m> nacc, seee this http://dpaste.com/36TMJFX
<rbasak> And mysql-server-5.6 conflicts with mysql-server-5.5.
<saju_m> control file of omd http://dpaste.com/27Z3DXX
<nacc> saju_m: i believe you have random other repositories enabled that are not ubuntu (jiocloud?)(
<saju_m> that is custom repo
<sarnold> what does apt-cache policy mysql-server   report?
<saju_m> sarnold, http://dpaste.com/0N7XR7Q
<saju_m> my question is this
<saju_m> should we need to specify mysql-server-5.5 in control file of omd package ?
<sarnold> it certainly feels funny to require that the -server- be on the same host as the omd package. normally people care about the mysql client library bindings.
<sarnold> damn -- 5.5.46-0ubuntu0.14.04.2 is over a year old! something is seriously wrong with your mirrors
<nacc> yes, i think whatever 'snapshot' is being used is ancient and out of sync.
<saju_m> yes, that is old
<saju_m> i am trying to upgrade it
<saju_m> may be i need to allow mysql-server-5.5 to delete omd, then later install omd again ?
<saju_m> does it work ?
<sarnold> if this were my problem to solve I think I'd work first on trying to get the existing system upgraded to today
<nacc> saju_m: sorry, we really can't support using old defunct mirrors -- that's basically ubuntu any more, but a snapshot in time (arbitrarily)
<sarnold> and then once it's upgraded to today, then start adding new packages
<nacc> i would suggest a first step is to stop using your broken mirrors
<bigstu80> Hi all, I'm trying to set up ubuntu server headless on some old hardware. No onboard video and when I pull the GPU it's getting stuck during startup. Unfortunately it doesn't get far enough for SSH to work - any thoughts?
<sarnold> can you hook up a serial interface? or ipmi-serial?
<bigstu80> sarnold: probably not
<bigstu80> sidenote: I'm not in front of the machine right now - just looking for possible avenues to test later
<bigstu80> using ubuntu server 16.04 - it's getting past grub as I can hear the tone
<bigstu80> troubleshooting with a friend (who knows a lot more than me) thinks its something during startup blocking whilst waiting for a display
<sarnold> much like the old 'keyboard not found, press f1 to continue'
<genii> Might be some bios setting to ignore no video card
<genii> ( if it has no onboard)
<bigstu80> genii: yeah I disabled halt on (i.e. don't halt for any errors) and the grub beep is going off so it shouldn't be a bios issue
<bigstu80> I previously had it working in 14.04 server on the same hardware so it must be a config thing
<genii> Does it have a serial port?
<bigstu80> unfortunately I can't recall what the fix was
<bigstu80> genii: nope
<genii> Yeah, that makes it more problemmatic
<bigstu80> sarnold: I'll look into ipmi-serial - might be able to get it working via grub (if the article I'm reading is correct)
<sarnold> bigstu80: note that I don't know any specific tool named 'ipmi-serial' -- that was just a shorthand to stand for "is there a management interface that can provide a serial interface over a network?"
<bigstu80> I assume I could also use journalctl in 16.04 to check old boot logs and see where it's getting stuck?
<sarnold> I suspect you knew that :) but still, I wanted to make clear
<sarnold> bigstu80: I don't think we have persistent journals turned on so the -b interface is probably useless.. until you get it up and running. of course there's still syslog stuff in /var/log/
<bigstu80> sarnold: assume nothing :) whilst I set up the machine using salt provisioning scripts I'm a complete beginner when it comes to grub and boot
#ubuntu-server 2017-02-03
<genii> Maybe check if there's some settings related to video cards in /etc/default/grub  ( like nomodeset or VGA=### )
<bigstu80> genii: yeah I've tried a few /etc/default/grub settings like nomodeset nofb and others
<bigstu80> sarnold: OK I'll check that log location
<genii> All settings related to video cards in /etc/default/grub should be removed and grub-update and update initramfs   ran. Because trying to have grub do actions on nonexistent hardware often makes it choke
<bigstu80> genii: OK I didn't do update initramfs, just update grub
<bigstu80> I'll take another look at the settings
<genii> Also if you installed proprietary drivers for the videao card that was in it at the time, remove those
<bigstu80> nope, all vanilla
 * genii wanders off for beer and hockey
<bigstu80> genii: thanks for the input o/
<genii> :)
<Industrial> Hi. I am trying to run conjure-up but I get an error about /home/tom/.config/juju/accounts.yaml not existing
<Industrial> I want to deploy Kubernetes locally
<nacc> stokachu: --^
<bigstu80> also thanks sarnold
<Industrial> For development purposes.
<Industrial> Well, for learning to write apps for and deploy apps in kubernetes.
<sarnold> my pleasure bigstu80 :) I hope this one works out fo ryou :)
<Industrial> I have this React + Redux + GraphQL + PostgreSQL blog (yes :p) that I want to use to achieve continuous deployment with in a development/test environment
<sarnold> Industrial: are you trying to install strictly on localhost or are you trying to install to a public cloud or private lcoud? I know next to nothing about conjure-up but I do know it's pretty flexible..
<Industrial> sarnold: on localhost
<stokachu> Industrial, ah
<stokachu> Industrial, can you pastebin ~/.cache/conjure-up/conjure-up.log
<stokachu> i really need to surface that error better
<Industrial> stokachu: https://gist.github.com/Industrial/bf0b1b812f21252d0add2d2a5209054e
<Industrial> when I run the IPv6 ting it says not found
<stokachu> what version of lxc?
<stokachu> lxc version
<stokachu> im going to fix that incorrect error now too
<stokachu> Industrial, ^
<Industrial> 2.4.1
<stokachu> Industrial, what does `lxc network set lxdbr0 ipv6.nat false` show?
<Industrial> error: not found
<stokachu> Industrial, what about sudo lxd init
<Industrial> https://gist.github.com/Industrial/6b7543151c058998152d19721f313d2a
<stokachu> hmm looks right
<stokachu> Industrial, ive got some new code that does add some better lxd handling. you'll need to `apt-get remove conjure-up`, `sudo snap install --classic --edge conjure-up`
<stokachu> Industrial, also you installed lxd from their ppa?
<stokachu> brb grabbing drink
<Industrial> I think I had it installed. I'm not sure.
<Industrial> (as in I didnt know it was installed)
<stokachu> Industrial, you on xenial?
<stokachu> b/c 2.0.8 is the latest from the archive which is nbd i jsut wanted to try to reproduce with your version
<Industrial> No, on yakkety
<stokachu> ah ok
<stokachu> well the snap version doesn't work on yaketty because of some iptables rules changes
<stokachu> lemme install from the ppa
<stokachu> Industrial, whats `lxc network show lxdbr0` print out?
<Industrial> name: lxdbr0
<Industrial> config: {}
<Industrial> managed: false
<Industrial> type: bridge
<Industrial> usedby: []
<stokachu> Industrial, can you do `lxc network delete lxdbr0`; `sudo lxd init` again
<Industrial> What happened what this I think: I did a `sudo lxd init` configuration wrong and it made the networks. Is there a way I can undo everything lxd init does and retry it clean?
<Industrial> ok
<Industrial> right that
<Industrial> stokachu: hmm. it says error: not found on that delete :S
<Industrial> show shows it :S
<stokachu> hrm
<Industrial> It does it too on other networks (just tried docker0 for example)
<stokachu> Industrial, whats lxc network list
<Industrial> https://gist.github.com/Industrial/afe1deda3881be35d92b98c0d4570b8d
<stokachu> ah it's not managed by lxc
<stokachu> Industrial, do `sudo ip addr flush dev lxdbr0`; `sudo ip link set dev lxdbr0 down`
<stokachu> then try to re-run sudo lxd init
<Industrial> https://gist.github.com/Industrial/d5681d7b278996da2acbdaa884aeae9d
<Industrial> stokachu: ^
<Industrial> am I filling it in correctly though?
<Industrial> I'm just saying yes to everything except ipv6
<stokachu> yea you are doing it right
<Industrial> ok
<stokachu> one sec
<stokachu> Industrial, ok, `sudo apt-get install bridge-utils`; `sudo brctl delbr lxdbr0`
<Industrial> stokachu: sorry, ISP disconnected :S
<stokachu> Industrial, all good, did you see the "  `sudo apt-get install bridge-utils`; `sudo brctl delbr lxdbr0`"
<Industrial> ok done
<Industrial> LXD has been successfully configured.
<Industrial> \o/
<stokachu> \o/
<stokachu> give conjure-up another go
<Industrial> thx man :)
<stokachu> Industrial, actually
<Industrial> k
<stokachu> Industrial, do `conjure-up -d kubernetes-core localhost`
<stokachu> that'll doa headless and surface any other errors
<sarnold> does that send errors right to stdout or stderr and bypass logs?
<stokachu> well does both
<stokachu> journalctl -f is nice too
<stokachu> but yea conjure-up tui needs to surface that juju != ipv6 behavior better
<stokachu> Industrial, if you get pass the bootstrapping part you're good
<stokachu> Industrial, yea just ran it on my yaketty with those commands and it works
<Industrial> https://gist.github.com/Industrial/fed01c80695bf3008c7f9b8d6dfc0dba
<Industrial> is what I'm getting
<Industrial> I must have a broken ubuntu install allready =(
<stokachu> nah thats a bug
<Industrial> I wish you could like "diff" your whole system vs the base image to find out what you have changed :P
<stokachu> Industrial, do you have an /etc/default/lxd-bridge file?
<Industrial> no
<stokachu> hmmm
<sarnold> Industrial: heh yeah that'd be nice
<stokachu> Industrial, try this for me
<stokachu> Industrial, sudo apt-add-repository ppa:conjure-up/daily-git
<stokachu> sudo apt-get update && sudo apt-get upgrade
<stokachu> i got some better lxd code handling in there
<stokachu> looks like youre running 2.0.1 conjure-up
<Industrial> ah it's running now :D
<stokachu> cool
<Industrial> Bootstrapping juju-controller
<stokachu> yea should be good
<stokachu> Industrial, https://gist.github.com/battlemidget/677aab92efa6347a61b724410d454baa
<stokachu> that's what you shoudl see at the end
<Industrial> I'm doing this all just to try out kubernetes, to see if I can deploy my docker/docker-compose app to kubernetes
<stokachu> Industrial, you'll need some sort of storage which we dont setup automatically on lxd
<stokachu> easiest thing is to setup nfs and have kubernetes use that
<stokachu> but this is vanilla kubernetes so most tutorials online will work
<Industrial> Ok cool. So what did I just install really? Can I compare it to like a Vagrant setup of Kubernetes (which I also found)
<stokachu> Industrial, if you run `juju status` it'll list all the components
<Industrial> Or it all runs on docker containers right on the host
<stokachu> so kubernetes and it's deps run in seperate lxd containers
<stokachu> but when you deploy your apps on kubernetes it's all docker
<Industrial> aw i got an error
<Industrial> https://gist.github.com/Industrial/cfb4e09506dda9aed3bf619efa2e1360
<Industrial> right ok
<stokachu> what's juju status show
<stokachu> sorry `juju status`
<Industrial> its taking a while
<stokachu> https://gist.github.com/battlemidget/1f51b834b59b2e3be216a8d8c2a07dbf
<stokachu> that's what you should see
<Industrial> it's not printing anything
<Industrial> it hangs
<stokachu> how about `juju controllers`
<Industrial> conjure-up-localhost-777*  conjure-up-kubernetes-core-2f1  admin  superuser  localhost/localhost       2         1  none  2.0.0
<stokachu> hmm
<stokachu> so thats the initial 2.0 juju release
<stokachu> Industrial, do `juju kill-controller conjure-up-localhost-777`
<stokachu> then, `sudo apt-add-repository ppa:juju/stable && sudo apt-get update && sudo apt-get upgrade`
<stokachu> make sure youre on juju version 2.0.2
<stokachu> then re-run `conjure-up -d kubernetes-core localhost`
<Industrial> right. Thanks for all the help, by the way :-)
<stokachu> Industrial, anytime, we should get thsi going soon
<Industrial> so these lxd containers start at ubuntu startup? So Kubernetes as well?
<stokachu> Industrial, yea
<stokachu> they're set to autostart in the lxc config
<Industrial> cool, really nice
<stokachu> yea keeps things really clean so it doesn't mess with your host system
<Industrial> I got the same error, but with juju 2.0.2
<stokachu> Industrial, does juju status return anythign?
<Industrial> no
<stokachu> hmm
<stokachu> Industrial, is this system accessible for me to login too?
<Industrial> no, it's my laptop unfortunately :)
<stokachu> ok hmm
<stokachu> Industrial, can you paste ~/.cache/conjure-up/conjure-up.log
<Industrial> https://gist.github.com/Industrial/dd4b41f59dff1737d7f84e4c78660404
<stokachu> Industrial, there should be a ~/.cache/conjure-up/kubernetes-core/*.err/*.out can you paste thsoe as well?
<Industrial> https://gist.github.com/Industrial/5084668e11d46dd7d0bf231a1596cade
<Industrial> the out is empty
<stokachu> Industrial, juju status still not responding?
<Industrial> none
<stokachu> well that's disappointing
<stokachu> Industrial, what about `juju models`
<Industrial> also hangs
<Industrial> controllers shows the one again
<stokachu> Industrial, try this, `juju bootstrap --debug lxd/localhost`
<stokachu> once that finishes try just a `juju status`
<Industrial> stokachu: okay
<stokachu> Industrial, work?
<Industrial> copying image now
<stokachu> ah lxd image?
<Industrial> seeing a bunch of 200 response jsons now
<stokachu> talking to lxd
<Industrial> it keeps on doing that
<stokachu> Industrial, yea there is something screwy going on
<stokachu> not sure if it's lxd related
<stokachu> Industrial, can you paste the log?
<Industrial> stokachu: it's way more then my terminal can log before it stops
<stokachu> ok
<Industrial> when it stops it floods some more into the terminal and the rest is gone
<Industrial> so I only see the stop requests
<stokachu> Industrial, does lxc list show any vms?
<stokachu> containers i should say
<Industrial> https://gist.github.com/Industrial/28b3c013a646e808e0dfd7926244b616
<stokachu> ah
<stokachu> i see
<tsimonq2> @s/or
<tsimonq2> Whoopsie
<stokachu> Industrial, lxc delete  juju-6fa2a6-0 --force; lxc delete  juju-6fa2a6-1 --force; lxc delete juju-79d91c-0 --force
<stokachu> Industrial, once lxc list is empty
<stokachu> re-run conjure-up -d kubernetes-core localhost
<Industrial> okay
<Industrial> ok its doing some new stuff now; creating a juju model
<stokachu> w0rd
<stokachu> Industrial, where is it at now?
<stokachu> Industrial, whats lxc list look like as well
<Industrial> still the same
<Industrial> ] Using controller 'conjure-up-localhost-d20'
<Industrial> [info] Creating new juju model named 'conjure-up-kubernetes-core-b7e', please wait.
<Industrial> lxc list is empty
<stokachu> ctrl + c that
<stokachu> does juju controllers return anything?
<Industrial> yes, one
<stokachu> what's that output
<stokachu> Industrial, ^
<Industrial> conjure-up-localhost-d20*  conjure-up-kubernetes-core-c18  admin  superuser  localhost/localhost       2         1  none  2.0.2
<stokachu> Industrial, juju kill-controller conjure-up-localhost-d20
<stokachu> Industrial, them rm -rf ~/.local/share/juju
<stokachu> Industrial, then conjure-up -d kubernetes-core localhost
<Industrial> ok
<Industrial> stokachu: same thing. I think I might go with Vagrant for testing Kubernetes for now :-)
<stokachu> heh
<stokachu> ok
<stokachu> mmcc, ^ apparently juju and lxd didnt cooperate here
<pyromax> Hi?
<pyromax> Does anybody have any experience with LVM?
<pyromax> help?
<alkisg> pyromax: can you phrase your question again?
<zenirc369> Hi guys
<zenirc369> Chain INPUT (policy DROP)
<zenirc369> DROP       all  --  anywhere             anywhere
<zenirc369> ACCEPT     tcp  --  IP1         anywhere            tcp dpt:Port1 state NEW,ESTABLISHED
<zenirc369> ACCEPT     tcp  --  IP2         anywhere            tcp dpt:Port2 state NEW,ESTABLISHED
<zenirc369> In the above case how does the DROP rule behave?
<jayjo> how do I exclude filepaths in scp?
<jayjo> I want to scp my home directory, but skip any directory titled venv (which is a python virtualenv and the directories are massive)
<hateball> jayjo: use find to filter what you want, pass to scp with xargs?
<hateball> I dont think scp has any form of exclude flag
<jayjo> ok, thank you
<coreycb> cpaelzer, zul, ok seeing this in b3 ocata-staging testing now: http://paste.ubuntu.com/23918074/
<zul> erm...
<zul> coreycb: try just installing qemu-kvm and seeing what happens?
<zul> coreycb: going to try to reproduce it here
<cpaelzer> coreycb: zul: yeah I see it - but only on ppc
<cpaelzer> zul: if you are already retrying please let me know what it is or should I try as well?
<cpaelzer> zul: coreycb: the new qemu hit proposed - see http://people.canonical.com/~ubuntu-archive/proposed-migration/update_excuses.html
<cpaelzer> zul: coreycb: maybe something missing there - the error there is the nova ppc issue zul tried to recreate but didn't show up
<cpaelzer> on the retries
<coreycb> cpaelzer, zul: i have to guess that's related to this
<zul> cpaelzer: i think it might it be different not sure yet
<coreycb> zul, cpaelzer: because deploying xenial-ocata-staging yesterday didn't hit this.  and staging just got the new qemu 18 hours ago.
<zul> cpaelzer: did you mention something about xen?
<cpaelzer> zul: yep
<cpaelzer> zul: it is also waiting
<smb> cpaelzer, To answer the question ahead: I had no chance yet to talk to Andy
<cpaelzer> smb: I just wanted to point to you :-)
<smb> :) Hence the answer. But I still will try to look into it today
<cpaelzer> zul: coreycb: the TL;DR of the bit I know is that xen and libvirt (rebuild for xen) currently don't migrate as the detection says they make certain packages uninstallable
<cpaelzer> zul: coreycb, but tested effectively all are fine
<zul> ok
<cpaelzer> zul: coreycb: I had a writeup and smb (who did the xen/libvirt upload) wanted to talk to Andy as AA what it might be
<cpaelzer> zul: coreycb: since it has nova in the names FYI http://people.canonical.com/~ubuntu-archive/proposed-migration/update_excuses.html
<cpaelzer> zul: coreycb: I beg a pardon for the initial german chat :-)
<cpaelzer> but I couldn't find whats going on without help :-)
<zul> cpaelzer: no worries im still waking up so everything is german
<cpaelzer> hehe
<zul> coreycb: we need a newer seabios
<coreycb> zul, is that it?
<zul> coreycb: http://pastebin.ubuntu.com/23918257/
<coreycb> zul, gotcha i see it now
<coreycb> zul, cpaelzer, not sure why that was hit on ppc too but maybe seabios pkg wasn't available yet
<coreycb> zul, cpaelzer: makes sense on xenial-ocata-staging because we have an older seabios
<cpaelzer> coreycb: zul: I'm in meetings from now on the rest of the day - if the end of your checks end up thinking that I could/should do something would you drop me a mail so I can pick it up on Monday?
<cpaelzer> If it is trivial I might do so on Weekend, but I just don't want to miss it
<cpaelzer> the run before FF is usually a lot of depending on each other - I don't want to be the blocker here :-)
<zul> cpaelzer: no worries well scream :)
<cpaelzer> zul: since you could not reproduce it I'll hit retry on the dep8 test and see if it shows up again
<cpaelzer> zul: ok with that?
<zul> cpaelzer: i am
<zul> coreycb: ^^^
<coreycb> cpaelzer, sounds good
<coreycb> zul, i'm  backporting seabios
<zul> coreycb: i saw
<zul> coreycb: there could possibly be others
<kyle__> What is the deciding factor for which drivers make it into linux-image-<kernelver>-generic, and which end up in linux-image-extra-<kernelver>-generic?
<ddstreet> coreycb i'll create a bzr repo, will take a bit as i'm not very familiar with bzr :)
<coreycb> ddstreet,  i hear you.  i'll msg you some basics :)
<lucidguy> Ok, when I het ~. It types out ~. .. not the exit/kill response of ssh or ipmitool .. what am I doing wrong?
<coreycb> ddstreet, you can probably get away with just  'bzr branch lp:ubuntu-dev-tool', make your changes, 'bzr commit', write commit message, then 'bzr push lp:~ddstreet/ubuntu-dev-tool'
<ddstreet> ok lemme try that :)
<ddstreet> coreycb ok i think this has it https://code.launchpad.net/~ddstreet/ubuntu-dev-tools/ubuntu-dev-tools
<coreycb> ddstreet, i think so. taking a look.
<ddstreet> i had to use 'bzr push lp:~ddstreet/ubuntu-dev-tools/ubuntu-dev-tools', just using one ubuntu-dev-tools was 'too short' apparently
<ddstreet> thnx!
<coreycb> ddstreet, ok i pushed that, now if we can get a debian developer to upload to deiban.  thanks for the updates!
<coreycb> ddstreet, nice improvements
<ddstreet> coreycb thanks!
<EmilienM> coreycb: FYI on trove https://review.openstack.org/428816
<EmilienM> not sure you test it (we do)
<coreycb> EmilienM, do you have a link for the failure?
<EmilienM> coreycb: sure, a sec
<EmilienM> http://logs.openstack.org/88/428788/2/check/gate-puppet-openstack-integration-4-scenario003-tempest-ubuntu-xenial/302daab/console.html#_2017-02-03_16_30_24_398990
<EmilienM> coreycb: ^
<coreycb> EmilienM, thanks
<coreycb> EmilienM, that appears to be fixed in b3 of trove: https://github.com/openstack/trove/commit/6d5c082d54001b29b262c9a2a1a4d7222911f2ba
<coreycb> EmilienM, which we have in ocata-staging but we're debugging some issues before we promote to proposed
<EmilienM> ok
<EmilienM> coreycb: thx!
<coreycb> EmilienM, np hope to have b3 promoted soon, or it might just be rc1 since that's already out
<EmilienM> coreycb: please ping me or mwhahaha
<coreycb> EmilienM, ok
<joseki> hi all. i'm having a problem with multipath where i seem to have lost a superblock on a filesystem after trying to resize via rm/mkpart in parted
<joseki> what options do i have for trying to find a valid superblock? I tried mke2fs -n /dev/mapper/mpatha-part1 and using the "backup location" reported there
<joseki> i'm not using LVM
<lucidguy> From my workstation I can ssh -A etc just fine into specific servers.  If I ssh into my workstation from another box and try the -A to the box that always worked it no longer does.  It's something to do with an ssh agent or something running, can someone remind how to resolve this?
<sarnold> lucidguy: does your 'another box' have forwardagent turned off in the ssh configs?
<coreycb> zul, cpaelzer, nova-compute seems better now with the new seabios
<zul> coreycb: cool
<shambat> I'm using Ubuntu 16.04 and I'm copying some files between harddrives, and it's very slow. I'm getting this over and over in my dmesg: https://hastebin.com/izixekibok.css /dev/sde is the device I'm writing to. My drives are attached via a LSI Fusion MPT SAS2 controller card.
 * genii ponders https://hastebin.com/izixekibok.css
<sarnold> shambat: you might want to give this tool a try http://blog.disksurvey.org/blog/2014/08/10/decoding-lsi-loginfo-codes/
<sarnold> or look up0 the codes by hand http://blog.disksurvey.org/knowledge-base/lsi-loginfo/
<genii> Looks suspiciously like this bug that's been known since 2013 at https://bugzilla.kernel.org/show_bug.cgi?id=60644
<ubottu> bugzilla.kernel.org bug 60644 in Other "MPT2SAS drops all HDDs when under high I/O" [Blocking,New]
<shambat> hm
<sarnold> the final comments on the bug suggest disabling ASPM
<sarnold> most reports involved sata drives, I wnoder if that's just because a lot of people use them, or if there's something slightly amiss with the sata tunnelling protocol they have to use
<shambat> sarnold: that has to be done in the bios I take it?
<shambat> disabling ASPM
<sarnold> I think so
<shambat> I may suddenly disappear :)
<smoser> dannf, able to show me uname -a from a 64bit arm
<dannf> Linux mustang 4.9.0-11-generic #12-Ubuntu SMP Mon Dec 12 16:21:56 UTC 2016 aarch64 aarch64 aarch64 GNU/Linux
<dannf> smoser: ^
<smoser> aarch64. thanks.
<smoser> dannf, is that hardware or vm ?
<dannf> smoser: hw
<smoser> do youhappen to have a openstack anywhere with that ?
<dannf> smoser: though, don't see why it would differ
<dannf> smoser: i have a non-openstack vm
<smoser> well, looking for wheter or not oipenstack puts dmi data into the system like it does on intel
<genii> smoser: Someone in #ubuntu-arm might know
<dannf> smoser: there is dmi data - but in the uname?
<dannf> Linux ubuntu 4.9.0-15-generic #16-Ubuntu SMP Fri Jan 20 15:29:58 UTC 2017 aarch64 aarch64 aarch64 GNU/Linux
<dannf> smoser: ^
<dannf> that's a vm that has dmi tables
<dannf> but no, no openstack setup atm
<smoser> right.
<dannf> smoser: beisner may have an arm openstack up
 * beisner checks a thing..
<beisner> smoser, yep, got stuff online if you need it.
<beisner> smoser, from an aarch64 xenial nova instance: Linux xenial-uefi-20170119b210515 4.4.0-59-generic #80-Ubuntu SMP Fri Jan 6 17:37:14 UTC 2017 aarch64 aarch64 aarch64 GNU/Linux
<smoser> beisner, ah.
<smoser> can hyou
<smoser> sudo grep -r . /sys/class/dmi/id
<smoser> rharper, ^
<beisner> smoser, http://pastebin.ubuntu.com/23920627/
<rharper> beisner: cool!
<rharper> boo
<rharper> it really should have OpenStack Nova in there like on x86
<beisner> ha!
<rharper> same issue on power as well
<rharper> % cat /sys/class/dmi/id/product_name
<rharper> OpenStack Nova
<beisner> KVM Virtual Machine
<rharper> right that's not specific enough to know it's a VM on Openstack Cloud
<rharper> you'll get that with any qemu-system-$arm_arch machine
 * beisner is missing context but trusts that smoser and rharper know way more than i've ever forgotten about that.
<rharper> we're looking at ways for clouds to identify what they are w.r.t DataSource we can expect
<rharper> on x86, all the VMs in Openstack have the 'OpenStack Nova'  this is set via qemu's -smbios parameter for x86;
<rharper> aarm64 has DMI tables now, but I'm guessing since their uefi vs. bios-based qemu probably hasn't exposed an interface for auto-generating those tables at runtime;  however, they do for example pass -uuid through in 'product_uuid'
<rharper> so, it can be done, it's a matter for getting it upstream I suppose (or if upstream, getting libvirt to set the value)
<budfox> Hi! Anybody ever experienced abrupt npm ECONNRESET errors on Ubuntu Server 16.04.1/VirtualBox 5.1.4? https://gist.github.com/anonymous/aca183d181bec293c619133922f07fe6
<beisner> rharper, ah tricky
<rharper> beisner: would you be able to paste the qemu command line running that instance on the compute node ?
<beisner> rharper, libvirt log for that instance shows the cmd i believe: http://paste.ubuntu.com/23920679/
<beisner> rharper, that's xenial-mitaka, firing up a mitaka instance.
<beisner> err, xenial instance ;-)
<jge> hey all, anyone ever played with FastNetMon?
<blueking> is it doable to disable dhcpd server without removing config files/setup ?
<blueking> ubuntu server 16.04
<compdoc> you should be able to stop the service from running
<blueking> stop et restart at boot ..
<compdoc> not just that. I mean disable it
<blueking> just mv file from init ?
<rharper> beisner: one more, if you can: on the node, qemu-system-aarch64 --help &>  help.out ;  I'm interested in the cli switches exposed there
<compdoc> no, just a command
<compdoc> systemctl disable SERVICE - Turns the service off on the next reboot or on the next stop event. It persists after reboot.
<beisner> rharper, sure: http://paste.ubuntu.com/23920715/
<compdoc> dont want to move files frm init
<rharper> ah ha!
<rharper> smbios type=1[,manufacturer=str][
<beisner> rharper, also - happy to let you poke around the compute node + instance.  it'll be online at least through monday mid-day.  after that i'll be doing crazy things with the kit.
<rharper> looks like we can get an update to nova-compute on aarch64 nodes to pass in the OpenStack Nova string to the type 1 table
<rharper> beisner: ok; it would be fun to shutdown an instance, update the xml to include the manufacture element used on x86  and reboot to confirm that we can see OpenStack Nova in the aarch64 dmi tables
<beisner> our perspectives on fun may differ, rharper ;-)  send you the fun keys momentarily
<rharper> hehe
<budfox> Oh well, guess npm won't work on Ubuntu either, next stop Debian!
#ubuntu-server 2017-02-04
<sarnold> stokachu: nice announcement mail :) btw your MUA did something silly: http://conjure-up.i <http://conjure-up.io>o  -- hehe :)
<stokachu> ah crap
<stokachu> i blame gmail
<sarnold> always a good plan :D
<stokachu> haha
<sarnold> at least there's a working link right next to an obviously-funny-looking link
<stokachu> sarnold, i like to keep things interesting
<sarnold> lol
<qoarzers> I am having problem with adjusting the brightness of my laptop screen in ubuntu 16.04. My laptop is Toshiba satellite pro c640. I have tried all the solutions from ubuntu forum but nothing worked.
<sarnold> qoarzers: most of the people in this channel never even see their computers; you may wish to try in #ubuntu instead
<qoarzers> I want to do web developing using Rails in ubuntu
<sarnold> qoarzers: you've got a few choices to make there -- you can either stick with what's packaged in ubuntu's repositories, or you can stick with using ruby and rails and so on from upstream sources. both are fine choices but it's worth deciding that you want to do one or the other -- mixing and matching is likely to lead to trouble
<sarnold> qoarzers: I've really enjoyed reading the pragmatic programmer's guides to ruby on rails, I think they're a nice introduction
<sarnold> one trouble of course is there's so many versions of RoR that leads to so many books ..
<qoarzers> Yeah but the code is easy to understand
<sarnold> the downside is it can be insanely hard to pick up something that was left six months ago
<sarnold> and forward porting to newer versions may also be a bit tricky
<sarnold> the 'convention over configuration' may make it super-easy to get things done for the regular users but if you just fiddle with it every six months you'll go crazy when absolutely nothing you search for exists anywhere else in the source tree.
<qoarzers> sarnold: yeah that is true
<zzxc_> Alright I have a question. I'm running an AWS instance with 7.8G of ram + 4G of swap. I have a java application that had a memory leak that was fixed. The issue is OOM Killer keeps killing it, and I'm not sure why. I change it off of the heuristic alogrithm it is using way less tha the threshold. Any ideas?
<sarnold> can you tune the java heap with those -Xm blahblah command line options to encourage it to use less memory?
<sarnold> or can you buy another six gigabytes of RAM from amazon? :D
<sarnold> what do the swapin and swapout columns of 'vmstat 1' show when it's under load?
<zzxc_> sarnold: Well the thing is that its only using 1.5 G of actual memory. Its allocating more and the VIRT memory is 6G but the application is only using 1.5G of memory.
<sarnold> really?? that doesn't sound like you ought to be getting to oomkiller then :/
<zzxc_> Yeah. We even upped the threshold to 100 of physcial memory and it is still crashing. I migrated this from a 14.04 instance with less memory as well.
<sarnold> if you can't find anything 'obvious' in the logs, I think the next step is to try collecting enough data to spot a pattern; maybe gather slabtop output peridocailly, top sorted my memory output periodically, etc..
<zzxc_> We are using the -Xmx flag to give it a limit of 4G of memory.
<sarnold> what else runs on this system?
<zzxc_> A couple of things. Tomcat is running java, Apache, a headless libre office instance, clamav, SFTP clients some high volume users.
<zzxc_> I'm starting to wonder if the SFTP users are part of the issue.
<zzxc_> Unfortantly the person who set up this part decided to have a flat archive folder. For one of use SFTP clients there are over 147737 files.
<sarnold> ow
<zzxc_> Yep. Its also possible that it could be a memory leak somewhere as well. But it only seems to effect this env, though this is the heavist use one. This has been driving me nuts all week.
<sarnold> yeah it would do that
<sarnold> try getting some more data; run something every minute or so that outputs smem or top output, slabtop output, free -m output, etc.
<sarnold> based on what you've mentioned here it feels like all the memory is going to be pinned in the kernel to manage that ridiculous directory and bufferheads to manage IO to that directory
<sarnold> but those are .. wild guesses at best.
<zzxc_> sarnold: Yeah that sounds reasonable.
<zzxc_> I also am starting to think that some of the work that was done to fix this might be part of the issue. I'm going to disable the java profiler my boss put in place and change the alorigthm back to the heuristic method. That they value I got was to trigger on over commit.
<zzxc_> Anyways these are all tomorrow issues. sarnold thanks for the help.
<sarnold> zzxc_: good luck, and if you remember, I'd be curious to hear what it was when you sort it out
<zzxc_> sarnold: Will do.
<patdk-lap> oom killer? you have to look at the full output of oom killer
<patdk-lap> likely it is not the issue, but something else
<patdk-lap> what is the full dmesg output of the oom?
<sarnold> oh does it give useful output these days?
<patdk-lap> well, the output of the top programs and memory they are using at the time it picks what to kill
<patdk-lap> in my case, it's normally some other program that pushes the kernel over and causes it to oom somethign else (mysql)
<patdk-lap> cause it has the single largest memory allocation
<sarnold> oh nice
<sarnold> well, nice that it gives you -some- data :) my recollection was just "failed n-order allocation, killing task <blah> with badness <blah>" and then you weep in the corner
<sarnold> zzxc_: ^^ if there's data in the ooms, please do share :)
<blueking> fileserver with 4 nics  1 connected to router and plan have 3 nics  connected to switch...  2 or 3 vlan are gonna have access to fileserver...  how would you configure these 3 nics ?  one nic each subnet  or  LACP + trunk vlans on this ?
<patdk-lap> depends on the usage pattern
<blueking> patdk-lap point are increase throughput from fileserver to multiple devices/subnets
<blueking> if several devices access fileserver from same subnets  it's limited to 1 gbit if do 1 nic each subnet  if lacp it can  have 2 or 3 GBit's
<patdk-lap> blueking, no
<patdk-lap> and it depends on usecase
<patdk-lap> I wouldn't worry about multible client access, and it won't happen
<patdk-lap> everything has to be perfect everywhere, to have >1 client use >1gbit
<patdk-lap> most of the time, you are going hit many other limits, that will cause <1gbit performance
<patdk-lap> do you need redundency for failed links? use lacp, sure
<patdk-lap> if you need >1gbit speeds, and those users are on different vlans, sure use one port per vlan
<patdk-lap> but attempt to balance over lacp, is really not a simple thing at all, and depends a lot on luck
<patdk-lap> on paper, yes it looks good, but in practice, it won't work well for load balancing, unless you have a LOT of users
<patdk-lap> and we are talking about concurrent users access files at the same time
<blueking> patdk-lap what would you do ?
<patdk-lap> I have no idea
<patdk-lap> don't have enough info about what your doing, or need
<blueking> what I want  if user1 on subnet1 access fileserver and downloads a bd movie... and user2 on same subnet want to download another movie from same fileserver lacp should choose another nic for user2  and make total speed 1gbit+
<patdk-lap> no
<blueking> movies on fileserver are on raid0 arracy
<blueking> array
<patdk-lap> it will pick the nic based on it's hashing method
<patdk-lap> so if the mac, ip, port don't both hash to the same nic, sure, but if they do, heh
<patdk-lap> and you have to setup the proper hashing method on both sides, on the switch and the server
<patdk-lap> why attempting to balance using lacp with a small number of users is pretty much impossible
<patdk-lap> unless you can have full control, or a very static enviroment
<patdk-lap> to guarrentee the hashes will always balance correctly for the use you have
<blueking> 'hashing method'  havn't seen that on switches
<patdk-lap> if you haven't, your switch doesn't support lacp
<blueking> cisco sg200 hp procurve 2810 and 1810
<patdk-lap> it seems none of those devices allow you to change whatever it's default balancing method/hash is
<patdk-lap> so you are stuck with whatever it uses, probably, mac, or ip, or mac+ip
<blueking> patdk-lap ok
<jancoow> Hi. Where does USB storage devices get mounted in ubuntu server?
<tomreyn> jancoow: /media or /mnt
<tomreyn> or wheereever you specified in /etc/fstab
<JoseLuis_> Good afternon
<Seveas> \o
<JoseLuis_> Hello all, I feel my server in linode some slow and when a execute command
<JoseLuis_> ps -ef | grep " 1 " | grep root
<JoseLuis_> I see some command in execution like as "sh, id, cat resolv.conf, ifconfig eth0, 00:00:00 netstat -an, sh, sleep 1, cat resolv.conf, ls -la, ifconfig eth0, sleep 1, top, ps -ef, ls -la"
<Seveas> JoseLuis_: does 'top' indicate any specific busy process?
<JoseLuis_> root     10431     1  0 12:39 ?        00:00:00 top
<Seveas> JoseLuis_: if you don't mind sharing the full process list, run this command: top -c -b -n1 | nc termbin.com 9999
<Seveas> and paste here the url it outputs
<JoseLuis_> http://termbin.com/w7q6
<tomreyn> JoseLuis_: there's nothing particularly uncommmon to be seen there. accroding to top, the system is in good shape
<tomreyn> mongodb consumes a third of your RAM, but i guess that's intentional...
<tomreyn> it's a bit uncommon that you would run a process from a dot directory (.ogm, a 'hidden' directory), but this is likely intentional as well.
<JoseLuis_> yeah, the programmers let this configuration in this way
<JoseLuis_> Thanks for the information, I am not a admin but I execute command from another linde vm and sometimes lost communication
<JoseLuis_> with the command ping and a shell scripting
<tomreyn> ssh -D is a bit strange unless you're debugging something
<JoseLuis_> No, I am not debugging something
<JoseLuis_> my port to connect by ssh is different than port 22
<tomreyn> -D keeps the ssh daemon attached to the terminal, does not put it into the background (which normally you would do)
<tomreyn> so if there were issues with authenticating via SSH and you wanted to find out what's going on you might run it with -D
<tomreyn> but usually not during normal operation
<tomreyn> it doesn't disclose more information than usually this way, though.
<JoseLuis_> http://termbin.com/ixuz   is me
<tomreyn> JoseLuis_: if your only indication that 'something is not right' is that you sometimes loose the connection to this server, then you should diagnose the network.
<tomreyn> ...or have your admin do it
<JoseLuis_> tomreyn: the network is linode.com
<tomreyn> no, that's a domain name
<Seveas> I see lots of weird things in that top output
<Seveas> all those commands running as root, a /usr/bin/.sshd, that sjvxr process
<tomreyn> hmm right i missed /usr/bin/.sshd
<tomreyn> what about sjvxr, how is that weird?
<tomreyn> it's not a standard process name, google doesn't know about it.
<Seveas> no google hits
<Seveas> but especially all the root 'sh's
<tomreyn> could be some custom application their developers wrote, though
<Seveas> and 'id' and 'echo' that run long enough to show in top
<Seveas> which makes me think it's not 'id' and 'echo', but the server has been compromised.
<JoseLuis_> yeah, those things was my firt question
<JoseLuis_> *first
<tomreyn> JoseLuis_: do you know what /usr/local/bin/sjvxr is then?
<JoseLuis_> nop, but let me to ask to the programmers
<tomreyn> can you run sha1sum on it and tell us what it returns
<JoseLuis_> how run?
<tomreyn> type this into a temrinal: sha1sum /usr/local/bin/sjvxr
<JoseLuis_> 1e80879afda301ee47a749fef1005ddb579321e0  /usr/local/bin/sjvxr
<tomreyn> hmm there is no hit on google or virustotal on this checksum
<tomreyn> talk to your developers then
<tomreyn> if they don't know what it is, then it does indeed seem likely that the system is compromised. until more facts prove the opposite.
<tomreyn> if you can, take asnapshot of this system better sooner than later
<JoseLuis_> lidone makes a backup each weekend
<JoseLuis_> *linode
<tomreyn> JoseLuis_: can you also do this: sha1sum /usr/bin/.sshd
<JoseLuis_> 1e80879afda301ee47a749fef1005ddb579321e0  /usr/bin/.sshd
<tomreyn> wait thats the same file
<tomreyn> indeed this is very suspicious.
<JoseLuis_> yeah, the programmer is going to ask their parters
<JoseLuis_> *parters
<JoseLuis_> *partners
<JoseLuis_> I need to go to my home, i will to connect more later
<JoseLuis_> thanks for your comments
<JoseLuis_> see you
<JoseLuis_> he regresado.
<JoseLuis_> good afternon
<ChmEarl> I have the xenial server ISO on usb, formatted ext2. I copied my preseed to usb root. In xen, I can get the usb to boot, but the cdrom-detect won't mount my device, since its using fs-iso9660
<ChmEarl> except dropping to shell and trying to mount it as /cdrom, what else can I do. The device is /dev/xvdb
<ChmEarl> can I change the cdrom filesystem type in preseed?
<ChmEarl> oh, won't help since preseed is read after the cdrom mounts
#ubuntu-server 2017-02-05
<ChmEarl> maybe on boot cmdline: cdrom-detect/cdrom/filesystem=ext2
<mike-zal> quick question. I logged to my server after 4 days and there is 0 updates and yet it shows system restart required. I did reboot server after last update and there was no such indication last time I accessed server. why does it promt me to do so where there is no reason to?
<blueking> I need to open ports for steam account/gaming... question are  about "udp 27000  inclusive", incoming  and outbound  ...  I need to edit firewall rules only for lan-wan  or have to edit wan-lan too ?  I need to add forwarding ?
<jemoo> hello
<alkisg> Hello
<adrian_1908> hello. If I want to permanently disable any firewall rules so that I can work with nftables unimpeded, what would I do? Does "ufw disable" accomplish the task, or would I need to flush any default using iptables at every boot?
<samba35> you can disable service @boot time with chkconfig or systecmctl disable service name (in 16.04)
<tomreyn> ufw does set some default rules, so you may want to uninstall it
<tomreyn> oh, we're talking to a ghost
<samba35> :)
<jemoo> hi
<jaakkos> hi, after fresh install of the Ubuntu 16 LTS server, virt-manager over X forwarding is really slow apparently because of silly window effects that are taking place
<jaakkos> and it appears to be a server issue because of the lack of problem with everything else we use
<jaakkos> any idea where such effects could be disabled?
<patdk-lap> that would be a gui issue
<patdk-lap> not a ubuntu-server thing
<patdk-lap> ubuntu-server doesn't include any X stuff
<jaakkos> I see... I wonder which channel would be best to ask
<patdk-lap> probably whatever window manager your using
<jaakkos> the wm would be running on my laptop though and has no problem with virt-manager installs from eg. Debian
<rizonz> does ubuntu always needs a /etc/default/program for an initscript ?
<tomreyn> rizonz: no, not all daemons require such configuration files.
#ubuntu-server 2018-01-29
<cpaelzer> good morning
<lordievader> Good morning
<cpaelzer> rbasak: If you'd have a few minutes for an easy review https://code.launchpad.net/~paelzer/ubuntu/+source/sanlock/+git/sanlock/+merge/336757
<cpaelzer> rbasak: this is blocking libvirt builds, so resolving asap would be nice
<cpaelzer> (for now I uploaded a ~ppa version to unblock me there)
<cpaelzer> jamespage: coreycb: did you see my mail about libvirt storage backends on Friday?
<cpaelzer> it would be great to do the first upload the way you need it instead of shuffling things around afterwards
<cpaelzer> so if you'd have a minute please give it a read
<ahasenack> cpaelzer: hi, 'morning. I added a comment to https://code.launchpad.net/~ahasenack/ubuntu/+source/ubuntu-fan/+git/ubuntu-fan/+merge/335746, pinging you here in case you miss the email
<ahasenack> it's an old MP for which we were just waiting in the bionic merge, which finally happened
 * cpaelzer reading ...
<cpaelzer> yes I agree ahasenack
<cpaelzer> oh this was one of the cases with being the upstream in ubuntu failing to fetch the tarball
<ahasenack> git-ubuntu?
<cpaelzer> yep
<cpaelzer> I can get around it
<ahasenack> thx
<cpaelzer> but do you remember if we had a bug for it?
<ahasenack> cpaelzer: yes, https://bugs.launchpad.net/juju/+bug/1737640
<ubottu> Launchpad bug 1737640 in ubuntu-fan (Ubuntu Artful) "[SRU] /usr/sbin/fanctl: arithmetic expression: expecting primary | unconfigured interfaces cause ifup failures" [Undecided,In progress]
<cpaelzer> or 1741472
<ahasenack> ah, you mean git-ubuntu
<cpaelzer> yep
<ahasenack> did you get that TypeError backtrace?
<cpaelzer> no it is different now
<cpaelzer> I update the bug already
<ahasenack> ok
<cpaelzer> ahasenack: bug updated, tag uploaded, package in unapproved queue
<ahasenack> thanks, I'll watch over it now
<cpaelzer> ahasenack: I wasn't able to catch rbasak yet, if you'D have time (trivial MP) for https://code.launchpad.net/~paelzer/ubuntu/+source/sanlock/+git/sanlock/+merge/336757 that would be great as I need it to unblock some other things
<ahasenack> sure
<cpaelzer> ahasenack: thanks for taking a look at sanlock
<cpaelzer> ahasenack: I replied on the MP, but TL;DR yes this is how upstream does it
<cpaelzer> ahasenack: I didn't want to rewrite what they do, just fix the packaging around how it is atm
<cpaelzer> ahasenack: do you think I should drop that fix from the upload instead?
<cpaelzer> the one that is blocking me is the less discussion worth ordering in postinst
<ahasenack> cpaelzer: I found another bug, but unrelated to your fix
<ahasenack> it just uncovered it
<ahasenack> Jan 29 12:48:02 useful-dassie systemd-wdmd[5472]: /lib/systemd/systemd-wdmd: line 51: failure: command not found
<ahasenack> that "failure" shell func might be defined in redhat only
<ahasenack> I suppose the "success" one too
<cpaelzer> hehe
<cpaelzer> can of worms :-/
<ahasenack> I'll file a bug for it
<cpaelzer> ahasenack: the sanlock init also has these
<cpaelzer> but that is no more called these days
<ahasenack> yeah, my other comment was going to be to drop the sysv script
<ahasenack> but since it's used in the systemd hack
<ahasenack> I guess we have to keep it one way or the other
<cpaelzer> it sources /etc/rc.d/init.d/functions - maybe that is where it expects it from
<cpaelzer> yep that is where my fedora has it
<cpaelzer> part of initscripts-9.79-1.fc27.x86_64
<ahasenack> it also sources /etc/sysconfig/<stuff>
<ahasenack> very fedora-like
<cpaelzer> yes :-/
<cpaelzer> for now I at least want to get it as-working-as-before
<cpaelzer> ignoring all the extra clutter (for now)
<ahasenack> I filed a bug about that and gave a =1
<ahasenack> er
<ahasenack> +1
<coreycb> cpaelzer: yes i did see your email. james and i need to sync up on that and get back to you.
<cpaelzer> coreycb: ok, but please do realize that you wait on me and I wait on you :-)
<cpaelzer> coreycb: so help yourself by providing that answer fast :-)
<cpaelzer> thanks ahasenack
<cpaelzer> fyi ahasenack - https://askubuntu.com/questions/531189/ubuntu-equivalent-of-centos-success-failure
<cpaelzer> but it is not directly reusable
<rh10> hey. guys, it there any good tutorial how can i build .deb package from sources?
<mason> rh10: Fresh .deb packaging or rebuilding a .deb from a source package?
<rh10> mason, fresh package
<mason> rh10: https://wiki.debian.org/HowToPackageForDebian
<rh10> mason, thanks!
<mason> Should all apply to Ubuntu too.
<rh10> got it
<ahasenack> lamont: hey, around?
<jdstrand> Odd_Bloke: hey, I filed https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1746012 today and wanted to make sure it showed up on someone's radar (I see that Foundations is subscribed to rsyslog)
<ubottu> Launchpad bug 1746012 in rsyslog (Ubuntu) "please disable xconsole configuration in 50-default.conf to fix "rsyslogd-2007: action 'action 10' suspended, next retry is ..."" [Undecided,New]
<jdstrand> Odd_Bloke: I could do the upload myself, but wanted to at least check with someone
<sdeziel> oh yeah, that one's annoying
<mgariepy> ping cpaelzer
<mgariepy> do you have a minute to talk about: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1583009
<ubottu> Launchpad bug 1583009 in Ubuntu Cloud Archive "Error starting domain since update" [Undecided,Incomplete]
<sarnold> it may be past cpaelzer's end-of-day
<mgariepy> ha :( i'll try to catch him tomorrow then
<mgariepy> thank sarnold
<sarnold> hang around a little bit, you never know..
<sarnold> but still, don't feel bad if you don't get a reply for another ten or twelve hours :)
<mgariepy> yeah i know IRC :)
<sarnold> okay :)
<cpaelzer> mgariepy: it is past my EOD
<cpaelzer> I'm just running by a few times, but might be dragged away again any minute
<cpaelzer> mgariepy: I updated the bug in reply to your question 6 minutes ago
<mgariepy> cpaelzer, ok perfect.
<Epx998> Mmm ubuntu arm64, a new challenge
<sdeziel> s/rm/md/; done
<sdeziel> :D
<Epx998> we are testing with some new qualcomm servers, the firmware they shipped is us pretty bad
#ubuntu-server 2018-01-30
<Epx998> its too bad i cannot pxe boot my pi3
<TJ-> Epx998: you can do network boot
<TJ-> Epx998: see https://www.raspberrypi.org/documentation/hardware/raspberrypi/bootmodes/net_tutorial.md
<Epx998> think my pi is broken
<Epx998> there is no standard pw for ub16 arm if you dont preseed is there?
<TJ-> Epx998: I don't think so, it's either blank or 'ubuntu' I think
<Epx998> hmm ill try ubuntu
<Epx998> this arm64 box is wonky
<Epx998> hmm nope
<Epx998> aha ubuntu/ubuntu
<Epx998> heh restarting the network after adding interfaces hung the system
<sarnold> did you do /etc/init.d/networking restart or its moral equivalent?
<Epx998> service networking restart in the console, this hardware is bad - its not ubuntu at all
<Epx998> im not a fan of this qualcomm eval
<sarnold> at least ubuntu doesn't handle "service networking restart" real well. I'm guessing debian doesn't handle it well either.
<Epx998> ill do it the proper way going forward
<Epx998> this server takes 5 minutes to restart
<Epx998> heh its just spamming Ubuntu 16.04, guessing thats the prompt who knows -> https://gist.github.com/anonymous/309b9d3c30ea565b3af4c9fa49489d5a
<sarnold> crazy
<Epx998> its doing it again
<TJ-> is that via a serial console or something else?
<Epx998> yeah
<Epx998> it came up eventually
<Epx998> ipmi
<cryptodan> anyone running Dovecot, Postfix, and SASL successfully on Ubuntu Server 16.04?
<cpaelzer> good morning
<lordievader> Good morning
<cpaelzer> hiho lordievader
<lordievader> Hey cpaelzer How are  you doing?
<cpaelzer> fine, and you?
<lordievader> Doing good here, spitting through puppet emails -.-
<jamespage> coreycb: hmm we're starting to trip on debhelper >= 11~ for the queens UCA
<jamespage> cpaelzer: hi - this was the qemu-block-extras  thingmy right?
<jamespage> cpaelzer: replied to your email
<cpaelzer> hi jamespage
<cpaelzer> no this is "another one"
<cpaelzer> but in a simimlar spirit I'd say
<cpaelzer> jamespage: think of it as "the qemu-block-extra" thing but for libvirt storage support
<cpaelzer> jamespage: I discussed with coreycb yesterday and started as we did on qemu-block-extra
<cpaelzer> with making the suggest a recommend (for now)
 * cpaelzer reading mail ...
<jamespage> cpaelzer: +1
<jamespage> that's basically what I said :-)
<DammitJim> what does this do? Unattended-Upgrade::Allowed-Origins {
<DammitJim>         "${distro_id}:${distro_codename}";
<DammitJim> I don't want anything to be updated automatically on my servers
<coreycb> jamespage: saw that with debhelper, need to figure that out. maybe we can move those packages back to 10.
<coreycb> jamespage: most of b3 is uploaded.  keystone has 1 test failure i'm trying to figure out and i'm creating a heat-dashboard package since that's been split from horizon. i left you gnocchi.
<rbasak> DammitJim: "I don't want anything to be updated automatically" -> "I want to keep my servers insecure"
<rbasak> You should install security updates.
<rbasak> 99% of people who disable updates do not.
<rbasak> But if you insist, you can remove the unattended-upgrades package. That's probably the easiest way.
<rbasak> Alternatively, disable unattended-upgrades in /etc/apt/apt.conf.d/20auto-upgrades
<rbasak> Then the Allowed-Origins setting won't matter.
<jamespage> coreycb: ta (for gnocchi)  I'll do that work PM today and re-introduce the py2 gnocchi package for tobasco
<DammitJim> rbasak, I have to test them before I roll them out
<DammitJim> rbasak, how do I disable unattended-upgrades in /etc/apt/apt.conf.d/20auto-upgrades ? comment everything out?
<rbasak> DammitJim: as long as you do roll them out promptly, every time. What I'm saying is that I get the impression that 99% of the people who disable for this reason actually end up neglecting the roll out and leave everything vulnerable, which is also quite hostile to others on the Internet too.
<rbasak> DammitJim: APT::Periodic::Unattended-Upgrade "0"; presumably
<DammitJim> rbasak, that is very true!
<DammitJim> we are on a schedule... it's weird
<DammitJim> when something really critical comes out, I have to manually go through stuff
<rbasak> DammitJim: you should have it all automated
<rbasak> DammitJim: automated deployment tests, and automatic rollout of security updates if green.
<DammitJim> the problem is that some of those updates will fill up your /boot partition also
<rbasak> DammitJim: "apt autoremove" (optionally with --purge) should work well nowadays.
<rbasak> (to clean /boot)
<DammitJim> what is the configuration for that to be done automatically when it runs the critical update?
<rbasak> For what to be done automatically?
<DammitJim> autoremove
<DammitJim> because your /boot partition will get full otherwise
<rbasak> Unattended-Upgrade::Remove-Unused-Dependencies
<rbasak> See 50unattended-upgrades
<rbasak> But test that first.
<rbasak> Depending on how you've deployed, autoremove may remove extra stuff (if you don't have what you need marked as manual)
<rbasak> Because many people deploy in non-standard, unsupported ways.
<DammitJim> I had that set on a server I tested this on and it never cleaned up /boot
<rbasak> Did "apt autoremove" do it?
<DammitJim> but maybe I need to do more testing
<rbasak> How was the server installed?
<DammitJim> so, you might be right and I have a weird setting
<DammitJim> it's from a template
<rbasak> Depends on what you mean by "template". Users often hack up their own deployment systems which are subtly broken in some way.
<DammitJim> I could have possibly done that
<jamespage> coreycb: my head is still a bit fuzzy so going to work through the bom failures for queens pm today
<coreycb> jamespage: great, thanks
<coreycb> jamespage: keystone's uploaded. just working through heat-dashboard.
<jamespage> coreycb: awesome
<rh10> guys, how can i find out - what processes exactly in buffer/cache?
<Ussat> I 100% disagree with automated updates, I have that off on all systems
<dpb1> I used to feel that way.  But, I found that the vast majority of upgrades worked great for me on ubuntu, and taking the stance of security first helped me get over that hump.
<Ussat> I have monthly a monthly main downtime for my systems...
<Ussat> maint
<dpb1> fair enough, good discipline to have
<Ussat> Ya, I know I am lucky that way, I basically built our Linux infra from zero, so built that in from the start
<Ussat> Said "this is how it is" and my director backed me up
<dpb1> msft set the model with it's patch tuesday.  But, what do you do about the out of band hot security items?  just wait?
<Ussat> dpb1, depends on the vuln and how me and the sec team here determine how bad we are effected.
<Ussat> if it requires an immediate patch/reboot, well, we do that. TBH in this env not a lot does, 99% of my systems are not public facing and are VERY locked down
<Ussat> or I may sechedule a week out, it really depends on the issue it addresses
<Neo4> what is crontab?
<Neo4> for example I want create scraper and put there data using php, can I do it?
<Neo4> * * * * * wget -q -O - http://google.com  >/dev/null 2>&1
<jamespage> coreycb: hmm after fixing three debehlper downgrades, going todo a backport
<jamespage> debian have something in bpo which is close enough
<rbasak> Ussat: sounds like you're part of the 1% that actually follows through :)
<coreycb> jamespage: ok
<Ussat> rbasak, I work in healthcare/edu we are pretty regulated....
<Neo4> does exist difference  between curl and wget?
<Neo4> why we install curl if we can use wget?
<rbasak> Here in the UK, healthcare is also pretty regulated but they still run tons of XP and the NHS were infected by that ransomware not long ago. I'm not sure regulation and security are correlated :)
<rbasak> Neo4: relatively little difference from a user point of view. Use whichever you prefer.
<Ussat> rbasak, true, but at least here we try to keep a tight grip on things
<Neo4> rbasak: I try bread down php code there however used exec function and installed crontab and this wget
<Neo4> code is very complicated, can't understand how it works...
<Neo4> it seems use wget for get ulrs from internet
<rbasak> I wouldn't use exec from PHP to call wget or curl. That's pretty dangerous.
<Neo4> rbasak: do you know what is crontab?
<rbasak> Does PHP have a built in function to do that?
<rbasak> Neo4: I do, but please try Google first.
<Neo4> rbasak: it has exec() function
<rbasak> Neo4: which is dangerous to use from a web app.
<Neo4> we can do exec('pwd', $output, $result); and in result should be path to our current dirrectory where is file
<Neo4> rbasak: php can run shell commands
<Neo4> rbasak: what is dengerous? wget?
<Neo4> crontab is dangerous?
<rbasak> Neo4: calling exec from a PHP script is dangerous if based on unvalidated input
<rbasak> Neo4: search "input validation"
<rbasak> Since otherwise an attacker can inject arbitrary shell commands.
<Neo4> rbasak: ok
<cpaelzer> FYI - Server Team Office hours started - https://wiki.ubuntu.com/ServerTeam/Meeting
<cpaelzer> we actually don't mind when questions are asked, but if - for whatever reason - you held back questions, now is the time
<cpaelzer> around should be atm rbasak, nacc, dpb1, ahasenack, powersj and myself
<ahasenack> o/
<ahasenack> cpaelzer: hm, I missed a universe dependency in the new bind9 package
<ahasenack> lmdb
<ahasenack> I'll check
<cpaelzer> sure I saw it in excuses
<cpaelzer> but libvirt also complains and it is a false positive
<cpaelzer> so I wanted to give britney a chance to overthink things
<nacc> o/ as well
<ahasenack> cpaelzer: you mean about lmdb?
<ahasenack> ah, no, your case is glusterfs
<|\n> hello, i was looking for some channel where i could possibly ask a stupid hardware-related question, any hints are appreciated sincerely
<nacc> |\n: #hardware?
<nacc> !alis | |\n
<ubottu> |\n: Alis is an IRC service to help you find channels. For help on using it, see "/msg Alis help list" or ask in #freenode. Example usage: "/msg Alis list http"
<|\n> ah, thanks nacc
<nacc> |\n: can't remember if it's #hardware or ##hardware
<|\n> will try both, thanks, i'm slow =)
<jamespage> coreycb, beisner: https://www.percona.com/doc/percona-xtradb-cluster/LATEST/howtos/upgrade_guide.html
<coreycb> jamespage: seems simple enough. does the package need to run the upgrade commands or can that be left to the user?
<jamespage> coreycb: well... I think I see why this is not part of the pkg upgrade
<tdb> hi! the xenial daily images here http://cdimage.ubuntu.com/ubuntu-server/xenial/daily/ - when will they start using the newer 4.13 HWE kernel for the installer? I notice 4.13 kernel packages in the install media, but not for running the installer itself
<nacc> iirc, isn't that a menu choice?
<nacc> powersj: --^
<tdb> it is, but the hwe option still uses the older 4.10 kernel
<tdb> (as opposed to 4.4, for non-hwe)
<nacc> tdb: hrm, i'm not sure how that's decided, powersj would know
<tdb> I heard the 16.04.4 release has been put back, which is totally understandable, but I thought the daily builds might be ready for some testing
<powersj> looks like the udeb are all still 4.10
<powersj> basically those udeb (listed in the list file) need to be updated
<powersj> oh wait, I see 4.13 as well :) http://cdimage.ubuntu.com/ubuntu-server/xenial/daily/current/xenial-server-amd64.list
<tdb> yeah :)
<tdb> that's what made me think the installer itself might be using the newer kernel too
<powersj> sure enough uname -a shows 4.10 still
<tdb> I have new hardware which won't work with 4.10 :/
<powersj> not sure what project makes sense for a bug
<dpb1> I'm looking for the same
<powersj> ubiquity? syslinux?
<dpb1> powersj: https://bugs.launchpad.net/ubuntu-cdimage
<powersj> Since the kernel is already there I don't think hwe-linux
<dpb1> ?
<powersj> yeah
<dpb1> tdb: could you please file a bug there and report back?
<tdb> I wasn't sure if it was a bug, or just a "not yet done" thing
<powersj> it is worth filing to track it in either case
<dpb1> +1
<tdb> ok
<powersj> tdb: and please let us know the bug #
<tdb> powersj: 1746304
<powersj> tdb: great thanks!
<tdb> thanks for your help :)
<rlangford77> Where can I find out if ubuntu/canonical has an SNS topic for ami publish events?  Trying to keep things updated response to spectre/meltdown. I'm aware of the cloud image tracker, but we're looking to automate things like we're currently doing for amazon linux
<nacc> Odd_Bloke: --^ ?
<nacc> rbasak: grr, think i found a bug in debian_support.py's Version regex :/ upstream_version for e.g. 57ubuntu1 gets set to '57ubuntu1'
<nacc> :)
<Pinkamena_D> I have been using x2go+xfce4 for remote desktop connections but sometimes it is very slow, esp with internet browsers / any transitions. Is there any faster remote desktop software you would recommend? I like evrything about x2go except for the performance issues.
<sarnold> how does x2go compare to plain old ssh -X ?
<dpb1> Xrdp is an option.
<rbasak> nacc: that's a native package. It it supposed to be a debian version only in that case? I don't recall the spec.
<nacc> rbasak: yeah, see my MP, i'lll try to find the docs
<nacc> rbasak: i guess i should clarify here and there
<nacc> rbasak: it is 'correct' by the spec
<nacc> but is not at all what anyone wants :)
<nacc> since the point is to compare between ubuntu and debian packages
<rbasak> nacc: which MP please?
<nacc> rbasak: one moment
<rbasak> https://code.launchpad.net/~usd-import-team/usd-importer/+git/usd-importer/+ref/master/+activereviews is rather crowded right now :-/
<nacc> rbasak: https://code.launchpad.net/~nacc/usd-importer/+git/usd-importer/+merge/336870
<rbasak> nacc: or actually, which MP do you want me to look at first right now?
<nacc> rbasak: https://code.launchpad.net/~nacc/usd-importer/+git/usd-importer/+merge/336645 is the one i need the most help with
<nacc> rbasak: and is probably chronologically the most urgent (so we cann start phasing main)
<rbasak> OK
<nacc> rbasak: iiuc, you're under the weather, though, so take care of yoursellf first :)
<dpb1> nacc: +1
<rbasak> I'm wide awake and alert right now
<nacc> loll
<rbasak> So I might as well look :)
<nacc> rbasak: if you want to chat about it, just let me know
<rbasak> ack
<dpb1> rbasak: :)
<nacc> rbasak: if you are around, though, I did have one question for you that is probably easiest to do in a HO
<rbasak> I'm around but not really in a position to join a HO
<rbasak> IYSWIM :)
<nacc> rbasak: i do :)
<nacc> not urgent, so that's fine
<rbasak> nacc: for that MP, +1 up to and including 4c6e3c7de1
<rbasak> That all looks reasonable, so please put that in a separate MP and land it to avoid another mega MP
<nacc> rbasak: oh sure, i can do that
<nacc> yeah those were cleanups i pulled up the stack as i went
<nacc> rbasak: i'll do that now?
<rbasak> sURE
<rbasak> nacc: next, in 4c6e3c7de1, what's the reasoning to not use pytest exactly? I don't mind but it feels inconsistent. We're already using pytest when we need to parameterise.
<nacc> rbasak: it was from my discussion with powersj
<rbasak> (IOW, we have exactly one pattern for parameterisation right now)
<nacc> on getting to one model for our testing
<nacc> i think he suggested unittest over pytest, but i might be misremembering
<nacc> also this way we don't need pytest in the snap..
<nacc> but i can switch it back
<powersj> heh I've had separate conversations with each of you, but think we reached different conclusions.
<nacc> heh
<rbasak> I'm open to discussion on this
<rbasak> If we can replace everything we're doing with pytest I'm happy to lose pytest entirely.
<powersj> when I talked to rbasak last fall it was pytest, as it was very handy, even though other projects were using unittests/nose/etc.
<nacc> rbasak: (and i assume you meant a differenrt hash, as that's the one you just hacked)?
<nacc> *acked
<rbasak> nacc: sorry, 23729b3
<rbasak> ...but if we can't drop pytest, then it would be nice to have a consistent set of patterns to use for the different test needs we have in the project.
<rbasak> eg. "need parameterisation? Use _this_ pattern"
<nacc> right
<nacc> to be clear the subTest thing is newer in unittest
<nacc> so maybe it wasn't there when you looked before
<nacc> and i thnk we could abstract it up one level so it isn't so nest-y/indented
<rbasak> In any case, perhaps that's a discussion we need to have.
<nacc> yeah
<nacc> i guess i preempted it with code :)
<rbasak> If we do decide to switch the parameterisation pattern, we'll need to change all the other occurances.
<nacc> i also, for whatever reason, found unittest easier to understand then pytest
<rbasak> So how about, for now, we keep the existing pattern?
<rbasak> Rather than have two in the codebase at once.
<rbasak> If we decide to switch patterns, then we can have a single commit switching them all over
<rbasak> And the subsequently not use the old pattern again
<rbasak> Introducing a second pattern forces a future fix regardless of which way we go
<nacc> rbasak: ok, the other thing i found handy is that unittest can do test discovery, perhaps pytest can as well
<rbasak> pytest does test discovery by default. So I'm not sure what you mean
<nacc> rbasak: right now we have to pass files to pytest
<nacc> rbasak: unittest can find them from the modulel
<rbasak> You can just give it a directory
<nacc> rbasak: https://code.launchpad.net/~nacc/usd-importer/+git/usd-importer/+merge/336877 cleanups only
<rbasak> nacc: +1'd
<nacc> rbasak: and resubmitted the fixes as dependent o that one
<nacc> rbasak: i'll land it once CI passes (I expect it to)
<rbasak> OK
<nacc> powersj: can i tell tox to use a particular version of python3?
<nacc> powersj: i think the CI env (xenial?) has 3.5.1-3, while we use 3.6.3 in the snap, so there might issues
<nacc> e.g https://jenkins.ubuntu.com/server/job/git-ubuntu-ci/274/console which passes locally on bionic
<rbasak> nacc: for testing the Sources file downloads, verification, etc, I'd either get some small files from the archive (eg. restricted?) and put them in a test directory and use those instead of HTTP, or I'd prepare my own minimal ones, sign them with a test key and adjust the code to verify with the test public key. The test keys would want to be text in the repo though, so there'd have to be a test
<rbasak> fixture to import them into a keyring.
<rbasak> The latter is cleaner but possibly more work.
<powersj> nacc: my understanding is the version of python you want to use has to be installed
<nacc> rbasak: ah that's a good idea
<powersj> so even if you add a py34 (for 3.4) or py36 in your case, if that version of python is not already installed it will fail trying to find that version of the interpreter
<nacc> powersj: so how should i do this? :)
<powersj> well do we know for a fact that 3.5 fails? or has consequences for running with it?
<powersj> of course testing on the version you are using is probably more important :)
<powersj> so we could run tox in bionic a container
<nacc> powersj: right, the latter is the relevant point, but let me spin up a xenial
<nacc> powersj: right, but that doesnt' really solve the problem, it just punts it furhter into the future?
 * powersj thinks he messed up the word order there
<powersj> nacc: how so?
<nacc> powersj: let's say we envetually move ahead of the bionic python3
<nacc> the bionic container doesn't help us :)
<powersj> true - we could still use a container and install the version that you are using
<nacc> powersj: we build it from source, though, meaning it might not be available as a package
<powersj> nacc: I guess I don't see that as an issue we can do the same thing, it only makes testing longer and more complicated
<nacc> powersj: ok, i just didn't wannt to have to have our testing infra build python3 every time
<nacc> it's not exactly fast
<powersj> yeah :\
<powersj> I guess the other alternative is install from something close? or try to get your own development stuck to a specific version and if you move we have to move testing as well?
<nacc> yep
<nacc> powersj: confirmed xenial's python3 does not work
<nacc> and there is no python3.6 in xeniall
<nacc> hrm
<nacc> rbasak: --^ thoughts?
<nacc> (i think the big thing is it looks like NamedTuple support is either different or missing)
<nacc> possibly in pylint3
<nacc> i wondner
<rbasak> We should develop and test against whatever version the snap uses
<rbasak> Right?
<nacc> that would be ideal
<nacc> but that wouldl mean every CI job needs to buildl the snap's env
<powersj> we could try using pyenv maybe? I haven't played much with it
<nacc> outside of the snap
<rbasak> Could it be cached somehow?
<rbasak> Feels like a fundamental issue with developing a project deploying with snaps
<rbasak> Snap upstream should have a solution for us on this
<nacc> i'll ask
<rbasak> Thanks
<nacc> meanwhile, do we want to bump our tox env?
<nacc> artful would be sufficient for now
<powersj> nacc: when you said didn't work on xenial? was that using python3.6 because it doesn't exist? or something else?
<nacc> powersj: tox itself fails on xenial with the branch referred to above
<nacc> powersj: because it's using 3.6 features and only 3.5 is available to run
<nacc> (we currently just call python3)
<nacc> rbasak: if we were to add pylint to our snap, i thinnk we can run the tests as an app
<nacc> possiblly using tox itself
<rbasak> I have no objection to that
<nacc> powersj: if we did that, we'd change the jenkins to something like git-ubuntu.self-test
<rbasak> We might need to add pytest though
<nacc> yeah
<nacc> rbasak: true, if we were to lift up all of CI, that's true
<nacc> i was initially just suggesting the bit we know is broken
<nacc> but might as well fix it rigth :)
<nacc> powersj: if i get you a branch with the corresponding changes, wouldl you be able to do a test CI run with it?
<nacc> not sure how easy it is to do a one-off pipelline
<powersj> nacc: branch changing the CI?
 * powersj is also confused why you are changing how you call tox
<nacc> powersj: have a moment for a quick HO?
<powersj> yeah
<nacc> powersj: i think i can expllain it better that way :) standup-server
<nacc> powersj: do you have a link to your script running pytest3?
<powersj> nacc: https://github.com/canonical-server/jenkins-jobs/blob/master/git-ubuntu/jobs-ci.yaml
<nacc> powersj: ta
#ubuntu-server 2018-01-31
<mkoninckx> Hey guys, having a bit of trouble setting up ssh pubkey authentication. I've done some research and made sure the permissions are set correctly, etc. I turned on debug-level logging in sshd_config and am getting an error message I'm not seeing mentioned anywhere: debug1: Could not open authorized keys '/home/mkoninckx/.ssh/authorized_keys': No such file or directory
<mkoninckx> The file does exist, but I guess the ssh service can't see it for some reason?
<mason> mkoninckx: Check ownership and permissions.
<sarnold> are you sure you checked on the server?
<mkoninckx> mason, good suggestion. I vaguely remember checking, but I'll do it again.
<mason> mkoninckx: And check ownership and permissions of /home/mkoninckx and /home/mkoninckx/.ssh too
<mkoninckx> sarnold, yes
<sarnold> namei -l /home/mkoninckx/.ssh/authorized_keys  is probably the quickest way to find the missing step :)
<Neo4> mkoninckx: file doesn't exists, you need specify right path to key
<mason> Oh, neat. When did namei pop into existence?
<mason> Neo4: Nah, that'd be on the client side.
<sarnold> mason: dunno but I wish it'd been there two decades ago :)
<sarnold> cause I'm bloody tired of ls -l .. ; ls -l ../.. ; ls -l ../../.. and on and on .. :)
<mason> Yep.
<Neo4> mason: errors with wrong files http://pix.toile-libre.org/?img=1517372972.png
<mkoninckx>  I (mkoninckx) own /home/mkoninckx, /home/mkoninckx/.ssh/, and /home/mkoninckx/.ssh/authorized_keys/.
<mason> mkoninckx: It's... a directory?
<mkoninckx> ah no sorry that was a typo
<mason> kk, good
<mkoninckx> It's definitely a text file. I can open it with vi and see the public keys.
<Neo4> mkoninckx: good
<mkoninckx> Permissions are 755 on my home directory, 700 on .ssh and 600 on authorized_keys
<mason> Alright, that should all be reasonable. And this is on Ubuntu?
<mkoninckx> Yeah, 16.04 Server
<mason> I'd say "run restorecon" if the server were EL
<Neo4> mkoninckx: now you set up it, and you can access server without input password use it
<Neo4> ssh username@ip-of-server -i /path/to/privet/key
<mason> Neo4: that's client side, and his error is server side
<Neo4> mkoninckx: than if it will work good, you can turn off access to server using password
<Neo4> mason: yes, I confused
<mkoninckx> Neo4, when I do that, I get a password prompt.
<mkoninckx> For comparison, I have another user set up on this server that I've set up pubkey authentication for and it works fine. I don't get the same error messages in the logs, and I get no password prompt.
<Neo4> mkoninckx: it means your privet can is not right
<sarnold> mkoninckx: is it in an encrypted mount?
<mason> Neo4: It means his authorized_keys file is wrong.
<mason> mkoninckx: Hey, you haven't turned on chrooting, have you?
<Neo4> or yes, authorized_keys wrong
<mkoninckx> sarnold, I think I may have enabled that when installing the server, yes. Is there a good way to check?
<mason> Ah!
<mason> mkoninckx: mount should show you what's what and where
<sarnold> mkoninckx: maybe something like mount | grep ecryptfs   ?
<Neo4> mkoninckx: one of two authorized_keys wrong or you type wrong path to privet key
<mason> Neo4: No, it's not anything to do with his client, at all.
<mkoninckx> I can see it in the output of mount: /home/.ecryptfs/mkoninckx/.Private on /home/mkoninckx type ecryptfs
<mkoninckx> I was expecting that to be transparent to anything running on the machine, but I'm getting the feeling that was wrong.
 * mason bows out and leaves it to sarnold, having only ever used LUKS partition-wide.
<Neo4> mkoninckx: simply on server put your public key in folder /.ssh/authorized_keys . and then you are able to login using privet key ssh user@ip -i /path-to-privet-key , check yourself where you have made error or repeat it
<Neo4> one more time
<sarnold> mkoninckx: feel free to ignore Neo4 for the moment
<sarnold> mkoninckx: this advice looks useful https://askubuntu.com/questions/809186/ssh-public-key-authentication-not-automounting-encrypted-drive -- but it's annoyingly terse
<Neo4> :)
<sarnold> this is a bit better but hilariously gives advice to reboot in the middle for no reason https://unix.stackexchange.com/a/186285/7064
<sarnold> mkoninckx: but this might not really be pleasant -- you're going to need the password in order to decrypt the key used for the ecryptfs mount
<mkoninckx> sarnold, I understand the advice in the askubuntu link
<sarnold> mkoninckx: alright, good good :)
<mkoninckx> Thanks for your help!
<sarnold> mkoninckx: wait a sec
<sarnold> mkoninckx: check the other user!
<mkoninckx> ?
<sarnold> you said you've got another user account on the system where pubkey auth works fine
<mkoninckx> Oh, yes
<sarnold> make sure it still works
<sarnold> or fails
<sarnold> as you expect :D
<mkoninckx> I created the other user on the machine after it started, and I don't have that home directory under an encrypted mount.
<mkoninckx> Which is I guess why it would work.
<sarnold> yeah
<sarnold> you'll have to symlink or handle its authorized_keys similar to your account
<sarnold> same for everyone else on the machine
<mkoninckx> OK. I think I read that askubuntu article a bit fast. What I'm planning to do is just make the changes to sshd_config and copy, not symlink, the appropriate authorized_keys files into the right places.
<mkoninckx> Is there a reason not to do that?
<sarnold> once you change the sshd config file, it's going to be looking in a different spot for the authorized_keys files for EVERYONE
<mkoninckx> Yes, I'm expecting that.
<sarnold> okay :)
<sarnold> then you're probably prepared for what that means for all the other users on the system
<mkoninckx> I should be clear - this is not, like, a serious production server or something. It's just a cast-off Dell desktop I'm running a Minecraft server off for my friends.
<mkoninckx> The second user is also me, it's just the user for running the Minecraft server.
<sarnold> so the stakes are even higher :)
<mkoninckx> :)
<sarnold> it's just that this moment it's obvious what needs to be done; in another six months, it'll be way less obvious.
<sarnold> so better to find surprises right now and deal with it
<mkoninckx> Right, don't get me wrong, I appreciate the double-checking!
<mkoninckx> Thanks for the help, guys. Last time I did this it was an AWS micro instance, so I got a lot of this config done for me behind the scenes.
<sarnold> it probably didn't have ecryptfs in place :)
<mkoninckx> Almost certainly. I guess this is one of those instances of knowing enough to shoot yourself in the foot, but not enough to un-shoot yourself in the foot
<sarnold> right :)
<sarnold> the error message is unhelpful and yet very helpful .. *why* does the file not exist if you're sure it's there... gotta get creative to figure out why you can see it once you're logged in but sshd can't see it :)
<mkoninckx> Actually, that makes me curious - why can't sshd see the file, but I can once I'm connected?
<mkoninckx> I guess I should rephrase
<mkoninckx> What's different about sshd that it can't see the files that are mounted? I assumed that was transparent and from the perspective of sshd shouldn't be different than the files actually being written there
<sarnold> the file doesn't exist until you login; then the ecryptfs PAM module unlocks the secret key, and mounts your own home directory / filesystem
<sarnold> so it might have even worked if you were logged in locally and then ssh'd in.
<mkoninckx> Ah, that makes sense.
<cpaelzer> good morning
<sarnold> hey cpaelzer :) must be time for me to go make dinner, hehe
<cpaelzer> yep, I'm glad to serve as an alarm bell sarnold :-)
<sarnold> :D
<tanuki> How stable is 18.04?
<andol> tanuki: At this point, approximately 74% stable.
<lordievader> Good morning
<johan_hedin> hi.. i am not where to find apache logs
<funabashi> hi guys ist possible i can see what a guy have done atfter he removed/clean bash_history ?
<hateball> johan_hedin: /var/log/ usually
<johan_hedin> hateball: how can i check that both php5 and php 7 version installed on server ?
<johan_hedin> as sererver admin tells us that two version running on server
<hateball> johan_hedin: what version of Ubuntu is this?
<johan_hedin> its centos
<hateball> So... why are you asking in #ubuntu-server ? :|
<johan_hedin> and centos group banned me .. dont know why..
<johan_hedin> well command is same i think
<hateball> They dont have the same package managers or repositories, how would it be the same?
<johan_hedin> hateball:
<johan_hedin> can you we run php5 for a specific folder?
<johan_hedin> can we do something in apache host file that we can run php5 for specific folder ?
<hateball> johan_hedin: you're better off asking in #httpd
<coreycb> jamespage: hmm nova dep8 tests are failing due to this: https://paste.ubuntu.com/26494870/
<coreycb> jamespage: in journalctl this error shows up right before the use_tpool error: nova-scheduler.service: Failed to change ownership of session keyring: Permission denied
<coreycb> jamespage: ok i narrowed the nova failure down to this patch. the error goes away when it's reverted: https://github.com/openstack/nova/commit/910008e2ef5dae1698ff7db791f4816c728c8bd0
<rbasak> powersj: available for HO?
<powersj> rbasak: sure
<rbasak> powersj: still in standup HO
<mason> Stand-up meetings always remind me of https://www.youtube.com/watch?v=nvks70PD0Rs
<mason> It's not quite as good as the "MongoDB is web scale" video, but it's not bad.
<dpb1> or "the website is down"
<mason> heh
<Nivex> or IPv6 and NATs
<mason> That one doesn't ring a bell. Looking.
<Nivex> https://www.youtube.com/watch?v=v26BAlfWBm8
<mason> ty
<Ussat> OMG, have not watched "the website is down" in a while.....love that
<dpb1> speaking of mongodb, this one is funny: https://sookocheff.com/post/opinion/the-five-stages-of-nosql/
<nacc_> powersj: hit a snafu with my in-snap testing idea
<nacc_> tox assumes it can write to where the snap's tox.ini resides
<nacc_> i wonder if we should just drop tox
<nacc_> (from the snap in-snap testing)
<powersj> given tox is only running pylint and pytest and you are running very specific versions of those on a very specific version of python I don't find tox as useful for the project
<nacc_> yeah
<nacc_> that's what i'm thinking righ tnow
<nacc> powersj: ok, got it mostly working, i thinkn
<nacc> rbasak: sigh, 3 of your tests fail in the snap
<nacc> rbasak: a) you assume you can call dpkg-buildpackage :)
<nacc> rbasak: is that just to be sure it's buildable?
<nacc> rbasak: https://paste.ubuntu.com/26497869/
<nacc> we coulld innclude gcc in the snap, but i'd really rather not :)
<rbasak> nacc: no, dpkg-buildpackage is needed to actually build the dsc from a Debian source tree
<rbasak> Though perhaps dpkg-deb directly might be sufficient for our cases
<nacc> rbasak: i think both will end up requiring gcc
<nacc> it is a static check, iirc
<rbasak> I don't think dpkg-deb needs gcc
<nacc> rbasak: oh it's not perl?
<nacc> it's really dpkg-architecture that needs gcc, iirc
<rbasak> Perhaps we could stub something out
<nacc> rbasak: and i expect the first failure might be related, since it's all from the source builder/
#ubuntu-server 2018-02-01
<pfriel> Has anybody seen issues with sssd causing your AWS c5 instance to freeze using either the 20180122 or 20180126 Ubuntu cloud images?  I have narrowed it down to sssd.. if I disable that the box works fine but once I start it the box hard locks and CPU goes to 100% on the instance.  No helpful logs in /var/log/kern.log, syslog, etc
<nacc> Odd_Bloke: ahasenack --^
<rbasak> nacc: I think the first failure may be correct.
<rbasak> I'm not sure why it worked before, but for non-native, a version string of '1-1' may be required instead of '1'.
<nacc> rbasak: i was reading the wrong, tbh, every Source() will fail because dpkg-buildpackage will fail
<nacc> reading the output wronng
<nacc> rbasak: i'm not 100% confident our CI was testing it, tbh
<rbasak> I'm pretty confident I had it passing locally before submitting
<nacc> sure
<nacc> i'm lookoing onw
<nacc> also it seems like we are usig some unknnown options in tox
<nacc> i'll need to sync with powersj on that
<nacc> ah yes, he's having to do it manually too
<nacc> rbasak: see jenkins, i think powerjs is passing all the files by hand,b ecause the directory discovery doesn't work
<nacc> i thik it looks for fiels with test_*.py *_test.py possibly
<powersj> I believe I currently use something like gitubuntu/*
<rbasak> I believe so. It's tuneable
<nacc> rbasak: right, but we haven't pullled most tests to their own file yet
<nacc> rbasak: and actually, we'll need tox outside i'm realizing
<nacc> because the scripts aren't in the snap
<nacc> welll, they are, but they won't run and aren't exposed
<pfriel> nacc is there anything specific I could provide you all to help troubleshoot this sssd causing crashes on AWS c5 problem?
<rbasak> Perhaps the scripts should be in the snap
<nacc> pfriel: i'd wait to see what they say
<rbasak> (and exposed)
<nacc> rbasak: i mean they can be, but they don't need to be
<pfriel> nacc: k, thx
<nacc> rbasak: and that's sort of orthogonal to this task (i can do it next)
<rbasak> Understood
<nacc> powersj: ah you're using a more recent pytest than is in ubuntu? (hence the --cov option)
<ahasenack> pfriel: sorry, haven't seen that
<rbasak> nacc: --cov comes from a plugin
<powersj> ^^ but I also think I am using a version installed via pip and not in-distro
<rbasak> python3-pytest-cov package
<nacc> i see
<ahasenack> pfriel: suggest you file a bug about it
<nacc> rbasak: powersj: ok, let me see if i can make that happen in the snap
<rbasak> I'd forgotten about that, sorry.
<ahasenack> pfriel: I'm subscribed to sssd bugs, I'll get it when you file it. Please include all possible logs you have
 * ahasenack -> bed
<rbasak> I'd like to have a ratchet on test coverage and on pylint warnings in the end
<rbasak> But we're perhaps not ready for that yet
<nacc> i have to think of how to get that plugin
<nacc> we eed to build it in our case
<nacc> to match the python we use at runtime
<pfriel> ahasenack: ok, will do that.. thx
<nacc> powersj: yeah, it's funny (not a bug), we instlal pytest 3.1.3 in our snap and you run with 3.2.1 because of pypi, i think
<powersj> yeah
<nacc> powersj: any idea? https://paste.ubuntu.com/26497978/
<powersj> So I believe tox installs things in a virtual env and you are calling /usr/bin/python which would be outside that env?
<powersj> Can you paste your tox.ini
<nacc> llet me tryu making that relative
<nacc> ok yeah that fixed that error
<nacc> and gave different ones :)
<nacc> rbasak: ok, i'm building it now, but i think have the tests running inside the snap and llinting outside of it
<nacc> rbasak: the unittests in the snap for the scripts/ directory nneed some thinking still
<nacc> rbasak: i would appreciate some time o the above failures, as we should resolvle them before landing the changes
<nacc> oh i see why the scripts aren't workingn (tests). It's what you were saying powersj, you're acutaly using shell expandsion to get the files, not tox
<nacc> powersj: and that's why we weren't using tox for the unit tests :) because we couldn't get it to find the tsts correctly
<rbasak> nacc: in tox.ini, try "[pytest]\npython_files = *.py"
<rbasak> Or py.test-3 -o 'python_files=*.py'
<nacc> rbasak: ah i'll try that
<nacc> rbasak: woo, got the tests passing with the self-test app (excluding the scripts, which is really a separate thing)
<nacc> i'll update the cleanups branch
<nacc> for it to pass CI, we'll need to adjust the CI runner, though
<nacc> rbasak: and we need to fix those 3 tests, of course
<nacc> powersj: --^ fyi as well https://code.launchpad.net/~nacc/usd-importer/+git/usd-importer/+merge/336877
<nacc> powersj: so i think what will change in the pipeline is we'll add a stage that calls git-ubuntu.self-test
<nacc> and drop the tox stage for now
<nacc> rbasak: i'm trying to decide if we want to snap the scripts as their own subcommands? or just expose them directly as applications. The former means i can update setup.py to pull in our deps but they will all need rewriting. The latter is easier, but I need to think about how to ensure their deps get pulled in (since they ahve their own)
<nacc> Mabye the latter for now, with a long term goal of the former?
<DirtyCajun> Anyone know why the iscsi-target package has been broken for ages?
<nacc> DirtyCajun: it's not needed since yakkety
<nacc> DirtyCajun: so it depends on what you mean
<nacc> (the driver has been mainlined)
<DirtyCajun> timeout
<DirtyCajun> ive never read an article about creating a target without that package
<nacc> DirtyCajun: ... you could try and be a bit more verbose?
<DirtyCajun> bestow your wisdom
<DirtyCajun> XD
<nacc> DirtyCajun: what version of ubuntu?
<DirtyCajun> 16.04.3
<DirtyCajun> even the ubuntu page still says it
<DirtyCajun> https://help.ubuntu.com/lts/serverguide/iscsi-initiator.html
<nacc> that page does not mention the iscsi-target package at all?
<DirtyCajun> iscsitarget is a dependancy
<nacc> DirtyCajun: of what?
<nacc> there are no reverse-dependencies on src:iscistarget in ubuntu xenial, afaict
<DirtyCajun> i linked the initiator package not the target package thats my fault
<nacc> *iscsitarget
<nacc> and there is no package iscsi-target in ubuntu
<DirtyCajun> https://www.server-world.info/en/note?os=Ubuntu_16.04&p=iscsi&f=2
<DirtyCajun> thats the newest help guide i can find
<DirtyCajun> and still requires iscsitarget
<nacc> DirtyCajun: if you are on 16.04.2 or later, you don't need any package
<nacc> DirtyCajun: the iscsi target driver is in the kernel
<nacc> so i mean the hwe stack thereof
<nacc> if you are on the 4.4 kernel, then yes, you need the package
<DirtyCajun> where is the config files located. same place?
<nacc> DirtyCajun: what config file?
<nacc> DirtyCajun: honestly, it seems easier to use tgt to server out iscsi disks
<nacc> DirtyCajun: but yes, i think the userspace components of iscsitarget (note what i was referring to earlier was the iscsitarget-dkms stuff) is the same
<lordievader> Good morning
<rbasak> nacc: sounds reasonable
<cpaelzer> jamespage: FYI while proposed migration might need a bit all you need as base for the new virt stack is in 18.04 proposed
<cpaelzer> since monday actually
<cpaelzer> since we said end of january I hope that qualifies :-)
<jamespage> cpaelzer: awesome
<cpaelzer> jamespage: it might be hard for you to pick it up now, do you want another ping once it all migrated?
<jamespage> cpaelzer: I need to poke at the auto-backporter on the next two days anyway (as it looks like I need to rev some deps)
<cpaelzer> yeah you coud try eliminate all the backport hickups from the sources already
<cpaelzer> and know them all to make is a fast action once migration is complete
<jamespage> coreycb: ok queens-staging is now good for debhelper compat 11 - sorting out the trunk testing PPA
<jamespage> coreycb: we'll need to stage the various pkgs into proposed as its very order dependent
<coreycb> jamespage: ok great
<coreycb> jamespage: everything should be uploaded now for b3. heat-dashboard is in the new queue. let me know if you have any thoughts on how to enable tests for heat-dashboard (see comment in d/rules).
<MJCDoffice> hey y'all
<MJCDoffice> im looking for something that will cache dns requests?
<MJCDoffice> like, if it has no internal entry, it will check with google dns
<MJCDoffice> also I have some questions about ubuntu cloud but the channel is invite only
<lordievader> MJCDoffice: Something like dnsmasq?
<cpaelzer> MJCDoffice: https://www.g-loaded.eu/2010/09/18/caching-nameserver-using-dnsmasq/ or actually systemd-resolved is "implements a caching and validating DNS/DNSSEC stub resolver"
<lordievader> Local caching resolver.
<MJCDoffice> wait whats this about systemd-resolved
<MJCDoffice> like im going to make this device into the networks main gateway
<MJCDoffice> I just want to keep as much as I can internal traffic
<MJCDoffice> even give it a 1TB drive haha
<cpaelzer> so not client only
<cpaelzer> yes then dnsmasq might be a good solution to try
<MJCDoffice> awesome
<MJCDoffice> and then there's obviously squid
<MJCDoffice> for http
<MJCDoffice> postfix for mail yeah?
<MJCDoffice> can squid cache https stuff?
<cpaelzer> MJCDoffice: depends on your POV on breaking https by it being a man-in-the middle https://wiki.squid-cache.org/Features/HTTPS
<MJCDoffice> cpaelzer, yeah I know about that but you're saying its already there in that
<MJCDoffice> so that's perfect
<MJCDoffice> not that im trying to spy
<MJCDoffice> its more for like QoS
<MJCDoffice> thb id like to figure out why I cant ping rpi
<MJCDoffice> but can ping rpi's ip
<MJCDoffice> the hostname is in caps but I dont think its case sensitive
<MJCDoffice> but I tried RPI anyway
<cpaelzer> can dig resolve the IP
<cpaelzer> you can triy different nameservers with @nameserver
<MJCDoffice> im on windows atm
<MJCDoffice> im heading home but that's where the pi is anyway I think I need to enable ssl access
<MJCDoffice> back shortly
<coreycb> jamespage: i'm taking a look at the python-coverage backport
<rbasak> ahasenack: in the libzstd Xenial MP, what's the purpose of:
<rbasak> -                               --devunversioned \
<rbasak> please?
<rbasak> ahasenack: also I don't see the dh_auto_clean rule that you're adding in the SRUs present in Bionic. Is it required there?
<jamespage> coreycb: https://code.launchpad.net/~ubuntu-server-dev/ubuntu/+source/percona-xtradb-cluster-5.7/+git/percona-xtradb-cluster-5.7/+merge/337000
<zul> jamespage: you guys packaged magnum? interesting
<jamespage> zul: we we've tended magnum - I'd not say we did the original packaging?
 * jamespage looks
<jamespage> zul: yah it came via debian originally
<zul> jamespage: yeah thought so
<hackeron> Hi there, I created a file /etc/systemd/system/openvpn@.service.d/override.conf and I created a [Service] section with Restart=always and RestartSec=30 -- this is working well and makes sure OpenVPN client restarts even if there is a temporary issue with the server. However, every time I update openvpn with apt-get upgrade openvpn, it starts 2 openVPN processes and both keep restarting endlessly.
<hackeron> Any ideas why this happens and how to resolve?
<mason> hackeron: Are you running it foreground or background? I'd suspect you'd want foreground if you're having lennartd managing it.
<mason> Oh, you've modified the existing service. Looking.
<mason> hackeron: So, someone might have a better idea, but I'd assume it's having trouble tracking the forking daemon. I'd recommend replacing the entire unit file with a full override (systemctl edit --full) and making it a foreground service.
<hackeron> mason: but won't my edits be overwritten every upgrade? - my issue is this happens every time the openvpn package is updated
<mason> hackeron: That's the point of the complete replacement vs the drop-in.
<mason> Your drop-ins should persist past updates
<hackeron> mason: ah, hmm, so if I wanted to do this automatically on 100 servers, does creating a /etc/systemd/system/openvpn@.service file override the openvpn@.service provided by the package?
<mason> hackeron: It should do what you want as I understand it.
<hackeron> mason: ok, thank you for that, let me give that a try :) -- I think maybe changing from daemon to foreground is what I need
<mason> hackeron: So, yeah, after a quick test, that file is a complete replacement, vs a partial drop-in, which would show up as /etc/systemd/system/openvpn@.service.d/override.conf
<hackeron> but it's strange because /run/openvpn/timeline.is.pid is correct and matchs what is in top - so why isn't it being killed on upgrade. Do you see anything here that can cause it not to stop the process on upgrade online? < https://pastebin.com/5i1SwEni
<hackeron> maybe KillMode=mixed
<mason> Could I bother you to use bpaste.net instead? pastebin does funny things with javascript
<hackeron> mason: ah that's a nicer one, thank you :) < https://bpaste.net/show/d210e9020c18
<mason> Hrm. I see this: "If you really want to delegate the shutdown from your main process, set KillMode=mixed. SIGTERM will be sent to the main process only."
<mason> OpenVPN responds well to being run in the foreground - I regularly run it that way, so that's the way I'd go in any event. Simpler.
<hackeron> mason: makes sense, I'll try that :) - do you run it through systemd or some other way?
<mason> hackeron: I script it and fire it up by hand as needed.
<mason> For my use, I want it to explicitly run only when I want it up.
<mason> My scripting fires it up, then sets up a couple related environmental things.
<hackeron> ah, ok
<mason> For quite a long time I ran it foreground in a screen session, and it was pretty reasonable.
<hackeron> mason: hmm, when I do that, systemctl edit --full openvpn@ shows my service, but when I reboot, systemd is still using the default openvpn@ service and still runs as daemon - any ideas?
<mason> hackeron: ... Um. I'd file a bug then. It shouldn't be ignoring drop-ins or override configs. :/
<sdeziel> hackeron: can you share "systemctl cat openvpn@" via pastebin ?
<hackeron> mason: yeh, strange, so when I do systemctl edit --full openvpn@ it shows my file - when I do systemctl status openvpn@ it shows Loaded: loaded (/lib/systemd/system/openvpn@.service; disabled; vendor preset: enabled) -- grr
<mason> hackeron: Did you restart or say daemon-reload ?
<hackeron> mason: yep, even tried reboot
<hackeron> sdeziel: https://bpaste.net/show/aab5a207a75e
<mason> hrm
<mason> hackeron: I don't think you need to specify/interact with a PIDfile if you're running it in the foreground.
<mason> But I'm not systemd expert.
<mason> s/not/no/
<sdeziel> hackeron: "systemctl cat openvpn@xancloud.com" please
<hackeron> sdeziel: https://bpaste.net/show/5ccef9cf8432
<hackeron> mason: sure, I can remove that - but the issue currently is systemctl is not using my service file at all :(
<sdeziel> hackeron: for some reason, the @xancloud.com instance uses the /lib/... unit
<hackeron> sdeziel: yeh, but why, the service file is /lib/systemd/system/openvpn@.service and I'm editing openvpn@ - any ideas why that is happening?
<mason> sudo systemctl edit --full openvpn@foo is a thing
<mason> might be worth trying, even if it shouldn't be necessary
<mason> And I'd think about trimming out the PIDfile interactions.
<sdeziel> hackeron: I don't know, editing the generic one (openvpn@) should be enough to apply to all the specific instances
<mason> Editing openvpn@foo creates an override for that instance.
<mason> Worth trying.
<sdeziel> hackeron: that said, I don't like "edit --full" ;)
<mason> sdeziel: He can't remove bits and is prone to have other stuff bleed in if he just does a drop-in.
<sdeziel> hackeron: the original problem you are trying to solve is apt upgrades leading to multiple instances of openvpn@xancloud.com, right?
<sdeziel> mason: changing the unit type feels like voiding the warranty to me
<mason> Thank the gods for systemd, though - everything was so boringly transparent and obvious before. systemd lends a pleasing aura of magic to what used to be mundane, every-day tasks. :)
<sarnold> :)
<mason> sdeziel: Yeah, I think that's a foregone conclusion.
<hackeron> sdeziel: sort of, my problem is when I make openVPN auto restart, by creating /etc/systemd/system/openvpn@.service.d/override.conf and adding Restart=always - then every upgrade, systemd files to kill the openvpn process. So I need to create my own service file probably
<mason> hackeron: For real, try edit --full openvpn@yourthing
<sdeziel> I for one welcome systemd's magic tough, the power of seccomp and namespaces is now available easily ;)
<mason> I want to know if it works.
<hackeron> mason: I have 5 mythings and they can change, so I'd like to avoid doing that if at all possible
<sdeziel> hackeron: don't use Restart=always
<mason> hackeron: Five mythings is still one automation config. :P
<sdeziel> hackeron: this mode will start it back even when you manually asked to stop it (checking man page)
<hackeron> sdeziel: I have 300+ servers out there and sometimes the server has a glitch or there's some other problem and they must absolutely always, no matter what, try to get back on the VPN, so I can connect to them remotely -- so what else is there except a Restart=always?
<mason> As for that, Restart=on-failure ?
<sdeziel> hackeron: Restart=on-abnormal
<sdeziel> or on-failure
<sdeziel> hackeron: man 5 systemd.service
<mason> hackeron: You're going to make me test the instanced override myself, aren't you? I can feel it.
<sdeziel> hackeron: there is a nice table explaining the various Restart= modes
<hackeron> mason: sdeziel: that's what I had before and it would fail to start up sometimes, if say a hard drive was read only or something, or there was some condition error and the network was being restarted or something which stopped the vpn -- I want it to try to restart always, no matter what
<sdeziel> hackeron: Restart=always is what played you trick during apt upgrades, pretty sure of that
<mason> likely
<hackeron> sdeziel: yeh, for sure, but how else do I ensure it restarts no matter what?
<mason> hackeron: Restart=on-failure
<mason> and monitoring
<sarnold> sdeziel: what's the deal with Restart=always?
<zul> coreycb:  ping
<zul> coreycb: can you please merge and upload http://paste.ubuntu.com/26502243/ please
<hackeron> mason: what do you mean by and monitoring?
<mason> hackeron: I mean, you've got monitoring of some sort already. Check for missing/down VPN, and if Restart=on-failure isn't enough, page someone.
<sdeziel> hackeron: Restart=on-failure seems like the best you can do without inflicting you problems on apt upgrades
<hackeron> mason: my goal is I want to make sure nothing on the system can accidentally stop the vpn, no matter what
<sdeziel> sarnold: dunno, that's a weird mode if you ask me ;)
<sdeziel> sarnold: you manually stop a service and systemd starts it behind your back
<sarnold> sdeziel: alright :) hehe, the table can describe the intentions, but I figured if you'd fought it over something, that kind of knowledge doesn't show up in tables. hehe.
<sarnold> sdeziel: aha. yeah.
<hackeron> mason: the system can be at the top of a mountain or the bottom of the ocean, there is no page someone, it needs to never ever ever go down and if something or someone takes it down, it needs to always restart :) -- I think my intent is solved by editing openvpn@.service -- but question is, why is my edit ignored?
<hackeron> mason: because something like networking or multiuser target or a bunch of other things can stop the service, I don't want that to ever happen
<mason> hackeron: It clearly doesn't match the instanced service.
<sdeziel> sarnold: I never had to fight with it
<TJ-> hackeron: with your Restart=always could you add RestartSec=X to impose a delay to cover the package-upgrade cycle ?
<hackeron> TJ-: I have RestartSec=30 already
<sdeziel> hackeron: FYI, I run my openvpn instances with Restart=on-failure and it works well here
<mason> hackeron: Try the edit --full foo@bar and see if that matches, and there's your answer
<hackeron> mason: What do you mean? systemctl status openvpn@xancloud.com shows /lib/systemd/system/openvpn@.service -- so it's openvpn@.service, is it not?
<mason> hackeron: Spock says, âAn ancestor of mine maintained that if you eliminate the impossible, whatever remains, however improbable, must be the solution.â
<sarnold> *snort*
<TJ-> hackeron: I'm wondering if the issue here is not systemd so much as the openvpn pre/postinst scripts.
<coreycb> Zul: heya, sure
<zul> coreycb: merci buckets
<zul> coreycb: there is probably going to be more btw
<hackeron> TJ-: no, just checked - changing openVPN from daemon to foreground fixes it -- now the question is why isn't editing openvpn@ working, hmm
<hackeron> mason: yes, editing openvpn@xancloud.com explicitly works - now need to figure out how to make it apply to all vpn configs, hmmm
<mason> hackeron: If you're using Ansible or Puppet or something, you should be able to base it on a template and make it fairly safe.
<hackeron> mason: I guess - but I wonder what's wrong with systemd that it's ignoring edit of openvpn@
<mason> hackeron: I can help with that: http://without-systemd.org/
<mason> Take your pick. :P
<hackeron> I wish you could do a rolling eyes smiley in text :)
<TJ-> @ @
<TJ-> \_/
<TJ-> hackeron: I wonder, maybe you have to make use of the template@'s %i instance variable in some way? Match= or somethig?
<pfriel> nacc: I believe you were the one I reached out to yesterday about sssd causing lockups on AWS c5/m5 instances. You pinged someone else who requested I create a bug report.. I have now done that: https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/1746806.  I don't remember who it was you pinged though so if you could bump that person it would be much appreciated.  thanks
<ubottu> Launchpad bug 1746806 in sssd (Ubuntu) "sssd appears to crash AWS c5 and m5 instances, cause 100% CPU" [Undecided,New]
<nacc> ahasenack: --^
<nacc> (i think)
<pfriel> nacc: ty sir
<nacc> pfriel: yw, thanks for filing the bug report!
<pfriel> no prob.. wish I could have provided more details. I have sunk my last few days trying to figure this thing out with no luck.  Hopefully you all can provide some tips on getting more useful debug info
<nacc> cpaelzer: let's sync on kopanocore, i would like to get it updated correctly to match debian (which has a php-mapi), i thikn you're right onn the breaks/replaces (which will successfully upgrade artful and existing bionic) and then we can drop that once 18.10 opens
<nacc> cpaelzer: https://code.launchpad.net/~nacc/ubuntu/+source/kopanocore/+git/kopanocore/+merge/337021
<nacc> cpaelzer: need to push some changes on top, fyi, so it builds (libical migrated underneath)
<nacc> cpaelzer: i assume you're already o nit, but qemu-system-x86 is uninstallable i bionic-proposed?
<nacc> cpaelzer: that blocks libguestfs which in turn blocks php7.2 :)
#ubuntu-server 2018-02-02
<nacc> cpaelzer: hrm, i was able to backport the patches so kopanocore buillds, but now it's faililg dep8, willl debug before you need to review
<zzz> hi. im trying to figure out why df and lsblk output is incompatible for an internal drive. fs shows 472M Size, however lsblk correctly shows a 15G partition
<zzz> *df
<TJ-> zzz: partitions and file-systems can be different sizes
<zzz> TJ- how can i make the file system 15G? the drive is empty
<sarnold> are you *confident* it's empty? this feels weird
<yer> any sendmail gurus in here
<TJ-> zzz: if the partition contains the file-system it suggests you've enlarged the partition at some point
<zzz> no. old eee pc with 2 internal ssd: 4G + 15G
<zzz> clean ubuntu server install
<TJ-> zzz: best to show us: "pastebinit <( lsblk; df )"
<zzz> http://paste.ubuntu.com/26503665/
<zzz> sdb1 is the part in question
<zzz> https://paste.ubuntu.com/26503670/ for humans
<zzz> im not experienced with this stuff
<sarnold> "timemachine" .. is this an HFS+ or similar filesystem? do you care about it's contents at all?
<zzz> no, it's ext4. i just mounted it for macos' time machine but it uses a sparse bundle
<zzz> dont care about contents at all
<sarnold> alright; I *think* you can probably just umount /media/timemachine ; mke2fs -t ext4 -j /dev/sdb1
<sarnold> I haven't driven mke2fs by hand in ages..
<TJ-> zzz: if it's ext you can just do "sudo resize2fs /dev/sdb1" without un-mounting it
<TJ-> ext can do online resize for extending, but not shrinking
<zzz> thanks guys. i'm reading up on it jut to feel safe. any idea of what couldve caused smth like this?
<sarnold> I thought about that, but didn't want to shortchange the filesystem on inodes.
<sarnold> zzz: the easiest way I could think of to create this would be to dd a filesystem from one tiny partition to this partition.
<zzz> ok it seems to have solved it
<zzz> how can i ever repay you
<sarnold> pass it along :)
<zzz> you know i will. thank you
<sarnold> you're welcome ;) have fun
<yer> any network guys in here?
<yer> got a TL-R600VPN router doin some weird shit
<yer> keeps setting a IP adress to be a DMZ host, and its an address that we have never used .... port forwardings appearing by them selfs
<yer> selves
<yer> scary
<cpaelzer> nacc: all the qemu train blocks on the new queue with src:ipxe-qemu-256k-compat
<cpaelzer> nacc: I'm on it in the sense that I ping infinity on a daily base who said he is gonna take a look
<cpaelzer> waiting with kopano until you set status to ready-to-review then
<lordievader> Good morning
<jamespage> coreycb: the wireshark pkg-config in xenial is foobar - so I'm going to patch out the wireshark support from libvirt for the xenial/queens backport
<jamespage> we don't need that for openstack...
<davidjmemmett_> Morning all
<davidjmemmett_> Has anyone else experienced any freezes using artful on EC2 (using c5 instances)? I can sometimes boot a machine, sometimes it hangs forever, sometimes it freezes and dies after a few minutes
<rbasak> davidjmemmett_: yes, on this channel
<rbasak> davidjmemmett_: https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/1746806
<ubottu> Launchpad bug 1746806 in sssd (Ubuntu) "sssd appears to crash AWS c5 and m5 instances, cause 100% CPU" [Undecided,Confirmed]
<davidjmemmett_> Yup, thatâs the one, cheers rbasak
<rbasak> davidjmemmett_: please mark yourself as affected
<davidjmemmett_> Will do
<rbasak> davidjmemmett_: is it sssd related for you as well?
<davidjmemmett_> Yes, using it for LDAP with
<davidjmemmett_> ^auth
<rbasak> Please could you comment on the bug? The data point is useful I think.
<rbasak> Since it could be a kernel regression or a latent sssd bug merely exposed by a newer kernel
<rbasak> If everyone affected says it's only with sssd, then that points to an sssd bug. OTOH if we get reports from users not using sssd, then more likely a kernel bug.
<jamespage> coreycb: just tripped on that missing deb dbgsym thing with libvirt in queens-staging
<coreycb> jamespage: afaik it's not due to debhelper or dh-autoreconf. It recreated with artful versions of those.
<coreycb> jamespage: also turned on dbgsyms in a xenial-pike ppa and had no problem building the queens python-coverage
<ahasenack> rbasak: hi, thanks for the zstd feedback, I'm looking into it now
<ahasenack> rbasak: a question
<ahasenack> rbasak: "Rather than "dist-upgrade" on Xenial, could you please check that the new zstd is pulled in on a plain "apt-get upgrade" and via the update manager? "
<rbasak> o/
<jamespage> coreycb: hmm so its a mix of newer debhelpers + ppa with debug symbols enabled?
<ahasenack> rbasak: when you say update-manager, you mean the desktop UI thingy that prompts for upgrades?
<rbasak> ahasenack: right
<ahasenack> ok
<rbasak> ahasenack: because that's the most common use case, right?
<ahasenack> I suppose :)
<rbasak> I ask because I know dist-upgrade can be more clever. But we need the zstd update to work even when users don't use dist-upgrade for the entire SRU to be useful, AIUI.
<rbasak> And I don't know off the top of my head exactly what update-manager does.
<ahasenack> I'll start with upgrade
<ahasenack> thanks
<ahasenack> I rarely use upgrade nowadays, indeed
<rbasak> If someone says "it definitely does the equivalent of 'apt-get upgrade' and 'apt-get upgrade' works" and I believe this person then no need to test :)
<ahasenack> I'm happy with dist-upgrade's behavior of stopping and showing what NEW packages it would install
<ahasenack> nah, the test is easy
<ahasenack> I don't mind it
<ahasenack> I just don't know what to do if it fails :)
<rbasak> As long as you understand why I'm asking :)
<ahasenack> s/don't/won't/
<rbasak> Yeah I don't know either
<ahasenack> I remember in the past apt upgrade pulling in new packages. It probably depends (hah)
<coreycb> jamespage: seems so, maybe it's one of the other debhelper deps that was backported
<jamespage> coreycb: might be - just trying something else
<jamespage> alot of the behaviour in a PPA is PPA specific so I'm wondering whether this is generally broken
<jamespage> for later debhelper revs in PPA's with debug symbols enabled...
<ahasenack> rbasak: apt upgrade and desktop GUI upgrade tests passed, looking at your other points now
<ahasenack> (I updated the bug)
<jamespage> coreycb: its a dpkg/debhelper incompat
<jamespage> debhelper is doing something new with regards to ddeb's
<jamespage> dpkg carries:
<jamespage>     - dpkg-gencontrol: Fix Package-Type override handling for ddeb support.
<coreycb> jamespage: aha, that looks like it
<coreycb> jamespage: do you wan to attempt backporting dpkg?
<coreycb> want
<coreycb> jamespage: reviewing pxc 5.7 now btw
<jamespage> coreycb: hmm
<jamespage> maybe
<ahasenack> rbasak: replied in the MP about --devunversioned, and you are right about the missing dh_auto_build bit in bionic (also replied in the MP). Will fix the later and push
<jamespage> coreycb: debhelper @ 10.2.5ubuntu2 is where the behavioural change for ddebs happened - requiring a new dpkg for compat
<coreycb> jamespage: ok. just noticed we have 10.2.2 in pike.
<jamespage> coreycb: not entirely convinced I want dpkg in the UCA
<jamespage> coreycb: yeah that does the old style ddeb generation
<coreycb> jamespage: yeah
<jamespage> kinda two choice here - either we do something with dpkg or we switch UCA debhelper back to the old style
<coreycb> jamespage: old style seems sensible
<ahasenack> rbasak: pushed, and the ppa is building a new bionic test upload with that as well (https://launchpad.net/~ahasenack/+archive/ubuntu/zstd-backport-1717040/+packages)
<ahasenack> it takes a while because the tests are run at build time, and they are a bit long
<jamespage> coreycb: ok I think I figured out where to tweak that
<rbasak> ahasenack: ack
<jamespage> coreycb: https://launchpad.net/~james-page/+archive/ubuntu/queens/+build/14300947 rebuilding with debhelper patches
<jamespage> coreycb: I forgot how much hassle the final UCA pocket for an Ubuntu LTS is
<jamespage> 2 years of deltas...
<coreycb> jamespage: sure is. we can reset to just backporting to bionic next release.
<coreycb> jamespage: hopefully ppa builds are faster today. they were painfully slow yesterday.
<jamespage> coreycb: yup
<jamespage> nice easy peasy
<jamespage> coreycb: ca-patches per pocket - http://paste.ubuntu.com/26505879/
<coreycb> jamespage: i see a trend :)
<jamespage> coreycb: bah so close with debhelper - now generating .deb for dbgsym, but ddeb into the control file...
 * jamespage sighs
<jamespage> coreycb: ok take 10
<coreycb> jamespage: lol
<jamespage> I think I see what needs to happen
<jamespage> coreycb: maybe just run those pxc maintainer scripts through https://github.com/mvdan/sh
<coreycb> jamespage: oh nice
<coreycb> jamespage: will do
<jamespage> coreycb: I did
<jamespage> pushed as new commit on my branch
<coreycb> jamespage: ah thx
<rbasak> ahasenack: could you edit the bug description according to https://bugs.launchpad.net/ubuntu/+source/libzstd/+bug/1717040/comments/44 please?
<ubottu> Launchpad bug 1717040 in libzstd (Ubuntu Bionic) "Please backport libzstd 1.3.1+dfsg-1 (universe) from artful" [Undecided,In progress]
<ahasenack> rbasak: sure
<ejat> <ejat> hi ..
<ejat> <ejat> i used openstack-telemetry charms .. 2 services got problem (mongodb & neutron-gateway)  .. juju status output : http://paste.ubuntu.com/26506527/
<ejat> <ejat> mongodb log output: https://paste.ubuntu.com/26506520/
<ejat> <ejat> neutron-gateway: https://paste.ubuntu.com/26506512/
<rbasak> nacc: on your corosync question. Which particular path are you trying to tackle?
<renatosilva> I occasionally get an email with title "test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )", why?
<renatosilva> content says: "/etc/cron.daily/logrotate: Warning: apache2.service changed on disk. Run 'systemctl daemon-reload' to reload units."
<renatosilva> I want to understand how exactly this cron email has been activated since I can't remember doing this manually
<dpb1> usually because apache2 has been updated, and it's asking you to reload the daemon
<renatosilva> dpb1: that's what the message says, yes, meaning the auto-update I have configured is hopefully working but... I would expect the system to reload apache after _auto-updating on a server_
<renatosilva> how was cron allowed to send me email? is that a default configuration?
<renatosilva> why the system bothers me with this useless email about apache? why not just reload it?
<dpb1> how often do you get it?
<dpb1> not sure about cron "allowed" to send you an email.  that depends on how you have things configured.  I think by default it sends to the root user on the system, as a way of notifying you of what happened.  it's standard cron behavior
<nacc> rbasak: i'm thinking that if pacemaer upgrades before corosynnc finishes (runs its postinst), we don't need the flag
<nacc> rbasak: because a systemd unit that is partof the other will follow the state transitions
<nacc> rbasak: in which case, we don't nened the /run flag for upgraders, as it will nnaturally be enforced (unless they modified the units manually, in which case it's a separate case)
<rbasak> I wonder if a versioned Conflicts would suffice. But we don't usually use those, so I'd like someone to confirm that we actually want that and it won't have any inadvertent side-effects.
<rbasak> Have the new corosync Conflict on older pacemaker (or vice versa).
<rbasak> Then they can't even both be unpacked at once.
<rbasak> Hopefully apt will resolve that to upgrade the pacemaker first.
<rbasak> But is this really needed?
<rbasak> I think we understand the Breaks path well, we have to use this path for older releases anyway, and it's only temporary.
<rbasak> So while I think you're probably right, does doing it your way add additional risk and complexity?
<rbasak> One issue with Conflicts is that it can be quite constraining in terms of possible upgrade paths, which is why AIUI it's generally frowned upon in favour of Breaks where possible.
<nacc> rbasak: ok -- yeah, it was more about minimizing the delta
<renatosilva> dpb1: ok, first I wanted to know how cron came up to doing it, that explains it then, it's, default config
<nacc> rbasak: i agree with what you are saying, in principle (also for my own edification)
<dpb1> renatosilva: yes, cron will email the result of any script that fails (returns a non-zero code) or has any output of any kind.  All other cases, it stays silent
<renatosilva> dpb1: but it's a useless notification in this case, I wonder why isn't apache just reloaded instead
<dpb1> renatosilva: how often do you get it
<dpb1> renatosilva: a quick google search turns up that it could be simply a buggy update with systemd
<renatosilva> dpb1: randomly really, enough to get me annoyed.... in the past I would get like a few a month, not sure... then it was quite some time since last occurrence, and today it came back... I believe it's as often as apache package gets auto-updated, and I had some time without it because I think auto-updates were just not working
<dpb1> renatosilva: could it be tied to reboots?
<renatosilva> unexpected reboots then, but I don't think so
<dpb1> renatosilva: anyway, please file a bug against apache2 in ubuntu with this behavior
<dpb1> https://bugs.launchpad.net/ubuntu/+source/apache2/+filebug
<dpb1> you can even use `ubuntu-bug apache2` from the command line
<coreycb> wolsen: jamespage: stable point releases are underway for newton, ocata, and pike. bug 1747067, bug 1747066, and bug 1747065.
<ubottu> bug 1747067 in Ubuntu Cloud Archive newton "[SRU] newton stable releases" [Undecided,New] https://launchpad.net/bugs/1747067
<ubottu> bug 1747066 in Ubuntu Cloud Archive ocata "[SRU] ocata stable releases" [Undecided,New] https://launchpad.net/bugs/1747066
<ubottu> bug 1747065 in nova (Ubuntu Artful) " [SRU] pike stable releases" [Undecided,New] https://launchpad.net/bugs/1747065
<wolsen> awesome coreycb - thanks much!
<coreycb> wolsen: np!
<nacc> powersj: how hard would it be to change our CI to use git-ubuntu.self-test from the built snap starting at https://code.launchpad.net/~nacc/usd-importer/+git/usd-importer/+merge/337104
<nacc> or even as its own custom pipeline for now?
<powersj> options 1) change nothing till you land 2) I could update the job manually and run it against that branch to get a result or 3) update the job now use that going forward
<nacc> powersj: well, the problem is CI will fail with it
<nacc> powersj: for 1)
<powersj> a 2nd pipeline is, interesting, but would be rather confusing with multiple votes right?
<nacc> yeah, i expect to see the old fail and the new succeed, if that makes sense
<nacc> we would then decommision the old once this lands
<nacc> powersj: we can also talk about it on monday with rbasak
<nacc> dpb1: --^ just an fyi the above is delaying our phasing (not anyone's fault, just necessary changes)
<powersj> how many open branches are there? is it a big concern to break older reviews?
<nacc> I think I'm the only one trying to land anything right now :)
<nacc> we can wait to see what rbasak thinks
<powersj> then on Monday I would propose, let's get the CI happy with your branch and use that going forward
<nacc> yeah i thin kthat's the right approach too
<rbasak> nacc, powersj: I'm happy either way
<nacc> rbasak: ok, i think the move to snap the scripts was easier than i expected
<rbasak> As long as one of the two mechanisms is capable of passing when you're don e:)
<nacc> rbasak: so we can do all the self-test for CI i the snap
<nacc> lint + pytest of the gitubuntu/ dir
<powersj> rbasak: go enjoy your friday night
<powersj> :P
<nacc> heh
<rbasak> We've been enjoying online furniture shopping :)
<dpb1> nacc: OK, let's chat about it on monday with powersj if you have some ideas
<powersj> rbasak: would using the built snap's self-test imply that we no longer need the pipeline given we would get rid of the tox and pytest steps?
<powersj> err that was meant for nacc ^
<powersj> hopefully he continues his exhilarating furniture shopping ;)
#ubuntu-server 2018-02-03
<nacc> powersj: yeah, i think so -- we would build the snap, run its tests and then do the integration tests (which live outside the snap still)
<powersj> ok I will probably change the job type from pipeline to a normal workflow then
<nacc> sounds good
<MJCDoffice> yooooo
<MJCDoffice> how does ubuntu-cloud work?
<MJCDoffice> like, not the install process but how do I actually make my cloud do work
<MJCDoffice> also any good FOSS web based dashboard would be nice
<MJCDoffice> if not included
<Checkmate> guys how to change /phpmyadmin url to another name looks some one brute forcing shit
<Checkmate> guys Unit fail2ban.service has failed.
<ikonia> Checkmate: tone down the language please
<ikonia> Checkmate: the URL is defined in the vhost
<ikonia> if the fail2ban unit is failing, read the error to see why it's failing
<Checkmate> ikonia i just removed it to reinstall again then i got hell problem
<ikonia> that means nothing
<Checkmate> Ubuntu 16.10 yakkety dont want to get upgrad
<ikonia> explain the problem if you want help
<Checkmate> ikonia https://pastebin.com/raw/TzAHydxb
<tomreyn> Checkmate: 16.10 is long EOL
<tomreyn> !16.10
<ubottu> Ubuntu Ubuntu 16.10 (Yakkety Yak) was the 25th release of Ubuntu.  Support ended on July 20th, 2017. See !eol and https://ubottu.com/y/yakkety
<Checkmate> yes think to upgrade after i finish some sql move
<tomreyn> better dump / backup and reinstall
<tomreyn> or rather: install a current release
<tomreyn> then restore data
#ubuntu-server 2018-02-04
<scnus> ââââââââââââââ IRC.SUPERNETS.ORG #SUPERBOWL SUPERBOWL PARTY RIGHT NOW LIVE CHATTING AND PLAY BY PLAY COMMENTARY GOING ON NOW!! ASK CHRONO FOR DETAILS!!  wjhwfmoky: terminalator galeido njbair âââââââââââ
<scnus> ââââââââââââ IRC.SUPERNETS.ORG #SUPERBOWL SUPERBOWL PARTY RIGHT NOW LIVE CHATTING AND PLAY BY PLAY COMMENTARY GOING ON NOW!! ASK CHRONO FOR DETAILS!!  tkpyny: runelind_q_ wolflarson nacc ââââââââââââ
<scnus> âââââââââââ IRC.SUPERNETS.ORG #SUPERBOWL SUPERBOWL PARTY RIGHT NOW LIVE CHATTING AND PLAY BY PLAY COMMENTARY GOING ON NOW!! ASK CHRONO FOR DETAILS!!  uftez: Deliant koffeinfriedhof eldritch ââââââââââââââ
<scnus> ââââââââââââââââââ IRC.SUPERNETS.ORG #SUPERBOWL SUPERBOWL PARTY RIGHT NOW LIVE CHATTING AND PLAY BY PLAY COMMENTARY GOING ON NOW!! ASK CHRONO FOR DETAILS!!  zhoeekwfen: ironhalik kkremitzki jdstrand âââââââââââ
<scnus> âââââââââââââââââ IRC.SUPERNETS.ORG #SUPERBOWL SUPERBOWL PARTY RIGHT NOW LIVE CHATTING AND PLAY BY PLAY COMMENTARY GOING ON NOW!! ASK CHRONO FOR DETAILS!!  yjbzgy: led_ir22 DalekSec rostam âââââââââââ
<scnus> ââââââââââââ IRC.SUPERNETS.ORG #SUPERBOWL SUPERBOWL PARTY RIGHT NOW LIVE CHATTING AND PLAY BY PLAY COMMENTARY GOING ON NOW!! ASK CHRONO FOR DETAILS!!  hjoyvda: zerick coreycb masteroman ââââââââââââ
<scnus> ââââââââââââââââââââ IRC.SUPERNETS.ORG #SUPERBOWL SUPERBOWL PARTY RIGHT NOW LIVE CHATTING AND PLAY BY PLAY COMMENTARY GOING ON NOW!! ASK CHRONO FOR DETAILS!!  ywvneca: v12aml AvatarA Jan\ âââââââââââ
<scnus> âââââââââââââââââââ IRC.SUPERNETS.ORG #SUPERBOWL SUPERBOWL PARTY RIGHT NOW LIVE CHATTING AND PLAY BY PLAY COMMENTARY GOING ON NOW!! ASK CHRONO FOR DETAILS!!  tnqzgoct: galeido cncr04s ikonia ââââââââââââ
<scnus> ââââââââââââââ IRC.SUPERNETS.ORG #SUPERBOWL SUPERBOWL PARTY RIGHT NOW LIVE CHATTING AND PLAY BY PLAY COMMENTARY GOING ON NOW!! ASK CHRONO FOR DETAILS!!  zhcbsnyawk: _Kas Poster|n mthaddon` âââââââââââââ
<scnus> Ã¢ââÃ¢ââÃ¢ââÃ¢ââÃ¢ââÃ¢ââÃ¢ââÃ¢ââÃ¢ââÃ¢ââÃ¢ââÃ¢ââÃ¢ââÃ¢ââÃ¢ââÃ¢ââÃ¢ââÃ¢ââÃ¢ââ IRC.SUPERNETS.ORG #SUPERBOWL SUPERBOWL PARTY RIGHT NOW LIVE CHATTING AND PLAY BY PLAY COMMENTARY GOING ON NOW!! ASK CHRONO FOR DETAILS!!  jlnjxvry: logan- AvatarA niemeyer Ã¢ââÃ¢ââÃ¢ââÃ¢ââÃ¢ââÃ¢ââÃ¢ââÃ¢ââÃ¢ââÃ¢ââÃ¢ââÃ¢â
<scnus> ââââââââââââââââââââ IRC.SUPERNETS.ORG #SUPERBOWL SUPERBOWL PARTY RIGHT NOW LIVE CHATTING AND PLAY BY PLAY COMMENTARY GOING ON NOW!! ASK CHRONO FOR DETAILS!!  oczbfdy: a1berto JanC tdb âââââââââââ
<scnus> âââââââââââââââ IRC.SUPERNETS.ORG #SUPERBOWL SUPERBOWL PARTY RIGHT NOW LIVE CHATTING AND PLAY BY PLAY COMMENTARY GOING ON NOW!! ASK CHRONO FOR DETAILS!!  ysmjbdq: Piper-Off akaWolf robher ââââââââââ
<scnus> âââââââââââââââââââ IRC.SUPERNETS.ORG #SUPERBOWL SUPERBOWL PARTY RIGHT NOW LIVE CHATTING AND PLAY BY PLAY COMMENTARY GOING ON NOW!! ASK CHRONO FOR DETAILS!!  adqdua: terminalator DenBeiren Poster âââââââââââ,
<scnus> ââââââââââ IRC.SUPERNETS.ORG #SUPERBOWL SUPERBOWL PARTY RIGHT NOW LIVE CHATTING AND PLAY BY PLAY COMMENTARY GOING ON NOW!! ASK CHRONO FOR DETAILS!!  sxwuofnco: guideline lamont ratliff ââââââââââââ
<scnus> âââââââââââââââââââ IRC.SUPERNETS.ORG #SUPERBOWL SUPERBOWL PARTY RIGHT NOW LIVE CHATTING AND PLAY BY PLAY COMMENTARY GOING ON NOW!! ASK CHRONO FOR DETAILS!!  msamge: seyeongkim compuguy cncr04s âââââââââââ
#ubuntu-server 2019-01-28
<lordievader> Good morning
#ubuntu-server 2019-01-29
<lunaphyte> i've just upgraded from 17.10 to 18.04, and now the computer won't boot.  it fails to mount the root filesystem, and drops to initramfs
<lunaphyte> https://9unvsq.bn.files.1drv.com/y4m6YIxUZfXzd96cuCzcKJR22rzSeBCy-2VUrndZk5gLlOyk52M6w8oZgr-ybtLbnVvC1trcidcR8L1ndgSUzH9NSysNDl1jTUD5_wBIPQ_PwSMIrWNa69rqvVv_MgV3o2czkQebQUj27idfawPbDN5jaY40rOW5swWLpKXpiu3yMgcPKj_PP6GROCAvAJpnpn3maXS_5GPsrkocfuEEbbHQQ/residue_2019_01_24.PNG?psid=1
<lunaphyte> ugh, sorry about the awful url
<lunaphyte> the upgrade process went without any issues or complaints at all
<lunaphyte> what can i do to troubleshoot this?
<lunaphyte> since i'd had a similar problem with another upgrade not going well, with non root filesystems that were not accessible, i tried vgchange -aay, on a whim.  so far, it seems to just hang upon that command indefinitely, and not do anything
<lordievader> Good morning
<lordievader> lunaphyte: From that initramfs can you mount your rootfs?
<jamespage> cpaelzer: looking at your dpdk/ovs work today
<cpaelzer> jamespage: ok, I started to test it as well
<cpaelzer> but that takes quite some time
<cpaelzer> as I said, I'll ping you once I have a reasonable result
<jamespage> cpaelzer: ack
<ahasenack> good morning
<rbasak> ahasenack, cpaelzer, kstenerud: I can hit the review queue now, but it looks like everything has been looked at for the moment?
<ahasenack> rbasak: agreed
<ahasenack> I'm finishing up haproxy, then I'll go after apache2 which you reviewed already, and back to the net-snmp merge
<rbasak> OK
<ahasenack> rbasak: can you merge that salsa haproxy mp, or are you just passing by?
<rbasak> ahasenack: I was just passing by, being curious about how haproxy tests operate as I know nothing about haproxy.
<ahasenack> cool
<ahasenack> first attempt failed, investigating
<rbasak> I am not a maintainer for haproxy in Debian so I shouldn't do anything but comment.
<ahasenack> https://pastebin.ubuntu.com/p/CvVKbJC2XV/
<ahasenack> ah, I have to invert the check
<rbasak> Yeah, or swap the else block.
<rbasak> (I prefer the latter in general to avoid an extra inversion)
<ahasenack> yeah, I also dislike "!" in ifs
<ahasenack> rbasak: better, let me push: https://pastebin.ubuntu.com/p/WDtmWnZRCZ/
<MJCD> i'm trying to set up xorg+lightdm+fluxbox on a server build
<MJCD> i've gotten a graphical login screen after reboot
<MJCD> but it just fails to start session
<MJCD> lol if I switch from fluxbox to openbox
<MJCD> it lets me log in, but to just black nothing
<MJCD> no right click menu even
<MJCD> >.<
<lordcirth_> MJCD, anything in logs?
<MJCD> its ok third reboot was the charm for whatever reason, fluxbox still doesn't work
<MJCD> but i'm fine with openbox for now
<ahasenack> rbasak: can I consider our salsa exchange as another +1 for the haproxy dep8 tests, provided tests pass in ubuntu? For this MP: https://code.launchpad.net/~ahasenack/ubuntu/+source/haproxy/+git/haproxy/+merge/362217
<ahasenack> cpaelzer is eod now
<ahasenack> I induced some errors to see how it would behave, and it looks good:
<ahasenack> - diff content: https://pastebin.com/Jcn8TE4A
<ahasenack> - diff size: https://pastebin.com/4y4crD39
<rbasak> ahasenack: yes, and +1 added to the MP
<ahasenack> rbasak: thanks
<lunaphyte> lordievader: thanks for responding.  i can't, no.
<lunaphyte> if i try to mount the root filesystem manually at the initramfs prompt, it says the same thing - "mount: mounting /dev/mapper/vg1-root on /root failed: no such device"
<lunaphyte> all of the lvm pieces are active and functioning, i can see all of the physical volumes, all of the volume groups, all of the logical volumes
<lunaphyte> i can run btrfs check on /dev/mapper/vg1-root and it runs properly and successfully, and finds no errors
<TJ-> lunaphyte: broke it again?!
<lunaphyte> TJ-: :) - hah - no, this is a different one
<lunaphyte> https://9unvsq.bn.files.1drv.com/y4m6YIxUZfXzd96cuCzcKJR22rzSeBCy-2VUrndZk5gLlOyk52M6w8oZgr-ybtLbnVvC1trcidcR8L1ndgSUzH9NSysNDl1jTUD5_wBIPQ_PwSMIrWNa69rqvVv_MgV3o2czkQebQUj27idfawPbDN5jaY40rOW5swWLpKXpiu3yMgcPKj_PP6GROCAvAJpnpn3maXS_5GPsrkocfuEEbbHQQ/residue_2019_01_24.PNG?psid=1
<TJ-> lunaphyte: compare the dm-X number shown by "ls -l /dev/mapper/vg1-root" with "ls -l /dev/dm-X" to ensure it exists
<TJ-> lunaphyte: oh, a VM image? is the underlying file corrupt. You shouldn't get the kernel stracktrace
<lunaphyte> TJ-: i don't think anything is corrupt.  i can boot off the installer, in rescue mode, and successfully mount all filesystem and chroot into them as the root
<lunaphyte> yeah, it's a vmware guest
<TJ-> lunaphyte: is this always a VMware guest?
<lunaphyte> yes
<lunaphyte> it always has been, from its inception, and always will be
<TJ-> lunaphyte: any changes to the hardware profile ?
<lunaphyte> no changes to hardware
<lunaphyte> just an upgrade from 17.10 to 18.04, that's it
<lunaphyte> no errors at all during the upgrade
<lunaphyte> went perfectly typical
<TJ-> lunaphyte: that screenshot suggests /root/ doesn't exist
<TJ-> lunaphyte: all commands trying to set-up the real file-system on /root/ fail - either that is missing or the real rootfs really has a major problem
<lunaphyte>  /root/ does exist
<TJ-> lunaphyte: so does the block device symlinked from /dev/mapper/vg1-root exist?
<lunaphyte>  /dev/md-0 ?
<lunaphyte> yeah, that exists
<lunaphyte> i can run fsck successfully on the device
<TJ-> lunaphyte: I have no idea, that that is NOT an LVM node
<lunaphyte> it properly recognizes the filesystem
<TJ-> lunaphyte: as I said earlier: --->  compare the dm-X number shown by "ls -l /dev/mapper/vg1-root" with "ls -l /dev/dm-X" to ensure it exists
<lunaphyte> yeah, it does
<lunaphyte> bah, sorry
<lunaphyte> i missed that irc ignored what i wrote because of the leading slash
<lunaphyte>  /dev/mapper/vg1-root points to /dev/dm-0, which exists
<TJ-> lunaphyte: the stacktrace shows that get_fs_type() fails, so what does "blkid /dev/dm-0" report?
<lunaphyte> https://pasteboard.co/HYJHXiJ.png
<lunaphyte> one moment
<lunaphyte> https://pasteboard.co/HYJIrFu.png
<lunaphyte> sorry i can't just use normal text.  i'm stuck inside a virtual guest console
<TJ-> I know :)
<TJ-> So, this is really looking like a btrfs problem. is the module available? "lsmod | grep btrfs"
<lunaphyte> ugh.  no lsmod in this busybox, it seems
<sarnold> /proc/modules ?
<TJ-> lunaphyte: "grep btrfs /pro/mocules"
<sarnold> it's ugly but still mostly legible
<TJ-> modules!
<lunaphyte> i did check the initrd earlier with lsinitramfs and it seems to allegedly include the btrfs module
<lunaphyte> ah, ok, one moment
<TJ-> lunaphyte: and more importantly: "find /lib/modules -name 'btrfs*'
<lunaphyte> aha, it seems the module may not be loaded
<lunaphyte> it does exist though
<lunaphyte> btrfs.ko
<TJ-> lunaphyte: "modprobe btrfs"
<TJ-> lunaphyte: that ought to be loaded by udev rules based on identifying the metadata, so there may be some issue with udev rules, or 'strange' metadata
<lunaphyte> hmm, ok
<lunaphyte> well, modprobe didn't complain, but it's still not appearing in /proc/modules
<sarnold> dmesg | tail ?
<TJ-> lunaphyte: corruption? :p
<TJ-> sarnold: the kernel stack-trace makes me suspicious; get_fs_type() should not be causing that
<sarnold> stack trace? I missed that part :)
<sarnold> ewwwwww
<lunaphyte> it's hard to tell where dmesg stops and starts between boot and modprobe
<TJ-> sarnold: https://9unvsq.bn.files.1drv.com/y4m6YIxUZfXzd96cuCzcKJR22rzSeBCy-2VUrndZk5gLlOyk52M6w8oZgr-ybtLbnVvC1trcidcR8L1ndgSUzH9NSysNDl1jTUD5_wBIPQ_PwSMIrWNa69rqvVv_MgV3o2czkQebQUj27idfawPbDN5jaY40rOW5swWLpKXpiu3yMgcPKj_PP6GROCAvAJpnpn3maXS_5GPsrkocfuEEbbHQQ/residue_2019_01_24.PNG?psid=1
<lunaphyte> https://pasteboard.co/HYJNunc.png
<TJ-> "request-module fs-btrfs succeeded, but still no fs?"
<sarnold> funny, that message actually means "we tried to look up the fs, that failed, so we loaded the module, and that succeeded"
<sarnold> is there a way to try to force btrfs to load *earlier* ?
<TJ-> thing is, why isn't it loading manually
<TJ-> I wonder if there are missing depends? "depends:        libcrc32c,zstd_compress,raid6_pq,xor"
<lunaphyte> where can i look?
<lunaphyte> kernel module dependencies?
<TJ-> lunaphyte: it needs the "modinfo" tool
<lunaphyte> busybox needs modinfo?
<TJ-> lunaphyte: no, checking the dependencies needs it
<lunaphyte> oh
<TJ-> lunaphyte: if the module doesn't show as loaded in /proc/modules then something is obviously going wrong
<lunaphyte> yeah, makes sense
<TJ-> lunaphyte: "grep btrfs /proc/modules" would show something like this: "btrfs 1155072 0 - Live 0x0000000000000000"
<sdeziel> what if you modprobe all the dependencies manually?
<TJ-> They're not there else modprobe would add them, that's the weird part here
<TJ-> I see 5 lines with 'btrfs' in them with that grep (showing the modules btrfs depends on also loaded)
<lunaphyte> TJ-: looking at the server before it's broken, it looks like btrfs has two dependencies: xor and raid6_pq
<lunaphyte> i've loaded those two modules manually in initramfs, and that went ok
<lunaphyte> but btrfs still doesn't load
<TJ-> lunaphyte: check the hash/checksum of the module in case it is corrupt - compare against one known to load (from the same kernel version of course!)
<lunaphyte> ok
<lunaphyte> i just verified that nothing is appended to dmesg when doing modprobe btrfs
<lunaphyte> i see messages from the raid6 module, and nothing more after that
<Blueking> NIC with intel chip X550 are supported ?
<TJ-> lunaphyte: rtry "grep btrfs /proc/filesystems"
<sarnold> Blueking: probably, I see loads of X550 hits in the ixgbe bit of the source tree, and I've got an ixgbe.ko kernel module
<Blueking> sarnold: guess I am going with Intel NIC
<lunaphyte> TJ-: btrfs not present
<TJ-> lunaphyte: so something is causing it to fail, silently too. Is there a blacklist!?
<Blueking> but what does word 'converged' say something about NIC product ?
<blackflow> lunaphyte: theory: btrfs initramfs scripts aren't expecting btrfs atop of lvm? perhaps you could try force a /etc/initramfs-tools/scripts/local-top/ script that modprobes the modules?
<TJ-> lunaphyte: try "grep -rn btrfs /etc/modprobe.d"
<TJ-> lunaphyte: the udev rule /lib/udev/rules.d/64-btrfs-dm.rules should trigger "ENV{DM_NAME}=="?*", RUN{builtin}+="btrfs ready /dev/mapper/$env{DM_NAME}"  "
<TJ-> lunaphyte: does the 'btrfs' tool exist ?
<lunaphyte> i'll check shortly - just indisposed for a moment
<TJ-> I've done some tests on a loopdev here and as soon as the btrfs image is connected the kernel loads the module
<TJ-> I've now done the same for your scenario /dev/loop5 -> PV > vg1 > root > btrfs  and as soon as the image is attached to the loopdev udev causes the module to load and the FS is available
<lunaphyte> TJ-: !!!!
<lunaphyte> btrfs was blacklisted!
<lordcirth_> lunaphyte, wat? why?
<TJ-> pffft, sysadmins! :p
<blackflow> Sounds legit.                                ZFS for president!                                      *runs*
<lunaphyte> yeah, it's a little bit odd, sort of
<lunaphyte> i'm the one who had blacklisted it
<lunaphyte> this is a template system, used to create other gusts from
<lunaphyte> *guests
<lunaphyte> one of the things i'd done was blacklist a bunch of various modules that served no purpose
<lunaphyte> a previous incarnation of this system used ext4, not btrfs and there was no need for btrfs, so it got blacklisted
<lunaphyte> then the new incarnation was built, and the blacklist file copied, not realizing that was still there
<lunaphyte> so that all makes sense
<lunaphyte> what i don't quite understand though is how the system was even functioning before the upgrade
<lunaphyte> if the btrfs module was blacklisted, how was the system booting, and how was the module being loaded?
<lunaphyte> anyway, that's very much for the help, as always :)
<lunaphyte> *thanks
#ubuntu-server 2019-01-30
<cpaelzer> jamespage: the new combo of dpdk 18.11 + ovs 2.11 has issues using the dpdk data path - error: "could not add network device dpdk0 to ofproto (No such device)"
<cpaelzer> jamespage: I need to check if that is a build/link/... issue or if the new combo (again) needs to configure the devices slightly different
<lordievader> Good morning
<cpaelzer> hiho lordievader
<lordievader> Hey cpaelzer
<lordievader> How are you doing?
<cpaelzer> fighting the cold, but good :-)
<cpaelzer> and you lordievader?
<lordievader> Doing good, bit tired.
<cpaelzer> jamespage: I found the issue, too-many-libraries :-)
<cpaelzer> jamespage: I will need a fix in DPDK packaging to drag in at least one mempool implmentation
<cpaelzer> until then in case you are testing as well, you need to install librte-mempool-ring18.11
<cpaelzer> the library becoms so flexible with alternate implementations that a linked app only binds the interfaces but none of the drivers
<cpaelzer> we knew that for PMDs but that creeped into mempool as well now
<cpaelzer> jamespage: I have a PR up for the DPDK packaging and a temporary fix in my testing (installing the lib as needed for 18.11-4)
<cpaelzer> jamespage: let me know if you need anything more on this - I'll restart the testing cycle and let you know once I have a complete result
<cpaelzer> jamespage: FYI I see traffic runnign through OVS 2.11 + DPDK 18.11 now which is encouraging
<cpaelzer> jamespage: also the OVS fix to the config will be updated
<cpaelzer> I'm test building in my PPA if it works I'll submit a v2 upstream
<cpaelzer> and then also push to the packaging branch of OVS
<nekowaiidesu> Hi all, I'm wanting to clone a lot of laptops over network with a windows image. they're all the same model laptop. Is there any easy way to do it with Ubuntu as a 'server' machine?
<jamespage> cpaelzer: ack
<jamespage> coreycb: starting a run on oslo.*
<zamba> i'm having problems installing ubuntu server on esxi hypervisor
<zamba> when trying to boot the regular iso, i'm just presented a grey-purple screen.. it seems like some kind of graphics error
<zamba> because i can make out something in the background that was supposed to be there
<zamba> the live installation iso accepts no input when i'm supposed to select my language
<ahasenack> good morning
<raddy> Hello Everybody
<raddy> I have done file system cleanups yesterday on my Ubuntu 16.04.5 LTS
<raddy> And have reclaimed about 45GB of space
<blackflow> congrats!
<raddy> But tomcat is showing that it cannot touch catalna.out file because of lack of free space
<Ussat> when you say you did cleanup, what do you mean ?
<raddy> I checked with lsof -nP | grep '(deleted)' | less and could not see the files I have deleted in it
<raddy> I deleted lot of files
<blackflow> raddy: to which filesystem does it output? a tmpfs perhaps?
<raddy> No.
<raddy> "/opt"
<TJ-> raddy: is the problem lack of free space, or lack of free inodes?
<TJ-> raddy: try "df -i "
<raddy> "/opt" only I have did cleanup as well
<raddy> TJ-: You were so true, inodes have become full
<raddy> What can I do know ?
<TJ-> raddy: too many small files then
<TJ-> raddy: you've probably got something creating lots of small (possibly temporary?) files
<raddy> Yes
<raddy> There is no option other than deleting files ?
<raddy> I have actually cleared as much as I could
<blackflow> backup data, reformat fs for larger number of inodes, restore from backup
<TJ-> raddy: its not possible to add inodes after file-system creation, but you might be able to mount another file-system where the small files are being created
<raddy> TJ: Could there be any possibility for the inodes to be held even if not shown in lsof ?
<raddy> Shall I try rebooting ?
<blackflow> lsof is just for open files. inodes are taken by all the files on the fs.
<TJ-> raddy: I doubt it, 'df' reports the inodes in-use. Unless there are a LOT of small files unlinked but not yet deleted
<raddy> Can we find unlinked but not yet deleted inodes ?
<TJ-> raddy: only the regular way, "sudo ls -l /proc/[1-9]*/fd/ | grep deleted"
<cpaelzer> jamespage: OVS tests are complete
<cpaelzer> all that can work worked fine
<cpaelzer> some old use cases were deprecated and now removed, those won't work for obvious reasons
<cpaelzer> jamespage: there will be a DPDK 18.11-5 which fixes the two issues I found (both being dependencies)
<cpaelzer> jamespage: do you want to wait until 18.11-5 is trying to sync (so we can remove the libipsec build-dependency)
<cpaelzer> OTOH the extra build-dep isn't too bad, we could as well upload OVS as-is
<ahasenack> rbasak: I forget, do I need a separate bug for adding dep8 tests to a package that is being SRUed because of another bug (which is properly mentioned in d/changelog)?
<cpaelzer> jamespage: what would you prefer?
<ahasenack> I *think* not
<ahasenack> as long as I explain it in the sru template
<cpaelzer> ahasenack: no you don't
<ahasenack> ok
<ahasenack> thx
<cpaelzer> IMHO: that is what the "other comment" section in the SRU template is for
<rbasak> ahasenack: no
<rbasak> The only thing I ask for is something to make it clear it's deliberate.
<ahasenack> good
<raddy> Hello Everybody
<raddy> If I tar a folder with so many folders and files in it, and delete the folder, all the inodes used by it would be freed ?
<raddy> Please do someone reply
<lotuspsychje> !patience | raddy
<ubottu> raddy: Don't feel ignored and repeat your question quickly; if nobody knows your answer, nobody will answer you. While you wait, try searching https://help.ubuntu.com or https://ubuntuforums.org or https://askubuntu.com/
<cpaelzer> jamespage: 18.11-5 is prepared as of now
<cpaelzer> jamespage: ping me to discuss when and in which form we upload OVS 2.11 then
<coreycb> jamespage: i'll work through the latest openstack clients shortly
<cpaelzer> jamespage: as promised DPDK 18.11-5 just hit Debian builders
<jamespage> cpaelzer: excellent - I'm all up for a snapshot upload of ovs as soon as that hits disco
<jamespage> coreycb: ok - oslo's all done
<coreycb> jamespage: alright! i'm going to start on the clients now
<cpaelzer> jamespage: ok so since you want to upload "after" 18.11-5 hits disco I'll push a removal of the then no more needed libipsec-dev dependency to the packaging archive together with the other fixups
<cpaelzer> jamespage: openvswitch packaging git updated
<cpaelzer> jamespage: I'll ping you once I see DPDK 18.11-5 fulyl built in disco-proposed
<jamespage> coreycb: ok starting at 'a' and working down the list of core projects
<coreycb> jamespage: ok
<jamespage> coreycb: progress so far - https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3517/+packages
<coreycb> jamespage: nice!
<coreycb> jamespage: i almost have all the clients built. working through a neutronclient test error: https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3584/+packages
<coreycb> jamespage: i'll check your ppa this afternoon and pick up where you left off on core packages
<jamespage> coreycb: doing keystone now - might fit one more in before I have to eod
<muhaha> how to disable powersaving ? I have attached monitor with hdmi, but after a while -> monitor is disconnected. Thanks
<beowuff> I'm trying to get quassel-core to run in an LXD container and having no luck... Does anyone have this working? Running it manually gives me a  segmentation fault. :/
<Draggor> Hey there!  Where would I find the settings values for the terminal that loads up?  Font, font size, and also the color scheme it seems to use?
<jamespage> coreycb: ok I got to mistral but I skipped *-dashboard
<jamespage> everything uploaded to disco
<coreycb> jamespage: ok sounds good, thanks!
<jamespage> coreycb: I'll pickup any leftovers in my am tomorrow
<coreycb> jamespage: ok. i'll keep you posted.
<jamespage> ta
<Draggor> And, is it possible to use something like FiraCodeMono on just a raw terminal?
<sdeziel> muhaha: not sure that will do it but I'd try adding "consoleblank=0" to the kernel boot args
<muhaha> sdeziel is it something different than dpms ? I just setup crontab: @reboot root sh -c 'xset s off -dpms' > /dev/null 2>&1, but I am not sure if its enough
<sdeziel> muhaha: it's not an area I know well, sorry. I just remember that I used that arg to avoid a similar issue. See https://www.kernel.org/doc/html/v4.14/admin-guide/kernel-parameters.html for details
<Deihmos> is there an app that will give me the system resources used over a specific time
<sarnold> Deihmos: performance copilot is in the archives
<sarnold> Deihmos: I've heard good things about https://github.com/Netflix/vector but never tried it myself
<sdeziel> Deihmos: there is also netdata when you can configure the retention period (default is 1h IIRC)
<sdeziel> s/when/where/
<stoiss> do anyone know how to make a headless computer have a higher resolution for a dummy monitor ?
<sarnold> how did you make the dummy monitor?
<stoiss> installed xorg dummy driver
<stoiss> i just cant get it above 1360x768 which is really not optimal
<stoiss> especially since im also running a teamviewer to a ubuntu server ( well a KDE on regular ubuntu ) which in turn runs vmware so i end up with a postage stamp for screen
<muhaha> sdeziel xset s off -dpms did the trick seems...
<sdeziel> muhaha: cool
<muhaha> but xset q still shows dpms and screensaving on.. .weird...
<sdeziel> muhaha: for some reason, I didn't want x11 related packages on my server back then so I took the kernel boot args route
<Deihmos> Why would Ubuntu server with no ui consume more energy than windows 10 ?
<rbasak> Deihmos: would it? Depends heavily on hardware, conditions, e tc.
<Deihmos> Same software installed. I think it is that samba process constantly using the CPI even with no files being accessed.
<Deihmos> I have to look into it
<lordcirth__> Deihmos, are you using powertop and/or tlp?
<Deihmos> No
<rbasak> Is this on a laptop?
<Deihmos> Nope desktop
<rbasak> In any case, with no GPU driver active it won't be put into any kind of low power mode, etc.
<rbasak> You might be better off trying Ubuntu Desktop and then allowing the desktop to shut off your monitor.
<Deihmos> Connected to a tv. It goes to sleep with no activity
<sarnold> I could also believe that timer resolution etc is set up for low latency and if you wanted to fiddle with those knobs to make it less responsive, it might be able to stay asleep longer
<Deihmos> It isnât that though. Definitely samba.
<rbasak> If you definitely know the answer, then I'm not sure why you're asking the question!
<Deihmos> Didnât know at the time.
<rbasak> Ah :)
<Deihmos> Samba keeps kicking in the processor for no reason
<compdoc> Deihmos, some windows protocols used to be pretty chatty, advertising themselves and all. And samba loves to declare itself browse master
<Deihmos> The logging is very minimal. There isnât a log of anything. In samba.conf logging is set to 0.
<compdoc> windows defaults to spinning down drives. not sure ubuntu does unless you install something
<compdoc> how do you measure power use?
<ironhalik> Hi - quick question, is it possible in netplan, to have a static IP, but get DNS servers from DHCP? Currently with static IP configured, and dhcpv4 enabled, I get an additional DHCP address on my interface
<sarnold> powertop is a pretty good first shot
<Draggor> ironhalik: as far as I'm aware there isn't a dhcp dns only option
<lordcirth__> ironhalik, are you sure you need to automatically get DNS? Generally you can just set 1.1.1.1 or 8.8.8.8
<ironhalik> yeah, but this is an internal network - with internal DNS caches and resolvers
<lordcirth__> ironhalik, what about just using DHCP?
<ironhalik> I'll get a random ipv4 address :)
<ironhalik> IIRC in etc network interfaces it was possible
<sarnold> sometimes your can configure dhcp servers to hand out specific ips for specific MACs
<ironhalik> yeah, this would be an option
<ironhalik> and would certainly please the network guys :)
<ironhalik> I guess I'll use a fully static config - the DNS addresses should change tbh
<JanC> or based on "hostname"
<coreycb> jamespage: i have the client and some more deps in https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3584/+packages. once dep8 tests pass i'll land those.
<coreycb> jamespage: and this is where i'm going to leave off for core pkgs: https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3583/+packages
<cpaelzer> jamespage: https://launchpad.net/ubuntu/+source/dpdk/18.11-5 is built and in proposed
<cpaelzer> jamespage: you could upload the OVS we have prepared along it
#ubuntu-server 2019-01-31
<lordievader> Good morning
<jamespage> coreycb: staring on neutron-* networking-*
<jamespage> coreycb: ah os-ken
 * jamespage puts the cookie cutter into action
<jamespage> coreycb: fwiw I'm not doing py2 packages for new deps
<jamespage> coreycb: we're probably at a point where we can cull the python-oslo* pkgs
<cpaelzer> jamespage: I don't see OVS 2.11 building in disco - should I upload it
<jamespage> cpaelzer: yp - got stuck in a testing issue for the openstack snapshots we're doing this week
<cpaelzer> jamespage: then go on testing, I'll upload as he have it in the packaging git atm
<cpaelzer> he -> we
<cpaelzer> ok I've done it for you - I hope you find your issue soon - happy testing
<cpaelzer> the ovs packaging repo has a commit to release it (modifying the changelog) and a new tag following the same style you usually tag it
<cpaelzer> jamespage: ^^
<jamespage> cpaelzer: +1 thanks
<jamespage> cpaelzer: issue fixed - unit test which wants to access the internet
<jamespage> nice
<jamespage> coreycb: we should request an rm on https://blueprints.launchpad.net/neutron/+spec/ryu-framework-maintenace-transition
<jamespage> ryu is basically unmaintained now
<jamespage> coreycb: I'll do that as part of this set of snapshots
<nekowaiidesu> Hi all, I'm wanting to clone a lot of laptops over network with a windows image. they're all the same model laptop. Is there any easy way to do it with Ubuntu as a 'server' machine?
<nekowaiidesu> idea is to PXE boot, but what are my option to load a pre-made image (instead of installation media)
<coreycb> jamespage: ok. looks like we need an os-ken too.
<coreycb> jamespage: i'm not sure how many py37 tests we're still skipping. that could use a revisit. maybe i'll just wait until after we're done with this round and take a look through everything.
<jamespage> coreycb: yep - have that packaged
<jamespage> neutron/eventlet test give me grief - debugging now
<coreycb> jamespage: oh yay eventlet. thanks or doing os-ken.
<coreycb> jamespage: just read your py2 msgs. it's probably fine to do py3 only for new deps. i think we just need to be careful with swift deps.
<coreycb> i've been doing the safe fwiw with new deps
<coreycb> *same
<jamespage> great
<ahasenack> does "+ds1" in a debian package version mean something special? 1.2.1+ds1-1
<coreycb> jamespage: hoping to release my deps from bileto fairly soon. i'm doing a full dep8 run and have 2 remaining failures that are re-running.
<coreycb> jamespage: there might be some updates that neutron needs in there.
<jamespage> coreycb: ok (I've generally been using proposed for dep8 testing)
<jamespage> coreycb: have the fix for neutron - its in oslo.utils - testing now
<coreycb> jamespage: ok
<coreycb> jamespage: i'll start backwards from z on core packages
<jamespage> coreycb: awesome
<jamespage> ta
<coreycb> jamespage: we did some overlap on networking-* and murano and I pushed them to git. but i've since deleted my bileto ppa with them so feel free to force push your changes.
<jamespage> coreycb: ah ok
<teward> cpaelzer: powersj: I see my old Trello account is on the ubuntu server daily trello as a member, can you add my new trello since I don't use the old trello account of mine anymore (and scheduled it for a deletion)?  @teward001 is my Trello account I use regularly now.
<teward> you two are the admins as far as I can tell :P
<jamie_1> hey, im currently trying to get a site online but mysqld wont start so i can get mariadb-server to start
<jamie_1> any ideas
<powersj> teward, I think I sent it correctly, but let me know
<teward> powersj: standby.
<teward> my mail gateway took a dump :|
<teward> yep it shows in my account now thanks :)
<powersj> np
<jamespage> coreycb: https://bugs.launchpad.net/ubuntu/+source/python-django-debreach/+bug/1805690 got approved by the security team - that will unblock horizon
<ubottu> Launchpad bug 1805690 in python-django-debreach (Ubuntu) "[MIR] python-django-debreach" [Undecided,Confirmed]
<coreycb> jamespage: ack yep. i'll let xnox know.
<jamie_1> okay so im trying to get mariadb running and its failing and the status says https://pastebin.com/sYajXrn4
<jamie_1> anyone have a clue what to check?
<jamie_1> im running on 18.04
<jamie_1> join mysql
<jamie_1> whoops
<coreycb> jamespage: i'll get nova, nova-lxd and octavia
<coreycb> that should be it i thin
<coreycb> think
<coreycb> jamespage: i'd check 'journalctl -xe' and /var/log/mariadb
<coreycb> jamie_1: sorry that was for you ^ not jamespage
<jamie_1> its all good man
<jamie_1> im having my own fights with db's XD
<jamie_1> anyone know what /etc/nginx/nginx.conf permissions should be set to?
<teward> i can tell you shortly.
<teward> *pulls up his dev environment*
<teward> jamie_1: -rw-r--r--  1 root root 1482 Apr  6  2018 nginx.conf
<teward> 644 and owned by root:root by default
<teward> mind if I ask why you're wondering?
<jamie_1> teward: im setting up a new site and i went to redo the configs using ssh so im using nano so it was easier to rm the file.... but i totally forgot the check the perms first
<teward> jamie_1: next time, just do echo "" | sudo tee /etc/nginx/nginx.conf
<teward> replaces the contents of the file with an empty one
<jamie_1> yeah.... i make that woops a lot.... bad habits
<teward> but keep in mind there may be packaging-level changes later on that might override so don't just blindly upgrade :P
<jamie_1> im not, this is a fresh config on a fresh spun server
<jamie_1> tbh im not the best with ngix or wp but its for a memorial page for a friend so im trying to power through it
<jamie_1> i do game hosting normally so this is very different from what i usually do
<jamie_1> so if you know about web hosting i may or may not harass you in a bit XD
<teward> i know a lot about web hosting :P
<jamie_1> if you ever need a game server let me know XD
<teward> but I would not have gone and 'erased' the default configs because they were configured pretty sanely, and you need to configure the 'site' separately :P
<teward> (FYI I'm the maintainer of the nginx package as part of the server team, for the most part, so I know that package pretty darn well and how to configure it :P)
<jamie_1> i replaced the default with one generated from nginx.io
<jamie_1> so i didnt do anything to crazy i dont think
<teward> you mean a website that doesn't exist ;p
<teward> yeah i don't like those configs, they're... shall we say... not the best tuned :P
<jamie_1> i dont know much about this stuff.... but that page is kinda really important so im doing what i can to get it up
<jamie_1> i already need a hand again lol
<jamie_1> lets encrypt is complaining XD
<jamie_1> https://pastebin.com/Tb9E9ZRW
<sdeziel> jamie_1: s/livee/live/ ?
<jamie_1> ignore the extra e.... that was becuse i had to copy and paste it in different sectiosn due to bitvise ssh
<blackflow> no, looks like they typed up that pastebin and typo'd the first livee
<blackflow> at any rate... file not found.
<jamie_1> i know lol
<jamie_1> i dont know anything about letsencrypt
<blackflow> perhaps fix that first? ;)
<jamie_1> if it werent for why im putting up the site.... i would
<jamie_1> i hate to be that guy... normally i would go through the work of finding the issue and solving them one by one, but this is a memorial site im trying to put up for a friend of mine that just passed and time is important
<sdeziel> jamie_1: pastebin your config files and the journalctl output with the error
<jamie_1> https://nginxconfig.io/?0.domain=ruby.wertyy102.tech&0.wordpress
<jamie_1> i just killed ssl and its working now
<jamie_1> not very secure but... it will work
<sdeziel> mmm, OK
<jamie_1> now to figure out why wp isnt showing on the ip.... fun stuff
<teward> jamie_1: probably because you didn't load up the actual website in the HOST field
<jamie_1> teward: that and one other thing....
<jamie_1> the document root was set as /public not /wordpress
<jamie_1> so my configs were borked af
#ubuntu-server 2019-02-01
<cryptodan> has anyone else reported a hung reboot process on a new install
<sarnold> not recently
<cryptodan> ive had 3 using ubuntu 18.04 on an HP ml350p
<axisys> I know yum packages from defaults repos are signed.. is it same for deb packages from ubuntu repos?
<axisys> I think so, but I want to double check
<sarnold> axisys: the ubuntu / debian apt security model revolves around the repository keys in /etc/apt/trusted.gpg /etc/apt/trusted.gpg.d/
<sarnold> axisys: by default it is set up to trust official ubuntu mirrors
<sarnold> axisys: anyone can run a mirror, but some mirrors are more up to date than others
<axisys> sarnold: thank you!
<sarnold> axisys: the InRelease files in the archive mirrors describe the files containing SHA256 hashes
<sarnold> and those describe the packages
<sarnold> so the packages aren't individually signed, but you can follow a chain of trust back towards the public keys on your system
<sarnold> axisys: take a look at the InRelease file here http://archive.ubuntu.com/ubuntu/dists/bionic-updates/
<axisys> sarnold: so that is different from yum I think where individual packages are signed? OR probably not.. I suppose a question for different channel .. appreciate all these details
<sarnold> axisys: definitely; the last time I used yum it was on a g3 ibook :)
<sarnold> axisys: the last time I used rpm, definitely each rpm was individually signed
<sarnold> but I don't know if that's still the case
<axisys> sarnold: checking with #centos .. thanks again
<sarnold> woot
<sarnold> have fun axisys
<cryptodan> my Dell PowerEdge 4600 has been decommissioned, and I am now on ubuntu 18.04 with this https://termbin.com/cpl4
<sarnold> 92 gigs?
<cryptodan> yup
<mybalzitch> you need some 2670's or better in that baby
<cryptodan> its for small home office and hobby machine
<lordievader> Good morning
<Myros> Hello, my server crashed, what should i do? https://paste.ubuntu.com/p/BK4sVMvKzK/
<tomreyn> <tomreyn> Myros: storage issues (amongst other, but those are critical). replace sdf
<tomreyn> your hard disks seem to generally run way too hot
<tomreyn> thats if those readings are correct
<tomreyn> why do you run gnome-shell on y server?
<tomreyn> s/ y / a /
<tomreyn> Myros: do you actually read this?
<Myros> Yes
<Myros> I use the server with other persons gnome-shell is likley from another user
<tomreyn> you should probably be using separate hardware.
<tomreyn> until then, sort out the disk and cooling issues.
<Myros> Ok, thanks
<Myros> Wait, how hot are my disk, i found only 39Â° on sdb and 35Â° on sdf
<Myros> What did you found?
<lordievader> 40C for a disk is quite hot. You want those to be around 20-30C.
<tomreyn> Device: /dev/sda [SAT], SMART Usage Attribute: 194 Temperature_Celsius changed from 115 to 113
<tomreyn> those can be raw values, hopefully are
<tomreyn> your php installation also looks broken
<tomreyn> mixed API versions on modules
<Myros> Ok thanks
<blackflow> tomreyn: those are normalized values. smartd logs normalized values changes.
<tomreyn> blackflow: unless it states differently, i'd expect them to be normalized, too. but then there is sometimes incorrect data in smart's db. and while we don't know how these hdds are installed, it is surprising that smartd reports temperatures around 40 Â°C for some and > 100 Â°C for others.
<tomreyn> either way, needs investigation
<blackflow> depends how the vendor is encoding the normalized value, but smartd will always logged normalized values.
<blackflow> *log
<ahasenack> good morning
<kstenerud> Did something just break on cosmic-security?
<kstenerud> E: Type 'cosmic-security' is not known on line 50 in source list /etc/apt/sources.list
<kstenerud> this just started happening on new lcd containers 2 minutes ago
<kstenerud> lxd
<kstenerud> ... and now it works again :/
<Ussat> gremlins
<genii> Probably hit the server while it was being updated
<evit> Howdy yall
<evit> Does anyone know why the Ubuntu security notice website and announce list sometimes lag behind the actual patches?
<tomreyn> sending a lot of e-mails probably takes hours
<evit> tomreyn, It must take like a whole day for those 0's and 1's to crawl through all the cables of the Interwebs.... =P
<sdeziel> evit: another possibility is to that some time is given for external mirrors to pull the new packages
<evit> I'm speakin of https://usn.ubuntu.com/
<evit> Not showing updates until the day AFTER they are released some times
<evit> The day AFTER the announce list email goes out
<sdeziel> evit: I'd ask on #ubuntu-hardened
<evit> Just seems odd... Some of those vuln are no joke, seems like the site and annouce list should be updated immediately
<evit> gracias!
<coreycb> jamespage: for py3 openstack dependencies, should we go ahead and drop all py2 packages from deps that swift doesn't depend on?
<Deihmos> anyone use powernap on their server
<coreycb> jamespage: it only depends on a few projects like python-keystone* but it might get to be a tangled mess
<coreycb> jamespage: btw i let bileto do all my dep 8 tests and it took longer but it is really nice to just land into -updates!
<coreycb> actually -release, but same idea, not -proposed
<coreycb> jamespage: anyway basically done with stein snapshots on my end
<zzlatev_> Hi
<zzlatev_> I need some help
<tomreyn> !ask | zzlatev_
<ubottu> zzlatev_: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<zzlatev_> I compiled nginx from source, but now i have two versions
<zzlatev_> how can I use the new one?
<SimonNL> zzlatev_: good luck
<zzlatev_> thanx
<tomreyn> uninstall the packaged one, and (maybe, to be considered) follow the instructions on the INSTALL file (if it exists) or README file to make it usable.
<zzlatev_> tomreyn:
<tomreyn> a better option may be to use the ubuntu packaged nginx pakcages, or their source packages, and patch + build those.
<zzlatev_> i use the official source
<tomreyn> so?
<zzlatev_> Hi guys
<zzlatev_> I have installed webmin but there's nothing on port 10000
<zzlatev_> can you hel me
<sarnold> you can use sudo netstat -tlnp to find the listening port
<sarnold> be careful with webmin
<sarnold> historically they've had crap code
<sarnold> loads of remote vulnerabilities.. so be sure to restrict access to it to only the machine you want to use to admin it
<tomreyn> such as localhost
<zzlatev_> sarnold: yes, I have bad experience with it
<zzlatev_> but now i need it because of nginx and stalker portal
<zzlatev_> sarnold: can you help me with nginx?
<zzlatev_> I have two of them now
<sarnold> zzlatev_: you'll have to be a lot more specific
<zzlatev_> OK
<sarnold> why do you have two? what are youtrying to accomplish? etc
<zzlatev_> I want to install new version of nginx for example - 1.15
<zzlatev_> the only option for that is to compiled from source
<zzlatev_> I did this and now I have two nginx - one from source and one from ppa
<zzlatev_> sarnold:
<zzlatev_> that's it
<sarnold> hah, I kept waiting for some kind of question, or problem you're having, etc :)
<sarnold> what's your goal? do you want to remove the one we've packaged for you?
<sarnold> or do you just want to know how to run them both simultaneously?
<zzlatev_> I want to run the new version
<zzlatev_> because I need it for my stalker portal
<zzlatev_> that's it
<zzlatev_> now I have two versions
<zzlatev_> sarnold:
<sarnold> zzlatev_: I don't know how you installed your new version
<sarnold> zzlatev_: you're the one who's going to know how to use it :)
<zzlatev_> I ask about how to remove the old one...
<sarnold> aha!
<sarnold> apt-get purge nginx
<teward> i see nginx referenced  heh
<zzlatev_> sarnold: does this command erase all nginx?
<zzlatev_> ok, i don't need to erase anything
<zzlatev_> i need to use the new version
<zzlatev_> can you help me guys?
<teward> zzlatev_: it'll erase the NGINX that was installed by the package
<sarnold> hey teward
<teward> the package itself will only utilize its own version, because of how the SystemD unit is configured
<sarnold> zzlatev_: apt-get purge nginx will only remove the version that we packaged
<teward> i should PROBABLY mention...
<teward> that I also provide a 1.15.x PPA that is very close to what we have in Ubuntu in terms of package structure
<teward> so no need to manually compile from source ;)
<teward> we just don't advertise PPAs here typically
<zzlatev_> ok, that sounds good
<teward> !ppa
<ubottu> A Personal Package Archive (PPA) can provide alternate software not normally available in the offical Ubuntu repositories - Looking for a PPA? See https://launchpad.net/ubuntu/+ppas - WARNING: PPAs are unsupported third-party packages, and you use them at your own risk. See also !addppa and !ppa-purge
<teward> because that ^
<zzlatev_> teward: do you mean that 1.15 is in PPA?
<tomreyn> https://launchpad.net/~nginx/+archive/ubuntu/development
<teward> Yes, there is a PPA that contains 1.15 and can be installed like the Ubuntu repositories' version is.
<teward> https://launchpad.net/~nginx/+archive/ubuntu/development  <-- yep this one
<zzlatev_> come on...really
<sarnold> zzlatev_: yeah :) teward's been taking good care of nginx for us for ages :)
<teward> been doing this since 2014 :P
<zzlatev_> but what about compiled
<teward> i'm not sure what you did to install the compiled version
<teward> but the by-hand compiling that you did will not be run unless you installed it WITHOUT the Ubuntu version of nginx installed
<teward> because of reasons and conflicting configuration file(s) and versions, and incorrectly-configured SystemD units which handle autostart of nginx
<zzlatev_> so if I install your version 1.15 from the repo it will replace the old one
<teward> it will replace the one from the main Ubuntu repository that you used, yes.
<zzlatev_> yes
<zzlatev_> apt-get insttall nginx
<zzlatev_> or nginx-dev
<zzlatev_> ?
<zzlatev_> from the repo
<teward> just apt-get install nginx
<zzlatev_>  nginx-full
<zzlatev_> The following packages will be upgraded:
<zzlatev_>   nginx nginx-common
<zzlatev_> 2 upgraded, 11 newly installed, 1 to remove and 1 not upgraded.
<zzlatev_> 955 kB of additional disk space will be used.
<zzlatev_> only 955kb?
<teward> there's not much difference between what's in Ubuntu currently and what you're installing.  :P
<teward> similar, but different.  :P
<zzlatev_> i have installed 1.10 from ubuntu
<zzlatev_> i don't know from what repo
<teward> oops i accidentally burned food back in a moment
<zzlatev_> which*
<teward> zzlatev_: you installed the version that was in the Ubuntu repositories
<zzlatev_> yes
<zzlatev_> teward: come ooooooooon
<zzlatev_> you are great!
<zzlatev_> zlatev@Zlatev:~$ nginx -V
<zzlatev_> nginx version: nginx/1.15.6
#ubuntu-server 2019-02-02
<Deihmos> is there a custom install for the server? the install is 4GB
<Deihmos> while debian is just 800MB
<sarnold> you could try http://ports.ubuntu.com/ubuntu-ports/dists/bionic-updates/main/installer-arm64/current/images/netboot/
<sarnold> oh sorry that's arm64
<sarnold> http://cdimage.ubuntu.com/netboot/18.04/
<Deihmos> the mini iso?
<sarnold> yeah, chances are good that'll leave you a system with almost nothing installed. should be tiny.
<Deihmos> lol
<Deihmos> i am going to try it in vm now
<teward> sarnold: rbasak: and anyone else who cares: nginx 1.15.8 now uploaded to the repos.
<sarnold> thanks teward :)
<teward> yep.  prepping the PPAs for the update too
<teward> cc zzlatev_ ^ tomorrow the PPA will have 1.15.8
<teward> in case you intend to do updates as well :p
<Deihmos> trying to decide between ubuntu server or debian as a plex server
<Deihmos> the mini still ended up with 4GB
<sarnold> Deihmos: lol
<sarnold> thanks for reporting back :)
<sarnold> I sure expected it to be 800~1000 megs..
<Deihmos> maybe i need to do expert install
<sarnold> you can apt-get purge whatever you don't need, of course
<zzlatev_> teward: thanx\
<teward> sarnold: ubuntu-standard pulls in a lot of stuff ;P
<teward> might be where the bloat is coming from
<sarnold> nano, ureadahead.. deadweight :)
<teward> :P
<teward> debian bare is *very* tiny because it includes pretty much nil in it by default
<teward> Deihmos: ^
<teward> just wanting to make that clear
<teward> but 4GB does sound excessive
<teward> Deihmos: did you choose anything in the installer or...?
<teward> or did you only go for the bare minimjm
<Deihmos> 3.5GB
<Deihmos> openssh was selected
<teward> 4GB usually means you selected other things to install beyond the standard bits.  any GUI?
<teward> pretty sure "no" but
<Deihmos> nope just openssh
<teward> that... doesn't sound right.
<teward> *pulls down an ISO and does a VM test*
<sarnold> can you pastebin your dpkg -l ?
<teward> ^ that
<teward> Deihmos: can you also confirm *how* you're determining 3.5GB
<Deihmos> df -h
<teward> can you include that output as well?
<Deihmos> https://www.irccloud.com/pastebin/LnQ2oS6x/
<sarnold> that looks like a partial list
<sarnold> e.g. there's no bash
<sarnold> but you probably has bash installed :)
<teward> sarnold: 1.5GB with just SSH-server, 1.8GB with OpenSSH + Ubuntu Server standard
<teward> so it sounds something else is going on possibly
<sarnold> teward: that's way more like it. still a bit bigger than I expected but at least it's not 4gigs :)
<teward> sarnold: and there's a 20GB partition in this VM so
<sarnold> teward: thanks for giving it a try, it's nice to know I'm no insane, hehe
<teward> Deihmos: can you provide the `df -h` output you're seeing as well?
<teward> also `dpkg --get-selections`
<teward> which should look like what sarnold is expecting to see :p
<Deihmos> https://www.irccloud.com/pastebin/xWHMf4rf/
<Deihmos> https://www.irccloud.com/pastebin/gL4uGgye/
<Deihmos> https://www.irccloud.com/pastebin/Cz9qjjRj/
<Deihmos> error
 * teward headscratches
<teward> that looks like only a partial scrollback copy
<Deihmos> what are you referring to ?
<sarnold> Deihmos: run dpkg -l | wc -l
<sarnold> note how it's a lot more than 60
<sarnold> but we're only seeing sixty packages in your pastes..
<teward> http://paste.ubuntu.com/p/6xnnjbXHTP/
<teward> should look more like that
<sarnold> if copy-and-paste is hard on that machine, install the pastebinit package, and run dpkg -l | pastebinit
<teward> ^ that
<teward> install pastebinit, then it'll give you links on paste.u.c, and you give us those links
<sarnold> teward: hah, I look at that list and immediately think "ethtool probably should be installed"
<teward> sarnold: well I stripped away the ubuntu server standard set in this :p
<teward> but ethtool is in my install :P
<teward> unless you mean their list
<cryptodan_mobile> You could pipe it to nc termbin.com 9999 and itll generate a pastebin link
<teward> there's a dozen different ways to do it :P
<Deihmos> it appears this ssh software i am using have imitations
<Deihmos> or just buggy
<sarnold> cryptodan_mobile: yeah, very nice when pastebinit isn't available
<zzlatev_> teward:
<pangolino> Hi, I've got a fresh install of Ubuntu 18.10 on an intel NUC (8i) and have a question about chaning the MTU for the NIC, if this is more of a #ubuntu question feel free to send me there
<lotuspsychje> pangolino: are you installing server non-lts on your nuc?
<pangolino> I'm just trying to set the MTU to 9000, however via google/stack overflow etc I'm heading deep down a rabbit hole of netplan and networkd
<pangolino> yes, non-lts
<lotuspsychje> pangolino: for testing or production?
<pangolino> better to go with lts and keep life simple?
<lotuspsychje> pangolino: the users choice
<pangolino> home use, non production - for learning but equally I don't want to be too unstable
<lotuspsychje> pangolino: did you upgrade bios firmware to latest, those are important on a nuc
<pangolino> yes, latest bios
<lotuspsychje> great
<lotuspsychje> i run 18.04 on a nuc, but not sure about the mtu myself
<lotuspsychje> you got network speed issues or so?
<pangolino> default mtu of 1500 makes for slow transfers on the 1gig lan, rest of network runs with an mtu of 9000 so was aiming to keep everything in sync
<pangolino> (slow multi-gigabyte transfers)
<pangolino> I have netplan and generated networkd configs in pastebin if of interest - stack overflow/google seemed to suggest that the DHCP MTU "UseMTU" could not be configured with netplan, and that was overriding my settings
<pangolino> https://paste.ubuntu.com/p/P6bVFvwJND/
<pangolino> I confess I was unaware that DHCP had any influence over mtu so you live, you learn
<lotuspsychje> pangolino: can this help? https://askubuntu.com/questions/1099243/netplan-bond-bridge-mtu-setting-not-being-honored-on-bionic-system
<pangolino> lotuspsychje: I think that's one of the ones I've read - I added a match by macaddress but still UseMTU gets set
<pangolino> one solution i think is to go for purely static config, remove DHCP from the equation and get on with life
<pangolino> I have static leases so it wouldn't be the end of the world but it feels like giving up over something that on the face of it should be pretty easy
<lotuspsychje> pangolino: here another guy set 9000 https://ppc64el.wordpress.com/2018/03/22/ubuntu-18-04-netplan/
<pangolino> lotuspsychje: that one appears to be for multiple nics, and is going the route of turning of dhcp and statically configuring
<azidhaka> there is a proxy, similar to haproxy, but meant for load ballancing VMs, can anyone remind me its name
<JanC> pangolino: is there a netplan bug report about DHCP MTU?
<JanC> cyphermox might be interested in that
<teward> zzlatev_: i wasn't online 13 hours ago - was 1AM sorry
<lunaphyte> after upgrading, my serial port is not longer working.  i've collected the following clues so far: http://dpaste.com/2EADK2H.txt
<lunaphyte> it seems like there may now be an irq conflict between the serial port uart and the i8042 device, for some reason?
<lunaphyte> how can i correct this?
<lunaphyte> i've done a bit of research, and tried booting with the i8042.nokbd kernel command line option, but this didn't seem to make a difference
<lunaphyte> i'm on 18.10
<TJ-> lunaphyte: broken it again!?
<lunaphyte> still recovering :)
<lunaphyte> although it may be working better
<lunaphyte> i've used setserial and now i seem to be able to at least open the port
<lunaphyte> and i think it's working right, but haven't validated that yet
<lunaphyte> i wonder why it somehow ended up trying to use the same irq as this i8042 device
<TJ-> lunaphyte: is this a VM or bare metal?
<lunaphyte> and i wonder if i'll have to do something to change this every time it boots
<lunaphyte> it's a physical server
<lunaphyte> a dell pe1950
<TJ-> lunaphyte: are there any options on the kernel command-line (/proc/cmdline) ?
<lunaphyte> BOOT_IMAGE=/boot/vmlinuz-4.18.0-13-generic root=/dev/mapper/vg_1-root ro nomdmonddf nomdmonisw i8042.nokbd
<lunaphyte> i'd added i8042.nokbd for troubleshooting
<TJ-> lunaphyte: generally, unless the BIOS is misconfigured, the way this usually happens is if the ACPI tables are buggy (which tell the OS where things are)
<lunaphyte> nothing physical or bios has changed
<lunaphyte> i'd been using the serial port for ages, and it broke now that i've upgraded
<TJ-> hmmm, can you show the complete dmesg from boot-time?
<TJ-> you've (obviously) got 2 devices sharing an IRQ which generally should be fine if the drivers support sharing
<lunaphyte> TJ-: http://dpaste.com/2TSJ12W.txt
<TJ-> the error you're seeing in dmesg is because the drivers are not agreeing on the per-CPU flags, here's the code: https://paste.ubuntu.com/p/T3zGK2gJrZ/
<TJ-> the flag is #define IRQF_SHARED     0x00000080  so ttyS0 doesn't want to share but i8042 does
<lunaphyte> why do they end up sharing if ttyS0 doesn't want to?
<TJ-> You must be causing something to change, because: "[    0.759125] Serial: 8250/16550 driver, 32 ports, IRQ sharing enabled"
<lunaphyte> hmm.  i'm not sure what i could have done
<TJ-> what do you get from "cat /sys/class/tty/ttyS0/{flags,irq}"
<lunaphyte> 0x100000C0
<lunaphyte> 0
<TJ-> that seems strange, the C0 is 80 | 40 and we seem to have found 80 is IRQF_SHARED. I have not been able to determine what 40 is
<lunaphyte> just fyi, right now the irq is "0" [autoirq]
<lunaphyte> http://dpaste.com/1ZSTRTC.txt
<maddawg2> command line question...  what's a good way to copy a directory from one location to another AND see the progress of that copy?
<lunaphyte> rsync?
<maddawg2> will rsync display the progress in the shell?
<mybalzitch> --progress
<lunaphyte> that was the criteria you specified, right?
<lunaphyte> "see the progress of that copy"
<maddawg2> ah yea i see that switch
<zzlatev_> teward: no problem!
<zzlatev_> thank you for everything
#ubuntu-server 2019-02-03
<teward> zzlatev_: you're welcome (sorry I had errands all day)
<teward> zzlatev_: there should be an updated version now :P
<super_koza> Hi! Each time when I restart my server, or when network parameters change, the server isn't able to get a new IP address. I have to manually run dhclient in order to get an IP address.
<super_koza> Any idea what might be the issue here and how to solve it?
<blackflow> super_koza: what's your network configuration like? pastebin?
<super_koza> I haven't done anything network wise, after installing the OS.
<super_koza> What should I paste?
<blackflow> super_koza: your network configuration. if you're running a server, you must know what that is.
<super_koza> well I am not experienced, but I am willing to learn :)
<super_koza> or at least I am trying to learn
<blackflow> super_koza: default on ubuntu is netplan.io which is just a configuration abstractor for a backend. on server editions, the backend is networkd. can you can pastebin systemd-networkd config? It should be under /etc/systemd/network/<files here>
<blackflow> also please pastebin files under /etc/netplan/
<zzlatev_> teward: yes it is, once again - tnank yo for everything
<super_koza> @blackflow: Sorry, I was AFK
<super_koza> The folder /etc/systemd/network is empty, there is nothing there :)
<super_koza> In /etc/netplan/ there is only 1 file: 01-netcfg.yaml
<super_koza> Here it is: https://pastebin.com/tf9cQJk0
<super_koza> This is the network interface that I use: https://pastebin.com/4RcvHs40
<super_koza> Notice that it is called eno1
<blackflow> super_koza: that's your problem. netplan is configuring enp0s25 instead. I'd say just change that to eno1 in that netplan file  but the $32k question here is why did it change.
<super_koza> ok, thanks a lot
<super_koza> I will give it a try :)
<blackflow> run `netplan apply` after you change its config. might disconnect you if you're doing this over ssh.
<super_koza> The only explanation I have for the change is that it might have picked up a small USB dongle when I attached a monitor to it...
<blackflow> that's possible I suppose. there have been bug reports of NICs changing names after random hardware is added, removed. but usually it'd be something like different slot in the enp0sX form
<blackflow> nevertheless, you can force and bind the NIC name via its MAC address.
#ubuntu-server 2020-01-27
<lordievader> Good morning
#ubuntu-server 2020-01-28
<tomreyn> dropheaders: things will be different startinng 20.04 LTS: https://discourse.ubuntu.com/t/ubuntu-20-04-lts-survey/13616 https://discourse.ubuntu.com/t/server-installer-plans-for-20-04-lts/13631
<tomreyn> err not the survey link but this one https://discourse.ubuntu.com/t/please-review-design-for-automated-server-installs/11923
<dropheaders> oh nice
<dropheaders> thank you
<lordievader> Good morning
<yildizabdullah> I use Ubuntu Server (18.04.3 LTS)
<yildizabdullah> I cannot access gnome-terminal via VNC session
<yildizabdullah> There is an error as "Error constructing proxy for org.gnome.Terminal:/org/gnome/Terminal/Factory0: Error calling StartServiceByName for org.gnome.Terminal: Timeout was reached"
<yildizabdullah> in VNC log file
<yildizabdullah> My VNC xstartup file includes
<yildizabdullah> gnome-panel &gnome-settings-daemon &metacity &nautilus &
<yildizabdullah> sorry
<yildizabdullah> gnome-panel &
<yildizabdullah> gnome-settings-daemon &
<yildizabdullah> metacity &
<yildizabdullah> nautilus &
<yildizabdullah> I also get the following error when I start my VNC session
<yildizabdullah> gnome-settings-daemon: command not found
<yildizabdullah> I've already installed gnome-settings-daemon
<yildizabdullah> How can I fix this?
<weedmic> yildizabdullah: is the server setup to:  allow vnc connections, does the connector have an account on the server, does the server have gnome installed, there are a lot of possible problems.  can you connect with the same user via ssh?  if yes, that would narrow some things down.
<yildizabdullah> It was working yesterday
<yildizabdullah> Yes, I can connect to the machine via SSH
<weedmic> same user via ssh, but not vnc?  and it worked same user yesterday?  sounds like you may need to restart the VNC daemon on the server - but this is untrue if others can use VNC, then it sounds like an rights issue.
<yildizabdullah> I can open a VNC session, see my Desktop and access the filesystem from file explorer menu
<yildizabdullah> How can I post my log file here?
<yildizabdullah> Is there an easy way
<weedmic> so you see a "terminal" when you connect, if yes, did you try "startx" to get the desktop environment to start
<yildizabdullah> No,
<yildizabdullah> there is no terminal menu
<weedmic> then what did you mean by "my Desktop and access the filesystem" "Desktop"?
<yildizabdullah> sorry for misunderstanding
<yildizabdullah> I can see my Desktop
<yildizabdullah> and open emacs, gvim, etc.
<weedmic> what do you mean by "Desktop"?
<yildizabdullah> I see a toolbar at the top of the screen which only shows Applications and Places
<weedmic> do you mean that you do reach the server and gnome is working and that is what you mean by "desktop" - that you see gnome?
<yildizabdullah> I only see these two menu items
<weedmic> so gnome is working on remote server, but you are missing two "menu items" or "icons" - and they were there yesterday?  if yes, which two items?
<yildizabdullah> https://i.stack.imgur.com/S8feZ.png
<yildizabdullah> This is a screenshot of my screen
<weedmic> interesting, looks like "x" loads, but not the desktop environment.  is this remote server a VM?
<yildizabdullah> It is a VM and runs on top VMware vSphere
<weedmic> It may go away by rebooting the VM.  I have only seen this on VM servers running on windoze hosts.
<yildizabdullah> I tried rebooting VM dozens of times
<yildizabdullah> https://pasteboard.co/IS2TG3U.png
<yildizabdullah> This is the VNC log file
<weedmic> interesting - try #vbox (if it is virtualbox) - ppl there are pretty good at this.  I know nothing of windows and have not used it in aeons.  To me I believe you have a problem with the VM.
<yildizabdullah> OK thanks
<[fre]> Hello Guys, tomreyn, ... ;)
<weedmic> #vbox may be able to help you fix the VM - or at least help you prove it either is or is not the VM.
<[fre]> After checking the md5sum of the ISO-live-server 18.4.3... it seems I have the good download of a not booting VM.
<[fre]> The ISO keeps booting with a kernel panick, unable to unpack the initramfs.
<[fre]> on VMware that is.
<weedmic> when installing the media on the VM - did you pick the right environment / and simulated HW?
<[fre]> most probably, yes. :) It's pretty basic... I'll verify after noon. Just wondering what else I could have chosen that may block it.
<lordievader> [fre]: How is the ISO presented in the VM?
<weedmic> with this, the temperature of "what" is being measured/reported (by sensors)?  https://pastebin.com/GVni4J9u
<tomreyn> cpu cores, or i'm not getting the question right.
<weedmic> I also thought it was the CPUs, but that isa adapter thing threw me off.  I also don't get why it only counts some, there are 20 cores 40 threads, but I just figured they did not all have sensors.  tomreyn
<weedmic> If I were to delete ~/.cache/, and there is a directory in there called "systemsettings", I should lose all my icon placements, and other systemsettings? or is it just some temporary cache data that is really unimporant as those sets are saved in a .conf file?
<weedmic> delete not the directory, but the contents and subdirectories under .cashe/ - i was unclear
<lordievader> Cache should be cache. If the programmer respected that is something else. A safe way of testing this is renaming/moving the folder.
<[fre]> lordievader, tomreyn. It was caused by a machine that had been created with too small RAM. :) Ramdisk wasn't entirely extractable in RAM. (seems 256M is not enough these times :D ).
<tomreyn> [fre]: thanks for reporting back, and yes, your systems and VMs should comply with the documented minimum requirements. ;)
<sdeziel> 256M is a bit cramped indeed but if you use the -virtual kernel, IIRC that was still bootable
<sdeziel> [fre]: I have a small Bionic VM with 232MB assigned, runs decently OK ;)
<sdeziel> https://paste.ubuntu.com/p/TvNR4MRd6j/ nginx is super light in RAM ;)
#ubuntu-server 2020-01-29
<doug16k> lol @ that paste from earlier -> https://pastebin.com/GVni4J9u  (4.29 megawatts eh?)
<doug16k> SI units are hard apparently
<mybalzitch> I wish my psu reported to sensors
<doug16k> I can see per core and package wattage on my cpu: https://gist.github.com/doug65536/e4c371b0e75f073bea8e3b6ccd6ed189
<doug16k> you sure that isn't the RAPL reading from the cpu in his paste?
<doug16k> ^ 3950X btw
<mybalzitch> what args are you using
<doug16k> none
<mybalzitch> also nice chip
<doug16k> just sudo turbostat
<doug16k> my 2700X didn't have it. the joule counter thing is new in zen 2
<doug16k> the cores are ~5 watts pegged at around 4.3GHz-4.7GHz
<doug16k> a friend of mine with a 24 core xeon said his 3950X beats it by a significant margin in compilation workloads
<doug16k> two socket 12 core I think
<mybalzitch> yeah I have a 2 socket 8 core, and a 3950x blows me out of the water
<lordievader> Good morning
<uzee> Hi, has anything changed on the Ubuntu preseed installation? I've using the same netboot image and a preseed file for Ubuntu 18 but for some reason its failing today and I see a message "mirror does not have any suite symlinks"
<uzee> I tried the solution suggested in https://bugs.launchpad.net/ubuntu/+source/choose-mirror/+bug/600789 and changed 'mirror' to 'choose-mirror' in the preseed file but still failing
<ubottu> Launchpad bug 600789 in choose-mirror (Ubuntu) ""d-i mirror/*" does not work on presseding" [Undecided,Confirmed]
<uzee>  the netboot image is 18.04, the preseed file does not specify the release, the mirror lines just have ubuntu
<uzee> After about 20-25 minutes I also see a warning in the ALt+F4 console saying: mirror does not support the specified release (bionic)
<isostatic> Just built from my normal iso, preseed file contains
<isostatic> d-i mirror/country string manual
<isostatic> d-i mirror/http/hostname string gb.archive.ubuntu.com
<isostatic> d-i mirror/http/directory string /ubuntu
<isostatic> d-i mirror/http/proxy string
<isostatic> That worked fine
<isostatic> I've used preseed/debian-installer to build new machines (via pxe/iso/syslinux) for a decade or so. That method is vanishing in 20.04 and being replaced by subiquity. Is there any instructions on how to make automated installs? The subiquity github readme seems to be about changing the installer gui (and still seems rather buggy), but I just want to automatically answer a bunch of the questions
<tomreyn> isostatic: here'sa (non-official) volunteer response: https://community.ubuntu.com has, in the server section, two threads (one current, another a bit older), which disucss properties of the implementation that's currently under development, including links to documentation.
<tomreyn> i.e. https://discourse.ubuntu.com/t/server-installer-plans-for-20-04-lts/13631 https://discourse.ubuntu.com/t/please-review-design-for-automated-server-installs/11923
<isostatic> Aye, I saw those, and it all sounds fine - I'm not averse to using something new as I'm sure there are use cases where it's far better, I was just looking for the instructions for the beta so I can be prepared ahead of April
<isostatic> (I'm surprised it hadn't debuted in 19.10 as it's a fairly major change)
<tomreyn> isostatic: i had also expected a major change like this to go into 19.10, but i think the people in question were working on other things at the time, and canonical wants to have a single server installer for 20.04 so it probably needs to happen now. so you spotted this as well? https://wiki.ubuntu.com/FoundationsTeam/AutomatedServerInstalls#The_format_of_an_autoinstall_file
<tomreyn> it says "This document is entirely a description of something that does not yet exist" on top, but i'm not sure that's actually still so, which the "Server installer plans for 20.04 LTS" thread seems to hint at.
<smoser> bryce or rbasak https://code.launchpad.net/~smoser/usd-importer/+git/usd-importer/+merge/378282
<smoser> and congrats on a release.
<bryce> smoser, thanks
<tomreyn> isostatic: https://github.com/CanonicalLtd/subiquity/pull/625
<tomreyn> (looks like the code was lacking a review - which it just got today)
<sdeziel> anyone knows which kernel is supposed to make it in 20.04? I see 5.4 is in ATM but 5.6 should be released at most in early April and I'd like to have it in a LTS for the mainline Wireguard support ;)
<powersj> sdeziel, kernel freeze is April 9 so I believe 5.4 is the final choice.
<isostatic> tomreyn: yes, I was hoping something might be in some form publically available by now, I guess there's a few months to go though
<sdeziel> powersj: thx
<sarnold> sdeziel: I understand that zx2c4 is trying to provide a dkms module for us for 5.4
<sdeziel> sarnold: as in not requiring the wireguard-ppa ?
<sarnold> sdeziel: I believe that's the intentino, yes
<sdeziel> sarnold: cool. I then wonder why DKMS is involved at all. Why no do like what's done for ZFS modules?
<sarnold> sdeziel: my understanding gets fuzzy but it might work out very similar to zfs in practice
<sdeziel> sarnold: very nice, looking forward to get my hands on this! Thanks!
<sarnold> sdeziel: yeah I want to give it a shot too, but .. am lazy.
<sarnold> sdeziel: (which is how my zfs experience went; I wanted to try it but waited until it was in an ubuntu kernel build..)
<sdeziel> hehe, I had the opportunity to try the Wireguard PPA for a project. I love it except for the DKMS part. Wireguard is simple and elegant
<sdeziel> having systemd support built-in Bionic made that relatively painless
<sarnold> nice
<sarnold> I'm still worried about what'll happen when it comes time to deploy new algorithms
<sarnold> because there's always a time when new algorithms need to be deployed
<sdeziel> yeah, that's the main concern I'm hearing from others
<octav1a> Hey, does anyone know if there is any service that is able to store versioned binary files? (without duplicating them fully if there are only small differences)
<teward> octav1a: you're basically looking for Version Control Systems (git, etc.) but they won't keep the deltas in 'small diffs' as much especially for binary (blob) data files.
<octav1a> yes, I have tried git but I don't really need something that featurefull.
<octav1a> Also as you say it relies more heavily on snapshots
<octav1a> I guess might have to end up starting a new project for something like this lol
<sarnold> octav1a: hopefully helpful to you https://github.com/google/open-vcdiff http://xdelta.org/
<octav1a> sarnold: that looks like a nice start ; not sure how best to compare these two. I think I might still need to build a service on top of it.
<octav1a> Thanks for the suggestions!
<sarnold> octav1a: I think I read both of them once let me look around to see if I took notes
<sarnold> octav1a: bummer, I only looked at xdelta3. It felt like it was a bit rough. (The sort of thing you expect from ~25 year old code)
<octav1a> lol
<ridik> Is there a way to get Ubuntu server on a 32 bit Laptop?
<sarnold> ridik: yeah http://old-releases.ubuntu.com/releases/16.04.5/
#ubuntu-server 2020-01-30
<ridik> sarnold: thx
<tomreyn> sarnold: there's also .6, still on releases: http://releases.ubuntu.com/releases/16.04.6/
<tomreyn> (ridik's gone)
<sarnold> tomreyn: ugh
<sarnold> tomreyn: we have too many download sites
<tomreyn> :)
<sarnold> tomreyn: I plain couldn't recall the name releases.ubuntu.com. :(
<sarnold> I've spent half an hour over the last two weeks trying to find "all the download sources" because they all have different subsets of installers and images and so on
<tomreyn> there are a lot of subdomains, and not just the servers' hostnames.
<tomreyn> i tend to loose them, too.
<tomreyn> i think generally everything that's still at least inofficially ESM supported is still on releases.u.c and only the *really* old stuff moves to old-releases.u.c now. and then there is cdimages.u.c and ports.u.c and probably something else i forgot
<tomreyn> actually ports.u.c. are a different category, like archive.u.c but for non amd64 (and non i686). however, some installers are only on the archive mirrors. :)
<sarnold> cdimages was the easy one to remember :)
<sarnold> I also wish we had a single place to rsync all of ports.u.c. and archive.u.c -- there's no good way to have a consistent mirror of the contents of both of those, sharing data where possible :(
<sarnold> since I've got ppc64el, aarch64, and amd64 in the house, it'd be super to have a single mirror with all three
<tomreyn> couldn't you just have /ports/ next to /archives/ ?
<tomreyn> they'd still be separate but on the same hostname and next to one another at least
<tomreyn> oh you're probably thinking in terms of automation where youcould just set a $arch variable, i see.
<sarnold> tomreyn: well, that and it'd be super-nice to not duplicate all the arch-indep files
<sarnold> tomreyn: zfs dedup could do it but at great cost to memory
<sarnold> tomreyn: .. and it'd still involve downloading two copies of all arch-indep packages
<tomreyn> oh right the arch independant packages, there are some. i don't know how much disk space and how many FSO's they sum up to as opposed to arch dependant, but i guess it certainly slows down the rsync having to copy any of those twice.
<tomreyn> i'm not sure how good it is but there are other deduplicating file systems other than zfs (and not all of them consume much ram, i think). btrfs can do it (but not sure how stable) and redhat open sourced VDO: https://www.marksei.com/vdo-linux-deduplication/
<sarnold> I've got at least 380 gigs of *_all.deb packages on my mirror right now
<sarnold> funny thing, locate '*all.deb' | xargs ls -l  ... emitted *tons* of file not found errors; I wonder what's busted now :)
<tomreyn> need to run updatedb ;)
<sarnold> and come back tomorrow :)
<sarnold> -rw-r----- 1 root mlocate 4985480349 Jan 29 07:17 /var/lib/mlocate/mlocate.db
<sarnold> very curious
<tomreyn> 4.64 GB, not bad
<tomreyn> apparently VDO is also rather ram hungry
<sarnold> http://paste.ubuntu.com/p/fNFmSVZN2S/
<tomreyn> hmm, outdated kernel packages, but the others, i wouldn't know
<tomreyn> http://archive.ubuntu.com/ubuntu/pool/main/f/freeradius/freeradius-common_3.0.20+dfsg-3_all.deb is a 404, but freeradius-common_3.0.20+dfsg-3build1_all.deb exists.
<sarnold> 2020-01-28 14:18
<tomreyn> i feel like i'm a happy person who does not need to understand those details and can just head to bed now. :)
<sarnold> tomreyn: that sounds like an excellent plan!
<tomreyn> sarnold: even greater when you make it happen!
<sarnold> tomreyn: I wish you great success in your plan :)
<sarnold> as I should also find some dinner and exercise
<tomreyn> and good luck with yours!
<sarnold> :D
<tomreyn> https://www.youtube.com/watch?v=7CGr5LEAfRY https://github.com/dm-vdo/kvdo/blame/master/README.md#L80 (out of tree modules so far). and really gone. :)
<sarnold> haha nice find :) thanks
<sarnold> 1.65T completed (3240MB/s) estimated time remaining: 315079hr 55min 15sec
<sarnold> sheeesh. Maybe I don't want to know stats on this afterall :)
<lordievader> Good morning
<bcx> Hi i'm trying to preseed bionic from whith a floppy containing the d-i selections. Seems like netboot 18.04 has floppy driver but doesn't automatically mount fd0. Is there any way to ask so from boot params ? Thx
<bcx> alternatively, a solution enabling running arbitrary command (mount /dev/fd0 /media) from boot params would be accepted :)
<ahasenack> cpaelzer: are you familiar with setting up nvdimm devices in qemu/libvirt? I followed rafaeldtinoco's template, but can't get some commands to work, like enable-namespaces, or create-namespaces, I'm wondering what I'm missing. strace didn't show anything obvious
<ahasenack> https://pastebin.ubuntu.com/p/HMtXy2yqDT/ my xml
<ahasenack> commands: https://pastebin.ubuntu.com/p/hjNCFBjykH/
<ahasenack> maybe I'm missing /dev/pmem* devices
<sdhd-sascha> Hi, which daily ubuntu-server 20.04 image is usable for installation ? i already tried some. But didn't had luck yet
<sdhd-sascha> I want to reinstall, because my ZFS has crashed SSD for the log device. After that it won't boot. It was 18.04 before. Upgrade to 20.04 didn't resolve `apt & dpkg` dependencies. Now i try to install a fresh 20.04.
<sdhd-sascha> Don't need a stable version. Just want to try 20.04 now
<ahasenack> what faileD?
<sdhd-sascha> My raid-controller said, something about foreign disk. After cleaning that in the raid-controller, uefi said something like "ubuntu unavailable" ...
<sdhd-sascha> It's a no-name SSD. Wich wasn't supported my server firmware.
<sdhd-sascha> by
<sdhd-sascha> ahasenack: You mean, with the installer ?
<ahasenack> yes
<sdhd-sascha> Oh, well. One time xz-compression didn't work. Other time the /cow couldn't get mounted. Lastly squashfs error . Not sure, if it's usb 3.0 stick with usb 2.0 port...
<sdhd-sascha> Maybe i try a usb 2.0 stick, to be sure
<tomreyn> bcx: maybe you want something like https://www.debian.org/releases/stable/amd64/apbs02.en.html#preseed-auto rather
<sdhd-sascha> This is the version, which i try currently: http://cdimage.ubuntu.com/ubuntu-server/daily-live/20200129/
<ahasenack> sdhd-sascha: that's odd indeed, did you verify the hash of the downloaded image?
<sdhd-sascha> yes, gpg and sha256sum. But only on filesystem. Didn't know if i could check this after copying to usb.
<sdhd-sascha> ahasenack: well... Seems to be the usb-port on my current host. Because on copying the stick didn't blink ... Hmm, weird. Wait i try another machine or port...
<sdhd-sascha> I already, have trouble with this usb-port. Didn't find the cause, yet
<tomreyn> is this server hardware? got an OOB access / networked KVM system with 'virtual media' / cdrom?
<tomreyn> alternatively https://unix.stackexchange.com/questions/75483/how-to-check-if-the-iso-was-written-to-my-usb-stick-without-errors
<sdhd-sascha> tomreyn: the machine, with the strange usb-port is a small `zotac`. (Sometimes the usb port works, for only one time. If i do a shutdown, and remove the ac-power. After that, Linux 5.3 boots and the port works again... )
<sdhd-sascha> The other server is a dell
<sdhd-sascha> tomreyn: thank you :-)
<sdhd-sascha> Now i use another machine for usb copy... I will report, if the installer works now.
 * sdhd-sascha usb blinks now, on copying. how expected ;-)
<ahasenack> :)
<tomreyn> sdhd-sascha: if the dell got an idrac it may have virtual media support so you could mount the iso to the server 'directly' over network, assuming that is stable.
<sdhd-sascha> tomreyn: that's true. But there's maybe another machine here. Without an idrac
<tomreyn> but i guess the usb method works, too, if data is actually written to it. ;)
<sdhd-sascha> :-) yes... it's still copying... Seems to work better now ;-)
<sdhd-sascha> But crazy, that the installer has booted.
<sdhd-sascha> tomreyn: Normally, i would use maas for installation. But that's the other machine, which makes trouble today ;-)
<tomreyn> things could be so easy if things would just work. :)
<sdhd-sascha> :-)
<sdhd-sascha> i have here an error: `ACPI: SPCR: unexpected SPCR Access Width. Defaulting to byte size` . Can i ignore this on boot ?
<cpaelzer> ahasenack: ah here you actually asked :-)
<cpaelzer> ahasenack: https://libvirt.org/formatdomain.html#elementsMemory
<ahasenack> sorry
<ahasenack> too many channels
<cpaelzer> ahasenack: if you use a qemu built with pmem, then you should be bale to set <pmem/>
<cpaelzer> ahasenack: inside the <source> element of the nvdimms
<sdhd-sascha> Is there a way to configure keyboard repeat in the python terminal installer ?
<ahasenack> cpaelzer: I'm wondering if I can get away with not doing that rebuild by rebooting with the memmap trick in the kernel cmdline
<sdhd-sascha> It hangs sometimes
<cpaelzer> ahasenack: depends on what you actually want to test atm
<ahasenack> I seem to have gotten the nvdimm devices, backed by files on the host
<ahasenack> but kilobyte tells me that "persistence_domain":"unknown" says it's not recognized as pmem
<ahasenack> so I need this other layer
<cpaelzer> ok, the qemu part is about AFTER you have whatever you miss to then  use things for your guest
<cpaelzer> but I don't know the trick tinoco used to get it working in the tests
<cpaelzer> I also thought the kernel commandline to fake some would be the main part
<cpaelzer> seems there might be more
 * cpaelzer is re-reading the inbox
<ahasenack> ok, this is my cmdline: https://pastebin.ubuntu.com/p/X5V7vz9BhF/
<cpaelzer> which is fine for faked nvdimms
<sdhd-sascha> tomreyn: ahasenack: thank you. It works now. (The keyboard repeat, was also normal now ;-) weird)
<cpaelzer> at least I'd think so
<ahasenack> sdhd-sascha: nice
<cpaelzer> ahasenack: the pmem in the domain xml will add pmem=on to the commandline
<cpaelzer> and a non rebuilt qemu will tell you "I can't do that"
<tomreyn> sdhd-sascha: you're welcome. SPCR is the serial port console redirection ACPI table. so unless you're installing through a serial console you can probably ignore it during installation.
<ahasenack> let me ask him on telegram
<cpaelzer> ahasenack: can I log into your system to work with you there?
<cpaelzer> I have found old notes between me and tinoco
<ahasenack> hm, not trivially
<sdhd-sascha> tomreyn: thanks :-) At the moment no serial console
<ahasenack> I could move the vm to diglett
<ahasenack> migration and sutch
<ahasenack> does that work nowadays? :)
<cpaelzer> like live migrating?
<cpaelzer> it would work if you had shared storage
<ahasenack> doesn't have to be live
<ahasenack> shut down, copy over, bring up
<ahasenack> a big copy, yeah
<cpaelzer> that should be ok
<ahasenack> xml + img
<ahasenack> cpaelzer: I got a hold of tinoco
<ahasenack> he thinks he used a ppa you setup for the mir
<ahasenack> so it must have been linked with pmem
<cpaelzer> that might explain
<cpaelzer> I don't remember a PPA for it TBH
<ahasenack> if the mir succeeds, we would have that in focal, and require the security team to use focal when testing this
<cpaelzer> yes
<ahasenack> or I could try the memmap cmdline trick
<cpaelzer> yes
<cpaelzer> the only PPA in that regard which I know is https://launchpad.net/~rafaeldtinoco/+archive/ubuntu/lp1853506
<ahasenack> cpaelzer: he may have been using debian as the host, hence, debian's qemu
<ahasenack> cpaelzer: n00b libvirt migraton user here
<ahasenack> cpaelzer: the "Migrate" option is grayed out in the context menu of the vm I want to migrate, in virt-manager
<ahasenack> cpaelzer: but it's available in the running vm
<ahasenack> live-migrate is the *only* migration option?
 * ahasenack resorts to virsh
<ahasenack> cpaelzer: any tip here? virsh -c is fine with that url, but not virsh migrate: https://pastebin.ubuntu.com/p/MYY5W4Sbrp/
<cpaelzer> ahasenack: reading ..
<cpaelzer> with all those firewalls you never know
<cpaelzer> ahasenack: you can push it to a real file
<cpaelzer> virsh save bionic-nvdimm > bionic-nvdimm.state
<ahasenack> "host key verification failed" seems to be an ssh issue, but virsh -c worked just fine :/
<cpaelzer> also dumpxml (to virsh define the content on the target)
<cpaelzer> copy all that is shown in 'virsh domblklist bionic-nvdimm' as well
<cpaelzer> once all those (state, disks, xml defined) are in place
<cpaelzer> you can restore via
<cpaelzer> virsh restore bionic-nvdimm.state
<cpaelzer> otherwise you'd need ssh keys and all that between the daemons and so on
<cpaelzer> I guess if just you copy the files you might be better off on a one shot action
<sdeziel> ahasenack: I'd be curious to see a strace of that 'virsh migrate', I wonder how SSH is invoked
<ahasenack> I'll try
<ahasenack> I'll need sudo for the strace, which will change the user, ssh key is not in /root/.ssh/, etc
<sdeziel> I don't know the --p2p option but it sounds as if libvirt was going to try to reach the other QEMU itself and would thus have problem reaching your key
<sdeziel> ahasenack: you can strace your own processes
<ahasenack> hm, I don't see an exec for ssh, it must be the libvirt-daemon doing it
<sdeziel> or have root strace your running user's process
<sdeziel> check apparmor messages in dmesg
<ahasenack> that is clear
<sdeziel> hmm
<ahasenack> with virsh -c, strace shows it calling ssh
<ahasenack> but not with virsh migrate
<ahasenack> that must be going through the daemon
<ahasenack> tracing that
<ahasenack> yeah, got something tracing the daemon
<ahasenack> it's the libvirtd daemon calling ssh, and the user it's running as probably isn't me :)
<ahasenack> 10950 openat(AT_FDCWD, "/root/.ssh/config", O_RDONLY) = -1 ENOENT (No such file or directory)
<ahasenack> it's root, obviously
<ahasenack> meh
<ahasenack> so to migrate, the user running libvird (root) needs to have access to my ssh key, its known_hosts, needs to be clean, etc
<sdeziel> shouldn't the above come with a lot of noise from Apparmor?
<ahasenack> libvirtd not being able to read /root/.ssh, when it's running as root?
<sdeziel> yeah, I wouldn't expect it to have access there
<ahasenack>   # Very lenient profile for libvirtd since we want to first focus on confining
<ahasenack>   # the guests. Guests will have a very restricted profile.
<ahasenack>   / r,
<ahasenack>   /** rwmkl,
<ahasenack> that's in /etc/apparmor.d/usr.sbin.libvirtd
<sdeziel> I would have maybe appreciated to have an include of abstractions/private-files-strict :)
<sdeziel> ahasenack: is it the same behaviour without --p2p ?
<ahasenack> --tunneled requires --p2p
<ahasenack> I didn't try without --tunneled, let me check
<ahasenack> $ virsh migrate bionic-nvdimm qemu+ssh://andreas@diglett/system --offline --persistent --copy-storage-all --verbose
<ahasenack> error: operation failed: domain is no longer running
<ahasenack> what has that got to do with anything
<ahasenack> same thing without --offline
<ahasenack> why does it have to be running. Isn't live migration harder?
 * ahasenack gives up
<sdeziel> ahasenack: maybe the order of those arguments matters?
<ahasenack> I'm too used to lxd's migration
<ahasenack> that's really easy, lxc copy <src> <dst>
<sdeziel> yeah :)
<sdeziel> rejoice, lxd now supports driving VMs :)
<zetheroo> to save the iptables over reboot all I need to do is 'iptables-save' ?
<zetheroo> or is there something else as well?
<sdeziel> zetheroo: it depends on what you use to manage your rules. I recommend the iptables-persistent package that makes it easy to persist rules between reboots
<zetheroo> I just entered some new rules and want to save them over reboot. Here https://help.ubuntu.com/community/IptablesHowTo#Saving_iptables it says to just use 'iptables-save' ...
<zetheroo> the 'iptables-persistent' method looks like a more work ... ok
<zetheroo> *or?
<sdeziel> zetheroo: it you use the command iptables-save, you then need to call the iptables-restore on the next boot, that's what iptables-persistent does for you
<sdeziel> zetheroo: that help page is a bit dated as it assumes ifupdown which may or may not apply depending on which Ubuntu version you are using
<zetheroo> oh
<weedmic> you can also save ip-tables to a file and reset it when needed, you can create a script like if condition a exists run tables-a, if b, then b.  iptables are awesome
<blscoe> hi, I would like to know if exist a way to get access control of a website using PHP Sessions and Apache? I would like to control access using deny and allow access content in Apache basing on user PHP session information. Can anyone suggest a good material to do that or another suggestion to control access to a group of websites in apache? (I have many Wordpress instances on subdomains and I would like to control the access to al
<blscoe> l this sites.)
<blscoe> I will have a page of login and after the user login they will redirect to the main page with the links of all subdomains.
<weedmic> odd, i don't see biscoe having exited the kamer
<weedmic> blscoe: nvm - it was an "l" - do you mean like restricing ALL access to a website ONLY to those with ssh (or something)?  or just those with root privlidges?
<blscoe> weedmic: it is a front-end cenario, the users is people that will see the page, not modify. But only users that have a password and username (I have a PHP and database for this.) So I would like to restrict the access to the webpages in my server.
<blscoe> So, when a people make a http request, this will be block if he don't have a php session open.
<blscoe> It is that I want to do.
<blscoe> But I don't know what do.
<weedmic> why not use ssh and set your router to reject attemps that do not have an approved key (or use port knocking)?
<weedmic> under that scenario they could never get to the webpage.
<weedmic> unless they had a valid key/account.
<blscoe> but how the user can get access to the web page via ssh using a browser?
<sdeziel> blscoe: that's usually not done at the apache level but with PHP itself
<sdeziel> blscoe: if you really want to do it with apache, cookies are available and you can probably hack something similar to https://httpd.apache.org/docs/2.4/howto/access.html#rewrite
<blscoe> sdeziel: my problem is that the webpage can accessed typing the direct url. For this reason I think in use apache restrictions.
<sdeziel> https://httpd.apache.org/docs/2.4/howto/access.html#env is probably a better fit but that's really not where your access control logic should reside IMHO
<weedmic> blscoe: first of all, a website should be on it's own router (imho) and not inside the real network, second you set the dtu (that box you get from your provider) to send all traffick to your gw/portal/fw.  make the gw/portal/fw a linux machine which has only one function, to have ssh on it, and restrict the ssh via iptables to allow only approved accounts (maybe after 5 failed attempts - block the incoming ip), then that fw machine sends the
<weedmic> approved traffick to the actual webserver.  which I always make a live linux machine (DVD0) and the website (DVD1).  you can replace DVD1 whenever you want (since linux lets live swapping) to update your site's pages.  it's not that rare a thing.
<weedmic> or use something like aws who will do it all for you (for a fee)
<blscoe> sdeziel: I understand. Do you suggest that the logic control stay in a software layer, like intercept the requests like a PHP control layer? My problem is, how to hide of the user the real address of the pages.
<blscoe> weedmic: this is not that I expected, but I like this kind of solution. Is this like a ssh tunneling?
<sdeziel> blscoe: trying to hide a URL is useless, it provides 0 security
<blscoe> sdeziel: for this reason I think in block the access via apache, not hide the url.
<blscoe> If the user get the url he can access.
<sdeziel> blscoe: we agree that there is a need to block the access when the user is not authorized. What I'm saying is that logic is best done inside PHP itself
<sdeziel> blscoe: or if you want something simpler, there is always HTTP authentication that can be done by Apache
<blscoe> sdeziel: thinking... :)
<blscoe> sdeziel: oh. my problem is that I have multiples sites over a single domain. Implement an authentication for a single site I can realize, but for many I cannot think in a way to control it. Maybe restrict the access to the internal network is a good idea.
<weedmic> ?maybe? - :D
<sdeziel> blscoe: you can do per URI path authentication with apache. Doesn't matter if all your sites are using the same domain
<sdeziel> blscoe: you can also use IP ACLs in your apache config/vhost definition
<weedmic> blscoe: there are may approaches and this really sounds to me like at least one long scrum session would be necessary to figure out exactly what you want, present what could be done, and let you pick the path.
<blscoe> ok. I got some informations here, I will seek more about that you said and try do something. It is my hobby project, so I need to do all thinks in my free time. But thanks for the tips and suggestions guys! Helped me a lot.
<blscoe> sdeziel: I made a simple solution to deny access to all files in my apache server with htpasswd function. In the future I will need to implement a more sofisticated solution, but it works for now. When a user access the site the browser shows a popup asking for the user and the password to get access. You can create an user with a command line and the users and password are storaged in a file called htpasswd. You can implement the
<blscoe>  access control for a entiry directory changing the specific site configuration in /etc/apache2/sites-available/site.conf or only a specific folder using the file .htaccess in the desire folder (after you enable the "AllowOverride All" option.)
<blscoe> For references: https://httpd.apache.org/docs/1.3/howto/auth.html and https://www.interserver.net/tips/kb/apache-htpasswd-authentication-ubuntu/
<blscoe> There are limitations for logout control, but are a trick to force logout. You need force the user access the url with another user request, like http://username:password@example.com/ to change the user and force the user to send again your user and password.
<sdeziel> blscoe: good. You probably are not running Apache 1.3 though ;)
<blscoe> No. :P (Old references, sorry.)
<blscoe> But works here and it justs for understand.
<blscoe> I will consulting the update references...
<blscoe> ...only for curiosity. :D
<blscoe> Here: https://httpd.apache.org/docs/2.4/howto/auth.html
<blscoe> sdeziel: I see that and I remember of you: " For general access control, see the Access     Control How-To."
<blscoe> :D
<blscoe> Thanks!
<DSdavidDS> I am getting an issue as described in this post: https://askubuntu.com/questions/881175/why-installtion-fails-when-preseeding-the-partitioning-method. Has anyone run into something similar?
<DSdavidDS> To answer a question in that post, I am booting legacy. I have also tried 'partman-auto/method string lvm' as well as 'partman-auto/method string regular' with the same result
<DSdavidDS> https://xkcd.com/979/
#ubuntu-server 2020-01-31
<lordievader> Good morning
<catphish> i'd like to configure an ethernet interface with a /32 primary IP and /24 secondary IP, will ifupdown let me do this?
<catphish> or am i better off configuring the /24, then adding the /32 and updating the source IP for routes afterwards?
<lordievader> Believe so. IIRC you can simply add two "address" specifications.
<catphish> i didn't know what was even possible! i've always used post-up commands for secondary IPs  in the past
<catphish> alternatively i guess i can just add the /24 with ifupdown normally then add the /32 as an extra IP, and default route with the custom source IP in a post-up
<catphish> the aim is to have a /24 LAN IP, but then a /32 IP for outbound WAN traffic
<catphish> which IP is primary is probably irrelivant to the source on the defaut route anyway
<catphish> thanks, i'll have a play
<catphish> turns out i'm an idiot, these servers have netplan
<catphish> so i just need to work out how to choose the source IP for the default route in netplan
<coreycb> sahid: python-tabulate (git)merged and uploaded to focal. thanks for the updates.
<tomreyn> so... 2.5 months to go for autoinstall to be implemnted, tested, serious bugs to be fixed. is this actually realistic?
<tomreyn> 18.04 LTS's server installer was a mess, I have a feeling it'll be the same in 20.04 :-/
<sahid> coreycb: ack, thanks for the review
<sdeziel> tomreyn: someone's working on this ATM, see https://discourse.ubuntu.com/t/server-autoinstall-design-questions/14207
<tomreyn> sdeziel: yes, and my calendar says january 31st
<tomreyn> i'm glad it's being worked on, though
<tomreyn> there once used to be a principle (or just a goal?) to get major changes into the release before an LTS, and this semed to make a lot of sense.
<tomreyn> anyways, this is the wrong place to spread a bad mood, i'm just disappointed with where ubuntu is heading. will move it elsewhere.
<rbasak> tomreyn: let's wait for the outcome. The installer is a little special here - it can now be updated out of band of Ubuntu releases. Not being directly involved with it I'm not sure what the plans are around that, but it does mean that the usual risk is reduced. The usual hard deadline is feature freeze anyway, and we're not there yet.
<tomreyn> I can't live update the installer on airgapped systems (yes, can be a corner case). I'll not be able to wait, but will certainly watch.
<isostatic> I'm reserving judgement tomreyn, but in theory if the installer didn't work until August, a working server CD / etc with 2004 could be released then
<tomreyn> isostatic: sure, if it'll be ready then, but ideally in april.
<rbasak> isostatic: but wouldn't you want the ISO to remain...static? :-P
<isostatic> My build ISO hasn't changed since 2008, other than a new initrd and kernel and menu item every 2 years :D
<isostatic> (Actually I lie, I did update isolinux to use a pretty menu about 4 years ago)
<sahid> coreycb: cinder for focal in ready in my repo
<johnfg> hi folks
<johnfg> The installation of 19.10 server, LAMP pkg, installed mysql vs. mariadb.  Is mysql what's 'expected' on ubuntu vs. mariadb?
<quadrathoch2> mariadb is the expected LAMP stack johnfg
<sarnold> johnfg: that's your choice; mysql is in main, so there's more testing around it, but the mariadb updates provided by a community member are usually pretty timely
<johnfg> quadrathoch2: Coming from debian buster, I thought so too.  However, mysql is installed and not mariadb.
<quadrathoch2> johnfg: welp what sarnold said, I didn't even know :) so here you go
<johnfg> I guess since it's here installed, unless I have problems, I'll stick with mysql.
<johnfg> Truly, I've not found very much, if any, difference between the 2, in executing anything.
<sarnold> johnfg: just be sure you don't try to swap between the two just for fun :)
<sarnold> something like 80% of the bugs I see on both in launchpad come from folks who have tried swapping between them on the fly, or try one and then the other
<sdeziel> IIRC, only mysql has an Apparmor profile shipped by the package
<sdeziel> I remember the mariadb maintainer trying to get one too but I don't think it happened yet
<sarnold> yeah, having a profile in one but not the other is like 60% of those bugs
<johnfg> Good advice!  Thanks!
<sarnold> (otto's even been working on upstream apparmor project to try to improve the notifications around apparmor denials :)
<johnfg> I just noticed, working on the same thing, that in ubuntu, as it was on debian, root is the owner.group of /var/www.  On debian, I changed everything to www-data.www-data.  Should this be on ubuntu-server as well?
<sdeziel> sarnold: I guess you were right about wireguard ending up in 20.04 kernel: https://www.phoronix.com/scan.php?page=news_item&px=Ubuntu-20.04-Adds-WireGuard
<sarnold> johnfg: I think the webserver process should only have write access to log files and database sockets; maybe an upload directory if it runs an application that lets users upload..
<sarnold> yay :)
<johnfg> typo3 9.5.13 won't work with mysql, but will with mariadb.  If I want to stick with mysql, I'll have to wait for the point version of typo3-cms-10 to come out in the spring.
<orentanay> I have a local ubuntu apache2 server for testing websites, but i'm having a very hard time getting self signing ssl to work. Can someone look at my config files and see if i'm doing something wrong? https://pastebin.com/DPZMJkBN  thanks.
<sarnold> orentanay: fix the connection error before working on tls
<sdeziel> orentanay: have you installed PHP 7.1 from a PPA by any chance? 18.04 ships with 7.2
<orentanay> yes, I installed 7.1
<sdeziel> why?
<orentanay> this works just fine in http without the redirect
<orentanay> b/c I'll need to work with Magento 2.2, and it's only 7.1 compatible
<sdeziel> ah OK
<sdeziel> orentanay: pastebin the output of "apache2ctl -S"
<orentanay> it wasnt my call, but we migrated just before Magento announced they were discontining support for 2.2, and now we have to migrate to 2.3. not a great day.
<orentanay> ok, one sec.
<orentanay> wow, that was interesting...
<orentanay> AH00526: Syntax error on line 48 of /etc/apache2/sites-enabled/mysite-ssl.test.conf:
<orentanay> SSLCertificateKeyFile: file '/etc/ssl/private/mysite.test-selfsigned.key' does not exist or is empty
<orentanay> Action '-S' failed.
<orentanay> The Apache error log may have more information.
<orentanay> I may have misplaced a file?
<tomreyn> does the SSLCertificateKeyFile exist then?
<orentanay> checking...
<orentanay> yes, it's there, and it's not empty
<orentanay> right next to ssl-cert-snakeoil.key
<tomreyn> and if you run    file    against it it says?
<orentanay> cannot open, permission denied. I see that the user:group for snakeoil is root:ssl-cert and for my key its root:root
<orentanay> could it be as simple as the wrong group?
<tomreyn> apache httpd on ubuntu normally starts up as root so it can read those files, spawns child processes which drop privileges (IIRC)
<tomreyn> so unless it's not got the read bit set (chmod-wise) i *think* it should be readable to root
<tomreyn> so when you    sudo file   it, it says?
<orentanay> ASCII text
<orentanay> the snakeoil file has permissions -rw-r----- and my file has -rw-------
<tomreyn> hmm, and if you     sudo head -1 /etc/ssl/private/mysite.test-selfsigned.key | hd     does it return readable text?
<orentanay> yes
<tomreyn> also run file and head -1 against the snakeoil key and compare
<sdeziel> sudo openssl rsa -in /etc/ssl/private/mysite.test-selfsigned.key -noout; echo $?
<sdeziel> should return 0 unless you use something fancy like ECDSA
<orentanay> tomreyn, identical output.
<tomreyn> sdeziel's approach is better.
<orentanay> it returned 0
<sdeziel> orentanay: next op is comparing this: openssl rsa -in /etc/ssl/private/mysite.test-selfsigned.key -noout -modulus | md5sum
<sdeziel> orentanay: with openssl x509 -in /etc/ssl/certs/mysite.test-selfsigned.crt -noout -modulus | md5sum
<tomreyn> i also like inspecting -text
<sdeziel> orentanay: invoke those oenssl commands with sudo
<sdeziel> tomreyn: agreed for the x509 one
<tomreyn> right
<orentanay> trying it now.
<orentanay> they output is identical
<sdeziel> orentanay: what happens if you use the snakeoil cert and key instead?
<orentanay> I haven't tried that, yet
<orentanay> just tried it, and I got the same result
<orentanay> I made sure to restart apache before testing
<sdeziel> orentanay: apachectl -S still complain even for the snakeoil key?
<orentanay> yes
<orentanay> AH00526: Syntax error on line 50 of /etc/apache2/sites-enabled/idwholesaler-ssl.test.conf:
<orentanay> SSLCertificateKeyFile: file '/etc/ssl/private/ssl-cert-snakeoil.key' does not exist or is empty
<orentanay> Action '-S' failed.
<orentanay> The Apache error log may have more information.
<sdeziel> orentanay: what do you have from "ll /etc/ssl/"
<sdeziel> orentanay: oh, "sudo apachectl -S"
<orentanay> that outputs quite a few lines, but it seems the first 2 are most relevant...
<tomreyn> oops :)
<orentanay> *:443                  mysite.test (/etc/apache2/sites-enabled/mysite-ssl.test.conf:38)
<orentanay> *:80                   is a NameVirtualHost
<sdeziel> yeah, facepalm
<tomreyn> i failed there, too
<sdeziel> orentanay: now, are you able to start/restart apache2? If yes, please show "ss -nlt"
<orentanay> restarted apache, and here is the output...
<orentanay> State                   Recv-Q                    Send-Q                                        Local Address:Port                                       Peer Address:Port
<orentanay> LISTEN                  0                         80                                                127.0.0.1:3306                                            0.0.0.0:*
<orentanay> LISTEN                  0                         128                                           127.0.0.53%lo:53                                              0.0.0.0:*
<orentanay> LISTEN                  0                         128                                                 0.0.0.0:22                                              0.0.0.0:*
<orentanay> LISTEN                  0                         128                                                       *:443                                                   *:*
<orentanay> LISTEN                  0                         128                                                       *:80                                                    *:*
<orentanay> LISTEN                  0                         128                                                    [::]:22                                                 [::]:*
<orentanay> sorry, i should have used patebin for that one
<sdeziel> orentanay: looks good to me
<orentanay> BTW: I really appreciate all the help thats been offered.
<tomreyn> orentanay: so this is Ubuntu 18.04 LTS, fully updated, with apache httpd 2.4.29 from Ubuntu, PHP 7.1 from OndÅej SurÃ½'s PPA, and you've not changed how apache httpd starts and which user it runs as etc?
<tomreyn> oh and does ssl work fine now, or is this not yet fixed?
<orentanay> still no ssl, but correct on everything else you mentioned.
<tomreyn> orentanay: so are there still errors on the log? still the same error - i assume not?
<orentanay> looking for the log files now...
<tomreyn> also ( if you're ok with posting this to https://termbin.com ):    sudo lsof -n -sTCP:LISTEN -iTCP:80 -iTCP:443 | nc termbin.com 9999
<orentanay> onesec...
<orentanay> Here you go https://termbin.com/otnd
<tomreyn> hmm no ipv4, but ss -nlt showed ipv4.
<tomreyn> the rest looks fine though. so what about the logs?
<tomreyn> i think it's unusual that the server would start up if there are still critical SSL key issues.
<tomreyn> orentanay: so what does "still no ssl" look like?
<orentanay> Here's a small section of my error.log https://pastebin.com/XyHfnLpK
<orentanay> I still get the refued to connect webpage.
<tomreyn> so stapling will likely not work with a self-signed certificate (i haven't actually tried this, but it seems logical to fail)
<tomreyn> so either comment out / remove this directive off your :443 virtualhost configuration or use a lets encrypt certificate
<tomreyn> or a commercial certificate if you have one which can be used for this purpose
<orentanay> thanks, I think that will be my next attempt. thank you for all of your help and time.
<tomreyn> your certificate SubjectAltName (SAN) or Common Name (CN) also doesn't seem to match the FQDNs provided in the :443 virtual host configuration.
<tomreyn> you're welcome.
#ubuntu-server 2020-02-02
<mattwynne> I broke my server by cutting the connection half way through an `apt-get upgrade` :(
<mattwynne> I am trying to repair it, but it seems pretty bad.
<mattwynne> I'm trying to just reinstall the OS using the server ISO, but I can't work out how to use the manual filesystem setup. I have a RAID array (RAID 1) for both `/` and `/boot` mount points.
<mattwynne> I can't seem to tell the installer about this setup
<mattwynne> on the desktop live CD I can install `mdadm` and run `mdadm --assemble --scan` and everything is as it should be (except the broken OS)
<mattwynne> but doing this by hand in the server setup screens is beyond me right now
<mattwynne> Is there a guide you can point me to?
<oerheks> apt install -f or sudo dpkg --configure -a
<mattwynne> ooh thanks oerheks would I use that from the desktop live CD?
<oerheks> one can boot a server in recovery mode, and perform this task?
<mattwynne> The problem I'm facing right now is that the boot is not working.
<mattwynne> I tried to use `update-grub` from within a chroot (as in https://help.ubuntu.com/community/Grub2/Installing) but there was nothing in /etc/grub.d for it to create a /boot/grub/grub.cfg from
<mattwynne> I found a `/etc/grub.d.bak` and tried that but it only has a memtest in it
<tomreyn> mattwynne: did you manage the manual partitioning, yet? also, which server installer release are you using exactly?
<tomreyn> generally, the 18.04.3 installer should be able to do what you described
<tomreyn> also are you uefi or bios booting?
<mattwynne> tomreyn no, no luck yet. I gave up and went to bed
<mattwynne> I have been trying with the ubuntu-18.04.3-live-server-amd64.iso image
<mattwynne> I am going try booting into the Desktop live CD again today, setting up the chroot to my `/` and see if I can get `api-get -f` to fix things
<mattwynne> Do you think that's feasible?
<mattwynne> Or is there a guide for using the manual partitioning page on the server install CD? It's pretty hard to work out how to use it.
<mattwynne> (for me anyway!)
<weedmic> trying to do "balooctl purge", but it is not a listed option - what is the correct option?
<weedmic> I want to erase the index so it builds anew
<weedmic> perhaps it was truncated and now by disabling and enabling it creates a new index?
<tomreyn> desktop -> #ubuntu (or your flavour, this one would be #kubuntu possibly), please (still).
<vlm> is there a way to limit the amount of ssh instances that run?I seem to have additional instances running which i cant account for
<lordievader> Client or server instances?
<vlm> ohh i ment server instances
<lordievader> That is odd. A `ps faux` may tell you who/what started the sshd.
<vlm> |       |   \_ /usr/sbin/sshd -D -e
<vlm> normally when ive shutdown the sshd service i loose connectivity,this time however i didnt
<lordievader> Well, I meant to look at it's parent processes. It should normally be systemd (or some other init system).
<vlm> ...its was a container process
<vlm> thanks for help
<lordievader> Ah, that makes sense that you see those as the hypervisor. Those should run if you want to ssh to those containers.
<vlm> ugh other than it wasent it seems,i have a container running,but that shouldnt allow me to stay connected while shutting down the sshd service i think
<vlm> on the host of the container that is
